]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Import of OpenSSH 4.7p1
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
99be0775 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
665a873d 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
f2f068fa 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
0fff78ff 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
f2f068fa 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
c9f39d2c 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
6a9b3198 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
700318f3 43AC_PATH_PROG(SH, sh)
c9f39d2c 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
2c06c99b 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
2c06c99b 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
cdd66111 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
2c06c99b 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
cdd66111 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
dec6d9fe 88
3c0ef626 89AC_C_INLINE
665a873d 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
cdd66111 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
665a873d 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
2c06c99b 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
665a873d 96 case $GCC_VER in
d4487008 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
2c06c99b 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
665a873d 106 esac
107
108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
119fi
120
d4487008 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
cdd66111 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
dec6d9fe 128 if test "x$withval" = "xno" ; then
cdd66111 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
ff7ec503 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
d4487008 208 poll.h \
ff7ec503 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
226 sys/prctl.h \
227 sys/pstat.h \
228 sys/select.h \
229 sys/stat.h \
230 sys/stream.h \
231 sys/stropts.h \
232 sys/strtio.h \
233 sys/sysmacros.h \
234 sys/time.h \
235 sys/timers.h \
236 sys/un.h \
237 time.h \
238 tmpdir.h \
239 ttyent.h \
d4487008 240 ucred.h \
ff7ec503 241 unistd.h \
242 usersec.h \
243 util.h \
244 utime.h \
245 utmp.h \
246 utmpx.h \
247 vis.h \
248)
249
250# lastlog.h requires sys/time.h to be included first on Solaris
251AC_CHECK_HEADERS(lastlog.h, [], [], [
252#ifdef HAVE_SYS_TIME_H
253# include <sys/time.h>
254#endif
255])
256
257# sys/ptms.h requires sys/stream.h to be included first on Solaris
258AC_CHECK_HEADERS(sys/ptms.h, [], [], [
259#ifdef HAVE_SYS_STREAM_H
260# include <sys/stream.h>
261#endif
262])
263
264# login_cap.h requires sys/types.h on NetBSD
265AC_CHECK_HEADERS(login_cap.h, [], [], [
266#include <sys/types.h>
267])
268
9108f8d9 269# Messages for features tested for in target-specific section
270SIA_MSG="no"
271SPC_MSG="no"
272
3c0ef626 273# Check for some target-specific stuff
274case "$host" in
275*-*-aix*)
9108f8d9 276 # Some versions of VAC won't allow macro redefinitions at
277 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
278 # particularly with older versions of vac or xlc.
279 # It also throws errors about null macro argments, but these are
280 # not fatal.
281 AC_MSG_CHECKING(if compiler allows macro redefinitions)
282 AC_COMPILE_IFELSE(
283 [AC_LANG_SOURCE([[
284#define testmacro foo
285#define testmacro bar
286int main(void) { exit(0); }
287 ]])],
288 [ AC_MSG_RESULT(yes) ],
289 [ AC_MSG_RESULT(no)
290 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
291 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
292 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
293 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 ]
295 )
296
cdd66111 297 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
7e772e1f 298 if (test -z "$blibpath"); then
cdd66111 299 blibpath="/usr/lib:/lib"
7e772e1f 300 fi
301 saved_LDFLAGS="$LDFLAGS"
9108f8d9 302 if test "$GCC" = "yes"; then
303 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
304 else
305 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
306 fi
307 for tryflags in $flags ;do
7e772e1f 308 if (test -z "$blibflags"); then
309 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
310 AC_TRY_LINK([], [], [blibflags=$tryflags])
311 fi
312 done
313 if (test -z "$blibflags"); then
314 AC_MSG_RESULT(not found)
315 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
316 else
317 AC_MSG_RESULT($blibflags)
3c0ef626 318 fi
7e772e1f 319 LDFLAGS="$saved_LDFLAGS"
0fff78ff 320 dnl Check for authenticate. Might be in libs.a on older AIXes
2c06c99b 321 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
322 [Define if you want to enable AIX4's authenticate function])],
41b2f314 323 [AC_CHECK_LIB(s,authenticate,
324 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
325 LIBS="$LIBS -ls"
326 ])
327 ])
996d5e62 328 dnl Check for various auth function declarations in headers.
329 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
dec6d9fe 330 passwdexpired, setauthdb], , , [#include <usersec.h>])
0fff78ff 331 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
996d5e62 332 AC_CHECK_DECLS(loginfailed,
0fff78ff 333 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
334 AC_TRY_COMPILE(
335 [#include <usersec.h>],
336 [(void)loginfailed("user","host","tty",0);],
337 [AC_MSG_RESULT(yes)
2c06c99b 338 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
339 [Define if your AIX loginfailed() function
340 takes 4 arguments (AIX >= 5.2)])],
0fff78ff 341 [AC_MSG_RESULT(no)]
342 )],
343 [],
344 [#include <usersec.h>]
345 )
346 AC_CHECK_FUNCS(setauthdb)
9108f8d9 347 AC_CHECK_DECL(F_CLOSEM,
348 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
349 [],
350 [ #include <limits.h>
351 #include <fcntl.h> ]
352 )
996d5e62 353 check_for_aix_broken_getaddrinfo=1
2c06c99b 354 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
355 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
356 [Define if your platform breaks doing a seteuid before a setuid])
357 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
358 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 359 dnl AIX handles lastlog as part of its login message
2c06c99b 360 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
361 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
362 [Some systems need a utmpx entry for /bin/login to work])
363 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
364 [Define to a Set Process Title type if your system is
365 supported by bsd-setproctitle.c])
366 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
367 [AIX 5.2 and 5.3 (and presumably newer) require this])
9108f8d9 368 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 369 ;;
370*-*-cygwin*)
6a9b3198 371 check_for_libcrypt_later=1
799ae497 372 LIBS="$LIBS /usr/lib/textreadmode.o"
2c06c99b 373 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
374 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
375 AC_DEFINE(DISABLE_SHADOW, 1,
376 [Define if you want to disable shadow passwords])
377 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
378 [Define if your system choked on IP TOS setting])
379 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
380 [Define if X11 doesn't support AF_UNIX sockets on that system])
381 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
382 [Define if the concept of ports only accessible to
383 superusers isn't known])
384 AC_DEFINE(DISABLE_FD_PASSING, 1,
385 [Define if your platform needs to skip post auth
386 file descriptor passing])
3c0ef626 387 ;;
388*-*-dgux*)
389 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 390 AC_DEFINE(SETEUID_BREAKS_SETUID)
391 AC_DEFINE(BROKEN_SETREUID)
392 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 393 ;;
394*-*-darwin*)
41b2f314 395 AC_MSG_CHECKING(if we have working getaddrinfo)
396 AC_TRY_RUN([#include <mach-o/dyld.h>
397main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
398 exit(0);
399 else
400 exit(1);
401}], [AC_MSG_RESULT(working)],
402 [AC_MSG_RESULT(buggy)
2c06c99b 403 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
41b2f314 404 [AC_MSG_RESULT(assume it is working)])
acc3d05e 405 AC_DEFINE(SETEUID_BREAKS_SETUID)
406 AC_DEFINE(BROKEN_SETREUID)
407 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 408 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
409 [Define if your resolver libs need this for getrrsetbyname])
9108f8d9 410 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
411 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
412 [Use tunnel device compatibility to OpenBSD])
413 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
414 [Prepend the address family to IP tunnel traffic])
415 ;;
416*-*-dragonfly*)
417 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 418 ;;
665a873d 419*-*-hpux*)
420 # first we define all of the options common to all HP-UX releases
3c0ef626 421 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
422 IPADDR_IN_DISPLAY=yes
3c0ef626 423 AC_DEFINE(USE_PIPES)
2c06c99b 424 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
425 [Define if your login program cannot handle end of options ("--")])
700318f3 426 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 427 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
428 [String used in /etc/passwd to denote locked account])
0fff78ff 429 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
2c06c99b 430 MAIL="/var/mail/username"
41b2f314 431 LIBS="$LIBS -lsec"
665a873d 432 AC_CHECK_LIB(xnet, t_error, ,
433 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
434
435 # next, we define all of the options specific to major releases
436 case "$host" in
437 *-*-hpux10*)
438 if test -z "$GCC"; then
439 CFLAGS="$CFLAGS -Ae"
440 fi
441 ;;
442 *-*-hpux11*)
2c06c99b 443 AC_DEFINE(PAM_SUN_CODEBASE, 1,
444 [Define if you are using Solaris-derived PAM which
445 passes pam_messages to the conversation function
446 with an extra level of indirection])
447 AC_DEFINE(DISABLE_UTMP, 1,
448 [Define if you don't want to use utmp])
665a873d 449 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
450 check_for_hpux_broken_getaddrinfo=1
451 check_for_conflicting_getspnam=1
452 ;;
453 esac
454
455 # lastly, we define options specific to minor releases
456 case "$host" in
457 *-*-hpux10.26)
2c06c99b 458 AC_DEFINE(HAVE_SECUREWARE, 1,
459 [Define if you have SecureWare-based
460 protected password database])
665a873d 461 disable_ptmx_check=yes
462 LIBS="$LIBS -lsecpw"
463 ;;
464 esac
3c0ef626 465 ;;
466*-*-irix5*)
3c0ef626 467 PATH="$PATH:/usr/etc"
2c06c99b 468 AC_DEFINE(BROKEN_INET_NTOA, 1,
469 [Define if you system's inet_ntoa is busted
470 (e.g. Irix gcc issue)])
cdd66111 471 AC_DEFINE(SETEUID_BREAKS_SETUID)
472 AC_DEFINE(BROKEN_SETREUID)
473 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 474 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
475 [Define if you shouldn't strip 'tty' from your
476 ttyname in [uw]tmp])
0fff78ff 477 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 478 ;;
479*-*-irix6*)
3c0ef626 480 PATH="$PATH:/usr/etc"
2c06c99b 481 AC_DEFINE(WITH_IRIX_ARRAY, 1,
482 [Define if you have/want arrays
483 (cluster-wide session managment, not C arrays)])
484 AC_DEFINE(WITH_IRIX_PROJECT, 1,
485 [Define if you want IRIX project management])
486 AC_DEFINE(WITH_IRIX_AUDIT, 1,
487 [Define if you want IRIX audit trails])
488 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
489 [Define if you want IRIX kernel jobs])])
3c0ef626 490 AC_DEFINE(BROKEN_INET_NTOA)
acc3d05e 491 AC_DEFINE(SETEUID_BREAKS_SETUID)
492 AC_DEFINE(BROKEN_SETREUID)
493 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 494 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
700318f3 495 AC_DEFINE(WITH_ABBREV_NO_TTY)
0fff78ff 496 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 497 ;;
498*-*-linux*)
499 no_dev_ptmx=1
500 check_for_libcrypt_later=1
0fff78ff 501 check_for_openpty_ctty_bug=1
2c06c99b 502 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
503 AC_DEFINE(PAM_TTY_KLUDGE, 1,
504 [Work around problematic Linux PAM modules handling of PAM_TTY])
505 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
506 [String used in /etc/passwd to denote locked account])
0fff78ff 507 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
2c06c99b 508 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
509 [Define to whatever link() returns for "not supported"
510 if it doesn't return EOPNOTSUPP.])
996d5e62 511 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
2c06c99b 512 AC_DEFINE(USE_BTMP)
3c0ef626 513 inet6_default_4in6=yes
0fff78ff 514 case `uname -r` in
515 1.*|2.0.*)
2c06c99b 516 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
517 [Define if cmsg_type is not passed correctly])
0fff78ff 518 ;;
519 esac
2c06c99b 520 # tun(4) forwarding compat code
521 AC_CHECK_HEADERS(linux/if_tun.h)
522 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
523 AC_DEFINE(SSH_TUN_LINUX, 1,
524 [Open tunnel devices the Linux tun/tap way])
525 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
526 [Use tunnel device compatibility to OpenBSD])
527 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
528 [Prepend the address family to IP tunnel traffic])
529 fi
3c0ef626 530 ;;
531mips-sony-bsd|mips-sony-newsos4)
f2f068fa 532 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 533 SONY=1
3c0ef626 534 ;;
535*-*-netbsd*)
41b2f314 536 check_for_libcrypt_before=1
dec6d9fe 537 if test "x$withval" != "xno" ; then
cdd66111 538 need_dash_r=1
539 fi
2c06c99b 540 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
541 AC_CHECK_HEADER([net/if_tap.h], ,
542 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
543 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
544 [Prepend the address family to IP tunnel traffic])
3c0ef626 545 ;;
546*-*-freebsd*)
547 check_for_libcrypt_later=1
2c06c99b 548 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
549 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
