]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Import of OpenSSH 4.3p2
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
99be0775 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
665a873d 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
f2f068fa 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
0fff78ff 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
f2f068fa 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
c9f39d2c 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
6a9b3198 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
700318f3 43AC_PATH_PROG(SH, sh)
c9f39d2c 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
2c06c99b 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
2c06c99b 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
cdd66111 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
2c06c99b 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
cdd66111 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
dec6d9fe 88
3c0ef626 89AC_C_INLINE
665a873d 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
cdd66111 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
665a873d 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
2c06c99b 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
665a873d 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
2c06c99b 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
665a873d 103 esac
104
105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
116fi
117
cdd66111 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
dec6d9fe 121 if test "x$withval" = "xno" ; then
cdd66111 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
3c0ef626 130# Check for some target-specific stuff
131case "$host" in
132*-*-aix*)
cdd66111 133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
7e772e1f 134 if (test -z "$blibpath"); then
cdd66111 135 blibpath="/usr/lib:/lib"
7e772e1f 136 fi
137 saved_LDFLAGS="$LDFLAGS"
138 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
139 if (test -z "$blibflags"); then
140 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
141 AC_TRY_LINK([], [], [blibflags=$tryflags])
142 fi
143 done
144 if (test -z "$blibflags"); then
145 AC_MSG_RESULT(not found)
146 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
147 else
148 AC_MSG_RESULT($blibflags)
3c0ef626 149 fi
7e772e1f 150 LDFLAGS="$saved_LDFLAGS"
0fff78ff 151 dnl Check for authenticate. Might be in libs.a on older AIXes
2c06c99b 152 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
153 [Define if you want to enable AIX4's authenticate function])],
41b2f314 154 [AC_CHECK_LIB(s,authenticate,
155 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
156 LIBS="$LIBS -ls"
157 ])
158 ])
996d5e62 159 dnl Check for various auth function declarations in headers.
160 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
dec6d9fe 161 passwdexpired, setauthdb], , , [#include <usersec.h>])
0fff78ff 162 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
996d5e62 163 AC_CHECK_DECLS(loginfailed,
0fff78ff 164 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
165 AC_TRY_COMPILE(
166 [#include <usersec.h>],
167 [(void)loginfailed("user","host","tty",0);],
168 [AC_MSG_RESULT(yes)
2c06c99b 169 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
170 [Define if your AIX loginfailed() function
171 takes 4 arguments (AIX >= 5.2)])],
0fff78ff 172 [AC_MSG_RESULT(no)]
173 )],
174 [],
175 [#include <usersec.h>]
176 )
177 AC_CHECK_FUNCS(setauthdb)
996d5e62 178 check_for_aix_broken_getaddrinfo=1
2c06c99b 179 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
180 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
181 [Define if your platform breaks doing a seteuid before a setuid])
182 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
183 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 184 dnl AIX handles lastlog as part of its login message
2c06c99b 185 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
186 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
187 [Some systems need a utmpx entry for /bin/login to work])
188 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
189 [Define to a Set Process Title type if your system is
190 supported by bsd-setproctitle.c])
191 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
192 [AIX 5.2 and 5.3 (and presumably newer) require this])
3c0ef626 193 ;;
194*-*-cygwin*)
6a9b3198 195 check_for_libcrypt_later=1
e9a17296 196 LIBS="$LIBS /usr/lib/textmode.o"
2c06c99b 197 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
198 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
199 AC_DEFINE(DISABLE_SHADOW, 1,
200 [Define if you want to disable shadow passwords])
201 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
202 [Define if your system choked on IP TOS setting])
203 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
204 [Define if X11 doesn't support AF_UNIX sockets on that system])
205 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
206 [Define if the concept of ports only accessible to
207 superusers isn't known])
208 AC_DEFINE(DISABLE_FD_PASSING, 1,
209 [Define if your platform needs to skip post auth
210 file descriptor passing])
3c0ef626 211 ;;
212*-*-dgux*)
213 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 214 AC_DEFINE(SETEUID_BREAKS_SETUID)
215 AC_DEFINE(BROKEN_SETREUID)
216 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 217 ;;
218*-*-darwin*)
41b2f314 219 AC_MSG_CHECKING(if we have working getaddrinfo)
220 AC_TRY_RUN([#include <mach-o/dyld.h>
221main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
222 exit(0);
223 else
224 exit(1);
225}], [AC_MSG_RESULT(working)],
226 [AC_MSG_RESULT(buggy)
2c06c99b 227 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
41b2f314 228 [AC_MSG_RESULT(assume it is working)])
acc3d05e 229 AC_DEFINE(SETEUID_BREAKS_SETUID)
230 AC_DEFINE(BROKEN_SETREUID)
231 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 232 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
233 [Define if your resolver libs need this for getrrsetbyname])
3c0ef626 234 ;;
665a873d 235*-*-hpux*)
236 # first we define all of the options common to all HP-UX releases
3c0ef626 237 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
238 IPADDR_IN_DISPLAY=yes
3c0ef626 239 AC_DEFINE(USE_PIPES)
2c06c99b 240 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
241 [Define if your login program cannot handle end of options ("--")])
700318f3 242 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 243 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
244 [String used in /etc/passwd to denote locked account])
0fff78ff 245 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
2c06c99b 246 MAIL="/var/mail/username"
41b2f314 247 LIBS="$LIBS -lsec"
665a873d 248 AC_CHECK_LIB(xnet, t_error, ,
249 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
250
251 # next, we define all of the options specific to major releases
252 case "$host" in
253 *-*-hpux10*)
254 if test -z "$GCC"; then
255 CFLAGS="$CFLAGS -Ae"
256 fi
257 ;;
258 *-*-hpux11*)
2c06c99b 259 AC_DEFINE(PAM_SUN_CODEBASE, 1,
260 [Define if you are using Solaris-derived PAM which
261 passes pam_messages to the conversation function
262 with an extra level of indirection])
263 AC_DEFINE(DISABLE_UTMP, 1,
264 [Define if you don't want to use utmp])
665a873d 265 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
266 check_for_hpux_broken_getaddrinfo=1
267 check_for_conflicting_getspnam=1
268 ;;
269 esac
270
271 # lastly, we define options specific to minor releases
272 case "$host" in
273 *-*-hpux10.26)
2c06c99b 274 AC_DEFINE(HAVE_SECUREWARE, 1,
275 [Define if you have SecureWare-based
276 protected password database])
665a873d 277 disable_ptmx_check=yes
278 LIBS="$LIBS -lsecpw"
279 ;;
280 esac
3c0ef626 281 ;;
282*-*-irix5*)
3c0ef626 283 PATH="$PATH:/usr/etc"
2c06c99b 284 AC_DEFINE(BROKEN_INET_NTOA, 1,
285 [Define if you system's inet_ntoa is busted
286 (e.g. Irix gcc issue)])
cdd66111 287 AC_DEFINE(SETEUID_BREAKS_SETUID)
288 AC_DEFINE(BROKEN_SETREUID)
289 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 290 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
291 [Define if you shouldn't strip 'tty' from your
292 ttyname in [uw]tmp])
0fff78ff 293 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 294 ;;
295*-*-irix6*)
3c0ef626 296 PATH="$PATH:/usr/etc"
2c06c99b 297 AC_DEFINE(WITH_IRIX_ARRAY, 1,
298 [Define if you have/want arrays
299 (cluster-wide session managment, not C arrays)])
300 AC_DEFINE(WITH_IRIX_PROJECT, 1,
301 [Define if you want IRIX project management])
302 AC_DEFINE(WITH_IRIX_AUDIT, 1,
303 [Define if you want IRIX audit trails])
304 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
305 [Define if you want IRIX kernel jobs])])
3c0ef626 306 AC_DEFINE(BROKEN_INET_NTOA)
acc3d05e 307 AC_DEFINE(SETEUID_BREAKS_SETUID)
308 AC_DEFINE(BROKEN_SETREUID)
309 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 310 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
700318f3 311 AC_DEFINE(WITH_ABBREV_NO_TTY)
0fff78ff 312 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 313 ;;
314*-*-linux*)
315 no_dev_ptmx=1
316 check_for_libcrypt_later=1
0fff78ff 317 check_for_openpty_ctty_bug=1
2c06c99b 318 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
319 AC_DEFINE(PAM_TTY_KLUDGE, 1,
320 [Work around problematic Linux PAM modules handling of PAM_TTY])
321 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
322 [String used in /etc/passwd to denote locked account])
0fff78ff 323 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
2c06c99b 324 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
325 [Define to whatever link() returns for "not supported"
326 if it doesn't return EOPNOTSUPP.])
996d5e62 327 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
2c06c99b 328 AC_DEFINE(USE_BTMP)
3c0ef626 329 inet6_default_4in6=yes
0fff78ff 330 case `uname -r` in
331 1.*|2.0.*)
2c06c99b 332 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
333 [Define if cmsg_type is not passed correctly])
0fff78ff 334 ;;
335 esac
2c06c99b 336 # tun(4) forwarding compat code
337 AC_CHECK_HEADERS(linux/if_tun.h)
338 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
339 AC_DEFINE(SSH_TUN_LINUX, 1,
340 [Open tunnel devices the Linux tun/tap way])
341 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
342 [Use tunnel device compatibility to OpenBSD])
343 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
344 [Prepend the address family to IP tunnel traffic])
345 fi
3c0ef626 346 ;;
347mips-sony-bsd|mips-sony-newsos4)
f2f068fa 348 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 349 SONY=1
3c0ef626 350 ;;
351*-*-netbsd*)
41b2f314 352 check_for_libcrypt_before=1
dec6d9fe 353 if test "x$withval" != "xno" ; then
cdd66111 354 need_dash_r=1
355 fi
2c06c99b 356 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
357 AC_CHECK_HEADER([net/if_tap.h], ,
358 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
359 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
360 [Prepend the address family to IP tunnel traffic])
3c0ef626 361 ;;
362*-*-freebsd*)
363 check_for_libcrypt_later=1
2c06c99b 364 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
365 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
366 AC_CHECK_HEADER([net/if_tap.h], ,
367 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 368 ;;
acc3d05e 369*-*-bsdi*)
370 AC_DEFINE(SETEUID_BREAKS_SETUID)
371 AC_DEFINE(BROKEN_SETREUID)
372 AC_DEFINE(BROKEN_SETREGID)
373 ;;
3c0ef626 374*-next-*)
375 conf_lastlog_location="/usr/adm/lastlog"
376 conf_utmp_location=/etc/utmp
377 conf_wtmp_location=/usr/adm/wtmp
378 MAIL=/usr/spool/mail
2c06c99b 379 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 380 AC_DEFINE(BROKEN_REALPATH)
381 AC_DEFINE(USE_PIPES)
2c06c99b 382 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 383 ;;
665a873d 384*-*-openbsd*)
385 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
2c06c99b 386 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
387 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
665a873d 388 ;;
3c0ef626 389*-*-solaris*)
dec6d9fe 390 if test "x$withval" != "xno" ; then
99be0775 391 need_dash_r=1
392 fi
3c0ef626 393 AC_DEFINE(PAM_SUN_CODEBASE)
394 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 395 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
396 [Some versions of /bin/login need the TERM supplied
397 on the commandline])
3c0ef626 398 AC_DEFINE(PAM_TTY_KLUDGE)
2c06c99b 399 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
400 [Define if pam_chauthtok wants real uid set
401 to the unpriv'ed user])
0fff78ff 402 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
403 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
2c06c99b 404 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
405 [Define if sshd somehow reacquires a controlling TTY
406 after setsid()])
0fff78ff 407 external_path_file=/etc/default/login
3c0ef626 408 # hardwire lastlog location (can't detect it on some versions)
409 conf_lastlog_location="/var/adm/lastlog"
410 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
411 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
412 if test "$sol2ver" -ge 8; then
413 AC_MSG_RESULT(yes)
414 AC_DEFINE(DISABLE_UTMP)
2c06c99b 415 AC_DEFINE(DISABLE_WTMP, 1,
416 [Define if you don't want to use wtmp])
3c0ef626 417 else
418 AC_MSG_RESULT(no)
419 fi
420 ;;
421*-*-sunos4*)
422 CPPFLAGS="$CPPFLAGS -DSUNOS4"
423 AC_CHECK_FUNCS(getpwanam)
424 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 425 conf_utmp_location=/etc/utmp
426 conf_wtmp_location=/var/adm/wtmp
