]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [configure.ac] Bug #1181: Explicitly test to see if OpenSSL
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
a0391976 130# Check for some target-specific stuff
a7effaac 131case "$host" in
9d6b1b96 132*-*-aix*)
aff51935 133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 134 if (test -z "$blibpath"); then
0a15d73b 135 blibpath="/usr/lib:/lib"
68ece370 136 fi
137 saved_LDFLAGS="$LDFLAGS"
e7479666 138 if test "$GCC" = "yes"; then
139 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
140 else
141 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
142 fi
143 for tryflags in $flags ;do
68ece370 144 if (test -z "$blibflags"); then
145 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
146 AC_TRY_LINK([], [], [blibflags=$tryflags])
147 fi
148 done
149 if (test -z "$blibflags"); then
150 AC_MSG_RESULT(not found)
151 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
152 else
153 AC_MSG_RESULT($blibflags)
bd499f9e 154 fi
68ece370 155 LDFLAGS="$saved_LDFLAGS"
e351e493 156 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 157 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
158 [Define if you want to enable AIX4's authenticate function])],
0764e748 159 [AC_CHECK_LIB(s,authenticate,
e351e493 160 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 161 LIBS="$LIBS -ls"
162 ])
163 ])
ba603e06 164 dnl Check for various auth function declarations in headers.
c85ed8e2 165 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 166 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 167 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 168 AC_CHECK_DECLS(loginfailed,
e351e493 169 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
170 AC_TRY_COMPILE(
f58c0e01 171 [#include <usersec.h>],
e351e493 172 [(void)loginfailed("user","host","tty",0);],
173 [AC_MSG_RESULT(yes)
3466e002 174 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
175 [Define if your AIX loginfailed() function
176 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 177 [AC_MSG_RESULT(no)]
e351e493 178 )],
179 [],
180 [#include <usersec.h>]
181 )
2aa3a16c 182 AC_CHECK_FUNCS(setauthdb)
53c337ed 183 AC_CHECK_DECL(F_CLOSEM,
795e7517 184 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 185 [],
186 [ #include <limits.h>
187 #include <fcntl.h> ]
188 )
5ccf88cb 189 check_for_aix_broken_getaddrinfo=1
3466e002 190 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
191 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
192 [Define if your platform breaks doing a seteuid before a setuid])
193 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
194 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 195 dnl AIX handles lastlog as part of its login message
3466e002 196 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
197 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
198 [Some systems need a utmpx entry for /bin/login to work])
199 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
200 [Define to a Set Process Title type if your system is
201 supported by bsd-setproctitle.c])
961c2997 202 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
203 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 204 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 205 ;;
3c62e7eb 206*-*-cygwin*)
a52997bd 207 check_for_libcrypt_later=1
ffb8d130 208 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 209 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
210 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
211 AC_DEFINE(DISABLE_SHADOW, 1,
212 [Define if you want to disable shadow passwords])
213 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
214 [Define if your system choked on IP TOS setting])
215 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
216 [Define if X11 doesn't support AF_UNIX sockets on that system])
217 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
218 [Define if the concept of ports only accessible to
219 superusers isn't known])
220 AC_DEFINE(DISABLE_FD_PASSING, 1,
221 [Define if your platform needs to skip post auth
222 file descriptor passing])
3c62e7eb 223 ;;
d6fdb079 224*-*-dgux*)
225 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 226 AC_DEFINE(SETEUID_BREAKS_SETUID)
227 AC_DEFINE(BROKEN_SETREUID)
228 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 229 ;;
39c98ef7 230*-*-darwin*)
33e2e066 231 AC_MSG_CHECKING(if we have working getaddrinfo)
232 AC_TRY_RUN([#include <mach-o/dyld.h>
233main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
234 exit(0);
235 else
236 exit(1);
237}], [AC_MSG_RESULT(working)],
238 [AC_MSG_RESULT(buggy)
3466e002 239 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 240 [AC_MSG_RESULT(assume it is working)])
635e0c42 241 AC_DEFINE(SETEUID_BREAKS_SETUID)
242 AC_DEFINE(BROKEN_SETREUID)
243 AC_DEFINE(BROKEN_SETREGID)
3466e002 244 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
245 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 246 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
247 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
248 [Use tunnel device compatibility to OpenBSD])
249 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
250 [Prepend the address family to IP tunnel traffic])
39c98ef7 251 ;;
7d458c86 252*-*-hpux*)
253 # first we define all of the options common to all HP-UX releases
b8fea62d 254 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 255 IPADDR_IN_DISPLAY=yes
2b10f47a 256 AC_DEFINE(USE_PIPES)
3466e002 257 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
258 [Define if your login program cannot handle end of options ("--")])
a2572aa7 259 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 260 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
261 [String used in /etc/passwd to denote locked account])
3a2b2b44 262 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 263 MAIL="/var/mail/username"
f75ca46d 264 LIBS="$LIBS -lsec"
7d458c86 265 AC_CHECK_LIB(xnet, t_error, ,
266 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
267
268 # next, we define all of the options specific to major releases
269 case "$host" in
270 *-*-hpux10*)
271 if test -z "$GCC"; then
272 CFLAGS="$CFLAGS -Ae"
273 fi
274 ;;
275 *-*-hpux11*)
3466e002 276 AC_DEFINE(PAM_SUN_CODEBASE, 1,
277 [Define if you are using Solaris-derived PAM which
278 passes pam_messages to the conversation function
279 with an extra level of indirection])
280 AC_DEFINE(DISABLE_UTMP, 1,
281 [Define if you don't want to use utmp])
7d458c86 282 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
283 check_for_hpux_broken_getaddrinfo=1
284 check_for_conflicting_getspnam=1
285 ;;
286 esac
287
288 # lastly, we define options specific to minor releases
289 case "$host" in
290 *-*-hpux10.26)
3466e002 291 AC_DEFINE(HAVE_SECUREWARE, 1,
292 [Define if you have SecureWare-based
293 protected password database])
7d458c86 294 disable_ptmx_check=yes
295 LIBS="$LIBS -lsecpw"
296 ;;
297 esac
2b763e31 298 ;;
d94aa2ae 299*-*-irix5*)
6ac7829a 300 PATH="$PATH:/usr/etc"
3466e002 301 AC_DEFINE(BROKEN_INET_NTOA, 1,
302 [Define if you system's inet_ntoa is busted
303 (e.g. Irix gcc issue)])
cb433561 304 AC_DEFINE(SETEUID_BREAKS_SETUID)
305 AC_DEFINE(BROKEN_SETREUID)
306 AC_DEFINE(BROKEN_SETREGID)
3466e002 307 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
308 [Define if you shouldn't strip 'tty' from your
309 ttyname in [uw]tmp])
3e6e3da0 310 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 311 ;;
312*-*-irix6*)
6ac7829a 313 PATH="$PATH:/usr/etc"
3466e002 314 AC_DEFINE(WITH_IRIX_ARRAY, 1,
315 [Define if you have/want arrays
316 (cluster-wide session managment, not C arrays)])
317 AC_DEFINE(WITH_IRIX_PROJECT, 1,
318 [Define if you want IRIX project management])
319 AC_DEFINE(WITH_IRIX_AUDIT, 1,
320 [Define if you want IRIX audit trails])
321 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
322 [Define if you want IRIX kernel jobs])])
416ed5a7 323 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 324 AC_DEFINE(SETEUID_BREAKS_SETUID)
325 AC_DEFINE(BROKEN_SETREUID)
326 AC_DEFINE(BROKEN_SETREGID)
3466e002 327 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 328 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 329 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 330 ;;
5cdfe03f 331*-*-linux*)
332 no_dev_ptmx=1
717057b6 333 check_for_libcrypt_later=1
eacb954e 334 check_for_openpty_ctty_bug=1
3466e002 335 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
336 AC_DEFINE(PAM_TTY_KLUDGE, 1,
337 [Work around problematic Linux PAM modules handling of PAM_TTY])
338 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
339 [String used in /etc/passwd to denote locked account])
3a2b2b44 340 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 341 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
342 [Define to whatever link() returns for "not supported"
343 if it doesn't return EOPNOTSUPP.])
b6610e8f 344 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 345 AC_DEFINE(USE_BTMP)
80faa19f 346 inet6_default_4in6=yes
bf7c1e6c 347 case `uname -r` in
ad84c479 348 1.*|2.0.*)
3466e002 349 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
350 [Define if cmsg_type is not passed correctly])
bf7c1e6c 351 ;;
bf7c1e6c 352 esac
c40f09ca 353 # tun(4) forwarding compat code
d91775e1 354 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 355 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 356 AC_DEFINE(SSH_TUN_LINUX, 1,
357 [Open tunnel devices the Linux tun/tap way])
358 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
359 [Use tunnel device compatibility to OpenBSD])
360 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
361 [Prepend the address family to IP tunnel traffic])
362 fi
5cdfe03f 363 ;;
66d6c27e 364mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 365 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 366 SONY=1
66d6c27e 367 ;;
d468fc76 368*-*-netbsd*)
33e2e066 369 check_for_libcrypt_before=1
82f4e93d 370 if test "x$withval" != "xno" ; then
e6354014 371 need_dash_r=1
372 fi
0f6cb079 373 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
374 AC_CHECK_HEADER([net/if_tap.h], ,
375 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
376 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
377 [Prepend the address family to IP tunnel traffic])
d468fc76 378 ;;
86b416a7 379*-*-freebsd*)
380 check_for_libcrypt_later=1
988c5031 381 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 382 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
383 AC_CHECK_HEADER([net/if_tap.h], ,
384 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 385 ;;
8707b7eb 386*-*-bsdi*)
387 AC_DEFINE(SETEUID_BREAKS_SETUID)
388 AC_DEFINE(BROKEN_SETREUID)
389 AC_DEFINE(BROKEN_SETREGID)
390 ;;
729bfe59 391*-next-*)
729bfe59 392 conf_lastlog_location="/usr/adm/lastlog"
698d107e 393 conf_utmp_location=/etc/utmp
394 conf_wtmp_location=/usr/adm/wtmp
395 MAIL=/usr/spool/mail
3466e002 396 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 397 AC_DEFINE(BROKEN_REALPATH)
00937921 398 AC_DEFINE(USE_PIPES)
3466e002 399 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 400 ;;
5b7b5e23 401*-*-openbsd*)
402 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 403 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 404 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 405 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
406 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 407 ;;
9d6b1b96 408*-*-solaris*)
82f4e93d 409 if test "x$withval" != "xno" ; then
010e9d5b 410 need_dash_r=1
411 fi
adeebd37 412 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 413 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 414 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
415 [Some versions of /bin/login need the TERM supplied
416 on the commandline])
7f0a4ff1 417 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 418 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
419 [Define if pam_chauthtok wants real uid set
420 to the unpriv'ed user])
3e6e3da0 421 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 422 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 423 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
424 [Define if sshd somehow reacquires a controlling TTY
425 after setsid()])
795aa5f5 426 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
427 in case the name is longer than 8 chars])
95b99395 428 external_path_file=/etc/default/login
1d7b9b20 429 # hardwire lastlog location (can't detect it on some versions)
430 conf_lastlog_location="/var/adm/lastlog"
32c80420 431 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
432 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
433 if test "$sol2ver" -ge 8; then
434 AC_MSG_RESULT(yes)
435 AC_DEFINE(DISABLE_UTMP)
3466e002 436 AC_DEFINE(DISABLE_WTMP, 1,
437 [Define if you don't want to use wtmp])
32c80420 438 else
439 AC_MSG_RESULT(no)
440 fi
9d6b1b96 441 ;;
a423beaf 442*-*-sunos4*)
0c2fb82f 443 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 444 AC_CHECK_FUNCS(getpwanam)
adeebd37 445 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 446 conf_utmp_location=/etc/utmp
447 conf_wtmp_location=/var/adm/wtmp
448 conf_lastlog_location=/var/adm/lastlog
137d7b6c 449 AC_DEFINE(USE_PIPES)
a423beaf 450 ;;
6f68f28a 451*-ncr-sysv*)
98a7c37b 452 LIBS="$LIBS -lc89"
29525240 453 AC_DEFINE(USE_PIPES)
eabb99c6 454 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 455 AC_DEFINE(SETEUID_BREAKS_SETUID)
456 AC_DEFINE(BROKEN_SETREUID)
457 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 458 ;;
132dd316 459*-sni-sysv*)
c8c15bcb 460 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 461 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 462 # -lresolv needs to be at the end of LIBS or DNS lookups break
