]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
send "failed to set username from gssapi context" error back to client
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
4b6dae8f 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
7cac2b65 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
4b6dae8f 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
7e82606e 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 43AC_PATH_PROG(SH, sh)
7e82606e 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
540d72c3 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
540d72c3 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
8b32eddc 88
3c0ef626 89AC_C_INLINE
2ce0bfe4 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
540d72c3 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
08822d99 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
2ce0bfe4 103 esac
104
105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
116fi
117
540d72c3 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
8b32eddc 121 if test "x$withval" = "xno" ; then
540d72c3 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
3c0ef626 130# Check for some target-specific stuff
131case "$host" in
132*-*-aix*)
540d72c3 133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 134 if (test -z "$blibpath"); then
540d72c3 135 blibpath="/usr/lib:/lib"
3c0ef626 136 fi
256cb466 137 saved_LDFLAGS="$LDFLAGS"
138 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
139 if (test -z "$blibflags"); then
140 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
141 AC_TRY_LINK([], [], [blibflags=$tryflags])
142 fi
143 done
144 if (test -z "$blibflags"); then
145 AC_MSG_RESULT(not found)
146 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
147 else
148 AC_MSG_RESULT($blibflags)
149 fi
150 LDFLAGS="$saved_LDFLAGS"
7cac2b65 151 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 152 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
153 [Define if you want to enable AIX4's authenticate function])],
d03f4262 154 [AC_CHECK_LIB(s,authenticate,
155 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
156 LIBS="$LIBS -ls"
157 ])
158 ])
dfddba3d 159 dnl Check for various auth function declarations in headers.
160 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 161 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 162 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 163 AC_CHECK_DECLS(loginfailed,
7cac2b65 164 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
165 AC_TRY_COMPILE(
166 [#include <usersec.h>],
167 [(void)loginfailed("user","host","tty",0);],
168 [AC_MSG_RESULT(yes)
08822d99 169 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
170 [Define if your AIX loginfailed() function
171 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 172 [AC_MSG_RESULT(no)]
173 )],
174 [],
175 [#include <usersec.h>]
176 )
177 AC_CHECK_FUNCS(setauthdb)
dfddba3d 178 check_for_aix_broken_getaddrinfo=1
08822d99 179 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
180 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
181 [Define if your platform breaks doing a seteuid before a setuid])
182 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
183 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 184 dnl AIX handles lastlog as part of its login message
08822d99 185 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
186 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
187 [Some systems need a utmpx entry for /bin/login to work])
188 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
189 [Define to a Set Process Title type if your system is
190 supported by bsd-setproctitle.c])
191 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
192 [AIX 5.2 and 5.3 (and presumably newer) require this])
3c0ef626 193 ;;
194*-*-cygwin*)
bfe49944 195 check_for_libcrypt_later=1
e9702f7d 196 LIBS="$LIBS /usr/lib/textmode.o"
08822d99 197 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
198 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
199 AC_DEFINE(DISABLE_SHADOW, 1,
200 [Define if you want to disable shadow passwords])
201 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
202 [Define if your system choked on IP TOS setting])
203 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
204 [Define if X11 doesn't support AF_UNIX sockets on that system])
205 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
206 [Define if the concept of ports only accessible to
207 superusers isn't known])
208 AC_DEFINE(DISABLE_FD_PASSING, 1,
209 [Define if your platform needs to skip post auth
210 file descriptor passing])
3c0ef626 211 ;;
212*-*-dgux*)
213 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 214 AC_DEFINE(SETEUID_BREAKS_SETUID)
215 AC_DEFINE(BROKEN_SETREUID)
216 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 217 ;;
218*-*-darwin*)
08822d99 219 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
29d88157 220 AC_DEFINE(SETEUID_BREAKS_SETUID)
221 AC_DEFINE(BROKEN_SETREUID)
222 AC_DEFINE(BROKEN_SETREGID)
08822d99 223 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
224 [Define if your resolver libs need this for getrrsetbyname])
c06c9ae8 225 AC_MSG_CHECKING(if we have the Security Authorization Session API)
226 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
227 [SessionCreate(0, 0);],
228 [ac_cv_use_security_session_api="yes"
229 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
230 [platform has the Security Authorization Session API])
231 LIBS="$LIBS -framework Security"
232 AC_MSG_RESULT(yes)],
233 [ac_cv_use_security_session_api="no"
234 AC_MSG_RESULT(no)])
235 AC_MSG_CHECKING(if we have an in-memory credentials cache)
236 AC_TRY_COMPILE(
237 [#include <Kerberos/Kerberos.h>],
238 [cc_context_t c;
239 (void) cc_initialize (&c, 0, NULL, NULL);],
240 [AC_DEFINE(USE_CCAPI, 1,
08822d99 241 [platform uses an in-memory credentials cache])
c06c9ae8 242 LIBS="$LIBS -framework Security"
243 AC_MSG_RESULT(yes)
244 if test "x$ac_cv_use_security_session_api" = "xno"; then
245 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
246 fi],
247 [AC_MSG_RESULT(no)]
248 )
3c0ef626 249 ;;
2ce0bfe4 250*-*-hpux*)
251 # first we define all of the options common to all HP-UX releases
3c0ef626 252 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
253 IPADDR_IN_DISPLAY=yes
3c0ef626 254 AC_DEFINE(USE_PIPES)
08822d99 255 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
256 [Define if your login program cannot handle end of options ("--")])
350391c5 257 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 258 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
259 [String used in /etc/passwd to denote locked account])
7cac2b65 260 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 261 MAIL="/var/mail/username"
d03f4262 262 LIBS="$LIBS -lsec"
2ce0bfe4 263 AC_CHECK_LIB(xnet, t_error, ,
264 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
265
266 # next, we define all of the options specific to major releases
267 case "$host" in
268 *-*-hpux10*)
269 if test -z "$GCC"; then
270 CFLAGS="$CFLAGS -Ae"
271 fi
272 ;;
273 *-*-hpux11*)
08822d99 274 AC_DEFINE(PAM_SUN_CODEBASE, 1,
275 [Define if you are using Solaris-derived PAM which
276 passes pam_messages to the conversation function
277 with an extra level of indirection])
278 AC_DEFINE(DISABLE_UTMP, 1,
279 [Define if you don't want to use utmp])
2ce0bfe4 280 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
281 check_for_hpux_broken_getaddrinfo=1
282 check_for_conflicting_getspnam=1
283 ;;
284 esac
285
286 # lastly, we define options specific to minor releases
287 case "$host" in
288 *-*-hpux10.26)
08822d99 289 AC_DEFINE(HAVE_SECUREWARE, 1,
290 [Define if you have SecureWare-based
291 protected password database])
2ce0bfe4 292 disable_ptmx_check=yes
293 LIBS="$LIBS -lsecpw"
294 ;;
295 esac
3c0ef626 296 ;;
297*-*-irix5*)
3c0ef626 298 PATH="$PATH:/usr/etc"
08822d99 299 AC_DEFINE(BROKEN_INET_NTOA, 1,
300 [Define if you system's inet_ntoa is busted
301 (e.g. Irix gcc issue)])
540d72c3 302 AC_DEFINE(SETEUID_BREAKS_SETUID)
303 AC_DEFINE(BROKEN_SETREUID)
304 AC_DEFINE(BROKEN_SETREGID)
08822d99 305 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
306 [Define if you shouldn't strip 'tty' from your
307 ttyname in [uw]tmp])
7cac2b65 308 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 309 ;;
310*-*-irix6*)
3c0ef626 311 PATH="$PATH:/usr/etc"
08822d99 312 AC_DEFINE(WITH_IRIX_ARRAY, 1,
313 [Define if you have/want arrays
314 (cluster-wide session managment, not C arrays)])
315 AC_DEFINE(WITH_IRIX_PROJECT, 1,
316 [Define if you want IRIX project management])
317 AC_DEFINE(WITH_IRIX_AUDIT, 1,
318 [Define if you want IRIX audit trails])
319 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
320 [Define if you want IRIX kernel jobs])])
3c0ef626 321 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 322 AC_DEFINE(SETEUID_BREAKS_SETUID)
323 AC_DEFINE(BROKEN_SETREUID)
324 AC_DEFINE(BROKEN_SETREGID)
08822d99 325 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 326 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 327 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 328 ;;
329*-*-linux*)
330 no_dev_ptmx=1
331 check_for_libcrypt_later=1
7cac2b65 332 check_for_openpty_ctty_bug=1
08822d99 333 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
334 AC_DEFINE(PAM_TTY_KLUDGE, 1,
335 [Work around problematic Linux PAM modules handling of PAM_TTY])
336 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
337 [String used in /etc/passwd to denote locked account])
7cac2b65 338 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 339 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
340 [Define to whatever link() returns for "not supported"
341 if it doesn't return EOPNOTSUPP.])
dfddba3d 342 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 343 AC_DEFINE(USE_BTMP)
3c0ef626 344 inet6_default_4in6=yes
7cac2b65 345 case `uname -r` in
346 1.*|2.0.*)
08822d99 347 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
348 [Define if cmsg_type is not passed correctly])
7cac2b65 349 ;;
350 esac
08822d99 351 # tun(4) forwarding compat code
352 AC_CHECK_HEADERS(linux/if_tun.h)
353 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
354 AC_DEFINE(SSH_TUN_LINUX, 1,
355 [Open tunnel devices the Linux tun/tap way])
356 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
357 [Use tunnel device compatibility to OpenBSD])
358 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
359 [Prepend the address family to IP tunnel traffic])
360 fi
3c0ef626 361 ;;
362mips-sony-bsd|mips-sony-newsos4)
4b6dae8f 363 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 364 SONY=1
3c0ef626 365 ;;
366*-*-netbsd*)
d03f4262 367 check_for_libcrypt_before=1
8b32eddc 368 if test "x$withval" != "xno" ; then
540d72c3 369 need_dash_r=1
370 fi
08822d99 371 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
372 AC_CHECK_HEADER([net/if_tap.h], ,
373 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
374 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
375 [Prepend the address family to IP tunnel traffic])
3c0ef626 376 ;;
377*-*-freebsd*)
378 check_for_libcrypt_later=1
08822d99 379 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
380 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
381 AC_CHECK_HEADER([net/if_tap.h], ,
382 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 383 ;;
29d88157 384*-*-bsdi*)
385 AC_DEFINE(SETEUID_BREAKS_SETUID)
386 AC_DEFINE(BROKEN_SETREUID)
387 AC_DEFINE(BROKEN_SETREGID)
388 ;;
3c0ef626 389*-next-*)
390 conf_lastlog_location="/usr/adm/lastlog"
391 conf_utmp_location=/etc/utmp
392 conf_wtmp_location=/usr/adm/wtmp
393 MAIL=/usr/spool/mail
08822d99 394 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 395 AC_DEFINE(BROKEN_REALPATH)
396 AC_DEFINE(USE_PIPES)
08822d99 397 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 398 ;;
2ce0bfe4 399*-*-openbsd*)
400 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 401 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
402 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
2ce0bfe4 403 ;;
3c0ef626 404*-*-solaris*)
8b32eddc 405 if test "x$withval" != "xno" ; then
12a403af 406 need_dash_r=1
407 fi
3c0ef626 408 AC_DEFINE(PAM_SUN_CODEBASE)
409 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 410 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
411 [Some versions of /bin/login need the TERM supplied
412 on the commandline])
3c0ef626 413 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 414 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
415 [Define if pam_chauthtok wants real uid set
416 to the unpriv'ed user])
7cac2b65 417 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
418 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 419 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
420 [Define if sshd somehow reacquires a controlling TTY
421 after setsid()])
7cac2b65 422 external_path_file=/etc/default/login
3c0ef626 423 # hardwire lastlog location (can't detect it on some versions)
424 conf_lastlog_location="/var/adm/lastlog"
425 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
426 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
427 if test "$sol2ver" -ge 8; then
428 AC_MSG_RESULT(yes)
429 AC_DEFINE(DISABLE_UTMP)
08822d99 430 AC_DEFINE(DISABLE_WTMP, 1,
431 [Define if you don't want to use wtmp])
3c0ef626 432 else
433 AC_MSG_RESULT(no)
434 fi
435 ;;
436*-*-sunos4*)
437 CPPFLAGS="$CPPFLAGS -DSUNOS4"
438 AC_CHECK_FUNCS(getpwanam)
439 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 440 conf_utmp_location=/etc/utmp
441 conf_wtmp_location=/var/adm/wtmp
442 conf_lastlog_location=/var/adm/lastlog
