]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
we're not using $GSI_LIBS anymore, so check $GSI_LDFLAGS instead
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
4b6dae8f 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
7cac2b65 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
4b6dae8f 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
7e82606e 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 43AC_PATH_PROG(SH, sh)
7e82606e 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
540d72c3 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
540d72c3 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
8b32eddc 88
3c0ef626 89AC_C_INLINE
2ce0bfe4 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
540d72c3 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 96 case $GCC_VER in
fa0f0f45 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
08822d99 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
2ce0bfe4 106 esac
107
108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
119fi
120
fa0f0f45 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
540d72c3 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
8b32eddc 128 if test "x$withval" = "xno" ; then
540d72c3 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
240debe0 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
fa0f0f45 208 poll.h \
240debe0 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
226 sys/prctl.h \
227 sys/pstat.h \
228 sys/select.h \
229 sys/stat.h \
230 sys/stream.h \
231 sys/stropts.h \
232 sys/strtio.h \
233 sys/sysmacros.h \
234 sys/time.h \
235 sys/timers.h \
236 sys/un.h \
237 time.h \
238 tmpdir.h \
239 ttyent.h \
fa0f0f45 240 ucred.h \
240debe0 241 unistd.h \
242 usersec.h \
243 util.h \
244 utime.h \
245 utmp.h \
246 utmpx.h \
247 vis.h \
248)
249
250# lastlog.h requires sys/time.h to be included first on Solaris
251AC_CHECK_HEADERS(lastlog.h, [], [], [
252#ifdef HAVE_SYS_TIME_H
253# include <sys/time.h>
254#endif
255])
256
257# sys/ptms.h requires sys/stream.h to be included first on Solaris
258AC_CHECK_HEADERS(sys/ptms.h, [], [], [
259#ifdef HAVE_SYS_STREAM_H
260# include <sys/stream.h>
261#endif
262])
263
264# login_cap.h requires sys/types.h on NetBSD
265AC_CHECK_HEADERS(login_cap.h, [], [], [
266#include <sys/types.h>
267])
268
30460aeb 269# Messages for features tested for in target-specific section
270SIA_MSG="no"
271SPC_MSG="no"
272
3c0ef626 273# Check for some target-specific stuff
274case "$host" in
275*-*-aix*)
30460aeb 276 # Some versions of VAC won't allow macro redefinitions at
277 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
278 # particularly with older versions of vac or xlc.
279 # It also throws errors about null macro argments, but these are
280 # not fatal.
281 AC_MSG_CHECKING(if compiler allows macro redefinitions)
282 AC_COMPILE_IFELSE(
283 [AC_LANG_SOURCE([[
284#define testmacro foo
285#define testmacro bar
286int main(void) { exit(0); }
287 ]])],
288 [ AC_MSG_RESULT(yes) ],
289 [ AC_MSG_RESULT(no)
290 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
291 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
292 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
293 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 ]
295 )
296
540d72c3 297 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 298 if (test -z "$blibpath"); then
540d72c3 299 blibpath="/usr/lib:/lib"
3c0ef626 300 fi
256cb466 301 saved_LDFLAGS="$LDFLAGS"
30460aeb 302 if test "$GCC" = "yes"; then
303 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
304 else
305 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
306 fi
307 for tryflags in $flags ;do
256cb466 308 if (test -z "$blibflags"); then
309 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
310 AC_TRY_LINK([], [], [blibflags=$tryflags])
311 fi
312 done
313 if (test -z "$blibflags"); then
314 AC_MSG_RESULT(not found)
315 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
316 else
317 AC_MSG_RESULT($blibflags)
318 fi
319 LDFLAGS="$saved_LDFLAGS"
7cac2b65 320 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 321 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
322 [Define if you want to enable AIX4's authenticate function])],
d03f4262 323 [AC_CHECK_LIB(s,authenticate,
324 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
325 LIBS="$LIBS -ls"
326 ])
327 ])
dfddba3d 328 dnl Check for various auth function declarations in headers.
329 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 330 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 331 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 332 AC_CHECK_DECLS(loginfailed,
7cac2b65 333 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
334 AC_TRY_COMPILE(
335 [#include <usersec.h>],
336 [(void)loginfailed("user","host","tty",0);],
337 [AC_MSG_RESULT(yes)
08822d99 338 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
339 [Define if your AIX loginfailed() function
340 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 341 [AC_MSG_RESULT(no)]
342 )],
343 [],
344 [#include <usersec.h>]
345 )
346 AC_CHECK_FUNCS(setauthdb)
30460aeb 347 AC_CHECK_DECL(F_CLOSEM,
348 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
349 [],
350 [ #include <limits.h>
351 #include <fcntl.h> ]
352 )
dfddba3d 353 check_for_aix_broken_getaddrinfo=1
08822d99 354 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
355 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
356 [Define if your platform breaks doing a seteuid before a setuid])
357 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
358 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 359 dnl AIX handles lastlog as part of its login message
08822d99 360 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
361 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
362 [Some systems need a utmpx entry for /bin/login to work])
363 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
364 [Define to a Set Process Title type if your system is
365 supported by bsd-setproctitle.c])
366 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
367 [AIX 5.2 and 5.3 (and presumably newer) require this])
30460aeb 368 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 369 ;;
370*-*-cygwin*)
bfe49944 371 check_for_libcrypt_later=1
0b90ac93 372 LIBS="$LIBS /usr/lib/textreadmode.o"
08822d99 373 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
374 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
375 AC_DEFINE(DISABLE_SHADOW, 1,
376 [Define if you want to disable shadow passwords])
377 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
378 [Define if your system choked on IP TOS setting])
379 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
380 [Define if X11 doesn't support AF_UNIX sockets on that system])
381 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
382 [Define if the concept of ports only accessible to
383 superusers isn't known])
384 AC_DEFINE(DISABLE_FD_PASSING, 1,
385 [Define if your platform needs to skip post auth
386 file descriptor passing])
3c0ef626 387 ;;
388*-*-dgux*)
389 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 390 AC_DEFINE(SETEUID_BREAKS_SETUID)
391 AC_DEFINE(BROKEN_SETREUID)
392 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 393 ;;
394*-*-darwin*)
0b90ac93 395 AC_DEFINE(BROKEN_GETADDRINFO, 1, [Define if getaddrinfo is broken)])
396 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 397 AC_DEFINE(SETEUID_BREAKS_SETUID)
398 AC_DEFINE(BROKEN_SETREUID)
399 AC_DEFINE(BROKEN_SETREGID)
08822d99 400 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
401 [Define if your resolver libs need this for getrrsetbyname])
30460aeb 402 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
403 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
404 [Use tunnel device compatibility to OpenBSD])
405 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
406 [Prepend the address family to IP tunnel traffic])
f713db99 407 AC_MSG_CHECKING(if we have the Security Authorization Session API)
408 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
409 [SessionCreate(0, 0);],
410 [ac_cv_use_security_session_api="yes"
411 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
412 [platform has the Security Authorization Session API])
413 LIBS="$LIBS -framework Security"
414 AC_MSG_RESULT(yes)],
415 [ac_cv_use_security_session_api="no"
416 AC_MSG_RESULT(no)])
417 AC_MSG_CHECKING(if we have an in-memory credentials cache)
418 AC_TRY_COMPILE(
419 [#include <Kerberos/Kerberos.h>],
420 [cc_context_t c;
421 (void) cc_initialize (&c, 0, NULL, NULL);],
422 [AC_DEFINE(USE_CCAPI, 1,
423 [platform uses an in-memory credentials cache])
424 LIBS="$LIBS -framework Security"
425 AC_MSG_RESULT(yes)
426 if test "x$ac_cv_use_security_session_api" = "xno"; then
427 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
428 fi],
429 [AC_MSG_RESULT(no)]
430 )
431 ;;
30460aeb 432*-*-dragonfly*)
433 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 434 ;;
2ce0bfe4 435*-*-hpux*)
436 # first we define all of the options common to all HP-UX releases
3c0ef626 437 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
438 IPADDR_IN_DISPLAY=yes
3c0ef626 439 AC_DEFINE(USE_PIPES)
08822d99 440 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
441 [Define if your login program cannot handle end of options ("--")])
350391c5 442 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 443 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
444 [String used in /etc/passwd to denote locked account])
7cac2b65 445 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 446 MAIL="/var/mail/username"
d03f4262 447 LIBS="$LIBS -lsec"
2ce0bfe4 448 AC_CHECK_LIB(xnet, t_error, ,
449 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
450
451 # next, we define all of the options specific to major releases
452 case "$host" in
453 *-*-hpux10*)
454 if test -z "$GCC"; then
455 CFLAGS="$CFLAGS -Ae"
456 fi
457 ;;
458 *-*-hpux11*)
08822d99 459 AC_DEFINE(PAM_SUN_CODEBASE, 1,
460 [Define if you are using Solaris-derived PAM which
461 passes pam_messages to the conversation function
462 with an extra level of indirection])
463 AC_DEFINE(DISABLE_UTMP, 1,
464 [Define if you don't want to use utmp])
2ce0bfe4 465 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
466 check_for_hpux_broken_getaddrinfo=1
467 check_for_conflicting_getspnam=1
468 ;;
469 esac
470
471 # lastly, we define options specific to minor releases
472 case "$host" in
473 *-*-hpux10.26)
08822d99 474 AC_DEFINE(HAVE_SECUREWARE, 1,
475 [Define if you have SecureWare-based
476 protected password database])
2ce0bfe4 477 disable_ptmx_check=yes
478 LIBS="$LIBS -lsecpw"
479 ;;
480 esac
3c0ef626 481 ;;
482*-*-irix5*)
3c0ef626 483 PATH="$PATH:/usr/etc"
08822d99 484 AC_DEFINE(BROKEN_INET_NTOA, 1,
485 [Define if you system's inet_ntoa is busted
486 (e.g. Irix gcc issue)])
540d72c3 487 AC_DEFINE(SETEUID_BREAKS_SETUID)
488 AC_DEFINE(BROKEN_SETREUID)
489 AC_DEFINE(BROKEN_SETREGID)
08822d99 490 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
491 [Define if you shouldn't strip 'tty' from your
492 ttyname in [uw]tmp])
7cac2b65 493 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 494 ;;
495*-*-irix6*)
3c0ef626 496 PATH="$PATH:/usr/etc"
08822d99 497 AC_DEFINE(WITH_IRIX_ARRAY, 1,
498 [Define if you have/want arrays
499 (cluster-wide session managment, not C arrays)])
500 AC_DEFINE(WITH_IRIX_PROJECT, 1,
501 [Define if you want IRIX project management])
502 AC_DEFINE(WITH_IRIX_AUDIT, 1,
503 [Define if you want IRIX audit trails])
504 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
505 [Define if you want IRIX kernel jobs])])
3c0ef626 506 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 507 AC_DEFINE(SETEUID_BREAKS_SETUID)
508 AC_DEFINE(BROKEN_SETREUID)
509 AC_DEFINE(BROKEN_SETREGID)
08822d99 510 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 511 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 512 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 513 ;;
514*-*-linux*)
515 no_dev_ptmx=1
516 check_for_libcrypt_later=1
7cac2b65 517 check_for_openpty_ctty_bug=1
08822d99 518 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
519 AC_DEFINE(PAM_TTY_KLUDGE, 1,
520 [Work around problematic Linux PAM modules handling of PAM_TTY])
521 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
522 [String used in /etc/passwd to denote locked account])
7cac2b65 523 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 524 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
525 [Define to whatever link() returns for "not supported"
526 if it doesn't return EOPNOTSUPP.])
dfddba3d 527 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 528 AC_DEFINE(USE_BTMP)
3c0ef626 529 inet6_default_4in6=yes
7cac2b65 530 case `uname -r` in
531 1.*|2.0.*)
08822d99 532 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
533 [Define if cmsg_type is not passed correctly])
7cac2b65 534 ;;
535 esac
08822d99 536 # tun(4) forwarding compat code
537 AC_CHECK_HEADERS(linux/if_tun.h)
538 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
539 AC_DEFINE(SSH_TUN_LINUX, 1,
540 [Open tunnel devices the Linux tun/tap way])
541 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
542 [Use tunnel device compatibility to OpenBSD])
543 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
544 [Prepend the address family to IP tunnel traffic])
545 fi
3c0ef626 546 ;;
547mips-sony-bsd|mips-sony-newsos4)
4b6dae8f 548 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 549 SONY=1
3c0ef626 550 ;;
551*-*-netbsd*)
d03f4262 552 check_for_libcrypt_before=1
8b32eddc 553 if test "x$withval" != "xno" ; then
540d72c3 554 need_dash_r=1
555 fi
08822d99 556 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
557 AC_CHECK_HEADER([net/if_tap.h], ,
558 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
559 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
560 [Prepend the address family to IP tunnel traffic])
3c0ef626 561 ;;
562*-*-freebsd*)
563 check_for_libcrypt_later=1
08822d99 564 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
565 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
566 AC_CHECK_HEADER([net/if_tap.h], ,
567 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 568 ;;
29d88157 569*-*-bsdi*)
570 AC_DEFINE(SETEUID_BREAKS_SETUID)
571 AC_DEFINE(BROKEN_SETREUID)
572 AC_DEFINE(BROKEN_SETREGID)
573 ;;
3c0ef626 574*-next-*)
575 conf_lastlog_location="/usr/adm/lastlog"
576 conf_utmp_location=/etc/utmp
577 conf_wtmp_location=/usr/adm/wtmp
578 MAIL=/usr/spool/mail
08822d99 579 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 580 AC_DEFINE(BROKEN_REALPATH)
581 AC_DEFINE(USE_PIPES)
08822d99 582 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 583 ;;
2ce0bfe4 584*-*-openbsd*)
585 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 586 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
587 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
30460aeb 588 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
589 [syslog_r function is safe to use in in a signal handler])
2ce0bfe4 590 ;;
3c0ef626 591*-*-solaris*)
8b32eddc 592 if test "x$withval" != "xno" ; then
12a403af 593 need_dash_r=1
594 fi
3c0ef626 595 AC_DEFINE(PAM_SUN_CODEBASE)
596 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 597 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
598 [Some versions of /bin/login need the TERM supplied
599 on the commandline])
3c0ef626 600 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 601 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
602 [Define if pam_chauthtok wants real uid set
603 to the unpriv'ed user])
7cac2b65 604 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
605 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 606 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
607 [Define if sshd somehow reacquires a controlling TTY
608 after setsid()])
30460aeb 609 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
610 in case the name is longer than 8 chars])
