]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
apply updates from OpenSSH-4.3p1-hpn11-none.patch
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
3c0ef626 18AC_CONFIG_SRCDIR([ssh.c])
19
20AC_CONFIG_HEADER(config.h)
21AC_PROG_CC
22AC_CANONICAL_HOST
23AC_C_BIGENDIAN
24
25# Checks for programs.
7cac2b65 26AC_PROG_AWK
3c0ef626 27AC_PROG_CPP
28AC_PROG_RANLIB
29AC_PROG_INSTALL
30AC_PATH_PROG(AR, ar)
7e82606e 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
3c0ef626 33AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 34AC_PATH_PROG(SED, sed)
3c0ef626 35AC_SUBST(PERL)
36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
3c0ef626 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 41AC_PATH_PROG(SH, sh)
7e82606e 42AC_SUBST(TEST_SHELL,sh)
43
44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 50if test -x /sbin/sh; then
51 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
52else
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
54fi
3c0ef626 55
56# System features
57AC_SYS_LARGEFILE
58
59if test -z "$AR" ; then
60 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
61fi
62
63# Use LOGIN_PROGRAM from environment if possible
64if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
66 [If your header files don't define LOGIN_PROGRAM,
67 then use this (detected) from environment and PATH])
3c0ef626 68else
69 # Search for login
70 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
71 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
72 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
73 fi
74fi
75
540d72c3 76AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
77if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 78 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
79 [Full path of your "passwd" program])
540d72c3 80fi
81
3c0ef626 82if test -z "$LD" ; then
83 LD=$CC
84fi
85AC_SUBST(LD)
8b32eddc 86
3c0ef626 87AC_C_INLINE
2ce0bfe4 88
89AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
90
540d72c3 91if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 92 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 93 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 94 case $GCC_VER in
95 1.*) ;;
96 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
97 2.*) ;;
08822d99 98 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
100 *) ;;
2ce0bfe4 101 esac
102
103 if test -z "$have_llong_max"; then
104 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
105 unset ac_cv_have_decl_LLONG_MAX
106 saved_CFLAGS="$CFLAGS"
107 CFLAGS="$CFLAGS -std=gnu99"
108 AC_CHECK_DECL(LLONG_MAX,
109 [have_llong_max=1],
110 [CFLAGS="$saved_CFLAGS"],
111 [#include <limits.h>]
112 )
113 fi
114fi
115
540d72c3 116AC_ARG_WITH(rpath,
117 [ --without-rpath Disable auto-added -R linker paths],
118 [
8b32eddc 119 if test "x$withval" = "xno" ; then
540d72c3 120 need_dash_r=""
121 fi
122 if test "x$withval" = "xyes" ; then
123 need_dash_r=1
124 fi
125 ]
126)
127
3c0ef626 128# Check for some target-specific stuff
129case "$host" in
130*-*-aix*)
540d72c3 131 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 132 if (test -z "$blibpath"); then
540d72c3 133 blibpath="/usr/lib:/lib"
3c0ef626 134 fi
256cb466 135 saved_LDFLAGS="$LDFLAGS"
136 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
137 if (test -z "$blibflags"); then
138 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
139 AC_TRY_LINK([], [], [blibflags=$tryflags])
140 fi
141 done
142 if (test -z "$blibflags"); then
143 AC_MSG_RESULT(not found)
144 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
145 else
146 AC_MSG_RESULT($blibflags)
147 fi
148 LDFLAGS="$saved_LDFLAGS"
7cac2b65 149 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 150 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
151 [Define if you want to enable AIX4's authenticate function])],
d03f4262 152 [AC_CHECK_LIB(s,authenticate,
153 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
154 LIBS="$LIBS -ls"
155 ])
156 ])
dfddba3d 157 dnl Check for various auth function declarations in headers.
158 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 159 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 160 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 161 AC_CHECK_DECLS(loginfailed,
7cac2b65 162 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
163 AC_TRY_COMPILE(
164 [#include <usersec.h>],
165 [(void)loginfailed("user","host","tty",0);],
166 [AC_MSG_RESULT(yes)
08822d99 167 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
168 [Define if your AIX loginfailed() function
169 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 170 [AC_MSG_RESULT(no)]
171 )],
172 [],
173 [#include <usersec.h>]
174 )
175 AC_CHECK_FUNCS(setauthdb)
dfddba3d 176 check_for_aix_broken_getaddrinfo=1
08822d99 177 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
178 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
179 [Define if your platform breaks doing a seteuid before a setuid])
180 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
181 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 182 dnl AIX handles lastlog as part of its login message
08822d99 183 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
184 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
185 [Some systems need a utmpx entry for /bin/login to work])
186 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
187 [Define to a Set Process Title type if your system is
188 supported by bsd-setproctitle.c])
189 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
190 [AIX 5.2 and 5.3 (and presumably newer) require this])
3c0ef626 191 ;;
192*-*-cygwin*)
bfe49944 193 check_for_libcrypt_later=1
e9702f7d 194 LIBS="$LIBS /usr/lib/textmode.o"
08822d99 195 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
196 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
197 AC_DEFINE(DISABLE_SHADOW, 1,
198 [Define if you want to disable shadow passwords])
199 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
200 [Define if your system choked on IP TOS setting])
201 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
202 [Define if X11 doesn't support AF_UNIX sockets on that system])
203 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
204 [Define if the concept of ports only accessible to
205 superusers isn't known])
206 AC_DEFINE(DISABLE_FD_PASSING, 1,
207 [Define if your platform needs to skip post auth
208 file descriptor passing])
3c0ef626 209 ;;
210*-*-dgux*)
211 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 212 AC_DEFINE(SETEUID_BREAKS_SETUID)
213 AC_DEFINE(BROKEN_SETREUID)
214 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 215 ;;
216*-*-darwin*)
08822d99 217 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
29d88157 218 AC_DEFINE(SETEUID_BREAKS_SETUID)
219 AC_DEFINE(BROKEN_SETREUID)
220 AC_DEFINE(BROKEN_SETREGID)
08822d99 221 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
222 [Define if your resolver libs need this for getrrsetbyname])
fe4ad273 223 AC_MSG_CHECKING(if we have the Security Authorization Session API)
224 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
225 [SessionCreate(0, 0);],
226 [ac_cv_use_security_session_api="yes"
08822d99 227 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
228 [platform has a Security Authorization Session API])
fe4ad273 229 LIBS="$LIBS -framework Security"
230 AC_MSG_RESULT(yes)],
231 [ac_cv_use_security_session_api="no"
232 AC_MSG_RESULT(no)])
233 AC_MSG_CHECKING(if we have an in-memory credentials cache)
234 AC_TRY_COMPILE(
235 [#include <Kerberos/Kerberos.h>],
236 [cc_context_t c;
237 (void) cc_initialize (&c, 0, NULL, NULL);],
08822d99 238 [AC_DEFINE(USE_CCAPI, 1,
239 [platform uses an in-memory credentials cache])
fe4ad273 240 LIBS="$LIBS -framework Security"
241 AC_MSG_RESULT(yes)
242 if test "x$ac_cv_use_security_session_api" = "xno"; then
243 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
244 fi],
245 [AC_MSG_RESULT(no)]
246 )
3c0ef626 247 ;;
2ce0bfe4 248*-*-hpux*)
249 # first we define all of the options common to all HP-UX releases
3c0ef626 250 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
251 IPADDR_IN_DISPLAY=yes
3c0ef626 252 AC_DEFINE(USE_PIPES)
08822d99 253 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
254 [Define if your login program cannot handle end of options ("--")])
350391c5 255 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 256 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
257 [String used in /etc/passwd to denote locked account])
7cac2b65 258 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 259 MAIL="/var/mail/username"
d03f4262 260 LIBS="$LIBS -lsec"
2ce0bfe4 261 AC_CHECK_LIB(xnet, t_error, ,
262 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
263
264 # next, we define all of the options specific to major releases
265 case "$host" in
266 *-*-hpux10*)
267 if test -z "$GCC"; then
268 CFLAGS="$CFLAGS -Ae"
269 fi
270 ;;
271 *-*-hpux11*)
08822d99 272 AC_DEFINE(PAM_SUN_CODEBASE, 1,
273 [Define if you are using Solaris-derived PAM which
274 passes pam_messages to the conversation function
275 with an extra level of indirection])
276 AC_DEFINE(DISABLE_UTMP, 1,
277 [Define if you don't want to use utmp])
2ce0bfe4 278 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
279 check_for_hpux_broken_getaddrinfo=1
280 check_for_conflicting_getspnam=1
281 ;;
282 esac
283
284 # lastly, we define options specific to minor releases
285 case "$host" in
286 *-*-hpux10.26)
08822d99 287 AC_DEFINE(HAVE_SECUREWARE, 1,
288 [Define if you have SecureWare-based
289 protected password database])
2ce0bfe4 290 disable_ptmx_check=yes
291 LIBS="$LIBS -lsecpw"
292 ;;
293 esac
3c0ef626 294 ;;
295*-*-irix5*)
3c0ef626 296 PATH="$PATH:/usr/etc"
08822d99 297 AC_DEFINE(BROKEN_INET_NTOA, 1,
298 [Define if you system's inet_ntoa is busted
299 (e.g. Irix gcc issue)])
540d72c3 300 AC_DEFINE(SETEUID_BREAKS_SETUID)
301 AC_DEFINE(BROKEN_SETREUID)
302 AC_DEFINE(BROKEN_SETREGID)
08822d99 303 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
304 [Define if you shouldn't strip 'tty' from your
305 ttyname in [uw]tmp])
7cac2b65 306 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 307 ;;
308*-*-irix6*)
3c0ef626 309 PATH="$PATH:/usr/etc"
08822d99 310 AC_DEFINE(WITH_IRIX_ARRAY, 1,
311 [Define if you have/want arrays
312 (cluster-wide session managment, not C arrays)])
313 AC_DEFINE(WITH_IRIX_PROJECT, 1,
314 [Define if you want IRIX project management])
315 AC_DEFINE(WITH_IRIX_AUDIT, 1,
316 [Define if you want IRIX audit trails])
317 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
318 [Define if you want IRIX kernel jobs])])
3c0ef626 319 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 320 AC_DEFINE(SETEUID_BREAKS_SETUID)
321 AC_DEFINE(BROKEN_SETREUID)
322 AC_DEFINE(BROKEN_SETREGID)
08822d99 323 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 324 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 325 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 326 ;;
327*-*-linux*)
328 no_dev_ptmx=1
329 check_for_libcrypt_later=1
7cac2b65 330 check_for_openpty_ctty_bug=1
08822d99 331 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
332 AC_DEFINE(PAM_TTY_KLUDGE, 1,
333 [Work around problematic Linux PAM modules handling of PAM_TTY])
334 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
335 [String used in /etc/passwd to denote locked account])
7cac2b65 336 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 337 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
338 [Define to whatever link() returns for "not supported"
339 if it doesn't return EOPNOTSUPP.])
dfddba3d 340 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 341 AC_DEFINE(USE_BTMP)
3c0ef626 342 inet6_default_4in6=yes
7cac2b65 343 case `uname -r` in
344 1.*|2.0.*)
08822d99 345 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
346 [Define if cmsg_type is not passed correctly])
7cac2b65 347 ;;
348 esac
08822d99 349 # tun(4) forwarding compat code
350 AC_CHECK_HEADERS(linux/if_tun.h)
351 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
352 AC_DEFINE(SSH_TUN_LINUX, 1,
353 [Open tunnel devices the Linux tun/tap way])
354 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
355 [Use tunnel device compatibility to OpenBSD])
356 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
357 [Prepend the address family to IP tunnel traffic])
358 fi
3c0ef626 359 ;;
360mips-sony-bsd|mips-sony-newsos4)
08822d99 361 AC_DEFINE(NEED_SETPRGP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 362 SONY=1
3c0ef626 363 ;;
364*-*-netbsd*)
d03f4262 365 check_for_libcrypt_before=1
8b32eddc 366 if test "x$withval" != "xno" ; then
540d72c3 367 need_dash_r=1
368 fi
08822d99 369 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
370 AC_CHECK_HEADER([net/if_tap.h], ,
371 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
372 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
373 [Prepend the address family to IP tunnel traffic])
3c0ef626 374 ;;
375*-*-freebsd*)
376 check_for_libcrypt_later=1
08822d99 377 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
378 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
379 AC_CHECK_HEADER([net/if_tap.h], ,
380 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 381 ;;
29d88157 382*-*-bsdi*)
383 AC_DEFINE(SETEUID_BREAKS_SETUID)
384 AC_DEFINE(BROKEN_SETREUID)
385 AC_DEFINE(BROKEN_SETREGID)
386 ;;
3c0ef626 387*-next-*)
388 conf_lastlog_location="/usr/adm/lastlog"
389 conf_utmp_location=/etc/utmp
390 conf_wtmp_location=/usr/adm/wtmp
391 MAIL=/usr/spool/mail
08822d99 392 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 393 AC_DEFINE(BROKEN_REALPATH)
394 AC_DEFINE(USE_PIPES)
08822d99 395 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 396 ;;
2ce0bfe4 397*-*-openbsd*)
398 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 399 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
400 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
2ce0bfe4 401 ;;
3c0ef626 402*-*-solaris*)
8b32eddc 403 if test "x$withval" != "xno" ; then
12a403af 404 need_dash_r=1
405 fi
3c0ef626 406 AC_DEFINE(PAM_SUN_CODEBASE)
407 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 408 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
409 [Some versions of /bin/login need the TERM supplied
410 on the commandline])
3c0ef626 411 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 412 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
413 [Define if pam_chauthtok wants real uid set
414 to the unpriv'ed user])
