]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Import of OpenSSH 4.2p1
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
99be0775 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
665a873d 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
3c0ef626 18AC_CONFIG_SRCDIR([ssh.c])
19
20AC_CONFIG_HEADER(config.h)
21AC_PROG_CC
22AC_CANONICAL_HOST
23AC_C_BIGENDIAN
24
25# Checks for programs.
0fff78ff 26AC_PROG_AWK
3c0ef626 27AC_PROG_CPP
28AC_PROG_RANLIB
29AC_PROG_INSTALL
30AC_PATH_PROG(AR, ar)
c9f39d2c 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
3c0ef626 33AC_PATH_PROGS(PERL, perl5 perl)
6a9b3198 34AC_PATH_PROG(SED, sed)
3c0ef626 35AC_SUBST(PERL)
36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
3c0ef626 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
700318f3 41AC_PATH_PROG(SH, sh)
c9f39d2c 42AC_SUBST(TEST_SHELL,sh)
43
44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
3c0ef626 50
51# System features
52AC_SYS_LARGEFILE
53
54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
cdd66111 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
3c0ef626 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
dec6d9fe 78
3c0ef626 79AC_C_INLINE
665a873d 80
81AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
82
cdd66111 83if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
665a873d 84 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
85 GCC_VER=`$CC --version`
86 case $GCC_VER in
87 1.*) ;;
88 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
89 2.*) ;;
90 *) CFLAGS="$CFLAGS -Wsign-compare" ;;
91 esac
92
93 if test -z "$have_llong_max"; then
94 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
95 unset ac_cv_have_decl_LLONG_MAX
96 saved_CFLAGS="$CFLAGS"
97 CFLAGS="$CFLAGS -std=gnu99"
98 AC_CHECK_DECL(LLONG_MAX,
99 [have_llong_max=1],
100 [CFLAGS="$saved_CFLAGS"],
101 [#include <limits.h>]
102 )
103 fi
104fi
105
106if test -z "$have_llong_max"; then
107 AC_MSG_CHECKING([for max value of long long])
108 AC_RUN_IFELSE(
109 [AC_LANG_SOURCE([[
110#include <stdio.h>
111/* Why is this so damn hard? */
112#ifdef __GNUC__
113# undef __GNUC__
114#endif
115#define __USE_ISOC99
116#include <limits.h>
117#define DATA "conftest.llminmax"
118int main(void) {
119 FILE *f;
120 long long i, llmin, llmax = 0;
121
122 if((f = fopen(DATA,"w")) == NULL)
123 exit(1);
124
125#if defined(LLONG_MIN) && defined(LLONG_MAX)
126 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
127 llmin = LLONG_MIN;
128 llmax = LLONG_MAX;
129#else
130 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
131 /* This will work on one's complement and two's complement */
132 for (i = 1; i > llmax; i <<= 1, i++)
133 llmax = i;
134 llmin = llmax + 1LL; /* wrap */
135#endif
136
137 /* Sanity check */
138 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
139 || llmax - 1 > llmax) {
140 fprintf(f, "unknown unknown\n");
141 exit(2);
142 }
143
144 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
145 exit(3);
146
147 exit(0);
148}
149 ]])],
150 [
151 llong_min=`$AWK '{print $1}' conftest.llminmax`
152 llong_max=`$AWK '{print $2}' conftest.llminmax`
153 AC_MSG_RESULT($llong_max)
154 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
155 [max value of long long calculated by configure])
156 AC_MSG_CHECKING([for min value of long long])
157 AC_MSG_RESULT($llong_min)
158 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
159 [min value of long long calculated by configure])
160 ],
161 [
162 AC_MSG_RESULT(not found)
163 ],
164 [
165 AC_MSG_WARN([cross compiling: not checking])
166 ]
167 )
3c0ef626 168fi
169
cdd66111 170AC_ARG_WITH(rpath,
171 [ --without-rpath Disable auto-added -R linker paths],
172 [
dec6d9fe 173 if test "x$withval" = "xno" ; then
cdd66111 174 need_dash_r=""
175 fi
176 if test "x$withval" = "xyes" ; then
177 need_dash_r=1
178 fi
179 ]
180)
181
3c0ef626 182# Check for some target-specific stuff
183case "$host" in
184*-*-aix*)
cdd66111 185 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
7e772e1f 186 if (test -z "$blibpath"); then
cdd66111 187 blibpath="/usr/lib:/lib"
7e772e1f 188 fi
189 saved_LDFLAGS="$LDFLAGS"
190 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
191 if (test -z "$blibflags"); then
192 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
193 AC_TRY_LINK([], [], [blibflags=$tryflags])
194 fi
195 done
196 if (test -z "$blibflags"); then
197 AC_MSG_RESULT(not found)
198 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
199 else
200 AC_MSG_RESULT($blibflags)
3c0ef626 201 fi
7e772e1f 202 LDFLAGS="$saved_LDFLAGS"
0fff78ff 203 dnl Check for authenticate. Might be in libs.a on older AIXes
41b2f314 204 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
205 [AC_CHECK_LIB(s,authenticate,
206 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
207 LIBS="$LIBS -ls"
208 ])
209 ])
996d5e62 210 dnl Check for various auth function declarations in headers.
211 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
dec6d9fe 212 passwdexpired, setauthdb], , , [#include <usersec.h>])
0fff78ff 213 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
996d5e62 214 AC_CHECK_DECLS(loginfailed,
0fff78ff 215 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
216 AC_TRY_COMPILE(
217 [#include <usersec.h>],
218 [(void)loginfailed("user","host","tty",0);],
219 [AC_MSG_RESULT(yes)
220 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
221 [AC_MSG_RESULT(no)]
222 )],
223 [],
224 [#include <usersec.h>]
225 )
226 AC_CHECK_FUNCS(setauthdb)
996d5e62 227 check_for_aix_broken_getaddrinfo=1
700318f3 228 AC_DEFINE(BROKEN_REALPATH)
0fff78ff 229 AC_DEFINE(SETEUID_BREAKS_SETUID)
230 AC_DEFINE(BROKEN_SETREUID)
231 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 232 dnl AIX handles lastlog as part of its login message
233 AC_DEFINE(DISABLE_LASTLOG)
680cee3b 234 AC_DEFINE(LOGIN_NEEDS_UTMPX)
0fff78ff 235 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3c0ef626 236 ;;
237*-*-cygwin*)
6a9b3198 238 check_for_libcrypt_later=1
e9a17296 239 LIBS="$LIBS /usr/lib/textmode.o"
3c0ef626 240 AC_DEFINE(HAVE_CYGWIN)
241 AC_DEFINE(USE_PIPES)
242 AC_DEFINE(DISABLE_SHADOW)
3c0ef626 243 AC_DEFINE(IP_TOS_IS_BROKEN)
244 AC_DEFINE(NO_X11_UNIX_SOCKETS)
41b2f314 245 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
246 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 247 ;;
248*-*-dgux*)
249 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 250 AC_DEFINE(SETEUID_BREAKS_SETUID)
251 AC_DEFINE(BROKEN_SETREUID)
252 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 253 ;;
254*-*-darwin*)
41b2f314 255 AC_MSG_CHECKING(if we have working getaddrinfo)
256 AC_TRY_RUN([#include <mach-o/dyld.h>
257main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
258 exit(0);
259 else
260 exit(1);
261}], [AC_MSG_RESULT(working)],
262 [AC_MSG_RESULT(buggy)
263 AC_DEFINE(BROKEN_GETADDRINFO)],
264 [AC_MSG_RESULT(assume it is working)])
acc3d05e 265 AC_DEFINE(SETEUID_BREAKS_SETUID)
266 AC_DEFINE(BROKEN_SETREUID)
267 AC_DEFINE(BROKEN_SETREGID)
cdd66111 268 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
3c0ef626 269 ;;
665a873d 270*-*-hpux*)
271 # first we define all of the options common to all HP-UX releases
3c0ef626 272 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
273 IPADDR_IN_DISPLAY=yes
3c0ef626 274 AC_DEFINE(USE_PIPES)
700318f3 275 AC_DEFINE(LOGIN_NO_ENDOPT)
276 AC_DEFINE(LOGIN_NEEDS_UTMPX)
0fff78ff 277 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
278 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
41b2f314 279 LIBS="$LIBS -lsec"
665a873d 280 AC_CHECK_LIB(xnet, t_error, ,
281 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
282
283 # next, we define all of the options specific to major releases
284 case "$host" in
285 *-*-hpux10*)
286 if test -z "$GCC"; then
287 CFLAGS="$CFLAGS -Ae"
288 fi
289 ;;
290 *-*-hpux11*)
291 AC_DEFINE(PAM_SUN_CODEBASE)
292 AC_DEFINE(DISABLE_UTMP)
293 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
294 check_for_hpux_broken_getaddrinfo=1
295 check_for_conflicting_getspnam=1
296 ;;
297 esac
298
299 # lastly, we define options specific to minor releases
300 case "$host" in
301 *-*-hpux10.26)
302 AC_DEFINE(HAVE_SECUREWARE)
303 disable_ptmx_check=yes
304 LIBS="$LIBS -lsecpw"
305 ;;
306 esac
3c0ef626 307 ;;
308*-*-irix5*)
3c0ef626 309 PATH="$PATH:/usr/etc"
310 AC_DEFINE(BROKEN_INET_NTOA)
cdd66111 311 AC_DEFINE(SETEUID_BREAKS_SETUID)
312 AC_DEFINE(BROKEN_SETREUID)
313 AC_DEFINE(BROKEN_SETREGID)
700318f3 314 AC_DEFINE(WITH_ABBREV_NO_TTY)
0fff78ff 315 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 316 ;;
317*-*-irix6*)
3c0ef626 318 PATH="$PATH:/usr/etc"
319 AC_DEFINE(WITH_IRIX_ARRAY)
320 AC_DEFINE(WITH_IRIX_PROJECT)
321 AC_DEFINE(WITH_IRIX_AUDIT)
322 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
323 AC_DEFINE(BROKEN_INET_NTOA)
acc3d05e 324 AC_DEFINE(SETEUID_BREAKS_SETUID)
325 AC_DEFINE(BROKEN_SETREUID)
326 AC_DEFINE(BROKEN_SETREGID)
99be0775 327 AC_DEFINE(BROKEN_UPDWTMPX)
700318f3 328 AC_DEFINE(WITH_ABBREV_NO_TTY)
0fff78ff 329 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 330 ;;
331*-*-linux*)
332 no_dev_ptmx=1
333 check_for_libcrypt_later=1
0fff78ff 334 check_for_openpty_ctty_bug=1
3c0ef626 335 AC_DEFINE(DONT_TRY_OTHER_AF)
336 AC_DEFINE(PAM_TTY_KLUDGE)
99be0775 337 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
0fff78ff 338 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
c9f39d2c 339 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
996d5e62 340 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
341 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
3c0ef626 342 inet6_default_4in6=yes
0fff78ff 343 case `uname -r` in
344 1.*|2.0.*)
345 AC_DEFINE(BROKEN_CMSG_TYPE)
346 ;;
347 esac
3c0ef626 348 ;;
349mips-sony-bsd|mips-sony-newsos4)
665a873d 350 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
3c0ef626 351 SONY=1
3c0ef626 352 ;;
353*-*-netbsd*)
41b2f314 354 check_for_libcrypt_before=1
dec6d9fe 355 if test "x$withval" != "xno" ; then
cdd66111 356 need_dash_r=1
357 fi
3c0ef626 358 ;;
359*-*-freebsd*)
360 check_for_libcrypt_later=1
361 ;;
acc3d05e 362*-*-bsdi*)
363 AC_DEFINE(SETEUID_BREAKS_SETUID)
364 AC_DEFINE(BROKEN_SETREUID)
365 AC_DEFINE(BROKEN_SETREGID)
366 ;;
3c0ef626 367*-next-*)
368 conf_lastlog_location="/usr/adm/lastlog"
369 conf_utmp_location=/etc/utmp
370 conf_wtmp_location=/usr/adm/wtmp
371 MAIL=/usr/spool/mail
372 AC_DEFINE(HAVE_NEXT)
373 AC_DEFINE(BROKEN_REALPATH)
374 AC_DEFINE(USE_PIPES)
375 AC_DEFINE(BROKEN_SAVED_UIDS)
3c0ef626 376 ;;
665a873d 377*-*-openbsd*)
378 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
379 ;;
3c0ef626 380*-*-solaris*)
dec6d9fe 381 if test "x$withval" != "xno" ; then
99be0775 382 need_dash_r=1
383 fi
3c0ef626 384 AC_DEFINE(PAM_SUN_CODEBASE)
385 AC_DEFINE(LOGIN_NEEDS_UTMPX)
386 AC_DEFINE(LOGIN_NEEDS_TERM)
387 AC_DEFINE(PAM_TTY_KLUDGE)
c9f39d2c 388 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
0fff78ff 389 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
390 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
391 AC_DEFINE(SSHD_ACQUIRES_CTTY)
392 external_path_file=/etc/default/login
3c0ef626 393 # hardwire lastlog location (can't detect it on some versions)
394 conf_lastlog_location="/var/adm/lastlog"
395 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
396 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
397 if test "$sol2ver" -ge 8; then
398 AC_MSG_RESULT(yes)
399 AC_DEFINE(DISABLE_UTMP)
400 AC_DEFINE(DISABLE_WTMP)
401 else
402 AC_MSG_RESULT(no)
403 fi
404 ;;
405*-*-sunos4*)
406 CPPFLAGS="$CPPFLAGS -DSUNOS4"
407 AC_CHECK_FUNCS(getpwanam)
408 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 409 conf_utmp_location=/etc/utmp
410 conf_wtmp_location=/var/adm/wtmp
411 conf_lastlog_location=/var/adm/lastlog
412 AC_DEFINE(USE_PIPES)
413 ;;
414*-ncr-sysv*)
3c0ef626 415 LIBS="$LIBS -lc89"
e9a17296 416 AC_DEFINE(USE_PIPES)
0fff78ff 417 AC_DEFINE(SSHD_ACQUIRES_CTTY)
acc3d05e 418 AC_DEFINE(SETEUID_BREAKS_SETUID)
419 AC_DEFINE(BROKEN_SETREUID)
420 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 421 ;;
422*-sni-sysv*)
