]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix typo. http://bugzilla.ncsa.uiuc.edu/show_bug.cgi?id=374
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
2a304a95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
34fee935 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
e00da40d 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
70791e56 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
e00da40d 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
1b56ff3d 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
1c14df9e 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
2980ea68 43AC_PATH_PROG(SH, sh)
1b56ff3d 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
e00da40d 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
e00da40d 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
416fd2a8 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
e00da40d 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
416fd2a8 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
34fee935 88
3c0ef626 89AC_C_INLINE
34fee935 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
416fd2a8 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
fec930e5 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith"
e00da40d 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
34fee935 96 case $GCC_VER in
25d429a2 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
e00da40d 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
34fee935 106 esac
107
108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
119fi
120
25d429a2 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
416fd2a8 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
34fee935 128 if test "x$withval" = "xno" ; then
416fd2a8 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
2e437378 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
25d429a2 208 poll.h \
2e437378 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
226 sys/prctl.h \
227 sys/pstat.h \
228 sys/select.h \
229 sys/stat.h \
230 sys/stream.h \
231 sys/stropts.h \
232 sys/strtio.h \
233 sys/sysmacros.h \
234 sys/time.h \
235 sys/timers.h \
236 sys/un.h \
237 time.h \
238 tmpdir.h \
239 ttyent.h \
25d429a2 240 ucred.h \
2e437378 241 unistd.h \
242 usersec.h \
243 util.h \
244 utime.h \
245 utmp.h \
246 utmpx.h \
247 vis.h \
248)
249
250# lastlog.h requires sys/time.h to be included first on Solaris
251AC_CHECK_HEADERS(lastlog.h, [], [], [
252#ifdef HAVE_SYS_TIME_H
253# include <sys/time.h>
254#endif
255])
256
257# sys/ptms.h requires sys/stream.h to be included first on Solaris
258AC_CHECK_HEADERS(sys/ptms.h, [], [], [
259#ifdef HAVE_SYS_STREAM_H
260# include <sys/stream.h>
261#endif
262])
263
264# login_cap.h requires sys/types.h on NetBSD
265AC_CHECK_HEADERS(login_cap.h, [], [], [
266#include <sys/types.h>
267])
268
269# Messages for features tested for in target-specific section
270SIA_MSG="no"
271SPC_MSG="no"
272
3c0ef626 273# Check for some target-specific stuff
274case "$host" in
275*-*-aix*)
2e437378 276 # Some versions of VAC won't allow macro redefinitions at
277 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
278 # particularly with older versions of vac or xlc.
279 # It also throws errors about null macro argments, but these are
280 # not fatal.
281 AC_MSG_CHECKING(if compiler allows macro redefinitions)
282 AC_COMPILE_IFELSE(
283 [AC_LANG_SOURCE([[
284#define testmacro foo
285#define testmacro bar
286int main(void) { exit(0); }
287 ]])],
288 [ AC_MSG_RESULT(yes) ],
289 [ AC_MSG_RESULT(no)
290 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
291 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
292 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
293 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 ]
295 )
296
416fd2a8 297 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
8bb69cbe 298 if (test -z "$blibpath"); then
416fd2a8 299 blibpath="/usr/lib:/lib"
3c0ef626 300 fi
8bb69cbe 301 saved_LDFLAGS="$LDFLAGS"
2e437378 302 if test "$GCC" = "yes"; then
303 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
304 else
305 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
306 fi
307 for tryflags in $flags ;do
8bb69cbe 308 if (test -z "$blibflags"); then
309 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
310 AC_TRY_LINK([], [], [blibflags=$tryflags])
311 fi
312 done
313 if (test -z "$blibflags"); then
314 AC_MSG_RESULT(not found)
315 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
316 else
317 AC_MSG_RESULT($blibflags)
318 fi
319 LDFLAGS="$saved_LDFLAGS"
70791e56 320 dnl Check for authenticate. Might be in libs.a on older AIXes
e00da40d 321 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
322 [Define if you want to enable AIX4's authenticate function])],
e54b3d7c 323 [AC_CHECK_LIB(s,authenticate,
324 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
325 LIBS="$LIBS -ls"
326 ])
327 ])
34fee935 328 dnl Check for various auth function declarations in headers.
329 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
330 passwdexpired, setauthdb], , , [#include <usersec.h>])
70791e56 331 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
34fee935 332 AC_CHECK_DECLS(loginfailed,
70791e56 333 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
334 AC_TRY_COMPILE(
335 [#include <usersec.h>],
336 [(void)loginfailed("user","host","tty",0);],
337 [AC_MSG_RESULT(yes)
e00da40d 338 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
339 [Define if your AIX loginfailed() function
340 takes 4 arguments (AIX >= 5.2)])],
70791e56 341 [AC_MSG_RESULT(no)]
342 )],
343 [],
344 [#include <usersec.h>]
345 )
346 AC_CHECK_FUNCS(setauthdb)
2e437378 347 AC_CHECK_DECL(F_CLOSEM,
348 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
349 [],
350 [ #include <limits.h>
351 #include <fcntl.h> ]
352 )
34fee935 353 check_for_aix_broken_getaddrinfo=1
e00da40d 354 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
355 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
356 [Define if your platform breaks doing a seteuid before a setuid])
357 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
358 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 359 dnl AIX handles lastlog as part of its login message
e00da40d 360 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
361 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
362 [Some systems need a utmpx entry for /bin/login to work])
363 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
364 [Define to a Set Process Title type if your system is
365 supported by bsd-setproctitle.c])
366 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
367 [AIX 5.2 and 5.3 (and presumably newer) require this])
2e437378 368 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 369 ;;
370*-*-cygwin*)
1c14df9e 371 check_for_libcrypt_later=1
2278ffa1 372 LIBS="$LIBS /usr/lib/textreadmode.o"
e00da40d 373 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
374 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
375 AC_DEFINE(DISABLE_SHADOW, 1,
376 [Define if you want to disable shadow passwords])
377 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
378 [Define if your system choked on IP TOS setting])
379 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
380 [Define if X11 doesn't support AF_UNIX sockets on that system])
381 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
382 [Define if the concept of ports only accessible to
383 superusers isn't known])
384 AC_DEFINE(DISABLE_FD_PASSING, 1,
385 [Define if your platform needs to skip post auth
386 file descriptor passing])
3c0ef626 387 ;;
388*-*-dgux*)
389 AC_DEFINE(IP_TOS_IS_BROKEN)
416fd2a8 390 AC_DEFINE(SETEUID_BREAKS_SETUID)
391 AC_DEFINE(BROKEN_SETREUID)
392 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 393 ;;
394*-*-darwin*)
2278ffa1 395 AC_DEFINE(BROKEN_GETADDRINFO, 1, [Define if getaddrinfo is broken)])
396 AC_DEFINE(BROKEN_GETADDRINFO)
70791e56 397 AC_DEFINE(SETEUID_BREAKS_SETUID)
398 AC_DEFINE(BROKEN_SETREUID)
399 AC_DEFINE(BROKEN_SETREGID)
e00da40d 400 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
401 [Define if your resolver libs need this for getrrsetbyname])
2e437378 402 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
403 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
404 [Use tunnel device compatibility to OpenBSD])
405 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
406 [Prepend the address family to IP tunnel traffic])
407 AC_MSG_CHECKING(if we have the Security Authorization Session API)
408 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
409 [SessionCreate(0, 0);],
410 [ac_cv_use_security_session_api="yes"
411 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
e00da40d 412 [platform has the Security Authorization Session API])
2e437378 413 LIBS="$LIBS -framework Security"
414 AC_MSG_RESULT(yes)],
415 [ac_cv_use_security_session_api="no"
416 AC_MSG_RESULT(no)])
417 AC_MSG_CHECKING(if we have an in-memory credentials cache)
418 AC_TRY_COMPILE(
419 [#include <Kerberos/Kerberos.h>],
420 [cc_context_t c;
421 (void) cc_initialize (&c, 0, NULL, NULL);],
422 [AC_DEFINE(USE_CCAPI, 1,
e00da40d 423 [platform uses an in-memory credentials cache])
2e437378 424 LIBS="$LIBS -framework Security"
425 AC_MSG_RESULT(yes)
426 if test "x$ac_cv_use_security_session_api" = "xno"; then
427 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
428 fi],
429 [AC_MSG_RESULT(no)]
430 )
431 ;;
432*-*-dragonfly*)
433 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 434 ;;
34fee935 435*-*-hpux*)
436 # first we define all of the options common to all HP-UX releases
3c0ef626 437 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
438 IPADDR_IN_DISPLAY=yes
3c0ef626 439 AC_DEFINE(USE_PIPES)
e00da40d 440 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
441 [Define if your login program cannot handle end of options ("--")])
2980ea68 442 AC_DEFINE(LOGIN_NEEDS_UTMPX)
e00da40d 443 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
444 [String used in /etc/passwd to denote locked account])
70791e56 445 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
e00da40d 446 MAIL="/var/mail/username"
e54b3d7c 447 LIBS="$LIBS -lsec"
34fee935 448 AC_CHECK_LIB(xnet, t_error, ,
449 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
450
451 # next, we define all of the options specific to major releases
452 case "$host" in
453 *-*-hpux10*)
454 if test -z "$GCC"; then
455 CFLAGS="$CFLAGS -Ae"
456 fi
457 ;;
458 *-*-hpux11*)
e00da40d 459 AC_DEFINE(PAM_SUN_CODEBASE, 1,
460 [Define if you are using Solaris-derived PAM which
461 passes pam_messages to the conversation function
462 with an extra level of indirection])
463 AC_DEFINE(DISABLE_UTMP, 1,
464 [Define if you don't want to use utmp])
34fee935 465 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
466 check_for_hpux_broken_getaddrinfo=1
467 check_for_conflicting_getspnam=1
468 ;;
469 esac
470
471 # lastly, we define options specific to minor releases
472 case "$host" in
473 *-*-hpux10.26)
e00da40d 474 AC_DEFINE(HAVE_SECUREWARE, 1,
475 [Define if you have SecureWare-based
476 protected password database])
34fee935 477 disable_ptmx_check=yes
478 LIBS="$LIBS -lsecpw"
479 ;;
480 esac
3c0ef626 481 ;;
482*-*-irix5*)
3c0ef626 483 PATH="$PATH:/usr/etc"
e00da40d 484 AC_DEFINE(BROKEN_INET_NTOA, 1,
485 [Define if you system's inet_ntoa is busted
486 (e.g. Irix gcc issue)])
416fd2a8 487 AC_DEFINE(SETEUID_BREAKS_SETUID)
488 AC_DEFINE(BROKEN_SETREUID)
489 AC_DEFINE(BROKEN_SETREGID)
e00da40d 490 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
491 [Define if you shouldn't strip 'tty' from your
492 ttyname in [uw]tmp])
70791e56 493 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 494 ;;
495*-*-irix6*)
3c0ef626 496 PATH="$PATH:/usr/etc"
e00da40d 497 AC_DEFINE(WITH_IRIX_ARRAY, 1,
498 [Define if you have/want arrays
499 (cluster-wide session managment, not C arrays)])
500 AC_DEFINE(WITH_IRIX_PROJECT, 1,
501 [Define if you want IRIX project management])
502 AC_DEFINE(WITH_IRIX_AUDIT, 1,
503 [Define if you want IRIX audit trails])
504 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
505 [Define if you want IRIX kernel jobs])])
3c0ef626 506 AC_DEFINE(BROKEN_INET_NTOA)
70791e56 507 AC_DEFINE(SETEUID_BREAKS_SETUID)
508 AC_DEFINE(BROKEN_SETREUID)
509 AC_DEFINE(BROKEN_SETREGID)
e00da40d 510 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
2980ea68 511 AC_DEFINE(WITH_ABBREV_NO_TTY)
70791e56 512 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 513 ;;
514*-*-linux*)
515 no_dev_ptmx=1
516 check_for_libcrypt_later=1
70791e56 517 check_for_openpty_ctty_bug=1
e00da40d 518 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
519 AC_DEFINE(PAM_TTY_KLUDGE, 1,
520 [Work around problematic Linux PAM modules handling of PAM_TTY])
521 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
522 [String used in /etc/passwd to denote locked account])
70791e56 523 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
e00da40d 524 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
525 [Define to whatever link() returns for "not supported"
526 if it doesn't return EOPNOTSUPP.])
34fee935 527 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
e00da40d 528 AC_DEFINE(USE_BTMP)
3c0ef626 529 inet6_default_4in6=yes
70791e56 530 case `uname -r` in
531 1.*|2.0.*)
e00da40d 532 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
533 [Define if cmsg_type is not passed correctly])
70791e56 534 ;;
535 esac
e00da40d 536 # tun(4) forwarding compat code
537 AC_CHECK_HEADERS(linux/if_tun.h)
538 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
539 AC_DEFINE(SSH_TUN_LINUX, 1,
540 [Open tunnel devices the Linux tun/tap way])
541 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
542 [Use tunnel device compatibility to OpenBSD])
543 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
544 [Prepend the address family to IP tunnel traffic])
545 fi
3c0ef626 546 ;;
547mips-sony-bsd|mips-sony-newsos4)
e00da40d 548 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 549 SONY=1
3c0ef626 550 ;;
551*-*-netbsd*)
e54b3d7c 552 check_for_libcrypt_before=1
34fee935 553 if test "x$withval" != "xno" ; then
416fd2a8 554 need_dash_r=1
555 fi
e00da40d 556 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
557 AC_CHECK_HEADER([net/if_tap.h], ,
558 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
559 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
560 [Prepend the address family to IP tunnel traffic])
3c0ef626 561 ;;
562*-*-freebsd*)
563 check_for_libcrypt_later=1
e00da40d 564 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
565 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
566 AC_CHECK_HEADER([net/if_tap.h], ,
567 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 568 ;;
70791e56 569*-*-bsdi*)
570 AC_DEFINE(SETEUID_BREAKS_SETUID)
571 AC_DEFINE(BROKEN_SETREUID)
572 AC_DEFINE(BROKEN_SETREGID)
573 ;;
3c0ef626 574*-next-*)
575 conf_lastlog_location="/usr/adm/lastlog"
576 conf_utmp_location=/etc/utmp
577 conf_wtmp_location=/usr/adm/wtmp
578 MAIL=/usr/spool/mail
e00da40d 579 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 580 AC_DEFINE(BROKEN_REALPATH)
581 AC_DEFINE(USE_PIPES)
e00da40d 582 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 583 ;;
34fee935 584*-*-openbsd*)
585 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
e00da40d 586 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
587 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
2e437378 588 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
589 [syslog_r function is safe to use in in a signal handler])
34fee935 590 ;;
3c0ef626 591*-*-solaris*)
34fee935 592 if test "x$withval" != "xno" ; then
2a304a95 593 need_dash_r=1
594 fi
3c0ef626 595 AC_DEFINE(PAM_SUN_CODEBASE)
596 AC_DEFINE(LOGIN_NEEDS_UTMPX)
e00da40d 597 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
598 [Some versions of /bin/login need the TERM supplied
599 on the commandline])
3c0ef626 600 AC_DEFINE(PAM_TTY_KLUDGE)
e00da40d 601 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
602 [Define if pam_chauthtok wants real uid set
603 to the unpriv'ed user])
70791e56 604 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