427 conf_lastlog_location=/var/adm/lastlog
428 AC_DEFINE(USE_PIPES)
429 ;;
430*-ncr-sysv*)
3c0ef626 431 LIBS="$LIBS -lc89"
e9a17296 432 AC_DEFINE(USE_PIPES)
0fff78ff 433 AC_DEFINE(SSHD_ACQUIRES_CTTY)
acc3d05e 434 AC_DEFINE(SETEUID_BREAKS_SETUID)
435 AC_DEFINE(BROKEN_SETREUID)
436 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 437 ;;
438*-sni-sysv*)
3c0ef626 439 # /usr/ucblib MUST NOT be searched on ReliantUNIX
cdd66111 440 AC_CHECK_LIB(dl, dlsym, ,)
2c06c99b 441 # -lresolv needs to be at the end of LIBS or DNS lookups break
442 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 443 IPADDR_IN_DISPLAY=yes
444 AC_DEFINE(USE_PIPES)
445 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 446 AC_DEFINE(SETEUID_BREAKS_SETUID)
447 AC_DEFINE(BROKEN_SETREUID)
448 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 449 AC_DEFINE(SSHD_ACQUIRES_CTTY)
450 external_path_file=/etc/default/login
3c0ef626 451 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
452 # Attention: always take care to bind libsocket and libnsl before libc,
453 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
454 ;;
996d5e62 455# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 456*-*-sysv4.2*)
2c06c99b 457 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
3c0ef626 458 AC_DEFINE(USE_PIPES)
0fff78ff 459 AC_DEFINE(SETEUID_BREAKS_SETUID)
460 AC_DEFINE(BROKEN_SETREUID)
461 AC_DEFINE(BROKEN_SETREGID)
dec6d9fe 462 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
2c06c99b 463 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 464 ;;
996d5e62 465# UnixWare 7.x, OpenUNIX 8
3c0ef626 466*-*-sysv5*)
665a873d 467 check_for_libcrypt_later=1
468 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 469 AC_DEFINE(USE_PIPES)
0fff78ff 470 AC_DEFINE(SETEUID_BREAKS_SETUID)
471 AC_DEFINE(BROKEN_SETREUID)
472 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 473 AC_DEFINE(PASSWD_NEEDS_USERNAME)
665a873d 474 case "$host" in
475 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
476 TEST_SHELL=/u95/bin/sh
2c06c99b 477 AC_DEFINE(BROKEN_LIBIAF, 1,
478 [ia_uinfo routines not supported by OS yet])
479 ;;
480 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
665a873d 481 ;;
482 esac
3c0ef626 483 ;;
484*-*-sysv*)
3c0ef626 485 ;;
996d5e62 486# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 487*-*-sco3.2v4*)
996d5e62 488 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 489 ;;
996d5e62 490# SCO OpenServer 5.x
3c0ef626 491*-*-sco3.2v5*)
6a9b3198 492 if test -z "$GCC"; then
493 CFLAGS="$CFLAGS -belf"
494 fi
3c0ef626 495 LIBS="$LIBS -lprot -lx -ltinfo -lm"
496 no_dev_ptmx=1
3c0ef626 497 AC_DEFINE(USE_PIPES)
700318f3 498 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 499 AC_DEFINE(DISABLE_SHADOW)
41b2f314 500 AC_DEFINE(DISABLE_FD_PASSING)
0fff78ff 501 AC_DEFINE(SETEUID_BREAKS_SETUID)
502 AC_DEFINE(BROKEN_SETREUID)
503 AC_DEFINE(BROKEN_SETREGID)
504 AC_DEFINE(WITH_ABBREV_NO_TTY)
c9f39d2c 505 AC_DEFINE(BROKEN_UPDWTMPX)
2c06c99b 506 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 507 AC_CHECK_FUNCS(getluid setluid)
508 MANTYPE=man
c9f39d2c 509 TEST_SHELL=ksh
3c0ef626 510 ;;
41b2f314 511*-*-unicosmk*)
2c06c99b 512 AC_DEFINE(NO_SSH_LASTLOG, 1,
513 [Define if you don't want to use lastlog in session.c])
cdd66111 514 AC_DEFINE(SETEUID_BREAKS_SETUID)
515 AC_DEFINE(BROKEN_SETREUID)
516 AC_DEFINE(BROKEN_SETREGID)
41b2f314 517 AC_DEFINE(USE_PIPES)
518 AC_DEFINE(DISABLE_FD_PASSING)
519 LDFLAGS="$LDFLAGS"
520 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
521 MANTYPE=cat
522 ;;
0fff78ff 523*-*-unicosmp*)
cdd66111 524 AC_DEFINE(SETEUID_BREAKS_SETUID)
525 AC_DEFINE(BROKEN_SETREUID)
526 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 527 AC_DEFINE(WITH_ABBREV_NO_TTY)
528 AC_DEFINE(USE_PIPES)
529 AC_DEFINE(DISABLE_FD_PASSING)
530 LDFLAGS="$LDFLAGS"
cdd66111 531 LIBS="$LIBS -lgen -lacid -ldb"
0fff78ff 532 MANTYPE=cat
533 ;;
3c0ef626 534*-*-unicos*)
cdd66111 535 AC_DEFINE(SETEUID_BREAKS_SETUID)
536 AC_DEFINE(BROKEN_SETREUID)
537 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 538 AC_DEFINE(USE_PIPES)
41b2f314 539 AC_DEFINE(DISABLE_FD_PASSING)
540 AC_DEFINE(NO_SSH_LASTLOG)
541 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
542 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
543 MANTYPE=cat
3c0ef626 544 ;;
545*-dec-osf*)
546 AC_MSG_CHECKING(for Digital Unix SIA)
547 no_osfsia=""
548 AC_ARG_WITH(osfsia,
549 [ --with-osfsia Enable Digital Unix SIA],
550 [
551 if test "x$withval" = "xno" ; then
552 AC_MSG_RESULT(disabled)
553 no_osfsia=1
554 fi
555 ],
556 )
557 if test -z "$no_osfsia" ; then
558 if test -f /etc/sia/matrix.conf; then
559 AC_MSG_RESULT(yes)
2c06c99b 560 AC_DEFINE(HAVE_OSF_SIA, 1,
561 [Define if you have Digital Unix Security
562 Integration Architecture])
563 AC_DEFINE(DISABLE_LOGIN, 1,
564 [Define if you don't want to use your
565 system's login() call])
6a9b3198 566 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 567 LIBS="$LIBS -lsecurity -ldb -lm -laud"
568 else
569 AC_MSG_RESULT(no)
2c06c99b 570 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
571 [String used in /etc/passwd to denote locked account])
3c0ef626 572 fi
573 fi
0fff78ff 574 AC_DEFINE(BROKEN_GETADDRINFO)
acc3d05e 575 AC_DEFINE(SETEUID_BREAKS_SETUID)
576 AC_DEFINE(BROKEN_SETREUID)
577 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 578 ;;
579
f2f068fa 580*-*-nto-qnx*)
3c0ef626 581 AC_DEFINE(USE_PIPES)
582 AC_DEFINE(NO_X11_UNIX_SOCKETS)
2c06c99b 583 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
584 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
585 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
f2f068fa 586 AC_DEFINE(DISABLE_LASTLOG)
3c0ef626 587 ;;
665a873d 588
589*-*-ultrix*)
2c06c99b 590 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
591 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
f2f068fa 592 AC_DEFINE(NEED_SETPGRP)
665a873d 593 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
594 ;;
595
596*-*-lynxos)
597 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
2c06c99b 598 AC_DEFINE(MISSING_HOWMANY)
665a873d 599 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
600 ;;
3c0ef626 601esac
602
603# Allow user to specify flags
604AC_ARG_WITH(cflags,
605 [ --with-cflags Specify additional flags to pass to compiler],
606 [
dec6d9fe 607 if test -n "$withval" && test "x$withval" != "xno" && \
608 test "x${withval}" != "xyes"; then
3c0ef626 609 CFLAGS="$CFLAGS $withval"
610 fi
dec6d9fe 611 ]
3c0ef626 612)
613AC_ARG_WITH(cppflags,
614 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
615 [
dec6d9fe 616 if test -n "$withval" && test "x$withval" != "xno" && \
617 test "x${withval}" != "xyes"; then
3c0ef626 618 CPPFLAGS="$CPPFLAGS $withval"
619 fi
620 ]
621)
622AC_ARG_WITH(ldflags,
623 [ --with-ldflags Specify additional flags to pass to linker],
624 [
dec6d9fe 625 if test -n "$withval" && test "x$withval" != "xno" && \
626 test "x${withval}" != "xyes"; then
3c0ef626 627 LDFLAGS="$LDFLAGS $withval"
628 fi
dec6d9fe 629 ]
3c0ef626 630)
631AC_ARG_WITH(libs,
632 [ --with-libs Specify additional libraries to link with],
633 [
dec6d9fe 634 if test -n "$withval" && test "x$withval" != "xno" && \
635 test "x${withval}" != "xyes"; then
3c0ef626 636 LIBS="$LIBS $withval"
637 fi
dec6d9fe 638 ]
3c0ef626 639)
665a873d 640AC_ARG_WITH(Werror,
641 [ --with-Werror Build main code with -Werror],
642 [
643 if test -n "$withval" && test "x$withval" != "xno"; then
644 werror_flags="-Werror"
2c06c99b 645 if test "x${withval}" != "xyes"; then
665a873d 646 werror_flags="$withval"
647 fi
648 fi
649 ]
650)
3c0ef626 651
0fff78ff 652AC_MSG_CHECKING(compiler and flags for sanity)
996d5e62 653AC_RUN_IFELSE(
654 [AC_LANG_SOURCE([
0fff78ff 655#include <stdio.h>
656int main(){exit(0);}
996d5e62 657 ])],
0fff78ff 658 [ AC_MSG_RESULT(yes) ],
659 [
660 AC_MSG_RESULT(no)
661 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
996d5e62 662 ],
663 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
0fff78ff 664)
665
665a873d 666dnl Checks for header files.
667AC_CHECK_HEADERS( \
668 bstring.h \
669 crypt.h \
670 dirent.h \
671 endian.h \
672 features.h \
673 floatingpoint.h \
674 getopt.h \
675 glob.h \
676 ia.h \
677 iaf.h \
665a873d 678 limits.h \
679 login.h \
680 login_cap.h \
681 maillock.h \
682 ndir.h \
683 netdb.h \
684 netgroup.h \
665a873d 685 pam/pam_appl.h \
686 paths.h \
687 pty.h \
688 readpassphrase.h \
689 rpc/types.h \
690 security/pam_appl.h \
691 shadow.h \
692 stddef.h \
693 stdint.h \
694 string.h \
695 strings.h \
696 sys/audit.h \
697 sys/bitypes.h \
698 sys/bsdtty.h \
699 sys/cdefs.h \
700 sys/dir.h \
701 sys/mman.h \
702 sys/ndir.h \
703 sys/prctl.h \
704 sys/pstat.h \
705 sys/select.h \
706 sys/stat.h \
707 sys/stream.h \
708 sys/stropts.h \
709 sys/strtio.h \
710 sys/sysmacros.h \
711 sys/time.h \
712 sys/timers.h \
713 sys/un.h \
714 time.h \
715 tmpdir.h \
716 ttyent.h \
717 unistd.h \
718 usersec.h \
719 util.h \
720 utime.h \
721 utmp.h \
722 utmpx.h \
723 vis.h \
724)
3c0ef626 725
f2f068fa 726# lastlog.h requires sys/time.h to be included first on Solaris
727AC_CHECK_HEADERS(lastlog.h, [], [], [
728#ifdef HAVE_SYS_TIME_H
729# include <sys/time.h>
730#endif
731])
732
996d5e62 733# sys/ptms.h requires sys/stream.h to be included first on Solaris
734AC_CHECK_HEADERS(sys/ptms.h, [], [], [
735#ifdef HAVE_SYS_STREAM_H
736# include <sys/stream.h>
737#endif
738])
739
3c0ef626 740# Checks for libraries.
741AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
742AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
743
0fff78ff 744dnl IRIX and Solaris 2.5.1 have dirname() in libgen
745AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
746 AC_CHECK_LIB(gen, dirname,[
747 AC_CACHE_CHECK([for broken dirname],
748 ac_cv_have_broken_dirname, [
749 save_LIBS="$LIBS"
750 LIBS="$LIBS -lgen"
2c06c99b 751 AC_RUN_IFELSE(
752 [AC_LANG_SOURCE([[
0fff78ff 753#include <libgen.h>
754#include <string.h>
755
756int main(int argc, char **argv) {
757 char *s, buf[32];
758
759 strncpy(buf,"/etc", 32);
760 s = dirname(buf);
761 if (!s || strncmp(s, "/", 32) != 0) {
762 exit(1);
763 } else {
764 exit(0);
765 }
766}
2c06c99b 767 ]])],
768 [ ac_cv_have_broken_dirname="no" ],
769 [ ac_cv_have_broken_dirname="yes" ],
0fff78ff 770 [ ac_cv_have_broken_dirname="no" ],
0fff78ff 771 )
772 LIBS="$save_LIBS"
773 ])
774 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
775 LIBS="$LIBS -lgen"
776 AC_DEFINE(HAVE_DIRNAME)
777 AC_CHECK_HEADERS(libgen.h)
778 fi
779 ])
780])
781
3c0ef626 782AC_CHECK_FUNC(getspnam, ,
783 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
2c06c99b 784AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
785 [Define if you have the basename function.]))
3c0ef626 786
787dnl zlib is required
788AC_ARG_WITH(zlib,
789 [ --with-zlib=PATH Use zlib in PATH],
dec6d9fe 790 [ if test "x$withval" = "xno" ; then
791 AC_MSG_ERROR([*** zlib is required ***])
792 elif test "x$withval" != "xyes"; then
3c0ef626 793 if test -d "$withval/lib"; then
794 if test -n "${need_dash_r}"; then
795 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
796 else
797 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
798 fi
799 else
800 if test -n "${need_dash_r}"; then
801 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
802 else
803 LDFLAGS="-L${withval} ${LDFLAGS}"
804 fi
805 fi
806 if test -d "$withval/include"; then
807 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
808 else
809 CPPFLAGS="-I${withval} ${CPPFLAGS}"
810 fi
dec6d9fe 811 fi ]
3c0ef626 812)
813
cdd66111 814AC_CHECK_LIB(z, deflate, ,
815 [
816 saved_CPPFLAGS="$CPPFLAGS"
817 saved_LDFLAGS="$LDFLAGS"
818 save_LIBS="$LIBS"
819 dnl Check default zlib install dir
820 if test -n "${need_dash_r}"; then
821 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
822 else
823 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
824 fi
825 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
826 LIBS="$LIBS -lz"
827 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
828 [
829 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
830 ]
831 )
832 ]
833)
834AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
835
836AC_ARG_WITH(zlib-version-check,
837 [ --without-zlib-version-check Disable zlib version check],
838 [ if test "x$withval" = "xno" ; then
839 zlib_check_nonfatal=1
840 fi
841 ]
842)
843
dec6d9fe 844AC_MSG_CHECKING(for possibly buggy zlib)
996d5e62 845AC_RUN_IFELSE([AC_LANG_SOURCE([[
dec6d9fe 846#include <stdio.h>
cdd66111 847#include <zlib.h>
848int main()
849{
dec6d9fe 850 int a=0, b=0, c=0, d=0, n, v;
851 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
852 if (n != 3 && n != 4)
cdd66111 853 exit(1);
dec6d9fe 854 v = a*1000000 + b*10000 + c*100 + d;
855 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
856
857 /* 1.1.4 is OK */
858 if (a == 1 && b == 1 && c >= 4)
cdd66111 859 exit(0);
dec6d9fe 860
665a873d 861 /* 1.2.3 and up are OK */
862 if (v >= 1020300)
dec6d9fe 863 exit(0);
864
cdd66111 865 exit(2);
866}
996d5e62 867 ]])],
dec6d9fe 868 AC_MSG_RESULT(no),
869 [ AC_MSG_RESULT(yes)
cdd66111 870 if test -z "$zlib_check_nonfatal" ; then
871 AC_MSG_ERROR([*** zlib too old - check config.log ***
872Your reported zlib version has known security problems. It's possible your
873vendor has fixed these problems without changing the version number. If you
874are sure this is the case, you can disable the check by running
875"./configure --without-zlib-version-check".
665a873d 876If you are in doubt, upgrade zlib to version 1.2.3 or greater.
dec6d9fe 877See http://www.gzip.org/zlib/ for details.])
