]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Import of OpenSSH 5.2p1
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
99be0775 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
665a873d 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
f2f068fa 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
0fff78ff 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
f2f068fa 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
c9f39d2c 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
6a9b3198 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
700318f3 43AC_PATH_PROG(SH, sh)
c9f39d2c 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
2c06c99b 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
2c06c99b 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
cdd66111 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
2c06c99b 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
cdd66111 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
dec6d9fe 88
3c0ef626 89AC_C_INLINE
665a873d 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
47686178 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
95 [ --without-stackprotect Don't use compiler's stack protection], [
96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
cdd66111 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
665a873d 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
2c06c99b 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
665a873d 103 case $GCC_VER in
d4487008 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
22616013 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
2c06c99b 112 *) ;;
665a873d 113 esac
114
22616013 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
47686178 127 # -fstack-protector-all doesn't always work for some GCC versions
128 # and/or platforms, so we test if we can. If it's not supported
91d9cdd3 129 # on a given platform gcc will emit a warning so we use -Werror.
47686178 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
132 AC_MSG_CHECKING(if $CC supports $t)
133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
91d9cdd3 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
47686178 141 ])],
142 [ AC_MSG_RESULT(yes)
143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
91d9cdd3 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
47686178 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
156 )
157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
164
665a873d 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
176fi
177
d4487008 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
cdd66111 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
dec6d9fe 185 if test "x$withval" = "xno" ; then
cdd66111 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
ff7ec503 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
d4487008 265 poll.h \
ff7ec503 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
22616013 282 sys/mount.h \
ff7ec503 283 sys/ndir.h \
47686178 284 sys/poll.h \
ff7ec503 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
22616013 292 sys/statvfs.h \
ff7ec503 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
d4487008 300 ucred.h \
ff7ec503 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
9108f8d9 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
3c0ef626 333# Check for some target-specific stuff
334case "$host" in
335*-*-aix*)
9108f8d9 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
cdd66111 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
7e772e1f 358 if (test -z "$blibpath"); then
cdd66111 359 blibpath="/usr/lib:/lib"
7e772e1f 360 fi
361 saved_LDFLAGS="$LDFLAGS"
9108f8d9 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
7e772e1f 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
3c0ef626 378 fi
7e772e1f 379 LDFLAGS="$saved_LDFLAGS"
0fff78ff 380 dnl Check for authenticate. Might be in libs.a on older AIXes
2c06c99b 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
41b2f314 383 [AC_CHECK_LIB(s,authenticate,
384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
385 LIBS="$LIBS -ls"
386 ])
387 ])
996d5e62 388 dnl Check for various auth function declarations in headers.
389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
dec6d9fe 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
0fff78ff 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
996d5e62 392 AC_CHECK_DECLS(loginfailed,
0fff78ff 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
395 [#include <usersec.h>],
396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
2c06c99b 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
0fff78ff 401 [AC_MSG_RESULT(no)]
402 )],
403 [],
404 [#include <usersec.h>]
405 )
47686178 406 AC_CHECK_FUNCS(getgrset setauthdb)
9108f8d9 407 AC_CHECK_DECL(F_CLOSEM,
408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
996d5e62 413 check_for_aix_broken_getaddrinfo=1
2c06c99b 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 419 dnl AIX handles lastlog as part of its login message
2c06c99b 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
9108f8d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 429 ;;
430*-*-cygwin*)
6a9b3198 431 check_for_libcrypt_later=1
799ae497 432 LIBS="$LIBS /usr/lib/textreadmode.o"
2c06c99b 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
437 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
438 [Define if your system choked on IP TOS setting])
439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
440 [Define if X11 doesn't support AF_UNIX sockets on that system])
441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
442 [Define if the concept of ports only accessible to
443 superusers isn't known])
444 AC_DEFINE(DISABLE_FD_PASSING, 1,
445 [Define if your platform needs to skip post auth
446 file descriptor passing])
3c0ef626 447 ;;
448*-*-dgux*)
449 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 450 AC_DEFINE(SETEUID_BREAKS_SETUID)
451 AC_DEFINE(BROKEN_SETREUID)
452 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 453 ;;
454*-*-darwin*)
41b2f314 455 AC_MSG_CHECKING(if we have working getaddrinfo)
456 AC_TRY_RUN([#include <mach-o/dyld.h>
457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
458 exit(0);
459 else
460 exit(1);
461}], [AC_MSG_RESULT(working)],
462 [AC_MSG_RESULT(buggy)
2c06c99b 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
41b2f314 464 [AC_MSG_RESULT(assume it is working)])
acc3d05e 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
47686178 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
2c06c99b 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
470 [Define if your resolver libs need this for getrrsetbyname])
9108f8d9 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
473 [Use tunnel device compatibility to OpenBSD])
474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
475 [Prepend the address family to IP tunnel traffic])
47686178 476 m4_pattern_allow(AU_IPv)
477 AC_CHECK_DECL(AU_IPv4, [],
478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
479 [#include <bsm/audit.h>]
91d9cdd3 480 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1,
481 [Define if pututxline updates lastlog too])
47686178 482 )
9108f8d9 483 ;;
484*-*-dragonfly*)
485 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 486 ;;
665a873d 487*-*-hpux*)
488 # first we define all of the options common to all HP-UX releases
3c0ef626 489 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
490 IPADDR_IN_DISPLAY=yes
3c0ef626 491 AC_DEFINE(USE_PIPES)
2c06c99b 492 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
493 [Define if your login program cannot handle end of options ("--")])
700318f3 494 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 495 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
496 [String used in /etc/passwd to denote locked account])
0fff78ff 497 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
2c06c99b 498 MAIL="/var/mail/username"
41b2f314 499 LIBS="$LIBS -lsec"
665a873d 500 AC_CHECK_LIB(xnet, t_error, ,
501 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
502
503 # next, we define all of the options specific to major releases
504 case "$host" in
505 *-*-hpux10*)
506 if test -z "$GCC"; then
507 CFLAGS="$CFLAGS -Ae"
508 fi
509 ;;
510 *-*-hpux11*)
2c06c99b 511 AC_DEFINE(PAM_SUN_CODEBASE, 1,
512 [Define if you are using Solaris-derived PAM which
513 passes pam_messages to the conversation function
514 with an extra level of indirection])
515 AC_DEFINE(DISABLE_UTMP, 1,
516 [Define if you don't want to use utmp])
665a873d 517 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
518 check_for_hpux_broken_getaddrinfo=1
519 check_for_conflicting_getspnam=1
520 ;;
521 esac
522
523 # lastly, we define options specific to minor releases
524 case "$host" in
525 *-*-hpux10.26)
2c06c99b 526 AC_DEFINE(HAVE_SECUREWARE, 1,
527 [Define if you have SecureWare-based
528 protected password database])
665a873d 529 disable_ptmx_check=yes
530 LIBS="$LIBS -lsecpw"
531 ;;
532 esac
3c0ef626 533 ;;
534*-*-irix5*)
3c0ef626 535 PATH="$PATH:/usr/etc"
2c06c99b 536 AC_DEFINE(BROKEN_INET_NTOA, 1,
537 [Define if you system's inet_ntoa is busted
538 (e.g. Irix gcc issue)])
cdd66111 539 AC_DEFINE(SETEUID_BREAKS_SETUID)
540 AC_DEFINE(BROKEN_SETREUID)
541 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 542 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
543 [Define if you shouldn't strip 'tty' from your
544 ttyname in [uw]tmp])
0fff78ff 545 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 546 ;;
547*-*-irix6*)
3c0ef626 548 PATH="$PATH:/usr/etc"
2c06c99b 549 AC_DEFINE(WITH_IRIX_ARRAY, 1,
550 [Define if you have/want arrays
551 (cluster-wide session managment, not C arrays)])
552 AC_DEFINE(WITH_IRIX_PROJECT, 1,
553 [Define if you want IRIX project management])
554 AC_DEFINE(WITH_IRIX_AUDIT, 1,
555 [Define if you want IRIX audit trails])
556 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
557 [Define if you want IRIX kernel jobs])])
3c0ef626 558 AC_DEFINE(BROKEN_INET_NTOA)
acc3d05e 559 AC_DEFINE(SETEUID_BREAKS_SETUID)
560 AC_DEFINE(BROKEN_SETREUID)
561 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 562 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
700318f3 563 AC_DEFINE(WITH_ABBREV_NO_TTY)
0fff78ff 564 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 565 ;;
91d9cdd3 566*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu)
567 check_for_libcrypt_later=1
568 AC_DEFINE(PAM_TTY_KLUDGE)
569 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
570 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
571 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
572 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
573 ;;
3c0ef626 574*-*-linux*)
575 no_dev_ptmx=1
576 check_for_libcrypt_later=1
0fff78ff 577 check_for_openpty_ctty_bug=1
2c06c99b 578 AC_DEFINE(PAM_TTY_KLUDGE, 1,
579 [Work around problematic Linux PAM modules handling of PAM_TTY])
580 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
581 [String used in /etc/passwd to denote locked account])
0fff78ff 582 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
2c06c99b 583 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
584 [Define to whatever link() returns for "not supported"
585 if it doesn't return EOPNOTSUPP.])
996d5e62 586 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
2c06c99b 587 AC_DEFINE(USE_BTMP)
3c0ef626 588 inet6_default_4in6=yes
0fff78ff 589 case `uname -r` in
590 1.*|2.0.*)
2c06c99b 591 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
592 [Define if cmsg_type is not passed correctly])
0fff78ff 593 ;;
594 esac
2c06c99b 595 # tun(4) forwarding compat code
596 AC_CHECK_HEADERS(linux/if_tun.h)
597 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
598 AC_DEFINE(SSH_TUN_LINUX, 1,
599 [Open tunnel devices the Linux tun/tap way])
600 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
601 [Use tunnel device compatibility to OpenBSD])
602 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
603 [Prepend the address family to IP tunnel traffic])
604 fi
3c0ef626 605 ;;
606mips-sony-bsd|mips-sony-newsos4)
f2f068fa 607 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 608 SONY=1
3c0ef626 609 ;;
610*-*-netbsd*)
41b2f314 611 check_for_libcrypt_before=1
dec6d9fe 612 if test "x$withval" != "xno" ; then
cdd66111 613 need_dash_r=1
614 fi
2c06c99b 615 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
616 AC_CHECK_HEADER([net/if_tap.h], ,
617 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
618 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
619 [Prepend the address family to IP tunnel traffic])
3c0ef626 620 ;;
621*-*-freebsd*)
622 check_for_libcrypt_later=1
2c06c99b 623 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
624 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
625 AC_CHECK_HEADER([net/if_tap.h], ,
626 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
47686178 627 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
3c0ef626 628 ;;
acc3d05e 629*-*-bsdi*)
630 AC_DEFINE(SETEUID_BREAKS_SETUID)
631 AC_DEFINE(BROKEN_SETREUID)
632 AC_DEFINE(BROKEN_SETREGID)
633 ;;
3c0ef626 634*-next-*)
635 conf_lastlog_location="/usr/adm/lastlog"
636 conf_utmp_location=/etc/utmp
637 conf_wtmp_location=/usr/adm/wtmp
638 MAIL=/usr/spool/mail
2c06c99b 639 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 640 AC_DEFINE(BROKEN_REALPATH)
641 AC_DEFINE(USE_PIPES)
2c06c99b 642 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 643 ;;
665a873d 644*-*-openbsd*)
645 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
2c06c99b 646 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
647 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
9108f8d9 648 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
649 [syslog_r function is safe to use in in a signal handler])
665a873d 650 ;;
3c0ef626 651*-*-solaris*)
dec6d9fe 652 if test "x$withval" != "xno" ; then
99be0775 653 need_dash_r=1
654 fi
3c0ef626 655 AC_DEFINE(PAM_SUN_CODEBASE)
656 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 657 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
658 [Some versions of /bin/login need the TERM supplied
659 on the commandline])
3c0ef626 660 AC_DEFINE(PAM_TTY_KLUDGE)
2c06c99b 661 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
