From fe6a930a0138e27dd945cc4ce5cd74a128796469 Mon Sep 17 00:00:00 2001 From: psychon Date: Fri, 23 Apr 2010 16:27:21 +0000 Subject: [PATCH] Add ./configure --enable-run-from-source Unless this flag is used, znc will no longer look for modules in ./modules/ because this might be exploitable by lucky attackers. git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1927 726aef4b-f618-498e-8847-2d620e286838 --- Modules.cpp | 2 ++ configure | 24 +++++++++++++++++------- configure.in | 11 ++++++++--- 3 files changed, 27 insertions(+), 10 deletions(-) diff --git a/Modules.cpp b/Modules.cpp index 0aeb9bc7..36f36405 100644 --- a/Modules.cpp +++ b/Modules.cpp @@ -908,6 +908,7 @@ bool CModules::FindModPath(const CString& sModule, CString& sModPath, CModules::ModDirList CModules::GetModDirs() { ModDirList ret; +#ifdef RUN_FROM_SOURCE // ./modules CString sDir = CZNC::Get().GetCurPath() + "/modules/"; ret.push(std::make_pair(sDir, sDir)); @@ -915,6 +916,7 @@ CModules::ModDirList CModules::GetModDirs() { // ./modules/extra sDir = CZNC::Get().GetCurPath() + "/modules/extra/"; ret.push(std::make_pair(sDir, sDir)); +#endif // ~/.znc/modules sDir = CZNC::Get().GetModPath() + "/"; diff --git a/configure b/configure index b20dc6d1..5e8e44ea 100755 --- a/configure +++ b/configure @@ -627,8 +627,8 @@ ac_subst_files='' ac_user_opts=' enable_option_checking enable_largefile -enable_extra with_openssl +enable_extra enable_debug enable_ipv6 enable_openssl @@ -636,6 +636,7 @@ enable_perl enable_sasl enable_optimization enable_c_ares +enable_run_from_source with_module_prefix with_module_data_prefix enable_tcl @@ -1278,6 +1279,8 @@ Optional Features: --disable-optimization Disable some compiler optimizations to decrease memory usage while compiling --disable-c-ares disable c-ares usage + --enable-run-from-source + znc will be runnable without installation --enable-tcl enable modtcl Optional Packages: @@ -2751,6 +2754,12 @@ case "${host_os}" in ;; esac + +# Check whether --with-openssl was given. +if test "${with_openssl+set}" = set; then : + withval=$with_openssl; OPENSSL=$withval +fi + # Check whether --enable-extra was given. if test "${enable_extra+set}" = set; then : enableval=$enable_extra; EXTRA="$enableval" @@ -2758,12 +2767,6 @@ else EXTRA="no" fi - -# Check whether --with-openssl was given. -if test "${with_openssl+set}" = set; then : - withval=$with_openssl; OPENSSL=$withval -fi - # Check whether --enable-debug was given. if test "${enable_debug+set}" = set; then : enableval=$enable_debug; DEBUG="$enableval" @@ -2811,6 +2814,13 @@ else ARES="auto" fi +# Check whether --enable-run-from-source was given. +if test "${enable_run_from_source+set}" = set; then : + enableval=$enable_run_from_source; if test "x$withval" = "xyes" ; then + appendCXX -DRUN_FROM_SOURCE + fi +fi + if test "$DEBUG" != "no"; then appendCXX -ggdb -D_DEBUG diff --git a/configure.in b/configure.in index 97101105..430db930 100644 --- a/configure.in +++ b/configure.in @@ -72,13 +72,13 @@ case "${host_os}" in ;; esac +AC_ARG_WITH( [openssl], + AS_HELP_STRING([--with-openssl=DIR], [openssl installation prefix]), + [OPENSSL=$withval],) AC_ARG_ENABLE( [extra], AS_HELP_STRING([--enable-extra], [enable some extra modules]), [EXTRA="$enableval"], [EXTRA="no"]) -AC_ARG_WITH( [openssl], - AS_HELP_STRING([--with-openssl=DIR], [openssl installation prefix]), - [OPENSSL=$withval],) AC_ARG_ENABLE( [debug], AS_HELP_STRING([--enable-debug], [enable debugging]), [DEBUG="$enableval"], @@ -107,6 +107,11 @@ AC_ARG_ENABLE( [c-ares], AS_HELP_STRING([--disable-c-ares], [disable c-ares usage]), [ARES="$enableval"], [ARES="auto"]) +AC_ARG_ENABLE( [run-from-source], + AS_HELP_STRING([--enable-run-from-source], [znc will be runnable without installation]), + [if test "x$withval" = "xyes" ; then + appendCXX -DRUN_FROM_SOURCE + fi]) if test "$DEBUG" != "no"; then appendCXX -ggdb -D_DEBUG