]> andersk Git - gssapi-openssh.git/blame - openssh/configure.ac
andersk / gssapi-openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
remove derived files from cvs
[gssapi-openssh.git] / openssh / configure.ac
CommitLineData
3c0ef626 1# $Id$
12a403af 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626 16
2ce0bfe4 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
4b6dae8f 18AC_REVISION($Revision$)
3c0ef626 19AC_CONFIG_SRCDIR([ssh.c])
20
21AC_CONFIG_HEADER(config.h)
22AC_PROG_CC
23AC_CANONICAL_HOST
24AC_C_BIGENDIAN
25
26# Checks for programs.
7cac2b65 27AC_PROG_AWK
3c0ef626 28AC_PROG_CPP
29AC_PROG_RANLIB
30AC_PROG_INSTALL
4b6dae8f 31AC_PROG_EGREP
3c0ef626 32AC_PATH_PROG(AR, ar)
7e82606e 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
3c0ef626 35AC_PATH_PROGS(PERL, perl5 perl)
bfe49944 36AC_PATH_PROG(SED, sed)
3c0ef626 37AC_SUBST(PERL)
38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
3c0ef626 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
350391c5 43AC_PATH_PROG(SH, sh)
7e82606e 44AC_SUBST(TEST_SHELL,sh)
45
46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
08822d99 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
3c0ef626 57
58# System features
59AC_SYS_LARGEFILE
60
61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
08822d99 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
3c0ef626 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
540d72c3 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
08822d99 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
540d72c3 82fi
83
3c0ef626 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
8b32eddc 88
3c0ef626 89AC_C_INLINE
2ce0bfe4 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
540d72c3 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
2ce0bfe4 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
08822d99 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
2ce0bfe4 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
08822d99 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
2ce0bfe4 103 esac
104
105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
116fi
117
540d72c3 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
8b32eddc 121 if test "x$withval" = "xno" ; then
540d72c3 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
30460aeb 130# Messages for features tested for in target-specific section
131SIA_MSG="no"
132SPC_MSG="no"
133
3c0ef626 134# Check for some target-specific stuff
135case "$host" in
136*-*-aix*)
30460aeb 137 # Some versions of VAC won't allow macro redefinitions at
138 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
139 # particularly with older versions of vac or xlc.
140 # It also throws errors about null macro argments, but these are
141 # not fatal.
142 AC_MSG_CHECKING(if compiler allows macro redefinitions)
143 AC_COMPILE_IFELSE(
144 [AC_LANG_SOURCE([[
145#define testmacro foo
146#define testmacro bar
147int main(void) { exit(0); }
148 ]])],
149 [ AC_MSG_RESULT(yes) ],
150 [ AC_MSG_RESULT(no)
151 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
152 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
153 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
154 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
155 ]
156 )
157
540d72c3 158 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
256cb466 159 if (test -z "$blibpath"); then
540d72c3 160 blibpath="/usr/lib:/lib"
3c0ef626 161 fi
256cb466 162 saved_LDFLAGS="$LDFLAGS"
30460aeb 163 if test "$GCC" = "yes"; then
164 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
165 else
166 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
167 fi
168 for tryflags in $flags ;do
256cb466 169 if (test -z "$blibflags"); then
170 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
171 AC_TRY_LINK([], [], [blibflags=$tryflags])
172 fi
173 done
174 if (test -z "$blibflags"); then
175 AC_MSG_RESULT(not found)
176 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
177 else
178 AC_MSG_RESULT($blibflags)
179 fi
180 LDFLAGS="$saved_LDFLAGS"
7cac2b65 181 dnl Check for authenticate. Might be in libs.a on older AIXes
08822d99 182 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
183 [Define if you want to enable AIX4's authenticate function])],
d03f4262 184 [AC_CHECK_LIB(s,authenticate,
185 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
186 LIBS="$LIBS -ls"
187 ])
188 ])
dfddba3d 189 dnl Check for various auth function declarations in headers.
190 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
8b32eddc 191 passwdexpired, setauthdb], , , [#include <usersec.h>])
7cac2b65 192 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
dfddba3d 193 AC_CHECK_DECLS(loginfailed,
7cac2b65 194 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
195 AC_TRY_COMPILE(
196 [#include <usersec.h>],
197 [(void)loginfailed("user","host","tty",0);],
198 [AC_MSG_RESULT(yes)
08822d99 199 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
200 [Define if your AIX loginfailed() function
201 takes 4 arguments (AIX >= 5.2)])],
7cac2b65 202 [AC_MSG_RESULT(no)]
203 )],
204 [],
205 [#include <usersec.h>]
206 )
207 AC_CHECK_FUNCS(setauthdb)
30460aeb 208 AC_CHECK_DECL(F_CLOSEM,
209 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
210 [],
211 [ #include <limits.h>
212 #include <fcntl.h> ]
213 )
dfddba3d 214 check_for_aix_broken_getaddrinfo=1
08822d99 215 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
216 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
217 [Define if your platform breaks doing a seteuid before a setuid])
218 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
219 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
3c0ef626 220 dnl AIX handles lastlog as part of its login message
08822d99 221 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
222 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
223 [Some systems need a utmpx entry for /bin/login to work])
224 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
225 [Define to a Set Process Title type if your system is
226 supported by bsd-setproctitle.c])
227 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
228 [AIX 5.2 and 5.3 (and presumably newer) require this])
30460aeb 229 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
3c0ef626 230 ;;
231*-*-cygwin*)
bfe49944 232 check_for_libcrypt_later=1
e9702f7d 233 LIBS="$LIBS /usr/lib/textmode.o"
08822d99 234 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
235 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
236 AC_DEFINE(DISABLE_SHADOW, 1,
237 [Define if you want to disable shadow passwords])
238 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
239 [Define if your system choked on IP TOS setting])
240 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
241 [Define if X11 doesn't support AF_UNIX sockets on that system])
242 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
243 [Define if the concept of ports only accessible to
244 superusers isn't known])
245 AC_DEFINE(DISABLE_FD_PASSING, 1,
246 [Define if your platform needs to skip post auth
247 file descriptor passing])
3c0ef626 248 ;;
249*-*-dgux*)
250 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 251 AC_DEFINE(SETEUID_BREAKS_SETUID)
252 AC_DEFINE(BROKEN_SETREUID)
253 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 254 ;;
255*-*-darwin*)
08822d99 256 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
29d88157 257 AC_DEFINE(SETEUID_BREAKS_SETUID)
258 AC_DEFINE(BROKEN_SETREUID)
259 AC_DEFINE(BROKEN_SETREGID)
08822d99 260 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
261 [Define if your resolver libs need this for getrrsetbyname])
30460aeb 262 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
263 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
264 [Use tunnel device compatibility to OpenBSD])
265 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
266 [Prepend the address family to IP tunnel traffic])
f713db99 267 AC_MSG_CHECKING(if we have the Security Authorization Session API)
268 AC_TRY_COMPILE([#include <Security/AuthSession.h>],
269 [SessionCreate(0, 0);],
270 [ac_cv_use_security_session_api="yes"
271 AC_DEFINE(USE_SECURITY_SESSION_API, 1,
272 [platform has the Security Authorization Session API])
273 LIBS="$LIBS -framework Security"
274 AC_MSG_RESULT(yes)],
275 [ac_cv_use_security_session_api="no"
276 AC_MSG_RESULT(no)])
277 AC_MSG_CHECKING(if we have an in-memory credentials cache)
278 AC_TRY_COMPILE(
279 [#include <Kerberos/Kerberos.h>],
280 [cc_context_t c;
281 (void) cc_initialize (&c, 0, NULL, NULL);],
282 [AC_DEFINE(USE_CCAPI, 1,
283 [platform uses an in-memory credentials cache])
284 LIBS="$LIBS -framework Security"
285 AC_MSG_RESULT(yes)
286 if test "x$ac_cv_use_security_session_api" = "xno"; then
287 AC_MSG_ERROR(*** Need a security framework to use the credentials cache API ***)
288 fi],
289 [AC_MSG_RESULT(no)]
290 )
291 ;;
30460aeb 292*-*-dragonfly*)
293 SSHDLIBS="$SSHDLIBS -lcrypt"
3c0ef626 294 ;;
2ce0bfe4 295*-*-hpux*)
296 # first we define all of the options common to all HP-UX releases
3c0ef626 297 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
298 IPADDR_IN_DISPLAY=yes
3c0ef626 299 AC_DEFINE(USE_PIPES)
08822d99 300 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
301 [Define if your login program cannot handle end of options ("--")])
350391c5 302 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 303 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
304 [String used in /etc/passwd to denote locked account])
7cac2b65 305 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
08822d99 306 MAIL="/var/mail/username"
d03f4262 307 LIBS="$LIBS -lsec"
2ce0bfe4 308 AC_CHECK_LIB(xnet, t_error, ,
309 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
310
311 # next, we define all of the options specific to major releases
312 case "$host" in
313 *-*-hpux10*)
314 if test -z "$GCC"; then
315 CFLAGS="$CFLAGS -Ae"
316 fi
317 ;;
318 *-*-hpux11*)
08822d99 319 AC_DEFINE(PAM_SUN_CODEBASE, 1,
320 [Define if you are using Solaris-derived PAM which
321 passes pam_messages to the conversation function
322 with an extra level of indirection])
323 AC_DEFINE(DISABLE_UTMP, 1,
324 [Define if you don't want to use utmp])
2ce0bfe4 325 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
326 check_for_hpux_broken_getaddrinfo=1
327 check_for_conflicting_getspnam=1
328 ;;
329 esac
330
331 # lastly, we define options specific to minor releases
332 case "$host" in
333 *-*-hpux10.26)
08822d99 334 AC_DEFINE(HAVE_SECUREWARE, 1,
335 [Define if you have SecureWare-based
336 protected password database])
2ce0bfe4 337 disable_ptmx_check=yes
338 LIBS="$LIBS -lsecpw"
339 ;;
340 esac
3c0ef626 341 ;;
342*-*-irix5*)
3c0ef626 343 PATH="$PATH:/usr/etc"
08822d99 344 AC_DEFINE(BROKEN_INET_NTOA, 1,
345 [Define if you system's inet_ntoa is busted
346 (e.g. Irix gcc issue)])
540d72c3 347 AC_DEFINE(SETEUID_BREAKS_SETUID)
348 AC_DEFINE(BROKEN_SETREUID)
349 AC_DEFINE(BROKEN_SETREGID)
08822d99 350 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
351 [Define if you shouldn't strip 'tty' from your
352 ttyname in [uw]tmp])
7cac2b65 353 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 354 ;;
355*-*-irix6*)
3c0ef626 356 PATH="$PATH:/usr/etc"
08822d99 357 AC_DEFINE(WITH_IRIX_ARRAY, 1,
358 [Define if you have/want arrays
359 (cluster-wide session managment, not C arrays)])
360 AC_DEFINE(WITH_IRIX_PROJECT, 1,
361 [Define if you want IRIX project management])
362 AC_DEFINE(WITH_IRIX_AUDIT, 1,
363 [Define if you want IRIX audit trails])
364 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
365 [Define if you want IRIX kernel jobs])])
3c0ef626 366 AC_DEFINE(BROKEN_INET_NTOA)
29d88157 367 AC_DEFINE(SETEUID_BREAKS_SETUID)
368 AC_DEFINE(BROKEN_SETREUID)
369 AC_DEFINE(BROKEN_SETREGID)
08822d99 370 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
350391c5 371 AC_DEFINE(WITH_ABBREV_NO_TTY)
7cac2b65 372 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 373 ;;
374*-*-linux*)
375 no_dev_ptmx=1
376 check_for_libcrypt_later=1
7cac2b65 377 check_for_openpty_ctty_bug=1
08822d99 378 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
379 AC_DEFINE(PAM_TTY_KLUDGE, 1,
380 [Work around problematic Linux PAM modules handling of PAM_TTY])
381 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
382 [String used in /etc/passwd to denote locked account])
7cac2b65 383 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
08822d99 384 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
385 [Define to whatever link() returns for "not supported"
386 if it doesn't return EOPNOTSUPP.])
dfddba3d 387 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
08822d99 388 AC_DEFINE(USE_BTMP)
3c0ef626 389 inet6_default_4in6=yes
7cac2b65 390 case `uname -r` in
391 1.*|2.0.*)
08822d99 392 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
393 [Define if cmsg_type is not passed correctly])
7cac2b65 394 ;;
395 esac
08822d99 396 # tun(4) forwarding compat code
397 AC_CHECK_HEADERS(linux/if_tun.h)
398 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
399 AC_DEFINE(SSH_TUN_LINUX, 1,
400 [Open tunnel devices the Linux tun/tap way])
401 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
402 [Use tunnel device compatibility to OpenBSD])
403 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
404 [Prepend the address family to IP tunnel traffic])
405 fi
3c0ef626 406 ;;
407mips-sony-bsd|mips-sony-newsos4)
4b6dae8f 408 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
3c0ef626 409 SONY=1
3c0ef626 410 ;;
411*-*-netbsd*)
d03f4262 412 check_for_libcrypt_before=1
8b32eddc 413 if test "x$withval" != "xno" ; then
540d72c3 414 need_dash_r=1
415 fi
08822d99 416 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
417 AC_CHECK_HEADER([net/if_tap.h], ,
418 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
419 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
420 [Prepend the address family to IP tunnel traffic])
3c0ef626 421 ;;
422*-*-freebsd*)
423 check_for_libcrypt_later=1
08822d99 424 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
425 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
426 AC_CHECK_HEADER([net/if_tap.h], ,
427 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
3c0ef626 428 ;;
29d88157 429*-*-bsdi*)
430 AC_DEFINE(SETEUID_BREAKS_SETUID)
431 AC_DEFINE(BROKEN_SETREUID)
432 AC_DEFINE(BROKEN_SETREGID)
433 ;;
3c0ef626 434*-next-*)
435 conf_lastlog_location="/usr/adm/lastlog"
436 conf_utmp_location=/etc/utmp
437 conf_wtmp_location=/usr/adm/wtmp
438 MAIL=/usr/spool/mail
08822d99 439 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
3c0ef626 440 AC_DEFINE(BROKEN_REALPATH)
441 AC_DEFINE(USE_PIPES)
08822d99 442 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
3c0ef626 443 ;;
2ce0bfe4 444*-*-openbsd*)
445 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
08822d99 446 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
447 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
30460aeb 448 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
449 [syslog_r function is safe to use in in a signal handler])
2ce0bfe4 450 ;;
3c0ef626 451*-*-solaris*)
8b32eddc 452 if test "x$withval" != "xno" ; then
12a403af 453 need_dash_r=1
454 fi
3c0ef626 455 AC_DEFINE(PAM_SUN_CODEBASE)
456 AC_DEFINE(LOGIN_NEEDS_UTMPX)
08822d99 457 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
458 [Some versions of /bin/login need the TERM supplied
459 on the commandline])
3c0ef626 460 AC_DEFINE(PAM_TTY_KLUDGE)
08822d99 461 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
462 [Define if pam_chauthtok wants real uid set
463 to the unpriv'ed user])
7cac2b65 464 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
465 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
08822d99 466 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
467 [Define if sshd somehow reacquires a controlling TTY
468 after setsid()])
30460aeb 469 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
470 in case the name is longer than 8 chars])
7cac2b65 471 external_path_file=/etc/default/login
3c0ef626 472 # hardwire lastlog location (can't detect it on some versions)
473 conf_lastlog_location="/var/adm/lastlog"
474 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
475 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
476 if test "$sol2ver" -ge 8; then
477 AC_MSG_RESULT(yes)
478 AC_DEFINE(DISABLE_UTMP)
08822d99 479 AC_DEFINE(DISABLE_WTMP, 1,
480 [Define if you don't want to use wtmp])
3c0ef626 481 else
482 AC_MSG_RESULT(no)
483 fi
30460aeb 484 AC_ARG_WITH(solaris-contracts,
485 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
486 [
487 AC_CHECK_LIB(contract, ct_tmpl_activate,
488 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
489 [Define if you have Solaris process contracts])
490 SSHDLIBS="$SSHDLIBS -lcontract"
491 AC_SUBST(SSHDLIBS)
492 SPC_MSG="yes" ], )
493 ],
494 )
3c0ef626 495 ;;
496*-*-sunos4*)
497 CPPFLAGS="$CPPFLAGS -DSUNOS4"
498 AC_CHECK_FUNCS(getpwanam)
499 AC_DEFINE(PAM_SUN_CODEBASE)
3c0ef626 500 conf_utmp_location=/etc/utmp
501 conf_wtmp_location=/var/adm/wtmp
502 conf_lastlog_location=/var/adm/lastlog
503 AC_DEFINE(USE_PIPES)
504 ;;
505*-ncr-sysv*)
3c0ef626 506 LIBS="$LIBS -lc89"
e9702f7d 507 AC_DEFINE(USE_PIPES)
7cac2b65 508 AC_DEFINE(SSHD_ACQUIRES_CTTY)
29d88157 509 AC_DEFINE(SETEUID_BREAKS_SETUID)
510 AC_DEFINE(BROKEN_SETREUID)
511 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 512 ;;
513*-sni-sysv*)
3c0ef626 514 # /usr/ucblib MUST NOT be searched on ReliantUNIX
540d72c3 515 AC_CHECK_LIB(dl, dlsym, ,)
08822d99 516 # -lresolv needs to be at the end of LIBS or DNS lookups break
517 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
3c0ef626 518 IPADDR_IN_DISPLAY=yes
519 AC_DEFINE(USE_PIPES)
520 AC_DEFINE(IP_TOS_IS_BROKEN)
540d72c3 521 AC_DEFINE(SETEUID_BREAKS_SETUID)
522 AC_DEFINE(BROKEN_SETREUID)
523 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 524 AC_DEFINE(SSHD_ACQUIRES_CTTY)
525 external_path_file=/etc/default/login
3c0ef626 526 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
527 # Attention: always take care to bind libsocket and libnsl before libc,
528 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
529 ;;
dfddba3d 530# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
3c0ef626 531*-*-sysv4.2*)
3c0ef626 532 AC_DEFINE(USE_PIPES)
7cac2b65 533 AC_DEFINE(SETEUID_BREAKS_SETUID)
534 AC_DEFINE(BROKEN_SETREUID)
535 AC_DEFINE(BROKEN_SETREGID)
8b32eddc 536 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
08822d99 537 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
3c0ef626 538 ;;
dfddba3d 539# UnixWare 7.x, OpenUNIX 8
3c0ef626 540*-*-sysv5*)
2ce0bfe4 541 check_for_libcrypt_later=1
542 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
3c0ef626 543 AC_DEFINE(USE_PIPES)
7cac2b65 544 AC_DEFINE(SETEUID_BREAKS_SETUID)
545 AC_DEFINE(BROKEN_SETREUID)
546 AC_DEFINE(BROKEN_SETREGID)
08822d99 547 AC_DEFINE(PASSWD_NEEDS_USERNAME)
2ce0bfe4 548 case "$host" in
549 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
550 TEST_SHELL=/u95/bin/sh
08822d99 551 AC_DEFINE(BROKEN_LIBIAF, 1,
552 [ia_uinfo routines not supported by OS yet])
30460aeb 553 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 554 ;;
555 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
2ce0bfe4 556 ;;
557 esac
3c0ef626 558 ;;
559*-*-sysv*)
3c0ef626 560 ;;
dfddba3d 561# SCO UNIX and OEM versions of SCO UNIX
3c0ef626 562*-*-sco3.2v4*)
dfddba3d 563 AC_MSG_ERROR("This Platform is no longer supported.")
