diff -ruNp reuse-4.2.3/source/ChangeLog reuse/source/ChangeLog --- reuse-4.2.3/source/ChangeLog 2005-10-27 13:07:28.000000000 +0400 +++ reuse/source/ChangeLog 2006-05-11 17:28:23.000000000 +0400 @@ -1,3 +1,25 @@ +2006-05-11 Alexander Chernov + + * configure-mingw: initial revision + +2006-05-07 Alexander Chernov + + * reuse.pc.v.in: libcap support is added. + + * Makefile.am: copyright notice is updated; + version info is updated to 6:0:2; + libcap support is added. + + * configure.ac: copyright notice is updated; + --with-libcap option is supported; + libcap checking code is added; + check for annoying compiler warnings is added. + + * reuse-config-c.c, reuse-config.v.in: copyright notice is updated; + libcap library is supported; + help message is updated; + --prefix option is supported. + 2005-10-27 Alexander Chernov * c_value_ops.c: copyright notice is updated; @@ -3569,4 +3591,4 @@ Tue Oct 31 12:26:54 1995 Alexander Cher * Positions.h: Initial revision END - # $Id: ChangeLog,v 6.43 2005/10/27 09:07:28 cher Exp $ + # $Id: ChangeLog,v 6.44 2006/05/11 13:28:23 cher Exp $ diff -ruNp reuse-4.2.3/source/configure reuse/source/configure --- reuse-4.2.3/source/configure 2006-01-26 23:37:49.000000000 +0300 +++ reuse/source/configure 2006-05-11 17:34:21.000000000 +0400 @@ -465,7 +465,7 @@ ac_includes_default="\ # include #endif" -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE LN_S build build_cpu build_vendor build_os host host_cpu host_vendor host_os EGREP ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB DLLTOOL ac_ct_DLLTOOL AS ac_ct_AS OBJDUMP ac_ct_OBJDUMP CPP CXX CXXFLAGS ac_ct_CXX CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL ALLOCA ac_cv_reuse_API_type ac_cv_build LIBOBJS LTLIBOBJS' +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE LN_S build build_cpu build_vendor build_os host host_cpu host_vendor host_os EGREP ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB DLLTOOL ac_ct_DLLTOOL AS ac_ct_AS OBJDUMP ac_ct_OBJDUMP CPP CXX CXXFLAGS ac_ct_CXX CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL ALLOCA ac_cv_reuse_API_type ac_cv_build ac_cv_reuse_libcap_cflags ac_cv_reuse_libcap_ldflags ac_cv_reuse_libcap_libs ac_cv_gcc_wno_pointer_sign LIBOBJS LTLIBOBJS' ac_subst_files='' # Initialize some variables set by options. @@ -1042,6 +1042,13 @@ Optional Features: Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) + --with-libcap=LIBCAP-DIR + use the linux capability library + --with-libcap-include-dir + specify non-standard location of + [LIBCAP-DIR/include] + --with-libcap-lib-dir specify non-standard location for -lcap + [LIBCAP-DIR/lib] --with-gnu-ld assume the C compiler uses GNU ld [default=no] --with-pic try to use only PIC/non-PIC objects [default=use both] @@ -1974,6 +1981,25 @@ fi + +# Check whether --with-libcap or --without-libcap was given. +if test "${with_libcap+set}" = set; then + withval="$with_libcap" + ac_cv_libcap_root=$withval +fi; + +# Check whether --with-libcap-include-dir or --without-libcap-include-dir was given. +if test "${with_libcap_include_dir+set}" = set; then + withval="$with_libcap_include_dir" + ac_cv_libcap_include_dir=$withval +fi; + +# Check whether --with-libcap-lib-dir or --without-libcap-lib-dir was given. +if test "${with_libcap_lib_dir+set}" = set; then + withval="$with_libcap_lib_dir" + ac_cv_libcap_lib_dir=$withval +fi; + ac_config_headers="$ac_config_headers lib/reuse/include/reuse/config.h lib/reuse/include/reuse/import.h" @@ -3768,7 +3794,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 3771 "configure"' > conftest.$ac_ext + echo '#line 3797 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -5589,7 +5615,7 @@ fi # Provide some information about the compiler. -echo "$as_me:5592:" \ +echo "$as_me:5618:" \ "checking for Fortran 77 compiler version" >&5 ac_compiler=`set X $ac_compile; echo $2` { (eval echo "$as_me:$LINENO: \"$ac_compiler --version &5\"") >&5 @@ -6687,11 +6713,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6690: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6716: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6694: \$? = $ac_status" >&5 + echo "$as_me:6720: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -6949,11 +6975,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:6952: $lt_compile\"" >&5) + (eval echo "\"\$as_me:6978: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:6956: \$? = $ac_status" >&5 + echo "$as_me:6982: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -7011,11 +7037,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7014: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7040: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:7018: \$? = $ac_status" >&5 + echo "$as_me:7044: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -9251,7 +9277,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5) + (eval echo "\"\$as_me:11626: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:11604: \$? = $ac_status" >&5 + echo "$as_me:11630: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -11659,11 +11685,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:11662: $lt_compile\"" >&5) + (eval echo "\"\$as_me:11688: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:11666: \$? = $ac_status" >&5 + echo "$as_me:11692: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -13028,7 +13054,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5) + (eval