662 [Define if pam_chauthtok wants real uid set
663 to the unpriv'ed user])
0fff78ff 664 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
665 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
2c06c99b 666 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
667 [Define if sshd somehow reacquires a controlling TTY
668 after setsid()])
9108f8d9 669 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
670 in case the name is longer than 8 chars])
0fff78ff 671 external_path_file=/etc/default/login
3c0ef626 672 # hardwire lastlog location (can't detect it on some versions)
673 conf_lastlog_location="/var/adm/lastlog"
674 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
675 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
676 if test "$sol2ver" -ge 8; then
677 AC_MSG_RESULT(yes)
678 AC_DEFINE(DISABLE_UTMP)
2c06c99b 679 AC_DEFINE(DISABLE_WTMP, 1,
680 [Define if you don't want to use wtmp])
3c0ef626 681 else
682 AC_MSG_RESULT(no)
683 fi
9108f8d9 684 AC_ARG_WITH(solaris-contracts,
685 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
686 [
687 AC_CHECK_LIB(contract, ct_tmpl_activate,
688 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
689 [Define if you have Solaris process contracts])
690 SSHDLIBS="$SSHDLIBS -lcontract"
691 AC_SUBST(SSHDLIBS)
692 SPC_MSG="yes" ], )
693 ],
694 )
3c0ef626 695 ;;
696*-*-sunos4*)
697 CPPFLAGS="$CPPFLAGS -DSUNOS4"
698 AC_CHECK_FUNCS(getpwanam)
699 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 700 conf_utmp_location=/etc/utmp
701 conf_wtmp_location=/var/adm/wtmp
702 conf_lastlog_location=/var/adm/lastlog
703 AC_DEFINE(USE_PIPES)
704 ;;
705*-ncr-sysv*)
3c0ef626 706 LIBS="$LIBS -lc89"
e9a17296 707 AC_DEFINE(USE_PIPES)
0fff78ff 708 AC_DEFINE(SSHD_ACQUIRES_CTTY)
acc3d05e 709 AC_DEFINE(SETEUID_BREAKS_SETUID)
710 AC_DEFINE(BROKEN_SETREUID)
711 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 712 ;;
713*-sni-sysv*)
3c0ef626 714 # /usr/ucblib MUST NOT be searched on ReliantUNIX
cdd66111 715 AC_CHECK_LIB(dl, dlsym, ,)
2c06c99b 716 # -lresolv needs to be at the end of LIBS or DNS lookups break
717 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 718 IPADDR_IN_DISPLAY=yes
719 AC_DEFINE(USE_PIPES)
720 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 721 AC_DEFINE(SETEUID_BREAKS_SETUID)
722 AC_DEFINE(BROKEN_SETREUID)
723 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 724 AC_DEFINE(SSHD_ACQUIRES_CTTY)
725 external_path_file=/etc/default/login
3c0ef626 726 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
727 # Attention: always take care to bind libsocket and libnsl before libc,
728 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
729 ;;
996d5e62 730# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 731*-*-sysv4.2*)
3c0ef626 732 AC_DEFINE(USE_PIPES)
0fff78ff 733 AC_DEFINE(SETEUID_BREAKS_SETUID)
734 AC_DEFINE(BROKEN_SETREUID)
735 AC_DEFINE(BROKEN_SETREGID)
dec6d9fe 736 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
2c06c99b 737 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 738 ;;
996d5e62 739# UnixWare 7.x, OpenUNIX 8
3c0ef626 740*-*-sysv5*)
665a873d 741 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 742 AC_DEFINE(USE_PIPES)
0fff78ff 743 AC_DEFINE(SETEUID_BREAKS_SETUID)
744 AC_DEFINE(BROKEN_SETREUID)
745 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 746 AC_DEFINE(PASSWD_NEEDS_USERNAME)
665a873d 747 case "$host" in
748 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
749 TEST_SHELL=/u95/bin/sh
2c06c99b 750 AC_DEFINE(BROKEN_LIBIAF, 1,
751 [ia_uinfo routines not supported by OS yet])
9108f8d9 752 AC_DEFINE(BROKEN_UPDWTMPX)
91d9cdd3 753 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
754 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
755 AC_DEFINE(HAVE_SECUREWARE)
756 AC_DEFINE(DISABLE_SHADOW)
757 ],,)
2c06c99b 758 ;;
759 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
91d9cdd3 760 check_for_libcrypt_later=1
665a873d 761 ;;
762 esac
3c0ef626 763 ;;
764*-*-sysv*)
3c0ef626 765 ;;
996d5e62 766# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 767*-*-sco3.2v4*)
996d5e62 768 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 769 ;;
996d5e62 770# SCO OpenServer 5.x
3c0ef626 771*-*-sco3.2v5*)
6a9b3198 772 if test -z "$GCC"; then
773 CFLAGS="$CFLAGS -belf"
774 fi
3c0ef626 775 LIBS="$LIBS -lprot -lx -ltinfo -lm"
776 no_dev_ptmx=1
3c0ef626 777 AC_DEFINE(USE_PIPES)
700318f3 778 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 779 AC_DEFINE(DISABLE_SHADOW)
41b2f314 780 AC_DEFINE(DISABLE_FD_PASSING)
0fff78ff 781 AC_DEFINE(SETEUID_BREAKS_SETUID)
782 AC_DEFINE(BROKEN_SETREUID)
783 AC_DEFINE(BROKEN_SETREGID)
784 AC_DEFINE(WITH_ABBREV_NO_TTY)
c9f39d2c 785 AC_DEFINE(BROKEN_UPDWTMPX)
2c06c99b 786 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 787 AC_CHECK_FUNCS(getluid setluid)
788 MANTYPE=man
c9f39d2c 789 TEST_SHELL=ksh
3c0ef626 790 ;;
41b2f314 791*-*-unicosmk*)
2c06c99b 792 AC_DEFINE(NO_SSH_LASTLOG, 1,
793 [Define if you don't want to use lastlog in session.c])
cdd66111 794 AC_DEFINE(SETEUID_BREAKS_SETUID)
795 AC_DEFINE(BROKEN_SETREUID)
796 AC_DEFINE(BROKEN_SETREGID)
41b2f314 797 AC_DEFINE(USE_PIPES)
798 AC_DEFINE(DISABLE_FD_PASSING)
799 LDFLAGS="$LDFLAGS"
800 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
801 MANTYPE=cat
802 ;;
0fff78ff 803*-*-unicosmp*)
cdd66111 804 AC_DEFINE(SETEUID_BREAKS_SETUID)
805 AC_DEFINE(BROKEN_SETREUID)
806 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 807 AC_DEFINE(WITH_ABBREV_NO_TTY)
808 AC_DEFINE(USE_PIPES)
809 AC_DEFINE(DISABLE_FD_PASSING)
810 LDFLAGS="$LDFLAGS"
cdd66111 811 LIBS="$LIBS -lgen -lacid -ldb"
0fff78ff 812 MANTYPE=cat
813 ;;
3c0ef626 814*-*-unicos*)
cdd66111 815 AC_DEFINE(SETEUID_BREAKS_SETUID)
816 AC_DEFINE(BROKEN_SETREUID)
817 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 818 AC_DEFINE(USE_PIPES)
41b2f314 819 AC_DEFINE(DISABLE_FD_PASSING)
820 AC_DEFINE(NO_SSH_LASTLOG)
821 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
822 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
823 MANTYPE=cat
3c0ef626 824 ;;
825*-dec-osf*)
826 AC_MSG_CHECKING(for Digital Unix SIA)
827 no_osfsia=""
828 AC_ARG_WITH(osfsia,
829 [ --with-osfsia Enable Digital Unix SIA],
830 [
831 if test "x$withval" = "xno" ; then
832 AC_MSG_RESULT(disabled)
833 no_osfsia=1
834 fi
835 ],
836 )
837 if test -z "$no_osfsia" ; then
838 if test -f /etc/sia/matrix.conf; then
839 AC_MSG_RESULT(yes)
2c06c99b 840 AC_DEFINE(HAVE_OSF_SIA, 1,
841 [Define if you have Digital Unix Security
842 Integration Architecture])
843 AC_DEFINE(DISABLE_LOGIN, 1,
844 [Define if you don't want to use your
845 system's login() call])
6a9b3198 846 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 847 LIBS="$LIBS -lsecurity -ldb -lm -laud"
9108f8d9 848 SIA_MSG="yes"
3c0ef626 849 else
850 AC_MSG_RESULT(no)
2c06c99b 851 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
852 [String used in /etc/passwd to denote locked account])
3c0ef626 853 fi
854 fi
0fff78ff 855 AC_DEFINE(BROKEN_GETADDRINFO)
acc3d05e 856 AC_DEFINE(SETEUID_BREAKS_SETUID)
857 AC_DEFINE(BROKEN_SETREUID)
858 AC_DEFINE(BROKEN_SETREGID)
22616013 859 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
3c0ef626 860 ;;
861
f2f068fa 862*-*-nto-qnx*)
3c0ef626 863 AC_DEFINE(USE_PIPES)
864 AC_DEFINE(NO_X11_UNIX_SOCKETS)
2c06c99b 865 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
866 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
867 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
f2f068fa 868 AC_DEFINE(DISABLE_LASTLOG)
9108f8d9 869 AC_DEFINE(SSHD_ACQUIRES_CTTY)
47686178 870 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
9108f8d9 871 enable_etc_default_login=no # has incompatible /etc/default/login
d4487008 872 case "$host" in
873 *-*-nto-qnx6*)
874 AC_DEFINE(DISABLE_FD_PASSING)
875 ;;
876 esac
3c0ef626 877 ;;
665a873d 878
879*-*-ultrix*)
2c06c99b 880 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
881 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
f2f068fa 882 AC_DEFINE(NEED_SETPGRP)
665a873d 883 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
884 ;;
885
886*-*-lynxos)
887 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
2c06c99b 888 AC_DEFINE(MISSING_HOWMANY)
665a873d 889 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
890 ;;
3c0ef626 891esac
892
0fff78ff 893AC_MSG_CHECKING(compiler and flags for sanity)
996d5e62 894AC_RUN_IFELSE(
895 [AC_LANG_SOURCE([
0fff78ff 896#include <stdio.h>
897int main(){exit(0);}
996d5e62 898 ])],
0fff78ff 899 [ AC_MSG_RESULT(yes) ],
900 [
901 AC_MSG_RESULT(no)
902 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
996d5e62 903 ],
904 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
0fff78ff 905)
906
665a873d 907dnl Checks for header files.
3c0ef626 908# Checks for libraries.
909AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
910AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
911
0fff78ff 912dnl IRIX and Solaris 2.5.1 have dirname() in libgen
913AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
914 AC_CHECK_LIB(gen, dirname,[
915 AC_CACHE_CHECK([for broken dirname],
916 ac_cv_have_broken_dirname, [
917 save_LIBS="$LIBS"
918 LIBS="$LIBS -lgen"
2c06c99b 919 AC_RUN_IFELSE(
920 [AC_LANG_SOURCE([[
0fff78ff 921#include <libgen.h>
922#include <string.h>
923
924int main(int argc, char **argv) {
925 char *s, buf[32];
926
927 strncpy(buf,"/etc", 32);
928 s = dirname(buf);
929 if (!s || strncmp(s, "/", 32) != 0) {
930 exit(1);
931 } else {
932 exit(0);
933 }
934}
2c06c99b 935 ]])],
936 [ ac_cv_have_broken_dirname="no" ],
937 [ ac_cv_have_broken_dirname="yes" ],
0fff78ff 938 [ ac_cv_have_broken_dirname="no" ],
0fff78ff 939 )
940 LIBS="$save_LIBS"
941 ])
942 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
943 LIBS="$LIBS -lgen"
944 AC_DEFINE(HAVE_DIRNAME)
945 AC_CHECK_HEADERS(libgen.h)
946 fi
947 ])
948])
949
3c0ef626 950AC_CHECK_FUNC(getspnam, ,
951 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
2c06c99b 952AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
953 [Define if you have the basename function.]))
3c0ef626 954
955dnl zlib is required
956AC_ARG_WITH(zlib,
957 [ --with-zlib=PATH Use zlib in PATH],
dec6d9fe 958 [ if test "x$withval" = "xno" ; then
959 AC_MSG_ERROR([*** zlib is required ***])
960 elif test "x$withval" != "xyes"; then
3c0ef626 961 if test -d "$withval/lib"; then
962 if test -n "${need_dash_r}"; then
963 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
964 else
965 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
966 fi
967 else
968 if test -n "${need_dash_r}"; then
969 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
970 else
971 LDFLAGS="-L${withval} ${LDFLAGS}"
972 fi
973 fi
974 if test -d "$withval/include"; then
975 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
976 else
977 CPPFLAGS="-I${withval} ${CPPFLAGS}"
978 fi
dec6d9fe 979 fi ]
3c0ef626 980)
981
cdd66111 982AC_CHECK_LIB(z, deflate, ,
983 [
984 saved_CPPFLAGS="$CPPFLAGS"
985 saved_LDFLAGS="$LDFLAGS"
986 save_LIBS="$LIBS"
987 dnl Check default zlib install dir
988 if test -n "${need_dash_r}"; then
989 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
990 else
991 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
992 fi
993 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
994 LIBS="$LIBS -lz"
995 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
996 [
997 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
998 ]
999 )
1000 ]
1001)
1002AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
1003
1004AC_ARG_WITH(zlib-version-check,
1005 [ --without-zlib-version-check Disable zlib version check],
1006 [ if test "x$withval" = "xno" ; then
1007 zlib_check_nonfatal=1
1008 fi
1009 ]
1010)
1011
dec6d9fe 1012AC_MSG_CHECKING(for possibly buggy zlib)
996d5e62 1013AC_RUN_IFELSE([AC_LANG_SOURCE([[
dec6d9fe 1014#include <stdio.h>
cdd66111 1015#include <zlib.h>
1016int main()
1017{
dec6d9fe 1018 int a=0, b=0, c=0, d=0, n, v;
1019 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1020 if (n != 3 && n != 4)
cdd66111 1021 exit(1);
dec6d9fe 1022 v = a*1000000 + b*10000 + c*100 + d;
1023 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1024
1025 /* 1.1.4 is OK */
1026 if (a == 1 && b == 1 && c >= 4)
cdd66111 1027 exit(0);
dec6d9fe 1028
665a873d 1029 /* 1.2.3 and up are OK */
1030 if (v >= 1020300)
dec6d9fe 1031 exit(0);
1032
cdd66111 1033 exit(2);
1034}
996d5e62 1035 ]])],
dec6d9fe 1036 AC_MSG_RESULT(no),
1037 [ AC_MSG_RESULT(yes)
cdd66111 1038 if test -z "$zlib_check_nonfatal" ; then
1039 AC_MSG_ERROR([*** zlib too old - check config.log ***
1040Your reported zlib version has known security problems. It's possible your
1041vendor has fixed these problems without changing the version number. If you
1042are sure this is the case, you can disable the check by running
1043"./configure --without-zlib-version-check".
665a873d 1044If you are in doubt, upgrade zlib to version 1.2.3 or greater.
dec6d9fe 1045See http://www.gzip.org/zlib/ for details.])
cdd66111 1046 else
1047 AC_MSG_WARN([zlib version may have security problems])
1048 fi
996d5e62 1049 ],
1050 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
cdd66111 1051)
3c0ef626 1052
3c0ef626 1053dnl UnixWare 2.x
cdd66111 1054AC_CHECK_FUNC(strcasecmp,
3c0ef626 1055 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1056)
2c06c99b 1057AC_CHECK_FUNCS(utimes,
41b2f314 1058 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1059 LIBS="$LIBS -lc89"]) ]
3c0ef626 1060)
1061
1062dnl Checks for libutil functions
1063AC_CHECK_HEADERS(libutil.h)
2c06c99b 1064AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1065 [Define if your libraries define login()])])
22616013 1066AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
3c0ef626 1067
1068AC_FUNC_STRFTIME
1069
3c0ef626 1070# Check for ALTDIRFUNC glob() extension
1071AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1072AC_EGREP_CPP(FOUNDIT,
1073 [
1074 #include <glob.h>
1075 #ifdef GLOB_ALTDIRFUNC
1076 FOUNDIT
1077 #endif
cdd66111 1078 ],
3c0ef626 1079 [
2c06c99b 1080 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1081 [Define if your system glob() function has
1082 the GLOB_ALTDIRFUNC extension])
3c0ef626 1083 AC_MSG_RESULT(yes)
1084 ],
1085 [
1086 AC_MSG_RESULT(no)
1087 ]
1088)
1089