3c0ef626 564 ;;
dfddba3d 565# SCO OpenServer 5.x
3c0ef626 566*-*-sco3.2v5*)
bfe49944 567 if test -z "$GCC"; then
568 CFLAGS="$CFLAGS -belf"
569 fi
3c0ef626 570 LIBS="$LIBS -lprot -lx -ltinfo -lm"
571 no_dev_ptmx=1
3c0ef626 572 AC_DEFINE(USE_PIPES)
350391c5 573 AC_DEFINE(HAVE_SECUREWARE)
3c0ef626 574 AC_DEFINE(DISABLE_SHADOW)
d03f4262 575 AC_DEFINE(DISABLE_FD_PASSING)
7cac2b65 576 AC_DEFINE(SETEUID_BREAKS_SETUID)
577 AC_DEFINE(BROKEN_SETREUID)
578 AC_DEFINE(BROKEN_SETREGID)
579 AC_DEFINE(WITH_ABBREV_NO_TTY)
7e82606e 580 AC_DEFINE(BROKEN_UPDWTMPX)
08822d99 581 AC_DEFINE(PASSWD_NEEDS_USERNAME)
3c0ef626 582 AC_CHECK_FUNCS(getluid setluid)
583 MANTYPE=man
7e82606e 584 TEST_SHELL=ksh
3c0ef626 585 ;;
d03f4262 586*-*-unicosmk*)
08822d99 587 AC_DEFINE(NO_SSH_LASTLOG, 1,
588 [Define if you don't want to use lastlog in session.c])
540d72c3 589 AC_DEFINE(SETEUID_BREAKS_SETUID)
590 AC_DEFINE(BROKEN_SETREUID)
591 AC_DEFINE(BROKEN_SETREGID)
d03f4262 592 AC_DEFINE(USE_PIPES)
593 AC_DEFINE(DISABLE_FD_PASSING)
594 LDFLAGS="$LDFLAGS"
595 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
596 MANTYPE=cat
597 ;;
7cac2b65 598*-*-unicosmp*)
540d72c3 599 AC_DEFINE(SETEUID_BREAKS_SETUID)
600 AC_DEFINE(BROKEN_SETREUID)
601 AC_DEFINE(BROKEN_SETREGID)
7cac2b65 602 AC_DEFINE(WITH_ABBREV_NO_TTY)
603 AC_DEFINE(USE_PIPES)
604 AC_DEFINE(DISABLE_FD_PASSING)
605 LDFLAGS="$LDFLAGS"
540d72c3 606 LIBS="$LIBS -lgen -lacid -ldb"
7cac2b65 607 MANTYPE=cat
608 ;;
3c0ef626 609*-*-unicos*)
540d72c3 610 AC_DEFINE(SETEUID_BREAKS_SETUID)
611 AC_DEFINE(BROKEN_SETREUID)
612 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 613 AC_DEFINE(USE_PIPES)
d03f4262 614 AC_DEFINE(DISABLE_FD_PASSING)
615 AC_DEFINE(NO_SSH_LASTLOG)
616 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
617 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
618 MANTYPE=cat
3c0ef626 619 ;;
620*-dec-osf*)
621 AC_MSG_CHECKING(for Digital Unix SIA)
622 no_osfsia=""
623 AC_ARG_WITH(osfsia,
624 [ --with-osfsia Enable Digital Unix SIA],
625 [
626 if test "x$withval" = "xno" ; then
627 AC_MSG_RESULT(disabled)
628 no_osfsia=1
629 fi
630 ],
631 )
632 if test -z "$no_osfsia" ; then
633 if test -f /etc/sia/matrix.conf; then
634 AC_MSG_RESULT(yes)
08822d99 635 AC_DEFINE(HAVE_OSF_SIA, 1,
636 [Define if you have Digital Unix Security
637 Integration Architecture])
638 AC_DEFINE(DISABLE_LOGIN, 1,
639 [Define if you don't want to use your
640 system's login() call])
bfe49944 641 AC_DEFINE(DISABLE_FD_PASSING)
3c0ef626 642 LIBS="$LIBS -lsecurity -ldb -lm -laud"
30460aeb 643 SIA_MSG="yes"
3c0ef626 644 else
645 AC_MSG_RESULT(no)
08822d99 646 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
647 [String used in /etc/passwd to denote locked account])
3c0ef626 648 fi
649 fi
7cac2b65 650 AC_DEFINE(BROKEN_GETADDRINFO)
29d88157 651 AC_DEFINE(SETEUID_BREAKS_SETUID)
652 AC_DEFINE(BROKEN_SETREUID)
653 AC_DEFINE(BROKEN_SETREGID)
3c0ef626 654 ;;
655
4b6dae8f 656*-*-nto-qnx*)
3c0ef626 657 AC_DEFINE(USE_PIPES)
658 AC_DEFINE(NO_X11_UNIX_SOCKETS)
08822d99 659 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
660 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
661 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
4b6dae8f 662 AC_DEFINE(DISABLE_LASTLOG)
30460aeb 663 AC_DEFINE(SSHD_ACQUIRES_CTTY)
664 enable_etc_default_login=no # has incompatible /etc/default/login
3c0ef626 665 ;;
2ce0bfe4 666
667*-*-ultrix*)
08822d99 668 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
669 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b6dae8f 670 AC_DEFINE(NEED_SETPGRP)
2ce0bfe4 671 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
672 ;;
673
674*-*-lynxos)
675 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
08822d99 676 AC_DEFINE(MISSING_HOWMANY)
2ce0bfe4 677 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
678 ;;
3c0ef626 679esac
680
681# Allow user to specify flags
682AC_ARG_WITH(cflags,
683 [ --with-cflags Specify additional flags to pass to compiler],
684 [
8b32eddc 685 if test -n "$withval" && test "x$withval" != "xno" && \
686 test "x${withval}" != "xyes"; then
3c0ef626 687 CFLAGS="$CFLAGS $withval"
688 fi
8b32eddc 689 ]
3c0ef626 690)
691AC_ARG_WITH(cppflags,
692 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
693 [
8b32eddc 694 if test -n "$withval" && test "x$withval" != "xno" && \
695 test "x${withval}" != "xyes"; then
3c0ef626 696 CPPFLAGS="$CPPFLAGS $withval"
697 fi
698 ]
699)
700AC_ARG_WITH(ldflags,
701 [ --with-ldflags Specify additional flags to pass to linker],
702 [
8b32eddc 703 if test -n "$withval" && test "x$withval" != "xno" && \
704 test "x${withval}" != "xyes"; then
3c0ef626 705 LDFLAGS="$LDFLAGS $withval"
706 fi
8b32eddc 707 ]
3c0ef626 708)
709AC_ARG_WITH(libs,
710 [ --with-libs Specify additional libraries to link with],
711 [
8b32eddc 712 if test -n "$withval" && test "x$withval" != "xno" && \
713 test "x${withval}" != "xyes"; then
3c0ef626 714 LIBS="$LIBS $withval"
715 fi
8b32eddc 716 ]
3c0ef626 717)
2ce0bfe4 718AC_ARG_WITH(Werror,
719 [ --with-Werror Build main code with -Werror],
720 [
721 if test -n "$withval" && test "x$withval" != "xno"; then
722 werror_flags="-Werror"
08822d99 723 if test "x${withval}" != "xyes"; then
2ce0bfe4 724 werror_flags="$withval"
725 fi
726 fi
727 ]
728)
3c0ef626 729
7cac2b65 730AC_MSG_CHECKING(compiler and flags for sanity)
dfddba3d 731AC_RUN_IFELSE(
732 [AC_LANG_SOURCE([
7cac2b65 733#include <stdio.h>
734int main(){exit(0);}
dfddba3d 735 ])],
7cac2b65 736 [ AC_MSG_RESULT(yes) ],
737 [
738 AC_MSG_RESULT(no)
739 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
dfddba3d 740 ],
741 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
7cac2b65 742)
743
2ce0bfe4 744dnl Checks for header files.
745AC_CHECK_HEADERS( \
746 bstring.h \
747 crypt.h \
30460aeb 748 crypto/sha2.h \
2ce0bfe4 749 dirent.h \
750 endian.h \
751 features.h \
30460aeb 752 fcntl.h \
2ce0bfe4 753 floatingpoint.h \
754 getopt.h \
755 glob.h \
756 ia.h \
757 iaf.h \
2ce0bfe4 758 limits.h \
759 login.h \
2ce0bfe4 760 maillock.h \
761 ndir.h \
30460aeb 762 net/if_tun.h \
2ce0bfe4 763 netdb.h \
764 netgroup.h \
2ce0bfe4 765 pam/pam_appl.h \
766 paths.h \
767 pty.h \
768 readpassphrase.h \
769 rpc/types.h \
770 security/pam_appl.h \
30460aeb 771 sha2.h \
2ce0bfe4 772 shadow.h \
773 stddef.h \
774 stdint.h \
775 string.h \
776 strings.h \
777 sys/audit.h \
778 sys/bitypes.h \
779 sys/bsdtty.h \
780 sys/cdefs.h \
781 sys/dir.h \
782 sys/mman.h \
783 sys/ndir.h \
784 sys/prctl.h \
785 sys/pstat.h \
786 sys/select.h \
787 sys/stat.h \
788 sys/stream.h \
789 sys/stropts.h \
790 sys/strtio.h \
791 sys/sysmacros.h \
792 sys/time.h \
793 sys/timers.h \
794 sys/un.h \
795 time.h \
796 tmpdir.h \
797 ttyent.h \
798 unistd.h \
799 usersec.h \
800 util.h \
801 utime.h \
802 utmp.h \
803 utmpx.h \
804 vis.h \
805)
e9702f7d 806
4b6dae8f 807# lastlog.h requires sys/time.h to be included first on Solaris
808AC_CHECK_HEADERS(lastlog.h, [], [], [
809#ifdef HAVE_SYS_TIME_H
810# include <sys/time.h>
811#endif
812])
813
dfddba3d 814# sys/ptms.h requires sys/stream.h to be included first on Solaris
815AC_CHECK_HEADERS(sys/ptms.h, [], [], [
816#ifdef HAVE_SYS_STREAM_H
817# include <sys/stream.h>
818#endif
819])
820
30460aeb 821# login_cap.h requires sys/types.h on NetBSD
822AC_CHECK_HEADERS(login_cap.h, [], [], [
823#include <sys/types.h>
824])
825
3c0ef626 826# Checks for libraries.
827AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
828AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
829
7cac2b65 830dnl IRIX and Solaris 2.5.1 have dirname() in libgen
831AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
832 AC_CHECK_LIB(gen, dirname,[
833 AC_CACHE_CHECK([for broken dirname],
834 ac_cv_have_broken_dirname, [
835 save_LIBS="$LIBS"
836 LIBS="$LIBS -lgen"
08822d99 837 AC_RUN_IFELSE(
838 [AC_LANG_SOURCE([[
7cac2b65 839#include <libgen.h>
840#include <string.h>
841
842int main(int argc, char **argv) {
843 char *s, buf[32];
844
845 strncpy(buf,"/etc", 32);
846 s = dirname(buf);
847 if (!s || strncmp(s, "/", 32) != 0) {
848 exit(1);
849 } else {
850 exit(0);
851 }
852}
08822d99 853 ]])],
854 [ ac_cv_have_broken_dirname="no" ],
855 [ ac_cv_have_broken_dirname="yes" ],
7cac2b65 856 [ ac_cv_have_broken_dirname="no" ],
7cac2b65 857 )
858 LIBS="$save_LIBS"
859 ])
860 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
861 LIBS="$LIBS -lgen"
862 AC_DEFINE(HAVE_DIRNAME)
863 AC_CHECK_HEADERS(libgen.h)
864 fi
865 ])
866])
867
3c0ef626 868AC_CHECK_FUNC(getspnam, ,
869 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
08822d99 870AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
871 [Define if you have the basename function.]))
3c0ef626 872
873dnl zlib is required
874AC_ARG_WITH(zlib,
875 [ --with-zlib=PATH Use zlib in PATH],
8b32eddc 876 [ if test "x$withval" = "xno" ; then
877 AC_MSG_ERROR([*** zlib is required ***])
878 elif test "x$withval" != "xyes"; then
3c0ef626 879 if test -d "$withval/lib"; then
880 if test -n "${need_dash_r}"; then
881 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
882 else
883 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
884 fi
885 else
886 if test -n "${need_dash_r}"; then
887 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
888 else
889 LDFLAGS="-L${withval} ${LDFLAGS}"
890 fi
891 fi
892 if test -d "$withval/include"; then
893 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
894 else
895 CPPFLAGS="-I${withval} ${CPPFLAGS}"
896 fi
8b32eddc 897 fi ]
3c0ef626 898)
899
540d72c3 900AC_CHECK_LIB(z, deflate, ,
901 [
902 saved_CPPFLAGS="$CPPFLAGS"
903 saved_LDFLAGS="$LDFLAGS"
904 save_LIBS="$LIBS"
905 dnl Check default zlib install dir
906 if test -n "${need_dash_r}"; then
907 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
908 else
909 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
910 fi
911 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
912 LIBS="$LIBS -lz"
913 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
914 [
915 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
916 ]
917 )
918 ]
919)
920AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
921
922AC_ARG_WITH(zlib-version-check,
923 [ --without-zlib-version-check Disable zlib version check],
924 [ if test "x$withval" = "xno" ; then
925 zlib_check_nonfatal=1
926 fi
927 ]
928)
929
8b32eddc 930AC_MSG_CHECKING(for possibly buggy zlib)
dfddba3d 931AC_RUN_IFELSE([AC_LANG_SOURCE([[
8b32eddc 932#include <stdio.h>
540d72c3 933#include <zlib.h>
934int main()
935{
8b32eddc 936 int a=0, b=0, c=0, d=0, n, v;
937 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
938 if (n != 3 && n != 4)
540d72c3 939 exit(1);
8b32eddc 940 v = a*1000000 + b*10000 + c*100 + d;
941 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
942
943 /* 1.1.4 is OK */
944 if (a == 1 && b == 1 && c >= 4)
540d72c3 945 exit(0);
8b32eddc 946
2ce0bfe4 947 /* 1.2.3 and up are OK */
948 if (v >= 1020300)
8b32eddc 949 exit(0);
950
540d72c3 951 exit(2);
952}
dfddba3d 953 ]])],
8b32eddc 954 AC_MSG_RESULT(no),
955 [ AC_MSG_RESULT(yes)
540d72c3 956 if test -z "$zlib_check_nonfatal" ; then
957 AC_MSG_ERROR([*** zlib too old - check config.log ***
958Your reported zlib version has known security problems. It's possible your
959vendor has fixed these problems without changing the version number. If you
960are sure this is the case, you can disable the check by running
961"./configure --without-zlib-version-check".
2ce0bfe4 962If you are in doubt, upgrade zlib to version 1.2.3 or greater.
8b32eddc 963See http://www.gzip.org/zlib/ for details.])
540d72c3 964 else
965 AC_MSG_WARN([zlib version may have security problems])
966 fi
dfddba3d 967 ],
968 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
540d72c3 969)
3c0ef626 970
3c0ef626 971dnl UnixWare 2.x
540d72c3 972AC_CHECK_FUNC(strcasecmp,
3c0ef626 973 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
974)
08822d99 975AC_CHECK_FUNCS(utimes,
d03f4262 976 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
977 LIBS="$LIBS -lc89"]) ]
3c0ef626 978)
979
980dnl Checks for libutil functions
981AC_CHECK_HEADERS(libutil.h)
08822d99 982AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
983 [Define if your libraries define login()])])
3c0ef626 984AC_CHECK_FUNCS(logout updwtmp logwtmp)
985
986AC_FUNC_STRFTIME
987
3c0ef626 988# Check for ALTDIRFUNC glob() extension
989AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
990AC_EGREP_CPP(FOUNDIT,
991 [
992 #include <glob.h>
993 #ifdef GLOB_ALTDIRFUNC
994 FOUNDIT
995 #endif
540d72c3 996 ],
3c0ef626 997 [
08822d99 998 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
999 [Define if your system glob() function has
1000 the GLOB_ALTDIRFUNC extension])
3c0ef626 1001 AC_MSG_RESULT(yes)
1002 ],
1003 [
1004 AC_MSG_RESULT(no)
1005 ]
1006)
1007
1008# Check for g.gl_matchc glob() extension
1009AC_MSG_CHECKING(for gl_matchc field in glob_t)
30460aeb 1010AC_TRY_COMPILE(
1011 [ #include <glob.h> ],
1012 [glob_t g; g.gl_matchc = 1;],
540d72c3 1013 [
08822d99 1014 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1015 [Define if your system glob() function has
1016 gl_matchc options in glob_t])
540d72c3 1017 AC_MSG_RESULT(yes)
1018 ],
1019 [
1020 AC_MSG_RESULT(no)
1021 ]
3c0ef626 1022)
1023
30460aeb 1024AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1025
3c0ef626 1026AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
dfddba3d 1027AC_RUN_IFELSE(
1028 [AC_LANG_SOURCE([[
3c0ef626 1029#include <sys/types.h>
1030#include <dirent.h>
d03f4262 1031int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
dfddba3d 1032 ]])],
540d72c3 1033 [AC_MSG_RESULT(yes)],
3c0ef626 1034 [
1035 AC_MSG_RESULT(no)
08822d99 1036 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
1037 [Define if your struct dirent expects you to
1038 allocate extra space for d_name])
dfddba3d 1039 ],
8b32eddc 1040 [
dfddba3d 1041 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1042 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
3c0ef626 1043 ]
1044)
1045
1c89237d 1046# Check whether the user wants GSSAPI mechglue support
1047AC_ARG_WITH(mechglue,
bec32dad 1048 [ --with-mechglue=PATH Build with GSSAPI mechglue library],
1c89237d 1049 [
1050 AC_MSG_CHECKING(for mechglue library)
bec32dad 1051
1052 if test -e ${withval}/libgssapi.a ; then
1053 mechglue_lib=${withval}/libgssapi.a
1054 elif test -e ${withval}/lib/libgssapi.a ; then
1055 mechglue_lib=${withval}/lib/libgssapi.a
1056 else
1057 AC_MSG_ERROR("Can't find libgssapi in ${withval}");
1c89237d 1058 fi
bec32dad 1059 LIBS="$LIBS ${mechglue_lib}"
1060 AC_MSG_RESULT(${mechglue_lib})
1061
1c89237d 1062 AC_CHECK_LIB(dl, dlopen, , )
1063 if test $ac_cv_lib_dl_dlopen = yes; then
bec32dad 1064 LDFLAGS="$LDFLAGS -ldl -Wl,-Bsymbolic"
1c89237d 1065 fi
bec32dad 1066
1c89237d 1067 AC_DEFINE(GSSAPI)
08822d99 1068 AC_DEFINE(MECHGLUE, 1, [Define this if you're building with GSSAPI MechGlue.])
