4 files changed, 280 insertions, 0 deletions
diff --git a/m4/check-hardening-options.m4 b/m4/check-hardening-options.m4
new file mode 100644
index 0000000..255038e
--- /dev/null
+++ b/m4/check-hardening-options.m4
@@ -0,0 +1,109 @@
+AC_DEFUN([CHECK_CFLAG], [
+         AC_LANG_ASSERT(C)
+         AC_MSG_CHECKING([if $saved_CC supports "$1"])
+         old_cflags="$CFLAGS"
+         CFLAGS="$1 -Wall -Werror"
+         AC_TRY_LINK([
+                      #include <stdio.h>
+                      ],
+                     [printf("Hello")],
+                     AC_MSG_RESULT([yes])
+                     CFLAGS=$old_cflags
+                     HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
+                     AC_MSG_RESULT([no])
+                     CFLAGS=$old_cflags
+                     [$2])
+])
+AC_DEFUN([CHECK_LDFLAG], [
+         AC_LANG_ASSERT(C)
+         AC_MSG_CHECKING([if $saved_LD supports "$1"])
+         old_ldflags="$LDFLAGS"
+         LDFLAGS="$1 -Wall -Werror"
+         AC_TRY_LINK([
+                      #include <stdio.h>
+                      ],
+                     [printf("Hello")],
+                     AC_MSG_RESULT([yes])
+                     LDFLAGS=$old_ldflags
+                     HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
+                     AC_MSG_RESULT([no])
+                     LDFLAGS=$old_ldflags
+                     [$2])
+])
+AC_DEFUN([DISABLE_AS_EXECUTABLE_STACK] [
+        save_cflags="$CFLAGS"
+        CFLAGS=
+        AC_MSG_CHECKING([whether AS supports .note.GNU-stack])
+        AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+        __asm__(".section .note.GNU-stack,\"\",@progbits");]])],
+                [AC_MSG_RESULT([yes])]
+                [AM_CFLAGS=-DHAVE_GNU_STACK],
+                [AC_MSG_RESULT([no])]
+        )
+        CFLAGS="$save_cflags $AM_CFLAGS"
+])
+AC_DEFUN([CHECK_C_HARDENING_OPTIONS], [
+        AC_ARG_ENABLE([hardening],
+                [AS_HELP_STRING([--disable-hardening],
+                                [Disable options to frustrate memory corruption exploits])],
+                [], [enable_hardening=yes])
+        AC_ARG_ENABLE([windows-ssp],
+                [AS_HELP_STRING([--enable-windows-ssp],
+                                [Enable building the stack smashing protection on
+                                 Windows. This currently distributing libssp-0.dll.])])
+        # We want to check for compiler flag support. Prior to clang v5.1, there was no
+        # way to make clang's "argument unused" warning fatal.  So we invoke the
+        # compiler through a wrapper script that greps for this message.
+        saved_CC="$CC"
+        saved_LD="$LD"
+        flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
+        CC="$flag_wrap $CC"
+        LD="$flag_wrap $LD"
+        AS_IF([test "x$enable_hardening" = "xyes"], [
+                # Tell GCC to NOT optimize based on signed arithmetic overflow
+                CHECK_CFLAG([[-fno-strict-overflow]])
+                # _FORTIFY_SOURCE replaces builtin functions with safer versions.
