Attachment #131363 for bug #159013

Lines 720-725 Link Here

(-)asterisk-1.4.11.org/configure (-9 / +455 lines)
720	ALSA_INCLUDE	720	ALSA_INCLUDE
721	ALSA_DIR	721	ALSA_DIR
722	PBX_ALSA	722	PBX_ALSA
		723	CAP_LIB
		724	CAP_INCLUDE
		725	CAP_DIR
		726	PBX_CAP
723	CURL_LIB	727	CURL_LIB
724	CURL_INCLUDE	728	CURL_INCLUDE
725	CURL_DIR	729	CURL_DIR
Lines 1499-1504 Link Here
1499	--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)	1503	--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
1500	--with-gnu-ld assume the C compiler uses GNU ld [default=no]	1504	--with-gnu-ld assume the C compiler uses GNU ld [default=no]
1501	--with-asound=PATH use Advanced Linux Sound Architecture files in PATH	1505	--with-asound=PATH use Advanced Linux Sound Architecture files in PATH
		1506	--with-cap=PATH use POSIX 1.e capabilities files in PATH
1502	--with-curl=PATH use cURL files in PATH	1507	--with-curl=PATH use cURL files in PATH
1503	--with-curses=PATH use curses files in PATH	1508	--with-curses=PATH use curses files in PATH
1504	--with-gnutls=PATH use GNU TLS support (used for iksemel only) files in	1509	--with-gnutls=PATH use GNU TLS support (used for iksemel only) files in
Lines 7602-7607 Link Here
7602		7607
7603		7608
7604		7609
		7610	CAP_DESCRIP="POSIX 1.e capabilities"
		7611	CAP_OPTION="cap"
		7612
		7613	# Check whether --with-cap was given.
		7614	if test "${with_cap+set}" = set; then
		7615	withval=$with_cap;
		7616	case ${withval} in
		7617	n\|no)
		7618	USE_CAP=no
		7619	;;
		7620	y\|ye\|yes)
		7621	CAP_MANDATORY="yes"
		7622	;;
		7623	*)
		7624	CAP_DIR="${withval}"
		7625	CAP_MANDATORY="yes"
		7626	;;
		7627	esac
		7628
		7629	fi
		7630
		7631	PBX_CAP=0
		7632
		7633
		7634
		7635
		7636
		7637
7605	CURL_DESCRIP="cURL"	7638	CURL_DESCRIP="cURL"
7606	CURL_OPTION="curl"	7639	CURL_OPTION="curl"
7607		7640
Lines 16535-16540 Link Here
16535	fi	16568	fi
16536		16569
16537		16570
		16571	if test "x${host_os}" = "xlinux-gnu" ; then
		16572
		16573	if test "${USE_CAP}" != "no"; then
		16574	pbxlibdir=""
		16575	if test "x${CAP_DIR}" != "x"; then
		16576	if test -d ${CAP_DIR}/lib; then
		16577	pbxlibdir="-L${CAP_DIR}/lib"
		16578	else
		16579	pbxlibdir="-L${CAP_DIR}"
		16580	fi
		16581	fi
		16582	{ echo "$as_me:$LINENO: checking for cap_from_text in -lcap" >&5
		16583	echo $ECHO_N "checking for cap_from_text in -lcap... $ECHO_C" >&6; }
		16584	if test "${ac_cv_lib_cap_cap_from_text+set}" = set; then
		16585	echo $ECHO_N "(cached) $ECHO_C" >&6
		16586	else
		16587	ac_check_lib_save_LIBS=$LIBS
		16588	LIBS="-lcap ${pbxlibdir} $LIBS"
		16589	cat >conftest.$ac_ext <<_ACEOF
		16590	/* confdefs.h. */
		16591	_ACEOF
		16592	cat confdefs.h >>conftest.$ac_ext
		16593	cat >>conftest.$ac_ext <<_ACEOF
		16594	/* end confdefs.h. */
		16595
		16596	/* Override any GCC internal prototype to avoid an error.
		16597	Use char because int might match the return type of a GCC
		16598	builtin and then its argument prototype would still apply. */
		16599	#ifdef __cplusplus
		16600	extern "C"
		16601	#endif
		16602	char cap_from_text ();
		16603	int
		16604	main ()
		16605	{
		16606	return cap_from_text ();
		16607	;
		16608	return 0;
		16609	}
		16610	_ACEOF
		16611	rm -f conftest.$ac_objext conftest$ac_exeext
		16612	if { (ac_try="$ac_link"
		16613	case "(($ac_try" in
		16614	\" \| \` \| \\) ac_try_echo=\$ac_try;;
		16615	*) ac_try_echo=$ac_try;;
		16616	esac
		16617	eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
		16618	(eval "$ac_link") 2>conftest.er1
		16619	ac_status=$?
