]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Tweak the environment variables set by the configure script for the
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
4b6dae8f 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
7cac2b65 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
4b6dae8f 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
7e82606e 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 43AC_PATH_PROG(SH, sh)
7e82606e 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
540d72c3 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
540d72c3 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
8b32eddc 88
3c0ef626 89AC_C_INLINE
2ce0bfe4 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
540d72c3 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 96 case $GCC_VER in
fa0f0f45 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
08822d99 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
2ce0bfe4 106 esac
107
108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
119fi
120
fa0f0f45 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
540d72c3 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
8b32eddc 128 if test "x$withval" = "xno" ; then
540d72c3 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
240debe0 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
fa0f0f45 208 poll.h \
240debe0 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
226 sys/prctl.h \
227 sys/pstat.h \
228 sys/select.h \
229 sys/stat.h \
230 sys/stream.h \
231 sys/stropts.h \
232 sys/strtio.h \
233 sys/sysmacros.h \
234 sys/time.h \
235 sys/timers.h \
236 sys/un.h \
237 time.h \
238 tmpdir.h \
239 ttyent.h \
fa0f0f45 240 ucred.h \
240debe0 241 unistd.h \
242 usersec.h \
243 util.h \
244 utime.h \
245 utmp.h \
246 utmpx.h \
247 vis.h \
248)
249
250# lastlog.h requires sys/time.h to be included first on Solaris
251AC_CHECK_HEADERS(lastlog.h, [], [], [
252#ifdef HAVE_SYS_TIME_H
253# include <sys/time.h>
254#endif
255])
256
257# sys/ptms.h requires sys/stream.h to be included first on Solaris
258AC_CHECK_HEADERS(sys/ptms.h, [], [], [
259#ifdef HAVE_SYS_STREAM_H
260# include <sys/stream.h>
261#endif
262])
263
264# login_cap.h requires sys/types.h on NetBSD
265AC_CHECK_HEADERS(login_cap.h, [], [], [
266#include <sys/types.h>
267])
268
30460aeb 269# Messages for features tested for in target-specific section
270SIA_MSG="no"
271SPC_MSG="no"
272
3c0ef626 273# Check for some target-specific stuff
274case "$host" in
275*-*-aix*)
30460aeb 276 # Some versions of VAC won't allow macro redefinitions at
277 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
278 # particularly with older versions of vac or xlc.
279 # It also throws errors about null macro argments, but these are
280 # not fatal.
281 AC_MSG_CHECKING(if compiler allows macro redefinitions)
282 AC_COMPILE_IFELSE(
283 [AC_LANG_SOURCE([[
284#define testmacro foo
285#define testmacro bar
286int main(void) { exit(0); }
287 ]])],
288 [ AC_MSG_RESULT(yes) ],
289 [ AC_MSG_RESULT(no)
290 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
291 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
292 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
293 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 ]
295 )
296
540d72c3 297 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 298 if (test -z "$blibpath"); then
540d72c3 299 blibpath="/usr/lib:/lib"
3c0ef626 300 fi
256cb466 301 saved_LDFLAGS="$LDFLAGS"
30460aeb 302 if test "$GCC" = "yes"; then
303 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
304 else
305 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
306 fi
307 for tryflags in $flags ;do
256cb466 308 if (test -z "$blibflags"); then
309 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
310 AC_TRY_LINK([], [], [blibflags=$tryflags])
311 fi
312 done
313 if (test -z "$blibflags"); then
314 AC_MSG_RESULT(not found)
315 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
316 else
317 AC_MSG_RESULT($blibflags)
318 fi
319 LDFLAGS="$saved_LDFLAGS"
7cac2b65 320 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 321 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
322 [Define if you want to enable AIX4's authenticate function])],
d03f4262 323 [AC_CHECK_LIB(s,authenticate,
324 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
325 LIBS="$LIBS -ls"
326 ])
327 ])
dfddba3d 328 dnl Check for various auth function declarations in headers.
329 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 330 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 331 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 332 AC_CHECK_DECLS(loginfailed,
7cac2b65 333 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
334 AC_TRY_COMPILE(
335 [#include <usersec.h>],
336 [(void)loginfailed("user","host","tty",0);],
337 [AC_MSG_RESULT(yes)
08822d99 338 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
339 [Define if your AIX loginfailed() function
340 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 341 [AC_MSG_RESULT(no)]
342 )],
343 [],
344 [#include <usersec.h>]
345 )
346 AC_CHECK_FUNCS(setauthdb)
30460aeb 347 AC_CHECK_DECL(F_CLOSEM,
348 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
349 [],
350 [ #include <limits.h>
351 #include <fcntl.h> ]
352 )
dfddba3d 353 check_for_aix_broken_getaddrinfo=1
08822d99 354 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
355 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
356 [Define if your platform breaks doing a seteuid before a setuid])
357 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
358 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 359 dnl AIX handles lastlog as part of its login message
08822d99 360 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
361 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
362 [Some systems need a utmpx entry for /bin/login to work])
363 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
364 [Define to a Set Process Title type if your system is
365 supported by bsd-setproctitle.c])
366 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
367 [AIX 5.2 and 5.3 (and presumably newer) require this])
30460aeb 368 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 369 ;;
370*-*-cygwin*)
bfe49944 371 check_for_libcrypt_later=1
0b90ac93 372 LIBS="$LIBS /usr/lib/textreadmode.o"
08822d99 373 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
374 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
375 AC_DEFINE(DISABLE_SHADOW, 1,
376 [Define if you want to disable shadow passwords])
377 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
378 [Define if your system choked on IP TOS setting])
379 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
380 [Define if X11 doesn't support AF_UNIX sockets on that system])
381 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
382 [Define if the concept of ports only accessible to
383 superusers isn't known])
384 AC_DEFINE(DISABLE_FD_PASSING, 1,
385 [Define if your platform needs to skip post auth
386 file descriptor passing])
3c0ef626 387 ;;
388*-*-dgux*)
389 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 390 AC_DEFINE(SETEUID_BREAKS_SETUID)
391 AC_DEFINE(BROKEN_SETREUID)
392 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 393 ;;
394*-*-darwin*)
0b90ac93 395 AC_DEFINE(BROKEN_GETADDRINFO, 1, [Define if getaddrinfo is broken)])
396 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 397 AC_DEFINE(SETEUID_BREAKS_SETUID)
398 AC_DEFINE(BROKEN_SETREUID)
399 AC_DEFINE(BROKEN_SETREGID)
08822d99 400 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
401 [Define if your resolver libs need this for getrrsetbyname])
30460aeb 402 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
403 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
404 [Use tunnel device compatibility to OpenBSD])
405 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
406 [Prepend the address family to IP tunnel traffic])
f713db99 407 AC_MSG_CHECKING(if we have the Security Authorization Session API)
408 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
409 [SessionCreate(0, 0);],
410 [ac_cv_use_security_session_api="yes"
411 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
412 [platform has the Security Authorization Session API])
413 LIBS="$LIBS -framework Security"
414 AC_MSG_RESULT(yes)],
415 [ac_cv_use_security_session_api="no"
416 AC_MSG_RESULT(no)])
417 AC_MSG_CHECKING(if we have an in-memory credentials cache)
418 AC_TRY_COMPILE(
419 [#include <Kerberos/Kerberos.h>],
420 [cc_context_t c;
421 (void) cc_initialize (&c, 0, NULL, NULL);],
422 [AC_DEFINE(USE_CCAPI, 1,
423 [platform uses an in-memory credentials cache])
424 LIBS="$LIBS -framework Security"
425 AC_MSG_RESULT(yes)
426 if test "x$ac_cv_use_security_session_api" = "xno"; then
427 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
428 fi],
429 [AC_MSG_RESULT(no)]
430 )
431 ;;
30460aeb 432*-*-dragonfly*)
433 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 434 ;;
2ce0bfe4 435*-*-hpux*)
436 # first we define all of the options common to all HP-UX releases
3c0ef626 437 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
438 IPADDR_IN_DISPLAY=yes
3c0ef626 439 AC_DEFINE(USE_PIPES)
08822d99 440 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
441 [Define if your login program cannot handle end of options ("--")])
350391c5 442 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 443 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
444 [String used in /etc/passwd to denote locked account])
7cac2b65 445 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 446 MAIL="/var/mail/username"
d03f4262 447 LIBS="$LIBS -lsec"
2ce0bfe4 448 AC_CHECK_LIB(xnet, t_error, ,
449 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
450
451 # next, we define all of the options specific to major releases
452 case "$host" in
453 *-*-hpux10*)
454 if test -z "$GCC"; then
455 CFLAGS="$CFLAGS -Ae"
456 fi
457 ;;
458 *-*-hpux11*)
08822d99 459 AC_DEFINE(PAM_SUN_CODEBASE, 1,
460 [Define if you are using Solaris-derived PAM which
461 passes pam_messages to the conversation function
462 with an extra level of indirection])
463 AC_DEFINE(DISABLE_UTMP, 1,
464 [Define if you don't want to use utmp])
2ce0bfe4 465 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
466 check_for_hpux_broken_getaddrinfo=1
467 check_for_conflicting_getspnam=1
468 ;;
469 esac
470
471 # lastly, we define options specific to minor releases
472 case "$host" in
473 *-*-hpux10.26)
08822d99 474 AC_DEFINE(HAVE_SECUREWARE, 1,
475 [Define if you have SecureWare-based
476 protected password database])
2ce0bfe4 477 disable_ptmx_check=yes
478 LIBS="$LIBS -lsecpw"
479 ;;
480 esac
3c0ef626 481 ;;
482*-*-irix5*)
3c0ef626 483 PATH="$PATH:/usr/etc"
08822d99 484 AC_DEFINE(BROKEN_INET_NTOA, 1,
485 [Define if you system's inet_ntoa is busted
486 (e.g. Irix gcc issue)])
540d72c3 487 AC_DEFINE(SETEUID_BREAKS_SETUID)
488 AC_DEFINE(BROKEN_SETREUID)
489 AC_DEFINE(BROKEN_SETREGID)
08822d99 490 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
491 [Define if you shouldn't strip 'tty' from your
492 ttyname in [uw]tmp])
7cac2b65 493 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 494 ;;
495*-*-irix6*)
3c0ef626 496 PATH="$PATH:/usr/etc"
08822d99 497 AC_DEFINE(WITH_IRIX_ARRAY, 1,
498 [Define if you have/want arrays
499 (cluster-wide session managment, not C arrays)])
500 AC_DEFINE(WITH_IRIX_PROJECT, 1,
501 [Define if you want IRIX project management])
502 AC_DEFINE(WITH_IRIX_AUDIT, 1,
503 [Define if you want IRIX audit trails])
504 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
505 [Define if you want IRIX kernel jobs])])
3c0ef626 506 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 507 AC_DEFINE(SETEUID_BREAKS_SETUID)
508 AC_DEFINE(BROKEN_SETREUID)
509 AC_DEFINE(BROKEN_SETREGID)
08822d99 510 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 511 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 512 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 513 ;;
514*-*-linux*)
515 no_dev_ptmx=1
516 check_for_libcrypt_later=1
7cac2b65 517 check_for_openpty_ctty_bug=1
08822d99 518 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
519 AC_DEFINE(PAM_TTY_KLUDGE, 1,
520 [Work around problematic Linux PAM modules handling of PAM_TTY])
521 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
522 [String used in /etc/passwd to denote locked account])
7cac2b65 523 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 524 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
525 [Define to whatever link() returns for "not supported"
526 if it doesn't return EOPNOTSUPP.])
dfddba3d 527 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 528 AC_DEFINE(USE_BTMP)
3c0ef626 529 inet6_default_4in6=yes
7cac2b65 530 case `uname -r` in
531 1.*|2.0.*)
08822d99 532 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
533 [Define if cmsg_type is not passed correctly])
7cac2b65 534 ;;
535 esac
08822d99 536 # tun(4) forwarding compat code
537 AC_CHECK_HEADERS(linux/if_tun.h)
538 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
539 AC_DEFINE(SSH_TUN_LINUX, 1,
540 [Open tunnel devices the Linux tun/tap way])
541 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
542 [Use tunnel device compatibility to OpenBSD])
543 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
544 [Prepend the address family to IP tunnel traffic])
545 fi
3c0ef626 546 ;;
547mips-sony-bsd|mips-sony-newsos4)
4b6dae8f 548 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 549 SONY=1
3c0ef626 550 ;;
551*-*-netbsd*)
d03f4262 552 check_for_libcrypt_before=1
8b32eddc 553 if test "x$withval" != "xno" ; then
540d72c3 554 need_dash_r=1
555 fi
08822d99 556 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
557 AC_CHECK_HEADER([net/if_tap.h], ,
558 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
559 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
560 [Prepend the address family to IP tunnel traffic])
3c0ef626 561 ;;
562*-*-freebsd*)
563 check_for_libcrypt_later=1
08822d99 564 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
565 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
566 AC_CHECK_HEADER([net/if_tap.h], ,
567 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 568 ;;
29d88157 569*-*-bsdi*)
570 AC_DEFINE(SETEUID_BREAKS_SETUID)
571 AC_DEFINE(BROKEN_SETREUID)
572 AC_DEFINE(BROKEN_SETREGID)
573 ;;
3c0ef626 574*-next-*)
575 conf_lastlog_location="/usr/adm/lastlog"
576 conf_utmp_location=/etc/utmp
577 conf_wtmp_location=/usr/adm/wtmp
578 MAIL=/usr/spool/mail
08822d99 579 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 580 AC_DEFINE(BROKEN_REALPATH)
581 AC_DEFINE(USE_PIPES)
08822d99 582 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 583 ;;
2ce0bfe4 584*-*-openbsd*)
585 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 586 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
587 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
30460aeb 588 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
589 [syslog_r function is safe to use in in a signal handler])
2ce0bfe4 590 ;;
3c0ef626 591*-*-solaris*)
8b32eddc 592 if test "x$withval" != "xno" ; then
12a403af 593 need_dash_r=1
594 fi
3c0ef626 595 AC_DEFINE(PAM_SUN_CODEBASE)
596 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 597 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
598 [Some versions of /bin/login need the TERM supplied
599 on the commandline])
3c0ef626 600 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 601 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
602 [Define if pam_chauthtok wants real uid set
603 to the unpriv'ed user])
7cac2b65 604 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
605 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 606 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
607 [Define if sshd somehow reacquires a controlling TTY
608 after setsid()])
30460aeb 609 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
