]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
try handling Globus flavor at the start, so we have a better chance of
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
4b6dae8f 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
282f473f 22
23# Handle Globus configuration right away, because the Globus flavor
24# determines our compiler options.
25
26# Check whether the user wants GSI (Globus) support
27gsi_path="no"
28AC_ARG_WITH(gsi,
29 [ --with-gsi Enable Globus GSI authentication support],
30 [
31 gsi_path="$withval"
32 ]
33)
34
35AC_ARG_WITH(globus,
36 [ --with-globus Enable Globus GSI authentication support],
37 [
38 gsi_path="$withval"
39 ]
40)
41
42AC_ARG_WITH(globus-static,
43 [ --with-globus-static Link statically with Globus GSI libraries],
44 [
45 gsi_static="-static"
46 if test "x$gsi_path" = "xno" ; then
47 gsi_path="$withval"
48 fi
49 ]
50)
51
52# Check whether the user has a Globus flavor type
53globus_flavor_type="no"
54AC_ARG_WITH(globus-flavor,
55 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
56 [
57 globus_flavor_type="$withval"
58 if test "x$gsi_path" = "xno" ; then
59 gsi_path="yes"
60 fi
61 ]
62)
63
64if test "x$gsi_path" != "xno" ; then
65 # Globus GSSAPI configuration
66 AC_MSG_CHECKING(for Globus GSI)
67 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
68
69 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
70 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
71 fi
72 if test -z "$GSSAPI"; then
73 AC_DEFINE(GSSAPI)
74 GSSAPI="GSI"
75 fi
76
77 if test "x$gsi_path" = "xyes" ; then
78 if test -z "$GLOBUS_LOCATION" ; then
79 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
80 else
81 gsi_path="$GLOBUS_LOCATION"
82 fi
83 fi
84 GLOBUS_LOCATION="$gsi_path"
85 export GLOBUS_LOCATION
86 if test ! -d "$GLOBUS_LOCATION" ; then
87 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
88 fi
89
90 if test "x$globus_flavor_type" = "xno" ; then
91 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
92 fi
93 if test "x$globus_flavor_type" = "xyes" ; then
94 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
95 fi
96
97 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
98 if test ! -d "$GLOBUS_INCLUDE" ; then
99 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
100 fi
101 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
102
103 if test -x ${gsi_path}/bin/globus-makefile-header ; then
104 ${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
105 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
106 ${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
107 else
108 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
109 fi
110 . ./gpt_build_tmp.sh
111 if test -n "${need_dash_r}"; then
112 GSI_LDFLAGS="-L${gsi_path}/lib -R${gsi_path}/lib"
113 else
114 GSI_LDFLAGS="-L${gsi_path}/lib"
115 fi
116 if test -z "$GLOBUS_PKG_LIBS" ; then
117 AC_MSG_ERROR(globus-makefile-header failed)
118 fi
119
120 AC_DEFINE(HAVE_GSSAPI_H)
121
122 CC="$GLOBUS_CC"
123 CFLAGS="$GLOBUS_CFLAGS"
124 CPP="$GLOBUS_CPP"
125 CPPFLAGS="$GLOBUS_CPPFLAGS $GLOBUS_INCLUDES"
126 LIBS="$LIBS $GLOBUS_LIBS $GLOBUS_PKG_LIBS"
127 LD="$GLOBUS_LD"
128 LDFLAGS="$LDFLAGS $GLOBUS_LDFLAGS"
129
130 # test that we got the libraries OK
131 AC_TRY_LINK(
132 [],
133 [],
134 [
135 AC_MSG_RESULT(yes)
136 ],
137 [
138 AC_MSG_ERROR(link with Globus libraries failed)
139 ]
140 )
141 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
142 INSTALL_GSISSH="yes"
143else
144 INSTALL_GSISSH=""
145fi
146AC_SUBST(INSTALL_GSISSH)
147# End Globus/GSI section
148
3c0ef626 149AC_PROG_CC
150AC_CANONICAL_HOST
151AC_C_BIGENDIAN
152
153# Checks for programs.
7cac2b65 154AC_PROG_AWK
3c0ef626 155AC_PROG_CPP
156AC_PROG_RANLIB
157AC_PROG_INSTALL
4b6dae8f 158AC_PROG_EGREP
3c0ef626 159AC_PATH_PROG(AR, ar)
7e82606e 160AC_PATH_PROG(CAT, cat)
161AC_PATH_PROG(KILL, kill)
3c0ef626 162AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 163AC_PATH_PROG(SED, sed)
3c0ef626 164AC_SUBST(PERL)
165AC_PATH_PROG(ENT, ent)
166AC_SUBST(ENT)
3c0ef626 167AC_PATH_PROG(TEST_MINUS_S_SH, bash)
168AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
169AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 170AC_PATH_PROG(SH, sh)
7e82606e 171AC_SUBST(TEST_SHELL,sh)
172
173dnl for buildpkg.sh
174AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
175 [/usr/sbin${PATH_SEPARATOR}/etc])
176AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
177 [/usr/sbin${PATH_SEPARATOR}/etc])
178AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 179if test -x /sbin/sh; then
180 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
181else
182 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
183fi
3c0ef626 184
185# System features
186AC_SYS_LARGEFILE
187
188if test -z "$AR" ; then
189 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
190fi
191
192# Use LOGIN_PROGRAM from environment if possible
193if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 194 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
195 [If your header files don't define LOGIN_PROGRAM,
196 then use this (detected) from environment and PATH])
3c0ef626 197else
198 # Search for login
199 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
200 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
201 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
202 fi
203fi
204
540d72c3 205AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
206if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 207 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
208 [Full path of your "passwd" program])
540d72c3 209fi
210
3c0ef626 211if test -z "$LD" ; then
212 LD=$CC
213fi
214AC_SUBST(LD)
8b32eddc 215
3c0ef626 216AC_C_INLINE
2ce0bfe4 217
218AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
219
e74dc197 220use_stack_protector=1
221AC_ARG_WITH(stackprotect,
222 [ --without-stackprotect Don't use compiler's stack protection], [
223 if test "x$withval" = "xno"; then
224 use_stack_protector=0
225 fi ])
226
540d72c3 227if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 228 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 229 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 230 case $GCC_VER in
fa0f0f45 231 1.*) no_attrib_nonnull=1 ;;
232 2.8* | 2.9*)
233 CFLAGS="$CFLAGS -Wsign-compare"
234 no_attrib_nonnull=1
235 ;;
236 2.*) no_attrib_nonnull=1 ;;
08822d99 237 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
238 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
239 *) ;;
2ce0bfe4 240 esac
241
e74dc197 242 # -fstack-protector-all doesn't always work for some GCC versions
243 # and/or platforms, so we test if we can. If it's not supported
244 # on a give platform gcc will emit a warning so we use -Werror.
245 if test "x$use_stack_protector" = "x1"; then
246 for t in -fstack-protector-all -fstack-protector; do
247 AC_MSG_CHECKING(if $CC supports $t)
248 saved_CFLAGS="$CFLAGS"
249 saved_LDFLAGS="$LDFLAGS"
250 CFLAGS="$CFLAGS $t -Werror"
251 LDFLAGS="$LDFLAGS $t -Werror"
252 AC_LINK_IFELSE(
253 [AC_LANG_SOURCE([
254#include <stdlib.h>
255int main(void){return 0;}
256 ])],
257 [ AC_MSG_RESULT(yes)
258 CFLAGS="$saved_CFLAGS $t"
259 LDFLAGS="$saved_LDFLAGS $t"
260 AC_MSG_CHECKING(if $t works)
261 AC_RUN_IFELSE(
262 [AC_LANG_SOURCE([
263#include <stdlib.h>
264int main(void){exit(0);}
265 ])],
266 [ AC_MSG_RESULT(yes)
267 break ],
268 [ AC_MSG_RESULT(no) ],
269 [ AC_MSG_WARN([cross compiling: cannot test])
270 break ]
271 )
272 ],
273 [ AC_MSG_RESULT(no) ]
274 )
275 CFLAGS="$saved_CFLAGS"
276 LDFLAGS="$saved_LDFLAGS"
277 done
278 fi
279
2ce0bfe4 280 if test -z "$have_llong_max"; then
281 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
282 unset ac_cv_have_decl_LLONG_MAX
283 saved_CFLAGS="$CFLAGS"
284 CFLAGS="$CFLAGS -std=gnu99"
285 AC_CHECK_DECL(LLONG_MAX,
286 [have_llong_max=1],
287 [CFLAGS="$saved_CFLAGS"],
288 [#include <limits.h>]
289 )
290 fi
291fi
292
fa0f0f45 293if test "x$no_attrib_nonnull" != "x1" ; then
294 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
295fi
296
540d72c3 297AC_ARG_WITH(rpath,
298 [ --without-rpath Disable auto-added -R linker paths],
299 [
8b32eddc 300 if test "x$withval" = "xno" ; then
540d72c3 301 need_dash_r=""
302 fi
303 if test "x$withval" = "xyes" ; then
304 need_dash_r=1
305 fi
306 ]
307)
308
240debe0 309# Allow user to specify flags
310AC_ARG_WITH(cflags,
311 [ --with-cflags Specify additional flags to pass to compiler],
312 [
313 if test -n "$withval" && test "x$withval" != "xno" && \
314 test "x${withval}" != "xyes"; then
315 CFLAGS="$CFLAGS $withval"
316 fi
317 ]
318)
319AC_ARG_WITH(cppflags,
320 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
321 [
322 if test -n "$withval" && test "x$withval" != "xno" && \
323 test "x${withval}" != "xyes"; then
324 CPPFLAGS="$CPPFLAGS $withval"
325 fi
326 ]
327)
328AC_ARG_WITH(ldflags,
329 [ --with-ldflags Specify additional flags to pass to linker],
330 [
331 if test -n "$withval" && test "x$withval" != "xno" && \
332 test "x${withval}" != "xyes"; then
333 LDFLAGS="$LDFLAGS $withval"
334 fi
335 ]
336)
337AC_ARG_WITH(libs,
338 [ --with-libs Specify additional libraries to link with],
339 [
340 if test -n "$withval" && test "x$withval" != "xno" && \
341 test "x${withval}" != "xyes"; then
342 LIBS="$LIBS $withval"
343 fi
344 ]
345)
346AC_ARG_WITH(Werror,
347 [ --with-Werror Build main code with -Werror],
348 [
349 if test -n "$withval" && test "x$withval" != "xno"; then
350 werror_flags="-Werror"
351 if test "x${withval}" != "xyes"; then
352 werror_flags="$withval"
353 fi
354 fi
355 ]
356)
357
358AC_CHECK_HEADERS( \
359 bstring.h \
360 crypt.h \
361 crypto/sha2.h \
362 dirent.h \
363 endian.h \
364 features.h \
365 fcntl.h \
366 floatingpoint.h \
367 getopt.h \
368 glob.h \
369 ia.h \
370 iaf.h \
371 limits.h \
372 login.h \
373 maillock.h \
374 ndir.h \
375 net/if_tun.h \
376 netdb.h \
377 netgroup.h \
378 pam/pam_appl.h \
379 paths.h \
fa0f0f45 380 poll.h \
240debe0 381 pty.h \
382 readpassphrase.h \
383 rpc/types.h \
384 security/pam_appl.h \
385 sha2.h \
386 shadow.h \
387 stddef.h \
388 stdint.h \
389 string.h \
390 strings.h \
391 sys/audit.h \
392 sys/bitypes.h \
393 sys/bsdtty.h \
394 sys/cdefs.h \
395 sys/dir.h \
396 sys/mman.h \
397 sys/ndir.h \
e74dc197 398 sys/poll.h \
240debe0 399 sys/prctl.h \
400 sys/pstat.h \
401 sys/select.h \
402 sys/stat.h \
403 sys/stream.h \
404 sys/stropts.h \
405 sys/strtio.h \
406 sys/sysmacros.h \
407 sys/time.h \
408 sys/timers.h \
409 sys/un.h \
410 time.h \
411 tmpdir.h \
412 ttyent.h \
fa0f0f45 413 ucred.h \
240debe0 414 unistd.h \
415 usersec.h \
416 util.h \
417 utime.h \
418 utmp.h \
419 utmpx.h \
420 vis.h \
421)
422
423# lastlog.h requires sys/time.h to be included first on Solaris
424AC_CHECK_HEADERS(lastlog.h, [], [], [
425#ifdef HAVE_SYS_TIME_H
426# include <sys/time.h>
427#endif
428])
429
430# sys/ptms.h requires sys/stream.h to be included first on Solaris
431AC_CHECK_HEADERS(sys/ptms.h, [], [], [
432#ifdef HAVE_SYS_STREAM_H
433# include <sys/stream.h>
434#endif
435])
436
437# login_cap.h requires sys/types.h on NetBSD
438AC_CHECK_HEADERS(login_cap.h, [], [], [
439#include <sys/types.h>
440])
441
30460aeb 442# Messages for features tested for in target-specific section
443SIA_MSG="no"
444SPC_MSG="no"
445
3c0ef626 446# Check for some target-specific stuff
447case "$host" in
448*-*-aix*)
30460aeb 449 # Some versions of VAC won't allow macro redefinitions at
450 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
451 # particularly with older versions of vac or xlc.
452 # It also throws errors about null macro argments, but these are
453 # not fatal.
454 AC_MSG_CHECKING(if compiler allows macro redefinitions)
455 AC_COMPILE_IFELSE(
456 [AC_LANG_SOURCE([[
457#define testmacro foo
458#define testmacro bar
459int main(void) { exit(0); }
460 ]])],
461 [ AC_MSG_RESULT(yes) ],
462 [ AC_MSG_RESULT(no)
463 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
464 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
465 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
466 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
467 ]
468 )
469
540d72c3 470 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 471 if (test -z "$blibpath"); then
540d72c3 472 blibpath="/usr/lib:/lib"
3c0ef626 473 fi
256cb466 474 saved_LDFLAGS="$LDFLAGS"
30460aeb 475 if test "$GCC" = "yes"; then
476 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
477 else
478 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
479 fi
480 for tryflags in $flags ;do
256cb466 481 if (test -z "$blibflags"); then
482 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
483 AC_TRY_LINK([], [], [blibflags=$tryflags])
484 fi
485 done
486 if (test -z "$blibflags"); then
487 AC_MSG_RESULT(not found)
488 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
489 else
490 AC_MSG_RESULT($blibflags)
491 fi
492 LDFLAGS="$saved_LDFLAGS"
7cac2b65 493 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 494 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
495 [Define if you want to enable AIX4's authenticate function])],
d03f4262 496 [AC_CHECK_LIB(s,authenticate,
497 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
498 LIBS="$LIBS -ls"
499 ])
500 ])
dfddba3d 501 dnl Check for various auth function declarations in headers.