1090# Check for g.gl_matchc glob() extension
1091AC_MSG_CHECKING(for gl_matchc field in glob_t)
9108f8d9 1092AC_TRY_COMPILE(
1093 [ #include <glob.h> ],
1094 [glob_t g; g.gl_matchc = 1;],
cdd66111 1095 [
2c06c99b 1096 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1097 [Define if your system glob() function has
1098 gl_matchc options in glob_t])
cdd66111 1099 AC_MSG_RESULT(yes)
1100 ],
1101 [
1102 AC_MSG_RESULT(no)
1103 ]
3c0ef626 1104)
1105
9108f8d9 1106AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1107
3c0ef626 1108AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
996d5e62 1109AC_RUN_IFELSE(
1110 [AC_LANG_SOURCE([[
3c0ef626 1111#include <sys/types.h>
1112#include <dirent.h>
41b2f314 1113int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
996d5e62 1114 ]])],
cdd66111 1115 [AC_MSG_RESULT(yes)],
3c0ef626 1116 [
1117 AC_MSG_RESULT(no)
2c06c99b 1118 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1119 [Define if your struct dirent expects you to
1120 allocate extra space for d_name])
996d5e62 1121 ],
dec6d9fe 1122 [
996d5e62 1123 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1124 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1125 ]
1126)
1127
c9f39d2c 1128AC_MSG_CHECKING([for /proc/pid/fd directory])
1129if test -d "/proc/$$/fd" ; then
2c06c99b 1130 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
c9f39d2c 1131 AC_MSG_RESULT(yes)
1132else
1133 AC_MSG_RESULT(no)
1134fi
1135
3c0ef626 1136# Check whether user wants S/Key support
cdd66111 1137SKEY_MSG="no"
3c0ef626 1138AC_ARG_WITH(skey,
996d5e62 1139 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1140 [
1141 if test "x$withval" != "xno" ; then
1142
1143 if test "x$withval" != "xyes" ; then
1144 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1145 LDFLAGS="$LDFLAGS -L${withval}/lib"
1146 fi
1147
2c06c99b 1148 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1149 LIBS="-lskey $LIBS"
cdd66111 1150 SKEY_MSG="yes"
dec6d9fe 1151
e9a17296 1152 AC_MSG_CHECKING([for s/key support])
2c06c99b 1153 AC_LINK_IFELSE(
1154 [AC_LANG_SOURCE([[
e9a17296 1155#include <stdio.h>
1156#include <skey.h>
41b2f314 1157int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
2c06c99b 1158 ]])],
e9a17296 1159 [AC_MSG_RESULT(yes)],
3c0ef626 1160 [
e9a17296 1161 AC_MSG_RESULT(no)
3c0ef626 1162 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1163 ])
99be0775 1164 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1165 AC_TRY_COMPILE(
1166 [#include <stdio.h>
1167 #include <skey.h>],
1168 [(void)skeychallenge(NULL,"name","",0);],
1169 [AC_MSG_RESULT(yes)
2c06c99b 1170 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1171 [Define if your skeychallenge()
1172 function takes 4 arguments (NetBSD)])],
99be0775 1173 [AC_MSG_RESULT(no)]
1174 )
3c0ef626 1175 fi
1176 ]
1177)
1178
1179# Check whether user wants TCP wrappers support
1180TCPW_MSG="no"
1181AC_ARG_WITH(tcp-wrappers,
996d5e62 1182 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1183 [
1184 if test "x$withval" != "xno" ; then
1185 saved_LIBS="$LIBS"
1186 saved_LDFLAGS="$LDFLAGS"
1187 saved_CPPFLAGS="$CPPFLAGS"
dec6d9fe 1188 if test -n "${withval}" && \
1189 test "x${withval}" != "xyes"; then
3c0ef626 1190 if test -d "${withval}/lib"; then
1191 if test -n "${need_dash_r}"; then
1192 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1193 else
1194 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1195 fi
1196 else
1197 if test -n "${need_dash_r}"; then
1198 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1199 else
1200 LDFLAGS="-L${withval} ${LDFLAGS}"
1201 fi
1202 fi
1203 if test -d "${withval}/include"; then
1204 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1205 else
1206 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1207 fi
1208 fi
d4487008 1209 LIBS="-lwrap $LIBS"
3c0ef626 1210 AC_MSG_CHECKING(for libwrap)
1211 AC_TRY_LINK(
1212 [
99be0775 1213#include <sys/types.h>
1214#include <sys/socket.h>
1215#include <netinet/in.h>
3c0ef626 1216#include <tcpd.h>
1217 int deny_severity = 0, allow_severity = 0;
1218 ],
1219 [hosts_access(0);],
1220 [
1221 AC_MSG_RESULT(yes)
2c06c99b 1222 AC_DEFINE(LIBWRAP, 1,
1223 [Define if you want
1224 TCP Wrappers support])
d4487008 1225 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1226 TCPW_MSG="yes"
1227 ],
1228 [
1229 AC_MSG_ERROR([*** libwrap missing])
1230 ]
1231 )
e9a17296 1232 LIBS="$saved_LIBS"
3c0ef626 1233 fi
1234 ]
1235)
1236
996d5e62 1237# Check whether user wants libedit support
1238LIBEDIT_MSG="no"
1239AC_ARG_WITH(libedit,
1240 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1241 [ if test "x$withval" != "xno" ; then
dec6d9fe 1242 if test "x$withval" != "xyes"; then
2c06c99b 1243 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1244 if test -n "${need_dash_r}"; then
1245 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1246 else
1247 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1248 fi
dec6d9fe 1249 fi
996d5e62 1250 AC_CHECK_LIB(edit, el_init,
2c06c99b 1251 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
996d5e62 1252 LIBEDIT="-ledit -lcurses"
1253 LIBEDIT_MSG="yes"
1254 AC_SUBST(LIBEDIT)
1255 ],
dec6d9fe 1256 [ AC_MSG_ERROR(libedit not found) ],
1257 [ -lcurses ]
996d5e62 1258 )
665a873d 1259 AC_MSG_CHECKING(if libedit version is compatible)
1260 AC_COMPILE_IFELSE(
1261 [AC_LANG_SOURCE([[
1262#include <histedit.h>
1263int main(void)
1264{
1265 int i = H_SETSIZE;
1266 el_init("", NULL, NULL, NULL);
1267 exit(0);
1268}
1269 ]])],
1270 [ AC_MSG_RESULT(yes) ],
1271 [ AC_MSG_RESULT(no)
1272 AC_MSG_ERROR(libedit version is not compatible) ]
1273 )
996d5e62 1274 fi ]
1275)
1276
1277AUDIT_MODULE=none
1278AC_ARG_WITH(audit,
1279 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1280 [
1281 AC_MSG_CHECKING(for supported audit module)
1282 case "$withval" in
1283 bsm)
1284 AC_MSG_RESULT(bsm)
1285 AUDIT_MODULE=bsm
1286 dnl Checks for headers, libs and functions
1287 AC_CHECK_HEADERS(bsm/audit.h, [],
9108f8d9 1288 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1289 [
1290#ifdef HAVE_TIME_H
1291# include <time.h>
1292#endif
1293 ]
1294)
996d5e62 1295 AC_CHECK_LIB(bsm, getaudit, [],
1296 [AC_MSG_ERROR(BSM enabled and required library not found)])
1297 AC_CHECK_FUNCS(getaudit, [],
1298 [AC_MSG_ERROR(BSM enabled and required function not found)])
1299 # These are optional
47686178 1300 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
2c06c99b 1301 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
996d5e62 1302 ;;
1303 debug)
1304 AUDIT_MODULE=debug
1305 AC_MSG_RESULT(debug)
2c06c99b 1306 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
996d5e62 1307 ;;
665a873d 1308 no)
1309 AC_MSG_RESULT(no)
1310 ;;
996d5e62 1311 *)
1312 AC_MSG_ERROR([Unknown audit module $withval])
1313 ;;
1314 esac ]
1315)
1316
6a9b3198 1317dnl Checks for library functions. Please keep in alphabetical order
665a873d 1318AC_CHECK_FUNCS( \
1319 arc4random \
22616013 1320 arc4random_buf \
1321 arc4random_uniform \
2c06c99b 1322 asprintf \
665a873d 1323 b64_ntop \
1324 __b64_ntop \
1325 b64_pton \
1326 __b64_pton \
1327 bcopy \
1328 bindresvport_sa \
1329 clock \
1330 closefrom \
1331 dirfd \
1332 fchmod \
1333 fchown \
1334 freeaddrinfo \
22616013 1335 fstatvfs \
665a873d 1336 futimes \
1337 getaddrinfo \
1338 getcwd \
1339 getgrouplist \
1340 getnameinfo \
1341 getopt \
1342 getpeereid \
d4487008 1343 getpeerucred \
665a873d 1344 _getpty \
1345 getrlimit \
1346 getttyent \
1347 glob \
1348 inet_aton \
1349 inet_ntoa \
1350 inet_ntop \
1351 innetgr \
1352 login_getcapbool \
1353 md5_crypt \
1354 memmove \
1355 mkdtemp \
1356 mmap \
1357 ngetaddrinfo \
1358 nsleep \
1359 ogetaddrinfo \
1360 openlog_r \
1361 openpty \
d4487008 1362 poll \
665a873d 1363 prctl \
1364 pstat \
1365 readpassphrase \
1366 realpath \
1367 recvmsg \
1368 rresvport_af \
1369 sendmsg \
1370 setdtablesize \
1371 setegid \
1372 setenv \
1373 seteuid \
1374 setgroups \
1375 setlogin \
1376 setpcred \
1377 setproctitle \
1378 setregid \
1379 setreuid \
1380 setrlimit \
1381 setsid \
1382 setvbuf \
1383 sigaction \
1384 sigvec \
1385 snprintf \
1386 socketpair \
22616013 1387 statfs \
1388 statvfs \
665a873d 1389 strdup \
1390 strerror \
1391 strlcat \
1392 strlcpy \
1393 strmode \
1394 strnvis \
1395 strtonum \
1396 strtoll \
1397 strtoul \
d4487008 1398 swap32 \
665a873d 1399 sysconf \
1400 tcgetpgrp \
1401 truncate \
1402 unsetenv \
1403 updwtmpx \
2c06c99b 1404 vasprintf \
665a873d 1405 vhangup \
1406 vsnprintf \
1407 waitpid \
6a9b3198 1408)
1409
acc3d05e 1410# IRIX has a const char return value for gai_strerror()
1411AC_CHECK_FUNCS(gai_strerror,[
1412 AC_DEFINE(HAVE_GAI_STRERROR)
1413 AC_TRY_COMPILE([
1414#include <sys/types.h>
1415#include <sys/socket.h>
1416#include <netdb.h>
1417
1418const char *gai_strerror(int);],[
1419char *str;
1420
1421str = gai_strerror(0);],[
1422 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1423 [Define if gai_strerror() returns const char *])])])
1424
2c06c99b 1425AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1426 [Some systems put nanosleep outside of libc]))
6a9b3198 1427
0fff78ff 1428dnl Make sure prototypes are defined for these before using them.
0fff78ff 1429AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
665a873d 1430AC_CHECK_DECL(strsep,
1431 [AC_CHECK_FUNCS(strsep)],
1432 [],
1433 [
1434#ifdef HAVE_STRING_H
1435# include <string.h>
1436#endif
1437 ])
3c0ef626 1438
0fff78ff 1439dnl tcsendbreak might be a macro
1440AC_CHECK_DECL(tcsendbreak,
1441 [AC_DEFINE(HAVE_TCSENDBREAK)],
cdd66111 1442 [AC_CHECK_FUNCS(tcsendbreak)],
0fff78ff 1443 [#include <termios.h>]
1444)
3c0ef626 1445
c9f39d2c 1446AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1447
9108f8d9 1448AC_CHECK_DECLS(SHUT_RD, , ,
1449 [
1450#include <sys/types.h>
1451#include <sys/socket.h>
1452 ])
1453
1454AC_CHECK_DECLS(O_NONBLOCK, , ,
1455 [
1456#include <sys/types.h>
1457#ifdef HAVE_SYS_STAT_H
1458# include <sys/stat.h>
1459#endif
1460#ifdef HAVE_FCNTL_H
1461# include <fcntl.h>
1462#endif
1463 ])
1464
1465AC_CHECK_DECLS(writev, , , [
1466#include <sys/types.h>
1467#include <sys/uio.h>
1468#include <unistd.h>
1469 ])
1470
d4487008 1471AC_CHECK_DECLS(MAXSYMLINKS, , , [
1472#include <sys/param.h>
1473 ])
1474
1475AC_CHECK_DECLS(offsetof, , , [
1476#include <stddef.h>
1477 ])
1478
cdd66111 1479AC_CHECK_FUNCS(setresuid, [
1480 dnl Some platorms have setresuid that isn't implemented, test for this
1481 AC_MSG_CHECKING(if setresuid seems to work)
996d5e62 1482 AC_RUN_IFELSE(
1483 [AC_LANG_SOURCE([[
cdd66111 1484#include <stdlib.h>
1485#include <errno.h>
1486int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1487 ]])],
cdd66111 1488 [AC_MSG_RESULT(yes)],
2c06c99b 1489 [AC_DEFINE(BROKEN_SETRESUID, 1,
1490 [Define if your setresuid() is broken])
996d5e62 1491 AC_MSG_RESULT(not implemented)],
1492 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1493 )
1494])
1495
1496AC_CHECK_FUNCS(setresgid, [
1497 dnl Some platorms have setresgid that isn't implemented, test for this
1498 AC_MSG_CHECKING(if setresgid seems to work)
996d5e62 1499 AC_RUN_IFELSE(
1500 [AC_LANG_SOURCE([[
cdd66111 1501#include <stdlib.h>
1502#include <errno.h>
1503int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1504 ]])],
cdd66111 1505 [AC_MSG_RESULT(yes)],
2c06c99b 1506 [AC_DEFINE(BROKEN_SETRESGID, 1,
1507 [Define if your setresgid() is broken])
996d5e62 1508 AC_MSG_RESULT(not implemented)],
1509 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1510 )
1511])
1512
3c0ef626 1513dnl Checks for time functions
1514AC_CHECK_FUNCS(gettimeofday time)
1515dnl Checks for utmp functions
1516AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1517AC_CHECK_FUNCS(utmpname)
1518dnl Checks for utmpx functions
1519AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1520AC_CHECK_FUNCS(setutxent utmpxname)
91d9cdd3 1521dnl Checks for lastlog functions
1522AC_CHECK_FUNCS(getlastlogxbyname)
3c0ef626 1523
cdd66111 1524AC_CHECK_FUNC(daemon,
2c06c99b 1525 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1526 [AC_CHECK_LIB(bsd, daemon,
1527 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1528)
1529
cdd66111 1530AC_CHECK_FUNC(getpagesize,
2c06c99b 1531 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1532 [Define if your libraries define getpagesize()])],
1533 [AC_CHECK_LIB(ucb, getpagesize,
1534 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1535)
1536
1537# Check for broken snprintf
1538if test "x$ac_cv_func_snprintf" = "xyes" ; then
1539 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
996d5e62 1540 AC_RUN_IFELSE(
1541 [AC_LANG_SOURCE([[
3c0ef626 1542#include <stdio.h>
41b2f314 1543int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
996d5e62 1544 ]])],
cdd66111 1545 [AC_MSG_RESULT(yes)],
3c0ef626 1546 [
1547 AC_MSG_RESULT(no)
2c06c99b 1548 AC_DEFINE(BROKEN_SNPRINTF, 1,
1549 [Define if your snprintf is busted])
3c0ef626 1550 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
996d5e62 1551 ],
1552 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1553 )
1554fi
1555
2c06c99b 1556# If we don't have a working asprintf, then we strongly depend on vsnprintf
1557# returning the right thing on overflow: the number of characters it tried to
1558# create (as per SUSv3)
1559if test "x$ac_cv_func_asprintf" != "xyes" && \
1560 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1561 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1562 AC_RUN_IFELSE(
1563 [AC_LANG_SOURCE([[
1564#include <sys/types.h>
1565#include <stdio.h>
1566#include <stdarg.h>
1567
1568int x_snprintf(char *str,size_t count,const char *fmt,...)
1569{
1570 size_t ret; va_list ap;
1571 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1572 return ret;
1573}
1574int main(void)
1575{
1576 char x[1];
1577 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1578} ]])],
1579 [AC_MSG_RESULT(yes)],
1580 [
1581 AC_MSG_RESULT(no)
1582 AC_DEFINE(BROKEN_SNPRINTF, 1,
1583 [Define if your snprintf is busted])
1584 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1585 ],
1586 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1587 )
1588fi
1589
1590# On systems where [v]snprintf is broken, but is declared in stdio,
1591# check that the fmt argument is const char * or just char *.
