Fix CVE-2016-1531
[users/jgh/exim.git] / src / scripts / Configure-Makefile
index 24ba10823b4d7aa411fad5e110ab277e263783f2..8f40d1c95c7af1e5cdf81ae741db4df5caf866c6 100755 (executable)
@@ -77,8 +77,9 @@ mf=Makefile
 mft=$mf-t
 mftt=$mf-tt
 
-look_mf=lookups/Makefile.predynamic
-look_mft=${look_mf}-t
+look_mf=lookups/Makefile
+look_mf_pre=${look_mf}.predynamic
+look_mf_post=${look_mf}.postdynamic
 
 # Ensure the temporary does not exist and start the new one by setting
 # the OSTYPE and ARCHTYPE variables.
@@ -109,7 +110,9 @@ do   if test -r ../$f
             echo "# End of $f"
             echo ""
      fi
-done >> $mft || exit 1
+done \
+     | sed 's/^TMPDIR=/EXIM_&/' \
+     >> $mft || exit 1
 
 # handle pkg-config
 # beware portability of extended regexps with sed.
@@ -117,6 +120,9 @@ done >> $mft || exit 1
 egrep "^[$st]*(AUTH|LOOKUP)_[A-Z0-9_]*[$st]*=[$st]*" $mft | \
   sed "s/[$st]*=/='/" | \
   sed "s/\$/'/" > $mftt
+egrep "^[$st]*((USE_(OPENSSL|GNUTLS)_PC)|SUPPORT_TLS|USE_GNUTLS|PCRE_CONFIG|AVOID_GNUTLS_PKCS11)[$st]*=[$st]*" $mft | \
+  sed "s/[$st]*=/='/" | \
+  sed "s/\$/'/" >> $mftt
 if test -s $mftt
 then
   (
@@ -124,6 +130,30 @@ then
   . ./$mftt
   for var in `cut -d = -f 1 < $mftt`; do
     case $var in
+
+      USE_*_PC)
+        eval "pc_value=\"\$$var\""
+        need_this=''
+        if [ ".$SUPPORT_TLS" = "." ]; then
+          # no TLS, not referencing
+          true
+        elif [ ".$var" = ".USE_GNUTLS_PC" ] && [ ".$USE_GNUTLS" != "." ]; then
+          need_this=t
+        elif [ ".$var" = ".USE_OPENSSL_PC" ] && [ ".$USE_GNUTLS" = "." ]; then
+          need_this=t
+        fi
+        if [ ".$need_this" != "." ]; then
+          tls_include=`pkg-config --cflags $pc_value`
+          if [ $? -ne 0 ]; then
+            echo >&2 "*** Missing pkg-config for package $pc_value (for Exim $var build option)"
+            exit 1
+          fi
+          tls_libs=`pkg-config --libs $pc_value`
+          echo "TLS_INCLUDE=$tls_include"
+          echo "TLS_LIBS=$tls_libs"
+        fi
+        ;;
+
       *_PC)
         eval "pc_value=\"\$$var\""
         base=`echo $var | sed 's/_PC$//'`
@@ -137,6 +167,10 @@ then
         else
           # main binary
           cflags=`pkg-config --cflags $pc_value`
+          if [ $? -ne 0 ]; then
+            echo >&2 "*** Missing pkg-config for package $pc_value (for Exim $var build option)"
+            exit 1
+          fi
           libs=`pkg-config --libs $pc_value`
           if [ "$var" != "${var#LOOKUP_}" ]; then
             echo "LOOKUP_INCLUDE += $cflags"
@@ -149,19 +183,45 @@ then
           fi
         fi
         ;;
+
+      PCRE_CONFIG)
+        case $PCRE_CONFIG in
+          yes|YES|y|Y)
+            cflags=`pcre-config --cflags`
+            if [ $? -ne 0 ]; then
+              echo >&2 "*** Missing pcre-config for regular expression support"
+              exit 1
+            fi
+            libs=`pcre-config --libs`
+            if [ ".$cflags" != "." ]; then
+              echo "INCLUDE += $cflags"
+            fi
+            echo "PCRE_LIBS=$libs"
+            ;;
+        esac
+        ;;
+
+      AVOID_GNUTLS_PKCS11)
+        echo "$var=yes"
+        ;;
+
     esac
   done
   echo "# End of pkg-config fixups"
   echo
   ) >> $mft
+  subexit=$?
+  if [ $subexit -ne 0 ]; then
+    exit $subexit
+  fi
 fi
 rm -f $mftt
 
 # make the lookups Makefile with the definitions
+# the auxiliary script generates $look_mf_post from $look_mf_pre
 
-## prepend stuff here; eg: grep LOOKUP_ $mft > $look_mft
-## cat ../src/lookups/Makefile >> $look_mft
-cp ../src/lookups/Makefile $look_mft
+cp ../src/lookups/Makefile $look_mf_pre
+../scripts/lookups-Makefile
 
 # See if there is a definition of EXIM_PERL in what we have built so far.
 # If so, run Perl to find the default values for PERL_CC, PERL_CCOPTS,
@@ -212,14 +272,14 @@ cat ../OS/Makefile-Base >> $mft || exit 1
 # If the new makefile is the same as the existing one, say so, and just
 # update the timestamp. Otherwise remove the old and install the new.
 
-if      [ -s $mf ] && cmp -s $mft $mf && [ -s $look_mf ] && cmp -s $look_mft $look_mf
+if      [ -s $mf ] && cmp -s $mft $mf && [ -s $look_mf ] && cmp -s $look_mf_post $look_mf
 then    echo ">>> rebuilt $mf unchanged"
         echo " "
         touch $mf || exit
-        rm -f $mft
-elif    rm -f $mf $look_mf
+        rm -f $mft $look_mf_pre $look_mf_post
+elif    rm -f $mf $look_mf $look_mf_pre
         mv $mft $mf
-       mv $look_mft $look_mf
+       mv $look_mf_post $look_mf
 then    echo ">>> New $mf & $look_mf installed"
         echo '>>> Use "make makefile" if you need to force rebuilding of the makefile'
         echo " "