463 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 464 IPADDR_IN_DISPLAY=yes
465 AC_DEFINE(USE_PIPES)
132dd316 466 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 467 AC_DEFINE(SETEUID_BREAKS_SETUID)
468 AC_DEFINE(BROKEN_SETREUID)
469 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 470 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 471 external_path_file=/etc/default/login
c8c15bcb 472 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
473 # Attention: always take care to bind libsocket and libnsl before libc,
474 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 475 ;;
79a7ba96 476# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 477*-*-sysv4.2*)
9a406e1e 478 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
ed6553e2 479 AC_DEFINE(USE_PIPES)
7ed101c0 480 AC_DEFINE(SETEUID_BREAKS_SETUID)
481 AC_DEFINE(BROKEN_SETREUID)
482 AC_DEFINE(BROKEN_SETREGID)
46f853b9 483 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 484 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 485 ;;
79a7ba96 486# UnixWare 7.x, OpenUNIX 8
77bb0bca 487*-*-sysv5*)
d7d2cc6e 488 check_for_libcrypt_later=1
489 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 490 AC_DEFINE(USE_PIPES)
7ed101c0 491 AC_DEFINE(SETEUID_BREAKS_SETUID)
492 AC_DEFINE(BROKEN_SETREUID)
493 AC_DEFINE(BROKEN_SETREGID)
3466e002 494 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 495 case "$host" in
496 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
497 TEST_SHELL=/u95/bin/sh
3466e002 498 AC_DEFINE(BROKEN_LIBIAF, 1,
499 [ia_uinfo routines not supported by OS yet])
822015dd 500 ;;
e45da4d6 501 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
502 ;;
822015dd 503 esac
77bb0bca 504 ;;
9d6b1b96 505*-*-sysv*)
9d6b1b96 506 ;;
79a7ba96 507# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 508*-*-sco3.2v4*)
11cf4f1f 509 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 510 ;;
79a7ba96 511# SCO OpenServer 5.x
77bb0bca 512*-*-sco3.2v5*)
21710e39 513 if test -z "$GCC"; then
514 CFLAGS="$CFLAGS -belf"
515 fi
ed6553e2 516 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 517 no_dev_ptmx=1
ed6553e2 518 AC_DEFINE(USE_PIPES)
6e879cb4 519 AC_DEFINE(HAVE_SECUREWARE)
d287c664 520 AC_DEFINE(DISABLE_SHADOW)
94d8258b 521 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 522 AC_DEFINE(SETEUID_BREAKS_SETUID)
523 AC_DEFINE(BROKEN_SETREUID)
524 AC_DEFINE(BROKEN_SETREGID)
bcebad47 525 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 526 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 527 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 528 AC_CHECK_FUNCS(getluid setluid)
533875af 529 MANTYPE=man
a3245b92 530 TEST_SHELL=ksh
509b1f88 531 ;;
ccbb983c 532*-*-unicosmk*)
3466e002 533 AC_DEFINE(NO_SSH_LASTLOG, 1,
534 [Define if you don't want to use lastlog in session.c])
c1ad5966 535 AC_DEFINE(SETEUID_BREAKS_SETUID)
536 AC_DEFINE(BROKEN_SETREUID)
537 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 538 AC_DEFINE(USE_PIPES)
539 AC_DEFINE(DISABLE_FD_PASSING)
540 LDFLAGS="$LDFLAGS"
541 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
542 MANTYPE=cat
d262b7f2 543 ;;
7b9a8c6e 544*-*-unicosmp*)
c1ad5966 545 AC_DEFINE(SETEUID_BREAKS_SETUID)
546 AC_DEFINE(BROKEN_SETREUID)
547 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 548 AC_DEFINE(WITH_ABBREV_NO_TTY)
549 AC_DEFINE(USE_PIPES)
550 AC_DEFINE(DISABLE_FD_PASSING)
551 LDFLAGS="$LDFLAGS"
c1ad5966 552 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 553 MANTYPE=cat
554 ;;
ca5c7d6a 555*-*-unicos*)
c1ad5966 556 AC_DEFINE(SETEUID_BREAKS_SETUID)
557 AC_DEFINE(BROKEN_SETREUID)
558 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 559 AC_DEFINE(USE_PIPES)
94d8258b 560 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 561 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 562 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
563 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
564 MANTYPE=cat
a704dd54 565 ;;
4d33e531 566*-dec-osf*)
99c8ddac 567 AC_MSG_CHECKING(for Digital Unix SIA)
568 no_osfsia=""
569 AC_ARG_WITH(osfsia,
570 [ --with-osfsia Enable Digital Unix SIA],
571 [
572 if test "x$withval" = "xno" ; then
573 AC_MSG_RESULT(disabled)
574 no_osfsia=1
575 fi
576 ],
577 )
578 if test -z "$no_osfsia" ; then
4d33e531 579 if test -f /etc/sia/matrix.conf; then
580 AC_MSG_RESULT(yes)
3466e002 581 AC_DEFINE(HAVE_OSF_SIA, 1,
582 [Define if you have Digital Unix Security
583 Integration Architecture])
584 AC_DEFINE(DISABLE_LOGIN, 1,
585 [Define if you don't want to use your
586 system's login() call])
58d0df4e 587 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 588 LIBS="$LIBS -lsecurity -ldb -lm -laud"
589 else
590 AC_MSG_RESULT(no)
3466e002 591 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
592 [String used in /etc/passwd to denote locked account])
4d33e531 593 fi
594 fi
a6e67b60 595 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 596 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 597 AC_DEFINE(BROKEN_SETREUID)
598 AC_DEFINE(BROKEN_SETREGID)
4d33e531 599 ;;
41cb4569 600
9c54c067 601*-*-nto-qnx*)
41cb4569 602 AC_DEFINE(USE_PIPES)
603 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 604 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
605 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
606 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 607 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 608 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 609 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 610 ;;
35fc74ed 611
612*-*-ultrix*)
3466e002 613 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
614 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 615 AC_DEFINE(NEED_SETPGRP)
b5765e1d 616 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
617 ;;
157b6700 618
619*-*-lynxos)
620 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 621 AC_DEFINE(MISSING_HOWMANY)
157b6700 622 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
623 ;;
a7effaac 624esac
625
8e7b16f8 626# Allow user to specify flags
627AC_ARG_WITH(cflags,
628 [ --with-cflags Specify additional flags to pass to compiler],
629 [
6cf0200f 630 if test -n "$withval" && test "x$withval" != "xno" && \
631 test "x${withval}" != "xyes"; then
8e7b16f8 632 CFLAGS="$CFLAGS $withval"
633 fi
82f4e93d 634 ]
8e7b16f8 635)
0c2fb82f 636AC_ARG_WITH(cppflags,
637 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
638 [
6cf0200f 639 if test -n "$withval" && test "x$withval" != "xno" && \
640 test "x${withval}" != "xyes"; then
0c2fb82f 641 CPPFLAGS="$CPPFLAGS $withval"
642 fi
643 ]
644)
8e7b16f8 645AC_ARG_WITH(ldflags,
97b378bf 646 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 647 [
6cf0200f 648 if test -n "$withval" && test "x$withval" != "xno" && \
649 test "x${withval}" != "xyes"; then
8e7b16f8 650 LDFLAGS="$LDFLAGS $withval"
651 fi
82f4e93d 652 ]
8e7b16f8 653)
654AC_ARG_WITH(libs,
655 [ --with-libs Specify additional libraries to link with],
656 [
6cf0200f 657 if test -n "$withval" && test "x$withval" != "xno" && \
658 test "x${withval}" != "xyes"; then
8e7b16f8 659 LIBS="$LIBS $withval"
660 fi
82f4e93d 661 ]
8e7b16f8 662)
ed89c848 663AC_ARG_WITH(Werror,
664 [ --with-Werror Build main code with -Werror],
665 [
666 if test -n "$withval" && test "x$withval" != "xno"; then
667 werror_flags="-Werror"
1012885d 668 if test "x${withval}" != "xyes"; then
ed89c848 669 werror_flags="$withval"
670 fi
671 fi
672 ]
673)
8e7b16f8 674
c5829391 675AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 676AC_RUN_IFELSE(
677 [AC_LANG_SOURCE([
c5829391 678#include <stdio.h>
679int main(){exit(0);}
479cece8 680 ])],
c5829391 681 [ AC_MSG_RESULT(yes) ],
682 [
683 AC_MSG_RESULT(no)
684 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 685 ],
686 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 687)
688
b04a9f8c 689dnl Checks for header files.
690AC_CHECK_HEADERS( \
691 bstring.h \
692 crypt.h \
2f360c89 693 crypto/sha2.h \
b04a9f8c 694 dirent.h \
695 endian.h \
696 features.h \
37259a8e 697 fcntl.h \
b04a9f8c 698 floatingpoint.h \
699 getopt.h \
700 glob.h \
701 ia.h \
4c653d8e 702 iaf.h \
b04a9f8c 703 limits.h \
704 login.h \
b04a9f8c 705 maillock.h \
706 ndir.h \
e02505e2 707 net/if_tun.h \
b04a9f8c 708 netdb.h \
709 netgroup.h \
b04a9f8c 710 pam/pam_appl.h \
711 paths.h \
712 pty.h \
713 readpassphrase.h \
714 rpc/types.h \
715 security/pam_appl.h \
f73e2ad7 716 sha2.h \
b04a9f8c 717 shadow.h \
718 stddef.h \
719 stdint.h \
0957c2cf 720 string.h \
b04a9f8c 721 strings.h \
722 sys/audit.h \
723 sys/bitypes.h \
724 sys/bsdtty.h \
725 sys/cdefs.h \
726 sys/dir.h \
727 sys/mman.h \
728 sys/ndir.h \
729 sys/prctl.h \
730 sys/pstat.h \
731 sys/select.h \
732 sys/stat.h \
733 sys/stream.h \
734 sys/stropts.h \
735 sys/strtio.h \
736 sys/sysmacros.h \
737 sys/time.h \
738 sys/timers.h \
739 sys/un.h \
740 time.h \
741 tmpdir.h \
742 ttyent.h \
25dd2ce6 743 unistd.h \
b04a9f8c 744 usersec.h \
745 util.h \
746 utime.h \
747 utmp.h \
748 utmpx.h \
ea76f54c 749 vis.h \
b04a9f8c 750)
ddceb1c8 751
823221b2 752# lastlog.h requires sys/time.h to be included first on Solaris
753AC_CHECK_HEADERS(lastlog.h, [], [], [
754#ifdef HAVE_SYS_TIME_H
755# include <sys/time.h>
756#endif
757])
758
765a24cd 759# sys/ptms.h requires sys/stream.h to be included first on Solaris
760AC_CHECK_HEADERS(sys/ptms.h, [], [], [
761#ifdef HAVE_SYS_STREAM_H
762# include <sys/stream.h>
763#endif
764])
765
3919d576 766# login_cap.h requires sys/types.h on NetBSD
767AC_CHECK_HEADERS(login_cap.h, [], [], [
768#include <sys/types.h>
769])
770
a0391976 771# Checks for libraries.
98a7c37b 772AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
773AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 774
446227d6 775dnl IRIX and Solaris 2.5.1 have dirname() in libgen
776AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
777 AC_CHECK_LIB(gen, dirname,[
778 AC_CACHE_CHECK([for broken dirname],
779 ac_cv_have_broken_dirname, [
780 save_LIBS="$LIBS"
781 LIBS="$LIBS -lgen"
b0e7249f 782 AC_RUN_IFELSE(
783 [AC_LANG_SOURCE([[
446227d6 784#include <libgen.h>
785#include <string.h>
786
787int main(int argc, char **argv) {
788 char *s, buf[32];
789
790 strncpy(buf,"/etc", 32);
791 s = dirname(buf);
792 if (!s || strncmp(s, "/", 32) != 0) {
793 exit(1);
794 } else {
795 exit(0);
796 }
797}
b0e7249f 798 ]])],
799 [ ac_cv_have_broken_dirname="no" ],
800 [ ac_cv_have_broken_dirname="yes" ],
446227d6 801 [ ac_cv_have_broken_dirname="no" ],
446227d6 802 )
803 LIBS="$save_LIBS"
804 ])
805 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
806 LIBS="$LIBS -lgen"
807 AC_DEFINE(HAVE_DIRNAME)
808 AC_CHECK_HEADERS(libgen.h)
809 fi
810 ])
811])
812
813AC_CHECK_FUNC(getspnam, ,
814 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 815AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
816 [Define if you have the basename function.]))
446227d6 817
98a7c37b 818dnl zlib is required
819AC_ARG_WITH(zlib,
820 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 821 [ if test "x$withval" = "xno" ; then
822 AC_MSG_ERROR([*** zlib is required ***])
823 elif test "x$withval" != "xyes"; then
98a7c37b 824 if test -d "$withval/lib"; then
825 if test -n "${need_dash_r}"; then
5a162955 826 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 827 else
5a162955 828 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 829 fi
830 else
831 if test -n "${need_dash_r}"; then
5a162955 832 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 833 else
5a162955 834 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 835 fi
836 fi
837 if test -d "$withval/include"; then
5a162955 838 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 839 else
5a162955 840 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 841 fi
6dd05556 842 fi ]
98a7c37b 843)
844
0a15d73b 845AC_CHECK_LIB(z, deflate, ,
846 [
847 saved_CPPFLAGS="$CPPFLAGS"
848 saved_LDFLAGS="$LDFLAGS"
849 save_LIBS="$LIBS"
850 dnl Check default zlib install dir
851 if test -n "${need_dash_r}"; then
852 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
853 else
854 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
855 fi
856 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
857 LIBS="$LIBS -lz"
858 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
859 [
860 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
861 ]
862 )
863 ]
864)
4ad65809 865AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 866
867AC_ARG_WITH(zlib-version-check,
868 [ --without-zlib-version-check Disable zlib version check],
869 [ if test "x$withval" = "xno" ; then
870 zlib_check_nonfatal=1
871 fi
872 ]
873)
874
5c7fc85d 875AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 876AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 877#include <stdio.h>
4ad65809 878#include <zlib.h>
879int main()
880{
5c7fc85d 881 int a=0, b=0, c=0, d=0, n, v;
882 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
883 if (n != 3 && n != 4)
4ad65809 884 exit(1);
5c7fc85d 885 v = a*1000000 + b*10000 + c*100 + d;
886 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
887
888 /* 1.1.4 is OK */
889 if (a == 1 && b == 1 && c >= 4)
4ad65809 890 exit(0);
5c7fc85d 891
0072b59d 892 /* 1.2.3 and up are OK */
893 if (v >= 1020300)
5c7fc85d 894 exit(0);
895
4ad65809 896 exit(2);
897}
479cece8 898 ]])],
5c7fc85d 899 AC_MSG_RESULT(no),
900 [ AC_MSG_RESULT(yes)
8068d564 901 if test -z "$zlib_check_nonfatal" ; then
902 AC_MSG_ERROR([*** zlib too old - check config.log ***
903Your reported zlib version has known security problems. It's possible your
904vendor has fixed these problems without changing the version number. If you
905are sure this is the case, you can disable the check by running
906"./configure --without-zlib-version-check".
6090bcfe 907If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 908See http://www.gzip.org/zlib/ for details.])