7cac2b65 611 external_path_file=/etc/default/login
3c0ef626 612 # hardwire lastlog location (can't detect it on some versions)
613 conf_lastlog_location="/var/adm/lastlog"
614 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
615 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
616 if test "$sol2ver" -ge 8; then
617 AC_MSG_RESULT(yes)
618 AC_DEFINE(DISABLE_UTMP)
08822d99 619 AC_DEFINE(DISABLE_WTMP, 1,
620 [Define if you don't want to use wtmp])
3c0ef626 621 else
622 AC_MSG_RESULT(no)
623 fi
30460aeb 624 AC_ARG_WITH(solaris-contracts,
625 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
626 [
627 AC_CHECK_LIB(contract, ct_tmpl_activate,
628 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
629 [Define if you have Solaris process contracts])
630 SSHDLIBS="$SSHDLIBS -lcontract"
631 AC_SUBST(SSHDLIBS)
632 SPC_MSG="yes" ], )
633 ],
634 )
3c0ef626 635 ;;
636*-*-sunos4*)
637 CPPFLAGS="$CPPFLAGS -DSUNOS4"
638 AC_CHECK_FUNCS(getpwanam)
639 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 640 conf_utmp_location=/etc/utmp
641 conf_wtmp_location=/var/adm/wtmp
642 conf_lastlog_location=/var/adm/lastlog
643 AC_DEFINE(USE_PIPES)
644 ;;
645*-ncr-sysv*)
3c0ef626 646 LIBS="$LIBS -lc89"
e9702f7d 647 AC_DEFINE(USE_PIPES)
7cac2b65 648 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 649 AC_DEFINE(SETEUID_BREAKS_SETUID)
650 AC_DEFINE(BROKEN_SETREUID)
651 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 652 ;;
653*-sni-sysv*)
3c0ef626 654 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 655 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 656 # -lresolv needs to be at the end of LIBS or DNS lookups break
657 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 658 IPADDR_IN_DISPLAY=yes
659 AC_DEFINE(USE_PIPES)
660 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 661 AC_DEFINE(SETEUID_BREAKS_SETUID)
662 AC_DEFINE(BROKEN_SETREUID)
663 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 664 AC_DEFINE(SSHD_ACQUIRES_CTTY)
665 external_path_file=/etc/default/login
3c0ef626 666 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
667 # Attention: always take care to bind libsocket and libnsl before libc,
668 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
669 ;;
dfddba3d 670# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 671*-*-sysv4.2*)
3c0ef626 672 AC_DEFINE(USE_PIPES)
7cac2b65 673 AC_DEFINE(SETEUID_BREAKS_SETUID)
674 AC_DEFINE(BROKEN_SETREUID)
675 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 676 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 677 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 678 ;;
dfddba3d 679# UnixWare 7.x, OpenUNIX 8
3c0ef626 680*-*-sysv5*)
2ce0bfe4 681 check_for_libcrypt_later=1
682 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 683 AC_DEFINE(USE_PIPES)
7cac2b65 684 AC_DEFINE(SETEUID_BREAKS_SETUID)
685 AC_DEFINE(BROKEN_SETREUID)
686 AC_DEFINE(BROKEN_SETREGID)
08822d99 687 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 688 case "$host" in
689 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
690 TEST_SHELL=/u95/bin/sh
08822d99 691 AC_DEFINE(BROKEN_LIBIAF, 1,
692 [ia_uinfo routines not supported by OS yet])
30460aeb 693 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 694 ;;
695 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 696 ;;
697 esac
3c0ef626 698 ;;
699*-*-sysv*)
3c0ef626 700 ;;
dfddba3d 701# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 702*-*-sco3.2v4*)
dfddba3d 703 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 704 ;;
dfddba3d 705# SCO OpenServer 5.x
3c0ef626 706*-*-sco3.2v5*)
bfe49944 707 if test -z "$GCC"; then
708 CFLAGS="$CFLAGS -belf"
709 fi
3c0ef626 710 LIBS="$LIBS -lprot -lx -ltinfo -lm"
711 no_dev_ptmx=1
3c0ef626 712 AC_DEFINE(USE_PIPES)
350391c5 713 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 714 AC_DEFINE(DISABLE_SHADOW)
d03f4262 715 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 716 AC_DEFINE(SETEUID_BREAKS_SETUID)
717 AC_DEFINE(BROKEN_SETREUID)
718 AC_DEFINE(BROKEN_SETREGID)
719 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 720 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 721 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 722 AC_CHECK_FUNCS(getluid setluid)
723 MANTYPE=man
7e82606e 724 TEST_SHELL=ksh
3c0ef626 725 ;;
d03f4262 726*-*-unicosmk*)
08822d99 727 AC_DEFINE(NO_SSH_LASTLOG, 1,
728 [Define if you don't want to use lastlog in session.c])
540d72c3 729 AC_DEFINE(SETEUID_BREAKS_SETUID)
730 AC_DEFINE(BROKEN_SETREUID)
731 AC_DEFINE(BROKEN_SETREGID)
d03f4262 732 AC_DEFINE(USE_PIPES)
733 AC_DEFINE(DISABLE_FD_PASSING)
734 LDFLAGS="$LDFLAGS"
735 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
736 MANTYPE=cat
737 ;;
7cac2b65 738*-*-unicosmp*)
540d72c3 739 AC_DEFINE(SETEUID_BREAKS_SETUID)
740 AC_DEFINE(BROKEN_SETREUID)
741 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 742 AC_DEFINE(WITH_ABBREV_NO_TTY)
743 AC_DEFINE(USE_PIPES)
744 AC_DEFINE(DISABLE_FD_PASSING)
745 LDFLAGS="$LDFLAGS"
540d72c3 746 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 747 MANTYPE=cat
748 ;;
3c0ef626 749*-*-unicos*)
540d72c3 750 AC_DEFINE(SETEUID_BREAKS_SETUID)
751 AC_DEFINE(BROKEN_SETREUID)
752 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 753 AC_DEFINE(USE_PIPES)
d03f4262 754 AC_DEFINE(DISABLE_FD_PASSING)
755 AC_DEFINE(NO_SSH_LASTLOG)
756 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
757 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
758 MANTYPE=cat
3c0ef626 759 ;;
760*-dec-osf*)
761 AC_MSG_CHECKING(for Digital Unix SIA)
762 no_osfsia=""
763 AC_ARG_WITH(osfsia,
764 [ --with-osfsia Enable Digital Unix SIA],
765 [
766 if test "x$withval" = "xno" ; then
767 AC_MSG_RESULT(disabled)
768 no_osfsia=1
769 fi
770 ],
771 )
772 if test -z "$no_osfsia" ; then
773 if test -f /etc/sia/matrix.conf; then
774 AC_MSG_RESULT(yes)
08822d99 775 AC_DEFINE(HAVE_OSF_SIA, 1,
776 [Define if you have Digital Unix Security
777 Integration Architecture])
778 AC_DEFINE(DISABLE_LOGIN, 1,
779 [Define if you don't want to use your
780 system's login() call])
bfe49944 781 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 782 LIBS="$LIBS -lsecurity -ldb -lm -laud"
30460aeb 783 SIA_MSG="yes"
3c0ef626 784 else
785 AC_MSG_RESULT(no)
08822d99 786 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
787 [String used in /etc/passwd to denote locked account])
3c0ef626 788 fi
789 fi
7cac2b65 790 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 791 AC_DEFINE(SETEUID_BREAKS_SETUID)
792 AC_DEFINE(BROKEN_SETREUID)
793 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 794 ;;
795
4b6dae8f 796*-*-nto-qnx*)
3c0ef626 797 AC_DEFINE(USE_PIPES)
798 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 799 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
800 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
801 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
4b6dae8f 802 AC_DEFINE(DISABLE_LASTLOG)
30460aeb 803 AC_DEFINE(SSHD_ACQUIRES_CTTY)
804 enable_etc_default_login=no # has incompatible /etc/default/login
fa0f0f45 805 case "$host" in
806 *-*-nto-qnx6*)
807 AC_DEFINE(DISABLE_FD_PASSING)
808 ;;
809 esac
3c0ef626 810 ;;
2ce0bfe4 811
812*-*-ultrix*)
08822d99 813 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
814 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b6dae8f 815 AC_DEFINE(NEED_SETPGRP)
2ce0bfe4 816 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
817 ;;
818
819*-*-lynxos)
820 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 821 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 822 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
823 ;;
3c0ef626 824esac
825
7cac2b65 826AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 827AC_RUN_IFELSE(
828 [AC_LANG_SOURCE([
7cac2b65 829#include <stdio.h>
830int main(){exit(0);}
dfddba3d 831 ])],
7cac2b65 832 [ AC_MSG_RESULT(yes) ],
833 [
834 AC_MSG_RESULT(no)
835 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 836 ],
837 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 838)
839
2ce0bfe4 840dnl Checks for header files.
3c0ef626 841# Checks for libraries.
842AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
843AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
844
7cac2b65 845dnl IRIX and Solaris 2.5.1 have dirname() in libgen
846AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
847 AC_CHECK_LIB(gen, dirname,[
848 AC_CACHE_CHECK([for broken dirname],
849 ac_cv_have_broken_dirname, [
850 save_LIBS="$LIBS"
851 LIBS="$LIBS -lgen"
08822d99 852 AC_RUN_IFELSE(
853 [AC_LANG_SOURCE([[
7cac2b65 854#include <libgen.h>
855#include <string.h>
856
857int main(int argc, char **argv) {
858 char *s, buf[32];
859
860 strncpy(buf,"/etc", 32);
861 s = dirname(buf);
862 if (!s || strncmp(s, "/", 32) != 0) {
863 exit(1);
864 } else {
865 exit(0);
866 }
867}
08822d99 868 ]])],
869 [ ac_cv_have_broken_dirname="no" ],
870 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 871 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 872 )
873 LIBS="$save_LIBS"
874 ])
875 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
876 LIBS="$LIBS -lgen"
877 AC_DEFINE(HAVE_DIRNAME)
878 AC_CHECK_HEADERS(libgen.h)
879 fi
880 ])
881])
882
3c0ef626 883AC_CHECK_FUNC(getspnam, ,
884 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 885AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
886 [Define if you have the basename function.]))
3c0ef626 887
888dnl zlib is required
889AC_ARG_WITH(zlib,
890 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 891 [ if test "x$withval" = "xno" ; then
892 AC_MSG_ERROR([*** zlib is required ***])
893 elif test "x$withval" != "xyes"; then
3c0ef626 894 if test -d "$withval/lib"; then
895 if test -n "${need_dash_r}"; then
896 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
897 else
898 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
899 fi
900 else
901 if test -n "${need_dash_r}"; then
902 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
903 else
904 LDFLAGS="-L${withval} ${LDFLAGS}"
905 fi
906 fi
907 if test -d "$withval/include"; then
908 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
909 else
910 CPPFLAGS="-I${withval} ${CPPFLAGS}"
911 fi
8b32eddc 912 fi ]
3c0ef626 913)
914
540d72c3 915AC_CHECK_LIB(z, deflate, ,
916 [
917 saved_CPPFLAGS="$CPPFLAGS"
918 saved_LDFLAGS="$LDFLAGS"
919 save_LIBS="$LIBS"
920 dnl Check default zlib install dir
921 if test -n "${need_dash_r}"; then
922 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
923 else
924 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
925 fi
926 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
927 LIBS="$LIBS -lz"
928 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
929 [
930 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
931 ]
932 )
933 ]
934)
935AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
936
937AC_ARG_WITH(zlib-version-check,
938 [ --without-zlib-version-check Disable zlib version check],
939 [ if test "x$withval" = "xno" ; then
940 zlib_check_nonfatal=1
941 fi
942 ]
943)
944
8b32eddc 945AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 946AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 947#include <stdio.h>
540d72c3 948#include <zlib.h>
949int main()
950{
8b32eddc 951 int a=0, b=0, c=0, d=0, n, v;
952 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
953 if (n != 3 && n != 4)
540d72c3 954 exit(1);
8b32eddc 955 v = a*1000000 + b*10000 + c*100 + d;
956 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
957
958 /* 1.1.4 is OK */
959 if (a == 1 && b == 1 && c >= 4)
540d72c3 960 exit(0);
8b32eddc 961
2ce0bfe4 962 /* 1.2.3 and up are OK */
963 if (v >= 1020300)
8b32eddc 964 exit(0);
965
540d72c3 966 exit(2);
967}
dfddba3d 968 ]])],
8b32eddc 969 AC_MSG_RESULT(no),
970 [ AC_MSG_RESULT(yes)
540d72c3 971 if test -z "$zlib_check_nonfatal" ; then
972 AC_MSG_ERROR([*** zlib too old - check config.log ***
973Your reported zlib version has known security problems. It's possible your
974vendor has fixed these problems without changing the version number. If you
975are sure this is the case, you can disable the check by running
976"./configure --without-zlib-version-check".
2ce0bfe4 977If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 978See http://www.gzip.org/zlib/ for details.])
540d72c3 979 else
980 AC_MSG_WARN([zlib version may have security problems])
981 fi
dfddba3d 982 ],
983 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 984)
3c0ef626 985
3c0ef626 986dnl UnixWare 2.x
540d72c3 987AC_CHECK_FUNC(strcasecmp,
3c0ef626 988 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
989)
08822d99 990AC_CHECK_FUNCS(utimes,
d03f4262 991 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
992 LIBS="$LIBS -lc89"]) ]
3c0ef626 993)
994
995dnl Checks for libutil functions
996AC_CHECK_HEADERS(libutil.h)
08822d99 997AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
998 [Define if your libraries define login()])])
3c0ef626 999AC_CHECK_FUNCS(logout updwtmp logwtmp)
1000
1001AC_FUNC_STRFTIME
1002
3c0ef626 1003# Check for ALTDIRFUNC glob() extension
1004AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1005AC_EGREP_CPP(FOUNDIT,
1006 [
1007 #include <glob.h>
1008 #ifdef GLOB_ALTDIRFUNC
1009 FOUNDIT
1010 #endif
540d72c3 1011 ],
3c0ef626 1012 [
08822d99 1013 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1014 [Define if your system glob() function has
1015 the GLOB_ALTDIRFUNC extension])
3c0ef626 1016 AC_MSG_RESULT(yes)
1017 ],
1018 [
1019 AC_MSG_RESULT(no)
1020 ]
1021)
1022
1023# Check for g.gl_matchc glob() extension
1024AC_MSG_CHECKING(for gl_matchc field in glob_t)
30460aeb 1025AC_TRY_COMPILE(
1026 [ #include <glob.h> ],
1027 [glob_t g; g.gl_matchc = 1;],
540d72c3 1028 [
08822d99 1029 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1030 [Define if your system glob() function has
1031 gl_matchc options in glob_t])
540d72c3 1032 AC_MSG_RESULT(yes)
1033 ],
1034 [
1035 AC_MSG_RESULT(no)
1036 ]
3c0ef626 1037)
1038
30460aeb 1039AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1040
3c0ef626 1041AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 1042AC_RUN_IFELSE(
1043 [AC_LANG_SOURCE([[
3c0ef626 1044#include <sys/types.h>
1045#include <dirent.h>
d03f4262 1046int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 1047 ]])],
540d72c3 1048 [AC_MSG_RESULT(yes)],
3c0ef626 1049 [
1050 AC_MSG_RESULT(no)
08822d99 1051 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1052 [Define if your struct dirent expects you to
1053 allocate extra space for d_name])
dfddba3d 1054 ],
8b32eddc 1055 [
dfddba3d 1056 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1057 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1058 ]
1059)
1060
1c89237d 1061# Check whether the user wants GSSAPI mechglue support
1062AC_ARG_WITH(mechglue,
bec32dad 1063 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1c89237d 1064 [
1065 AC_MSG_CHECKING(for mechglue library)
bec32dad 1066
1067 if test -e ${withval}/libgssapi.a ; then
1068 mechglue_lib=${withval}/libgssapi.a
1069 elif test -e ${withval}/lib/libgssapi.a ; then
1070 mechglue_lib=${withval}/lib/libgssapi.a
1071 else
1072 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1c89237d 1073 fi
bec32dad 1074 LIBS="$LIBS ${mechglue_lib}"
1075 AC_MSG_RESULT(${mechglue_lib})
1076
1c89237d 1077 AC_CHECK_LIB(dl, dlopen, , )
1078 if test $ac_cv_lib_dl_dlopen = yes; then
bec32dad 1079 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1c89237d 1080 fi
bec32dad 1081
1c89237d 1082 AC_DEFINE(GSSAPI)
08822d99 1083 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
1c89237d 1084 GSSAPI="mechglue"
1085
1c89237d 1086 ]
1087)
1088
1089
5598e598 1090# Check whether the user wants GSI (Globus) support
1091gsi_path="no"
1092AC_ARG_WITH(gsi,
483bcdbd 1093 [ --with-gsi Enable Globus GSI authentication support],
5598e598 1094 [
1095 gsi_path="$withval"
1096 ]
1097)
1098
1099AC_ARG_WITH(globus,
483bcdbd 1100 [ --with-globus Enable Globus GSI authentication support],
5598e598 1101 [