610 in case the name is longer than 8 chars])
7cac2b65 611 external_path_file=/etc/default/login
3c0ef626 612 # hardwire lastlog location (can't detect it on some versions)
613 conf_lastlog_location="/var/adm/lastlog"
614 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
615 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
616 if test "$sol2ver" -ge 8; then
617 AC_MSG_RESULT(yes)
618 AC_DEFINE(DISABLE_UTMP)
08822d99 619 AC_DEFINE(DISABLE_WTMP, 1,
620 [Define if you don't want to use wtmp])
3c0ef626 621 else
622 AC_MSG_RESULT(no)
623 fi
30460aeb 624 AC_ARG_WITH(solaris-contracts,
625 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
626 [
627 AC_CHECK_LIB(contract, ct_tmpl_activate,
628 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
629 [Define if you have Solaris process contracts])
630 SSHDLIBS="$SSHDLIBS -lcontract"
631 AC_SUBST(SSHDLIBS)
632 SPC_MSG="yes" ], )
633 ],
634 )
3c0ef626 635 ;;
636*-*-sunos4*)
637 CPPFLAGS="$CPPFLAGS -DSUNOS4"
638 AC_CHECK_FUNCS(getpwanam)
639 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 640 conf_utmp_location=/etc/utmp
641 conf_wtmp_location=/var/adm/wtmp
642 conf_lastlog_location=/var/adm/lastlog
643 AC_DEFINE(USE_PIPES)
644 ;;
645*-ncr-sysv*)
3c0ef626 646 LIBS="$LIBS -lc89"
e9702f7d 647 AC_DEFINE(USE_PIPES)
7cac2b65 648 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 649 AC_DEFINE(SETEUID_BREAKS_SETUID)
650 AC_DEFINE(BROKEN_SETREUID)
651 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 652 ;;
653*-sni-sysv*)
3c0ef626 654 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 655 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 656 # -lresolv needs to be at the end of LIBS or DNS lookups break
657 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 658 IPADDR_IN_DISPLAY=yes
659 AC_DEFINE(USE_PIPES)
660 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 661 AC_DEFINE(SETEUID_BREAKS_SETUID)
662 AC_DEFINE(BROKEN_SETREUID)
663 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 664 AC_DEFINE(SSHD_ACQUIRES_CTTY)
665 external_path_file=/etc/default/login
3c0ef626 666 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
667 # Attention: always take care to bind libsocket and libnsl before libc,
668 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
669 ;;
dfddba3d 670# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 671*-*-sysv4.2*)
3c0ef626 672 AC_DEFINE(USE_PIPES)
7cac2b65 673 AC_DEFINE(SETEUID_BREAKS_SETUID)
674 AC_DEFINE(BROKEN_SETREUID)
675 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 676 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 677 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 678 ;;
dfddba3d 679# UnixWare 7.x, OpenUNIX 8
3c0ef626 680*-*-sysv5*)
2ce0bfe4 681 check_for_libcrypt_later=1
682 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 683 AC_DEFINE(USE_PIPES)
7cac2b65 684 AC_DEFINE(SETEUID_BREAKS_SETUID)
685 AC_DEFINE(BROKEN_SETREUID)
686 AC_DEFINE(BROKEN_SETREGID)
08822d99 687 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 688 case "$host" in
689 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
690 TEST_SHELL=/u95/bin/sh
08822d99 691 AC_DEFINE(BROKEN_LIBIAF, 1,
692 [ia_uinfo routines not supported by OS yet])
30460aeb 693 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 694 ;;
695 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 696 ;;
697 esac
3c0ef626 698 ;;
699*-*-sysv*)
3c0ef626 700 ;;
dfddba3d 701# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 702*-*-sco3.2v4*)
dfddba3d 703 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 704 ;;
dfddba3d 705# SCO OpenServer 5.x
3c0ef626 706*-*-sco3.2v5*)
bfe49944 707 if test -z "$GCC"; then
708 CFLAGS="$CFLAGS -belf"
709 fi
3c0ef626 710 LIBS="$LIBS -lprot -lx -ltinfo -lm"
711 no_dev_ptmx=1
3c0ef626 712 AC_DEFINE(USE_PIPES)
350391c5 713 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 714 AC_DEFINE(DISABLE_SHADOW)
d03f4262 715 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 716 AC_DEFINE(SETEUID_BREAKS_SETUID)
717 AC_DEFINE(BROKEN_SETREUID)
718 AC_DEFINE(BROKEN_SETREGID)
719 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 720 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 721 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 722 AC_CHECK_FUNCS(getluid setluid)
723 MANTYPE=man
7e82606e 724 TEST_SHELL=ksh
3c0ef626 725 ;;
d03f4262 726*-*-unicosmk*)
08822d99 727 AC_DEFINE(NO_SSH_LASTLOG, 1,
728 [Define if you don't want to use lastlog in session.c])
540d72c3 729 AC_DEFINE(SETEUID_BREAKS_SETUID)
730 AC_DEFINE(BROKEN_SETREUID)
731 AC_DEFINE(BROKEN_SETREGID)
d03f4262 732 AC_DEFINE(USE_PIPES)
733 AC_DEFINE(DISABLE_FD_PASSING)
734 LDFLAGS="$LDFLAGS"
735 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
736 MANTYPE=cat
737 ;;
7cac2b65 738*-*-unicosmp*)
540d72c3 739 AC_DEFINE(SETEUID_BREAKS_SETUID)
740 AC_DEFINE(BROKEN_SETREUID)
741 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 742 AC_DEFINE(WITH_ABBREV_NO_TTY)
743 AC_DEFINE(USE_PIPES)
744 AC_DEFINE(DISABLE_FD_PASSING)
745 LDFLAGS="$LDFLAGS"
540d72c3 746 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 747 MANTYPE=cat
748 ;;
3c0ef626 749*-*-unicos*)
540d72c3 750 AC_DEFINE(SETEUID_BREAKS_SETUID)
751 AC_DEFINE(BROKEN_SETREUID)
752 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 753 AC_DEFINE(USE_PIPES)
d03f4262 754 AC_DEFINE(DISABLE_FD_PASSING)
755 AC_DEFINE(NO_SSH_LASTLOG)
756 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
757 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
758 MANTYPE=cat
3c0ef626 759 ;;
760*-dec-osf*)
761 AC_MSG_CHECKING(for Digital Unix SIA)
762 no_osfsia=""
763 AC_ARG_WITH(osfsia,
764 [ --with-osfsia Enable Digital Unix SIA],
765 [
766 if test "x$withval" = "xno" ; then
767 AC_MSG_RESULT(disabled)
768 no_osfsia=1
769 fi
770 ],
771 )
772 if test -z "$no_osfsia" ; then
773 if test -f /etc/sia/matrix.conf; then
774 AC_MSG_RESULT(yes)
08822d99 775 AC_DEFINE(HAVE_OSF_SIA, 1,
776 [Define if you have Digital Unix Security
777 Integration Architecture])
778 AC_DEFINE(DISABLE_LOGIN, 1,
779 [Define if you don't want to use your
780 system's login() call])
bfe49944 781 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 782 LIBS="$LIBS -lsecurity -ldb -lm -laud"
30460aeb 783 SIA_MSG="yes"
3c0ef626 784 else
785 AC_MSG_RESULT(no)
08822d99 786 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
787 [String used in /etc/passwd to denote locked account])
3c0ef626 788 fi
789 fi
7cac2b65 790 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 791 AC_DEFINE(SETEUID_BREAKS_SETUID)
792 AC_DEFINE(BROKEN_SETREUID)
793 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 794 ;;
795
4b6dae8f 796*-*-nto-qnx*)
3c0ef626 797 AC_DEFINE(USE_PIPES)
798 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 799 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
800 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
801 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
4b6dae8f 802 AC_DEFINE(DISABLE_LASTLOG)
30460aeb 803 AC_DEFINE(SSHD_ACQUIRES_CTTY)
804 enable_etc_default_login=no # has incompatible /etc/default/login
fa0f0f45 805 case "$host" in
806 *-*-nto-qnx6*)
807 AC_DEFINE(DISABLE_FD_PASSING)
808 ;;
809 esac
3c0ef626 810 ;;
2ce0bfe4 811
812*-*-ultrix*)
08822d99 813 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
814 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b6dae8f 815 AC_DEFINE(NEED_SETPGRP)
2ce0bfe4 816 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
817 ;;
818
819*-*-lynxos)
820 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 821 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 822 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
823 ;;
3c0ef626 824esac
825
7cac2b65 826AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 827AC_RUN_IFELSE(
828 [AC_LANG_SOURCE([
7cac2b65 829#include <stdio.h>
830int main(){exit(0);}
dfddba3d 831 ])],
7cac2b65 832 [ AC_MSG_RESULT(yes) ],
833 [
834 AC_MSG_RESULT(no)
835 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 836 ],
837 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 838)
839
2ce0bfe4 840dnl Checks for header files.
3c0ef626 841# Checks for libraries.
842AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
843AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
844
7cac2b65 845dnl IRIX and Solaris 2.5.1 have dirname() in libgen
846AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
847 AC_CHECK_LIB(gen, dirname,[
848 AC_CACHE_CHECK([for broken dirname],
849 ac_cv_have_broken_dirname, [
850 save_LIBS="$LIBS"
851 LIBS="$LIBS -lgen"
08822d99 852 AC_RUN_IFELSE(
853 [AC_LANG_SOURCE([[
7cac2b65 854#include <libgen.h>
855#include <string.h>
856
857int main(int argc, char **argv) {
858 char *s, buf[32];
859
860 strncpy(buf,"/etc", 32);
861 s = dirname(buf);
862 if (!s || strncmp(s, "/", 32) != 0) {
863 exit(1);
864 } else {
865 exit(0);
866 }
867}
08822d99 868 ]])],
869 [ ac_cv_have_broken_dirname="no" ],
870 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 871 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 872 )
873 LIBS="$save_LIBS"
874 ])
875 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
876 LIBS="$LIBS -lgen"
877 AC_DEFINE(HAVE_DIRNAME)
878 AC_CHECK_HEADERS(libgen.h)
879 fi
880 ])
881])
882
3c0ef626 883AC_CHECK_FUNC(getspnam, ,
884 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 885AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
886 [Define if you have the basename function.]))
3c0ef626 887
888dnl zlib is required
889AC_ARG_WITH(zlib,
890 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 891 [ if test "x$withval" = "xno" ; then
892 AC_MSG_ERROR([*** zlib is required ***])
893 elif test "x$withval" != "xyes"; then
3c0ef626 894 if test -d "$withval/lib"; then
895 if test -n "${need_dash_r}"; then
896 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
897 else
898 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
899 fi
900 else
901 if test -n "${need_dash_r}"; then
902 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
903 else
904 LDFLAGS="-L${withval} ${LDFLAGS}"
905 fi
906 fi
907 if test -d "$withval/include"; then
908 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
909 else
910 CPPFLAGS="-I${withval} ${CPPFLAGS}"
911 fi
8b32eddc 912 fi ]
3c0ef626 913)
914
540d72c3 915AC_CHECK_LIB(z, deflate, ,
916 [
917 saved_CPPFLAGS="$CPPFLAGS"
918 saved_LDFLAGS="$LDFLAGS"
919 save_LIBS="$LIBS"
920 dnl Check default zlib install dir
921 if test -n "${need_dash_r}"; then
922 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
923 else
924 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
925 fi
926 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
927 LIBS="$LIBS -lz"
928 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
929 [
930 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
931 ]
932 )
933 ]
934)
935AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
936
937AC_ARG_WITH(zlib-version-check,
938 [ --without-zlib-version-check Disable zlib version check],
939 [ if test "x$withval" = "xno" ; then
940 zlib_check_nonfatal=1
941 fi
942 ]
943)
944
8b32eddc 945AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 946AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 947#include <stdio.h>
540d72c3 948#include <zlib.h>
949int main()
950{
8b32eddc 951 int a=0, b=0, c=0, d=0, n, v;
952 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
953 if (n != 3 && n != 4)
540d72c3 954 exit(1);
8b32eddc 955 v = a*1000000 + b*10000 + c*100 + d;
956 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
957
958 /* 1.1.4 is OK */
959 if (a == 1 && b == 1 && c >= 4)
540d72c3 960 exit(0);
8b32eddc 961
2ce0bfe4 962 /* 1.2.3 and up are OK */
963 if (v >= 1020300)
8b32eddc 964 exit(0);
965
540d72c3 966 exit(2);
967}
dfddba3d 968 ]])],
8b32eddc 969 AC_MSG_RESULT(no),
970 [ AC_MSG_RESULT(yes)
540d72c3 971 if test -z "$zlib_check_nonfatal" ; then
972 AC_MSG_ERROR([*** zlib too old - check config.log ***
973Your reported zlib version has known security problems. It's possible your
974vendor has fixed these problems without changing the version number. If you
975are sure this is the case, you can disable the check by running
976"./configure --without-zlib-version-check".
2ce0bfe4 977If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 978See http://www.gzip.org/zlib/ for details.])
540d72c3 979 else
980 AC_MSG_WARN([zlib version may have security problems])
981 fi
dfddba3d 982 ],
983 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 984)
3c0ef626 985
3c0ef626 986dnl UnixWare 2.x
540d72c3 987AC_CHECK_FUNC(strcasecmp,
3c0ef626 988 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
989)
08822d99 990AC_CHECK_FUNCS(utimes,
d03f4262 991 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
992 LIBS="$LIBS -lc89"]) ]
3c0ef626 993)
994
995dnl Checks for libutil functions
996AC_CHECK_HEADERS(libutil.h)
08822d99 997AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
998 [Define if your libraries define login()])])
3c0ef626 999AC_CHECK_FUNCS(logout updwtmp logwtmp)
1000
1001AC_FUNC_STRFTIME
1002
3c0ef626 1003# Check for ALTDIRFUNC glob() extension
1004AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1005AC_EGREP_CPP(FOUNDIT,
1006 [
1007 #include <glob.h>
1008 #ifdef GLOB_ALTDIRFUNC
1009 FOUNDIT
1010 #endif
540d72c3 1011 ],
3c0ef626 1012 [
08822d99 1013 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1014 [Define if your system glob() function has
1015 the GLOB_ALTDIRFUNC extension])
3c0ef626 1016 AC_MSG_RESULT(yes)
1017 ],
1018 [
1019 AC_MSG_RESULT(no)
1020 ]
1021)
1022
1023# Check for g.gl_matchc glob() extension
1024AC_MSG_CHECKING(for gl_matchc field in glob_t)
30460aeb 1025AC_TRY_COMPILE(
1026 [ #include <glob.h> ],
1027 [glob_t g; g.gl_matchc = 1;],
540d72c3 1028 [
08822d99 1029 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1030 [Define if your system glob() function has
1031 gl_matchc options in glob_t])
540d72c3 1032 AC_MSG_RESULT(yes)
1033 ],
1034 [
1035 AC_MSG_RESULT(no)
1036 ]
3c0ef626 1037)
1038
30460aeb 1039AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1040
3c0ef626 1041AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 1042AC_RUN_IFELSE(
1043 [AC_LANG_SOURCE([[
3c0ef626 1044#include <sys/types.h>
1045#include <dirent.h>
d03f4262 1046int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 1047 ]])],
540d72c3 1048 [AC_MSG_RESULT(yes)],
3c0ef626 1049 [
1050 AC_MSG_RESULT(no)
08822d99 1051 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1052 [Define if your struct dirent expects you to
1053 allocate extra space for d_name])
dfddba3d 1054 ],
8b32eddc 1055 [
dfddba3d 1056 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1057 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1058 ]
1059)
1060
1c89237d 1061# Check whether the user wants GSSAPI mechglue support
1062AC_ARG_WITH(mechglue,
bec32dad 1063 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1c89237d 1064 [
1065 AC_MSG_CHECKING(for mechglue library)
bec32dad 1066
1067 if test -e ${withval}/libgssapi.a ; then
1068 mechglue_lib=${withval}/libgssapi.a
1069 elif test -e ${withval}/lib/libgssapi.a ; then
1070 mechglue_lib=${withval}/lib/libgssapi.a
1071 else
1072 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1c89237d 1073 fi
bec32dad 1074 LIBS="$LIBS ${mechglue_lib}"
1075 AC_MSG_RESULT(${mechglue_lib})
1076
1c89237d 1077 AC_CHECK_LIB(dl, dlopen, , )
1078 if test $ac_cv_lib_dl_dlopen = yes; then
bec32dad 1079 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1c89237d 1080 fi
bec32dad 1081
1c89237d 1082 AC_DEFINE(GSSAPI)
08822d99 1083 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
1c89237d 1084 GSSAPI="mechglue"
1085
1c89237d 1086 ]
1087)
1088
1089
5598e598 1090# Check whether the user wants GSI (Globus) support
1091gsi_path="no"
1092AC_ARG_WITH(gsi,
483bcdbd 1093 [ --with-gsi Enable Globus GSI authentication support],
5598e598 1094 [
1095 gsi_path="$withval"
1096 ]
1097)
1098
1099AC_ARG_WITH(globus,
483bcdbd 1100 [ --with-globus Enable Globus GSI authentication support],
