]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
fix for AIX build problems from
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
2a304a95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
34fee935 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
e00da40d 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
70791e56 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
e00da40d 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
1b56ff3d 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
1c14df9e 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
2980ea68 43AC_PATH_PROG(SH, sh)
1b56ff3d 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
e00da40d 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
e00da40d 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
416fd2a8 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
e00da40d 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
416fd2a8 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
34fee935 88
3c0ef626 89AC_C_INLINE
34fee935 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
416fd2a8 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
fec930e5 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith"
e00da40d 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
34fee935 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
e00da40d 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
34fee935 103 esac
104
105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
116fi
117
416fd2a8 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
34fee935 121 if test "x$withval" = "xno" ; then
416fd2a8 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
2e437378 130# Allow user to specify flags
131AC_ARG_WITH(cflags,
132 [ --with-cflags Specify additional flags to pass to compiler],
133 [
134 if test -n "$withval" && test "x$withval" != "xno" && \
135 test "x${withval}" != "xyes"; then
136 CFLAGS="$CFLAGS $withval"
137 fi
138 ]
139)
140AC_ARG_WITH(cppflags,
141 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
142 [
143 if test -n "$withval" && test "x$withval" != "xno" && \
144 test "x${withval}" != "xyes"; then
145 CPPFLAGS="$CPPFLAGS $withval"
146 fi
147 ]
148)
149AC_ARG_WITH(ldflags,
150 [ --with-ldflags Specify additional flags to pass to linker],
151 [
152 if test -n "$withval" && test "x$withval" != "xno" && \
153 test "x${withval}" != "xyes"; then
154 LDFLAGS="$LDFLAGS $withval"
155 fi
156 ]
157)
158AC_ARG_WITH(libs,
159 [ --with-libs Specify additional libraries to link with],
160 [
161 if test -n "$withval" && test "x$withval" != "xno" && \
162 test "x${withval}" != "xyes"; then
163 LIBS="$LIBS $withval"
164 fi
165 ]
166)
167AC_ARG_WITH(Werror,
168 [ --with-Werror Build main code with -Werror],
169 [
170 if test -n "$withval" && test "x$withval" != "xno"; then
171 werror_flags="-Werror"
172 if test "x${withval}" != "xyes"; then
173 werror_flags="$withval"
174 fi
175 fi
176 ]
177)
178
179AC_CHECK_HEADERS( \
180 bstring.h \
181 crypt.h \
182 crypto/sha2.h \
183 dirent.h \
184 endian.h \
185 features.h \
186 fcntl.h \
187 floatingpoint.h \
188 getopt.h \
189 glob.h \
190 ia.h \
191 iaf.h \
192 limits.h \
193 login.h \
194 maillock.h \
195 ndir.h \
196 net/if_tun.h \
197 netdb.h \
198 netgroup.h \
199 pam/pam_appl.h \
200 paths.h \
201 pty.h \
202 readpassphrase.h \
203 rpc/types.h \
204 security/pam_appl.h \
205 sha2.h \
206 shadow.h \
207 stddef.h \
208 stdint.h \
209 string.h \
210 strings.h \
211 sys/audit.h \
212 sys/bitypes.h \
213 sys/bsdtty.h \
214 sys/cdefs.h \
215 sys/dir.h \
216 sys/mman.h \
217 sys/ndir.h \
218 sys/prctl.h \
219 sys/pstat.h \
220 sys/select.h \
221 sys/stat.h \
222 sys/stream.h \
223 sys/stropts.h \
224 sys/strtio.h \
225 sys/sysmacros.h \
226 sys/time.h \
227 sys/timers.h \
228 sys/un.h \
229 time.h \
230 tmpdir.h \
231 ttyent.h \
232 unistd.h \
233 usersec.h \
234 util.h \
235 utime.h \
236 utmp.h \
237 utmpx.h \
238 vis.h \
239)
240
241# lastlog.h requires sys/time.h to be included first on Solaris
242AC_CHECK_HEADERS(lastlog.h, [], [], [
243#ifdef HAVE_SYS_TIME_H
244# include <sys/time.h>
245#endif
246])
247
248# sys/ptms.h requires sys/stream.h to be included first on Solaris
249AC_CHECK_HEADERS(sys/ptms.h, [], [], [
250#ifdef HAVE_SYS_STREAM_H
251# include <sys/stream.h>
252#endif
253])
254
255# login_cap.h requires sys/types.h on NetBSD
256AC_CHECK_HEADERS(login_cap.h, [], [], [
257#include <sys/types.h>
258])
259
260# Messages for features tested for in target-specific section
261SIA_MSG="no"
262SPC_MSG="no"
263
3c0ef626 264# Check for some target-specific stuff
265case "$host" in
266*-*-aix*)
2e437378 267 # Some versions of VAC won't allow macro redefinitions at
268 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
269 # particularly with older versions of vac or xlc.
270 # It also throws errors about null macro argments, but these are
271 # not fatal.
272 AC_MSG_CHECKING(if compiler allows macro redefinitions)
273 AC_COMPILE_IFELSE(
274 [AC_LANG_SOURCE([[
275#define testmacro foo
276#define testmacro bar
277int main(void) { exit(0); }
278 ]])],
279 [ AC_MSG_RESULT(yes) ],
280 [ AC_MSG_RESULT(no)
281 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
282 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
283 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
284 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
285 ]
286 )
287
416fd2a8 288 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
8bb69cbe 289 if (test -z "$blibpath"); then
416fd2a8 290 blibpath="/usr/lib:/lib"
3c0ef626 291 fi
8bb69cbe 292 saved_LDFLAGS="$LDFLAGS"
2e437378 293 if test "$GCC" = "yes"; then
294 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
295 else
296 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
297 fi
298 for tryflags in $flags ;do
8bb69cbe 299 if (test -z "$blibflags"); then
300 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
301 AC_TRY_LINK([], [], [blibflags=$tryflags])
302 fi
303 done
304 if (test -z "$blibflags"); then
305 AC_MSG_RESULT(not found)
306 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
307 else
308 AC_MSG_RESULT($blibflags)
309 fi
310 LDFLAGS="$saved_LDFLAGS"
70791e56 311 dnl Check for authenticate. Might be in libs.a on older AIXes
e00da40d 312 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
313 [Define if you want to enable AIX4's authenticate function])],
e54b3d7c 314 [AC_CHECK_LIB(s,authenticate,
315 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
316 LIBS="$LIBS -ls"
317 ])
318 ])
34fee935 319 dnl Check for various auth function declarations in headers.
320 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
321 passwdexpired, setauthdb], , , [#include <usersec.h>])
70791e56 322 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
34fee935 323 AC_CHECK_DECLS(loginfailed,
70791e56 324 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
325 AC_TRY_COMPILE(
326 [#include <usersec.h>],
327 [(void)loginfailed("user","host","tty",0);],
328 [AC_MSG_RESULT(yes)
e00da40d 329 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
330 [Define if your AIX loginfailed() function
331 takes 4 arguments (AIX >= 5.2)])],
70791e56 332 [AC_MSG_RESULT(no)]
333 )],
334 [],
335 [#include <usersec.h>]
336 )
337 AC_CHECK_FUNCS(setauthdb)
2e437378 338 AC_CHECK_DECL(F_CLOSEM,
339 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
340 [],
341 [ #include <limits.h>
342 #include <fcntl.h> ]
343 )
34fee935 344 check_for_aix_broken_getaddrinfo=1
e00da40d 345 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
346 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
347 [Define if your platform breaks doing a seteuid before a setuid])
348 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
349 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 350 dnl AIX handles lastlog as part of its login message
e00da40d 351 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
352 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
353 [Some systems need a utmpx entry for /bin/login to work])
354 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
355 [Define to a Set Process Title type if your system is
356 supported by bsd-setproctitle.c])
357 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
358 [AIX 5.2 and 5.3 (and presumably newer) require this])
2e437378 359 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 360 ;;
361*-*-cygwin*)
1c14df9e 362 check_for_libcrypt_later=1
e9a17296 363 LIBS="$LIBS /usr/lib/textmode.o"
e00da40d 364 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
365 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
366 AC_DEFINE(DISABLE_SHADOW, 1,
367 [Define if you want to disable shadow passwords])
368 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
369 [Define if your system choked on IP TOS setting])
370 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
371 [Define if X11 doesn't support AF_UNIX sockets on that system])
372 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
373 [Define if the concept of ports only accessible to
374 superusers isn't known])
375 AC_DEFINE(DISABLE_FD_PASSING, 1,
376 [Define if your platform needs to skip post auth
377 file descriptor passing])
3c0ef626 378 ;;
379*-*-dgux*)
380 AC_DEFINE(IP_TOS_IS_BROKEN)
416fd2a8 381 AC_DEFINE(SETEUID_BREAKS_SETUID)
382 AC_DEFINE(BROKEN_SETREUID)
383 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 384 ;;
385*-*-darwin*)
e00da40d 386 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
70791e56 387 AC_DEFINE(SETEUID_BREAKS_SETUID)
388 AC_DEFINE(BROKEN_SETREUID)
389 AC_DEFINE(BROKEN_SETREGID)
e00da40d 390 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
391 [Define if your resolver libs need this for getrrsetbyname])
2e437378 392 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
393 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
394 [Use tunnel device compatibility to OpenBSD])
395 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
396 [Prepend the address family to IP tunnel traffic])
397 AC_MSG_CHECKING(if we have the Security Authorization Session API)
398 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
399 [SessionCreate(0, 0);],
400 [ac_cv_use_security_session_api="yes"
401 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
e00da40d 402 [platform has the Security Authorization Session API])
2e437378 403 LIBS="$LIBS -framework Security"
404 AC_MSG_RESULT(yes)],
405 [ac_cv_use_security_session_api="no"
406 AC_MSG_RESULT(no)])
407 AC_MSG_CHECKING(if we have an in-memory credentials cache)
408 AC_TRY_COMPILE(
409 [#include <Kerberos/Kerberos.h>],
410 [cc_context_t c;
411 (void) cc_initialize (&c, 0, NULL, NULL);],
412 [AC_DEFINE(USE_CCAPI, 1,
e00da40d 413 [platform uses an in-memory credentials cache])
2e437378 414 LIBS="$LIBS -framework Security"
415 AC_MSG_RESULT(yes)
416 if test "x$ac_cv_use_security_session_api" = "xno"; then
417 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
418 fi],
419 [AC_MSG_RESULT(no)]
420 )
421 ;;
422*-*-dragonfly*)
423 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 424 ;;
34fee935 425*-*-hpux*)
426 # first we define all of the options common to all HP-UX releases
3c0ef626 427 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
428 IPADDR_IN_DISPLAY=yes
3c0ef626 429 AC_DEFINE(USE_PIPES)
e00da40d 430 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
431 [Define if your login program cannot handle end of options ("--")])
2980ea68 432 AC_DEFINE(LOGIN_NEEDS_UTMPX)
e00da40d 433 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
434 [String used in /etc/passwd to denote locked account])
70791e56 435 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
e00da40d 436 MAIL="/var/mail/username"
e54b3d7c 437 LIBS="$LIBS -lsec"
34fee935 438 AC_CHECK_LIB(xnet, t_error, ,
439 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
440
441 # next, we define all of the options specific to major releases
442 case "$host" in
443 *-*-hpux10*)
444 if test -z "$GCC"; then
445 CFLAGS="$CFLAGS -Ae"
446 fi
447 ;;
448 *-*-hpux11*)
e00da40d 449 AC_DEFINE(PAM_SUN_CODEBASE, 1,
450 [Define if you are using Solaris-derived PAM which
451 passes pam_messages to the conversation function
452 with an extra level of indirection])
453 AC_DEFINE(DISABLE_UTMP, 1,
454 [Define if you don't want to use utmp])
34fee935 455 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
456 check_for_hpux_broken_getaddrinfo=1
457 check_for_conflicting_getspnam=1
458 ;;
459 esac
460
461 # lastly, we define options specific to minor releases
462 case "$host" in
463 *-*-hpux10.26)
e00da40d 464 AC_DEFINE(HAVE_SECUREWARE, 1,
465 [Define if you have SecureWare-based
466 protected password database])
34fee935 467 disable_ptmx_check=yes
468 LIBS="$LIBS -lsecpw"
469 ;;
470 esac
3c0ef626 471 ;;
472*-*-irix5*)
3c0ef626 473 PATH="$PATH:/usr/etc"
e00da40d 474 AC_DEFINE(BROKEN_INET_NTOA, 1,
475 [Define if you system's inet_ntoa is busted
476 (e.g. Irix gcc issue)])
416fd2a8 477 AC_DEFINE(SETEUID_BREAKS_SETUID)
478 AC_DEFINE(BROKEN_SETREUID)
479 AC_DEFINE(BROKEN_SETREGID)
e00da40d 480 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
481 [Define if you shouldn't strip 'tty' from your
482 ttyname in [uw]tmp])
70791e56 483 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 484 ;;
485*-*-irix6*)
3c0ef626 486 PATH="$PATH:/usr/etc"
e00da40d 487 AC_DEFINE(WITH_IRIX_ARRAY, 1,
488 [Define if you have/want arrays
489 (cluster-wide session managment, not C arrays)])
490 AC_DEFINE(WITH_IRIX_PROJECT, 1,
491 [Define if you want IRIX project management])
492 AC_DEFINE(WITH_IRIX_AUDIT, 1,
493 [Define if you want IRIX audit trails])
494 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
495 [Define if you want IRIX kernel jobs])])
3c0ef626 496 AC_DEFINE(BROKEN_INET_NTOA)
70791e56 497 AC_DEFINE(SETEUID_BREAKS_SETUID)
498 AC_DEFINE(BROKEN_SETREUID)
499 AC_DEFINE(BROKEN_SETREGID)
e00da40d 500 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
2980ea68 501 AC_DEFINE(WITH_ABBREV_NO_TTY)
70791e56 502 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 503 ;;
504*-*-linux*)
505 no_dev_ptmx=1
506 check_for_libcrypt_later=1
70791e56 507 check_for_openpty_ctty_bug=1
e00da40d 508 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
509 AC_DEFINE(PAM_TTY_KLUDGE, 1,
510 [Work around problematic Linux PAM modules handling of PAM_TTY])
511 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
512 [String used in /etc/passwd to denote locked account])
70791e56 513 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
e00da40d 514 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
515 [Define to whatever link() returns for "not supported"
516 if it doesn't return EOPNOTSUPP.])