echo "\"\$as_me:14040: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:14018: \$? = $ac_status" >&5 + echo "$as_me:14044: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -14073,11 +14099,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:14076: $lt_compile\"" >&5) + (eval echo "\"\$as_me:14102: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:14080: \$? = $ac_status" >&5 + echo "$as_me:14106: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -16195,11 +16221,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16198: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16224: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:16202: \$? = $ac_status" >&5 + echo "$as_me:16228: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -16457,11 +16483,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16460: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16486: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:16464: \$? = $ac_status" >&5 + echo "$as_me:16490: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -16519,11 +16545,11 @@ else -e 's:.*FLAGS}? :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:16522: $lt_compile\"" >&5) + (eval echo "\"\$as_me:16548: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:16526: \$? = $ac_status" >&5 + echo "$as_me:16552: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -18759,7 +18785,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5 +echo $ECHO_N "checking for sys/capability.h... $ECHO_C" >&6 +if test "${ac_cv_header_sys_capability_h+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +#include + + +#include +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_header_sys_capability_h=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_header_sys_capability_h=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +echo "$as_me:$LINENO: result: $ac_cv_header_sys_capability_h" >&5 +echo "${ECHO_T}$ac_cv_header_sys_capability_h" >&6 +if test $ac_cv_header_sys_capability_h = yes; then + ac_cv_has_libcap=1 +else + ac_cv_has_libcap="" +fi + + +fi + +if [ x"${ac_cv_has_libcap}" = x1 ] +then + echo "$as_me:$LINENO: checking for cap_get_proc in -lcap" >&5 +echo $ECHO_N "checking for cap_get_proc in -lcap... $ECHO_C" >&6 +if test "${ac_cv_lib_cap_cap_get_proc+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lcap $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char cap_get_proc (); +int +main () +{ +cap_get_proc (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_cap_cap_get_proc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_cap_cap_get_proc=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_cap_cap_get_proc" >&5 +echo "${ECHO_T}$ac_cv_lib_cap_cap_get_proc" >&6 +if test $ac_cv_lib_cap_cap_get_proc = yes; then + ac_cv_has_libcap=1 +else + ac_cv_has_libcap="" +fi + +fi + +if [ x"${ac_cv_has_libcap}" = x1 ] +then + echo "$as_me:$LINENO: checking for CAP_SYS_OPERATIONS bit" >&5 +echo $ECHO_N "checking for CAP_SYS_OPERATIONS bit... $ECHO_C" >&6 + cat >conftest.$ac_ext <<_ACEOF + +#include +#include +#include +#include +#include +#include +#include +int main(void) +{ + cap_t old_caps, new_caps; + int setcaps[] = { CAP_SYS_OPERATIONS }; + + old_caps = cap_get_proc(); + new_caps = cap_dup(old_caps); + cap_set_flag(new_caps, CAP_EFFECTIVE, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_PERMITTED, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_INHERITABLE, 1, setcaps, CAP_CLEAR); + cap_set_proc(new_caps); + return 0; +} + +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + +echo "$as_me:$LINENO: result: supported" >&5 +echo "${ECHO_T}supported" >&6 +ac_cv_has_libcap=1 + +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +echo "$as_me:$LINENO: result: missing" >&5 +echo "${ECHO_T}missing" >&6 +ac_cv_has_libcap="" + +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi + +CFLAGS="${saved_CFLAGS}" +CPPFLAGS="${saved_CPPFLAGS}" +LDFLAGS="${saved_LDFLAGS}" +LIBS="${saved_LIBS}" + +if [ x"${ac_cv_has_libcap}" = x1 ] +then + ac_cv_reuse_libcap_cflags="${ac_cv_libcap_include_opt}" + ac_cv_reuse_libcap_ldflags="${ac_cv_libcap_lib_opt}" + ac_cv_reuse_libcap_libs="-lcap" +fi + +saved_CC="${CC}" +echo "$as_me:$LINENO: checking for annoying gcc warnings" >&5 +echo $ECHO_N "checking for annoying gcc warnings... $ECHO_C" >&6 +CC="${CC} -Wall -Werror" +cat >conftest.$ac_ext <<_ACEOF + +#include +#include +int main(void) +{ + unsigned char *str = "zzz"; + int v = strlen(str); + printf("%d\n", v); + return 0; +} + +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + +echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 +ac_cv_annoying_warning=1 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +if [ x"${ac_cv_annoying_warning}" = x1 ] +then + echo "$as_me:$LINENO: checking for -Wno-pointer-sign" >&5 +echo $ECHO_N "checking for -Wno-pointer-sign... $ECHO_C" >&6 + CC="${saved_CC} -Wno-pointer-sign -Werror" + cat >conftest.