		16620	grep -v '^ *+' conftest.er1 >conftest.err
		16621	rm -f conftest.er1
		16622	cat conftest.err >&5
		16623	echo "$as_me:$LINENO: \$? = $ac_status" >&5
		16624	(exit $ac_status); } && {
		16625	test -z "$ac_c_werror_flag" \|\|
		16626	test ! -s conftest.err
		16627	} && test -s conftest$ac_exeext &&
		16628	$as_test_x conftest$ac_exeext; then
		16629	ac_cv_lib_cap_cap_from_text=yes
		16630	else
		16631	echo "$as_me: failed program was:" >&5
		16632	sed 's/^/\| /' conftest.$ac_ext >&5
		16633
		16634	ac_cv_lib_cap_cap_from_text=no
16635	fi
16636
16637	rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
16638	conftest$ac_exeext conftest.$ac_ext
16639	LIBS=$ac_check_lib_save_LIBS
16640	fi
16641	{ echo "$as_me:$LINENO: result: $ac_cv_lib_cap_cap_from_text" >&5
16642	echo "${ECHO_T}$ac_cv_lib_cap_cap_from_text" >&6; }
16643	if test $ac_cv_lib_cap_cap_from_text = yes; then
16644	AST_CAP_FOUND=yes
16645	else
16646	AST_CAP_FOUND=no
16647	fi
16648
16649
16650	if test "${AST_CAP_FOUND}" = "yes"; then
16651	CAP_LIB="-lcap "
16652	CAP_HEADER_FOUND="1"
16653	if test "x${CAP_DIR}" != "x"; then
16654	CAP_LIB="${pbxlibdir} ${CAP_LIB}"
16655	CAP_INCLUDE="-I${CAP_DIR}/include"
16656	saved_cppflags="${CPPFLAGS}"
16657	CPPFLAGS="${CPPFLAGS} -I${CAP_DIR}/include"
16658	if test "xsys/capability.h" != "x" ; then
16659	as_ac_Header=`echo "ac_cv_header_${CAP_DIR}/include/sys/capability.h" \| $as_tr_sh`
16660	if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
16661	{ echo "$as_me:$LINENO: checking for ${CAP_DIR}/include/sys/capability.h" >&5
16662	echo $ECHO_N "checking for ${CAP_DIR}/include/sys/capability.h... $ECHO_C" >&6; }
16663	if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
16664	echo $ECHO_N "(cached) $ECHO_C" >&6
16665	fi
16666	ac_res=`eval echo '${'$as_ac_Header'}'`
16667	{ echo "$as_me:$LINENO: result: $ac_res" >&5
16668	echo "${ECHO_T}$ac_res" >&6; }
16669	else
16670	# Is the header compilable?
16671	{ echo "$as_me:$LINENO: checking ${CAP_DIR}/include/sys/capability.h usability" >&5
16672	echo $ECHO_N "checking ${CAP_DIR}/include/sys/capability.h usability... $ECHO_C" >&6; }
16673	cat >conftest.$ac_ext <<_ACEOF
16674	/* confdefs.h. */
16675	_ACEOF
16676	cat confdefs.h >>conftest.$ac_ext
16677	cat >>conftest.$ac_ext <<_ACEOF
16678	/* end confdefs.h. */
16679	$ac_includes_default
16680	#include <${CAP_DIR}/include/sys/capability.h>
16681	_ACEOF
16682	rm -f conftest.$ac_objext
16683	if { (ac_try="$ac_compile"
16684	case "(($ac_try" in
16685	\" \| \` \| \\) ac_try_echo=\$ac_try;;
16686	*) ac_try_echo=$ac_try;;
16687	esac
16688	eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
16689	(eval "$ac_compile") 2>conftest.er1
16690	ac_status=$?
16691	grep -v '^ *+' conftest.er1 >conftest.err
16692	rm -f conftest.er1
16693	cat conftest.err >&5
16694	echo "$as_me:$LINENO: \$? = $ac_status" >&5
16695	(exit $ac_status); } && {
16696	test -z "$ac_c_werror_flag" \|\|
16697	test ! -s conftest.err
16698	} && test -s conftest.$ac_objext; then
16699	ac_header_compiler=yes
16700	else
16701	echo "$as_me: failed program was:" >&5
16702	sed 's/^/\| /' conftest.$ac_ext >&5
16703
16704	ac_header_compiler=no
16705	fi
16706
16707	rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
16708	{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
16709	echo "${ECHO_T}$ac_header_compiler" >&6; }
16710
16711	# Is the header present?
