]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Move ssh_gssapi_support_oids() to correct position in file to avoid diff.
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
4b6dae8f 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
7cac2b65 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
4b6dae8f 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
7e82606e 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 43AC_PATH_PROG(SH, sh)
7e82606e 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
540d72c3 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
540d72c3 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
8b32eddc 88
3c0ef626 89AC_C_INLINE
2ce0bfe4 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
540d72c3 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 96 case $GCC_VER in
fa0f0f45 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
08822d99 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
2ce0bfe4 106 esac
107
108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
119fi
120
fa0f0f45 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
540d72c3 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
8b32eddc 128 if test "x$withval" = "xno" ; then
540d72c3 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
240debe0 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
fa0f0f45 208 poll.h \
240debe0 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
226 sys/prctl.h \
227 sys/pstat.h \
228 sys/select.h \
229 sys/stat.h \
230 sys/stream.h \
231 sys/stropts.h \
232 sys/strtio.h \
233 sys/sysmacros.h \
234 sys/time.h \
235 sys/timers.h \
236 sys/un.h \
237 time.h \
238 tmpdir.h \
239 ttyent.h \
fa0f0f45 240 ucred.h \
240debe0 241 unistd.h \
242 usersec.h \
243 util.h \
244 utime.h \
245 utmp.h \
246 utmpx.h \
247 vis.h \
248)
249
250# lastlog.h requires sys/time.h to be included first on Solaris
251AC_CHECK_HEADERS(lastlog.h, [], [], [
252#ifdef HAVE_SYS_TIME_H
253# include <sys/time.h>
254#endif
255])
256
257# sys/ptms.h requires sys/stream.h to be included first on Solaris
258AC_CHECK_HEADERS(sys/ptms.h, [], [], [
259#ifdef HAVE_SYS_STREAM_H
260# include <sys/stream.h>
261#endif
262])
263
264# login_cap.h requires sys/types.h on NetBSD
265AC_CHECK_HEADERS(login_cap.h, [], [], [
266#include <sys/types.h>
267])
268
30460aeb 269# Messages for features tested for in target-specific section
270SIA_MSG="no"
271SPC_MSG="no"
272
3c0ef626 273# Check for some target-specific stuff
274case "$host" in
275*-*-aix*)
30460aeb 276 # Some versions of VAC won't allow macro redefinitions at
277 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
278 # particularly with older versions of vac or xlc.
279 # It also throws errors about null macro argments, but these are
280 # not fatal.
281 AC_MSG_CHECKING(if compiler allows macro redefinitions)
282 AC_COMPILE_IFELSE(
283 [AC_LANG_SOURCE([[
284#define testmacro foo
285#define testmacro bar
286int main(void) { exit(0); }
287 ]])],
288 [ AC_MSG_RESULT(yes) ],
289 [ AC_MSG_RESULT(no)
290 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
291 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
292 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
293 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 ]
295 )
296
540d72c3 297 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 298 if (test -z "$blibpath"); then
540d72c3 299 blibpath="/usr/lib:/lib"
3c0ef626 300 fi
256cb466 301 saved_LDFLAGS="$LDFLAGS"
30460aeb 302 if test "$GCC" = "yes"; then
303 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
304 else
305 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
306 fi
307 for tryflags in $flags ;do
256cb466 308 if (test -z "$blibflags"); then
309 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
310 AC_TRY_LINK([], [], [blibflags=$tryflags])
311 fi
312 done
313 if (test -z "$blibflags"); then
314 AC_MSG_RESULT(not found)
315 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
316 else
317 AC_MSG_RESULT($blibflags)
318 fi
319 LDFLAGS="$saved_LDFLAGS"
7cac2b65 320 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 321 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
322 [Define if you want to enable AIX4's authenticate function])],
d03f4262 323 [AC_CHECK_LIB(s,authenticate,
324 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
325 LIBS="$LIBS -ls"
326 ])
327 ])
dfddba3d 328 dnl Check for various auth function declarations in headers.
329 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 330 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 331 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 332 AC_CHECK_DECLS(loginfailed,
7cac2b65 333 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
334 AC_TRY_COMPILE(
335 [#include <usersec.h>],
336 [(void)loginfailed("user","host","tty",0);],
337 [AC_MSG_RESULT(yes)
08822d99 338 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
339 [Define if your AIX loginfailed() function
340 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 341 [AC_MSG_RESULT(no)]
342 )],
343 [],
344 [#include <usersec.h>]
345 )
346 AC_CHECK_FUNCS(setauthdb)
30460aeb 347 AC_CHECK_DECL(F_CLOSEM,
348 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
349 [],
350 [ #include <limits.h>
351 #include <fcntl.h> ]
352 )
dfddba3d 353 check_for_aix_broken_getaddrinfo=1
08822d99 354 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
355 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
356 [Define if your platform breaks doing a seteuid before a setuid])
357 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
358 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 359 dnl AIX handles lastlog as part of its login message
08822d99 360 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
361 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
362 [Some systems need a utmpx entry for /bin/login to work])
363 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
364 [Define to a Set Process Title type if your system is
365 supported by bsd-setproctitle.c])
366 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
367 [AIX 5.2 and 5.3 (and presumably newer) require this])
30460aeb 368 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 369 ;;
370*-*-cygwin*)
bfe49944 371 check_for_libcrypt_later=1
0b90ac93 372 LIBS="$LIBS /usr/lib/textreadmode.o"
08822d99 373 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
374 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
375 AC_DEFINE(DISABLE_SHADOW, 1,
376 [Define if you want to disable shadow passwords])
377 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
378 [Define if your system choked on IP TOS setting])
379 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
380 [Define if X11 doesn't support AF_UNIX sockets on that system])
381 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
382 [Define if the concept of ports only accessible to
383 superusers isn't known])
384 AC_DEFINE(DISABLE_FD_PASSING, 1,
385 [Define if your platform needs to skip post auth
386 file descriptor passing])
3c0ef626 387 ;;
388*-*-dgux*)
389 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 390 AC_DEFINE(SETEUID_BREAKS_SETUID)
391 AC_DEFINE(BROKEN_SETREUID)
392 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 393 ;;
394*-*-darwin*)
0b90ac93 395 AC_DEFINE(BROKEN_GETADDRINFO, 1, [Define if getaddrinfo is broken)])
396 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 397 AC_DEFINE(SETEUID_BREAKS_SETUID)
398 AC_DEFINE(BROKEN_SETREUID)
399 AC_DEFINE(BROKEN_SETREGID)
08822d99 400 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
401 [Define if your resolver libs need this for getrrsetbyname])
30460aeb 402 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
403 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
404 [Use tunnel device compatibility to OpenBSD])
405 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
406 [Prepend the address family to IP tunnel traffic])
f713db99 407 AC_MSG_CHECKING(if we have the Security Authorization Session API)
408 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
409 [SessionCreate(0, 0);],
410 [ac_cv_use_security_session_api="yes"
411 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
412 [platform has the Security Authorization Session API])
413 LIBS="$LIBS -framework Security"
414 AC_MSG_RESULT(yes)],
415 [ac_cv_use_security_session_api="no"
416 AC_MSG_RESULT(no)])
417 AC_MSG_CHECKING(if we have an in-memory credentials cache)
418 AC_TRY_COMPILE(
419 [#include <Kerberos/Kerberos.h>],
420 [cc_context_t c;
421 (void) cc_initialize (&c, 0, NULL, NULL);],
422 [AC_DEFINE(USE_CCAPI, 1,
423 [platform uses an in-memory credentials cache])
424 LIBS="$LIBS -framework Security"
425 AC_MSG_RESULT(yes)
426 if test "x$ac_cv_use_security_session_api" = "xno"; then
427 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
428 fi],
429 [AC_MSG_RESULT(no)]
430 )
431 ;;
30460aeb 432*-*-dragonfly*)
433 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 434 ;;
2ce0bfe4 435*-*-hpux*)
436 # first we define all of the options common to all HP-UX releases
3c0ef626 437 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
438 IPADDR_IN_DISPLAY=yes
3c0ef626 439 AC_DEFINE(USE_PIPES)
08822d99 440 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
441 [Define if your login program cannot handle end of options ("--")])
350391c5 442 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 443 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
444 [String used in /etc/passwd to denote locked account])
7cac2b65 445 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 446 MAIL="/var/mail/username"
d03f4262 447 LIBS="$LIBS -lsec"
2ce0bfe4 448 AC_CHECK_LIB(xnet, t_error, ,
449 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
450
451 # next, we define all of the options specific to major releases
452 case "$host" in
453 *-*-hpux10*)
454 if test -z "$GCC"; then
455 CFLAGS="$CFLAGS -Ae"
456 fi
457 ;;
458 *-*-hpux11*)
08822d99 459 AC_DEFINE(PAM_SUN_CODEBASE, 1,
460 [Define if you are using Solaris-derived PAM which
461 passes pam_messages to the conversation function
462 with an extra level of indirection])
463 AC_DEFINE(DISABLE_UTMP, 1,
464 [Define if you don't want to use utmp])
2ce0bfe4 465 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
466 check_for_hpux_broken_getaddrinfo=1
467 check_for_conflicting_getspnam=1
468 ;;
469 esac
470
471 # lastly, we define options specific to minor releases
472 case "$host" in
473 *-*-hpux10.26)
08822d99 474 AC_DEFINE(HAVE_SECUREWARE, 1,
475 [Define if you have SecureWare-based
476 protected password database])
2ce0bfe4 477 disable_ptmx_check=yes
478 LIBS="$LIBS -lsecpw"
479 ;;
480 esac
3c0ef626 481 ;;
482*-*-irix5*)
3c0ef626 483 PATH="$PATH:/usr/etc"
08822d99 484 AC_DEFINE(BROKEN_INET_NTOA, 1,
485 [Define if you system's inet_ntoa is busted
486 (e.g. Irix gcc issue)])
540d72c3 487 AC_DEFINE(SETEUID_BREAKS_SETUID)
488 AC_DEFINE(BROKEN_SETREUID)
489 AC_DEFINE(BROKEN_SETREGID)
08822d99 490 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
491 [Define if you shouldn't strip 'tty' from your
492 ttyname in [uw]tmp])
7cac2b65 493 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 494 ;;
495*-*-irix6*)
3c0ef626 496 PATH="$PATH:/usr/etc"
08822d99 497 AC_DEFINE(WITH_IRIX_ARRAY, 1,
498 [Define if you have/want arrays
499 (cluster-wide session managment, not C arrays)])
500 AC_DEFINE(WITH_IRIX_PROJECT, 1,
501 [Define if you want IRIX project management])
502 AC_DEFINE(WITH_IRIX_AUDIT, 1,
503 [Define if you want IRIX audit trails])
504 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
505 [Define if you want IRIX kernel jobs])])
3c0ef626 506 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 507 AC_DEFINE(SETEUID_BREAKS_SETUID)
508 AC_DEFINE(BROKEN_SETREUID)
509 AC_DEFINE(BROKEN_SETREGID)
08822d99 510 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 511 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 512 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 513 ;;
514*-*-linux*)
515 no_dev_ptmx=1
516 check_for_libcrypt_later=1
7cac2b65 517 check_for_openpty_ctty_bug=1
08822d99 518 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
519 AC_DEFINE(PAM_TTY_KLUDGE, 1,
520 [Work around problematic Linux PAM modules handling of PAM_TTY])
521 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
522 [String used in /etc/passwd to denote locked account])
7cac2b65 523 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 524 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
525 [Define to whatever link() returns for "not supported"
526 if it doesn't return EOPNOTSUPP.])
dfddba3d 527 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 528 AC_DEFINE(USE_BTMP)
3c0ef626 529 inet6_default_4in6=yes
7cac2b65 530 case `uname -r` in
531 1.*|2.0.*)
08822d99 532 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
533 [Define if cmsg_type is not passed correctly])
7cac2b65 534 ;;
535 esac
08822d99 536 # tun(4) forwarding compat code
537 AC_CHECK_HEADERS(linux/if_tun.h)
538 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
539 AC_DEFINE(SSH_TUN_LINUX, 1,
540 [Open tunnel devices the Linux tun/tap way])
541 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
542 [Use tunnel device compatibility to OpenBSD])
543 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
544 [Prepend the address family to IP tunnel traffic])
545 fi
3c0ef626 546 ;;
547mips-sony-bsd|mips-sony-newsos4)
4b6dae8f 548 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 549 SONY=1
3c0ef626 550 ;;
551*-*-netbsd*)
d03f4262 552 check_for_libcrypt_before=1
8b32eddc 553 if test "x$withval" != "xno" ; then
540d72c3 554 need_dash_r=1
555 fi
08822d99 556 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
557 AC_CHECK_HEADER([net/if_tap.h], ,
558 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
559 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
560 [Prepend the address family to IP tunnel traffic])
3c0ef626 561 ;;
562*-*-freebsd*)
563 check_for_libcrypt_later=1
08822d99 564 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
565 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
566 AC_CHECK_HEADER([net/if_tap.h], ,
567 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 568 ;;
29d88157 569*-*-bsdi*)
570 AC_DEFINE(SETEUID_BREAKS_SETUID)
571 AC_DEFINE(BROKEN_SETREUID)
572 AC_DEFINE(BROKEN_SETREGID)
573 ;;
3c0ef626 574*-next-*)
575 conf_lastlog_location="/usr/adm/lastlog"
576 conf_utmp_location=/etc/utmp
577 conf_wtmp_location=/usr/adm/wtmp
578 MAIL=/usr/spool/mail
08822d99 579 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 580 AC_DEFINE(BROKEN_REALPATH)
581 AC_DEFINE(USE_PIPES)
08822d99 582 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 583 ;;
2ce0bfe4 584*-*-openbsd*)
585 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 586 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
587 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
30460aeb 588 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
589 [syslog_r function is safe to use in in a signal handler])
2ce0bfe4 590 ;;
3c0ef626 591*-*-solaris*)
8b32eddc 592 if test "x$withval" != "xno" ; then
12a403af 593 need_dash_r=1
594 fi
3c0ef626 595 AC_DEFINE(PAM_SUN_CODEBASE)
596 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 597 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
598 [Some versions of /bin/login need the TERM supplied
599 on the commandline])
3c0ef626 600 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 601 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
602 [Define if pam_chauthtok wants real uid set
603 to the unpriv'ed user])
7cac2b65 604 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
605 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 606 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
607 [Define if sshd somehow reacquires a controlling TTY
608 after setsid()])
30460aeb 609 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
610 in case the name is longer than 8 chars])