3c0ef626 423 # /usr/ucblib MUST NOT be searched on ReliantUNIX
cdd66111 424 AC_CHECK_LIB(dl, dlsym, ,)
996d5e62 425 # -lresolv needs to be at then end of LIBS or DNS lookups break
426 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
3c0ef626 427 IPADDR_IN_DISPLAY=yes
428 AC_DEFINE(USE_PIPES)
429 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 430 AC_DEFINE(SETEUID_BREAKS_SETUID)
431 AC_DEFINE(BROKEN_SETREUID)
432 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 433 AC_DEFINE(SSHD_ACQUIRES_CTTY)
434 external_path_file=/etc/default/login
3c0ef626 435 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
436 # Attention: always take care to bind libsocket and libnsl before libc,
437 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
438 ;;
996d5e62 439# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 440*-*-sysv4.2*)
3c0ef626 441 AC_DEFINE(USE_PIPES)
0fff78ff 442 AC_DEFINE(SETEUID_BREAKS_SETUID)
443 AC_DEFINE(BROKEN_SETREUID)
444 AC_DEFINE(BROKEN_SETREGID)
dec6d9fe 445 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
3c0ef626 446 ;;
996d5e62 447# UnixWare 7.x, OpenUNIX 8
3c0ef626 448*-*-sysv5*)
665a873d 449 check_for_libcrypt_later=1
450 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 451 AC_DEFINE(USE_PIPES)
0fff78ff 452 AC_DEFINE(SETEUID_BREAKS_SETUID)
453 AC_DEFINE(BROKEN_SETREUID)
454 AC_DEFINE(BROKEN_SETREGID)
dec6d9fe 455 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
665a873d 456 case "$host" in
457 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
458 TEST_SHELL=/u95/bin/sh
459 AC_DEFINE(BROKEN_LIBIAF, 1, [ia_uinfo routines not supported by OS yet])
460 ;;
461 esac
3c0ef626 462 ;;
463*-*-sysv*)
3c0ef626 464 ;;
996d5e62 465# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 466*-*-sco3.2v4*)
996d5e62 467 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 468 ;;
996d5e62 469# SCO OpenServer 5.x
3c0ef626 470*-*-sco3.2v5*)
6a9b3198 471 if test -z "$GCC"; then
472 CFLAGS="$CFLAGS -belf"
473 fi
3c0ef626 474 LIBS="$LIBS -lprot -lx -ltinfo -lm"
475 no_dev_ptmx=1
3c0ef626 476 AC_DEFINE(USE_PIPES)
700318f3 477 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 478 AC_DEFINE(DISABLE_SHADOW)
41b2f314 479 AC_DEFINE(DISABLE_FD_PASSING)
0fff78ff 480 AC_DEFINE(SETEUID_BREAKS_SETUID)
481 AC_DEFINE(BROKEN_SETREUID)
482 AC_DEFINE(BROKEN_SETREGID)
483 AC_DEFINE(WITH_ABBREV_NO_TTY)
c9f39d2c 484 AC_DEFINE(BROKEN_UPDWTMPX)
996d5e62 485 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
3c0ef626 486 AC_CHECK_FUNCS(getluid setluid)
487 MANTYPE=man
c9f39d2c 488 TEST_SHELL=ksh
3c0ef626 489 ;;
41b2f314 490*-*-unicosmk*)
cdd66111 491 AC_DEFINE(NO_SSH_LASTLOG)
492 AC_DEFINE(SETEUID_BREAKS_SETUID)
493 AC_DEFINE(BROKEN_SETREUID)
494 AC_DEFINE(BROKEN_SETREGID)
41b2f314 495 AC_DEFINE(USE_PIPES)
496 AC_DEFINE(DISABLE_FD_PASSING)
497 LDFLAGS="$LDFLAGS"
498 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
499 MANTYPE=cat
500 ;;
0fff78ff 501*-*-unicosmp*)
cdd66111 502 AC_DEFINE(SETEUID_BREAKS_SETUID)
503 AC_DEFINE(BROKEN_SETREUID)
504 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 505 AC_DEFINE(WITH_ABBREV_NO_TTY)
506 AC_DEFINE(USE_PIPES)
507 AC_DEFINE(DISABLE_FD_PASSING)
508 LDFLAGS="$LDFLAGS"
cdd66111 509 LIBS="$LIBS -lgen -lacid -ldb"
0fff78ff 510 MANTYPE=cat
511 ;;
3c0ef626 512*-*-unicos*)
cdd66111 513 AC_DEFINE(SETEUID_BREAKS_SETUID)
514 AC_DEFINE(BROKEN_SETREUID)
515 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 516 AC_DEFINE(USE_PIPES)
41b2f314 517 AC_DEFINE(DISABLE_FD_PASSING)
518 AC_DEFINE(NO_SSH_LASTLOG)
519 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
520 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
521 MANTYPE=cat
3c0ef626 522 ;;
523*-dec-osf*)
524 AC_MSG_CHECKING(for Digital Unix SIA)
525 no_osfsia=""
526 AC_ARG_WITH(osfsia,
527 [ --with-osfsia Enable Digital Unix SIA],
528 [
529 if test "x$withval" = "xno" ; then
530 AC_MSG_RESULT(disabled)
531 no_osfsia=1
532 fi
533 ],
534 )
535 if test -z "$no_osfsia" ; then
536 if test -f /etc/sia/matrix.conf; then
537 AC_MSG_RESULT(yes)
538 AC_DEFINE(HAVE_OSF_SIA)
539 AC_DEFINE(DISABLE_LOGIN)
6a9b3198 540 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 541 LIBS="$LIBS -lsecurity -ldb -lm -laud"
542 else
543 AC_MSG_RESULT(no)
cdd66111 544 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
3c0ef626 545 fi
546 fi
0fff78ff 547 AC_DEFINE(BROKEN_GETADDRINFO)
acc3d05e 548 AC_DEFINE(SETEUID_BREAKS_SETUID)
549 AC_DEFINE(BROKEN_SETREUID)
550 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 551 ;;
552
553*-*-nto-qnx)
554 AC_DEFINE(USE_PIPES)
555 AC_DEFINE(NO_X11_UNIX_SOCKETS)
556 AC_DEFINE(MISSING_NFDBITS)
557 AC_DEFINE(MISSING_HOWMANY)
558 AC_DEFINE(MISSING_FD_MASK)
559 ;;
665a873d 560
561*-*-ultrix*)
562 AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1])
563 AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files])
564 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
565 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
566 ;;
567
568*-*-lynxos)
569 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
570 AC_DEFINE(MISSING_HOWMANY)
571 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
572 ;;
3c0ef626 573esac
574
575# Allow user to specify flags
576AC_ARG_WITH(cflags,
577 [ --with-cflags Specify additional flags to pass to compiler],
578 [
dec6d9fe 579 if test -n "$withval" && test "x$withval" != "xno" && \
580 test "x${withval}" != "xyes"; then
3c0ef626 581 CFLAGS="$CFLAGS $withval"
582 fi
dec6d9fe 583 ]
3c0ef626 584)
585AC_ARG_WITH(cppflags,
586 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
587 [
dec6d9fe 588 if test -n "$withval" && test "x$withval" != "xno" && \
589 test "x${withval}" != "xyes"; then
3c0ef626 590 CPPFLAGS="$CPPFLAGS $withval"
591 fi
592 ]
593)
594AC_ARG_WITH(ldflags,
595 [ --with-ldflags Specify additional flags to pass to linker],
596 [
dec6d9fe 597 if test -n "$withval" && test "x$withval" != "xno" && \
598 test "x${withval}" != "xyes"; then
3c0ef626 599 LDFLAGS="$LDFLAGS $withval"
600 fi
dec6d9fe 601 ]
3c0ef626 602)
603AC_ARG_WITH(libs,
604 [ --with-libs Specify additional libraries to link with],
605 [
dec6d9fe 606 if test -n "$withval" && test "x$withval" != "xno" && \
607 test "x${withval}" != "xyes"; then
3c0ef626 608 LIBS="$LIBS $withval"
609 fi
dec6d9fe 610 ]
3c0ef626 611)
665a873d 612AC_ARG_WITH(Werror,
613 [ --with-Werror Build main code with -Werror],
614 [
615 if test -n "$withval" && test "x$withval" != "xno"; then
616 werror_flags="-Werror"
617 if "x${withval}" != "xyes"; then
618 werror_flags="$withval"
619 fi
620 fi
621 ]
622)
3c0ef626 623
0fff78ff 624AC_MSG_CHECKING(compiler and flags for sanity)
996d5e62 625AC_RUN_IFELSE(
626 [AC_LANG_SOURCE([
0fff78ff 627#include <stdio.h>
628int main(){exit(0);}
996d5e62 629 ])],
0fff78ff 630 [ AC_MSG_RESULT(yes) ],
631 [
632 AC_MSG_RESULT(no)
633 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
996d5e62 634 ],
635 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
0fff78ff 636)
637
665a873d 638dnl Checks for header files.
639AC_CHECK_HEADERS( \
640 bstring.h \
641 crypt.h \
642 dirent.h \
643 endian.h \
644 features.h \
645 floatingpoint.h \
646 getopt.h \
647 glob.h \
648 ia.h \
649 iaf.h \
650 lastlog.h \
651 limits.h \
652 login.h \
653 login_cap.h \
654 maillock.h \
655 ndir.h \
656 netdb.h \
657 netgroup.h \
658 netinet/in_systm.h \
659 pam/pam_appl.h \
660 paths.h \
661 pty.h \
662 readpassphrase.h \
663 rpc/types.h \
664 security/pam_appl.h \
665 shadow.h \
666 stddef.h \
667 stdint.h \
668 string.h \
669 strings.h \
670 sys/audit.h \
671 sys/bitypes.h \
672 sys/bsdtty.h \
673 sys/cdefs.h \
674 sys/dir.h \
675 sys/mman.h \
676 sys/ndir.h \
677 sys/prctl.h \
678 sys/pstat.h \
679 sys/select.h \
680 sys/stat.h \
681 sys/stream.h \
682 sys/stropts.h \
683 sys/strtio.h \
684 sys/sysmacros.h \
685 sys/time.h \
686 sys/timers.h \
687 sys/un.h \
688 time.h \
689 tmpdir.h \
690 ttyent.h \
691 unistd.h \
692 usersec.h \
693 util.h \
694 utime.h \
695 utmp.h \
696 utmpx.h \
697 vis.h \
698)
3c0ef626 699
996d5e62 700# sys/ptms.h requires sys/stream.h to be included first on Solaris
701AC_CHECK_HEADERS(sys/ptms.h, [], [], [
702#ifdef HAVE_SYS_STREAM_H
703# include <sys/stream.h>
704#endif
705])
706
3c0ef626 707# Checks for libraries.
708AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
709AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
710
0fff78ff 711dnl IRIX and Solaris 2.5.1 have dirname() in libgen
712AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
713 AC_CHECK_LIB(gen, dirname,[
714 AC_CACHE_CHECK([for broken dirname],
715 ac_cv_have_broken_dirname, [
716 save_LIBS="$LIBS"
717 LIBS="$LIBS -lgen"
718 AC_TRY_RUN(
719 [
720#include <libgen.h>
721#include <string.h>
722
723int main(int argc, char **argv) {
724 char *s, buf[32];
725
726 strncpy(buf,"/etc", 32);
727 s = dirname(buf);
728 if (!s || strncmp(s, "/", 32) != 0) {
729 exit(1);
730 } else {
731 exit(0);
732 }
733}
734 ],
735 [ ac_cv_have_broken_dirname="no" ],
736 [ ac_cv_have_broken_dirname="yes" ]
737 )
738 LIBS="$save_LIBS"
739 ])
740 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
741 LIBS="$LIBS -lgen"
742 AC_DEFINE(HAVE_DIRNAME)
743 AC_CHECK_HEADERS(libgen.h)
744 fi
745 ])
746])
747
3c0ef626 748AC_CHECK_FUNC(getspnam, ,
749 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
0fff78ff 750AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
3c0ef626 751
752dnl zlib is required
753AC_ARG_WITH(zlib,
754 [ --with-zlib=PATH Use zlib in PATH],
dec6d9fe 755 [ if test "x$withval" = "xno" ; then
756 AC_MSG_ERROR([*** zlib is required ***])
757 elif test "x$withval" != "xyes"; then
3c0ef626 758 if test -d "$withval/lib"; then
759 if test -n "${need_dash_r}"; then
760 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
761 else
762 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
763 fi
764 else
765 if test -n "${need_dash_r}"; then
766 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
767 else
768 LDFLAGS="-L${withval} ${LDFLAGS}"
769 fi
770 fi
771 if test -d "$withval/include"; then
772 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
773 else
774 CPPFLAGS="-I${withval} ${CPPFLAGS}"
775 fi
dec6d9fe 776 fi ]
3c0ef626 777)
778
cdd66111 779AC_CHECK_LIB(z, deflate, ,
780 [
781 saved_CPPFLAGS="$CPPFLAGS"
782 saved_LDFLAGS="$LDFLAGS"
783 save_LIBS="$LIBS"
784 dnl Check default zlib install dir
785 if test -n "${need_dash_r}"; then
786 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
787 else
788 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
789 fi
790 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
791 LIBS="$LIBS -lz"
792 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
793 [
794 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
795 ]
796 )
797 ]
798)
799AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
800
801AC_ARG_WITH(zlib-version-check,
802 [ --without-zlib-version-check Disable zlib version check],
803 [ if test "x$withval" = "xno" ; then
804 zlib_check_nonfatal=1
805 fi
806 ]
807)
808
dec6d9fe 809AC_MSG_CHECKING(for possibly buggy zlib)
996d5e62 810AC_RUN_IFELSE([AC_LANG_SOURCE([[
dec6d9fe 811#include <stdio.h>
cdd66111 812#include <zlib.h>
813int main()
814{
dec6d9fe 815 int a=0, b=0, c=0, d=0, n, v;
816 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
817 if (n != 3 && n != 4)
cdd66111 818 exit(1);
dec6d9fe 819 v = a*1000000 + b*10000 + c*100 + d;
820 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
821
822 /* 1.1.4 is OK */
823 if (a == 1 && b == 1 && c >= 4)
cdd66111 824 exit(0);
dec6d9fe 825
665a873d 826 /* 1.2.3 and up are OK */
827 if (v >= 1020300)
dec6d9fe 828 exit(0);
829
cdd66111 830 exit(2);
831}
996d5e62 832 ]])],
dec6d9fe 833 AC_MSG_RESULT(no),
834 [ AC_MSG_RESULT(yes)
cdd66111 835 if test -z "$zlib_check_nonfatal" ; then
836 AC_MSG_ERROR([*** zlib too old - check config.log ***
837Your reported zlib version has known security problems. It's possible your
838vendor has fixed these problems without changing the version number. If you
839are sure this is the case, you can disable the check by running
840"./configure --without-zlib-version-check".