502 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 503 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 504 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 505 AC_CHECK_DECLS(loginfailed,
7cac2b65 506 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
507 AC_TRY_COMPILE(
508 [#include <usersec.h>],
509 [(void)loginfailed("user","host","tty",0);],
510 [AC_MSG_RESULT(yes)
08822d99 511 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
512 [Define if your AIX loginfailed() function
513 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 514 [AC_MSG_RESULT(no)]
515 )],
516 [],
517 [#include <usersec.h>]
518 )
e74dc197 519 AC_CHECK_FUNCS(getgrset setauthdb)
30460aeb 520 AC_CHECK_DECL(F_CLOSEM,
521 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
522 [],
523 [ #include <limits.h>
524 #include <fcntl.h> ]
525 )
dfddba3d 526 check_for_aix_broken_getaddrinfo=1
08822d99 527 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
528 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
529 [Define if your platform breaks doing a seteuid before a setuid])
530 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
531 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 532 dnl AIX handles lastlog as part of its login message
08822d99 533 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
534 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
535 [Some systems need a utmpx entry for /bin/login to work])
536 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
537 [Define to a Set Process Title type if your system is
538 supported by bsd-setproctitle.c])
539 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
540 [AIX 5.2 and 5.3 (and presumably newer) require this])
30460aeb 541 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 542 ;;
543*-*-cygwin*)
bfe49944 544 check_for_libcrypt_later=1
0b90ac93 545 LIBS="$LIBS /usr/lib/textreadmode.o"
08822d99 546 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
547 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
548 AC_DEFINE(DISABLE_SHADOW, 1,
549 [Define if you want to disable shadow passwords])
550 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
551 [Define if your system choked on IP TOS setting])
552 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
553 [Define if X11 doesn't support AF_UNIX sockets on that system])
554 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
555 [Define if the concept of ports only accessible to
556 superusers isn't known])
557 AC_DEFINE(DISABLE_FD_PASSING, 1,
558 [Define if your platform needs to skip post auth
559 file descriptor passing])
3c0ef626 560 ;;
561*-*-dgux*)
562 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 563 AC_DEFINE(SETEUID_BREAKS_SETUID)
564 AC_DEFINE(BROKEN_SETREUID)
565 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 566 ;;
567*-*-darwin*)
0b90ac93 568 AC_DEFINE(BROKEN_GETADDRINFO, 1, [Define if getaddrinfo is broken)])
569 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 570 AC_DEFINE(SETEUID_BREAKS_SETUID)
571 AC_DEFINE(BROKEN_SETREUID)
572 AC_DEFINE(BROKEN_SETREGID)
e74dc197 573 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
08822d99 574 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
575 [Define if your resolver libs need this for getrrsetbyname])
30460aeb 576 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
577 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
578 [Use tunnel device compatibility to OpenBSD])
579 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
580 [Prepend the address family to IP tunnel traffic])
e74dc197 581 m4_pattern_allow(AU_IPv)
582 AC_CHECK_DECL(AU_IPv4, [],
583 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
584 [#include <bsm/audit.h>]
585 )
f713db99 586 AC_MSG_CHECKING(if we have the Security Authorization Session API)
587 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
588 [SessionCreate(0, 0);],
589 [ac_cv_use_security_session_api="yes"
590 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
591 [platform has the Security Authorization Session API])
592 LIBS="$LIBS -framework Security"
593 AC_MSG_RESULT(yes)],
594 [ac_cv_use_security_session_api="no"
595 AC_MSG_RESULT(no)])
596 AC_MSG_CHECKING(if we have an in-memory credentials cache)
597 AC_TRY_COMPILE(
598 [#include <Kerberos/Kerberos.h>],
599 [cc_context_t c;
600 (void) cc_initialize (&c, 0, NULL, NULL);],
601 [AC_DEFINE(USE_CCAPI, 1,
602 [platform uses an in-memory credentials cache])
603 LIBS="$LIBS -framework Security"
604 AC_MSG_RESULT(yes)
605 if test "x$ac_cv_use_security_session_api" = "xno"; then
606 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
607 fi],
608 [AC_MSG_RESULT(no)]
609 )
e74dc197 610 ;;
30460aeb 611*-*-dragonfly*)
612 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 613 ;;
2ce0bfe4 614*-*-hpux*)
615 # first we define all of the options common to all HP-UX releases
3c0ef626 616 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
617 IPADDR_IN_DISPLAY=yes
3c0ef626 618 AC_DEFINE(USE_PIPES)
08822d99 619 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
620 [Define if your login program cannot handle end of options ("--")])
350391c5 621 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 622 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
623 [String used in /etc/passwd to denote locked account])
7cac2b65 624 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 625 MAIL="/var/mail/username"
d03f4262 626 LIBS="$LIBS -lsec"
2ce0bfe4 627 AC_CHECK_LIB(xnet, t_error, ,
628 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
629
630 # next, we define all of the options specific to major releases
631 case "$host" in
632 *-*-hpux10*)
633 if test -z "$GCC"; then
634 CFLAGS="$CFLAGS -Ae"
635 fi
636 ;;
637 *-*-hpux11*)
08822d99 638 AC_DEFINE(PAM_SUN_CODEBASE, 1,
639 [Define if you are using Solaris-derived PAM which
640 passes pam_messages to the conversation function
641 with an extra level of indirection])
642 AC_DEFINE(DISABLE_UTMP, 1,
643 [Define if you don't want to use utmp])
2ce0bfe4 644 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
645 check_for_hpux_broken_getaddrinfo=1
646 check_for_conflicting_getspnam=1
647 ;;
648 esac
649
650 # lastly, we define options specific to minor releases
651 case "$host" in
652 *-*-hpux10.26)
08822d99 653 AC_DEFINE(HAVE_SECUREWARE, 1,
654 [Define if you have SecureWare-based
655 protected password database])
2ce0bfe4 656 disable_ptmx_check=yes
657 LIBS="$LIBS -lsecpw"
658 ;;
659 esac
3c0ef626 660 ;;
661*-*-irix5*)
3c0ef626 662 PATH="$PATH:/usr/etc"
08822d99 663 AC_DEFINE(BROKEN_INET_NTOA, 1,
664 [Define if you system's inet_ntoa is busted
665 (e.g. Irix gcc issue)])
540d72c3 666 AC_DEFINE(SETEUID_BREAKS_SETUID)
667 AC_DEFINE(BROKEN_SETREUID)
668 AC_DEFINE(BROKEN_SETREGID)
08822d99 669 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
670 [Define if you shouldn't strip 'tty' from your
671 ttyname in [uw]tmp])
7cac2b65 672 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 673 ;;
674*-*-irix6*)
3c0ef626 675 PATH="$PATH:/usr/etc"
08822d99 676 AC_DEFINE(WITH_IRIX_ARRAY, 1,
677 [Define if you have/want arrays
678 (cluster-wide session managment, not C arrays)])
679 AC_DEFINE(WITH_IRIX_PROJECT, 1,
680 [Define if you want IRIX project management])
681 AC_DEFINE(WITH_IRIX_AUDIT, 1,
682 [Define if you want IRIX audit trails])
683 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
684 [Define if you want IRIX kernel jobs])])
3c0ef626 685 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 686 AC_DEFINE(SETEUID_BREAKS_SETUID)
687 AC_DEFINE(BROKEN_SETREUID)
688 AC_DEFINE(BROKEN_SETREGID)
08822d99 689 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 690 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 691 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 692 ;;
693*-*-linux*)
694 no_dev_ptmx=1
695 check_for_libcrypt_later=1
7cac2b65 696 check_for_openpty_ctty_bug=1
08822d99 697 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
698 AC_DEFINE(PAM_TTY_KLUDGE, 1,
699 [Work around problematic Linux PAM modules handling of PAM_TTY])
700 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
701 [String used in /etc/passwd to denote locked account])
7cac2b65 702 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 703 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
704 [Define to whatever link() returns for "not supported"
705 if it doesn't return EOPNOTSUPP.])
dfddba3d 706 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 707 AC_DEFINE(USE_BTMP)
3c0ef626 708 inet6_default_4in6=yes
7cac2b65 709 case `uname -r` in
710 1.*|2.0.*)
08822d99 711 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
712 [Define if cmsg_type is not passed correctly])
7cac2b65 713 ;;
714 esac
08822d99 715 # tun(4) forwarding compat code
716 AC_CHECK_HEADERS(linux/if_tun.h)
717 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
718 AC_DEFINE(SSH_TUN_LINUX, 1,
719 [Open tunnel devices the Linux tun/tap way])
720 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
721 [Use tunnel device compatibility to OpenBSD])
722 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
723 [Prepend the address family to IP tunnel traffic])
724 fi
3c0ef626 725 ;;
726mips-sony-bsd|mips-sony-newsos4)
4b6dae8f 727 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 728 SONY=1
3c0ef626 729 ;;
730*-*-netbsd*)
d03f4262 731 check_for_libcrypt_before=1
8b32eddc 732 if test "x$withval" != "xno" ; then
540d72c3 733 need_dash_r=1
734 fi
08822d99 735 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
736 AC_CHECK_HEADER([net/if_tap.h], ,
737 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
738 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
739 [Prepend the address family to IP tunnel traffic])
3c0ef626 740 ;;
741*-*-freebsd*)
742 check_for_libcrypt_later=1
08822d99 743 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
744 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
745 AC_CHECK_HEADER([net/if_tap.h], ,
746 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
e74dc197 747 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
3c0ef626 748 ;;
29d88157 749*-*-bsdi*)
750 AC_DEFINE(SETEUID_BREAKS_SETUID)
751 AC_DEFINE(BROKEN_SETREUID)
752 AC_DEFINE(BROKEN_SETREGID)
753 ;;
3c0ef626 754*-next-*)
755 conf_lastlog_location="/usr/adm/lastlog"
756 conf_utmp_location=/etc/utmp
757 conf_wtmp_location=/usr/adm/wtmp
758 MAIL=/usr/spool/mail
08822d99 759 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 760 AC_DEFINE(BROKEN_REALPATH)
761 AC_DEFINE(USE_PIPES)
08822d99 762 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 763 ;;
2ce0bfe4 764*-*-openbsd*)
765 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 766 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
767 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
30460aeb 768 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
769 [syslog_r function is safe to use in in a signal handler])
2ce0bfe4 770 ;;
3c0ef626 771*-*-solaris*)
8b32eddc 772 if test "x$withval" != "xno" ; then
12a403af 773 need_dash_r=1
774 fi
3c0ef626 775 AC_DEFINE(PAM_SUN_CODEBASE)
776 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 777 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
778 [Some versions of /bin/login need the TERM supplied
779 on the commandline])
3c0ef626 780 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 781 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
782 [Define if pam_chauthtok wants real uid set
783 to the unpriv'ed user])
7cac2b65 784 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
785 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 786 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
787 [Define if sshd somehow reacquires a controlling TTY
788 after setsid()])
30460aeb 789 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
790 in case the name is longer than 8 chars])
7cac2b65 791 external_path_file=/etc/default/login
3c0ef626 792 # hardwire lastlog location (can't detect it on some versions)
793 conf_lastlog_location="/var/adm/lastlog"
794 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
795 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
796 if test "$sol2ver" -ge 8; then
797 AC_MSG_RESULT(yes)
798 AC_DEFINE(DISABLE_UTMP)
08822d99 799 AC_DEFINE(DISABLE_WTMP, 1,
800 [Define if you don't want to use wtmp])
3c0ef626 801 else
802 AC_MSG_RESULT(no)
803 fi
30460aeb 804 AC_ARG_WITH(solaris-contracts,
805 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
806 [
807 AC_CHECK_LIB(contract, ct_tmpl_activate,
808 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
809 [Define if you have Solaris process contracts])
810 SSHDLIBS="$SSHDLIBS -lcontract"
811 AC_SUBST(SSHDLIBS)
812 SPC_MSG="yes" ], )
813 ],
814 )
3c0ef626 815 ;;
816*-*-sunos4*)
817 CPPFLAGS="$CPPFLAGS -DSUNOS4"
818 AC_CHECK_FUNCS(getpwanam)
819 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 820 conf_utmp_location=/etc/utmp
821 conf_wtmp_location=/var/adm/wtmp
822 conf_lastlog_location=/var/adm/lastlog
823 AC_DEFINE(USE_PIPES)
824 ;;
825*-ncr-sysv*)
3c0ef626 826 LIBS="$LIBS -lc89"
e9702f7d 827 AC_DEFINE(USE_PIPES)
7cac2b65 828 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 829 AC_DEFINE(SETEUID_BREAKS_SETUID)
830 AC_DEFINE(BROKEN_SETREUID)
831 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 832 ;;
833*-sni-sysv*)
3c0ef626 834 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 835 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 836 # -lresolv needs to be at the end of LIBS or DNS lookups break
837 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 838 IPADDR_IN_DISPLAY=yes
839 AC_DEFINE(USE_PIPES)
840 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 841 AC_DEFINE(SETEUID_BREAKS_SETUID)
842 AC_DEFINE(BROKEN_SETREUID)
843 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 844 AC_DEFINE(SSHD_ACQUIRES_CTTY)
845 external_path_file=/etc/default/login
3c0ef626 846 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
847 # Attention: always take care to bind libsocket and libnsl before libc,
848 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
849 ;;
dfddba3d 850# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 851*-*-sysv4.2*)
3c0ef626 852 AC_DEFINE(USE_PIPES)
7cac2b65 853 AC_DEFINE(SETEUID_BREAKS_SETUID)
854 AC_DEFINE(BROKEN_SETREUID)
855 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 856 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 857 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 858 ;;
dfddba3d 859# UnixWare 7.x, OpenUNIX 8
3c0ef626 860*-*-sysv5*)
2ce0bfe4 861 check_for_libcrypt_later=1
862 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 863 AC_DEFINE(USE_PIPES)
7cac2b65 864 AC_DEFINE(SETEUID_BREAKS_SETUID)
865 AC_DEFINE(BROKEN_SETREUID)
866 AC_DEFINE(BROKEN_SETREGID)
08822d99 867 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 868 case "$host" in
869 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
870 TEST_SHELL=/u95/bin/sh
08822d99 871 AC_DEFINE(BROKEN_LIBIAF, 1,
872 [ia_uinfo routines not supported by OS yet])
30460aeb 873 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 874 ;;
875 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 876 ;;
877 esac
3c0ef626 878 ;;
879*-*-sysv*)
3c0ef626 880 ;;
dfddba3d 881# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 882*-*-sco3.2v4*)
dfddba3d 883 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 884 ;;
dfddba3d 885# SCO OpenServer 5.x
3c0ef626 886*-*-sco3.2v5*)
bfe49944 887 if test -z "$GCC"; then
888 CFLAGS="$CFLAGS -belf"
889 fi
3c0ef626 890 LIBS="$LIBS -lprot -lx -ltinfo -lm"
891 no_dev_ptmx=1
3c0ef626 892 AC_DEFINE(USE_PIPES)
350391c5 893 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 894 AC_DEFINE(DISABLE_SHADOW)
d03f4262 895 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 896 AC_DEFINE(SETEUID_BREAKS_SETUID)
897 AC_DEFINE(BROKEN_SETREUID)
898 AC_DEFINE(BROKEN_SETREGID)
899 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 900 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 901 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 902 AC_CHECK_FUNCS(getluid setluid)
903 MANTYPE=man
7e82606e 904 TEST_SHELL=ksh
3c0ef626 905 ;;
d03f4262 906*-*-unicosmk*)
08822d99 907 AC_DEFINE(NO_SSH_LASTLOG, 1,
908 [Define if you don't want to use lastlog in session.c])
540d72c3 909 AC_DEFINE(SETEUID_BREAKS_SETUID)
910 AC_DEFINE(BROKEN_SETREUID)
911 AC_DEFINE(BROKEN_SETREGID)
d03f4262 912 AC_DEFINE(USE_PIPES)
913 AC_DEFINE(DISABLE_FD_PASSING)
914 LDFLAGS="$LDFLAGS"
915 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
916 MANTYPE=cat
917 ;;
7cac2b65 918*-*-unicosmp*)
540d72c3 919 AC_DEFINE(SETEUID_BREAKS_SETUID)
920 AC_DEFINE(BROKEN_SETREUID)
921 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 922 AC_DEFINE(WITH_ABBREV_NO_TTY)
923 AC_DEFINE(USE_PIPES)
924 AC_DEFINE(DISABLE_FD_PASSING)
925 LDFLAGS="$LDFLAGS"
540d72c3 926 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 927 MANTYPE=cat
928 ;;
3c0ef626 929*-*-unicos*)
540d72c3 930 AC_DEFINE(SETEUID_BREAKS_SETUID)
931 AC_DEFINE(BROKEN_SETREUID)
932 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 933 AC_DEFINE(USE_PIPES)
d03f4262 934 AC_DEFINE(DISABLE_FD_PASSING)
935 AC_DEFINE(NO_SSH_LASTLOG)
936 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
937 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
938 MANTYPE=cat
3c0ef626 939 ;;
940*-dec-osf*)
941 AC_MSG_CHECKING(for Digital Unix SIA)
942 no_osfsia=""
943 AC_ARG_WITH(osfsia,
944 [ --with-osfsia Enable Digital Unix SIA],
945 [
946 if test "x$withval" = "xno" ; then
947 AC_MSG_RESULT(disabled)
948 no_osfsia=1
949 fi
950 ],
951 )
952 if test -z "$no_osfsia" ; then
953 if test -f /etc/sia/matrix.conf; then
954 AC_MSG_RESULT(yes)
08822d99 955 AC_DEFINE(HAVE_OSF_SIA, 1,
956 [Define if you have Digital Unix Security
957 Integration Architecture])
958 AC_DEFINE(DISABLE_LOGIN, 1,
959 [Define if you don't want to use your
960 system's login() call])
bfe49944 961 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 962 LIBS="$LIBS -lsecurity -ldb -lm -laud"
30460aeb 963 SIA_MSG="yes"
3c0ef626 964 else
965 AC_MSG_RESULT(no)
08822d99 966 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
967 [String used in /etc/passwd to denote locked account])
3c0ef626 968 fi
969 fi
7cac2b65 970 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 971 AC_DEFINE(SETEUID_BREAKS_SETUID)
972 AC_DEFINE(BROKEN_SETREUID)
973 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 974 ;;
975
4b6dae8f 976*-*-nto-qnx*)
3c0ef626 977 AC_DEFINE(USE_PIPES)
978 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 979 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
980 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
981 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
4b6dae8f 982 AC_DEFINE(DISABLE_LASTLOG)
30460aeb 983 AC_DEFINE(SSHD_ACQUIRES_CTTY)
e74dc197 984 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
30460aeb 985 enable_etc_default_login=no # has incompatible /etc/default/login
fa0f0f45 986 case "$host" in
987 *-*-nto-qnx6*)
988 AC_DEFINE(DISABLE_FD_PASSING)
989 ;;
990 esac
3c0ef626 991 ;;
2ce0bfe4 992
993*-*-ultrix*)
08822d99 994 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
995 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b6dae8f 996 AC_DEFINE(NEED_SETPGRP)
2ce0bfe4 997 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
998 ;;
999
1000*-*-lynxos)
1001 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 1002 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 1003 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
1004 ;;
3c0ef626 1005esac
1006
7cac2b65 1007AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 1008AC_RUN_IFELSE(
1009 [AC_LANG_SOURCE([
7cac2b65 1010#include <stdio.h>
1011int main(){exit(0);}
dfddba3d 1012 ])],
7cac2b65 1013 [ AC_MSG_RESULT(yes) ],
1014 [
1015 AC_MSG_RESULT(no)
1016 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 1017 ],
1018 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 1019)
1020
2ce0bfe4 1021dnl Checks for header files.
3c0ef626 1022# Checks for libraries.