550 AC_CHECK_HEADER([net/if_tap.h], ,
551 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 552 ;;
acc3d05e 553*-*-bsdi*)
554 AC_DEFINE(SETEUID_BREAKS_SETUID)
555 AC_DEFINE(BROKEN_SETREUID)
556 AC_DEFINE(BROKEN_SETREGID)
557 ;;
3c0ef626 558*-next-*)
559 conf_lastlog_location="/usr/adm/lastlog"
560 conf_utmp_location=/etc/utmp
561 conf_wtmp_location=/usr/adm/wtmp
562 MAIL=/usr/spool/mail
2c06c99b 563 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 564 AC_DEFINE(BROKEN_REALPATH)
565 AC_DEFINE(USE_PIPES)
2c06c99b 566 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 567 ;;
665a873d 568*-*-openbsd*)
569 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
2c06c99b 570 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
571 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
9108f8d9 572 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
573 [syslog_r function is safe to use in in a signal handler])
665a873d 574 ;;
3c0ef626 575*-*-solaris*)
dec6d9fe 576 if test "x$withval" != "xno" ; then
99be0775 577 need_dash_r=1
578 fi
3c0ef626 579 AC_DEFINE(PAM_SUN_CODEBASE)
580 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 581 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
582 [Some versions of /bin/login need the TERM supplied
583 on the commandline])
3c0ef626 584 AC_DEFINE(PAM_TTY_KLUDGE)
2c06c99b 585 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
586 [Define if pam_chauthtok wants real uid set
587 to the unpriv'ed user])
0fff78ff 588 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
589 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
2c06c99b 590 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
591 [Define if sshd somehow reacquires a controlling TTY
592 after setsid()])
9108f8d9 593 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
594 in case the name is longer than 8 chars])
0fff78ff 595 external_path_file=/etc/default/login
3c0ef626 596 # hardwire lastlog location (can't detect it on some versions)
597 conf_lastlog_location="/var/adm/lastlog"
598 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
599 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
600 if test "$sol2ver" -ge 8; then
601 AC_MSG_RESULT(yes)
602 AC_DEFINE(DISABLE_UTMP)
2c06c99b 603 AC_DEFINE(DISABLE_WTMP, 1,
604 [Define if you don't want to use wtmp])
3c0ef626 605 else
606 AC_MSG_RESULT(no)
607 fi
9108f8d9 608 AC_ARG_WITH(solaris-contracts,
609 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
610 [
611 AC_CHECK_LIB(contract, ct_tmpl_activate,
612 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
613 [Define if you have Solaris process contracts])
614 SSHDLIBS="$SSHDLIBS -lcontract"
615 AC_SUBST(SSHDLIBS)
616 SPC_MSG="yes" ], )
617 ],
618 )
3c0ef626 619 ;;
620*-*-sunos4*)
621 CPPFLAGS="$CPPFLAGS -DSUNOS4"
622 AC_CHECK_FUNCS(getpwanam)
623 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 624 conf_utmp_location=/etc/utmp
625 conf_wtmp_location=/var/adm/wtmp
626 conf_lastlog_location=/var/adm/lastlog
627 AC_DEFINE(USE_PIPES)
628 ;;
629*-ncr-sysv*)
3c0ef626 630 LIBS="$LIBS -lc89"
e9a17296 631 AC_DEFINE(USE_PIPES)
0fff78ff 632 AC_DEFINE(SSHD_ACQUIRES_CTTY)
acc3d05e 633 AC_DEFINE(SETEUID_BREAKS_SETUID)
634 AC_DEFINE(BROKEN_SETREUID)
635 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 636 ;;
637*-sni-sysv*)
3c0ef626 638 # /usr/ucblib MUST NOT be searched on ReliantUNIX
cdd66111 639 AC_CHECK_LIB(dl, dlsym, ,)
2c06c99b 640 # -lresolv needs to be at the end of LIBS or DNS lookups break
641 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 642 IPADDR_IN_DISPLAY=yes
643 AC_DEFINE(USE_PIPES)
644 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 645 AC_DEFINE(SETEUID_BREAKS_SETUID)
646 AC_DEFINE(BROKEN_SETREUID)
647 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 648 AC_DEFINE(SSHD_ACQUIRES_CTTY)
649 external_path_file=/etc/default/login
3c0ef626 650 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
651 # Attention: always take care to bind libsocket and libnsl before libc,
652 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
653 ;;
996d5e62 654# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 655*-*-sysv4.2*)
3c0ef626 656 AC_DEFINE(USE_PIPES)
0fff78ff 657 AC_DEFINE(SETEUID_BREAKS_SETUID)
658 AC_DEFINE(BROKEN_SETREUID)
659 AC_DEFINE(BROKEN_SETREGID)
dec6d9fe 660 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
2c06c99b 661 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 662 ;;
996d5e62 663# UnixWare 7.x, OpenUNIX 8
3c0ef626 664*-*-sysv5*)
665a873d 665 check_for_libcrypt_later=1
666 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 667 AC_DEFINE(USE_PIPES)
0fff78ff 668 AC_DEFINE(SETEUID_BREAKS_SETUID)
669 AC_DEFINE(BROKEN_SETREUID)
670 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 671 AC_DEFINE(PASSWD_NEEDS_USERNAME)
665a873d 672 case "$host" in
673 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
674 TEST_SHELL=/u95/bin/sh
2c06c99b 675 AC_DEFINE(BROKEN_LIBIAF, 1,
676 [ia_uinfo routines not supported by OS yet])
9108f8d9 677 AC_DEFINE(BROKEN_UPDWTMPX)
2c06c99b 678 ;;
679 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
665a873d 680 ;;
681 esac
3c0ef626 682 ;;
683*-*-sysv*)
3c0ef626 684 ;;
996d5e62 685# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 686*-*-sco3.2v4*)
996d5e62 687 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 688 ;;
996d5e62 689# SCO OpenServer 5.x
3c0ef626 690*-*-sco3.2v5*)
6a9b3198 691 if test -z "$GCC"; then
692 CFLAGS="$CFLAGS -belf"
693 fi
3c0ef626 694 LIBS="$LIBS -lprot -lx -ltinfo -lm"
695 no_dev_ptmx=1
3c0ef626 696 AC_DEFINE(USE_PIPES)
700318f3 697 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 698 AC_DEFINE(DISABLE_SHADOW)
41b2f314 699 AC_DEFINE(DISABLE_FD_PASSING)
0fff78ff 700 AC_DEFINE(SETEUID_BREAKS_SETUID)
701 AC_DEFINE(BROKEN_SETREUID)
702 AC_DEFINE(BROKEN_SETREGID)
703 AC_DEFINE(WITH_ABBREV_NO_TTY)
c9f39d2c 704 AC_DEFINE(BROKEN_UPDWTMPX)
2c06c99b 705 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 706 AC_CHECK_FUNCS(getluid setluid)
707 MANTYPE=man
c9f39d2c 708 TEST_SHELL=ksh
3c0ef626 709 ;;
41b2f314 710*-*-unicosmk*)
2c06c99b 711 AC_DEFINE(NO_SSH_LASTLOG, 1,
712 [Define if you don't want to use lastlog in session.c])
cdd66111 713 AC_DEFINE(SETEUID_BREAKS_SETUID)
714 AC_DEFINE(BROKEN_SETREUID)
715 AC_DEFINE(BROKEN_SETREGID)
41b2f314 716 AC_DEFINE(USE_PIPES)
717 AC_DEFINE(DISABLE_FD_PASSING)
718 LDFLAGS="$LDFLAGS"
719 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
720 MANTYPE=cat
721 ;;
0fff78ff 722*-*-unicosmp*)
cdd66111 723 AC_DEFINE(SETEUID_BREAKS_SETUID)
724 AC_DEFINE(BROKEN_SETREUID)
725 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 726 AC_DEFINE(WITH_ABBREV_NO_TTY)
727 AC_DEFINE(USE_PIPES)
728 AC_DEFINE(DISABLE_FD_PASSING)
729 LDFLAGS="$LDFLAGS"
cdd66111 730 LIBS="$LIBS -lgen -lacid -ldb"
0fff78ff 731 MANTYPE=cat
732 ;;
3c0ef626 733*-*-unicos*)
cdd66111 734 AC_DEFINE(SETEUID_BREAKS_SETUID)
735 AC_DEFINE(BROKEN_SETREUID)
736 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 737 AC_DEFINE(USE_PIPES)
41b2f314 738 AC_DEFINE(DISABLE_FD_PASSING)
739 AC_DEFINE(NO_SSH_LASTLOG)
740 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
741 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
742 MANTYPE=cat
3c0ef626 743 ;;
744*-dec-osf*)
745 AC_MSG_CHECKING(for Digital Unix SIA)
746 no_osfsia=""
747 AC_ARG_WITH(osfsia,
748 [ --with-osfsia Enable Digital Unix SIA],
749 [
750 if test "x$withval" = "xno" ; then
751 AC_MSG_RESULT(disabled)
752 no_osfsia=1
753 fi
754 ],
755 )
756 if test -z "$no_osfsia" ; then
757 if test -f /etc/sia/matrix.conf; then
758 AC_MSG_RESULT(yes)
2c06c99b 759 AC_DEFINE(HAVE_OSF_SIA, 1,
760 [Define if you have Digital Unix Security
761 Integration Architecture])
762 AC_DEFINE(DISABLE_LOGIN, 1,
763 [Define if you don't want to use your
764 system's login() call])
6a9b3198 765 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 766 LIBS="$LIBS -lsecurity -ldb -lm -laud"
9108f8d9 767 SIA_MSG="yes"
3c0ef626 768 else
769 AC_MSG_RESULT(no)
2c06c99b 770 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
771 [String used in /etc/passwd to denote locked account])
3c0ef626 772 fi
773 fi
0fff78ff 774 AC_DEFINE(BROKEN_GETADDRINFO)
acc3d05e 775 AC_DEFINE(SETEUID_BREAKS_SETUID)
776 AC_DEFINE(BROKEN_SETREUID)
777 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 778 ;;
779
f2f068fa 780*-*-nto-qnx*)
3c0ef626 781 AC_DEFINE(USE_PIPES)
782 AC_DEFINE(NO_X11_UNIX_SOCKETS)
2c06c99b 783 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
784 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
785 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
f2f068fa 786 AC_DEFINE(DISABLE_LASTLOG)
9108f8d9 787 AC_DEFINE(SSHD_ACQUIRES_CTTY)
788 enable_etc_default_login=no # has incompatible /etc/default/login
d4487008 789 case "$host" in
790 *-*-nto-qnx6*)
791 AC_DEFINE(DISABLE_FD_PASSING)
792 ;;
793 esac
3c0ef626 794 ;;
665a873d 795
796*-*-ultrix*)
2c06c99b 797 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
798 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
f2f068fa 799 AC_DEFINE(NEED_SETPGRP)
665a873d 800 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
801 ;;
802
803*-*-lynxos)
804 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
2c06c99b 805 AC_DEFINE(MISSING_HOWMANY)
665a873d 806 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
807 ;;
3c0ef626 808esac
809
0fff78ff 810AC_MSG_CHECKING(compiler and flags for sanity)
996d5e62 811AC_RUN_IFELSE(
812 [AC_LANG_SOURCE([
0fff78ff 813#include <stdio.h>
814int main(){exit(0);}
996d5e62 815 ])],
0fff78ff 816 [ AC_MSG_RESULT(yes) ],
817 [
818 AC_MSG_RESULT(no)
819 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
996d5e62 820 ],
821 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
0fff78ff 822)
823
665a873d 824dnl Checks for header files.
3c0ef626 825# Checks for libraries.
826AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
827AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
828
0fff78ff 829dnl IRIX and Solaris 2.5.1 have dirname() in libgen
830AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
831 AC_CHECK_LIB(gen, dirname,[
832 AC_CACHE_CHECK([for broken dirname],
833 ac_cv_have_broken_dirname, [
834 save_LIBS="$LIBS"
835 LIBS="$LIBS -lgen"
2c06c99b 836 AC_RUN_IFELSE(
837 [AC_LANG_SOURCE([[
0fff78ff 838#include <libgen.h>
839#include <string.h>
840
841int main(int argc, char **argv) {
842 char *s, buf[32];
843
844 strncpy(buf,"/etc", 32);
845 s = dirname(buf);
846 if (!s || strncmp(s, "/", 32) != 0) {
847 exit(1);
848 } else {
849 exit(0);
850 }
851}
2c06c99b 852 ]])],
853 [ ac_cv_have_broken_dirname="no" ],
854 [ ac_cv_have_broken_dirname="yes" ],
0fff78ff 855 [ ac_cv_have_broken_dirname="no" ],
0fff78ff 856 )
857 LIBS="$save_LIBS"
858 ])
859 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
860 LIBS="$LIBS -lgen"
861 AC_DEFINE(HAVE_DIRNAME)
862 AC_CHECK_HEADERS(libgen.h)
863 fi
864 ])
865])
866
3c0ef626 867AC_CHECK_FUNC(getspnam, ,
868 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
2c06c99b 869AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
870 [Define if you have the basename function.]))
3c0ef626 871
872dnl zlib is required
873AC_ARG_WITH(zlib,
874 [ --with-zlib=PATH Use zlib in PATH],
dec6d9fe 875 [ if test "x$withval" = "xno" ; then
876 AC_MSG_ERROR([*** zlib is required ***])
877 elif test "x$withval" != "xyes"; then
3c0ef626 878 if test -d "$withval/lib"; then
879 if test -n "${need_dash_r}"; then
880 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
881 else
882 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
883 fi
884 else
885 if test -n "${need_dash_r}"; then
886 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
887 else
888 LDFLAGS="-L${withval} ${LDFLAGS}"
889 fi
890 fi
891 if test -d "$withval/include"; then
892 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
893 else
894 CPPFLAGS="-I${withval} ${CPPFLAGS}"
895 fi
dec6d9fe 896 fi ]
3c0ef626 897)
898
cdd66111 899AC_CHECK_LIB(z, deflate, ,
900 [
901 saved_CPPFLAGS="$CPPFLAGS"
902 saved_LDFLAGS="$LDFLAGS"
903 save_LIBS="$LIBS"
904 dnl Check default zlib install dir
905 if test -n "${need_dash_r}"; then
906 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
907 else
908 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
909 fi
910 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
911 LIBS="$LIBS -lz"
912 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
913 [
914 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
915 ]
916 )
917 ]
918)
919AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
920
921AC_ARG_WITH(zlib-version-check,
922 [ --without-zlib-version-check Disable zlib version check],
923 [ if test "x$withval" = "xno" ; then
924 zlib_check_nonfatal=1
925 fi
926 ]
927)
928
dec6d9fe 929AC_MSG_CHECKING(for possibly buggy zlib)
996d5e62 930AC_RUN_IFELSE([AC_LANG_SOURCE([[
dec6d9fe 931#include <stdio.h>
cdd66111 932#include <zlib.h>
933int main()
934{
dec6d9fe 935 int a=0, b=0, c=0, d=0, n, v;
936 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
937 if (n != 3 && n != 4)
cdd66111 938 exit(1);
dec6d9fe 939 v = a*1000000 + b*10000 + c*100 + d;
940 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
941
942 /* 1.1.4 is OK */
943 if (a == 1 && b == 1 && c >= 4)
cdd66111 944 exit(0);
dec6d9fe 945
665a873d 946 /* 1.2.3 and up are OK */
947 if (v >= 1020300)
dec6d9fe 948 exit(0);
949
cdd66111 950 exit(2);
951}
996d5e62 952 ]])],
dec6d9fe 953 AC_MSG_RESULT(no),
954 [ AC_MSG_RESULT(yes)
cdd66111 955 if test -z "$zlib_check_nonfatal" ; then
956 AC_MSG_ERROR([*** zlib too old - check config.log ***
957Your reported zlib version has known security problems. It's possible your
958vendor has fixed these problems without changing the version number. If you
959are sure this is the case, you can disable the check by running
960"./configure --without-zlib-version-check".
665a873d 961If you are in doubt, upgrade zlib to version 1.2.3 or greater.
dec6d9fe 962See http://www.gzip.org/zlib/ for details.])