665a873d 841If you are in doubt, upgrade zlib to version 1.2.3 or greater.
dec6d9fe 842See http://www.gzip.org/zlib/ for details.])
cdd66111 843 else
844 AC_MSG_WARN([zlib version may have security problems])
845 fi
996d5e62 846 ],
847 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
cdd66111 848)
3c0ef626 849
3c0ef626 850dnl UnixWare 2.x
cdd66111 851AC_CHECK_FUNC(strcasecmp,
3c0ef626 852 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
853)
cdd66111 854AC_CHECK_FUNC(utimes,
41b2f314 855 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
856 LIBS="$LIBS -lc89"]) ]
3c0ef626 857)
858
859dnl Checks for libutil functions
860AC_CHECK_HEADERS(libutil.h)
861AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
862AC_CHECK_FUNCS(logout updwtmp logwtmp)
863
864AC_FUNC_STRFTIME
865
3c0ef626 866# Check for ALTDIRFUNC glob() extension
867AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
868AC_EGREP_CPP(FOUNDIT,
869 [
870 #include <glob.h>
871 #ifdef GLOB_ALTDIRFUNC
872 FOUNDIT
873 #endif
cdd66111 874 ],
3c0ef626 875 [
876 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
877 AC_MSG_RESULT(yes)
878 ],
879 [
880 AC_MSG_RESULT(no)
881 ]
882)
883
884# Check for g.gl_matchc glob() extension
885AC_MSG_CHECKING(for gl_matchc field in glob_t)
886AC_EGREP_CPP(FOUNDIT,
cdd66111 887 [
888 #include <glob.h>
3c0ef626 889 int main(void){glob_t g; g.gl_matchc = 1;}
cdd66111 890 ],
891 [
892 AC_DEFINE(GLOB_HAS_GL_MATCHC)
893 AC_MSG_RESULT(yes)
894 ],
895 [
896 AC_MSG_RESULT(no)
897 ]
3c0ef626 898)
899
900AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
996d5e62 901AC_RUN_IFELSE(
902 [AC_LANG_SOURCE([[
3c0ef626 903#include <sys/types.h>
904#include <dirent.h>
41b2f314 905int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
996d5e62 906 ]])],
cdd66111 907 [AC_MSG_RESULT(yes)],
3c0ef626 908 [
909 AC_MSG_RESULT(no)
910 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
996d5e62 911 ],
dec6d9fe 912 [
996d5e62 913 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
914 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 915 ]
916)
917
c9f39d2c 918AC_MSG_CHECKING([for /proc/pid/fd directory])
919if test -d "/proc/$$/fd" ; then
920 AC_DEFINE(HAVE_PROC_PID)
921 AC_MSG_RESULT(yes)
922else
923 AC_MSG_RESULT(no)
924fi
925
3c0ef626 926# Check whether user wants S/Key support
cdd66111 927SKEY_MSG="no"
3c0ef626 928AC_ARG_WITH(skey,
996d5e62 929 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 930 [
931 if test "x$withval" != "xno" ; then
932
933 if test "x$withval" != "xyes" ; then
934 CPPFLAGS="$CPPFLAGS -I${withval}/include"
935 LDFLAGS="$LDFLAGS -L${withval}/lib"
936 fi
937
938 AC_DEFINE(SKEY)
939 LIBS="-lskey $LIBS"
cdd66111 940 SKEY_MSG="yes"
dec6d9fe 941
e9a17296 942 AC_MSG_CHECKING([for s/key support])
943 AC_TRY_RUN(
944 [
945#include <stdio.h>
946#include <skey.h>
41b2f314 947int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
e9a17296 948 ],
949 [AC_MSG_RESULT(yes)],
3c0ef626 950 [
e9a17296 951 AC_MSG_RESULT(no)
3c0ef626 952 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
953 ])
99be0775 954 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
955 AC_TRY_COMPILE(
956 [#include <stdio.h>
957 #include <skey.h>],
958 [(void)skeychallenge(NULL,"name","",0);],
959 [AC_MSG_RESULT(yes)
960 AC_DEFINE(SKEYCHALLENGE_4ARG)],
961 [AC_MSG_RESULT(no)]
962 )
3c0ef626 963 fi
964 ]
965)
966
967# Check whether user wants TCP wrappers support
968TCPW_MSG="no"
969AC_ARG_WITH(tcp-wrappers,
996d5e62 970 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 971 [
972 if test "x$withval" != "xno" ; then
973 saved_LIBS="$LIBS"
974 saved_LDFLAGS="$LDFLAGS"
975 saved_CPPFLAGS="$CPPFLAGS"
dec6d9fe 976 if test -n "${withval}" && \
977 test "x${withval}" != "xyes"; then
3c0ef626 978 if test -d "${withval}/lib"; then
979 if test -n "${need_dash_r}"; then
980 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
981 else
982 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
983 fi
984 else
985 if test -n "${need_dash_r}"; then
986 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
987 else
988 LDFLAGS="-L${withval} ${LDFLAGS}"
989 fi
990 fi
991 if test -d "${withval}/include"; then
992 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
993 else
994 CPPFLAGS="-I${withval} ${CPPFLAGS}"
995 fi
996 fi
e9a17296 997 LIBWRAP="-lwrap"
998 LIBS="$LIBWRAP $LIBS"
3c0ef626 999 AC_MSG_CHECKING(for libwrap)
1000 AC_TRY_LINK(
1001 [
99be0775 1002#include <sys/types.h>
1003#include <sys/socket.h>
1004#include <netinet/in.h>
3c0ef626 1005#include <tcpd.h>
1006 int deny_severity = 0, allow_severity = 0;
1007 ],
1008 [hosts_access(0);],
1009 [
1010 AC_MSG_RESULT(yes)
1011 AC_DEFINE(LIBWRAP)
e9a17296 1012 AC_SUBST(LIBWRAP)
3c0ef626 1013 TCPW_MSG="yes"
1014 ],
1015 [
1016 AC_MSG_ERROR([*** libwrap missing])
1017 ]
1018 )
e9a17296 1019 LIBS="$saved_LIBS"
3c0ef626 1020 fi
1021 ]
1022)
1023
996d5e62 1024# Check whether user wants libedit support
1025LIBEDIT_MSG="no"
1026AC_ARG_WITH(libedit,
1027 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1028 [ if test "x$withval" != "xno" ; then
dec6d9fe 1029 if test "x$withval" != "xyes"; then
1030 CPPFLAGS="$CPPFLAGS -I$withval/include"
1031 LDFLAGS="$LDFLAGS -L$withval/lib"
1032 fi
996d5e62 1033 AC_CHECK_LIB(edit, el_init,
1034 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
1035 LIBEDIT="-ledit -lcurses"
1036 LIBEDIT_MSG="yes"
1037 AC_SUBST(LIBEDIT)
1038 ],
dec6d9fe 1039 [ AC_MSG_ERROR(libedit not found) ],
1040 [ -lcurses ]
996d5e62 1041 )
665a873d 1042 AC_MSG_CHECKING(if libedit version is compatible)
1043 AC_COMPILE_IFELSE(
1044 [AC_LANG_SOURCE([[
1045#include <histedit.h>
1046int main(void)
1047{
1048 int i = H_SETSIZE;
1049 el_init("", NULL, NULL, NULL);
1050 exit(0);
1051}
1052 ]])],
1053 [ AC_MSG_RESULT(yes) ],
1054 [ AC_MSG_RESULT(no)
1055 AC_MSG_ERROR(libedit version is not compatible) ]
1056 )
996d5e62 1057 fi ]
1058)
1059
1060AUDIT_MODULE=none
1061AC_ARG_WITH(audit,
1062 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1063 [
1064 AC_MSG_CHECKING(for supported audit module)
1065 case "$withval" in
1066 bsm)
1067 AC_MSG_RESULT(bsm)
1068 AUDIT_MODULE=bsm
1069 dnl Checks for headers, libs and functions
1070 AC_CHECK_HEADERS(bsm/audit.h, [],
1071 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1072 AC_CHECK_LIB(bsm, getaudit, [],
1073 [AC_MSG_ERROR(BSM enabled and required library not found)])
1074 AC_CHECK_FUNCS(getaudit, [],
1075 [AC_MSG_ERROR(BSM enabled and required function not found)])
1076 # These are optional
1077 AC_CHECK_FUNCS(getaudit_addr)
1078 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module])
1079 ;;
1080 debug)
1081 AUDIT_MODULE=debug
1082 AC_MSG_RESULT(debug)
1083 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
1084 ;;
665a873d 1085 no)
1086 AC_MSG_RESULT(no)
1087 ;;
996d5e62 1088 *)
1089 AC_MSG_ERROR([Unknown audit module $withval])
1090 ;;
1091 esac ]
1092)
1093
6a9b3198 1094dnl Checks for library functions. Please keep in alphabetical order
665a873d 1095AC_CHECK_FUNCS( \
1096 arc4random \
1097 b64_ntop \
1098 __b64_ntop \
1099 b64_pton \
1100 __b64_pton \
1101 bcopy \
1102 bindresvport_sa \
1103 clock \
1104 closefrom \
1105 dirfd \
1106 fchmod \
1107 fchown \
1108 freeaddrinfo \
1109 futimes \
1110 getaddrinfo \
1111 getcwd \
1112 getgrouplist \
1113 getnameinfo \
1114 getopt \
1115 getpeereid \
1116 _getpty \
1117 getrlimit \
1118 getttyent \
1119 glob \
1120 inet_aton \
1121 inet_ntoa \
1122 inet_ntop \
1123 innetgr \
1124 login_getcapbool \
1125 md5_crypt \
1126 memmove \
1127 mkdtemp \
1128 mmap \
1129 ngetaddrinfo \
1130 nsleep \
1131 ogetaddrinfo \
1132 openlog_r \
1133 openpty \
1134 prctl \
1135 pstat \
1136 readpassphrase \
1137 realpath \
1138 recvmsg \
1139 rresvport_af \
1140 sendmsg \
1141 setdtablesize \
1142 setegid \
1143 setenv \
1144 seteuid \
1145 setgroups \
1146 setlogin \
1147 setpcred \
1148 setproctitle \
1149 setregid \
1150 setreuid \
1151 setrlimit \
1152 setsid \
1153 setvbuf \
1154 sigaction \
1155 sigvec \
1156 snprintf \
1157 socketpair \
1158 strdup \
1159 strerror \
1160 strlcat \
1161 strlcpy \
1162 strmode \
1163 strnvis \
1164 strtonum \
1165 strtoll \
1166 strtoul \
1167 sysconf \
1168 tcgetpgrp \
1169 truncate \
1170 unsetenv \
1171 updwtmpx \
1172 utimes \
1173 vhangup \
1174 vsnprintf \
1175 waitpid \
6a9b3198 1176)
1177
acc3d05e 1178# IRIX has a const char return value for gai_strerror()
1179AC_CHECK_FUNCS(gai_strerror,[
1180 AC_DEFINE(HAVE_GAI_STRERROR)
1181 AC_TRY_COMPILE([
1182#include <sys/types.h>
1183#include <sys/socket.h>
1184#include <netdb.h>
1185
1186const char *gai_strerror(int);],[
1187char *str;
1188
1189str = gai_strerror(0);],[
1190 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1191 [Define if gai_strerror() returns const char *])])])
1192
6a9b3198 1193AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
1194
0fff78ff 1195dnl Make sure prototypes are defined for these before using them.