+                CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]])
+                # Enable read only relocations
+                CHECK_LDFLAG([[-Wl,-z,relro]])
+                CHECK_LDFLAG([[-Wl,-z,now]])
+                # Windows security flags
+                AS_IF([test "x$HOST_OS" = "xwin"], [
+                        CHECK_LDFLAG([[-Wl,--nxcompat]])
+                        CHECK_LDFLAG([[-Wl,--dynamicbase]])
+                        CHECK_LDFLAG([[-Wl,--high-entropy-va]])
+                ])
+                # Use stack-protector-strong if available; if not, fallback to
+                # stack-protector-all which is considered to be overkill
+                AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [
+                        CHECK_CFLAG([[-fstack-protector-strong]],
+                                CHECK_CFLAG([[-fstack-protector-all]],
+                                        AC_MSG_WARN([compiler does not appear to support stack protection])
+                                )
+                        )
+                        AS_IF([test "x$HOST_OS" = "xwin"], [
+                                AC_SEARCH_LIBS([__stack_chk_guard],[ssp])
+                        ])
+                ])
+        ])
+        # Restore CC, LD
+        CC="$saved_CC"
+        LD="$saved_LD"
+        CFLAGS="$CFLAGS $HARDEN_CFLAGS"
+        LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
+])
diff --git a/m4/check-libc.m4 b/m4/check-libc.m4
new file mode 100644
index 0000000..2bbfb81
--- /dev/null
+++ b/m4/check-libc.m4
@@ -0,0 +1,65 @@
+AC_DEFUN([CHECK_LIBC_COMPAT], [
+# Check for general libc functions
+AC_CHECK_FUNCS([asprintf memmem poll reallocarray])
+AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum])
+AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes])
+AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes])
+AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes])
+AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes])
+AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
+AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
+AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
+AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
+AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes])
+AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
+])
+AC_DEFUN([CHECK_LIBC_CRYPTO_COMPAT], [
+# Check crypto-related libc functions
+AC_CHECK_FUNCS([arc4random_buf explicit_bzero getauxval getentropy])
+AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
+AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])
+AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes])
+AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes])
+AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
+AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
+# Override arc4random_buf implementations with known issues
+AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
+        [test "x$HOST_OS" != xdarwin \
+           -a "x$HOST_OS" != xfreebsd \
+           -a "x$HOST_OS" != xnetbsd \
+           -a "x$ac_cv_func_arc4random_buf" = xyes])
+# Check for getentropy fallback dependencies
+AC_CHECK_FUNC([getauxval])
+AC_CHECK_FUNC([clock_gettime],, [AC_SEARCH_LIBS([clock_gettime],[rt posix4])])
+AC_CHECK_FUNC([dl_iterate_phdr],, [AC_SEARCH_LIBS([dl_iterate_phdr],[dl])])
+])
+AC_DEFUN([CHECK_VA_COPY], [
+AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+#include <stdarg.h>
+va_list x,y;
+                ]], [[ va_copy(x,y); ]])],
+        [ ac_cv_have_va_copy="yes" ],
+        [ ac_cv_have_va_copy="no"
+        ])
+])
+if test "x$ac_cv_have_va_copy" = "xyes" ; then
+        AC_DEFINE([HAVE_VA_COPY], [1], [Define if va_copy exists])
+fi
+AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+#include <stdarg.h>
+va_list x,y;
+                ]], [[ __va_copy(x,y); ]])],
+        [ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no"
+        ])
+])
+if test "x$ac_cv_have___va_copy" = "xyes" ; then
+        AC_DEFINE([HAVE___VA_COPY], [1], [Define if __va_copy exists])
+fi
+])
diff --git a/m4/check-os-options.m4 b/m4/check-os-options.m4
new file mode 100644
index 0000000..e4e5364
--- /dev/null
+++ b/m4/check-os-options.m4
@@ -0,0 +1,77 @@
+# This must be called before AC_PROG_CC
+AC_DEFUN([CHECK_OS_OPTIONS], [
+CFLAGS="$CFLAGS -Wall -std=gnu99"
+case $host_os in
+        *aix*)
+                HOST_OS=aix
+                if test "`echo $CC | cut -d ' ' -f 1`" != "gcc" ; then
+                        CFLAGS="$USER_CFLAGS"
+                fi
+                AC_SUBST([PLATFORM_LDADD], ['-lperfstat -lpthread'])
+                ;;
+        *cygwin*)
+                HOST_OS=cygwin
+                ;;
+        *darwin*)
+                HOST_OS=darwin
+                HOST_ABI=macosx
+                ;;
+        *freebsd*)
+                HOST_OS=freebsd
+                HOST_ABI=elf
+                AC_SUBST([PROG_LDADD], ['-lthr'])
