]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
More tweaks to build across platforms.
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
4b6dae8f 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
282f473f 22
23# Handle Globus configuration right away, because the Globus flavor
24# determines our compiler options.
25
26# Check whether the user wants GSI (Globus) support
27gsi_path="no"
28AC_ARG_WITH(gsi,
29 [ --with-gsi Enable Globus GSI authentication support],
30 [
31 gsi_path="$withval"
32 ]
33)
34
35AC_ARG_WITH(globus,
36 [ --with-globus Enable Globus GSI authentication support],
37 [
38 gsi_path="$withval"
39 ]
40)
41
42AC_ARG_WITH(globus-static,
43 [ --with-globus-static Link statically with Globus GSI libraries],
44 [
45 gsi_static="-static"
46 if test "x$gsi_path" = "xno" ; then
47 gsi_path="$withval"
48 fi
49 ]
50)
51
52# Check whether the user has a Globus flavor type
53globus_flavor_type="no"
54AC_ARG_WITH(globus-flavor,
55 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
56 [
57 globus_flavor_type="$withval"
58 if test "x$gsi_path" = "xno" ; then
59 gsi_path="yes"
60 fi
61 ]
62)
63
64if test "x$gsi_path" != "xno" ; then
65 # Globus GSSAPI configuration
66 AC_MSG_CHECKING(for Globus GSI)
67 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
68
69 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
70 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
71 fi
72 if test -z "$GSSAPI"; then
73 AC_DEFINE(GSSAPI)
74 GSSAPI="GSI"
75 fi
76
77 if test "x$gsi_path" = "xyes" ; then
78 if test -z "$GLOBUS_LOCATION" ; then
79 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
80 else
81 gsi_path="$GLOBUS_LOCATION"
82 fi
83 fi
84 GLOBUS_LOCATION="$gsi_path"
85 export GLOBUS_LOCATION
86 if test ! -d "$GLOBUS_LOCATION" ; then
87 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
88 fi
89
90 if test "x$globus_flavor_type" = "xno" ; then
91 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
92 fi
93 if test "x$globus_flavor_type" = "xyes" ; then
94 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
95 fi
96
97 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
98 if test ! -d "$GLOBUS_INCLUDE" ; then
99 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
100 fi
282f473f 101
102 if test -x ${gsi_path}/bin/globus-makefile-header ; then
103 ${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
104 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
105 ${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
106 else
107 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
108 fi
109 . ./gpt_build_tmp.sh
282f473f 110 if test -z "$GLOBUS_PKG_LIBS" ; then
111 AC_MSG_ERROR(globus-makefile-header failed)
112 fi
113
114 AC_DEFINE(HAVE_GSSAPI_H)
115
116 CC="$GLOBUS_CC"
117 CFLAGS="$GLOBUS_CFLAGS"
118 CPP="$GLOBUS_CPP"
119 CPPFLAGS="$GLOBUS_CPPFLAGS $GLOBUS_INCLUDES"
120 LIBS="$LIBS $GLOBUS_LIBS $GLOBUS_PKG_LIBS"
121 LD="$GLOBUS_LD"
122 LDFLAGS="$LDFLAGS $GLOBUS_LDFLAGS"
123
124 # test that we got the libraries OK
125 AC_TRY_LINK(
126 [],
127 [],
128 [
129 AC_MSG_RESULT(yes)
130 ],
131 [
132 AC_MSG_ERROR(link with Globus libraries failed)
133 ]
134 )
135 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
136 INSTALL_GSISSH="yes"
137else
138 INSTALL_GSISSH=""
139fi
140AC_SUBST(INSTALL_GSISSH)
141# End Globus/GSI section
142
3c0ef626 143AC_PROG_CC
144AC_CANONICAL_HOST
145AC_C_BIGENDIAN
146
147# Checks for programs.
7cac2b65 148AC_PROG_AWK
3c0ef626 149AC_PROG_CPP
150AC_PROG_RANLIB
151AC_PROG_INSTALL
4b6dae8f 152AC_PROG_EGREP
3c0ef626 153AC_PATH_PROG(AR, ar)
7e82606e 154AC_PATH_PROG(CAT, cat)
155AC_PATH_PROG(KILL, kill)
3c0ef626 156AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 157AC_PATH_PROG(SED, sed)
3c0ef626 158AC_SUBST(PERL)
159AC_PATH_PROG(ENT, ent)
160AC_SUBST(ENT)
3c0ef626 161AC_PATH_PROG(TEST_MINUS_S_SH, bash)
162AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
163AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 164AC_PATH_PROG(SH, sh)
7e82606e 165AC_SUBST(TEST_SHELL,sh)
166
167dnl for buildpkg.sh
168AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
169 [/usr/sbin${PATH_SEPARATOR}/etc])
170AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
171 [/usr/sbin${PATH_SEPARATOR}/etc])
172AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 173if test -x /sbin/sh; then
174 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
175else
176 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
177fi
3c0ef626 178
179# System features
180AC_SYS_LARGEFILE
181
182if test -z "$AR" ; then
183 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
184fi
185
186# Use LOGIN_PROGRAM from environment if possible
187if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 188 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
189 [If your header files don't define LOGIN_PROGRAM,
190 then use this (detected) from environment and PATH])
3c0ef626 191else
192 # Search for login
193 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
194 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
195 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
196 fi
197fi
198
540d72c3 199AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
200if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 201 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
202 [Full path of your "passwd" program])
540d72c3 203fi
204
3c0ef626 205if test -z "$LD" ; then
206 LD=$CC
207fi
208AC_SUBST(LD)
8b32eddc 209
3c0ef626 210AC_C_INLINE
2ce0bfe4 211
212AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
213
e74dc197 214use_stack_protector=1
215AC_ARG_WITH(stackprotect,
216 [ --without-stackprotect Don't use compiler's stack protection], [
217 if test "x$withval" = "xno"; then
218 use_stack_protector=0
219 fi ])
220
540d72c3 221if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 222 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 223 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 224 case $GCC_VER in
fa0f0f45 225 1.*) no_attrib_nonnull=1 ;;
226 2.8* | 2.9*)
227 CFLAGS="$CFLAGS -Wsign-compare"
228 no_attrib_nonnull=1
229 ;;
230 2.*) no_attrib_nonnull=1 ;;
08822d99 231 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
232 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
233 *) ;;
2ce0bfe4 234 esac
235
e74dc197 236 # -fstack-protector-all doesn't always work for some GCC versions
237 # and/or platforms, so we test if we can. If it's not supported
238 # on a give platform gcc will emit a warning so we use -Werror.
239 if test "x$use_stack_protector" = "x1"; then
240 for t in -fstack-protector-all -fstack-protector; do
241 AC_MSG_CHECKING(if $CC supports $t)
242 saved_CFLAGS="$CFLAGS"
243 saved_LDFLAGS="$LDFLAGS"
244 CFLAGS="$CFLAGS $t -Werror"
245 LDFLAGS="$LDFLAGS $t -Werror"
246 AC_LINK_IFELSE(
247 [AC_LANG_SOURCE([
248#include <stdlib.h>
249int main(void){return 0;}
250 ])],
251 [ AC_MSG_RESULT(yes)
252 CFLAGS="$saved_CFLAGS $t"
253 LDFLAGS="$saved_LDFLAGS $t"
254 AC_MSG_CHECKING(if $t works)
255 AC_RUN_IFELSE(
256 [AC_LANG_SOURCE([
257#include <stdlib.h>
258int main(void){exit(0);}
259 ])],
260 [ AC_MSG_RESULT(yes)
261 break ],
262 [ AC_MSG_RESULT(no) ],
263 [ AC_MSG_WARN([cross compiling: cannot test])
264 break ]
265 )
266 ],
267 [ AC_MSG_RESULT(no) ]
268 )
269 CFLAGS="$saved_CFLAGS"
270 LDFLAGS="$saved_LDFLAGS"
271 done
272 fi
273
2ce0bfe4 274 if test -z "$have_llong_max"; then
275 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
276 unset ac_cv_have_decl_LLONG_MAX
277 saved_CFLAGS="$CFLAGS"
278 CFLAGS="$CFLAGS -std=gnu99"
279 AC_CHECK_DECL(LLONG_MAX,
280 [have_llong_max=1],
281 [CFLAGS="$saved_CFLAGS"],
282 [#include <limits.h>]
283 )
284 fi
285fi
286
fa0f0f45 287if test "x$no_attrib_nonnull" != "x1" ; then
288 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
289fi
290
540d72c3 291AC_ARG_WITH(rpath,
292 [ --without-rpath Disable auto-added -R linker paths],
293 [
8b32eddc 294 if test "x$withval" = "xno" ; then
540d72c3 295 need_dash_r=""
296 fi
297 if test "x$withval" = "xyes" ; then
298 need_dash_r=1
299 fi
300 ]
301)
302
240debe0 303# Allow user to specify flags
304AC_ARG_WITH(cflags,
305 [ --with-cflags Specify additional flags to pass to compiler],
306 [
307 if test -n "$withval" && test "x$withval" != "xno" && \
308 test "x${withval}" != "xyes"; then
309 CFLAGS="$CFLAGS $withval"
310 fi
311 ]
312)
313AC_ARG_WITH(cppflags,
314 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
315 [
316 if test -n "$withval" && test "x$withval" != "xno" && \
317 test "x${withval}" != "xyes"; then
318 CPPFLAGS="$CPPFLAGS $withval"
319 fi
320 ]
321)
322AC_ARG_WITH(ldflags,
323 [ --with-ldflags Specify additional flags to pass to linker],
324 [
325 if test -n "$withval" && test "x$withval" != "xno" && \
326 test "x${withval}" != "xyes"; then
327 LDFLAGS="$LDFLAGS $withval"
328 fi
329 ]
330)
331AC_ARG_WITH(libs,
332 [ --with-libs Specify additional libraries to link with],
333 [
334 if test -n "$withval" && test "x$withval" != "xno" && \
335 test "x${withval}" != "xyes"; then
336 LIBS="$LIBS $withval"
337 fi
338 ]
339)
340AC_ARG_WITH(Werror,
341 [ --with-Werror Build main code with -Werror],
342 [
343 if test -n "$withval" && test "x$withval" != "xno"; then
344 werror_flags="-Werror"
345 if test "x${withval}" != "xyes"; then
346 werror_flags="$withval"
347 fi
348 fi
349 ]
350)
351
352AC_CHECK_HEADERS( \
353 bstring.h \
354 crypt.h \
355 crypto/sha2.h \
356 dirent.h \
357 endian.h \
358 features.h \
359 fcntl.h \
360 floatingpoint.h \
361 getopt.h \
362 glob.h \
363 ia.h \
364 iaf.h \
365 limits.h \
366 login.h \
367 maillock.h \
368 ndir.h \
369 net/if_tun.h \
370 netdb.h \
371 netgroup.h \
372 pam/pam_appl.h \
373 paths.h \
fa0f0f45 374 poll.h \
240debe0 375 pty.h \
376 readpassphrase.h \
377 rpc/types.h \
378 security/pam_appl.h \
379 sha2.h \
380 shadow.h \
381 stddef.h \
382 stdint.h \
383 string.h \
384 strings.h \
385 sys/audit.h \
386 sys/bitypes.h \
387 sys/bsdtty.h \
388 sys/cdefs.h \
389 sys/dir.h \
390 sys/mman.h \
391 sys/ndir.h \
e74dc197 392 sys/poll.h \
240debe0 393 sys/prctl.h \
394 sys/pstat.h \
395 sys/select.h \
396 sys/stat.h \
397 sys/stream.h \
398 sys/stropts.h \
399 sys/strtio.h \
400 sys/sysmacros.h \
401 sys/time.h \
402 sys/timers.h \
403 sys/un.h \
404 time.h \
405 tmpdir.h \
406 ttyent.h \
fa0f0f45 407 ucred.h \
240debe0 408 unistd.h \
409 usersec.h \
410 util.h \
411 utime.h \
412 utmp.h \
413 utmpx.h \
414 vis.h \
415)
416
417# lastlog.h requires sys/time.h to be included first on Solaris
418AC_CHECK_HEADERS(lastlog.h, [], [], [
419#ifdef HAVE_SYS_TIME_H
420# include <sys/time.h>
421#endif
422])
423
424# sys/ptms.h requires sys/stream.h to be included first on Solaris
425AC_CHECK_HEADERS(sys/ptms.h, [], [], [
426#ifdef HAVE_SYS_STREAM_H
427# include <sys/stream.h>
428#endif
429])
430
431# login_cap.h requires sys/types.h on NetBSD
432AC_CHECK_HEADERS(login_cap.h, [], [], [
433#include <sys/types.h>
434])
435
30460aeb 436# Messages for features tested for in target-specific section
437SIA_MSG="no"
438SPC_MSG="no"
439
3c0ef626 440# Check for some target-specific stuff
441case "$host" in
442*-*-aix*)
30460aeb 443 # Some versions of VAC won't allow macro redefinitions at
444 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
445 # particularly with older versions of vac or xlc.
446 # It also throws errors about null macro argments, but these are
447 # not fatal.
448 AC_MSG_CHECKING(if compiler allows macro redefinitions)
449 AC_COMPILE_IFELSE(
450 [AC_LANG_SOURCE([[
451#define testmacro foo
452#define testmacro bar
453int main(void) { exit(0); }
454 ]])],
455 [ AC_MSG_RESULT(yes) ],
456 [ AC_MSG_RESULT(no)
457 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
458 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
459 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
460 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
461 ]
462 )
463
540d72c3 464 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 465 if (test -z "$blibpath"); then
540d72c3 466 blibpath="/usr/lib:/lib"
3c0ef626 467 fi
256cb466 468 saved_LDFLAGS="$LDFLAGS"
30460aeb 469 if test "$GCC" = "yes"; then
470 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
471 else
472 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
473 fi
474 for tryflags in $flags ;do
256cb466 475 if (test -z "$blibflags"); then
476 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
477 AC_TRY_LINK([], [], [blibflags=$tryflags])
478 fi
479 done
480 if (test -z "$blibflags"); then
481 AC_MSG_RESULT(not found)
482 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
483 else
484 AC_MSG_RESULT($blibflags)
485 fi
486 LDFLAGS="$saved_LDFLAGS"
7cac2b65 487 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 488 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
489 [Define if you want to enable AIX4's authenticate function])],
d03f4262 490 [AC_CHECK_LIB(s,authenticate,
491 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
492 LIBS="$LIBS -ls"
493 ])
494 ])
dfddba3d 495 dnl Check for various auth function declarations in headers.