cdd66111 878 else
879 AC_MSG_WARN([zlib version may have security problems])
880 fi
996d5e62 881 ],
882 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
cdd66111 883)
3c0ef626 884
3c0ef626 885dnl UnixWare 2.x
cdd66111 886AC_CHECK_FUNC(strcasecmp,
3c0ef626 887 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
888)
2c06c99b 889AC_CHECK_FUNCS(utimes,
41b2f314 890 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
891 LIBS="$LIBS -lc89"]) ]
3c0ef626 892)
893
894dnl Checks for libutil functions
895AC_CHECK_HEADERS(libutil.h)
2c06c99b 896AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
897 [Define if your libraries define login()])])
3c0ef626 898AC_CHECK_FUNCS(logout updwtmp logwtmp)
899
900AC_FUNC_STRFTIME
901
3c0ef626 902# Check for ALTDIRFUNC glob() extension
903AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
904AC_EGREP_CPP(FOUNDIT,
905 [
906 #include <glob.h>
907 #ifdef GLOB_ALTDIRFUNC
908 FOUNDIT
909 #endif
cdd66111 910 ],
3c0ef626 911 [
2c06c99b 912 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
913 [Define if your system glob() function has
914 the GLOB_ALTDIRFUNC extension])
3c0ef626 915 AC_MSG_RESULT(yes)
916 ],
917 [
918 AC_MSG_RESULT(no)
919 ]
920)
921
922# Check for g.gl_matchc glob() extension
923AC_MSG_CHECKING(for gl_matchc field in glob_t)
924AC_EGREP_CPP(FOUNDIT,
cdd66111 925 [
926 #include <glob.h>
3c0ef626 927 int main(void){glob_t g; g.gl_matchc = 1;}
cdd66111 928 ],
929 [
2c06c99b 930 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
931 [Define if your system glob() function has
932 gl_matchc options in glob_t])
cdd66111 933 AC_MSG_RESULT(yes)
934 ],
935 [
936 AC_MSG_RESULT(no)
937 ]
3c0ef626 938)
939
940AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
996d5e62 941AC_RUN_IFELSE(
942 [AC_LANG_SOURCE([[
3c0ef626 943#include <sys/types.h>
944#include <dirent.h>
41b2f314 945int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
996d5e62 946 ]])],
cdd66111 947 [AC_MSG_RESULT(yes)],
3c0ef626 948 [
949 AC_MSG_RESULT(no)
2c06c99b 950 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
951 [Define if your struct dirent expects you to
952 allocate extra space for d_name])
996d5e62 953 ],
dec6d9fe 954 [
996d5e62 955 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
956 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 957 ]
958)
959
c9f39d2c 960AC_MSG_CHECKING([for /proc/pid/fd directory])
961if test -d "/proc/$$/fd" ; then
2c06c99b 962 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
c9f39d2c 963 AC_MSG_RESULT(yes)
964else
965 AC_MSG_RESULT(no)
966fi
967
3c0ef626 968# Check whether user wants S/Key support
cdd66111 969SKEY_MSG="no"
3c0ef626 970AC_ARG_WITH(skey,
996d5e62 971 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 972 [
973 if test "x$withval" != "xno" ; then
974
975 if test "x$withval" != "xyes" ; then
976 CPPFLAGS="$CPPFLAGS -I${withval}/include"
977 LDFLAGS="$LDFLAGS -L${withval}/lib"
978 fi
979
2c06c99b 980 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 981 LIBS="-lskey $LIBS"
cdd66111 982 SKEY_MSG="yes"
dec6d9fe 983
e9a17296 984 AC_MSG_CHECKING([for s/key support])
2c06c99b 985 AC_LINK_IFELSE(
986 [AC_LANG_SOURCE([[
e9a17296 987#include <stdio.h>
988#include <skey.h>
41b2f314 989int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
2c06c99b 990 ]])],
e9a17296 991 [AC_MSG_RESULT(yes)],
3c0ef626 992 [
e9a17296 993 AC_MSG_RESULT(no)
3c0ef626 994 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
995 ])
99be0775 996 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
997 AC_TRY_COMPILE(
998 [#include <stdio.h>
999 #include <skey.h>],
1000 [(void)skeychallenge(NULL,"name","",0);],
1001 [AC_MSG_RESULT(yes)
2c06c99b 1002 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1003 [Define if your skeychallenge()
1004 function takes 4 arguments (NetBSD)])],
99be0775 1005 [AC_MSG_RESULT(no)]
1006 )
3c0ef626 1007 fi
1008 ]
1009)
1010
1011# Check whether user wants TCP wrappers support
1012TCPW_MSG="no"
1013AC_ARG_WITH(tcp-wrappers,
996d5e62 1014 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1015 [
1016 if test "x$withval" != "xno" ; then
1017 saved_LIBS="$LIBS"
1018 saved_LDFLAGS="$LDFLAGS"
1019 saved_CPPFLAGS="$CPPFLAGS"
dec6d9fe 1020 if test -n "${withval}" && \
1021 test "x${withval}" != "xyes"; then
3c0ef626 1022 if test -d "${withval}/lib"; then
1023 if test -n "${need_dash_r}"; then
1024 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1025 else
1026 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1027 fi
1028 else
1029 if test -n "${need_dash_r}"; then
1030 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1031 else
1032 LDFLAGS="-L${withval} ${LDFLAGS}"
1033 fi
1034 fi
1035 if test -d "${withval}/include"; then
1036 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1037 else
1038 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1039 fi
1040 fi
e9a17296 1041 LIBWRAP="-lwrap"
1042 LIBS="$LIBWRAP $LIBS"
3c0ef626 1043 AC_MSG_CHECKING(for libwrap)
1044 AC_TRY_LINK(
1045 [
99be0775 1046#include <sys/types.h>
1047#include <sys/socket.h>
1048#include <netinet/in.h>
3c0ef626 1049#include <tcpd.h>
1050 int deny_severity = 0, allow_severity = 0;
1051 ],
1052 [hosts_access(0);],
1053 [
1054 AC_MSG_RESULT(yes)
2c06c99b 1055 AC_DEFINE(LIBWRAP, 1,
1056 [Define if you want
1057 TCP Wrappers support])
e9a17296 1058 AC_SUBST(LIBWRAP)
3c0ef626 1059 TCPW_MSG="yes"
1060 ],
1061 [
1062 AC_MSG_ERROR([*** libwrap missing])
1063 ]
1064 )
e9a17296 1065 LIBS="$saved_LIBS"
3c0ef626 1066 fi
1067 ]
1068)
1069
996d5e62 1070# Check whether user wants libedit support
1071LIBEDIT_MSG="no"
1072AC_ARG_WITH(libedit,
1073 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1074 [ if test "x$withval" != "xno" ; then
dec6d9fe 1075 if test "x$withval" != "xyes"; then
2c06c99b 1076 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1077 if test -n "${need_dash_r}"; then
1078 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1079 else
1080 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1081 fi
dec6d9fe 1082 fi
996d5e62 1083 AC_CHECK_LIB(edit, el_init,
2c06c99b 1084 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
996d5e62 1085 LIBEDIT="-ledit -lcurses"
1086 LIBEDIT_MSG="yes"
1087 AC_SUBST(LIBEDIT)
1088 ],
dec6d9fe 1089 [ AC_MSG_ERROR(libedit not found) ],
1090 [ -lcurses ]
996d5e62 1091 )
665a873d 1092 AC_MSG_CHECKING(if libedit version is compatible)
1093 AC_COMPILE_IFELSE(
1094 [AC_LANG_SOURCE([[
1095#include <histedit.h>
1096int main(void)
1097{
1098 int i = H_SETSIZE;
1099 el_init("", NULL, NULL, NULL);
1100 exit(0);
1101}
1102 ]])],
1103 [ AC_MSG_RESULT(yes) ],
1104 [ AC_MSG_RESULT(no)
1105 AC_MSG_ERROR(libedit version is not compatible) ]
1106 )
996d5e62 1107 fi ]
1108)
1109
1110AUDIT_MODULE=none
1111AC_ARG_WITH(audit,
1112 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1113 [
1114 AC_MSG_CHECKING(for supported audit module)
1115 case "$withval" in
1116 bsm)
1117 AC_MSG_RESULT(bsm)
1118 AUDIT_MODULE=bsm
1119 dnl Checks for headers, libs and functions
1120 AC_CHECK_HEADERS(bsm/audit.h, [],
1121 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1122 AC_CHECK_LIB(bsm, getaudit, [],
1123 [AC_MSG_ERROR(BSM enabled and required library not found)])
1124 AC_CHECK_FUNCS(getaudit, [],
1125 [AC_MSG_ERROR(BSM enabled and required function not found)])
1126 # These are optional
1127 AC_CHECK_FUNCS(getaudit_addr)
2c06c99b 1128 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
996d5e62 1129 ;;
1130 debug)
1131 AUDIT_MODULE=debug
1132 AC_MSG_RESULT(debug)
2c06c99b 1133 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
996d5e62 1134 ;;
665a873d 1135 no)
1136 AC_MSG_RESULT(no)
1137 ;;
996d5e62 1138 *)
1139 AC_MSG_ERROR([Unknown audit module $withval])
1140 ;;
1141 esac ]
1142)
1143
6a9b3198 1144dnl Checks for library functions. Please keep in alphabetical order
665a873d 1145AC_CHECK_FUNCS( \
1146 arc4random \
2c06c99b 1147 asprintf \
665a873d 1148 b64_ntop \
1149 __b64_ntop \
1150 b64_pton \
1151 __b64_pton \
1152 bcopy \
1153 bindresvport_sa \
1154 clock \
1155 closefrom \
1156 dirfd \
1157 fchmod \
1158 fchown \
1159 freeaddrinfo \
1160 futimes \
1161 getaddrinfo \
1162 getcwd \
1163 getgrouplist \
1164 getnameinfo \
1165 getopt \
1166 getpeereid \
1167 _getpty \
1168 getrlimit \
1169 getttyent \
1170 glob \
1171 inet_aton \
1172 inet_ntoa \
1173 inet_ntop \
1174 innetgr \
1175 login_getcapbool \
1176 md5_crypt \
1177 memmove \
1178 mkdtemp \
1179 mmap \
1180 ngetaddrinfo \
1181 nsleep \
1182 ogetaddrinfo \
1183 openlog_r \
1184 openpty \
1185 prctl \
1186 pstat \
1187 readpassphrase \
1188 realpath \
1189 recvmsg \
1190 rresvport_af \
1191 sendmsg \
1192 setdtablesize \
1193 setegid \
1194 setenv \
1195 seteuid \
1196 setgroups \
1197 setlogin \
1198 setpcred \
1199 setproctitle \
1200 setregid \
1201 setreuid \
1202 setrlimit \
1203 setsid \
1204 setvbuf \
1205 sigaction \
1206 sigvec \
1207 snprintf \
1208 socketpair \
1209 strdup \
1210 strerror \
1211 strlcat \
1212 strlcpy \
1213 strmode \
1214 strnvis \
1215 strtonum \
1216 strtoll \
1217 strtoul \
1218 sysconf \
1219 tcgetpgrp \
1220 truncate \
1221 unsetenv \
1222 updwtmpx \
2c06c99b 1223 vasprintf \
665a873d 1224 vhangup \
1225 vsnprintf \
1226 waitpid \
6a9b3198 1227)
1228
acc3d05e 1229# IRIX has a const char return value for gai_strerror()
1230AC_CHECK_FUNCS(gai_strerror,[
1231 AC_DEFINE(HAVE_GAI_STRERROR)
1232 AC_TRY_COMPILE([
1233#include <sys/types.h>
1234#include <sys/socket.h>
1235#include <netdb.h>
1236
1237const char *gai_strerror(int);],[
1238char *str;
1239
1240str = gai_strerror(0);],[
1241 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1242 [Define if gai_strerror() returns const char *])])])
1243
2c06c99b 1244AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1245 [Some systems put nanosleep outside of libc]))
6a9b3198 1246
0fff78ff 1247dnl Make sure prototypes are defined for these before using them.
0fff78ff 1248AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
665a873d 1249AC_CHECK_DECL(strsep,
1250 [AC_CHECK_FUNCS(strsep)],
1251 [],
1252 [
1253#ifdef HAVE_STRING_H
1254# include <string.h>
1255#endif
1256 ])
3c0ef626 1257
0fff78ff 1258dnl tcsendbreak might be a macro
1259AC_CHECK_DECL(tcsendbreak,
1260 [AC_DEFINE(HAVE_TCSENDBREAK)],
cdd66111 1261 [AC_CHECK_FUNCS(tcsendbreak)],
0fff78ff 1262 [#include <termios.h>]
1263)
3c0ef626 1264
c9f39d2c 1265AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1266
cdd66111 1267AC_CHECK_FUNCS(setresuid, [
1268 dnl Some platorms have setresuid that isn't implemented, test for this
1269 AC_MSG_CHECKING(if setresuid seems to work)
996d5e62 1270 AC_RUN_IFELSE(
1271 [AC_LANG_SOURCE([[
cdd66111 1272#include <stdlib.h>
1273#include <errno.h>
1274int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1275 ]])],
cdd66111 1276 [AC_MSG_RESULT(yes)],
2c06c99b 1277 [AC_DEFINE(BROKEN_SETRESUID, 1,
1278 [Define if your setresuid() is broken])
996d5e62 1279 AC_MSG_RESULT(not implemented)],
1280 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1281 )
1282])
1283
1284AC_CHECK_FUNCS(setresgid, [
1285 dnl Some platorms have setresgid that isn't implemented, test for this
1286 AC_MSG_CHECKING(if setresgid seems to work)
996d5e62 1287 AC_RUN_IFELSE(
1288 [AC_LANG_SOURCE([[
cdd66111 1289#include <stdlib.h>
1290#include <errno.h>
1291int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1292 ]])],
cdd66111 1293 [AC_MSG_RESULT(yes)],
2c06c99b 1294 [AC_DEFINE(BROKEN_SETRESGID, 1,
1295 [Define if your setresgid() is broken])
996d5e62 1296 AC_MSG_RESULT(not implemented)],
1297 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1298 )
1299])
1300
3c0ef626 1301dnl Checks for time functions
1302AC_CHECK_FUNCS(gettimeofday time)
1303dnl Checks for utmp functions
1304AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1305AC_CHECK_FUNCS(utmpname)
1306dnl Checks for utmpx functions
1307AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1308AC_CHECK_FUNCS(setutxent utmpxname)
1309
cdd66111 1310AC_CHECK_FUNC(daemon,
2c06c99b 1311 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1312 [AC_CHECK_LIB(bsd, daemon,
1313 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1314)
1315
cdd66111 1316AC_CHECK_FUNC(getpagesize,
2c06c99b 1317 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1318 [Define if your libraries define getpagesize()])],
1319 [AC_CHECK_LIB(ucb, getpagesize,
1320 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1321)
1322
1323# Check for broken snprintf
1324if test "x$ac_cv_func_snprintf" = "xyes" ; then
1325 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
996d5e62 1326 AC_RUN_IFELSE(
1327 [AC_LANG_SOURCE([[
3c0ef626 1328#include <stdio.h>
41b2f314 1329int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
996d5e62 1330 ]])],
cdd66111 1331 [AC_MSG_RESULT(yes)],
3c0ef626 1332 [
1333 AC_MSG_RESULT(no)
2c06c99b 1334 AC_DEFINE(BROKEN_SNPRINTF, 1,
1335 [Define if your snprintf is busted])
3c0ef626 1336 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
996d5e62 1337 ],
1338 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1339 )
1340fi
1341
2c06c99b 1342# If we don't have a working asprintf, then we strongly depend on vsnprintf
1343# returning the right thing on overflow: the number of characters it tried to
1344# create (as per SUSv3)
1345if test "x$ac_cv_func_asprintf" != "xyes" && \
1346 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1347 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1348 AC_RUN_IFELSE(
1349 [AC_LANG_SOURCE([[
1350#include <sys/types.h>
1351#include <stdio.h>
1352#include <stdarg.h>
1353
1354int x_snprintf(char *str,size_t count,const char *fmt,...)
1355{
1356 size_t ret; va_list ap;
1357 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1358 return ret;
1359}
1360int main(void)
1361{
1362 char x[1];
1363 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1364} ]])],
1365 [AC_MSG_RESULT(yes)],
1366 [
1367 AC_MSG_RESULT(no)
1368 AC_DEFINE(BROKEN_SNPRINTF, 1,
1369 [Define if your snprintf is busted])
1370 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1371 ],
1372 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1373 )
1374fi
1375
1376# On systems where [v]snprintf is broken, but is declared in stdio,
1377# check that the fmt argument is const char * or just char *.