1102 gsi_path="$withval"
1103 ]
1104)
1105
483bcdbd 1106AC_ARG_WITH(globus-static,
1107 [ --with-globus-static Link statically with Globus GSI libraries],
1108 [
1109 gsi_static="-static"
9e6effad 1110 if test "x$gsi_path" = "xno" ; then
6e098d39 1111 gsi_path="$withval"
1112 fi
483bcdbd 1113 ]
1114)
1115
5fb9fc74 1116# Check whether the user has a Globus flavor type
1117globus_flavor_type="no"
1118AC_ARG_WITH(globus-flavor,
483bcdbd 1119 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
5fb9fc74 1120 [
1121 globus_flavor_type="$withval"
9e6effad 1122 if test "x$gsi_path" = "xno" ; then
e78b0188 1123 gsi_path="yes"
1124 fi
5fb9fc74 1125 ]
1126)
1127
5598e598 1128if test "x$gsi_path" != "xno" ; then
1129 # Globus GSSAPI configuration
22798398 1130 AC_MSG_CHECKING(for Globus GSI)
08822d99 1131 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
5598e598 1132
1c89237d 1133 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
483bcdbd 1134 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
1c89237d 1135 fi
1136 if test -z "$GSSAPI"; then
1137 AC_DEFINE(GSSAPI)
1138 GSSAPI="GSI"
1139 fi
1140
8b1f0dfd 1141 if test "x$gsi_path" = "xyes" ; then
1142 if test -z "$GLOBUS_LOCATION" ; then
483bcdbd 1143 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
8b1f0dfd 1144 else
1145 gsi_path="$GLOBUS_LOCATION"
1146 fi
1147 fi
483bcdbd 1148 GLOBUS_LOCATION="$gsi_path"
1149 export GLOBUS_LOCATION
1150 if test ! -d "$GLOBUS_LOCATION" ; then
1151 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
5598e598 1152 fi
5598e598 1153
22798398 1154 if test "x$globus_flavor_type" = "xno" ; then
1155 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1156 fi
1157 if test "x$globus_flavor_type" = "xyes" ; then
1158 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
5598e598 1159 fi
5fb9fc74 1160
bed23354 1161 if test -x ${gsi_path}/bin/globus-makefile-header ; then
7e2129ee 1162 ${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
bed23354 1163 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
7e2129ee 1164 ${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | sed 's/ = \(.*\)/="\1"/' > ./gpt_build_tmp.sh
5fb9fc74 1165 else
bed23354 1166 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
22798398 1167 fi
7e2129ee 1168 . ./gpt_build_tmp.sh
1dca09f1 1169 if test -n "${need_dash_r}"; then
99c77ccf 1170 GSI_LDFLAGS="-L${gsi_path}/lib -R${gsi_path}/lib"
1dca09f1 1171 else
1172 GSI_LDFLAGS="-L${gsi_path}/lib"
1173 fi
7e2129ee 1174 if test -z "$GLOBUS_PKG_LIBS" ; then
bed23354 1175 AC_MSG_ERROR(globus-makefile-header failed)
5fb9fc74 1176 fi
5598e598 1177
540d72c3 1178 AC_DEFINE(HAVE_GSSAPI_H)
1179
7e2129ee 1180 LIBS="$LIBS $GLOBUS_LIBS $GLOBUS_PKG_LIBS"
1181 LDFLAGS="$LDFLAGS $GLOBUS_LDFLAGS"
1182 CPPFLAGS="$CPPFLAGS $GLOBUS_CPPFLAGS $GLOBUS_INCLUDES"
1183 CFLAGS="$CFLAGS $GLOBUS_CFLAGS"
22798398 1184
1185 # test that we got the libraries OK
1186 AC_TRY_LINK(
1187 [],
1188 [],
1189 [
1190 AC_MSG_RESULT(yes)
1191 ],
1192 [
1193 AC_MSG_ERROR(link with Globus libraries failed)
1194 ]
1195 )
fd34c71f 1196 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
1ca858e9 1197 INSTALL_GSISSH="yes"
1198else
1199 INSTALL_GSISSH=""
5598e598 1200fi
1ca858e9 1201AC_SUBST(INSTALL_GSISSH)
1202# End Globus/GSI section
5598e598 1203
7e82606e 1204AC_MSG_CHECKING([for /proc/pid/fd directory])
1205if test -d "/proc/$$/fd" ; then
08822d99 1206 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1207 AC_MSG_RESULT(yes)
1208else
1209 AC_MSG_RESULT(no)
1210fi
1211
3c0ef626 1212# Check whether user wants S/Key support
540d72c3 1213SKEY_MSG="no"
3c0ef626 1214AC_ARG_WITH(skey,
dfddba3d 1215 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1216 [
1217 if test "x$withval" != "xno" ; then
1218
1219 if test "x$withval" != "xyes" ; then
1220 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1221 LDFLAGS="$LDFLAGS -L${withval}/lib"
1222 fi
1223
08822d99 1224 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1225 LIBS="-lskey $LIBS"
540d72c3 1226 SKEY_MSG="yes"
8b32eddc 1227
e9702f7d 1228 AC_MSG_CHECKING([for s/key support])
08822d99 1229 AC_LINK_IFELSE(
1230 [AC_LANG_SOURCE([[
e9702f7d 1231#include <stdio.h>
1232#include <skey.h>
d03f4262 1233int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1234 ]])],
e9702f7d 1235 [AC_MSG_RESULT(yes)],
3c0ef626 1236 [
e9702f7d 1237 AC_MSG_RESULT(no)
3c0ef626 1238 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1239 ])
12a403af 1240 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1241 AC_TRY_COMPILE(
1242 [#include <stdio.h>
1243 #include <skey.h>],
1244 [(void)skeychallenge(NULL,"name","",0);],
1245 [AC_MSG_RESULT(yes)
08822d99 1246 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1247 [Define if your skeychallenge()
1248 function takes 4 arguments (NetBSD)])],
12a403af 1249 [AC_MSG_RESULT(no)]
1250 )
3c0ef626 1251 fi
1252 ]
1253)
1254
1255# Check whether user wants TCP wrappers support
1256TCPW_MSG="no"
1257AC_ARG_WITH(tcp-wrappers,
dfddba3d 1258 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1259 [
1260 if test "x$withval" != "xno" ; then
1261 saved_LIBS="$LIBS"
1262 saved_LDFLAGS="$LDFLAGS"
1263 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1264 if test -n "${withval}" && \
1265 test "x${withval}" != "xyes"; then
3c0ef626 1266 if test -d "${withval}/lib"; then
1267 if test -n "${need_dash_r}"; then
1268 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1269 else
1270 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1271 fi
1272 else
1273 if test -n "${need_dash_r}"; then
1274 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1275 else
1276 LDFLAGS="-L${withval} ${LDFLAGS}"
1277 fi
1278 fi
1279 if test -d "${withval}/include"; then
1280 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1281 else
1282 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1283 fi
1284 fi
fa0f0f45 1285 LIBS="-lwrap $LIBS"
3c0ef626 1286 AC_MSG_CHECKING(for libwrap)
1287 AC_TRY_LINK(
1288 [
12a403af 1289#include <sys/types.h>
1290#include <sys/socket.h>
1291#include <netinet/in.h>
3c0ef626 1292#include <tcpd.h>
1293 int deny_severity = 0, allow_severity = 0;
1294 ],
1295 [hosts_access(0);],
1296 [
1297 AC_MSG_RESULT(yes)
08822d99 1298 AC_DEFINE(LIBWRAP, 1,
1299 [Define if you want
1300 TCP Wrappers support])
fa0f0f45 1301 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1302 TCPW_MSG="yes"
1303 ],
1304 [
1305 AC_MSG_ERROR([*** libwrap missing])
1306 ]
1307 )
e9702f7d 1308 LIBS="$saved_LIBS"
3c0ef626 1309 fi
1310 ]
1311)
1312
dfddba3d 1313# Check whether user wants libedit support
1314LIBEDIT_MSG="no"
1315AC_ARG_WITH(libedit,
1316 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1317 [ if test "x$withval" != "xno" ; then
8b32eddc 1318 if test "x$withval" != "xyes"; then
08822d99 1319 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1320 if test -n "${need_dash_r}"; then
1321 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1322 else
1323 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1324 fi
8b32eddc 1325 fi
dfddba3d 1326 AC_CHECK_LIB(edit, el_init,
08822d99 1327 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1328 LIBEDIT="-ledit -lcurses"
1329 LIBEDIT_MSG="yes"
1330 AC_SUBST(LIBEDIT)
1331 ],
8b32eddc 1332 [ AC_MSG_ERROR(libedit not found) ],
1333 [ -lcurses ]
dfddba3d 1334 )
2ce0bfe4 1335 AC_MSG_CHECKING(if libedit version is compatible)
1336 AC_COMPILE_IFELSE(
1337 [AC_LANG_SOURCE([[
1338#include <histedit.h>
1339int main(void)
1340{
1341 int i = H_SETSIZE;
1342 el_init("", NULL, NULL, NULL);
1343 exit(0);
1344}
1345 ]])],
1346 [ AC_MSG_RESULT(yes) ],
1347 [ AC_MSG_RESULT(no)
1348 AC_MSG_ERROR(libedit version is not compatible) ]
1349 )
dfddba3d 1350 fi ]
1351)
1352
1353AUDIT_MODULE=none
1354AC_ARG_WITH(audit,
1355 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1356 [
1357 AC_MSG_CHECKING(for supported audit module)
1358 case "$withval" in
1359 bsm)
1360 AC_MSG_RESULT(bsm)
1361 AUDIT_MODULE=bsm
1362 dnl Checks for headers, libs and functions
1363 AC_CHECK_HEADERS(bsm/audit.h, [],
30460aeb 1364 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1365 [
1366#ifdef HAVE_TIME_H
1367# include <time.h>
1368#endif
1369 ]
1370)
dfddba3d 1371 AC_CHECK_LIB(bsm, getaudit, [],
1372 [AC_MSG_ERROR(BSM enabled and required library not found)])
1373 AC_CHECK_FUNCS(getaudit, [],
1374 [AC_MSG_ERROR(BSM enabled and required function not found)])
1375 # These are optional
1376 AC_CHECK_FUNCS(getaudit_addr)
08822d99 1377 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1378 ;;
1379 debug)
1380 AUDIT_MODULE=debug
1381 AC_MSG_RESULT(debug)
08822d99 1382 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1383 ;;
2ce0bfe4 1384 no)
1385 AC_MSG_RESULT(no)
1386 ;;
dfddba3d 1387 *)
1388 AC_MSG_ERROR([Unknown audit module $withval])
1389 ;;
1390 esac ]
1391)
1392
bfe49944 1393dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1394AC_CHECK_FUNCS( \
1395 arc4random \
08822d99 1396 asprintf \
2ce0bfe4 1397 b64_ntop \
1398 __b64_ntop \
1399 b64_pton \
1400 __b64_pton \
1401 bcopy \
1402 bindresvport_sa \
1403 clock \
1404 closefrom \
1405 dirfd \
1406 fchmod \
1407 fchown \
1408 freeaddrinfo \
1409 futimes \
1410 getaddrinfo \
1411 getcwd \
1412 getgrouplist \
1413 getnameinfo \
1414 getopt \
1415 getpeereid \
fa0f0f45 1416 getpeerucred \
2ce0bfe4 1417 _getpty \
1418 getrlimit \
1419 getttyent \
1420 glob \
1421 inet_aton \
1422 inet_ntoa \
1423 inet_ntop \
1424 innetgr \
1425 login_getcapbool \
1426 md5_crypt \
1427 memmove \
1428 mkdtemp \
1429 mmap \
1430 ngetaddrinfo \
1431 nsleep \
1432 ogetaddrinfo \
1433 openlog_r \
1434 openpty \
fa0f0f45 1435 poll \
2ce0bfe4 1436 prctl \
1437 pstat \
1438 readpassphrase \
1439 realpath \
1440 recvmsg \
1441 rresvport_af \
1442 sendmsg \
1443 setdtablesize \
1444 setegid \
1445 setenv \
1446 seteuid \
1447 setgroups \
1448 setlogin \
1449 setpcred \
1450 setproctitle \
1451 setregid \
1452 setreuid \
1453 setrlimit \
1454 setsid \
1455 setvbuf \
1456 sigaction \
1457 sigvec \
1458 snprintf \
1459 socketpair \
1460 strdup \
1461 strerror \
1462 strlcat \
1463 strlcpy \
1464 strmode \
1465 strnvis \
1466 strtonum \
1467 strtoll \
1468 strtoul \
fa0f0f45 1469 swap32 \
2ce0bfe4 1470 sysconf \
1471 tcgetpgrp \
1472 truncate \
1473 unsetenv \
1474 updwtmpx \
08822d99 1475 vasprintf \
2ce0bfe4 1476 vhangup \
1477 vsnprintf \
1478 waitpid \
bfe49944 1479)
1480
29d88157 1481# IRIX has a const char return value for gai_strerror()
1482AC_CHECK_FUNCS(gai_strerror,[
1483 AC_DEFINE(HAVE_GAI_STRERROR)
1484 AC_TRY_COMPILE([
1485#include <sys/types.h>
1486#include <sys/socket.h>
1487#include <netdb.h>
1488
1489const char *gai_strerror(int);],[
1490char *str;
1491
1492str = gai_strerror(0);],[
1493 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1494 [Define if gai_strerror() returns const char *])])])
1495
08822d99 1496AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1497 [Some systems put nanosleep outside of libc]))
bfe49944 1498
7cac2b65 1499dnl Make sure prototypes are defined for these before using them.
7cac2b65 1500AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1501AC_CHECK_DECL(strsep,
1502 [AC_CHECK_FUNCS(strsep)],
1503 [],
1504 [
1505#ifdef HAVE_STRING_H
1506# include <string.h>
1507#endif
1508 ])
3c0ef626 1509
7cac2b65 1510dnl tcsendbreak might be a macro
1511AC_CHECK_DECL(tcsendbreak,
1512 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1513 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1514 [#include <termios.h>]
1515)
3c0ef626 1516
7e82606e 1517AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1518
30460aeb 1519AC_CHECK_DECLS(SHUT_RD, , ,
1520 [
1521#include <sys/types.h>
1522#include <sys/socket.h>
1523 ])
1524
1525AC_CHECK_DECLS(O_NONBLOCK, , ,
1526 [
1527#include <sys/types.h>
1528#ifdef HAVE_SYS_STAT_H
1529# include <sys/stat.h>
1530#endif
1531#ifdef HAVE_FCNTL_H
1532# include <fcntl.h>
1533#endif
1534 ])
1535
1536AC_CHECK_DECLS(writev, , , [
1537#include <sys/types.h>
1538#include <sys/uio.h>
1539#include <unistd.h>
1540 ])
1541
fa0f0f45 1542AC_CHECK_DECLS(MAXSYMLINKS, , , [
1543#include <sys/param.h>
1544 ])
1545
1546AC_CHECK_DECLS(offsetof, , , [
1547#include <stddef.h>
1548 ])
1549
540d72c3 1550AC_CHECK_FUNCS(setresuid, [
1551 dnl Some platorms have setresuid that isn't implemented, test for this
1552 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1553 AC_RUN_IFELSE(
1554 [AC_LANG_SOURCE([[
540d72c3 1555#include <stdlib.h>
1556#include <errno.h>
1557int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1558 ]])],
540d72c3 1559 [AC_MSG_RESULT(yes)],
08822d99 1560 [AC_DEFINE(BROKEN_SETRESUID, 1,
1561 [Define if your setresuid() is broken])
dfddba3d 1562 AC_MSG_RESULT(not implemented)],
1563 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1564 )
1565])
1566
1567AC_CHECK_FUNCS(setresgid, [
1568 dnl Some platorms have setresgid that isn't implemented, test for this
1569 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1570 AC_RUN_IFELSE(
1571 [AC_LANG_SOURCE([[
540d72c3 1572#include <stdlib.h>
1573#include <errno.h>
1574int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1575 ]])],
540d72c3 1576 [AC_MSG_RESULT(yes)],
08822d99 1577 [AC_DEFINE(BROKEN_SETRESGID, 1,
1578 [Define if your setresgid() is broken])
dfddba3d 1579 AC_MSG_RESULT(not implemented)],
1580 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1581 )
1582])
1583
3c0ef626 1584dnl Checks for time functions
1585AC_CHECK_FUNCS(gettimeofday time)
1586dnl Checks for utmp functions
1587AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1588AC_CHECK_FUNCS(utmpname)
1589dnl Checks for utmpx functions
1590AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1591AC_CHECK_FUNCS(setutxent utmpxname)
1592
540d72c3 1593AC_CHECK_FUNC(daemon,
08822d99 1594 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1595 [AC_CHECK_LIB(bsd, daemon,
1596 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1597)
1598
540d72c3 1599AC_CHECK_FUNC(getpagesize,
08822d99 1600 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1601 [Define if your libraries define getpagesize()])],
1602 [AC_CHECK_LIB(ucb, getpagesize,
1603 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1604)
1605
1606# Check for broken snprintf
1607if test "x$ac_cv_func_snprintf" = "xyes" ; then
1608 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1609 AC_RUN_IFELSE(
1610 [AC_LANG_SOURCE([[
3c0ef626 1611#include <stdio.h>
d03f4262 1612int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1613 ]])],
540d72c3 1614 [AC_MSG_RESULT(yes)],
3c0ef626 1615 [
1616 AC_MSG_RESULT(no)
08822d99 1617 AC_DEFINE(BROKEN_SNPRINTF, 1,
1618 [Define if your snprintf is busted])
3c0ef626 1619 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1620 ],
1621 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1622 )
1623fi
1624
08822d99 1625# If we don't have a working asprintf, then we strongly depend on vsnprintf
1626# returning the right thing on overflow: the number of characters it tried to
1627# create (as per SUSv3)
1628if test "x$ac_cv_func_asprintf" != "xyes" && \
1629 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1630 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1631 AC_RUN_IFELSE(
1632 [AC_LANG_SOURCE([[
1633#include <sys/types.h>
1634#include <stdio.h>
1635#include <stdarg.h>
1636
1637int x_snprintf(char *str,size_t count,const char *fmt,...)
1638{
1639 size_t ret; va_list ap;
1640 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1641 return ret;
1642}
1643int main(void)
1644{
1645 char x[1];
1646 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1647} ]])],
1648 [AC_MSG_RESULT(yes)],
1649 [
1650 AC_MSG_RESULT(no)
1651 AC_DEFINE(BROKEN_SNPRINTF, 1,
1652 [Define if your snprintf is busted])
1653 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1654 ],
1655 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1656 )
1657fi
1658
1659# On systems where [v]snprintf is broken, but is declared in stdio,
1660# check that the fmt argument is const char * or just char *.