443 AC_DEFINE(USE_PIPES)
444 ;;
445*-ncr-sysv*)
3c0ef626 446 LIBS="$LIBS -lc89"
e9702f7d 447 AC_DEFINE(USE_PIPES)
7cac2b65 448 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 449 AC_DEFINE(SETEUID_BREAKS_SETUID)
450 AC_DEFINE(BROKEN_SETREUID)
451 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 452 ;;
453*-sni-sysv*)
3c0ef626 454 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 455 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 456 # -lresolv needs to be at the end of LIBS or DNS lookups break
457 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 458 IPADDR_IN_DISPLAY=yes
459 AC_DEFINE(USE_PIPES)
460 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 461 AC_DEFINE(SETEUID_BREAKS_SETUID)
462 AC_DEFINE(BROKEN_SETREUID)
463 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 464 AC_DEFINE(SSHD_ACQUIRES_CTTY)
465 external_path_file=/etc/default/login
3c0ef626 466 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
467 # Attention: always take care to bind libsocket and libnsl before libc,
468 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
469 ;;
dfddba3d 470# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 471*-*-sysv4.2*)
08822d99 472 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
3c0ef626 473 AC_DEFINE(USE_PIPES)
7cac2b65 474 AC_DEFINE(SETEUID_BREAKS_SETUID)
475 AC_DEFINE(BROKEN_SETREUID)
476 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 477 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 478 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 479 ;;
dfddba3d 480# UnixWare 7.x, OpenUNIX 8
3c0ef626 481*-*-sysv5*)
2ce0bfe4 482 check_for_libcrypt_later=1
483 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 484 AC_DEFINE(USE_PIPES)
7cac2b65 485 AC_DEFINE(SETEUID_BREAKS_SETUID)
486 AC_DEFINE(BROKEN_SETREUID)
487 AC_DEFINE(BROKEN_SETREGID)
08822d99 488 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 489 case "$host" in
490 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
491 TEST_SHELL=/u95/bin/sh
08822d99 492 AC_DEFINE(BROKEN_LIBIAF, 1,
493 [ia_uinfo routines not supported by OS yet])
494 ;;
495 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 496 ;;
497 esac
3c0ef626 498 ;;
499*-*-sysv*)
3c0ef626 500 ;;
dfddba3d 501# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 502*-*-sco3.2v4*)
dfddba3d 503 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 504 ;;
dfddba3d 505# SCO OpenServer 5.x
3c0ef626 506*-*-sco3.2v5*)
bfe49944 507 if test -z "$GCC"; then
508 CFLAGS="$CFLAGS -belf"
509 fi
3c0ef626 510 LIBS="$LIBS -lprot -lx -ltinfo -lm"
511 no_dev_ptmx=1
3c0ef626 512 AC_DEFINE(USE_PIPES)
350391c5 513 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 514 AC_DEFINE(DISABLE_SHADOW)
d03f4262 515 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 516 AC_DEFINE(SETEUID_BREAKS_SETUID)
517 AC_DEFINE(BROKEN_SETREUID)
518 AC_DEFINE(BROKEN_SETREGID)
519 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 520 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 521 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 522 AC_CHECK_FUNCS(getluid setluid)
523 MANTYPE=man
7e82606e 524 TEST_SHELL=ksh
3c0ef626 525 ;;
d03f4262 526*-*-unicosmk*)
08822d99 527 AC_DEFINE(NO_SSH_LASTLOG, 1,
528 [Define if you don't want to use lastlog in session.c])
540d72c3 529 AC_DEFINE(SETEUID_BREAKS_SETUID)
530 AC_DEFINE(BROKEN_SETREUID)
531 AC_DEFINE(BROKEN_SETREGID)
d03f4262 532 AC_DEFINE(USE_PIPES)
533 AC_DEFINE(DISABLE_FD_PASSING)
534 LDFLAGS="$LDFLAGS"
535 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
536 MANTYPE=cat
537 ;;
7cac2b65 538*-*-unicosmp*)
540d72c3 539 AC_DEFINE(SETEUID_BREAKS_SETUID)
540 AC_DEFINE(BROKEN_SETREUID)
541 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 542 AC_DEFINE(WITH_ABBREV_NO_TTY)
543 AC_DEFINE(USE_PIPES)
544 AC_DEFINE(DISABLE_FD_PASSING)
545 LDFLAGS="$LDFLAGS"
540d72c3 546 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 547 MANTYPE=cat
548 ;;
3c0ef626 549*-*-unicos*)
540d72c3 550 AC_DEFINE(SETEUID_BREAKS_SETUID)
551 AC_DEFINE(BROKEN_SETREUID)
552 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 553 AC_DEFINE(USE_PIPES)
d03f4262 554 AC_DEFINE(DISABLE_FD_PASSING)
555 AC_DEFINE(NO_SSH_LASTLOG)
556 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
557 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
558 MANTYPE=cat
3c0ef626 559 ;;
560*-dec-osf*)
561 AC_MSG_CHECKING(for Digital Unix SIA)
562 no_osfsia=""
563 AC_ARG_WITH(osfsia,
564 [ --with-osfsia Enable Digital Unix SIA],
565 [
566 if test "x$withval" = "xno" ; then
567 AC_MSG_RESULT(disabled)
568 no_osfsia=1
569 fi
570 ],
571 )
572 if test -z "$no_osfsia" ; then
573 if test -f /etc/sia/matrix.conf; then
574 AC_MSG_RESULT(yes)
08822d99 575 AC_DEFINE(HAVE_OSF_SIA, 1,
576 [Define if you have Digital Unix Security
577 Integration Architecture])
578 AC_DEFINE(DISABLE_LOGIN, 1,
579 [Define if you don't want to use your
580 system's login() call])
bfe49944 581 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 582 LIBS="$LIBS -lsecurity -ldb -lm -laud"
583 else
584 AC_MSG_RESULT(no)
08822d99 585 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
586 [String used in /etc/passwd to denote locked account])
3c0ef626 587 fi
588 fi
7cac2b65 589 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 590 AC_DEFINE(SETEUID_BREAKS_SETUID)
591 AC_DEFINE(BROKEN_SETREUID)
592 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 593 ;;
594
4b6dae8f 595*-*-nto-qnx*)
3c0ef626 596 AC_DEFINE(USE_PIPES)
597 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 598 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
599 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
600 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
4b6dae8f 601 AC_DEFINE(DISABLE_LASTLOG)
3c0ef626 602 ;;
2ce0bfe4 603
604*-*-ultrix*)
08822d99 605 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
606 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b6dae8f 607 AC_DEFINE(NEED_SETPGRP)
2ce0bfe4 608 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
609 ;;
610
611*-*-lynxos)
612 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 613 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 614 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
615 ;;
3c0ef626 616esac
617
618# Allow user to specify flags
619AC_ARG_WITH(cflags,
620 [ --with-cflags Specify additional flags to pass to compiler],
621 [
8b32eddc 622 if test -n "$withval" && test "x$withval" != "xno" && \
623 test "x${withval}" != "xyes"; then
3c0ef626 624 CFLAGS="$CFLAGS $withval"
625 fi
8b32eddc 626 ]
3c0ef626 627)
628AC_ARG_WITH(cppflags,
629 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
630 [
8b32eddc 631 if test -n "$withval" && test "x$withval" != "xno" && \
632 test "x${withval}" != "xyes"; then
3c0ef626 633 CPPFLAGS="$CPPFLAGS $withval"
634 fi
635 ]
636)
637AC_ARG_WITH(ldflags,
638 [ --with-ldflags Specify additional flags to pass to linker],
639 [
8b32eddc 640 if test -n "$withval" && test "x$withval" != "xno" && \
641 test "x${withval}" != "xyes"; then
3c0ef626 642 LDFLAGS="$LDFLAGS $withval"
643 fi
8b32eddc 644 ]
3c0ef626 645)
646AC_ARG_WITH(libs,
647 [ --with-libs Specify additional libraries to link with],
648 [
8b32eddc 649 if test -n "$withval" && test "x$withval" != "xno" && \
650 test "x${withval}" != "xyes"; then
3c0ef626 651 LIBS="$LIBS $withval"
652 fi
8b32eddc 653 ]
3c0ef626 654)
2ce0bfe4 655AC_ARG_WITH(Werror,
656 [ --with-Werror Build main code with -Werror],
657 [
658 if test -n "$withval" && test "x$withval" != "xno"; then
659 werror_flags="-Werror"
08822d99 660 if test "x${withval}" != "xyes"; then
2ce0bfe4 661 werror_flags="$withval"
662 fi
663 fi
664 ]
665)
3c0ef626 666
7cac2b65 667AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 668AC_RUN_IFELSE(
669 [AC_LANG_SOURCE([
7cac2b65 670#include <stdio.h>
671int main(){exit(0);}
dfddba3d 672 ])],
7cac2b65 673 [ AC_MSG_RESULT(yes) ],
674 [
675 AC_MSG_RESULT(no)
676 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 677 ],
678 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 679)
680
2ce0bfe4 681dnl Checks for header files.
682AC_CHECK_HEADERS( \
683 bstring.h \
684 crypt.h \
685 dirent.h \
686 endian.h \
687 features.h \
688 floatingpoint.h \
689 getopt.h \
690 glob.h \
691 ia.h \
692 iaf.h \
2ce0bfe4 693 limits.h \
694 login.h \
695 login_cap.h \
696 maillock.h \
697 ndir.h \
698 netdb.h \
699 netgroup.h \
2ce0bfe4 700 pam/pam_appl.h \
701 paths.h \
702 pty.h \
703 readpassphrase.h \
704 rpc/types.h \
705 security/pam_appl.h \
706 shadow.h \
707 stddef.h \
708 stdint.h \
709 string.h \
710 strings.h \
711 sys/audit.h \
712 sys/bitypes.h \
713 sys/bsdtty.h \
714 sys/cdefs.h \
715 sys/dir.h \
716 sys/mman.h \
717 sys/ndir.h \
718 sys/prctl.h \
719 sys/pstat.h \
720 sys/select.h \
721 sys/stat.h \
722 sys/stream.h \
723 sys/stropts.h \
724 sys/strtio.h \
725 sys/sysmacros.h \
726 sys/time.h \
727 sys/timers.h \
728 sys/un.h \
729 time.h \
730 tmpdir.h \
731 ttyent.h \
732 unistd.h \
733 usersec.h \
734 util.h \
735 utime.h \
736 utmp.h \
737 utmpx.h \
738 vis.h \
739)
e9702f7d 740
4b6dae8f 741# lastlog.h requires sys/time.h to be included first on Solaris
742AC_CHECK_HEADERS(lastlog.h, [], [], [
743#ifdef HAVE_SYS_TIME_H
744# include <sys/time.h>
745#endif
746])
747
dfddba3d 748# sys/ptms.h requires sys/stream.h to be included first on Solaris
749AC_CHECK_HEADERS(sys/ptms.h, [], [], [
750#ifdef HAVE_SYS_STREAM_H
751# include <sys/stream.h>
752#endif
753])
754
3c0ef626 755# Checks for libraries.
756AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
757AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
758
7cac2b65 759dnl IRIX and Solaris 2.5.1 have dirname() in libgen
760AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
761 AC_CHECK_LIB(gen, dirname,[
762 AC_CACHE_CHECK([for broken dirname],
763 ac_cv_have_broken_dirname, [
764 save_LIBS="$LIBS"
765 LIBS="$LIBS -lgen"
08822d99 766 AC_RUN_IFELSE(
767 [AC_LANG_SOURCE([[
7cac2b65 768#include <libgen.h>
769#include <string.h>
770
771int main(int argc, char **argv) {
772 char *s, buf[32];
773
774 strncpy(buf,"/etc", 32);
775 s = dirname(buf);
776 if (!s || strncmp(s, "/", 32) != 0) {
777 exit(1);
778 } else {
779 exit(0);
780 }
781}
08822d99 782 ]])],
783 [ ac_cv_have_broken_dirname="no" ],
784 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 785 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 786 )
787 LIBS="$save_LIBS"
788 ])
789 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
790 LIBS="$LIBS -lgen"
791 AC_DEFINE(HAVE_DIRNAME)
792 AC_CHECK_HEADERS(libgen.h)
793 fi
794 ])
795])
796
3c0ef626 797AC_CHECK_FUNC(getspnam, ,
798 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 799AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
800 [Define if you have the basename function.]))
3c0ef626 801
802dnl zlib is required
803AC_ARG_WITH(zlib,
804 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 805 [ if test "x$withval" = "xno" ; then
806 AC_MSG_ERROR([*** zlib is required ***])
807 elif test "x$withval" != "xyes"; then
3c0ef626 808 if test -d "$withval/lib"; then
809 if test -n "${need_dash_r}"; then
810 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
811 else
812 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
813 fi
814 else
815 if test -n "${need_dash_r}"; then
816 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
817 else
818 LDFLAGS="-L${withval} ${LDFLAGS}"
819 fi
820 fi
821 if test -d "$withval/include"; then
822 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
823 else
824 CPPFLAGS="-I${withval} ${CPPFLAGS}"
825 fi
8b32eddc 826 fi ]
3c0ef626 827)
828
540d72c3 829AC_CHECK_LIB(z, deflate, ,
830 [
831 saved_CPPFLAGS="$CPPFLAGS"
832 saved_LDFLAGS="$LDFLAGS"
833 save_LIBS="$LIBS"
834 dnl Check default zlib install dir
835 if test -n "${need_dash_r}"; then
836 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
837 else
838 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
839 fi
840 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
841 LIBS="$LIBS -lz"
842 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
843 [
844 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
845 ]
846 )
847 ]
848)
849AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
850
851AC_ARG_WITH(zlib-version-check,
852 [ --without-zlib-version-check Disable zlib version check],
853 [ if test "x$withval" = "xno" ; then
854 zlib_check_nonfatal=1
855 fi
856 ]
857)
858
8b32eddc 859AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 860AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 861#include <stdio.h>
540d72c3 862#include <zlib.h>
863int main()
864{
8b32eddc 865 int a=0, b=0, c=0, d=0, n, v;
866 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
867 if (n != 3 && n != 4)
540d72c3 868 exit(1);
8b32eddc 869 v = a*1000000 + b*10000 + c*100 + d;
870 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
871
872 /* 1.1.4 is OK */
873 if (a == 1 && b == 1 && c >= 4)
540d72c3 874 exit(0);
8b32eddc 875
2ce0bfe4 876 /* 1.2.3 and up are OK */
877 if (v >= 1020300)
8b32eddc 878 exit(0);
879
540d72c3 880 exit(2);
881}
dfddba3d 882 ]])],
8b32eddc 883 AC_MSG_RESULT(no),
884 [ AC_MSG_RESULT(yes)
540d72c3 885 if test -z "$zlib_check_nonfatal" ; then
886 AC_MSG_ERROR([*** zlib too old - check config.log ***
887Your reported zlib version has known security problems. It's possible your
888vendor has fixed these problems without changing the version number. If you
889are sure this is the case, you can disable the check by running
890"./configure --without-zlib-version-check".
2ce0bfe4 891If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 892See http://www.gzip.org/zlib/ for details.])