7cac2b65 415 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
416 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 417 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
418 [Define if sshd somehow reacquires a controlling TTY
419 after setsid()])
7cac2b65 420 external_path_file=/etc/default/login
3c0ef626 421 # hardwire lastlog location (can't detect it on some versions)
422 conf_lastlog_location="/var/adm/lastlog"
423 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
424 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
425 if test "$sol2ver" -ge 8; then
426 AC_MSG_RESULT(yes)
427 AC_DEFINE(DISABLE_UTMP)
08822d99 428 AC_DEFINE(DISABLE_WTMP, 1,
429 [Define if you don't want to use wtmp])
3c0ef626 430 else
431 AC_MSG_RESULT(no)
432 fi
433 ;;
434*-*-sunos4*)
435 CPPFLAGS="$CPPFLAGS -DSUNOS4"
436 AC_CHECK_FUNCS(getpwanam)
437 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 438 conf_utmp_location=/etc/utmp
439 conf_wtmp_location=/var/adm/wtmp
440 conf_lastlog_location=/var/adm/lastlog
441 AC_DEFINE(USE_PIPES)
442 ;;
443*-ncr-sysv*)
3c0ef626 444 LIBS="$LIBS -lc89"
e9702f7d 445 AC_DEFINE(USE_PIPES)
7cac2b65 446 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 447 AC_DEFINE(SETEUID_BREAKS_SETUID)
448 AC_DEFINE(BROKEN_SETREUID)
449 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 450 ;;
451*-sni-sysv*)
3c0ef626 452 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 453 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 454 # -lresolv needs to be at the end of LIBS or DNS lookups break
455 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 456 IPADDR_IN_DISPLAY=yes
457 AC_DEFINE(USE_PIPES)
458 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 459 AC_DEFINE(SETEUID_BREAKS_SETUID)
460 AC_DEFINE(BROKEN_SETREUID)
461 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 462 AC_DEFINE(SSHD_ACQUIRES_CTTY)
463 external_path_file=/etc/default/login
3c0ef626 464 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
465 # Attention: always take care to bind libsocket and libnsl before libc,
466 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
467 ;;
dfddba3d 468# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 469*-*-sysv4.2*)
08822d99 470 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
3c0ef626 471 AC_DEFINE(USE_PIPES)
7cac2b65 472 AC_DEFINE(SETEUID_BREAKS_SETUID)
473 AC_DEFINE(BROKEN_SETREUID)
474 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 475 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 476 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 477 ;;
dfddba3d 478# UnixWare 7.x, OpenUNIX 8
3c0ef626 479*-*-sysv5*)
2ce0bfe4 480 check_for_libcrypt_later=1
481 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 482 AC_DEFINE(USE_PIPES)
7cac2b65 483 AC_DEFINE(SETEUID_BREAKS_SETUID)
484 AC_DEFINE(BROKEN_SETREUID)
485 AC_DEFINE(BROKEN_SETREGID)
08822d99 486 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 487 case "$host" in
488 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
489 TEST_SHELL=/u95/bin/sh
08822d99 490 AC_DEFINE(BROKEN_LIBIAF, 1,
491 [ia_uinfo routines not supported by OS yet])
492 ;;
493 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 494 ;;
495 esac
3c0ef626 496 ;;
497*-*-sysv*)
3c0ef626 498 ;;
dfddba3d 499# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 500*-*-sco3.2v4*)
dfddba3d 501 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 502 ;;
dfddba3d 503# SCO OpenServer 5.x
3c0ef626 504*-*-sco3.2v5*)
bfe49944 505 if test -z "$GCC"; then
506 CFLAGS="$CFLAGS -belf"
507 fi
3c0ef626 508 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509 no_dev_ptmx=1
3c0ef626 510 AC_DEFINE(USE_PIPES)
350391c5 511 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 512 AC_DEFINE(DISABLE_SHADOW)
d03f4262 513 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 514 AC_DEFINE(SETEUID_BREAKS_SETUID)
515 AC_DEFINE(BROKEN_SETREUID)
516 AC_DEFINE(BROKEN_SETREGID)
517 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 518 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 519 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 520 AC_CHECK_FUNCS(getluid setluid)
521 MANTYPE=man
7e82606e 522 TEST_SHELL=ksh
3c0ef626 523 ;;
d03f4262 524*-*-unicosmk*)
08822d99 525 AC_DEFINE(NO_SSH_LASTLOG, 1,
526 [Define if you don't want to use lastlog in session.c])
540d72c3 527 AC_DEFINE(SETEUID_BREAKS_SETUID)
528 AC_DEFINE(BROKEN_SETREUID)
529 AC_DEFINE(BROKEN_SETREGID)
d03f4262 530 AC_DEFINE(USE_PIPES)
531 AC_DEFINE(DISABLE_FD_PASSING)
532 LDFLAGS="$LDFLAGS"
533 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
534 MANTYPE=cat
535 ;;
7cac2b65 536*-*-unicosmp*)
540d72c3 537 AC_DEFINE(SETEUID_BREAKS_SETUID)
538 AC_DEFINE(BROKEN_SETREUID)
539 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 540 AC_DEFINE(WITH_ABBREV_NO_TTY)
541 AC_DEFINE(USE_PIPES)
542 AC_DEFINE(DISABLE_FD_PASSING)
543 LDFLAGS="$LDFLAGS"
540d72c3 544 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 545 MANTYPE=cat
546 ;;
3c0ef626 547*-*-unicos*)
540d72c3 548 AC_DEFINE(SETEUID_BREAKS_SETUID)
549 AC_DEFINE(BROKEN_SETREUID)
550 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 551 AC_DEFINE(USE_PIPES)
d03f4262 552 AC_DEFINE(DISABLE_FD_PASSING)
553 AC_DEFINE(NO_SSH_LASTLOG)
554 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
555 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
556 MANTYPE=cat
3c0ef626 557 ;;
558*-dec-osf*)
559 AC_MSG_CHECKING(for Digital Unix SIA)
560 no_osfsia=""
561 AC_ARG_WITH(osfsia,
562 [ --with-osfsia Enable Digital Unix SIA],
563 [
564 if test "x$withval" = "xno" ; then
565 AC_MSG_RESULT(disabled)
566 no_osfsia=1
567 fi
568 ],
569 )
570 if test -z "$no_osfsia" ; then
571 if test -f /etc/sia/matrix.conf; then
572 AC_MSG_RESULT(yes)
08822d99 573 AC_DEFINE(HAVE_OSF_SIA, 1,
574 [Define if you have Digital Unix Security
575 Integration Architecture])
576 AC_DEFINE(DISABLE_LOGIN, 1,
577 [Define if you don't want to use your
578 system's login() call])
bfe49944 579 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 580 LIBS="$LIBS -lsecurity -ldb -lm -laud"
581 else
582 AC_MSG_RESULT(no)
08822d99 583 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
584 [String used in /etc/passwd to denote locked account])
3c0ef626 585 fi
586 fi
7cac2b65 587 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 588 AC_DEFINE(SETEUID_BREAKS_SETUID)
589 AC_DEFINE(BROKEN_SETREUID)
590 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 591 ;;
592
593*-*-nto-qnx)
594 AC_DEFINE(USE_PIPES)
595 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 596 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
597 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
598 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
3c0ef626 599 ;;
2ce0bfe4 600
601*-*-ultrix*)
08822d99 602 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
603 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
604 AC_DEFINE(NEED_SETPRGP)
2ce0bfe4 605 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
606 ;;
607
608*-*-lynxos)
609 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 610 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 611 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
612 ;;
3c0ef626 613esac
614
615# Allow user to specify flags
616AC_ARG_WITH(cflags,
617 [ --with-cflags Specify additional flags to pass to compiler],
618 [
8b32eddc 619 if test -n "$withval" && test "x$withval" != "xno" && \
620 test "x${withval}" != "xyes"; then
3c0ef626 621 CFLAGS="$CFLAGS $withval"
622 fi
8b32eddc 623 ]
3c0ef626 624)
625AC_ARG_WITH(cppflags,
626 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
627 [
8b32eddc 628 if test -n "$withval" && test "x$withval" != "xno" && \
629 test "x${withval}" != "xyes"; then
3c0ef626 630 CPPFLAGS="$CPPFLAGS $withval"
631 fi
632 ]
633)
634AC_ARG_WITH(ldflags,
635 [ --with-ldflags Specify additional flags to pass to linker],
636 [
8b32eddc 637 if test -n "$withval" && test "x$withval" != "xno" && \
638 test "x${withval}" != "xyes"; then
3c0ef626 639 LDFLAGS="$LDFLAGS $withval"
640 fi
8b32eddc 641 ]
3c0ef626 642)
643AC_ARG_WITH(libs,
644 [ --with-libs Specify additional libraries to link with],
645 [
8b32eddc 646 if test -n "$withval" && test "x$withval" != "xno" && \
647 test "x${withval}" != "xyes"; then
3c0ef626 648 LIBS="$LIBS $withval"
649 fi
8b32eddc 650 ]
3c0ef626 651)
2ce0bfe4 652AC_ARG_WITH(Werror,
653 [ --with-Werror Build main code with -Werror],
654 [
655 if test -n "$withval" && test "x$withval" != "xno"; then
656 werror_flags="-Werror"
08822d99 657 if test "x${withval}" != "xyes"; then
2ce0bfe4 658 werror_flags="$withval"
659 fi
660 fi
661 ]
662)
3c0ef626 663
7cac2b65 664AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 665AC_RUN_IFELSE(
666 [AC_LANG_SOURCE([
7cac2b65 667#include <stdio.h>
668int main(){exit(0);}
dfddba3d 669 ])],
7cac2b65 670 [ AC_MSG_RESULT(yes) ],
671 [
672 AC_MSG_RESULT(no)
673 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 674 ],
675 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 676)
677
2ce0bfe4 678dnl Checks for header files.
679AC_CHECK_HEADERS( \
680 bstring.h \
681 crypt.h \
682 dirent.h \
683 endian.h \
684 features.h \
685 floatingpoint.h \
686 getopt.h \
687 glob.h \
688 ia.h \
689 iaf.h \
690 lastlog.h \
691 limits.h \
692 login.h \
693 login_cap.h \
694 maillock.h \
695 ndir.h \
08822d99 696 net/if.h \
2ce0bfe4 697 netdb.h \
698 netgroup.h \
699 netinet/in_systm.h \
700 pam/pam_appl.h \
701 paths.h \
702 pty.h \
703 readpassphrase.h \
704 rpc/types.h \
705 security/pam_appl.h \
706 shadow.h \
707 stddef.h \
708 stdint.h \
709 string.h \
710 strings.h \
711 sys/audit.h \
712 sys/bitypes.h \
713 sys/bsdtty.h \
714 sys/cdefs.h \
715 sys/dir.h \
716 sys/mman.h \
717 sys/ndir.h \
718 sys/prctl.h \
719 sys/pstat.h \
720 sys/select.h \
721 sys/stat.h \
722 sys/stream.h \
723 sys/stropts.h \
724 sys/strtio.h \
725 sys/sysmacros.h \
726 sys/time.h \
727 sys/timers.h \
728 sys/un.h \
729 time.h \
730 tmpdir.h \
731 ttyent.h \
732 unistd.h \
733 usersec.h \
734 util.h \
735 utime.h \
736 utmp.h \
737 utmpx.h \
738 vis.h \
739)
e9702f7d 740
dfddba3d 741# sys/ptms.h requires sys/stream.h to be included first on Solaris
742AC_CHECK_HEADERS(sys/ptms.h, [], [], [
743#ifdef HAVE_SYS_STREAM_H
744# include <sys/stream.h>
745#endif
746])
747
3c0ef626 748# Checks for libraries.
749AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
750AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
751
7cac2b65 752dnl IRIX and Solaris 2.5.1 have dirname() in libgen
753AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
754 AC_CHECK_LIB(gen, dirname,[
755 AC_CACHE_CHECK([for broken dirname],
756 ac_cv_have_broken_dirname, [
757 save_LIBS="$LIBS"
758 LIBS="$LIBS -lgen"
08822d99 759 AC_RUN_IFELSE(
760 [AC_LANG_SOURCE([[
7cac2b65 761#include <libgen.h>
762#include <string.h>
763
764int main(int argc, char **argv) {
765 char *s, buf[32];
766
767 strncpy(buf,"/etc", 32);
768 s = dirname(buf);
769 if (!s || strncmp(s, "/", 32) != 0) {
770 exit(1);
771 } else {
772 exit(0);
773 }
774}
08822d99 775 ]])],
776 [ ac_cv_have_broken_dirname="no" ],
777 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 778 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 779 )
780 LIBS="$save_LIBS"
781 ])
782 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
783 LIBS="$LIBS -lgen"
784 AC_DEFINE(HAVE_DIRNAME)
785 AC_CHECK_HEADERS(libgen.h)
786 fi
787 ])
788])
789
3c0ef626 790AC_CHECK_FUNC(getspnam, ,
791 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 792AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
793 [Define if you have the basename function.]))
3c0ef626 794
795dnl zlib is required
796AC_ARG_WITH(zlib,
797 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 798 [ if test "x$withval" = "xno" ; then
799 AC_MSG_ERROR([*** zlib is required ***])
800 elif test "x$withval" != "xyes"; then
3c0ef626 801 if test -d "$withval/lib"; then
802 if test -n "${need_dash_r}"; then
803 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
804 else
805 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
806 fi
807 else
808 if test -n "${need_dash_r}"; then
809 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
810 else
811 LDFLAGS="-L${withval} ${LDFLAGS}"
812 fi
813 fi
814 if test -d "$withval/include"; then
815 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
816 else
817 CPPFLAGS="-I${withval} ${CPPFLAGS}"
818 fi
8b32eddc 819 fi ]
3c0ef626 820)
821
540d72c3 822AC_CHECK_LIB(z, deflate, ,
823 [
824 saved_CPPFLAGS="$CPPFLAGS"
825 saved_LDFLAGS="$LDFLAGS"
826 save_LIBS="$LIBS"
827 dnl Check default zlib install dir
828 if test -n "${need_dash_r}"; then
829 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
830 else
831 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
832 fi
833 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
834 LIBS="$LIBS -lz"
835 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
836 [
837 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
838 ]
839 )
840 ]
841)
842AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
843
844AC_ARG_WITH(zlib-version-check,
845 [ --without-zlib-version-check Disable zlib version check],
846 [ if test "x$withval" = "xno" ; then
847 zlib_check_nonfatal=1
848 fi
849 ]
850)
851
8b32eddc 852AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 853AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 854#include <stdio.h>
540d72c3 855#include <zlib.h>
856int main()
857{
8b32eddc 858 int a=0, b=0, c=0, d=0, n, v;
859 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
860 if (n != 3 && n != 4)
540d72c3 861 exit(1);
8b32eddc 862 v = a*1000000 + b*10000 + c*100 + d;
863 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
864
865 /* 1.1.4 is OK */
866 if (a == 1 && b == 1 && c >= 4)
540d72c3 867 exit(0);
8b32eddc 868
2ce0bfe4 869 /* 1.2.3 and up are OK */
870 if (v >= 1020300)
8b32eddc 871 exit(0);
872
540d72c3 873 exit(2);
874}
dfddba3d 875 ]])],
8b32eddc 876 AC_MSG_RESULT(no),
877 [ AC_MSG_RESULT(yes)
540d72c3 878 if test -z "$zlib_check_nonfatal" ; then
879 AC_MSG_ERROR([*** zlib too old - check config.log ***
880Your reported zlib version has known security problems. It's possible your
881vendor has fixed these problems without changing the version number. If you
882are sure this is the case, you can disable the check by running
883"./configure --without-zlib-version-check".
2ce0bfe4 884If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 885See http://www.gzip.org/zlib/ for details.])