7cac2b65 611 external_path_file=/etc/default/login
3c0ef626 612 # hardwire lastlog location (can't detect it on some versions)
613 conf_lastlog_location="/var/adm/lastlog"
614 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
615 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
616 if test "$sol2ver" -ge 8; then
617 AC_MSG_RESULT(yes)
618 AC_DEFINE(DISABLE_UTMP)
08822d99 619 AC_DEFINE(DISABLE_WTMP, 1,
620 [Define if you don't want to use wtmp])
3c0ef626 621 else
622 AC_MSG_RESULT(no)
623 fi
30460aeb 624 AC_ARG_WITH(solaris-contracts,
625 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
626 [
627 AC_CHECK_LIB(contract, ct_tmpl_activate,
628 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
629 [Define if you have Solaris process contracts])
630 SSHDLIBS="$SSHDLIBS -lcontract"
631 AC_SUBST(SSHDLIBS)
632 SPC_MSG="yes" ], )
633 ],
634 )
3c0ef626 635 ;;
636*-*-sunos4*)
637 CPPFLAGS="$CPPFLAGS -DSUNOS4"
638 AC_CHECK_FUNCS(getpwanam)
639 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 640 conf_utmp_location=/etc/utmp
641 conf_wtmp_location=/var/adm/wtmp
642 conf_lastlog_location=/var/adm/lastlog
643 AC_DEFINE(USE_PIPES)
644 ;;
645*-ncr-sysv*)
3c0ef626 646 LIBS="$LIBS -lc89"
e9702f7d 647 AC_DEFINE(USE_PIPES)
7cac2b65 648 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 649 AC_DEFINE(SETEUID_BREAKS_SETUID)
650 AC_DEFINE(BROKEN_SETREUID)
651 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 652 ;;
653*-sni-sysv*)
3c0ef626 654 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 655 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 656 # -lresolv needs to be at the end of LIBS or DNS lookups break
657 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 658 IPADDR_IN_DISPLAY=yes
659 AC_DEFINE(USE_PIPES)
660 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 661 AC_DEFINE(SETEUID_BREAKS_SETUID)
662 AC_DEFINE(BROKEN_SETREUID)
663 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 664 AC_DEFINE(SSHD_ACQUIRES_CTTY)
665 external_path_file=/etc/default/login
3c0ef626 666 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
667 # Attention: always take care to bind libsocket and libnsl before libc,
668 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
669 ;;
dfddba3d 670# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 671*-*-sysv4.2*)
3c0ef626 672 AC_DEFINE(USE_PIPES)
7cac2b65 673 AC_DEFINE(SETEUID_BREAKS_SETUID)
674 AC_DEFINE(BROKEN_SETREUID)
675 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 676 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 677 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 678 ;;
dfddba3d 679# UnixWare 7.x, OpenUNIX 8
3c0ef626 680*-*-sysv5*)
2ce0bfe4 681 check_for_libcrypt_later=1
682 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 683 AC_DEFINE(USE_PIPES)
7cac2b65 684 AC_DEFINE(SETEUID_BREAKS_SETUID)
685 AC_DEFINE(BROKEN_SETREUID)
686 AC_DEFINE(BROKEN_SETREGID)
08822d99 687 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 688 case "$host" in
689 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
690 TEST_SHELL=/u95/bin/sh
08822d99 691 AC_DEFINE(BROKEN_LIBIAF, 1,
692 [ia_uinfo routines not supported by OS yet])
30460aeb 693 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 694 ;;
695 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 696 ;;
697 esac
3c0ef626 698 ;;
699*-*-sysv*)
3c0ef626 700 ;;
dfddba3d 701# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 702*-*-sco3.2v4*)
dfddba3d 703 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 704 ;;
dfddba3d 705# SCO OpenServer 5.x
3c0ef626 706*-*-sco3.2v5*)
bfe49944 707 if test -z "$GCC"; then
708 CFLAGS="$CFLAGS -belf"
709 fi
3c0ef626 710 LIBS="$LIBS -lprot -lx -ltinfo -lm"
711 no_dev_ptmx=1
3c0ef626 712 AC_DEFINE(USE_PIPES)
350391c5 713 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 714 AC_DEFINE(DISABLE_SHADOW)
d03f4262 715 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 716 AC_DEFINE(SETEUID_BREAKS_SETUID)
717 AC_DEFINE(BROKEN_SETREUID)
718 AC_DEFINE(BROKEN_SETREGID)
719 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 720 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 721 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 722 AC_CHECK_FUNCS(getluid setluid)
723 MANTYPE=man
7e82606e 724 TEST_SHELL=ksh
3c0ef626 725 ;;
d03f4262 726*-*-unicosmk*)
08822d99 727 AC_DEFINE(NO_SSH_LASTLOG, 1,
728 [Define if you don't want to use lastlog in session.c])
540d72c3 729 AC_DEFINE(SETEUID_BREAKS_SETUID)
730 AC_DEFINE(BROKEN_SETREUID)
731 AC_DEFINE(BROKEN_SETREGID)
d03f4262 732 AC_DEFINE(USE_PIPES)
733 AC_DEFINE(DISABLE_FD_PASSING)
734 LDFLAGS="$LDFLAGS"
735 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
736 MANTYPE=cat
737 ;;
7cac2b65 738*-*-unicosmp*)
540d72c3 739 AC_DEFINE(SETEUID_BREAKS_SETUID)
740 AC_DEFINE(BROKEN_SETREUID)
741 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 742 AC_DEFINE(WITH_ABBREV_NO_TTY)
743 AC_DEFINE(USE_PIPES)
744 AC_DEFINE(DISABLE_FD_PASSING)
745 LDFLAGS="$LDFLAGS"
540d72c3 746 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 747 MANTYPE=cat
748 ;;
3c0ef626 749*-*-unicos*)
540d72c3 750 AC_DEFINE(SETEUID_BREAKS_SETUID)
751 AC_DEFINE(BROKEN_SETREUID)
752 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 753 AC_DEFINE(USE_PIPES)
d03f4262 754 AC_DEFINE(DISABLE_FD_PASSING)
755 AC_DEFINE(NO_SSH_LASTLOG)
756 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
757 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
758 MANTYPE=cat
3c0ef626 759 ;;
760*-dec-osf*)
761 AC_MSG_CHECKING(for Digital Unix SIA)
762 no_osfsia=""
763 AC_ARG_WITH(osfsia,
764 [ --with-osfsia Enable Digital Unix SIA],
765 [
766 if test "x$withval" = "xno" ; then
767 AC_MSG_RESULT(disabled)
768 no_osfsia=1
769 fi
770 ],
771 )
772 if test -z "$no_osfsia" ; then
773 if test -f /etc/sia/matrix.conf; then
774 AC_MSG_RESULT(yes)
08822d99 775 AC_DEFINE(HAVE_OSF_SIA, 1,
776 [Define if you have Digital Unix Security
777 Integration Architecture])
778 AC_DEFINE(DISABLE_LOGIN, 1,
779 [Define if you don't want to use your
780 system's login() call])
bfe49944 781 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 782 LIBS="$LIBS -lsecurity -ldb -lm -laud"
30460aeb 783 SIA_MSG="yes"
3c0ef626 784 else
785 AC_MSG_RESULT(no)
08822d99 786 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
787 [String used in /etc/passwd to denote locked account])
3c0ef626 788 fi
789 fi
7cac2b65 790 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 791 AC_DEFINE(SETEUID_BREAKS_SETUID)
792 AC_DEFINE(BROKEN_SETREUID)
793 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 794 ;;
795
4b6dae8f 796*-*-nto-qnx*)
3c0ef626 797 AC_DEFINE(USE_PIPES)
798 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 799 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
800 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
801 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
4b6dae8f 802 AC_DEFINE(DISABLE_LASTLOG)
30460aeb 803 AC_DEFINE(SSHD_ACQUIRES_CTTY)
804 enable_etc_default_login=no # has incompatible /etc/default/login
fa0f0f45 805 case "$host" in
806 *-*-nto-qnx6*)
807 AC_DEFINE(DISABLE_FD_PASSING)
808 ;;
809 esac
3c0ef626 810 ;;
2ce0bfe4 811
812*-*-ultrix*)
08822d99 813 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
814 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b6dae8f 815 AC_DEFINE(NEED_SETPGRP)
2ce0bfe4 816 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
817 ;;
818
819*-*-lynxos)
820 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 821 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 822 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
823 ;;
3c0ef626 824esac
825
7cac2b65 826AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 827AC_RUN_IFELSE(
828 [AC_LANG_SOURCE([
7cac2b65 829#include <stdio.h>
830int main(){exit(0);}
dfddba3d 831 ])],
7cac2b65 832 [ AC_MSG_RESULT(yes) ],
833 [
834 AC_MSG_RESULT(no)
835 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 836 ],
837 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 838)
839
2ce0bfe4 840dnl Checks for header files.
3c0ef626 841# Checks for libraries.
842AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
843AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
844
7cac2b65 845dnl IRIX and Solaris 2.5.1 have dirname() in libgen
846AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
847 AC_CHECK_LIB(gen, dirname,[
848 AC_CACHE_CHECK([for broken dirname],
849 ac_cv_have_broken_dirname, [
850 save_LIBS="$LIBS"
851 LIBS="$LIBS -lgen"
08822d99 852 AC_RUN_IFELSE(
853 [AC_LANG_SOURCE([[
7cac2b65 854#include <libgen.h>
855#include <string.h>
856
857int main(int argc, char **argv) {
858 char *s, buf[32];
859
860 strncpy(buf,"/etc", 32);
861 s = dirname(buf);
862 if (!s || strncmp(s, "/", 32) != 0) {
863 exit(1);
864 } else {
865 exit(0);
866 }
867}
08822d99 868 ]])],
869 [ ac_cv_have_broken_dirname="no" ],
870 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 871 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 872 )
873 LIBS="$save_LIBS"
874 ])
875 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
876 LIBS="$LIBS -lgen"
877 AC_DEFINE(HAVE_DIRNAME)
878 AC_CHECK_HEADERS(libgen.h)
879 fi
880 ])
881])
882
3c0ef626 883AC_CHECK_FUNC(getspnam, ,
884 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 885AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
886 [Define if you have the basename function.]))
3c0ef626 887
888dnl zlib is required
889AC_ARG_WITH(zlib,
890 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 891 [ if test "x$withval" = "xno" ; then
892 AC_MSG_ERROR([*** zlib is required ***])
893 elif test "x$withval" != "xyes"; then
3c0ef626 894 if test -d "$withval/lib"; then
895 if test -n "${need_dash_r}"; then
896 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
897 else
898 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
899 fi
900 else
901 if test -n "${need_dash_r}"; then
902 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
903 else
904 LDFLAGS="-L${withval} ${LDFLAGS}"
905 fi
906 fi
907 if test -d "$withval/include"; then
908 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
909 else
910 CPPFLAGS="-I${withval} ${CPPFLAGS}"
911 fi
8b32eddc 912 fi ]
3c0ef626 913)
914
540d72c3 915AC_CHECK_LIB(z, deflate, ,
916 [
917 saved_CPPFLAGS="$CPPFLAGS"
918 saved_LDFLAGS="$LDFLAGS"
919 save_LIBS="$LIBS"
920 dnl Check default zlib install dir
921 if test -n "${need_dash_r}"; then
922 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
923 else
924 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
925 fi
926 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
927 LIBS="$LIBS -lz"
928 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
929 [
930 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
931 ]
932 )
933 ]
934)
935AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
936
937AC_ARG_WITH(zlib-version-check,
938 [ --without-zlib-version-check Disable zlib version check],
939 [ if test "x$withval" = "xno" ; then
940 zlib_check_nonfatal=1
941 fi
942 ]
943)
944
8b32eddc 945AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 946AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 947#include <stdio.h>
540d72c3 948#include <zlib.h>
949int main()
950{
8b32eddc 951 int a=0, b=0, c=0, d=0, n, v;
952 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
953 if (n != 3 && n != 4)
540d72c3 954 exit(1);
8b32eddc 955 v = a*1000000 + b*10000 + c*100 + d;
956 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
957
958 /* 1.1.4 is OK */
959 if (a == 1 && b == 1 && c >= 4)
540d72c3 960 exit(0);
8b32eddc 961
2ce0bfe4 962 /* 1.2.3 and up are OK */
963 if (v >= 1020300)
8b32eddc 964 exit(0);
965
540d72c3 966 exit(2);
967}
dfddba3d 968 ]])],
8b32eddc 969 AC_MSG_RESULT(no),
970 [ AC_MSG_RESULT(yes)
540d72c3 971 if test -z "$zlib_check_nonfatal" ; then
972 AC_MSG_ERROR([*** zlib too old - check config.log ***
973Your reported zlib version has known security problems. It's possible your
974vendor has fixed these problems without changing the version number. If you
975are sure this is the case, you can disable the check by running
976"./configure --without-zlib-version-check".
2ce0bfe4 977If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 978See http://www.gzip.org/zlib/ for details.])
540d72c3 979 else
980 AC_MSG_WARN([zlib version may have security problems])
981 fi
dfddba3d 982 ],
983 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 984)
3c0ef626 985
3c0ef626 986dnl UnixWare 2.x
540d72c3 987AC_CHECK_FUNC(strcasecmp,
3c0ef626 988 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
989)
08822d99 990AC_CHECK_FUNCS(utimes,
d03f4262 991 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
992 LIBS="$LIBS -lc89"]) ]
3c0ef626 993)
994
995dnl Checks for libutil functions
996AC_CHECK_HEADERS(libutil.h)
08822d99 997AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
998 [Define if your libraries define login()])])
3c0ef626 999AC_CHECK_FUNCS(logout updwtmp logwtmp)
1000
1001AC_FUNC_STRFTIME
1002
3c0ef626 1003# Check for ALTDIRFUNC glob() extension
1004AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1005AC_EGREP_CPP(FOUNDIT,
1006 [
1007 #include <glob.h>
1008 #ifdef GLOB_ALTDIRFUNC
1009 FOUNDIT
1010 #endif
540d72c3 1011 ],
3c0ef626 1012 [
08822d99 1013 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1014 [Define if your system glob() function has
1015 the GLOB_ALTDIRFUNC extension])
3c0ef626 1016 AC_MSG_RESULT(yes)
1017 ],
1018 [
1019 AC_MSG_RESULT(no)
1020 ]
1021)
1022
1023# Check for g.gl_matchc glob() extension
1024AC_MSG_CHECKING(for gl_matchc field in glob_t)
30460aeb 1025AC_TRY_COMPILE(
1026 [ #include <glob.h> ],
1027 [glob_t g; g.gl_matchc = 1;],
540d72c3 1028 [
08822d99 1029 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1030 [Define if your system glob() function has
1031 gl_matchc options in glob_t])
540d72c3 1032 AC_MSG_RESULT(yes)
1033 ],
1034 [
1035 AC_MSG_RESULT(no)
1036 ]
3c0ef626 1037)
1038
30460aeb 1039AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1040
3c0ef626 1041AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 1042AC_RUN_IFELSE(
1043 [AC_LANG_SOURCE([[
3c0ef626 1044#include <sys/types.h>
1045#include <dirent.h>
d03f4262 1046int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 1047 ]])],
540d72c3 1048 [AC_MSG_RESULT(yes)],
3c0ef626 1049 [
1050 AC_MSG_RESULT(no)
08822d99 1051 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1052 [Define if your struct dirent expects you to
1053 allocate extra space for d_name])
dfddba3d 1054 ],
8b32eddc 1055 [
dfddba3d 1056 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1057 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1058 ]
1059)
1060
1c89237d 1061# Check whether the user wants GSSAPI mechglue support
1062AC_ARG_WITH(mechglue,
bec32dad 1063 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1c89237d 1064 [
1065 AC_MSG_CHECKING(for mechglue library)
bec32dad 1066
1067 if test -e ${withval}/libgssapi.a ; then
1068 mechglue_lib=${withval}/libgssapi.a
1069 elif test -e ${withval}/lib/libgssapi.a ; then
1070 mechglue_lib=${withval}/lib/libgssapi.a
1071 else
1072 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1c89237d 1073 fi
bec32dad 1074 LIBS="$LIBS ${mechglue_lib}"
1075 AC_MSG_RESULT(${mechglue_lib})
1076
1c89237d 1077 AC_CHECK_LIB(dl, dlopen, , )
1078 if test $ac_cv_lib_dl_dlopen = yes; then
bec32dad 1079 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1c89237d 1080 fi
bec32dad 1081
1c89237d 1082 AC_DEFINE(GSSAPI)
08822d99 1083 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
1c89237d 1084 GSSAPI="mechglue"
1085
1c89237d 1086 ]
1087)
1088
1089
5598e598 1090# Check whether the user wants GSI (Globus) support
1091gsi_path="no"
1092AC_ARG_WITH(gsi,
483bcdbd 1093 [ --with-gsi Enable Globus GSI authentication support],
5598e598 1094 [
1095 gsi_path="$withval"
1096 ]
1097)
1098
1099AC_ARG_WITH(globus,
483bcdbd 1100 [ --with-globus Enable Globus GSI authentication support],
5598e598 1101 [
1102 gsi_path="$withval"
1103 ]
1104)
1105
483bcdbd 1106AC_ARG_WITH(globus-static,