540d72c3 893 else
894 AC_MSG_WARN([zlib version may have security problems])
895 fi
dfddba3d 896 ],
897 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 898)
3c0ef626 899
3c0ef626 900dnl UnixWare 2.x
540d72c3 901AC_CHECK_FUNC(strcasecmp,
3c0ef626 902 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
903)
08822d99 904AC_CHECK_FUNCS(utimes,
d03f4262 905 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
906 LIBS="$LIBS -lc89"]) ]
3c0ef626 907)
908
909dnl Checks for libutil functions
910AC_CHECK_HEADERS(libutil.h)
08822d99 911AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
912 [Define if your libraries define login()])])
3c0ef626 913AC_CHECK_FUNCS(logout updwtmp logwtmp)
914
915AC_FUNC_STRFTIME
916
3c0ef626 917# Check for ALTDIRFUNC glob() extension
918AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
919AC_EGREP_CPP(FOUNDIT,
920 [
921 #include <glob.h>
922 #ifdef GLOB_ALTDIRFUNC
923 FOUNDIT
924 #endif
540d72c3 925 ],
3c0ef626 926 [
08822d99 927 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
928 [Define if your system glob() function has
929 the GLOB_ALTDIRFUNC extension])
3c0ef626 930 AC_MSG_RESULT(yes)
931 ],
932 [
933 AC_MSG_RESULT(no)
934 ]
935)
936
937# Check for g.gl_matchc glob() extension
938AC_MSG_CHECKING(for gl_matchc field in glob_t)
939AC_EGREP_CPP(FOUNDIT,
540d72c3 940 [
941 #include <glob.h>
3c0ef626 942 int main(void){glob_t g; g.gl_matchc = 1;}
540d72c3 943 ],
944 [
08822d99 945 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
946 [Define if your system glob() function has
947 gl_matchc options in glob_t])
540d72c3 948 AC_MSG_RESULT(yes)
949 ],
950 [
951 AC_MSG_RESULT(no)
952 ]
3c0ef626 953)
954
955AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 956AC_RUN_IFELSE(
957 [AC_LANG_SOURCE([[
3c0ef626 958#include <sys/types.h>
959#include <dirent.h>
d03f4262 960int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 961 ]])],
540d72c3 962 [AC_MSG_RESULT(yes)],
3c0ef626 963 [
964 AC_MSG_RESULT(no)
08822d99 965 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
966 [Define if your struct dirent expects you to
967 allocate extra space for d_name])
dfddba3d 968 ],
8b32eddc 969 [
dfddba3d 970 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
971 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 972 ]
973)
974
1c89237d 975# Check whether the user wants GSSAPI mechglue support
976AC_ARG_WITH(mechglue,
bec32dad 977 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1c89237d 978 [
979 AC_MSG_CHECKING(for mechglue library)
bec32dad 980
981 if test -e ${withval}/libgssapi.a ; then
982 mechglue_lib=${withval}/libgssapi.a
983 elif test -e ${withval}/lib/libgssapi.a ; then
984 mechglue_lib=${withval}/lib/libgssapi.a
985 else
986 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1c89237d 987 fi
bec32dad 988 LIBS="$LIBS ${mechglue_lib}"
989 AC_MSG_RESULT(${mechglue_lib})
990
1c89237d 991 AC_CHECK_LIB(dl, dlopen, , )
992 if test $ac_cv_lib_dl_dlopen = yes; then
bec32dad 993 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1c89237d 994 fi
bec32dad 995
1c89237d 996 AC_DEFINE(GSSAPI)
08822d99 997 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
1c89237d 998 GSSAPI="mechglue"
999
1c89237d 1000 ]
1001)
1002
1003
5598e598 1004# Check whether the user wants GSI (Globus) support
1005gsi_path="no"
1006AC_ARG_WITH(gsi,
483bcdbd 1007 [ --with-gsi Enable Globus GSI authentication support],
5598e598 1008 [
1009 gsi_path="$withval"
1010 ]
1011)
1012
1013AC_ARG_WITH(globus,
483bcdbd 1014 [ --with-globus Enable Globus GSI authentication support],
5598e598 1015 [
1016 gsi_path="$withval"
1017 ]
1018)
1019
483bcdbd 1020AC_ARG_WITH(globus-static,
1021 [ --with-globus-static Link statically with Globus GSI libraries],
1022 [
1023 gsi_static="-static"
9e6effad 1024 if test "x$gsi_path" = "xno" ; then
6e098d39 1025 gsi_path="$withval"
1026 fi
483bcdbd 1027 ]
1028)
1029
5fb9fc74 1030# Check whether the user has a Globus flavor type
1031globus_flavor_type="no"
1032AC_ARG_WITH(globus-flavor,
483bcdbd 1033 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
5fb9fc74 1034 [
1035 globus_flavor_type="$withval"
9e6effad 1036 if test "x$gsi_path" = "xno" ; then
e78b0188 1037 gsi_path="yes"
1038 fi
5fb9fc74 1039 ]
1040)
1041
5598e598 1042if test "x$gsi_path" != "xno" ; then
1043 # Globus GSSAPI configuration
22798398 1044 AC_MSG_CHECKING(for Globus GSI)
08822d99 1045 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
5598e598 1046
1c89237d 1047 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
483bcdbd 1048 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
1c89237d 1049 fi
1050 if test -z "$GSSAPI"; then
1051 AC_DEFINE(GSSAPI)
1052 GSSAPI="GSI"
1053 fi
1054
8b1f0dfd 1055 if test "x$gsi_path" = "xyes" ; then
1056 if test -z "$GLOBUS_LOCATION" ; then
483bcdbd 1057 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
8b1f0dfd 1058 else
1059 gsi_path="$GLOBUS_LOCATION"
1060 fi
1061 fi
483bcdbd 1062 GLOBUS_LOCATION="$gsi_path"
1063 export GLOBUS_LOCATION
1064 if test ! -d "$GLOBUS_LOCATION" ; then
1065 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
5598e598 1066 fi
5598e598 1067
22798398 1068 if test "x$globus_flavor_type" = "xno" ; then
1069 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1070 fi
1071 if test "x$globus_flavor_type" = "xyes" ; then
1072 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
5598e598 1073 fi
5fb9fc74 1074
22798398 1075 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
1076 if test ! -d "$GLOBUS_INCLUDE" ; then
1077 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
1078 fi
1079 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
bed23354 1080
1081 if test -x ${gsi_path}/bin/globus-makefile-header ; then
483bcdbd 1082 GSI_LIBS=`${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
bed23354 1083 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
483bcdbd 1084 GSI_LIBS=`${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
5fb9fc74 1085 else
bed23354 1086 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
22798398 1087 fi
1dca09f1 1088 if test -n "${need_dash_r}"; then
1089 GSI_LDFLAGS="-L${gsi_path}/lib -R{gsi_path}/lib"
1090 else
1091 GSI_LDFLAGS="-L${gsi_path}/lib"
1092 fi
22798398 1093 if test -z "$GSI_LIBS" ; then
bed23354 1094 AC_MSG_ERROR(globus-makefile-header failed)
5fb9fc74 1095 fi
5598e598 1096
540d72c3 1097 AC_DEFINE(HAVE_GSSAPI_H)
1098
5598e598 1099 LIBS="$LIBS $GSI_LIBS"
1100 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
1c89237d 1101 CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
22798398 1102
1103 # test that we got the libraries OK
1104 AC_TRY_LINK(
1105 [],
1106 [],
1107 [
1108 AC_MSG_RESULT(yes)
1109 ],
1110 [
1111 AC_MSG_ERROR(link with Globus libraries failed)
1112 ]
1113 )
1ca858e9 1114 INSTALL_GSISSH="yes"
1115else
1116 INSTALL_GSISSH=""
5598e598 1117fi
1ca858e9 1118AC_SUBST(INSTALL_GSISSH)
1119# End Globus/GSI section
5598e598 1120
7e82606e 1121AC_MSG_CHECKING([for /proc/pid/fd directory])
1122if test -d "/proc/$$/fd" ; then
08822d99 1123 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1124 AC_MSG_RESULT(yes)
1125else
1126 AC_MSG_RESULT(no)
1127fi
1128
3c0ef626 1129# Check whether user wants S/Key support
540d72c3 1130SKEY_MSG="no"
3c0ef626 1131AC_ARG_WITH(skey,
dfddba3d 1132 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1133 [
1134 if test "x$withval" != "xno" ; then
1135
1136 if test "x$withval" != "xyes" ; then
1137 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1138 LDFLAGS="$LDFLAGS -L${withval}/lib"
1139 fi
1140
08822d99 1141 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1142 LIBS="-lskey $LIBS"
540d72c3 1143 SKEY_MSG="yes"
8b32eddc 1144
e9702f7d 1145 AC_MSG_CHECKING([for s/key support])
08822d99 1146 AC_LINK_IFELSE(
1147 [AC_LANG_SOURCE([[
e9702f7d 1148#include <stdio.h>
1149#include <skey.h>
d03f4262 1150int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1151 ]])],
e9702f7d 1152 [AC_MSG_RESULT(yes)],
3c0ef626 1153 [
e9702f7d 1154 AC_MSG_RESULT(no)
3c0ef626 1155 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1156 ])
12a403af 1157 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1158 AC_TRY_COMPILE(
1159 [#include <stdio.h>
1160 #include <skey.h>],
1161 [(void)skeychallenge(NULL,"name","",0);],
1162 [AC_MSG_RESULT(yes)
08822d99 1163 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1164 [Define if your skeychallenge()
1165 function takes 4 arguments (NetBSD)])],
12a403af 1166 [AC_MSG_RESULT(no)]
1167 )
3c0ef626 1168 fi
1169 ]
1170)
1171
1172# Check whether user wants TCP wrappers support
1173TCPW_MSG="no"
1174AC_ARG_WITH(tcp-wrappers,
dfddba3d 1175 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1176 [
1177 if test "x$withval" != "xno" ; then
1178 saved_LIBS="$LIBS"
1179 saved_LDFLAGS="$LDFLAGS"
1180 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1181 if test -n "${withval}" && \
1182 test "x${withval}" != "xyes"; then
3c0ef626 1183 if test -d "${withval}/lib"; then
1184 if test -n "${need_dash_r}"; then
1185 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1186 else
1187 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1188 fi
1189 else
1190 if test -n "${need_dash_r}"; then
1191 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1192 else
1193 LDFLAGS="-L${withval} ${LDFLAGS}"
1194 fi
1195 fi
1196 if test -d "${withval}/include"; then
1197 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1198 else
1199 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1200 fi
1201 fi
e9702f7d 1202 LIBWRAP="-lwrap"
1203 LIBS="$LIBWRAP $LIBS"
3c0ef626 1204 AC_MSG_CHECKING(for libwrap)
1205 AC_TRY_LINK(
1206 [
12a403af 1207#include <sys/types.h>
1208#include <sys/socket.h>
1209#include <netinet/in.h>
3c0ef626 1210#include <tcpd.h>
1211 int deny_severity = 0, allow_severity = 0;
1212 ],
1213 [hosts_access(0);],
1214 [
1215 AC_MSG_RESULT(yes)
08822d99 1216 AC_DEFINE(LIBWRAP, 1,
1217 [Define if you want
1218 TCP Wrappers support])
e9702f7d 1219 AC_SUBST(LIBWRAP)
3c0ef626 1220 TCPW_MSG="yes"
1221 ],
1222 [
1223 AC_MSG_ERROR([*** libwrap missing])
1224 ]
1225 )
e9702f7d 1226 LIBS="$saved_LIBS"
3c0ef626 1227 fi
1228 ]
1229)
1230
dfddba3d 1231# Check whether user wants libedit support
1232LIBEDIT_MSG="no"
1233AC_ARG_WITH(libedit,
1234 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1235 [ if test "x$withval" != "xno" ; then
8b32eddc 1236 if test "x$withval" != "xyes"; then
08822d99 1237 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1238 if test -n "${need_dash_r}"; then
1239 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1240 else
1241 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1242 fi
8b32eddc 1243 fi
dfddba3d 1244 AC_CHECK_LIB(edit, el_init,
08822d99 1245 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1246 LIBEDIT="-ledit -lcurses"
1247 LIBEDIT_MSG="yes"
1248 AC_SUBST(LIBEDIT)
1249 ],
8b32eddc 1250 [ AC_MSG_ERROR(libedit not found) ],
1251 [ -lcurses ]
dfddba3d 1252 )
2ce0bfe4 1253 AC_MSG_CHECKING(if libedit version is compatible)
1254 AC_COMPILE_IFELSE(
1255 [AC_LANG_SOURCE([[
1256#include <histedit.h>
1257int main(void)
1258{
1259 int i = H_SETSIZE;
1260 el_init("", NULL, NULL, NULL);
1261 exit(0);
1262}
1263 ]])],
1264 [ AC_MSG_RESULT(yes) ],
1265 [ AC_MSG_RESULT(no)
1266 AC_MSG_ERROR(libedit version is not compatible) ]
1267 )
dfddba3d 1268 fi ]
1269)
1270
1271AUDIT_MODULE=none
1272AC_ARG_WITH(audit,
1273 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1274 [
1275 AC_MSG_CHECKING(for supported audit module)
1276 case "$withval" in
1277 bsm)
1278 AC_MSG_RESULT(bsm)
1279 AUDIT_MODULE=bsm
1280 dnl Checks for headers, libs and functions
1281 AC_CHECK_HEADERS(bsm/audit.h, [],
1282 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1283 AC_CHECK_LIB(bsm, getaudit, [],
1284 [AC_MSG_ERROR(BSM enabled and required library not found)])
1285 AC_CHECK_FUNCS(getaudit, [],
1286 [AC_MSG_ERROR(BSM enabled and required function not found)])
1287 # These are optional
1288 AC_CHECK_FUNCS(getaudit_addr)
08822d99 1289 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1290 ;;
1291 debug)
1292 AUDIT_MODULE=debug
1293 AC_MSG_RESULT(debug)
08822d99 1294 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1295 ;;
2ce0bfe4 1296 no)
1297 AC_MSG_RESULT(no)
1298 ;;
dfddba3d 1299 *)
1300 AC_MSG_ERROR([Unknown audit module $withval])
1301 ;;
1302 esac ]
1303)
1304
bfe49944 1305dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1306AC_CHECK_FUNCS( \
1307 arc4random \
08822d99 1308 asprintf \
2ce0bfe4 1309 b64_ntop \
1310 __b64_ntop \
1311 b64_pton \
1312 __b64_pton \
1313 bcopy \
1314 bindresvport_sa \
1315 clock \
1316 closefrom \
1317 dirfd \
1318 fchmod \
1319 fchown \
1320 freeaddrinfo \
1321 futimes \
1322 getaddrinfo \
1323 getcwd \
1324 getgrouplist \
1325 getnameinfo \
1326 getopt \
1327 getpeereid \
1328 _getpty \
1329 getrlimit \
1330 getttyent \
1331 glob \
1332 inet_aton \
1333 inet_ntoa \
1334 inet_ntop \
1335 innetgr \
1336 login_getcapbool \
1337 md5_crypt \
1338 memmove \
1339 mkdtemp \
1340 mmap \
1341 ngetaddrinfo \
1342 nsleep \
1343 ogetaddrinfo \
1344 openlog_r \
1345 openpty \
1346 prctl \
1347 pstat \
1348 readpassphrase \
1349 realpath \
1350 recvmsg \
1351 rresvport_af \
1352 sendmsg \
1353 setdtablesize \
1354 setegid \
1355 setenv \
1356 seteuid \
1357 setgroups \
1358 setlogin \
1359 setpcred \
1360 setproctitle \
1361 setregid \
1362 setreuid \
1363 setrlimit \
1364 setsid \
1365 setvbuf \
1366 sigaction \
1367 sigvec \
1368 snprintf \
1369 socketpair \
1370 strdup \
1371 strerror \
1372 strlcat \
1373 strlcpy \
1374 strmode \
1375 strnvis \
1376 strtonum \
1377 strtoll \
1378 strtoul \
1379 sysconf \
1380 tcgetpgrp \
1381 truncate \
1382 unsetenv \
1383 updwtmpx \
08822d99 1384 vasprintf \
2ce0bfe4 1385 vhangup \
1386 vsnprintf \
1387 waitpid \
bfe49944 1388)
1389
29d88157 1390# IRIX has a const char return value for gai_strerror()
1391AC_CHECK_FUNCS(gai_strerror,[
1392 AC_DEFINE(HAVE_GAI_STRERROR)
1393 AC_TRY_COMPILE([
1394#include <sys/types.h>
1395#include <sys/socket.h>
1396#include <netdb.h>
1397
1398const char *gai_strerror(int);],[
1399char *str;
1400
1401str = gai_strerror(0);],[
1402 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1403 [Define if gai_strerror() returns const char *])])])
1404
08822d99 1405AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1406 [Some systems put nanosleep outside of libc]))
bfe49944 1407
7cac2b65 1408dnl Make sure prototypes are defined for these before using them.
7cac2b65 1409AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1410AC_CHECK_DECL(strsep,
1411 [AC_CHECK_FUNCS(strsep)],
1412 [],
1413 [
1414#ifdef HAVE_STRING_H
1415# include <string.h>
1416#endif
1417 ])
3c0ef626 1418
7cac2b65 1419dnl tcsendbreak might be a macro
1420AC_CHECK_DECL(tcsendbreak,
1421 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1422 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1423 [#include <termios.h>]
1424)
3c0ef626 1425
7e82606e 1426AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1427
540d72c3 1428AC_CHECK_FUNCS(setresuid, [
1429 dnl Some platorms have setresuid that isn't implemented, test for this
1430 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1431 AC_RUN_IFELSE(
1432 [AC_LANG_SOURCE([[
540d72c3 1433#include <stdlib.h>
1434#include <errno.h>
1435int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1436 ]])],
540d72c3 1437 [AC_MSG_RESULT(yes)],
08822d99 1438 [AC_DEFINE(BROKEN_SETRESUID, 1,
1439 [Define if your setresuid() is broken])
dfddba3d 1440 AC_MSG_RESULT(not implemented)],
1441 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1442 )
1443])
1444
1445AC_CHECK_FUNCS(setresgid, [
1446 dnl Some platorms have setresgid that isn't implemented, test for this
1447 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1448 AC_RUN_IFELSE(
1449 [AC_LANG_SOURCE([[
540d72c3 1450#include <stdlib.h>
1451#include <errno.h>
1452int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1453 ]])],
540d72c3 1454 [AC_MSG_RESULT(yes)],
08822d99 1455 [AC_DEFINE(BROKEN_SETRESGID, 1,
1456 [Define if your setresgid() is broken])
dfddba3d 1457 AC_MSG_RESULT(not implemented)],
1458 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1459 )
1460])
1461
3c0ef626 1462dnl Checks for time functions
1463AC_CHECK_FUNCS(gettimeofday time)
1464dnl Checks for utmp functions
1465AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1466AC_CHECK_FUNCS(utmpname)
1467dnl Checks for utmpx functions
1468AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1469AC_CHECK_FUNCS(setutxent utmpxname)
1470
540d72c3 1471AC_CHECK_FUNC(daemon,
08822d99 1472 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1473 [AC_CHECK_LIB(bsd, daemon,
1474 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1475)
1476
540d72c3 1477AC_CHECK_FUNC(getpagesize,
08822d99 1478 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1479 [Define if your libraries define getpagesize()])],
1480 [AC_CHECK_LIB(ucb, getpagesize,
1481 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1482)
1483
1484# Check for broken snprintf
1485if test "x$ac_cv_func_snprintf" = "xyes" ; then
1486 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1487 AC_RUN_IFELSE(
1488 [AC_LANG_SOURCE([[
3c0ef626 1489#include <stdio.h>
d03f4262 1490int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1491 ]])],
540d72c3 1492 [AC_MSG_RESULT(yes)],
3c0ef626 1493 [
1494 AC_MSG_RESULT(no)
08822d99 1495 AC_DEFINE(BROKEN_SNPRINTF, 1,
1496 [Define if your snprintf is busted])
3c0ef626 1497 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1498 ],
1499 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1500 )
1501fi
1502
08822d99 1503# If we don't have a working asprintf, then we strongly depend on vsnprintf
1504# returning the right thing on overflow: the number of characters it tried to
1505# create (as per SUSv3)
1506if test "x$ac_cv_func_asprintf" != "xyes" && \
1507 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1508 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1509 AC_RUN_IFELSE(
1510 [AC_LANG_SOURCE([[
1511#include <sys/types.h>
1512#include <stdio.h>
1513#include <stdarg.h>
1514
1515int x_snprintf(char *str,size_t count,const char *fmt,...)