34fee935 517 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
e00da40d 518 AC_DEFINE(USE_BTMP)
3c0ef626 519 inet6_default_4in6=yes
70791e56 520 case `uname -r` in
521 1.*|2.0.*)
e00da40d 522 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
523 [Define if cmsg_type is not passed correctly])
70791e56 524 ;;
525 esac
e00da40d 526 # tun(4) forwarding compat code
527 AC_CHECK_HEADERS(linux/if_tun.h)
528 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
529 AC_DEFINE(SSH_TUN_LINUX, 1,
530 [Open tunnel devices the Linux tun/tap way])
531 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
532 [Use tunnel device compatibility to OpenBSD])
533 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
534 [Prepend the address family to IP tunnel traffic])
535 fi
3c0ef626 536 ;;
537mips-sony-bsd|mips-sony-newsos4)
e00da40d 538 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 539 SONY=1
3c0ef626 540 ;;
541*-*-netbsd*)
e54b3d7c 542 check_for_libcrypt_before=1
34fee935 543 if test "x$withval" != "xno" ; then
416fd2a8 544 need_dash_r=1
545 fi
e00da40d 546 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
547 AC_CHECK_HEADER([net/if_tap.h], ,
548 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
549 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
550 [Prepend the address family to IP tunnel traffic])
3c0ef626 551 ;;
552*-*-freebsd*)
553 check_for_libcrypt_later=1
e00da40d 554 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
555 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
556 AC_CHECK_HEADER([net/if_tap.h], ,
557 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 558 ;;
70791e56 559*-*-bsdi*)
560 AC_DEFINE(SETEUID_BREAKS_SETUID)
561 AC_DEFINE(BROKEN_SETREUID)
562 AC_DEFINE(BROKEN_SETREGID)
563 ;;
3c0ef626 564*-next-*)
565 conf_lastlog_location="/usr/adm/lastlog"
566 conf_utmp_location=/etc/utmp
567 conf_wtmp_location=/usr/adm/wtmp
568 MAIL=/usr/spool/mail
e00da40d 569 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 570 AC_DEFINE(BROKEN_REALPATH)
571 AC_DEFINE(USE_PIPES)
e00da40d 572 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 573 ;;
34fee935 574*-*-openbsd*)
575 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
e00da40d 576 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
577 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
2e437378 578 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
579 [syslog_r function is safe to use in in a signal handler])
34fee935 580 ;;
3c0ef626 581*-*-solaris*)
34fee935 582 if test "x$withval" != "xno" ; then
2a304a95 583 need_dash_r=1
584 fi
3c0ef626 585 AC_DEFINE(PAM_SUN_CODEBASE)
586 AC_DEFINE(LOGIN_NEEDS_UTMPX)
e00da40d 587 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
588 [Some versions of /bin/login need the TERM supplied
589 on the commandline])
3c0ef626 590 AC_DEFINE(PAM_TTY_KLUDGE)
e00da40d 591 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
592 [Define if pam_chauthtok wants real uid set
593 to the unpriv'ed user])
70791e56 594 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
595 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
e00da40d 596 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
597 [Define if sshd somehow reacquires a controlling TTY
598 after setsid()])
2e437378 599 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
600 in case the name is longer than 8 chars])
70791e56 601 external_path_file=/etc/default/login
3c0ef626 602 # hardwire lastlog location (can't detect it on some versions)
603 conf_lastlog_location="/var/adm/lastlog"
604 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
605 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
606 if test "$sol2ver" -ge 8; then
607 AC_MSG_RESULT(yes)
608 AC_DEFINE(DISABLE_UTMP)
e00da40d 609 AC_DEFINE(DISABLE_WTMP, 1,
610 [Define if you don't want to use wtmp])
3c0ef626 611 else
612 AC_MSG_RESULT(no)
613 fi
2e437378 614 AC_ARG_WITH(solaris-contracts,
615 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
616 [
617 AC_CHECK_LIB(contract, ct_tmpl_activate,
618 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
619 [Define if you have Solaris process contracts])
620 SSHDLIBS="$SSHDLIBS -lcontract"
621 AC_SUBST(SSHDLIBS)
622 SPC_MSG="yes" ], )
623 ],
624 )
3c0ef626 625 ;;
626*-*-sunos4*)
627 CPPFLAGS="$CPPFLAGS -DSUNOS4"
628 AC_CHECK_FUNCS(getpwanam)
629 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 630 conf_utmp_location=/etc/utmp
631 conf_wtmp_location=/var/adm/wtmp
632 conf_lastlog_location=/var/adm/lastlog
633 AC_DEFINE(USE_PIPES)
634 ;;
635*-ncr-sysv*)
3c0ef626 636 LIBS="$LIBS -lc89"
e9a17296 637 AC_DEFINE(USE_PIPES)
70791e56 638 AC_DEFINE(SSHD_ACQUIRES_CTTY)
639 AC_DEFINE(SETEUID_BREAKS_SETUID)
640 AC_DEFINE(BROKEN_SETREUID)
641 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 642 ;;
643*-sni-sysv*)
3c0ef626 644 # /usr/ucblib MUST NOT be searched on ReliantUNIX
416fd2a8 645 AC_CHECK_LIB(dl, dlsym, ,)
e00da40d 646 # -lresolv needs to be at the end of LIBS or DNS lookups break
647 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 648 IPADDR_IN_DISPLAY=yes
649 AC_DEFINE(USE_PIPES)
650 AC_DEFINE(IP_TOS_IS_BROKEN)
416fd2a8 651 AC_DEFINE(SETEUID_BREAKS_SETUID)
652 AC_DEFINE(BROKEN_SETREUID)
653 AC_DEFINE(BROKEN_SETREGID)
70791e56 654 AC_DEFINE(SSHD_ACQUIRES_CTTY)
655 external_path_file=/etc/default/login
3c0ef626 656 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
657 # Attention: always take care to bind libsocket and libnsl before libc,
658 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
659 ;;
34fee935 660# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 661*-*-sysv4.2*)
3c0ef626 662 AC_DEFINE(USE_PIPES)
70791e56 663 AC_DEFINE(SETEUID_BREAKS_SETUID)
664 AC_DEFINE(BROKEN_SETREUID)
665 AC_DEFINE(BROKEN_SETREGID)
34fee935 666 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e00da40d 667 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 668 ;;
34fee935 669# UnixWare 7.x, OpenUNIX 8
3c0ef626 670*-*-sysv5*)
34fee935 671 check_for_libcrypt_later=1
672 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 673 AC_DEFINE(USE_PIPES)
70791e56 674 AC_DEFINE(SETEUID_BREAKS_SETUID)
675 AC_DEFINE(BROKEN_SETREUID)
676 AC_DEFINE(BROKEN_SETREGID)
e00da40d 677 AC_DEFINE(PASSWD_NEEDS_USERNAME)
34fee935 678 case "$host" in
679 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
680 TEST_SHELL=/u95/bin/sh
e00da40d 681 AC_DEFINE(BROKEN_LIBIAF, 1,
682 [ia_uinfo routines not supported by OS yet])
2e437378 683 AC_DEFINE(BROKEN_UPDWTMPX)
e00da40d 684 ;;
685 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
34fee935 686 ;;
687 esac
3c0ef626 688 ;;
689*-*-sysv*)
3c0ef626 690 ;;
34fee935 691# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 692*-*-sco3.2v4*)
34fee935 693 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 694 ;;
34fee935 695# SCO OpenServer 5.x
3c0ef626 696*-*-sco3.2v5*)
1c14df9e 697 if test -z "$GCC"; then
698 CFLAGS="$CFLAGS -belf"
699 fi
3c0ef626 700 LIBS="$LIBS -lprot -lx -ltinfo -lm"
701 no_dev_ptmx=1
3c0ef626 702 AC_DEFINE(USE_PIPES)
2980ea68 703 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 704 AC_DEFINE(DISABLE_SHADOW)
e54b3d7c 705 AC_DEFINE(DISABLE_FD_PASSING)
70791e56 706 AC_DEFINE(SETEUID_BREAKS_SETUID)
707 AC_DEFINE(BROKEN_SETREUID)
708 AC_DEFINE(BROKEN_SETREGID)
709 AC_DEFINE(WITH_ABBREV_NO_TTY)
1b56ff3d 710 AC_DEFINE(BROKEN_UPDWTMPX)
e00da40d 711 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 712 AC_CHECK_FUNCS(getluid setluid)
713 MANTYPE=man
1b56ff3d 714 TEST_SHELL=ksh
3c0ef626 715 ;;
e54b3d7c 716*-*-unicosmk*)
e00da40d 717 AC_DEFINE(NO_SSH_LASTLOG, 1,
718 [Define if you don't want to use lastlog in session.c])
416fd2a8 719 AC_DEFINE(SETEUID_BREAKS_SETUID)
720 AC_DEFINE(BROKEN_SETREUID)
721 AC_DEFINE(BROKEN_SETREGID)
e54b3d7c 722 AC_DEFINE(USE_PIPES)
723 AC_DEFINE(DISABLE_FD_PASSING)
724 LDFLAGS="$LDFLAGS"
725 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
726 MANTYPE=cat
727 ;;
70791e56 728*-*-unicosmp*)
416fd2a8 729 AC_DEFINE(SETEUID_BREAKS_SETUID)
730 AC_DEFINE(BROKEN_SETREUID)
731 AC_DEFINE(BROKEN_SETREGID)
70791e56 732 AC_DEFINE(WITH_ABBREV_NO_TTY)
733 AC_DEFINE(USE_PIPES)
734 AC_DEFINE(DISABLE_FD_PASSING)
735 LDFLAGS="$LDFLAGS"
416fd2a8 736 LIBS="$LIBS -lgen -lacid -ldb"
70791e56 737 MANTYPE=cat
738 ;;
3c0ef626 739*-*-unicos*)
416fd2a8 740 AC_DEFINE(SETEUID_BREAKS_SETUID)
741 AC_DEFINE(BROKEN_SETREUID)
742 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 743 AC_DEFINE(USE_PIPES)
e54b3d7c 744 AC_DEFINE(DISABLE_FD_PASSING)
745 AC_DEFINE(NO_SSH_LASTLOG)
746 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
747 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
748 MANTYPE=cat
3c0ef626 749 ;;
750*-dec-osf*)
751 AC_MSG_CHECKING(for Digital Unix SIA)
752 no_osfsia=""
753 AC_ARG_WITH(osfsia,
754 [ --with-osfsia Enable Digital Unix SIA],
755 [
756 if test "x$withval" = "xno" ; then
757 AC_MSG_RESULT(disabled)
758 no_osfsia=1
759 fi
760 ],
761 )
762 if test -z "$no_osfsia" ; then
763 if test -f /etc/sia/matrix.conf; then
764 AC_MSG_RESULT(yes)
e00da40d 765 AC_DEFINE(HAVE_OSF_SIA, 1,
766 [Define if you have Digital Unix Security
767 Integration Architecture])
768 AC_DEFINE(DISABLE_LOGIN, 1,
769 [Define if you don't want to use your
770 system's login() call])
1c14df9e 771 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 772 LIBS="$LIBS -lsecurity -ldb -lm -laud"
2e437378 773 SIA_MSG="yes"
3c0ef626 774 else
775 AC_MSG_RESULT(no)
e00da40d 776 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
777 [String used in /etc/passwd to denote locked account])
3c0ef626 778 fi
779 fi
70791e56 780 AC_DEFINE(BROKEN_GETADDRINFO)
781 AC_DEFINE(SETEUID_BREAKS_SETUID)
782 AC_DEFINE(BROKEN_SETREUID)
783 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 784 ;;
785
e00da40d 786*-*-nto-qnx*)
3c0ef626 787 AC_DEFINE(USE_PIPES)
788 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e00da40d 789 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
790 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
791 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
792 AC_DEFINE(DISABLE_LASTLOG)
2e437378 793 AC_DEFINE(SSHD_ACQUIRES_CTTY)
794 enable_etc_default_login=no # has incompatible /etc/default/login
3c0ef626 795 ;;
34fee935 796
797*-*-ultrix*)
e00da40d 798 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
799 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
800 AC_DEFINE(NEED_SETPGRP)
34fee935 801 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
802 ;;
803
804*-*-lynxos)
805 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
e00da40d 806 AC_DEFINE(MISSING_HOWMANY)
34fee935 807 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
808 ;;
3c0ef626 809esac
810
70791e56 811AC_MSG_CHECKING(compiler and flags for sanity)
34fee935 812AC_RUN_IFELSE(
813 [AC_LANG_SOURCE([
70791e56 814#include <stdio.h>
815int main(){exit(0);}
34fee935 816 ])],
70791e56 817 [ AC_MSG_RESULT(yes) ],
818 [
819 AC_MSG_RESULT(no)
820 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
34fee935 821 ],
822 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
823)
824
825dnl Checks for header files.
3c0ef626 826# Checks for libraries.
827AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
828AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
829
70791e56 830dnl IRIX and Solaris 2.5.1 have dirname() in libgen
831AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
832 AC_CHECK_LIB(gen, dirname,[
833 AC_CACHE_CHECK([for broken dirname],
834 ac_cv_have_broken_dirname, [
835 save_LIBS="$LIBS"
836 LIBS="$LIBS -lgen"
e00da40d 837 AC_RUN_IFELSE(
838 [AC_LANG_SOURCE([[
70791e56 839#include <libgen.h>
840#include <string.h>
841
842int main(int argc, char **argv) {
843 char *s, buf[32];
844
845 strncpy(buf,"/etc", 32);
846 s = dirname(buf);
847 if (!s || strncmp(s, "/", 32) != 0) {
848 exit(1);
849 } else {
850 exit(0);
851 }
852}
e00da40d 853 ]])],
854 [ ac_cv_have_broken_dirname="no" ],
855 [ ac_cv_have_broken_dirname="yes" ],
70791e56 856 [ ac_cv_have_broken_dirname="no" ],
70791e56 857 )
858 LIBS="$save_LIBS"
859 ])
860 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
861 LIBS="$LIBS -lgen"
862 AC_DEFINE(HAVE_DIRNAME)
863 AC_CHECK_HEADERS(libgen.h)
864 fi
865 ])
866])
867
3c0ef626 868AC_CHECK_FUNC(getspnam, ,
869 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
e00da40d 870AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
871 [Define if you have the basename function.]))
3c0ef626 872
873dnl zlib is required
874AC_ARG_WITH(zlib,
875 [ --with-zlib=PATH Use zlib in PATH],
34fee935 876 [ if test "x$withval" = "xno" ; then
877 AC_MSG_ERROR([*** zlib is required ***])
878 elif test "x$withval" != "xyes"; then
3c0ef626 879 if test -d "$withval/lib"; then
880 if test -n "${need_dash_r}"; then
881 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
882 else
883 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
884 fi
885 else
886 if test -n "${need_dash_r}"; then
887 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
888 else
889 LDFLAGS="-L${withval} ${LDFLAGS}"
890 fi
891 fi
892 if test -d "$withval/include"; then
893 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
894 else
895 CPPFLAGS="-I${withval} ${CPPFLAGS}"
896 fi
34fee935 897 fi ]
3c0ef626 898)
899
416fd2a8 900AC_CHECK_LIB(z, deflate, ,
901 [
902 saved_CPPFLAGS="$CPPFLAGS"
903 saved_LDFLAGS="$LDFLAGS"
904 save_LIBS="$LIBS"
905 dnl Check default zlib install dir
906 if test -n "${need_dash_r}"; then
907 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
908 else
909 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
910 fi
911 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
912 LIBS="$LIBS -lz"
913 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
914 [
915 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
916 ]
917 )
918 ]
919)
920AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
921
922AC_ARG_WITH(zlib-version-check,
923 [ --without-zlib-version-check Disable zlib version check],
924 [ if test "x$withval" = "xno" ; then
925 zlib_check_nonfatal=1
926 fi
927 ]
928)
929
34fee935 930AC_MSG_CHECKING(for possibly buggy zlib)
931AC_RUN_IFELSE([AC_LANG_SOURCE([[
932#include <stdio.h>
416fd2a8 933#include <zlib.h>
934int main()
935{
34fee935 936 int a=0, b=0, c=0, d=0, n, v;
937 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
938 if (n != 3 && n != 4)
416fd2a8 939 exit(1);
34fee935 940 v = a*1000000 + b*10000 + c*100 + d;
941 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
942
943 /* 1.1.4 is OK */
944 if (a == 1 && b == 1 && c >= 4)
416fd2a8 945 exit(0);
34fee935 946
947 /* 1.2.3 and up are OK */
948 if (v >= 1020300)
949 exit(0);
950
416fd2a8 951 exit(2);
952}
34fee935 953 ]])],
954 AC_MSG_RESULT(no),
955 [ AC_MSG_RESULT(yes)
416fd2a8 956 if test -z "$zlib_check_nonfatal" ; then
957 AC_MSG_ERROR([*** zlib too old - check config.log ***
958Your reported zlib version has known security problems. It's possible your
959vendor has fixed these problems without changing the version number. If you
960are sure this is the case, you can disable the check by running
961"./configure --without-zlib-version-check".
34fee935 962If you are in doubt, upgrade zlib to version 1.2.3 or greater.
963See http://www.gzip.org/zlib/ for details.])