1592# This is only useful for when BROKEN_SNPRINTF
1593AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1594AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1595 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1596 int main(void) { snprintf(0, 0, 0); }
1597 ]])],
1598 [AC_MSG_RESULT(yes)
1599 AC_DEFINE(SNPRINTF_CONST, [const],
1600 [Define as const if snprintf() can declare const char *fmt])],
1601 [AC_MSG_RESULT(no)
1602 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1603
c9f39d2c 1604# Check for missing getpeereid (or equiv) support
1605NO_PEERCHECK=""
d4487008 1606if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
c9f39d2c 1607 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1608 AC_TRY_COMPILE(
1609 [#include <sys/types.h>
1610 #include <sys/socket.h>],
1611 [int i = SO_PEERCRED;],
dec6d9fe 1612 [ AC_MSG_RESULT(yes)
2c06c99b 1613 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
dec6d9fe 1614 ],
c9f39d2c 1615 [AC_MSG_RESULT(no)
1616 NO_PEERCHECK=1]
1617 )
1618fi
1619
6a9b3198 1620dnl see whether mkstemp() requires XXXXXX
1621if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1622AC_MSG_CHECKING([for (overly) strict mkstemp])
2c06c99b 1623AC_RUN_IFELSE(
1624 [AC_LANG_SOURCE([[
6a9b3198 1625#include <stdlib.h>
1626main() { char template[]="conftest.mkstemp-test";
1627if (mkstemp(template) == -1)
1628 exit(1);
1629unlink(template); exit(0);
1630}
2c06c99b 1631 ]])],
6a9b3198 1632 [
1633 AC_MSG_RESULT(no)
1634 ],
cdd66111 1635 [
6a9b3198 1636 AC_MSG_RESULT(yes)
2c06c99b 1637 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
6a9b3198 1638 ],
1639 [
1640 AC_MSG_RESULT(yes)
1641 AC_DEFINE(HAVE_STRICT_MKSTEMP)
cdd66111 1642 ]
6a9b3198 1643)
1644fi
1645
0fff78ff 1646dnl make sure that openpty does not reacquire controlling terminal
1647if test ! -z "$check_for_openpty_ctty_bug"; then
1648 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
2c06c99b 1649 AC_RUN_IFELSE(
1650 [AC_LANG_SOURCE([[
0fff78ff 1651#include <stdio.h>
1652#include <sys/fcntl.h>
1653#include <sys/types.h>
1654#include <sys/wait.h>
1655
1656int
1657main()
1658{
1659 pid_t pid;
1660 int fd, ptyfd, ttyfd, status;
1661
1662 pid = fork();
1663 if (pid < 0) { /* failed */
1664 exit(1);
1665 } else if (pid > 0) { /* parent */
1666 waitpid(pid, &status, 0);
cdd66111 1667 if (WIFEXITED(status))
0fff78ff 1668 exit(WEXITSTATUS(status));
1669 else
1670 exit(2);
1671 } else { /* child */
1672 close(0); close(1); close(2);
1673 setsid();
1674 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1675 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1676 if (fd >= 0)
1677 exit(3); /* Acquired ctty: broken */
1678 else
1679 exit(0); /* Did not acquire ctty: OK */
1680 }
1681}
2c06c99b 1682 ]])],
0fff78ff 1683 [
1684 AC_MSG_RESULT(yes)
1685 ],
1686 [
1687 AC_MSG_RESULT(no)
1688 AC_DEFINE(SSHD_ACQUIRES_CTTY)
2c06c99b 1689 ],
1690 [
1691 AC_MSG_RESULT(cross-compiling, assuming yes)
0fff78ff 1692 ]
1693 )
1694fi
1695
dec6d9fe 1696if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1697 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
99be0775 1698 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1699 AC_RUN_IFELSE(
1700 [AC_LANG_SOURCE([[
99be0775 1701#include <stdio.h>
1702#include <sys/socket.h>
1703#include <netdb.h>
1704#include <errno.h>
1705#include <netinet/in.h>
1706
1707#define TEST_PORT "2222"
1708
1709int
1710main(void)
1711{
1712 int err, sock;
1713 struct addrinfo *gai_ai, *ai, hints;
1714 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1715
1716 memset(&hints, 0, sizeof(hints));
1717 hints.ai_family = PF_UNSPEC;
1718 hints.ai_socktype = SOCK_STREAM;
1719 hints.ai_flags = AI_PASSIVE;
1720
1721 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1722 if (err != 0) {
1723 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1724 exit(1);
1725 }
1726
1727 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1728 if (ai->ai_family != AF_INET6)
1729 continue;
1730
1731 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1732 sizeof(ntop), strport, sizeof(strport),
1733 NI_NUMERICHOST|NI_NUMERICSERV);
1734
1735 if (err != 0) {
1736 if (err == EAI_SYSTEM)
1737 perror("getnameinfo EAI_SYSTEM");
1738 else
1739 fprintf(stderr, "getnameinfo failed: %s\n",
1740 gai_strerror(err));
1741 exit(2);
1742 }
1743
1744 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1745 if (sock < 0)
1746 perror("socket");
1747 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1748 if (errno == EBADF)
1749 exit(3);
1750 }
1751 }
1752 exit(0);
1753}
2c06c99b 1754 ]])],
99be0775 1755 [
1756 AC_MSG_RESULT(yes)
1757 ],
1758 [
1759 AC_MSG_RESULT(no)
1760 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1761 ],
1762 [
1763 AC_MSG_RESULT(cross-compiling, assuming yes)
99be0775 1764 ]
1765 )
1766fi
1767
dec6d9fe 1768if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1769 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
996d5e62 1770 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1771 AC_RUN_IFELSE(
1772 [AC_LANG_SOURCE([[
996d5e62 1773#include <stdio.h>
1774#include <sys/socket.h>
1775#include <netdb.h>
1776#include <errno.h>
1777#include <netinet/in.h>
1778
1779#define TEST_PORT "2222"
1780
1781int
1782main(void)
1783{
1784 int err, sock;
1785 struct addrinfo *gai_ai, *ai, hints;
1786 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1787
1788 memset(&hints, 0, sizeof(hints));
1789 hints.ai_family = PF_UNSPEC;
1790 hints.ai_socktype = SOCK_STREAM;
1791 hints.ai_flags = AI_PASSIVE;
1792
1793 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1794 if (err != 0) {
1795 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1796 exit(1);
1797 }
1798
1799 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1800 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1801 continue;
1802
1803 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1804 sizeof(ntop), strport, sizeof(strport),
1805 NI_NUMERICHOST|NI_NUMERICSERV);
1806
1807 if (ai->ai_family == AF_INET && err != 0) {
1808 perror("getnameinfo");
1809 exit(2);
1810 }
1811 }
1812 exit(0);
1813}
2c06c99b 1814 ]])],
996d5e62 1815 [
1816 AC_MSG_RESULT(yes)
2c06c99b 1817 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1818 [Define if you have a getaddrinfo that fails
1819 for the all-zeros IPv6 address])
996d5e62 1820 ],
1821 [
1822 AC_MSG_RESULT(no)
1823 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1824 ],
9108f8d9 1825 [
2c06c99b 1826 AC_MSG_RESULT(cross-compiling, assuming no)
996d5e62 1827 ]
1828 )
1829fi
1830
1831if test "x$check_for_conflicting_getspnam" = "x1"; then
1832 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1833 AC_COMPILE_IFELSE(
1834 [
1835#include <shadow.h>
1836int main(void) {exit(0);}
1837 ],
1838 [
1839 AC_MSG_RESULT(no)
1840 ],
1841 [
1842 AC_MSG_RESULT(yes)
1843 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1844 [Conflicting defs for getspnam])
1845 ]
1846 )
1847fi
1848
3c0ef626 1849AC_FUNC_GETPGRP
1850
700318f3 1851# Search for OpenSSL
1852saved_CPPFLAGS="$CPPFLAGS"
1853saved_LDFLAGS="$LDFLAGS"
3c0ef626 1854AC_ARG_WITH(ssl-dir,
1855 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1856 [
1857 if test "x$withval" != "xno" ; then
996d5e62 1858 case "$withval" in
1859 # Relative paths
1860 ./*|../*) withval="`pwd`/$withval"
1861 esac
700318f3 1862 if test -d "$withval/lib"; then
1863 if test -n "${need_dash_r}"; then
1864 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1865 else
1866 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1867 fi
1868 else
700318f3 1869 if test -n "${need_dash_r}"; then
1870 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1871 else
1872 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1873 fi
1874 fi
700318f3 1875 if test -d "$withval/include"; then
1876 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1877 else
700318f3 1878 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1879 fi
1880 fi
700318f3 1881 ]
1882)
cdd66111 1883LIBS="-lcrypto $LIBS"
2c06c99b 1884AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1885 [Define if your ssl headers are included
1886 with #include <openssl/header.h>]),
3c0ef626 1887 [
700318f3 1888 dnl Check default openssl install dir
1889 if test -n "${need_dash_r}"; then
1890 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1891 else
700318f3 1892 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1893 fi
700318f3 1894 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1895 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1896 [
1897 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1898 ]
1899 )
1900 ]
1901)
1902
41b2f314 1903# Determine OpenSSL header version
1904AC_MSG_CHECKING([OpenSSL header version])
996d5e62 1905AC_RUN_IFELSE(
1906 [AC_LANG_SOURCE([[
41b2f314 1907#include <stdio.h>
1908#include <string.h>
1909#include <openssl/opensslv.h>
1910#define DATA "conftest.sslincver"
1911int main(void) {
cdd66111 1912 FILE *fd;
1913 int rc;
41b2f314 1914
cdd66111 1915 fd = fopen(DATA,"w");
1916 if(fd == NULL)
1917 exit(1);
41b2f314 1918
1919 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1920 exit(1);
1921
1922 exit(0);
1923}
996d5e62 1924 ]])],
41b2f314 1925 [
1926 ssl_header_ver=`cat conftest.sslincver`
1927 AC_MSG_RESULT($ssl_header_ver)
1928 ],
1929 [
1930 AC_MSG_RESULT(not found)
1931 AC_MSG_ERROR(OpenSSL version header not found.)
996d5e62 1932 ],
1933 [
1934 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1935 ]
1936)
1937
1938# Determine OpenSSL library version
1939AC_MSG_CHECKING([OpenSSL library version])
996d5e62 1940AC_RUN_IFELSE(
1941 [AC_LANG_SOURCE([[
41b2f314 1942#include <stdio.h>
1943#include <string.h>
1944#include <openssl/opensslv.h>
1945#include <openssl/crypto.h>
1946#define DATA "conftest.ssllibver"
1947int main(void) {
cdd66111 1948 FILE *fd;
1949 int rc;
41b2f314 1950
cdd66111 1951 fd = fopen(DATA,"w");
1952 if(fd == NULL)
1953 exit(1);
41b2f314 1954
1955 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1956 exit(1);
1957
1958 exit(0);
1959}
996d5e62 1960 ]])],
41b2f314 1961 [
1962 ssl_library_ver=`cat conftest.ssllibver`
1963 AC_MSG_RESULT($ssl_library_ver)
1964 ],
1965 [
1966 AC_MSG_RESULT(not found)
1967 AC_MSG_ERROR(OpenSSL library not found.)
996d5e62 1968 ],
1969 [
1970 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1971 ]
1972)
3c0ef626 1973
799ae497 1974AC_ARG_WITH(openssl-header-check,
1975 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1976 [ if test "x$withval" = "xno" ; then
1977 openssl_check_nonfatal=1
1978 fi
1979 ]
1980)
1981
e9a17296 1982# Sanity check OpenSSL headers
1983AC_MSG_CHECKING([whether OpenSSL's headers match the library])
996d5e62 1984AC_RUN_IFELSE(
1985 [AC_LANG_SOURCE([[
e9a17296 1986#include <string.h>
1987#include <openssl/opensslv.h>
41b2f314 1988int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
996d5e62 1989 ]])],
e9a17296 1990 [
1991 AC_MSG_RESULT(yes)
1992 ],
1993 [
1994 AC_MSG_RESULT(no)
799ae497 1995 if test "x$openssl_check_nonfatal" = "x"; then
1996 AC_MSG_ERROR([Your OpenSSL headers do not match your
1997library. Check config.log for details.
1998If you are sure your installation is consistent, you can disable the check
1999by running "./configure --without-openssl-header-check".
2000Also see contrib/findssl.sh for help identifying header/library mismatches.
2001])
2002 else
2003 AC_MSG_WARN([Your OpenSSL headers do not match your
2004library. Check config.log for details.
0fff78ff 2005Also see contrib/findssl.sh for help identifying header/library mismatches.])
799ae497 2006 fi
996d5e62 2007 ],
2008 [
2009 AC_MSG_WARN([cross compiling: not checking])
e9a17296 2010 ]
2011)
2012
9108f8d9 2013AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2014AC_LINK_IFELSE(
2015 [AC_LANG_SOURCE([[
2016#include <openssl/evp.h>
2017int main(void) { SSLeay_add_all_algorithms(); }
2018 ]])],
2019 [
2020 AC_MSG_RESULT(yes)
2021 ],
2022 [
2023 AC_MSG_RESULT(no)
2024 saved_LIBS="$LIBS"
2025 LIBS="$LIBS -ldl"
2026 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2027 AC_LINK_IFELSE(
2028 [AC_LANG_SOURCE([[
2029#include <openssl/evp.h>
2030int main(void) { SSLeay_add_all_algorithms(); }
2031 ]])],
2032 [
2033 AC_MSG_RESULT(yes)
2034 ],
2035 [
2036 AC_MSG_RESULT(no)
2037 LIBS="$saved_LIBS"
2038 ]
2039 )
2040 ]
2041)
2042
2043AC_ARG_WITH(ssl-engine,
2044 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2045 [ if test "x$withval" != "xno" ; then
2046 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2047 AC_TRY_COMPILE(
2048 [ #include <openssl/engine.h>],
2049 [
ff7ec503 2050ENGINE_load_builtin_engines();ENGINE_register_all_complete();
9108f8d9 2051 ],
2052 [ AC_MSG_RESULT(yes)
2053 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2054 [Enable OpenSSL engine support])
2055 ],
2056 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2057 )
2058 fi ]
2059)
2060
2c06c99b 2061# Check for OpenSSL without EVP_aes_{192,256}_cbc
2062AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
9108f8d9 2063AC_LINK_IFELSE(
2c06c99b 2064 [AC_LANG_SOURCE([[
2065#include <string.h>
2066#include <openssl/evp.h>
f2f068fa 2067int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
2c06c99b 2068 ]])],
2069 [
2070 AC_MSG_RESULT(no)
2071 ],
2072 [
2073 AC_MSG_RESULT(yes)
2074 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2075 [libcrypto is missing AES 192 and 256 bit functions])
2076 ]
2077)
2078
cdd66111 2079# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2080# because the system crypt() is more featureful.
2081if test "x$check_for_libcrypt_before" = "x1"; then
2082 AC_CHECK_LIB(crypt, crypt)
2083fi
2084
2085# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2086# version in OpenSSL.
0fff78ff 2087if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2088 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2089fi
2090
9108f8d9 2091# Search for SHA256 support in libc and/or OpenSSL
2092AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2093
d4487008 2094saved_LIBS="$LIBS"
2095AC_CHECK_LIB(iaf, ia_openinfo, [
2096 LIBS="$LIBS -liaf"
47686178 2097 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2098 AC_DEFINE(HAVE_LIBIAF, 1,
2099 [Define if system has libiaf that supports set_id])
2100 ])
d4487008 2101])
2102LIBS="$saved_LIBS"
e9a17296 2103
2104### Configure cryptographic random number support
2105
2106# Check wheter OpenSSL seeds itself
2107AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
996d5e62 2108AC_RUN_IFELSE(
2109 [AC_LANG_SOURCE([[
e9a17296 2110#include <string.h>
2111#include <openssl/rand.h>
41b2f314 2112int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
996d5e62 2113 ]])],
e9a17296 2114 [
2115 OPENSSL_SEEDS_ITSELF=yes
2116 AC_MSG_RESULT(yes)
2117 ],
2118 [
2119 AC_MSG_RESULT(no)
2120 # Default to use of the rand helper if OpenSSL doesn't
2121 # seed itself
2122 USE_RAND_HELPER=yes
996d5e62 2123 ],
2124 [
2125 AC_MSG_WARN([cross compiling: assuming yes])
2126 # This is safe, since all recent OpenSSL versions will
dec6d9fe 2127 # complain at runtime if not seeded correctly.
996d5e62 2128 OPENSSL_SEEDS_ITSELF=yes
e9a17296 2129 ]
2130)
2131
9108f8d9 2132# Check for PAM libs
2133PAM_MSG="no"
2134AC_ARG_WITH(pam,
2135 [ --with-pam Enable PAM support ],
2136 [
2137 if test "x$withval" != "xno" ; then
2138 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2139 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2140 AC_MSG_ERROR([PAM headers not found])
2141 fi
2142
2143 saved_LIBS="$LIBS"
2144 AC_CHECK_LIB(dl, dlopen, , )
2145 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2146 AC_CHECK_FUNCS(pam_getenvlist)
2147 AC_CHECK_FUNCS(pam_putenv)
2148 LIBS="$saved_LIBS"
2149
2150 PAM_MSG="yes"
2151
d4487008 2152 SSHDLIBS="$SSHDLIBS -lpam"
9108f8d9 2153 AC_DEFINE(USE_PAM, 1,
2154 [Define if you want to enable PAM support])
2155
2156 if test $ac_cv_lib_dl_dlopen = yes; then
2157 case "$LIBS" in
2158 *-ldl*)
2159 # libdl already in LIBS
2160 ;;
2161 *)
d4487008 2162 SSHDLIBS="$SSHDLIBS -ldl"
9108f8d9 2163 ;;
2164 esac
2165 fi
9108f8d9 2166 fi
2167 ]
2168)
2169
2170# Check for older PAM
2171if test "x$PAM_MSG" = "xyes" ; then
2172 # Check PAM strerror arguments (old PAM)
2173 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2174 AC_TRY_COMPILE(
2175 [
2176#include <stdlib.h>
2177#if defined(HAVE_SECURITY_PAM_APPL_H)
2178#include <security/pam_appl.h>
2179#elif defined (HAVE_PAM_PAM_APPL_H)
2180#include <pam/pam_appl.h>
2181#endif
2182 ],
2183 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2184 [AC_MSG_RESULT(no)],
2185 [
2186 AC_DEFINE(HAVE_OLD_PAM, 1,
2187 [Define if you have an old version of PAM
2188 which takes only one argument to pam_strerror])
2189 AC_MSG_RESULT(yes)
2190 PAM_MSG="yes (old library)"
2191 ]
2192 )
2193fi
e9a17296 2194
2195# Do we want to force the use of the rand helper?
2196AC_ARG_WITH(rand-helper,
2197 [ --with-rand-helper Use subprocess to gather strong randomness ],
2198 [
2199 if test "x$withval" = "xno" ; then
cdd66111 2200 # Force use of OpenSSL's internal RNG, even if
e9a17296 2201 # the previous test showed it to be unseeded.