8068d564 909 else
910 AC_MSG_WARN([zlib version may have security problems])
911 fi
1a01a50c 912 ],
913 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 914)
48e7916f 915
2c523de9 916dnl UnixWare 2.x
aff51935 917AC_CHECK_FUNC(strcasecmp,
2c523de9 918 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
919)
23361281 920AC_CHECK_FUNCS(utimes,
cda1ebcb 921 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
922 LIBS="$LIBS -lc89"]) ]
2c523de9 923)
4cca272e 924
7c6d759d 925dnl Checks for libutil functions
926AC_CHECK_HEADERS(libutil.h)
3466e002 927AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
928 [Define if your libraries define login()])])
7c6d759d 929AC_CHECK_FUNCS(logout updwtmp logwtmp)
930
a738c3b0 931AC_FUNC_STRFTIME
932
84ceda19 933# Check for ALTDIRFUNC glob() extension
934AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
935AC_EGREP_CPP(FOUNDIT,
936 [
937 #include <glob.h>
938 #ifdef GLOB_ALTDIRFUNC
939 FOUNDIT
940 #endif
aff51935 941 ],
84ceda19 942 [
3466e002 943 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
944 [Define if your system glob() function has
945 the GLOB_ALTDIRFUNC extension])
84ceda19 946 AC_MSG_RESULT(yes)
947 ],
948 [
949 AC_MSG_RESULT(no)
950 ]
951)
4cca272e 952
40849fdb 953# Check for g.gl_matchc glob() extension
954AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 955AC_TRY_COMPILE(
13ff27b7 956 [ #include <glob.h> ],
957 [glob_t g; g.gl_matchc = 1;],
aff51935 958 [
3466e002 959 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
960 [Define if your system glob() function has
961 gl_matchc options in glob_t])
aff51935 962 AC_MSG_RESULT(yes)
963 ],
964 [
965 AC_MSG_RESULT(no)
966 ]
40849fdb 967)
968
edbe6722 969AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 970AC_RUN_IFELSE(
479cece8 971 [AC_LANG_SOURCE([[
edbe6722 972#include <sys/types.h>
973#include <dirent.h>
aec4cb4f 974int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 975 ]])],
aff51935 976 [AC_MSG_RESULT(yes)],
edbe6722 977 [
978 AC_MSG_RESULT(no)
3466e002 979 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 980 [Define if your struct dirent expects you to
3466e002 981 allocate extra space for d_name])
1a01a50c 982 ],
82f4e93d 983 [
1a01a50c 984 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
985 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 986 ]
987)
988
419e26e7 989AC_MSG_CHECKING([for /proc/pid/fd directory])
990if test -d "/proc/$$/fd" ; then
3466e002 991 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 992 AC_MSG_RESULT(yes)
993else
994 AC_MSG_RESULT(no)
995fi
996
278588d8 997# Check whether user wants S/Key support
aff51935 998SKEY_MSG="no"
278588d8 999AC_ARG_WITH(skey,
6ff3d0dc 1000 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1001 [
1002 if test "x$withval" != "xno" ; then
1003
1004 if test "x$withval" != "xyes" ; then
1005 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1006 LDFLAGS="$LDFLAGS -L${withval}/lib"
1007 fi
1008
3466e002 1009 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1010 LIBS="-lskey $LIBS"
aff51935 1011 SKEY_MSG="yes"
82f4e93d 1012
ddceb1c8 1013 AC_MSG_CHECKING([for s/key support])
b0e7249f 1014 AC_LINK_IFELSE(
1015 [AC_LANG_SOURCE([[
ddceb1c8 1016#include <stdio.h>
1017#include <skey.h>
aec4cb4f 1018int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1019 ]])],
ddceb1c8 1020 [AC_MSG_RESULT(yes)],
278588d8 1021 [
ddceb1c8 1022 AC_MSG_RESULT(no)
278588d8 1023 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1024 ])
141fc639 1025 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1026 AC_TRY_COMPILE(
1027 [#include <stdio.h>
1028 #include <skey.h>],
1029 [(void)skeychallenge(NULL,"name","",0);],
1030 [AC_MSG_RESULT(yes)
3466e002 1031 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1032 [Define if your skeychallenge()
1033 function takes 4 arguments (NetBSD)])],
141fc639 1034 [AC_MSG_RESULT(no)]
1035 )
278588d8 1036 fi
1037 ]
1038)
1039
1040# Check whether user wants TCP wrappers support
98a7c37b 1041TCPW_MSG="no"
278588d8 1042AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1043 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1044 [
1045 if test "x$withval" != "xno" ; then
1046 saved_LIBS="$LIBS"
98a7c37b 1047 saved_LDFLAGS="$LDFLAGS"
1048 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1049 if test -n "${withval}" && \
6cf0200f 1050 test "x${withval}" != "xyes"; then
98a7c37b 1051 if test -d "${withval}/lib"; then
1052 if test -n "${need_dash_r}"; then
5a162955 1053 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1054 else
5a162955 1055 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1056 fi
1057 else
1058 if test -n "${need_dash_r}"; then
5a162955 1059 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1060 else
5a162955 1061 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1062 fi
1063 fi
1064 if test -d "${withval}/include"; then
5a162955 1065 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1066 else
5a162955 1067 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1068 fi
98a7c37b 1069 fi
ddceb1c8 1070 LIBWRAP="-lwrap"
1071 LIBS="$LIBWRAP $LIBS"
278588d8 1072 AC_MSG_CHECKING(for libwrap)
1073 AC_TRY_LINK(
1074 [
77f09220 1075#include <sys/types.h>
1076#include <sys/socket.h>
1077#include <netinet/in.h>
278588d8 1078#include <tcpd.h>
1079 int deny_severity = 0, allow_severity = 0;
1080 ],
1081 [hosts_access(0);],
1082 [
1083 AC_MSG_RESULT(yes)
3466e002 1084 AC_DEFINE(LIBWRAP, 1,
1085 [Define if you want
1086 TCP Wrappers support])
ddceb1c8 1087 AC_SUBST(LIBWRAP)
98a7c37b 1088 TCPW_MSG="yes"
278588d8 1089 ],
1090 [
1091 AC_MSG_ERROR([*** libwrap missing])
1092 ]
1093 )
ddceb1c8 1094 LIBS="$saved_LIBS"
278588d8 1095 fi
1096 ]
1097)
1098
59031773 1099# Check whether user wants libedit support
1100LIBEDIT_MSG="no"
1101AC_ARG_WITH(libedit,
6ff3d0dc 1102 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1103 [ if test "x$withval" != "xno" ; then
737edf04 1104 if test "x$withval" != "xyes"; then
bb116c8e 1105 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1106 if test -n "${need_dash_r}"; then
1107 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1108 else
1109 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1110 fi
737edf04 1111 fi
59031773 1112 AC_CHECK_LIB(edit, el_init,
3466e002 1113 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1114 LIBEDIT="-ledit -lcurses"
1115 LIBEDIT_MSG="yes"
1116 AC_SUBST(LIBEDIT)
1117 ],
737edf04 1118 [ AC_MSG_ERROR(libedit not found) ],
1119 [ -lcurses ]
59031773 1120 )
f47ddccb 1121 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1122 AC_COMPILE_IFELSE(
1123 [AC_LANG_SOURCE([[
1124#include <histedit.h>
f47ddccb 1125int main(void)
1126{
1127 int i = H_SETSIZE;
1128 el_init("", NULL, NULL, NULL);
1129 exit(0);
1130}
d92622f9 1131 ]])],
f47ddccb 1132 [ AC_MSG_RESULT(yes) ],
1133 [ AC_MSG_RESULT(no)
1134 AC_MSG_ERROR(libedit version is not compatible) ]
1135 )
59031773 1136 fi ]
1137)
1138
7b578f7d 1139AUDIT_MODULE=none
1140AC_ARG_WITH(audit,
1141 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1142 [
1143 AC_MSG_CHECKING(for supported audit module)
1144 case "$withval" in
1145 bsm)
1146 AC_MSG_RESULT(bsm)
1147 AUDIT_MODULE=bsm
1148 dnl Checks for headers, libs and functions
1149 AC_CHECK_HEADERS(bsm/audit.h, [],
1150 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1151 AC_CHECK_LIB(bsm, getaudit, [],
1152 [AC_MSG_ERROR(BSM enabled and required library not found)])
1153 AC_CHECK_FUNCS(getaudit, [],
1154 [AC_MSG_ERROR(BSM enabled and required function not found)])
1155 # These are optional
7939c496 1156 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1157 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1158 ;;
1159 debug)
1160 AUDIT_MODULE=debug
1161 AC_MSG_RESULT(debug)
3466e002 1162 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1163 ;;
a2b3321d 1164 no)
d92622f9 1165 AC_MSG_RESULT(no)
a2b3321d 1166 ;;
7b578f7d 1167 *)
1168 AC_MSG_ERROR([Unknown audit module $withval])
1169 ;;
1170 esac ]
1171)
1172
19160674 1173dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1174AC_CHECK_FUNCS( \
1175 arc4random \
9a406e1e 1176 asprintf \
b04a9f8c 1177 b64_ntop \
1178 __b64_ntop \
1179 b64_pton \
1180 __b64_pton \
1181 bcopy \
1182 bindresvport_sa \
1183 clock \
1184 closefrom \
1185 dirfd \
b04a9f8c 1186 fchmod \
1187 fchown \
1188 freeaddrinfo \
1189 futimes \
1190 getaddrinfo \
1191 getcwd \
1192 getgrouplist \
1193 getnameinfo \
1194 getopt \
1195 getpeereid \
1196 _getpty \
1197 getrlimit \
1198 getttyent \
1199 glob \
1200 inet_aton \
1201 inet_ntoa \
1202 inet_ntop \
1203 innetgr \
1204 login_getcapbool \
1205 md5_crypt \
1206 memmove \
1207 mkdtemp \
1208 mmap \
1209 ngetaddrinfo \
1210 nsleep \
1211 ogetaddrinfo \
1212 openlog_r \
1213 openpty \
1214 prctl \
1215 pstat \
1216 readpassphrase \
1217 realpath \
1218 recvmsg \
1219 rresvport_af \
1220 sendmsg \
1221 setdtablesize \
1222 setegid \
1223 setenv \
1224 seteuid \
1225 setgroups \
1226 setlogin \
1227 setpcred \
1228 setproctitle \
1229 setregid \
1230 setreuid \
1231 setrlimit \
1232 setsid \
1233 setvbuf \
1234 sigaction \
1235 sigvec \
1236 snprintf \
1237 socketpair \
1238 strdup \
1239 strerror \
1240 strlcat \
1241 strlcpy \
1242 strmode \
1243 strnvis \
1244 strtonum \
1e29a0c8 1245 strtoll \
b04a9f8c 1246 strtoul \
1247 sysconf \
1248 tcgetpgrp \
1249 truncate \
1250 unsetenv \
1251 updwtmpx \
9a406e1e 1252 vasprintf \
b04a9f8c 1253 vhangup \
1254 vsnprintf \
1255 waitpid \
19160674 1256)
98a7c37b 1257
1a086f97 1258# IRIX has a const char return value for gai_strerror()
1259AC_CHECK_FUNCS(gai_strerror,[
1260 AC_DEFINE(HAVE_GAI_STRERROR)
1261 AC_TRY_COMPILE([
1262#include <sys/types.h>
1263#include <sys/socket.h>
1264#include <netdb.h>
1265
1266const char *gai_strerror(int);],[
1267char *str;
1268
1269str = gai_strerror(0);],[
1270 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1271 [Define if gai_strerror() returns const char *])])])
1272
3466e002 1273AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1274 [Some systems put nanosleep outside of libc]))
92b1decf 1275
309709db 1276dnl Make sure prototypes are defined for these before using them.
309709db 1277AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1278AC_CHECK_DECL(strsep,
1279 [AC_CHECK_FUNCS(strsep)],
1280 [],
1281 [
1282#ifdef HAVE_STRING_H
1283# include <string.h>
1284#endif
1285 ])
08412d26 1286
3490699c 1287dnl tcsendbreak might be a macro
1288AC_CHECK_DECL(tcsendbreak,
1289 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1290 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1291 [#include <termios.h>]
1292)
1293
41e0e158 1294AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1295
71f4c727 1296AC_CHECK_DECLS(SHUT_RD, , ,
1297 [
1298#include <sys/types.h>
1299#include <sys/socket.h>
1300 ])
956d6743 1301
1302AC_CHECK_DECLS(O_NONBLOCK, , ,
1303 [
1304#include <sys/types.h>
1305#ifdef HAVE_SYS_STAT_H
1306# include <sys/stat.h>
1307#endif
1308#ifdef HAVE_FCNTL_H
1309# include <fcntl.h>
1310#endif
1311 ])
1312
3f176010 1313AC_CHECK_FUNCS(setresuid, [
1314 dnl Some platorms have setresuid that isn't implemented, test for this
1315 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1316 AC_RUN_IFELSE(
1317 [AC_LANG_SOURCE([[
9a3fe0e2 1318#include <stdlib.h>
1319#include <errno.h>
1320int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1321 ]])],
3f176010 1322 [AC_MSG_RESULT(yes)],
3466e002 1323 [AC_DEFINE(BROKEN_SETRESUID, 1,
1324 [Define if your setresuid() is broken])
1a01a50c 1325 AC_MSG_RESULT(not implemented)],
1326 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1327 )
1328])
9a3fe0e2 1329
3f176010 1330AC_CHECK_FUNCS(setresgid, [
1331 dnl Some platorms have setresgid that isn't implemented, test for this
1332 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1333 AC_RUN_IFELSE(
1334 [AC_LANG_SOURCE([[
9a3fe0e2 1335#include <stdlib.h>
1336#include <errno.h>
1337int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1338 ]])],
3f176010 1339 [AC_MSG_RESULT(yes)],
3466e002 1340 [AC_DEFINE(BROKEN_SETRESGID, 1,
1341 [Define if your setresgid() is broken])
1a01a50c 1342 AC_MSG_RESULT(not implemented)],
1343 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1344 )
1345])
9a3fe0e2 1346
2e73a022 1347dnl Checks for time functions
1d7b9b20 1348AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1349dnl Checks for utmp functions
b03bd394 1350AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1351AC_CHECK_FUNCS(utmpname)
2e73a022 1352dnl Checks for utmpx functions
b03bd394 1353AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1354AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1355
aff51935 1356AC_CHECK_FUNC(daemon,
3466e002 1357 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1358 [AC_CHECK_LIB(bsd, daemon,
1359 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1360)
1361
aff51935 1362AC_CHECK_FUNC(getpagesize,
3466e002 1363 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1364 [Define if your libraries define getpagesize()])],
1365 [AC_CHECK_LIB(ucb, getpagesize,
1366 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1367)
1368
2647ae26 1369# Check for broken snprintf
1370if test "x$ac_cv_func_snprintf" = "xyes" ; then
1371 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1372 AC_RUN_IFELSE(
479cece8 1373 [AC_LANG_SOURCE([[
2647ae26 1374#include <stdio.h>
aec4cb4f 1375int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1376 ]])],
aff51935 1377 [AC_MSG_RESULT(yes)],
2647ae26 1378 [
1379 AC_MSG_RESULT(no)
3466e002 1380 AC_DEFINE(BROKEN_SNPRINTF, 1,
1381 [Define if your snprintf is busted])
2647ae26 1382 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1383 ],
1384 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1385 )
1386fi
1387
9a406e1e 1388# If we don't have a working asprintf, then we strongly depend on vsnprintf
1389# returning the right thing on overflow: the number of characters it tried to
1390# create (as per SUSv3)
1391if test "x$ac_cv_func_asprintf" != "xyes" && \
1392 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1393 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1394 AC_RUN_IFELSE(
1395 [AC_LANG_SOURCE([[
1396#include <sys/types.h>
1397#include <stdio.h>
1398#include <stdarg.h>
1399
1400int x_snprintf(char *str,size_t count,const char *fmt,...)
1401{
1402 size_t ret; va_list ap;
1403 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1404 return ret;
1405}
1406int main(void)
1407{
1408 char x[1];
1409 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1410} ]])],
1411 [AC_MSG_RESULT(yes)],
1412 [
1413 AC_MSG_RESULT(no)
1414 AC_DEFINE(BROKEN_SNPRINTF, 1,
1415 [Define if your snprintf is busted])
1416 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1417 ],
1418 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1419 )
1420fi
1421
31b0732a 1422# On systems where [v]snprintf is broken, but is declared in stdio,
1423# check that the fmt argument is const char * or just char *.