605 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
e00da40d 606 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
607 [Define if sshd somehow reacquires a controlling TTY
608 after setsid()])
2e437378 609 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
610 in case the name is longer than 8 chars])
70791e56 611 external_path_file=/etc/default/login
3c0ef626 612 # hardwire lastlog location (can't detect it on some versions)
613 conf_lastlog_location="/var/adm/lastlog"
614 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
615 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
616 if test "$sol2ver" -ge 8; then
617 AC_MSG_RESULT(yes)
618 AC_DEFINE(DISABLE_UTMP)
e00da40d 619 AC_DEFINE(DISABLE_WTMP, 1,
620 [Define if you don't want to use wtmp])
3c0ef626 621 else
622 AC_MSG_RESULT(no)
623 fi
2e437378 624 AC_ARG_WITH(solaris-contracts,
625 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
626 [
627 AC_CHECK_LIB(contract, ct_tmpl_activate,
628 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
629 [Define if you have Solaris process contracts])
630 SSHDLIBS="$SSHDLIBS -lcontract"
631 AC_SUBST(SSHDLIBS)
632 SPC_MSG="yes" ], )
633 ],
634 )
3c0ef626 635 ;;
636*-*-sunos4*)
637 CPPFLAGS="$CPPFLAGS -DSUNOS4"
638 AC_CHECK_FUNCS(getpwanam)
639 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 640 conf_utmp_location=/etc/utmp
641 conf_wtmp_location=/var/adm/wtmp
642 conf_lastlog_location=/var/adm/lastlog
643 AC_DEFINE(USE_PIPES)
644 ;;
645*-ncr-sysv*)
3c0ef626 646 LIBS="$LIBS -lc89"
e9a17296 647 AC_DEFINE(USE_PIPES)
70791e56 648 AC_DEFINE(SSHD_ACQUIRES_CTTY)
649 AC_DEFINE(SETEUID_BREAKS_SETUID)
650 AC_DEFINE(BROKEN_SETREUID)
651 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 652 ;;
653*-sni-sysv*)
3c0ef626 654 # /usr/ucblib MUST NOT be searched on ReliantUNIX
416fd2a8 655 AC_CHECK_LIB(dl, dlsym, ,)
e00da40d 656 # -lresolv needs to be at the end of LIBS or DNS lookups break
657 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 658 IPADDR_IN_DISPLAY=yes
659 AC_DEFINE(USE_PIPES)
660 AC_DEFINE(IP_TOS_IS_BROKEN)
416fd2a8 661 AC_DEFINE(SETEUID_BREAKS_SETUID)
662 AC_DEFINE(BROKEN_SETREUID)
663 AC_DEFINE(BROKEN_SETREGID)
70791e56 664 AC_DEFINE(SSHD_ACQUIRES_CTTY)
665 external_path_file=/etc/default/login
3c0ef626 666 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
667 # Attention: always take care to bind libsocket and libnsl before libc,
668 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
669 ;;
34fee935 670# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 671*-*-sysv4.2*)
3c0ef626 672 AC_DEFINE(USE_PIPES)
70791e56 673 AC_DEFINE(SETEUID_BREAKS_SETUID)
674 AC_DEFINE(BROKEN_SETREUID)
675 AC_DEFINE(BROKEN_SETREGID)
34fee935 676 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e00da40d 677 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 678 ;;
34fee935 679# UnixWare 7.x, OpenUNIX 8
3c0ef626 680*-*-sysv5*)
34fee935 681 check_for_libcrypt_later=1
682 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 683 AC_DEFINE(USE_PIPES)
70791e56 684 AC_DEFINE(SETEUID_BREAKS_SETUID)
685 AC_DEFINE(BROKEN_SETREUID)
686 AC_DEFINE(BROKEN_SETREGID)
e00da40d 687 AC_DEFINE(PASSWD_NEEDS_USERNAME)
34fee935 688 case "$host" in
689 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
690 TEST_SHELL=/u95/bin/sh
e00da40d 691 AC_DEFINE(BROKEN_LIBIAF, 1,
692 [ia_uinfo routines not supported by OS yet])
2e437378 693 AC_DEFINE(BROKEN_UPDWTMPX)
e00da40d 694 ;;
695 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
34fee935 696 ;;
697 esac
3c0ef626 698 ;;
699*-*-sysv*)
3c0ef626 700 ;;
34fee935 701# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 702*-*-sco3.2v4*)
34fee935 703 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 704 ;;
34fee935 705# SCO OpenServer 5.x
3c0ef626 706*-*-sco3.2v5*)
1c14df9e 707 if test -z "$GCC"; then
708 CFLAGS="$CFLAGS -belf"
709 fi
3c0ef626 710 LIBS="$LIBS -lprot -lx -ltinfo -lm"
711 no_dev_ptmx=1
3c0ef626 712 AC_DEFINE(USE_PIPES)
2980ea68 713 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 714 AC_DEFINE(DISABLE_SHADOW)
e54b3d7c 715 AC_DEFINE(DISABLE_FD_PASSING)
70791e56 716 AC_DEFINE(SETEUID_BREAKS_SETUID)
717 AC_DEFINE(BROKEN_SETREUID)
718 AC_DEFINE(BROKEN_SETREGID)
719 AC_DEFINE(WITH_ABBREV_NO_TTY)
1b56ff3d 720 AC_DEFINE(BROKEN_UPDWTMPX)
e00da40d 721 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 722 AC_CHECK_FUNCS(getluid setluid)
723 MANTYPE=man
1b56ff3d 724 TEST_SHELL=ksh
3c0ef626 725 ;;
e54b3d7c 726*-*-unicosmk*)
e00da40d 727 AC_DEFINE(NO_SSH_LASTLOG, 1,
728 [Define if you don't want to use lastlog in session.c])
416fd2a8 729 AC_DEFINE(SETEUID_BREAKS_SETUID)
730 AC_DEFINE(BROKEN_SETREUID)
731 AC_DEFINE(BROKEN_SETREGID)
e54b3d7c 732 AC_DEFINE(USE_PIPES)
733 AC_DEFINE(DISABLE_FD_PASSING)
734 LDFLAGS="$LDFLAGS"
735 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
736 MANTYPE=cat
737 ;;
70791e56 738*-*-unicosmp*)
416fd2a8 739 AC_DEFINE(SETEUID_BREAKS_SETUID)
740 AC_DEFINE(BROKEN_SETREUID)
741 AC_DEFINE(BROKEN_SETREGID)
70791e56 742 AC_DEFINE(WITH_ABBREV_NO_TTY)
743 AC_DEFINE(USE_PIPES)
744 AC_DEFINE(DISABLE_FD_PASSING)
745 LDFLAGS="$LDFLAGS"
416fd2a8 746 LIBS="$LIBS -lgen -lacid -ldb"
70791e56 747 MANTYPE=cat
748 ;;
3c0ef626 749*-*-unicos*)
416fd2a8 750 AC_DEFINE(SETEUID_BREAKS_SETUID)
751 AC_DEFINE(BROKEN_SETREUID)
752 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 753 AC_DEFINE(USE_PIPES)
e54b3d7c 754 AC_DEFINE(DISABLE_FD_PASSING)
755 AC_DEFINE(NO_SSH_LASTLOG)
756 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
757 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
758 MANTYPE=cat
3c0ef626 759 ;;
760*-dec-osf*)
761 AC_MSG_CHECKING(for Digital Unix SIA)
762 no_osfsia=""
763 AC_ARG_WITH(osfsia,
764 [ --with-osfsia Enable Digital Unix SIA],
765 [
766 if test "x$withval" = "xno" ; then
767 AC_MSG_RESULT(disabled)
768 no_osfsia=1
769 fi
770 ],
771 )
772 if test -z "$no_osfsia" ; then
773 if test -f /etc/sia/matrix.conf; then
774 AC_MSG_RESULT(yes)
e00da40d 775 AC_DEFINE(HAVE_OSF_SIA, 1,
776 [Define if you have Digital Unix Security
777 Integration Architecture])
778 AC_DEFINE(DISABLE_LOGIN, 1,
779 [Define if you don't want to use your
780 system's login() call])
1c14df9e 781 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 782 LIBS="$LIBS -lsecurity -ldb -lm -laud"
2e437378 783 SIA_MSG="yes"
3c0ef626 784 else
785 AC_MSG_RESULT(no)
e00da40d 786 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
787 [String used in /etc/passwd to denote locked account])
3c0ef626 788 fi
789 fi
70791e56 790 AC_DEFINE(BROKEN_GETADDRINFO)
791 AC_DEFINE(SETEUID_BREAKS_SETUID)
792 AC_DEFINE(BROKEN_SETREUID)
793 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 794 ;;
795
e00da40d 796*-*-nto-qnx*)
3c0ef626 797 AC_DEFINE(USE_PIPES)
798 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e00da40d 799 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
800 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
801 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
802 AC_DEFINE(DISABLE_LASTLOG)
2e437378 803 AC_DEFINE(SSHD_ACQUIRES_CTTY)
804 enable_etc_default_login=no # has incompatible /etc/default/login
25d429a2 805 case "$host" in
806 *-*-nto-qnx6*)
807 AC_DEFINE(DISABLE_FD_PASSING)
808 ;;
809 esac
3c0ef626 810 ;;
34fee935 811
812*-*-ultrix*)
e00da40d 813 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
814 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
815 AC_DEFINE(NEED_SETPGRP)
34fee935 816 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
817 ;;
818
819*-*-lynxos)
820 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
e00da40d 821 AC_DEFINE(MISSING_HOWMANY)
34fee935 822 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
823 ;;
3c0ef626 824esac
825
70791e56 826AC_MSG_CHECKING(compiler and flags for sanity)
34fee935 827AC_RUN_IFELSE(
828 [AC_LANG_SOURCE([
70791e56 829#include <stdio.h>
830int main(){exit(0);}
34fee935 831 ])],
70791e56 832 [ AC_MSG_RESULT(yes) ],
833 [
834 AC_MSG_RESULT(no)
835 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
34fee935 836 ],
837 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
838)
839
840dnl Checks for header files.
3c0ef626 841# Checks for libraries.
842AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
843AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
844
70791e56 845dnl IRIX and Solaris 2.5.1 have dirname() in libgen
846AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
847 AC_CHECK_LIB(gen, dirname,[
848 AC_CACHE_CHECK([for broken dirname],
849 ac_cv_have_broken_dirname, [
850 save_LIBS="$LIBS"
851 LIBS="$LIBS -lgen"
e00da40d 852 AC_RUN_IFELSE(
853 [AC_LANG_SOURCE([[
70791e56 854#include <libgen.h>
855#include <string.h>
856
857int main(int argc, char **argv) {
858 char *s, buf[32];
859
860 strncpy(buf,"/etc", 32);
861 s = dirname(buf);
862 if (!s || strncmp(s, "/", 32) != 0) {
863 exit(1);
864 } else {
865 exit(0);
866 }
867}
e00da40d 868 ]])],
869 [ ac_cv_have_broken_dirname="no" ],
870 [ ac_cv_have_broken_dirname="yes" ],
70791e56 871 [ ac_cv_have_broken_dirname="no" ],
70791e56 872 )
873 LIBS="$save_LIBS"
874 ])
875 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
876 LIBS="$LIBS -lgen"
877 AC_DEFINE(HAVE_DIRNAME)
878 AC_CHECK_HEADERS(libgen.h)
879 fi
880 ])
881])
882
3c0ef626 883AC_CHECK_FUNC(getspnam, ,
884 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
e00da40d 885AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
886 [Define if you have the basename function.]))
3c0ef626 887
888dnl zlib is required
889AC_ARG_WITH(zlib,
890 [ --with-zlib=PATH Use zlib in PATH],
34fee935 891 [ if test "x$withval" = "xno" ; then
892 AC_MSG_ERROR([*** zlib is required ***])
893 elif test "x$withval" != "xyes"; then
3c0ef626 894 if test -d "$withval/lib"; then
895 if test -n "${need_dash_r}"; then
896 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
897 else
898 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
899 fi
900 else
901 if test -n "${need_dash_r}"; then
902 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
903 else
904 LDFLAGS="-L${withval} ${LDFLAGS}"
905 fi
906 fi
907 if test -d "$withval/include"; then
908 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
909 else
910 CPPFLAGS="-I${withval} ${CPPFLAGS}"
911 fi
34fee935 912 fi ]
3c0ef626 913)
914
416fd2a8 915AC_CHECK_LIB(z, deflate, ,
916 [
917 saved_CPPFLAGS="$CPPFLAGS"
918 saved_LDFLAGS="$LDFLAGS"
919 save_LIBS="$LIBS"
920 dnl Check default zlib install dir
921 if test -n "${need_dash_r}"; then
922 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
923 else
924 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
925 fi
926 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
927 LIBS="$LIBS -lz"
928 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
929 [
930 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
931 ]
932 )
933 ]
934)
935AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
936
937AC_ARG_WITH(zlib-version-check,
938 [ --without-zlib-version-check Disable zlib version check],
939 [ if test "x$withval" = "xno" ; then
940 zlib_check_nonfatal=1
941 fi
942 ]
943)
944
34fee935 945AC_MSG_CHECKING(for possibly buggy zlib)
946AC_RUN_IFELSE([AC_LANG_SOURCE([[
947#include <stdio.h>
416fd2a8 948#include <zlib.h>
949int main()
950{
34fee935 951 int a=0, b=0, c=0, d=0, n, v;
952 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
953 if (n != 3 && n != 4)
416fd2a8 954 exit(1);
34fee935 955 v = a*1000000 + b*10000 + c*100 + d;
956 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
957
958 /* 1.1.4 is OK */
959 if (a == 1 && b == 1 && c >= 4)
416fd2a8 960 exit(0);
34fee935 961
962 /* 1.2.3 and up are OK */
963 if (v >= 1020300)
964 exit(0);
965
416fd2a8 966 exit(2);
967}
34fee935 968 ]])],
969 AC_MSG_RESULT(no),
970 [ AC_MSG_RESULT(yes)
416fd2a8 971 if test -z "$zlib_check_nonfatal" ; then
972 AC_MSG_ERROR([*** zlib too old - check config.log ***
973Your reported zlib version has known security problems. It's possible your
974vendor has fixed these problems without changing the version number. If you
975are sure this is the case, you can disable the check by running
976"./configure --without-zlib-version-check".
34fee935 977If you are in doubt, upgrade zlib to version 1.2.3 or greater.
978See http://www.gzip.org/zlib/ for details.])
416fd2a8 979 else
980 AC_MSG_WARN([zlib version may have security problems])
981 fi
34fee935 982 ],
983 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
416fd2a8 984)
3c0ef626 985
3c0ef626 986dnl UnixWare 2.x
416fd2a8 987AC_CHECK_FUNC(strcasecmp,
3c0ef626 988 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
989)
e00da40d 990AC_CHECK_FUNCS(utimes,
e54b3d7c 991 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
992 LIBS="$LIBS -lc89"]) ]
3c0ef626 993)
994
995dnl Checks for libutil functions
996AC_CHECK_HEADERS(libutil.h)
e00da40d 997AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
998 [Define if your libraries define login()])])
3c0ef626 999AC_CHECK_FUNCS(logout updwtmp logwtmp)
1000
1001AC_FUNC_STRFTIME
1002
3c0ef626 1003# Check for ALTDIRFUNC glob() extension
1004AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1005AC_EGREP_CPP(FOUNDIT,
1006 [
1007 #include <glob.h>
1008 #ifdef GLOB_ALTDIRFUNC
1009 FOUNDIT
1010 #endif
416fd2a8 1011 ],
3c0ef626 1012 [
e00da40d 1013 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1014 [Define if your system glob() function has
1015 the GLOB_ALTDIRFUNC extension])
3c0ef626 1016 AC_MSG_RESULT(yes)
1017 ],
1018 [
1019 AC_MSG_RESULT(no)
1020 ]
1021)
1022
1023# Check for g.gl_matchc glob() extension
1024AC_MSG_CHECKING(for gl_matchc field in glob_t)
2e437378 1025AC_TRY_COMPILE(
1026 [ #include <glob.h> ],
1027 [glob_t g; g.gl_matchc = 1;],
416fd2a8 1028 [
e00da40d 1029 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1030 [Define if your system glob() function has
1031 gl_matchc options in glob_t])
416fd2a8 1032 AC_MSG_RESULT(yes)
1033 ],
1034 [
1035 AC_MSG_RESULT(no)
1036 ]
3c0ef626 1037)
1038
2e437378 1039AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1040
3c0ef626 1041AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
34fee935 1042AC_RUN_IFELSE(
1043 [AC_LANG_SOURCE([[
3c0ef626 1044#include <sys/types.h>
1045#include <dirent.h>
e54b3d7c 1046int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
34fee935 1047 ]])],
416fd2a8 1048 [AC_MSG_RESULT(yes)],
3c0ef626 1049 [
1050 AC_MSG_RESULT(no)
e00da40d 1051 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1052 [Define if your struct dirent expects you to
1053 allocate extra space for d_name])
34fee935 1054 ],
1055 [
1056 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1057 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1058 ]
1059)
1060
c2397a66 1061# Check whether the user wants GSSAPI mechglue support
1062AC_ARG_WITH(mechglue,
1063 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1064 [
1065 AC_MSG_CHECKING(for mechglue library)
1066
1067 if test -e ${withval}/libgssapi.a ; then
1068 mechglue_lib=${withval}/libgssapi.a
1069 elif test -e ${withval}/lib/libgssapi.a ; then
1070 mechglue_lib=${withval}/lib/libgssapi.a
1071 else
1072 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1073 fi
1074 LIBS="$LIBS ${mechglue_lib}"
1075 AC_MSG_RESULT(${mechglue_lib})
1076
c2397a66 1077 AC_CHECK_LIB(dl, dlopen, , )
1078 if test $ac_cv_lib_dl_dlopen = yes; then
1079 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1080 fi
1081
1082 AC_DEFINE(GSSAPI)
e00da40d 1083 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
c2397a66 1084 GSSAPI="mechglue"
1085
1086 ]
1087)
1088
1089
d905e828 1090# Check whether the user wants GSI (Globus) support
1091gsi_path="no"
1092AC_ARG_WITH(gsi,
70791e56 1093 [ --with-gsi Enable Globus GSI authentication support],
d905e828 1094 [
1095 gsi_path="$withval"
1096 ]
1097)
1098
1099AC_ARG_WITH(globus,
70791e56 1100 [ --with-globus Enable Globus GSI authentication support],
d905e828 1101 [
1102 gsi_path="$withval"
1103 ]
1104)
1105
70791e56 1106AC_ARG_WITH(globus-static,
1107 [ --with-globus-static Link statically with Globus GSI libraries],
1108 [
1109 gsi_static=1
416fd2a8 1110 if test "x$gsi_path" = "xno" ; then
e2dec4b2 1111 gsi_path="$withval"