+                ;;
+        *hpux*)
+                HOST_OS=hpux;
+                if test "`echo $CC | cut -d ' ' -f 1`" = "gcc" ; then
+                        CFLAGS="$CFLAGS -mlp64"
+                else
+                        CFLAGS="-g -O2 +DD64 $USER_CFLAGS"
+                fi
+                CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT"
+                AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
+                ;;
+        *linux*)
+                HOST_OS=linux
+                HOST_ABI=elf
+                CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
+                ;;
+        *netbsd*)
+                HOST_OS=netbsd
+                CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
+                ;;
+        *openbsd* | *bitrig*)
+                HOST_ABI=elf
+                AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
+                ;;
+        *mingw*)
+                HOST_OS=win
+                CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D__USE_MINGW_ANSI_STDIO"
+                CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS"
+                CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600"
+                CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG"
+                CFLAGS="$CFLAGS -static-libgcc"
+                LDFLAGS="$LDFLAGS -static-libgcc"
+                AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
+                ;;
+        *solaris*)
+                HOST_OS=solaris
+                HOST_ABI=elf
+                CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
+                AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket'])
+                ;;
+        *) ;;
+esac
+AM_CONDITIONAL([HOST_AIX],     [test x$HOST_OS = xaix])
+AM_CONDITIONAL([HOST_CYGWIN],  [test x$HOST_OS = xcygwin])
+AM_CONDITIONAL([HOST_DARWIN],  [test x$HOST_OS = xdarwin])
+AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
+AM_CONDITIONAL([HOST_HPUX],    [test x$HOST_OS = xhpux])
+AM_CONDITIONAL([HOST_LINUX],   [test x$HOST_OS = xlinux])
+AM_CONDITIONAL([HOST_NETBSD],  [test x$HOST_OS = xnetbsd])
+AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris])
+AM_CONDITIONAL([HOST_WIN],     [test x$HOST_OS = xwin])
+])
diff --git a/m4/disable-compiler-warnings.m4 b/m4/disable-compiler-warnings.m4
new file mode 100644
index 0000000..2792722
--- /dev/null
+++ b/m4/disable-compiler-warnings.m4
@@ -0,0 +1,29 @@
+AC_DEFUN([DISABLE_COMPILER_WARNINGS], [
+# Clang throws a lot of warnings when it does not understand a flag. Disable
+# this warning for now so other warnings are visible.
+AC_MSG_CHECKING([if compiling with clang])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
+#ifndef __clang__
+        not clang
+#endif
+        ]])],
+        [CLANG=yes],
+        [CLANG=no]
+)
+AC_MSG_RESULT([$CLANG])
+AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments])
+CFLAGS="$CFLAGS $CLANG_FLAGS"
+LDFLAGS="$LDFLAGS $CLANG_FLAGS"
+# Removing the dependency on -Wno-pointer-sign should be a goal. These are
+# largely unsigned char */char* mismatches in asn1 functions.
+save_cflags="$CFLAGS"
+CFLAGS=-Wno-pointer-sign
+AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
+        [AC_MSG_RESULT([yes])]
+        [AM_CFLAGS=-Wno-pointer-sign],
+        [AC_MSG_RESULT([no])]
+)
+CFLAGS="$save_cflags $AM_CFLAGS"
+])

diff --git a/m4/check-hardening-options.m4 b/m4/check-hardening-options.m4 new file mode 100644 index 0000000..255038e --- /dev/null +++ b/m4/check-hardening-options.m4
@@ -0,0 +1,109 @@
	1
	2	AC_DEFUN([CHECK_CFLAG], [
	3	AC_LANG_ASSERT(C)
	4	AC_MSG_CHECKING([if $saved_CC supports "$1"])
	5	old_cflags="$CFLAGS"
	6	CFLAGS="$1 -Wall -Werror"
	7	AC_TRY_LINK([
	8	#include <stdio.h>
	9	],
	10	[printf("Hello")],
	11	AC_MSG_RESULT([yes])
	12	CFLAGS=$old_cflags
	13	HARDEN_CFLAGS="$HARDEN_CFLAGS $1",
	14	AC_MSG_RESULT([no])
	15	CFLAGS=$old_cflags
	16	[$2])
	17	])
	18
	19	AC_DEFUN([CHECK_LDFLAG], [
	20	AC_LANG_ASSERT(C)
	21	AC_MSG_CHECKING([if $saved_LD supports "$1"])
	22	old_ldflags="$LDFLAGS"
	23	LDFLAGS="$1 -Wall -Werror"
	24	AC_TRY_LINK([
	25	#include <stdio.h>
	26	],
	27	[printf("Hello")],
	28	AC_MSG_RESULT([yes])
	29	LDFLAGS=$old_ldflags
	30	HARDEN_LDFLAGS="$HARDEN_LDFLAGS $1",
	31	AC_MSG_RESULT([no])
	32	LDFLAGS=$old_ldflags
	33	[$2])
	34	])
	35
	36	AC_DEFUN([DISABLE_AS_EXECUTABLE_STACK] [
	37	save_cflags="$CFLAGS"
	38	CFLAGS=
	39	AC_MSG_CHECKING([whether AS supports .note.GNU-stack])
	40	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
	41	__asm__(".section .note.GNU-stack,\"\",@progbits");]])],
	42	[AC_MSG_RESULT([yes])]
	43	[AM_CFLAGS=-DHAVE_GNU_STACK],
	44	[AC_MSG_RESULT([no])]
	45	)
	46	CFLAGS="$save_cflags $AM_CFLAGS"
	47	])
	48
	49
	50	AC_DEFUN([CHECK_C_HARDENING_OPTIONS], [
	51
	52	AC_ARG_ENABLE([hardening],
	53	[AS_HELP_STRING([--disable-hardening],
	54	[Disable options to frustrate memory corruption exploits])],
	55	[], [enable_hardening=yes])
