From 5c00d1c90030a311d2700970fa7cffc8f828a48c Mon Sep 17 00:00:00 2001
From: Bob Halley <source@isc.org>
Date: Thu, 7 Oct 1999 19:32:08 +0000
Subject: [PATCH] check for chroot and linux/capability.h

---
 acconfig.h   |  3 ++
 config.h.in  | 12 +++----
 configure    | 98 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 configure.in | 15 +++++++-
 4 files changed, 119 insertions(+), 9 deletions(-)

diff --git a/acconfig.h b/acconfig.h
index 431499d748..e5bca12ec1 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -43,3 +43,6 @@
  * sys/socket.h
  */
 #undef NEED_XSE_BEFORE_SOCKET_H
+
+/* define if chroot() is available */
+#undef HAVE_CHROOT
diff --git a/config.h.in b/config.h.in
index d630720f20..840a42eddf 100644
--- a/config.h.in
+++ b/config.h.in
@@ -36,17 +36,15 @@
 /* define if you have the NET_RT_IFLIST sysctl variable. */
 #undef HAVE_IFLIST_SYSCTL
 
-/* define if you need to #define _XPG4_2 before including sys/socket.h */
-#undef NEED_XPG4_2_BEFORE_SOCKET_H
-
-/* define if you need to #define _XOPEN_SOURCE_ENTENDED before including
- * sys/socket.h
- */
-#undef NEED_XSE_BEFORE_SOCKET_H
+/* define if chroot() is available */
+#undef HAVE_CHROOT
 
 /* Define if you have the <fcntl.h> header file.  */
 #undef HAVE_FCNTL_H
 
+/* Define if you have the <linux/capability.h> header file.  */
+#undef HAVE_LINUX_CAPABILITY_H
+
 /* Define if you have the <sys/sockio.h> header file.  */
 #undef HAVE_SYS_SOCKIO_H
 
diff --git a/configure b/configure
index 488d721577..eafc2c4873 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 
-# From configure.in Revision: 1.60 
+# From configure.in Revision: 1.61 
 
 
 
@@ -2879,6 +2879,102 @@ fi
 
 
 
+
+echo $ac_n "checking for chroot""... $ac_c" 1>&6
+echo "configure:2885: checking for chroot" >&5
+if eval "test \"`echo '$''{'ac_cv_func_chroot'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2890 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char chroot(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char chroot();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_chroot) || defined (__stub___chroot)
+choke me
+#else
+chroot();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:2913: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_chroot=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_chroot=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'chroot`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  cat >> confdefs.h <<\EOF
+#define HAVE_CHROOT 1
+EOF
+
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+for ac_hdr in linux/capability.h
+do
+ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
+echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
+echo "configure:2939: checking for $ac_hdr" >&5
+if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2944 "configure"
+#include "confdefs.h"
+#include <$ac_hdr>
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:2949: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=yes"
+else
+  echo "$ac_err" >&5
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=no"
+fi
+rm -f conftest*
+fi
+if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_hdr 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+
+
+
+
 BIND9_TOP_BUILDDIR=`pwd`
 
 
diff --git a/configure.in b/configure.in
index 97727c495a..4d4b4b50d0 100644
--- a/configure.in
+++ b/configure.in
@@ -13,7 +13,7 @@ dnl PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
 dnl ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
 dnl SOFTWARE.
 
-AC_REVISION($Revision: 1.60 $)
+AC_REVISION($Revision: 1.61 $)
 
 AC_PREREQ(2.13)
 
@@ -392,6 +392,19 @@ AC_SUBST(ISC_PLATFORM_NEEDVSNPRINTF)
 AC_SUBST(ISC_EXTRA_OBJS)
 AC_SUBST(ISC_EXTRA_SRCS)
 
+
+dnl
+dnl Security Stuff
+dnl
+
+AC_CHECK_FUNC(chroot, AC_DEFINE(HAVE_CHROOT))
+AC_CHECK_HEADERS(linux/capability.h)
+
+
+dnl
+dnl Substitutions
+dnl
+
 AC_SUBST(BIND9_TOP_BUILDDIR)
 BIND9_TOP_BUILDDIR=`pwd`