1023AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
1024AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
1025
7cac2b65 1026dnl IRIX and Solaris 2.5.1 have dirname() in libgen
1027AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
1028 AC_CHECK_LIB(gen, dirname,[
1029 AC_CACHE_CHECK([for broken dirname],
1030 ac_cv_have_broken_dirname, [
1031 save_LIBS="$LIBS"
1032 LIBS="$LIBS -lgen"
08822d99 1033 AC_RUN_IFELSE(
1034 [AC_LANG_SOURCE([[
7cac2b65 1035#include <libgen.h>
1036#include <string.h>
1037
1038int main(int argc, char **argv) {
1039 char *s, buf[32];
1040
1041 strncpy(buf,"/etc", 32);
1042 s = dirname(buf);
1043 if (!s || strncmp(s, "/", 32) != 0) {
1044 exit(1);
1045 } else {
1046 exit(0);
1047 }
1048}
08822d99 1049 ]])],
1050 [ ac_cv_have_broken_dirname="no" ],
1051 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 1052 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 1053 )
1054 LIBS="$save_LIBS"
1055 ])
1056 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
1057 LIBS="$LIBS -lgen"
1058 AC_DEFINE(HAVE_DIRNAME)
1059 AC_CHECK_HEADERS(libgen.h)
1060 fi
1061 ])
1062])
1063
3c0ef626 1064AC_CHECK_FUNC(getspnam, ,
1065 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 1066AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
1067 [Define if you have the basename function.]))
3c0ef626 1068
1069dnl zlib is required
1070AC_ARG_WITH(zlib,
1071 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 1072 [ if test "x$withval" = "xno" ; then
1073 AC_MSG_ERROR([*** zlib is required ***])
1074 elif test "x$withval" != "xyes"; then
3c0ef626 1075 if test -d "$withval/lib"; then
1076 if test -n "${need_dash_r}"; then
1077 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1078 else
1079 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1080 fi
1081 else
1082 if test -n "${need_dash_r}"; then
1083 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1084 else
1085 LDFLAGS="-L${withval} ${LDFLAGS}"
1086 fi
1087 fi
1088 if test -d "$withval/include"; then
1089 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1090 else
1091 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1092 fi
8b32eddc 1093 fi ]
3c0ef626 1094)
1095
540d72c3 1096AC_CHECK_LIB(z, deflate, ,
1097 [
1098 saved_CPPFLAGS="$CPPFLAGS"
1099 saved_LDFLAGS="$LDFLAGS"
1100 save_LIBS="$LIBS"
1101 dnl Check default zlib install dir
1102 if test -n "${need_dash_r}"; then
1103 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
1104 else
1105 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
1106 fi
1107 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
1108 LIBS="$LIBS -lz"
1109 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
1110 [
1111 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
1112 ]
1113 )
1114 ]
1115)
1116AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
1117
1118AC_ARG_WITH(zlib-version-check,
1119 [ --without-zlib-version-check Disable zlib version check],
1120 [ if test "x$withval" = "xno" ; then
1121 zlib_check_nonfatal=1
1122 fi
1123 ]
1124)
1125
8b32eddc 1126AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 1127AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 1128#include <stdio.h>
540d72c3 1129#include <zlib.h>
1130int main()
1131{
8b32eddc 1132 int a=0, b=0, c=0, d=0, n, v;
1133 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1134 if (n != 3 && n != 4)
540d72c3 1135 exit(1);
8b32eddc 1136 v = a*1000000 + b*10000 + c*100 + d;
1137 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1138
1139 /* 1.1.4 is OK */
1140 if (a == 1 && b == 1 && c >= 4)
540d72c3 1141 exit(0);
8b32eddc 1142
2ce0bfe4 1143 /* 1.2.3 and up are OK */
1144 if (v >= 1020300)
8b32eddc 1145 exit(0);
1146
540d72c3 1147 exit(2);
1148}
dfddba3d 1149 ]])],
8b32eddc 1150 AC_MSG_RESULT(no),
1151 [ AC_MSG_RESULT(yes)
540d72c3 1152 if test -z "$zlib_check_nonfatal" ; then
1153 AC_MSG_ERROR([*** zlib too old - check config.log ***
1154Your reported zlib version has known security problems. It's possible your
1155vendor has fixed these problems without changing the version number. If you
1156are sure this is the case, you can disable the check by running
1157"./configure --without-zlib-version-check".
2ce0bfe4 1158If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 1159See http://www.gzip.org/zlib/ for details.])
540d72c3 1160 else
1161 AC_MSG_WARN([zlib version may have security problems])
1162 fi
dfddba3d 1163 ],
1164 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 1165)
3c0ef626 1166
3c0ef626 1167dnl UnixWare 2.x
540d72c3 1168AC_CHECK_FUNC(strcasecmp,
3c0ef626 1169 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1170)
08822d99 1171AC_CHECK_FUNCS(utimes,
d03f4262 1172 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1173 LIBS="$LIBS -lc89"]) ]
3c0ef626 1174)
1175
1176dnl Checks for libutil functions
1177AC_CHECK_HEADERS(libutil.h)
08822d99 1178AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1179 [Define if your libraries define login()])])
3c0ef626 1180AC_CHECK_FUNCS(logout updwtmp logwtmp)
1181
1182AC_FUNC_STRFTIME
1183
3c0ef626 1184# Check for ALTDIRFUNC glob() extension
1185AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1186AC_EGREP_CPP(FOUNDIT,
1187 [
1188 #include <glob.h>
1189 #ifdef GLOB_ALTDIRFUNC
1190 FOUNDIT
1191 #endif
540d72c3 1192 ],
3c0ef626 1193 [
08822d99 1194 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1195 [Define if your system glob() function has
1196 the GLOB_ALTDIRFUNC extension])
3c0ef626 1197 AC_MSG_RESULT(yes)
1198 ],
1199 [
1200 AC_MSG_RESULT(no)
1201 ]
1202)
1203
1204# Check for g.gl_matchc glob() extension
1205AC_MSG_CHECKING(for gl_matchc field in glob_t)
30460aeb 1206AC_TRY_COMPILE(
1207 [ #include <glob.h> ],
1208 [glob_t g; g.gl_matchc = 1;],
540d72c3 1209 [
08822d99 1210 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1211 [Define if your system glob() function has
1212 gl_matchc options in glob_t])
540d72c3 1213 AC_MSG_RESULT(yes)
1214 ],
1215 [
1216 AC_MSG_RESULT(no)
1217 ]
3c0ef626 1218)
1219
30460aeb 1220AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1221
3c0ef626 1222AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 1223AC_RUN_IFELSE(
1224 [AC_LANG_SOURCE([[
3c0ef626 1225#include <sys/types.h>
1226#include <dirent.h>
d03f4262 1227int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 1228 ]])],
540d72c3 1229 [AC_MSG_RESULT(yes)],
3c0ef626 1230 [
1231 AC_MSG_RESULT(no)
08822d99 1232 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1233 [Define if your struct dirent expects you to
1234 allocate extra space for d_name])
dfddba3d 1235 ],
8b32eddc 1236 [
dfddba3d 1237 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1238 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1239 ]
1240)
1241
7e82606e 1242AC_MSG_CHECKING([for /proc/pid/fd directory])
1243if test -d "/proc/$$/fd" ; then
08822d99 1244 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1245 AC_MSG_RESULT(yes)
1246else
1247 AC_MSG_RESULT(no)
1248fi
1249
3c0ef626 1250# Check whether user wants S/Key support
540d72c3 1251SKEY_MSG="no"
3c0ef626 1252AC_ARG_WITH(skey,
dfddba3d 1253 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1254 [
1255 if test "x$withval" != "xno" ; then
1256
1257 if test "x$withval" != "xyes" ; then
1258 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1259 LDFLAGS="$LDFLAGS -L${withval}/lib"
1260 fi
1261
08822d99 1262 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1263 LIBS="-lskey $LIBS"
540d72c3 1264 SKEY_MSG="yes"
8b32eddc 1265
e9702f7d 1266 AC_MSG_CHECKING([for s/key support])
08822d99 1267 AC_LINK_IFELSE(
1268 [AC_LANG_SOURCE([[
e9702f7d 1269#include <stdio.h>
1270#include <skey.h>
d03f4262 1271int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1272 ]])],
e9702f7d 1273 [AC_MSG_RESULT(yes)],
3c0ef626 1274 [
e9702f7d 1275 AC_MSG_RESULT(no)
3c0ef626 1276 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1277 ])
12a403af 1278 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1279 AC_TRY_COMPILE(
1280 [#include <stdio.h>
1281 #include <skey.h>],
1282 [(void)skeychallenge(NULL,"name","",0);],
1283 [AC_MSG_RESULT(yes)
08822d99 1284 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1285 [Define if your skeychallenge()
1286 function takes 4 arguments (NetBSD)])],
12a403af 1287 [AC_MSG_RESULT(no)]
1288 )
3c0ef626 1289 fi
1290 ]
1291)
1292
1293# Check whether user wants TCP wrappers support
1294TCPW_MSG="no"
1295AC_ARG_WITH(tcp-wrappers,
dfddba3d 1296 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1297 [
1298 if test "x$withval" != "xno" ; then
1299 saved_LIBS="$LIBS"
1300 saved_LDFLAGS="$LDFLAGS"
1301 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1302 if test -n "${withval}" && \
1303 test "x${withval}" != "xyes"; then
3c0ef626 1304 if test -d "${withval}/lib"; then
1305 if test -n "${need_dash_r}"; then
1306 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1307 else
1308 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1309 fi
1310 else
1311 if test -n "${need_dash_r}"; then
1312 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1313 else
1314 LDFLAGS="-L${withval} ${LDFLAGS}"
1315 fi
1316 fi
1317 if test -d "${withval}/include"; then
1318 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1319 else
1320 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1321 fi
1322 fi
fa0f0f45 1323 LIBS="-lwrap $LIBS"
3c0ef626 1324 AC_MSG_CHECKING(for libwrap)
1325 AC_TRY_LINK(
1326 [
12a403af 1327#include <sys/types.h>
1328#include <sys/socket.h>
1329#include <netinet/in.h>
3c0ef626 1330#include <tcpd.h>
1331 int deny_severity = 0, allow_severity = 0;
1332 ],
1333 [hosts_access(0);],
1334 [
1335 AC_MSG_RESULT(yes)
08822d99 1336 AC_DEFINE(LIBWRAP, 1,
1337 [Define if you want
1338 TCP Wrappers support])
fa0f0f45 1339 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1340 TCPW_MSG="yes"
1341 ],
1342 [
1343 AC_MSG_ERROR([*** libwrap missing])
1344 ]
1345 )
e9702f7d 1346 LIBS="$saved_LIBS"
3c0ef626 1347 fi
1348 ]
1349)
1350
dfddba3d 1351# Check whether user wants libedit support
1352LIBEDIT_MSG="no"
1353AC_ARG_WITH(libedit,
1354 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1355 [ if test "x$withval" != "xno" ; then
8b32eddc 1356 if test "x$withval" != "xyes"; then
08822d99 1357 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1358 if test -n "${need_dash_r}"; then
1359 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1360 else
1361 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1362 fi
8b32eddc 1363 fi
dfddba3d 1364 AC_CHECK_LIB(edit, el_init,
08822d99 1365 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1366 LIBEDIT="-ledit -lcurses"
1367 LIBEDIT_MSG="yes"
1368 AC_SUBST(LIBEDIT)
1369 ],
8b32eddc 1370 [ AC_MSG_ERROR(libedit not found) ],
1371 [ -lcurses ]
dfddba3d 1372 )
2ce0bfe4 1373 AC_MSG_CHECKING(if libedit version is compatible)
1374 AC_COMPILE_IFELSE(
1375 [AC_LANG_SOURCE([[
1376#include <histedit.h>
1377int main(void)
1378{
1379 int i = H_SETSIZE;
1380 el_init("", NULL, NULL, NULL);
1381 exit(0);
1382}
1383 ]])],
1384 [ AC_MSG_RESULT(yes) ],
1385 [ AC_MSG_RESULT(no)
1386 AC_MSG_ERROR(libedit version is not compatible) ]
1387 )
dfddba3d 1388 fi ]
1389)
1390
1391AUDIT_MODULE=none
1392AC_ARG_WITH(audit,
1393 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1394 [
1395 AC_MSG_CHECKING(for supported audit module)
1396 case "$withval" in
1397 bsm)
1398 AC_MSG_RESULT(bsm)
1399 AUDIT_MODULE=bsm
1400 dnl Checks for headers, libs and functions
1401 AC_CHECK_HEADERS(bsm/audit.h, [],
30460aeb 1402 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1403 [
1404#ifdef HAVE_TIME_H
1405# include <time.h>
1406#endif
1407 ]
1408)
dfddba3d 1409 AC_CHECK_LIB(bsm, getaudit, [],
1410 [AC_MSG_ERROR(BSM enabled and required library not found)])
1411 AC_CHECK_FUNCS(getaudit, [],
1412 [AC_MSG_ERROR(BSM enabled and required function not found)])
1413 # These are optional
e74dc197 1414 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
08822d99 1415 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1416 ;;
1417 debug)
1418 AUDIT_MODULE=debug
1419 AC_MSG_RESULT(debug)
08822d99 1420 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1421 ;;
2ce0bfe4 1422 no)
1423 AC_MSG_RESULT(no)
1424 ;;
dfddba3d 1425 *)
1426 AC_MSG_ERROR([Unknown audit module $withval])
1427 ;;
1428 esac ]
1429)
1430
bfe49944 1431dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1432AC_CHECK_FUNCS( \
1433 arc4random \
08822d99 1434 asprintf \
2ce0bfe4 1435 b64_ntop \
1436 __b64_ntop \
1437 b64_pton \
1438 __b64_pton \
1439 bcopy \
1440 bindresvport_sa \
1441 clock \
1442 closefrom \
1443 dirfd \
1444 fchmod \
1445 fchown \
1446 freeaddrinfo \
1447 futimes \
1448 getaddrinfo \
1449 getcwd \
1450 getgrouplist \
1451 getnameinfo \
1452 getopt \
1453 getpeereid \
fa0f0f45 1454 getpeerucred \
2ce0bfe4 1455 _getpty \
1456 getrlimit \
1457 getttyent \
1458 glob \
1459 inet_aton \
1460 inet_ntoa \
1461 inet_ntop \
1462 innetgr \
1463 login_getcapbool \
1464 md5_crypt \
1465 memmove \
1466 mkdtemp \
1467 mmap \
1468 ngetaddrinfo \
1469 nsleep \
1470 ogetaddrinfo \
1471 openlog_r \
1472 openpty \
fa0f0f45 1473 poll \
2ce0bfe4 1474 prctl \
1475 pstat \
1476 readpassphrase \
1477 realpath \
1478 recvmsg \
1479 rresvport_af \
1480 sendmsg \
1481 setdtablesize \
1482 setegid \
1483 setenv \
1484 seteuid \
1485 setgroups \
1486 setlogin \
1487 setpcred \
1488 setproctitle \
1489 setregid \
1490 setreuid \
1491 setrlimit \
1492 setsid \
1493 setvbuf \
1494 sigaction \
1495 sigvec \
1496 snprintf \
1497 socketpair \
1498 strdup \
1499 strerror \
1500 strlcat \
1501 strlcpy \
1502 strmode \
1503 strnvis \
1504 strtonum \
1505 strtoll \
1506 strtoul \
fa0f0f45 1507 swap32 \
2ce0bfe4 1508 sysconf \
1509 tcgetpgrp \
1510 truncate \
1511 unsetenv \
1512 updwtmpx \
08822d99 1513 vasprintf \
2ce0bfe4 1514 vhangup \
1515 vsnprintf \
1516 waitpid \
bfe49944 1517)
1518
29d88157 1519# IRIX has a const char return value for gai_strerror()
1520AC_CHECK_FUNCS(gai_strerror,[
1521 AC_DEFINE(HAVE_GAI_STRERROR)
1522 AC_TRY_COMPILE([
1523#include <sys/types.h>
1524#include <sys/socket.h>
1525#include <netdb.h>
1526
1527const char *gai_strerror(int);],[
1528char *str;
1529
1530str = gai_strerror(0);],[
1531 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1532 [Define if gai_strerror() returns const char *])])])
1533
08822d99 1534AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1535 [Some systems put nanosleep outside of libc]))
bfe49944 1536
7cac2b65 1537dnl Make sure prototypes are defined for these before using them.