16712	{ echo "$as_me:$LINENO: checking ${CAP_DIR}/include/sys/capability.h presence" >&5
16713	echo $ECHO_N "checking ${CAP_DIR}/include/sys/capability.h presence... $ECHO_C" >&6; }
16714	cat >conftest.$ac_ext <<_ACEOF
16715	/* confdefs.h. */
16716	_ACEOF
16717	cat confdefs.h >>conftest.$ac_ext
16718	cat >>conftest.$ac_ext <<_ACEOF
16719	/* end confdefs.h. */
16720	#include <${CAP_DIR}/include/sys/capability.h>
16721	_ACEOF
16722	if { (ac_try="$ac_cpp conftest.$ac_ext"
16723	case "(($ac_try" in
16724	\" \| \` \| \\) ac_try_echo=\$ac_try;;
16725	*) ac_try_echo=$ac_try;;
16726	esac
16727	eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
16728	(eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
16729	ac_status=$?
16730	grep -v '^ *+' conftest.er1 >conftest.err
16731	rm -f conftest.er1
16732	cat conftest.err >&5
16733	echo "$as_me:$LINENO: \$? = $ac_status" >&5
16734	(exit $ac_status); } >/dev/null && {
16735	test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" \|\|
16736	test ! -s conftest.err
16737	}; then
16738	ac_header_preproc=yes
16739	else
16740	echo "$as_me: failed program was:" >&5
16741	sed 's/^/\| /' conftest.$ac_ext >&5
16742
16743	ac_header_preproc=no
16744	fi
16745
16746	rm -f conftest.err conftest.$ac_ext
16747	{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
16748	echo "${ECHO_T}$ac_header_preproc" >&6; }
16749
16750	# So? What about this header?
16751	case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
16752	yes:no: )
16753	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: accepted by the compiler, rejected by the preprocessor!" >&5
16754	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
16755	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: proceeding with the compiler's result" >&5
16756	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: proceeding with the compiler's result" >&2;}
16757	ac_header_preproc=yes
16758	;;
16759	no:yes:* )
16760	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: present but cannot be compiled" >&5
16761	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: present but cannot be compiled" >&2;}
16762	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: check for missing prerequisite headers?" >&5
16763	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: check for missing prerequisite headers?" >&2;}
16764	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: see the Autoconf documentation" >&5
16765	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: see the Autoconf documentation" >&2;}
16766	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: section \"Present But Cannot Be Compiled\"" >&5
16767	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: section \"Present But Cannot Be Compiled\"" >&2;}
16768	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: proceeding with the preprocessor's result" >&5
16769	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: proceeding with the preprocessor's result" >&2;}
16770	{ echo "$as_me:$LINENO: WARNING: ${CAP_DIR}/include/sys/capability.h: in the future, the compiler will take precedence" >&5
16771	echo "$as_me: WARNING: ${CAP_DIR}/include/sys/capability.h: in the future, the compiler will take precedence" >&2;}
16772	( cat <<\_ASBOX
16773	## ------------------------------- ##
16774	## Report this to www.asterisk.org ##
16775	## ------------------------------- ##
16776	_ASBOX
16777	) \| sed "s/^/$as_me: WARNING: /" >&2
16778	;;
16779	esac
16780	{ echo "$as_me:$LINENO: checking for ${CAP_DIR}/include/sys/capability.h" >&5
16781	echo $ECHO_N "checking for ${CAP_DIR}/include/sys/capability.h... $ECHO_C" >&6; }
16782	if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
16783	echo $ECHO_N "(cached) $ECHO_C" >&6
16784	else
16785	eval "$as_ac_Header=\$ac_header_preproc"
16786	fi
16787	ac_res=`eval echo '${'$as_ac_Header'}'`
16788	{ echo "$as_me:$LINENO: result: $ac_res" >&5
16789	echo "${ECHO_T}$ac_res" >&6; }
16790
16791	fi
16792	if test `eval echo '${'$as_ac_Header'}'` = yes; then
16793	CAP_HEADER_FOUND=1
16794	else
16795	CAP_HEADER_FOUND=0
16796	fi
16797
16798
16799	fi
16800	CPPFLAGS="${saved_cppflags}"
16801	else
16802	if test "xsys/capability.h" != "x" ; then
16803	if test "${ac_cv_header_sys_capability_h+set}" = set; then
16804	{ echo "$as_me:$LINENO: checking for sys/capability.h" >&5
16805	echo $ECHO_N "checking for sys/capability.h... $ECHO_C" >&6; }
16806	if test "${ac_cv_header_sys_capability_h+set}" = set; then
16807	echo $ECHO_N "(cached) $ECHO_C" >&6
16808	fi
16809	{ echo "$as_me:$LINENO: result: $ac_cv_header_sys_capability_h" >&5
16810	echo "${ECHO_T}$ac_cv_header_sys_capability_h" >&6; }
16811	else
16812	# Is the header compilable?
