]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge from OPENSSH_3_8_1P1_GSSAPI_20040713 to OPENSSH_3_9P1_GSSAPI_20040818.
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
2a304a95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
17AC_INIT
18AC_CONFIG_SRCDIR([ssh.c])
19
20AC_CONFIG_HEADER(config.h)
21AC_PROG_CC
22AC_CANONICAL_HOST
23AC_C_BIGENDIAN
24
25# Checks for programs.
70791e56 26AC_PROG_AWK
3c0ef626 27AC_PROG_CPP
28AC_PROG_RANLIB
29AC_PROG_INSTALL
30AC_PATH_PROG(AR, ar)
1b56ff3d 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
3c0ef626 33AC_PATH_PROGS(PERL, perl5 perl)
1c14df9e 34AC_PATH_PROG(SED, sed)
3c0ef626 35AC_SUBST(PERL)
36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
3c0ef626 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
2980ea68 41AC_PATH_PROG(SH, sh)
1b56ff3d 42AC_SUBST(TEST_SHELL,sh)
43
44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
3c0ef626 50
51# System features
52AC_SYS_LARGEFILE
53
54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
416fd2a8 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
3c0ef626 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
78
79AC_C_INLINE
416fd2a8 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
3c0ef626 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
82fi
83
416fd2a8 84AC_ARG_WITH(rpath,
85 [ --without-rpath Disable auto-added -R linker paths],
86 [
87 if test "x$withval" = "xno" ; then
88 need_dash_r=""
89 fi
90 if test "x$withval" = "xyes" ; then
91 need_dash_r=1
92 fi
93 ]
94)
95
3c0ef626 96# Check for some target-specific stuff
97case "$host" in
98*-*-aix*)
416fd2a8 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
8bb69cbe 100 if (test -z "$blibpath"); then
416fd2a8 101 blibpath="/usr/lib:/lib"
3c0ef626 102 fi
8bb69cbe 103 saved_LDFLAGS="$LDFLAGS"
104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
105 if (test -z "$blibflags"); then
106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
107 AC_TRY_LINK([], [], [blibflags=$tryflags])
108 fi
109 done
110 if (test -z "$blibflags"); then
111 AC_MSG_RESULT(not found)
112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
113 else
114 AC_MSG_RESULT($blibflags)
115 fi
116 LDFLAGS="$saved_LDFLAGS"
70791e56 117 dnl Check for authenticate. Might be in libs.a on older AIXes
e54b3d7c 118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
119 [AC_CHECK_LIB(s,authenticate,
120 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
121 LIBS="$LIBS -ls"
122 ])
123 ])
70791e56 124 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
125 AC_CHECK_DECL(loginfailed,
126 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
127 AC_TRY_COMPILE(
128 [#include <usersec.h>],
129 [(void)loginfailed("user","host","tty",0);],
130 [AC_MSG_RESULT(yes)
131 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
132 [AC_MSG_RESULT(no)]
133 )],
134 [],
135 [#include <usersec.h>]
136 )
137 AC_CHECK_FUNCS(setauthdb)
3c0ef626 138 AC_DEFINE(BROKEN_GETADDRINFO)
2980ea68 139 AC_DEFINE(BROKEN_REALPATH)
70791e56 140 AC_DEFINE(SETEUID_BREAKS_SETUID)
141 AC_DEFINE(BROKEN_SETREUID)
142 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 143 dnl AIX handles lastlog as part of its login message
144 AC_DEFINE(DISABLE_LASTLOG)
ff2d7a98 145 AC_DEFINE(LOGIN_NEEDS_UTMPX)
70791e56 146 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3c0ef626 147 ;;
148*-*-cygwin*)
1c14df9e 149 check_for_libcrypt_later=1
e9a17296 150 LIBS="$LIBS /usr/lib/textmode.o"
3c0ef626 151 AC_DEFINE(HAVE_CYGWIN)
152 AC_DEFINE(USE_PIPES)
153 AC_DEFINE(DISABLE_SHADOW)
3c0ef626 154 AC_DEFINE(IP_TOS_IS_BROKEN)
155 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e54b3d7c 156 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
157 AC_DEFINE(DISABLE_FD_PASSING)
ff2d7a98 158 AC_DEFINE(SETGROUPS_NOOP)
3c0ef626 159 ;;
160*-*-dgux*)
161 AC_DEFINE(IP_TOS_IS_BROKEN)
416fd2a8 162 AC_DEFINE(SETEUID_BREAKS_SETUID)
163 AC_DEFINE(BROKEN_SETREUID)
164 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 165 ;;
166*-*-darwin*)
2a304a95 167 AC_DEFINE(BROKEN_GETADDRINFO)
70791e56 168 AC_DEFINE(SETEUID_BREAKS_SETUID)
169 AC_DEFINE(BROKEN_SETREUID)
170 AC_DEFINE(BROKEN_SETREGID)
416fd2a8 171 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
3c0ef626 172 ;;
2980ea68 173*-*-hpux10.26)
174 if test -z "$GCC"; then
175 CFLAGS="$CFLAGS -Ae"
176 fi
177 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
178 IPADDR_IN_DISPLAY=yes
179 AC_DEFINE(HAVE_SECUREWARE)
180 AC_DEFINE(USE_PIPES)
181 AC_DEFINE(LOGIN_NO_ENDOPT)
182 AC_DEFINE(LOGIN_NEEDS_UTMPX)
70791e56 183 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
184 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
e54b3d7c 185 LIBS="$LIBS -lsec -lsecpw"
186 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2980ea68 187 disable_ptmx_check=yes
188 ;;
3c0ef626 189*-*-hpux10*)
190 if test -z "$GCC"; then
191 CFLAGS="$CFLAGS -Ae"
192 fi
193 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
194 IPADDR_IN_DISPLAY=yes
195 AC_DEFINE(USE_PIPES)
2980ea68 196 AC_DEFINE(LOGIN_NO_ENDOPT)
197 AC_DEFINE(LOGIN_NEEDS_UTMPX)
70791e56 198 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
199 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
e54b3d7c 200 LIBS="$LIBS -lsec"
201 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
3c0ef626 202 ;;
203*-*-hpux11*)
204 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
205 IPADDR_IN_DISPLAY=yes
206 AC_DEFINE(PAM_SUN_CODEBASE)
207 AC_DEFINE(USE_PIPES)
2980ea68 208 AC_DEFINE(LOGIN_NO_ENDOPT)
209 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3c0ef626 210 AC_DEFINE(DISABLE_UTMP)
70791e56 211 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
212 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
2a304a95 213 check_for_hpux_broken_getaddrinfo=1
e54b3d7c 214 LIBS="$LIBS -lsec"
215 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
3c0ef626 216 ;;
217*-*-irix5*)
3c0ef626 218 PATH="$PATH:/usr/etc"
219 AC_DEFINE(BROKEN_INET_NTOA)
416fd2a8 220 AC_DEFINE(SETEUID_BREAKS_SETUID)
221 AC_DEFINE(BROKEN_SETREUID)
222 AC_DEFINE(BROKEN_SETREGID)
2980ea68 223 AC_DEFINE(WITH_ABBREV_NO_TTY)
70791e56 224 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 225 ;;
226*-*-irix6*)
3c0ef626 227 PATH="$PATH:/usr/etc"
228 AC_DEFINE(WITH_IRIX_ARRAY)
229 AC_DEFINE(WITH_IRIX_PROJECT)
230 AC_DEFINE(WITH_IRIX_AUDIT)
231 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
232 AC_DEFINE(BROKEN_INET_NTOA)
70791e56 233 AC_DEFINE(SETEUID_BREAKS_SETUID)
234 AC_DEFINE(BROKEN_SETREUID)
235 AC_DEFINE(BROKEN_SETREGID)
2a304a95 236 AC_DEFINE(BROKEN_UPDWTMPX)
2980ea68 237 AC_DEFINE(WITH_ABBREV_NO_TTY)
70791e56 238 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 239 ;;
240*-*-linux*)
241 no_dev_ptmx=1
242 check_for_libcrypt_later=1
70791e56 243 check_for_openpty_ctty_bug=1
3c0ef626 244 AC_DEFINE(DONT_TRY_OTHER_AF)
245 AC_DEFINE(PAM_TTY_KLUDGE)
2a304a95 246 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
70791e56 247 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
1b56ff3d 248 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
3c0ef626 249 inet6_default_4in6=yes
70791e56 250 case `uname -r` in
251 1.*|2.0.*)
252 AC_DEFINE(BROKEN_CMSG_TYPE)
253 ;;
254 esac
3c0ef626 255 ;;
256mips-sony-bsd|mips-sony-newsos4)
257 AC_DEFINE(HAVE_NEWS4)
258 SONY=1
3c0ef626 259 ;;
260*-*-netbsd*)
e54b3d7c 261 check_for_libcrypt_before=1
416fd2a8 262 if test "x$withval" != "xno" ; then
263 need_dash_r=1
264 fi
3c0ef626 265 ;;
266*-*-freebsd*)
267 check_for_libcrypt_later=1
268 ;;
70791e56 269*-*-bsdi*)
270 AC_DEFINE(SETEUID_BREAKS_SETUID)
271 AC_DEFINE(BROKEN_SETREUID)
272 AC_DEFINE(BROKEN_SETREGID)
273 ;;
3c0ef626 274*-next-*)
275 conf_lastlog_location="/usr/adm/lastlog"
276 conf_utmp_location=/etc/utmp
277 conf_wtmp_location=/usr/adm/wtmp
278 MAIL=/usr/spool/mail
279 AC_DEFINE(HAVE_NEXT)
280 AC_DEFINE(BROKEN_REALPATH)
281 AC_DEFINE(USE_PIPES)
282 AC_DEFINE(BROKEN_SAVED_UIDS)
3c0ef626 283 ;;
284*-*-solaris*)
2a304a95 285 if test "x$withval" != "xno" ; then
286 need_dash_r=1
287 fi
3c0ef626 288 AC_DEFINE(PAM_SUN_CODEBASE)
289 AC_DEFINE(LOGIN_NEEDS_UTMPX)
290 AC_DEFINE(LOGIN_NEEDS_TERM)
291 AC_DEFINE(PAM_TTY_KLUDGE)
1b56ff3d 292 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
70791e56 293 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
294 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
295 AC_DEFINE(SSHD_ACQUIRES_CTTY)
296 external_path_file=/etc/default/login
3c0ef626 297 # hardwire lastlog location (can't detect it on some versions)
298 conf_lastlog_location="/var/adm/lastlog"
299 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
300 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
301 if test "$sol2ver" -ge 8; then
302 AC_MSG_RESULT(yes)
303 AC_DEFINE(DISABLE_UTMP)
304 AC_DEFINE(DISABLE_WTMP)
305 else
306 AC_MSG_RESULT(no)
307 fi
308 ;;
309*-*-sunos4*)
310 CPPFLAGS="$CPPFLAGS -DSUNOS4"
311 AC_CHECK_FUNCS(getpwanam)
312 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 313 conf_utmp_location=/etc/utmp
314 conf_wtmp_location=/var/adm/wtmp
315 conf_lastlog_location=/var/adm/lastlog
316 AC_DEFINE(USE_PIPES)
317 ;;
318*-ncr-sysv*)
3c0ef626 319 LIBS="$LIBS -lc89"
e9a17296 320 AC_DEFINE(USE_PIPES)
70791e56 321 AC_DEFINE(SSHD_ACQUIRES_CTTY)
322 AC_DEFINE(SETEUID_BREAKS_SETUID)
323 AC_DEFINE(BROKEN_SETREUID)
324 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 325 ;;
326*-sni-sysv*)
3c0ef626 327 # /usr/ucblib MUST NOT be searched on ReliantUNIX
416fd2a8 328 AC_CHECK_LIB(dl, dlsym, ,)
3c0ef626 329 IPADDR_IN_DISPLAY=yes
330 AC_DEFINE(USE_PIPES)
331 AC_DEFINE(IP_TOS_IS_BROKEN)