1c89237d 1069 GSSAPI="mechglue"
1070
1c89237d 1071 ]
1072)
1073
1074
5598e598 1075# Check whether the user wants GSI (Globus) support
1076gsi_path="no"
1077AC_ARG_WITH(gsi,
483bcdbd 1078 [ --with-gsi Enable Globus GSI authentication support],
5598e598 1079 [
1080 gsi_path="$withval"
1081 ]
1082)
1083
1084AC_ARG_WITH(globus,
483bcdbd 1085 [ --with-globus Enable Globus GSI authentication support],
5598e598 1086 [
1087 gsi_path="$withval"
1088 ]
1089)
1090
483bcdbd 1091AC_ARG_WITH(globus-static,
1092 [ --with-globus-static Link statically with Globus GSI libraries],
1093 [
1094 gsi_static="-static"
9e6effad 1095 if test "x$gsi_path" = "xno" ; then
6e098d39 1096 gsi_path="$withval"
1097 fi
483bcdbd 1098 ]
1099)
1100
5fb9fc74 1101# Check whether the user has a Globus flavor type
1102globus_flavor_type="no"
1103AC_ARG_WITH(globus-flavor,
483bcdbd 1104 [ --with-globus-flavor=TYPE Specify Globus flavor type (ex: gcc32dbg)],
5fb9fc74 1105 [
1106 globus_flavor_type="$withval"
9e6effad 1107 if test "x$gsi_path" = "xno" ; then
e78b0188 1108 gsi_path="yes"
1109 fi
5fb9fc74 1110 ]
1111)
1112
5598e598 1113if test "x$gsi_path" != "xno" ; then
1114 # Globus GSSAPI configuration
22798398 1115 AC_MSG_CHECKING(for Globus GSI)
08822d99 1116 AC_DEFINE(GSI, 1, [Define if you want GSI/Globus authentication support.])
5598e598 1117
1c89237d 1118 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
483bcdbd 1119 AC_MSG_ERROR([Previously configured GSSAPI library conflicts with Globus GSI.])
1c89237d 1120 fi
1121 if test -z "$GSSAPI"; then
1122 AC_DEFINE(GSSAPI)
1123 GSSAPI="GSI"
1124 fi
1125
8b1f0dfd 1126 if test "x$gsi_path" = "xyes" ; then
1127 if test -z "$GLOBUS_LOCATION" ; then
483bcdbd 1128 AC_MSG_ERROR(GLOBUS_LOCATION environment variable must be set.)
8b1f0dfd 1129 else
1130 gsi_path="$GLOBUS_LOCATION"
1131 fi
1132 fi
483bcdbd 1133 GLOBUS_LOCATION="$gsi_path"
1134 export GLOBUS_LOCATION
1135 if test ! -d "$GLOBUS_LOCATION" ; then
1136 AC_MSG_ERROR(Cannot find Globus installation. Set GLOBUS_LOCATION environment variable.)
5598e598 1137 fi
5598e598 1138
22798398 1139 if test "x$globus_flavor_type" = "xno" ; then
1140 AC_MSG_ERROR(--with-globus-flavor=TYPE must be specified)
1141 fi
1142 if test "x$globus_flavor_type" = "xyes" ; then
1143 AC_MSG_ERROR(--with-globus-flavor=TYPE must specify a flavor type)
5598e598 1144 fi
5fb9fc74 1145
22798398 1146 GLOBUS_INCLUDE="${gsi_path}/include/${globus_flavor_type}"
1147 if test ! -d "$GLOBUS_INCLUDE" ; then
1148 AC_MSG_ERROR(Cannot find Globus flavor-specific include directory: ${GLOBUS_INCLUDE})
1149 fi
1150 GSI_CPPFLAGS="-I${GLOBUS_INCLUDE}"
bed23354 1151
1152 if test -x ${gsi_path}/bin/globus-makefile-header ; then
483bcdbd 1153 GSI_LIBS=`${gsi_path}/bin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
bed23354 1154 elif test -x ${gsi_path}/sbin/globus-makefile-header ; then
483bcdbd 1155 GSI_LIBS=`${gsi_path}/sbin/globus-makefile-header --flavor=${globus_flavor_type} ${gsi_static} globus_gss_assist | perl -n -e 'if (/GLOBUS_PKG_LIBS = (.*)/){print $1;}'`
5fb9fc74 1156 else
bed23354 1157 AC_MSG_ERROR(Cannot find globus-makefile-header: Globus installation is incomplete)
22798398 1158 fi
1dca09f1 1159 if test -n "${need_dash_r}"; then
1160 GSI_LDFLAGS="-L${gsi_path}/lib -R{gsi_path}/lib"
1161 else
1162 GSI_LDFLAGS="-L${gsi_path}/lib"
1163 fi
22798398 1164 if test -z "$GSI_LIBS" ; then
bed23354 1165 AC_MSG_ERROR(globus-makefile-header failed)
5fb9fc74 1166 fi
5598e598 1167
540d72c3 1168 AC_DEFINE(HAVE_GSSAPI_H)
1169
5598e598 1170 LIBS="$LIBS $GSI_LIBS"
1171 LDFLAGS="$LDFLAGS $GSI_LDFLAGS"
1c89237d 1172 CPPFLAGS="$CPPFLAGS $GSI_CPPFLAGS"
22798398 1173
1174 # test that we got the libraries OK
1175 AC_TRY_LINK(
1176 [],
1177 [],
1178 [
1179 AC_MSG_RESULT(yes)
1180 ],
1181 [
1182 AC_MSG_ERROR(link with Globus libraries failed)
1183 ]
1184 )
fd34c71f 1185 AC_CHECK_FUNCS(globus_gss_assist_map_and_authorize)
1ca858e9 1186 INSTALL_GSISSH="yes"
1187else
1188 INSTALL_GSISSH=""
5598e598 1189fi
1ca858e9 1190AC_SUBST(INSTALL_GSISSH)
1191# End Globus/GSI section
5598e598 1192
7e82606e 1193AC_MSG_CHECKING([for /proc/pid/fd directory])
1194if test -d "/proc/$$/fd" ; then
08822d99 1195 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
7e82606e 1196 AC_MSG_RESULT(yes)
1197else
1198 AC_MSG_RESULT(no)
1199fi
1200
3c0ef626 1201# Check whether user wants S/Key support
540d72c3 1202SKEY_MSG="no"
3c0ef626 1203AC_ARG_WITH(skey,
dfddba3d 1204 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
3c0ef626 1205 [
1206 if test "x$withval" != "xno" ; then
1207
1208 if test "x$withval" != "xyes" ; then
1209 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1210 LDFLAGS="$LDFLAGS -L${withval}/lib"
1211 fi
1212
08822d99 1213 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
3c0ef626 1214 LIBS="-lskey $LIBS"
540d72c3 1215 SKEY_MSG="yes"
8b32eddc 1216
e9702f7d 1217 AC_MSG_CHECKING([for s/key support])
08822d99 1218 AC_LINK_IFELSE(
1219 [AC_LANG_SOURCE([[
e9702f7d 1220#include <stdio.h>
1221#include <skey.h>
d03f4262 1222int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
08822d99 1223 ]])],
e9702f7d 1224 [AC_MSG_RESULT(yes)],
3c0ef626 1225 [
e9702f7d 1226 AC_MSG_RESULT(no)
3c0ef626 1227 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1228 ])
12a403af 1229 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1230 AC_TRY_COMPILE(
1231 [#include <stdio.h>
1232 #include <skey.h>],
1233 [(void)skeychallenge(NULL,"name","",0);],
1234 [AC_MSG_RESULT(yes)
08822d99 1235 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1236 [Define if your skeychallenge()
1237 function takes 4 arguments (NetBSD)])],
12a403af 1238 [AC_MSG_RESULT(no)]
1239 )
3c0ef626 1240 fi
1241 ]
1242)
1243
1244# Check whether user wants TCP wrappers support
1245TCPW_MSG="no"
1246AC_ARG_WITH(tcp-wrappers,
dfddba3d 1247 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
3c0ef626 1248 [
1249 if test "x$withval" != "xno" ; then
1250 saved_LIBS="$LIBS"
1251 saved_LDFLAGS="$LDFLAGS"
1252 saved_CPPFLAGS="$CPPFLAGS"
8b32eddc 1253 if test -n "${withval}" && \
1254 test "x${withval}" != "xyes"; then
3c0ef626 1255 if test -d "${withval}/lib"; then
1256 if test -n "${need_dash_r}"; then
1257 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1258 else
1259 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1260 fi
1261 else
1262 if test -n "${need_dash_r}"; then
1263 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1264 else
1265 LDFLAGS="-L${withval} ${LDFLAGS}"
1266 fi
1267 fi
1268 if test -d "${withval}/include"; then
1269 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1270 else
1271 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1272 fi
1273 fi
e9702f7d 1274 LIBWRAP="-lwrap"
1275 LIBS="$LIBWRAP $LIBS"
3c0ef626 1276 AC_MSG_CHECKING(for libwrap)
1277 AC_TRY_LINK(
1278 [
12a403af 1279#include <sys/types.h>
1280#include <sys/socket.h>
1281#include <netinet/in.h>
3c0ef626 1282#include <tcpd.h>
1283 int deny_severity = 0, allow_severity = 0;
1284 ],
1285 [hosts_access(0);],
1286 [
1287 AC_MSG_RESULT(yes)
08822d99 1288 AC_DEFINE(LIBWRAP, 1,
1289 [Define if you want
1290 TCP Wrappers support])
e9702f7d 1291 AC_SUBST(LIBWRAP)
3c0ef626 1292 TCPW_MSG="yes"
1293 ],
1294 [
1295 AC_MSG_ERROR([*** libwrap missing])
1296 ]
1297 )
e9702f7d 1298 LIBS="$saved_LIBS"
3c0ef626 1299 fi
1300 ]
1301)
1302
dfddba3d 1303# Check whether user wants libedit support
1304LIBEDIT_MSG="no"
1305AC_ARG_WITH(libedit,
1306 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
1307 [ if test "x$withval" != "xno" ; then
8b32eddc 1308 if test "x$withval" != "xyes"; then
08822d99 1309 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1310 if test -n "${need_dash_r}"; then
1311 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1312 else
1313 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1314 fi
8b32eddc 1315 fi
dfddba3d 1316 AC_CHECK_LIB(edit, el_init,
08822d99 1317 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
dfddba3d 1318 LIBEDIT="-ledit -lcurses"
1319 LIBEDIT_MSG="yes"
1320 AC_SUBST(LIBEDIT)
1321 ],
8b32eddc 1322 [ AC_MSG_ERROR(libedit not found) ],
1323 [ -lcurses ]
dfddba3d 1324 )
2ce0bfe4 1325 AC_MSG_CHECKING(if libedit version is compatible)
1326 AC_COMPILE_IFELSE(
1327 [AC_LANG_SOURCE([[
1328#include <histedit.h>
1329int main(void)
1330{
1331 int i = H_SETSIZE;
1332 el_init("", NULL, NULL, NULL);
1333 exit(0);
1334}
1335 ]])],
1336 [ AC_MSG_RESULT(yes) ],
1337 [ AC_MSG_RESULT(no)
1338 AC_MSG_ERROR(libedit version is not compatible) ]
1339 )
dfddba3d 1340 fi ]
1341)
1342
1343AUDIT_MODULE=none
1344AC_ARG_WITH(audit,
1345 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1346 [
1347 AC_MSG_CHECKING(for supported audit module)
1348 case "$withval" in
1349 bsm)
1350 AC_MSG_RESULT(bsm)
1351 AUDIT_MODULE=bsm
1352 dnl Checks for headers, libs and functions
1353 AC_CHECK_HEADERS(bsm/audit.h, [],
30460aeb 1354 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1355 [
1356#ifdef HAVE_TIME_H
1357# include <time.h>
1358#endif
1359 ]
1360)
dfddba3d 1361 AC_CHECK_LIB(bsm, getaudit, [],
1362 [AC_MSG_ERROR(BSM enabled and required library not found)])
1363 AC_CHECK_FUNCS(getaudit, [],
1364 [AC_MSG_ERROR(BSM enabled and required function not found)])
1365 # These are optional
1366 AC_CHECK_FUNCS(getaudit_addr)
08822d99 1367 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
dfddba3d 1368 ;;
1369 debug)
1370 AUDIT_MODULE=debug
1371 AC_MSG_RESULT(debug)
08822d99 1372 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
dfddba3d 1373 ;;
2ce0bfe4 1374 no)
1375 AC_MSG_RESULT(no)
1376 ;;
dfddba3d 1377 *)
1378 AC_MSG_ERROR([Unknown audit module $withval])
1379 ;;
1380 esac ]
1381)
1382
bfe49944 1383dnl Checks for library functions. Please keep in alphabetical order
2ce0bfe4 1384AC_CHECK_FUNCS( \
1385 arc4random \
08822d99 1386 asprintf \
2ce0bfe4 1387 b64_ntop \
1388 __b64_ntop \
1389 b64_pton \
1390 __b64_pton \
1391 bcopy \
1392 bindresvport_sa \
1393 clock \
1394 closefrom \
1395 dirfd \
1396 fchmod \
1397 fchown \
1398 freeaddrinfo \
1399 futimes \
1400 getaddrinfo \
1401 getcwd \
1402 getgrouplist \
1403 getnameinfo \
1404 getopt \
1405 getpeereid \
1406 _getpty \
1407 getrlimit \
1408 getttyent \
1409 glob \
1410 inet_aton \
1411 inet_ntoa \
1412 inet_ntop \
1413 innetgr \
1414 login_getcapbool \
1415 md5_crypt \
1416 memmove \
1417 mkdtemp \
1418 mmap \
1419 ngetaddrinfo \
1420 nsleep \
1421 ogetaddrinfo \
1422 openlog_r \
1423 openpty \
1424 prctl \
1425 pstat \
1426 readpassphrase \
1427 realpath \
1428 recvmsg \
1429 rresvport_af \
1430 sendmsg \
1431 setdtablesize \
1432 setegid \
1433 setenv \
1434 seteuid \
1435 setgroups \
1436 setlogin \
1437 setpcred \
1438 setproctitle \
1439 setregid \
1440 setreuid \
1441 setrlimit \
1442 setsid \
1443 setvbuf \
1444 sigaction \
1445 sigvec \
1446 snprintf \
1447 socketpair \
1448 strdup \
1449 strerror \
1450 strlcat \
1451 strlcpy \
1452 strmode \
1453 strnvis \
1454 strtonum \
1455 strtoll \
1456 strtoul \
1457 sysconf \
1458 tcgetpgrp \
1459 truncate \
1460 unsetenv \
1461 updwtmpx \
08822d99 1462 vasprintf \
2ce0bfe4 1463 vhangup \
1464 vsnprintf \
1465 waitpid \
bfe49944 1466)
1467
29d88157 1468# IRIX has a const char return value for gai_strerror()
1469AC_CHECK_FUNCS(gai_strerror,[
1470 AC_DEFINE(HAVE_GAI_STRERROR)
1471 AC_TRY_COMPILE([
1472#include <sys/types.h>
1473#include <sys/socket.h>
1474#include <netdb.h>
1475
1476const char *gai_strerror(int);],[
1477char *str;
1478
1479str = gai_strerror(0);],[
1480 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1481 [Define if gai_strerror() returns const char *])])])
1482
08822d99 1483AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1484 [Some systems put nanosleep outside of libc]))
bfe49944 1485
7cac2b65 1486dnl Make sure prototypes are defined for these before using them.