2202 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2203 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2204 OPENSSL_SEEDS_ITSELF=yes
2205 USE_RAND_HELPER=""
2206 fi
2207 else
2208 USE_RAND_HELPER=yes
2209 fi
2210 ],
dec6d9fe 2211)
e9a17296 2212
2213# Which randomness source do we use?
dec6d9fe 2214if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 2215 # OpenSSL only
2c06c99b 2216 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2217 [Define if you want OpenSSL's internally seeded PRNG only])
e9a17296 2218 RAND_MSG="OpenSSL internal ONLY"
2219 INSTALL_SSH_RAND_HELPER=""
2220elif test ! -z "$USE_RAND_HELPER" ; then
2221 # install rand helper
2222 RAND_MSG="ssh-rand-helper"
2223 INSTALL_SSH_RAND_HELPER="yes"
2224fi
2225AC_SUBST(INSTALL_SSH_RAND_HELPER)
2226
2227### Configuration of ssh-rand-helper
2228
2229# PRNGD TCP socket
2230AC_ARG_WITH(prngd-port,
2231 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2232 [
2233 case "$withval" in
2234 no)
2235 withval=""
2236 ;;
2237 [[0-9]]*)
2238 ;;
2239 *)
2240 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2241 ;;
2242 esac
2243 if test ! -z "$withval" ; then
2244 PRNGD_PORT="$withval"
2c06c99b 2245 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2246 [Port number of PRNGD/EGD random number socket])
e9a17296 2247 fi
2248 ]
2249)
2250
2251# PRNGD Unix domain socket
2252AC_ARG_WITH(prngd-socket,
2253 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2254 [
2255 case "$withval" in
2256 yes)
2257 withval="/var/run/egd-pool"
2258 ;;
2259 no)
2260 withval=""
2261 ;;
2262 /*)
2263 ;;
2264 *)
2265 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2266 ;;
2267 esac
2268
2269 if test ! -z "$withval" ; then
2270 if test ! -z "$PRNGD_PORT" ; then
2271 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2272 fi
2273 if test ! -r "$withval" ; then
2274 AC_MSG_WARN(Entropy socket is not readable)
2275 fi
2276 PRNGD_SOCKET="$withval"
2c06c99b 2277 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2278 [Location of PRNGD/EGD random number socket])
e9a17296 2279 fi
2280 ],
2281 [
2282 # Check for existing socket only if we don't have a random device already
2283 if test "$USE_RAND_HELPER" = yes ; then
2284 AC_MSG_CHECKING(for PRNGD/EGD socket)
2285 # Insert other locations here
2286 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2287 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2288 PRNGD_SOCKET="$sock"
2289 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2290 break;
2291 fi
2292 done
2293 if test ! -z "$PRNGD_SOCKET" ; then
2294 AC_MSG_RESULT($PRNGD_SOCKET)
2295 else
2296 AC_MSG_RESULT(not found)
2297 fi
2298 fi
2299 ]
2300)
2301
2302# Change default command timeout for hashing entropy source
2303entropy_timeout=200
2304AC_ARG_WITH(entropy-timeout,
2305 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2306 [
dec6d9fe 2307 if test -n "$withval" && test "x$withval" != "xno" && \
2308 test "x${withval}" != "xyes"; then
e9a17296 2309 entropy_timeout=$withval
2310 fi
dec6d9fe 2311 ]
e9a17296 2312)
2c06c99b 2313AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2314 [Builtin PRNG command timeout])
e9a17296 2315
680cee3b 2316SSH_PRIVSEP_USER=sshd
700318f3 2317AC_ARG_WITH(privsep-user,
2318 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2319 [
dec6d9fe 2320 if test -n "$withval" && test "x$withval" != "xno" && \
2321 test "x${withval}" != "xyes"; then
680cee3b 2322 SSH_PRIVSEP_USER=$withval
700318f3 2323 fi
dec6d9fe 2324 ]
700318f3 2325)
2c06c99b 2326AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2327 [non-privileged user for privilege separation])
680cee3b 2328AC_SUBST(SSH_PRIVSEP_USER)
700318f3 2329
2330# We do this little dance with the search path to insure
2331# that programs that we select for use by installed programs
2332# (which may be run by the super-user) come from trusted
2333# locations before they come from the user's private area.
2334# This should help avoid accidentally configuring some
2335# random version of a program in someone's personal bin.
2336
2337OPATH=$PATH
2338PATH=/bin:/usr/bin
2339test -h /bin 2> /dev/null && PATH=/usr/bin
2340test -d /sbin && PATH=$PATH:/sbin
2341test -d /usr/sbin && PATH=$PATH:/usr/sbin
2342PATH=$PATH:/etc:$OPATH
2343
cdd66111 2344# These programs are used by the command hashing source to gather entropy
e9a17296 2345OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2346OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2347OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2348OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2349OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2350OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2351OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2352OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2353OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2354OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2355OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2356OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2357OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2358OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2359OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2360OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
700318f3 2361# restore PATH
2362PATH=$OPATH
e9a17296 2363
2364# Where does ssh-rand-helper get its randomness from?
2365INSTALL_SSH_PRNG_CMDS=""
2366if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2367 if test ! -z "$PRNGD_PORT" ; then
2368 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2369 elif test ! -z "$PRNGD_SOCKET" ; then
2370 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2371 else
2372 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2373 RAND_HELPER_CMDHASH=yes
2374 INSTALL_SSH_PRNG_CMDS="yes"
2375 fi
2376fi
2377AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2378
2379
3c0ef626 2380# Cheap hack to ensure NEWS-OS libraries are arranged right.
2381if test ! -z "$SONY" ; then
2382 LIBS="$LIBS -liberty";
2383fi
2384
2c06c99b 2385# Check for long long datatypes
2386AC_CHECK_TYPES([long long, unsigned long long, long double])
2387
2388# Check datatype sizes
3c0ef626 2389AC_CHECK_SIZEOF(char, 1)
2390AC_CHECK_SIZEOF(short int, 2)
2391AC_CHECK_SIZEOF(int, 4)
2392AC_CHECK_SIZEOF(long int, 4)
2393AC_CHECK_SIZEOF(long long int, 8)
2394
700318f3 2395# Sanity check long long for some platforms (AIX)
2396if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2397 ac_cv_sizeof_long_long_int=0
2398fi
2399
2c06c99b 2400# compute LLONG_MIN and LLONG_MAX if we don't know them.
2401if test -z "$have_llong_max"; then
2402 AC_MSG_CHECKING([for max value of long long])
2403 AC_RUN_IFELSE(
2404 [AC_LANG_SOURCE([[
2405#include <stdio.h>
2406/* Why is this so damn hard? */
2407#ifdef __GNUC__
2408# undef __GNUC__
2409#endif
2410#define __USE_ISOC99
2411#include <limits.h>
2412#define DATA "conftest.llminmax"
9108f8d9 2413#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2414
2415/*
2416 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2417 * we do this the hard way.
2418 */
2419static int
2420fprint_ll(FILE *f, long long n)
2421{
2422 unsigned int i;
2423 int l[sizeof(long long) * 8];
2424
2425 if (n < 0)
2426 if (fprintf(f, "-") < 0)
2427 return -1;
2428 for (i = 0; n != 0; i++) {
2429 l[i] = my_abs(n % 10);
2430 n /= 10;
2431 }
2432 do {
2433 if (fprintf(f, "%d", l[--i]) < 0)
2434 return -1;
2435 } while (i != 0);
2436 if (fprintf(f, " ") < 0)
2437 return -1;
2438 return 0;
2439}
2440
2c06c99b 2441int main(void) {
2442 FILE *f;
2443 long long i, llmin, llmax = 0;
2444
2445 if((f = fopen(DATA,"w")) == NULL)
2446 exit(1);
2447
2448#if defined(LLONG_MIN) && defined(LLONG_MAX)
2449 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2450 llmin = LLONG_MIN;
2451 llmax = LLONG_MAX;
2452#else
2453 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2454 /* This will work on one's complement and two's complement */
2455 for (i = 1; i > llmax; i <<= 1, i++)
2456 llmax = i;
2457 llmin = llmax + 1LL; /* wrap */
2458#endif
2459
2460 /* Sanity check */
2461 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
9108f8d9 2462 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2463 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
2c06c99b 2464 fprintf(f, "unknown unknown\n");
2465 exit(2);
2466 }
2467
9108f8d9 2468 if (fprint_ll(f, llmin) < 0)
2c06c99b 2469 exit(3);
9108f8d9 2470 if (fprint_ll(f, llmax) < 0)
2471 exit(4);
2472 if (fclose(f) < 0)
2473 exit(5);
2c06c99b 2474 exit(0);
2475}
2476 ]])],
2477 [
2478 llong_min=`$AWK '{print $1}' conftest.llminmax`
2479 llong_max=`$AWK '{print $2}' conftest.llminmax`
2480
2c06c99b 2481 AC_MSG_RESULT($llong_max)
2482 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2483 [max value of long long calculated by configure])
2484 AC_MSG_CHECKING([for min value of long long])
2485 AC_MSG_RESULT($llong_min)
2486 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2487 [min value of long long calculated by configure])
2488 ],
2489 [
2490 AC_MSG_RESULT(not found)
2491 ],
2492 [
2493 AC_MSG_WARN([cross compiling: not checking])
2494 ]
2495 )
2496fi
2497
2498
3c0ef626 2499# More checks for data types
2500AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2501 AC_TRY_COMPILE(
cdd66111 2502 [ #include <sys/types.h> ],
2503 [ u_int a; a = 1;],
3c0ef626 2504 [ ac_cv_have_u_int="yes" ],
2505 [ ac_cv_have_u_int="no" ]
2506 )
2507])
2508if test "x$ac_cv_have_u_int" = "xyes" ; then
2c06c99b 2509 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2510 have_u_int=1
2511fi
2512
2513AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2514 AC_TRY_COMPILE(
cdd66111 2515 [ #include <sys/types.h> ],
2516 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2517 [ ac_cv_have_intxx_t="yes" ],
2518 [ ac_cv_have_intxx_t="no" ]
2519 )
2520])
2521if test "x$ac_cv_have_intxx_t" = "xyes" ; then
2c06c99b 2522 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2523 have_intxx_t=1
2524fi
2525
2526if (test -z "$have_intxx_t" && \
cdd66111 2527 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2528then
2529 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2530 AC_TRY_COMPILE(
cdd66111 2531 [ #include <stdint.h> ],
2532 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2533 [
2534 AC_DEFINE(HAVE_INTXX_T)
2535 AC_MSG_RESULT(yes)
2536 ],
2537 [ AC_MSG_RESULT(no) ]
2538 )
2539fi
2540
2541AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2542 AC_TRY_COMPILE(
41b2f314 2543 [
2544#include <sys/types.h>
2545#ifdef HAVE_STDINT_H
2546# include <stdint.h>
2547#endif
2548#include <sys/socket.h>
2549#ifdef HAVE_SYS_BITYPES_H
2550# include <sys/bitypes.h>
2551#endif
cdd66111 2552 ],
2553 [ int64_t a; a = 1;],
3c0ef626 2554 [ ac_cv_have_int64_t="yes" ],
2555 [ ac_cv_have_int64_t="no" ]
2556 )
2557])
2558if test "x$ac_cv_have_int64_t" = "xyes" ; then
2c06c99b 2559 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9a17296 2560fi
2561
3c0ef626 2562AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2563 AC_TRY_COMPILE(
cdd66111 2564 [ #include <sys/types.h> ],
2565 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2566 [ ac_cv_have_u_intxx_t="yes" ],
2567 [ ac_cv_have_u_intxx_t="no" ]
2568 )
2569])
2570if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
2c06c99b 2571 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2572 have_u_intxx_t=1
2573fi
2574
2575if test -z "$have_u_intxx_t" ; then
2576 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2577 AC_TRY_COMPILE(
cdd66111 2578 [ #include <sys/socket.h> ],
2579 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2580 [
2581 AC_DEFINE(HAVE_U_INTXX_T)
2582 AC_MSG_RESULT(yes)
2583 ],
2584 [ AC_MSG_RESULT(no) ]
2585 )
2586fi
2587
2588AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2589 AC_TRY_COMPILE(
cdd66111 2590 [ #include <sys/types.h> ],
2591 [ u_int64_t a; a = 1;],
3c0ef626 2592 [ ac_cv_have_u_int64_t="yes" ],
2593 [ ac_cv_have_u_int64_t="no" ]
2594 )
2595])
2596if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2c06c99b 2597 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2598 have_u_int64_t=1
2599fi
2600
e9a17296 2601if test -z "$have_u_int64_t" ; then
2602 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2603 AC_TRY_COMPILE(
cdd66111 2604 [ #include <sys/bitypes.h> ],
e9a17296 2605 [ u_int64_t a; a = 1],
2606 [
2607 AC_DEFINE(HAVE_U_INT64_T)
2608 AC_MSG_RESULT(yes)
2609 ],
2610 [ AC_MSG_RESULT(no) ]
2611 )
2612fi
2613
3c0ef626 2614if test -z "$have_u_intxx_t" ; then
2615 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2616 AC_TRY_COMPILE(
2617 [
2618#include <sys/types.h>
cdd66111 2619 ],
2620 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2621 [ ac_cv_have_uintxx_t="yes" ],
2622 [ ac_cv_have_uintxx_t="no" ]
2623 )
2624 ])
2625 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2c06c99b 2626 AC_DEFINE(HAVE_UINTXX_T, 1,
2627 [define if you have uintxx_t data type])
3c0ef626 2628 fi
2629fi
2630
2631if test -z "$have_uintxx_t" ; then
2632 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2633 AC_TRY_COMPILE(
cdd66111 2634 [ #include <stdint.h> ],
2635 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2636 [
2637 AC_DEFINE(HAVE_UINTXX_T)
2638 AC_MSG_RESULT(yes)
2639 ],
2640 [ AC_MSG_RESULT(no) ]
2641 )
2642fi
2643
2644if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
cdd66111 2645 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2646then
2647 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2648 AC_TRY_COMPILE(
2649 [
2650#include <sys/bitypes.h>
cdd66111 2651 ],
3c0ef626 2652 [
2653 int8_t a; int16_t b; int32_t c;
2654 u_int8_t e; u_int16_t f; u_int32_t g;
2655 a = b = c = e = f = g = 1;
cdd66111 2656 ],
3c0ef626 2657 [
2658 AC_DEFINE(HAVE_U_INTXX_T)
2659 AC_DEFINE(HAVE_INTXX_T)
2660 AC_MSG_RESULT(yes)
2661 ],
2662 [AC_MSG_RESULT(no)]
cdd66111 2663 )
3c0ef626 2664fi
2665
2666
2667AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2668 AC_TRY_COMPILE(
2669 [
2670#include <sys/types.h>
2671 ],
2672 [ u_char foo; foo = 125; ],
2673 [ ac_cv_have_u_char="yes" ],
2674 [ ac_cv_have_u_char="no" ]
2675 )
2676])
2677if test "x$ac_cv_have_u_char" = "xyes" ; then
2c06c99b 2678 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2679fi
2680
2681TYPE_SOCKLEN_T
2682
e9a17296 2683AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22616013 2684AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2685#include <sys/types.h>
2686#ifdef HAVE_SYS_BITYPES_H
2687#include <sys/bitypes.h>
2688#endif
2689#ifdef HAVE_SYS_STATFS_H
2690#include <sys/statfs.h>
2691#endif
2692#ifdef HAVE_SYS_STATVFS_H
2693#include <sys/statvfs.h>
2694#endif
2695])
e9a17296 2696
996d5e62 2697AC_CHECK_TYPES(in_addr_t,,,
2698[#include <sys/types.h>
2699#include <netinet/in.h>])
2700
3c0ef626 2701AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2702 AC_TRY_COMPILE(
2703 [
2704#include <sys/types.h>
2705 ],
2706 [ size_t foo; foo = 1235; ],
2707 [ ac_cv_have_size_t="yes" ],
2708 [ ac_cv_have_size_t="no" ]
2709 )
2710])
2711if test "x$ac_cv_have_size_t" = "xyes" ; then
2c06c99b 2712 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2713fi
2714
2715AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2716 AC_TRY_COMPILE(
2717 [
2718#include <sys/types.h>
2719 ],
2720 [ ssize_t foo; foo = 1235; ],
2721 [ ac_cv_have_ssize_t="yes" ],
2722 [ ac_cv_have_ssize_t="no" ]
2723 )
2724])
2725if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2c06c99b 2726 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2727fi
2728
2729AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2730 AC_TRY_COMPILE(
2731 [
2732#include <time.h>
2733 ],
2734 [ clock_t foo; foo = 1235; ],
2735 [ ac_cv_have_clock_t="yes" ],
2736 [ ac_cv_have_clock_t="no" ]
2737 )
2738])
2739if test "x$ac_cv_have_clock_t" = "xyes" ; then
2c06c99b 2740 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2741fi
2742
2743AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2744 AC_TRY_COMPILE(
2745 [
2746#include <sys/types.h>
2747#include <sys/socket.h>
2748 ],
2749 [ sa_family_t foo; foo = 1235; ],
2750 [ ac_cv_have_sa_family_t="yes" ],
2751 [ AC_TRY_COMPILE(
2752 [
2753#include <sys/types.h>
2754#include <sys/socket.h>
2755#include <netinet/in.h>
2756 ],
2757 [ sa_family_t foo; foo = 1235; ],
2758 [ ac_cv_have_sa_family_t="yes" ],
2759
2760 [ ac_cv_have_sa_family_t="no" ]
2761 )]
2762 )
2763])
2764if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2c06c99b 2765 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2766 [define if you have sa_family_t data type])
3c0ef626 2767fi
2768
2769AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2770 AC_TRY_COMPILE(
2771 [
2772#include <sys/types.h>
2773 ],
2774 [ pid_t foo; foo = 1235; ],
2775 [ ac_cv_have_pid_t="yes" ],
2776 [ ac_cv_have_pid_t="no" ]
2777 )
2778])
2779if test "x$ac_cv_have_pid_t" = "xyes" ; then
2c06c99b 2780 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2781fi
2782
2783AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2784 AC_TRY_COMPILE(
2785 [
2786#include <sys/types.h>
2787 ],
2788 [ mode_t foo; foo = 1235; ],
2789 [ ac_cv_have_mode_t="yes" ],
2790 [ ac_cv_have_mode_t="no" ]
2791 )
2792])
2793if test "x$ac_cv_have_mode_t" = "xyes" ; then
2c06c99b 2794 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2795fi
2796
2797
2798AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2799 AC_TRY_COMPILE(
2800 [
2801#include <sys/types.h>
2802#include <sys/socket.h>
2803 ],
2804 [ struct sockaddr_storage s; ],
2805 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2806 [ ac_cv_have_struct_sockaddr_storage="no" ]
2807 )
2808])
2809if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2c06c99b 2810 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2811 [define if you have struct sockaddr_storage data type])
3c0ef626 2812fi
2813
2814AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2815 AC_TRY_COMPILE(
2816 [
2817#include <sys/types.h>
2818#include <netinet/in.h>
2819 ],
2820 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2821 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2822 [ ac_cv_have_struct_sockaddr_in6="no" ]
2823 )
2824])
2825if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2c06c99b 2826 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2827 [define if you have struct sockaddr_in6 data type])
3c0ef626 2828fi
2829
2830AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2831 AC_TRY_COMPILE(
2832 [
2833#include <sys/types.h>
2834#include <netinet/in.h>
2835 ],
2836 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2837 [ ac_cv_have_struct_in6_addr="yes" ],
2838 [ ac_cv_have_struct_in6_addr="no" ]
2839 )
2840])
2841if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2c06c99b 2842 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2843 [define if you have struct in6_addr data type])
91d9cdd3 2844
2845dnl Now check for sin6_scope_id
2846 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2847 [
2848#ifdef HAVE_SYS_TYPES_H
2849#include <sys/types.h>
2850#endif
2851#include <netinet/in.h>
2852 ])
3c0ef626 2853fi
2854
2855AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2856 AC_TRY_COMPILE(
2857 [
2858#include <sys/types.h>
2859#include <sys/socket.h>
2860#include <netdb.h>
2861 ],
2862 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2863 [ ac_cv_have_struct_addrinfo="yes" ],
2864 [ ac_cv_have_struct_addrinfo="no" ]
2865 )
2866])
2867if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2c06c99b 2868 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2869 [define if you have struct addrinfo data type])
3c0ef626 2870fi
2871
2872AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2873 AC_TRY_COMPILE(
cdd66111 2874 [ #include <sys/time.h> ],
2875 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2876 [ ac_cv_have_struct_timeval="yes" ],
2877 [ ac_cv_have_struct_timeval="no" ]
2878 )
2879])
2880if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2c06c99b 2881 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2882 have_struct_timeval=1
2883fi
2884
6a9b3198 2885AC_CHECK_TYPES(struct timespec)
2886
2887# We need int64_t or else certian parts of the compile will fail.