416fd2a8 332 AC_DEFINE(SETEUID_BREAKS_SETUID)
333 AC_DEFINE(BROKEN_SETREUID)
334 AC_DEFINE(BROKEN_SETREGID)
70791e56 335 AC_DEFINE(SSHD_ACQUIRES_CTTY)
336 external_path_file=/etc/default/login
3c0ef626 337 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
338 # Attention: always take care to bind libsocket and libnsl before libc,
339 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
340 ;;
341*-*-sysv4.2*)
3c0ef626 342 AC_DEFINE(USE_PIPES)
70791e56 343 AC_DEFINE(SETEUID_BREAKS_SETUID)
344 AC_DEFINE(BROKEN_SETREUID)
345 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 346 ;;
347*-*-sysv5*)
3c0ef626 348 AC_DEFINE(USE_PIPES)
70791e56 349 AC_DEFINE(SETEUID_BREAKS_SETUID)
350 AC_DEFINE(BROKEN_SETREUID)
351 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 352 ;;
353*-*-sysv*)
3c0ef626 354 ;;
355*-*-sco3.2v4*)
416fd2a8 356 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize"
357 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm"
3c0ef626 358 RANLIB=true
359 no_dev_ptmx=1
360 AC_DEFINE(BROKEN_SYS_TERMIO_H)
361 AC_DEFINE(USE_PIPES)
2980ea68 362 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 363 AC_DEFINE(DISABLE_SHADOW)
3c0ef626 364 AC_DEFINE(BROKEN_SAVED_UIDS)
2a304a95 365 AC_DEFINE(SETEUID_BREAKS_SETUID)
366 AC_DEFINE(BROKEN_SETREUID)
367 AC_DEFINE(BROKEN_SETREGID)
70791e56 368 AC_DEFINE(WITH_ABBREV_NO_TTY)
3c0ef626 369 AC_CHECK_FUNCS(getluid setluid)
370 MANTYPE=man
371 do_sco3_extra_lib_check=yes
1b56ff3d 372 TEST_SHELL=ksh
3c0ef626 373 ;;
374*-*-sco3.2v5*)
1c14df9e 375 if test -z "$GCC"; then
376 CFLAGS="$CFLAGS -belf"
377 fi
3c0ef626 378 LIBS="$LIBS -lprot -lx -ltinfo -lm"
379 no_dev_ptmx=1
3c0ef626 380 AC_DEFINE(USE_PIPES)
2980ea68 381 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 382 AC_DEFINE(DISABLE_SHADOW)
e54b3d7c 383 AC_DEFINE(DISABLE_FD_PASSING)
70791e56 384 AC_DEFINE(SETEUID_BREAKS_SETUID)
385 AC_DEFINE(BROKEN_SETREUID)
386 AC_DEFINE(BROKEN_SETREGID)
387 AC_DEFINE(WITH_ABBREV_NO_TTY)
1b56ff3d 388 AC_DEFINE(BROKEN_UPDWTMPX)
3c0ef626 389 AC_CHECK_FUNCS(getluid setluid)
390 MANTYPE=man
1b56ff3d 391 TEST_SHELL=ksh
3c0ef626 392 ;;
e54b3d7c 393*-*-unicosmk*)
416fd2a8 394 AC_DEFINE(NO_SSH_LASTLOG)
395 AC_DEFINE(SETEUID_BREAKS_SETUID)
396 AC_DEFINE(BROKEN_SETREUID)
397 AC_DEFINE(BROKEN_SETREGID)
e54b3d7c 398 AC_DEFINE(USE_PIPES)
399 AC_DEFINE(DISABLE_FD_PASSING)
400 LDFLAGS="$LDFLAGS"
401 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
402 MANTYPE=cat
403 ;;
70791e56 404*-*-unicosmp*)
416fd2a8 405 AC_DEFINE(SETEUID_BREAKS_SETUID)
406 AC_DEFINE(BROKEN_SETREUID)
407 AC_DEFINE(BROKEN_SETREGID)
70791e56 408 AC_DEFINE(WITH_ABBREV_NO_TTY)
409 AC_DEFINE(USE_PIPES)
410 AC_DEFINE(DISABLE_FD_PASSING)
411 LDFLAGS="$LDFLAGS"
416fd2a8 412 LIBS="$LIBS -lgen -lacid -ldb"
70791e56 413 MANTYPE=cat
414 ;;
3c0ef626 415*-*-unicos*)
416fd2a8 416 AC_DEFINE(SETEUID_BREAKS_SETUID)
417 AC_DEFINE(BROKEN_SETREUID)
418 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 419 AC_DEFINE(USE_PIPES)
e54b3d7c 420 AC_DEFINE(DISABLE_FD_PASSING)
421 AC_DEFINE(NO_SSH_LASTLOG)
422 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
423 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
424 MANTYPE=cat
3c0ef626 425 ;;
426*-dec-osf*)
427 AC_MSG_CHECKING(for Digital Unix SIA)
428 no_osfsia=""
429 AC_ARG_WITH(osfsia,
430 [ --with-osfsia Enable Digital Unix SIA],
431 [
432 if test "x$withval" = "xno" ; then
433 AC_MSG_RESULT(disabled)
434 no_osfsia=1
435 fi
436 ],
437 )
438 if test -z "$no_osfsia" ; then
439 if test -f /etc/sia/matrix.conf; then
440 AC_MSG_RESULT(yes)
441 AC_DEFINE(HAVE_OSF_SIA)
442 AC_DEFINE(DISABLE_LOGIN)
1c14df9e 443 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 444 LIBS="$LIBS -lsecurity -ldb -lm -laud"
445 else
446 AC_MSG_RESULT(no)
416fd2a8 447 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
3c0ef626 448 fi
449 fi
70791e56 450 AC_DEFINE(BROKEN_GETADDRINFO)
451 AC_DEFINE(SETEUID_BREAKS_SETUID)
452 AC_DEFINE(BROKEN_SETREUID)
453 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 454 ;;
455
456*-*-nto-qnx)
457 AC_DEFINE(USE_PIPES)
458 AC_DEFINE(NO_X11_UNIX_SOCKETS)
459 AC_DEFINE(MISSING_NFDBITS)
460 AC_DEFINE(MISSING_HOWMANY)
461 AC_DEFINE(MISSING_FD_MASK)
462 ;;
463esac
464
465# Allow user to specify flags
466AC_ARG_WITH(cflags,
467 [ --with-cflags Specify additional flags to pass to compiler],
468 [
469 if test "x$withval" != "xno" ; then
470 CFLAGS="$CFLAGS $withval"
471 fi
472 ]
473)
474AC_ARG_WITH(cppflags,
475 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
476 [
477 if test "x$withval" != "xno"; then
478 CPPFLAGS="$CPPFLAGS $withval"
479 fi
480 ]
481)
482AC_ARG_WITH(ldflags,
483 [ --with-ldflags Specify additional flags to pass to linker],
484 [
485 if test "x$withval" != "xno" ; then
486 LDFLAGS="$LDFLAGS $withval"
487 fi
488 ]
489)
490AC_ARG_WITH(libs,
491 [ --with-libs Specify additional libraries to link with],
492 [
493 if test "x$withval" != "xno" ; then
494 LIBS="$LIBS $withval"
495 fi
496 ]
497)
498
70791e56 499AC_MSG_CHECKING(compiler and flags for sanity)
500AC_TRY_RUN([
501#include <stdio.h>
502int main(){exit(0);}
503 ],
504 [ AC_MSG_RESULT(yes) ],
505 [
506 AC_MSG_RESULT(no)
507 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
508 ]
509)
510
e9a17296 511# Checks for header files.
1b56ff3d 512AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
513 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
514 login_cap.h maillock.h ndir.h netdb.h netgroup.h \
416fd2a8 515 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
2980ea68 516 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
1b56ff3d 517 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
518 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
519 sys/pstat.h sys/ptms.h sys/select.h sys/stat.h sys/stream.h \
520 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
521 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
3c0ef626 522
523# Checks for libraries.
524AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
525AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
526
527dnl SCO OS3 needs this for libwrap
528if test "x$with_tcp_wrappers" != "xno" ; then
529 if test "x$do_sco3_extra_lib_check" = "xyes" ; then
530 AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc)
531 fi
532fi
533
70791e56 534dnl IRIX and Solaris 2.5.1 have dirname() in libgen
535AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
536 AC_CHECK_LIB(gen, dirname,[
537 AC_CACHE_CHECK([for broken dirname],
538 ac_cv_have_broken_dirname, [
539 save_LIBS="$LIBS"
540 LIBS="$LIBS -lgen"
541 AC_TRY_RUN(
542 [
543#include <libgen.h>
544#include <string.h>
545
546int main(int argc, char **argv) {
547 char *s, buf[32];
548
549 strncpy(buf,"/etc", 32);
550 s = dirname(buf);
551 if (!s || strncmp(s, "/", 32) != 0) {
552 exit(1);
553 } else {
554 exit(0);
555 }
556}
557 ],
558 [ ac_cv_have_broken_dirname="no" ],
559 [ ac_cv_have_broken_dirname="yes" ]
560 )
561 LIBS="$save_LIBS"
562 ])
563 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
564 LIBS="$LIBS -lgen"
565 AC_DEFINE(HAVE_DIRNAME)
566 AC_CHECK_HEADERS(libgen.h)
567 fi
568 ])
569])
570
3c0ef626 571AC_CHECK_FUNC(getspnam, ,
572 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
70791e56 573AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
3c0ef626 574
575dnl zlib is required
576AC_ARG_WITH(zlib,
577 [ --with-zlib=PATH Use zlib in PATH],
578 [
e9a17296 579 if test "x$withval" = "xno" ; then
580 AC_MSG_ERROR([*** zlib is required ***])
581 fi
3c0ef626 582 if test -d "$withval/lib"; then
583 if test -n "${need_dash_r}"; then
584 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
585 else
586 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
587 fi
588 else
589 if test -n "${need_dash_r}"; then
590 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
591 else
592 LDFLAGS="-L${withval} ${LDFLAGS}"
593 fi
594 fi
595 if test -d "$withval/include"; then
596 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
597 else
598 CPPFLAGS="-I${withval} ${CPPFLAGS}"
599 fi
600 ]
601)
602
416fd2a8 603AC_CHECK_LIB(z, deflate, ,
604 [
605 saved_CPPFLAGS="$CPPFLAGS"
606 saved_LDFLAGS="$LDFLAGS"
607 save_LIBS="$LIBS"
608 dnl Check default zlib install dir
609 if test -n "${need_dash_r}"; then
610 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
611 else
612 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
613 fi
614 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
615 LIBS="$LIBS -lz"
616 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
617 [
618 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
619 ]
620 )
621 ]
622)
623AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
624
625AC_ARG_WITH(zlib-version-check,
626 [ --without-zlib-version-check Disable zlib version check],
627 [ if test "x$withval" = "xno" ; then
628 zlib_check_nonfatal=1
629 fi
630 ]
631)
632
633AC_MSG_CHECKING(for zlib 1.1.4 or greater)
634AC_TRY_RUN([
635#include <zlib.h>
636int main()
637{
638 int a, b, c, v;
639 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
640 exit(1);
641 v = a*1000000 + b*1000 + c;
642 if (v >= 1001004)
643 exit(0);
644 exit(2);
645}
646 ],
647 AC_MSG_RESULT(yes),
648 [ AC_MSG_RESULT(no)
649 if test -z "$zlib_check_nonfatal" ; then
650 AC_MSG_ERROR([*** zlib too old - check config.log ***
651Your reported zlib version has known security problems. It's possible your
652vendor has fixed these problems without changing the version number. If you
653are sure this is the case, you can disable the check by running
654"./configure --without-zlib-version-check".