496 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 497 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 498 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 499 AC_CHECK_DECLS(loginfailed,
7cac2b65 500 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
501 AC_TRY_COMPILE(
502 [#include <usersec.h>],
503 [(void)loginfailed("user","host","tty",0);],
504 [AC_MSG_RESULT(yes)
08822d99 505 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
506 [Define if your AIX loginfailed() function
507 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 508 [AC_MSG_RESULT(no)]
509 )],
510 [],
511 [#include <usersec.h>]
512 )
e74dc197 513 AC_CHECK_FUNCS(getgrset setauthdb)
30460aeb 514 AC_CHECK_DECL(F_CLOSEM,
515 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
516 [],
517 [ #include <limits.h>
518 #include <fcntl.h> ]
519 )
dfddba3d 520 check_for_aix_broken_getaddrinfo=1
08822d99 521 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
522 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
523 [Define if your platform breaks doing a seteuid before a setuid])
524 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
525 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 526 dnl AIX handles lastlog as part of its login message
08822d99 527 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
528 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
529 [Some systems need a utmpx entry for /bin/login to work])
530 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
531 [Define to a Set Process Title type if your system is
532 supported by bsd-setproctitle.c])
533 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
534 [AIX 5.2 and 5.3 (and presumably newer) require this])
30460aeb 535 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 536 ;;
537*-*-cygwin*)
bfe49944 538 check_for_libcrypt_later=1
0b90ac93 539 LIBS="$LIBS /usr/lib/textreadmode.o"
08822d99 540 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
541 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
542 AC_DEFINE(DISABLE_SHADOW, 1,
543 [Define if you want to disable shadow passwords])
544 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
545 [Define if your system choked on IP TOS setting])
546 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
547 [Define if X11 doesn't support AF_UNIX sockets on that system])
548 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
549 [Define if the concept of ports only accessible to
550 superusers isn't known])
551 AC_DEFINE(DISABLE_FD_PASSING, 1,
552 [Define if your platform needs to skip post auth
553 file descriptor passing])
3c0ef626 554 ;;
555*-*-dgux*)
556 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 557 AC_DEFINE(SETEUID_BREAKS_SETUID)
558 AC_DEFINE(BROKEN_SETREUID)
559 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 560 ;;
561*-*-darwin*)
0b90ac93 562 AC_DEFINE(BROKEN_GETADDRINFO, 1, [Define if getaddrinfo is broken)])
563 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 564 AC_DEFINE(SETEUID_BREAKS_SETUID)
565 AC_DEFINE(BROKEN_SETREUID)
566 AC_DEFINE(BROKEN_SETREGID)
e74dc197 567 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
08822d99 568 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
569 [Define if your resolver libs need this for getrrsetbyname])
30460aeb 570 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
571 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
572 [Use tunnel device compatibility to OpenBSD])
573 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
574 [Prepend the address family to IP tunnel traffic])
e74dc197 575 m4_pattern_allow(AU_IPv)
576 AC_CHECK_DECL(AU_IPv4, [],
577 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
578 [#include <bsm/audit.h>]
579 )
f713db99 580 AC_MSG_CHECKING(if we have the Security Authorization Session API)
581 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
582 [SessionCreate(0, 0);],
583 [ac_cv_use_security_session_api="yes"
584 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
585 [platform has the Security Authorization Session API])
586 LIBS="$LIBS -framework Security"
587 AC_MSG_RESULT(yes)],
588 [ac_cv_use_security_session_api="no"
589 AC_MSG_RESULT(no)])
590 AC_MSG_CHECKING(if we have an in-memory credentials cache)
591 AC_TRY_COMPILE(
592 [#include <Kerberos/Kerberos.h>],
593 [cc_context_t c;
594 (void) cc_initialize (&c, 0, NULL, NULL);],
595 [AC_DEFINE(USE_CCAPI, 1,
596 [platform uses an in-memory credentials cache])
597 LIBS="$LIBS -framework Security"
598 AC_MSG_RESULT(yes)
599 if test "x$ac_cv_use_security_session_api" = "xno"; then
600 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
601 fi],
602 [AC_MSG_RESULT(no)]
603 )
e74dc197 604 ;;
30460aeb 605*-*-dragonfly*)
606 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 607 ;;
2ce0bfe4 608*-*-hpux*)
609 # first we define all of the options common to all HP-UX releases
3c0ef626 610 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
611 IPADDR_IN_DISPLAY=yes
3c0ef626 612 AC_DEFINE(USE_PIPES)
08822d99 613 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
614 [Define if your login program cannot handle end of options ("--")])
350391c5 615 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 616 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
617 [String used in /etc/passwd to denote locked account])
7cac2b65 618 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 619 MAIL="/var/mail/username"
d03f4262 620 LIBS="$LIBS -lsec"
2ce0bfe4 621 AC_CHECK_LIB(xnet, t_error, ,
622 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
623
624 # next, we define all of the options specific to major releases
625 case "$host" in
626 *-*-hpux10*)
627 if test -z "$GCC"; then
628 CFLAGS="$CFLAGS -Ae"
629 fi
630 ;;
631 *-*-hpux11*)
08822d99 632 AC_DEFINE(PAM_SUN_CODEBASE, 1,
633 [Define if you are using Solaris-derived PAM which
634 passes pam_messages to the conversation function
635 with an extra level of indirection])
636 AC_DEFINE(DISABLE_UTMP, 1,
637 [Define if you don't want to use utmp])
2ce0bfe4 638 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
639 check_for_hpux_broken_getaddrinfo=1
640 check_for_conflicting_getspnam=1
641 ;;
642 esac
643
644 # lastly, we define options specific to minor releases
645 case "$host" in
646 *-*-hpux10.26)
08822d99 647 AC_DEFINE(HAVE_SECUREWARE, 1,
648 [Define if you have SecureWare-based
649 protected password database])
2ce0bfe4 650 disable_ptmx_check=yes
651 LIBS="$LIBS -lsecpw"
652 ;;
653 esac
3c0ef626 654 ;;
655*-*-irix5*)
3c0ef626 656 PATH="$PATH:/usr/etc"
08822d99 657 AC_DEFINE(BROKEN_INET_NTOA, 1,
658 [Define if you system's inet_ntoa is busted
659 (e.g. Irix gcc issue)])
540d72c3 660 AC_DEFINE(SETEUID_BREAKS_SETUID)
661 AC_DEFINE(BROKEN_SETREUID)
662 AC_DEFINE(BROKEN_SETREGID)
08822d99 663 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
664 [Define if you shouldn't strip 'tty' from your
665 ttyname in [uw]tmp])
7cac2b65 666 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 667 ;;
668*-*-irix6*)
3c0ef626 669 PATH="$PATH:/usr/etc"
08822d99 670 AC_DEFINE(WITH_IRIX_ARRAY, 1,
671 [Define if you have/want arrays
672 (cluster-wide session managment, not C arrays)])
673 AC_DEFINE(WITH_IRIX_PROJECT, 1,
674 [Define if you want IRIX project management])
675 AC_DEFINE(WITH_IRIX_AUDIT, 1,
676 [Define if you want IRIX audit trails])
677 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
678 [Define if you want IRIX kernel jobs])])
3c0ef626 679 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 680 AC_DEFINE(SETEUID_BREAKS_SETUID)
681 AC_DEFINE(BROKEN_SETREUID)
682 AC_DEFINE(BROKEN_SETREGID)
08822d99 683 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 684 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 685 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 686 ;;
687*-*-linux*)
688 no_dev_ptmx=1
689 check_for_libcrypt_later=1
7cac2b65 690 check_for_openpty_ctty_bug=1
08822d99 691 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
692 AC_DEFINE(PAM_TTY_KLUDGE, 1,
693 [Work around problematic Linux PAM modules handling of PAM_TTY])
694 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
695 [String used in /etc/passwd to denote locked account])
7cac2b65 696 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 697 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
698 [Define to whatever link() returns for "not supported"
699 if it doesn't return EOPNOTSUPP.])
dfddba3d 700 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 701 AC_DEFINE(USE_BTMP)
3c0ef626 702 inet6_default_4in6=yes
7cac2b65 703 case `uname -r` in
704 1.*|2.0.*)
08822d99 705 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
706 [Define if cmsg_type is not passed correctly])
7cac2b65 707 ;;
708 esac
08822d99 709 # tun(4) forwarding compat code
710 AC_CHECK_HEADERS(linux/if_tun.h)
711 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
712 AC_DEFINE(SSH_TUN_LINUX, 1,
713 [Open tunnel devices the Linux tun/tap way])
714 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
715 [Use tunnel device compatibility to OpenBSD])
716 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
717 [Prepend the address family to IP tunnel traffic])
718 fi
3c0ef626 719 ;;
720mips-sony-bsd|mips-sony-newsos4)
4b6dae8f 721 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 722 SONY=1
3c0ef626 723 ;;
724*-*-netbsd*)
d03f4262 725 check_for_libcrypt_before=1
8b32eddc 726 if test "x$withval" != "xno" ; then
540d72c3 727 need_dash_r=1
728 fi
08822d99 729 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
730 AC_CHECK_HEADER([net/if_tap.h], ,
731 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
732 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
733 [Prepend the address family to IP tunnel traffic])
3c0ef626 734 ;;
735*-*-freebsd*)
736 check_for_libcrypt_later=1
08822d99 737 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
738 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
739 AC_CHECK_HEADER([net/if_tap.h], ,
740 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
e74dc197 741 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
3c0ef626 742 ;;
29d88157 743*-*-bsdi*)
744 AC_DEFINE(SETEUID_BREAKS_SETUID)
745 AC_DEFINE(BROKEN_SETREUID)
746 AC_DEFINE(BROKEN_SETREGID)
747 ;;
3c0ef626 748*-next-*)
749 conf_lastlog_location="/usr/adm/lastlog"
750 conf_utmp_location=/etc/utmp
751 conf_wtmp_location=/usr/adm/wtmp
752 MAIL=/usr/spool/mail
08822d99 753 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 754 AC_DEFINE(BROKEN_REALPATH)
755 AC_DEFINE(USE_PIPES)
08822d99 756 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 757 ;;
2ce0bfe4 758*-*-openbsd*)
759 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 760 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
761 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
30460aeb 762 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
763 [syslog_r function is safe to use in in a signal handler])
2ce0bfe4 764 ;;
3c0ef626 765*-*-solaris*)
8b32eddc 766 if test "x$withval" != "xno" ; then
12a403af 767 need_dash_r=1
768 fi
3c0ef626 769 AC_DEFINE(PAM_SUN_CODEBASE)
770 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 771 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
772 [Some versions of /bin/login need the TERM supplied
773 on the commandline])
3c0ef626 774 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 775 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
776 [Define if pam_chauthtok wants real uid set
777 to the unpriv'ed user])
7cac2b65 778 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
779 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 780 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
781 [Define if sshd somehow reacquires a controlling TTY
782 after setsid()])
30460aeb 783 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
784 in case the name is longer than 8 chars])
7cac2b65 785 external_path_file=/etc/default/login
3c0ef626 786 # hardwire lastlog location (can't detect it on some versions)
787 conf_lastlog_location="/var/adm/lastlog"
788 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
789 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
790 if test "$sol2ver" -ge 8; then
791 AC_MSG_RESULT(yes)
792 AC_DEFINE(DISABLE_UTMP)
08822d99 793 AC_DEFINE(DISABLE_WTMP, 1,
794 [Define if you don't want to use wtmp])
3c0ef626 795 else
796 AC_MSG_RESULT(no)
797 fi
30460aeb 798 AC_ARG_WITH(solaris-contracts,
799 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
800 [
801 AC_CHECK_LIB(contract, ct_tmpl_activate,
802 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
803 [Define if you have Solaris process contracts])
804 SSHDLIBS="$SSHDLIBS -lcontract"
805 AC_SUBST(SSHDLIBS)
806 SPC_MSG="yes" ], )
807 ],
808 )
3c0ef626 809 ;;
810*-*-sunos4*)
811 CPPFLAGS="$CPPFLAGS -DSUNOS4"
812 AC_CHECK_FUNCS(getpwanam)
813 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 814 conf_utmp_location=/etc/utmp
815 conf_wtmp_location=/var/adm/wtmp
816 conf_lastlog_location=/var/adm/lastlog
817 AC_DEFINE(USE_PIPES)
818 ;;
819*-ncr-sysv*)
3c0ef626 820 LIBS="$LIBS -lc89"
e9702f7d 821 AC_DEFINE(USE_PIPES)
7cac2b65 822 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 823 AC_DEFINE(SETEUID_BREAKS_SETUID)
824 AC_DEFINE(BROKEN_SETREUID)
825 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 826 ;;
827*-sni-sysv*)
3c0ef626 828 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 829 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 830 # -lresolv needs to be at the end of LIBS or DNS lookups break
831 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 832 IPADDR_IN_DISPLAY=yes
833 AC_DEFINE(USE_PIPES)
834 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 835 AC_DEFINE(SETEUID_BREAKS_SETUID)
836 AC_DEFINE(BROKEN_SETREUID)
837 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 838 AC_DEFINE(SSHD_ACQUIRES_CTTY)
839 external_path_file=/etc/default/login
3c0ef626 840 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
841 # Attention: always take care to bind libsocket and libnsl before libc,
842 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
843 ;;
dfddba3d 844# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 845*-*-sysv4.2*)
3c0ef626 846 AC_DEFINE(USE_PIPES)
7cac2b65 847 AC_DEFINE(SETEUID_BREAKS_SETUID)
848 AC_DEFINE(BROKEN_SETREUID)
849 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 850 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 851 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 852 ;;
dfddba3d 853# UnixWare 7.x, OpenUNIX 8
3c0ef626 854*-*-sysv5*)
2ce0bfe4 855 check_for_libcrypt_later=1
856 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 857 AC_DEFINE(USE_PIPES)
7cac2b65 858 AC_DEFINE(SETEUID_BREAKS_SETUID)
859 AC_DEFINE(BROKEN_SETREUID)
860 AC_DEFINE(BROKEN_SETREGID)
08822d99 861 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 862 case "$host" in
863 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
864 TEST_SHELL=/u95/bin/sh
08822d99 865 AC_DEFINE(BROKEN_LIBIAF, 1,
866 [ia_uinfo routines not supported by OS yet])
30460aeb 867 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 868 ;;
869 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 870 ;;
871 esac
3c0ef626 872 ;;
873*-*-sysv*)
3c0ef626 874 ;;
dfddba3d 875# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 876*-*-sco3.2v4*)
dfddba3d 877 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 878 ;;
dfddba3d 879# SCO OpenServer 5.x
3c0ef626 880*-*-sco3.2v5*)
bfe49944 881 if test -z "$GCC"; then
882 CFLAGS="$CFLAGS -belf"
883 fi
3c0ef626 884 LIBS="$LIBS -lprot -lx -ltinfo -lm"
885 no_dev_ptmx=1
3c0ef626 886 AC_DEFINE(USE_PIPES)
350391c5 887 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 888 AC_DEFINE(DISABLE_SHADOW)
d03f4262 889 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 890 AC_DEFINE(SETEUID_BREAKS_SETUID)
891 AC_DEFINE(BROKEN_SETREUID)
892 AC_DEFINE(BROKEN_SETREGID)
893 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 894 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 895 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 896 AC_CHECK_FUNCS(getluid setluid)
897 MANTYPE=man
7e82606e 898 TEST_SHELL=ksh
3c0ef626 899 ;;
d03f4262 900*-*-unicosmk*)
08822d99 901 AC_DEFINE(NO_SSH_LASTLOG, 1,
902 [Define if you don't want to use lastlog in session.c])
540d72c3 903 AC_DEFINE(SETEUID_BREAKS_SETUID)
904 AC_DEFINE(BROKEN_SETREUID)
905 AC_DEFINE(BROKEN_SETREGID)
d03f4262 906 AC_DEFINE(USE_PIPES)
907 AC_DEFINE(DISABLE_FD_PASSING)
908 LDFLAGS="$LDFLAGS"
909 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
910 MANTYPE=cat
911 ;;
7cac2b65 912*-*-unicosmp*)
540d72c3 913 AC_DEFINE(SETEUID_BREAKS_SETUID)
914 AC_DEFINE(BROKEN_SETREUID)
915 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 916 AC_DEFINE(WITH_ABBREV_NO_TTY)
917 AC_DEFINE(USE_PIPES)
918 AC_DEFINE(DISABLE_FD_PASSING)
919 LDFLAGS="$LDFLAGS"
540d72c3 920 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 921 MANTYPE=cat
922 ;;
3c0ef626 923*-*-unicos*)
540d72c3 924 AC_DEFINE(SETEUID_BREAKS_SETUID)
925 AC_DEFINE(BROKEN_SETREUID)
926 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 927 AC_DEFINE(USE_PIPES)
d03f4262 928 AC_DEFINE(DISABLE_FD_PASSING)
929 AC_DEFINE(NO_SSH_LASTLOG)
930 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
931 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
932 MANTYPE=cat
3c0ef626 933 ;;
934*-dec-osf*)
935 AC_MSG_CHECKING(for Digital Unix SIA)
936 no_osfsia=""
937 AC_ARG_WITH(osfsia,
938 [ --with-osfsia Enable Digital Unix SIA],
939 [
940 if test "x$withval" = "xno" ; then
941 AC_MSG_RESULT(disabled)
942 no_osfsia=1
943 fi
944 ],
945 )
946 if test -z "$no_osfsia" ; then
947 if test -f /etc/sia/matrix.conf; then
948 AC_MSG_RESULT(yes)
08822d99 949 AC_DEFINE(HAVE_OSF_SIA, 1,
950 [Define if you have Digital Unix Security
951 Integration Architecture])
952 AC_DEFINE(DISABLE_LOGIN, 1,
953 [Define if you don't want to use your
954 system's login() call])
bfe49944 955 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 956 LIBS="$LIBS -lsecurity -ldb -lm -laud"
30460aeb 957 SIA_MSG="yes"
3c0ef626 958 else
959 AC_MSG_RESULT(no)
08822d99 960 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
961 [String used in /etc/passwd to denote locked account])
3c0ef626 962 fi
963 fi
7cac2b65 964 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 965 AC_DEFINE(SETEUID_BREAKS_SETUID)
966 AC_DEFINE(BROKEN_SETREUID)
967 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 968 ;;
969
4b6dae8f 970*-*-nto-qnx*)
3c0ef626 971 AC_DEFINE(USE_PIPES)
972 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 973 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
974 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
975 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
4b6dae8f 976 AC_DEFINE(DISABLE_LASTLOG)
30460aeb 977 AC_DEFINE(SSHD_ACQUIRES_CTTY)
e74dc197 978 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
30460aeb 979 enable_etc_default_login=no # has incompatible /etc/default/login
fa0f0f45 980 case "$host" in
981 *-*-nto-qnx6*)
982 AC_DEFINE(DISABLE_FD_PASSING)
983 ;;
984 esac
3c0ef626 985 ;;
2ce0bfe4 986
987*-*-ultrix*)
08822d99 988 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
989 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b6dae8f 990 AC_DEFINE(NEED_SETPGRP)
2ce0bfe4 991 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
992 ;;
993
994*-*-lynxos)
995 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 996 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 997 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
998 ;;
3c0ef626 999esac
1000
7cac2b65 1001AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 1002AC_RUN_IFELSE(
1003 [AC_LANG_SOURCE([
7cac2b65 1004#include <stdio.h>
1005int main(){exit(0);}
dfddba3d 1006 ])],
7cac2b65 1007 [ AC_MSG_RESULT(yes) ],
1008 [
1009 AC_MSG_RESULT(no)
1010 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 1011 ],
1012 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 1013)
1014
2ce0bfe4 1015dnl Checks for header files.
3c0ef626 1016# Checks for libraries.