16813	{ echo "$as_me:$LINENO: checking sys/capability.h usability" >&5
16814	echo $ECHO_N "checking sys/capability.h usability... $ECHO_C" >&6; }
16815	cat >conftest.$ac_ext <<_ACEOF
16816	/* confdefs.h. */
16817	_ACEOF
16818	cat confdefs.h >>conftest.$ac_ext
16819	cat >>conftest.$ac_ext <<_ACEOF
16820	/* end confdefs.h. */
16821	$ac_includes_default
16822	#include <sys/capability.h>
16823	_ACEOF
16824	rm -f conftest.$ac_objext
16825	if { (ac_try="$ac_compile"
16826	case "(($ac_try" in
16827	\" \| \` \| \\) ac_try_echo=\$ac_try;;
16828	*) ac_try_echo=$ac_try;;
16829	esac
16830	eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
16831	(eval "$ac_compile") 2>conftest.er1
16832	ac_status=$?
16833	grep -v '^ *+' conftest.er1 >conftest.err
16834	rm -f conftest.er1
16835	cat conftest.err >&5
16836	echo "$as_me:$LINENO: \$? = $ac_status" >&5
16837	(exit $ac_status); } && {
16838	test -z "$ac_c_werror_flag" \|\|
16839	test ! -s conftest.err
16840	} && test -s conftest.$ac_objext; then
16841	ac_header_compiler=yes
16842	else
16843	echo "$as_me: failed program was:" >&5
16844	sed 's/^/\| /' conftest.$ac_ext >&5
16845
16846	ac_header_compiler=no
16847	fi
16848
16849	rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
16850	{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
16851	echo "${ECHO_T}$ac_header_compiler" >&6; }
16852
16853	# Is the header present?
16854	{ echo "$as_me:$LINENO: checking sys/capability.h presence" >&5
16855	echo $ECHO_N "checking sys/capability.h presence... $ECHO_C" >&6; }
16856	cat >conftest.$ac_ext <<_ACEOF
16857	/* confdefs.h. */
16858	_ACEOF
16859	cat confdefs.h >>conftest.$ac_ext
16860	cat >>conftest.$ac_ext <<_ACEOF
16861	/* end confdefs.h. */
16862	#include <sys/capability.h>
16863	_ACEOF
16864	if { (ac_try="$ac_cpp conftest.$ac_ext"
16865	case "(($ac_try" in
16866	\" \| \` \| \\) ac_try_echo=\$ac_try;;
16867	*) ac_try_echo=$ac_try;;
16868	esac
16869	eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
16870	(eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
16871	ac_status=$?
16872	grep -v '^ *+' conftest.er1 >conftest.err
16873	rm -f conftest.er1
16874	cat conftest.err >&5
16875	echo "$as_me:$LINENO: \$? = $ac_status" >&5
16876	(exit $ac_status); } >/dev/null && {
16877	test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" \|\|
16878	test ! -s conftest.err
16879	}; then
16880	ac_header_preproc=yes
16881	else
16882	echo "$as_me: failed program was:" >&5
16883	sed 's/^/\| /' conftest.$ac_ext >&5
16884
16885	ac_header_preproc=no
16886	fi
16887
16888	rm -f conftest.err conftest.$ac_ext
16889	{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
16890	echo "${ECHO_T}$ac_header_preproc" >&6; }
16891
16892	# So? What about this header?