416fd2a8 964 else
965 AC_MSG_WARN([zlib version may have security problems])
966 fi
34fee935 967 ],
968 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
416fd2a8 969)
3c0ef626 970
3c0ef626 971dnl UnixWare 2.x
416fd2a8 972AC_CHECK_FUNC(strcasecmp,
3c0ef626 973 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
974)
e00da40d 975AC_CHECK_FUNCS(utimes,
e54b3d7c 976 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
977 LIBS="$LIBS -lc89"]) ]
3c0ef626 978)
979
980dnl Checks for libutil functions
981AC_CHECK_HEADERS(libutil.h)
e00da40d 982AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
983 [Define if your libraries define login()])])
3c0ef626 984AC_CHECK_FUNCS(logout updwtmp logwtmp)
985
986AC_FUNC_STRFTIME
987
3c0ef626 988# Check for ALTDIRFUNC glob() extension
989AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
990AC_EGREP_CPP(FOUNDIT,
991 [
992 #include <glob.h>
993 #ifdef GLOB_ALTDIRFUNC
994 FOUNDIT
995 #endif
416fd2a8 996 ],
3c0ef626 997 [
e00da40d 998 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
999 [Define if your system glob() function has
1000 the GLOB_ALTDIRFUNC extension])
3c0ef626 1001 AC_MSG_RESULT(yes)
1002 ],
1003 [
1004 AC_MSG_RESULT(no)
1005 ]
1006)
1007
1008# Check for g.gl_matchc glob() extension
1009AC_MSG_CHECKING(for gl_matchc field in glob_t)
2e437378 1010AC_TRY_COMPILE(
1011 [ #include <glob.h> ],
1012 [glob_t g; g.gl_matchc = 1;],
416fd2a8 1013 [
e00da40d 1014 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1015 [Define if your system glob() function has
1016 gl_matchc options in glob_t])
416fd2a8 1017 AC_MSG_RESULT(yes)
1018 ],
1019 [
1020 AC_MSG_RESULT(no)
1021 ]
3c0ef626 1022)
1023
2e437378 1024AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1025
3c0ef626 1026AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
34fee935 1027AC_RUN_IFELSE(
1028 [AC_LANG_SOURCE([[
3c0ef626 1029#include <sys/types.h>
1030#include <dirent.h>
e54b3d7c 1031int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
34fee935 1032 ]])],
416fd2a8 1033 [AC_MSG_RESULT(yes)],
3c0ef626 1034 [
1035 AC_MSG_RESULT(no)
e00da40d 1036 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1037 [Define if your struct dirent expects you to
1038 allocate extra space for d_name])
34fee935 1039 ],
1040 [
1041 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1042 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1043 ]
1044)
1045
c2397a66 1046# Check whether the user wants GSSAPI mechglue support
1047AC_ARG_WITH(mechglue,
1048 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1049 [
1050 AC_MSG_CHECKING(for mechglue library)
1051
1052 if test -e ${withval}/libgssapi.a ; then
1053 mechglue_lib=${withval}/libgssapi.a
1054 elif test -e ${withval}/lib/libgssapi.a ; then
1055 mechglue_lib=${withval}/lib/libgssapi.a
1056 else
1057 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1058 fi
1059 LIBS="$LIBS ${mechglue_lib}"
1060 AC_MSG_RESULT(${mechglue_lib})
1061
c2397a66 1062 AC_CHECK_LIB(dl, dlopen, , )
1063 if test $ac_cv_lib_dl_dlopen = yes; then
1064 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1065 fi
1066
1067 AC_DEFINE(GSSAPI)
e00da40d 1068 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
c2397a66 1069 GSSAPI="mechglue"
1070
1071 ]
1072)
1073
1074
d905e828 1075# Check whether the user wants GSI (Globus) support
1076gsi_path="no"
1077AC_ARG_WITH(gsi,
70791e56 1078 [ --with-gsi Enable Globus GSI authentication support],
d905e828 1079 [
1080 gsi_path="$withval"
1081 ]
1082)
1083
1084AC_ARG_WITH(globus,
70791e56 1085 [ --with-globus Enable Globus GSI authentication support],
d905e828 1086 [
1087 gsi_path="$withval"
1088 ]
1089)
1090
70791e56 1091AC_ARG_WITH(globus-static,
1092 [ --with-globus-static Link statically with Globus GSI libraries],
1093 [
1094 gsi_static=1
416fd2a8 1095 if test "x$gsi_path" = "xno" ; then
e2dec4b2 1096 gsi_path="$withval"
1097 fi
70791e56 1098 ]
1099)
1100
d905e828 1101# Check whether the user has a Globus flavor type
1102globus_flavor_type="no"
1103AC_ARG_WITH(globus-flavor,
70791e56 1104 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
d905e828 1105 [
1106 globus_flavor_type="$withval"
416fd2a8 1107 if test "x$gsi_path" = "xno" ; then
70791e56 1108 gsi_path="yes"
1109 fi
d905e828 1110 ]
1111)
1112
1113if test "x$gsi_path" != "xno" ; then
1114 # Globus GSSAPI configuration
88928908 1115 AC_MSG_CHECKING(for Globus GSI)
e00da40d 1116 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
d905e828 1117
c2397a66 1118 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
70791e56 1119 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
c2397a66 1120 fi
1121 if test -z "$GSSAPI"; then
1122 AC_DEFINE(GSSAPI)
1123 GSSAPI="GSI"
1124 fi
1125
70791e56 1126 if test "x$gsi_path" = "xyes" ; then
1127 if test -z "$GLOBUS_LOCATION" ; then
1128 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
1129 else
1130 gsi_path="$GLOBUS_LOCATION"
1131 fi
1132 fi
1133 GLOBUS_LOCATION="$gsi_path"
1134 export GLOBUS_LOCATION
1135 if test ! -d "$GLOBUS_LOCATION" ; then
1136 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
d905e828 1137 fi
d905e828 1138
1139 if test "x$globus_flavor_type" = "xno" ; then
88928908 1140 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1141 fi
1142 if test "x$globus_flavor_type" = "xyes" ; then
1143 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
2d8588fd 1144 fi
9a370734 1145 AC_MSG_RESULT(yes)
2d8588fd 1146
9a370734 1147 AC_MSG_CHECKING(for Globus include path)
88928908 1148 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
1149 if test ! -d "$GLOBUS_INCLUDE" ; then
1150 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
1151 fi
1152 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
9a370734 1153 AC_MSG_RESULT(yes)
1154
5838d7f9 1155 #
1156 # Find GPT linkline helper
1157 #
1158
1159 AC_MSG_CHECKING(for GPT linkline helper)
9a370734 1160 if test -x $GPT_LOCATION/sbin/gpt_build_config ; then
5838d7f9 1161 gpt_linkline_helper="$GPT_LOCATION/sbin/gpt_build_config"
1162 elif test -x ${gsi_path}/sbin/gpt_build_config ; then
1163 gpt_linkline_helper="${gsi_path}/sbin/gpt_build_config"
2d8588fd 1164 else
9a370734 1165 AC_MSG_ERROR(Cannot find gpt_build_config: GPT installation is incomplete)
2d8588fd 1166 fi
06779745 1167 AC_MSG_RESULT(yes)
5838d7f9 1168
1169 #
1170 # Build Globus linkline
1171 #
1172
70791e56 1173 if test -n "${gsi_static}"; then
1174 ${gpt_linkline_helper} -f ${globus_flavor_type} -link static -src pkg_data_src.gpt
1175 else
1176 ${gpt_linkline_helper} -f ${globus_flavor_type} -link shared -src pkg_data_src.gpt
1177 fi
5838d7f9 1178 . ./gpt_build_temp.sh
70791e56 1179 if test -n "${need_dash_r}"; then
1180 GSI_LDFLAGS="-L${gsi_path}/lib -R{gsi_path}/lib"
1181 else
1182 GSI_LDFLAGS="-L${gsi_path}/lib"
1183 fi
5838d7f9 1184 GSI_LIBS="$GPT_CONFIG_PGM_LINKS"
92f152c3 1185 LD_LIBRARY_PATH="${gsi_path}/lib:$LD_LIBRARY_PATH"; export LD_LIBRARY_PATH
5838d7f9 1186
1187 #
1188 # Test Globus linkline
1189 #
1190
1191 AC_MSG_CHECKING(for Globus linkline)
88928908 1192 if test -z "$GSI_LIBS" ; then
9a370734 1193 AC_MSG_ERROR(gpt_build_config failed)
d905e828 1194 fi
9a370734 1195 AC_MSG_RESULT(yes)
d905e828 1196
416fd2a8 1197 AC_DEFINE(HAVE_GSSAPI_H)
1198
70791e56 1199 LIBS="$LIBS $GSI_LIBS"
1200 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
1201 CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
88928908 1202
9a370734 1203 AC_MSG_CHECKING(that Globus linkline works)
88928908 1204 # test that we got the libraries OK
ffa83338 1205 AC_TRY_LINK(
1206 [],
1207 [],
1208 [
1209 AC_MSG_RESULT(yes)
1210 ],
1211 [
88928908 1212 AC_MSG_ERROR(link with Globus libraries failed)
ffa83338 1213 ]
1214 )
e00da40d 1215 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
88928908 1216 INSTALL_GSISSH="yes"
1217else
1218 INSTALL_GSISSH=""
d905e828 1219fi
c2397a66 1220# End Globus/GSI section
d905e828 1221
1b56ff3d 1222AC_MSG_CHECKING([for /proc/pid/fd directory])
1223if test -d "/proc/$$/fd" ; then
e00da40d 1224 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
1b56ff3d 1225 AC_MSG_RESULT(yes)
1226else
1227 AC_MSG_RESULT(no)
1228fi
1229
3c0ef626 1230# Check whether user wants S/Key support
416fd2a8 1231SKEY_MSG="no"
3c0ef626 1232AC_ARG_WITH(skey,
34fee935 1233 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1234 [
1235 if test "x$withval" != "xno" ; then
1236
1237 if test "x$withval" != "xyes" ; then
1238 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1239 LDFLAGS="$LDFLAGS -L${withval}/lib"
1240 fi
1241
e00da40d 1242 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1243 LIBS="-lskey $LIBS"
416fd2a8 1244 SKEY_MSG="yes"
34fee935 1245
e9a17296 1246 AC_MSG_CHECKING([for s/key support])
e00da40d 1247 AC_LINK_IFELSE(
1248 [AC_LANG_SOURCE([[
e9a17296 1249#include <stdio.h>
1250#include <skey.h>
e54b3d7c 1251int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
e00da40d 1252 ]])],
e9a17296 1253 [AC_MSG_RESULT(yes)],
3c0ef626 1254 [
e9a17296 1255 AC_MSG_RESULT(no)
3c0ef626 1256 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1257 ])
2a304a95 1258 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1259 AC_TRY_COMPILE(
1260 [#include <stdio.h>
1261 #include <skey.h>],
1262 [(void)skeychallenge(NULL,"name","",0);],
1263 [AC_MSG_RESULT(yes)
e00da40d 1264 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1265 [Define if your skeychallenge()
1266 function takes 4 arguments (NetBSD)])],
2a304a95 1267 [AC_MSG_RESULT(no)]
1268 )
3c0ef626 1269 fi
1270 ]
1271)
1272
1273# Check whether user wants TCP wrappers support
1274TCPW_MSG="no"
1275AC_ARG_WITH(tcp-wrappers,
34fee935 1276 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1277 [
1278 if test "x$withval" != "xno" ; then
1279 saved_LIBS="$LIBS"
1280 saved_LDFLAGS="$LDFLAGS"
1281 saved_CPPFLAGS="$CPPFLAGS"
34fee935 1282 if test -n "${withval}" && \
1283 test "x${withval}" != "xyes"; then
3c0ef626 1284 if test -d "${withval}/lib"; then
1285 if test -n "${need_dash_r}"; then
1286 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1287 else
1288 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1289 fi
1290 else
1291 if test -n "${need_dash_r}"; then
1292 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1293 else
1294 LDFLAGS="-L${withval} ${LDFLAGS}"
1295 fi
1296 fi
1297 if test -d "${withval}/include"; then
1298 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1299 else
1300 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1301 fi
1302 fi
e9a17296 1303 LIBWRAP="-lwrap"
1304 LIBS="$LIBWRAP $LIBS"
3c0ef626 1305 AC_MSG_CHECKING(for libwrap)
1306 AC_TRY_LINK(
1307 [
2a304a95 1308#include <sys/types.h>
1309#include <sys/socket.h>
1310#include <netinet/in.h>
3c0ef626 1311#include <tcpd.h>
1312 int deny_severity = 0, allow_severity = 0;
1313 ],
1314 [hosts_access(0);],
1315 [
1316 AC_MSG_RESULT(yes)
e00da40d 1317 AC_DEFINE(LIBWRAP, 1,
1318 [Define if you want
1319 TCP Wrappers support])
e9a17296 1320 AC_SUBST(LIBWRAP)
3c0ef626 1321 TCPW_MSG="yes"
1322 ],
1323 [
1324 AC_MSG_ERROR([*** libwrap missing])
1325 ]
1326 )
e9a17296 1327 LIBS="$saved_LIBS"
3c0ef626 1328 fi
1329 ]
1330)
1331
34fee935 1332# Check whether user wants libedit support
1333LIBEDIT_MSG="no"
1334AC_ARG_WITH(libedit,
1335 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1336 [ if test "x$withval" != "xno" ; then
1337 if test "x$withval" != "xyes"; then
e00da40d 1338 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1339 if test -n "${need_dash_r}"; then
1340 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1341 else
1342 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1343 fi
34fee935 1344 fi
1345 AC_CHECK_LIB(edit, el_init,
e00da40d 1346 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
34fee935 1347 LIBEDIT="-ledit -lcurses"
1348 LIBEDIT_MSG="yes"
1349 AC_SUBST(LIBEDIT)
1350 ],
1351 [ AC_MSG_ERROR(libedit not found) ],
1352 [ -lcurses ]
1353 )
1354 AC_MSG_CHECKING(if libedit version is compatible)
1355 AC_COMPILE_IFELSE(
1356 [AC_LANG_SOURCE([[
1357#include <histedit.h>
1358int main(void)
1359{
1360 int i = H_SETSIZE;
1361 el_init("", NULL, NULL, NULL);
1362 exit(0);
1363}
1364 ]])],
1365 [ AC_MSG_RESULT(yes) ],
1366 [ AC_MSG_RESULT(no)
1367 AC_MSG_ERROR(libedit version is not compatible) ]
1368 )
1369 fi ]
1370)
1371
1372AUDIT_MODULE=none
1373AC_ARG_WITH(audit,
1374 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1375 [
1376 AC_MSG_CHECKING(for supported audit module)
1377 case "$withval" in
1378 bsm)
1379 AC_MSG_RESULT(bsm)
1380 AUDIT_MODULE=bsm
1381 dnl Checks for headers, libs and functions
1382 AC_CHECK_HEADERS(bsm/audit.h, [],
2e437378 1383 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1384 [
1385#ifdef HAVE_TIME_H
1386# include <time.h>
1387#endif
1388 ]
1389)
34fee935 1390 AC_CHECK_LIB(bsm, getaudit, [],
1391 [AC_MSG_ERROR(BSM enabled and required library not found)])
1392 AC_CHECK_FUNCS(getaudit, [],
1393 [AC_MSG_ERROR(BSM enabled and required function not found)])
1394 # These are optional
1395 AC_CHECK_FUNCS(getaudit_addr)
e00da40d 1396 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
34fee935 1397 ;;
1398 debug)
1399 AUDIT_MODULE=debug
1400 AC_MSG_RESULT(debug)
e00da40d 1401 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
34fee935 1402 ;;
1403 no)
1404 AC_MSG_RESULT(no)
1405 ;;
1406 *)
1407 AC_MSG_ERROR([Unknown audit module $withval])
1408 ;;
1409 esac ]
1410)
1411
1c14df9e 1412dnl Checks for library functions. Please keep in alphabetical order
34fee935 1413AC_CHECK_FUNCS( \
1414 arc4random \
e00da40d 1415 asprintf \
34fee935 1416 b64_ntop \
1417 __b64_ntop \
1418 b64_pton \
1419 __b64_pton \
1420 bcopy \
1421 bindresvport_sa \
1422 clock \
1423 closefrom \
1424 dirfd \
1425 fchmod \
1426 fchown \
1427 freeaddrinfo \
1428 futimes \
1429 getaddrinfo \
1430 getcwd \
1431 getgrouplist \
1432 getnameinfo \
1433 getopt \
1434 getpeereid \
1435 _getpty \
1436 getrlimit \
1437 getttyent \
1438 glob \
1439 inet_aton \
1440 inet_ntoa \
1441 inet_ntop \
1442 innetgr \
1443 login_getcapbool \
1444 md5_crypt \
1445 memmove \
1446 mkdtemp \
1447 mmap \
1448 ngetaddrinfo \
1449 nsleep \
1450 ogetaddrinfo \
1451 openlog_r \
1452 openpty \
1453 prctl \
1454 pstat \
1455 readpassphrase \
1456 realpath \
1457 recvmsg \
1458 rresvport_af \
1459 sendmsg \
1460 setdtablesize \
1461 setegid \
1462 setenv \
1463 seteuid \
1464 setgroups \
1465 setlogin \
1466 setpcred \
1467 setproctitle \
1468 setregid \
1469 setreuid \
1470 setrlimit \
1471 setsid \
1472 setvbuf \
1473 sigaction \
1474 sigvec \
1475 snprintf \
1476 socketpair \
1477 strdup \
1478 strerror \
1479 strlcat \
1480 strlcpy \
1481 strmode \
1482 strnvis \
1483 strtonum \
1484 strtoll \
1485 strtoul \
1486 sysconf \
1487 tcgetpgrp \
1488 truncate \
1489 unsetenv \
1490 updwtmpx \
e00da40d 1491 vasprintf \
34fee935 1492 vhangup \
1493 vsnprintf \
1494 waitpid \
70791e56 1495)
1496
1497# IRIX has a const char return value for gai_strerror()
1498AC_CHECK_FUNCS(gai_strerror,[
1499 AC_DEFINE(HAVE_GAI_STRERROR)
1500 AC_TRY_COMPILE([
1501#include <sys/types.h>
1502#include <sys/socket.h>
1503#include <netdb.h>
1c14df9e 1504
70791e56 1505const char *gai_strerror(int);],[
1506char *str;
1c14df9e 1507
70791e56 1508str = gai_strerror(0);],[
1509 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1510 [Define if gai_strerror() returns const char *])])])
88928908 1511
e00da40d 1512AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1513 [Some systems put nanosleep outside of libc]))
3c0ef626 1514
70791e56 1515dnl Make sure prototypes are defined for these before using them.
70791e56 1516AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
34fee935 1517AC_CHECK_DECL(strsep,
1518 [AC_CHECK_FUNCS(strsep)],
1519 [],
1520 [
1521#ifdef HAVE_STRING_H
1522# include <string.h>
1523#endif
1524 ])
3c0ef626 1525
70791e56 1526dnl tcsendbreak might be a macro
1527AC_CHECK_DECL(tcsendbreak,
1528 [AC_DEFINE(HAVE_TCSENDBREAK)],
416fd2a8 1529 [AC_CHECK_FUNCS(tcsendbreak)],
70791e56 1530 [#include <termios.h>]
1531)
3c0ef626 1532
1b56ff3d 1533AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1534
2e437378 1535AC_CHECK_DECLS(SHUT_RD, , ,
1536 [
1537#include <sys/types.h>
1538#include <sys/socket.h>
1539 ])
1540
1541AC_CHECK_DECLS(O_NONBLOCK, , ,
1542 [
1543#include <sys/types.h>
1544#ifdef HAVE_SYS_STAT_H
1545# include <sys/stat.h>
1546#endif
1547#ifdef HAVE_FCNTL_H
1548# include <fcntl.h>
1549#endif
1550 ])
1551
1552AC_CHECK_DECLS(writev, , , [
1553#include <sys/types.h>
1554#include <sys/uio.h>
1555#include <unistd.h>
1556 ])
1557
416fd2a8 1558AC_CHECK_FUNCS(setresuid, [
1559 dnl Some platorms have setresuid that isn't implemented, test for this
1560 AC_MSG_CHECKING(if setresuid seems to work)
34fee935 1561 AC_RUN_IFELSE(
1562 [AC_LANG_SOURCE([[
416fd2a8 1563#include <stdlib.h>
1564#include <errno.h>
1565int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
34fee935 1566 ]])],
416fd2a8 1567 [AC_MSG_RESULT(yes)],
e00da40d 1568 [AC_DEFINE(BROKEN_SETRESUID, 1,
1569 [Define if your setresuid() is broken])
34fee935 1570 AC_MSG_RESULT(not implemented)],
1571 [AC_MSG_WARN([cross compiling: not checking setresuid])]
416fd2a8 1572 )
1573])
1574
1575AC_CHECK_FUNCS(setresgid, [
1576 dnl Some platorms have setresgid that isn't implemented, test for this
1577 AC_MSG_CHECKING(if setresgid seems to work)
34fee935 1578 AC_RUN_IFELSE(
1579 [AC_LANG_SOURCE([[
416fd2a8 1580#include <stdlib.h>
1581#include <errno.h>
1582int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
34fee935 1583 ]])],
416fd2a8 1584 [AC_MSG_RESULT(yes)],
e00da40d 1585 [AC_DEFINE(BROKEN_SETRESGID, 1,
1586 [Define if your setresgid() is broken])
34fee935 1587 AC_MSG_RESULT(not implemented)],
1588 [AC_MSG_WARN([cross compiling: not checking setresuid])]
416fd2a8 1589 )
1590])
1591
3c0ef626 1592dnl Checks for time functions
1593AC_CHECK_FUNCS(gettimeofday time)
1594dnl Checks for utmp functions
1595AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1596AC_CHECK_FUNCS(utmpname)
1597dnl Checks for utmpx functions
1598AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1599AC_CHECK_FUNCS(setutxent utmpxname)
1600
416fd2a8 1601AC_CHECK_FUNC(daemon,
e00da40d 1602 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1603 [AC_CHECK_LIB(bsd, daemon,
1604 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1605)
1606
416fd2a8 1607AC_CHECK_FUNC(getpagesize,
e00da40d 1608 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1609 [Define if your libraries define getpagesize()])],
1610 [AC_CHECK_LIB(ucb, getpagesize,
1611 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1612)
1613
1614# Check for broken snprintf
1615if test "x$ac_cv_func_snprintf" = "xyes" ; then
1616 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
34fee935 1617 AC_RUN_IFELSE(
1618 [AC_LANG_SOURCE([[
3c0ef626 1619#include <stdio.h>
e54b3d7c 1620int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
34fee935 1621 ]])],
416fd2a8 1622 [AC_MSG_RESULT(yes)],
3c0ef626 1623 [
1624 AC_MSG_RESULT(no)
e00da40d 1625 AC_DEFINE(BROKEN_SNPRINTF, 1,
1626 [Define if your snprintf is busted])
3c0ef626 1627 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
34fee935 1628 ],
1629 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1630 )
1631fi
1632
e00da40d 1633# If we don't have a working asprintf, then we strongly depend on vsnprintf
1634# returning the right thing on overflow: the number of characters it tried to
1635# create (as per SUSv3)
1636if test "x$ac_cv_func_asprintf" != "xyes" && \
1637 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1638 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1639 AC_RUN_IFELSE(
1640 [AC_LANG_SOURCE([[
1641#include <sys/types.h>
1642#include <stdio.h>
1643#include <stdarg.h>
1644
1645int x_snprintf(char *str,size_t count,const char *fmt,...)