1424# This is only useful for when BROKEN_SNPRINTF
1425AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1426AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1427 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1428 int main(void) { snprintf(0, 0, 0); }
1429 ]])],
1430 [AC_MSG_RESULT(yes)
1431 AC_DEFINE(SNPRINTF_CONST, [const],
1432 [Define as const if snprintf() can declare const char *fmt])],
1433 [AC_MSG_RESULT(no)
1434 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1435
2f6f9cff 1436# Check for missing getpeereid (or equiv) support
1437NO_PEERCHECK=""
1438if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1439 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1440 AC_TRY_COMPILE(
1441 [#include <sys/types.h>
1442 #include <sys/socket.h>],
1443 [int i = SO_PEERCRED;],
62eb7db4 1444 [ AC_MSG_RESULT(yes)
3466e002 1445 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1446 ],
2f6f9cff 1447 [AC_MSG_RESULT(no)
1448 NO_PEERCHECK=1]
1449 )
1450fi
1451
70e7d0b0 1452dnl see whether mkstemp() requires XXXXXX
1453if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1454AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1455AC_RUN_IFELSE(
1456 [AC_LANG_SOURCE([[
70e7d0b0 1457#include <stdlib.h>
1458main() { char template[]="conftest.mkstemp-test";
1459if (mkstemp(template) == -1)
1460 exit(1);
1461unlink(template); exit(0);
1462}
b0e7249f 1463 ]])],
70e7d0b0 1464 [
1465 AC_MSG_RESULT(no)
1466 ],
aff51935 1467 [
70e7d0b0 1468 AC_MSG_RESULT(yes)
3466e002 1469 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1470 ],
1471 [
1472 AC_MSG_RESULT(yes)
1473 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1474 ]
70e7d0b0 1475)
1476fi
1477
eacb954e 1478dnl make sure that openpty does not reacquire controlling terminal
1479if test ! -z "$check_for_openpty_ctty_bug"; then
1480 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1481 AC_RUN_IFELSE(
1482 [AC_LANG_SOURCE([[
eacb954e 1483#include <stdio.h>
1484#include <sys/fcntl.h>
1485#include <sys/types.h>
1486#include <sys/wait.h>
1487
1488int
1489main()
1490{
1491 pid_t pid;
1492 int fd, ptyfd, ttyfd, status;
1493
1494 pid = fork();
1495 if (pid < 0) { /* failed */
1496 exit(1);
1497 } else if (pid > 0) { /* parent */
1498 waitpid(pid, &status, 0);
aff51935 1499 if (WIFEXITED(status))
eacb954e 1500 exit(WEXITSTATUS(status));
1501 else
1502 exit(2);
1503 } else { /* child */
1504 close(0); close(1); close(2);
1505 setsid();
1506 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1507 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1508 if (fd >= 0)
1509 exit(3); /* Acquired ctty: broken */
1510 else
1511 exit(0); /* Did not acquire ctty: OK */
1512 }
1513}
b0e7249f 1514 ]])],
eacb954e 1515 [
1516 AC_MSG_RESULT(yes)
1517 ],
1518 [
1519 AC_MSG_RESULT(no)
1520 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1521 ],
1522 [
1523 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1524 ]
1525 )
1526fi
1527
4b492aab 1528if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1529 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1530 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1531 AC_RUN_IFELSE(
1532 [AC_LANG_SOURCE([[
2fe51906 1533#include <stdio.h>
1534#include <sys/socket.h>
1535#include <netdb.h>
1536#include <errno.h>
1537#include <netinet/in.h>
1538
1539#define TEST_PORT "2222"
1540
1541int
1542main(void)
1543{
1544 int err, sock;
1545 struct addrinfo *gai_ai, *ai, hints;
1546 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1547
1548 memset(&hints, 0, sizeof(hints));
1549 hints.ai_family = PF_UNSPEC;
1550 hints.ai_socktype = SOCK_STREAM;
1551 hints.ai_flags = AI_PASSIVE;
1552
1553 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1554 if (err != 0) {
1555 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1556 exit(1);
1557 }
1558
1559 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1560 if (ai->ai_family != AF_INET6)
1561 continue;
1562
1563 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1564 sizeof(ntop), strport, sizeof(strport),
1565 NI_NUMERICHOST|NI_NUMERICSERV);
1566
1567 if (err != 0) {
1568 if (err == EAI_SYSTEM)
1569 perror("getnameinfo EAI_SYSTEM");
1570 else
1571 fprintf(stderr, "getnameinfo failed: %s\n",
1572 gai_strerror(err));
1573 exit(2);
1574 }
1575
1576 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1577 if (sock < 0)
1578 perror("socket");
1579 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1580 if (errno == EBADF)
1581 exit(3);
1582 }
1583 }
1584 exit(0);
1585}
b0e7249f 1586 ]])],
2fe51906 1587 [
1588 AC_MSG_RESULT(yes)
1589 ],
1590 [
1591 AC_MSG_RESULT(no)
1592 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1593 ],
1594 [
1595 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1596 ]
1597 )
1598fi
1599
4b492aab 1600if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1601 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1602 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1603 AC_RUN_IFELSE(
1604 [AC_LANG_SOURCE([[
5ccf88cb 1605#include <stdio.h>
1606#include <sys/socket.h>
1607#include <netdb.h>
1608#include <errno.h>
1609#include <netinet/in.h>
1610
1611#define TEST_PORT "2222"
1612
1613int
1614main(void)
1615{
1616 int err, sock;
1617 struct addrinfo *gai_ai, *ai, hints;
1618 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1619
1620 memset(&hints, 0, sizeof(hints));
1621 hints.ai_family = PF_UNSPEC;
1622 hints.ai_socktype = SOCK_STREAM;
1623 hints.ai_flags = AI_PASSIVE;
1624
1625 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1626 if (err != 0) {
1627 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1628 exit(1);
1629 }
1630
1631 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1632 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1633 continue;
1634
1635 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1636 sizeof(ntop), strport, sizeof(strport),
1637 NI_NUMERICHOST|NI_NUMERICSERV);
1638
1639 if (ai->ai_family == AF_INET && err != 0) {
1640 perror("getnameinfo");
1641 exit(2);
1642 }
1643 }
1644 exit(0);
1645}
b0e7249f 1646 ]])],
5ccf88cb 1647 [
1648 AC_MSG_RESULT(yes)
3466e002 1649 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1650 [Define if you have a getaddrinfo that fails
1651 for the all-zeros IPv6 address])
5ccf88cb 1652 ],
1653 [
1654 AC_MSG_RESULT(no)
1655 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1656 ],
ecd9ec09 1657 [
b0e7249f 1658 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1659 ]
1660 )
1661fi
1662
b29fd59f 1663if test "x$check_for_conflicting_getspnam" = "x1"; then
1664 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1665 AC_COMPILE_IFELSE(
1666 [
1667#include <shadow.h>
1668int main(void) {exit(0);}
1669 ],
1670 [
1671 AC_MSG_RESULT(no)
1672 ],
1673 [
1674 AC_MSG_RESULT(yes)
1675 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1676 [Conflicting defs for getspnam])
1677 ]
1678 )
1679fi
1680
7f8f5e00 1681AC_FUNC_GETPGRP
1682
5b991353 1683# Search for OpenSSL
1684saved_CPPFLAGS="$CPPFLAGS"
1685saved_LDFLAGS="$LDFLAGS"
a0391976 1686AC_ARG_WITH(ssl-dir,
1687 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1688 [
e9e4a1c7 1689 if test "x$withval" != "xno" ; then
99eb0f64 1690 case "$withval" in
1691 # Relative paths
1692 ./*|../*) withval="`pwd`/$withval"
1693 esac
5b991353 1694 if test -d "$withval/lib"; then
1695 if test -n "${need_dash_r}"; then
1696 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1697 else
1698 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1699 fi
1700 else
5b991353 1701 if test -n "${need_dash_r}"; then
1702 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1703 else
1704 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1705 fi
1706 fi
5b991353 1707 if test -d "$withval/include"; then
1708 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1709 else
5b991353 1710 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1711 fi
a0391976 1712 fi
5b991353 1713 ]
1714)
5486a457 1715LIBS="-lcrypto $LIBS"
3466e002 1716AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1717 [Define if your ssl headers are included
1718 with #include <openssl/header.h>]),
d45e3d76 1719 [
5b991353 1720 dnl Check default openssl install dir
1721 if test -n "${need_dash_r}"; then
1722 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1723 else
5b991353 1724 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1725 fi
5b991353 1726 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1727 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1728 [
1729 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1730 ]
1731 )
1732 ]
1733)
1734
cd018561 1735# Determine OpenSSL header version
1736AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1737AC_RUN_IFELSE(
479cece8 1738 [AC_LANG_SOURCE([[
cd018561 1739#include <stdio.h>
1740#include <string.h>
1741#include <openssl/opensslv.h>
1742#define DATA "conftest.sslincver"
1743int main(void) {
aff51935 1744 FILE *fd;
1745 int rc;
cd018561 1746
aff51935 1747 fd = fopen(DATA,"w");
1748 if(fd == NULL)
1749 exit(1);
cd018561 1750
1751 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1752 exit(1);
1753
1754 exit(0);
1755}
479cece8 1756 ]])],
cd018561 1757 [
1758 ssl_header_ver=`cat conftest.sslincver`
1759 AC_MSG_RESULT($ssl_header_ver)
1760 ],
1761 [
1762 AC_MSG_RESULT(not found)
1763 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1764 ],
1765 [
1766 AC_MSG_WARN([cross compiling: not checking])
cd018561 1767 ]
1768)
1769
1770# Determine OpenSSL library version
1771AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1772AC_RUN_IFELSE(
479cece8 1773 [AC_LANG_SOURCE([[
cd018561 1774#include <stdio.h>
1775#include <string.h>
1776#include <openssl/opensslv.h>
1777#include <openssl/crypto.h>
1778#define DATA "conftest.ssllibver"
1779int main(void) {
aff51935 1780 FILE *fd;
1781 int rc;
cd018561 1782
aff51935 1783 fd = fopen(DATA,"w");
1784 if(fd == NULL)
1785 exit(1);
cd018561 1786
1787 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1788 exit(1);
1789
1790 exit(0);
1791}
479cece8 1792 ]])],
cd018561 1793 [
1794 ssl_library_ver=`cat conftest.ssllibver`
1795 AC_MSG_RESULT($ssl_library_ver)
1796 ],
1797 [
1798 AC_MSG_RESULT(not found)
1799 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1800 ],
1801 [
1802 AC_MSG_WARN([cross compiling: not checking])
cd018561 1803 ]
1804)
58d100bf 1805
9780116c 1806# Sanity check OpenSSL headers
1807AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1808AC_RUN_IFELSE(
479cece8 1809 [AC_LANG_SOURCE([[
9780116c 1810#include <string.h>
1811#include <openssl/opensslv.h>
aec4cb4f 1812int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1813 ]])],
9780116c 1814 [
1815 AC_MSG_RESULT(yes)
1816 ],
1817 [
1818 AC_MSG_RESULT(no)
e15ba28b 1819 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1820Check config.log for details.
1821Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1822 ],
1823 [
1824 AC_MSG_WARN([cross compiling: not checking])
9780116c 1825 ]
1826)
1827
282d6408 1828AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1829AC_LINK_IFELSE(
1830 [AC_LANG_SOURCE([[
1831#include <openssl/evp.h>
1832int main(void) { SSLeay_add_all_algorithms(); }
1833 ]])],
1834 [
1835 AC_MSG_RESULT(yes)
1836 ],
1837 [
1838 AC_MSG_RESULT(no)
1839 saved_LIBS="$LIBS"
1840 LIBS="$LIBS -ldl"
1841 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1842 AC_LINK_IFELSE(
1843 [AC_LANG_SOURCE([[
1844#include <openssl/evp.h>
1845int main(void) { SSLeay_add_all_algorithms(); }
1846 ]])],
1847 [
1848 AC_MSG_RESULT(yes)
1849 ],
1850 [
1851 AC_MSG_RESULT(no)
1852 LIBS="$saved_LIBS"
1853 ]
1854 )
1855 ]
1856)
1857
c7ad0d99 1858AC_ARG_WITH(ssl-engine,
1859 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1860 [ if test "x$withval" != "xno" ; then
1861 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1862 AC_TRY_COMPILE(
1863 [ #include <openssl/engine.h>],
1864 [
1865int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1866 ],
1867 [ AC_MSG_RESULT(yes)
1868 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1869 [Enable OpenSSL engine support])
1870 ],
1871 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1872 )
1873 fi ]
1874)
1875
e5146707 1876# Check for OpenSSL without EVP_aes_{192,256}_cbc
1877AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1878AC_LINK_IFELSE(
e5146707 1879 [AC_LANG_SOURCE([[
1880#include <string.h>
1881#include <openssl/evp.h>
300ea548 1882int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1883 ]])],
1884 [
1885 AC_MSG_RESULT(no)
1886 ],
1887 [
1888 AC_MSG_RESULT(yes)
1889 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1890 [libcrypto is missing AES 192 and 256 bit functions])
1891 ]
1892)
1893
5486a457 1894# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1895# because the system crypt() is more featureful.
1896if test "x$check_for_libcrypt_before" = "x1"; then
1897 AC_CHECK_LIB(crypt, crypt)
1898fi
1899
aff51935 1900# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1901# version in OpenSSL.
05114c74 1902if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1903 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1904fi
1905
13ff27b7 1906# Search for SHA256 support in libc and/or OpenSSL
1907AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1908
4c653d8e 1909AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1910
1911### Configure cryptographic random number support
1912
1913# Check wheter OpenSSL seeds itself
1914AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1915AC_RUN_IFELSE(
479cece8 1916 [AC_LANG_SOURCE([[
f1b0ecc3 1917#include <string.h>
1918#include <openssl/rand.h>
aec4cb4f 1919int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1920 ]])],
f1b0ecc3 1921 [
1922 OPENSSL_SEEDS_ITSELF=yes
1923 AC_MSG_RESULT(yes)
1924 ],
1925 [
1926 AC_MSG_RESULT(no)
1927 # Default to use of the rand helper if OpenSSL doesn't
1928 # seed itself
1929 USE_RAND_HELPER=yes
1a01a50c 1930 ],
1931 [
1932 AC_MSG_WARN([cross compiling: assuming yes])
1933 # This is safe, since all recent OpenSSL versions will
82f4e93d 1934 # complain at runtime if not seeded correctly.
1a01a50c 1935 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1936 ]
1937)
1938
a086f73b 1939# Check for PAM libs
1940PAM_MSG="no"
1941AC_ARG_WITH(pam,
1942 [ --with-pam Enable PAM support ],
1943 [
1944 if test "x$withval" != "xno" ; then
1945 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1946 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
1947 AC_MSG_ERROR([PAM headers not found])
1948 fi
1949
1950 saved_LIBS="$LIBS"
1951 AC_CHECK_LIB(dl, dlopen, , )
1952 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1953 AC_CHECK_FUNCS(pam_getenvlist)
1954 AC_CHECK_FUNCS(pam_putenv)
1955 LIBS="$saved_LIBS"
1956
1957 PAM_MSG="yes"
1958
282d6408 1959 LIBPAM="-lpam"
a086f73b 1960 AC_DEFINE(USE_PAM, 1,
1961 [Define if you want to enable PAM support])
282d6408 1962
a086f73b 1963 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 1964 case "$LIBS" in
1965 *-ldl*)
1966 # libdl already in LIBS
1967 ;;
1968 *)
1969 LIBPAM="-$LIBPAM -ldl"
1970 ;;
1971 esac
a086f73b 1972 fi
1973 AC_SUBST(LIBPAM)
1974 fi
1975 ]
1976)
1977
1978# Check for older PAM
1979if test "x$PAM_MSG" = "xyes" ; then
1980 # Check PAM strerror arguments (old PAM)
1981 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1982 AC_TRY_COMPILE(
1983 [
1984#include <stdlib.h>
1985#if defined(HAVE_SECURITY_PAM_APPL_H)
1986#include <security/pam_appl.h>
1987#elif defined (HAVE_PAM_PAM_APPL_H)
1988#include <pam/pam_appl.h>
1989#endif
1990 ],
1991 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
1992 [AC_MSG_RESULT(no)],
1993 [
1994 AC_DEFINE(HAVE_OLD_PAM, 1,
1995 [Define if you have an old version of PAM
1996 which takes only one argument to pam_strerror])
1997 AC_MSG_RESULT(yes)
1998 PAM_MSG="yes (old library)"
1999 ]
2000 )
2001fi
f1b0ecc3 2002
2003# Do we want to force the use of the rand helper?