dec6d9fe 2888if test "x$ac_cv_have_int64_t" = "xno" && \
2889 test "x$ac_cv_sizeof_long_int" != "x8" && \
2890 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
6a9b3198 2891 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2892 echo "an alternative compiler (I.E., GCC) before continuing."
2893 echo ""
2894 exit 1;
3c0ef626 2895else
2896dnl test snprintf (broken on SCO w/gcc)
996d5e62 2897 AC_RUN_IFELSE(
2898 [AC_LANG_SOURCE([[
3c0ef626 2899#include <stdio.h>
2900#include <string.h>
2901#ifdef HAVE_SNPRINTF
2902main()
2903{
2904 char buf[50];
2905 char expected_out[50];
2906 int mazsize = 50 ;
2907#if (SIZEOF_LONG_INT == 8)
2908 long int num = 0x7fffffffffffffff;
2909#else
2910 long long num = 0x7fffffffffffffffll;
2911#endif
2912 strcpy(expected_out, "9223372036854775807");
2913 snprintf(buf, mazsize, "%lld", num);
2914 if(strcmp(buf, expected_out) != 0)
cdd66111 2915 exit(1);
3c0ef626 2916 exit(0);
2917}
2918#else
2919main() { exit(0); }
2920#endif
996d5e62 2921 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2922 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2923 )
2924fi
3c0ef626 2925
2926dnl Checks for structure members
2927OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2928OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2929OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2930OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2931OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2932OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2933OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2934OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2935OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2936OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2937OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2938OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2939OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2940OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2941OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2942OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2943OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2944
2945AC_CHECK_MEMBERS([struct stat.st_blksize])
2c06c99b 2946AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2947 [Define if we don't have struct __res_state in resolv.h])],
2948[
2949#include <stdio.h>
2950#if HAVE_SYS_TYPES_H
2951# include <sys/types.h>
2952#endif
2953#include <netinet/in.h>
2954#include <arpa/nameser.h>
2955#include <resolv.h>
2956])
3c0ef626 2957
2958AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2959 ac_cv_have_ss_family_in_struct_ss, [
2960 AC_TRY_COMPILE(
2961 [
2962#include <sys/types.h>
2963#include <sys/socket.h>
2964 ],
2965 [ struct sockaddr_storage s; s.ss_family = 1; ],
2966 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2967 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2968 )
2969])
2970if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2971 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2972fi
2973
2974AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2975 ac_cv_have___ss_family_in_struct_ss, [
2976 AC_TRY_COMPILE(
2977 [
2978#include <sys/types.h>
2979#include <sys/socket.h>
2980 ],
2981 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2982 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2983 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2984 )
2985])
2986if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2987 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2988 [Fields in struct sockaddr_storage])
3c0ef626 2989fi
2990
2991AC_CACHE_CHECK([for pw_class field in struct passwd],
2992 ac_cv_have_pw_class_in_struct_passwd, [
2993 AC_TRY_COMPILE(
2994 [
2995#include <pwd.h>
2996 ],
2997 [ struct passwd p; p.pw_class = 0; ],
2998 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2999 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3000 )
3001])
3002if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2c06c99b 3003 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3004 [Define if your password has a pw_class field])
3c0ef626 3005fi
3006
3007AC_CACHE_CHECK([for pw_expire field in struct passwd],
3008 ac_cv_have_pw_expire_in_struct_passwd, [
3009 AC_TRY_COMPILE(
3010 [
3011#include <pwd.h>
3012 ],
3013 [ struct passwd p; p.pw_expire = 0; ],
3014 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3015 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3016 )
3017])
3018if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2c06c99b 3019 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3020 [Define if your password has a pw_expire field])
3c0ef626 3021fi
3022
3023AC_CACHE_CHECK([for pw_change field in struct passwd],
3024 ac_cv_have_pw_change_in_struct_passwd, [
3025 AC_TRY_COMPILE(
3026 [
3027#include <pwd.h>
3028 ],
3029 [ struct passwd p; p.pw_change = 0; ],
3030 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3031 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3032 )
3033])
3034if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2c06c99b 3035 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3036 [Define if your password has a pw_change field])
3c0ef626 3037fi
3038
fba3c309 3039dnl make sure we're using the real structure members and not defines
700318f3 3040AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3041 ac_cv_have_accrights_in_msghdr, [
996d5e62 3042 AC_COMPILE_IFELSE(
700318f3 3043 [
3044#include <sys/types.h>
3045#include <sys/socket.h>
3046#include <sys/uio.h>
fba3c309 3047int main() {
3048#ifdef msg_accrights
996d5e62 3049#error "msg_accrights is a macro"
fba3c309 3050exit(1);
3051#endif
3052struct msghdr m;
3053m.msg_accrights = 0;
3054exit(0);
3055}
700318f3 3056 ],
700318f3 3057 [ ac_cv_have_accrights_in_msghdr="yes" ],
3058 [ ac_cv_have_accrights_in_msghdr="no" ]
3059 )
3060])
3061if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2c06c99b 3062 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3063 [Define if your system uses access rights style
3064 file descriptor passing])
700318f3 3065fi
3066
22616013 3067AC_MSG_CHECKING(if f_fsid has val members)
3068AC_TRY_COMPILE([
3069#include <sys/types.h>
3070#include <sys/statvfs.h>],
3071[struct fsid_t t; t.val[0] = 0;],
3072 [ AC_MSG_RESULT(yes)
3073 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3074 [ AC_MSG_RESULT(no) ]
3075)
3076
700318f3 3077AC_CACHE_CHECK([for msg_control field in struct msghdr],
3078 ac_cv_have_control_in_msghdr, [
996d5e62 3079 AC_COMPILE_IFELSE(
700318f3 3080 [
3081#include <sys/types.h>
3082#include <sys/socket.h>
3083#include <sys/uio.h>
fba3c309 3084int main() {
3085#ifdef msg_control
996d5e62 3086#error "msg_control is a macro"
fba3c309 3087exit(1);
3088#endif
3089struct msghdr m;
3090m.msg_control = 0;
3091exit(0);
3092}
700318f3 3093 ],
700318f3 3094 [ ac_cv_have_control_in_msghdr="yes" ],
3095 [ ac_cv_have_control_in_msghdr="no" ]
3096 )
3097])
3098if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2c06c99b 3099 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3100 [Define if your system uses ancillary data style
3101 file descriptor passing])
700318f3 3102fi
3103
3c0ef626 3104AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
cdd66111 3105 AC_TRY_LINK([],
3106 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3107 [ ac_cv_libc_defines___progname="yes" ],
3108 [ ac_cv_libc_defines___progname="no" ]
3109 )
3110])
3111if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2c06c99b 3112 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3113fi
3114
700318f3 3115AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3116 AC_TRY_LINK([
3117#include <stdio.h>
cdd66111 3118],
3119 [ printf("%s", __FUNCTION__); ],
700318f3 3120 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3121 [ ac_cv_cc_implements___FUNCTION__="no" ]
3122 )
3123])
3124if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2c06c99b 3125 AC_DEFINE(HAVE___FUNCTION__, 1,
3126 [Define if compiler implements __FUNCTION__])
700318f3 3127fi
3128
3129AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3130 AC_TRY_LINK([
3131#include <stdio.h>
cdd66111 3132],
3133 [ printf("%s", __func__); ],
700318f3 3134 [ ac_cv_cc_implements___func__="yes" ],
3135 [ ac_cv_cc_implements___func__="no" ]
3136 )
3137])
3138if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2c06c99b 3139 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3140fi
3141
3142AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3143 AC_TRY_LINK(
3144 [#include <stdarg.h>
3145 va_list x,y;],
3146 [va_copy(x,y);],
3147 [ ac_cv_have_va_copy="yes" ],
3148 [ ac_cv_have_va_copy="no" ]
3149 )
3150])
3151if test "x$ac_cv_have_va_copy" = "xyes" ; then
3152 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3153fi
3154
3155AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3156 AC_TRY_LINK(
3157 [#include <stdarg.h>
3158 va_list x,y;],
3159 [__va_copy(x,y);],
3160 [ ac_cv_have___va_copy="yes" ],
3161 [ ac_cv_have___va_copy="no" ]
3162 )
3163])
3164if test "x$ac_cv_have___va_copy" = "xyes" ; then
3165 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
700318f3 3166fi
3167
3c0ef626 3168AC_CACHE_CHECK([whether getopt has optreset support],
3169 ac_cv_have_getopt_optreset, [
3170 AC_TRY_LINK(
3171 [
3172#include <getopt.h>
3173 ],
3174 [ extern int optreset; optreset = 0; ],
3175 [ ac_cv_have_getopt_optreset="yes" ],
3176 [ ac_cv_have_getopt_optreset="no" ]
3177 )
3178])
3179if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2c06c99b 3180 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3181 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3182fi
3183
3184AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
cdd66111 3185 AC_TRY_LINK([],
3186 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3187 [ ac_cv_libc_defines_sys_errlist="yes" ],
3188 [ ac_cv_libc_defines_sys_errlist="no" ]
3189 )
3190])
3191if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2c06c99b 3192 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3193 [Define if your system defines sys_errlist[]])
3c0ef626 3194fi
3195
3196
3197AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
cdd66111 3198 AC_TRY_LINK([],
3199 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3200 [ ac_cv_libc_defines_sys_nerr="yes" ],
3201 [ ac_cv_libc_defines_sys_nerr="no" ]
3202 )
3203])
3204if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2c06c99b 3205 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3206fi
3207
cdd66111 3208SCARD_MSG="no"
700318f3 3209# Check whether user wants sectok support
3210AC_ARG_WITH(sectok,
3211 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3212 [
3213 if test "x$withval" != "xno" ; then
3214 if test "x$withval" != "xyes" ; then
3215 CPPFLAGS="$CPPFLAGS -I${withval}"
3216 LDFLAGS="$LDFLAGS -L${withval}"
3217 if test ! -z "$need_dash_r" ; then
3218 LDFLAGS="$LDFLAGS -R${withval}"
3219 fi
3220 if test ! -z "$blibpath" ; then
3221 blibpath="$blibpath:${withval}"
3222 fi
3223 fi
3224 AC_CHECK_HEADERS(sectok.h)
3225 if test "$ac_cv_header_sectok_h" != yes; then
3226 AC_MSG_ERROR(Can't find sectok.h)
3227 fi
3228 AC_CHECK_LIB(sectok, sectok_open)
3229 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3230 AC_MSG_ERROR(Can't find libsectok)
3231 fi
2c06c99b 3232 AC_DEFINE(SMARTCARD, 1,
3233 [Define if you want smartcard support])
3234 AC_DEFINE(USE_SECTOK, 1,
3235 [Define if you want smartcard support
3236 using sectok])
cdd66111 3237 SCARD_MSG="yes, using sectok"
3c0ef626 3238 fi
3239 ]
3240)
3241
700318f3 3242# Check whether user wants OpenSC support
dec6d9fe 3243OPENSC_CONFIG="no"
700318f3 3244AC_ARG_WITH(opensc,
2c06c99b 3245 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
dec6d9fe 3246 [
3247 if test "x$withval" != "xno" ; then
3248 if test "x$withval" != "xyes" ; then
3249 OPENSC_CONFIG=$withval/bin/opensc-config
3250 else
3251 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3252 fi
3253 if test "$OPENSC_CONFIG" != "no"; then
3254 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3255 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3256 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
9108f8d9 3257 LIBS="$LIBS $LIBOPENSC_LIBS"
dec6d9fe 3258 AC_DEFINE(SMARTCARD)
2c06c99b 3259 AC_DEFINE(USE_OPENSC, 1,
3260 [Define if you want smartcard support
3261 using OpenSC])
dec6d9fe 3262 SCARD_MSG="yes, using OpenSC"
3263 fi
3264 fi
3265 ]
3266)
700318f3 3267
cdd66111 3268# Check libraries needed by DNS fingerprint support
3269AC_SEARCH_LIBS(getrrsetbyname, resolv,
2c06c99b 3270 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3271 [Define if getrrsetbyname() exists])],
0fff78ff 3272 [
cdd66111 3273 # Needed by our getrrsetbyname()
3274 AC_SEARCH_LIBS(res_query, resolv)
3275 AC_SEARCH_LIBS(dn_expand, resolv)
c9f39d2c 3276 AC_MSG_CHECKING(if res_query will link)
3277 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3278 [AC_MSG_RESULT(no)
3279 saved_LIBS="$LIBS"
3280 LIBS="$LIBS -lresolv"
3281 AC_MSG_CHECKING(for res_query in -lresolv)
3282 AC_LINK_IFELSE([
3283#include <resolv.h>
3284int main()
3285{
3286 res_query (0, 0, 0, 0, 0);
3287 return 0;
3288}
3289 ],