1646{
1647 size_t ret; va_list ap;
1648 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1649 return ret;
1650}
1651int main(void)
1652{
1653 char x[1];
1654 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1655} ]])],
1656 [AC_MSG_RESULT(yes)],
1657 [
1658 AC_MSG_RESULT(no)
1659 AC_DEFINE(BROKEN_SNPRINTF, 1,
1660 [Define if your snprintf is busted])
1661 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1662 ],
1663 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1664 )
1665fi
1666
1667# On systems where [v]snprintf is broken, but is declared in stdio,
1668# check that the fmt argument is const char * or just char *.
1669# This is only useful for when BROKEN_SNPRINTF
1670AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1671AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1672 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1673 int main(void) { snprintf(0, 0, 0); }
1674 ]])],
1675 [AC_MSG_RESULT(yes)
1676 AC_DEFINE(SNPRINTF_CONST, [const],
1677 [Define as const if snprintf() can declare const char *fmt])],
1678 [AC_MSG_RESULT(no)
1679 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1680
1b56ff3d 1681# Check for missing getpeereid (or equiv) support
1682NO_PEERCHECK=""
1683if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1684 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1685 AC_TRY_COMPILE(
1686 [#include <sys/types.h>
1687 #include <sys/socket.h>],
1688 [int i = SO_PEERCRED;],
34fee935 1689 [ AC_MSG_RESULT(yes)
e00da40d 1690 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
34fee935 1691 ],
1b56ff3d 1692 [AC_MSG_RESULT(no)
1693 NO_PEERCHECK=1]
1694 )
1695fi
1696
1c14df9e 1697dnl see whether mkstemp() requires XXXXXX
1698if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1699AC_MSG_CHECKING([for (overly) strict mkstemp])
e00da40d 1700AC_RUN_IFELSE(
1701 [AC_LANG_SOURCE([[
1c14df9e 1702#include <stdlib.h>
1703main() { char template[]="conftest.mkstemp-test";
1704if (mkstemp(template) == -1)
1705 exit(1);
1706unlink(template); exit(0);
1707}
e00da40d 1708 ]])],
1c14df9e 1709 [
1710 AC_MSG_RESULT(no)
1711 ],
416fd2a8 1712 [
1c14df9e 1713 AC_MSG_RESULT(yes)
e00da40d 1714 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
1c14df9e 1715 ],
1716 [
1717 AC_MSG_RESULT(yes)
1718 AC_DEFINE(HAVE_STRICT_MKSTEMP)
416fd2a8 1719 ]
1c14df9e 1720)
1721fi
1722
70791e56 1723dnl make sure that openpty does not reacquire controlling terminal
1724if test ! -z "$check_for_openpty_ctty_bug"; then
1725 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
e00da40d 1726 AC_RUN_IFELSE(
1727 [AC_LANG_SOURCE([[
70791e56 1728#include <stdio.h>
1729#include <sys/fcntl.h>
1730#include <sys/types.h>
1731#include <sys/wait.h>
1732
1733int
1734main()
1735{
1736 pid_t pid;
1737 int fd, ptyfd, ttyfd, status;
1738
1739 pid = fork();
1740 if (pid < 0) { /* failed */
1741 exit(1);
1742 } else if (pid > 0) { /* parent */
1743 waitpid(pid, &status, 0);
416fd2a8 1744 if (WIFEXITED(status))
70791e56 1745 exit(WEXITSTATUS(status));
1746 else
1747 exit(2);
1748 } else { /* child */
1749 close(0); close(1); close(2);
1750 setsid();
1751 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1752 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1753 if (fd >= 0)
1754 exit(3); /* Acquired ctty: broken */
1755 else
1756 exit(0); /* Did not acquire ctty: OK */
1757 }
1758}
e00da40d 1759 ]])],
70791e56 1760 [
1761 AC_MSG_RESULT(yes)
1762 ],
1763 [
1764 AC_MSG_RESULT(no)
1765 AC_DEFINE(SSHD_ACQUIRES_CTTY)
e00da40d 1766 ],
1767 [
1768 AC_MSG_RESULT(cross-compiling, assuming yes)
70791e56 1769 ]
1770 )
1771fi
1772
34fee935 1773if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1774 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2a304a95 1775 AC_MSG_CHECKING(if getaddrinfo seems to work)
e00da40d 1776 AC_RUN_IFELSE(
1777 [AC_LANG_SOURCE([[
2a304a95 1778#include <stdio.h>
1779#include <sys/socket.h>
1780#include <netdb.h>
1781#include <errno.h>
1782#include <netinet/in.h>
1783
1784#define TEST_PORT "2222"
1785
1786int
1787main(void)
1788{
1789 int err, sock;
1790 struct addrinfo *gai_ai, *ai, hints;
1791 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1792
1793 memset(&hints, 0, sizeof(hints));
1794 hints.ai_family = PF_UNSPEC;
1795 hints.ai_socktype = SOCK_STREAM;
1796 hints.ai_flags = AI_PASSIVE;
1797
1798 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1799 if (err != 0) {
1800 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1801 exit(1);
1802 }
1803
1804 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1805 if (ai->ai_family != AF_INET6)
1806 continue;
1807
1808 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1809 sizeof(ntop), strport, sizeof(strport),
1810 NI_NUMERICHOST|NI_NUMERICSERV);
1811
1812 if (err != 0) {
1813 if (err == EAI_SYSTEM)
1814 perror("getnameinfo EAI_SYSTEM");
1815 else
1816 fprintf(stderr, "getnameinfo failed: %s\n",
1817 gai_strerror(err));
1818 exit(2);
1819 }
1820
1821 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1822 if (sock < 0)
1823 perror("socket");
1824 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1825 if (errno == EBADF)
1826 exit(3);
1827 }
1828 }
1829 exit(0);
1830}
e00da40d 1831 ]])],
2a304a95 1832 [
1833 AC_MSG_RESULT(yes)
1834 ],
1835 [
1836 AC_MSG_RESULT(no)
1837 AC_DEFINE(BROKEN_GETADDRINFO)
e00da40d 1838 ],
1839 [
1840 AC_MSG_RESULT(cross-compiling, assuming yes)
2a304a95 1841 ]
1842 )
1843fi
1844
34fee935 1845if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1846 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
1847 AC_MSG_CHECKING(if getaddrinfo seems to work)
e00da40d 1848 AC_RUN_IFELSE(
1849 [AC_LANG_SOURCE([[
34fee935 1850#include <stdio.h>
1851#include <sys/socket.h>
1852#include <netdb.h>
1853#include <errno.h>
1854#include <netinet/in.h>
1855
1856#define TEST_PORT "2222"
1857
1858int
1859main(void)
1860{
1861 int err, sock;
1862 struct addrinfo *gai_ai, *ai, hints;
1863 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1864
1865 memset(&hints, 0, sizeof(hints));
1866 hints.ai_family = PF_UNSPEC;
1867 hints.ai_socktype = SOCK_STREAM;
1868 hints.ai_flags = AI_PASSIVE;
1869
1870 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1871 if (err != 0) {
1872 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1873 exit(1);
1874 }
1875
1876 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1877 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1878 continue;
1879
1880 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1881 sizeof(ntop), strport, sizeof(strport),
1882 NI_NUMERICHOST|NI_NUMERICSERV);
1883
1884 if (ai->ai_family == AF_INET && err != 0) {
1885 perror("getnameinfo");
1886 exit(2);
1887 }
1888 }
1889 exit(0);
1890}
e00da40d 1891 ]])],
34fee935 1892 [
1893 AC_MSG_RESULT(yes)
e00da40d 1894 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1895 [Define if you have a getaddrinfo that fails
1896 for the all-zeros IPv6 address])
34fee935 1897 ],
1898 [
1899 AC_MSG_RESULT(no)
1900 AC_DEFINE(BROKEN_GETADDRINFO)
e00da40d 1901 ],
2e437378 1902 [
e00da40d 1903 AC_MSG_RESULT(cross-compiling, assuming no)
34fee935 1904 ]
1905 )
1906fi
1907
1908if test "x$check_for_conflicting_getspnam" = "x1"; then
1909 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1910 AC_COMPILE_IFELSE(
1911 [
1912#include <shadow.h>
1913int main(void) {exit(0);}
1914 ],
1915 [
1916 AC_MSG_RESULT(no)
1917 ],
1918 [
1919 AC_MSG_RESULT(yes)
1920 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1921 [Conflicting defs for getspnam])
1922 ]
1923 )
1924fi
1925
3c0ef626 1926AC_FUNC_GETPGRP
1927
2980ea68 1928# Search for OpenSSL
1929saved_CPPFLAGS="$CPPFLAGS"
1930saved_LDFLAGS="$LDFLAGS"
3c0ef626 1931AC_ARG_WITH(ssl-dir,
1932 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1933 [
1934 if test "x$withval" != "xno" ; then
34fee935 1935 case "$withval" in
1936 # Relative paths
1937 ./*|../*) withval="`pwd`/$withval"
1938 esac
2980ea68 1939 if test -d "$withval/lib"; then
1940 if test -n "${need_dash_r}"; then
1941 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1942 else
1943 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1944 fi
1945 else
2980ea68 1946 if test -n "${need_dash_r}"; then
1947 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1948 else
1949 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1950 fi
1951 fi
2980ea68 1952 if test -d "$withval/include"; then
1953 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1954 else
2980ea68 1955 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1956 fi
1957 fi
2980ea68 1958 ]
1959)
3c0ef626 1960
88928908 1961if test -z "$GSI_LIBS" ; then
416fd2a8 1962LIBS="-lcrypto $LIBS"
88928908 1963fi
e00da40d 1964AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1965 [Define if your ssl headers are included
1966 with #include <openssl/header.h>]),
3c0ef626 1967 [
2980ea68 1968 dnl Check default openssl install dir
1969 if test -n "${need_dash_r}"; then
1970 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1971 else
2980ea68 1972 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1973 fi
2980ea68 1974 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1975 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1976 [
1977 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1978 ]
1979 )
1980 ]
1981)
1982
e54b3d7c 1983# Determine OpenSSL header version
1984AC_MSG_CHECKING([OpenSSL header version])
34fee935 1985AC_RUN_IFELSE(
1986 [AC_LANG_SOURCE([[
e54b3d7c 1987#include <stdio.h>
1988#include <string.h>
1989#include <openssl/opensslv.h>
1990#define DATA "conftest.sslincver"
1991int main(void) {
416fd2a8 1992 FILE *fd;
1993 int rc;
e54b3d7c 1994
416fd2a8 1995 fd = fopen(DATA,"w");
1996 if(fd == NULL)
1997 exit(1);
e54b3d7c 1998
1999 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
2000 exit(1);
2001
2002 exit(0);
2003}
34fee935 2004 ]])],
e54b3d7c 2005 [
2006 ssl_header_ver=`cat conftest.sslincver`
2007 AC_MSG_RESULT($ssl_header_ver)
2008 ],
2009 [
2010 AC_MSG_RESULT(not found)
2011 AC_MSG_ERROR(OpenSSL version header not found.)
34fee935 2012 ],
2013 [
2014 AC_MSG_WARN([cross compiling: not checking])
e54b3d7c 2015 ]
2016)
2017
2018# Determine OpenSSL library version
2019AC_MSG_CHECKING([OpenSSL library version])
34fee935 2020AC_RUN_IFELSE(
2021 [AC_LANG_SOURCE([[
e54b3d7c 2022#include <stdio.h>
2023#include <string.h>
2024#include <openssl/opensslv.h>
2025#include <openssl/crypto.h>
2026#define DATA "conftest.ssllibver"
2027int main(void) {
416fd2a8 2028 FILE *fd;
2029 int rc;
e54b3d7c 2030
416fd2a8 2031 fd = fopen(DATA,"w");
2032 if(fd == NULL)
2033 exit(1);
e54b3d7c 2034
2035 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2036 exit(1);
2037
2038 exit(0);
2039}
34fee935 2040 ]])],
e54b3d7c 2041 [
2042 ssl_library_ver=`cat conftest.ssllibver`
2043 AC_MSG_RESULT($ssl_library_ver)
2044 ],
2045 [
2046 AC_MSG_RESULT(not found)
2047 AC_MSG_ERROR(OpenSSL library not found.)
34fee935 2048 ],
2049 [
2050 AC_MSG_WARN([cross compiling: not checking])
e54b3d7c 2051 ]
2052)
3c0ef626 2053
e9a17296 2054# Sanity check OpenSSL headers
2055AC_MSG_CHECKING([whether OpenSSL's headers match the library])
34fee935 2056AC_RUN_IFELSE(
2057 [AC_LANG_SOURCE([[
e9a17296 2058#include <string.h>
2059#include <openssl/opensslv.h>
e54b3d7c 2060int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
34fee935 2061 ]])],
e9a17296 2062 [
2063 AC_MSG_RESULT(yes)
2064 ],
2065 [
2066 AC_MSG_RESULT(no)
70791e56 2067 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
2068Check config.log for details.
2069Also see contrib/findssl.sh for help identifying header/library mismatches.])
34fee935 2070 ],
2071 [
2072 AC_MSG_WARN([cross compiling: not checking])
e9a17296 2073 ]
2074)
2075
2e437378 2076AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2077AC_LINK_IFELSE(
2078 [AC_LANG_SOURCE([[
2079#include <openssl/evp.h>
2080int main(void) { SSLeay_add_all_algorithms(); }
2081 ]])],
2082 [
2083 AC_MSG_RESULT(yes)
2084 ],
2085 [
2086 AC_MSG_RESULT(no)
2087 saved_LIBS="$LIBS"
2088 LIBS="$LIBS -ldl"
2089 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2090 AC_LINK_IFELSE(
2091 [AC_LANG_SOURCE([[
2092#include <openssl/evp.h>
2093int main(void) { SSLeay_add_all_algorithms(); }
2094 ]])],
2095 [
2096 AC_MSG_RESULT(yes)
2097 ],
2098 [
2099 AC_MSG_RESULT(no)
2100 LIBS="$saved_LIBS"
2101 ]
2102 )
2103 ]
2104)
2105
2106AC_ARG_WITH(ssl-engine,
2107 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2108 [ if test "x$withval" != "xno" ; then
2109 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2110 AC_TRY_COMPILE(
2111 [ #include <openssl/engine.h>],
2112 [
2113ENGINE_load_builtin_engines();ENGINE_register_all_complete();
2114 ],
2115 [ AC_MSG_RESULT(yes)
2116 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2117 [Enable OpenSSL engine support])
2118 ],
2119 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2120 )
2121 fi ]
2122)
2123
e00da40d 2124# Check for OpenSSL without EVP_aes_{192,256}_cbc
2125AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
2e437378 2126AC_LINK_IFELSE(
e00da40d 2127 [AC_LANG_SOURCE([[
2128#include <string.h>
2129#include <openssl/evp.h>
2130int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
2131 ]])],
2132 [
2133 AC_MSG_RESULT(no)
2134 ],
2135 [
2136 AC_MSG_RESULT(yes)
2137 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2138 [libcrypto is missing AES 192 and 256 bit functions])
2139 ]
2140)
2141
416fd2a8 2142# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2143# because the system crypt() is more featureful.
2144if test "x$check_for_libcrypt_before" = "x1"; then
2145 AC_CHECK_LIB(crypt, crypt)
2146fi
2147
2148# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2149# version in OpenSSL.
70791e56 2150if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2151 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2152fi
2153
2e437378 2154# Search for SHA256 support in libc and/or OpenSSL
2155AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2156
34fee935 2157AC_CHECK_LIB(iaf, ia_openinfo)
e9a17296 2158
2159### Configure cryptographic random number support
2160
2161# Check wheter OpenSSL seeds itself
2162AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
34fee935 2163AC_RUN_IFELSE(
2164 [AC_LANG_SOURCE([[
e9a17296 2165#include <string.h>
2166#include <openssl/rand.h>
e54b3d7c 2167int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
34fee935 2168 ]])],
e9a17296 2169 [
2170 OPENSSL_SEEDS_ITSELF=yes
2171 AC_MSG_RESULT(yes)
2172 ],
2173 [
2174 AC_MSG_RESULT(no)
2175 # Default to use of the rand helper if OpenSSL doesn't
2176 # seed itself
2177 USE_RAND_HELPER=yes
34fee935 2178 ],
2179 [
2180 AC_MSG_WARN([cross compiling: assuming yes])
2181 # This is safe, since all recent OpenSSL versions will
2182 # complain at runtime if not seeded correctly.