1516{
1517 size_t ret; va_list ap;
1518 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1519 return ret;
1520}
1521int main(void)
1522{
1523 char x[1];
1524 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1525} ]])],
1526 [AC_MSG_RESULT(yes)],
1527 [
1528 AC_MSG_RESULT(no)
1529 AC_DEFINE(BROKEN_SNPRINTF, 1,
1530 [Define if your snprintf is busted])
1531 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1532 ],
1533 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1534 )
1535fi
1536
1537# On systems where [v]snprintf is broken, but is declared in stdio,
1538# check that the fmt argument is const char * or just char *.
1539# This is only useful for when BROKEN_SNPRINTF
1540AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1541AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1542 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1543 int main(void) { snprintf(0, 0, 0); }
1544 ]])],
1545 [AC_MSG_RESULT(yes)
1546 AC_DEFINE(SNPRINTF_CONST, [const],
1547 [Define as const if snprintf() can declare const char *fmt])],
1548 [AC_MSG_RESULT(no)
1549 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1550
7e82606e 1551# Check for missing getpeereid (or equiv) support
1552NO_PEERCHECK=""
1553if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1554 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1555 AC_TRY_COMPILE(
1556 [#include <sys/types.h>
1557 #include <sys/socket.h>],
1558 [int i = SO_PEERCRED;],
8b32eddc 1559 [ AC_MSG_RESULT(yes)
08822d99 1560 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1561 ],
7e82606e 1562 [AC_MSG_RESULT(no)
1563 NO_PEERCHECK=1]
1564 )
1565fi
1566
bfe49944 1567dnl see whether mkstemp() requires XXXXXX
1568if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1569AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1570AC_RUN_IFELSE(
1571 [AC_LANG_SOURCE([[
bfe49944 1572#include <stdlib.h>
1573main() { char template[]="conftest.mkstemp-test";
1574if (mkstemp(template) == -1)
1575 exit(1);
1576unlink(template); exit(0);
1577}
08822d99 1578 ]])],
bfe49944 1579 [
1580 AC_MSG_RESULT(no)
1581 ],
540d72c3 1582 [
bfe49944 1583 AC_MSG_RESULT(yes)
08822d99 1584 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1585 ],
1586 [
1587 AC_MSG_RESULT(yes)
1588 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1589 ]
bfe49944 1590)
1591fi
1592
7cac2b65 1593dnl make sure that openpty does not reacquire controlling terminal
1594if test ! -z "$check_for_openpty_ctty_bug"; then
1595 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1596 AC_RUN_IFELSE(
1597 [AC_LANG_SOURCE([[
7cac2b65 1598#include <stdio.h>
1599#include <sys/fcntl.h>
1600#include <sys/types.h>
1601#include <sys/wait.h>
1602
1603int
1604main()
1605{
1606 pid_t pid;
1607 int fd, ptyfd, ttyfd, status;
1608
1609 pid = fork();
1610 if (pid < 0) { /* failed */
1611 exit(1);
1612 } else if (pid > 0) { /* parent */
1613 waitpid(pid, &status, 0);
540d72c3 1614 if (WIFEXITED(status))
7cac2b65 1615 exit(WEXITSTATUS(status));
1616 else
1617 exit(2);
1618 } else { /* child */
1619 close(0); close(1); close(2);
1620 setsid();
1621 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1622 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1623 if (fd >= 0)
1624 exit(3); /* Acquired ctty: broken */
1625 else
1626 exit(0); /* Did not acquire ctty: OK */
1627 }
1628}
08822d99 1629 ]])],
7cac2b65 1630 [
1631 AC_MSG_RESULT(yes)
1632 ],
1633 [
1634 AC_MSG_RESULT(no)
1635 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1636 ],
1637 [
1638 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1639 ]
1640 )
1641fi
1642
8b32eddc 1643if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1644 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1645 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1646 AC_RUN_IFELSE(
1647 [AC_LANG_SOURCE([[
12a403af 1648#include <stdio.h>
1649#include <sys/socket.h>
1650#include <netdb.h>
1651#include <errno.h>
1652#include <netinet/in.h>
1653
1654#define TEST_PORT "2222"
1655
1656int
1657main(void)
1658{
1659 int err, sock;
1660 struct addrinfo *gai_ai, *ai, hints;
1661 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1662
1663 memset(&hints, 0, sizeof(hints));
1664 hints.ai_family = PF_UNSPEC;
1665 hints.ai_socktype = SOCK_STREAM;
1666 hints.ai_flags = AI_PASSIVE;
1667
1668 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1669 if (err != 0) {
1670 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1671 exit(1);
1672 }
1673
1674 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1675 if (ai->ai_family != AF_INET6)
1676 continue;
1677
1678 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1679 sizeof(ntop), strport, sizeof(strport),
1680 NI_NUMERICHOST|NI_NUMERICSERV);
1681
1682 if (err != 0) {
1683 if (err == EAI_SYSTEM)
1684 perror("getnameinfo EAI_SYSTEM");
1685 else
1686 fprintf(stderr, "getnameinfo failed: %s\n",
1687 gai_strerror(err));
1688 exit(2);
1689 }
1690
1691 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1692 if (sock < 0)
1693 perror("socket");
1694 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1695 if (errno == EBADF)
1696 exit(3);
1697 }
1698 }
1699 exit(0);
1700}
08822d99 1701 ]])],
12a403af 1702 [
1703 AC_MSG_RESULT(yes)
1704 ],
1705 [
1706 AC_MSG_RESULT(no)
1707 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1708 ],
1709 [
1710 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1711 ]
1712 )
1713fi
1714
8b32eddc 1715if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1716 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1717 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1718 AC_RUN_IFELSE(
1719 [AC_LANG_SOURCE([[
dfddba3d 1720#include <stdio.h>
1721#include <sys/socket.h>
1722#include <netdb.h>
1723#include <errno.h>
1724#include <netinet/in.h>
1725
1726#define TEST_PORT "2222"
1727
1728int
1729main(void)
1730{
1731 int err, sock;
1732 struct addrinfo *gai_ai, *ai, hints;
1733 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1734
1735 memset(&hints, 0, sizeof(hints));
1736 hints.ai_family = PF_UNSPEC;
1737 hints.ai_socktype = SOCK_STREAM;
1738 hints.ai_flags = AI_PASSIVE;
1739
1740 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1741 if (err != 0) {
1742 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1743 exit(1);
1744 }
1745
1746 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1747 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1748 continue;
1749
1750 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1751 sizeof(ntop), strport, sizeof(strport),
1752 NI_NUMERICHOST|NI_NUMERICSERV);
1753
1754 if (ai->ai_family == AF_INET && err != 0) {
1755 perror("getnameinfo");
1756 exit(2);
1757 }
1758 }
1759 exit(0);
1760}
08822d99 1761 ]])],
dfddba3d 1762 [
1763 AC_MSG_RESULT(yes)
08822d99 1764 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1765 [Define if you have a getaddrinfo that fails
1766 for the all-zeros IPv6 address])
dfddba3d 1767 ],
1768 [
1769 AC_MSG_RESULT(no)
1770 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1771 ],
1772 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1773 ]
1774 )
1775fi
1776
1777if test "x$check_for_conflicting_getspnam" = "x1"; then
1778 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1779 AC_COMPILE_IFELSE(
1780 [
1781#include <shadow.h>
1782int main(void) {exit(0);}
1783 ],
1784 [
1785 AC_MSG_RESULT(no)
1786 ],
1787 [
1788 AC_MSG_RESULT(yes)
1789 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1790 [Conflicting defs for getspnam])
1791 ]
1792 )
1793fi
1794
3c0ef626 1795AC_FUNC_GETPGRP
1796
1797# Check for PAM libs
1798PAM_MSG="no"
1799AC_ARG_WITH(pam,
1800 [ --with-pam Enable PAM support ],
1801 [
1802 if test "x$withval" != "xno" ; then
540d72c3 1803 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1804 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
3c0ef626 1805 AC_MSG_ERROR([PAM headers not found])
1806 fi
1807
1808 AC_CHECK_LIB(dl, dlopen, , )
1809 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1810 AC_CHECK_FUNCS(pam_getenvlist)
905081a4 1811 AC_CHECK_FUNCS(pam_putenv)
3c0ef626 1812
3c0ef626 1813 PAM_MSG="yes"
1814
08822d99 1815 AC_DEFINE(USE_PAM, 1,
1816 [Define if you want to enable PAM support])
e9702f7d 1817 if test $ac_cv_lib_dl_dlopen = yes; then
1818 LIBPAM="-lpam -ldl"
1819 else
1820 LIBPAM="-lpam"
1821 fi
1822 AC_SUBST(LIBPAM)
3c0ef626 1823 fi
1824 ]
1825)
1826
1827# Check for older PAM
1828if test "x$PAM_MSG" = "xyes" ; then
1829 # Check PAM strerror arguments (old PAM)
1830 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1831 AC_TRY_COMPILE(
1832 [
1833#include <stdlib.h>
540d72c3 1834#if defined(HAVE_SECURITY_PAM_APPL_H)
3c0ef626 1835#include <security/pam_appl.h>
540d72c3 1836#elif defined (HAVE_PAM_PAM_APPL_H)
1837#include <pam/pam_appl.h>
1838#endif
1839 ],
1840 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
3c0ef626 1841 [AC_MSG_RESULT(no)],
1842 [
08822d99 1843 AC_DEFINE(HAVE_OLD_PAM, 1,
1844 [Define if you have an old version of PAM
1845 which takes only one argument to pam_strerror])
3c0ef626 1846 AC_MSG_RESULT(yes)
1847 PAM_MSG="yes (old library)"
1848 ]
1849 )
1850fi
1851
350391c5 1852# Search for OpenSSL
1853saved_CPPFLAGS="$CPPFLAGS"
1854saved_LDFLAGS="$LDFLAGS"
3c0ef626 1855AC_ARG_WITH(ssl-dir,
1856 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1857 [
1858 if test "x$withval" != "xno" ; then
dfddba3d 1859 case "$withval" in
1860 # Relative paths
1861 ./*|../*) withval="`pwd`/$withval"
1862 esac
350391c5 1863 if test -d "$withval/lib"; then
1864 if test -n "${need_dash_r}"; then
1865 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1866 else
1867 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1868 fi
1869 else
350391c5 1870 if test -n "${need_dash_r}"; then
1871 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1872 else
1873 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1874 fi
1875 fi
350391c5 1876 if test -d "$withval/include"; then
1877 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1878 else
350391c5 1879 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1880 fi
1881 fi
350391c5 1882 ]
1883)
22798398 1884if test -z "$GSI_LIBS" ; then
540d72c3 1885LIBS="-lcrypto $LIBS"
22798398 1886fi
08822d99 1887AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1888 [Define if your ssl headers are included
1889 with #include <openssl/header.h>]),
3c0ef626 1890 [
350391c5 1891 dnl Check default openssl install dir
1892 if test -n "${need_dash_r}"; then
1893 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1894 else
350391c5 1895 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1896 fi
350391c5 1897 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1898 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1899 [
1900 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1901 ]
1902 )
1903 ]
1904)
1905
d03f4262 1906# Determine OpenSSL header version
1907AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 1908AC_RUN_IFELSE(
1909 [AC_LANG_SOURCE([[
d03f4262 1910#include <stdio.h>
1911#include <string.h>
1912#include <openssl/opensslv.h>
1913#define DATA "conftest.sslincver"
1914int main(void) {
540d72c3 1915 FILE *fd;
1916 int rc;
d03f4262 1917
540d72c3 1918 fd = fopen(DATA,"w");
1919 if(fd == NULL)
1920 exit(1);
d03f4262 1921
1922 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1923 exit(1);
1924
1925 exit(0);
1926}
dfddba3d 1927 ]])],
d03f4262 1928 [
1929 ssl_header_ver=`cat conftest.sslincver`
1930 AC_MSG_RESULT($ssl_header_ver)
1931 ],
1932 [
1933 AC_MSG_RESULT(not found)
1934 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 1935 ],
1936 [
1937 AC_MSG_WARN([cross compiling: not checking])
d03f4262 1938 ]
1939)
1940
1941# Determine OpenSSL library version
1942AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 1943AC_RUN_IFELSE(
1944 [AC_LANG_SOURCE([[
d03f4262 1945#include <stdio.h>
1946#include <string.h>
1947#include <openssl/opensslv.h>
1948#include <openssl/crypto.h>
1949#define DATA "conftest.ssllibver"
1950int main(void) {
540d72c3 1951 FILE *fd;
1952 int rc;
d03f4262 1953
540d72c3 1954 fd = fopen(DATA,"w");
1955 if(fd == NULL)
1956 exit(1);
d03f4262 1957
1958 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1959 exit(1);
1960
1961 exit(0);
1962}
dfddba3d 1963 ]])],
d03f4262 1964 [
1965 ssl_library_ver=`cat conftest.ssllibver`
1966 AC_MSG_RESULT($ssl_library_ver)
1967 ],
1968 [
1969 AC_MSG_RESULT(not found)
1970 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 1971 ],
1972 [
1973 AC_MSG_WARN([cross compiling: not checking])
d03f4262 1974 ]
1975)
3c0ef626 1976
e9702f7d 1977# Sanity check OpenSSL headers
1978AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 1979AC_RUN_IFELSE(
1980 [AC_LANG_SOURCE([[
e9702f7d 1981#include <string.h>
1982#include <openssl/opensslv.h>
d03f4262 1983int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 1984 ]])],
e9702f7d 1985 [
1986 AC_MSG_RESULT(yes)
1987 ],
1988 [
1989 AC_MSG_RESULT(no)
7cac2b65 1990 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1991Check config.log for details.
1992Also see contrib/findssl.sh for help identifying header/library mismatches.])
dfddba3d 1993 ],
1994 [
1995 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 1996 ]
1997)
1998
08822d99 1999# Check for OpenSSL without EVP_aes_{192,256}_cbc
2000AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
2001AC_COMPILE_IFELSE(
2002 [AC_LANG_SOURCE([[
2003#include <string.h>
2004#include <openssl/evp.h>
4b6dae8f 2005int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
08822d99 2006 ]])],
2007 [
2008 AC_MSG_RESULT(no)
2009 ],
2010 [
2011 AC_MSG_RESULT(yes)
2012 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2013 [libcrypto is missing AES 192 and 256 bit functions])
2014 ]
2015)
2016
540d72c3 2017# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2018# because the system crypt() is more featureful.
2019if test "x$check_for_libcrypt_before" = "x1"; then
2020 AC_CHECK_LIB(crypt, crypt)
2021fi
2022
2023# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2024# version in OpenSSL.