$ac_ext <<_ACEOF + +int main(void) +{ + unsigned char *str = "zzz"; + return 0; +} + +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + +echo "$as_me:$LINENO: result: yes" >&5 +echo "${ECHO_T}yes" >&6 +ac_cv_gcc_wno_pointer_sign=-Wno-pointer-sign + +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + +echo "$as_me:$LINENO: result: no" >&5 +echo "${ECHO_T}no" >&6 + +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +fi +CC="${saved_CC}" + # # generation of lib/reuse/include/reuse/integral.h # @@ -22501,6 +22886,10 @@ fi + + + + cat >>confdefs.h <<\_ACEOF #define R_DLL _ACEOF @@ -22699,6 +23088,14 @@ cat >>confdefs.h <<\_ACEOF _ACEOF fi +if [ x"${ac_cv_has_libcap}" = x1 ] +then + +cat >>confdefs.h <<\_ACEOF +#define CONF_HAS_LIBCAP 1 +_ACEOF + +fi # # Generation of reuse-config-c.v.h @@ -22738,6 +23135,10 @@ if [ x"${ac_cv_disable_rpath}" = x1 ] then echo "#define REUSE_CONFIG_disable_rpath 1" >> ${newhpath} fi +if [ x"${ac_cv_has_libcap}" = x1 ] +then + echo '#define REUSE_CONFIG_libcap "'${ac_cv_reuse_libcap_libs}'"' >> ${newhpath} +fi echo "#endif /* __REUSE_CONFIG_C_H__ */" >> ${newhpath} if diff -q "${newhpath}" "${hpath}" > /dev/null 2>&1 @@ -23481,6 +23882,10 @@ s,@LIBTOOL@,$LIBTOOL,;t t s,@ALLOCA@,$ALLOCA,;t t s,@ac_cv_reuse_API_type@,$ac_cv_reuse_API_type,;t t s,@ac_cv_build@,$ac_cv_build,;t t +s,@ac_cv_reuse_libcap_cflags@,$ac_cv_reuse_libcap_cflags,;t t +s,@ac_cv_reuse_libcap_ldflags@,$ac_cv_reuse_libcap_ldflags,;t t +s,@ac_cv_reuse_libcap_libs@,$ac_cv_reuse_libcap_libs,;t t +s,@ac_cv_gcc_wno_pointer_sign@,$ac_cv_gcc_wno_pointer_sign,;t t s,@LIBOBJS@,$LIBOBJS,;t t s,@LTLIBOBJS@,$LTLIBOBJS,;t t CEOF diff -ruNp reuse-4.2.3/source/configure.ac reuse/source/configure.ac --- reuse-4.2.3/source/configure.ac 2005-10-27 13:02:49.000000000 +0400 +++ reuse/source/configure.ac 2006-05-07 13:53:33.000000000 +0400 @@ -1,5 +1,5 @@ -dnl $Id: configure.ac,v 1.6 2005/10/27 09:02:49 cher Exp $ -dnl Copyright (C) 2004-2005 Alexander Chernov +dnl $Id: configure.ac,v 1.7 2006/05/07 09:53:33 cher Exp $ +dnl Copyright (C) 2004-2006 Alexander Chernov AC_PREREQ([2.59]) AC_INIT(libreuse, [4.0], [cher@unicorn.cmc.msu.ru], libreuse) @@ -8,6 +8,10 @@ AM_INIT_AUTOMAKE([dist-bzip2]) AM_MAINTAINER_MODE AC_PREFIX_DEFAULT([`cd .. && pwd`]) +AC_ARG_WITH([libcap], AC_HELP_STRING([--with-libcap=LIBCAP-DIR],[use the linux capability library]),[ac_cv_libcap_root=$withval]) +AC_ARG_WITH([libcap-include-dir], AC_HELP_STRING([--with-libcap-include-dir],[specify non-standard location of [[LIBCAP-DIR/include]]]),[ac_cv_libcap_include_dir=$withval]) +AC_ARG_WITH([libcap-lib-dir], AC_HELP_STRING([--with-libcap-lib-dir],[specify non-standard location for -lcap [[LIBCAP-DIR/lib]]]), [ac_cv_libcap_lib_dir=$withval]) + AM_CONFIG_HEADER([lib/reuse/include/reuse/config.h lib/reuse/include/reuse/import.h]) AC_PROG_CC @@ -858,6 +862,146 @@ ac_cv_strtod_accepts_hex=1 AC_MSG_RESULT([no]) ]) +dnl Libcap checking stuff + +ac_cv_has_libcap=1 +if [[ x"${ac_cv_libcap_root}" = xno ]] +then +ac_cv_has_libcap= +fi + +if [[ x"${ac_cv_libcap_root}" = x -o x"${ac_cv_libcap_root}" = xyes ]] +then + [[ x"${ac_cv_libcap_include_dir}" = x -o x"${ac_cv_libcap_include_dir}" = xyes -o x"${ac_cv_libcap_include_dir}" = xno ]] && ac_cv_libcap_include_dir="" + [[ x"${ac_cv_libcap_lib_dir}" = x -o x"${ac_cv_libcap_lib_dir}" = xyes -o x"${ac_cv_libcap_lib_dir}" = xno ]] && ac_cv_libcap_lib_dir="" +else + [[ x"${ac_cv_libcap_include_dir}" = x -o x"${ac_cv_libcap_include_dir}" = xyes -o x"${ac_cv_libcap_include_dir}" = xno ]] && ac_cv_libcap_include_dir="${ac_cv_libcap_root}/include" + [[ x"${ac_cv_libcap_lib_dir}" = x -o x"${ac_cv_libcap_lib_dir}" = xyes -o x"${ac_cv_libcap_lib_dir}" = xno ]] && ac_cv_libcap_lib_dir="${ac_cv_expat_root}/lib" +fi + +ac_cv_libcap_include_opt= +[[ x"${ac_cv_libcap_include_dir}" != x ]] && ac_cv_libcap_include_opt="-I${ac_cv_libcap_include_dir}" +ac_cv_libcap_lib_opt= +[[ x"${ac_cv_libcap_lib_dir}" != x ]] && ac_cv_libcap_lib_opt="-L${ac_cv_libcap_lib_dir}" + +saved_CFLAGS="${CFLAGS}" +saved_CPPFLAGS="${CPPFLAGS}" +saved_LDFLAGS="${LDFLAGS}" +saved_LIBS="${LIBS}" +CFLAGS="${CFLAGS} ${ac_cv_libcap_include_opt}" +CPPFLAGS="${CPPFLAGS} ${ac_cv_libcap_include_opt}" +LDFLAGS="${LDFLAGS} ${ac_cv_libcap_lib_opt}" +LIBS="-lcap ${LIBS}" + +if [[ x"${ac_cv_has_libcap}" = x1 ]] +then + AC_CHECK_HEADER([sys/capability.h], + [ac_cv_has_libcap=1], + [ac_cv_has_libcap=""], +[ +#include +#include +#include +#include +#include +#include +]) +fi + +if [[ x"${ac_cv_has_libcap}" = x1 ]] +then + AC_CHECK_LIB([cap], [cap_get_proc], + [ac_cv_has_libcap=1], + [ac_cv_has_libcap=""]) +fi + +if [[ x"${ac_cv_has_libcap}" = x1 ]] +then + AC_MSG_CHECKING([for CAP_SYS_OPERATIONS bit]) + AC_LINK_IFELSE( +[[ +#include +#include +#include +#include +#include +#include +#include +int main(void) +{ + cap_t old_caps, new_caps; + int setcaps[] = { CAP_SYS_OPERATIONS }; + + old_caps = cap_get_proc(); + new_caps = cap_dup(old_caps); + cap_set_flag(new_caps, CAP_EFFECTIVE, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_PERMITTED, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_INHERITABLE, 1, setcaps, CAP_CLEAR); + cap_set_proc(new_caps); + return 0; +} +]], +[ +AC_MSG_RESULT([supported]) +ac_cv_has_libcap=1 +], +[ +AC_MSG_RESULT([missing]) +ac_cv_has_libcap="" +]) +fi + +CFLAGS="${saved_CFLAGS}" +CPPFLAGS="${saved_CPPFLAGS}" +LDFLAGS="${saved_LDFLAGS}" +LIBS="${saved_LIBS}" + +if [[ x"${ac_cv_has_libcap}" = x1 ]] +then + ac_cv_reuse_libcap_cflags="${ac_cv_libcap_include_opt}" + ac_cv_reuse_libcap_ldflags="${ac_cv_libcap_lib_opt}" + ac_cv_reuse_libcap_libs="-lcap" +fi + +dnl compiler warning checking +saved_CC="${CC}" +AC_MSG_CHECKING([for annoying gcc warnings]) +CC="${CC} -Wall -Werror" +AC_COMPILE_IFELSE([[ +#include +#include +int main(void) +{ + unsigned char *str = "zzz"; + int v = strlen(str); + printf("%d\n", v); + return 0; +} +]],[ +AC_MSG_RESULT([no]) +],[ +AC_MSG_RESULT([yes]) +ac_cv_annoying_warning=1 +]) +if [[ x"${ac_cv_annoying_warning}" = x1 ]] +then + AC_MSG_CHECKING([for -Wno-pointer-sign]) + CC="${saved_CC} -Wno-pointer-sign -Werror" + AC_COMPILE_IFELSE([[ +int main(void) +{ + unsigned char *str = "zzz"; + return 0; +} +]],[ +AC_MSG_RESULT([yes]) +ac_cv_gcc_wno_pointer_sign=-Wno-pointer-sign +],[ +AC_MSG_RESULT([no]) +]) +fi +CC="${saved_CC}" + # # generation of lib/reuse/include/reuse/integral.h # @@ -989,6 +1133,10 @@ fi AC_SUBST(ac_cv_reuse_API_type) AC_SUBST(ac_cv_build) +AC_SUBST(ac_cv_reuse_libcap_cflags) +AC_SUBST(ac_cv_reuse_libcap_ldflags) +AC_SUBST(ac_cv_reuse_libcap_libs) +AC_SUBST(ac_cv_gcc_wno_pointer_sign) AC_DEFINE(R_DLL,[],[DLL import specification]) if [[ x"${ac_cv_printf_a_works}" = x1 ]] @@ -1093,6 +1241,10 @@ if [[ x"${ac_cv_strtoull}" = x1 ]] then AC_DEFINE([CONF_HAS_STRTOULL],[1],[strtoull() is supported]) fi +if [[ x"${ac_cv_has_libcap}" = x1 ]] +then + AC_DEFINE([CONF_HAS_LIBCAP],[1],[libcap is present]) +fi # # Generation of reuse-config-c.v.h @@ -1133,6 +1285,10 @@ if [[ x"${ac_cv_disable_rpath}" = x1 ]] then echo "#define REUSE_CONFIG_disable_rpath 1" >> ${newhpath} fi +if [[ x"${ac_cv_has_libcap}" = x1 ]] +then + echo '#define REUSE_CONFIG_libcap "'${ac_cv_reuse_libcap_libs}'"' >> ${newhpath} +fi echo "#endif /* __REUSE_CONFIG_C_H__ */" >> ${newhpath} if diff -q "${newhpath}" "${hpath}" > /dev/null 2>&1 diff -ruNp reuse-4.2.3/source/configure-mingw reuse/source/configure-mingw --- reuse-4.2.3/source/configure-mingw 1970-01-01 03:00:00.000000000 +0300 +++ reuse/source/configure-mingw 2006-05-11 17:22:24.000000000 +0400 @@ -0,0 +1,3 @@ +#! /bin/sh -x +# $Id: configure-mingw,v 1.1 2006/05/11 13:22:24 cher Exp $ +exec ./configure "$@" i686-pc-mingw32 diff -ruNp reuse-4.2.3/source/db/revisions reuse/source/db/revisions --- reuse-4.2.3/source/db/revisions 2006-01-26 23:35:51.000000000 +0300 +++ reuse/source/db/revisions 2006-05-07 13:58:00.000000000 +0400 @@ -578,3 +578,7 @@ unix/stream_io.c 6 9 1927650 unix/exec.c 6 35 3451533 unix/exec.c 6 36 3508988 win32/os_env.c 1 5 496541 +reuse-config-c.c 1 4 722059 +unix/exec.c 6 37 3862787 +win32/exec.c 1 20 2911238 +./include/reuse/exec.h 6 17 304017 diff -ruNp reuse-4.2.3/source/db/versions reuse/source/db/versions --- reuse-4.2.3/source/db/versions 2006-01-26 23:35:52.000000000 +0300 +++ reuse/source/db/versions 2006-05-07 13:58:01.000000000 +0400 @@ -99,3 +99,4 @@ 1916 4.2 1 2005/10/27 1917 4.2 2 2005/11/09 1919 4.2 3 2006/01/26 +1923 4.2 4 2006/05/07 diff -ruNp reuse-4.2.3/source/include/reuse/ChangeLog reuse/source/include/reuse/ChangeLog --- reuse-4.2.3/source/include/reuse/ChangeLog 2005-10-27 13:07:28.000000000 +0400 +++ reuse/source/include/reuse/ChangeLog 2006-05-11 17:28:23.000000000 +0400 @@ -1,3 +1,10 @@ +2006-05-07 Alexander Chernov + + * exec.h: copyright notice is updated; + (task_EnableSecureExec) new function prototype; + (task_SetQuietFlag) new function prototype; + (task_GetErrorMessage) new function prototype. + 2005-10-27 Alexander Chernov * Sets.h: copyright notice is updated; diff -ruNp reuse-4.2.3/source/include/reuse/exec.h reuse/source/include/reuse/exec.h --- reuse-4.2.3/source/include/reuse/exec.h 2005-08-08 11:44:00.000000000 +0400 +++ reuse/source/include/reuse/exec.h 2006-05-07 13:50:42.000000000 +0400 @@ -1,9 +1,9 @@ -/* $Id: exec.h,v 6.16 2005/08/08 07:44:00 cher Exp $ */ +/* $Id: exec.h,v 6.17 2006/05/07 09:50:42 cher Exp $ */ #ifndef __REUSE_EXEC_H__ #define __REUSE_EXEC_H__ -/* Copyright (C) 1998-2005 Alexander Chernov */ +/* Copyright (C) 1998-2006 Alexander Chernov */ /* Created: <1998-01-21 14:26:50 cher> */ /* @@ -90,8 +90,11 @@ R_DLL int task_SetDataSize(tpTask, R_DLL int task_SetVMSize(tpTask, int); R_DLL int task_DisableCoreDump(tpTask); R_DLL int task_EnableMemoryLimitError(tpTask); +R_DLL int task_EnableSecureExec(tpTask); R_DLL int task_PrintArgs(tpTask); +R_DLL int task_SetQuietFlag(tpTask); +R_DLL char* task_GetErrorMessage(tpTask); R_DLL int task_Start(tpTask); R_DLL tpTask task_Wait(tpTask); diff -ruNp reuse-4.2.3/source/lib/reuse/include/reuse/config.h.in reuse/source/lib/reuse/include/reuse/config.h.in --- reuse-4.2.3/source/lib/reuse/include/reuse/config.h.in 2006-01-26 23:37:50.000000000 +0300 +++ reuse/source/lib/reuse/include/reuse/config.h.in 2006-05-11 17:34:22.000000000 +0400 @@ -9,6 +9,9 @@ /* whether fchdir(2) is supported */ #undef CONF_HAS_FCHDIR +/* libcap is present */ +#undef CONF_HAS_LIBCAP + /* strcasecmp is supported */ #undef CONF_HAS_STRCASECMP diff -ruNp reuse-4.2.3/source/Makefile.am reuse/source/Makefile.am --- reuse-4.2.3/source/Makefile.am 2005-08-08 11:52:05.000000000 +0400 +++ reuse/source/Makefile.am 2006-05-07 13:54:21.000000000 +0400 @@ -1,5 +1,5 @@ -# $Id: Makefile.am,v 1.6 2005/08/08 07:52:05 cher Exp $ -# Copyright (C) 2004,2005 Alexander Chernov */ +# $Id: Makefile.am,v 1.7 2006/05/07 09:54:21 cher Exp $ +# Copyright (C) 2004-2006 Alexander Chernov */ # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -14,8 +14,14 @@ lib_LTLIBRARIES = libreuse.la bin_PROGRAMS = revinfo mkChangeLog reuse-config reuse-config-c -libreuse_la_LDFLAGS = -version-info 5:0:1 -libreuse_la_CFLAGS = -I${top_srcdir}/include -I${top_srcdir}/lib/reuse/include +REUSE_API_TYPE = @ac_cv_reuse_API_type@ +flag1 = @ac_cv_reuse_libcap_cflags@ +flag2 = @ac_cv_reuse_libcap_ldflags@ +flag3 = @ac_cv_reuse_libcap_libs@ +flag4 = @ac_cv_gcc_wno_pointer_sign@ + +libreuse_la_LDFLAGS = -version-info 6:0:2 ${flag2} ${flag3} +libreuse_la_CFLAGS = -I${top_srcdir}/include -I${top_srcdir}/lib/reuse/include ${flag1} ${flag4} libreuse_la_SOURCES = \ $(REUSE_CVS_C_FILES) \ version.c @@ -26,8 +32,6 @@ pkgconfig_DATA = reuse.pc reuseincludedir=$(includedir)/reuse reuseosincludedir=$(libdir)/reuse/include/reuse -REUSE_API_TYPE = @ac_cv_reuse_API_type@ - REUSE_CVS_C_FILES =\ BalTree.c\ c_value.c\ diff -ruNp reuse-4.2.3/source/Makefile.in reuse/source/Makefile.in --- reuse-4.2.3/source/Makefile.in 2006-01-26 23:37:57.000000000 +0300 +++ reuse/source/Makefile.in 2006-05-11 17:34:29.000000000 +0400 @@ -14,8 +14,8 @@ @SET_MAKE@ -# $Id: Makefile.am,v 1.6 2005/08/08 07:52:05 cher Exp $ -# Copyright (C) 2004,2005 Alexander Chernov */ +# $Id: Makefile.am,v 1.7 2006/05/07 09:54:21 cher Exp $ +# Copyright (C) 2004-2006 Alexander Chernov */ # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -316,7 +316,11 @@ ac_ct_OBJDUMP = @ac_ct_OBJDUMP@ ac_ct_RANLIB = @ac_ct_RANLIB@ ac_ct_STRIP = @ac_ct_STRIP@ ac_cv_build = @ac_cv_build@ +ac_cv_gcc_wno_pointer_sign = @ac_cv_gcc_wno_pointer_sign@ ac_cv_reuse_API_type = @ac_cv_reuse_API_type@ +ac_cv_reuse_libcap_cflags = @ac_cv_reuse_libcap_cflags@ +ac_cv_reuse_libcap_ldflags = @ac_cv_reuse_libcap_ldflags@ +ac_cv_reuse_libcap_libs = @ac_cv_reuse_libcap_libs@ am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ @@ -355,8 +359,13 @@ sharedstatedir = @sharedstatedir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ lib_LTLIBRARIES = libreuse.la -libreuse_la_LDFLAGS = -version-info 5:0:1 -libreuse_la_CFLAGS = -I${top_srcdir}/include -I${top_srcdir}/lib/reuse/include +REUSE_API_TYPE = @ac_cv_reuse_API_type@ +flag1 = @ac_cv_reuse_libcap_cflags@ +flag2 = @ac_cv_reuse_libcap_ldflags@ +flag3 = @ac_cv_reuse_libcap_libs@ +flag4 = @ac_cv_gcc_wno_pointer_sign@ +libreuse_la_LDFLAGS = -version-info 6:0:2 ${flag2} ${flag3} +libreuse_la_CFLAGS = -I${top_srcdir}/include -I${top_srcdir}/lib/reuse/include ${flag1} ${flag4} libreuse_la_SOURCES = \ $(REUSE_CVS_C_FILES) \ version.c @@ -365,7 +374,6 @@ pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = reuse.pc reuseincludedir = $(includedir)/reuse reuseosincludedir = $(libdir)/reuse/include/reuse -REUSE_API_TYPE = @ac_cv_reuse_API_type@ REUSE_CVS_C_FILES = \ BalTree.c\ c_value.c\ diff -ruNp reuse-4.2.3/source/NEWS reuse/source/NEWS --- reuse-4.2.3/source/NEWS 2006-01-26 23:35:06.000000000 +0300 +++ reuse/source/NEWS 2006-05-11 17:28:23.000000000 +0400 @@ -1,4 +1,26 @@ -$Id: NEWS,v 6.15 2006/01/26 20:35:06 cher Exp $ +$Id: NEWS,v 6.16 2006/05/11 13:28:23 cher Exp $ + +Reuse 4.2.4 (20060511) +====================== +Added support for special Linux kernel capabilities for secure +execution (CAP_SYS_OPERATIONS). The capabilities are detected at +configure time and their support is enabled. + +(exec.c) new functions: + task_EnableSecureExec + task_SetQuietFlag + task_GetErrorMessage + +`task_EnableSecureExec' sets the "secure execution" flag. If this +flag is set, the CAP_SYS_OPERATIONS capability is dropped before +execing a program. This works only for statically linked programs, +though. + +`task_SetQuietFlag' sets the "quiet" flag. If it is set, no error +messages are printed to the stderr, instead they are saved and +are available by `task_GetErrorMessage' function. + +`task_GetErrorMessage' retrieves the latest error message. Reuse 4.2.3 (20060126) ====================== diff -ruNp reuse-4.2.3/source/reuse-config-c.c reuse/source/reuse-config-c.c --- reuse-4.2.3/source/reuse-config-c.c 2005-10-27 13:01:20.000000000 +0400 +++ reuse/source/reuse-config-c.c 2006-05-07 13:52:28.000000000 +0400 @@ -1,6 +1,6 @@ -/* $Id: reuse-config-c.c,v 1.3 2005/10/27 09:01:20 cher Exp $ */ +/* $Id: reuse-config-c.c,v 1.4 2006/05/07 09:52:28 cher Exp $ */ -/* Copyright (C) 2005 Alexander Chernov */ +/* Copyright (C) 2005,2006 Alexander Chernov */ /* * This library is free software; you can redistribute it and/or @@ -30,6 +30,7 @@ static unsigned char *var_libdir; static unsigned char *var_libexecdir; static unsigned char *var_build; static unsigned char *var_build_version; +static unsigned char *var_libcap_name; static unsigned char *prog_name; @@ -50,6 +51,9 @@ static struct vartable vars[] = { (const unsigned char*) "libexecdir", &var_libexecdir }, { (const unsigned char*) "build", &var_build }, { (const unsigned char*) "build_version", &var_build_version }, +#if defined REUSE_CONFIG_libcap + { (const unsigned char*) "libcap_name", &var_libcap_name }, +#endif { 0, 0 }, }; @@ -189,9 +193,10 @@ usage(void) " --help print this message\n" " --version print the version of reuse associated with this script\n" " --build print the canonic configuration name\n" - " --cflags print C the compilation flags for libchecker\n" - " --ldflags print C the linking flags for libchecker\n" - " --libs print C the libraries for libchecker\n", + " --prefix print the installation prefix\n" + " --cflags print C the compilation flags for reuse\n" + " --ldflags print C the linking flags for reuse\n" + " --libs print C the libraries for reuse\n", stdout); exit(0); @@ -220,6 +225,9 @@ main(int argc, char **argv) var_libexecdir = varsubst_heap((unsigned