2004AC_ARG_WITH(rand-helper,
2005 [ --with-rand-helper Use subprocess to gather strong randomness ],
2006 [
2007 if test "x$withval" = "xno" ; then
aff51935 2008 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2009 # the previous test showed it to be unseeded.
2010 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2011 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2012 OPENSSL_SEEDS_ITSELF=yes
2013 USE_RAND_HELPER=""
2014 fi
2015 else
2016 USE_RAND_HELPER=yes
2017 fi
2018 ],
82f4e93d 2019)
f1b0ecc3 2020
2021# Which randomness source do we use?
4b492aab 2022if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2023 # OpenSSL only
3466e002 2024 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2025 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2026 RAND_MSG="OpenSSL internal ONLY"
2027 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2028elif test ! -z "$USE_RAND_HELPER" ; then
2029 # install rand helper
f1b0ecc3 2030 RAND_MSG="ssh-rand-helper"
2031 INSTALL_SSH_RAND_HELPER="yes"
2032fi
2033AC_SUBST(INSTALL_SSH_RAND_HELPER)
2034
2035### Configuration of ssh-rand-helper
2036
2037# PRNGD TCP socket
2038AC_ARG_WITH(prngd-port,
2039 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2040 [
eb5d7ff6 2041 case "$withval" in
2042 no)
2043 withval=""
2044 ;;
2045 [[0-9]]*)
2046 ;;
2047 *)
2048 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2049 ;;
2050 esac
2051 if test ! -z "$withval" ; then
f1b0ecc3 2052 PRNGD_PORT="$withval"
3466e002 2053 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2054 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2055 fi
2056 ]
2057)
2058
2059# PRNGD Unix domain socket
2060AC_ARG_WITH(prngd-socket,
2061 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2062 [
eb5d7ff6 2063 case "$withval" in
2064 yes)
f1b0ecc3 2065 withval="/var/run/egd-pool"
eb5d7ff6 2066 ;;
2067 no)
2068 withval=""
2069 ;;
2070 /*)
2071 ;;
2072 *)
2073 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2074 ;;
2075 esac
2076
2077 if test ! -z "$withval" ; then
f1b0ecc3 2078 if test ! -z "$PRNGD_PORT" ; then
2079 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2080 fi
906e811b 2081 if test ! -r "$withval" ; then
f1b0ecc3 2082 AC_MSG_WARN(Entropy socket is not readable)
2083 fi
2084 PRNGD_SOCKET="$withval"
3466e002 2085 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2086 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2087 fi
ddceb1c8 2088 ],
2089 [
2090 # Check for existing socket only if we don't have a random device already
2091 if test "$USE_RAND_HELPER" = yes ; then
2092 AC_MSG_CHECKING(for PRNGD/EGD socket)
2093 # Insert other locations here
2094 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2095 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2096 PRNGD_SOCKET="$sock"
2097 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2098 break;
2099 fi
2100 done
2101 if test ! -z "$PRNGD_SOCKET" ; then
2102 AC_MSG_RESULT($PRNGD_SOCKET)
2103 else
2104 AC_MSG_RESULT(not found)
2105 fi
2106 fi
f1b0ecc3 2107 ]
2108)
2109
2110# Change default command timeout for hashing entropy source
2111entropy_timeout=200
2112AC_ARG_WITH(entropy-timeout,
2113 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2114 [
6cf0200f 2115 if test -n "$withval" && test "x$withval" != "xno" && \
2116 test "x${withval}" != "xyes"; then
f1b0ecc3 2117 entropy_timeout=$withval
2118 fi
82f4e93d 2119 ]
f1b0ecc3 2120)
3466e002 2121AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2122 [Builtin PRNG command timeout])
f1b0ecc3 2123
fd3cbf67 2124SSH_PRIVSEP_USER=sshd
9a0fbcb3 2125AC_ARG_WITH(privsep-user,
5222e7ef 2126 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2127 [
6cf0200f 2128 if test -n "$withval" && test "x$withval" != "xno" && \
2129 test "x${withval}" != "xyes"; then
fd3cbf67 2130 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2131 fi
82f4e93d 2132 ]
9a0fbcb3 2133)
3466e002 2134AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2135 [non-privileged user for privilege separation])
fd3cbf67 2136AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2137
81dadca3 2138# We do this little dance with the search path to insure
2139# that programs that we select for use by installed programs
2140# (which may be run by the super-user) come from trusted
2141# locations before they come from the user's private area.
2142# This should help avoid accidentally configuring some
2143# random version of a program in someone's personal bin.
2144
2145OPATH=$PATH
2146PATH=/bin:/usr/bin
f95c8ce8 2147test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2148test -d /sbin && PATH=$PATH:/sbin
2149test -d /usr/sbin && PATH=$PATH:/usr/sbin
2150PATH=$PATH:/etc:$OPATH
2151
aff51935 2152# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2153OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2154OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2155OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2156OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2157OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2158OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2159OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2160OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2161OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2162OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2163OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2164OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2165OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2166OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2167OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2168OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2169# restore PATH
2170PATH=$OPATH
f1b0ecc3 2171
2172# Where does ssh-rand-helper get its randomness from?
2173INSTALL_SSH_PRNG_CMDS=""
2174if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2175 if test ! -z "$PRNGD_PORT" ; then
2176 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2177 elif test ! -z "$PRNGD_SOCKET" ; then
2178 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2179 else
2180 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2181 RAND_HELPER_CMDHASH=yes
2182 INSTALL_SSH_PRNG_CMDS="yes"
2183 fi
2184fi
2185AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2186
2187
66d6c27e 2188# Cheap hack to ensure NEWS-OS libraries are arranged right.
2189if test ! -z "$SONY" ; then
2190 LIBS="$LIBS -liberty";
2191fi
2192
9a406e1e 2193# Check for long long datatypes
2194AC_CHECK_TYPES([long long, unsigned long long, long double])
2195
2196# Check datatype sizes
976f7e19 2197AC_CHECK_SIZEOF(char, 1)
2b942fe0 2198AC_CHECK_SIZEOF(short int, 2)
2199AC_CHECK_SIZEOF(int, 4)
2200AC_CHECK_SIZEOF(long int, 4)
2201AC_CHECK_SIZEOF(long long int, 8)
2202
52f1ccb2 2203# Sanity check long long for some platforms (AIX)
2204if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2205 ac_cv_sizeof_long_long_int=0
2206fi
2207
90f15776 2208# compute LLONG_MIN and LLONG_MAX if we don't know them.
2209if test -z "$have_llong_max"; then
2210 AC_MSG_CHECKING([for max value of long long])
2211 AC_RUN_IFELSE(
2212 [AC_LANG_SOURCE([[
2213#include <stdio.h>
2214/* Why is this so damn hard? */
2215#ifdef __GNUC__
2216# undef __GNUC__
2217#endif
2218#define __USE_ISOC99
2219#include <limits.h>
2220#define DATA "conftest.llminmax"
055252ed 2221#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2222
2223/*
2224 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2225 * we do this the hard way.
2226 */
2227static int
2228fprint_ll(FILE *f, long long n)
2229{
2230 unsigned int i;
2231 int l[sizeof(long long) * 8];
2232
2233 if (n < 0)
2234 if (fprintf(f, "-") < 0)
2235 return -1;
2236 for (i = 0; n != 0; i++) {
2237 l[i] = my_abs(n % 10);
2238 n /= 10;
2239 }
2240 do {
2241 if (fprintf(f, "%d", l[--i]) < 0)
2242 return -1;
2243 } while (i != 0);
2244 if (fprintf(f, " ") < 0)
2245 return -1;
2246 return 0;
2247}
2248
90f15776 2249int main(void) {
2250 FILE *f;
2251 long long i, llmin, llmax = 0;
2252
2253 if((f = fopen(DATA,"w")) == NULL)
2254 exit(1);
2255
2256#if defined(LLONG_MIN) && defined(LLONG_MAX)
2257 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2258 llmin = LLONG_MIN;
2259 llmax = LLONG_MAX;
2260#else
2261 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2262 /* This will work on one's complement and two's complement */
2263 for (i = 1; i > llmax; i <<= 1, i++)
2264 llmax = i;
2265 llmin = llmax + 1LL; /* wrap */
2266#endif
2267
2268 /* Sanity check */
2269 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2270 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2271 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2272 fprintf(f, "unknown unknown\n");
2273 exit(2);
2274 }
2275
055252ed 2276 if (fprint_ll(f, llmin) < 0)
90f15776 2277 exit(3);
055252ed 2278 if (fprint_ll(f, llmax) < 0)
2279 exit(4);
2280 if (fclose(f) < 0)
2281 exit(5);
90f15776 2282 exit(0);
2283}
2284 ]])],
2285 [
2286 llong_min=`$AWK '{print $1}' conftest.llminmax`
2287 llong_max=`$AWK '{print $2}' conftest.llminmax`
2288
90f15776 2289 AC_MSG_RESULT($llong_max)
2290 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2291 [max value of long long calculated by configure])
2292 AC_MSG_CHECKING([for min value of long long])
2293 AC_MSG_RESULT($llong_min)
2294 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2295 [min value of long long calculated by configure])
2296 ],
2297 [
2298 AC_MSG_RESULT(not found)
2299 ],
2300 [
2301 AC_MSG_WARN([cross compiling: not checking])
2302 ]
2303 )
2304fi
2305
2306
a0391976 2307# More checks for data types
14a9a859 2308AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2309 AC_TRY_COMPILE(
aff51935 2310 [ #include <sys/types.h> ],
2311 [ u_int a; a = 1;],
14a9a859 2312 [ ac_cv_have_u_int="yes" ],
2313 [ ac_cv_have_u_int="no" ]
2314 )
2315])
2316if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2317 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2318 have_u_int=1
2319fi
2320
58d100bf 2321AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2322 AC_TRY_COMPILE(
aff51935 2323 [ #include <sys/types.h> ],
2324 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2325 [ ac_cv_have_intxx_t="yes" ],
2326 [ ac_cv_have_intxx_t="no" ]
2327 )
2328])
2329if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2330 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2331 have_intxx_t=1
2332fi
41cb4569 2333
2334if (test -z "$have_intxx_t" && \
aff51935 2335 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2336then
2337 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2338 AC_TRY_COMPILE(
aff51935 2339 [ #include <stdint.h> ],
2340 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2341 [
2342 AC_DEFINE(HAVE_INTXX_T)
2343 AC_MSG_RESULT(yes)
2344 ],
2345 [ AC_MSG_RESULT(no) ]
2346 )
2347fi
2348
bd590612 2349AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2350 AC_TRY_COMPILE(
1cbbe6c8 2351 [
2352#include <sys/types.h>
2353#ifdef HAVE_STDINT_H
2354# include <stdint.h>
2355#endif
2356#include <sys/socket.h>
2357#ifdef HAVE_SYS_BITYPES_H
2358# include <sys/bitypes.h>
2359#endif
aff51935 2360 ],
2361 [ int64_t a; a = 1;],
bd590612 2362 [ ac_cv_have_int64_t="yes" ],
2363 [ ac_cv_have_int64_t="no" ]
2364 )
2365])
2366if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2367 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2368fi
2369
58d100bf 2370AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2371 AC_TRY_COMPILE(
aff51935 2372 [ #include <sys/types.h> ],
2373 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2374 [ ac_cv_have_u_intxx_t="yes" ],
2375 [ ac_cv_have_u_intxx_t="no" ]
2376 )
2377])
2378if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2379 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2380 have_u_intxx_t=1
2381fi
2b942fe0 2382
41cb4569 2383if test -z "$have_u_intxx_t" ; then
2384 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2385 AC_TRY_COMPILE(
aff51935 2386 [ #include <sys/socket.h> ],
2387 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2388 [
2389 AC_DEFINE(HAVE_U_INTXX_T)
2390 AC_MSG_RESULT(yes)
2391 ],
2392 [ AC_MSG_RESULT(no) ]
2393 )
2394fi
2395
bd590612 2396AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2397 AC_TRY_COMPILE(
aff51935 2398 [ #include <sys/types.h> ],
2399 [ u_int64_t a; a = 1;],
bd590612 2400 [ ac_cv_have_u_int64_t="yes" ],
2401 [ ac_cv_have_u_int64_t="no" ]
2402 )
2403])
2404if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2405 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2406 have_u_int64_t=1
2407fi
2408
ddceb1c8 2409if test -z "$have_u_int64_t" ; then
2410 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2411 AC_TRY_COMPILE(
aff51935 2412 [ #include <sys/bitypes.h> ],
ddceb1c8 2413 [ u_int64_t a; a = 1],
2414 [
2415 AC_DEFINE(HAVE_U_INT64_T)
2416 AC_MSG_RESULT(yes)
2417 ],
2418 [ AC_MSG_RESULT(no) ]
2419 )
2420fi
2421
41cb4569 2422if test -z "$have_u_intxx_t" ; then
2423 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2424 AC_TRY_COMPILE(
2425 [
2426#include <sys/types.h>
aff51935 2427 ],
2428 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2429 [ ac_cv_have_uintxx_t="yes" ],
2430 [ ac_cv_have_uintxx_t="no" ]
2431 )
2432 ])
2433 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2434 AC_DEFINE(HAVE_UINTXX_T, 1,
2435 [define if you have uintxx_t data type])
41cb4569 2436 fi
2437fi
2438
2439if test -z "$have_uintxx_t" ; then
2440 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2441 AC_TRY_COMPILE(
aff51935 2442 [ #include <stdint.h> ],
2443 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2444 [
2445 AC_DEFINE(HAVE_UINTXX_T)
2446 AC_MSG_RESULT(yes)
2447 ],
2448 [ AC_MSG_RESULT(no) ]
2449 )
2450fi
2451
e5fe9a1f 2452if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2453 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2454then
2455 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2456 AC_TRY_COMPILE(
58d100bf 2457 [
2458#include <sys/bitypes.h>
aff51935 2459 ],
5cdfe03f 2460 [
837c30b8 2461 int8_t a; int16_t b; int32_t c;
2462 u_int8_t e; u_int16_t f; u_int32_t g;
2463 a = b = c = e = f = g = 1;
aff51935 2464 ],
5cdfe03f 2465 [
2466 AC_DEFINE(HAVE_U_INTXX_T)
2467 AC_DEFINE(HAVE_INTXX_T)
2468 AC_MSG_RESULT(yes)
2469 ],
2470 [AC_MSG_RESULT(no)]
aff51935 2471 )
5cdfe03f 2472fi
2473
0362750e 2474
2475AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2476 AC_TRY_COMPILE(
2477 [
2478#include <sys/types.h>
2479 ],
2480 [ u_char foo; foo = 125; ],
2481 [ ac_cv_have_u_char="yes" ],
2482 [ ac_cv_have_u_char="no" ]
2483 )
2484])
2485if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2486 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2487fi
2488
98a7c37b 2489TYPE_SOCKLEN_T
2b942fe0 2490
2d16d9a3 2491AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2492
777ece68 2493AC_CHECK_TYPES(in_addr_t,,,
2494[#include <sys/types.h>
2495#include <netinet/in.h>])
7b578f7d 2496
58d100bf 2497AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2498 AC_TRY_COMPILE(
2499 [
18ba2aab 2500#include <sys/types.h>
58d100bf 2501 ],
2502 [ size_t foo; foo = 1235; ],
2503 [ ac_cv_have_size_t="yes" ],
2504 [ ac_cv_have_size_t="no" ]
2505 )
2506])
2507if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2508 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2509fi
ea1970a3 2510
c04f75f1 2511AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2512 AC_TRY_COMPILE(