1661# This is only useful for when BROKEN_SNPRINTF
1662AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1663AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1664 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1665 int main(void) { snprintf(0, 0, 0); }
1666 ]])],
1667 [AC_MSG_RESULT(yes)
1668 AC_DEFINE(SNPRINTF_CONST, [const],
1669 [Define as const if snprintf() can declare const char *fmt])],
1670 [AC_MSG_RESULT(no)
1671 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1672
7e82606e 1673# Check for missing getpeereid (or equiv) support
1674NO_PEERCHECK=""
fa0f0f45 1675if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
7e82606e 1676 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1677 AC_TRY_COMPILE(
1678 [#include <sys/types.h>
1679 #include <sys/socket.h>],
1680 [int i = SO_PEERCRED;],
8b32eddc 1681 [ AC_MSG_RESULT(yes)
08822d99 1682 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1683 ],
7e82606e 1684 [AC_MSG_RESULT(no)
1685 NO_PEERCHECK=1]
1686 )
1687fi
1688
bfe49944 1689dnl see whether mkstemp() requires XXXXXX
1690if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1691AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1692AC_RUN_IFELSE(
1693 [AC_LANG_SOURCE([[
bfe49944 1694#include <stdlib.h>
1695main() { char template[]="conftest.mkstemp-test";
1696if (mkstemp(template) == -1)
1697 exit(1);
1698unlink(template); exit(0);
1699}
08822d99 1700 ]])],
bfe49944 1701 [
1702 AC_MSG_RESULT(no)
1703 ],
540d72c3 1704 [
bfe49944 1705 AC_MSG_RESULT(yes)
08822d99 1706 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1707 ],
1708 [
1709 AC_MSG_RESULT(yes)
1710 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1711 ]
bfe49944 1712)
1713fi
1714
7cac2b65 1715dnl make sure that openpty does not reacquire controlling terminal
1716if test ! -z "$check_for_openpty_ctty_bug"; then
1717 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1718 AC_RUN_IFELSE(
1719 [AC_LANG_SOURCE([[
7cac2b65 1720#include <stdio.h>
1721#include <sys/fcntl.h>
1722#include <sys/types.h>
1723#include <sys/wait.h>
1724
1725int
1726main()
1727{
1728 pid_t pid;
1729 int fd, ptyfd, ttyfd, status;
1730
1731 pid = fork();
1732 if (pid < 0) { /* failed */
1733 exit(1);
1734 } else if (pid > 0) { /* parent */
1735 waitpid(pid, &status, 0);
540d72c3 1736 if (WIFEXITED(status))
7cac2b65 1737 exit(WEXITSTATUS(status));
1738 else
1739 exit(2);
1740 } else { /* child */
1741 close(0); close(1); close(2);
1742 setsid();
1743 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1744 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1745 if (fd >= 0)
1746 exit(3); /* Acquired ctty: broken */
1747 else
1748 exit(0); /* Did not acquire ctty: OK */
1749 }
1750}
08822d99 1751 ]])],
7cac2b65 1752 [
1753 AC_MSG_RESULT(yes)
1754 ],
1755 [
1756 AC_MSG_RESULT(no)
1757 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1758 ],
1759 [
1760 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1761 ]
1762 )
1763fi
1764
8b32eddc 1765if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1766 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1767 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1768 AC_RUN_IFELSE(
1769 [AC_LANG_SOURCE([[
12a403af 1770#include <stdio.h>
1771#include <sys/socket.h>
1772#include <netdb.h>
1773#include <errno.h>
1774#include <netinet/in.h>
1775
1776#define TEST_PORT "2222"
1777
1778int
1779main(void)
1780{
1781 int err, sock;
1782 struct addrinfo *gai_ai, *ai, hints;
1783 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1784
1785 memset(&hints, 0, sizeof(hints));
1786 hints.ai_family = PF_UNSPEC;
1787 hints.ai_socktype = SOCK_STREAM;
1788 hints.ai_flags = AI_PASSIVE;
1789
1790 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1791 if (err != 0) {
1792 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1793 exit(1);
1794 }
1795
1796 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1797 if (ai->ai_family != AF_INET6)
1798 continue;
1799
1800 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1801 sizeof(ntop), strport, sizeof(strport),
1802 NI_NUMERICHOST|NI_NUMERICSERV);
1803
1804 if (err != 0) {
1805 if (err == EAI_SYSTEM)
1806 perror("getnameinfo EAI_SYSTEM");
1807 else
1808 fprintf(stderr, "getnameinfo failed: %s\n",
1809 gai_strerror(err));
1810 exit(2);
1811 }
1812
1813 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1814 if (sock < 0)
1815 perror("socket");
1816 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1817 if (errno == EBADF)
1818 exit(3);
1819 }
1820 }
1821 exit(0);
1822}
08822d99 1823 ]])],
12a403af 1824 [
1825 AC_MSG_RESULT(yes)
1826 ],
1827 [
1828 AC_MSG_RESULT(no)
1829 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1830 ],
1831 [
1832 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1833 ]
1834 )
1835fi
1836
8b32eddc 1837if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1838 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1839 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1840 AC_RUN_IFELSE(
1841 [AC_LANG_SOURCE([[
dfddba3d 1842#include <stdio.h>
1843#include <sys/socket.h>
1844#include <netdb.h>
1845#include <errno.h>
1846#include <netinet/in.h>
1847
1848#define TEST_PORT "2222"
1849
1850int
1851main(void)
1852{
1853 int err, sock;
1854 struct addrinfo *gai_ai, *ai, hints;
1855 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1856
1857 memset(&hints, 0, sizeof(hints));
1858 hints.ai_family = PF_UNSPEC;
1859 hints.ai_socktype = SOCK_STREAM;
1860 hints.ai_flags = AI_PASSIVE;
1861
1862 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1863 if (err != 0) {
1864 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1865 exit(1);
1866 }
1867
1868 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1869 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1870 continue;
1871
1872 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1873 sizeof(ntop), strport, sizeof(strport),
1874 NI_NUMERICHOST|NI_NUMERICSERV);
1875
1876 if (ai->ai_family == AF_INET && err != 0) {
1877 perror("getnameinfo");
1878 exit(2);
1879 }
1880 }
1881 exit(0);
1882}
08822d99 1883 ]])],
dfddba3d 1884 [
1885 AC_MSG_RESULT(yes)
08822d99 1886 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1887 [Define if you have a getaddrinfo that fails
1888 for the all-zeros IPv6 address])
dfddba3d 1889 ],
1890 [
1891 AC_MSG_RESULT(no)
1892 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1893 ],
30460aeb 1894 [
08822d99 1895 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1896 ]
1897 )
1898fi
1899
1900if test "x$check_for_conflicting_getspnam" = "x1"; then
1901 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1902 AC_COMPILE_IFELSE(
1903 [
1904#include <shadow.h>
1905int main(void) {exit(0);}
1906 ],
1907 [
1908 AC_MSG_RESULT(no)
1909 ],
1910 [
1911 AC_MSG_RESULT(yes)
1912 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1913 [Conflicting defs for getspnam])
1914 ]
1915 )
1916fi
1917
3c0ef626 1918AC_FUNC_GETPGRP
1919
350391c5 1920# Search for OpenSSL
1921saved_CPPFLAGS="$CPPFLAGS"
1922saved_LDFLAGS="$LDFLAGS"
3c0ef626 1923AC_ARG_WITH(ssl-dir,
1924 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1925 [
1926 if test "x$withval" != "xno" ; then
dfddba3d 1927 case "$withval" in
1928 # Relative paths
1929 ./*|../*) withval="`pwd`/$withval"
1930 esac
350391c5 1931 if test -d "$withval/lib"; then
1932 if test -n "${need_dash_r}"; then
1933 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1934 else
1935 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1936 fi
1937 else
350391c5 1938 if test -n "${need_dash_r}"; then
1939 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1940 else
1941 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1942 fi
1943 fi
350391c5 1944 if test -d "$withval/include"; then
1945 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1946 else
350391c5 1947 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1948 fi
1949 fi
350391c5 1950 ]
1951)
cdaf3e9d 1952if test -z "$GSI_LDFLAGS" ; then
540d72c3 1953LIBS="-lcrypto $LIBS"
22798398 1954fi
08822d99 1955AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1956 [Define if your ssl headers are included
1957 with #include <openssl/header.h>]),
3c0ef626 1958 [
350391c5 1959 dnl Check default openssl install dir
1960 if test -n "${need_dash_r}"; then
1961 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1962 else
350391c5 1963 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1964 fi
350391c5 1965 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1966 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1967 [
1968 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1969 ]
1970 )
1971 ]
1972)
1973
d03f4262 1974# Determine OpenSSL header version
1975AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 1976AC_RUN_IFELSE(
1977 [AC_LANG_SOURCE([[
d03f4262 1978#include <stdio.h>
1979#include <string.h>
1980#include <openssl/opensslv.h>
1981#define DATA "conftest.sslincver"
1982int main(void) {
540d72c3 1983 FILE *fd;
1984 int rc;
d03f4262 1985
540d72c3 1986 fd = fopen(DATA,"w");
1987 if(fd == NULL)
1988 exit(1);
d03f4262 1989
1990 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1991 exit(1);
1992
1993 exit(0);
1994}
dfddba3d 1995 ]])],
d03f4262 1996 [
1997 ssl_header_ver=`cat conftest.sslincver`
1998 AC_MSG_RESULT($ssl_header_ver)
1999 ],
2000 [
2001 AC_MSG_RESULT(not found)
2002 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 2003 ],
2004 [
2005 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2006 ]
2007)
2008
2009# Determine OpenSSL library version
2010AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 2011AC_RUN_IFELSE(
2012 [AC_LANG_SOURCE([[
d03f4262 2013#include <stdio.h>
2014#include <string.h>
2015#include <openssl/opensslv.h>
2016#include <openssl/crypto.h>
2017#define DATA "conftest.ssllibver"
2018int main(void) {
540d72c3 2019 FILE *fd;
2020 int rc;
d03f4262 2021
540d72c3 2022 fd = fopen(DATA,"w");
2023 if(fd == NULL)
2024 exit(1);
d03f4262 2025
2026 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2027 exit(1);
2028
2029 exit(0);
2030}
dfddba3d 2031 ]])],
d03f4262 2032 [
2033 ssl_library_ver=`cat conftest.ssllibver`
2034 AC_MSG_RESULT($ssl_library_ver)
2035 ],
2036 [
2037 AC_MSG_RESULT(not found)
2038 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 2039 ],
2040 [
2041 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2042 ]
2043)
3c0ef626 2044
0b90ac93 2045AC_ARG_WITH(openssl-header-check,
2046 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2047 [ if test "x$withval" = "xno" ; then
2048 openssl_check_nonfatal=1
2049 fi
2050 ]
2051)
2052
e9702f7d 2053# Sanity check OpenSSL headers
2054AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 2055AC_RUN_IFELSE(
2056 [AC_LANG_SOURCE([[
e9702f7d 2057#include <string.h>
2058#include <openssl/opensslv.h>
d03f4262 2059int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 2060 ]])],
e9702f7d 2061 [
2062 AC_MSG_RESULT(yes)
2063 ],
2064 [
2065 AC_MSG_RESULT(no)
0b90ac93 2066 if test "x$openssl_check_nonfatal" = "x"; then
2067 AC_MSG_ERROR([Your OpenSSL headers do not match your
2068library. Check config.log for details.
2069If you are sure your installation is consistent, you can disable the check
2070by running "./configure --without-openssl-header-check".
2071Also see contrib/findssl.sh for help identifying header/library mismatches.
2072])
2073 else
2074 AC_MSG_WARN([Your OpenSSL headers do not match your
2075library. Check config.log for details.
7cac2b65 2076Also see contrib/findssl.sh for help identifying header/library mismatches.])
0b90ac93 2077 fi
dfddba3d 2078 ],
2079 [
2080 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 2081 ]
2082)
2083
30460aeb 2084AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2085AC_LINK_IFELSE(
2086 [AC_LANG_SOURCE([[
2087#include <openssl/evp.h>
2088int main(void) { SSLeay_add_all_algorithms(); }
2089 ]])],
2090 [
2091 AC_MSG_RESULT(yes)
2092 ],
2093 [
2094 AC_MSG_RESULT(no)
2095 saved_LIBS="$LIBS"
2096 LIBS="$LIBS -ldl"
2097 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2098 AC_LINK_IFELSE(
2099 [AC_LANG_SOURCE([[
2100#include <openssl/evp.h>
2101int main(void) { SSLeay_add_all_algorithms(); }
2102 ]])],
2103 [
2104 AC_MSG_RESULT(yes)
2105 ],
2106 [
2107 AC_MSG_RESULT(no)
2108 LIBS="$saved_LIBS"
2109 ]
2110 )
2111 ]
2112)
2113
2114AC_ARG_WITH(ssl-engine,
2115 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2116 [ if test "x$withval" != "xno" ; then
2117 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2118 AC_TRY_COMPILE(
2119 [ #include <openssl/engine.h>],
2120 [
240debe0 2121ENGINE_load_builtin_engines();ENGINE_register_all_complete();
30460aeb 2122 ],
2123 [ AC_MSG_RESULT(yes)
2124 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2125 [Enable OpenSSL engine support])
2126 ],
2127 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2128 )
2129 fi ]
2130)
2131
08822d99 2132# Check for OpenSSL without EVP_aes_{192,256}_cbc
2133AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
30460aeb 2134AC_LINK_IFELSE(
08822d99 2135 [AC_LANG_SOURCE([[
2136#include <string.h>
2137#include <openssl/evp.h>
4b6dae8f 2138int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
08822d99 2139 ]])],
2140 [
2141 AC_MSG_RESULT(no)
2142 ],
2143 [
2144 AC_MSG_RESULT(yes)
2145 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2146 [libcrypto is missing AES 192 and 256 bit functions])
2147 ]
2148)
2149
540d72c3 2150# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2151# because the system crypt() is more featureful.
2152if test "x$check_for_libcrypt_before" = "x1"; then
2153 AC_CHECK_LIB(crypt, crypt)
2154fi
2155
2156# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2157# version in OpenSSL.
7cac2b65 2158if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2159 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2160fi
2161
30460aeb 2162# Search for SHA256 support in libc and/or OpenSSL
2163AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2164
fa0f0f45 2165saved_LIBS="$LIBS"
2166AC_CHECK_LIB(iaf, ia_openinfo, [
2167 LIBS="$LIBS -liaf"
2168 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
2169])
2170LIBS="$saved_LIBS"
e9702f7d 2171
2172### Configure cryptographic random number support
2173
2174# Check wheter OpenSSL seeds itself
2175AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2176AC_RUN_IFELSE(
2177 [AC_LANG_SOURCE([[
e9702f7d 2178#include <string.h>
2179#include <openssl/rand.h>
d03f4262 2180int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2181 ]])],
e9702f7d 2182 [
2183 OPENSSL_SEEDS_ITSELF=yes
2184 AC_MSG_RESULT(yes)
2185 ],
2186 [
2187 AC_MSG_RESULT(no)
2188 # Default to use of the rand helper if OpenSSL doesn't
2189 # seed itself
2190 USE_RAND_HELPER=yes
dfddba3d 2191 ],
2192 [
2193 AC_MSG_WARN([cross compiling: assuming yes])
2194 # This is safe, since all recent OpenSSL versions will
8b32eddc 2195 # complain at runtime if not seeded correctly.
dfddba3d 2196 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2197 ]
2198)
2199
30460aeb 2200# Check for PAM libs
2201PAM_MSG="no"
2202AC_ARG_WITH(pam,
2203 [ --with-pam Enable PAM support ],
2204 [
2205 if test "x$withval" != "xno" ; then
2206 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2207 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2208 AC_MSG_ERROR([PAM headers not found])
2209 fi
2210
2211 saved_LIBS="$LIBS"
2212 AC_CHECK_LIB(dl, dlopen, , )
2213 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2214 AC_CHECK_FUNCS(pam_getenvlist)
2215 AC_CHECK_FUNCS(pam_putenv)
2216 LIBS="$saved_LIBS"
2217
2218 PAM_MSG="yes"
2219
fa0f0f45 2220 SSHDLIBS="$SSHDLIBS -lpam"
30460aeb 2221 AC_DEFINE(USE_PAM, 1,
2222 [Define if you want to enable PAM support])
2223
2224 if test $ac_cv_lib_dl_dlopen = yes; then
2225 case "$LIBS" in
2226 *-ldl*)
2227 # libdl already in LIBS
2228 ;;
2229 *)
fa0f0f45 2230 SSHDLIBS="$SSHDLIBS -ldl"
30460aeb 2231 ;;
2232 esac
2233 fi
30460aeb 2234 fi
2235 ]
2236)
2237
2238# Check for older PAM
2239if test "x$PAM_MSG" = "xyes" ; then
2240 # Check PAM strerror arguments (old PAM)
2241 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2242 AC_TRY_COMPILE(
2243 [
2244#include <stdlib.h>
2245#if defined(HAVE_SECURITY_PAM_APPL_H)
2246#include <security/pam_appl.h>
2247#elif defined (HAVE_PAM_PAM_APPL_H)
2248#include <pam/pam_appl.h>
2249#endif
2250 ],
2251 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2252 [AC_MSG_RESULT(no)],
2253 [
2254 AC_DEFINE(HAVE_OLD_PAM, 1,
2255 [Define if you have an old version of PAM
2256 which takes only one argument to pam_strerror])
2257 AC_MSG_RESULT(yes)
2258 PAM_MSG="yes (old library)"
2259 ]
2260 )
2261fi
e9702f7d 2262
2263# Do we want to force the use of the rand helper?
