]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
http://www.sxw.org.uk/computing/patches/openssh-5.2p1-gsskex-all-20090726.patch commi...
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
99be0775 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
665a873d 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
f2f068fa 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
0fff78ff 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
f2f068fa 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
c9f39d2c 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
6a9b3198 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
700318f3 43AC_PATH_PROG(SH, sh)
c9f39d2c 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
2c06c99b 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
2c06c99b 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
cdd66111 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
2c06c99b 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
cdd66111 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
dec6d9fe 88
3c0ef626 89AC_C_INLINE
665a873d 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
47686178 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
95 [ --without-stackprotect Don't use compiler's stack protection], [
96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
cdd66111 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
665a873d 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
2c06c99b 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
665a873d 103 case $GCC_VER in
d4487008 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
22616013 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
2c06c99b 112 *) ;;
665a873d 113 esac
114
22616013 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
47686178 127 # -fstack-protector-all doesn't always work for some GCC versions
128 # and/or platforms, so we test if we can. If it's not supported
91d9cdd3 129 # on a given platform gcc will emit a warning so we use -Werror.
47686178 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
132 AC_MSG_CHECKING(if $CC supports $t)
133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
91d9cdd3 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
47686178 141 ])],
142 [ AC_MSG_RESULT(yes)
143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
91d9cdd3 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
47686178 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
156 )
157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
164
665a873d 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
176fi
177
d4487008 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
cdd66111 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
dec6d9fe 185 if test "x$withval" = "xno" ; then
cdd66111 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
ff7ec503 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
d4487008 265 poll.h \
ff7ec503 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
22616013 282 sys/mount.h \
ff7ec503 283 sys/ndir.h \
47686178 284 sys/poll.h \
ff7ec503 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
22616013 292 sys/statvfs.h \
ff7ec503 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
d4487008 300 ucred.h \
ff7ec503 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
9108f8d9 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
3c0ef626 333# Check for some target-specific stuff
334case "$host" in
335*-*-aix*)
9108f8d9 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
cdd66111 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
7e772e1f 358 if (test -z "$blibpath"); then
cdd66111 359 blibpath="/usr/lib:/lib"
7e772e1f 360 fi
361 saved_LDFLAGS="$LDFLAGS"
9108f8d9 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
7e772e1f 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
3c0ef626 378 fi
7e772e1f 379 LDFLAGS="$saved_LDFLAGS"
0fff78ff 380 dnl Check for authenticate. Might be in libs.a on older AIXes
2c06c99b 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
41b2f314 383 [AC_CHECK_LIB(s,authenticate,
384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
385 LIBS="$LIBS -ls"
386 ])
387 ])
996d5e62 388 dnl Check for various auth function declarations in headers.
389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
dec6d9fe 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
0fff78ff 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
996d5e62 392 AC_CHECK_DECLS(loginfailed,
0fff78ff 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
395 [#include <usersec.h>],
396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
2c06c99b 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
0fff78ff 401 [AC_MSG_RESULT(no)]
402 )],
403 [],
404 [#include <usersec.h>]
405 )
47686178 406 AC_CHECK_FUNCS(getgrset setauthdb)
9108f8d9 407 AC_CHECK_DECL(F_CLOSEM,
408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
996d5e62 413 check_for_aix_broken_getaddrinfo=1
2c06c99b 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 419 dnl AIX handles lastlog as part of its login message
2c06c99b 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
9108f8d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 429 ;;
430*-*-cygwin*)
6a9b3198 431 check_for_libcrypt_later=1
799ae497 432 LIBS="$LIBS /usr/lib/textreadmode.o"
2c06c99b 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
437 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
438 [Define if your system choked on IP TOS setting])
439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
440 [Define if X11 doesn't support AF_UNIX sockets on that system])
441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
442 [Define if the concept of ports only accessible to
443 superusers isn't known])
444 AC_DEFINE(DISABLE_FD_PASSING, 1,
445 [Define if your platform needs to skip post auth
446 file descriptor passing])
3c0ef626 447 ;;
448*-*-dgux*)
449 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 450 AC_DEFINE(SETEUID_BREAKS_SETUID)
451 AC_DEFINE(BROKEN_SETREUID)
452 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 453 ;;
454*-*-darwin*)
41b2f314 455 AC_MSG_CHECKING(if we have working getaddrinfo)
456 AC_TRY_RUN([#include <mach-o/dyld.h>
457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
458 exit(0);
459 else
460 exit(1);
461}], [AC_MSG_RESULT(working)],
462 [AC_MSG_RESULT(buggy)
2c06c99b 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
41b2f314 464 [AC_MSG_RESULT(assume it is working)])
acc3d05e 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
47686178 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
2c06c99b 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
470 [Define if your resolver libs need this for getrrsetbyname])
9108f8d9 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
473 [Use tunnel device compatibility to OpenBSD])
474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
475 [Prepend the address family to IP tunnel traffic])
f97edba6 476 AC_MSG_CHECKING(if we have the Security Authorization Session API)
477 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
478 [SessionCreate(0, 0);],
479 [ac_cv_use_security_session_api="yes"
480 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
481 [platform has the Security Authorization Session API])
482 LIBS="$LIBS -framework Security"
483 AC_MSG_RESULT(yes)],
484 [ac_cv_use_security_session_api="no"
485 AC_MSG_RESULT(no)])
486 AC_MSG_CHECKING(if we have an in-memory credentials cache)
487 AC_TRY_COMPILE(
488 [#include <Kerberos/Kerberos.h>],
489 [cc_context_t c;
490 (void) cc_initialize (&c, 0, NULL, NULL);],
491 [AC_DEFINE(USE_CCAPI, 1,
492 [platform uses an in-memory credentials cache])
493 LIBS="$LIBS -framework Security"
494 AC_MSG_RESULT(yes)
495 if test "x$ac_cv_use_security_session_api" = "xno"; then
496 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
497 fi],
498 [AC_MSG_RESULT(no)]
499 )
47686178 500 m4_pattern_allow(AU_IPv)
501 AC_CHECK_DECL(AU_IPv4, [],
502 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
503 [#include <bsm/audit.h>]
91d9cdd3 504 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1,
505 [Define if pututxline updates lastlog too])
47686178 506 )
9108f8d9 507 ;;
508*-*-dragonfly*)
509 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 510 ;;
665a873d 511*-*-hpux*)
512 # first we define all of the options common to all HP-UX releases
3c0ef626 513 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
514 IPADDR_IN_DISPLAY=yes
3c0ef626 515 AC_DEFINE(USE_PIPES)
2c06c99b 516 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
517 [Define if your login program cannot handle end of options ("--")])
700318f3 518 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 519 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
520 [String used in /etc/passwd to denote locked account])
0fff78ff 521 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
2c06c99b 522 MAIL="/var/mail/username"
41b2f314 523 LIBS="$LIBS -lsec"
665a873d 524 AC_CHECK_LIB(xnet, t_error, ,
525 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
526
527 # next, we define all of the options specific to major releases
528 case "$host" in
529 *-*-hpux10*)
530 if test -z "$GCC"; then
531 CFLAGS="$CFLAGS -Ae"
532 fi
533 ;;
534 *-*-hpux11*)
2c06c99b 535 AC_DEFINE(PAM_SUN_CODEBASE, 1,
536 [Define if you are using Solaris-derived PAM which
537 passes pam_messages to the conversation function
538 with an extra level of indirection])
539 AC_DEFINE(DISABLE_UTMP, 1,
540 [Define if you don't want to use utmp])
665a873d 541 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
542 check_for_hpux_broken_getaddrinfo=1
543 check_for_conflicting_getspnam=1
544 ;;
545 esac
546
547 # lastly, we define options specific to minor releases
548 case "$host" in
549 *-*-hpux10.26)
2c06c99b 550 AC_DEFINE(HAVE_SECUREWARE, 1,
551 [Define if you have SecureWare-based
552 protected password database])
665a873d 553 disable_ptmx_check=yes
554 LIBS="$LIBS -lsecpw"
555 ;;
556 esac
3c0ef626 557 ;;
558*-*-irix5*)
3c0ef626 559 PATH="$PATH:/usr/etc"
2c06c99b 560 AC_DEFINE(BROKEN_INET_NTOA, 1,
561 [Define if you system's inet_ntoa is busted
562 (e.g. Irix gcc issue)])
cdd66111 563 AC_DEFINE(SETEUID_BREAKS_SETUID)
564 AC_DEFINE(BROKEN_SETREUID)
565 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 566 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
567 [Define if you shouldn't strip 'tty' from your
568 ttyname in [uw]tmp])
0fff78ff 569 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 570 ;;
571*-*-irix6*)
3c0ef626 572 PATH="$PATH:/usr/etc"
2c06c99b 573 AC_DEFINE(WITH_IRIX_ARRAY, 1,
574 [Define if you have/want arrays
575 (cluster-wide session managment, not C arrays)])
576 AC_DEFINE(WITH_IRIX_PROJECT, 1,
577 [Define if you want IRIX project management])
578 AC_DEFINE(WITH_IRIX_AUDIT, 1,
579 [Define if you want IRIX audit trails])
580 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
581 [Define if you want IRIX kernel jobs])])
3c0ef626 582 AC_DEFINE(BROKEN_INET_NTOA)
acc3d05e 583 AC_DEFINE(SETEUID_BREAKS_SETUID)
584 AC_DEFINE(BROKEN_SETREUID)
585 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 586 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
700318f3 587 AC_DEFINE(WITH_ABBREV_NO_TTY)
0fff78ff 588 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 589 ;;
91d9cdd3 590*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu)
591 check_for_libcrypt_later=1
592 AC_DEFINE(PAM_TTY_KLUDGE)
593 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
594 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
595 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
596 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
597 ;;
3c0ef626 598*-*-linux*)
599 no_dev_ptmx=1
600 check_for_libcrypt_later=1
0fff78ff 601 check_for_openpty_ctty_bug=1
2c06c99b 602 AC_DEFINE(PAM_TTY_KLUDGE, 1,
603 [Work around problematic Linux PAM modules handling of PAM_TTY])
604 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
605 [String used in /etc/passwd to denote locked account])
0fff78ff 606 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
2c06c99b 607 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
608 [Define to whatever link() returns for "not supported"
609 if it doesn't return EOPNOTSUPP.])
996d5e62 610 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
2c06c99b 611 AC_DEFINE(USE_BTMP)
3c0ef626 612 inet6_default_4in6=yes
0fff78ff 613 case `uname -r` in
614 1.*|2.0.*)
2c06c99b 615 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
616 [Define if cmsg_type is not passed correctly])
0fff78ff 617 ;;
618 esac
2c06c99b 619 # tun(4) forwarding compat code
620 AC_CHECK_HEADERS(linux/if_tun.h)
621 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
622 AC_DEFINE(SSH_TUN_LINUX, 1,
623 [Open tunnel devices the Linux tun/tap way])
624 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
625 [Use tunnel device compatibility to OpenBSD])
626 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
627 [Prepend the address family to IP tunnel traffic])
628 fi
3c0ef626 629 ;;
630mips-sony-bsd|mips-sony-newsos4)
f2f068fa 631 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 632 SONY=1
3c0ef626 633 ;;
634*-*-netbsd*)
41b2f314 635 check_for_libcrypt_before=1
dec6d9fe 636 if test "x$withval" != "xno" ; then
cdd66111 637 need_dash_r=1
638 fi
2c06c99b 639 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
640 AC_CHECK_HEADER([net/if_tap.h], ,
641 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
642 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
643 [Prepend the address family to IP tunnel traffic])
3c0ef626 644 ;;
645*-*-freebsd*)
646 check_for_libcrypt_later=1
2c06c99b 647 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
648 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
649 AC_CHECK_HEADER([net/if_tap.h], ,
650 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
47686178 651 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
3c0ef626 652 ;;
acc3d05e 653*-*-bsdi*)
654 AC_DEFINE(SETEUID_BREAKS_SETUID)
655 AC_DEFINE(BROKEN_SETREUID)
656 AC_DEFINE(BROKEN_SETREGID)
