Bugzilla – Attachment 1120 Details for
Bug 880
SELinux patch
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Split configure's $LIBS up
openssh-selinux-configure.patch (text/plain), 8.60 KB, created by
Darren Tucker
on 2006-04-16 18:36:55 AEST
(
hide
)
Description:
Split configure's $LIBS up
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2006-04-16 18:36:55 AEST
Size:
8.60 KB
patch
obsolete
>Index: configure.ac >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/configure.ac,v >retrieving revision 1.338 >diff -u -p -r1.338 configure.ac >--- configure.ac 15 Mar 2006 21:14:34 -0000 1.338 >+++ configure.ac 16 Apr 2006 06:23:49 -0000 >@@ -1044,8 +1044,8 @@ AC_ARG_WITH(tcp-wrappers, > CPPFLAGS="-I${withval} ${CPPFLAGS}" > fi > fi >- LIBWRAP="-lwrap" >- LIBS="$LIBWRAP $LIBS" >+ SSHDLIBS="-lwrap" >+ LIBS="$SSHDLIBS $LIBS" > AC_MSG_CHECKING(for libwrap) > AC_TRY_LINK( > [ >@@ -1061,7 +1061,6 @@ AC_ARG_WITH(tcp-wrappers, > AC_DEFINE(LIBWRAP, 1, > [Define if you want > TCP Wrappers support]) >- AC_SUBST(LIBWRAP) > TCPW_MSG="yes" > ], > [ >@@ -1644,6 +1643,7 @@ PAM_MSG="no" > AC_ARG_WITH(pam, > [ --with-pam Enable PAM support ], > [ >+ saved_LIBS="$LIBS" > if test "x$withval" != "xno" ; then > if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ > test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then >@@ -1651,7 +1651,9 @@ AC_ARG_WITH(pam, > fi > > AC_CHECK_LIB(dl, dlopen, , ) >- AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) >+ AC_CHECK_LIB(pam, pam_set_item, >+ [ SSHDLIBS="-lpam $SSHDLIBS" ], >+ AC_MSG_ERROR([*** libpam missing])) > AC_CHECK_FUNCS(pam_getenvlist) > AC_CHECK_FUNCS(pam_putenv) > >@@ -1660,12 +1662,12 @@ AC_ARG_WITH(pam, > AC_DEFINE(USE_PAM, 1, > [Define if you want to enable PAM support]) > if test $ac_cv_lib_dl_dlopen = yes; then >- LIBPAM="-lpam -ldl" >+ SSHDLIBS="$SSHDLIBS -lpam -ldl" > else >- LIBPAM="-lpam" >+ SSHDLIBS="$SSHDLIBS -lpam" > fi >- AC_SUBST(LIBPAM) > fi >+ LIBS="$saved_LIBS" > ] > ) > >@@ -1726,7 +1728,9 @@ AC_ARG_WITH(ssl-dir, > fi > ] > ) >-LIBS="-lcrypto $LIBS" >+saved_LIBS="$LIBS" >+CRYPTOLIBS="-lcrypto" >+LIBS="$CRYPTOLIBS $LIBS" > AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, > [Define if your ssl headers are included > with #include <openssl/header.h>]), >@@ -1875,23 +1879,21 @@ int main(void) { exit(EVP_aes_192_cbc() > ] > ) > >+# Search for SHA256 support in libc and/or OpenSSL >+AC_CHECK_FUNCS(SHA256_Update EVP_sha256) >+ > # Some systems want crypt() from libcrypt, *not* the version in OpenSSL, > # because the system crypt() is more featureful. > if test "x$check_for_libcrypt_before" = "x1"; then >- AC_CHECK_LIB(crypt, crypt) >+ AC_CHECK_LIB(crypt, crypt, SSHDLIBS="-lcrypt $SSHDLIBS") > fi > > # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the > # version in OpenSSL. > if test "x$check_for_libcrypt_later" = "x1"; then >- AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") >+ AC_CHECK_LIB(crypt, crypt, SSHDLIBS="$SSHDLIBS -lcrypt") > fi > >-# Search for SHA256 support in libc and/or OpenSSL >-AC_CHECK_FUNCS(SHA256_Update EVP_sha256) >- >-AC_CHECK_LIB(iaf, ia_openinfo) >- > ### Configure cryptographic random number support > > # Check wheter OpenSSL seeds itself >@@ -1920,6 +1922,10 @@ int main(void) { exit(RAND_status() == 1 > ] > ) > >+# We are now done with the OpenSSL tests. >+LIBS="$saved_LIBS" >+ >+AC_CHECK_LIB(iaf, ia_openinfo) > > # Do we want to force the use of the rand helper? > AC_ARG_WITH(rand-helper, >@@ -3000,6 +3006,22 @@ int main() > [#include <arpa/nameser.h>]) > ]) > >+# Check whether user wants SELinux support >+SELINUX_MSG="no" >+AC_ARG_WITH(selinux, >+ [ --with-selinux Enable SELinux support], >+ [ if test "x$withval" != "xno" ; then >+ AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) >+ SELINUX_MSG="yes" >+ AC_CHECK_HEADER([selinux/selinux.h], , >+ AC_MSG_ERROR(SELinux support requires selinux.h header)) >+ AC_CHECK_LIB(selinux, setexeccon, >+ [ SSHDLIBS="-lselinux $SSHDLIBS" ], >+ AC_MSG_ERROR(SELinux support requires libselinux library)) >+ AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) >+ fi ] >+) >+ > # Check whether user wants Kerberos 5 support > KRB5_MSG="no" > AC_ARG_WITH(kerberos5, >@@ -3762,18 +3784,12 @@ if test ! -z "$blibpath" ; then > AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) > fi > >-dnl remove pam and dl because they are in $LIBPAM >-if test "$PAM_MSG" = yes ; then >- LIBS=`echo $LIBS | sed 's/-lpam //'` >-fi >-if test "$ac_cv_lib_pam_pam_set_item" = yes ; then >- LIBS=`echo $LIBS | sed 's/-ldl //'` >-fi >- > dnl Adding -Werror to CFLAGS early prevents configure tests from running. > dnl Add now. > CFLAGS="$CFLAGS $werror_flags" > >+AC_SUBST(SSHDLIBS CRYPTOLIBS) >+ > AC_EXEEXT > AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \ > openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh]) >@@ -3818,6 +3834,7 @@ fi > echo " Manpage format: $MANTYPE" > echo " PAM support: $PAM_MSG" > echo " KerberosV support: $KRB5_MSG" >+echo " SELinux support: $SELINUX_MSG" > echo " Smartcard support: $SCARD_MSG" > echo " S/KEY support: $SKEY_MSG" > echo " TCP Wrappers support: $TCPW_MSG" >@@ -3838,7 +3855,7 @@ echo " Compiler: ${CC}" > echo " Compiler flags: ${CFLAGS}" > echo "Preprocessor flags: ${CPPFLAGS}" > echo " Linker flags: ${LDFLAGS}" >-echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" >+echo " Libraries: LIBS='${LIBS}' SSHDLIBS='${SSHDLIBS}' CRYPTO='${CRYPTOLIBS}'" > > echo "" > >Index: Makefile.in >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/Makefile.in,v >retrieving revision 1.276 >diff -u -p -r1.276 Makefile.in >--- Makefile.in 15 Mar 2006 02:09:18 -0000 1.276 >+++ Makefile.in 16 Apr 2006 07:27:57 -0000 >@@ -43,9 +43,9 @@ LD=@LD@ > CFLAGS=@CFLAGS@ > CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ > LIBS=@LIBS@ >+CRYPTOLIBS=@CRYPTOLIBS@ >+SSHDLIBS=@SSHDLIBS@ > LIBEDIT=@LIBEDIT@ >-LIBPAM=@LIBPAM@ >-LIBWRAP=@LIBWRAP@ > AR=@AR@ > AWK=@AWK@ > RANLIB=@RANLIB@ >@@ -133,37 +133,37 @@ libssh.a: $(LIBSSH_OBJS) > $(RANLIB) $@ > > ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS) >- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(CRYPTOLIBS) $(LIBS) > > sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) >- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS) >+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(CRYPTOLIBS) $(LIBS) > >-scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o >- $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o bufaux.o >+ $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CRYPTOLIBS) > > ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o >- $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+ $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(CRYPTOLIBS) $(LIBS) > > ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o >- $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+ $(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(CRYPTOLIBS) $(LIBS) > > ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o >- $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+ $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(CRYPTOLIBS) $(LIBS) > > ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o >- $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+ $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(CRYPTOLIBS) $(LIBS) > > ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o >- $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) >+ $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(CRYPTOLIBS) $(LIBS) > > sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o >- $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+ $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CRYPTOLIBS) > > sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o >- $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT) >+ $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(CRYPTOLIBS) $(LIBEDIT) > > ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o >- $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) >+ $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(CRYPTOLIBS) $(LIBS) > > # test driver for the loginrec code - not built by default > logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1120">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 880
:
648
|
1110
|
1111
| 1120 |
1124