aboutsummaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac218
1 files changed, 146 insertions, 72 deletions
diff --git a/configure.ac b/configure.ac
index b5e4b2bec5..26f85b5acf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -137,9 +137,11 @@ case "$host" in
esac
AC_ARG_ENABLE(gcc-warnings,
- AS_HELP_STRING(--enable-gcc-warnings, [enable verbose warnings]))
+ AS_HELP_STRING(--enable-gcc-warnings, [deprecated alias for enable-fatal-warnings]))
+AC_ARG_ENABLE(fatal-warnings,
+ AS_HELP_STRING(--enable-fatal-warnings, [tell the compiler to treat all warnings as errors.]))
AC_ARG_ENABLE(gcc-warnings-advisory,
- AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror]))
+ AS_HELP_STRING(--disable-gcc-warnings-advisory, [disable the regular verbose warnings]))
dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
AC_ARG_ENABLE(gcc-hardening,
@@ -426,6 +428,7 @@ AC_CHECK_FUNCS(
strtoull \
sysconf \
sysctl \
+ truncate \
uname \
usleep \
vasprintf \
@@ -749,6 +752,11 @@ dnl use it with a build of a library.
all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl $TOR_LDFLAGS_libevent"
all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI $TOR_CAP_LIBS"
+CFLAGS_FTRAPV=
+CFLAGS_FWRAPV=
+CFLAGS_ASAN=
+CFLAGS_UBSAN=
+
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
#if !defined(__clang__)
#error
@@ -771,20 +779,88 @@ m4_ifdef([AS_VAR_IF],[
AS_VAR_POPDEF([can_link])
AS_VAR_POPDEF([can_compile])
TOR_CHECK_CFLAGS(-Wstack-protector)
- TOR_CHECK_CFLAGS(-fwrapv)
TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)
if test "$bwin32" = "false"; then
TOR_CHECK_CFLAGS(-fPIE)
TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
fi
+ TOR_TRY_COMPILE_WITH_CFLAGS(-ftrapv, also_link, CFLAGS_FTRAPV="-ftrapv", true)
+ TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true)
+ if test "$tor_cv_cflags__ftrapv" = "yes" && test "$tor_can_link__ftrapv" != "yes"; then
+ AC_MSG_WARN([The compiler supports -ftrapv, but for some reason I was not able to link with -ftrapv. Are you missing run-time support? Run-time hardening will not work as well as it should.])
+ fi
fi
if test "x$enable_expensive_hardening" = "xyes"; then
- TOR_CHECK_CFLAGS([-fsanitize=address])
- TOR_CHECK_CFLAGS([-fsanitize=undefined])
- TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
+ if test "$tor_cv_cflags__ftrapv" != "yes"; then
+ AC_MSG_ERROR([You requested expensive hardening, but the compiler does not seem to support -ftrapv.])
