diff options
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 1002 |
1 files changed, 723 insertions, 279 deletions
diff --git a/configure.ac b/configure.ac index 55ace93cbc..d2682944fb 100644 --- a/configure.ac +++ b/configure.ac @@ -1,21 +1,22 @@ dnl Copyright (c) 2001-2004, Roger Dingledine dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson -dnl Copyright (c) 2007-2015, The Tor Project, Inc. +dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.2.8.15-dev]) +AC_INIT([tor],[0.3.2.1-alpha-dev]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) # "foreign" means we don't follow GNU package layout standards # "1.11" means we require automake version 1.11 or newer # "subdir-objects" means put .o files in the same directory as the .c files -AM_INIT_AUTOMAKE([foreign 1.11 subdir-objects]) +AM_INIT_AUTOMAKE([foreign 1.11 subdir-objects -Wall -Werror]) m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) AC_CONFIG_HEADERS([orconfig.h]) +AC_USE_SYSTEM_EXTENSIONS AC_CANONICAL_HOST PKG_PROG_PKG_CONFIG @@ -30,11 +31,8 @@ fi # the += operator on it in src/or/Makefile.am CPPFLAGS="$CPPFLAGS -I\${top_srcdir}/src/common" -#XXXX020 We should make these enabled or not, before 0.2.0.x-final AC_ARG_ENABLE(openbsd-malloc, AS_HELP_STRING(--enable-openbsd-malloc, [use malloc code from OpenBSD. Linux only])) -AC_ARG_ENABLE(instrument-downloads, - AS_HELP_STRING(--enable-instrument-downloads, [instrument downloads of directory resources etc.])) AC_ARG_ENABLE(static-openssl, AS_HELP_STRING(--enable-static-openssl, [link against a static openssl library. Requires --with-openssl-dir])) AC_ARG_ENABLE(static-libevent, @@ -51,6 +49,16 @@ AC_ARG_ENABLE(asserts-in-tests, AS_HELP_STRING(--disable-asserts-in-tests, [disable tor_assert() calls in the unit tests, for branch coverage])) AC_ARG_ENABLE(system-torrc, AS_HELP_STRING(--disable-system-torrc, [don't look for a system-wide torrc file])) +AC_ARG_ENABLE(libfuzzer, + AS_HELP_STRING(--enable-libfuzzer, [build extra fuzzers based on 'libfuzzer'])) +AC_ARG_ENABLE(oss-fuzz, + AS_HELP_STRING(--enable-oss-fuzz, [build extra fuzzers based on 'oss-fuzz' environment])) +AC_ARG_ENABLE(memory-sentinels, + AS_HELP_STRING(--disable-memory-sentinels, [disable code that tries to prevent some kinds of memory access bugs. For fuzzing only.])) +AC_ARG_ENABLE(rust, + AS_HELP_STRING(--enable-rust, [enable rust integration])) +AC_ARG_ENABLE(cargo-online-mode, + AS_HELP_STRING(--enable-cargo-online-mode, [Allow cargo to make network requests to fetch crates. For builds with rust only.])) if test "x$enable_coverage" != "xyes" -a "x$enable_asserts_in_tests" = "xno" ; then AC_MSG_ERROR([Can't disable assertions outside of coverage build]) @@ -59,6 +67,9 @@ fi AM_CONDITIONAL(UNITTESTS_ENABLED, test "x$enable_unittests" != "xno") AM_CONDITIONAL(COVERAGE_ENABLED, test "x$enable_coverage" = "xyes") AM_CONDITIONAL(DISABLE_ASSERTS_IN_UNIT_TESTS, test "x$enable_asserts_in_tests" = "xno") +AM_CONDITIONAL(LIBFUZZER_ENABLED, test "x$enable_libfuzzer" = "xyes") +AM_CONDITIONAL(OSS_FUZZ_ENABLED, test "x$enable_oss_fuzz" = "xyes") +AM_CONDITIONAL(USE_RUST, test "x$enable_rust" = "xyes") if test "$enable_static_tor" = "yes"; then enable_static_libevent="yes"; @@ -72,19 +83,12 @@ if test "$enable_system_torrc" = "no"; then [Defined if we're not going to look for a torrc in SYSCONF]) fi -AM_CONDITIONAL(USE_OPENBSD_MALLOC, test "x$enable_openbsd_malloc" = "xyes") -if test "x$enable_instrument_downloads" = "xyes"; then - AC_DEFINE(INSTRUMENT_DOWNLOADS, 1, - [Defined if we want to keep track of how much of each kind of resource we download.]) +if test "$enable_memory_sentinels" = "no"; then + AC_DEFINE(DISABLE_MEMORY_SENTINELS, 1, + [Defined if we're turning off memory safety code to look for bugs]) fi -AC_ARG_ENABLE(transparent, - AS_HELP_STRING(--disable-transparent, [disable transparent proxy support]), - [case "${enableval}" in - "yes") transparent=true ;; - "no") transparent=false ;; - *) AC_MSG_ERROR(bad value for --enable-transparent) ;; - esac], [transparent=true]) +AM_CONDITIONAL(USE_OPENBSD_MALLOC, test "x$enable_openbsd_malloc" = "xyes") AC_ARG_ENABLE(asciidoc, AS_HELP_STRING(--disable-asciidoc, [don't use asciidoc (disables building of manpages)]), @@ -143,16 +147,24 @@ case "$host" in esac AC_ARG_ENABLE(gcc-warnings, - AS_HELP_STRING(--enable-gcc-warnings, [enable verbose warnings])) + AS_HELP_STRING(--enable-gcc-warnings, [deprecated alias for enable-fatal-warnings])) +AC_ARG_ENABLE(fatal-warnings, + AS_HELP_STRING(--enable-fatal-warnings, [tell the compiler to treat all warnings as errors.])) AC_ARG_ENABLE(gcc-warnings-advisory, - AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror])) + AS_HELP_STRING(--disable-gcc-warnings-advisory, [disable the regular verbose warnings])) dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows AC_ARG_ENABLE(gcc-hardening, AS_HELP_STRING(--disable-gcc-hardening, [disable compiler security checks])) +dnl Deprecated --enable-expensive-hardening but keep it for now for backward compat. AC_ARG_ENABLE(expensive-hardening, - AS_HELP_STRING(--enable-expensive-hardening, [enable more expensive compiler hardening; makes Tor slower])) + AS_HELP_STRING(--enable-expensive-hardening, [enable more fragile and expensive compiler hardening; makes Tor slower])) +AC_ARG_ENABLE(fragile-hardening, + AS_HELP_STRING(--enable-fragile-hardening, [enable more fragile and expensive compiler hardening; makes Tor slower])) +if test "x$enable_expensive_hardening" = "xyes" || test "x$enable_fragile_hardening" = "xyes"; then + fragile_hardening="yes" +fi dnl Linker hardening options dnl Currently these