7cac2b65 2025if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2026 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2027fi
2028
2ce0bfe4 2029AC_CHECK_LIB(iaf, ia_openinfo)
e9702f7d 2030
2031### Configure cryptographic random number support
2032
2033# Check wheter OpenSSL seeds itself
2034AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2035AC_RUN_IFELSE(
2036 [AC_LANG_SOURCE([[
e9702f7d 2037#include <string.h>
2038#include <openssl/rand.h>
d03f4262 2039int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2040 ]])],
e9702f7d 2041 [
2042 OPENSSL_SEEDS_ITSELF=yes
2043 AC_MSG_RESULT(yes)
2044 ],
2045 [
2046 AC_MSG_RESULT(no)
2047 # Default to use of the rand helper if OpenSSL doesn't
2048 # seed itself
2049 USE_RAND_HELPER=yes
dfddba3d 2050 ],
2051 [
2052 AC_MSG_WARN([cross compiling: assuming yes])
2053 # This is safe, since all recent OpenSSL versions will
8b32eddc 2054 # complain at runtime if not seeded correctly.
dfddba3d 2055 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2056 ]
2057)
2058
2059
2060# Do we want to force the use of the rand helper?
2061AC_ARG_WITH(rand-helper,
2062 [ --with-rand-helper Use subprocess to gather strong randomness ],
2063 [
2064 if test "x$withval" = "xno" ; then
540d72c3 2065 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2066 # the previous test showed it to be unseeded.
2067 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2068 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2069 OPENSSL_SEEDS_ITSELF=yes
2070 USE_RAND_HELPER=""
2071 fi
2072 else
2073 USE_RAND_HELPER=yes
2074 fi
2075 ],
8b32eddc 2076)
e9702f7d 2077
2078# Which randomness source do we use?
8b32eddc 2079if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2080 # OpenSSL only
08822d99 2081 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2082 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2083 RAND_MSG="OpenSSL internal ONLY"
2084 INSTALL_SSH_RAND_HELPER=""
2085elif test ! -z "$USE_RAND_HELPER" ; then
2086 # install rand helper
2087 RAND_MSG="ssh-rand-helper"
2088 INSTALL_SSH_RAND_HELPER="yes"
2089fi
2090AC_SUBST(INSTALL_SSH_RAND_HELPER)
2091
2092### Configuration of ssh-rand-helper
2093
2094# PRNGD TCP socket
2095AC_ARG_WITH(prngd-port,
2096 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2097 [
2098 case "$withval" in
2099 no)
2100 withval=""
2101 ;;
2102 [[0-9]]*)
2103 ;;
2104 *)
2105 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2106 ;;
2107 esac
2108 if test ! -z "$withval" ; then
2109 PRNGD_PORT="$withval"
08822d99 2110 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2111 [Port number of PRNGD/EGD random number socket])
e9702f7d 2112 fi
2113 ]
2114)
2115
2116# PRNGD Unix domain socket
2117AC_ARG_WITH(prngd-socket,
2118 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2119 [
2120 case "$withval" in
2121 yes)
2122 withval="/var/run/egd-pool"
2123 ;;
2124 no)
2125 withval=""
2126 ;;
2127 /*)
2128 ;;
2129 *)
2130 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2131 ;;
2132 esac
2133
2134 if test ! -z "$withval" ; then
2135 if test ! -z "$PRNGD_PORT" ; then
2136 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2137 fi
2138 if test ! -r "$withval" ; then
2139 AC_MSG_WARN(Entropy socket is not readable)
2140 fi
2141 PRNGD_SOCKET="$withval"
08822d99 2142 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2143 [Location of PRNGD/EGD random number socket])
e9702f7d 2144 fi
2145 ],
2146 [
2147 # Check for existing socket only if we don't have a random device already
2148 if test "$USE_RAND_HELPER" = yes ; then
2149 AC_MSG_CHECKING(for PRNGD/EGD socket)
2150 # Insert other locations here
2151 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2152 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2153 PRNGD_SOCKET="$sock"
2154 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2155 break;
2156 fi
2157 done
2158 if test ! -z "$PRNGD_SOCKET" ; then
2159 AC_MSG_RESULT($PRNGD_SOCKET)
2160 else
2161 AC_MSG_RESULT(not found)
2162 fi
2163 fi
2164 ]
2165)
2166
2167# Change default command timeout for hashing entropy source
2168entropy_timeout=200
2169AC_ARG_WITH(entropy-timeout,
2170 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2171 [
8b32eddc 2172 if test -n "$withval" && test "x$withval" != "xno" && \
2173 test "x${withval}" != "xyes"; then
e9702f7d 2174 entropy_timeout=$withval
2175 fi
8b32eddc 2176 ]
e9702f7d 2177)
08822d99 2178AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2179 [Builtin PRNG command timeout])
e9702f7d 2180
276b07a3 2181SSH_PRIVSEP_USER=sshd
350391c5 2182AC_ARG_WITH(privsep-user,
2183 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2184 [
8b32eddc 2185 if test -n "$withval" && test "x$withval" != "xno" && \
2186 test "x${withval}" != "xyes"; then
276b07a3 2187 SSH_PRIVSEP_USER=$withval
350391c5 2188 fi
8b32eddc 2189 ]
350391c5 2190)
08822d99 2191AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2192 [non-privileged user for privilege separation])
276b07a3 2193AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2194
2195# We do this little dance with the search path to insure
2196# that programs that we select for use by installed programs
2197# (which may be run by the super-user) come from trusted
2198# locations before they come from the user's private area.
2199# This should help avoid accidentally configuring some
2200# random version of a program in someone's personal bin.
2201
2202OPATH=$PATH
2203PATH=/bin:/usr/bin
2204test -h /bin 2> /dev/null && PATH=/usr/bin
2205test -d /sbin && PATH=$PATH:/sbin
2206test -d /usr/sbin && PATH=$PATH:/usr/sbin
2207PATH=$PATH:/etc:$OPATH
2208
540d72c3 2209# These programs are used by the command hashing source to gather entropy
e9702f7d 2210OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2211OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2212OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2213OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2214OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2215OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2216OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2217OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2218OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2219OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2220OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2221OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2222OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2223OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2224OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2225OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2226# restore PATH
2227PATH=$OPATH
e9702f7d 2228
2229# Where does ssh-rand-helper get its randomness from?
2230INSTALL_SSH_PRNG_CMDS=""
2231if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2232 if test ! -z "$PRNGD_PORT" ; then
2233 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2234 elif test ! -z "$PRNGD_SOCKET" ; then
2235 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2236 else
2237 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2238 RAND_HELPER_CMDHASH=yes
2239 INSTALL_SSH_PRNG_CMDS="yes"
2240 fi
2241fi
2242AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2243
2244
3c0ef626 2245# Cheap hack to ensure NEWS-OS libraries are arranged right.
2246if test ! -z "$SONY" ; then
2247 LIBS="$LIBS -liberty";
2248fi
2249
08822d99 2250# Check for long long datatypes
2251AC_CHECK_TYPES([long long, unsigned long long, long double])
2252
2253# Check datatype sizes
3c0ef626 2254AC_CHECK_SIZEOF(char, 1)
2255AC_CHECK_SIZEOF(short int, 2)
2256AC_CHECK_SIZEOF(int, 4)
2257AC_CHECK_SIZEOF(long int, 4)
2258AC_CHECK_SIZEOF(long long int, 8)
2259
350391c5 2260# Sanity check long long for some platforms (AIX)
2261if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2262 ac_cv_sizeof_long_long_int=0
2263fi
2264
08822d99 2265# compute LLONG_MIN and LLONG_MAX if we don't know them.
2266if test -z "$have_llong_max"; then
2267 AC_MSG_CHECKING([for max value of long long])
2268 AC_RUN_IFELSE(
2269 [AC_LANG_SOURCE([[
2270#include <stdio.h>
2271/* Why is this so damn hard? */
2272#ifdef __GNUC__
2273# undef __GNUC__
2274#endif
2275#define __USE_ISOC99
2276#include <limits.h>
2277#define DATA "conftest.llminmax"
2278int main(void) {
2279 FILE *f;
2280 long long i, llmin, llmax = 0;
2281
2282 if((f = fopen(DATA,"w")) == NULL)
2283 exit(1);
2284
2285#if defined(LLONG_MIN) && defined(LLONG_MAX)
2286 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2287 llmin = LLONG_MIN;
2288 llmax = LLONG_MAX;
2289#else
2290 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2291 /* This will work on one's complement and two's complement */
2292 for (i = 1; i > llmax; i <<= 1, i++)
2293 llmax = i;
2294 llmin = llmax + 1LL; /* wrap */
2295#endif
2296
2297 /* Sanity check */
2298 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
2299 || llmax - 1 > llmax) {
2300 fprintf(f, "unknown unknown\n");
2301 exit(2);
2302 }
2303
2304 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
2305 exit(3);
2306
2307 exit(0);
2308}
2309 ]])],
2310 [
2311 llong_min=`$AWK '{print $1}' conftest.llminmax`
2312 llong_max=`$AWK '{print $2}' conftest.llminmax`
2313
2314 # snprintf on some Tru64s doesn't understand "%lld"
2315 case "$host" in
2316 alpha-dec-osf*)
2317 if test "x$ac_cv_sizeof_long_long_int" = "x8" &&
2318 test "x$llong_max" = "xld"; then
2319 llong_min="-9223372036854775808"
2320 llong_max="9223372036854775807"
2321 fi
2322 ;;
2323 esac
2324
2325 AC_MSG_RESULT($llong_max)
2326 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2327 [max value of long long calculated by configure])
2328 AC_MSG_CHECKING([for min value of long long])
2329 AC_MSG_RESULT($llong_min)
2330 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2331 [min value of long long calculated by configure])
2332 ],
2333 [
2334 AC_MSG_RESULT(not found)
2335 ],
2336 [
2337 AC_MSG_WARN([cross compiling: not checking])
2338 ]
2339 )
2340fi
2341
2342
3c0ef626 2343# More checks for data types
2344AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2345 AC_TRY_COMPILE(
540d72c3 2346 [ #include <sys/types.h> ],
2347 [ u_int a; a = 1;],
3c0ef626 2348 [ ac_cv_have_u_int="yes" ],
2349 [ ac_cv_have_u_int="no" ]
2350 )
2351])
2352if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2353 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2354 have_u_int=1
2355fi
2356
2357AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2358 AC_TRY_COMPILE(
540d72c3 2359 [ #include <sys/types.h> ],
2360 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2361 [ ac_cv_have_intxx_t="yes" ],
2362 [ ac_cv_have_intxx_t="no" ]
2363 )
2364])
2365if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2366 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2367 have_intxx_t=1
2368fi
2369
2370if (test -z "$have_intxx_t" && \
540d72c3 2371 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2372then
2373 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2374 AC_TRY_COMPILE(
540d72c3 2375 [ #include <stdint.h> ],
2376 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2377 [
2378 AC_DEFINE(HAVE_INTXX_T)
2379 AC_MSG_RESULT(yes)
2380 ],
2381 [ AC_MSG_RESULT(no) ]
2382 )
2383fi
2384
2385AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2386 AC_TRY_COMPILE(
d03f4262 2387 [
2388#include <sys/types.h>
2389#ifdef HAVE_STDINT_H
2390# include <stdint.h>
2391#endif
2392#include <sys/socket.h>
2393#ifdef HAVE_SYS_BITYPES_H
2394# include <sys/bitypes.h>
2395#endif
540d72c3 2396 ],
2397 [ int64_t a; a = 1;],
3c0ef626 2398 [ ac_cv_have_int64_t="yes" ],
2399 [ ac_cv_have_int64_t="no" ]
2400 )
2401])
2402if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2403 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2404fi
2405
3c0ef626 2406AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2407 AC_TRY_COMPILE(
540d72c3 2408 [ #include <sys/types.h> ],
2409 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2410 [ ac_cv_have_u_intxx_t="yes" ],
2411 [ ac_cv_have_u_intxx_t="no" ]
2412 )
2413])
2414if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2415 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2416 have_u_intxx_t=1
2417fi
2418
2419if test -z "$have_u_intxx_t" ; then
2420 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2421 AC_TRY_COMPILE(
540d72c3 2422 [ #include <sys/socket.h> ],
2423 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2424 [
2425 AC_DEFINE(HAVE_U_INTXX_T)
2426 AC_MSG_RESULT(yes)
2427 ],
2428 [ AC_MSG_RESULT(no) ]
2429 )
2430fi
2431
2432AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2433 AC_TRY_COMPILE(
540d72c3 2434 [ #include <sys/types.h> ],
2435 [ u_int64_t a; a = 1;],
3c0ef626 2436 [ ac_cv_have_u_int64_t="yes" ],
2437 [ ac_cv_have_u_int64_t="no" ]
2438 )
2439])
2440if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2441 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2442 have_u_int64_t=1
2443fi
2444
e9702f7d 2445if test -z "$have_u_int64_t" ; then
2446 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2447 AC_TRY_COMPILE(
540d72c3 2448 [ #include <sys/bitypes.h> ],
e9702f7d 2449 [ u_int64_t a; a = 1],
2450 [
2451 AC_DEFINE(HAVE_U_INT64_T)
2452 AC_MSG_RESULT(yes)
2453 ],
2454 [ AC_MSG_RESULT(no) ]
2455 )
2456fi
2457
3c0ef626 2458if test -z "$have_u_intxx_t" ; then
2459 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2460 AC_TRY_COMPILE(
2461 [
2462#include <sys/types.h>
540d72c3 2463 ],
2464 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2465 [ ac_cv_have_uintxx_t="yes" ],
2466 [ ac_cv_have_uintxx_t="no" ]
2467 )
2468 ])
2469 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2470 AC_DEFINE(HAVE_UINTXX_T, 1,
2471 [define if you have uintxx_t data type])
3c0ef626 2472 fi
2473fi
2474
2475if test -z "$have_uintxx_t" ; then
2476 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2477 AC_TRY_COMPILE(
540d72c3 2478 [ #include <stdint.h> ],
2479 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2480 [
2481 AC_DEFINE(HAVE_UINTXX_T)
2482 AC_MSG_RESULT(yes)
2483 ],
2484 [ AC_MSG_RESULT(no) ]
2485 )
2486fi
2487
2488if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2489 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2490then
2491 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2492 AC_TRY_COMPILE(
2493 [
2494#include <sys/bitypes.h>
540d72c3 2495 ],
3c0ef626 2496 [
2497 int8_t a; int16_t b; int32_t c;
2498 u_int8_t e; u_int16_t f; u_int32_t g;
2499 a = b = c = e = f = g = 1;
540d72c3 2500 ],
3c0ef626 2501 [
2502 AC_DEFINE(HAVE_U_INTXX_T)
2503 AC_DEFINE(HAVE_INTXX_T)
2504 AC_MSG_RESULT(yes)
2505 ],
2506 [AC_MSG_RESULT(no)]
540d72c3 2507 )
3c0ef626 2508fi
2509
2510
2511AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2512 AC_TRY_COMPILE(
2513 [
2514#include <sys/types.h>
2515 ],
2516 [ u_char foo; foo = 125; ],
2517 [ ac_cv_have_u_char="yes" ],
2518 [ ac_cv_have_u_char="no" ]
2519 )
2520])
2521if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2522 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2523fi
2524
2525TYPE_SOCKLEN_T
2526
e9702f7d 2527AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2528
dfddba3d 2529AC_CHECK_TYPES(in_addr_t,,,
2530[#include <sys/types.h>
2531#include <netinet/in.h>])
2532
3c0ef626 2533AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2534 AC_TRY_COMPILE(
2535 [
2536#include <sys/types.h>
2537 ],
2538 [ size_t foo; foo = 1235; ],
2539 [ ac_cv_have_size_t="yes" ],
2540 [ ac_cv_have_size_t="no" ]
2541 )
2542])
2543if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2544 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2545fi
2546
2547AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2548 AC_TRY_COMPILE(
2549 [
2550#include <sys/types.h>
2551 ],
2552 [ ssize_t foo; foo = 1235; ],
2553 [ ac_cv_have_ssize_t="yes" ],
2554 [ ac_cv_have_ssize_t="no" ]
2555 )
2556])
2557if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2558 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2559fi
2560
2561AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2562 AC_TRY_COMPILE(
2563 [
2564#include <time.h>
2565 ],
2566 [ clock_t foo; foo = 1235; ],
2567 [ ac_cv_have_clock_t="yes" ],
2568 [ ac_cv_have_clock_t="no" ]
2569 )
2570])
2571if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2572 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2573fi
2574
2575AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2576 AC_TRY_COMPILE(
2577 [
2578#include <sys/types.h>
2579#include <sys/socket.h>
2580 ],
2581 [ sa_family_t foo; foo = 1235; ],
2582 [ ac_cv_have_sa_family_t="yes" ],
2583 [ AC_TRY_COMPILE(
2584 [
2585#include <sys/types.h>
2586#include <sys/socket.h>
2587#include <netinet/in.h>
2588 ],
2589 [ sa_family_t foo; foo = 1235; ],
2590 [ ac_cv_have_sa_family_t="yes" ],
2591
2592 [ ac_cv_have_sa_family_t="no" ]
2593 )]
2594 )
2595])
2596if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2597 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2598 [define if you have sa_family_t data type])
3c0ef626 2599fi
2600
2601AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2602 AC_TRY_COMPILE(
2603 [
2604#include <sys/types.h>
2605 ],
2606 [ pid_t foo; foo = 1235; ],
2607 [ ac_cv_have_pid_t="yes" ],
2608 [ ac_cv_have_pid_t="no" ]
2609 )
2610])
2611if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2612 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2613fi
2614
2615AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2616 AC_TRY_COMPILE(
2617 [
2618#include <sys/types.h>
2619 ],
2620 [ mode_t foo; foo = 1235; ],
2621 [ ac_cv_have_mode_t="yes" ],
2622 [ ac_cv_have_mode_t="no" ]
2623 )
2624])
2625if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2626 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2627fi
2628
2629
2630AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2631 AC_TRY_COMPILE(
2632 [
2633#include <sys/types.h>
2634#include <sys/socket.h>
2635 ],
2636 [ struct sockaddr_storage s; ],
2637 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2638 [ ac_cv_have_struct_sockaddr_storage="no" ]
2639 )
2640])
2641if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2642 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2643 [define if you have struct sockaddr_storage data type])
3c0ef626 2644fi
2645
2646AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2647 AC_TRY_COMPILE(
2648 [
2649#include <sys/types.h>
2650#include <netinet/in.h>
2651 ],
2652 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2653 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2654 [ ac_cv_have_struct_sockaddr_in6="no" ]
2655 )
2656])
2657if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2658 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2659 [define if you have struct sockaddr_in6 data type])
3c0ef626 2660fi
2661
2662AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2663 AC_TRY_COMPILE(
2664 [
2665#include <sys/types.h>
2666#include <netinet/in.h>
2667 ],
2668 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2669 [ ac_cv_have_struct_in6_addr="yes" ],
2670 [ ac_cv_have_struct_in6_addr="no" ]
2671 )
2672])
2673if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2674 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2675 [define if you have struct in6_addr data type])
3c0ef626 2676fi
2677
2678AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2679 AC_TRY_COMPILE(
2680 [
2681#include <sys/types.h>
2682#include <sys/socket.h>
2683#include <netdb.h>
2684 ],
2685 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2686 [ ac_cv_have_struct_addrinfo="yes" ],
2687 [ ac_cv_have_struct_addrinfo="no" ]
2688 )
2689])
2690if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2691 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2692 [define if you have struct addrinfo data type])
3c0ef626 2693fi
2694
2695AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2696 AC_TRY_COMPILE(
540d72c3 2697 [ #include <sys/time.h> ],
2698 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2699 [ ac_cv_have_struct_timeval="yes" ],
2700 [ ac_cv_have_struct_timeval="no" ]
2701 )
2702])
2703if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2704 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2705 have_struct_timeval=1
2706fi
2707
bfe49944 2708AC_CHECK_TYPES(struct timespec)
2709
2710# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2711if test "x$ac_cv_have_int64_t" = "xno" && \
2712 test "x$ac_cv_sizeof_long_int" != "x8" && \
2713 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2714 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2715 echo "an alternative compiler (I.E., GCC) before continuing."