1112 fi
70791e56 1113 ]
1114)
1115
d905e828 1116# Check whether the user has a Globus flavor type
1117globus_flavor_type="no"
1118AC_ARG_WITH(globus-flavor,
70791e56 1119 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
d905e828 1120 [
1121 globus_flavor_type="$withval"
416fd2a8 1122 if test "x$gsi_path" = "xno" ; then
70791e56 1123 gsi_path="yes"
1124 fi
d905e828 1125 ]
1126)
1127
1128if test "x$gsi_path" != "xno" ; then
1129 # Globus GSSAPI configuration
88928908 1130 AC_MSG_CHECKING(for Globus GSI)
e00da40d 1131 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
d905e828 1132
c2397a66 1133 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
70791e56 1134 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
c2397a66 1135 fi
1136 if test -z "$GSSAPI"; then
1137 AC_DEFINE(GSSAPI)
1138 GSSAPI="GSI"
1139 fi
1140
70791e56 1141 if test "x$gsi_path" = "xyes" ; then
1142 if test -z "$GLOBUS_LOCATION" ; then
1143 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
1144 else
1145 gsi_path="$GLOBUS_LOCATION"
1146 fi
1147 fi
1148 GLOBUS_LOCATION="$gsi_path"
1149 export GLOBUS_LOCATION
1150 if test ! -d "$GLOBUS_LOCATION" ; then
1151 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
d905e828 1152 fi
d905e828 1153
1154 if test "x$globus_flavor_type" = "xno" ; then
88928908 1155 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1156 fi
1157 if test "x$globus_flavor_type" = "xyes" ; then
1158 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
2d8588fd 1159 fi
9a370734 1160 AC_MSG_RESULT(yes)
2d8588fd 1161
9a370734 1162 AC_MSG_CHECKING(for Globus include path)
88928908 1163 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
1164 if test ! -d "$GLOBUS_INCLUDE" ; then
1165 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
1166 fi
1167 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
9a370734 1168 AC_MSG_RESULT(yes)
1169
5838d7f9 1170 #
1171 # Find GPT linkline helper
1172 #
1173
1174 AC_MSG_CHECKING(for GPT linkline helper)
9a370734 1175 if test -x $GPT_LOCATION/sbin/gpt_build_config ; then
5838d7f9 1176 gpt_linkline_helper="$GPT_LOCATION/sbin/gpt_build_config"
1177 elif test -x ${gsi_path}/sbin/gpt_build_config ; then
1178 gpt_linkline_helper="${gsi_path}/sbin/gpt_build_config"
2d8588fd 1179 else
9a370734 1180 AC_MSG_ERROR(Cannot find gpt_build_config: GPT installation is incomplete)
2d8588fd 1181 fi
06779745 1182 AC_MSG_RESULT(yes)
5838d7f9 1183
1184 #
1185 # Build Globus linkline
1186 #
1187
70791e56 1188 if test -n "${gsi_static}"; then
1189 ${gpt_linkline_helper} -f ${globus_flavor_type} -link static -src pkg_data_src.gpt
1190 else
1191 ${gpt_linkline_helper} -f ${globus_flavor_type} -link shared -src pkg_data_src.gpt
1192 fi
5838d7f9 1193 . ./gpt_build_temp.sh
70791e56 1194 if test -n "${need_dash_r}"; then
8ecf4c4d 1195 GSI_LDFLAGS="-L${gsi_path}/lib -R${gsi_path}/lib"
70791e56 1196 else
1197 GSI_LDFLAGS="-L${gsi_path}/lib"
1198 fi
5838d7f9 1199 GSI_LIBS="$GPT_CONFIG_PGM_LINKS"
92f152c3 1200 LD_LIBRARY_PATH="${gsi_path}/lib:$LD_LIBRARY_PATH"; export LD_LIBRARY_PATH
5838d7f9 1201
1202 #
1203 # Test Globus linkline
1204 #
1205
1206 AC_MSG_CHECKING(for Globus linkline)
88928908 1207 if test -z "$GSI_LIBS" ; then
9a370734 1208 AC_MSG_ERROR(gpt_build_config failed)
d905e828 1209 fi
9a370734 1210 AC_MSG_RESULT(yes)
d905e828 1211
416fd2a8 1212 AC_DEFINE(HAVE_GSSAPI_H)
1213
70791e56 1214 LIBS="$LIBS $GSI_LIBS"
1215 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
1216 CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
88928908 1217
9a370734 1218 AC_MSG_CHECKING(that Globus linkline works)
88928908 1219 # test that we got the libraries OK
ffa83338 1220 AC_TRY_LINK(
1221 [],
1222 [],
1223 [
1224 AC_MSG_RESULT(yes)
1225 ],
1226 [
88928908 1227 AC_MSG_ERROR(link with Globus libraries failed)
ffa83338 1228 ]
1229 )
e00da40d 1230 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
88928908 1231 INSTALL_GSISSH="yes"
1232else
1233 INSTALL_GSISSH=""
d905e828 1234fi
c2397a66 1235# End Globus/GSI section
d905e828 1236
1b56ff3d 1237AC_MSG_CHECKING([for /proc/pid/fd directory])
1238if test -d "/proc/$$/fd" ; then
e00da40d 1239 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
1b56ff3d 1240 AC_MSG_RESULT(yes)
1241else
1242 AC_MSG_RESULT(no)
1243fi
1244
3c0ef626 1245# Check whether user wants S/Key support
416fd2a8 1246SKEY_MSG="no"
3c0ef626 1247AC_ARG_WITH(skey,
34fee935 1248 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1249 [
1250 if test "x$withval" != "xno" ; then
1251
1252 if test "x$withval" != "xyes" ; then
1253 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1254 LDFLAGS="$LDFLAGS -L${withval}/lib"
1255 fi
1256
e00da40d 1257 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1258 LIBS="-lskey $LIBS"
416fd2a8 1259 SKEY_MSG="yes"
34fee935 1260
e9a17296 1261 AC_MSG_CHECKING([for s/key support])
e00da40d 1262 AC_LINK_IFELSE(
1263 [AC_LANG_SOURCE([[
e9a17296 1264#include <stdio.h>
1265#include <skey.h>
e54b3d7c 1266int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
e00da40d 1267 ]])],
e9a17296 1268 [AC_MSG_RESULT(yes)],
3c0ef626 1269 [
e9a17296 1270 AC_MSG_RESULT(no)
3c0ef626 1271 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1272 ])
2a304a95 1273 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1274 AC_TRY_COMPILE(
1275 [#include <stdio.h>
1276 #include <skey.h>],
1277 [(void)skeychallenge(NULL,"name","",0);],
1278 [AC_MSG_RESULT(yes)
e00da40d 1279 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1280 [Define if your skeychallenge()
1281 function takes 4 arguments (NetBSD)])],
2a304a95 1282 [AC_MSG_RESULT(no)]
1283 )
3c0ef626 1284 fi
1285 ]
1286)
1287
1288# Check whether user wants TCP wrappers support
1289TCPW_MSG="no"
1290AC_ARG_WITH(tcp-wrappers,
34fee935 1291 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1292 [
1293 if test "x$withval" != "xno" ; then
1294 saved_LIBS="$LIBS"
1295 saved_LDFLAGS="$LDFLAGS"
1296 saved_CPPFLAGS="$CPPFLAGS"
34fee935 1297 if test -n "${withval}" && \
1298 test "x${withval}" != "xyes"; then
3c0ef626 1299 if test -d "${withval}/lib"; then
1300 if test -n "${need_dash_r}"; then
1301 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1302 else
1303 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1304 fi
1305 else
1306 if test -n "${need_dash_r}"; then
1307 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1308 else
1309 LDFLAGS="-L${withval} ${LDFLAGS}"
1310 fi
1311 fi
1312 if test -d "${withval}/include"; then
1313 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1314 else
1315 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1316 fi
1317 fi
25d429a2 1318 LIBS="-lwrap $LIBS"
3c0ef626 1319 AC_MSG_CHECKING(for libwrap)
1320 AC_TRY_LINK(
1321 [
2a304a95 1322#include <sys/types.h>
1323#include <sys/socket.h>
1324#include <netinet/in.h>
3c0ef626 1325#include <tcpd.h>
1326 int deny_severity = 0, allow_severity = 0;
1327 ],
1328 [hosts_access(0);],
1329 [
1330 AC_MSG_RESULT(yes)
e00da40d 1331 AC_DEFINE(LIBWRAP, 1,
1332 [Define if you want
1333 TCP Wrappers support])
25d429a2 1334 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1335 TCPW_MSG="yes"
1336 ],
1337 [
1338 AC_MSG_ERROR([*** libwrap missing])
1339 ]
1340 )
e9a17296 1341 LIBS="$saved_LIBS"
3c0ef626 1342 fi
1343 ]
1344)
1345
34fee935 1346# Check whether user wants libedit support
1347LIBEDIT_MSG="no"
1348AC_ARG_WITH(libedit,
1349 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1350 [ if test "x$withval" != "xno" ; then
1351 if test "x$withval" != "xyes"; then
e00da40d 1352 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1353 if test -n "${need_dash_r}"; then
1354 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1355 else
1356 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1357 fi
34fee935 1358 fi
1359 AC_CHECK_LIB(edit, el_init,
e00da40d 1360 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
34fee935 1361 LIBEDIT="-ledit -lcurses"
1362 LIBEDIT_MSG="yes"
1363 AC_SUBST(LIBEDIT)
1364 ],
1365 [ AC_MSG_ERROR(libedit not found) ],
1366 [ -lcurses ]
1367 )
1368 AC_MSG_CHECKING(if libedit version is compatible)
1369 AC_COMPILE_IFELSE(
1370 [AC_LANG_SOURCE([[
1371#include <histedit.h>
1372int main(void)
1373{
1374 int i = H_SETSIZE;
1375 el_init("", NULL, NULL, NULL);
1376 exit(0);
1377}
1378 ]])],
1379 [ AC_MSG_RESULT(yes) ],
1380 [ AC_MSG_RESULT(no)
1381 AC_MSG_ERROR(libedit version is not compatible) ]
1382 )
1383 fi ]
1384)
1385
1386AUDIT_MODULE=none
1387AC_ARG_WITH(audit,
1388 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1389 [
1390 AC_MSG_CHECKING(for supported audit module)
1391 case "$withval" in
1392 bsm)
1393 AC_MSG_RESULT(bsm)
1394 AUDIT_MODULE=bsm
1395 dnl Checks for headers, libs and functions
1396 AC_CHECK_HEADERS(bsm/audit.h, [],
2e437378 1397 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1398 [
1399#ifdef HAVE_TIME_H
1400# include <time.h>
1401#endif
1402 ]
1403)
34fee935 1404 AC_CHECK_LIB(bsm, getaudit, [],
1405 [AC_MSG_ERROR(BSM enabled and required library not found)])
1406 AC_CHECK_FUNCS(getaudit, [],
1407 [AC_MSG_ERROR(BSM enabled and required function not found)])
1408 # These are optional
1409 AC_CHECK_FUNCS(getaudit_addr)
e00da40d 1410 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
34fee935 1411 ;;
1412 debug)
1413 AUDIT_MODULE=debug
1414 AC_MSG_RESULT(debug)
e00da40d 1415 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
34fee935 1416 ;;
1417 no)
1418 AC_MSG_RESULT(no)
1419 ;;
1420 *)
1421 AC_MSG_ERROR([Unknown audit module $withval])
1422 ;;
1423 esac ]
1424)
1425
1c14df9e 1426dnl Checks for library functions. Please keep in alphabetical order
34fee935 1427AC_CHECK_FUNCS( \
1428 arc4random \
e00da40d 1429 asprintf \
34fee935 1430 b64_ntop \
1431 __b64_ntop \
1432 b64_pton \
1433 __b64_pton \
1434 bcopy \
1435 bindresvport_sa \
1436 clock \
1437 closefrom \
1438 dirfd \
1439 fchmod \
1440 fchown \
1441 freeaddrinfo \
1442 futimes \
1443 getaddrinfo \
1444 getcwd \
1445 getgrouplist \
1446 getnameinfo \
1447 getopt \
1448 getpeereid \
25d429a2 1449 getpeerucred \
34fee935 1450 _getpty \
1451 getrlimit \
1452 getttyent \
1453 glob \
1454 inet_aton \
1455 inet_ntoa \
1456 inet_ntop \
1457 innetgr \
1458 login_getcapbool \
1459 md5_crypt \
1460 memmove \
1461 mkdtemp \
1462 mmap \
1463 ngetaddrinfo \
1464 nsleep \
1465 ogetaddrinfo \
1466 openlog_r \
1467 openpty \
25d429a2 1468 poll \
34fee935 1469 prctl \
1470 pstat \
1471 readpassphrase \
1472 realpath \
1473 recvmsg \
1474 rresvport_af \
1475 sendmsg \
1476 setdtablesize \
1477 setegid \
1478 setenv \
1479 seteuid \
1480 setgroups \
1481 setlogin \
1482 setpcred \
1483 setproctitle \
1484 setregid \
1485 setreuid \
1486 setrlimit \
1487 setsid \
1488 setvbuf \
1489 sigaction \
1490 sigvec \
1491 snprintf \
1492 socketpair \
1493 strdup \
1494 strerror \
1495 strlcat \
1496 strlcpy \
1497 strmode \
1498 strnvis \
1499 strtonum \
1500 strtoll \
1501 strtoul \
25d429a2 1502 swap32 \
34fee935 1503 sysconf \
1504 tcgetpgrp \
1505 truncate \
1506 unsetenv \
1507 updwtmpx \
e00da40d 1508 vasprintf \
34fee935 1509 vhangup \
1510 vsnprintf \
1511 waitpid \
70791e56 1512)
1513
1514# IRIX has a const char return value for gai_strerror()
1515AC_CHECK_FUNCS(gai_strerror,[
1516 AC_DEFINE(HAVE_GAI_STRERROR)
1517 AC_TRY_COMPILE([
1518#include <sys/types.h>
1519#include <sys/socket.h>
1520#include <netdb.h>
1c14df9e 1521
70791e56 1522const char *gai_strerror(int);],[
1523char *str;
1c14df9e 1524
70791e56 1525str = gai_strerror(0);],[
1526 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1527 [Define if gai_strerror() returns const char *])])])
88928908 1528
e00da40d 1529AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1530 [Some systems put nanosleep outside of libc]))
3c0ef626 1531
70791e56 1532dnl Make sure prototypes are defined for these before using them.
70791e56 1533AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
34fee935 1534AC_CHECK_DECL(strsep,
1535 [AC_CHECK_FUNCS(strsep)],
1536 [],
1537 [
1538#ifdef HAVE_STRING_H
1539# include <string.h>
1540#endif
1541 ])
3c0ef626 1542
70791e56 1543dnl tcsendbreak might be a macro
1544AC_CHECK_DECL(tcsendbreak,
1545 [AC_DEFINE(HAVE_TCSENDBREAK)],
416fd2a8 1546 [AC_CHECK_FUNCS(tcsendbreak)],
70791e56 1547 [#include <termios.h>]
1548)
3c0ef626 1549
1b56ff3d 1550AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1551
2e437378 1552AC_CHECK_DECLS(SHUT_RD, , ,
1553 [
1554#include <sys/types.h>
1555#include <sys/socket.h>
1556 ])
1557
1558AC_CHECK_DECLS(O_NONBLOCK, , ,
1559 [
1560#include <sys/types.h>
1561#ifdef HAVE_SYS_STAT_H
1562# include <sys/stat.h>
1563#endif
1564#ifdef HAVE_FCNTL_H
1565# include <fcntl.h>
1566#endif
1567 ])
1568
1569AC_CHECK_DECLS(writev, , , [
1570#include <sys/types.h>
1571#include <sys/uio.h>
1572#include <unistd.h>
1573 ])
1574
25d429a2 1575AC_CHECK_DECLS(MAXSYMLINKS, , , [
1576#include <sys/param.h>
1577 ])
1578
1579AC_CHECK_DECLS(offsetof, , , [
1580#include <stddef.h>
1581 ])
1582
416fd2a8 1583AC_CHECK_FUNCS(setresuid, [
1584 dnl Some platorms have setresuid that isn't implemented, test for this
1585 AC_MSG_CHECKING(if setresuid seems to work)
34fee935 1586 AC_RUN_IFELSE(
1587 [AC_LANG_SOURCE([[
416fd2a8 1588#include <stdlib.h>
1589#include <errno.h>
1590int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
34fee935 1591 ]])],
416fd2a8 1592 [AC_MSG_RESULT(yes)],
e00da40d 1593 [AC_DEFINE(BROKEN_SETRESUID, 1,
1594 [Define if your setresuid() is broken])
34fee935 1595 AC_MSG_RESULT(not implemented)],
1596 [AC_MSG_WARN([cross compiling: not checking setresuid])]
416fd2a8 1597 )
1598])
1599
1600AC_CHECK_FUNCS(setresgid, [
1601 dnl Some platorms have setresgid that isn't implemented, test for this
1602 AC_MSG_CHECKING(if setresgid seems to work)
34fee935 1603 AC_RUN_IFELSE(
1604 [AC_LANG_SOURCE([[
416fd2a8 1605#include <stdlib.h>
1606#include <errno.h>
1607int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
34fee935 1608 ]])],
416fd2a8 1609 [AC_MSG_RESULT(yes)],
e00da40d 1610 [AC_DEFINE(BROKEN_SETRESGID, 1,
1611 [Define if your setresgid() is broken])
34fee935 1612 AC_MSG_RESULT(not implemented)],
1613 [AC_MSG_WARN([cross compiling: not checking setresuid])]
416fd2a8 1614 )
1615])
1616
3c0ef626 1617dnl Checks for time functions
1618AC_CHECK_FUNCS(gettimeofday time)
1619dnl Checks for utmp functions
1620AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1621AC_CHECK_FUNCS(utmpname)
1622dnl Checks for utmpx functions
1623AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1624AC_CHECK_FUNCS(setutxent utmpxname)
1625
416fd2a8 1626AC_CHECK_FUNC(daemon,
e00da40d 1627 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1628 [AC_CHECK_LIB(bsd, daemon,
1629 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1630)
1631
416fd2a8 1632AC_CHECK_FUNC(getpagesize,
e00da40d 1633 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1634 [Define if your libraries define getpagesize()])],
1635 [AC_CHECK_LIB(ucb, getpagesize,
1636 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1637)
1638
1639# Check for broken snprintf
1640if test "x$ac_cv_func_snprintf" = "xyes" ; then
1641 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
34fee935 1642 AC_RUN_IFELSE(
1643 [AC_LANG_SOURCE([[
3c0ef626 1644#include <stdio.h>
e54b3d7c 1645int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
34fee935 1646 ]])],
416fd2a8 1647 [AC_MSG_RESULT(yes)],
3c0ef626 1648 [
1649 AC_MSG_RESULT(no)
e00da40d 1650 AC_DEFINE(BROKEN_SNPRINTF, 1,
1651 [Define if your snprintf is busted])
3c0ef626 1652 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
34fee935 1653 ],
1654 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1655 )
1656fi
1657
e00da40d 1658# If we don't have a working asprintf, then we strongly depend on vsnprintf
1659# returning the right thing on overflow: the number of characters it tried to
1660# create (as per SUSv3)
1661if test "x$ac_cv_func_asprintf" != "xyes" && \
1662 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1663 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1664 AC_RUN_IFELSE(
1665 [AC_LANG_SOURCE([[
1666#include <sys/types.h>
1667#include <stdio.h>
1668#include <stdarg.h>
1669
1670int x_snprintf(char *str,size_t count,const char *fmt,...)