5598e598 1101 [
1102 gsi_path="$withval"
1103 ]
1104)
1105
483bcdbd 1106AC_ARG_WITH(globus-static,
1107 [ --with-globus-static Link statically with Globus GSI libraries],
1108 [
1109 gsi_static="-static"
9e6effad 1110 if test "x$gsi_path" = "xno" ; then
6e098d39 1111 gsi_path="$withval"
1112 fi
483bcdbd 1113 ]
1114)
1115
5fb9fc74 1116# Check whether the user has a Globus flavor type
1117globus_flavor_type="no"
1118AC_ARG_WITH(globus-flavor,
483bcdbd 1119 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
5fb9fc74 1120 [
1121 globus_flavor_type="$withval"
9e6effad 1122 if test "x$gsi_path" = "xno" ; then
e78b0188 1123 gsi_path="yes"
1124 fi
5fb9fc74 1125 ]
1126)
1127
5598e598 1128if test "x$gsi_path" != "xno" ; then
1129 # Globus GSSAPI configuration
22798398 1130 AC_MSG_CHECKING(for Globus GSI)
08822d99 1131 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
5598e598 1132
1c89237d 1133 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
483bcdbd 1134 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
1c89237d 1135 fi
1136 if test -z "$GSSAPI"; then
1137 AC_DEFINE(GSSAPI)
1138 GSSAPI="GSI"
1139 fi
1140
8b1f0dfd 1141 if test "x$gsi_path" = "xyes" ; then
1142 if test -z "$GLOBUS_LOCATION" ; then
483bcdbd 1143 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
8b1f0dfd 1144 else
1145 gsi_path="$GLOBUS_LOCATION"
1146 fi
1147 fi
483bcdbd 1148 GLOBUS_LOCATION="$gsi_path"
1149 export GLOBUS_LOCATION
1150 if test ! -d "$GLOBUS_LOCATION" ; then
1151 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
5598e598 1152 fi
5598e598 1153
22798398 1154 if test "x$globus_flavor_type" = "xno" ; then
1155 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1156 fi
1157 if test "x$globus_flavor_type" = "xyes" ; then
1158 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
5598e598 1159 fi
5fb9fc74 1160
bed23354 1161 if test -x ${gsi_path}/bin/globus-makefile-header ; then
7e2129ee 1162 ${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
bed23354 1163 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
7e2129ee 1164 ${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
5fb9fc74 1165 else
bed23354 1166 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
22798398 1167 fi
7e2129ee 1168 . ./gpt_build_tmp.sh
1dca09f1 1169 if test -n "${need_dash_r}"; then
99c77ccf 1170 GSI_LDFLAGS="-L${gsi_path}/lib -R${gsi_path}/lib"
1dca09f1 1171 else
1172 GSI_LDFLAGS="-L${gsi_path}/lib"
1173 fi
7e2129ee 1174 if test -z "$GLOBUS_PKG_LIBS" ; then
bed23354 1175 AC_MSG_ERROR(globus-makefile-header failed)
5fb9fc74 1176 fi
5598e598 1177
540d72c3 1178 AC_DEFINE(HAVE_GSSAPI_H)
1179
7e2129ee 1180 LIBS="$LIBS $GLOBUS_LIBS $GLOBUS_PKG_LIBS"
5107d8f0 1181 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
1182 CPPFLAGS="$CPPFLAGS $GLOBUS_INCLUDES"
22798398 1183
1184 # test that we got the libraries OK
1185 AC_TRY_LINK(
1186 [],
1187 [],
1188 [
1189 AC_MSG_RESULT(yes)
1190 ],
1191 [
1192 AC_MSG_ERROR(link with Globus libraries failed)
1193 ]
1194 )
fd34c71f 1195 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
1ca858e9 1196 INSTALL_GSISSH="yes"
1197else
1198 INSTALL_GSISSH=""
5598e598 1199fi
1ca858e9 1200AC_SUBST(INSTALL_GSISSH)
1201# End Globus/GSI section
5598e598 1202
7e82606e 1203AC_MSG_CHECKING([for /proc/pid/fd directory])
1204if test -d "/proc/$$/fd" ; then
08822d99 1205 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1206 AC_MSG_RESULT(yes)
1207else
1208 AC_MSG_RESULT(no)
1209fi
1210
3c0ef626 1211# Check whether user wants S/Key support
540d72c3 1212SKEY_MSG="no"
3c0ef626 1213AC_ARG_WITH(skey,
dfddba3d 1214 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1215 [
1216 if test "x$withval" != "xno" ; then
1217
1218 if test "x$withval" != "xyes" ; then
1219 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1220 LDFLAGS="$LDFLAGS -L${withval}/lib"
1221 fi
1222
08822d99 1223 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1224 LIBS="-lskey $LIBS"
540d72c3 1225 SKEY_MSG="yes"
8b32eddc 1226
e9702f7d 1227 AC_MSG_CHECKING([for s/key support])
08822d99 1228 AC_LINK_IFELSE(
1229 [AC_LANG_SOURCE([[
e9702f7d 1230#include <stdio.h>
1231#include <skey.h>
d03f4262 1232int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1233 ]])],
e9702f7d 1234 [AC_MSG_RESULT(yes)],
3c0ef626 1235 [
e9702f7d 1236 AC_MSG_RESULT(no)
3c0ef626 1237 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1238 ])
12a403af 1239 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1240 AC_TRY_COMPILE(
1241 [#include <stdio.h>
1242 #include <skey.h>],
1243 [(void)skeychallenge(NULL,"name","",0);],
1244 [AC_MSG_RESULT(yes)
08822d99 1245 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1246 [Define if your skeychallenge()
1247 function takes 4 arguments (NetBSD)])],
12a403af 1248 [AC_MSG_RESULT(no)]
1249 )
3c0ef626 1250 fi
1251 ]
1252)
1253
1254# Check whether user wants TCP wrappers support
1255TCPW_MSG="no"
1256AC_ARG_WITH(tcp-wrappers,
dfddba3d 1257 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1258 [
1259 if test "x$withval" != "xno" ; then
1260 saved_LIBS="$LIBS"
1261 saved_LDFLAGS="$LDFLAGS"
1262 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1263 if test -n "${withval}" && \
1264 test "x${withval}" != "xyes"; then
3c0ef626 1265 if test -d "${withval}/lib"; then
1266 if test -n "${need_dash_r}"; then
1267 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1268 else
1269 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1270 fi
1271 else
1272 if test -n "${need_dash_r}"; then
1273 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1274 else
1275 LDFLAGS="-L${withval} ${LDFLAGS}"
1276 fi
1277 fi
1278 if test -d "${withval}/include"; then
1279 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1280 else
1281 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1282 fi
1283 fi
fa0f0f45 1284 LIBS="-lwrap $LIBS"
3c0ef626 1285 AC_MSG_CHECKING(for libwrap)
1286 AC_TRY_LINK(
1287 [
12a403af 1288#include <sys/types.h>
1289#include <sys/socket.h>
1290#include <netinet/in.h>
3c0ef626 1291#include <tcpd.h>
1292 int deny_severity = 0, allow_severity = 0;
1293 ],
1294 [hosts_access(0);],
1295 [
1296 AC_MSG_RESULT(yes)
08822d99 1297 AC_DEFINE(LIBWRAP, 1,
1298 [Define if you want
1299 TCP Wrappers support])
fa0f0f45 1300 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1301 TCPW_MSG="yes"
1302 ],
1303 [
1304 AC_MSG_ERROR([*** libwrap missing])
1305 ]
1306 )
e9702f7d 1307 LIBS="$saved_LIBS"
3c0ef626 1308 fi
1309 ]
1310)
1311
dfddba3d 1312# Check whether user wants libedit support
1313LIBEDIT_MSG="no"
1314AC_ARG_WITH(libedit,
1315 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1316 [ if test "x$withval" != "xno" ; then
8b32eddc 1317 if test "x$withval" != "xyes"; then
08822d99 1318 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1319 if test -n "${need_dash_r}"; then
1320 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1321 else
1322 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1323 fi
8b32eddc 1324 fi
dfddba3d 1325 AC_CHECK_LIB(edit, el_init,
08822d99 1326 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1327 LIBEDIT="-ledit -lcurses"
1328 LIBEDIT_MSG="yes"
1329 AC_SUBST(LIBEDIT)
1330 ],
8b32eddc 1331 [ AC_MSG_ERROR(libedit not found) ],
1332 [ -lcurses ]
dfddba3d 1333 )
2ce0bfe4 1334 AC_MSG_CHECKING(if libedit version is compatible)
1335 AC_COMPILE_IFELSE(
1336 [AC_LANG_SOURCE([[
1337#include <histedit.h>
1338int main(void)
1339{
1340 int i = H_SETSIZE;
1341 el_init("", NULL, NULL, NULL);
1342 exit(0);
1343}
1344 ]])],
1345 [ AC_MSG_RESULT(yes) ],
1346 [ AC_MSG_RESULT(no)
1347 AC_MSG_ERROR(libedit version is not compatible) ]
1348 )
dfddba3d 1349 fi ]
1350)
1351
1352AUDIT_MODULE=none
1353AC_ARG_WITH(audit,
1354 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1355 [
1356 AC_MSG_CHECKING(for supported audit module)
1357 case "$withval" in
1358 bsm)
1359 AC_MSG_RESULT(bsm)
1360 AUDIT_MODULE=bsm
1361 dnl Checks for headers, libs and functions
1362 AC_CHECK_HEADERS(bsm/audit.h, [],
30460aeb 1363 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1364 [
1365#ifdef HAVE_TIME_H
1366# include <time.h>
1367#endif
1368 ]
1369)
dfddba3d 1370 AC_CHECK_LIB(bsm, getaudit, [],
1371 [AC_MSG_ERROR(BSM enabled and required library not found)])
1372 AC_CHECK_FUNCS(getaudit, [],
1373 [AC_MSG_ERROR(BSM enabled and required function not found)])
1374 # These are optional
1375 AC_CHECK_FUNCS(getaudit_addr)
08822d99 1376 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1377 ;;
1378 debug)
1379 AUDIT_MODULE=debug
1380 AC_MSG_RESULT(debug)
08822d99 1381 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1382 ;;
2ce0bfe4 1383 no)
1384 AC_MSG_RESULT(no)
1385 ;;
dfddba3d 1386 *)
1387 AC_MSG_ERROR([Unknown audit module $withval])
1388 ;;
1389 esac ]
1390)
1391
bfe49944 1392dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1393AC_CHECK_FUNCS( \
1394 arc4random \
08822d99 1395 asprintf \
2ce0bfe4 1396 b64_ntop \
1397 __b64_ntop \
1398 b64_pton \
1399 __b64_pton \
1400 bcopy \
1401 bindresvport_sa \
1402 clock \
1403 closefrom \
1404 dirfd \
1405 fchmod \
1406 fchown \
1407 freeaddrinfo \
1408 futimes \
1409 getaddrinfo \
1410 getcwd \
1411 getgrouplist \
1412 getnameinfo \
1413 getopt \
1414 getpeereid \
fa0f0f45 1415 getpeerucred \
2ce0bfe4 1416 _getpty \
1417 getrlimit \
1418 getttyent \
1419 glob \
1420 inet_aton \
1421 inet_ntoa \
1422 inet_ntop \
1423 innetgr \
1424 login_getcapbool \
1425 md5_crypt \
1426 memmove \
1427 mkdtemp \
1428 mmap \
1429 ngetaddrinfo \
1430 nsleep \
1431 ogetaddrinfo \
1432 openlog_r \
1433 openpty \
fa0f0f45 1434 poll \
2ce0bfe4 1435 prctl \
1436 pstat \
1437 readpassphrase \
1438 realpath \
1439 recvmsg \
1440 rresvport_af \
1441 sendmsg \
1442 setdtablesize \
1443 setegid \
1444 setenv \
1445 seteuid \
1446 setgroups \
1447 setlogin \
1448 setpcred \
1449 setproctitle \
1450 setregid \
1451 setreuid \
1452 setrlimit \
1453 setsid \
1454 setvbuf \
1455 sigaction \
1456 sigvec \
1457 snprintf \
1458 socketpair \
1459 strdup \
1460 strerror \
1461 strlcat \
1462 strlcpy \
1463 strmode \
1464 strnvis \
1465 strtonum \
1466 strtoll \
1467 strtoul \
fa0f0f45 1468 swap32 \
2ce0bfe4 1469 sysconf \
1470 tcgetpgrp \
1471 truncate \
1472 unsetenv \
1473 updwtmpx \
08822d99 1474 vasprintf \
2ce0bfe4 1475 vhangup \
1476 vsnprintf \
1477 waitpid \
bfe49944 1478)
1479
29d88157 1480# IRIX has a const char return value for gai_strerror()
1481AC_CHECK_FUNCS(gai_strerror,[
1482 AC_DEFINE(HAVE_GAI_STRERROR)
1483 AC_TRY_COMPILE([
1484#include <sys/types.h>
1485#include <sys/socket.h>
1486#include <netdb.h>
1487
1488const char *gai_strerror(int);],[
1489char *str;
1490
1491str = gai_strerror(0);],[
1492 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1493 [Define if gai_strerror() returns const char *])])])
1494
08822d99 1495AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1496 [Some systems put nanosleep outside of libc]))
bfe49944 1497
7cac2b65 1498dnl Make sure prototypes are defined for these before using them.
7cac2b65 1499AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1500AC_CHECK_DECL(strsep,
1501 [AC_CHECK_FUNCS(strsep)],
1502 [],
1503 [
1504#ifdef HAVE_STRING_H
1505# include <string.h>
1506#endif
1507 ])
3c0ef626 1508
7cac2b65 1509dnl tcsendbreak might be a macro
1510AC_CHECK_DECL(tcsendbreak,
1511 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1512 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1513 [#include <termios.h>]
1514)
3c0ef626 1515
7e82606e 1516AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1517
30460aeb 1518AC_CHECK_DECLS(SHUT_RD, , ,
1519 [
1520#include <sys/types.h>
1521#include <sys/socket.h>
1522 ])
1523
1524AC_CHECK_DECLS(O_NONBLOCK, , ,
1525 [
1526#include <sys/types.h>
1527#ifdef HAVE_SYS_STAT_H
1528# include <sys/stat.h>
1529#endif
1530#ifdef HAVE_FCNTL_H
1531# include <fcntl.h>
1532#endif
1533 ])
1534
1535AC_CHECK_DECLS(writev, , , [
1536#include <sys/types.h>
1537#include <sys/uio.h>
1538#include <unistd.h>
1539 ])
1540
fa0f0f45 1541AC_CHECK_DECLS(MAXSYMLINKS, , , [
1542#include <sys/param.h>
1543 ])
1544
1545AC_CHECK_DECLS(offsetof, , , [
1546#include <stddef.h>
1547 ])
1548
540d72c3 1549AC_CHECK_FUNCS(setresuid, [
1550 dnl Some platorms have setresuid that isn't implemented, test for this
1551 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1552 AC_RUN_IFELSE(
1553 [AC_LANG_SOURCE([[
540d72c3 1554#include <stdlib.h>
1555#include <errno.h>
1556int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1557 ]])],
540d72c3 1558 [AC_MSG_RESULT(yes)],
08822d99 1559 [AC_DEFINE(BROKEN_SETRESUID, 1,
1560 [Define if your setresuid() is broken])
dfddba3d 1561 AC_MSG_RESULT(not implemented)],
1562 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1563 )
1564])
1565
1566AC_CHECK_FUNCS(setresgid, [
1567 dnl Some platorms have setresgid that isn't implemented, test for this
1568 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1569 AC_RUN_IFELSE(
1570 [AC_LANG_SOURCE([[
540d72c3 1571#include <stdlib.h>
1572#include <errno.h>
1573int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1574 ]])],
540d72c3 1575 [AC_MSG_RESULT(yes)],
08822d99 1576 [AC_DEFINE(BROKEN_SETRESGID, 1,
1577 [Define if your setresgid() is broken])
dfddba3d 1578 AC_MSG_RESULT(not implemented)],
1579 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1580 )
1581])
1582
3c0ef626 1583dnl Checks for time functions
1584AC_CHECK_FUNCS(gettimeofday time)
1585dnl Checks for utmp functions
1586AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1587AC_CHECK_FUNCS(utmpname)
1588dnl Checks for utmpx functions
1589AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1590AC_CHECK_FUNCS(setutxent utmpxname)
1591
540d72c3 1592AC_CHECK_FUNC(daemon,
08822d99 1593 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1594 [AC_CHECK_LIB(bsd, daemon,
1595 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1596)
1597
540d72c3 1598AC_CHECK_FUNC(getpagesize,
08822d99 1599 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1600 [Define if your libraries define getpagesize()])],
1601 [AC_CHECK_LIB(ucb, getpagesize,
1602 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1603)
1604
1605# Check for broken snprintf
1606if test "x$ac_cv_func_snprintf" = "xyes" ; then
1607 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1608 AC_RUN_IFELSE(
1609 [AC_LANG_SOURCE([[
3c0ef626 1610#include <stdio.h>
d03f4262 1611int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1612 ]])],
540d72c3 1613 [AC_MSG_RESULT(yes)],
3c0ef626 1614 [
1615 AC_MSG_RESULT(no)
08822d99 1616 AC_DEFINE(BROKEN_SNPRINTF, 1,
1617 [Define if your snprintf is busted])
3c0ef626 1618 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1619 ],
1620 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1621 )
1622fi
1623
08822d99 1624# If we don't have a working asprintf, then we strongly depend on vsnprintf
1625# returning the right thing on overflow: the number of characters it tried to
1626# create (as per SUSv3)
1627if test "x$ac_cv_func_asprintf" != "xyes" && \
1628 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1629 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1630 AC_RUN_IFELSE(
1631 [AC_LANG_SOURCE([[
1632#include <sys/types.h>
1633#include <stdio.h>
1634#include <stdarg.h>
1635
1636int x_snprintf(char *str,size_t count,const char *fmt,...)
1637{
1638 size_t ret; va_list ap;
1639 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1640 return ret;
1641}
1642int main(void)
1643{
1644 char x[1];
1645 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1646} ]])],
1647 [AC_MSG_RESULT(yes)],
1648 [
1649 AC_MSG_RESULT(no)
1650 AC_DEFINE(BROKEN_SNPRINTF, 1,
1651 [Define if your snprintf is busted])
1652 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1653 ],
1654 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1655 )
1656fi
1657
1658# On systems where [v]snprintf is broken, but is declared in stdio,
1659# check that the fmt argument is const char * or just char *.