cdd66111 963 else
964 AC_MSG_WARN([zlib version may have security problems])
965 fi
996d5e62 966 ],
967 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
cdd66111 968)
3c0ef626 969
3c0ef626 970dnl UnixWare 2.x
cdd66111 971AC_CHECK_FUNC(strcasecmp,
3c0ef626 972 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
973)
2c06c99b 974AC_CHECK_FUNCS(utimes,
41b2f314 975 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
976 LIBS="$LIBS -lc89"]) ]
3c0ef626 977)
978
979dnl Checks for libutil functions
980AC_CHECK_HEADERS(libutil.h)
2c06c99b 981AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
982 [Define if your libraries define login()])])
3c0ef626 983AC_CHECK_FUNCS(logout updwtmp logwtmp)
984
985AC_FUNC_STRFTIME
986
3c0ef626 987# Check for ALTDIRFUNC glob() extension
988AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
989AC_EGREP_CPP(FOUNDIT,
990 [
991 #include <glob.h>
992 #ifdef GLOB_ALTDIRFUNC
993 FOUNDIT
994 #endif
cdd66111 995 ],
3c0ef626 996 [
2c06c99b 997 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
998 [Define if your system glob() function has
999 the GLOB_ALTDIRFUNC extension])
3c0ef626 1000 AC_MSG_RESULT(yes)
1001 ],
1002 [
1003 AC_MSG_RESULT(no)
1004 ]
1005)
1006
1007# Check for g.gl_matchc glob() extension
1008AC_MSG_CHECKING(for gl_matchc field in glob_t)
9108f8d9 1009AC_TRY_COMPILE(
1010 [ #include <glob.h> ],
1011 [glob_t g; g.gl_matchc = 1;],
cdd66111 1012 [
2c06c99b 1013 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1014 [Define if your system glob() function has
1015 gl_matchc options in glob_t])
cdd66111 1016 AC_MSG_RESULT(yes)
1017 ],
1018 [
1019 AC_MSG_RESULT(no)
1020 ]
3c0ef626 1021)
1022
9108f8d9 1023AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1024
3c0ef626 1025AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
996d5e62 1026AC_RUN_IFELSE(
1027 [AC_LANG_SOURCE([[
3c0ef626 1028#include <sys/types.h>
1029#include <dirent.h>
41b2f314 1030int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
996d5e62 1031 ]])],
cdd66111 1032 [AC_MSG_RESULT(yes)],
3c0ef626 1033 [
1034 AC_MSG_RESULT(no)
2c06c99b 1035 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1036 [Define if your struct dirent expects you to
1037 allocate extra space for d_name])
996d5e62 1038 ],
dec6d9fe 1039 [
996d5e62 1040 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1041 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1042 ]
1043)
1044
c9f39d2c 1045AC_MSG_CHECKING([for /proc/pid/fd directory])
1046if test -d "/proc/$$/fd" ; then
2c06c99b 1047 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
c9f39d2c 1048 AC_MSG_RESULT(yes)
1049else
1050 AC_MSG_RESULT(no)
1051fi
1052
3c0ef626 1053# Check whether user wants S/Key support
cdd66111 1054SKEY_MSG="no"
3c0ef626 1055AC_ARG_WITH(skey,
996d5e62 1056 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1057 [
1058 if test "x$withval" != "xno" ; then
1059
1060 if test "x$withval" != "xyes" ; then
1061 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1062 LDFLAGS="$LDFLAGS -L${withval}/lib"
1063 fi
1064
2c06c99b 1065 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1066 LIBS="-lskey $LIBS"
cdd66111 1067 SKEY_MSG="yes"
dec6d9fe 1068
e9a17296 1069 AC_MSG_CHECKING([for s/key support])
2c06c99b 1070 AC_LINK_IFELSE(
1071 [AC_LANG_SOURCE([[
e9a17296 1072#include <stdio.h>
1073#include <skey.h>
41b2f314 1074int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
2c06c99b 1075 ]])],
e9a17296 1076 [AC_MSG_RESULT(yes)],
3c0ef626 1077 [
e9a17296 1078 AC_MSG_RESULT(no)
3c0ef626 1079 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1080 ])
99be0775 1081 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1082 AC_TRY_COMPILE(
1083 [#include <stdio.h>
1084 #include <skey.h>],
1085 [(void)skeychallenge(NULL,"name","",0);],
1086 [AC_MSG_RESULT(yes)
2c06c99b 1087 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1088 [Define if your skeychallenge()
1089 function takes 4 arguments (NetBSD)])],
99be0775 1090 [AC_MSG_RESULT(no)]
1091 )
3c0ef626 1092 fi
1093 ]
1094)
1095
1096# Check whether user wants TCP wrappers support
1097TCPW_MSG="no"
1098AC_ARG_WITH(tcp-wrappers,
996d5e62 1099 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1100 [
1101 if test "x$withval" != "xno" ; then
1102 saved_LIBS="$LIBS"
1103 saved_LDFLAGS="$LDFLAGS"
1104 saved_CPPFLAGS="$CPPFLAGS"
dec6d9fe 1105 if test -n "${withval}" && \
1106 test "x${withval}" != "xyes"; then
3c0ef626 1107 if test -d "${withval}/lib"; then
1108 if test -n "${need_dash_r}"; then
1109 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1110 else
1111 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1112 fi
1113 else
1114 if test -n "${need_dash_r}"; then
1115 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1116 else
1117 LDFLAGS="-L${withval} ${LDFLAGS}"
1118 fi
1119 fi
1120 if test -d "${withval}/include"; then
1121 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1122 else
1123 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1124 fi
1125 fi
d4487008 1126 LIBS="-lwrap $LIBS"
3c0ef626 1127 AC_MSG_CHECKING(for libwrap)
1128 AC_TRY_LINK(
1129 [
99be0775 1130#include <sys/types.h>
1131#include <sys/socket.h>
1132#include <netinet/in.h>
3c0ef626 1133#include <tcpd.h>
1134 int deny_severity = 0, allow_severity = 0;
1135 ],
1136 [hosts_access(0);],
1137 [
1138 AC_MSG_RESULT(yes)
2c06c99b 1139 AC_DEFINE(LIBWRAP, 1,
1140 [Define if you want
1141 TCP Wrappers support])
d4487008 1142 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1143 TCPW_MSG="yes"
1144 ],
1145 [
1146 AC_MSG_ERROR([*** libwrap missing])
1147 ]
1148 )
e9a17296 1149 LIBS="$saved_LIBS"
3c0ef626 1150 fi
1151 ]
1152)
1153
996d5e62 1154# Check whether user wants libedit support
1155LIBEDIT_MSG="no"
1156AC_ARG_WITH(libedit,
1157 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1158 [ if test "x$withval" != "xno" ; then
dec6d9fe 1159 if test "x$withval" != "xyes"; then
2c06c99b 1160 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1161 if test -n "${need_dash_r}"; then
1162 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1163 else
1164 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1165 fi
dec6d9fe 1166 fi
996d5e62 1167 AC_CHECK_LIB(edit, el_init,
2c06c99b 1168 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
996d5e62 1169 LIBEDIT="-ledit -lcurses"
1170 LIBEDIT_MSG="yes"
1171 AC_SUBST(LIBEDIT)
1172 ],
dec6d9fe 1173 [ AC_MSG_ERROR(libedit not found) ],
1174 [ -lcurses ]
996d5e62 1175 )
665a873d 1176 AC_MSG_CHECKING(if libedit version is compatible)
1177 AC_COMPILE_IFELSE(
1178 [AC_LANG_SOURCE([[
1179#include <histedit.h>
1180int main(void)
1181{
1182 int i = H_SETSIZE;
1183 el_init("", NULL, NULL, NULL);
1184 exit(0);
1185}
1186 ]])],
1187 [ AC_MSG_RESULT(yes) ],
1188 [ AC_MSG_RESULT(no)
1189 AC_MSG_ERROR(libedit version is not compatible) ]
1190 )
996d5e62 1191 fi ]
1192)
1193
1194AUDIT_MODULE=none
1195AC_ARG_WITH(audit,
1196 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1197 [
1198 AC_MSG_CHECKING(for supported audit module)
1199 case "$withval" in
1200 bsm)
1201 AC_MSG_RESULT(bsm)
1202 AUDIT_MODULE=bsm
1203 dnl Checks for headers, libs and functions
1204 AC_CHECK_HEADERS(bsm/audit.h, [],
9108f8d9 1205 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1206 [
1207#ifdef HAVE_TIME_H
1208# include <time.h>
1209#endif
1210 ]
1211)
996d5e62 1212 AC_CHECK_LIB(bsm, getaudit, [],
1213 [AC_MSG_ERROR(BSM enabled and required library not found)])
1214 AC_CHECK_FUNCS(getaudit, [],
1215 [AC_MSG_ERROR(BSM enabled and required function not found)])
1216 # These are optional
1217 AC_CHECK_FUNCS(getaudit_addr)
2c06c99b 1218 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
996d5e62 1219 ;;
1220 debug)
1221 AUDIT_MODULE=debug
1222 AC_MSG_RESULT(debug)
2c06c99b 1223 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
996d5e62 1224 ;;
665a873d 1225 no)
1226 AC_MSG_RESULT(no)
1227 ;;
996d5e62 1228 *)
1229 AC_MSG_ERROR([Unknown audit module $withval])
1230 ;;
1231 esac ]
1232)
1233
6a9b3198 1234dnl Checks for library functions. Please keep in alphabetical order
665a873d 1235AC_CHECK_FUNCS( \
1236 arc4random \
2c06c99b 1237 asprintf \
665a873d 1238 b64_ntop \
1239 __b64_ntop \
1240 b64_pton \
1241 __b64_pton \
1242 bcopy \
1243 bindresvport_sa \
1244 clock \
1245 closefrom \
1246 dirfd \
1247 fchmod \
1248 fchown \
1249 freeaddrinfo \
1250 futimes \
1251 getaddrinfo \
1252 getcwd \
1253 getgrouplist \
1254 getnameinfo \
1255 getopt \
1256 getpeereid \
d4487008 1257 getpeerucred \
665a873d 1258 _getpty \
1259 getrlimit \
1260 getttyent \
1261 glob \
1262 inet_aton \
1263 inet_ntoa \
1264 inet_ntop \
1265 innetgr \
1266 login_getcapbool \
1267 md5_crypt \
1268 memmove \
1269 mkdtemp \
1270 mmap \
1271 ngetaddrinfo \
1272 nsleep \
1273 ogetaddrinfo \
1274 openlog_r \
1275 openpty \
d4487008 1276 poll \
665a873d 1277 prctl \
1278 pstat \
1279 readpassphrase \
1280 realpath \
1281 recvmsg \
1282 rresvport_af \
1283 sendmsg \
1284 setdtablesize \
1285 setegid \
1286 setenv \
1287 seteuid \
1288 setgroups \
1289 setlogin \
1290 setpcred \
1291 setproctitle \
1292 setregid \
1293 setreuid \
1294 setrlimit \
1295 setsid \
1296 setvbuf \
1297 sigaction \
1298 sigvec \
1299 snprintf \
1300 socketpair \
1301 strdup \
1302 strerror \
1303 strlcat \
1304 strlcpy \
1305 strmode \
1306 strnvis \
1307 strtonum \
1308 strtoll \
1309 strtoul \
d4487008 1310 swap32 \
665a873d 1311 sysconf \
1312 tcgetpgrp \
1313 truncate \
1314 unsetenv \
1315 updwtmpx \
2c06c99b 1316 vasprintf \
665a873d 1317 vhangup \
1318 vsnprintf \
1319 waitpid \
6a9b3198 1320)
1321
acc3d05e 1322# IRIX has a const char return value for gai_strerror()
1323AC_CHECK_FUNCS(gai_strerror,[
1324 AC_DEFINE(HAVE_GAI_STRERROR)
1325 AC_TRY_COMPILE([
1326#include <sys/types.h>
1327#include <sys/socket.h>
1328#include <netdb.h>
1329
1330const char *gai_strerror(int);],[
1331char *str;
1332
1333str = gai_strerror(0);],[
1334 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1335 [Define if gai_strerror() returns const char *])])])
1336
2c06c99b 1337AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1338 [Some systems put nanosleep outside of libc]))
6a9b3198 1339
0fff78ff 1340dnl Make sure prototypes are defined for these before using them.
0fff78ff 1341AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
665a873d 1342AC_CHECK_DECL(strsep,
1343 [AC_CHECK_FUNCS(strsep)],
1344 [],
1345 [
1346#ifdef HAVE_STRING_H
1347# include <string.h>
1348#endif
1349 ])
3c0ef626 1350
0fff78ff 1351dnl tcsendbreak might be a macro
1352AC_CHECK_DECL(tcsendbreak,
1353 [AC_DEFINE(HAVE_TCSENDBREAK)],
cdd66111 1354 [AC_CHECK_FUNCS(tcsendbreak)],
0fff78ff 1355 [#include <termios.h>]
1356)
3c0ef626 1357
c9f39d2c 1358AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1359
9108f8d9 1360AC_CHECK_DECLS(SHUT_RD, , ,
1361 [
1362#include <sys/types.h>
1363#include <sys/socket.h>
1364 ])
1365
1366AC_CHECK_DECLS(O_NONBLOCK, , ,
1367 [
1368#include <sys/types.h>
1369#ifdef HAVE_SYS_STAT_H
1370# include <sys/stat.h>
1371#endif
1372#ifdef HAVE_FCNTL_H
1373# include <fcntl.h>
1374#endif
1375 ])
1376
1377AC_CHECK_DECLS(writev, , , [
1378#include <sys/types.h>
1379#include <sys/uio.h>
1380#include <unistd.h>
1381 ])
1382
d4487008 1383AC_CHECK_DECLS(MAXSYMLINKS, , , [
1384#include <sys/param.h>
1385 ])
1386
1387AC_CHECK_DECLS(offsetof, , , [
1388#include <stddef.h>
1389 ])
1390
cdd66111 1391AC_CHECK_FUNCS(setresuid, [
1392 dnl Some platorms have setresuid that isn't implemented, test for this
1393 AC_MSG_CHECKING(if setresuid seems to work)
996d5e62 1394 AC_RUN_IFELSE(
1395 [AC_LANG_SOURCE([[
cdd66111 1396#include <stdlib.h>
1397#include <errno.h>
1398int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1399 ]])],
cdd66111 1400 [AC_MSG_RESULT(yes)],
2c06c99b 1401 [AC_DEFINE(BROKEN_SETRESUID, 1,
1402 [Define if your setresuid() is broken])
996d5e62 1403 AC_MSG_RESULT(not implemented)],
1404 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1405 )
1406])
1407
1408AC_CHECK_FUNCS(setresgid, [
1409 dnl Some platorms have setresgid that isn't implemented, test for this
1410 AC_MSG_CHECKING(if setresgid seems to work)
996d5e62 1411 AC_RUN_IFELSE(
1412 [AC_LANG_SOURCE([[
cdd66111 1413#include <stdlib.h>
1414#include <errno.h>
1415int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1416 ]])],
cdd66111 1417 [AC_MSG_RESULT(yes)],
2c06c99b 1418 [AC_DEFINE(BROKEN_SETRESGID, 1,
1419 [Define if your setresgid() is broken])
996d5e62 1420 AC_MSG_RESULT(not implemented)],
1421 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1422 )
1423])
1424
3c0ef626 1425dnl Checks for time functions
1426AC_CHECK_FUNCS(gettimeofday time)
1427dnl Checks for utmp functions
1428AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1429AC_CHECK_FUNCS(utmpname)
1430dnl Checks for utmpx functions
1431AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1432AC_CHECK_FUNCS(setutxent utmpxname)
1433
cdd66111 1434AC_CHECK_FUNC(daemon,
2c06c99b 1435 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1436 [AC_CHECK_LIB(bsd, daemon,
1437 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1438)
1439
cdd66111 1440AC_CHECK_FUNC(getpagesize,
2c06c99b 1441 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1442 [Define if your libraries define getpagesize()])],
1443 [AC_CHECK_LIB(ucb, getpagesize,
1444 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1445)
1446
1447# Check for broken snprintf
1448if test "x$ac_cv_func_snprintf" = "xyes" ; then
1449 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
996d5e62 1450 AC_RUN_IFELSE(
1451 [AC_LANG_SOURCE([[
3c0ef626 1452#include <stdio.h>
41b2f314 1453int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
996d5e62 1454 ]])],
cdd66111 1455 [AC_MSG_RESULT(yes)],
3c0ef626 1456 [
1457 AC_MSG_RESULT(no)
2c06c99b 1458 AC_DEFINE(BROKEN_SNPRINTF, 1,
1459 [Define if your snprintf is busted])
3c0ef626 1460 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
996d5e62 1461 ],
1462 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1463 )
1464fi
1465
2c06c99b 1466# If we don't have a working asprintf, then we strongly depend on vsnprintf
1467# returning the right thing on overflow: the number of characters it tried to
1468# create (as per SUSv3)
1469if test "x$ac_cv_func_asprintf" != "xyes" && \
1470 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1471 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1472 AC_RUN_IFELSE(
1473 [AC_LANG_SOURCE([[
1474#include <sys/types.h>
1475#include <stdio.h>
1476#include <stdarg.h>
1477
1478int x_snprintf(char *str,size_t count,const char *fmt,...)
1479{
1480 size_t ret; va_list ap;
1481 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1482 return ret;
1483}
1484int main(void)
1485{
1486 char x[1];
1487 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1488} ]])],
1489 [AC_MSG_RESULT(yes)],
1490 [
1491 AC_MSG_RESULT(no)
1492 AC_DEFINE(BROKEN_SNPRINTF, 1,
1493 [Define if your snprintf is busted])
1494 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1495 ],
1496 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1497 )
1498fi
1499
1500# On systems where [v]snprintf is broken, but is declared in stdio,
1501# check that the fmt argument is const char * or just char *.