	56
	57	AC_ARG_ENABLE([windows-ssp],
	58	[AS_HELP_STRING([--enable-windows-ssp],
	59	[Enable building the stack smashing protection on
	60	Windows. This currently distributing libssp-0.dll.])])
	61
	62	# We want to check for compiler flag support. Prior to clang v5.1, there was no
	63	# way to make clang's "argument unused" warning fatal. So we invoke the
	64	# compiler through a wrapper script that greps for this message.
	65	saved_CC="$CC"
	66	saved_LD="$LD"
	67	flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
	68	CC="$flag_wrap $CC"
	69	LD="$flag_wrap $LD"
	70
	71	AS_IF([test "x$enable_hardening" = "xyes"], [
	72	# Tell GCC to NOT optimize based on signed arithmetic overflow
	73	CHECK_CFLAG([[-fno-strict-overflow]])
	74
	75	# _FORTIFY_SOURCE replaces builtin functions with safer versions.
	76	CHECK_CFLAG([[-D_FORTIFY_SOURCE=2]])
	77
	78	# Enable read only relocations
	79	CHECK_LDFLAG([[-Wl,-z,relro]])
	80	CHECK_LDFLAG([[-Wl,-z,now]])
	81
	82	# Windows security flags
	83	AS_IF([test "x$HOST_OS" = "xwin"], [
	84	CHECK_LDFLAG([[-Wl,--nxcompat]])
	85	CHECK_LDFLAG([[-Wl,--dynamicbase]])
	86	CHECK_LDFLAG([[-Wl,--high-entropy-va]])
	87	])
	88
	89	# Use stack-protector-strong if available; if not, fallback to
	90	# stack-protector-all which is considered to be overkill
	91	AS_IF([test "x$enable_windows_ssp" = "xyes" -o "x$HOST_OS" != "xwin"], [
	92	CHECK_CFLAG([[-fstack-protector-strong]],
	93	CHECK_CFLAG([[-fstack-protector-all]],
	94	AC_MSG_WARN([compiler does not appear to support stack protection])
	95	)
	96	)
	97	AS_IF([test "x$HOST_OS" = "xwin"], [
	98	AC_SEARCH_LIBS([__stack_chk_guard],[ssp])
	99	])
	100	])
	101	])
	102
	103	# Restore CC, LD
	104	CC="$saved_CC"
	105	LD="$saved_LD"
	106
	107	CFLAGS="$CFLAGS $HARDEN_CFLAGS"
	108	LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
	109	])


diff --git a/m4/check-libc.m4 b/m4/check-libc.m4 new file mode 100644 index 0000000..2bbfb81 --- /dev/null +++ b/m4/check-libc.m4
@@ -0,0 +1,65 @@
	1	AC_DEFUN([CHECK_LIBC_COMPAT], [
	2	# Check for general libc functions
	3	AC_CHECK_FUNCS([asprintf memmem poll reallocarray])
	4	AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum])
	5	AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes])
	6	AM_CONDITIONAL([HAVE_MEMMEM], [test "x$ac_cv_func_memmem" = xyes])
	7	AM_CONDITIONAL([HAVE_POLL], [test "x$ac_cv_func_poll" = xyes])
	8	AM_CONDITIONAL([HAVE_REALLOCARRAY], [test "x$ac_cv_func_reallocarray" = xyes])
	9	AM_CONDITIONAL([HAVE_STRLCAT], [test "x$ac_cv_func_strlcat" = xyes])
	10	AM_CONDITIONAL([HAVE_STRLCPY], [test "x$ac_cv_func_strlcpy" = xyes])
	11	AM_CONDITIONAL([HAVE_STRNDUP], [test "x$ac_cv_func_strndup" = xyes])
	12	AM_CONDITIONAL([HAVE_STRNLEN], [test "x$ac_cv_func_strnlen" = xyes])
	13	AM_CONDITIONAL([HAVE_STRSEP], [test "x$ac_cv_func_strsep" = xyes])
	14	AM_CONDITIONAL([HAVE_STRTONUM], [test "x$ac_cv_func_strtonum" = xyes])