1660# This is only useful for when BROKEN_SNPRINTF
1661AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1662AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1663 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1664 int main(void) { snprintf(0, 0, 0); }
1665 ]])],
1666 [AC_MSG_RESULT(yes)
1667 AC_DEFINE(SNPRINTF_CONST, [const],
1668 [Define as const if snprintf() can declare const char *fmt])],
1669 [AC_MSG_RESULT(no)
1670 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1671
7e82606e 1672# Check for missing getpeereid (or equiv) support
1673NO_PEERCHECK=""
fa0f0f45 1674if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
7e82606e 1675 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1676 AC_TRY_COMPILE(
1677 [#include <sys/types.h>
1678 #include <sys/socket.h>],
1679 [int i = SO_PEERCRED;],
8b32eddc 1680 [ AC_MSG_RESULT(yes)
08822d99 1681 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1682 ],
7e82606e 1683 [AC_MSG_RESULT(no)
1684 NO_PEERCHECK=1]
1685 )
1686fi
1687
bfe49944 1688dnl see whether mkstemp() requires XXXXXX
1689if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1690AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1691AC_RUN_IFELSE(
1692 [AC_LANG_SOURCE([[
bfe49944 1693#include <stdlib.h>
1694main() { char template[]="conftest.mkstemp-test";
1695if (mkstemp(template) == -1)
1696 exit(1);
1697unlink(template); exit(0);
1698}
08822d99 1699 ]])],
bfe49944 1700 [
1701 AC_MSG_RESULT(no)
1702 ],
540d72c3 1703 [
bfe49944 1704 AC_MSG_RESULT(yes)
08822d99 1705 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1706 ],
1707 [
1708 AC_MSG_RESULT(yes)
1709 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1710 ]
bfe49944 1711)
1712fi
1713
7cac2b65 1714dnl make sure that openpty does not reacquire controlling terminal
1715if test ! -z "$check_for_openpty_ctty_bug"; then
1716 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1717 AC_RUN_IFELSE(
1718 [AC_LANG_SOURCE([[
7cac2b65 1719#include <stdio.h>
1720#include <sys/fcntl.h>
1721#include <sys/types.h>
1722#include <sys/wait.h>
1723
1724int
1725main()
1726{
1727 pid_t pid;
1728 int fd, ptyfd, ttyfd, status;
1729
1730 pid = fork();
1731 if (pid < 0) { /* failed */
1732 exit(1);
1733 } else if (pid > 0) { /* parent */
1734 waitpid(pid, &status, 0);
540d72c3 1735 if (WIFEXITED(status))
7cac2b65 1736 exit(WEXITSTATUS(status));
1737 else
1738 exit(2);
1739 } else { /* child */
1740 close(0); close(1); close(2);
1741 setsid();
1742 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1743 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1744 if (fd >= 0)
1745 exit(3); /* Acquired ctty: broken */
1746 else
1747 exit(0); /* Did not acquire ctty: OK */
1748 }
1749}
08822d99 1750 ]])],
7cac2b65 1751 [
1752 AC_MSG_RESULT(yes)
1753 ],
1754 [
1755 AC_MSG_RESULT(no)
1756 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1757 ],
1758 [
1759 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1760 ]
1761 )
1762fi
1763
8b32eddc 1764if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1765 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1766 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1767 AC_RUN_IFELSE(
1768 [AC_LANG_SOURCE([[
12a403af 1769#include <stdio.h>
1770#include <sys/socket.h>
1771#include <netdb.h>
1772#include <errno.h>
1773#include <netinet/in.h>
1774
1775#define TEST_PORT "2222"
1776
1777int
1778main(void)
1779{
1780 int err, sock;
1781 struct addrinfo *gai_ai, *ai, hints;
1782 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1783
1784 memset(&hints, 0, sizeof(hints));
1785 hints.ai_family = PF_UNSPEC;
1786 hints.ai_socktype = SOCK_STREAM;
1787 hints.ai_flags = AI_PASSIVE;
1788
1789 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1790 if (err != 0) {
1791 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1792 exit(1);
1793 }
1794
1795 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1796 if (ai->ai_family != AF_INET6)
1797 continue;
1798
1799 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1800 sizeof(ntop), strport, sizeof(strport),
1801 NI_NUMERICHOST|NI_NUMERICSERV);
1802
1803 if (err != 0) {
1804 if (err == EAI_SYSTEM)
1805 perror("getnameinfo EAI_SYSTEM");
1806 else
1807 fprintf(stderr, "getnameinfo failed: %s\n",
1808 gai_strerror(err));
1809 exit(2);
1810 }
1811
1812 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1813 if (sock < 0)
1814 perror("socket");
1815 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1816 if (errno == EBADF)
1817 exit(3);
1818 }
1819 }
1820 exit(0);
1821}
08822d99 1822 ]])],
12a403af 1823 [
1824 AC_MSG_RESULT(yes)
1825 ],
1826 [
1827 AC_MSG_RESULT(no)
1828 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1829 ],
1830 [
1831 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1832 ]
1833 )
1834fi
1835
8b32eddc 1836if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1837 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1838 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1839 AC_RUN_IFELSE(
1840 [AC_LANG_SOURCE([[
dfddba3d 1841#include <stdio.h>
1842#include <sys/socket.h>
1843#include <netdb.h>
1844#include <errno.h>
1845#include <netinet/in.h>
1846
1847#define TEST_PORT "2222"
1848
1849int
1850main(void)
1851{
1852 int err, sock;
1853 struct addrinfo *gai_ai, *ai, hints;
1854 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1855
1856 memset(&hints, 0, sizeof(hints));
1857 hints.ai_family = PF_UNSPEC;
1858 hints.ai_socktype = SOCK_STREAM;
1859 hints.ai_flags = AI_PASSIVE;
1860
1861 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1862 if (err != 0) {
1863 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1864 exit(1);
1865 }
1866
1867 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1868 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1869 continue;
1870
1871 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1872 sizeof(ntop), strport, sizeof(strport),
1873 NI_NUMERICHOST|NI_NUMERICSERV);
1874
1875 if (ai->ai_family == AF_INET && err != 0) {
1876 perror("getnameinfo");
1877 exit(2);
1878 }
1879 }
1880 exit(0);
1881}
08822d99 1882 ]])],
dfddba3d 1883 [
1884 AC_MSG_RESULT(yes)
08822d99 1885 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1886 [Define if you have a getaddrinfo that fails
1887 for the all-zeros IPv6 address])
dfddba3d 1888 ],
1889 [
1890 AC_MSG_RESULT(no)
1891 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1892 ],
30460aeb 1893 [
08822d99 1894 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1895 ]
1896 )
1897fi
1898
1899if test "x$check_for_conflicting_getspnam" = "x1"; then
1900 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1901 AC_COMPILE_IFELSE(
1902 [
1903#include <shadow.h>
1904int main(void) {exit(0);}
1905 ],
1906 [
1907 AC_MSG_RESULT(no)
1908 ],
1909 [
1910 AC_MSG_RESULT(yes)
1911 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1912 [Conflicting defs for getspnam])
1913 ]
1914 )
1915fi
1916
3c0ef626 1917AC_FUNC_GETPGRP
1918
350391c5 1919# Search for OpenSSL
1920saved_CPPFLAGS="$CPPFLAGS"
1921saved_LDFLAGS="$LDFLAGS"
3c0ef626 1922AC_ARG_WITH(ssl-dir,
1923 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1924 [
1925 if test "x$withval" != "xno" ; then
dfddba3d 1926 case "$withval" in
1927 # Relative paths
1928 ./*|../*) withval="`pwd`/$withval"
1929 esac
350391c5 1930 if test -d "$withval/lib"; then
1931 if test -n "${need_dash_r}"; then
1932 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1933 else
1934 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1935 fi
1936 else
350391c5 1937 if test -n "${need_dash_r}"; then
1938 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1939 else
1940 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1941 fi
1942 fi
350391c5 1943 if test -d "$withval/include"; then
1944 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1945 else
350391c5 1946 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1947 fi
1948 fi
350391c5 1949 ]
1950)
cdaf3e9d 1951if test -z "$GSI_LDFLAGS" ; then
540d72c3 1952LIBS="-lcrypto $LIBS"
22798398 1953fi
08822d99 1954AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1955 [Define if your ssl headers are included
1956 with #include <openssl/header.h>]),
3c0ef626 1957 [
350391c5 1958 dnl Check default openssl install dir
1959 if test -n "${need_dash_r}"; then
1960 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1961 else
350391c5 1962 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1963 fi
350391c5 1964 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1965 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1966 [
1967 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1968 ]
1969 )
1970 ]
1971)
1972
d03f4262 1973# Determine OpenSSL header version
1974AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 1975AC_RUN_IFELSE(
1976 [AC_LANG_SOURCE([[
d03f4262 1977#include <stdio.h>
1978#include <string.h>
1979#include <openssl/opensslv.h>
1980#define DATA "conftest.sslincver"
1981int main(void) {
540d72c3 1982 FILE *fd;
1983 int rc;
d03f4262 1984
540d72c3 1985 fd = fopen(DATA,"w");
1986 if(fd == NULL)
1987 exit(1);
d03f4262 1988
1989 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1990 exit(1);
1991
1992 exit(0);
1993}
dfddba3d 1994 ]])],
d03f4262 1995 [
1996 ssl_header_ver=`cat conftest.sslincver`
1997 AC_MSG_RESULT($ssl_header_ver)
1998 ],
1999 [
2000 AC_MSG_RESULT(not found)
2001 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 2002 ],
2003 [
2004 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2005 ]
2006)
2007
2008# Determine OpenSSL library version
2009AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 2010AC_RUN_IFELSE(
2011 [AC_LANG_SOURCE([[
d03f4262 2012#include <stdio.h>
2013#include <string.h>
2014#include <openssl/opensslv.h>
2015#include <openssl/crypto.h>
2016#define DATA "conftest.ssllibver"
2017int main(void) {
540d72c3 2018 FILE *fd;
2019 int rc;
d03f4262 2020
540d72c3 2021 fd = fopen(DATA,"w");
2022 if(fd == NULL)
2023 exit(1);
d03f4262 2024
2025 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2026 exit(1);
2027
2028 exit(0);
2029}
dfddba3d 2030 ]])],
d03f4262 2031 [
2032 ssl_library_ver=`cat conftest.ssllibver`
2033 AC_MSG_RESULT($ssl_library_ver)
2034 ],
2035 [
2036 AC_MSG_RESULT(not found)
2037 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 2038 ],
2039 [
2040 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2041 ]
2042)
3c0ef626 2043
0b90ac93 2044AC_ARG_WITH(openssl-header-check,
2045 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2046 [ if test "x$withval" = "xno" ; then
2047 openssl_check_nonfatal=1
2048 fi
2049 ]
2050)
2051
e9702f7d 2052# Sanity check OpenSSL headers
2053AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 2054AC_RUN_IFELSE(
2055 [AC_LANG_SOURCE([[
e9702f7d 2056#include <string.h>
2057#include <openssl/opensslv.h>
d03f4262 2058int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 2059 ]])],
e9702f7d 2060 [
2061 AC_MSG_RESULT(yes)
2062 ],
2063 [
2064 AC_MSG_RESULT(no)
0b90ac93 2065 if test "x$openssl_check_nonfatal" = "x"; then
2066 AC_MSG_ERROR([Your OpenSSL headers do not match your
2067library. Check config.log for details.
2068If you are sure your installation is consistent, you can disable the check
2069by running "./configure --without-openssl-header-check".
2070Also see contrib/findssl.sh for help identifying header/library mismatches.
2071])
2072 else
2073 AC_MSG_WARN([Your OpenSSL headers do not match your
2074library. Check config.log for details.
7cac2b65 2075Also see contrib/findssl.sh for help identifying header/library mismatches.])
0b90ac93 2076 fi
dfddba3d 2077 ],
2078 [
2079 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 2080 ]
2081)
2082
30460aeb 2083AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2084AC_LINK_IFELSE(
2085 [AC_LANG_SOURCE([[
2086#include <openssl/evp.h>
2087int main(void) { SSLeay_add_all_algorithms(); }
2088 ]])],
2089 [
2090 AC_MSG_RESULT(yes)
2091 ],
2092 [
2093 AC_MSG_RESULT(no)
2094 saved_LIBS="$LIBS"
2095 LIBS="$LIBS -ldl"
2096 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2097 AC_LINK_IFELSE(
2098 [AC_LANG_SOURCE([[
2099#include <openssl/evp.h>
2100int main(void) { SSLeay_add_all_algorithms(); }
2101 ]])],
2102 [
2103 AC_MSG_RESULT(yes)
2104 ],
2105 [
2106 AC_MSG_RESULT(no)
2107 LIBS="$saved_LIBS"
2108 ]
2109 )
2110 ]
2111)
2112
2113AC_ARG_WITH(ssl-engine,
2114 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2115 [ if test "x$withval" != "xno" ; then
2116 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2117 AC_TRY_COMPILE(
2118 [ #include <openssl/engine.h>],
2119 [
240debe0 2120ENGINE_load_builtin_engines();ENGINE_register_all_complete();
30460aeb 2121 ],
2122 [ AC_MSG_RESULT(yes)
2123 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2124 [Enable OpenSSL engine support])
2125 ],
2126 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2127 )
2128 fi ]
2129)
2130
08822d99 2131# Check for OpenSSL without EVP_aes_{192,256}_cbc
2132AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
30460aeb 2133AC_LINK_IFELSE(
08822d99 2134 [AC_LANG_SOURCE([[
2135#include <string.h>
2136#include <openssl/evp.h>
4b6dae8f 2137int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
08822d99 2138 ]])],
2139 [
2140 AC_MSG_RESULT(no)
2141 ],
2142 [
2143 AC_MSG_RESULT(yes)
2144 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2145 [libcrypto is missing AES 192 and 256 bit functions])
2146 ]
2147)
2148
540d72c3 2149# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2150# because the system crypt() is more featureful.
2151if test "x$check_for_libcrypt_before" = "x1"; then
2152 AC_CHECK_LIB(crypt, crypt)
2153fi
2154
2155# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2156# version in OpenSSL.
7cac2b65 2157if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2158 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2159fi
2160
30460aeb 2161# Search for SHA256 support in libc and/or OpenSSL
2162AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2163
fa0f0f45 2164saved_LIBS="$LIBS"
2165AC_CHECK_LIB(iaf, ia_openinfo, [
2166 LIBS="$LIBS -liaf"
2167 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
2168])
2169LIBS="$saved_LIBS"
e9702f7d 2170
2171### Configure cryptographic random number support
2172
2173# Check wheter OpenSSL seeds itself
2174AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2175AC_RUN_IFELSE(
2176 [AC_LANG_SOURCE([[
e9702f7d 2177#include <string.h>
2178#include <openssl/rand.h>
d03f4262 2179int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2180 ]])],
e9702f7d 2181 [
2182 OPENSSL_SEEDS_ITSELF=yes
2183 AC_MSG_RESULT(yes)
2184 ],
2185 [
2186 AC_MSG_RESULT(no)
2187 # Default to use of the rand helper if OpenSSL doesn't
2188 # seed itself
2189 USE_RAND_HELPER=yes
dfddba3d 2190 ],
2191 [
2192 AC_MSG_WARN([cross compiling: assuming yes])
2193 # This is safe, since all recent OpenSSL versions will
8b32eddc 2194 # complain at runtime if not seeded correctly.
dfddba3d 2195 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2196 ]
2197)
2198
30460aeb 2199# Check for PAM libs
2200PAM_MSG="no"
2201AC_ARG_WITH(pam,
2202 [ --with-pam Enable PAM support ],
2203 [
2204 if test "x$withval" != "xno" ; then
2205 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2206 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2207 AC_MSG_ERROR([PAM headers not found])
2208 fi
2209
2210 saved_LIBS="$LIBS"
2211 AC_CHECK_LIB(dl, dlopen, , )
2212 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2213 AC_CHECK_FUNCS(pam_getenvlist)
2214 AC_CHECK_FUNCS(pam_putenv)
2215 LIBS="$saved_LIBS"
2216
2217 PAM_MSG="yes"
2218
fa0f0f45 2219 SSHDLIBS="$SSHDLIBS -lpam"
30460aeb 2220 AC_DEFINE(USE_PAM, 1,
2221 [Define if you want to enable PAM support])
2222
2223 if test $ac_cv_lib_dl_dlopen = yes; then
2224 case "$LIBS" in
2225 *-ldl*)
2226 # libdl already in LIBS
2227 ;;
2228 *)
fa0f0f45 2229 SSHDLIBS="$SSHDLIBS -ldl"
30460aeb 2230 ;;
2231 esac
2232 fi
30460aeb 2233 fi
2234 ]
2235)
2236
2237# Check for older PAM
2238if test "x$PAM_MSG" = "xyes" ; then
2239 # Check PAM strerror arguments (old PAM)
2240 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2241 AC_TRY_COMPILE(
2242 [
2243#include <stdlib.h>
2244#if defined(HAVE_SECURITY_PAM_APPL_H)
2245#include <security/pam_appl.h>
2246#elif defined (HAVE_PAM_PAM_APPL_H)
2247#include <pam/pam_appl.h>
2248#endif
2249 ],
2250 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2251 [AC_MSG_RESULT(no)],
2252 [
2253 AC_DEFINE(HAVE_OLD_PAM, 1,
2254 [Define if you have an old version of PAM
2255 which takes only one argument to pam_strerror])
2256 AC_MSG_RESULT(yes)
2257 PAM_MSG="yes (old library)"
2258 ]
2259 )
2260fi
e9702f7d 2261
2262# Do we want to force the use of the rand helper?