1107 [ --with-globus-static Link statically with Globus GSI libraries],
1108 [
1109 gsi_static="-static"
9e6effad 1110 if test "x$gsi_path" = "xno" ; then
6e098d39 1111 gsi_path="$withval"
1112 fi
483bcdbd 1113 ]
1114)
1115
5fb9fc74 1116# Check whether the user has a Globus flavor type
1117globus_flavor_type="no"
1118AC_ARG_WITH(globus-flavor,
483bcdbd 1119 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
5fb9fc74 1120 [
1121 globus_flavor_type="$withval"
9e6effad 1122 if test "x$gsi_path" = "xno" ; then
e78b0188 1123 gsi_path="yes"
1124 fi
5fb9fc74 1125 ]
1126)
1127
5598e598 1128if test "x$gsi_path" != "xno" ; then
1129 # Globus GSSAPI configuration
22798398 1130 AC_MSG_CHECKING(for Globus GSI)
08822d99 1131 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
5598e598 1132
1c89237d 1133 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
483bcdbd 1134 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
1c89237d 1135 fi
1136 if test -z "$GSSAPI"; then
1137 AC_DEFINE(GSSAPI)
1138 GSSAPI="GSI"
1139 fi
1140
8b1f0dfd 1141 if test "x$gsi_path" = "xyes" ; then
1142 if test -z "$GLOBUS_LOCATION" ; then
483bcdbd 1143 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
8b1f0dfd 1144 else
1145 gsi_path="$GLOBUS_LOCATION"
1146 fi
1147 fi
483bcdbd 1148 GLOBUS_LOCATION="$gsi_path"
1149 export GLOBUS_LOCATION
1150 if test ! -d "$GLOBUS_LOCATION" ; then
1151 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
5598e598 1152 fi
5598e598 1153
22798398 1154 if test "x$globus_flavor_type" = "xno" ; then
1155 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1156 fi
1157 if test "x$globus_flavor_type" = "xyes" ; then
1158 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
5598e598 1159 fi
5fb9fc74 1160
22798398 1161 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
1162 if test ! -d "$GLOBUS_INCLUDE" ; then
1163 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
1164 fi
1165 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
bed23354 1166
1167 if test -x ${gsi_path}/bin/globus-makefile-header ; then
483bcdbd 1168 GSI_LIBS=`${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
bed23354 1169 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
483bcdbd 1170 GSI_LIBS=`${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
5fb9fc74 1171 else
bed23354 1172 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
22798398 1173 fi
1dca09f1 1174 if test -n "${need_dash_r}"; then
1175 GSI_LDFLAGS="-L${gsi_path}/lib -R{gsi_path}/lib"
1176 else
1177 GSI_LDFLAGS="-L${gsi_path}/lib"
1178 fi
22798398 1179 if test -z "$GSI_LIBS" ; then
bed23354 1180 AC_MSG_ERROR(globus-makefile-header failed)
5fb9fc74 1181 fi
5598e598 1182
540d72c3 1183 AC_DEFINE(HAVE_GSSAPI_H)
1184
5598e598 1185 LIBS="$LIBS $GSI_LIBS"
1186 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
1c89237d 1187 CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
22798398 1188
1189 # test that we got the libraries OK
1190 AC_TRY_LINK(
1191 [],
1192 [],
1193 [
1194 AC_MSG_RESULT(yes)
1195 ],
1196 [
1197 AC_MSG_ERROR(link with Globus libraries failed)
1198 ]
1199 )
fd34c71f 1200 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
1ca858e9 1201 INSTALL_GSISSH="yes"
1202else
1203 INSTALL_GSISSH=""
5598e598 1204fi
1ca858e9 1205AC_SUBST(INSTALL_GSISSH)
1206# End Globus/GSI section
5598e598 1207
7e82606e 1208AC_MSG_CHECKING([for /proc/pid/fd directory])
1209if test -d "/proc/$$/fd" ; then
08822d99 1210 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1211 AC_MSG_RESULT(yes)
1212else
1213 AC_MSG_RESULT(no)
1214fi
1215
3c0ef626 1216# Check whether user wants S/Key support
540d72c3 1217SKEY_MSG="no"
3c0ef626 1218AC_ARG_WITH(skey,
dfddba3d 1219 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1220 [
1221 if test "x$withval" != "xno" ; then
1222
1223 if test "x$withval" != "xyes" ; then
1224 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1225 LDFLAGS="$LDFLAGS -L${withval}/lib"
1226 fi
1227
08822d99 1228 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1229 LIBS="-lskey $LIBS"
540d72c3 1230 SKEY_MSG="yes"
8b32eddc 1231
e9702f7d 1232 AC_MSG_CHECKING([for s/key support])
08822d99 1233 AC_LINK_IFELSE(
1234 [AC_LANG_SOURCE([[
e9702f7d 1235#include <stdio.h>
1236#include <skey.h>
d03f4262 1237int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1238 ]])],
e9702f7d 1239 [AC_MSG_RESULT(yes)],
3c0ef626 1240 [
e9702f7d 1241 AC_MSG_RESULT(no)
3c0ef626 1242 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1243 ])
12a403af 1244 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1245 AC_TRY_COMPILE(
1246 [#include <stdio.h>
1247 #include <skey.h>],
1248 [(void)skeychallenge(NULL,"name","",0);],
1249 [AC_MSG_RESULT(yes)
08822d99 1250 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1251 [Define if your skeychallenge()
1252 function takes 4 arguments (NetBSD)])],
12a403af 1253 [AC_MSG_RESULT(no)]
1254 )
3c0ef626 1255 fi
1256 ]
1257)
1258
1259# Check whether user wants TCP wrappers support
1260TCPW_MSG="no"
1261AC_ARG_WITH(tcp-wrappers,
dfddba3d 1262 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1263 [
1264 if test "x$withval" != "xno" ; then
1265 saved_LIBS="$LIBS"
1266 saved_LDFLAGS="$LDFLAGS"
1267 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1268 if test -n "${withval}" && \
1269 test "x${withval}" != "xyes"; then
3c0ef626 1270 if test -d "${withval}/lib"; then
1271 if test -n "${need_dash_r}"; then
1272 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1273 else
1274 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1275 fi
1276 else
1277 if test -n "${need_dash_r}"; then
1278 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1279 else
1280 LDFLAGS="-L${withval} ${LDFLAGS}"
1281 fi
1282 fi
1283 if test -d "${withval}/include"; then
1284 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1285 else
1286 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1287 fi
1288 fi
fa0f0f45 1289 LIBS="-lwrap $LIBS"
3c0ef626 1290 AC_MSG_CHECKING(for libwrap)
1291 AC_TRY_LINK(
1292 [
12a403af 1293#include <sys/types.h>
1294#include <sys/socket.h>
1295#include <netinet/in.h>
3c0ef626 1296#include <tcpd.h>
1297 int deny_severity = 0, allow_severity = 0;
1298 ],
1299 [hosts_access(0);],
1300 [
1301 AC_MSG_RESULT(yes)
08822d99 1302 AC_DEFINE(LIBWRAP, 1,
1303 [Define if you want
1304 TCP Wrappers support])
fa0f0f45 1305 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1306 TCPW_MSG="yes"
1307 ],
1308 [
1309 AC_MSG_ERROR([*** libwrap missing])
1310 ]
1311 )
e9702f7d 1312 LIBS="$saved_LIBS"
3c0ef626 1313 fi
1314 ]
1315)
1316
dfddba3d 1317# Check whether user wants libedit support
1318LIBEDIT_MSG="no"
1319AC_ARG_WITH(libedit,
1320 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1321 [ if test "x$withval" != "xno" ; then
8b32eddc 1322 if test "x$withval" != "xyes"; then
08822d99 1323 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1324 if test -n "${need_dash_r}"; then
1325 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1326 else
1327 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1328 fi
8b32eddc 1329 fi
dfddba3d 1330 AC_CHECK_LIB(edit, el_init,
08822d99 1331 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1332 LIBEDIT="-ledit -lcurses"
1333 LIBEDIT_MSG="yes"
1334 AC_SUBST(LIBEDIT)
1335 ],
8b32eddc 1336 [ AC_MSG_ERROR(libedit not found) ],
1337 [ -lcurses ]
dfddba3d 1338 )
2ce0bfe4 1339 AC_MSG_CHECKING(if libedit version is compatible)
1340 AC_COMPILE_IFELSE(
1341 [AC_LANG_SOURCE([[
1342#include <histedit.h>
1343int main(void)
1344{
1345 int i = H_SETSIZE;
1346 el_init("", NULL, NULL, NULL);
1347 exit(0);
1348}
1349 ]])],
1350 [ AC_MSG_RESULT(yes) ],
1351 [ AC_MSG_RESULT(no)
1352 AC_MSG_ERROR(libedit version is not compatible) ]
1353 )
dfddba3d 1354 fi ]
1355)
1356
1357AUDIT_MODULE=none
1358AC_ARG_WITH(audit,
1359 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1360 [
1361 AC_MSG_CHECKING(for supported audit module)
1362 case "$withval" in
1363 bsm)
1364 AC_MSG_RESULT(bsm)
1365 AUDIT_MODULE=bsm
1366 dnl Checks for headers, libs and functions
1367 AC_CHECK_HEADERS(bsm/audit.h, [],
30460aeb 1368 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1369 [
1370#ifdef HAVE_TIME_H
1371# include <time.h>
1372#endif
1373 ]
1374)
dfddba3d 1375 AC_CHECK_LIB(bsm, getaudit, [],
1376 [AC_MSG_ERROR(BSM enabled and required library not found)])
1377 AC_CHECK_FUNCS(getaudit, [],
1378 [AC_MSG_ERROR(BSM enabled and required function not found)])
1379 # These are optional
1380 AC_CHECK_FUNCS(getaudit_addr)
08822d99 1381 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1382 ;;
1383 debug)
1384 AUDIT_MODULE=debug
1385 AC_MSG_RESULT(debug)
08822d99 1386 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1387 ;;
2ce0bfe4 1388 no)
1389 AC_MSG_RESULT(no)
1390 ;;
dfddba3d 1391 *)
1392 AC_MSG_ERROR([Unknown audit module $withval])
1393 ;;
1394 esac ]
1395)
1396
bfe49944 1397dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1398AC_CHECK_FUNCS( \
1399 arc4random \
08822d99 1400 asprintf \
2ce0bfe4 1401 b64_ntop \
1402 __b64_ntop \
1403 b64_pton \
1404 __b64_pton \
1405 bcopy \
1406 bindresvport_sa \
1407 clock \
1408 closefrom \
1409 dirfd \
1410 fchmod \
1411 fchown \
1412 freeaddrinfo \
1413 futimes \
1414 getaddrinfo \
1415 getcwd \
1416 getgrouplist \
1417 getnameinfo \
1418 getopt \
1419 getpeereid \
fa0f0f45 1420 getpeerucred \
2ce0bfe4 1421 _getpty \
1422 getrlimit \
1423 getttyent \
1424 glob \
1425 inet_aton \
1426 inet_ntoa \
1427 inet_ntop \
1428 innetgr \
1429 login_getcapbool \
1430 md5_crypt \
1431 memmove \
1432 mkdtemp \
1433 mmap \
1434 ngetaddrinfo \
1435 nsleep \
1436 ogetaddrinfo \
1437 openlog_r \
1438 openpty \
fa0f0f45 1439 poll \
2ce0bfe4 1440 prctl \
1441 pstat \
1442 readpassphrase \
1443 realpath \
1444 recvmsg \
1445 rresvport_af \
1446 sendmsg \
1447 setdtablesize \
1448 setegid \
1449 setenv \
1450 seteuid \
1451 setgroups \
1452 setlogin \
1453 setpcred \
1454 setproctitle \
1455 setregid \
1456 setreuid \
1457 setrlimit \
1458 setsid \
1459 setvbuf \
1460 sigaction \
1461 sigvec \
1462 snprintf \
1463 socketpair \
1464 strdup \
1465 strerror \
1466 strlcat \
1467 strlcpy \
1468 strmode \
1469 strnvis \
1470 strtonum \
1471 strtoll \
1472 strtoul \
fa0f0f45 1473 swap32 \
2ce0bfe4 1474 sysconf \
1475 tcgetpgrp \
1476 truncate \
1477 unsetenv \
1478 updwtmpx \
08822d99 1479 vasprintf \
2ce0bfe4 1480 vhangup \
1481 vsnprintf \
1482 waitpid \
bfe49944 1483)
1484
29d88157 1485# IRIX has a const char return value for gai_strerror()
1486AC_CHECK_FUNCS(gai_strerror,[
1487 AC_DEFINE(HAVE_GAI_STRERROR)
1488 AC_TRY_COMPILE([
1489#include <sys/types.h>
1490#include <sys/socket.h>
1491#include <netdb.h>
1492
1493const char *gai_strerror(int);],[
1494char *str;
1495
1496str = gai_strerror(0);],[
1497 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1498 [Define if gai_strerror() returns const char *])])])
1499
08822d99 1500AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1501 [Some systems put nanosleep outside of libc]))
bfe49944 1502
7cac2b65 1503dnl Make sure prototypes are defined for these before using them.
7cac2b65 1504AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1505AC_CHECK_DECL(strsep,
1506 [AC_CHECK_FUNCS(strsep)],
1507 [],
1508 [
1509#ifdef HAVE_STRING_H
1510# include <string.h>
1511#endif
1512 ])
3c0ef626 1513
7cac2b65 1514dnl tcsendbreak might be a macro
1515AC_CHECK_DECL(tcsendbreak,
1516 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1517 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1518 [#include <termios.h>]
1519)
3c0ef626 1520
7e82606e 1521AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1522
30460aeb 1523AC_CHECK_DECLS(SHUT_RD, , ,
1524 [
1525#include <sys/types.h>
1526#include <sys/socket.h>
1527 ])
1528
1529AC_CHECK_DECLS(O_NONBLOCK, , ,
1530 [
1531#include <sys/types.h>
1532#ifdef HAVE_SYS_STAT_H
1533# include <sys/stat.h>
1534#endif
1535#ifdef HAVE_FCNTL_H
1536# include <fcntl.h>
1537#endif
1538 ])
1539
1540AC_CHECK_DECLS(writev, , , [
1541#include <sys/types.h>
1542#include <sys/uio.h>
1543#include <unistd.h>
1544 ])
1545
fa0f0f45 1546AC_CHECK_DECLS(MAXSYMLINKS, , , [
1547#include <sys/param.h>
1548 ])
1549
1550AC_CHECK_DECLS(offsetof, , , [
1551#include <stddef.h>
1552 ])
1553
540d72c3 1554AC_CHECK_FUNCS(setresuid, [
1555 dnl Some platorms have setresuid that isn't implemented, test for this
1556 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1557 AC_RUN_IFELSE(
1558 [AC_LANG_SOURCE([[
540d72c3 1559#include <stdlib.h>
1560#include <errno.h>
1561int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1562 ]])],
540d72c3 1563 [AC_MSG_RESULT(yes)],
08822d99 1564 [AC_DEFINE(BROKEN_SETRESUID, 1,
1565 [Define if your setresuid() is broken])
dfddba3d 1566 AC_MSG_RESULT(not implemented)],
1567 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1568 )
1569])
1570
1571AC_CHECK_FUNCS(setresgid, [
1572 dnl Some platorms have setresgid that isn't implemented, test for this
1573 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1574 AC_RUN_IFELSE(
1575 [AC_LANG_SOURCE([[
540d72c3 1576#include <stdlib.h>
1577#include <errno.h>
1578int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1579 ]])],
540d72c3 1580 [AC_MSG_RESULT(yes)],
08822d99 1581 [AC_DEFINE(BROKEN_SETRESGID, 1,
1582 [Define if your setresgid() is broken])
dfddba3d 1583 AC_MSG_RESULT(not implemented)],
1584 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1585 )
1586])
1587
3c0ef626 1588dnl Checks for time functions
1589AC_CHECK_FUNCS(gettimeofday time)
1590dnl Checks for utmp functions
1591AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1592AC_CHECK_FUNCS(utmpname)
1593dnl Checks for utmpx functions
1594AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1595AC_CHECK_FUNCS(setutxent utmpxname)
1596
540d72c3 1597AC_CHECK_FUNC(daemon,
08822d99 1598 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1599 [AC_CHECK_LIB(bsd, daemon,
1600 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1601)
1602
540d72c3 1603AC_CHECK_FUNC(getpagesize,
08822d99 1604 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1605 [Define if your libraries define getpagesize()])],
1606 [AC_CHECK_LIB(ucb, getpagesize,
1607 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1608)
1609
1610# Check for broken snprintf
1611if test "x$ac_cv_func_snprintf" = "xyes" ; then
1612 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1613 AC_RUN_IFELSE(
1614 [AC_LANG_SOURCE([[
3c0ef626 1615#include <stdio.h>
d03f4262 1616int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1617 ]])],
540d72c3 1618 [AC_MSG_RESULT(yes)],
3c0ef626 1619 [
1620 AC_MSG_RESULT(no)
08822d99 1621 AC_DEFINE(BROKEN_SNPRINTF, 1,
1622 [Define if your snprintf is busted])
3c0ef626 1623 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1624 ],
1625 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1626 )
1627fi
1628
08822d99 1629# If we don't have a working asprintf, then we strongly depend on vsnprintf
1630# returning the right thing on overflow: the number of characters it tried to
1631# create (as per SUSv3)
1632if test "x$ac_cv_func_asprintf" != "xyes" && \
1633 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1634 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1635 AC_RUN_IFELSE(
1636 [AC_LANG_SOURCE([[
1637#include <sys/types.h>
1638#include <stdio.h>
1639#include <stdarg.h>
1640
1641int x_snprintf(char *str,size_t count,const char *fmt,...)
1642{
1643 size_t ret; va_list ap;
1644 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1645 return ret;
1646}
1647int main(void)
1648{
1649 char x[1];
1650 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1651} ]])],
1652 [AC_MSG_RESULT(yes)],
1653 [
1654 AC_MSG_RESULT(no)
1655 AC_DEFINE(BROKEN_SNPRINTF, 1,
1656 [Define if your snprintf is busted])
1657 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1658 ],
1659 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1660 )
1661fi
1662
1663# On systems where [v]snprintf is broken, but is declared in stdio,
1664# check that the fmt argument is const char * or just char *.