1502# This is only useful for when BROKEN_SNPRINTF
1503AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1504AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1505 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1506 int main(void) { snprintf(0, 0, 0); }
1507 ]])],
1508 [AC_MSG_RESULT(yes)
1509 AC_DEFINE(SNPRINTF_CONST, [const],
1510 [Define as const if snprintf() can declare const char *fmt])],
1511 [AC_MSG_RESULT(no)
1512 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1513
c9f39d2c 1514# Check for missing getpeereid (or equiv) support
1515NO_PEERCHECK=""
d4487008 1516if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
c9f39d2c 1517 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1518 AC_TRY_COMPILE(
1519 [#include <sys/types.h>
1520 #include <sys/socket.h>],
1521 [int i = SO_PEERCRED;],
dec6d9fe 1522 [ AC_MSG_RESULT(yes)
2c06c99b 1523 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
dec6d9fe 1524 ],
c9f39d2c 1525 [AC_MSG_RESULT(no)
1526 NO_PEERCHECK=1]
1527 )
1528fi
1529
6a9b3198 1530dnl see whether mkstemp() requires XXXXXX
1531if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1532AC_MSG_CHECKING([for (overly) strict mkstemp])
2c06c99b 1533AC_RUN_IFELSE(
1534 [AC_LANG_SOURCE([[
6a9b3198 1535#include <stdlib.h>
1536main() { char template[]="conftest.mkstemp-test";
1537if (mkstemp(template) == -1)
1538 exit(1);
1539unlink(template); exit(0);
1540}
2c06c99b 1541 ]])],
6a9b3198 1542 [
1543 AC_MSG_RESULT(no)
1544 ],
cdd66111 1545 [
6a9b3198 1546 AC_MSG_RESULT(yes)
2c06c99b 1547 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
6a9b3198 1548 ],
1549 [
1550 AC_MSG_RESULT(yes)
1551 AC_DEFINE(HAVE_STRICT_MKSTEMP)
cdd66111 1552 ]
6a9b3198 1553)
1554fi
1555
0fff78ff 1556dnl make sure that openpty does not reacquire controlling terminal
1557if test ! -z "$check_for_openpty_ctty_bug"; then
1558 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
2c06c99b 1559 AC_RUN_IFELSE(
1560 [AC_LANG_SOURCE([[
0fff78ff 1561#include <stdio.h>
1562#include <sys/fcntl.h>
1563#include <sys/types.h>
1564#include <sys/wait.h>
1565
1566int
1567main()
1568{
1569 pid_t pid;
1570 int fd, ptyfd, ttyfd, status;
1571
1572 pid = fork();
1573 if (pid < 0) { /* failed */
1574 exit(1);
1575 } else if (pid > 0) { /* parent */
1576 waitpid(pid, &status, 0);
cdd66111 1577 if (WIFEXITED(status))
0fff78ff 1578 exit(WEXITSTATUS(status));
1579 else
1580 exit(2);
1581 } else { /* child */
1582 close(0); close(1); close(2);
1583 setsid();
1584 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1585 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1586 if (fd >= 0)
1587 exit(3); /* Acquired ctty: broken */
1588 else
1589 exit(0); /* Did not acquire ctty: OK */
1590 }
1591}
2c06c99b 1592 ]])],
0fff78ff 1593 [
1594 AC_MSG_RESULT(yes)
1595 ],
1596 [
1597 AC_MSG_RESULT(no)
1598 AC_DEFINE(SSHD_ACQUIRES_CTTY)
2c06c99b 1599 ],
1600 [
1601 AC_MSG_RESULT(cross-compiling, assuming yes)
0fff78ff 1602 ]
1603 )
1604fi
1605
dec6d9fe 1606if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1607 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
99be0775 1608 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1609 AC_RUN_IFELSE(
1610 [AC_LANG_SOURCE([[
99be0775 1611#include <stdio.h>
1612#include <sys/socket.h>
1613#include <netdb.h>
1614#include <errno.h>
1615#include <netinet/in.h>
1616
1617#define TEST_PORT "2222"
1618
1619int
1620main(void)
1621{
1622 int err, sock;
1623 struct addrinfo *gai_ai, *ai, hints;
1624 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1625
1626 memset(&hints, 0, sizeof(hints));
1627 hints.ai_family = PF_UNSPEC;
1628 hints.ai_socktype = SOCK_STREAM;
1629 hints.ai_flags = AI_PASSIVE;
1630
1631 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1632 if (err != 0) {
1633 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1634 exit(1);
1635 }
1636
1637 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1638 if (ai->ai_family != AF_INET6)
1639 continue;
1640
1641 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1642 sizeof(ntop), strport, sizeof(strport),
1643 NI_NUMERICHOST|NI_NUMERICSERV);
1644
1645 if (err != 0) {
1646 if (err == EAI_SYSTEM)
1647 perror("getnameinfo EAI_SYSTEM");
1648 else
1649 fprintf(stderr, "getnameinfo failed: %s\n",
1650 gai_strerror(err));
1651 exit(2);
1652 }
1653
1654 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1655 if (sock < 0)
1656 perror("socket");
1657 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1658 if (errno == EBADF)
1659 exit(3);
1660 }
1661 }
1662 exit(0);
1663}
2c06c99b 1664 ]])],
99be0775 1665 [
1666 AC_MSG_RESULT(yes)
1667 ],
1668 [
1669 AC_MSG_RESULT(no)
1670 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1671 ],
1672 [
1673 AC_MSG_RESULT(cross-compiling, assuming yes)
99be0775 1674 ]
1675 )
1676fi
1677
dec6d9fe 1678if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1679 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
996d5e62 1680 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1681 AC_RUN_IFELSE(
1682 [AC_LANG_SOURCE([[
996d5e62 1683#include <stdio.h>
1684#include <sys/socket.h>
1685#include <netdb.h>
1686#include <errno.h>
1687#include <netinet/in.h>
1688
1689#define TEST_PORT "2222"
1690
1691int
1692main(void)
1693{
1694 int err, sock;
1695 struct addrinfo *gai_ai, *ai, hints;
1696 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1697
1698 memset(&hints, 0, sizeof(hints));
1699 hints.ai_family = PF_UNSPEC;
1700 hints.ai_socktype = SOCK_STREAM;
1701 hints.ai_flags = AI_PASSIVE;
1702
1703 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1704 if (err != 0) {
1705 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1706 exit(1);
1707 }
1708
1709 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1710 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1711 continue;
1712
1713 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1714 sizeof(ntop), strport, sizeof(strport),
1715 NI_NUMERICHOST|NI_NUMERICSERV);
1716
1717 if (ai->ai_family == AF_INET && err != 0) {
1718 perror("getnameinfo");
1719 exit(2);
1720 }
1721 }
1722 exit(0);
1723}
2c06c99b 1724 ]])],
996d5e62 1725 [
1726 AC_MSG_RESULT(yes)
2c06c99b 1727 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1728 [Define if you have a getaddrinfo that fails
1729 for the all-zeros IPv6 address])
996d5e62 1730 ],
1731 [
1732 AC_MSG_RESULT(no)
1733 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1734 ],
9108f8d9 1735 [
2c06c99b 1736 AC_MSG_RESULT(cross-compiling, assuming no)
996d5e62 1737 ]
1738 )
1739fi
1740
1741if test "x$check_for_conflicting_getspnam" = "x1"; then
1742 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1743 AC_COMPILE_IFELSE(
1744 [
1745#include <shadow.h>
1746int main(void) {exit(0);}
1747 ],
1748 [
1749 AC_MSG_RESULT(no)
1750 ],
1751 [
1752 AC_MSG_RESULT(yes)
1753 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1754 [Conflicting defs for getspnam])
1755 ]
1756 )
1757fi
1758
3c0ef626 1759AC_FUNC_GETPGRP
1760
700318f3 1761# Search for OpenSSL
1762saved_CPPFLAGS="$CPPFLAGS"
1763saved_LDFLAGS="$LDFLAGS"
3c0ef626 1764AC_ARG_WITH(ssl-dir,
1765 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1766 [
1767 if test "x$withval" != "xno" ; then
996d5e62 1768 case "$withval" in
1769 # Relative paths
1770 ./*|../*) withval="`pwd`/$withval"
1771 esac
700318f3 1772 if test -d "$withval/lib"; then
1773 if test -n "${need_dash_r}"; then
1774 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1775 else
1776 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1777 fi
1778 else
700318f3 1779 if test -n "${need_dash_r}"; then
1780 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1781 else
1782 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1783 fi
1784 fi
700318f3 1785 if test -d "$withval/include"; then
1786 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1787 else
700318f3 1788 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1789 fi
1790 fi
700318f3 1791 ]
1792)
cdd66111 1793LIBS="-lcrypto $LIBS"
2c06c99b 1794AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1795 [Define if your ssl headers are included
1796 with #include <openssl/header.h>]),
3c0ef626 1797 [
700318f3 1798 dnl Check default openssl install dir
1799 if test -n "${need_dash_r}"; then
1800 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1801 else
700318f3 1802 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1803 fi
700318f3 1804 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1805 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1806 [
1807 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1808 ]
1809 )
1810 ]
1811)
1812
41b2f314 1813# Determine OpenSSL header version
1814AC_MSG_CHECKING([OpenSSL header version])
996d5e62 1815AC_RUN_IFELSE(
1816 [AC_LANG_SOURCE([[
41b2f314 1817#include <stdio.h>
1818#include <string.h>
1819#include <openssl/opensslv.h>
1820#define DATA "conftest.sslincver"
1821int main(void) {
cdd66111 1822 FILE *fd;
1823 int rc;
41b2f314 1824
cdd66111 1825 fd = fopen(DATA,"w");
1826 if(fd == NULL)
1827 exit(1);
41b2f314 1828
1829 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1830 exit(1);
1831
1832 exit(0);
1833}
996d5e62 1834 ]])],
41b2f314 1835 [
1836 ssl_header_ver=`cat conftest.sslincver`
1837 AC_MSG_RESULT($ssl_header_ver)
1838 ],
1839 [
1840 AC_MSG_RESULT(not found)
1841 AC_MSG_ERROR(OpenSSL version header not found.)
996d5e62 1842 ],
1843 [
1844 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1845 ]
1846)
1847
1848# Determine OpenSSL library version
1849AC_MSG_CHECKING([OpenSSL library version])
996d5e62 1850AC_RUN_IFELSE(
1851 [AC_LANG_SOURCE([[
41b2f314 1852#include <stdio.h>
1853#include <string.h>
1854#include <openssl/opensslv.h>
1855#include <openssl/crypto.h>
1856#define DATA "conftest.ssllibver"
1857int main(void) {
cdd66111 1858 FILE *fd;
1859 int rc;
41b2f314 1860
cdd66111 1861 fd = fopen(DATA,"w");
1862 if(fd == NULL)
1863 exit(1);
41b2f314 1864
1865 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1866 exit(1);
1867
1868 exit(0);
1869}
996d5e62 1870 ]])],
41b2f314 1871 [
1872 ssl_library_ver=`cat conftest.ssllibver`
1873 AC_MSG_RESULT($ssl_library_ver)
1874 ],
1875 [
1876 AC_MSG_RESULT(not found)
1877 AC_MSG_ERROR(OpenSSL library not found.)
996d5e62 1878 ],
1879 [
1880 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1881 ]
1882)
3c0ef626 1883
799ae497 1884AC_ARG_WITH(openssl-header-check,
1885 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1886 [ if test "x$withval" = "xno" ; then
1887 openssl_check_nonfatal=1
1888 fi
1889 ]
1890)
1891
e9a17296 1892# Sanity check OpenSSL headers
1893AC_MSG_CHECKING([whether OpenSSL's headers match the library])
996d5e62 1894AC_RUN_IFELSE(
1895 [AC_LANG_SOURCE([[
e9a17296 1896#include <string.h>
1897#include <openssl/opensslv.h>
41b2f314 1898int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
996d5e62 1899 ]])],
e9a17296 1900 [
1901 AC_MSG_RESULT(yes)
1902 ],
1903 [
1904 AC_MSG_RESULT(no)
799ae497 1905 if test "x$openssl_check_nonfatal" = "x"; then
1906 AC_MSG_ERROR([Your OpenSSL headers do not match your
1907library. Check config.log for details.
1908If you are sure your installation is consistent, you can disable the check
1909by running "./configure --without-openssl-header-check".
1910Also see contrib/findssl.sh for help identifying header/library mismatches.
1911])
1912 else
1913 AC_MSG_WARN([Your OpenSSL headers do not match your
1914library. Check config.log for details.
0fff78ff 1915Also see contrib/findssl.sh for help identifying header/library mismatches.])
799ae497 1916 fi
996d5e62 1917 ],
1918 [
1919 AC_MSG_WARN([cross compiling: not checking])
e9a17296 1920 ]
1921)
1922
9108f8d9 1923AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1924AC_LINK_IFELSE(
1925 [AC_LANG_SOURCE([[
1926#include <openssl/evp.h>
1927int main(void) { SSLeay_add_all_algorithms(); }
1928 ]])],
1929 [
1930 AC_MSG_RESULT(yes)
1931 ],
1932 [
1933 AC_MSG_RESULT(no)
1934 saved_LIBS="$LIBS"
1935 LIBS="$LIBS -ldl"
1936 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1937 AC_LINK_IFELSE(
1938 [AC_LANG_SOURCE([[
1939#include <openssl/evp.h>
1940int main(void) { SSLeay_add_all_algorithms(); }
1941 ]])],
1942 [
1943 AC_MSG_RESULT(yes)
1944 ],
1945 [
1946 AC_MSG_RESULT(no)
1947 LIBS="$saved_LIBS"
1948 ]
1949 )
1950 ]
1951)
1952
1953AC_ARG_WITH(ssl-engine,
1954 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1955 [ if test "x$withval" != "xno" ; then
1956 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1957 AC_TRY_COMPILE(
1958 [ #include <openssl/engine.h>],
1959 [
ff7ec503 1960ENGINE_load_builtin_engines();ENGINE_register_all_complete();
9108f8d9 1961 ],
1962 [ AC_MSG_RESULT(yes)
1963 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1964 [Enable OpenSSL engine support])
1965 ],
1966 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1967 )
1968 fi ]
1969)
1970
2c06c99b 1971# Check for OpenSSL without EVP_aes_{192,256}_cbc
1972AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
9108f8d9 1973AC_LINK_IFELSE(
2c06c99b 1974 [AC_LANG_SOURCE([[
1975#include <string.h>
1976#include <openssl/evp.h>
f2f068fa 1977int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
2c06c99b 1978 ]])],
1979 [
1980 AC_MSG_RESULT(no)
1981 ],
1982 [
1983 AC_MSG_RESULT(yes)
1984 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1985 [libcrypto is missing AES 192 and 256 bit functions])
1986 ]
1987)
1988
cdd66111 1989# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1990# because the system crypt() is more featureful.
1991if test "x$check_for_libcrypt_before" = "x1"; then
1992 AC_CHECK_LIB(crypt, crypt)
1993fi
1994
1995# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
1996# version in OpenSSL.
0fff78ff 1997if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 1998 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
1999fi
2000
9108f8d9 2001# Search for SHA256 support in libc and/or OpenSSL
2002AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2003
d4487008 2004saved_LIBS="$LIBS"
2005AC_CHECK_LIB(iaf, ia_openinfo, [
2006 LIBS="$LIBS -liaf"
2007 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
2008])
2009LIBS="$saved_LIBS"
e9a17296 2010
2011### Configure cryptographic random number support
2012
2013# Check wheter OpenSSL seeds itself
2014AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
996d5e62 2015AC_RUN_IFELSE(
2016 [AC_LANG_SOURCE([[
e9a17296 2017#include <string.h>
2018#include <openssl/rand.h>
41b2f314 2019int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
996d5e62 2020 ]])],
e9a17296 2021 [
2022 OPENSSL_SEEDS_ITSELF=yes
2023 AC_MSG_RESULT(yes)
2024 ],
2025 [
2026 AC_MSG_RESULT(no)
2027 # Default to use of the rand helper if OpenSSL doesn't
2028 # seed itself
2029 USE_RAND_HELPER=yes
996d5e62 2030 ],
2031 [
2032 AC_MSG_WARN([cross compiling: assuming yes])
2033 # This is safe, since all recent OpenSSL versions will
dec6d9fe 2034 # complain at runtime if not seeded correctly.
996d5e62 2035 OPENSSL_SEEDS_ITSELF=yes
e9a17296 2036 ]
2037)
2038
9108f8d9 2039# Check for PAM libs
2040PAM_MSG="no"
2041AC_ARG_WITH(pam,
2042 [ --with-pam Enable PAM support ],
2043 [
2044 if test "x$withval" != "xno" ; then
2045 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2046 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2047 AC_MSG_ERROR([PAM headers not found])
2048 fi
2049
2050 saved_LIBS="$LIBS"
2051 AC_CHECK_LIB(dl, dlopen, , )
2052 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2053 AC_CHECK_FUNCS(pam_getenvlist)
2054 AC_CHECK_FUNCS(pam_putenv)
2055 LIBS="$saved_LIBS"
2056
2057 PAM_MSG="yes"
2058
d4487008 2059 SSHDLIBS="$SSHDLIBS -lpam"
9108f8d9 2060 AC_DEFINE(USE_PAM, 1,
2061 [Define if you want to enable PAM support])
2062
2063 if test $ac_cv_lib_dl_dlopen = yes; then
2064 case "$LIBS" in
2065 *-ldl*)
2066 # libdl already in LIBS
2067 ;;
2068 *)
d4487008 2069 SSHDLIBS="$SSHDLIBS -ldl"
9108f8d9 2070 ;;
2071 esac
2072 fi
9108f8d9 2073 fi
2074 ]
2075)
2076
2077# Check for older PAM
2078if test "x$PAM_MSG" = "xyes" ; then
2079 # Check PAM strerror arguments (old PAM)
2080 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2081 AC_TRY_COMPILE(
2082 [
2083#include <stdlib.h>
2084#if defined(HAVE_SECURITY_PAM_APPL_H)
2085#include <security/pam_appl.h>
2086#elif defined (HAVE_PAM_PAM_APPL_H)
2087#include <pam/pam_appl.h>
2088#endif
2089 ],
2090 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2091 [AC_MSG_RESULT(no)],
2092 [
2093 AC_DEFINE(HAVE_OLD_PAM, 1,
2094 [Define if you have an old version of PAM
2095 which takes only one argument to pam_strerror])
2096 AC_MSG_RESULT(yes)
2097 PAM_MSG="yes (old library)"
2098 ]
2099 )
2100fi
e9a17296 2101
2102# Do we want to force the use of the rand helper?
2103AC_ARG_WITH(rand-helper,
2104 [ --with-rand-helper Use subprocess to gather strong randomness ],
2105 [
2106 if test "x$withval" = "xno" ; then
cdd66111 2107 # Force use of OpenSSL's internal RNG, even if
e9a17296 2108 # the previous test showed it to be unseeded.