2263AC_ARG_WITH(rand-helper,
2264 [ --with-rand-helper Use subprocess to gather strong randomness ],
2265 [
2266 if test "x$withval" = "xno" ; then
540d72c3 2267 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2268 # the previous test showed it to be unseeded.
2269 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2270 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2271 OPENSSL_SEEDS_ITSELF=yes
2272 USE_RAND_HELPER=""
2273 fi
2274 else
2275 USE_RAND_HELPER=yes
2276 fi
2277 ],
8b32eddc 2278)
e9702f7d 2279
2280# Which randomness source do we use?
8b32eddc 2281if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2282 # OpenSSL only
08822d99 2283 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2284 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2285 RAND_MSG="OpenSSL internal ONLY"
2286 INSTALL_SSH_RAND_HELPER=""
2287elif test ! -z "$USE_RAND_HELPER" ; then
2288 # install rand helper
2289 RAND_MSG="ssh-rand-helper"
2290 INSTALL_SSH_RAND_HELPER="yes"
2291fi
2292AC_SUBST(INSTALL_SSH_RAND_HELPER)
2293
2294### Configuration of ssh-rand-helper
2295
2296# PRNGD TCP socket
2297AC_ARG_WITH(prngd-port,
2298 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2299 [
2300 case "$withval" in
2301 no)
2302 withval=""
2303 ;;
2304 [[0-9]]*)
2305 ;;
2306 *)
2307 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2308 ;;
2309 esac
2310 if test ! -z "$withval" ; then
2311 PRNGD_PORT="$withval"
08822d99 2312 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2313 [Port number of PRNGD/EGD random number socket])
e9702f7d 2314 fi
2315 ]
2316)
2317
2318# PRNGD Unix domain socket
2319AC_ARG_WITH(prngd-socket,
2320 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2321 [
2322 case "$withval" in
2323 yes)
2324 withval="/var/run/egd-pool"
2325 ;;
2326 no)
2327 withval=""
2328 ;;
2329 /*)
2330 ;;
2331 *)
2332 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2333 ;;
2334 esac
2335
2336 if test ! -z "$withval" ; then
2337 if test ! -z "$PRNGD_PORT" ; then
2338 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2339 fi
2340 if test ! -r "$withval" ; then
2341 AC_MSG_WARN(Entropy socket is not readable)
2342 fi
2343 PRNGD_SOCKET="$withval"
08822d99 2344 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2345 [Location of PRNGD/EGD random number socket])
e9702f7d 2346 fi
2347 ],
2348 [
2349 # Check for existing socket only if we don't have a random device already
2350 if test "$USE_RAND_HELPER" = yes ; then
2351 AC_MSG_CHECKING(for PRNGD/EGD socket)
2352 # Insert other locations here
2353 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2354 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2355 PRNGD_SOCKET="$sock"
2356 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2357 break;
2358 fi
2359 done
2360 if test ! -z "$PRNGD_SOCKET" ; then
2361 AC_MSG_RESULT($PRNGD_SOCKET)
2362 else
2363 AC_MSG_RESULT(not found)
2364 fi
2365 fi
2366 ]
2367)
2368
2369# Change default command timeout for hashing entropy source
2370entropy_timeout=200
2371AC_ARG_WITH(entropy-timeout,
2372 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2373 [
8b32eddc 2374 if test -n "$withval" && test "x$withval" != "xno" && \
2375 test "x${withval}" != "xyes"; then
e9702f7d 2376 entropy_timeout=$withval
2377 fi
8b32eddc 2378 ]
e9702f7d 2379)
08822d99 2380AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2381 [Builtin PRNG command timeout])
e9702f7d 2382
276b07a3 2383SSH_PRIVSEP_USER=sshd
350391c5 2384AC_ARG_WITH(privsep-user,
2385 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2386 [
8b32eddc 2387 if test -n "$withval" && test "x$withval" != "xno" && \
2388 test "x${withval}" != "xyes"; then
276b07a3 2389 SSH_PRIVSEP_USER=$withval
350391c5 2390 fi
8b32eddc 2391 ]
350391c5 2392)
08822d99 2393AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2394 [non-privileged user for privilege separation])
276b07a3 2395AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2396
2397# We do this little dance with the search path to insure
2398# that programs that we select for use by installed programs
2399# (which may be run by the super-user) come from trusted
2400# locations before they come from the user's private area.
2401# This should help avoid accidentally configuring some
2402# random version of a program in someone's personal bin.
2403
2404OPATH=$PATH
2405PATH=/bin:/usr/bin
2406test -h /bin 2> /dev/null && PATH=/usr/bin
2407test -d /sbin && PATH=$PATH:/sbin
2408test -d /usr/sbin && PATH=$PATH:/usr/sbin
2409PATH=$PATH:/etc:$OPATH
2410
540d72c3 2411# These programs are used by the command hashing source to gather entropy
e9702f7d 2412OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2413OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2414OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2415OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2416OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2417OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2418OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2419OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2420OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2421OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2422OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2423OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2424OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2425OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2426OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2427OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2428# restore PATH
2429PATH=$OPATH
e9702f7d 2430
2431# Where does ssh-rand-helper get its randomness from?
2432INSTALL_SSH_PRNG_CMDS=""
2433if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2434 if test ! -z "$PRNGD_PORT" ; then
2435 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2436 elif test ! -z "$PRNGD_SOCKET" ; then
2437 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2438 else
2439 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2440 RAND_HELPER_CMDHASH=yes
2441 INSTALL_SSH_PRNG_CMDS="yes"
2442 fi
2443fi
2444AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2445
2446
3c0ef626 2447# Cheap hack to ensure NEWS-OS libraries are arranged right.
2448if test ! -z "$SONY" ; then
2449 LIBS="$LIBS -liberty";
2450fi
2451
08822d99 2452# Check for long long datatypes
2453AC_CHECK_TYPES([long long, unsigned long long, long double])
2454
2455# Check datatype sizes
3c0ef626 2456AC_CHECK_SIZEOF(char, 1)
2457AC_CHECK_SIZEOF(short int, 2)
2458AC_CHECK_SIZEOF(int, 4)
2459AC_CHECK_SIZEOF(long int, 4)
2460AC_CHECK_SIZEOF(long long int, 8)
2461
350391c5 2462# Sanity check long long for some platforms (AIX)
2463if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2464 ac_cv_sizeof_long_long_int=0
2465fi
2466
08822d99 2467# compute LLONG_MIN and LLONG_MAX if we don't know them.
2468if test -z "$have_llong_max"; then
2469 AC_MSG_CHECKING([for max value of long long])
2470 AC_RUN_IFELSE(
2471 [AC_LANG_SOURCE([[
2472#include <stdio.h>
2473/* Why is this so damn hard? */
2474#ifdef __GNUC__
2475# undef __GNUC__
2476#endif
2477#define __USE_ISOC99
2478#include <limits.h>
2479#define DATA "conftest.llminmax"
30460aeb 2480#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2481
2482/*
2483 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2484 * we do this the hard way.
2485 */
2486static int
2487fprint_ll(FILE *f, long long n)
2488{
2489 unsigned int i;
2490 int l[sizeof(long long) * 8];
2491
2492 if (n < 0)
2493 if (fprintf(f, "-") < 0)
2494 return -1;
2495 for (i = 0; n != 0; i++) {
2496 l[i] = my_abs(n % 10);
2497 n /= 10;
2498 }
2499 do {
2500 if (fprintf(f, "%d", l[--i]) < 0)
2501 return -1;
2502 } while (i != 0);
2503 if (fprintf(f, " ") < 0)
2504 return -1;
2505 return 0;
2506}
2507
08822d99 2508int main(void) {
2509 FILE *f;
2510 long long i, llmin, llmax = 0;
2511
2512 if((f = fopen(DATA,"w")) == NULL)
2513 exit(1);
2514
2515#if defined(LLONG_MIN) && defined(LLONG_MAX)
2516 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2517 llmin = LLONG_MIN;
2518 llmax = LLONG_MAX;
2519#else
2520 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2521 /* This will work on one's complement and two's complement */
2522 for (i = 1; i > llmax; i <<= 1, i++)
2523 llmax = i;
2524 llmin = llmax + 1LL; /* wrap */
2525#endif
2526
2527 /* Sanity check */
2528 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
30460aeb 2529 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2530 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
08822d99 2531 fprintf(f, "unknown unknown\n");
2532 exit(2);
2533 }
2534
30460aeb 2535 if (fprint_ll(f, llmin) < 0)
08822d99 2536 exit(3);
30460aeb 2537 if (fprint_ll(f, llmax) < 0)
2538 exit(4);
2539 if (fclose(f) < 0)
2540 exit(5);
08822d99 2541 exit(0);
2542}
2543 ]])],
2544 [
2545 llong_min=`$AWK '{print $1}' conftest.llminmax`
2546 llong_max=`$AWK '{print $2}' conftest.llminmax`
2547
08822d99 2548 AC_MSG_RESULT($llong_max)
2549 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2550 [max value of long long calculated by configure])
2551 AC_MSG_CHECKING([for min value of long long])
2552 AC_MSG_RESULT($llong_min)
2553 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2554 [min value of long long calculated by configure])
2555 ],
2556 [
2557 AC_MSG_RESULT(not found)
2558 ],
2559 [
2560 AC_MSG_WARN([cross compiling: not checking])
2561 ]
2562 )
2563fi
2564
2565
3c0ef626 2566# More checks for data types
2567AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2568 AC_TRY_COMPILE(
540d72c3 2569 [ #include <sys/types.h> ],
2570 [ u_int a; a = 1;],
3c0ef626 2571 [ ac_cv_have_u_int="yes" ],
2572 [ ac_cv_have_u_int="no" ]
2573 )
2574])
2575if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2576 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2577 have_u_int=1
2578fi
2579
2580AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2581 AC_TRY_COMPILE(
540d72c3 2582 [ #include <sys/types.h> ],
2583 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2584 [ ac_cv_have_intxx_t="yes" ],
2585 [ ac_cv_have_intxx_t="no" ]
2586 )
2587])
2588if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2589 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2590 have_intxx_t=1
2591fi
2592
2593if (test -z "$have_intxx_t" && \
540d72c3 2594 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2595then
2596 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2597 AC_TRY_COMPILE(
540d72c3 2598 [ #include <stdint.h> ],
2599 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2600 [
2601 AC_DEFINE(HAVE_INTXX_T)
2602 AC_MSG_RESULT(yes)
2603 ],
2604 [ AC_MSG_RESULT(no) ]
2605 )
2606fi
2607
2608AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2609 AC_TRY_COMPILE(
d03f4262 2610 [
2611#include <sys/types.h>
2612#ifdef HAVE_STDINT_H
2613# include <stdint.h>
2614#endif
2615#include <sys/socket.h>
2616#ifdef HAVE_SYS_BITYPES_H
2617# include <sys/bitypes.h>
2618#endif
540d72c3 2619 ],
2620 [ int64_t a; a = 1;],
3c0ef626 2621 [ ac_cv_have_int64_t="yes" ],
2622 [ ac_cv_have_int64_t="no" ]
2623 )
2624])
2625if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2626 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2627fi
2628
3c0ef626 2629AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2630 AC_TRY_COMPILE(
540d72c3 2631 [ #include <sys/types.h> ],
2632 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2633 [ ac_cv_have_u_intxx_t="yes" ],
2634 [ ac_cv_have_u_intxx_t="no" ]
2635 )
2636])
2637if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2638 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2639 have_u_intxx_t=1
2640fi
2641
2642if test -z "$have_u_intxx_t" ; then
2643 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2644 AC_TRY_COMPILE(
540d72c3 2645 [ #include <sys/socket.h> ],
2646 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2647 [
2648 AC_DEFINE(HAVE_U_INTXX_T)
2649 AC_MSG_RESULT(yes)
2650 ],
2651 [ AC_MSG_RESULT(no) ]
2652 )
2653fi
2654
2655AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2656 AC_TRY_COMPILE(
540d72c3 2657 [ #include <sys/types.h> ],
2658 [ u_int64_t a; a = 1;],
3c0ef626 2659 [ ac_cv_have_u_int64_t="yes" ],
2660 [ ac_cv_have_u_int64_t="no" ]
2661 )
2662])
2663if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2664 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2665 have_u_int64_t=1
2666fi
2667
e9702f7d 2668if test -z "$have_u_int64_t" ; then
2669 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2670 AC_TRY_COMPILE(
540d72c3 2671 [ #include <sys/bitypes.h> ],
e9702f7d 2672 [ u_int64_t a; a = 1],
2673 [
2674 AC_DEFINE(HAVE_U_INT64_T)
2675 AC_MSG_RESULT(yes)
2676 ],
2677 [ AC_MSG_RESULT(no) ]
2678 )
2679fi
2680
3c0ef626 2681if test -z "$have_u_intxx_t" ; then
2682 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2683 AC_TRY_COMPILE(
2684 [
2685#include <sys/types.h>
540d72c3 2686 ],
2687 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2688 [ ac_cv_have_uintxx_t="yes" ],
2689 [ ac_cv_have_uintxx_t="no" ]
2690 )
2691 ])
2692 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2693 AC_DEFINE(HAVE_UINTXX_T, 1,
2694 [define if you have uintxx_t data type])
3c0ef626 2695 fi
2696fi
2697
2698if test -z "$have_uintxx_t" ; then
2699 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2700 AC_TRY_COMPILE(
540d72c3 2701 [ #include <stdint.h> ],
2702 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2703 [
2704 AC_DEFINE(HAVE_UINTXX_T)
2705 AC_MSG_RESULT(yes)
2706 ],
2707 [ AC_MSG_RESULT(no) ]
2708 )
2709fi
2710
2711if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2712 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2713then
2714 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2715 AC_TRY_COMPILE(
2716 [
2717#include <sys/bitypes.h>
540d72c3 2718 ],
3c0ef626 2719 [
2720 int8_t a; int16_t b; int32_t c;
2721 u_int8_t e; u_int16_t f; u_int32_t g;
2722 a = b = c = e = f = g = 1;
540d72c3 2723 ],
3c0ef626 2724 [
2725 AC_DEFINE(HAVE_U_INTXX_T)
2726 AC_DEFINE(HAVE_INTXX_T)
2727 AC_MSG_RESULT(yes)
2728 ],
2729 [AC_MSG_RESULT(no)]
540d72c3 2730 )
3c0ef626 2731fi
2732
2733
2734AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2735 AC_TRY_COMPILE(
2736 [
2737#include <sys/types.h>
2738 ],
2739 [ u_char foo; foo = 125; ],
2740 [ ac_cv_have_u_char="yes" ],
2741 [ ac_cv_have_u_char="no" ]
2742 )
2743])
2744if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2745 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2746fi
2747
2748TYPE_SOCKLEN_T
2749
e9702f7d 2750AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2751
dfddba3d 2752AC_CHECK_TYPES(in_addr_t,,,
2753[#include <sys/types.h>
2754#include <netinet/in.h>])
2755
3c0ef626 2756AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2757 AC_TRY_COMPILE(
2758 [
2759#include <sys/types.h>
2760 ],
2761 [ size_t foo; foo = 1235; ],
2762 [ ac_cv_have_size_t="yes" ],
2763 [ ac_cv_have_size_t="no" ]
2764 )
2765])
2766if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2767 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2768fi
2769
2770AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2771 AC_TRY_COMPILE(
2772 [
2773#include <sys/types.h>
2774 ],
2775 [ ssize_t foo; foo = 1235; ],
2776 [ ac_cv_have_ssize_t="yes" ],
2777 [ ac_cv_have_ssize_t="no" ]
2778 )
2779])
2780if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2781 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2782fi
2783
2784AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2785 AC_TRY_COMPILE(
2786 [
2787#include <time.h>
2788 ],
2789 [ clock_t foo; foo = 1235; ],
2790 [ ac_cv_have_clock_t="yes" ],
2791 [ ac_cv_have_clock_t="no" ]
2792 )
2793])
2794if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2795 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2796fi
2797
2798AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2799 AC_TRY_COMPILE(
2800 [
2801#include <sys/types.h>
2802#include <sys/socket.h>
2803 ],
2804 [ sa_family_t foo; foo = 1235; ],
2805 [ ac_cv_have_sa_family_t="yes" ],
2806 [ AC_TRY_COMPILE(
2807 [
2808#include <sys/types.h>
2809#include <sys/socket.h>
2810#include <netinet/in.h>
2811 ],
2812 [ sa_family_t foo; foo = 1235; ],
2813 [ ac_cv_have_sa_family_t="yes" ],
2814
2815 [ ac_cv_have_sa_family_t="no" ]
2816 )]
2817 )
2818])
2819if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2820 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2821 [define if you have sa_family_t data type])
3c0ef626 2822fi
2823
2824AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2825 AC_TRY_COMPILE(
2826 [
2827#include <sys/types.h>
2828 ],
2829 [ pid_t foo; foo = 1235; ],
2830 [ ac_cv_have_pid_t="yes" ],
2831 [ ac_cv_have_pid_t="no" ]
2832 )
2833])
2834if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2835 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2836fi
2837
2838AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2839 AC_TRY_COMPILE(
2840 [
2841#include <sys/types.h>
2842 ],
2843 [ mode_t foo; foo = 1235; ],
2844 [ ac_cv_have_mode_t="yes" ],
2845 [ ac_cv_have_mode_t="no" ]
2846 )
2847])
2848if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2849 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2850fi
2851
2852
2853AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2854 AC_TRY_COMPILE(
2855 [
2856#include <sys/types.h>
2857#include <sys/socket.h>
2858 ],
2859 [ struct sockaddr_storage s; ],
2860 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2861 [ ac_cv_have_struct_sockaddr_storage="no" ]
2862 )
2863])
2864if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2865 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2866 [define if you have struct sockaddr_storage data type])
3c0ef626 2867fi
2868
2869AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2870 AC_TRY_COMPILE(
2871 [
2872#include <sys/types.h>
2873#include <netinet/in.h>
2874 ],
2875 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2876 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2877 [ ac_cv_have_struct_sockaddr_in6="no" ]
2878 )
2879])
2880if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2881 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2882 [define if you have struct sockaddr_in6 data type])
3c0ef626 2883fi
2884
2885AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2886 AC_TRY_COMPILE(
2887 [
2888#include <sys/types.h>
2889#include <netinet/in.h>
2890 ],
2891 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2892 [ ac_cv_have_struct_in6_addr="yes" ],
2893 [ ac_cv_have_struct_in6_addr="no" ]
2894 )
2895])
2896if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2897 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2898 [define if you have struct in6_addr data type])
3c0ef626 2899fi
2900
2901AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2902 AC_TRY_COMPILE(
2903 [
2904#include <sys/types.h>
2905#include <sys/socket.h>
2906#include <netdb.h>
2907 ],
2908 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2909 [ ac_cv_have_struct_addrinfo="yes" ],
2910 [ ac_cv_have_struct_addrinfo="no" ]
2911 )
2912])
2913if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2914 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2915 [define if you have struct addrinfo data type])
3c0ef626 2916fi
2917
2918AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2919 AC_TRY_COMPILE(
540d72c3 2920 [ #include <sys/time.h> ],
2921 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2922 [ ac_cv_have_struct_timeval="yes" ],
2923 [ ac_cv_have_struct_timeval="no" ]
2924 )
2925])
2926if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2927 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2928 have_struct_timeval=1
2929fi
2930
bfe49944 2931AC_CHECK_TYPES(struct timespec)
2932
2933# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2934if test "x$ac_cv_have_int64_t" = "xno" && \
2935 test "x$ac_cv_sizeof_long_int" != "x8" && \
2936 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2937 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2938 echo "an alternative compiler (I.E., GCC) before continuing."