7cac2b65 1487AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
2ce0bfe4 1488AC_CHECK_DECL(strsep,
1489 [AC_CHECK_FUNCS(strsep)],
1490 [],
1491 [
1492#ifdef HAVE_STRING_H
1493# include <string.h>
1494#endif
1495 ])
3c0ef626 1496
7cac2b65 1497dnl tcsendbreak might be a macro
1498AC_CHECK_DECL(tcsendbreak,
1499 [AC_DEFINE(HAVE_TCSENDBREAK)],
540d72c3 1500 [AC_CHECK_FUNCS(tcsendbreak)],
7cac2b65 1501 [#include <termios.h>]
1502)
3c0ef626 1503
7e82606e 1504AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1505
30460aeb 1506AC_CHECK_DECLS(SHUT_RD, , ,
1507 [
1508#include <sys/types.h>
1509#include <sys/socket.h>
1510 ])
1511
1512AC_CHECK_DECLS(O_NONBLOCK, , ,
1513 [
1514#include <sys/types.h>
1515#ifdef HAVE_SYS_STAT_H
1516# include <sys/stat.h>
1517#endif
1518#ifdef HAVE_FCNTL_H
1519# include <fcntl.h>
1520#endif
1521 ])
1522
1523AC_CHECK_DECLS(writev, , , [
1524#include <sys/types.h>
1525#include <sys/uio.h>
1526#include <unistd.h>
1527 ])
1528
540d72c3 1529AC_CHECK_FUNCS(setresuid, [
1530 dnl Some platorms have setresuid that isn't implemented, test for this
1531 AC_MSG_CHECKING(if setresuid seems to work)
dfddba3d 1532 AC_RUN_IFELSE(
1533 [AC_LANG_SOURCE([[
540d72c3 1534#include <stdlib.h>
1535#include <errno.h>
1536int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1537 ]])],
540d72c3 1538 [AC_MSG_RESULT(yes)],
08822d99 1539 [AC_DEFINE(BROKEN_SETRESUID, 1,
1540 [Define if your setresuid() is broken])
dfddba3d 1541 AC_MSG_RESULT(not implemented)],
1542 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1543 )
1544])
1545
1546AC_CHECK_FUNCS(setresgid, [
1547 dnl Some platorms have setresgid that isn't implemented, test for this
1548 AC_MSG_CHECKING(if setresgid seems to work)
dfddba3d 1549 AC_RUN_IFELSE(
1550 [AC_LANG_SOURCE([[
540d72c3 1551#include <stdlib.h>
1552#include <errno.h>
1553int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
dfddba3d 1554 ]])],
540d72c3 1555 [AC_MSG_RESULT(yes)],
08822d99 1556 [AC_DEFINE(BROKEN_SETRESGID, 1,
1557 [Define if your setresgid() is broken])
dfddba3d 1558 AC_MSG_RESULT(not implemented)],
1559 [AC_MSG_WARN([cross compiling: not checking setresuid])]
540d72c3 1560 )
1561])
1562
3c0ef626 1563dnl Checks for time functions
1564AC_CHECK_FUNCS(gettimeofday time)
1565dnl Checks for utmp functions
1566AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1567AC_CHECK_FUNCS(utmpname)
1568dnl Checks for utmpx functions
1569AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1570AC_CHECK_FUNCS(setutxent utmpxname)
1571
540d72c3 1572AC_CHECK_FUNC(daemon,
08822d99 1573 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1574 [AC_CHECK_LIB(bsd, daemon,
1575 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
3c0ef626 1576)
1577
540d72c3 1578AC_CHECK_FUNC(getpagesize,
08822d99 1579 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1580 [Define if your libraries define getpagesize()])],
1581 [AC_CHECK_LIB(ucb, getpagesize,
1582 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
3c0ef626 1583)
1584
1585# Check for broken snprintf
1586if test "x$ac_cv_func_snprintf" = "xyes" ; then
1587 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
dfddba3d 1588 AC_RUN_IFELSE(
1589 [AC_LANG_SOURCE([[
3c0ef626 1590#include <stdio.h>
d03f4262 1591int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
dfddba3d 1592 ]])],
540d72c3 1593 [AC_MSG_RESULT(yes)],
3c0ef626 1594 [
1595 AC_MSG_RESULT(no)
08822d99 1596 AC_DEFINE(BROKEN_SNPRINTF, 1,
1597 [Define if your snprintf is busted])
3c0ef626 1598 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
dfddba3d 1599 ],
1600 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
3c0ef626 1601 )
1602fi
1603
08822d99 1604# If we don't have a working asprintf, then we strongly depend on vsnprintf
1605# returning the right thing on overflow: the number of characters it tried to
1606# create (as per SUSv3)
1607if test "x$ac_cv_func_asprintf" != "xyes" && \
1608 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1609 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1610 AC_RUN_IFELSE(
1611 [AC_LANG_SOURCE([[
1612#include <sys/types.h>
1613#include <stdio.h>
1614#include <stdarg.h>
1615
1616int x_snprintf(char *str,size_t count,const char *fmt,...)
1617{
1618 size_t ret; va_list ap;
1619 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1620 return ret;
1621}
1622int main(void)
1623{
1624 char x[1];
1625 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1626} ]])],
1627 [AC_MSG_RESULT(yes)],
1628 [
1629 AC_MSG_RESULT(no)
1630 AC_DEFINE(BROKEN_SNPRINTF, 1,
1631 [Define if your snprintf is busted])
1632 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1633 ],
1634 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1635 )
1636fi
1637
1638# On systems where [v]snprintf is broken, but is declared in stdio,
1639# check that the fmt argument is const char * or just char *.
1640# This is only useful for when BROKEN_SNPRINTF
1641AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1642AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1643 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1644 int main(void) { snprintf(0, 0, 0); }
1645 ]])],
1646 [AC_MSG_RESULT(yes)
1647 AC_DEFINE(SNPRINTF_CONST, [const],
1648 [Define as const if snprintf() can declare const char *fmt])],
1649 [AC_MSG_RESULT(no)
1650 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1651
7e82606e 1652# Check for missing getpeereid (or equiv) support
1653NO_PEERCHECK=""
1654if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1655 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1656 AC_TRY_COMPILE(
1657 [#include <sys/types.h>
1658 #include <sys/socket.h>],
1659 [int i = SO_PEERCRED;],
8b32eddc 1660 [ AC_MSG_RESULT(yes)
08822d99 1661 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
8b32eddc 1662 ],
7e82606e 1663 [AC_MSG_RESULT(no)
1664 NO_PEERCHECK=1]
1665 )
1666fi
1667
bfe49944 1668dnl see whether mkstemp() requires XXXXXX
1669if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1670AC_MSG_CHECKING([for (overly) strict mkstemp])
08822d99 1671AC_RUN_IFELSE(
1672 [AC_LANG_SOURCE([[
bfe49944 1673#include <stdlib.h>
1674main() { char template[]="conftest.mkstemp-test";
1675if (mkstemp(template) == -1)
1676 exit(1);
1677unlink(template); exit(0);
1678}
08822d99 1679 ]])],
bfe49944 1680 [
1681 AC_MSG_RESULT(no)
1682 ],
540d72c3 1683 [
bfe49944 1684 AC_MSG_RESULT(yes)
08822d99 1685 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
bfe49944 1686 ],
1687 [
1688 AC_MSG_RESULT(yes)
1689 AC_DEFINE(HAVE_STRICT_MKSTEMP)
540d72c3 1690 ]
bfe49944 1691)
1692fi
1693
7cac2b65 1694dnl make sure that openpty does not reacquire controlling terminal
1695if test ! -z "$check_for_openpty_ctty_bug"; then
1696 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
08822d99 1697 AC_RUN_IFELSE(
1698 [AC_LANG_SOURCE([[
7cac2b65 1699#include <stdio.h>
1700#include <sys/fcntl.h>
1701#include <sys/types.h>
1702#include <sys/wait.h>
1703
1704int
1705main()
1706{
1707 pid_t pid;
1708 int fd, ptyfd, ttyfd, status;
1709
1710 pid = fork();
1711 if (pid < 0) { /* failed */
1712 exit(1);
1713 } else if (pid > 0) { /* parent */
1714 waitpid(pid, &status, 0);
540d72c3 1715 if (WIFEXITED(status))
7cac2b65 1716 exit(WEXITSTATUS(status));
1717 else
1718 exit(2);
1719 } else { /* child */
1720 close(0); close(1); close(2);
1721 setsid();
1722 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1723 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1724 if (fd >= 0)
1725 exit(3); /* Acquired ctty: broken */
1726 else
1727 exit(0); /* Did not acquire ctty: OK */
1728 }
1729}
08822d99 1730 ]])],
7cac2b65 1731 [
1732 AC_MSG_RESULT(yes)
1733 ],
1734 [
1735 AC_MSG_RESULT(no)
1736 AC_DEFINE(SSHD_ACQUIRES_CTTY)
08822d99 1737 ],
1738 [
1739 AC_MSG_RESULT(cross-compiling, assuming yes)
7cac2b65 1740 ]
1741 )
1742fi
1743
8b32eddc 1744if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1745 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
12a403af 1746 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1747 AC_RUN_IFELSE(
1748 [AC_LANG_SOURCE([[
12a403af 1749#include <stdio.h>
1750#include <sys/socket.h>
1751#include <netdb.h>
1752#include <errno.h>
1753#include <netinet/in.h>
1754
1755#define TEST_PORT "2222"
1756
1757int
1758main(void)
1759{
1760 int err, sock;
1761 struct addrinfo *gai_ai, *ai, hints;
1762 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1763
1764 memset(&hints, 0, sizeof(hints));
1765 hints.ai_family = PF_UNSPEC;
1766 hints.ai_socktype = SOCK_STREAM;
1767 hints.ai_flags = AI_PASSIVE;
1768
1769 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1770 if (err != 0) {
1771 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1772 exit(1);
1773 }
1774
1775 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1776 if (ai->ai_family != AF_INET6)
1777 continue;
1778
1779 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1780 sizeof(ntop), strport, sizeof(strport),
1781 NI_NUMERICHOST|NI_NUMERICSERV);
1782
1783 if (err != 0) {
1784 if (err == EAI_SYSTEM)
1785 perror("getnameinfo EAI_SYSTEM");
1786 else
1787 fprintf(stderr, "getnameinfo failed: %s\n",
1788 gai_strerror(err));
1789 exit(2);
1790 }
1791
1792 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1793 if (sock < 0)
1794 perror("socket");
1795 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1796 if (errno == EBADF)
1797 exit(3);
1798 }
1799 }
1800 exit(0);
1801}
08822d99 1802 ]])],
12a403af 1803 [
1804 AC_MSG_RESULT(yes)
1805 ],
1806 [
1807 AC_MSG_RESULT(no)
1808 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1809 ],
1810 [
1811 AC_MSG_RESULT(cross-compiling, assuming yes)
12a403af 1812 ]
1813 )
1814fi
1815
8b32eddc 1816if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1817 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
dfddba3d 1818 AC_MSG_CHECKING(if getaddrinfo seems to work)
08822d99 1819 AC_RUN_IFELSE(
1820 [AC_LANG_SOURCE([[
dfddba3d 1821#include <stdio.h>
1822#include <sys/socket.h>
1823#include <netdb.h>
1824#include <errno.h>
1825#include <netinet/in.h>
1826
1827#define TEST_PORT "2222"
1828
1829int
1830main(void)
1831{
1832 int err, sock;
1833 struct addrinfo *gai_ai, *ai, hints;
1834 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1835
1836 memset(&hints, 0, sizeof(hints));
1837 hints.ai_family = PF_UNSPEC;
1838 hints.ai_socktype = SOCK_STREAM;
1839 hints.ai_flags = AI_PASSIVE;
1840
1841 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1842 if (err != 0) {
1843 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1844 exit(1);
1845 }
1846
1847 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1848 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1849 continue;
1850
1851 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1852 sizeof(ntop), strport, sizeof(strport),
1853 NI_NUMERICHOST|NI_NUMERICSERV);
1854
1855 if (ai->ai_family == AF_INET && err != 0) {
1856 perror("getnameinfo");
1857 exit(2);
1858 }
1859 }
1860 exit(0);
1861}
08822d99 1862 ]])],
dfddba3d 1863 [
1864 AC_MSG_RESULT(yes)
08822d99 1865 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1866 [Define if you have a getaddrinfo that fails
1867 for the all-zeros IPv6 address])
dfddba3d 1868 ],
1869 [
1870 AC_MSG_RESULT(no)
1871 AC_DEFINE(BROKEN_GETADDRINFO)
08822d99 1872 ],
30460aeb 1873 [
08822d99 1874 AC_MSG_RESULT(cross-compiling, assuming no)
dfddba3d 1875 ]
1876 )
1877fi
1878
1879if test "x$check_for_conflicting_getspnam" = "x1"; then
1880 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1881 AC_COMPILE_IFELSE(
1882 [
1883#include <shadow.h>
1884int main(void) {exit(0);}
1885 ],
1886 [
1887 AC_MSG_RESULT(no)
1888 ],
1889 [
1890 AC_MSG_RESULT(yes)
1891 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1892 [Conflicting defs for getspnam])
1893 ]
1894 )
1895fi
1896
3c0ef626 1897AC_FUNC_GETPGRP
1898
350391c5 1899# Search for OpenSSL
1900saved_CPPFLAGS="$CPPFLAGS"
1901saved_LDFLAGS="$LDFLAGS"
3c0ef626 1902AC_ARG_WITH(ssl-dir,
1903 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1904 [
1905 if test "x$withval" != "xno" ; then
dfddba3d 1906 case "$withval" in
1907 # Relative paths
1908 ./*|../*) withval="`pwd`/$withval"
1909 esac
350391c5 1910 if test -d "$withval/lib"; then
1911 if test -n "${need_dash_r}"; then
1912 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1913 else
1914 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
3c0ef626 1915 fi
1916 else
350391c5 1917 if test -n "${need_dash_r}"; then
1918 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1919 else
1920 LDFLAGS="-L${withval} ${LDFLAGS}"
3c0ef626 1921 fi
1922 fi
350391c5 1923 if test -d "$withval/include"; then
1924 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
3c0ef626 1925 else
350391c5 1926 CPPFLAGS="-I${withval} ${CPPFLAGS}"
3c0ef626 1927 fi
1928 fi
350391c5 1929 ]
1930)
22798398 1931if test -z "$GSI_LIBS" ; then
540d72c3 1932LIBS="-lcrypto $LIBS"
22798398 1933fi
08822d99 1934AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1935 [Define if your ssl headers are included
1936 with #include <openssl/header.h>]),
3c0ef626 1937 [
350391c5 1938 dnl Check default openssl install dir
1939 if test -n "${need_dash_r}"; then
1940 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1941 else
350391c5 1942 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
3c0ef626 1943 fi
350391c5 1944 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1945 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1946 [
1947 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1948 ]
1949 )
1950 ]
1951)
1952
d03f4262 1953# Determine OpenSSL header version
1954AC_MSG_CHECKING([OpenSSL header version])
dfddba3d 1955AC_RUN_IFELSE(
1956 [AC_LANG_SOURCE([[
d03f4262 1957#include <stdio.h>
1958#include <string.h>
1959#include <openssl/opensslv.h>
1960#define DATA "conftest.sslincver"
1961int main(void) {
540d72c3 1962 FILE *fd;
1963 int rc;
d03f4262 1964
540d72c3 1965 fd = fopen(DATA,"w");
1966 if(fd == NULL)
1967 exit(1);
d03f4262 1968
1969 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1970 exit(1);
1971
1972 exit(0);
1973}
dfddba3d 1974 ]])],
d03f4262 1975 [
1976 ssl_header_ver=`cat conftest.sslincver`
1977 AC_MSG_RESULT($ssl_header_ver)
1978 ],
1979 [
1980 AC_MSG_RESULT(not found)
1981 AC_MSG_ERROR(OpenSSL version header not found.)
dfddba3d 1982 ],
1983 [
1984 AC_MSG_WARN([cross compiling: not checking])
d03f4262 1985 ]
1986)
1987
1988# Determine OpenSSL library version
1989AC_MSG_CHECKING([OpenSSL library version])
dfddba3d 1990AC_RUN_IFELSE(
1991 [AC_LANG_SOURCE([[
d03f4262 1992#include <stdio.h>
1993#include <string.h>
1994#include <openssl/opensslv.h>
1995#include <openssl/crypto.h>
1996#define DATA "conftest.ssllibver"
1997int main(void) {
540d72c3 1998 FILE *fd;
1999 int rc;
d03f4262 2000
540d72c3 2001 fd = fopen(DATA,"w");
2002 if(fd == NULL)
2003 exit(1);
d03f4262 2004
2005 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
2006 exit(1);
2007
2008 exit(0);
2009}
dfddba3d 2010 ]])],
d03f4262 2011 [
2012 ssl_library_ver=`cat conftest.ssllibver`
2013 AC_MSG_RESULT($ssl_library_ver)
2014 ],
2015 [
2016 AC_MSG_RESULT(not found)
2017 AC_MSG_ERROR(OpenSSL library not found.)
dfddba3d 2018 ],
2019 [
2020 AC_MSG_WARN([cross compiling: not checking])
d03f4262 2021 ]
2022)
3c0ef626 2023
e9702f7d 2024# Sanity check OpenSSL headers
2025AC_MSG_CHECKING([whether OpenSSL's headers match the library])
dfddba3d 2026AC_RUN_IFELSE(
2027 [AC_LANG_SOURCE([[
e9702f7d 2028#include <string.h>
2029#include <openssl/opensslv.h>
d03f4262 2030int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
dfddba3d 2031 ]])],
e9702f7d 2032 [
2033 AC_MSG_RESULT(yes)
2034 ],
2035 [
2036 AC_MSG_RESULT(no)
7cac2b65 2037 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
2038Check config.log for details.
2039Also see contrib/findssl.sh for help identifying header/library mismatches.])
dfddba3d 2040 ],
2041 [
2042 AC_MSG_WARN([cross compiling: not checking])
e9702f7d 2043 ]
2044)
2045
30460aeb 2046AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2047AC_LINK_IFELSE(
2048 [AC_LANG_SOURCE([[
2049#include <openssl/evp.h>
2050int main(void) { SSLeay_add_all_algorithms(); }
2051 ]])],
2052 [
2053 AC_MSG_RESULT(yes)
2054 ],
2055 [
2056 AC_MSG_RESULT(no)
2057 saved_LIBS="$LIBS"
2058 LIBS="$LIBS -ldl"
2059 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2060 AC_LINK_IFELSE(
2061 [AC_LANG_SOURCE([[
2062#include <openssl/evp.h>
2063int main(void) { SSLeay_add_all_algorithms(); }
2064 ]])],
2065 [
2066 AC_MSG_RESULT(yes)
2067 ],
2068 [
2069 AC_MSG_RESULT(no)
2070 LIBS="$saved_LIBS"
2071 ]
2072 )
2073 ]
2074)
2075
2076AC_ARG_WITH(ssl-engine,
2077 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2078 [ if test "x$withval" != "xno" ; then
2079 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2080 AC_TRY_COMPILE(
2081 [ #include <openssl/engine.h>],
2082 [
2083int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
2084 ],
2085 [ AC_MSG_RESULT(yes)
2086 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2087 [Enable OpenSSL engine support])
2088 ],
2089 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2090 )
2091 fi ]
2092)
2093
08822d99 2094# Check for OpenSSL without EVP_aes_{192,256}_cbc
2095AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
30460aeb 2096AC_LINK_IFELSE(
08822d99 2097 [AC_LANG_SOURCE([[
2098#include <string.h>
2099#include <openssl/evp.h>
4b6dae8f 2100int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
08822d99 2101 ]])],
2102 [
2103 AC_MSG_RESULT(no)
2104 ],
2105 [
2106 AC_MSG_RESULT(yes)
2107 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2108 [libcrypto is missing AES 192 and 256 bit functions])
2109 ]
2110)
2111
540d72c3 2112# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2113# because the system crypt() is more featureful.
2114if test "x$check_for_libcrypt_before" = "x1"; then
2115 AC_CHECK_LIB(crypt, crypt)
2116fi
2117
2118# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
2119# version in OpenSSL.
7cac2b65 2120if test "x$check_for_libcrypt_later" = "x1"; then
3c0ef626 2121 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
2122fi
2123
30460aeb 2124# Search for SHA256 support in libc and/or OpenSSL
2125AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2126
2ce0bfe4 2127AC_CHECK_LIB(iaf, ia_openinfo)
e9702f7d 2128
2129### Configure cryptographic random number support
2130
2131# Check wheter OpenSSL seeds itself
2132AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
dfddba3d 2133AC_RUN_IFELSE(
2134 [AC_LANG_SOURCE([[
e9702f7d 2135#include <string.h>
2136#include <openssl/rand.h>
d03f4262 2137int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
dfddba3d 2138 ]])],
e9702f7d 2139 [
2140 OPENSSL_SEEDS_ITSELF=yes
2141 AC_MSG_RESULT(yes)
2142 ],
2143 [
2144 AC_MSG_RESULT(no)
2145 # Default to use of the rand helper if OpenSSL doesn't
2146 # seed itself
2147 USE_RAND_HELPER=yes
dfddba3d 2148 ],
2149 [
2150 AC_MSG_WARN([cross compiling: assuming yes])
2151 # This is safe, since all recent OpenSSL versions will
8b32eddc 2152 # complain at runtime if not seeded correctly.
dfddba3d 2153 OPENSSL_SEEDS_ITSELF=yes
e9702f7d 2154 ]
2155)
2156
30460aeb 2157# Check for PAM libs
2158PAM_MSG="no"
2159AC_ARG_WITH(pam,
2160 [ --with-pam Enable PAM support ],
2161 [
2162 if test "x$withval" != "xno" ; then
2163 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2164 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2165 AC_MSG_ERROR([PAM headers not found])
2166 fi
2167
2168 saved_LIBS="$LIBS"
2169 AC_CHECK_LIB(dl, dlopen, , )
2170 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2171 AC_CHECK_FUNCS(pam_getenvlist)
2172 AC_CHECK_FUNCS(pam_putenv)
2173 LIBS="$saved_LIBS"
2174
2175 PAM_MSG="yes"
2176
2177 LIBPAM="-lpam"
2178 AC_DEFINE(USE_PAM, 1,
2179 [Define if you want to enable PAM support])
2180
2181 if test $ac_cv_lib_dl_dlopen = yes; then
2182 case "$LIBS" in
2183 *-ldl*)
2184 # libdl already in LIBS
2185 ;;
2186 *)
2187 LIBPAM="$LIBPAM -ldl"
2188 ;;
2189 esac
2190 fi
2191 AC_SUBST(LIBPAM)
2192 fi
2193 ]
2194)
2195
2196# Check for older PAM
2197if test "x$PAM_MSG" = "xyes" ; then
2198 # Check PAM strerror arguments (old PAM)
2199 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2200 AC_TRY_COMPILE(
2201 [
2202#include <stdlib.h>
2203#if defined(HAVE_SECURITY_PAM_APPL_H)
2204#include <security/pam_appl.h>
2205#elif defined (HAVE_PAM_PAM_APPL_H)
2206#include <pam/pam_appl.h>
2207#endif
2208 ],
2209 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2210 [AC_MSG_RESULT(no)],
2211 [
2212 AC_DEFINE(HAVE_OLD_PAM, 1,
2213 [Define if you have an old version of PAM
2214 which takes only one argument to pam_strerror])
2215 AC_MSG_RESULT(yes)
2216 PAM_MSG="yes (old library)"
2217 ]
2218 )
2219fi
e9702f7d 2220
2221# Do we want to force the use of the rand helper?
2222AC_ARG_WITH(rand-helper,
2223 [ --with-rand-helper Use subprocess to gather strong randomness ],
2224 [
2225 if test "x$withval" = "xno" ; then
540d72c3 2226 # Force use of OpenSSL's internal RNG, even if
e9702f7d 2227 # the previous test showed it to be unseeded.
2228 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2229 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2230 OPENSSL_SEEDS_ITSELF=yes
2231 USE_RAND_HELPER=""
2232 fi
2233 else
2234 USE_RAND_HELPER=yes
2235 fi
2236 ],
8b32eddc 2237)
e9702f7d 2238
2239# Which randomness source do we use?
8b32eddc 2240if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
e9702f7d 2241 # OpenSSL only
08822d99 2242 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2243 [Define if you want OpenSSL's internally seeded PRNG only])
e9702f7d 2244 RAND_MSG="OpenSSL internal ONLY"
2245 INSTALL_SSH_RAND_HELPER=""
2246elif test ! -z "$USE_RAND_HELPER" ; then
2247 # install rand helper
2248 RAND_MSG="ssh-rand-helper"
2249 INSTALL_SSH_RAND_HELPER="yes"
2250fi
2251AC_SUBST(INSTALL_SSH_RAND_HELPER)
2252
2253### Configuration of ssh-rand-helper
2254
2255# PRNGD TCP socket
2256AC_ARG_WITH(prngd-port,
2257 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2258 [
2259 case "$withval" in
2260 no)
2261 withval=""
2262 ;;
2263 [[0-9]]*)
2264 ;;
2265 *)
2266 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2267 ;;
2268 esac
2269 if test ! -z "$withval" ; then
2270 PRNGD_PORT="$withval"
08822d99 2271 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2272 [Port number of PRNGD/EGD random number socket])
e9702f7d 2273 fi
2274 ]
2275)
2276
2277# PRNGD Unix domain socket
2278AC_ARG_WITH(prngd-socket,
2279 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2280 [
2281 case "$withval" in
2282 yes)
2283 withval="/var/run/egd-pool"
2284 ;;
2285 no)
2286 withval=""
2287 ;;
2288 /*)
2289 ;;
2290 *)
2291 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2292 ;;
2293 esac
2294
2295 if test ! -z "$withval" ; then
2296 if test ! -z "$PRNGD_PORT" ; then
2297 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2298 fi
2299 if test ! -r "$withval" ; then
2300 AC_MSG_WARN(Entropy socket is not readable)
2301 fi
2302 PRNGD_SOCKET="$withval"
08822d99 2303 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2304 [Location of PRNGD/EGD random number socket])
e9702f7d 2305 fi
2306 ],
2307 [
2308 # Check for existing socket only if we don't have a random device already
2309 if test "$USE_RAND_HELPER" = yes ; then
2310 AC_MSG_CHECKING(for PRNGD/EGD socket)
2311 # Insert other locations here
2312 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2313 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2314 PRNGD_SOCKET="$sock"
2315 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2316 break;
2317 fi
2318 done
2319 if test ! -z "$PRNGD_SOCKET" ; then
2320 AC_MSG_RESULT($PRNGD_SOCKET)
2321 else
2322 AC_MSG_RESULT(not found)
2323 fi
2324 fi
2325 ]
2326)
2327
2328# Change default command timeout for hashing entropy source
2329entropy_timeout=200
2330AC_ARG_WITH(entropy-timeout,
2331 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2332 [
8b32eddc 2333 if test -n "$withval" && test "x$withval" != "xno" && \
2334 test "x${withval}" != "xyes"; then
e9702f7d 2335 entropy_timeout=$withval
2336 fi
8b32eddc 2337 ]
e9702f7d 2338)
08822d99 2339AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2340 [Builtin PRNG command timeout])
e9702f7d 2341
276b07a3 2342SSH_PRIVSEP_USER=sshd
350391c5 2343AC_ARG_WITH(privsep-user,
2344 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2345 [
8b32eddc 2346 if test -n "$withval" && test "x$withval" != "xno" && \
2347 test "x${withval}" != "xyes"; then
276b07a3 2348 SSH_PRIVSEP_USER=$withval
350391c5 2349 fi
8b32eddc 2350 ]
350391c5 2351)
08822d99 2352AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2353 [non-privileged user for privilege separation])
276b07a3 2354AC_SUBST(SSH_PRIVSEP_USER)
350391c5 2355
2356# We do this little dance with the search path to insure
2357# that programs that we select for use by installed programs
2358# (which may be run by the super-user) come from trusted
2359# locations before they come from the user's private area.
2360# This should help avoid accidentally configuring some
2361# random version of a program in someone's personal bin.
2362
2363OPATH=$PATH
2364PATH=/bin:/usr/bin
2365test -h /bin 2> /dev/null && PATH=/usr/bin
2366test -d /sbin && PATH=$PATH:/sbin
2367test -d /usr/sbin && PATH=$PATH:/usr/sbin
2368PATH=$PATH:/etc:$OPATH
2369
540d72c3 2370# These programs are used by the command hashing source to gather entropy
e9702f7d 2371OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2372OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2373OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2374OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2375OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2376OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2377OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2378OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2379OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2380OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2381OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2382OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2383OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2384OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2385OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2386OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
350391c5 2387# restore PATH
2388PATH=$OPATH
e9702f7d 2389
2390# Where does ssh-rand-helper get its randomness from?
2391INSTALL_SSH_PRNG_CMDS=""
2392if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2393 if test ! -z "$PRNGD_PORT" ; then
2394 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2395 elif test ! -z "$PRNGD_SOCKET" ; then
2396 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2397 else
2398 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2399 RAND_HELPER_CMDHASH=yes
2400 INSTALL_SSH_PRNG_CMDS="yes"
2401 fi
2402fi
2403AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2404
2405
3c0ef626 2406# Cheap hack to ensure NEWS-OS libraries are arranged right.
2407if test ! -z "$SONY" ; then
2408 LIBS="$LIBS -liberty";
2409fi
2410
08822d99 2411# Check for long long datatypes
2412AC_CHECK_TYPES([long long, unsigned long long, long double])
2413
2414# Check datatype sizes
3c0ef626 2415AC_CHECK_SIZEOF(char, 1)
2416AC_CHECK_SIZEOF(short int, 2)
2417AC_CHECK_SIZEOF(int, 4)
2418AC_CHECK_SIZEOF(long int, 4)
2419AC_CHECK_SIZEOF(long long int, 8)
2420
350391c5 2421# Sanity check long long for some platforms (AIX)
2422if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2423 ac_cv_sizeof_long_long_int=0
2424fi
2425
08822d99 2426# compute LLONG_MIN and LLONG_MAX if we don't know them.
2427if test -z "$have_llong_max"; then
2428 AC_MSG_CHECKING([for max value of long long])
2429 AC_RUN_IFELSE(
2430 [AC_LANG_SOURCE([[
2431#include <stdio.h>
2432/* Why is this so damn hard? */
2433#ifdef __GNUC__
2434# undef __GNUC__
2435#endif
2436#define __USE_ISOC99
2437#include <limits.h>
2438#define DATA "conftest.llminmax"
30460aeb 2439#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2440
2441/*
2442 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2443 * we do this the hard way.
2444 */
2445static int
2446fprint_ll(FILE *f, long long n)
2447{
2448 unsigned int i;
2449 int l[sizeof(long long) * 8];
2450
2451 if (n < 0)
2452 if (fprintf(f, "-") < 0)
2453 return -1;
2454 for (i = 0; n != 0; i++) {
2455 l[i] = my_abs(n % 10);
2456 n /= 10;
2457 }
2458 do {
2459 if (fprintf(f, "%d", l[--i]) < 0)
2460 return -1;
2461 } while (i != 0);
2462 if (fprintf(f, " ") < 0)
2463 return -1;
2464 return 0;
2465}
2466
08822d99 2467int main(void) {
2468 FILE *f;
2469 long long i, llmin, llmax = 0;
2470
2471 if((f = fopen(DATA,"w")) == NULL)
2472 exit(1);
2473
2474#if defined(LLONG_MIN) && defined(LLONG_MAX)
2475 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2476 llmin = LLONG_MIN;
2477 llmax = LLONG_MAX;
2478#else
2479 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2480 /* This will work on one's complement and two's complement */
2481 for (i = 1; i > llmax; i <<= 1, i++)
2482 llmax = i;
2483 llmin = llmax + 1LL; /* wrap */
2484#endif
2485
2486 /* Sanity check */
2487 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
30460aeb 2488 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2489 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
08822d99 2490 fprintf(f, "unknown unknown\n");
2491 exit(2);
2492 }
2493
30460aeb 2494 if (fprint_ll(f, llmin) < 0)
08822d99 2495 exit(3);
30460aeb 2496 if (fprint_ll(f, llmax) < 0)
2497 exit(4);
2498 if (fclose(f) < 0)
2499 exit(5);
08822d99 2500 exit(0);
2501}
2502 ]])],
2503 [
2504 llong_min=`$AWK '{print $1}' conftest.llminmax`
2505 llong_max=`$AWK '{print $2}' conftest.llminmax`
2506
08822d99 2507 AC_MSG_RESULT($llong_max)
2508 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2509 [max value of long long calculated by configure])
2510 AC_MSG_CHECKING([for min value of long long])
2511 AC_MSG_RESULT($llong_min)
2512 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2513 [min value of long long calculated by configure])
2514 ],
2515 [
2516 AC_MSG_RESULT(not found)
2517 ],
2518 [
2519 AC_MSG_WARN([cross compiling: not checking])
2520 ]
2521 )
2522fi
2523
2524
3c0ef626 2525# More checks for data types
2526AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2527 AC_TRY_COMPILE(
540d72c3 2528 [ #include <sys/types.h> ],
2529 [ u_int a; a = 1;],
3c0ef626 2530 [ ac_cv_have_u_int="yes" ],
2531 [ ac_cv_have_u_int="no" ]
2532 )
2533])
2534if test "x$ac_cv_have_u_int" = "xyes" ; then
08822d99 2535 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
3c0ef626 2536 have_u_int=1
2537fi
2538
2539AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2540 AC_TRY_COMPILE(
540d72c3 2541 [ #include <sys/types.h> ],
2542 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2543 [ ac_cv_have_intxx_t="yes" ],
2544 [ ac_cv_have_intxx_t="no" ]
2545 )
2546])
2547if test "x$ac_cv_have_intxx_t" = "xyes" ; then
08822d99 2548 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
3c0ef626 2549 have_intxx_t=1
2550fi
2551
2552if (test -z "$have_intxx_t" && \
540d72c3 2553 test "x$ac_cv_header_stdint_h" = "xyes")
3c0ef626 2554then
2555 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2556 AC_TRY_COMPILE(
540d72c3 2557 [ #include <stdint.h> ],
2558 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
3c0ef626 2559 [
2560 AC_DEFINE(HAVE_INTXX_T)
2561 AC_MSG_RESULT(yes)
2562 ],
2563 [ AC_MSG_RESULT(no) ]
2564 )
2565fi
2566
2567AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2568 AC_TRY_COMPILE(
d03f4262 2569 [
2570#include <sys/types.h>
2571#ifdef HAVE_STDINT_H
2572# include <stdint.h>
2573#endif
2574#include <sys/socket.h>
2575#ifdef HAVE_SYS_BITYPES_H
2576# include <sys/bitypes.h>
2577#endif
540d72c3 2578 ],
2579 [ int64_t a; a = 1;],
3c0ef626 2580 [ ac_cv_have_int64_t="yes" ],
2581 [ ac_cv_have_int64_t="no" ]
2582 )
2583])
2584if test "x$ac_cv_have_int64_t" = "xyes" ; then
08822d99 2585 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
e9702f7d 2586fi
2587
3c0ef626 2588AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2589 AC_TRY_COMPILE(
540d72c3 2590 [ #include <sys/types.h> ],
2591 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2592 [ ac_cv_have_u_intxx_t="yes" ],
2593 [ ac_cv_have_u_intxx_t="no" ]
2594 )
2595])
2596if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
08822d99 2597 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
3c0ef626 2598 have_u_intxx_t=1
2599fi
2600
2601if test -z "$have_u_intxx_t" ; then
2602 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2603 AC_TRY_COMPILE(
540d72c3 2604 [ #include <sys/socket.h> ],
2605 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
3c0ef626 2606 [
2607 AC_DEFINE(HAVE_U_INTXX_T)
2608 AC_MSG_RESULT(yes)
2609 ],
2610 [ AC_MSG_RESULT(no) ]
2611 )
2612fi
2613
2614AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2615 AC_TRY_COMPILE(
540d72c3 2616 [ #include <sys/types.h> ],
2617 [ u_int64_t a; a = 1;],
3c0ef626 2618 [ ac_cv_have_u_int64_t="yes" ],
2619 [ ac_cv_have_u_int64_t="no" ]
2620 )
2621])
2622if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
08822d99 2623 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
3c0ef626 2624 have_u_int64_t=1
2625fi
2626
e9702f7d 2627if test -z "$have_u_int64_t" ; then
2628 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2629 AC_TRY_COMPILE(
540d72c3 2630 [ #include <sys/bitypes.h> ],
e9702f7d 2631 [ u_int64_t a; a = 1],
2632 [
2633 AC_DEFINE(HAVE_U_INT64_T)
2634 AC_MSG_RESULT(yes)
2635 ],
2636 [ AC_MSG_RESULT(no) ]
2637 )
2638fi
2639
3c0ef626 2640if test -z "$have_u_intxx_t" ; then
2641 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2642 AC_TRY_COMPILE(
2643 [
2644#include <sys/types.h>
540d72c3 2645 ],
2646 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
3c0ef626 2647 [ ac_cv_have_uintxx_t="yes" ],
2648 [ ac_cv_have_uintxx_t="no" ]
2649 )
2650 ])
2651 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
08822d99 2652 AC_DEFINE(HAVE_UINTXX_T, 1,
2653 [define if you have uintxx_t data type])
3c0ef626 2654 fi
2655fi
2656
2657if test -z "$have_uintxx_t" ; then
2658 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2659 AC_TRY_COMPILE(
540d72c3 2660 [ #include <stdint.h> ],
2661 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
3c0ef626 2662 [
2663 AC_DEFINE(HAVE_UINTXX_T)
2664 AC_MSG_RESULT(yes)
2665 ],
2666 [ AC_MSG_RESULT(no) ]
2667 )
2668fi
2669
2670if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
540d72c3 2671 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