657 ;;
3c0ef626 658*-next-*)
659 conf_lastlog_location="/usr/adm/lastlog"
660 conf_utmp_location=/etc/utmp
661 conf_wtmp_location=/usr/adm/wtmp
662 MAIL=/usr/spool/mail
2c06c99b 663 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 664 AC_DEFINE(BROKEN_REALPATH)
665 AC_DEFINE(USE_PIPES)
2c06c99b 666 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 667 ;;
665a873d 668*-*-openbsd*)
669 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
2c06c99b 670 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
671 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
9108f8d9 672 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
673 [syslog_r function is safe to use in in a signal handler])
665a873d 674 ;;
3c0ef626 675*-*-solaris*)
dec6d9fe 676 if test "x$withval" != "xno" ; then
99be0775 677 need_dash_r=1
678 fi
3c0ef626 679 AC_DEFINE(PAM_SUN_CODEBASE)
680 AC_DEFINE(LOGIN_NEEDS_UTMPX)
2c06c99b 681 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
682 [Some versions of /bin/login need the TERM supplied
683 on the commandline])
3c0ef626 684 AC_DEFINE(PAM_TTY_KLUDGE)
2c06c99b 685 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
686 [Define if pam_chauthtok wants real uid set
687 to the unpriv'ed user])
0fff78ff 688 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
689 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
2c06c99b 690 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
691 [Define if sshd somehow reacquires a controlling TTY
692 after setsid()])
9108f8d9 693 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
694 in case the name is longer than 8 chars])
0fff78ff 695 external_path_file=/etc/default/login
3c0ef626 696 # hardwire lastlog location (can't detect it on some versions)
697 conf_lastlog_location="/var/adm/lastlog"
698 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
699 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
700 if test "$sol2ver" -ge 8; then
701 AC_MSG_RESULT(yes)
702 AC_DEFINE(DISABLE_UTMP)
2c06c99b 703 AC_DEFINE(DISABLE_WTMP, 1,
704 [Define if you don't want to use wtmp])
3c0ef626 705 else
706 AC_MSG_RESULT(no)
707 fi
9108f8d9 708 AC_ARG_WITH(solaris-contracts,
709 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
710 [
711 AC_CHECK_LIB(contract, ct_tmpl_activate,
712 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
713 [Define if you have Solaris process contracts])
714 SSHDLIBS="$SSHDLIBS -lcontract"
715 AC_SUBST(SSHDLIBS)
716 SPC_MSG="yes" ], )
717 ],
718 )
3c0ef626 719 ;;
720*-*-sunos4*)
721 CPPFLAGS="$CPPFLAGS -DSUNOS4"
722 AC_CHECK_FUNCS(getpwanam)
723 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 724 conf_utmp_location=/etc/utmp
725 conf_wtmp_location=/var/adm/wtmp
726 conf_lastlog_location=/var/adm/lastlog
727 AC_DEFINE(USE_PIPES)
728 ;;
729*-ncr-sysv*)
3c0ef626 730 LIBS="$LIBS -lc89"
e9a17296 731 AC_DEFINE(USE_PIPES)
0fff78ff 732 AC_DEFINE(SSHD_ACQUIRES_CTTY)
acc3d05e 733 AC_DEFINE(SETEUID_BREAKS_SETUID)
734 AC_DEFINE(BROKEN_SETREUID)
735 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 736 ;;
737*-sni-sysv*)
3c0ef626 738 # /usr/ucblib MUST NOT be searched on ReliantUNIX
cdd66111 739 AC_CHECK_LIB(dl, dlsym, ,)
2c06c99b 740 # -lresolv needs to be at the end of LIBS or DNS lookups break
741 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 742 IPADDR_IN_DISPLAY=yes
743 AC_DEFINE(USE_PIPES)
744 AC_DEFINE(IP_TOS_IS_BROKEN)
cdd66111 745 AC_DEFINE(SETEUID_BREAKS_SETUID)
746 AC_DEFINE(BROKEN_SETREUID)
747 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 748 AC_DEFINE(SSHD_ACQUIRES_CTTY)
749 external_path_file=/etc/default/login
3c0ef626 750 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
751 # Attention: always take care to bind libsocket and libnsl before libc,
752 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
753 ;;
996d5e62 754# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 755*-*-sysv4.2*)
3c0ef626 756 AC_DEFINE(USE_PIPES)
0fff78ff 757 AC_DEFINE(SETEUID_BREAKS_SETUID)
758 AC_DEFINE(BROKEN_SETREUID)
759 AC_DEFINE(BROKEN_SETREGID)
dec6d9fe 760 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
2c06c99b 761 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 762 ;;
996d5e62 763# UnixWare 7.x, OpenUNIX 8
3c0ef626 764*-*-sysv5*)
665a873d 765 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 766 AC_DEFINE(USE_PIPES)
0fff78ff 767 AC_DEFINE(SETEUID_BREAKS_SETUID)
768 AC_DEFINE(BROKEN_SETREUID)
769 AC_DEFINE(BROKEN_SETREGID)
2c06c99b 770 AC_DEFINE(PASSWD_NEEDS_USERNAME)
665a873d 771 case "$host" in
772 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
773 TEST_SHELL=/u95/bin/sh
2c06c99b 774 AC_DEFINE(BROKEN_LIBIAF, 1,
775 [ia_uinfo routines not supported by OS yet])
9108f8d9 776 AC_DEFINE(BROKEN_UPDWTMPX)
91d9cdd3 777 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
778 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
779 AC_DEFINE(HAVE_SECUREWARE)
780 AC_DEFINE(DISABLE_SHADOW)
781 ],,)
2c06c99b 782 ;;
783 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
91d9cdd3 784 check_for_libcrypt_later=1
665a873d 785 ;;
786 esac
3c0ef626 787 ;;
788*-*-sysv*)
3c0ef626 789 ;;
996d5e62 790# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 791*-*-sco3.2v4*)
996d5e62 792 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 793 ;;
996d5e62 794# SCO OpenServer 5.x
3c0ef626 795*-*-sco3.2v5*)
6a9b3198 796 if test -z "$GCC"; then
797 CFLAGS="$CFLAGS -belf"
798 fi
3c0ef626 799 LIBS="$LIBS -lprot -lx -ltinfo -lm"
800 no_dev_ptmx=1
3c0ef626 801 AC_DEFINE(USE_PIPES)
700318f3 802 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 803 AC_DEFINE(DISABLE_SHADOW)
41b2f314 804 AC_DEFINE(DISABLE_FD_PASSING)
0fff78ff 805 AC_DEFINE(SETEUID_BREAKS_SETUID)
806 AC_DEFINE(BROKEN_SETREUID)
807 AC_DEFINE(BROKEN_SETREGID)
808 AC_DEFINE(WITH_ABBREV_NO_TTY)
c9f39d2c 809 AC_DEFINE(BROKEN_UPDWTMPX)
2c06c99b 810 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 811 AC_CHECK_FUNCS(getluid setluid)
812 MANTYPE=man
c9f39d2c 813 TEST_SHELL=ksh
3c0ef626 814 ;;
41b2f314 815*-*-unicosmk*)
2c06c99b 816 AC_DEFINE(NO_SSH_LASTLOG, 1,
817 [Define if you don't want to use lastlog in session.c])
cdd66111 818 AC_DEFINE(SETEUID_BREAKS_SETUID)
819 AC_DEFINE(BROKEN_SETREUID)
820 AC_DEFINE(BROKEN_SETREGID)
41b2f314 821 AC_DEFINE(USE_PIPES)
822 AC_DEFINE(DISABLE_FD_PASSING)
823 LDFLAGS="$LDFLAGS"
824 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
825 MANTYPE=cat
826 ;;
0fff78ff 827*-*-unicosmp*)
cdd66111 828 AC_DEFINE(SETEUID_BREAKS_SETUID)
829 AC_DEFINE(BROKEN_SETREUID)
830 AC_DEFINE(BROKEN_SETREGID)
0fff78ff 831 AC_DEFINE(WITH_ABBREV_NO_TTY)
832 AC_DEFINE(USE_PIPES)
833 AC_DEFINE(DISABLE_FD_PASSING)
834 LDFLAGS="$LDFLAGS"
cdd66111 835 LIBS="$LIBS -lgen -lacid -ldb"
0fff78ff 836 MANTYPE=cat
837 ;;
3c0ef626 838*-*-unicos*)
cdd66111 839 AC_DEFINE(SETEUID_BREAKS_SETUID)
840 AC_DEFINE(BROKEN_SETREUID)
841 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 842 AC_DEFINE(USE_PIPES)
41b2f314 843 AC_DEFINE(DISABLE_FD_PASSING)
844 AC_DEFINE(NO_SSH_LASTLOG)
845 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
846 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
847 MANTYPE=cat
3c0ef626 848 ;;
849*-dec-osf*)
850 AC_MSG_CHECKING(for Digital Unix SIA)
851 no_osfsia=""
852 AC_ARG_WITH(osfsia,
853 [ --with-osfsia Enable Digital Unix SIA],
854 [
855 if test "x$withval" = "xno" ; then
856 AC_MSG_RESULT(disabled)
857 no_osfsia=1
858 fi
859 ],
860 )
861 if test -z "$no_osfsia" ; then
862 if test -f /etc/sia/matrix.conf; then
863 AC_MSG_RESULT(yes)
2c06c99b 864 AC_DEFINE(HAVE_OSF_SIA, 1,
865 [Define if you have Digital Unix Security
866 Integration Architecture])
867 AC_DEFINE(DISABLE_LOGIN, 1,
868 [Define if you don't want to use your
869 system's login() call])
6a9b3198 870 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 871 LIBS="$LIBS -lsecurity -ldb -lm -laud"
9108f8d9 872 SIA_MSG="yes"
3c0ef626 873 else
874 AC_MSG_RESULT(no)
2c06c99b 875 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
876 [String used in /etc/passwd to denote locked account])
3c0ef626 877 fi
878 fi
0fff78ff 879 AC_DEFINE(BROKEN_GETADDRINFO)
acc3d05e 880 AC_DEFINE(SETEUID_BREAKS_SETUID)
881 AC_DEFINE(BROKEN_SETREUID)
882 AC_DEFINE(BROKEN_SETREGID)
22616013 883 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
3c0ef626 884 ;;
885
f2f068fa 886*-*-nto-qnx*)
3c0ef626 887 AC_DEFINE(USE_PIPES)
888 AC_DEFINE(NO_X11_UNIX_SOCKETS)
2c06c99b 889 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
890 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
891 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
f2f068fa 892 AC_DEFINE(DISABLE_LASTLOG)
9108f8d9 893 AC_DEFINE(SSHD_ACQUIRES_CTTY)
47686178 894 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
9108f8d9 895 enable_etc_default_login=no # has incompatible /etc/default/login
d4487008 896 case "$host" in
897 *-*-nto-qnx6*)
898 AC_DEFINE(DISABLE_FD_PASSING)
899 ;;
900 esac
3c0ef626 901 ;;
665a873d 902
903*-*-ultrix*)
2c06c99b 904 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
905 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
f2f068fa 906 AC_DEFINE(NEED_SETPGRP)
665a873d 907 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
908 ;;
909
910*-*-lynxos)
911 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
2c06c99b 912 AC_DEFINE(MISSING_HOWMANY)
665a873d 913 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
914 ;;
3c0ef626 915esac
916
0fff78ff 917AC_MSG_CHECKING(compiler and flags for sanity)
996d5e62 918AC_RUN_IFELSE(
919 [AC_LANG_SOURCE([
0fff78ff 920#include <stdio.h>
921int main(){exit(0);}
996d5e62 922 ])],
0fff78ff 923 [ AC_MSG_RESULT(yes) ],
924 [
925 AC_MSG_RESULT(no)
926 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
996d5e62 927 ],
928 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
0fff78ff 929)
930
665a873d 931dnl Checks for header files.
3c0ef626 932# Checks for libraries.
933AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
934AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
935
0fff78ff 936dnl IRIX and Solaris 2.5.1 have dirname() in libgen
937AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
938 AC_CHECK_LIB(gen, dirname,[
939 AC_CACHE_CHECK([for broken dirname],
940 ac_cv_have_broken_dirname, [
941 save_LIBS="$LIBS"
942 LIBS="$LIBS -lgen"
2c06c99b 943 AC_RUN_IFELSE(
944 [AC_LANG_SOURCE([[
0fff78ff 945#include <libgen.h>
946#include <string.h>
947
948int main(int argc, char **argv) {
949 char *s, buf[32];
950
951 strncpy(buf,"/etc", 32);
952 s = dirname(buf);
953 if (!s || strncmp(s, "/", 32) != 0) {
954 exit(1);
955 } else {
956 exit(0);
957 }
958}
2c06c99b 959 ]])],
960 [ ac_cv_have_broken_dirname="no" ],
961 [ ac_cv_have_broken_dirname="yes" ],
0fff78ff 962 [ ac_cv_have_broken_dirname="no" ],
0fff78ff 963 )
964 LIBS="$save_LIBS"
965 ])
966 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
967 LIBS="$LIBS -lgen"
968 AC_DEFINE(HAVE_DIRNAME)
969 AC_CHECK_HEADERS(libgen.h)
970 fi
971 ])
972])
973
3c0ef626 974AC_CHECK_FUNC(getspnam, ,
975 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
2c06c99b 976AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
977 [Define if you have the basename function.]))
3c0ef626 978
979dnl zlib is required
980AC_ARG_WITH(zlib,
981 [ --with-zlib=PATH Use zlib in PATH],
dec6d9fe 982 [ if test "x$withval" = "xno" ; then
983 AC_MSG_ERROR([*** zlib is required ***])
984 elif test "x$withval" != "xyes"; then
3c0ef626 985 if test -d "$withval/lib"; then
986 if test -n "${need_dash_r}"; then
987 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
988 else
989 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
990 fi
991 else
992 if test -n "${need_dash_r}"; then
993 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
994 else
995 LDFLAGS="-L${withval} ${LDFLAGS}"
996 fi
997 fi
998 if test -d "$withval/include"; then
999 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1000 else
1001 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1002 fi
dec6d9fe 1003 fi ]
3c0ef626 1004)
1005
cdd66111 1006AC_CHECK_LIB(z, deflate, ,
1007 [
1008 saved_CPPFLAGS="$CPPFLAGS"
1009 saved_LDFLAGS="$LDFLAGS"
1010 save_LIBS="$LIBS"
1011 dnl Check default zlib install dir
1012 if test -n "${need_dash_r}"; then
1013 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
1014 else
1015 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
1016 fi
1017 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
1018 LIBS="$LIBS -lz"
1019 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
1020 [
1021 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
1022 ]
1023 )
1024 ]
1025)
1026AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
1027
1028AC_ARG_WITH(zlib-version-check,
1029 [ --without-zlib-version-check Disable zlib version check],
1030 [ if test "x$withval" = "xno" ; then
1031 zlib_check_nonfatal=1
1032 fi
1033 ]
1034)
1035
dec6d9fe 1036AC_MSG_CHECKING(for possibly buggy zlib)
996d5e62 1037AC_RUN_IFELSE([AC_LANG_SOURCE([[
dec6d9fe 1038#include <stdio.h>
cdd66111 1039#include <zlib.h>
1040int main()
1041{
dec6d9fe 1042 int a=0, b=0, c=0, d=0, n, v;
1043 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1044 if (n != 3 && n != 4)
cdd66111 1045 exit(1);
dec6d9fe 1046 v = a*1000000 + b*10000 + c*100 + d;
1047 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1048
1049 /* 1.1.4 is OK */
1050 if (a == 1 && b == 1 && c >= 4)
cdd66111 1051 exit(0);
dec6d9fe 1052
665a873d 1053 /* 1.2.3 and up are OK */
1054 if (v >= 1020300)
dec6d9fe 1055 exit(0);
1056
cdd66111 1057 exit(2);
1058}
996d5e62 1059 ]])],
dec6d9fe 1060 AC_MSG_RESULT(no),
1061 [ AC_MSG_RESULT(yes)
cdd66111 1062 if test -z "$zlib_check_nonfatal" ; then
1063 AC_MSG_ERROR([*** zlib too old - check config.log ***
1064Your reported zlib version has known security problems. It's possible your
1065vendor has fixed these problems without changing the version number. If you
1066are sure this is the case, you can disable the check by running
1067"./configure --without-zlib-version-check".
665a873d 1068If you are in doubt, upgrade zlib to version 1.2.3 or greater.
dec6d9fe 1069See http://www.gzip.org/zlib/ for details.])