1671{
1672 size_t ret; va_list ap;
1673 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1674 return ret;
1675}
1676int main(void)
1677{
1678 char x[1];
1679 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1680} ]])],
1681 [AC_MSG_RESULT(yes)],
1682 [
1683 AC_MSG_RESULT(no)
1684 AC_DEFINE(BROKEN_SNPRINTF, 1,
1685 [Define if your snprintf is busted])
1686 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1687 ],
1688 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1689 )
1690fi
1691
1692# On systems where [v]snprintf is broken, but is declared in stdio,
1693# check that the fmt argument is const char * or just char *.
1694# This is only useful for when BROKEN_SNPRINTF
1695AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1696AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1697 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1698 int main(void) { snprintf(0, 0, 0); }
1699 ]])],
1700 [AC_MSG_RESULT(yes)
1701 AC_DEFINE(SNPRINTF_CONST, [const],
1702 [Define as const if snprintf() can declare const char *fmt])],
1703 [AC_MSG_RESULT(no)
1704 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1705
1b56ff3d 1706# Check for missing getpeereid (or equiv) support
1707NO_PEERCHECK=""
25d429a2 1708if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
1b56ff3d 1709 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1710 AC_TRY_COMPILE(
1711 [#include <sys/types.h>
1712 #include <sys/socket.h>],
1713 [int i = SO_PEERCRED;],
34fee935 1714 [ AC_MSG_RESULT(yes)
e00da40d 1715 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
34fee935 1716 ],
1b56ff3d 1717 [AC_MSG_RESULT(no)
1718 NO_PEERCHECK=1]
1719 )
1720fi
1721
1c14df9e 1722dnl see whether mkstemp() requires XXXXXX
1723if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1724AC_MSG_CHECKING([for (overly) strict mkstemp])
e00da40d 1725AC_RUN_IFELSE(
1726 [AC_LANG_SOURCE([[
1c14df9e 1727#include <stdlib.h>
1728main() { char template[]="conftest.mkstemp-test";
1729if (mkstemp(template) == -1)
1730 exit(1);
1731unlink(template); exit(0);
1732}
e00da40d 1733 ]])],
1c14df9e 1734 [
1735 AC_MSG_RESULT(no)
1736 ],
416fd2a8 1737 [
1c14df9e 1738 AC_MSG_RESULT(yes)
e00da40d 1739 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
1c14df9e 1740 ],
1741 [
1742 AC_MSG_RESULT(yes)
1743 AC_DEFINE(HAVE_STRICT_MKSTEMP)
416fd2a8 1744 ]
1c14df9e 1745)
1746fi
1747
70791e56 1748dnl make sure that openpty does not reacquire controlling terminal
1749if test ! -z "$check_for_openpty_ctty_bug"; then
1750 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
e00da40d 1751 AC_RUN_IFELSE(
1752 [AC_LANG_SOURCE([[
70791e56 1753#include <stdio.h>
1754#include <sys/fcntl.h>
1755#include <sys/types.h>
1756#include <sys/wait.h>
1757
1758int
1759main()
1760{
1761 pid_t pid;
1762 int fd, ptyfd, ttyfd, status;
1763
1764 pid = fork();
1765 if (pid < 0) { /* failed */
1766 exit(1);
1767 } else if (pid > 0) { /* parent */
1768 waitpid(pid, &status, 0);
416fd2a8 1769 if (WIFEXITED(status))
70791e56 1770 exit(WEXITSTATUS(status));
1771 else
1772 exit(2);
1773 } else { /* child */
1774 close(0); close(1); close(2);
1775 setsid();
1776 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1777 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1778 if (fd >= 0)
1779 exit(3); /* Acquired ctty: broken */
1780 else
1781 exit(0); /* Did not acquire ctty: OK */
1782 }
1783}
e00da40d 1784 ]])],
70791e56 1785 [
1786 AC_MSG_RESULT(yes)
1787 ],
1788 [
1789 AC_MSG_RESULT(no)
1790 AC_DEFINE(SSHD_ACQUIRES_CTTY)
e00da40d 1791 ],
1792 [
1793 AC_MSG_RESULT(cross-compiling, assuming yes)
70791e56 1794 ]
1795 )
1796fi
1797
34fee935 1798if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1799 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2a304a95 1800 AC_MSG_CHECKING(if getaddrinfo seems to work)
e00da40d 1801 AC_RUN_IFELSE(
1802 [AC_LANG_SOURCE([[
2a304a95 1803#include <stdio.h>
1804#include <sys/socket.h>
1805#include <netdb.h>
1806#include <errno.h>
1807#include <netinet/in.h>
1808
1809#define TEST_PORT "2222"
1810
1811int
1812main(void)
1813{
1814 int err, sock;
1815 struct addrinfo *gai_ai, *ai, hints;
1816 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1817
1818 memset(&hints, 0, sizeof(hints));
1819 hints.ai_family = PF_UNSPEC;
1820 hints.ai_socktype = SOCK_STREAM;
1821 hints.ai_flags = AI_PASSIVE;
1822
1823 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1824 if (err != 0) {
1825 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1826 exit(1);
1827 }
1828
1829 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1830 if (ai->ai_family != AF_INET6)
1831 continue;
1832
1833 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1834 sizeof(ntop), strport, sizeof(strport),
1835 NI_NUMERICHOST|NI_NUMERICSERV);
1836
1837 if (err != 0) {
1838 if (err == EAI_SYSTEM)
1839 perror("getnameinfo EAI_SYSTEM");
1840 else
1841 fprintf(stderr, "getnameinfo failed: %s\n",
1842 gai_strerror(err));
1843 exit(2);
1844 }
1845
1846 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1847 if (sock < 0)
1848 perror("socket");
1849 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1850 if (errno == EBADF)
1851 exit(3);
1852 }
1853 }
1854 exit(0);
1855}
e00da40d 1856 ]])],
2a304a95 1857 [
1858 AC_MSG_RESULT(yes)
1859 ],
1860 [
1861 AC_MSG_RESULT(no)
1862 AC_DEFINE(BROKEN_GETADDRINFO)
e00da40d 1863 ],
1864 [
1865 AC_MSG_RESULT(cross-compiling, assuming yes)
2a304a95 1866 ]
1867 )
1868fi
1869
34fee935 1870if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1871 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
1872 AC_MSG_CHECKING(if getaddrinfo seems to work)
e00da40d 1873 AC_RUN_IFELSE(
1874 [AC_LANG_SOURCE([[
34fee935 1875#include <stdio.h>
1876#include <sys/socket.h>
1877#include <netdb.h>
1878#include <errno.h>
1879#include <netinet/in.h>
1880
1881#define TEST_PORT "2222"
1882
1883int
1884main(void)
1885{
1886 int err, sock;
1887 struct addrinfo *gai_ai, *ai, hints;
1888 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1889
1890 memset(&hints, 0, sizeof(hints));
1891 hints.ai_family = PF_UNSPEC;
1892 hints.ai_socktype = SOCK_STREAM;
1893 hints.ai_flags = AI_PASSIVE;
1894
1895 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1896 if (err != 0) {
1897 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1898 exit(1);
1899 }
1900
1901 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1902 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1903 continue;
1904
1905 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1906 sizeof(ntop), strport, sizeof(strport),
1907 NI_NUMERICHOST|NI_NUMERICSERV);
1908
1909 if (ai->ai_family == AF_INET && err != 0) {
1910 perror("getnameinfo");
1911 exit(2);
1912 }
1913 }
1914 exit(0);
1915}
e00da40d 1916 ]])],
34fee935 1917 [
1918 AC_MSG_RESULT(yes)
e00da40d 1919 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1920 [Define if you have a getaddrinfo that fails
1921 for the all-zeros IPv6 address])
34fee935 1922 ],
1923 [
1924 AC_MSG_RESULT(no)
1925 AC_DEFINE(BROKEN_GETADDRINFO)
e00da40d 1926 ],
2e437378 1927 [
e00da40d 1928 AC_MSG_RESULT(cross-compiling, assuming no)
34fee935 1929 ]
1930 )
1931fi
1932
1933if test "x$check_for_conflicting_getspnam" = "x1"; then
1934 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1935 AC_COMPILE_IFELSE(
1936 [
1937#include <shadow.h>
1938int main(void) {exit(0);}
1939 ],
1940 [
1941 AC_MSG_RESULT(no)
1942 ],
1943 [
1944 AC_MSG_RESULT(yes)
1945 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1946 [Conflicting defs for getspnam])
1947 ]
1948 )
1949fi
1950
3c0ef626 1951AC_FUNC_GETPGRP
1952
2980ea68 1953# Search for OpenSSL
1954saved_CPPFLAGS="$CPPFLAGS"
1955saved_LDFLAGS="$LDFLAGS"
3c0ef626 1956AC_ARG_WITH(ssl-dir,
1957 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1958 [
1959 if test "x$withval" != "xno" ; then
34fee935 1960 case "$withval" in
1961 # Relative paths
1962 ./*|../*) withval="`pwd`/$withval"
1963 esac
2980ea68 1964 if test -d "$withval/lib"; then
1965 if test -n "${need_dash_r}"; then
1966 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1967 else
1968 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1969 fi
1970 else
2980ea68 1971 if test -n "${need_dash_r}"; then
1972 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1973 else
1974 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1975 fi
1976 fi
2980ea68 1977 if test -d "$withval/include"; then
1978 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1979 else
2980ea68 1980 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1981 fi
1982 fi
2980ea68 1983 ]
1984)
3c0ef626 1985
88928908 1986if test -z "$GSI_LIBS" ; then
416fd2a8 1987LIBS="-lcrypto $LIBS"
88928908 1988fi
e00da40d 1989AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1990 [Define if your ssl headers are included
1991 with #include <openssl/header.h>]),
3c0ef626 1992 [
2980ea68 1993 dnl Check default openssl install dir
1994 if test -n "${need_dash_r}"; then
1995 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1996 else
2980ea68 1997 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1998 fi
2980ea68 1999 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
2000 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
2001 [
2002 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
2003 ]
2004 )
2005 ]
2006)
2007
e54b3d7c 2008# Determine OpenSSL header version
2009AC_MSG_CHECKING([OpenSSL header version])
34fee935 2010AC_RUN_IFELSE(
2011 [AC_LANG_SOURCE([[
e54b3d7c 2012#include <stdio.h>
2013#include <string.h>
2014#include <openssl/opensslv.h>
2015#define DATA "conftest.sslincver"
2016int main(void) {
416fd2a8 2017 FILE *fd;
2018 int rc;
e54b3d7c 2019
416fd2a8 2020 fd = fopen(DATA,"w");
2021 if(fd == NULL)
2022 exit(1);
e54b3d7c 2023
2024 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
2025 exit(1);
2026
2027 exit(0);
2028}
34fee935 2029 ]])],
e54b3d7c 2030 [
2031 ssl_header_ver=`cat conftest.sslincver`
2032 AC_MSG_RESULT($ssl_header_ver)
2033 ],
2034 [
2035 AC_MSG_RESULT(not found)
2036 AC_MSG_ERROR(OpenSSL version header not found.)
34fee935 2037 ],
2038 [
2039 AC_MSG_WARN([cross compiling: not checking])
e54b3d7c 2040 ]
2041)
2042
2043# Determine OpenSSL library version
2044AC_MSG_CHECKING([OpenSSL library version])
34fee935 2045AC_RUN_IFELSE(
2046 [AC_LANG_SOURCE([[
e54b3d7c 2047#include <stdio.h>
2048#include <string.h>
2049#include <openssl/opensslv.h>
2050#include <openssl/crypto.h>
2051#define DATA "conftest.ssllibver"
2052int main(void) {
416fd2a8 2053 FILE *fd;
2054 int rc;
e54b3d7c 2055
416fd2a8 2056 fd = fopen(DATA,"w");
2057 if(fd == NULL)
2058 exit(1);
e54b3d7c 2059
2060 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2061 exit(1);
2062
2063 exit(0);
2064}
34fee935 2065 ]])],
e54b3d7c 2066 [
2067 ssl_library_ver=`cat conftest.ssllibver`
2068 AC_MSG_RESULT($ssl_library_ver)
2069 ],
2070 [
2071 AC_MSG_RESULT(not found)
2072 AC_MSG_ERROR(OpenSSL library not found.)
34fee935 2073 ],
2074 [
2075 AC_MSG_WARN([cross compiling: not checking])
e54b3d7c 2076 ]
2077)
3c0ef626 2078
2278ffa1 2079AC_ARG_WITH(openssl-header-check,
2080 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2081 [ if test "x$withval" = "xno" ; then
2082 openssl_check_nonfatal=1
2083 fi
2084 ]
2085)
2086
e9a17296 2087# Sanity check OpenSSL headers
2088AC_MSG_CHECKING([whether OpenSSL's headers match the library])
34fee935 2089AC_RUN_IFELSE(
2090 [AC_LANG_SOURCE([[
e9a17296 2091#include <string.h>
2092#include <openssl/opensslv.h>
e54b3d7c 2093int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
34fee935 2094 ]])],
e9a17296 2095 [
2096 AC_MSG_RESULT(yes)
2097 ],
2098 [
2099 AC_MSG_RESULT(no)
2278ffa1 2100 if test "x$openssl_check_nonfatal" = "x"; then
2101 AC_MSG_ERROR([Your OpenSSL headers do not match your
2102library. Check config.log for details.
2103If you are sure your installation is consistent, you can disable the check
2104by running "./configure --without-openssl-header-check".
2105Also see contrib/findssl.sh for help identifying header/library mismatches.
2106])
2107 else
2108 AC_MSG_WARN([Your OpenSSL headers do not match your
2109library. Check config.log for details.
70791e56 2110Also see contrib/findssl.sh for help identifying header/library mismatches.])
2278ffa1 2111 fi
34fee935 2112 ],
2113 [
2114 AC_MSG_WARN([cross compiling: not checking])
e9a17296 2115 ]
2116)
2117
2e437378 2118AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2119AC_LINK_IFELSE(
2120 [AC_LANG_SOURCE([[
2121#include <openssl/evp.h>
2122int main(void) { SSLeay_add_all_algorithms(); }
2123 ]])],
2124 [
2125 AC_MSG_RESULT(yes)
2126 ],
2127 [
2128 AC_MSG_RESULT(no)
2129 saved_LIBS="$LIBS"
2130 LIBS="$LIBS -ldl"
2131 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2132 AC_LINK_IFELSE(
2133 [AC_LANG_SOURCE([[
2134#include <openssl/evp.h>
2135int main(void) { SSLeay_add_all_algorithms(); }
2136 ]])],
2137 [
2138 AC_MSG_RESULT(yes)
2139 ],
2140 [
2141 AC_MSG_RESULT(no)
2142 LIBS="$saved_LIBS"
2143 ]
2144 )
2145 ]
2146)
2147
2148AC_ARG_WITH(ssl-engine,
2149 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2150 [ if test "x$withval" != "xno" ; then
2151 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2152 AC_TRY_COMPILE(
2153 [ #include <openssl/engine.h>],
2154 [
2155ENGINE_load_builtin_engines();ENGINE_register_all_complete();
2156 ],
2157 [ AC_MSG_RESULT(yes)
2158 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2159 [Enable OpenSSL engine support])
2160 ],
2161 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2162 )
2163 fi ]
2164)
2165
e00da40d 2166# Check for OpenSSL without EVP_aes_{192,256}_cbc
2167AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
2e437378 2168AC_LINK_IFELSE(
e00da40d 2169 [AC_LANG_SOURCE([[
2170#include <string.h>
2171#include <openssl/evp.h>
2172int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
2173 ]])],
2174 [
2175 AC_MSG_RESULT(no)
2176 ],
2177 [
2178 AC_MSG_RESULT(yes)
2179 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2180 [libcrypto is missing AES 192 and 256 bit functions])
2181 ]
2182)
2183
416fd2a8 2184# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2185# because the system crypt() is more featureful.
2186if test "x$check_for_libcrypt_before" = "x1"; then
2187 AC_CHECK_LIB(crypt, crypt)
2188fi
2189
2190# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2191# version in OpenSSL.
70791e56 2192if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2193 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2194fi
2195
2e437378 2196# Search for SHA256 support in libc and/or OpenSSL
2197AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2198
25d429a2 2199saved_LIBS="$LIBS"
2200AC_CHECK_LIB(iaf, ia_openinfo, [
2201 LIBS="$LIBS -liaf"
2202 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
2203])
2204LIBS="$saved_LIBS"
e9a17296 2205
2206### Configure cryptographic random number support
2207
2208# Check wheter OpenSSL seeds itself
2209AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
34fee935 2210AC_RUN_IFELSE(
2211 [AC_LANG_SOURCE([[
e9a17296 2212#include <string.h>
2213#include <openssl/rand.h>
e54b3d7c 2214int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
34fee935 2215 ]])],
e9a17296 2216 [
2217 OPENSSL_SEEDS_ITSELF=yes
2218 AC_MSG_RESULT(yes)
2219 ],
2220 [
2221 AC_MSG_RESULT(no)
2222 # Default to use of the rand helper if OpenSSL doesn't
2223 # seed itself
2224 USE_RAND_HELPER=yes
34fee935 2225 ],
2226 [
2227 AC_MSG_WARN([cross compiling: assuming yes])
2228 # This is safe, since all recent OpenSSL versions will
2229 # complain at runtime if not seeded correctly.
