configure: Add check for O_NOFOLLOW definition in fcntl.h

This lets us use O_NOFOLLOW without having to check whether it is
defined first.  The sudoedit code needs to know whether O_NOFOLLOW
actually functions so use HAVE_DECL_O_NOFOLLOW there.

Author: millert

config.h.in

@@ -172,6 +172,10 @@
    don't. */
 #undef HAVE_DECL_O_DIRECTORY
 
+/* Define to 1 if you have the declaration of 'O_NOFOLLOW', and to 0 if you
+   don't. */
+#undef HAVE_DECL_O_NOFOLLOW
+
 /* Define to 1 if you have the declaration of 'passwdexpiredx', and to 0 if
    you don't. */
 #undef HAVE_DECL_PASSWDEXPIREDX

configure

@@ -29526,6 +29526,21 @@ fi
 printf "%s\n" "#define HAVE_DECL_O_DIRECTORY $ac_have_decl" >>confdefs.h
 
 
+ac_fn_check_decl "$LINENO" "O_NOFOLLOW" "ac_cv_have_decl_O_NOFOLLOW" "
+$ac_includes_default
+#include <fcntl.h>
+
+" "$ac_c_undeclared_builtin_options" "CFLAGS"
+if test "x$ac_cv_have_decl_O_NOFOLLOW" = xyes
+then :
+  ac_have_decl=1
+else case e in #(
+  e) ac_have_decl=0 ;;
+esac
+fi
+printf "%s\n" "#define HAVE_DECL_O_NOFOLLOW $ac_have_decl" >>confdefs.h
+
+
 ac_fn_check_decl "$LINENO" "errno" "ac_cv_have_decl_errno" "
 $ac_includes_default
 #include <errno.h>

configure.ac

@@ -3395,6 +3395,14 @@ AC_INCLUDES_DEFAULT
 #include <fcntl.h>
 ])
 
+dnl
+dnl Check for O_NOFOLLOW declaration in fcntl.h
+dnl
+AC_CHECK_DECLS([O_NOFOLLOW], [], [], [
+AC_INCLUDES_DEFAULT
+#include <fcntl.h>
+])
+
 dnl
 dnl Check for errno declaration in errno.h
 dnl

include/sudo_compat.h

@@ -149,6 +149,11 @@
 # define O_DIRECTORY	0
 #endif
 
+/* Older systems lack O_NOFOLLOW. */
+#if defined(HAVE_DECL_O_NOFOLLOW) && !HAVE_DECL_O_NOFOLLOW
+# define O_NOFOLLOW	0
+#endif
+
 /*
  * BSD defines these in <sys/param.h> but we don't include that anymore.
  */

lib/util/mkdir_parents.c

@@ -39,10 +39,6 @@
 #include <sudo_debug.h>
 #include <sudo_util.h>
 
-#ifndef O_NOFOLLOW
-# define O_NOFOLLOW 0
-#endif
-
 /*
  * Returns true if fd is a directory, else false.
  * Warns on failure if not quiet.

logsrvd/logsrvd.c

@@ -70,10 +70,6 @@
 #include <logsrvd.h>
 #include <hostcheck.h>
 
-#ifndef O_NOFOLLOW
-# define O_NOFOLLOW 0
-#endif
-
 /*
  * Sudo I/O audit server.
  */

src/edit_open.c

@@ -232,7 +232,7 @@ dir_is_writable(int dfd, const struct sudo_cred *user_cred,
 }
 #endif /* HAVE_FACCESSAT && AT_EACCESS */
 
-#ifdef O_NOFOLLOW
+#if defined(HAVE_DECL_O_NOFOLLOW) && HAVE_DECL_O_NOFOLLOW
 static int
 sudo_edit_openat_nofollow(int dfd, char *path, int oflags, mode_t mode)
 {
@@ -332,7 +332,7 @@ sudo_edit_openat_nofollow(int dfd, char *path, int oflags, mode_t mode)
 
     debug_return_int(fd);
 }
-#endif /* O_NOFOLLOW */
+#endif /* HAVE_DECL_O_NOFOLLOW */
 
 static int
 sudo_edit_open_nonwritable(char *path, int oflags, mode_t mode,
@@ -400,7 +400,7 @@ sudo_edit_open_nonwritable(char *path, int oflags, mode_t mode,
     debug_return_int(fd);
 }
 
-#ifdef O_NOFOLLOW
+#if defined(HAVE_DECL_O_NOFOLLOW) && HAVE_DECL_O_NOFOLLOW
 int
 sudo_edit_open(char *path, int oflags, mode_t mode, unsigned int sflags,
     const struct sudo_cred *user_cred, const struct sudo_cred *cur_cred)
@@ -474,7 +474,7 @@ sudo_edit_open(char *path, int oflags, mode_t mode, unsigned int sflags,
 
     debug_return_int(fd);
 }
-#endif /* O_NOFOLLOW */
+#endif /* HAVE_DECL_O_NOFOLLOW */
 
 /*
  * Verify that the parent dir of a new file exists and is not writable