0fff78ff 1196AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
665a873d 1197AC_CHECK_DECL(strsep,
1198 [AC_CHECK_FUNCS(strsep)],
1199 [],
1200 [
1201#ifdef HAVE_STRING_H
1202# include <string.h>
1203#endif
1204 ])
3c0ef626 1205
0fff78ff 1206dnl tcsendbreak might be a macro
1207AC_CHECK_DECL(tcsendbreak,
1208 [AC_DEFINE(HAVE_TCSENDBREAK)],
cdd66111 1209 [AC_CHECK_FUNCS(tcsendbreak)],
0fff78ff 1210 [#include <termios.h>]
1211)
3c0ef626 1212
c9f39d2c 1213AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1214
cdd66111 1215AC_CHECK_FUNCS(setresuid, [
1216 dnl Some platorms have setresuid that isn't implemented, test for this
1217 AC_MSG_CHECKING(if setresuid seems to work)
996d5e62 1218 AC_RUN_IFELSE(
1219 [AC_LANG_SOURCE([[
cdd66111 1220#include <stdlib.h>
1221#include <errno.h>
1222int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1223 ]])],
cdd66111 1224 [AC_MSG_RESULT(yes)],
1225 [AC_DEFINE(BROKEN_SETRESUID)
996d5e62 1226 AC_MSG_RESULT(not implemented)],
1227 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1228 )
1229])
1230
1231AC_CHECK_FUNCS(setresgid, [
1232 dnl Some platorms have setresgid that isn't implemented, test for this
1233 AC_MSG_CHECKING(if setresgid seems to work)
996d5e62 1234 AC_RUN_IFELSE(
1235 [AC_LANG_SOURCE([[
cdd66111 1236#include <stdlib.h>
1237#include <errno.h>
1238int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1239 ]])],
cdd66111 1240 [AC_MSG_RESULT(yes)],
1241 [AC_DEFINE(BROKEN_SETRESGID)
996d5e62 1242 AC_MSG_RESULT(not implemented)],
1243 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1244 )
1245])
1246
3c0ef626 1247dnl Checks for time functions
1248AC_CHECK_FUNCS(gettimeofday time)
1249dnl Checks for utmp functions
1250AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1251AC_CHECK_FUNCS(utmpname)
1252dnl Checks for utmpx functions
1253AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1254AC_CHECK_FUNCS(setutxent utmpxname)
1255
cdd66111 1256AC_CHECK_FUNC(daemon,
3c0ef626 1257 [AC_DEFINE(HAVE_DAEMON)],
1258 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
1259)
1260
cdd66111 1261AC_CHECK_FUNC(getpagesize,
3c0ef626 1262 [AC_DEFINE(HAVE_GETPAGESIZE)],
1263 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
1264)
1265
1266# Check for broken snprintf
1267if test "x$ac_cv_func_snprintf" = "xyes" ; then
1268 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
996d5e62 1269 AC_RUN_IFELSE(
1270 [AC_LANG_SOURCE([[
3c0ef626 1271#include <stdio.h>
41b2f314 1272int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
996d5e62 1273 ]])],
cdd66111 1274 [AC_MSG_RESULT(yes)],
3c0ef626 1275 [
1276 AC_MSG_RESULT(no)
1277 AC_DEFINE(BROKEN_SNPRINTF)
1278 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
996d5e62 1279 ],
1280 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1281 )
1282fi
1283
c9f39d2c 1284# Check for missing getpeereid (or equiv) support
1285NO_PEERCHECK=""
1286if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1287 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1288 AC_TRY_COMPILE(
1289 [#include <sys/types.h>
1290 #include <sys/socket.h>],
1291 [int i = SO_PEERCRED;],
dec6d9fe 1292 [ AC_MSG_RESULT(yes)
1293 AC_DEFINE(HAVE_SO_PEERCRED, [], [Have PEERCRED socket option])
1294 ],
c9f39d2c 1295 [AC_MSG_RESULT(no)
1296 NO_PEERCHECK=1]
1297 )
1298fi
1299
6a9b3198 1300dnl see whether mkstemp() requires XXXXXX
1301if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1302AC_MSG_CHECKING([for (overly) strict mkstemp])
1303AC_TRY_RUN(
1304 [
1305#include <stdlib.h>
1306main() { char template[]="conftest.mkstemp-test";
1307if (mkstemp(template) == -1)
1308 exit(1);
1309unlink(template); exit(0);
1310}
1311 ],
1312 [
1313 AC_MSG_RESULT(no)
1314 ],
cdd66111 1315 [
6a9b3198 1316 AC_MSG_RESULT(yes)
1317 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1318 ],
1319 [
1320 AC_MSG_RESULT(yes)
1321 AC_DEFINE(HAVE_STRICT_MKSTEMP)
cdd66111 1322 ]
6a9b3198 1323)
1324fi
1325
0fff78ff 1326dnl make sure that openpty does not reacquire controlling terminal
1327if test ! -z "$check_for_openpty_ctty_bug"; then
1328 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1329 AC_TRY_RUN(
1330 [
1331#include <stdio.h>
1332#include <sys/fcntl.h>
1333#include <sys/types.h>
1334#include <sys/wait.h>
1335
1336int
1337main()
1338{
1339 pid_t pid;
1340 int fd, ptyfd, ttyfd, status;
1341
1342 pid = fork();
1343 if (pid < 0) { /* failed */
1344 exit(1);
1345 } else if (pid > 0) { /* parent */
1346 waitpid(pid, &status, 0);
cdd66111 1347 if (WIFEXITED(status))
0fff78ff 1348 exit(WEXITSTATUS(status));
1349 else
1350 exit(2);
1351 } else { /* child */
1352 close(0); close(1); close(2);
1353 setsid();
1354 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1355 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1356 if (fd >= 0)
1357 exit(3); /* Acquired ctty: broken */
1358 else
1359 exit(0); /* Did not acquire ctty: OK */
1360 }
1361}
1362 ],
1363 [
1364 AC_MSG_RESULT(yes)
1365 ],
1366 [
1367 AC_MSG_RESULT(no)
1368 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1369 ]
1370 )
1371fi
1372
dec6d9fe 1373if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1374 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
99be0775 1375 AC_MSG_CHECKING(if getaddrinfo seems to work)
1376 AC_TRY_RUN(
1377 [
1378#include <stdio.h>
1379#include <sys/socket.h>
1380#include <netdb.h>
1381#include <errno.h>
1382#include <netinet/in.h>
1383
1384#define TEST_PORT "2222"
1385
1386int
1387main(void)
1388{
1389 int err, sock;
1390 struct addrinfo *gai_ai, *ai, hints;
1391 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1392
1393 memset(&hints, 0, sizeof(hints));
1394 hints.ai_family = PF_UNSPEC;
1395 hints.ai_socktype = SOCK_STREAM;
1396 hints.ai_flags = AI_PASSIVE;
1397
1398 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1399 if (err != 0) {
1400 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1401 exit(1);
1402 }
1403
1404 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1405 if (ai->ai_family != AF_INET6)
1406 continue;
1407
1408 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1409 sizeof(ntop), strport, sizeof(strport),
1410 NI_NUMERICHOST|NI_NUMERICSERV);
1411
1412 if (err != 0) {
1413 if (err == EAI_SYSTEM)
1414 perror("getnameinfo EAI_SYSTEM");
1415 else
1416 fprintf(stderr, "getnameinfo failed: %s\n",
1417 gai_strerror(err));
1418 exit(2);
1419 }
1420
1421 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1422 if (sock < 0)
1423 perror("socket");
1424 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1425 if (errno == EBADF)
1426 exit(3);
1427 }
1428 }
1429 exit(0);
1430}
1431 ],
1432 [
1433 AC_MSG_RESULT(yes)
1434 ],
1435 [
1436 AC_MSG_RESULT(no)
1437 AC_DEFINE(BROKEN_GETADDRINFO)
1438 ]
1439 )
1440fi
1441
dec6d9fe 1442if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1443 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
996d5e62 1444 AC_MSG_CHECKING(if getaddrinfo seems to work)
1445 AC_TRY_RUN(
1446 [
1447#include <stdio.h>
1448#include <sys/socket.h>
1449#include <netdb.h>
1450#include <errno.h>
1451#include <netinet/in.h>
1452
1453#define TEST_PORT "2222"
1454
1455int
1456main(void)
1457{
1458 int err, sock;
1459 struct addrinfo *gai_ai, *ai, hints;
1460 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1461
1462 memset(&hints, 0, sizeof(hints));
1463 hints.ai_family = PF_UNSPEC;
1464 hints.ai_socktype = SOCK_STREAM;
1465 hints.ai_flags = AI_PASSIVE;
1466
1467 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1468 if (err != 0) {
1469 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1470 exit(1);
1471 }
1472
1473 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1474 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1475 continue;
1476
1477 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1478 sizeof(ntop), strport, sizeof(strport),
1479 NI_NUMERICHOST|NI_NUMERICSERV);
1480
1481 if (ai->ai_family == AF_INET && err != 0) {
1482 perror("getnameinfo");
1483 exit(2);
1484 }
1485 }
1486 exit(0);
1487}
1488 ],
1489 [
1490 AC_MSG_RESULT(yes)
1491 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1492[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1493 ],
1494 [
1495 AC_MSG_RESULT(no)
1496 AC_DEFINE(BROKEN_GETADDRINFO)
1497 ]
1498 )
1499fi
1500
1501if test "x$check_for_conflicting_getspnam" = "x1"; then
1502 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1503 AC_COMPILE_IFELSE(
1504 [
1505#include <shadow.h>
1506int main(void) {exit(0);}
1507 ],
1508 [
1509 AC_MSG_RESULT(no)
1510 ],
1511 [
1512 AC_MSG_RESULT(yes)
1513 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1514 [Conflicting defs for getspnam])
1515 ]
1516 )
1517fi
1518
3c0ef626 1519AC_FUNC_GETPGRP
1520
1521# Check for PAM libs
1522PAM_MSG="no"
1523AC_ARG_WITH(pam,
1524 [ --with-pam Enable PAM support ],
1525 [
1526 if test "x$withval" != "xno" ; then
cdd66111 1527 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1528 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
3c0ef626 1529 AC_MSG_ERROR([PAM headers not found])
1530 fi
1531
1532 AC_CHECK_LIB(dl, dlopen, , )
1533 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1534 AC_CHECK_FUNCS(pam_getenvlist)
0fff78ff 1535 AC_CHECK_FUNCS(pam_putenv)
3c0ef626 1536
3c0ef626 1537 PAM_MSG="yes"
1538
1539 AC_DEFINE(USE_PAM)
e9a17296 1540 if test $ac_cv_lib_dl_dlopen = yes; then
1541 LIBPAM="-lpam -ldl"
1542 else
1543 LIBPAM="-lpam"
1544 fi
1545 AC_SUBST(LIBPAM)
3c0ef626 1546 fi
1547 ]
1548)
1549
1550# Check for older PAM
1551if test "x$PAM_MSG" = "xyes" ; then
1552 # Check PAM strerror arguments (old PAM)
1553 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1554 AC_TRY_COMPILE(
1555 [
1556#include <stdlib.h>
cdd66111 1557#if defined(HAVE_SECURITY_PAM_APPL_H)
3c0ef626 1558#include <security/pam_appl.h>
cdd66111 1559#elif defined (HAVE_PAM_PAM_APPL_H)
1560#include <pam/pam_appl.h>
1561#endif
1562 ],
1563 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
3c0ef626 1564 [AC_MSG_RESULT(no)],
1565 [
1566 AC_DEFINE(HAVE_OLD_PAM)
1567 AC_MSG_RESULT(yes)
1568 PAM_MSG="yes (old library)"
1569 ]
1570 )
1571fi
1572
700318f3 1573# Search for OpenSSL
1574saved_CPPFLAGS="$CPPFLAGS"
1575saved_LDFLAGS="$LDFLAGS"
3c0ef626 1576AC_ARG_WITH(ssl-dir,
1577 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1578 [
1579 if test "x$withval" != "xno" ; then
996d5e62 1580 case "$withval" in
1581 # Relative paths
1582 ./*|../*) withval="`pwd`/$withval"
1583 esac
700318f3 1584 if test -d "$withval/lib"; then
1585 if test -n "${need_dash_r}"; then
1586 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1587 else
1588 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1589 fi
1590 else
700318f3 1591 if test -n "${need_dash_r}"; then
1592 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1593 else
1594 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1595 fi
1596 fi
700318f3 1597 if test -d "$withval/include"; then
1598 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1599 else
700318f3 1600 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1601 fi
1602 fi
700318f3 1603 ]
1604)
cdd66111 1605LIBS="-lcrypto $LIBS"
700318f3 1606AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
3c0ef626 1607 [
700318f3 1608 dnl Check default openssl install dir
1609 if test -n "${need_dash_r}"; then
1610 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1611 else
700318f3 1612 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1613 fi
700318f3 1614 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1615 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1616 [
1617 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1618 ]
1619 )
1620 ]
1621)
1622
41b2f314 1623# Determine OpenSSL header version
1624AC_MSG_CHECKING([OpenSSL header version])
996d5e62 1625AC_RUN_IFELSE(
1626 [AC_LANG_SOURCE([[
41b2f314 1627#include <stdio.h>
1628#include <string.h>
1629#include <openssl/opensslv.h>
1630#define DATA "conftest.sslincver"
1631int main(void) {
cdd66111 1632 FILE *fd;
1633 int rc;
41b2f314 1634
cdd66111 1635 fd = fopen(DATA,"w");
1636 if(fd == NULL)
1637 exit(1);
41b2f314 1638
1639 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1640 exit(1);
1641
1642 exit(0);
1643}
996d5e62 1644 ]])],
41b2f314 1645 [
1646 ssl_header_ver=`cat conftest.sslincver`
1647 AC_MSG_RESULT($ssl_header_ver)
1648 ],
1649 [
1650 AC_MSG_RESULT(not found)
1651 AC_MSG_ERROR(OpenSSL version header not found.)
996d5e62 1652 ],
1653 [
1654 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1655 ]
1656)
1657
1658# Determine OpenSSL library version
1659AC_MSG_CHECKING([OpenSSL library version])
996d5e62 1660AC_RUN_IFELSE(
1661 [AC_LANG_SOURCE([[
41b2f314 1662#include <stdio.h>
1663#include <string.h>
1664#include <openssl/opensslv.h>
1665#include <openssl/crypto.h>
1666#define DATA "conftest.ssllibver"
1667int main(void) {
cdd66111 1668 FILE *fd;
1669 int rc;
41b2f314 1670
cdd66111 1671 fd = fopen(DATA,"w");
1672 if(fd == NULL)
1673 exit(1);
41b2f314 1674
1675 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1676 exit(1);
1677
1678 exit(0);
1679}
996d5e62 1680 ]])],
41b2f314 1681 [
1682 ssl_library_ver=`cat conftest.ssllibver`
1683 AC_MSG_RESULT($ssl_library_ver)
1684 ],
1685 [
1686 AC_MSG_RESULT(not found)
1687 AC_MSG_ERROR(OpenSSL library not found.)
996d5e62 1688 ],
1689 [
1690 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1691 ]
1692)
3c0ef626 1693
e9a17296 1694# Sanity check OpenSSL headers
1695AC_MSG_CHECKING([whether OpenSSL's headers match the library])
996d5e62 1696AC_RUN_IFELSE(
1697 [AC_LANG_SOURCE([[
e9a17296 1698#include <string.h>
1699#include <openssl/opensslv.h>
41b2f314 1700int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
996d5e62 1701 ]])],
e9a17296 1702 [
1703 AC_MSG_RESULT(yes)
1704 ],
1705 [
1706 AC_MSG_RESULT(no)
0fff78ff 1707 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1708Check config.log for details.
1709Also see contrib/findssl.sh for help identifying header/library mismatches.])
996d5e62 1710 ],
1711 [
1712 AC_MSG_WARN([cross compiling: not checking])
e9a17296 1713 ]
1714)
1715
cdd66111 1716# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1717# because the system crypt() is more featureful.
1718if test "x$check_for_libcrypt_before" = "x1"; then
1719 AC_CHECK_LIB(crypt, crypt)
1720fi
1721
1722# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
1723# version in OpenSSL.
0fff78ff 1724if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 1725 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
1726fi
1727
665a873d 1728AC_CHECK_LIB(iaf, ia_openinfo)
e9a17296 1729
1730### Configure cryptographic random number support
1731
1732# Check wheter OpenSSL seeds itself
1733AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
996d5e62 1734AC_RUN_IFELSE(
1735 [AC_LANG_SOURCE([[
e9a17296 1736#include <string.h>
1737#include <openssl/rand.h>
41b2f314 1738int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
996d5e62 1739 ]])],
e9a17296 1740 [
1741 OPENSSL_SEEDS_ITSELF=yes
1742 AC_MSG_RESULT(yes)
1743 ],
1744 [
1745 AC_MSG_RESULT(no)
1746 # Default to use of the rand helper if OpenSSL doesn't
1747 # seed itself
1748 USE_RAND_HELPER=yes
996d5e62 1749 ],
1750 [
1751 AC_MSG_WARN([cross compiling: assuming yes])
1752 # This is safe, since all recent OpenSSL versions will
dec6d9fe 1753 # complain at runtime if not seeded correctly.