1665# This is only useful for when BROKEN_SNPRINTF
1666AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1667AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1668 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1669 int main(void) { snprintf(0, 0, 0); }
1670 ]])],
1671 [AC_MSG_RESULT(yes)
1672 AC_DEFINE(SNPRINTF_CONST, [const],
1673 [Define as const if snprintf() can declare const char *fmt])],
1674 [AC_MSG_RESULT(no)
1675 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1676
7e82606e 1677# Check for missing getpeereid (or equiv) support
1678NO_PEERCHECK=""
fa0f0f45 1679if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
7e82606e 1680 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1681 AC_TRY_COMPILE(
1682 [#include <sys/types.h>
1683 #include <sys/socket.h>],
1684 [int i = SO_PEERCRED;],
8b32eddc 1685 [ AC_MSG_RESULT(yes)
08822d99 1686 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1687 ],
7e82606e 1688 [AC_MSG_RESULT(no)
1689 NO_PEERCHECK=1]
1690 )
1691fi
1692
bfe49944 1693dnl see whether mkstemp() requires XXXXXX
1694if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1695AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1696AC_RUN_IFELSE(
1697 [AC_LANG_SOURCE([[
bfe49944 1698#include <stdlib.h>
1699main() { char template[]="conftest.mkstemp-test";
1700if (mkstemp(template) == -1)
1701 exit(1);
1702unlink(template); exit(0);
1703}
08822d99 1704 ]])],
bfe49944 1705 [
1706 AC_MSG_RESULT(no)
1707 ],
540d72c3 1708 [
bfe49944 1709 AC_MSG_RESULT(yes)
08822d99 1710 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1711 ],
1712 [
1713 AC_MSG_RESULT(yes)
1714 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1715 ]
bfe49944 1716)
1717fi
1718
7cac2b65 1719dnl make sure that openpty does not reacquire controlling terminal
1720if test ! -z "$check_for_openpty_ctty_bug"; then
1721 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1722 AC_RUN_IFELSE(
1723 [AC_LANG_SOURCE([[
7cac2b65 1724#include <stdio.h>
1725#include <sys/fcntl.h>
1726#include <sys/types.h>
1727#include <sys/wait.h>
1728
1729int
1730main()
1731{
1732 pid_t pid;
1733 int fd, ptyfd, ttyfd, status;
1734
1735 pid = fork();
1736 if (pid < 0) { /* failed */
1737 exit(1);
1738 } else if (pid > 0) { /* parent */
1739 waitpid(pid, &status, 0);
540d72c3 1740 if (WIFEXITED(status))
7cac2b65 1741 exit(WEXITSTATUS(status));
1742 else
1743 exit(2);
1744 } else { /* child */
1745 close(0); close(1); close(2);
1746 setsid();
1747 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1748 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1749 if (fd >= 0)
1750 exit(3); /* Acquired ctty: broken */
1751 else
1752 exit(0); /* Did not acquire ctty: OK */
1753 }
1754}
08822d99 1755 ]])],
7cac2b65 1756 [
1757 AC_MSG_RESULT(yes)
1758 ],
1759 [
1760 AC_MSG_RESULT(no)
1761 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1762 ],
1763 [
1764 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1765 ]
1766 )
1767fi
1768
8b32eddc 1769if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1770 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1771 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1772 AC_RUN_IFELSE(
1773 [AC_LANG_SOURCE([[
12a403af 1774#include <stdio.h>
1775#include <sys/socket.h>
1776#include <netdb.h>
1777#include <errno.h>
1778#include <netinet/in.h>
1779
1780#define TEST_PORT "2222"
1781
1782int
1783main(void)
1784{
1785 int err, sock;
1786 struct addrinfo *gai_ai, *ai, hints;
1787 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1788
1789 memset(&hints, 0, sizeof(hints));
1790 hints.ai_family = PF_UNSPEC;
1791 hints.ai_socktype = SOCK_STREAM;
1792 hints.ai_flags = AI_PASSIVE;
1793
1794 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1795 if (err != 0) {
1796 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1797 exit(1);
1798 }
1799
1800 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1801 if (ai->ai_family != AF_INET6)
1802 continue;
1803
1804 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1805 sizeof(ntop), strport, sizeof(strport),
1806 NI_NUMERICHOST|NI_NUMERICSERV);
1807
1808 if (err != 0) {
1809 if (err == EAI_SYSTEM)
1810 perror("getnameinfo EAI_SYSTEM");
1811 else
1812 fprintf(stderr, "getnameinfo failed: %s\n",
1813 gai_strerror(err));
1814 exit(2);
1815 }
1816
1817 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1818 if (sock < 0)
1819 perror("socket");
1820 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1821 if (errno == EBADF)
1822 exit(3);
1823 }
1824 }
1825 exit(0);
1826}
08822d99 1827 ]])],
12a403af 1828 [
1829 AC_MSG_RESULT(yes)
1830 ],
1831 [
1832 AC_MSG_RESULT(no)
1833 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1834 ],
1835 [
1836 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1837 ]
1838 )
1839fi
1840
8b32eddc 1841if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1842 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1843 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1844 AC_RUN_IFELSE(
1845 [AC_LANG_SOURCE([[
dfddba3d 1846#include <stdio.h>
1847#include <sys/socket.h>
1848#include <netdb.h>
1849#include <errno.h>
1850#include <netinet/in.h>
1851
1852#define TEST_PORT "2222"
1853
1854int
1855main(void)
1856{
1857 int err, sock;
1858 struct addrinfo *gai_ai, *ai, hints;
1859 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1860
1861 memset(&hints, 0, sizeof(hints));
1862 hints.ai_family = PF_UNSPEC;
1863 hints.ai_socktype = SOCK_STREAM;
1864 hints.ai_flags = AI_PASSIVE;
1865
1866 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1867 if (err != 0) {
1868 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1869 exit(1);
1870 }
1871
1872 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1873 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1874 continue;
1875
1876 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1877 sizeof(ntop), strport, sizeof(strport),
1878 NI_NUMERICHOST|NI_NUMERICSERV);
1879
1880 if (ai->ai_family == AF_INET && err != 0) {
1881 perror("getnameinfo");
1882 exit(2);
1883 }
1884 }
1885 exit(0);
1886}
08822d99 1887 ]])],
dfddba3d 1888 [
1889 AC_MSG_RESULT(yes)
08822d99 1890 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1891 [Define if you have a getaddrinfo that fails
1892 for the all-zeros IPv6 address])
dfddba3d 1893 ],
1894 [
1895 AC_MSG_RESULT(no)
1896 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1897 ],
30460aeb 1898 [
08822d99 1899 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1900 ]
1901 )
1902fi
1903
1904if test "x$check_for_conflicting_getspnam" = "x1"; then
1905 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1906 AC_COMPILE_IFELSE(
1907 [
1908#include <shadow.h>
1909int main(void) {exit(0);}
1910 ],
1911 [
1912 AC_MSG_RESULT(no)
1913 ],
1914 [
1915 AC_MSG_RESULT(yes)
1916 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1917 [Conflicting defs for getspnam])
1918 ]
1919 )
1920fi
1921
3c0ef626 1922AC_FUNC_GETPGRP
1923
350391c5 1924# Search for OpenSSL
1925saved_CPPFLAGS="$CPPFLAGS"
1926saved_LDFLAGS="$LDFLAGS"
3c0ef626 1927AC_ARG_WITH(ssl-dir,
1928 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1929 [
1930 if test "x$withval" != "xno" ; then
dfddba3d 1931 case "$withval" in
1932 # Relative paths
1933 ./*|../*) withval="`pwd`/$withval"
1934 esac
350391c5 1935 if test -d "$withval/lib"; then
1936 if test -n "${need_dash_r}"; then
1937 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1938 else
1939 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1940 fi
1941 else
350391c5 1942 if test -n "${need_dash_r}"; then
1943 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1944 else
1945 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1946 fi
1947 fi
350391c5 1948 if test -d "$withval/include"; then
1949 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1950 else
350391c5 1951 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1952 fi
1953 fi
350391c5 1954 ]
1955)
22798398 1956if test -z "$GSI_LIBS" ; then
540d72c3 1957LIBS="-lcrypto $LIBS"
22798398 1958fi
08822d99 1959AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1960 [Define if your ssl headers are included
1961 with #include <openssl/header.h>]),
3c0ef626 1962 [
350391c5 1963 dnl Check default openssl install dir
1964 if test -n "${need_dash_r}"; then
1965 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1966 else
350391c5 1967 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1968 fi
350391c5 1969 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1970 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1971 [
1972 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1973 ]
1974 )
1975 ]
1976)
1977
d03f4262 1978# Determine OpenSSL header version
1979AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 1980AC_RUN_IFELSE(
1981 [AC_LANG_SOURCE([[
d03f4262 1982#include <stdio.h>
1983#include <string.h>
1984#include <openssl/opensslv.h>
1985#define DATA "conftest.sslincver"
1986int main(void) {
540d72c3 1987 FILE *fd;
1988 int rc;
d03f4262 1989
540d72c3 1990 fd = fopen(DATA,"w");
1991 if(fd == NULL)
1992 exit(1);
d03f4262 1993
1994 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1995 exit(1);
1996
1997 exit(0);
1998}
dfddba3d 1999 ]])],
d03f4262 2000 [
2001 ssl_header_ver=`cat conftest.sslincver`
2002 AC_MSG_RESULT($ssl_header_ver)
2003 ],
2004 [
2005 AC_MSG_RESULT(not found)
2006 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 2007 ],
2008 [
2009 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2010 ]
2011)
2012
2013# Determine OpenSSL library version
2014AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 2015AC_RUN_IFELSE(
2016 [AC_LANG_SOURCE([[
d03f4262 2017#include <stdio.h>
2018#include <string.h>
2019#include <openssl/opensslv.h>
2020#include <openssl/crypto.h>
2021#define DATA "conftest.ssllibver"
2022int main(void) {
540d72c3 2023 FILE *fd;
2024 int rc;
d03f4262 2025
540d72c3 2026 fd = fopen(DATA,"w");
2027 if(fd == NULL)
2028 exit(1);
d03f4262 2029
2030 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2031 exit(1);
2032
2033 exit(0);
2034}
dfddba3d 2035 ]])],
d03f4262 2036 [
2037 ssl_library_ver=`cat conftest.ssllibver`
2038 AC_MSG_RESULT($ssl_library_ver)
2039 ],
2040 [
2041 AC_MSG_RESULT(not found)
2042 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 2043 ],
2044 [
2045 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2046 ]
2047)
3c0ef626 2048
0b90ac93 2049AC_ARG_WITH(openssl-header-check,
2050 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2051 [ if test "x$withval" = "xno" ; then
2052 openssl_check_nonfatal=1
2053 fi
2054 ]
2055)
2056
e9702f7d 2057# Sanity check OpenSSL headers
2058AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 2059AC_RUN_IFELSE(
2060 [AC_LANG_SOURCE([[
e9702f7d 2061#include <string.h>
2062#include <openssl/opensslv.h>
d03f4262 2063int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 2064 ]])],
e9702f7d 2065 [
2066 AC_MSG_RESULT(yes)
2067 ],
2068 [
2069 AC_MSG_RESULT(no)
0b90ac93 2070 if test "x$openssl_check_nonfatal" = "x"; then
2071 AC_MSG_ERROR([Your OpenSSL headers do not match your
2072library. Check config.log for details.
2073If you are sure your installation is consistent, you can disable the check
2074by running "./configure --without-openssl-header-check".
2075Also see contrib/findssl.sh for help identifying header/library mismatches.
2076])
2077 else
2078 AC_MSG_WARN([Your OpenSSL headers do not match your
2079library. Check config.log for details.
7cac2b65 2080Also see contrib/findssl.sh for help identifying header/library mismatches.])
0b90ac93 2081 fi
dfddba3d 2082 ],
2083 [
2084 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 2085 ]
2086)
2087
30460aeb 2088AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2089AC_LINK_IFELSE(
2090 [AC_LANG_SOURCE([[
2091#include <openssl/evp.h>
2092int main(void) { SSLeay_add_all_algorithms(); }
2093 ]])],
2094 [
2095 AC_MSG_RESULT(yes)
2096 ],
2097 [
2098 AC_MSG_RESULT(no)
2099 saved_LIBS="$LIBS"
2100 LIBS="$LIBS -ldl"
2101 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2102 AC_LINK_IFELSE(
2103 [AC_LANG_SOURCE([[
2104#include <openssl/evp.h>
2105int main(void) { SSLeay_add_all_algorithms(); }
2106 ]])],
2107 [
2108 AC_MSG_RESULT(yes)
2109 ],
2110 [
2111 AC_MSG_RESULT(no)
2112 LIBS="$saved_LIBS"
2113 ]
2114 )
2115 ]
2116)
2117
2118AC_ARG_WITH(ssl-engine,
2119 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2120 [ if test "x$withval" != "xno" ; then
2121 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2122 AC_TRY_COMPILE(
2123 [ #include <openssl/engine.h>],
2124 [
240debe0 2125ENGINE_load_builtin_engines();ENGINE_register_all_complete();
30460aeb 2126 ],
2127 [ AC_MSG_RESULT(yes)
2128 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2129 [Enable OpenSSL engine support])
2130 ],
2131 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2132 )
2133 fi ]
2134)
2135
08822d99 2136# Check for OpenSSL without EVP_aes_{192,256}_cbc
2137AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
30460aeb 2138AC_LINK_IFELSE(
08822d99 2139 [AC_LANG_SOURCE([[
2140#include <string.h>
2141#include <openssl/evp.h>
4b6dae8f 2142int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
08822d99 2143 ]])],
2144 [
2145 AC_MSG_RESULT(no)
2146 ],
2147 [
2148 AC_MSG_RESULT(yes)
2149 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2150 [libcrypto is missing AES 192 and 256 bit functions])
2151 ]
2152)
2153
540d72c3 2154# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2155# because the system crypt() is more featureful.
2156if test "x$check_for_libcrypt_before" = "x1"; then
2157 AC_CHECK_LIB(crypt, crypt)
2158fi
2159
2160# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2161# version in OpenSSL.
7cac2b65 2162if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2163 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2164fi
2165
30460aeb 2166# Search for SHA256 support in libc and/or OpenSSL
2167AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2168
fa0f0f45 2169saved_LIBS="$LIBS"
2170AC_CHECK_LIB(iaf, ia_openinfo, [
2171 LIBS="$LIBS -liaf"
2172 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
2173])
2174LIBS="$saved_LIBS"
e9702f7d 2175
2176### Configure cryptographic random number support
2177
2178# Check wheter OpenSSL seeds itself
2179AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2180AC_RUN_IFELSE(
2181 [AC_LANG_SOURCE([[
e9702f7d 2182#include <string.h>
2183#include <openssl/rand.h>
d03f4262 2184int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2185 ]])],
e9702f7d 2186 [
2187 OPENSSL_SEEDS_ITSELF=yes
2188 AC_MSG_RESULT(yes)
2189 ],
2190 [
2191 AC_MSG_RESULT(no)
2192 # Default to use of the rand helper if OpenSSL doesn't
2193 # seed itself
2194 USE_RAND_HELPER=yes
dfddba3d 2195 ],
2196 [
2197 AC_MSG_WARN([cross compiling: assuming yes])
2198 # This is safe, since all recent OpenSSL versions will
8b32eddc 2199 # complain at runtime if not seeded correctly.
dfddba3d 2200 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2201 ]
2202)
2203
30460aeb 2204# Check for PAM libs
2205PAM_MSG="no"
2206AC_ARG_WITH(pam,
2207 [ --with-pam Enable PAM support ],
2208 [
2209 if test "x$withval" != "xno" ; then
2210 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2211 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2212 AC_MSG_ERROR([PAM headers not found])
2213 fi
2214
2215 saved_LIBS="$LIBS"
2216 AC_CHECK_LIB(dl, dlopen, , )
2217 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2218 AC_CHECK_FUNCS(pam_getenvlist)
2219 AC_CHECK_FUNCS(pam_putenv)
2220 LIBS="$saved_LIBS"
2221
2222 PAM_MSG="yes"
2223
fa0f0f45 2224 SSHDLIBS="$SSHDLIBS -lpam"
30460aeb 2225 AC_DEFINE(USE_PAM, 1,
2226 [Define if you want to enable PAM support])
2227
2228 if test $ac_cv_lib_dl_dlopen = yes; then
2229 case "$LIBS" in
2230 *-ldl*)
2231 # libdl already in LIBS
2232 ;;
2233 *)
fa0f0f45 2234 SSHDLIBS="$SSHDLIBS -ldl"
30460aeb 2235 ;;
2236 esac
2237 fi
30460aeb 2238 fi
2239 ]
2240)
2241
2242# Check for older PAM
2243if test "x$PAM_MSG" = "xyes" ; then
2244 # Check PAM strerror arguments (old PAM)
2245 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2246 AC_TRY_COMPILE(
2247 [
2248#include <stdlib.h>
2249#if defined(HAVE_SECURITY_PAM_APPL_H)
2250#include <security/pam_appl.h>
2251#elif defined (HAVE_PAM_PAM_APPL_H)
2252#include <pam/pam_appl.h>
2253#endif
2254 ],
2255 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2256 [AC_MSG_RESULT(no)],
2257 [
2258 AC_DEFINE(HAVE_OLD_PAM, 1,
2259 [Define if you have an old version of PAM
2260 which takes only one argument to pam_strerror])
2261 AC_MSG_RESULT(yes)
2262 PAM_MSG="yes (old library)"
2263 ]
2264 )
2265fi
e9702f7d 2266
2267# Do we want to force the use of the rand helper?