655If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
656 else
657 AC_MSG_WARN([zlib version may have security problems])
658 fi
659 ]
660)
3c0ef626 661
3c0ef626 662dnl UnixWare 2.x
416fd2a8 663AC_CHECK_FUNC(strcasecmp,
3c0ef626 664 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
665)
416fd2a8 666AC_CHECK_FUNC(utimes,
e54b3d7c 667 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
668 LIBS="$LIBS -lc89"]) ]
3c0ef626 669)
670
671dnl Checks for libutil functions
672AC_CHECK_HEADERS(libutil.h)
673AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
674AC_CHECK_FUNCS(logout updwtmp logwtmp)
675
676AC_FUNC_STRFTIME
677
3c0ef626 678# Check for ALTDIRFUNC glob() extension
679AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
680AC_EGREP_CPP(FOUNDIT,
681 [
682 #include <glob.h>
683 #ifdef GLOB_ALTDIRFUNC
684 FOUNDIT
685 #endif
416fd2a8 686 ],
3c0ef626 687 [
688 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
689 AC_MSG_RESULT(yes)
690 ],
691 [
692 AC_MSG_RESULT(no)
693 ]
694)
695
696# Check for g.gl_matchc glob() extension
697AC_MSG_CHECKING(for gl_matchc field in glob_t)
698AC_EGREP_CPP(FOUNDIT,
416fd2a8 699 [
700 #include <glob.h>
3c0ef626 701 int main(void){glob_t g; g.gl_matchc = 1;}
416fd2a8 702 ],
703 [
704 AC_DEFINE(GLOB_HAS_GL_MATCHC)
705 AC_MSG_RESULT(yes)
706 ],
707 [
708 AC_MSG_RESULT(no)
709 ]
3c0ef626 710)
711
712AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
713AC_TRY_RUN(
714 [
715#include <sys/types.h>
716#include <dirent.h>
e54b3d7c 717int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
3c0ef626 718 ],
416fd2a8 719 [AC_MSG_RESULT(yes)],
3c0ef626 720 [
721 AC_MSG_RESULT(no)
722 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
723 ]
724)
725
c2397a66 726# Check whether the user wants GSSAPI mechglue support
727AC_ARG_WITH(mechglue,
728 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
729 [
730 AC_MSG_CHECKING(for mechglue library)
731
732 if test -e ${withval}/libgssapi.a ; then
733 mechglue_lib=${withval}/libgssapi.a
734 elif test -e ${withval}/lib/libgssapi.a ; then
735 mechglue_lib=${withval}/lib/libgssapi.a
736 else
737 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
738 fi
739 LIBS="$LIBS ${mechglue_lib}"
740 AC_MSG_RESULT(${mechglue_lib})
741
c2397a66 742 AC_CHECK_LIB(dl, dlopen, , )
743 if test $ac_cv_lib_dl_dlopen = yes; then
744 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
745 fi
746
747 AC_DEFINE(GSSAPI)
748 AC_DEFINE(MECHGLUE)
749 GSSAPI="mechglue"
750
751 ]
752)
753
754
d905e828 755# Check whether the user wants GSI (Globus) support
756gsi_path="no"
757AC_ARG_WITH(gsi,
70791e56 758 [ --with-gsi Enable Globus GSI authentication support],
d905e828 759 [
760 gsi_path="$withval"
761 ]
762)
763
764AC_ARG_WITH(globus,
70791e56 765 [ --with-globus Enable Globus GSI authentication support],
d905e828 766 [
767 gsi_path="$withval"
768 ]
769)
770
70791e56 771AC_ARG_WITH(globus-static,
772 [ --with-globus-static Link statically with Globus GSI libraries],
773 [
774 gsi_static=1
416fd2a8 775 if test "x$gsi_path" = "xno" ; then
e2dec4b2 776 gsi_path="$withval"
777 fi
70791e56 778 ]
779)
780
d905e828 781# Check whether the user has a Globus flavor type
782globus_flavor_type="no"
783AC_ARG_WITH(globus-flavor,
70791e56 784 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
d905e828 785 [
786 globus_flavor_type="$withval"
416fd2a8 787 if test "x$gsi_path" = "xno" ; then
70791e56 788 gsi_path="yes"
789 fi
d905e828 790 ]
791)
792
793if test "x$gsi_path" != "xno" ; then
794 # Globus GSSAPI configuration
88928908 795 AC_MSG_CHECKING(for Globus GSI)
d905e828 796 AC_DEFINE(GSI)
797
c2397a66 798 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
70791e56 799 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
c2397a66 800 fi
801 if test -z "$GSSAPI"; then
802 AC_DEFINE(GSSAPI)
803 GSSAPI="GSI"
804 fi
805
70791e56 806 if test "x$gsi_path" = "xyes" ; then
807 if test -z "$GLOBUS_LOCATION" ; then
808 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
809 else
810 gsi_path="$GLOBUS_LOCATION"
811 fi
812 fi
813 GLOBUS_LOCATION="$gsi_path"
814 export GLOBUS_LOCATION
815 if test ! -d "$GLOBUS_LOCATION" ; then
816 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
d905e828 817 fi
d905e828 818
819 if test "x$globus_flavor_type" = "xno" ; then
88928908 820 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
821 fi
822 if test "x$globus_flavor_type" = "xyes" ; then
823 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
2d8588fd 824 fi
9a370734 825 AC_MSG_RESULT(yes)
2d8588fd 826
9a370734 827 AC_MSG_CHECKING(for Globus include path)
88928908 828 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
829 if test ! -d "$GLOBUS_INCLUDE" ; then
830 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
831 fi
832 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
9a370734 833 AC_MSG_RESULT(yes)
834
5838d7f9 835 #
836 # Find GPT linkline helper
837 #
838
839 AC_MSG_CHECKING(for GPT linkline helper)
9a370734 840 if test -x $GPT_LOCATION/sbin/gpt_build_config ; then
5838d7f9 841 gpt_linkline_helper="$GPT_LOCATION/sbin/gpt_build_config"
842 elif test -x ${gsi_path}/sbin/gpt_build_config ; then
843 gpt_linkline_helper="${gsi_path}/sbin/gpt_build_config"
2d8588fd 844 else
9a370734 845 AC_MSG_ERROR(Cannot find gpt_build_config: GPT installation is incomplete)
2d8588fd 846 fi
06779745 847 AC_MSG_RESULT(yes)
5838d7f9 848
849 #
850 # Build Globus linkline
851 #
852
70791e56 853 if test -n "${gsi_static}"; then
854 ${gpt_linkline_helper} -f ${globus_flavor_type} -link static -src pkg_data_src.gpt
855 else
856 ${gpt_linkline_helper} -f ${globus_flavor_type} -link shared -src pkg_data_src.gpt
857 fi
5838d7f9 858 . ./gpt_build_temp.sh
70791e56 859 if test -n "${need_dash_r}"; then
860 GSI_LDFLAGS="-L${gsi_path}/lib -R{gsi_path}/lib"
861 else
862 GSI_LDFLAGS="-L${gsi_path}/lib"
863 fi
5838d7f9 864 GSI_LIBS="$GPT_CONFIG_PGM_LINKS"
92f152c3 865 LD_LIBRARY_PATH="${gsi_path}/lib:$LD_LIBRARY_PATH"; export LD_LIBRARY_PATH
5838d7f9 866
867 #
868 # Test Globus linkline
869 #
870
871 AC_MSG_CHECKING(for Globus linkline)
88928908 872 if test -z "$GSI_LIBS" ; then
9a370734 873 AC_MSG_ERROR(gpt_build_config failed)
d905e828 874 fi
9a370734 875 AC_MSG_RESULT(yes)
d905e828 876
416fd2a8 877 AC_DEFINE(HAVE_GSSAPI_H)
878
70791e56 879 LIBS="$LIBS $GSI_LIBS"
880 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
881 CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
88928908 882
9a370734 883 AC_MSG_CHECKING(that Globus linkline works)
88928908 884 # test that we got the libraries OK
ffa83338 885 AC_TRY_LINK(
886 [],
887 [],
888 [
889 AC_MSG_RESULT(yes)
890 ],
891 [
88928908 892 AC_MSG_ERROR(link with Globus libraries failed)
ffa83338 893 ]
894 )
88928908 895 INSTALL_GSISSH="yes"
896else
897 INSTALL_GSISSH=""
d905e828 898fi
c2397a66 899# End Globus/GSI section
d905e828 900
1b56ff3d 901AC_MSG_CHECKING([for /proc/pid/fd directory])
902if test -d "/proc/$$/fd" ; then
903 AC_DEFINE(HAVE_PROC_PID)
904 AC_MSG_RESULT(yes)
905else
906 AC_MSG_RESULT(no)
907fi
908
3c0ef626 909# Check whether user wants S/Key support
416fd2a8 910SKEY_MSG="no"
3c0ef626 911AC_ARG_WITH(skey,
912 [ --with-skey[[=PATH]] Enable S/Key support
416fd2a8 913 (optionally in PATH)],
3c0ef626 914 [
915 if test "x$withval" != "xno" ; then
916
917 if test "x$withval" != "xyes" ; then
918 CPPFLAGS="$CPPFLAGS -I${withval}/include"
919 LDFLAGS="$LDFLAGS -L${withval}/lib"
920 fi
921
922 AC_DEFINE(SKEY)
923 LIBS="-lskey $LIBS"
416fd2a8 924 SKEY_MSG="yes"
3c0ef626 925
e9a17296 926 AC_MSG_CHECKING([for s/key support])
927 AC_TRY_RUN(
928 [
929#include <stdio.h>
930#include <skey.h>
e54b3d7c 931int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
e9a17296 932 ],
933 [AC_MSG_RESULT(yes)],
3c0ef626 934 [
e9a17296 935 AC_MSG_RESULT(no)
3c0ef626 936 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
937 ])
2a304a95 938 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
939 AC_TRY_COMPILE(
940 [#include <stdio.h>
941 #include <skey.h>],
942 [(void)skeychallenge(NULL,"name","",0);],
943 [AC_MSG_RESULT(yes)
944 AC_DEFINE(SKEYCHALLENGE_4ARG)],
945 [AC_MSG_RESULT(no)]
946 )
3c0ef626 947 fi
948 ]
949)
950
951# Check whether user wants TCP wrappers support
952TCPW_MSG="no"
953AC_ARG_WITH(tcp-wrappers,
954 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support
416fd2a8 955 (optionally in PATH)],
3c0ef626 956 [
957 if test "x$withval" != "xno" ; then
958 saved_LIBS="$LIBS"
959 saved_LDFLAGS="$LDFLAGS"
960 saved_CPPFLAGS="$CPPFLAGS"
961 if test -n "${withval}" -a "${withval}" != "yes"; then
962 if test -d "${withval}/lib"; then
963 if test -n "${need_dash_r}"; then
964 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
965 else
966 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
967 fi
968 else
969 if test -n "${need_dash_r}"; then
970 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
971 else
972 LDFLAGS="-L${withval} ${LDFLAGS}"
973 fi
974 fi
975 if test -d "${withval}/include"; then
976 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
977 else
978 CPPFLAGS="-I${withval} ${CPPFLAGS}"
979 fi
980 fi
e9a17296 981 LIBWRAP="-lwrap"
982 LIBS="$LIBWRAP $LIBS"
3c0ef626 983 AC_MSG_CHECKING(for libwrap)
984 AC_TRY_LINK(
985 [
2a304a95 986#include <sys/types.h>
987#include <sys/socket.h>
988#include <netinet/in.h>
3c0ef626 989#include <tcpd.h>
990 int deny_severity = 0, allow_severity = 0;
991 ],
992 [hosts_access(0);],
993 [
994 AC_MSG_RESULT(yes)
995 AC_DEFINE(LIBWRAP)
e9a17296 996 AC_SUBST(LIBWRAP)
3c0ef626 997 TCPW_MSG="yes"
998 ],
999 [
1000 AC_MSG_ERROR([*** libwrap missing])
1001 ]
1002 )
e9a17296 1003 LIBS="$saved_LIBS"
3c0ef626 1004 fi
1005 ]
1006)
1007
1c14df9e 1008dnl Checks for library functions. Please keep in alphabetical order
1009AC_CHECK_FUNCS(\
1b56ff3d 1010 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
1011 bindresvport_sa clock closefrom dirfd fchmod fchown freeaddrinfo \
1012 futimes getaddrinfo getcwd getgrouplist getnameinfo getopt \
70791e56 1013 getpeereid _getpty getrlimit getttyent glob inet_aton \
1c14df9e 1014 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
70791e56 1015 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
2a304a95 1016 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
70791e56 1017 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
416fd2a8 1018 setproctitle setregid setreuid setrlimit \
70791e56 1019 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
416fd2a8 1020 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
2a304a95 1021 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
70791e56 1022)
1023
1024# IRIX has a const char return value for gai_strerror()
1025AC_CHECK_FUNCS(gai_strerror,[
1026 AC_DEFINE(HAVE_GAI_STRERROR)
1027 AC_TRY_COMPILE([
1028#include <sys/types.h>
1029#include <sys/socket.h>
1030#include <netdb.h>
1c14df9e 1031
70791e56 1032const char *gai_strerror(int);],[
1033char *str;
1c14df9e 1034
70791e56 1035str = gai_strerror(0);],[
1036 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1037 [Define if gai_strerror() returns const char *])])])
88928908 1038
70791e56 1039AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
3c0ef626 1040
70791e56 1041dnl Make sure prototypes are defined for these before using them.