options are ELF specific - you can't use this with MacOSX @@ -173,9 +185,6 @@ AC_ARG_ENABLE(tor2web-mode, CFLAGS="$CFLAGS -D ENABLE_TOR2WEB_MODE=1" fi]) -AC_ARG_ENABLE(bufferevents, - AS_HELP_STRING(--enable-bufferevents, [use Libevent's buffered IO])) - AC_ARG_ENABLE(tool-name-check, AS_HELP_STRING(--disable-tool-name-check, [check for sanely named toolchain when cross-compiling])) @@ -185,11 +194,25 @@ AC_ARG_ENABLE(seccomp, AC_ARG_ENABLE(libscrypt, AS_HELP_STRING(--disable-libscrypt, [do not attempt to use libscrypt])) -dnl check for the correct "ar" when cross-compiling -AN_MAKEVAR([AR], [AC_PROG_AR]) -AN_PROGRAM([ar], [AC_PROG_AR]) -AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [ar])]) -AC_PROG_AR +dnl Enable event tracing which are transformed to debug log statement. +AC_ARG_ENABLE(event-tracing-debug, + AS_HELP_STRING(--enable-event-tracing-debug, [build with event tracing to debug log])) +AM_CONDITIONAL([USE_EVENT_TRACING_DEBUG], [test "x$enable_event_tracing_debug" = "xyes"]) + +if test x$enable_event_tracing_debug = xyes; then + AC_DEFINE([USE_EVENT_TRACING_DEBUG], [1], [Tracing framework to log debug]) + AC_DEFINE([TOR_EVENT_TRACING_ENABLED], [1], [Compile the event tracing instrumentation]) +fi + +dnl check for the correct "ar" when cross-compiling. +dnl (AM_PROG_AR was new in automake 1.11.2, which we do not yet require, +dnl so kludge up a replacement for the case where it isn't there yet.) +m4_ifdef([AM_PROG_AR], + [AM_PROG_AR], + [AN_MAKEVAR([AR], [AC_PROG_AR]) + AN_PROGRAM([ar], [AC_PROG_AR]) + AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL([AR], [ar], [:])]) + AC_PROG_AR]) dnl Check whether the above macro has settled for a simply named tool even dnl though we're cross compiling. We must do this before running AC_PROG_CC, @@ -209,11 +232,11 @@ AC_PROG_CC AC_PROG_CPP AC_PROG_MAKE_SET AC_PROG_RANLIB +AC_PROG_SED -AC_PATH_PROG([PERL], [perl]) - -dnl autoconf 2.59 appears not to support AC_PROG_SED -AC_CHECK_PROG([SED],[sed],[sed],[/bin/false]) +AC_ARG_VAR([PERL], [path to Perl binary]) +AC_CHECK_PROGS([PERL], [perl]) +AM_CONDITIONAL(USE_PERL, [test "x$ac_cv_prog_PERL" != "x"]) dnl check for asciidoc and a2x AC_PATH_PROG([ASCIIDOC], [asciidoc], none) @@ -221,9 +244,6 @@ AC_PATH_PROGS([A2X], [a2x a2x.py], none) AM_CONDITIONAL(USE_ASCIIDOC, test "x$asciidoc" = "xtrue") -AM_CONDITIONAL(USE_FW_HELPER, test "x$natpmp" = "xtrue" || test "x$upnp" = "xtrue") -AM_CONDITIONAL(NAT_PMP, test "x$natpmp" = "xtrue") -AM_CONDITIONAL(MINIUPNPC, test "x$upnp" = "xtrue") AM_PROG_CC_C_O AC_PROG_CC_C99 @@ -234,6 +254,10 @@ if test "x$PYTHON" = "x"; then fi AM_CONDITIONAL(USEPYTHON, [test "x$PYTHON" != "x"]) +dnl List all external rust crates we depend on here. Include the version +rust_crates="libc-0.2.22" +AC_SUBST(rust_crates) + ifdef([AC_C_FLEXIBLE_ARRAY_MEMBER], [ AC_C_FLEXIBLE_ARRAY_MEMBER ], [ @@ -369,6 +393,73 @@ fi AC_C_BIGENDIAN +if test "x$enable_rust" = "xyes"; then + AC_ARG_VAR([RUSTC], [path to the rustc binary]) + AC_CHECK_PROG([RUSTC], [rustc], [rustc],[no]) + if test "x$RUSTC" = "xno"; then + AC_MSG_ERROR([rustc unavailable but rust integration requested.]) + fi + + AC_ARG_VAR([CARGO], [path to the cargo binary]) + AC_CHECK_PROG([CARGO], [cargo], [cargo],[no]) + if test "x$CARGO" = "xno"; then + AC_MSG_ERROR([cargo unavailable but rust integration requested.]) + fi + + AC_DEFINE([HAVE_RUST], 1, [have Rust]) + if test "x$enable_cargo_online_mode" = "xyes"; then + CARGO_ONLINE= + RUST_DL=# + else + CARGO_ONLINE=--frozen + RUST_DL= + + dnl When we're not allowed to touch the network, we need crate dependencies + dnl locally available. + AC_MSG_CHECKING([rust crate dependencies]) + AC_ARG_VAR([RUST_DEPENDENCIES], [path to directory with local crate mirror]) + if test "x$RUST_DEPENDENCIES" = "x"; then + RUST_DEPENDENCIES="$srcdir/src/ext/rust/" + NEED_MOD=1 + fi + if test ! -d "$RUST_DEPENDENCIES"; then + AC_MSG_ERROR([Rust dependency directory $RUST_DEPENDENCIES does not exist. Specify a dependency directory using the RUST_DEPENDENCIES variable or allow cargo to fetch crates using --enable-cargo-online-mode.]) + fi + for dep in $rust_crates; do + if test ! -d "$RUST_DEPENDENCIES"/"$dep"; then + AC_MSG_ERROR([Failure to find rust dependency $RUST_DEPENDENCIES/$dep. Specify a dependency directory using the RUST_DEPENDENCIES variable or allow cargo to fetch crates using --enable-cargo-online-mode.]) + fi + done + if test "x$NEED_MOD" = "x1"; then + dnl When looking for dependencies from cargo, pick right directory + RUST_DEPENDENCIES="../../src/ext/rust" + fi + fi + + dnl For now both MSVC and MinGW rust libraries will output static libs with + dnl the MSVC naming convention. + if test "$bwin32" = "true"; then + TOR_RUST_UTIL_STATIC_NAME=tor_util.lib + else + TOR_RUST_UTIL_STATIC_NAME=libtor_util.a + fi + + AC_SUBST(TOR_RUST_UTIL_STATIC_NAME) + AC_SUBST(CARGO_ONLINE) + AC_SUBST(RUST_DL) + + dnl Let's check the rustc version, too + AC_MSG_CHECKING([rust version]) + RUSTC_VERSION_MAJOR=`$RUSTC --version | cut -d ' ' -f 2 | cut -d '.' -f 1` + RUSTC_VERSION_MINOR=`$RUSTC --version | cut -d ' ' -f 2 | cut -d '.' -f 2` + if test "x$RUSTC_VERSION_MAJOR" = "x" -o "x$RUSTC_VERSION_MINOR" = "x"; then + AC_MSG_ERROR([rustc version couldn't be identified]) + fi + if test "$RUSTC_VERSION_MAJOR" -lt 2 -a "$RUSTC_VERSION_MINOR" -lt 14; then + AC_MSG_ERROR([rustc must be at least version 1.14]) + fi +fi + AC_SEARCH_LIBS(socket, [socket network]) AC_SEARCH_LIBS(gethostbyname, [nsl]) AC_SEARCH_LIBS(dlopen, [dl]) @@ -399,6 +490,7 @@ AC_CHECK_FUNCS( timingsafe_memcmp \ flock \ ftime \ + get_current_dir_name \ getaddrinfo \ getifaddrs \ getpass \ @@ -430,6 +522,7 @@ AC_CHECK_FUNCS( strtoull \ sysconf \ sysctl \ + truncate \ uname \ usleep \ vasprintf \ @@ -441,19 +534,19 @@ AC_CHECK_FUNCS( # checks. So we should only probe for those functions if we are sure that we # are not targetting OSX 10.11 or earlier. AC_MSG_CHECKING([for a pre-Sierra OSX build target]) -AC_TRY_COMPILE([ +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #ifdef __APPLE__ # include <AvailabilityMacros.h> -# ifndef MAC_OS_VERSION_10_12 -# define MAC_OS_VERSION_10_12 101200 +# ifndef MAC_OS_X_VERSION_10_12 +# define MAC_OS_X_VERSION_10_12 101200 # endif # if defined(MAC_OS_X_VERSION_MIN_REQUIRED) -# if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_VERSION_10_12 +# if MAC_OS_X_VERSION_MIN_REQUIRED < MAC_OS_X_VERSION_10_12 # error "Running on Mac OSX 10.11 or earlier" # endif # endif #endif -], [], +]], [[]])], [on_macos_pre_10_12=no ; AC_MSG_RESULT([no])], [on_macos_pre_10_12=yes; AC_MSG_RESULT([yes])]) @@ -490,13 +583,16 @@ if test "$bwin32" = "true"; then # Some of the cargo-cults recommend -lwsock32 as well, but I don't # think it's actually necessary. TOR_LIB_GDI=-lgdi32 + TOR_LIB_USERENV=-luserenv else TOR_LIB_WS32= TOR_LIB_GDI= + TOR_LIB_USERENV= fi AC_SUBST(TOR_LIB_WS32) AC_SUBST(TOR_LIB_GDI) AC_SUBST(TOR_LIB_IPHLPAPI) +AC_SUBST(TOR_LIB_USERENV) tor_libevent_pkg_redhat="libevent" tor_libevent_pkg_debian="libevent-dev" @@ -518,40 +614,30 @@ TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $STATIC_LIBEVENT_FLAGS $T #endif #include <sys/time.h> #include <sys/types.h> -#include <event.h>], [ +#include <event2/event.h>], [ #ifdef _WIN32 #include <winsock2.h> #endif -void *event_init(void);], +struct event_base; +struct event_base *event_base_new(void);], [ #ifdef _WIN32 {WSADATA d; WSAStartup(0x101,&d); } #endif -event_init(); +event_base_new(); ], [--with-libevent-dir], [/opt/libevent]) -dnl Now check for particular libevent functions. +dnl Determine the incantation needed to link libevent. save_LIBS="$LIBS" save_LDFLAGS="$LDFLAGS" save_CPPFLAGS="$CPPFLAGS" -LIBS="-levent $STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $LIBS" + +LIBS="$STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $save_LIBS" LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS" CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS" -AC_CHECK_FUNCS([event_get_version_number \ - evutil_secure_rng_set_urandom_device_file \ - evutil_secure_rng_init \ - ]) -AC_CHECK_MEMBERS([struct event.min_heap_idx], , , -[#include <event.h> -]) AC_CHECK_HEADERS(event2/event.h event2/dns.h event2/bufferevent_ssl.h) -LIBS="$STATIC_LIBEVENT_FLAGS $TOR_LIB_WS32 $save_LIBS" - -AM_CONDITIONAL(USE_EXTERNAL_EVDNS, - test "x$ac_cv_header_event2_dns_h" = "xyes") - if test "$enable_static_libevent" = "yes"; then if test "$tor_cv_library_libevent_dir" = "(system)"; then AC_MSG_ERROR("You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent") @@ -570,67 +656,39 @@ else TOR_LIBEVENT_LIBS="$ac_cv_search_evdns_base_new $TOR_LIBEVENT_LIBS" fi else - TOR_LIBEVENT_LIBS="-levent" + AC_MSG_ERROR("libevent2 is required but the headers could not be found") fi fi +dnl Now check for particular libevent functions. +AC_CHECK_FUNCS([evutil_secure_rng_set_urandom_device_file \ + evutil_secure_rng_add_bytes \ +]) + LIBS="$save_LIBS" LDFLAGS="$save_LDFLAGS" CPPFLAGS="$save_CPPFLAGS" -dnl This isn't the best test for Libevent 2.0.3-alpha. Once it's released, -dnl we can do much better. -if test "$enable_bufferevents" = "yes"; then - if test "$ac_cv_header_event2_bufferevent_ssl_h" != "yes"; then - AC_MSG_ERROR([You've asked for bufferevent support, but you're using a version of Libevent without SSL support. This won't work. We need Libevent 2.0.8-rc or later, and you don't seem to even have Libevent 2.0.3-alpha.]) - else - - CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent" - - # Check for the right version. First see if version detection works. - AC_MSG_CHECKING([whether we can detect the Libevent version]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([ -#include <event2/event.h> -#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 10 -#error -int x = y(zz); -#else -int x = 1; -#endif - ])], [event_version_number_works=yes; AC_MSG_RESULT([yes]) ], - [event_version_number_works=no; AC_MSG_RESULT([no])]) - if test "$event_version_number_works" != "yes"; then - AC_MSG_WARN([Version detection on Libevent seems broken. Your Libevent installation is probably screwed up or very old.]) - else - AC_MSG_CHECKING([whether Libevent is new enough for bufferevents]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([ +dnl Check that libevent is at least at version 2.0.10, the first stable +dnl release of its series +CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent" +AC_MSG_CHECKING([whether Libevent is new enough]) +AC_COMPILE_IFELSE([AC_LANG_SOURCE([ #include <event2/event.h> -#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 0x02000d00 +#if !defined(LIBEVENT_VERSION_NUMBER) || LIBEVENT_VERSION_NUMBER < 0x02000a00 #error int x = y(zz); #else int x = 1; #endif - ])], [ AC_MSG_RESULT([yes]) ], - [ AC_MSG_RESULT([no]) - AC_MSG_ERROR([Libevent does not seem new enough to support bufferevents. We require 2.0.13-stable or later]) ] ) - fi - fi -fi +])], [ AC_MSG_RESULT([yes]) ], + [ AC_MSG_RESULT([no]) + AC_MSG_ERROR([Libevent is not new enough. We require 2.0.10-stable or later]) ] ) LIBS="$save_LIBS" LDFLAGS="$save_LDFLAGS" CPPFLAGS="$save_CPPFLAGS" -AM_CONDITIONAL(USE_BUFFEREVENTS, test "$enable_bufferevents" = "yes") -if test "$enable_bufferevents" = "yes"; then - AC_DEFINE(USE_BUFFEREVENTS, 1, [Defined