540d72c3 886 else
887 AC_MSG_WARN([zlib version may have security problems])
888 fi
dfddba3d 889 ],
890 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 891)
3c0ef626 892
3c0ef626 893dnl UnixWare 2.x
540d72c3 894AC_CHECK_FUNC(strcasecmp,
3c0ef626 895 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
896)
08822d99 897AC_CHECK_FUNCS(utimes,
d03f4262 898 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
899 LIBS="$LIBS -lc89"]) ]
3c0ef626 900)
901
902dnl Checks for libutil functions
903AC_CHECK_HEADERS(libutil.h)
08822d99 904AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
905 [Define if your libraries define login()])])
3c0ef626 906AC_CHECK_FUNCS(logout updwtmp logwtmp)
907
908AC_FUNC_STRFTIME
909
3c0ef626 910# Check for ALTDIRFUNC glob() extension
911AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
912AC_EGREP_CPP(FOUNDIT,
913 [
914 #include <glob.h>
915 #ifdef GLOB_ALTDIRFUNC
916 FOUNDIT
917 #endif
540d72c3 918 ],
3c0ef626 919 [
08822d99 920 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
921 [Define if your system glob() function has
922 the GLOB_ALTDIRFUNC extension])
3c0ef626 923 AC_MSG_RESULT(yes)
924 ],
925 [
926 AC_MSG_RESULT(no)
927 ]
928)
929
930# Check for g.gl_matchc glob() extension
931AC_MSG_CHECKING(for gl_matchc field in glob_t)
932AC_EGREP_CPP(FOUNDIT,
540d72c3 933 [
934 #include <glob.h>
3c0ef626 935 int main(void){glob_t g; g.gl_matchc = 1;}
540d72c3 936 ],
937 [
08822d99 938 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
939 [Define if your system glob() function has
940 gl_matchc options in glob_t])
540d72c3 941 AC_MSG_RESULT(yes)
942 ],
943 [
944 AC_MSG_RESULT(no)
945 ]
3c0ef626 946)
947
948AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 949AC_RUN_IFELSE(
950 [AC_LANG_SOURCE([[
3c0ef626 951#include <sys/types.h>
952#include <dirent.h>
d03f4262 953int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 954 ]])],
540d72c3 955 [AC_MSG_RESULT(yes)],
3c0ef626 956 [
957 AC_MSG_RESULT(no)
08822d99 958 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
959 [Define if your struct dirent expects you to
960 allocate extra space for d_name])
dfddba3d 961 ],
8b32eddc 962 [
dfddba3d 963 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
964 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 965 ]
966)
967
1c89237d 968# Check whether the user wants GSSAPI mechglue support
969AC_ARG_WITH(mechglue,
bec32dad 970 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1c89237d 971 [
972 AC_MSG_CHECKING(for mechglue library)
bec32dad 973
974 if test -e ${withval}/libgssapi.a ; then
975 mechglue_lib=${withval}/libgssapi.a
976 elif test -e ${withval}/lib/libgssapi.a ; then
977 mechglue_lib=${withval}/lib/libgssapi.a
978 else
979 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1c89237d 980 fi
bec32dad 981 LIBS="$LIBS ${mechglue_lib}"
982 AC_MSG_RESULT(${mechglue_lib})
983
1c89237d 984 AC_CHECK_LIB(dl, dlopen, , )
985 if test $ac_cv_lib_dl_dlopen = yes; then
bec32dad 986 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1c89237d 987 fi
bec32dad 988
1c89237d 989 AC_DEFINE(GSSAPI)
08822d99 990 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
1c89237d 991 GSSAPI="mechglue"
992
1c89237d 993 ]
994)
995
996
5598e598 997# Check whether the user wants GSI (Globus) support
998gsi_path="no"
999AC_ARG_WITH(gsi,
483bcdbd 1000 [ --with-gsi Enable Globus GSI authentication support],
5598e598 1001 [
1002 gsi_path="$withval"
1003 ]
1004)
1005
1006AC_ARG_WITH(globus,
483bcdbd 1007 [ --with-globus Enable Globus GSI authentication support],
5598e598 1008 [
1009 gsi_path="$withval"
1010 ]
1011)
1012
483bcdbd 1013AC_ARG_WITH(globus-static,
1014 [ --with-globus-static Link statically with Globus GSI libraries],
1015 [
1016 gsi_static="-static"
9e6effad 1017 if test "x$gsi_path" = "xno" ; then
6e098d39 1018 gsi_path="$withval"
1019 fi
483bcdbd 1020 ]
1021)
1022
5fb9fc74 1023# Check whether the user has a Globus flavor type
1024globus_flavor_type="no"
1025AC_ARG_WITH(globus-flavor,
483bcdbd 1026 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
5fb9fc74 1027 [
1028 globus_flavor_type="$withval"
9e6effad 1029 if test "x$gsi_path" = "xno" ; then
e78b0188 1030 gsi_path="yes"
1031 fi
5fb9fc74 1032 ]
1033)
1034
5598e598 1035if test "x$gsi_path" != "xno" ; then
1036 # Globus GSSAPI configuration
22798398 1037 AC_MSG_CHECKING(for Globus GSI)
08822d99 1038 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
5598e598 1039
1c89237d 1040 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
483bcdbd 1041 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
1c89237d 1042 fi
1043 if test -z "$GSSAPI"; then
1044 AC_DEFINE(GSSAPI)
1045 GSSAPI="GSI"
1046 fi
1047
8b1f0dfd 1048 if test "x$gsi_path" = "xyes" ; then
1049 if test -z "$GLOBUS_LOCATION" ; then
483bcdbd 1050 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
8b1f0dfd 1051 else
1052 gsi_path="$GLOBUS_LOCATION"
1053 fi
1054 fi
483bcdbd 1055 GLOBUS_LOCATION="$gsi_path"
1056 export GLOBUS_LOCATION
1057 if test ! -d "$GLOBUS_LOCATION" ; then
1058 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
5598e598 1059 fi
5598e598 1060
22798398 1061 if test "x$globus_flavor_type" = "xno" ; then
1062 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1063 fi
1064 if test "x$globus_flavor_type" = "xyes" ; then
1065 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
5598e598 1066 fi
5fb9fc74 1067
22798398 1068 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
1069 if test ! -d "$GLOBUS_INCLUDE" ; then
1070 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
1071 fi
1072 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
bed23354 1073
1074 if test -x ${gsi_path}/bin/globus-makefile-header ; then
483bcdbd 1075 GSI_LIBS=`${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
bed23354 1076 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
483bcdbd 1077 GSI_LIBS=`${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
5fb9fc74 1078 else
bed23354 1079 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
22798398 1080 fi
1dca09f1 1081 if test -n "${need_dash_r}"; then
1082 GSI_LDFLAGS="-L${gsi_path}/lib -R{gsi_path}/lib"
1083 else
1084 GSI_LDFLAGS="-L${gsi_path}/lib"
1085 fi
22798398 1086 if test -z "$GSI_LIBS" ; then
bed23354 1087 AC_MSG_ERROR(globus-makefile-header failed)
5fb9fc74 1088 fi
5598e598 1089
540d72c3 1090 AC_DEFINE(HAVE_GSSAPI_H)
1091
5598e598 1092 LIBS="$LIBS $GSI_LIBS"
1093 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
1c89237d 1094 CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
22798398 1095
1096 # test that we got the libraries OK
1097 AC_TRY_LINK(
1098 [],
1099 [],
1100 [
1101 AC_MSG_RESULT(yes)
1102 ],
1103 [
1104 AC_MSG_ERROR(link with Globus libraries failed)
1105 ]
1106 )
1ca858e9 1107 INSTALL_GSISSH="yes"
1108else
1109 INSTALL_GSISSH=""
5598e598 1110fi
1ca858e9 1111AC_SUBST(INSTALL_GSISSH)
1112# End Globus/GSI section
5598e598 1113
7e82606e 1114AC_MSG_CHECKING([for /proc/pid/fd directory])
1115if test -d "/proc/$$/fd" ; then
08822d99 1116 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1117 AC_MSG_RESULT(yes)
1118else
1119 AC_MSG_RESULT(no)
1120fi
1121
3c0ef626 1122# Check whether user wants S/Key support
540d72c3 1123SKEY_MSG="no"
3c0ef626 1124AC_ARG_WITH(skey,
dfddba3d 1125 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1126 [
1127 if test "x$withval" != "xno" ; then
1128
1129 if test "x$withval" != "xyes" ; then
1130 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1131 LDFLAGS="$LDFLAGS -L${withval}/lib"
1132 fi
1133
08822d99 1134 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1135 LIBS="-lskey $LIBS"
540d72c3 1136 SKEY_MSG="yes"
8b32eddc 1137
e9702f7d 1138 AC_MSG_CHECKING([for s/key support])
08822d99 1139 AC_LINK_IFELSE(
1140 [AC_LANG_SOURCE([[
e9702f7d 1141#include <stdio.h>
1142#include <skey.h>
d03f4262 1143int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1144 ]])],
e9702f7d 1145 [AC_MSG_RESULT(yes)],
3c0ef626 1146 [
e9702f7d 1147 AC_MSG_RESULT(no)
3c0ef626 1148 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1149 ])
12a403af 1150 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1151 AC_TRY_COMPILE(
1152 [#include <stdio.h>
1153 #include <skey.h>],
1154 [(void)skeychallenge(NULL,"name","",0);],
1155 [AC_MSG_RESULT(yes)
08822d99 1156 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1157 [Define if your skeychallenge()
1158 function takes 4 arguments (NetBSD)])],
12a403af 1159 [AC_MSG_RESULT(no)]
1160 )
3c0ef626 1161 fi
1162 ]
1163)
1164
1165# Check whether user wants TCP wrappers support
1166TCPW_MSG="no"
1167AC_ARG_WITH(tcp-wrappers,
dfddba3d 1168 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1169 [
1170 if test "x$withval" != "xno" ; then
1171 saved_LIBS="$LIBS"
1172 saved_LDFLAGS="$LDFLAGS"
1173 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1174 if test -n "${withval}" && \
1175 test "x${withval}" != "xyes"; then
3c0ef626 1176 if test -d "${withval}/lib"; then
1177 if test -n "${need_dash_r}"; then
1178 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1179 else
1180 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1181 fi
1182 else
1183 if test -n "${need_dash_r}"; then
1184 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1185 else
1186 LDFLAGS="-L${withval} ${LDFLAGS}"
1187 fi
1188 fi
1189 if test -d "${withval}/include"; then
1190 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1191 else
1192 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1193 fi
1194 fi
e9702f7d 1195 LIBWRAP="-lwrap"
1196 LIBS="$LIBWRAP $LIBS"
3c0ef626 1197 AC_MSG_CHECKING(for libwrap)
1198 AC_TRY_LINK(
1199 [
12a403af 1200#include <sys/types.h>
1201#include <sys/socket.h>
1202#include <netinet/in.h>
3c0ef626 1203#include <tcpd.h>
1204 int deny_severity = 0, allow_severity = 0;
1205 ],
1206 [hosts_access(0);],
1207 [
1208 AC_MSG_RESULT(yes)
08822d99 1209 AC_DEFINE(LIBWRAP, 1,
1210 [Define if you want
1211 TCP Wrappers support])
e9702f7d 1212 AC_SUBST(LIBWRAP)
3c0ef626 1213 TCPW_MSG="yes"
1214 ],
1215 [
1216 AC_MSG_ERROR([*** libwrap missing])
1217 ]
1218 )
e9702f7d 1219 LIBS="$saved_LIBS"
3c0ef626 1220 fi
1221 ]
1222)
1223
dfddba3d 1224# Check whether user wants libedit support
1225LIBEDIT_MSG="no"
1226AC_ARG_WITH(libedit,
1227 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1228 [ if test "x$withval" != "xno" ; then
8b32eddc 1229 if test "x$withval" != "xyes"; then
08822d99 1230 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1231 if test -n "${need_dash_r}"; then
1232 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1233 else
1234 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1235 fi
8b32eddc 1236 fi
dfddba3d 1237 AC_CHECK_LIB(edit, el_init,
08822d99 1238 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1239 LIBEDIT="-ledit -lcurses"
1240 LIBEDIT_MSG="yes"
1241 AC_SUBST(LIBEDIT)
1242 ],
8b32eddc 1243 [ AC_MSG_ERROR(libedit not found) ],
1244 [ -lcurses ]
dfddba3d 1245 )
2ce0bfe4 1246 AC_MSG_CHECKING(if libedit version is compatible)
1247 AC_COMPILE_IFELSE(
1248 [AC_LANG_SOURCE([[
1249#include <histedit.h>
1250int main(void)
1251{
1252 int i = H_SETSIZE;
1253 el_init("", NULL, NULL, NULL);
1254 exit(0);
1255}
1256 ]])],
1257 [ AC_MSG_RESULT(yes) ],
1258 [ AC_MSG_RESULT(no)
1259 AC_MSG_ERROR(libedit version is not compatible) ]
1260 )
dfddba3d 1261 fi ]
1262)
1263
1264AUDIT_MODULE=none
1265AC_ARG_WITH(audit,
1266 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1267 [
1268 AC_MSG_CHECKING(for supported audit module)
1269 case "$withval" in
1270 bsm)
1271 AC_MSG_RESULT(bsm)
1272 AUDIT_MODULE=bsm
1273 dnl Checks for headers, libs and functions
1274 AC_CHECK_HEADERS(bsm/audit.h, [],
1275 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1276 AC_CHECK_LIB(bsm, getaudit, [],
1277 [AC_MSG_ERROR(BSM enabled and required library not found)])
1278 AC_CHECK_FUNCS(getaudit, [],
1279 [AC_MSG_ERROR(BSM enabled and required function not found)])
1280 # These are optional
1281 AC_CHECK_FUNCS(getaudit_addr)
08822d99 1282 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1283 ;;
1284 debug)
1285 AUDIT_MODULE=debug
1286 AC_MSG_RESULT(debug)
08822d99 1287 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1288 ;;
2ce0bfe4 1289 no)
1290 AC_MSG_RESULT(no)
1291 ;;
dfddba3d 1292 *)
1293 AC_MSG_ERROR([Unknown audit module $withval])
1294 ;;
1295 esac ]
1296)
1297
bfe49944 1298dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1299AC_CHECK_FUNCS( \
1300 arc4random \
08822d99 1301 asprintf \
2ce0bfe4 1302 b64_ntop \
1303 __b64_ntop \
1304 b64_pton \
1305 __b64_pton \
1306 bcopy \
1307 bindresvport_sa \
1308 clock \
1309 closefrom \
1310 dirfd \
1311 fchmod \
1312 fchown \
1313 freeaddrinfo \
1314 futimes \
1315 getaddrinfo \
1316 getcwd \
1317 getgrouplist \
1318 getnameinfo \
1319 getopt \
1320 getpeereid \
1321 _getpty \
1322 getrlimit \
1323 getttyent \
1324 glob \
1325 inet_aton \
1326 inet_ntoa \
1327 inet_ntop \
1328 innetgr \
1329 login_getcapbool \
1330 md5_crypt \
1331 memmove \
1332 mkdtemp \
1333 mmap \
1334 ngetaddrinfo \
1335 nsleep \
1336 ogetaddrinfo \
1337 openlog_r \
1338 openpty \
1339 prctl \
1340 pstat \
1341 readpassphrase \
1342 realpath \
1343 recvmsg \
1344 rresvport_af \
1345 sendmsg \
1346 setdtablesize \
1347 setegid \
1348 setenv \
1349 seteuid \
1350 setgroups \
1351 setlogin \
1352 setpcred \
1353 setproctitle \
1354 setregid \
1355 setreuid \
1356 setrlimit \
1357 setsid \
1358 setvbuf \
1359 sigaction \
1360 sigvec \
1361 snprintf \
1362 socketpair \
1363 strdup \
1364 strerror \
1365 strlcat \
1366 strlcpy \
1367 strmode \
1368 strnvis \
1369 strtonum \
1370 strtoll \
1371 strtoul \
1372 sysconf \
1373 tcgetpgrp \
1374 truncate \
1375 unsetenv \
1376 updwtmpx \
08822d99 1377 vasprintf \
2ce0bfe4 1378 vhangup \
1379 vsnprintf \
1380 waitpid \
bfe49944 1381)
1382
29d88157 1383# IRIX has a const char return value for gai_strerror()
1384AC_CHECK_FUNCS(gai_strerror,[
1385 AC_DEFINE(HAVE_GAI_STRERROR)
1386 AC_TRY_COMPILE([
1387#include <sys/types.h>
1388#include <sys/socket.h>
1389#include <netdb.h>
1390
1391const char *gai_strerror(int);],[
1392char *str;
1393
1394str = gai_strerror(0);],[
1395 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1396 [Define if gai_strerror() returns const char *])])])
1397
08822d99 1398AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1399 [Some systems put nanosleep outside of libc]))
bfe49944 1400
7cac2b65 1401dnl Make sure prototypes are defined for these before using them.