16893	case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
16894	yes:no: )
16895	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: accepted by the compiler, rejected by the preprocessor!" >&5
16896	echo "$as_me: WARNING: sys/capability.h: accepted by the compiler, rejected by the preprocessor!" >&2;}
16897	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: proceeding with the compiler's result" >&5
16898	echo "$as_me: WARNING: sys/capability.h: proceeding with the compiler's result" >&2;}
16899	ac_header_preproc=yes
16900	;;
16901	no:yes:* )
16902	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: present but cannot be compiled" >&5
16903	echo "$as_me: WARNING: sys/capability.h: present but cannot be compiled" >&2;}
16904	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: check for missing prerequisite headers?" >&5
16905	echo "$as_me: WARNING: sys/capability.h: check for missing prerequisite headers?" >&2;}
16906	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: see the Autoconf documentation" >&5
16907	echo "$as_me: WARNING: sys/capability.h: see the Autoconf documentation" >&2;}
16908	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: section \"Present But Cannot Be Compiled\"" >&5
16909	echo "$as_me: WARNING: sys/capability.h: section \"Present But Cannot Be Compiled\"" >&2;}
16910	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: proceeding with the preprocessor's result" >&5
16911	echo "$as_me: WARNING: sys/capability.h: proceeding with the preprocessor's result" >&2;}
16912	{ echo "$as_me:$LINENO: WARNING: sys/capability.h: in the future, the compiler will take precedence" >&5
16913	echo "$as_me: WARNING: sys/capability.h: in the future, the compiler will take precedence" >&2;}
16914	( cat <<\_ASBOX
16915	## ------------------------------- ##
16916	## Report this to www.asterisk.org ##
16917	## ------------------------------- ##
16918	_ASBOX
16919	) \| sed "s/^/$as_me: WARNING: /" >&2
16920	;;
16921	esac
16922	{ echo "$as_me:$LINENO: checking for sys/capability.h" >&5
16923	echo $ECHO_N "checking for sys/capability.h... $ECHO_C" >&6; }
16924	if test "${ac_cv_header_sys_capability_h+set}" = set; then
16925	echo $ECHO_N "(cached) $ECHO_C" >&6
16926	else
16927	ac_cv_header_sys_capability_h=$ac_header_preproc
16928	fi
16929	{ echo "$as_me:$LINENO: result: $ac_cv_header_sys_capability_h" >&5
16930	echo "${ECHO_T}$ac_cv_header_sys_capability_h" >&6; }
16931
16932	fi
16933	if test $ac_cv_header_sys_capability_h = yes; then
16934	CAP_HEADER_FOUND=1
16935	else
16936	CAP_HEADER_FOUND=0
16937	fi
16938
16939
16940	fi
16941	fi
16942	if test "x${CAP_HEADER_FOUND}" = "x0" ; then
16943	if test -n "${CAP_MANDATORY}" ;
16944	then
16945	{ echo "$as_me:$LINENO: ***" >&5
16946	echo "$as_me: ***" >&6;}
16947	{ echo "$as_me:$LINENO: *** It appears that you do not have the cap development package installed." >&5
16948	echo "$as_me: *** It appears that you do not have the cap development package installed." >&6;}
16949	{ echo "$as_me:$LINENO: *** Please install it to include ${CAP_DESCRIP} support, or re-run configure" >&5
16950	echo "$as_me: *** Please install it to include ${CAP_DESCRIP} support, or re-run configure" >&6;}
16951	{ echo "$as_me:$LINENO: *** without explicitly specifying --with-${CAP_OPTION}" >&5
16952	echo "$as_me: *** without explicitly specifying --with-${CAP_OPTION}" >&6;}
16953	exit 1
16954	fi
16955	CAP_LIB=""
16956	CAP_INCLUDE=""
16957	PBX_CAP=0
16958	else
16959	PBX_CAP=1
16960