2264AC_ARG_WITH(rand-helper,
2265 [ --with-rand-helper Use subprocess to gather strong randomness ],
2266 [
2267 if test "x$withval" = "xno" ; then
540d72c3 2268 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2269 # the previous test showed it to be unseeded.
2270 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2271 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2272 OPENSSL_SEEDS_ITSELF=yes
2273 USE_RAND_HELPER=""
2274 fi
2275 else
2276 USE_RAND_HELPER=yes
2277 fi
2278 ],
8b32eddc 2279)
e9702f7d 2280
2281# Which randomness source do we use?
8b32eddc 2282if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2283 # OpenSSL only
08822d99 2284 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2285 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2286 RAND_MSG="OpenSSL internal ONLY"
2287 INSTALL_SSH_RAND_HELPER=""
2288elif test ! -z "$USE_RAND_HELPER" ; then
2289 # install rand helper
2290 RAND_MSG="ssh-rand-helper"
2291 INSTALL_SSH_RAND_HELPER="yes"
2292fi
2293AC_SUBST(INSTALL_SSH_RAND_HELPER)
2294
2295### Configuration of ssh-rand-helper
2296
2297# PRNGD TCP socket
2298AC_ARG_WITH(prngd-port,
2299 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2300 [
2301 case "$withval" in
2302 no)
2303 withval=""
2304 ;;
2305 [[0-9]]*)
2306 ;;
2307 *)
2308 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2309 ;;
2310 esac
2311 if test ! -z "$withval" ; then
2312 PRNGD_PORT="$withval"
08822d99 2313 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2314 [Port number of PRNGD/EGD random number socket])
e9702f7d 2315 fi
2316 ]
2317)
2318
2319# PRNGD Unix domain socket
2320AC_ARG_WITH(prngd-socket,
2321 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2322 [
2323 case "$withval" in
2324 yes)
2325 withval="/var/run/egd-pool"
2326 ;;
2327 no)
2328 withval=""
2329 ;;
2330 /*)
2331 ;;
2332 *)
2333 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2334 ;;
2335 esac
2336
2337 if test ! -z "$withval" ; then
2338 if test ! -z "$PRNGD_PORT" ; then
2339 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2340 fi
2341 if test ! -r "$withval" ; then
2342 AC_MSG_WARN(Entropy socket is not readable)
2343 fi
2344 PRNGD_SOCKET="$withval"
08822d99 2345 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2346 [Location of PRNGD/EGD random number socket])
e9702f7d 2347 fi
2348 ],
2349 [
2350 # Check for existing socket only if we don't have a random device already
2351 if test "$USE_RAND_HELPER" = yes ; then
2352 AC_MSG_CHECKING(for PRNGD/EGD socket)
2353 # Insert other locations here
2354 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2355 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2356 PRNGD_SOCKET="$sock"
2357 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2358 break;
2359 fi
2360 done
2361 if test ! -z "$PRNGD_SOCKET" ; then
2362 AC_MSG_RESULT($PRNGD_SOCKET)
2363 else
2364 AC_MSG_RESULT(not found)
2365 fi
2366 fi
2367 ]
2368)
2369
2370# Change default command timeout for hashing entropy source
2371entropy_timeout=200
2372AC_ARG_WITH(entropy-timeout,
2373 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2374 [
8b32eddc 2375 if test -n "$withval" && test "x$withval" != "xno" && \
2376 test "x${withval}" != "xyes"; then
e9702f7d 2377 entropy_timeout=$withval
2378 fi
8b32eddc 2379 ]
e9702f7d 2380)
08822d99 2381AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2382 [Builtin PRNG command timeout])
e9702f7d 2383
276b07a3 2384SSH_PRIVSEP_USER=sshd
350391c5 2385AC_ARG_WITH(privsep-user,
2386 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2387 [
8b32eddc 2388 if test -n "$withval" && test "x$withval" != "xno" && \
2389 test "x${withval}" != "xyes"; then
276b07a3 2390 SSH_PRIVSEP_USER=$withval
350391c5 2391 fi
8b32eddc 2392 ]
350391c5 2393)
08822d99 2394AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2395 [non-privileged user for privilege separation])
276b07a3 2396AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2397
2398# We do this little dance with the search path to insure
2399# that programs that we select for use by installed programs
2400# (which may be run by the super-user) come from trusted
2401# locations before they come from the user's private area.
2402# This should help avoid accidentally configuring some
2403# random version of a program in someone's personal bin.
2404
2405OPATH=$PATH
2406PATH=/bin:/usr/bin
2407test -h /bin 2> /dev/null && PATH=/usr/bin
2408test -d /sbin && PATH=$PATH:/sbin
2409test -d /usr/sbin && PATH=$PATH:/usr/sbin
2410PATH=$PATH:/etc:$OPATH
2411
540d72c3 2412# These programs are used by the command hashing source to gather entropy
e9702f7d 2413OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2414OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2415OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2416OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2417OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2418OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2419OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2420OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2421OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2422OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2423OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2424OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2425OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2426OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2427OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2428OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2429# restore PATH
2430PATH=$OPATH
e9702f7d 2431
2432# Where does ssh-rand-helper get its randomness from?
2433INSTALL_SSH_PRNG_CMDS=""
2434if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2435 if test ! -z "$PRNGD_PORT" ; then
2436 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2437 elif test ! -z "$PRNGD_SOCKET" ; then
2438 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2439 else
2440 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2441 RAND_HELPER_CMDHASH=yes
2442 INSTALL_SSH_PRNG_CMDS="yes"
2443 fi
2444fi
2445AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2446
2447
3c0ef626 2448# Cheap hack to ensure NEWS-OS libraries are arranged right.
2449if test ! -z "$SONY" ; then
2450 LIBS="$LIBS -liberty";
2451fi
2452
08822d99 2453# Check for long long datatypes
2454AC_CHECK_TYPES([long long, unsigned long long, long double])
2455
2456# Check datatype sizes
3c0ef626 2457AC_CHECK_SIZEOF(char, 1)
2458AC_CHECK_SIZEOF(short int, 2)
2459AC_CHECK_SIZEOF(int, 4)
2460AC_CHECK_SIZEOF(long int, 4)
2461AC_CHECK_SIZEOF(long long int, 8)
2462
350391c5 2463# Sanity check long long for some platforms (AIX)
2464if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2465 ac_cv_sizeof_long_long_int=0
2466fi
2467
08822d99 2468# compute LLONG_MIN and LLONG_MAX if we don't know them.
2469if test -z "$have_llong_max"; then
2470 AC_MSG_CHECKING([for max value of long long])
2471 AC_RUN_IFELSE(
2472 [AC_LANG_SOURCE([[
2473#include <stdio.h>
2474/* Why is this so damn hard? */
2475#ifdef __GNUC__
2476# undef __GNUC__
2477#endif
2478#define __USE_ISOC99
2479#include <limits.h>
2480#define DATA "conftest.llminmax"
30460aeb 2481#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2482
2483/*
2484 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2485 * we do this the hard way.
2486 */
2487static int
2488fprint_ll(FILE *f, long long n)
2489{
2490 unsigned int i;
2491 int l[sizeof(long long) * 8];
2492
2493 if (n < 0)
2494 if (fprintf(f, "-") < 0)
2495 return -1;
2496 for (i = 0; n != 0; i++) {
2497 l[i] = my_abs(n % 10);
2498 n /= 10;
2499 }
2500 do {
2501 if (fprintf(f, "%d", l[--i]) < 0)
2502 return -1;
2503 } while (i != 0);
2504 if (fprintf(f, " ") < 0)
2505 return -1;
2506 return 0;
2507}
2508
08822d99 2509int main(void) {
2510 FILE *f;
2511 long long i, llmin, llmax = 0;
2512
2513 if((f = fopen(DATA,"w")) == NULL)
2514 exit(1);
2515
2516#if defined(LLONG_MIN) && defined(LLONG_MAX)
2517 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2518 llmin = LLONG_MIN;
2519 llmax = LLONG_MAX;
2520#else
2521 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2522 /* This will work on one's complement and two's complement */
2523 for (i = 1; i > llmax; i <<= 1, i++)
2524 llmax = i;
2525 llmin = llmax + 1LL; /* wrap */
2526#endif
2527
2528 /* Sanity check */
2529 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
30460aeb 2530 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2531 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
08822d99 2532 fprintf(f, "unknown unknown\n");
2533 exit(2);
2534 }
2535
30460aeb 2536 if (fprint_ll(f, llmin) < 0)
08822d99 2537 exit(3);
30460aeb 2538 if (fprint_ll(f, llmax) < 0)
2539 exit(4);
2540 if (fclose(f) < 0)
2541 exit(5);
08822d99 2542 exit(0);
2543}
2544 ]])],
2545 [
2546 llong_min=`$AWK '{print $1}' conftest.llminmax`
2547 llong_max=`$AWK '{print $2}' conftest.llminmax`
2548
08822d99 2549 AC_MSG_RESULT($llong_max)
2550 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2551 [max value of long long calculated by configure])
2552 AC_MSG_CHECKING([for min value of long long])
2553 AC_MSG_RESULT($llong_min)
2554 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2555 [min value of long long calculated by configure])
2556 ],
2557 [
2558 AC_MSG_RESULT(not found)
2559 ],
2560 [
2561 AC_MSG_WARN([cross compiling: not checking])
2562 ]
2563 )
2564fi
2565
2566
3c0ef626 2567# More checks for data types
2568AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2569 AC_TRY_COMPILE(
540d72c3 2570 [ #include <sys/types.h> ],
2571 [ u_int a; a = 1;],
3c0ef626 2572 [ ac_cv_have_u_int="yes" ],
2573 [ ac_cv_have_u_int="no" ]
2574 )
2575])
2576if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2577 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2578 have_u_int=1
2579fi
2580
2581AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2582 AC_TRY_COMPILE(
540d72c3 2583 [ #include <sys/types.h> ],
2584 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2585 [ ac_cv_have_intxx_t="yes" ],
2586 [ ac_cv_have_intxx_t="no" ]
2587 )
2588])
2589if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2590 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2591 have_intxx_t=1
2592fi
2593
2594if (test -z "$have_intxx_t" && \
540d72c3 2595 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2596then
2597 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2598 AC_TRY_COMPILE(
540d72c3 2599 [ #include <stdint.h> ],
2600 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2601 [
2602 AC_DEFINE(HAVE_INTXX_T)
2603 AC_MSG_RESULT(yes)
2604 ],
2605 [ AC_MSG_RESULT(no) ]
2606 )
2607fi
2608
2609AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2610 AC_TRY_COMPILE(
d03f4262 2611 [
2612#include <sys/types.h>
2613#ifdef HAVE_STDINT_H
2614# include <stdint.h>
2615#endif
2616#include <sys/socket.h>
2617#ifdef HAVE_SYS_BITYPES_H
2618# include <sys/bitypes.h>
2619#endif
540d72c3 2620 ],
2621 [ int64_t a; a = 1;],
3c0ef626 2622 [ ac_cv_have_int64_t="yes" ],
2623 [ ac_cv_have_int64_t="no" ]
2624 )
2625])
2626if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2627 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2628fi
2629
3c0ef626 2630AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2631 AC_TRY_COMPILE(
540d72c3 2632 [ #include <sys/types.h> ],
2633 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2634 [ ac_cv_have_u_intxx_t="yes" ],
2635 [ ac_cv_have_u_intxx_t="no" ]
2636 )
2637])
2638if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2639 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2640 have_u_intxx_t=1
2641fi
2642
2643if test -z "$have_u_intxx_t" ; then
2644 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2645 AC_TRY_COMPILE(
540d72c3 2646 [ #include <sys/socket.h> ],
2647 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2648 [
2649 AC_DEFINE(HAVE_U_INTXX_T)
2650 AC_MSG_RESULT(yes)
2651 ],
2652 [ AC_MSG_RESULT(no) ]
2653 )
2654fi
2655
2656AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2657 AC_TRY_COMPILE(
540d72c3 2658 [ #include <sys/types.h> ],
2659 [ u_int64_t a; a = 1;],
3c0ef626 2660 [ ac_cv_have_u_int64_t="yes" ],
2661 [ ac_cv_have_u_int64_t="no" ]
2662 )
2663])
2664if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2665 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2666 have_u_int64_t=1
2667fi
2668
e9702f7d 2669if test -z "$have_u_int64_t" ; then
2670 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2671 AC_TRY_COMPILE(
540d72c3 2672 [ #include <sys/bitypes.h> ],
e9702f7d 2673 [ u_int64_t a; a = 1],
2674 [
2675 AC_DEFINE(HAVE_U_INT64_T)
2676 AC_MSG_RESULT(yes)
2677 ],
2678 [ AC_MSG_RESULT(no) ]
2679 )
2680fi
2681
3c0ef626 2682if test -z "$have_u_intxx_t" ; then
2683 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2684 AC_TRY_COMPILE(
2685 [
2686#include <sys/types.h>
540d72c3 2687 ],
2688 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2689 [ ac_cv_have_uintxx_t="yes" ],
2690 [ ac_cv_have_uintxx_t="no" ]
2691 )
2692 ])
2693 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2694 AC_DEFINE(HAVE_UINTXX_T, 1,
2695 [define if you have uintxx_t data type])
3c0ef626 2696 fi
2697fi
2698
2699if test -z "$have_uintxx_t" ; then
2700 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2701 AC_TRY_COMPILE(
540d72c3 2702 [ #include <stdint.h> ],
2703 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2704 [
2705 AC_DEFINE(HAVE_UINTXX_T)
2706 AC_MSG_RESULT(yes)
2707 ],
2708 [ AC_MSG_RESULT(no) ]
2709 )
2710fi
2711
2712if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2713 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2714then
2715 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2716 AC_TRY_COMPILE(
2717 [
2718#include <sys/bitypes.h>
540d72c3 2719 ],
3c0ef626 2720 [
2721 int8_t a; int16_t b; int32_t c;
2722 u_int8_t e; u_int16_t f; u_int32_t g;
2723 a = b = c = e = f = g = 1;
540d72c3 2724 ],
3c0ef626 2725 [
2726 AC_DEFINE(HAVE_U_INTXX_T)
2727 AC_DEFINE(HAVE_INTXX_T)
2728 AC_MSG_RESULT(yes)
2729 ],
2730 [AC_MSG_RESULT(no)]
540d72c3 2731 )
3c0ef626 2732fi
2733
2734
2735AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2736 AC_TRY_COMPILE(
2737 [
2738#include <sys/types.h>
2739 ],
2740 [ u_char foo; foo = 125; ],
2741 [ ac_cv_have_u_char="yes" ],
2742 [ ac_cv_have_u_char="no" ]
2743 )
2744])
2745if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2746 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2747fi
2748
2749TYPE_SOCKLEN_T
2750
e9702f7d 2751AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2752
dfddba3d 2753AC_CHECK_TYPES(in_addr_t,,,
2754[#include <sys/types.h>
2755#include <netinet/in.h>])
2756
3c0ef626 2757AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2758 AC_TRY_COMPILE(
2759 [
2760#include <sys/types.h>
2761 ],
2762 [ size_t foo; foo = 1235; ],
2763 [ ac_cv_have_size_t="yes" ],
2764 [ ac_cv_have_size_t="no" ]
2765 )
2766])
2767if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2768 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2769fi
2770
2771AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2772 AC_TRY_COMPILE(
2773 [
2774#include <sys/types.h>
2775 ],
2776 [ ssize_t foo; foo = 1235; ],
2777 [ ac_cv_have_ssize_t="yes" ],
2778 [ ac_cv_have_ssize_t="no" ]
2779 )
2780])
2781if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2782 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2783fi
2784
2785AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2786 AC_TRY_COMPILE(
2787 [
2788#include <time.h>
2789 ],
2790 [ clock_t foo; foo = 1235; ],
2791 [ ac_cv_have_clock_t="yes" ],
2792 [ ac_cv_have_clock_t="no" ]
2793 )
2794])
2795if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2796 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2797fi
2798
2799AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2800 AC_TRY_COMPILE(
2801 [
2802#include <sys/types.h>
2803#include <sys/socket.h>
2804 ],
2805 [ sa_family_t foo; foo = 1235; ],
2806 [ ac_cv_have_sa_family_t="yes" ],
2807 [ AC_TRY_COMPILE(
2808 [
2809#include <sys/types.h>
2810#include <sys/socket.h>
2811#include <netinet/in.h>
2812 ],
2813 [ sa_family_t foo; foo = 1235; ],
2814 [ ac_cv_have_sa_family_t="yes" ],
2815
2816 [ ac_cv_have_sa_family_t="no" ]
2817 )]
2818 )
2819])
2820if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2821 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2822 [define if you have sa_family_t data type])
3c0ef626 2823fi
2824
2825AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2826 AC_TRY_COMPILE(
2827 [
2828#include <sys/types.h>
2829 ],
2830 [ pid_t foo; foo = 1235; ],
2831 [ ac_cv_have_pid_t="yes" ],
2832 [ ac_cv_have_pid_t="no" ]
2833 )
2834])
2835if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2836 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2837fi
2838
2839AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2840 AC_TRY_COMPILE(
2841 [
2842#include <sys/types.h>
2843 ],
2844 [ mode_t foo; foo = 1235; ],
2845 [ ac_cv_have_mode_t="yes" ],
2846 [ ac_cv_have_mode_t="no" ]
2847 )
2848])
2849if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2850 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2851fi
2852
2853
2854AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2855 AC_TRY_COMPILE(
2856 [
2857#include <sys/types.h>
2858#include <sys/socket.h>
2859 ],
2860 [ struct sockaddr_storage s; ],
2861 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2862 [ ac_cv_have_struct_sockaddr_storage="no" ]
2863 )
2864])
2865if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2866 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2867 [define if you have struct sockaddr_storage data type])
3c0ef626 2868fi
2869
2870AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2871 AC_TRY_COMPILE(
2872 [
2873#include <sys/types.h>
2874#include <netinet/in.h>
2875 ],
2876 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2877 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2878 [ ac_cv_have_struct_sockaddr_in6="no" ]
2879 )
2880])
2881if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2882 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2883 [define if you have struct sockaddr_in6 data type])
3c0ef626 2884fi
2885
2886AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2887 AC_TRY_COMPILE(
2888 [
2889#include <sys/types.h>
2890#include <netinet/in.h>
2891 ],
2892 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2893 [ ac_cv_have_struct_in6_addr="yes" ],
2894 [ ac_cv_have_struct_in6_addr="no" ]
2895 )
2896])
2897if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2898 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2899 [define if you have struct in6_addr data type])
3c0ef626 2900fi
2901
2902AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2903 AC_TRY_COMPILE(
2904 [
2905#include <sys/types.h>
2906#include <sys/socket.h>
2907#include <netdb.h>
2908 ],
2909 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2910 [ ac_cv_have_struct_addrinfo="yes" ],
2911 [ ac_cv_have_struct_addrinfo="no" ]
2912 )
2913])
2914if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2915 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2916 [define if you have struct addrinfo data type])
3c0ef626 2917fi
2918
2919AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2920 AC_TRY_COMPILE(
540d72c3 2921 [ #include <sys/time.h> ],
2922 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2923 [ ac_cv_have_struct_timeval="yes" ],
2924 [ ac_cv_have_struct_timeval="no" ]
2925 )
2926])
2927if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2928 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2929 have_struct_timeval=1
2930fi
2931
bfe49944 2932AC_CHECK_TYPES(struct timespec)
2933
2934# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2935if test "x$ac_cv_have_int64_t" = "xno" && \
2936 test "x$ac_cv_sizeof_long_int" != "x8" && \
2937 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2938 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2939 echo "an alternative compiler (I.E., GCC) before continuing."