1042AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
1043AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
3c0ef626 1044
70791e56 1045dnl tcsendbreak might be a macro
1046AC_CHECK_DECL(tcsendbreak,
1047 [AC_DEFINE(HAVE_TCSENDBREAK)],
416fd2a8 1048 [AC_CHECK_FUNCS(tcsendbreak)],
70791e56 1049 [#include <termios.h>]
1050)
3c0ef626 1051
1b56ff3d 1052AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1053
416fd2a8 1054AC_CHECK_FUNCS(setresuid, [
1055 dnl Some platorms have setresuid that isn't implemented, test for this
1056 AC_MSG_CHECKING(if setresuid seems to work)
1057 AC_TRY_RUN([
1058#include <stdlib.h>
1059#include <errno.h>
1060int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
1061 ],
1062 [AC_MSG_RESULT(yes)],
1063 [AC_DEFINE(BROKEN_SETRESUID)
1064 AC_MSG_RESULT(not implemented)]
1065 )
1066])
1067
1068AC_CHECK_FUNCS(setresgid, [
1069 dnl Some platorms have setresgid that isn't implemented, test for this
1070 AC_MSG_CHECKING(if setresgid seems to work)
1071 AC_TRY_RUN([
1072#include <stdlib.h>
1073#include <errno.h>
1074int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
1075 ],
1076 [AC_MSG_RESULT(yes)],
1077 [AC_DEFINE(BROKEN_SETRESGID)
1078 AC_MSG_RESULT(not implemented)]
1079 )
1080])
1081
3c0ef626 1082dnl Checks for time functions
1083AC_CHECK_FUNCS(gettimeofday time)
1084dnl Checks for utmp functions
1085AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1086AC_CHECK_FUNCS(utmpname)
1087dnl Checks for utmpx functions
1088AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1089AC_CHECK_FUNCS(setutxent utmpxname)
1090
416fd2a8 1091AC_CHECK_FUNC(daemon,
3c0ef626 1092 [AC_DEFINE(HAVE_DAEMON)],
1093 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
1094)
1095
416fd2a8 1096AC_CHECK_FUNC(getpagesize,
3c0ef626 1097 [AC_DEFINE(HAVE_GETPAGESIZE)],
1098 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
1099)
1100
1101# Check for broken snprintf
1102if test "x$ac_cv_func_snprintf" = "xyes" ; then
1103 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1104 AC_TRY_RUN(
1105 [
1106#include <stdio.h>
e54b3d7c 1107int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
3c0ef626 1108 ],
416fd2a8 1109 [AC_MSG_RESULT(yes)],
3c0ef626 1110 [
1111 AC_MSG_RESULT(no)
1112 AC_DEFINE(BROKEN_SNPRINTF)
1113 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1114 ]
1115 )
1116fi
1117
1b56ff3d 1118# Check for missing getpeereid (or equiv) support
1119NO_PEERCHECK=""
1120if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1121 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1122 AC_TRY_COMPILE(
1123 [#include <sys/types.h>
1124 #include <sys/socket.h>],
1125 [int i = SO_PEERCRED;],
1126 [AC_MSG_RESULT(yes)],
1127 [AC_MSG_RESULT(no)
1128 NO_PEERCHECK=1]
1129 )
1130fi
1131
1c14df9e 1132dnl see whether mkstemp() requires XXXXXX
1133if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1134AC_MSG_CHECKING([for (overly) strict mkstemp])
1135AC_TRY_RUN(
1136 [
1137#include <stdlib.h>
1138main() { char template[]="conftest.mkstemp-test";
1139if (mkstemp(template) == -1)
1140 exit(1);
1141unlink(template); exit(0);
1142}
1143 ],
1144 [
1145 AC_MSG_RESULT(no)
1146 ],
416fd2a8 1147 [
1c14df9e 1148 AC_MSG_RESULT(yes)
1149 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1150 ],
1151 [
1152 AC_MSG_RESULT(yes)
1153 AC_DEFINE(HAVE_STRICT_MKSTEMP)
416fd2a8 1154 ]
1c14df9e 1155)
1156fi
1157
70791e56 1158dnl make sure that openpty does not reacquire controlling terminal
1159if test ! -z "$check_for_openpty_ctty_bug"; then
1160 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1161 AC_TRY_RUN(
1162 [
1163#include <stdio.h>
1164#include <sys/fcntl.h>
1165#include <sys/types.h>
1166#include <sys/wait.h>
1167
1168int
1169main()
1170{
1171 pid_t pid;
1172 int fd, ptyfd, ttyfd, status;
1173
1174 pid = fork();
1175 if (pid < 0) { /* failed */
1176 exit(1);
1177 } else if (pid > 0) { /* parent */
1178 waitpid(pid, &status, 0);
416fd2a8 1179 if (WIFEXITED(status))
70791e56 1180 exit(WEXITSTATUS(status));
1181 else
1182 exit(2);
1183 } else { /* child */
1184 close(0); close(1); close(2);
1185 setsid();
1186 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1187 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1188 if (fd >= 0)
1189 exit(3); /* Acquired ctty: broken */
1190 else
1191 exit(0); /* Did not acquire ctty: OK */
1192 }
1193}
1194 ],
1195 [
1196 AC_MSG_RESULT(yes)
1197 ],
1198 [
1199 AC_MSG_RESULT(no)
1200 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1201 ]
1202 )
1203fi
1204
2a304a95 1205if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
1206 AC_MSG_CHECKING(if getaddrinfo seems to work)
1207 AC_TRY_RUN(
1208 [
1209#include <stdio.h>
1210#include <sys/socket.h>
1211#include <netdb.h>
1212#include <errno.h>
1213#include <netinet/in.h>
1214
1215#define TEST_PORT "2222"
1216
1217int
1218main(void)
1219{
1220 int err, sock;
1221 struct addrinfo *gai_ai, *ai, hints;
1222 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1223
1224 memset(&hints, 0, sizeof(hints));
1225 hints.ai_family = PF_UNSPEC;
1226 hints.ai_socktype = SOCK_STREAM;
1227 hints.ai_flags = AI_PASSIVE;
1228
1229 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1230 if (err != 0) {
1231 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1232 exit(1);
1233 }
1234
1235 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1236 if (ai->ai_family != AF_INET6)
1237 continue;
1238
1239 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1240 sizeof(ntop), strport, sizeof(strport),
1241 NI_NUMERICHOST|NI_NUMERICSERV);
1242
1243 if (err != 0) {
1244 if (err == EAI_SYSTEM)
1245 perror("getnameinfo EAI_SYSTEM");
1246 else
1247 fprintf(stderr, "getnameinfo failed: %s\n",
1248 gai_strerror(err));
1249 exit(2);
1250 }
1251
1252 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1253 if (sock < 0)
1254 perror("socket");
1255 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1256 if (errno == EBADF)
1257 exit(3);
1258 }
1259 }
1260 exit(0);
1261}
1262 ],
1263 [
1264 AC_MSG_RESULT(yes)
1265 ],
1266 [
1267 AC_MSG_RESULT(no)
1268 AC_DEFINE(BROKEN_GETADDRINFO)
1269 ]
1270 )
1271fi
1272
3c0ef626 1273AC_FUNC_GETPGRP
1274
1275# Check for PAM libs
1276PAM_MSG="no"
1277AC_ARG_WITH(pam,
1278 [ --with-pam Enable PAM support ],
1279 [
1280 if test "x$withval" != "xno" ; then
416fd2a8 1281 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1282 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
3c0ef626 1283 AC_MSG_ERROR([PAM headers not found])
1284 fi
1285
1286 AC_CHECK_LIB(dl, dlopen, , )
1287 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1288 AC_CHECK_FUNCS(pam_getenvlist)
b9a54c29 1289 AC_CHECK_FUNCS(pam_putenv)
3c0ef626 1290
3c0ef626 1291 PAM_MSG="yes"
1292
1293 AC_DEFINE(USE_PAM)
e9a17296 1294 if test $ac_cv_lib_dl_dlopen = yes; then
1295 LIBPAM="-lpam -ldl"
1296 else
1297 LIBPAM="-lpam"
1298 fi
b9a54c29 1299
e9a17296 1300 AC_SUBST(LIBPAM)
3c0ef626 1301 fi
1302 ]
1303)
1304
1305# Check for older PAM
1306if test "x$PAM_MSG" = "xyes" ; then
1307 # Check PAM strerror arguments (old PAM)
1308 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1309 AC_TRY_COMPILE(
1310 [
1311#include <stdlib.h>
416fd2a8 1312#if defined(HAVE_SECURITY_PAM_APPL_H)
3c0ef626 1313#include <security/pam_appl.h>
416fd2a8 1314#elif defined (HAVE_PAM_PAM_APPL_H)
1315#include <pam/pam_appl.h>
1316#endif
1317 ],
1318 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
3c0ef626 1319 [AC_MSG_RESULT(no)],
1320 [
1321 AC_DEFINE(HAVE_OLD_PAM)
1322 AC_MSG_RESULT(yes)
1323 PAM_MSG="yes (old library)"
1324 ]
1325 )
1326fi
1327
2980ea68 1328# Search for OpenSSL
1329saved_CPPFLAGS="$CPPFLAGS"
1330saved_LDFLAGS="$LDFLAGS"
3c0ef626 1331AC_ARG_WITH(ssl-dir,
1332 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1333 [
1334 if test "x$withval" != "xno" ; then
2980ea68 1335 if test -d "$withval/lib"; then
1336 if test -n "${need_dash_r}"; then
1337 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1338 else
1339 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1340 fi
1341 else
2980ea68 1342 if test -n "${need_dash_r}"; then
1343 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1344 else
1345 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1346 fi
1347 fi
2980ea68 1348 if test -d "$withval/include"; then
1349 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1350 else
2980ea68 1351 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1352 fi
1353 fi
2980ea68 1354 ]
1355)
3c0ef626 1356
88928908 1357if test -z "$GSI_LIBS" ; then
416fd2a8 1358LIBS="-lcrypto $LIBS"
88928908 1359fi
3c0ef626 1360
2980ea68 1361AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
3c0ef626 1362 [
2980ea68 1363 dnl Check default openssl install dir
1364 if test -n "${need_dash_r}"; then
1365 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1366 else
2980ea68 1367 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1368 fi
2980ea68 1369 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1370 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1371 [
1372 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1373 ]
1374 )
1375 ]
1376)
1377
e54b3d7c 1378# Determine OpenSSL header version
1379AC_MSG_CHECKING([OpenSSL header version])
1380AC_TRY_RUN(
1381 [
1382#include <stdio.h>
1383#include <string.h>
1384#include <openssl/opensslv.h>
1385#define DATA "conftest.sslincver"
1386int main(void) {
416fd2a8 1387 FILE *fd;
1388 int rc;
e54b3d7c 1389
416fd2a8 1390 fd = fopen(DATA,"w");
1391 if(fd == NULL)
1392 exit(1);
e54b3d7c 1393
1394 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1395 exit(1);
1396
1397 exit(0);
1398}
1399 ],
1400 [
1401 ssl_header_ver=`cat conftest.sslincver`
1402 AC_MSG_RESULT($ssl_header_ver)
1403 ],
1404 [
1405 AC_MSG_RESULT(not found)
1406 AC_MSG_ERROR(OpenSSL version header not found.)
1407 ]
1408)
1409
1410# Determine OpenSSL library version
1411AC_MSG_CHECKING([OpenSSL library version])
1412AC_TRY_RUN(
1413 [
1414#include <stdio.h>
1415#include <string.h>
1416#include <openssl/opensslv.h>
1417#include <openssl/crypto.h>
1418#define DATA "conftest.ssllibver"
1419int main(void) {
416fd2a8 1420 FILE *fd;
1421 int rc;
e54b3d7c 1422
416fd2a8 1423 fd = fopen(DATA,"w");
1424 if(fd == NULL)
1425 exit(1);
e54b3d7c 1426
1427 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1428 exit(1);
1429
1430 exit(0);
1431}
1432 ],
1433 [
1434 ssl_library_ver=`cat conftest.ssllibver`
1435 AC_MSG_RESULT($ssl_library_ver)
1436 ],
1437 [
1438 AC_MSG_RESULT(not found)
1439 AC_MSG_ERROR(OpenSSL library not found.)
1440 ]
1441)
3c0ef626 1442
e9a17296 1443# Sanity check OpenSSL headers
1444AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1445AC_TRY_RUN(
1446 [
1447#include <string.h>
1448#include <openssl/opensslv.h>
e54b3d7c 1449int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
e9a17296 1450 ],
1451 [
1452 AC_MSG_RESULT(yes)
1453 ],
1454 [
1455 AC_MSG_RESULT(no)
70791e56 1456 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1457Check config.log for details.
1458Also see contrib/findssl.sh for help identifying header/library mismatches.])
e9a17296 1459 ]
1460)
1461
416fd2a8 1462# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1463# because the system crypt() is more featureful.
1464if test "x$check_for_libcrypt_before" = "x1"; then
1465 AC_CHECK_LIB(crypt, crypt)
1466fi
1467
1468# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
1469# version in OpenSSL.
70791e56 1470if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 1471 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
1472fi
1473
e9a17296 1474
1475### Configure cryptographic random number support
1476
1477# Check wheter OpenSSL seeds itself
1478AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1479AC_TRY_RUN(
1480 [
1481#include <string.h>
1482#include <openssl/rand.h>
e54b3d7c 1483int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
e9a17296 1484 ],
1485 [
1486 OPENSSL_SEEDS_ITSELF=yes
1487 AC_MSG_RESULT(yes)
1488 ],
1489 [
1490 AC_MSG_RESULT(no)
1491 # Default to use of the rand helper if OpenSSL doesn't
1492 # seed itself
1493 USE_RAND_HELPER=yes
1494 ]
1495)
1496
1497
1498# Do we want to force the use of the rand helper?
1499AC_ARG_WITH(rand-helper,
1500 [ --with-rand-helper Use subprocess to gather strong randomness ],
1501 [
1502 if test "x$withval" = "xno" ; then
416fd2a8 1503 # Force use of OpenSSL's internal RNG, even if
e9a17296 1504 # the previous test showed it to be unseeded.
1505 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1506 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1507 OPENSSL_SEEDS_ITSELF=yes
1508 USE_RAND_HELPER=""
1509 fi
1510 else
1511 USE_RAND_HELPER=yes
1512 fi
1513 ],
1514)
1515
1516# Which randomness source do we use?
1517if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1518 # OpenSSL only
1519 AC_DEFINE(OPENSSL_PRNG_ONLY)
1520 RAND_MSG="OpenSSL internal ONLY"
1521 INSTALL_SSH_RAND_HELPER=""
1522elif test ! -z "$USE_RAND_HELPER" ; then
1523 # install rand helper
1524 RAND_MSG="ssh-rand-helper"
1525 INSTALL_SSH_RAND_HELPER="yes"
1526fi
1527AC_SUBST(INSTALL_SSH_RAND_HELPER)
1528
1529### Configuration of ssh-rand-helper
1530
1531# PRNGD TCP socket
1532AC_ARG_WITH(prngd-port,
1533 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1534 [
1535 case "$withval" in
1536 no)
1537 withval=""
1538 ;;
1539 [[0-9]]*)
1540 ;;
1541 *)
1542 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1543 ;;
1544 esac
1545 if test ! -z "$withval" ; then
1546 PRNGD_PORT="$withval"
1547 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1548 fi
1549 ]
1550)
1551
1552# PRNGD Unix domain socket
1553AC_ARG_WITH(prngd-socket,
1554 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1555 [
1556 case "$withval" in
1557 yes)
1558 withval="/var/run/egd-pool"
1559 ;;
1560 no)
1561 withval=""
1562 ;;
1563 /*)
1564 ;;
1565 *)
1566 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1567 ;;
1568 esac
1569
1570 if test ! -z "$withval" ; then
1571 if test ! -z "$PRNGD_PORT" ; then
1572 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1573 fi
1574 if test ! -r "$withval" ; then
1575 AC_MSG_WARN(Entropy socket is not readable)
1576 fi
1577 PRNGD_SOCKET="$withval"
1578 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1579 fi
1580 ],
1581 [
1582 # Check for existing socket only if we don't have a random device already
1583 if test "$USE_RAND_HELPER" = yes ; then
1584 AC_MSG_CHECKING(for PRNGD/EGD socket)
1585 # Insert other locations here
1586 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1587 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1588 PRNGD_SOCKET="$sock"
1589 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1590 break;
1591 fi
1592 done
1593 if test ! -z "$PRNGD_SOCKET" ; then
1594 AC_MSG_RESULT($PRNGD_SOCKET)
1595 else
1596 AC_MSG_RESULT(not found)
1597 fi
1598 fi
1599 ]
1600)
1601
1602# Change default command timeout for hashing entropy source
1603entropy_timeout=200
1604AC_ARG_WITH(entropy-timeout,
1605 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1606 [
1607 if test "x$withval" != "xno" ; then
1608 entropy_timeout=$withval
1609 fi
1610 ]
1611)
e9a17296 1612AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1613
ff2d7a98 1614SSH_PRIVSEP_USER=sshd
2980ea68 1615AC_ARG_WITH(privsep-user,
1616 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
1617 [
1618 if test -n "$withval"; then
ff2d7a98 1619 SSH_PRIVSEP_USER=$withval
2980ea68 1620 fi
1621 ]
1622)
ff2d7a98 1623AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1624AC_SUBST(SSH_PRIVSEP_USER)
2980ea68 1625
1626# We do this little dance with the search path to insure
1627# that programs that we select for use by installed programs
1628# (which may be run by the super-user) come from trusted
1629# locations before they come from the user's private area.