3290 [LIBS="$LIBS -lresolv"
3291 AC_MSG_RESULT(yes)],
3292 [LIBS="$saved_LIBS"
3293 AC_MSG_RESULT(no)])
3294 ])
cdd66111 3295 AC_CHECK_FUNCS(_getshort _getlong)
665a873d 3296 AC_CHECK_DECLS([_getshort, _getlong], , ,
3297 [#include <sys/types.h>
3298 #include <arpa/nameser.h>])
cdd66111 3299 AC_CHECK_MEMBER(HEADER.ad,
2c06c99b 3300 [AC_DEFINE(HAVE_HEADER_AD, 1,
3301 [Define if HEADER.ad exists in arpa/nameser.h])],,
cdd66111 3302 [#include <arpa/nameser.h>])
3303 ])
0fff78ff 3304
d4487008 3305AC_MSG_CHECKING(if struct __res_state _res is an extern)
3306AC_LINK_IFELSE([
3307#include <stdio.h>
3308#if HAVE_SYS_TYPES_H
3309# include <sys/types.h>
3310#endif
3311#include <netinet/in.h>
3312#include <arpa/nameser.h>
3313#include <resolv.h>
3314extern struct __res_state _res;
3315int main() { return 0; }
3316 ],
3317 [AC_MSG_RESULT(yes)
3318 AC_DEFINE(HAVE__RES_EXTERN, 1,
3319 [Define if you have struct __res_state _res as an extern])
3320 ],
3321 [ AC_MSG_RESULT(no) ]
3322)
3323
9108f8d9 3324# Check whether user wants SELinux support
3325SELINUX_MSG="no"
3326LIBSELINUX=""
3327AC_ARG_WITH(selinux,
47686178 3328 [ --with-selinux Enable SELinux support],
9108f8d9 3329 [ if test "x$withval" != "xno" ; then
d4487008 3330 save_LIBS="$LIBS"
9108f8d9 3331 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3332 SELINUX_MSG="yes"
3333 AC_CHECK_HEADER([selinux/selinux.h], ,
3334 AC_MSG_ERROR(SELinux support requires selinux.h header))
3335 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3336 AC_MSG_ERROR(SELinux support requires libselinux library))
d4487008 3337 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
9108f8d9 3338 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
ff7ec503 3339 LIBS="$save_LIBS"
9108f8d9 3340 fi ]
3341)
9108f8d9 3342
700318f3 3343# Check whether user wants Kerberos 5 support
cdd66111 3344KRB5_MSG="no"
700318f3 3345AC_ARG_WITH(kerberos5,
cdd66111 3346 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3347 [ if test "x$withval" != "xno" ; then
3348 if test "x$withval" = "xyes" ; then
3349 KRB5ROOT="/usr/local"
3350 else
3351 KRB5ROOT=${withval}
3352 fi
3353
2c06c99b 3354 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
cdd66111 3355 KRB5_MSG="yes"
3356
3357 AC_MSG_CHECKING(for krb5-config)
3358 if test -x $KRB5ROOT/bin/krb5-config ; then
3359 KRB5CONF=$KRB5ROOT/bin/krb5-config
3360 AC_MSG_RESULT($KRB5CONF)
3361
3362 AC_MSG_CHECKING(for gssapi support)
3363 if $KRB5CONF | grep gssapi >/dev/null ; then
3364 AC_MSG_RESULT(yes)
2c06c99b 3365 AC_DEFINE(GSSAPI, 1,
3366 [Define this if you want GSSAPI
3367 support in the version 2 protocol])
cdd66111 3368 k5confopts=gssapi
3369 else
3370 AC_MSG_RESULT(no)
3371 k5confopts=""
3372 fi
3373 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3374 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3375 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3376 AC_MSG_CHECKING(whether we are using Heimdal)
3377 AC_TRY_COMPILE([ #include <krb5.h> ],
3378 [ char *tmp = heimdal_version; ],
3379 [ AC_MSG_RESULT(yes)
2c06c99b 3380 AC_DEFINE(HEIMDAL, 1,
3381 [Define this if you are using the
3382 Heimdal version of Kerberos V5]) ],
cdd66111 3383 AC_MSG_RESULT(no)
3384 )
3385 else
3386 AC_MSG_RESULT(no)
700318f3 3387 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
cdd66111 3388 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3389 AC_MSG_CHECKING(whether we are using Heimdal)
3390 AC_TRY_COMPILE([ #include <krb5.h> ],
3391 [ char *tmp = heimdal_version; ],
3392 [ AC_MSG_RESULT(yes)
3393 AC_DEFINE(HEIMDAL)
c9f39d2c 3394 K5LIBS="-lkrb5 -ldes"
3395 K5LIBS="$K5LIBS -lcom_err -lasn1"
dec6d9fe 3396 AC_CHECK_LIB(roken, net_write,
c9f39d2c 3397 [K5LIBS="$K5LIBS -lroken"])
cdd66111 3398 ],
3399 [ AC_MSG_RESULT(no)
3400 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3401 ]
3402 )
0fff78ff 3403 AC_SEARCH_LIBS(dn_expand, resolv)
3404
22616013 3405 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
0fff78ff 3406 [ AC_DEFINE(GSSAPI)
22616013 3407 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3408 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
0fff78ff 3409 [ AC_DEFINE(GSSAPI)
22616013 3410 K5LIBS="-lgssapi $K5LIBS" ],
0fff78ff 3411 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3412 $K5LIBS)
3413 ],
3414 $K5LIBS)
dec6d9fe 3415
0fff78ff 3416 AC_CHECK_HEADER(gssapi.h, ,
3417 [ unset ac_cv_header_gssapi_h
cdd66111 3418 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
0fff78ff 3419 AC_CHECK_HEADERS(gssapi.h, ,
3420 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
cdd66111 3421 )
0fff78ff 3422 ]
3423 )
3424
3425 oldCPP="$CPPFLAGS"
3426 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3427 AC_CHECK_HEADER(gssapi_krb5.h, ,
3428 [ CPPFLAGS="$oldCPP" ])
700318f3 3429
cdd66111 3430 fi
3431 if test ! -z "$need_dash_r" ; then
3432 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3433 fi
3434 if test ! -z "$blibpath" ; then
3435 blibpath="$blibpath:${KRB5ROOT}/lib"
3436 fi
cdd66111 3437
2c06c99b 3438 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3439 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3440 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
cdd66111 3441
2c06c99b 3442 LIBS="$LIBS $K5LIBS"
3443 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3444 [Define this if you want to use libkafs' AFS support]))
3445 fi
cdd66111 3446 ]
700318f3 3447)
3c0ef626 3448
3449# Looking for programs, paths and files
3c0ef626 3450
700318f3 3451PRIVSEP_PATH=/var/empty
3452AC_ARG_WITH(privsep-path,
41b2f314 3453 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
700318f3 3454 [
dec6d9fe 3455 if test -n "$withval" && test "x$withval" != "xno" && \
3456 test "x${withval}" != "xyes"; then
700318f3 3457 PRIVSEP_PATH=$withval
3458 fi
3459 ]
3460)
3461AC_SUBST(PRIVSEP_PATH)
3462
3c0ef626 3463AC_ARG_WITH(xauth,
3464 [ --with-xauth=PATH Specify path to xauth program ],
3465 [
dec6d9fe 3466 if test -n "$withval" && test "x$withval" != "xno" && \
3467 test "x${withval}" != "xyes"; then
3c0ef626 3468 xauth_path=$withval
3469 fi
3470 ],
3471 [
41b2f314 3472 TestPath="$PATH"
3473 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3474 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3475 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3476 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3477 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3478 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3479 xauth_path="/usr/openwin/bin/xauth"
3480 fi
3481 ]
3482)
3483
6a9b3198 3484STRIP_OPT=-s
3485AC_ARG_ENABLE(strip,
3486 [ --disable-strip Disable calling strip(1) on install],
3487 [
3488 if test "x$enableval" = "xno" ; then
3489 STRIP_OPT=
3490 fi
3491 ]
3492)
3493AC_SUBST(STRIP_OPT)
3494
3c0ef626 3495if test -z "$xauth_path" ; then
3496 XAUTH_PATH="undefined"
3497 AC_SUBST(XAUTH_PATH)
3498else
2c06c99b 3499 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3500 [Define if xauth is found in your path])
3c0ef626 3501 XAUTH_PATH=$xauth_path
3502 AC_SUBST(XAUTH_PATH)
3503fi
3c0ef626 3504
3505# Check for mail directory (last resort if we cannot get it from headers)
3506if test ! -z "$MAIL" ; then
3507 maildir=`dirname $MAIL`
2c06c99b 3508 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3509 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3510fi
3511
996d5e62 3512if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3513 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3514 disable_ptmx_check=yes
3515fi
3c0ef626 3516if test -z "$no_dev_ptmx" ; then
700318f3 3517 if test "x$disable_ptmx_check" != "xyes" ; then
cdd66111 3518 AC_CHECK_FILE("/dev/ptmx",
700318f3 3519 [
2c06c99b 3520 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3521 [Define if you have /dev/ptmx])
700318f3 3522 have_dev_ptmx=1
3523 ]
3524 )
3525 fi
3c0ef626 3526fi
996d5e62 3527
3528if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3529 AC_CHECK_FILE("/dev/ptc",
3530 [
2c06c99b 3531 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3532 [Define if you have /dev/ptc])
996d5e62 3533 have_dev_ptc=1
3534 ]
3535 )
3536else
3537 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3538fi
3c0ef626 3539
3540# Options from here on. Some of these are preset by platform above
3c0ef626 3541AC_ARG_WITH(mantype,
3542 [ --with-mantype=man|cat|doc Set man page type],
3543 [
3544 case "$withval" in
3545 man|cat|doc)
3546 MANTYPE=$withval
3547 ;;
3548 *)
3549 AC_MSG_ERROR(invalid man type: $withval)
3550 ;;
3551 esac
3552 ]
3553)
3554if test -z "$MANTYPE"; then
41b2f314 3555 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3556 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3557 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3558 MANTYPE=doc
3559 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3560 MANTYPE=man
3561 else
3562 MANTYPE=cat
3563 fi
3564fi
3565AC_SUBST(MANTYPE)
3566if test "$MANTYPE" = "doc"; then
3567 mansubdir=man;
3568else
3569 mansubdir=$MANTYPE;
3570fi
3571AC_SUBST(mansubdir)
3572
3573# Check whether to enable MD5 passwords
cdd66111 3574MD5_MSG="no"
3c0ef626 3575AC_ARG_WITH(md5-passwords,
3576 [ --with-md5-passwords Enable use of MD5 passwords],
3577 [
3578 if test "x$withval" != "xno" ; then
2c06c99b 3579 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3580 [Define if you want to allow MD5 passwords])
cdd66111 3581 MD5_MSG="yes"
3c0ef626 3582 fi
3583 ]
3584)
3585
3586# Whether to disable shadow password support
3587AC_ARG_WITH(shadow,
3588 [ --without-shadow Disable shadow password support],
3589 [
dec6d9fe 3590 if test "x$withval" = "xno" ; then
3c0ef626 3591 AC_DEFINE(DISABLE_SHADOW)
3592 disable_shadow=yes
3593 fi
3594 ]
3595)
3596
3597if test -z "$disable_shadow" ; then
3598 AC_MSG_CHECKING([if the systems has expire shadow information])
3599 AC_TRY_COMPILE(
3600 [
3601#include <sys/types.h>
3602#include <shadow.h>
3603 struct spwd sp;
3604 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3605 [ sp_expire_available=yes ], []
3606 )
3607
3608 if test "x$sp_expire_available" = "xyes" ; then
3609 AC_MSG_RESULT(yes)
2c06c99b 3610 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3611 [Define if you want to use shadow password expire field])
3c0ef626 3612 else
3613 AC_MSG_RESULT(no)
3614 fi
3615fi
3616
3617# Use ip address instead of hostname in $DISPLAY
3618if test ! -z "$IPADDR_IN_DISPLAY" ; then
3619 DISPLAY_HACK_MSG="yes"
2c06c99b 3620 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3621 [Define if you need to use IP address
3622 instead of hostname in $DISPLAY])
3c0ef626 3623else
cdd66111 3624 DISPLAY_HACK_MSG="no"
3c0ef626 3625 AC_ARG_WITH(ipaddr-display,
3626 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3627 [
dec6d9fe 3628 if test "x$withval" != "xno" ; then
3c0ef626 3629 AC_DEFINE(IPADDR_IN_DISPLAY)
cdd66111 3630 DISPLAY_HACK_MSG="yes"
3c0ef626 3631 fi
3632 ]
3633 )
3634fi
3635
0fff78ff 3636# check for /etc/default/login and use it if present.
acc3d05e 3637AC_ARG_ENABLE(etc-default-login,
996d5e62 3638 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3639 [ if test "x$enableval" = "xno"; then
3640 AC_MSG_NOTICE([/etc/default/login handling disabled])
3641 etc_default_login=no
3642 else
3643 etc_default_login=yes
3644 fi ],
2c06c99b 3645 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3646 then
3647 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3648 etc_default_login=no
3649 else
3650 etc_default_login=yes
3651 fi ]
996d5e62 3652)
0fff78ff 3653
996d5e62 3654if test "x$etc_default_login" != "xno"; then
3655 AC_CHECK_FILE("/etc/default/login",
3656 [ external_path_file=/etc/default/login ])
2c06c99b 3657 if test "x$external_path_file" = "x/etc/default/login"; then
3658 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3659 [Define if your system has /etc/default/login])
996d5e62 3660 fi
0fff78ff 3661fi
3662
700318f3 3663dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
dec6d9fe 3664if test $ac_cv_func_login_getcapbool = "yes" && \
3665 test $ac_cv_header_login_cap_h = "yes" ; then
0fff78ff 3666 external_path_file=/etc/login.conf
700318f3 3667fi
0fff78ff 3668
3c0ef626 3669# Whether to mess with the default path
cdd66111 3670SERVER_PATH_MSG="(default)"
3c0ef626 3671AC_ARG_WITH(default-path,
700318f3 3672 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3673 [
0fff78ff 3674 if test "x$external_path_file" = "x/etc/login.conf" ; then
700318f3 3675 AC_MSG_WARN([
3676--with-default-path=PATH has no effect on this system.
3677Edit /etc/login.conf instead.])
dec6d9fe 3678 elif test "x$withval" != "xno" ; then
0fff78ff 3679 if test ! -z "$external_path_file" ; then
3680 AC_MSG_WARN([
3681--with-default-path=PATH will only be used if PATH is not defined in
3682$external_path_file .])
3683 fi
3c0ef626 3684 user_path="$withval"
cdd66111 3685 SERVER_PATH_MSG="$withval"
3c0ef626 3686 fi
3687 ],
0fff78ff 3688 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3689 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
700318f3 3690 else
0fff78ff 3691 if test ! -z "$external_path_file" ; then
3692 AC_MSG_WARN([
3693If PATH is defined in $external_path_file, ensure the path to scp is included,
3694otherwise scp will not work.])