2939 echo ""
2940 exit 1;
3c0ef626 2941else
2942dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2943 AC_RUN_IFELSE(
2944 [AC_LANG_SOURCE([[
3c0ef626 2945#include <stdio.h>
2946#include <string.h>
2947#ifdef HAVE_SNPRINTF
2948main()
2949{
2950 char buf[50];
2951 char expected_out[50];
2952 int mazsize = 50 ;
2953#if (SIZEOF_LONG_INT == 8)
2954 long int num = 0x7fffffffffffffff;
2955#else
2956 long long num = 0x7fffffffffffffffll;
2957#endif
2958 strcpy(expected_out, "9223372036854775807");
2959 snprintf(buf, mazsize, "%lld", num);
2960 if(strcmp(buf, expected_out) != 0)
540d72c3 2961 exit(1);
3c0ef626 2962 exit(0);
2963}
2964#else
2965main() { exit(0); }
2966#endif
dfddba3d 2967 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2968 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2969 )
2970fi
3c0ef626 2971
2972dnl Checks for structure members
2973OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2974OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2975OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2976OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2977OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2978OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2979OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2980OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2981OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2982OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2983OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2984OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2985OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2986OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2987OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2988OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2989OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2990
2991AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 2992AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2993 [Define if we don't have struct __res_state in resolv.h])],
2994[
2995#include <stdio.h>
2996#if HAVE_SYS_TYPES_H
2997# include <sys/types.h>
2998#endif
2999#include <netinet/in.h>
3000#include <arpa/nameser.h>
3001#include <resolv.h>
3002])
3c0ef626 3003
3004AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
3005 ac_cv_have_ss_family_in_struct_ss, [
3006 AC_TRY_COMPILE(
3007 [
3008#include <sys/types.h>
3009#include <sys/socket.h>
3010 ],
3011 [ struct sockaddr_storage s; s.ss_family = 1; ],
3012 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
3013 [ ac_cv_have_ss_family_in_struct_ss="no" ],
3014 )
3015])
3016if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 3017 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 3018fi
3019
3020AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
3021 ac_cv_have___ss_family_in_struct_ss, [
3022 AC_TRY_COMPILE(
3023 [
3024#include <sys/types.h>
3025#include <sys/socket.h>
3026 ],
3027 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3028 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3029 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3030 )
3031])
3032if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 3033 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3034 [Fields in struct sockaddr_storage])
3c0ef626 3035fi
3036
3037AC_CACHE_CHECK([for pw_class field in struct passwd],
3038 ac_cv_have_pw_class_in_struct_passwd, [
3039 AC_TRY_COMPILE(
3040 [
3041#include <pwd.h>
3042 ],
3043 [ struct passwd p; p.pw_class = 0; ],
3044 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3045 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3046 )
3047])
3048if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 3049 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3050 [Define if your password has a pw_class field])
3c0ef626 3051fi
3052
3053AC_CACHE_CHECK([for pw_expire field in struct passwd],
3054 ac_cv_have_pw_expire_in_struct_passwd, [
3055 AC_TRY_COMPILE(
3056 [
3057#include <pwd.h>
3058 ],
3059 [ struct passwd p; p.pw_expire = 0; ],
3060 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3061 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3062 )
3063])
3064if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 3065 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3066 [Define if your password has a pw_expire field])
3c0ef626 3067fi
3068
3069AC_CACHE_CHECK([for pw_change field in struct passwd],
3070 ac_cv_have_pw_change_in_struct_passwd, [
3071 AC_TRY_COMPILE(
3072 [
3073#include <pwd.h>
3074 ],
3075 [ struct passwd p; p.pw_change = 0; ],
3076 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3077 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3078 )
3079])
3080if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 3081 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3082 [Define if your password has a pw_change field])
3c0ef626 3083fi
3084
541874c2 3085dnl make sure we're using the real structure members and not defines
350391c5 3086AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3087 ac_cv_have_accrights_in_msghdr, [
dfddba3d 3088 AC_COMPILE_IFELSE(
350391c5 3089 [
3090#include <sys/types.h>
3091#include <sys/socket.h>
3092#include <sys/uio.h>
541874c2 3093int main() {
3094#ifdef msg_accrights
dfddba3d 3095#error "msg_accrights is a macro"
541874c2 3096exit(1);
3097#endif
3098struct msghdr m;
3099m.msg_accrights = 0;
3100exit(0);
3101}
350391c5 3102 ],
350391c5 3103 [ ac_cv_have_accrights_in_msghdr="yes" ],
3104 [ ac_cv_have_accrights_in_msghdr="no" ]
3105 )
3106])
3107if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 3108 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3109 [Define if your system uses access rights style
3110 file descriptor passing])
350391c5 3111fi
3112
3113AC_CACHE_CHECK([for msg_control field in struct msghdr],
3114 ac_cv_have_control_in_msghdr, [
dfddba3d 3115 AC_COMPILE_IFELSE(
350391c5 3116 [
3117#include <sys/types.h>
3118#include <sys/socket.h>
3119#include <sys/uio.h>
541874c2 3120int main() {
3121#ifdef msg_control
dfddba3d 3122#error "msg_control is a macro"
541874c2 3123exit(1);
3124#endif
3125struct msghdr m;
3126m.msg_control = 0;
3127exit(0);
3128}
350391c5 3129 ],
350391c5 3130 [ ac_cv_have_control_in_msghdr="yes" ],
3131 [ ac_cv_have_control_in_msghdr="no" ]
3132 )
3133])
3134if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 3135 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3136 [Define if your system uses ancillary data style
3137 file descriptor passing])
350391c5 3138fi
3139
3c0ef626 3140AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 3141 AC_TRY_LINK([],
3142 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3143 [ ac_cv_libc_defines___progname="yes" ],
3144 [ ac_cv_libc_defines___progname="no" ]
3145 )
3146])
3147if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 3148 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3149fi
3150
350391c5 3151AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3152 AC_TRY_LINK([
3153#include <stdio.h>
540d72c3 3154],
3155 [ printf("%s", __FUNCTION__); ],
350391c5 3156 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3157 [ ac_cv_cc_implements___FUNCTION__="no" ]
3158 )
3159])
3160if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 3161 AC_DEFINE(HAVE___FUNCTION__, 1,
3162 [Define if compiler implements __FUNCTION__])
350391c5 3163fi
3164
3165AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3166 AC_TRY_LINK([
3167#include <stdio.h>
540d72c3 3168],
3169 [ printf("%s", __func__); ],
350391c5 3170 [ ac_cv_cc_implements___func__="yes" ],
3171 [ ac_cv_cc_implements___func__="no" ]
3172 )
3173])
3174if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 3175 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3176fi
3177
3178AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3179 AC_TRY_LINK(
3180 [#include <stdarg.h>
3181 va_list x,y;],
3182 [va_copy(x,y);],
3183 [ ac_cv_have_va_copy="yes" ],
3184 [ ac_cv_have_va_copy="no" ]
3185 )
3186])
3187if test "x$ac_cv_have_va_copy" = "xyes" ; then
3188 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3189fi
3190
3191AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3192 AC_TRY_LINK(
3193 [#include <stdarg.h>
3194 va_list x,y;],
3195 [__va_copy(x,y);],
3196 [ ac_cv_have___va_copy="yes" ],
3197 [ ac_cv_have___va_copy="no" ]
3198 )
3199])
3200if test "x$ac_cv_have___va_copy" = "xyes" ; then
3201 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 3202fi
3203
3c0ef626 3204AC_CACHE_CHECK([whether getopt has optreset support],
3205 ac_cv_have_getopt_optreset, [
3206 AC_TRY_LINK(
3207 [
3208#include <getopt.h>
3209 ],
3210 [ extern int optreset; optreset = 0; ],
3211 [ ac_cv_have_getopt_optreset="yes" ],
3212 [ ac_cv_have_getopt_optreset="no" ]
3213 )
3214])
3215if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 3216 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3217 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3218fi
3219
3220AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 3221 AC_TRY_LINK([],
3222 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3223 [ ac_cv_libc_defines_sys_errlist="yes" ],
3224 [ ac_cv_libc_defines_sys_errlist="no" ]
3225 )
3226])
3227if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 3228 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3229 [Define if your system defines sys_errlist[]])
3c0ef626 3230fi
3231
3232
3233AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3234 AC_TRY_LINK([],
3235 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3236 [ ac_cv_libc_defines_sys_nerr="yes" ],
3237 [ ac_cv_libc_defines_sys_nerr="no" ]
3238 )
3239])
3240if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3241 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3242fi
3243
540d72c3 3244SCARD_MSG="no"
350391c5 3245# Check whether user wants sectok support
3246AC_ARG_WITH(sectok,
3247 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3248 [
3249 if test "x$withval" != "xno" ; then
3250 if test "x$withval" != "xyes" ; then
3251 CPPFLAGS="$CPPFLAGS -I${withval}"
3252 LDFLAGS="$LDFLAGS -L${withval}"
3253 if test ! -z "$need_dash_r" ; then
3254 LDFLAGS="$LDFLAGS -R${withval}"
3255 fi
3256 if test ! -z "$blibpath" ; then
3257 blibpath="$blibpath:${withval}"
3258 fi
3259 fi
3260 AC_CHECK_HEADERS(sectok.h)
3261 if test "$ac_cv_header_sectok_h" != yes; then
3262 AC_MSG_ERROR(Can't find sectok.h)
3263 fi
3264 AC_CHECK_LIB(sectok, sectok_open)
3265 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3266 AC_MSG_ERROR(Can't find libsectok)
3267 fi
08822d99 3268 AC_DEFINE(SMARTCARD, 1,
3269 [Define if you want smartcard support])
3270 AC_DEFINE(USE_SECTOK, 1,
3271 [Define if you want smartcard support
3272 using sectok])
540d72c3 3273 SCARD_MSG="yes, using sectok"
3c0ef626 3274 fi
3275 ]
3276)
3277
350391c5 3278# Check whether user wants OpenSC support
8b32eddc 3279OPENSC_CONFIG="no"
350391c5 3280AC_ARG_WITH(opensc,
08822d99 3281 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3282 [
3283 if test "x$withval" != "xno" ; then
3284 if test "x$withval" != "xyes" ; then
3285 OPENSC_CONFIG=$withval/bin/opensc-config
3286 else
3287 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3288 fi
3289 if test "$OPENSC_CONFIG" != "no"; then
3290 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3291 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3292 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
30460aeb 3293 LIBS="$LIBS $LIBOPENSC_LIBS"
8b32eddc 3294 AC_DEFINE(SMARTCARD)
08822d99 3295 AC_DEFINE(USE_OPENSC, 1,
3296 [Define if you want smartcard support
3297 using OpenSC])
8b32eddc 3298 SCARD_MSG="yes, using OpenSC"
3299 fi
3300 fi
3301 ]
3302)
350391c5 3303
540d72c3 3304# Check libraries needed by DNS fingerprint support
3305AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3306 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3307 [Define if getrrsetbyname() exists])],
7cac2b65 3308 [
540d72c3 3309 # Needed by our getrrsetbyname()
3310 AC_SEARCH_LIBS(res_query, resolv)
3311 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3312 AC_MSG_CHECKING(if res_query will link)
3313 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3314 [AC_MSG_RESULT(no)
3315 saved_LIBS="$LIBS"
3316 LIBS="$LIBS -lresolv"
3317 AC_MSG_CHECKING(for res_query in -lresolv)
3318 AC_LINK_IFELSE([
3319#include <resolv.h>
3320int main()
3321{
3322 res_query (0, 0, 0, 0, 0);
3323 return 0;
3324}
3325 ],
3326 [LIBS="$LIBS -lresolv"
3327 AC_MSG_RESULT(yes)],
3328 [LIBS="$saved_LIBS"
3329 AC_MSG_RESULT(no)])
3330 ])
540d72c3 3331 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3332 AC_CHECK_DECLS([_getshort, _getlong], , ,
3333 [#include <sys/types.h>
3334 #include <arpa/nameser.h>])
540d72c3 3335 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3336 [AC_DEFINE(HAVE_HEADER_AD, 1,
3337 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3338 [#include <arpa/nameser.h>])
3339 ])
7cac2b65 3340
fa0f0f45 3341AC_MSG_CHECKING(if struct __res_state _res is an extern)
3342AC_LINK_IFELSE([
3343#include <stdio.h>
3344#if HAVE_SYS_TYPES_H
3345# include <sys/types.h>
3346#endif
3347#include <netinet/in.h>
3348#include <arpa/nameser.h>
3349#include <resolv.h>
3350extern struct __res_state _res;
3351int main() { return 0; }
3352 ],
3353 [AC_MSG_RESULT(yes)
3354 AC_DEFINE(HAVE__RES_EXTERN, 1,
3355 [Define if you have struct __res_state _res as an extern])
3356 ],
3357 [ AC_MSG_RESULT(no) ]
3358)
3359
30460aeb 3360# Check whether user wants SELinux support
3361SELINUX_MSG="no"
3362LIBSELINUX=""
3363AC_ARG_WITH(selinux,
3364 [ --with-selinux Enable SELinux support],
3365 [ if test "x$withval" != "xno" ; then
fa0f0f45 3366 save_LIBS="$LIBS"
30460aeb 3367 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3368 SELINUX_MSG="yes"
3369 AC_CHECK_HEADER([selinux/selinux.h], ,
3370 AC_MSG_ERROR(SELinux support requires selinux.h header))
3371 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3372 AC_MSG_ERROR(SELinux support requires libselinux library))