1630# This should help avoid accidentally configuring some
1631# random version of a program in someone's personal bin.
1632
1633OPATH=$PATH
1634PATH=/bin:/usr/bin
1635test -h /bin 2> /dev/null && PATH=/usr/bin
1636test -d /sbin && PATH=$PATH:/sbin
1637test -d /usr/sbin && PATH=$PATH:/usr/sbin
1638PATH=$PATH:/etc:$OPATH
1639
416fd2a8 1640# These programs are used by the command hashing source to gather entropy
e9a17296 1641OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1642OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1643OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1644OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1645OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1646OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1647OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1648OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1649OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1650OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1651OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1652OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1653OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1654OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1655OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1656OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
2980ea68 1657# restore PATH
1658PATH=$OPATH
e9a17296 1659
1660# Where does ssh-rand-helper get its randomness from?
1661INSTALL_SSH_PRNG_CMDS=""
1662if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1663 if test ! -z "$PRNGD_PORT" ; then
1664 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1665 elif test ! -z "$PRNGD_SOCKET" ; then
1666 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1667 else
1668 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1669 RAND_HELPER_CMDHASH=yes
1670 INSTALL_SSH_PRNG_CMDS="yes"
1671 fi
1672fi
1673AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1674
1675
3c0ef626 1676# Cheap hack to ensure NEWS-OS libraries are arranged right.
1677if test ! -z "$SONY" ; then
1678 LIBS="$LIBS -liberty";
1679fi
1680
1681# Checks for data types
1682AC_CHECK_SIZEOF(char, 1)
1683AC_CHECK_SIZEOF(short int, 2)
1684AC_CHECK_SIZEOF(int, 4)
1685AC_CHECK_SIZEOF(long int, 4)
1686AC_CHECK_SIZEOF(long long int, 8)
1687
2980ea68 1688# Sanity check long long for some platforms (AIX)
1689if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1690 ac_cv_sizeof_long_long_int=0
1691fi
1692
3c0ef626 1693# More checks for data types
1694AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1695 AC_TRY_COMPILE(
416fd2a8 1696 [ #include <sys/types.h> ],
1697 [ u_int a; a = 1;],
3c0ef626 1698 [ ac_cv_have_u_int="yes" ],
1699 [ ac_cv_have_u_int="no" ]
1700 )
1701])
1702if test "x$ac_cv_have_u_int" = "xyes" ; then
1703 AC_DEFINE(HAVE_U_INT)
1704 have_u_int=1
1705fi
1706
1707AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1708 AC_TRY_COMPILE(
416fd2a8 1709 [ #include <sys/types.h> ],
1710 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 1711 [ ac_cv_have_intxx_t="yes" ],
1712 [ ac_cv_have_intxx_t="no" ]
1713 )
1714])
1715if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1716 AC_DEFINE(HAVE_INTXX_T)
1717 have_intxx_t=1
1718fi
1719
1720if (test -z "$have_intxx_t" && \
416fd2a8 1721 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 1722then
1723 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1724 AC_TRY_COMPILE(
416fd2a8 1725 [ #include <stdint.h> ],
1726 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 1727 [
1728 AC_DEFINE(HAVE_INTXX_T)
1729 AC_MSG_RESULT(yes)
1730 ],
1731 [ AC_MSG_RESULT(no) ]
1732 )
1733fi
1734
1735AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1736 AC_TRY_COMPILE(
e54b3d7c 1737 [
1738#include <sys/types.h>
1739#ifdef HAVE_STDINT_H
1740# include <stdint.h>
1741#endif
1742#include <sys/socket.h>
1743#ifdef HAVE_SYS_BITYPES_H
1744# include <sys/bitypes.h>
1745#endif
416fd2a8 1746 ],
1747 [ int64_t a; a = 1;],
3c0ef626 1748 [ ac_cv_have_int64_t="yes" ],
1749 [ ac_cv_have_int64_t="no" ]
1750 )
1751])
1752if test "x$ac_cv_have_int64_t" = "xyes" ; then
1753 AC_DEFINE(HAVE_INT64_T)
e9a17296 1754fi
1755
3c0ef626 1756AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1757 AC_TRY_COMPILE(
416fd2a8 1758 [ #include <sys/types.h> ],
1759 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 1760 [ ac_cv_have_u_intxx_t="yes" ],
1761 [ ac_cv_have_u_intxx_t="no" ]
1762 )
1763])
1764if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1765 AC_DEFINE(HAVE_U_INTXX_T)
1766 have_u_intxx_t=1
1767fi
1768
1769if test -z "$have_u_intxx_t" ; then
1770 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1771 AC_TRY_COMPILE(
416fd2a8 1772 [ #include <sys/socket.h> ],
1773 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 1774 [
1775 AC_DEFINE(HAVE_U_INTXX_T)
1776 AC_MSG_RESULT(yes)
1777 ],
1778 [ AC_MSG_RESULT(no) ]
1779 )
1780fi
1781
1782AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1783 AC_TRY_COMPILE(
416fd2a8 1784 [ #include <sys/types.h> ],
1785 [ u_int64_t a; a = 1;],
3c0ef626 1786 [ ac_cv_have_u_int64_t="yes" ],
1787 [ ac_cv_have_u_int64_t="no" ]
1788 )
1789])
1790if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1791 AC_DEFINE(HAVE_U_INT64_T)
1792 have_u_int64_t=1
1793fi
1794
e9a17296 1795if test -z "$have_u_int64_t" ; then
1796 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1797 AC_TRY_COMPILE(
416fd2a8 1798 [ #include <sys/bitypes.h> ],
e9a17296 1799 [ u_int64_t a; a = 1],
1800 [
1801 AC_DEFINE(HAVE_U_INT64_T)
1802 AC_MSG_RESULT(yes)
1803 ],
1804 [ AC_MSG_RESULT(no) ]
1805 )
1806fi
1807
3c0ef626 1808if test -z "$have_u_intxx_t" ; then
1809 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1810 AC_TRY_COMPILE(
1811 [
1812#include <sys/types.h>
416fd2a8 1813 ],
1814 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 1815 [ ac_cv_have_uintxx_t="yes" ],
1816 [ ac_cv_have_uintxx_t="no" ]
1817 )
1818 ])
1819 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1820 AC_DEFINE(HAVE_UINTXX_T)
1821 fi
1822fi
1823
1824if test -z "$have_uintxx_t" ; then
1825 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1826 AC_TRY_COMPILE(
416fd2a8 1827 [ #include <stdint.h> ],
1828 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 1829 [
1830 AC_DEFINE(HAVE_UINTXX_T)
1831 AC_MSG_RESULT(yes)
1832 ],
1833 [ AC_MSG_RESULT(no) ]
1834 )
1835fi
1836
1837if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
416fd2a8 1838 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 1839then
1840 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1841 AC_TRY_COMPILE(
1842 [
1843#include <sys/bitypes.h>
416fd2a8 1844 ],
3c0ef626 1845 [
1846 int8_t a; int16_t b; int32_t c;
1847 u_int8_t e; u_int16_t f; u_int32_t g;
1848 a = b = c = e = f = g = 1;
416fd2a8 1849 ],
3c0ef626 1850 [
1851 AC_DEFINE(HAVE_U_INTXX_T)
1852 AC_DEFINE(HAVE_INTXX_T)
1853 AC_MSG_RESULT(yes)
1854 ],
1855 [AC_MSG_RESULT(no)]
416fd2a8 1856 )
3c0ef626 1857fi
1858
1859
1860AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1861 AC_TRY_COMPILE(
1862 [
1863#include <sys/types.h>
1864 ],
1865 [ u_char foo; foo = 125; ],
1866 [ ac_cv_have_u_char="yes" ],
1867 [ ac_cv_have_u_char="no" ]
1868 )
1869])
1870if test "x$ac_cv_have_u_char" = "xyes" ; then
1871 AC_DEFINE(HAVE_U_CHAR)
1872fi
1873
1874TYPE_SOCKLEN_T
1875
e9a17296 1876AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
1877
3c0ef626 1878AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1879 AC_TRY_COMPILE(
1880 [
1881#include <sys/types.h>
1882 ],
1883 [ size_t foo; foo = 1235; ],
1884 [ ac_cv_have_size_t="yes" ],
1885 [ ac_cv_have_size_t="no" ]
1886 )
1887])
1888if test "x$ac_cv_have_size_t" = "xyes" ; then
1889 AC_DEFINE(HAVE_SIZE_T)
1890fi
1891
1892AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1893 AC_TRY_COMPILE(
1894 [
1895#include <sys/types.h>
1896 ],
1897 [ ssize_t foo; foo = 1235; ],
1898 [ ac_cv_have_ssize_t="yes" ],
1899 [ ac_cv_have_ssize_t="no" ]
1900 )
1901])
1902if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1903 AC_DEFINE(HAVE_SSIZE_T)
1904fi
1905
1906AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1907 AC_TRY_COMPILE(
1908 [
1909#include <time.h>
1910 ],
1911 [ clock_t foo; foo = 1235; ],
1912 [ ac_cv_have_clock_t="yes" ],
1913 [ ac_cv_have_clock_t="no" ]
1914 )
1915])
1916if test "x$ac_cv_have_clock_t" = "xyes" ; then
1917 AC_DEFINE(HAVE_CLOCK_T)
1918fi
1919
1920AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1921 AC_TRY_COMPILE(
1922 [
1923#include <sys/types.h>
1924#include <sys/socket.h>
1925 ],
1926 [ sa_family_t foo; foo = 1235; ],
1927 [ ac_cv_have_sa_family_t="yes" ],
1928 [ AC_TRY_COMPILE(
1929 [
1930#include <sys/types.h>
1931#include <sys/socket.h>
1932#include <netinet/in.h>
1933 ],
1934 [ sa_family_t foo; foo = 1235; ],
1935 [ ac_cv_have_sa_family_t="yes" ],
1936
1937 [ ac_cv_have_sa_family_t="no" ]
1938 )]
1939 )
1940])
1941if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1942 AC_DEFINE(HAVE_SA_FAMILY_T)
1943fi
1944
1945AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1946 AC_TRY_COMPILE(
1947 [
1948#include <sys/types.h>
1949 ],
1950 [ pid_t foo; foo = 1235; ],
1951 [ ac_cv_have_pid_t="yes" ],
1952 [ ac_cv_have_pid_t="no" ]
1953 )
1954])
1955if test "x$ac_cv_have_pid_t" = "xyes" ; then
1956 AC_DEFINE(HAVE_PID_T)
1957fi
1958
1959AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1960 AC_TRY_COMPILE(
1961 [
1962#include <sys/types.h>
1963 ],
1964 [ mode_t foo; foo = 1235; ],
1965 [ ac_cv_have_mode_t="yes" ],
1966 [ ac_cv_have_mode_t="no" ]
1967 )
1968])
1969if test "x$ac_cv_have_mode_t" = "xyes" ; then
1970 AC_DEFINE(HAVE_MODE_T)
1971fi
1972
1973
1974AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1975 AC_TRY_COMPILE(
1976 [
1977#include <sys/types.h>
1978#include <sys/socket.h>
1979 ],
1980 [ struct sockaddr_storage s; ],
1981 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1982 [ ac_cv_have_struct_sockaddr_storage="no" ]
1983 )
1984])
1985if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1986 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1987fi
1988
1989AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1990 AC_TRY_COMPILE(
1991 [
1992#include <sys/types.h>
1993#include <netinet/in.h>
1994 ],
1995 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
1996 [ ac_cv_have_struct_sockaddr_in6="yes" ],
1997 [ ac_cv_have_struct_sockaddr_in6="no" ]
1998 )
1999])
2000if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2001 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
2002fi
2003
2004AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2005 AC_TRY_COMPILE(
2006 [
2007#include <sys/types.h>
2008#include <netinet/in.h>
2009 ],
2010 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2011 [ ac_cv_have_struct_in6_addr="yes" ],
2012 [ ac_cv_have_struct_in6_addr="no" ]
2013 )
2014])
2015if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2016 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
2017fi
2018
2019AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2020 AC_TRY_COMPILE(
2021 [
2022#include <sys/types.h>
2023#include <sys/socket.h>
2024#include <netdb.h>
2025 ],
2026 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2027 [ ac_cv_have_struct_addrinfo="yes" ],
2028 [ ac_cv_have_struct_addrinfo="no" ]
2029 )
2030])
2031if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2032 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2033fi
2034
2035AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2036 AC_TRY_COMPILE(
416fd2a8 2037 [ #include <sys/time.h> ],
2038 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2039 [ ac_cv_have_struct_timeval="yes" ],
2040 [ ac_cv_have_struct_timeval="no" ]
2041 )
2042])
2043if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2044 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2045 have_struct_timeval=1
2046fi
2047
1c14df9e 2048AC_CHECK_TYPES(struct timespec)
2049
2050# We need int64_t or else certian parts of the compile will fail.