1378# This is only useful for when BROKEN_SNPRINTF
1379AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1380AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1381 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1382 int main(void) { snprintf(0, 0, 0); }
1383 ]])],
1384 [AC_MSG_RESULT(yes)
1385 AC_DEFINE(SNPRINTF_CONST, [const],
1386 [Define as const if snprintf() can declare const char *fmt])],
1387 [AC_MSG_RESULT(no)
1388 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1389
c9f39d2c 1390# Check for missing getpeereid (or equiv) support
1391NO_PEERCHECK=""
1392if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1393 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1394 AC_TRY_COMPILE(
1395 [#include <sys/types.h>
1396 #include <sys/socket.h>],
1397 [int i = SO_PEERCRED;],
dec6d9fe 1398 [ AC_MSG_RESULT(yes)
2c06c99b 1399 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
dec6d9fe 1400 ],
c9f39d2c 1401 [AC_MSG_RESULT(no)
1402 NO_PEERCHECK=1]
1403 )
1404fi
1405
6a9b3198 1406dnl see whether mkstemp() requires XXXXXX
1407if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1408AC_MSG_CHECKING([for (overly) strict mkstemp])
2c06c99b 1409AC_RUN_IFELSE(
1410 [AC_LANG_SOURCE([[
6a9b3198 1411#include <stdlib.h>
1412main() { char template[]="conftest.mkstemp-test";
1413if (mkstemp(template) == -1)
1414 exit(1);
1415unlink(template); exit(0);
1416}
2c06c99b 1417 ]])],
6a9b3198 1418 [
1419 AC_MSG_RESULT(no)
1420 ],
cdd66111 1421 [
6a9b3198 1422 AC_MSG_RESULT(yes)
2c06c99b 1423 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
6a9b3198 1424 ],
1425 [
1426 AC_MSG_RESULT(yes)
1427 AC_DEFINE(HAVE_STRICT_MKSTEMP)
cdd66111 1428 ]
6a9b3198 1429)
1430fi
1431
0fff78ff 1432dnl make sure that openpty does not reacquire controlling terminal
1433if test ! -z "$check_for_openpty_ctty_bug"; then
1434 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
2c06c99b 1435 AC_RUN_IFELSE(
1436 [AC_LANG_SOURCE([[
0fff78ff 1437#include <stdio.h>
1438#include <sys/fcntl.h>
1439#include <sys/types.h>
1440#include <sys/wait.h>
1441
1442int
1443main()
1444{
1445 pid_t pid;
1446 int fd, ptyfd, ttyfd, status;
1447
1448 pid = fork();
1449 if (pid < 0) { /* failed */
1450 exit(1);
1451 } else if (pid > 0) { /* parent */
1452 waitpid(pid, &status, 0);
cdd66111 1453 if (WIFEXITED(status))
0fff78ff 1454 exit(WEXITSTATUS(status));
1455 else
1456 exit(2);
1457 } else { /* child */
1458 close(0); close(1); close(2);
1459 setsid();
1460 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1461 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1462 if (fd >= 0)
1463 exit(3); /* Acquired ctty: broken */
1464 else
1465 exit(0); /* Did not acquire ctty: OK */
1466 }
1467}
2c06c99b 1468 ]])],
0fff78ff 1469 [
1470 AC_MSG_RESULT(yes)
1471 ],
1472 [
1473 AC_MSG_RESULT(no)
1474 AC_DEFINE(SSHD_ACQUIRES_CTTY)
2c06c99b 1475 ],
1476 [
1477 AC_MSG_RESULT(cross-compiling, assuming yes)
0fff78ff 1478 ]
1479 )
1480fi
1481
dec6d9fe 1482if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1483 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
99be0775 1484 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1485 AC_RUN_IFELSE(
1486 [AC_LANG_SOURCE([[
99be0775 1487#include <stdio.h>
1488#include <sys/socket.h>
1489#include <netdb.h>
1490#include <errno.h>
1491#include <netinet/in.h>
1492
1493#define TEST_PORT "2222"
1494
1495int
1496main(void)
1497{
1498 int err, sock;
1499 struct addrinfo *gai_ai, *ai, hints;
1500 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1501
1502 memset(&hints, 0, sizeof(hints));
1503 hints.ai_family = PF_UNSPEC;
1504 hints.ai_socktype = SOCK_STREAM;
1505 hints.ai_flags = AI_PASSIVE;
1506
1507 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1508 if (err != 0) {
1509 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1510 exit(1);
1511 }
1512
1513 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1514 if (ai->ai_family != AF_INET6)
1515 continue;
1516
1517 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1518 sizeof(ntop), strport, sizeof(strport),
1519 NI_NUMERICHOST|NI_NUMERICSERV);
1520
1521 if (err != 0) {
1522 if (err == EAI_SYSTEM)
1523 perror("getnameinfo EAI_SYSTEM");
1524 else
1525 fprintf(stderr, "getnameinfo failed: %s\n",
1526 gai_strerror(err));
1527 exit(2);
1528 }
1529
1530 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1531 if (sock < 0)
1532 perror("socket");
1533 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1534 if (errno == EBADF)
1535 exit(3);
1536 }
1537 }
1538 exit(0);
1539}
2c06c99b 1540 ]])],
99be0775 1541 [
1542 AC_MSG_RESULT(yes)
1543 ],
1544 [
1545 AC_MSG_RESULT(no)
1546 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1547 ],
1548 [
1549 AC_MSG_RESULT(cross-compiling, assuming yes)
99be0775 1550 ]
1551 )
1552fi
1553
dec6d9fe 1554if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1555 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
996d5e62 1556 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1557 AC_RUN_IFELSE(
1558 [AC_LANG_SOURCE([[
996d5e62 1559#include <stdio.h>
1560#include <sys/socket.h>
1561#include <netdb.h>
1562#include <errno.h>
1563#include <netinet/in.h>
1564
1565#define TEST_PORT "2222"
1566
1567int
1568main(void)
1569{
1570 int err, sock;
1571 struct addrinfo *gai_ai, *ai, hints;
1572 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1573
1574 memset(&hints, 0, sizeof(hints));
1575 hints.ai_family = PF_UNSPEC;
1576 hints.ai_socktype = SOCK_STREAM;
1577 hints.ai_flags = AI_PASSIVE;
1578
1579 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1580 if (err != 0) {
1581 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1582 exit(1);
1583 }
1584
1585 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1586 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1587 continue;
1588
1589 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1590 sizeof(ntop), strport, sizeof(strport),
1591 NI_NUMERICHOST|NI_NUMERICSERV);
1592
1593 if (ai->ai_family == AF_INET && err != 0) {
1594 perror("getnameinfo");
1595 exit(2);
1596 }
1597 }
1598 exit(0);
1599}
2c06c99b 1600 ]])],
996d5e62 1601 [
1602 AC_MSG_RESULT(yes)
2c06c99b 1603 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1604 [Define if you have a getaddrinfo that fails
1605 for the all-zeros IPv6 address])
996d5e62 1606 ],
1607 [
1608 AC_MSG_RESULT(no)
1609 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1610 ],
1611 AC_MSG_RESULT(cross-compiling, assuming no)
996d5e62 1612 ]
1613 )
1614fi
1615
1616if test "x$check_for_conflicting_getspnam" = "x1"; then
1617 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1618 AC_COMPILE_IFELSE(
1619 [
1620#include <shadow.h>
1621int main(void) {exit(0);}
1622 ],
1623 [
1624 AC_MSG_RESULT(no)
1625 ],
1626 [
1627 AC_MSG_RESULT(yes)
1628 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1629 [Conflicting defs for getspnam])
1630 ]
1631 )
1632fi
1633
3c0ef626 1634AC_FUNC_GETPGRP
1635
1636# Check for PAM libs
1637PAM_MSG="no"
1638AC_ARG_WITH(pam,
1639 [ --with-pam Enable PAM support ],
1640 [
1641 if test "x$withval" != "xno" ; then
cdd66111 1642 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1643 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
3c0ef626 1644 AC_MSG_ERROR([PAM headers not found])
1645 fi
1646
1647 AC_CHECK_LIB(dl, dlopen, , )
1648 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1649 AC_CHECK_FUNCS(pam_getenvlist)
0fff78ff 1650 AC_CHECK_FUNCS(pam_putenv)
3c0ef626 1651
3c0ef626 1652 PAM_MSG="yes"
1653
2c06c99b 1654 AC_DEFINE(USE_PAM, 1,
1655 [Define if you want to enable PAM support])
e9a17296 1656 if test $ac_cv_lib_dl_dlopen = yes; then
1657 LIBPAM="-lpam -ldl"
1658 else
1659 LIBPAM="-lpam"
1660 fi
1661 AC_SUBST(LIBPAM)
3c0ef626 1662 fi
1663 ]
1664)
1665
1666# Check for older PAM
1667if test "x$PAM_MSG" = "xyes" ; then
1668 # Check PAM strerror arguments (old PAM)
1669 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1670 AC_TRY_COMPILE(
1671 [
1672#include <stdlib.h>
cdd66111 1673#if defined(HAVE_SECURITY_PAM_APPL_H)
3c0ef626 1674#include <security/pam_appl.h>
cdd66111 1675#elif defined (HAVE_PAM_PAM_APPL_H)
1676#include <pam/pam_appl.h>
1677#endif
1678 ],
1679 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
3c0ef626 1680 [AC_MSG_RESULT(no)],
1681 [
2c06c99b 1682 AC_DEFINE(HAVE_OLD_PAM, 1,
1683 [Define if you have an old version of PAM
1684 which takes only one argument to pam_strerror])
3c0ef626 1685 AC_MSG_RESULT(yes)
1686 PAM_MSG="yes (old library)"
1687 ]
1688 )
1689fi
1690
700318f3 1691# Search for OpenSSL
1692saved_CPPFLAGS="$CPPFLAGS"
1693saved_LDFLAGS="$LDFLAGS"
3c0ef626 1694AC_ARG_WITH(ssl-dir,
1695 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1696 [
1697 if test "x$withval" != "xno" ; then
996d5e62 1698 case "$withval" in
1699 # Relative paths
1700 ./*|../*) withval="`pwd`/$withval"
1701 esac
700318f3 1702 if test -d "$withval/lib"; then
1703 if test -n "${need_dash_r}"; then
1704 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1705 else
1706 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1707 fi
1708 else
700318f3 1709 if test -n "${need_dash_r}"; then
1710 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1711 else
1712 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1713 fi
1714 fi
700318f3 1715 if test -d "$withval/include"; then
1716 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1717 else
700318f3 1718 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1719 fi
1720 fi
700318f3 1721 ]
1722)
cdd66111 1723LIBS="-lcrypto $LIBS"
2c06c99b 1724AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1725 [Define if your ssl headers are included
1726 with #include <openssl/header.h>]),
3c0ef626 1727 [
700318f3 1728 dnl Check default openssl install dir
1729 if test -n "${need_dash_r}"; then
1730 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1731 else
700318f3 1732 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1733 fi
700318f3 1734 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1735 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1736 [
1737 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1738 ]
1739 )
1740 ]
1741)
1742
41b2f314 1743# Determine OpenSSL header version
1744AC_MSG_CHECKING([OpenSSL header version])
996d5e62 1745AC_RUN_IFELSE(
1746 [AC_LANG_SOURCE([[
41b2f314 1747#include <stdio.h>
1748#include <string.h>
1749#include <openssl/opensslv.h>
1750#define DATA "conftest.sslincver"
1751int main(void) {
cdd66111 1752 FILE *fd;
1753 int rc;
41b2f314 1754
cdd66111 1755 fd = fopen(DATA,"w");
1756 if(fd == NULL)
1757 exit(1);
41b2f314 1758
1759 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1760 exit(1);
1761
1762 exit(0);
1763}
996d5e62 1764 ]])],
41b2f314 1765 [
1766 ssl_header_ver=`cat conftest.sslincver`
1767 AC_MSG_RESULT($ssl_header_ver)
1768 ],
1769 [
1770 AC_MSG_RESULT(not found)
1771 AC_MSG_ERROR(OpenSSL version header not found.)
996d5e62 1772 ],
1773 [
1774 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1775 ]
1776)
1777
1778# Determine OpenSSL library version
1779AC_MSG_CHECKING([OpenSSL library version])
996d5e62 1780AC_RUN_IFELSE(
1781 [AC_LANG_SOURCE([[
41b2f314 1782#include <stdio.h>
1783#include <string.h>
1784#include <openssl/opensslv.h>
1785#include <openssl/crypto.h>
1786#define DATA "conftest.ssllibver"
1787int main(void) {
cdd66111 1788 FILE *fd;
1789 int rc;
41b2f314 1790
cdd66111 1791 fd = fopen(DATA,"w");
1792 if(fd == NULL)
1793 exit(1);
41b2f314 1794
1795 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1796 exit(1);
1797
1798 exit(0);
1799}
996d5e62 1800 ]])],
41b2f314 1801 [
1802 ssl_library_ver=`cat conftest.ssllibver`
1803 AC_MSG_RESULT($ssl_library_ver)
1804 ],
1805 [
1806 AC_MSG_RESULT(not found)
1807 AC_MSG_ERROR(OpenSSL library not found.)
996d5e62 1808 ],
1809 [
1810 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1811 ]
1812)
3c0ef626 1813
e9a17296 1814# Sanity check OpenSSL headers
1815AC_MSG_CHECKING([whether OpenSSL's headers match the library])
996d5e62 1816AC_RUN_IFELSE(
1817 [AC_LANG_SOURCE([[
e9a17296 1818#include <string.h>
1819#include <openssl/opensslv.h>
41b2f314 1820int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
996d5e62 1821 ]])],
e9a17296 1822 [
1823 AC_MSG_RESULT(yes)
1824 ],
1825 [
1826 AC_MSG_RESULT(no)
0fff78ff 1827 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1828Check config.log for details.
1829Also see contrib/findssl.sh for help identifying header/library mismatches.])
996d5e62 1830 ],
1831 [
1832 AC_MSG_WARN([cross compiling: not checking])
e9a17296 1833 ]
1834)
1835
2c06c99b 1836# Check for OpenSSL without EVP_aes_{192,256}_cbc
1837AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
1838AC_COMPILE_IFELSE(
1839 [AC_LANG_SOURCE([[
1840#include <string.h>
1841#include <openssl/evp.h>
f2f068fa 1842int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
2c06c99b 1843 ]])],
1844 [
1845 AC_MSG_RESULT(no)
1846 ],
1847 [
1848 AC_MSG_RESULT(yes)
1849 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1850 [libcrypto is missing AES 192 and 256 bit functions])
1851 ]
1852)
1853
cdd66111 1854# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1855# because the system crypt() is more featureful.
1856if test "x$check_for_libcrypt_before" = "x1"; then
1857 AC_CHECK_LIB(crypt, crypt)
1858fi
1859
1860# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
1861# version in OpenSSL.
0fff78ff 1862if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 1863 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
1864fi
1865
665a873d 1866AC_CHECK_LIB(iaf, ia_openinfo)
e9a17296 1867
1868### Configure cryptographic random number support
1869
1870# Check wheter OpenSSL seeds itself
1871AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
996d5e62 1872AC_RUN_IFELSE(
1873 [AC_LANG_SOURCE([[
e9a17296 1874#include <string.h>
1875#include <openssl/rand.h>
41b2f314 1876int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
996d5e62 1877 ]])],
e9a17296 1878 [
1879 OPENSSL_SEEDS_ITSELF=yes
1880 AC_MSG_RESULT(yes)
1881 ],
1882 [
1883 AC_MSG_RESULT(no)
1884 # Default to use of the rand helper if OpenSSL doesn't
1885 # seed itself
1886 USE_RAND_HELPER=yes
996d5e62 1887 ],
1888 [
1889 AC_MSG_WARN([cross compiling: assuming yes])
1890 # This is safe, since all recent OpenSSL versions will
dec6d9fe 1891 # complain at runtime if not seeded correctly.
996d5e62 1892 OPENSSL_SEEDS_ITSELF=yes
e9a17296 1893 ]
1894)
1895
1896
1897# Do we want to force the use of the rand helper?
1898AC_ARG_WITH(rand-helper,
1899 [ --with-rand-helper Use subprocess to gather strong randomness ],
1900 [
1901 if test "x$withval" = "xno" ; then
cdd66111 1902 # Force use of OpenSSL's internal RNG, even if
e9a17296 1903 # the previous test showed it to be unseeded.