+ fi
+
+ TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=address], also_link, CFLAGS_ASAN="-fsanitize=address", true)
+ if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then
+ AC_MSG_ERROR([The compiler supports -fsanitize=address, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libubsan.so, and with Clang you need libclang_rt.ubsan*])
+ fi
+
+ TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=undefined], also_link, CFLAGS_UBSAN="-fsanitize=undefined", true)
+ if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then
+ AC_MSG_ERROR([The compiler supports -fsanitize=undefined, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libasan.so, and with Clang you need libclang_rt.ubsan*])
+ fi
+
+TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
+fi
+
+CFLAGS_BUGTRAP="$CFLAGS_FTRAPV $CFLAGS_ASAN $CFLAGS_UBSAN"
+CFLAGS_CONSTTIME="$CFLAGS_FWRAPV"
+
+mulodi_fixes_ftrapv=no
+if test "$have_clang" = "yes"; then
+ saved_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS $CFLAGS_FTRAPV"
+ AC_MSG_CHECKING([whether clang -ftrapv can link a 64-bit int multiply])
+ AC_LINK_IFELSE([
+ AC_LANG_SOURCE([[
+ #include <stdint.h>
+ #include <stdlib.h>
+ int main(int argc, char **argv)
+ {
+ int64_t x = ((int64_t)atoi(argv[1])) * (int64_t)atoi(argv[2])
+ * (int64_t)atoi(argv[3]);
+ return x == 9;
+ } ]])],
+ [ftrapv_can_link=yes; AC_MSG_RESULT([yes])],
+ [ftrapv_can_link=no; AC_MSG_RESULT([no])])
+ if test "$ftrapv_can_link" = "no"; then
+ AC_MSG_CHECKING([whether defining __mulodi4 fixes that])
+ AC_LINK_IFELSE([
+ AC_LANG_SOURCE([[
+ #include <stdint.h>
+ #include <stdlib.h>
+ int64_t __mulodi4(int64_t a, int64_t b, int *overflow) {
+ *overflow=0;
+ return a;
+ }
+ int main(int argc, char **argv)
+ {
+ int64_t x = ((int64_t)atoi(argv[1])) * (int64_t)atoi(argv[2])
+ * (int64_t)atoi(argv[3]);
+ return x == 9;
+ } ]])],
+ [mulodi_fixes_ftrapv=yes; AC_MSG_RESULT([yes])],
+ [mulodi_fixes_ftrapv=no; AC_MSG_RESULT([no])])
+ fi
+ CFLAGS="$saved_CFLAGS"
fi
+AM_CONDITIONAL(ADD_MULODI4, test "$mulodi_fixes_ftrapv" = "yes")
+
+dnl These cflags add bunches of branches, and we haven't been able to
+dnl persuade ourselves that they're suitable for code that needs to be
+dnl constant time.
+AC_SUBST(CFLAGS_BUGTRAP)
+dnl These cflags are variant ones sutable for code that needs to be
+dnl constant-time.
+AC_SUBST(CFLAGS_CONSTTIME)
+
if test "x$enable_linker_hardening" != "xno"; then
TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
fi
@@ -827,6 +903,7 @@ dnl Check for libscrypt
if test "x$enable_libscrypt" != "xno"; then
AC_CHECK_HEADERS([libscrypt.h])
AC_SEARCH_LIBS(libscrypt_scrypt, [scrypt])
+ AC_CHECK_FUNCS([libscrypt_scrypt])
fi
dnl ============================================================
@@ -936,64 +1013,57 @@ AC_SUBST(CURVE25519_LIBS)
dnl Make sure to enable support for large off_t if available.
AC_SYS_LARGEFILE
-AC_CHECK_HEADERS(
- assert.h \
- errno.h \
- fcntl.h \
- signal.h \
- string.h \
- sys/capability.h \
- sys/fcntl.h \
- sys/stat.h \
- sys/time.h \
- sys/types.h \
- time.h \
- unistd.h
- , , AC_MSG_WARN(Some headers were not found, compilation may fail. If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
-
-dnl These headers are not essential
-
-AC_CHECK_HEADERS(
- arpa/inet.h \
- crt_externs.h \
- execinfo.h \
- grp.h \
- ifaddrs.h \