2268AC_ARG_WITH(rand-helper,
2269 [ --with-rand-helper Use subprocess to gather strong randomness ],
2270 [
2271 if test "x$withval" = "xno" ; then
540d72c3 2272 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2273 # the previous test showed it to be unseeded.
2274 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2275 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2276 OPENSSL_SEEDS_ITSELF=yes
2277 USE_RAND_HELPER=""
2278 fi
2279 else
2280 USE_RAND_HELPER=yes
2281 fi
2282 ],
8b32eddc 2283)
e9702f7d 2284
2285# Which randomness source do we use?
8b32eddc 2286if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2287 # OpenSSL only
08822d99 2288 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2289 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2290 RAND_MSG="OpenSSL internal ONLY"
2291 INSTALL_SSH_RAND_HELPER=""
2292elif test ! -z "$USE_RAND_HELPER" ; then
2293 # install rand helper
2294 RAND_MSG="ssh-rand-helper"
2295 INSTALL_SSH_RAND_HELPER="yes"
2296fi
2297AC_SUBST(INSTALL_SSH_RAND_HELPER)
2298
2299### Configuration of ssh-rand-helper
2300
2301# PRNGD TCP socket
2302AC_ARG_WITH(prngd-port,
2303 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2304 [
2305 case "$withval" in
2306 no)
2307 withval=""
2308 ;;
2309 [[0-9]]*)
2310 ;;
2311 *)
2312 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2313 ;;
2314 esac
2315 if test ! -z "$withval" ; then
2316 PRNGD_PORT="$withval"
08822d99 2317 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2318 [Port number of PRNGD/EGD random number socket])
e9702f7d 2319 fi
2320 ]
2321)
2322
2323# PRNGD Unix domain socket
2324AC_ARG_WITH(prngd-socket,
2325 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2326 [
2327 case "$withval" in
2328 yes)
2329 withval="/var/run/egd-pool"
2330 ;;
2331 no)
2332 withval=""
2333 ;;
2334 /*)
2335 ;;
2336 *)
2337 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2338 ;;
2339 esac
2340
2341 if test ! -z "$withval" ; then
2342 if test ! -z "$PRNGD_PORT" ; then
2343 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2344 fi
2345 if test ! -r "$withval" ; then
2346 AC_MSG_WARN(Entropy socket is not readable)
2347 fi
2348 PRNGD_SOCKET="$withval"
08822d99 2349 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2350 [Location of PRNGD/EGD random number socket])
e9702f7d 2351 fi
2352 ],
2353 [
2354 # Check for existing socket only if we don't have a random device already
2355 if test "$USE_RAND_HELPER" = yes ; then
2356 AC_MSG_CHECKING(for PRNGD/EGD socket)
2357 # Insert other locations here
2358 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2359 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2360 PRNGD_SOCKET="$sock"
2361 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2362 break;
2363 fi
2364 done
2365 if test ! -z "$PRNGD_SOCKET" ; then
2366 AC_MSG_RESULT($PRNGD_SOCKET)
2367 else
2368 AC_MSG_RESULT(not found)
2369 fi
2370 fi
2371 ]
2372)
2373
2374# Change default command timeout for hashing entropy source
2375entropy_timeout=200
2376AC_ARG_WITH(entropy-timeout,
2377 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2378 [
8b32eddc 2379 if test -n "$withval" && test "x$withval" != "xno" && \
2380 test "x${withval}" != "xyes"; then
e9702f7d 2381 entropy_timeout=$withval
2382 fi
8b32eddc 2383 ]
e9702f7d 2384)
08822d99 2385AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2386 [Builtin PRNG command timeout])
e9702f7d 2387
276b07a3 2388SSH_PRIVSEP_USER=sshd
350391c5 2389AC_ARG_WITH(privsep-user,
2390 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2391 [
8b32eddc 2392 if test -n "$withval" && test "x$withval" != "xno" && \
2393 test "x${withval}" != "xyes"; then
276b07a3 2394 SSH_PRIVSEP_USER=$withval
350391c5 2395 fi
8b32eddc 2396 ]
350391c5 2397)
08822d99 2398AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2399 [non-privileged user for privilege separation])
276b07a3 2400AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2401
2402# We do this little dance with the search path to insure
2403# that programs that we select for use by installed programs
2404# (which may be run by the super-user) come from trusted
2405# locations before they come from the user's private area.
2406# This should help avoid accidentally configuring some
2407# random version of a program in someone's personal bin.
2408
2409OPATH=$PATH
2410PATH=/bin:/usr/bin
2411test -h /bin 2> /dev/null && PATH=/usr/bin
2412test -d /sbin && PATH=$PATH:/sbin
2413test -d /usr/sbin && PATH=$PATH:/usr/sbin
2414PATH=$PATH:/etc:$OPATH
2415
540d72c3 2416# These programs are used by the command hashing source to gather entropy
e9702f7d 2417OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2418OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2419OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2420OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2421OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2422OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2423OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2424OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2425OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2426OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2427OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2428OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2429OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2430OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2431OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2432OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2433# restore PATH
2434PATH=$OPATH
e9702f7d 2435
2436# Where does ssh-rand-helper get its randomness from?
2437INSTALL_SSH_PRNG_CMDS=""
2438if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2439 if test ! -z "$PRNGD_PORT" ; then
2440 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2441 elif test ! -z "$PRNGD_SOCKET" ; then
2442 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2443 else
2444 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2445 RAND_HELPER_CMDHASH=yes
2446 INSTALL_SSH_PRNG_CMDS="yes"
2447 fi
2448fi
2449AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2450
2451
3c0ef626 2452# Cheap hack to ensure NEWS-OS libraries are arranged right.
2453if test ! -z "$SONY" ; then
2454 LIBS="$LIBS -liberty";
2455fi
2456
08822d99 2457# Check for long long datatypes
2458AC_CHECK_TYPES([long long, unsigned long long, long double])
2459
2460# Check datatype sizes
3c0ef626 2461AC_CHECK_SIZEOF(char, 1)
2462AC_CHECK_SIZEOF(short int, 2)
2463AC_CHECK_SIZEOF(int, 4)
2464AC_CHECK_SIZEOF(long int, 4)
2465AC_CHECK_SIZEOF(long long int, 8)
2466
350391c5 2467# Sanity check long long for some platforms (AIX)
2468if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2469 ac_cv_sizeof_long_long_int=0
2470fi
2471
08822d99 2472# compute LLONG_MIN and LLONG_MAX if we don't know them.
2473if test -z "$have_llong_max"; then
2474 AC_MSG_CHECKING([for max value of long long])
2475 AC_RUN_IFELSE(
2476 [AC_LANG_SOURCE([[
2477#include <stdio.h>
2478/* Why is this so damn hard? */
2479#ifdef __GNUC__
2480# undef __GNUC__
2481#endif
2482#define __USE_ISOC99
2483#include <limits.h>
2484#define DATA "conftest.llminmax"
30460aeb 2485#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2486
2487/*
2488 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2489 * we do this the hard way.
2490 */
2491static int
2492fprint_ll(FILE *f, long long n)
2493{
2494 unsigned int i;
2495 int l[sizeof(long long) * 8];
2496
2497 if (n < 0)
2498 if (fprintf(f, "-") < 0)
2499 return -1;
2500 for (i = 0; n != 0; i++) {
2501 l[i] = my_abs(n % 10);
2502 n /= 10;
2503 }
2504 do {
2505 if (fprintf(f, "%d", l[--i]) < 0)
2506 return -1;
2507 } while (i != 0);
2508 if (fprintf(f, " ") < 0)
2509 return -1;
2510 return 0;
2511}
2512
08822d99 2513int main(void) {
2514 FILE *f;
2515 long long i, llmin, llmax = 0;
2516
2517 if((f = fopen(DATA,"w")) == NULL)
2518 exit(1);
2519
2520#if defined(LLONG_MIN) && defined(LLONG_MAX)
2521 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2522 llmin = LLONG_MIN;
2523 llmax = LLONG_MAX;
2524#else
2525 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2526 /* This will work on one's complement and two's complement */
2527 for (i = 1; i > llmax; i <<= 1, i++)
2528 llmax = i;
2529 llmin = llmax + 1LL; /* wrap */
2530#endif
2531
2532 /* Sanity check */
2533 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
30460aeb 2534 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2535 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
08822d99 2536 fprintf(f, "unknown unknown\n");
2537 exit(2);
2538 }
2539
30460aeb 2540 if (fprint_ll(f, llmin) < 0)
08822d99 2541 exit(3);
30460aeb 2542 if (fprint_ll(f, llmax) < 0)
2543 exit(4);
2544 if (fclose(f) < 0)
2545 exit(5);
08822d99 2546 exit(0);
2547}
2548 ]])],
2549 [
2550 llong_min=`$AWK '{print $1}' conftest.llminmax`
2551 llong_max=`$AWK '{print $2}' conftest.llminmax`
2552
08822d99 2553 AC_MSG_RESULT($llong_max)
2554 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2555 [max value of long long calculated by configure])
2556 AC_MSG_CHECKING([for min value of long long])
2557 AC_MSG_RESULT($llong_min)
2558 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2559 [min value of long long calculated by configure])
2560 ],
2561 [
2562 AC_MSG_RESULT(not found)
2563 ],
2564 [
2565 AC_MSG_WARN([cross compiling: not checking])
2566 ]
2567 )
2568fi
2569
2570
3c0ef626 2571# More checks for data types
2572AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2573 AC_TRY_COMPILE(
540d72c3 2574 [ #include <sys/types.h> ],
2575 [ u_int a; a = 1;],
3c0ef626 2576 [ ac_cv_have_u_int="yes" ],
2577 [ ac_cv_have_u_int="no" ]
2578 )
2579])
2580if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2581 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2582 have_u_int=1
2583fi
2584
2585AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2586 AC_TRY_COMPILE(
540d72c3 2587 [ #include <sys/types.h> ],
2588 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2589 [ ac_cv_have_intxx_t="yes" ],
2590 [ ac_cv_have_intxx_t="no" ]
2591 )
2592])
2593if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2594 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2595 have_intxx_t=1
2596fi
2597
2598if (test -z "$have_intxx_t" && \
540d72c3 2599 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2600then
2601 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2602 AC_TRY_COMPILE(
540d72c3 2603 [ #include <stdint.h> ],
2604 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2605 [
2606 AC_DEFINE(HAVE_INTXX_T)
2607 AC_MSG_RESULT(yes)
2608 ],
2609 [ AC_MSG_RESULT(no) ]
2610 )
2611fi
2612
2613AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2614 AC_TRY_COMPILE(
d03f4262 2615 [
2616#include <sys/types.h>
2617#ifdef HAVE_STDINT_H
2618# include <stdint.h>
2619#endif
2620#include <sys/socket.h>
2621#ifdef HAVE_SYS_BITYPES_H
2622# include <sys/bitypes.h>
2623#endif
540d72c3 2624 ],
2625 [ int64_t a; a = 1;],
3c0ef626 2626 [ ac_cv_have_int64_t="yes" ],
2627 [ ac_cv_have_int64_t="no" ]
2628 )
2629])
2630if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2631 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2632fi
2633
3c0ef626 2634AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2635 AC_TRY_COMPILE(
540d72c3 2636 [ #include <sys/types.h> ],
2637 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2638 [ ac_cv_have_u_intxx_t="yes" ],
2639 [ ac_cv_have_u_intxx_t="no" ]
2640 )
2641])
2642if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2643 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2644 have_u_intxx_t=1
2645fi
2646
2647if test -z "$have_u_intxx_t" ; then
2648 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2649 AC_TRY_COMPILE(
540d72c3 2650 [ #include <sys/socket.h> ],
2651 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2652 [
2653 AC_DEFINE(HAVE_U_INTXX_T)
2654 AC_MSG_RESULT(yes)
2655 ],
2656 [ AC_MSG_RESULT(no) ]
2657 )
2658fi
2659
2660AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2661 AC_TRY_COMPILE(
540d72c3 2662 [ #include <sys/types.h> ],
2663 [ u_int64_t a; a = 1;],
3c0ef626 2664 [ ac_cv_have_u_int64_t="yes" ],
2665 [ ac_cv_have_u_int64_t="no" ]
2666 )
2667])
2668if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2669 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2670 have_u_int64_t=1
2671fi
2672
e9702f7d 2673if test -z "$have_u_int64_t" ; then
2674 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2675 AC_TRY_COMPILE(
540d72c3 2676 [ #include <sys/bitypes.h> ],
e9702f7d 2677 [ u_int64_t a; a = 1],
2678 [
2679 AC_DEFINE(HAVE_U_INT64_T)
2680 AC_MSG_RESULT(yes)
2681 ],
2682 [ AC_MSG_RESULT(no) ]
2683 )
2684fi
2685
3c0ef626 2686if test -z "$have_u_intxx_t" ; then
2687 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2688 AC_TRY_COMPILE(
2689 [
2690#include <sys/types.h>
540d72c3 2691 ],
2692 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2693 [ ac_cv_have_uintxx_t="yes" ],
2694 [ ac_cv_have_uintxx_t="no" ]
2695 )
2696 ])
2697 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2698 AC_DEFINE(HAVE_UINTXX_T, 1,
2699 [define if you have uintxx_t data type])
3c0ef626 2700 fi
2701fi
2702
2703if test -z "$have_uintxx_t" ; then
2704 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2705 AC_TRY_COMPILE(
540d72c3 2706 [ #include <stdint.h> ],
2707 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2708 [
2709 AC_DEFINE(HAVE_UINTXX_T)
2710 AC_MSG_RESULT(yes)
2711 ],
2712 [ AC_MSG_RESULT(no) ]
2713 )
2714fi
2715
2716if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2717 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2718then
2719 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2720 AC_TRY_COMPILE(
2721 [
2722#include <sys/bitypes.h>
540d72c3 2723 ],
3c0ef626 2724 [
2725 int8_t a; int16_t b; int32_t c;
2726 u_int8_t e; u_int16_t f; u_int32_t g;
2727 a = b = c = e = f = g = 1;
540d72c3 2728 ],
3c0ef626 2729 [
2730 AC_DEFINE(HAVE_U_INTXX_T)
2731 AC_DEFINE(HAVE_INTXX_T)
2732 AC_MSG_RESULT(yes)
2733 ],
2734 [AC_MSG_RESULT(no)]
540d72c3 2735 )
3c0ef626 2736fi
2737
2738
2739AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2740 AC_TRY_COMPILE(
2741 [
2742#include <sys/types.h>
2743 ],
2744 [ u_char foo; foo = 125; ],
2745 [ ac_cv_have_u_char="yes" ],
2746 [ ac_cv_have_u_char="no" ]
2747 )
2748])
2749if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2750 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2751fi
2752
2753TYPE_SOCKLEN_T
2754
e9702f7d 2755AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2756
dfddba3d 2757AC_CHECK_TYPES(in_addr_t,,,
2758[#include <sys/types.h>
2759#include <netinet/in.h>])
2760
3c0ef626 2761AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2762 AC_TRY_COMPILE(
2763 [
2764#include <sys/types.h>
2765 ],
2766 [ size_t foo; foo = 1235; ],
2767 [ ac_cv_have_size_t="yes" ],
2768 [ ac_cv_have_size_t="no" ]
2769 )
2770])
2771if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2772 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2773fi
2774
2775AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2776 AC_TRY_COMPILE(
2777 [
2778#include <sys/types.h>
2779 ],
2780 [ ssize_t foo; foo = 1235; ],
2781 [ ac_cv_have_ssize_t="yes" ],
2782 [ ac_cv_have_ssize_t="no" ]
2783 )
2784])
2785if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2786 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2787fi
2788
2789AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2790 AC_TRY_COMPILE(
2791 [
2792#include <time.h>
2793 ],
2794 [ clock_t foo; foo = 1235; ],
2795 [ ac_cv_have_clock_t="yes" ],
2796 [ ac_cv_have_clock_t="no" ]
2797 )
2798])
2799if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2800 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2801fi
2802
2803AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2804 AC_TRY_COMPILE(
2805 [
2806#include <sys/types.h>
2807#include <sys/socket.h>
2808 ],
2809 [ sa_family_t foo; foo = 1235; ],
2810 [ ac_cv_have_sa_family_t="yes" ],
2811 [ AC_TRY_COMPILE(
2812 [
2813#include <sys/types.h>
2814#include <sys/socket.h>
2815#include <netinet/in.h>
2816 ],
2817 [ sa_family_t foo; foo = 1235; ],
2818 [ ac_cv_have_sa_family_t="yes" ],
2819
2820 [ ac_cv_have_sa_family_t="no" ]
2821 )]
2822 )
2823])
2824if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2825 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2826 [define if you have sa_family_t data type])
3c0ef626 2827fi
2828
2829AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2830 AC_TRY_COMPILE(
2831 [
2832#include <sys/types.h>
2833 ],
2834 [ pid_t foo; foo = 1235; ],
2835 [ ac_cv_have_pid_t="yes" ],
2836 [ ac_cv_have_pid_t="no" ]
2837 )
2838])
2839if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2840 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2841fi
2842
2843AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2844 AC_TRY_COMPILE(
2845 [
2846#include <sys/types.h>
2847 ],
2848 [ mode_t foo; foo = 1235; ],
2849 [ ac_cv_have_mode_t="yes" ],
2850 [ ac_cv_have_mode_t="no" ]
2851 )
2852])
2853if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2854 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2855fi
2856
2857
2858AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2859 AC_TRY_COMPILE(
2860 [
2861#include <sys/types.h>
2862#include <sys/socket.h>
2863 ],
2864 [ struct sockaddr_storage s; ],
2865 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2866 [ ac_cv_have_struct_sockaddr_storage="no" ]
2867 )
2868])
2869if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2870 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2871 [define if you have struct sockaddr_storage data type])
3c0ef626 2872fi
2873
2874AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2875 AC_TRY_COMPILE(
2876 [
2877#include <sys/types.h>
2878#include <netinet/in.h>
2879 ],
2880 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2881 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2882 [ ac_cv_have_struct_sockaddr_in6="no" ]
2883 )
2884])
2885if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2886 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2887 [define if you have struct sockaddr_in6 data type])
3c0ef626 2888fi
2889
2890AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2891 AC_TRY_COMPILE(
2892 [
2893#include <sys/types.h>
2894#include <netinet/in.h>
2895 ],
2896 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2897 [ ac_cv_have_struct_in6_addr="yes" ],
2898 [ ac_cv_have_struct_in6_addr="no" ]
2899 )
2900])
2901if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2902 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2903 [define if you have struct in6_addr data type])
3c0ef626 2904fi
2905
2906AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2907 AC_TRY_COMPILE(
2908 [
2909#include <sys/types.h>
2910#include <sys/socket.h>
2911#include <netdb.h>
2912 ],
2913 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2914 [ ac_cv_have_struct_addrinfo="yes" ],
2915 [ ac_cv_have_struct_addrinfo="no" ]
2916 )
2917])
2918if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2919 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2920 [define if you have struct addrinfo data type])
3c0ef626 2921fi
2922
2923AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2924 AC_TRY_COMPILE(
540d72c3 2925 [ #include <sys/time.h> ],
2926 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2927 [ ac_cv_have_struct_timeval="yes" ],
2928 [ ac_cv_have_struct_timeval="no" ]
2929 )
2930])
2931if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2932 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2933 have_struct_timeval=1
2934fi
2935
bfe49944 2936AC_CHECK_TYPES(struct timespec)
2937
2938# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2939if test "x$ac_cv_have_int64_t" = "xno" && \
2940 test "x$ac_cv_sizeof_long_int" != "x8" && \
2941 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2942 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2943 echo "an alternative compiler (I.E., GCC) before continuing."