1017AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
1018AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
1019
7cac2b65 1020dnl IRIX and Solaris 2.5.1 have dirname() in libgen
1021AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
1022 AC_CHECK_LIB(gen, dirname,[
1023 AC_CACHE_CHECK([for broken dirname],
1024 ac_cv_have_broken_dirname, [
1025 save_LIBS="$LIBS"
1026 LIBS="$LIBS -lgen"
08822d99 1027 AC_RUN_IFELSE(
1028 [AC_LANG_SOURCE([[
7cac2b65 1029#include <libgen.h>
1030#include <string.h>
1031
1032int main(int argc, char **argv) {
1033 char *s, buf[32];
1034
1035 strncpy(buf,"/etc", 32);
1036 s = dirname(buf);
1037 if (!s || strncmp(s, "/", 32) != 0) {
1038 exit(1);
1039 } else {
1040 exit(0);
1041 }
1042}
08822d99 1043 ]])],
1044 [ ac_cv_have_broken_dirname="no" ],
1045 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 1046 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 1047 )
1048 LIBS="$save_LIBS"
1049 ])
1050 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
1051 LIBS="$LIBS -lgen"
1052 AC_DEFINE(HAVE_DIRNAME)
1053 AC_CHECK_HEADERS(libgen.h)
1054 fi
1055 ])
1056])
1057
3c0ef626 1058AC_CHECK_FUNC(getspnam, ,
1059 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 1060AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
1061 [Define if you have the basename function.]))
3c0ef626 1062
1063dnl zlib is required
1064AC_ARG_WITH(zlib,
1065 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 1066 [ if test "x$withval" = "xno" ; then
1067 AC_MSG_ERROR([*** zlib is required ***])
1068 elif test "x$withval" != "xyes"; then
3c0ef626 1069 if test -d "$withval/lib"; then
1070 if test -n "${need_dash_r}"; then
1071 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1072 else
1073 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1074 fi
1075 else
1076 if test -n "${need_dash_r}"; then
1077 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1078 else
1079 LDFLAGS="-L${withval} ${LDFLAGS}"
1080 fi
1081 fi
1082 if test -d "$withval/include"; then
1083 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1084 else
1085 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1086 fi
8b32eddc 1087 fi ]
3c0ef626 1088)
1089
540d72c3 1090AC_CHECK_LIB(z, deflate, ,
1091 [
1092 saved_CPPFLAGS="$CPPFLAGS"
1093 saved_LDFLAGS="$LDFLAGS"
1094 save_LIBS="$LIBS"
1095 dnl Check default zlib install dir
1096 if test -n "${need_dash_r}"; then
1097 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
1098 else
1099 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
1100 fi
1101 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
1102 LIBS="$LIBS -lz"
1103 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
1104 [
1105 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
1106 ]
1107 )
1108 ]
1109)
1110AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
1111
1112AC_ARG_WITH(zlib-version-check,
1113 [ --without-zlib-version-check Disable zlib version check],
1114 [ if test "x$withval" = "xno" ; then
1115 zlib_check_nonfatal=1
1116 fi
1117 ]
1118)
1119
8b32eddc 1120AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 1121AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 1122#include <stdio.h>
540d72c3 1123#include <zlib.h>
1124int main()
1125{
8b32eddc 1126 int a=0, b=0, c=0, d=0, n, v;
1127 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1128 if (n != 3 && n != 4)
540d72c3 1129 exit(1);
8b32eddc 1130 v = a*1000000 + b*10000 + c*100 + d;
1131 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1132
1133 /* 1.1.4 is OK */
1134 if (a == 1 && b == 1 && c >= 4)
540d72c3 1135 exit(0);
8b32eddc 1136
2ce0bfe4 1137 /* 1.2.3 and up are OK */
1138 if (v >= 1020300)
8b32eddc 1139 exit(0);
1140
540d72c3 1141 exit(2);
1142}
dfddba3d 1143 ]])],
8b32eddc 1144 AC_MSG_RESULT(no),
1145 [ AC_MSG_RESULT(yes)
540d72c3 1146 if test -z "$zlib_check_nonfatal" ; then
1147 AC_MSG_ERROR([*** zlib too old - check config.log ***
1148Your reported zlib version has known security problems. It's possible your
1149vendor has fixed these problems without changing the version number. If you
1150are sure this is the case, you can disable the check by running
1151"./configure --without-zlib-version-check".
2ce0bfe4 1152If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 1153See http://www.gzip.org/zlib/ for details.])
540d72c3 1154 else
1155 AC_MSG_WARN([zlib version may have security problems])
1156 fi
dfddba3d 1157 ],
1158 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 1159)
3c0ef626 1160
3c0ef626 1161dnl UnixWare 2.x
540d72c3 1162AC_CHECK_FUNC(strcasecmp,
3c0ef626 1163 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1164)
08822d99 1165AC_CHECK_FUNCS(utimes,
d03f4262 1166 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1167 LIBS="$LIBS -lc89"]) ]
3c0ef626 1168)
1169
1170dnl Checks for libutil functions
1171AC_CHECK_HEADERS(libutil.h)
08822d99 1172AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1173 [Define if your libraries define login()])])
3c0ef626 1174AC_CHECK_FUNCS(logout updwtmp logwtmp)
1175
1176AC_FUNC_STRFTIME
1177
3c0ef626 1178# Check for ALTDIRFUNC glob() extension
1179AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1180AC_EGREP_CPP(FOUNDIT,
1181 [
1182 #include <glob.h>
1183 #ifdef GLOB_ALTDIRFUNC
1184 FOUNDIT
1185 #endif
540d72c3 1186 ],
3c0ef626 1187 [
08822d99 1188 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1189 [Define if your system glob() function has
1190 the GLOB_ALTDIRFUNC extension])
3c0ef626 1191 AC_MSG_RESULT(yes)
1192 ],
1193 [
1194 AC_MSG_RESULT(no)
1195 ]
1196)
1197
1198# Check for g.gl_matchc glob() extension
1199AC_MSG_CHECKING(for gl_matchc field in glob_t)
30460aeb 1200AC_TRY_COMPILE(
1201 [ #include <glob.h> ],
1202 [glob_t g; g.gl_matchc = 1;],
540d72c3 1203 [
08822d99 1204 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1205 [Define if your system glob() function has
1206 gl_matchc options in glob_t])
540d72c3 1207 AC_MSG_RESULT(yes)
1208 ],
1209 [
1210 AC_MSG_RESULT(no)
1211 ]
3c0ef626 1212)
1213
30460aeb 1214AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1215
3c0ef626 1216AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 1217AC_RUN_IFELSE(
1218 [AC_LANG_SOURCE([[
3c0ef626 1219#include <sys/types.h>
1220#include <dirent.h>
d03f4262 1221int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 1222 ]])],
540d72c3 1223 [AC_MSG_RESULT(yes)],
3c0ef626 1224 [
1225 AC_MSG_RESULT(no)
08822d99 1226 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1227 [Define if your struct dirent expects you to
1228 allocate extra space for d_name])
dfddba3d 1229 ],
8b32eddc 1230 [
dfddba3d 1231 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1232 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1233 ]
1234)
1235
7e82606e 1236AC_MSG_CHECKING([for /proc/pid/fd directory])
1237if test -d "/proc/$$/fd" ; then
08822d99 1238 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1239 AC_MSG_RESULT(yes)
1240else
1241 AC_MSG_RESULT(no)
1242fi
1243
3c0ef626 1244# Check whether user wants S/Key support
540d72c3 1245SKEY_MSG="no"
3c0ef626 1246AC_ARG_WITH(skey,
dfddba3d 1247 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1248 [
1249 if test "x$withval" != "xno" ; then
1250
1251 if test "x$withval" != "xyes" ; then
1252 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1253 LDFLAGS="$LDFLAGS -L${withval}/lib"
1254 fi
1255
08822d99 1256 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1257 LIBS="-lskey $LIBS"
540d72c3 1258 SKEY_MSG="yes"
8b32eddc 1259
e9702f7d 1260 AC_MSG_CHECKING([for s/key support])
08822d99 1261 AC_LINK_IFELSE(
1262 [AC_LANG_SOURCE([[
e9702f7d 1263#include <stdio.h>
1264#include <skey.h>
d03f4262 1265int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1266 ]])],
e9702f7d 1267 [AC_MSG_RESULT(yes)],
3c0ef626 1268 [
e9702f7d 1269 AC_MSG_RESULT(no)
3c0ef626 1270 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1271 ])
12a403af 1272 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1273 AC_TRY_COMPILE(
1274 [#include <stdio.h>
1275 #include <skey.h>],
1276 [(void)skeychallenge(NULL,"name","",0);],
1277 [AC_MSG_RESULT(yes)
08822d99 1278 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1279 [Define if your skeychallenge()
1280 function takes 4 arguments (NetBSD)])],
12a403af 1281 [AC_MSG_RESULT(no)]
1282 )
3c0ef626 1283 fi
1284 ]
1285)
1286
1287# Check whether user wants TCP wrappers support
1288TCPW_MSG="no"
1289AC_ARG_WITH(tcp-wrappers,
dfddba3d 1290 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1291 [
1292 if test "x$withval" != "xno" ; then
1293 saved_LIBS="$LIBS"
1294 saved_LDFLAGS="$LDFLAGS"
1295 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1296 if test -n "${withval}" && \
1297 test "x${withval}" != "xyes"; then
3c0ef626 1298 if test -d "${withval}/lib"; then
1299 if test -n "${need_dash_r}"; then
1300 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1301 else
1302 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1303 fi
1304 else
1305 if test -n "${need_dash_r}"; then
1306 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1307 else
1308 LDFLAGS="-L${withval} ${LDFLAGS}"
1309 fi
1310 fi
1311 if test -d "${withval}/include"; then
1312 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1313 else
1314 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1315 fi
1316 fi
fa0f0f45 1317 LIBS="-lwrap $LIBS"
3c0ef626 1318 AC_MSG_CHECKING(for libwrap)
1319 AC_TRY_LINK(
1320 [
12a403af 1321#include <sys/types.h>
1322#include <sys/socket.h>
1323#include <netinet/in.h>
3c0ef626 1324#include <tcpd.h>
1325 int deny_severity = 0, allow_severity = 0;
1326 ],
1327 [hosts_access(0);],
1328 [
1329 AC_MSG_RESULT(yes)
08822d99 1330 AC_DEFINE(LIBWRAP, 1,
1331 [Define if you want
1332 TCP Wrappers support])
fa0f0f45 1333 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1334 TCPW_MSG="yes"
1335 ],
1336 [
1337 AC_MSG_ERROR([*** libwrap missing])
1338 ]
1339 )
e9702f7d 1340 LIBS="$saved_LIBS"
3c0ef626 1341 fi
1342 ]
1343)
1344
dfddba3d 1345# Check whether user wants libedit support
1346LIBEDIT_MSG="no"
1347AC_ARG_WITH(libedit,
1348 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1349 [ if test "x$withval" != "xno" ; then
8b32eddc 1350 if test "x$withval" != "xyes"; then
08822d99 1351 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1352 if test -n "${need_dash_r}"; then
1353 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1354 else
1355 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1356 fi
8b32eddc 1357 fi
dfddba3d 1358 AC_CHECK_LIB(edit, el_init,
08822d99 1359 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1360 LIBEDIT="-ledit -lcurses"
1361 LIBEDIT_MSG="yes"
1362 AC_SUBST(LIBEDIT)
1363 ],
8b32eddc 1364 [ AC_MSG_ERROR(libedit not found) ],
1365 [ -lcurses ]
dfddba3d 1366 )
2ce0bfe4 1367 AC_MSG_CHECKING(if libedit version is compatible)
1368 AC_COMPILE_IFELSE(
1369 [AC_LANG_SOURCE([[
1370#include <histedit.h>
1371int main(void)
1372{
1373 int i = H_SETSIZE;
1374 el_init("", NULL, NULL, NULL);
1375 exit(0);
1376}
1377 ]])],
1378 [ AC_MSG_RESULT(yes) ],
1379 [ AC_MSG_RESULT(no)
1380 AC_MSG_ERROR(libedit version is not compatible) ]
1381 )
dfddba3d 1382 fi ]
1383)
1384
1385AUDIT_MODULE=none
1386AC_ARG_WITH(audit,
1387 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1388 [
1389 AC_MSG_CHECKING(for supported audit module)
1390 case "$withval" in
1391 bsm)
1392 AC_MSG_RESULT(bsm)
1393 AUDIT_MODULE=bsm
1394 dnl Checks for headers, libs and functions
1395 AC_CHECK_HEADERS(bsm/audit.h, [],
30460aeb 1396 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1397 [
1398#ifdef HAVE_TIME_H
1399# include <time.h>
1400#endif
1401 ]
1402)
dfddba3d 1403 AC_CHECK_LIB(bsm, getaudit, [],
1404 [AC_MSG_ERROR(BSM enabled and required library not found)])
1405 AC_CHECK_FUNCS(getaudit, [],
1406 [AC_MSG_ERROR(BSM enabled and required function not found)])
1407 # These are optional
e74dc197 1408 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
08822d99 1409 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1410 ;;
1411 debug)
1412 AUDIT_MODULE=debug
1413 AC_MSG_RESULT(debug)
08822d99 1414 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1415 ;;
2ce0bfe4 1416 no)
1417 AC_MSG_RESULT(no)
1418 ;;
dfddba3d 1419 *)
1420 AC_MSG_ERROR([Unknown audit module $withval])
1421 ;;
1422 esac ]
1423)
1424
bfe49944 1425dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1426AC_CHECK_FUNCS( \
1427 arc4random \
08822d99 1428 asprintf \
2ce0bfe4 1429 b64_ntop \
1430 __b64_ntop \
1431 b64_pton \
1432 __b64_pton \
1433 bcopy \
1434 bindresvport_sa \
1435 clock \
1436 closefrom \
1437 dirfd \
1438 fchmod \
1439 fchown \
1440 freeaddrinfo \
1441 futimes \
1442 getaddrinfo \
1443 getcwd \
1444 getgrouplist \
1445 getnameinfo \
1446 getopt \
1447 getpeereid \
fa0f0f45 1448 getpeerucred \
2ce0bfe4 1449 _getpty \
1450 getrlimit \
1451 getttyent \
1452 glob \
1453 inet_aton \
1454 inet_ntoa \
1455 inet_ntop \
1456 innetgr \
1457 login_getcapbool \
1458 md5_crypt \
1459 memmove \
1460 mkdtemp \
1461 mmap \
1462 ngetaddrinfo \
1463 nsleep \
1464 ogetaddrinfo \
1465 openlog_r \
1466 openpty \
fa0f0f45 1467 poll \
2ce0bfe4 1468 prctl \
1469 pstat \
1470 readpassphrase \
1471 realpath \
1472 recvmsg \
1473 rresvport_af \
1474 sendmsg \
1475 setdtablesize \
1476 setegid \
1477 setenv \
1478 seteuid \
1479 setgroups \
1480 setlogin \
1481 setpcred \
1482 setproctitle \
1483 setregid \
1484 setreuid \
1485 setrlimit \
1486 setsid \
1487 setvbuf \
1488 sigaction \
1489 sigvec \
1490 snprintf \
1491 socketpair \
1492 strdup \
1493 strerror \
1494 strlcat \
1495 strlcpy \
1496 strmode \
1497 strnvis \
1498 strtonum \
1499 strtoll \
1500 strtoul \
fa0f0f45 1501 swap32 \
2ce0bfe4 1502 sysconf \
1503 tcgetpgrp \
1504 truncate \
1505 unsetenv \
1506 updwtmpx \
08822d99 1507 vasprintf \
2ce0bfe4 1508 vhangup \
1509 vsnprintf \
1510 waitpid \
bfe49944 1511)
1512
29d88157 1513# IRIX has a const char return value for gai_strerror()
1514AC_CHECK_FUNCS(gai_strerror,[
1515 AC_DEFINE(HAVE_GAI_STRERROR)
1516 AC_TRY_COMPILE([
1517#include <sys/types.h>
1518#include <sys/socket.h>
1519#include <netdb.h>
1520
1521const char *gai_strerror(int);],[
1522char *str;
1523
1524str = gai_strerror(0);],[
1525 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1526 [Define if gai_strerror() returns const char *])])])
1527
08822d99 1528AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1529 [Some systems put nanosleep outside of libc]))
bfe49944 1530
7cac2b65 1531dnl Make sure prototypes are defined for these before using them.