	15	])
	16
	17	AC_DEFUN([CHECK_LIBC_CRYPTO_COMPAT], [
	18	# Check crypto-related libc functions
	19	AC_CHECK_FUNCS([arc4random_buf explicit_bzero getauxval getentropy])
	20	AC_CHECK_FUNCS([timingsafe_bcmp timingsafe_memcmp])
	21	AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF], [test "x$ac_cv_func_arc4random_buf" = xyes])
	22	AM_CONDITIONAL([HAVE_EXPLICIT_BZERO], [test "x$ac_cv_func_explicit_bzero" = xyes])
	23	AM_CONDITIONAL([HAVE_GETENTROPY], [test "x$ac_cv_func_getentropy" = xyes])
	24	AM_CONDITIONAL([HAVE_TIMINGSAFE_BCMP], [test "x$ac_cv_func_timingsafe_bcmp" = xyes])
	25	AM_CONDITIONAL([HAVE_TIMINGSAFE_MEMCMP], [test "x$ac_cv_func_timingsafe_memcmp" = xyes])
	26
	27	# Override arc4random_buf implementations with known issues
	28	AM_CONDITIONAL([HAVE_ARC4RANDOM_BUF],
	29	[test "x$HOST_OS" != xdarwin \
	30	-a "x$HOST_OS" != xfreebsd \
	31	-a "x$HOST_OS" != xnetbsd \
	32	-a "x$ac_cv_func_arc4random_buf" = xyes])
	33
	34	# Check for getentropy fallback dependencies
	35	AC_CHECK_FUNC([getauxval])
	36	AC_CHECK_FUNC([clock_gettime],, [AC_SEARCH_LIBS([clock_gettime],[rt posix4])])
	37	AC_CHECK_FUNC([dl_iterate_phdr],, [AC_SEARCH_LIBS([dl_iterate_phdr],[dl])])
	38	])
	39
	40	AC_DEFUN([CHECK_VA_COPY], [
	41	AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
	42	AC_LINK_IFELSE([AC_LANG_PROGRAM([[
	43	#include <stdarg.h>
	44	va_list x,y;
	45	]], [[ va_copy(x,y); ]])],
	46	[ ac_cv_have_va_copy="yes" ],
	47	[ ac_cv_have_va_copy="no"
	48	])
	49	])
	50	if test "x$ac_cv_have_va_copy" = "xyes" ; then
	51	AC_DEFINE([HAVE_VA_COPY], [1], [Define if va_copy exists])
	52	fi
	53
	54	AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
	55	AC_LINK_IFELSE([AC_LANG_PROGRAM([[
	56	#include <stdarg.h>
	57	va_list x,y;
	58	]], [[ __va_copy(x,y); ]])],
	59	[ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no"
	60	])
	61	])
	62	if test "x$ac_cv_have___va_copy" = "xyes" ; then
	63	AC_DEFINE([HAVE___VA_COPY], [1], [Define if __va_copy exists])
	64	fi
	65	])


diff --git a/m4/check-os-options.m4 b/m4/check-os-options.m4 new file mode 100644 index 0000000..e4e5364 --- /dev/null +++ b/m4/check-os-options.m4
@@ -0,0 +1,77 @@
	1	# This must be called before AC_PROG_CC
	2	AC_DEFUN([CHECK_OS_OPTIONS], [
	3
	4	CFLAGS="$CFLAGS -Wall -std=gnu99"
	5
	6	case $host_os in
	7	aix)
	8	HOST_OS=aix
	9	if test "`echo $CC \| cut -d ' ' -f 1`" != "gcc" ; then
	10	CFLAGS="$USER_CFLAGS"
	11	fi
	12	AC_SUBST([PLATFORM_LDADD], ['-lperfstat -lpthread'])
	13	;;
	14	cygwin)
	15	HOST_OS=cygwin
	16	;;
	17	darwin)
	18	HOST_OS=darwin
	19	HOST_ABI=macosx
	20	;;
	21	freebsd)
	22	HOST_OS=freebsd
	23	HOST_ABI=elf
	24	AC_SUBST([PROG_LDADD], ['-lthr'])
	25	;;
	26	hpux)
	27	HOST_OS=hpux;
	28	if test "`echo $CC \| cut -d ' ' -f 1`" = "gcc" ; then
	29	CFLAGS="$CFLAGS -mlp64"
	30	else
	31	CFLAGS="-g -O2 +DD64 $USER_CFLAGS"
	32	fi