7cac2b65 1538AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1539AC_CHECK_DECL(strsep,
1540 [AC_CHECK_FUNCS(strsep)],
1541 [],
1542 [
1543#ifdef HAVE_STRING_H
1544# include <string.h>
1545#endif
1546 ])
3c0ef626 1547
7cac2b65 1548dnl tcsendbreak might be a macro
1549AC_CHECK_DECL(tcsendbreak,
1550 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1551 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1552 [#include <termios.h>]
1553)
3c0ef626 1554
7e82606e 1555AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1556
30460aeb 1557AC_CHECK_DECLS(SHUT_RD, , ,
1558 [
1559#include <sys/types.h>
1560#include <sys/socket.h>
1561 ])
1562
1563AC_CHECK_DECLS(O_NONBLOCK, , ,
1564 [
1565#include <sys/types.h>
1566#ifdef HAVE_SYS_STAT_H
1567# include <sys/stat.h>
1568#endif
1569#ifdef HAVE_FCNTL_H
1570# include <fcntl.h>
1571#endif
1572 ])
1573
1574AC_CHECK_DECLS(writev, , , [
1575#include <sys/types.h>
1576#include <sys/uio.h>
1577#include <unistd.h>
1578 ])
1579
fa0f0f45 1580AC_CHECK_DECLS(MAXSYMLINKS, , , [
1581#include <sys/param.h>
1582 ])
1583
1584AC_CHECK_DECLS(offsetof, , , [
1585#include <stddef.h>
1586 ])
1587
540d72c3 1588AC_CHECK_FUNCS(setresuid, [
1589 dnl Some platorms have setresuid that isn't implemented, test for this
1590 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1591 AC_RUN_IFELSE(
1592 [AC_LANG_SOURCE([[
540d72c3 1593#include <stdlib.h>
1594#include <errno.h>
1595int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1596 ]])],
540d72c3 1597 [AC_MSG_RESULT(yes)],
08822d99 1598 [AC_DEFINE(BROKEN_SETRESUID, 1,
1599 [Define if your setresuid() is broken])
dfddba3d 1600 AC_MSG_RESULT(not implemented)],
1601 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1602 )
1603])
1604
1605AC_CHECK_FUNCS(setresgid, [
1606 dnl Some platorms have setresgid that isn't implemented, test for this
1607 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1608 AC_RUN_IFELSE(
1609 [AC_LANG_SOURCE([[
540d72c3 1610#include <stdlib.h>
1611#include <errno.h>
1612int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1613 ]])],
540d72c3 1614 [AC_MSG_RESULT(yes)],
08822d99 1615 [AC_DEFINE(BROKEN_SETRESGID, 1,
1616 [Define if your setresgid() is broken])
dfddba3d 1617 AC_MSG_RESULT(not implemented)],
1618 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1619 )
1620])
1621
3c0ef626 1622dnl Checks for time functions
1623AC_CHECK_FUNCS(gettimeofday time)
1624dnl Checks for utmp functions
1625AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1626AC_CHECK_FUNCS(utmpname)
1627dnl Checks for utmpx functions
1628AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1629AC_CHECK_FUNCS(setutxent utmpxname)
1630
540d72c3 1631AC_CHECK_FUNC(daemon,
08822d99 1632 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1633 [AC_CHECK_LIB(bsd, daemon,
1634 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1635)
1636
540d72c3 1637AC_CHECK_FUNC(getpagesize,
08822d99 1638 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1639 [Define if your libraries define getpagesize()])],
1640 [AC_CHECK_LIB(ucb, getpagesize,
1641 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1642)
1643
1644# Check for broken snprintf
1645if test "x$ac_cv_func_snprintf" = "xyes" ; then
1646 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1647 AC_RUN_IFELSE(
1648 [AC_LANG_SOURCE([[
3c0ef626 1649#include <stdio.h>
d03f4262 1650int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1651 ]])],
540d72c3 1652 [AC_MSG_RESULT(yes)],
3c0ef626 1653 [
1654 AC_MSG_RESULT(no)
08822d99 1655 AC_DEFINE(BROKEN_SNPRINTF, 1,
1656 [Define if your snprintf is busted])
3c0ef626 1657 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1658 ],
1659 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1660 )
1661fi
1662
08822d99 1663# If we don't have a working asprintf, then we strongly depend on vsnprintf
1664# returning the right thing on overflow: the number of characters it tried to
1665# create (as per SUSv3)
1666if test "x$ac_cv_func_asprintf" != "xyes" && \
1667 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1668 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1669 AC_RUN_IFELSE(
1670 [AC_LANG_SOURCE([[
1671#include <sys/types.h>
1672#include <stdio.h>
1673#include <stdarg.h>
1674
1675int x_snprintf(char *str,size_t count,const char *fmt,...)
1676{
1677 size_t ret; va_list ap;
1678 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1679 return ret;
1680}
1681int main(void)
1682{
1683 char x[1];
1684 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1685} ]])],
1686 [AC_MSG_RESULT(yes)],
1687 [
1688 AC_MSG_RESULT(no)
1689 AC_DEFINE(BROKEN_SNPRINTF, 1,
1690 [Define if your snprintf is busted])
1691 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1692 ],
1693 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1694 )
1695fi
1696
1697# On systems where [v]snprintf is broken, but is declared in stdio,
1698# check that the fmt argument is const char * or just char *.
1699# This is only useful for when BROKEN_SNPRINTF
1700AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1701AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1702 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1703 int main(void) { snprintf(0, 0, 0); }
1704 ]])],
1705 [AC_MSG_RESULT(yes)
1706 AC_DEFINE(SNPRINTF_CONST, [const],
1707 [Define as const if snprintf() can declare const char *fmt])],
1708 [AC_MSG_RESULT(no)
1709 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1710
7e82606e 1711# Check for missing getpeereid (or equiv) support
1712NO_PEERCHECK=""
fa0f0f45 1713if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
7e82606e 1714 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1715 AC_TRY_COMPILE(
1716 [#include <sys/types.h>
1717 #include <sys/socket.h>],
1718 [int i = SO_PEERCRED;],
8b32eddc 1719 [ AC_MSG_RESULT(yes)
08822d99 1720 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1721 ],
7e82606e 1722 [AC_MSG_RESULT(no)
1723 NO_PEERCHECK=1]
1724 )
1725fi
1726
bfe49944 1727dnl see whether mkstemp() requires XXXXXX
1728if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1729AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1730AC_RUN_IFELSE(
1731 [AC_LANG_SOURCE([[
bfe49944 1732#include <stdlib.h>
1733main() { char template[]="conftest.mkstemp-test";
1734if (mkstemp(template) == -1)
1735 exit(1);
1736unlink(template); exit(0);
1737}
08822d99 1738 ]])],
bfe49944 1739 [
1740 AC_MSG_RESULT(no)
1741 ],
540d72c3 1742 [
bfe49944 1743 AC_MSG_RESULT(yes)
08822d99 1744 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1745 ],
1746 [
1747 AC_MSG_RESULT(yes)
1748 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1749 ]
bfe49944 1750)
1751fi
1752
7cac2b65 1753dnl make sure that openpty does not reacquire controlling terminal
1754if test ! -z "$check_for_openpty_ctty_bug"; then
1755 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1756 AC_RUN_IFELSE(
1757 [AC_LANG_SOURCE([[
7cac2b65 1758#include <stdio.h>
1759#include <sys/fcntl.h>
1760#include <sys/types.h>
1761#include <sys/wait.h>
1762
1763int
1764main()
1765{
1766 pid_t pid;
1767 int fd, ptyfd, ttyfd, status;
1768
1769 pid = fork();
1770 if (pid < 0) { /* failed */
1771 exit(1);
1772 } else if (pid > 0) { /* parent */
1773 waitpid(pid, &status, 0);
540d72c3 1774 if (WIFEXITED(status))
7cac2b65 1775 exit(WEXITSTATUS(status));
1776 else
1777 exit(2);
1778 } else { /* child */
1779 close(0); close(1); close(2);
1780 setsid();
1781 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1782 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1783 if (fd >= 0)
1784 exit(3); /* Acquired ctty: broken */
1785 else
1786 exit(0); /* Did not acquire ctty: OK */
1787 }
1788}
08822d99 1789 ]])],
7cac2b65 1790 [
1791 AC_MSG_RESULT(yes)
1792 ],
1793 [
1794 AC_MSG_RESULT(no)
1795 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1796 ],
1797 [
1798 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1799 ]
1800 )
1801fi
1802
8b32eddc 1803if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1804 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1805 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1806 AC_RUN_IFELSE(
1807 [AC_LANG_SOURCE([[
12a403af 1808#include <stdio.h>
1809#include <sys/socket.h>
1810#include <netdb.h>
1811#include <errno.h>
1812#include <netinet/in.h>
1813
1814#define TEST_PORT "2222"
1815
1816int
1817main(void)
1818{
1819 int err, sock;
1820 struct addrinfo *gai_ai, *ai, hints;
1821 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1822
1823 memset(&hints, 0, sizeof(hints));
1824 hints.ai_family = PF_UNSPEC;
1825 hints.ai_socktype = SOCK_STREAM;
1826 hints.ai_flags = AI_PASSIVE;
1827
1828 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1829 if (err != 0) {
1830 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1831 exit(1);
1832 }
1833
1834 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1835 if (ai->ai_family != AF_INET6)
1836 continue;
1837
1838 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1839 sizeof(ntop), strport, sizeof(strport),
1840 NI_NUMERICHOST|NI_NUMERICSERV);
1841
1842 if (err != 0) {
1843 if (err == EAI_SYSTEM)
1844 perror("getnameinfo EAI_SYSTEM");
1845 else
1846 fprintf(stderr, "getnameinfo failed: %s\n",
1847 gai_strerror(err));
1848 exit(2);
1849 }
1850
1851 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1852 if (sock < 0)
1853 perror("socket");
1854 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1855 if (errno == EBADF)
1856 exit(3);
1857 }
1858 }
1859 exit(0);
1860}
08822d99 1861 ]])],
12a403af 1862 [
1863 AC_MSG_RESULT(yes)
1864 ],
1865 [
1866 AC_MSG_RESULT(no)
1867 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1868 ],
1869 [
1870 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1871 ]
1872 )
1873fi
1874
8b32eddc 1875if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1876 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1877 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1878 AC_RUN_IFELSE(
1879 [AC_LANG_SOURCE([[
dfddba3d 1880#include <stdio.h>
1881#include <sys/socket.h>
1882#include <netdb.h>
1883#include <errno.h>
1884#include <netinet/in.h>
1885
1886#define TEST_PORT "2222"
1887
1888int
1889main(void)
1890{
1891 int err, sock;
1892 struct addrinfo *gai_ai, *ai, hints;
1893 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1894
1895 memset(&hints, 0, sizeof(hints));
1896 hints.ai_family = PF_UNSPEC;
1897 hints.ai_socktype = SOCK_STREAM;
1898 hints.ai_flags = AI_PASSIVE;
1899
1900 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1901 if (err != 0) {
1902 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1903 exit(1);
1904 }
1905
1906 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1907 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1908 continue;
1909
1910 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1911 sizeof(ntop), strport, sizeof(strport),
1912 NI_NUMERICHOST|NI_NUMERICSERV);
1913
1914 if (ai->ai_family == AF_INET && err != 0) {
1915 perror("getnameinfo");
1916 exit(2);
1917 }
1918 }
1919 exit(0);
1920}
08822d99 1921 ]])],
dfddba3d 1922 [
1923 AC_MSG_RESULT(yes)
08822d99 1924 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1925 [Define if you have a getaddrinfo that fails
1926 for the all-zeros IPv6 address])
dfddba3d 1927 ],
1928 [
1929 AC_MSG_RESULT(no)
1930 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1931 ],
30460aeb 1932 [
08822d99 1933 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1934 ]
1935 )
1936fi
1937
1938if test "x$check_for_conflicting_getspnam" = "x1"; then
1939 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1940 AC_COMPILE_IFELSE(
1941 [
1942#include <shadow.h>
1943int main(void) {exit(0);}
1944 ],
1945 [
1946 AC_MSG_RESULT(no)
1947 ],
1948 [
1949 AC_MSG_RESULT(yes)
1950 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1951 [Conflicting defs for getspnam])
1952 ]
1953 )
1954fi
1955
3c0ef626 1956AC_FUNC_GETPGRP
1957
350391c5 1958# Search for OpenSSL
1959saved_CPPFLAGS="$CPPFLAGS"
1960saved_LDFLAGS="$LDFLAGS"
3c0ef626 1961AC_ARG_WITH(ssl-dir,
1962 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1963 [
1964 if test "x$withval" != "xno" ; then
dfddba3d 1965 case "$withval" in
1966 # Relative paths
1967 ./*|../*) withval="`pwd`/$withval"
1968 esac
350391c5 1969 if test -d "$withval/lib"; then
1970 if test -n "${need_dash_r}"; then
1971 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1972 else
1973 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1974 fi
1975 else
350391c5 1976 if test -n "${need_dash_r}"; then
1977 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1978 else
1979 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1980 fi
1981 fi
350391c5 1982 if test -d "$withval/include"; then
1983 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1984 else
350391c5 1985 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1986 fi
1987 fi
350391c5 1988 ]
1989)
cdaf3e9d 1990if test -z "$GSI_LDFLAGS" ; then
540d72c3 1991LIBS="-lcrypto $LIBS"
22798398 1992fi
08822d99 1993AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1994 [Define if your ssl headers are included
1995 with #include <openssl/header.h>]),
3c0ef626 1996 [
350391c5 1997 dnl Check default openssl install dir
1998 if test -n "${need_dash_r}"; then
1999 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 2000 else
350391c5 2001 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 2002 fi
350391c5 2003 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
2004 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
2005 [
2006 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
2007 ]
2008 )
2009 ]
2010)
2011
d03f4262 2012# Determine OpenSSL header version
2013AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 2014AC_RUN_IFELSE(
2015 [AC_LANG_SOURCE([[
d03f4262 2016#include <stdio.h>
2017#include <string.h>
2018#include <openssl/opensslv.h>
2019#define DATA "conftest.sslincver"
2020int main(void) {
540d72c3 2021 FILE *fd;
2022 int rc;
d03f4262 2023
540d72c3 2024 fd = fopen(DATA,"w");
2025 if(fd == NULL)
2026 exit(1);
d03f4262 2027
2028 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
2029 exit(1);
2030
2031 exit(0);
2032}
dfddba3d 2033 ]])],
d03f4262 2034 [
2035 ssl_header_ver=`cat conftest.sslincver`
2036 AC_MSG_RESULT($ssl_header_ver)
2037 ],
2038 [
2039 AC_MSG_RESULT(not found)
2040 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 2041 ],
2042 [
2043 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2044 ]
2045)
2046
2047# Determine OpenSSL library version
2048AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 2049AC_RUN_IFELSE(
2050 [AC_LANG_SOURCE([[
d03f4262 2051#include <stdio.h>
2052#include <string.h>
2053#include <openssl/opensslv.h>
2054#include <openssl/crypto.h>
2055#define DATA "conftest.ssllibver"
2056int main(void) {
540d72c3 2057 FILE *fd;
2058 int rc;
d03f4262 2059
540d72c3 2060 fd = fopen(DATA,"w");
2061 if(fd == NULL)
2062 exit(1);
d03f4262 2063
2064 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2065 exit(1);
2066
2067 exit(0);
2068}
dfddba3d 2069 ]])],
d03f4262 2070 [
2071 ssl_library_ver=`cat conftest.ssllibver`
2072 AC_MSG_RESULT($ssl_library_ver)
2073 ],
2074 [
2075 AC_MSG_RESULT(not found)
2076 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 2077 ],
2078 [
2079 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2080 ]
2081)
3c0ef626 2082
0b90ac93 2083AC_ARG_WITH(openssl-header-check,
2084 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2085 [ if test "x$withval" = "xno" ; then
2086 openssl_check_nonfatal=1
2087 fi
2088 ]
2089)
2090
e9702f7d 2091# Sanity check OpenSSL headers
2092AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 2093AC_RUN_IFELSE(
2094 [AC_LANG_SOURCE([[
e9702f7d 2095#include <string.h>
2096#include <openssl/opensslv.h>
d03f4262 2097int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 2098 ]])],
e9702f7d 2099 [
2100 AC_MSG_RESULT(yes)
2101 ],
2102 [
2103 AC_MSG_RESULT(no)
0b90ac93 2104 if test "x$openssl_check_nonfatal" = "x"; then
2105 AC_MSG_ERROR([Your OpenSSL headers do not match your
2106library. Check config.log for details.
2107If you are sure your installation is consistent, you can disable the check
2108by running "./configure --without-openssl-header-check".
2109Also see contrib/findssl.sh for help identifying header/library mismatches.
2110])
2111 else
2112 AC_MSG_WARN([Your OpenSSL headers do not match your
2113library. Check config.log for details.
7cac2b65 2114Also see contrib/findssl.sh for help identifying header/library mismatches.])
0b90ac93 2115 fi
dfddba3d 2116 ],
2117 [
2118 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 2119 ]
2120)
2121
30460aeb 2122AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2123AC_LINK_IFELSE(
2124 [AC_LANG_SOURCE([[
2125#include <openssl/evp.h>
2126int main(void) { SSLeay_add_all_algorithms(); }
2127 ]])],
2128 [
2129 AC_MSG_RESULT(yes)
2130 ],
2131 [
2132 AC_MSG_RESULT(no)
2133 saved_LIBS="$LIBS"
2134 LIBS="$LIBS -ldl"
2135 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2136 AC_LINK_IFELSE(
2137 [AC_LANG_SOURCE([[
2138#include <openssl/evp.h>
2139int main(void) { SSLeay_add_all_algorithms(); }
2140 ]])],
2141 [
2142 AC_MSG_RESULT(yes)
2143 ],
2144 [
2145 AC_MSG_RESULT(no)
2146 LIBS="$saved_LIBS"
2147 ]
2148 )
2149 ]
2150)
2151
2152AC_ARG_WITH(ssl-engine,
2153 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2154 [ if test "x$withval" != "xno" ; then
2155 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2156 AC_TRY_COMPILE(
2157 [ #include <openssl/engine.h>],
2158 [
240debe0 2159ENGINE_load_builtin_engines();ENGINE_register_all_complete();
30460aeb 2160 ],
2161 [ AC_MSG_RESULT(yes)
2162 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2163 [Enable OpenSSL engine support])
2164 ],
2165 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2166 )
2167 fi ]
2168)
2169
08822d99 2170# Check for OpenSSL without EVP_aes_{192,256}_cbc
2171AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
30460aeb 2172AC_LINK_IFELSE(
08822d99 2173 [AC_LANG_SOURCE([[
2174#include <string.h>
2175#include <openssl/evp.h>
4b6dae8f 2176int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
08822d99 2177 ]])],
2178 [
2179 AC_MSG_RESULT(no)
2180 ],
2181 [
2182 AC_MSG_RESULT(yes)
2183 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2184 [libcrypto is missing AES 192 and 256 bit functions])
2185 ]
2186)
2187
540d72c3 2188# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2189# because the system crypt() is more featureful.
2190if test "x$check_for_libcrypt_before" = "x1"; then
2191 AC_CHECK_LIB(crypt, crypt)
2192fi
2193
2194# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2195# version in OpenSSL.
7cac2b65 2196if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2197 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2198fi
2199
30460aeb 2200# Search for SHA256 support in libc and/or OpenSSL
2201AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2202
fa0f0f45 2203saved_LIBS="$LIBS"
2204AC_CHECK_LIB(iaf, ia_openinfo, [
2205 LIBS="$LIBS -liaf"
e74dc197 2206 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2207 AC_DEFINE(HAVE_LIBIAF, 1,
2208 [Define if system has libiaf that supports set_id])
2209 ])
fa0f0f45 2210])
2211LIBS="$saved_LIBS"
e9702f7d 2212
2213### Configure cryptographic random number support
2214
2215# Check wheter OpenSSL seeds itself
2216AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2217AC_RUN_IFELSE(
2218 [AC_LANG_SOURCE([[
e9702f7d 2219#include <string.h>
2220#include <openssl/rand.h>
d03f4262 2221int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2222 ]])],
e9702f7d 2223 [
2224 OPENSSL_SEEDS_ITSELF=yes
2225 AC_MSG_RESULT(yes)
2226 ],
2227 [
2228 AC_MSG_RESULT(no)
2229 # Default to use of the rand helper if OpenSSL doesn't
2230 # seed itself
2231 USE_RAND_HELPER=yes
dfddba3d 2232 ],
2233 [
2234 AC_MSG_WARN([cross compiling: assuming yes])
2235 # This is safe, since all recent OpenSSL versions will
8b32eddc 2236 # complain at runtime if not seeded correctly.
dfddba3d 2237 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2238 ]
2239)
2240
30460aeb 2241# Check for PAM libs
2242PAM_MSG="no"
2243AC_ARG_WITH(pam,
2244 [ --with-pam Enable PAM support ],
2245 [
2246 if test "x$withval" != "xno" ; then
2247 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2248 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2249 AC_MSG_ERROR([PAM headers not found])
2250 fi
2251
2252 saved_LIBS="$LIBS"
2253 AC_CHECK_LIB(dl, dlopen, , )
2254 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2255 AC_CHECK_FUNCS(pam_getenvlist)
2256 AC_CHECK_FUNCS(pam_putenv)
2257 LIBS="$saved_LIBS"
2258
2259 PAM_MSG="yes"
2260
fa0f0f45 2261 SSHDLIBS="$SSHDLIBS -lpam"
30460aeb 2262 AC_DEFINE(USE_PAM, 1,
2263 [Define if you want to enable PAM support])
2264
2265 if test $ac_cv_lib_dl_dlopen = yes; then
2266 case "$LIBS" in
2267 *-ldl*)
2268 # libdl already in LIBS
2269 ;;
2270 *)
fa0f0f45 2271 SSHDLIBS="$SSHDLIBS -ldl"
30460aeb 2272 ;;
2273 esac
2274 fi
30460aeb 2275 fi
2276 ]
2277)
2278
2279# Check for older PAM
2280if test "x$PAM_MSG" = "xyes" ; then
2281 # Check PAM strerror arguments (old PAM)
2282 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2283 AC_TRY_COMPILE(
2284 [
2285#include <stdlib.h>
2286#if defined(HAVE_SECURITY_PAM_APPL_H)
2287#include <security/pam_appl.h>
2288#elif defined (HAVE_PAM_PAM_APPL_H)
2289#include <pam/pam_appl.h>
2290#endif
2291 ],
2292 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2293 [AC_MSG_RESULT(no)],
2294 [
2295 AC_DEFINE(HAVE_OLD_PAM, 1,
2296 [Define if you have an old version of PAM
2297 which takes only one argument to pam_strerror])
2298 AC_MSG_RESULT(yes)
2299 PAM_MSG="yes (old library)"
2300 ]
2301 )
2302fi
e9702f7d 2303
2304# Do we want to force the use of the rand helper?
2305AC_ARG_WITH(rand-helper,
2306 [ --with-rand-helper Use subprocess to gather strong randomness ],
2307 [
2308 if test "x$withval" = "xno" ; then
540d72c3 2309 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2310 # the previous test showed it to be unseeded.
2311 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2312 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2313 OPENSSL_SEEDS_ITSELF=yes
2314 USE_RAND_HELPER=""
2315 fi
2316 else
2317 USE_RAND_HELPER=yes
2318 fi
2319 ],
8b32eddc 2320)
e9702f7d 2321
2322# Which randomness source do we use?
8b32eddc 2323if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2324 # OpenSSL only
08822d99 2325 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2326 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2327 RAND_MSG="OpenSSL internal ONLY"
2328 INSTALL_SSH_RAND_HELPER=""
2329elif test ! -z "$USE_RAND_HELPER" ; then
2330 # install rand helper
2331 RAND_MSG="ssh-rand-helper"
2332 INSTALL_SSH_RAND_HELPER="yes"
2333fi
2334AC_SUBST(INSTALL_SSH_RAND_HELPER)
2335
2336### Configuration of ssh-rand-helper
2337
2338# PRNGD TCP socket
2339AC_ARG_WITH(prngd-port,
2340 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2341 [
2342 case "$withval" in
2343 no)
2344 withval=""
2345 ;;
2346 [[0-9]]*)
2347 ;;
2348 *)
2349 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2350 ;;
2351 esac
2352 if test ! -z "$withval" ; then
2353 PRNGD_PORT="$withval"
08822d99 2354 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2355 [Port number of PRNGD/EGD random number socket])
e9702f7d 2356 fi
2357 ]
2358)
2359
2360# PRNGD Unix domain socket
2361AC_ARG_WITH(prngd-socket,
2362 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2363 [
2364 case "$withval" in
2365 yes)
2366 withval="/var/run/egd-pool"
2367 ;;
2368 no)
2369 withval=""
2370 ;;
2371 /*)
2372 ;;
2373 *)
2374 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2375 ;;
2376 esac
2377
2378 if test ! -z "$withval" ; then
2379 if test ! -z "$PRNGD_PORT" ; then
2380 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2381 fi
2382 if test ! -r "$withval" ; then
2383 AC_MSG_WARN(Entropy socket is not readable)
2384 fi
2385 PRNGD_SOCKET="$withval"
08822d99 2386 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2387 [Location of PRNGD/EGD random number socket])
e9702f7d 2388 fi
2389 ],
2390 [
2391 # Check for existing socket only if we don't have a random device already
2392 if test "$USE_RAND_HELPER" = yes ; then
2393 AC_MSG_CHECKING(for PRNGD/EGD socket)
2394 # Insert other locations here
2395 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2396 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2397 PRNGD_SOCKET="$sock"
2398 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2399 break;
2400 fi
2401 done
2402 if test ! -z "$PRNGD_SOCKET" ; then
2403 AC_MSG_RESULT($PRNGD_SOCKET)
2404 else
2405 AC_MSG_RESULT(not found)
2406 fi
2407 fi
2408 ]
2409)
2410
2411# Change default command timeout for hashing entropy source
2412entropy_timeout=200
2413AC_ARG_WITH(entropy-timeout,
2414 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2415 [
8b32eddc 2416 if test -n "$withval" && test "x$withval" != "xno" && \
2417 test "x${withval}" != "xyes"; then
e9702f7d 2418 entropy_timeout=$withval
2419 fi
8b32eddc 2420 ]
e9702f7d 2421)
08822d99 2422AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2423 [Builtin PRNG command timeout])
e9702f7d 2424
276b07a3 2425SSH_PRIVSEP_USER=sshd
350391c5 2426AC_ARG_WITH(privsep-user,
2427 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2428 [
8b32eddc 2429 if test -n "$withval" && test "x$withval" != "xno" && \
2430 test "x${withval}" != "xyes"; then
276b07a3 2431 SSH_PRIVSEP_USER=$withval
350391c5 2432 fi
8b32eddc 2433 ]
350391c5 2434)
08822d99 2435AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2436 [non-privileged user for privilege separation])
276b07a3 2437AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2438
2439# We do this little dance with the search path to insure
2440# that programs that we select for use by installed programs
2441# (which may be run by the super-user) come from trusted
2442# locations before they come from the user's private area.
2443# This should help avoid accidentally configuring some
2444# random version of a program in someone's personal bin.
2445
2446OPATH=$PATH
2447PATH=/bin:/usr/bin
2448test -h /bin 2> /dev/null && PATH=/usr/bin
2449test -d /sbin && PATH=$PATH:/sbin
2450test -d /usr/sbin && PATH=$PATH:/usr/sbin
2451PATH=$PATH:/etc:$OPATH
2452
540d72c3 2453# These programs are used by the command hashing source to gather entropy
e9702f7d 2454OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2455OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2456OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2457OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2458OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2459OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2460OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2461OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2462OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2463OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2464OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2465OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2466OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2467OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2468OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2469OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2470# restore PATH
2471PATH=$OPATH
e9702f7d 2472
2473# Where does ssh-rand-helper get its randomness from?
2474INSTALL_SSH_PRNG_CMDS=""
2475if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2476 if test ! -z "$PRNGD_PORT" ; then
2477 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2478 elif test ! -z "$PRNGD_SOCKET" ; then
2479 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2480 else
2481 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2482 RAND_HELPER_CMDHASH=yes
2483 INSTALL_SSH_PRNG_CMDS="yes"
2484 fi
2485fi
2486AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2487
2488
3c0ef626 2489# Cheap hack to ensure NEWS-OS libraries are arranged right.
2490if test ! -z "$SONY" ; then
2491 LIBS="$LIBS -liberty";
2492fi
2493
08822d99 2494# Check for long long datatypes
2495AC_CHECK_TYPES([long long, unsigned long long, long double])
2496
2497# Check datatype sizes
3c0ef626 2498AC_CHECK_SIZEOF(char, 1)
2499AC_CHECK_SIZEOF(short int, 2)
2500AC_CHECK_SIZEOF(int, 4)
2501AC_CHECK_SIZEOF(long int, 4)
2502AC_CHECK_SIZEOF(long long int, 8)
2503
350391c5 2504# Sanity check long long for some platforms (AIX)
2505if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2506 ac_cv_sizeof_long_long_int=0
2507fi
2508
08822d99 2509# compute LLONG_MIN and LLONG_MAX if we don't know them.
2510if test -z "$have_llong_max"; then
2511 AC_MSG_CHECKING([for max value of long long])
2512 AC_RUN_IFELSE(
2513 [AC_LANG_SOURCE([[
2514#include <stdio.h>
2515/* Why is this so damn hard? */
2516#ifdef __GNUC__
2517# undef __GNUC__
2518#endif
2519#define __USE_ISOC99
2520#include <limits.h>
2521#define DATA "conftest.llminmax"
30460aeb 2522#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2523
2524/*
2525 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2526 * we do this the hard way.
2527 */
2528static int
2529fprint_ll(FILE *f, long long n)
2530{
2531 unsigned int i;
2532 int l[sizeof(long long) * 8];
2533
2534 if (n < 0)
2535 if (fprintf(f, "-") < 0)
2536 return -1;
2537 for (i = 0; n != 0; i++) {
2538 l[i] = my_abs(n % 10);
2539 n /= 10;
2540 }
2541 do {
2542 if (fprintf(f, "%d", l[--i]) < 0)
2543 return -1;
2544 } while (i != 0);
2545 if (fprintf(f, " ") < 0)
2546 return -1;
2547 return 0;
2548}
2549
08822d99 2550int main(void) {
2551 FILE *f;
2552 long long i, llmin, llmax = 0;
2553
2554 if((f = fopen(DATA,"w")) == NULL)
2555 exit(1);
2556
2557#if defined(LLONG_MIN) && defined(LLONG_MAX)
2558 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2559 llmin = LLONG_MIN;
2560 llmax = LLONG_MAX;
2561#else
2562 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2563 /* This will work on one's complement and two's complement */
2564 for (i = 1; i > llmax; i <<= 1, i++)
2565 llmax = i;
2566 llmin = llmax + 1LL; /* wrap */
2567#endif
2568
2569 /* Sanity check */
2570 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
30460aeb 2571 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2572 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
08822d99 2573 fprintf(f, "unknown unknown\n");
2574 exit(2);
2575 }
2576
30460aeb 2577 if (fprint_ll(f, llmin) < 0)
08822d99 2578 exit(3);
30460aeb 2579 if (fprint_ll(f, llmax) < 0)
2580 exit(4);
2581 if (fclose(f) < 0)
2582 exit(5);
08822d99 2583 exit(0);
2584}
2585 ]])],
2586 [
2587 llong_min=`$AWK '{print $1}' conftest.llminmax`
2588 llong_max=`$AWK '{print $2}' conftest.llminmax`
2589
08822d99 2590 AC_MSG_RESULT($llong_max)
2591 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2592 [max value of long long calculated by configure])
2593 AC_MSG_CHECKING([for min value of long long])
2594 AC_MSG_RESULT($llong_min)
2595 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2596 [min value of long long calculated by configure])
2597 ],
2598 [
2599 AC_MSG_RESULT(not found)
2600 ],
2601 [
2602 AC_MSG_WARN([cross compiling: not checking])
2603 ]
2604 )
2605fi
2606
2607
3c0ef626 2608# More checks for data types
2609AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2610 AC_TRY_COMPILE(
540d72c3 2611 [ #include <sys/types.h> ],
2612 [ u_int a; a = 1;],
3c0ef626 2613 [ ac_cv_have_u_int="yes" ],
2614 [ ac_cv_have_u_int="no" ]
2615 )
2616])
2617if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2618 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2619 have_u_int=1
2620fi
2621
2622AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2623 AC_TRY_COMPILE(
540d72c3 2624 [ #include <sys/types.h> ],
2625 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2626 [ ac_cv_have_intxx_t="yes" ],
2627 [ ac_cv_have_intxx_t="no" ]
2628 )
2629])
2630if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2631 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2632 have_intxx_t=1
2633fi
2634
2635if (test -z "$have_intxx_t" && \
540d72c3 2636 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2637then
2638 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2639 AC_TRY_COMPILE(
540d72c3 2640 [ #include <stdint.h> ],
2641 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2642 [
2643 AC_DEFINE(HAVE_INTXX_T)
2644 AC_MSG_RESULT(yes)
2645 ],
2646 [ AC_MSG_RESULT(no) ]
2647 )
2648fi
2649
2650AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2651 AC_TRY_COMPILE(
d03f4262 2652 [
2653#include <sys/types.h>
2654#ifdef HAVE_STDINT_H
2655# include <stdint.h>
2656#endif
2657#include <sys/socket.h>
2658#ifdef HAVE_SYS_BITYPES_H
2659# include <sys/bitypes.h>
2660#endif
540d72c3 2661 ],
2662 [ int64_t a; a = 1;],
3c0ef626 2663 [ ac_cv_have_int64_t="yes" ],
2664 [ ac_cv_have_int64_t="no" ]
2665 )
2666])
2667if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2668 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2669fi
2670
3c0ef626 2671AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2672 AC_TRY_COMPILE(
540d72c3 2673 [ #include <sys/types.h> ],
2674 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2675 [ ac_cv_have_u_intxx_t="yes" ],
2676 [ ac_cv_have_u_intxx_t="no" ]
2677 )
2678])
2679if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2680 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2681 have_u_intxx_t=1
2682fi
2683
2684if test -z "$have_u_intxx_t" ; then
2685 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2686 AC_TRY_COMPILE(
540d72c3 2687 [ #include <sys/socket.h> ],
2688 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2689 [
2690 AC_DEFINE(HAVE_U_INTXX_T)
2691 AC_MSG_RESULT(yes)
2692 ],
2693 [ AC_MSG_RESULT(no) ]
2694 )
2695fi
2696
2697AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2698 AC_TRY_COMPILE(
540d72c3 2699 [ #include <sys/types.h> ],
2700 [ u_int64_t a; a = 1;],
3c0ef626 2701 [ ac_cv_have_u_int64_t="yes" ],
2702 [ ac_cv_have_u_int64_t="no" ]
2703 )
2704])
2705if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2706 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2707 have_u_int64_t=1
2708fi
2709
e9702f7d 2710if test -z "$have_u_int64_t" ; then
2711 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2712 AC_TRY_COMPILE(
540d72c3 2713 [ #include <sys/bitypes.h> ],
e9702f7d 2714 [ u_int64_t a; a = 1],
2715 [
2716 AC_DEFINE(HAVE_U_INT64_T)
2717 AC_MSG_RESULT(yes)
2718 ],
2719 [ AC_MSG_RESULT(no) ]
2720 )
2721fi
2722
3c0ef626 2723if test -z "$have_u_intxx_t" ; then
2724 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2725 AC_TRY_COMPILE(
2726 [
2727#include <sys/types.h>
540d72c3 2728 ],
2729 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2730 [ ac_cv_have_uintxx_t="yes" ],
2731 [ ac_cv_have_uintxx_t="no" ]
2732 )
2733 ])
2734 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2735 AC_DEFINE(HAVE_UINTXX_T, 1,
2736 [define if you have uintxx_t data type])
3c0ef626 2737 fi
2738fi
2739
2740if test -z "$have_uintxx_t" ; then
2741 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2742 AC_TRY_COMPILE(
540d72c3 2743 [ #include <stdint.h> ],
2744 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2745 [
2746 AC_DEFINE(HAVE_UINTXX_T)
2747 AC_MSG_RESULT(yes)
2748 ],
2749 [ AC_MSG_RESULT(no) ]
2750 )
2751fi
2752
2753if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2754 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2755then
2756 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2757 AC_TRY_COMPILE(
2758 [
2759#include <sys/bitypes.h>
540d72c3 2760 ],
3c0ef626 2761 [
2762 int8_t a; int16_t b; int32_t c;
2763 u_int8_t e; u_int16_t f; u_int32_t g;
2764 a = b = c = e = f = g = 1;
540d72c3 2765 ],
3c0ef626 2766 [
2767 AC_DEFINE(HAVE_U_INTXX_T)
2768 AC_DEFINE(HAVE_INTXX_T)
2769 AC_MSG_RESULT(yes)
2770 ],
2771 [AC_MSG_RESULT(no)]
540d72c3 2772 )
3c0ef626 2773fi
2774
2775
2776AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2777 AC_TRY_COMPILE(
2778 [
2779#include <sys/types.h>
2780 ],
2781 [ u_char foo; foo = 125; ],
2782 [ ac_cv_have_u_char="yes" ],
2783 [ ac_cv_have_u_char="no" ]
2784 )
2785])
2786if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2787 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2788fi
2789
2790TYPE_SOCKLEN_T
2791
e9702f7d 2792AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2793
dfddba3d 2794AC_CHECK_TYPES(in_addr_t,,,
2795[#include <sys/types.h>
2796#include <netinet/in.h>])
2797
3c0ef626 2798AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2799 AC_TRY_COMPILE(
2800 [
2801#include <sys/types.h>
2802 ],
2803 [ size_t foo; foo = 1235; ],
2804 [ ac_cv_have_size_t="yes" ],
2805 [ ac_cv_have_size_t="no" ]
2806 )
2807])
2808if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2809 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2810fi
2811
2812AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2813 AC_TRY_COMPILE(
2814 [
2815#include <sys/types.h>
2816 ],
2817 [ ssize_t foo; foo = 1235; ],
2818 [ ac_cv_have_ssize_t="yes" ],
2819 [ ac_cv_have_ssize_t="no" ]
2820 )
2821])
2822if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2823 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2824fi
2825
2826AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2827 AC_TRY_COMPILE(
2828 [
2829#include <time.h>
2830 ],
2831 [ clock_t foo; foo = 1235; ],
2832 [ ac_cv_have_clock_t="yes" ],
2833 [ ac_cv_have_clock_t="no" ]
2834 )
2835])
2836if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2837 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2838fi
2839
2840AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2841 AC_TRY_COMPILE(
2842 [
2843#include <sys/types.h>
2844#include <sys/socket.h>
2845 ],
2846 [ sa_family_t foo; foo = 1235; ],
2847 [ ac_cv_have_sa_family_t="yes" ],
2848 [ AC_TRY_COMPILE(
2849 [
2850#include <sys/types.h>
2851#include <sys/socket.h>
2852#include <netinet/in.h>
2853 ],
2854 [ sa_family_t foo; foo = 1235; ],
2855 [ ac_cv_have_sa_family_t="yes" ],
2856
2857 [ ac_cv_have_sa_family_t="no" ]
2858 )]
2859 )
2860])
2861if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2862 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2863 [define if you have sa_family_t data type])
3c0ef626 2864fi
2865
2866AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2867 AC_TRY_COMPILE(
2868 [
2869#include <sys/types.h>
2870 ],
2871 [ pid_t foo; foo = 1235; ],
2872 [ ac_cv_have_pid_t="yes" ],
2873 [ ac_cv_have_pid_t="no" ]
2874 )
2875])
2876if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2877 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2878fi
2879
2880AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2881 AC_TRY_COMPILE(
2882 [
2883#include <sys/types.h>
2884 ],
2885 [ mode_t foo; foo = 1235; ],
2886 [ ac_cv_have_mode_t="yes" ],
2887 [ ac_cv_have_mode_t="no" ]
2888 )
2889])
2890if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2891 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2892fi
2893
2894
2895AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2896 AC_TRY_COMPILE(
2897 [
2898#include <sys/types.h>
2899#include <sys/socket.h>
2900 ],
2901 [ struct sockaddr_storage s; ],
2902 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2903 [ ac_cv_have_struct_sockaddr_storage="no" ]
2904 )
2905])
2906if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2907 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2908 [define if you have struct sockaddr_storage data type])
3c0ef626 2909fi
2910
2911AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2912 AC_TRY_COMPILE(
2913 [
2914#include <sys/types.h>
2915#include <netinet/in.h>
2916 ],
2917 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2918 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2919 [ ac_cv_have_struct_sockaddr_in6="no" ]
2920 )
2921])
2922if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2923 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2924 [define if you have struct sockaddr_in6 data type])
3c0ef626 2925fi
2926
2927AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2928 AC_TRY_COMPILE(
2929 [
2930#include <sys/types.h>
2931#include <netinet/in.h>
2932 ],
2933 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2934 [ ac_cv_have_struct_in6_addr="yes" ],
2935 [ ac_cv_have_struct_in6_addr="no" ]
2936 )
2937])
2938if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2939 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2940 [define if you have struct in6_addr data type])
3c0ef626 2941fi
2942
2943AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2944 AC_TRY_COMPILE(
2945 [
2946#include <sys/types.h>
2947#include <sys/socket.h>
2948#include <netdb.h>
2949 ],
2950 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2951 [ ac_cv_have_struct_addrinfo="yes" ],
2952 [ ac_cv_have_struct_addrinfo="no" ]
2953 )
2954])
2955if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2956 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2957 [define if you have struct addrinfo data type])
3c0ef626 2958fi
2959
2960AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2961 AC_TRY_COMPILE(
540d72c3 2962 [ #include <sys/time.h> ],
2963 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2964 [ ac_cv_have_struct_timeval="yes" ],
2965 [ ac_cv_have_struct_timeval="no" ]
2966 )
2967])
2968if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2969 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2970 have_struct_timeval=1
2971fi
2972
bfe49944 2973AC_CHECK_TYPES(struct timespec)
2974
2975# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2976if test "x$ac_cv_have_int64_t" = "xno" && \
2977 test "x$ac_cv_sizeof_long_int" != "x8" && \
2978 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2979 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2980 echo "an alternative compiler (I.E., GCC) before continuing."
2981 echo ""
2982 exit 1;
3c0ef626 2983else
2984dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2985 AC_RUN_IFELSE(
2986 [AC_LANG_SOURCE([[
3c0ef626 2987#include <stdio.h>
2988#include <string.h>
2989#ifdef HAVE_SNPRINTF
2990main()
2991{
2992 char buf[50];
2993 char expected_out[50];
2994 int mazsize = 50 ;
2995#if (SIZEOF_LONG_INT == 8)
2996 long int num = 0x7fffffffffffffff;
2997#else
2998 long long num = 0x7fffffffffffffffll;
2999#endif
3000 strcpy(expected_out, "9223372036854775807");
3001 snprintf(buf, mazsize, "%lld", num);
3002 if(strcmp(buf, expected_out) != 0)
540d72c3 3003 exit(1);
3c0ef626 3004 exit(0);
3005}
3006#else
3007main() { exit(0); }
3008#endif
dfddba3d 3009 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
3010 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 3011 )
3012fi
3c0ef626 3013
3014dnl Checks for structure members
3015OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
3016OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
3017OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
3018OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
3019OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
3020OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
3021OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
3022OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
3023OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
3024OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
3025OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
3026OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
3027OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
3028OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
3029OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
3030OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
3031OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
3032
3033AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 3034AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
3035 [Define if we don't have struct __res_state in resolv.h])],
3036[
3037#include <stdio.h>
3038#if HAVE_SYS_TYPES_H
3039# include <sys/types.h>
3040#endif
3041#include <netinet/in.h>
3042#include <arpa/nameser.h>
3043#include <resolv.h>
3044])
3c0ef626 3045
3046AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
3047 ac_cv_have_ss_family_in_struct_ss, [
3048 AC_TRY_COMPILE(
3049 [
3050#include <sys/types.h>
3051#include <sys/socket.h>
3052 ],
3053 [ struct sockaddr_storage s; s.ss_family = 1; ],
3054 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
3055 [ ac_cv_have_ss_family_in_struct_ss="no" ],
3056 )
3057])
3058if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 3059 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 3060fi
3061
3062AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
3063 ac_cv_have___ss_family_in_struct_ss, [
3064 AC_TRY_COMPILE(
3065 [
3066#include <sys/types.h>
3067#include <sys/socket.h>
3068 ],
3069 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3070 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3071 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3072 )
3073])
3074if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 3075 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3076 [Fields in struct sockaddr_storage])
3c0ef626 3077fi
3078
3079AC_CACHE_CHECK([for pw_class field in struct passwd],
3080 ac_cv_have_pw_class_in_struct_passwd, [
3081 AC_TRY_COMPILE(
3082 [
3083#include <pwd.h>
3084 ],
3085 [ struct passwd p; p.pw_class = 0; ],
3086 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3087 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3088 )
3089])
3090if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 3091 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3092 [Define if your password has a pw_class field])
3c0ef626 3093fi
3094
3095AC_CACHE_CHECK([for pw_expire field in struct passwd],
3096 ac_cv_have_pw_expire_in_struct_passwd, [
3097 AC_TRY_COMPILE(
3098 [
3099#include <pwd.h>
3100 ],
3101 [ struct passwd p; p.pw_expire = 0; ],
3102 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3103 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3104 )
3105])
3106if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 3107 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3108 [Define if your password has a pw_expire field])
3c0ef626 3109fi
3110
3111AC_CACHE_CHECK([for pw_change field in struct passwd],
3112 ac_cv_have_pw_change_in_struct_passwd, [
3113 AC_TRY_COMPILE(
3114 [
3115#include <pwd.h>
3116 ],
3117 [ struct passwd p; p.pw_change = 0; ],
3118 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3119 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3120 )
3121])
3122if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 3123 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3124 [Define if your password has a pw_change field])
3c0ef626 3125fi
3126
541874c2 3127dnl make sure we're using the real structure members and not defines
350391c5 3128AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3129 ac_cv_have_accrights_in_msghdr, [
dfddba3d 3130 AC_COMPILE_IFELSE(
350391c5 3131 [
3132#include <sys/types.h>
3133#include <sys/socket.h>
3134#include <sys/uio.h>
541874c2 3135int main() {
3136#ifdef msg_accrights
dfddba3d 3137#error "msg_accrights is a macro"
541874c2 3138exit(1);
3139#endif
3140struct msghdr m;
3141m.msg_accrights = 0;
3142exit(0);
3143}
350391c5 3144 ],
350391c5 3145 [ ac_cv_have_accrights_in_msghdr="yes" ],
3146 [ ac_cv_have_accrights_in_msghdr="no" ]
3147 )
3148])
3149if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 3150 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3151 [Define if your system uses access rights style
3152 file descriptor passing])
350391c5 3153fi
3154
3155AC_CACHE_CHECK([for msg_control field in struct msghdr],
3156 ac_cv_have_control_in_msghdr, [
dfddba3d 3157 AC_COMPILE_IFELSE(
350391c5 3158 [
3159#include <sys/types.h>
3160#include <sys/socket.h>
3161#include <sys/uio.h>
541874c2 3162int main() {
3163#ifdef msg_control
dfddba3d 3164#error "msg_control is a macro"
541874c2 3165exit(1);
3166#endif
3167struct msghdr m;
3168m.msg_control = 0;
3169exit(0);
3170}
350391c5 3171 ],
350391c5 3172 [ ac_cv_have_control_in_msghdr="yes" ],
3173 [ ac_cv_have_control_in_msghdr="no" ]
3174 )
3175])
3176if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 3177 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3178 [Define if your system uses ancillary data style
3179 file descriptor passing])
350391c5 3180fi
3181
3c0ef626 3182AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 3183 AC_TRY_LINK([],
3184 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3185 [ ac_cv_libc_defines___progname="yes" ],
3186 [ ac_cv_libc_defines___progname="no" ]
3187 )
3188])
3189if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 3190 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3191fi
3192
350391c5 3193AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3194 AC_TRY_LINK([
3195#include <stdio.h>
540d72c3 3196],
3197 [ printf("%s", __FUNCTION__); ],
350391c5 3198 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3199 [ ac_cv_cc_implements___FUNCTION__="no" ]
3200 )
3201])
3202if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 3203 AC_DEFINE(HAVE___FUNCTION__, 1,
3204 [Define if compiler implements __FUNCTION__])
350391c5 3205fi
3206
3207AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3208 AC_TRY_LINK([
3209#include <stdio.h>
540d72c3 3210],
3211 [ printf("%s", __func__); ],
350391c5 3212 [ ac_cv_cc_implements___func__="yes" ],
3213 [ ac_cv_cc_implements___func__="no" ]
3214 )
3215])
3216if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 3217 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3218fi
3219
3220AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3221 AC_TRY_LINK(
3222 [#include <stdarg.h>
3223 va_list x,y;],
3224 [va_copy(x,y);],
3225 [ ac_cv_have_va_copy="yes" ],
3226 [ ac_cv_have_va_copy="no" ]
3227 )
3228])
3229if test "x$ac_cv_have_va_copy" = "xyes" ; then
3230 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3231fi
3232
3233AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3234 AC_TRY_LINK(
3235 [#include <stdarg.h>
3236 va_list x,y;],
3237 [__va_copy(x,y);],
3238 [ ac_cv_have___va_copy="yes" ],
3239 [ ac_cv_have___va_copy="no" ]
3240 )
3241])
3242if test "x$ac_cv_have___va_copy" = "xyes" ; then
3243 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 3244fi
3245
3c0ef626 3246AC_CACHE_CHECK([whether getopt has optreset support],
3247 ac_cv_have_getopt_optreset, [
3248 AC_TRY_LINK(
3249 [
3250#include <getopt.h>
3251 ],
3252 [ extern int optreset; optreset = 0; ],
3253 [ ac_cv_have_getopt_optreset="yes" ],
3254 [ ac_cv_have_getopt_optreset="no" ]
3255 )
3256])
3257if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 3258 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3259 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3260fi
3261
3262AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 3263 AC_TRY_LINK([],
3264 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3265 [ ac_cv_libc_defines_sys_errlist="yes" ],
3266 [ ac_cv_libc_defines_sys_errlist="no" ]
3267 )
3268])
3269if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 3270 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3271 [Define if your system defines sys_errlist[]])
3c0ef626 3272fi
3273
3274
3275AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3276 AC_TRY_LINK([],
3277 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3278 [ ac_cv_libc_defines_sys_nerr="yes" ],
3279 [ ac_cv_libc_defines_sys_nerr="no" ]
3280 )
3281])
3282if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3283 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3284fi
3285
540d72c3 3286SCARD_MSG="no"
350391c5 3287# Check whether user wants sectok support
3288AC_ARG_WITH(sectok,
3289 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3290 [
3291 if test "x$withval" != "xno" ; then
3292 if test "x$withval" != "xyes" ; then
3293 CPPFLAGS="$CPPFLAGS -I${withval}"
3294 LDFLAGS="$LDFLAGS -L${withval}"
3295 if test ! -z "$need_dash_r" ; then
3296 LDFLAGS="$LDFLAGS -R${withval}"
3297 fi
3298 if test ! -z "$blibpath" ; then
3299 blibpath="$blibpath:${withval}"
3300 fi
3301 fi
3302 AC_CHECK_HEADERS(sectok.h)
3303 if test "$ac_cv_header_sectok_h" != yes; then
3304 AC_MSG_ERROR(Can't find sectok.h)
3305 fi
3306 AC_CHECK_LIB(sectok, sectok_open)
3307 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3308 AC_MSG_ERROR(Can't find libsectok)
3309 fi
08822d99 3310 AC_DEFINE(SMARTCARD, 1,
3311 [Define if you want smartcard support])
3312 AC_DEFINE(USE_SECTOK, 1,
3313 [Define if you want smartcard support
3314 using sectok])
540d72c3 3315 SCARD_MSG="yes, using sectok"
3c0ef626 3316 fi
3317 ]
3318)
3319