3c0ef626 2672then
2673 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2674 AC_TRY_COMPILE(
2675 [
2676#include <sys/bitypes.h>
540d72c3 2677 ],
3c0ef626 2678 [
2679 int8_t a; int16_t b; int32_t c;
2680 u_int8_t e; u_int16_t f; u_int32_t g;
2681 a = b = c = e = f = g = 1;
540d72c3 2682 ],
3c0ef626 2683 [
2684 AC_DEFINE(HAVE_U_INTXX_T)
2685 AC_DEFINE(HAVE_INTXX_T)
2686 AC_MSG_RESULT(yes)
2687 ],
2688 [AC_MSG_RESULT(no)]
540d72c3 2689 )
3c0ef626 2690fi
2691
2692
2693AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2694 AC_TRY_COMPILE(
2695 [
2696#include <sys/types.h>
2697 ],
2698 [ u_char foo; foo = 125; ],
2699 [ ac_cv_have_u_char="yes" ],
2700 [ ac_cv_have_u_char="no" ]
2701 )
2702])
2703if test "x$ac_cv_have_u_char" = "xyes" ; then
08822d99 2704 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
3c0ef626 2705fi
2706
2707TYPE_SOCKLEN_T
2708
e9702f7d 2709AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
2710
dfddba3d 2711AC_CHECK_TYPES(in_addr_t,,,
2712[#include <sys/types.h>
2713#include <netinet/in.h>])
2714
3c0ef626 2715AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2716 AC_TRY_COMPILE(
2717 [
2718#include <sys/types.h>
2719 ],
2720 [ size_t foo; foo = 1235; ],
2721 [ ac_cv_have_size_t="yes" ],
2722 [ ac_cv_have_size_t="no" ]
2723 )
2724])
2725if test "x$ac_cv_have_size_t" = "xyes" ; then
08822d99 2726 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
3c0ef626 2727fi
2728
2729AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2730 AC_TRY_COMPILE(
2731 [
2732#include <sys/types.h>
2733 ],
2734 [ ssize_t foo; foo = 1235; ],
2735 [ ac_cv_have_ssize_t="yes" ],
2736 [ ac_cv_have_ssize_t="no" ]
2737 )
2738])
2739if test "x$ac_cv_have_ssize_t" = "xyes" ; then
08822d99 2740 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
3c0ef626 2741fi
2742
2743AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2744 AC_TRY_COMPILE(
2745 [
2746#include <time.h>
2747 ],
2748 [ clock_t foo; foo = 1235; ],
2749 [ ac_cv_have_clock_t="yes" ],
2750 [ ac_cv_have_clock_t="no" ]
2751 )
2752])
2753if test "x$ac_cv_have_clock_t" = "xyes" ; then
08822d99 2754 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
3c0ef626 2755fi
2756
2757AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2758 AC_TRY_COMPILE(
2759 [
2760#include <sys/types.h>
2761#include <sys/socket.h>
2762 ],
2763 [ sa_family_t foo; foo = 1235; ],
2764 [ ac_cv_have_sa_family_t="yes" ],
2765 [ AC_TRY_COMPILE(
2766 [
2767#include <sys/types.h>
2768#include <sys/socket.h>
2769#include <netinet/in.h>
2770 ],
2771 [ sa_family_t foo; foo = 1235; ],
2772 [ ac_cv_have_sa_family_t="yes" ],
2773
2774 [ ac_cv_have_sa_family_t="no" ]
2775 )]
2776 )
2777])
2778if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
08822d99 2779 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2780 [define if you have sa_family_t data type])
3c0ef626 2781fi
2782
2783AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2784 AC_TRY_COMPILE(
2785 [
2786#include <sys/types.h>
2787 ],
2788 [ pid_t foo; foo = 1235; ],
2789 [ ac_cv_have_pid_t="yes" ],
2790 [ ac_cv_have_pid_t="no" ]
2791 )
2792])
2793if test "x$ac_cv_have_pid_t" = "xyes" ; then
08822d99 2794 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
3c0ef626 2795fi
2796
2797AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2798 AC_TRY_COMPILE(
2799 [
2800#include <sys/types.h>
2801 ],
2802 [ mode_t foo; foo = 1235; ],
2803 [ ac_cv_have_mode_t="yes" ],
2804 [ ac_cv_have_mode_t="no" ]
2805 )
2806])
2807if test "x$ac_cv_have_mode_t" = "xyes" ; then
08822d99 2808 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
3c0ef626 2809fi
2810
2811
2812AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2813 AC_TRY_COMPILE(
2814 [
2815#include <sys/types.h>
2816#include <sys/socket.h>
2817 ],
2818 [ struct sockaddr_storage s; ],
2819 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2820 [ ac_cv_have_struct_sockaddr_storage="no" ]
2821 )
2822])
2823if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
08822d99 2824 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2825 [define if you have struct sockaddr_storage data type])
3c0ef626 2826fi
2827
2828AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2829 AC_TRY_COMPILE(
2830 [
2831#include <sys/types.h>
2832#include <netinet/in.h>
2833 ],
2834 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2835 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2836 [ ac_cv_have_struct_sockaddr_in6="no" ]
2837 )
2838])
2839if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
08822d99 2840 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2841 [define if you have struct sockaddr_in6 data type])
3c0ef626 2842fi
2843
2844AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2845 AC_TRY_COMPILE(
2846 [
2847#include <sys/types.h>
2848#include <netinet/in.h>
2849 ],
2850 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2851 [ ac_cv_have_struct_in6_addr="yes" ],
2852 [ ac_cv_have_struct_in6_addr="no" ]
2853 )
2854])
2855if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
08822d99 2856 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2857 [define if you have struct in6_addr data type])
3c0ef626 2858fi
2859
2860AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2861 AC_TRY_COMPILE(
2862 [
2863#include <sys/types.h>
2864#include <sys/socket.h>
2865#include <netdb.h>
2866 ],
2867 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2868 [ ac_cv_have_struct_addrinfo="yes" ],
2869 [ ac_cv_have_struct_addrinfo="no" ]
2870 )
2871])
2872if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
08822d99 2873 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2874 [define if you have struct addrinfo data type])
3c0ef626 2875fi
2876
2877AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2878 AC_TRY_COMPILE(
540d72c3 2879 [ #include <sys/time.h> ],
2880 [ struct timeval tv; tv.tv_sec = 1;],
3c0ef626 2881 [ ac_cv_have_struct_timeval="yes" ],
2882 [ ac_cv_have_struct_timeval="no" ]
2883 )
2884])
2885if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
08822d99 2886 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
3c0ef626 2887 have_struct_timeval=1
2888fi
2889
bfe49944 2890AC_CHECK_TYPES(struct timespec)
2891
2892# We need int64_t or else certian parts of the compile will fail.
8b32eddc 2893if test "x$ac_cv_have_int64_t" = "xno" && \
2894 test "x$ac_cv_sizeof_long_int" != "x8" && \
2895 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
bfe49944 2896 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2897 echo "an alternative compiler (I.E., GCC) before continuing."
2898 echo ""
2899 exit 1;
3c0ef626 2900else
2901dnl test snprintf (broken on SCO w/gcc)
dfddba3d 2902 AC_RUN_IFELSE(
2903 [AC_LANG_SOURCE([[
3c0ef626 2904#include <stdio.h>
2905#include <string.h>
2906#ifdef HAVE_SNPRINTF
2907main()
2908{
2909 char buf[50];
2910 char expected_out[50];
2911 int mazsize = 50 ;
2912#if (SIZEOF_LONG_INT == 8)
2913 long int num = 0x7fffffffffffffff;
2914#else
2915 long long num = 0x7fffffffffffffffll;
2916#endif
2917 strcpy(expected_out, "9223372036854775807");
2918 snprintf(buf, mazsize, "%lld", num);
2919 if(strcmp(buf, expected_out) != 0)
540d72c3 2920 exit(1);
3c0ef626 2921 exit(0);
2922}
2923#else
2924main() { exit(0); }
2925#endif
dfddba3d 2926 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
2927 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
3c0ef626 2928 )
2929fi
3c0ef626 2930
2931dnl Checks for structure members
2932OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2933OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2934OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2935OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2936OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
2937OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
2938OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2939OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
2940OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
2941OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2942OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2943OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2944OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
2945OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2946OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2947OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2948OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
2949
2950AC_CHECK_MEMBERS([struct stat.st_blksize])
08822d99 2951AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2952 [Define if we don't have struct __res_state in resolv.h])],
2953[
2954#include <stdio.h>
2955#if HAVE_SYS_TYPES_H
2956# include <sys/types.h>
2957#endif
2958#include <netinet/in.h>
2959#include <arpa/nameser.h>
2960#include <resolv.h>
2961])
3c0ef626 2962
2963AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2964 ac_cv_have_ss_family_in_struct_ss, [
2965 AC_TRY_COMPILE(
2966 [
2967#include <sys/types.h>
2968#include <sys/socket.h>
2969 ],
2970 [ struct sockaddr_storage s; s.ss_family = 1; ],
2971 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2972 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2973 )
2974])
2975if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
08822d99 2976 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
3c0ef626 2977fi
2978
2979AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2980 ac_cv_have___ss_family_in_struct_ss, [
2981 AC_TRY_COMPILE(
2982 [
2983#include <sys/types.h>
2984#include <sys/socket.h>
2985 ],
2986 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2987 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2988 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2989 )
2990])
2991if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
08822d99 2992 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2993 [Fields in struct sockaddr_storage])
3c0ef626 2994fi
2995
2996AC_CACHE_CHECK([for pw_class field in struct passwd],
2997 ac_cv_have_pw_class_in_struct_passwd, [
2998 AC_TRY_COMPILE(
2999 [
3000#include <pwd.h>
3001 ],
3002 [ struct passwd p; p.pw_class = 0; ],
3003 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3004 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3005 )
3006])
3007if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
08822d99 3008 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3009 [Define if your password has a pw_class field])
3c0ef626 3010fi
3011
3012AC_CACHE_CHECK([for pw_expire field in struct passwd],
3013 ac_cv_have_pw_expire_in_struct_passwd, [
3014 AC_TRY_COMPILE(
3015 [
3016#include <pwd.h>
3017 ],
3018 [ struct passwd p; p.pw_expire = 0; ],
3019 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3020 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3021 )
3022])
3023if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
08822d99 3024 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3025 [Define if your password has a pw_expire field])
3c0ef626 3026fi
3027
3028AC_CACHE_CHECK([for pw_change field in struct passwd],
3029 ac_cv_have_pw_change_in_struct_passwd, [
3030 AC_TRY_COMPILE(
3031 [
3032#include <pwd.h>
3033 ],
3034 [ struct passwd p; p.pw_change = 0; ],
3035 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3036 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3037 )
3038])
3039if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
08822d99 3040 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3041 [Define if your password has a pw_change field])
3c0ef626 3042fi
3043
541874c2 3044dnl make sure we're using the real structure members and not defines
350391c5 3045AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3046 ac_cv_have_accrights_in_msghdr, [
dfddba3d 3047 AC_COMPILE_IFELSE(
350391c5 3048 [
3049#include <sys/types.h>
3050#include <sys/socket.h>
3051#include <sys/uio.h>
541874c2 3052int main() {
3053#ifdef msg_accrights
dfddba3d 3054#error "msg_accrights is a macro"
541874c2 3055exit(1);
3056#endif
3057struct msghdr m;
3058m.msg_accrights = 0;
3059exit(0);
3060}
350391c5 3061 ],
350391c5 3062 [ ac_cv_have_accrights_in_msghdr="yes" ],
3063 [ ac_cv_have_accrights_in_msghdr="no" ]
3064 )
3065])
3066if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
08822d99 3067 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3068 [Define if your system uses access rights style
3069 file descriptor passing])
350391c5 3070fi
3071
3072AC_CACHE_CHECK([for msg_control field in struct msghdr],
3073 ac_cv_have_control_in_msghdr, [
dfddba3d 3074 AC_COMPILE_IFELSE(
350391c5 3075 [
3076#include <sys/types.h>
3077#include <sys/socket.h>
3078#include <sys/uio.h>
541874c2 3079int main() {
3080#ifdef msg_control
dfddba3d 3081#error "msg_control is a macro"
541874c2 3082exit(1);
3083#endif
3084struct msghdr m;
3085m.msg_control = 0;
3086exit(0);
3087}
350391c5 3088 ],
350391c5 3089 [ ac_cv_have_control_in_msghdr="yes" ],
3090 [ ac_cv_have_control_in_msghdr="no" ]
3091 )
3092])
3093if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
08822d99 3094 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3095 [Define if your system uses ancillary data style
3096 file descriptor passing])
350391c5 3097fi
3098
3c0ef626 3099AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
540d72c3 3100 AC_TRY_LINK([],
3101 [ extern char *__progname; printf("%s", __progname); ],
3c0ef626 3102 [ ac_cv_libc_defines___progname="yes" ],
3103 [ ac_cv_libc_defines___progname="no" ]
3104 )
3105])
3106if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
08822d99 3107 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
3c0ef626 3108fi
3109
350391c5 3110AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3111 AC_TRY_LINK([
3112#include <stdio.h>
540d72c3 3113],
3114 [ printf("%s", __FUNCTION__); ],
350391c5 3115 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3116 [ ac_cv_cc_implements___FUNCTION__="no" ]
3117 )
3118])
3119if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
08822d99 3120 AC_DEFINE(HAVE___FUNCTION__, 1,
3121 [Define if compiler implements __FUNCTION__])
350391c5 3122fi
3123
3124AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3125 AC_TRY_LINK([
3126#include <stdio.h>
540d72c3 3127],
3128 [ printf("%s", __func__); ],
350391c5 3129 [ ac_cv_cc_implements___func__="yes" ],
3130 [ ac_cv_cc_implements___func__="no" ]
3131 )
3132])
3133if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
08822d99 3134 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
3135fi
3136
3137AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3138 AC_TRY_LINK(
3139 [#include <stdarg.h>
3140 va_list x,y;],
3141 [va_copy(x,y);],
3142 [ ac_cv_have_va_copy="yes" ],
3143 [ ac_cv_have_va_copy="no" ]
3144 )
3145])
3146if test "x$ac_cv_have_va_copy" = "xyes" ; then
3147 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3148fi
3149
3150AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3151 AC_TRY_LINK(
3152 [#include <stdarg.h>
3153 va_list x,y;],
3154 [__va_copy(x,y);],
3155 [ ac_cv_have___va_copy="yes" ],
3156 [ ac_cv_have___va_copy="no" ]
3157 )
3158])
3159if test "x$ac_cv_have___va_copy" = "xyes" ; then
3160 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
350391c5 3161fi
3162
3c0ef626 3163AC_CACHE_CHECK([whether getopt has optreset support],
3164 ac_cv_have_getopt_optreset, [
3165 AC_TRY_LINK(
3166 [
3167#include <getopt.h>
3168 ],
3169 [ extern int optreset; optreset = 0; ],
3170 [ ac_cv_have_getopt_optreset="yes" ],
3171 [ ac_cv_have_getopt_optreset="no" ]
3172 )
3173])
3174if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
08822d99 3175 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3176 [Define if your getopt(3) defines and uses optreset])
3c0ef626 3177fi
3178
3179AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
540d72c3 3180 AC_TRY_LINK([],
3181 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
3c0ef626 3182 [ ac_cv_libc_defines_sys_errlist="yes" ],
3183 [ ac_cv_libc_defines_sys_errlist="no" ]
3184 )
3185])
3186if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
08822d99 3187 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3188 [Define if your system defines sys_errlist[]])
3c0ef626 3189fi
3190
3191
3192AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
540d72c3 3193 AC_TRY_LINK([],
3194 [ extern int sys_nerr; printf("%i", sys_nerr);],
3c0ef626 3195 [ ac_cv_libc_defines_sys_nerr="yes" ],
3196 [ ac_cv_libc_defines_sys_nerr="no" ]
3197 )
3198])
3199if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
08822d99 3200 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
3c0ef626 3201fi
3202
540d72c3 3203SCARD_MSG="no"
350391c5 3204# Check whether user wants sectok support
3205AC_ARG_WITH(sectok,
3206 [ --with-sectok Enable smartcard support using libsectok],