- inttypes.h \
- limits.h \
- linux/types.h \
- machine/limits.h \
- malloc.h \
- malloc/malloc.h \
- malloc_np.h \
- netdb.h \
- netinet/in.h \
- netinet/in6.h \
- pwd.h \
- readpassphrase.h \
- stdint.h \
- sys/eventfd.h \
- sys/file.h \
- sys/ioctl.h \
- sys/limits.h \
- sys/mman.h \
- sys/param.h \
- sys/prctl.h \
- sys/resource.h \
- sys/select.h \
- sys/socket.h \
- sys/statvfs.h \
- sys/syscall.h \
- sys/sysctl.h \
- sys/syslimits.h \
- sys/time.h \
- sys/types.h \
- sys/un.h \
- sys/utime.h \
- sys/wait.h \
- syslog.h \
- utime.h
-)
+AC_CHECK_HEADERS([assert.h \
+ errno.h \
+ fcntl.h \
+ signal.h \
+ string.h \
+ sys/capability.h \
+ sys/fcntl.h \
+ sys/stat.h \
+ sys/time.h \
+ sys/types.h \
+ time.h \
+ unistd.h \
+ arpa/inet.h \
+ crt_externs.h \
+ execinfo.h \
+ grp.h \
+ ifaddrs.h \
+ inttypes.h \
+ limits.h \
+ linux/types.h \
+ machine/limits.h \
+ malloc.h \
+ malloc/malloc.h \
+ malloc_np.h \
+ netdb.h \
+ netinet/in.h \
+ netinet/in6.h \
+ pwd.h \
+ readpassphrase.h \
+ stdint.h \
+ sys/eventfd.h \
+ sys/file.h \
+ sys/ioctl.h \
+ sys/limits.h \
+ sys/mman.h \
+ sys/param.h \
+ sys/prctl.h \
+ sys/resource.h \
+ sys/select.h \
+ sys/socket.h \
+ sys/statvfs.h \
+ sys/syscall.h \
+ sys/sysctl.h \
+ sys/syslimits.h \
+ sys/time.h \
+ sys/types.h \
+ sys/un.h \
+ sys/utime.h \
+ sys/wait.h \
+ syslog.h \
+ utime.h])
AC_CHECK_HEADERS(sys/param.h)
@@ -1570,6 +1640,12 @@ else
enable_gcc_warnings_advisory=no
fi
+# Warnings implies advisory-warnings and -Werror.
+if test "$enable_gcc_warnings" = "yes"; then
+ enable_gcc_warnings_advisory=yes
+ enable_fatal_warnings=yes
+fi
+
# OS X Lion started deprecating the system openssl. Let's just disable
# all deprecation warnings on OS X. Also, to potentially make the binary
# a little smaller, let's enable dead_strip.
@@ -1582,8 +1658,7 @@ esac
# Add some more warnings which we use in development but not in the
# released versions. (Some relevant gcc versions can't handle these.)
-if test "x$enable_gcc_warnings" = "xyes" ||
- test "x$enable_gcc_warnings_advisory" = "xyes"; then
+if test "x$enable_gcc_warnings_advisory" != "xno"; then
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
#if !defined(__GNUC__) || (__GNUC__ < 4)
@@ -1605,7 +1680,6 @@ if test "x$enable_gcc_warnings" = "xyes" ||
#error
#endif])], have_gcc46=yes, have_gcc46=no)
-
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -Wshorten-64-to-32"
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [])], have_shorten64_flag=yes,
@@ -1627,10 +1701,6 @@ if test "x$enable_gcc_warnings" = "xyes" ||
CFLAGS="$CFLAGS -Wwrite-strings -Wmissing-declarations -Wredundant-decls"
CFLAGS="$CFLAGS -Wnested-externs -Wbad-function-cast -Wswitch-enum"
- if test "x$enable_gcc_warnings" = "xyes"; then
- CFLAGS="$CFLAGS -Werror"
- fi
-
# Disabled, so we can use mallinfo(): -Waggregate-return
if test "x$have_gcc4" = "xyes"; then
@@ -1667,7 +1737,11 @@ if test "x$enable_gcc_warnings" = "xyes" ||
CFLAGS="$CFLAGS -Wshorten-64-to-32"
fi
-
+ if test "x$enable_fatal_warnings" = "xyes"; then
+ # I'd like to use TOR_CHECK_CFLAGS here, but I can't, since the
+ # default autoconf programs are full of errors.
+ CFLAGS="$CFLAGS -Werror"
+ fi
##This will break the world on some 64-bit architectures
# CFLAGS="$CFLAGS -Winline"
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion