]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Import of OpenSSH 5.3p1
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
99be0775 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
665a873d 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
f2f068fa 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
0fff78ff 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
f2f068fa 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
c9f39d2c 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
6a9b3198 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
700318f3 43AC_PATH_PROG(SH, sh)
c9f39d2c 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
2c06c99b 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
2c06c99b 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
cdd66111 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
2c06c99b 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
cdd66111 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
dec6d9fe 88
3c0ef626 89AC_C_INLINE
665a873d 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
47686178 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
95 [ --without-stackprotect Don't use compiler's stack protection], [
96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
cdd66111 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
665a873d 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
2c06c99b 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
665a873d 103 case $GCC_VER in
d4487008 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
22616013 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
2c06c99b 112 *) ;;
665a873d 113 esac
114
22616013 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
47686178 127 # -fstack-protector-all doesn't always work for some GCC versions
128 # and/or platforms, so we test if we can. If it's not supported
91d9cdd3 129 # on a given platform gcc will emit a warning so we use -Werror.
47686178 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
132 AC_MSG_CHECKING(if $CC supports $t)
133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
91d9cdd3 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
47686178 141 ])],
142 [ AC_MSG_RESULT(yes)
143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
91d9cdd3 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
47686178 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
156 )
157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
164
665a873d 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
176fi
177
d4487008 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
cdd66111 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
dec6d9fe 185 if test "x$withval" = "xno" ; then
cdd66111 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
ff7ec503 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
d4487008 265 poll.h \
ff7ec503 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
282 sys/ndir.h \
47686178 283 sys/poll.h \
ff7ec503 284 sys/prctl.h \
285 sys/pstat.h \
286 sys/select.h \
287 sys/stat.h \
288 sys/stream.h \
289 sys/stropts.h \
290 sys/strtio.h \
22616013 291 sys/statvfs.h \
ff7ec503 292 sys/sysmacros.h \
293 sys/time.h \
294 sys/timers.h \
295 sys/un.h \
296 time.h \
297 tmpdir.h \
298 ttyent.h \
d4487008 299 ucred.h \
ff7ec503 300 unistd.h \
301 usersec.h \
302 util.h \
303 utime.h \
304 utmp.h \
305 utmpx.h \
306 vis.h \
307)
308
309# lastlog.h requires sys/time.h to be included first on Solaris
310AC_CHECK_HEADERS(lastlog.h, [], [], [
311#ifdef HAVE_SYS_TIME_H
312# include <sys/time.h>
313#endif
314])
315
316# sys/ptms.h requires sys/stream.h to be included first on Solaris
317AC_CHECK_HEADERS(sys/ptms.h, [], [], [
318#ifdef HAVE_SYS_STREAM_H
319# include <sys/stream.h>
320#endif
321])
322
323# login_cap.h requires sys/types.h on NetBSD
324AC_CHECK_HEADERS(login_cap.h, [], [], [
325#include <sys/types.h>
326])
327
3d738e65 328# older BSDs need sys/param.h before sys/mount.h
329AC_CHECK_HEADERS(sys/mount.h, [], [], [
330#include <sys/param.h>
331])
332
9108f8d9 333# Messages for features tested for in target-specific section
334SIA_MSG="no"
335SPC_MSG="no"
336
3c0ef626 337# Check for some target-specific stuff
338case "$host" in
339*-*-aix*)
9108f8d9 340 # Some versions of VAC won't allow macro redefinitions at
341 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
342 # particularly with older versions of vac or xlc.
343 # It also throws errors about null macro argments, but these are
344 # not fatal.
345 AC_MSG_CHECKING(if compiler allows macro redefinitions)
346 AC_COMPILE_IFELSE(
347 [AC_LANG_SOURCE([[
348#define testmacro foo
349#define testmacro bar
350int main(void) { exit(0); }
351 ]])],
352 [ AC_MSG_RESULT(yes) ],
353 [ AC_MSG_RESULT(no)
354 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
355 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
356 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
357 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
358 ]
359 )
360
cdd66111 361 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
7e772e1f 362 if (test -z "$blibpath"); then
cdd66111 363 blibpath="/usr/lib:/lib"
7e772e1f 364 fi
365 saved_LDFLAGS="$LDFLAGS"
9108f8d9 366 if test "$GCC" = "yes"; then
367 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
368 else
369 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
370 fi
371 for tryflags in $flags ;do
7e772e1f 372 if (test -z "$blibflags"); then
373 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
374 AC_TRY_LINK([], [], [blibflags=$tryflags])
375 fi
376 done
377 if (test -z "$blibflags"); then
378 AC_MSG_RESULT(not found)
379 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
380 else
381 AC_MSG_RESULT($blibflags)
3c0ef626 382 fi
7e772e1f 383 LDFLAGS="$saved_LDFLAGS"
0fff78ff 384 dnl Check for authenticate. Might be in libs.a on older AIXes
2c06c99b 385 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
386 [Define if you want to enable AIX4's authenticate function])],
41b2f314 387 [AC_CHECK_LIB(s,authenticate,
388 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
389 LIBS="$LIBS -ls"
390 ])
391 ])
996d5e62 392 dnl Check for various auth function declarations in headers.
393 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
dec6d9fe 394 passwdexpired, setauthdb], , , [#include <usersec.h>])
0fff78ff 395 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
996d5e62 396 AC_CHECK_DECLS(loginfailed,
0fff78ff 397 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
398 AC_TRY_COMPILE(
399 [#include <usersec.h>],
400 [(void)loginfailed("user","host","tty",0);],
401 [AC_MSG_RESULT(yes)
2c06c99b 402 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
403 [Define if your AIX loginfailed() function
404 takes 4 arguments (AIX >= 5.2)])],
0fff78ff 405 [AC_MSG_RESULT(no)]
406 )],
407 [],
408 [#include <usersec.h>]
409 )
47686178 410 AC_CHECK_FUNCS(getgrset setauthdb)
9108f8d9 411 AC_CHECK_DECL(F_CLOSEM,
412 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
413 [],
414 [ #include <limits.h>
415 #include <fcntl.h> ]
416 )
996d5e62 417 check_for_aix_broken_getaddrinfo=1
2c06c99b 418 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
419 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
420 [Define if your platform breaks doing a seteuid before a setuid])
421 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
422 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 423 dnl AIX handles lastlog as part of its login message
2c06c99b 424 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
425 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
426 [Some systems need a utmpx entry for /bin/login to work])
427 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
428 [Define to a Set Process Title type if your system is
429 supported by bsd-setproctitle.c])
430 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
431 [AIX 5.2 and 5.3 (and presumably newer) require this])
9108f8d9 432 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 433 ;;
434*-*-cygwin*)
6a9b3198 435 check_for_libcrypt_later=1
799ae497 436 LIBS="$LIBS /usr/lib/textreadmode.o"
2c06c99b 437 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
438 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
439 AC_DEFINE(DISABLE_SHADOW, 1,
440 [Define if you want to disable shadow passwords])
2c06c99b 441 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
442 [Define if X11 doesn't support AF_UNIX sockets on that system])
443 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
444 [Define if the concept of ports only accessible to
445 superusers isn't known])
446 AC_DEFINE(DISABLE_FD_PASSING, 1,
447 [Define if your platform needs to skip post auth
448 file descriptor passing])
3d738e65 449 AC_DEFINE(SSH_IOBUFSZ, 65536, [Windows is sensitive to read buffer size])
3c0ef626 450 ;;
451*-*-dgux*)
3d738e65 452 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
453 [Define if your system choked on IP TOS setting])
cdd66111 454 AC_DEFINE(SETEUID_BREAKS_SETUID)
455 AC_DEFINE(BROKEN_SETREUID)
456 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 457 ;;
458*-*-darwin*)
41b2f314 459 AC_MSG_CHECKING(if we have working getaddrinfo)
460 AC_TRY_RUN([#include <mach-o/dyld.h>
461main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
462 exit(0);
463 else
464 exit(1);
465}], [AC_MSG_RESULT(working)],
466 [AC_MSG_RESULT(buggy)
2c06c99b 467 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
41b2f314 468 [AC_MSG_RESULT(assume it is working)])
acc3d05e 469 AC_DEFINE(SETEUID_BREAKS_SETUID)
470 AC_DEFINE(BROKEN_SETREUID)
471 AC_DEFINE(BROKEN_SETREGID)
47686178 472 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
2c06c99b 473 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
474 [Define if your resolver libs need this for getrrsetbyname])
9108f8d9 475 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
476 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
477 [Use tunnel device compatibility to OpenBSD])
478 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
479 [Prepend the address family to IP tunnel traffic])
47686178 480 m4_pattern_allow(AU_IPv)
481 AC_CHECK_DECL(AU_IPv4, [],
482 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
483 [#include <bsm/audit.h>]
91d9cdd3 484 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1,
485 [Define if pututxline updates lastlog too])
47686178 486 )
9108f8d9 487 ;;
488*-*-dragonfly*)
489 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 490 ;;
665a873d 491*-*-hpux*)
492 # first we define all of the options common to all HP-UX releases
3c0ef626 493 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
494 IPADDR_IN_DISPLAY=yes
3c0ef626 495 AC_DEFINE(USE_PIPES)
2c06c99b 496 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
497 [Define if your login program cannot handle end of options ("--")])
700318f3 498 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 499 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
500 [String used in /etc/passwd to denote locked account])
0fff78ff 501 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
2c06c99b 502 MAIL="/var/mail/username"
41b2f314 503 LIBS="$LIBS -lsec"
665a873d 504 AC_CHECK_LIB(xnet, t_error, ,
505 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
506
507 # next, we define all of the options specific to major releases
508 case "$host" in
509 *-*-hpux10*)
510 if test -z "$GCC"; then
511 CFLAGS="$CFLAGS -Ae"
512 fi
513 ;;
514 *-*-hpux11*)
2c06c99b 515 AC_DEFINE(PAM_SUN_CODEBASE, 1,
516 [Define if you are using Solaris-derived PAM which
517 passes pam_messages to the conversation function
518 with an extra level of indirection])
519 AC_DEFINE(DISABLE_UTMP, 1,
520 [Define if you don't want to use utmp])
665a873d 521 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
522 check_for_hpux_broken_getaddrinfo=1
523 check_for_conflicting_getspnam=1
524 ;;
525 esac
526
527 # lastly, we define options specific to minor releases
528 case "$host" in
529 *-*-hpux10.26)
2c06c99b 530 AC_DEFINE(HAVE_SECUREWARE, 1,
531 [Define if you have SecureWare-based
532 protected password database])
665a873d 533 disable_ptmx_check=yes
534 LIBS="$LIBS -lsecpw"
535 ;;
536 esac
3c0ef626 537 ;;
538*-*-irix5*)
3c0ef626 539 PATH="$PATH:/usr/etc"
2c06c99b 540 AC_DEFINE(BROKEN_INET_NTOA, 1,
541 [Define if you system's inet_ntoa is busted
542 (e.g. Irix gcc issue)])
cdd66111 543 AC_DEFINE(SETEUID_BREAKS_SETUID)
544 AC_DEFINE(BROKEN_SETREUID)
545 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 546 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
547 [Define if you shouldn't strip 'tty' from your
548 ttyname in [uw]tmp])
0fff78ff 549 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 550 ;;
551*-*-irix6*)
3c0ef626 552 PATH="$PATH:/usr/etc"
2c06c99b 553 AC_DEFINE(WITH_IRIX_ARRAY, 1,
554 [Define if you have/want arrays
555 (cluster-wide session managment, not C arrays)])
556 AC_DEFINE(WITH_IRIX_PROJECT, 1,
557 [Define if you want IRIX project management])
558 AC_DEFINE(WITH_IRIX_AUDIT, 1,
559 [Define if you want IRIX audit trails])
560 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
561 [Define if you want IRIX kernel jobs])])
3c0ef626 562 AC_DEFINE(BROKEN_INET_NTOA)
acc3d05e 563 AC_DEFINE(SETEUID_BREAKS_SETUID)
564 AC_DEFINE(BROKEN_SETREUID)
565 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 566 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
700318f3 567 AC_DEFINE(WITH_ABBREV_NO_TTY)
0fff78ff 568 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 569 ;;
91d9cdd3 570*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu)
571 check_for_libcrypt_later=1
572 AC_DEFINE(PAM_TTY_KLUDGE)
573 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
574 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
575 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
576 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
577 ;;
3c0ef626 578*-*-linux*)
579 no_dev_ptmx=1
580 check_for_libcrypt_later=1
0fff78ff 581 check_for_openpty_ctty_bug=1
2c06c99b 582 AC_DEFINE(PAM_TTY_KLUDGE, 1,
583 [Work around problematic Linux PAM modules handling of PAM_TTY])
584 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
585 [String used in /etc/passwd to denote locked account])
0fff78ff 586 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
2c06c99b 587 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
588 [Define to whatever link() returns for "not supported"
589 if it doesn't return EOPNOTSUPP.])
996d5e62 590 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
2c06c99b 591 AC_DEFINE(USE_BTMP)
3c0ef626 592 inet6_default_4in6=yes
0fff78ff 593 case `uname -r` in
594 1.*|2.0.*)
2c06c99b 595 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
596 [Define if cmsg_type is not passed correctly])
0fff78ff 597 ;;
598 esac
2c06c99b 599 # tun(4) forwarding compat code
600 AC_CHECK_HEADERS(linux/if_tun.h)
601 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
602 AC_DEFINE(SSH_TUN_LINUX, 1,
603 [Open tunnel devices the Linux tun/tap way])
604 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
605 [Use tunnel device compatibility to OpenBSD])
606 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
607 [Prepend the address family to IP tunnel traffic])
608 fi
3c0ef626 609 ;;
610mips-sony-bsd|mips-sony-newsos4)
f2f068fa 611 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 612 SONY=1
3c0ef626 613 ;;
614*-*-netbsd*)
41b2f314 615 check_for_libcrypt_before=1
dec6d9fe 616 if test "x$withval" != "xno" ; then
cdd66111 617 need_dash_r=1
618 fi
2c06c99b 619 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
620 AC_CHECK_HEADER([net/if_tap.h], ,
621 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
622 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
623 [Prepend the address family to IP tunnel traffic])
3c0ef626 624 ;;
625*-*-freebsd*)
626 check_for_libcrypt_later=1
2c06c99b 627 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
628 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
629 AC_CHECK_HEADER([net/if_tap.h], ,
630 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
47686178 631 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
3c0ef626 632 ;;
acc3d05e 633*-*-bsdi*)
634 AC_DEFINE(SETEUID_BREAKS_SETUID)
635 AC_DEFINE(BROKEN_SETREUID)
636 AC_DEFINE(BROKEN_SETREGID)
637 ;;
3c0ef626 638*-next-*)
639 conf_lastlog_location="/usr/adm/lastlog"
640 conf_utmp_location=/etc/utmp
641 conf_wtmp_location=/usr/adm/wtmp
642 MAIL=/usr/spool/mail
2c06c99b 643 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 644 AC_DEFINE(BROKEN_REALPATH)
645 AC_DEFINE(USE_PIPES)
2c06c99b 646 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 647 ;;
665a873d 648*-*-openbsd*)
649 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
2c06c99b 650 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
651 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
9108f8d9 652 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
653 [syslog_r function is safe to use in in a signal handler])
665a873d 654 ;;
3c0ef626 655*-*-solaris*)
dec6d9fe 656 if test "x$withval" != "xno" ; then
99be0775 657 need_dash_r=1
658 fi
3c0ef626 659 AC_DEFINE(PAM_SUN_CODEBASE)
660 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 661 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
662 [Some versions of /bin/login need the TERM supplied
663 on the commandline])
3c0ef626 664 AC_DEFINE(PAM_TTY_KLUDGE)
2c06c99b 665 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
666 [Define if pam_chauthtok wants real uid set
667 to the unpriv'ed user])
0fff78ff 668 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
669 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
2c06c99b 670 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
671 [Define if sshd somehow reacquires a controlling TTY
672 after setsid()])
9108f8d9 673 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
674 in case the name is longer than 8 chars])
3d738e65 675 AC_DEFINE(BROKEN_TCGETATTR_ICANON, 1, [tcgetattr with ICANON may hang])
0fff78ff 676 external_path_file=/etc/default/login
3c0ef626 677 # hardwire lastlog location (can't detect it on some versions)
678 conf_lastlog_location="/var/adm/lastlog"
679 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
680 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
681 if test "$sol2ver" -ge 8; then
682 AC_MSG_RESULT(yes)
683 AC_DEFINE(DISABLE_UTMP)
2c06c99b 684 AC_DEFINE(DISABLE_WTMP, 1,
685 [Define if you don't want to use wtmp])
3c0ef626 686 else
687 AC_MSG_RESULT(no)
688 fi
9108f8d9 689 AC_ARG_WITH(solaris-contracts,
690 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
691 [
692 AC_CHECK_LIB(contract, ct_tmpl_activate,
693 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
694 [Define if you have Solaris process contracts])
695 SSHDLIBS="$SSHDLIBS -lcontract"
696 AC_SUBST(SSHDLIBS)
697 SPC_MSG="yes" ], )
698 ],
699 )
3c0ef626 700 ;;
701*-*-sunos4*)
702 CPPFLAGS="$CPPFLAGS -DSUNOS4"
703 AC_CHECK_FUNCS(getpwanam)
704 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 705 conf_utmp_location=/etc/utmp
706 conf_wtmp_location=/var/adm/wtmp
707 conf_lastlog_location=/var/adm/lastlog
708 AC_DEFINE(USE_PIPES)
709 ;;
710*-ncr-sysv*)
3c0ef626 711 LIBS="$LIBS -lc89"
e9a17296 712 AC_DEFINE(USE_PIPES)
0fff78ff 713 AC_DEFINE(SSHD_ACQUIRES_CTTY)
acc3d05e 714 AC_DEFINE(SETEUID_BREAKS_SETUID)
715 AC_DEFINE(BROKEN_SETREUID)
716 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 717 ;;
718*-sni-sysv*)
3c0ef626 719 # /usr/ucblib MUST NOT be searched on ReliantUNIX
cdd66111 720 AC_CHECK_LIB(dl, dlsym, ,)
2c06c99b 721 # -lresolv needs to be at the end of LIBS or DNS lookups break
722 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 723 IPADDR_IN_DISPLAY=yes
724 AC_DEFINE(USE_PIPES)
725 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 726 AC_DEFINE(SETEUID_BREAKS_SETUID)
727 AC_DEFINE(BROKEN_SETREUID)
728 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 729 AC_DEFINE(SSHD_ACQUIRES_CTTY)
730 external_path_file=/etc/default/login
3c0ef626 731 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
732 # Attention: always take care to bind libsocket and libnsl before libc,
733 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
734 ;;
996d5e62 735# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 736*-*-sysv4.2*)
3c0ef626 737 AC_DEFINE(USE_PIPES)
0fff78ff 738 AC_DEFINE(SETEUID_BREAKS_SETUID)
739 AC_DEFINE(BROKEN_SETREUID)
740 AC_DEFINE(BROKEN_SETREGID)
dec6d9fe 741 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
2c06c99b 742 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 743 ;;
996d5e62 744# UnixWare 7.x, OpenUNIX 8
3c0ef626 745*-*-sysv5*)
665a873d 746 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 747 AC_DEFINE(USE_PIPES)
0fff78ff 748 AC_DEFINE(SETEUID_BREAKS_SETUID)
749 AC_DEFINE(BROKEN_SETREUID)
750 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 751 AC_DEFINE(PASSWD_NEEDS_USERNAME)
665a873d 752 case "$host" in
753 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
754 TEST_SHELL=/u95/bin/sh
2c06c99b 755 AC_DEFINE(BROKEN_LIBIAF, 1,
756 [ia_uinfo routines not supported by OS yet])
9108f8d9 757 AC_DEFINE(BROKEN_UPDWTMPX)
91d9cdd3 758 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
759 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
760 AC_DEFINE(HAVE_SECUREWARE)
761 AC_DEFINE(DISABLE_SHADOW)
762 ],,)
2c06c99b 763 ;;
764 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
91d9cdd3 765 check_for_libcrypt_later=1
665a873d 766 ;;
767 esac
3c0ef626 768 ;;
769*-*-sysv*)
3c0ef626 770 ;;
996d5e62 771# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 772*-*-sco3.2v4*)
996d5e62 773 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 774 ;;
996d5e62 775# SCO OpenServer 5.x
3c0ef626 776*-*-sco3.2v5*)
6a9b3198 777 if test -z "$GCC"; then
778 CFLAGS="$CFLAGS -belf"
779 fi
3c0ef626 780 LIBS="$LIBS -lprot -lx -ltinfo -lm"
781 no_dev_ptmx=1
3c0ef626 782 AC_DEFINE(USE_PIPES)
700318f3 783 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 784 AC_DEFINE(DISABLE_SHADOW)
41b2f314 785 AC_DEFINE(DISABLE_FD_PASSING)
0fff78ff 786 AC_DEFINE(SETEUID_BREAKS_SETUID)
787 AC_DEFINE(BROKEN_SETREUID)
788 AC_DEFINE(BROKEN_SETREGID)
789 AC_DEFINE(WITH_ABBREV_NO_TTY)
c9f39d2c 790 AC_DEFINE(BROKEN_UPDWTMPX)
2c06c99b 791 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 792 AC_CHECK_FUNCS(getluid setluid)
793 MANTYPE=man
c9f39d2c 794 TEST_SHELL=ksh
3c0ef626 795 ;;
41b2f314 796*-*-unicosmk*)
2c06c99b 797 AC_DEFINE(NO_SSH_LASTLOG, 1,
798 [Define if you don't want to use lastlog in session.c])
cdd66111 799 AC_DEFINE(SETEUID_BREAKS_SETUID)
800 AC_DEFINE(BROKEN_SETREUID)
801 AC_DEFINE(BROKEN_SETREGID)
41b2f314 802 AC_DEFINE(USE_PIPES)
803 AC_DEFINE(DISABLE_FD_PASSING)
804 LDFLAGS="$LDFLAGS"
805 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
806 MANTYPE=cat
807 ;;
0fff78ff 808*-*-unicosmp*)
cdd66111 809 AC_DEFINE(SETEUID_BREAKS_SETUID)
810 AC_DEFINE(BROKEN_SETREUID)
811 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 812 AC_DEFINE(WITH_ABBREV_NO_TTY)
813 AC_DEFINE(USE_PIPES)
814 AC_DEFINE(DISABLE_FD_PASSING)
815 LDFLAGS="$LDFLAGS"
cdd66111 816 LIBS="$LIBS -lgen -lacid -ldb"
0fff78ff 817 MANTYPE=cat
818 ;;
3c0ef626 819*-*-unicos*)
cdd66111 820 AC_DEFINE(SETEUID_BREAKS_SETUID)
821 AC_DEFINE(BROKEN_SETREUID)
822 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 823 AC_DEFINE(USE_PIPES)
41b2f314 824 AC_DEFINE(DISABLE_FD_PASSING)
825 AC_DEFINE(NO_SSH_LASTLOG)
826 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
827 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
828 MANTYPE=cat
3c0ef626 829 ;;
830*-dec-osf*)
831 AC_MSG_CHECKING(for Digital Unix SIA)
832 no_osfsia=""
833 AC_ARG_WITH(osfsia,
834 [ --with-osfsia Enable Digital Unix SIA],
835 [
836 if test "x$withval" = "xno" ; then
837 AC_MSG_RESULT(disabled)
838 no_osfsia=1
839 fi
840 ],
841 )
842 if test -z "$no_osfsia" ; then
843 if test -f /etc/sia/matrix.conf; then
844 AC_MSG_RESULT(yes)
2c06c99b 845 AC_DEFINE(HAVE_OSF_SIA, 1,
846 [Define if you have Digital Unix Security
847 Integration Architecture])
848 AC_DEFINE(DISABLE_LOGIN, 1,
849 [Define if you don't want to use your
850 system's login() call])
6a9b3198 851 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 852 LIBS="$LIBS -lsecurity -ldb -lm -laud"
9108f8d9 853 SIA_MSG="yes"
3c0ef626 854 else
855 AC_MSG_RESULT(no)
2c06c99b 856 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
857 [String used in /etc/passwd to denote locked account])
3c0ef626 858 fi
859 fi
0fff78ff 860 AC_DEFINE(BROKEN_GETADDRINFO)
acc3d05e 861 AC_DEFINE(SETEUID_BREAKS_SETUID)
862 AC_DEFINE(BROKEN_SETREUID)
863 AC_DEFINE(BROKEN_SETREGID)
22616013 864 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
3c0ef626 865 ;;
866
f2f068fa 867*-*-nto-qnx*)
3c0ef626 868 AC_DEFINE(USE_PIPES)
869 AC_DEFINE(NO_X11_UNIX_SOCKETS)
2c06c99b 870 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
871 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
872 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
f2f068fa 873 AC_DEFINE(DISABLE_LASTLOG)
9108f8d9 874 AC_DEFINE(SSHD_ACQUIRES_CTTY)
47686178 875 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
9108f8d9 876 enable_etc_default_login=no # has incompatible /etc/default/login
d4487008 877 case "$host" in
878 *-*-nto-qnx6*)
879 AC_DEFINE(DISABLE_FD_PASSING)
880 ;;
881 esac
3c0ef626 882 ;;
665a873d 883
884*-*-ultrix*)
2c06c99b 885 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
886 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
f2f068fa 887 AC_DEFINE(NEED_SETPGRP)
665a873d 888 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
889 ;;
890
891*-*-lynxos)
892 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
2c06c99b 893 AC_DEFINE(MISSING_HOWMANY)
665a873d 894 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
895 ;;
3c0ef626 896esac
897
0fff78ff 898AC_MSG_CHECKING(compiler and flags for sanity)
996d5e62 899AC_RUN_IFELSE(
900 [AC_LANG_SOURCE([
0fff78ff 901#include <stdio.h>
902int main(){exit(0);}
996d5e62 903 ])],
0fff78ff 904 [ AC_MSG_RESULT(yes) ],
905 [
906 AC_MSG_RESULT(no)
907 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
996d5e62 908 ],
909 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
0fff78ff 910)
911
665a873d 912dnl Checks for header files.
3c0ef626 913# Checks for libraries.
914AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
915AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
916
0fff78ff 917dnl IRIX and Solaris 2.5.1 have dirname() in libgen
918AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
919 AC_CHECK_LIB(gen, dirname,[
920 AC_CACHE_CHECK([for broken dirname],
921 ac_cv_have_broken_dirname, [
922 save_LIBS="$LIBS"
923 LIBS="$LIBS -lgen"
2c06c99b 924 AC_RUN_IFELSE(
925 [AC_LANG_SOURCE([[
0fff78ff 926#include <libgen.h>
927#include <string.h>
928
929int main(int argc, char **argv) {
930 char *s, buf[32];
931
932 strncpy(buf,"/etc", 32);
933 s = dirname(buf);
934 if (!s || strncmp(s, "/", 32) != 0) {
935 exit(1);
936 } else {
937 exit(0);
938 }
939}
2c06c99b 940 ]])],
941 [ ac_cv_have_broken_dirname="no" ],
942 [ ac_cv_have_broken_dirname="yes" ],
0fff78ff 943 [ ac_cv_have_broken_dirname="no" ],
0fff78ff 944 )
945 LIBS="$save_LIBS"
946 ])
947 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
948 LIBS="$LIBS -lgen"
949 AC_DEFINE(HAVE_DIRNAME)
950 AC_CHECK_HEADERS(libgen.h)
951 fi
952 ])
953])
954
3c0ef626 955AC_CHECK_FUNC(getspnam, ,
956 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
2c06c99b 957AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
958 [Define if you have the basename function.]))
3c0ef626 959
960dnl zlib is required
961AC_ARG_WITH(zlib,
962 [ --with-zlib=PATH Use zlib in PATH],
dec6d9fe 963 [ if test "x$withval" = "xno" ; then
964 AC_MSG_ERROR([*** zlib is required ***])
965 elif test "x$withval" != "xyes"; then
3c0ef626 966 if test -d "$withval/lib"; then
967 if test -n "${need_dash_r}"; then
968 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
969 else
970 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
971 fi
972 else
973 if test -n "${need_dash_r}"; then
974 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
975 else
976 LDFLAGS="-L${withval} ${LDFLAGS}"
977 fi
978 fi
979 if test -d "$withval/include"; then
980 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
981 else
982 CPPFLAGS="-I${withval} ${CPPFLAGS}"
983 fi
dec6d9fe 984 fi ]
3c0ef626 985)
986
3d738e65 987AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
cdd66111 988AC_CHECK_LIB(z, deflate, ,
989 [
990 saved_CPPFLAGS="$CPPFLAGS"
991 saved_LDFLAGS="$LDFLAGS"
992 save_LIBS="$LIBS"
993 dnl Check default zlib install dir
994 if test -n "${need_dash_r}"; then
995 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
996 else
997 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
998 fi
999 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
1000 LIBS="$LIBS -lz"
1001 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
1002 [
1003 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
1004 ]
1005 )
1006 ]
1007)
cdd66111 1008
1009AC_ARG_WITH(zlib-version-check,
1010 [ --without-zlib-version-check Disable zlib version check],
1011 [ if test "x$withval" = "xno" ; then
1012 zlib_check_nonfatal=1
1013 fi
1014 ]
1015)
1016
dec6d9fe 1017AC_MSG_CHECKING(for possibly buggy zlib)
996d5e62 1018AC_RUN_IFELSE([AC_LANG_SOURCE([[
dec6d9fe 1019#include <stdio.h>
cdd66111 1020#include <zlib.h>
1021int main()
1022{
dec6d9fe 1023 int a=0, b=0, c=0, d=0, n, v;
1024 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1025 if (n != 3 && n != 4)
cdd66111 1026 exit(1);
dec6d9fe 1027 v = a*1000000 + b*10000 + c*100 + d;
1028 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1029
1030 /* 1.1.4 is OK */
1031 if (a == 1 && b == 1 && c >= 4)
cdd66111 1032 exit(0);
dec6d9fe 1033
665a873d 1034 /* 1.2.3 and up are OK */
1035 if (v >= 1020300)
dec6d9fe 1036 exit(0);
1037
cdd66111 1038 exit(2);
1039}
996d5e62 1040 ]])],
dec6d9fe 1041 AC_MSG_RESULT(no),
1042 [ AC_MSG_RESULT(yes)
cdd66111 1043 if test -z "$zlib_check_nonfatal" ; then
1044 AC_MSG_ERROR([*** zlib too old - check config.log ***
1045Your reported zlib version has known security problems. It's possible your
1046vendor has fixed these problems without changing the version number. If you
1047are sure this is the case, you can disable the check by running
1048"./configure --without-zlib-version-check".
665a873d 1049If you are in doubt, upgrade zlib to version 1.2.3 or greater.
dec6d9fe 1050See http://www.gzip.org/zlib/ for details.])
cdd66111 1051 else
1052 AC_MSG_WARN([zlib version may have security problems])
1053 fi
996d5e62 1054 ],
1055 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
cdd66111 1056)
3c0ef626 1057
3c0ef626 1058dnl UnixWare 2.x
cdd66111 1059AC_CHECK_FUNC(strcasecmp,
3c0ef626 1060 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1061)
2c06c99b 1062AC_CHECK_FUNCS(utimes,
41b2f314 1063 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1064 LIBS="$LIBS -lc89"]) ]
3c0ef626 1065)
1066
1067dnl Checks for libutil functions
1068AC_CHECK_HEADERS(libutil.h)
2c06c99b 1069AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1070 [Define if your libraries define login()])])
22616013 1071AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
3c0ef626 1072
1073AC_FUNC_STRFTIME
1074
3c0ef626 1075# Check for ALTDIRFUNC glob() extension
1076AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1077AC_EGREP_CPP(FOUNDIT,
1078 [
1079 #include <glob.h>
1080 #ifdef GLOB_ALTDIRFUNC
1081 FOUNDIT
1082 #endif
cdd66111 1083 ],
3c0ef626 1084 [
2c06c99b 1085 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1086 [Define if your system glob() function has
1087 the GLOB_ALTDIRFUNC extension])
3c0ef626 1088 AC_MSG_RESULT(yes)
1089 ],
1090 [
1091 AC_MSG_RESULT(no)
1092 ]
1093)
1094
1095# Check for g.gl_matchc glob() extension
1096AC_MSG_CHECKING(for gl_matchc field in glob_t)
9108f8d9 1097AC_TRY_COMPILE(
1098 [ #include <glob.h> ],
1099 [glob_t g; g.gl_matchc = 1;],
cdd66111 1100 [
2c06c99b 1101 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1102 [Define if your system glob() function has
1103 gl_matchc options in glob_t])
cdd66111 1104 AC_MSG_RESULT(yes)
1105 ],
1106 [
1107 AC_MSG_RESULT(no)
1108 ]
3c0ef626 1109)
1110
9108f8d9 1111AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1112
3c0ef626 1113AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
996d5e62 1114AC_RUN_IFELSE(
1115 [AC_LANG_SOURCE([[
3c0ef626 1116#include <sys/types.h>
1117#include <dirent.h>
41b2f314 1118int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
996d5e62 1119 ]])],
cdd66111 1120 [AC_MSG_RESULT(yes)],
3c0ef626 1121 [
1122 AC_MSG_RESULT(no)
2c06c99b 1123 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1124 [Define if your struct dirent expects you to
1125 allocate extra space for d_name])
996d5e62 1126 ],
dec6d9fe 1127 [
996d5e62 1128 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1129 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1130 ]
1131)
1132
c9f39d2c 1133AC_MSG_CHECKING([for /proc/pid/fd directory])
1134if test -d "/proc/$$/fd" ; then
2c06c99b 1135 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
c9f39d2c 1136 AC_MSG_RESULT(yes)
1137else
1138 AC_MSG_RESULT(no)
1139fi
1140
3c0ef626 1141# Check whether user wants S/Key support
cdd66111 1142SKEY_MSG="no"
3c0ef626 1143AC_ARG_WITH(skey,
996d5e62 1144 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1145 [
1146 if test "x$withval" != "xno" ; then
1147
1148 if test "x$withval" != "xyes" ; then
1149 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1150 LDFLAGS="$LDFLAGS -L${withval}/lib"
1151 fi
1152
2c06c99b 1153 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1154 LIBS="-lskey $LIBS"
cdd66111 1155 SKEY_MSG="yes"
dec6d9fe 1156
e9a17296 1157 AC_MSG_CHECKING([for s/key support])
2c06c99b 1158 AC_LINK_IFELSE(
1159 [AC_LANG_SOURCE([[
e9a17296 1160#include <stdio.h>
1161#include <skey.h>
41b2f314 1162int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
2c06c99b 1163 ]])],
e9a17296 1164 [AC_MSG_RESULT(yes)],
3c0ef626 1165 [
e9a17296 1166 AC_MSG_RESULT(no)
3c0ef626 1167 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1168 ])
99be0775 1169 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1170 AC_TRY_COMPILE(
1171 [#include <stdio.h>
1172 #include <skey.h>],
1173 [(void)skeychallenge(NULL,"name","",0);],
1174 [AC_MSG_RESULT(yes)
2c06c99b 1175 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1176 [Define if your skeychallenge()
1177 function takes 4 arguments (NetBSD)])],
99be0775 1178 [AC_MSG_RESULT(no)]
1179 )
3c0ef626 1180 fi
1181 ]
1182)
1183
1184# Check whether user wants TCP wrappers support
1185TCPW_MSG="no"
1186AC_ARG_WITH(tcp-wrappers,
996d5e62 1187 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1188 [
1189 if test "x$withval" != "xno" ; then
1190 saved_LIBS="$LIBS"
1191 saved_LDFLAGS="$LDFLAGS"
1192 saved_CPPFLAGS="$CPPFLAGS"
dec6d9fe 1193 if test -n "${withval}" && \
1194 test "x${withval}" != "xyes"; then
3c0ef626 1195 if test -d "${withval}/lib"; then
1196 if test -n "${need_dash_r}"; then
1197 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1198 else
1199 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1200 fi
1201 else
1202 if test -n "${need_dash_r}"; then
1203 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1204 else
1205 LDFLAGS="-L${withval} ${LDFLAGS}"
1206 fi
1207 fi
1208 if test -d "${withval}/include"; then
1209 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1210 else
1211 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1212 fi
1213 fi
d4487008 1214 LIBS="-lwrap $LIBS"
3c0ef626 1215 AC_MSG_CHECKING(for libwrap)
1216 AC_TRY_LINK(
1217 [
99be0775 1218#include <sys/types.h>
1219#include <sys/socket.h>
1220#include <netinet/in.h>
3c0ef626 1221#include <tcpd.h>
1222 int deny_severity = 0, allow_severity = 0;
1223 ],
1224 [hosts_access(0);],
1225 [
1226 AC_MSG_RESULT(yes)
2c06c99b 1227 AC_DEFINE(LIBWRAP, 1,
1228 [Define if you want
1229 TCP Wrappers support])
d4487008 1230 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1231 TCPW_MSG="yes"
1232 ],
1233 [
1234 AC_MSG_ERROR([*** libwrap missing])
1235 ]
1236 )
e9a17296 1237 LIBS="$saved_LIBS"
3c0ef626 1238 fi
1239 ]
1240)
1241
996d5e62 1242# Check whether user wants libedit support
1243LIBEDIT_MSG="no"
1244AC_ARG_WITH(libedit,
1245 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1246 [ if test "x$withval" != "xno" ; then
dec6d9fe 1247 if test "x$withval" != "xyes"; then
2c06c99b 1248 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1249 if test -n "${need_dash_r}"; then
1250 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1251 else
1252 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1253 fi
dec6d9fe 1254 fi
996d5e62 1255 AC_CHECK_LIB(edit, el_init,
2c06c99b 1256 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
996d5e62 1257 LIBEDIT="-ledit -lcurses"
1258 LIBEDIT_MSG="yes"
1259 AC_SUBST(LIBEDIT)
1260 ],
dec6d9fe 1261 [ AC_MSG_ERROR(libedit not found) ],
1262 [ -lcurses ]
996d5e62 1263 )
665a873d 1264 AC_MSG_CHECKING(if libedit version is compatible)
1265 AC_COMPILE_IFELSE(
1266 [AC_LANG_SOURCE([[
1267#include <histedit.h>
1268int main(void)
1269{
1270 int i = H_SETSIZE;
1271 el_init("", NULL, NULL, NULL);
1272 exit(0);
1273}
1274 ]])],
1275 [ AC_MSG_RESULT(yes) ],
1276 [ AC_MSG_RESULT(no)
1277 AC_MSG_ERROR(libedit version is not compatible) ]
1278 )
996d5e62 1279 fi ]
1280)
1281
1282AUDIT_MODULE=none
1283AC_ARG_WITH(audit,
1284 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1285 [
1286 AC_MSG_CHECKING(for supported audit module)
1287 case "$withval" in
1288 bsm)
1289 AC_MSG_RESULT(bsm)
1290 AUDIT_MODULE=bsm
1291 dnl Checks for headers, libs and functions
1292 AC_CHECK_HEADERS(bsm/audit.h, [],
9108f8d9 1293 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1294 [
1295#ifdef HAVE_TIME_H
1296# include <time.h>
1297#endif
1298 ]
1299)
996d5e62 1300 AC_CHECK_LIB(bsm, getaudit, [],
1301 [AC_MSG_ERROR(BSM enabled and required library not found)])
1302 AC_CHECK_FUNCS(getaudit, [],
1303 [AC_MSG_ERROR(BSM enabled and required function not found)])
1304 # These are optional
47686178 1305 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
2c06c99b 1306 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
996d5e62 1307 ;;
1308 debug)
1309 AUDIT_MODULE=debug
1310 AC_MSG_RESULT(debug)
2c06c99b 1311 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
996d5e62 1312 ;;
665a873d 1313 no)
1314 AC_MSG_RESULT(no)
1315 ;;
996d5e62 1316 *)
1317 AC_MSG_ERROR([Unknown audit module $withval])
1318 ;;
1319 esac ]
1320)
1321
6a9b3198 1322dnl Checks for library functions. Please keep in alphabetical order
665a873d 1323AC_CHECK_FUNCS( \
1324 arc4random \
22616013 1325 arc4random_buf \
1326 arc4random_uniform \
2c06c99b 1327 asprintf \
665a873d 1328 b64_ntop \
1329 __b64_ntop \
1330 b64_pton \
1331 __b64_pton \
1332 bcopy \
1333 bindresvport_sa \
1334 clock \
1335 closefrom \
1336 dirfd \
1337 fchmod \
1338 fchown \
1339 freeaddrinfo \
22616013 1340 fstatvfs \
665a873d 1341 futimes \
1342 getaddrinfo \
1343 getcwd \
1344 getgrouplist \
1345 getnameinfo \
1346 getopt \
1347 getpeereid \
d4487008 1348 getpeerucred \
665a873d 1349 _getpty \
1350 getrlimit \
1351 getttyent \
1352 glob \
1353 inet_aton \
1354 inet_ntoa \
1355 inet_ntop \
1356 innetgr \
1357 login_getcapbool \
1358 md5_crypt \
1359 memmove \
1360 mkdtemp \
1361 mmap \
1362 ngetaddrinfo \
1363 nsleep \
1364 ogetaddrinfo \
1365 openlog_r \
1366 openpty \
d4487008 1367 poll \
665a873d 1368 prctl \
1369 pstat \
1370 readpassphrase \
1371 realpath \
1372 recvmsg \
1373 rresvport_af \
1374 sendmsg \
1375 setdtablesize \
1376 setegid \
1377 setenv \
1378 seteuid \
1379 setgroups \
1380 setlogin \
1381 setpcred \
1382 setproctitle \
1383 setregid \
1384 setreuid \
1385 setrlimit \
1386 setsid \
1387 setvbuf \
1388 sigaction \
1389 sigvec \
1390 snprintf \
1391 socketpair \
22616013 1392 statfs \
1393 statvfs \
665a873d 1394 strdup \
1395 strerror \
1396 strlcat \
1397 strlcpy \
1398 strmode \
1399 strnvis \
1400 strtonum \
1401 strtoll \
1402 strtoul \
d4487008 1403 swap32 \
665a873d 1404 sysconf \
1405 tcgetpgrp \
1406 truncate \
1407 unsetenv \
1408 updwtmpx \
2c06c99b 1409 vasprintf \
665a873d 1410 vhangup \
1411 vsnprintf \
1412 waitpid \
6a9b3198 1413)
1414
acc3d05e 1415# IRIX has a const char return value for gai_strerror()
1416AC_CHECK_FUNCS(gai_strerror,[
1417 AC_DEFINE(HAVE_GAI_STRERROR)
1418 AC_TRY_COMPILE([
1419#include <sys/types.h>
1420#include <sys/socket.h>
1421#include <netdb.h>
1422
1423const char *gai_strerror(int);],[
1424char *str;
1425
1426str = gai_strerror(0);],[
1427 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1428 [Define if gai_strerror() returns const char *])])])
1429
2c06c99b 1430AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1431 [Some systems put nanosleep outside of libc]))
6a9b3198 1432
0fff78ff 1433dnl Make sure prototypes are defined for these before using them.
0fff78ff 1434AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
665a873d 1435AC_CHECK_DECL(strsep,
1436 [AC_CHECK_FUNCS(strsep)],
1437 [],
1438 [
1439#ifdef HAVE_STRING_H
1440# include <string.h>
1441#endif
1442 ])
3c0ef626 1443
0fff78ff 1444dnl tcsendbreak might be a macro
1445AC_CHECK_DECL(tcsendbreak,
1446 [AC_DEFINE(HAVE_TCSENDBREAK)],
cdd66111 1447 [AC_CHECK_FUNCS(tcsendbreak)],
0fff78ff 1448 [#include <termios.h>]
1449)
3c0ef626 1450
c9f39d2c 1451AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1452
9108f8d9 1453AC_CHECK_DECLS(SHUT_RD, , ,
1454 [
1455#include <sys/types.h>
1456#include <sys/socket.h>
1457 ])
1458
1459AC_CHECK_DECLS(O_NONBLOCK, , ,
1460 [
1461#include <sys/types.h>
1462#ifdef HAVE_SYS_STAT_H
1463# include <sys/stat.h>
1464#endif
1465#ifdef HAVE_FCNTL_H
1466# include <fcntl.h>
1467#endif
1468 ])
1469
1470AC_CHECK_DECLS(writev, , , [
1471#include <sys/types.h>
1472#include <sys/uio.h>
1473#include <unistd.h>
1474 ])
1475
d4487008 1476AC_CHECK_DECLS(MAXSYMLINKS, , , [
1477#include <sys/param.h>
1478 ])
1479
1480AC_CHECK_DECLS(offsetof, , , [
1481#include <stddef.h>
1482 ])
1483
cdd66111 1484AC_CHECK_FUNCS(setresuid, [
1485 dnl Some platorms have setresuid that isn't implemented, test for this
1486 AC_MSG_CHECKING(if setresuid seems to work)
996d5e62 1487 AC_RUN_IFELSE(
1488 [AC_LANG_SOURCE([[
cdd66111 1489#include <stdlib.h>
1490#include <errno.h>
1491int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1492 ]])],
cdd66111 1493 [AC_MSG_RESULT(yes)],
2c06c99b 1494 [AC_DEFINE(BROKEN_SETRESUID, 1,
1495 [Define if your setresuid() is broken])
996d5e62 1496 AC_MSG_RESULT(not implemented)],
1497 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1498 )
1499])
1500
1501AC_CHECK_FUNCS(setresgid, [
1502 dnl Some platorms have setresgid that isn't implemented, test for this
1503 AC_MSG_CHECKING(if setresgid seems to work)
996d5e62 1504 AC_RUN_IFELSE(
1505 [AC_LANG_SOURCE([[
cdd66111 1506#include <stdlib.h>
1507#include <errno.h>
1508int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1509 ]])],
cdd66111 1510 [AC_MSG_RESULT(yes)],
2c06c99b 1511 [AC_DEFINE(BROKEN_SETRESGID, 1,
1512 [Define if your setresgid() is broken])
996d5e62 1513 AC_MSG_RESULT(not implemented)],
1514 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1515 )
1516])
1517
3c0ef626 1518dnl Checks for time functions
1519AC_CHECK_FUNCS(gettimeofday time)
1520dnl Checks for utmp functions
1521AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1522AC_CHECK_FUNCS(utmpname)
1523dnl Checks for utmpx functions
1524AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1525AC_CHECK_FUNCS(setutxent utmpxname)
91d9cdd3 1526dnl Checks for lastlog functions
1527AC_CHECK_FUNCS(getlastlogxbyname)
3c0ef626 1528
cdd66111 1529AC_CHECK_FUNC(daemon,
2c06c99b 1530 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1531 [AC_CHECK_LIB(bsd, daemon,
1532 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1533)
1534
cdd66111 1535AC_CHECK_FUNC(getpagesize,
2c06c99b 1536 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1537 [Define if your libraries define getpagesize()])],
1538 [AC_CHECK_LIB(ucb, getpagesize,
1539 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1540)
1541
1542# Check for broken snprintf
1543if test "x$ac_cv_func_snprintf" = "xyes" ; then
1544 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
996d5e62 1545 AC_RUN_IFELSE(
1546 [AC_LANG_SOURCE([[
3c0ef626 1547#include <stdio.h>
41b2f314 1548int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
996d5e62 1549 ]])],
cdd66111 1550 [AC_MSG_RESULT(yes)],
3c0ef626 1551 [
1552 AC_MSG_RESULT(no)
2c06c99b 1553 AC_DEFINE(BROKEN_SNPRINTF, 1,
1554 [Define if your snprintf is busted])
3c0ef626 1555 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
996d5e62 1556 ],
1557 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1558 )
1559fi
1560
2c06c99b 1561# If we don't have a working asprintf, then we strongly depend on vsnprintf
1562# returning the right thing on overflow: the number of characters it tried to
1563# create (as per SUSv3)
1564if test "x$ac_cv_func_asprintf" != "xyes" && \
1565 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1566 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1567 AC_RUN_IFELSE(
1568 [AC_LANG_SOURCE([[
1569#include <sys/types.h>
1570#include <stdio.h>
1571#include <stdarg.h>
1572
1573int x_snprintf(char *str,size_t count,const char *fmt,...)
1574{
1575 size_t ret; va_list ap;
1576 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1577 return ret;
1578}
1579int main(void)
1580{
1581 char x[1];
1582 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1583} ]])],
1584 [AC_MSG_RESULT(yes)],
1585 [
1586 AC_MSG_RESULT(no)
1587 AC_DEFINE(BROKEN_SNPRINTF, 1,
1588 [Define if your snprintf is busted])
1589 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1590 ],
1591 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1592 )
1593fi
1594
1595# On systems where [v]snprintf is broken, but is declared in stdio,
1596# check that the fmt argument is const char * or just char *.
1597# This is only useful for when BROKEN_SNPRINTF
1598AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1599AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1600 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1601 int main(void) { snprintf(0, 0, 0); }
1602 ]])],
1603 [AC_MSG_RESULT(yes)
1604 AC_DEFINE(SNPRINTF_CONST, [const],
1605 [Define as const if snprintf() can declare const char *fmt])],
1606 [AC_MSG_RESULT(no)
1607 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1608
c9f39d2c 1609# Check for missing getpeereid (or equiv) support
1610NO_PEERCHECK=""
d4487008 1611if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
c9f39d2c 1612 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1613 AC_TRY_COMPILE(
1614 [#include <sys/types.h>
1615 #include <sys/socket.h>],
1616 [int i = SO_PEERCRED;],
dec6d9fe 1617 [ AC_MSG_RESULT(yes)
2c06c99b 1618 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
dec6d9fe 1619 ],
c9f39d2c 1620 [AC_MSG_RESULT(no)
1621 NO_PEERCHECK=1]
1622 )
1623fi
1624
6a9b3198 1625dnl see whether mkstemp() requires XXXXXX
1626if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1627AC_MSG_CHECKING([for (overly) strict mkstemp])
2c06c99b 1628AC_RUN_IFELSE(
1629 [AC_LANG_SOURCE([[
6a9b3198 1630#include <stdlib.h>
1631main() { char template[]="conftest.mkstemp-test";
1632if (mkstemp(template) == -1)
1633 exit(1);
1634unlink(template); exit(0);
1635}
2c06c99b 1636 ]])],
6a9b3198 1637 [
1638 AC_MSG_RESULT(no)
1639 ],
cdd66111 1640 [
6a9b3198 1641 AC_MSG_RESULT(yes)
2c06c99b 1642 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
6a9b3198 1643 ],
1644 [
1645 AC_MSG_RESULT(yes)
1646 AC_DEFINE(HAVE_STRICT_MKSTEMP)
cdd66111 1647 ]
6a9b3198 1648)
1649fi
1650
0fff78ff 1651dnl make sure that openpty does not reacquire controlling terminal
1652if test ! -z "$check_for_openpty_ctty_bug"; then
1653 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
2c06c99b 1654 AC_RUN_IFELSE(
1655 [AC_LANG_SOURCE([[
0fff78ff 1656#include <stdio.h>
1657#include <sys/fcntl.h>
1658#include <sys/types.h>
1659#include <sys/wait.h>
1660
1661int
1662main()
1663{
1664 pid_t pid;
1665 int fd, ptyfd, ttyfd, status;
1666
1667 pid = fork();
1668 if (pid < 0) { /* failed */
1669 exit(1);
1670 } else if (pid > 0) { /* parent */
1671 waitpid(pid, &status, 0);
cdd66111 1672 if (WIFEXITED(status))
0fff78ff 1673 exit(WEXITSTATUS(status));
1674 else
1675 exit(2);
1676 } else { /* child */
1677 close(0); close(1); close(2);
1678 setsid();
1679 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1680 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1681 if (fd >= 0)
1682 exit(3); /* Acquired ctty: broken */
1683 else
1684 exit(0); /* Did not acquire ctty: OK */
1685 }
1686}
2c06c99b 1687 ]])],
0fff78ff 1688 [
1689 AC_MSG_RESULT(yes)
1690 ],
1691 [
1692 AC_MSG_RESULT(no)
1693 AC_DEFINE(SSHD_ACQUIRES_CTTY)
2c06c99b 1694 ],
1695 [
1696 AC_MSG_RESULT(cross-compiling, assuming yes)
0fff78ff 1697 ]
1698 )
1699fi
1700
dec6d9fe 1701if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1702 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
99be0775 1703 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1704 AC_RUN_IFELSE(
1705 [AC_LANG_SOURCE([[
99be0775 1706#include <stdio.h>
1707#include <sys/socket.h>
1708#include <netdb.h>
1709#include <errno.h>
1710#include <netinet/in.h>
1711
1712#define TEST_PORT "2222"
1713
1714int
1715main(void)
1716{
1717 int err, sock;
1718 struct addrinfo *gai_ai, *ai, hints;
1719 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1720
1721 memset(&hints, 0, sizeof(hints));
1722 hints.ai_family = PF_UNSPEC;
1723 hints.ai_socktype = SOCK_STREAM;
1724 hints.ai_flags = AI_PASSIVE;
1725
1726 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1727 if (err != 0) {
1728 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1729 exit(1);
1730 }
1731
1732 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1733 if (ai->ai_family != AF_INET6)
1734 continue;
1735
1736 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1737 sizeof(ntop), strport, sizeof(strport),
1738 NI_NUMERICHOST|NI_NUMERICSERV);
1739
1740 if (err != 0) {
1741 if (err == EAI_SYSTEM)
1742 perror("getnameinfo EAI_SYSTEM");
1743 else
1744 fprintf(stderr, "getnameinfo failed: %s\n",
1745 gai_strerror(err));
1746 exit(2);
1747 }
1748
1749 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1750 if (sock < 0)
1751 perror("socket");
1752 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1753 if (errno == EBADF)
1754 exit(3);
1755 }
1756 }
1757 exit(0);
1758}
2c06c99b 1759 ]])],
99be0775 1760 [
1761 AC_MSG_RESULT(yes)
1762 ],
1763 [
1764 AC_MSG_RESULT(no)
1765 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1766 ],
1767 [
1768 AC_MSG_RESULT(cross-compiling, assuming yes)
99be0775 1769 ]
1770 )
1771fi
1772
dec6d9fe 1773if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1774 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
996d5e62 1775 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1776 AC_RUN_IFELSE(
1777 [AC_LANG_SOURCE([[
996d5e62 1778#include <stdio.h>
1779#include <sys/socket.h>
1780#include <netdb.h>
1781#include <errno.h>
1782#include <netinet/in.h>
1783
1784#define TEST_PORT "2222"
1785
1786int
1787main(void)
1788{
1789 int err, sock;
1790 struct addrinfo *gai_ai, *ai, hints;
1791 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1792
1793 memset(&hints, 0, sizeof(hints));
1794 hints.ai_family = PF_UNSPEC;
1795 hints.ai_socktype = SOCK_STREAM;
1796 hints.ai_flags = AI_PASSIVE;
1797
1798 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1799 if (err != 0) {
1800 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1801 exit(1);
1802 }
1803
1804 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1805 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1806 continue;
1807
1808 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1809 sizeof(ntop), strport, sizeof(strport),
1810 NI_NUMERICHOST|NI_NUMERICSERV);
1811
1812 if (ai->ai_family == AF_INET && err != 0) {
1813 perror("getnameinfo");
1814 exit(2);
1815 }
1816 }
1817 exit(0);
1818}
2c06c99b 1819 ]])],
996d5e62 1820 [
1821 AC_MSG_RESULT(yes)
2c06c99b 1822 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1823 [Define if you have a getaddrinfo that fails
1824 for the all-zeros IPv6 address])
996d5e62 1825 ],
1826 [
1827 AC_MSG_RESULT(no)
1828 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1829 ],
9108f8d9 1830 [
2c06c99b 1831 AC_MSG_RESULT(cross-compiling, assuming no)
996d5e62 1832 ]
1833 )
1834fi
1835
1836if test "x$check_for_conflicting_getspnam" = "x1"; then
1837 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1838 AC_COMPILE_IFELSE(
1839 [
1840#include <shadow.h>
1841int main(void) {exit(0);}
1842 ],
1843 [
1844 AC_MSG_RESULT(no)
1845 ],
1846 [
1847 AC_MSG_RESULT(yes)
1848 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1849 [Conflicting defs for getspnam])
1850 ]
1851 )
1852fi
1853
3c0ef626 1854AC_FUNC_GETPGRP
1855
700318f3 1856# Search for OpenSSL
1857saved_CPPFLAGS="$CPPFLAGS"
1858saved_LDFLAGS="$LDFLAGS"
3c0ef626 1859AC_ARG_WITH(ssl-dir,
1860 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1861 [
1862 if test "x$withval" != "xno" ; then
996d5e62 1863 case "$withval" in
1864 # Relative paths
1865 ./*|../*) withval="`pwd`/$withval"
1866 esac
700318f3 1867 if test -d "$withval/lib"; then
1868 if test -n "${need_dash_r}"; then
1869 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1870 else
1871 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1872 fi
1873 else
700318f3 1874 if test -n "${need_dash_r}"; then
1875 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1876 else
1877 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1878 fi
1879 fi
700318f3 1880 if test -d "$withval/include"; then
1881 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1882 else
700318f3 1883 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1884 fi
1885 fi
700318f3 1886 ]
1887)
cdd66111 1888LIBS="-lcrypto $LIBS"
2c06c99b 1889AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1890 [Define if your ssl headers are included
1891 with #include <openssl/header.h>]),
3c0ef626 1892 [
700318f3 1893 dnl Check default openssl install dir
1894 if test -n "${need_dash_r}"; then
1895 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1896 else
700318f3 1897 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1898 fi
700318f3 1899 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
3d738e65 1900 AC_CHECK_HEADER([openssl/opensslv.h], ,
1901 AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***]))
700318f3 1902 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1903 [
1904 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1905 ]
1906 )
1907 ]
1908)
1909
41b2f314 1910# Determine OpenSSL header version
1911AC_MSG_CHECKING([OpenSSL header version])
996d5e62 1912AC_RUN_IFELSE(
1913 [AC_LANG_SOURCE([[
41b2f314 1914#include <stdio.h>
1915#include <string.h>
1916#include <openssl/opensslv.h>
1917#define DATA "conftest.sslincver"
1918int main(void) {
cdd66111 1919 FILE *fd;
1920 int rc;
41b2f314 1921
cdd66111 1922 fd = fopen(DATA,"w");
1923 if(fd == NULL)
1924 exit(1);
41b2f314 1925
1926 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1927 exit(1);
1928
1929 exit(0);
1930}
996d5e62 1931 ]])],
41b2f314 1932 [
1933 ssl_header_ver=`cat conftest.sslincver`
1934 AC_MSG_RESULT($ssl_header_ver)
1935 ],
1936 [
1937 AC_MSG_RESULT(not found)
1938 AC_MSG_ERROR(OpenSSL version header not found.)
996d5e62 1939 ],
1940 [
1941 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1942 ]
1943)
1944
1945# Determine OpenSSL library version
1946AC_MSG_CHECKING([OpenSSL library version])
996d5e62 1947AC_RUN_IFELSE(
1948 [AC_LANG_SOURCE([[
41b2f314 1949#include <stdio.h>
1950#include <string.h>
1951#include <openssl/opensslv.h>
1952#include <openssl/crypto.h>
1953#define DATA "conftest.ssllibver"
1954int main(void) {
cdd66111 1955 FILE *fd;
1956 int rc;
41b2f314 1957
cdd66111 1958 fd = fopen(DATA,"w");
1959 if(fd == NULL)
1960 exit(1);
41b2f314 1961
1962 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1963 exit(1);
1964
1965 exit(0);
1966}
996d5e62 1967 ]])],
41b2f314 1968 [
1969 ssl_library_ver=`cat conftest.ssllibver`
1970 AC_MSG_RESULT($ssl_library_ver)
1971 ],
1972 [
1973 AC_MSG_RESULT(not found)
1974 AC_MSG_ERROR(OpenSSL library not found.)
996d5e62 1975 ],
1976 [
1977 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1978 ]
1979)
3c0ef626 1980
799ae497 1981AC_ARG_WITH(openssl-header-check,
1982 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1983 [ if test "x$withval" = "xno" ; then
1984 openssl_check_nonfatal=1
1985 fi
1986 ]
1987)
1988
e9a17296 1989# Sanity check OpenSSL headers
1990AC_MSG_CHECKING([whether OpenSSL's headers match the library])
996d5e62 1991AC_RUN_IFELSE(
1992 [AC_LANG_SOURCE([[
e9a17296 1993#include <string.h>
1994#include <openssl/opensslv.h>
41b2f314 1995int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
996d5e62 1996 ]])],
e9a17296 1997 [
1998 AC_MSG_RESULT(yes)
1999 ],
2000 [
2001 AC_MSG_RESULT(no)
799ae497 2002 if test "x$openssl_check_nonfatal" = "x"; then
2003 AC_MSG_ERROR([Your OpenSSL headers do not match your
2004library. Check config.log for details.
2005If you are sure your installation is consistent, you can disable the check
2006by running "./configure --without-openssl-header-check".
2007Also see contrib/findssl.sh for help identifying header/library mismatches.
2008])
2009 else
2010 AC_MSG_WARN([Your OpenSSL headers do not match your
2011library. Check config.log for details.
0fff78ff 2012Also see contrib/findssl.sh for help identifying header/library mismatches.])
799ae497 2013 fi
996d5e62 2014 ],
2015 [
2016 AC_MSG_WARN([cross compiling: not checking])
e9a17296 2017 ]
2018)
2019
9108f8d9 2020AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2021AC_LINK_IFELSE(
2022 [AC_LANG_SOURCE([[
2023#include <openssl/evp.h>
2024int main(void) { SSLeay_add_all_algorithms(); }
2025 ]])],
2026 [
2027 AC_MSG_RESULT(yes)
2028 ],
2029 [
2030 AC_MSG_RESULT(no)
2031 saved_LIBS="$LIBS"
2032 LIBS="$LIBS -ldl"
2033 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2034 AC_LINK_IFELSE(
2035 [AC_LANG_SOURCE([[
2036#include <openssl/evp.h>
2037int main(void) { SSLeay_add_all_algorithms(); }
2038 ]])],
2039 [
2040 AC_MSG_RESULT(yes)
2041 ],
2042 [
2043 AC_MSG_RESULT(no)
2044 LIBS="$saved_LIBS"
2045 ]
2046 )
2047 ]
2048)
2049
2050AC_ARG_WITH(ssl-engine,
2051 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2052 [ if test "x$withval" != "xno" ; then
2053 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2054 AC_TRY_COMPILE(
2055 [ #include <openssl/engine.h>],
2056 [
ff7ec503 2057ENGINE_load_builtin_engines();ENGINE_register_all_complete();
9108f8d9 2058 ],
2059 [ AC_MSG_RESULT(yes)
2060 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2061 [Enable OpenSSL engine support])
2062 ],
2063 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2064 )
2065 fi ]
2066)
2067
2c06c99b 2068# Check for OpenSSL without EVP_aes_{192,256}_cbc
2069AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
9108f8d9 2070AC_LINK_IFELSE(
2c06c99b 2071 [AC_LANG_SOURCE([[
2072#include <string.h>
2073#include <openssl/evp.h>
f2f068fa 2074int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
2c06c99b 2075 ]])],
2076 [
2077 AC_MSG_RESULT(no)
2078 ],
2079 [
2080 AC_MSG_RESULT(yes)
2081 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2082 [libcrypto is missing AES 192 and 256 bit functions])
2083 ]
2084)
2085
3d738e65 2086AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
2087AC_LINK_IFELSE(
2088 [AC_LANG_SOURCE([[
2089#include <string.h>
2090#include <openssl/evp.h>
2091int main(void) { if(EVP_DigestUpdate(NULL, NULL,0)) exit(0); }
2092 ]])],
2093 [
2094 AC_MSG_RESULT(yes)
2095 ],
2096 [
2097 AC_MSG_RESULT(no)
2098 AC_DEFINE(OPENSSL_EVP_DIGESTUPDATE_VOID, 1,
2099 [Define if EVP_DigestUpdate returns void])
2100 ]
2101)
2102
cdd66111 2103# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2104# because the system crypt() is more featureful.
2105if test "x$check_for_libcrypt_before" = "x1"; then
2106 AC_CHECK_LIB(crypt, crypt)
2107fi
2108
2109# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2110# version in OpenSSL.
0fff78ff 2111if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2112 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2113fi
2114
9108f8d9 2115# Search for SHA256 support in libc and/or OpenSSL
2116AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2117
d4487008 2118saved_LIBS="$LIBS"
2119AC_CHECK_LIB(iaf, ia_openinfo, [
2120 LIBS="$LIBS -liaf"
47686178 2121 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2122 AC_DEFINE(HAVE_LIBIAF, 1,
2123 [Define if system has libiaf that supports set_id])
2124 ])
d4487008 2125])
2126LIBS="$saved_LIBS"
e9a17296 2127
2128### Configure cryptographic random number support
2129
2130# Check wheter OpenSSL seeds itself
2131AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
996d5e62 2132AC_RUN_IFELSE(
2133 [AC_LANG_SOURCE([[
e9a17296 2134#include <string.h>
2135#include <openssl/rand.h>
41b2f314 2136int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
996d5e62 2137 ]])],
e9a17296 2138 [
2139 OPENSSL_SEEDS_ITSELF=yes
2140 AC_MSG_RESULT(yes)
2141 ],
2142 [
2143 AC_MSG_RESULT(no)
2144 # Default to use of the rand helper if OpenSSL doesn't
2145 # seed itself
2146 USE_RAND_HELPER=yes
996d5e62 2147 ],
2148 [
2149 AC_MSG_WARN([cross compiling: assuming yes])
2150 # This is safe, since all recent OpenSSL versions will
dec6d9fe 2151 # complain at runtime if not seeded correctly.
996d5e62 2152 OPENSSL_SEEDS_ITSELF=yes
e9a17296 2153 ]
2154)
2155
9108f8d9 2156# Check for PAM libs
2157PAM_MSG="no"
2158AC_ARG_WITH(pam,
2159 [ --with-pam Enable PAM support ],
2160 [
2161 if test "x$withval" != "xno" ; then
2162 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2163 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2164 AC_MSG_ERROR([PAM headers not found])
2165 fi
2166
2167 saved_LIBS="$LIBS"
2168 AC_CHECK_LIB(dl, dlopen, , )
2169 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2170 AC_CHECK_FUNCS(pam_getenvlist)
2171 AC_CHECK_FUNCS(pam_putenv)
2172 LIBS="$saved_LIBS"
2173
2174 PAM_MSG="yes"
2175
d4487008 2176 SSHDLIBS="$SSHDLIBS -lpam"
9108f8d9 2177 AC_DEFINE(USE_PAM, 1,
2178 [Define if you want to enable PAM support])
2179
2180 if test $ac_cv_lib_dl_dlopen = yes; then
2181 case "$LIBS" in
2182 *-ldl*)
2183 # libdl already in LIBS
2184 ;;
2185 *)
d4487008 2186 SSHDLIBS="$SSHDLIBS -ldl"
9108f8d9 2187 ;;
2188 esac
2189 fi
9108f8d9 2190 fi
2191 ]
2192)
2193
2194# Check for older PAM
2195if test "x$PAM_MSG" = "xyes" ; then
2196 # Check PAM strerror arguments (old PAM)
2197 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2198 AC_TRY_COMPILE(
2199 [
2200#include <stdlib.h>
2201#if defined(HAVE_SECURITY_PAM_APPL_H)
2202#include <security/pam_appl.h>
2203#elif defined (HAVE_PAM_PAM_APPL_H)
2204#include <pam/pam_appl.h>
2205#endif
2206 ],
2207 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2208 [AC_MSG_RESULT(no)],
2209 [
2210 AC_DEFINE(HAVE_OLD_PAM, 1,
2211 [Define if you have an old version of PAM
2212 which takes only one argument to pam_strerror])
2213 AC_MSG_RESULT(yes)
2214 PAM_MSG="yes (old library)"
2215 ]
2216 )
2217fi
e9a17296 2218
2219# Do we want to force the use of the rand helper?
2220AC_ARG_WITH(rand-helper,
2221 [ --with-rand-helper Use subprocess to gather strong randomness ],
2222 [
2223 if test "x$withval" = "xno" ; then
cdd66111 2224 # Force use of OpenSSL's internal RNG, even if
e9a17296 2225 # the previous test showed it to be unseeded.
2226 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2227 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2228 OPENSSL_SEEDS_ITSELF=yes
2229 USE_RAND_HELPER=""
2230 fi
2231 else
2232 USE_RAND_HELPER=yes
2233 fi
2234 ],
dec6d9fe 2235)
e9a17296 2236
2237# Which randomness source do we use?
dec6d9fe 2238if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 2239 # OpenSSL only
2c06c99b 2240 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2241 [Define if you want OpenSSL's internally seeded PRNG only])
e9a17296 2242 RAND_MSG="OpenSSL internal ONLY"
2243 INSTALL_SSH_RAND_HELPER=""
2244elif test ! -z "$USE_RAND_HELPER" ; then
2245 # install rand helper
2246 RAND_MSG="ssh-rand-helper"
2247 INSTALL_SSH_RAND_HELPER="yes"
2248fi
2249AC_SUBST(INSTALL_SSH_RAND_HELPER)
2250
2251### Configuration of ssh-rand-helper
2252
2253# PRNGD TCP socket
2254AC_ARG_WITH(prngd-port,
2255 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2256 [
2257 case "$withval" in
2258 no)
2259 withval=""
2260 ;;
2261 [[0-9]]*)
2262 ;;
2263 *)
2264 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2265 ;;
2266 esac
2267 if test ! -z "$withval" ; then
2268 PRNGD_PORT="$withval"
2c06c99b 2269 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2270 [Port number of PRNGD/EGD random number socket])
e9a17296 2271 fi
2272 ]
2273)
2274
2275# PRNGD Unix domain socket
2276AC_ARG_WITH(prngd-socket,
2277 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2278 [
2279 case "$withval" in
2280 yes)
2281 withval="/var/run/egd-pool"
2282 ;;
2283 no)
2284 withval=""
2285 ;;
2286 /*)
2287 ;;
2288 *)
2289 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2290 ;;
2291 esac
2292
2293 if test ! -z "$withval" ; then
2294 if test ! -z "$PRNGD_PORT" ; then
2295 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2296 fi
2297 if test ! -r "$withval" ; then
2298 AC_MSG_WARN(Entropy socket is not readable)
2299 fi
2300 PRNGD_SOCKET="$withval"
2c06c99b 2301 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2302 [Location of PRNGD/EGD random number socket])
e9a17296 2303 fi
2304 ],
2305 [
2306 # Check for existing socket only if we don't have a random device already
2307 if test "$USE_RAND_HELPER" = yes ; then
2308 AC_MSG_CHECKING(for PRNGD/EGD socket)
2309 # Insert other locations here
2310 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2311 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2312 PRNGD_SOCKET="$sock"
2313 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2314 break;
2315 fi
2316 done
2317 if test ! -z "$PRNGD_SOCKET" ; then
2318 AC_MSG_RESULT($PRNGD_SOCKET)
2319 else
2320 AC_MSG_RESULT(not found)
2321 fi
2322 fi
2323 ]
2324)
2325
2326# Change default command timeout for hashing entropy source
2327entropy_timeout=200
2328AC_ARG_WITH(entropy-timeout,
2329 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2330 [
dec6d9fe 2331 if test -n "$withval" && test "x$withval" != "xno" && \
2332 test "x${withval}" != "xyes"; then
e9a17296 2333 entropy_timeout=$withval
2334 fi
dec6d9fe 2335 ]
e9a17296 2336)
2c06c99b 2337AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2338 [Builtin PRNG command timeout])
e9a17296 2339
680cee3b 2340SSH_PRIVSEP_USER=sshd
700318f3 2341AC_ARG_WITH(privsep-user,
2342 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2343 [
dec6d9fe 2344 if test -n "$withval" && test "x$withval" != "xno" && \
2345 test "x${withval}" != "xyes"; then
680cee3b 2346 SSH_PRIVSEP_USER=$withval
700318f3 2347 fi
dec6d9fe 2348 ]
700318f3 2349)
2c06c99b 2350AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2351 [non-privileged user for privilege separation])
680cee3b 2352AC_SUBST(SSH_PRIVSEP_USER)
700318f3 2353
2354# We do this little dance with the search path to insure
2355# that programs that we select for use by installed programs
2356# (which may be run by the super-user) come from trusted
2357# locations before they come from the user's private area.
2358# This should help avoid accidentally configuring some
2359# random version of a program in someone's personal bin.
2360
2361OPATH=$PATH
2362PATH=/bin:/usr/bin
2363test -h /bin 2> /dev/null && PATH=/usr/bin
2364test -d /sbin && PATH=$PATH:/sbin
2365test -d /usr/sbin && PATH=$PATH:/usr/sbin
2366PATH=$PATH:/etc:$OPATH
2367
cdd66111 2368# These programs are used by the command hashing source to gather entropy
e9a17296 2369OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2370OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2371OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2372OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2373OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2374OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2375OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2376OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2377OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2378OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2379OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2380OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2381OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2382OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2383OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2384OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
700318f3 2385# restore PATH
2386PATH=$OPATH
e9a17296 2387
2388# Where does ssh-rand-helper get its randomness from?
2389INSTALL_SSH_PRNG_CMDS=""
2390if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2391 if test ! -z "$PRNGD_PORT" ; then
2392 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2393 elif test ! -z "$PRNGD_SOCKET" ; then
2394 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2395 else
2396 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2397 RAND_HELPER_CMDHASH=yes
2398 INSTALL_SSH_PRNG_CMDS="yes"
2399 fi
2400fi
2401AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2402
2403
3c0ef626 2404# Cheap hack to ensure NEWS-OS libraries are arranged right.
2405if test ! -z "$SONY" ; then
2406 LIBS="$LIBS -liberty";
2407fi
2408
2c06c99b 2409# Check for long long datatypes
2410AC_CHECK_TYPES([long long, unsigned long long, long double])
2411
2412# Check datatype sizes
3c0ef626 2413AC_CHECK_SIZEOF(char, 1)
2414AC_CHECK_SIZEOF(short int, 2)
2415AC_CHECK_SIZEOF(int, 4)
2416AC_CHECK_SIZEOF(long int, 4)
2417AC_CHECK_SIZEOF(long long int, 8)
2418
700318f3 2419# Sanity check long long for some platforms (AIX)
2420if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2421 ac_cv_sizeof_long_long_int=0
2422fi
2423
2c06c99b 2424# compute LLONG_MIN and LLONG_MAX if we don't know them.
2425if test -z "$have_llong_max"; then
2426 AC_MSG_CHECKING([for max value of long long])
2427 AC_RUN_IFELSE(
2428 [AC_LANG_SOURCE([[
2429#include <stdio.h>
2430/* Why is this so damn hard? */
2431#ifdef __GNUC__
2432# undef __GNUC__
2433#endif
2434#define __USE_ISOC99
2435#include <limits.h>
2436#define DATA "conftest.llminmax"
9108f8d9 2437#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2438
2439/*
2440 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2441 * we do this the hard way.
2442 */
2443static int
2444fprint_ll(FILE *f, long long n)
2445{
2446 unsigned int i;
2447 int l[sizeof(long long) * 8];
2448
2449 if (n < 0)
2450 if (fprintf(f, "-") < 0)
2451 return -1;
2452 for (i = 0; n != 0; i++) {
2453 l[i] = my_abs(n % 10);
2454 n /= 10;
2455 }
2456 do {
2457 if (fprintf(f, "%d", l[--i]) < 0)
2458 return -1;
2459 } while (i != 0);
2460 if (fprintf(f, " ") < 0)
2461 return -1;
2462 return 0;
2463}
2464
2c06c99b 2465int main(void) {
2466 FILE *f;
2467 long long i, llmin, llmax = 0;
2468
2469 if((f = fopen(DATA,"w")) == NULL)
2470 exit(1);
2471
2472#if defined(LLONG_MIN) && defined(LLONG_MAX)
2473 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2474 llmin = LLONG_MIN;
2475 llmax = LLONG_MAX;
2476#else
2477 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2478 /* This will work on one's complement and two's complement */
2479 for (i = 1; i > llmax; i <<= 1, i++)
2480 llmax = i;
2481 llmin = llmax + 1LL; /* wrap */
2482#endif
2483
2484 /* Sanity check */
2485 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
9108f8d9 2486 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2487 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
2c06c99b 2488 fprintf(f, "unknown unknown\n");
2489 exit(2);
2490 }
2491
9108f8d9 2492 if (fprint_ll(f, llmin) < 0)
2c06c99b 2493 exit(3);
9108f8d9 2494 if (fprint_ll(f, llmax) < 0)
2495 exit(4);
2496 if (fclose(f) < 0)
2497 exit(5);
2c06c99b 2498 exit(0);
2499}
2500 ]])],
2501 [
2502 llong_min=`$AWK '{print $1}' conftest.llminmax`
2503 llong_max=`$AWK '{print $2}' conftest.llminmax`
2504
2c06c99b 2505 AC_MSG_RESULT($llong_max)
2506 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2507 [max value of long long calculated by configure])
2508 AC_MSG_CHECKING([for min value of long long])
2509 AC_MSG_RESULT($llong_min)
2510 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2511 [min value of long long calculated by configure])
2512 ],
2513 [
2514 AC_MSG_RESULT(not found)
2515 ],
2516 [
2517 AC_MSG_WARN([cross compiling: not checking])
2518 ]
2519 )
2520fi
2521
2522
3c0ef626 2523# More checks for data types
2524AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2525 AC_TRY_COMPILE(
cdd66111 2526 [ #include <sys/types.h> ],
2527 [ u_int a; a = 1;],
3c0ef626 2528 [ ac_cv_have_u_int="yes" ],
2529 [ ac_cv_have_u_int="no" ]
2530 )
2531])
2532if test "x$ac_cv_have_u_int" = "xyes" ; then
2c06c99b 2533 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2534 have_u_int=1
2535fi
2536
2537AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2538 AC_TRY_COMPILE(
cdd66111 2539 [ #include <sys/types.h> ],
2540 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2541 [ ac_cv_have_intxx_t="yes" ],
2542 [ ac_cv_have_intxx_t="no" ]
2543 )
2544])
2545if test "x$ac_cv_have_intxx_t" = "xyes" ; then
2c06c99b 2546 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2547 have_intxx_t=1
2548fi
2549
2550if (test -z "$have_intxx_t" && \
cdd66111 2551 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2552then
2553 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2554 AC_TRY_COMPILE(
cdd66111 2555 [ #include <stdint.h> ],
2556 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2557 [
2558 AC_DEFINE(HAVE_INTXX_T)
2559 AC_MSG_RESULT(yes)
2560 ],
2561 [ AC_MSG_RESULT(no) ]
2562 )
2563fi
2564
2565AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2566 AC_TRY_COMPILE(
41b2f314 2567 [
2568#include <sys/types.h>
2569#ifdef HAVE_STDINT_H
2570# include <stdint.h>
2571#endif
2572#include <sys/socket.h>
2573#ifdef HAVE_SYS_BITYPES_H
2574# include <sys/bitypes.h>
2575#endif
cdd66111 2576 ],
2577 [ int64_t a; a = 1;],
3c0ef626 2578 [ ac_cv_have_int64_t="yes" ],
2579 [ ac_cv_have_int64_t="no" ]
2580 )
2581])
2582if test "x$ac_cv_have_int64_t" = "xyes" ; then
2c06c99b 2583 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9a17296 2584fi
2585
3c0ef626 2586AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2587 AC_TRY_COMPILE(
cdd66111 2588 [ #include <sys/types.h> ],
2589 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2590 [ ac_cv_have_u_intxx_t="yes" ],
2591 [ ac_cv_have_u_intxx_t="no" ]
2592 )
2593])
2594if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
2c06c99b 2595 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2596 have_u_intxx_t=1
2597fi
2598
2599if test -z "$have_u_intxx_t" ; then
2600 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2601 AC_TRY_COMPILE(
cdd66111 2602 [ #include <sys/socket.h> ],
2603 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2604 [
2605 AC_DEFINE(HAVE_U_INTXX_T)
2606 AC_MSG_RESULT(yes)
2607 ],
2608 [ AC_MSG_RESULT(no) ]
2609 )
2610fi
2611
2612AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2613 AC_TRY_COMPILE(
cdd66111 2614 [ #include <sys/types.h> ],
2615 [ u_int64_t a; a = 1;],
3c0ef626 2616 [ ac_cv_have_u_int64_t="yes" ],
2617 [ ac_cv_have_u_int64_t="no" ]
2618 )
2619])
2620if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2c06c99b 2621 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2622 have_u_int64_t=1
2623fi
2624
e9a17296 2625if test -z "$have_u_int64_t" ; then
2626 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2627 AC_TRY_COMPILE(
cdd66111 2628 [ #include <sys/bitypes.h> ],
e9a17296 2629 [ u_int64_t a; a = 1],
2630 [
2631 AC_DEFINE(HAVE_U_INT64_T)
2632 AC_MSG_RESULT(yes)
2633 ],
2634 [ AC_MSG_RESULT(no) ]
2635 )
2636fi
2637
3c0ef626 2638if test -z "$have_u_intxx_t" ; then
2639 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2640 AC_TRY_COMPILE(
2641 [
2642#include <sys/types.h>
cdd66111 2643 ],
2644 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2645 [ ac_cv_have_uintxx_t="yes" ],
2646 [ ac_cv_have_uintxx_t="no" ]
2647 )
2648 ])
2649 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2c06c99b 2650 AC_DEFINE(HAVE_UINTXX_T, 1,
2651 [define if you have uintxx_t data type])
3c0ef626 2652 fi
2653fi
2654
2655if test -z "$have_uintxx_t" ; then
2656 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2657 AC_TRY_COMPILE(
cdd66111 2658 [ #include <stdint.h> ],
2659 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2660 [
2661 AC_DEFINE(HAVE_UINTXX_T)
2662 AC_MSG_RESULT(yes)
2663 ],
2664 [ AC_MSG_RESULT(no) ]
2665 )
2666fi
2667
2668if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
cdd66111 2669 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2670then
2671 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2672 AC_TRY_COMPILE(
2673 [
2674#include <sys/bitypes.h>
cdd66111 2675 ],
3c0ef626 2676 [
2677 int8_t a; int16_t b; int32_t c;
2678 u_int8_t e; u_int16_t f; u_int32_t g;
2679 a = b = c = e = f = g = 1;
cdd66111 2680 ],
3c0ef626 2681 [
2682 AC_DEFINE(HAVE_U_INTXX_T)
2683 AC_DEFINE(HAVE_INTXX_T)
2684 AC_MSG_RESULT(yes)
2685 ],
2686 [AC_MSG_RESULT(no)]
cdd66111 2687 )
3c0ef626 2688fi
2689
2690
2691AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2692 AC_TRY_COMPILE(
2693 [
2694#include <sys/types.h>
2695 ],
2696 [ u_char foo; foo = 125; ],
2697 [ ac_cv_have_u_char="yes" ],
2698 [ ac_cv_have_u_char="no" ]
2699 )
2700])
2701if test "x$ac_cv_have_u_char" = "xyes" ; then
2c06c99b 2702 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2703fi
2704
2705TYPE_SOCKLEN_T
2706
e9a17296 2707AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22616013 2708AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2709#include <sys/types.h>
2710#ifdef HAVE_SYS_BITYPES_H
2711#include <sys/bitypes.h>
2712#endif
2713#ifdef HAVE_SYS_STATFS_H
2714#include <sys/statfs.h>
2715#endif
2716#ifdef HAVE_SYS_STATVFS_H
2717#include <sys/statvfs.h>
2718#endif
2719])
e9a17296 2720
3d738e65 2721AC_CHECK_TYPES([in_addr_t, in_port_t],,,
996d5e62 2722[#include <sys/types.h>
2723#include <netinet/in.h>])
2724
3c0ef626 2725AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2726 AC_TRY_COMPILE(
2727 [
2728#include <sys/types.h>
2729 ],
2730 [ size_t foo; foo = 1235; ],
2731 [ ac_cv_have_size_t="yes" ],
2732 [ ac_cv_have_size_t="no" ]
2733 )
2734])
2735if test "x$ac_cv_have_size_t" = "xyes" ; then
2c06c99b 2736 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2737fi
2738
2739AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2740 AC_TRY_COMPILE(
2741 [
2742#include <sys/types.h>
2743 ],
2744 [ ssize_t foo; foo = 1235; ],
2745 [ ac_cv_have_ssize_t="yes" ],
2746 [ ac_cv_have_ssize_t="no" ]
2747 )
2748])
2749if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2c06c99b 2750 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2751fi
2752
2753AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2754 AC_TRY_COMPILE(
2755 [
2756#include <time.h>
2757 ],
2758 [ clock_t foo; foo = 1235; ],
2759 [ ac_cv_have_clock_t="yes" ],
2760 [ ac_cv_have_clock_t="no" ]
2761 )
2762])
2763if test "x$ac_cv_have_clock_t" = "xyes" ; then
2c06c99b 2764 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2765fi
2766
2767AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2768 AC_TRY_COMPILE(
2769 [
2770#include <sys/types.h>
2771#include <sys/socket.h>
2772 ],
2773 [ sa_family_t foo; foo = 1235; ],
2774 [ ac_cv_have_sa_family_t="yes" ],
2775 [ AC_TRY_COMPILE(
2776 [
2777#include <sys/types.h>
2778#include <sys/socket.h>
2779#include <netinet/in.h>
2780 ],
2781 [ sa_family_t foo; foo = 1235; ],
2782 [ ac_cv_have_sa_family_t="yes" ],
2783
2784 [ ac_cv_have_sa_family_t="no" ]
2785 )]
2786 )
2787])
2788if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2c06c99b 2789 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2790 [define if you have sa_family_t data type])
3c0ef626 2791fi
2792
2793AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2794 AC_TRY_COMPILE(
2795 [
2796#include <sys/types.h>
2797 ],
2798 [ pid_t foo; foo = 1235; ],
2799 [ ac_cv_have_pid_t="yes" ],
2800 [ ac_cv_have_pid_t="no" ]
2801 )
2802])
2803if test "x$ac_cv_have_pid_t" = "xyes" ; then
2c06c99b 2804 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2805fi
2806
2807AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2808 AC_TRY_COMPILE(
2809 [
2810#include <sys/types.h>
2811 ],
2812 [ mode_t foo; foo = 1235; ],
2813 [ ac_cv_have_mode_t="yes" ],
2814 [ ac_cv_have_mode_t="no" ]
2815 )
2816])
2817if test "x$ac_cv_have_mode_t" = "xyes" ; then
2c06c99b 2818 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2819fi
2820
2821
2822AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2823 AC_TRY_COMPILE(
2824 [
2825#include <sys/types.h>
2826#include <sys/socket.h>
2827 ],
2828 [ struct sockaddr_storage s; ],
2829 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2830 [ ac_cv_have_struct_sockaddr_storage="no" ]
2831 )
2832])
2833if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2c06c99b 2834 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2835 [define if you have struct sockaddr_storage data type])
3c0ef626 2836fi
2837
2838AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2839 AC_TRY_COMPILE(
2840 [
2841#include <sys/types.h>
2842#include <netinet/in.h>
2843 ],
2844 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2845 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2846 [ ac_cv_have_struct_sockaddr_in6="no" ]
2847 )
2848])
2849if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2c06c99b 2850 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2851 [define if you have struct sockaddr_in6 data type])
3c0ef626 2852fi
2853
2854AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2855 AC_TRY_COMPILE(
2856 [
2857#include <sys/types.h>
2858#include <netinet/in.h>
2859 ],
2860 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2861 [ ac_cv_have_struct_in6_addr="yes" ],
2862 [ ac_cv_have_struct_in6_addr="no" ]
2863 )
2864])
2865if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2c06c99b 2866 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2867 [define if you have struct in6_addr data type])
91d9cdd3 2868
2869dnl Now check for sin6_scope_id
2870 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2871 [
2872#ifdef HAVE_SYS_TYPES_H
2873#include <sys/types.h>
2874#endif
2875#include <netinet/in.h>
2876 ])
3c0ef626 2877fi
2878
2879AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2880 AC_TRY_COMPILE(
2881 [
2882#include <sys/types.h>
2883#include <sys/socket.h>
2884#include <netdb.h>
2885 ],
2886 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2887 [ ac_cv_have_struct_addrinfo="yes" ],
2888 [ ac_cv_have_struct_addrinfo="no" ]
2889 )
2890])
2891if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2c06c99b 2892 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2893 [define if you have struct addrinfo data type])
3c0ef626 2894fi
2895
2896AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2897 AC_TRY_COMPILE(
cdd66111 2898 [ #include <sys/time.h> ],
2899 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2900 [ ac_cv_have_struct_timeval="yes" ],
2901 [ ac_cv_have_struct_timeval="no" ]
2902 )
2903])
2904if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2c06c99b 2905 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2906 have_struct_timeval=1
2907fi
2908
6a9b3198 2909AC_CHECK_TYPES(struct timespec)
2910
2911# We need int64_t or else certian parts of the compile will fail.
dec6d9fe 2912if test "x$ac_cv_have_int64_t" = "xno" && \
2913 test "x$ac_cv_sizeof_long_int" != "x8" && \
2914 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
6a9b3198 2915 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2916 echo "an alternative compiler (I.E., GCC) before continuing."
2917 echo ""
2918 exit 1;
3c0ef626 2919else
2920dnl test snprintf (broken on SCO w/gcc)
996d5e62 2921 AC_RUN_IFELSE(
2922 [AC_LANG_SOURCE([[
3c0ef626 2923#include <stdio.h>
2924#include <string.h>
2925#ifdef HAVE_SNPRINTF
2926main()
2927{
2928 char buf[50];
2929 char expected_out[50];
2930 int mazsize = 50 ;
2931#if (SIZEOF_LONG_INT == 8)
2932 long int num = 0x7fffffffffffffff;
2933#else
2934 long long num = 0x7fffffffffffffffll;
2935#endif
2936 strcpy(expected_out, "9223372036854775807");
2937 snprintf(buf, mazsize, "%lld", num);
2938 if(strcmp(buf, expected_out) != 0)
cdd66111 2939 exit(1);
3c0ef626 2940 exit(0);
2941}
2942#else
2943main() { exit(0); }
2944#endif
996d5e62 2945 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2946 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2947 )
2948fi
3c0ef626 2949
2950dnl Checks for structure members
2951OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2952OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2953OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2954OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2955OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2956OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2957OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2958OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2959OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2960OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2961OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2962OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2963OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2964OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2965OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2966OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2967OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2968
2969AC_CHECK_MEMBERS([struct stat.st_blksize])
2c06c99b 2970AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2971 [Define if we don't have struct __res_state in resolv.h])],
2972[
2973#include <stdio.h>
2974#if HAVE_SYS_TYPES_H
2975# include <sys/types.h>
2976#endif
2977#include <netinet/in.h>
2978#include <arpa/nameser.h>
2979#include <resolv.h>
2980])
3c0ef626 2981
2982AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2983 ac_cv_have_ss_family_in_struct_ss, [
2984 AC_TRY_COMPILE(
2985 [
2986#include <sys/types.h>
2987#include <sys/socket.h>
2988 ],
2989 [ struct sockaddr_storage s; s.ss_family = 1; ],
2990 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2991 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2992 )
2993])
2994if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2995 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2996fi
2997
2998AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2999 ac_cv_have___ss_family_in_struct_ss, [
3000 AC_TRY_COMPILE(
3001 [
3002#include <sys/types.h>
3003#include <sys/socket.h>
3004 ],
3005 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3006 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3007 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3008 )
3009])
3010if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 3011 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3012 [Fields in struct sockaddr_storage])
3c0ef626 3013fi
3014
3015AC_CACHE_CHECK([for pw_class field in struct passwd],
3016 ac_cv_have_pw_class_in_struct_passwd, [
3017 AC_TRY_COMPILE(
3018 [
3019#include <pwd.h>
3020 ],
3021 [ struct passwd p; p.pw_class = 0; ],
3022 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3023 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3024 )
3025])
3026if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2c06c99b 3027 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3028 [Define if your password has a pw_class field])
3c0ef626 3029fi
3030
3031AC_CACHE_CHECK([for pw_expire field in struct passwd],
3032 ac_cv_have_pw_expire_in_struct_passwd, [
3033 AC_TRY_COMPILE(
3034 [
3035#include <pwd.h>
3036 ],
3037 [ struct passwd p; p.pw_expire = 0; ],
3038 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3039 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3040 )
3041])
3042if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2c06c99b 3043 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3044 [Define if your password has a pw_expire field])
3c0ef626 3045fi
3046
3047AC_CACHE_CHECK([for pw_change field in struct passwd],
3048 ac_cv_have_pw_change_in_struct_passwd, [
3049 AC_TRY_COMPILE(
3050 [
3051#include <pwd.h>
3052 ],
3053 [ struct passwd p; p.pw_change = 0; ],
3054 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3055 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3056 )
3057])
3058if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2c06c99b 3059 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3060 [Define if your password has a pw_change field])
3c0ef626 3061fi
3062
fba3c309 3063dnl make sure we're using the real structure members and not defines
700318f3 3064AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3065 ac_cv_have_accrights_in_msghdr, [
996d5e62 3066 AC_COMPILE_IFELSE(
700318f3 3067 [
3068#include <sys/types.h>
3069#include <sys/socket.h>
3070#include <sys/uio.h>
fba3c309 3071int main() {
3072#ifdef msg_accrights
996d5e62 3073#error "msg_accrights is a macro"
fba3c309 3074exit(1);
3075#endif
3076struct msghdr m;
3077m.msg_accrights = 0;
3078exit(0);
3079}
700318f3 3080 ],
700318f3 3081 [ ac_cv_have_accrights_in_msghdr="yes" ],
3082 [ ac_cv_have_accrights_in_msghdr="no" ]
3083 )
3084])
3085if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2c06c99b 3086 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3087 [Define if your system uses access rights style
3088 file descriptor passing])
700318f3 3089fi
3090
3d738e65 3091AC_MSG_CHECKING(if struct statvfs.f_fsid is integral type)
22616013 3092AC_TRY_COMPILE([
3093#include <sys/types.h>
3d738e65 3094#include <sys/stat.h>
3095#ifdef HAVE_SYS_TIME_H
3096# include <sys/time.h>
3097#endif
3098#ifdef HAVE_SYS_MOUNT_H
3099#include <sys/mount.h>
3100#endif
3101#ifdef HAVE_SYS_STATVFS_H
3102#include <sys/statvfs.h>
3103#endif
3104], [struct statvfs s; s.f_fsid = 0;],
3105[ AC_MSG_RESULT(yes) ],
3106[ AC_MSG_RESULT(no)
3107
3108 AC_MSG_CHECKING(if fsid_t has member val)
3109 AC_TRY_COMPILE([
3110#include <sys/types.h>
22616013 3111#include <sys/statvfs.h>],
3d738e65 3112 [fsid_t t; t.val[0] = 0;],
22616013 3113 [ AC_MSG_RESULT(yes)
3d738e65 3114 AC_DEFINE(FSID_HAS_VAL, 1, fsid_t has member val) ],
3115 [ AC_MSG_RESULT(no) ])
3116
3117 AC_MSG_CHECKING(if f_fsid has member __val)
3118 AC_TRY_COMPILE([
3119#include <sys/types.h>
3120#include <sys/statvfs.h>],
3121 [fsid_t t; t.__val[0] = 0;],
3122 [ AC_MSG_RESULT(yes)
3123 AC_DEFINE(FSID_HAS___VAL, 1, fsid_t has member __val) ],
3124 [ AC_MSG_RESULT(no) ])
3125])
22616013 3126
700318f3 3127AC_CACHE_CHECK([for msg_control field in struct msghdr],
3128 ac_cv_have_control_in_msghdr, [
996d5e62 3129 AC_COMPILE_IFELSE(
700318f3 3130 [
3131#include <sys/types.h>
3132#include <sys/socket.h>
3133#include <sys/uio.h>
fba3c309 3134int main() {
3135#ifdef msg_control
996d5e62 3136#error "msg_control is a macro"
fba3c309 3137exit(1);
3138#endif
3139struct msghdr m;
3140m.msg_control = 0;
3141exit(0);
3142}
700318f3 3143 ],
700318f3 3144 [ ac_cv_have_control_in_msghdr="yes" ],
3145 [ ac_cv_have_control_in_msghdr="no" ]
3146 )
3147])
3148if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2c06c99b 3149 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3150 [Define if your system uses ancillary data style
3151 file descriptor passing])
700318f3 3152fi
3153
3c0ef626 3154AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
cdd66111 3155 AC_TRY_LINK([],
3156 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3157 [ ac_cv_libc_defines___progname="yes" ],
3158 [ ac_cv_libc_defines___progname="no" ]
3159 )
3160])
3161if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2c06c99b 3162 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3163fi
3164
700318f3 3165AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3166 AC_TRY_LINK([
3167#include <stdio.h>
cdd66111 3168],
3169 [ printf("%s", __FUNCTION__); ],
700318f3 3170 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3171 [ ac_cv_cc_implements___FUNCTION__="no" ]
3172 )
3173])
3174if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2c06c99b 3175 AC_DEFINE(HAVE___FUNCTION__, 1,
3176 [Define if compiler implements __FUNCTION__])
700318f3 3177fi
3178
3179AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3180 AC_TRY_LINK([
3181#include <stdio.h>
cdd66111 3182],
3183 [ printf("%s", __func__); ],
700318f3 3184 [ ac_cv_cc_implements___func__="yes" ],
3185 [ ac_cv_cc_implements___func__="no" ]
3186 )
3187])
3188if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2c06c99b 3189 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3190fi
3191
3192AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3193 AC_TRY_LINK(
3194 [#include <stdarg.h>
3195 va_list x,y;],
3196 [va_copy(x,y);],
3197 [ ac_cv_have_va_copy="yes" ],
3198 [ ac_cv_have_va_copy="no" ]
3199 )
3200])
3201if test "x$ac_cv_have_va_copy" = "xyes" ; then
3202 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3203fi
3204
3205AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3206 AC_TRY_LINK(
3207 [#include <stdarg.h>
3208 va_list x,y;],
3209 [__va_copy(x,y);],
3210 [ ac_cv_have___va_copy="yes" ],
3211 [ ac_cv_have___va_copy="no" ]
3212 )
3213])
3214if test "x$ac_cv_have___va_copy" = "xyes" ; then
3215 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
700318f3 3216fi
3217
3c0ef626 3218AC_CACHE_CHECK([whether getopt has optreset support],
3219 ac_cv_have_getopt_optreset, [
3220 AC_TRY_LINK(
3221 [
3222#include <getopt.h>
3223 ],
3224 [ extern int optreset; optreset = 0; ],
3225 [ ac_cv_have_getopt_optreset="yes" ],
3226 [ ac_cv_have_getopt_optreset="no" ]
3227 )
3228])
3229if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2c06c99b 3230 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3231 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3232fi
3233
3234AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
cdd66111 3235 AC_TRY_LINK([],
3236 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3237 [ ac_cv_libc_defines_sys_errlist="yes" ],
3238 [ ac_cv_libc_defines_sys_errlist="no" ]
3239 )
3240])
3241if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2c06c99b 3242 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3243 [Define if your system defines sys_errlist[]])
3c0ef626 3244fi
3245
3246
3247AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
cdd66111 3248 AC_TRY_LINK([],
3249 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3250 [ ac_cv_libc_defines_sys_nerr="yes" ],
3251 [ ac_cv_libc_defines_sys_nerr="no" ]
3252 )
3253])
3254if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2c06c99b 3255 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3256fi
3257
cdd66111 3258SCARD_MSG="no"
700318f3 3259# Check whether user wants sectok support
3260AC_ARG_WITH(sectok,
3261 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3262 [
3263 if test "x$withval" != "xno" ; then
3264 if test "x$withval" != "xyes" ; then
3265 CPPFLAGS="$CPPFLAGS -I${withval}"
3266 LDFLAGS="$LDFLAGS -L${withval}"
3267 if test ! -z "$need_dash_r" ; then
3268 LDFLAGS="$LDFLAGS -R${withval}"
3269 fi
3270 if test ! -z "$blibpath" ; then
3271 blibpath="$blibpath:${withval}"
3272 fi
3273 fi
3274 AC_CHECK_HEADERS(sectok.h)
3275 if test "$ac_cv_header_sectok_h" != yes; then
3276 AC_MSG_ERROR(Can't find sectok.h)
3277 fi
3278 AC_CHECK_LIB(sectok, sectok_open)
3279 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3280 AC_MSG_ERROR(Can't find libsectok)
3281 fi
2c06c99b 3282 AC_DEFINE(SMARTCARD, 1,
3283 [Define if you want smartcard support])
3284 AC_DEFINE(USE_SECTOK, 1,
3285 [Define if you want smartcard support
3286 using sectok])
cdd66111 3287 SCARD_MSG="yes, using sectok"
3c0ef626 3288 fi
3289 ]
3290)
3291
700318f3 3292# Check whether user wants OpenSC support
dec6d9fe 3293OPENSC_CONFIG="no"
700318f3 3294AC_ARG_WITH(opensc,
2c06c99b 3295 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
dec6d9fe 3296 [
3297 if test "x$withval" != "xno" ; then
3298 if test "x$withval" != "xyes" ; then
3299 OPENSC_CONFIG=$withval/bin/opensc-config
3300 else
3301 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3302 fi
3303 if test "$OPENSC_CONFIG" != "no"; then
3304 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3305 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3306 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
9108f8d9 3307 LIBS="$LIBS $LIBOPENSC_LIBS"
dec6d9fe 3308 AC_DEFINE(SMARTCARD)
2c06c99b 3309 AC_DEFINE(USE_OPENSC, 1,
3310 [Define if you want smartcard support
3311 using OpenSC])
dec6d9fe 3312 SCARD_MSG="yes, using OpenSC"
3313 fi
3314 fi
3315 ]
3316)
700318f3 3317
cdd66111 3318# Check libraries needed by DNS fingerprint support
3319AC_SEARCH_LIBS(getrrsetbyname, resolv,
2c06c99b 3320 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3321 [Define if getrrsetbyname() exists])],
0fff78ff 3322 [
cdd66111 3323 # Needed by our getrrsetbyname()
3324 AC_SEARCH_LIBS(res_query, resolv)
3325 AC_SEARCH_LIBS(dn_expand, resolv)
c9f39d2c 3326 AC_MSG_CHECKING(if res_query will link)
3d738e65 3327 AC_LINK_IFELSE([
3328#include "confdefs.h"
3329#include <sys/types.h>
3330#include <netinet/in.h>
3331#include <arpa/nameser.h>
3332#include <netdb.h>
3333#include <resolv.h>
3334int main()
3335{
3336 res_query (0, 0, 0, 0, 0);
3337 return 0;
3338}
3339 ],
3340 AC_MSG_RESULT(yes),
c9f39d2c 3341 [AC_MSG_RESULT(no)
3342 saved_LIBS="$LIBS"
3343 LIBS="$LIBS -lresolv"
3344 AC_MSG_CHECKING(for res_query in -lresolv)
3345 AC_LINK_IFELSE([
3d738e65 3346#include "confdefs.h"
3347#include <sys/types.h>
3348#include <netinet/in.h>
3349#include <arpa/nameser.h>
3350#include <netdb.h>
c9f39d2c 3351#include <resolv.h>
3352int main()
3353{
3354 res_query (0, 0, 0, 0, 0);
3355 return 0;
3356}
3357 ],
3d738e65 3358 [AC_MSG_RESULT(yes)],
c9f39d2c 3359 [LIBS="$saved_LIBS"
3360 AC_MSG_RESULT(no)])
3361 ])
cdd66111 3362 AC_CHECK_FUNCS(_getshort _getlong)
665a873d 3363 AC_CHECK_DECLS([_getshort, _getlong], , ,
3364 [#include <sys/types.h>
3365 #include <arpa/nameser.h>])
cdd66111 3366 AC_CHECK_MEMBER(HEADER.ad,
2c06c99b 3367 [AC_DEFINE(HAVE_HEADER_AD, 1,
3368 [Define if HEADER.ad exists in arpa/nameser.h])],,
cdd66111 3369 [#include <arpa/nameser.h>])
3370 ])
0fff78ff 3371
d4487008 3372AC_MSG_CHECKING(if struct __res_state _res is an extern)
3373AC_LINK_IFELSE([
3374#include <stdio.h>
3375#if HAVE_SYS_TYPES_H
3376# include <sys/types.h>
3377#endif
3378#include <netinet/in.h>
3379#include <arpa/nameser.h>
3380#include <resolv.h>
3381extern struct __res_state _res;
3382int main() { return 0; }
3383 ],
3384 [AC_MSG_RESULT(yes)
3385 AC_DEFINE(HAVE__RES_EXTERN, 1,
3386 [Define if you have struct __res_state _res as an extern])
3387 ],
3388 [ AC_MSG_RESULT(no) ]
3389)
3390
9108f8d9 3391# Check whether user wants SELinux support
3392SELINUX_MSG="no"
3393LIBSELINUX=""
3394AC_ARG_WITH(selinux,
47686178 3395 [ --with-selinux Enable SELinux support],
9108f8d9 3396 [ if test "x$withval" != "xno" ; then
d4487008 3397 save_LIBS="$LIBS"
9108f8d9 3398 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3399 SELINUX_MSG="yes"
3400 AC_CHECK_HEADER([selinux/selinux.h], ,
3401 AC_MSG_ERROR(SELinux support requires selinux.h header))
3402 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3403 AC_MSG_ERROR(SELinux support requires libselinux library))
d4487008 3404 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
9108f8d9 3405 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
ff7ec503 3406 LIBS="$save_LIBS"
9108f8d9 3407 fi ]
3408)
9108f8d9 3409
700318f3 3410# Check whether user wants Kerberos 5 support
cdd66111 3411KRB5_MSG="no"
700318f3 3412AC_ARG_WITH(kerberos5,
cdd66111 3413 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3414 [ if test "x$withval" != "xno" ; then
3415 if test "x$withval" = "xyes" ; then
3416 KRB5ROOT="/usr/local"
3417 else
3418 KRB5ROOT=${withval}
3419 fi
3420
2c06c99b 3421 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
cdd66111 3422 KRB5_MSG="yes"
3423
3d738e65 3424 AC_PATH_PROG([KRB5CONF],[krb5-config],
3425 [$KRB5ROOT/bin/krb5-config],
3426 [$KRB5ROOT/bin:$PATH])
3427 if test -x $KRB5CONF ; then
cdd66111 3428
3429 AC_MSG_CHECKING(for gssapi support)
3430 if $KRB5CONF | grep gssapi >/dev/null ; then
3431 AC_MSG_RESULT(yes)
2c06c99b 3432 AC_DEFINE(GSSAPI, 1,
3433 [Define this if you want GSSAPI
3434 support in the version 2 protocol])
cdd66111 3435 k5confopts=gssapi
3436 else
3437 AC_MSG_RESULT(no)
3438 k5confopts=""
3439 fi
3440 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3441 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3442 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3443 AC_MSG_CHECKING(whether we are using Heimdal)
3444 AC_TRY_COMPILE([ #include <krb5.h> ],
3445 [ char *tmp = heimdal_version; ],
3446 [ AC_MSG_RESULT(yes)
2c06c99b 3447 AC_DEFINE(HEIMDAL, 1,
3448 [Define this if you are using the
3449 Heimdal version of Kerberos V5]) ],
cdd66111 3450 AC_MSG_RESULT(no)
3451 )
3452 else
700318f3 3453 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
cdd66111 3454 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3455 AC_MSG_CHECKING(whether we are using Heimdal)
3456 AC_TRY_COMPILE([ #include <krb5.h> ],
3457 [ char *tmp = heimdal_version; ],
3458 [ AC_MSG_RESULT(yes)
3459 AC_DEFINE(HEIMDAL)
c9f39d2c 3460 K5LIBS="-lkrb5 -ldes"
3461 K5LIBS="$K5LIBS -lcom_err -lasn1"
dec6d9fe 3462 AC_CHECK_LIB(roken, net_write,
c9f39d2c 3463 [K5LIBS="$K5LIBS -lroken"])
cdd66111 3464 ],
3465 [ AC_MSG_RESULT(no)
3466 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3467 ]
3468 )
0fff78ff 3469 AC_SEARCH_LIBS(dn_expand, resolv)
3470
22616013 3471 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
0fff78ff 3472 [ AC_DEFINE(GSSAPI)
22616013 3473 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3474 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
0fff78ff 3475 [ AC_DEFINE(GSSAPI)
22616013 3476 K5LIBS="-lgssapi $K5LIBS" ],
0fff78ff 3477 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3478 $K5LIBS)
3479 ],
3480 $K5LIBS)
dec6d9fe 3481
0fff78ff 3482 AC_CHECK_HEADER(gssapi.h, ,
3483 [ unset ac_cv_header_gssapi_h
cdd66111 3484 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
0fff78ff 3485 AC_CHECK_HEADERS(gssapi.h, ,
3486 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
cdd66111 3487 )
0fff78ff 3488 ]
3489 )
3490
3491 oldCPP="$CPPFLAGS"
3492 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3493 AC_CHECK_HEADER(gssapi_krb5.h, ,
3494 [ CPPFLAGS="$oldCPP" ])
700318f3 3495
cdd66111 3496 fi
3497 if test ! -z "$need_dash_r" ; then
3498 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3499 fi
3500 if test ! -z "$blibpath" ; then
3501 blibpath="$blibpath:${KRB5ROOT}/lib"
3502 fi
cdd66111 3503
2c06c99b 3504 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3505 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3506 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
cdd66111 3507
2c06c99b 3508 LIBS="$LIBS $K5LIBS"
3509 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3510 [Define this if you want to use libkafs' AFS support]))
3511 fi
cdd66111 3512 ]
700318f3 3513)
3c0ef626 3514
3515# Looking for programs, paths and files
3c0ef626 3516
700318f3 3517PRIVSEP_PATH=/var/empty
3518AC_ARG_WITH(privsep-path,
41b2f314 3519 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
700318f3 3520 [
dec6d9fe 3521 if test -n "$withval" && test "x$withval" != "xno" && \
3522 test "x${withval}" != "xyes"; then
700318f3 3523 PRIVSEP_PATH=$withval
3524 fi
3525 ]
3526)
3527AC_SUBST(PRIVSEP_PATH)
3528
3c0ef626 3529AC_ARG_WITH(xauth,
3530 [ --with-xauth=PATH Specify path to xauth program ],
3531 [
dec6d9fe 3532 if test -n "$withval" && test "x$withval" != "xno" && \
3533 test "x${withval}" != "xyes"; then
3c0ef626 3534 xauth_path=$withval
3535 fi
3536 ],
3537 [
41b2f314 3538 TestPath="$PATH"
3539 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3540 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3541 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3542 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3543 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3544 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3545 xauth_path="/usr/openwin/bin/xauth"
3546 fi
3547 ]
3548)
3549
6a9b3198 3550STRIP_OPT=-s
3551AC_ARG_ENABLE(strip,
3552 [ --disable-strip Disable calling strip(1) on install],
3553 [
3554 if test "x$enableval" = "xno" ; then
3555 STRIP_OPT=
3556 fi
3557 ]
3558)
3559AC_SUBST(STRIP_OPT)
3560
3c0ef626 3561if test -z "$xauth_path" ; then
3562 XAUTH_PATH="undefined"
3563 AC_SUBST(XAUTH_PATH)
3564else
2c06c99b 3565 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3566 [Define if xauth is found in your path])
3c0ef626 3567 XAUTH_PATH=$xauth_path
3568 AC_SUBST(XAUTH_PATH)
3569fi
3c0ef626 3570
3571# Check for mail directory (last resort if we cannot get it from headers)
3572if test ! -z "$MAIL" ; then
3573 maildir=`dirname $MAIL`
2c06c99b 3574 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3575 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3576fi
3577
996d5e62 3578if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3579 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3580 disable_ptmx_check=yes
3581fi
3c0ef626 3582if test -z "$no_dev_ptmx" ; then
700318f3 3583 if test "x$disable_ptmx_check" != "xyes" ; then
cdd66111 3584 AC_CHECK_FILE("/dev/ptmx",
700318f3 3585 [
2c06c99b 3586 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3587 [Define if you have /dev/ptmx])
700318f3 3588 have_dev_ptmx=1
3589 ]
3590 )
3591 fi
3c0ef626 3592fi
996d5e62 3593
3594if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3595 AC_CHECK_FILE("/dev/ptc",
3596 [
2c06c99b 3597 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3598 [Define if you have /dev/ptc])
996d5e62 3599 have_dev_ptc=1
3600 ]
3601 )
3602else
3603 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3604fi
3c0ef626 3605
3606# Options from here on. Some of these are preset by platform above
3c0ef626 3607AC_ARG_WITH(mantype,
3608 [ --with-mantype=man|cat|doc Set man page type],
3609 [
3610 case "$withval" in
3611 man|cat|doc)
3612 MANTYPE=$withval
3613 ;;
3614 *)
3615 AC_MSG_ERROR(invalid man type: $withval)
3616 ;;
3617 esac
3618 ]
3619)
3620if test -z "$MANTYPE"; then
41b2f314 3621 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3622 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3623 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3624 MANTYPE=doc
3625 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3626 MANTYPE=man
3627 else
3628 MANTYPE=cat
3629 fi
3630fi
3631AC_SUBST(MANTYPE)
3632if test "$MANTYPE" = "doc"; then
3633 mansubdir=man;
3634else
3635 mansubdir=$MANTYPE;
3636fi
3637AC_SUBST(mansubdir)
3638
3639# Check whether to enable MD5 passwords
cdd66111 3640MD5_MSG="no"
3c0ef626 3641AC_ARG_WITH(md5-passwords,
3642 [ --with-md5-passwords Enable use of MD5 passwords],
3643 [
3644 if test "x$withval" != "xno" ; then
2c06c99b 3645 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3646 [Define if you want to allow MD5 passwords])
cdd66111 3647 MD5_MSG="yes"
3c0ef626 3648 fi
3649 ]
3650)
3651
3652# Whether to disable shadow password support
3653AC_ARG_WITH(shadow,
3654 [ --without-shadow Disable shadow password support],
3655 [
dec6d9fe 3656 if test "x$withval" = "xno" ; then
3c0ef626 3657 AC_DEFINE(DISABLE_SHADOW)
3658 disable_shadow=yes
3659 fi
3660 ]
3661)
3662
3663if test -z "$disable_shadow" ; then
3664 AC_MSG_CHECKING([if the systems has expire shadow information])
3665 AC_TRY_COMPILE(
3666 [
3667#include <sys/types.h>
3668#include <shadow.h>
3669 struct spwd sp;
3670 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3671 [ sp_expire_available=yes ], []
3672 )
3673
3674 if test "x$sp_expire_available" = "xyes" ; then
3675 AC_MSG_RESULT(yes)
2c06c99b 3676 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3677 [Define if you want to use shadow password expire field])
3c0ef626 3678 else
3679 AC_MSG_RESULT(no)
3680 fi
3681fi
3682
3683# Use ip address instead of hostname in $DISPLAY
3684if test ! -z "$IPADDR_IN_DISPLAY" ; then
3685 DISPLAY_HACK_MSG="yes"
2c06c99b 3686 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3687 [Define if you need to use IP address
3688 instead of hostname in $DISPLAY])
3c0ef626 3689else
cdd66111 3690 DISPLAY_HACK_MSG="no"
3c0ef626 3691 AC_ARG_WITH(ipaddr-display,
3692 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3693 [
dec6d9fe 3694 if test "x$withval" != "xno" ; then
3c0ef626 3695 AC_DEFINE(IPADDR_IN_DISPLAY)
cdd66111 3696 DISPLAY_HACK_MSG="yes"
3c0ef626 3697 fi
3698 ]
3699 )
3700fi
3701
0fff78ff 3702# check for /etc/default/login and use it if present.
acc3d05e 3703AC_ARG_ENABLE(etc-default-login,
996d5e62 3704 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3705 [ if test "x$enableval" = "xno"; then
3706 AC_MSG_NOTICE([/etc/default/login handling disabled])
3707 etc_default_login=no
3708 else
3709 etc_default_login=yes
3710 fi ],
2c06c99b 3711 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3712 then
3713 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3714 etc_default_login=no
3715 else
3716 etc_default_login=yes
3717 fi ]
996d5e62 3718)
0fff78ff 3719
996d5e62 3720if test "x$etc_default_login" != "xno"; then
3721 AC_CHECK_FILE("/etc/default/login",
3722 [ external_path_file=/etc/default/login ])
2c06c99b 3723 if test "x$external_path_file" = "x/etc/default/login"; then
3724 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3725 [Define if your system has /etc/default/login])
996d5e62 3726 fi
0fff78ff 3727fi
3728
700318f3 3729dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
dec6d9fe 3730if test $ac_cv_func_login_getcapbool = "yes" && \
3731 test $ac_cv_header_login_cap_h = "yes" ; then
0fff78ff 3732 external_path_file=/etc/login.conf
700318f3 3733fi
0fff78ff 3734
3c0ef626 3735# Whether to mess with the default path
cdd66111 3736SERVER_PATH_MSG="(default)"
3c0ef626 3737AC_ARG_WITH(default-path,
700318f3 3738 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3739 [
0fff78ff 3740 if test "x$external_path_file" = "x/etc/login.conf" ; then
700318f3 3741 AC_MSG_WARN([
3742--with-default-path=PATH has no effect on this system.
3743Edit /etc/login.conf instead.])
dec6d9fe 3744 elif test "x$withval" != "xno" ; then
0fff78ff 3745 if test ! -z "$external_path_file" ; then
3746 AC_MSG_WARN([
3747--with-default-path=PATH will only be used if PATH is not defined in
3748$external_path_file .])
3749 fi
3c0ef626 3750 user_path="$withval"
cdd66111 3751 SERVER_PATH_MSG="$withval"
3c0ef626 3752 fi
3753 ],
0fff78ff 3754 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3755 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
700318f3 3756 else
0fff78ff 3757 if test ! -z "$external_path_file" ; then
3758 AC_MSG_WARN([
3759If PATH is defined in $external_path_file, ensure the path to scp is included,
3760otherwise scp will not work.])
3761 fi
2c06c99b 3762 AC_RUN_IFELSE(
3763 [AC_LANG_SOURCE([[
3c0ef626 3764/* find out what STDPATH is */
3765#include <stdio.h>
3766#ifdef HAVE_PATHS_H
3767# include <paths.h>
3768#endif
3769#ifndef _PATH_STDPATH
6a9b3198 3770# ifdef _PATH_USERPATH /* Irix */
3771# define _PATH_STDPATH _PATH_USERPATH
3772# else
3773# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3774# endif
3c0ef626 3775#endif
3776#include <sys/types.h>
3777#include <sys/stat.h>
3778#include <fcntl.h>
3779#define DATA "conftest.stdpath"
3780
3781main()
3782{
3783 FILE *fd;
3784 int rc;
dec6d9fe 3785
3c0ef626 3786 fd = fopen(DATA,"w");
3787 if(fd == NULL)
3788 exit(1);
dec6d9fe 3789
3c0ef626 3790 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3791 exit(1);
3792
3793 exit(0);
3794}
2c06c99b 3795 ]])],
3796 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3797 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3798 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3799 )
3800# make sure $bindir is in USER_PATH so scp will work
3801 t_bindir=`eval echo ${bindir}`
3802 case $t_bindir in
3803 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3804 esac
3805 case $t_bindir in
3806 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3807 esac
3808 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3809 if test $? -ne 0 ; then
3810 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3811 if test $? -ne 0 ; then
3812 user_path=$user_path:$t_bindir
3813 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3814 fi
3815 fi
700318f3 3816 fi ]
3817)
0fff78ff 3818if test "x$external_path_file" != "x/etc/login.conf" ; then
2c06c99b 3819 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
700318f3 3820 AC_SUBST(user_path)
3821fi
3822
3823# Set superuser path separately to user path
700318f3 3824AC_ARG_WITH(superuser-path,
3825 [ --with-superuser-path= Specify different path for super-user],
3826 [
dec6d9fe 3827 if test -n "$withval" && test "x$withval" != "xno" && \
3828 test "x${withval}" != "xyes"; then
2c06c99b 3829 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3830 [Define if you want a different $PATH
3831 for the superuser])
700318f3 3832 superuser_path=$withval
3833 fi
3c0ef626 3834 ]
3835)
700318f3 3836
3c0ef626 3837
3c0ef626 3838AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
cdd66111 3839IPV4_IN6_HACK_MSG="no"
3c0ef626 3840AC_ARG_WITH(4in6,
3841 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3842 [
3843 if test "x$withval" != "xno" ; then
3844 AC_MSG_RESULT(yes)
2c06c99b 3845 AC_DEFINE(IPV4_IN_IPV6, 1,
3846 [Detect IPv4 in IPv6 mapped addresses
3847 and treat as IPv4])
cdd66111 3848 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3849 else
3850 AC_MSG_RESULT(no)
3851 fi
3852 ],[
3853 if test "x$inet6_default_4in6" = "xyes"; then
3854 AC_MSG_RESULT([yes (default)])
3855 AC_DEFINE(IPV4_IN_IPV6)
cdd66111 3856 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3857 else
3858 AC_MSG_RESULT([no (default)])
3859 fi
3860 ]
3861)
3862
3863# Whether to enable BSD auth support
e9a17296 3864BSD_AUTH_MSG=no
3c0ef626 3865AC_ARG_WITH(bsd-auth,
3866 [ --with-bsd-auth Enable BSD auth support],
3867 [
dec6d9fe 3868 if test "x$withval" != "xno" ; then
2c06c99b 3869 AC_DEFINE(BSD_AUTH, 1,
3870 [Define if you have BSD auth support])
e9a17296 3871 BSD_AUTH_MSG=yes
3c0ef626 3872 fi
3873 ]
3874)
3875
3c0ef626 3876# Where to place sshd.pid
3877piddir=/var/run
700318f3 3878# make sure the directory exists
dec6d9fe 3879if test ! -d $piddir ; then
700318f3 3880 piddir=`eval echo ${sysconfdir}`
3881 case $piddir in
cdd66111 3882 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
700318f3 3883 esac
3884fi
3885
3c0ef626 3886AC_ARG_WITH(pid-dir,
3887 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3888 [
dec6d9fe 3889 if test -n "$withval" && test "x$withval" != "xno" && \
3890 test "x${withval}" != "xyes"; then
3c0ef626 3891 piddir=$withval
dec6d9fe 3892 if test ! -d $piddir ; then
700318f3 3893 AC_MSG_WARN([** no $piddir directory on this system **])
3894 fi
3c0ef626 3895 fi
3896 ]
3897)
3898
2c06c99b 3899AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3900AC_SUBST(piddir)
3901
3902dnl allow user to disable some login recording features
3903AC_ARG_ENABLE(lastlog,
3904 [ --disable-lastlog disable use of lastlog even if detected [no]],
0fff78ff 3905 [
3906 if test "x$enableval" = "xno" ; then
3907 AC_DEFINE(DISABLE_LASTLOG)
3908 fi
3909 ]
3c0ef626 3910)
3911AC_ARG_ENABLE(utmp,
3912 [ --disable-utmp disable use of utmp even if detected [no]],
0fff78ff 3913 [
3914 if test "x$enableval" = "xno" ; then
3915 AC_DEFINE(DISABLE_UTMP)
3916 fi
3917 ]
3c0ef626 3918)
3919AC_ARG_ENABLE(utmpx,
3920 [ --disable-utmpx disable use of utmpx even if detected [no]],
0fff78ff 3921 [
3922 if test "x$enableval" = "xno" ; then
2c06c99b 3923 AC_DEFINE(DISABLE_UTMPX, 1,
3924 [Define if you don't want to use utmpx])
0fff78ff 3925 fi
3926 ]
3c0ef626 3927)
3928AC_ARG_ENABLE(wtmp,
3929 [ --disable-wtmp disable use of wtmp even if detected [no]],
0fff78ff 3930 [
3931 if test "x$enableval" = "xno" ; then
3932 AC_DEFINE(DISABLE_WTMP)
3933 fi
3934 ]
3c0ef626 3935)
3936AC_ARG_ENABLE(wtmpx,
3937 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
0fff78ff 3938 [
3939 if test "x$enableval" = "xno" ; then
2c06c99b 3940 AC_DEFINE(DISABLE_WTMPX, 1,
3941 [Define if you don't want to use wtmpx])
0fff78ff 3942 fi
3943 ]
3c0ef626 3944)
3945AC_ARG_ENABLE(libutil,
3946 [ --disable-libutil disable use of libutil (login() etc.) [no]],
0fff78ff 3947 [
3948 if test "x$enableval" = "xno" ; then
3949 AC_DEFINE(DISABLE_LOGIN)
3950 fi
3951 ]
3c0ef626 3952)
3953AC_ARG_ENABLE(pututline,
3954 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
0fff78ff 3955 [
3956 if test "x$enableval" = "xno" ; then
2c06c99b 3957 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3958 [Define if you don't want to use pututline()
3959 etc. to write [uw]tmp])
0fff78ff 3960 fi
3961 ]
3c0ef626 3962)
3963AC_ARG_ENABLE(pututxline,
3964 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
0fff78ff 3965 [
3966 if test "x$enableval" = "xno" ; then
2c06c99b 3967 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3968 [Define if you don't want to use pututxline()
3969 etc. to write [uw]tmpx])
0fff78ff 3970 fi
3971 ]
3c0ef626 3972)
3973AC_ARG_WITH(lastlog,
3974 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3975 [
dec6d9fe 3976 if test "x$withval" = "xno" ; then
3c0ef626 3977 AC_DEFINE(DISABLE_LASTLOG)
dec6d9fe 3978 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3979 conf_lastlog_location=$withval
3980 fi
3981 ]
3982)
3983
3984dnl lastlog, [uw]tmpx? detection
3985dnl NOTE: set the paths in the platform section to avoid the
3986dnl need for command-line parameters
3987dnl lastlog and [uw]tmp are subject to a file search if all else fails
3988
3989dnl lastlog detection
3990dnl NOTE: the code itself will detect if lastlog is a directory
3991AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3992AC_TRY_COMPILE([
3993#include <sys/types.h>
3994#include <utmp.h>
3995#ifdef HAVE_LASTLOG_H
3996# include <lastlog.h>
3997#endif
3998#ifdef HAVE_PATHS_H
3999# include <paths.h>
4000#endif
4001#ifdef HAVE_LOGIN_H
4002# include <login.h>
4003#endif
4004 ],
4005 [ char *lastlog = LASTLOG_FILE; ],
4006 [ AC_MSG_RESULT(yes) ],
4007 [
4008 AC_MSG_RESULT(no)
4009 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4010 AC_TRY_COMPILE([
4011#include <sys/types.h>
4012#include <utmp.h>
4013#ifdef HAVE_LASTLOG_H
4014# include <lastlog.h>
4015#endif
4016#ifdef HAVE_PATHS_H
4017# include <paths.h>
4018#endif
4019 ],
4020 [ char *lastlog = _PATH_LASTLOG; ],
4021 [ AC_MSG_RESULT(yes) ],
4022 [
4023 AC_MSG_RESULT(no)
4024 system_lastlog_path=no
4025 ])
4026 ]
4027)
4028
4029if test -z "$conf_lastlog_location"; then
4030 if test x"$system_lastlog_path" = x"no" ; then
4031 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4032 if (test -d "$f" || test -f "$f") ; then
4033 conf_lastlog_location=$f
4034 fi
4035 done
4036 if test -z "$conf_lastlog_location"; then
4037 AC_MSG_WARN([** Cannot find lastlog **])
4038 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4039 fi
4040 fi
4041fi
4042
4043if test -n "$conf_lastlog_location"; then
2c06c99b 4044 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4045 [Define if you want to specify the path to your lastlog file])
dec6d9fe 4046fi
3c0ef626 4047
4048dnl utmp detection
4049AC_MSG_CHECKING([if your system defines UTMP_FILE])
4050AC_TRY_COMPILE([
4051#include <sys/types.h>
4052#include <utmp.h>
4053#ifdef HAVE_PATHS_H
4054# include <paths.h>
4055#endif
4056 ],
4057 [ char *utmp = UTMP_FILE; ],
4058 [ AC_MSG_RESULT(yes) ],
4059 [ AC_MSG_RESULT(no)
4060 system_utmp_path=no ]
4061)
4062if test -z "$conf_utmp_location"; then
4063 if test x"$system_utmp_path" = x"no" ; then
4064 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4065 if test -f $f ; then
4066 conf_utmp_location=$f
4067 fi
4068 done
4069 if test -z "$conf_utmp_location"; then
4070 AC_DEFINE(DISABLE_UTMP)
4071 fi
4072 fi
4073fi
4074if test -n "$conf_utmp_location"; then
2c06c99b 4075 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4076 [Define if you want to specify the path to your utmp file])
dec6d9fe 4077fi
3c0ef626 4078
4079dnl wtmp detection
4080AC_MSG_CHECKING([if your system defines WTMP_FILE])
4081AC_TRY_COMPILE([
4082#include <sys/types.h>
4083#include <utmp.h>
4084#ifdef HAVE_PATHS_H
4085# include <paths.h>
4086#endif
4087 ],
4088 [ char *wtmp = WTMP_FILE; ],
4089 [ AC_MSG_RESULT(yes) ],
4090 [ AC_MSG_RESULT(no)
4091 system_wtmp_path=no ]
4092)
4093if test -z "$conf_wtmp_location"; then
4094 if test x"$system_wtmp_path" = x"no" ; then
4095 for f in /usr/adm/wtmp /var/log/wtmp; do
4096 if test -f $f ; then
4097 conf_wtmp_location=$f
4098 fi
4099 done
4100 if test -z "$conf_wtmp_location"; then
4101 AC_DEFINE(DISABLE_WTMP)
4102 fi
4103 fi
4104fi
4105if test -n "$conf_wtmp_location"; then
2c06c99b 4106 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4107 [Define if you want to specify the path to your wtmp file])
dec6d9fe 4108fi
3c0ef626 4109
4110
4111dnl utmpx detection - I don't know any system so perverse as to require
4112dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4113dnl there, though.
4114AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4115AC_TRY_COMPILE([
4116#include <sys/types.h>
4117#include <utmp.h>
4118#ifdef HAVE_UTMPX_H
4119#include <utmpx.h>
4120#endif
4121#ifdef HAVE_PATHS_H
4122# include <paths.h>
4123#endif
4124 ],
4125 [ char *utmpx = UTMPX_FILE; ],
4126 [ AC_MSG_RESULT(yes) ],
4127 [ AC_MSG_RESULT(no)
4128 system_utmpx_path=no ]
4129)
4130if test -z "$conf_utmpx_location"; then
4131 if test x"$system_utmpx_path" = x"no" ; then
4132 AC_DEFINE(DISABLE_UTMPX)
4133 fi
4134else
2c06c99b 4135 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4136 [Define if you want to specify the path to your utmpx file])
dec6d9fe 4137fi
3c0ef626 4138
4139dnl wtmpx detection
4140AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4141AC_TRY_COMPILE([
4142#include <sys/types.h>
4143#include <utmp.h>
4144#ifdef HAVE_UTMPX_H
4145#include <utmpx.h>
4146#endif
4147#ifdef HAVE_PATHS_H
4148# include <paths.h>
4149#endif
4150 ],
4151 [ char *wtmpx = WTMPX_FILE; ],
4152 [ AC_MSG_RESULT(yes) ],
4153 [ AC_MSG_RESULT(no)
4154 system_wtmpx_path=no ]
4155)
4156if test -z "$conf_wtmpx_location"; then
4157 if test x"$system_wtmpx_path" = x"no" ; then
4158 AC_DEFINE(DISABLE_WTMPX)
4159 fi
4160else
2c06c99b 4161 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4162 [Define if you want to specify the path to your wtmpx file])
dec6d9fe 4163fi
3c0ef626 4164
4165
3c0ef626 4166if test ! -z "$blibpath" ; then
7e772e1f 4167 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4168 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4169fi
4170
665a873d 4171dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4172dnl Add now.
4173CFLAGS="$CFLAGS $werror_flags"
4174
22616013 4175if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4176 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4177 AC_SUBST(TEST_SSH_IPV6, no)
4178else
4179 AC_SUBST(TEST_SSH_IPV6, yes)
4180fi
4181
e9a17296 4182AC_EXEEXT
9108f8d9 4183AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4184 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
996d5e62 4185 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4186AC_OUTPUT
4187
4188# Print summary of options
4189
3c0ef626 4190# Someone please show me a better way :)
4191A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4192B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4193C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4194D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4195E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4196F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4197G=`eval echo ${piddir}` ; G=`eval echo ${G}`
700318f3 4198H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4199I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4200J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4201
4202echo ""
4203echo "OpenSSH has been configured with the following options:"
700318f3 4204echo " User binaries: $B"
4205echo " System binaries: $C"
4206echo " Configuration files: $D"
4207echo " Askpass program: $E"
4208echo " Manual pages: $F"
4209echo " PID file: $G"
4210echo " Privilege separation chroot path: $H"
0fff78ff 4211if test "x$external_path_file" = "x/etc/login.conf" ; then
4212echo " At runtime, sshd will use the path defined in $external_path_file"
4213echo " Make sure the path to scp is present, otherwise scp will not work"
700318f3 4214else
4215echo " sshd default user PATH: $I"
0fff78ff 4216 if test ! -z "$external_path_file"; then
4217echo " (If PATH is set in $external_path_file it will be used instead. If"
4218echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4219 fi
700318f3 4220fi
4221if test ! -z "$superuser_path" ; then
4222echo " sshd superuser user PATH: $J"
4223fi
4224echo " Manpage format: $MANTYPE"
0fff78ff 4225echo " PAM support: $PAM_MSG"
9108f8d9 4226echo " OSF SIA support: $SIA_MSG"
700318f3 4227echo " KerberosV support: $KRB5_MSG"
9108f8d9 4228echo " SELinux support: $SELINUX_MSG"
700318f3 4229echo " Smartcard support: $SCARD_MSG"
700318f3 4230echo " S/KEY support: $SKEY_MSG"
4231echo " TCP Wrappers support: $TCPW_MSG"
4232echo " MD5 password support: $MD5_MSG"
996d5e62 4233echo " libedit support: $LIBEDIT_MSG"
9108f8d9 4234echo " Solaris process contract support: $SPC_MSG"
700318f3 4235echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
700318f3 4236echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4237echo " BSD Auth support: $BSD_AUTH_MSG"
4238echo " Random number source: $RAND_MSG"
e9a17296 4239if test ! -z "$USE_RAND_HELPER" ; then
700318f3 4240echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4241fi
4242
4243echo ""
4244
4245echo " Host: ${host}"
4246echo " Compiler: ${CC}"
4247echo " Compiler flags: ${CFLAGS}"
4248echo "Preprocessor flags: ${CPPFLAGS}"
4249echo " Linker flags: ${LDFLAGS}"
d4487008 4250echo " Libraries: ${LIBS}"
4251if test ! -z "${SSHDLIBS}"; then
4252echo " +for sshd: ${SSHDLIBS}"
4253fi
3c0ef626 4254
4255echo ""
4256
c9f39d2c 4257if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
996d5e62 4258 echo "SVR4 style packages are supported with \"make package\""
4259 echo ""
c9f39d2c 4260fi
4261
3c0ef626 4262if test "x$PAM_MSG" = "xyes" ; then
e9a17296 4263 echo "PAM is enabled. You may need to install a PAM control file "
4264 echo "for sshd, otherwise password authentication may fail. "
cdd66111 4265 echo "Example PAM control files can be found in the contrib/ "
e9a17296 4266 echo "subdirectory"
3c0ef626 4267 echo ""
4268fi
4269
e9a17296 4270if test ! -z "$RAND_HELPER_CMDHASH" ; then
4271 echo "WARNING: you are using the builtin random number collection "
4272 echo "service. Please read WARNING.RNG and request that your OS "
4273 echo "vendor includes kernel-based random number collection in "
4274 echo "future versions of your OS."
3c0ef626 4275 echo ""
4276fi
4277
c9f39d2c 4278if test ! -z "$NO_PEERCHECK" ; then
d4487008 4279 echo "WARNING: the operating system that you are using does not"
4280 echo "appear to support getpeereid(), getpeerucred() or the"
4281 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4282 echo "enforce security checks to prevent unauthorised connections to"
4283 echo "ssh-agent. Their absence increases the risk that a malicious"
4284 echo "user can connect to your agent."
c9f39d2c 4285 echo ""
4286fi
4287
996d5e62 4288if test "$AUDIT_MODULE" = "bsm" ; then
4289 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4290 echo "See the Solaris section in README.platform for details."
4291fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.775546 seconds and 5 git commands to generate.