2230 OPENSSL_SEEDS_ITSELF=yes
e9a17296 2231 ]
2232)
2233
2e437378 2234# Check for PAM libs
2235PAM_MSG="no"
2236AC_ARG_WITH(pam,
2237 [ --with-pam Enable PAM support ],
2238 [
2239 if test "x$withval" != "xno" ; then
2240 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2241 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2242 AC_MSG_ERROR([PAM headers not found])
2243 fi
2244
2245 saved_LIBS="$LIBS"
2246 AC_CHECK_LIB(dl, dlopen, , )
2247 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2248 AC_CHECK_FUNCS(pam_getenvlist)
2249 AC_CHECK_FUNCS(pam_putenv)
2250 LIBS="$saved_LIBS"
2251
2252 PAM_MSG="yes"
2253
25d429a2 2254 SSHDLIBS="$SSHDLIBS -lpam"
2e437378 2255 AC_DEFINE(USE_PAM, 1,
2256 [Define if you want to enable PAM support])
2257
2258 if test $ac_cv_lib_dl_dlopen = yes; then
2259 case "$LIBS" in
2260 *-ldl*)
2261 # libdl already in LIBS
2262 ;;
2263 *)
25d429a2 2264 SSHDLIBS="$SSHDLIBS -ldl"
2e437378 2265 ;;
2266 esac
2267 fi
2e437378 2268 fi
2269 ],
2270 [
2271 saved_LIBS="$LIBS"
2272 AC_CHECK_LIB(dl, dlopen, , )
2273 AC_CHECK_LIB(pam, pam_set_item, , )
2274 AC_CHECK_FUNCS(pam_getenvlist)
2275 AC_CHECK_FUNCS(pam_putenv)
2276 LIBS="$saved_LIBS"
2277
2278 if (test "x$ac_cv_header_security_pam_appl_h" = "xyes" || \
2279 test "x$ac_cv_header_pam_pam_appl_h" = "xyes") &&
2280 test "x$ac_cv_lib_pam_pam_set_item" = "xyes" ; then
2281
2282 PAM_MSG="yes"
2283
2284 LIBPAM="-lpam"
2285
2286 if test $ac_cv_lib_dl_dlopen = yes; then
2287 case "$LIBS" in
2288 *-ldl*)
2289 # libdl already in LIBS
2290 ;;
2291 *)
2292 LIBPAM="$LIBPAM -ldl"
2293 ;;
2294 esac
2295 fi
2296 AC_SUBST(LIBPAM)
2297 fi
2298 ]
2299)
2300
2301# Check for older PAM
2302if test "x$PAM_MSG" = "xyes" ; then
2303 # Check PAM strerror arguments (old PAM)
2304 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2305 AC_TRY_COMPILE(
2306 [
2307#include <stdlib.h>
2308#if defined(HAVE_SECURITY_PAM_APPL_H)
2309#include <security/pam_appl.h>
2310#elif defined (HAVE_PAM_PAM_APPL_H)
2311#include <pam/pam_appl.h>
2312#endif
2313 ],
2314 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2315 [AC_MSG_RESULT(no)],
2316 [
2317 AC_DEFINE(HAVE_OLD_PAM, 1,
2318 [Define if you have an old version of PAM
2319 which takes only one argument to pam_strerror])
2320 AC_MSG_RESULT(yes)
2321 PAM_MSG="yes (old library)"
2322 ]
2323 )
2324fi
e9a17296 2325
2326# Do we want to force the use of the rand helper?
2327AC_ARG_WITH(rand-helper,
2328 [ --with-rand-helper Use subprocess to gather strong randomness ],
2329 [
2330 if test "x$withval" = "xno" ; then
416fd2a8 2331 # Force use of OpenSSL's internal RNG, even if
e9a17296 2332 # the previous test showed it to be unseeded.
2333 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2334 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2335 OPENSSL_SEEDS_ITSELF=yes
2336 USE_RAND_HELPER=""
2337 fi
2338 else
2339 USE_RAND_HELPER=yes
2340 fi
2341 ],
34fee935 2342)
e9a17296 2343
2344# Which randomness source do we use?
34fee935 2345if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 2346 # OpenSSL only
e00da40d 2347 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2348 [Define if you want OpenSSL's internally seeded PRNG only])
e9a17296 2349 RAND_MSG="OpenSSL internal ONLY"
2350 INSTALL_SSH_RAND_HELPER=""
2351elif test ! -z "$USE_RAND_HELPER" ; then
2352 # install rand helper
2353 RAND_MSG="ssh-rand-helper"
2354 INSTALL_SSH_RAND_HELPER="yes"
2355fi
2356AC_SUBST(INSTALL_SSH_RAND_HELPER)
2357
2358### Configuration of ssh-rand-helper
2359
2360# PRNGD TCP socket
2361AC_ARG_WITH(prngd-port,
2362 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2363 [
2364 case "$withval" in
2365 no)
2366 withval=""
2367 ;;
2368 [[0-9]]*)
2369 ;;
2370 *)
2371 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2372 ;;
2373 esac
2374 if test ! -z "$withval" ; then
2375 PRNGD_PORT="$withval"
e00da40d 2376 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2377 [Port number of PRNGD/EGD random number socket])
e9a17296 2378 fi
2379 ]
2380)
2381
2382# PRNGD Unix domain socket
2383AC_ARG_WITH(prngd-socket,
2384 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2385 [
2386 case "$withval" in
2387 yes)
2388 withval="/var/run/egd-pool"
2389 ;;
2390 no)
2391 withval=""
2392 ;;
2393 /*)
2394 ;;
2395 *)
2396 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2397 ;;
2398 esac
2399
2400 if test ! -z "$withval" ; then
2401 if test ! -z "$PRNGD_PORT" ; then
2402 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2403 fi
2404 if test ! -r "$withval" ; then
2405 AC_MSG_WARN(Entropy socket is not readable)
2406 fi
2407 PRNGD_SOCKET="$withval"
e00da40d 2408 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2409 [Location of PRNGD/EGD random number socket])
e9a17296 2410 fi
2411 ],
2412 [
2413 # Check for existing socket only if we don't have a random device already
2414 if test "$USE_RAND_HELPER" = yes ; then
2415 AC_MSG_CHECKING(for PRNGD/EGD socket)
2416 # Insert other locations here
2417 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2418 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2419 PRNGD_SOCKET="$sock"
2420 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2421 break;
2422 fi
2423 done
2424 if test ! -z "$PRNGD_SOCKET" ; then
2425 AC_MSG_RESULT($PRNGD_SOCKET)
2426 else
2427 AC_MSG_RESULT(not found)
2428 fi
2429 fi
2430 ]
2431)
2432
2433# Change default command timeout for hashing entropy source
2434entropy_timeout=200
2435AC_ARG_WITH(entropy-timeout,
2436 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2437 [
34fee935 2438 if test -n "$withval" && test "x$withval" != "xno" && \
2439 test "x${withval}" != "xyes"; then
e9a17296 2440 entropy_timeout=$withval
2441 fi
34fee935 2442 ]
e9a17296 2443)
e00da40d 2444AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2445 [Builtin PRNG command timeout])
e9a17296 2446
ff2d7a98 2447SSH_PRIVSEP_USER=sshd
2980ea68 2448AC_ARG_WITH(privsep-user,
2449 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2450 [
34fee935 2451 if test -n "$withval" && test "x$withval" != "xno" && \
2452 test "x${withval}" != "xyes"; then
ff2d7a98 2453 SSH_PRIVSEP_USER=$withval
2980ea68 2454 fi
34fee935 2455 ]
2980ea68 2456)
e00da40d 2457AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2458 [non-privileged user for privilege separation])
ff2d7a98 2459AC_SUBST(SSH_PRIVSEP_USER)
2980ea68 2460
2461# We do this little dance with the search path to insure
2462# that programs that we select for use by installed programs
2463# (which may be run by the super-user) come from trusted
2464# locations before they come from the user's private area.
2465# This should help avoid accidentally configuring some
2466# random version of a program in someone's personal bin.
2467
2468OPATH=$PATH
2469PATH=/bin:/usr/bin
2470test -h /bin 2> /dev/null && PATH=/usr/bin
2471test -d /sbin && PATH=$PATH:/sbin
2472test -d /usr/sbin && PATH=$PATH:/usr/sbin
2473PATH=$PATH:/etc:$OPATH
2474
416fd2a8 2475# These programs are used by the command hashing source to gather entropy
e9a17296 2476OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2477OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2478OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2479OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2480OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2481OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2482OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2483OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2484OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2485OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2486OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2487OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2488OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2489OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2490OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2491OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
2980ea68 2492# restore PATH
2493PATH=$OPATH
e9a17296 2494
2495# Where does ssh-rand-helper get its randomness from?
2496INSTALL_SSH_PRNG_CMDS=""
2497if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2498 if test ! -z "$PRNGD_PORT" ; then
2499 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2500 elif test ! -z "$PRNGD_SOCKET" ; then
2501 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2502 else
2503 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2504 RAND_HELPER_CMDHASH=yes
2505 INSTALL_SSH_PRNG_CMDS="yes"
2506 fi
2507fi
2508AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2509
2510
3c0ef626 2511# Cheap hack to ensure NEWS-OS libraries are arranged right.
2512if test ! -z "$SONY" ; then
2513 LIBS="$LIBS -liberty";
2514fi
2515
e00da40d 2516# Check for long long datatypes
2517AC_CHECK_TYPES([long long, unsigned long long, long double])
2518
2519# Check datatype sizes
3c0ef626 2520AC_CHECK_SIZEOF(char, 1)
2521AC_CHECK_SIZEOF(short int, 2)
2522AC_CHECK_SIZEOF(int, 4)
2523AC_CHECK_SIZEOF(long int, 4)
2524AC_CHECK_SIZEOF(long long int, 8)
2525
2980ea68 2526# Sanity check long long for some platforms (AIX)
2527if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2528 ac_cv_sizeof_long_long_int=0
2529fi
2530
e00da40d 2531# compute LLONG_MIN and LLONG_MAX if we don't know them.
2532if test -z "$have_llong_max"; then
2533 AC_MSG_CHECKING([for max value of long long])
2534 AC_RUN_IFELSE(
2535 [AC_LANG_SOURCE([[
2536#include <stdio.h>
2537/* Why is this so damn hard? */
2538#ifdef __GNUC__
2539# undef __GNUC__
2540#endif
2541#define __USE_ISOC99
2542#include <limits.h>
2543#define DATA "conftest.llminmax"
2e437378 2544#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2545
2546/*
2547 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2548 * we do this the hard way.
2549 */
2550static int
2551fprint_ll(FILE *f, long long n)
2552{
2553 unsigned int i;
2554 int l[sizeof(long long) * 8];
2555
2556 if (n < 0)
2557 if (fprintf(f, "-") < 0)
2558 return -1;
2559 for (i = 0; n != 0; i++) {
2560 l[i] = my_abs(n % 10);
2561 n /= 10;
2562 }
2563 do {
2564 if (fprintf(f, "%d", l[--i]) < 0)
2565 return -1;
2566 } while (i != 0);
2567 if (fprintf(f, " ") < 0)
2568 return -1;
2569 return 0;
2570}
2571
e00da40d 2572int main(void) {
2573 FILE *f;
2574 long long i, llmin, llmax = 0;
2575
2576 if((f = fopen(DATA,"w")) == NULL)
2577 exit(1);
2578
2579#if defined(LLONG_MIN) && defined(LLONG_MAX)
2580 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2581 llmin = LLONG_MIN;
2582 llmax = LLONG_MAX;
2583#else
2584 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2585 /* This will work on one's complement and two's complement */
2586 for (i = 1; i > llmax; i <<= 1, i++)
2587 llmax = i;
2588 llmin = llmax + 1LL; /* wrap */
2589#endif
2590
2591 /* Sanity check */
2592 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
2e437378 2593 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2594 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
e00da40d 2595 fprintf(f, "unknown unknown\n");
2596 exit(2);
2597 }
2598
2e437378 2599 if (fprint_ll(f, llmin) < 0)
e00da40d 2600 exit(3);
2e437378 2601 if (fprint_ll(f, llmax) < 0)
2602 exit(4);
2603 if (fclose(f) < 0)
2604 exit(5);
e00da40d 2605 exit(0);
2606}
2607 ]])],
2608 [
2609 llong_min=`$AWK '{print $1}' conftest.llminmax`
2610 llong_max=`$AWK '{print $2}' conftest.llminmax`
2611
e00da40d 2612 AC_MSG_RESULT($llong_max)
2613 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2614 [max value of long long calculated by configure])
2615 AC_MSG_CHECKING([for min value of long long])
2616 AC_MSG_RESULT($llong_min)
2617 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2618 [min value of long long calculated by configure])
2619 ],
2620 [
2621 AC_MSG_RESULT(not found)
2622 ],
2623 [
2624 AC_MSG_WARN([cross compiling: not checking])
2625 ]
2626 )
2627fi
2628
2629
3c0ef626 2630# More checks for data types
2631AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2632 AC_TRY_COMPILE(
416fd2a8 2633 [ #include <sys/types.h> ],
2634 [ u_int a; a = 1;],
3c0ef626 2635 [ ac_cv_have_u_int="yes" ],
2636 [ ac_cv_have_u_int="no" ]
2637 )
2638])
2639if test "x$ac_cv_have_u_int" = "xyes" ; then
e00da40d 2640 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2641 have_u_int=1
2642fi
2643
2644AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2645 AC_TRY_COMPILE(
416fd2a8 2646 [ #include <sys/types.h> ],
2647 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2648 [ ac_cv_have_intxx_t="yes" ],
2649 [ ac_cv_have_intxx_t="no" ]
2650 )
2651])
2652if test "x$ac_cv_have_intxx_t" = "xyes" ; then
e00da40d 2653 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2654 have_intxx_t=1
2655fi
2656
2657if (test -z "$have_intxx_t" && \
416fd2a8 2658 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2659then
2660 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2661 AC_TRY_COMPILE(
416fd2a8 2662 [ #include <stdint.h> ],
2663 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2664 [
2665 AC_DEFINE(HAVE_INTXX_T)
2666 AC_MSG_RESULT(yes)
2667 ],
2668 [ AC_MSG_RESULT(no) ]
2669 )
2670fi
2671
2672AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2673 AC_TRY_COMPILE(
e54b3d7c 2674 [
2675#include <sys/types.h>
2676#ifdef HAVE_STDINT_H
2677# include <stdint.h>
2678#endif
2679#include <sys/socket.h>
2680#ifdef HAVE_SYS_BITYPES_H
2681# include <sys/bitypes.h>
2682#endif
416fd2a8 2683 ],
2684 [ int64_t a; a = 1;],
3c0ef626 2685 [ ac_cv_have_int64_t="yes" ],
2686 [ ac_cv_have_int64_t="no" ]
2687 )
2688])
2689if test "x$ac_cv_have_int64_t" = "xyes" ; then
e00da40d 2690 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9a17296 2691fi
2692
3c0ef626 2693AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2694 AC_TRY_COMPILE(
416fd2a8 2695 [ #include <sys/types.h> ],
2696 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2697 [ ac_cv_have_u_intxx_t="yes" ],
2698 [ ac_cv_have_u_intxx_t="no" ]
2699 )
2700])
2701if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
e00da40d 2702 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2703 have_u_intxx_t=1
2704fi
2705
2706if test -z "$have_u_intxx_t" ; then
2707 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2708 AC_TRY_COMPILE(
416fd2a8 2709 [ #include <sys/socket.h> ],
2710 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2711 [
2712 AC_DEFINE(HAVE_U_INTXX_T)
2713 AC_MSG_RESULT(yes)
2714 ],
2715 [ AC_MSG_RESULT(no) ]
2716 )
2717fi
2718
2719AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2720 AC_TRY_COMPILE(
416fd2a8 2721 [ #include <sys/types.h> ],
2722 [ u_int64_t a; a = 1;],
3c0ef626 2723 [ ac_cv_have_u_int64_t="yes" ],
2724 [ ac_cv_have_u_int64_t="no" ]
2725 )
2726])
2727if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
e00da40d 2728 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2729 have_u_int64_t=1
2730fi
2731
e9a17296 2732if test -z "$have_u_int64_t" ; then
2733 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2734 AC_TRY_COMPILE(
416fd2a8 2735 [ #include <sys/bitypes.h> ],
e9a17296 2736 [ u_int64_t a; a = 1],
2737 [
2738 AC_DEFINE(HAVE_U_INT64_T)
2739 AC_MSG_RESULT(yes)
2740 ],
2741 [ AC_MSG_RESULT(no) ]
2742 )
2743fi
2744
3c0ef626 2745if test -z "$have_u_intxx_t" ; then
2746 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2747 AC_TRY_COMPILE(
2748 [
2749#include <sys/types.h>
416fd2a8 2750 ],
2751 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2752 [ ac_cv_have_uintxx_t="yes" ],
2753 [ ac_cv_have_uintxx_t="no" ]
2754 )
2755 ])
2756 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
e00da40d 2757 AC_DEFINE(HAVE_UINTXX_T, 1,
2758 [define if you have uintxx_t data type])
3c0ef626 2759 fi
2760fi
2761
2762if test -z "$have_uintxx_t" ; then
2763 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2764 AC_TRY_COMPILE(
416fd2a8 2765 [ #include <stdint.h> ],
2766 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2767 [
2768 AC_DEFINE(HAVE_UINTXX_T)
2769 AC_MSG_RESULT(yes)
2770 ],
2771 [ AC_MSG_RESULT(no) ]
2772 )
2773fi
2774
2775if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
416fd2a8 2776 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2777then
2778 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2779 AC_TRY_COMPILE(
2780 [
2781#include <sys/bitypes.h>
416fd2a8 2782 ],
3c0ef626 2783 [
2784 int8_t a; int16_t b; int32_t c;
2785 u_int8_t e; u_int16_t f; u_int32_t g;
2786 a = b = c = e = f = g = 1;
416fd2a8 2787 ],
3c0ef626 2788 [
2789 AC_DEFINE(HAVE_U_INTXX_T)
2790 AC_DEFINE(HAVE_INTXX_T)
2791 AC_MSG_RESULT(yes)
2792 ],
2793 [AC_MSG_RESULT(no)]
416fd2a8 2794 )
3c0ef626 2795fi
2796
2797
2798AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2799 AC_TRY_COMPILE(
2800 [
2801#include <sys/types.h>
2802 ],
2803 [ u_char foo; foo = 125; ],
2804 [ ac_cv_have_u_char="yes" ],
2805 [ ac_cv_have_u_char="no" ]
2806 )
2807])
2808if test "x$ac_cv_have_u_char" = "xyes" ; then
e00da40d 2809 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2810fi
2811