996d5e62 1754 OPENSSL_SEEDS_ITSELF=yes
e9a17296 1755 ]
1756)
1757
1758
1759# Do we want to force the use of the rand helper?
1760AC_ARG_WITH(rand-helper,
1761 [ --with-rand-helper Use subprocess to gather strong randomness ],
1762 [
1763 if test "x$withval" = "xno" ; then
cdd66111 1764 # Force use of OpenSSL's internal RNG, even if
e9a17296 1765 # the previous test showed it to be unseeded.
1766 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1767 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1768 OPENSSL_SEEDS_ITSELF=yes
1769 USE_RAND_HELPER=""
1770 fi
1771 else
1772 USE_RAND_HELPER=yes
1773 fi
1774 ],
dec6d9fe 1775)
e9a17296 1776
1777# Which randomness source do we use?
dec6d9fe 1778if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 1779 # OpenSSL only
1780 AC_DEFINE(OPENSSL_PRNG_ONLY)
1781 RAND_MSG="OpenSSL internal ONLY"
1782 INSTALL_SSH_RAND_HELPER=""
1783elif test ! -z "$USE_RAND_HELPER" ; then
1784 # install rand helper
1785 RAND_MSG="ssh-rand-helper"
1786 INSTALL_SSH_RAND_HELPER="yes"
1787fi
1788AC_SUBST(INSTALL_SSH_RAND_HELPER)
1789
1790### Configuration of ssh-rand-helper
1791
1792# PRNGD TCP socket
1793AC_ARG_WITH(prngd-port,
1794 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1795 [
1796 case "$withval" in
1797 no)
1798 withval=""
1799 ;;
1800 [[0-9]]*)
1801 ;;
1802 *)
1803 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1804 ;;
1805 esac
1806 if test ! -z "$withval" ; then
1807 PRNGD_PORT="$withval"
1808 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1809 fi
1810 ]
1811)
1812
1813# PRNGD Unix domain socket
1814AC_ARG_WITH(prngd-socket,
1815 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1816 [
1817 case "$withval" in
1818 yes)
1819 withval="/var/run/egd-pool"
1820 ;;
1821 no)
1822 withval=""
1823 ;;
1824 /*)
1825 ;;
1826 *)
1827 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1828 ;;
1829 esac
1830
1831 if test ! -z "$withval" ; then
1832 if test ! -z "$PRNGD_PORT" ; then
1833 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1834 fi
1835 if test ! -r "$withval" ; then
1836 AC_MSG_WARN(Entropy socket is not readable)
1837 fi
1838 PRNGD_SOCKET="$withval"
1839 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1840 fi
1841 ],
1842 [
1843 # Check for existing socket only if we don't have a random device already
1844 if test "$USE_RAND_HELPER" = yes ; then
1845 AC_MSG_CHECKING(for PRNGD/EGD socket)
1846 # Insert other locations here
1847 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1848 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1849 PRNGD_SOCKET="$sock"
1850 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1851 break;
1852 fi
1853 done
1854 if test ! -z "$PRNGD_SOCKET" ; then
1855 AC_MSG_RESULT($PRNGD_SOCKET)
1856 else
1857 AC_MSG_RESULT(not found)
1858 fi
1859 fi
1860 ]
1861)
1862
1863# Change default command timeout for hashing entropy source
1864entropy_timeout=200
1865AC_ARG_WITH(entropy-timeout,
1866 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1867 [
dec6d9fe 1868 if test -n "$withval" && test "x$withval" != "xno" && \
1869 test "x${withval}" != "xyes"; then
e9a17296 1870 entropy_timeout=$withval
1871 fi
dec6d9fe 1872 ]
e9a17296 1873)
e9a17296 1874AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1875
680cee3b 1876SSH_PRIVSEP_USER=sshd
700318f3 1877AC_ARG_WITH(privsep-user,
1878 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
1879 [
dec6d9fe 1880 if test -n "$withval" && test "x$withval" != "xno" && \
1881 test "x${withval}" != "xyes"; then
680cee3b 1882 SSH_PRIVSEP_USER=$withval
700318f3 1883 fi
dec6d9fe 1884 ]
700318f3 1885)
680cee3b 1886AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1887AC_SUBST(SSH_PRIVSEP_USER)
700318f3 1888
1889# We do this little dance with the search path to insure
1890# that programs that we select for use by installed programs
1891# (which may be run by the super-user) come from trusted
1892# locations before they come from the user's private area.
1893# This should help avoid accidentally configuring some
1894# random version of a program in someone's personal bin.
1895
1896OPATH=$PATH
1897PATH=/bin:/usr/bin
1898test -h /bin 2> /dev/null && PATH=/usr/bin
1899test -d /sbin && PATH=$PATH:/sbin
1900test -d /usr/sbin && PATH=$PATH:/usr/sbin
1901PATH=$PATH:/etc:$OPATH
1902
cdd66111 1903# These programs are used by the command hashing source to gather entropy
e9a17296 1904OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1905OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1906OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1907OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1908OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1909OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1910OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1911OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1912OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1913OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1914OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1915OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1916OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1917OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1918OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1919OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
700318f3 1920# restore PATH
1921PATH=$OPATH
e9a17296 1922
1923# Where does ssh-rand-helper get its randomness from?
1924INSTALL_SSH_PRNG_CMDS=""
1925if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1926 if test ! -z "$PRNGD_PORT" ; then
1927 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1928 elif test ! -z "$PRNGD_SOCKET" ; then
1929 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1930 else
1931 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1932 RAND_HELPER_CMDHASH=yes
1933 INSTALL_SSH_PRNG_CMDS="yes"
1934 fi
1935fi
1936AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1937
1938
3c0ef626 1939# Cheap hack to ensure NEWS-OS libraries are arranged right.
1940if test ! -z "$SONY" ; then
1941 LIBS="$LIBS -liberty";
1942fi
1943
1944# Checks for data types
1945AC_CHECK_SIZEOF(char, 1)
1946AC_CHECK_SIZEOF(short int, 2)
1947AC_CHECK_SIZEOF(int, 4)
1948AC_CHECK_SIZEOF(long int, 4)
1949AC_CHECK_SIZEOF(long long int, 8)
1950
700318f3 1951# Sanity check long long for some platforms (AIX)
1952if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1953 ac_cv_sizeof_long_long_int=0
1954fi
1955
3c0ef626 1956# More checks for data types
1957AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1958 AC_TRY_COMPILE(
cdd66111 1959 [ #include <sys/types.h> ],
1960 [ u_int a; a = 1;],
3c0ef626 1961 [ ac_cv_have_u_int="yes" ],
1962 [ ac_cv_have_u_int="no" ]
1963 )
1964])
1965if test "x$ac_cv_have_u_int" = "xyes" ; then
1966 AC_DEFINE(HAVE_U_INT)
1967 have_u_int=1
1968fi
1969
1970AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1971 AC_TRY_COMPILE(
cdd66111 1972 [ #include <sys/types.h> ],
1973 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 1974 [ ac_cv_have_intxx_t="yes" ],
1975 [ ac_cv_have_intxx_t="no" ]
1976 )
1977])
1978if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1979 AC_DEFINE(HAVE_INTXX_T)
1980 have_intxx_t=1
1981fi
1982
1983if (test -z "$have_intxx_t" && \
cdd66111 1984 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 1985then
1986 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1987 AC_TRY_COMPILE(
cdd66111 1988 [ #include <stdint.h> ],
1989 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 1990 [
1991 AC_DEFINE(HAVE_INTXX_T)
1992 AC_MSG_RESULT(yes)
1993 ],
1994 [ AC_MSG_RESULT(no) ]
1995 )
1996fi
1997
1998AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1999 AC_TRY_COMPILE(
41b2f314 2000 [
2001#include <sys/types.h>
2002#ifdef HAVE_STDINT_H
2003# include <stdint.h>
2004#endif
2005#include <sys/socket.h>
2006#ifdef HAVE_SYS_BITYPES_H
2007# include <sys/bitypes.h>
2008#endif
cdd66111 2009 ],
2010 [ int64_t a; a = 1;],
3c0ef626 2011 [ ac_cv_have_int64_t="yes" ],
2012 [ ac_cv_have_int64_t="no" ]
2013 )
2014])
2015if test "x$ac_cv_have_int64_t" = "xyes" ; then
2016 AC_DEFINE(HAVE_INT64_T)
e9a17296 2017fi
2018
3c0ef626 2019AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2020 AC_TRY_COMPILE(
cdd66111 2021 [ #include <sys/types.h> ],
2022 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2023 [ ac_cv_have_u_intxx_t="yes" ],
2024 [ ac_cv_have_u_intxx_t="no" ]
2025 )
2026])
2027if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
2028 AC_DEFINE(HAVE_U_INTXX_T)
2029 have_u_intxx_t=1
2030fi
2031
2032if test -z "$have_u_intxx_t" ; then
2033 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2034 AC_TRY_COMPILE(
cdd66111 2035 [ #include <sys/socket.h> ],
2036 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2037 [
2038 AC_DEFINE(HAVE_U_INTXX_T)
2039 AC_MSG_RESULT(yes)
2040 ],
2041 [ AC_MSG_RESULT(no) ]
2042 )
2043fi
2044
2045AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2046 AC_TRY_COMPILE(
cdd66111 2047 [ #include <sys/types.h> ],
2048 [ u_int64_t a; a = 1;],
3c0ef626 2049 [ ac_cv_have_u_int64_t="yes" ],
2050 [ ac_cv_have_u_int64_t="no" ]
2051 )
2052])
2053if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2054 AC_DEFINE(HAVE_U_INT64_T)
2055 have_u_int64_t=1
2056fi
2057
e9a17296 2058if test -z "$have_u_int64_t" ; then
2059 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2060 AC_TRY_COMPILE(
cdd66111 2061 [ #include <sys/bitypes.h> ],
e9a17296 2062 [ u_int64_t a; a = 1],
2063 [
2064 AC_DEFINE(HAVE_U_INT64_T)
2065 AC_MSG_RESULT(yes)
2066 ],
2067 [ AC_MSG_RESULT(no) ]
2068 )
2069fi
2070
3c0ef626 2071if test -z "$have_u_intxx_t" ; then
2072 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2073 AC_TRY_COMPILE(
2074 [
2075#include <sys/types.h>
cdd66111 2076 ],
2077 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2078 [ ac_cv_have_uintxx_t="yes" ],
2079 [ ac_cv_have_uintxx_t="no" ]
2080 )
2081 ])
2082 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2083 AC_DEFINE(HAVE_UINTXX_T)
2084 fi
2085fi
2086
2087if test -z "$have_uintxx_t" ; then
2088 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2089 AC_TRY_COMPILE(
cdd66111 2090 [ #include <stdint.h> ],
2091 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2092 [
2093 AC_DEFINE(HAVE_UINTXX_T)
2094 AC_MSG_RESULT(yes)
2095 ],
2096 [ AC_MSG_RESULT(no) ]
2097 )
2098fi
2099
2100if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
cdd66111 2101 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2102then
2103 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2104 AC_TRY_COMPILE(
2105 [
2106#include <sys/bitypes.h>
cdd66111 2107 ],
3c0ef626 2108 [
2109 int8_t a; int16_t b; int32_t c;
2110 u_int8_t e; u_int16_t f; u_int32_t g;
2111 a = b = c = e = f = g = 1;
cdd66111 2112 ],
3c0ef626 2113 [
2114 AC_DEFINE(HAVE_U_INTXX_T)
2115 AC_DEFINE(HAVE_INTXX_T)
2116 AC_MSG_RESULT(yes)
2117 ],
2118 [AC_MSG_RESULT(no)]
cdd66111 2119 )
3c0ef626 2120fi
2121
2122
2123AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2124 AC_TRY_COMPILE(
2125 [
2126#include <sys/types.h>
2127 ],
2128 [ u_char foo; foo = 125; ],
2129 [ ac_cv_have_u_char="yes" ],
2130 [ ac_cv_have_u_char="no" ]
2131 )
2132])
2133if test "x$ac_cv_have_u_char" = "xyes" ; then
2134 AC_DEFINE(HAVE_U_CHAR)
2135fi
2136
2137TYPE_SOCKLEN_T
2138
e9a17296 2139AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2140
996d5e62 2141AC_CHECK_TYPES(in_addr_t,,,
2142[#include <sys/types.h>
2143#include <netinet/in.h>])
2144
3c0ef626 2145AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2146 AC_TRY_COMPILE(
2147 [
2148#include <sys/types.h>
2149 ],
2150 [ size_t foo; foo = 1235; ],
2151 [ ac_cv_have_size_t="yes" ],
2152 [ ac_cv_have_size_t="no" ]
2153 )
2154])
2155if test "x$ac_cv_have_size_t" = "xyes" ; then
2156 AC_DEFINE(HAVE_SIZE_T)
2157fi
2158
2159AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2160 AC_TRY_COMPILE(
2161 [
2162#include <sys/types.h>
2163 ],
2164 [ ssize_t foo; foo = 1235; ],
2165 [ ac_cv_have_ssize_t="yes" ],
2166 [ ac_cv_have_ssize_t="no" ]
2167 )
2168])
2169if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2170 AC_DEFINE(HAVE_SSIZE_T)
2171fi
2172
2173AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2174 AC_TRY_COMPILE(
2175 [
2176#include <time.h>
2177 ],
2178 [ clock_t foo; foo = 1235; ],
2179 [ ac_cv_have_clock_t="yes" ],
2180 [ ac_cv_have_clock_t="no" ]
2181 )
2182])
2183if test "x$ac_cv_have_clock_t" = "xyes" ; then
2184 AC_DEFINE(HAVE_CLOCK_T)
2185fi
2186
2187AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2188 AC_TRY_COMPILE(
2189 [
2190#include <sys/types.h>
2191#include <sys/socket.h>
2192 ],
2193 [ sa_family_t foo; foo = 1235; ],
2194 [ ac_cv_have_sa_family_t="yes" ],
2195 [ AC_TRY_COMPILE(
2196 [
2197#include <sys/types.h>
2198#include <sys/socket.h>
2199#include <netinet/in.h>
2200 ],
2201 [ sa_family_t foo; foo = 1235; ],
2202 [ ac_cv_have_sa_family_t="yes" ],
2203
2204 [ ac_cv_have_sa_family_t="no" ]
2205 )]
2206 )
2207])
2208if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2209 AC_DEFINE(HAVE_SA_FAMILY_T)
2210fi
2211
2212AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2213 AC_TRY_COMPILE(
2214 [
2215#include <sys/types.h>
2216 ],
2217 [ pid_t foo; foo = 1235; ],
2218 [ ac_cv_have_pid_t="yes" ],
2219 [ ac_cv_have_pid_t="no" ]
2220 )
2221])
2222if test "x$ac_cv_have_pid_t" = "xyes" ; then
2223 AC_DEFINE(HAVE_PID_T)
2224fi
2225
2226AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2227 AC_TRY_COMPILE(
2228 [
2229#include <sys/types.h>
2230 ],
2231 [ mode_t foo; foo = 1235; ],
2232 [ ac_cv_have_mode_t="yes" ],
2233 [ ac_cv_have_mode_t="no" ]
2234 )
2235])
2236if test "x$ac_cv_have_mode_t" = "xyes" ; then
2237 AC_DEFINE(HAVE_MODE_T)
2238fi
2239
2240
2241AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2242 AC_TRY_COMPILE(
2243 [
2244#include <sys/types.h>
2245#include <sys/socket.h>
2246 ],
2247 [ struct sockaddr_storage s; ],
2248 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2249 [ ac_cv_have_struct_sockaddr_storage="no" ]
2250 )
2251])
2252if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2253 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
2254fi
2255
2256AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2257 AC_TRY_COMPILE(
2258 [
2259#include <sys/types.h>
2260#include <netinet/in.h>
2261 ],
2262 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2263 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2264 [ ac_cv_have_struct_sockaddr_in6="no" ]
2265 )
2266])
2267if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2268 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
2269fi
2270
2271AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2272 AC_TRY_COMPILE(
2273 [
2274#include <sys/types.h>
2275#include <netinet/in.h>
2276 ],
2277 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2278 [ ac_cv_have_struct_in6_addr="yes" ],
2279 [ ac_cv_have_struct_in6_addr="no" ]
2280 )
2281])
2282if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2283 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
2284fi
2285
2286AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2287 AC_TRY_COMPILE(
2288 [
2289#include <sys/types.h>
2290#include <sys/socket.h>
2291#include <netdb.h>
2292 ],
2293 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2294 [ ac_cv_have_struct_addrinfo="yes" ],
2295 [ ac_cv_have_struct_addrinfo="no" ]
2296 )
2297])
2298if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2299 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2300fi
2301
2302AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2303 AC_TRY_COMPILE(
cdd66111 2304 [ #include <sys/time.h> ],
2305 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2306 [ ac_cv_have_struct_timeval="yes" ],
2307 [ ac_cv_have_struct_timeval="no" ]
2308 )
2309])
2310if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2311 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2312 have_struct_timeval=1
2313fi
2314
6a9b3198 2315AC_CHECK_TYPES(struct timespec)
2316
2317# We need int64_t or else certian parts of the compile will fail.