1904 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1905 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1906 OPENSSL_SEEDS_ITSELF=yes
1907 USE_RAND_HELPER=""
1908 fi
1909 else
1910 USE_RAND_HELPER=yes
1911 fi
1912 ],
dec6d9fe 1913)
e9a17296 1914
1915# Which randomness source do we use?
dec6d9fe 1916if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 1917 # OpenSSL only
2c06c99b 1918 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
1919 [Define if you want OpenSSL's internally seeded PRNG only])
e9a17296 1920 RAND_MSG="OpenSSL internal ONLY"
1921 INSTALL_SSH_RAND_HELPER=""
1922elif test ! -z "$USE_RAND_HELPER" ; then
1923 # install rand helper
1924 RAND_MSG="ssh-rand-helper"
1925 INSTALL_SSH_RAND_HELPER="yes"
1926fi
1927AC_SUBST(INSTALL_SSH_RAND_HELPER)
1928
1929### Configuration of ssh-rand-helper
1930
1931# PRNGD TCP socket
1932AC_ARG_WITH(prngd-port,
1933 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1934 [
1935 case "$withval" in
1936 no)
1937 withval=""
1938 ;;
1939 [[0-9]]*)
1940 ;;
1941 *)
1942 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1943 ;;
1944 esac
1945 if test ! -z "$withval" ; then
1946 PRNGD_PORT="$withval"
2c06c99b 1947 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
1948 [Port number of PRNGD/EGD random number socket])
e9a17296 1949 fi
1950 ]
1951)
1952
1953# PRNGD Unix domain socket
1954AC_ARG_WITH(prngd-socket,
1955 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1956 [
1957 case "$withval" in
1958 yes)
1959 withval="/var/run/egd-pool"
1960 ;;
1961 no)
1962 withval=""
1963 ;;
1964 /*)
1965 ;;
1966 *)
1967 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1968 ;;
1969 esac
1970
1971 if test ! -z "$withval" ; then
1972 if test ! -z "$PRNGD_PORT" ; then
1973 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1974 fi
1975 if test ! -r "$withval" ; then
1976 AC_MSG_WARN(Entropy socket is not readable)
1977 fi
1978 PRNGD_SOCKET="$withval"
2c06c99b 1979 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
1980 [Location of PRNGD/EGD random number socket])
e9a17296 1981 fi
1982 ],
1983 [
1984 # Check for existing socket only if we don't have a random device already
1985 if test "$USE_RAND_HELPER" = yes ; then
1986 AC_MSG_CHECKING(for PRNGD/EGD socket)
1987 # Insert other locations here
1988 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1989 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1990 PRNGD_SOCKET="$sock"
1991 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1992 break;
1993 fi
1994 done
1995 if test ! -z "$PRNGD_SOCKET" ; then
1996 AC_MSG_RESULT($PRNGD_SOCKET)
1997 else
1998 AC_MSG_RESULT(not found)
1999 fi
2000 fi
2001 ]
2002)
2003
2004# Change default command timeout for hashing entropy source
2005entropy_timeout=200
2006AC_ARG_WITH(entropy-timeout,
2007 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2008 [
dec6d9fe 2009 if test -n "$withval" && test "x$withval" != "xno" && \
2010 test "x${withval}" != "xyes"; then
e9a17296 2011 entropy_timeout=$withval
2012 fi
dec6d9fe 2013 ]
e9a17296 2014)
2c06c99b 2015AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2016 [Builtin PRNG command timeout])
e9a17296 2017
680cee3b 2018SSH_PRIVSEP_USER=sshd
700318f3 2019AC_ARG_WITH(privsep-user,
2020 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2021 [
dec6d9fe 2022 if test -n "$withval" && test "x$withval" != "xno" && \
2023 test "x${withval}" != "xyes"; then
680cee3b 2024 SSH_PRIVSEP_USER=$withval
700318f3 2025 fi
dec6d9fe 2026 ]
700318f3 2027)
2c06c99b 2028AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2029 [non-privileged user for privilege separation])
680cee3b 2030AC_SUBST(SSH_PRIVSEP_USER)
700318f3 2031
2032# We do this little dance with the search path to insure
2033# that programs that we select for use by installed programs
2034# (which may be run by the super-user) come from trusted
2035# locations before they come from the user's private area.
2036# This should help avoid accidentally configuring some
2037# random version of a program in someone's personal bin.
2038
2039OPATH=$PATH
2040PATH=/bin:/usr/bin
2041test -h /bin 2> /dev/null && PATH=/usr/bin
2042test -d /sbin && PATH=$PATH:/sbin
2043test -d /usr/sbin && PATH=$PATH:/usr/sbin
2044PATH=$PATH:/etc:$OPATH
2045
cdd66111 2046# These programs are used by the command hashing source to gather entropy
e9a17296 2047OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2048OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2049OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2050OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2051OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2052OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2053OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2054OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2055OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2056OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2057OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2058OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2059OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2060OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2061OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2062OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
700318f3 2063# restore PATH
2064PATH=$OPATH
e9a17296 2065
2066# Where does ssh-rand-helper get its randomness from?
2067INSTALL_SSH_PRNG_CMDS=""
2068if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2069 if test ! -z "$PRNGD_PORT" ; then
2070 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2071 elif test ! -z "$PRNGD_SOCKET" ; then
2072 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2073 else
2074 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2075 RAND_HELPER_CMDHASH=yes
2076 INSTALL_SSH_PRNG_CMDS="yes"
2077 fi
2078fi
2079AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2080
2081
3c0ef626 2082# Cheap hack to ensure NEWS-OS libraries are arranged right.
2083if test ! -z "$SONY" ; then
2084 LIBS="$LIBS -liberty";
2085fi
2086
2c06c99b 2087# Check for long long datatypes
2088AC_CHECK_TYPES([long long, unsigned long long, long double])
2089
2090# Check datatype sizes
3c0ef626 2091AC_CHECK_SIZEOF(char, 1)
2092AC_CHECK_SIZEOF(short int, 2)
2093AC_CHECK_SIZEOF(int, 4)
2094AC_CHECK_SIZEOF(long int, 4)
2095AC_CHECK_SIZEOF(long long int, 8)
2096
700318f3 2097# Sanity check long long for some platforms (AIX)
2098if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2099 ac_cv_sizeof_long_long_int=0
2100fi
2101
2c06c99b 2102# compute LLONG_MIN and LLONG_MAX if we don't know them.
2103if test -z "$have_llong_max"; then
2104 AC_MSG_CHECKING([for max value of long long])
2105 AC_RUN_IFELSE(
2106 [AC_LANG_SOURCE([[
2107#include <stdio.h>
2108/* Why is this so damn hard? */
2109#ifdef __GNUC__
2110# undef __GNUC__
2111#endif
2112#define __USE_ISOC99
2113#include <limits.h>
2114#define DATA "conftest.llminmax"
2115int main(void) {
2116 FILE *f;
2117 long long i, llmin, llmax = 0;
2118
2119 if((f = fopen(DATA,"w")) == NULL)
2120 exit(1);
2121
2122#if defined(LLONG_MIN) && defined(LLONG_MAX)
2123 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2124 llmin = LLONG_MIN;
2125 llmax = LLONG_MAX;
2126#else
2127 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2128 /* This will work on one's complement and two's complement */
2129 for (i = 1; i > llmax; i <<= 1, i++)
2130 llmax = i;
2131 llmin = llmax + 1LL; /* wrap */
2132#endif
2133
2134 /* Sanity check */
2135 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
2136 || llmax - 1 > llmax) {
2137 fprintf(f, "unknown unknown\n");
2138 exit(2);
2139 }
2140
2141 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
2142 exit(3);
2143
2144 exit(0);
2145}
2146 ]])],
2147 [
2148 llong_min=`$AWK '{print $1}' conftest.llminmax`
2149 llong_max=`$AWK '{print $2}' conftest.llminmax`
2150
2151 # snprintf on some Tru64s doesn't understand "%lld"
2152 case "$host" in
2153 alpha-dec-osf*)
2154 if test "x$ac_cv_sizeof_long_long_int" = "x8" &&
2155 test "x$llong_max" = "xld"; then
2156 llong_min="-9223372036854775808"
2157 llong_max="9223372036854775807"
2158 fi
2159 ;;
2160 esac
2161
2162 AC_MSG_RESULT($llong_max)
2163 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2164 [max value of long long calculated by configure])
2165 AC_MSG_CHECKING([for min value of long long])
2166 AC_MSG_RESULT($llong_min)
2167 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2168 [min value of long long calculated by configure])
2169 ],
2170 [
2171 AC_MSG_RESULT(not found)
2172 ],
2173 [
2174 AC_MSG_WARN([cross compiling: not checking])
2175 ]
2176 )
2177fi
2178
2179
3c0ef626 2180# More checks for data types
2181AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2182 AC_TRY_COMPILE(
cdd66111 2183 [ #include <sys/types.h> ],
2184 [ u_int a; a = 1;],
3c0ef626 2185 [ ac_cv_have_u_int="yes" ],
2186 [ ac_cv_have_u_int="no" ]
2187 )
2188])
2189if test "x$ac_cv_have_u_int" = "xyes" ; then
2c06c99b 2190 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2191 have_u_int=1
2192fi
2193
2194AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2195 AC_TRY_COMPILE(
cdd66111 2196 [ #include <sys/types.h> ],
2197 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2198 [ ac_cv_have_intxx_t="yes" ],
2199 [ ac_cv_have_intxx_t="no" ]
2200 )
2201])
2202if test "x$ac_cv_have_intxx_t" = "xyes" ; then
2c06c99b 2203 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2204 have_intxx_t=1
2205fi
2206
2207if (test -z "$have_intxx_t" && \
cdd66111 2208 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2209then
2210 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2211 AC_TRY_COMPILE(
cdd66111 2212 [ #include <stdint.h> ],
2213 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2214 [
2215 AC_DEFINE(HAVE_INTXX_T)
2216 AC_MSG_RESULT(yes)
2217 ],
2218 [ AC_MSG_RESULT(no) ]
2219 )
2220fi
2221
2222AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2223 AC_TRY_COMPILE(
41b2f314 2224 [
2225#include <sys/types.h>
2226#ifdef HAVE_STDINT_H
2227# include <stdint.h>
2228#endif
2229#include <sys/socket.h>
2230#ifdef HAVE_SYS_BITYPES_H
2231# include <sys/bitypes.h>
2232#endif
cdd66111 2233 ],
2234 [ int64_t a; a = 1;],
3c0ef626 2235 [ ac_cv_have_int64_t="yes" ],
2236 [ ac_cv_have_int64_t="no" ]
2237 )
2238])
2239if test "x$ac_cv_have_int64_t" = "xyes" ; then
2c06c99b 2240 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9a17296 2241fi
2242
3c0ef626 2243AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2244 AC_TRY_COMPILE(
cdd66111 2245 [ #include <sys/types.h> ],
2246 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2247 [ ac_cv_have_u_intxx_t="yes" ],
2248 [ ac_cv_have_u_intxx_t="no" ]
2249 )
2250])
2251if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
2c06c99b 2252 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2253 have_u_intxx_t=1
2254fi
2255
2256if test -z "$have_u_intxx_t" ; then
2257 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2258 AC_TRY_COMPILE(
cdd66111 2259 [ #include <sys/socket.h> ],
2260 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2261 [
2262 AC_DEFINE(HAVE_U_INTXX_T)
2263 AC_MSG_RESULT(yes)
2264 ],
2265 [ AC_MSG_RESULT(no) ]
2266 )
2267fi
2268
2269AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2270 AC_TRY_COMPILE(
cdd66111 2271 [ #include <sys/types.h> ],
2272 [ u_int64_t a; a = 1;],
3c0ef626 2273 [ ac_cv_have_u_int64_t="yes" ],
2274 [ ac_cv_have_u_int64_t="no" ]
2275 )
2276])
2277if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2c06c99b 2278 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2279 have_u_int64_t=1
2280fi
2281
e9a17296 2282if test -z "$have_u_int64_t" ; then
2283 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2284 AC_TRY_COMPILE(
cdd66111 2285 [ #include <sys/bitypes.h> ],
e9a17296 2286 [ u_int64_t a; a = 1],
2287 [
2288 AC_DEFINE(HAVE_U_INT64_T)
2289 AC_MSG_RESULT(yes)
2290 ],
2291 [ AC_MSG_RESULT(no) ]
2292 )
2293fi
2294
3c0ef626 2295if test -z "$have_u_intxx_t" ; then
2296 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2297 AC_TRY_COMPILE(
2298 [
2299#include <sys/types.h>
cdd66111 2300 ],
2301 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2302 [ ac_cv_have_uintxx_t="yes" ],
2303 [ ac_cv_have_uintxx_t="no" ]
2304 )
2305 ])
2306 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2c06c99b 2307 AC_DEFINE(HAVE_UINTXX_T, 1,
2308 [define if you have uintxx_t data type])
3c0ef626 2309 fi
2310fi
2311
2312if test -z "$have_uintxx_t" ; then
2313 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2314 AC_TRY_COMPILE(
cdd66111 2315 [ #include <stdint.h> ],
2316 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2317 [
2318 AC_DEFINE(HAVE_UINTXX_T)
2319 AC_MSG_RESULT(yes)
2320 ],
2321 [ AC_MSG_RESULT(no) ]
2322 )
2323fi
2324
2325if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
cdd66111 2326 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2327then
2328 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2329 AC_TRY_COMPILE(
2330 [
2331#include <sys/bitypes.h>
cdd66111 2332 ],
3c0ef626 2333 [
2334 int8_t a; int16_t b; int32_t c;
2335 u_int8_t e; u_int16_t f; u_int32_t g;
2336 a = b = c = e = f = g = 1;
cdd66111 2337 ],
3c0ef626 2338 [
2339 AC_DEFINE(HAVE_U_INTXX_T)
2340 AC_DEFINE(HAVE_INTXX_T)
2341 AC_MSG_RESULT(yes)
2342 ],
2343 [AC_MSG_RESULT(no)]
cdd66111 2344 )
3c0ef626 2345fi
2346
2347
2348AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2349 AC_TRY_COMPILE(
2350 [
2351#include <sys/types.h>
2352 ],
2353 [ u_char foo; foo = 125; ],
2354 [ ac_cv_have_u_char="yes" ],
2355 [ ac_cv_have_u_char="no" ]
2356 )
2357])
2358if test "x$ac_cv_have_u_char" = "xyes" ; then
2c06c99b 2359 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2360fi
2361
2362TYPE_SOCKLEN_T
2363
e9a17296 2364AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2365
996d5e62 2366AC_CHECK_TYPES(in_addr_t,,,
2367[#include <sys/types.h>
2368#include <netinet/in.h>])
2369
3c0ef626 2370AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2371 AC_TRY_COMPILE(
2372 [
2373#include <sys/types.h>
2374 ],
2375 [ size_t foo; foo = 1235; ],
2376 [ ac_cv_have_size_t="yes" ],
2377 [ ac_cv_have_size_t="no" ]
2378 )
2379])
2380if test "x$ac_cv_have_size_t" = "xyes" ; then
2c06c99b 2381 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2382fi
2383
2384AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2385 AC_TRY_COMPILE(
2386 [
2387#include <sys/types.h>
2388 ],
2389 [ ssize_t foo; foo = 1235; ],
2390 [ ac_cv_have_ssize_t="yes" ],
2391 [ ac_cv_have_ssize_t="no" ]
2392 )
2393])
2394if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2c06c99b 2395 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2396fi
2397
2398AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2399 AC_TRY_COMPILE(
2400 [
2401#include <time.h>
2402 ],
2403 [ clock_t foo; foo = 1235; ],
2404 [ ac_cv_have_clock_t="yes" ],
2405 [ ac_cv_have_clock_t="no" ]
2406 )
2407])
2408if test "x$ac_cv_have_clock_t" = "xyes" ; then
2c06c99b 2409 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2410fi
2411
2412AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2413 AC_TRY_COMPILE(
2414 [
2415#include <sys/types.h>
2416#include <sys/socket.h>
2417 ],
2418 [ sa_family_t foo; foo = 1235; ],
2419 [ ac_cv_have_sa_family_t="yes" ],
2420 [ AC_TRY_COMPILE(
2421 [
2422#include <sys/types.h>
2423#include <sys/socket.h>
2424#include <netinet/in.h>
2425 ],
2426 [ sa_family_t foo; foo = 1235; ],
2427 [ ac_cv_have_sa_family_t="yes" ],
2428
2429 [ ac_cv_have_sa_family_t="no" ]
2430 )]
2431 )
2432])
2433if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2c06c99b 2434 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2435 [define if you have sa_family_t data type])
3c0ef626 2436fi
2437
2438AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2439 AC_TRY_COMPILE(
2440 [
2441#include <sys/types.h>
2442 ],
2443 [ pid_t foo; foo = 1235; ],
2444 [ ac_cv_have_pid_t="yes" ],
2445 [ ac_cv_have_pid_t="no" ]
2446 )
2447])
2448if test "x$ac_cv_have_pid_t" = "xyes" ; then
2c06c99b 2449 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2450fi
2451
2452AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2453 AC_TRY_COMPILE(
2454 [
2455#include <sys/types.h>
2456 ],
2457 [ mode_t foo; foo = 1235; ],
2458 [ ac_cv_have_mode_t="yes" ],
2459 [ ac_cv_have_mode_t="no" ]
2460 )
2461])
2462if test "x$ac_cv_have_mode_t" = "xyes" ; then
2c06c99b 2463 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2464fi
2465
2466
2467AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2468 AC_TRY_COMPILE(
2469 [
2470#include <sys/types.h>
2471#include <sys/socket.h>
2472 ],
2473 [ struct sockaddr_storage s; ],
2474 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2475 [ ac_cv_have_struct_sockaddr_storage="no" ]
2476 )
2477])
2478if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2c06c99b 2479 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2480 [define if you have struct sockaddr_storage data type])
3c0ef626 2481fi
2482
2483AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2484 AC_TRY_COMPILE(
2485 [
2486#include <sys/types.h>
2487#include <netinet/in.h>
2488 ],
2489 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2490 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2491 [ ac_cv_have_struct_sockaddr_in6="no" ]
2492 )
2493])
2494if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2c06c99b 2495 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2496 [define if you have struct sockaddr_in6 data type])
3c0ef626 2497fi
2498
2499AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2500 AC_TRY_COMPILE(
2501 [
2502#include <sys/types.h>
2503#include <netinet/in.h>
2504 ],
2505 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2506 [ ac_cv_have_struct_in6_addr="yes" ],
2507 [ ac_cv_have_struct_in6_addr="no" ]
2508 )
2509])
2510if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2c06c99b 2511 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2512 [define if you have struct in6_addr data type])
3c0ef626 2513fi
2514
2515AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2516 AC_TRY_COMPILE(
2517 [
2518#include <sys/types.h>
2519#include <sys/socket.h>
2520#include <netdb.h>
2521 ],
2522 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2523 [ ac_cv_have_struct_addrinfo="yes" ],
2524 [ ac_cv_have_struct_addrinfo="no" ]
2525 )
2526])
2527if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2c06c99b 2528 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2529 [define if you have struct addrinfo data type])
3c0ef626 2530fi
2531
2532AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2533 AC_TRY_COMPILE(
cdd66111 2534 [ #include <sys/time.h> ],
2535 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2536 [ ac_cv_have_struct_timeval="yes" ],
2537 [ ac_cv_have_struct_timeval="no" ]
2538 )
2539])
2540if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2c06c99b 2541 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2542 have_struct_timeval=1
2543fi
2544
6a9b3198 2545AC_CHECK_TYPES(struct timespec)
2546
2547# We need int64_t or else certian parts of the compile will fail.