3695 fi
2c06c99b 3696 AC_RUN_IFELSE(
3697 [AC_LANG_SOURCE([[
3c0ef626 3698/* find out what STDPATH is */
3699#include <stdio.h>
3700#ifdef HAVE_PATHS_H
3701# include <paths.h>
3702#endif
3703#ifndef _PATH_STDPATH
6a9b3198 3704# ifdef _PATH_USERPATH /* Irix */
3705# define _PATH_STDPATH _PATH_USERPATH
3706# else
3707# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3708# endif
3c0ef626 3709#endif
3710#include <sys/types.h>
3711#include <sys/stat.h>
3712#include <fcntl.h>
3713#define DATA "conftest.stdpath"
3714
3715main()
3716{
3717 FILE *fd;
3718 int rc;
dec6d9fe 3719
3c0ef626 3720 fd = fopen(DATA,"w");
3721 if(fd == NULL)
3722 exit(1);
dec6d9fe 3723
3c0ef626 3724 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3725 exit(1);
3726
3727 exit(0);
3728}
2c06c99b 3729 ]])],
3730 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3731 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3732 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3733 )
3734# make sure $bindir is in USER_PATH so scp will work
3735 t_bindir=`eval echo ${bindir}`
3736 case $t_bindir in
3737 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3738 esac
3739 case $t_bindir in
3740 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3741 esac
3742 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3743 if test $? -ne 0 ; then
3744 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3745 if test $? -ne 0 ; then
3746 user_path=$user_path:$t_bindir
3747 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3748 fi
3749 fi
700318f3 3750 fi ]
3751)
0fff78ff 3752if test "x$external_path_file" != "x/etc/login.conf" ; then
2c06c99b 3753 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
700318f3 3754 AC_SUBST(user_path)
3755fi
3756
3757# Set superuser path separately to user path
700318f3 3758AC_ARG_WITH(superuser-path,
3759 [ --with-superuser-path= Specify different path for super-user],
3760 [
dec6d9fe 3761 if test -n "$withval" && test "x$withval" != "xno" && \
3762 test "x${withval}" != "xyes"; then
2c06c99b 3763 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3764 [Define if you want a different $PATH
3765 for the superuser])
700318f3 3766 superuser_path=$withval
3767 fi
3c0ef626 3768 ]
3769)
700318f3 3770
3c0ef626 3771
3c0ef626 3772AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
cdd66111 3773IPV4_IN6_HACK_MSG="no"
3c0ef626 3774AC_ARG_WITH(4in6,
3775 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3776 [
3777 if test "x$withval" != "xno" ; then
3778 AC_MSG_RESULT(yes)
2c06c99b 3779 AC_DEFINE(IPV4_IN_IPV6, 1,
3780 [Detect IPv4 in IPv6 mapped addresses
3781 and treat as IPv4])
cdd66111 3782 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3783 else
3784 AC_MSG_RESULT(no)
3785 fi
3786 ],[
3787 if test "x$inet6_default_4in6" = "xyes"; then
3788 AC_MSG_RESULT([yes (default)])
3789 AC_DEFINE(IPV4_IN_IPV6)
cdd66111 3790 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3791 else
3792 AC_MSG_RESULT([no (default)])
3793 fi
3794 ]
3795)
3796
3797# Whether to enable BSD auth support
e9a17296 3798BSD_AUTH_MSG=no
3c0ef626 3799AC_ARG_WITH(bsd-auth,
3800 [ --with-bsd-auth Enable BSD auth support],
3801 [
dec6d9fe 3802 if test "x$withval" != "xno" ; then
2c06c99b 3803 AC_DEFINE(BSD_AUTH, 1,
3804 [Define if you have BSD auth support])
e9a17296 3805 BSD_AUTH_MSG=yes
3c0ef626 3806 fi
3807 ]
3808)
3809
3c0ef626 3810# Where to place sshd.pid
3811piddir=/var/run
700318f3 3812# make sure the directory exists
dec6d9fe 3813if test ! -d $piddir ; then
700318f3 3814 piddir=`eval echo ${sysconfdir}`
3815 case $piddir in
cdd66111 3816 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
700318f3 3817 esac
3818fi
3819
3c0ef626 3820AC_ARG_WITH(pid-dir,
3821 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3822 [
dec6d9fe 3823 if test -n "$withval" && test "x$withval" != "xno" && \
3824 test "x${withval}" != "xyes"; then
3c0ef626 3825 piddir=$withval
dec6d9fe 3826 if test ! -d $piddir ; then
700318f3 3827 AC_MSG_WARN([** no $piddir directory on this system **])
3828 fi
3c0ef626 3829 fi
3830 ]
3831)
3832
2c06c99b 3833AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3834AC_SUBST(piddir)
3835
3836dnl allow user to disable some login recording features
3837AC_ARG_ENABLE(lastlog,
3838 [ --disable-lastlog disable use of lastlog even if detected [no]],
0fff78ff 3839 [
3840 if test "x$enableval" = "xno" ; then
3841 AC_DEFINE(DISABLE_LASTLOG)
3842 fi
3843 ]
3c0ef626 3844)
3845AC_ARG_ENABLE(utmp,
3846 [ --disable-utmp disable use of utmp even if detected [no]],
0fff78ff 3847 [
3848 if test "x$enableval" = "xno" ; then
3849 AC_DEFINE(DISABLE_UTMP)
3850 fi
3851 ]
3c0ef626 3852)
3853AC_ARG_ENABLE(utmpx,
3854 [ --disable-utmpx disable use of utmpx even if detected [no]],
0fff78ff 3855 [
3856 if test "x$enableval" = "xno" ; then
2c06c99b 3857 AC_DEFINE(DISABLE_UTMPX, 1,
3858 [Define if you don't want to use utmpx])
0fff78ff 3859 fi
3860 ]
3c0ef626 3861)
3862AC_ARG_ENABLE(wtmp,
3863 [ --disable-wtmp disable use of wtmp even if detected [no]],
0fff78ff 3864 [
3865 if test "x$enableval" = "xno" ; then
3866 AC_DEFINE(DISABLE_WTMP)
3867 fi
3868 ]
3c0ef626 3869)
3870AC_ARG_ENABLE(wtmpx,
3871 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
0fff78ff 3872 [
3873 if test "x$enableval" = "xno" ; then
2c06c99b 3874 AC_DEFINE(DISABLE_WTMPX, 1,
3875 [Define if you don't want to use wtmpx])
0fff78ff 3876 fi
3877 ]
3c0ef626 3878)
3879AC_ARG_ENABLE(libutil,
3880 [ --disable-libutil disable use of libutil (login() etc.) [no]],
0fff78ff 3881 [
3882 if test "x$enableval" = "xno" ; then
3883 AC_DEFINE(DISABLE_LOGIN)
3884 fi
3885 ]
3c0ef626 3886)
3887AC_ARG_ENABLE(pututline,
3888 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
0fff78ff 3889 [
3890 if test "x$enableval" = "xno" ; then
2c06c99b 3891 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3892 [Define if you don't want to use pututline()
3893 etc. to write [uw]tmp])
0fff78ff 3894 fi
3895 ]
3c0ef626 3896)
3897AC_ARG_ENABLE(pututxline,
3898 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
0fff78ff 3899 [
3900 if test "x$enableval" = "xno" ; then
2c06c99b 3901 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3902 [Define if you don't want to use pututxline()
3903 etc. to write [uw]tmpx])
0fff78ff 3904 fi
3905 ]
3c0ef626 3906)
3907AC_ARG_WITH(lastlog,
3908 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3909 [
dec6d9fe 3910 if test "x$withval" = "xno" ; then
3c0ef626 3911 AC_DEFINE(DISABLE_LASTLOG)
dec6d9fe 3912 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3913 conf_lastlog_location=$withval
3914 fi
3915 ]
3916)
3917
3918dnl lastlog, [uw]tmpx? detection
3919dnl NOTE: set the paths in the platform section to avoid the
3920dnl need for command-line parameters
3921dnl lastlog and [uw]tmp are subject to a file search if all else fails
3922
3923dnl lastlog detection
3924dnl NOTE: the code itself will detect if lastlog is a directory
3925AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3926AC_TRY_COMPILE([
3927#include <sys/types.h>
3928#include <utmp.h>
3929#ifdef HAVE_LASTLOG_H
3930# include <lastlog.h>
3931#endif
3932#ifdef HAVE_PATHS_H
3933# include <paths.h>
3934#endif
3935#ifdef HAVE_LOGIN_H
3936# include <login.h>
3937#endif
3938 ],
3939 [ char *lastlog = LASTLOG_FILE; ],
3940 [ AC_MSG_RESULT(yes) ],
3941 [
3942 AC_MSG_RESULT(no)
3943 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3944 AC_TRY_COMPILE([
3945#include <sys/types.h>
3946#include <utmp.h>
3947#ifdef HAVE_LASTLOG_H
3948# include <lastlog.h>
3949#endif
3950#ifdef HAVE_PATHS_H
3951# include <paths.h>
3952#endif
3953 ],
3954 [ char *lastlog = _PATH_LASTLOG; ],
3955 [ AC_MSG_RESULT(yes) ],
3956 [
3957 AC_MSG_RESULT(no)
3958 system_lastlog_path=no
3959 ])
3960 ]
3961)
3962
3963if test -z "$conf_lastlog_location"; then
3964 if test x"$system_lastlog_path" = x"no" ; then
3965 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3966 if (test -d "$f" || test -f "$f") ; then
3967 conf_lastlog_location=$f
3968 fi
3969 done
3970 if test -z "$conf_lastlog_location"; then
3971 AC_MSG_WARN([** Cannot find lastlog **])
3972 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3973 fi
3974 fi
3975fi
3976
3977if test -n "$conf_lastlog_location"; then
2c06c99b 3978 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3979 [Define if you want to specify the path to your lastlog file])
dec6d9fe 3980fi
3c0ef626 3981
3982dnl utmp detection
3983AC_MSG_CHECKING([if your system defines UTMP_FILE])
3984AC_TRY_COMPILE([
3985#include <sys/types.h>
3986#include <utmp.h>
3987#ifdef HAVE_PATHS_H
3988# include <paths.h>
3989#endif
3990 ],
3991 [ char *utmp = UTMP_FILE; ],
3992 [ AC_MSG_RESULT(yes) ],
3993 [ AC_MSG_RESULT(no)
3994 system_utmp_path=no ]
3995)
3996if test -z "$conf_utmp_location"; then
3997 if test x"$system_utmp_path" = x"no" ; then
3998 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3999 if test -f $f ; then
4000 conf_utmp_location=$f
4001 fi
4002 done
4003 if test -z "$conf_utmp_location"; then
4004 AC_DEFINE(DISABLE_UTMP)
4005 fi
4006 fi
4007fi
4008if test -n "$conf_utmp_location"; then
2c06c99b 4009 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4010 [Define if you want to specify the path to your utmp file])
dec6d9fe 4011fi
3c0ef626 4012
4013dnl wtmp detection
4014AC_MSG_CHECKING([if your system defines WTMP_FILE])
4015AC_TRY_COMPILE([
4016#include <sys/types.h>
4017#include <utmp.h>
4018#ifdef HAVE_PATHS_H
4019# include <paths.h>
4020#endif
4021 ],
4022 [ char *wtmp = WTMP_FILE; ],
4023 [ AC_MSG_RESULT(yes) ],
4024 [ AC_MSG_RESULT(no)
4025 system_wtmp_path=no ]
4026)
4027if test -z "$conf_wtmp_location"; then
4028 if test x"$system_wtmp_path" = x"no" ; then
4029 for f in /usr/adm/wtmp /var/log/wtmp; do
4030 if test -f $f ; then
4031 conf_wtmp_location=$f
4032 fi
4033 done
4034 if test -z "$conf_wtmp_location"; then
4035 AC_DEFINE(DISABLE_WTMP)
4036 fi
4037 fi
4038fi
4039if test -n "$conf_wtmp_location"; then
2c06c99b 4040 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4041 [Define if you want to specify the path to your wtmp file])
dec6d9fe 4042fi
3c0ef626 4043
4044
4045dnl utmpx detection - I don't know any system so perverse as to require
4046dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4047dnl there, though.
4048AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4049AC_TRY_COMPILE([
4050#include <sys/types.h>
4051#include <utmp.h>
4052#ifdef HAVE_UTMPX_H
4053#include <utmpx.h>
4054#endif
4055#ifdef HAVE_PATHS_H
4056# include <paths.h>
4057#endif
4058 ],
4059 [ char *utmpx = UTMPX_FILE; ],
4060 [ AC_MSG_RESULT(yes) ],
4061 [ AC_MSG_RESULT(no)
4062 system_utmpx_path=no ]
4063)
4064if test -z "$conf_utmpx_location"; then
4065 if test x"$system_utmpx_path" = x"no" ; then
4066 AC_DEFINE(DISABLE_UTMPX)
4067 fi
4068else
2c06c99b 4069 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4070 [Define if you want to specify the path to your utmpx file])
dec6d9fe 4071fi
3c0ef626 4072
4073dnl wtmpx detection
4074AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4075AC_TRY_COMPILE([
4076#include <sys/types.h>
4077#include <utmp.h>
4078#ifdef HAVE_UTMPX_H
4079#include <utmpx.h>
4080#endif
4081#ifdef HAVE_PATHS_H
4082# include <paths.h>
4083#endif
4084 ],
4085 [ char *wtmpx = WTMPX_FILE; ],
4086 [ AC_MSG_RESULT(yes) ],
4087 [ AC_MSG_RESULT(no)
4088 system_wtmpx_path=no ]
4089)
4090if test -z "$conf_wtmpx_location"; then
4091 if test x"$system_wtmpx_path" = x"no" ; then
4092 AC_DEFINE(DISABLE_WTMPX)
4093 fi
4094else
2c06c99b 4095 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4096 [Define if you want to specify the path to your wtmpx file])
dec6d9fe 4097fi
3c0ef626 4098
4099
3c0ef626 4100if test ! -z "$blibpath" ; then
7e772e1f 4101 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4102 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4103fi
4104
665a873d 4105dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4106dnl Add now.
4107CFLAGS="$CFLAGS $werror_flags"
4108
22616013 4109if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4110 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4111 AC_SUBST(TEST_SSH_IPV6, no)
4112else
4113 AC_SUBST(TEST_SSH_IPV6, yes)
4114fi
4115
e9a17296 4116AC_EXEEXT
9108f8d9 4117AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4118 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
996d5e62 4119 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4120AC_OUTPUT
4121
4122# Print summary of options
4123
3c0ef626 4124# Someone please show me a better way :)
4125A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4126B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4127C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4128D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4129E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4130F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4131G=`eval echo ${piddir}` ; G=`eval echo ${G}`
700318f3 4132H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4133I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4134J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4135
4136echo ""
4137echo "OpenSSH has been configured with the following options:"
700318f3 4138echo " User binaries: $B"
4139echo " System binaries: $C"
4140echo " Configuration files: $D"
4141echo " Askpass program: $E"
4142echo " Manual pages: $F"
4143echo " PID file: $G"
4144echo " Privilege separation chroot path: $H"
0fff78ff 4145if test "x$external_path_file" = "x/etc/login.conf" ; then
4146echo " At runtime, sshd will use the path defined in $external_path_file"
4147echo " Make sure the path to scp is present, otherwise scp will not work"
700318f3 4148else
4149echo " sshd default user PATH: $I"
0fff78ff 4150 if test ! -z "$external_path_file"; then
4151echo " (If PATH is set in $external_path_file it will be used instead. If"
4152echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4153 fi
700318f3 4154fi
4155if test ! -z "$superuser_path" ; then
4156echo " sshd superuser user PATH: $J"
4157fi
4158echo " Manpage format: $MANTYPE"
0fff78ff 4159echo " PAM support: $PAM_MSG"
9108f8d9 4160echo " OSF SIA support: $SIA_MSG"
700318f3 4161echo " KerberosV support: $KRB5_MSG"
9108f8d9 4162echo " SELinux support: $SELINUX_MSG"
700318f3 4163echo " Smartcard support: $SCARD_MSG"
700318f3 4164echo " S/KEY support: $SKEY_MSG"
4165echo " TCP Wrappers support: $TCPW_MSG"
4166echo " MD5 password support: $MD5_MSG"
996d5e62 4167echo " libedit support: $LIBEDIT_MSG"
9108f8d9 4168echo " Solaris process contract support: $SPC_MSG"
700318f3 4169echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
700318f3 4170echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4171echo " BSD Auth support: $BSD_AUTH_MSG"
4172echo " Random number source: $RAND_MSG"
e9a17296 4173if test ! -z "$USE_RAND_HELPER" ; then
700318f3 4174echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4175fi
4176
4177echo ""
4178
4179echo " Host: ${host}"
4180echo " Compiler: ${CC}"
4181echo " Compiler flags: ${CFLAGS}"
4182echo "Preprocessor flags: ${CPPFLAGS}"
4183echo " Linker flags: ${LDFLAGS}"
d4487008 4184echo " Libraries: ${LIBS}"
4185if test ! -z "${SSHDLIBS}"; then
4186echo " +for sshd: ${SSHDLIBS}"
4187fi
3c0ef626 4188
4189echo ""
4190
c9f39d2c 4191if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
996d5e62 4192 echo "SVR4 style packages are supported with \"make package\""
4193 echo ""
c9f39d2c 4194fi
4195
3c0ef626 4196if test "x$PAM_MSG" = "xyes" ; then
e9a17296 4197 echo "PAM is enabled. You may need to install a PAM control file "
4198 echo "for sshd, otherwise password authentication may fail. "
cdd66111 4199 echo "Example PAM control files can be found in the contrib/ "
e9a17296 4200 echo "subdirectory"
3c0ef626 4201 echo ""
4202fi
4203
e9a17296 4204if test ! -z "$RAND_HELPER_CMDHASH" ; then
4205 echo "WARNING: you are using the builtin random number collection "
4206 echo "service. Please read WARNING.RNG and request that your OS "
4207 echo "vendor includes kernel-based random number collection in "
4208 echo "future versions of your OS."
3c0ef626 4209 echo ""
4210fi
4211
c9f39d2c 4212if test ! -z "$NO_PEERCHECK" ; then
d4487008 4213 echo "WARNING: the operating system that you are using does not"
4214 echo "appear to support getpeereid(), getpeerucred() or the"
4215 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4216 echo "enforce security checks to prevent unauthorised connections to"
4217 echo "ssh-agent. Their absence increases the risk that a malicious"
4218 echo "user can connect to your agent."
c9f39d2c 4219 echo ""
4220fi
4221
996d5e62 4222if test "$AUDIT_MODULE" = "bsm" ; then
4223 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4224 echo "See the Solaris section in README.platform for details."
4225fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.755705 seconds and 5 git commands to generate.