2109 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2110 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2111 OPENSSL_SEEDS_ITSELF=yes
2112 USE_RAND_HELPER=""
2113 fi
2114 else
2115 USE_RAND_HELPER=yes
2116 fi
2117 ],
dec6d9fe 2118)
e9a17296 2119
2120# Which randomness source do we use?
dec6d9fe 2121if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 2122 # OpenSSL only
2c06c99b 2123 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2124 [Define if you want OpenSSL's internally seeded PRNG only])
e9a17296 2125 RAND_MSG="OpenSSL internal ONLY"
2126 INSTALL_SSH_RAND_HELPER=""
2127elif test ! -z "$USE_RAND_HELPER" ; then
2128 # install rand helper
2129 RAND_MSG="ssh-rand-helper"
2130 INSTALL_SSH_RAND_HELPER="yes"
2131fi
2132AC_SUBST(INSTALL_SSH_RAND_HELPER)
2133
2134### Configuration of ssh-rand-helper
2135
2136# PRNGD TCP socket
2137AC_ARG_WITH(prngd-port,
2138 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2139 [
2140 case "$withval" in
2141 no)
2142 withval=""
2143 ;;
2144 [[0-9]]*)
2145 ;;
2146 *)
2147 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2148 ;;
2149 esac
2150 if test ! -z "$withval" ; then
2151 PRNGD_PORT="$withval"
2c06c99b 2152 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2153 [Port number of PRNGD/EGD random number socket])
e9a17296 2154 fi
2155 ]
2156)
2157
2158# PRNGD Unix domain socket
2159AC_ARG_WITH(prngd-socket,
2160 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2161 [
2162 case "$withval" in
2163 yes)
2164 withval="/var/run/egd-pool"
2165 ;;
2166 no)
2167 withval=""
2168 ;;
2169 /*)
2170 ;;
2171 *)
2172 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2173 ;;
2174 esac
2175
2176 if test ! -z "$withval" ; then
2177 if test ! -z "$PRNGD_PORT" ; then
2178 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2179 fi
2180 if test ! -r "$withval" ; then
2181 AC_MSG_WARN(Entropy socket is not readable)
2182 fi
2183 PRNGD_SOCKET="$withval"
2c06c99b 2184 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2185 [Location of PRNGD/EGD random number socket])
e9a17296 2186 fi
2187 ],
2188 [
2189 # Check for existing socket only if we don't have a random device already
2190 if test "$USE_RAND_HELPER" = yes ; then
2191 AC_MSG_CHECKING(for PRNGD/EGD socket)
2192 # Insert other locations here
2193 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2194 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2195 PRNGD_SOCKET="$sock"
2196 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2197 break;
2198 fi
2199 done
2200 if test ! -z "$PRNGD_SOCKET" ; then
2201 AC_MSG_RESULT($PRNGD_SOCKET)
2202 else
2203 AC_MSG_RESULT(not found)
2204 fi
2205 fi
2206 ]
2207)
2208
2209# Change default command timeout for hashing entropy source
2210entropy_timeout=200
2211AC_ARG_WITH(entropy-timeout,
2212 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2213 [
dec6d9fe 2214 if test -n "$withval" && test "x$withval" != "xno" && \
2215 test "x${withval}" != "xyes"; then
e9a17296 2216 entropy_timeout=$withval
2217 fi
dec6d9fe 2218 ]
e9a17296 2219)
2c06c99b 2220AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2221 [Builtin PRNG command timeout])
e9a17296 2222
680cee3b 2223SSH_PRIVSEP_USER=sshd
700318f3 2224AC_ARG_WITH(privsep-user,
2225 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2226 [
dec6d9fe 2227 if test -n "$withval" && test "x$withval" != "xno" && \
2228 test "x${withval}" != "xyes"; then
680cee3b 2229 SSH_PRIVSEP_USER=$withval
700318f3 2230 fi
dec6d9fe 2231 ]
700318f3 2232)
2c06c99b 2233AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2234 [non-privileged user for privilege separation])
680cee3b 2235AC_SUBST(SSH_PRIVSEP_USER)
700318f3 2236
2237# We do this little dance with the search path to insure
2238# that programs that we select for use by installed programs
2239# (which may be run by the super-user) come from trusted
2240# locations before they come from the user's private area.
2241# This should help avoid accidentally configuring some
2242# random version of a program in someone's personal bin.
2243
2244OPATH=$PATH
2245PATH=/bin:/usr/bin
2246test -h /bin 2> /dev/null && PATH=/usr/bin
2247test -d /sbin && PATH=$PATH:/sbin
2248test -d /usr/sbin && PATH=$PATH:/usr/sbin
2249PATH=$PATH:/etc:$OPATH
2250
cdd66111 2251# These programs are used by the command hashing source to gather entropy
e9a17296 2252OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2253OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2254OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2255OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2256OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2257OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2258OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2259OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2260OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2261OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2262OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2263OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2264OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2265OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2266OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2267OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
700318f3 2268# restore PATH
2269PATH=$OPATH
e9a17296 2270
2271# Where does ssh-rand-helper get its randomness from?
2272INSTALL_SSH_PRNG_CMDS=""
2273if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2274 if test ! -z "$PRNGD_PORT" ; then
2275 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2276 elif test ! -z "$PRNGD_SOCKET" ; then
2277 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2278 else
2279 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2280 RAND_HELPER_CMDHASH=yes
2281 INSTALL_SSH_PRNG_CMDS="yes"
2282 fi
2283fi
2284AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2285
2286
3c0ef626 2287# Cheap hack to ensure NEWS-OS libraries are arranged right.
2288if test ! -z "$SONY" ; then
2289 LIBS="$LIBS -liberty";
2290fi
2291
2c06c99b 2292# Check for long long datatypes
2293AC_CHECK_TYPES([long long, unsigned long long, long double])
2294
2295# Check datatype sizes
3c0ef626 2296AC_CHECK_SIZEOF(char, 1)
2297AC_CHECK_SIZEOF(short int, 2)
2298AC_CHECK_SIZEOF(int, 4)
2299AC_CHECK_SIZEOF(long int, 4)
2300AC_CHECK_SIZEOF(long long int, 8)
2301
700318f3 2302# Sanity check long long for some platforms (AIX)
2303if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2304 ac_cv_sizeof_long_long_int=0
2305fi
2306
2c06c99b 2307# compute LLONG_MIN and LLONG_MAX if we don't know them.
2308if test -z "$have_llong_max"; then
2309 AC_MSG_CHECKING([for max value of long long])
2310 AC_RUN_IFELSE(
2311 [AC_LANG_SOURCE([[
2312#include <stdio.h>
2313/* Why is this so damn hard? */
2314#ifdef __GNUC__
2315# undef __GNUC__
2316#endif
2317#define __USE_ISOC99
2318#include <limits.h>
2319#define DATA "conftest.llminmax"
9108f8d9 2320#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2321
2322/*
2323 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2324 * we do this the hard way.
2325 */
2326static int
2327fprint_ll(FILE *f, long long n)
2328{
2329 unsigned int i;
2330 int l[sizeof(long long) * 8];
2331
2332 if (n < 0)
2333 if (fprintf(f, "-") < 0)
2334 return -1;
2335 for (i = 0; n != 0; i++) {
2336 l[i] = my_abs(n % 10);
2337 n /= 10;
2338 }
2339 do {
2340 if (fprintf(f, "%d", l[--i]) < 0)
2341 return -1;
2342 } while (i != 0);
2343 if (fprintf(f, " ") < 0)
2344 return -1;
2345 return 0;
2346}
2347
2c06c99b 2348int main(void) {
2349 FILE *f;
2350 long long i, llmin, llmax = 0;
2351
2352 if((f = fopen(DATA,"w")) == NULL)
2353 exit(1);
2354
2355#if defined(LLONG_MIN) && defined(LLONG_MAX)
2356 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2357 llmin = LLONG_MIN;
2358 llmax = LLONG_MAX;
2359#else
2360 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2361 /* This will work on one's complement and two's complement */
2362 for (i = 1; i > llmax; i <<= 1, i++)
2363 llmax = i;
2364 llmin = llmax + 1LL; /* wrap */
2365#endif
2366
2367 /* Sanity check */
2368 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
9108f8d9 2369 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2370 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
2c06c99b 2371 fprintf(f, "unknown unknown\n");
2372 exit(2);
2373 }
2374
9108f8d9 2375 if (fprint_ll(f, llmin) < 0)
2c06c99b 2376 exit(3);
9108f8d9 2377 if (fprint_ll(f, llmax) < 0)
2378 exit(4);
2379 if (fclose(f) < 0)
2380 exit(5);
2c06c99b 2381 exit(0);
2382}
2383 ]])],
2384 [
2385 llong_min=`$AWK '{print $1}' conftest.llminmax`
2386 llong_max=`$AWK '{print $2}' conftest.llminmax`
2387
2c06c99b 2388 AC_MSG_RESULT($llong_max)
2389 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2390 [max value of long long calculated by configure])
2391 AC_MSG_CHECKING([for min value of long long])
2392 AC_MSG_RESULT($llong_min)
2393 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2394 [min value of long long calculated by configure])
2395 ],
2396 [
2397 AC_MSG_RESULT(not found)
2398 ],
2399 [
2400 AC_MSG_WARN([cross compiling: not checking])
2401 ]
2402 )
2403fi
2404
2405
3c0ef626 2406# More checks for data types
2407AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2408 AC_TRY_COMPILE(
cdd66111 2409 [ #include <sys/types.h> ],
2410 [ u_int a; a = 1;],
3c0ef626 2411 [ ac_cv_have_u_int="yes" ],
2412 [ ac_cv_have_u_int="no" ]
2413 )
2414])
2415if test "x$ac_cv_have_u_int" = "xyes" ; then
2c06c99b 2416 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2417 have_u_int=1
2418fi
2419
2420AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2421 AC_TRY_COMPILE(
cdd66111 2422 [ #include <sys/types.h> ],
2423 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2424 [ ac_cv_have_intxx_t="yes" ],
2425 [ ac_cv_have_intxx_t="no" ]
2426 )
2427])
2428if test "x$ac_cv_have_intxx_t" = "xyes" ; then
2c06c99b 2429 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2430 have_intxx_t=1
2431fi
2432
2433if (test -z "$have_intxx_t" && \
cdd66111 2434 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2435then
2436 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2437 AC_TRY_COMPILE(
cdd66111 2438 [ #include <stdint.h> ],
2439 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2440 [
2441 AC_DEFINE(HAVE_INTXX_T)
2442 AC_MSG_RESULT(yes)
2443 ],
2444 [ AC_MSG_RESULT(no) ]
2445 )
2446fi
2447
2448AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2449 AC_TRY_COMPILE(
41b2f314 2450 [
2451#include <sys/types.h>
2452#ifdef HAVE_STDINT_H
2453# include <stdint.h>
2454#endif
2455#include <sys/socket.h>
2456#ifdef HAVE_SYS_BITYPES_H
2457# include <sys/bitypes.h>
2458#endif
cdd66111 2459 ],
2460 [ int64_t a; a = 1;],
3c0ef626 2461 [ ac_cv_have_int64_t="yes" ],
2462 [ ac_cv_have_int64_t="no" ]
2463 )
2464])
2465if test "x$ac_cv_have_int64_t" = "xyes" ; then
2c06c99b 2466 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9a17296 2467fi
2468
3c0ef626 2469AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2470 AC_TRY_COMPILE(
cdd66111 2471 [ #include <sys/types.h> ],
2472 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2473 [ ac_cv_have_u_intxx_t="yes" ],
2474 [ ac_cv_have_u_intxx_t="no" ]
2475 )
2476])
2477if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
2c06c99b 2478 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2479 have_u_intxx_t=1
2480fi
2481
2482if test -z "$have_u_intxx_t" ; then
2483 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2484 AC_TRY_COMPILE(
cdd66111 2485 [ #include <sys/socket.h> ],
2486 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2487 [
2488 AC_DEFINE(HAVE_U_INTXX_T)
2489 AC_MSG_RESULT(yes)
2490 ],
2491 [ AC_MSG_RESULT(no) ]
2492 )
2493fi
2494
2495AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2496 AC_TRY_COMPILE(
cdd66111 2497 [ #include <sys/types.h> ],
2498 [ u_int64_t a; a = 1;],
3c0ef626 2499 [ ac_cv_have_u_int64_t="yes" ],
2500 [ ac_cv_have_u_int64_t="no" ]
2501 )
2502])
2503if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2c06c99b 2504 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2505 have_u_int64_t=1
2506fi
2507
e9a17296 2508if test -z "$have_u_int64_t" ; then
2509 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2510 AC_TRY_COMPILE(
cdd66111 2511 [ #include <sys/bitypes.h> ],
e9a17296 2512 [ u_int64_t a; a = 1],
2513 [
2514 AC_DEFINE(HAVE_U_INT64_T)
2515 AC_MSG_RESULT(yes)
2516 ],
2517 [ AC_MSG_RESULT(no) ]
2518 )
2519fi
2520
3c0ef626 2521if test -z "$have_u_intxx_t" ; then
2522 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2523 AC_TRY_COMPILE(
2524 [
2525#include <sys/types.h>
cdd66111 2526 ],
2527 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2528 [ ac_cv_have_uintxx_t="yes" ],
2529 [ ac_cv_have_uintxx_t="no" ]
2530 )
2531 ])
2532 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2c06c99b 2533 AC_DEFINE(HAVE_UINTXX_T, 1,
2534 [define if you have uintxx_t data type])
3c0ef626 2535 fi
2536fi
2537
2538if test -z "$have_uintxx_t" ; then
2539 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2540 AC_TRY_COMPILE(
cdd66111 2541 [ #include <stdint.h> ],
2542 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2543 [
2544 AC_DEFINE(HAVE_UINTXX_T)
2545 AC_MSG_RESULT(yes)
2546 ],
2547 [ AC_MSG_RESULT(no) ]
2548 )
2549fi
2550
2551if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
cdd66111 2552 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2553then
2554 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2555 AC_TRY_COMPILE(
2556 [
2557#include <sys/bitypes.h>
cdd66111 2558 ],
3c0ef626 2559 [
2560 int8_t a; int16_t b; int32_t c;
2561 u_int8_t e; u_int16_t f; u_int32_t g;
2562 a = b = c = e = f = g = 1;
cdd66111 2563 ],
3c0ef626 2564 [
2565 AC_DEFINE(HAVE_U_INTXX_T)
2566 AC_DEFINE(HAVE_INTXX_T)
2567 AC_MSG_RESULT(yes)
2568 ],
2569 [AC_MSG_RESULT(no)]
cdd66111 2570 )
3c0ef626 2571fi
2572
2573
2574AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2575 AC_TRY_COMPILE(
2576 [
2577#include <sys/types.h>
2578 ],
2579 [ u_char foo; foo = 125; ],
2580 [ ac_cv_have_u_char="yes" ],
2581 [ ac_cv_have_u_char="no" ]
2582 )
2583])
2584if test "x$ac_cv_have_u_char" = "xyes" ; then
2c06c99b 2585 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2586fi
2587
2588TYPE_SOCKLEN_T
2589
e9a17296 2590AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2591
996d5e62 2592AC_CHECK_TYPES(in_addr_t,,,
2593[#include <sys/types.h>
2594#include <netinet/in.h>])
2595
3c0ef626 2596AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2597 AC_TRY_COMPILE(
2598 [
2599#include <sys/types.h>
2600 ],
2601 [ size_t foo; foo = 1235; ],
2602 [ ac_cv_have_size_t="yes" ],
2603 [ ac_cv_have_size_t="no" ]
2604 )
2605])
2606if test "x$ac_cv_have_size_t" = "xyes" ; then
2c06c99b 2607 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2608fi
2609
2610AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2611 AC_TRY_COMPILE(
2612 [
2613#include <sys/types.h>
2614 ],
2615 [ ssize_t foo; foo = 1235; ],
2616 [ ac_cv_have_ssize_t="yes" ],
2617 [ ac_cv_have_ssize_t="no" ]
2618 )
2619])
2620if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2c06c99b 2621 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2622fi
2623
2624AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2625 AC_TRY_COMPILE(
2626 [
2627#include <time.h>
2628 ],
2629 [ clock_t foo; foo = 1235; ],
2630 [ ac_cv_have_clock_t="yes" ],
2631 [ ac_cv_have_clock_t="no" ]
2632 )
2633])
2634if test "x$ac_cv_have_clock_t" = "xyes" ; then
2c06c99b 2635 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2636fi
2637
2638AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2639 AC_TRY_COMPILE(
2640 [
2641#include <sys/types.h>
2642#include <sys/socket.h>
2643 ],
2644 [ sa_family_t foo; foo = 1235; ],
2645 [ ac_cv_have_sa_family_t="yes" ],
2646 [ AC_TRY_COMPILE(
2647 [
2648#include <sys/types.h>
2649#include <sys/socket.h>
2650#include <netinet/in.h>
2651 ],
2652 [ sa_family_t foo; foo = 1235; ],
2653 [ ac_cv_have_sa_family_t="yes" ],
2654
2655 [ ac_cv_have_sa_family_t="no" ]
2656 )]
2657 )
2658])
2659if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2c06c99b 2660 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2661 [define if you have sa_family_t data type])
3c0ef626 2662fi
2663
2664AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2665 AC_TRY_COMPILE(
2666 [
2667#include <sys/types.h>
2668 ],
2669 [ pid_t foo; foo = 1235; ],
2670 [ ac_cv_have_pid_t="yes" ],
2671 [ ac_cv_have_pid_t="no" ]
2672 )
2673])
2674if test "x$ac_cv_have_pid_t" = "xyes" ; then
2c06c99b 2675 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2676fi
2677
2678AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2679 AC_TRY_COMPILE(
2680 [
2681#include <sys/types.h>
2682 ],
2683 [ mode_t foo; foo = 1235; ],
2684 [ ac_cv_have_mode_t="yes" ],
2685 [ ac_cv_have_mode_t="no" ]
2686 )
2687])
2688if test "x$ac_cv_have_mode_t" = "xyes" ; then
2c06c99b 2689 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2690fi
2691
2692
2693AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2694 AC_TRY_COMPILE(
2695 [
2696#include <sys/types.h>
2697#include <sys/socket.h>
2698 ],
2699 [ struct sockaddr_storage s; ],
2700 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2701 [ ac_cv_have_struct_sockaddr_storage="no" ]
2702 )
2703])
2704if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2c06c99b 2705 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2706 [define if you have struct sockaddr_storage data type])
3c0ef626 2707fi
2708
2709AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2710 AC_TRY_COMPILE(
2711 [
2712#include <sys/types.h>
2713#include <netinet/in.h>
2714 ],
2715 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2716 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2717 [ ac_cv_have_struct_sockaddr_in6="no" ]
2718 )
2719])
2720if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2c06c99b 2721 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2722 [define if you have struct sockaddr_in6 data type])
3c0ef626 2723fi
2724
2725AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2726 AC_TRY_COMPILE(
2727 [
2728#include <sys/types.h>
2729#include <netinet/in.h>
2730 ],
2731 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2732 [ ac_cv_have_struct_in6_addr="yes" ],
2733 [ ac_cv_have_struct_in6_addr="no" ]
2734 )
2735])
2736if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2c06c99b 2737 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2738 [define if you have struct in6_addr data type])
3c0ef626 2739fi
2740
2741AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2742 AC_TRY_COMPILE(
2743 [
2744#include <sys/types.h>
2745#include <sys/socket.h>
2746#include <netdb.h>
2747 ],
2748 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2749 [ ac_cv_have_struct_addrinfo="yes" ],
2750 [ ac_cv_have_struct_addrinfo="no" ]
2751 )
2752])
2753if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2c06c99b 2754 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2755 [define if you have struct addrinfo data type])
3c0ef626 2756fi
2757
2758AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2759 AC_TRY_COMPILE(
cdd66111 2760 [ #include <sys/time.h> ],
2761 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2762 [ ac_cv_have_struct_timeval="yes" ],
2763 [ ac_cv_have_struct_timeval="no" ]
2764 )
2765])
2766if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2c06c99b 2767 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2768 have_struct_timeval=1
2769fi
2770
6a9b3198 2771AC_CHECK_TYPES(struct timespec)
2772
2773# We need int64_t or else certian parts of the compile will fail.