7cac2b65 1532AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1533AC_CHECK_DECL(strsep,
1534 [AC_CHECK_FUNCS(strsep)],
1535 [],
1536 [
1537#ifdef HAVE_STRING_H
1538# include <string.h>
1539#endif
1540 ])
3c0ef626 1541
7cac2b65 1542dnl tcsendbreak might be a macro
1543AC_CHECK_DECL(tcsendbreak,
1544 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1545 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1546 [#include <termios.h>]
1547)
3c0ef626 1548
7e82606e 1549AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1550
30460aeb 1551AC_CHECK_DECLS(SHUT_RD, , ,
1552 [
1553#include <sys/types.h>
1554#include <sys/socket.h>
1555 ])
1556
1557AC_CHECK_DECLS(O_NONBLOCK, , ,
1558 [
1559#include <sys/types.h>
1560#ifdef HAVE_SYS_STAT_H
1561# include <sys/stat.h>
1562#endif
1563#ifdef HAVE_FCNTL_H
1564# include <fcntl.h>
1565#endif
1566 ])
1567
1568AC_CHECK_DECLS(writev, , , [
1569#include <sys/types.h>
1570#include <sys/uio.h>
1571#include <unistd.h>
1572 ])
1573
fa0f0f45 1574AC_CHECK_DECLS(MAXSYMLINKS, , , [
1575#include <sys/param.h>
1576 ])
1577
1578AC_CHECK_DECLS(offsetof, , , [
1579#include <stddef.h>
1580 ])
1581
540d72c3 1582AC_CHECK_FUNCS(setresuid, [
1583 dnl Some platorms have setresuid that isn't implemented, test for this
1584 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1585 AC_RUN_IFELSE(
1586 [AC_LANG_SOURCE([[
540d72c3 1587#include <stdlib.h>
1588#include <errno.h>
1589int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1590 ]])],
540d72c3 1591 [AC_MSG_RESULT(yes)],
08822d99 1592 [AC_DEFINE(BROKEN_SETRESUID, 1,
1593 [Define if your setresuid() is broken])
dfddba3d 1594 AC_MSG_RESULT(not implemented)],
1595 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1596 )
1597])
1598
1599AC_CHECK_FUNCS(setresgid, [
1600 dnl Some platorms have setresgid that isn't implemented, test for this
1601 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1602 AC_RUN_IFELSE(
1603 [AC_LANG_SOURCE([[
540d72c3 1604#include <stdlib.h>
1605#include <errno.h>
1606int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1607 ]])],
540d72c3 1608 [AC_MSG_RESULT(yes)],
08822d99 1609 [AC_DEFINE(BROKEN_SETRESGID, 1,
1610 [Define if your setresgid() is broken])
dfddba3d 1611 AC_MSG_RESULT(not implemented)],
1612 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1613 )
1614])
1615
3c0ef626 1616dnl Checks for time functions
1617AC_CHECK_FUNCS(gettimeofday time)
1618dnl Checks for utmp functions
1619AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1620AC_CHECK_FUNCS(utmpname)
1621dnl Checks for utmpx functions
1622AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1623AC_CHECK_FUNCS(setutxent utmpxname)
1624
540d72c3 1625AC_CHECK_FUNC(daemon,
08822d99 1626 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1627 [AC_CHECK_LIB(bsd, daemon,
1628 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1629)
1630
540d72c3 1631AC_CHECK_FUNC(getpagesize,
08822d99 1632 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1633 [Define if your libraries define getpagesize()])],
1634 [AC_CHECK_LIB(ucb, getpagesize,
1635 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1636)
1637
1638# Check for broken snprintf
1639if test "x$ac_cv_func_snprintf" = "xyes" ; then
1640 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1641 AC_RUN_IFELSE(
1642 [AC_LANG_SOURCE([[
3c0ef626 1643#include <stdio.h>
d03f4262 1644int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1645 ]])],
540d72c3 1646 [AC_MSG_RESULT(yes)],
3c0ef626 1647 [
1648 AC_MSG_RESULT(no)
08822d99 1649 AC_DEFINE(BROKEN_SNPRINTF, 1,
1650 [Define if your snprintf is busted])
3c0ef626 1651 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1652 ],
1653 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1654 )
1655fi
1656
08822d99 1657# If we don't have a working asprintf, then we strongly depend on vsnprintf
1658# returning the right thing on overflow: the number of characters it tried to
1659# create (as per SUSv3)
1660if test "x$ac_cv_func_asprintf" != "xyes" && \
1661 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1662 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1663 AC_RUN_IFELSE(
1664 [AC_LANG_SOURCE([[
1665#include <sys/types.h>
1666#include <stdio.h>
1667#include <stdarg.h>
1668
1669int x_snprintf(char *str,size_t count,const char *fmt,...)
1670{
1671 size_t ret; va_list ap;
1672 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1673 return ret;
1674}
1675int main(void)
1676{
1677 char x[1];
1678 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1679} ]])],
1680 [AC_MSG_RESULT(yes)],
1681 [
1682 AC_MSG_RESULT(no)
1683 AC_DEFINE(BROKEN_SNPRINTF, 1,
1684 [Define if your snprintf is busted])
1685 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1686 ],
1687 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1688 )
1689fi
1690
1691# On systems where [v]snprintf is broken, but is declared in stdio,
1692# check that the fmt argument is const char * or just char *.
1693# This is only useful for when BROKEN_SNPRINTF
1694AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1695AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1696 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1697 int main(void) { snprintf(0, 0, 0); }
1698 ]])],
1699 [AC_MSG_RESULT(yes)
1700 AC_DEFINE(SNPRINTF_CONST, [const],
1701 [Define as const if snprintf() can declare const char *fmt])],
1702 [AC_MSG_RESULT(no)
1703 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1704
7e82606e 1705# Check for missing getpeereid (or equiv) support
1706NO_PEERCHECK=""
fa0f0f45 1707if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
7e82606e 1708 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1709 AC_TRY_COMPILE(
1710 [#include <sys/types.h>
1711 #include <sys/socket.h>],
1712 [int i = SO_PEERCRED;],
8b32eddc 1713 [ AC_MSG_RESULT(yes)
08822d99 1714 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1715 ],
7e82606e 1716 [AC_MSG_RESULT(no)
1717 NO_PEERCHECK=1]
1718 )
1719fi
1720
bfe49944 1721dnl see whether mkstemp() requires XXXXXX
1722if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1723AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1724AC_RUN_IFELSE(
1725 [AC_LANG_SOURCE([[
bfe49944 1726#include <stdlib.h>
1727main() { char template[]="conftest.mkstemp-test";
1728if (mkstemp(template) == -1)
1729 exit(1);
1730unlink(template); exit(0);
1731}
08822d99 1732 ]])],
bfe49944 1733 [
1734 AC_MSG_RESULT(no)
1735 ],
540d72c3 1736 [
bfe49944 1737 AC_MSG_RESULT(yes)
08822d99 1738 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1739 ],
1740 [
1741 AC_MSG_RESULT(yes)
1742 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1743 ]
bfe49944 1744)
1745fi
1746
7cac2b65 1747dnl make sure that openpty does not reacquire controlling terminal
1748if test ! -z "$check_for_openpty_ctty_bug"; then
1749 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1750 AC_RUN_IFELSE(
1751 [AC_LANG_SOURCE([[
7cac2b65 1752#include <stdio.h>
1753#include <sys/fcntl.h>
1754#include <sys/types.h>
1755#include <sys/wait.h>
1756
1757int
1758main()
1759{
1760 pid_t pid;
1761 int fd, ptyfd, ttyfd, status;
1762
1763 pid = fork();
1764 if (pid < 0) { /* failed */
1765 exit(1);
1766 } else if (pid > 0) { /* parent */
1767 waitpid(pid, &status, 0);
540d72c3 1768 if (WIFEXITED(status))
7cac2b65 1769 exit(WEXITSTATUS(status));
1770 else
1771 exit(2);
1772 } else { /* child */
1773 close(0); close(1); close(2);
1774 setsid();
1775 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1776 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1777 if (fd >= 0)
1778 exit(3); /* Acquired ctty: broken */
1779 else
1780 exit(0); /* Did not acquire ctty: OK */
1781 }
1782}
08822d99 1783 ]])],
7cac2b65 1784 [
1785 AC_MSG_RESULT(yes)
1786 ],
1787 [
1788 AC_MSG_RESULT(no)
1789 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1790 ],
1791 [
1792 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1793 ]
1794 )
1795fi
1796
8b32eddc 1797if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1798 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1799 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1800 AC_RUN_IFELSE(
1801 [AC_LANG_SOURCE([[
12a403af 1802#include <stdio.h>
1803#include <sys/socket.h>
1804#include <netdb.h>
1805#include <errno.h>
1806#include <netinet/in.h>
1807
1808#define TEST_PORT "2222"
1809
1810int
1811main(void)
1812{
1813 int err, sock;
1814 struct addrinfo *gai_ai, *ai, hints;
1815 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1816
1817 memset(&hints, 0, sizeof(hints));
1818 hints.ai_family = PF_UNSPEC;
1819 hints.ai_socktype = SOCK_STREAM;
1820 hints.ai_flags = AI_PASSIVE;
1821
1822 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1823 if (err != 0) {
1824 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1825 exit(1);
1826 }
1827
1828 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1829 if (ai->ai_family != AF_INET6)
1830 continue;
1831
1832 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1833 sizeof(ntop), strport, sizeof(strport),
1834 NI_NUMERICHOST|NI_NUMERICSERV);
1835
1836 if (err != 0) {
1837 if (err == EAI_SYSTEM)
1838 perror("getnameinfo EAI_SYSTEM");
1839 else
1840 fprintf(stderr, "getnameinfo failed: %s\n",
1841 gai_strerror(err));
1842 exit(2);
1843 }
1844
1845 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1846 if (sock < 0)
1847 perror("socket");
1848 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1849 if (errno == EBADF)
1850 exit(3);
1851 }
1852 }
1853 exit(0);
1854}
08822d99 1855 ]])],
12a403af 1856 [
1857 AC_MSG_RESULT(yes)
1858 ],
1859 [
1860 AC_MSG_RESULT(no)
1861 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1862 ],
1863 [
1864 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1865 ]
1866 )
1867fi
1868
8b32eddc 1869if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1870 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1871 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1872 AC_RUN_IFELSE(
1873 [AC_LANG_SOURCE([[
dfddba3d 1874#include <stdio.h>
1875#include <sys/socket.h>
1876#include <netdb.h>
1877#include <errno.h>
1878#include <netinet/in.h>
1879
1880#define TEST_PORT "2222"
1881
1882int
1883main(void)
1884{
1885 int err, sock;
1886 struct addrinfo *gai_ai, *ai, hints;
1887 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1888
1889 memset(&hints, 0, sizeof(hints));
1890 hints.ai_family = PF_UNSPEC;
1891 hints.ai_socktype = SOCK_STREAM;
1892 hints.ai_flags = AI_PASSIVE;
1893
1894 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1895 if (err != 0) {
1896 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1897 exit(1);
1898 }
1899
1900 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1901 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1902 continue;
1903
1904 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1905 sizeof(ntop), strport, sizeof(strport),
1906 NI_NUMERICHOST|NI_NUMERICSERV);
1907
1908 if (ai->ai_family == AF_INET && err != 0) {
1909 perror("getnameinfo");
1910 exit(2);
1911 }
1912 }
1913 exit(0);
1914}
08822d99 1915 ]])],
dfddba3d 1916 [
1917 AC_MSG_RESULT(yes)
08822d99 1918 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1919 [Define if you have a getaddrinfo that fails
1920 for the all-zeros IPv6 address])
dfddba3d 1921 ],
1922 [
1923 AC_MSG_RESULT(no)
1924 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1925 ],
30460aeb 1926 [
08822d99 1927 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1928 ]
1929 )
1930fi
1931
1932if test "x$check_for_conflicting_getspnam" = "x1"; then
1933 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1934 AC_COMPILE_IFELSE(
1935 [
1936#include <shadow.h>
1937int main(void) {exit(0);}
1938 ],
1939 [
1940 AC_MSG_RESULT(no)
1941 ],
1942 [
1943 AC_MSG_RESULT(yes)
1944 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1945 [Conflicting defs for getspnam])
1946 ]
1947 )
1948fi
1949
3c0ef626 1950AC_FUNC_GETPGRP
1951
350391c5 1952# Search for OpenSSL
1953saved_CPPFLAGS="$CPPFLAGS"
1954saved_LDFLAGS="$LDFLAGS"
3c0ef626 1955AC_ARG_WITH(ssl-dir,
1956 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1957 [
1958 if test "x$withval" != "xno" ; then
dfddba3d 1959 case "$withval" in
1960 # Relative paths
1961 ./*|../*) withval="`pwd`/$withval"
1962 esac
350391c5 1963 if test -d "$withval/lib"; then
1964 if test -n "${need_dash_r}"; then
1965 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1966 else
1967 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1968 fi
1969 else
350391c5 1970 if test -n "${need_dash_r}"; then
1971 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1972 else
1973 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1974 fi
1975 fi
350391c5 1976 if test -d "$withval/include"; then
1977 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1978 else
350391c5 1979 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1980 fi
1981 fi
350391c5 1982 ]
1983)
9fb46e52 1984if test -z "$GLOBUS_LDFLAGS" ; then
540d72c3 1985LIBS="-lcrypto $LIBS"
22798398 1986fi
08822d99 1987AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1988 [Define if your ssl headers are included
1989 with #include <openssl/header.h>]),
3c0ef626 1990 [
350391c5 1991 dnl Check default openssl install dir
1992 if test -n "${need_dash_r}"; then
1993 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1994 else
350391c5 1995 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1996 fi
350391c5 1997 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1998 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1999 [
2000 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
2001 ]
2002 )
2003 ]
2004)
2005
d03f4262 2006# Determine OpenSSL header version
2007AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 2008AC_RUN_IFELSE(
2009 [AC_LANG_SOURCE([[
d03f4262 2010#include <stdio.h>
2011#include <string.h>
2012#include <openssl/opensslv.h>
2013#define DATA "conftest.sslincver"
2014int main(void) {
540d72c3 2015 FILE *fd;
2016 int rc;
d03f4262 2017
540d72c3 2018 fd = fopen(DATA,"w");
2019 if(fd == NULL)
2020 exit(1);
d03f4262 2021
2022 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
2023 exit(1);
2024
2025 exit(0);
2026}
dfddba3d 2027 ]])],
d03f4262 2028 [
2029 ssl_header_ver=`cat conftest.sslincver`
2030 AC_MSG_RESULT($ssl_header_ver)
2031 ],
2032 [
2033 AC_MSG_RESULT(not found)
2034 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 2035 ],
2036 [
2037 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2038 ]
2039)
2040
2041# Determine OpenSSL library version
2042AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 2043AC_RUN_IFELSE(
2044 [AC_LANG_SOURCE([[
d03f4262 2045#include <stdio.h>
2046#include <string.h>
2047#include <openssl/opensslv.h>
2048#include <openssl/crypto.h>
2049#define DATA "conftest.ssllibver"
2050int main(void) {
540d72c3 2051 FILE *fd;
2052 int rc;
d03f4262 2053
540d72c3 2054 fd = fopen(DATA,"w");
2055 if(fd == NULL)
2056 exit(1);
d03f4262 2057
2058 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2059 exit(1);
2060
2061 exit(0);
2062}
dfddba3d 2063 ]])],
d03f4262 2064 [
2065 ssl_library_ver=`cat conftest.ssllibver`
2066 AC_MSG_RESULT($ssl_library_ver)
2067 ],
2068 [
2069 AC_MSG_RESULT(not found)
2070 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 2071 ],
2072 [
2073 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2074 ]
2075)
3c0ef626 2076
0b90ac93 2077AC_ARG_WITH(openssl-header-check,
2078 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2079 [ if test "x$withval" = "xno" ; then
2080 openssl_check_nonfatal=1
2081 fi
2082 ]
2083)
2084
e9702f7d 2085# Sanity check OpenSSL headers
2086AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 2087AC_RUN_IFELSE(
2088 [AC_LANG_SOURCE([[
e9702f7d 2089#include <string.h>
2090#include <openssl/opensslv.h>
d03f4262 2091int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 2092 ]])],
e9702f7d 2093 [
2094 AC_MSG_RESULT(yes)
2095 ],
2096 [
2097 AC_MSG_RESULT(no)
0b90ac93 2098 if test "x$openssl_check_nonfatal" = "x"; then
2099 AC_MSG_ERROR([Your OpenSSL headers do not match your
2100library. Check config.log for details.
2101If you are sure your installation is consistent, you can disable the check
2102by running "./configure --without-openssl-header-check".
2103Also see contrib/findssl.sh for help identifying header/library mismatches.
2104])
2105 else
2106 AC_MSG_WARN([Your OpenSSL headers do not match your
2107library. Check config.log for details.
7cac2b65 2108Also see contrib/findssl.sh for help identifying header/library mismatches.])
0b90ac93 2109 fi
dfddba3d 2110 ],
2111 [
2112 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 2113 ]
2114)
2115
30460aeb 2116AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2117AC_LINK_IFELSE(
2118 [AC_LANG_SOURCE([[
2119#include <openssl/evp.h>
2120int main(void) { SSLeay_add_all_algorithms(); }
2121 ]])],
2122 [
2123 AC_MSG_RESULT(yes)
2124 ],
2125 [
2126 AC_MSG_RESULT(no)
2127 saved_LIBS="$LIBS"
2128 LIBS="$LIBS -ldl"
2129 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2130 AC_LINK_IFELSE(
2131 [AC_LANG_SOURCE([[
2132#include <openssl/evp.h>
2133int main(void) { SSLeay_add_all_algorithms(); }
2134 ]])],
2135 [
2136 AC_MSG_RESULT(yes)
2137 ],
2138 [
2139 AC_MSG_RESULT(no)
2140 LIBS="$saved_LIBS"
2141 ]
2142 )
2143 ]
2144)
2145
2146AC_ARG_WITH(ssl-engine,
2147 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2148 [ if test "x$withval" != "xno" ; then
2149 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2150 AC_TRY_COMPILE(
2151 [ #include <openssl/engine.h>],
2152 [
240debe0 2153ENGINE_load_builtin_engines();ENGINE_register_all_complete();
30460aeb 2154 ],
2155 [ AC_MSG_RESULT(yes)
2156 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2157 [Enable OpenSSL engine support])
2158 ],
2159 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2160 )
2161 fi ]
2162)
2163
08822d99 2164# Check for OpenSSL without EVP_aes_{192,256}_cbc
2165AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
30460aeb 2166AC_LINK_IFELSE(
08822d99 2167 [AC_LANG_SOURCE([[
2168#include <string.h>
2169#include <openssl/evp.h>
4b6dae8f 2170int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
08822d99 2171 ]])],
2172 [
2173 AC_MSG_RESULT(no)
2174 ],
2175 [
2176 AC_MSG_RESULT(yes)
2177 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2178 [libcrypto is missing AES 192 and 256 bit functions])
2179 ]
2180)
2181
540d72c3 2182# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2183# because the system crypt() is more featureful.