char*)REUSE_CONFIG_libexecdir, 0); var_build = varsubst_heap((unsigned char*)REUSE_CONFIG_build, 0); var_build_version = varsubst_heap((unsigned char*)REUSE_CONFIG_build_version, 0); +#if defined REUSE_CONFIG_libcap + var_libcap_name = varsubst_heap((unsigned char*)REUSE_CONFIG_libcap, 0); +#endif if (argc <= 1) usage(); @@ -232,6 +240,10 @@ main(int argc, char **argv) printf("%s\n", var_build); exit(0); } + if (!strcmp(argv[1], "--prefix")) { + printf("%s\n", var_prefix); + exit(0); + } if (!strcmp(argv[1], "--vars")) { printf("prefix=%s\n" "exec_prefix=%s\n" @@ -282,7 +294,12 @@ main(int argc, char **argv) if (need_libs) { sps = (unsigned char*)""; if (outbuf[0]) sps = (unsigned char*)" "; - snprintf((char*)tmpbuf, sizeof(tmpbuf), "%s%s-lreuse -lm", outbuf, sps); + if (var_libcap_name && *var_libcap_name) { + snprintf((char*)tmpbuf, sizeof(tmpbuf), "%s%s-lreuse %s -lm", + outbuf, sps, var_libcap_name); + } else { + snprintf((char*)tmpbuf, sizeof(tmpbuf), "%s%s-lreuse -lm", outbuf, sps); + } strcpy((char*)outbuf, (char*)tmpbuf); } diff -ruNp reuse-4.2.3/source/reuse-config.v.in reuse/source/reuse-config.v.in --- reuse-4.2.3/source/reuse-config.v.in 2005-10-27 13:00:52.000000000 +0400 +++ reuse/source/reuse-config.v.in 2006-05-07 13:52:00.000000000 +0400 @@ -1,6 +1,6 @@ #!/bin/sh -# $Id: reuse-config.v.in,v 1.3 2005/10/27 09:00:52 cher Exp $ -# Copyright (C) 2004,2005 Alexander Chernov +# $Id: reuse-config.v.in,v 1.4 2006/05/07 09:52:00 cher Exp $ +# Copyright (C) 2004-2006 Alexander Chernov prefix="@prefix@" exec_prefix="@exec_prefix@" @@ -10,6 +10,7 @@ includedir="@includedir@" libdir="@libdir@" libexecdir="@libexecdir@" build="@ac_cv_build@" +libcap_name="@ac_cv_reuse_libcap_libs@" # This variable is updated on each build build_version="@BUILD_VERSION@" @@ -21,9 +22,11 @@ Usage: reuse-config [OPTION]... General options: --help print this message --version print the version of reuse associated with this script - --cflags print C the compilation flags for libchecker - --ldflags print C the linking flags for libchecker - --libs print C the libraries for libchecker + --build print the configuration name + --prefix print the installation prefix + --cflags print C the compilation flags for reuse + --ldflags print C the linking flags for reuse + --libs print C the libraries for reuse EOF exit 0 } @@ -42,6 +45,9 @@ do --build) echo "${build}" exit 0;; + --prefix) + echo "${prefix}" + exit 0;; --cflags) need_cflags=1 shift @@ -84,7 +90,7 @@ fi if [ x"${need_libs}" = x1 ] then [ x"${output}" != x ] && output="${output} " - output="${output}-lreuse -lm" + output="${output}-lreuse ${libcap_name} -lm" fi if [ x"${output}" != x ] diff -ruNp reuse-4.2.3/source/reuse.pc.v.in reuse/source/reuse.pc.v.in --- reuse-4.2.3/source/reuse.pc.v.in 2004-07-17 10:19:42.000000000 +0400 +++ reuse/source/reuse.pc.v.in 2006-05-07 13:54:43.000000000 +0400 @@ -6,5 +6,5 @@ includedir=@includedir@ Name: reuse Description: A library of utility functions Version: @BUILD_VERSION@ -Libs: -L${libdir} -lm +Libs: -L${libdir} @ac_cv_reuse_libcap_libs@ -lm Cflags: -I${includedir} -I${libdir}/reuse/include diff -ruNp reuse-4.2.3/source/unix/ChangeLog reuse/source/unix/ChangeLog --- reuse-4.2.3/source/unix/ChangeLog 2006-01-26 23:35:27.000000000 +0300 +++ reuse/source/unix/ChangeLog 2006-05-11 17:28:23.000000000 +0400 @@ -1,3 +1,20 @@ +2006-05-07 Alexander Chernov + + * exec.c: is included, if enabled; + (struct tTask) new fields added: `enable_secure_exec', + `quiet_flag', `last_error_msg'; + (task_Delete) `last_error_msg' is freed; + (task_EnableSecureExec) new function implemented; + (task_SetQuietFlag) new function implemented; + (task_GetErrorMessage) new function implemented; + (task_SetKillSignal) `quiet_flag' is supported; + (format_exitcode) parameter `tsk' is added; + `quiet_flag' is supported; + (task_Start) `quiet_flag' is supported; + `enable_secure_exec' is supported; + (task_Wait) `quiet_flag' is supported; + (linux_set_secure_exec_supported_flag) new function. + 2006-01-26 Alexander Chernov * exec.c: support for extra kernel features patch for 2.6 kernels. @@ -854,4 +871,4 @@ Fri Nov 10 11:00:50 1995 Alexander Cher * System.c: Initial revision END - # $Id: ChangeLog,v 6.32 2006/01/26 20:35:27 cher Exp $ + # $Id: ChangeLog,v 6.33 2006/05/11 13:28:23 cher Exp $ diff -ruNp reuse-4.2.3/source/unix/exec.c reuse/source/unix/exec.c --- reuse-4.2.3/source/unix/exec.c 2006-01-26 23:34:49.000000000 +0300 +++ reuse/source/unix/exec.c 2006-05-07 13:49:41.000000000 +0400 @@ -1,4 +1,4 @@ -/* $Id: exec.c,v 6.36 2006/01/26 20:34:49 cher Exp $ */ +/* $Id: exec.c,v 6.37 2006/05/07 09:49:41 cher Exp $ */ /* Copyright (C) 1998-2006 Alexander Chernov */ /* Created: <1998-01-21 14:33:28 cher> */ @@ -54,6 +54,10 @@ #include #endif +#if defined CONF_HAS_LIBCAP && CONF_HAS_LIBCAP == 1 +#include +#endif + #ifndef __GNUC__ #define __FUNCTION__ "???" #endif /* __GNUC__ */ @@ -102,7 +106,9 @@ struct tTask int max_vm_size; /* max size of virtual memory */ int disable_core; /* disable core dumps? */ int enable_memory_limit_error; /* enable memory limit error detection? */ + int enable_secure_exec; /* drop capabilities before exec'ing */ int clear_env; /* clear the environment? */ + int quiet_flag; /* be quiet */ struct rusage usage; /* process resource utilization */ struct timeval start_time; /* start real-time */ struct timeval stop_time; /* stop