dec6d9fe 2318if test "x$ac_cv_have_int64_t" = "xno" && \
2319 test "x$ac_cv_sizeof_long_int" != "x8" && \
2320 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
6a9b3198 2321 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2322 echo "an alternative compiler (I.E., GCC) before continuing."
2323 echo ""
2324 exit 1;
3c0ef626 2325else
2326dnl test snprintf (broken on SCO w/gcc)
996d5e62 2327 AC_RUN_IFELSE(
2328 [AC_LANG_SOURCE([[
3c0ef626 2329#include <stdio.h>
2330#include <string.h>
2331#ifdef HAVE_SNPRINTF
2332main()
2333{
2334 char buf[50];
2335 char expected_out[50];
2336 int mazsize = 50 ;
2337#if (SIZEOF_LONG_INT == 8)
2338 long int num = 0x7fffffffffffffff;
2339#else
2340 long long num = 0x7fffffffffffffffll;
2341#endif
2342 strcpy(expected_out, "9223372036854775807");
2343 snprintf(buf, mazsize, "%lld", num);
2344 if(strcmp(buf, expected_out) != 0)
cdd66111 2345 exit(1);
3c0ef626 2346 exit(0);
2347}
2348#else
2349main() { exit(0); }
2350#endif
996d5e62 2351 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2352 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2353 )
2354fi
3c0ef626 2355
2356dnl Checks for structure members
2357OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2358OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2359OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2360OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2361OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2362OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2363OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2364OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2365OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2366OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2367OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2368OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2369OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2370OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2371OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2372OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2373OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2374
2375AC_CHECK_MEMBERS([struct stat.st_blksize])
2376
2377AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2378 ac_cv_have_ss_family_in_struct_ss, [
2379 AC_TRY_COMPILE(
2380 [
2381#include <sys/types.h>
2382#include <sys/socket.h>
2383 ],
2384 [ struct sockaddr_storage s; s.ss_family = 1; ],
2385 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2386 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2387 )
2388])
2389if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2390 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2391fi
2392
2393AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2394 ac_cv_have___ss_family_in_struct_ss, [
2395 AC_TRY_COMPILE(
2396 [
2397#include <sys/types.h>
2398#include <sys/socket.h>
2399 ],
2400 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2401 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2402 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2403 )
2404])
2405if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2406 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2407fi
2408
2409AC_CACHE_CHECK([for pw_class field in struct passwd],
2410 ac_cv_have_pw_class_in_struct_passwd, [
2411 AC_TRY_COMPILE(
2412 [
2413#include <pwd.h>
2414 ],
2415 [ struct passwd p; p.pw_class = 0; ],
2416 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2417 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2418 )
2419])
2420if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2421 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2422fi
2423
2424AC_CACHE_CHECK([for pw_expire field in struct passwd],
2425 ac_cv_have_pw_expire_in_struct_passwd, [
2426 AC_TRY_COMPILE(
2427 [
2428#include <pwd.h>
2429 ],
2430 [ struct passwd p; p.pw_expire = 0; ],
2431 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2432 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2433 )
2434])
2435if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2436 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2437fi
2438
2439AC_CACHE_CHECK([for pw_change field in struct passwd],
2440 ac_cv_have_pw_change_in_struct_passwd, [
2441 AC_TRY_COMPILE(
2442 [
2443#include <pwd.h>
2444 ],
2445 [ struct passwd p; p.pw_change = 0; ],
2446 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2447 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2448 )
2449])
2450if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2451 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2452fi
2453
fba3c309 2454dnl make sure we're using the real structure members and not defines
700318f3 2455AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2456 ac_cv_have_accrights_in_msghdr, [
996d5e62 2457 AC_COMPILE_IFELSE(
700318f3 2458 [
2459#include <sys/types.h>
2460#include <sys/socket.h>
2461#include <sys/uio.h>
fba3c309 2462int main() {
2463#ifdef msg_accrights
996d5e62 2464#error "msg_accrights is a macro"
fba3c309 2465exit(1);
2466#endif
2467struct msghdr m;
2468m.msg_accrights = 0;
2469exit(0);
2470}
700318f3 2471 ],
700318f3 2472 [ ac_cv_have_accrights_in_msghdr="yes" ],
2473 [ ac_cv_have_accrights_in_msghdr="no" ]
2474 )
2475])
2476if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2477 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2478fi
2479
2480AC_CACHE_CHECK([for msg_control field in struct msghdr],
2481 ac_cv_have_control_in_msghdr, [
996d5e62 2482 AC_COMPILE_IFELSE(
700318f3 2483 [
2484#include <sys/types.h>
2485#include <sys/socket.h>
2486#include <sys/uio.h>
fba3c309 2487int main() {
2488#ifdef msg_control
996d5e62 2489#error "msg_control is a macro"
fba3c309 2490exit(1);
2491#endif
2492struct msghdr m;
2493m.msg_control = 0;
2494exit(0);
2495}
700318f3 2496 ],
700318f3 2497 [ ac_cv_have_control_in_msghdr="yes" ],
2498 [ ac_cv_have_control_in_msghdr="no" ]
2499 )
2500])
2501if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2502 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2503fi
2504
3c0ef626 2505AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
cdd66111 2506 AC_TRY_LINK([],
2507 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 2508 [ ac_cv_libc_defines___progname="yes" ],
2509 [ ac_cv_libc_defines___progname="no" ]
2510 )
2511])
2512if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2513 AC_DEFINE(HAVE___PROGNAME)
2514fi
2515
700318f3 2516AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2517 AC_TRY_LINK([
2518#include <stdio.h>
cdd66111 2519],
2520 [ printf("%s", __FUNCTION__); ],
700318f3 2521 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2522 [ ac_cv_cc_implements___FUNCTION__="no" ]
2523 )
2524])
2525if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2526 AC_DEFINE(HAVE___FUNCTION__)
2527fi
2528
2529AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2530 AC_TRY_LINK([
2531#include <stdio.h>
cdd66111 2532],
2533 [ printf("%s", __func__); ],
700318f3 2534 [ ac_cv_cc_implements___func__="yes" ],
2535 [ ac_cv_cc_implements___func__="no" ]
2536 )
2537])
2538if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2539 AC_DEFINE(HAVE___func__)
2540fi
2541
3c0ef626 2542AC_CACHE_CHECK([whether getopt has optreset support],
2543 ac_cv_have_getopt_optreset, [
2544 AC_TRY_LINK(
2545 [
2546#include <getopt.h>
2547 ],
2548 [ extern int optreset; optreset = 0; ],
2549 [ ac_cv_have_getopt_optreset="yes" ],
2550 [ ac_cv_have_getopt_optreset="no" ]
2551 )
2552])
2553if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2554 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2555fi
2556
2557AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
cdd66111 2558 AC_TRY_LINK([],
2559 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 2560 [ ac_cv_libc_defines_sys_errlist="yes" ],
2561 [ ac_cv_libc_defines_sys_errlist="no" ]
2562 )
2563])
2564if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2565 AC_DEFINE(HAVE_SYS_ERRLIST)
2566fi
2567
2568
2569AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
cdd66111 2570 AC_TRY_LINK([],
2571 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 2572 [ ac_cv_libc_defines_sys_nerr="yes" ],
2573 [ ac_cv_libc_defines_sys_nerr="no" ]
2574 )
2575])
2576if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2577 AC_DEFINE(HAVE_SYS_NERR)
2578fi
2579
cdd66111 2580SCARD_MSG="no"
700318f3 2581# Check whether user wants sectok support
2582AC_ARG_WITH(sectok,
2583 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 2584 [
2585 if test "x$withval" != "xno" ; then
2586 if test "x$withval" != "xyes" ; then
2587 CPPFLAGS="$CPPFLAGS -I${withval}"
2588 LDFLAGS="$LDFLAGS -L${withval}"
2589 if test ! -z "$need_dash_r" ; then
2590 LDFLAGS="$LDFLAGS -R${withval}"
2591 fi
2592 if test ! -z "$blibpath" ; then
2593 blibpath="$blibpath:${withval}"
2594 fi
2595 fi
2596 AC_CHECK_HEADERS(sectok.h)
2597 if test "$ac_cv_header_sectok_h" != yes; then
2598 AC_MSG_ERROR(Can't find sectok.h)
2599 fi
2600 AC_CHECK_LIB(sectok, sectok_open)
2601 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2602 AC_MSG_ERROR(Can't find libsectok)
2603 fi
2604 AC_DEFINE(SMARTCARD)
700318f3 2605 AC_DEFINE(USE_SECTOK)
cdd66111 2606 SCARD_MSG="yes, using sectok"
3c0ef626 2607 fi
2608 ]
2609)
2610
700318f3 2611# Check whether user wants OpenSC support
dec6d9fe 2612OPENSC_CONFIG="no"
700318f3 2613AC_ARG_WITH(opensc,
dec6d9fe 2614 [--with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
2615 [
2616 if test "x$withval" != "xno" ; then
2617 if test "x$withval" != "xyes" ; then
2618 OPENSC_CONFIG=$withval/bin/opensc-config
2619 else
2620 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2621 fi
2622 if test "$OPENSC_CONFIG" != "no"; then
2623 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2624 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2625 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2626 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2627 AC_DEFINE(SMARTCARD)
2628 AC_DEFINE(USE_OPENSC)
2629 SCARD_MSG="yes, using OpenSC"
2630 fi
2631 fi
2632 ]
2633)
700318f3 2634
cdd66111 2635# Check libraries needed by DNS fingerprint support
2636AC_SEARCH_LIBS(getrrsetbyname, resolv,
2637 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
0fff78ff 2638 [
cdd66111 2639 # Needed by our getrrsetbyname()
2640 AC_SEARCH_LIBS(res_query, resolv)
2641 AC_SEARCH_LIBS(dn_expand, resolv)
c9f39d2c 2642 AC_MSG_CHECKING(if res_query will link)
2643 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2644 [AC_MSG_RESULT(no)
2645 saved_LIBS="$LIBS"
2646 LIBS="$LIBS -lresolv"
2647 AC_MSG_CHECKING(for res_query in -lresolv)
2648 AC_LINK_IFELSE([
2649#include <resolv.h>
2650int main()
2651{
2652 res_query (0, 0, 0, 0, 0);
2653 return 0;