dec6d9fe 2774if test "x$ac_cv_have_int64_t" = "xno" && \
2775 test "x$ac_cv_sizeof_long_int" != "x8" && \
2776 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
6a9b3198 2777 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2778 echo "an alternative compiler (I.E., GCC) before continuing."
2779 echo ""
2780 exit 1;
3c0ef626 2781else
2782dnl test snprintf (broken on SCO w/gcc)
996d5e62 2783 AC_RUN_IFELSE(
2784 [AC_LANG_SOURCE([[
3c0ef626 2785#include <stdio.h>
2786#include <string.h>
2787#ifdef HAVE_SNPRINTF
2788main()
2789{
2790 char buf[50];
2791 char expected_out[50];
2792 int mazsize = 50 ;
2793#if (SIZEOF_LONG_INT == 8)
2794 long int num = 0x7fffffffffffffff;
2795#else
2796 long long num = 0x7fffffffffffffffll;
2797#endif
2798 strcpy(expected_out, "9223372036854775807");
2799 snprintf(buf, mazsize, "%lld", num);
2800 if(strcmp(buf, expected_out) != 0)
cdd66111 2801 exit(1);
3c0ef626 2802 exit(0);
2803}
2804#else
2805main() { exit(0); }
2806#endif
996d5e62 2807 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2808 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2809 )
2810fi
3c0ef626 2811
2812dnl Checks for structure members
2813OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2814OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2815OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2816OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2817OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2818OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2819OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2820OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2821OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2822OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2823OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2824OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2825OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2826OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2827OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2828OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2829OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2830
2831AC_CHECK_MEMBERS([struct stat.st_blksize])
2c06c99b 2832AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2833 [Define if we don't have struct __res_state in resolv.h])],
2834[
2835#include <stdio.h>
2836#if HAVE_SYS_TYPES_H
2837# include <sys/types.h>
2838#endif
2839#include <netinet/in.h>
2840#include <arpa/nameser.h>
2841#include <resolv.h>
2842])
3c0ef626 2843
2844AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2845 ac_cv_have_ss_family_in_struct_ss, [
2846 AC_TRY_COMPILE(
2847 [
2848#include <sys/types.h>
2849#include <sys/socket.h>
2850 ],
2851 [ struct sockaddr_storage s; s.ss_family = 1; ],
2852 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2853 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2854 )
2855])
2856if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2857 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2858fi
2859
2860AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2861 ac_cv_have___ss_family_in_struct_ss, [
2862 AC_TRY_COMPILE(
2863 [
2864#include <sys/types.h>
2865#include <sys/socket.h>
2866 ],
2867 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2868 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2869 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2870 )
2871])
2872if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2873 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2874 [Fields in struct sockaddr_storage])
3c0ef626 2875fi
2876
2877AC_CACHE_CHECK([for pw_class field in struct passwd],
2878 ac_cv_have_pw_class_in_struct_passwd, [
2879 AC_TRY_COMPILE(
2880 [
2881#include <pwd.h>
2882 ],
2883 [ struct passwd p; p.pw_class = 0; ],
2884 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2885 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2886 )
2887])
2888if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2c06c99b 2889 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2890 [Define if your password has a pw_class field])
3c0ef626 2891fi
2892
2893AC_CACHE_CHECK([for pw_expire field in struct passwd],
2894 ac_cv_have_pw_expire_in_struct_passwd, [
2895 AC_TRY_COMPILE(
2896 [
2897#include <pwd.h>
2898 ],
2899 [ struct passwd p; p.pw_expire = 0; ],
2900 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2901 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2902 )
2903])
2904if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2c06c99b 2905 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2906 [Define if your password has a pw_expire field])
3c0ef626 2907fi
2908
2909AC_CACHE_CHECK([for pw_change field in struct passwd],
2910 ac_cv_have_pw_change_in_struct_passwd, [
2911 AC_TRY_COMPILE(
2912 [
2913#include <pwd.h>
2914 ],
2915 [ struct passwd p; p.pw_change = 0; ],
2916 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2917 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2918 )
2919])
2920if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2c06c99b 2921 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2922 [Define if your password has a pw_change field])
3c0ef626 2923fi
2924
fba3c309 2925dnl make sure we're using the real structure members and not defines
700318f3 2926AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2927 ac_cv_have_accrights_in_msghdr, [
996d5e62 2928 AC_COMPILE_IFELSE(
700318f3 2929 [
2930#include <sys/types.h>
2931#include <sys/socket.h>
2932#include <sys/uio.h>
fba3c309 2933int main() {
2934#ifdef msg_accrights
996d5e62 2935#error "msg_accrights is a macro"
fba3c309 2936exit(1);
2937#endif
2938struct msghdr m;
2939m.msg_accrights = 0;
2940exit(0);
2941}
700318f3 2942 ],
700318f3 2943 [ ac_cv_have_accrights_in_msghdr="yes" ],
2944 [ ac_cv_have_accrights_in_msghdr="no" ]
2945 )
2946])
2947if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2c06c99b 2948 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2949 [Define if your system uses access rights style
2950 file descriptor passing])
700318f3 2951fi
2952
2953AC_CACHE_CHECK([for msg_control field in struct msghdr],
2954 ac_cv_have_control_in_msghdr, [
996d5e62 2955 AC_COMPILE_IFELSE(
700318f3 2956 [
2957#include <sys/types.h>
2958#include <sys/socket.h>
2959#include <sys/uio.h>
fba3c309 2960int main() {
2961#ifdef msg_control
996d5e62 2962#error "msg_control is a macro"
fba3c309 2963exit(1);
2964#endif
2965struct msghdr m;
2966m.msg_control = 0;
2967exit(0);
2968}
700318f3 2969 ],
700318f3 2970 [ ac_cv_have_control_in_msghdr="yes" ],
2971 [ ac_cv_have_control_in_msghdr="no" ]
2972 )
2973])
2974if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2c06c99b 2975 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2976 [Define if your system uses ancillary data style
2977 file descriptor passing])
700318f3 2978fi
2979
3c0ef626 2980AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
cdd66111 2981 AC_TRY_LINK([],
2982 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 2983 [ ac_cv_libc_defines___progname="yes" ],
2984 [ ac_cv_libc_defines___progname="no" ]
2985 )
2986])
2987if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2c06c99b 2988 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 2989fi
2990
700318f3 2991AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2992 AC_TRY_LINK([
2993#include <stdio.h>
cdd66111 2994],
2995 [ printf("%s", __FUNCTION__); ],
700318f3 2996 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2997 [ ac_cv_cc_implements___FUNCTION__="no" ]
2998 )
2999])
3000if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2c06c99b 3001 AC_DEFINE(HAVE___FUNCTION__, 1,
3002 [Define if compiler implements __FUNCTION__])
700318f3 3003fi
3004
3005AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3006 AC_TRY_LINK([
3007#include <stdio.h>
cdd66111 3008],
3009 [ printf("%s", __func__); ],
700318f3 3010 [ ac_cv_cc_implements___func__="yes" ],
3011 [ ac_cv_cc_implements___func__="no" ]
3012 )
3013])
3014if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2c06c99b 3015 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3016fi
3017
3018AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3019 AC_TRY_LINK(
3020 [#include <stdarg.h>
3021 va_list x,y;],
3022 [va_copy(x,y);],
3023 [ ac_cv_have_va_copy="yes" ],
3024 [ ac_cv_have_va_copy="no" ]
3025 )
3026])
3027if test "x$ac_cv_have_va_copy" = "xyes" ; then
3028 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3029fi
3030
3031AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3032 AC_TRY_LINK(
3033 [#include <stdarg.h>
3034 va_list x,y;],
3035 [__va_copy(x,y);],
3036 [ ac_cv_have___va_copy="yes" ],
3037 [ ac_cv_have___va_copy="no" ]
3038 )
3039])
3040if test "x$ac_cv_have___va_copy" = "xyes" ; then
3041 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
700318f3 3042fi
3043
3c0ef626 3044AC_CACHE_CHECK([whether getopt has optreset support],
3045 ac_cv_have_getopt_optreset, [
3046 AC_TRY_LINK(
3047 [
3048#include <getopt.h>
3049 ],
3050 [ extern int optreset; optreset = 0; ],
3051 [ ac_cv_have_getopt_optreset="yes" ],
3052 [ ac_cv_have_getopt_optreset="no" ]
3053 )
3054])
3055if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2c06c99b 3056 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3057 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3058fi
3059
3060AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
cdd66111 3061 AC_TRY_LINK([],
3062 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3063 [ ac_cv_libc_defines_sys_errlist="yes" ],
3064 [ ac_cv_libc_defines_sys_errlist="no" ]
3065 )
3066])
3067if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2c06c99b 3068 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3069 [Define if your system defines sys_errlist[]])
3c0ef626 3070fi
3071
3072
3073AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
cdd66111 3074 AC_TRY_LINK([],
3075 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3076 [ ac_cv_libc_defines_sys_nerr="yes" ],
3077 [ ac_cv_libc_defines_sys_nerr="no" ]
3078 )
3079])
3080if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2c06c99b 3081 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3082fi
3083
cdd66111 3084SCARD_MSG="no"
700318f3 3085# Check whether user wants sectok support
3086AC_ARG_WITH(sectok,
3087 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3088 [
3089 if test "x$withval" != "xno" ; then
3090 if test "x$withval" != "xyes" ; then
3091 CPPFLAGS="$CPPFLAGS -I${withval}"
3092 LDFLAGS="$LDFLAGS -L${withval}"
3093 if test ! -z "$need_dash_r" ; then
3094 LDFLAGS="$LDFLAGS -R${withval}"
3095 fi
3096 if test ! -z "$blibpath" ; then
3097 blibpath="$blibpath:${withval}"
3098 fi
3099 fi
3100 AC_CHECK_HEADERS(sectok.h)
3101 if test "$ac_cv_header_sectok_h" != yes; then
3102 AC_MSG_ERROR(Can't find sectok.h)
3103 fi
3104 AC_CHECK_LIB(sectok, sectok_open)
3105 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3106 AC_MSG_ERROR(Can't find libsectok)
3107 fi
2c06c99b 3108 AC_DEFINE(SMARTCARD, 1,
3109 [Define if you want smartcard support])
3110 AC_DEFINE(USE_SECTOK, 1,
3111 [Define if you want smartcard support
3112 using sectok])
cdd66111 3113 SCARD_MSG="yes, using sectok"
3c0ef626 3114 fi
3115 ]
3116)
3117
700318f3 3118# Check whether user wants OpenSC support
dec6d9fe 3119OPENSC_CONFIG="no"
700318f3 3120AC_ARG_WITH(opensc,
2c06c99b 3121 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
dec6d9fe 3122 [
3123 if test "x$withval" != "xno" ; then
3124 if test "x$withval" != "xyes" ; then
3125 OPENSC_CONFIG=$withval/bin/opensc-config
3126 else
3127 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3128 fi
3129 if test "$OPENSC_CONFIG" != "no"; then
3130 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3131 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3132 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
9108f8d9 3133 LIBS="$LIBS $LIBOPENSC_LIBS"
dec6d9fe 3134 AC_DEFINE(SMARTCARD)
2c06c99b 3135 AC_DEFINE(USE_OPENSC, 1,
3136 [Define if you want smartcard support
3137 using OpenSC])
dec6d9fe 3138 SCARD_MSG="yes, using OpenSC"
3139 fi
3140 fi
3141 ]
3142)
700318f3 3143
cdd66111 3144# Check libraries needed by DNS fingerprint support
3145AC_SEARCH_LIBS(getrrsetbyname, resolv,
2c06c99b 3146 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3147 [Define if getrrsetbyname() exists])],
0fff78ff 3148 [
cdd66111 3149 # Needed by our getrrsetbyname()
3150 AC_SEARCH_LIBS(res_query, resolv)
3151 AC_SEARCH_LIBS(dn_expand, resolv)
c9f39d2c 3152 AC_MSG_CHECKING(if res_query will link)
3153 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3154 [AC_MSG_RESULT(no)
3155 saved_LIBS="$LIBS"
3156 LIBS="$LIBS -lresolv"
3157 AC_MSG_CHECKING(for res_query in -lresolv)
3158 AC_LINK_IFELSE([
3159#include <resolv.h>
3160int main()
3161{
3162 res_query (0, 0, 0, 0, 0);
3163 return 0;
3164}
3165 ],
3166 [LIBS="$LIBS -lresolv"
3167 AC_MSG_RESULT(yes)],
3168 [LIBS="$saved_LIBS"
3169 AC_MSG_RESULT(no)])
3170 ])