2716 echo ""
2717 exit 1;
3c0ef626 2718else
2719dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2720 AC_RUN_IFELSE(
2721 [AC_LANG_SOURCE([[
3c0ef626 2722#include <stdio.h>
2723#include <string.h>
2724#ifdef HAVE_SNPRINTF
2725main()
2726{
2727 char buf[50];
2728 char expected_out[50];
2729 int mazsize = 50 ;
2730#if (SIZEOF_LONG_INT == 8)
2731 long int num = 0x7fffffffffffffff;
2732#else
2733 long long num = 0x7fffffffffffffffll;
2734#endif
2735 strcpy(expected_out, "9223372036854775807");
2736 snprintf(buf, mazsize, "%lld", num);
2737 if(strcmp(buf, expected_out) != 0)
540d72c3 2738 exit(1);
3c0ef626 2739 exit(0);
2740}
2741#else
2742main() { exit(0); }
2743#endif
dfddba3d 2744 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2745 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2746 )
2747fi
3c0ef626 2748
2749dnl Checks for structure members
2750OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2751OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2752OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2753OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2754OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2755OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2756OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2757OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2758OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2759OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2760OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2761OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2762OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2763OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2764OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2765OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2766OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2767
2768AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 2769AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2770 [Define if we don't have struct __res_state in resolv.h])],
2771[
2772#include <stdio.h>
2773#if HAVE_SYS_TYPES_H
2774# include <sys/types.h>
2775#endif
2776#include <netinet/in.h>
2777#include <arpa/nameser.h>
2778#include <resolv.h>
2779])
3c0ef626 2780
2781AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2782 ac_cv_have_ss_family_in_struct_ss, [
2783 AC_TRY_COMPILE(
2784 [
2785#include <sys/types.h>
2786#include <sys/socket.h>
2787 ],
2788 [ struct sockaddr_storage s; s.ss_family = 1; ],
2789 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2790 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2791 )
2792])
2793if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 2794 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2795fi
2796
2797AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2798 ac_cv_have___ss_family_in_struct_ss, [
2799 AC_TRY_COMPILE(
2800 [
2801#include <sys/types.h>
2802#include <sys/socket.h>
2803 ],
2804 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2805 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2806 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2807 )
2808])
2809if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 2810 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2811 [Fields in struct sockaddr_storage])
3c0ef626 2812fi
2813
2814AC_CACHE_CHECK([for pw_class field in struct passwd],
2815 ac_cv_have_pw_class_in_struct_passwd, [
2816 AC_TRY_COMPILE(
2817 [
2818#include <pwd.h>
2819 ],
2820 [ struct passwd p; p.pw_class = 0; ],
2821 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2822 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2823 )
2824])
2825if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 2826 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2827 [Define if your password has a pw_class field])
3c0ef626 2828fi
2829
2830AC_CACHE_CHECK([for pw_expire field in struct passwd],
2831 ac_cv_have_pw_expire_in_struct_passwd, [
2832 AC_TRY_COMPILE(
2833 [
2834#include <pwd.h>
2835 ],
2836 [ struct passwd p; p.pw_expire = 0; ],
2837 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2838 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2839 )
2840])
2841if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 2842 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2843 [Define if your password has a pw_expire field])
3c0ef626 2844fi
2845
2846AC_CACHE_CHECK([for pw_change field in struct passwd],
2847 ac_cv_have_pw_change_in_struct_passwd, [
2848 AC_TRY_COMPILE(
2849 [
2850#include <pwd.h>
2851 ],
2852 [ struct passwd p; p.pw_change = 0; ],
2853 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2854 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2855 )
2856])
2857if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 2858 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2859 [Define if your password has a pw_change field])
3c0ef626 2860fi
2861
541874c2 2862dnl make sure we're using the real structure members and not defines
350391c5 2863AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2864 ac_cv_have_accrights_in_msghdr, [
dfddba3d 2865 AC_COMPILE_IFELSE(
350391c5 2866 [
2867#include <sys/types.h>
2868#include <sys/socket.h>
2869#include <sys/uio.h>
541874c2 2870int main() {
2871#ifdef msg_accrights
dfddba3d 2872#error "msg_accrights is a macro"
541874c2 2873exit(1);
2874#endif
2875struct msghdr m;
2876m.msg_accrights = 0;
2877exit(0);
2878}
350391c5 2879 ],
350391c5 2880 [ ac_cv_have_accrights_in_msghdr="yes" ],
2881 [ ac_cv_have_accrights_in_msghdr="no" ]
2882 )
2883])
2884if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 2885 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2886 [Define if your system uses access rights style
2887 file descriptor passing])
350391c5 2888fi
2889
2890AC_CACHE_CHECK([for msg_control field in struct msghdr],
2891 ac_cv_have_control_in_msghdr, [
dfddba3d 2892 AC_COMPILE_IFELSE(
350391c5 2893 [
2894#include <sys/types.h>
2895#include <sys/socket.h>
2896#include <sys/uio.h>
541874c2 2897int main() {
2898#ifdef msg_control
dfddba3d 2899#error "msg_control is a macro"
541874c2 2900exit(1);
2901#endif
2902struct msghdr m;
2903m.msg_control = 0;
2904exit(0);
2905}
350391c5 2906 ],
350391c5 2907 [ ac_cv_have_control_in_msghdr="yes" ],
2908 [ ac_cv_have_control_in_msghdr="no" ]
2909 )
2910])
2911if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 2912 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2913 [Define if your system uses ancillary data style
2914 file descriptor passing])
350391c5 2915fi
2916
3c0ef626 2917AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 2918 AC_TRY_LINK([],
2919 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 2920 [ ac_cv_libc_defines___progname="yes" ],
2921 [ ac_cv_libc_defines___progname="no" ]
2922 )
2923])
2924if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 2925 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 2926fi
2927
350391c5 2928AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2929 AC_TRY_LINK([
2930#include <stdio.h>
540d72c3 2931],
2932 [ printf("%s", __FUNCTION__); ],
350391c5 2933 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2934 [ ac_cv_cc_implements___FUNCTION__="no" ]
2935 )
2936])
2937if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 2938 AC_DEFINE(HAVE___FUNCTION__, 1,
2939 [Define if compiler implements __FUNCTION__])
350391c5 2940fi
2941
2942AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2943 AC_TRY_LINK([
2944#include <stdio.h>
540d72c3 2945],
2946 [ printf("%s", __func__); ],
350391c5 2947 [ ac_cv_cc_implements___func__="yes" ],
2948 [ ac_cv_cc_implements___func__="no" ]
2949 )
2950])
2951if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 2952 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
2953fi
2954
2955AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2956 AC_TRY_LINK(
2957 [#include <stdarg.h>
2958 va_list x,y;],
2959 [va_copy(x,y);],
2960 [ ac_cv_have_va_copy="yes" ],
2961 [ ac_cv_have_va_copy="no" ]
2962 )
2963])
2964if test "x$ac_cv_have_va_copy" = "xyes" ; then
2965 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2966fi
2967
2968AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2969 AC_TRY_LINK(
2970 [#include <stdarg.h>
2971 va_list x,y;],
2972 [__va_copy(x,y);],
2973 [ ac_cv_have___va_copy="yes" ],
2974 [ ac_cv_have___va_copy="no" ]
2975 )
2976])
2977if test "x$ac_cv_have___va_copy" = "xyes" ; then
2978 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 2979fi
2980
3c0ef626 2981AC_CACHE_CHECK([whether getopt has optreset support],
2982 ac_cv_have_getopt_optreset, [
2983 AC_TRY_LINK(
2984 [
2985#include <getopt.h>
2986 ],
2987 [ extern int optreset; optreset = 0; ],
2988 [ ac_cv_have_getopt_optreset="yes" ],
2989 [ ac_cv_have_getopt_optreset="no" ]
2990 )
2991])
2992if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 2993 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2994 [Define if your getopt(3) defines and uses optreset])
3c0ef626 2995fi
2996
2997AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 2998 AC_TRY_LINK([],
2999 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3000 [ ac_cv_libc_defines_sys_errlist="yes" ],
3001 [ ac_cv_libc_defines_sys_errlist="no" ]
3002 )
3003])
3004if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 3005 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3006 [Define if your system defines sys_errlist[]])
3c0ef626 3007fi
3008
3009
3010AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3011 AC_TRY_LINK([],
3012 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3013 [ ac_cv_libc_defines_sys_nerr="yes" ],
3014 [ ac_cv_libc_defines_sys_nerr="no" ]
3015 )
3016])
3017if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3018 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3019fi
3020
540d72c3 3021SCARD_MSG="no"
350391c5 3022# Check whether user wants sectok support
3023AC_ARG_WITH(sectok,
3024 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3025 [
3026 if test "x$withval" != "xno" ; then
3027 if test "x$withval" != "xyes" ; then
3028 CPPFLAGS="$CPPFLAGS -I${withval}"
3029 LDFLAGS="$LDFLAGS -L${withval}"
3030 if test ! -z "$need_dash_r" ; then
3031 LDFLAGS="$LDFLAGS -R${withval}"
3032 fi
3033 if test ! -z "$blibpath" ; then
3034 blibpath="$blibpath:${withval}"
3035 fi
3036 fi
3037 AC_CHECK_HEADERS(sectok.h)
3038 if test "$ac_cv_header_sectok_h" != yes; then
3039 AC_MSG_ERROR(Can't find sectok.h)
3040 fi
3041 AC_CHECK_LIB(sectok, sectok_open)
3042 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3043 AC_MSG_ERROR(Can't find libsectok)
3044 fi
08822d99 3045 AC_DEFINE(SMARTCARD, 1,
3046 [Define if you want smartcard support])
3047 AC_DEFINE(USE_SECTOK, 1,
3048 [Define if you want smartcard support
3049 using sectok])
540d72c3 3050 SCARD_MSG="yes, using sectok"
3c0ef626 3051 fi
3052 ]
3053)
3054
350391c5 3055# Check whether user wants OpenSC support
8b32eddc 3056OPENSC_CONFIG="no"
350391c5 3057AC_ARG_WITH(opensc,
08822d99 3058 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3059 [
3060 if test "x$withval" != "xno" ; then
3061 if test "x$withval" != "xyes" ; then
3062 OPENSC_CONFIG=$withval/bin/opensc-config
3063 else
3064 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3065 fi
3066 if test "$OPENSC_CONFIG" != "no"; then
3067 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3068 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3069 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
3070 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
3071 AC_DEFINE(SMARTCARD)
08822d99 3072 AC_DEFINE(USE_OPENSC, 1,
3073 [Define if you want smartcard support
3074 using OpenSC])
8b32eddc 3075 SCARD_MSG="yes, using OpenSC"
3076 fi
3077 fi
3078 ]
3079)
350391c5 3080
540d72c3 3081# Check libraries needed by DNS fingerprint support
3082AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3083 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3084 [Define if getrrsetbyname() exists])],
7cac2b65 3085 [
540d72c3 3086 # Needed by our getrrsetbyname()
3087 AC_SEARCH_LIBS(res_query, resolv)
3088 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3089 AC_MSG_CHECKING(if res_query will link)
3090 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3091 [AC_MSG_RESULT(no)
3092 saved_LIBS="$LIBS"
3093 LIBS="$LIBS -lresolv"
3094 AC_MSG_CHECKING(for res_query in -lresolv)
3095 AC_LINK_IFELSE([
3096#include <resolv.h>
3097int main()
3098{
3099 res_query (0, 0, 0, 0, 0);
3100 return 0;
3101}
3102 ],
3103 [LIBS="$LIBS -lresolv"
3104 AC_MSG_RESULT(yes)],
3105 [LIBS="$saved_LIBS"
3106 AC_MSG_RESULT(no)])
3107 ])
540d72c3 3108 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3109 AC_CHECK_DECLS([_getshort, _getlong], , ,
3110 [#include <sys/types.h>
3111 #include <arpa/nameser.h>])
540d72c3 3112 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3113 [AC_DEFINE(HAVE_HEADER_AD, 1,
3114 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3115 [#include <arpa/nameser.h>])