7cac2b65 1402AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1403AC_CHECK_DECL(strsep,
1404 [AC_CHECK_FUNCS(strsep)],
1405 [],
1406 [
1407#ifdef HAVE_STRING_H
1408# include <string.h>
1409#endif
1410 ])
3c0ef626 1411
7cac2b65 1412dnl tcsendbreak might be a macro
1413AC_CHECK_DECL(tcsendbreak,
1414 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1415 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1416 [#include <termios.h>]
1417)
3c0ef626 1418
7e82606e 1419AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1420
540d72c3 1421AC_CHECK_FUNCS(setresuid, [
1422 dnl Some platorms have setresuid that isn't implemented, test for this
1423 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1424 AC_RUN_IFELSE(
1425 [AC_LANG_SOURCE([[
540d72c3 1426#include <stdlib.h>
1427#include <errno.h>
1428int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1429 ]])],
540d72c3 1430 [AC_MSG_RESULT(yes)],
08822d99 1431 [AC_DEFINE(BROKEN_SETRESUID, 1,
1432 [Define if your setresuid() is broken])
dfddba3d 1433 AC_MSG_RESULT(not implemented)],
1434 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1435 )
1436])
1437
1438AC_CHECK_FUNCS(setresgid, [
1439 dnl Some platorms have setresgid that isn't implemented, test for this
1440 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1441 AC_RUN_IFELSE(
1442 [AC_LANG_SOURCE([[
540d72c3 1443#include <stdlib.h>
1444#include <errno.h>
1445int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1446 ]])],
540d72c3 1447 [AC_MSG_RESULT(yes)],
08822d99 1448 [AC_DEFINE(BROKEN_SETRESGID, 1,
1449 [Define if your setresgid() is broken])
dfddba3d 1450 AC_MSG_RESULT(not implemented)],
1451 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1452 )
1453])
1454
3c0ef626 1455dnl Checks for time functions
1456AC_CHECK_FUNCS(gettimeofday time)
1457dnl Checks for utmp functions
1458AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1459AC_CHECK_FUNCS(utmpname)
1460dnl Checks for utmpx functions
1461AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1462AC_CHECK_FUNCS(setutxent utmpxname)
1463
540d72c3 1464AC_CHECK_FUNC(daemon,
08822d99 1465 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1466 [AC_CHECK_LIB(bsd, daemon,
1467 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1468)
1469
540d72c3 1470AC_CHECK_FUNC(getpagesize,
08822d99 1471 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1472 [Define if your libraries define getpagesize()])],
1473 [AC_CHECK_LIB(ucb, getpagesize,
1474 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1475)
1476
1477# Check for broken snprintf
1478if test "x$ac_cv_func_snprintf" = "xyes" ; then
1479 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1480 AC_RUN_IFELSE(
1481 [AC_LANG_SOURCE([[
3c0ef626 1482#include <stdio.h>
d03f4262 1483int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1484 ]])],
540d72c3 1485 [AC_MSG_RESULT(yes)],
3c0ef626 1486 [
1487 AC_MSG_RESULT(no)
08822d99 1488 AC_DEFINE(BROKEN_SNPRINTF, 1,
1489 [Define if your snprintf is busted])
3c0ef626 1490 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1491 ],
1492 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1493 )
1494fi
1495
08822d99 1496# If we don't have a working asprintf, then we strongly depend on vsnprintf
1497# returning the right thing on overflow: the number of characters it tried to
1498# create (as per SUSv3)
1499if test "x$ac_cv_func_asprintf" != "xyes" && \
1500 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1501 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1502 AC_RUN_IFELSE(
1503 [AC_LANG_SOURCE([[
1504#include <sys/types.h>
1505#include <stdio.h>
1506#include <stdarg.h>
1507
1508int x_snprintf(char *str,size_t count,const char *fmt,...)
1509{
1510 size_t ret; va_list ap;
1511 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1512 return ret;
1513}
1514int main(void)
1515{
1516 char x[1];
1517 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1518} ]])],
1519 [AC_MSG_RESULT(yes)],
1520 [
1521 AC_MSG_RESULT(no)
1522 AC_DEFINE(BROKEN_SNPRINTF, 1,
1523 [Define if your snprintf is busted])
1524 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1525 ],
1526 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1527 )
1528fi
1529
1530# On systems where [v]snprintf is broken, but is declared in stdio,
1531# check that the fmt argument is const char * or just char *.
1532# This is only useful for when BROKEN_SNPRINTF
1533AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1534AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1535 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1536 int main(void) { snprintf(0, 0, 0); }
1537 ]])],
1538 [AC_MSG_RESULT(yes)
1539 AC_DEFINE(SNPRINTF_CONST, [const],
1540 [Define as const if snprintf() can declare const char *fmt])],
1541 [AC_MSG_RESULT(no)
1542 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1543
7e82606e 1544# Check for missing getpeereid (or equiv) support
1545NO_PEERCHECK=""
1546if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1547 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1548 AC_TRY_COMPILE(
1549 [#include <sys/types.h>
1550 #include <sys/socket.h>],
1551 [int i = SO_PEERCRED;],
8b32eddc 1552 [ AC_MSG_RESULT(yes)
08822d99 1553 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1554 ],
7e82606e 1555 [AC_MSG_RESULT(no)
1556 NO_PEERCHECK=1]
1557 )
1558fi
1559
bfe49944 1560dnl see whether mkstemp() requires XXXXXX
1561if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1562AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1563AC_RUN_IFELSE(
1564 [AC_LANG_SOURCE([[
bfe49944 1565#include <stdlib.h>
1566main() { char template[]="conftest.mkstemp-test";
1567if (mkstemp(template) == -1)
1568 exit(1);
1569unlink(template); exit(0);
1570}
08822d99 1571 ]])],
bfe49944 1572 [
1573 AC_MSG_RESULT(no)
1574 ],
540d72c3 1575 [
bfe49944 1576 AC_MSG_RESULT(yes)
08822d99 1577 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1578 ],
1579 [
1580 AC_MSG_RESULT(yes)
1581 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1582 ]
bfe49944 1583)
1584fi
1585
7cac2b65 1586dnl make sure that openpty does not reacquire controlling terminal
1587if test ! -z "$check_for_openpty_ctty_bug"; then
1588 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1589 AC_RUN_IFELSE(
1590 [AC_LANG_SOURCE([[
7cac2b65 1591#include <stdio.h>
1592#include <sys/fcntl.h>
1593#include <sys/types.h>
1594#include <sys/wait.h>
1595
1596int
1597main()
1598{
1599 pid_t pid;
1600 int fd, ptyfd, ttyfd, status;
1601
1602 pid = fork();
1603 if (pid < 0) { /* failed */
1604 exit(1);
1605 } else if (pid > 0) { /* parent */
1606 waitpid(pid, &status, 0);
540d72c3 1607 if (WIFEXITED(status))
7cac2b65 1608 exit(WEXITSTATUS(status));
1609 else
1610 exit(2);
1611 } else { /* child */
1612 close(0); close(1); close(2);
1613 setsid();
1614 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1615 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1616 if (fd >= 0)
1617 exit(3); /* Acquired ctty: broken */
1618 else
1619 exit(0); /* Did not acquire ctty: OK */
1620 }
1621}
08822d99 1622 ]])],
7cac2b65 1623 [
1624 AC_MSG_RESULT(yes)
1625 ],
1626 [
1627 AC_MSG_RESULT(no)
1628 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1629 ],
1630 [
1631 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1632 ]
1633 )
1634fi
1635
8b32eddc 1636if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1637 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1638 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1639 AC_RUN_IFELSE(
1640 [AC_LANG_SOURCE([[
12a403af 1641#include <stdio.h>
1642#include <sys/socket.h>
1643#include <netdb.h>
1644#include <errno.h>
1645#include <netinet/in.h>
1646
1647#define TEST_PORT "2222"
1648
1649int
1650main(void)
1651{
1652 int err, sock;
1653 struct addrinfo *gai_ai, *ai, hints;
1654 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1655
1656 memset(&hints, 0, sizeof(hints));
1657 hints.ai_family = PF_UNSPEC;
1658 hints.ai_socktype = SOCK_STREAM;
1659 hints.ai_flags = AI_PASSIVE;
1660
1661 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1662 if (err != 0) {
1663 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1664 exit(1);
1665 }
1666
1667 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1668 if (ai->ai_family != AF_INET6)
1669 continue;
1670
1671 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1672 sizeof(ntop), strport, sizeof(strport),
1673 NI_NUMERICHOST|NI_NUMERICSERV);
1674
1675 if (err != 0) {
1676 if (err == EAI_SYSTEM)
1677 perror("getnameinfo EAI_SYSTEM");
1678 else
1679 fprintf(stderr, "getnameinfo failed: %s\n",
1680 gai_strerror(err));
1681 exit(2);
1682 }
1683
1684 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1685 if (sock < 0)
1686 perror("socket");
1687 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1688 if (errno == EBADF)
1689 exit(3);
1690 }
1691 }
1692 exit(0);
1693}
08822d99 1694 ]])],
12a403af 1695 [
1696 AC_MSG_RESULT(yes)
1697 ],
1698 [
1699 AC_MSG_RESULT(no)
1700 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1701 ],
1702 [
1703 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1704 ]
1705 )
1706fi
1707
8b32eddc 1708if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1709 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1710 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1711 AC_RUN_IFELSE(
1712 [AC_LANG_SOURCE([[
dfddba3d 1713#include <stdio.h>
1714#include <sys/socket.h>
1715#include <netdb.h>
1716#include <errno.h>
1717#include <netinet/in.h>
1718
1719#define TEST_PORT "2222"
1720
1721int
1722main(void)
1723{
1724 int err, sock;
1725 struct addrinfo *gai_ai, *ai, hints;
1726 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1727
1728 memset(&hints, 0, sizeof(hints));
1729 hints.ai_family = PF_UNSPEC;
1730 hints.ai_socktype = SOCK_STREAM;
1731 hints.ai_flags = AI_PASSIVE;
1732
1733 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1734 if (err != 0) {
1735 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1736 exit(1);
1737 }
1738
1739 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1740 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1741 continue;
1742
1743 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1744 sizeof(ntop), strport, sizeof(strport),
1745 NI_NUMERICHOST|NI_NUMERICSERV);
1746
1747 if (ai->ai_family == AF_INET && err != 0) {
1748 perror("getnameinfo");
1749 exit(2);
1750 }
1751 }
1752 exit(0);
1753}
08822d99 1754 ]])],
dfddba3d 1755 [
1756 AC_MSG_RESULT(yes)
08822d99 1757 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1758 [Define if you have a getaddrinfo that fails
1759 for the all-zeros IPv6 address])
dfddba3d 1760 ],
1761 [
1762 AC_MSG_RESULT(no)
1763 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1764 ],
1765 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1766 ]
1767 )
1768fi
1769
1770if test "x$check_for_conflicting_getspnam" = "x1"; then
1771 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1772 AC_COMPILE_IFELSE(
1773 [
1774#include <shadow.h>
1775int main(void) {exit(0);}
1776 ],
1777 [
1778 AC_MSG_RESULT(no)
1779 ],
1780 [
1781 AC_MSG_RESULT(yes)
1782 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1783 [Conflicting defs for getspnam])
1784 ]
1785 )
1786fi
1787
3c0ef626 1788AC_FUNC_GETPGRP
1789
1790# Check for PAM libs
1791PAM_MSG="no"
1792AC_ARG_WITH(pam,
1793 [ --with-pam Enable PAM support ],
1794 [
1795 if test "x$withval" != "xno" ; then
540d72c3 1796 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1797 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
3c0ef626 1798 AC_MSG_ERROR([PAM headers not found])
1799 fi
1800
1801 AC_CHECK_LIB(dl, dlopen, , )
1802 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1803 AC_CHECK_FUNCS(pam_getenvlist)
905081a4 1804 AC_CHECK_FUNCS(pam_putenv)
3c0ef626 1805
3c0ef626 1806 PAM_MSG="yes"
1807
08822d99 1808 AC_DEFINE(USE_PAM, 1,
1809 [Define if you want to enable PAM support])
e9702f7d 1810 if test $ac_cv_lib_dl_dlopen = yes; then
1811 LIBPAM="-lpam -ldl"
1812 else
1813 LIBPAM="-lpam"
1814 fi
1815 AC_SUBST(LIBPAM)
3c0ef626 1816 fi
1817 ]
1818)
1819
1820# Check for older PAM
1821if test "x$PAM_MSG" = "xyes" ; then
1822 # Check PAM strerror arguments (old PAM)
1823 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1824 AC_TRY_COMPILE(
1825 [
1826#include <stdlib.h>
540d72c3 1827#if defined(HAVE_SECURITY_PAM_APPL_H)
3c0ef626 1828#include <security/pam_appl.h>
540d72c3 1829#elif defined (HAVE_PAM_PAM_APPL_H)
1830#include <pam/pam_appl.h>
1831#endif
1832 ],
1833 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
3c0ef626 1834 [AC_MSG_RESULT(no)],
1835 [
08822d99 1836 AC_DEFINE(HAVE_OLD_PAM, 1,
1837 [Define if you have an old version of PAM
1838 which takes only one argument to pam_strerror])
3c0ef626 1839 AC_MSG_RESULT(yes)
1840 PAM_MSG="yes (old library)"
1841 ]
1842 )
1843fi
1844
350391c5 1845# Search for OpenSSL
1846saved_CPPFLAGS="$CPPFLAGS"
1847saved_LDFLAGS="$LDFLAGS"
3c0ef626 1848AC_ARG_WITH(ssl-dir,
1849 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1850 [
1851 if test "x$withval" != "xno" ; then
dfddba3d 1852 case "$withval" in
1853 # Relative paths
1854 ./*|../*) withval="`pwd`/$withval"
1855 esac
350391c5 1856 if test -d "$withval/lib"; then
1857 if test -n "${need_dash_r}"; then
1858 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1859 else
1860 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1861 fi
1862 else
350391c5 1863 if test -n "${need_dash_r}"; then
1864 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1865 else
1866 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1867 fi
1868 fi
350391c5 1869 if test -d "$withval/include"; then
1870 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1871 else
350391c5 1872 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1873 fi
1874 fi
350391c5 1875 ]
1876)
22798398 1877if test -z "$GSI_LIBS" ; then
540d72c3 1878LIBS="-lcrypto $LIBS"
22798398 1879fi
08822d99 1880AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1881 [Define if your ssl headers are included
1882 with #include <openssl/header.h>]),
3c0ef626 1883 [
350391c5 1884 dnl Check default openssl install dir
1885 if test -n "${need_dash_r}"; then
1886 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1887 else
350391c5 1888 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1889 fi
350391c5 1890 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1891 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1892 [
1893 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1894 ]
1895 )
1896 ]
1897)
1898
d03f4262 1899# Determine OpenSSL header version
1900AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 1901AC_RUN_IFELSE(
1902 [AC_LANG_SOURCE([[
d03f4262 1903#include <stdio.h>
1904#include <string.h>
1905#include <openssl/opensslv.h>
1906#define DATA "conftest.sslincver"
1907int main(void) {
540d72c3 1908 FILE *fd;
1909 int rc;
d03f4262 1910
540d72c3 1911 fd = fopen(DATA,"w");
1912 if(fd == NULL)
1913 exit(1);
d03f4262 1914
1915 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1916 exit(1);
1917
1918 exit(0);
1919}
dfddba3d 1920 ]])],
d03f4262 1921 [
1922 ssl_header_ver=`cat conftest.sslincver`
1923 AC_MSG_RESULT($ssl_header_ver)
1924 ],
1925 [
1926 AC_MSG_RESULT(not found)
1927 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 1928 ],
1929 [
1930 AC_MSG_WARN([cross compiling: not checking])
d03f4262 1931 ]
1932)
1933
1934# Determine OpenSSL library version
1935AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 1936AC_RUN_IFELSE(
1937 [AC_LANG_SOURCE([[
d03f4262 1938#include <stdio.h>
1939#include <string.h>
1940#include <openssl/opensslv.h>
1941#include <openssl/crypto.h>
1942#define DATA "conftest.ssllibver"
1943int main(void) {
540d72c3 1944 FILE *fd;
1945 int rc;
d03f4262 1946
540d72c3 1947 fd = fopen(DATA,"w");
1948 if(fd == NULL)
1949 exit(1);
d03f4262 1950
1951 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1952 exit(1);
1953
1954 exit(0);
1955}
dfddba3d 1956 ]])],
d03f4262 1957 [
1958 ssl_library_ver=`cat conftest.ssllibver`
1959 AC_MSG_RESULT($ssl_library_ver)
1960 ],
1961 [
1962 AC_MSG_RESULT(not found)
1963 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 1964 ],
1965 [
1966 AC_MSG_WARN([cross compiling: not checking])
d03f4262 1967 ]
1968)
3c0ef626 1969
e9702f7d 1970# Sanity check OpenSSL headers
1971AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 1972AC_RUN_IFELSE(
1973 [AC_LANG_SOURCE([[
e9702f7d 1974#include <string.h>
1975#include <openssl/opensslv.h>
d03f4262 1976int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 1977 ]])],
e9702f7d 1978 [
1979 AC_MSG_RESULT(yes)
1980 ],
1981 [
1982 AC_MSG_RESULT(no)
7cac2b65 1983 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1984Check config.log for details.