2940 echo ""
2941 exit 1;
3c0ef626 2942else
2943dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2944 AC_RUN_IFELSE(
2945 [AC_LANG_SOURCE([[
3c0ef626 2946#include <stdio.h>
2947#include <string.h>
2948#ifdef HAVE_SNPRINTF
2949main()
2950{
2951 char buf[50];
2952 char expected_out[50];
2953 int mazsize = 50 ;
2954#if (SIZEOF_LONG_INT == 8)
2955 long int num = 0x7fffffffffffffff;
2956#else
2957 long long num = 0x7fffffffffffffffll;
2958#endif
2959 strcpy(expected_out, "9223372036854775807");
2960 snprintf(buf, mazsize, "%lld", num);
2961 if(strcmp(buf, expected_out) != 0)
540d72c3 2962 exit(1);
3c0ef626 2963 exit(0);
2964}
2965#else
2966main() { exit(0); }
2967#endif
dfddba3d 2968 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2969 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2970 )
2971fi
3c0ef626 2972
2973dnl Checks for structure members
2974OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2975OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2976OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2977OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2978OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2979OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2980OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2981OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2982OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2983OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2984OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2985OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2986OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2987OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2988OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2989OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2990OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2991
2992AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 2993AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2994 [Define if we don't have struct __res_state in resolv.h])],
2995[
2996#include <stdio.h>
2997#if HAVE_SYS_TYPES_H
2998# include <sys/types.h>
2999#endif
3000#include <netinet/in.h>
3001#include <arpa/nameser.h>
3002#include <resolv.h>
3003])
3c0ef626 3004
3005AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
3006 ac_cv_have_ss_family_in_struct_ss, [
3007 AC_TRY_COMPILE(
3008 [
3009#include <sys/types.h>
3010#include <sys/socket.h>
3011 ],
3012 [ struct sockaddr_storage s; s.ss_family = 1; ],
3013 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
3014 [ ac_cv_have_ss_family_in_struct_ss="no" ],
3015 )
3016])
3017if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 3018 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 3019fi
3020
3021AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
3022 ac_cv_have___ss_family_in_struct_ss, [
3023 AC_TRY_COMPILE(
3024 [
3025#include <sys/types.h>
3026#include <sys/socket.h>
3027 ],
3028 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3029 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3030 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3031 )
3032])
3033if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 3034 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3035 [Fields in struct sockaddr_storage])
3c0ef626 3036fi
3037
3038AC_CACHE_CHECK([for pw_class field in struct passwd],
3039 ac_cv_have_pw_class_in_struct_passwd, [
3040 AC_TRY_COMPILE(
3041 [
3042#include <pwd.h>
3043 ],
3044 [ struct passwd p; p.pw_class = 0; ],
3045 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3046 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3047 )
3048])
3049if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 3050 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3051 [Define if your password has a pw_class field])
3c0ef626 3052fi
3053
3054AC_CACHE_CHECK([for pw_expire field in struct passwd],
3055 ac_cv_have_pw_expire_in_struct_passwd, [
3056 AC_TRY_COMPILE(
3057 [
3058#include <pwd.h>
3059 ],
3060 [ struct passwd p; p.pw_expire = 0; ],
3061 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3062 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3063 )
3064])
3065if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 3066 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3067 [Define if your password has a pw_expire field])
3c0ef626 3068fi
3069
3070AC_CACHE_CHECK([for pw_change field in struct passwd],
3071 ac_cv_have_pw_change_in_struct_passwd, [
3072 AC_TRY_COMPILE(
3073 [
3074#include <pwd.h>
3075 ],
3076 [ struct passwd p; p.pw_change = 0; ],
3077 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3078 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3079 )
3080])
3081if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 3082 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3083 [Define if your password has a pw_change field])
3c0ef626 3084fi
3085
541874c2 3086dnl make sure we're using the real structure members and not defines
350391c5 3087AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3088 ac_cv_have_accrights_in_msghdr, [
dfddba3d 3089 AC_COMPILE_IFELSE(
350391c5 3090 [
3091#include <sys/types.h>
3092#include <sys/socket.h>
3093#include <sys/uio.h>
541874c2 3094int main() {
3095#ifdef msg_accrights
dfddba3d 3096#error "msg_accrights is a macro"
541874c2 3097exit(1);
3098#endif
3099struct msghdr m;
3100m.msg_accrights = 0;
3101exit(0);
3102}
350391c5 3103 ],
350391c5 3104 [ ac_cv_have_accrights_in_msghdr="yes" ],
3105 [ ac_cv_have_accrights_in_msghdr="no" ]
3106 )
3107])
3108if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 3109 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3110 [Define if your system uses access rights style
3111 file descriptor passing])
350391c5 3112fi
3113
3114AC_CACHE_CHECK([for msg_control field in struct msghdr],
3115 ac_cv_have_control_in_msghdr, [
dfddba3d 3116 AC_COMPILE_IFELSE(
350391c5 3117 [
3118#include <sys/types.h>
3119#include <sys/socket.h>
3120#include <sys/uio.h>
541874c2 3121int main() {
3122#ifdef msg_control
dfddba3d 3123#error "msg_control is a macro"
541874c2 3124exit(1);
3125#endif
3126struct msghdr m;
3127m.msg_control = 0;
3128exit(0);
3129}
350391c5 3130 ],
350391c5 3131 [ ac_cv_have_control_in_msghdr="yes" ],
3132 [ ac_cv_have_control_in_msghdr="no" ]
3133 )
3134])
3135if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 3136 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3137 [Define if your system uses ancillary data style
3138 file descriptor passing])
350391c5 3139fi
3140
3c0ef626 3141AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 3142 AC_TRY_LINK([],
3143 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3144 [ ac_cv_libc_defines___progname="yes" ],
3145 [ ac_cv_libc_defines___progname="no" ]
3146 )
3147])
3148if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 3149 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3150fi
3151
350391c5 3152AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3153 AC_TRY_LINK([
3154#include <stdio.h>
540d72c3 3155],
3156 [ printf("%s", __FUNCTION__); ],
350391c5 3157 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3158 [ ac_cv_cc_implements___FUNCTION__="no" ]
3159 )
3160])
3161if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 3162 AC_DEFINE(HAVE___FUNCTION__, 1,
3163 [Define if compiler implements __FUNCTION__])
350391c5 3164fi
3165
3166AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3167 AC_TRY_LINK([
3168#include <stdio.h>
540d72c3 3169],
3170 [ printf("%s", __func__); ],
350391c5 3171 [ ac_cv_cc_implements___func__="yes" ],
3172 [ ac_cv_cc_implements___func__="no" ]
3173 )
3174])
3175if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 3176 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3177fi
3178
3179AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3180 AC_TRY_LINK(
3181 [#include <stdarg.h>
3182 va_list x,y;],
3183 [va_copy(x,y);],
3184 [ ac_cv_have_va_copy="yes" ],
3185 [ ac_cv_have_va_copy="no" ]
3186 )
3187])
3188if test "x$ac_cv_have_va_copy" = "xyes" ; then
3189 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3190fi
3191
3192AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3193 AC_TRY_LINK(
3194 [#include <stdarg.h>
3195 va_list x,y;],
3196 [__va_copy(x,y);],
3197 [ ac_cv_have___va_copy="yes" ],
3198 [ ac_cv_have___va_copy="no" ]
3199 )
3200])
3201if test "x$ac_cv_have___va_copy" = "xyes" ; then
3202 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 3203fi
3204
3c0ef626 3205AC_CACHE_CHECK([whether getopt has optreset support],
3206 ac_cv_have_getopt_optreset, [
3207 AC_TRY_LINK(
3208 [
3209#include <getopt.h>
3210 ],
3211 [ extern int optreset; optreset = 0; ],
3212 [ ac_cv_have_getopt_optreset="yes" ],
3213 [ ac_cv_have_getopt_optreset="no" ]
3214 )
3215])
3216if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 3217 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3218 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3219fi
3220
3221AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 3222 AC_TRY_LINK([],
3223 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3224 [ ac_cv_libc_defines_sys_errlist="yes" ],
3225 [ ac_cv_libc_defines_sys_errlist="no" ]
3226 )
3227])
3228if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 3229 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3230 [Define if your system defines sys_errlist[]])
3c0ef626 3231fi
3232
3233
3234AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3235 AC_TRY_LINK([],
3236 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3237 [ ac_cv_libc_defines_sys_nerr="yes" ],
3238 [ ac_cv_libc_defines_sys_nerr="no" ]
3239 )
3240])
3241if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3242 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3243fi
3244
540d72c3 3245SCARD_MSG="no"
350391c5 3246# Check whether user wants sectok support
3247AC_ARG_WITH(sectok,
3248 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3249 [
3250 if test "x$withval" != "xno" ; then
3251 if test "x$withval" != "xyes" ; then
3252 CPPFLAGS="$CPPFLAGS -I${withval}"
3253 LDFLAGS="$LDFLAGS -L${withval}"
3254 if test ! -z "$need_dash_r" ; then
3255 LDFLAGS="$LDFLAGS -R${withval}"
3256 fi
3257 if test ! -z "$blibpath" ; then
3258 blibpath="$blibpath:${withval}"
3259 fi
3260 fi
3261 AC_CHECK_HEADERS(sectok.h)
3262 if test "$ac_cv_header_sectok_h" != yes; then
3263 AC_MSG_ERROR(Can't find sectok.h)
3264 fi
3265 AC_CHECK_LIB(sectok, sectok_open)
3266 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3267 AC_MSG_ERROR(Can't find libsectok)
3268 fi
08822d99 3269 AC_DEFINE(SMARTCARD, 1,
3270 [Define if you want smartcard support])
3271 AC_DEFINE(USE_SECTOK, 1,
3272 [Define if you want smartcard support
3273 using sectok])
540d72c3 3274 SCARD_MSG="yes, using sectok"
3c0ef626 3275 fi
3276 ]
3277)
3278
350391c5 3279# Check whether user wants OpenSC support
8b32eddc 3280OPENSC_CONFIG="no"
350391c5 3281AC_ARG_WITH(opensc,
08822d99 3282 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3283 [
3284 if test "x$withval" != "xno" ; then
3285 if test "x$withval" != "xyes" ; then
3286 OPENSC_CONFIG=$withval/bin/opensc-config
3287 else
3288 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3289 fi
3290 if test "$OPENSC_CONFIG" != "no"; then
3291 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3292 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3293 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
30460aeb 3294 LIBS="$LIBS $LIBOPENSC_LIBS"
8b32eddc 3295 AC_DEFINE(SMARTCARD)
08822d99 3296 AC_DEFINE(USE_OPENSC, 1,
3297 [Define if you want smartcard support
3298 using OpenSC])
8b32eddc 3299 SCARD_MSG="yes, using OpenSC"
3300 fi
3301 fi
3302 ]
3303)
350391c5 3304
540d72c3 3305# Check libraries needed by DNS fingerprint support
3306AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3307 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3308 [Define if getrrsetbyname() exists])],
7cac2b65 3309 [
540d72c3 3310 # Needed by our getrrsetbyname()
3311 AC_SEARCH_LIBS(res_query, resolv)
3312 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3313 AC_MSG_CHECKING(if res_query will link)
3314 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3315 [AC_MSG_RESULT(no)
3316 saved_LIBS="$LIBS"
3317 LIBS="$LIBS -lresolv"
3318 AC_MSG_CHECKING(for res_query in -lresolv)
3319 AC_LINK_IFELSE([
3320#include <resolv.h>
3321int main()
3322{
3323 res_query (0, 0, 0, 0, 0);
3324 return 0;
3325}
3326 ],
3327 [LIBS="$LIBS -lresolv"
3328 AC_MSG_RESULT(yes)],
3329 [LIBS="$saved_LIBS"
3330 AC_MSG_RESULT(no)])
3331 ])
540d72c3 3332 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3333 AC_CHECK_DECLS([_getshort, _getlong], , ,
3334 [#include <sys/types.h>
3335 #include <arpa/nameser.h>])
540d72c3 3336 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3337 [AC_DEFINE(HAVE_HEADER_AD, 1,
3338 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3339 [#include <arpa/nameser.h>])
3340 ])
7cac2b65 3341
fa0f0f45 3342AC_MSG_CHECKING(if struct __res_state _res is an extern)
3343AC_LINK_IFELSE([
3344#include <stdio.h>
3345#if HAVE_SYS_TYPES_H
3346# include <sys/types.h>
3347#endif
3348#include <netinet/in.h>
3349#include <arpa/nameser.h>
3350#include <resolv.h>
3351extern struct __res_state _res;
3352int main() { return 0; }
3353 ],
3354 [AC_MSG_RESULT(yes)
3355 AC_DEFINE(HAVE__RES_EXTERN, 1,
3356 [Define if you have struct __res_state _res as an extern])
3357 ],
3358 [ AC_MSG_RESULT(no) ]
3359)
3360
30460aeb 3361# Check whether user wants SELinux support
3362SELINUX_MSG="no"
3363LIBSELINUX=""
3364AC_ARG_WITH(selinux,
3365 [ --with-selinux Enable SELinux support],
3366 [ if test "x$withval" != "xno" ; then
fa0f0f45 3367 save_LIBS="$LIBS"
30460aeb 3368 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3369 SELINUX_MSG="yes"
3370 AC_CHECK_HEADER([selinux/selinux.h], ,
3371 AC_MSG_ERROR(SELinux support requires selinux.h header))
3372 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3373 AC_MSG_ERROR(SELinux support requires libselinux library))