cdd66111 1070 else
1071 AC_MSG_WARN([zlib version may have security problems])
1072 fi
996d5e62 1073 ],
1074 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
cdd66111 1075)
3c0ef626 1076
3c0ef626 1077dnl UnixWare 2.x
cdd66111 1078AC_CHECK_FUNC(strcasecmp,
3c0ef626 1079 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1080)
2c06c99b 1081AC_CHECK_FUNCS(utimes,
41b2f314 1082 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1083 LIBS="$LIBS -lc89"]) ]
3c0ef626 1084)
1085
1086dnl Checks for libutil functions
1087AC_CHECK_HEADERS(libutil.h)
2c06c99b 1088AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1089 [Define if your libraries define login()])])
22616013 1090AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
3c0ef626 1091
1092AC_FUNC_STRFTIME
1093
3c0ef626 1094# Check for ALTDIRFUNC glob() extension
1095AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1096AC_EGREP_CPP(FOUNDIT,
1097 [
1098 #include <glob.h>
1099 #ifdef GLOB_ALTDIRFUNC
1100 FOUNDIT
1101 #endif
cdd66111 1102 ],
3c0ef626 1103 [
2c06c99b 1104 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1105 [Define if your system glob() function has
1106 the GLOB_ALTDIRFUNC extension])
3c0ef626 1107 AC_MSG_RESULT(yes)
1108 ],
1109 [
1110 AC_MSG_RESULT(no)
1111 ]
1112)
1113
1114# Check for g.gl_matchc glob() extension
1115AC_MSG_CHECKING(for gl_matchc field in glob_t)
9108f8d9 1116AC_TRY_COMPILE(
1117 [ #include <glob.h> ],
1118 [glob_t g; g.gl_matchc = 1;],
cdd66111 1119 [
2c06c99b 1120 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1121 [Define if your system glob() function has
1122 gl_matchc options in glob_t])
cdd66111 1123 AC_MSG_RESULT(yes)
1124 ],
1125 [
1126 AC_MSG_RESULT(no)
1127 ]
3c0ef626 1128)
1129
9108f8d9 1130AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1131
3c0ef626 1132AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
996d5e62 1133AC_RUN_IFELSE(
1134 [AC_LANG_SOURCE([[
3c0ef626 1135#include <sys/types.h>
1136#include <dirent.h>
41b2f314 1137int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
996d5e62 1138 ]])],
cdd66111 1139 [AC_MSG_RESULT(yes)],
3c0ef626 1140 [
1141 AC_MSG_RESULT(no)
2c06c99b 1142 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1143 [Define if your struct dirent expects you to
1144 allocate extra space for d_name])
996d5e62 1145 ],
dec6d9fe 1146 [
996d5e62 1147 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1148 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1149 ]
1150)
1151
c9f39d2c 1152AC_MSG_CHECKING([for /proc/pid/fd directory])
1153if test -d "/proc/$$/fd" ; then
2c06c99b 1154 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
c9f39d2c 1155 AC_MSG_RESULT(yes)
1156else
1157 AC_MSG_RESULT(no)
1158fi
1159
3c0ef626 1160# Check whether user wants S/Key support
cdd66111 1161SKEY_MSG="no"
3c0ef626 1162AC_ARG_WITH(skey,
996d5e62 1163 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1164 [
1165 if test "x$withval" != "xno" ; then
1166
1167 if test "x$withval" != "xyes" ; then
1168 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1169 LDFLAGS="$LDFLAGS -L${withval}/lib"
1170 fi
1171
2c06c99b 1172 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1173 LIBS="-lskey $LIBS"
cdd66111 1174 SKEY_MSG="yes"
dec6d9fe 1175
e9a17296 1176 AC_MSG_CHECKING([for s/key support])
2c06c99b 1177 AC_LINK_IFELSE(
1178 [AC_LANG_SOURCE([[
e9a17296 1179#include <stdio.h>
1180#include <skey.h>
41b2f314 1181int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
2c06c99b 1182 ]])],
e9a17296 1183 [AC_MSG_RESULT(yes)],
3c0ef626 1184 [
e9a17296 1185 AC_MSG_RESULT(no)
3c0ef626 1186 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1187 ])
99be0775 1188 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1189 AC_TRY_COMPILE(
1190 [#include <stdio.h>
1191 #include <skey.h>],
1192 [(void)skeychallenge(NULL,"name","",0);],
1193 [AC_MSG_RESULT(yes)
2c06c99b 1194 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1195 [Define if your skeychallenge()
1196 function takes 4 arguments (NetBSD)])],
99be0775 1197 [AC_MSG_RESULT(no)]
1198 )
3c0ef626 1199 fi
1200 ]
1201)
1202
1203# Check whether user wants TCP wrappers support
1204TCPW_MSG="no"
1205AC_ARG_WITH(tcp-wrappers,
996d5e62 1206 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1207 [
1208 if test "x$withval" != "xno" ; then
1209 saved_LIBS="$LIBS"
1210 saved_LDFLAGS="$LDFLAGS"
1211 saved_CPPFLAGS="$CPPFLAGS"
dec6d9fe 1212 if test -n "${withval}" && \
1213 test "x${withval}" != "xyes"; then
3c0ef626 1214 if test -d "${withval}/lib"; then
1215 if test -n "${need_dash_r}"; then
1216 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1217 else
1218 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1219 fi
1220 else
1221 if test -n "${need_dash_r}"; then
1222 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1223 else
1224 LDFLAGS="-L${withval} ${LDFLAGS}"
1225 fi
1226 fi
1227 if test -d "${withval}/include"; then
1228 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1229 else
1230 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1231 fi
1232 fi
d4487008 1233 LIBS="-lwrap $LIBS"
3c0ef626 1234 AC_MSG_CHECKING(for libwrap)
1235 AC_TRY_LINK(
1236 [
99be0775 1237#include <sys/types.h>
1238#include <sys/socket.h>
1239#include <netinet/in.h>
3c0ef626 1240#include <tcpd.h>
1241 int deny_severity = 0, allow_severity = 0;
1242 ],
1243 [hosts_access(0);],
1244 [
1245 AC_MSG_RESULT(yes)
2c06c99b 1246 AC_DEFINE(LIBWRAP, 1,
1247 [Define if you want
1248 TCP Wrappers support])
d4487008 1249 SSHDLIBS="$SSHDLIBS -lwrap"
3c0ef626 1250 TCPW_MSG="yes"
1251 ],
1252 [
1253 AC_MSG_ERROR([*** libwrap missing])
1254 ]
1255 )
e9a17296 1256 LIBS="$saved_LIBS"
3c0ef626 1257 fi
1258 ]
1259)
1260
996d5e62 1261# Check whether user wants libedit support
1262LIBEDIT_MSG="no"
1263AC_ARG_WITH(libedit,
1264 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1265 [ if test "x$withval" != "xno" ; then
dec6d9fe 1266 if test "x$withval" != "xyes"; then
2c06c99b 1267 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1268 if test -n "${need_dash_r}"; then
1269 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1270 else
1271 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1272 fi
dec6d9fe 1273 fi
996d5e62 1274 AC_CHECK_LIB(edit, el_init,
2c06c99b 1275 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
996d5e62 1276 LIBEDIT="-ledit -lcurses"
1277 LIBEDIT_MSG="yes"
1278 AC_SUBST(LIBEDIT)
1279 ],
dec6d9fe 1280 [ AC_MSG_ERROR(libedit not found) ],
1281 [ -lcurses ]
996d5e62 1282 )
665a873d 1283 AC_MSG_CHECKING(if libedit version is compatible)
1284 AC_COMPILE_IFELSE(
1285 [AC_LANG_SOURCE([[
1286#include <histedit.h>
1287int main(void)
1288{
1289 int i = H_SETSIZE;
1290 el_init("", NULL, NULL, NULL);
1291 exit(0);
1292}
1293 ]])],
1294 [ AC_MSG_RESULT(yes) ],
1295 [ AC_MSG_RESULT(no)
1296 AC_MSG_ERROR(libedit version is not compatible) ]
1297 )
996d5e62 1298 fi ]
1299)
1300
1301AUDIT_MODULE=none
1302AC_ARG_WITH(audit,
1303 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1304 [
1305 AC_MSG_CHECKING(for supported audit module)
1306 case "$withval" in
1307 bsm)
1308 AC_MSG_RESULT(bsm)
1309 AUDIT_MODULE=bsm
1310 dnl Checks for headers, libs and functions
1311 AC_CHECK_HEADERS(bsm/audit.h, [],
9108f8d9 1312 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1313 [
1314#ifdef HAVE_TIME_H
1315# include <time.h>
1316#endif
1317 ]
1318)
996d5e62 1319 AC_CHECK_LIB(bsm, getaudit, [],
1320 [AC_MSG_ERROR(BSM enabled and required library not found)])
1321 AC_CHECK_FUNCS(getaudit, [],
1322 [AC_MSG_ERROR(BSM enabled and required function not found)])
1323 # These are optional
47686178 1324 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
2c06c99b 1325 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
996d5e62 1326 ;;
1327 debug)
1328 AUDIT_MODULE=debug
1329 AC_MSG_RESULT(debug)
2c06c99b 1330 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
996d5e62 1331 ;;
665a873d 1332 no)
1333 AC_MSG_RESULT(no)
1334 ;;
996d5e62 1335 *)
1336 AC_MSG_ERROR([Unknown audit module $withval])
1337 ;;
1338 esac ]
1339)
1340
6a9b3198 1341dnl Checks for library functions. Please keep in alphabetical order
665a873d 1342AC_CHECK_FUNCS( \
1343 arc4random \
22616013 1344 arc4random_buf \
1345 arc4random_uniform \
2c06c99b 1346 asprintf \
665a873d 1347 b64_ntop \
1348 __b64_ntop \
1349 b64_pton \
1350 __b64_pton \
1351 bcopy \
1352 bindresvport_sa \
1353 clock \
1354 closefrom \
1355 dirfd \
1356 fchmod \
1357 fchown \
1358 freeaddrinfo \
22616013 1359 fstatvfs \
665a873d 1360 futimes \
1361 getaddrinfo \
1362 getcwd \
1363 getgrouplist \
1364 getnameinfo \
1365 getopt \
1366 getpeereid \
d4487008 1367 getpeerucred \
665a873d 1368 _getpty \
1369 getrlimit \
1370 getttyent \
1371 glob \
1372 inet_aton \
1373 inet_ntoa \
1374 inet_ntop \
1375 innetgr \
1376 login_getcapbool \
1377 md5_crypt \
1378 memmove \
1379 mkdtemp \
1380 mmap \
1381 ngetaddrinfo \
1382 nsleep \
1383 ogetaddrinfo \
1384 openlog_r \
1385 openpty \
d4487008 1386 poll \
665a873d 1387 prctl \
1388 pstat \
1389 readpassphrase \
1390 realpath \
1391 recvmsg \
1392 rresvport_af \
1393 sendmsg \
1394 setdtablesize \
1395 setegid \
1396 setenv \
1397 seteuid \
1398 setgroups \
1399 setlogin \
1400 setpcred \
1401 setproctitle \
1402 setregid \
1403 setreuid \
1404 setrlimit \
1405 setsid \
1406 setvbuf \
1407 sigaction \
1408 sigvec \
1409 snprintf \
1410 socketpair \
22616013 1411 statfs \
1412 statvfs \
665a873d 1413 strdup \
1414 strerror \
1415 strlcat \
1416 strlcpy \
1417 strmode \
1418 strnvis \
1419 strtonum \
1420 strtoll \
1421 strtoul \
d4487008 1422 swap32 \
665a873d 1423 sysconf \
1424 tcgetpgrp \
1425 truncate \
1426 unsetenv \
1427 updwtmpx \
2c06c99b 1428 vasprintf \
665a873d 1429 vhangup \
1430 vsnprintf \
1431 waitpid \
6a9b3198 1432)
1433
acc3d05e 1434# IRIX has a const char return value for gai_strerror()
1435AC_CHECK_FUNCS(gai_strerror,[
1436 AC_DEFINE(HAVE_GAI_STRERROR)
1437 AC_TRY_COMPILE([
1438#include <sys/types.h>
1439#include <sys/socket.h>
1440#include <netdb.h>
1441
1442const char *gai_strerror(int);],[
1443char *str;
1444
1445str = gai_strerror(0);],[
1446 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1447 [Define if gai_strerror() returns const char *])])])
1448
2c06c99b 1449AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1450 [Some systems put nanosleep outside of libc]))
6a9b3198 1451
0fff78ff 1452dnl Make sure prototypes are defined for these before using them.
0fff78ff 1453AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
665a873d 1454AC_CHECK_DECL(strsep,
1455 [AC_CHECK_FUNCS(strsep)],
1456 [],
1457 [
1458#ifdef HAVE_STRING_H
1459# include <string.h>
1460#endif
1461 ])
3c0ef626 1462
0fff78ff 1463dnl tcsendbreak might be a macro
1464AC_CHECK_DECL(tcsendbreak,
1465 [AC_DEFINE(HAVE_TCSENDBREAK)],
cdd66111 1466 [AC_CHECK_FUNCS(tcsendbreak)],
0fff78ff 1467 [#include <termios.h>]
1468)
3c0ef626 1469
c9f39d2c 1470AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1471
9108f8d9 1472AC_CHECK_DECLS(SHUT_RD, , ,
1473 [
1474#include <sys/types.h>
1475#include <sys/socket.h>
1476 ])
1477
1478AC_CHECK_DECLS(O_NONBLOCK, , ,
1479 [
1480#include <sys/types.h>
1481#ifdef HAVE_SYS_STAT_H
1482# include <sys/stat.h>
1483#endif
1484#ifdef HAVE_FCNTL_H
1485# include <fcntl.h>
1486#endif
1487 ])
1488
1489AC_CHECK_DECLS(writev, , , [
1490#include <sys/types.h>
1491#include <sys/uio.h>
1492#include <unistd.h>
1493 ])
1494
d4487008 1495AC_CHECK_DECLS(MAXSYMLINKS, , , [
1496#include <sys/param.h>
1497 ])
1498
1499AC_CHECK_DECLS(offsetof, , , [
1500#include <stddef.h>
1501 ])
1502
cdd66111 1503AC_CHECK_FUNCS(setresuid, [
1504 dnl Some platorms have setresuid that isn't implemented, test for this
1505 AC_MSG_CHECKING(if setresuid seems to work)
996d5e62 1506 AC_RUN_IFELSE(
1507 [AC_LANG_SOURCE([[
cdd66111 1508#include <stdlib.h>
1509#include <errno.h>
1510int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1511 ]])],
cdd66111 1512 [AC_MSG_RESULT(yes)],
2c06c99b 1513 [AC_DEFINE(BROKEN_SETRESUID, 1,
1514 [Define if your setresuid() is broken])
996d5e62 1515 AC_MSG_RESULT(not implemented)],
1516 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1517 )
1518])
1519
1520AC_CHECK_FUNCS(setresgid, [
1521 dnl Some platorms have setresgid that isn't implemented, test for this
1522 AC_MSG_CHECKING(if setresgid seems to work)
996d5e62 1523 AC_RUN_IFELSE(
1524 [AC_LANG_SOURCE([[
cdd66111 1525#include <stdlib.h>
1526#include <errno.h>
1527int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
996d5e62 1528 ]])],
cdd66111 1529 [AC_MSG_RESULT(yes)],
2c06c99b 1530 [AC_DEFINE(BROKEN_SETRESGID, 1,
1531 [Define if your setresgid() is broken])
996d5e62 1532 AC_MSG_RESULT(not implemented)],
1533 [AC_MSG_WARN([cross compiling: not checking setresuid])]
cdd66111 1534 )
1535])
1536
3c0ef626 1537dnl Checks for time functions
1538AC_CHECK_FUNCS(gettimeofday time)
1539dnl Checks for utmp functions
1540AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1541AC_CHECK_FUNCS(utmpname)
1542dnl Checks for utmpx functions
1543AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1544AC_CHECK_FUNCS(setutxent utmpxname)
91d9cdd3 1545dnl Checks for lastlog functions
1546AC_CHECK_FUNCS(getlastlogxbyname)
3c0ef626 1547
cdd66111 1548AC_CHECK_FUNC(daemon,
2c06c99b 1549 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1550 [AC_CHECK_LIB(bsd, daemon,
1551 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1552)
1553
cdd66111 1554AC_CHECK_FUNC(getpagesize,
2c06c99b 1555 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1556 [Define if your libraries define getpagesize()])],
1557 [AC_CHECK_LIB(ucb, getpagesize,
1558 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1559)
1560
1561# Check for broken snprintf
1562if test "x$ac_cv_func_snprintf" = "xyes" ; then
1563 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
996d5e62 1564 AC_RUN_IFELSE(
1565 [AC_LANG_SOURCE([[
3c0ef626 1566#include <stdio.h>
41b2f314 1567int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
996d5e62 1568 ]])],
cdd66111 1569 [AC_MSG_RESULT(yes)],
3c0ef626 1570 [
1571 AC_MSG_RESULT(no)
2c06c99b 1572 AC_DEFINE(BROKEN_SNPRINTF, 1,
1573 [Define if your snprintf is busted])
3c0ef626 1574 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
996d5e62 1575 ],
1576 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1577 )
1578fi
1579
2c06c99b 1580# If we don't have a working asprintf, then we strongly depend on vsnprintf
1581# returning the right thing on overflow: the number of characters it tried to
1582# create (as per SUSv3)
1583if test "x$ac_cv_func_asprintf" != "xyes" && \
1584 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1585 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1586 AC_RUN_IFELSE(
1587 [AC_LANG_SOURCE([[
1588#include <sys/types.h>
1589#include <stdio.h>
1590#include <stdarg.h>
1591
1592int x_snprintf(char *str,size_t count,const char *fmt,...)
1593{
1594 size_t ret; va_list ap;
1595 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1596 return ret;
1597}
1598int main(void)
1599{
1600 char x[1];
1601 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1602} ]])],
1603 [AC_MSG_RESULT(yes)],
1604 [
1605 AC_MSG_RESULT(no)
1606 AC_DEFINE(BROKEN_SNPRINTF, 1,
1607 [Define if your snprintf is busted])
1608 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1609 ],
1610 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1611 )
1612fi
1613
1614# On systems where [v]snprintf is broken, but is declared in stdio,
1615# check that the fmt argument is const char * or just char *.