2654}
2655 ],
2656 [LIBS="$LIBS -lresolv"
2657 AC_MSG_RESULT(yes)],
2658 [LIBS="$saved_LIBS"
2659 AC_MSG_RESULT(no)])
2660 ])
cdd66111 2661 AC_CHECK_FUNCS(_getshort _getlong)
665a873d 2662 AC_CHECK_DECLS([_getshort, _getlong], , ,
2663 [#include <sys/types.h>
2664 #include <arpa/nameser.h>])
cdd66111 2665 AC_CHECK_MEMBER(HEADER.ad,
2666 [AC_DEFINE(HAVE_HEADER_AD)],,
2667 [#include <arpa/nameser.h>])
2668 ])
0fff78ff 2669
700318f3 2670# Check whether user wants Kerberos 5 support
cdd66111 2671KRB5_MSG="no"
700318f3 2672AC_ARG_WITH(kerberos5,
cdd66111 2673 [ --with-kerberos5=PATH Enable Kerberos 5 support],
2674 [ if test "x$withval" != "xno" ; then
2675 if test "x$withval" = "xyes" ; then
2676 KRB5ROOT="/usr/local"
2677 else
2678 KRB5ROOT=${withval}
2679 fi
2680
2681 AC_DEFINE(KRB5)
2682 KRB5_MSG="yes"
2683
2684 AC_MSG_CHECKING(for krb5-config)
2685 if test -x $KRB5ROOT/bin/krb5-config ; then
2686 KRB5CONF=$KRB5ROOT/bin/krb5-config
2687 AC_MSG_RESULT($KRB5CONF)
2688
2689 AC_MSG_CHECKING(for gssapi support)
2690 if $KRB5CONF | grep gssapi >/dev/null ; then
2691 AC_MSG_RESULT(yes)
2692 AC_DEFINE(GSSAPI)
2693 k5confopts=gssapi
2694 else
2695 AC_MSG_RESULT(no)
2696 k5confopts=""
2697 fi
2698 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2699 K5LIBS="`$KRB5CONF --libs $k5confopts`"
2700 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
2701 AC_MSG_CHECKING(whether we are using Heimdal)
2702 AC_TRY_COMPILE([ #include <krb5.h> ],
2703 [ char *tmp = heimdal_version; ],
2704 [ AC_MSG_RESULT(yes)
2705 AC_DEFINE(HEIMDAL) ],
2706 AC_MSG_RESULT(no)
2707 )
2708 else
2709 AC_MSG_RESULT(no)
700318f3 2710 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
cdd66111 2711 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
2712 AC_MSG_CHECKING(whether we are using Heimdal)
2713 AC_TRY_COMPILE([ #include <krb5.h> ],
2714 [ char *tmp = heimdal_version; ],
2715 [ AC_MSG_RESULT(yes)
2716 AC_DEFINE(HEIMDAL)
c9f39d2c 2717 K5LIBS="-lkrb5 -ldes"
2718 K5LIBS="$K5LIBS -lcom_err -lasn1"
dec6d9fe 2719 AC_CHECK_LIB(roken, net_write,
c9f39d2c 2720 [K5LIBS="$K5LIBS -lroken"])
cdd66111 2721 ],
2722 [ AC_MSG_RESULT(no)
2723 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2724 ]
2725 )
0fff78ff 2726 AC_SEARCH_LIBS(dn_expand, resolv)
2727
2728 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2729 [ AC_DEFINE(GSSAPI)
2730 K5LIBS="-lgssapi $K5LIBS" ],
2731 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2732 [ AC_DEFINE(GSSAPI)
cdd66111 2733 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
0fff78ff 2734 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2735 $K5LIBS)
2736 ],
2737 $K5LIBS)
dec6d9fe 2738
0fff78ff 2739 AC_CHECK_HEADER(gssapi.h, ,
2740 [ unset ac_cv_header_gssapi_h
cdd66111 2741 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
0fff78ff 2742 AC_CHECK_HEADERS(gssapi.h, ,
2743 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
cdd66111 2744 )
0fff78ff 2745 ]
2746 )
2747
2748 oldCPP="$CPPFLAGS"
2749 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2750 AC_CHECK_HEADER(gssapi_krb5.h, ,
2751 [ CPPFLAGS="$oldCPP" ])
700318f3 2752
cdd66111 2753 fi
2754 if test ! -z "$need_dash_r" ; then
2755 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2756 fi
2757 if test ! -z "$blibpath" ; then
2758 blibpath="$blibpath:${KRB5ROOT}/lib"
2759 fi
2760 fi
2761
2762 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2763 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2764 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2765
2766 LIBS="$LIBS $K5LIBS"
2767 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
2768 ]
700318f3 2769)
3c0ef626 2770
2771# Looking for programs, paths and files
3c0ef626 2772
700318f3 2773PRIVSEP_PATH=/var/empty
2774AC_ARG_WITH(privsep-path,
41b2f314 2775 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
700318f3 2776 [
dec6d9fe 2777 if test -n "$withval" && test "x$withval" != "xno" && \
2778 test "x${withval}" != "xyes"; then
700318f3 2779 PRIVSEP_PATH=$withval
2780 fi
2781 ]
2782)
2783AC_SUBST(PRIVSEP_PATH)
2784
3c0ef626 2785AC_ARG_WITH(xauth,
2786 [ --with-xauth=PATH Specify path to xauth program ],
2787 [
dec6d9fe 2788 if test -n "$withval" && test "x$withval" != "xno" && \
2789 test "x${withval}" != "xyes"; then
3c0ef626 2790 xauth_path=$withval
2791 fi
2792 ],
2793 [
41b2f314 2794 TestPath="$PATH"
2795 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2796 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2797 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2798 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2799 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 2800 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
2801 xauth_path="/usr/openwin/bin/xauth"
2802 fi
2803 ]
2804)
2805
6a9b3198 2806STRIP_OPT=-s
2807AC_ARG_ENABLE(strip,
2808 [ --disable-strip Disable calling strip(1) on install],
2809 [
2810 if test "x$enableval" = "xno" ; then
2811 STRIP_OPT=
2812 fi
2813 ]
2814)
2815AC_SUBST(STRIP_OPT)
2816
3c0ef626 2817if test -z "$xauth_path" ; then
2818 XAUTH_PATH="undefined"
2819 AC_SUBST(XAUTH_PATH)
2820else
2821 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
2822 XAUTH_PATH=$xauth_path
2823 AC_SUBST(XAUTH_PATH)
2824fi
3c0ef626 2825
2826# Check for mail directory (last resort if we cannot get it from headers)
2827if test ! -z "$MAIL" ; then
2828 maildir=`dirname $MAIL`
2829 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2830fi
2831
996d5e62 2832if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
2833 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2834 disable_ptmx_check=yes
2835fi
3c0ef626 2836if test -z "$no_dev_ptmx" ; then
700318f3 2837 if test "x$disable_ptmx_check" != "xyes" ; then
cdd66111 2838 AC_CHECK_FILE("/dev/ptmx",
700318f3 2839 [
2840 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2841 have_dev_ptmx=1
2842 ]
2843 )
2844 fi
3c0ef626 2845fi
996d5e62 2846
2847if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
2848 AC_CHECK_FILE("/dev/ptc",
2849 [
2850 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2851 have_dev_ptc=1
2852 ]
2853 )
2854else
2855 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2856fi
3c0ef626 2857
2858# Options from here on. Some of these are preset by platform above
3c0ef626 2859AC_ARG_WITH(mantype,
2860 [ --with-mantype=man|cat|doc Set man page type],
2861 [
2862 case "$withval" in
2863 man|cat|doc)
2864 MANTYPE=$withval
2865 ;;
2866 *)
2867 AC_MSG_ERROR(invalid man type: $withval)
2868 ;;
2869 esac
2870 ]
2871)
2872if test -z "$MANTYPE"; then
41b2f314 2873 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2874 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 2875 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2876 MANTYPE=doc
2877 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2878 MANTYPE=man
2879 else
2880 MANTYPE=cat
2881 fi
2882fi
2883AC_SUBST(MANTYPE)
2884if test "$MANTYPE" = "doc"; then
2885 mansubdir=man;
2886else
2887 mansubdir=$MANTYPE;
2888fi
2889AC_SUBST(mansubdir)
2890
2891# Check whether to enable MD5 passwords
cdd66111 2892MD5_MSG="no"
3c0ef626 2893AC_ARG_WITH(md5-passwords,
2894 [ --with-md5-passwords Enable use of MD5 passwords],
2895 [
2896 if test "x$withval" != "xno" ; then
2897 AC_DEFINE(HAVE_MD5_PASSWORDS)
cdd66111 2898 MD5_MSG="yes"
3c0ef626 2899 fi
2900 ]
2901)
2902
2903# Whether to disable shadow password support
2904AC_ARG_WITH(shadow,
2905 [ --without-shadow Disable shadow password support],
2906 [
dec6d9fe 2907 if test "x$withval" = "xno" ; then
3c0ef626 2908 AC_DEFINE(DISABLE_SHADOW)
2909 disable_shadow=yes
2910 fi
2911 ]
2912)
2913
2914if test -z "$disable_shadow" ; then
2915 AC_MSG_CHECKING([if the systems has expire shadow information])
2916 AC_TRY_COMPILE(
2917 [
2918#include <sys/types.h>
2919#include <shadow.h>
2920 struct spwd sp;
2921 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2922 [ sp_expire_available=yes ], []
2923 )
2924
2925 if test "x$sp_expire_available" = "xyes" ; then
2926 AC_MSG_RESULT(yes)
2927 AC_DEFINE(HAS_SHADOW_EXPIRE)
2928 else
2929 AC_MSG_RESULT(no)
2930 fi
2931fi
2932
2933# Use ip address instead of hostname in $DISPLAY
2934if test ! -z "$IPADDR_IN_DISPLAY" ; then
2935 DISPLAY_HACK_MSG="yes"
2936 AC_DEFINE(IPADDR_IN_DISPLAY)
2937else
cdd66111 2938 DISPLAY_HACK_MSG="no"
3c0ef626 2939 AC_ARG_WITH(ipaddr-display,
2940 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2941 [
dec6d9fe 2942 if test "x$withval" != "xno" ; then
3c0ef626 2943 AC_DEFINE(IPADDR_IN_DISPLAY)
cdd66111 2944 DISPLAY_HACK_MSG="yes"
3c0ef626 2945 fi
2946 ]
2947 )
2948fi
2949
0fff78ff 2950# check for /etc/default/login and use it if present.
acc3d05e 2951AC_ARG_ENABLE(etc-default-login,
996d5e62 2952 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
2953 [ if test "x$enableval" = "xno"; then
2954 AC_MSG_NOTICE([/etc/default/login handling disabled])
2955 etc_default_login=no
2956 else
2957 etc_default_login=yes
2958 fi ],
2959 [ etc_default_login=yes ]
2960)
0fff78ff 2961
996d5e62 2962if test "x$etc_default_login" != "xno"; then
2963 AC_CHECK_FILE("/etc/default/login",
2964 [ external_path_file=/etc/default/login ])
2965 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2966 then
2967 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2968 elif test "x$external_path_file" = "x/etc/default/login"; then
2969 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2970 fi
0fff78ff 2971fi
2972
700318f3 2973dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
dec6d9fe 2974if test $ac_cv_func_login_getcapbool = "yes" && \
2975 test $ac_cv_header_login_cap_h = "yes" ; then
0fff78ff 2976 external_path_file=/etc/login.conf
700318f3 2977fi
0fff78ff 2978
3c0ef626 2979# Whether to mess with the default path
cdd66111 2980SERVER_PATH_MSG="(default)"
3c0ef626 2981AC_ARG_WITH(default-path,
700318f3 2982 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 2983 [
0fff78ff 2984 if test "x$external_path_file" = "x/etc/login.conf" ; then
700318f3 2985 AC_MSG_WARN([
2986--with-default-path=PATH has no effect on this system.
2987Edit /etc/login.conf instead.])
dec6d9fe 2988 elif test "x$withval" != "xno" ; then
0fff78ff 2989 if test ! -z "$external_path_file" ; then
2990 AC_MSG_WARN([
2991--with-default-path=PATH will only be used if PATH is not defined in
2992$external_path_file .])
2993 fi
3c0ef626 2994 user_path="$withval"
cdd66111 2995 SERVER_PATH_MSG="$withval"
3c0ef626 2996 fi
2997 ],
0fff78ff 2998 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2999 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
700318f3 3000 else
0fff78ff 3001 if test ! -z "$external_path_file" ; then
3002 AC_MSG_WARN([
3003If PATH is defined in $external_path_file, ensure the path to scp is included,
3004otherwise scp will not work.])