fa0f0f45 3374 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
30460aeb 3375 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
240debe0 3376 LIBS="$save_LIBS"
30460aeb 3377 fi ]
3378)
30460aeb 3379
63119dd9 3380# Check whether user wants Kerberos 5 support
540d72c3 3381KRB5_MSG="no"
63119dd9 3382AC_ARG_WITH(kerberos5,
540d72c3 3383 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3384 [ if test "x$withval" != "xno" ; then
3385 if test "x$withval" = "xyes" ; then
3386 KRB5ROOT="/usr/local"
3387 else
3388 KRB5ROOT=${withval}
3389 fi
3390
08822d99 3391 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3392 KRB5_MSG="yes"
3393
3394 AC_MSG_CHECKING(for krb5-config)
3395 if test -x $KRB5ROOT/bin/krb5-config ; then
3396 KRB5CONF=$KRB5ROOT/bin/krb5-config
3397 AC_MSG_RESULT($KRB5CONF)
3398
3399 AC_MSG_CHECKING(for gssapi support)
3400 if $KRB5CONF | grep gssapi >/dev/null ; then
3401 AC_MSG_RESULT(yes)
08822d99 3402 AC_DEFINE(GSSAPI, 1,
3403 [Define this if you want GSSAPI
3404 support in the version 2 protocol])
540d72c3 3405 k5confopts=gssapi
3406 else
3407 AC_MSG_RESULT(no)
3408 k5confopts=""
3409 fi
3410 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3411 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3412 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3413 AC_MSG_CHECKING(whether we are using Heimdal)
3414 AC_TRY_COMPILE([ #include <krb5.h> ],
3415 [ char *tmp = heimdal_version; ],
3416 [ AC_MSG_RESULT(yes)
08822d99 3417 AC_DEFINE(HEIMDAL, 1,
3418 [Define this if you are using the
3419 Heimdal version of Kerberos V5]) ],
540d72c3 3420 AC_MSG_RESULT(no)
3421 )
3422 else
3423 AC_MSG_RESULT(no)
63119dd9 3424 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3425 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3426 AC_MSG_CHECKING(whether we are using Heimdal)
3427 AC_TRY_COMPILE([ #include <krb5.h> ],
3428 [ char *tmp = heimdal_version; ],
3429 [ AC_MSG_RESULT(yes)
3430 AC_DEFINE(HEIMDAL)
7e82606e 3431 K5LIBS="-lkrb5 -ldes"
3432 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3433 AC_CHECK_LIB(roken, net_write,
7e82606e 3434 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3435 ],
3436 [ AC_MSG_RESULT(no)
3437 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3438 ]
3439 )
7cac2b65 3440 AC_SEARCH_LIBS(dn_expand, resolv)
3441
3442 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3443 [ AC_DEFINE(GSSAPI)
3444 K5LIBS="-lgssapi $K5LIBS" ],
3445 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3446 [ AC_DEFINE(GSSAPI)
540d72c3 3447 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3448 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3449 $K5LIBS)
3450 ],
3451 $K5LIBS)
8b32eddc 3452
7cac2b65 3453 AC_CHECK_HEADER(gssapi.h, ,
3454 [ unset ac_cv_header_gssapi_h
540d72c3 3455 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3456 AC_CHECK_HEADERS(gssapi.h, ,
3457 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3458 )
7cac2b65 3459 ]
3460 )
3461
3462 oldCPP="$CPPFLAGS"
3463 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3464 AC_CHECK_HEADER(gssapi_krb5.h, ,
3465 [ CPPFLAGS="$oldCPP" ])
63119dd9 3466
1c89237d 3467 # If we're using some other GSSAPI
3468 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3469 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3470 fi
5598e598 3471
540d72c3 3472 if test -z "$GSSAPI"; then
3473 GSSAPI="KRB5";
3474 fi
1c89237d 3475
5598e598 3476 oldCPP="$CPPFLAGS"
3477 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3478 AC_CHECK_HEADER(gssapi_krb5.h, ,
3479 [ CPPFLAGS="$oldCPP" ])
3480
63119dd9 3481 fi
540d72c3 3482 if test ! -z "$need_dash_r" ; then
3483 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3484 fi
3485 if test ! -z "$blibpath" ; then
3486 blibpath="$blibpath:${KRB5ROOT}/lib"
3487 fi
540d72c3 3488
08822d99 3489 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3490 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3491 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3492
08822d99 3493 LIBS="$LIBS $K5LIBS"
3494 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3495 [Define this if you want to use libkafs' AFS support]))
3496 fi
540d72c3 3497 ]
63119dd9 3498)
3c0ef626 3499
62eb343a 3500# Check whether user wants AFS_KRB5 support
3501AFS_KRB5_MSG="no"
3502AC_ARG_WITH(afs-krb5,
3503 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3504 [
3505 if test "x$withval" != "xno" ; then
3506
3507 if test "x$withval" != "xyes" ; then
08822d99 3508 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3509 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3510 else
08822d99 3511 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3512 "/usr/bin/aklog",
3513 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3514 fi
3515
540d72c3 3516 if test -z "$KRB5ROOT" ; then
62eb343a 3517 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3518 fi
3519
0a00e8f9 3520 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3521 if test ! -z "$AFS_LIBS" ; then
3522 LIBS="$LIBS $AFS_LIBS"
3523 fi
08822d99 3524 AC_DEFINE(AFS_KRB5, 1,
3525 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3526 AFS_KRB5_MSG="yes"
3527 fi
3528 ]
3529)
3c0ef626 3530
75be3237 3531AC_ARG_WITH(session-hooks,
3532 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3533 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3534)
3535
3c0ef626 3536# Looking for programs, paths and files
3c0ef626 3537
350391c5 3538PRIVSEP_PATH=/var/empty
3539AC_ARG_WITH(privsep-path,
d03f4262 3540 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3541 [
8b32eddc 3542 if test -n "$withval" && test "x$withval" != "xno" && \
3543 test "x${withval}" != "xyes"; then
350391c5 3544 PRIVSEP_PATH=$withval
3545 fi
3546 ]
3547)
3548AC_SUBST(PRIVSEP_PATH)
3549
3c0ef626 3550AC_ARG_WITH(xauth,
3551 [ --with-xauth=PATH Specify path to xauth program ],
3552 [
8b32eddc 3553 if test -n "$withval" && test "x$withval" != "xno" && \
3554 test "x${withval}" != "xyes"; then
3c0ef626 3555 xauth_path=$withval
3556 fi
3557 ],
3558 [
d03f4262 3559 TestPath="$PATH"
3560 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3561 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3562 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3563 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3564 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3565 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3566 xauth_path="/usr/openwin/bin/xauth"
3567 fi
3568 ]
3569)
3570
bfe49944 3571STRIP_OPT=-s
3572AC_ARG_ENABLE(strip,
3573 [ --disable-strip Disable calling strip(1) on install],
3574 [
3575 if test "x$enableval" = "xno" ; then
3576 STRIP_OPT=
3577 fi
3578 ]
3579)
3580AC_SUBST(STRIP_OPT)
3581
3c0ef626 3582if test -z "$xauth_path" ; then
3583 XAUTH_PATH="undefined"
3584 AC_SUBST(XAUTH_PATH)
3585else
08822d99 3586 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3587 [Define if xauth is found in your path])
3c0ef626 3588 XAUTH_PATH=$xauth_path
3589 AC_SUBST(XAUTH_PATH)
3590fi
3c0ef626 3591
96764173 3592AC_CHECK_DECL(_PATH_BSHELL, ,
3593 AC_DEFINE_UNQUOTED(_PATH_BSHELL, "/bin/sh",
9c941fe4 3594 [Define to your C shell if not defined in paths.h]),
96764173 3595 [ #include <paths.h> ]
3596)
3597
3598AC_CHECK_DECL(_PATH_CSHELL, ,
3599 AC_DEFINE_UNQUOTED(_PATH_CSHELL, "/bin/csh",
9c941fe4 3600 [Define to your Bourne shell if not defined in paths.h]),
96764173 3601 [ #include <paths.h> ]
3602)
3603
3604AC_CHECK_DECL(_PATH_SHELLS, ,
16d6cee3 3605 AC_DEFINE_UNQUOTED(_PATH_SHELLS, "/etc/shells",
9c941fe4 3606 [Define to your shells file if not defined in paths.h]),
96764173 3607 [ #include <paths.h> ]
3608)
3609
3610# if _PATH_MAILDIR is in paths.h then we won't go hunting for it.
3611AC_CHECK_DECL(_PATH_MAILDIR,
3612 AC_DEFINE(PATH_MAILDIR_IN_PATHS_H, 1,
3613 [Define if _PATH_MAILDIR is in paths.h]),
3614 ,
3615 [ #include <paths.h> ]
3616)
3617
3c0ef626 3618# Check for mail directory (last resort if we cannot get it from headers)
3619if test ! -z "$MAIL" ; then
3620 maildir=`dirname $MAIL`
08822d99 3621 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3622 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3623fi
3624
dfddba3d 3625if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3626 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3627 disable_ptmx_check=yes
3628fi
3c0ef626 3629if test -z "$no_dev_ptmx" ; then
350391c5 3630 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3631 AC_CHECK_FILE("/dev/ptmx",
350391c5 3632 [
08822d99 3633 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3634 [Define if you have /dev/ptmx])
350391c5 3635 have_dev_ptmx=1
3636 ]
3637 )
3638 fi
3c0ef626 3639fi
dfddba3d 3640
3641if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3642 AC_CHECK_FILE("/dev/ptc",
3643 [
08822d99 3644 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3645 [Define if you have /dev/ptc])
dfddba3d 3646 have_dev_ptc=1
3647 ]
3648 )
3649else
3650 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3651fi
3c0ef626 3652
3653# Options from here on. Some of these are preset by platform above
3c0ef626 3654AC_ARG_WITH(mantype,
3655 [ --with-mantype=man|cat|doc Set man page type],
3656 [
3657 case "$withval" in
3658 man|cat|doc)
3659 MANTYPE=$withval
3660 ;;
3661 *)
3662 AC_MSG_ERROR(invalid man type: $withval)
3663 ;;
3664 esac
3665 ]
3666)
3667if test -z "$MANTYPE"; then
d03f4262 3668 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3669 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3670 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3671 MANTYPE=doc
3672 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3673 MANTYPE=man
3674 else
3675 MANTYPE=cat
3676 fi
3677fi
3678AC_SUBST(MANTYPE)
3679if test "$MANTYPE" = "doc"; then
3680 mansubdir=man;
3681else
3682 mansubdir=$MANTYPE;
3683fi
3684AC_SUBST(mansubdir)
3685
3686# Check whether to enable MD5 passwords
540d72c3 3687MD5_MSG="no"
3c0ef626 3688AC_ARG_WITH(md5-passwords,
3689 [ --with-md5-passwords Enable use of MD5 passwords],
3690 [
3691 if test "x$withval" != "xno" ; then
08822d99 3692 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3693 [Define if you want to allow MD5 passwords])
540d72c3 3694 MD5_MSG="yes"
3c0ef626 3695 fi
3696 ]
3697)
3698
3699# Whether to disable shadow password support
3700AC_ARG_WITH(shadow,
3701 [ --without-shadow Disable shadow password support],
3702 [
8b32eddc 3703 if test "x$withval" = "xno" ; then
3c0ef626 3704 AC_DEFINE(DISABLE_SHADOW)
3705 disable_shadow=yes
3706 fi
3707 ]
3708)
3709
3710if test -z "$disable_shadow" ; then
3711 AC_MSG_CHECKING([if the systems has expire shadow information])
3712 AC_TRY_COMPILE(
3713 [
3714#include <sys/types.h>
3715#include <shadow.h>
3716 struct spwd sp;
3717 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3718 [ sp_expire_available=yes ], []
3719 )
3720
3721 if test "x$sp_expire_available" = "xyes" ; then
3722 AC_MSG_RESULT(yes)
08822d99 3723 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3724 [Define if you want to use shadow password expire field])
3c0ef626 3725 else
3726 AC_MSG_RESULT(no)
3727 fi
3728fi
3729
3730# Use ip address instead of hostname in $DISPLAY
3731if test ! -z "$IPADDR_IN_DISPLAY" ; then
3732 DISPLAY_HACK_MSG="yes"
08822d99 3733 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3734 [Define if you need to use IP address
3735 instead of hostname in $DISPLAY])
3c0ef626 3736else
540d72c3 3737 DISPLAY_HACK_MSG="no"
3c0ef626 3738 AC_ARG_WITH(ipaddr-display,
3739 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3740 [
8b32eddc 3741 if test "x$withval" != "xno" ; then
3c0ef626 3742 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3743 DISPLAY_HACK_MSG="yes"
3c0ef626 3744 fi
3745 ]
3746 )
3747fi
3748
7cac2b65 3749# check for /etc/default/login and use it if present.
29d88157 3750AC_ARG_ENABLE(etc-default-login,
dfddba3d 3751 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3752 [ if test "x$enableval" = "xno"; then
3753 AC_MSG_NOTICE([/etc/default/login handling disabled])
3754 etc_default_login=no
3755 else
3756 etc_default_login=yes
3757 fi ],
08822d99 3758 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3759 then
3760 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3761 etc_default_login=no
3762 else
3763 etc_default_login=yes
3764 fi ]
dfddba3d 3765)
3766
3767if test "x$etc_default_login" != "xno"; then
3768 AC_CHECK_FILE("/etc/default/login",
3769 [ external_path_file=/etc/default/login ])
08822d99 3770 if test "x$external_path_file" = "x/etc/default/login"; then
3771 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3772 [Define if your system has /etc/default/login])
dfddba3d 3773 fi
7cac2b65 3774fi
3775
350391c5 3776dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3777if test $ac_cv_func_login_getcapbool = "yes" && \
3778 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3779 external_path_file=/etc/login.conf
350391c5 3780fi
7cac2b65 3781
3c0ef626 3782# Whether to mess with the default path
540d72c3 3783SERVER_PATH_MSG="(default)"
3c0ef626 3784AC_ARG_WITH(default-path,
350391c5 3785 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3786 [
7cac2b65 3787 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3788 AC_MSG_WARN([
3789--with-default-path=PATH has no effect on this system.
3790Edit /etc/login.conf instead.])
8b32eddc 3791 elif test "x$withval" != "xno" ; then
7cac2b65 3792 if test ! -z "$external_path_file" ; then
3793 AC_MSG_WARN([
3794--with-default-path=PATH will only be used if PATH is not defined in
3795$external_path_file .])
3796 fi
3c0ef626 3797 user_path="$withval"
540d72c3 3798 SERVER_PATH_MSG="$withval"
3c0ef626 3799 fi
3800 ],
7cac2b65 3801 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3802 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3803 else
7cac2b65 3804 if test ! -z "$external_path_file" ; then
3805 AC_MSG_WARN([
3806If PATH is defined in $external_path_file, ensure the path to scp is included,
3807otherwise scp will not work.])