3c0ef626 3207 [
3208 if test "x$withval" != "xno" ; then
3209 if test "x$withval" != "xyes" ; then
3210 CPPFLAGS="$CPPFLAGS -I${withval}"
3211 LDFLAGS="$LDFLAGS -L${withval}"
3212 if test ! -z "$need_dash_r" ; then
3213 LDFLAGS="$LDFLAGS -R${withval}"
3214 fi
3215 if test ! -z "$blibpath" ; then
3216 blibpath="$blibpath:${withval}"
3217 fi
3218 fi
3219 AC_CHECK_HEADERS(sectok.h)
3220 if test "$ac_cv_header_sectok_h" != yes; then
3221 AC_MSG_ERROR(Can't find sectok.h)
3222 fi
3223 AC_CHECK_LIB(sectok, sectok_open)
3224 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3225 AC_MSG_ERROR(Can't find libsectok)
3226 fi
08822d99 3227 AC_DEFINE(SMARTCARD, 1,
3228 [Define if you want smartcard support])
3229 AC_DEFINE(USE_SECTOK, 1,
3230 [Define if you want smartcard support
3231 using sectok])
540d72c3 3232 SCARD_MSG="yes, using sectok"
3c0ef626 3233 fi
3234 ]
3235)
3236
350391c5 3237# Check whether user wants OpenSC support
8b32eddc 3238OPENSC_CONFIG="no"
350391c5 3239AC_ARG_WITH(opensc,
08822d99 3240 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
8b32eddc 3241 [
3242 if test "x$withval" != "xno" ; then
3243 if test "x$withval" != "xyes" ; then
3244 OPENSC_CONFIG=$withval/bin/opensc-config
3245 else
3246 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3247 fi
3248 if test "$OPENSC_CONFIG" != "no"; then
3249 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3250 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3251 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
30460aeb 3252 LIBS="$LIBS $LIBOPENSC_LIBS"
8b32eddc 3253 AC_DEFINE(SMARTCARD)
08822d99 3254 AC_DEFINE(USE_OPENSC, 1,
3255 [Define if you want smartcard support
3256 using OpenSC])
8b32eddc 3257 SCARD_MSG="yes, using OpenSC"
3258 fi
3259 fi
3260 ]
3261)
350391c5 3262
540d72c3 3263# Check libraries needed by DNS fingerprint support
3264AC_SEARCH_LIBS(getrrsetbyname, resolv,
08822d99 3265 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3266 [Define if getrrsetbyname() exists])],
7cac2b65 3267 [
540d72c3 3268 # Needed by our getrrsetbyname()
3269 AC_SEARCH_LIBS(res_query, resolv)
3270 AC_SEARCH_LIBS(dn_expand, resolv)
7e82606e 3271 AC_MSG_CHECKING(if res_query will link)
3272 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3273 [AC_MSG_RESULT(no)
3274 saved_LIBS="$LIBS"
3275 LIBS="$LIBS -lresolv"
3276 AC_MSG_CHECKING(for res_query in -lresolv)
3277 AC_LINK_IFELSE([
3278#include <resolv.h>
3279int main()
3280{
3281 res_query (0, 0, 0, 0, 0);
3282 return 0;
3283}
3284 ],
3285 [LIBS="$LIBS -lresolv"
3286 AC_MSG_RESULT(yes)],
3287 [LIBS="$saved_LIBS"
3288 AC_MSG_RESULT(no)])
3289 ])
540d72c3 3290 AC_CHECK_FUNCS(_getshort _getlong)
2ce0bfe4 3291 AC_CHECK_DECLS([_getshort, _getlong], , ,
3292 [#include <sys/types.h>
3293 #include <arpa/nameser.h>])
540d72c3 3294 AC_CHECK_MEMBER(HEADER.ad,
08822d99 3295 [AC_DEFINE(HAVE_HEADER_AD, 1,
3296 [Define if HEADER.ad exists in arpa/nameser.h])],,
540d72c3 3297 [#include <arpa/nameser.h>])
3298 ])
7cac2b65 3299
30460aeb 3300# Check whether user wants SELinux support
3301SELINUX_MSG="no"
3302LIBSELINUX=""
3303AC_ARG_WITH(selinux,
3304 [ --with-selinux Enable SELinux support],
3305 [ if test "x$withval" != "xno" ; then
3306 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3307 SELINUX_MSG="yes"
3308 AC_CHECK_HEADER([selinux/selinux.h], ,
3309 AC_MSG_ERROR(SELinux support requires selinux.h header))
3310 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3311 AC_MSG_ERROR(SELinux support requires libselinux library))
3312 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3313 fi ]
3314)
3315AC_SUBST(LIBSELINUX)
3316
63119dd9 3317# Check whether user wants Kerberos 5 support
540d72c3 3318KRB5_MSG="no"
63119dd9 3319AC_ARG_WITH(kerberos5,
540d72c3 3320 [ --with-kerberos5=PATH Enable Kerberos 5 support],
3321 [ if test "x$withval" != "xno" ; then
3322 if test "x$withval" = "xyes" ; then
3323 KRB5ROOT="/usr/local"
3324 else
3325 KRB5ROOT=${withval}
3326 fi
3327
08822d99 3328 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
540d72c3 3329 KRB5_MSG="yes"
3330
3331 AC_MSG_CHECKING(for krb5-config)
3332 if test -x $KRB5ROOT/bin/krb5-config ; then
3333 KRB5CONF=$KRB5ROOT/bin/krb5-config
3334 AC_MSG_RESULT($KRB5CONF)
3335
3336 AC_MSG_CHECKING(for gssapi support)
3337 if $KRB5CONF | grep gssapi >/dev/null ; then
3338 AC_MSG_RESULT(yes)
08822d99 3339 AC_DEFINE(GSSAPI, 1,
3340 [Define this if you want GSSAPI
3341 support in the version 2 protocol])
540d72c3 3342 k5confopts=gssapi
3343 else
3344 AC_MSG_RESULT(no)
3345 k5confopts=""
3346 fi
3347 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3348 K5LIBS="`$KRB5CONF --libs $k5confopts`"
3349 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
3350 AC_MSG_CHECKING(whether we are using Heimdal)
3351 AC_TRY_COMPILE([ #include <krb5.h> ],
3352 [ char *tmp = heimdal_version; ],
3353 [ AC_MSG_RESULT(yes)
08822d99 3354 AC_DEFINE(HEIMDAL, 1,
3355 [Define this if you are using the
3356 Heimdal version of Kerberos V5]) ],
540d72c3 3357 AC_MSG_RESULT(no)
3358 )
3359 else
3360 AC_MSG_RESULT(no)
63119dd9 3361 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
540d72c3 3362 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
3363 AC_MSG_CHECKING(whether we are using Heimdal)
3364 AC_TRY_COMPILE([ #include <krb5.h> ],
3365 [ char *tmp = heimdal_version; ],
3366 [ AC_MSG_RESULT(yes)
3367 AC_DEFINE(HEIMDAL)
7e82606e 3368 K5LIBS="-lkrb5 -ldes"
3369 K5LIBS="$K5LIBS -lcom_err -lasn1"
8b32eddc 3370 AC_CHECK_LIB(roken, net_write,
7e82606e 3371 [K5LIBS="$K5LIBS -lroken"])
540d72c3 3372 ],
3373 [ AC_MSG_RESULT(no)
3374 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3375 ]
3376 )
7cac2b65 3377 AC_SEARCH_LIBS(dn_expand, resolv)
3378
3379 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3380 [ AC_DEFINE(GSSAPI)
3381 K5LIBS="-lgssapi $K5LIBS" ],
3382 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3383 [ AC_DEFINE(GSSAPI)
540d72c3 3384 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
7cac2b65 3385 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3386 $K5LIBS)
3387 ],
3388 $K5LIBS)
8b32eddc 3389
7cac2b65 3390 AC_CHECK_HEADER(gssapi.h, ,
3391 [ unset ac_cv_header_gssapi_h
540d72c3 3392 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
7cac2b65 3393 AC_CHECK_HEADERS(gssapi.h, ,
3394 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
540d72c3 3395 )
7cac2b65 3396 ]
3397 )
3398
3399 oldCPP="$CPPFLAGS"
3400 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3401 AC_CHECK_HEADER(gssapi_krb5.h, ,
3402 [ CPPFLAGS="$oldCPP" ])
63119dd9 3403
1c89237d 3404 # If we're using some other GSSAPI
3405 if test "$GSSAPI" -a "$GSSAPI" != "mechglue"; then
3406 AC_MSG_ERROR([$GSSAPI GSSAPI library conflicts with Kerberos support. Use mechglue instead.])
3407 fi
5598e598 3408
540d72c3 3409 if test -z "$GSSAPI"; then
3410 GSSAPI="KRB5";
3411 fi
1c89237d 3412
5598e598 3413 oldCPP="$CPPFLAGS"
3414 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3415 AC_CHECK_HEADER(gssapi_krb5.h, ,
3416 [ CPPFLAGS="$oldCPP" ])
3417
63119dd9 3418 fi
540d72c3 3419 if test ! -z "$need_dash_r" ; then
3420 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3421 fi
3422 if test ! -z "$blibpath" ; then
3423 blibpath="$blibpath:${KRB5ROOT}/lib"
3424 fi
540d72c3 3425
08822d99 3426 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3427 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3428 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
540d72c3 3429
08822d99 3430 LIBS="$LIBS $K5LIBS"
3431 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3432 [Define this if you want to use libkafs' AFS support]))
3433 fi
540d72c3 3434 ]
63119dd9 3435)
3c0ef626 3436
62eb343a 3437# Check whether user wants AFS_KRB5 support
3438AFS_KRB5_MSG="no"
3439AC_ARG_WITH(afs-krb5,
3440 [ --with-afs-krb5[[=AKLOG_PATH]] Enable aklog to get token (default=/usr/bin/aklog).],
3441 [
3442 if test "x$withval" != "xno" ; then
3443
3444 if test "x$withval" != "xyes" ; then
08822d99 3445 AC_DEFINE_UNQUOTED(AKLOG_PATH, "$withval",
3446 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3447 else
08822d99 3448 AC_DEFINE_UNQUOTED(AKLOG_PATH,
3449 "/usr/bin/aklog",
3450 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3451 fi
3452
540d72c3 3453 if test -z "$KRB5ROOT" ; then
62eb343a 3454 AC_MSG_WARN([AFS_KRB5 requires Kerberos 5 support, build may fail])
3455 fi
3456
0a00e8f9 3457 LIBS="-lkrbafs -lkrb4 $LIBS"
62eb343a 3458 if test ! -z "$AFS_LIBS" ; then
3459 LIBS="$LIBS $AFS_LIBS"
3460 fi
08822d99 3461 AC_DEFINE(AFS_KRB5, 1,
3462 [Define this if you want to use AFS/Kerberos 5 option, which runs aklog.])
62eb343a 3463 AFS_KRB5_MSG="yes"
3464 fi
3465 ]
3466)
3c0ef626 3467
75be3237 3468AC_ARG_WITH(session-hooks,
3469 [ --with-session-hooks Enable hooks for executing external commands before/after a session],
08822d99 3470 [ AC_DEFINE(SESSION_HOOKS, 1, [Define this if you want support for startup/shutdown hooks]) ]
75be3237 3471)
3472
3c0ef626 3473# Looking for programs, paths and files
3c0ef626 3474
350391c5 3475PRIVSEP_PATH=/var/empty
3476AC_ARG_WITH(privsep-path,
d03f4262 3477 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
350391c5 3478 [
8b32eddc 3479 if test -n "$withval" && test "x$withval" != "xno" && \
3480 test "x${withval}" != "xyes"; then
350391c5 3481 PRIVSEP_PATH=$withval
3482 fi
3483 ]
3484)
3485AC_SUBST(PRIVSEP_PATH)
3486
3c0ef626 3487AC_ARG_WITH(xauth,
3488 [ --with-xauth=PATH Specify path to xauth program ],
3489 [
8b32eddc 3490 if test -n "$withval" && test "x$withval" != "xno" && \
3491 test "x${withval}" != "xyes"; then
3c0ef626 3492 xauth_path=$withval
3493 fi
3494 ],
3495 [
d03f4262 3496 TestPath="$PATH"
3497 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3498 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3499 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3500 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3501 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
3c0ef626 3502 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
3503 xauth_path="/usr/openwin/bin/xauth"
3504 fi
3505 ]
3506)
3507
bfe49944 3508STRIP_OPT=-s
3509AC_ARG_ENABLE(strip,
3510 [ --disable-strip Disable calling strip(1) on install],
3511 [
3512 if test "x$enableval" = "xno" ; then
3513 STRIP_OPT=
3514 fi
3515 ]
3516)
3517AC_SUBST(STRIP_OPT)
3518
3c0ef626 3519if test -z "$xauth_path" ; then
3520 XAUTH_PATH="undefined"
3521 AC_SUBST(XAUTH_PATH)
3522else
08822d99 3523 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3524 [Define if xauth is found in your path])
3c0ef626 3525 XAUTH_PATH=$xauth_path
3526 AC_SUBST(XAUTH_PATH)
3527fi
3c0ef626 3528
3529# Check for mail directory (last resort if we cannot get it from headers)
3530if test ! -z "$MAIL" ; then
3531 maildir=`dirname $MAIL`
08822d99 3532 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3533 [Set this to your mail directory if you don't have maillock.h])
3c0ef626 3534fi
3535
dfddba3d 3536if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
3537 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3538 disable_ptmx_check=yes
3539fi
3c0ef626 3540if test -z "$no_dev_ptmx" ; then
350391c5 3541 if test "x$disable_ptmx_check" != "xyes" ; then
540d72c3 3542 AC_CHECK_FILE("/dev/ptmx",
350391c5 3543 [
08822d99 3544 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3545 [Define if you have /dev/ptmx])
350391c5 3546 have_dev_ptmx=1
3547 ]
3548 )
3549 fi
3c0ef626 3550fi
dfddba3d 3551
3552if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
3553 AC_CHECK_FILE("/dev/ptc",
3554 [
08822d99 3555 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3556 [Define if you have /dev/ptc])
dfddba3d 3557 have_dev_ptc=1
3558 ]
3559 )
3560else
3561 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3562fi
3c0ef626 3563
3564# Options from here on. Some of these are preset by platform above
3c0ef626 3565AC_ARG_WITH(mantype,
3566 [ --with-mantype=man|cat|doc Set man page type],
3567 [
3568 case "$withval" in
3569 man|cat|doc)
3570 MANTYPE=$withval
3571 ;;
3572 *)
3573 AC_MSG_ERROR(invalid man type: $withval)
3574 ;;
3575 esac
3576 ]
3577)
3578if test -z "$MANTYPE"; then
d03f4262 3579 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3580 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
3c0ef626 3581 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3582 MANTYPE=doc
3583 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3584 MANTYPE=man
3585 else
3586 MANTYPE=cat
3587 fi
3588fi
3589AC_SUBST(MANTYPE)
3590if test "$MANTYPE" = "doc"; then
3591 mansubdir=man;
3592else
3593 mansubdir=$MANTYPE;
3594fi
3595AC_SUBST(mansubdir)
3596
3597# Check whether to enable MD5 passwords
540d72c3 3598MD5_MSG="no"
3c0ef626 3599AC_ARG_WITH(md5-passwords,
3600 [ --with-md5-passwords Enable use of MD5 passwords],
3601 [
3602 if test "x$withval" != "xno" ; then
08822d99 3603 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3604 [Define if you want to allow MD5 passwords])
540d72c3 3605 MD5_MSG="yes"
3c0ef626 3606 fi
3607 ]
3608)
3609
3610# Whether to disable shadow password support
3611AC_ARG_WITH(shadow,
3612 [ --without-shadow Disable shadow password support],
3613 [
8b32eddc 3614 if test "x$withval" = "xno" ; then
3c0ef626 3615 AC_DEFINE(DISABLE_SHADOW)
3616 disable_shadow=yes
3617 fi
3618 ]
3619)
3620
3621if test -z "$disable_shadow" ; then
3622 AC_MSG_CHECKING([if the systems has expire shadow information])
3623 AC_TRY_COMPILE(
3624 [
3625#include <sys/types.h>
3626#include <shadow.h>
3627 struct spwd sp;
3628 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3629 [ sp_expire_available=yes ], []
3630 )
3631
3632 if test "x$sp_expire_available" = "xyes" ; then
3633 AC_MSG_RESULT(yes)
08822d99 3634 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3635 [Define if you want to use shadow password expire field])
3c0ef626 3636 else
3637 AC_MSG_RESULT(no)
3638 fi
3639fi
3640
3641# Use ip address instead of hostname in $DISPLAY
3642if test ! -z "$IPADDR_IN_DISPLAY" ; then
3643 DISPLAY_HACK_MSG="yes"
08822d99 3644 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3645 [Define if you need to use IP address
3646 instead of hostname in $DISPLAY])
3c0ef626 3647else
540d72c3 3648 DISPLAY_HACK_MSG="no"
3c0ef626 3649 AC_ARG_WITH(ipaddr-display,
3650 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3651 [
8b32eddc 3652 if test "x$withval" != "xno" ; then
3c0ef626 3653 AC_DEFINE(IPADDR_IN_DISPLAY)
540d72c3 3654 DISPLAY_HACK_MSG="yes"
3c0ef626 3655 fi
3656 ]
3657 )
3658fi
3659
7cac2b65 3660# check for /etc/default/login and use it if present.
29d88157 3661AC_ARG_ENABLE(etc-default-login,
dfddba3d 3662 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
3663 [ if test "x$enableval" = "xno"; then
3664 AC_MSG_NOTICE([/etc/default/login handling disabled])
3665 etc_default_login=no
3666 else
3667 etc_default_login=yes
3668 fi ],
08822d99 3669 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3670 then
3671 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3672 etc_default_login=no
3673 else
3674 etc_default_login=yes
3675 fi ]
dfddba3d 3676)
3677
3678if test "x$etc_default_login" != "xno"; then
3679 AC_CHECK_FILE("/etc/default/login",
3680 [ external_path_file=/etc/default/login ])
08822d99 3681 if test "x$external_path_file" = "x/etc/default/login"; then
3682 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3683 [Define if your system has /etc/default/login])
dfddba3d 3684 fi
7cac2b65 3685fi
3686
350391c5 3687dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
8b32eddc 3688if test $ac_cv_func_login_getcapbool = "yes" && \
3689 test $ac_cv_header_login_cap_h = "yes" ; then
7cac2b65 3690 external_path_file=/etc/login.conf
350391c5 3691fi
7cac2b65 3692
3c0ef626 3693# Whether to mess with the default path
540d72c3 3694SERVER_PATH_MSG="(default)"
3c0ef626 3695AC_ARG_WITH(default-path,
350391c5 3696 [ --with-default-path= Specify default \$PATH environment for server],
3c0ef626 3697 [
7cac2b65 3698 if test "x$external_path_file" = "x/etc/login.conf" ; then
350391c5 3699 AC_MSG_WARN([
3700--with-default-path=PATH has no effect on this system.
3701Edit /etc/login.conf instead.])
8b32eddc 3702 elif test "x$withval" != "xno" ; then
7cac2b65 3703 if test ! -z "$external_path_file" ; then
3704 AC_MSG_WARN([
3705--with-default-path=PATH will only be used if PATH is not defined in
3706$external_path_file .])
3707 fi
3c0ef626 3708 user_path="$withval"
540d72c3 3709 SERVER_PATH_MSG="$withval"
3c0ef626 3710 fi
3711 ],
7cac2b65 3712 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3713 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
350391c5 3714 else
7cac2b65 3715 if test ! -z "$external_path_file" ; then
3716 AC_MSG_WARN([
3717If PATH is defined in $external_path_file, ensure the path to scp is included,
3718otherwise scp will not work.])