2184if test "x$check_for_libcrypt_before" = "x1"; then
2185 AC_CHECK_LIB(crypt, crypt)
2186fi
2187
2188# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2189# version in OpenSSL.
7cac2b65 2190if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2191 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2192fi
2193
30460aeb 2194# Search for SHA256 support in libc and/or OpenSSL
2195AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2196
fa0f0f45 2197saved_LIBS="$LIBS"
2198AC_CHECK_LIB(iaf, ia_openinfo, [
2199 LIBS="$LIBS -liaf"
e74dc197 2200 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2201 AC_DEFINE(HAVE_LIBIAF, 1,
2202 [Define if system has libiaf that supports set_id])
2203 ])
fa0f0f45 2204])
2205LIBS="$saved_LIBS"
e9702f7d 2206
2207### Configure cryptographic random number support
2208
2209# Check wheter OpenSSL seeds itself
2210AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2211AC_RUN_IFELSE(
2212 [AC_LANG_SOURCE([[
e9702f7d 2213#include <string.h>
2214#include <openssl/rand.h>
d03f4262 2215int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2216 ]])],
e9702f7d 2217 [
2218 OPENSSL_SEEDS_ITSELF=yes
2219 AC_MSG_RESULT(yes)
2220 ],
2221 [
2222 AC_MSG_RESULT(no)
2223 # Default to use of the rand helper if OpenSSL doesn't
2224 # seed itself
2225 USE_RAND_HELPER=yes
dfddba3d 2226 ],
2227 [
2228 AC_MSG_WARN([cross compiling: assuming yes])
2229 # This is safe, since all recent OpenSSL versions will
8b32eddc 2230 # complain at runtime if not seeded correctly.
dfddba3d 2231 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2232 ]
2233)
2234
30460aeb 2235# Check for PAM libs
2236PAM_MSG="no"
2237AC_ARG_WITH(pam,
2238 [ --with-pam Enable PAM support ],
2239 [
2240 if test "x$withval" != "xno" ; then
2241 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2242 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2243 AC_MSG_ERROR([PAM headers not found])
2244 fi
2245
2246 saved_LIBS="$LIBS"
2247 AC_CHECK_LIB(dl, dlopen, , )
2248 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2249 AC_CHECK_FUNCS(pam_getenvlist)
2250 AC_CHECK_FUNCS(pam_putenv)
2251 LIBS="$saved_LIBS"
2252
2253 PAM_MSG="yes"
2254
fa0f0f45 2255 SSHDLIBS="$SSHDLIBS -lpam"
30460aeb 2256 AC_DEFINE(USE_PAM, 1,
2257 [Define if you want to enable PAM support])
2258
2259 if test $ac_cv_lib_dl_dlopen = yes; then
2260 case "$LIBS" in
2261 *-ldl*)
2262 # libdl already in LIBS
2263 ;;
2264 *)
fa0f0f45 2265 SSHDLIBS="$SSHDLIBS -ldl"
30460aeb 2266 ;;
2267 esac
2268 fi
30460aeb 2269 fi
2270 ]
2271)
2272
2273# Check for older PAM
2274if test "x$PAM_MSG" = "xyes" ; then
2275 # Check PAM strerror arguments (old PAM)
2276 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2277 AC_TRY_COMPILE(
2278 [
2279#include <stdlib.h>
2280#if defined(HAVE_SECURITY_PAM_APPL_H)
2281#include <security/pam_appl.h>
2282#elif defined (HAVE_PAM_PAM_APPL_H)
2283#include <pam/pam_appl.h>
2284#endif
2285 ],
2286 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2287 [AC_MSG_RESULT(no)],
2288 [
2289 AC_DEFINE(HAVE_OLD_PAM, 1,
2290 [Define if you have an old version of PAM
2291 which takes only one argument to pam_strerror])
2292 AC_MSG_RESULT(yes)
2293 PAM_MSG="yes (old library)"
2294 ]
2295 )
2296fi
e9702f7d 2297
2298# Do we want to force the use of the rand helper?
2299AC_ARG_WITH(rand-helper,
2300 [ --with-rand-helper Use subprocess to gather strong randomness ],
2301 [
2302 if test "x$withval" = "xno" ; then
540d72c3 2303 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2304 # the previous test showed it to be unseeded.
2305 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2306 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2307 OPENSSL_SEEDS_ITSELF=yes
2308 USE_RAND_HELPER=""
2309 fi
2310 else
2311 USE_RAND_HELPER=yes
2312 fi
2313 ],
8b32eddc 2314)
e9702f7d 2315
2316# Which randomness source do we use?
8b32eddc 2317if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2318 # OpenSSL only
08822d99 2319 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2320 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2321 RAND_MSG="OpenSSL internal ONLY"
2322 INSTALL_SSH_RAND_HELPER=""
2323elif test ! -z "$USE_RAND_HELPER" ; then
2324 # install rand helper
2325 RAND_MSG="ssh-rand-helper"
2326 INSTALL_SSH_RAND_HELPER="yes"
2327fi
2328AC_SUBST(INSTALL_SSH_RAND_HELPER)
2329
2330### Configuration of ssh-rand-helper
2331
2332# PRNGD TCP socket
2333AC_ARG_WITH(prngd-port,
2334 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2335 [
2336 case "$withval" in
2337 no)
2338 withval=""
2339 ;;
2340 [[0-9]]*)
2341 ;;
2342 *)
2343 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2344 ;;
2345 esac
2346 if test ! -z "$withval" ; then
2347 PRNGD_PORT="$withval"
08822d99 2348 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2349 [Port number of PRNGD/EGD random number socket])
e9702f7d 2350 fi
2351 ]
2352)
2353
2354# PRNGD Unix domain socket
2355AC_ARG_WITH(prngd-socket,
2356 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2357 [
2358 case "$withval" in
2359 yes)
2360 withval="/var/run/egd-pool"
2361 ;;
2362 no)
2363 withval=""
2364 ;;
2365 /*)
2366 ;;
2367 *)
2368 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2369 ;;
2370 esac
2371
2372 if test ! -z "$withval" ; then
2373 if test ! -z "$PRNGD_PORT" ; then
2374 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2375 fi
2376 if test ! -r "$withval" ; then
2377 AC_MSG_WARN(Entropy socket is not readable)
2378 fi
2379 PRNGD_SOCKET="$withval"
08822d99 2380 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2381 [Location of PRNGD/EGD random number socket])
e9702f7d 2382 fi
2383 ],
2384 [
2385 # Check for existing socket only if we don't have a random device already
2386 if test "$USE_RAND_HELPER" = yes ; then
2387 AC_MSG_CHECKING(for PRNGD/EGD socket)
2388 # Insert other locations here
2389 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2390 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2391 PRNGD_SOCKET="$sock"
2392 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2393 break;
2394 fi
2395 done
2396 if test ! -z "$PRNGD_SOCKET" ; then
2397 AC_MSG_RESULT($PRNGD_SOCKET)
2398 else
2399 AC_MSG_RESULT(not found)
2400 fi
2401 fi
2402 ]
2403)
2404
2405# Change default command timeout for hashing entropy source
2406entropy_timeout=200
2407AC_ARG_WITH(entropy-timeout,
2408 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2409 [
8b32eddc 2410 if test -n "$withval" && test "x$withval" != "xno" && \
2411 test "x${withval}" != "xyes"; then
e9702f7d 2412 entropy_timeout=$withval
2413 fi
8b32eddc 2414 ]
e9702f7d 2415)
08822d99 2416AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2417 [Builtin PRNG command timeout])
e9702f7d 2418
276b07a3 2419SSH_PRIVSEP_USER=sshd
350391c5 2420AC_ARG_WITH(privsep-user,
2421 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2422 [
8b32eddc 2423 if test -n "$withval" && test "x$withval" != "xno" && \
2424 test "x${withval}" != "xyes"; then
276b07a3 2425 SSH_PRIVSEP_USER=$withval
350391c5 2426 fi
8b32eddc 2427 ]
350391c5 2428)
08822d99 2429AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2430 [non-privileged user for privilege separation])
276b07a3 2431AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2432
2433# We do this little dance with the search path to insure
2434# that programs that we select for use by installed programs
2435# (which may be run by the super-user) come from trusted
2436# locations before they come from the user's private area.
2437# This should help avoid accidentally configuring some
2438# random version of a program in someone's personal bin.
2439
2440OPATH=$PATH
2441PATH=/bin:/usr/bin
2442test -h /bin 2> /dev/null && PATH=/usr/bin
2443test -d /sbin && PATH=$PATH:/sbin
2444test -d /usr/sbin && PATH=$PATH:/usr/sbin
2445PATH=$PATH:/etc:$OPATH
2446
540d72c3 2447# These programs are used by the command hashing source to gather entropy
e9702f7d 2448OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2449OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2450OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2451OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2452OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2453OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2454OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2455OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2456OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2457OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2458OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2459OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2460OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2461OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2462OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2463OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2464# restore PATH
2465PATH=$OPATH
e9702f7d 2466
2467# Where does ssh-rand-helper get its randomness from?
2468INSTALL_SSH_PRNG_CMDS=""
2469if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2470 if test ! -z "$PRNGD_PORT" ; then
2471 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2472 elif test ! -z "$PRNGD_SOCKET" ; then
2473 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2474 else
2475 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2476 RAND_HELPER_CMDHASH=yes
2477 INSTALL_SSH_PRNG_CMDS="yes"
2478 fi
2479fi
2480AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2481
2482
3c0ef626 2483# Cheap hack to ensure NEWS-OS libraries are arranged right.
2484if test ! -z "$SONY" ; then
2485 LIBS="$LIBS -liberty";
2486fi
2487
08822d99 2488# Check for long long datatypes
2489AC_CHECK_TYPES([long long, unsigned long long, long double])
2490
2491# Check datatype sizes
3c0ef626 2492AC_CHECK_SIZEOF(char, 1)
2493AC_CHECK_SIZEOF(short int, 2)
2494AC_CHECK_SIZEOF(int, 4)
2495AC_CHECK_SIZEOF(long int, 4)
2496AC_CHECK_SIZEOF(long long int, 8)
2497
350391c5 2498# Sanity check long long for some platforms (AIX)
2499if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2500 ac_cv_sizeof_long_long_int=0
2501fi
2502
08822d99 2503# compute LLONG_MIN and LLONG_MAX if we don't know them.
2504if test -z "$have_llong_max"; then
2505 AC_MSG_CHECKING([for max value of long long])
2506 AC_RUN_IFELSE(
2507 [AC_LANG_SOURCE([[
2508#include <stdio.h>
2509/* Why is this so damn hard? */
2510#ifdef __GNUC__
2511# undef __GNUC__
2512#endif
2513#define __USE_ISOC99
2514#include <limits.h>
2515#define DATA "conftest.llminmax"
30460aeb 2516#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2517
2518/*
2519 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2520 * we do this the hard way.
2521 */
2522static int
2523fprint_ll(FILE *f, long long n)
2524{
2525 unsigned int i;
2526 int l[sizeof(long long) * 8];
2527
2528 if (n < 0)
2529 if (fprintf(f, "-") < 0)
2530 return -1;
2531 for (i = 0; n != 0; i++) {
2532 l[i] = my_abs(n % 10);
2533 n /= 10;
2534 }
2535 do {
2536 if (fprintf(f, "%d", l[--i]) < 0)
2537 return -1;
2538 } while (i != 0);
2539 if (fprintf(f, " ") < 0)
2540 return -1;
2541 return 0;
2542}
2543
08822d99 2544int main(void) {
2545 FILE *f;
2546 long long i, llmin, llmax = 0;
2547
2548 if((f = fopen(DATA,"w")) == NULL)
2549 exit(1);
2550
2551#if defined(LLONG_MIN) && defined(LLONG_MAX)
2552 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2553 llmin = LLONG_MIN;
2554 llmax = LLONG_MAX;
2555#else
2556 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2557 /* This will work on one's complement and two's complement */
2558 for (i = 1; i > llmax; i <<= 1, i++)
2559 llmax = i;
2560 llmin = llmax + 1LL; /* wrap */
2561#endif
2562
2563 /* Sanity check */
2564 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
30460aeb 2565 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2566 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
08822d99 2567 fprintf(f, "unknown unknown\n");
2568 exit(2);
2569 }
2570
30460aeb 2571 if (fprint_ll(f, llmin) < 0)
08822d99 2572 exit(3);
30460aeb 2573 if (fprint_ll(f, llmax) < 0)
2574 exit(4);
2575 if (fclose(f) < 0)
2576 exit(5);
08822d99 2577 exit(0);
2578}
2579 ]])],
2580 [
2581 llong_min=`$AWK '{print $1}' conftest.llminmax`
2582 llong_max=`$AWK '{print $2}' conftest.llminmax`
2583
08822d99 2584 AC_MSG_RESULT($llong_max)
2585 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2586 [max value of long long calculated by configure])
2587 AC_MSG_CHECKING([for min value of long long])
2588 AC_MSG_RESULT($llong_min)
2589 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2590 [min value of long long calculated by configure])
2591 ],
2592 [
2593 AC_MSG_RESULT(not found)
2594 ],
2595 [
2596 AC_MSG_WARN([cross compiling: not checking])
2597 ]
2598 )
2599fi
2600
2601
3c0ef626 2602# More checks for data types
2603AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2604 AC_TRY_COMPILE(
540d72c3 2605 [ #include <sys/types.h> ],
2606 [ u_int a; a = 1;],
3c0ef626 2607 [ ac_cv_have_u_int="yes" ],
2608 [ ac_cv_have_u_int="no" ]
2609 )
2610])
2611if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2612 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2613 have_u_int=1
2614fi
2615
2616AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2617 AC_TRY_COMPILE(
540d72c3 2618 [ #include <sys/types.h> ],
2619 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2620 [ ac_cv_have_intxx_t="yes" ],
2621 [ ac_cv_have_intxx_t="no" ]
2622 )
2623])
2624if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2625 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2626 have_intxx_t=1
2627fi
2628
2629if (test -z "$have_intxx_t" && \
540d72c3 2630 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2631then
2632 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2633 AC_TRY_COMPILE(
540d72c3 2634 [ #include <stdint.h> ],
2635 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2636 [
2637 AC_DEFINE(HAVE_INTXX_T)
2638 AC_MSG_RESULT(yes)
2639 ],
2640 [ AC_MSG_RESULT(no) ]
2641 )
2642fi
2643
2644AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2645 AC_TRY_COMPILE(
d03f4262 2646 [
2647#include <sys/types.h>
2648#ifdef HAVE_STDINT_H
2649# include <stdint.h>
2650#endif
2651#include <sys/socket.h>
2652#ifdef HAVE_SYS_BITYPES_H
2653# include <sys/bitypes.h>
2654#endif
540d72c3 2655 ],
2656 [ int64_t a; a = 1;],
3c0ef626 2657 [ ac_cv_have_int64_t="yes" ],
2658 [ ac_cv_have_int64_t="no" ]
2659 )
2660])
2661if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2662 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2663fi
2664
3c0ef626 2665AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2666 AC_TRY_COMPILE(
540d72c3 2667 [ #include <sys/types.h> ],
2668 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2669 [ ac_cv_have_u_intxx_t="yes" ],
2670 [ ac_cv_have_u_intxx_t="no" ]
2671 )
2672])
2673if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2674 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2675 have_u_intxx_t=1
2676fi
2677
2678if test -z "$have_u_intxx_t" ; then
2679 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2680 AC_TRY_COMPILE(
540d72c3 2681 [ #include <sys/socket.h> ],
2682 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2683 [
2684 AC_DEFINE(HAVE_U_INTXX_T)
2685 AC_MSG_RESULT(yes)
2686 ],
2687 [ AC_MSG_RESULT(no) ]
2688 )
2689fi
2690
2691AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2692 AC_TRY_COMPILE(
540d72c3 2693 [ #include <sys/types.h> ],
2694 [ u_int64_t a; a = 1;],
3c0ef626 2695 [ ac_cv_have_u_int64_t="yes" ],
2696 [ ac_cv_have_u_int64_t="no" ]
2697 )
2698])
2699if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2700 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2701 have_u_int64_t=1
2702fi
2703
e9702f7d 2704if test -z "$have_u_int64_t" ; then
2705 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2706 AC_TRY_COMPILE(
540d72c3 2707 [ #include <sys/bitypes.h> ],
e9702f7d 2708 [ u_int64_t a; a = 1],
2709 [
2710 AC_DEFINE(HAVE_U_INT64_T)
2711 AC_MSG_RESULT(yes)
2712 ],
2713 [ AC_MSG_RESULT(no) ]
2714 )
2715fi
2716
3c0ef626 2717if test -z "$have_u_intxx_t" ; then
2718 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2719 AC_TRY_COMPILE(
2720 [
2721#include <sys/types.h>
540d72c3 2722 ],
2723 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2724 [ ac_cv_have_uintxx_t="yes" ],
2725 [ ac_cv_have_uintxx_t="no" ]
2726 )
2727 ])
2728 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2729 AC_DEFINE(HAVE_UINTXX_T, 1,
2730 [define if you have uintxx_t data type])
3c0ef626 2731 fi
2732fi
2733
2734if test -z "$have_uintxx_t" ; then
2735 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2736 AC_TRY_COMPILE(
540d72c3 2737 [ #include <stdint.h> ],
2738 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2739 [
2740 AC_DEFINE(HAVE_UINTXX_T)
2741 AC_MSG_RESULT(yes)
2742 ],
2743 [ AC_MSG_RESULT(no) ]
2744 )
2745fi
2746
2747if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2748 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2749then
2750 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2751 AC_TRY_COMPILE(
2752 [
2753#include <sys/bitypes.h>
540d72c3 2754 ],
3c0ef626 2755 [
2756 int8_t a; int16_t b; int32_t c;
2757 u_int8_t e; u_int16_t f; u_int32_t g;
2758 a = b = c = e = f = g = 1;