1616# This is only useful for when BROKEN_SNPRINTF
1617AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1618AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1619 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1620 int main(void) { snprintf(0, 0, 0); }
1621 ]])],
1622 [AC_MSG_RESULT(yes)
1623 AC_DEFINE(SNPRINTF_CONST, [const],
1624 [Define as const if snprintf() can declare const char *fmt])],
1625 [AC_MSG_RESULT(no)
1626 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1627
c9f39d2c 1628# Check for missing getpeereid (or equiv) support
1629NO_PEERCHECK=""
d4487008 1630if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
c9f39d2c 1631 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1632 AC_TRY_COMPILE(
1633 [#include <sys/types.h>
1634 #include <sys/socket.h>],
1635 [int i = SO_PEERCRED;],
dec6d9fe 1636 [ AC_MSG_RESULT(yes)
2c06c99b 1637 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
dec6d9fe 1638 ],
c9f39d2c 1639 [AC_MSG_RESULT(no)
1640 NO_PEERCHECK=1]
1641 )
1642fi
1643
6a9b3198 1644dnl see whether mkstemp() requires XXXXXX
1645if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1646AC_MSG_CHECKING([for (overly) strict mkstemp])
2c06c99b 1647AC_RUN_IFELSE(
1648 [AC_LANG_SOURCE([[
6a9b3198 1649#include <stdlib.h>
1650main() { char template[]="conftest.mkstemp-test";
1651if (mkstemp(template) == -1)
1652 exit(1);
1653unlink(template); exit(0);
1654}
2c06c99b 1655 ]])],
6a9b3198 1656 [
1657 AC_MSG_RESULT(no)
1658 ],
cdd66111 1659 [
6a9b3198 1660 AC_MSG_RESULT(yes)
2c06c99b 1661 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
6a9b3198 1662 ],
1663 [
1664 AC_MSG_RESULT(yes)
1665 AC_DEFINE(HAVE_STRICT_MKSTEMP)
cdd66111 1666 ]
6a9b3198 1667)
1668fi
1669
0fff78ff 1670dnl make sure that openpty does not reacquire controlling terminal
1671if test ! -z "$check_for_openpty_ctty_bug"; then
1672 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
2c06c99b 1673 AC_RUN_IFELSE(
1674 [AC_LANG_SOURCE([[
0fff78ff 1675#include <stdio.h>
1676#include <sys/fcntl.h>
1677#include <sys/types.h>
1678#include <sys/wait.h>
1679
1680int
1681main()
1682{
1683 pid_t pid;
1684 int fd, ptyfd, ttyfd, status;
1685
1686 pid = fork();
1687 if (pid < 0) { /* failed */
1688 exit(1);
1689 } else if (pid > 0) { /* parent */
1690 waitpid(pid, &status, 0);
cdd66111 1691 if (WIFEXITED(status))
0fff78ff 1692 exit(WEXITSTATUS(status));
1693 else
1694 exit(2);
1695 } else { /* child */
1696 close(0); close(1); close(2);
1697 setsid();
1698 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1699 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1700 if (fd >= 0)
1701 exit(3); /* Acquired ctty: broken */
1702 else
1703 exit(0); /* Did not acquire ctty: OK */
1704 }
1705}
2c06c99b 1706 ]])],
0fff78ff 1707 [
1708 AC_MSG_RESULT(yes)
1709 ],
1710 [
1711 AC_MSG_RESULT(no)
1712 AC_DEFINE(SSHD_ACQUIRES_CTTY)
2c06c99b 1713 ],
1714 [
1715 AC_MSG_RESULT(cross-compiling, assuming yes)
0fff78ff 1716 ]
1717 )
1718fi
1719
dec6d9fe 1720if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1721 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
99be0775 1722 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1723 AC_RUN_IFELSE(
1724 [AC_LANG_SOURCE([[
99be0775 1725#include <stdio.h>
1726#include <sys/socket.h>
1727#include <netdb.h>
1728#include <errno.h>
1729#include <netinet/in.h>
1730
1731#define TEST_PORT "2222"
1732
1733int
1734main(void)
1735{
1736 int err, sock;
1737 struct addrinfo *gai_ai, *ai, hints;
1738 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1739
1740 memset(&hints, 0, sizeof(hints));
1741 hints.ai_family = PF_UNSPEC;
1742 hints.ai_socktype = SOCK_STREAM;
1743 hints.ai_flags = AI_PASSIVE;
1744
1745 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1746 if (err != 0) {
1747 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1748 exit(1);
1749 }
1750
1751 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1752 if (ai->ai_family != AF_INET6)
1753 continue;
1754
1755 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1756 sizeof(ntop), strport, sizeof(strport),
1757 NI_NUMERICHOST|NI_NUMERICSERV);
1758
1759 if (err != 0) {
1760 if (err == EAI_SYSTEM)
1761 perror("getnameinfo EAI_SYSTEM");
1762 else
1763 fprintf(stderr, "getnameinfo failed: %s\n",
1764 gai_strerror(err));
1765 exit(2);
1766 }
1767
1768 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1769 if (sock < 0)
1770 perror("socket");
1771 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1772 if (errno == EBADF)
1773 exit(3);
1774 }
1775 }
1776 exit(0);
1777}
2c06c99b 1778 ]])],
99be0775 1779 [
1780 AC_MSG_RESULT(yes)
1781 ],
1782 [
1783 AC_MSG_RESULT(no)
1784 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1785 ],
1786 [
1787 AC_MSG_RESULT(cross-compiling, assuming yes)
99be0775 1788 ]
1789 )
1790fi
1791
dec6d9fe 1792if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1793 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
996d5e62 1794 AC_MSG_CHECKING(if getaddrinfo seems to work)
2c06c99b 1795 AC_RUN_IFELSE(
1796 [AC_LANG_SOURCE([[
996d5e62 1797#include <stdio.h>
1798#include <sys/socket.h>
1799#include <netdb.h>
1800#include <errno.h>
1801#include <netinet/in.h>
1802
1803#define TEST_PORT "2222"
1804
1805int
1806main(void)
1807{
1808 int err, sock;
1809 struct addrinfo *gai_ai, *ai, hints;
1810 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1811
1812 memset(&hints, 0, sizeof(hints));
1813 hints.ai_family = PF_UNSPEC;
1814 hints.ai_socktype = SOCK_STREAM;
1815 hints.ai_flags = AI_PASSIVE;
1816
1817 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1818 if (err != 0) {
1819 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1820 exit(1);
1821 }
1822
1823 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1824 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1825 continue;
1826
1827 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1828 sizeof(ntop), strport, sizeof(strport),
1829 NI_NUMERICHOST|NI_NUMERICSERV);
1830
1831 if (ai->ai_family == AF_INET && err != 0) {
1832 perror("getnameinfo");
1833 exit(2);
1834 }
1835 }
1836 exit(0);
1837}
2c06c99b 1838 ]])],
996d5e62 1839 [
1840 AC_MSG_RESULT(yes)
2c06c99b 1841 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1842 [Define if you have a getaddrinfo that fails
1843 for the all-zeros IPv6 address])
996d5e62 1844 ],
1845 [
1846 AC_MSG_RESULT(no)
1847 AC_DEFINE(BROKEN_GETADDRINFO)
2c06c99b 1848 ],
9108f8d9 1849 [
2c06c99b 1850 AC_MSG_RESULT(cross-compiling, assuming no)
996d5e62 1851 ]
1852 )
1853fi
1854
1855if test "x$check_for_conflicting_getspnam" = "x1"; then
1856 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1857 AC_COMPILE_IFELSE(
1858 [
1859#include <shadow.h>
1860int main(void) {exit(0);}
1861 ],
1862 [
1863 AC_MSG_RESULT(no)
1864 ],
1865 [
1866 AC_MSG_RESULT(yes)
1867 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1868 [Conflicting defs for getspnam])
1869 ]
1870 )
1871fi
1872
3c0ef626 1873AC_FUNC_GETPGRP
1874
700318f3 1875# Search for OpenSSL
1876saved_CPPFLAGS="$CPPFLAGS"
1877saved_LDFLAGS="$LDFLAGS"
3c0ef626 1878AC_ARG_WITH(ssl-dir,
1879 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1880 [
1881 if test "x$withval" != "xno" ; then
996d5e62 1882 case "$withval" in
1883 # Relative paths
1884 ./*|../*) withval="`pwd`/$withval"
1885 esac
700318f3 1886 if test -d "$withval/lib"; then
1887 if test -n "${need_dash_r}"; then
1888 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1889 else
1890 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1891 fi
1892 else
700318f3 1893 if test -n "${need_dash_r}"; then
1894 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1895 else
1896 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1897 fi
1898 fi
700318f3 1899 if test -d "$withval/include"; then
1900 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1901 else
700318f3 1902 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1903 fi
1904 fi
700318f3 1905 ]
1906)
cdd66111 1907LIBS="-lcrypto $LIBS"
2c06c99b 1908AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1909 [Define if your ssl headers are included
1910 with #include <openssl/header.h>]),
3c0ef626 1911 [
700318f3 1912 dnl Check default openssl install dir
1913 if test -n "${need_dash_r}"; then
1914 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1915 else
700318f3 1916 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1917 fi
700318f3 1918 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1919 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1920 [
1921 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1922 ]
1923 )
1924 ]
1925)
1926
41b2f314 1927# Determine OpenSSL header version
1928AC_MSG_CHECKING([OpenSSL header version])
996d5e62 1929AC_RUN_IFELSE(
1930 [AC_LANG_SOURCE([[
41b2f314 1931#include <stdio.h>
1932#include <string.h>
1933#include <openssl/opensslv.h>
1934#define DATA "conftest.sslincver"
1935int main(void) {
cdd66111 1936 FILE *fd;
1937 int rc;
41b2f314 1938
cdd66111 1939 fd = fopen(DATA,"w");
1940 if(fd == NULL)
1941 exit(1);
41b2f314 1942
1943 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1944 exit(1);
1945
1946 exit(0);
1947}
996d5e62 1948 ]])],
41b2f314 1949 [
1950 ssl_header_ver=`cat conftest.sslincver`
1951 AC_MSG_RESULT($ssl_header_ver)
1952 ],
1953 [
1954 AC_MSG_RESULT(not found)
1955 AC_MSG_ERROR(OpenSSL version header not found.)
996d5e62 1956 ],
1957 [
1958 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1959 ]
1960)
1961
1962# Determine OpenSSL library version
1963AC_MSG_CHECKING([OpenSSL library version])
996d5e62 1964AC_RUN_IFELSE(
1965 [AC_LANG_SOURCE([[
41b2f314 1966#include <stdio.h>
1967#include <string.h>
1968#include <openssl/opensslv.h>
1969#include <openssl/crypto.h>
1970#define DATA "conftest.ssllibver"
1971int main(void) {
cdd66111 1972 FILE *fd;
1973 int rc;
41b2f314 1974
cdd66111 1975 fd = fopen(DATA,"w");
1976 if(fd == NULL)
1977 exit(1);
41b2f314 1978
1979 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1980 exit(1);
1981
1982 exit(0);
1983}
996d5e62 1984 ]])],
41b2f314 1985 [
1986 ssl_library_ver=`cat conftest.ssllibver`
1987 AC_MSG_RESULT($ssl_library_ver)
1988 ],
1989 [
1990 AC_MSG_RESULT(not found)
1991 AC_MSG_ERROR(OpenSSL library not found.)
996d5e62 1992 ],
1993 [
1994 AC_MSG_WARN([cross compiling: not checking])
41b2f314 1995 ]
1996)
3c0ef626 1997
799ae497 1998AC_ARG_WITH(openssl-header-check,
1999 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2000 [ if test "x$withval" = "xno" ; then
2001 openssl_check_nonfatal=1
2002 fi
2003 ]
2004)
2005
e9a17296 2006# Sanity check OpenSSL headers
2007AC_MSG_CHECKING([whether OpenSSL's headers match the library])
996d5e62 2008AC_RUN_IFELSE(
2009 [AC_LANG_SOURCE([[
e9a17296 2010#include <string.h>
2011#include <openssl/opensslv.h>
41b2f314 2012int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
996d5e62 2013 ]])],
e9a17296 2014 [
2015 AC_MSG_RESULT(yes)
2016 ],
2017 [
2018 AC_MSG_RESULT(no)
799ae497 2019 if test "x$openssl_check_nonfatal" = "x"; then
2020 AC_MSG_ERROR([Your OpenSSL headers do not match your
2021library. Check config.log for details.
2022If you are sure your installation is consistent, you can disable the check
2023by running "./configure --without-openssl-header-check".
2024Also see contrib/findssl.sh for help identifying header/library mismatches.
2025])
2026 else
2027 AC_MSG_WARN([Your OpenSSL headers do not match your
2028library. Check config.log for details.
0fff78ff 2029Also see contrib/findssl.sh for help identifying header/library mismatches.])
799ae497 2030 fi
996d5e62 2031 ],
2032 [
2033 AC_MSG_WARN([cross compiling: not checking])
e9a17296 2034 ]
2035)
2036
9108f8d9 2037AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2038AC_LINK_IFELSE(
2039 [AC_LANG_SOURCE([[
2040#include <openssl/evp.h>
2041int main(void) { SSLeay_add_all_algorithms(); }
2042 ]])],
2043 [
2044 AC_MSG_RESULT(yes)
2045 ],
2046 [
2047 AC_MSG_RESULT(no)
2048 saved_LIBS="$LIBS"
2049 LIBS="$LIBS -ldl"
2050 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2051 AC_LINK_IFELSE(
2052 [AC_LANG_SOURCE([[
2053#include <openssl/evp.h>
2054int main(void) { SSLeay_add_all_algorithms(); }
2055 ]])],
2056 [
2057 AC_MSG_RESULT(yes)
2058 ],
2059 [
2060 AC_MSG_RESULT(no)
2061 LIBS="$saved_LIBS"
2062 ]
2063 )
2064 ]
2065)
2066
2067AC_ARG_WITH(ssl-engine,
2068 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2069 [ if test "x$withval" != "xno" ; then
2070 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2071 AC_TRY_COMPILE(
2072 [ #include <openssl/engine.h>],
2073 [
ff7ec503 2074ENGINE_load_builtin_engines();ENGINE_register_all_complete();
9108f8d9 2075 ],
2076 [ AC_MSG_RESULT(yes)
2077 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2078 [Enable OpenSSL engine support])
2079 ],
2080 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2081 )
2082 fi ]
2083)
2084
2c06c99b 2085# Check for OpenSSL without EVP_aes_{192,256}_cbc
2086AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
9108f8d9 2087AC_LINK_IFELSE(
2c06c99b 2088 [AC_LANG_SOURCE([[
2089#include <string.h>
2090#include <openssl/evp.h>
f2f068fa 2091int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
2c06c99b 2092 ]])],
2093 [
2094 AC_MSG_RESULT(no)
2095 ],
2096 [
2097 AC_MSG_RESULT(yes)
2098 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2099 [libcrypto is missing AES 192 and 256 bit functions])
2100 ]
2101)
2102
cdd66111 2103# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2104# because the system crypt() is more featureful.
2105if test "x$check_for_libcrypt_before" = "x1"; then
2106 AC_CHECK_LIB(crypt, crypt)
2107fi
2108
2109# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2110# version in OpenSSL.
0fff78ff 2111if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2112 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2113fi
2114
9108f8d9 2115# Search for SHA256 support in libc and/or OpenSSL
2116AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2117
d4487008 2118saved_LIBS="$LIBS"
2119AC_CHECK_LIB(iaf, ia_openinfo, [
2120 LIBS="$LIBS -liaf"
47686178 2121 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2122 AC_DEFINE(HAVE_LIBIAF, 1,
2123 [Define if system has libiaf that supports set_id])
2124 ])
d4487008 2125])
2126LIBS="$saved_LIBS"
e9a17296 2127
2128### Configure cryptographic random number support
2129
2130# Check wheter OpenSSL seeds itself
2131AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
996d5e62 2132AC_RUN_IFELSE(
2133 [AC_LANG_SOURCE([[
e9a17296 2134#include <string.h>
2135#include <openssl/rand.h>
41b2f314 2136int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
996d5e62 2137 ]])],
e9a17296 2138 [
2139 OPENSSL_SEEDS_ITSELF=yes
2140 AC_MSG_RESULT(yes)
2141 ],
2142 [
2143 AC_MSG_RESULT(no)
2144 # Default to use of the rand helper if OpenSSL doesn't
2145 # seed itself
2146 USE_RAND_HELPER=yes
996d5e62 2147 ],
2148 [
2149 AC_MSG_WARN([cross compiling: assuming yes])
2150 # This is safe, since all recent OpenSSL versions will
dec6d9fe 2151 # complain at runtime if not seeded correctly.
996d5e62 2152 OPENSSL_SEEDS_ITSELF=yes
e9a17296 2153 ]
2154)
2155
9108f8d9 2156# Check for PAM libs
2157PAM_MSG="no"
2158AC_ARG_WITH(pam,
2159 [ --with-pam Enable PAM support ],
2160 [
2161 if test "x$withval" != "xno" ; then
2162 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2163 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2164 AC_MSG_ERROR([PAM headers not found])
2165 fi
2166
2167 saved_LIBS="$LIBS"
2168 AC_CHECK_LIB(dl, dlopen, , )
2169 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2170 AC_CHECK_FUNCS(pam_getenvlist)
2171 AC_CHECK_FUNCS(pam_putenv)
2172 LIBS="$saved_LIBS"
2173
2174 PAM_MSG="yes"
2175
d4487008 2176 SSHDLIBS="$SSHDLIBS -lpam"
9108f8d9 2177 AC_DEFINE(USE_PAM, 1,
2178 [Define if you want to enable PAM support])
2179
2180 if test $ac_cv_lib_dl_dlopen = yes; then
2181 case "$LIBS" in
2182 *-ldl*)
2183 # libdl already in LIBS
2184 ;;
2185 *)
d4487008 2186 SSHDLIBS="$SSHDLIBS -ldl"
9108f8d9 2187 ;;
2188 esac
2189 fi
9108f8d9 2190 fi
2191 ]
2192)
2193
2194# Check for older PAM
2195if test "x$PAM_MSG" = "xyes" ; then
2196 # Check PAM strerror arguments (old PAM)
2197 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2198 AC_TRY_COMPILE(
2199 [
2200#include <stdlib.h>
2201#if defined(HAVE_SECURITY_PAM_APPL_H)
2202#include <security/pam_appl.h>
2203#elif defined (HAVE_PAM_PAM_APPL_H)
2204#include <pam/pam_appl.h>
2205#endif
2206 ],
2207 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2208 [AC_MSG_RESULT(no)],
2209 [
2210 AC_DEFINE(HAVE_OLD_PAM, 1,
2211 [Define if you have an old version of PAM
2212 which takes only one argument to pam_strerror])
2213 AC_MSG_RESULT(yes)
2214 PAM_MSG="yes (old library)"
2215 ]
2216 )
2217fi
e9a17296 2218
2219# Do we want to force the use of the rand helper?
2220AC_ARG_WITH(rand-helper,
2221 [ --with-rand-helper Use subprocess to gather strong randomness ],
2222 [
2223 if test "x$withval" = "xno" ; then
cdd66111 2224 # Force use of OpenSSL's internal RNG, even if
e9a17296 2225 # the previous test showed it to be unseeded.