	33	CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D__STRICT_ALIGNMENT"
	34	AC_SUBST([PLATFORM_LDADD], ['-lpthread'])
	35	;;
	36	linux)
	37	HOST_OS=linux
	38	HOST_ABI=elf
	39	CPPFLAGS="$CPPFLAGS -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
	40	;;
	41	netbsd)
	42	HOST_OS=netbsd
	43	CPPFLAGS="$CPPFLAGS -D_OPENBSD_SOURCE"
	44	;;
	45	openbsd \| bitrig)
	46	HOST_ABI=elf
	47	AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
	48	;;
	49	mingw)
	50	HOST_OS=win
	51	CPPFLAGS="$CPPFLAGS -D_GNU_SOURCE -D_POSIX -D_POSIX_SOURCE -D__USE_MINGW_ANSI_STDIO"
	52	CPPFLAGS="$CPPFLAGS -D_REENTRANT -D_POSIX_THREAD_SAFE_FUNCTIONS"
	53	CPPFLAGS="$CPPFLAGS -DWIN32_LEAN_AND_MEAN -D_WIN32_WINNT=0x0600"
	54	CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_SPEED -DNO_SYSLOG"
	55	CFLAGS="$CFLAGS -static-libgcc"
	56	LDFLAGS="$LDFLAGS -static-libgcc"
	57	AC_SUBST([PLATFORM_LDADD], ['-lws2_32'])
	58	;;
	59	solaris)
	60	HOST_OS=solaris
	61	HOST_ABI=elf
	62	CPPFLAGS="$CPPFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP"
	63	AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket'])
	64	;;
	65	*) ;;
	66	esac
	67
	68	AM_CONDITIONAL([HOST_AIX], [test x$HOST_OS = xaix])
	69	AM_CONDITIONAL([HOST_CYGWIN], [test x$HOST_OS = xcygwin])
	70	AM_CONDITIONAL([HOST_DARWIN], [test x$HOST_OS = xdarwin])
	71	AM_CONDITIONAL([HOST_FREEBSD], [test x$HOST_OS = xfreebsd])
	72	AM_CONDITIONAL([HOST_HPUX], [test x$HOST_OS = xhpux])
	73	AM_CONDITIONAL([HOST_LINUX], [test x$HOST_OS = xlinux])
	74	AM_CONDITIONAL([HOST_NETBSD], [test x$HOST_OS = xnetbsd])
	75	AM_CONDITIONAL([HOST_SOLARIS], [test x$HOST_OS = xsolaris])
	76	AM_CONDITIONAL([HOST_WIN], [test x$HOST_OS = xwin])
	77	])


diff --git a/m4/disable-compiler-warnings.m4 b/m4/disable-compiler-warnings.m4 new file mode 100644 index 0000000..2792722 --- /dev/null +++ b/m4/disable-compiler-warnings.m4
@@ -0,0 +1,29 @@
	1	AC_DEFUN([DISABLE_COMPILER_WARNINGS], [
	2	# Clang throws a lot of warnings when it does not understand a flag. Disable
	3	# this warning for now so other warnings are visible.
	4	AC_MSG_CHECKING([if compiling with clang])
	5	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
	6	#ifndef __clang__
	7	not clang
	8	#endif
	9	]])],
	10	[CLANG=yes],
	11	[CLANG=no]
	12	)
	13	AC_MSG_RESULT([$CLANG])
	14	AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Qunused-arguments])
	15	CFLAGS="$CFLAGS $CLANG_FLAGS"
	16	LDFLAGS="$LDFLAGS $CLANG_FLAGS"
	17
	18	# Removing the dependency on -Wno-pointer-sign should be a goal. These are
	19	# largely unsigned char /char mismatches in asn1 functions.
	20	save_cflags="$CFLAGS"
	21	CFLAGS=-Wno-pointer-sign
	22	AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])
	23	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
	24	[AC_MSG_RESULT([yes])]
	25	[AM_CFLAGS=-Wno-pointer-sign],
	26	[AC_MSG_RESULT([no])]
	27	)
	28	CFLAGS="$save_cflags $AM_CFLAGS"
	29	])