2183 OPENSSL_SEEDS_ITSELF=yes
e9a17296 2184 ]
2185)
2186
2e437378 2187# Check for PAM libs
2188PAM_MSG="no"
2189AC_ARG_WITH(pam,
2190 [ --with-pam Enable PAM support ],
2191 [
2192 if test "x$withval" != "xno" ; then
2193 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2194 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2195 AC_MSG_ERROR([PAM headers not found])
2196 fi
2197
2198 saved_LIBS="$LIBS"
2199 AC_CHECK_LIB(dl, dlopen, , )
2200 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2201 AC_CHECK_FUNCS(pam_getenvlist)
2202 AC_CHECK_FUNCS(pam_putenv)
2203 LIBS="$saved_LIBS"
2204
2205 PAM_MSG="yes"
2206
2207 LIBPAM="-lpam"
2208 AC_DEFINE(USE_PAM, 1,
2209 [Define if you want to enable PAM support])
2210
2211 if test $ac_cv_lib_dl_dlopen = yes; then
2212 case "$LIBS" in
2213 *-ldl*)
2214 # libdl already in LIBS
2215 ;;
2216 *)
2217 LIBPAM="$LIBPAM -ldl"
2218 ;;
2219 esac
2220 fi
2221 AC_SUBST(LIBPAM)
2222 fi
2223 ],
2224 [
2225 saved_LIBS="$LIBS"
2226 AC_CHECK_LIB(dl, dlopen, , )
2227 AC_CHECK_LIB(pam, pam_set_item, , )
2228 AC_CHECK_FUNCS(pam_getenvlist)
2229 AC_CHECK_FUNCS(pam_putenv)
2230 LIBS="$saved_LIBS"
2231
2232 if (test "x$ac_cv_header_security_pam_appl_h" = "xyes" || \
2233 test "x$ac_cv_header_pam_pam_appl_h" = "xyes") &&
2234 test "x$ac_cv_lib_pam_pam_set_item" = "xyes" ; then
2235
2236 PAM_MSG="yes"
2237
2238 LIBPAM="-lpam"
2239
2240 if test $ac_cv_lib_dl_dlopen = yes; then
2241 case "$LIBS" in
2242 *-ldl*)
2243 # libdl already in LIBS
2244 ;;
2245 *)
2246 LIBPAM="$LIBPAM -ldl"
2247 ;;
2248 esac
2249 fi
2250 AC_SUBST(LIBPAM)
2251 fi
2252 ]
2253)
2254
2255# Check for older PAM
2256if test "x$PAM_MSG" = "xyes" ; then
2257 # Check PAM strerror arguments (old PAM)
2258 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2259 AC_TRY_COMPILE(
2260 [
2261#include <stdlib.h>
2262#if defined(HAVE_SECURITY_PAM_APPL_H)
2263#include <security/pam_appl.h>
2264#elif defined (HAVE_PAM_PAM_APPL_H)
2265#include <pam/pam_appl.h>
2266#endif
2267 ],
2268 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2269 [AC_MSG_RESULT(no)],
2270 [
2271 AC_DEFINE(HAVE_OLD_PAM, 1,
2272 [Define if you have an old version of PAM
2273 which takes only one argument to pam_strerror])
2274 AC_MSG_RESULT(yes)
2275 PAM_MSG="yes (old library)"
2276 ]
2277 )
2278fi
e9a17296 2279
2280# Do we want to force the use of the rand helper?
2281AC_ARG_WITH(rand-helper,
2282 [ --with-rand-helper Use subprocess to gather strong randomness ],
2283 [
2284 if test "x$withval" = "xno" ; then
416fd2a8 2285 # Force use of OpenSSL's internal RNG, even if
e9a17296 2286 # the previous test showed it to be unseeded.
2287 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2288 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2289 OPENSSL_SEEDS_ITSELF=yes
2290 USE_RAND_HELPER=""
2291 fi
2292 else
2293 USE_RAND_HELPER=yes
2294 fi
2295 ],
34fee935 2296)
e9a17296 2297
2298# Which randomness source do we use?
34fee935 2299if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 2300 # OpenSSL only
e00da40d 2301 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2302 [Define if you want OpenSSL's internally seeded PRNG only])
e9a17296 2303 RAND_MSG="OpenSSL internal ONLY"
2304 INSTALL_SSH_RAND_HELPER=""
2305elif test ! -z "$USE_RAND_HELPER" ; then
2306 # install rand helper
2307 RAND_MSG="ssh-rand-helper"
2308 INSTALL_SSH_RAND_HELPER="yes"
2309fi
2310AC_SUBST(INSTALL_SSH_RAND_HELPER)
2311
2312### Configuration of ssh-rand-helper
2313
2314# PRNGD TCP socket
2315AC_ARG_WITH(prngd-port,
2316 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2317 [
2318 case "$withval" in
2319 no)
2320 withval=""
2321 ;;
2322 [[0-9]]*)
2323 ;;
2324 *)
2325 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2326 ;;
2327 esac
2328 if test ! -z "$withval" ; then
2329 PRNGD_PORT="$withval"
e00da40d 2330 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2331 [Port number of PRNGD/EGD random number socket])
e9a17296 2332 fi
2333 ]
2334)
2335
2336# PRNGD Unix domain socket
2337AC_ARG_WITH(prngd-socket,
2338 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2339 [
2340 case "$withval" in
2341 yes)
2342 withval="/var/run/egd-pool"
2343 ;;
2344 no)
2345 withval=""
2346 ;;
2347 /*)
2348 ;;
2349 *)
2350 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2351 ;;
2352 esac
2353
2354 if test ! -z "$withval" ; then
2355 if test ! -z "$PRNGD_PORT" ; then
2356 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2357 fi
2358 if test ! -r "$withval" ; then
2359 AC_MSG_WARN(Entropy socket is not readable)
2360 fi
2361 PRNGD_SOCKET="$withval"
e00da40d 2362 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2363 [Location of PRNGD/EGD random number socket])
e9a17296 2364 fi
2365 ],
2366 [
2367 # Check for existing socket only if we don't have a random device already
2368 if test "$USE_RAND_HELPER" = yes ; then
2369 AC_MSG_CHECKING(for PRNGD/EGD socket)
2370 # Insert other locations here
2371 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2372 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2373 PRNGD_SOCKET="$sock"
2374 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2375 break;
2376 fi
2377 done
2378 if test ! -z "$PRNGD_SOCKET" ; then
2379 AC_MSG_RESULT($PRNGD_SOCKET)
2380 else
2381 AC_MSG_RESULT(not found)
2382 fi
2383 fi
2384 ]
2385)
2386
2387# Change default command timeout for hashing entropy source
2388entropy_timeout=200
2389AC_ARG_WITH(entropy-timeout,
2390 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2391 [
34fee935 2392 if test -n "$withval" && test "x$withval" != "xno" && \
2393 test "x${withval}" != "xyes"; then
e9a17296 2394 entropy_timeout=$withval
2395 fi
34fee935 2396 ]
e9a17296 2397)
e00da40d 2398AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2399 [Builtin PRNG command timeout])
e9a17296 2400
ff2d7a98 2401SSH_PRIVSEP_USER=sshd
2980ea68 2402AC_ARG_WITH(privsep-user,
2403 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2404 [
34fee935 2405 if test -n "$withval" && test "x$withval" != "xno" && \
2406 test "x${withval}" != "xyes"; then
ff2d7a98 2407 SSH_PRIVSEP_USER=$withval
2980ea68 2408 fi
34fee935 2409 ]
2980ea68 2410)
e00da40d 2411AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2412 [non-privileged user for privilege separation])
ff2d7a98 2413AC_SUBST(SSH_PRIVSEP_USER)
2980ea68 2414
2415# We do this little dance with the search path to insure
2416# that programs that we select for use by installed programs
2417# (which may be run by the super-user) come from trusted
2418# locations before they come from the user's private area.
2419# This should help avoid accidentally configuring some
2420# random version of a program in someone's personal bin.
2421
2422OPATH=$PATH
2423PATH=/bin:/usr/bin
2424test -h /bin 2> /dev/null && PATH=/usr/bin
2425test -d /sbin && PATH=$PATH:/sbin
2426test -d /usr/sbin && PATH=$PATH:/usr/sbin
2427PATH=$PATH:/etc:$OPATH
2428
416fd2a8 2429# These programs are used by the command hashing source to gather entropy
e9a17296 2430OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2431OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2432OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2433OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2434OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2435OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2436OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2437OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2438OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2439OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2440OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2441OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2442OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2443OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2444OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2445OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
2980ea68 2446# restore PATH
2447PATH=$OPATH
e9a17296 2448
2449# Where does ssh-rand-helper get its randomness from?
2450INSTALL_SSH_PRNG_CMDS=""
2451if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2452 if test ! -z "$PRNGD_PORT" ; then
2453 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2454 elif test ! -z "$PRNGD_SOCKET" ; then
2455 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2456 else
2457 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2458 RAND_HELPER_CMDHASH=yes
2459 INSTALL_SSH_PRNG_CMDS="yes"
2460 fi
2461fi
2462AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2463
2464
3c0ef626 2465# Cheap hack to ensure NEWS-OS libraries are arranged right.
2466if test ! -z "$SONY" ; then
2467 LIBS="$LIBS -liberty";
2468fi
2469
e00da40d 2470# Check for long long datatypes
2471AC_CHECK_TYPES([long long, unsigned long long, long double])
2472
2473# Check datatype sizes
3c0ef626 2474AC_CHECK_SIZEOF(char, 1)
2475AC_CHECK_SIZEOF(short int, 2)
2476AC_CHECK_SIZEOF(int, 4)
2477AC_CHECK_SIZEOF(long int, 4)
2478AC_CHECK_SIZEOF(long long int, 8)
2479
2980ea68 2480# Sanity check long long for some platforms (AIX)
2481if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2482 ac_cv_sizeof_long_long_int=0
2483fi
2484
e00da40d 2485# compute LLONG_MIN and LLONG_MAX if we don't know them.
2486if test -z "$have_llong_max"; then
2487 AC_MSG_CHECKING([for max value of long long])
2488 AC_RUN_IFELSE(
2489 [AC_LANG_SOURCE([[
2490#include <stdio.h>
2491/* Why is this so damn hard? */
2492#ifdef __GNUC__
2493# undef __GNUC__
2494#endif
2495#define __USE_ISOC99
2496#include <limits.h>
2497#define DATA "conftest.llminmax"
2e437378 2498#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2499
2500/*
2501 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2502 * we do this the hard way.
2503 */
2504static int
2505fprint_ll(FILE *f, long long n)
2506{
2507 unsigned int i;
2508 int l[sizeof(long long) * 8];
2509
2510 if (n < 0)
2511 if (fprintf(f, "-") < 0)
2512 return -1;
2513 for (i = 0; n != 0; i++) {
2514 l[i] = my_abs(n % 10);
2515 n /= 10;
2516 }
2517 do {
2518 if (fprintf(f, "%d", l[--i]) < 0)
2519 return -1;
2520 } while (i != 0);
2521 if (fprintf(f, " ") < 0)
2522 return -1;
2523 return 0;
2524}
2525
e00da40d 2526int main(void) {
2527 FILE *f;
2528 long long i, llmin, llmax = 0;
2529
2530 if((f = fopen(DATA,"w")) == NULL)
2531 exit(1);
2532
2533#if defined(LLONG_MIN) && defined(LLONG_MAX)
2534 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2535 llmin = LLONG_MIN;
2536 llmax = LLONG_MAX;
2537#else
2538 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2539 /* This will work on one's complement and two's complement */
2540 for (i = 1; i > llmax; i <<= 1, i++)
2541 llmax = i;
2542 llmin = llmax + 1LL; /* wrap */
2543#endif
2544
2545 /* Sanity check */
2546 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
2e437378 2547 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2548 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
e00da40d 2549 fprintf(f, "unknown unknown\n");
2550 exit(2);
2551 }
2552
2e437378 2553 if (fprint_ll(f, llmin) < 0)
e00da40d 2554 exit(3);
2e437378 2555 if (fprint_ll(f, llmax) < 0)
2556 exit(4);
2557 if (fclose(f) < 0)
2558 exit(5);
e00da40d 2559 exit(0);
2560}
2561 ]])],
2562 [
2563 llong_min=`$AWK '{print $1}' conftest.llminmax`
2564 llong_max=`$AWK '{print $2}' conftest.llminmax`
2565
e00da40d 2566 AC_MSG_RESULT($llong_max)
2567 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2568 [max value of long long calculated by configure])
2569 AC_MSG_CHECKING([for min value of long long])
2570 AC_MSG_RESULT($llong_min)
2571 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2572 [min value of long long calculated by configure])
2573 ],
2574 [
2575 AC_MSG_RESULT(not found)
2576 ],
2577 [
2578 AC_MSG_WARN([cross compiling: not checking])
2579 ]
2580 )
2581fi
2582
2583
3c0ef626 2584# More checks for data types
2585AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2586 AC_TRY_COMPILE(
416fd2a8 2587 [ #include <sys/types.h> ],
2588 [ u_int a; a = 1;],
3c0ef626 2589 [ ac_cv_have_u_int="yes" ],
2590 [ ac_cv_have_u_int="no" ]
2591 )
2592])
2593if test "x$ac_cv_have_u_int" = "xyes" ; then
e00da40d 2594 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2595 have_u_int=1
2596fi
2597
2598AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2599 AC_TRY_COMPILE(
416fd2a8 2600 [ #include <sys/types.h> ],
2601 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2602 [ ac_cv_have_intxx_t="yes" ],
2603 [ ac_cv_have_intxx_t="no" ]
2604 )
2605])
2606if test "x$ac_cv_have_intxx_t" = "xyes" ; then
e00da40d 2607 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2608 have_intxx_t=1
2609fi
2610
2611if (test -z "$have_intxx_t" && \
416fd2a8 2612 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2613then
2614 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2615 AC_TRY_COMPILE(
416fd2a8 2616 [ #include <stdint.h> ],
2617 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2618 [
2619 AC_DEFINE(HAVE_INTXX_T)
2620 AC_MSG_RESULT(yes)
2621 ],
2622 [ AC_MSG_RESULT(no) ]
2623 )
2624fi
2625
2626AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2627 AC_TRY_COMPILE(
e54b3d7c 2628 [
2629#include <sys/types.h>
2630#ifdef HAVE_STDINT_H
2631# include <stdint.h>
2632#endif
2633#include <sys/socket.h>
2634#ifdef HAVE_SYS_BITYPES_H
2635# include <sys/bitypes.h>
2636#endif
416fd2a8 2637 ],
2638 [ int64_t a; a = 1;],
3c0ef626 2639 [ ac_cv_have_int64_t="yes" ],
2640 [ ac_cv_have_int64_t="no" ]
2641 )
2642])
2643if test "x$ac_cv_have_int64_t" = "xyes" ; then
e00da40d 2644 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9a17296 2645fi
2646
3c0ef626 2647AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2648 AC_TRY_COMPILE(
416fd2a8 2649 [ #include <sys/types.h> ],
2650 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2651 [ ac_cv_have_u_intxx_t="yes" ],
2652 [ ac_cv_have_u_intxx_t="no" ]
2653 )
2654])
2655if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
e00da40d 2656 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2657 have_u_intxx_t=1
2658fi
2659
2660if test -z "$have_u_intxx_t" ; then
2661 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2662 AC_TRY_COMPILE(
416fd2a8 2663 [ #include <sys/socket.h> ],
2664 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2665 [
2666 AC_DEFINE(HAVE_U_INTXX_T)
2667 AC_MSG_RESULT(yes)
2668 ],
2669 [ AC_MSG_RESULT(no) ]
2670 )
2671fi
2672
2673AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2674 AC_TRY_COMPILE(
416fd2a8 2675 [ #include <sys/types.h> ],
2676 [ u_int64_t a; a = 1;],
3c0ef626 2677 [ ac_cv_have_u_int64_t="yes" ],
2678 [ ac_cv_have_u_int64_t="no" ]
2679 )
2680])
2681if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
e00da40d 2682 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2683 have_u_int64_t=1
2684fi
2685
e9a17296 2686if test -z "$have_u_int64_t" ; then
2687 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2688 AC_TRY_COMPILE(
416fd2a8 2689 [ #include <sys/bitypes.h> ],
e9a17296 2690 [ u_int64_t a; a = 1],
2691 [
2692 AC_DEFINE(HAVE_U_INT64_T)
2693 AC_MSG_RESULT(yes)
2694 ],
2695 [ AC_MSG_RESULT(no) ]
2696 )
2697fi
2698
3c0ef626 2699if test -z "$have_u_intxx_t" ; then
2700 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2701 AC_TRY_COMPILE(
2702 [
2703#include <sys/types.h>
416fd2a8 2704 ],
2705 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2706 [ ac_cv_have_uintxx_t="yes" ],
2707 [ ac_cv_have_uintxx_t="no" ]
2708 )
2709 ])
2710 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
e00da40d 2711 AC_DEFINE(HAVE_UINTXX_T, 1,
2712 [define if you have uintxx_t data type])
3c0ef626 2713 fi
2714fi
2715
2716if test -z "$have_uintxx_t" ; then
2717 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2718 AC_TRY_COMPILE(
416fd2a8 2719 [ #include <stdint.h> ],
2720 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2721 [
2722 AC_DEFINE(HAVE_UINTXX_T)
2723 AC_MSG_RESULT(yes)
2724 ],
2725 [ AC_MSG_RESULT(no) ]
2726 )
2727fi
2728
2729if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
416fd2a8 2730 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2731then
2732 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2733 AC_TRY_COMPILE(
2734 [
2735#include <sys/bitypes.h>
416fd2a8 2736 ],
3c0ef626 2737 [
2738 int8_t a; int16_t b; int32_t c;
2739 u_int8_t e; u_int16_t f; u_int32_t g;
2740 a = b = c = e = f = g = 1;
416fd2a8 2741 ],
3c0ef626 2742 [
2743 AC_DEFINE(HAVE_U_INTXX_T)
2744 AC_DEFINE(HAVE_INTXX_T)
2745 AC_MSG_RESULT(yes)
2746 ],
2747 [AC_MSG_RESULT(no)]
416fd2a8 2748 )
3c0ef626 2749fi
2750
2751