3719 fi
08822d99 3720 AC_RUN_IFELSE(
3721 [AC_LANG_SOURCE([[
3c0ef626 3722/* find out what STDPATH is */
3723#include <stdio.h>
3724#ifdef HAVE_PATHS_H
3725# include <paths.h>
3726#endif
3727#ifndef _PATH_STDPATH
bfe49944 3728# ifdef _PATH_USERPATH /* Irix */
3729# define _PATH_STDPATH _PATH_USERPATH
3730# else
3731# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3732# endif
3c0ef626 3733#endif
3734#include <sys/types.h>
3735#include <sys/stat.h>
3736#include <fcntl.h>
3737#define DATA "conftest.stdpath"
3738
3739main()
3740{
3741 FILE *fd;
3742 int rc;
8b32eddc 3743
3c0ef626 3744 fd = fopen(DATA,"w");
3745 if(fd == NULL)
3746 exit(1);
8b32eddc 3747
3c0ef626 3748 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3749 exit(1);
3750
3751 exit(0);
3752}
08822d99 3753 ]])],
3754 [ user_path=`cat conftest.stdpath` ],
3c0ef626 3755 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3756 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3757 )
3758# make sure $bindir is in USER_PATH so scp will work
3759 t_bindir=`eval echo ${bindir}`
3760 case $t_bindir in
3761 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3762 esac
3763 case $t_bindir in
3764 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3765 esac
3766 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3767 if test $? -ne 0 ; then
3768 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3769 if test $? -ne 0 ; then
3770 user_path=$user_path:$t_bindir
3771 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3772 fi
3773 fi
350391c5 3774 fi ]
3775)
7cac2b65 3776if test "x$external_path_file" != "x/etc/login.conf" ; then
08822d99 3777 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
350391c5 3778 AC_SUBST(user_path)
3779fi
3780
3781# Set superuser path separately to user path
350391c5 3782AC_ARG_WITH(superuser-path,
3783 [ --with-superuser-path= Specify different path for super-user],
3784 [
8b32eddc 3785 if test -n "$withval" && test "x$withval" != "xno" && \
3786 test "x${withval}" != "xyes"; then
08822d99 3787 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3788 [Define if you want a different $PATH
3789 for the superuser])
350391c5 3790 superuser_path=$withval
3791 fi
3c0ef626 3792 ]
3793)
350391c5 3794
3c0ef626 3795
3c0ef626 3796AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
540d72c3 3797IPV4_IN6_HACK_MSG="no"
3c0ef626 3798AC_ARG_WITH(4in6,
3799 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3800 [
3801 if test "x$withval" != "xno" ; then
3802 AC_MSG_RESULT(yes)
08822d99 3803 AC_DEFINE(IPV4_IN_IPV6, 1,
3804 [Detect IPv4 in IPv6 mapped addresses
3805 and treat as IPv4])
540d72c3 3806 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3807 else
3808 AC_MSG_RESULT(no)
3809 fi
3810 ],[
3811 if test "x$inet6_default_4in6" = "xyes"; then
3812 AC_MSG_RESULT([yes (default)])
3813 AC_DEFINE(IPV4_IN_IPV6)
540d72c3 3814 IPV4_IN6_HACK_MSG="yes"
3c0ef626 3815 else
3816 AC_MSG_RESULT([no (default)])
3817 fi
3818 ]
3819)
3820
3821# Whether to enable BSD auth support
e9702f7d 3822BSD_AUTH_MSG=no
3c0ef626 3823AC_ARG_WITH(bsd-auth,
3824 [ --with-bsd-auth Enable BSD auth support],
3825 [
8b32eddc 3826 if test "x$withval" != "xno" ; then
08822d99 3827 AC_DEFINE(BSD_AUTH, 1,
3828 [Define if you have BSD auth support])
e9702f7d 3829 BSD_AUTH_MSG=yes
3c0ef626 3830 fi
3831 ]
3832)
3833
3c0ef626 3834# Where to place sshd.pid
3835piddir=/var/run
350391c5 3836# make sure the directory exists
8b32eddc 3837if test ! -d $piddir ; then
350391c5 3838 piddir=`eval echo ${sysconfdir}`
3839 case $piddir in
540d72c3 3840 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
350391c5 3841 esac
3842fi
3843
3c0ef626 3844AC_ARG_WITH(pid-dir,
3845 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3846 [
8b32eddc 3847 if test -n "$withval" && test "x$withval" != "xno" && \
3848 test "x${withval}" != "xyes"; then
3c0ef626 3849 piddir=$withval
8b32eddc 3850 if test ! -d $piddir ; then
350391c5 3851 AC_MSG_WARN([** no $piddir directory on this system **])
3852 fi
3c0ef626 3853 fi
3854 ]
3855)
3856
08822d99 3857AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
3c0ef626 3858AC_SUBST(piddir)
3859
3860dnl allow user to disable some login recording features
3861AC_ARG_ENABLE(lastlog,
3862 [ --disable-lastlog disable use of lastlog even if detected [no]],
7cac2b65 3863 [
3864 if test "x$enableval" = "xno" ; then
3865 AC_DEFINE(DISABLE_LASTLOG)
3866 fi
3867 ]
3c0ef626 3868)
3869AC_ARG_ENABLE(utmp,
3870 [ --disable-utmp disable use of utmp even if detected [no]],
7cac2b65 3871 [
3872 if test "x$enableval" = "xno" ; then
3873 AC_DEFINE(DISABLE_UTMP)
3874 fi
3875 ]
3c0ef626 3876)
3877AC_ARG_ENABLE(utmpx,
3878 [ --disable-utmpx disable use of utmpx even if detected [no]],
7cac2b65 3879 [
3880 if test "x$enableval" = "xno" ; then
08822d99 3881 AC_DEFINE(DISABLE_UTMPX, 1,
3882 [Define if you don't want to use utmpx])
7cac2b65 3883 fi
3884 ]
3c0ef626 3885)
3886AC_ARG_ENABLE(wtmp,
3887 [ --disable-wtmp disable use of wtmp even if detected [no]],
7cac2b65 3888 [
3889 if test "x$enableval" = "xno" ; then
3890 AC_DEFINE(DISABLE_WTMP)
3891 fi
3892 ]
3c0ef626 3893)
3894AC_ARG_ENABLE(wtmpx,
3895 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
7cac2b65 3896 [
3897 if test "x$enableval" = "xno" ; then
08822d99 3898 AC_DEFINE(DISABLE_WTMPX, 1,
3899 [Define if you don't want to use wtmpx])
7cac2b65 3900 fi
3901 ]
3c0ef626 3902)
3903AC_ARG_ENABLE(libutil,
3904 [ --disable-libutil disable use of libutil (login() etc.) [no]],
7cac2b65 3905 [
3906 if test "x$enableval" = "xno" ; then
3907 AC_DEFINE(DISABLE_LOGIN)
3908 fi
3909 ]
3c0ef626 3910)
3911AC_ARG_ENABLE(pututline,
3912 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
7cac2b65 3913 [
3914 if test "x$enableval" = "xno" ; then
08822d99 3915 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3916 [Define if you don't want to use pututline()
3917 etc. to write [uw]tmp])
7cac2b65 3918 fi
3919 ]
3c0ef626 3920)
3921AC_ARG_ENABLE(pututxline,
3922 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
7cac2b65 3923 [
3924 if test "x$enableval" = "xno" ; then
08822d99 3925 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3926 [Define if you don't want to use pututxline()
3927 etc. to write [uw]tmpx])
7cac2b65 3928 fi
3929 ]
3c0ef626 3930)
3931AC_ARG_WITH(lastlog,
3932 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
3933 [
8b32eddc 3934 if test "x$withval" = "xno" ; then
3c0ef626 3935 AC_DEFINE(DISABLE_LASTLOG)
8b32eddc 3936 elif test -n "$withval" && test "x${withval}" != "xyes"; then
3c0ef626 3937 conf_lastlog_location=$withval
3938 fi
3939 ]
3940)
3941
3942dnl lastlog, [uw]tmpx? detection
3943dnl NOTE: set the paths in the platform section to avoid the
3944dnl need for command-line parameters
3945dnl lastlog and [uw]tmp are subject to a file search if all else fails
3946
3947dnl lastlog detection
3948dnl NOTE: the code itself will detect if lastlog is a directory
3949AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3950AC_TRY_COMPILE([
3951#include <sys/types.h>
3952#include <utmp.h>
3953#ifdef HAVE_LASTLOG_H
3954# include <lastlog.h>
3955#endif
3956#ifdef HAVE_PATHS_H
3957# include <paths.h>
3958#endif
3959#ifdef HAVE_LOGIN_H
3960# include <login.h>
3961#endif
3962 ],
3963 [ char *lastlog = LASTLOG_FILE; ],
3964 [ AC_MSG_RESULT(yes) ],
3965 [
3966 AC_MSG_RESULT(no)
3967 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3968 AC_TRY_COMPILE([
3969#include <sys/types.h>
3970#include <utmp.h>
3971#ifdef HAVE_LASTLOG_H
3972# include <lastlog.h>
3973#endif
3974#ifdef HAVE_PATHS_H
3975# include <paths.h>
3976#endif
3977 ],
3978 [ char *lastlog = _PATH_LASTLOG; ],
3979 [ AC_MSG_RESULT(yes) ],
3980 [
3981 AC_MSG_RESULT(no)
3982 system_lastlog_path=no
3983 ])
3984 ]
3985)
3986
3987if test -z "$conf_lastlog_location"; then
3988 if test x"$system_lastlog_path" = x"no" ; then
3989 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
3990 if (test -d "$f" || test -f "$f") ; then
3991 conf_lastlog_location=$f
3992 fi
3993 done
3994 if test -z "$conf_lastlog_location"; then
3995 AC_MSG_WARN([** Cannot find lastlog **])
3996 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
3997 fi
3998 fi
3999fi
4000
4001if test -n "$conf_lastlog_location"; then
08822d99 4002 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4003 [Define if you want to specify the path to your lastlog file])
8b32eddc 4004fi
3c0ef626 4005
4006dnl utmp detection
4007AC_MSG_CHECKING([if your system defines UTMP_FILE])
4008AC_TRY_COMPILE([
4009#include <sys/types.h>
4010#include <utmp.h>
4011#ifdef HAVE_PATHS_H
4012# include <paths.h>
4013#endif
4014 ],
4015 [ char *utmp = UTMP_FILE; ],
4016 [ AC_MSG_RESULT(yes) ],
4017 [ AC_MSG_RESULT(no)
4018 system_utmp_path=no ]
4019)
4020if test -z "$conf_utmp_location"; then
4021 if test x"$system_utmp_path" = x"no" ; then
4022 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4023 if test -f $f ; then
4024 conf_utmp_location=$f
4025 fi
4026 done
4027 if test -z "$conf_utmp_location"; then
4028 AC_DEFINE(DISABLE_UTMP)
4029 fi
4030 fi
4031fi
4032if test -n "$conf_utmp_location"; then
08822d99 4033 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4034 [Define if you want to specify the path to your utmp file])
8b32eddc 4035fi
3c0ef626 4036
4037dnl wtmp detection
4038AC_MSG_CHECKING([if your system defines WTMP_FILE])
4039AC_TRY_COMPILE([
4040#include <sys/types.h>
4041#include <utmp.h>
4042#ifdef HAVE_PATHS_H
4043# include <paths.h>
4044#endif
4045 ],
4046 [ char *wtmp = WTMP_FILE; ],
4047 [ AC_MSG_RESULT(yes) ],
4048 [ AC_MSG_RESULT(no)
4049 system_wtmp_path=no ]
4050)
4051if test -z "$conf_wtmp_location"; then
4052 if test x"$system_wtmp_path" = x"no" ; then
4053 for f in /usr/adm/wtmp /var/log/wtmp; do
4054 if test -f $f ; then
4055 conf_wtmp_location=$f
4056 fi
4057 done
4058 if test -z "$conf_wtmp_location"; then
4059 AC_DEFINE(DISABLE_WTMP)
4060 fi
4061 fi
4062fi
4063if test -n "$conf_wtmp_location"; then
08822d99 4064 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4065 [Define if you want to specify the path to your wtmp file])
8b32eddc 4066fi
3c0ef626 4067
4068
4069dnl utmpx detection - I don't know any system so perverse as to require
4070dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4071dnl there, though.
4072AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4073AC_TRY_COMPILE([
4074#include <sys/types.h>
4075#include <utmp.h>
4076#ifdef HAVE_UTMPX_H
4077#include <utmpx.h>
4078#endif
4079#ifdef HAVE_PATHS_H
4080# include <paths.h>
4081#endif
4082 ],
4083 [ char *utmpx = UTMPX_FILE; ],
4084 [ AC_MSG_RESULT(yes) ],
4085 [ AC_MSG_RESULT(no)
4086 system_utmpx_path=no ]
4087)
4088if test -z "$conf_utmpx_location"; then
4089 if test x"$system_utmpx_path" = x"no" ; then
4090 AC_DEFINE(DISABLE_UTMPX)
4091 fi
4092else
08822d99 4093 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4094 [Define if you want to specify the path to your utmpx file])
8b32eddc 4095fi
3c0ef626 4096
4097dnl wtmpx detection
4098AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4099AC_TRY_COMPILE([
4100#include <sys/types.h>
4101#include <utmp.h>
4102#ifdef HAVE_UTMPX_H
4103#include <utmpx.h>
4104#endif
4105#ifdef HAVE_PATHS_H
4106# include <paths.h>
4107#endif
4108 ],
4109 [ char *wtmpx = WTMPX_FILE; ],
4110 [ AC_MSG_RESULT(yes) ],
4111 [ AC_MSG_RESULT(no)
4112 system_wtmpx_path=no ]
4113)
4114if test -z "$conf_wtmpx_location"; then
4115 if test x"$system_wtmpx_path" = x"no" ; then
4116 AC_DEFINE(DISABLE_WTMPX)
4117 fi
4118else
08822d99 4119 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4120 [Define if you want to specify the path to your wtmpx file])
8b32eddc 4121fi
3c0ef626 4122
4123
3c0ef626 4124if test ! -z "$blibpath" ; then
256cb466 4125 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4126 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
3c0ef626 4127fi
4128
2ce0bfe4 4129dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4130dnl Add now.
4131CFLAGS="$CFLAGS $werror_flags"
4132
e9702f7d 4133AC_EXEEXT
30460aeb 4134AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4135 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
dfddba3d 4136 scard/Makefile ssh_prng_cmds survey.sh])
3c0ef626 4137AC_OUTPUT
4138
4139# Print summary of options
4140
3c0ef626 4141# Someone please show me a better way :)
4142A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4143B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4144C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4145D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
4146E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
4147F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
4148G=`eval echo ${piddir}` ; G=`eval echo ${G}`
350391c5 4149H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4150I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4151J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
3c0ef626 4152
4153echo ""
4154echo "OpenSSH has been configured with the following options:"
350391c5 4155echo " User binaries: $B"
4156echo " System binaries: $C"
4157echo " Configuration files: $D"
4158echo " Askpass program: $E"
4159echo " Manual pages: $F"
4160echo " PID file: $G"
4161echo " Privilege separation chroot path: $H"
7cac2b65 4162if test "x$external_path_file" = "x/etc/login.conf" ; then
4163echo " At runtime, sshd will use the path defined in $external_path_file"
4164echo " Make sure the path to scp is present, otherwise scp will not work"
350391c5 4165else
4166echo " sshd default user PATH: $I"
7cac2b65 4167 if test ! -z "$external_path_file"; then
4168echo " (If PATH is set in $external_path_file it will be used instead. If"
4169echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4170 fi
350391c5 4171fi
4172if test ! -z "$superuser_path" ; then
4173echo " sshd superuser user PATH: $J"
4174fi
4175echo " Manpage format: $MANTYPE"
7cac2b65 4176echo " PAM support: $PAM_MSG"
30460aeb 4177echo " OSF SIA support: $SIA_MSG"
350391c5 4178echo " KerberosV support: $KRB5_MSG"
30460aeb 4179echo " SELinux support: $SELINUX_MSG"
350391c5 4180echo " Smartcard support: $SCARD_MSG"
350391c5 4181echo " S/KEY support: $SKEY_MSG"
4182echo " TCP Wrappers support: $TCPW_MSG"
4183echo " MD5 password support: $MD5_MSG"
dfddba3d 4184echo " libedit support: $LIBEDIT_MSG"
30460aeb 4185echo " Solaris process contract support: $SPC_MSG"
350391c5 4186echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
350391c5 4187echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4188echo " BSD Auth support: $BSD_AUTH_MSG"
4189echo " Random number source: $RAND_MSG"
e9702f7d 4190if test ! -z "$USE_RAND_HELPER" ; then
350391c5 4191echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
3c0ef626 4192fi
4193
4194echo ""
4195
4196echo " Host: ${host}"
4197echo " Compiler: ${CC}"
4198echo " Compiler flags: ${CFLAGS}"
4199echo "Preprocessor flags: ${CPPFLAGS}"
4200echo " Linker flags: ${LDFLAGS}"
e9702f7d 4201echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
3c0ef626 4202
4203echo ""
4204
7e82606e 4205if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
dfddba3d 4206 echo "SVR4 style packages are supported with \"make package\""
4207 echo ""
7e82606e 4208fi
4209
3c0ef626 4210if test "x$PAM_MSG" = "xyes" ; then
e9702f7d 4211 echo "PAM is enabled. You may need to install a PAM control file "
4212 echo "for sshd, otherwise password authentication may fail. "
540d72c3 4213 echo "Example PAM control files can be found in the contrib/ "
e9702f7d 4214 echo "subdirectory"
3c0ef626 4215 echo ""
4216fi
4217
e9702f7d 4218if test ! -z "$RAND_HELPER_CMDHASH" ; then
4219 echo "WARNING: you are using the builtin random number collection "
4220 echo "service. Please read WARNING.RNG and request that your OS "
4221 echo "vendor includes kernel-based random number collection in "
4222 echo "future versions of your OS."
3c0ef626 4223 echo ""
4224fi
4225
7e82606e 4226if test ! -z "$NO_PEERCHECK" ; then
4227 echo "WARNING: the operating system that you are using does not "
4228 echo "appear to support either the getpeereid() API nor the "
4229 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
4230 echo "enforce security checks to prevent unauthorised connections to "
4231 echo "ssh-agent. Their absence increases the risk that a malicious "
4232 echo "user can connect to your agent. "
4233 echo ""
4234fi
4235
dfddba3d 4236if test "$AUDIT_MODULE" = "bsm" ; then
4237 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4238 echo "See the Solaris section in README.platform for details."
4239fi
git-cvsimport mirror of GSI OpenSSH
This page took 1.041392 seconds and 5 git commands to generate.