3116 ])
7cac2b65 3117
63119dd9 3118# Check whether user wants Kerberos 5 support
540d72c3 3119KRB5_MSG="no"
63119dd9 3120AC_ARG_WITH(kerberos5,
540d72c3 3121 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3122 [ if test "x$withval" != "xno" ; then
3123 if test "x$withval" = "xyes" ; then
3124 KRB5ROOT="/usr/local"
3125 else
3126 KRB5ROOT=${withval}
3127 fi
3128
08822d99 3129 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3130 KRB5_MSG="yes"
3131
3132 AC_MSG_CHECKING(for krb5-config)
3133 if test -x $KRB5ROOT/bin/krb5-config ; then
3134 KRB5CONF=$KRB5ROOT/bin/krb5-config
3135 AC_MSG_RESULT($KRB5CONF)
3136
3137 AC_MSG_CHECKING(for gssapi support)
3138 if $KRB5CONF | grep gssapi >/dev/null ; then
3139 AC_MSG_RESULT(yes)
08822d99 3140 AC_DEFINE(GSSAPI, 1,
3141 [Define this if you want GSSAPI
3142 support in the version 2 protocol])
540d72c3 3143 k5confopts=gssapi
3144 else
3145 AC_MSG_RESULT(no)
3146 k5confopts=""
3147 fi
3148 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3149 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3150 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3151 AC_MSG_CHECKING(whether we are using Heimdal)
3152 AC_TRY_COMPILE([ #include <krb5.h> ],
3153 [ char *tmp = heimdal_version; ],
3154 [ AC_MSG_RESULT(yes)
08822d99 3155 AC_DEFINE(HEIMDAL, 1,
3156 [Define this if you are using the
3157 Heimdal version of Kerberos V5]) ],
540d72c3 3158 AC_MSG_RESULT(no)
3159 )
3160 else
3161 AC_MSG_RESULT(no)
63119dd9 3162 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3163 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3164 AC_MSG_CHECKING(whether we are using Heimdal)
3165 AC_TRY_COMPILE([ #include <krb5.h> ],
3166 [ char *tmp = heimdal_version; ],
3167 [ AC_MSG_RESULT(yes)
3168 AC_DEFINE(HEIMDAL)
7e82606e 3169 K5LIBS="-lkrb5 -ldes"
3170 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3171 AC_CHECK_LIB(roken, net_write,
7e82606e 3172 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3173 ],
3174 [ AC_MSG_RESULT(no)
3175 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3176 ]
3177 )
7cac2b65 3178 AC_SEARCH_LIBS(dn_expand, resolv)
3179
3180 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3181 [ AC_DEFINE(GSSAPI)
3182 K5LIBS="-lgssapi $K5LIBS" ],
3183 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3184 [ AC_DEFINE(GSSAPI)
540d72c3 3185 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3186 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3187 $K5LIBS)
3188 ],
3189 $K5LIBS)
8b32eddc 3190
7cac2b65 3191 AC_CHECK_HEADER(gssapi.h, ,
3192 [ unset ac_cv_header_gssapi_h
540d72c3 3193 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3194 AC_CHECK_HEADERS(gssapi.h, ,
3195 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3196 )
7cac2b65 3197 ]
3198 )
3199
3200 oldCPP="$CPPFLAGS"
3201 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3202 AC_CHECK_HEADER(gssapi_krb5.h, ,
3203 [ CPPFLAGS="$oldCPP" ])
63119dd9 3204
1c89237d 3205 # If we're using some other GSSAPI
3206 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3207 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3208 fi
5598e598 3209
540d72c3 3210 if test -z "$GSSAPI"; then
3211 GSSAPI="KRB5";
3212 fi
1c89237d 3213
5598e598 3214 oldCPP="$CPPFLAGS"
3215 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3216 AC_CHECK_HEADER(gssapi_krb5.h, ,
3217 [ CPPFLAGS="$oldCPP" ])
3218
63119dd9 3219 fi
540d72c3 3220 if test ! -z "$need_dash_r" ; then
3221 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3222 fi
3223 if test ! -z "$blibpath" ; then
3224 blibpath="$blibpath:${KRB5ROOT}/lib"
3225 fi
540d72c3 3226
08822d99 3227 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3228 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3229 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3230
08822d99 3231 LIBS="$LIBS $K5LIBS"
3232 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3233 [Define this if you want to use libkafs' AFS support]))
3234 fi
540d72c3 3235 ]
63119dd9 3236)
3c0ef626 3237
62eb343a 3238# Check whether user wants AFS_KRB5 support
3239AFS_KRB5_MSG="no"
3240AC_ARG_WITH(afs-krb5,
3241 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3242 [
3243 if test "x$withval" != "xno" ; then
3244
3245 if test "x$withval" != "xyes" ; then
08822d99 3246 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3247 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3248 else
08822d99 3249 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3250 "/usr/bin/aklog",
3251 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3252 fi
3253
540d72c3 3254 if test -z "$KRB5ROOT" ; then
62eb343a 3255 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3256 fi
3257
0a00e8f9 3258 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3259 if test ! -z "$AFS_LIBS" ; then
3260 LIBS="$LIBS $AFS_LIBS"
3261 fi
08822d99 3262 AC_DEFINE(AFS_KRB5, 1,
3263 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3264 AFS_KRB5_MSG="yes"
3265 fi
3266 ]
3267)
3c0ef626 3268
75be3237 3269AC_ARG_WITH(session-hooks,
3270 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3271 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3272)
3273
3c0ef626 3274# Looking for programs, paths and files
3c0ef626 3275
350391c5 3276PRIVSEP_PATH=/var/empty
3277AC_ARG_WITH(privsep-path,
d03f4262 3278 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3279 [
8b32eddc 3280 if test -n "$withval" && test "x$withval" != "xno" && \
3281 test "x${withval}" != "xyes"; then
350391c5 3282 PRIVSEP_PATH=$withval
3283 fi
3284 ]
3285)
3286AC_SUBST(PRIVSEP_PATH)
3287
3c0ef626 3288AC_ARG_WITH(xauth,
3289 [ --with-xauth=PATH Specify path to xauth program ],
3290 [
8b32eddc 3291 if test -n "$withval" && test "x$withval" != "xno" && \
3292 test "x${withval}" != "xyes"; then
3c0ef626 3293 xauth_path=$withval
3294 fi
3295 ],
3296 [
d03f4262 3297 TestPath="$PATH"
3298 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3299 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3300 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3301 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3302 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3303 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3304 xauth_path="/usr/openwin/bin/xauth"
3305 fi
3306 ]
3307)
3308
bfe49944 3309STRIP_OPT=-s
3310AC_ARG_ENABLE(strip,
3311 [ --disable-strip Disable calling strip(1) on install],
3312 [
3313 if test "x$enableval" = "xno" ; then
3314 STRIP_OPT=
3315 fi
3316 ]
3317)
3318AC_SUBST(STRIP_OPT)
3319
3c0ef626 3320if test -z "$xauth_path" ; then
3321 XAUTH_PATH="undefined"
3322 AC_SUBST(XAUTH_PATH)
3323else
08822d99 3324 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3325 [Define if xauth is found in your path])
3c0ef626 3326 XAUTH_PATH=$xauth_path
3327 AC_SUBST(XAUTH_PATH)
3328fi
3c0ef626 3329
3330# Check for mail directory (last resort if we cannot get it from headers)
3331if test ! -z "$MAIL" ; then
3332 maildir=`dirname $MAIL`
08822d99 3333 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3334 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3335fi
3336
dfddba3d 3337if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3338 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3339 disable_ptmx_check=yes
3340fi
3c0ef626 3341if test -z "$no_dev_ptmx" ; then
350391c5 3342 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3343 AC_CHECK_FILE("/dev/ptmx",
350391c5 3344 [
08822d99 3345 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3346 [Define if you have /dev/ptmx])
350391c5 3347 have_dev_ptmx=1
3348 ]
3349 )
3350 fi
3c0ef626 3351fi
dfddba3d 3352
3353if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3354 AC_CHECK_FILE("/dev/ptc",
3355 [
08822d99 3356 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3357 [Define if you have /dev/ptc])
dfddba3d 3358 have_dev_ptc=1
3359 ]
3360 )
3361else
3362 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3363fi
3c0ef626 3364
3365# Options from here on. Some of these are preset by platform above
3c0ef626 3366AC_ARG_WITH(mantype,
3367 [ --with-mantype=man|cat|doc Set man page type],
3368 [
3369 case "$withval" in
3370 man|cat|doc)
3371 MANTYPE=$withval
3372 ;;
3373 *)
3374 AC_MSG_ERROR(invalid man type: $withval)
3375 ;;
3376 esac
3377 ]
3378)
3379if test -z "$MANTYPE"; then
d03f4262 3380 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3381 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3382 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3383 MANTYPE=doc
3384 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3385 MANTYPE=man
3386 else
3387 MANTYPE=cat
3388 fi
3389fi
3390AC_SUBST(MANTYPE)
3391if test "$MANTYPE" = "doc"; then
3392 mansubdir=man;
3393else
3394 mansubdir=$MANTYPE;
3395fi
3396AC_SUBST(mansubdir)
3397
3398# Check whether to enable MD5 passwords
540d72c3 3399MD5_MSG="no"
3c0ef626 3400AC_ARG_WITH(md5-passwords,
3401 [ --with-md5-passwords Enable use of MD5 passwords],
3402 [
3403 if test "x$withval" != "xno" ; then
08822d99 3404 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3405 [Define if you want to allow MD5 passwords])
540d72c3 3406 MD5_MSG="yes"
3c0ef626 3407 fi
3408 ]
3409)
3410
3411# Whether to disable shadow password support
3412AC_ARG_WITH(shadow,
3413 [ --without-shadow Disable shadow password support],
3414 [
8b32eddc 3415 if test "x$withval" = "xno" ; then
3c0ef626 3416 AC_DEFINE(DISABLE_SHADOW)
3417 disable_shadow=yes
3418 fi
3419 ]
3420)
3421
3422if test -z "$disable_shadow" ; then
3423 AC_MSG_CHECKING([if the systems has expire shadow information])
3424 AC_TRY_COMPILE(
3425 [
3426#include <sys/types.h>
3427#include <shadow.h>
3428 struct spwd sp;
3429 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3430 [ sp_expire_available=yes ], []
3431 )
3432
3433 if test "x$sp_expire_available" = "xyes" ; then
3434 AC_MSG_RESULT(yes)
08822d99 3435 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3436 [Define if you want to use shadow password expire field])
3c0ef626 3437 else
3438 AC_MSG_RESULT(no)
3439 fi
3440fi
3441
3442# Use ip address instead of hostname in $DISPLAY
3443if test ! -z "$IPADDR_IN_DISPLAY" ; then
3444 DISPLAY_HACK_MSG="yes"
08822d99 3445 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3446 [Define if you need to use IP address
3447 instead of hostname in $DISPLAY])
3c0ef626 3448else
540d72c3 3449 DISPLAY_HACK_MSG="no"
3c0ef626 3450 AC_ARG_WITH(ipaddr-display,
3451 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3452 [
8b32eddc 3453 if test "x$withval" != "xno" ; then
3c0ef626 3454 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3455 DISPLAY_HACK_MSG="yes"
3c0ef626 3456 fi
3457 ]
3458 )
3459fi
3460
7cac2b65 3461# check for /etc/default/login and use it if present.
29d88157 3462AC_ARG_ENABLE(etc-default-login,
dfddba3d 3463 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3464 [ if test "x$enableval" = "xno"; then
3465 AC_MSG_NOTICE([/etc/default/login handling disabled])
3466 etc_default_login=no
3467 else
3468 etc_default_login=yes
3469 fi ],
08822d99 3470 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3471 then
3472 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3473 etc_default_login=no
3474 else
3475 etc_default_login=yes
3476 fi ]
dfddba3d 3477)
3478
3479if test "x$etc_default_login" != "xno"; then
3480 AC_CHECK_FILE("/etc/default/login",
3481 [ external_path_file=/etc/default/login ])
08822d99 3482 if test "x$external_path_file" = "x/etc/default/login"; then
3483 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3484 [Define if your system has /etc/default/login])
dfddba3d 3485 fi
7cac2b65 3486fi
3487
350391c5 3488dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3489if test $ac_cv_func_login_getcapbool = "yes" && \
3490 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3491 external_path_file=/etc/login.conf
350391c5 3492fi
7cac2b65 3493
3c0ef626 3494# Whether to mess with the default path
540d72c3 3495SERVER_PATH_MSG="(default)"
3c0ef626 3496AC_ARG_WITH(default-path,
350391c5 3497 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3498 [
7cac2b65 3499 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3500 AC_MSG_WARN([
3501--with-default-path=PATH has no effect on this system.
3502Edit /etc/login.conf instead.])
8b32eddc 3503 elif test "x$withval" != "xno" ; then
7cac2b65 3504 if test ! -z "$external_path_file" ; then
3505 AC_MSG_WARN([
3506--with-default-path=PATH will only be used if PATH is not defined in
3507$external_path_file .])
3508 fi
3c0ef626 3509 user_path="$withval"
540d72c3 3510 SERVER_PATH_MSG="$withval"
3c0ef626 3511 fi
3512 ],
7cac2b65 3513 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3514 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3515 else
7cac2b65 3516 if test ! -z "$external_path_file" ; then
3517 AC_MSG_WARN([
3518If PATH is defined in $external_path_file, ensure the path to scp is included,
3519otherwise scp will not work.])