2752AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2753 AC_TRY_COMPILE(
2754 [
2755#include <sys/types.h>
2756 ],
2757 [ u_char foo; foo = 125; ],
2758 [ ac_cv_have_u_char="yes" ],
2759 [ ac_cv_have_u_char="no" ]
2760 )
2761])
2762if test "x$ac_cv_have_u_char" = "xyes" ; then
e00da40d 2763 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2764fi
2765
2766TYPE_SOCKLEN_T
2767
e9a17296 2768AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2769
34fee935 2770AC_CHECK_TYPES(in_addr_t,,,
2771[#include <sys/types.h>
2772#include <netinet/in.h>])
2773
3c0ef626 2774AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2775 AC_TRY_COMPILE(
2776 [
2777#include <sys/types.h>
2778 ],
2779 [ size_t foo; foo = 1235; ],
2780 [ ac_cv_have_size_t="yes" ],
2781 [ ac_cv_have_size_t="no" ]
2782 )
2783])
2784if test "x$ac_cv_have_size_t" = "xyes" ; then
e00da40d 2785 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2786fi
2787
2788AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2789 AC_TRY_COMPILE(
2790 [
2791#include <sys/types.h>
2792 ],
2793 [ ssize_t foo; foo = 1235; ],
2794 [ ac_cv_have_ssize_t="yes" ],
2795 [ ac_cv_have_ssize_t="no" ]
2796 )
2797])
2798if test "x$ac_cv_have_ssize_t" = "xyes" ; then
e00da40d 2799 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2800fi
2801
2802AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2803 AC_TRY_COMPILE(
2804 [
2805#include <time.h>
2806 ],
2807 [ clock_t foo; foo = 1235; ],
2808 [ ac_cv_have_clock_t="yes" ],
2809 [ ac_cv_have_clock_t="no" ]
2810 )
2811])
2812if test "x$ac_cv_have_clock_t" = "xyes" ; then
e00da40d 2813 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2814fi
2815
2816AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2817 AC_TRY_COMPILE(
2818 [
2819#include <sys/types.h>
2820#include <sys/socket.h>
2821 ],
2822 [ sa_family_t foo; foo = 1235; ],
2823 [ ac_cv_have_sa_family_t="yes" ],
2824 [ AC_TRY_COMPILE(
2825 [
2826#include <sys/types.h>
2827#include <sys/socket.h>
2828#include <netinet/in.h>
2829 ],
2830 [ sa_family_t foo; foo = 1235; ],
2831 [ ac_cv_have_sa_family_t="yes" ],
2832
2833 [ ac_cv_have_sa_family_t="no" ]
2834 )]
2835 )
2836])
2837if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
e00da40d 2838 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2839 [define if you have sa_family_t data type])
3c0ef626 2840fi
2841
2842AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2843 AC_TRY_COMPILE(
2844 [
2845#include <sys/types.h>
2846 ],
2847 [ pid_t foo; foo = 1235; ],
2848 [ ac_cv_have_pid_t="yes" ],
2849 [ ac_cv_have_pid_t="no" ]
2850 )
2851])
2852if test "x$ac_cv_have_pid_t" = "xyes" ; then
e00da40d 2853 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2854fi
2855
2856AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2857 AC_TRY_COMPILE(
2858 [
2859#include <sys/types.h>
2860 ],
2861 [ mode_t foo; foo = 1235; ],
2862 [ ac_cv_have_mode_t="yes" ],
2863 [ ac_cv_have_mode_t="no" ]
2864 )
2865])
2866if test "x$ac_cv_have_mode_t" = "xyes" ; then
e00da40d 2867 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2868fi
2869
2870
2871AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2872 AC_TRY_COMPILE(
2873 [
2874#include <sys/types.h>
2875#include <sys/socket.h>
2876 ],
2877 [ struct sockaddr_storage s; ],
2878 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2879 [ ac_cv_have_struct_sockaddr_storage="no" ]
2880 )
2881])
2882if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
e00da40d 2883 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2884 [define if you have struct sockaddr_storage data type])
3c0ef626 2885fi
2886
2887AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2888 AC_TRY_COMPILE(
2889 [
2890#include <sys/types.h>
2891#include <netinet/in.h>
2892 ],
2893 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2894 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2895 [ ac_cv_have_struct_sockaddr_in6="no" ]
2896 )
2897])
2898if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
e00da40d 2899 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2900 [define if you have struct sockaddr_in6 data type])
3c0ef626 2901fi
2902
2903AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2904 AC_TRY_COMPILE(
2905 [
2906#include <sys/types.h>
2907#include <netinet/in.h>
2908 ],
2909 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2910 [ ac_cv_have_struct_in6_addr="yes" ],
2911 [ ac_cv_have_struct_in6_addr="no" ]
2912 )
2913])
2914if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
e00da40d 2915 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2916 [define if you have struct in6_addr data type])
3c0ef626 2917fi
2918
2919AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2920 AC_TRY_COMPILE(
2921 [
2922#include <sys/types.h>
2923#include <sys/socket.h>
2924#include <netdb.h>
2925 ],
2926 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2927 [ ac_cv_have_struct_addrinfo="yes" ],
2928 [ ac_cv_have_struct_addrinfo="no" ]
2929 )
2930])
2931if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
e00da40d 2932 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2933 [define if you have struct addrinfo data type])
3c0ef626 2934fi
2935
2936AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2937 AC_TRY_COMPILE(
416fd2a8 2938 [ #include <sys/time.h> ],
2939 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2940 [ ac_cv_have_struct_timeval="yes" ],
2941 [ ac_cv_have_struct_timeval="no" ]
2942 )
2943])
2944if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
e00da40d 2945 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2946 have_struct_timeval=1
2947fi
2948
1c14df9e 2949AC_CHECK_TYPES(struct timespec)
2950
2951# We need int64_t or else certian parts of the compile will fail.
34fee935 2952if test "x$ac_cv_have_int64_t" = "xno" && \
2953 test "x$ac_cv_sizeof_long_int" != "x8" && \
2954 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
1c14df9e 2955 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2956 echo "an alternative compiler (I.E., GCC) before continuing."
2957 echo ""
2958 exit 1;
3c0ef626 2959else
2960dnl test snprintf (broken on SCO w/gcc)
34fee935 2961 AC_RUN_IFELSE(
2962 [AC_LANG_SOURCE([[
3c0ef626 2963#include <stdio.h>
2964#include <string.h>
2965#ifdef HAVE_SNPRINTF
2966main()
2967{
2968 char buf[50];
2969 char expected_out[50];
2970 int mazsize = 50 ;
2971#if (SIZEOF_LONG_INT == 8)
2972 long int num = 0x7fffffffffffffff;
2973#else
2974 long long num = 0x7fffffffffffffffll;
2975#endif
2976 strcpy(expected_out, "9223372036854775807");
2977 snprintf(buf, mazsize, "%lld", num);
2978 if(strcmp(buf, expected_out) != 0)
416fd2a8 2979 exit(1);
3c0ef626 2980 exit(0);
2981}
2982#else
2983main() { exit(0); }
2984#endif
34fee935 2985 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2986 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2987 )
2988fi
3c0ef626 2989
2990dnl Checks for structure members
2991OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2992OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2993OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2994OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2995OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2996OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2997OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2998OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2999OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
3000OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
3001OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
3002OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
3003OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
3004OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
3005OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
3006OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
3007OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
3008
3009AC_CHECK_MEMBERS([struct stat.st_blksize])
e00da40d 3010AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
3011 [Define if we don't have struct __res_state in resolv.h])],
3012[
3013#include <stdio.h>
3014#if HAVE_SYS_TYPES_H
3015# include <sys/types.h>
3016#endif
3017#include <netinet/in.h>
3018#include <arpa/nameser.h>
3019#include <resolv.h>
3020])
3c0ef626 3021
3022AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
3023 ac_cv_have_ss_family_in_struct_ss, [
3024 AC_TRY_COMPILE(
3025 [
3026#include <sys/types.h>
3027#include <sys/socket.h>
3028 ],
3029 [ struct sockaddr_storage s; s.ss_family = 1; ],
3030 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
3031 [ ac_cv_have_ss_family_in_struct_ss="no" ],
3032 )
3033])
3034if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
e00da40d 3035 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 3036fi
3037
3038AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
3039 ac_cv_have___ss_family_in_struct_ss, [
3040 AC_TRY_COMPILE(
3041 [
3042#include <sys/types.h>
3043#include <sys/socket.h>
3044 ],
3045 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3046 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3047 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3048 )
3049])
3050if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
e00da40d 3051 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3052 [Fields in struct sockaddr_storage])
3c0ef626 3053fi
3054
3055AC_CACHE_CHECK([for pw_class field in struct passwd],
3056 ac_cv_have_pw_class_in_struct_passwd, [
3057 AC_TRY_COMPILE(
3058 [
3059#include <pwd.h>
3060 ],
3061 [ struct passwd p; p.pw_class = 0; ],
3062 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3063 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3064 )
3065])
3066if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
e00da40d 3067 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3068 [Define if your password has a pw_class field])
3c0ef626 3069fi
3070
3071AC_CACHE_CHECK([for pw_expire field in struct passwd],
3072 ac_cv_have_pw_expire_in_struct_passwd, [
3073 AC_TRY_COMPILE(
3074 [
3075#include <pwd.h>
3076 ],
3077 [ struct passwd p; p.pw_expire = 0; ],
3078 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3079 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3080 )
3081])
3082if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
e00da40d 3083 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3084 [Define if your password has a pw_expire field])
3c0ef626 3085fi
3086
3087AC_CACHE_CHECK([for pw_change field in struct passwd],
3088 ac_cv_have_pw_change_in_struct_passwd, [
3089 AC_TRY_COMPILE(
3090 [
3091#include <pwd.h>
3092 ],
3093 [ struct passwd p; p.pw_change = 0; ],
3094 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3095 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3096 )
3097])
3098if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
e00da40d 3099 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3100 [Define if your password has a pw_change field])
3c0ef626 3101fi
3102
078f71c2 3103dnl make sure we're using the real structure members and not defines
2980ea68 3104AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3105 ac_cv_have_accrights_in_msghdr, [
34fee935 3106 AC_COMPILE_IFELSE(
2980ea68 3107 [
3108#include <sys/types.h>
3109#include <sys/socket.h>
3110#include <sys/uio.h>
078f71c2 3111int main() {
3112#ifdef msg_accrights
34fee935 3113#error "msg_accrights is a macro"
078f71c2 3114exit(1);
3115#endif
3116struct msghdr m;
3117m.msg_accrights = 0;
3118exit(0);
3119}
2980ea68 3120 ],
2980ea68 3121 [ ac_cv_have_accrights_in_msghdr="yes" ],
3122 [ ac_cv_have_accrights_in_msghdr="no" ]
3123 )
3124])
3125if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
e00da40d 3126 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3127 [Define if your system uses access rights style
3128 file descriptor passing])
2980ea68 3129fi
3130
3131AC_CACHE_CHECK([for msg_control field in struct msghdr],
3132 ac_cv_have_control_in_msghdr, [
34fee935 3133 AC_COMPILE_IFELSE(
2980ea68 3134 [
3135#include <sys/types.h>
3136#include <sys/socket.h>
3137#include <sys/uio.h>
078f71c2 3138int main() {
3139#ifdef msg_control
34fee935 3140#error "msg_control is a macro"
078f71c2 3141exit(1);
3142#endif
3143struct msghdr m;
3144m.msg_control = 0;
3145exit(0);
3146}
2980ea68 3147 ],
2980ea68 3148 [ ac_cv_have_control_in_msghdr="yes" ],
3149 [ ac_cv_have_control_in_msghdr="no" ]
3150 )
3151])
3152if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
e00da40d 3153 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3154 [Define if your system uses ancillary data style
3155 file descriptor passing])
2980ea68 3156fi
3157
3c0ef626 3158AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
416fd2a8 3159 AC_TRY_LINK([],
3160 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3161 [ ac_cv_libc_defines___progname="yes" ],
3162 [ ac_cv_libc_defines___progname="no" ]
3163 )
3164])
3165if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
e00da40d 3166 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3167fi
3168
2980ea68 3169AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3170 AC_TRY_LINK([
3171#include <stdio.h>
416fd2a8 3172],
3173 [ printf("%s", __FUNCTION__); ],
2980ea68 3174 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3175 [ ac_cv_cc_implements___FUNCTION__="no" ]
3176 )
3177])
3178if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
e00da40d 3179 AC_DEFINE(HAVE___FUNCTION__, 1,
3180 [Define if compiler implements __FUNCTION__])
2980ea68 3181fi
3182
3183AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3184 AC_TRY_LINK([
3185#include <stdio.h>
416fd2a8 3186],
3187 [ printf("%s", __func__); ],
2980ea68 3188 [ ac_cv_cc_implements___func__="yes" ],
3189 [ ac_cv_cc_implements___func__="no" ]
3190 )
3191])
3192if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
e00da40d 3193 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3194fi
3195
3196AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3197 AC_TRY_LINK(
3198 [#include <stdarg.h>
3199 va_list x,y;],
3200 [va_copy(x,y);],
3201 [ ac_cv_have_va_copy="yes" ],
3202 [ ac_cv_have_va_copy="no" ]
3203 )
3204])
3205if test "x$ac_cv_have_va_copy" = "xyes" ; then
3206 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3207fi
3208
3209AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3210 AC_TRY_LINK(
3211 [#include <stdarg.h>
3212 va_list x,y;],
3213 [__va_copy(x,y);],
3214 [ ac_cv_have___va_copy="yes" ],
3215 [ ac_cv_have___va_copy="no" ]
3216 )
3217])
3218if test "x$ac_cv_have___va_copy" = "xyes" ; then
3219 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2980ea68 3220fi
3221
3c0ef626 3222AC_CACHE_CHECK([whether getopt has optreset support],
3223 ac_cv_have_getopt_optreset, [
3224 AC_TRY_LINK(
3225 [
3226#include <getopt.h>
3227 ],
3228 [ extern int optreset; optreset = 0; ],
3229 [ ac_cv_have_getopt_optreset="yes" ],
3230 [ ac_cv_have_getopt_optreset="no" ]
3231 )
3232])
3233if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
e00da40d 3234 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3235 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3236fi
3237
3238AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
416fd2a8 3239 AC_TRY_LINK([],
3240 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3241 [ ac_cv_libc_defines_sys_errlist="yes" ],
3242 [ ac_cv_libc_defines_sys_errlist="no" ]
3243 )
3244])
3245if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
e00da40d 3246 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3247 [Define if your system defines sys_errlist[]])
3c0ef626 3248fi
3249
3250
3251AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
416fd2a8 3252 AC_TRY_LINK([],
3253 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3254 [ ac_cv_libc_defines_sys_nerr="yes" ],
3255 [ ac_cv_libc_defines_sys_nerr="no" ]
3256 )
3257])
3258if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
e00da40d 3259 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3260fi
3261
416fd2a8 3262SCARD_MSG="no"
2980ea68 3263# Check whether user wants sectok support
3264AC_ARG_WITH(sectok,
3265 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3266 [
3267 if test "x$withval" != "xno" ; then
3268 if test "x$withval" != "xyes" ; then
3269 CPPFLAGS="$CPPFLAGS -I${withval}"
3270 LDFLAGS="$LDFLAGS -L${withval}"
3271 if test ! -z "$need_dash_r" ; then
3272 LDFLAGS="$LDFLAGS -R${withval}"
3273 fi
3274 if test ! -z "$blibpath" ; then
3275 blibpath="$blibpath:${withval}"
3276 fi
3277 fi
3278 AC_CHECK_HEADERS(sectok.h)
3279 if test "$ac_cv_header_sectok_h" != yes; then
3280 AC_MSG_ERROR(Can't find sectok.h)
3281 fi
3282 AC_CHECK_LIB(sectok, sectok_open)
3283 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3284 AC_MSG_ERROR(Can't find libsectok)
3285 fi
e00da40d 3286 AC_DEFINE(SMARTCARD, 1,
3287 [Define if you want smartcard support])
3288 AC_DEFINE(USE_SECTOK, 1,
3289 [Define if you want smartcard support
3290 using sectok])
416fd2a8 3291 SCARD_MSG="yes, using sectok"
3c0ef626 3292 fi
3293 ]
3294)
3295
2980ea68 3296# Check whether user wants OpenSC support
34fee935 3297OPENSC_CONFIG="no"
2980ea68 3298AC_ARG_WITH(opensc,
e00da40d 3299 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
34fee935 3300 [
3301 if test "x$withval" != "xno" ; then
3302 if test "x$withval" != "xyes" ; then
3303 OPENSC_CONFIG=$withval/bin/opensc-config
3304 else
3305 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3306 fi
3307 if test "$OPENSC_CONFIG" != "no"; then
3308 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3309 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3310 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2e437378 3311 LIBS="$LIBS $LIBOPENSC_LIBS"
34fee935 3312 AC_DEFINE(SMARTCARD)
e00da40d 3313 AC_DEFINE(USE_OPENSC, 1,
3314 [Define if you want smartcard support
3315 using OpenSC])
34fee935 3316 SCARD_MSG="yes, using OpenSC"
3317 fi
3318 fi
3319 ]
3320)
2980ea68 3321
416fd2a8 3322# Check libraries needed by DNS fingerprint support
3323AC_SEARCH_LIBS(getrrsetbyname, resolv,
e00da40d 3324 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3325 [Define if getrrsetbyname() exists])],
70791e56 3326 [
416fd2a8 3327 # Needed by our getrrsetbyname()
3328 AC_SEARCH_LIBS(res_query, resolv)
3329 AC_SEARCH_LIBS(dn_expand, resolv)
1b56ff3d 3330 AC_MSG_CHECKING(if res_query will link)
3331 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3332 [AC_MSG_RESULT(no)
3333 saved_LIBS="$LIBS"
3334 LIBS="$LIBS -lresolv"
3335 AC_MSG_CHECKING(for res_query in -lresolv)
3336 AC_LINK_IFELSE([
3337#include <resolv.h>
3338int main()
3339{
3340 res_query (0, 0, 0, 0, 0);
3341 return 0;
3342}
3343 ],
3344 [LIBS="$LIBS -lresolv"
3345 AC_MSG_RESULT(yes)],
3346 [LIBS="$saved_LIBS"
3347 AC_MSG_RESULT(no)])
3348 ])
416fd2a8 3349 AC_CHECK_FUNCS(_getshort _getlong)
34fee935 3350 AC_CHECK_DECLS([_getshort, _getlong], , ,
3351 [#include <sys/types.h>
3352 #include <arpa/nameser.h>])
416fd2a8 3353 AC_CHECK_MEMBER(HEADER.ad,
e00da40d 3354 [AC_DEFINE(HAVE_HEADER_AD, 1,
3355 [Define if HEADER.ad exists in arpa/nameser.h])],,
416fd2a8 3356 [#include <arpa/nameser.h>])
3357 ])
70791e56 3358
2e437378 3359# Check whether user wants SELinux support
3360SELINUX_MSG="no"
3361LIBSELINUX=""
3362AC_ARG_WITH(selinux,
3363 [ --with-selinux Enable SELinux support],
3364 [ if test "x$withval" != "xno" ; then
3365 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3366 SELINUX_MSG="yes"
3367 AC_CHECK_HEADER([selinux/selinux.h], ,
3368 AC_MSG_ERROR(SELinux support requires selinux.h header))
3369 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3370 AC_MSG_ERROR(SELinux support requires libselinux library))
3371 save_LIBS="$LIBS"
3372 LIBS="$LIBS $LIBSELINUX"
3373 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3374 LIBS="$save_LIBS"
3375 fi ]
3376)
3377AC_SUBST(LIBSELINUX)
3378
d905e828 3379# Check whether user wants Kerberos 5 support
416fd2a8 3380KRB5_MSG="no"
d905e828 3381AC_ARG_WITH(kerberos5,
416fd2a8 3382 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3383 [ if test "x$withval" != "xno" ; then
3384 if test "x$withval" = "xyes" ; then
3385 KRB5ROOT="/usr/local"
3386 else
3387 KRB5ROOT=${withval}
3388 fi
3389
e00da40d 3390 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
416fd2a8 3391 KRB5_MSG="yes"
3392
3393 AC_MSG_CHECKING(for krb5-config)
3394 if test -x $KRB5ROOT/bin/krb5-config ; then
3395 KRB5CONF=$KRB5ROOT/bin/krb5-config
3396 AC_MSG_RESULT($KRB5CONF)
3397
3398 AC_MSG_CHECKING(for gssapi support)
3399 if $KRB5CONF | grep gssapi >/dev/null ; then
3400 AC_MSG_RESULT(yes)
e00da40d 3401 AC_DEFINE(GSSAPI, 1,
3402 [Define this if you want GSSAPI
3403 support in the version 2 protocol])
416fd2a8 3404 k5confopts=gssapi
3405 else
3406 AC_MSG_RESULT(no)
3407 k5confopts=""
3408 fi
3409 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3410 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3411 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3412 AC_MSG_CHECKING(whether we are using Heimdal)
3413 AC_TRY_COMPILE([ #include <krb5.h> ],
3414 [ char *tmp = heimdal_version; ],
3415 [ AC_MSG_RESULT(yes)
e00da40d 3416 AC_DEFINE(HEIMDAL, 1,
3417 [Define this if you are using the
3418 Heimdal version of Kerberos V5]) ],
416fd2a8 3419 AC_MSG_RESULT(no)
3420 )
3421 else
3422 AC_MSG_RESULT(no)
d905e828 3423 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
416fd2a8 3424 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3425 AC_MSG_CHECKING(whether we are using Heimdal)
3426 AC_TRY_COMPILE([ #include <krb5.h> ],
3427 [ char *tmp = heimdal_version; ],
3428 [ AC_MSG_RESULT(yes)
3429 AC_DEFINE(HEIMDAL)
1b56ff3d 3430 K5LIBS="-lkrb5 -ldes"
3431 K5LIBS="$K5LIBS -lcom_err -lasn1"
34fee935 3432 AC_CHECK_LIB(roken, net_write,
1b56ff3d 3433 [K5LIBS="$K5LIBS -lroken"])
416fd2a8 3434 ],
3435 [ AC_MSG_RESULT(no)
3436 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3437 ]
3438 )
70791e56 3439 AC_SEARCH_LIBS(dn_expand, resolv)
3440
3441 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3442 [ AC_DEFINE(GSSAPI)
3443 K5LIBS="-lgssapi $K5LIBS" ],
3444 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3445 [ AC_DEFINE(GSSAPI)
416fd2a8 3446 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
70791e56 3447 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3448 $K5LIBS)
3449 ],
3450 $K5LIBS)
34fee935 3451
70791e56 3452 AC_CHECK_HEADER(gssapi.h, ,
3453 [ unset ac_cv_header_gssapi_h
416fd2a8 3454 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
70791e56 3455 AC_CHECK_HEADERS(gssapi.h, ,
3456 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
416fd2a8 3457 )
70791e56 3458 ]
3459 )
3460
3461 oldCPP="$CPPFLAGS"
3462 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3463 AC_CHECK_HEADER(gssapi_krb5.h, ,
3464 [ CPPFLAGS="$oldCPP" ])
d905e828 3465
c2397a66 3466 # If we're using some other GSSAPI
3467 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3468 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3469 fi
d905e828 3470
416fd2a8 3471 if test -z "$GSSAPI"; then
3472 GSSAPI="KRB5";
3473 fi
c2397a66 3474
d905e828 3475 oldCPP="$CPPFLAGS"
3476 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3477 AC_CHECK_HEADER(gssapi_krb5.h, ,
3478 [ CPPFLAGS="$oldCPP" ])
3479
d905e828 3480 fi
416fd2a8 3481 if test ! -z "$need_dash_r" ; then
3482 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3483 fi
3484 if test ! -z "$blibpath" ; then
3485 blibpath="$blibpath:${KRB5ROOT}/lib"
3486 fi
416fd2a8 3487
e00da40d 3488 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3489 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3490 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
416fd2a8 3491
e00da40d 3492 LIBS="$LIBS $K5LIBS"
3493 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3494 [Define this if you want to use libkafs' AFS support]))
3495 fi
416fd2a8 3496 ]
d905e828 3497)
3c0ef626 3498
f2fd21a2 3499# Check whether user wants AFS_KRB5 support
3500AFS_KRB5_MSG="no"
3501AC_ARG_WITH(afs-krb5,
3502 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3503 [
3504 if test "x$withval" != "xno" ; then
3505
3506 if test "x$withval" != "xyes" ; then
e00da40d 3507 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3508 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
f2fd21a2 3509 else
e00da40d 3510 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3511 "/usr/bin/aklog",
3512 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
f2fd21a2 3513 fi
3514
416fd2a8 3515 if test -z "$KRB5ROOT" ; then
f2fd21a2 3516 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3517 fi
3518
2a304a95 3519 LIBS="-lkrbafs -lkrb4 $LIBS"
f2fd21a2 3520 if test ! -z "$AFS_LIBS" ; then
3521 LIBS="$LIBS $AFS_LIBS"
3522 fi
e00da40d 3523 AC_DEFINE(AFS_KRB5, 1,
3524 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
f2fd21a2 3525 AFS_KRB5_MSG="yes"
3526 fi
3527 ]
3528)
3c0ef626 3529
88928908 3530AC_ARG_WITH(session-hooks,
3531 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
e00da40d 3532 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
88928908 3533)
3534
3c0ef626 3535# Looking for programs, paths and files
3c0ef626 3536
2980ea68 3537PRIVSEP_PATH=/var/empty
3538AC_ARG_WITH(privsep-path,
e54b3d7c 3539 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
2980ea68 3540 [
34fee935 3541 if test -n "$withval" && test "x$withval" != "xno" && \
3542 test "x${withval}" != "xyes"; then
2980ea68 3543 PRIVSEP_PATH=$withval
3544 fi
3545 ]
3546)
3547AC_SUBST(PRIVSEP_PATH)
3548
3c0ef626 3549AC_ARG_WITH(xauth,
3550 [ --with-xauth=PATH Specify path to xauth program ],
3551 [
34fee935 3552 if test -n "$withval" && test "x$withval" != "xno" && \
3553 test "x${withval}" != "xyes"; then
3c0ef626 3554 xauth_path=$withval
3555 fi
3556 ],
3557 [
e54b3d7c 3558 TestPath="$PATH"
3559 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3560 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3561 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3562 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3563 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3564 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3565 xauth_path="/usr/openwin/bin/xauth"
3566 fi
3567 ]
3568)
3569
1c14df9e 3570STRIP_OPT=-s
3571AC_ARG_ENABLE(strip,
3572 [ --disable-strip Disable calling strip(1) on install],
3573 [
3574 if test "x$enableval" = "xno" ; then
3575 STRIP_OPT=
3576 fi
3577 ]
3578)
3579AC_SUBST(STRIP_OPT)
3580
3c0ef626 3581if test -z "$xauth_path" ; then
3582 XAUTH_PATH="undefined"
3583 AC_SUBST(XAUTH_PATH)
3584else
e00da40d 3585 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3586 [Define if xauth is found in your path])
3c0ef626 3587 XAUTH_PATH=$xauth_path
3588 AC_SUBST(XAUTH_PATH)
3589fi
3c0ef626 3590
59246c42 3591AC_CHECK_DECL(_PATH_BSHELL, ,
3592 AC_DEFINE_UNQUOTED(_PATH_BSHELL, "/bin/sh",
3593 [Define to your C shell if not defined in paths.h])
3594 [ #include <paths.h> ]
3595)
3596
3597AC_CHECK_DECL(_PATH_CSHELL, ,
3598 AC_DEFINE_UNQUOTED(_PATH_CSHELL, "/bin/csh",
3599 [Define to your Bourne shell if not defined in paths.h])
3600 [ #include <paths.h> ]
3601)
3602
3603AC_CHECK_DECL(_PATH_SHELLS, ,
3604 AC_DEFINE_UNQUOTED(_PATH_BSHELL, "/etc/shells",
3605 [Define to your shells file if not defined in paths.h])
3606 [ #include <paths.h> ]
3607)
3608
3609# if _PATH_MAILDIR is in paths.h then we won't go hunting for it.
3610AC_CHECK_DECL(_PATH_MAILDIR,
3611 AC_DEFINE(PATH_MAILDIR_IN_PATHS_H, 1,
3612 [Define if _PATH_MAILDIR is in paths.h]),
3613 ,
3614 [ #include <paths.h> ]
3615)
3616
3c0ef626 3617# Check for mail directory (last resort if we cannot get it from headers)
3618if test ! -z "$MAIL" ; then
3619 maildir=`dirname $MAIL`
e00da40d 3620 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3621 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3622fi
3623
34fee935 3624if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3625 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3626 disable_ptmx_check=yes
3627fi
3c0ef626 3628if test -z "$no_dev_ptmx" ; then
2980ea68 3629 if test "x$disable_ptmx_check" != "xyes" ; then
416fd2a8 3630 AC_CHECK_FILE("/dev/ptmx",
2980ea68 3631 [
e00da40d 3632 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3633 [Define if you have /dev/ptmx])
2980ea68 3634 have_dev_ptmx=1
3635 ]
3636 )
3637 fi
3c0ef626 3638fi
34fee935 3639
3640if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3641 AC_CHECK_FILE("/dev/ptc",
3642 [
e00da40d 3643 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3644 [Define if you have /dev/ptc])
34fee935 3645 have_dev_ptc=1
3646 ]
3647 )
3648else
3649 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3650fi
3c0ef626 3651
3652# Options from here on. Some of these are preset by platform above
3c0ef626 3653AC_ARG_WITH(mantype,
3654 [ --with-mantype=man|cat|doc Set man page type],
3655 [
3656 case "$withval" in
3657 man|cat|doc)
3658 MANTYPE=$withval
3659 ;;
3660 *)
3661 AC_MSG_ERROR(invalid man type: $withval)
3662 ;;
3663 esac
3664 ]
3665)
3666if test -z "$MANTYPE"; then
e54b3d7c 3667 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3668 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3669 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3670 MANTYPE=doc
3671 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3672 MANTYPE=man
3673 else
3674 MANTYPE=cat
3675 fi
3676fi
3677AC_SUBST(MANTYPE)
3678if test "$MANTYPE" = "doc"; then
3679 mansubdir=man;
3680else
3681 mansubdir=$MANTYPE;
3682fi
3683AC_SUBST(mansubdir)
3684
3685# Check whether to enable MD5 passwords
416fd2a8 3686MD5_MSG="no"
3c0ef626 3687AC_ARG_WITH(md5-passwords,
3688 [ --with-md5-passwords Enable use of MD5 passwords],
3689 [
3690 if test "x$withval" != "xno" ; then
e00da40d 3691 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3692 [Define if you want to allow MD5 passwords])
416fd2a8 3693 MD5_MSG="yes"
3c0ef626 3694 fi
3695 ]
3696)
3697
3698# Whether to disable shadow password support
3699AC_ARG_WITH(shadow,
3700 [ --without-shadow Disable shadow password support],
3701 [
34fee935 3702 if test "x$withval" = "xno" ; then
3c0ef626 3703 AC_DEFINE(DISABLE_SHADOW)
3704 disable_shadow=yes
3705 fi
3706 ]
3707)
3708
3709if test -z "$disable_shadow" ; then
3710 AC_MSG_CHECKING([if the systems has expire shadow information])
3711 AC_TRY_COMPILE(
3712 [
3713#include <sys/types.h>
3714#include <shadow.h>
3715 struct spwd sp;
3716 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3717 [ sp_expire_available=yes ], []
3718 )
3719
3720 if test "x$sp_expire_available" = "xyes" ; then
3721 AC_MSG_RESULT(yes)
e00da40d 3722 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3723 [Define if you want to use shadow password expire field])
3c0ef626 3724 else
3725 AC_MSG_RESULT(no)
3726 fi
3727fi
3728
3729# Use ip address instead of hostname in $DISPLAY
3730if test ! -z "$IPADDR_IN_DISPLAY" ; then
3731 DISPLAY_HACK_MSG="yes"
e00da40d 3732 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3733 [Define if you need to use IP address
3734 instead of hostname in $DISPLAY])
3c0ef626 3735else
416fd2a8 3736 DISPLAY_HACK_MSG="no"
3c0ef626 3737 AC_ARG_WITH(ipaddr-display,
3738 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3739 [
34fee935 3740 if test "x$withval" != "xno" ; then
3c0ef626 3741 AC_DEFINE(IPADDR_IN_DISPLAY)
416fd2a8 3742 DISPLAY_HACK_MSG="yes"
3c0ef626 3743 fi
3744 ]
3745 )
3746fi
3747
70791e56 3748# check for /etc/default/login and use it if present.
3749AC_ARG_ENABLE(etc-default-login,
34fee935 3750 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3751 [ if test "x$enableval" = "xno"; then
3752 AC_MSG_NOTICE([/etc/default/login handling disabled])
3753 etc_default_login=no
3754 else
3755 etc_default_login=yes
3756 fi ],
e00da40d 3757 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3758 then
3759 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3760 etc_default_login=no
3761 else
3762 etc_default_login=yes
3763 fi ]
34fee935 3764)
3765
3766if test "x$etc_default_login" != "xno"; then
3767 AC_CHECK_FILE("/etc/default/login",
3768 [ external_path_file=/etc/default/login ])
e00da40d 3769 if test "x$external_path_file" = "x/etc/default/login"; then
3770 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3771 [Define if your system has /etc/default/login])
34fee935 3772 fi
70791e56 3773fi
70791e56 3774
2980ea68 3775dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
34fee935 3776if test $ac_cv_func_login_getcapbool = "yes" && \
3777 test $ac_cv_header_login_cap_h = "yes" ; then
70791e56 3778 external_path_file=/etc/login.conf
2980ea68 3779fi
70791e56 3780
3c0ef626 3781# Whether to mess with the default path
416fd2a8 3782SERVER_PATH_MSG="(default)"
3c0ef626 3783AC_ARG_WITH(default-path,
2980ea68 3784 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3785 [
70791e56 3786 if test "x$external_path_file" = "x/etc/login.conf" ; then
2980ea68 3787 AC_MSG_WARN([
3788--with-default-path=PATH has no effect on this system.
3789Edit /etc/login.conf instead.])
34fee935 3790 elif test "x$withval" != "xno" ; then
70791e56 3791 if test ! -z "$external_path_file" ; then
3792 AC_MSG_WARN([
3793--with-default-path=PATH will only be used if PATH is not defined in
3794$external_path_file .])