dec6d9fe 2548if test "x$ac_cv_have_int64_t" = "xno" && \
2549 test "x$ac_cv_sizeof_long_int" != "x8" && \
2550 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
6a9b3198 2551 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2552 echo "an alternative compiler (I.E., GCC) before continuing."
2553 echo ""
2554 exit 1;
3c0ef626 2555else
2556dnl test snprintf (broken on SCO w/gcc)
996d5e62 2557 AC_RUN_IFELSE(
2558 [AC_LANG_SOURCE([[
3c0ef626 2559#include <stdio.h>
2560#include <string.h>
2561#ifdef HAVE_SNPRINTF
2562main()
2563{
2564 char buf[50];
2565 char expected_out[50];
2566 int mazsize = 50 ;
2567#if (SIZEOF_LONG_INT == 8)
2568 long int num = 0x7fffffffffffffff;
2569#else
2570 long long num = 0x7fffffffffffffffll;
2571#endif
2572 strcpy(expected_out, "9223372036854775807");
2573 snprintf(buf, mazsize, "%lld", num);
2574 if(strcmp(buf, expected_out) != 0)
cdd66111 2575 exit(1);
3c0ef626 2576 exit(0);
2577}
2578#else
2579main() { exit(0); }
2580#endif
996d5e62 2581 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2582 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2583 )
2584fi
3c0ef626 2585
2586dnl Checks for structure members
2587OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2588OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2589OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2590OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2591OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2592OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2593OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2594OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2595OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2596OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2597OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2598OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2599OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2600OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2601OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2602OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2603OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2604
2605AC_CHECK_MEMBERS([struct stat.st_blksize])
2c06c99b 2606AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2607 [Define if we don't have struct __res_state in resolv.h])],
2608[
2609#include <stdio.h>
2610#if HAVE_SYS_TYPES_H
2611# include <sys/types.h>
2612#endif
2613#include <netinet/in.h>
2614#include <arpa/nameser.h>
2615#include <resolv.h>
2616])
3c0ef626 2617
2618AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2619 ac_cv_have_ss_family_in_struct_ss, [
2620 AC_TRY_COMPILE(
2621 [
2622#include <sys/types.h>
2623#include <sys/socket.h>
2624 ],
2625 [ struct sockaddr_storage s; s.ss_family = 1; ],
2626 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2627 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2628 )
2629])
2630if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2631 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2632fi
2633
2634AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2635 ac_cv_have___ss_family_in_struct_ss, [
2636 AC_TRY_COMPILE(
2637 [
2638#include <sys/types.h>
2639#include <sys/socket.h>
2640 ],
2641 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2642 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2643 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2644 )
2645])
2646if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2647 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2648 [Fields in struct sockaddr_storage])
3c0ef626 2649fi
2650
2651AC_CACHE_CHECK([for pw_class field in struct passwd],
2652 ac_cv_have_pw_class_in_struct_passwd, [
2653 AC_TRY_COMPILE(
2654 [
2655#include <pwd.h>
2656 ],
2657 [ struct passwd p; p.pw_class = 0; ],
2658 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2659 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2660 )
2661])
2662if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2c06c99b 2663 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2664 [Define if your password has a pw_class field])
3c0ef626 2665fi
2666
2667AC_CACHE_CHECK([for pw_expire field in struct passwd],
2668 ac_cv_have_pw_expire_in_struct_passwd, [
2669 AC_TRY_COMPILE(
2670 [
2671#include <pwd.h>
2672 ],
2673 [ struct passwd p; p.pw_expire = 0; ],
2674 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2675 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2676 )
2677])
2678if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2c06c99b 2679 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2680 [Define if your password has a pw_expire field])
3c0ef626 2681fi
2682
2683AC_CACHE_CHECK([for pw_change field in struct passwd],
2684 ac_cv_have_pw_change_in_struct_passwd, [
2685 AC_TRY_COMPILE(
2686 [
2687#include <pwd.h>
2688 ],
2689 [ struct passwd p; p.pw_change = 0; ],
2690 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2691 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2692 )
2693])
2694if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2c06c99b 2695 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2696 [Define if your password has a pw_change field])
3c0ef626 2697fi
2698
fba3c309 2699dnl make sure we're using the real structure members and not defines
700318f3 2700AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2701 ac_cv_have_accrights_in_msghdr, [
996d5e62 2702 AC_COMPILE_IFELSE(
700318f3 2703 [
2704#include <sys/types.h>
2705#include <sys/socket.h>
2706#include <sys/uio.h>
fba3c309 2707int main() {
2708#ifdef msg_accrights
996d5e62 2709#error "msg_accrights is a macro"
fba3c309 2710exit(1);
2711#endif
2712struct msghdr m;
2713m.msg_accrights = 0;
2714exit(0);
2715}
700318f3 2716 ],
700318f3 2717 [ ac_cv_have_accrights_in_msghdr="yes" ],
2718 [ ac_cv_have_accrights_in_msghdr="no" ]
2719 )
2720])
2721if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2c06c99b 2722 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2723 [Define if your system uses access rights style
2724 file descriptor passing])
700318f3 2725fi
2726
2727AC_CACHE_CHECK([for msg_control field in struct msghdr],
2728 ac_cv_have_control_in_msghdr, [
996d5e62 2729 AC_COMPILE_IFELSE(
700318f3 2730 [
2731#include <sys/types.h>
2732#include <sys/socket.h>
2733#include <sys/uio.h>
fba3c309 2734int main() {
2735#ifdef msg_control
996d5e62 2736#error "msg_control is a macro"
fba3c309 2737exit(1);
2738#endif
2739struct msghdr m;
2740m.msg_control = 0;
2741exit(0);
2742}
700318f3 2743 ],
700318f3 2744 [ ac_cv_have_control_in_msghdr="yes" ],
2745 [ ac_cv_have_control_in_msghdr="no" ]
2746 )
2747])
2748if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2c06c99b 2749 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2750 [Define if your system uses ancillary data style
2751 file descriptor passing])
700318f3 2752fi
2753
3c0ef626 2754AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
cdd66111 2755 AC_TRY_LINK([],
2756 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 2757 [ ac_cv_libc_defines___progname="yes" ],
2758 [ ac_cv_libc_defines___progname="no" ]
2759 )
2760])
2761if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2c06c99b 2762 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 2763fi
2764
700318f3 2765AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2766 AC_TRY_LINK([
2767#include <stdio.h>
cdd66111 2768],
2769 [ printf("%s", __FUNCTION__); ],
700318f3 2770 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2771 [ ac_cv_cc_implements___FUNCTION__="no" ]
2772 )
2773])
2774if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2c06c99b 2775 AC_DEFINE(HAVE___FUNCTION__, 1,
2776 [Define if compiler implements __FUNCTION__])
700318f3 2777fi
2778
2779AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2780 AC_TRY_LINK([
2781#include <stdio.h>
cdd66111 2782],
2783 [ printf("%s", __func__); ],
700318f3 2784 [ ac_cv_cc_implements___func__="yes" ],
2785 [ ac_cv_cc_implements___func__="no" ]
2786 )
2787])
2788if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2c06c99b 2789 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
2790fi
2791
2792AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2793 AC_TRY_LINK(
2794 [#include <stdarg.h>
2795 va_list x,y;],
2796 [va_copy(x,y);],
2797 [ ac_cv_have_va_copy="yes" ],
2798 [ ac_cv_have_va_copy="no" ]
2799 )
2800])
2801if test "x$ac_cv_have_va_copy" = "xyes" ; then
2802 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2803fi
2804
2805AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2806 AC_TRY_LINK(
2807 [#include <stdarg.h>
2808 va_list x,y;],
2809 [__va_copy(x,y);],
2810 [ ac_cv_have___va_copy="yes" ],
2811 [ ac_cv_have___va_copy="no" ]
2812 )
2813])
2814if test "x$ac_cv_have___va_copy" = "xyes" ; then
2815 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
700318f3 2816fi
2817
3c0ef626 2818AC_CACHE_CHECK([whether getopt has optreset support],
2819 ac_cv_have_getopt_optreset, [
2820 AC_TRY_LINK(
2821 [
2822#include <getopt.h>
2823 ],
2824 [ extern int optreset; optreset = 0; ],
2825 [ ac_cv_have_getopt_optreset="yes" ],
2826 [ ac_cv_have_getopt_optreset="no" ]
2827 )
2828])
2829if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2c06c99b 2830 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2831 [Define if your getopt(3) defines and uses optreset])
3c0ef626 2832fi
2833
2834AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
cdd66111 2835 AC_TRY_LINK([],
2836 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 2837 [ ac_cv_libc_defines_sys_errlist="yes" ],
2838 [ ac_cv_libc_defines_sys_errlist="no" ]
2839 )
2840])
2841if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2c06c99b 2842 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2843 [Define if your system defines sys_errlist[]])
3c0ef626 2844fi
2845
2846
2847AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
cdd66111 2848 AC_TRY_LINK([],
2849 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 2850 [ ac_cv_libc_defines_sys_nerr="yes" ],
2851 [ ac_cv_libc_defines_sys_nerr="no" ]
2852 )
2853])
2854if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2c06c99b 2855 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 2856fi
2857
cdd66111 2858SCARD_MSG="no"
700318f3 2859# Check whether user wants sectok support
2860AC_ARG_WITH(sectok,
2861 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 2862 [
2863 if test "x$withval" != "xno" ; then
2864 if test "x$withval" != "xyes" ; then
2865 CPPFLAGS="$CPPFLAGS -I${withval}"
2866 LDFLAGS="$LDFLAGS -L${withval}"
2867 if test ! -z "$need_dash_r" ; then
2868 LDFLAGS="$LDFLAGS -R${withval}"
2869 fi
2870 if test ! -z "$blibpath" ; then
2871 blibpath="$blibpath:${withval}"
2872 fi
2873 fi
2874 AC_CHECK_HEADERS(sectok.h)
2875 if test "$ac_cv_header_sectok_h" != yes; then
2876 AC_MSG_ERROR(Can't find sectok.h)
2877 fi
2878 AC_CHECK_LIB(sectok, sectok_open)
2879 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2880 AC_MSG_ERROR(Can't find libsectok)
2881 fi
2c06c99b 2882 AC_DEFINE(SMARTCARD, 1,
2883 [Define if you want smartcard support])
2884 AC_DEFINE(USE_SECTOK, 1,
2885 [Define if you want smartcard support
2886 using sectok])
cdd66111 2887 SCARD_MSG="yes, using sectok"
3c0ef626 2888 fi
2889 ]
2890)
2891
700318f3 2892# Check whether user wants OpenSC support
dec6d9fe 2893OPENSC_CONFIG="no"
700318f3 2894AC_ARG_WITH(opensc,
2c06c99b 2895 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
dec6d9fe 2896 [
2897 if test "x$withval" != "xno" ; then
2898 if test "x$withval" != "xyes" ; then
2899 OPENSC_CONFIG=$withval/bin/opensc-config
2900 else
2901 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2902 fi
2903 if test "$OPENSC_CONFIG" != "no"; then
2904 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2905 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2906 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2907 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2908 AC_DEFINE(SMARTCARD)
2c06c99b 2909 AC_DEFINE(USE_OPENSC, 1,
2910 [Define if you want smartcard support
2911 using OpenSC])
dec6d9fe 2912 SCARD_MSG="yes, using OpenSC"
2913 fi
2914 fi
2915 ]
2916)
700318f3 2917
cdd66111 2918# Check libraries needed by DNS fingerprint support
2919AC_SEARCH_LIBS(getrrsetbyname, resolv,
2c06c99b 2920 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
2921 [Define if getrrsetbyname() exists])],