2812TYPE_SOCKLEN_T
2813
e9a17296 2814AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2815
34fee935 2816AC_CHECK_TYPES(in_addr_t,,,
2817[#include <sys/types.h>
2818#include <netinet/in.h>])
2819
3c0ef626 2820AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2821 AC_TRY_COMPILE(
2822 [
2823#include <sys/types.h>
2824 ],
2825 [ size_t foo; foo = 1235; ],
2826 [ ac_cv_have_size_t="yes" ],
2827 [ ac_cv_have_size_t="no" ]
2828 )
2829])
2830if test "x$ac_cv_have_size_t" = "xyes" ; then
e00da40d 2831 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2832fi
2833
2834AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2835 AC_TRY_COMPILE(
2836 [
2837#include <sys/types.h>
2838 ],
2839 [ ssize_t foo; foo = 1235; ],
2840 [ ac_cv_have_ssize_t="yes" ],
2841 [ ac_cv_have_ssize_t="no" ]
2842 )
2843])
2844if test "x$ac_cv_have_ssize_t" = "xyes" ; then
e00da40d 2845 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2846fi
2847
2848AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2849 AC_TRY_COMPILE(
2850 [
2851#include <time.h>
2852 ],
2853 [ clock_t foo; foo = 1235; ],
2854 [ ac_cv_have_clock_t="yes" ],
2855 [ ac_cv_have_clock_t="no" ]
2856 )
2857])
2858if test "x$ac_cv_have_clock_t" = "xyes" ; then
e00da40d 2859 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2860fi
2861
2862AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2863 AC_TRY_COMPILE(
2864 [
2865#include <sys/types.h>
2866#include <sys/socket.h>
2867 ],
2868 [ sa_family_t foo; foo = 1235; ],
2869 [ ac_cv_have_sa_family_t="yes" ],
2870 [ AC_TRY_COMPILE(
2871 [
2872#include <sys/types.h>
2873#include <sys/socket.h>
2874#include <netinet/in.h>
2875 ],
2876 [ sa_family_t foo; foo = 1235; ],
2877 [ ac_cv_have_sa_family_t="yes" ],
2878
2879 [ ac_cv_have_sa_family_t="no" ]
2880 )]
2881 )
2882])
2883if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
e00da40d 2884 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2885 [define if you have sa_family_t data type])
3c0ef626 2886fi
2887
2888AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2889 AC_TRY_COMPILE(
2890 [
2891#include <sys/types.h>
2892 ],
2893 [ pid_t foo; foo = 1235; ],
2894 [ ac_cv_have_pid_t="yes" ],
2895 [ ac_cv_have_pid_t="no" ]
2896 )
2897])
2898if test "x$ac_cv_have_pid_t" = "xyes" ; then
e00da40d 2899 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2900fi
2901
2902AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2903 AC_TRY_COMPILE(
2904 [
2905#include <sys/types.h>
2906 ],
2907 [ mode_t foo; foo = 1235; ],
2908 [ ac_cv_have_mode_t="yes" ],
2909 [ ac_cv_have_mode_t="no" ]
2910 )
2911])
2912if test "x$ac_cv_have_mode_t" = "xyes" ; then
e00da40d 2913 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2914fi
2915
2916
2917AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2918 AC_TRY_COMPILE(
2919 [
2920#include <sys/types.h>
2921#include <sys/socket.h>
2922 ],
2923 [ struct sockaddr_storage s; ],
2924 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2925 [ ac_cv_have_struct_sockaddr_storage="no" ]
2926 )
2927])
2928if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
e00da40d 2929 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2930 [define if you have struct sockaddr_storage data type])
3c0ef626 2931fi
2932
2933AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2934 AC_TRY_COMPILE(
2935 [
2936#include <sys/types.h>
2937#include <netinet/in.h>
2938 ],
2939 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2940 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2941 [ ac_cv_have_struct_sockaddr_in6="no" ]
2942 )
2943])
2944if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
e00da40d 2945 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2946 [define if you have struct sockaddr_in6 data type])
3c0ef626 2947fi
2948
2949AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2950 AC_TRY_COMPILE(
2951 [
2952#include <sys/types.h>
2953#include <netinet/in.h>
2954 ],
2955 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2956 [ ac_cv_have_struct_in6_addr="yes" ],
2957 [ ac_cv_have_struct_in6_addr="no" ]
2958 )
2959])
2960if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
e00da40d 2961 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2962 [define if you have struct in6_addr data type])
3c0ef626 2963fi
2964
2965AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2966 AC_TRY_COMPILE(
2967 [
2968#include <sys/types.h>
2969#include <sys/socket.h>
2970#include <netdb.h>
2971 ],
2972 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2973 [ ac_cv_have_struct_addrinfo="yes" ],
2974 [ ac_cv_have_struct_addrinfo="no" ]
2975 )
2976])
2977if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
e00da40d 2978 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2979 [define if you have struct addrinfo data type])
3c0ef626 2980fi
2981
2982AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2983 AC_TRY_COMPILE(
416fd2a8 2984 [ #include <sys/time.h> ],
2985 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2986 [ ac_cv_have_struct_timeval="yes" ],
2987 [ ac_cv_have_struct_timeval="no" ]
2988 )
2989])
2990if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
e00da40d 2991 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2992 have_struct_timeval=1
2993fi
2994
1c14df9e 2995AC_CHECK_TYPES(struct timespec)
2996
2997# We need int64_t or else certian parts of the compile will fail.
34fee935 2998if test "x$ac_cv_have_int64_t" = "xno" && \
2999 test "x$ac_cv_sizeof_long_int" != "x8" && \
3000 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
1c14df9e 3001 echo "OpenSSH requires int64_t support. Contact your vendor or install"
3002 echo "an alternative compiler (I.E., GCC) before continuing."
3003 echo ""
3004 exit 1;
3c0ef626 3005else
3006dnl test snprintf (broken on SCO w/gcc)
34fee935 3007 AC_RUN_IFELSE(
3008 [AC_LANG_SOURCE([[
3c0ef626 3009#include <stdio.h>
3010#include <string.h>
3011#ifdef HAVE_SNPRINTF
3012main()
3013{
3014 char buf[50];
3015 char expected_out[50];
3016 int mazsize = 50 ;
3017#if (SIZEOF_LONG_INT == 8)
3018 long int num = 0x7fffffffffffffff;
3019#else
3020 long long num = 0x7fffffffffffffffll;
3021#endif
3022 strcpy(expected_out, "9223372036854775807");
3023 snprintf(buf, mazsize, "%lld", num);
3024 if(strcmp(buf, expected_out) != 0)
416fd2a8 3025 exit(1);
3c0ef626 3026 exit(0);
3027}
3028#else
3029main() { exit(0); }
3030#endif
34fee935 3031 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
3032 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 3033 )
3034fi
3c0ef626 3035
3036dnl Checks for structure members
3037OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
3038OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
3039OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
3040OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
3041OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
3042OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
3043OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
3044OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
3045OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
3046OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
3047OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
3048OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
3049OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
3050OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
3051OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
3052OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
3053OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
3054
3055AC_CHECK_MEMBERS([struct stat.st_blksize])
e00da40d 3056AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
3057 [Define if we don't have struct __res_state in resolv.h])],
3058[
3059#include <stdio.h>
3060#if HAVE_SYS_TYPES_H
3061# include <sys/types.h>
3062#endif
3063#include <netinet/in.h>
3064#include <arpa/nameser.h>
3065#include <resolv.h>
3066])
3c0ef626 3067
3068AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
3069 ac_cv_have_ss_family_in_struct_ss, [
3070 AC_TRY_COMPILE(
3071 [
3072#include <sys/types.h>
3073#include <sys/socket.h>
3074 ],
3075 [ struct sockaddr_storage s; s.ss_family = 1; ],
3076 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
3077 [ ac_cv_have_ss_family_in_struct_ss="no" ],
3078 )
3079])
3080if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
e00da40d 3081 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 3082fi
3083
3084AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
3085 ac_cv_have___ss_family_in_struct_ss, [
3086 AC_TRY_COMPILE(
3087 [
3088#include <sys/types.h>
3089#include <sys/socket.h>
3090 ],
3091 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3092 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3093 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3094 )
3095])
3096if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
e00da40d 3097 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3098 [Fields in struct sockaddr_storage])
3c0ef626 3099fi
3100
3101AC_CACHE_CHECK([for pw_class field in struct passwd],
3102 ac_cv_have_pw_class_in_struct_passwd, [
3103 AC_TRY_COMPILE(
3104 [
3105#include <pwd.h>
3106 ],
3107 [ struct passwd p; p.pw_class = 0; ],
3108 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3109 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3110 )
3111])
3112if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
e00da40d 3113 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3114 [Define if your password has a pw_class field])
3c0ef626 3115fi
3116
3117AC_CACHE_CHECK([for pw_expire field in struct passwd],
3118 ac_cv_have_pw_expire_in_struct_passwd, [
3119 AC_TRY_COMPILE(
3120 [
3121#include <pwd.h>
3122 ],
3123 [ struct passwd p; p.pw_expire = 0; ],
3124 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3125 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3126 )
3127])
3128if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
e00da40d 3129 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3130 [Define if your password has a pw_expire field])
3c0ef626 3131fi
3132
3133AC_CACHE_CHECK([for pw_change field in struct passwd],
3134 ac_cv_have_pw_change_in_struct_passwd, [
3135 AC_TRY_COMPILE(
3136 [
3137#include <pwd.h>
3138 ],
3139 [ struct passwd p; p.pw_change = 0; ],
3140 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3141 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3142 )
3143])
3144if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
e00da40d 3145 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3146 [Define if your password has a pw_change field])
3c0ef626 3147fi
3148
078f71c2 3149dnl make sure we're using the real structure members and not defines
2980ea68 3150AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3151 ac_cv_have_accrights_in_msghdr, [
34fee935 3152 AC_COMPILE_IFELSE(
2980ea68 3153 [
3154#include <sys/types.h>
3155#include <sys/socket.h>
3156#include <sys/uio.h>
078f71c2 3157int main() {
3158#ifdef msg_accrights
34fee935 3159#error "msg_accrights is a macro"
078f71c2 3160exit(1);
3161#endif
3162struct msghdr m;
3163m.msg_accrights = 0;
3164exit(0);
3165}
2980ea68 3166 ],
2980ea68 3167 [ ac_cv_have_accrights_in_msghdr="yes" ],
3168 [ ac_cv_have_accrights_in_msghdr="no" ]
3169 )
3170])
3171if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
e00da40d 3172 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3173 [Define if your system uses access rights style
3174 file descriptor passing])
2980ea68 3175fi
3176
3177AC_CACHE_CHECK([for msg_control field in struct msghdr],
3178 ac_cv_have_control_in_msghdr, [
34fee935 3179 AC_COMPILE_IFELSE(
2980ea68 3180 [
3181#include <sys/types.h>
3182#include <sys/socket.h>
3183#include <sys/uio.h>
078f71c2 3184int main() {
3185#ifdef msg_control
34fee935 3186#error "msg_control is a macro"
078f71c2 3187exit(1);
3188#endif
3189struct msghdr m;
3190m.msg_control = 0;
3191exit(0);
3192}
2980ea68 3193 ],
2980ea68 3194 [ ac_cv_have_control_in_msghdr="yes" ],
3195 [ ac_cv_have_control_in_msghdr="no" ]
3196 )
3197])
3198if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
e00da40d 3199 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3200 [Define if your system uses ancillary data style
3201 file descriptor passing])
2980ea68 3202fi
3203
3c0ef626 3204AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
416fd2a8 3205 AC_TRY_LINK([],
3206 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3207 [ ac_cv_libc_defines___progname="yes" ],
3208 [ ac_cv_libc_defines___progname="no" ]
3209 )
3210])
3211if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
e00da40d 3212 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3213fi
3214
2980ea68 3215AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3216 AC_TRY_LINK([
3217#include <stdio.h>
416fd2a8 3218],
3219 [ printf("%s", __FUNCTION__); ],
2980ea68 3220 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3221 [ ac_cv_cc_implements___FUNCTION__="no" ]
3222 )
3223])
3224if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
e00da40d 3225 AC_DEFINE(HAVE___FUNCTION__, 1,
3226 [Define if compiler implements __FUNCTION__])
2980ea68 3227fi
3228
3229AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3230 AC_TRY_LINK([
3231#include <stdio.h>
416fd2a8 3232],
3233 [ printf("%s", __func__); ],
2980ea68 3234 [ ac_cv_cc_implements___func__="yes" ],
3235 [ ac_cv_cc_implements___func__="no" ]
3236 )
3237])
3238if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
e00da40d 3239 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3240fi
3241
3242AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3243 AC_TRY_LINK(
3244 [#include <stdarg.h>
3245 va_list x,y;],
3246 [va_copy(x,y);],
3247 [ ac_cv_have_va_copy="yes" ],
3248 [ ac_cv_have_va_copy="no" ]
3249 )
3250])
3251if test "x$ac_cv_have_va_copy" = "xyes" ; then
3252 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3253fi
3254
3255AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3256 AC_TRY_LINK(
3257 [#include <stdarg.h>
3258 va_list x,y;],
3259 [__va_copy(x,y);],
3260 [ ac_cv_have___va_copy="yes" ],
3261 [ ac_cv_have___va_copy="no" ]
3262 )
3263])
3264if test "x$ac_cv_have___va_copy" = "xyes" ; then
3265 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2980ea68 3266fi
3267
3c0ef626 3268AC_CACHE_CHECK([whether getopt has optreset support],
3269 ac_cv_have_getopt_optreset, [
3270 AC_TRY_LINK(
3271 [
3272#include <getopt.h>
3273 ],
3274 [ extern int optreset; optreset = 0; ],
3275 [ ac_cv_have_getopt_optreset="yes" ],
3276 [ ac_cv_have_getopt_optreset="no" ]
3277 )
3278])
3279if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
e00da40d 3280 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3281 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3282fi
3283
3284AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
416fd2a8 3285 AC_TRY_LINK([],
3286 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3287 [ ac_cv_libc_defines_sys_errlist="yes" ],
3288 [ ac_cv_libc_defines_sys_errlist="no" ]
3289 )
3290])
3291if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
e00da40d 3292 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3293 [Define if your system defines sys_errlist[]])
3c0ef626 3294fi
3295
3296
3297AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
416fd2a8 3298 AC_TRY_LINK([],
3299 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3300 [ ac_cv_libc_defines_sys_nerr="yes" ],
3301 [ ac_cv_libc_defines_sys_nerr="no" ]
3302 )
3303])
3304if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
e00da40d 3305 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3306fi
3307
416fd2a8 3308SCARD_MSG="no"
2980ea68 3309# Check whether user wants sectok support
3310AC_ARG_WITH(sectok,
3311 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3312 [
3313 if test "x$withval" != "xno" ; then
3314 if test "x$withval" != "xyes" ; then
3315 CPPFLAGS="$CPPFLAGS -I${withval}"
3316 LDFLAGS="$LDFLAGS -L${withval}"
3317 if test ! -z "$need_dash_r" ; then
3318 LDFLAGS="$LDFLAGS -R${withval}"
3319 fi
3320 if test ! -z "$blibpath" ; then
3321 blibpath="$blibpath:${withval}"
3322 fi
3323 fi
3324 AC_CHECK_HEADERS(sectok.h)
3325 if test "$ac_cv_header_sectok_h" != yes; then
3326 AC_MSG_ERROR(Can't find sectok.h)
3327 fi
3328 AC_CHECK_LIB(sectok, sectok_open)
3329 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3330 AC_MSG_ERROR(Can't find libsectok)
3331 fi
e00da40d 3332 AC_DEFINE(SMARTCARD, 1,
3333 [Define if you want smartcard support])
3334 AC_DEFINE(USE_SECTOK, 1,
3335 [Define if you want smartcard support
3336 using sectok])
416fd2a8 3337 SCARD_MSG="yes, using sectok"
3c0ef626 3338 fi
3339 ]
3340)
3341
2980ea68 3342# Check whether user wants OpenSC support
34fee935 3343OPENSC_CONFIG="no"
2980ea68 3344AC_ARG_WITH(opensc,
e00da40d 3345 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
34fee935 3346 [
3347 if test "x$withval" != "xno" ; then
3348 if test "x$withval" != "xyes" ; then