2226 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2227 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2228 OPENSSL_SEEDS_ITSELF=yes
2229 USE_RAND_HELPER=""
2230 fi
2231 else
2232 USE_RAND_HELPER=yes
2233 fi
2234 ],
dec6d9fe 2235)
e9a17296 2236
2237# Which randomness source do we use?
dec6d9fe 2238if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9a17296 2239 # OpenSSL only
2c06c99b 2240 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2241 [Define if you want OpenSSL's internally seeded PRNG only])
e9a17296 2242 RAND_MSG="OpenSSL internal ONLY"
2243 INSTALL_SSH_RAND_HELPER=""
2244elif test ! -z "$USE_RAND_HELPER" ; then
2245 # install rand helper
2246 RAND_MSG="ssh-rand-helper"
2247 INSTALL_SSH_RAND_HELPER="yes"
2248fi
2249AC_SUBST(INSTALL_SSH_RAND_HELPER)
2250
2251### Configuration of ssh-rand-helper
2252
2253# PRNGD TCP socket
2254AC_ARG_WITH(prngd-port,
2255 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2256 [
2257 case "$withval" in
2258 no)
2259 withval=""
2260 ;;
2261 [[0-9]]*)
2262 ;;
2263 *)
2264 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2265 ;;
2266 esac
2267 if test ! -z "$withval" ; then
2268 PRNGD_PORT="$withval"
2c06c99b 2269 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2270 [Port number of PRNGD/EGD random number socket])
e9a17296 2271 fi
2272 ]
2273)
2274
2275# PRNGD Unix domain socket
2276AC_ARG_WITH(prngd-socket,
2277 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2278 [
2279 case "$withval" in
2280 yes)
2281 withval="/var/run/egd-pool"
2282 ;;
2283 no)
2284 withval=""
2285 ;;
2286 /*)
2287 ;;
2288 *)
2289 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2290 ;;
2291 esac
2292
2293 if test ! -z "$withval" ; then
2294 if test ! -z "$PRNGD_PORT" ; then
2295 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2296 fi
2297 if test ! -r "$withval" ; then
2298 AC_MSG_WARN(Entropy socket is not readable)
2299 fi
2300 PRNGD_SOCKET="$withval"
2c06c99b 2301 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2302 [Location of PRNGD/EGD random number socket])
e9a17296 2303 fi
2304 ],
2305 [
2306 # Check for existing socket only if we don't have a random device already
2307 if test "$USE_RAND_HELPER" = yes ; then
2308 AC_MSG_CHECKING(for PRNGD/EGD socket)
2309 # Insert other locations here
2310 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2311 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2312 PRNGD_SOCKET="$sock"
2313 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2314 break;
2315 fi
2316 done
2317 if test ! -z "$PRNGD_SOCKET" ; then
2318 AC_MSG_RESULT($PRNGD_SOCKET)
2319 else
2320 AC_MSG_RESULT(not found)
2321 fi
2322 fi
2323 ]
2324)
2325
2326# Change default command timeout for hashing entropy source
2327entropy_timeout=200
2328AC_ARG_WITH(entropy-timeout,
2329 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2330 [
dec6d9fe 2331 if test -n "$withval" && test "x$withval" != "xno" && \
2332 test "x${withval}" != "xyes"; then
e9a17296 2333 entropy_timeout=$withval
2334 fi
dec6d9fe 2335 ]
e9a17296 2336)
2c06c99b 2337AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2338 [Builtin PRNG command timeout])
e9a17296 2339
680cee3b 2340SSH_PRIVSEP_USER=sshd
700318f3 2341AC_ARG_WITH(privsep-user,
2342 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2343 [
dec6d9fe 2344 if test -n "$withval" && test "x$withval" != "xno" && \
2345 test "x${withval}" != "xyes"; then
680cee3b 2346 SSH_PRIVSEP_USER=$withval
700318f3 2347 fi
dec6d9fe 2348 ]
700318f3 2349)
2c06c99b 2350AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2351 [non-privileged user for privilege separation])
680cee3b 2352AC_SUBST(SSH_PRIVSEP_USER)
700318f3 2353
2354# We do this little dance with the search path to insure
2355# that programs that we select for use by installed programs
2356# (which may be run by the super-user) come from trusted
2357# locations before they come from the user's private area.
2358# This should help avoid accidentally configuring some
2359# random version of a program in someone's personal bin.
2360
2361OPATH=$PATH
2362PATH=/bin:/usr/bin
2363test -h /bin 2> /dev/null && PATH=/usr/bin
2364test -d /sbin && PATH=$PATH:/sbin
2365test -d /usr/sbin && PATH=$PATH:/usr/sbin
2366PATH=$PATH:/etc:$OPATH
2367
cdd66111 2368# These programs are used by the command hashing source to gather entropy
e9a17296 2369OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2370OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2371OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2372OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2373OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2374OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2375OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2376OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2377OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2378OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2379OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2380OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2381OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2382OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2383OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2384OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
700318f3 2385# restore PATH
2386PATH=$OPATH
e9a17296 2387
2388# Where does ssh-rand-helper get its randomness from?
2389INSTALL_SSH_PRNG_CMDS=""
2390if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2391 if test ! -z "$PRNGD_PORT" ; then
2392 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2393 elif test ! -z "$PRNGD_SOCKET" ; then
2394 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2395 else
2396 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2397 RAND_HELPER_CMDHASH=yes
2398 INSTALL_SSH_PRNG_CMDS="yes"
2399 fi
2400fi
2401AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2402
2403
3c0ef626 2404# Cheap hack to ensure NEWS-OS libraries are arranged right.
2405if test ! -z "$SONY" ; then
2406 LIBS="$LIBS -liberty";
2407fi
2408
2c06c99b 2409# Check for long long datatypes
2410AC_CHECK_TYPES([long long, unsigned long long, long double])
2411
2412# Check datatype sizes
3c0ef626 2413AC_CHECK_SIZEOF(char, 1)
2414AC_CHECK_SIZEOF(short int, 2)
2415AC_CHECK_SIZEOF(int, 4)
2416AC_CHECK_SIZEOF(long int, 4)
2417AC_CHECK_SIZEOF(long long int, 8)
2418
700318f3 2419# Sanity check long long for some platforms (AIX)
2420if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2421 ac_cv_sizeof_long_long_int=0
2422fi
2423
2c06c99b 2424# compute LLONG_MIN and LLONG_MAX if we don't know them.
2425if test -z "$have_llong_max"; then
2426 AC_MSG_CHECKING([for max value of long long])
2427 AC_RUN_IFELSE(
2428 [AC_LANG_SOURCE([[
2429#include <stdio.h>
2430/* Why is this so damn hard? */
2431#ifdef __GNUC__
2432# undef __GNUC__
2433#endif
2434#define __USE_ISOC99
2435#include <limits.h>
2436#define DATA "conftest.llminmax"
9108f8d9 2437#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2438
2439/*
2440 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2441 * we do this the hard way.
2442 */
2443static int
2444fprint_ll(FILE *f, long long n)
2445{
2446 unsigned int i;
2447 int l[sizeof(long long) * 8];
2448
2449 if (n < 0)
2450 if (fprintf(f, "-") < 0)
2451 return -1;
2452 for (i = 0; n != 0; i++) {
2453 l[i] = my_abs(n % 10);
2454 n /= 10;
2455 }
2456 do {
2457 if (fprintf(f, "%d", l[--i]) < 0)
2458 return -1;
2459 } while (i != 0);
2460 if (fprintf(f, " ") < 0)
2461 return -1;
2462 return 0;
2463}
2464
2c06c99b 2465int main(void) {
2466 FILE *f;
2467 long long i, llmin, llmax = 0;
2468
2469 if((f = fopen(DATA,"w")) == NULL)
2470 exit(1);
2471
2472#if defined(LLONG_MIN) && defined(LLONG_MAX)
2473 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2474 llmin = LLONG_MIN;
2475 llmax = LLONG_MAX;
2476#else
2477 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2478 /* This will work on one's complement and two's complement */
2479 for (i = 1; i > llmax; i <<= 1, i++)
2480 llmax = i;
2481 llmin = llmax + 1LL; /* wrap */
2482#endif
2483
2484 /* Sanity check */
2485 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
9108f8d9 2486 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2487 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
2c06c99b 2488 fprintf(f, "unknown unknown\n");
2489 exit(2);
2490 }
2491
9108f8d9 2492 if (fprint_ll(f, llmin) < 0)
2c06c99b 2493 exit(3);
9108f8d9 2494 if (fprint_ll(f, llmax) < 0)
2495 exit(4);
2496 if (fclose(f) < 0)
2497 exit(5);
2c06c99b 2498 exit(0);
2499}
2500 ]])],
2501 [
2502 llong_min=`$AWK '{print $1}' conftest.llminmax`
2503 llong_max=`$AWK '{print $2}' conftest.llminmax`
2504
2c06c99b 2505 AC_MSG_RESULT($llong_max)
2506 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2507 [max value of long long calculated by configure])
2508 AC_MSG_CHECKING([for min value of long long])
2509 AC_MSG_RESULT($llong_min)
2510 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2511 [min value of long long calculated by configure])
2512 ],
2513 [
2514 AC_MSG_RESULT(not found)
2515 ],
2516 [
2517 AC_MSG_WARN([cross compiling: not checking])
2518 ]
2519 )
2520fi
2521
2522
3c0ef626 2523# More checks for data types
2524AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2525 AC_TRY_COMPILE(
cdd66111 2526 [ #include <sys/types.h> ],
2527 [ u_int a; a = 1;],
3c0ef626 2528 [ ac_cv_have_u_int="yes" ],
2529 [ ac_cv_have_u_int="no" ]
2530 )
2531])
2532if test "x$ac_cv_have_u_int" = "xyes" ; then
2c06c99b 2533 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2534 have_u_int=1
2535fi
2536
2537AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2538 AC_TRY_COMPILE(
cdd66111 2539 [ #include <sys/types.h> ],
2540 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2541 [ ac_cv_have_intxx_t="yes" ],
2542 [ ac_cv_have_intxx_t="no" ]
2543 )
2544])
2545if test "x$ac_cv_have_intxx_t" = "xyes" ; then
2c06c99b 2546 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2547 have_intxx_t=1
2548fi
2549
2550if (test -z "$have_intxx_t" && \
cdd66111 2551 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2552then
2553 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2554 AC_TRY_COMPILE(
cdd66111 2555 [ #include <stdint.h> ],
2556 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2557 [
2558 AC_DEFINE(HAVE_INTXX_T)
2559 AC_MSG_RESULT(yes)
2560 ],
2561 [ AC_MSG_RESULT(no) ]
2562 )
2563fi
2564
2565AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2566 AC_TRY_COMPILE(
41b2f314 2567 [
2568#include <sys/types.h>
2569#ifdef HAVE_STDINT_H
2570# include <stdint.h>
2571#endif
2572#include <sys/socket.h>
2573#ifdef HAVE_SYS_BITYPES_H
2574# include <sys/bitypes.h>
2575#endif
cdd66111 2576 ],
2577 [ int64_t a; a = 1;],
3c0ef626 2578 [ ac_cv_have_int64_t="yes" ],
2579 [ ac_cv_have_int64_t="no" ]
2580 )
2581])
2582if test "x$ac_cv_have_int64_t" = "xyes" ; then
2c06c99b 2583 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9a17296 2584fi
2585
3c0ef626 2586AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2587 AC_TRY_COMPILE(
cdd66111 2588 [ #include <sys/types.h> ],
2589 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2590 [ ac_cv_have_u_intxx_t="yes" ],
2591 [ ac_cv_have_u_intxx_t="no" ]
2592 )
2593])
2594if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
2c06c99b 2595 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2596 have_u_intxx_t=1
2597fi
2598
2599if test -z "$have_u_intxx_t" ; then
2600 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2601 AC_TRY_COMPILE(
cdd66111 2602 [ #include <sys/socket.h> ],
2603 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2604 [
2605 AC_DEFINE(HAVE_U_INTXX_T)
2606 AC_MSG_RESULT(yes)
2607 ],
2608 [ AC_MSG_RESULT(no) ]
2609 )
2610fi
2611
2612AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2613 AC_TRY_COMPILE(
cdd66111 2614 [ #include <sys/types.h> ],
2615 [ u_int64_t a; a = 1;],
3c0ef626 2616 [ ac_cv_have_u_int64_t="yes" ],
2617 [ ac_cv_have_u_int64_t="no" ]
2618 )
2619])
2620if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2c06c99b 2621 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2622 have_u_int64_t=1
2623fi
2624
e9a17296 2625if test -z "$have_u_int64_t" ; then
2626 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2627 AC_TRY_COMPILE(
cdd66111 2628 [ #include <sys/bitypes.h> ],
e9a17296 2629 [ u_int64_t a; a = 1],
2630 [
2631 AC_DEFINE(HAVE_U_INT64_T)
2632 AC_MSG_RESULT(yes)
2633 ],
2634 [ AC_MSG_RESULT(no) ]
2635 )
2636fi
2637
3c0ef626 2638if test -z "$have_u_intxx_t" ; then
2639 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2640 AC_TRY_COMPILE(
2641 [
2642#include <sys/types.h>
cdd66111 2643 ],
2644 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2645 [ ac_cv_have_uintxx_t="yes" ],
2646 [ ac_cv_have_uintxx_t="no" ]
2647 )
2648 ])
2649 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2c06c99b 2650 AC_DEFINE(HAVE_UINTXX_T, 1,
2651 [define if you have uintxx_t data type])
3c0ef626 2652 fi
2653fi
2654
2655if test -z "$have_uintxx_t" ; then
2656 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2657 AC_TRY_COMPILE(
cdd66111 2658 [ #include <stdint.h> ],
2659 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2660 [
2661 AC_DEFINE(HAVE_UINTXX_T)
2662 AC_MSG_RESULT(yes)
2663 ],
2664 [ AC_MSG_RESULT(no) ]
2665 )
2666fi
2667
2668if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
cdd66111 2669 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2670then
2671 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2672 AC_TRY_COMPILE(
2673 [
2674#include <sys/bitypes.h>
cdd66111 2675 ],
3c0ef626 2676 [
2677 int8_t a; int16_t b; int32_t c;
2678 u_int8_t e; u_int16_t f; u_int32_t g;
2679 a = b = c = e = f = g = 1;
cdd66111 2680 ],
3c0ef626 2681 [
2682 AC_DEFINE(HAVE_U_INTXX_T)
2683 AC_DEFINE(HAVE_INTXX_T)
2684 AC_MSG_RESULT(yes)
2685 ],
2686 [AC_MSG_RESULT(no)]
cdd66111 2687 )
3c0ef626 2688fi
2689
2690
2691AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2692 AC_TRY_COMPILE(
2693 [
2694#include <sys/types.h>
2695 ],
2696 [ u_char foo; foo = 125; ],
2697 [ ac_cv_have_u_char="yes" ],
2698 [ ac_cv_have_u_char="no" ]
2699 )
2700])
2701if test "x$ac_cv_have_u_char" = "xyes" ; then
2c06c99b 2702 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2703fi
2704
2705TYPE_SOCKLEN_T
2706
e9a17296 2707AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22616013 2708AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2709#include <sys/types.h>
2710#ifdef HAVE_SYS_BITYPES_H
2711#include <sys/bitypes.h>
2712#endif
2713#ifdef HAVE_SYS_STATFS_H
2714#include <sys/statfs.h>
2715#endif
2716#ifdef HAVE_SYS_STATVFS_H
2717#include <sys/statvfs.h>
2718#endif
2719])
e9a17296 2720
996d5e62 2721AC_CHECK_TYPES(in_addr_t,,,
2722[#include <sys/types.h>
2723#include <netinet/in.h>])
2724
3c0ef626 2725AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2726 AC_TRY_COMPILE(
2727 [
2728#include <sys/types.h>
2729 ],
2730 [ size_t foo; foo = 1235; ],
2731 [ ac_cv_have_size_t="yes" ],
2732 [ ac_cv_have_size_t="no" ]
2733 )
2734])
2735if test "x$ac_cv_have_size_t" = "xyes" ; then
2c06c99b 2736 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2737fi
2738
2739AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2740 AC_TRY_COMPILE(
2741 [
2742#include <sys/types.h>
2743 ],
2744 [ ssize_t foo; foo = 1235; ],
2745 [ ac_cv_have_ssize_t="yes" ],
2746 [ ac_cv_have_ssize_t="no" ]
2747 )
2748])
2749if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2c06c99b 2750 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2751fi
2752
2753AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2754 AC_TRY_COMPILE(
2755 [
2756#include <time.h>
2757 ],
2758 [ clock_t foo; foo = 1235; ],
2759 [ ac_cv_have_clock_t="yes" ],
2760 [ ac_cv_have_clock_t="no" ]
2761 )
2762])
2763if test "x$ac_cv_have_clock_t" = "xyes" ; then
2c06c99b 2764 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2765fi
2766
2767AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2768 AC_TRY_COMPILE(
2769 [
2770#include <sys/types.h>
2771#include <sys/socket.h>
2772 ],
2773 [ sa_family_t foo; foo = 1235; ],
2774 [ ac_cv_have_sa_family_t="yes" ],
2775 [ AC_TRY_COMPILE(
2776 [
2777#include <sys/types.h>
2778#include <sys/socket.h>
2779#include <netinet/in.h>
2780 ],
2781 [ sa_family_t foo; foo = 1235; ],
2782 [ ac_cv_have_sa_family_t="yes" ],
2783
2784 [ ac_cv_have_sa_family_t="no" ]
2785 )]
2786 )
2787])
2788if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2c06c99b 2789 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2790 [define if you have sa_family_t data type])
3c0ef626 2791fi
2792
2793AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2794 AC_TRY_COMPILE(
2795 [
2796#include <sys/types.h>
2797 ],
2798 [ pid_t foo; foo = 1235; ],
2799 [ ac_cv_have_pid_t="yes" ],
2800 [ ac_cv_have_pid_t="no" ]
2801 )
2802])
2803if test "x$ac_cv_have_pid_t" = "xyes" ; then
2c06c99b 2804 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2805fi
2806
2807AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2808 AC_TRY_COMPILE(
2809 [
2810#include <sys/types.h>
2811 ],
2812 [ mode_t foo; foo = 1235; ],
2813 [ ac_cv_have_mode_t="yes" ],
2814 [ ac_cv_have_mode_t="no" ]
2815 )
2816])
2817if test "x$ac_cv_have_mode_t" = "xyes" ; then
2c06c99b 2818 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2819fi
2820
2821
2822AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2823 AC_TRY_COMPILE(
2824 [
2825#include <sys/types.h>
2826#include <sys/socket.h>
2827 ],
2828 [ struct sockaddr_storage s; ],
2829 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2830 [ ac_cv_have_struct_sockaddr_storage="no" ]
2831 )
2832])
2833if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2c06c99b 2834 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2835 [define if you have struct sockaddr_storage data type])
3c0ef626 2836fi
2837
2838AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2839 AC_TRY_COMPILE(
2840 [
2841#include <sys/types.h>
2842#include <netinet/in.h>
2843 ],
2844 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2845 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2846 [ ac_cv_have_struct_sockaddr_in6="no" ]
2847 )
2848])
2849if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2c06c99b 2850 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2851 [define if you have struct sockaddr_in6 data type])
3c0ef626 2852fi
2853
2854AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2855 AC_TRY_COMPILE(
2856 [
2857#include <sys/types.h>
2858#include <netinet/in.h>
2859 ],
2860 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2861 [ ac_cv_have_struct_in6_addr="yes" ],
2862 [ ac_cv_have_struct_in6_addr="no" ]
2863 )
2864])
2865if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2c06c99b 2866 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2867 [define if you have struct in6_addr data type])
91d9cdd3 2868
2869dnl Now check for sin6_scope_id
2870 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2871 [
2872#ifdef HAVE_SYS_TYPES_H
2873#include <sys/types.h>
2874#endif
2875#include <netinet/in.h>
2876 ])
3c0ef626 2877fi
2878
2879AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2880 AC_TRY_COMPILE(
2881 [
2882#include <sys/types.h>
2883#include <sys/socket.h>
2884#include <netdb.h>
2885 ],
2886 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2887 [ ac_cv_have_struct_addrinfo="yes" ],
2888 [ ac_cv_have_struct_addrinfo="no" ]
2889 )
2890])
2891if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2c06c99b 2892 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2893 [define if you have struct addrinfo data type])
3c0ef626 2894fi
2895
2896AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2897 AC_TRY_COMPILE(
cdd66111 2898 [ #include <sys/time.h> ],
2899 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2900 [ ac_cv_have_struct_timeval="yes" ],
2901 [ ac_cv_have_struct_timeval="no" ]
2902 )
2903])
2904if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2c06c99b 2905 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2906 have_struct_timeval=1
2907fi
2908
6a9b3198 2909AC_CHECK_TYPES(struct timespec)
2910
2911# We need int64_t or else certian parts of the compile will fail.