2944 echo ""
2945 exit 1;
3c0ef626 2946else
2947dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2948 AC_RUN_IFELSE(
2949 [AC_LANG_SOURCE([[
3c0ef626 2950#include <stdio.h>
2951#include <string.h>
2952#ifdef HAVE_SNPRINTF
2953main()
2954{
2955 char buf[50];
2956 char expected_out[50];
2957 int mazsize = 50 ;
2958#if (SIZEOF_LONG_INT == 8)
2959 long int num = 0x7fffffffffffffff;
2960#else
2961 long long num = 0x7fffffffffffffffll;
2962#endif
2963 strcpy(expected_out, "9223372036854775807");
2964 snprintf(buf, mazsize, "%lld", num);
2965 if(strcmp(buf, expected_out) != 0)
540d72c3 2966 exit(1);
3c0ef626 2967 exit(0);
2968}
2969#else
2970main() { exit(0); }
2971#endif
dfddba3d 2972 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2973 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2974 )
2975fi
3c0ef626 2976
2977dnl Checks for structure members
2978OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2979OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2980OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2981OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2982OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2983OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2984OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2985OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2986OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2987OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2988OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2989OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2990OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2991OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2992OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2993OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2994OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2995
2996AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 2997AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2998 [Define if we don't have struct __res_state in resolv.h])],
2999[
3000#include <stdio.h>
3001#if HAVE_SYS_TYPES_H
3002# include <sys/types.h>
3003#endif
3004#include <netinet/in.h>
3005#include <arpa/nameser.h>
3006#include <resolv.h>
3007])
3c0ef626 3008
3009AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
3010 ac_cv_have_ss_family_in_struct_ss, [
3011 AC_TRY_COMPILE(
3012 [
3013#include <sys/types.h>
3014#include <sys/socket.h>
3015 ],
3016 [ struct sockaddr_storage s; s.ss_family = 1; ],
3017 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
3018 [ ac_cv_have_ss_family_in_struct_ss="no" ],
3019 )
3020])
3021if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 3022 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 3023fi
3024
3025AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
3026 ac_cv_have___ss_family_in_struct_ss, [
3027 AC_TRY_COMPILE(
3028 [
3029#include <sys/types.h>
3030#include <sys/socket.h>
3031 ],
3032 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3033 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3034 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3035 )
3036])
3037if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 3038 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3039 [Fields in struct sockaddr_storage])
3c0ef626 3040fi
3041
3042AC_CACHE_CHECK([for pw_class field in struct passwd],
3043 ac_cv_have_pw_class_in_struct_passwd, [
3044 AC_TRY_COMPILE(
3045 [
3046#include <pwd.h>
3047 ],
3048 [ struct passwd p; p.pw_class = 0; ],
3049 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3050 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3051 )
3052])
3053if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 3054 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3055 [Define if your password has a pw_class field])
3c0ef626 3056fi
3057
3058AC_CACHE_CHECK([for pw_expire field in struct passwd],
3059 ac_cv_have_pw_expire_in_struct_passwd, [
3060 AC_TRY_COMPILE(
3061 [
3062#include <pwd.h>
3063 ],
3064 [ struct passwd p; p.pw_expire = 0; ],
3065 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3066 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3067 )
3068])
3069if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 3070 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3071 [Define if your password has a pw_expire field])
3c0ef626 3072fi
3073
3074AC_CACHE_CHECK([for pw_change field in struct passwd],
3075 ac_cv_have_pw_change_in_struct_passwd, [
3076 AC_TRY_COMPILE(
3077 [
3078#include <pwd.h>
3079 ],
3080 [ struct passwd p; p.pw_change = 0; ],
3081 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3082 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3083 )
3084])
3085if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 3086 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3087 [Define if your password has a pw_change field])
3c0ef626 3088fi
3089
541874c2 3090dnl make sure we're using the real structure members and not defines
350391c5 3091AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3092 ac_cv_have_accrights_in_msghdr, [
dfddba3d 3093 AC_COMPILE_IFELSE(
350391c5 3094 [
3095#include <sys/types.h>
3096#include <sys/socket.h>
3097#include <sys/uio.h>
541874c2 3098int main() {
3099#ifdef msg_accrights
dfddba3d 3100#error "msg_accrights is a macro"
541874c2 3101exit(1);
3102#endif
3103struct msghdr m;
3104m.msg_accrights = 0;
3105exit(0);
3106}
350391c5 3107 ],
350391c5 3108 [ ac_cv_have_accrights_in_msghdr="yes" ],
3109 [ ac_cv_have_accrights_in_msghdr="no" ]
3110 )
3111])
3112if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 3113 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3114 [Define if your system uses access rights style
3115 file descriptor passing])
350391c5 3116fi
3117
3118AC_CACHE_CHECK([for msg_control field in struct msghdr],
3119 ac_cv_have_control_in_msghdr, [
dfddba3d 3120 AC_COMPILE_IFELSE(
350391c5 3121 [
3122#include <sys/types.h>
3123#include <sys/socket.h>
3124#include <sys/uio.h>
541874c2 3125int main() {
3126#ifdef msg_control
dfddba3d 3127#error "msg_control is a macro"
541874c2 3128exit(1);
3129#endif
3130struct msghdr m;
3131m.msg_control = 0;
3132exit(0);
3133}
350391c5 3134 ],
350391c5 3135 [ ac_cv_have_control_in_msghdr="yes" ],
3136 [ ac_cv_have_control_in_msghdr="no" ]
3137 )
3138])
3139if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 3140 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3141 [Define if your system uses ancillary data style
3142 file descriptor passing])
350391c5 3143fi
3144
3c0ef626 3145AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 3146 AC_TRY_LINK([],
3147 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3148 [ ac_cv_libc_defines___progname="yes" ],
3149 [ ac_cv_libc_defines___progname="no" ]
3150 )
3151])
3152if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 3153 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3154fi
3155
350391c5 3156AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3157 AC_TRY_LINK([
3158#include <stdio.h>
540d72c3 3159],
3160 [ printf("%s", __FUNCTION__); ],
350391c5 3161 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3162 [ ac_cv_cc_implements___FUNCTION__="no" ]
3163 )
3164])
3165if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 3166 AC_DEFINE(HAVE___FUNCTION__, 1,
3167 [Define if compiler implements __FUNCTION__])
350391c5 3168fi
3169
3170AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3171 AC_TRY_LINK([
3172#include <stdio.h>
540d72c3 3173],
3174 [ printf("%s", __func__); ],
350391c5 3175 [ ac_cv_cc_implements___func__="yes" ],
3176 [ ac_cv_cc_implements___func__="no" ]
3177 )
3178])
3179if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 3180 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3181fi
3182
3183AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3184 AC_TRY_LINK(
3185 [#include <stdarg.h>
3186 va_list x,y;],
3187 [va_copy(x,y);],
3188 [ ac_cv_have_va_copy="yes" ],
3189 [ ac_cv_have_va_copy="no" ]
3190 )
3191])
3192if test "x$ac_cv_have_va_copy" = "xyes" ; then
3193 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3194fi
3195
3196AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3197 AC_TRY_LINK(
3198 [#include <stdarg.h>
3199 va_list x,y;],
3200 [__va_copy(x,y);],
3201 [ ac_cv_have___va_copy="yes" ],
3202 [ ac_cv_have___va_copy="no" ]
3203 )
3204])
3205if test "x$ac_cv_have___va_copy" = "xyes" ; then
3206 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 3207fi
3208
3c0ef626 3209AC_CACHE_CHECK([whether getopt has optreset support],
3210 ac_cv_have_getopt_optreset, [
3211 AC_TRY_LINK(
3212 [
3213#include <getopt.h>
3214 ],
3215 [ extern int optreset; optreset = 0; ],
3216 [ ac_cv_have_getopt_optreset="yes" ],
3217 [ ac_cv_have_getopt_optreset="no" ]
3218 )
3219])
3220if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 3221 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3222 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3223fi
3224
3225AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 3226 AC_TRY_LINK([],
3227 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3228 [ ac_cv_libc_defines_sys_errlist="yes" ],
3229 [ ac_cv_libc_defines_sys_errlist="no" ]
3230 )
3231])
3232if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 3233 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3234 [Define if your system defines sys_errlist[]])
3c0ef626 3235fi
3236
3237
3238AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3239 AC_TRY_LINK([],
3240 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3241 [ ac_cv_libc_defines_sys_nerr="yes" ],
3242 [ ac_cv_libc_defines_sys_nerr="no" ]
3243 )
3244])
3245if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3246 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3247fi
3248
540d72c3 3249SCARD_MSG="no"
350391c5 3250# Check whether user wants sectok support
3251AC_ARG_WITH(sectok,
3252 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3253 [
3254 if test "x$withval" != "xno" ; then
3255 if test "x$withval" != "xyes" ; then
3256 CPPFLAGS="$CPPFLAGS -I${withval}"
3257 LDFLAGS="$LDFLAGS -L${withval}"
3258 if test ! -z "$need_dash_r" ; then
3259 LDFLAGS="$LDFLAGS -R${withval}"
3260 fi
3261 if test ! -z "$blibpath" ; then
3262 blibpath="$blibpath:${withval}"
3263 fi
3264 fi
3265 AC_CHECK_HEADERS(sectok.h)
3266 if test "$ac_cv_header_sectok_h" != yes; then
3267 AC_MSG_ERROR(Can't find sectok.h)
3268 fi
3269 AC_CHECK_LIB(sectok, sectok_open)
3270 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3271 AC_MSG_ERROR(Can't find libsectok)
3272 fi
08822d99 3273 AC_DEFINE(SMARTCARD, 1,
3274 [Define if you want smartcard support])
3275 AC_DEFINE(USE_SECTOK, 1,
3276 [Define if you want smartcard support
3277 using sectok])
540d72c3 3278 SCARD_MSG="yes, using sectok"
3c0ef626 3279 fi
3280 ]
3281)
3282
350391c5 3283# Check whether user wants OpenSC support
8b32eddc 3284OPENSC_CONFIG="no"
350391c5 3285AC_ARG_WITH(opensc,
08822d99 3286 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3287 [
3288 if test "x$withval" != "xno" ; then
3289 if test "x$withval" != "xyes" ; then
3290 OPENSC_CONFIG=$withval/bin/opensc-config
3291 else
3292 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3293 fi
3294 if test "$OPENSC_CONFIG" != "no"; then
3295 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3296 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3297 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
30460aeb 3298 LIBS="$LIBS $LIBOPENSC_LIBS"
8b32eddc 3299 AC_DEFINE(SMARTCARD)
08822d99 3300 AC_DEFINE(USE_OPENSC, 1,
3301 [Define if you want smartcard support
3302 using OpenSC])
8b32eddc 3303 SCARD_MSG="yes, using OpenSC"
3304 fi
3305 fi
3306 ]
3307)
350391c5 3308
540d72c3 3309# Check libraries needed by DNS fingerprint support
3310AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3311 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3312 [Define if getrrsetbyname() exists])],
7cac2b65 3313 [
540d72c3 3314 # Needed by our getrrsetbyname()
3315 AC_SEARCH_LIBS(res_query, resolv)
3316 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3317 AC_MSG_CHECKING(if res_query will link)
3318 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3319 [AC_MSG_RESULT(no)
3320 saved_LIBS="$LIBS"
3321 LIBS="$LIBS -lresolv"
3322 AC_MSG_CHECKING(for res_query in -lresolv)
3323 AC_LINK_IFELSE([
3324#include <resolv.h>
3325int main()
3326{
3327 res_query (0, 0, 0, 0, 0);
3328 return 0;
3329}
3330 ],
3331 [LIBS="$LIBS -lresolv"
3332 AC_MSG_RESULT(yes)],
3333 [LIBS="$saved_LIBS"
3334 AC_MSG_RESULT(no)])
3335 ])
540d72c3 3336 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3337 AC_CHECK_DECLS([_getshort, _getlong], , ,
3338 [#include <sys/types.h>
3339 #include <arpa/nameser.h>])
540d72c3 3340 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3341 [AC_DEFINE(HAVE_HEADER_AD, 1,
3342 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3343 [#include <arpa/nameser.h>])
3344 ])
7cac2b65 3345
fa0f0f45 3346AC_MSG_CHECKING(if struct __res_state _res is an extern)
3347AC_LINK_IFELSE([
3348#include <stdio.h>
3349#if HAVE_SYS_TYPES_H
3350# include <sys/types.h>
3351#endif
3352#include <netinet/in.h>
3353#include <arpa/nameser.h>
3354#include <resolv.h>
3355extern struct __res_state _res;
3356int main() { return 0; }
3357 ],
3358 [AC_MSG_RESULT(yes)
3359 AC_DEFINE(HAVE__RES_EXTERN, 1,
3360 [Define if you have struct __res_state _res as an extern])
3361 ],
3362 [ AC_MSG_RESULT(no) ]
3363)
3364
30460aeb 3365# Check whether user wants SELinux support
3366SELINUX_MSG="no"
3367LIBSELINUX=""
3368AC_ARG_WITH(selinux,
3369 [ --with-selinux Enable SELinux support],
3370 [ if test "x$withval" != "xno" ; then
fa0f0f45 3371 save_LIBS="$LIBS"
30460aeb 3372 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3373 SELINUX_MSG="yes"
3374 AC_CHECK_HEADER([selinux/selinux.h], ,
3375 AC_MSG_ERROR(SELinux support requires selinux.h header))
3376 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3377 AC_MSG_ERROR(SELinux support requires libselinux library))