cdd66111 3171 AC_CHECK_FUNCS(_getshort _getlong)
665a873d 3172 AC_CHECK_DECLS([_getshort, _getlong], , ,
3173 [#include <sys/types.h>
3174 #include <arpa/nameser.h>])
cdd66111 3175 AC_CHECK_MEMBER(HEADER.ad,
2c06c99b 3176 [AC_DEFINE(HAVE_HEADER_AD, 1,
3177 [Define if HEADER.ad exists in arpa/nameser.h])],,
cdd66111 3178 [#include <arpa/nameser.h>])
3179 ])
0fff78ff 3180
d4487008 3181AC_MSG_CHECKING(if struct __res_state _res is an extern)
3182AC_LINK_IFELSE([
3183#include <stdio.h>
3184#if HAVE_SYS_TYPES_H
3185# include <sys/types.h>
3186#endif
3187#include <netinet/in.h>
3188#include <arpa/nameser.h>
3189#include <resolv.h>
3190extern struct __res_state _res;
3191int main() { return 0; }
3192 ],
3193 [AC_MSG_RESULT(yes)
3194 AC_DEFINE(HAVE__RES_EXTERN, 1,
3195 [Define if you have struct __res_state _res as an extern])
3196 ],
3197 [ AC_MSG_RESULT(no) ]
3198)
3199
9108f8d9 3200# Check whether user wants SELinux support
3201SELINUX_MSG="no"
3202LIBSELINUX=""
3203AC_ARG_WITH(selinux,
3204 [ --with-selinux Enable SELinux support],
3205 [ if test "x$withval" != "xno" ; then
d4487008 3206 save_LIBS="$LIBS"
9108f8d9 3207 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3208 SELINUX_MSG="yes"
3209 AC_CHECK_HEADER([selinux/selinux.h], ,
3210 AC_MSG_ERROR(SELinux support requires selinux.h header))
3211 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3212 AC_MSG_ERROR(SELinux support requires libselinux library))
d4487008 3213 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
9108f8d9 3214 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
ff7ec503 3215 LIBS="$save_LIBS"
9108f8d9 3216 fi ]
3217)
9108f8d9 3218
700318f3 3219# Check whether user wants Kerberos 5 support
cdd66111 3220KRB5_MSG="no"
700318f3 3221AC_ARG_WITH(kerberos5,
cdd66111 3222 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3223 [ if test "x$withval" != "xno" ; then
3224 if test "x$withval" = "xyes" ; then
3225 KRB5ROOT="/usr/local"
3226 else
3227 KRB5ROOT=${withval}
3228 fi
3229
2c06c99b 3230 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
cdd66111 3231 KRB5_MSG="yes"
3232
3233 AC_MSG_CHECKING(for krb5-config)
3234 if test -x $KRB5ROOT/bin/krb5-config ; then
3235 KRB5CONF=$KRB5ROOT/bin/krb5-config
3236 AC_MSG_RESULT($KRB5CONF)
3237
3238 AC_MSG_CHECKING(for gssapi support)
3239 if $KRB5CONF | grep gssapi >/dev/null ; then
3240 AC_MSG_RESULT(yes)
2c06c99b 3241 AC_DEFINE(GSSAPI, 1,
3242 [Define this if you want GSSAPI
3243 support in the version 2 protocol])
cdd66111 3244 k5confopts=gssapi
3245 else
3246 AC_MSG_RESULT(no)
3247 k5confopts=""
3248 fi
3249 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3250 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3251 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3252 AC_MSG_CHECKING(whether we are using Heimdal)
3253 AC_TRY_COMPILE([ #include <krb5.h> ],
3254 [ char *tmp = heimdal_version; ],
3255 [ AC_MSG_RESULT(yes)
2c06c99b 3256 AC_DEFINE(HEIMDAL, 1,
3257 [Define this if you are using the
3258 Heimdal version of Kerberos V5]) ],
cdd66111 3259 AC_MSG_RESULT(no)
3260 )
3261 else
3262 AC_MSG_RESULT(no)
700318f3 3263 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
cdd66111 3264 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3265 AC_MSG_CHECKING(whether we are using Heimdal)
3266 AC_TRY_COMPILE([ #include <krb5.h> ],
3267 [ char *tmp = heimdal_version; ],
3268 [ AC_MSG_RESULT(yes)
3269 AC_DEFINE(HEIMDAL)
c9f39d2c 3270 K5LIBS="-lkrb5 -ldes"
3271 K5LIBS="$K5LIBS -lcom_err -lasn1"
dec6d9fe 3272 AC_CHECK_LIB(roken, net_write,
c9f39d2c 3273 [K5LIBS="$K5LIBS -lroken"])
cdd66111 3274 ],
3275 [ AC_MSG_RESULT(no)
3276 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3277 ]
3278 )
0fff78ff 3279 AC_SEARCH_LIBS(dn_expand, resolv)
3280
3281 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3282 [ AC_DEFINE(GSSAPI)
3283 K5LIBS="-lgssapi $K5LIBS" ],
3284 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3285 [ AC_DEFINE(GSSAPI)
cdd66111 3286 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
0fff78ff 3287 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3288 $K5LIBS)
3289 ],
3290 $K5LIBS)
dec6d9fe 3291
0fff78ff 3292 AC_CHECK_HEADER(gssapi.h, ,
3293 [ unset ac_cv_header_gssapi_h
cdd66111 3294 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
0fff78ff 3295 AC_CHECK_HEADERS(gssapi.h, ,
3296 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
cdd66111 3297 )
0fff78ff 3298 ]
3299 )
3300
3301 oldCPP="$CPPFLAGS"
3302 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3303 AC_CHECK_HEADER(gssapi_krb5.h, ,
3304 [ CPPFLAGS="$oldCPP" ])
700318f3 3305
cdd66111 3306 fi
3307 if test ! -z "$need_dash_r" ; then
3308 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3309 fi
3310 if test ! -z "$blibpath" ; then
3311 blibpath="$blibpath:${KRB5ROOT}/lib"
3312 fi
cdd66111 3313
2c06c99b 3314 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3315 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3316 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
cdd66111 3317
2c06c99b 3318 LIBS="$LIBS $K5LIBS"
3319 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3320 [Define this if you want to use libkafs' AFS support]))
3321 fi
cdd66111 3322 ]
700318f3 3323)
3c0ef626 3324
3325# Looking for programs, paths and files
3c0ef626 3326
700318f3 3327PRIVSEP_PATH=/var/empty
3328AC_ARG_WITH(privsep-path,
41b2f314 3329 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
700318f3 3330 [
dec6d9fe 3331 if test -n "$withval" && test "x$withval" != "xno" && \
3332 test "x${withval}" != "xyes"; then
700318f3 3333 PRIVSEP_PATH=$withval
3334 fi
3335 ]
3336)
3337AC_SUBST(PRIVSEP_PATH)
3338
3c0ef626 3339AC_ARG_WITH(xauth,
3340 [ --with-xauth=PATH Specify path to xauth program ],
3341 [
dec6d9fe 3342 if test -n "$withval" && test "x$withval" != "xno" && \
3343 test "x${withval}" != "xyes"; then
3c0ef626 3344 xauth_path=$withval
3345 fi
3346 ],
3347 [
41b2f314 3348 TestPath="$PATH"
3349 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3350 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3351 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3352 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3353 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3354 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3355 xauth_path="/usr/openwin/bin/xauth"
3356 fi
3357 ]
3358)
3359
6a9b3198 3360STRIP_OPT=-s
3361AC_ARG_ENABLE(strip,
3362 [ --disable-strip Disable calling strip(1) on install],
3363 [
3364 if test "x$enableval" = "xno" ; then
3365 STRIP_OPT=
3366 fi
3367 ]
3368)
3369AC_SUBST(STRIP_OPT)
3370
3c0ef626 3371if test -z "$xauth_path" ; then
3372 XAUTH_PATH="undefined"
3373 AC_SUBST(XAUTH_PATH)
3374else
2c06c99b 3375 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3376 [Define if xauth is found in your path])
3c0ef626 3377 XAUTH_PATH=$xauth_path
3378 AC_SUBST(XAUTH_PATH)
3379fi
3c0ef626 3380
3381# Check for mail directory (last resort if we cannot get it from headers)
3382if test ! -z "$MAIL" ; then
3383 maildir=`dirname $MAIL`
2c06c99b 3384 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3385 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3386fi
3387
996d5e62 3388if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3389 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3390 disable_ptmx_check=yes
3391fi
3c0ef626 3392if test -z "$no_dev_ptmx" ; then
700318f3 3393 if test "x$disable_ptmx_check" != "xyes" ; then
cdd66111 3394 AC_CHECK_FILE("/dev/ptmx",
700318f3 3395 [
2c06c99b 3396 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3397 [Define if you have /dev/ptmx])
700318f3 3398 have_dev_ptmx=1
3399 ]
3400 )
3401 fi
3c0ef626 3402fi
996d5e62 3403
3404if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3405 AC_CHECK_FILE("/dev/ptc",
3406 [
2c06c99b 3407 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3408 [Define if you have /dev/ptc])
996d5e62 3409 have_dev_ptc=1
3410 ]
3411 )
3412else
3413 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3414fi
3c0ef626 3415
3416# Options from here on. Some of these are preset by platform above
3c0ef626 3417AC_ARG_WITH(mantype,
3418 [ --with-mantype=man|cat|doc Set man page type],
3419 [
3420 case "$withval" in
3421 man|cat|doc)
3422 MANTYPE=$withval
3423 ;;
3424 *)
3425 AC_MSG_ERROR(invalid man type: $withval)
3426 ;;
3427 esac
3428 ]
3429)
3430if test -z "$MANTYPE"; then
41b2f314 3431 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3432 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3433 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3434 MANTYPE=doc
3435 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3436 MANTYPE=man
3437 else
3438 MANTYPE=cat
3439 fi
3440fi
3441AC_SUBST(MANTYPE)
3442if test "$MANTYPE" = "doc"; then
3443 mansubdir=man;
3444else
3445 mansubdir=$MANTYPE;
3446fi
3447AC_SUBST(mansubdir)
3448
3449# Check whether to enable MD5 passwords
cdd66111 3450MD5_MSG="no"
3c0ef626 3451AC_ARG_WITH(md5-passwords,
3452 [ --with-md5-passwords Enable use of MD5 passwords],
3453 [
3454 if test "x$withval" != "xno" ; then
2c06c99b 3455 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3456 [Define if you want to allow MD5 passwords])
cdd66111 3457 MD5_MSG="yes"
3c0ef626 3458 fi
3459 ]
3460)
3461
3462# Whether to disable shadow password support
3463AC_ARG_WITH(shadow,
3464 [ --without-shadow Disable shadow password support],
3465 [
dec6d9fe 3466 if test "x$withval" = "xno" ; then
3c0ef626 3467 AC_DEFINE(DISABLE_SHADOW)
3468 disable_shadow=yes
3469 fi
3470 ]
3471)
3472
3473if test -z "$disable_shadow" ; then
3474 AC_MSG_CHECKING([if the systems has expire shadow information])
3475 AC_TRY_COMPILE(
3476 [
3477#include <sys/types.h>
3478#include <shadow.h>
3479 struct spwd sp;
3480 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3481 [ sp_expire_available=yes ], []
3482 )
3483
3484 if test "x$sp_expire_available" = "xyes" ; then
3485 AC_MSG_RESULT(yes)
2c06c99b 3486 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3487 [Define if you want to use shadow password expire field])
3c0ef626 3488 else
3489 AC_MSG_RESULT(no)
3490 fi
3491fi
3492
3493# Use ip address instead of hostname in $DISPLAY
3494if test ! -z "$IPADDR_IN_DISPLAY" ; then
3495 DISPLAY_HACK_MSG="yes"
2c06c99b 3496 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3497 [Define if you need to use IP address
3498 instead of hostname in $DISPLAY])
3c0ef626 3499else
cdd66111 3500 DISPLAY_HACK_MSG="no"
3c0ef626 3501 AC_ARG_WITH(ipaddr-display,
3502 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3503 [
dec6d9fe 3504 if test "x$withval" != "xno" ; then
3c0ef626 3505 AC_DEFINE(IPADDR_IN_DISPLAY)
cdd66111 3506 DISPLAY_HACK_MSG="yes"
3c0ef626 3507 fi
3508 ]
3509 )
3510fi
3511
0fff78ff 3512# check for /etc/default/login and use it if present.
acc3d05e 3513AC_ARG_ENABLE(etc-default-login,
996d5e62 3514 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3515 [ if test "x$enableval" = "xno"; then
3516 AC_MSG_NOTICE([/etc/default/login handling disabled])
3517 etc_default_login=no
3518 else
3519 etc_default_login=yes
3520 fi ],
2c06c99b 3521 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3522 then
3523 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3524 etc_default_login=no
3525 else
3526 etc_default_login=yes
3527 fi ]
996d5e62 3528)
0fff78ff 3529
996d5e62 3530if test "x$etc_default_login" != "xno"; then
3531 AC_CHECK_FILE("/etc/default/login",
3532 [ external_path_file=/etc/default/login ])
2c06c99b 3533 if test "x$external_path_file" = "x/etc/default/login"; then
3534 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3535 [Define if your system has /etc/default/login])
996d5e62 3536 fi
0fff78ff 3537fi
3538
700318f3 3539dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
dec6d9fe 3540if test $ac_cv_func_login_getcapbool = "yes" && \
3541 test $ac_cv_header_login_cap_h = "yes" ; then
0fff78ff 3542 external_path_file=/etc/login.conf
700318f3 3543fi
0fff78ff 3544
3c0ef626 3545# Whether to mess with the default path
cdd66111 3546SERVER_PATH_MSG="(default)"
3c0ef626 3547AC_ARG_WITH(default-path,
700318f3 3548 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3549 [
0fff78ff 3550 if test "x$external_path_file" = "x/etc/login.conf" ; then
700318f3 3551 AC_MSG_WARN([
3552--with-default-path=PATH has no effect on this system.
3553Edit /etc/login.conf instead.])
dec6d9fe 3554 elif test "x$withval" != "xno" ; then
0fff78ff 3555 if test ! -z "$external_path_file" ; then
3556 AC_MSG_WARN([
3557--with-default-path=PATH will only be used if PATH is not defined in
3558$external_path_file .])
3559 fi
3c0ef626 3560 user_path="$withval"
cdd66111 3561 SERVER_PATH_MSG="$withval"
3c0ef626 3562 fi
3563 ],
0fff78ff 3564 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3565 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
700318f3 3566 else
0fff78ff 3567 if test ! -z "$external_path_file" ; then
3568 AC_MSG_WARN([
3569If PATH is defined in $external_path_file, ensure the path to scp is included,
3570otherwise scp will not work.])