0fff78ff 2922 [
cdd66111 2923 # Needed by our getrrsetbyname()
2924 AC_SEARCH_LIBS(res_query, resolv)
2925 AC_SEARCH_LIBS(dn_expand, resolv)
c9f39d2c 2926 AC_MSG_CHECKING(if res_query will link)
2927 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2928 [AC_MSG_RESULT(no)
2929 saved_LIBS="$LIBS"
2930 LIBS="$LIBS -lresolv"
2931 AC_MSG_CHECKING(for res_query in -lresolv)
2932 AC_LINK_IFELSE([
2933#include <resolv.h>
2934int main()
2935{
2936 res_query (0, 0, 0, 0, 0);
2937 return 0;
2938}
2939 ],
2940 [LIBS="$LIBS -lresolv"
2941 AC_MSG_RESULT(yes)],
2942 [LIBS="$saved_LIBS"
2943 AC_MSG_RESULT(no)])
2944 ])
cdd66111 2945 AC_CHECK_FUNCS(_getshort _getlong)
665a873d 2946 AC_CHECK_DECLS([_getshort, _getlong], , ,
2947 [#include <sys/types.h>
2948 #include <arpa/nameser.h>])
cdd66111 2949 AC_CHECK_MEMBER(HEADER.ad,
2c06c99b 2950 [AC_DEFINE(HAVE_HEADER_AD, 1,
2951 [Define if HEADER.ad exists in arpa/nameser.h])],,
cdd66111 2952 [#include <arpa/nameser.h>])
2953 ])
0fff78ff 2954
700318f3 2955# Check whether user wants Kerberos 5 support
cdd66111 2956KRB5_MSG="no"
700318f3 2957AC_ARG_WITH(kerberos5,
cdd66111 2958 [ --with-kerberos5=PATH Enable Kerberos 5 support],
2959 [ if test "x$withval" != "xno" ; then
2960 if test "x$withval" = "xyes" ; then
2961 KRB5ROOT="/usr/local"
2962 else
2963 KRB5ROOT=${withval}
2964 fi
2965
2c06c99b 2966 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
cdd66111 2967 KRB5_MSG="yes"
2968
2969 AC_MSG_CHECKING(for krb5-config)
2970 if test -x $KRB5ROOT/bin/krb5-config ; then
2971 KRB5CONF=$KRB5ROOT/bin/krb5-config
2972 AC_MSG_RESULT($KRB5CONF)
2973
2974 AC_MSG_CHECKING(for gssapi support)
2975 if $KRB5CONF | grep gssapi >/dev/null ; then
2976 AC_MSG_RESULT(yes)
2c06c99b 2977 AC_DEFINE(GSSAPI, 1,
2978 [Define this if you want GSSAPI
2979 support in the version 2 protocol])
cdd66111 2980 k5confopts=gssapi
2981 else
2982 AC_MSG_RESULT(no)
2983 k5confopts=""
2984 fi
2985 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2986 K5LIBS="`$KRB5CONF --libs $k5confopts`"
2987 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
2988 AC_MSG_CHECKING(whether we are using Heimdal)
2989 AC_TRY_COMPILE([ #include <krb5.h> ],
2990 [ char *tmp = heimdal_version; ],
2991 [ AC_MSG_RESULT(yes)
2c06c99b 2992 AC_DEFINE(HEIMDAL, 1,
2993 [Define this if you are using the
2994 Heimdal version of Kerberos V5]) ],
cdd66111 2995 AC_MSG_RESULT(no)
2996 )
2997 else
2998 AC_MSG_RESULT(no)
700318f3 2999 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
cdd66111 3000 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3001 AC_MSG_CHECKING(whether we are using Heimdal)
3002 AC_TRY_COMPILE([ #include <krb5.h> ],
3003 [ char *tmp = heimdal_version; ],
3004 [ AC_MSG_RESULT(yes)
3005 AC_DEFINE(HEIMDAL)
c9f39d2c 3006 K5LIBS="-lkrb5 -ldes"
3007 K5LIBS="$K5LIBS -lcom_err -lasn1"
dec6d9fe 3008 AC_CHECK_LIB(roken, net_write,
c9f39d2c 3009 [K5LIBS="$K5LIBS -lroken"])
cdd66111 3010 ],
3011 [ AC_MSG_RESULT(no)
3012 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3013 ]
3014 )
0fff78ff 3015 AC_SEARCH_LIBS(dn_expand, resolv)
3016
3017 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3018 [ AC_DEFINE(GSSAPI)
3019 K5LIBS="-lgssapi $K5LIBS" ],
3020 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3021 [ AC_DEFINE(GSSAPI)
cdd66111 3022 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
0fff78ff 3023 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3024 $K5LIBS)
3025 ],
3026 $K5LIBS)
dec6d9fe 3027
0fff78ff 3028 AC_CHECK_HEADER(gssapi.h, ,
3029 [ unset ac_cv_header_gssapi_h
cdd66111 3030 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
0fff78ff 3031 AC_CHECK_HEADERS(gssapi.h, ,
3032 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
cdd66111 3033 )
0fff78ff 3034 ]
3035 )
3036
3037 oldCPP="$CPPFLAGS"
3038 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3039 AC_CHECK_HEADER(gssapi_krb5.h, ,
3040 [ CPPFLAGS="$oldCPP" ])
700318f3 3041
cdd66111 3042 fi
3043 if test ! -z "$need_dash_r" ; then
3044 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3045 fi
3046 if test ! -z "$blibpath" ; then
3047 blibpath="$blibpath:${KRB5ROOT}/lib"
3048 fi
cdd66111 3049
2c06c99b 3050 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3051 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3052 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
cdd66111 3053
2c06c99b 3054 LIBS="$LIBS $K5LIBS"
3055 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3056 [Define this if you want to use libkafs' AFS support]))
3057 fi
cdd66111 3058 ]
700318f3 3059)
3c0ef626 3060
3061# Looking for programs, paths and files
3c0ef626 3062
700318f3 3063PRIVSEP_PATH=/var/empty
3064AC_ARG_WITH(privsep-path,
41b2f314 3065 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
700318f3 3066 [
dec6d9fe 3067 if test -n "$withval" && test "x$withval" != "xno" && \
3068 test "x${withval}" != "xyes"; then
700318f3 3069 PRIVSEP_PATH=$withval
3070 fi
3071 ]
3072)
3073AC_SUBST(PRIVSEP_PATH)
3074
3c0ef626 3075AC_ARG_WITH(xauth,
3076 [ --with-xauth=PATH Specify path to xauth program ],
3077 [
dec6d9fe 3078 if test -n "$withval" && test "x$withval" != "xno" && \
3079 test "x${withval}" != "xyes"; then
3c0ef626 3080 xauth_path=$withval
3081 fi
3082 ],
3083 [
41b2f314 3084 TestPath="$PATH"
3085 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3086 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3087 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3088 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3089 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3090 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3091 xauth_path="/usr/openwin/bin/xauth"
3092 fi
3093 ]
3094)
3095
6a9b3198 3096STRIP_OPT=-s
3097AC_ARG_ENABLE(strip,
3098 [ --disable-strip Disable calling strip(1) on install],
3099 [
3100 if test "x$enableval" = "xno" ; then
3101 STRIP_OPT=
3102 fi
3103 ]
3104)
3105AC_SUBST(STRIP_OPT)
3106
3c0ef626 3107if test -z "$xauth_path" ; then
3108 XAUTH_PATH="undefined"
3109 AC_SUBST(XAUTH_PATH)
3110else
2c06c99b 3111 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3112 [Define if xauth is found in your path])
3c0ef626 3113 XAUTH_PATH=$xauth_path
3114 AC_SUBST(XAUTH_PATH)
3115fi
3c0ef626 3116
3117# Check for mail directory (last resort if we cannot get it from headers)
3118if test ! -z "$MAIL" ; then
3119 maildir=`dirname $MAIL`
2c06c99b 3120 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3121 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3122fi
3123
996d5e62 3124if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3125 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3126 disable_ptmx_check=yes
3127fi
3c0ef626 3128if test -z "$no_dev_ptmx" ; then
700318f3 3129 if test "x$disable_ptmx_check" != "xyes" ; then
cdd66111 3130 AC_CHECK_FILE("/dev/ptmx",
700318f3 3131 [
2c06c99b 3132 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3133 [Define if you have /dev/ptmx])
700318f3 3134 have_dev_ptmx=1
3135 ]
3136 )
3137 fi
3c0ef626 3138fi
996d5e62 3139
3140if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3141 AC_CHECK_FILE("/dev/ptc",
3142 [
2c06c99b 3143 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3144 [Define if you have /dev/ptc])
996d5e62 3145 have_dev_ptc=1
3146 ]
3147 )
3148else
3149 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3150fi
3c0ef626 3151
3152# Options from here on. Some of these are preset by platform above
3c0ef626 3153AC_ARG_WITH(mantype,
3154 [ --with-mantype=man|cat|doc Set man page type],
3155 [
3156 case "$withval" in
3157 man|cat|doc)
3158 MANTYPE=$withval
3159 ;;
3160 *)
3161 AC_MSG_ERROR(invalid man type: $withval)
3162 ;;
3163 esac
3164 ]
3165)
3166if test -z "$MANTYPE"; then
41b2f314 3167 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3168 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3169 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3170 MANTYPE=doc
3171 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3172 MANTYPE=man
3173 else
3174 MANTYPE=cat
3175 fi
3176fi
3177AC_SUBST(MANTYPE)
3178if test "$MANTYPE" = "doc"; then
3179 mansubdir=man;
3180else
3181 mansubdir=$MANTYPE;
3182fi
3183AC_SUBST(mansubdir)
3184
3185# Check whether to enable MD5 passwords
cdd66111 3186MD5_MSG="no"
3c0ef626 3187AC_ARG_WITH(md5-passwords,
3188 [ --with-md5-passwords Enable use of MD5 passwords],
3189 [
3190 if test "x$withval" != "xno" ; then
2c06c99b 3191 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3192 [Define if you want to allow MD5 passwords])
cdd66111 3193 MD5_MSG="yes"
3c0ef626 3194 fi
3195 ]
3196)
3197
3198# Whether to disable shadow password support
3199AC_ARG_WITH(shadow,
3200 [ --without-shadow Disable shadow password support],
3201 [
dec6d9fe 3202 if test "x$withval" = "xno" ; then
3c0ef626 3203 AC_DEFINE(DISABLE_SHADOW)
3204 disable_shadow=yes
3205 fi
3206 ]
3207)
3208
3209if test -z "$disable_shadow" ; then
3210 AC_MSG_CHECKING([if the systems has expire shadow information])
3211 AC_TRY_COMPILE(
3212 [
3213#include <sys/types.h>
3214#include <shadow.h>
3215 struct spwd sp;
3216 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3217 [ sp_expire_available=yes ], []
3218 )
3219
3220 if test "x$sp_expire_available" = "xyes" ; then
3221 AC_MSG_RESULT(yes)
2c06c99b 3222 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3223 [Define if you want to use shadow password expire field])
3c0ef626 3224 else
3225 AC_MSG_RESULT(no)
3226 fi
3227fi
3228
3229# Use ip address instead of hostname in $DISPLAY
3230if test ! -z "$IPADDR_IN_DISPLAY" ; then
3231 DISPLAY_HACK_MSG="yes"
2c06c99b 3232 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3233 [Define if you need to use IP address
3234 instead of hostname in $DISPLAY])
3c0ef626 3235else
cdd66111 3236 DISPLAY_HACK_MSG="no"
3c0ef626 3237 AC_ARG_WITH(ipaddr-display,
3238 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3239 [
dec6d9fe 3240 if test "x$withval" != "xno" ; then
3c0ef626 3241 AC_DEFINE(IPADDR_IN_DISPLAY)
cdd66111 3242 DISPLAY_HACK_MSG="yes"
3c0ef626 3243 fi
3244 ]
3245 )
3246fi
3247
0fff78ff 3248# check for /etc/default/login and use it if present.
acc3d05e 3249AC_ARG_ENABLE(etc-default-login,
996d5e62 3250 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3251 [ if test "x$enableval" = "xno"; then
3252 AC_MSG_NOTICE([/etc/default/login handling disabled])
3253 etc_default_login=no
3254 else
3255 etc_default_login=yes
3256 fi ],
2c06c99b 3257 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3258 then
3259 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3260 etc_default_login=no
3261 else
3262 etc_default_login=yes
3263 fi ]
996d5e62 3264)
0fff78ff 3265
996d5e62 3266if test "x$etc_default_login" != "xno"; then
3267 AC_CHECK_FILE("/etc/default/login",
3268 [ external_path_file=/etc/default/login ])
2c06c99b 3269 if test "x$external_path_file" = "x/etc/default/login"; then
3270 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3271 [Define if your system has /etc/default/login])
996d5e62 3272 fi
0fff78ff 3273fi
3274
700318f3 3275dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
dec6d9fe 3276if test $ac_cv_func_login_getcapbool = "yes" && \
3277 test $ac_cv_header_login_cap_h = "yes" ; then
0fff78ff 3278 external_path_file=/etc/login.conf
700318f3 3279fi
0fff78ff 3280
3c0ef626 3281# Whether to mess with the default path
cdd66111 3282SERVER_PATH_MSG="(default)"
3c0ef626 3283AC_ARG_WITH(default-path,
700318f3 3284 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3285 [
0fff78ff 3286 if test "x$external_path_file" = "x/etc/login.conf" ; then
700318f3 3287 AC_MSG_WARN([
3288--with-default-path=PATH has no effect on this system.
3289Edit /etc/login.conf instead.])
dec6d9fe 3290 elif test "x$withval" != "xno" ; then
0fff78ff 3291 if test ! -z "$external_path_file" ; then
3292 AC_MSG_WARN([
3293--with-default-path=PATH will only be used if PATH is not defined in
3294$external_path_file .])
3295 fi
3c0ef626 3296 user_path="$withval"
cdd66111 3297 SERVER_PATH_MSG="$withval"
3c0ef626 3298 fi
3299 ],
0fff78ff 3300 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3301 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
700318f3 3302 else
0fff78ff 3303 if test ! -z "$external_path_file" ; then
3304 AC_MSG_WARN([
3305If PATH is defined in $external_path_file, ensure the path to scp is included,
3306otherwise scp will not work.])