540d72c3 2759 ],
3c0ef626 2760 [
2761 AC_DEFINE(HAVE_U_INTXX_T)
2762 AC_DEFINE(HAVE_INTXX_T)
2763 AC_MSG_RESULT(yes)
2764 ],
2765 [AC_MSG_RESULT(no)]
540d72c3 2766 )
3c0ef626 2767fi
2768
2769
2770AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2771 AC_TRY_COMPILE(
2772 [
2773#include <sys/types.h>
2774 ],
2775 [ u_char foo; foo = 125; ],
2776 [ ac_cv_have_u_char="yes" ],
2777 [ ac_cv_have_u_char="no" ]
2778 )
2779])
2780if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2781 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2782fi
2783
2784TYPE_SOCKLEN_T
2785
e9702f7d 2786AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2787
dfddba3d 2788AC_CHECK_TYPES(in_addr_t,,,
2789[#include <sys/types.h>
2790#include <netinet/in.h>])
2791
3c0ef626 2792AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2793 AC_TRY_COMPILE(
2794 [
2795#include <sys/types.h>
2796 ],
2797 [ size_t foo; foo = 1235; ],
2798 [ ac_cv_have_size_t="yes" ],
2799 [ ac_cv_have_size_t="no" ]
2800 )
2801])
2802if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2803 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2804fi
2805
2806AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2807 AC_TRY_COMPILE(
2808 [
2809#include <sys/types.h>
2810 ],
2811 [ ssize_t foo; foo = 1235; ],
2812 [ ac_cv_have_ssize_t="yes" ],
2813 [ ac_cv_have_ssize_t="no" ]
2814 )
2815])
2816if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2817 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2818fi
2819
2820AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2821 AC_TRY_COMPILE(
2822 [
2823#include <time.h>
2824 ],
2825 [ clock_t foo; foo = 1235; ],
2826 [ ac_cv_have_clock_t="yes" ],
2827 [ ac_cv_have_clock_t="no" ]
2828 )
2829])
2830if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2831 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2832fi
2833
2834AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2835 AC_TRY_COMPILE(
2836 [
2837#include <sys/types.h>
2838#include <sys/socket.h>
2839 ],
2840 [ sa_family_t foo; foo = 1235; ],
2841 [ ac_cv_have_sa_family_t="yes" ],
2842 [ AC_TRY_COMPILE(
2843 [
2844#include <sys/types.h>
2845#include <sys/socket.h>
2846#include <netinet/in.h>
2847 ],
2848 [ sa_family_t foo; foo = 1235; ],
2849 [ ac_cv_have_sa_family_t="yes" ],
2850
2851 [ ac_cv_have_sa_family_t="no" ]
2852 )]
2853 )
2854])
2855if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2856 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2857 [define if you have sa_family_t data type])
3c0ef626 2858fi
2859
2860AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2861 AC_TRY_COMPILE(
2862 [
2863#include <sys/types.h>
2864 ],
2865 [ pid_t foo; foo = 1235; ],
2866 [ ac_cv_have_pid_t="yes" ],
2867 [ ac_cv_have_pid_t="no" ]
2868 )
2869])
2870if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2871 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2872fi
2873
2874AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2875 AC_TRY_COMPILE(
2876 [
2877#include <sys/types.h>
2878 ],
2879 [ mode_t foo; foo = 1235; ],
2880 [ ac_cv_have_mode_t="yes" ],
2881 [ ac_cv_have_mode_t="no" ]
2882 )
2883])
2884if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2885 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2886fi
2887
2888
2889AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2890 AC_TRY_COMPILE(
2891 [
2892#include <sys/types.h>
2893#include <sys/socket.h>
2894 ],
2895 [ struct sockaddr_storage s; ],
2896 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2897 [ ac_cv_have_struct_sockaddr_storage="no" ]
2898 )
2899])
2900if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2901 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2902 [define if you have struct sockaddr_storage data type])
3c0ef626 2903fi
2904
2905AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2906 AC_TRY_COMPILE(
2907 [
2908#include <sys/types.h>
2909#include <netinet/in.h>
2910 ],
2911 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2912 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2913 [ ac_cv_have_struct_sockaddr_in6="no" ]
2914 )
2915])
2916if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2917 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2918 [define if you have struct sockaddr_in6 data type])
3c0ef626 2919fi
2920
2921AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2922 AC_TRY_COMPILE(
2923 [
2924#include <sys/types.h>
2925#include <netinet/in.h>
2926 ],
2927 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2928 [ ac_cv_have_struct_in6_addr="yes" ],
2929 [ ac_cv_have_struct_in6_addr="no" ]
2930 )
2931])
2932if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2933 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2934 [define if you have struct in6_addr data type])
3c0ef626 2935fi
2936
2937AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2938 AC_TRY_COMPILE(
2939 [
2940#include <sys/types.h>
2941#include <sys/socket.h>
2942#include <netdb.h>
2943 ],
2944 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2945 [ ac_cv_have_struct_addrinfo="yes" ],
2946 [ ac_cv_have_struct_addrinfo="no" ]
2947 )
2948])
2949if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2950 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2951 [define if you have struct addrinfo data type])
3c0ef626 2952fi
2953
2954AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2955 AC_TRY_COMPILE(
540d72c3 2956 [ #include <sys/time.h> ],
2957 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2958 [ ac_cv_have_struct_timeval="yes" ],
2959 [ ac_cv_have_struct_timeval="no" ]
2960 )
2961])
2962if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2963 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2964 have_struct_timeval=1
2965fi
2966
bfe49944 2967AC_CHECK_TYPES(struct timespec)
2968
2969# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2970if test "x$ac_cv_have_int64_t" = "xno" && \
2971 test "x$ac_cv_sizeof_long_int" != "x8" && \
2972 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2973 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2974 echo "an alternative compiler (I.E., GCC) before continuing."
2975 echo ""
2976 exit 1;
3c0ef626 2977else
2978dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2979 AC_RUN_IFELSE(
2980 [AC_LANG_SOURCE([[
3c0ef626 2981#include <stdio.h>
2982#include <string.h>
2983#ifdef HAVE_SNPRINTF
2984main()
2985{
2986 char buf[50];
2987 char expected_out[50];
2988 int mazsize = 50 ;
2989#if (SIZEOF_LONG_INT == 8)
2990 long int num = 0x7fffffffffffffff;
2991#else
2992 long long num = 0x7fffffffffffffffll;
2993#endif
2994 strcpy(expected_out, "9223372036854775807");
2995 snprintf(buf, mazsize, "%lld", num);
2996 if(strcmp(buf, expected_out) != 0)
540d72c3 2997 exit(1);
3c0ef626 2998 exit(0);
2999}
3000#else
3001main() { exit(0); }
3002#endif
dfddba3d 3003 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
3004 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 3005 )
3006fi
3c0ef626 3007
3008dnl Checks for structure members
3009OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
3010OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
3011OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
3012OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
3013OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
3014OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
3015OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
3016OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
3017OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
3018OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
3019OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
3020OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
3021OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
3022OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
3023OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
3024OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
3025OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
3026
3027AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 3028AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
3029 [Define if we don't have struct __res_state in resolv.h])],
3030[
3031#include <stdio.h>
3032#if HAVE_SYS_TYPES_H
3033# include <sys/types.h>
3034#endif
3035#include <netinet/in.h>
3036#include <arpa/nameser.h>
3037#include <resolv.h>
3038])
3c0ef626 3039
3040AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
3041 ac_cv_have_ss_family_in_struct_ss, [
3042 AC_TRY_COMPILE(
3043 [
3044#include <sys/types.h>
3045#include <sys/socket.h>
3046 ],
3047 [ struct sockaddr_storage s; s.ss_family = 1; ],
3048 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
3049 [ ac_cv_have_ss_family_in_struct_ss="no" ],
3050 )
3051])
3052if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 3053 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 3054fi
3055
3056AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
3057 ac_cv_have___ss_family_in_struct_ss, [
3058 AC_TRY_COMPILE(
3059 [
3060#include <sys/types.h>
3061#include <sys/socket.h>
3062 ],
3063 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3064 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3065 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3066 )
3067])
3068if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 3069 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3070 [Fields in struct sockaddr_storage])
3c0ef626 3071fi
3072
3073AC_CACHE_CHECK([for pw_class field in struct passwd],
3074 ac_cv_have_pw_class_in_struct_passwd, [
3075 AC_TRY_COMPILE(
3076 [
3077#include <pwd.h>
3078 ],
3079 [ struct passwd p; p.pw_class = 0; ],
3080 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3081 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3082 )
3083])
3084if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 3085 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3086 [Define if your password has a pw_class field])
3c0ef626 3087fi
3088
3089AC_CACHE_CHECK([for pw_expire field in struct passwd],
3090 ac_cv_have_pw_expire_in_struct_passwd, [
3091 AC_TRY_COMPILE(
3092 [
3093#include <pwd.h>
3094 ],
3095 [ struct passwd p; p.pw_expire = 0; ],
3096 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3097 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3098 )
3099])
3100if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 3101 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3102 [Define if your password has a pw_expire field])
3c0ef626 3103fi
3104
3105AC_CACHE_CHECK([for pw_change field in struct passwd],
3106 ac_cv_have_pw_change_in_struct_passwd, [
3107 AC_TRY_COMPILE(
3108 [
3109#include <pwd.h>
3110 ],
3111 [ struct passwd p; p.pw_change = 0; ],
3112 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3113 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3114 )
3115])
3116if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 3117 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3118 [Define if your password has a pw_change field])
3c0ef626 3119fi
3120
541874c2 3121dnl make sure we're using the real structure members and not defines
350391c5 3122AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3123 ac_cv_have_accrights_in_msghdr, [
dfddba3d 3124 AC_COMPILE_IFELSE(
350391c5 3125 [
3126#include <sys/types.h>
3127#include <sys/socket.h>
3128#include <sys/uio.h>
541874c2 3129int main() {
3130#ifdef msg_accrights
dfddba3d 3131#error "msg_accrights is a macro"
541874c2 3132exit(1);
3133#endif
3134struct msghdr m;
3135m.msg_accrights = 0;
3136exit(0);
3137}
350391c5 3138 ],
350391c5 3139 [ ac_cv_have_accrights_in_msghdr="yes" ],
3140 [ ac_cv_have_accrights_in_msghdr="no" ]
3141 )
3142])
3143if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 3144 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3145 [Define if your system uses access rights style
3146 file descriptor passing])
350391c5 3147fi
3148
3149AC_CACHE_CHECK([for msg_control field in struct msghdr],
3150 ac_cv_have_control_in_msghdr, [
dfddba3d 3151 AC_COMPILE_IFELSE(
350391c5 3152 [
3153#include <sys/types.h>
3154#include <sys/socket.h>
3155#include <sys/uio.h>
541874c2 3156int main() {
3157#ifdef msg_control
dfddba3d 3158#error "msg_control is a macro"
541874c2 3159exit(1);
3160#endif
3161struct msghdr m;
3162m.msg_control = 0;
3163exit(0);
3164}
350391c5 3165 ],
350391c5 3166 [ ac_cv_have_control_in_msghdr="yes" ],
3167 [ ac_cv_have_control_in_msghdr="no" ]
3168 )
3169])
3170if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 3171 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3172 [Define if your system uses ancillary data style
3173 file descriptor passing])
350391c5 3174fi
3175
3c0ef626 3176AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 3177 AC_TRY_LINK([],
3178 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3179 [ ac_cv_libc_defines___progname="yes" ],
3180 [ ac_cv_libc_defines___progname="no" ]
3181 )
3182])
3183if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 3184 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3185fi
3186
350391c5 3187AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3188 AC_TRY_LINK([
3189#include <stdio.h>
540d72c3 3190],
3191 [ printf("%s", __FUNCTION__); ],
350391c5 3192 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3193 [ ac_cv_cc_implements___FUNCTION__="no" ]
3194 )
3195])
3196if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 3197 AC_DEFINE(HAVE___FUNCTION__, 1,
3198 [Define if compiler implements __FUNCTION__])
350391c5 3199fi
3200
3201AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3202 AC_TRY_LINK([
3203#include <stdio.h>
540d72c3 3204],
3205 [ printf("%s", __func__); ],
350391c5 3206 [ ac_cv_cc_implements___func__="yes" ],
3207 [ ac_cv_cc_implements___func__="no" ]
3208 )
3209])
3210if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 3211 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3212fi
3213
3214AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3215 AC_TRY_LINK(
3216 [#include <stdarg.h>
3217 va_list x,y;],
3218 [va_copy(x,y);],
3219 [ ac_cv_have_va_copy="yes" ],
3220 [ ac_cv_have_va_copy="no" ]
3221 )
3222])
3223if test "x$ac_cv_have_va_copy" = "xyes" ; then
3224 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3225fi
3226
3227AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3228 AC_TRY_LINK(
3229 [#include <stdarg.h>
3230 va_list x,y;],
3231 [__va_copy(x,y);],
3232 [ ac_cv_have___va_copy="yes" ],
3233 [ ac_cv_have___va_copy="no" ]
3234 )
3235])
3236if test "x$ac_cv_have___va_copy" = "xyes" ; then
3237 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 3238fi
3239
3c0ef626 3240AC_CACHE_CHECK([whether getopt has optreset support],
3241 ac_cv_have_getopt_optreset, [
3242 AC_TRY_LINK(
3243 [
3244#include <getopt.h>
3245 ],
3246 [ extern int optreset; optreset = 0; ],
3247 [ ac_cv_have_getopt_optreset="yes" ],
3248 [ ac_cv_have_getopt_optreset="no" ]
3249 )
3250])
3251if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 3252 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3253 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3254fi
3255
3256AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 3257 AC_TRY_LINK([],
3258 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3259 [ ac_cv_libc_defines_sys_errlist="yes" ],
3260 [ ac_cv_libc_defines_sys_errlist="no" ]
3261 )
3262])
3263if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 3264 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3265 [Define if your system defines sys_errlist[]])
3c0ef626 3266fi
3267
3268
3269AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3270 AC_TRY_LINK([],
3271 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3272 [ ac_cv_libc_defines_sys_nerr="yes" ],
3273 [ ac_cv_libc_defines_sys_nerr="no" ]
3274 )
3275])
3276if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3277 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3278fi
3279
540d72c3 3280SCARD_MSG="no"
350391c5 3281# Check whether user wants sectok support
3282AC_ARG_WITH(sectok,
3283 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3284 [
3285 if test "x$withval" != "xno" ; then
3286 if test "x$withval" != "xyes" ; then
3287 CPPFLAGS="$CPPFLAGS -I${withval}"
3288 LDFLAGS="$LDFLAGS -L${withval}"
3289 if test ! -z "$need_dash_r" ; then
3290 LDFLAGS="$LDFLAGS -R${withval}"
3291 fi
3292 if test ! -z "$blibpath" ; then
3293 blibpath="$blibpath:${withval}"
3294 fi
3295 fi
3296 AC_CHECK_HEADERS(sectok.h)
3297 if test "$ac_cv_header_sectok_h" != yes; then
3298 AC_MSG_ERROR(Can't find sectok.h)
3299 fi
3300 AC_CHECK_LIB(sectok, sectok_open)
3301 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3302 AC_MSG_ERROR(Can't find libsectok)
3303 fi
08822d99 3304 AC_DEFINE(SMARTCARD, 1,
3305 [Define if you want smartcard support])
3306 AC_DEFINE(USE_SECTOK, 1,
3307 [Define if you want smartcard support
3308 using sectok])
540d72c3 3309 SCARD_MSG="yes, using sectok"
3c0ef626 3310 fi
3311 ]
3312)
3313
350391c5 3314# Check whether user wants OpenSC support
8b32eddc 3315OPENSC_CONFIG="no"
350391c5 3316AC_ARG_WITH(opensc,
08822d99 3317 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3318 [