3c0ef626 2051if test "x$ac_cv_have_int64_t" = "xno" -a \
2052 "x$ac_cv_sizeof_long_int" != "x8" -a \
2053 "x$ac_cv_sizeof_long_long_int" = "x0" ; then
1c14df9e 2054 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2055 echo "an alternative compiler (I.E., GCC) before continuing."
2056 echo ""
2057 exit 1;
3c0ef626 2058else
2059dnl test snprintf (broken on SCO w/gcc)
2060 AC_TRY_RUN(
2061 [
2062#include <stdio.h>
2063#include <string.h>
2064#ifdef HAVE_SNPRINTF
2065main()
2066{
2067 char buf[50];
2068 char expected_out[50];
2069 int mazsize = 50 ;
2070#if (SIZEOF_LONG_INT == 8)
2071 long int num = 0x7fffffffffffffff;
2072#else
2073 long long num = 0x7fffffffffffffffll;
2074#endif
2075 strcpy(expected_out, "9223372036854775807");
2076 snprintf(buf, mazsize, "%lld", num);
2077 if(strcmp(buf, expected_out) != 0)
416fd2a8 2078 exit(1);
3c0ef626 2079 exit(0);
2080}
2081#else
2082main() { exit(0); }
2083#endif
2084 ], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ]
2085 )
2086fi
3c0ef626 2087
2088dnl Checks for structure members
2089OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2090OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2091OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2092OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2093OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2094OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2095OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2096OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2097OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2098OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2099OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2100OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2101OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2102OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2103OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2104OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2105OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2106
2107AC_CHECK_MEMBERS([struct stat.st_blksize])
2108
2109AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2110 ac_cv_have_ss_family_in_struct_ss, [
2111 AC_TRY_COMPILE(
2112 [
2113#include <sys/types.h>
2114#include <sys/socket.h>
2115 ],
2116 [ struct sockaddr_storage s; s.ss_family = 1; ],
2117 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2118 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2119 )
2120])
2121if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2122 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2123fi
2124
2125AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2126 ac_cv_have___ss_family_in_struct_ss, [
2127 AC_TRY_COMPILE(
2128 [
2129#include <sys/types.h>
2130#include <sys/socket.h>
2131 ],
2132 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2133 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2134 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2135 )
2136])
2137if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2138 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2139fi
2140
2141AC_CACHE_CHECK([for pw_class field in struct passwd],
2142 ac_cv_have_pw_class_in_struct_passwd, [
2143 AC_TRY_COMPILE(
2144 [
2145#include <pwd.h>
2146 ],
2147 [ struct passwd p; p.pw_class = 0; ],
2148 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2149 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2150 )
2151])
2152if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2153 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2154fi
2155
2156AC_CACHE_CHECK([for pw_expire field in struct passwd],
2157 ac_cv_have_pw_expire_in_struct_passwd, [
2158 AC_TRY_COMPILE(
2159 [
2160#include <pwd.h>
2161 ],
2162 [ struct passwd p; p.pw_expire = 0; ],
2163 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2164 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2165 )
2166])
2167if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2168 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2169fi
2170
2171AC_CACHE_CHECK([for pw_change field in struct passwd],
2172 ac_cv_have_pw_change_in_struct_passwd, [
2173 AC_TRY_COMPILE(
2174 [
2175#include <pwd.h>
2176 ],
2177 [ struct passwd p; p.pw_change = 0; ],
2178 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2179 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2180 )
2181])
2182if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2183 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2184fi
2185
078f71c2 2186dnl make sure we're using the real structure members and not defines
2980ea68 2187AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2188 ac_cv_have_accrights_in_msghdr, [
078f71c2 2189 AC_TRY_RUN(
2980ea68 2190 [
2191#include <sys/types.h>
2192#include <sys/socket.h>
2193#include <sys/uio.h>
078f71c2 2194int main() {
2195#ifdef msg_accrights
2196exit(1);
2197#endif
2198struct msghdr m;
2199m.msg_accrights = 0;
2200exit(0);
2201}
2980ea68 2202 ],
2980ea68 2203 [ ac_cv_have_accrights_in_msghdr="yes" ],
2204 [ ac_cv_have_accrights_in_msghdr="no" ]
2205 )
2206])
2207if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2208 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2209fi
2210
2211AC_CACHE_CHECK([for msg_control field in struct msghdr],
2212 ac_cv_have_control_in_msghdr, [
078f71c2 2213 AC_TRY_RUN(
2980ea68 2214 [
2215#include <sys/types.h>
2216#include <sys/socket.h>
2217#include <sys/uio.h>
078f71c2 2218int main() {
2219#ifdef msg_control
2220exit(1);
2221#endif
2222struct msghdr m;
2223m.msg_control = 0;
2224exit(0);
2225}
2980ea68 2226 ],
2980ea68 2227 [ ac_cv_have_control_in_msghdr="yes" ],
2228 [ ac_cv_have_control_in_msghdr="no" ]
2229 )
2230])
2231if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2232 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2233fi
2234
3c0ef626 2235AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
416fd2a8 2236 AC_TRY_LINK([],
2237 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 2238 [ ac_cv_libc_defines___progname="yes" ],
2239 [ ac_cv_libc_defines___progname="no" ]
2240 )
2241])
2242if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2243 AC_DEFINE(HAVE___PROGNAME)
2244fi
2245
2980ea68 2246AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2247 AC_TRY_LINK([
2248#include <stdio.h>
416fd2a8 2249],
2250 [ printf("%s", __FUNCTION__); ],
2980ea68 2251 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2252 [ ac_cv_cc_implements___FUNCTION__="no" ]
2253 )
2254])
2255if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2256 AC_DEFINE(HAVE___FUNCTION__)
2257fi
2258
2259AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2260 AC_TRY_LINK([
2261#include <stdio.h>
416fd2a8 2262],
2263 [ printf("%s", __func__); ],
2980ea68 2264 [ ac_cv_cc_implements___func__="yes" ],
2265 [ ac_cv_cc_implements___func__="no" ]
2266 )
2267])
2268if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2269 AC_DEFINE(HAVE___func__)
2270fi
2271
3c0ef626 2272AC_CACHE_CHECK([whether getopt has optreset support],
2273 ac_cv_have_getopt_optreset, [
2274 AC_TRY_LINK(
2275 [
2276#include <getopt.h>
2277 ],
2278 [ extern int optreset; optreset = 0; ],
2279 [ ac_cv_have_getopt_optreset="yes" ],
2280 [ ac_cv_have_getopt_optreset="no" ]
2281 )
2282])
2283if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2284 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2285fi
2286
2287AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
416fd2a8 2288 AC_TRY_LINK([],
2289 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 2290 [ ac_cv_libc_defines_sys_errlist="yes" ],
2291 [ ac_cv_libc_defines_sys_errlist="no" ]
2292 )
2293])
2294if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2295 AC_DEFINE(HAVE_SYS_ERRLIST)
2296fi
2297
2298
2299AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
416fd2a8 2300 AC_TRY_LINK([],
2301 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 2302 [ ac_cv_libc_defines_sys_nerr="yes" ],
2303 [ ac_cv_libc_defines_sys_nerr="no" ]
2304 )
2305])
2306if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2307 AC_DEFINE(HAVE_SYS_NERR)
2308fi
2309
416fd2a8 2310SCARD_MSG="no"
2980ea68 2311# Check whether user wants sectok support
2312AC_ARG_WITH(sectok,
2313 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 2314 [
2315 if test "x$withval" != "xno" ; then
2316 if test "x$withval" != "xyes" ; then
2317 CPPFLAGS="$CPPFLAGS -I${withval}"
2318 LDFLAGS="$LDFLAGS -L${withval}"
2319 if test ! -z "$need_dash_r" ; then
2320 LDFLAGS="$LDFLAGS -R${withval}"
2321 fi
2322 if test ! -z "$blibpath" ; then
2323 blibpath="$blibpath:${withval}"
2324 fi
2325 fi
2326 AC_CHECK_HEADERS(sectok.h)
2327 if test "$ac_cv_header_sectok_h" != yes; then
2328 AC_MSG_ERROR(Can't find sectok.h)
2329 fi
2330 AC_CHECK_LIB(sectok, sectok_open)
2331 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2332 AC_MSG_ERROR(Can't find libsectok)
2333 fi
2334 AC_DEFINE(SMARTCARD)
2980ea68 2335 AC_DEFINE(USE_SECTOK)
416fd2a8 2336 SCARD_MSG="yes, using sectok"
3c0ef626 2337 fi
2338 ]
2339)
2340
2980ea68 2341# Check whether user wants OpenSC support
2342AC_ARG_WITH(opensc,
2343 AC_HELP_STRING([--with-opensc=PFX],
2344 [Enable smartcard support using OpenSC]),
2345 opensc_config_prefix="$withval", opensc_config_prefix="")
2346if test x$opensc_config_prefix != x ; then
2347 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
2348 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2349 if test "$OPENSC_CONFIG" != "no"; then
2350 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2351 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2352 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2353 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2354 AC_DEFINE(SMARTCARD)
2355 AC_DEFINE(USE_OPENSC)
416fd2a8 2356 SCARD_MSG="yes, using OpenSC"
2980ea68 2357 fi
2358fi
2359
416fd2a8 2360# Check libraries needed by DNS fingerprint support
2361AC_SEARCH_LIBS(getrrsetbyname, resolv,
2362 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
70791e56 2363 [
416fd2a8 2364 # Needed by our getrrsetbyname()
2365 AC_SEARCH_LIBS(res_query, resolv)
2366 AC_SEARCH_LIBS(dn_expand, resolv)
1b56ff3d 2367 AC_MSG_CHECKING(if res_query will link)
2368 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2369 [AC_MSG_RESULT(no)
2370 saved_LIBS="$LIBS"
2371 LIBS="$LIBS -lresolv"
2372 AC_MSG_CHECKING(for res_query in -lresolv)
2373 AC_LINK_IFELSE([
2374#include <resolv.h>
2375int main()
2376{
2377 res_query (0, 0, 0, 0, 0);
2378 return 0;
2379}
2380 ],
2381 [LIBS="$LIBS -lresolv"
2382 AC_MSG_RESULT(yes)],
2383 [LIBS="$saved_LIBS"
2384 AC_MSG_RESULT(no)])
2385 ])
416fd2a8 2386 AC_CHECK_FUNCS(_getshort _getlong)
2387 AC_CHECK_MEMBER(HEADER.ad,
2388 [AC_DEFINE(HAVE_HEADER_AD)],,