350391c5 3320# Check whether user wants OpenSC support
8b32eddc 3321OPENSC_CONFIG="no"
350391c5 3322AC_ARG_WITH(opensc,
08822d99 3323 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3324 [
3325 if test "x$withval" != "xno" ; then
3326 if test "x$withval" != "xyes" ; then
3327 OPENSC_CONFIG=$withval/bin/opensc-config
3328 else
3329 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3330 fi
3331 if test "$OPENSC_CONFIG" != "no"; then
3332 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3333 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3334 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
30460aeb 3335 LIBS="$LIBS $LIBOPENSC_LIBS"
8b32eddc 3336 AC_DEFINE(SMARTCARD)
08822d99 3337 AC_DEFINE(USE_OPENSC, 1,
3338 [Define if you want smartcard support
3339 using OpenSC])
8b32eddc 3340 SCARD_MSG="yes, using OpenSC"
3341 fi
3342 fi
3343 ]
3344)
350391c5 3345
540d72c3 3346# Check libraries needed by DNS fingerprint support
3347AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3348 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3349 [Define if getrrsetbyname() exists])],
7cac2b65 3350 [
540d72c3 3351 # Needed by our getrrsetbyname()
3352 AC_SEARCH_LIBS(res_query, resolv)
3353 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3354 AC_MSG_CHECKING(if res_query will link)
3355 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3356 [AC_MSG_RESULT(no)
3357 saved_LIBS="$LIBS"
3358 LIBS="$LIBS -lresolv"
3359 AC_MSG_CHECKING(for res_query in -lresolv)
3360 AC_LINK_IFELSE([
3361#include <resolv.h>
3362int main()
3363{
3364 res_query (0, 0, 0, 0, 0);
3365 return 0;
3366}
3367 ],
3368 [LIBS="$LIBS -lresolv"
3369 AC_MSG_RESULT(yes)],
3370 [LIBS="$saved_LIBS"
3371 AC_MSG_RESULT(no)])
3372 ])
540d72c3 3373 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3374 AC_CHECK_DECLS([_getshort, _getlong], , ,
3375 [#include <sys/types.h>
3376 #include <arpa/nameser.h>])
540d72c3 3377 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3378 [AC_DEFINE(HAVE_HEADER_AD, 1,
3379 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3380 [#include <arpa/nameser.h>])
3381 ])
7cac2b65 3382
fa0f0f45 3383AC_MSG_CHECKING(if struct __res_state _res is an extern)
3384AC_LINK_IFELSE([
3385#include <stdio.h>
3386#if HAVE_SYS_TYPES_H
3387# include <sys/types.h>
3388#endif
3389#include <netinet/in.h>
3390#include <arpa/nameser.h>
3391#include <resolv.h>
3392extern struct __res_state _res;
3393int main() { return 0; }
3394 ],
3395 [AC_MSG_RESULT(yes)
3396 AC_DEFINE(HAVE__RES_EXTERN, 1,
3397 [Define if you have struct __res_state _res as an extern])
3398 ],
3399 [ AC_MSG_RESULT(no) ]
3400)
3401
30460aeb 3402# Check whether user wants SELinux support
3403SELINUX_MSG="no"
3404LIBSELINUX=""
3405AC_ARG_WITH(selinux,
e74dc197 3406 [ --with-selinux Enable SELinux support],
30460aeb 3407 [ if test "x$withval" != "xno" ; then
fa0f0f45 3408 save_LIBS="$LIBS"
30460aeb 3409 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3410 SELINUX_MSG="yes"
3411 AC_CHECK_HEADER([selinux/selinux.h], ,
3412 AC_MSG_ERROR(SELinux support requires selinux.h header))
3413 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3414 AC_MSG_ERROR(SELinux support requires libselinux library))
fa0f0f45 3415 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
30460aeb 3416 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
240debe0 3417 LIBS="$save_LIBS"
30460aeb 3418 fi ]
3419)
30460aeb 3420
282f473f 3421# Check whether the user wants GSSAPI mechglue support
3422AC_ARG_WITH(mechglue,
3423 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
3424 [
3425 AC_MSG_CHECKING(for mechglue library)
3426
3427 if test -e ${withval}/libgssapi.a ; then
3428 mechglue_lib=${withval}/libgssapi.a
3429 elif test -e ${withval}/lib/libgssapi.a ; then
3430 mechglue_lib=${withval}/lib/libgssapi.a
3431 else
3432 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
3433 fi
3434 LIBS="${mechglue_lib} $LIBS"
3435 AC_MSG_RESULT(${mechglue_lib})
3436
3437 AC_CHECK_LIB(dl, dlopen, , )
3438 if test $ac_cv_lib_dl_dlopen = yes; then
3439 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
3440 fi
3441
3442 AC_DEFINE(GSSAPI)
3443 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
3444 GSSAPI="mechglue"
3445 ]
3446)
3447
3448
63119dd9 3449# Check whether user wants Kerberos 5 support
540d72c3 3450KRB5_MSG="no"
63119dd9 3451AC_ARG_WITH(kerberos5,
540d72c3 3452 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3453 [ if test "x$withval" != "xno" ; then
3454 if test "x$withval" = "xyes" ; then
3455 KRB5ROOT="/usr/local"
3456 else
3457 KRB5ROOT=${withval}
3458 fi
3459
08822d99 3460 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3461 KRB5_MSG="yes"
3462
3463 AC_MSG_CHECKING(for krb5-config)
3464 if test -x $KRB5ROOT/bin/krb5-config ; then
3465 KRB5CONF=$KRB5ROOT/bin/krb5-config
3466 AC_MSG_RESULT($KRB5CONF)
3467
3468 AC_MSG_CHECKING(for gssapi support)
3469 if $KRB5CONF | grep gssapi >/dev/null ; then
3470 AC_MSG_RESULT(yes)
08822d99 3471 AC_DEFINE(GSSAPI, 1,
3472 [Define this if you want GSSAPI
3473 support in the version 2 protocol])
540d72c3 3474 k5confopts=gssapi
3475 else
3476 AC_MSG_RESULT(no)
3477 k5confopts=""
3478 fi
3479 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3480 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3481 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3482 AC_MSG_CHECKING(whether we are using Heimdal)
3483 AC_TRY_COMPILE([ #include <krb5.h> ],
3484 [ char *tmp = heimdal_version; ],
3485 [ AC_MSG_RESULT(yes)
08822d99 3486 AC_DEFINE(HEIMDAL, 1,
3487 [Define this if you are using the
3488 Heimdal version of Kerberos V5]) ],
540d72c3 3489 AC_MSG_RESULT(no)
3490 )
3491 else
3492 AC_MSG_RESULT(no)
63119dd9 3493 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3494 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3495 AC_MSG_CHECKING(whether we are using Heimdal)
3496 AC_TRY_COMPILE([ #include <krb5.h> ],
3497 [ char *tmp = heimdal_version; ],
3498 [ AC_MSG_RESULT(yes)
3499 AC_DEFINE(HEIMDAL)
7e82606e 3500 K5LIBS="-lkrb5 -ldes"
3501 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3502 AC_CHECK_LIB(roken, net_write,
7e82606e 3503 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3504 ],
3505 [ AC_MSG_RESULT(no)
3506 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3507 ]
3508 )
7cac2b65 3509 AC_SEARCH_LIBS(dn_expand, resolv)
3510
3511 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3512 [ AC_DEFINE(GSSAPI)
3513 K5LIBS="-lgssapi $K5LIBS" ],
3514 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3515 [ AC_DEFINE(GSSAPI)
540d72c3 3516 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3517 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3518 $K5LIBS)
3519 ],
3520 $K5LIBS)
8b32eddc 3521
7cac2b65 3522 AC_CHECK_HEADER(gssapi.h, ,
3523 [ unset ac_cv_header_gssapi_h
540d72c3 3524 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3525 AC_CHECK_HEADERS(gssapi.h, ,
3526 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3527 )
7cac2b65 3528 ]
3529 )
3530
3531 oldCPP="$CPPFLAGS"
3532 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3533 AC_CHECK_HEADER(gssapi_krb5.h, ,
3534 [ CPPFLAGS="$oldCPP" ])
63119dd9 3535
1c89237d 3536 # If we're using some other GSSAPI
3537 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3538 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3539 fi
5598e598 3540
540d72c3 3541 if test -z "$GSSAPI"; then
3542 GSSAPI="KRB5";
3543 fi
1c89237d 3544
5598e598 3545 oldCPP="$CPPFLAGS"
3546 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3547 AC_CHECK_HEADER(gssapi_krb5.h, ,
3548 [ CPPFLAGS="$oldCPP" ])
3549
63119dd9 3550 fi
540d72c3 3551 if test ! -z "$need_dash_r" ; then
3552 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3553 fi
3554 if test ! -z "$blibpath" ; then
3555 blibpath="$blibpath:${KRB5ROOT}/lib"
3556 fi
540d72c3 3557
08822d99 3558 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3559 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3560 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3561
08822d99 3562 LIBS="$LIBS $K5LIBS"
3563 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3564 [Define this if you want to use libkafs' AFS support]))
3565 fi
540d72c3 3566 ]
63119dd9 3567)
3c0ef626 3568
62eb343a 3569# Check whether user wants AFS_KRB5 support
3570AFS_KRB5_MSG="no"
3571AC_ARG_WITH(afs-krb5,
3572 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3573 [
3574 if test "x$withval" != "xno" ; then
3575
3576 if test "x$withval" != "xyes" ; then
08822d99 3577 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3578 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3579 else
08822d99 3580 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3581 "/usr/bin/aklog",
3582 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3583 fi
3584
540d72c3 3585 if test -z "$KRB5ROOT" ; then
62eb343a 3586 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3587 fi
3588
0a00e8f9 3589 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3590 if test ! -z "$AFS_LIBS" ; then
3591 LIBS="$LIBS $AFS_LIBS"
3592 fi
08822d99 3593 AC_DEFINE(AFS_KRB5, 1,
3594 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3595 AFS_KRB5_MSG="yes"
3596 fi
3597 ]
3598)
3c0ef626 3599
75be3237 3600AC_ARG_WITH(session-hooks,
3601 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3602 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3603)
3604
3c0ef626 3605# Looking for programs, paths and files
3c0ef626 3606
350391c5 3607PRIVSEP_PATH=/var/empty
3608AC_ARG_WITH(privsep-path,
d03f4262 3609 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3610 [
8b32eddc 3611 if test -n "$withval" && test "x$withval" != "xno" && \
3612 test "x${withval}" != "xyes"; then
350391c5 3613 PRIVSEP_PATH=$withval
3614 fi
3615 ]
3616)
3617AC_SUBST(PRIVSEP_PATH)
3618
3c0ef626 3619AC_ARG_WITH(xauth,
3620 [ --with-xauth=PATH Specify path to xauth program ],
3621 [
8b32eddc 3622 if test -n "$withval" && test "x$withval" != "xno" && \
3623 test "x${withval}" != "xyes"; then
3c0ef626 3624 xauth_path=$withval
3625 fi
3626 ],
3627 [
d03f4262 3628 TestPath="$PATH"
3629 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3630 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3631 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3632 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3633 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3634 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3635 xauth_path="/usr/openwin/bin/xauth"
3636 fi
3637 ]
3638)
3639
bfe49944 3640STRIP_OPT=-s
3641AC_ARG_ENABLE(strip,
3642 [ --disable-strip Disable calling strip(1) on install],
3643 [
3644 if test "x$enableval" = "xno" ; then
3645 STRIP_OPT=
3646 fi
3647 ]
3648)
3649AC_SUBST(STRIP_OPT)
3650
3c0ef626 3651if test -z "$xauth_path" ; then
3652 XAUTH_PATH="undefined"
3653 AC_SUBST(XAUTH_PATH)
3654else
08822d99 3655 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3656 [Define if xauth is found in your path])
3c0ef626 3657 XAUTH_PATH=$xauth_path
3658 AC_SUBST(XAUTH_PATH)
3659fi
3c0ef626 3660
3661# Check for mail directory (last resort if we cannot get it from headers)
3662if test ! -z "$MAIL" ; then
3663 maildir=`dirname $MAIL`
08822d99 3664 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3665 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3666fi
3667
dfddba3d 3668if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3669 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3670 disable_ptmx_check=yes
3671fi
3c0ef626 3672if test -z "$no_dev_ptmx" ; then
350391c5 3673 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3674 AC_CHECK_FILE("/dev/ptmx",
350391c5 3675 [
08822d99 3676 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3677 [Define if you have /dev/ptmx])
350391c5 3678 have_dev_ptmx=1
3679 ]
3680 )
3681 fi
3c0ef626 3682fi
dfddba3d 3683
3684if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3685 AC_CHECK_FILE("/dev/ptc",
3686 [
08822d99 3687 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3688 [Define if you have /dev/ptc])
dfddba3d 3689 have_dev_ptc=1
3690 ]
3691 )
3692else
3693 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3694fi
3c0ef626 3695
3696# Options from here on. Some of these are preset by platform above
3c0ef626 3697AC_ARG_WITH(mantype,
3698 [ --with-mantype=man|cat|doc Set man page type],
3699 [
3700 case "$withval" in
3701 man|cat|doc)
3702 MANTYPE=$withval
3703 ;;
3704 *)
3705 AC_MSG_ERROR(invalid man type: $withval)
3706 ;;
3707 esac
3708 ]
3709)
3710if test -z "$MANTYPE"; then
d03f4262 3711 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3712 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3713 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3714 MANTYPE=doc
3715 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3716 MANTYPE=man
3717 else
3718 MANTYPE=cat
3719 fi
3720fi
3721AC_SUBST(MANTYPE)
3722if test "$MANTYPE" = "doc"; then
3723 mansubdir=man;
3724else
3725 mansubdir=$MANTYPE;
3726fi
3727AC_SUBST(mansubdir)
3728
3729# Check whether to enable MD5 passwords
540d72c3 3730MD5_MSG="no"
3c0ef626 3731AC_ARG_WITH(md5-passwords,
3732 [ --with-md5-passwords Enable use of MD5 passwords],
3733 [
3734 if test "x$withval" != "xno" ; then
08822d99 3735 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3736 [Define if you want to allow MD5 passwords])
540d72c3 3737 MD5_MSG="yes"
3c0ef626 3738 fi
3739 ]
3740)
3741
3742# Whether to disable shadow password support
3743AC_ARG_WITH(shadow,
3744 [ --without-shadow Disable shadow password support],
3745 [
8b32eddc 3746 if test "x$withval" = "xno" ; then
3c0ef626 3747 AC_DEFINE(DISABLE_SHADOW)
3748 disable_shadow=yes
3749 fi
3750 ]
3751)
3752
3753if test -z "$disable_shadow" ; then
3754 AC_MSG_CHECKING([if the systems has expire shadow information])
3755 AC_TRY_COMPILE(
3756 [
3757#include <sys/types.h>
3758#include <shadow.h>
3759 struct spwd sp;
3760 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3761 [ sp_expire_available=yes ], []
3762 )
3763
3764 if test "x$sp_expire_available" = "xyes" ; then
3765 AC_MSG_RESULT(yes)
08822d99 3766 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3767 [Define if you want to use shadow password expire field])
3c0ef626 3768 else
3769 AC_MSG_RESULT(no)
3770 fi
3771fi
3772
3773# Use ip address instead of hostname in $DISPLAY
3774if test ! -z "$IPADDR_IN_DISPLAY" ; then
3775 DISPLAY_HACK_MSG="yes"
08822d99 3776 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3777 [Define if you need to use IP address
3778 instead of hostname in $DISPLAY])
3c0ef626 3779else
540d72c3 3780 DISPLAY_HACK_MSG="no"
3c0ef626 3781 AC_ARG_WITH(ipaddr-display,
3782 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3783 [
8b32eddc 3784 if test "x$withval" != "xno" ; then
3c0ef626 3785 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3786 DISPLAY_HACK_MSG="yes"
3c0ef626 3787 fi
3788 ]
3789 )
3790fi
3791
7cac2b65 3792# check for /etc/default/login and use it if present.
29d88157 3793AC_ARG_ENABLE(etc-default-login,
dfddba3d 3794 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3795 [ if test "x$enableval" = "xno"; then
3796 AC_MSG_NOTICE([/etc/default/login handling disabled])
3797 etc_default_login=no
3798 else
3799 etc_default_login=yes
3800 fi ],
08822d99 3801 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3802 then
3803 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3804 etc_default_login=no
3805 else
3806 etc_default_login=yes
3807 fi ]
dfddba3d 3808)
3809
3810if test "x$etc_default_login" != "xno"; then
3811 AC_CHECK_FILE("/etc/default/login",
3812 [ external_path_file=/etc/default/login ])
08822d99 3813 if test "x$external_path_file" = "x/etc/default/login"; then
3814 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3815 [Define if your system has /etc/default/login])
dfddba3d 3816 fi
7cac2b65 3817fi
3818
350391c5 3819dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3820if test $ac_cv_func_login_getcapbool = "yes" && \
3821 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3822 external_path_file=/etc/login.conf
350391c5 3823fi
7cac2b65 3824
3c0ef626 3825# Whether to mess with the default path
540d72c3 3826SERVER_PATH_MSG="(default)"
3c0ef626 3827AC_ARG_WITH(default-path,
350391c5 3828 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3829 [
7cac2b65 3830 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3831 AC_MSG_WARN([
3832--with-default-path=PATH has no effect on this system.
3833Edit /etc/login.conf instead.])
8b32eddc 3834 elif test "x$withval" != "xno" ; then
7cac2b65 3835 if test ! -z "$external_path_file" ; then
3836 AC_MSG_WARN([
3837--with-default-path=PATH will only be used if PATH is not defined in
3838$external_path_file .])
3839 fi
3c0ef626 3840 user_path="$withval"
540d72c3 3841 SERVER_PATH_MSG="$withval"
3c0ef626 3842 fi
3843 ],
7cac2b65 3844 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3845 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3846 else
7cac2b65 3847 if test ! -z "$external_path_file" ; then
3848 AC_MSG_WARN([
3849If PATH is defined in $external_path_file, ensure the path to scp is included,
3850otherwise scp will not work.])