16961	cat >>confdefs.h <<_ACEOF
16962	#define HAVE_CAP 1
16963	_ACEOF
16964
16965	fi
16966	elif test -n "${CAP_MANDATORY}";
16967	then
16968	{ echo "$as_me:$LINENO: ***" >&5
16969	echo "$as_me: ***" >&6;}
16970	{ echo "$as_me:$LINENO: *** The ${CAP_DESCRIP} installation on this system appears to be broken." >&5
16971	echo "$as_me: *** The ${CAP_DESCRIP} installation on this system appears to be broken." >&6;}
16972	{ echo "$as_me:$LINENO: *** Either correct the installation, or run configure" >&5
16973	echo "$as_me: *** Either correct the installation, or run configure" >&6;}
16974	{ echo "$as_me:$LINENO: *** without explicitly specifying --with-${CAP_OPTION}" >&5
16975	echo "$as_me: *** without explicitly specifying --with-${CAP_OPTION}" >&6;}
16976	exit 1
16977	fi
16978	fi
16979
16980	fi
16981
16538		16982
16539	if test "${USE_CURSES}" != "no"; then	16983	if test "${USE_CURSES}" != "no"; then
16540	pbxlibdir=""	16984	pbxlibdir=""
Lines 33274-33279 Link Here
33274	ALSA_INCLUDE!$ALSA_INCLUDE$ac_delim	33718	ALSA_INCLUDE!$ALSA_INCLUDE$ac_delim
33275	ALSA_DIR!$ALSA_DIR$ac_delim	33719	ALSA_DIR!$ALSA_DIR$ac_delim
33276	PBX_ALSA!$PBX_ALSA$ac_delim	33720	PBX_ALSA!$PBX_ALSA$ac_delim
		33721	CAP_LIB!$CAP_LIB$ac_delim
		33722	CAP_INCLUDE!$CAP_INCLUDE$ac_delim
		33723	CAP_DIR!$CAP_DIR$ac_delim
		33724	PBX_CAP!$PBX_CAP$ac_delim
33277	CURL_LIB!$CURL_LIB$ac_delim	33725	CURL_LIB!$CURL_LIB$ac_delim
33278	CURL_INCLUDE!$CURL_INCLUDE$ac_delim	33726	CURL_INCLUDE!$CURL_INCLUDE$ac_delim
33279	CURL_DIR!$CURL_DIR$ac_delim	33727	CURL_DIR!$CURL_DIR$ac_delim
Lines 33363-33372 Link Here
33363	PWLIB_DIR!$PWLIB_DIR$ac_delim	33811	PWLIB_DIR!$PWLIB_DIR$ac_delim
33364	PBX_PWLIB!$PBX_PWLIB$ac_delim	33812	PBX_PWLIB!$PBX_PWLIB$ac_delim
33365	OPENH323_LIB!$OPENH323_LIB$ac_delim	33813	OPENH323_LIB!$OPENH323_LIB$ac_delim
33366	OPENH323_INCLUDE!$OPENH323_INCLUDE$ac_delim
33367	OPENH323_DIR!$OPENH323_DIR$ac_delim
33368	PBX_OPENH323!$PBX_OPENH323$ac_delim
33369	QT_LIB!$QT_LIB$ac_delim
33370	_ACEOF	33814	_ACEOF
33371		33815
33372	if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed \| grep -c X` = 97; then	33816	if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed \| grep -c X` = 97; then
Lines 33408-33413 Link Here
33408	ac_delim='%!_!# '	33852	ac_delim='%!_!# '
33409	for ac_last_try in false false false false false :; do	33853	for ac_last_try in false false false false false :; do
33410	cat >conf$$subs.sed <<_ACEOF	33854	cat >conf$$subs.sed <<_ACEOF
		33855	OPENH323_INCLUDE!$OPENH323_INCLUDE$ac_delim
		33856	OPENH323_DIR!$OPENH323_DIR$ac_delim
		33857	PBX_OPENH323!$PBX_OPENH323$ac_delim
		33858	QT_LIB!$QT_LIB$ac_delim
33411	QT_INCLUDE!$QT_INCLUDE$ac_delim	33859	QT_INCLUDE!$QT_INCLUDE$ac_delim
33412	QT_DIR!$QT_DIR$ac_delim	33860	QT_DIR!$QT_DIR$ac_delim
33413	PBX_QT!$PBX_QT$ac_delim	33861	PBX_QT!$PBX_QT$ac_delim
Lines 33502-33508 Link Here
33502	LTLIBOBJS!$LTLIBOBJS$ac_delim	33950	LTLIBOBJS!$LTLIBOBJS$ac_delim
33503	_ACEOF	33951	_ACEOF
33504		33952
33505	if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed \| grep -c X` = 92; then	33953	if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed \| grep -c X` = 96; then
33506	break	33954	break
33507	elif $ac_last_try; then	33955	elif $ac_last_try; then
33508	{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5	33956	{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
Lines 33521-33527 Link Here
33521		33969
33522	cat >>$CONFIG_STATUS <<_ACEOF	33970	cat >>$CONFIG_STATUS <<_ACEOF