2389 [#include <arpa/nameser.h>])
2390 ])
70791e56 2391
d905e828 2392# Check whether user wants Kerberos 5 support
416fd2a8 2393KRB5_MSG="no"
d905e828 2394AC_ARG_WITH(kerberos5,
416fd2a8 2395 [ --with-kerberos5=PATH Enable Kerberos 5 support],
2396 [ if test "x$withval" != "xno" ; then
2397 if test "x$withval" = "xyes" ; then
2398 KRB5ROOT="/usr/local"
2399 else
2400 KRB5ROOT=${withval}
2401 fi
2402
2403 AC_DEFINE(KRB5)
2404 KRB5_MSG="yes"
2405
2406 AC_MSG_CHECKING(for krb5-config)
2407 if test -x $KRB5ROOT/bin/krb5-config ; then
2408 KRB5CONF=$KRB5ROOT/bin/krb5-config
2409 AC_MSG_RESULT($KRB5CONF)
2410
2411 AC_MSG_CHECKING(for gssapi support)
2412 if $KRB5CONF | grep gssapi >/dev/null ; then
2413 AC_MSG_RESULT(yes)
2414 AC_DEFINE(GSSAPI)
2415 k5confopts=gssapi
2416 else
2417 AC_MSG_RESULT(no)
2418 k5confopts=""
2419 fi
2420 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2421 K5LIBS="`$KRB5CONF --libs $k5confopts`"
2422 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
2423 AC_MSG_CHECKING(whether we are using Heimdal)
2424 AC_TRY_COMPILE([ #include <krb5.h> ],
2425 [ char *tmp = heimdal_version; ],
2426 [ AC_MSG_RESULT(yes)
2427 AC_DEFINE(HEIMDAL) ],
2428 AC_MSG_RESULT(no)
2429 )
2430 else
2431 AC_MSG_RESULT(no)
d905e828 2432 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
416fd2a8 2433 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
2434 AC_MSG_CHECKING(whether we are using Heimdal)
2435 AC_TRY_COMPILE([ #include <krb5.h> ],
2436 [ char *tmp = heimdal_version; ],
2437 [ AC_MSG_RESULT(yes)
2438 AC_DEFINE(HEIMDAL)
1b56ff3d 2439 K5LIBS="-lkrb5 -ldes"
2440 K5LIBS="$K5LIBS -lcom_err -lasn1"
2441 AC_CHECK_LIB(roken, net_write,
2442 [K5LIBS="$K5LIBS -lroken"])
416fd2a8 2443 ],
2444 [ AC_MSG_RESULT(no)
2445 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2446 ]
2447 )
70791e56 2448 AC_SEARCH_LIBS(dn_expand, resolv)
2449
2450 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2451 [ AC_DEFINE(GSSAPI)
2452 K5LIBS="-lgssapi $K5LIBS" ],
2453 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2454 [ AC_DEFINE(GSSAPI)
416fd2a8 2455 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
70791e56 2456 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2457 $K5LIBS)
2458 ],
2459 $K5LIBS)
2460
2461 AC_CHECK_HEADER(gssapi.h, ,
2462 [ unset ac_cv_header_gssapi_h
416fd2a8 2463 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
70791e56 2464 AC_CHECK_HEADERS(gssapi.h, ,
2465 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
416fd2a8 2466 )
70791e56 2467 ]
2468 )
2469
2470 oldCPP="$CPPFLAGS"
2471 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2472 AC_CHECK_HEADER(gssapi_krb5.h, ,
2473 [ CPPFLAGS="$oldCPP" ])
d905e828 2474
c2397a66 2475 # If we're using some other GSSAPI
2476 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
2477 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
2478 fi
d905e828 2479
416fd2a8 2480 if test -z "$GSSAPI"; then
2481 GSSAPI="KRB5";
2482 fi
c2397a66 2483
d905e828 2484 oldCPP="$CPPFLAGS"
2485 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2486 AC_CHECK_HEADER(gssapi_krb5.h, ,
2487 [ CPPFLAGS="$oldCPP" ])
2488
d905e828 2489 fi
416fd2a8 2490 if test ! -z "$need_dash_r" ; then
2491 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2492 fi
2493 if test ! -z "$blibpath" ; then
2494 blibpath="$blibpath:${KRB5ROOT}/lib"
2495 fi
2496 fi
2497
2498 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2499 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2500 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2501
2502 LIBS="$LIBS $K5LIBS"
2503 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
2a304a95 2504 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
416fd2a8 2505 ]
d905e828 2506)
3c0ef626 2507
f2fd21a2 2508# Check whether user wants AFS_KRB5 support
2509AFS_KRB5_MSG="no"
2510AC_ARG_WITH(afs-krb5,
2511 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
2512 [
2513 if test "x$withval" != "xno" ; then
2514
2515 if test "x$withval" != "xyes" ; then
2516 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval")
2517 else
2518 AC_DEFINE_UNQUOTED(AKLOG_PATH, "/usr/bin/aklog")
2519 fi
2520
416fd2a8 2521 if test -z "$KRB5ROOT" ; then
f2fd21a2 2522 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
2523 fi
2524
2a304a95 2525 LIBS="-lkrbafs -lkrb4 $LIBS"
f2fd21a2 2526 if test ! -z "$AFS_LIBS" ; then
2527 LIBS="$LIBS $AFS_LIBS"
2528 fi
2529 AC_DEFINE(AFS_KRB5)
2530 AFS_KRB5_MSG="yes"
2531 fi
2532 ]
2533)
3c0ef626 2534
88928908 2535AC_ARG_WITH(session-hooks,
2536 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
2537 [ AC_DEFINE(SESSION_HOOKS) ]
2538)
2539
3c0ef626 2540# Looking for programs, paths and files
3c0ef626 2541
2980ea68 2542PRIVSEP_PATH=/var/empty
2543AC_ARG_WITH(privsep-path,
e54b3d7c 2544 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
2980ea68 2545 [
2546 if test "x$withval" != "$no" ; then
2547 PRIVSEP_PATH=$withval
2548 fi
2549 ]
2550)
2551AC_SUBST(PRIVSEP_PATH)
2552
3c0ef626 2553AC_ARG_WITH(xauth,
2554 [ --with-xauth=PATH Specify path to xauth program ],
2555 [
2556 if test "x$withval" != "xno" ; then
2557 xauth_path=$withval
2558 fi
2559 ],
2560 [
e54b3d7c 2561 TestPath="$PATH"
2562 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2563 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2564 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2565 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2566 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 2567 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
2568 xauth_path="/usr/openwin/bin/xauth"
2569 fi
2570 ]
2571)
2572
1c14df9e 2573STRIP_OPT=-s
2574AC_ARG_ENABLE(strip,
2575 [ --disable-strip Disable calling strip(1) on install],
2576 [
2577 if test "x$enableval" = "xno" ; then
2578 STRIP_OPT=
2579 fi
2580 ]
2581)
2582AC_SUBST(STRIP_OPT)
2583
3c0ef626 2584if test -z "$xauth_path" ; then
2585 XAUTH_PATH="undefined"
2586 AC_SUBST(XAUTH_PATH)
2587else
2588 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
2589 XAUTH_PATH=$xauth_path
2590 AC_SUBST(XAUTH_PATH)
2591fi
3c0ef626 2592
2593# Check for mail directory (last resort if we cannot get it from headers)
2594if test ! -z "$MAIL" ; then
2595 maildir=`dirname $MAIL`
2596 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2597fi
2598
2599if test -z "$no_dev_ptmx" ; then
2980ea68 2600 if test "x$disable_ptmx_check" != "xyes" ; then
416fd2a8 2601 AC_CHECK_FILE("/dev/ptmx",
2980ea68 2602 [
2603 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2604 have_dev_ptmx=1
2605 ]
2606 )
2607 fi
3c0ef626 2608fi
416fd2a8 2609AC_CHECK_FILE("/dev/ptc",
3c0ef626 2610 [
2611 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2612 have_dev_ptc=1
2613 ]
2614)
2615
2616# Options from here on. Some of these are preset by platform above
3c0ef626 2617AC_ARG_WITH(mantype,
2618 [ --with-mantype=man|cat|doc Set man page type],
2619 [
2620 case "$withval" in
2621 man|cat|doc)
2622 MANTYPE=$withval
2623 ;;
2624 *)
2625 AC_MSG_ERROR(invalid man type: $withval)
2626 ;;
2627 esac
2628 ]
2629)
2630if test -z "$MANTYPE"; then
e54b3d7c 2631 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2632 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 2633 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2634 MANTYPE=doc
2635 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2636 MANTYPE=man
2637 else
2638 MANTYPE=cat
2639 fi
2640fi
2641AC_SUBST(MANTYPE)
2642if test "$MANTYPE" = "doc"; then
2643 mansubdir=man;
2644else
2645 mansubdir=$MANTYPE;
2646fi
2647AC_SUBST(mansubdir)
2648
2649# Check whether to enable MD5 passwords
416fd2a8 2650MD5_MSG="no"
3c0ef626 2651AC_ARG_WITH(md5-passwords,
2652 [ --with-md5-passwords Enable use of MD5 passwords],
2653 [
2654 if test "x$withval" != "xno" ; then
2655 AC_DEFINE(HAVE_MD5_PASSWORDS)
416fd2a8 2656 MD5_MSG="yes"
3c0ef626 2657 fi
2658 ]
2659)
2660
2661# Whether to disable shadow password support
2662AC_ARG_WITH(shadow,
2663 [ --without-shadow Disable shadow password support],
2664 [
2665 if test "x$withval" = "xno" ; then
2666 AC_DEFINE(DISABLE_SHADOW)
2667 disable_shadow=yes
2668 fi
2669 ]
2670)
2671
2672if test -z "$disable_shadow" ; then
2673 AC_MSG_CHECKING([if the systems has expire shadow information])
2674 AC_TRY_COMPILE(
2675 [
2676#include <sys/types.h>
2677#include <shadow.h>
2678 struct spwd sp;
2679 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2680 [ sp_expire_available=yes ], []
2681 )
2682
2683 if test "x$sp_expire_available" = "xyes" ; then
2684 AC_MSG_RESULT(yes)
2685 AC_DEFINE(HAS_SHADOW_EXPIRE)
2686 else
2687 AC_MSG_RESULT(no)
2688 fi
2689fi
2690
2691# Use ip address instead of hostname in $DISPLAY
2692if test ! -z "$IPADDR_IN_DISPLAY" ; then
2693 DISPLAY_HACK_MSG="yes"
2694 AC_DEFINE(IPADDR_IN_DISPLAY)
2695else
416fd2a8 2696 DISPLAY_HACK_MSG="no"
3c0ef626 2697 AC_ARG_WITH(ipaddr-display,
2698 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2699 [
2700 if test "x$withval" != "xno" ; then
2701 AC_DEFINE(IPADDR_IN_DISPLAY)
416fd2a8 2702 DISPLAY_HACK_MSG="yes"
3c0ef626 2703 fi
2704 ]
2705 )
2706fi
2707
70791e56 2708# check for /etc/default/login and use it if present.
2709AC_ARG_ENABLE(etc-default-login,
2710 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],,
2711[
2712AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ])
2713
2714if test "x$external_path_file" = "x/etc/default/login"; then
2715 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2716fi
2717])
2718
2980ea68 2719dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2720if test $ac_cv_func_login_getcapbool = "yes" -a \
2721 $ac_cv_header_login_cap_h = "yes" ; then
70791e56 2722 external_path_file=/etc/login.conf
2980ea68 2723fi
70791e56 2724
3c0ef626 2725# Whether to mess with the default path
416fd2a8 2726SERVER_PATH_MSG="(default)"
3c0ef626 2727AC_ARG_WITH(default-path,
2980ea68 2728 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 2729 [
70791e56 2730 if test "x$external_path_file" = "x/etc/login.conf" ; then
2980ea68 2731 AC_MSG_WARN([
2732--with-default-path=PATH has no effect on this system.
2733Edit /etc/login.conf instead.])
2734 elif test "x$withval" != "xno" ; then
70791e56 2735 if test ! -z "$external_path_file" ; then
2736 AC_MSG_WARN([
2737--with-default-path=PATH will only be used if PATH is not defined in
2738$external_path_file .])
2739 fi
3c0ef626 2740 user_path="$withval"
416fd2a8 2741 SERVER_PATH_MSG="$withval"
3c0ef626 2742 fi
2743 ],
70791e56 2744 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2745 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
2980ea68 2746 else
70791e56 2747 if test ! -z "$external_path_file" ; then
2748 AC_MSG_WARN([
2749If PATH is defined in $external_path_file, ensure the path to scp is included,
2750otherwise scp will not work.])