1985Also see contrib/findssl.sh for help identifying header/library mismatches.])
dfddba3d 1986 ],
1987 [
1988 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 1989 ]
1990)
1991
08822d99 1992# Check for OpenSSL without EVP_aes_{192,256}_cbc
1993AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
1994AC_COMPILE_IFELSE(
1995 [AC_LANG_SOURCE([[
1996#include <string.h>
1997#include <openssl/evp.h>
1998int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL)}
1999 ]])],
2000 [
2001 AC_MSG_RESULT(no)
2002 ],
2003 [
2004 AC_MSG_RESULT(yes)
2005 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2006 [libcrypto is missing AES 192 and 256 bit functions])
2007 ]
2008)
2009
540d72c3 2010# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2011# because the system crypt() is more featureful.
2012if test "x$check_for_libcrypt_before" = "x1"; then
2013 AC_CHECK_LIB(crypt, crypt)
2014fi
2015
2016# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2017# version in OpenSSL.
7cac2b65 2018if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2019 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2020fi
2021
2ce0bfe4 2022AC_CHECK_LIB(iaf, ia_openinfo)
e9702f7d 2023
2024### Configure cryptographic random number support
2025
2026# Check wheter OpenSSL seeds itself
2027AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2028AC_RUN_IFELSE(
2029 [AC_LANG_SOURCE([[
e9702f7d 2030#include <string.h>
2031#include <openssl/rand.h>
d03f4262 2032int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2033 ]])],
e9702f7d 2034 [
2035 OPENSSL_SEEDS_ITSELF=yes
2036 AC_MSG_RESULT(yes)
2037 ],
2038 [
2039 AC_MSG_RESULT(no)
2040 # Default to use of the rand helper if OpenSSL doesn't
2041 # seed itself
2042 USE_RAND_HELPER=yes
dfddba3d 2043 ],
2044 [
2045 AC_MSG_WARN([cross compiling: assuming yes])
2046 # This is safe, since all recent OpenSSL versions will
8b32eddc 2047 # complain at runtime if not seeded correctly.
dfddba3d 2048 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2049 ]
2050)
2051
2052
2053# Do we want to force the use of the rand helper?
2054AC_ARG_WITH(rand-helper,
2055 [ --with-rand-helper Use subprocess to gather strong randomness ],
2056 [
2057 if test "x$withval" = "xno" ; then
540d72c3 2058 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2059 # the previous test showed it to be unseeded.
2060 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2061 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2062 OPENSSL_SEEDS_ITSELF=yes
2063 USE_RAND_HELPER=""
2064 fi
2065 else
2066 USE_RAND_HELPER=yes
2067 fi
2068 ],
8b32eddc 2069)
e9702f7d 2070
2071# Which randomness source do we use?
8b32eddc 2072if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2073 # OpenSSL only
08822d99 2074 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2075 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2076 RAND_MSG="OpenSSL internal ONLY"
2077 INSTALL_SSH_RAND_HELPER=""
2078elif test ! -z "$USE_RAND_HELPER" ; then
2079 # install rand helper
2080 RAND_MSG="ssh-rand-helper"
2081 INSTALL_SSH_RAND_HELPER="yes"
2082fi
2083AC_SUBST(INSTALL_SSH_RAND_HELPER)
2084
2085### Configuration of ssh-rand-helper
2086
2087# PRNGD TCP socket
2088AC_ARG_WITH(prngd-port,
2089 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2090 [
2091 case "$withval" in
2092 no)
2093 withval=""
2094 ;;
2095 [[0-9]]*)
2096 ;;
2097 *)
2098 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2099 ;;
2100 esac
2101 if test ! -z "$withval" ; then
2102 PRNGD_PORT="$withval"
08822d99 2103 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2104 [Port number of PRNGD/EGD random number socket])
e9702f7d 2105 fi
2106 ]
2107)
2108
2109# PRNGD Unix domain socket
2110AC_ARG_WITH(prngd-socket,
2111 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2112 [
2113 case "$withval" in
2114 yes)
2115 withval="/var/run/egd-pool"
2116 ;;
2117 no)
2118 withval=""
2119 ;;
2120 /*)
2121 ;;
2122 *)
2123 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2124 ;;
2125 esac
2126
2127 if test ! -z "$withval" ; then
2128 if test ! -z "$PRNGD_PORT" ; then
2129 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2130 fi
2131 if test ! -r "$withval" ; then
2132 AC_MSG_WARN(Entropy socket is not readable)
2133 fi
2134 PRNGD_SOCKET="$withval"
08822d99 2135 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2136 [Location of PRNGD/EGD random number socket])
e9702f7d 2137 fi
2138 ],
2139 [
2140 # Check for existing socket only if we don't have a random device already
2141 if test "$USE_RAND_HELPER" = yes ; then
2142 AC_MSG_CHECKING(for PRNGD/EGD socket)
2143 # Insert other locations here
2144 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2145 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2146 PRNGD_SOCKET="$sock"
2147 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2148 break;
2149 fi
2150 done
2151 if test ! -z "$PRNGD_SOCKET" ; then
2152 AC_MSG_RESULT($PRNGD_SOCKET)
2153 else
2154 AC_MSG_RESULT(not found)
2155 fi
2156 fi
2157 ]
2158)
2159
2160# Change default command timeout for hashing entropy source
2161entropy_timeout=200
2162AC_ARG_WITH(entropy-timeout,
2163 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2164 [
8b32eddc 2165 if test -n "$withval" && test "x$withval" != "xno" && \
2166 test "x${withval}" != "xyes"; then
e9702f7d 2167 entropy_timeout=$withval
2168 fi
8b32eddc 2169 ]
e9702f7d 2170)
08822d99 2171AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2172 [Builtin PRNG command timeout])
e9702f7d 2173
276b07a3 2174SSH_PRIVSEP_USER=sshd
350391c5 2175AC_ARG_WITH(privsep-user,
2176 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2177 [
8b32eddc 2178 if test -n "$withval" && test "x$withval" != "xno" && \
2179 test "x${withval}" != "xyes"; then
276b07a3 2180 SSH_PRIVSEP_USER=$withval
350391c5 2181 fi
8b32eddc 2182 ]
350391c5 2183)
08822d99 2184AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2185 [non-privileged user for privilege separation])
276b07a3 2186AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2187
2188# We do this little dance with the search path to insure
2189# that programs that we select for use by installed programs
2190# (which may be run by the super-user) come from trusted
2191# locations before they come from the user's private area.
2192# This should help avoid accidentally configuring some
2193# random version of a program in someone's personal bin.
2194
2195OPATH=$PATH
2196PATH=/bin:/usr/bin
2197test -h /bin 2> /dev/null && PATH=/usr/bin
2198test -d /sbin && PATH=$PATH:/sbin
2199test -d /usr/sbin && PATH=$PATH:/usr/sbin
2200PATH=$PATH:/etc:$OPATH
2201
540d72c3 2202# These programs are used by the command hashing source to gather entropy
e9702f7d 2203OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2204OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2205OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2206OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2207OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2208OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2209OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2210OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2211OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2212OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2213OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2214OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2215OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2216OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2217OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2218OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2219# restore PATH
2220PATH=$OPATH
e9702f7d 2221
2222# Where does ssh-rand-helper get its randomness from?
2223INSTALL_SSH_PRNG_CMDS=""
2224if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2225 if test ! -z "$PRNGD_PORT" ; then
2226 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2227 elif test ! -z "$PRNGD_SOCKET" ; then
2228 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2229 else
2230 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2231 RAND_HELPER_CMDHASH=yes
2232 INSTALL_SSH_PRNG_CMDS="yes"
2233 fi
2234fi
2235AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2236
2237
3c0ef626 2238# Cheap hack to ensure NEWS-OS libraries are arranged right.
2239if test ! -z "$SONY" ; then
2240 LIBS="$LIBS -liberty";
2241fi
2242
08822d99 2243# Check for long long datatypes
2244AC_CHECK_TYPES([long long, unsigned long long, long double])
2245
2246# Check datatype sizes
3c0ef626 2247AC_CHECK_SIZEOF(char, 1)
2248AC_CHECK_SIZEOF(short int, 2)
2249AC_CHECK_SIZEOF(int, 4)
2250AC_CHECK_SIZEOF(long int, 4)
2251AC_CHECK_SIZEOF(long long int, 8)
2252
350391c5 2253# Sanity check long long for some platforms (AIX)
2254if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2255 ac_cv_sizeof_long_long_int=0
2256fi
2257
08822d99 2258# compute LLONG_MIN and LLONG_MAX if we don't know them.
2259if test -z "$have_llong_max"; then
2260 AC_MSG_CHECKING([for max value of long long])
2261 AC_RUN_IFELSE(
2262 [AC_LANG_SOURCE([[
2263#include <stdio.h>
2264/* Why is this so damn hard? */
2265#ifdef __GNUC__
2266# undef __GNUC__
2267#endif
2268#define __USE_ISOC99
2269#include <limits.h>
2270#define DATA "conftest.llminmax"
2271int main(void) {
2272 FILE *f;
2273 long long i, llmin, llmax = 0;
2274
2275 if((f = fopen(DATA,"w")) == NULL)
2276 exit(1);
2277
2278#if defined(LLONG_MIN) && defined(LLONG_MAX)
2279 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2280 llmin = LLONG_MIN;
2281 llmax = LLONG_MAX;
2282#else
2283 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2284 /* This will work on one's complement and two's complement */
2285 for (i = 1; i > llmax; i <<= 1, i++)
2286 llmax = i;
2287 llmin = llmax + 1LL; /* wrap */
2288#endif
2289
2290 /* Sanity check */
2291 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
2292 || llmax - 1 > llmax) {
2293 fprintf(f, "unknown unknown\n");
2294 exit(2);
2295 }
2296
2297 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
2298 exit(3);
2299
2300 exit(0);
2301}
2302 ]])],
2303 [
2304 llong_min=`$AWK '{print $1}' conftest.llminmax`
2305 llong_max=`$AWK '{print $2}' conftest.llminmax`
2306
2307 # snprintf on some Tru64s doesn't understand "%lld"
2308 case "$host" in
2309 alpha-dec-osf*)
2310 if test "x$ac_cv_sizeof_long_long_int" = "x8" &&
2311 test "x$llong_max" = "xld"; then
2312 llong_min="-9223372036854775808"
2313 llong_max="9223372036854775807"
2314 fi
2315 ;;
2316 esac
2317
2318 AC_MSG_RESULT($llong_max)
2319 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2320 [max value of long long calculated by configure])
2321 AC_MSG_CHECKING([for min value of long long])
2322 AC_MSG_RESULT($llong_min)
2323 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2324 [min value of long long calculated by configure])
2325 ],
2326 [
2327 AC_MSG_RESULT(not found)
2328 ],
2329 [
2330 AC_MSG_WARN([cross compiling: not checking])
2331 ]
2332 )
2333fi
2334
2335
3c0ef626 2336# More checks for data types
2337AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2338 AC_TRY_COMPILE(
540d72c3 2339 [ #include <sys/types.h> ],
2340 [ u_int a; a = 1;],
3c0ef626 2341 [ ac_cv_have_u_int="yes" ],
2342 [ ac_cv_have_u_int="no" ]
2343 )
2344])
2345if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2346 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2347 have_u_int=1
2348fi
2349
2350AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2351 AC_TRY_COMPILE(
540d72c3 2352 [ #include <sys/types.h> ],
2353 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2354 [ ac_cv_have_intxx_t="yes" ],
2355 [ ac_cv_have_intxx_t="no" ]
2356 )
2357])
2358if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2359 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2360 have_intxx_t=1
2361fi
2362
2363if (test -z "$have_intxx_t" && \
540d72c3 2364 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2365then
2366 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2367 AC_TRY_COMPILE(
540d72c3 2368 [ #include <stdint.h> ],
2369 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2370 [
2371 AC_DEFINE(HAVE_INTXX_T)
2372 AC_MSG_RESULT(yes)
2373 ],
2374 [ AC_MSG_RESULT(no) ]
2375 )
2376fi
2377
2378AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2379 AC_TRY_COMPILE(
d03f4262 2380 [
2381#include <sys/types.h>
2382#ifdef HAVE_STDINT_H
2383# include <stdint.h>
2384#endif
2385#include <sys/socket.h>
2386#ifdef HAVE_SYS_BITYPES_H
2387# include <sys/bitypes.h>
2388#endif
540d72c3 2389 ],
2390 [ int64_t a; a = 1;],
3c0ef626 2391 [ ac_cv_have_int64_t="yes" ],
2392 [ ac_cv_have_int64_t="no" ]
2393 )
2394])
2395if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2396 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2397fi
2398
3c0ef626 2399AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2400 AC_TRY_COMPILE(
540d72c3 2401 [ #include <sys/types.h> ],
2402 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2403 [ ac_cv_have_u_intxx_t="yes" ],
2404 [ ac_cv_have_u_intxx_t="no" ]
2405 )
2406])
2407if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2408 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2409 have_u_intxx_t=1
2410fi
2411
2412if test -z "$have_u_intxx_t" ; then
2413 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2414 AC_TRY_COMPILE(
540d72c3 2415 [ #include <sys/socket.h> ],
2416 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2417 [
2418 AC_DEFINE(HAVE_U_INTXX_T)
2419 AC_MSG_RESULT(yes)
2420 ],
2421 [ AC_MSG_RESULT(no) ]
2422 )
2423fi
2424
2425AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2426 AC_TRY_COMPILE(
540d72c3 2427 [ #include <sys/types.h> ],
2428 [ u_int64_t a; a = 1;],
3c0ef626 2429 [ ac_cv_have_u_int64_t="yes" ],
2430 [ ac_cv_have_u_int64_t="no" ]
2431 )
2432])
2433if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2434 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2435 have_u_int64_t=1
2436fi
2437
e9702f7d 2438if test -z "$have_u_int64_t" ; then
2439 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2440 AC_TRY_COMPILE(
540d72c3 2441 [ #include <sys/bitypes.h> ],
e9702f7d 2442 [ u_int64_t a; a = 1],
2443 [
2444 AC_DEFINE(HAVE_U_INT64_T)
2445 AC_MSG_RESULT(yes)
2446 ],
2447 [ AC_MSG_RESULT(no) ]
2448 )
2449fi
2450
3c0ef626 2451if test -z "$have_u_intxx_t" ; then
2452 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2453 AC_TRY_COMPILE(
2454 [
2455#include <sys/types.h>
540d72c3 2456 ],
2457 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2458 [ ac_cv_have_uintxx_t="yes" ],
2459 [ ac_cv_have_uintxx_t="no" ]
2460 )
2461 ])
2462 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2463 AC_DEFINE(HAVE_UINTXX_T, 1,
2464 [define if you have uintxx_t data type])
3c0ef626 2465 fi
2466fi
2467
2468if test -z "$have_uintxx_t" ; then
2469 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2470 AC_TRY_COMPILE(
540d72c3 2471 [ #include <stdint.h> ],
2472 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2473 [
2474 AC_DEFINE(HAVE_UINTXX_T)
2475 AC_MSG_RESULT(yes)
2476 ],
2477 [ AC_MSG_RESULT(no) ]
2478 )
2479fi
2480
2481if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2482 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2483then
2484 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2485 AC_TRY_COMPILE(
2486 [
2487#include <sys/bitypes.h>
540d72c3 2488 ],
3c0ef626 2489 [
2490 int8_t a; int16_t b; int32_t c;
2491 u_int8_t e; u_int16_t f; u_int32_t g;
2492 a = b = c = e = f = g = 1;
540d72c3 2493 ],
3c0ef626 2494 [
2495 AC_DEFINE(HAVE_U_INTXX_T)
2496 AC_DEFINE(HAVE_INTXX_T)
2497 AC_MSG_RESULT(yes)
2498 ],
2499 [AC_MSG_RESULT(no)]
540d72c3 2500 )
3c0ef626 2501fi
2502
2503
2504AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2505 AC_TRY_COMPILE(
2506 [
2507#include <sys/types.h>
2508 ],
2509 [ u_char foo; foo = 125; ],