real-time */ @@ -119,6 +125,8 @@ struct tTask int a; /* allocated entries */ } redirs; /* redirections */ strarray_t env; /* environment variables */ + + char *last_error_msg; /* last error text */ }; #define PIDARR_SIZE 32 @@ -140,6 +148,8 @@ static int linux_ms_time_limit = -1; static int linux_ptrace_code = -1; static int linux_rlimit_code = -1; static void linux_set_fix_flag(void); +static int linux_secure_exec_supported = -1; +static void linux_set_secure_exec_supported_flag(void); #endif static void task_fini_module(void); @@ -400,6 +410,7 @@ task_Delete(tTask *tsk) xfree(tsk->args.v); xfree(tsk->redirs.v); xfree(tsk->working_dir); + xfree(tsk->last_error_msg); xfree(tsk); } @@ -891,6 +902,25 @@ task_EnableMemoryLimitError(tTask *tsk) } int +task_EnableSecureExec(tTask *tsk) +{ + task_init_module(); + ASSERT(tsk); + +#ifndef __linux__ + return -1; +#else +#if !defined CONF_HAS_LIBCAP || CONF_HAS_LIBCAP != 1 + return -1; +#endif + linux_set_secure_exec_supported_flag(); + if (linux_secure_exec_supported != 1) return -1; + tsk->enable_secure_exec = 1; + return 0; +#endif /* __linux__ */ +} + +int task_DisableCoreDump(tTask *tsk) { task_init_module(); @@ -900,6 +930,24 @@ task_DisableCoreDump(tTask *tsk) } int +task_SetQuietFlag(tTask *tsk) +{ + task_init_module(); + ASSERT(tsk); + tsk->quiet_flag = 1; + return 0; +} + +char * +task_GetErrorMessage(tTask *tsk) +{ + task_init_module(); + ASSERT(tsk); + if (!tsk->last_error_msg) return "no error"; + return tsk->last_error_msg; +} + +int task_SetDataSize(tTask *tsk, int size) { task_init_module(); @@ -946,8 +994,15 @@ task_SetKillSignal(tTask *tsk, char cons } else if (!strcasecmp(signame, "int")) { tsk->termsig = SIGINT; } else { - write_log(LOG_REUSE, LOG_ERROR, "%s: invalid signal specification: '%s'", - __FUNCTION__ , signame); + char buf[512]; + + snprintf(buf, sizeof(buf), "invalid signal specification: '%s'", signame); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(buf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__ , buf); + } return -1; } return 0; @@ -1051,7 +1106,7 @@ task_PrintArgs(tTask *tsk) #define TASK_ERR_LIMIT_CPU_FAILED 112 static char * -format_exitcode(char *buf, int size, int code, int err) +format_exitcode(tTask *tsk, char *buf, int size, int code, int err) { char *s; @@ -1071,8 +1126,12 @@ format_exitcode(char *buf, int size, int case TASK_ERR_LIMIT_CPU_FAILED: s = "rlimit() failed"; break; default: s = "unknown"; break; } - os_snprintf(buf,size,"%d, %s: %d, %s",code,s,err,os_GetErrorString(err)); - buf[size - 1] = 0; + if (tsk->quiet_flag) { + snprintf(buf, size, "%s: %s", s, os_GetErrorString(err)); + } else { + os_snprintf(buf,size,"%d, %s: %d, %s",code,s,err,os_GetErrorString(err)); + buf[size - 1] = 0; + } return buf; } @@ -1091,6 +1150,7 @@ task_Start(tTask *tsk) int i; int comm_fd = -1; tRedir *rdr; + char errbuf[512]; task_init_module(); ASSERT(tsk); @@ -1128,8 +1188,13 @@ task_Start(tTask *tsk) tsk->pid = 1; tsk->code = errno; tsk->exit_code = TASK_ERR_PIPE_FAILED; - write_log(LOG_REUSE, LOG_ERROR, "%s: pipe() failed: %s", - __FUNCTION__ , os_ErrorString()); + snprintf(errbuf, sizeof(errbuf), "pipe() failed: %s", os_ErrorString()); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__ , errbuf); + } return -1; } } @@ -1146,8 +1211,13 @@ task_Start(tTask *tsk) tsk->pid = 1; tsk->code = errno; tsk->exit_code = TASK_ERR_COMM_PIPE_FAILED; - write_log(LOG_REUSE, LOG_ERROR, "%s: pipe() failed: %s", - __FUNCTION__ , os_ErrorMsg()); + snprintf(errbuf, sizeof(errbuf), "pipe() failed: %s", os_ErrorMsg()); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__ , errbuf); + } return -1; } if (dup2(pp[0], comm_fd) < 0 || dup2(pp[1], comm_fd + 1) < 0) { @@ -1155,8 +1225,13 @@ task_Start(tTask *tsk) tsk->pid = 1; tsk->code = errno; tsk->exit_code = TASK_ERR_COMM_DUP_FAILED; - write_log(LOG_REUSE, LOG_ERROR, "%s: dup2() failed: %s", - __FUNCTION__ , os_ErrorMsg()); + snprintf(errbuf, sizeof(errbuf), "dup2() failed: %s", os_ErrorMsg()); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__ , errbuf); + } close(pp[0]); close(pp[1]); close(comm_fd); return -1; } @@ -1169,8 +1244,13 @@ task_Start(tTask *tsk) tsk->pid = 1; tsk->code = errno; tsk->exit_code = TASK_ERR_COMM_FCNTL_FAILED; - write_log(LOG_REUSE, LOG_ERROR, "%s: fcntl() failed: %s", - __FUNCTION__ , os_ErrorMsg()); + snprintf(errbuf, sizeof(errbuf), "fcntl() failed: %s", os_ErrorMsg()); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__ , errbuf); + } close(comm_fd); close(comm_fd + 1); return -1; @@ -1188,8 +1268,13 @@ task_Start(tTask *tsk) tsk->pid = 1; tsk->code = errno; tsk->exit_code = TASK_ERR_FORK_FAILED; - write_log(LOG_REUSE, LOG_ERROR, "%s: fork() failed: %s", - __FUNCTION__ , os_ErrorMsg()); + snprintf(errbuf, sizeof(errbuf), "fork() failed: %s", os_ErrorMsg()); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__ , errbuf); + } close(comm_fd); close(comm_fd + 1); return -1; } @@ -1214,8 +1299,14 @@ task_Start(tTask *tsk) rb = read(comm_fd, &rv, sizeof(rv)); if (rb < 0) { - write_log(LOG_REUSE, LOG_ERROR, "%s: read from pipe failed: %s", - __FUNCTION__ , os_ErrorMsg()); + snprintf(errbuf, sizeof(errbuf), "read from pipe failed: %s", + os_ErrorMsg()); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__ , errbuf); + } /* FIXME: should we mark process as not started? */ close(comm_fd); return 0; @@ -1226,8 +1317,13 @@ task_Start(tTask *tsk) return 0; } if (rb != sizeof(rv)) { - write_log(LOG_REUSE, LOG_ERROR, "%s: child protocol error", - __FUNCTION__); + snprintf(errbuf, sizeof(errbuf), "child protocol error"); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: %s", __FUNCTION__, errbuf); + } /* FIXME: should we mark process as not started? */ close(comm_fd); return 0; @@ -1240,9 +1336,14 @@ task_Start(tTask *tsk) tsk->pid = 1; tsk->code = rv & 0xFFFF; tsk->exit_code = (rv >> 16) & 0xFF; - format_exitcode(buf, sizeof(buf), tsk->exit_code, tsk->code); - write_log(LOG_REUSE, LOG_ERROR, "%s: process not started: %s", - __FUNCTION__ , buf); + format_exitcode(tsk, buf, sizeof(buf), tsk->exit_code, tsk->code); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(buf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "%s: process not started: %s", + __FUNCTION__ , buf); + } close(comm_fd); return -1; } @@ -1472,6 +1573,20 @@ task_Start(tTask *tsk) } } +#if defined CONF_HAS_LIBCAP && CONF_HAS_LIBCAP == 1 + if (tsk->enable_secure_exec && linux_secure_exec_supported == 1) { + cap_t old_caps, new_caps; + int setcaps[] = { CAP_SYS_OPERATIONS }; + + old_caps = cap_get_proc(); + new_caps = cap_dup(old_caps); + cap_set_flag(new_caps, CAP_EFFECTIVE, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_PERMITTED, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_INHERITABLE, 1, setcaps, CAP_CLEAR); + cap_set_proc(new_caps); + } +#endif + /* do exec */ //fprintf(stderr, "starting: %s\n", tsk->path); @@ -1500,6 +1615,7 @@ task_Wait(tTask *tsk) pid_t pid; int stat; struct rusage usage; + char errbuf[512]; task_init_module(); ASSERT(tsk); @@ -1542,8 +1658,13 @@ task_Wait(tTask *tsk) while (tsk->state == TSK_RUNNING) { pid = wait4(-1, &stat, 0, &usage); if (pid == -1 && errno == ECHILD) { - write_log(LOG_REUSE, LOG_ERROR, - "task_Wait: wait4 returned -1 (no child)"); + snprintf(errbuf, sizeof(errbuf), "wait4 returned -1 (no child)"); + if (tsk->quiet_flag) { + xfree(tsk->last_error_msg); + tsk->last_error_msg = xstrdup(errbuf); + } else { + write_log(LOG_REUSE, LOG_ERROR, "task_Wait: %s", errbuf); + } tsk->state = TSK_SIGNALED; tsk->code = 0; return tsk; @@ -1856,11 +1977,51 @@ linux_set_fix_flag(void) } } } + +static void +linux_set_secure_exec_supported_flag(void) +{ + int pid, status, res; + + if (linux_secure_exec_supported >= 0) return; + linux_secure_exec_supported = 0; + +#if defined CONF_HAS_LIBCAP && CONF_HAS_LIBCAP == 1 + if ((pid = fork()) < 0) return; + + if (!pid) { + // child + cap_t old_caps, new_caps; + int setcaps[] = { CAP_SYS_OPERATIONS }; + + old_caps = cap_get_proc(); + new_caps = cap_dup(old_caps); + cap_set_flag(new_caps, CAP_EFFECTIVE, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_PERMITTED, 1, setcaps, CAP_CLEAR); + cap_set_flag(new_caps, CAP_INHERITABLE, 1, setcaps, CAP_CLEAR); + cap_set_proc(new_caps); + + /* if dup works, CAP_SYS_OPERATIONS has no effect :-( */ + if (dup(0) >= 0) { + _exit(1); + } + _exit(0); + } + + // parent + while (1) { + res = waitpid(pid, &status, 0); + if ((res < 0 && errno != EINTR) || res == pid) break; + } + if (res == pid && WIFEXITED(status) && WEXITSTATUS(status) == 0) + linux_secure_exec_supported = 1; +#endif +} #endif #if REUSE_COMPILE_CVSID - 0 != 0 static char const cvsid[] = -"$Id: exec.c,v 6.36 2006/01/26 20:34:49 cher Exp $"; +"$Id: exec.c,v 6.37 2006/05/07 09:49:41 cher Exp $"; #endif /* REUSE_COMPILE_CVSID */ /* diff -ruNp reuse-4.2.3/source/win32/ChangeLog reuse/source/win32/ChangeLog --- reuse-4.2.3/source/win32/ChangeLog 2005-08-08 11:56:41.000000000 +0400 +++ reuse/source/win32/ChangeLog 2006-05-11 17:28:24.000000000 +0400 @@ -1,3 +1,14 @@ +2006-05-07 Alexander Chernov + + * exec.c: copyright notice is updated; + (task_EnableSecureExec) new function is added but not implemented; + (task_SetQuietFlag) new function is added but not implemented; + (task_GetErrorMessage) new function is added but not implemented. + +2006-01-26 Alexander Chernov + + * os_env.c: *** empty log message *** + 2005-08-08 Alexander Chernov * exec.c: @@ -338,4 +349,4 @@ Wed Jul 21 21:27:40 1999 Alexander Cher Initial revision END - # $Id: ChangeLog,v 1.25 2005/08/08 07:56:41 cher Exp $ + # $Id: ChangeLog,v 1.26 2006/05/11 13:28:24 cher Exp $ diff -ruNp reuse-4.2.3/source/win32/exec.c reuse/source/win32/exec.c --- reuse-4.2.3/source/win32/exec.c 2005-08-08 11:51:42.000000000 +0400 +++ reuse/source/win32/exec.c 2006-05-07 13:15:14.000000000 +0400 @@ -1,6 +1,6 @@ -/* $Id: exec.c,v 1.19 2005/08/08 07:51:42 cher Exp $ */ +/* $Id: exec.c,v 1.20 2006/05/07 09:15:14 cher Exp $ */ -/* Copyright (C) 1999-2005 Alexander Chernov */ +/* Copyright (C) 1999-2006 Alexander Chernov */ /* Created: <1999-07-20 11:05:09 cher> */ /* @@ -577,6 +577,24 @@ task_EnableMemoryLimitError(tTask *tsk) } int +task_EnableSecureExec(tTask *tsk) +{ + NOT_IMPLEMENTED(); +} + +int +task_SetQuietFlag(tTask *tsk) +{ + NOT_IMPLEMENTED(); +} + +char * +task_GetErrorMessage(tTask *tsk) +{ + NOT_IMPLEMENTED(); +} + +int task_SetDataSize(tTask *tsk, int size) { ASSERT(tsk); @@ -1514,7 +1532,7 @@ envvar_put(envvar_table_t *t, const char #if REUSE_COMPILE_CVSID - 0 != 0 static char const cvsid[]= -"$Id: exec.c,v 1.19 2005/08/08 07:51:42 cher Exp $"; +"$Id: exec.c,v 1.20 2006/05/07 09:15:14 cher Exp $"; #endif /* REUSE_COMPILE_CVSID */ /* === Do not add stuff after this line === */