3349 OPENSC_CONFIG=$withval/bin/opensc-config
3350 else
3351 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3352 fi
3353 if test "$OPENSC_CONFIG" != "no"; then
3354 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3355 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3356 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2e437378 3357 LIBS="$LIBS $LIBOPENSC_LIBS"
34fee935 3358 AC_DEFINE(SMARTCARD)
e00da40d 3359 AC_DEFINE(USE_OPENSC, 1,
3360 [Define if you want smartcard support
3361 using OpenSC])
34fee935 3362 SCARD_MSG="yes, using OpenSC"
3363 fi
3364 fi
3365 ]
3366)
2980ea68 3367
416fd2a8 3368# Check libraries needed by DNS fingerprint support
3369AC_SEARCH_LIBS(getrrsetbyname, resolv,
e00da40d 3370 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3371 [Define if getrrsetbyname() exists])],
70791e56 3372 [
416fd2a8 3373 # Needed by our getrrsetbyname()
3374 AC_SEARCH_LIBS(res_query, resolv)
3375 AC_SEARCH_LIBS(dn_expand, resolv)
1b56ff3d 3376 AC_MSG_CHECKING(if res_query will link)
3377 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3378 [AC_MSG_RESULT(no)
3379 saved_LIBS="$LIBS"
3380 LIBS="$LIBS -lresolv"
3381 AC_MSG_CHECKING(for res_query in -lresolv)
3382 AC_LINK_IFELSE([
3383#include <resolv.h>
3384int main()
3385{
3386 res_query (0, 0, 0, 0, 0);
3387 return 0;
3388}
3389 ],
3390 [LIBS="$LIBS -lresolv"
3391 AC_MSG_RESULT(yes)],
3392 [LIBS="$saved_LIBS"
3393 AC_MSG_RESULT(no)])
3394 ])
416fd2a8 3395 AC_CHECK_FUNCS(_getshort _getlong)
34fee935 3396 AC_CHECK_DECLS([_getshort, _getlong], , ,
3397 [#include <sys/types.h>
3398 #include <arpa/nameser.h>])
416fd2a8 3399 AC_CHECK_MEMBER(HEADER.ad,
e00da40d 3400 [AC_DEFINE(HAVE_HEADER_AD, 1,
3401 [Define if HEADER.ad exists in arpa/nameser.h])],,
416fd2a8 3402 [#include <arpa/nameser.h>])
3403 ])
70791e56 3404
25d429a2 3405AC_MSG_CHECKING(if struct __res_state _res is an extern)
3406AC_LINK_IFELSE([
3407#include <stdio.h>
3408#if HAVE_SYS_TYPES_H
3409# include <sys/types.h>
3410#endif
3411#include <netinet/in.h>
3412#include <arpa/nameser.h>
3413#include <resolv.h>
3414extern struct __res_state _res;
3415int main() { return 0; }
3416 ],
3417 [AC_MSG_RESULT(yes)
3418 AC_DEFINE(HAVE__RES_EXTERN, 1,
3419 [Define if you have struct __res_state _res as an extern])
3420 ],
3421 [ AC_MSG_RESULT(no) ]
3422)
3423
2e437378 3424# Check whether user wants SELinux support
3425SELINUX_MSG="no"
3426LIBSELINUX=""
3427AC_ARG_WITH(selinux,
3428 [ --with-selinux Enable SELinux support],
3429 [ if test "x$withval" != "xno" ; then
25d429a2 3430 save_LIBS="$LIBS"
2e437378 3431 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3432 SELINUX_MSG="yes"
3433 AC_CHECK_HEADER([selinux/selinux.h], ,
3434 AC_MSG_ERROR(SELinux support requires selinux.h header))
3435 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3436 AC_MSG_ERROR(SELinux support requires libselinux library))
25d429a2 3437 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
2e437378 3438 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3439 LIBS="$save_LIBS"
3440 fi ]
3441)
2e437378 3442
d905e828 3443# Check whether user wants Kerberos 5 support
416fd2a8 3444KRB5_MSG="no"
d905e828 3445AC_ARG_WITH(kerberos5,
416fd2a8 3446 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3447 [ if test "x$withval" != "xno" ; then
3448 if test "x$withval" = "xyes" ; then
3449 KRB5ROOT="/usr/local"
3450 else
3451 KRB5ROOT=${withval}
3452 fi
3453
e00da40d 3454 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
416fd2a8 3455 KRB5_MSG="yes"
3456
3457 AC_MSG_CHECKING(for krb5-config)
3458 if test -x $KRB5ROOT/bin/krb5-config ; then
3459 KRB5CONF=$KRB5ROOT/bin/krb5-config
3460 AC_MSG_RESULT($KRB5CONF)
3461
3462 AC_MSG_CHECKING(for gssapi support)
3463 if $KRB5CONF | grep gssapi >/dev/null ; then
3464 AC_MSG_RESULT(yes)
e00da40d 3465 AC_DEFINE(GSSAPI, 1,
3466 [Define this if you want GSSAPI
3467 support in the version 2 protocol])
416fd2a8 3468 k5confopts=gssapi
3469 else
3470 AC_MSG_RESULT(no)
3471 k5confopts=""
3472 fi
3473 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3474 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3475 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3476 AC_MSG_CHECKING(whether we are using Heimdal)
3477 AC_TRY_COMPILE([ #include <krb5.h> ],
3478 [ char *tmp = heimdal_version; ],
3479 [ AC_MSG_RESULT(yes)
e00da40d 3480 AC_DEFINE(HEIMDAL, 1,
3481 [Define this if you are using the
3482 Heimdal version of Kerberos V5]) ],
416fd2a8 3483 AC_MSG_RESULT(no)
3484 )
3485 else
3486 AC_MSG_RESULT(no)
d905e828 3487 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
416fd2a8 3488 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3489 AC_MSG_CHECKING(whether we are using Heimdal)
3490 AC_TRY_COMPILE([ #include <krb5.h> ],
3491 [ char *tmp = heimdal_version; ],
3492 [ AC_MSG_RESULT(yes)
3493 AC_DEFINE(HEIMDAL)
1b56ff3d 3494 K5LIBS="-lkrb5 -ldes"
3495 K5LIBS="$K5LIBS -lcom_err -lasn1"
34fee935 3496 AC_CHECK_LIB(roken, net_write,
1b56ff3d 3497 [K5LIBS="$K5LIBS -lroken"])
416fd2a8 3498 ],
3499 [ AC_MSG_RESULT(no)
3500 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3501 ]
3502 )
70791e56 3503 AC_SEARCH_LIBS(dn_expand, resolv)
3504
3505 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3506 [ AC_DEFINE(GSSAPI)
3507 K5LIBS="-lgssapi $K5LIBS" ],
3508 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3509 [ AC_DEFINE(GSSAPI)
416fd2a8 3510 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
70791e56 3511 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3512 $K5LIBS)
3513 ],
3514 $K5LIBS)
34fee935 3515
70791e56 3516 AC_CHECK_HEADER(gssapi.h, ,
3517 [ unset ac_cv_header_gssapi_h
416fd2a8 3518 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
70791e56 3519 AC_CHECK_HEADERS(gssapi.h, ,
3520 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
416fd2a8 3521 )
70791e56 3522 ]
3523 )
3524
3525 oldCPP="$CPPFLAGS"
3526 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3527 AC_CHECK_HEADER(gssapi_krb5.h, ,
3528 [ CPPFLAGS="$oldCPP" ])
d905e828 3529
c2397a66 3530 # If we're using some other GSSAPI
3531 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3532 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3533 fi
d905e828 3534
416fd2a8 3535 if test -z "$GSSAPI"; then
3536 GSSAPI="KRB5";
3537 fi
c2397a66 3538
d905e828 3539 oldCPP="$CPPFLAGS"
3540 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3541 AC_CHECK_HEADER(gssapi_krb5.h, ,
3542 [ CPPFLAGS="$oldCPP" ])
3543
d905e828 3544 fi
416fd2a8 3545 if test ! -z "$need_dash_r" ; then
3546 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3547 fi
3548 if test ! -z "$blibpath" ; then
3549 blibpath="$blibpath:${KRB5ROOT}/lib"
3550 fi
416fd2a8 3551
e00da40d 3552 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3553 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3554 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
416fd2a8 3555
e00da40d 3556 LIBS="$LIBS $K5LIBS"
3557 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3558 [Define this if you want to use libkafs' AFS support]))
3559 fi
416fd2a8 3560 ]
d905e828 3561)
3c0ef626 3562
f2fd21a2 3563# Check whether user wants AFS_KRB5 support
3564AFS_KRB5_MSG="no"
3565AC_ARG_WITH(afs-krb5,
3566 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3567 [
3568 if test "x$withval" != "xno" ; then
3569
3570 if test "x$withval" != "xyes" ; then
e00da40d 3571 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3572 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
f2fd21a2 3573 else
e00da40d 3574 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3575 "/usr/bin/aklog",
3576 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
f2fd21a2 3577 fi
3578
416fd2a8 3579 if test -z "$KRB5ROOT" ; then
f2fd21a2 3580 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3581 fi
3582
2a304a95 3583 LIBS="-lkrbafs -lkrb4 $LIBS"
f2fd21a2 3584 if test ! -z "$AFS_LIBS" ; then
3585 LIBS="$LIBS $AFS_LIBS"
3586 fi
e00da40d 3587 AC_DEFINE(AFS_KRB5, 1,
3588 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
f2fd21a2 3589 AFS_KRB5_MSG="yes"
3590 fi
3591 ]
3592)
3c0ef626 3593
88928908 3594AC_ARG_WITH(session-hooks,
3595 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
e00da40d 3596 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
88928908 3597)
3598
3c0ef626 3599# Looking for programs, paths and files
3c0ef626 3600
2980ea68 3601PRIVSEP_PATH=/var/empty
3602AC_ARG_WITH(privsep-path,
e54b3d7c 3603 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
2980ea68 3604 [
34fee935 3605 if test -n "$withval" && test "x$withval" != "xno" && \
3606 test "x${withval}" != "xyes"; then
2980ea68 3607 PRIVSEP_PATH=$withval
3608 fi
3609 ]
3610)
3611AC_SUBST(PRIVSEP_PATH)
3612
3c0ef626 3613AC_ARG_WITH(xauth,
3614 [ --with-xauth=PATH Specify path to xauth program ],
3615 [
34fee935 3616 if test -n "$withval" && test "x$withval" != "xno" && \
3617 test "x${withval}" != "xyes"; then
3c0ef626 3618 xauth_path=$withval
3619 fi
3620 ],
3621 [
e54b3d7c 3622 TestPath="$PATH"
3623 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3624 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3625 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3626 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3627 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3628 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3629 xauth_path="/usr/openwin/bin/xauth"
3630 fi
3631 ]
3632)
3633
1c14df9e 3634STRIP_OPT=-s
3635AC_ARG_ENABLE(strip,
3636 [ --disable-strip Disable calling strip(1) on install],
3637 [
3638 if test "x$enableval" = "xno" ; then
3639 STRIP_OPT=
3640 fi
3641 ]
3642)
3643AC_SUBST(STRIP_OPT)
3644
3c0ef626 3645if test -z "$xauth_path" ; then
3646 XAUTH_PATH="undefined"
3647 AC_SUBST(XAUTH_PATH)
3648else
e00da40d 3649 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3650 [Define if xauth is found in your path])
3c0ef626 3651 XAUTH_PATH=$xauth_path
3652 AC_SUBST(XAUTH_PATH)
3653fi
3c0ef626 3654
59246c42 3655AC_CHECK_DECL(_PATH_BSHELL, ,
3656 AC_DEFINE_UNQUOTED(_PATH_BSHELL, "/bin/sh",
70cedcd7 3657 [Define to your C shell if not defined in paths.h]),
59246c42 3658 [ #include <paths.h> ]
3659)
3660
3661AC_CHECK_DECL(_PATH_CSHELL, ,
3662 AC_DEFINE_UNQUOTED(_PATH_CSHELL, "/bin/csh",
70cedcd7 3663 [Define to your Bourne shell if not defined in paths.h]),
59246c42 3664 [ #include <paths.h> ]
3665)
3666
3667AC_CHECK_DECL(_PATH_SHELLS, ,
6c445d85 3668 AC_DEFINE_UNQUOTED(_PATH_SHELLS, "/etc/shells",
70cedcd7 3669 [Define to your shells file if not defined in paths.h]),
59246c42 3670 [ #include <paths.h> ]
3671)
3672
3673# if _PATH_MAILDIR is in paths.h then we won't go hunting for it.
3674AC_CHECK_DECL(_PATH_MAILDIR,
3675 AC_DEFINE(PATH_MAILDIR_IN_PATHS_H, 1,
3676 [Define if _PATH_MAILDIR is in paths.h]),
3677 ,
3678 [ #include <paths.h> ]
3679)
3680
3c0ef626 3681# Check for mail directory (last resort if we cannot get it from headers)
3682if test ! -z "$MAIL" ; then
3683 maildir=`dirname $MAIL`
e00da40d 3684 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3685 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3686fi
3687
34fee935 3688if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3689 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3690 disable_ptmx_check=yes
3691fi
3c0ef626 3692if test -z "$no_dev_ptmx" ; then
2980ea68 3693 if test "x$disable_ptmx_check" != "xyes" ; then
416fd2a8 3694 AC_CHECK_FILE("/dev/ptmx",
2980ea68 3695 [
e00da40d 3696 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3697 [Define if you have /dev/ptmx])
2980ea68 3698 have_dev_ptmx=1
3699 ]
3700 )
3701 fi
3c0ef626 3702fi
34fee935 3703
3704if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3705 AC_CHECK_FILE("/dev/ptc",
3706 [
e00da40d 3707 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3708 [Define if you have /dev/ptc])
34fee935 3709 have_dev_ptc=1
3710 ]
3711 )
3712else
3713 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3714fi
3c0ef626 3715
3716# Options from here on. Some of these are preset by platform above
3c0ef626 3717AC_ARG_WITH(mantype,
3718 [ --with-mantype=man|cat|doc Set man page type],
3719 [
3720 case "$withval" in
3721 man|cat|doc)
3722 MANTYPE=$withval
3723 ;;
3724 *)
3725 AC_MSG_ERROR(invalid man type: $withval)
3726 ;;
3727 esac
3728 ]
3729)
3730if test -z "$MANTYPE"; then
e54b3d7c 3731 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3732 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3733 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3734 MANTYPE=doc
3735 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3736 MANTYPE=man
3737 else
3738 MANTYPE=cat
3739 fi
3740fi
3741AC_SUBST(MANTYPE)
3742if test "$MANTYPE" = "doc"; then
3743 mansubdir=man;
3744else
3745 mansubdir=$MANTYPE;
3746fi
3747AC_SUBST(mansubdir)
3748
3749# Check whether to enable MD5 passwords
416fd2a8 3750MD5_MSG="no"
3c0ef626 3751AC_ARG_WITH(md5-passwords,
3752 [ --with-md5-passwords Enable use of MD5 passwords],
3753 [
3754 if test "x$withval" != "xno" ; then
e00da40d 3755 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3756 [Define if you want to allow MD5 passwords])
416fd2a8 3757 MD5_MSG="yes"
3c0ef626 3758 fi
3759 ]
3760)
3761
3762# Whether to disable shadow password support
3763AC_ARG_WITH(shadow,
3764 [ --without-shadow Disable shadow password support],
3765 [
34fee935 3766 if test "x$withval" = "xno" ; then
3c0ef626 3767 AC_DEFINE(DISABLE_SHADOW)
3768 disable_shadow=yes
3769 fi
3770 ]
3771)
3772
3773if test -z "$disable_shadow" ; then
3774 AC_MSG_CHECKING([if the systems has expire shadow information])
3775 AC_TRY_COMPILE(
3776 [
3777#include <sys/types.h>
3778#include <shadow.h>
3779 struct spwd sp;
3780 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3781 [ sp_expire_available=yes ], []
3782 )
3783
3784 if test "x$sp_expire_available" = "xyes" ; then
3785 AC_MSG_RESULT(yes)
e00da40d 3786 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3787 [Define if you want to use shadow password expire field])
3c0ef626 3788 else
3789 AC_MSG_RESULT(no)
3790 fi
3791fi
3792
3793# Use ip address instead of hostname in $DISPLAY
3794if test ! -z "$IPADDR_IN_DISPLAY" ; then
3795 DISPLAY_HACK_MSG="yes"
e00da40d 3796 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3797 [Define if you need to use IP address
3798 instead of hostname in $DISPLAY])
3c0ef626 3799else
416fd2a8 3800 DISPLAY_HACK_MSG="no"
3c0ef626 3801 AC_ARG_WITH(ipaddr-display,
3802 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3803 [
34fee935 3804 if test "x$withval" != "xno" ; then
3c0ef626 3805 AC_DEFINE(IPADDR_IN_DISPLAY)
416fd2a8 3806 DISPLAY_HACK_MSG="yes"
3c0ef626 3807 fi
3808 ]
3809 )
3810fi
3811
70791e56 3812# check for /etc/default/login and use it if present.
3813AC_ARG_ENABLE(etc-default-login,
34fee935 3814 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3815 [ if test "x$enableval" = "xno"; then
3816 AC_MSG_NOTICE([/etc/default/login handling disabled])
3817 etc_default_login=no
3818 else
3819 etc_default_login=yes
3820 fi ],
e00da40d 3821 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3822 then
3823 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3824 etc_default_login=no
3825 else
3826 etc_default_login=yes
3827 fi ]
34fee935 3828)
3829
3830if test "x$etc_default_login" != "xno"; then
3831 AC_CHECK_FILE("/etc/default/login",
3832 [ external_path_file=/etc/default/login ])
e00da40d 3833 if test "x$external_path_file" = "x/etc/default/login"; then
3834 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3835 [Define if your system has /etc/default/login])
34fee935 3836 fi
70791e56 3837fi
70791e56 3838
2980ea68 3839dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
34fee935 3840if test $ac_cv_func_login_getcapbool = "yes" && \
3841 test $ac_cv_header_login_cap_h = "yes" ; then
70791e56 3842 external_path_file=/etc/login.conf
2980ea68 3843fi
70791e56 3844
3c0ef626 3845# Whether to mess with the default path
416fd2a8 3846SERVER_PATH_MSG="(default)"
3c0ef626 3847AC_ARG_WITH(default-path,
2980ea68 3848 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3849 [
70791e56 3850 if test "x$external_path_file" = "x/etc/login.conf" ; then
2980ea68 3851 AC_MSG_WARN([
3852--with-default-path=PATH has no effect on this system.
3853Edit /etc/login.conf instead.])
34fee935 3854 elif test "x$withval" != "xno" ; then
70791e56 3855 if test ! -z "$external_path_file" ; then
3856 AC_MSG_WARN([
3857--with-default-path=PATH will only be used if PATH is not defined in
3858$external_path_file .])
3859 fi
3c0ef626 3860 user_path="$withval"
416fd2a8 3861 SERVER_PATH_MSG="$withval"
3c0ef626 3862 fi
3863 ],
70791e56 3864 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3865 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
2980ea68 3866 else
70791e56 3867 if test ! -z "$external_path_file" ; then
3868 AC_MSG_WARN([
3869If PATH is defined in $external_path_file, ensure the path to scp is included,
3870otherwise scp will not work.])