dec6d9fe 2912if test "x$ac_cv_have_int64_t" = "xno" && \
2913 test "x$ac_cv_sizeof_long_int" != "x8" && \
2914 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
6a9b3198 2915 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2916 echo "an alternative compiler (I.E., GCC) before continuing."
2917 echo ""
2918 exit 1;
3c0ef626 2919else
2920dnl test snprintf (broken on SCO w/gcc)
996d5e62 2921 AC_RUN_IFELSE(
2922 [AC_LANG_SOURCE([[
3c0ef626 2923#include <stdio.h>
2924#include <string.h>
2925#ifdef HAVE_SNPRINTF
2926main()
2927{
2928 char buf[50];
2929 char expected_out[50];
2930 int mazsize = 50 ;
2931#if (SIZEOF_LONG_INT == 8)
2932 long int num = 0x7fffffffffffffff;
2933#else
2934 long long num = 0x7fffffffffffffffll;
2935#endif
2936 strcpy(expected_out, "9223372036854775807");
2937 snprintf(buf, mazsize, "%lld", num);
2938 if(strcmp(buf, expected_out) != 0)
cdd66111 2939 exit(1);
3c0ef626 2940 exit(0);
2941}
2942#else
2943main() { exit(0); }
2944#endif
996d5e62 2945 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2946 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2947 )
2948fi
3c0ef626 2949
2950dnl Checks for structure members
2951OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2952OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2953OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2954OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2955OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2956OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2957OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2958OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2959OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2960OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2961OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2962OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2963OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2964OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2965OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2966OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2967OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2968
2969AC_CHECK_MEMBERS([struct stat.st_blksize])
2c06c99b 2970AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2971 [Define if we don't have struct __res_state in resolv.h])],
2972[
2973#include <stdio.h>
2974#if HAVE_SYS_TYPES_H
2975# include <sys/types.h>
2976#endif
2977#include <netinet/in.h>
2978#include <arpa/nameser.h>
2979#include <resolv.h>
2980])
3c0ef626 2981
2982AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2983 ac_cv_have_ss_family_in_struct_ss, [
2984 AC_TRY_COMPILE(
2985 [
2986#include <sys/types.h>
2987#include <sys/socket.h>
2988 ],
2989 [ struct sockaddr_storage s; s.ss_family = 1; ],
2990 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2991 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2992 )
2993])
2994if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 2995 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2996fi
2997
2998AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2999 ac_cv_have___ss_family_in_struct_ss, [
3000 AC_TRY_COMPILE(
3001 [
3002#include <sys/types.h>
3003#include <sys/socket.h>
3004 ],
3005 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3006 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3007 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3008 )
3009])
3010if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2c06c99b 3011 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3012 [Fields in struct sockaddr_storage])
3c0ef626 3013fi
3014
3015AC_CACHE_CHECK([for pw_class field in struct passwd],
3016 ac_cv_have_pw_class_in_struct_passwd, [
3017 AC_TRY_COMPILE(
3018 [
3019#include <pwd.h>
3020 ],
3021 [ struct passwd p; p.pw_class = 0; ],
3022 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3023 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3024 )
3025])
3026if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2c06c99b 3027 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3028 [Define if your password has a pw_class field])
3c0ef626 3029fi
3030
3031AC_CACHE_CHECK([for pw_expire field in struct passwd],
3032 ac_cv_have_pw_expire_in_struct_passwd, [
3033 AC_TRY_COMPILE(
3034 [
3035#include <pwd.h>
3036 ],
3037 [ struct passwd p; p.pw_expire = 0; ],
3038 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3039 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3040 )
3041])
3042if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2c06c99b 3043 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3044 [Define if your password has a pw_expire field])
3c0ef626 3045fi
3046
3047AC_CACHE_CHECK([for pw_change field in struct passwd],
3048 ac_cv_have_pw_change_in_struct_passwd, [
3049 AC_TRY_COMPILE(
3050 [
3051#include <pwd.h>
3052 ],
3053 [ struct passwd p; p.pw_change = 0; ],
3054 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3055 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3056 )
3057])
3058if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2c06c99b 3059 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3060 [Define if your password has a pw_change field])
3c0ef626 3061fi
3062
fba3c309 3063dnl make sure we're using the real structure members and not defines
700318f3 3064AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3065 ac_cv_have_accrights_in_msghdr, [
996d5e62 3066 AC_COMPILE_IFELSE(
700318f3 3067 [
3068#include <sys/types.h>
3069#include <sys/socket.h>
3070#include <sys/uio.h>
fba3c309 3071int main() {
3072#ifdef msg_accrights
996d5e62 3073#error "msg_accrights is a macro"
fba3c309 3074exit(1);
3075#endif
3076struct msghdr m;
3077m.msg_accrights = 0;
3078exit(0);
3079}
700318f3 3080 ],
700318f3 3081 [ ac_cv_have_accrights_in_msghdr="yes" ],
3082 [ ac_cv_have_accrights_in_msghdr="no" ]
3083 )
3084])
3085if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2c06c99b 3086 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3087 [Define if your system uses access rights style
3088 file descriptor passing])
700318f3 3089fi
3090
22616013 3091AC_MSG_CHECKING(if f_fsid has val members)
3092AC_TRY_COMPILE([
3093#include <sys/types.h>
3094#include <sys/statvfs.h>],
3095[struct fsid_t t; t.val[0] = 0;],
3096 [ AC_MSG_RESULT(yes)
3097 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3098 [ AC_MSG_RESULT(no) ]
3099)
3100
700318f3 3101AC_CACHE_CHECK([for msg_control field in struct msghdr],
3102 ac_cv_have_control_in_msghdr, [
996d5e62 3103 AC_COMPILE_IFELSE(
700318f3 3104 [
3105#include <sys/types.h>
3106#include <sys/socket.h>
3107#include <sys/uio.h>
fba3c309 3108int main() {
3109#ifdef msg_control
996d5e62 3110#error "msg_control is a macro"
fba3c309 3111exit(1);
3112#endif
3113struct msghdr m;
3114m.msg_control = 0;
3115exit(0);
3116}
700318f3 3117 ],
700318f3 3118 [ ac_cv_have_control_in_msghdr="yes" ],
3119 [ ac_cv_have_control_in_msghdr="no" ]
3120 )
3121])
3122if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2c06c99b 3123 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3124 [Define if your system uses ancillary data style
3125 file descriptor passing])
700318f3 3126fi
3127
3c0ef626 3128AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
cdd66111 3129 AC_TRY_LINK([],
3130 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3131 [ ac_cv_libc_defines___progname="yes" ],
3132 [ ac_cv_libc_defines___progname="no" ]
3133 )
3134])
3135if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2c06c99b 3136 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3137fi
3138
700318f3 3139AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3140 AC_TRY_LINK([
3141#include <stdio.h>
cdd66111 3142],
3143 [ printf("%s", __FUNCTION__); ],
700318f3 3144 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3145 [ ac_cv_cc_implements___FUNCTION__="no" ]
3146 )
3147])
3148if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2c06c99b 3149 AC_DEFINE(HAVE___FUNCTION__, 1,
3150 [Define if compiler implements __FUNCTION__])
700318f3 3151fi
3152
3153AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3154 AC_TRY_LINK([
3155#include <stdio.h>
cdd66111 3156],
3157 [ printf("%s", __func__); ],
700318f3 3158 [ ac_cv_cc_implements___func__="yes" ],
3159 [ ac_cv_cc_implements___func__="no" ]
3160 )
3161])
3162if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2c06c99b 3163 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3164fi
3165
3166AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3167 AC_TRY_LINK(
3168 [#include <stdarg.h>
3169 va_list x,y;],
3170 [va_copy(x,y);],
3171 [ ac_cv_have_va_copy="yes" ],
3172 [ ac_cv_have_va_copy="no" ]
3173 )
3174])
3175if test "x$ac_cv_have_va_copy" = "xyes" ; then
3176 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3177fi
3178
3179AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3180 AC_TRY_LINK(
3181 [#include <stdarg.h>
3182 va_list x,y;],
3183 [__va_copy(x,y);],
3184 [ ac_cv_have___va_copy="yes" ],
3185 [ ac_cv_have___va_copy="no" ]
3186 )
3187])
3188if test "x$ac_cv_have___va_copy" = "xyes" ; then
3189 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
700318f3 3190fi
3191
3c0ef626 3192AC_CACHE_CHECK([whether getopt has optreset support],
3193 ac_cv_have_getopt_optreset, [
3194 AC_TRY_LINK(
3195 [
3196#include <getopt.h>
3197 ],
3198 [ extern int optreset; optreset = 0; ],
3199 [ ac_cv_have_getopt_optreset="yes" ],
3200 [ ac_cv_have_getopt_optreset="no" ]
3201 )
3202])
3203if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2c06c99b 3204 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3205 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3206fi
3207
3208AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
cdd66111 3209 AC_TRY_LINK([],
3210 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3211 [ ac_cv_libc_defines_sys_errlist="yes" ],
3212 [ ac_cv_libc_defines_sys_errlist="no" ]
3213 )
3214])
3215if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2c06c99b 3216 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3217 [Define if your system defines sys_errlist[]])
3c0ef626 3218fi
3219
3220
3221AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
cdd66111 3222 AC_TRY_LINK([],
3223 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3224 [ ac_cv_libc_defines_sys_nerr="yes" ],
3225 [ ac_cv_libc_defines_sys_nerr="no" ]
3226 )
3227])
3228if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2c06c99b 3229 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3230fi
3231
cdd66111 3232SCARD_MSG="no"
700318f3 3233# Check whether user wants sectok support
3234AC_ARG_WITH(sectok,
3235 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3236 [
3237 if test "x$withval" != "xno" ; then
3238 if test "x$withval" != "xyes" ; then
3239 CPPFLAGS="$CPPFLAGS -I${withval}"
3240 LDFLAGS="$LDFLAGS -L${withval}"
3241 if test ! -z "$need_dash_r" ; then
3242 LDFLAGS="$LDFLAGS -R${withval}"
3243 fi
3244 if test ! -z "$blibpath" ; then
3245 blibpath="$blibpath:${withval}"
3246 fi
3247 fi
3248 AC_CHECK_HEADERS(sectok.h)
3249 if test "$ac_cv_header_sectok_h" != yes; then
3250 AC_MSG_ERROR(Can't find sectok.h)
3251 fi
3252 AC_CHECK_LIB(sectok, sectok_open)
3253 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3254 AC_MSG_ERROR(Can't find libsectok)
3255 fi
2c06c99b 3256 AC_DEFINE(SMARTCARD, 1,
3257 [Define if you want smartcard support])
3258 AC_DEFINE(USE_SECTOK, 1,
3259 [Define if you want smartcard support
3260 using sectok])
cdd66111 3261 SCARD_MSG="yes, using sectok"
3c0ef626 3262 fi
3263 ]
3264)
3265
700318f3 3266# Check whether user wants OpenSC support
dec6d9fe 3267OPENSC_CONFIG="no"
700318f3 3268AC_ARG_WITH(opensc,
2c06c99b 3269 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
dec6d9fe 3270 [
3271 if test "x$withval" != "xno" ; then
3272 if test "x$withval" != "xyes" ; then
3273 OPENSC_CONFIG=$withval/bin/opensc-config
3274 else
3275 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3276 fi
3277 if test "$OPENSC_CONFIG" != "no"; then
3278 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3279 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3280 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
9108f8d9 3281 LIBS="$LIBS $LIBOPENSC_LIBS"
dec6d9fe 3282 AC_DEFINE(SMARTCARD)
2c06c99b 3283 AC_DEFINE(USE_OPENSC, 1,
3284 [Define if you want smartcard support
3285 using OpenSC])
dec6d9fe 3286 SCARD_MSG="yes, using OpenSC"
3287 fi
3288 fi
3289 ]
3290)
700318f3 3291
cdd66111 3292# Check libraries needed by DNS fingerprint support
3293AC_SEARCH_LIBS(getrrsetbyname, resolv,
2c06c99b 3294 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3295 [Define if getrrsetbyname() exists])],
0fff78ff 3296 [
cdd66111 3297 # Needed by our getrrsetbyname()
3298 AC_SEARCH_LIBS(res_query, resolv)
3299 AC_SEARCH_LIBS(dn_expand, resolv)
c9f39d2c 3300 AC_MSG_CHECKING(if res_query will link)
3301 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3302 [AC_MSG_RESULT(no)
3303 saved_LIBS="$LIBS"
3304 LIBS="$LIBS -lresolv"
3305 AC_MSG_CHECKING(for res_query in -lresolv)
3306 AC_LINK_IFELSE([
3307#include <resolv.h>
3308int main()
3309{
3310 res_query (0, 0, 0, 0, 0);
3311 return 0;
3312}
3313 ],