3571 fi
2c06c99b 3572 AC_RUN_IFELSE(
3573 [AC_LANG_SOURCE([[
3c0ef626 3574/* find out what STDPATH is */
3575#include <stdio.h>
3576#ifdef HAVE_PATHS_H
3577# include <paths.h>
3578#endif
3579#ifndef _PATH_STDPATH
6a9b3198 3580# ifdef _PATH_USERPATH /* Irix */
3581# define _PATH_STDPATH _PATH_USERPATH
3582# else
3583# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3584# endif
3c0ef626 3585#endif
3586#include <sys/types.h>
3587#include <sys/stat.h>
3588#include <fcntl.h>
3589#define DATA "conftest.stdpath"
3590
3591main()
3592{
3593 FILE *fd;
3594 int rc;
dec6d9fe 3595
3c0ef626 3596 fd = fopen(DATA,"w");
3597 if(fd == NULL)
3598 exit(1);
dec6d9fe 3599
3c0ef626 3600 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3601 exit(1);
3602
3603 exit(0);
3604}
2c06c99b 3605 ]])],
3606 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3607 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3608 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3609 )
3610# make sure $bindir is in USER_PATH so scp will work
3611 t_bindir=`eval echo ${bindir}`
3612 case $t_bindir in
3613 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3614 esac
3615 case $t_bindir in
3616 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3617 esac
3618 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3619 if test $? -ne 0 ; then
3620 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3621 if test $? -ne 0 ; then
3622 user_path=$user_path:$t_bindir
3623 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3624 fi
3625 fi
700318f3 3626 fi ]
3627)
0fff78ff 3628if test "x$external_path_file" != "x/etc/login.conf" ; then
2c06c99b 3629 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
700318f3 3630 AC_SUBST(user_path)
3631fi
3632
3633# Set superuser path separately to user path
700318f3 3634AC_ARG_WITH(superuser-path,
3635 [ --with-superuser-path= Specify different path for super-user],
3636 [
dec6d9fe 3637 if test -n "$withval" && test "x$withval" != "xno" && \
3638 test "x${withval}" != "xyes"; then
2c06c99b 3639 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3640 [Define if you want a different $PATH
3641 for the superuser])
700318f3 3642 superuser_path=$withval
3643 fi
3c0ef626 3644 ]
3645)
700318f3 3646
3c0ef626 3647
3c0ef626 3648AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
cdd66111 3649IPV4_IN6_HACK_MSG="no"
3c0ef626 3650AC_ARG_WITH(4in6,
3651 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3652 [
3653 if test "x$withval" != "xno" ; then
3654 AC_MSG_RESULT(yes)
2c06c99b 3655 AC_DEFINE(IPV4_IN_IPV6, 1,
3656 [Detect IPv4 in IPv6 mapped addresses
3657 and treat as IPv4])
cdd66111 3658 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3659 else
3660 AC_MSG_RESULT(no)
3661 fi
3662 ],[
3663 if test "x$inet6_default_4in6" = "xyes"; then
3664 AC_MSG_RESULT([yes (default)])
3665 AC_DEFINE(IPV4_IN_IPV6)
cdd66111 3666 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3667 else
3668 AC_MSG_RESULT([no (default)])
3669 fi
3670 ]
3671)
3672
3673# Whether to enable BSD auth support
e9a17296 3674BSD_AUTH_MSG=no
3c0ef626 3675AC_ARG_WITH(bsd-auth,
3676 [ --with-bsd-auth Enable BSD auth support],
3677 [
dec6d9fe 3678 if test "x$withval" != "xno" ; then
2c06c99b 3679 AC_DEFINE(BSD_AUTH, 1,
3680 [Define if you have BSD auth support])
e9a17296 3681 BSD_AUTH_MSG=yes
3c0ef626 3682 fi
3683 ]
3684)
3685
3c0ef626 3686# Where to place sshd.pid
3687piddir=/var/run
700318f3 3688# make sure the directory exists
dec6d9fe 3689if test ! -d $piddir ; then
700318f3 3690 piddir=`eval echo ${sysconfdir}`
3691 case $piddir in
cdd66111 3692 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
700318f3 3693 esac
3694fi
3695
3c0ef626 3696AC_ARG_WITH(pid-dir,
3697 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3698 [
dec6d9fe 3699 if test -n "$withval" && test "x$withval" != "xno" && \
3700 test "x${withval}" != "xyes"; then
3c0ef626 3701 piddir=$withval
dec6d9fe 3702 if test ! -d $piddir ; then
700318f3 3703 AC_MSG_WARN([** no $piddir directory on this system **])
3704 fi
3c0ef626 3705 fi
3706 ]
3707)
3708
2c06c99b 3709AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3710AC_SUBST(piddir)
3711
3712dnl allow user to disable some login recording features
3713AC_ARG_ENABLE(lastlog,
3714 [ --disable-lastlog disable use of lastlog even if detected [no]],
0fff78ff 3715 [
3716 if test "x$enableval" = "xno" ; then
3717 AC_DEFINE(DISABLE_LASTLOG)
3718 fi
3719 ]
3c0ef626 3720)
3721AC_ARG_ENABLE(utmp,
3722 [ --disable-utmp disable use of utmp even if detected [no]],
0fff78ff 3723 [
3724 if test "x$enableval" = "xno" ; then
3725 AC_DEFINE(DISABLE_UTMP)
3726 fi
3727 ]
3c0ef626 3728)
3729AC_ARG_ENABLE(utmpx,
3730 [ --disable-utmpx disable use of utmpx even if detected [no]],
0fff78ff 3731 [
3732 if test "x$enableval" = "xno" ; then
2c06c99b 3733 AC_DEFINE(DISABLE_UTMPX, 1,
3734 [Define if you don't want to use utmpx])
0fff78ff 3735 fi
3736 ]
3c0ef626 3737)
3738AC_ARG_ENABLE(wtmp,
3739 [ --disable-wtmp disable use of wtmp even if detected [no]],
0fff78ff 3740 [
3741 if test "x$enableval" = "xno" ; then
3742 AC_DEFINE(DISABLE_WTMP)
3743 fi
3744 ]
3c0ef626 3745)
3746AC_ARG_ENABLE(wtmpx,
3747 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
0fff78ff 3748 [
3749 if test "x$enableval" = "xno" ; then
2c06c99b 3750 AC_DEFINE(DISABLE_WTMPX, 1,
3751 [Define if you don't want to use wtmpx])
0fff78ff 3752 fi
3753 ]
3c0ef626 3754)
3755AC_ARG_ENABLE(libutil,
3756 [ --disable-libutil disable use of libutil (login() etc.) [no]],
0fff78ff 3757 [
3758 if test "x$enableval" = "xno" ; then
3759 AC_DEFINE(DISABLE_LOGIN)
3760 fi
3761 ]
3c0ef626 3762)
3763AC_ARG_ENABLE(pututline,
3764 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
0fff78ff 3765 [
3766 if test "x$enableval" = "xno" ; then
2c06c99b 3767 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3768 [Define if you don't want to use pututline()
3769 etc. to write [uw]tmp])
0fff78ff 3770 fi
3771 ]
3c0ef626 3772)
3773AC_ARG_ENABLE(pututxline,
3774 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
0fff78ff 3775 [
3776 if test "x$enableval" = "xno" ; then
2c06c99b 3777 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3778 [Define if you don't want to use pututxline()
3779 etc. to write [uw]tmpx])
0fff78ff 3780 fi
3781 ]
3c0ef626 3782)
3783AC_ARG_WITH(lastlog,
3784 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3785 [
dec6d9fe 3786 if test "x$withval" = "xno" ; then
3c0ef626 3787 AC_DEFINE(DISABLE_LASTLOG)
dec6d9fe 3788 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3789 conf_lastlog_location=$withval
3790 fi
3791 ]
3792)
3793
3794dnl lastlog, [uw]tmpx? detection
3795dnl NOTE: set the paths in the platform section to avoid the
3796dnl need for command-line parameters
3797dnl lastlog and [uw]tmp are subject to a file search if all else fails
3798
3799dnl lastlog detection
3800dnl NOTE: the code itself will detect if lastlog is a directory
3801AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3802AC_TRY_COMPILE([
3803#include <sys/types.h>
3804#include <utmp.h>
3805#ifdef HAVE_LASTLOG_H
3806# include <lastlog.h>
3807#endif
3808#ifdef HAVE_PATHS_H
3809# include <paths.h>
3810#endif
3811#ifdef HAVE_LOGIN_H
3812# include <login.h>
3813#endif
3814 ],
3815 [ char *lastlog = LASTLOG_FILE; ],
3816 [ AC_MSG_RESULT(yes) ],
3817 [
3818 AC_MSG_RESULT(no)
3819 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3820 AC_TRY_COMPILE([
3821#include <sys/types.h>
3822#include <utmp.h>
3823#ifdef HAVE_LASTLOG_H
3824# include <lastlog.h>
3825#endif
3826#ifdef HAVE_PATHS_H
3827# include <paths.h>
3828#endif
3829 ],
3830 [ char *lastlog = _PATH_LASTLOG; ],
3831 [ AC_MSG_RESULT(yes) ],
3832 [
3833 AC_MSG_RESULT(no)
3834 system_lastlog_path=no
3835 ])
3836 ]
3837)
3838
3839if test -z "$conf_lastlog_location"; then
3840 if test x"$system_lastlog_path" = x"no" ; then
3841 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3842 if (test -d "$f" || test -f "$f") ; then
3843 conf_lastlog_location=$f
3844 fi
3845 done
3846 if test -z "$conf_lastlog_location"; then
3847 AC_MSG_WARN([** Cannot find lastlog **])
3848 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3849 fi
3850 fi
3851fi
3852
3853if test -n "$conf_lastlog_location"; then
2c06c99b 3854 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3855 [Define if you want to specify the path to your lastlog file])
dec6d9fe 3856fi
3c0ef626 3857
3858dnl utmp detection
3859AC_MSG_CHECKING([if your system defines UTMP_FILE])
3860AC_TRY_COMPILE([
3861#include <sys/types.h>
3862#include <utmp.h>
3863#ifdef HAVE_PATHS_H
3864# include <paths.h>
3865#endif
3866 ],
3867 [ char *utmp = UTMP_FILE; ],
3868 [ AC_MSG_RESULT(yes) ],
3869 [ AC_MSG_RESULT(no)
3870 system_utmp_path=no ]
3871)
3872if test -z "$conf_utmp_location"; then
3873 if test x"$system_utmp_path" = x"no" ; then
3874 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3875 if test -f $f ; then
3876 conf_utmp_location=$f
3877 fi
3878 done
3879 if test -z "$conf_utmp_location"; then
3880 AC_DEFINE(DISABLE_UTMP)
3881 fi
3882 fi
3883fi
3884if test -n "$conf_utmp_location"; then
2c06c99b 3885 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3886 [Define if you want to specify the path to your utmp file])
dec6d9fe 3887fi
3c0ef626 3888
3889dnl wtmp detection
3890AC_MSG_CHECKING([if your system defines WTMP_FILE])
3891AC_TRY_COMPILE([
3892#include <sys/types.h>
3893#include <utmp.h>
3894#ifdef HAVE_PATHS_H
3895# include <paths.h>
3896#endif
3897 ],
3898 [ char *wtmp = WTMP_FILE; ],
3899 [ AC_MSG_RESULT(yes) ],
3900 [ AC_MSG_RESULT(no)
3901 system_wtmp_path=no ]
3902)
3903if test -z "$conf_wtmp_location"; then
3904 if test x"$system_wtmp_path" = x"no" ; then
3905 for f in /usr/adm/wtmp /var/log/wtmp; do
3906 if test -f $f ; then
3907 conf_wtmp_location=$f
3908 fi
3909 done
3910 if test -z "$conf_wtmp_location"; then
3911 AC_DEFINE(DISABLE_WTMP)
3912 fi
3913 fi
3914fi
3915if test -n "$conf_wtmp_location"; then
2c06c99b 3916 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3917 [Define if you want to specify the path to your wtmp file])
dec6d9fe 3918fi
3c0ef626 3919
3920
3921dnl utmpx detection - I don't know any system so perverse as to require
3922dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3923dnl there, though.
3924AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3925AC_TRY_COMPILE([
3926#include <sys/types.h>
3927#include <utmp.h>
3928#ifdef HAVE_UTMPX_H
3929#include <utmpx.h>
3930#endif
3931#ifdef HAVE_PATHS_H
3932# include <paths.h>
3933#endif
3934 ],
3935 [ char *utmpx = UTMPX_FILE; ],
3936 [ AC_MSG_RESULT(yes) ],
3937 [ AC_MSG_RESULT(no)
3938 system_utmpx_path=no ]
3939)
3940if test -z "$conf_utmpx_location"; then
3941 if test x"$system_utmpx_path" = x"no" ; then
3942 AC_DEFINE(DISABLE_UTMPX)
3943 fi
3944else
2c06c99b 3945 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3946 [Define if you want to specify the path to your utmpx file])
dec6d9fe 3947fi
3c0ef626 3948
3949dnl wtmpx detection
3950AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3951AC_TRY_COMPILE([
3952#include <sys/types.h>
3953#include <utmp.h>
3954#ifdef HAVE_UTMPX_H
3955#include <utmpx.h>
3956#endif
3957#ifdef HAVE_PATHS_H
3958# include <paths.h>
3959#endif
3960 ],
3961 [ char *wtmpx = WTMPX_FILE; ],
3962 [ AC_MSG_RESULT(yes) ],
3963 [ AC_MSG_RESULT(no)
3964 system_wtmpx_path=no ]
3965)
3966if test -z "$conf_wtmpx_location"; then
3967 if test x"$system_wtmpx_path" = x"no" ; then
3968 AC_DEFINE(DISABLE_WTMPX)
3969 fi
3970else
2c06c99b 3971 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3972 [Define if you want to specify the path to your wtmpx file])
dec6d9fe 3973fi
3c0ef626 3974
3975
3c0ef626 3976if test ! -z "$blibpath" ; then
7e772e1f 3977 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3978 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 3979fi
3980
665a873d 3981dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3982dnl Add now.
3983CFLAGS="$CFLAGS $werror_flags"
3984
e9a17296 3985AC_EXEEXT
9108f8d9 3986AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
3987 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
996d5e62 3988 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 3989AC_OUTPUT
3990
3991# Print summary of options
3992
3c0ef626 3993# Someone please show me a better way :)
3994A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3995B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3996C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3997D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
3998E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
3999F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4000G=`eval echo ${piddir}` ; G=`eval echo ${G}`
700318f3 4001H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4002I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4003J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4004
4005echo ""
4006echo "OpenSSH has been configured with the following options:"
700318f3 4007echo " User binaries: $B"
4008echo " System binaries: $C"
4009echo " Configuration files: $D"
4010echo " Askpass program: $E"
4011echo " Manual pages: $F"
4012echo " PID file: $G"
4013echo " Privilege separation chroot path: $H"
0fff78ff 4014if test "x$external_path_file" = "x/etc/login.conf" ; then
4015echo " At runtime, sshd will use the path defined in $external_path_file"
4016echo " Make sure the path to scp is present, otherwise scp will not work"
700318f3 4017else
4018echo " sshd default user PATH: $I"
0fff78ff 4019 if test ! -z "$external_path_file"; then
4020echo " (If PATH is set in $external_path_file it will be used instead. If"
4021echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4022 fi
700318f3 4023fi
4024if test ! -z "$superuser_path" ; then
4025echo " sshd superuser user PATH: $J"
4026fi
4027echo " Manpage format: $MANTYPE"
0fff78ff 4028echo " PAM support: $PAM_MSG"
9108f8d9 4029echo " OSF SIA support: $SIA_MSG"
700318f3 4030echo " KerberosV support: $KRB5_MSG"
9108f8d9 4031echo " SELinux support: $SELINUX_MSG"
700318f3 4032echo " Smartcard support: $SCARD_MSG"
700318f3 4033echo " S/KEY support: $SKEY_MSG"
4034echo " TCP Wrappers support: $TCPW_MSG"
4035echo " MD5 password support: $MD5_MSG"
996d5e62 4036echo " libedit support: $LIBEDIT_MSG"
9108f8d9 4037echo " Solaris process contract support: $SPC_MSG"
700318f3 4038echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
700318f3 4039echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4040echo " BSD Auth support: $BSD_AUTH_MSG"
4041echo " Random number source: $RAND_MSG"
e9a17296 4042if test ! -z "$USE_RAND_HELPER" ; then
700318f3 4043echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4044fi
4045
4046echo ""
4047
4048echo " Host: ${host}"
4049echo " Compiler: ${CC}"
4050echo " Compiler flags: ${CFLAGS}"
4051echo "Preprocessor flags: ${CPPFLAGS}"
4052echo " Linker flags: ${LDFLAGS}"
d4487008 4053echo " Libraries: ${LIBS}"
4054if test ! -z "${SSHDLIBS}"; then
4055echo " +for sshd: ${SSHDLIBS}"
4056fi
3c0ef626 4057
4058echo ""
4059
c9f39d2c 4060if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
996d5e62 4061 echo "SVR4 style packages are supported with \"make package\""
4062 echo ""
c9f39d2c 4063fi
4064
3c0ef626 4065if test "x$PAM_MSG" = "xyes" ; then
e9a17296 4066 echo "PAM is enabled. You may need to install a PAM control file "
4067 echo "for sshd, otherwise password authentication may fail. "
cdd66111 4068 echo "Example PAM control files can be found in the contrib/ "
e9a17296 4069 echo "subdirectory"
3c0ef626 4070 echo ""
4071fi
4072
e9a17296 4073if test ! -z "$RAND_HELPER_CMDHASH" ; then
4074 echo "WARNING: you are using the builtin random number collection "
4075 echo "service. Please read WARNING.RNG and request that your OS "
4076 echo "vendor includes kernel-based random number collection in "
4077 echo "future versions of your OS."
3c0ef626 4078 echo ""
4079fi
4080
c9f39d2c 4081if test ! -z "$NO_PEERCHECK" ; then
d4487008 4082 echo "WARNING: the operating system that you are using does not"
4083 echo "appear to support getpeereid(), getpeerucred() or the"
4084 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4085 echo "enforce security checks to prevent unauthorised connections to"
4086 echo "ssh-agent. Their absence increases the risk that a malicious"
4087 echo "user can connect to your agent."
c9f39d2c 4088 echo ""
4089fi
4090
996d5e62 4091if test "$AUDIT_MODULE" = "bsm" ; then
4092 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4093 echo "See the Solaris section in README.platform for details."
4094fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.754021 seconds and 5 git commands to generate.