3319 if test "x$withval" != "xno" ; then
3320 if test "x$withval" != "xyes" ; then
3321 OPENSC_CONFIG=$withval/bin/opensc-config
3322 else
3323 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3324 fi
3325 if test "$OPENSC_CONFIG" != "no"; then
3326 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3327 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3328 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
30460aeb 3329 LIBS="$LIBS $LIBOPENSC_LIBS"
8b32eddc 3330 AC_DEFINE(SMARTCARD)
08822d99 3331 AC_DEFINE(USE_OPENSC, 1,
3332 [Define if you want smartcard support
3333 using OpenSC])
8b32eddc 3334 SCARD_MSG="yes, using OpenSC"
3335 fi
3336 fi
3337 ]
3338)
350391c5 3339
540d72c3 3340# Check libraries needed by DNS fingerprint support
3341AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3342 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3343 [Define if getrrsetbyname() exists])],
7cac2b65 3344 [
540d72c3 3345 # Needed by our getrrsetbyname()
3346 AC_SEARCH_LIBS(res_query, resolv)
3347 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3348 AC_MSG_CHECKING(if res_query will link)
3349 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3350 [AC_MSG_RESULT(no)
3351 saved_LIBS="$LIBS"
3352 LIBS="$LIBS -lresolv"
3353 AC_MSG_CHECKING(for res_query in -lresolv)
3354 AC_LINK_IFELSE([
3355#include <resolv.h>
3356int main()
3357{
3358 res_query (0, 0, 0, 0, 0);
3359 return 0;
3360}
3361 ],
3362 [LIBS="$LIBS -lresolv"
3363 AC_MSG_RESULT(yes)],
3364 [LIBS="$saved_LIBS"
3365 AC_MSG_RESULT(no)])
3366 ])
540d72c3 3367 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3368 AC_CHECK_DECLS([_getshort, _getlong], , ,
3369 [#include <sys/types.h>
3370 #include <arpa/nameser.h>])
540d72c3 3371 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3372 [AC_DEFINE(HAVE_HEADER_AD, 1,
3373 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3374 [#include <arpa/nameser.h>])
3375 ])
7cac2b65 3376
fa0f0f45 3377AC_MSG_CHECKING(if struct __res_state _res is an extern)
3378AC_LINK_IFELSE([
3379#include <stdio.h>
3380#if HAVE_SYS_TYPES_H
3381# include <sys/types.h>
3382#endif
3383#include <netinet/in.h>
3384#include <arpa/nameser.h>
3385#include <resolv.h>
3386extern struct __res_state _res;
3387int main() { return 0; }
3388 ],
3389 [AC_MSG_RESULT(yes)
3390 AC_DEFINE(HAVE__RES_EXTERN, 1,
3391 [Define if you have struct __res_state _res as an extern])
3392 ],
3393 [ AC_MSG_RESULT(no) ]
3394)
3395
30460aeb 3396# Check whether user wants SELinux support
3397SELINUX_MSG="no"
3398LIBSELINUX=""
3399AC_ARG_WITH(selinux,
e74dc197 3400 [ --with-selinux Enable SELinux support],
30460aeb 3401 [ if test "x$withval" != "xno" ; then
fa0f0f45 3402 save_LIBS="$LIBS"
30460aeb 3403 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3404 SELINUX_MSG="yes"
3405 AC_CHECK_HEADER([selinux/selinux.h], ,
3406 AC_MSG_ERROR(SELinux support requires selinux.h header))
3407 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3408 AC_MSG_ERROR(SELinux support requires libselinux library))
fa0f0f45 3409 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
30460aeb 3410 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
240debe0 3411 LIBS="$save_LIBS"
30460aeb 3412 fi ]
3413)
30460aeb 3414
9fb46e52 3415# Finish configuring Globus GSSAPI
3416if test "x$gsi_path" != "xno" ; then
3417 if test ! -z "$need_dash_r" ; then
3418 LDFLAGS="$LDFLAGS -R${gsi_path}/lib"
3419 fi
3420 if test ! -z "$blibpath" ; then
3421 blibpath="$blibpath:${gsi_path}/lib"
3422 fi
3423fi
3424
282f473f 3425# Check whether the user wants GSSAPI mechglue support
3426AC_ARG_WITH(mechglue,
3427 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
3428 [
3429 AC_MSG_CHECKING(for mechglue library)
3430
3431 if test -e ${withval}/libgssapi.a ; then
3432 mechglue_lib=${withval}/libgssapi.a
3433 elif test -e ${withval}/lib/libgssapi.a ; then
3434 mechglue_lib=${withval}/lib/libgssapi.a
3435 else
3436 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
3437 fi
3438 LIBS="${mechglue_lib} $LIBS"
3439 AC_MSG_RESULT(${mechglue_lib})
3440
3441 AC_CHECK_LIB(dl, dlopen, , )
3442 if test $ac_cv_lib_dl_dlopen = yes; then
3443 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
3444 fi
3445
3446 AC_DEFINE(GSSAPI)
3447 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
3448 GSSAPI="mechglue"
3449 ]
3450)
3451
3452
63119dd9 3453# Check whether user wants Kerberos 5 support
540d72c3 3454KRB5_MSG="no"
63119dd9 3455AC_ARG_WITH(kerberos5,
540d72c3 3456 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3457 [ if test "x$withval" != "xno" ; then
3458 if test "x$withval" = "xyes" ; then
3459 KRB5ROOT="/usr/local"
3460 else
3461 KRB5ROOT=${withval}
3462 fi
3463
08822d99 3464 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3465 KRB5_MSG="yes"
3466
3467 AC_MSG_CHECKING(for krb5-config)
3468 if test -x $KRB5ROOT/bin/krb5-config ; then
3469 KRB5CONF=$KRB5ROOT/bin/krb5-config
3470 AC_MSG_RESULT($KRB5CONF)
3471
3472 AC_MSG_CHECKING(for gssapi support)
3473 if $KRB5CONF | grep gssapi >/dev/null ; then
3474 AC_MSG_RESULT(yes)
08822d99 3475 AC_DEFINE(GSSAPI, 1,
3476 [Define this if you want GSSAPI
3477 support in the version 2 protocol])
540d72c3 3478 k5confopts=gssapi
3479 else
3480 AC_MSG_RESULT(no)
3481 k5confopts=""
3482 fi
3483 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3484 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3485 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3486 AC_MSG_CHECKING(whether we are using Heimdal)
3487 AC_TRY_COMPILE([ #include <krb5.h> ],
3488 [ char *tmp = heimdal_version; ],
3489 [ AC_MSG_RESULT(yes)
08822d99 3490 AC_DEFINE(HEIMDAL, 1,
3491 [Define this if you are using the
3492 Heimdal version of Kerberos V5]) ],
540d72c3 3493 AC_MSG_RESULT(no)
3494 )
3495 else
3496 AC_MSG_RESULT(no)
63119dd9 3497 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3498 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3499 AC_MSG_CHECKING(whether we are using Heimdal)
3500 AC_TRY_COMPILE([ #include <krb5.h> ],
3501 [ char *tmp = heimdal_version; ],
3502 [ AC_MSG_RESULT(yes)
3503 AC_DEFINE(HEIMDAL)
7e82606e 3504 K5LIBS="-lkrb5 -ldes"
3505 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3506 AC_CHECK_LIB(roken, net_write,
7e82606e 3507 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3508 ],
3509 [ AC_MSG_RESULT(no)
3510 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3511 ]
3512 )
7cac2b65 3513 AC_SEARCH_LIBS(dn_expand, resolv)
3514
3515 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3516 [ AC_DEFINE(GSSAPI)
3517 K5LIBS="-lgssapi $K5LIBS" ],
3518 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3519 [ AC_DEFINE(GSSAPI)
540d72c3 3520 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3521 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3522 $K5LIBS)
3523 ],
3524 $K5LIBS)
8b32eddc 3525
7cac2b65 3526 AC_CHECK_HEADER(gssapi.h, ,
3527 [ unset ac_cv_header_gssapi_h
540d72c3 3528 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3529 AC_CHECK_HEADERS(gssapi.h, ,
3530 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3531 )
7cac2b65 3532 ]
3533 )
3534
3535 oldCPP="$CPPFLAGS"
3536 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3537 AC_CHECK_HEADER(gssapi_krb5.h, ,
3538 [ CPPFLAGS="$oldCPP" ])
63119dd9 3539
1c89237d 3540 # If we're using some other GSSAPI
3541 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3542 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3543 fi
5598e598 3544
540d72c3 3545 if test -z "$GSSAPI"; then
3546 GSSAPI="KRB5";
3547 fi
1c89237d 3548
5598e598 3549 oldCPP="$CPPFLAGS"
3550 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3551 AC_CHECK_HEADER(gssapi_krb5.h, ,
3552 [ CPPFLAGS="$oldCPP" ])
3553
63119dd9 3554 fi
540d72c3 3555 if test ! -z "$need_dash_r" ; then
3556 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3557 fi
3558 if test ! -z "$blibpath" ; then
3559 blibpath="$blibpath:${KRB5ROOT}/lib"
3560 fi
540d72c3 3561
08822d99 3562 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3563 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3564 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3565
08822d99 3566 LIBS="$LIBS $K5LIBS"
3567 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3568 [Define this if you want to use libkafs' AFS support]))
3569 fi
540d72c3 3570 ]
63119dd9 3571)
3c0ef626 3572
62eb343a 3573# Check whether user wants AFS_KRB5 support
3574AFS_KRB5_MSG="no"
3575AC_ARG_WITH(afs-krb5,
3576 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3577 [
3578 if test "x$withval" != "xno" ; then
3579
3580 if test "x$withval" != "xyes" ; then
08822d99 3581 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3582 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3583 else
08822d99 3584 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3585 "/usr/bin/aklog",
3586 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3587 fi
3588
540d72c3 3589 if test -z "$KRB5ROOT" ; then
62eb343a 3590 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3591 fi
3592
0a00e8f9 3593 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3594 if test ! -z "$AFS_LIBS" ; then
3595 LIBS="$LIBS $AFS_LIBS"
3596 fi
08822d99 3597 AC_DEFINE(AFS_KRB5, 1,
3598 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3599 AFS_KRB5_MSG="yes"
3600 fi
3601 ]
3602)
3c0ef626 3603
75be3237 3604AC_ARG_WITH(session-hooks,
3605 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3606 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3607)
3608
3c0ef626 3609# Looking for programs, paths and files
3c0ef626 3610
350391c5 3611PRIVSEP_PATH=/var/empty
3612AC_ARG_WITH(privsep-path,
d03f4262 3613 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3614 [
8b32eddc 3615 if test -n "$withval" && test "x$withval" != "xno" && \
3616 test "x${withval}" != "xyes"; then
350391c5 3617 PRIVSEP_PATH=$withval
3618 fi
3619 ]
3620)
3621AC_SUBST(PRIVSEP_PATH)
3622
3c0ef626 3623AC_ARG_WITH(xauth,
3624 [ --with-xauth=PATH Specify path to xauth program ],
3625 [
8b32eddc 3626 if test -n "$withval" && test "x$withval" != "xno" && \
3627 test "x${withval}" != "xyes"; then
3c0ef626 3628 xauth_path=$withval
3629 fi
3630 ],
3631 [
d03f4262 3632 TestPath="$PATH"
3633 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3634 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3635 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3636 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3637 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3638 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3639 xauth_path="/usr/openwin/bin/xauth"
3640 fi
3641 ]
3642)
3643
bfe49944 3644STRIP_OPT=-s
3645AC_ARG_ENABLE(strip,
3646 [ --disable-strip Disable calling strip(1) on install],
3647 [
3648 if test "x$enableval" = "xno" ; then
3649 STRIP_OPT=
3650 fi
3651 ]
3652)
3653AC_SUBST(STRIP_OPT)
3654
3c0ef626 3655if test -z "$xauth_path" ; then
3656 XAUTH_PATH="undefined"
3657 AC_SUBST(XAUTH_PATH)
3658else
08822d99 3659 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3660 [Define if xauth is found in your path])
3c0ef626 3661 XAUTH_PATH=$xauth_path
3662 AC_SUBST(XAUTH_PATH)
3663fi
3c0ef626 3664
3665# Check for mail directory (last resort if we cannot get it from headers)
3666if test ! -z "$MAIL" ; then
3667 maildir=`dirname $MAIL`
08822d99 3668 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3669 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3670fi
3671
dfddba3d 3672if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3673 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3674 disable_ptmx_check=yes
3675fi
3c0ef626 3676if test -z "$no_dev_ptmx" ; then
350391c5 3677 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3678 AC_CHECK_FILE("/dev/ptmx",
350391c5 3679 [
08822d99 3680 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3681 [Define if you have /dev/ptmx])
350391c5 3682 have_dev_ptmx=1
3683 ]
3684 )
3685 fi
3c0ef626 3686fi
dfddba3d 3687
3688if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3689 AC_CHECK_FILE("/dev/ptc",
3690 [
08822d99 3691 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3692 [Define if you have /dev/ptc])
dfddba3d 3693 have_dev_ptc=1
3694 ]
3695 )
3696else
3697 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3698fi
3c0ef626 3699
3700# Options from here on. Some of these are preset by platform above
3c0ef626 3701AC_ARG_WITH(mantype,
3702 [ --with-mantype=man|cat|doc Set man page type],
3703 [
3704 case "$withval" in
3705 man|cat|doc)
3706 MANTYPE=$withval
3707 ;;
3708 *)
3709 AC_MSG_ERROR(invalid man type: $withval)
3710 ;;
3711 esac
3712 ]
3713)
3714if test -z "$MANTYPE"; then
d03f4262 3715 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3716 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3717 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3718 MANTYPE=doc
3719 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3720 MANTYPE=man
3721 else
3722 MANTYPE=cat
3723 fi
3724fi
3725AC_SUBST(MANTYPE)
3726if test "$MANTYPE" = "doc"; then
3727 mansubdir=man;
3728else
3729 mansubdir=$MANTYPE;
3730fi
3731AC_SUBST(mansubdir)
3732
3733# Check whether to enable MD5 passwords
540d72c3 3734MD5_MSG="no"
3c0ef626 3735AC_ARG_WITH(md5-passwords,
3736 [ --with-md5-passwords Enable use of MD5 passwords],
3737 [
3738 if test "x$withval" != "xno" ; then
08822d99 3739 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3740 [Define if you want to allow MD5 passwords])
540d72c3 3741 MD5_MSG="yes"
3c0ef626 3742 fi
3743 ]
3744)
3745
3746# Whether to disable shadow password support
3747AC_ARG_WITH(shadow,
3748 [ --without-shadow Disable shadow password support],
3749 [
8b32eddc 3750 if test "x$withval" = "xno" ; then
3c0ef626 3751 AC_DEFINE(DISABLE_SHADOW)
3752 disable_shadow=yes
3753 fi
3754 ]
3755)
3756
3757if test -z "$disable_shadow" ; then
3758 AC_MSG_CHECKING([if the systems has expire shadow information])
3759 AC_TRY_COMPILE(
3760 [
3761#include <sys/types.h>
3762#include <shadow.h>
3763 struct spwd sp;
3764 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3765 [ sp_expire_available=yes ], []
3766 )
3767
3768 if test "x$sp_expire_available" = "xyes" ; then
3769 AC_MSG_RESULT(yes)
08822d99 3770 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3771 [Define if you want to use shadow password expire field])
3c0ef626 3772 else
3773 AC_MSG_RESULT(no)
3774 fi
3775fi
3776
3777# Use ip address instead of hostname in $DISPLAY
3778if test ! -z "$IPADDR_IN_DISPLAY" ; then
3779 DISPLAY_HACK_MSG="yes"
08822d99 3780 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3781 [Define if you need to use IP address
3782 instead of hostname in $DISPLAY])
3c0ef626 3783else
540d72c3 3784 DISPLAY_HACK_MSG="no"
3c0ef626 3785 AC_ARG_WITH(ipaddr-display,
3786 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3787 [
8b32eddc 3788 if test "x$withval" != "xno" ; then
3c0ef626 3789 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3790 DISPLAY_HACK_MSG="yes"
3c0ef626 3791 fi
3792 ]
3793 )
3794fi
3795
7cac2b65 3796# check for /etc/default/login and use it if present.
29d88157 3797AC_ARG_ENABLE(etc-default-login,
dfddba3d 3798 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3799 [ if test "x$enableval" = "xno"; then
3800 AC_MSG_NOTICE([/etc/default/login handling disabled])
3801 etc_default_login=no
3802 else
3803 etc_default_login=yes
3804 fi ],
08822d99 3805 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3806 then
3807 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3808 etc_default_login=no
3809 else
3810 etc_default_login=yes
3811 fi ]
dfddba3d 3812)
3813
3814if test "x$etc_default_login" != "xno"; then
3815 AC_CHECK_FILE("/etc/default/login",
3816 [ external_path_file=/etc/default/login ])
08822d99 3817 if test "x$external_path_file" = "x/etc/default/login"; then
3818 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3819 [Define if your system has /etc/default/login])
dfddba3d 3820 fi
7cac2b65 3821fi
3822
350391c5 3823dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3824if test $ac_cv_func_login_getcapbool = "yes" && \
3825 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3826 external_path_file=/etc/login.conf
350391c5 3827fi
7cac2b65 3828
3c0ef626 3829# Whether to mess with the default path
540d72c3 3830SERVER_PATH_MSG="(default)"
3c0ef626 3831AC_ARG_WITH(default-path,
350391c5 3832 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3833 [
7cac2b65 3834 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3835 AC_MSG_WARN([
3836--with-default-path=PATH has no effect on this system.
3837Edit /etc/login.conf instead.])
8b32eddc 3838 elif test "x$withval" != "xno" ; then
7cac2b65 3839 if test ! -z "$external_path_file" ; then
3840 AC_MSG_WARN([
3841--with-default-path=PATH will only be used if PATH is not defined in
3842$external_path_file .])
3843 fi
3c0ef626 3844 user_path="$withval"
540d72c3 3845 SERVER_PATH_MSG="$withval"
3c0ef626 3846 fi
3847 ],
7cac2b65 3848 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3849 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3850 else
7cac2b65 3851 if test ! -z "$external_path_file" ; then
3852 AC_MSG_WARN([
3853If PATH is defined in $external_path_file, ensure the path to scp is included,
3854otherwise scp will not work.])