3314 [LIBS="$LIBS -lresolv"
3315 AC_MSG_RESULT(yes)],
3316 [LIBS="$saved_LIBS"
3317 AC_MSG_RESULT(no)])
3318 ])
cdd66111 3319 AC_CHECK_FUNCS(_getshort _getlong)
665a873d 3320 AC_CHECK_DECLS([_getshort, _getlong], , ,
3321 [#include <sys/types.h>
3322 #include <arpa/nameser.h>])
cdd66111 3323 AC_CHECK_MEMBER(HEADER.ad,
2c06c99b 3324 [AC_DEFINE(HAVE_HEADER_AD, 1,
3325 [Define if HEADER.ad exists in arpa/nameser.h])],,
cdd66111 3326 [#include <arpa/nameser.h>])
3327 ])
0fff78ff 3328
d4487008 3329AC_MSG_CHECKING(if struct __res_state _res is an extern)
3330AC_LINK_IFELSE([
3331#include <stdio.h>
3332#if HAVE_SYS_TYPES_H
3333# include <sys/types.h>
3334#endif
3335#include <netinet/in.h>
3336#include <arpa/nameser.h>
3337#include <resolv.h>
3338extern struct __res_state _res;
3339int main() { return 0; }
3340 ],
3341 [AC_MSG_RESULT(yes)
3342 AC_DEFINE(HAVE__RES_EXTERN, 1,
3343 [Define if you have struct __res_state _res as an extern])
3344 ],
3345 [ AC_MSG_RESULT(no) ]
3346)
3347
9108f8d9 3348# Check whether user wants SELinux support
3349SELINUX_MSG="no"
3350LIBSELINUX=""
3351AC_ARG_WITH(selinux,
47686178 3352 [ --with-selinux Enable SELinux support],
9108f8d9 3353 [ if test "x$withval" != "xno" ; then
d4487008 3354 save_LIBS="$LIBS"
9108f8d9 3355 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3356 SELINUX_MSG="yes"
3357 AC_CHECK_HEADER([selinux/selinux.h], ,
3358 AC_MSG_ERROR(SELinux support requires selinux.h header))
3359 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3360 AC_MSG_ERROR(SELinux support requires libselinux library))
d4487008 3361 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
9108f8d9 3362 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
ff7ec503 3363 LIBS="$save_LIBS"
9108f8d9 3364 fi ]
3365)
9108f8d9 3366
700318f3 3367# Check whether user wants Kerberos 5 support
cdd66111 3368KRB5_MSG="no"
700318f3 3369AC_ARG_WITH(kerberos5,
cdd66111 3370 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3371 [ if test "x$withval" != "xno" ; then
3372 if test "x$withval" = "xyes" ; then
3373 KRB5ROOT="/usr/local"
3374 else
3375 KRB5ROOT=${withval}
3376 fi
3377
2c06c99b 3378 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
cdd66111 3379 KRB5_MSG="yes"
3380
3381 AC_MSG_CHECKING(for krb5-config)
3382 if test -x $KRB5ROOT/bin/krb5-config ; then
3383 KRB5CONF=$KRB5ROOT/bin/krb5-config
3384 AC_MSG_RESULT($KRB5CONF)
3385
3386 AC_MSG_CHECKING(for gssapi support)
3387 if $KRB5CONF | grep gssapi >/dev/null ; then
3388 AC_MSG_RESULT(yes)
2c06c99b 3389 AC_DEFINE(GSSAPI, 1,
3390 [Define this if you want GSSAPI
3391 support in the version 2 protocol])
cdd66111 3392 k5confopts=gssapi
3393 else
3394 AC_MSG_RESULT(no)
3395 k5confopts=""
3396 fi
3397 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3398 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3399 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3400 AC_MSG_CHECKING(whether we are using Heimdal)
3401 AC_TRY_COMPILE([ #include <krb5.h> ],
3402 [ char *tmp = heimdal_version; ],
3403 [ AC_MSG_RESULT(yes)
2c06c99b 3404 AC_DEFINE(HEIMDAL, 1,
3405 [Define this if you are using the
3406 Heimdal version of Kerberos V5]) ],
cdd66111 3407 AC_MSG_RESULT(no)
3408 )
3409 else
3410 AC_MSG_RESULT(no)
700318f3 3411 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
cdd66111 3412 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3413 AC_MSG_CHECKING(whether we are using Heimdal)
3414 AC_TRY_COMPILE([ #include <krb5.h> ],
3415 [ char *tmp = heimdal_version; ],
3416 [ AC_MSG_RESULT(yes)
3417 AC_DEFINE(HEIMDAL)
c9f39d2c 3418 K5LIBS="-lkrb5 -ldes"
3419 K5LIBS="$K5LIBS -lcom_err -lasn1"
dec6d9fe 3420 AC_CHECK_LIB(roken, net_write,
c9f39d2c 3421 [K5LIBS="$K5LIBS -lroken"])
cdd66111 3422 ],
3423 [ AC_MSG_RESULT(no)
3424 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3425 ]
3426 )
0fff78ff 3427 AC_SEARCH_LIBS(dn_expand, resolv)
3428
22616013 3429 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
0fff78ff 3430 [ AC_DEFINE(GSSAPI)
22616013 3431 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3432 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
0fff78ff 3433 [ AC_DEFINE(GSSAPI)
22616013 3434 K5LIBS="-lgssapi $K5LIBS" ],
0fff78ff 3435 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3436 $K5LIBS)
3437 ],
3438 $K5LIBS)
dec6d9fe 3439
0fff78ff 3440 AC_CHECK_HEADER(gssapi.h, ,
3441 [ unset ac_cv_header_gssapi_h
cdd66111 3442 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
0fff78ff 3443 AC_CHECK_HEADERS(gssapi.h, ,
3444 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
cdd66111 3445 )
0fff78ff 3446 ]
3447 )
3448
3449 oldCPP="$CPPFLAGS"
3450 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3451 AC_CHECK_HEADER(gssapi_krb5.h, ,
3452 [ CPPFLAGS="$oldCPP" ])
700318f3 3453
cdd66111 3454 fi
3455 if test ! -z "$need_dash_r" ; then
3456 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3457 fi
3458 if test ! -z "$blibpath" ; then
3459 blibpath="$blibpath:${KRB5ROOT}/lib"
3460 fi
cdd66111 3461
2c06c99b 3462 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3463 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3464 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
cdd66111 3465
2c06c99b 3466 LIBS="$LIBS $K5LIBS"
3467 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3468 [Define this if you want to use libkafs' AFS support]))
3469 fi
cdd66111 3470 ]
700318f3 3471)
3c0ef626 3472
3473# Looking for programs, paths and files
3c0ef626 3474
700318f3 3475PRIVSEP_PATH=/var/empty
3476AC_ARG_WITH(privsep-path,
41b2f314 3477 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
700318f3 3478 [
dec6d9fe 3479 if test -n "$withval" && test "x$withval" != "xno" && \
3480 test "x${withval}" != "xyes"; then
700318f3 3481 PRIVSEP_PATH=$withval
3482 fi
3483 ]
3484)
3485AC_SUBST(PRIVSEP_PATH)
3486
3c0ef626 3487AC_ARG_WITH(xauth,
3488 [ --with-xauth=PATH Specify path to xauth program ],
3489 [
dec6d9fe 3490 if test -n "$withval" && test "x$withval" != "xno" && \
3491 test "x${withval}" != "xyes"; then
3c0ef626 3492 xauth_path=$withval
3493 fi
3494 ],
3495 [
41b2f314 3496 TestPath="$PATH"
3497 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3498 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3499 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3500 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3501 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3502 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3503 xauth_path="/usr/openwin/bin/xauth"
3504 fi
3505 ]
3506)
3507
6a9b3198 3508STRIP_OPT=-s
3509AC_ARG_ENABLE(strip,
3510 [ --disable-strip Disable calling strip(1) on install],
3511 [
3512 if test "x$enableval" = "xno" ; then
3513 STRIP_OPT=
3514 fi
3515 ]
3516)
3517AC_SUBST(STRIP_OPT)
3518
3c0ef626 3519if test -z "$xauth_path" ; then
3520 XAUTH_PATH="undefined"
3521 AC_SUBST(XAUTH_PATH)
3522else
2c06c99b 3523 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3524 [Define if xauth is found in your path])
3c0ef626 3525 XAUTH_PATH=$xauth_path
3526 AC_SUBST(XAUTH_PATH)
3527fi
3c0ef626 3528
3529# Check for mail directory (last resort if we cannot get it from headers)
3530if test ! -z "$MAIL" ; then
3531 maildir=`dirname $MAIL`
2c06c99b 3532 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3533 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3534fi
3535
996d5e62 3536if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3537 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3538 disable_ptmx_check=yes
3539fi
3c0ef626 3540if test -z "$no_dev_ptmx" ; then
700318f3 3541 if test "x$disable_ptmx_check" != "xyes" ; then
cdd66111 3542 AC_CHECK_FILE("/dev/ptmx",
700318f3 3543 [
2c06c99b 3544 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3545 [Define if you have /dev/ptmx])
700318f3 3546 have_dev_ptmx=1
3547 ]
3548 )
3549 fi
3c0ef626 3550fi
996d5e62 3551
3552if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3553 AC_CHECK_FILE("/dev/ptc",
3554 [
2c06c99b 3555 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3556 [Define if you have /dev/ptc])
996d5e62 3557 have_dev_ptc=1
3558 ]
3559 )
3560else
3561 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3562fi
3c0ef626 3563
3564# Options from here on. Some of these are preset by platform above
3c0ef626 3565AC_ARG_WITH(mantype,
3566 [ --with-mantype=man|cat|doc Set man page type],
3567 [
3568 case "$withval" in
3569 man|cat|doc)
3570 MANTYPE=$withval
3571 ;;
3572 *)
3573 AC_MSG_ERROR(invalid man type: $withval)
3574 ;;
3575 esac
3576 ]
3577)
3578if test -z "$MANTYPE"; then
41b2f314 3579 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3580 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3581 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3582 MANTYPE=doc
3583 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3584 MANTYPE=man
3585 else
3586 MANTYPE=cat
3587 fi
3588fi
3589AC_SUBST(MANTYPE)
3590if test "$MANTYPE" = "doc"; then
3591 mansubdir=man;
3592else
3593 mansubdir=$MANTYPE;
3594fi
3595AC_SUBST(mansubdir)
3596
3597# Check whether to enable MD5 passwords
cdd66111 3598MD5_MSG="no"
3c0ef626 3599AC_ARG_WITH(md5-passwords,
3600 [ --with-md5-passwords Enable use of MD5 passwords],
3601 [
3602 if test "x$withval" != "xno" ; then
2c06c99b 3603 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3604 [Define if you want to allow MD5 passwords])
cdd66111 3605 MD5_MSG="yes"
3c0ef626 3606 fi
3607 ]
3608)
3609
3610# Whether to disable shadow password support
3611AC_ARG_WITH(shadow,
3612 [ --without-shadow Disable shadow password support],
3613 [
dec6d9fe 3614 if test "x$withval" = "xno" ; then
3c0ef626 3615 AC_DEFINE(DISABLE_SHADOW)
3616 disable_shadow=yes
3617 fi
3618 ]
3619)
3620
3621if test -z "$disable_shadow" ; then
3622 AC_MSG_CHECKING([if the systems has expire shadow information])
3623 AC_TRY_COMPILE(
3624 [
3625#include <sys/types.h>
3626#include <shadow.h>
3627 struct spwd sp;
3628 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3629 [ sp_expire_available=yes ], []
3630 )
3631
3632 if test "x$sp_expire_available" = "xyes" ; then
3633 AC_MSG_RESULT(yes)
2c06c99b 3634 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3635 [Define if you want to use shadow password expire field])
3c0ef626 3636 else
3637 AC_MSG_RESULT(no)
3638 fi
3639fi
3640
3641# Use ip address instead of hostname in $DISPLAY
3642if test ! -z "$IPADDR_IN_DISPLAY" ; then
3643 DISPLAY_HACK_MSG="yes"
2c06c99b 3644 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3645 [Define if you need to use IP address
3646 instead of hostname in $DISPLAY])
3c0ef626 3647else
cdd66111 3648 DISPLAY_HACK_MSG="no"
3c0ef626 3649 AC_ARG_WITH(ipaddr-display,
3650 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3651 [
dec6d9fe 3652 if test "x$withval" != "xno" ; then
3c0ef626 3653 AC_DEFINE(IPADDR_IN_DISPLAY)
cdd66111 3654 DISPLAY_HACK_MSG="yes"
3c0ef626 3655 fi
3656 ]
3657 )
3658fi
3659
0fff78ff 3660# check for /etc/default/login and use it if present.
acc3d05e 3661AC_ARG_ENABLE(etc-default-login,
996d5e62 3662 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3663 [ if test "x$enableval" = "xno"; then
3664 AC_MSG_NOTICE([/etc/default/login handling disabled])
3665 etc_default_login=no
3666 else
3667 etc_default_login=yes
3668 fi ],
2c06c99b 3669 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3670 then
3671 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3672 etc_default_login=no
3673 else
3674 etc_default_login=yes
3675 fi ]
996d5e62 3676)
0fff78ff 3677
996d5e62 3678if test "x$etc_default_login" != "xno"; then
3679 AC_CHECK_FILE("/etc/default/login",
3680 [ external_path_file=/etc/default/login ])
2c06c99b 3681 if test "x$external_path_file" = "x/etc/default/login"; then
3682 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3683 [Define if your system has /etc/default/login])
996d5e62 3684 fi
0fff78ff 3685fi
3686
700318f3 3687dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
dec6d9fe 3688if test $ac_cv_func_login_getcapbool = "yes" && \
3689 test $ac_cv_header_login_cap_h = "yes" ; then
0fff78ff 3690 external_path_file=/etc/login.conf
700318f3 3691fi
0fff78ff 3692
3c0ef626 3693# Whether to mess with the default path
cdd66111 3694SERVER_PATH_MSG="(default)"
3c0ef626 3695AC_ARG_WITH(default-path,
700318f3 3696 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3697 [
0fff78ff 3698 if test "x$external_path_file" = "x/etc/login.conf" ; then
700318f3 3699 AC_MSG_WARN([
3700--with-default-path=PATH has no effect on this system.
3701Edit /etc/login.conf instead.])
dec6d9fe 3702 elif test "x$withval" != "xno" ; then
0fff78ff 3703 if test ! -z "$external_path_file" ; then
3704 AC_MSG_WARN([
3705--with-default-path=PATH will only be used if PATH is not defined in
3706$external_path_file .])
3707 fi
3c0ef626 3708 user_path="$withval"
cdd66111 3709 SERVER_PATH_MSG="$withval"
3c0ef626 3710 fi
3711 ],
0fff78ff 3712 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3713 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
700318f3 3714 else
0fff78ff 3715 if test ! -z "$external_path_file" ; then
3716 AC_MSG_WARN([
3717If PATH is defined in $external_path_file, ensure the path to scp is included,
3718otherwise scp will not work.])