2513 [
2514#include <sys/types.h>
2515 ],
2516 [ ssize_t foo; foo = 1235; ],
2517 [ ac_cv_have_ssize_t="yes" ],
2518 [ ac_cv_have_ssize_t="no" ]
2519 )
2520])
2521if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2522 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2523fi
2524
f1c4659d 2525AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2526 AC_TRY_COMPILE(
2527 [
2528#include <time.h>
2529 ],
2530 [ clock_t foo; foo = 1235; ],
2531 [ ac_cv_have_clock_t="yes" ],
2532 [ ac_cv_have_clock_t="no" ]
2533 )
2534])
2535if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2536 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2537fi
2538
1c04b088 2539AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2540 AC_TRY_COMPILE(
2541 [
2542#include <sys/types.h>
2543#include <sys/socket.h>
2544 ],
2545 [ sa_family_t foo; foo = 1235; ],
2546 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2547 [ AC_TRY_COMPILE(
2548 [
2549#include <sys/types.h>
2550#include <sys/socket.h>
2551#include <netinet/in.h>
2552 ],
2553 [ sa_family_t foo; foo = 1235; ],
2554 [ ac_cv_have_sa_family_t="yes" ],
2555
1c04b088 2556 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2557 )]
1c04b088 2558 )
2559])
2560if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2561 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2562 [define if you have sa_family_t data type])
1c04b088 2563fi
2564
729bfe59 2565AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2566 AC_TRY_COMPILE(
2567 [
2568#include <sys/types.h>
2569 ],
2570 [ pid_t foo; foo = 1235; ],
2571 [ ac_cv_have_pid_t="yes" ],
2572 [ ac_cv_have_pid_t="no" ]
2573 )
2574])
2575if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2576 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2577fi
2578
2579AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2580 AC_TRY_COMPILE(
2581 [
2582#include <sys/types.h>
2583 ],
2584 [ mode_t foo; foo = 1235; ],
2585 [ ac_cv_have_mode_t="yes" ],
2586 [ ac_cv_have_mode_t="no" ]
2587 )
2588])
2589if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2590 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2591fi
2592
e3a93db0 2593
58d100bf 2594AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2595 AC_TRY_COMPILE(
2596 [
18ba2aab 2597#include <sys/types.h>
2598#include <sys/socket.h>
58d100bf 2599 ],
2600 [ struct sockaddr_storage s; ],
2601 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2602 [ ac_cv_have_struct_sockaddr_storage="no" ]
2603 )
2604])
2605if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2606 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2607 [define if you have struct sockaddr_storage data type])
58d100bf 2608fi
48e671d5 2609
58d100bf 2610AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2611 AC_TRY_COMPILE(
2612 [
cbd7492e 2613#include <sys/types.h>
58d100bf 2614#include <netinet/in.h>
2615 ],
2616 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2617 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2618 [ ac_cv_have_struct_sockaddr_in6="no" ]
2619 )
2620])
2621if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2622 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2623 [define if you have struct sockaddr_in6 data type])
58d100bf 2624fi
48e671d5 2625
58d100bf 2626AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2627 AC_TRY_COMPILE(
2628 [
cbd7492e 2629#include <sys/types.h>
58d100bf 2630#include <netinet/in.h>
2631 ],
2632 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2633 [ ac_cv_have_struct_in6_addr="yes" ],
2634 [ ac_cv_have_struct_in6_addr="no" ]
2635 )
2636])
2637if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2638 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2639 [define if you have struct in6_addr data type])
58d100bf 2640fi
48e671d5 2641
58d100bf 2642AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2643 AC_TRY_COMPILE(
2644 [
18ba2aab 2645#include <sys/types.h>
2646#include <sys/socket.h>
2647#include <netdb.h>
58d100bf 2648 ],
2649 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2650 [ ac_cv_have_struct_addrinfo="yes" ],
2651 [ ac_cv_have_struct_addrinfo="no" ]
2652 )
2653])
2654if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2655 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2656 [define if you have struct addrinfo data type])
58d100bf 2657fi
2658
89c7e31c 2659AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2660 AC_TRY_COMPILE(
aff51935 2661 [ #include <sys/time.h> ],
2662 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2663 [ ac_cv_have_struct_timeval="yes" ],
2664 [ ac_cv_have_struct_timeval="no" ]
2665 )
2666])
2667if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2668 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2669 have_struct_timeval=1
2670fi
2671
5271b55c 2672AC_CHECK_TYPES(struct timespec)
2673
85abc74b 2674# We need int64_t or else certian parts of the compile will fail.
4b492aab 2675if test "x$ac_cv_have_int64_t" = "xno" && \
2676 test "x$ac_cv_sizeof_long_int" != "x8" && \
2677 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2678 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2679 echo "an alternative compiler (I.E., GCC) before continuing."
2680 echo ""
2681 exit 1;
733cf7f4 2682else
2683dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2684 AC_RUN_IFELSE(
479cece8 2685 [AC_LANG_SOURCE([[
733cf7f4 2686#include <stdio.h>
2687#include <string.h>
2688#ifdef HAVE_SNPRINTF
2689main()
2690{
2691 char buf[50];
2692 char expected_out[50];
2693 int mazsize = 50 ;
2694#if (SIZEOF_LONG_INT == 8)
2695 long int num = 0x7fffffffffffffff;
2696#else
763a1a18 2697 long long num = 0x7fffffffffffffffll;
733cf7f4 2698#endif
2699 strcpy(expected_out, "9223372036854775807");
2700 snprintf(buf, mazsize, "%lld", num);
2701 if(strcmp(buf, expected_out) != 0)
aff51935 2702 exit(1);
733cf7f4 2703 exit(0);
2704}
2705#else
2706main() { exit(0); }
2707#endif
479cece8 2708 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2709 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2710 )
2c523de9 2711fi
2712
77bb0bca 2713dnl Checks for structure members
58d100bf 2714OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2715OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2716OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2717OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2718OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2719OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2720OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2721OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2722OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2723OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2724OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2725OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2726OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2727OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2728OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2729OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2730OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2731
2732AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2733AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2734 [Define if we don't have struct __res_state in resolv.h])],
2735[
2736#include <stdio.h>
2737#if HAVE_SYS_TYPES_H
2738# include <sys/types.h>
2739#endif
2740#include <netinet/in.h>
2741#include <arpa/nameser.h>
2742#include <resolv.h>
2743])
1d7b9b20 2744
58d100bf 2745AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2746 ac_cv_have_ss_family_in_struct_ss, [
2747 AC_TRY_COMPILE(
2748 [
18ba2aab 2749#include <sys/types.h>
2750#include <sys/socket.h>
58d100bf 2751 ],
2752 [ struct sockaddr_storage s; s.ss_family = 1; ],
2753 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2754 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2755 )
2756])
2757if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2758 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2759fi
2760
58d100bf 2761AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2762 ac_cv_have___ss_family_in_struct_ss, [
2763 AC_TRY_COMPILE(
2764 [
18ba2aab 2765#include <sys/types.h>
2766#include <sys/socket.h>
58d100bf 2767 ],
2768 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2769 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2770 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2771 )
2772])
2773if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2774 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2775 [Fields in struct sockaddr_storage])
58d100bf 2776fi
2777
2e73a022 2778AC_CACHE_CHECK([for pw_class field in struct passwd],
2779 ac_cv_have_pw_class_in_struct_passwd, [
2780 AC_TRY_COMPILE(
2781 [
2e73a022 2782#include <pwd.h>
2783 ],
97994d32 2784 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2785 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2786 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2787 )
2788])
2789if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2790 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2791 [Define if your password has a pw_class field])
2e73a022 2792fi
2793
7751d4eb 2794AC_CACHE_CHECK([for pw_expire field in struct passwd],
2795 ac_cv_have_pw_expire_in_struct_passwd, [
2796 AC_TRY_COMPILE(
2797 [
2798#include <pwd.h>
2799 ],
2800 [ struct passwd p; p.pw_expire = 0; ],
2801 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2802 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2803 )
2804])
2805if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2806 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2807 [Define if your password has a pw_expire field])
7751d4eb 2808fi
2809
2810AC_CACHE_CHECK([for pw_change field in struct passwd],
2811 ac_cv_have_pw_change_in_struct_passwd, [
2812 AC_TRY_COMPILE(
2813 [
2814#include <pwd.h>
2815 ],
2816 [ struct passwd p; p.pw_change = 0; ],
2817 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2818 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2819 )
2820])
2821if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2822 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2823 [Define if your password has a pw_change field])
7751d4eb 2824fi
58d100bf 2825
637f9177 2826dnl make sure we're using the real structure members and not defines
6f34652e 2827AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2828 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2829 AC_COMPILE_IFELSE(
6f34652e 2830 [
f95c8ce8 2831#include <sys/types.h>
6f34652e 2832#include <sys/socket.h>
2833#include <sys/uio.h>
637f9177 2834int main() {
2835#ifdef msg_accrights
1a01a50c 2836#error "msg_accrights is a macro"
637f9177 2837exit(1);
2838#endif
2839struct msghdr m;
2840m.msg_accrights = 0;
2841exit(0);
2842}
6f34652e 2843 ],
6f34652e 2844 [ ac_cv_have_accrights_in_msghdr="yes" ],
2845 [ ac_cv_have_accrights_in_msghdr="no" ]
2846 )
2847])
2848if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2849 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2850 [Define if your system uses access rights style
2851 file descriptor passing])
6f34652e 2852fi
2853
7176df4f 2854AC_CACHE_CHECK([for msg_control field in struct msghdr],
2855 ac_cv_have_control_in_msghdr, [
1a01a50c 2856 AC_COMPILE_IFELSE(
7176df4f 2857 [
f95c8ce8 2858#include <sys/types.h>
7176df4f 2859#include <sys/socket.h>
2860#include <sys/uio.h>
637f9177 2861int main() {
2862#ifdef msg_control
1a01a50c 2863#error "msg_control is a macro"
637f9177 2864exit(1);
2865#endif
2866struct msghdr m;
2867m.msg_control = 0;
2868exit(0);
2869}
7176df4f 2870 ],
7176df4f 2871 [ ac_cv_have_control_in_msghdr="yes" ],
2872 [ ac_cv_have_control_in_msghdr="no" ]
2873 )
2874])
2875if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2876 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2877 [Define if your system uses ancillary data style
2878 file descriptor passing])
7176df4f 2879fi
2880
58d100bf 2881AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2882 AC_TRY_LINK([],
2883 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2884 [ ac_cv_libc_defines___progname="yes" ],
2885 [ ac_cv_libc_defines___progname="no" ]
2886 )
2887])
2888if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2889 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2890fi
8946db53 2891
c921ee00 2892AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2893 AC_TRY_LINK([
2894#include <stdio.h>
aff51935 2895],
2896 [ printf("%s", __FUNCTION__); ],
c921ee00 2897 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2898 [ ac_cv_cc_implements___FUNCTION__="no" ]
2899 )
2900])
2901if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2902 AC_DEFINE(HAVE___FUNCTION__, 1,
2903 [Define if compiler implements __FUNCTION__])
c921ee00 2904fi
2905
2906AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2907 AC_TRY_LINK([
2908#include <stdio.h>
aff51935 2909],
2910 [ printf("%s", __func__); ],
c921ee00 2911 [ ac_cv_cc_implements___func__="yes" ],
2912 [ ac_cv_cc_implements___func__="no" ]
2913 )
2914])
2915if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2916 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2917fi
2918
9a406e1e 2919AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2920 AC_TRY_LINK(
2921 [#include <stdarg.h>
2922 va_list x,y;],
2923 [va_copy(x,y);],
2924 [ ac_cv_have_va_copy="yes" ],
2925 [ ac_cv_have_va_copy="no" ]
2926 )
2927])
2928if test "x$ac_cv_have_va_copy" = "xyes" ; then
2929 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2930fi
2931
2932AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2933 AC_TRY_LINK(
2934 [#include <stdarg.h>
2935 va_list x,y;],
2936 [__va_copy(x,y);],
2937 [ ac_cv_have___va_copy="yes" ],
2938 [ ac_cv_have___va_copy="no" ]
2939 )
2940])
2941if test "x$ac_cv_have___va_copy" = "xyes" ; then
2942 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2943fi
2944
1812a662 2945AC_CACHE_CHECK([whether getopt has optreset support],
2946 ac_cv_have_getopt_optreset, [
2947 AC_TRY_LINK(
2948 [
2949#include <getopt.h>
2950 ],
2951 [ extern int optreset; optreset = 0; ],
2952 [ ac_cv_have_getopt_optreset="yes" ],
2953 [ ac_cv_have_getopt_optreset="no" ]
2954 )
2955])
2956if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 2957 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2958 [Define if your getopt(3) defines and uses optreset])
1812a662 2959fi
a0391976 2960
819b676f 2961AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2962 AC_TRY_LINK([],
2963 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2964 [ ac_cv_libc_defines_sys_errlist="yes" ],
2965 [ ac_cv_libc_defines_sys_errlist="no" ]
2966 )
2967])
2968if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 2969 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2970 [Define if your system defines sys_errlist[]])
819b676f 2971fi
2972
2973
416ed5a7 2974AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2975 AC_TRY_LINK([],
2976 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2977 [ ac_cv_libc_defines_sys_nerr="yes" ],
2978 [ ac_cv_libc_defines_sys_nerr="no" ]
2979 )
2980])
2981if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 2982 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 2983fi
2984
aff51935 2985SCARD_MSG="no"
295c8801 2986# Check whether user wants sectok support
2987AC_ARG_WITH(sectok,