33523	cat >"\$tmp/subs-3.sed" <<\CEOF$ac_eof	33971	cat >"\$tmp/subs-3.sed" <<\CEOF$ac_eof
33524	/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end	33972	/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
33525	_ACEOF	33973	_ACEOF
33526	sed '	33974	sed '
33527	s/[,\\&]/\\&/g; s/@/@\|#_!!_#\|/g	33975	s/[,\\&]/\\&/g; s/@/@\|#_!!_#\|/g
Lines 33534-33541 Link Here
33534	' >>$CONFIG_STATUS <conf$$subs.sed	33982	' >>$CONFIG_STATUS <conf$$subs.sed
33535	rm -f conf$$subs.sed	33983	rm -f conf$$subs.sed
33536	cat >>$CONFIG_STATUS <<_ACEOF	33984	cat >>$CONFIG_STATUS <<_ACEOF
33537	:end
33538	s/\|#_!!_#\|//g
33539	CEOF$ac_eof	33985	CEOF$ac_eof
33540	_ACEOF	33986	_ACEOF
33541		33987
Lines 33783-33789 Link Here
33783	s&@abs_top_builddir@&$ac_abs_top_builddir&;t t	34229	s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
33784	s&@INSTALL@&$ac_INSTALL&;t t	34230	s&@INSTALL@&$ac_INSTALL&;t t
33785	$ac_datarootdir_hack	34231	$ac_datarootdir_hack
33786	" $ac_file_inputs \| sed -f "$tmp/subs-1.sed" \| sed -f "$tmp/subs-2.sed" \| sed -f "$tmp/subs-3.sed" >$tmp/out	34232	" $ac_file_inputs \| sed -f "$tmp/subs-1.sed" \| sed -f "$tmp/subs-2.sed" \| sed -f "$tmp/subs-3.sed" \| sed 's/\|#_!!_#\|//g' >$tmp/out
33787		34233
33788	test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&	34234	test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
33789	{ ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } &&	34235	{ ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } &&

Lines 171-176 Link Here

(-)asterisk-1.4.11.org/configure.ac (+5 lines)
171	# by the --with option name, to make things easier for the users :-)	171	# by the --with option name, to make things easier for the users :-)
172		172
173	AST_EXT_LIB_SETUP([ALSA], [Advanced Linux Sound Architecture], [asound])	173	AST_EXT_LIB_SETUP([ALSA], [Advanced Linux Sound Architecture], [asound])
		174	AST_EXT_LIB_SETUP([CAP], [POSIX 1.e capabilities], [cap])
174	AST_EXT_LIB_SETUP([CURL], [cURL], [curl])	175	AST_EXT_LIB_SETUP([CURL], [cURL], [curl])
175	AST_EXT_LIB_SETUP([CURSES], [curses], [curses])	176	AST_EXT_LIB_SETUP([CURSES], [curses], [curses])
176	AST_EXT_LIB_SETUP([GNUTLS], [GNU TLS support (used for iksemel only)], [gnutls])	177	AST_EXT_LIB_SETUP([GNUTLS], [GNU TLS support (used for iksemel only)], [gnutls])
Lines 393-398 Link Here
393		394
394	AST_EXT_LIB_CHECK([ALSA], [asound], [snd_spcm_init], [alsa/asoundlib.h], [-lm -ldl])	395	AST_EXT_LIB_CHECK([ALSA], [asound], [snd_spcm_init], [alsa/asoundlib.h], [-lm -ldl])
395		396
		397	if test "x${host_os}" = "xlinux-gnu" ; then
		398	AST_EXT_LIB_CHECK([CAP], [cap], [cap_from_text], [sys/capability.h])
		399	fi
		400
396	AST_EXT_LIB_CHECK([CURSES], [curses], [initscr], [curses.h])	401	AST_EXT_LIB_CHECK([CURSES], [curses], [initscr], [curses.h])
397		402
398	GSM_INTERNAL="yes"	403	GSM_INTERNAL="yes"

Lines 28-33 Link Here

(-)asterisk-1.4.11.org/doc/security.txt (+7 lines)
28	AES encryption of voice and signalling. The SIP channel does not	28	AES encryption of voice and signalling. The SIP channel does not
29	support encryption in this version of Asterisk.	29	support encryption in this version of Asterisk.
30		30
		31	By default, if you have libcap available, Asterisk will try to retain the
		32	CAP_NET_ADMIN capability when running as a non-root user. If you do not need
		33	that capability you may want to configure Asterisk with --without-cap; however,
		34	this will prevent Asterisk from being able to mark high ToS bits under Linux.
