From 5c7fc85dc58121ebfd2bc586abc91c9c447a78e2 Mon Sep 17 00:00:00 2001 From: dtucker Date: Sun, 24 Apr 2005 07:52:22 +0000 Subject: [PATCH] - (dtucker) [INSTALL configure.ac] Make zlib version check test for 1.1.4 or 1.2.1.2 or higher. With tim@, ok djm@ --- ChangeLog | 8 ++++++++ INSTALL | 2 +- configure.ac | 27 +++++++++++++++++++-------- 3 files changed, 28 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index d5606f28..4cee87a4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +20050424 + - (dtucker) [INSTALL configure.ac] Make zlib version check test for 1.1.4 or + 1.2.1.2 or higher. With tim@, ok djm@ + 20050423 - (tim) [config.guess] Add support for OpenServer 6. @@ -5,6 +9,10 @@ - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if UseLogin is set as PAM is not used to establish credentials in that case. Found by Michael Selvesteen, ok djm@ + - (dtucker) [auth-pam.c] Since people don't seem to be getting the message, + USE_POSIX_THREADS is now known as UNSUPPORTED_POSIX_THREADS_HACK. + USE_POSIX_THREADS will now generate an error so we don't silently change + behaviour. ok djm@ 20050419 - (dtucker) [INSTALL] Reference README.privsep for the privilege separation diff --git a/INSTALL b/INSTALL index 7661b3d1..9def158d 100644 --- a/INSTALL +++ b/INSTALL @@ -3,7 +3,7 @@ You will need working installations of Zlib and OpenSSL. -Zlib 1.1.4 or greater: +Zlib 1.1.4 or 1.2.1.2 or greater (ealier 1.2.x versions have problems): http://www.gzip.org/zlib/ OpenSSL 0.9.6 or greater: diff --git a/configure.ac b/configure.ac index 3edf75a2..3a96fd3f 100644 --- a/configure.ac +++ b/configure.ac @@ -643,29 +643,40 @@ AC_ARG_WITH(zlib-version-check, ] ) -AC_MSG_CHECKING(for zlib 1.1.4 or greater) +AC_MSG_CHECKING(for possibly buggy zlib) AC_RUN_IFELSE([AC_LANG_SOURCE([[ +#include #include int main() { - int a, b, c, v; - if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3) + int a=0, b=0, c=0, d=0, n, v; + n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); + if (n != 3 && n != 4) exit(1); - v = a*1000000 + b*1000 + c; - if (v >= 1001004) + v = a*1000000 + b*10000 + c*100 + d; + fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); + + /* 1.1.4 is OK */ + if (a == 1 && b == 1 && c >= 4) + exit(0); + + /* 1.2.1.2 and up are OK */ + if (v >= 1020102) exit(0); + exit(2); } ]])], - AC_MSG_RESULT(yes), - [ AC_MSG_RESULT(no) + AC_MSG_RESULT(no), + [ AC_MSG_RESULT(yes) if test -z "$zlib_check_nonfatal" ; then AC_MSG_ERROR([*** zlib too old - check config.log *** Your reported zlib version has known security problems. It's possible your vendor has fixed these problems without changing the version number. If you are sure this is the case, you can disable the check by running "./configure --without-zlib-version-check". -If you are in doubt, upgrade zlib to version 1.1.4 or greater.]) +If you are in doubt, upgrade zlib to version 1.2.1.2 or greater. +See http://www.gzip.org/zlib/ for details.]) else AC_MSG_WARN([zlib version may have security problems]) fi -- 2.45.1