2751 fi
2752 AC_TRY_RUN(
2753 [
3c0ef626 2754/* find out what STDPATH is */
2755#include <stdio.h>
2756#ifdef HAVE_PATHS_H
2757# include <paths.h>
2758#endif
2759#ifndef _PATH_STDPATH
1c14df9e 2760# ifdef _PATH_USERPATH /* Irix */
2761# define _PATH_STDPATH _PATH_USERPATH
2762# else
2763# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2764# endif
3c0ef626 2765#endif
2766#include <sys/types.h>
2767#include <sys/stat.h>
2768#include <fcntl.h>
2769#define DATA "conftest.stdpath"
2770
2771main()
2772{
2773 FILE *fd;
2774 int rc;
2775
2776 fd = fopen(DATA,"w");
2777 if(fd == NULL)
2778 exit(1);
2779
2780 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2781 exit(1);
2782
2783 exit(0);
2784}
2785 ], [ user_path=`cat conftest.stdpath` ],
2786 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2787 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2788 )
131757f3 2789 fi ]
2790)
70791e56 2791if test "x$external_path_file" != "x/etc/login.conf" ; then
2980ea68 2792 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2793 AC_SUBST(user_path)
2794fi
2795
2796# Set superuser path separately to user path
2797AC_ARG_WITH(superuser-path,
2798 [ --with-superuser-path= Specify different path for super-user],
2799 [
2800 if test "x$withval" != "xno" ; then
2801 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2802 superuser_path=$withval
2803 fi
3c0ef626 2804 ]
2805)
2980ea68 2806
3c0ef626 2807
3c0ef626 2808AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
416fd2a8 2809IPV4_IN6_HACK_MSG="no"
3c0ef626 2810AC_ARG_WITH(4in6,
2811 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2812 [
2813 if test "x$withval" != "xno" ; then
2814 AC_MSG_RESULT(yes)
2815 AC_DEFINE(IPV4_IN_IPV6)
416fd2a8 2816 IPV4_IN6_HACK_MSG="yes"
3c0ef626 2817 else
2818 AC_MSG_RESULT(no)
2819 fi
2820 ],[
2821 if test "x$inet6_default_4in6" = "xyes"; then
2822 AC_MSG_RESULT([yes (default)])
2823 AC_DEFINE(IPV4_IN_IPV6)
416fd2a8 2824 IPV4_IN6_HACK_MSG="yes"
3c0ef626 2825 else
2826 AC_MSG_RESULT([no (default)])
2827 fi
2828 ]
2829)
2830
2831# Whether to enable BSD auth support
e9a17296 2832BSD_AUTH_MSG=no
3c0ef626 2833AC_ARG_WITH(bsd-auth,
2834 [ --with-bsd-auth Enable BSD auth support],
2835 [
2836 if test "x$withval" != "xno" ; then
2837 AC_DEFINE(BSD_AUTH)
e9a17296 2838 BSD_AUTH_MSG=yes
3c0ef626 2839 fi
2840 ]
2841)
2842
3c0ef626 2843dnl allow user to disable some login recording features
2844AC_ARG_ENABLE(lastlog,
2845 [ --disable-lastlog disable use of lastlog even if detected [no]],
70791e56 2846 [
2847 if test "x$enableval" = "xno" ; then
2848 AC_DEFINE(DISABLE_LASTLOG)
2849 fi
2850 ]
3c0ef626 2851)
2852AC_ARG_ENABLE(utmp,
2853 [ --disable-utmp disable use of utmp even if detected [no]],
70791e56 2854 [
2855 if test "x$enableval" = "xno" ; then
2856 AC_DEFINE(DISABLE_UTMP)
2857 fi
2858 ]
3c0ef626 2859)
2860AC_ARG_ENABLE(utmpx,
2861 [ --disable-utmpx disable use of utmpx even if detected [no]],
70791e56 2862 [
2863 if test "x$enableval" = "xno" ; then
2864 AC_DEFINE(DISABLE_UTMPX)
2865 fi
2866 ]
3c0ef626 2867)
2868AC_ARG_ENABLE(wtmp,
2869 [ --disable-wtmp disable use of wtmp even if detected [no]],
70791e56 2870 [
2871 if test "x$enableval" = "xno" ; then
2872 AC_DEFINE(DISABLE_WTMP)
2873 fi
2874 ]
3c0ef626 2875)
2876AC_ARG_ENABLE(wtmpx,
2877 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
70791e56 2878 [
2879 if test "x$enableval" = "xno" ; then
2880 AC_DEFINE(DISABLE_WTMPX)
2881 fi
2882 ]
3c0ef626 2883)
2884AC_ARG_ENABLE(libutil,
2885 [ --disable-libutil disable use of libutil (login() etc.) [no]],
70791e56 2886 [
2887 if test "x$enableval" = "xno" ; then
2888 AC_DEFINE(DISABLE_LOGIN)
2889 fi
2890 ]
3c0ef626 2891)
2892AC_ARG_ENABLE(pututline,
2893 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
70791e56 2894 [
2895 if test "x$enableval" = "xno" ; then
416fd2a8 2896 AC_DEFINE(DISABLE_PUTUTLINE)
70791e56 2897 fi
2898 ]
3c0ef626 2899)
2900AC_ARG_ENABLE(pututxline,
2901 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
70791e56 2902 [
2903 if test "x$enableval" = "xno" ; then
2904 AC_DEFINE(DISABLE_PUTUTXLINE)
2905 fi
2906 ]
3c0ef626 2907)
2908AC_ARG_WITH(lastlog,
2909 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
2910 [
2911 if test "x$withval" = "xno" ; then
2912 AC_DEFINE(DISABLE_LASTLOG)
2913 else
2914 conf_lastlog_location=$withval
2915 fi
2916 ]
2917)
2918
2919dnl lastlog, [uw]tmpx? detection
2920dnl NOTE: set the paths in the platform section to avoid the
2921dnl need for command-line parameters
2922dnl lastlog and [uw]tmp are subject to a file search if all else fails
2923
2924dnl lastlog detection
2925dnl NOTE: the code itself will detect if lastlog is a directory
2926AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2927AC_TRY_COMPILE([
2928#include <sys/types.h>
2929#include <utmp.h>
2930#ifdef HAVE_LASTLOG_H
2931# include <lastlog.h>
2932#endif
2933#ifdef HAVE_PATHS_H
2934# include <paths.h>
2935#endif
2936#ifdef HAVE_LOGIN_H
2937# include <login.h>
2938#endif
2939 ],
2940 [ char *lastlog = LASTLOG_FILE; ],
2941 [ AC_MSG_RESULT(yes) ],
2942 [
2943 AC_MSG_RESULT(no)
2944 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2945 AC_TRY_COMPILE([
2946#include <sys/types.h>
2947#include <utmp.h>
2948#ifdef HAVE_LASTLOG_H
2949# include <lastlog.h>
2950#endif
2951#ifdef HAVE_PATHS_H
2952# include <paths.h>
2953#endif
2954 ],
2955 [ char *lastlog = _PATH_LASTLOG; ],
2956 [ AC_MSG_RESULT(yes) ],
2957 [
2958 AC_MSG_RESULT(no)
2959 system_lastlog_path=no
2960 ])
2961 ]
2962)
2963
2964if test -z "$conf_lastlog_location"; then
2965 if test x"$system_lastlog_path" = x"no" ; then
2966 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
2967 if (test -d "$f" || test -f "$f") ; then
2968 conf_lastlog_location=$f
2969 fi
2970 done
2971 if test -z "$conf_lastlog_location"; then
2972 AC_MSG_WARN([** Cannot find lastlog **])
2973 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
2974 fi
2975 fi
2976fi
2977
2978if test -n "$conf_lastlog_location"; then
2979 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
2980fi
2981
2982dnl utmp detection
2983AC_MSG_CHECKING([if your system defines UTMP_FILE])
2984AC_TRY_COMPILE([
2985#include <sys/types.h>
2986#include <utmp.h>
2987#ifdef HAVE_PATHS_H
2988# include <paths.h>
2989#endif
2990 ],
2991 [ char *utmp = UTMP_FILE; ],
2992 [ AC_MSG_RESULT(yes) ],
2993 [ AC_MSG_RESULT(no)
2994 system_utmp_path=no ]
2995)
2996if test -z "$conf_utmp_location"; then
2997 if test x"$system_utmp_path" = x"no" ; then
2998 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
2999 if test -f $f ; then
3000 conf_utmp_location=$f
3001 fi
3002 done
3003 if test -z "$conf_utmp_location"; then
3004 AC_DEFINE(DISABLE_UTMP)
3005 fi
3006 fi
3007fi
3008if test -n "$conf_utmp_location"; then
3009 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
3010fi
3011
3012dnl wtmp detection
3013AC_MSG_CHECKING([if your system defines WTMP_FILE])
3014AC_TRY_COMPILE([
3015#include <sys/types.h>
3016#include <utmp.h>
3017#ifdef HAVE_PATHS_H
3018# include <paths.h>
3019#endif
3020 ],
3021 [ char *wtmp = WTMP_FILE; ],
3022 [ AC_MSG_RESULT(yes) ],
3023 [ AC_MSG_RESULT(no)
3024 system_wtmp_path=no ]
3025)
3026if test -z "$conf_wtmp_location"; then
3027 if test x"$system_wtmp_path" = x"no" ; then
3028 for f in /usr/adm/wtmp /var/log/wtmp; do
3029 if test -f $f ; then
3030 conf_wtmp_location=$f
3031 fi
3032 done
3033 if test -z "$conf_wtmp_location"; then
3034 AC_DEFINE(DISABLE_WTMP)
3035 fi
3036 fi
3037fi
3038if test -n "$conf_wtmp_location"; then
3039 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
3040fi
3041
3042
3043dnl utmpx detection - I don't know any system so perverse as to require
3044dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3045dnl there, though.
3046AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3047AC_TRY_COMPILE([
3048#include <sys/types.h>
3049#include <utmp.h>
3050#ifdef HAVE_UTMPX_H
3051#include <utmpx.h>
3052#endif
3053#ifdef HAVE_PATHS_H
3054# include <paths.h>
3055#endif
3056 ],
3057 [ char *utmpx = UTMPX_FILE; ],
3058 [ AC_MSG_RESULT(yes) ],
3059 [ AC_MSG_RESULT(no)
3060 system_utmpx_path=no ]
3061)
3062if test -z "$conf_utmpx_location"; then
3063 if test x"$system_utmpx_path" = x"no" ; then
3064 AC_DEFINE(DISABLE_UTMPX)
3065 fi
3066else
3067 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
3068fi
3069
3070dnl wtmpx detection
3071AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3072AC_TRY_COMPILE([
3073#include <sys/types.h>
3074#include <utmp.h>
3075#ifdef HAVE_UTMPX_H
3076#include <utmpx.h>
3077#endif
3078#ifdef HAVE_PATHS_H
3079# include <paths.h>
3080#endif
3081 ],
3082 [ char *wtmpx = WTMPX_FILE; ],
3083 [ AC_MSG_RESULT(yes) ],
3084 [ AC_MSG_RESULT(no)
3085 system_wtmpx_path=no ]
3086)
3087if test -z "$conf_wtmpx_location"; then
3088 if test x"$system_wtmpx_path" = x"no" ; then
3089 AC_DEFINE(DISABLE_WTMPX)
3090 fi
3091else
3092 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
3093fi
3094
3095
3c0ef626 3096if test ! -z "$blibpath" ; then
8bb69cbe 3097 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3098 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 3099fi
3100
e9a17296 3101dnl remove pam and dl because they are in $LIBPAM
3102if test "$PAM_MSG" = yes ; then
3103 LIBS=`echo $LIBS | sed 's/-lpam //'`
3104fi
3105if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3106 LIBS=`echo $LIBS | sed 's/-ldl //'`
3107fi
3c0ef626 3108
e9a17296 3109AC_EXEEXT
1b56ff3d 3110AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile scard/Makefile ssh_prng_cmds])
3c0ef626 3111AC_OUTPUT
3112
3113# Print summary of options
3114
3c0ef626 3115# Someone please show me a better way :)
3116A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3117B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3118C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3119D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
3120E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
3121F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
2980ea68 3122H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3123I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3124J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 3125
3126echo ""
3127echo "OpenSSH has been configured with the following options:"
2980ea68 3128echo " User binaries: $B"
3129echo " System binaries: $C"
3130echo " Configuration files: $D"
3131echo " Askpass program: $E"
3132echo " Manual pages: $F"
2980ea68 3133echo " Privilege separation chroot path: $H"
70791e56 3134if test "x$external_path_file" = "x/etc/login.conf" ; then
3135echo " At runtime, sshd will use the path defined in $external_path_file"
3136echo " Make sure the path to scp is present, otherwise scp will not work"
2980ea68 3137else
3138echo " sshd default user PATH: $I"
70791e56 3139 if test ! -z "$external_path_file"; then
3140echo " (If PATH is set in $external_path_file it will be used instead. If"
3141echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3142 fi
2980ea68 3143fi
3144if test ! -z "$superuser_path" ; then
3145echo " sshd superuser user PATH: $J"
3146fi
3147echo " Manpage format: $MANTYPE"
70791e56 3148echo " PAM support: $PAM_MSG"
2980ea68 3149echo " KerberosV support: $KRB5_MSG"
3150echo " Smartcard support: $SCARD_MSG"
2980ea68 3151echo " S/KEY support: $SKEY_MSG"
3152echo " TCP Wrappers support: $TCPW_MSG"
3153echo " MD5 password support: $MD5_MSG"
3154echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
2980ea68 3155echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3156echo " BSD Auth support: $BSD_AUTH_MSG"
3157echo " Random number source: $RAND_MSG"
e9a17296 3158if test ! -z "$USE_RAND_HELPER" ; then
2980ea68 3159echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 3160fi
3161
3162echo ""
3163
3164echo " Host: ${host}"
3165echo " Compiler: ${CC}"
3166echo " Compiler flags: ${CFLAGS}"
3167echo "Preprocessor flags: ${CPPFLAGS}"
3168echo " Linker flags: ${LDFLAGS}"
e9a17296 3169echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3c0ef626 3170
3171echo ""
3172
1b56ff3d 3173if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
3174 echo "SVR4 style packages are supported with \"make package\"\n"
3175fi
3176
3c0ef626 3177if test "x$PAM_MSG" = "xyes" ; then
e9a17296 3178 echo "PAM is enabled. You may need to install a PAM control file "
3179 echo "for sshd, otherwise password authentication may fail. "
416fd2a8 3180 echo "Example PAM control files can be found in the contrib/ "
e9a17296 3181 echo "subdirectory"
3c0ef626 3182 echo ""
3183fi
3184
e9a17296 3185if test ! -z "$RAND_HELPER_CMDHASH" ; then
3186 echo "WARNING: you are using the builtin random number collection "
3187 echo "service. Please read WARNING.RNG and request that your OS "
3188 echo "vendor includes kernel-based random number collection in "
3189 echo "future versions of your OS."
3c0ef626 3190 echo ""
3191fi
3192
1b56ff3d 3193if test ! -z "$NO_PEERCHECK" ; then
3194 echo "WARNING: the operating system that you are using does not "
3195 echo "appear to support either the getpeereid() API nor the "
3196 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3197 echo "enforce security checks to prevent unauthorised connections to "
3198 echo "ssh-agent. Their absence increases the risk that a malicious "
3199 echo "user can connect to your agent. "
3200 echo ""
3201fi
3202
git-cvsimport mirror of GSI OpenSSH
This page took 1.027553 seconds and 5 git commands to generate.