3005 fi
3006 AC_TRY_RUN(
3007 [
3c0ef626 3008/* find out what STDPATH is */
3009#include <stdio.h>
3010#ifdef HAVE_PATHS_H
3011# include <paths.h>
3012#endif
3013#ifndef _PATH_STDPATH
6a9b3198 3014# ifdef _PATH_USERPATH /* Irix */
3015# define _PATH_STDPATH _PATH_USERPATH
3016# else
3017# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3018# endif
3c0ef626 3019#endif
3020#include <sys/types.h>
3021#include <sys/stat.h>
3022#include <fcntl.h>
3023#define DATA "conftest.stdpath"
3024
3025main()
3026{
3027 FILE *fd;
3028 int rc;
dec6d9fe 3029
3c0ef626 3030 fd = fopen(DATA,"w");
3031 if(fd == NULL)
3032 exit(1);
dec6d9fe 3033
3c0ef626 3034 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3035 exit(1);
3036
3037 exit(0);
3038}
3039 ], [ user_path=`cat conftest.stdpath` ],
3040 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3041 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3042 )
3043# make sure $bindir is in USER_PATH so scp will work
3044 t_bindir=`eval echo ${bindir}`
3045 case $t_bindir in
3046 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3047 esac
3048 case $t_bindir in
3049 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3050 esac
3051 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3052 if test $? -ne 0 ; then
3053 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3054 if test $? -ne 0 ; then
3055 user_path=$user_path:$t_bindir
3056 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3057 fi
3058 fi
700318f3 3059 fi ]
3060)
0fff78ff 3061if test "x$external_path_file" != "x/etc/login.conf" ; then
700318f3 3062 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
3063 AC_SUBST(user_path)
3064fi
3065
3066# Set superuser path separately to user path
700318f3 3067AC_ARG_WITH(superuser-path,
3068 [ --with-superuser-path= Specify different path for super-user],
3069 [
dec6d9fe 3070 if test -n "$withval" && test "x$withval" != "xno" && \
3071 test "x${withval}" != "xyes"; then
700318f3 3072 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
3073 superuser_path=$withval
3074 fi
3c0ef626 3075 ]
3076)
700318f3 3077
3c0ef626 3078
3c0ef626 3079AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
cdd66111 3080IPV4_IN6_HACK_MSG="no"
3c0ef626 3081AC_ARG_WITH(4in6,
3082 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3083 [
3084 if test "x$withval" != "xno" ; then
3085 AC_MSG_RESULT(yes)
3086 AC_DEFINE(IPV4_IN_IPV6)
cdd66111 3087 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3088 else
3089 AC_MSG_RESULT(no)
3090 fi
3091 ],[
3092 if test "x$inet6_default_4in6" = "xyes"; then
3093 AC_MSG_RESULT([yes (default)])
3094 AC_DEFINE(IPV4_IN_IPV6)
cdd66111 3095 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3096 else
3097 AC_MSG_RESULT([no (default)])
3098 fi
3099 ]
3100)
3101
3102# Whether to enable BSD auth support
e9a17296 3103BSD_AUTH_MSG=no
3c0ef626 3104AC_ARG_WITH(bsd-auth,
3105 [ --with-bsd-auth Enable BSD auth support],
3106 [
dec6d9fe 3107 if test "x$withval" != "xno" ; then
3c0ef626 3108 AC_DEFINE(BSD_AUTH)
e9a17296 3109 BSD_AUTH_MSG=yes
3c0ef626 3110 fi
3111 ]
3112)
3113
3c0ef626 3114# Where to place sshd.pid
3115piddir=/var/run
700318f3 3116# make sure the directory exists
dec6d9fe 3117if test ! -d $piddir ; then
700318f3 3118 piddir=`eval echo ${sysconfdir}`
3119 case $piddir in
cdd66111 3120 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
700318f3 3121 esac
3122fi
3123
3c0ef626 3124AC_ARG_WITH(pid-dir,
3125 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3126 [
dec6d9fe 3127 if test -n "$withval" && test "x$withval" != "xno" && \
3128 test "x${withval}" != "xyes"; then
3c0ef626 3129 piddir=$withval
dec6d9fe 3130 if test ! -d $piddir ; then
700318f3 3131 AC_MSG_WARN([** no $piddir directory on this system **])
3132 fi
3c0ef626 3133 fi
3134 ]
3135)
3136
3c0ef626 3137AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
3138AC_SUBST(piddir)
3139
3140dnl allow user to disable some login recording features
3141AC_ARG_ENABLE(lastlog,
3142 [ --disable-lastlog disable use of lastlog even if detected [no]],
0fff78ff 3143 [
3144 if test "x$enableval" = "xno" ; then
3145 AC_DEFINE(DISABLE_LASTLOG)
3146 fi
3147 ]
3c0ef626 3148)
3149AC_ARG_ENABLE(utmp,
3150 [ --disable-utmp disable use of utmp even if detected [no]],
0fff78ff 3151 [
3152 if test "x$enableval" = "xno" ; then
3153 AC_DEFINE(DISABLE_UTMP)
3154 fi
3155 ]
3c0ef626 3156)
3157AC_ARG_ENABLE(utmpx,
3158 [ --disable-utmpx disable use of utmpx even if detected [no]],
0fff78ff 3159 [
3160 if test "x$enableval" = "xno" ; then
3161 AC_DEFINE(DISABLE_UTMPX)
3162 fi
3163 ]
3c0ef626 3164)
3165AC_ARG_ENABLE(wtmp,
3166 [ --disable-wtmp disable use of wtmp even if detected [no]],
0fff78ff 3167 [
3168 if test "x$enableval" = "xno" ; then
3169 AC_DEFINE(DISABLE_WTMP)
3170 fi
3171 ]
3c0ef626 3172)
3173AC_ARG_ENABLE(wtmpx,
3174 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
0fff78ff 3175 [
3176 if test "x$enableval" = "xno" ; then
3177 AC_DEFINE(DISABLE_WTMPX)
3178 fi
3179 ]
3c0ef626 3180)
3181AC_ARG_ENABLE(libutil,
3182 [ --disable-libutil disable use of libutil (login() etc.) [no]],
0fff78ff 3183 [
3184 if test "x$enableval" = "xno" ; then
3185 AC_DEFINE(DISABLE_LOGIN)
3186 fi
3187 ]
3c0ef626 3188)
3189AC_ARG_ENABLE(pututline,
3190 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
0fff78ff 3191 [
3192 if test "x$enableval" = "xno" ; then
cdd66111 3193 AC_DEFINE(DISABLE_PUTUTLINE)
0fff78ff 3194 fi
3195 ]
3c0ef626 3196)
3197AC_ARG_ENABLE(pututxline,
3198 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
0fff78ff 3199 [
3200 if test "x$enableval" = "xno" ; then
3201 AC_DEFINE(DISABLE_PUTUTXLINE)
3202 fi
3203 ]
3c0ef626 3204)
3205AC_ARG_WITH(lastlog,
3206 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3207 [
dec6d9fe 3208 if test "x$withval" = "xno" ; then
3c0ef626 3209 AC_DEFINE(DISABLE_LASTLOG)
dec6d9fe 3210 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3211 conf_lastlog_location=$withval
3212 fi
3213 ]
3214)
3215
3216dnl lastlog, [uw]tmpx? detection
3217dnl NOTE: set the paths in the platform section to avoid the
3218dnl need for command-line parameters
3219dnl lastlog and [uw]tmp are subject to a file search if all else fails
3220
3221dnl lastlog detection
3222dnl NOTE: the code itself will detect if lastlog is a directory
3223AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3224AC_TRY_COMPILE([
3225#include <sys/types.h>
3226#include <utmp.h>
3227#ifdef HAVE_LASTLOG_H
3228# include <lastlog.h>
3229#endif
3230#ifdef HAVE_PATHS_H
3231# include <paths.h>
3232#endif
3233#ifdef HAVE_LOGIN_H
3234# include <login.h>
3235#endif
3236 ],
3237 [ char *lastlog = LASTLOG_FILE; ],
3238 [ AC_MSG_RESULT(yes) ],
3239 [
3240 AC_MSG_RESULT(no)
3241 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3242 AC_TRY_COMPILE([
3243#include <sys/types.h>
3244#include <utmp.h>
3245#ifdef HAVE_LASTLOG_H
3246# include <lastlog.h>
3247#endif
3248#ifdef HAVE_PATHS_H
3249# include <paths.h>
3250#endif
3251 ],
3252 [ char *lastlog = _PATH_LASTLOG; ],
3253 [ AC_MSG_RESULT(yes) ],
3254 [
3255 AC_MSG_RESULT(no)
3256 system_lastlog_path=no
3257 ])
3258 ]
3259)
3260
3261if test -z "$conf_lastlog_location"; then
3262 if test x"$system_lastlog_path" = x"no" ; then
3263 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3264 if (test -d "$f" || test -f "$f") ; then
3265 conf_lastlog_location=$f
3266 fi
3267 done
3268 if test -z "$conf_lastlog_location"; then
3269 AC_MSG_WARN([** Cannot find lastlog **])
3270 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3271 fi
3272 fi
3273fi
3274
3275if test -n "$conf_lastlog_location"; then
3276 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
dec6d9fe 3277fi
3c0ef626 3278
3279dnl utmp detection
3280AC_MSG_CHECKING([if your system defines UTMP_FILE])
3281AC_TRY_COMPILE([
3282#include <sys/types.h>
3283#include <utmp.h>
3284#ifdef HAVE_PATHS_H
3285# include <paths.h>
3286#endif
3287 ],
3288 [ char *utmp = UTMP_FILE; ],
3289 [ AC_MSG_RESULT(yes) ],
3290 [ AC_MSG_RESULT(no)
3291 system_utmp_path=no ]
3292)
3293if test -z "$conf_utmp_location"; then
3294 if test x"$system_utmp_path" = x"no" ; then
3295 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3296 if test -f $f ; then
3297 conf_utmp_location=$f
3298 fi
3299 done
3300 if test -z "$conf_utmp_location"; then
3301 AC_DEFINE(DISABLE_UTMP)
3302 fi
3303 fi
3304fi
3305if test -n "$conf_utmp_location"; then
3306 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
dec6d9fe 3307fi
3c0ef626 3308
3309dnl wtmp detection
3310AC_MSG_CHECKING([if your system defines WTMP_FILE])
3311AC_TRY_COMPILE([
3312#include <sys/types.h>
3313#include <utmp.h>
3314#ifdef HAVE_PATHS_H
3315# include <paths.h>
3316#endif
3317 ],
3318 [ char *wtmp = WTMP_FILE; ],
3319 [ AC_MSG_RESULT(yes) ],
3320 [ AC_MSG_RESULT(no)
3321 system_wtmp_path=no ]
3322)
3323if test -z "$conf_wtmp_location"; then
3324 if test x"$system_wtmp_path" = x"no" ; then
3325 for f in /usr/adm/wtmp /var/log/wtmp; do
3326 if test -f $f ; then
3327 conf_wtmp_location=$f
3328 fi
3329 done
3330 if test -z "$conf_wtmp_location"; then
3331 AC_DEFINE(DISABLE_WTMP)
3332 fi
3333 fi
3334fi
3335if test -n "$conf_wtmp_location"; then
3336 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
dec6d9fe 3337fi
3c0ef626 3338
3339
3340dnl utmpx detection - I don't know any system so perverse as to require
3341dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3342dnl there, though.
3343AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3344AC_TRY_COMPILE([
3345#include <sys/types.h>
3346#include <utmp.h>
3347#ifdef HAVE_UTMPX_H
3348#include <utmpx.h>
3349#endif
3350#ifdef HAVE_PATHS_H
3351# include <paths.h>
3352#endif
3353 ],
3354 [ char *utmpx = UTMPX_FILE; ],
3355 [ AC_MSG_RESULT(yes) ],
3356 [ AC_MSG_RESULT(no)
3357 system_utmpx_path=no ]
3358)
3359if test -z "$conf_utmpx_location"; then
3360 if test x"$system_utmpx_path" = x"no" ; then
3361 AC_DEFINE(DISABLE_UTMPX)
3362 fi
3363else
3364 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
dec6d9fe 3365fi
3c0ef626 3366
3367dnl wtmpx detection
3368AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3369AC_TRY_COMPILE([
3370#include <sys/types.h>
3371#include <utmp.h>
3372#ifdef HAVE_UTMPX_H
3373#include <utmpx.h>
3374#endif
3375#ifdef HAVE_PATHS_H
3376# include <paths.h>
3377#endif
3378 ],
3379 [ char *wtmpx = WTMPX_FILE; ],
3380 [ AC_MSG_RESULT(yes) ],
3381 [ AC_MSG_RESULT(no)
3382 system_wtmpx_path=no ]
3383)
3384if test -z "$conf_wtmpx_location"; then
3385 if test x"$system_wtmpx_path" = x"no" ; then
3386 AC_DEFINE(DISABLE_WTMPX)
3387 fi
3388else
3389 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
dec6d9fe 3390fi
3c0ef626 3391
3392
3c0ef626 3393if test ! -z "$blibpath" ; then
7e772e1f 3394 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3395 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 3396fi
3397
e9a17296 3398dnl remove pam and dl because they are in $LIBPAM
3399if test "$PAM_MSG" = yes ; then
3400 LIBS=`echo $LIBS | sed 's/-lpam //'`
3401fi
3402if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3403 LIBS=`echo $LIBS | sed 's/-ldl //'`
3404fi
3c0ef626 3405
665a873d 3406dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3407dnl Add now.
3408CFLAGS="$CFLAGS $werror_flags"
3409
e9a17296 3410AC_EXEEXT
996d5e62 3411AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3412 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 3413AC_OUTPUT
3414
3415# Print summary of options
3416
3c0ef626 3417# Someone please show me a better way :)
3418A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3419B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3420C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3421D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
3422E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
3423F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
3424G=`eval echo ${piddir}` ; G=`eval echo ${G}`
700318f3 3425H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3426I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3427J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 3428
3429echo ""
3430echo "OpenSSH has been configured with the following options:"
700318f3 3431echo " User binaries: $B"
3432echo " System binaries: $C"
3433echo " Configuration files: $D"
3434echo " Askpass program: $E"
3435echo " Manual pages: $F"
3436echo " PID file: $G"
3437echo " Privilege separation chroot path: $H"
0fff78ff 3438if test "x$external_path_file" = "x/etc/login.conf" ; then
3439echo " At runtime, sshd will use the path defined in $external_path_file"
3440echo " Make sure the path to scp is present, otherwise scp will not work"
700318f3 3441else
3442echo " sshd default user PATH: $I"
0fff78ff 3443 if test ! -z "$external_path_file"; then
3444echo " (If PATH is set in $external_path_file it will be used instead. If"
3445echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3446 fi
700318f3 3447fi
3448if test ! -z "$superuser_path" ; then
3449echo " sshd superuser user PATH: $J"
3450fi
3451echo " Manpage format: $MANTYPE"
0fff78ff 3452echo " PAM support: $PAM_MSG"
700318f3 3453echo " KerberosV support: $KRB5_MSG"
3454echo " Smartcard support: $SCARD_MSG"
700318f3 3455echo " S/KEY support: $SKEY_MSG"
3456echo " TCP Wrappers support: $TCPW_MSG"
3457echo " MD5 password support: $MD5_MSG"
996d5e62 3458echo " libedit support: $LIBEDIT_MSG"
700318f3 3459echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
700318f3 3460echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3461echo " BSD Auth support: $BSD_AUTH_MSG"
3462echo " Random number source: $RAND_MSG"
e9a17296 3463if test ! -z "$USE_RAND_HELPER" ; then
700318f3 3464echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 3465fi
3466
3467echo ""
3468
3469echo " Host: ${host}"
3470echo " Compiler: ${CC}"
3471echo " Compiler flags: ${CFLAGS}"
3472echo "Preprocessor flags: ${CPPFLAGS}"
3473echo " Linker flags: ${LDFLAGS}"
e9a17296 3474echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3c0ef626 3475
3476echo ""
3477
c9f39d2c 3478if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
996d5e62 3479 echo "SVR4 style packages are supported with \"make package\""
3480 echo ""
c9f39d2c 3481fi
3482
3c0ef626 3483if test "x$PAM_MSG" = "xyes" ; then
e9a17296 3484 echo "PAM is enabled. You may need to install a PAM control file "
3485 echo "for sshd, otherwise password authentication may fail. "
cdd66111 3486 echo "Example PAM control files can be found in the contrib/ "
e9a17296 3487 echo "subdirectory"
3c0ef626 3488 echo ""
3489fi
3490
e9a17296 3491if test ! -z "$RAND_HELPER_CMDHASH" ; then
3492 echo "WARNING: you are using the builtin random number collection "
3493 echo "service. Please read WARNING.RNG and request that your OS "
3494 echo "vendor includes kernel-based random number collection in "
3495 echo "future versions of your OS."
3c0ef626 3496 echo ""
3497fi
3498
c9f39d2c 3499if test ! -z "$NO_PEERCHECK" ; then
3500 echo "WARNING: the operating system that you are using does not "
3501 echo "appear to support either the getpeereid() API nor the "
3502 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3503 echo "enforce security checks to prevent unauthorised connections to "
3504 echo "ssh-agent. Their absence increases the risk that a malicious "
3505 echo "user can connect to your agent. "
3506 echo ""
3507fi
3508
996d5e62 3509if test "$AUDIT_MODULE" = "bsm" ; then
3510 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3511 echo "See the Solaris section in README.platform for details."
3512fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.615901 seconds and 5 git commands to generate.