fa0f0f45 3373 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
30460aeb 3374 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
240debe0 3375 LIBS="$save_LIBS"
30460aeb 3376 fi ]
3377)
30460aeb 3378
63119dd9 3379# Check whether user wants Kerberos 5 support
540d72c3 3380KRB5_MSG="no"
63119dd9 3381AC_ARG_WITH(kerberos5,
540d72c3 3382 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3383 [ if test "x$withval" != "xno" ; then
3384 if test "x$withval" = "xyes" ; then
3385 KRB5ROOT="/usr/local"
3386 else
3387 KRB5ROOT=${withval}
3388 fi
3389
08822d99 3390 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3391 KRB5_MSG="yes"
3392
3393 AC_MSG_CHECKING(for krb5-config)
3394 if test -x $KRB5ROOT/bin/krb5-config ; then
3395 KRB5CONF=$KRB5ROOT/bin/krb5-config
3396 AC_MSG_RESULT($KRB5CONF)
3397
3398 AC_MSG_CHECKING(for gssapi support)
3399 if $KRB5CONF | grep gssapi >/dev/null ; then
3400 AC_MSG_RESULT(yes)
08822d99 3401 AC_DEFINE(GSSAPI, 1,
3402 [Define this if you want GSSAPI
3403 support in the version 2 protocol])
540d72c3 3404 k5confopts=gssapi
3405 else
3406 AC_MSG_RESULT(no)
3407 k5confopts=""
3408 fi
3409 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3410 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3411 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3412 AC_MSG_CHECKING(whether we are using Heimdal)
3413 AC_TRY_COMPILE([ #include <krb5.h> ],
3414 [ char *tmp = heimdal_version; ],
3415 [ AC_MSG_RESULT(yes)
08822d99 3416 AC_DEFINE(HEIMDAL, 1,
3417 [Define this if you are using the
3418 Heimdal version of Kerberos V5]) ],
540d72c3 3419 AC_MSG_RESULT(no)
3420 )
3421 else
3422 AC_MSG_RESULT(no)
63119dd9 3423 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3424 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3425 AC_MSG_CHECKING(whether we are using Heimdal)
3426 AC_TRY_COMPILE([ #include <krb5.h> ],
3427 [ char *tmp = heimdal_version; ],
3428 [ AC_MSG_RESULT(yes)
3429 AC_DEFINE(HEIMDAL)
7e82606e 3430 K5LIBS="-lkrb5 -ldes"
3431 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3432 AC_CHECK_LIB(roken, net_write,
7e82606e 3433 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3434 ],
3435 [ AC_MSG_RESULT(no)
3436 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3437 ]
3438 )
7cac2b65 3439 AC_SEARCH_LIBS(dn_expand, resolv)
3440
3441 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3442 [ AC_DEFINE(GSSAPI)
3443 K5LIBS="-lgssapi $K5LIBS" ],
3444 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3445 [ AC_DEFINE(GSSAPI)
540d72c3 3446 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3447 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3448 $K5LIBS)
3449 ],
3450 $K5LIBS)
8b32eddc 3451
7cac2b65 3452 AC_CHECK_HEADER(gssapi.h, ,
3453 [ unset ac_cv_header_gssapi_h
540d72c3 3454 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3455 AC_CHECK_HEADERS(gssapi.h, ,
3456 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3457 )
7cac2b65 3458 ]
3459 )
3460
3461 oldCPP="$CPPFLAGS"
3462 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3463 AC_CHECK_HEADER(gssapi_krb5.h, ,
3464 [ CPPFLAGS="$oldCPP" ])
63119dd9 3465
1c89237d 3466 # If we're using some other GSSAPI
3467 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3468 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3469 fi
5598e598 3470
540d72c3 3471 if test -z "$GSSAPI"; then
3472 GSSAPI="KRB5";
3473 fi
1c89237d 3474
5598e598 3475 oldCPP="$CPPFLAGS"
3476 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3477 AC_CHECK_HEADER(gssapi_krb5.h, ,
3478 [ CPPFLAGS="$oldCPP" ])
3479
63119dd9 3480 fi
540d72c3 3481 if test ! -z "$need_dash_r" ; then
3482 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3483 fi
3484 if test ! -z "$blibpath" ; then
3485 blibpath="$blibpath:${KRB5ROOT}/lib"
3486 fi
540d72c3 3487
08822d99 3488 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3489 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3490 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3491
08822d99 3492 LIBS="$LIBS $K5LIBS"
3493 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3494 [Define this if you want to use libkafs' AFS support]))
3495 fi
540d72c3 3496 ]
63119dd9 3497)
3c0ef626 3498
62eb343a 3499# Check whether user wants AFS_KRB5 support
3500AFS_KRB5_MSG="no"
3501AC_ARG_WITH(afs-krb5,
3502 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3503 [
3504 if test "x$withval" != "xno" ; then
3505
3506 if test "x$withval" != "xyes" ; then
08822d99 3507 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3508 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3509 else
08822d99 3510 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3511 "/usr/bin/aklog",
3512 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3513 fi
3514
540d72c3 3515 if test -z "$KRB5ROOT" ; then
62eb343a 3516 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3517 fi
3518
0a00e8f9 3519 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3520 if test ! -z "$AFS_LIBS" ; then
3521 LIBS="$LIBS $AFS_LIBS"
3522 fi
08822d99 3523 AC_DEFINE(AFS_KRB5, 1,
3524 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3525 AFS_KRB5_MSG="yes"
3526 fi
3527 ]
3528)
3c0ef626 3529
75be3237 3530AC_ARG_WITH(session-hooks,
3531 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3532 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3533)
3534
3c0ef626 3535# Looking for programs, paths and files
3c0ef626 3536
350391c5 3537PRIVSEP_PATH=/var/empty
3538AC_ARG_WITH(privsep-path,
d03f4262 3539 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3540 [
8b32eddc 3541 if test -n "$withval" && test "x$withval" != "xno" && \
3542 test "x${withval}" != "xyes"; then
350391c5 3543 PRIVSEP_PATH=$withval
3544 fi
3545 ]
3546)
3547AC_SUBST(PRIVSEP_PATH)
3548
3c0ef626 3549AC_ARG_WITH(xauth,
3550 [ --with-xauth=PATH Specify path to xauth program ],
3551 [
8b32eddc 3552 if test -n "$withval" && test "x$withval" != "xno" && \
3553 test "x${withval}" != "xyes"; then
3c0ef626 3554 xauth_path=$withval
3555 fi
3556 ],
3557 [
d03f4262 3558 TestPath="$PATH"
3559 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3560 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3561 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3562 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3563 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3564 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3565 xauth_path="/usr/openwin/bin/xauth"
3566 fi
3567 ]
3568)
3569
bfe49944 3570STRIP_OPT=-s
3571AC_ARG_ENABLE(strip,
3572 [ --disable-strip Disable calling strip(1) on install],
3573 [
3574 if test "x$enableval" = "xno" ; then
3575 STRIP_OPT=
3576 fi
3577 ]
3578)
3579AC_SUBST(STRIP_OPT)
3580
3c0ef626 3581if test -z "$xauth_path" ; then
3582 XAUTH_PATH="undefined"
3583 AC_SUBST(XAUTH_PATH)
3584else
08822d99 3585 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3586 [Define if xauth is found in your path])
3c0ef626 3587 XAUTH_PATH=$xauth_path
3588 AC_SUBST(XAUTH_PATH)
3589fi
3c0ef626 3590
96764173 3591AC_CHECK_DECL(_PATH_BSHELL, ,
3592 AC_DEFINE_UNQUOTED(_PATH_BSHELL, "/bin/sh",
9c941fe4 3593 [Define to your C shell if not defined in paths.h]),
96764173 3594 [ #include <paths.h> ]
3595)
3596
3597AC_CHECK_DECL(_PATH_CSHELL, ,
3598 AC_DEFINE_UNQUOTED(_PATH_CSHELL, "/bin/csh",
9c941fe4 3599 [Define to your Bourne shell if not defined in paths.h]),
96764173 3600 [ #include <paths.h> ]
3601)
3602
3603AC_CHECK_DECL(_PATH_SHELLS, ,
16d6cee3 3604 AC_DEFINE_UNQUOTED(_PATH_SHELLS, "/etc/shells",
9c941fe4 3605 [Define to your shells file if not defined in paths.h]),
96764173 3606 [ #include <paths.h> ]
3607)
3608
3609# if _PATH_MAILDIR is in paths.h then we won't go hunting for it.
3610AC_CHECK_DECL(_PATH_MAILDIR,
3611 AC_DEFINE(PATH_MAILDIR_IN_PATHS_H, 1,
3612 [Define if _PATH_MAILDIR is in paths.h]),
3613 ,
3614 [ #include <paths.h> ]
3615)
3616
3c0ef626 3617# Check for mail directory (last resort if we cannot get it from headers)
3618if test ! -z "$MAIL" ; then
3619 maildir=`dirname $MAIL`
08822d99 3620 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3621 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3622fi
3623
dfddba3d 3624if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3625 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3626 disable_ptmx_check=yes
3627fi
3c0ef626 3628if test -z "$no_dev_ptmx" ; then
350391c5 3629 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3630 AC_CHECK_FILE("/dev/ptmx",
350391c5 3631 [
08822d99 3632 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3633 [Define if you have /dev/ptmx])
350391c5 3634 have_dev_ptmx=1
3635 ]
3636 )
3637 fi
3c0ef626 3638fi
dfddba3d 3639
3640if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3641 AC_CHECK_FILE("/dev/ptc",
3642 [
08822d99 3643 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3644 [Define if you have /dev/ptc])
dfddba3d 3645 have_dev_ptc=1
3646 ]
3647 )
3648else
3649 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3650fi
3c0ef626 3651
3652# Options from here on. Some of these are preset by platform above
3c0ef626 3653AC_ARG_WITH(mantype,
3654 [ --with-mantype=man|cat|doc Set man page type],
3655 [
3656 case "$withval" in
3657 man|cat|doc)
3658 MANTYPE=$withval
3659 ;;
3660 *)
3661 AC_MSG_ERROR(invalid man type: $withval)
3662 ;;
3663 esac
3664 ]
3665)
3666if test -z "$MANTYPE"; then
d03f4262 3667 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3668 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3669 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3670 MANTYPE=doc
3671 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3672 MANTYPE=man
3673 else
3674 MANTYPE=cat
3675 fi
3676fi
3677AC_SUBST(MANTYPE)
3678if test "$MANTYPE" = "doc"; then
3679 mansubdir=man;
3680else
3681 mansubdir=$MANTYPE;
3682fi
3683AC_SUBST(mansubdir)
3684
3685# Check whether to enable MD5 passwords
540d72c3 3686MD5_MSG="no"
3c0ef626 3687AC_ARG_WITH(md5-passwords,
3688 [ --with-md5-passwords Enable use of MD5 passwords],
3689 [
3690 if test "x$withval" != "xno" ; then
08822d99 3691 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3692 [Define if you want to allow MD5 passwords])
540d72c3 3693 MD5_MSG="yes"
3c0ef626 3694 fi
3695 ]
3696)
3697
3698# Whether to disable shadow password support
3699AC_ARG_WITH(shadow,
3700 [ --without-shadow Disable shadow password support],
3701 [
8b32eddc 3702 if test "x$withval" = "xno" ; then
3c0ef626 3703 AC_DEFINE(DISABLE_SHADOW)
3704 disable_shadow=yes
3705 fi
3706 ]
3707)
3708
3709if test -z "$disable_shadow" ; then
3710 AC_MSG_CHECKING([if the systems has expire shadow information])
3711 AC_TRY_COMPILE(
3712 [
3713#include <sys/types.h>
3714#include <shadow.h>
3715 struct spwd sp;
3716 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3717 [ sp_expire_available=yes ], []
3718 )
3719
3720 if test "x$sp_expire_available" = "xyes" ; then
3721 AC_MSG_RESULT(yes)
08822d99 3722 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3723 [Define if you want to use shadow password expire field])
3c0ef626 3724 else
3725 AC_MSG_RESULT(no)
3726 fi
3727fi
3728
3729# Use ip address instead of hostname in $DISPLAY
3730if test ! -z "$IPADDR_IN_DISPLAY" ; then
3731 DISPLAY_HACK_MSG="yes"
08822d99 3732 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3733 [Define if you need to use IP address
3734 instead of hostname in $DISPLAY])
3c0ef626 3735else
540d72c3 3736 DISPLAY_HACK_MSG="no"
3c0ef626 3737 AC_ARG_WITH(ipaddr-display,
3738 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3739 [
8b32eddc 3740 if test "x$withval" != "xno" ; then
3c0ef626 3741 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3742 DISPLAY_HACK_MSG="yes"
3c0ef626 3743 fi
3744 ]
3745 )
3746fi
3747
7cac2b65 3748# check for /etc/default/login and use it if present.
29d88157 3749AC_ARG_ENABLE(etc-default-login,
dfddba3d 3750 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3751 [ if test "x$enableval" = "xno"; then
3752 AC_MSG_NOTICE([/etc/default/login handling disabled])
3753 etc_default_login=no
3754 else
3755 etc_default_login=yes
3756 fi ],
08822d99 3757 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3758 then
3759 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3760 etc_default_login=no
3761 else
3762 etc_default_login=yes
3763 fi ]
dfddba3d 3764)
3765
3766if test "x$etc_default_login" != "xno"; then
3767 AC_CHECK_FILE("/etc/default/login",
3768 [ external_path_file=/etc/default/login ])
08822d99 3769 if test "x$external_path_file" = "x/etc/default/login"; then
3770 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3771 [Define if your system has /etc/default/login])
dfddba3d 3772 fi
7cac2b65 3773fi
3774
350391c5 3775dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3776if test $ac_cv_func_login_getcapbool = "yes" && \
3777 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3778 external_path_file=/etc/login.conf
350391c5 3779fi
7cac2b65 3780
3c0ef626 3781# Whether to mess with the default path
540d72c3 3782SERVER_PATH_MSG="(default)"
3c0ef626 3783AC_ARG_WITH(default-path,
350391c5 3784 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3785 [
7cac2b65 3786 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3787 AC_MSG_WARN([
3788--with-default-path=PATH has no effect on this system.
3789Edit /etc/login.conf instead.])
8b32eddc 3790 elif test "x$withval" != "xno" ; then
7cac2b65 3791 if test ! -z "$external_path_file" ; then
3792 AC_MSG_WARN([
3793--with-default-path=PATH will only be used if PATH is not defined in
3794$external_path_file .])
3795 fi
3c0ef626 3796 user_path="$withval"
540d72c3 3797 SERVER_PATH_MSG="$withval"
3c0ef626 3798 fi
3799 ],
7cac2b65 3800 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3801 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3802 else
7cac2b65 3803 if test ! -z "$external_path_file" ; then
3804 AC_MSG_WARN([
3805If PATH is defined in $external_path_file, ensure the path to scp is included,
3806otherwise scp will not work.])