2510 [ ac_cv_have_u_char="yes" ],
2511 [ ac_cv_have_u_char="no" ]
2512 )
2513])
2514if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2515 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2516fi
2517
2518TYPE_SOCKLEN_T
2519
e9702f7d 2520AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2521
dfddba3d 2522AC_CHECK_TYPES(in_addr_t,,,
2523[#include <sys/types.h>
2524#include <netinet/in.h>])
2525
3c0ef626 2526AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2527 AC_TRY_COMPILE(
2528 [
2529#include <sys/types.h>
2530 ],
2531 [ size_t foo; foo = 1235; ],
2532 [ ac_cv_have_size_t="yes" ],
2533 [ ac_cv_have_size_t="no" ]
2534 )
2535])
2536if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2537 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2538fi
2539
2540AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2541 AC_TRY_COMPILE(
2542 [
2543#include <sys/types.h>
2544 ],
2545 [ ssize_t foo; foo = 1235; ],
2546 [ ac_cv_have_ssize_t="yes" ],
2547 [ ac_cv_have_ssize_t="no" ]
2548 )
2549])
2550if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2551 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2552fi
2553
2554AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2555 AC_TRY_COMPILE(
2556 [
2557#include <time.h>
2558 ],
2559 [ clock_t foo; foo = 1235; ],
2560 [ ac_cv_have_clock_t="yes" ],
2561 [ ac_cv_have_clock_t="no" ]
2562 )
2563])
2564if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2565 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2566fi
2567
2568AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2569 AC_TRY_COMPILE(
2570 [
2571#include <sys/types.h>
2572#include <sys/socket.h>
2573 ],
2574 [ sa_family_t foo; foo = 1235; ],
2575 [ ac_cv_have_sa_family_t="yes" ],
2576 [ AC_TRY_COMPILE(
2577 [
2578#include <sys/types.h>
2579#include <sys/socket.h>
2580#include <netinet/in.h>
2581 ],
2582 [ sa_family_t foo; foo = 1235; ],
2583 [ ac_cv_have_sa_family_t="yes" ],
2584
2585 [ ac_cv_have_sa_family_t="no" ]
2586 )]
2587 )
2588])
2589if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2590 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2591 [define if you have sa_family_t data type])
3c0ef626 2592fi
2593
2594AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2595 AC_TRY_COMPILE(
2596 [
2597#include <sys/types.h>
2598 ],
2599 [ pid_t foo; foo = 1235; ],
2600 [ ac_cv_have_pid_t="yes" ],
2601 [ ac_cv_have_pid_t="no" ]
2602 )
2603])
2604if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2605 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2606fi
2607
2608AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2609 AC_TRY_COMPILE(
2610 [
2611#include <sys/types.h>
2612 ],
2613 [ mode_t foo; foo = 1235; ],
2614 [ ac_cv_have_mode_t="yes" ],
2615 [ ac_cv_have_mode_t="no" ]
2616 )
2617])
2618if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2619 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2620fi
2621
2622
2623AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2624 AC_TRY_COMPILE(
2625 [
2626#include <sys/types.h>
2627#include <sys/socket.h>
2628 ],
2629 [ struct sockaddr_storage s; ],
2630 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2631 [ ac_cv_have_struct_sockaddr_storage="no" ]
2632 )
2633])
2634if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2635 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2636 [define if you have struct sockaddr_storage data type])
3c0ef626 2637fi
2638
2639AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2640 AC_TRY_COMPILE(
2641 [
2642#include <sys/types.h>
2643#include <netinet/in.h>
2644 ],
2645 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2646 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2647 [ ac_cv_have_struct_sockaddr_in6="no" ]
2648 )
2649])
2650if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2651 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2652 [define if you have struct sockaddr_in6 data type])
3c0ef626 2653fi
2654
2655AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2656 AC_TRY_COMPILE(
2657 [
2658#include <sys/types.h>
2659#include <netinet/in.h>
2660 ],
2661 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2662 [ ac_cv_have_struct_in6_addr="yes" ],
2663 [ ac_cv_have_struct_in6_addr="no" ]
2664 )
2665])
2666if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2667 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2668 [define if you have struct in6_addr data type])
3c0ef626 2669fi
2670
2671AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2672 AC_TRY_COMPILE(
2673 [
2674#include <sys/types.h>
2675#include <sys/socket.h>
2676#include <netdb.h>
2677 ],
2678 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2679 [ ac_cv_have_struct_addrinfo="yes" ],
2680 [ ac_cv_have_struct_addrinfo="no" ]
2681 )
2682])
2683if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2684 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2685 [define if you have struct addrinfo data type])
3c0ef626 2686fi
2687
2688AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2689 AC_TRY_COMPILE(
540d72c3 2690 [ #include <sys/time.h> ],
2691 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2692 [ ac_cv_have_struct_timeval="yes" ],
2693 [ ac_cv_have_struct_timeval="no" ]
2694 )
2695])
2696if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2697 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2698 have_struct_timeval=1
2699fi
2700
bfe49944 2701AC_CHECK_TYPES(struct timespec)
2702
2703# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2704if test "x$ac_cv_have_int64_t" = "xno" && \
2705 test "x$ac_cv_sizeof_long_int" != "x8" && \
2706 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2707 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2708 echo "an alternative compiler (I.E., GCC) before continuing."
2709 echo ""
2710 exit 1;
3c0ef626 2711else
2712dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2713 AC_RUN_IFELSE(
2714 [AC_LANG_SOURCE([[
3c0ef626 2715#include <stdio.h>
2716#include <string.h>
2717#ifdef HAVE_SNPRINTF
2718main()
2719{
2720 char buf[50];
2721 char expected_out[50];
2722 int mazsize = 50 ;
2723#if (SIZEOF_LONG_INT == 8)
2724 long int num = 0x7fffffffffffffff;
2725#else
2726 long long num = 0x7fffffffffffffffll;
2727#endif
2728 strcpy(expected_out, "9223372036854775807");
2729 snprintf(buf, mazsize, "%lld", num);
2730 if(strcmp(buf, expected_out) != 0)
540d72c3 2731 exit(1);
3c0ef626 2732 exit(0);
2733}
2734#else
2735main() { exit(0); }
2736#endif
dfddba3d 2737 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2738 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2739 )
2740fi
3c0ef626 2741
2742dnl Checks for structure members
2743OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2744OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2745OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2746OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2747OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2748OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2749OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2750OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2751OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2752OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2753OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2754OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2755OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2756OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2757OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2758OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2759OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2760
2761AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 2762AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2763 [Define if we don't have struct __res_state in resolv.h])],
2764[
2765#include <stdio.h>
2766#if HAVE_SYS_TYPES_H
2767# include <sys/types.h>
2768#endif
2769#include <netinet/in.h>
2770#include <arpa/nameser.h>
2771#include <resolv.h>
2772])
3c0ef626 2773
2774AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2775 ac_cv_have_ss_family_in_struct_ss, [
2776 AC_TRY_COMPILE(
2777 [
2778#include <sys/types.h>
2779#include <sys/socket.h>
2780 ],
2781 [ struct sockaddr_storage s; s.ss_family = 1; ],
2782 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2783 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2784 )
2785])
2786if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 2787 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2788fi
2789
2790AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2791 ac_cv_have___ss_family_in_struct_ss, [
2792 AC_TRY_COMPILE(
2793 [
2794#include <sys/types.h>
2795#include <sys/socket.h>
2796 ],
2797 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2798 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2799 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2800 )
2801])
2802if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 2803 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2804 [Fields in struct sockaddr_storage])
3c0ef626 2805fi
2806
2807AC_CACHE_CHECK([for pw_class field in struct passwd],
2808 ac_cv_have_pw_class_in_struct_passwd, [
2809 AC_TRY_COMPILE(
2810 [
2811#include <pwd.h>
2812 ],
2813 [ struct passwd p; p.pw_class = 0; ],
2814 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2815 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2816 )
2817])
2818if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 2819 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2820 [Define if your password has a pw_class field])
3c0ef626 2821fi
2822
2823AC_CACHE_CHECK([for pw_expire field in struct passwd],
2824 ac_cv_have_pw_expire_in_struct_passwd, [
2825 AC_TRY_COMPILE(
2826 [
2827#include <pwd.h>
2828 ],
2829 [ struct passwd p; p.pw_expire = 0; ],
2830 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2831 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2832 )
2833])
2834if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 2835 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2836 [Define if your password has a pw_expire field])
3c0ef626 2837fi
2838
2839AC_CACHE_CHECK([for pw_change field in struct passwd],
2840 ac_cv_have_pw_change_in_struct_passwd, [
2841 AC_TRY_COMPILE(
2842 [
2843#include <pwd.h>
2844 ],
2845 [ struct passwd p; p.pw_change = 0; ],
2846 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2847 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2848 )
2849])
2850if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 2851 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2852 [Define if your password has a pw_change field])
3c0ef626 2853fi
2854
541874c2 2855dnl make sure we're using the real structure members and not defines
350391c5 2856AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2857 ac_cv_have_accrights_in_msghdr, [
dfddba3d 2858 AC_COMPILE_IFELSE(
350391c5 2859 [
2860#include <sys/types.h>
2861#include <sys/socket.h>
2862#include <sys/uio.h>
541874c2 2863int main() {
2864#ifdef msg_accrights
dfddba3d 2865#error "msg_accrights is a macro"
541874c2 2866exit(1);
2867#endif
2868struct msghdr m;
2869m.msg_accrights = 0;
2870exit(0);
2871}
350391c5 2872 ],
350391c5 2873 [ ac_cv_have_accrights_in_msghdr="yes" ],
2874 [ ac_cv_have_accrights_in_msghdr="no" ]
2875 )
2876])
2877if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 2878 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2879 [Define if your system uses access rights style
2880 file descriptor passing])
350391c5 2881fi
2882
2883AC_CACHE_CHECK([for msg_control field in struct msghdr],
2884 ac_cv_have_control_in_msghdr, [
dfddba3d 2885 AC_COMPILE_IFELSE(
350391c5 2886 [
2887#include <sys/types.h>
2888#include <sys/socket.h>
2889#include <sys/uio.h>
541874c2 2890int main() {
2891#ifdef msg_control
dfddba3d 2892#error "msg_control is a macro"
541874c2 2893exit(1);
2894#endif
2895struct msghdr m;
2896m.msg_control = 0;
2897exit(0);
2898}
350391c5 2899 ],
350391c5 2900 [ ac_cv_have_control_in_msghdr="yes" ],
2901 [ ac_cv_have_control_in_msghdr="no" ]
2902 )
2903])
2904if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 2905 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2906 [Define if your system uses ancillary data style
2907 file descriptor passing])
350391c5 2908fi
2909
3c0ef626 2910AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 2911 AC_TRY_LINK([],
2912 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 2913 [ ac_cv_libc_defines___progname="yes" ],
2914 [ ac_cv_libc_defines___progname="no" ]
2915 )
2916])
2917if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 2918 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 2919fi
2920
350391c5 2921AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2922 AC_TRY_LINK([
2923#include <stdio.h>
540d72c3 2924],
2925 [ printf("%s", __FUNCTION__); ],
350391c5 2926 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2927 [ ac_cv_cc_implements___FUNCTION__="no" ]
2928 )
2929])
2930if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 2931 AC_DEFINE(HAVE___FUNCTION__, 1,
2932 [Define if compiler implements __FUNCTION__])
350391c5 2933fi
2934
2935AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2936 AC_TRY_LINK([
2937#include <stdio.h>
540d72c3 2938],
2939 [ printf("%s", __func__); ],
350391c5 2940 [ ac_cv_cc_implements___func__="yes" ],
2941 [ ac_cv_cc_implements___func__="no" ]
2942 )
2943])
2944if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 2945 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
2946fi
2947
2948AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2949 AC_TRY_LINK(
2950 [#include <stdarg.h>
2951 va_list x,y;],
2952 [va_copy(x,y);],
2953 [ ac_cv_have_va_copy="yes" ],
2954 [ ac_cv_have_va_copy="no" ]
2955 )
2956])
2957if test "x$ac_cv_have_va_copy" = "xyes" ; then
2958 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2959fi
2960
2961AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2962 AC_TRY_LINK(
2963 [#include <stdarg.h>
2964 va_list x,y;],
2965 [__va_copy(x,y);],
2966 [ ac_cv_have___va_copy="yes" ],
2967 [ ac_cv_have___va_copy="no" ]
2968 )
2969])
2970if test "x$ac_cv_have___va_copy" = "xyes" ; then
2971 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 2972fi
2973
3c0ef626 2974AC_CACHE_CHECK([whether getopt has optreset support],
2975 ac_cv_have_getopt_optreset, [
2976 AC_TRY_LINK(
2977 [
2978#include <getopt.h>
2979 ],
2980 [ extern int optreset; optreset = 0; ],
2981 [ ac_cv_have_getopt_optreset="yes" ],
2982 [ ac_cv_have_getopt_optreset="no" ]
2983 )
2984])
2985if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 2986 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2987 [Define if your getopt(3) defines and uses optreset])
3c0ef626 2988fi
2989
2990AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 2991 AC_TRY_LINK([],
2992 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 2993 [ ac_cv_libc_defines_sys_errlist="yes" ],
2994 [ ac_cv_libc_defines_sys_errlist="no" ]
2995 )
2996])
2997if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 2998 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2999 [Define if your system defines sys_errlist[]])
3c0ef626 3000fi
3001
3002
3003AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3004 AC_TRY_LINK([],
3005 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3006 [ ac_cv_libc_defines_sys_nerr="yes" ],
3007 [ ac_cv_libc_defines_sys_nerr="no" ]
3008 )
3009])
3010if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3011 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3012fi
3013
540d72c3 3014SCARD_MSG="no"
350391c5 3015# Check whether user wants sectok support
3016AC_ARG_WITH(sectok,
3017 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3018 [
3019 if test "x$withval" != "xno" ; then