3871 fi
e00da40d 3872 AC_RUN_IFELSE(
3873 [AC_LANG_SOURCE([[
3c0ef626 3874/* find out what STDPATH is */
3875#include <stdio.h>
3876#ifdef HAVE_PATHS_H
3877# include <paths.h>
3878#endif
3879#ifndef _PATH_STDPATH
1c14df9e 3880# ifdef _PATH_USERPATH /* Irix */
3881# define _PATH_STDPATH _PATH_USERPATH
3882# else
3883# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3884# endif
3c0ef626 3885#endif
3886#include <sys/types.h>
3887#include <sys/stat.h>
3888#include <fcntl.h>
3889#define DATA "conftest.stdpath"
3890
3891main()
3892{
3893 FILE *fd;
3894 int rc;
34fee935 3895
3c0ef626 3896 fd = fopen(DATA,"w");
3897 if(fd == NULL)
3898 exit(1);
34fee935 3899
3c0ef626 3900 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3901 exit(1);
3902
3903 exit(0);
3904}
e00da40d 3905 ]])],
3906 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3907 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3908 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3909 )
131757f3 3910 fi ]
3911)
70791e56 3912if test "x$external_path_file" != "x/etc/login.conf" ; then
e00da40d 3913 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
2980ea68 3914 AC_SUBST(user_path)
3915fi
3916
3917# Set superuser path separately to user path
3918AC_ARG_WITH(superuser-path,
3919 [ --with-superuser-path= Specify different path for super-user],
3920 [
34fee935 3921 if test -n "$withval" && test "x$withval" != "xno" && \
3922 test "x${withval}" != "xyes"; then
e00da40d 3923 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3924 [Define if you want a different $PATH
3925 for the superuser])
2980ea68 3926 superuser_path=$withval
3927 fi
3c0ef626 3928 ]
3929)
2980ea68 3930
3c0ef626 3931
3c0ef626 3932AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
416fd2a8 3933IPV4_IN6_HACK_MSG="no"
3c0ef626 3934AC_ARG_WITH(4in6,
3935 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3936 [
3937 if test "x$withval" != "xno" ; then
3938 AC_MSG_RESULT(yes)
e00da40d 3939 AC_DEFINE(IPV4_IN_IPV6, 1,
3940 [Detect IPv4 in IPv6 mapped addresses
3941 and treat as IPv4])
416fd2a8 3942 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3943 else
3944 AC_MSG_RESULT(no)
3945 fi
3946 ],[
3947 if test "x$inet6_default_4in6" = "xyes"; then
3948 AC_MSG_RESULT([yes (default)])
3949 AC_DEFINE(IPV4_IN_IPV6)
416fd2a8 3950 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3951 else
3952 AC_MSG_RESULT([no (default)])
3953 fi
3954 ]
3955)
3956
3957# Whether to enable BSD auth support
e9a17296 3958BSD_AUTH_MSG=no
3c0ef626 3959AC_ARG_WITH(bsd-auth,
3960 [ --with-bsd-auth Enable BSD auth support],
3961 [
34fee935 3962 if test "x$withval" != "xno" ; then
e00da40d 3963 AC_DEFINE(BSD_AUTH, 1,
3964 [Define if you have BSD auth support])
e9a17296 3965 BSD_AUTH_MSG=yes
3c0ef626 3966 fi
3967 ]
3968)
3969
34fee935 3970# Where to place sshd.pid
3971piddir=/var/run
3972# make sure the directory exists
3973if test ! -d $piddir ; then
3974 piddir=`eval echo ${sysconfdir}`
3975 case $piddir in
3976 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
3977 esac
3978fi
3979
3980AC_ARG_WITH(pid-dir,
3981 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3982 [
3983 if test -n "$withval" && test "x$withval" != "xno" && \
3984 test "x${withval}" != "xyes"; then
3985 piddir=$withval
3986 if test ! -d $piddir ; then
3987 AC_MSG_WARN([** no $piddir directory on this system **])
3988 fi
3989 fi
3990 ]
3991)
3992
e00da40d 3993AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
34fee935 3994AC_SUBST(piddir)
3995
3c0ef626 3996dnl allow user to disable some login recording features
3997AC_ARG_ENABLE(lastlog,
3998 [ --disable-lastlog disable use of lastlog even if detected [no]],
70791e56 3999 [
4000 if test "x$enableval" = "xno" ; then
4001 AC_DEFINE(DISABLE_LASTLOG)
4002 fi
4003 ]
3c0ef626 4004)
4005AC_ARG_ENABLE(utmp,
4006 [ --disable-utmp disable use of utmp even if detected [no]],
70791e56 4007 [
4008 if test "x$enableval" = "xno" ; then
4009 AC_DEFINE(DISABLE_UTMP)
4010 fi
4011 ]
3c0ef626 4012)
4013AC_ARG_ENABLE(utmpx,
4014 [ --disable-utmpx disable use of utmpx even if detected [no]],
70791e56 4015 [
4016 if test "x$enableval" = "xno" ; then
e00da40d 4017 AC_DEFINE(DISABLE_UTMPX, 1,
4018 [Define if you don't want to use utmpx])
70791e56 4019 fi
4020 ]
3c0ef626 4021)
4022AC_ARG_ENABLE(wtmp,
4023 [ --disable-wtmp disable use of wtmp even if detected [no]],
70791e56 4024 [
4025 if test "x$enableval" = "xno" ; then
4026 AC_DEFINE(DISABLE_WTMP)
4027 fi
4028 ]
3c0ef626 4029)
4030AC_ARG_ENABLE(wtmpx,
4031 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
70791e56 4032 [
4033 if test "x$enableval" = "xno" ; then
e00da40d 4034 AC_DEFINE(DISABLE_WTMPX, 1,
4035 [Define if you don't want to use wtmpx])
70791e56 4036 fi
4037 ]
3c0ef626 4038)
4039AC_ARG_ENABLE(libutil,
4040 [ --disable-libutil disable use of libutil (login() etc.) [no]],
70791e56 4041 [
4042 if test "x$enableval" = "xno" ; then
4043 AC_DEFINE(DISABLE_LOGIN)
4044 fi
4045 ]
3c0ef626 4046)
4047AC_ARG_ENABLE(pututline,
4048 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
70791e56 4049 [
4050 if test "x$enableval" = "xno" ; then
e00da40d 4051 AC_DEFINE(DISABLE_PUTUTLINE, 1,
4052 [Define if you don't want to use pututline()
4053 etc. to write [uw]tmp])
70791e56 4054 fi
4055 ]
3c0ef626 4056)
4057AC_ARG_ENABLE(pututxline,
4058 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
70791e56 4059 [
4060 if test "x$enableval" = "xno" ; then
e00da40d 4061 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
4062 [Define if you don't want to use pututxline()
4063 etc. to write [uw]tmpx])
70791e56 4064 fi
4065 ]
3c0ef626 4066)
4067AC_ARG_WITH(lastlog,
4068 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
4069 [
34fee935 4070 if test "x$withval" = "xno" ; then
3c0ef626 4071 AC_DEFINE(DISABLE_LASTLOG)
34fee935 4072 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 4073 conf_lastlog_location=$withval
4074 fi
4075 ]
4076)
4077
4078dnl lastlog, [uw]tmpx? detection
4079dnl NOTE: set the paths in the platform section to avoid the
4080dnl need for command-line parameters
4081dnl lastlog and [uw]tmp are subject to a file search if all else fails
4082
4083dnl lastlog detection
4084dnl NOTE: the code itself will detect if lastlog is a directory
4085AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
4086AC_TRY_COMPILE([
4087#include <sys/types.h>
4088#include <utmp.h>
4089#ifdef HAVE_LASTLOG_H
4090# include <lastlog.h>
4091#endif
4092#ifdef HAVE_PATHS_H
4093# include <paths.h>
4094#endif
4095#ifdef HAVE_LOGIN_H
4096# include <login.h>
4097#endif
4098 ],
4099 [ char *lastlog = LASTLOG_FILE; ],
4100 [ AC_MSG_RESULT(yes) ],
4101 [
4102 AC_MSG_RESULT(no)
4103 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4104 AC_TRY_COMPILE([
4105#include <sys/types.h>
4106#include <utmp.h>
4107#ifdef HAVE_LASTLOG_H
4108# include <lastlog.h>
4109#endif
4110#ifdef HAVE_PATHS_H
4111# include <paths.h>
4112#endif
4113 ],
4114 [ char *lastlog = _PATH_LASTLOG; ],
4115 [ AC_MSG_RESULT(yes) ],
4116 [
4117 AC_MSG_RESULT(no)
4118 system_lastlog_path=no
4119 ])
4120 ]
4121)
4122
4123if test -z "$conf_lastlog_location"; then
4124 if test x"$system_lastlog_path" = x"no" ; then
4125 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4126 if (test -d "$f" || test -f "$f") ; then
4127 conf_lastlog_location=$f
4128 fi
4129 done
4130 if test -z "$conf_lastlog_location"; then
4131 AC_MSG_WARN([** Cannot find lastlog **])
4132 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4133 fi
4134 fi
4135fi
4136
4137if test -n "$conf_lastlog_location"; then
e00da40d 4138 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4139 [Define if you want to specify the path to your lastlog file])
34fee935 4140fi
3c0ef626 4141
4142dnl utmp detection
4143AC_MSG_CHECKING([if your system defines UTMP_FILE])
4144AC_TRY_COMPILE([
4145#include <sys/types.h>
4146#include <utmp.h>
4147#ifdef HAVE_PATHS_H
4148# include <paths.h>
4149#endif
4150 ],
4151 [ char *utmp = UTMP_FILE; ],
4152 [ AC_MSG_RESULT(yes) ],
4153 [ AC_MSG_RESULT(no)
4154 system_utmp_path=no ]
4155)
4156if test -z "$conf_utmp_location"; then
4157 if test x"$system_utmp_path" = x"no" ; then
4158 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4159 if test -f $f ; then
4160 conf_utmp_location=$f
4161 fi
4162 done
4163 if test -z "$conf_utmp_location"; then
4164 AC_DEFINE(DISABLE_UTMP)
4165 fi
4166 fi
4167fi
4168if test -n "$conf_utmp_location"; then
e00da40d 4169 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4170 [Define if you want to specify the path to your utmp file])
34fee935 4171fi
3c0ef626 4172
4173dnl wtmp detection
4174AC_MSG_CHECKING([if your system defines WTMP_FILE])
4175AC_TRY_COMPILE([
4176#include <sys/types.h>
4177#include <utmp.h>
4178#ifdef HAVE_PATHS_H
4179# include <paths.h>
4180#endif
4181 ],
4182 [ char *wtmp = WTMP_FILE; ],
4183 [ AC_MSG_RESULT(yes) ],
4184 [ AC_MSG_RESULT(no)
4185 system_wtmp_path=no ]
4186)
4187if test -z "$conf_wtmp_location"; then
4188 if test x"$system_wtmp_path" = x"no" ; then
4189 for f in /usr/adm/wtmp /var/log/wtmp; do
4190 if test -f $f ; then
4191 conf_wtmp_location=$f
4192 fi
4193 done
4194 if test -z "$conf_wtmp_location"; then
4195 AC_DEFINE(DISABLE_WTMP)
4196 fi
4197 fi
4198fi
4199if test -n "$conf_wtmp_location"; then
e00da40d 4200 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4201 [Define if you want to specify the path to your wtmp file])
34fee935 4202fi
3c0ef626 4203
4204
4205dnl utmpx detection - I don't know any system so perverse as to require
4206dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4207dnl there, though.
4208AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4209AC_TRY_COMPILE([
4210#include <sys/types.h>
4211#include <utmp.h>
4212#ifdef HAVE_UTMPX_H
4213#include <utmpx.h>
4214#endif
4215#ifdef HAVE_PATHS_H
4216# include <paths.h>
4217#endif
4218 ],
4219 [ char *utmpx = UTMPX_FILE; ],
4220 [ AC_MSG_RESULT(yes) ],
4221 [ AC_MSG_RESULT(no)
4222 system_utmpx_path=no ]
4223)
4224if test -z "$conf_utmpx_location"; then
4225 if test x"$system_utmpx_path" = x"no" ; then
4226 AC_DEFINE(DISABLE_UTMPX)
4227 fi
4228else
e00da40d 4229 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4230 [Define if you want to specify the path to your utmpx file])
34fee935 4231fi
3c0ef626 4232
4233dnl wtmpx detection
4234AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4235AC_TRY_COMPILE([
4236#include <sys/types.h>
4237#include <utmp.h>
4238#ifdef HAVE_UTMPX_H
4239#include <utmpx.h>
4240#endif
4241#ifdef HAVE_PATHS_H
4242# include <paths.h>
4243#endif
4244 ],
4245 [ char *wtmpx = WTMPX_FILE; ],
4246 [ AC_MSG_RESULT(yes) ],
4247 [ AC_MSG_RESULT(no)
4248 system_wtmpx_path=no ]
4249)
4250if test -z "$conf_wtmpx_location"; then
4251 if test x"$system_wtmpx_path" = x"no" ; then
4252 AC_DEFINE(DISABLE_WTMPX)
4253 fi
4254else
e00da40d 4255 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4256 [Define if you want to specify the path to your wtmpx file])
34fee935 4257fi
3c0ef626 4258
4259
3c0ef626 4260if test ! -z "$blibpath" ; then
8bb69cbe 4261 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4262 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4263fi
4264
34fee935 4265dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4266dnl Add now.
4267CFLAGS="$CFLAGS $werror_flags"
4268
e9a17296 4269AC_EXEEXT
2e437378 4270AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4271 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
34fee935 4272 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4273AC_OUTPUT
4274
4275# Print summary of options
4276
3c0ef626 4277# Someone please show me a better way :)
4278A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4279B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4280C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4281D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4282E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4283F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
2980ea68 4284H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4285I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4286J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4287
4288echo ""
4289echo "OpenSSH has been configured with the following options:"
2980ea68 4290echo " User binaries: $B"
4291echo " System binaries: $C"
4292echo " Configuration files: $D"
4293echo " Askpass program: $E"
4294echo " Manual pages: $F"
2980ea68 4295echo " Privilege separation chroot path: $H"
70791e56 4296if test "x$external_path_file" = "x/etc/login.conf" ; then
4297echo " At runtime, sshd will use the path defined in $external_path_file"
4298echo " Make sure the path to scp is present, otherwise scp will not work"
2980ea68 4299else
4300echo " sshd default user PATH: $I"
70791e56 4301 if test ! -z "$external_path_file"; then
4302echo " (If PATH is set in $external_path_file it will be used instead. If"
4303echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4304 fi
2980ea68 4305fi
4306if test ! -z "$superuser_path" ; then
4307echo " sshd superuser user PATH: $J"
4308fi
4309echo " Manpage format: $MANTYPE"
70791e56 4310echo " PAM support: $PAM_MSG"
2e437378 4311echo " OSF SIA support: $SIA_MSG"
2980ea68 4312echo " KerberosV support: $KRB5_MSG"
2e437378 4313echo " SELinux support: $SELINUX_MSG"
2980ea68 4314echo " Smartcard support: $SCARD_MSG"
2980ea68 4315echo " S/KEY support: $SKEY_MSG"
4316echo " TCP Wrappers support: $TCPW_MSG"
4317echo " MD5 password support: $MD5_MSG"
34fee935 4318echo " libedit support: $LIBEDIT_MSG"
2e437378 4319echo " Solaris process contract support: $SPC_MSG"
2980ea68 4320echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
2980ea68 4321echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4322echo " BSD Auth support: $BSD_AUTH_MSG"
4323echo " Random number source: $RAND_MSG"
e9a17296 4324if test ! -z "$USE_RAND_HELPER" ; then
2980ea68 4325echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4326fi
4327
4328echo ""
4329
4330echo " Host: ${host}"
4331echo " Compiler: ${CC}"
4332echo " Compiler flags: ${CFLAGS}"
4333echo "Preprocessor flags: ${CPPFLAGS}"
4334echo " Linker flags: ${LDFLAGS}"
25d429a2 4335echo " Libraries: ${LIBS}"
4336if test ! -z "${SSHDLIBS}"; then
4337echo " +for sshd: ${SSHDLIBS}"
4338fi
3c0ef626 4339
4340echo ""
4341
1b56ff3d 4342if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
34fee935 4343 echo "SVR4 style packages are supported with \"make package\""
4344 echo ""
1b56ff3d 4345fi
4346
3c0ef626 4347if test "x$PAM_MSG" = "xyes" ; then
e9a17296 4348 echo "PAM is enabled. You may need to install a PAM control file "
4349 echo "for sshd, otherwise password authentication may fail. "
416fd2a8 4350 echo "Example PAM control files can be found in the contrib/ "
e9a17296 4351 echo "subdirectory"
3c0ef626 4352 echo ""
4353fi
4354
e9a17296 4355if test ! -z "$RAND_HELPER_CMDHASH" ; then
4356 echo "WARNING: you are using the builtin random number collection "
4357 echo "service. Please read WARNING.RNG and request that your OS "
4358 echo "vendor includes kernel-based random number collection in "
4359 echo "future versions of your OS."
3c0ef626 4360 echo ""
4361fi
4362
1b56ff3d 4363if test ! -z "$NO_PEERCHECK" ; then
25d429a2 4364 echo "WARNING: the operating system that you are using does not"
4365 echo "appear to support getpeereid(), getpeerucred() or the"
4366 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4367 echo "enforce security checks to prevent unauthorised connections to"
4368 echo "ssh-agent. Their absence increases the risk that a malicious"
4369 echo "user can connect to your agent."
1b56ff3d 4370 echo ""
4371fi
4372
34fee935 4373if test "$AUDIT_MODULE" = "bsm" ; then
4374 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4375 echo "See the Solaris section in README.platform for details."
4376fi
git-cvsimport mirror of GSI OpenSSH
This page took 1.050852 seconds and 5 git commands to generate.