3807 fi
08822d99 3808 AC_RUN_IFELSE(
3809 [AC_LANG_SOURCE([[
3c0ef626 3810/* find out what STDPATH is */
3811#include <stdio.h>
3812#ifdef HAVE_PATHS_H
3813# include <paths.h>
3814#endif
3815#ifndef _PATH_STDPATH
bfe49944 3816# ifdef _PATH_USERPATH /* Irix */
3817# define _PATH_STDPATH _PATH_USERPATH
3818# else
3819# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3820# endif
3c0ef626 3821#endif
3822#include <sys/types.h>
3823#include <sys/stat.h>
3824#include <fcntl.h>
3825#define DATA "conftest.stdpath"
3826
3827main()
3828{
3829 FILE *fd;
3830 int rc;
8b32eddc 3831
3c0ef626 3832 fd = fopen(DATA,"w");
3833 if(fd == NULL)
3834 exit(1);
8b32eddc 3835
3c0ef626 3836 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3837 exit(1);
3838
3839 exit(0);
3840}
08822d99 3841 ]])],
3842 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3843 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3844 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3845 )
3846# make sure $bindir is in USER_PATH so scp will work
3847 t_bindir=`eval echo ${bindir}`
3848 case $t_bindir in
3849 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3850 esac
3851 case $t_bindir in
3852 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3853 esac
3854 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3855 if test $? -ne 0 ; then
3856 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3857 if test $? -ne 0 ; then
3858 user_path=$user_path:$t_bindir
3859 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3860 fi
3861 fi
350391c5 3862 fi ]
3863)
7cac2b65 3864if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3865 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3866 AC_SUBST(user_path)
3867fi
3868
3869# Set superuser path separately to user path
350391c5 3870AC_ARG_WITH(superuser-path,
3871 [ --with-superuser-path= Specify different path for super-user],
3872 [
8b32eddc 3873 if test -n "$withval" && test "x$withval" != "xno" && \
3874 test "x${withval}" != "xyes"; then
08822d99 3875 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3876 [Define if you want a different $PATH
3877 for the superuser])
350391c5 3878 superuser_path=$withval
3879 fi
3c0ef626 3880 ]
3881)
350391c5 3882
3c0ef626 3883
3c0ef626 3884AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3885IPV4_IN6_HACK_MSG="no"
3c0ef626 3886AC_ARG_WITH(4in6,
3887 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3888 [
3889 if test "x$withval" != "xno" ; then
3890 AC_MSG_RESULT(yes)
08822d99 3891 AC_DEFINE(IPV4_IN_IPV6, 1,
3892 [Detect IPv4 in IPv6 mapped addresses
3893 and treat as IPv4])
540d72c3 3894 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3895 else
3896 AC_MSG_RESULT(no)
3897 fi
3898 ],[
3899 if test "x$inet6_default_4in6" = "xyes"; then
3900 AC_MSG_RESULT([yes (default)])
3901 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3902 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3903 else
3904 AC_MSG_RESULT([no (default)])
3905 fi
3906 ]
3907)
3908
3909# Whether to enable BSD auth support
e9702f7d 3910BSD_AUTH_MSG=no
3c0ef626 3911AC_ARG_WITH(bsd-auth,
3912 [ --with-bsd-auth Enable BSD auth support],
3913 [
8b32eddc 3914 if test "x$withval" != "xno" ; then
08822d99 3915 AC_DEFINE(BSD_AUTH, 1,
3916 [Define if you have BSD auth support])
e9702f7d 3917 BSD_AUTH_MSG=yes
3c0ef626 3918 fi
3919 ]
3920)
3921
3c0ef626 3922# Where to place sshd.pid
3923piddir=/var/run
350391c5 3924# make sure the directory exists
8b32eddc 3925if test ! -d $piddir ; then
350391c5 3926 piddir=`eval echo ${sysconfdir}`
3927 case $piddir in
540d72c3 3928 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3929 esac
3930fi
3931
3c0ef626 3932AC_ARG_WITH(pid-dir,
3933 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3934 [
8b32eddc 3935 if test -n "$withval" && test "x$withval" != "xno" && \
3936 test "x${withval}" != "xyes"; then
3c0ef626 3937 piddir=$withval
8b32eddc 3938 if test ! -d $piddir ; then
350391c5 3939 AC_MSG_WARN([** no $piddir directory on this system **])
3940 fi
3c0ef626 3941 fi
3942 ]
3943)
3944
08822d99 3945AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3946AC_SUBST(piddir)
3947
3948dnl allow user to disable some login recording features
3949AC_ARG_ENABLE(lastlog,
3950 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3951 [
3952 if test "x$enableval" = "xno" ; then
3953 AC_DEFINE(DISABLE_LASTLOG)
3954 fi
3955 ]
3c0ef626 3956)
3957AC_ARG_ENABLE(utmp,
3958 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 3959 [
3960 if test "x$enableval" = "xno" ; then
3961 AC_DEFINE(DISABLE_UTMP)
3962 fi
3963 ]
3c0ef626 3964)
3965AC_ARG_ENABLE(utmpx,
3966 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 3967 [
3968 if test "x$enableval" = "xno" ; then
08822d99 3969 AC_DEFINE(DISABLE_UTMPX, 1,
3970 [Define if you don't want to use utmpx])
7cac2b65 3971 fi
3972 ]
3c0ef626 3973)
3974AC_ARG_ENABLE(wtmp,
3975 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 3976 [
3977 if test "x$enableval" = "xno" ; then
3978 AC_DEFINE(DISABLE_WTMP)
3979 fi
3980 ]
3c0ef626 3981)
3982AC_ARG_ENABLE(wtmpx,
3983 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 3984 [
3985 if test "x$enableval" = "xno" ; then
08822d99 3986 AC_DEFINE(DISABLE_WTMPX, 1,
3987 [Define if you don't want to use wtmpx])
7cac2b65 3988 fi
3989 ]
3c0ef626 3990)
3991AC_ARG_ENABLE(libutil,
3992 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 3993 [
3994 if test "x$enableval" = "xno" ; then
3995 AC_DEFINE(DISABLE_LOGIN)
3996 fi
3997 ]
3c0ef626 3998)
3999AC_ARG_ENABLE(pututline,
4000 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 4001 [
4002 if test "x$enableval" = "xno" ; then
08822d99 4003 AC_DEFINE(DISABLE_PUTUTLINE, 1,
4004 [Define if you don't want to use pututline()
4005 etc. to write [uw]tmp])
7cac2b65 4006 fi
4007 ]
3c0ef626 4008)
4009AC_ARG_ENABLE(pututxline,
4010 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 4011 [
4012 if test "x$enableval" = "xno" ; then
08822d99 4013 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
4014 [Define if you don't want to use pututxline()
4015 etc. to write [uw]tmpx])
7cac2b65 4016 fi
4017 ]
3c0ef626 4018)
4019AC_ARG_WITH(lastlog,
4020 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
4021 [
8b32eddc 4022 if test "x$withval" = "xno" ; then
3c0ef626 4023 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 4024 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 4025 conf_lastlog_location=$withval
4026 fi
4027 ]
4028)
4029
4030dnl lastlog, [uw]tmpx? detection
4031dnl NOTE: set the paths in the platform section to avoid the
4032dnl need for command-line parameters
4033dnl lastlog and [uw]tmp are subject to a file search if all else fails
4034
4035dnl lastlog detection
4036dnl NOTE: the code itself will detect if lastlog is a directory
4037AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
4038AC_TRY_COMPILE([
4039#include <sys/types.h>
4040#include <utmp.h>
4041#ifdef HAVE_LASTLOG_H
4042# include <lastlog.h>
4043#endif
4044#ifdef HAVE_PATHS_H
4045# include <paths.h>
4046#endif
4047#ifdef HAVE_LOGIN_H
4048# include <login.h>
4049#endif
4050 ],
4051 [ char *lastlog = LASTLOG_FILE; ],
4052 [ AC_MSG_RESULT(yes) ],
4053 [
4054 AC_MSG_RESULT(no)
4055 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4056 AC_TRY_COMPILE([
4057#include <sys/types.h>
4058#include <utmp.h>
4059#ifdef HAVE_LASTLOG_H
4060# include <lastlog.h>
4061#endif
4062#ifdef HAVE_PATHS_H
4063# include <paths.h>
4064#endif
4065 ],
4066 [ char *lastlog = _PATH_LASTLOG; ],
4067 [ AC_MSG_RESULT(yes) ],
4068 [
4069 AC_MSG_RESULT(no)
4070 system_lastlog_path=no
4071 ])
4072 ]
4073)
4074
4075if test -z "$conf_lastlog_location"; then
4076 if test x"$system_lastlog_path" = x"no" ; then
4077 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4078 if (test -d "$f" || test -f "$f") ; then
4079 conf_lastlog_location=$f
4080 fi
4081 done
4082 if test -z "$conf_lastlog_location"; then
4083 AC_MSG_WARN([** Cannot find lastlog **])
4084 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4085 fi
4086 fi
4087fi
4088
4089if test -n "$conf_lastlog_location"; then
08822d99 4090 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4091 [Define if you want to specify the path to your lastlog file])
8b32eddc 4092fi
3c0ef626 4093
4094dnl utmp detection
4095AC_MSG_CHECKING([if your system defines UTMP_FILE])
4096AC_TRY_COMPILE([
4097#include <sys/types.h>
4098#include <utmp.h>
4099#ifdef HAVE_PATHS_H
4100# include <paths.h>
4101#endif
4102 ],
4103 [ char *utmp = UTMP_FILE; ],
4104 [ AC_MSG_RESULT(yes) ],
4105 [ AC_MSG_RESULT(no)
4106 system_utmp_path=no ]
4107)
4108if test -z "$conf_utmp_location"; then
4109 if test x"$system_utmp_path" = x"no" ; then
4110 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4111 if test -f $f ; then
4112 conf_utmp_location=$f
4113 fi
4114 done
4115 if test -z "$conf_utmp_location"; then
4116 AC_DEFINE(DISABLE_UTMP)
4117 fi
4118 fi
4119fi
4120if test -n "$conf_utmp_location"; then
08822d99 4121 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4122 [Define if you want to specify the path to your utmp file])
8b32eddc 4123fi
3c0ef626 4124
4125dnl wtmp detection
4126AC_MSG_CHECKING([if your system defines WTMP_FILE])
4127AC_TRY_COMPILE([
4128#include <sys/types.h>
4129#include <utmp.h>
4130#ifdef HAVE_PATHS_H
4131# include <paths.h>
4132#endif
4133 ],
4134 [ char *wtmp = WTMP_FILE; ],
4135 [ AC_MSG_RESULT(yes) ],
4136 [ AC_MSG_RESULT(no)
4137 system_wtmp_path=no ]
4138)
4139if test -z "$conf_wtmp_location"; then
4140 if test x"$system_wtmp_path" = x"no" ; then
4141 for f in /usr/adm/wtmp /var/log/wtmp; do
4142 if test -f $f ; then
4143 conf_wtmp_location=$f
4144 fi
4145 done
4146 if test -z "$conf_wtmp_location"; then
4147 AC_DEFINE(DISABLE_WTMP)
4148 fi
4149 fi
4150fi
4151if test -n "$conf_wtmp_location"; then
08822d99 4152 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4153 [Define if you want to specify the path to your wtmp file])
8b32eddc 4154fi
3c0ef626 4155
4156
4157dnl utmpx detection - I don't know any system so perverse as to require
4158dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4159dnl there, though.
4160AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4161AC_TRY_COMPILE([
4162#include <sys/types.h>
4163#include <utmp.h>
4164#ifdef HAVE_UTMPX_H
4165#include <utmpx.h>
4166#endif
4167#ifdef HAVE_PATHS_H
4168# include <paths.h>
4169#endif
4170 ],
4171 [ char *utmpx = UTMPX_FILE; ],
4172 [ AC_MSG_RESULT(yes) ],
4173 [ AC_MSG_RESULT(no)
4174 system_utmpx_path=no ]
4175)
4176if test -z "$conf_utmpx_location"; then
4177 if test x"$system_utmpx_path" = x"no" ; then
4178 AC_DEFINE(DISABLE_UTMPX)
4179 fi
4180else
08822d99 4181 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4182 [Define if you want to specify the path to your utmpx file])
8b32eddc 4183fi
3c0ef626 4184
4185dnl wtmpx detection
4186AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4187AC_TRY_COMPILE([
4188#include <sys/types.h>
4189#include <utmp.h>
4190#ifdef HAVE_UTMPX_H
4191#include <utmpx.h>
4192#endif
4193#ifdef HAVE_PATHS_H
4194# include <paths.h>
4195#endif
4196 ],
4197 [ char *wtmpx = WTMPX_FILE; ],
4198 [ AC_MSG_RESULT(yes) ],
4199 [ AC_MSG_RESULT(no)
4200 system_wtmpx_path=no ]
4201)
4202if test -z "$conf_wtmpx_location"; then
4203 if test x"$system_wtmpx_path" = x"no" ; then
4204 AC_DEFINE(DISABLE_WTMPX)
4205 fi
4206else
08822d99 4207 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4208 [Define if you want to specify the path to your wtmpx file])
8b32eddc 4209fi
3c0ef626 4210
4211
3c0ef626 4212if test ! -z "$blibpath" ; then
256cb466 4213 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4214 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4215fi
4216
2ce0bfe4 4217dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4218dnl Add now.
4219CFLAGS="$CFLAGS $werror_flags"
4220
e9702f7d 4221AC_EXEEXT
30460aeb 4222AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4223 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
dfddba3d 4224 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4225AC_OUTPUT
4226
4227# Print summary of options
4228
3c0ef626 4229# Someone please show me a better way :)
4230A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4231B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4232C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4233D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4234E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4235F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4236G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 4237H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4238I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4239J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4240
4241echo ""
4242echo "OpenSSH has been configured with the following options:"
350391c5 4243echo " User binaries: $B"
4244echo " System binaries: $C"
4245echo " Configuration files: $D"
4246echo " Askpass program: $E"
4247echo " Manual pages: $F"
4248echo " PID file: $G"
4249echo " Privilege separation chroot path: $H"
7cac2b65 4250if test "x$external_path_file" = "x/etc/login.conf" ; then
4251echo " At runtime, sshd will use the path defined in $external_path_file"
4252echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 4253else
4254echo " sshd default user PATH: $I"
7cac2b65 4255 if test ! -z "$external_path_file"; then
4256echo " (If PATH is set in $external_path_file it will be used instead. If"
4257echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4258 fi
350391c5 4259fi
4260if test ! -z "$superuser_path" ; then
4261echo " sshd superuser user PATH: $J"
4262fi
4263echo " Manpage format: $MANTYPE"
7cac2b65 4264echo " PAM support: $PAM_MSG"
30460aeb 4265echo " OSF SIA support: $SIA_MSG"
350391c5 4266echo " KerberosV support: $KRB5_MSG"
30460aeb 4267echo " SELinux support: $SELINUX_MSG"
350391c5 4268echo " Smartcard support: $SCARD_MSG"
350391c5 4269echo " S/KEY support: $SKEY_MSG"
4270echo " TCP Wrappers support: $TCPW_MSG"
4271echo " MD5 password support: $MD5_MSG"
dfddba3d 4272echo " libedit support: $LIBEDIT_MSG"
30460aeb 4273echo " Solaris process contract support: $SPC_MSG"
350391c5 4274echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 4275echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4276echo " BSD Auth support: $BSD_AUTH_MSG"
4277echo " Random number source: $RAND_MSG"
e9702f7d 4278if test ! -z "$USE_RAND_HELPER" ; then
350391c5 4279echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4280fi
4281
4282echo ""
4283
4284echo " Host: ${host}"
4285echo " Compiler: ${CC}"
4286echo " Compiler flags: ${CFLAGS}"
4287echo "Preprocessor flags: ${CPPFLAGS}"
4288echo " Linker flags: ${LDFLAGS}"
fa0f0f45 4289echo " Libraries: ${LIBS}"
4290if test ! -z "${SSHDLIBS}"; then
4291echo " +for sshd: ${SSHDLIBS}"
4292fi
3c0ef626 4293
4294echo ""
4295
7e82606e 4296if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4297 echo "SVR4 style packages are supported with \"make package\""
4298 echo ""
7e82606e 4299fi
4300
3c0ef626 4301if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4302 echo "PAM is enabled. You may need to install a PAM control file "
4303 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4304 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4305 echo "subdirectory"
3c0ef626 4306 echo ""
4307fi
4308
e9702f7d 4309if test ! -z "$RAND_HELPER_CMDHASH" ; then
4310 echo "WARNING: you are using the builtin random number collection "
4311 echo "service. Please read WARNING.RNG and request that your OS "
4312 echo "vendor includes kernel-based random number collection in "
4313 echo "future versions of your OS."
3c0ef626 4314 echo ""
4315fi
4316
7e82606e 4317if test ! -z "$NO_PEERCHECK" ; then
fa0f0f45 4318 echo "WARNING: the operating system that you are using does not"
4319 echo "appear to support getpeereid(), getpeerucred() or the"
4320 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4321 echo "enforce security checks to prevent unauthorised connections to"
4322 echo "ssh-agent. Their absence increases the risk that a malicious"
4323 echo "user can connect to your agent."
7e82606e 4324 echo ""
4325fi
4326
dfddba3d 4327if test "$AUDIT_MODULE" = "bsm" ; then
4328 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4329 echo "See the Solaris section in README.platform for details."
4330fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.872194 seconds and 5 git commands to generate.