3855 fi
08822d99 3856 AC_RUN_IFELSE(
3857 [AC_LANG_SOURCE([[
3c0ef626 3858/* find out what STDPATH is */
3859#include <stdio.h>
3860#ifdef HAVE_PATHS_H
3861# include <paths.h>
3862#endif
3863#ifndef _PATH_STDPATH
bfe49944 3864# ifdef _PATH_USERPATH /* Irix */
3865# define _PATH_STDPATH _PATH_USERPATH
3866# else
3867# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3868# endif
3c0ef626 3869#endif
3870#include <sys/types.h>
3871#include <sys/stat.h>
3872#include <fcntl.h>
3873#define DATA "conftest.stdpath"
3874
3875main()
3876{
3877 FILE *fd;
3878 int rc;
8b32eddc 3879
3c0ef626 3880 fd = fopen(DATA,"w");
3881 if(fd == NULL)
3882 exit(1);
8b32eddc 3883
3c0ef626 3884 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3885 exit(1);
3886
3887 exit(0);
3888}
08822d99 3889 ]])],
3890 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3891 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3892 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3893 )
3894# make sure $bindir is in USER_PATH so scp will work
3895 t_bindir=`eval echo ${bindir}`
3896 case $t_bindir in
3897 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3898 esac
3899 case $t_bindir in
3900 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3901 esac
3902 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3903 if test $? -ne 0 ; then
3904 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3905 if test $? -ne 0 ; then
3906 user_path=$user_path:$t_bindir
3907 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3908 fi
3909 fi
350391c5 3910 fi ]
3911)
7cac2b65 3912if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3913 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3914 AC_SUBST(user_path)
3915fi
3916
3917# Set superuser path separately to user path
350391c5 3918AC_ARG_WITH(superuser-path,
3919 [ --with-superuser-path= Specify different path for super-user],
3920 [
8b32eddc 3921 if test -n "$withval" && test "x$withval" != "xno" && \
3922 test "x${withval}" != "xyes"; then
08822d99 3923 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3924 [Define if you want a different $PATH
3925 for the superuser])
350391c5 3926 superuser_path=$withval
3927 fi
3c0ef626 3928 ]
3929)
350391c5 3930
3c0ef626 3931
3c0ef626 3932AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3933IPV4_IN6_HACK_MSG="no"
3c0ef626 3934AC_ARG_WITH(4in6,
3935 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3936 [
3937 if test "x$withval" != "xno" ; then
3938 AC_MSG_RESULT(yes)
08822d99 3939 AC_DEFINE(IPV4_IN_IPV6, 1,
3940 [Detect IPv4 in IPv6 mapped addresses
3941 and treat as IPv4])
540d72c3 3942 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3943 else
3944 AC_MSG_RESULT(no)
3945 fi
3946 ],[
3947 if test "x$inet6_default_4in6" = "xyes"; then
3948 AC_MSG_RESULT([yes (default)])
3949 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3950 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3951 else
3952 AC_MSG_RESULT([no (default)])
3953 fi
3954 ]
3955)
3956
3957# Whether to enable BSD auth support
e9702f7d 3958BSD_AUTH_MSG=no
3c0ef626 3959AC_ARG_WITH(bsd-auth,
3960 [ --with-bsd-auth Enable BSD auth support],
3961 [
8b32eddc 3962 if test "x$withval" != "xno" ; then
08822d99 3963 AC_DEFINE(BSD_AUTH, 1,
3964 [Define if you have BSD auth support])
e9702f7d 3965 BSD_AUTH_MSG=yes
3c0ef626 3966 fi
3967 ]
3968)
3969
3c0ef626 3970# Where to place sshd.pid
3971piddir=/var/run
350391c5 3972# make sure the directory exists
8b32eddc 3973if test ! -d $piddir ; then
350391c5 3974 piddir=`eval echo ${sysconfdir}`
3975 case $piddir in
540d72c3 3976 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3977 esac
3978fi
3979
3c0ef626 3980AC_ARG_WITH(pid-dir,
3981 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3982 [
8b32eddc 3983 if test -n "$withval" && test "x$withval" != "xno" && \
3984 test "x${withval}" != "xyes"; then
3c0ef626 3985 piddir=$withval
8b32eddc 3986 if test ! -d $piddir ; then
350391c5 3987 AC_MSG_WARN([** no $piddir directory on this system **])
3988 fi
3c0ef626 3989 fi
3990 ]
3991)
3992
08822d99 3993AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3994AC_SUBST(piddir)
3995
3996dnl allow user to disable some login recording features
3997AC_ARG_ENABLE(lastlog,
3998 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3999 [
4000 if test "x$enableval" = "xno" ; then
4001 AC_DEFINE(DISABLE_LASTLOG)
4002 fi
4003 ]
3c0ef626 4004)
4005AC_ARG_ENABLE(utmp,
4006 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 4007 [
4008 if test "x$enableval" = "xno" ; then
4009 AC_DEFINE(DISABLE_UTMP)
4010 fi
4011 ]
3c0ef626 4012)
4013AC_ARG_ENABLE(utmpx,
4014 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 4015 [
4016 if test "x$enableval" = "xno" ; then
08822d99 4017 AC_DEFINE(DISABLE_UTMPX, 1,
4018 [Define if you don't want to use utmpx])
7cac2b65 4019 fi
4020 ]
3c0ef626 4021)
4022AC_ARG_ENABLE(wtmp,
4023 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 4024 [
4025 if test "x$enableval" = "xno" ; then
4026 AC_DEFINE(DISABLE_WTMP)
4027 fi
4028 ]
3c0ef626 4029)
4030AC_ARG_ENABLE(wtmpx,
4031 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 4032 [
4033 if test "x$enableval" = "xno" ; then
08822d99 4034 AC_DEFINE(DISABLE_WTMPX, 1,
4035 [Define if you don't want to use wtmpx])
7cac2b65 4036 fi
4037 ]
3c0ef626 4038)
4039AC_ARG_ENABLE(libutil,
4040 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 4041 [
4042 if test "x$enableval" = "xno" ; then
4043 AC_DEFINE(DISABLE_LOGIN)
4044 fi
4045 ]
3c0ef626 4046)
4047AC_ARG_ENABLE(pututline,
4048 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 4049 [
4050 if test "x$enableval" = "xno" ; then
08822d99 4051 AC_DEFINE(DISABLE_PUTUTLINE, 1,
4052 [Define if you don't want to use pututline()
4053 etc. to write [uw]tmp])
7cac2b65 4054 fi
4055 ]
3c0ef626 4056)
4057AC_ARG_ENABLE(pututxline,
4058 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 4059 [
4060 if test "x$enableval" = "xno" ; then
08822d99 4061 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
4062 [Define if you don't want to use pututxline()
4063 etc. to write [uw]tmpx])
7cac2b65 4064 fi
4065 ]
3c0ef626 4066)
4067AC_ARG_WITH(lastlog,
4068 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
4069 [
8b32eddc 4070 if test "x$withval" = "xno" ; then
3c0ef626 4071 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 4072 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 4073 conf_lastlog_location=$withval
4074 fi
4075 ]
4076)
4077
4078dnl lastlog, [uw]tmpx? detection
4079dnl NOTE: set the paths in the platform section to avoid the
4080dnl need for command-line parameters
4081dnl lastlog and [uw]tmp are subject to a file search if all else fails
4082
4083dnl lastlog detection
4084dnl NOTE: the code itself will detect if lastlog is a directory
4085AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
4086AC_TRY_COMPILE([
4087#include <sys/types.h>
4088#include <utmp.h>
4089#ifdef HAVE_LASTLOG_H
4090# include <lastlog.h>
4091#endif
4092#ifdef HAVE_PATHS_H
4093# include <paths.h>
4094#endif
4095#ifdef HAVE_LOGIN_H
4096# include <login.h>
4097#endif
4098 ],
4099 [ char *lastlog = LASTLOG_FILE; ],
4100 [ AC_MSG_RESULT(yes) ],
4101 [
4102 AC_MSG_RESULT(no)
4103 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4104 AC_TRY_COMPILE([
4105#include <sys/types.h>
4106#include <utmp.h>
4107#ifdef HAVE_LASTLOG_H
4108# include <lastlog.h>
4109#endif
4110#ifdef HAVE_PATHS_H
4111# include <paths.h>
4112#endif
4113 ],
4114 [ char *lastlog = _PATH_LASTLOG; ],
4115 [ AC_MSG_RESULT(yes) ],
4116 [
4117 AC_MSG_RESULT(no)
4118 system_lastlog_path=no
4119 ])
4120 ]
4121)
4122
4123if test -z "$conf_lastlog_location"; then
4124 if test x"$system_lastlog_path" = x"no" ; then
4125 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4126 if (test -d "$f" || test -f "$f") ; then
4127 conf_lastlog_location=$f
4128 fi
4129 done
4130 if test -z "$conf_lastlog_location"; then
4131 AC_MSG_WARN([** Cannot find lastlog **])
4132 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4133 fi
4134 fi
4135fi
4136
4137if test -n "$conf_lastlog_location"; then
08822d99 4138 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4139 [Define if you want to specify the path to your lastlog file])
8b32eddc 4140fi
3c0ef626 4141
4142dnl utmp detection
4143AC_MSG_CHECKING([if your system defines UTMP_FILE])
4144AC_TRY_COMPILE([
4145#include <sys/types.h>
4146#include <utmp.h>
4147#ifdef HAVE_PATHS_H
4148# include <paths.h>
4149#endif
4150 ],
4151 [ char *utmp = UTMP_FILE; ],
4152 [ AC_MSG_RESULT(yes) ],
4153 [ AC_MSG_RESULT(no)
4154 system_utmp_path=no ]
4155)
4156if test -z "$conf_utmp_location"; then
4157 if test x"$system_utmp_path" = x"no" ; then
4158 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4159 if test -f $f ; then
4160 conf_utmp_location=$f
4161 fi
4162 done
4163 if test -z "$conf_utmp_location"; then
4164 AC_DEFINE(DISABLE_UTMP)
4165 fi
4166 fi
4167fi
4168if test -n "$conf_utmp_location"; then
08822d99 4169 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4170 [Define if you want to specify the path to your utmp file])
8b32eddc 4171fi
3c0ef626 4172
4173dnl wtmp detection
4174AC_MSG_CHECKING([if your system defines WTMP_FILE])
4175AC_TRY_COMPILE([
4176#include <sys/types.h>
4177#include <utmp.h>
4178#ifdef HAVE_PATHS_H
4179# include <paths.h>
4180#endif
4181 ],
4182 [ char *wtmp = WTMP_FILE; ],
4183 [ AC_MSG_RESULT(yes) ],
4184 [ AC_MSG_RESULT(no)
4185 system_wtmp_path=no ]
4186)
4187if test -z "$conf_wtmp_location"; then
4188 if test x"$system_wtmp_path" = x"no" ; then
4189 for f in /usr/adm/wtmp /var/log/wtmp; do
4190 if test -f $f ; then
4191 conf_wtmp_location=$f
4192 fi
4193 done
4194 if test -z "$conf_wtmp_location"; then
4195 AC_DEFINE(DISABLE_WTMP)
4196 fi
4197 fi
4198fi
4199if test -n "$conf_wtmp_location"; then
08822d99 4200 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4201 [Define if you want to specify the path to your wtmp file])
8b32eddc 4202fi
3c0ef626 4203
4204
4205dnl utmpx detection - I don't know any system so perverse as to require
4206dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4207dnl there, though.
4208AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4209AC_TRY_COMPILE([
4210#include <sys/types.h>
4211#include <utmp.h>
4212#ifdef HAVE_UTMPX_H
4213#include <utmpx.h>
4214#endif
4215#ifdef HAVE_PATHS_H
4216# include <paths.h>
4217#endif
4218 ],
4219 [ char *utmpx = UTMPX_FILE; ],
4220 [ AC_MSG_RESULT(yes) ],
4221 [ AC_MSG_RESULT(no)
4222 system_utmpx_path=no ]
4223)
4224if test -z "$conf_utmpx_location"; then
4225 if test x"$system_utmpx_path" = x"no" ; then
4226 AC_DEFINE(DISABLE_UTMPX)
4227 fi
4228else
08822d99 4229 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4230 [Define if you want to specify the path to your utmpx file])
8b32eddc 4231fi
3c0ef626 4232
4233dnl wtmpx detection
4234AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4235AC_TRY_COMPILE([
4236#include <sys/types.h>
4237#include <utmp.h>
4238#ifdef HAVE_UTMPX_H
4239#include <utmpx.h>
4240#endif
4241#ifdef HAVE_PATHS_H
4242# include <paths.h>
4243#endif
4244 ],
4245 [ char *wtmpx = WTMPX_FILE; ],
4246 [ AC_MSG_RESULT(yes) ],
4247 [ AC_MSG_RESULT(no)
4248 system_wtmpx_path=no ]
4249)
4250if test -z "$conf_wtmpx_location"; then
4251 if test x"$system_wtmpx_path" = x"no" ; then
4252 AC_DEFINE(DISABLE_WTMPX)
4253 fi
4254else
08822d99 4255 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4256 [Define if you want to specify the path to your wtmpx file])
8b32eddc 4257fi
3c0ef626 4258
4259
3c0ef626 4260if test ! -z "$blibpath" ; then
256cb466 4261 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4262 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4263fi
4264
2ce0bfe4 4265dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4266dnl Add now.
4267CFLAGS="$CFLAGS $werror_flags"
4268
e9702f7d 4269AC_EXEEXT
30460aeb 4270AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4271 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
dfddba3d 4272 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4273AC_OUTPUT
4274
4275# Print summary of options
4276
3c0ef626 4277# Someone please show me a better way :)
4278A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4279B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4280C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4281D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4282E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4283F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4284G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 4285H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4286I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4287J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4288
4289echo ""
4290echo "OpenSSH has been configured with the following options:"
350391c5 4291echo " User binaries: $B"
4292echo " System binaries: $C"
4293echo " Configuration files: $D"
4294echo " Askpass program: $E"
4295echo " Manual pages: $F"
4296echo " PID file: $G"
4297echo " Privilege separation chroot path: $H"
7cac2b65 4298if test "x$external_path_file" = "x/etc/login.conf" ; then
4299echo " At runtime, sshd will use the path defined in $external_path_file"
4300echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 4301else
4302echo " sshd default user PATH: $I"
7cac2b65 4303 if test ! -z "$external_path_file"; then
4304echo " (If PATH is set in $external_path_file it will be used instead. If"
4305echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4306 fi
350391c5 4307fi
4308if test ! -z "$superuser_path" ; then
4309echo " sshd superuser user PATH: $J"
4310fi
4311echo " Manpage format: $MANTYPE"
7cac2b65 4312echo " PAM support: $PAM_MSG"
30460aeb 4313echo " OSF SIA support: $SIA_MSG"
350391c5 4314echo " KerberosV support: $KRB5_MSG"
30460aeb 4315echo " SELinux support: $SELINUX_MSG"
350391c5 4316echo " Smartcard support: $SCARD_MSG"
350391c5 4317echo " S/KEY support: $SKEY_MSG"
4318echo " TCP Wrappers support: $TCPW_MSG"
4319echo " MD5 password support: $MD5_MSG"
dfddba3d 4320echo " libedit support: $LIBEDIT_MSG"
30460aeb 4321echo " Solaris process contract support: $SPC_MSG"
350391c5 4322echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 4323echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4324echo " BSD Auth support: $BSD_AUTH_MSG"
4325echo " Random number source: $RAND_MSG"
e9702f7d 4326if test ! -z "$USE_RAND_HELPER" ; then
350391c5 4327echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4328fi
4329
4330echo ""
4331
4332echo " Host: ${host}"
4333echo " Compiler: ${CC}"
4334echo " Compiler flags: ${CFLAGS}"
4335echo "Preprocessor flags: ${CPPFLAGS}"
4336echo " Linker flags: ${LDFLAGS}"
fa0f0f45 4337echo " Libraries: ${LIBS}"
4338if test ! -z "${SSHDLIBS}"; then
4339echo " +for sshd: ${SSHDLIBS}"
4340fi
3c0ef626 4341
4342echo ""
4343
7e82606e 4344if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4345 echo "SVR4 style packages are supported with \"make package\""
4346 echo ""
7e82606e 4347fi
4348
3c0ef626 4349if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4350 echo "PAM is enabled. You may need to install a PAM control file "
4351 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4352 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4353 echo "subdirectory"
3c0ef626 4354 echo ""
4355fi
4356
e9702f7d 4357if test ! -z "$RAND_HELPER_CMDHASH" ; then
4358 echo "WARNING: you are using the builtin random number collection "
4359 echo "service. Please read WARNING.RNG and request that your OS "
4360 echo "vendor includes kernel-based random number collection in "
4361 echo "future versions of your OS."
3c0ef626 4362 echo ""
4363fi
4364
7e82606e 4365if test ! -z "$NO_PEERCHECK" ; then
fa0f0f45 4366 echo "WARNING: the operating system that you are using does not"
4367 echo "appear to support getpeereid(), getpeerucred() or the"
4368 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4369 echo "enforce security checks to prevent unauthorised connections to"
4370 echo "ssh-agent. Their absence increases the risk that a malicious"
4371 echo "user can connect to your agent."
7e82606e 4372 echo ""
4373fi
4374
dfddba3d 4375if test "$AUDIT_MODULE" = "bsm" ; then
4376 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4377 echo "See the Solaris section in README.platform for details."
4378fi
git-cvsimport mirror of GSI OpenSSH
This page took 5.833644 seconds and 5 git commands to generate.