if we're going to use Libevent's buffered IO API]) - if test "$enable_static_libevent" = "yes"; then - TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent_openssl.a $TOR_LIBEVENT_LIBS" - else - TOR_LIBEVENT_LIBS="-levent_openssl $TOR_LIBEVENT_LIBS" - fi -fi AC_SUBST(TOR_LIBEVENT_LIBS) dnl ------------------------------------------------------ @@ -664,11 +722,12 @@ AC_ARG_WITH(ssl-dir, fi ]) +AC_MSG_NOTICE([Now, we'll look for OpenSSL >= 1.0.1]) TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI], - [#include <openssl/rand.h>], - [void RAND_add(const void *buf, int num, double entropy);], - [RAND_add((void*)0,0,0);], [], - [/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl]) + [#include <openssl/ssl.h>], + [struct ssl_method_st; const struct ssl_method_st *TLSv1_1_method(void);], + [TLSv1_1_method();], [], + [/usr/local/opt/openssl /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl]) dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay() @@ -691,16 +750,16 @@ LIBS="$TOR_OPENSSL_LIBS $LIBS" LDFLAGS="$TOR_LDFLAGS_openssl $LDFLAGS" CPPFLAGS="$TOR_CPPFLAGS_openssl $CPPFLAGS" -AC_TRY_COMPILE([ +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <openssl/opensslv.h> -#if OPENSSL_VERSION_NUMBER < 0x1000000fL +#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1000100fL #error "too old" #endif - ], [], + ]], [[]])], [ : ], - [ AC_ERROR([OpenSSL is too old. We require 1.0.0 or later. You can specify a path to a newer one with --with-openssl-dir.]) ]) + [ AC_MSG_ERROR([OpenSSL is too old. We require 1.0.1 or later. You can specify a path to a newer one with --with-openssl-dir.]) ]) -AC_TRY_COMPILE([ +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <openssl/opensslv.h> #include <openssl/evp.h> #if defined(OPENSSL_NO_EC) || defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_ECDSA) @@ -709,9 +768,9 @@ AC_TRY_COMPILE([ #if !defined(NID_X9_62_prime256v1) || !defined(NID_secp224r1) #error "curves unavailable" #endif - ], [], + ]], [[]])], [ : ], - [ AC_ERROR([OpenSSL is built without full ECC support, including curves P256 and P224. You can specify a path to one with ECC support with --with-openssl-dir.]) ]) + [ AC_MSG_ERROR([OpenSSL is built without full ECC support, including curves P256 and P224. You can specify a path to one with ECC support with --with-openssl-dir.]) ]) AC_CHECK_MEMBERS([struct ssl_method_st.get_cipher_by_char], , , [#include <openssl/ssl.h> @@ -729,6 +788,39 @@ AC_CHECK_FUNCS([ \ dnl Check if OpenSSL has scrypt implementation. AC_CHECK_FUNCS([ EVP_PBE_scrypt ]) +dnl Check if OpenSSL structures are opaque +AC_CHECK_MEMBERS([SSL.state], , , +[#include <openssl/ssl.h> +]) + +dnl Define the set of checks for KIST scheduler support. +AC_DEFUN([CHECK_KIST_SUPPORT],[ + dnl KIST needs struct tcp_info and for certain members to exist. + AC_CHECK_MEMBERS( + [struct tcp_info.tcpi_unacked, struct tcp_info.tcpi_snd_mss], + , ,[[#include <netinet/tcp.h>]]) + dnl KIST needs SIOCOUTQNSD to exist for an ioctl call. + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ + #include <linux/sockios.h> + #ifndef SIOCOUTQNSD + #error + #endif + ])], have_siocoutqnsd=yes, have_siocoutqnsd=no) + if test "x$have_siocoutqnsd" = "xyes"; then + if test "x$ac_cv_member_struct_tcp_info_tcpi_unacked" = "xyes"; then + if test "x$ac_cv_member_struct_tcp_info_tcpi_snd_mss" = "xyes"; then + have_kist_support=yes + fi + fi + fi +]) +dnl Now, trigger the check. +CHECK_KIST_SUPPORT +AS_IF([test "x$have_kist_support" = "xyes"], + [AC_DEFINE(HAVE_KIST_SUPPORT, 1, [Defined if KIST scheduler is supported + on this system])], + [AC_MSG_NOTICE([KIST scheduler can't be used. Missing support.])]) + LIBS="$save_LIBS" LDFLAGS="$save_LDFLAGS" CPPFLAGS="$save_CPPFLAGS" @@ -759,6 +851,70 @@ else fi AC_SUBST(TOR_ZLIB_LIBS) +dnl ------------------------------------------------------ +dnl Where we do we find lzma? + +AC_ARG_ENABLE(lzma, + AS_HELP_STRING(--enable-lzma, [enable support for the LZMA compression scheme.]), + [case "${enableval}" in + "yes") lzma=true ;; + "no") lzma=false ;; + * ) AC_MSG_ERROR(bad value for --enable-lzma) ;; + esac], [lzma=auto]) + +if test "x$enable_lzma" = "xno"; then + have_lzma=no; +else + PKG_CHECK_MODULES([LZMA], + [liblzma], + have_lzma=yes, + have_lzma=no) + + if test "x$have_lzma" = "xno" ; then + AC_MSG_WARN([Unable to find liblzma.]) + fi +fi + +if test "x$have_lzma" = "xyes"; then + AC_DEFINE(HAVE_LZMA,1,[Have LZMA]) + TOR_LZMA_CFLAGS="${LZMA_CFLAGS}" + TOR_LZMA_LIBS="${LZMA_LIBS}" +fi +AC_SUBST(TOR_LZMA_CFLAGS) +AC_SUBST(TOR_LZMA_LIBS) + +dnl ------------------------------------------------------ +dnl Where we do we find zstd? + +AC_ARG_ENABLE(zstd, + AS_HELP_STRING(--enable-zstd, [enable support for the Zstandard compression scheme.]), + [case "${enableval}" in + "yes") zstd=true ;; + "no") zstd=false ;; + * ) AC_MSG_ERROR(bad value for --enable-zstd) ;; + esac], [zstd=auto]) + +if test "x$enable_zstd" = "xno"; then + have_zstd=no; +else + PKG_CHECK_MODULES([ZSTD], + [libzstd >= 1.1], + have_zstd=yes, + have_zstd=no) + + if test "x$have_zstd" = "xno" ; then + AC_MSG_WARN([Unable to find libzstd.]) + fi +fi + +if test "x$have_zstd" = "xyes"; then + AC_DEFINE(HAVE_ZSTD,1,[Have Zstd]) + TOR_ZSTD_CFLAGS="${ZSTD_CFLAGS}" + TOR_ZSTD_LIBS="${ZSTD_LIBS}" +fi +AC_SUBST(TOR_ZSTD_CFLAGS) +AC_SUBST(TOR_ZSTD_LIBS) + dnl ---------------------------------------------------------------------- dnl Check if libcap is available for capabilities. @@ -779,7 +935,13 @@ dnl since sometimes the linker will like an option but not be willing to dnl use it with a build of a library. all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl $TOR_LDFLAGS_libevent" -all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI $TOR_CAP_LIBS" +all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS $TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI $TOR_LIB_USERENV $TOR_CAP_LIBS" + +CFLAGS_FTRAPV= +CFLAGS_FWRAPV= +CFLAGS_ASAN= +CFLAGS_UBSAN= + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ #if !defined(__clang__) @@ -803,20 +965,89 @@ m4_ifdef([AS_VAR_IF],[ AS_VAR_POPDEF([can_link]) AS_VAR_POPDEF([can_compile]) TOR_CHECK_CFLAGS(-Wstack-protector) - TOR_CHECK_CFLAGS(-fwrapv) TOR_CHECK_CFLAGS(--param ssp-buffer-size=1) - if test "$bwin32" = "false"; then + if test "$bwin32" = "false" && test "$enable_libfuzzer" != "yes" && test "$enable_oss_fuzz" != "yes"; then TOR_CHECK_CFLAGS(-fPIE) TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check") fi + TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true) fi -if test "x$enable_expensive_hardening" = "xyes"; then - TOR_CHECK_CFLAGS([-fsanitize=address]) - TOR_CHECK_CFLAGS([-fsanitize=undefined]) - TOR_CHECK_CFLAGS([-fno-omit-frame-pointer]) +if test "$fragile_hardening" = "yes"; then + TOR_TRY_COMPILE_WITH_CFLAGS(-ftrapv, also_link, CFLAGS_FTRAPV="-ftrapv", true) + if test "$tor_cv_cflags__ftrapv" = "yes" && test "$tor_can_link__ftrapv" != "yes"; then + AC_MSG_WARN([The compiler supports -ftrapv, but for some reason I was not able to link with -ftrapv. Are you missing run-time support? Run-time hardening will not work as well as it should.]) + fi + + if test "$tor_cv_cflags__ftrapv" != "yes"; then + AC_MSG_ERROR([You requested fragile hardening, but the compiler does not seem to support -ftrapv.]) + fi + + TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=address], also_link, CFLAGS_ASAN="-fsanitize=address", true) + if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then + AC_MSG_ERROR([The compiler supports -fsanitize=address, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libubsan.so, and with Clang you need libclang_rt.ubsan*]) + fi + + TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=undefined], also_link, CFLAGS_UBSAN="-fsanitize=undefined", true) + if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then + AC_MSG_ERROR([The compiler supports -fsanitize=undefined, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libasan.so, and with Clang you need libclang_rt.ubsan*]) + fi + +TOR_CHECK_CFLAGS([-fno-omit-frame-pointer]) +fi + +CFLAGS_BUGTRAP="$CFLAGS_FTRAPV $CFLAGS_ASAN $CFLAGS_UBSAN" +CFLAGS_CONSTTIME="$CFLAGS_FWRAPV" + +mulodi_fixes_ftrapv=no +if test "$have_clang" = "yes"; then + saved_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $CFLAGS_FTRAPV" + AC_MSG_CHECKING([whether clang -ftrapv can link a 64-bit int multiply]) + AC_LINK_IFELSE([ + AC_LANG_SOURCE([[ + #include <stdint.h> + #include <stdlib.h> + int main(int argc, char **argv) + { + int64_t x = ((int64_t)atoi(argv[1])) * (int64_t)atoi(argv[2]) + * (int64_t)atoi(argv[3]); + return x == 9; + } ]])], + [ftrapv_can_link=yes; AC_MSG_RESULT([yes])], + [ftrapv_can_link=no; AC_MSG_RESULT([no])]) + if test "$ftrapv_can_link" = "no"; then + AC_MSG_CHECKING([whether defining __mulodi4 fixes that]) + AC_LINK_IFELSE([ + AC_LANG_SOURCE([[ + #include <stdint.h> + #include <stdlib.h> + int64_t __mulodi4(int64_t a, int64_t b, int *overflow) { + *overflow=0; + return a; + } + int main(int argc, char **argv) + { + int64_t x = ((int64_t)atoi(argv[1])) * (int64_t)atoi(argv[2]) + * (int64_t)atoi(argv[3]); + return x == 9; + } ]])], + [mulodi_fixes_ftrapv=yes; AC_MSG_RESULT([yes])], + [mulodi_fixes_ftrapv=no; AC_MSG_RESULT([no])]) + fi + CFLAGS="$saved_CFLAGS" fi +AM_CONDITIONAL(ADD_MULODI4, test "$mulodi_fixes_ftrapv" = "yes") + +dnl These cflags add bunches of branches, and we haven't been able to +dnl persuade ourselves that they're suitable for code that needs to be +dnl constant time. +AC_SUBST(CFLAGS_BUGTRAP) +dnl These cflags are variant ones sutable for code that needs to be +dnl constant-time. +AC_SUBST(CFLAGS_CONSTTIME) + if test "x$enable_linker_hardening" != "xno"; then TOR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check") fi @@ -831,7 +1062,7 @@ saved_CFLAGS="$CFLAGS" TOR_CHECK_CFLAGS(-fomit-frame-pointer) F_OMIT_FRAME_POINTER='' if test "$saved_CFLAGS" != "$CFLAGS"; then - if test "x$enable_expensive_hardening" != "xyes"; then + if test "$fragile_hardening" = "yes"; then F_OMIT_FRAME_POINTER='-fomit-frame-pointer' fi fi @@ -969,64 +1200,58 @@ AC_SUBST(CURVE25519_LIBS) dnl Make sure to enable support for large off_t if available. AC_SYS_LARGEFILE -AC_CHECK_HEADERS( - assert.h \ - errno.h \ - fcntl.h \ - signal.h \ - string.h \ - sys/capability.h \ - sys/fcntl.h \ - sys/stat.h \ - sys/time.h \ - sys/types.h \ - time.h \ - unistd.h - , , AC_MSG_WARN(Some headers were not found, compilation may fail. If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.)) - -dnl These headers are not essential - -AC_CHECK_HEADERS( - arpa/inet.h \ - crt_externs.h \ - execinfo.h \ - grp.h \ - ifaddrs.h \ - inttypes.h \ - limits.h \ - linux/types.h \ - machine/limits.h \ - malloc.h \ - malloc/malloc.h \ - malloc_np.h \ - netdb.h \ - netinet/in.h \ - netinet/in6.h \ - pwd.h \ - readpassphrase.h \ - stdint.h \ - sys/eventfd.h \ - sys/file.h \ - sys/ioctl.h \ - sys/limits.h \ - sys/mman.h \ - sys/param.h \ - sys/prctl.h \ - sys/resource.h \ - sys/select.h \ - sys/socket.h \ - sys/statvfs.h \ - sys/syscall.h \ - sys/sysctl.h \ - sys/syslimits.h \ - sys/time.h \ - sys/types.h \ - sys/un.h \ - sys/utime.h \ - sys/wait.h \ - syslog.h \ - utime.h -) +AC_CHECK_HEADERS([assert.h \ + errno.h \ + fcntl.h \ + signal.h \ + string.h \ + sys/capability.h \ + sys/fcntl.h \ + sys/stat.h \ + sys/time.h \ + sys/types.h \ + time.h \ + unistd.h \ + arpa/inet.h \ + crt_externs.h \ + execinfo.h \ + grp.h \ + ifaddrs.h \ + inttypes.h \ + limits.h \ + linux/types.h \ + machine/limits.h \ + malloc.h \ + malloc/malloc.h \ + malloc_np.h \ + netdb.h \ + netinet/in.h \ + netinet/in6.h \ + pwd.h \ + readpassphrase.h \ + stdint.h \ + sys/eventfd.h \ + sys/file.h \ + sys/ioctl.h \ + sys/limits.h \ + sys/mman.h \ + sys/param.h \ + sys/prctl.h \ + sys/random.h \ + sys/resource.h \ + sys/select.h \ + sys/socket.h \ + sys/statvfs.h \ + sys/syscall.h \ + sys/sysctl.h \ + sys/syslimits.h \ + sys/time.h \ + sys/types.h \ + sys/un.h \ + sys/utime.h \ + sys/wait.h \ + syslog.h \ + utime.h]) AC_CHECK_HEADERS(sys/param.h) @@ -1103,26 +1328,20 @@ AC_CHECK_HEADERS(linux/netfilter_ipv6/ip6_tables.h, #include <linux/if.h> #endif]) -if test "x$transparent" = "xtrue"; then - transparent_ok=0 - if test "x$net_if_found" = "x1" && test "x$net_pfvar_found" = "x1"; then - transparent_ok=1 - fi - if test "x$linux_netfilter_ipv4" = "x1"; then - transparent_ok=1 - fi - if test "x$linux_netfilter_ipv6_ip6_tables" = "x1"; then - transparent_ok=1 - fi - if test "x$transparent_ok" = "x1"; then - AC_DEFINE(USE_TRANSPARENT, 1, "Define to enable transparent proxy support") - case "$host" in - *-*-openbsd* | *-*-bitrig*) - AC_DEFINE(OPENBSD, 1, "Define to handle pf on OpenBSD properly") ;; - esac - else - AC_MSG_NOTICE([Transparent proxy support enabled, but missing headers.]) - fi +transparent_ok=0 +if test "x$net_if_found" = "x1" && test "x$net_pfvar_found" = "x1"; then + transparent_ok=1 +fi +if test "x$linux_netfilter_ipv4" = "x1"; then + transparent_ok=1 +fi +if test "x$linux_netfilter_ipv6_ip6_tables" = "x1"; then + transparent_ok=1 +fi +if test "x$transparent_ok" = "x1"; then + AC_DEFINE(USE_TRANSPARENT, 1, "Define to enable transparent proxy support") +else + AC_MSG_NOTICE([Transparent proxy support enabled, but missing headers.]) fi AC_CHECK_MEMBERS([struct timeval.tv_sec], , , @@ -1375,6 +1594,24 @@ if test "$tor_cv_sign_extend" != "no"; then [Define to 1 iff right-shifting a negative value performs sign-extension]) fi +# Is uint8_t the same type as unsigned char? +AC_CACHE_CHECK([whether uint8_t is the same type as unsigned char], tor_cv_uint8_uchar, +[AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ +#include <stdint.h> +extern uint8_t c; +unsigned char c;]])], + [tor_cv_uint8_uchar=yes], + [tor_cv_uint8_uchar=no], + [tor_cv_uint8_uchar=cross])]) + +if test "$tor_cv_uint8_uchar" = "cross"; then + AC_MSG_NOTICE([Cross-compiling: we'll assume that uint8_t is the same type as unsigned char]) +fi + +if test "$tor_cv_uint8_uchar" = "no"; then + AC_MSG_ERROR([We assume that uint8_t is the same type as unsigned char, but your compiler disagrees.]) +fi + # Whether we should use the dmalloc memory allocation debugging library. AC_MSG_CHECKING(whether to use dmalloc (debug memory allocation library)) AC_ARG_WITH(dmalloc, @@ -1424,6 +1661,14 @@ AC_CHECK_DECLS([mlockall], , , [ #include <sys/mman.h> #endif]) +# Some MinGW environments don't have getpagesize in unistd.h. We don't use +# AC_CHECK_FUNCS(getpagesize), because other environments rename getpagesize +# using macros +AC_CHECK_DECLS([getpagesize], , , [ +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif]) + # Allow user to specify an alternate syslog facility AC_ARG_WITH(syslog-facility, AS_HELP_STRING(--with-syslog-facility=LOG, [syslog facility to use (default=LOG_DAEMON)]), @@ -1443,9 +1688,9 @@ AC_CHECK_FUNC(gethostbyname_r, [ AC_MSG_CHECKING([how many arguments gethostbyname_r() wants]) OLD_CFLAGS=$CFLAGS CFLAGS="$CFLAGS $MY_CPPFLAGS $MY_THREAD_CPPFLAGS $MY_CFLAGS" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <netdb.h> - ], [[ + ]], [[ char *cp1, *cp2; struct hostent *h1, *h2; int i1, i2; @@ -1456,27 +1701,27 @@ AC_CHECK_FUNC(gethostbyname_r, [ [Define this if gethostbyname_r takes 6 arguments]) AC_MSG_RESULT(6) ], [ - AC_TRY_COMPILE([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <netdb.h> - ], [ + ]], [[ char *cp1, *cp2; struct hostent *h1; int i1, i2; (void)gethostbyname_r(cp1,h1,cp2,i1,&i2); - ], [ + ]])], [ AC_DEFINE(HAVE_GETHOSTBYNAME_R) AC_DEFINE(HAVE_GETHOSTBYNAME_R_5_ARG, 1, [Define this if gethostbyname_r takes 5 arguments]) AC_MSG_RESULT(5) ], [ - AC_TRY_COMPILE([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <netdb.h> - ], [ + ]], [[ char *cp1; struct hostent *h1; struct hostent_data hd; (void) gethostbyname_r(cp1,h1,&hd); - ], [ + ]])], [ AC_DEFINE(HAVE_GETHOSTBYNAME_R) AC_DEFINE(HAVE_GETHOSTBYNAME_R_3_ARG, 1, [Define this if gethostbyname_r takes 3 arguments]) @@ -1516,9 +1761,6 @@ int main(int c, char **v) { puts(__FUNCTION__); }])], AC_CACHE_CHECK([whether we have extern char **environ already declared], tor_cv_have_environ_declared, AC_COMPILE_IFELSE([AC_LANG_SOURCE([ -/* We define _GNU_SOURCE here because it is also defined in compat.c. - * Without it environ doesn't get declared. */ -#define _GNU_SOURCE #ifdef HAVE_UNISTD_H #include <unistd.h> #endif @@ -1603,6 +1845,12 @@ else enable_gcc_warnings_advisory=no fi +# Warnings implies advisory-warnings and -Werror. +if test "$enable_gcc_warnings" = "yes"; then + enable_gcc_warnings_advisory=yes + enable_fatal_warnings=yes +fi + # OS X Lion started deprecating the system openssl. Let's just disable # all deprecation warnings on OS X. Also, to potentially make the binary # a little smaller, let's enable dead_strip. @@ -1615,35 +1863,11 @@ esac # Add some more warnings which we use in development but not in the # released versions. (Some