3020 if test "x$withval" != "xyes" ; then
3021 CPPFLAGS="$CPPFLAGS -I${withval}"
3022 LDFLAGS="$LDFLAGS -L${withval}"
3023 if test ! -z "$need_dash_r" ; then
3024 LDFLAGS="$LDFLAGS -R${withval}"
3025 fi
3026 if test ! -z "$blibpath" ; then
3027 blibpath="$blibpath:${withval}"
3028 fi
3029 fi
3030 AC_CHECK_HEADERS(sectok.h)
3031 if test "$ac_cv_header_sectok_h" != yes; then
3032 AC_MSG_ERROR(Can't find sectok.h)
3033 fi
3034 AC_CHECK_LIB(sectok, sectok_open)
3035 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3036 AC_MSG_ERROR(Can't find libsectok)
3037 fi
08822d99 3038 AC_DEFINE(SMARTCARD, 1,
3039 [Define if you want smartcard support])
3040 AC_DEFINE(USE_SECTOK, 1,
3041 [Define if you want smartcard support
3042 using sectok])
540d72c3 3043 SCARD_MSG="yes, using sectok"
3c0ef626 3044 fi
3045 ]
3046)
3047
350391c5 3048# Check whether user wants OpenSC support
8b32eddc 3049OPENSC_CONFIG="no"
350391c5 3050AC_ARG_WITH(opensc,
08822d99 3051 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3052 [
3053 if test "x$withval" != "xno" ; then
3054 if test "x$withval" != "xyes" ; then
3055 OPENSC_CONFIG=$withval/bin/opensc-config
3056 else
3057 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3058 fi
3059 if test "$OPENSC_CONFIG" != "no"; then
3060 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3061 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3062 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
3063 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
3064 AC_DEFINE(SMARTCARD)
08822d99 3065 AC_DEFINE(USE_OPENSC, 1,
3066 [Define if you want smartcard support
3067 using OpenSC])
8b32eddc 3068 SCARD_MSG="yes, using OpenSC"
3069 fi
3070 fi
3071 ]
3072)
350391c5 3073
540d72c3 3074# Check libraries needed by DNS fingerprint support
3075AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3076 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3077 [Define if getrrsetbyname() exists])],
7cac2b65 3078 [
540d72c3 3079 # Needed by our getrrsetbyname()
3080 AC_SEARCH_LIBS(res_query, resolv)
3081 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3082 AC_MSG_CHECKING(if res_query will link)
3083 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3084 [AC_MSG_RESULT(no)
3085 saved_LIBS="$LIBS"
3086 LIBS="$LIBS -lresolv"
3087 AC_MSG_CHECKING(for res_query in -lresolv)
3088 AC_LINK_IFELSE([
3089#include <resolv.h>
3090int main()
3091{
3092 res_query (0, 0, 0, 0, 0);
3093 return 0;
3094}
3095 ],
3096 [LIBS="$LIBS -lresolv"
3097 AC_MSG_RESULT(yes)],
3098 [LIBS="$saved_LIBS"
3099 AC_MSG_RESULT(no)])
3100 ])
540d72c3 3101 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3102 AC_CHECK_DECLS([_getshort, _getlong], , ,
3103 [#include <sys/types.h>
3104 #include <arpa/nameser.h>])
540d72c3 3105 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3106 [AC_DEFINE(HAVE_HEADER_AD, 1,
3107 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3108 [#include <arpa/nameser.h>])
3109 ])
7cac2b65 3110
63119dd9 3111# Check whether user wants Kerberos 5 support
540d72c3 3112KRB5_MSG="no"
63119dd9 3113AC_ARG_WITH(kerberos5,
540d72c3 3114 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3115 [ if test "x$withval" != "xno" ; then
3116 if test "x$withval" = "xyes" ; then
3117 KRB5ROOT="/usr/local"
3118 else
3119 KRB5ROOT=${withval}
3120 fi
3121
08822d99 3122 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3123 KRB5_MSG="yes"
3124
3125 AC_MSG_CHECKING(for krb5-config)
3126 if test -x $KRB5ROOT/bin/krb5-config ; then
3127 KRB5CONF=$KRB5ROOT/bin/krb5-config
3128 AC_MSG_RESULT($KRB5CONF)
3129
3130 AC_MSG_CHECKING(for gssapi support)
3131 if $KRB5CONF | grep gssapi >/dev/null ; then
3132 AC_MSG_RESULT(yes)
08822d99 3133 AC_DEFINE(GSSAPI, 1,
3134 [Define this if you want GSSAPI
3135 support in the version 2 protocol])
540d72c3 3136 k5confopts=gssapi
3137 else
3138 AC_MSG_RESULT(no)
3139 k5confopts=""
3140 fi
3141 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3142 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3143 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3144 AC_MSG_CHECKING(whether we are using Heimdal)
3145 AC_TRY_COMPILE([ #include <krb5.h> ],
3146 [ char *tmp = heimdal_version; ],
3147 [ AC_MSG_RESULT(yes)
08822d99 3148 AC_DEFINE(HEIMDAL, 1,
3149 [Define this if you are using the
3150 Heimdal version of Kerberos V5]) ],
540d72c3 3151 AC_MSG_RESULT(no)
3152 )
3153 else
3154 AC_MSG_RESULT(no)
63119dd9 3155 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3156 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3157 AC_MSG_CHECKING(whether we are using Heimdal)
3158 AC_TRY_COMPILE([ #include <krb5.h> ],
3159 [ char *tmp = heimdal_version; ],
3160 [ AC_MSG_RESULT(yes)
3161 AC_DEFINE(HEIMDAL)
7e82606e 3162 K5LIBS="-lkrb5 -ldes"
3163 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3164 AC_CHECK_LIB(roken, net_write,
7e82606e 3165 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3166 ],
3167 [ AC_MSG_RESULT(no)
3168 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3169 ]
3170 )
7cac2b65 3171 AC_SEARCH_LIBS(dn_expand, resolv)
3172
3173 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3174 [ AC_DEFINE(GSSAPI)
3175 K5LIBS="-lgssapi $K5LIBS" ],
3176 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3177 [ AC_DEFINE(GSSAPI)
540d72c3 3178 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3179 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3180 $K5LIBS)
3181 ],
3182 $K5LIBS)
8b32eddc 3183
7cac2b65 3184 AC_CHECK_HEADER(gssapi.h, ,
3185 [ unset ac_cv_header_gssapi_h
540d72c3 3186 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3187 AC_CHECK_HEADERS(gssapi.h, ,
3188 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3189 )
7cac2b65 3190 ]
3191 )
3192
3193 oldCPP="$CPPFLAGS"
3194 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3195 AC_CHECK_HEADER(gssapi_krb5.h, ,
3196 [ CPPFLAGS="$oldCPP" ])
63119dd9 3197
1c89237d 3198 # If we're using some other GSSAPI
3199 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3200 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3201 fi
5598e598 3202
540d72c3 3203 if test -z "$GSSAPI"; then
3204 GSSAPI="KRB5";
3205 fi
1c89237d 3206
5598e598 3207 oldCPP="$CPPFLAGS"
3208 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3209 AC_CHECK_HEADER(gssapi_krb5.h, ,
3210 [ CPPFLAGS="$oldCPP" ])
3211
63119dd9 3212 fi
540d72c3 3213 if test ! -z "$need_dash_r" ; then
3214 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3215 fi
3216 if test ! -z "$blibpath" ; then
3217 blibpath="$blibpath:${KRB5ROOT}/lib"
3218 fi
540d72c3 3219
08822d99 3220 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3221 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3222 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3223
08822d99 3224 LIBS="$LIBS $K5LIBS"
3225 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3226 [Define this if you want to use libkafs' AFS support]))
3227 fi
540d72c3 3228 ]
63119dd9 3229)
3c0ef626 3230
62eb343a 3231# Check whether user wants AFS_KRB5 support
3232AFS_KRB5_MSG="no"
3233AC_ARG_WITH(afs-krb5,
3234 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3235 [
3236 if test "x$withval" != "xno" ; then
3237
3238 if test "x$withval" != "xyes" ; then
08822d99 3239 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3240 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3241 else
08822d99 3242 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3243 "/usr/bin/aklog",
3244 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3245 fi
3246
540d72c3 3247 if test -z "$KRB5ROOT" ; then
62eb343a 3248 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3249 fi
3250
0a00e8f9 3251 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3252 if test ! -z "$AFS_LIBS" ; then
3253 LIBS="$LIBS $AFS_LIBS"
3254 fi
08822d99 3255 AC_DEFINE(AFS_KRB5, 1,
3256 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3257 AFS_KRB5_MSG="yes"
3258 fi
3259 ]
3260)
3c0ef626 3261
75be3237 3262AC_ARG_WITH(session-hooks,
3263 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3264 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3265)
3266
3c0ef626 3267# Looking for programs, paths and files
3c0ef626 3268
350391c5 3269PRIVSEP_PATH=/var/empty
3270AC_ARG_WITH(privsep-path,
d03f4262 3271 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3272 [
8b32eddc 3273 if test -n "$withval" && test "x$withval" != "xno" && \
3274 test "x${withval}" != "xyes"; then
350391c5 3275 PRIVSEP_PATH=$withval
3276 fi
3277 ]
3278)
3279AC_SUBST(PRIVSEP_PATH)
3280
3c0ef626 3281AC_ARG_WITH(xauth,
3282 [ --with-xauth=PATH Specify path to xauth program ],
3283 [
8b32eddc 3284 if test -n "$withval" && test "x$withval" != "xno" && \
3285 test "x${withval}" != "xyes"; then
3c0ef626 3286 xauth_path=$withval
3287 fi
3288 ],
3289 [
d03f4262 3290 TestPath="$PATH"
3291 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3292 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3293 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3294 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3295 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3296 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3297 xauth_path="/usr/openwin/bin/xauth"
3298 fi
3299 ]
3300)
3301
bfe49944 3302STRIP_OPT=-s
3303AC_ARG_ENABLE(strip,
3304 [ --disable-strip Disable calling strip(1) on install],
3305 [
3306 if test "x$enableval" = "xno" ; then
3307 STRIP_OPT=
3308 fi
3309 ]
3310)
3311AC_SUBST(STRIP_OPT)
3312
3c0ef626 3313if test -z "$xauth_path" ; then
3314 XAUTH_PATH="undefined"
3315 AC_SUBST(XAUTH_PATH)
3316else
08822d99 3317 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3318 [Define if xauth is found in your path])
3c0ef626 3319 XAUTH_PATH=$xauth_path
3320 AC_SUBST(XAUTH_PATH)
3321fi
3c0ef626 3322
3323# Check for mail directory (last resort if we cannot get it from headers)
3324if test ! -z "$MAIL" ; then
3325 maildir=`dirname $MAIL`
08822d99 3326 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3327 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3328fi
3329
dfddba3d 3330if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3331 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3332 disable_ptmx_check=yes
3333fi
3c0ef626 3334if test -z "$no_dev_ptmx" ; then
350391c5 3335 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3336 AC_CHECK_FILE("/dev/ptmx",
350391c5 3337 [
08822d99 3338 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3339 [Define if you have /dev/ptmx])
350391c5 3340 have_dev_ptmx=1
3341 ]
3342 )
3343 fi
3c0ef626 3344fi
dfddba3d 3345
3346if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3347 AC_CHECK_FILE("/dev/ptc",
3348 [
08822d99 3349 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3350 [Define if you have /dev/ptc])
dfddba3d 3351 have_dev_ptc=1
3352 ]
3353 )
3354else
3355 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3356fi
3c0ef626 3357
3358# Options from here on. Some of these are preset by platform above
3c0ef626 3359AC_ARG_WITH(mantype,
3360 [ --with-mantype=man|cat|doc Set man page type],
3361 [
3362 case "$withval" in
3363 man|cat|doc)
3364 MANTYPE=$withval
3365 ;;
3366 *)
3367 AC_MSG_ERROR(invalid man type: $withval)
3368 ;;
3369 esac
3370 ]
3371)
3372if test -z "$MANTYPE"; then
d03f4262 3373 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3374 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3375 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3376 MANTYPE=doc
3377 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3378 MANTYPE=man
3379 else
3380 MANTYPE=cat
3381 fi
3382fi
3383AC_SUBST(MANTYPE)
3384if test "$MANTYPE" = "doc"; then
3385 mansubdir=man;
3386else
3387 mansubdir=$MANTYPE;
3388fi
3389AC_SUBST(mansubdir)
3390
3391# Check whether to enable MD5 passwords
540d72c3 3392MD5_MSG="no"
3c0ef626 3393AC_ARG_WITH(md5-passwords,
3394 [ --with-md5-passwords Enable use of MD5 passwords],
3395 [
3396 if test "x$withval" != "xno" ; then
08822d99 3397 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3398 [Define if you want to allow MD5 passwords])
540d72c3 3399 MD5_MSG="yes"
3c0ef626 3400 fi
3401 ]
3402)
3403
3404# Whether to disable shadow password support
3405AC_ARG_WITH(shadow,
3406 [ --without-shadow Disable shadow password support],
3407 [
8b32eddc 3408 if test "x$withval" = "xno" ; then
3c0ef626 3409 AC_DEFINE(DISABLE_SHADOW)
3410 disable_shadow=yes
3411 fi
3412 ]
3413)
3414
3415if test -z "$disable_shadow" ; then
3416 AC_MSG_CHECKING([if the systems has expire shadow information])
3417 AC_TRY_COMPILE(
3418 [
3419#include <sys/types.h>
3420#include <shadow.h>
3421 struct spwd sp;
3422 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3423 [ sp_expire_available=yes ], []
3424 )
3425
3426 if test "x$sp_expire_available" = "xyes" ; then
3427 AC_MSG_RESULT(yes)
08822d99 3428 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3429 [Define if you want to use shadow password expire field])
3c0ef626 3430 else
3431 AC_MSG_RESULT(no)
3432 fi
3433fi
3434
3435# Use ip address instead of hostname in $DISPLAY
3436if test ! -z "$IPADDR_IN_DISPLAY" ; then
3437 DISPLAY_HACK_MSG="yes"
08822d99 3438 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3439 [Define if you need to use IP address
3440 instead of hostname in $DISPLAY])
3c0ef626 3441else
540d72c3 3442 DISPLAY_HACK_MSG="no"
3c0ef626 3443 AC_ARG_WITH(ipaddr-display,
3444 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3445 [
8b32eddc 3446 if test "x$withval" != "xno" ; then
3c0ef626 3447 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3448 DISPLAY_HACK_MSG="yes"
3c0ef626 3449 fi
3450 ]
3451 )
3452fi
3453
7cac2b65 3454# check for /etc/default/login and use it if present.
29d88157 3455AC_ARG_ENABLE(etc-default-login,
dfddba3d 3456 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3457 [ if test "x$enableval" = "xno"; then
3458 AC_MSG_NOTICE([/etc/default/login handling disabled])
3459 etc_default_login=no
3460 else
3461 etc_default_login=yes
3462 fi ],
08822d99 3463 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3464 then
3465 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3466 etc_default_login=no
3467 else
3468 etc_default_login=yes
3469 fi ]
dfddba3d 3470)
3471
3472if test "x$etc_default_login" != "xno"; then
3473 AC_CHECK_FILE("/etc/default/login",
3474 [ external_path_file=/etc/default/login ])
08822d99 3475 if test "x$external_path_file" = "x/etc/default/login"; then
3476 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3477 [Define if your system has /etc/default/login])
dfddba3d 3478 fi
7cac2b65 3479fi
3480
350391c5 3481dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3482if test $ac_cv_func_login_getcapbool = "yes" && \
3483 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3484 external_path_file=/etc/login.conf
350391c5 3485fi
7cac2b65 3486
3c0ef626 3487# Whether to mess with the default path
540d72c3 3488SERVER_PATH_MSG="(default)"
3c0ef626 3489AC_ARG_WITH(default-path,
350391c5 3490 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3491 [
7cac2b65 3492 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3493 AC_MSG_WARN([
3494--with-default-path=PATH has no effect on this system.
3495Edit /etc/login.conf instead.])
8b32eddc 3496 elif test "x$withval" != "xno" ; then
7cac2b65 3497 if test ! -z "$external_path_file" ; then
3498 AC_MSG_WARN([
3499--with-default-path=PATH will only be used if PATH is not defined in
3500$external_path_file .])
3501 fi
3c0ef626 3502 user_path="$withval"
540d72c3 3503 SERVER_PATH_MSG="$withval"
3c0ef626 3504 fi
3505 ],
7cac2b65 3506 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3507 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3508 else
7cac2b65 3509 if test ! -z "$external_path_file" ; then
3510 AC_MSG_WARN([
3511If PATH is defined in $external_path_file, ensure the path to scp is included,
3512otherwise scp will not work.])