3307 fi
2c06c99b 3308 AC_RUN_IFELSE(
3309 [AC_LANG_SOURCE([[
3c0ef626 3310/* find out what STDPATH is */
3311#include <stdio.h>
3312#ifdef HAVE_PATHS_H
3313# include <paths.h>
3314#endif
3315#ifndef _PATH_STDPATH
6a9b3198 3316# ifdef _PATH_USERPATH /* Irix */
3317# define _PATH_STDPATH _PATH_USERPATH
3318# else
3319# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3320# endif
3c0ef626 3321#endif
3322#include <sys/types.h>
3323#include <sys/stat.h>
3324#include <fcntl.h>
3325#define DATA "conftest.stdpath"
3326
3327main()
3328{
3329 FILE *fd;
3330 int rc;
dec6d9fe 3331
3c0ef626 3332 fd = fopen(DATA,"w");
3333 if(fd == NULL)
3334 exit(1);
dec6d9fe 3335
3c0ef626 3336 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3337 exit(1);
3338
3339 exit(0);
3340}
2c06c99b 3341 ]])],
3342 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3343 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3344 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3345 )
3346# make sure $bindir is in USER_PATH so scp will work
3347 t_bindir=`eval echo ${bindir}`
3348 case $t_bindir in
3349 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3350 esac
3351 case $t_bindir in
3352 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3353 esac
3354 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3355 if test $? -ne 0 ; then
3356 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3357 if test $? -ne 0 ; then
3358 user_path=$user_path:$t_bindir
3359 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3360 fi
3361 fi
700318f3 3362 fi ]
3363)
0fff78ff 3364if test "x$external_path_file" != "x/etc/login.conf" ; then
2c06c99b 3365 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
700318f3 3366 AC_SUBST(user_path)
3367fi
3368
3369# Set superuser path separately to user path
700318f3 3370AC_ARG_WITH(superuser-path,
3371 [ --with-superuser-path= Specify different path for super-user],
3372 [
dec6d9fe 3373 if test -n "$withval" && test "x$withval" != "xno" && \
3374 test "x${withval}" != "xyes"; then
2c06c99b 3375 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3376 [Define if you want a different $PATH
3377 for the superuser])
700318f3 3378 superuser_path=$withval
3379 fi
3c0ef626 3380 ]
3381)
700318f3 3382
3c0ef626 3383
3c0ef626 3384AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
cdd66111 3385IPV4_IN6_HACK_MSG="no"
3c0ef626 3386AC_ARG_WITH(4in6,
3387 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3388 [
3389 if test "x$withval" != "xno" ; then
3390 AC_MSG_RESULT(yes)
2c06c99b 3391 AC_DEFINE(IPV4_IN_IPV6, 1,
3392 [Detect IPv4 in IPv6 mapped addresses
3393 and treat as IPv4])
cdd66111 3394 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3395 else
3396 AC_MSG_RESULT(no)
3397 fi
3398 ],[
3399 if test "x$inet6_default_4in6" = "xyes"; then
3400 AC_MSG_RESULT([yes (default)])
3401 AC_DEFINE(IPV4_IN_IPV6)
cdd66111 3402 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3403 else
3404 AC_MSG_RESULT([no (default)])
3405 fi
3406 ]
3407)
3408
3409# Whether to enable BSD auth support
e9a17296 3410BSD_AUTH_MSG=no
3c0ef626 3411AC_ARG_WITH(bsd-auth,
3412 [ --with-bsd-auth Enable BSD auth support],
3413 [
dec6d9fe 3414 if test "x$withval" != "xno" ; then
2c06c99b 3415 AC_DEFINE(BSD_AUTH, 1,
3416 [Define if you have BSD auth support])
e9a17296 3417 BSD_AUTH_MSG=yes
3c0ef626 3418 fi
3419 ]
3420)
3421
3c0ef626 3422# Where to place sshd.pid
3423piddir=/var/run
700318f3 3424# make sure the directory exists
dec6d9fe 3425if test ! -d $piddir ; then
700318f3 3426 piddir=`eval echo ${sysconfdir}`
3427 case $piddir in
cdd66111 3428 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
700318f3 3429 esac
3430fi
3431
3c0ef626 3432AC_ARG_WITH(pid-dir,
3433 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3434 [
dec6d9fe 3435 if test -n "$withval" && test "x$withval" != "xno" && \
3436 test "x${withval}" != "xyes"; then
3c0ef626 3437 piddir=$withval
dec6d9fe 3438 if test ! -d $piddir ; then
700318f3 3439 AC_MSG_WARN([** no $piddir directory on this system **])
3440 fi
3c0ef626 3441 fi
3442 ]
3443)
3444
2c06c99b 3445AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3446AC_SUBST(piddir)
3447
3448dnl allow user to disable some login recording features
3449AC_ARG_ENABLE(lastlog,
3450 [ --disable-lastlog disable use of lastlog even if detected [no]],
0fff78ff 3451 [
3452 if test "x$enableval" = "xno" ; then
3453 AC_DEFINE(DISABLE_LASTLOG)
3454 fi
3455 ]
3c0ef626 3456)
3457AC_ARG_ENABLE(utmp,
3458 [ --disable-utmp disable use of utmp even if detected [no]],
0fff78ff 3459 [
3460 if test "x$enableval" = "xno" ; then
3461 AC_DEFINE(DISABLE_UTMP)
3462 fi
3463 ]
3c0ef626 3464)
3465AC_ARG_ENABLE(utmpx,
3466 [ --disable-utmpx disable use of utmpx even if detected [no]],
0fff78ff 3467 [
3468 if test "x$enableval" = "xno" ; then
2c06c99b 3469 AC_DEFINE(DISABLE_UTMPX, 1,
3470 [Define if you don't want to use utmpx])
0fff78ff 3471 fi
3472 ]
3c0ef626 3473)
3474AC_ARG_ENABLE(wtmp,
3475 [ --disable-wtmp disable use of wtmp even if detected [no]],
0fff78ff 3476 [
3477 if test "x$enableval" = "xno" ; then
3478 AC_DEFINE(DISABLE_WTMP)
3479 fi
3480 ]
3c0ef626 3481)
3482AC_ARG_ENABLE(wtmpx,
3483 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
0fff78ff 3484 [
3485 if test "x$enableval" = "xno" ; then
2c06c99b 3486 AC_DEFINE(DISABLE_WTMPX, 1,
3487 [Define if you don't want to use wtmpx])
0fff78ff 3488 fi
3489 ]
3c0ef626 3490)
3491AC_ARG_ENABLE(libutil,
3492 [ --disable-libutil disable use of libutil (login() etc.) [no]],
0fff78ff 3493 [
3494 if test "x$enableval" = "xno" ; then
3495 AC_DEFINE(DISABLE_LOGIN)
3496 fi
3497 ]
3c0ef626 3498)
3499AC_ARG_ENABLE(pututline,
3500 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
0fff78ff 3501 [
3502 if test "x$enableval" = "xno" ; then
2c06c99b 3503 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3504 [Define if you don't want to use pututline()
3505 etc. to write [uw]tmp])
0fff78ff 3506 fi
3507 ]
3c0ef626 3508)
3509AC_ARG_ENABLE(pututxline,
3510 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
0fff78ff 3511 [
3512 if test "x$enableval" = "xno" ; then
2c06c99b 3513 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3514 [Define if you don't want to use pututxline()
3515 etc. to write [uw]tmpx])
0fff78ff 3516 fi
3517 ]
3c0ef626 3518)
3519AC_ARG_WITH(lastlog,
3520 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3521 [
dec6d9fe 3522 if test "x$withval" = "xno" ; then
3c0ef626 3523 AC_DEFINE(DISABLE_LASTLOG)
dec6d9fe 3524 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3525 conf_lastlog_location=$withval
3526 fi
3527 ]
3528)
3529
3530dnl lastlog, [uw]tmpx? detection
3531dnl NOTE: set the paths in the platform section to avoid the
3532dnl need for command-line parameters
3533dnl lastlog and [uw]tmp are subject to a file search if all else fails
3534
3535dnl lastlog detection
3536dnl NOTE: the code itself will detect if lastlog is a directory
3537AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3538AC_TRY_COMPILE([
3539#include <sys/types.h>
3540#include <utmp.h>
3541#ifdef HAVE_LASTLOG_H
3542# include <lastlog.h>
3543#endif
3544#ifdef HAVE_PATHS_H
3545# include <paths.h>
3546#endif
3547#ifdef HAVE_LOGIN_H
3548# include <login.h>
3549#endif
3550 ],
3551 [ char *lastlog = LASTLOG_FILE; ],
3552 [ AC_MSG_RESULT(yes) ],
3553 [
3554 AC_MSG_RESULT(no)
3555 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3556 AC_TRY_COMPILE([
3557#include <sys/types.h>
3558#include <utmp.h>
3559#ifdef HAVE_LASTLOG_H
3560# include <lastlog.h>
3561#endif
3562#ifdef HAVE_PATHS_H
3563# include <paths.h>
3564#endif
3565 ],
3566 [ char *lastlog = _PATH_LASTLOG; ],
3567 [ AC_MSG_RESULT(yes) ],
3568 [
3569 AC_MSG_RESULT(no)
3570 system_lastlog_path=no
3571 ])
3572 ]
3573)
3574
3575if test -z "$conf_lastlog_location"; then
3576 if test x"$system_lastlog_path" = x"no" ; then
3577 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3578 if (test -d "$f" || test -f "$f") ; then
3579 conf_lastlog_location=$f
3580 fi
3581 done
3582 if test -z "$conf_lastlog_location"; then
3583 AC_MSG_WARN([** Cannot find lastlog **])
3584 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3585 fi
3586 fi
3587fi
3588
3589if test -n "$conf_lastlog_location"; then
2c06c99b 3590 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3591 [Define if you want to specify the path to your lastlog file])
dec6d9fe 3592fi
3c0ef626 3593
3594dnl utmp detection
3595AC_MSG_CHECKING([if your system defines UTMP_FILE])
3596AC_TRY_COMPILE([
3597#include <sys/types.h>
3598#include <utmp.h>
3599#ifdef HAVE_PATHS_H
3600# include <paths.h>
3601#endif
3602 ],
3603 [ char *utmp = UTMP_FILE; ],
3604 [ AC_MSG_RESULT(yes) ],
3605 [ AC_MSG_RESULT(no)
3606 system_utmp_path=no ]
3607)
3608if test -z "$conf_utmp_location"; then
3609 if test x"$system_utmp_path" = x"no" ; then
3610 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3611 if test -f $f ; then
3612 conf_utmp_location=$f
3613 fi
3614 done
3615 if test -z "$conf_utmp_location"; then
3616 AC_DEFINE(DISABLE_UTMP)
3617 fi
3618 fi
3619fi
3620if test -n "$conf_utmp_location"; then
2c06c99b 3621 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3622 [Define if you want to specify the path to your utmp file])
dec6d9fe 3623fi
3c0ef626 3624
3625dnl wtmp detection
3626AC_MSG_CHECKING([if your system defines WTMP_FILE])
3627AC_TRY_COMPILE([
3628#include <sys/types.h>
3629#include <utmp.h>
3630#ifdef HAVE_PATHS_H
3631# include <paths.h>
3632#endif
3633 ],
3634 [ char *wtmp = WTMP_FILE; ],
3635 [ AC_MSG_RESULT(yes) ],
3636 [ AC_MSG_RESULT(no)
3637 system_wtmp_path=no ]
3638)
3639if test -z "$conf_wtmp_location"; then
3640 if test x"$system_wtmp_path" = x"no" ; then
3641 for f in /usr/adm/wtmp /var/log/wtmp; do
3642 if test -f $f ; then
3643 conf_wtmp_location=$f
3644 fi
3645 done
3646 if test -z "$conf_wtmp_location"; then
3647 AC_DEFINE(DISABLE_WTMP)
3648 fi
3649 fi
3650fi
3651if test -n "$conf_wtmp_location"; then
2c06c99b 3652 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3653 [Define if you want to specify the path to your wtmp file])
dec6d9fe 3654fi
3c0ef626 3655
3656
3657dnl utmpx detection - I don't know any system so perverse as to require
3658dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3659dnl there, though.
3660AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3661AC_TRY_COMPILE([
3662#include <sys/types.h>
3663#include <utmp.h>
3664#ifdef HAVE_UTMPX_H
3665#include <utmpx.h>
3666#endif
3667#ifdef HAVE_PATHS_H
3668# include <paths.h>
3669#endif
3670 ],
3671 [ char *utmpx = UTMPX_FILE; ],
3672 [ AC_MSG_RESULT(yes) ],
3673 [ AC_MSG_RESULT(no)
3674 system_utmpx_path=no ]
3675)
3676if test -z "$conf_utmpx_location"; then
3677 if test x"$system_utmpx_path" = x"no" ; then
3678 AC_DEFINE(DISABLE_UTMPX)
3679 fi
3680else
2c06c99b 3681 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3682 [Define if you want to specify the path to your utmpx file])
dec6d9fe 3683fi
3c0ef626 3684
3685dnl wtmpx detection
3686AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3687AC_TRY_COMPILE([
3688#include <sys/types.h>
3689#include <utmp.h>
3690#ifdef HAVE_UTMPX_H
3691#include <utmpx.h>
3692#endif
3693#ifdef HAVE_PATHS_H
3694# include <paths.h>
3695#endif
3696 ],
3697 [ char *wtmpx = WTMPX_FILE; ],
3698 [ AC_MSG_RESULT(yes) ],
3699 [ AC_MSG_RESULT(no)
3700 system_wtmpx_path=no ]
3701)
3702if test -z "$conf_wtmpx_location"; then
3703 if test x"$system_wtmpx_path" = x"no" ; then
3704 AC_DEFINE(DISABLE_WTMPX)
3705 fi
3706else
2c06c99b 3707 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3708 [Define if you want to specify the path to your wtmpx file])
dec6d9fe 3709fi
3c0ef626 3710
3711
3c0ef626 3712if test ! -z "$blibpath" ; then
7e772e1f 3713 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3714 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 3715fi
3716
e9a17296 3717dnl remove pam and dl because they are in $LIBPAM
3718if test "$PAM_MSG" = yes ; then
3719 LIBS=`echo $LIBS | sed 's/-lpam //'`
3720fi
3721if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3722 LIBS=`echo $LIBS | sed 's/-ldl //'`
3723fi
3c0ef626 3724
665a873d 3725dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3726dnl Add now.
3727CFLAGS="$CFLAGS $werror_flags"
3728
e9a17296 3729AC_EXEEXT
996d5e62 3730AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3731 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 3732AC_OUTPUT
3733
3734# Print summary of options
3735
3c0ef626 3736# Someone please show me a better way :)
3737A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3738B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3739C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3740D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
3741E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
3742F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
3743G=`eval echo ${piddir}` ; G=`eval echo ${G}`
700318f3 3744H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3745I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3746J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 3747
3748echo ""
3749echo "OpenSSH has been configured with the following options:"
700318f3 3750echo " User binaries: $B"
3751echo " System binaries: $C"
3752echo " Configuration files: $D"
3753echo " Askpass program: $E"
3754echo " Manual pages: $F"
3755echo " PID file: $G"
3756echo " Privilege separation chroot path: $H"
0fff78ff 3757if test "x$external_path_file" = "x/etc/login.conf" ; then
3758echo " At runtime, sshd will use the path defined in $external_path_file"
3759echo " Make sure the path to scp is present, otherwise scp will not work"
700318f3 3760else
3761echo " sshd default user PATH: $I"
0fff78ff 3762 if test ! -z "$external_path_file"; then
3763echo " (If PATH is set in $external_path_file it will be used instead. If"
3764echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3765 fi
700318f3 3766fi
3767if test ! -z "$superuser_path" ; then
3768echo " sshd superuser user PATH: $J"
3769fi
3770echo " Manpage format: $MANTYPE"
0fff78ff 3771echo " PAM support: $PAM_MSG"
700318f3 3772echo " KerberosV support: $KRB5_MSG"
3773echo " Smartcard support: $SCARD_MSG"
700318f3 3774echo " S/KEY support: $SKEY_MSG"
3775echo " TCP Wrappers support: $TCPW_MSG"
3776echo " MD5 password support: $MD5_MSG"
996d5e62 3777echo " libedit support: $LIBEDIT_MSG"
700318f3 3778echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
700318f3 3779echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3780echo " BSD Auth support: $BSD_AUTH_MSG"
3781echo " Random number source: $RAND_MSG"
e9a17296 3782if test ! -z "$USE_RAND_HELPER" ; then
700318f3 3783echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 3784fi
3785
3786echo ""
3787
3788echo " Host: ${host}"
3789echo " Compiler: ${CC}"
3790echo " Compiler flags: ${CFLAGS}"
3791echo "Preprocessor flags: ${CPPFLAGS}"
3792echo " Linker flags: ${LDFLAGS}"
e9a17296 3793echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3c0ef626 3794
3795echo ""
3796
c9f39d2c 3797if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
996d5e62 3798 echo "SVR4 style packages are supported with \"make package\""
3799 echo ""
c9f39d2c 3800fi
3801
3c0ef626 3802if test "x$PAM_MSG" = "xyes" ; then
e9a17296 3803 echo "PAM is enabled. You may need to install a PAM control file "
3804 echo "for sshd, otherwise password authentication may fail. "
cdd66111 3805 echo "Example PAM control files can be found in the contrib/ "
e9a17296 3806 echo "subdirectory"
3c0ef626 3807 echo ""
3808fi
3809
e9a17296 3810if test ! -z "$RAND_HELPER_CMDHASH" ; then
3811 echo "WARNING: you are using the builtin random number collection "
3812 echo "service. Please read WARNING.RNG and request that your OS "
3813 echo "vendor includes kernel-based random number collection in "
3814 echo "future versions of your OS."
3c0ef626 3815 echo ""
3816fi
3817
c9f39d2c 3818if test ! -z "$NO_PEERCHECK" ; then
3819 echo "WARNING: the operating system that you are using does not "
3820 echo "appear to support either the getpeereid() API nor the "
3821 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3822 echo "enforce security checks to prevent unauthorised connections to "
3823 echo "ssh-agent. Their absence increases the risk that a malicious "
3824 echo "user can connect to your agent. "
3825 echo ""
3826fi
3827
996d5e62 3828if test "$AUDIT_MODULE" = "bsm" ; then
3829 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3830 echo "See the Solaris section in README.platform for details."
3831fi
git-cvsimport mirror of GSI OpenSSH
This page took 1.073641 seconds and 5 git commands to generate.