2988 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2989 [
2990 if test "x$withval" != "xno" ; then
2991 if test "x$withval" != "xyes" ; then
2992 CPPFLAGS="$CPPFLAGS -I${withval}"
2993 LDFLAGS="$LDFLAGS -L${withval}"
2994 if test ! -z "$need_dash_r" ; then
2995 LDFLAGS="$LDFLAGS -R${withval}"
2996 fi
2997 if test ! -z "$blibpath" ; then
2998 blibpath="$blibpath:${withval}"
2999 fi
3000 fi
3001 AC_CHECK_HEADERS(sectok.h)
3002 if test "$ac_cv_header_sectok_h" != yes; then
3003 AC_MSG_ERROR(Can't find sectok.h)
3004 fi
3005 AC_CHECK_LIB(sectok, sectok_open)
3006 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3007 AC_MSG_ERROR(Can't find libsectok)
3008 fi
3466e002 3009 AC_DEFINE(SMARTCARD, 1,
3010 [Define if you want smartcard support])
3011 AC_DEFINE(USE_SECTOK, 1,
3012 [Define if you want smartcard support
3013 using sectok])
aff51935 3014 SCARD_MSG="yes, using sectok"
295c8801 3015 fi
3016 ]
3017)
3018
3019# Check whether user wants OpenSC support
987b458f 3020OPENSC_CONFIG="no"
295c8801 3021AC_ARG_WITH(opensc,
e47fb473 3022 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3023 [
3024 if test "x$withval" != "xno" ; then
3025 if test "x$withval" != "xyes" ; then
3026 OPENSC_CONFIG=$withval/bin/opensc-config
3027 else
3028 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3029 fi
3030 if test "$OPENSC_CONFIG" != "no"; then
3031 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3032 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3033 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
3034 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
3035 AC_DEFINE(SMARTCARD)
3466e002 3036 AC_DEFINE(USE_OPENSC, 1,
3037 [Define if you want smartcard support
3038 using OpenSC])
987b458f 3039 SCARD_MSG="yes, using OpenSC"
3040 fi
3041 fi
3042 ]
3043)
d0b19c95 3044
c31dc31c 3045# Check libraries needed by DNS fingerprint support
aff51935 3046AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3047 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3048 [Define if getrrsetbyname() exists])],
3e05e934 3049 [
c31dc31c 3050 # Needed by our getrrsetbyname()
3051 AC_SEARCH_LIBS(res_query, resolv)
3052 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3053 AC_MSG_CHECKING(if res_query will link)
3054 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3055 [AC_MSG_RESULT(no)
3056 saved_LIBS="$LIBS"
3057 LIBS="$LIBS -lresolv"
3058 AC_MSG_CHECKING(for res_query in -lresolv)
3059 AC_LINK_IFELSE([
3060#include <resolv.h>
3061int main()
3062{
3063 res_query (0, 0, 0, 0, 0);
3064 return 0;
3065}
3066 ],
3067 [LIBS="$LIBS -lresolv"
3068 AC_MSG_RESULT(yes)],
3069 [LIBS="$saved_LIBS"
3070 AC_MSG_RESULT(no)])
3071 ])
c31dc31c 3072 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3073 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3074 [#include <sys/types.h>
3075 #include <arpa/nameser.h>])
c31dc31c 3076 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3077 [AC_DEFINE(HAVE_HEADER_AD, 1,
3078 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3079 [#include <arpa/nameser.h>])
3080 ])
3e05e934 3081
ef4d1846 3082# Check whether user wants SELinux support
3083SELINUX_MSG="no"
3084LIBSELINUX=""
3085AC_ARG_WITH(selinux,
3086 [ --with-selinux Enable SELinux support],
3087 [ if test "x$withval" != "xno" ; then
3088 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3089 SELINUX_MSG="yes"
3090 AC_CHECK_HEADER([selinux/selinux.h], ,
3091 AC_MSG_ERROR(SELinux support requires selinux.h header))
3092 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3093 AC_MSG_ERROR(SELinux support requires libselinux library))
3094 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3095 fi ]
3096)
3097AC_SUBST(LIBSELINUX)
3098
12928e80 3099# Check whether user wants Kerberos 5 support
aff51935 3100KRB5_MSG="no"
12928e80 3101AC_ARG_WITH(kerberos5,
aff51935 3102 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3103 [ if test "x$withval" != "xno" ; then
3104 if test "x$withval" = "xyes" ; then
3105 KRB5ROOT="/usr/local"
3106 else
3107 KRB5ROOT=${withval}
3108 fi
3109
3466e002 3110 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3111 KRB5_MSG="yes"
3112
3113 AC_MSG_CHECKING(for krb5-config)
3114 if test -x $KRB5ROOT/bin/krb5-config ; then
3115 KRB5CONF=$KRB5ROOT/bin/krb5-config
3116 AC_MSG_RESULT($KRB5CONF)
3117
3118 AC_MSG_CHECKING(for gssapi support)
3119 if $KRB5CONF | grep gssapi >/dev/null ; then
3120 AC_MSG_RESULT(yes)
3466e002 3121 AC_DEFINE(GSSAPI, 1,
3122 [Define this if you want GSSAPI
3123 support in the version 2 protocol])
071970fb 3124 k5confopts=gssapi
aff51935 3125 else
5585c441 3126 AC_MSG_RESULT(no)
071970fb 3127 k5confopts=""
aff51935 3128 fi
071970fb 3129 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3130 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3131 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3132 AC_MSG_CHECKING(whether we are using Heimdal)
3133 AC_TRY_COMPILE([ #include <krb5.h> ],
3134 [ char *tmp = heimdal_version; ],
3135 [ AC_MSG_RESULT(yes)
3466e002 3136 AC_DEFINE(HEIMDAL, 1,
3137 [Define this if you are using the
3138 Heimdal version of Kerberos V5]) ],
5585c441 3139 AC_MSG_RESULT(no)
3140 )
3141 else
3142 AC_MSG_RESULT(no)
12928e80 3143 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3144 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3145 AC_MSG_CHECKING(whether we are using Heimdal)
3146 AC_TRY_COMPILE([ #include <krb5.h> ],
3147 [ char *tmp = heimdal_version; ],
3148 [ AC_MSG_RESULT(yes)
3149 AC_DEFINE(HEIMDAL)
41707f74 3150 K5LIBS="-lkrb5 -ldes"
3151 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3152 AC_CHECK_LIB(roken, net_write,
41707f74 3153 [K5LIBS="$K5LIBS -lroken"])
aff51935 3154 ],
3155 [ AC_MSG_RESULT(no)
3156 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3157 ]
3158 )
4e00038c 3159 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3160
749560dd 3161 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3162 [ AC_DEFINE(GSSAPI)
3163 K5LIBS="-lgssapi $K5LIBS" ],
3164 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3165 [ AC_DEFINE(GSSAPI)
aff51935 3166 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3167 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3168 $K5LIBS)
3169 ],
3170 $K5LIBS)
82f4e93d 3171
749560dd 3172 AC_CHECK_HEADER(gssapi.h, ,
3173 [ unset ac_cv_header_gssapi_h
aff51935 3174 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3175 AC_CHECK_HEADERS(gssapi.h, ,
3176 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3177 )
749560dd 3178 ]
3179 )
3180
3181 oldCPP="$CPPFLAGS"
3182 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3183 AC_CHECK_HEADER(gssapi_krb5.h, ,
3184 [ CPPFLAGS="$oldCPP" ])
3185
aff51935 3186 fi
5585c441 3187 if test ! -z "$need_dash_r" ; then
3188 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3189 fi
3190 if test ! -z "$blibpath" ; then
3191 blibpath="$blibpath:${KRB5ROOT}/lib"
3192 fi
071970fb 3193
f5555364 3194 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3195 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3196 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3197
f5555364 3198 LIBS="$LIBS $K5LIBS"
3466e002 3199 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3200 [Define this if you want to use libkafs' AFS support]))
f5555364 3201 fi
071970fb 3202 ]
12928e80 3203)
b5b68128 3204
a0391976 3205# Looking for programs, paths and files
a0391976 3206
ecac8ee5 3207PRIVSEP_PATH=/var/empty
3208AC_ARG_WITH(privsep-path,
cda1ebcb 3209 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3210 [
6cf0200f 3211 if test -n "$withval" && test "x$withval" != "xno" && \
3212 test "x${withval}" != "xyes"; then
ecac8ee5 3213 PRIVSEP_PATH=$withval
3214 fi
3215 ]
3216)
3217AC_SUBST(PRIVSEP_PATH)
3218
a0391976 3219AC_ARG_WITH(xauth,
3220 [ --with-xauth=PATH Specify path to xauth program ],
3221 [
6cf0200f 3222 if test -n "$withval" && test "x$withval" != "xno" && \
3223 test "x${withval}" != "xyes"; then
cbd7492e 3224 xauth_path=$withval
a0391976 3225 fi
3226 ],
3227 [
2bf42e4a 3228 TestPath="$PATH"
3229 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3230 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3231 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3232 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3233 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3234 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3235 xauth_path="/usr/openwin/bin/xauth"
3236 fi
3237 ]
3238)
3239
65a4b4af 3240STRIP_OPT=-s
3241AC_ARG_ENABLE(strip,
3242 [ --disable-strip Disable calling strip(1) on install],
3243 [
3244 if test "x$enableval" = "xno" ; then
3245 STRIP_OPT=
3246 fi
3247 ]
3248)
3249AC_SUBST(STRIP_OPT)
3250
b3ec54b4 3251if test -z "$xauth_path" ; then
3252 XAUTH_PATH="undefined"
3253 AC_SUBST(XAUTH_PATH)
3254else
3466e002 3255 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3256 [Define if xauth is found in your path])
b3ec54b4 3257 XAUTH_PATH=$xauth_path
3258 AC_SUBST(XAUTH_PATH)
a0391976 3259fi
a0391976 3260
3261# Check for mail directory (last resort if we cannot get it from headers)
3262if test ! -z "$MAIL" ; then
3263 maildir=`dirname $MAIL`
3466e002 3264 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3265 [Set this to your mail directory if you don't have maillock.h])
a0391976 3266fi
3267
479cece8 3268if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3269 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3270 disable_ptmx_check=yes
3271fi
a0391976 3272if test -z "$no_dev_ptmx" ; then
6e879cb4 3273 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3274 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3275 [
3466e002 3276 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3277 [Define if you have /dev/ptmx])
6e879cb4 3278 have_dev_ptmx=1
3279 ]
3280 )
3281 fi
3276571c 3282fi
1a01a50c 3283
479cece8 3284if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3285 AC_CHECK_FILE("/dev/ptc",
3286 [
3466e002 3287 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3288 [Define if you have /dev/ptc])
1a01a50c 3289 have_dev_ptc=1
3290 ]
3291 )
3292else
3293 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3294fi
3276571c 3295
a0391976 3296# Options from here on. Some of these are preset by platform above
fdf6b7aa 3297AC_ARG_WITH(mantype,
5d97cfbf 3298 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3299 [
5d97cfbf 3300 case "$withval" in
3301 man|cat|doc)
3302 MANTYPE=$withval
3303 ;;
3304 *)
3305 AC_MSG_ERROR(invalid man type: $withval)
3306 ;;
3307 esac
c54a6257 3308 ]
3309)
e0c4d3ac 3310if test -z "$MANTYPE"; then
2bf42e4a 3311 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3312 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3313 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3314 MANTYPE=doc
3315 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3316 MANTYPE=man
3317 else
3318 MANTYPE=cat
3319 fi
3320fi
c54a6257 3321AC_SUBST(MANTYPE)
e0c4d3ac 3322if test "$MANTYPE" = "doc"; then
3323 mansubdir=man;
3324else
3325 mansubdir=$MANTYPE;
3326fi
3327AC_SUBST(mansubdir)
0bc5b6fb 3328
a0391976 3329# Check whether to enable MD5 passwords
aff51935 3330MD5_MSG="no"
2ddcfdf3 3331AC_ARG_WITH(md5-passwords,
caf3bc51 3332 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3333 [
bcf36c78 3334 if test "x$withval" != "xno" ; then
3466e002 3335 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3336 [Define if you want to allow MD5 passwords])
aff51935 3337 MD5_MSG="yes"
0bc5b6fb 3338 fi
3339 ]
caf3bc51 3340)
3341
a0391976 3342# Whether to disable shadow password support
a7effaac 3343AC_ARG_WITH(shadow,
3344 [ --without-shadow Disable shadow password support],
3345 [
82f4e93d 3346 if test "x$withval" = "xno" ; then
a7effaac 3347 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3348 disable_shadow=yes
a7effaac 3349 fi
3350 ]
3351)
3352
4cb5ffa0 3353if test -z "$disable_shadow" ; then
3354 AC_MSG_CHECKING([if the systems has expire shadow information])
3355 AC_TRY_COMPILE(
3356 [
3357#include <sys/types.h>
3358#include <shadow.h>
3359 struct spwd sp;
3360 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3361 [ sp_expire_available=yes ], []
3362 )
3363
3364 if test "x$sp_expire_available" = "xyes" ; then
3365 AC_MSG_RESULT(yes)
3466e002 3366 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3367 [Define if you want to use shadow password expire field])
4cb5ffa0 3368 else
3369 AC_MSG_RESULT(no)
3370 fi
3371fi
3372
a0391976 3373# Use ip address instead of hostname in $DISPLAY
44839801 3374if test ! -z "$IPADDR_IN_DISPLAY" ; then
3375 DISPLAY_HACK_MSG="yes"
3466e002 3376 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3377 [Define if you need to use IP address
3378 instead of hostname in $DISPLAY])
44839801 3379else
aff51935 3380 DISPLAY_HACK_MSG="no"
44839801 3381 AC_ARG_WITH(ipaddr-display,
3382 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3383 [
82f4e93d 3384 if test "x$withval" != "xno" ; then
44839801 3385 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3386 DISPLAY_HACK_MSG="yes"
44839801 3387 fi
3388 ]
3389 )
3390fi
a7effaac 3391
95b99395 3392# check for /etc/default/login and use it if present.
daa41e62 3393AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3394 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3395 [ if test "x$enableval" = "xno"; then
3396 AC_MSG_NOTICE([/etc/default/login handling disabled])
3397 etc_default_login=no
3398 else
3399 etc_default_login=yes
3400 fi ],
b0e7249f 3401 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3402 then
3403 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3404 etc_default_login=no
3405 else
3406 etc_default_login=yes
3407 fi ]
694d0cef 3408)
95b99395 3409
694d0cef 3410if test "x$etc_default_login" != "xno"; then
3411 AC_CHECK_FILE("/etc/default/login",
3412 [ external_path_file=/etc/default/login ])
b0e7249f 3413 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3414 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3415 [Define if your system has /etc/default/login])
1a01a50c 3416 fi
694d0cef 3417fi
95b99395 3418
8d184c09 3419dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3420if test $ac_cv_func_login_getcapbool = "yes" && \
3421 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3422 external_path_file=/etc/login.conf
8d184c09 3423fi
95b99395 3424
a0391976 3425# Whether to mess with the default path
aff51935 3426SERVER_PATH_MSG="(default)"
c43d69a9 3427AC_ARG_WITH(default-path,
75817f90 3428 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3429 [
95b99395 3430 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3431 AC_MSG_WARN([
3432--with-default-path=PATH has no effect on this system.
3433Edit /etc/login.conf instead.])
82f4e93d 3434 elif test "x$withval" != "xno" ; then
89bbd457 3435 if test ! -z "$external_path_file" ; then
95b99395 3436 AC_MSG_WARN([
3437--with-default-path=PATH will only be used if PATH is not defined in
3438$external_path_file .])
3439 fi
b2d818e6 3440 user_path="$withval"
aff51935 3441 SERVER_PATH_MSG="$withval"
cb807f40 3442 fi
b2d818e6 3443 ],
95b99395 3444 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3445 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3446 else
89bbd457 3447 if test ! -z "$external_path_file" ; then
95b99395 3448 AC_MSG_WARN([
3449If PATH is defined in $external_path_file, ensure the path to scp is included,
3450otherwise scp will not work.])