3520 fi
08822d99 3521 AC_RUN_IFELSE(
3522 [AC_LANG_SOURCE([[
3c0ef626 3523/* find out what STDPATH is */
3524#include <stdio.h>
3525#ifdef HAVE_PATHS_H
3526# include <paths.h>
3527#endif
3528#ifndef _PATH_STDPATH
bfe49944 3529# ifdef _PATH_USERPATH /* Irix */
3530# define _PATH_STDPATH _PATH_USERPATH
3531# else
3532# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3533# endif
3c0ef626 3534#endif
3535#include <sys/types.h>
3536#include <sys/stat.h>
3537#include <fcntl.h>
3538#define DATA "conftest.stdpath"
3539
3540main()
3541{
3542 FILE *fd;
3543 int rc;
8b32eddc 3544
3c0ef626 3545 fd = fopen(DATA,"w");
3546 if(fd == NULL)
3547 exit(1);
8b32eddc 3548
3c0ef626 3549 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3550 exit(1);
3551
3552 exit(0);
3553}
08822d99 3554 ]])],
3555 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3556 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3557 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3558 )
3559# make sure $bindir is in USER_PATH so scp will work
3560 t_bindir=`eval echo ${bindir}`
3561 case $t_bindir in
3562 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3563 esac
3564 case $t_bindir in
3565 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3566 esac
3567 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3568 if test $? -ne 0 ; then
3569 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3570 if test $? -ne 0 ; then
3571 user_path=$user_path:$t_bindir
3572 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3573 fi
3574 fi
350391c5 3575 fi ]
3576)
7cac2b65 3577if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3578 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3579 AC_SUBST(user_path)
3580fi
3581
3582# Set superuser path separately to user path
350391c5 3583AC_ARG_WITH(superuser-path,
3584 [ --with-superuser-path= Specify different path for super-user],
3585 [
8b32eddc 3586 if test -n "$withval" && test "x$withval" != "xno" && \
3587 test "x${withval}" != "xyes"; then
08822d99 3588 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3589 [Define if you want a different $PATH
3590 for the superuser])
350391c5 3591 superuser_path=$withval
3592 fi
3c0ef626 3593 ]
3594)
350391c5 3595
3c0ef626 3596
3c0ef626 3597AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3598IPV4_IN6_HACK_MSG="no"
3c0ef626 3599AC_ARG_WITH(4in6,
3600 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3601 [
3602 if test "x$withval" != "xno" ; then
3603 AC_MSG_RESULT(yes)
08822d99 3604 AC_DEFINE(IPV4_IN_IPV6, 1,
3605 [Detect IPv4 in IPv6 mapped addresses
3606 and treat as IPv4])
540d72c3 3607 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3608 else
3609 AC_MSG_RESULT(no)
3610 fi
3611 ],[
3612 if test "x$inet6_default_4in6" = "xyes"; then
3613 AC_MSG_RESULT([yes (default)])
3614 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3615 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3616 else
3617 AC_MSG_RESULT([no (default)])
3618 fi
3619 ]
3620)
3621
3622# Whether to enable BSD auth support
e9702f7d 3623BSD_AUTH_MSG=no
3c0ef626 3624AC_ARG_WITH(bsd-auth,
3625 [ --with-bsd-auth Enable BSD auth support],
3626 [
8b32eddc 3627 if test "x$withval" != "xno" ; then
08822d99 3628 AC_DEFINE(BSD_AUTH, 1,
3629 [Define if you have BSD auth support])
e9702f7d 3630 BSD_AUTH_MSG=yes
3c0ef626 3631 fi
3632 ]
3633)
3634
3c0ef626 3635# Where to place sshd.pid
3636piddir=/var/run
350391c5 3637# make sure the directory exists
8b32eddc 3638if test ! -d $piddir ; then
350391c5 3639 piddir=`eval echo ${sysconfdir}`
3640 case $piddir in
540d72c3 3641 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3642 esac
3643fi
3644
3c0ef626 3645AC_ARG_WITH(pid-dir,
3646 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3647 [
8b32eddc 3648 if test -n "$withval" && test "x$withval" != "xno" && \
3649 test "x${withval}" != "xyes"; then
3c0ef626 3650 piddir=$withval
8b32eddc 3651 if test ! -d $piddir ; then
350391c5 3652 AC_MSG_WARN([** no $piddir directory on this system **])
3653 fi
3c0ef626 3654 fi
3655 ]
3656)
3657
08822d99 3658AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3659AC_SUBST(piddir)
3660
3661dnl allow user to disable some login recording features
3662AC_ARG_ENABLE(lastlog,
3663 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3664 [
3665 if test "x$enableval" = "xno" ; then
3666 AC_DEFINE(DISABLE_LASTLOG)
3667 fi
3668 ]
3c0ef626 3669)
3670AC_ARG_ENABLE(utmp,
3671 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 3672 [
3673 if test "x$enableval" = "xno" ; then
3674 AC_DEFINE(DISABLE_UTMP)
3675 fi
3676 ]
3c0ef626 3677)
3678AC_ARG_ENABLE(utmpx,
3679 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 3680 [
3681 if test "x$enableval" = "xno" ; then
08822d99 3682 AC_DEFINE(DISABLE_UTMPX, 1,
3683 [Define if you don't want to use utmpx])
7cac2b65 3684 fi
3685 ]
3c0ef626 3686)
3687AC_ARG_ENABLE(wtmp,
3688 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 3689 [
3690 if test "x$enableval" = "xno" ; then
3691 AC_DEFINE(DISABLE_WTMP)
3692 fi
3693 ]
3c0ef626 3694)
3695AC_ARG_ENABLE(wtmpx,
3696 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 3697 [
3698 if test "x$enableval" = "xno" ; then
08822d99 3699 AC_DEFINE(DISABLE_WTMPX, 1,
3700 [Define if you don't want to use wtmpx])
7cac2b65 3701 fi
3702 ]
3c0ef626 3703)
3704AC_ARG_ENABLE(libutil,
3705 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 3706 [
3707 if test "x$enableval" = "xno" ; then
3708 AC_DEFINE(DISABLE_LOGIN)
3709 fi
3710 ]
3c0ef626 3711)
3712AC_ARG_ENABLE(pututline,
3713 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 3714 [
3715 if test "x$enableval" = "xno" ; then
08822d99 3716 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3717 [Define if you don't want to use pututline()
3718 etc. to write [uw]tmp])
7cac2b65 3719 fi
3720 ]
3c0ef626 3721)
3722AC_ARG_ENABLE(pututxline,
3723 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 3724 [
3725 if test "x$enableval" = "xno" ; then
08822d99 3726 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3727 [Define if you don't want to use pututxline()
3728 etc. to write [uw]tmpx])
7cac2b65 3729 fi
3730 ]
3c0ef626 3731)
3732AC_ARG_WITH(lastlog,
3733 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3734 [
8b32eddc 3735 if test "x$withval" = "xno" ; then
3c0ef626 3736 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 3737 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3738 conf_lastlog_location=$withval
3739 fi
3740 ]
3741)
3742
3743dnl lastlog, [uw]tmpx? detection
3744dnl NOTE: set the paths in the platform section to avoid the
3745dnl need for command-line parameters
3746dnl lastlog and [uw]tmp are subject to a file search if all else fails
3747
3748dnl lastlog detection
3749dnl NOTE: the code itself will detect if lastlog is a directory
3750AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3751AC_TRY_COMPILE([
3752#include <sys/types.h>
3753#include <utmp.h>
3754#ifdef HAVE_LASTLOG_H
3755# include <lastlog.h>
3756#endif
3757#ifdef HAVE_PATHS_H
3758# include <paths.h>
3759#endif
3760#ifdef HAVE_LOGIN_H
3761# include <login.h>
3762#endif
3763 ],
3764 [ char *lastlog = LASTLOG_FILE; ],
3765 [ AC_MSG_RESULT(yes) ],
3766 [
3767 AC_MSG_RESULT(no)
3768 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3769 AC_TRY_COMPILE([
3770#include <sys/types.h>
3771#include <utmp.h>
3772#ifdef HAVE_LASTLOG_H
3773# include <lastlog.h>
3774#endif
3775#ifdef HAVE_PATHS_H
3776# include <paths.h>
3777#endif
3778 ],
3779 [ char *lastlog = _PATH_LASTLOG; ],
3780 [ AC_MSG_RESULT(yes) ],
3781 [
3782 AC_MSG_RESULT(no)
3783 system_lastlog_path=no
3784 ])
3785 ]
3786)
3787
3788if test -z "$conf_lastlog_location"; then
3789 if test x"$system_lastlog_path" = x"no" ; then
3790 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3791 if (test -d "$f" || test -f "$f") ; then
3792 conf_lastlog_location=$f
3793 fi
3794 done
3795 if test -z "$conf_lastlog_location"; then
3796 AC_MSG_WARN([** Cannot find lastlog **])
3797 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3798 fi
3799 fi
3800fi
3801
3802if test -n "$conf_lastlog_location"; then
08822d99 3803 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3804 [Define if you want to specify the path to your lastlog file])
8b32eddc 3805fi
3c0ef626 3806
3807dnl utmp detection
3808AC_MSG_CHECKING([if your system defines UTMP_FILE])
3809AC_TRY_COMPILE([
3810#include <sys/types.h>
3811#include <utmp.h>
3812#ifdef HAVE_PATHS_H
3813# include <paths.h>
3814#endif
3815 ],
3816 [ char *utmp = UTMP_FILE; ],
3817 [ AC_MSG_RESULT(yes) ],
3818 [ AC_MSG_RESULT(no)
3819 system_utmp_path=no ]
3820)
3821if test -z "$conf_utmp_location"; then
3822 if test x"$system_utmp_path" = x"no" ; then
3823 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3824 if test -f $f ; then
3825 conf_utmp_location=$f
3826 fi
3827 done
3828 if test -z "$conf_utmp_location"; then
3829 AC_DEFINE(DISABLE_UTMP)
3830 fi
3831 fi
3832fi
3833if test -n "$conf_utmp_location"; then
08822d99 3834 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3835 [Define if you want to specify the path to your utmp file])
8b32eddc 3836fi
3c0ef626 3837
3838dnl wtmp detection
3839AC_MSG_CHECKING([if your system defines WTMP_FILE])
3840AC_TRY_COMPILE([
3841#include <sys/types.h>
3842#include <utmp.h>
3843#ifdef HAVE_PATHS_H
3844# include <paths.h>
3845#endif
3846 ],
3847 [ char *wtmp = WTMP_FILE; ],
3848 [ AC_MSG_RESULT(yes) ],
3849 [ AC_MSG_RESULT(no)
3850 system_wtmp_path=no ]
3851)
3852if test -z "$conf_wtmp_location"; then
3853 if test x"$system_wtmp_path" = x"no" ; then
3854 for f in /usr/adm/wtmp /var/log/wtmp; do
3855 if test -f $f ; then
3856 conf_wtmp_location=$f
3857 fi
3858 done
3859 if test -z "$conf_wtmp_location"; then
3860 AC_DEFINE(DISABLE_WTMP)
3861 fi
3862 fi
3863fi
3864if test -n "$conf_wtmp_location"; then
08822d99 3865 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3866 [Define if you want to specify the path to your wtmp file])
8b32eddc 3867fi
3c0ef626 3868
3869
3870dnl utmpx detection - I don't know any system so perverse as to require
3871dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3872dnl there, though.
3873AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3874AC_TRY_COMPILE([
3875#include <sys/types.h>
3876#include <utmp.h>
3877#ifdef HAVE_UTMPX_H
3878#include <utmpx.h>
3879#endif
3880#ifdef HAVE_PATHS_H
3881# include <paths.h>
3882#endif
3883 ],
3884 [ char *utmpx = UTMPX_FILE; ],
3885 [ AC_MSG_RESULT(yes) ],
3886 [ AC_MSG_RESULT(no)
3887 system_utmpx_path=no ]
3888)
3889if test -z "$conf_utmpx_location"; then
3890 if test x"$system_utmpx_path" = x"no" ; then
3891 AC_DEFINE(DISABLE_UTMPX)
3892 fi
3893else
08822d99 3894 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3895 [Define if you want to specify the path to your utmpx file])
8b32eddc 3896fi
3c0ef626 3897
3898dnl wtmpx detection
3899AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3900AC_TRY_COMPILE([
3901#include <sys/types.h>
3902#include <utmp.h>
3903#ifdef HAVE_UTMPX_H
3904#include <utmpx.h>
3905#endif
3906#ifdef HAVE_PATHS_H
3907# include <paths.h>
3908#endif
3909 ],
3910 [ char *wtmpx = WTMPX_FILE; ],
3911 [ AC_MSG_RESULT(yes) ],
3912 [ AC_MSG_RESULT(no)
3913 system_wtmpx_path=no ]
3914)
3915if test -z "$conf_wtmpx_location"; then
3916 if test x"$system_wtmpx_path" = x"no" ; then
3917 AC_DEFINE(DISABLE_WTMPX)
3918 fi
3919else
08822d99 3920 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3921 [Define if you want to specify the path to your wtmpx file])
8b32eddc 3922fi
3c0ef626 3923
3924
3c0ef626 3925if test ! -z "$blibpath" ; then
256cb466 3926 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3927 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 3928fi
3929
e9702f7d 3930dnl remove pam and dl because they are in $LIBPAM
3931if test "$PAM_MSG" = yes ; then
3932 LIBS=`echo $LIBS | sed 's/-lpam //'`
3933fi
3934if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3935 LIBS=`echo $LIBS | sed 's/-ldl //'`
3936fi
3c0ef626 3937
2ce0bfe4 3938dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3939dnl Add now.
3940CFLAGS="$CFLAGS $werror_flags"
3941
e9702f7d 3942AC_EXEEXT
dfddba3d 3943AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3944 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 3945AC_OUTPUT
3946
3947# Print summary of options
3948
3c0ef626 3949# Someone please show me a better way :)
3950A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3951B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3952C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3953D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
3954E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
3955F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
3956G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 3957H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3958I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3959J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 3960
3961echo ""
3962echo "OpenSSH has been configured with the following options:"
350391c5 3963echo " User binaries: $B"
3964echo " System binaries: $C"
3965echo " Configuration files: $D"
3966echo " Askpass program: $E"
3967echo " Manual pages: $F"
3968echo " PID file: $G"
3969echo " Privilege separation chroot path: $H"
7cac2b65 3970if test "x$external_path_file" = "x/etc/login.conf" ; then
3971echo " At runtime, sshd will use the path defined in $external_path_file"
3972echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 3973else
3974echo " sshd default user PATH: $I"
7cac2b65 3975 if test ! -z "$external_path_file"; then
3976echo " (If PATH is set in $external_path_file it will be used instead. If"
3977echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3978 fi
350391c5 3979fi
3980if test ! -z "$superuser_path" ; then
3981echo " sshd superuser user PATH: $J"
3982fi
3983echo " Manpage format: $MANTYPE"
7cac2b65 3984echo " PAM support: $PAM_MSG"
350391c5 3985echo " KerberosV support: $KRB5_MSG"
3986echo " Smartcard support: $SCARD_MSG"
350391c5 3987echo " S/KEY support: $SKEY_MSG"
3988echo " TCP Wrappers support: $TCPW_MSG"
3989echo " MD5 password support: $MD5_MSG"
dfddba3d 3990echo " libedit support: $LIBEDIT_MSG"
350391c5 3991echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 3992echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3993echo " BSD Auth support: $BSD_AUTH_MSG"
3994echo " Random number source: $RAND_MSG"
e9702f7d 3995if test ! -z "$USE_RAND_HELPER" ; then
350391c5 3996echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 3997fi
3998
3999echo ""
4000
4001echo " Host: ${host}"
4002echo " Compiler: ${CC}"
4003echo " Compiler flags: ${CFLAGS}"
4004echo "Preprocessor flags: ${CPPFLAGS}"
4005echo " Linker flags: ${LDFLAGS}"
e9702f7d 4006echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3c0ef626 4007
4008echo ""
4009
7e82606e 4010if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4011 echo "SVR4 style packages are supported with \"make package\""
4012 echo ""
7e82606e 4013fi
4014
3c0ef626 4015if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4016 echo "PAM is enabled. You may need to install a PAM control file "
4017 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4018 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4019 echo "subdirectory"
3c0ef626 4020 echo ""
4021fi
4022
e9702f7d 4023if test ! -z "$RAND_HELPER_CMDHASH" ; then
4024 echo "WARNING: you are using the builtin random number collection "
4025 echo "service. Please read WARNING.RNG and request that your OS "
4026 echo "vendor includes kernel-based random number collection in "
4027 echo "future versions of your OS."
3c0ef626 4028 echo ""
4029fi
4030
7e82606e 4031if test ! -z "$NO_PEERCHECK" ; then
4032 echo "WARNING: the operating system that you are using does not "
4033 echo "appear to support either the getpeereid() API nor the "
4034 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
4035 echo "enforce security checks to prevent unauthorised connections to "
4036 echo "ssh-agent. Their absence increases the risk that a malicious "
4037 echo "user can connect to your agent. "
4038 echo ""
4039fi
4040
dfddba3d 4041if test "$AUDIT_MODULE" = "bsm" ; then
4042 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4043 echo "See the Solaris section in README.platform for details."
4044fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.817531 seconds and 5 git commands to generate.