3719 fi
2c06c99b 3720 AC_RUN_IFELSE(
3721 [AC_LANG_SOURCE([[
3c0ef626 3722/* find out what STDPATH is */
3723#include <stdio.h>
3724#ifdef HAVE_PATHS_H
3725# include <paths.h>
3726#endif
3727#ifndef _PATH_STDPATH
6a9b3198 3728# ifdef _PATH_USERPATH /* Irix */
3729# define _PATH_STDPATH _PATH_USERPATH
3730# else
3731# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3732# endif
3c0ef626 3733#endif
3734#include <sys/types.h>
3735#include <sys/stat.h>
3736#include <fcntl.h>
3737#define DATA "conftest.stdpath"
3738
3739main()
3740{
3741 FILE *fd;
3742 int rc;
dec6d9fe 3743
3c0ef626 3744 fd = fopen(DATA,"w");
3745 if(fd == NULL)
3746 exit(1);
dec6d9fe 3747
3c0ef626 3748 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3749 exit(1);
3750
3751 exit(0);
3752}
2c06c99b 3753 ]])],
3754 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3755 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3756 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3757 )
3758# make sure $bindir is in USER_PATH so scp will work
3759 t_bindir=`eval echo ${bindir}`
3760 case $t_bindir in
3761 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3762 esac
3763 case $t_bindir in
3764 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3765 esac
3766 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3767 if test $? -ne 0 ; then
3768 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3769 if test $? -ne 0 ; then
3770 user_path=$user_path:$t_bindir
3771 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3772 fi
3773 fi
700318f3 3774 fi ]
3775)
0fff78ff 3776if test "x$external_path_file" != "x/etc/login.conf" ; then
2c06c99b 3777 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
700318f3 3778 AC_SUBST(user_path)
3779fi
3780
3781# Set superuser path separately to user path
700318f3 3782AC_ARG_WITH(superuser-path,
3783 [ --with-superuser-path= Specify different path for super-user],
3784 [
dec6d9fe 3785 if test -n "$withval" && test "x$withval" != "xno" && \
3786 test "x${withval}" != "xyes"; then
2c06c99b 3787 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3788 [Define if you want a different $PATH
3789 for the superuser])
700318f3 3790 superuser_path=$withval
3791 fi
3c0ef626 3792 ]
3793)
700318f3 3794
3c0ef626 3795
3c0ef626 3796AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
cdd66111 3797IPV4_IN6_HACK_MSG="no"
3c0ef626 3798AC_ARG_WITH(4in6,
3799 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3800 [
3801 if test "x$withval" != "xno" ; then
3802 AC_MSG_RESULT(yes)
2c06c99b 3803 AC_DEFINE(IPV4_IN_IPV6, 1,
3804 [Detect IPv4 in IPv6 mapped addresses
3805 and treat as IPv4])
cdd66111 3806 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3807 else
3808 AC_MSG_RESULT(no)
3809 fi
3810 ],[
3811 if test "x$inet6_default_4in6" = "xyes"; then
3812 AC_MSG_RESULT([yes (default)])
3813 AC_DEFINE(IPV4_IN_IPV6)
cdd66111 3814 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3815 else
3816 AC_MSG_RESULT([no (default)])
3817 fi
3818 ]
3819)
3820
3821# Whether to enable BSD auth support
e9a17296 3822BSD_AUTH_MSG=no
3c0ef626 3823AC_ARG_WITH(bsd-auth,
3824 [ --with-bsd-auth Enable BSD auth support],
3825 [
dec6d9fe 3826 if test "x$withval" != "xno" ; then
2c06c99b 3827 AC_DEFINE(BSD_AUTH, 1,
3828 [Define if you have BSD auth support])
e9a17296 3829 BSD_AUTH_MSG=yes
3c0ef626 3830 fi
3831 ]
3832)
3833
3c0ef626 3834# Where to place sshd.pid
3835piddir=/var/run
700318f3 3836# make sure the directory exists
dec6d9fe 3837if test ! -d $piddir ; then
700318f3 3838 piddir=`eval echo ${sysconfdir}`
3839 case $piddir in
cdd66111 3840 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
700318f3 3841 esac
3842fi
3843
3c0ef626 3844AC_ARG_WITH(pid-dir,
3845 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3846 [
dec6d9fe 3847 if test -n "$withval" && test "x$withval" != "xno" && \
3848 test "x${withval}" != "xyes"; then
3c0ef626 3849 piddir=$withval
dec6d9fe 3850 if test ! -d $piddir ; then
700318f3 3851 AC_MSG_WARN([** no $piddir directory on this system **])
3852 fi
3c0ef626 3853 fi
3854 ]
3855)
3856
2c06c99b 3857AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3858AC_SUBST(piddir)
3859
3860dnl allow user to disable some login recording features
3861AC_ARG_ENABLE(lastlog,
3862 [ --disable-lastlog disable use of lastlog even if detected [no]],
0fff78ff 3863 [
3864 if test "x$enableval" = "xno" ; then
3865 AC_DEFINE(DISABLE_LASTLOG)
3866 fi
3867 ]
3c0ef626 3868)
3869AC_ARG_ENABLE(utmp,
3870 [ --disable-utmp disable use of utmp even if detected [no]],
0fff78ff 3871 [
3872 if test "x$enableval" = "xno" ; then
3873 AC_DEFINE(DISABLE_UTMP)
3874 fi
3875 ]
3c0ef626 3876)
3877AC_ARG_ENABLE(utmpx,
3878 [ --disable-utmpx disable use of utmpx even if detected [no]],
0fff78ff 3879 [
3880 if test "x$enableval" = "xno" ; then
2c06c99b 3881 AC_DEFINE(DISABLE_UTMPX, 1,
3882 [Define if you don't want to use utmpx])
0fff78ff 3883 fi
3884 ]
3c0ef626 3885)
3886AC_ARG_ENABLE(wtmp,
3887 [ --disable-wtmp disable use of wtmp even if detected [no]],
0fff78ff 3888 [
3889 if test "x$enableval" = "xno" ; then
3890 AC_DEFINE(DISABLE_WTMP)
3891 fi
3892 ]
3c0ef626 3893)
3894AC_ARG_ENABLE(wtmpx,
3895 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
0fff78ff 3896 [
3897 if test "x$enableval" = "xno" ; then
2c06c99b 3898 AC_DEFINE(DISABLE_WTMPX, 1,
3899 [Define if you don't want to use wtmpx])
0fff78ff 3900 fi
3901 ]
3c0ef626 3902)
3903AC_ARG_ENABLE(libutil,
3904 [ --disable-libutil disable use of libutil (login() etc.) [no]],
0fff78ff 3905 [
3906 if test "x$enableval" = "xno" ; then
3907 AC_DEFINE(DISABLE_LOGIN)
3908 fi
3909 ]
3c0ef626 3910)
3911AC_ARG_ENABLE(pututline,
3912 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
0fff78ff 3913 [
3914 if test "x$enableval" = "xno" ; then
2c06c99b 3915 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3916 [Define if you don't want to use pututline()
3917 etc. to write [uw]tmp])
0fff78ff 3918 fi
3919 ]
3c0ef626 3920)
3921AC_ARG_ENABLE(pututxline,
3922 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
0fff78ff 3923 [
3924 if test "x$enableval" = "xno" ; then
2c06c99b 3925 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3926 [Define if you don't want to use pututxline()
3927 etc. to write [uw]tmpx])
0fff78ff 3928 fi
3929 ]
3c0ef626 3930)
3931AC_ARG_WITH(lastlog,
3932 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3933 [
dec6d9fe 3934 if test "x$withval" = "xno" ; then
3c0ef626 3935 AC_DEFINE(DISABLE_LASTLOG)
dec6d9fe 3936 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3937 conf_lastlog_location=$withval
3938 fi
3939 ]
3940)
3941
3942dnl lastlog, [uw]tmpx? detection
3943dnl NOTE: set the paths in the platform section to avoid the
3944dnl need for command-line parameters
3945dnl lastlog and [uw]tmp are subject to a file search if all else fails
3946
3947dnl lastlog detection
3948dnl NOTE: the code itself will detect if lastlog is a directory
3949AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3950AC_TRY_COMPILE([
3951#include <sys/types.h>
3952#include <utmp.h>
3953#ifdef HAVE_LASTLOG_H
3954# include <lastlog.h>
3955#endif
3956#ifdef HAVE_PATHS_H
3957# include <paths.h>
3958#endif
3959#ifdef HAVE_LOGIN_H
3960# include <login.h>
3961#endif
3962 ],
3963 [ char *lastlog = LASTLOG_FILE; ],
3964 [ AC_MSG_RESULT(yes) ],
3965 [
3966 AC_MSG_RESULT(no)
3967 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3968 AC_TRY_COMPILE([
3969#include <sys/types.h>
3970#include <utmp.h>
3971#ifdef HAVE_LASTLOG_H
3972# include <lastlog.h>
3973#endif
3974#ifdef HAVE_PATHS_H
3975# include <paths.h>
3976#endif
3977 ],
3978 [ char *lastlog = _PATH_LASTLOG; ],
3979 [ AC_MSG_RESULT(yes) ],
3980 [
3981 AC_MSG_RESULT(no)
3982 system_lastlog_path=no
3983 ])
3984 ]
3985)
3986
3987if test -z "$conf_lastlog_location"; then
3988 if test x"$system_lastlog_path" = x"no" ; then
3989 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3990 if (test -d "$f" || test -f "$f") ; then
3991 conf_lastlog_location=$f
3992 fi
3993 done
3994 if test -z "$conf_lastlog_location"; then
3995 AC_MSG_WARN([** Cannot find lastlog **])
3996 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3997 fi
3998 fi
3999fi
4000
4001if test -n "$conf_lastlog_location"; then
2c06c99b 4002 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4003 [Define if you want to specify the path to your lastlog file])
dec6d9fe 4004fi
3c0ef626 4005
4006dnl utmp detection
4007AC_MSG_CHECKING([if your system defines UTMP_FILE])
4008AC_TRY_COMPILE([
4009#include <sys/types.h>
4010#include <utmp.h>
4011#ifdef HAVE_PATHS_H
4012# include <paths.h>
4013#endif
4014 ],
4015 [ char *utmp = UTMP_FILE; ],
4016 [ AC_MSG_RESULT(yes) ],
4017 [ AC_MSG_RESULT(no)
4018 system_utmp_path=no ]
4019)
4020if test -z "$conf_utmp_location"; then
4021 if test x"$system_utmp_path" = x"no" ; then
4022 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4023 if test -f $f ; then
4024 conf_utmp_location=$f
4025 fi
4026 done
4027 if test -z "$conf_utmp_location"; then
4028 AC_DEFINE(DISABLE_UTMP)
4029 fi
4030 fi
4031fi
4032if test -n "$conf_utmp_location"; then
2c06c99b 4033 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4034 [Define if you want to specify the path to your utmp file])
dec6d9fe 4035fi
3c0ef626 4036
4037dnl wtmp detection
4038AC_MSG_CHECKING([if your system defines WTMP_FILE])
4039AC_TRY_COMPILE([
4040#include <sys/types.h>
4041#include <utmp.h>
4042#ifdef HAVE_PATHS_H
4043# include <paths.h>
4044#endif
4045 ],
4046 [ char *wtmp = WTMP_FILE; ],
4047 [ AC_MSG_RESULT(yes) ],
4048 [ AC_MSG_RESULT(no)
4049 system_wtmp_path=no ]
4050)
4051if test -z "$conf_wtmp_location"; then
4052 if test x"$system_wtmp_path" = x"no" ; then
4053 for f in /usr/adm/wtmp /var/log/wtmp; do
4054 if test -f $f ; then
4055 conf_wtmp_location=$f
4056 fi
4057 done
4058 if test -z "$conf_wtmp_location"; then
4059 AC_DEFINE(DISABLE_WTMP)
4060 fi
4061 fi
4062fi
4063if test -n "$conf_wtmp_location"; then
2c06c99b 4064 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4065 [Define if you want to specify the path to your wtmp file])
dec6d9fe 4066fi
3c0ef626 4067
4068
4069dnl utmpx detection - I don't know any system so perverse as to require
4070dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4071dnl there, though.
4072AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4073AC_TRY_COMPILE([
4074#include <sys/types.h>
4075#include <utmp.h>
4076#ifdef HAVE_UTMPX_H
4077#include <utmpx.h>
4078#endif
4079#ifdef HAVE_PATHS_H
4080# include <paths.h>
4081#endif
4082 ],
4083 [ char *utmpx = UTMPX_FILE; ],
4084 [ AC_MSG_RESULT(yes) ],
4085 [ AC_MSG_RESULT(no)
4086 system_utmpx_path=no ]
4087)
4088if test -z "$conf_utmpx_location"; then
4089 if test x"$system_utmpx_path" = x"no" ; then
4090 AC_DEFINE(DISABLE_UTMPX)
4091 fi
4092else
2c06c99b 4093 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4094 [Define if you want to specify the path to your utmpx file])
dec6d9fe 4095fi
3c0ef626 4096
4097dnl wtmpx detection
4098AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4099AC_TRY_COMPILE([
4100#include <sys/types.h>
4101#include <utmp.h>
4102#ifdef HAVE_UTMPX_H
4103#include <utmpx.h>
4104#endif
4105#ifdef HAVE_PATHS_H
4106# include <paths.h>
4107#endif
4108 ],
4109 [ char *wtmpx = WTMPX_FILE; ],
4110 [ AC_MSG_RESULT(yes) ],
4111 [ AC_MSG_RESULT(no)
4112 system_wtmpx_path=no ]
4113)
4114if test -z "$conf_wtmpx_location"; then
4115 if test x"$system_wtmpx_path" = x"no" ; then
4116 AC_DEFINE(DISABLE_WTMPX)
4117 fi
4118else
2c06c99b 4119 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4120 [Define if you want to specify the path to your wtmpx file])
dec6d9fe 4121fi
3c0ef626 4122
4123
3c0ef626 4124if test ! -z "$blibpath" ; then
7e772e1f 4125 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4126 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4127fi
4128
665a873d 4129dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4130dnl Add now.
4131CFLAGS="$CFLAGS $werror_flags"
4132
22616013 4133if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4134 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4135 AC_SUBST(TEST_SSH_IPV6, no)
4136else
4137 AC_SUBST(TEST_SSH_IPV6, yes)
4138fi
4139
e9a17296 4140AC_EXEEXT
9108f8d9 4141AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4142 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
996d5e62 4143 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4144AC_OUTPUT
4145
4146# Print summary of options
4147
3c0ef626 4148# Someone please show me a better way :)
4149A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4150B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4151C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4152D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4153E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4154F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4155G=`eval echo ${piddir}` ; G=`eval echo ${G}`
700318f3 4156H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4157I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4158J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4159
4160echo ""
4161echo "OpenSSH has been configured with the following options:"
700318f3 4162echo " User binaries: $B"
4163echo " System binaries: $C"
4164echo " Configuration files: $D"
4165echo " Askpass program: $E"
4166echo " Manual pages: $F"
4167echo " PID file: $G"
4168echo " Privilege separation chroot path: $H"
0fff78ff 4169if test "x$external_path_file" = "x/etc/login.conf" ; then
4170echo " At runtime, sshd will use the path defined in $external_path_file"
4171echo " Make sure the path to scp is present, otherwise scp will not work"
700318f3 4172else
4173echo " sshd default user PATH: $I"
0fff78ff 4174 if test ! -z "$external_path_file"; then
4175echo " (If PATH is set in $external_path_file it will be used instead. If"
4176echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4177 fi
700318f3 4178fi
4179if test ! -z "$superuser_path" ; then
4180echo " sshd superuser user PATH: $J"
4181fi
4182echo " Manpage format: $MANTYPE"
0fff78ff 4183echo " PAM support: $PAM_MSG"
9108f8d9 4184echo " OSF SIA support: $SIA_MSG"
700318f3 4185echo " KerberosV support: $KRB5_MSG"
9108f8d9 4186echo " SELinux support: $SELINUX_MSG"
700318f3 4187echo " Smartcard support: $SCARD_MSG"
700318f3 4188echo " S/KEY support: $SKEY_MSG"
4189echo " TCP Wrappers support: $TCPW_MSG"
4190echo " MD5 password support: $MD5_MSG"
996d5e62 4191echo " libedit support: $LIBEDIT_MSG"
9108f8d9 4192echo " Solaris process contract support: $SPC_MSG"
700318f3 4193echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
700318f3 4194echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4195echo " BSD Auth support: $BSD_AUTH_MSG"
4196echo " Random number source: $RAND_MSG"
e9a17296 4197if test ! -z "$USE_RAND_HELPER" ; then
700318f3 4198echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4199fi
4200
4201echo ""
4202
4203echo " Host: ${host}"
4204echo " Compiler: ${CC}"
4205echo " Compiler flags: ${CFLAGS}"
4206echo "Preprocessor flags: ${CPPFLAGS}"
4207echo " Linker flags: ${LDFLAGS}"
d4487008 4208echo " Libraries: ${LIBS}"
4209if test ! -z "${SSHDLIBS}"; then
4210echo " +for sshd: ${SSHDLIBS}"
4211fi
3c0ef626 4212
4213echo ""
4214
c9f39d2c 4215if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
996d5e62 4216 echo "SVR4 style packages are supported with \"make package\""
4217 echo ""
c9f39d2c 4218fi
4219
3c0ef626 4220if test "x$PAM_MSG" = "xyes" ; then
e9a17296 4221 echo "PAM is enabled. You may need to install a PAM control file "
4222 echo "for sshd, otherwise password authentication may fail. "
cdd66111 4223 echo "Example PAM control files can be found in the contrib/ "
e9a17296 4224 echo "subdirectory"
3c0ef626 4225 echo ""
4226fi
4227
e9a17296 4228if test ! -z "$RAND_HELPER_CMDHASH" ; then
4229 echo "WARNING: you are using the builtin random number collection "
4230 echo "service. Please read WARNING.RNG and request that your OS "
4231 echo "vendor includes kernel-based random number collection in "
4232 echo "future versions of your OS."
3c0ef626 4233 echo ""
4234fi
4235
c9f39d2c 4236if test ! -z "$NO_PEERCHECK" ; then
d4487008 4237 echo "WARNING: the operating system that you are using does not"
4238 echo "appear to support getpeereid(), getpeerucred() or the"
4239 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4240 echo "enforce security checks to prevent unauthorised connections to"
4241 echo "ssh-agent. Their absence increases the risk that a malicious"
4242 echo "user can connect to your agent."
c9f39d2c 4243 echo ""
4244fi
4245
996d5e62 4246if test "$AUDIT_MODULE" = "bsm" ; then
4247 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4248 echo "See the Solaris section in README.platform for details."
4249fi
git-cvsimport mirror of GSI OpenSSH
This page took 0.730702 seconds and 5 git commands to generate.