diff options
author | netblue30 <netblue30@yahoo.com> | 2019-06-24 09:22:57 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2019-06-24 09:22:57 -0400 |
commit | 7a181426c5f7968bbd0c60d628a2e546813aaecf (patch) | |
tree | 89bf386b45af4aafd5e01e5d6d2d128543b6ff83 /src | |
parent | run cppcheck in gitlab-ci (diff) | |
download | firejail-7a181426c5f7968bbd0c60d628a2e546813aaecf.tar.gz firejail-7a181426c5f7968bbd0c60d628a2e546813aaecf.tar.zst firejail-7a181426c5f7968bbd0c60d628a2e546813aaecf.zip |
disable firetunnel at config time (#2793)
Diffstat (limited to 'src')
-rw-r--r-- | src/common.mk.in | 3 | ||||
-rw-r--r-- | src/firejail/checkcfg.c | 8 | ||||
-rw-r--r-- | src/firejail/main.c | 3 |
3 files changed, 12 insertions, 2 deletions
diff --git a/src/common.mk.in b/src/common.mk.in index b9af977ae..1b6ad91a5 100644 --- a/src/common.mk.in +++ b/src/common.mk.in | |||
@@ -20,6 +20,7 @@ HAVE_WHITELIST=@HAVE_WHITELIST@ | |||
20 | HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ | 20 | HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ |
21 | HAVE_APPARMOR=@HAVE_APPARMOR@ | 21 | HAVE_APPARMOR=@HAVE_APPARMOR@ |
22 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ | 22 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ |
23 | HAVE_FIRETUNNEL=@HAVE_FIRETUNNEL@ | ||
23 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | 24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ |
24 | HAVE_GCOV=@HAVE_GCOV@ | 25 | HAVE_GCOV=@HAVE_GCOV@ |
25 | 26 | ||
@@ -28,7 +29,7 @@ C_FILE_LIST = $(sort $(wildcard *.c)) | |||
28 | OBJS = $(C_FILE_LIST:.c=.o) | 29 | OBJS = $(C_FILE_LIST:.c=.o) |
29 | BINOBJS = $(foreach file, $(OBJS), $file) | 30 | BINOBJS = $(foreach file, $(OBJS), $file) |
30 | 31 | ||
31 | CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security | 32 | CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_FIRETUNNEL) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security |
32 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 33 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
33 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 34 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
34 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | 35 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ |
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 7ca72bf30..b11d795a9 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -278,6 +278,14 @@ void print_compiletime_support(void) { | |||
278 | #endif | 278 | #endif |
279 | ); | 279 | ); |
280 | 280 | ||
281 | printf("\t- firetunnel support is %s\n", | ||
282 | #ifdef HAVE_FIRETUNNEL | ||
283 | "enabled" | ||
284 | #else | ||
285 | "disabled" | ||
286 | #endif | ||
287 | ); | ||
288 | |||
281 | printf("\t- networking support is %s\n", | 289 | printf("\t- networking support is %s\n", |
282 | #ifdef HAVE_NETWORK | 290 | #ifdef HAVE_NETWORK |
283 | "enabled" | 291 | "enabled" |
diff --git a/src/firejail/main.c b/src/firejail/main.c index c50ed4dc4..2403cafa1 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1498,6 +1498,7 @@ int main(int argc, char **argv) { | |||
1498 | exit_err_feature("overlayfs"); | 1498 | exit_err_feature("overlayfs"); |
1499 | } | 1499 | } |
1500 | #endif | 1500 | #endif |
1501 | #ifdef HAVE_FIRETUNNEL | ||
1501 | else if (strcmp(argv[i], "--tunnel") == 0) { | 1502 | else if (strcmp(argv[i], "--tunnel") == 0) { |
1502 | // try to connect to the default client side of the tunnel | 1503 | // try to connect to the default client side of the tunnel |
1503 | // if this fails, try the default server side of the tunnel | 1504 | // if this fails, try the default server side of the tunnel |
@@ -1523,7 +1524,7 @@ int main(int argc, char **argv) { | |||
1523 | exit(1); | 1524 | exit(1); |
1524 | } | 1525 | } |
1525 | } | 1526 | } |
1526 | 1527 | #endif | |
1527 | else if (strncmp(argv[i], "--profile=", 10) == 0) { | 1528 | else if (strncmp(argv[i], "--profile=", 10) == 0) { |
1528 | // multiple profile files are allowed! | 1529 | // multiple profile files are allowed! |
1529 | 1530 | ||