3795 fi
3c0ef626 3796 user_path="$withval"
416fd2a8 3797 SERVER_PATH_MSG="$withval"
3c0ef626 3798 fi
3799 ],
70791e56 3800 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3801 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
2980ea68 3802 else
70791e56 3803 if test ! -z "$external_path_file" ; then
3804 AC_MSG_WARN([
3805If PATH is defined in $external_path_file, ensure the path to scp is included,
3806otherwise scp will not work.])
3807 fi
e00da40d 3808 AC_RUN_IFELSE(
3809 [AC_LANG_SOURCE([[
3c0ef626 3810/* find out what STDPATH is */
3811#include <stdio.h>
3812#ifdef HAVE_PATHS_H
3813# include <paths.h>
3814#endif
3815#ifndef _PATH_STDPATH
1c14df9e 3816# ifdef _PATH_USERPATH /* Irix */
3817# define _PATH_STDPATH _PATH_USERPATH
3818# else
3819# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3820# endif
3c0ef626 3821#endif
3822#include <sys/types.h>
3823#include <sys/stat.h>
3824#include <fcntl.h>
3825#define DATA "conftest.stdpath"
3826
3827main()
3828{
3829 FILE *fd;
3830 int rc;
34fee935 3831
3c0ef626 3832 fd = fopen(DATA,"w");
3833 if(fd == NULL)
3834 exit(1);
34fee935 3835
3c0ef626 3836 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3837 exit(1);
3838
3839 exit(0);
3840}
e00da40d 3841 ]])],
3842 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3843 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3844 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3845 )
131757f3 3846 fi ]
3847)
70791e56 3848if test "x$external_path_file" != "x/etc/login.conf" ; then
e00da40d 3849 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
2980ea68 3850 AC_SUBST(user_path)
3851fi
3852
3853# Set superuser path separately to user path
3854AC_ARG_WITH(superuser-path,
3855 [ --with-superuser-path= Specify different path for super-user],
3856 [
34fee935 3857 if test -n "$withval" && test "x$withval" != "xno" && \
3858 test "x${withval}" != "xyes"; then
e00da40d 3859 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3860 [Define if you want a different $PATH
3861 for the superuser])
2980ea68 3862 superuser_path=$withval
3863 fi
3c0ef626 3864 ]
3865)
2980ea68 3866
3c0ef626 3867
3c0ef626 3868AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
416fd2a8 3869IPV4_IN6_HACK_MSG="no"
3c0ef626 3870AC_ARG_WITH(4in6,
3871 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3872 [
3873 if test "x$withval" != "xno" ; then
3874 AC_MSG_RESULT(yes)
e00da40d 3875 AC_DEFINE(IPV4_IN_IPV6, 1,
3876 [Detect IPv4 in IPv6 mapped addresses
3877 and treat as IPv4])
416fd2a8 3878 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3879 else
3880 AC_MSG_RESULT(no)
3881 fi
3882 ],[
3883 if test "x$inet6_default_4in6" = "xyes"; then
3884 AC_MSG_RESULT([yes (default)])
3885 AC_DEFINE(IPV4_IN_IPV6)
416fd2a8 3886 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3887 else
3888 AC_MSG_RESULT([no (default)])
3889 fi
3890 ]
3891)
3892
3893# Whether to enable BSD auth support
e9a17296 3894BSD_AUTH_MSG=no
3c0ef626 3895AC_ARG_WITH(bsd-auth,
3896 [ --with-bsd-auth Enable BSD auth support],
3897 [
34fee935 3898 if test "x$withval" != "xno" ; then
e00da40d 3899 AC_DEFINE(BSD_AUTH, 1,
3900 [Define if you have BSD auth support])
e9a17296 3901 BSD_AUTH_MSG=yes
3c0ef626 3902 fi
3903 ]
3904)
3905
34fee935 3906# Where to place sshd.pid
3907piddir=/var/run
3908# make sure the directory exists
3909if test ! -d $piddir ; then
3910 piddir=`eval echo ${sysconfdir}`
3911 case $piddir in
3912 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
3913 esac
3914fi
3915
3916AC_ARG_WITH(pid-dir,
3917 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3918 [
3919 if test -n "$withval" && test "x$withval" != "xno" && \
3920 test "x${withval}" != "xyes"; then
3921 piddir=$withval
3922 if test ! -d $piddir ; then
3923 AC_MSG_WARN([** no $piddir directory on this system **])
3924 fi
3925 fi
3926 ]
3927)
3928
e00da40d 3929AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
34fee935 3930AC_SUBST(piddir)
3931
3c0ef626 3932dnl allow user to disable some login recording features
3933AC_ARG_ENABLE(lastlog,
3934 [ --disable-lastlog disable use of lastlog even if detected [no]],
70791e56 3935 [
3936 if test "x$enableval" = "xno" ; then
3937 AC_DEFINE(DISABLE_LASTLOG)
3938 fi
3939 ]
3c0ef626 3940)
3941AC_ARG_ENABLE(utmp,
3942 [ --disable-utmp disable use of utmp even if detected [no]],
70791e56 3943 [
3944 if test "x$enableval" = "xno" ; then
3945 AC_DEFINE(DISABLE_UTMP)
3946 fi
3947 ]
3c0ef626 3948)
3949AC_ARG_ENABLE(utmpx,
3950 [ --disable-utmpx disable use of utmpx even if detected [no]],
70791e56 3951 [
3952 if test "x$enableval" = "xno" ; then
e00da40d 3953 AC_DEFINE(DISABLE_UTMPX, 1,
3954 [Define if you don't want to use utmpx])
70791e56 3955 fi
3956 ]
3c0ef626 3957)
3958AC_ARG_ENABLE(wtmp,
3959 [ --disable-wtmp disable use of wtmp even if detected [no]],
70791e56 3960 [
3961 if test "x$enableval" = "xno" ; then
3962 AC_DEFINE(DISABLE_WTMP)
3963 fi
3964 ]
3c0ef626 3965)
3966AC_ARG_ENABLE(wtmpx,
3967 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
70791e56 3968 [
3969 if test "x$enableval" = "xno" ; then
e00da40d 3970 AC_DEFINE(DISABLE_WTMPX, 1,
3971 [Define if you don't want to use wtmpx])
70791e56 3972 fi
3973 ]
3c0ef626 3974)
3975AC_ARG_ENABLE(libutil,
3976 [ --disable-libutil disable use of libutil (login() etc.) [no]],
70791e56 3977 [
3978 if test "x$enableval" = "xno" ; then
3979 AC_DEFINE(DISABLE_LOGIN)
3980 fi
3981 ]
3c0ef626 3982)
3983AC_ARG_ENABLE(pututline,
3984 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
70791e56 3985 [
3986 if test "x$enableval" = "xno" ; then
e00da40d 3987 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3988 [Define if you don't want to use pututline()
3989 etc. to write [uw]tmp])
70791e56 3990 fi
3991 ]
3c0ef626 3992)
3993AC_ARG_ENABLE(pututxline,
3994 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
70791e56 3995 [
3996 if test "x$enableval" = "xno" ; then
e00da40d 3997 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3998 [Define if you don't want to use pututxline()
3999 etc. to write [uw]tmpx])
70791e56 4000 fi
4001 ]
3c0ef626 4002)
4003AC_ARG_WITH(lastlog,
4004 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
4005 [
34fee935 4006 if test "x$withval" = "xno" ; then
3c0ef626 4007 AC_DEFINE(DISABLE_LASTLOG)
34fee935 4008 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 4009 conf_lastlog_location=$withval
4010 fi
4011 ]
4012)
4013
4014dnl lastlog, [uw]tmpx? detection
4015dnl NOTE: set the paths in the platform section to avoid the
4016dnl need for command-line parameters
4017dnl lastlog and [uw]tmp are subject to a file search if all else fails
4018
4019dnl lastlog detection
4020dnl NOTE: the code itself will detect if lastlog is a directory
4021AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
4022AC_TRY_COMPILE([
4023#include <sys/types.h>
4024#include <utmp.h>
4025#ifdef HAVE_LASTLOG_H
4026# include <lastlog.h>
4027#endif
4028#ifdef HAVE_PATHS_H
4029# include <paths.h>
4030#endif
4031#ifdef HAVE_LOGIN_H
4032# include <login.h>
4033#endif
4034 ],
4035 [ char *lastlog = LASTLOG_FILE; ],
4036 [ AC_MSG_RESULT(yes) ],
4037 [
4038 AC_MSG_RESULT(no)
4039 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4040 AC_TRY_COMPILE([
4041#include <sys/types.h>
4042#include <utmp.h>
4043#ifdef HAVE_LASTLOG_H
4044# include <lastlog.h>
4045#endif
4046#ifdef HAVE_PATHS_H
4047# include <paths.h>
4048#endif
4049 ],
4050 [ char *lastlog = _PATH_LASTLOG; ],
4051 [ AC_MSG_RESULT(yes) ],
4052 [
4053 AC_MSG_RESULT(no)
4054 system_lastlog_path=no
4055 ])
4056 ]
4057)
4058
4059if test -z "$conf_lastlog_location"; then
4060 if test x"$system_lastlog_path" = x"no" ; then
4061 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4062 if (test -d "$f" || test -f "$f") ; then
4063 conf_lastlog_location=$f
4064 fi
4065 done
4066 if test -z "$conf_lastlog_location"; then
4067 AC_MSG_WARN([** Cannot find lastlog **])
4068 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4069 fi
4070 fi
4071fi
4072
4073if test -n "$conf_lastlog_location"; then
e00da40d 4074 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4075 [Define if you want to specify the path to your lastlog file])
34fee935 4076fi
3c0ef626 4077
4078dnl utmp detection
4079AC_MSG_CHECKING([if your system defines UTMP_FILE])
4080AC_TRY_COMPILE([
4081#include <sys/types.h>
4082#include <utmp.h>
4083#ifdef HAVE_PATHS_H
4084# include <paths.h>
4085#endif
4086 ],
4087 [ char *utmp = UTMP_FILE; ],
4088 [ AC_MSG_RESULT(yes) ],
4089 [ AC_MSG_RESULT(no)
4090 system_utmp_path=no ]
4091)
4092if test -z "$conf_utmp_location"; then
4093 if test x"$system_utmp_path" = x"no" ; then
4094 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4095 if test -f $f ; then
4096 conf_utmp_location=$f
4097 fi
4098 done
4099 if test -z "$conf_utmp_location"; then
4100 AC_DEFINE(DISABLE_UTMP)
4101 fi
4102 fi
4103fi
4104if test -n "$conf_utmp_location"; then
e00da40d 4105 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4106 [Define if you want to specify the path to your utmp file])
34fee935 4107fi
3c0ef626 4108
4109dnl wtmp detection
4110AC_MSG_CHECKING([if your system defines WTMP_FILE])
4111AC_TRY_COMPILE([
4112#include <sys/types.h>
4113#include <utmp.h>
4114#ifdef HAVE_PATHS_H
4115# include <paths.h>
4116#endif
4117 ],
4118 [ char *wtmp = WTMP_FILE; ],
4119 [ AC_MSG_RESULT(yes) ],
4120 [ AC_MSG_RESULT(no)
4121 system_wtmp_path=no ]
4122)
4123if test -z "$conf_wtmp_location"; then
4124 if test x"$system_wtmp_path" = x"no" ; then
4125 for f in /usr/adm/wtmp /var/log/wtmp; do
4126 if test -f $f ; then
4127 conf_wtmp_location=$f
4128 fi
4129 done
4130 if test -z "$conf_wtmp_location"; then
4131 AC_DEFINE(DISABLE_WTMP)
4132 fi
4133 fi
4134fi
4135if test -n "$conf_wtmp_location"; then
e00da40d 4136 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4137 [Define if you want to specify the path to your wtmp file])
34fee935 4138fi
3c0ef626 4139
4140
4141dnl utmpx detection - I don't know any system so perverse as to require
4142dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4143dnl there, though.
4144AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4145AC_TRY_COMPILE([
4146#include <sys/types.h>
4147#include <utmp.h>
4148#ifdef HAVE_UTMPX_H
4149#include <utmpx.h>
4150#endif
4151#ifdef HAVE_PATHS_H
4152# include <paths.h>
4153#endif
4154 ],
4155 [ char *utmpx = UTMPX_FILE; ],
4156 [ AC_MSG_RESULT(yes) ],
4157 [ AC_MSG_RESULT(no)
4158 system_utmpx_path=no ]
4159)
4160if test -z "$conf_utmpx_location"; then
4161 if test x"$system_utmpx_path" = x"no" ; then
4162 AC_DEFINE(DISABLE_UTMPX)
4163 fi
4164else
e00da40d 4165 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4166 [Define if you want to specify the path to your utmpx file])
34fee935 4167fi
3c0ef626 4168
4169dnl wtmpx detection
4170AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4171AC_TRY_COMPILE([
4172#include <sys/types.h>
4173#include <utmp.h>
4174#ifdef HAVE_UTMPX_H
4175#include <utmpx.h>
4176#endif
4177#ifdef HAVE_PATHS_H
4178# include <paths.h>
4179#endif
4180 ],
4181 [ char *wtmpx = WTMPX_FILE; ],
4182 [ AC_MSG_RESULT(yes) ],
4183 [ AC_MSG_RESULT(no)
4184 system_wtmpx_path=no ]
4185)
4186if test -z "$conf_wtmpx_location"; then
4187 if test x"$system_wtmpx_path" = x"no" ; then
4188 AC_DEFINE(DISABLE_WTMPX)
4189 fi
4190else
e00da40d 4191 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4192 [Define if you want to specify the path to your wtmpx file])
34fee935 4193fi
3c0ef626 4194
4195
3c0ef626 4196if test ! -z "$blibpath" ; then
8bb69cbe 4197 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4198 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4199fi
4200
34fee935 4201dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4202dnl Add now.
4203CFLAGS="$CFLAGS $werror_flags"
4204
e9a17296 4205AC_EXEEXT
2e437378 4206AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4207 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
34fee935 4208 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4209AC_OUTPUT
4210
4211# Print summary of options
4212
3c0ef626 4213# Someone please show me a better way :)
4214A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4215B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4216C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4217D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4218E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4219F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
2980ea68 4220H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4221I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4222J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4223
4224echo ""
4225echo "OpenSSH has been configured with the following options:"
2980ea68 4226echo " User binaries: $B"
4227echo " System binaries: $C"
4228echo " Configuration files: $D"
4229echo " Askpass program: $E"
4230echo " Manual pages: $F"
2980ea68 4231echo " Privilege separation chroot path: $H"
70791e56 4232if test "x$external_path_file" = "x/etc/login.conf" ; then
4233echo " At runtime, sshd will use the path defined in $external_path_file"
4234echo " Make sure the path to scp is present, otherwise scp will not work"
2980ea68 4235else
4236echo " sshd default user PATH: $I"
70791e56 4237 if test ! -z "$external_path_file"; then
4238echo " (If PATH is set in $external_path_file it will be used instead. If"
4239echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4240 fi
2980ea68 4241fi
4242if test ! -z "$superuser_path" ; then
4243echo " sshd superuser user PATH: $J"
4244fi
4245echo " Manpage format: $MANTYPE"
70791e56 4246echo " PAM support: $PAM_MSG"
2e437378 4247echo " OSF SIA support: $SIA_MSG"
2980ea68 4248echo " KerberosV support: $KRB5_MSG"
2e437378 4249echo " SELinux support: $SELINUX_MSG"
2980ea68 4250echo " Smartcard support: $SCARD_MSG"
2980ea68 4251echo " S/KEY support: $SKEY_MSG"
4252echo " TCP Wrappers support: $TCPW_MSG"
4253echo " MD5 password support: $MD5_MSG"
34fee935 4254echo " libedit support: $LIBEDIT_MSG"
2e437378 4255echo " Solaris process contract support: $SPC_MSG"
2980ea68 4256echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
2980ea68 4257echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4258echo " BSD Auth support: $BSD_AUTH_MSG"
4259echo " Random number source: $RAND_MSG"
e9a17296 4260if test ! -z "$USE_RAND_HELPER" ; then
2980ea68 4261echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4262fi
4263
4264echo ""
4265
4266echo " Host: ${host}"
4267echo " Compiler: ${CC}"
4268echo " Compiler flags: ${CFLAGS}"
4269echo "Preprocessor flags: ${CPPFLAGS}"
4270echo " Linker flags: ${LDFLAGS}"
e9a17296 4271echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3c0ef626 4272
4273echo ""
4274
1b56ff3d 4275if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
34fee935 4276 echo "SVR4 style packages are supported with \"make package\""
4277 echo ""
1b56ff3d 4278fi
4279
3c0ef626 4280if test "x$PAM_MSG" = "xyes" ; then
e9a17296 4281 echo "PAM is enabled. You may need to install a PAM control file "
4282 echo "for sshd, otherwise password authentication may fail. "
416fd2a8 4283 echo "Example PAM control files can be found in the contrib/ "
e9a17296 4284 echo "subdirectory"
3c0ef626 4285 echo ""
4286fi
4287
e9a17296 4288if test ! -z "$RAND_HELPER_CMDHASH" ; then
4289 echo "WARNING: you are using the builtin random number collection "
4290 echo "service. Please read WARNING.RNG and request that your OS "
4291 echo "vendor includes kernel-based random number collection in "
4292 echo "future versions of your OS."
3c0ef626 4293 echo ""
4294fi
4295
1b56ff3d 4296if test ! -z "$NO_PEERCHECK" ; then
4297 echo "WARNING: the operating system that you are using does not "
4298 echo "appear to support either the getpeereid() API nor the "
4299 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
4300 echo "enforce security checks to prevent unauthorised connections to "
4301 echo "ssh-agent. Their absence increases the risk that a malicious "
4302 echo "user can connect to your agent. "
4303 echo ""
4304fi
4305
34fee935 4306if test "$AUDIT_MODULE" = "bsm" ; then
4307 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4308 echo "See the Solaris section in README.platform for details."
4309fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.772509 seconds and 5 git commands to generate.