CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
case $GCC_VER in
- 1.*) ;;
- 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
- 2.*) ;;
+ 1.*) no_attrib_nonnull=1 ;;
+ 2.8* | 2.9*)
+ CFLAGS="$CFLAGS -Wsign-compare"
+ no_attrib_nonnull=1
+ ;;
+ 2.*) no_attrib_nonnull=1 ;;
3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
*) ;;
fi
fi
+if test "x$no_attrib_nonnull" != "x1" ; then
+ AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
+fi
+
AC_ARG_WITH(rpath,
[ --without-rpath Disable auto-added -R linker paths],
[
netgroup.h \
pam/pam_appl.h \
paths.h \
+ poll.h \
pty.h \
readpassphrase.h \
rpc/types.h \
time.h \
tmpdir.h \
ttyent.h \
+ ucred.h \
unistd.h \
usersec.h \
util.h \
AC_DEFINE(DISABLE_LASTLOG)
AC_DEFINE(SSHD_ACQUIRES_CTTY)
enable_etc_default_login=no # has incompatible /etc/default/login
+ case "$host" in
+ *-*-nto-qnx6*)
+ AC_DEFINE(DISABLE_FD_PASSING)
+ ;;
+ esac
;;
*-*-ultrix*)
CPPFLAGS="-I${withval} ${CPPFLAGS}"
fi
fi
- LIBWRAP="-lwrap"
- LIBS="$LIBWRAP $LIBS"
+ LIBS="-lwrap $LIBS"
AC_MSG_CHECKING(for libwrap)
AC_TRY_LINK(
[
AC_DEFINE(LIBWRAP, 1,
[Define if you want
TCP Wrappers support])
- AC_SUBST(LIBWRAP)
+ SSHDLIBS="$SSHDLIBS -lwrap"
TCPW_MSG="yes"
],
[
getnameinfo \
getopt \
getpeereid \
+ getpeerucred \
_getpty \
getrlimit \
getttyent \
ogetaddrinfo \
openlog_r \
openpty \
+ poll \
prctl \
pstat \
readpassphrase \
strtonum \
strtoll \
strtoul \
+ swap32 \
sysconf \
tcgetpgrp \
truncate \
#include <unistd.h>
])
+AC_CHECK_DECLS(MAXSYMLINKS, , , [
+#include <sys/param.h>
+ ])
+
+AC_CHECK_DECLS(offsetof, , , [
+#include <stddef.h>
+ ])
+
AC_CHECK_FUNCS(setresuid, [
dnl Some platorms have setresuid that isn't implemented, test for this
AC_MSG_CHECKING(if setresuid seems to work)
# Check for missing getpeereid (or equiv) support
NO_PEERCHECK=""
-if test "x$ac_cv_func_getpeereid" != "xyes" ; then
+if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
AC_TRY_COMPILE(
[#include <sys/types.h>
# Search for SHA256 support in libc and/or OpenSSL
AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
-AC_CHECK_LIB(iaf, ia_openinfo)
+saved_LIBS="$LIBS"
+AC_CHECK_LIB(iaf, ia_openinfo, [
+ LIBS="$LIBS -liaf"
+ AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
+])
+LIBS="$saved_LIBS"
### Configure cryptographic random number support
PAM_MSG="yes"
- LIBPAM="-lpam"
+ SSHDLIBS="$SSHDLIBS -lpam"
AC_DEFINE(USE_PAM, 1,
[Define if you want to enable PAM support])
# libdl already in LIBS
;;
*)
- LIBPAM="$LIBPAM -ldl"
+ SSHDLIBS="$SSHDLIBS -ldl"
;;
esac
fi
- AC_SUBST(LIBPAM)
fi
]
)
[#include <arpa/nameser.h>])
])
+AC_MSG_CHECKING(if struct __res_state _res is an extern)
+AC_LINK_IFELSE([
+#include <stdio.h>
+#if HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#include <netinet/in.h>
+#include <arpa/nameser.h>
+#include <resolv.h>
+extern struct __res_state _res;
+int main() { return 0; }
+ ],
+ [AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE__RES_EXTERN, 1,
+ [Define if you have struct __res_state _res as an extern])
+ ],
+ [ AC_MSG_RESULT(no) ]
+)
+
# Check whether user wants SELinux support
SELINUX_MSG="no"
LIBSELINUX=""
AC_ARG_WITH(selinux,
[ --with-selinux Enable SELinux support],
[ if test "x$withval" != "xno" ; then
+ save_LIBS="$LIBS"
AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
SELINUX_MSG="yes"
AC_CHECK_HEADER([selinux/selinux.h], ,
AC_MSG_ERROR(SELinux support requires selinux.h header))
AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
AC_MSG_ERROR(SELinux support requires libselinux library))
- save_LIBS="$LIBS"
- LIBS="$LIBS $LIBSELINUX"
+ SSHDLIBS="$SSHDLIBS $LIBSELINUX"
AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
LIBS="$save_LIBS"
fi ]
)
-AC_SUBST(LIBSELINUX)
# Check whether user wants Kerberos 5 support
KRB5_MSG="no"
echo " Compiler flags: ${CFLAGS}"
echo "Preprocessor flags: ${CPPFLAGS}"
echo " Linker flags: ${LDFLAGS}"
-echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
+echo " Libraries: ${LIBS}"
+if test ! -z "${SSHDLIBS}"; then
+echo " +for sshd: ${SSHDLIBS}"
+fi
echo ""
fi
if test ! -z "$NO_PEERCHECK" ; then
- echo "WARNING: the operating system that you are using does not "
- echo "appear to support either the getpeereid() API nor the "
- echo "SO_PEERCRED getsockopt() option. These facilities are used to "
- echo "enforce security checks to prevent unauthorised connections to "
- echo "ssh-agent. Their absence increases the risk that a malicious "
- echo "user can connect to your agent. "
+ echo "WARNING: the operating system that you are using does not"
+ echo "appear to support getpeereid(), getpeerucred() or the"
+ echo "SO_PEERCRED getsockopt() option. These facilities are used to"
+ echo "enforce security checks to prevent unauthorised connections to"
+ echo "ssh-agent. Their absence increases the risk that a malicious"
+ echo "user can connect to your agent."
echo ""
fi