3513 fi
08822d99 3514 AC_RUN_IFELSE(
3515 [AC_LANG_SOURCE([[
3c0ef626 3516/* find out what STDPATH is */
3517#include <stdio.h>
3518#ifdef HAVE_PATHS_H
3519# include <paths.h>
3520#endif
3521#ifndef _PATH_STDPATH
bfe49944 3522# ifdef _PATH_USERPATH /* Irix */
3523# define _PATH_STDPATH _PATH_USERPATH
3524# else
3525# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3526# endif
3c0ef626 3527#endif
3528#include <sys/types.h>
3529#include <sys/stat.h>
3530#include <fcntl.h>
3531#define DATA "conftest.stdpath"
3532
3533main()
3534{
3535 FILE *fd;
3536 int rc;
8b32eddc 3537
3c0ef626 3538 fd = fopen(DATA,"w");
3539 if(fd == NULL)
3540 exit(1);
8b32eddc 3541
3c0ef626 3542 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3543 exit(1);
3544
3545 exit(0);
3546}
08822d99 3547 ]])],
3548 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3549 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3550 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3551 )
3552# make sure $bindir is in USER_PATH so scp will work
3553 t_bindir=`eval echo ${bindir}`
3554 case $t_bindir in
3555 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3556 esac
3557 case $t_bindir in
3558 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3559 esac
3560 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3561 if test $? -ne 0 ; then
3562 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3563 if test $? -ne 0 ; then
3564 user_path=$user_path:$t_bindir
3565 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3566 fi
3567 fi
350391c5 3568 fi ]
3569)
7cac2b65 3570if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3571 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3572 AC_SUBST(user_path)
3573fi
3574
3575# Set superuser path separately to user path
350391c5 3576AC_ARG_WITH(superuser-path,
3577 [ --with-superuser-path= Specify different path for super-user],
3578 [
8b32eddc 3579 if test -n "$withval" && test "x$withval" != "xno" && \
3580 test "x${withval}" != "xyes"; then
08822d99 3581 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3582 [Define if you want a different $PATH
3583 for the superuser])
350391c5 3584 superuser_path=$withval
3585 fi
3c0ef626 3586 ]
3587)
350391c5 3588
3c0ef626 3589
3c0ef626 3590AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3591IPV4_IN6_HACK_MSG="no"
3c0ef626 3592AC_ARG_WITH(4in6,
3593 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3594 [
3595 if test "x$withval" != "xno" ; then
3596 AC_MSG_RESULT(yes)
08822d99 3597 AC_DEFINE(IPV4_IN_IPV6, 1,
3598 [Detect IPv4 in IPv6 mapped addresses
3599 and treat as IPv4])
540d72c3 3600 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3601 else
3602 AC_MSG_RESULT(no)
3603 fi
3604 ],[
3605 if test "x$inet6_default_4in6" = "xyes"; then
3606 AC_MSG_RESULT([yes (default)])
3607 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3608 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3609 else
3610 AC_MSG_RESULT([no (default)])
3611 fi
3612 ]
3613)
3614
3615# Whether to enable BSD auth support
e9702f7d 3616BSD_AUTH_MSG=no
3c0ef626 3617AC_ARG_WITH(bsd-auth,
3618 [ --with-bsd-auth Enable BSD auth support],
3619 [
8b32eddc 3620 if test "x$withval" != "xno" ; then
08822d99 3621 AC_DEFINE(BSD_AUTH, 1,
3622 [Define if you have BSD auth support])
e9702f7d 3623 BSD_AUTH_MSG=yes
3c0ef626 3624 fi
3625 ]
3626)
3627
3c0ef626 3628# Where to place sshd.pid
3629piddir=/var/run
350391c5 3630# make sure the directory exists
8b32eddc 3631if test ! -d $piddir ; then
350391c5 3632 piddir=`eval echo ${sysconfdir}`
3633 case $piddir in
540d72c3 3634 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3635 esac
3636fi
3637
3c0ef626 3638AC_ARG_WITH(pid-dir,
3639 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3640 [
8b32eddc 3641 if test -n "$withval" && test "x$withval" != "xno" && \
3642 test "x${withval}" != "xyes"; then
3c0ef626 3643 piddir=$withval
8b32eddc 3644 if test ! -d $piddir ; then
350391c5 3645 AC_MSG_WARN([** no $piddir directory on this system **])
3646 fi
3c0ef626 3647 fi
3648 ]
3649)
3650
08822d99 3651AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3652AC_SUBST(piddir)
3653
3654dnl allow user to disable some login recording features
3655AC_ARG_ENABLE(lastlog,
3656 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3657 [
3658 if test "x$enableval" = "xno" ; then
3659 AC_DEFINE(DISABLE_LASTLOG)
3660 fi
3661 ]
3c0ef626 3662)
3663AC_ARG_ENABLE(utmp,
3664 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 3665 [
3666 if test "x$enableval" = "xno" ; then
3667 AC_DEFINE(DISABLE_UTMP)
3668 fi
3669 ]
3c0ef626 3670)
3671AC_ARG_ENABLE(utmpx,
3672 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 3673 [
3674 if test "x$enableval" = "xno" ; then
08822d99 3675 AC_DEFINE(DISABLE_UTMPX, 1,
3676 [Define if you don't want to use utmpx])
7cac2b65 3677 fi
3678 ]
3c0ef626 3679)
3680AC_ARG_ENABLE(wtmp,
3681 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 3682 [
3683 if test "x$enableval" = "xno" ; then
3684 AC_DEFINE(DISABLE_WTMP)
3685 fi
3686 ]
3c0ef626 3687)
3688AC_ARG_ENABLE(wtmpx,
3689 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 3690 [
3691 if test "x$enableval" = "xno" ; then
08822d99 3692 AC_DEFINE(DISABLE_WTMPX, 1,
3693 [Define if you don't want to use wtmpx])
7cac2b65 3694 fi
3695 ]
3c0ef626 3696)
3697AC_ARG_ENABLE(libutil,
3698 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 3699 [
3700 if test "x$enableval" = "xno" ; then
3701 AC_DEFINE(DISABLE_LOGIN)
3702 fi
3703 ]
3c0ef626 3704)
3705AC_ARG_ENABLE(pututline,
3706 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 3707 [
3708 if test "x$enableval" = "xno" ; then
08822d99 3709 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3710 [Define if you don't want to use pututline()
3711 etc. to write [uw]tmp])
7cac2b65 3712 fi
3713 ]
3c0ef626 3714)
3715AC_ARG_ENABLE(pututxline,
3716 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 3717 [
3718 if test "x$enableval" = "xno" ; then
08822d99 3719 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3720 [Define if you don't want to use pututxline()
3721 etc. to write [uw]tmpx])
7cac2b65 3722 fi
3723 ]
3c0ef626 3724)
3725AC_ARG_WITH(lastlog,
3726 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3727 [
8b32eddc 3728 if test "x$withval" = "xno" ; then
3c0ef626 3729 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 3730 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3731 conf_lastlog_location=$withval
3732 fi
3733 ]
3734)
3735
3736dnl lastlog, [uw]tmpx? detection
3737dnl NOTE: set the paths in the platform section to avoid the
3738dnl need for command-line parameters
3739dnl lastlog and [uw]tmp are subject to a file search if all else fails
3740
3741dnl lastlog detection
3742dnl NOTE: the code itself will detect if lastlog is a directory
3743AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3744AC_TRY_COMPILE([
3745#include <sys/types.h>
3746#include <utmp.h>
3747#ifdef HAVE_LASTLOG_H
3748# include <lastlog.h>
3749#endif
3750#ifdef HAVE_PATHS_H
3751# include <paths.h>
3752#endif
3753#ifdef HAVE_LOGIN_H
3754# include <login.h>
3755#endif
3756 ],
3757 [ char *lastlog = LASTLOG_FILE; ],
3758 [ AC_MSG_RESULT(yes) ],
3759 [
3760 AC_MSG_RESULT(no)
3761 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3762 AC_TRY_COMPILE([
3763#include <sys/types.h>
3764#include <utmp.h>
3765#ifdef HAVE_LASTLOG_H
3766# include <lastlog.h>
3767#endif
3768#ifdef HAVE_PATHS_H
3769# include <paths.h>
3770#endif
3771 ],
3772 [ char *lastlog = _PATH_LASTLOG; ],
3773 [ AC_MSG_RESULT(yes) ],
3774 [
3775 AC_MSG_RESULT(no)
3776 system_lastlog_path=no
3777 ])
3778 ]
3779)
3780
3781if test -z "$conf_lastlog_location"; then
3782 if test x"$system_lastlog_path" = x"no" ; then
3783 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3784 if (test -d "$f" || test -f "$f") ; then
3785 conf_lastlog_location=$f
3786 fi
3787 done
3788 if test -z "$conf_lastlog_location"; then
3789 AC_MSG_WARN([** Cannot find lastlog **])
3790 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3791 fi
3792 fi
3793fi
3794
3795if test -n "$conf_lastlog_location"; then
08822d99 3796 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3797 [Define if you want to specify the path to your lastlog file])
8b32eddc 3798fi
3c0ef626 3799
3800dnl utmp detection
3801AC_MSG_CHECKING([if your system defines UTMP_FILE])
3802AC_TRY_COMPILE([
3803#include <sys/types.h>
3804#include <utmp.h>
3805#ifdef HAVE_PATHS_H
3806# include <paths.h>
3807#endif
3808 ],
3809 [ char *utmp = UTMP_FILE; ],
3810 [ AC_MSG_RESULT(yes) ],
3811 [ AC_MSG_RESULT(no)
3812 system_utmp_path=no ]
3813)
3814if test -z "$conf_utmp_location"; then
3815 if test x"$system_utmp_path" = x"no" ; then
3816 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3817 if test -f $f ; then
3818 conf_utmp_location=$f
3819 fi
3820 done
3821 if test -z "$conf_utmp_location"; then
3822 AC_DEFINE(DISABLE_UTMP)
3823 fi
3824 fi
3825fi
3826if test -n "$conf_utmp_location"; then
08822d99 3827 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3828 [Define if you want to specify the path to your utmp file])
8b32eddc 3829fi
3c0ef626 3830
3831dnl wtmp detection
3832AC_MSG_CHECKING([if your system defines WTMP_FILE])
3833AC_TRY_COMPILE([
3834#include <sys/types.h>
3835#include <utmp.h>
3836#ifdef HAVE_PATHS_H
3837# include <paths.h>
3838#endif
3839 ],
3840 [ char *wtmp = WTMP_FILE; ],
3841 [ AC_MSG_RESULT(yes) ],
3842 [ AC_MSG_RESULT(no)
3843 system_wtmp_path=no ]
3844)
3845if test -z "$conf_wtmp_location"; then
3846 if test x"$system_wtmp_path" = x"no" ; then
3847 for f in /usr/adm/wtmp /var/log/wtmp; do
3848 if test -f $f ; then
3849 conf_wtmp_location=$f
3850 fi
3851 done
3852 if test -z "$conf_wtmp_location"; then
3853 AC_DEFINE(DISABLE_WTMP)
3854 fi
3855 fi
3856fi
3857if test -n "$conf_wtmp_location"; then
08822d99 3858 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3859 [Define if you want to specify the path to your wtmp file])
8b32eddc 3860fi
3c0ef626 3861
3862
3863dnl utmpx detection - I don't know any system so perverse as to require
3864dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3865dnl there, though.
3866AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3867AC_TRY_COMPILE([
3868#include <sys/types.h>
3869#include <utmp.h>
3870#ifdef HAVE_UTMPX_H
3871#include <utmpx.h>
3872#endif
3873#ifdef HAVE_PATHS_H
3874# include <paths.h>
3875#endif
3876 ],
3877 [ char *utmpx = UTMPX_FILE; ],
3878 [ AC_MSG_RESULT(yes) ],
3879 [ AC_MSG_RESULT(no)
3880 system_utmpx_path=no ]
3881)
3882if test -z "$conf_utmpx_location"; then
3883 if test x"$system_utmpx_path" = x"no" ; then
3884 AC_DEFINE(DISABLE_UTMPX)
3885 fi
3886else
08822d99 3887 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3888 [Define if you want to specify the path to your utmpx file])
8b32eddc 3889fi
3c0ef626 3890
3891dnl wtmpx detection
3892AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3893AC_TRY_COMPILE([
3894#include <sys/types.h>
3895#include <utmp.h>
3896#ifdef HAVE_UTMPX_H
3897#include <utmpx.h>
3898#endif
3899#ifdef HAVE_PATHS_H
3900# include <paths.h>
3901#endif
3902 ],
3903 [ char *wtmpx = WTMPX_FILE; ],
3904 [ AC_MSG_RESULT(yes) ],
3905 [ AC_MSG_RESULT(no)
3906 system_wtmpx_path=no ]
3907)
3908if test -z "$conf_wtmpx_location"; then
3909 if test x"$system_wtmpx_path" = x"no" ; then
3910 AC_DEFINE(DISABLE_WTMPX)
3911 fi
3912else
08822d99 3913 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3914 [Define if you want to specify the path to your wtmpx file])
8b32eddc 3915fi
3c0ef626 3916
3917
3c0ef626 3918if test ! -z "$blibpath" ; then
256cb466 3919 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3920 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 3921fi
3922
e9702f7d 3923dnl remove pam and dl because they are in $LIBPAM
3924if test "$PAM_MSG" = yes ; then
3925 LIBS=`echo $LIBS | sed 's/-lpam //'`
3926fi
3927if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3928 LIBS=`echo $LIBS | sed 's/-ldl //'`
3929fi
3c0ef626 3930
2ce0bfe4 3931dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3932dnl Add now.
3933CFLAGS="$CFLAGS $werror_flags"
3934
e9702f7d 3935AC_EXEEXT
dfddba3d 3936AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3937 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 3938AC_OUTPUT
3939
3940# Print summary of options
3941
3c0ef626 3942# Someone please show me a better way :)
3943A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3944B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3945C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3946D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
3947E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
3948F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
3949G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 3950H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3951I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3952J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 3953
3954echo ""
3955echo "OpenSSH has been configured with the following options:"
350391c5 3956echo " User binaries: $B"
3957echo " System binaries: $C"
3958echo " Configuration files: $D"
3959echo " Askpass program: $E"
3960echo " Manual pages: $F"
3961echo " PID file: $G"
3962echo " Privilege separation chroot path: $H"
7cac2b65 3963if test "x$external_path_file" = "x/etc/login.conf" ; then
3964echo " At runtime, sshd will use the path defined in $external_path_file"
3965echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 3966else
3967echo " sshd default user PATH: $I"
7cac2b65 3968 if test ! -z "$external_path_file"; then
3969echo " (If PATH is set in $external_path_file it will be used instead. If"
3970echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3971 fi
350391c5 3972fi
3973if test ! -z "$superuser_path" ; then
3974echo " sshd superuser user PATH: $J"
3975fi
3976echo " Manpage format: $MANTYPE"
7cac2b65 3977echo " PAM support: $PAM_MSG"
350391c5 3978echo " KerberosV support: $KRB5_MSG"
3979echo " Smartcard support: $SCARD_MSG"
350391c5 3980echo " S/KEY support: $SKEY_MSG"
3981echo " TCP Wrappers support: $TCPW_MSG"
3982echo " MD5 password support: $MD5_MSG"
dfddba3d 3983echo " libedit support: $LIBEDIT_MSG"
350391c5 3984echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 3985echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3986echo " BSD Auth support: $BSD_AUTH_MSG"
3987echo " Random number source: $RAND_MSG"
e9702f7d 3988if test ! -z "$USE_RAND_HELPER" ; then
350391c5 3989echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 3990fi
3991
3992echo ""
3993
3994echo " Host: ${host}"
3995echo " Compiler: ${CC}"
3996echo " Compiler flags: ${CFLAGS}"
3997echo "Preprocessor flags: ${CPPFLAGS}"
3998echo " Linker flags: ${LDFLAGS}"
e9702f7d 3999echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3c0ef626 4000
4001echo ""
4002
7e82606e 4003if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4004 echo "SVR4 style packages are supported with \"make package\""
4005 echo ""
7e82606e 4006fi
4007
3c0ef626 4008if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4009 echo "PAM is enabled. You may need to install a PAM control file "
4010 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4011 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4012 echo "subdirectory"
3c0ef626 4013 echo ""
4014fi
4015
e9702f7d 4016if test ! -z "$RAND_HELPER_CMDHASH" ; then
4017 echo "WARNING: you are using the builtin random number collection "
4018 echo "service. Please read WARNING.RNG and request that your OS "
4019 echo "vendor includes kernel-based random number collection in "
4020 echo "future versions of your OS."
3c0ef626 4021 echo ""
4022fi
4023
7e82606e 4024if test ! -z "$NO_PEERCHECK" ; then
4025 echo "WARNING: the operating system that you are using does not "
4026 echo "appear to support either the getpeereid() API nor the "
4027 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
4028 echo "enforce security checks to prevent unauthorised connections to "
4029 echo "ssh-agent. Their absence increases the risk that a malicious "
4030 echo "user can connect to your agent. "
4031 echo ""
4032fi
4033
dfddba3d 4034if test "$AUDIT_MODULE" = "bsm" ; then
4035 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4036 echo "See the Solaris section in README.platform for details."
4037fi
git-cvsimport mirror of GSI OpenSSH
This page took 2.387664 seconds and 5 git commands to generate.