fa0f0f45 3378 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
30460aeb 3379 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
240debe0 3380 LIBS="$save_LIBS"
30460aeb 3381 fi ]
3382)
30460aeb 3383
63119dd9 3384# Check whether user wants Kerberos 5 support
540d72c3 3385KRB5_MSG="no"
63119dd9 3386AC_ARG_WITH(kerberos5,
540d72c3 3387 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3388 [ if test "x$withval" != "xno" ; then
3389 if test "x$withval" = "xyes" ; then
3390 KRB5ROOT="/usr/local"
3391 else
3392 KRB5ROOT=${withval}
3393 fi
3394
08822d99 3395 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3396 KRB5_MSG="yes"
3397
3398 AC_MSG_CHECKING(for krb5-config)
3399 if test -x $KRB5ROOT/bin/krb5-config ; then
3400 KRB5CONF=$KRB5ROOT/bin/krb5-config
3401 AC_MSG_RESULT($KRB5CONF)
3402
3403 AC_MSG_CHECKING(for gssapi support)
3404 if $KRB5CONF | grep gssapi >/dev/null ; then
3405 AC_MSG_RESULT(yes)
08822d99 3406 AC_DEFINE(GSSAPI, 1,
3407 [Define this if you want GSSAPI
3408 support in the version 2 protocol])
540d72c3 3409 k5confopts=gssapi
3410 else
3411 AC_MSG_RESULT(no)
3412 k5confopts=""
3413 fi
3414 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3415 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3416 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3417 AC_MSG_CHECKING(whether we are using Heimdal)
3418 AC_TRY_COMPILE([ #include <krb5.h> ],
3419 [ char *tmp = heimdal_version; ],
3420 [ AC_MSG_RESULT(yes)
08822d99 3421 AC_DEFINE(HEIMDAL, 1,
3422 [Define this if you are using the
3423 Heimdal version of Kerberos V5]) ],
540d72c3 3424 AC_MSG_RESULT(no)
3425 )
3426 else
3427 AC_MSG_RESULT(no)
63119dd9 3428 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3429 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3430 AC_MSG_CHECKING(whether we are using Heimdal)
3431 AC_TRY_COMPILE([ #include <krb5.h> ],
3432 [ char *tmp = heimdal_version; ],
3433 [ AC_MSG_RESULT(yes)
3434 AC_DEFINE(HEIMDAL)
7e82606e 3435 K5LIBS="-lkrb5 -ldes"
3436 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3437 AC_CHECK_LIB(roken, net_write,
7e82606e 3438 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3439 ],
3440 [ AC_MSG_RESULT(no)
3441 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3442 ]
3443 )
7cac2b65 3444 AC_SEARCH_LIBS(dn_expand, resolv)
3445
3446 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3447 [ AC_DEFINE(GSSAPI)
3448 K5LIBS="-lgssapi $K5LIBS" ],
3449 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3450 [ AC_DEFINE(GSSAPI)
540d72c3 3451 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3452 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3453 $K5LIBS)
3454 ],
3455 $K5LIBS)
8b32eddc 3456
7cac2b65 3457 AC_CHECK_HEADER(gssapi.h, ,
3458 [ unset ac_cv_header_gssapi_h
540d72c3 3459 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3460 AC_CHECK_HEADERS(gssapi.h, ,
3461 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3462 )
7cac2b65 3463 ]
3464 )
3465
3466 oldCPP="$CPPFLAGS"
3467 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3468 AC_CHECK_HEADER(gssapi_krb5.h, ,
3469 [ CPPFLAGS="$oldCPP" ])
63119dd9 3470
1c89237d 3471 # If we're using some other GSSAPI
3472 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3473 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3474 fi
5598e598 3475
540d72c3 3476 if test -z "$GSSAPI"; then
3477 GSSAPI="KRB5";
3478 fi
1c89237d 3479
5598e598 3480 oldCPP="$CPPFLAGS"
3481 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3482 AC_CHECK_HEADER(gssapi_krb5.h, ,
3483 [ CPPFLAGS="$oldCPP" ])
3484
63119dd9 3485 fi
540d72c3 3486 if test ! -z "$need_dash_r" ; then
3487 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3488 fi
3489 if test ! -z "$blibpath" ; then
3490 blibpath="$blibpath:${KRB5ROOT}/lib"
3491 fi
540d72c3 3492
08822d99 3493 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3494 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3495 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3496
08822d99 3497 LIBS="$LIBS $K5LIBS"
3498 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3499 [Define this if you want to use libkafs' AFS support]))
3500 fi
540d72c3 3501 ]
63119dd9 3502)
3c0ef626 3503
62eb343a 3504# Check whether user wants AFS_KRB5 support
3505AFS_KRB5_MSG="no"
3506AC_ARG_WITH(afs-krb5,
3507 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3508 [
3509 if test "x$withval" != "xno" ; then
3510
3511 if test "x$withval" != "xyes" ; then
08822d99 3512 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3513 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3514 else
08822d99 3515 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3516 "/usr/bin/aklog",
3517 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3518 fi
3519
540d72c3 3520 if test -z "$KRB5ROOT" ; then
62eb343a 3521 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3522 fi
3523
0a00e8f9 3524 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3525 if test ! -z "$AFS_LIBS" ; then
3526 LIBS="$LIBS $AFS_LIBS"
3527 fi
08822d99 3528 AC_DEFINE(AFS_KRB5, 1,
3529 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3530 AFS_KRB5_MSG="yes"
3531 fi
3532 ]
3533)
3c0ef626 3534
75be3237 3535AC_ARG_WITH(session-hooks,
3536 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3537 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3538)
3539
3c0ef626 3540# Looking for programs, paths and files
3c0ef626 3541
350391c5 3542PRIVSEP_PATH=/var/empty
3543AC_ARG_WITH(privsep-path,
d03f4262 3544 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3545 [
8b32eddc 3546 if test -n "$withval" && test "x$withval" != "xno" && \
3547 test "x${withval}" != "xyes"; then
350391c5 3548 PRIVSEP_PATH=$withval
3549 fi
3550 ]
3551)
3552AC_SUBST(PRIVSEP_PATH)
3553
3c0ef626 3554AC_ARG_WITH(xauth,
3555 [ --with-xauth=PATH Specify path to xauth program ],
3556 [
8b32eddc 3557 if test -n "$withval" && test "x$withval" != "xno" && \
3558 test "x${withval}" != "xyes"; then
3c0ef626 3559 xauth_path=$withval
3560 fi
3561 ],
3562 [
d03f4262 3563 TestPath="$PATH"
3564 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3565 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3566 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3567 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3568 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3569 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3570 xauth_path="/usr/openwin/bin/xauth"
3571 fi
3572 ]
3573)
3574
bfe49944 3575STRIP_OPT=-s
3576AC_ARG_ENABLE(strip,
3577 [ --disable-strip Disable calling strip(1) on install],
3578 [
3579 if test "x$enableval" = "xno" ; then
3580 STRIP_OPT=
3581 fi
3582 ]
3583)
3584AC_SUBST(STRIP_OPT)
3585
3c0ef626 3586if test -z "$xauth_path" ; then
3587 XAUTH_PATH="undefined"
3588 AC_SUBST(XAUTH_PATH)
3589else
08822d99 3590 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3591 [Define if xauth is found in your path])
3c0ef626 3592 XAUTH_PATH=$xauth_path
3593 AC_SUBST(XAUTH_PATH)
3594fi
3c0ef626 3595
96764173 3596AC_CHECK_DECL(_PATH_BSHELL, ,
3597 AC_DEFINE_UNQUOTED(_PATH_BSHELL, "/bin/sh",
9c941fe4 3598 [Define to your C shell if not defined in paths.h]),
96764173 3599 [ #include <paths.h> ]
3600)
3601
3602AC_CHECK_DECL(_PATH_CSHELL, ,
3603 AC_DEFINE_UNQUOTED(_PATH_CSHELL, "/bin/csh",
9c941fe4 3604 [Define to your Bourne shell if not defined in paths.h]),
96764173 3605 [ #include <paths.h> ]
3606)
3607
3608AC_CHECK_DECL(_PATH_SHELLS, ,
16d6cee3 3609 AC_DEFINE_UNQUOTED(_PATH_SHELLS, "/etc/shells",
9c941fe4 3610 [Define to your shells file if not defined in paths.h]),
96764173 3611 [ #include <paths.h> ]
3612)
3613
3614# if _PATH_MAILDIR is in paths.h then we won't go hunting for it.
3615AC_CHECK_DECL(_PATH_MAILDIR,
3616 AC_DEFINE(PATH_MAILDIR_IN_PATHS_H, 1,
3617 [Define if _PATH_MAILDIR is in paths.h]),
3618 ,
3619 [ #include <paths.h> ]
3620)
3621
3c0ef626 3622# Check for mail directory (last resort if we cannot get it from headers)
3623if test ! -z "$MAIL" ; then
3624 maildir=`dirname $MAIL`
08822d99 3625 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3626 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3627fi
3628
dfddba3d 3629if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3630 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3631 disable_ptmx_check=yes
3632fi
3c0ef626 3633if test -z "$no_dev_ptmx" ; then
350391c5 3634 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3635 AC_CHECK_FILE("/dev/ptmx",
350391c5 3636 [
08822d99 3637 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3638 [Define if you have /dev/ptmx])
350391c5 3639 have_dev_ptmx=1
3640 ]
3641 )
3642 fi
3c0ef626 3643fi
dfddba3d 3644
3645if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3646 AC_CHECK_FILE("/dev/ptc",
3647 [
08822d99 3648 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3649 [Define if you have /dev/ptc])
dfddba3d 3650 have_dev_ptc=1
3651 ]
3652 )
3653else
3654 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3655fi
3c0ef626 3656
3657# Options from here on. Some of these are preset by platform above
3c0ef626 3658AC_ARG_WITH(mantype,
3659 [ --with-mantype=man|cat|doc Set man page type],
3660 [
3661 case "$withval" in
3662 man|cat|doc)
3663 MANTYPE=$withval
3664 ;;
3665 *)
3666 AC_MSG_ERROR(invalid man type: $withval)
3667 ;;
3668 esac
3669 ]
3670)
3671if test -z "$MANTYPE"; then
d03f4262 3672 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3673 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3674 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3675 MANTYPE=doc
3676 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3677 MANTYPE=man
3678 else
3679 MANTYPE=cat
3680 fi
3681fi
3682AC_SUBST(MANTYPE)
3683if test "$MANTYPE" = "doc"; then
3684 mansubdir=man;
3685else
3686 mansubdir=$MANTYPE;
3687fi
3688AC_SUBST(mansubdir)
3689
3690# Check whether to enable MD5 passwords
540d72c3 3691MD5_MSG="no"
3c0ef626 3692AC_ARG_WITH(md5-passwords,
3693 [ --with-md5-passwords Enable use of MD5 passwords],
3694 [
3695 if test "x$withval" != "xno" ; then
08822d99 3696 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3697 [Define if you want to allow MD5 passwords])
540d72c3 3698 MD5_MSG="yes"
3c0ef626 3699 fi
3700 ]
3701)
3702
3703# Whether to disable shadow password support
3704AC_ARG_WITH(shadow,
3705 [ --without-shadow Disable shadow password support],
3706 [
8b32eddc 3707 if test "x$withval" = "xno" ; then
3c0ef626 3708 AC_DEFINE(DISABLE_SHADOW)
3709 disable_shadow=yes
3710 fi
3711 ]
3712)
3713
3714if test -z "$disable_shadow" ; then
3715 AC_MSG_CHECKING([if the systems has expire shadow information])
3716 AC_TRY_COMPILE(
3717 [
3718#include <sys/types.h>
3719#include <shadow.h>
3720 struct spwd sp;
3721 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3722 [ sp_expire_available=yes ], []
3723 )
3724
3725 if test "x$sp_expire_available" = "xyes" ; then
3726 AC_MSG_RESULT(yes)
08822d99 3727 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3728 [Define if you want to use shadow password expire field])
3c0ef626 3729 else
3730 AC_MSG_RESULT(no)
3731 fi
3732fi
3733
3734# Use ip address instead of hostname in $DISPLAY
3735if test ! -z "$IPADDR_IN_DISPLAY" ; then
3736 DISPLAY_HACK_MSG="yes"
08822d99 3737 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3738 [Define if you need to use IP address
3739 instead of hostname in $DISPLAY])
3c0ef626 3740else
540d72c3 3741 DISPLAY_HACK_MSG="no"
3c0ef626 3742 AC_ARG_WITH(ipaddr-display,
3743 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3744 [
8b32eddc 3745 if test "x$withval" != "xno" ; then
3c0ef626 3746 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3747 DISPLAY_HACK_MSG="yes"
3c0ef626 3748 fi
3749 ]
3750 )
3751fi
3752
7cac2b65 3753# check for /etc/default/login and use it if present.
29d88157 3754AC_ARG_ENABLE(etc-default-login,
dfddba3d 3755 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3756 [ if test "x$enableval" = "xno"; then
3757 AC_MSG_NOTICE([/etc/default/login handling disabled])
3758 etc_default_login=no
3759 else
3760 etc_default_login=yes
3761 fi ],
08822d99 3762 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3763 then
3764 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3765 etc_default_login=no
3766 else
3767 etc_default_login=yes
3768 fi ]
dfddba3d 3769)
3770
3771if test "x$etc_default_login" != "xno"; then
3772 AC_CHECK_FILE("/etc/default/login",
3773 [ external_path_file=/etc/default/login ])
08822d99 3774 if test "x$external_path_file" = "x/etc/default/login"; then
3775 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3776 [Define if your system has /etc/default/login])
dfddba3d 3777 fi
7cac2b65 3778fi
3779
350391c5 3780dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3781if test $ac_cv_func_login_getcapbool = "yes" && \
3782 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3783 external_path_file=/etc/login.conf
350391c5 3784fi
7cac2b65 3785
3c0ef626 3786# Whether to mess with the default path
540d72c3 3787SERVER_PATH_MSG="(default)"
3c0ef626 3788AC_ARG_WITH(default-path,
350391c5 3789 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3790 [
7cac2b65 3791 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3792 AC_MSG_WARN([
3793--with-default-path=PATH has no effect on this system.
3794Edit /etc/login.conf instead.])
8b32eddc 3795 elif test "x$withval" != "xno" ; then
7cac2b65 3796 if test ! -z "$external_path_file" ; then
3797 AC_MSG_WARN([
3798--with-default-path=PATH will only be used if PATH is not defined in
3799$external_path_file .])
3800 fi
3c0ef626 3801 user_path="$withval"
540d72c3 3802 SERVER_PATH_MSG="$withval"
3c0ef626 3803 fi
3804 ],
7cac2b65 3805 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3806 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3807 else
7cac2b65 3808 if test ! -z "$external_path_file" ; then
3809 AC_MSG_WARN([
3810If PATH is defined in $external_path_file, ensure the path to scp is included,
3811otherwise scp will not work.])