relevant gcc versions can't handle these.) -if test "x$enable_gcc_warnings" = "xyes" || - test "x$enable_gcc_warnings_advisory" = "xyes"; then - - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ -#if !defined(__GNUC__) || (__GNUC__ < 4) -#error -#endif])], have_gcc4=yes, have_gcc4=no) - - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ -#if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 2) -#error -#endif])], have_gcc42=yes, have_gcc42=no) - - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ -#if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 3) -#error -#endif])], have_gcc43=yes, have_gcc43=no) - - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ -#if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 6) -#error -#endif])], have_gcc46=yes, have_gcc46=no) - - - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -Wshorten-64-to-32" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [])], have_shorten64_flag=yes, - have_shorten64_flag=no) - CFLAGS="$save_CFLAGS" +# +# Note that we have to do this near the end of the autoconf process, or +# else we may run into problems when these warnings hit on the testing C +# programs that autoconf wants to build. +if test "x$enable_gcc_warnings_advisory" != "xno"; then case "$host" in *-*-openbsd* | *-*-bitrig*) @@ -1654,62 +1878,266 @@ if test "x$enable_gcc_warnings" = "xyes" || CFLAGS="$CFLAGS -Wno-system-headers" ;; esac + # GCC4.3 users once report trouble with -Wstrict-overflow=5. GCC5 users + # have it work better. + # CFLAGS="$CFLAGS -Wstrict-overflow=1" + + # This warning was added in gcc 4.3, but it appears to generate + # spurious warnings in gcc 4.4. I don't know if it works in 4.5. + #CFLAGS="$CFLAGS -Wlogical-op" + + m4_foreach_w([warning_flag], [ + -Waddress + -Waddress-of-array-temporary + -Waddress-of-temporary + -Wambiguous-macro + -Wanonymous-pack-parens + -Warc + -Warc-abi + -Warc-bridge-casts-disallowed-in-nonarc + -Warc-maybe-repeated-use-of-weak + -Warc-performSelector-leaks + -Warc-repeated-use-of-weak + -Warray-bounds + -Warray-bounds-pointer-arithmetic + -Wasm + -Wasm-operand-widths + -Watomic-properties + -Watomic-property-with-user-defined-accessor + -Wauto-import + -Wauto-storage-class + -Wauto-var-id + -Wavailability + -Wbackslash-newline-escape + -Wbad-array-new-length + -Wbind-to-temporary-copy + -Wbitfield-constant-conversion + -Wbool-conversion + -Wbool-conversions + -Wbuiltin-requires-header + -Wchar-align + -Wcompare-distinct-pointer-types + -Wcomplex-component-init + -Wconditional-type-mismatch + -Wconfig-macros + -Wconstant-conversion + -Wconstant-logical-operand + -Wconstexpr-not-const + -Wcustom-atomic-properties + -Wdangling-field + -Wdangling-initializer-list + -Wdate-time + -Wdelegating-ctor-cycles + -Wdeprecated-implementations + -Wdeprecated-register + -Wdirect-ivar-access + -Wdiscard-qual + -Wdistributed-object-modifiers + -Wdivision-by-zero + -Wdollar-in-identifier-extension + -Wdouble-promotion + -Wduplicate-decl-specifier + -Wduplicate-enum + -Wduplicate-method-arg + -Wduplicate-method-match + -Wduplicated-cond + -Wdynamic-class-memaccess + -Wembedded-directive + -Wempty-translation-unit + -Wenum-conversion + -Wexit-time-destructors + -Wexplicit-ownership-type + -Wextern-initializer + -Wextra + -Wextra-semi + -Wextra-tokens + -Wflexible-array-extensions + -Wfloat-conversion + -Wformat-non-iso + -Wfour-char-constants + -Wgcc-compat + -Wglobal-constructors + -Wgnu-array-member-paren-init + -Wgnu-designator + -Wgnu-static-float-init + -Wheader-guard + -Wheader-hygiene + -Widiomatic-parentheses + -Wignored-attributes + -Wimplicit-atomic-properties + -Wimplicit-conversion-floating-point-to-bool + -Wimplicit-exception-spec-mismatch + -Wimplicit-fallthrough + -Wimplicit-fallthrough-per-function + -Wimplicit-retain-self + -Wimport-preprocessor-directive-pedantic + -Wincompatible-library-redeclaration + -Wincompatible-pointer-types-discards-qualifiers + -Wincomplete-implementation + -Wincomplete-module + -Wincomplete-umbrella + -Winit-self + -Wint-conversions + -Wint-to-void-pointer-cast + -Winteger-overflow + -Winvalid-constexpr + -Winvalid-iboutlet + -Winvalid-noreturn + -Winvalid-pp-token + -Winvalid-source-encoding + -Winvalid-token-paste + -Wknr-promoted-parameter + -Wlanguage-extension-token + -Wlarge-by-value-copy + -Wliteral-conversion + -Wliteral-range + -Wlocal-type-template-args + -Wlogical-op + -Wloop-analysis + -Wmain-return-type + -Wmalformed-warning-check + -Wmethod-signatures + -Wmicrosoft + -Wmicrosoft-exists + -Wmismatched-parameter-types + -Wmismatched-return-types + -Wmissing-field-initializers + -Wmissing-format-attribute + -Wmissing-noreturn + -Wmissing-selector-name + -Wmissing-sysroot + -Wmissing-variable-declarations + -Wmodule-conflict + -Wnested-anon-types + -Wnewline-eof + -Wnon-literal-null-conversion + -Wnon-pod-varargs + -Wnonportable-cfstrings + -Wnormalized=id + -Wnull-arithmetic + -Wnull-character + -Wnull-conversion + -Wnull-dereference + -Wout-of-line-declaration + -Wover-aligned + -Woverlength-strings + -Woverride-init + -Woverriding-method-mismatch + -Wpointer-type-mismatch + -Wpredefined-identifier-outside-function + -Wprotocol-property-synthesis-ambiguity + -Wreadonly-iboutlet-property + -Wreadonly-setter-attrs + -Wreceiver-expr + -Wreceiver-forward-class + -Wreceiver-is-weak + -Wreinterpret-base-class + -Wrequires-super-attribute + -Wreserved-user-defined-literal + -Wreturn-stack-address + -Wsection + -Wselector-type-mismatch + -Wsentinel + -Wserialized-diagnostics + -Wshadow + -Wshift-count-negative + -Wshift-count-overflow + -Wshift-negative-value + -Wshift-overflow=2 + -Wshift-sign-overflow + -Wshorten-64-to-32 + -Wsizeof-array-argument + -Wsource-uses-openmp + -Wstatic-float-init + -Wstatic-in-inline + -Wstatic-local-in-inline + -Wstrict-overflow=1 + -Wstring-compare + -Wstring-conversion + -Wstrlcpy-strlcat-size + -Wstrncat-size + -Wsuggest-attribute=format + -Wsuggest-attribute=noreturn + -Wsuper-class-method-mismatch + -Wswitch-bool + -Wsync-nand + -Wtautological-constant-out-of-range-compare + -Wtentative-definition-incomplete-type + -Wtrampolines + -Wtype-safety + -Wtypedef-redefinition + -Wtypename-missing + -Wundefined-inline + -Wundefined-internal + -Wundefined-reinterpret-cast + -Wunicode + -Wunicode-whitespace + -Wunknown-warning-option + -Wunnamed-type-template-args + -Wunneeded-member-function + -Wunsequenced + -Wunsupported-visibility + -Wunused-but-set-parameter + -Wunused-but-set-variable + -Wunused-command-line-argument + -Wunused-const-variable=2 + -Wunused-exception-parameter + -Wunused-local-typedefs + -Wunused-member-function + -Wunused-sanitize-argument + -Wunused-volatile-lvalue + -Wuser-defined-literals + -Wvariadic-macros + -Wvector-conversion + -Wvector-conversions + -Wvexing-parse + -Wvisibility + -Wvla-extension + -Wzero-length-array + ], [ TOR_CHECK_CFLAGS([warning_flag]) ]) + +dnl We should re-enable this in some later version. Clang doesn't +dnl mind, but it causes trouble with GCC. +dnl -Wstrict-overflow=2 + +dnl These seem to require annotations that we don't currently use, +dnl and they give false positives in our pthreads wrappers. (Clang 4) +dnl -Wthread-safety +dnl -Wthread-safety-analysis +dnl -Wthread-safety-attributes +dnl -Wthread-safety-beta +dnl -Wthread-safety-precise + CFLAGS="$CFLAGS -W -Wfloat-equal -Wundef -Wpointer-arith" CFLAGS="$CFLAGS -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings" CFLAGS="$CFLAGS -Wredundant-decls -Wchar-subscripts -Wcomment -Wformat=2" - CFLAGS="$CFLAGS -Wwrite-strings -Wmissing-declarations -Wredundant-decls" + CFLAGS="$CFLAGS -Wwrite-strings" CFLAGS="$CFLAGS -Wnested-externs -Wbad-function-cast -Wswitch-enum" - - if test "x$enable_gcc_warnings" = "xyes"; then - CFLAGS="$CFLAGS -Werror" - fi - - # Disabled, so we can use mallinfo(): -Waggregate-return - - if test "x$have_gcc4" = "xyes"; then - # These warnings break gcc 3.3.5 and work on gcc 4.0.2 - CFLAGS="$CFLAGS -Winit-self -Wmissing-field-initializers -Wold-style-definition" - fi - - if test "x$have_gcc42" = "xyes"; then - # These warnings break gcc 4.0.2 and work on gcc 4.2 - # XXXX020 See if any of these work with earlier versions. - CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wstrict-overflow=1" - - # We used to use -Wstrict-overflow=5, but that breaks us heavily under 4.3. + CFLAGS="$CFLAGS -Waggregate-return -Wpacked -Wunused" + CFLAGS="$CFLAGS -Wunused-parameter " + # These interfere with building main() { return 0; }, which autoconf + # likes to use as its default program. + CFLAGS="$CFLAGS -Wold-style-definition -Wmissing-declarations" + + if test "$tor_cv_cflags__Wnull_dereference" = "yes"; then + AC_DEFINE([HAVE_CFLAG_WNULL_DEREFERENCE], 1, [True if we have -Wnull-dereference]) fi - - if test "x$have_gcc42" = "xyes" && test "x$have_clang" = "xno"; then - # These warnings break gcc 4.0.2 and clang, but work on gcc 4.2 - CFLAGS="$CFLAGS -Wnormalized=id -Woverride-init" - fi - - if test "x$have_gcc43" = "xyes"; then - # These warnings break gcc 4.2 and work on gcc 4.3 - # XXXX020 See if any of these work with earlier versions. - CFLAGS="$CFLAGS -Wextra -Warray-bounds" + if test "$tor_cv_cflags__Woverlength_strings" = "yes"; then + AC_DEFINE([HAVE_CFLAG_WOVERLENGTH_STRINGS], 1, [True if we have -Woverlength-strings]) fi - if test "x$have_gcc46" = "xyes"; then - # This warning was added in gcc 4.3, but it appears to generate - # spurious warnings in gcc 4.4. I don't know if it works in 4.5. - CFLAGS="$CFLAGS -Wlogical-op" - fi - - if test "x$have_shorten64_flag" = "xyes"; then - CFLAGS="$CFLAGS -Wshorten-64-to-32" + if test "x$enable_fatal_warnings" = "xyes"; then + # I'd like to use TOR_CHECK_CFLAGS here, but I can't, since the + # default autoconf programs are full of errors. + CFLAGS="$CFLAGS -Werror" fi - - -##This will break the world on some 64-bit architectures -# CFLAGS="$CFLAGS -Winline" fi if test "$enable_coverage" = "yes" && test "$have_clang" = "no"; then case "$host_os" in darwin*) - AC_MSG_WARN([Tried to enable coverage on OSX without using the clang compiler. This might not work! If coverage fails, use CC=clang when configuring with --enable-profiling.]) + AC_MSG_WARN([Tried to enable coverage on OSX without using the clang compiler. This might not work! If coverage fails, use CC=clang when configuring with --enable-coverage.]) esac fi @@ -1725,6 +2153,7 @@ AC_CONFIG_FILES([ contrib/dist/tor.service src/config/torrc.sample src/config/torrc.minimal + src/rust/.cargo/config scripts/maint/checkOptionDocs.pl scripts/maint/updateVersions.pl ]) @@ -1747,4 +2176,19 @@ if test "x$asciidoc" = "xtrue" && test "$ASCIIDOC" = "none"; then done fi +if test "$fragile_hardening" = "yes"; then + AC_MSG_WARN([ + +============ +Warning! Building Tor with --enable-fragile-hardening (also known as +--enable-expensive-hardening) makes some kinds of attacks harder, but makes +other kinds of attacks easier. A Tor instance build with this option will be +somewhat less vulnerable to remote code execution, arithmetic overflow, or +out-of-bounds read/writes... but at the cost of becoming more vulnerable to +denial of service attacks. For more information, see +https://trac.torproject.org/projects/tor/wiki/doc/TorFragileHardening +============ + ]) +fi + AC_OUTPUT |