3808 fi
08822d99 3809 AC_RUN_IFELSE(
3810 [AC_LANG_SOURCE([[
3c0ef626 3811/* find out what STDPATH is */
3812#include <stdio.h>
3813#ifdef HAVE_PATHS_H
3814# include <paths.h>
3815#endif
3816#ifndef _PATH_STDPATH
bfe49944 3817# ifdef _PATH_USERPATH /* Irix */
3818# define _PATH_STDPATH _PATH_USERPATH
3819# else
3820# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3821# endif
3c0ef626 3822#endif
3823#include <sys/types.h>
3824#include <sys/stat.h>
3825#include <fcntl.h>
3826#define DATA "conftest.stdpath"
3827
3828main()
3829{
3830 FILE *fd;
3831 int rc;
8b32eddc 3832
3c0ef626 3833 fd = fopen(DATA,"w");
3834 if(fd == NULL)
3835 exit(1);
8b32eddc 3836
3c0ef626 3837 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3838 exit(1);
3839
3840 exit(0);
3841}
08822d99 3842 ]])],
3843 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3844 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3845 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3846 )
3847# make sure $bindir is in USER_PATH so scp will work
3848 t_bindir=`eval echo ${bindir}`
3849 case $t_bindir in
3850 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3851 esac
3852 case $t_bindir in
3853 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3854 esac
3855 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3856 if test $? -ne 0 ; then
3857 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3858 if test $? -ne 0 ; then
3859 user_path=$user_path:$t_bindir
3860 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3861 fi
3862 fi
350391c5 3863 fi ]
3864)
7cac2b65 3865if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3866 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3867 AC_SUBST(user_path)
3868fi
3869
3870# Set superuser path separately to user path
350391c5 3871AC_ARG_WITH(superuser-path,
3872 [ --with-superuser-path= Specify different path for super-user],
3873 [
8b32eddc 3874 if test -n "$withval" && test "x$withval" != "xno" && \
3875 test "x${withval}" != "xyes"; then
08822d99 3876 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3877 [Define if you want a different $PATH
3878 for the superuser])
350391c5 3879 superuser_path=$withval
3880 fi
3c0ef626 3881 ]
3882)
350391c5 3883
3c0ef626 3884
3c0ef626 3885AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3886IPV4_IN6_HACK_MSG="no"
3c0ef626 3887AC_ARG_WITH(4in6,
3888 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3889 [
3890 if test "x$withval" != "xno" ; then
3891 AC_MSG_RESULT(yes)
08822d99 3892 AC_DEFINE(IPV4_IN_IPV6, 1,
3893 [Detect IPv4 in IPv6 mapped addresses
3894 and treat as IPv4])
540d72c3 3895 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3896 else
3897 AC_MSG_RESULT(no)
3898 fi
3899 ],[
3900 if test "x$inet6_default_4in6" = "xyes"; then
3901 AC_MSG_RESULT([yes (default)])
3902 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3903 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3904 else
3905 AC_MSG_RESULT([no (default)])
3906 fi
3907 ]
3908)
3909
3910# Whether to enable BSD auth support
e9702f7d 3911BSD_AUTH_MSG=no
3c0ef626 3912AC_ARG_WITH(bsd-auth,
3913 [ --with-bsd-auth Enable BSD auth support],
3914 [
8b32eddc 3915 if test "x$withval" != "xno" ; then
08822d99 3916 AC_DEFINE(BSD_AUTH, 1,
3917 [Define if you have BSD auth support])
e9702f7d 3918 BSD_AUTH_MSG=yes
3c0ef626 3919 fi
3920 ]
3921)
3922
3c0ef626 3923# Where to place sshd.pid
3924piddir=/var/run
350391c5 3925# make sure the directory exists
8b32eddc 3926if test ! -d $piddir ; then
350391c5 3927 piddir=`eval echo ${sysconfdir}`
3928 case $piddir in
540d72c3 3929 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3930 esac
3931fi
3932
3c0ef626 3933AC_ARG_WITH(pid-dir,
3934 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3935 [
8b32eddc 3936 if test -n "$withval" && test "x$withval" != "xno" && \
3937 test "x${withval}" != "xyes"; then
3c0ef626 3938 piddir=$withval
8b32eddc 3939 if test ! -d $piddir ; then
350391c5 3940 AC_MSG_WARN([** no $piddir directory on this system **])
3941 fi
3c0ef626 3942 fi
3943 ]
3944)
3945
08822d99 3946AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3947AC_SUBST(piddir)
3948
3949dnl allow user to disable some login recording features
3950AC_ARG_ENABLE(lastlog,
3951 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3952 [
3953 if test "x$enableval" = "xno" ; then
3954 AC_DEFINE(DISABLE_LASTLOG)
3955 fi
3956 ]
3c0ef626 3957)
3958AC_ARG_ENABLE(utmp,
3959 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 3960 [
3961 if test "x$enableval" = "xno" ; then
3962 AC_DEFINE(DISABLE_UTMP)
3963 fi
3964 ]
3c0ef626 3965)
3966AC_ARG_ENABLE(utmpx,
3967 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 3968 [
3969 if test "x$enableval" = "xno" ; then
08822d99 3970 AC_DEFINE(DISABLE_UTMPX, 1,
3971 [Define if you don't want to use utmpx])
7cac2b65 3972 fi
3973 ]
3c0ef626 3974)
3975AC_ARG_ENABLE(wtmp,
3976 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 3977 [
3978 if test "x$enableval" = "xno" ; then
3979 AC_DEFINE(DISABLE_WTMP)
3980 fi
3981 ]
3c0ef626 3982)
3983AC_ARG_ENABLE(wtmpx,
3984 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 3985 [
3986 if test "x$enableval" = "xno" ; then
08822d99 3987 AC_DEFINE(DISABLE_WTMPX, 1,
3988 [Define if you don't want to use wtmpx])
7cac2b65 3989 fi
3990 ]
3c0ef626 3991)
3992AC_ARG_ENABLE(libutil,
3993 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 3994 [
3995 if test "x$enableval" = "xno" ; then
3996 AC_DEFINE(DISABLE_LOGIN)
3997 fi
3998 ]
3c0ef626 3999)
4000AC_ARG_ENABLE(pututline,
4001 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 4002 [
4003 if test "x$enableval" = "xno" ; then
08822d99 4004 AC_DEFINE(DISABLE_PUTUTLINE, 1,
4005 [Define if you don't want to use pututline()
4006 etc. to write [uw]tmp])
7cac2b65 4007 fi
4008 ]
3c0ef626 4009)
4010AC_ARG_ENABLE(pututxline,
4011 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 4012 [
4013 if test "x$enableval" = "xno" ; then
08822d99 4014 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
4015 [Define if you don't want to use pututxline()
4016 etc. to write [uw]tmpx])
7cac2b65 4017 fi
4018 ]
3c0ef626 4019)
4020AC_ARG_WITH(lastlog,
4021 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
4022 [
8b32eddc 4023 if test "x$withval" = "xno" ; then
3c0ef626 4024 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 4025 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 4026 conf_lastlog_location=$withval
4027 fi
4028 ]
4029)
4030
4031dnl lastlog, [uw]tmpx? detection
4032dnl NOTE: set the paths in the platform section to avoid the
4033dnl need for command-line parameters
4034dnl lastlog and [uw]tmp are subject to a file search if all else fails
4035
4036dnl lastlog detection
4037dnl NOTE: the code itself will detect if lastlog is a directory
4038AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
4039AC_TRY_COMPILE([
4040#include <sys/types.h>
4041#include <utmp.h>
4042#ifdef HAVE_LASTLOG_H
4043# include <lastlog.h>
4044#endif
4045#ifdef HAVE_PATHS_H
4046# include <paths.h>
4047#endif
4048#ifdef HAVE_LOGIN_H
4049# include <login.h>
4050#endif
4051 ],
4052 [ char *lastlog = LASTLOG_FILE; ],
4053 [ AC_MSG_RESULT(yes) ],
4054 [
4055 AC_MSG_RESULT(no)
4056 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
4057 AC_TRY_COMPILE([
4058#include <sys/types.h>
4059#include <utmp.h>
4060#ifdef HAVE_LASTLOG_H
4061# include <lastlog.h>
4062#endif
4063#ifdef HAVE_PATHS_H
4064# include <paths.h>
4065#endif
4066 ],
4067 [ char *lastlog = _PATH_LASTLOG; ],
4068 [ AC_MSG_RESULT(yes) ],
4069 [
4070 AC_MSG_RESULT(no)
4071 system_lastlog_path=no
4072 ])
4073 ]
4074)
4075
4076if test -z "$conf_lastlog_location"; then
4077 if test x"$system_lastlog_path" = x"no" ; then
4078 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
4079 if (test -d "$f" || test -f "$f") ; then
4080 conf_lastlog_location=$f
4081 fi
4082 done
4083 if test -z "$conf_lastlog_location"; then
4084 AC_MSG_WARN([** Cannot find lastlog **])
4085 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
4086 fi
4087 fi
4088fi
4089
4090if test -n "$conf_lastlog_location"; then
08822d99 4091 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4092 [Define if you want to specify the path to your lastlog file])
8b32eddc 4093fi
3c0ef626 4094
4095dnl utmp detection
4096AC_MSG_CHECKING([if your system defines UTMP_FILE])
4097AC_TRY_COMPILE([
4098#include <sys/types.h>
4099#include <utmp.h>
4100#ifdef HAVE_PATHS_H
4101# include <paths.h>
4102#endif
4103 ],
4104 [ char *utmp = UTMP_FILE; ],
4105 [ AC_MSG_RESULT(yes) ],
4106 [ AC_MSG_RESULT(no)
4107 system_utmp_path=no ]
4108)
4109if test -z "$conf_utmp_location"; then
4110 if test x"$system_utmp_path" = x"no" ; then
4111 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4112 if test -f $f ; then
4113 conf_utmp_location=$f
4114 fi
4115 done
4116 if test -z "$conf_utmp_location"; then
4117 AC_DEFINE(DISABLE_UTMP)
4118 fi
4119 fi
4120fi
4121if test -n "$conf_utmp_location"; then
08822d99 4122 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4123 [Define if you want to specify the path to your utmp file])
8b32eddc 4124fi
3c0ef626 4125
4126dnl wtmp detection
4127AC_MSG_CHECKING([if your system defines WTMP_FILE])
4128AC_TRY_COMPILE([
4129#include <sys/types.h>
4130#include <utmp.h>
4131#ifdef HAVE_PATHS_H
4132# include <paths.h>
4133#endif
4134 ],
4135 [ char *wtmp = WTMP_FILE; ],
4136 [ AC_MSG_RESULT(yes) ],
4137 [ AC_MSG_RESULT(no)
4138 system_wtmp_path=no ]
4139)
4140if test -z "$conf_wtmp_location"; then
4141 if test x"$system_wtmp_path" = x"no" ; then
4142 for f in /usr/adm/wtmp /var/log/wtmp; do
4143 if test -f $f ; then
4144 conf_wtmp_location=$f
4145 fi
4146 done
4147 if test -z "$conf_wtmp_location"; then
4148 AC_DEFINE(DISABLE_WTMP)
4149 fi
4150 fi
4151fi
4152if test -n "$conf_wtmp_location"; then
08822d99 4153 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4154 [Define if you want to specify the path to your wtmp file])
8b32eddc 4155fi
3c0ef626 4156
4157
4158dnl utmpx detection - I don't know any system so perverse as to require
4159dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4160dnl there, though.
4161AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4162AC_TRY_COMPILE([
4163#include <sys/types.h>
4164#include <utmp.h>
4165#ifdef HAVE_UTMPX_H
4166#include <utmpx.h>
4167#endif
4168#ifdef HAVE_PATHS_H
4169# include <paths.h>
4170#endif
4171 ],
4172 [ char *utmpx = UTMPX_FILE; ],
4173 [ AC_MSG_RESULT(yes) ],
4174 [ AC_MSG_RESULT(no)
4175 system_utmpx_path=no ]
4176)
4177if test -z "$conf_utmpx_location"; then
4178 if test x"$system_utmpx_path" = x"no" ; then
4179 AC_DEFINE(DISABLE_UTMPX)
4180 fi
4181else
08822d99 4182 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4183 [Define if you want to specify the path to your utmpx file])
8b32eddc 4184fi
3c0ef626 4185
4186dnl wtmpx detection
4187AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4188AC_TRY_COMPILE([
4189#include <sys/types.h>
4190#include <utmp.h>
4191#ifdef HAVE_UTMPX_H
4192#include <utmpx.h>
4193#endif
4194#ifdef HAVE_PATHS_H
4195# include <paths.h>
4196#endif
4197 ],
4198 [ char *wtmpx = WTMPX_FILE; ],
4199 [ AC_MSG_RESULT(yes) ],
4200 [ AC_MSG_RESULT(no)
4201 system_wtmpx_path=no ]
4202)
4203if test -z "$conf_wtmpx_location"; then
4204 if test x"$system_wtmpx_path" = x"no" ; then
4205 AC_DEFINE(DISABLE_WTMPX)
4206 fi
4207else
08822d99 4208 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4209 [Define if you want to specify the path to your wtmpx file])
8b32eddc 4210fi
3c0ef626 4211
4212
3c0ef626 4213if test ! -z "$blibpath" ; then
256cb466 4214 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4215 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4216fi
4217
2ce0bfe4 4218dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4219dnl Add now.
4220CFLAGS="$CFLAGS $werror_flags"
4221
e9702f7d 4222AC_EXEEXT
30460aeb 4223AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4224 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
dfddba3d 4225 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4226AC_OUTPUT
4227
4228# Print summary of options
4229
3c0ef626 4230# Someone please show me a better way :)
4231A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4232B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4233C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4234D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4235E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4236F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4237G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 4238H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4239I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4240J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4241
4242echo ""
4243echo "OpenSSH has been configured with the following options:"
350391c5 4244echo " User binaries: $B"
4245echo " System binaries: $C"
4246echo " Configuration files: $D"
4247echo " Askpass program: $E"
4248echo " Manual pages: $F"
4249echo " PID file: $G"
4250echo " Privilege separation chroot path: $H"
7cac2b65 4251if test "x$external_path_file" = "x/etc/login.conf" ; then
4252echo " At runtime, sshd will use the path defined in $external_path_file"
4253echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 4254else
4255echo " sshd default user PATH: $I"
7cac2b65 4256 if test ! -z "$external_path_file"; then
4257echo " (If PATH is set in $external_path_file it will be used instead. If"
4258echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4259 fi
350391c5 4260fi
4261if test ! -z "$superuser_path" ; then
4262echo " sshd superuser user PATH: $J"
4263fi
4264echo " Manpage format: $MANTYPE"
7cac2b65 4265echo " PAM support: $PAM_MSG"
30460aeb 4266echo " OSF SIA support: $SIA_MSG"
350391c5 4267echo " KerberosV support: $KRB5_MSG"
30460aeb 4268echo " SELinux support: $SELINUX_MSG"
350391c5 4269echo " Smartcard support: $SCARD_MSG"
350391c5 4270echo " S/KEY support: $SKEY_MSG"
4271echo " TCP Wrappers support: $TCPW_MSG"
4272echo " MD5 password support: $MD5_MSG"
dfddba3d 4273echo " libedit support: $LIBEDIT_MSG"
30460aeb 4274echo " Solaris process contract support: $SPC_MSG"
350391c5 4275echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 4276echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4277echo " BSD Auth support: $BSD_AUTH_MSG"
4278echo " Random number source: $RAND_MSG"
e9702f7d 4279if test ! -z "$USE_RAND_HELPER" ; then
350391c5 4280echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4281fi
4282
4283echo ""
4284
4285echo " Host: ${host}"
4286echo " Compiler: ${CC}"
4287echo " Compiler flags: ${CFLAGS}"
4288echo "Preprocessor flags: ${CPPFLAGS}"
4289echo " Linker flags: ${LDFLAGS}"
fa0f0f45 4290echo " Libraries: ${LIBS}"
4291if test ! -z "${SSHDLIBS}"; then
4292echo " +for sshd: ${SSHDLIBS}"
4293fi
3c0ef626 4294
4295echo ""
4296
7e82606e 4297if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4298 echo "SVR4 style packages are supported with \"make package\""
4299 echo ""
7e82606e 4300fi
4301
3c0ef626 4302if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4303 echo "PAM is enabled. You may need to install a PAM control file "
4304 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4305 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4306 echo "subdirectory"
3c0ef626 4307 echo ""
4308fi
4309
e9702f7d 4310if test ! -z "$RAND_HELPER_CMDHASH" ; then
4311 echo "WARNING: you are using the builtin random number collection "
4312 echo "service. Please read WARNING.RNG and request that your OS "
4313 echo "vendor includes kernel-based random number collection in "
4314 echo "future versions of your OS."
3c0ef626 4315 echo ""
4316fi
4317
7e82606e 4318if test ! -z "$NO_PEERCHECK" ; then
fa0f0f45 4319 echo "WARNING: the operating system that you are using does not"
4320 echo "appear to support getpeereid(), getpeerucred() or the"
4321 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4322 echo "enforce security checks to prevent unauthorised connections to"
4323 echo "ssh-agent. Their absence increases the risk that a malicious"
4324 echo "user can connect to your agent."
7e82606e 4325 echo ""
4326fi
4327
dfddba3d 4328if test "$AUDIT_MODULE" = "bsm" ; then
4329 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4330 echo "See the Solaris section in README.platform for details."
4331fi
git-cvsimport mirror of GSI OpenSSH
This page took 1.385537 seconds and 5 git commands to generate.