3851 fi
08822d99 3852 AC_RUN_IFELSE(
3853 [AC_LANG_SOURCE([[
3c0ef626 3854/* find out what STDPATH is */
3855#include <stdio.h>
3856#ifdef HAVE_PATHS_H
3857# include <paths.h>
3858#endif
3859#ifndef _PATH_STDPATH
bfe49944 3860# ifdef _PATH_USERPATH /* Irix */
3861# define _PATH_STDPATH _PATH_USERPATH
3862# else
3863# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3864# endif
3c0ef626 3865#endif
3866#include <sys/types.h>
3867#include <sys/stat.h>
3868#include <fcntl.h>
3869#define DATA "conftest.stdpath"
3870
3871main()
3872{
3873 FILE *fd;
3874 int rc;
8b32eddc 3875
3c0ef626 3876 fd = fopen(DATA,"w");
3877 if(fd == NULL)
3878 exit(1);
8b32eddc 3879
3c0ef626 3880 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3881 exit(1);
3882
3883 exit(0);
3884}
08822d99 3885 ]])],
3886 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3887 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3888 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3889 )
3890# make sure $bindir is in USER_PATH so scp will work
3891 t_bindir=`eval echo ${bindir}`
3892 case $t_bindir in
3893 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3894 esac
3895 case $t_bindir in
3896 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3897 esac
3898 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3899 if test $? -ne 0 ; then
3900 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3901 if test $? -ne 0 ; then
3902 user_path=$user_path:$t_bindir
3903 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3904 fi
3905 fi
350391c5 3906 fi ]
3907)
7cac2b65 3908if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3909 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3910 AC_SUBST(user_path)
3911fi
3912
3913# Set superuser path separately to user path
350391c5 3914AC_ARG_WITH(superuser-path,
3915 [ --with-superuser-path= Specify different path for super-user],
3916 [
8b32eddc 3917 if test -n "$withval" && test "x$withval" != "xno" && \
3918 test "x${withval}" != "xyes"; then
08822d99 3919 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3920 [Define if you want a different $PATH
3921 for the superuser])
350391c5 3922 superuser_path=$withval
3923 fi
3c0ef626 3924 ]
3925)
350391c5 3926
3c0ef626 3927
3c0ef626 3928AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3929IPV4_IN6_HACK_MSG="no"
3c0ef626 3930AC_ARG_WITH(4in6,
3931 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3932 [
3933 if test "x$withval" != "xno" ; then
3934 AC_MSG_RESULT(yes)
08822d99 3935 AC_DEFINE(IPV4_IN_IPV6, 1,
3936 [Detect IPv4 in IPv6 mapped addresses
3937 and treat as IPv4])
540d72c3 3938 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3939 else
3940 AC_MSG_RESULT(no)
3941 fi
3942 ],[
3943 if test "x$inet6_default_4in6" = "xyes"; then
3944 AC_MSG_RESULT([yes (default)])
3945 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3946 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3947 else
3948 AC_MSG_RESULT([no (default)])
3949 fi
3950 ]
3951)
3952
3953# Whether to enable BSD auth support
e9702f7d 3954BSD_AUTH_MSG=no
3c0ef626 3955AC_ARG_WITH(bsd-auth,
3956 [ --with-bsd-auth Enable BSD auth support],
3957 [
8b32eddc 3958 if test "x$withval" != "xno" ; then
08822d99 3959 AC_DEFINE(BSD_AUTH, 1,
3960 [Define if you have BSD auth support])
e9702f7d 3961 BSD_AUTH_MSG=yes
3c0ef626 3962 fi
3963 ]
3964)
3965
3c0ef626 3966# Where to place sshd.pid
3967piddir=/var/run
350391c5 3968# make sure the directory exists
8b32eddc 3969if test ! -d $piddir ; then
350391c5 3970 piddir=`eval echo ${sysconfdir}`
3971 case $piddir in
540d72c3 3972 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3973 esac
3974fi
3975
3c0ef626 3976AC_ARG_WITH(pid-dir,
3977 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3978 [
8b32eddc 3979 if test -n "$withval" && test "x$withval" != "xno" && \
3980 test "x${withval}" != "xyes"; then
3c0ef626 3981 piddir=$withval
8b32eddc 3982 if test ! -d $piddir ; then
350391c5 3983 AC_MSG_WARN([** no $piddir directory on this system **])
3984 fi
3c0ef626 3985 fi
3986 ]
3987)
3988
08822d99 3989AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3990AC_SUBST(piddir)
3991
3992dnl allow user to disable some login recording features
3993AC_ARG_ENABLE(lastlog,
3994 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3995 [
3996 if test "x$enableval" = "xno" ; then
3997 AC_DEFINE(DISABLE_LASTLOG)
3998 fi
3999 ]
3c0ef626 4000)
4001AC_ARG_ENABLE(utmp,
4002 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 4003 [
4004 if test "x$enableval" = "xno" ; then
4005 AC_DEFINE(DISABLE_UTMP)
4006 fi
4007 ]
3c0ef626 4008)
4009AC_ARG_ENABLE(utmpx,
4010 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 4011 [
4012 if test "x$enableval" = "xno" ; then
08822d99 4013 AC_DEFINE(DISABLE_UTMPX, 1,
4014 [Define if you don't want to use utmpx])
7cac2b65 4015 fi
4016 ]
3c0ef626 4017)
4018AC_ARG_ENABLE(wtmp,
4019 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 4020 [
4021 if test "x$enableval" = "xno" ; then
4022 AC_DEFINE(DISABLE_WTMP)
4023 fi
4024 ]
3c0ef626 4025)
4026AC_ARG_ENABLE(wtmpx,
4027 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 4028 [
4029 if test "x$enableval" = "xno" ; then
08822d99 4030 AC_DEFINE(DISABLE_WTMPX, 1,
4031 [Define if you don't want to use wtmpx])
7cac2b65 4032 fi
4033 ]
3c0ef626 4034)
4035AC_ARG_ENABLE(libutil,
4036 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 4037 [
4038 if test "x$enableval" = "xno" ; then
4039 AC_DEFINE(DISABLE_LOGIN)
4040 fi
4041 ]
3c0ef626 4042)
4043AC_ARG_ENABLE(pututline,
4044 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 4045 [
4046 if test "x$enableval" = "xno" ; then
08822d99 4047 AC_DEFINE(DISABLE_PUTUTLINE, 1,
4048 [Define if you don't want to use pututline()
4049 etc. to write [uw]tmp])
7cac2b65 4050 fi
4051 ]
3c0ef626 4052)
4053AC_ARG_ENABLE(pututxline,
4054 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 4055 [
4056 if test "x$enableval" = "xno" ; then
08822d99 4057 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
4058 [Define if you don't want to use pututxline()
4059 etc. to write [uw]tmpx])
7cac2b65 4060 fi
4061 ]
3c0ef626 4062)
4063AC_ARG_WITH(lastlog,
4064 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
4065 [
8b32eddc 4066 if test "x$withval" = "xno" ; then
3c0ef626 4067 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 4068 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 4069 conf_lastlog_location=$withval
4070 fi
4071 ]
4072)
4073
4074dnl lastlog, [uw]tmpx? detection
4075dnl NOTE: set the paths in the platform section to avoid the
4076dnl need for command-line parameters
4077dnl lastlog and [uw]tmp are subject to a file search if all else fails
4078
4079dnl lastlog detection
4080dnl NOTE: the code itself will detect if lastlog is a directory
4081AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
4082AC_TRY_COMPILE([
4083#include <sys/types.h>
4084#include <utmp.h>
4085#ifdef HAVE_LASTLOG_H
4086# include <lastlog.h>
4087#endif
4088#ifdef HAVE_PATHS_H
4089# include <paths.h>
4090#endif
4091#ifdef HAVE_LOGIN_H
4092# include <login.h>
4093#endif
4094 ],
4095 [ char *lastlog = LASTLOG_FILE; ],
4096 [ AC_MSG_RESULT(yes) ],
4097 [
4098 AC_MSG_RESULT(no)
4099 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4100 AC_TRY_COMPILE([
4101#include <sys/types.h>
4102#include <utmp.h>
4103#ifdef HAVE_LASTLOG_H
4104# include <lastlog.h>
4105#endif
4106#ifdef HAVE_PATHS_H
4107# include <paths.h>
4108#endif
4109 ],
4110 [ char *lastlog = _PATH_LASTLOG; ],
4111 [ AC_MSG_RESULT(yes) ],
4112 [
4113 AC_MSG_RESULT(no)
4114 system_lastlog_path=no
4115 ])
4116 ]
4117)
4118
4119if test -z "$conf_lastlog_location"; then
4120 if test x"$system_lastlog_path" = x"no" ; then
4121 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4122 if (test -d "$f" || test -f "$f") ; then
4123 conf_lastlog_location=$f
4124 fi
4125 done
4126 if test -z "$conf_lastlog_location"; then
4127 AC_MSG_WARN([** Cannot find lastlog **])
4128 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4129 fi
4130 fi
4131fi
4132
4133if test -n "$conf_lastlog_location"; then
08822d99 4134 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4135 [Define if you want to specify the path to your lastlog file])
8b32eddc 4136fi
3c0ef626 4137
4138dnl utmp detection
4139AC_MSG_CHECKING([if your system defines UTMP_FILE])
4140AC_TRY_COMPILE([
4141#include <sys/types.h>
4142#include <utmp.h>
4143#ifdef HAVE_PATHS_H
4144# include <paths.h>
4145#endif
4146 ],
4147 [ char *utmp = UTMP_FILE; ],
4148 [ AC_MSG_RESULT(yes) ],
4149 [ AC_MSG_RESULT(no)
4150 system_utmp_path=no ]
4151)
4152if test -z "$conf_utmp_location"; then
4153 if test x"$system_utmp_path" = x"no" ; then
4154 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4155 if test -f $f ; then
4156 conf_utmp_location=$f
4157 fi
4158 done
4159 if test -z "$conf_utmp_location"; then
4160 AC_DEFINE(DISABLE_UTMP)
4161 fi
4162 fi
4163fi
4164if test -n "$conf_utmp_location"; then
08822d99 4165 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4166 [Define if you want to specify the path to your utmp file])
8b32eddc 4167fi
3c0ef626 4168
4169dnl wtmp detection
4170AC_MSG_CHECKING([if your system defines WTMP_FILE])
4171AC_TRY_COMPILE([
4172#include <sys/types.h>
4173#include <utmp.h>
4174#ifdef HAVE_PATHS_H
4175# include <paths.h>
4176#endif
4177 ],
4178 [ char *wtmp = WTMP_FILE; ],
4179 [ AC_MSG_RESULT(yes) ],
4180 [ AC_MSG_RESULT(no)
4181 system_wtmp_path=no ]
4182)
4183if test -z "$conf_wtmp_location"; then
4184 if test x"$system_wtmp_path" = x"no" ; then
4185 for f in /usr/adm/wtmp /var/log/wtmp; do
4186 if test -f $f ; then
4187 conf_wtmp_location=$f
4188 fi
4189 done
4190 if test -z "$conf_wtmp_location"; then
4191 AC_DEFINE(DISABLE_WTMP)
4192 fi
4193 fi
4194fi
4195if test -n "$conf_wtmp_location"; then
08822d99 4196 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4197 [Define if you want to specify the path to your wtmp file])
8b32eddc 4198fi
3c0ef626 4199
4200
4201dnl utmpx detection - I don't know any system so perverse as to require
4202dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4203dnl there, though.
4204AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4205AC_TRY_COMPILE([
4206#include <sys/types.h>
4207#include <utmp.h>
4208#ifdef HAVE_UTMPX_H
4209#include <utmpx.h>
4210#endif
4211#ifdef HAVE_PATHS_H
4212# include <paths.h>
4213#endif
4214 ],
4215 [ char *utmpx = UTMPX_FILE; ],
4216 [ AC_MSG_RESULT(yes) ],
4217 [ AC_MSG_RESULT(no)
4218 system_utmpx_path=no ]
4219)
4220if test -z "$conf_utmpx_location"; then
4221 if test x"$system_utmpx_path" = x"no" ; then
4222 AC_DEFINE(DISABLE_UTMPX)
4223 fi
4224else
08822d99 4225 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4226 [Define if you want to specify the path to your utmpx file])
8b32eddc 4227fi
3c0ef626 4228
4229dnl wtmpx detection
4230AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4231AC_TRY_COMPILE([
4232#include <sys/types.h>
4233#include <utmp.h>
4234#ifdef HAVE_UTMPX_H
4235#include <utmpx.h>
4236#endif
4237#ifdef HAVE_PATHS_H
4238# include <paths.h>
4239#endif
4240 ],
4241 [ char *wtmpx = WTMPX_FILE; ],
4242 [ AC_MSG_RESULT(yes) ],
4243 [ AC_MSG_RESULT(no)
4244 system_wtmpx_path=no ]
4245)
4246if test -z "$conf_wtmpx_location"; then
4247 if test x"$system_wtmpx_path" = x"no" ; then
4248 AC_DEFINE(DISABLE_WTMPX)
4249 fi
4250else
08822d99 4251 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4252 [Define if you want to specify the path to your wtmpx file])
8b32eddc 4253fi
3c0ef626 4254
4255
3c0ef626 4256if test ! -z "$blibpath" ; then
256cb466 4257 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4258 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4259fi
4260
2ce0bfe4 4261dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4262dnl Add now.
4263CFLAGS="$CFLAGS $werror_flags"
4264
e9702f7d 4265AC_EXEEXT
30460aeb 4266AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4267 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
dfddba3d 4268 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4269AC_OUTPUT
4270
4271# Print summary of options
4272
3c0ef626 4273# Someone please show me a better way :)
4274A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4275B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4276C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4277D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4278E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4279F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4280G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 4281H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4282I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4283J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4284
4285echo ""
4286echo "OpenSSH has been configured with the following options:"
350391c5 4287echo " User binaries: $B"
4288echo " System binaries: $C"
4289echo " Configuration files: $D"
4290echo " Askpass program: $E"
4291echo " Manual pages: $F"
4292echo " PID file: $G"
4293echo " Privilege separation chroot path: $H"
7cac2b65 4294if test "x$external_path_file" = "x/etc/login.conf" ; then
4295echo " At runtime, sshd will use the path defined in $external_path_file"
4296echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 4297else
4298echo " sshd default user PATH: $I"
7cac2b65 4299 if test ! -z "$external_path_file"; then
4300echo " (If PATH is set in $external_path_file it will be used instead. If"
4301echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4302 fi
350391c5 4303fi
4304if test ! -z "$superuser_path" ; then
4305echo " sshd superuser user PATH: $J"
4306fi
4307echo " Manpage format: $MANTYPE"
7cac2b65 4308echo " PAM support: $PAM_MSG"
30460aeb 4309echo " OSF SIA support: $SIA_MSG"
350391c5 4310echo " KerberosV support: $KRB5_MSG"
30460aeb 4311echo " SELinux support: $SELINUX_MSG"
350391c5 4312echo " Smartcard support: $SCARD_MSG"
350391c5 4313echo " S/KEY support: $SKEY_MSG"
4314echo " TCP Wrappers support: $TCPW_MSG"
4315echo " MD5 password support: $MD5_MSG"
dfddba3d 4316echo " libedit support: $LIBEDIT_MSG"
30460aeb 4317echo " Solaris process contract support: $SPC_MSG"
350391c5 4318echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 4319echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4320echo " BSD Auth support: $BSD_AUTH_MSG"
4321echo " Random number source: $RAND_MSG"
e9702f7d 4322if test ! -z "$USE_RAND_HELPER" ; then
350391c5 4323echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4324fi
4325
4326echo ""
4327
4328echo " Host: ${host}"
4329echo " Compiler: ${CC}"
4330echo " Compiler flags: ${CFLAGS}"
4331echo "Preprocessor flags: ${CPPFLAGS}"
4332echo " Linker flags: ${LDFLAGS}"
fa0f0f45 4333echo " Libraries: ${LIBS}"
4334if test ! -z "${SSHDLIBS}"; then
4335echo " +for sshd: ${SSHDLIBS}"
4336fi
3c0ef626 4337
4338echo ""
4339
7e82606e 4340if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4341 echo "SVR4 style packages are supported with \"make package\""
4342 echo ""
7e82606e 4343fi
4344
3c0ef626 4345if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4346 echo "PAM is enabled. You may need to install a PAM control file "
4347 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4348 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4349 echo "subdirectory"
3c0ef626 4350 echo ""
4351fi
4352
e9702f7d 4353if test ! -z "$RAND_HELPER_CMDHASH" ; then
4354 echo "WARNING: you are using the builtin random number collection "
4355 echo "service. Please read WARNING.RNG and request that your OS "
4356 echo "vendor includes kernel-based random number collection in "
4357 echo "future versions of your OS."
3c0ef626 4358 echo ""
4359fi
4360
7e82606e 4361if test ! -z "$NO_PEERCHECK" ; then
fa0f0f45 4362 echo "WARNING: the operating system that you are using does not"
4363 echo "appear to support getpeereid(), getpeerucred() or the"
4364 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4365 echo "enforce security checks to prevent unauthorised connections to"
4366 echo "ssh-agent. Their absence increases the risk that a malicious"
4367 echo "user can connect to your agent."
7e82606e 4368 echo ""
4369fi
4370
dfddba3d 4371if test "$AUDIT_MODULE" = "bsm" ; then
4372 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4373 echo "See the Solaris section in README.platform for details."
4374fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.809976 seconds and 5 git commands to generate.