		35	More information on CAP_NET_ADMIN is available at:
		36	http://www.lids.org/lids-howto/node48.html
		37
31	* DIALPLAN SECURITY	38	* DIALPLAN SECURITY
32		39
33	First and foremost remember this:	40	First and foremost remember this:

Lines 82-94 Link Here

(-)asterisk-1.4.11.org/main/asterisk.c (-5 / +26 lines)
82	#include <sys/stat.h>	82	#include <sys/stat.h>
83	#ifdef linux	83	#ifdef linux
84	#include <sys/prctl.h>	84	#include <sys/prctl.h>
85	#endif	85	#ifdef HAVE_CAP
		86	#include <sys/capability.h>
		87	#endif /* HAVE_CAP */
		88	#endif /* linux */
86	#include <regex.h>	89	#include <regex.h>
87		90
88	#ifdef linux
89	#include <sys/prctl.h>
90	#endif
91
92	#if defined(__FreeBSD__) \|\| defined( __NetBSD__ ) \|\| defined(SOLARIS)	91	#if defined(__FreeBSD__) \|\| defined( __NetBSD__ ) \|\| defined(SOLARIS)
93	#include <netdb.h>	92	#include <netdb.h>
94	#if defined(SOLARIS)	93	#if defined(SOLARIS)
Lines 2718-2729 Link Here
2718	}	2717	}
2719		2718
2720	if (!is_child_of_nonroot && runuser) {	2719	if (!is_child_of_nonroot && runuser) {
		2720	#ifdef HAVE_CAP
		2721	cap_t cap;
		2722	int has_cap = 1;
		2723	#endif /* HAVE_CAP */
2721	struct passwd *pw;	2724	struct passwd *pw;
2722	pw = getpwnam(runuser);	2725	pw = getpwnam(runuser);
2723	if (!pw) {	2726	if (!pw) {
2724	ast_log(LOG_WARNING, "No such user '%s'!\n", runuser);	2727	ast_log(LOG_WARNING, "No such user '%s'!\n", runuser);
2725	exit(1);	2728	exit(1);
2726	}	2729	}
		2730	#ifdef HAVE_CAP
		2731	if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
		2732	ast_log(LOG_WARNING, "Unable to keep capabilities.\n");
		2733	has_cap = 0;
		2734	}
		2735	#endif /* HAVE_CAP */
2727	if (!rungroup) {	2736	if (!rungroup) {
2728	if (setgid(pw->pw_gid)) {	2737	if (setgid(pw->pw_gid)) {
2729	ast_log(LOG_WARNING, "Unable to setgid to %d!\n", (int)pw->pw_gid);	2738	ast_log(LOG_WARNING, "Unable to setgid to %d!\n", (int)pw->pw_gid);
Lines 2741-2746 Link Here
2741	setenv("ASTERISK_ALREADY_NONROOT", "yes", 1);	2750	setenv("ASTERISK_ALREADY_NONROOT", "yes", 1);
2742	if (option_verbose)	2751	if (option_verbose)
2743	ast_verbose("Running as user '%s'\n", runuser);	2752	ast_verbose("Running as user '%s'\n", runuser);
		2753	#ifdef HAVE_CAP
		2754	if (has_cap) {
		2755	cap = cap_from_text("cap_net_admin=ep");
		2756	if (cap_set_proc(cap)) {
		2757	ast_log(LOG_WARNING, "Unable to install capabilities.\n");
		2758	break;
		2759	}
		2760	if (cap_free(cap)) {
		2761	ast_log(LOG_WARNING, "Unable to drop capabilities.\n");
		2762	}
		2763	}
		2764	#endif /* HAVE_CAP */
2744	}	2765	}
2745		2766
2746	#endif /* __CYGWIN__ */	2767	#endif /* __CYGWIN__ */

Lines 55-60 Link Here

(-)asterisk-1.4.11.org/main/Makefile (+3 lines)
55	ifneq ($(findstring LOADABLE_MODULES,$(MENUSELECT_CFLAGS)),)	55	ifneq ($(findstring LOADABLE_MODULES,$(MENUSELECT_CFLAGS)),)
56	AST_LIBS+=-ldl	56	AST_LIBS+=-ldl
57	endif	57	endif
		58	ifneq (x$(CAP_LIB),x)
		59	AST_LIBS+=$(CAP_LIB)
		60	endif
58	AST_LIBS+=-lpthread $(EDITLINE_LIB) -lm -lresolv	61	AST_LIBS+=-lpthread $(EDITLINE_LIB) -lm -lresolv
59	else	62	else
60	AST_LIBS+=$(EDITLINE_LIB) -lm	63	AST_LIBS+=$(EDITLINE_LIB) -lm

Lines 175-180 Link Here

(-)asterisk-1.4.11.org/makeopts.in (+3 lines)
175	SUPPSERV_INCLUDE=@SUPPSERV_INCLUDE@	175	SUPPSERV_INCLUDE=@SUPPSERV_INCLUDE@
176	SUPPSERV_LIB=@SUPPSERV_LIB@	176	SUPPSERV_LIB=@SUPPSERV_LIB@
177		177
		178	CAP_LIB=@CAP_LIB@
		179	CAP_INCLUDE=@CAP_INCLUDE@
		180
178	TERMCAP_INCLUDE=@TERMCAP_INCLUDE@	181	TERMCAP_INCLUDE=@TERMCAP_INCLUDE@
179	TERMCAP_LIB=@TERMCAP_LIB@	182	TERMCAP_LIB=@TERMCAP_LIB@
180	TERMCAP_DIR=@TERMCAP_DIR@	183	TERMCAP_DIR=@TERMCAP_DIR@

Return to bug 159013