3812 fi
08822d99 3813 AC_RUN_IFELSE(
3814 [AC_LANG_SOURCE([[
3c0ef626 3815/* find out what STDPATH is */
3816#include <stdio.h>
3817#ifdef HAVE_PATHS_H
3818# include <paths.h>
3819#endif
3820#ifndef _PATH_STDPATH
bfe49944 3821# ifdef _PATH_USERPATH /* Irix */
3822# define _PATH_STDPATH _PATH_USERPATH
3823# else
3824# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3825# endif
3c0ef626 3826#endif
3827#include <sys/types.h>
3828#include <sys/stat.h>
3829#include <fcntl.h>
3830#define DATA "conftest.stdpath"
3831
3832main()
3833{
3834 FILE *fd;
3835 int rc;
8b32eddc 3836
3c0ef626 3837 fd = fopen(DATA,"w");
3838 if(fd == NULL)
3839 exit(1);
8b32eddc 3840
3c0ef626 3841 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3842 exit(1);
3843
3844 exit(0);
3845}
08822d99 3846 ]])],
3847 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3848 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3849 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3850 )
3851# make sure $bindir is in USER_PATH so scp will work
3852 t_bindir=`eval echo ${bindir}`
3853 case $t_bindir in
3854 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3855 esac
3856 case $t_bindir in
3857 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3858 esac
3859 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3860 if test $? -ne 0 ; then
3861 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3862 if test $? -ne 0 ; then
3863 user_path=$user_path:$t_bindir
3864 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3865 fi
3866 fi
350391c5 3867 fi ]
3868)
7cac2b65 3869if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3870 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3871 AC_SUBST(user_path)
3872fi
3873
3874# Set superuser path separately to user path
350391c5 3875AC_ARG_WITH(superuser-path,
3876 [ --with-superuser-path= Specify different path for super-user],
3877 [
8b32eddc 3878 if test -n "$withval" && test "x$withval" != "xno" && \
3879 test "x${withval}" != "xyes"; then
08822d99 3880 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3881 [Define if you want a different $PATH
3882 for the superuser])
350391c5 3883 superuser_path=$withval
3884 fi
3c0ef626 3885 ]
3886)
350391c5 3887
3c0ef626 3888
3c0ef626 3889AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3890IPV4_IN6_HACK_MSG="no"
3c0ef626 3891AC_ARG_WITH(4in6,
3892 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3893 [
3894 if test "x$withval" != "xno" ; then
3895 AC_MSG_RESULT(yes)
08822d99 3896 AC_DEFINE(IPV4_IN_IPV6, 1,
3897 [Detect IPv4 in IPv6 mapped addresses
3898 and treat as IPv4])
540d72c3 3899 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3900 else
3901 AC_MSG_RESULT(no)
3902 fi
3903 ],[
3904 if test "x$inet6_default_4in6" = "xyes"; then
3905 AC_MSG_RESULT([yes (default)])
3906 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3907 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3908 else
3909 AC_MSG_RESULT([no (default)])
3910 fi
3911 ]
3912)
3913
3914# Whether to enable BSD auth support
e9702f7d 3915BSD_AUTH_MSG=no
3c0ef626 3916AC_ARG_WITH(bsd-auth,
3917 [ --with-bsd-auth Enable BSD auth support],
3918 [
8b32eddc 3919 if test "x$withval" != "xno" ; then
08822d99 3920 AC_DEFINE(BSD_AUTH, 1,
3921 [Define if you have BSD auth support])
e9702f7d 3922 BSD_AUTH_MSG=yes
3c0ef626 3923 fi
3924 ]
3925)
3926
3c0ef626 3927# Where to place sshd.pid
3928piddir=/var/run
350391c5 3929# make sure the directory exists
8b32eddc 3930if test ! -d $piddir ; then
350391c5 3931 piddir=`eval echo ${sysconfdir}`
3932 case $piddir in
540d72c3 3933 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3934 esac
3935fi
3936
3c0ef626 3937AC_ARG_WITH(pid-dir,
3938 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3939 [
8b32eddc 3940 if test -n "$withval" && test "x$withval" != "xno" && \
3941 test "x${withval}" != "xyes"; then
3c0ef626 3942 piddir=$withval
8b32eddc 3943 if test ! -d $piddir ; then
350391c5 3944 AC_MSG_WARN([** no $piddir directory on this system **])
3945 fi
3c0ef626 3946 fi
3947 ]
3948)
3949
08822d99 3950AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3951AC_SUBST(piddir)
3952
3953dnl allow user to disable some login recording features
3954AC_ARG_ENABLE(lastlog,
3955 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3956 [
3957 if test "x$enableval" = "xno" ; then
3958 AC_DEFINE(DISABLE_LASTLOG)
3959 fi
3960 ]
3c0ef626 3961)
3962AC_ARG_ENABLE(utmp,
3963 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 3964 [
3965 if test "x$enableval" = "xno" ; then
3966 AC_DEFINE(DISABLE_UTMP)
3967 fi
3968 ]
3c0ef626 3969)
3970AC_ARG_ENABLE(utmpx,
3971 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 3972 [
3973 if test "x$enableval" = "xno" ; then
08822d99 3974 AC_DEFINE(DISABLE_UTMPX, 1,
3975 [Define if you don't want to use utmpx])
7cac2b65 3976 fi
3977 ]
3c0ef626 3978)
3979AC_ARG_ENABLE(wtmp,
3980 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 3981 [
3982 if test "x$enableval" = "xno" ; then
3983 AC_DEFINE(DISABLE_WTMP)
3984 fi
3985 ]
3c0ef626 3986)
3987AC_ARG_ENABLE(wtmpx,
3988 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 3989 [
3990 if test "x$enableval" = "xno" ; then
08822d99 3991 AC_DEFINE(DISABLE_WTMPX, 1,
3992 [Define if you don't want to use wtmpx])
7cac2b65 3993 fi
3994 ]
3c0ef626 3995)
3996AC_ARG_ENABLE(libutil,
3997 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 3998 [
3999 if test "x$enableval" = "xno" ; then
4000 AC_DEFINE(DISABLE_LOGIN)
4001 fi
4002 ]
3c0ef626 4003)
4004AC_ARG_ENABLE(pututline,
4005 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 4006 [
4007 if test "x$enableval" = "xno" ; then
08822d99 4008 AC_DEFINE(DISABLE_PUTUTLINE, 1,
4009 [Define if you don't want to use pututline()
4010 etc. to write [uw]tmp])
7cac2b65 4011 fi
4012 ]
3c0ef626 4013)
4014AC_ARG_ENABLE(pututxline,
4015 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 4016 [
4017 if test "x$enableval" = "xno" ; then
08822d99 4018 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
4019 [Define if you don't want to use pututxline()
4020 etc. to write [uw]tmpx])
7cac2b65 4021 fi
4022 ]
3c0ef626 4023)
4024AC_ARG_WITH(lastlog,
4025 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
4026 [
8b32eddc 4027 if test "x$withval" = "xno" ; then
3c0ef626 4028 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 4029 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 4030 conf_lastlog_location=$withval
4031 fi
4032 ]
4033)
4034
4035dnl lastlog, [uw]tmpx? detection
4036dnl NOTE: set the paths in the platform section to avoid the
4037dnl need for command-line parameters
4038dnl lastlog and [uw]tmp are subject to a file search if all else fails
4039
4040dnl lastlog detection
4041dnl NOTE: the code itself will detect if lastlog is a directory
4042AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
4043AC_TRY_COMPILE([
4044#include <sys/types.h>
4045#include <utmp.h>
4046#ifdef HAVE_LASTLOG_H
4047# include <lastlog.h>
4048#endif
4049#ifdef HAVE_PATHS_H
4050# include <paths.h>
4051#endif
4052#ifdef HAVE_LOGIN_H
4053# include <login.h>
4054#endif
4055 ],
4056 [ char *lastlog = LASTLOG_FILE; ],
4057 [ AC_MSG_RESULT(yes) ],
4058 [
4059 AC_MSG_RESULT(no)
4060 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4061 AC_TRY_COMPILE([
4062#include <sys/types.h>
4063#include <utmp.h>
4064#ifdef HAVE_LASTLOG_H
4065# include <lastlog.h>
4066#endif
4067#ifdef HAVE_PATHS_H
4068# include <paths.h>
4069#endif
4070 ],
4071 [ char *lastlog = _PATH_LASTLOG; ],
4072 [ AC_MSG_RESULT(yes) ],
4073 [
4074 AC_MSG_RESULT(no)
4075 system_lastlog_path=no
4076 ])
4077 ]
4078)
4079
4080if test -z "$conf_lastlog_location"; then
4081 if test x"$system_lastlog_path" = x"no" ; then
4082 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4083 if (test -d "$f" || test -f "$f") ; then
4084 conf_lastlog_location=$f
4085 fi
4086 done
4087 if test -z "$conf_lastlog_location"; then
4088 AC_MSG_WARN([** Cannot find lastlog **])
4089 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4090 fi
4091 fi
4092fi
4093
4094if test -n "$conf_lastlog_location"; then
08822d99 4095 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4096 [Define if you want to specify the path to your lastlog file])
8b32eddc 4097fi
3c0ef626 4098
4099dnl utmp detection
4100AC_MSG_CHECKING([if your system defines UTMP_FILE])
4101AC_TRY_COMPILE([
4102#include <sys/types.h>
4103#include <utmp.h>
4104#ifdef HAVE_PATHS_H
4105# include <paths.h>
4106#endif
4107 ],
4108 [ char *utmp = UTMP_FILE; ],
4109 [ AC_MSG_RESULT(yes) ],
4110 [ AC_MSG_RESULT(no)
4111 system_utmp_path=no ]
4112)
4113if test -z "$conf_utmp_location"; then
4114 if test x"$system_utmp_path" = x"no" ; then
4115 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4116 if test -f $f ; then
4117 conf_utmp_location=$f
4118 fi
4119 done
4120 if test -z "$conf_utmp_location"; then
4121 AC_DEFINE(DISABLE_UTMP)
4122 fi
4123 fi
4124fi
4125if test -n "$conf_utmp_location"; then
08822d99 4126 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4127 [Define if you want to specify the path to your utmp file])
8b32eddc 4128fi
3c0ef626 4129
4130dnl wtmp detection
4131AC_MSG_CHECKING([if your system defines WTMP_FILE])
4132AC_TRY_COMPILE([
4133#include <sys/types.h>
4134#include <utmp.h>
4135#ifdef HAVE_PATHS_H
4136# include <paths.h>
4137#endif
4138 ],
4139 [ char *wtmp = WTMP_FILE; ],
4140 [ AC_MSG_RESULT(yes) ],
4141 [ AC_MSG_RESULT(no)
4142 system_wtmp_path=no ]
4143)
4144if test -z "$conf_wtmp_location"; then
4145 if test x"$system_wtmp_path" = x"no" ; then
4146 for f in /usr/adm/wtmp /var/log/wtmp; do
4147 if test -f $f ; then
4148 conf_wtmp_location=$f
4149 fi
4150 done
4151 if test -z "$conf_wtmp_location"; then
4152 AC_DEFINE(DISABLE_WTMP)
4153 fi
4154 fi
4155fi
4156if test -n "$conf_wtmp_location"; then
08822d99 4157 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4158 [Define if you want to specify the path to your wtmp file])
8b32eddc 4159fi
3c0ef626 4160
4161
4162dnl utmpx detection - I don't know any system so perverse as to require
4163dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4164dnl there, though.
4165AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4166AC_TRY_COMPILE([
4167#include <sys/types.h>
4168#include <utmp.h>
4169#ifdef HAVE_UTMPX_H
4170#include <utmpx.h>
4171#endif
4172#ifdef HAVE_PATHS_H
4173# include <paths.h>
4174#endif
4175 ],
4176 [ char *utmpx = UTMPX_FILE; ],
4177 [ AC_MSG_RESULT(yes) ],
4178 [ AC_MSG_RESULT(no)
4179 system_utmpx_path=no ]
4180)
4181if test -z "$conf_utmpx_location"; then
4182 if test x"$system_utmpx_path" = x"no" ; then
4183 AC_DEFINE(DISABLE_UTMPX)
4184 fi
4185else
08822d99 4186 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4187 [Define if you want to specify the path to your utmpx file])
8b32eddc 4188fi
3c0ef626 4189
4190dnl wtmpx detection
4191AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4192AC_TRY_COMPILE([
4193#include <sys/types.h>
4194#include <utmp.h>
4195#ifdef HAVE_UTMPX_H
4196#include <utmpx.h>
4197#endif
4198#ifdef HAVE_PATHS_H
4199# include <paths.h>
4200#endif
4201 ],
4202 [ char *wtmpx = WTMPX_FILE; ],
4203 [ AC_MSG_RESULT(yes) ],
4204 [ AC_MSG_RESULT(no)
4205 system_wtmpx_path=no ]
4206)
4207if test -z "$conf_wtmpx_location"; then
4208 if test x"$system_wtmpx_path" = x"no" ; then
4209 AC_DEFINE(DISABLE_WTMPX)
4210 fi
4211else
08822d99 4212 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4213 [Define if you want to specify the path to your wtmpx file])
8b32eddc 4214fi
3c0ef626 4215
4216
3c0ef626 4217if test ! -z "$blibpath" ; then
256cb466 4218 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4219 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4220fi
4221
2ce0bfe4 4222dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4223dnl Add now.
4224CFLAGS="$CFLAGS $werror_flags"
4225
e9702f7d 4226AC_EXEEXT
30460aeb 4227AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4228 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
dfddba3d 4229 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4230AC_OUTPUT
4231
4232# Print summary of options
4233
3c0ef626 4234# Someone please show me a better way :)
4235A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4236B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4237C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4238D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4239E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4240F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4241G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 4242H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4243I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4244J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4245
4246echo ""
4247echo "OpenSSH has been configured with the following options:"
350391c5 4248echo " User binaries: $B"
4249echo " System binaries: $C"
4250echo " Configuration files: $D"
4251echo " Askpass program: $E"
4252echo " Manual pages: $F"
4253echo " PID file: $G"
4254echo " Privilege separation chroot path: $H"
7cac2b65 4255if test "x$external_path_file" = "x/etc/login.conf" ; then
4256echo " At runtime, sshd will use the path defined in $external_path_file"
4257echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 4258else
4259echo " sshd default user PATH: $I"
7cac2b65 4260 if test ! -z "$external_path_file"; then
4261echo " (If PATH is set in $external_path_file it will be used instead. If"
4262echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4263 fi
350391c5 4264fi
4265if test ! -z "$superuser_path" ; then
4266echo " sshd superuser user PATH: $J"
4267fi
4268echo " Manpage format: $MANTYPE"
7cac2b65 4269echo " PAM support: $PAM_MSG"
30460aeb 4270echo " OSF SIA support: $SIA_MSG"
350391c5 4271echo " KerberosV support: $KRB5_MSG"
30460aeb 4272echo " SELinux support: $SELINUX_MSG"
350391c5 4273echo " Smartcard support: $SCARD_MSG"
350391c5 4274echo " S/KEY support: $SKEY_MSG"
4275echo " TCP Wrappers support: $TCPW_MSG"
4276echo " MD5 password support: $MD5_MSG"
dfddba3d 4277echo " libedit support: $LIBEDIT_MSG"
30460aeb 4278echo " Solaris process contract support: $SPC_MSG"
350391c5 4279echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 4280echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4281echo " BSD Auth support: $BSD_AUTH_MSG"
4282echo " Random number source: $RAND_MSG"
e9702f7d 4283if test ! -z "$USE_RAND_HELPER" ; then
350391c5 4284echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4285fi
4286
4287echo ""
4288
4289echo " Host: ${host}"
4290echo " Compiler: ${CC}"
4291echo " Compiler flags: ${CFLAGS}"
4292echo "Preprocessor flags: ${CPPFLAGS}"
4293echo " Linker flags: ${LDFLAGS}"
fa0f0f45 4294echo " Libraries: ${LIBS}"
4295if test ! -z "${SSHDLIBS}"; then
4296echo " +for sshd: ${SSHDLIBS}"
4297fi
3c0ef626 4298
4299echo ""
4300
7e82606e 4301if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4302 echo "SVR4 style packages are supported with \"make package\""
4303 echo ""
7e82606e 4304fi
4305
3c0ef626 4306if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4307 echo "PAM is enabled. You may need to install a PAM control file "
4308 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4309 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4310 echo "subdirectory"
3c0ef626 4311 echo ""
4312fi
4313
e9702f7d 4314if test ! -z "$RAND_HELPER_CMDHASH" ; then
4315 echo "WARNING: you are using the builtin random number collection "
4316 echo "service. Please read WARNING.RNG and request that your OS "
4317 echo "vendor includes kernel-based random number collection in "
4318 echo "future versions of your OS."
3c0ef626 4319 echo ""
4320fi
4321
7e82606e 4322if test ! -z "$NO_PEERCHECK" ; then
fa0f0f45 4323 echo "WARNING: the operating system that you are using does not"
4324 echo "appear to support getpeereid(), getpeerucred() or the"
4325 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4326 echo "enforce security checks to prevent unauthorised connections to"
4327 echo "ssh-agent. Their absence increases the risk that a malicious"
4328 echo "user can connect to your agent."
7e82606e 4329 echo ""
4330fi
4331
dfddba3d 4332if test "$AUDIT_MODULE" = "bsm" ; then
4333 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4334 echo "See the Solaris section in README.platform for details."
4335fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.764254 seconds and 5 git commands to generate.