3451 fi
b0e7249f 3452 AC_RUN_IFELSE(
3453 [AC_LANG_SOURCE([[
b2d818e6 3454/* find out what STDPATH is */
3455#include <stdio.h>
b2d818e6 3456#ifdef HAVE_PATHS_H
3457# include <paths.h>
3458#endif
3459#ifndef _PATH_STDPATH
d9a4e55b 3460# ifdef _PATH_USERPATH /* Irix */
3461# define _PATH_STDPATH _PATH_USERPATH
3462# else
3463# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3464# endif
b2d818e6 3465#endif
3466#include <sys/types.h>
3467#include <sys/stat.h>
3468#include <fcntl.h>
3469#define DATA "conftest.stdpath"
3470
3471main()
3472{
3473 FILE *fd;
3474 int rc;
82f4e93d 3475
b2d818e6 3476 fd = fopen(DATA,"w");
3477 if(fd == NULL)
3478 exit(1);
82f4e93d 3479
b2d818e6 3480 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3481 exit(1);
3482
3483 exit(0);
3484}
b0e7249f 3485 ]])],
3486 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3487 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3488 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3489 )
3490# make sure $bindir is in USER_PATH so scp will work
3491 t_bindir=`eval echo ${bindir}`
3492 case $t_bindir in
3493 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3494 esac
3495 case $t_bindir in
3496 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3497 esac
3498 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3499 if test $? -ne 0 ; then
3500 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3501 if test $? -ne 0 ; then
3502 user_path=$user_path:$t_bindir
3503 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3504 fi
3505 fi
8d184c09 3506 fi ]
cb807f40 3507)
95b99395 3508if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3509 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3510 AC_SUBST(user_path)
3511fi
cb807f40 3512
06617857 3513# Set superuser path separately to user path
06617857 3514AC_ARG_WITH(superuser-path,
3515 [ --with-superuser-path= Specify different path for super-user],
3516 [
6cf0200f 3517 if test -n "$withval" && test "x$withval" != "xno" && \
3518 test "x${withval}" != "xyes"; then
3466e002 3519 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3520 [Define if you want a different $PATH
3521 for the superuser])
06617857 3522 superuser_path=$withval
3523 fi
3524 ]
3525)
3526
3527
58d100bf 3528AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3529IPV4_IN6_HACK_MSG="no"
80faa19f 3530AC_ARG_WITH(4in6,
3531 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3532 [
3533 if test "x$withval" != "xno" ; then
3534 AC_MSG_RESULT(yes)
3466e002 3535 AC_DEFINE(IPV4_IN_IPV6, 1,
3536 [Detect IPv4 in IPv6 mapped addresses
3537 and treat as IPv4])
aff51935 3538 IPV4_IN6_HACK_MSG="yes"
80faa19f 3539 else
3540 AC_MSG_RESULT(no)
3541 fi
3542 ],[
3543 if test "x$inet6_default_4in6" = "xyes"; then
3544 AC_MSG_RESULT([yes (default)])
3545 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3546 IPV4_IN6_HACK_MSG="yes"
80faa19f 3547 else
3548 AC_MSG_RESULT([no (default)])
3549 fi
3550 ]
3551)
3552
af774732 3553# Whether to enable BSD auth support
f1b0ecc3 3554BSD_AUTH_MSG=no
af774732 3555AC_ARG_WITH(bsd-auth,
3556 [ --with-bsd-auth Enable BSD auth support],
3557 [
82f4e93d 3558 if test "x$withval" != "xno" ; then
3466e002 3559 AC_DEFINE(BSD_AUTH, 1,
3560 [Define if you have BSD auth support])
f1b0ecc3 3561 BSD_AUTH_MSG=yes
af774732 3562 fi
3563 ]
3564)
3565
a0391976 3566# Where to place sshd.pid
19d9ac2a 3567piddir=/var/run
81dadca3 3568# make sure the directory exists
82f4e93d 3569if test ! -d $piddir ; then
81dadca3 3570 piddir=`eval echo ${sysconfdir}`
3571 case $piddir in
aff51935 3572 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3573 esac
3574fi
3575
47e45e44 3576AC_ARG_WITH(pid-dir,
3577 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3578 [
6cf0200f 3579 if test -n "$withval" && test "x$withval" != "xno" && \
3580 test "x${withval}" != "xyes"; then
19d9ac2a 3581 piddir=$withval
82f4e93d 3582 if test ! -d $piddir ; then
81dadca3 3583 AC_MSG_WARN([** no $piddir directory on this system **])
3584 fi
47e45e44 3585 fi
3586 ]
3587)
b7a87eea 3588
3466e002 3589AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3590AC_SUBST(piddir)
47e45e44 3591
1d7b9b20 3592dnl allow user to disable some login recording features
3593AC_ARG_ENABLE(lastlog,
bfd550a2 3594 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3595 [
3596 if test "x$enableval" = "xno" ; then
3597 AC_DEFINE(DISABLE_LASTLOG)
3598 fi
3599 ]
1d7b9b20 3600)
3601AC_ARG_ENABLE(utmp,
bfd550a2 3602 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3603 [
3604 if test "x$enableval" = "xno" ; then
3605 AC_DEFINE(DISABLE_UTMP)
3606 fi
3607 ]
1d7b9b20 3608)
3609AC_ARG_ENABLE(utmpx,
bfd550a2 3610 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3611 [
3612 if test "x$enableval" = "xno" ; then
3466e002 3613 AC_DEFINE(DISABLE_UTMPX, 1,
3614 [Define if you don't want to use utmpx])
ddb154b3 3615 fi
3616 ]
1d7b9b20 3617)
3618AC_ARG_ENABLE(wtmp,
bfd550a2 3619 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3620 [
3621 if test "x$enableval" = "xno" ; then
3622 AC_DEFINE(DISABLE_WTMP)
3623 fi
3624 ]
1d7b9b20 3625)
3626AC_ARG_ENABLE(wtmpx,
bfd550a2 3627 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3628 [
3629 if test "x$enableval" = "xno" ; then
3466e002 3630 AC_DEFINE(DISABLE_WTMPX, 1,
3631 [Define if you don't want to use wtmpx])
ddb154b3 3632 fi
3633 ]
1d7b9b20 3634)
3635AC_ARG_ENABLE(libutil,
bfd550a2 3636 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3637 [
3638 if test "x$enableval" = "xno" ; then
3639 AC_DEFINE(DISABLE_LOGIN)
3640 fi
3641 ]
1d7b9b20 3642)
3643AC_ARG_ENABLE(pututline,
bfd550a2 3644 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3645 [
3646 if test "x$enableval" = "xno" ; then
3466e002 3647 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3648 [Define if you don't want to use pututline()
3649 etc. to write [uw]tmp])
ddb154b3 3650 fi
3651 ]
1d7b9b20 3652)
3653AC_ARG_ENABLE(pututxline,
bfd550a2 3654 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3655 [
3656 if test "x$enableval" = "xno" ; then
3466e002 3657 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3658 [Define if you don't want to use pututxline()
3659 etc. to write [uw]tmpx])
ddb154b3 3660 fi
3661 ]
1d7b9b20 3662)
3663AC_ARG_WITH(lastlog,
bfd550a2 3664 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3665 [
82f4e93d 3666 if test "x$withval" = "xno" ; then
8c89dd2b 3667 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3668 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3669 conf_lastlog_location=$withval
3670 fi
3671 ]
3672)
1d7b9b20 3673
3674dnl lastlog, [uw]tmpx? detection
3675dnl NOTE: set the paths in the platform section to avoid the
3676dnl need for command-line parameters
3677dnl lastlog and [uw]tmp are subject to a file search if all else fails
3678
3679dnl lastlog detection
3680dnl NOTE: the code itself will detect if lastlog is a directory
3681AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3682AC_TRY_COMPILE([
3683#include <sys/types.h>
3684#include <utmp.h>
3685#ifdef HAVE_LASTLOG_H
3686# include <lastlog.h>
3687#endif
d7c0f3d5 3688#ifdef HAVE_PATHS_H
1d7b9b20 3689# include <paths.h>
41cb4569 3690#endif
3691#ifdef HAVE_LOGIN_H
3692# include <login.h>
1d7b9b20 3693#endif
3694 ],
3695 [ char *lastlog = LASTLOG_FILE; ],
3696 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3697 [
3698 AC_MSG_RESULT(no)
3699 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3700 AC_TRY_COMPILE([
3701#include <sys/types.h>
3702#include <utmp.h>
3703#ifdef HAVE_LASTLOG_H
3704# include <lastlog.h>
3705#endif
3706#ifdef HAVE_PATHS_H
3707# include <paths.h>
3708#endif
3709 ],
3710 [ char *lastlog = _PATH_LASTLOG; ],
3711 [ AC_MSG_RESULT(yes) ],
3712 [
f282b668 3713 AC_MSG_RESULT(no)
d7c0f3d5 3714 system_lastlog_path=no
3715 ])
3716 ]
1d7b9b20 3717)
d7c0f3d5 3718
1d7b9b20 3719if test -z "$conf_lastlog_location"; then
3720 if test x"$system_lastlog_path" = x"no" ; then
3721 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3722 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3723 conf_lastlog_location=$f
3724 fi
3725 done
3726 if test -z "$conf_lastlog_location"; then
f8119cef 3727 AC_MSG_WARN([** Cannot find lastlog **])
3728 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3729 fi
3730 fi
3731fi
3732
3733if test -n "$conf_lastlog_location"; then
3466e002 3734 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3735 [Define if you want to specify the path to your lastlog file])
82f4e93d 3736fi
1d7b9b20 3737
3738dnl utmp detection
3739AC_MSG_CHECKING([if your system defines UTMP_FILE])
3740AC_TRY_COMPILE([
3741#include <sys/types.h>
3742#include <utmp.h>
d7c0f3d5 3743#ifdef HAVE_PATHS_H
1d7b9b20 3744# include <paths.h>
3745#endif
3746 ],
3747 [ char *utmp = UTMP_FILE; ],
3748 [ AC_MSG_RESULT(yes) ],
3749 [ AC_MSG_RESULT(no)
3750 system_utmp_path=no ]
3751)
3752if test -z "$conf_utmp_location"; then
3753 if test x"$system_utmp_path" = x"no" ; then
3754 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3755 if test -f $f ; then
3756 conf_utmp_location=$f
3757 fi
3758 done
3759 if test -z "$conf_utmp_location"; then
3760 AC_DEFINE(DISABLE_UTMP)
3761 fi
3762 fi
3763fi
3764if test -n "$conf_utmp_location"; then
3466e002 3765 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3766 [Define if you want to specify the path to your utmp file])
82f4e93d 3767fi
1d7b9b20 3768
3769dnl wtmp detection
3770AC_MSG_CHECKING([if your system defines WTMP_FILE])
3771AC_TRY_COMPILE([
3772#include <sys/types.h>
3773#include <utmp.h>
d7c0f3d5 3774#ifdef HAVE_PATHS_H
1d7b9b20 3775# include <paths.h>
3776#endif
3777 ],
3778 [ char *wtmp = WTMP_FILE; ],
3779 [ AC_MSG_RESULT(yes) ],
3780 [ AC_MSG_RESULT(no)
3781 system_wtmp_path=no ]
3782)
3783if test -z "$conf_wtmp_location"; then
3784 if test x"$system_wtmp_path" = x"no" ; then
3785 for f in /usr/adm/wtmp /var/log/wtmp; do
3786 if test -f $f ; then
3787 conf_wtmp_location=$f
3788 fi
3789 done
3790 if test -z "$conf_wtmp_location"; then
3791 AC_DEFINE(DISABLE_WTMP)
3792 fi
3793 fi
3794fi
3795if test -n "$conf_wtmp_location"; then
3466e002 3796 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3797 [Define if you want to specify the path to your wtmp file])
82f4e93d 3798fi
1d7b9b20 3799
3800
3801dnl utmpx detection - I don't know any system so perverse as to require
3802dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3803dnl there, though.
3804AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3805AC_TRY_COMPILE([
3806#include <sys/types.h>
3807#include <utmp.h>
3808#ifdef HAVE_UTMPX_H
3809#include <utmpx.h>
3810#endif
d7c0f3d5 3811#ifdef HAVE_PATHS_H
1d7b9b20 3812# include <paths.h>
3813#endif
3814 ],
3815 [ char *utmpx = UTMPX_FILE; ],
3816 [ AC_MSG_RESULT(yes) ],
3817 [ AC_MSG_RESULT(no)
3818 system_utmpx_path=no ]
3819)
3820if test -z "$conf_utmpx_location"; then
3821 if test x"$system_utmpx_path" = x"no" ; then
3822 AC_DEFINE(DISABLE_UTMPX)
3823 fi
3824else
3466e002 3825 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3826 [Define if you want to specify the path to your utmpx file])
82f4e93d 3827fi
1d7b9b20 3828
3829dnl wtmpx detection
3830AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3831AC_TRY_COMPILE([
3832#include <sys/types.h>
3833#include <utmp.h>
3834#ifdef HAVE_UTMPX_H
3835#include <utmpx.h>
3836#endif
d7c0f3d5 3837#ifdef HAVE_PATHS_H
1d7b9b20 3838# include <paths.h>
3839#endif
3840 ],
3841 [ char *wtmpx = WTMPX_FILE; ],
3842 [ AC_MSG_RESULT(yes) ],
3843 [ AC_MSG_RESULT(no)
3844 system_wtmpx_path=no ]
3845)
3846if test -z "$conf_wtmpx_location"; then
3847 if test x"$system_wtmpx_path" = x"no" ; then
3848 AC_DEFINE(DISABLE_WTMPX)
3849 fi
3850else
3466e002 3851 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3852 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3853fi
1d7b9b20 3854
b7a87eea 3855
bd499f9e 3856if test ! -z "$blibpath" ; then
68ece370 3857 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3858 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3859fi
3860
ed89c848 3861dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3862dnl Add now.
3863CFLAGS="$CFLAGS $werror_flags"
3864
3c62e7eb 3865AC_EXEEXT
d7cfdd7c 3866AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
46096a5b 3867 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3868AC_OUTPUT
d3083fbd 3869
cbd7492e 3870# Print summary of options
3871
cbd7492e 3872# Someone please show me a better way :)
3873A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3874B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3875C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3876D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3877E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3878F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3879G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3880H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3881I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3882J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3883
3884echo ""
26de7942 3885echo "OpenSSH has been configured with the following options:"
ecac8ee5 3886echo " User binaries: $B"
3887echo " System binaries: $C"
3888echo " Configuration files: $D"
3889echo " Askpass program: $E"
3890echo " Manual pages: $F"
3891echo " PID file: $G"
3892echo " Privilege separation chroot path: $H"
95b99395 3893if test "x$external_path_file" = "x/etc/login.conf" ; then
3894echo " At runtime, sshd will use the path defined in $external_path_file"
3895echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3896else
ecac8ee5 3897echo " sshd default user PATH: $I"
89bbd457 3898 if test ! -z "$external_path_file"; then
95b99395 3899echo " (If PATH is set in $external_path_file it will be used instead. If"
3900echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3901 fi
8d184c09 3902fi
06617857 3903if test ! -z "$superuser_path" ; then
ecac8ee5 3904echo " sshd superuser user PATH: $J"
3905fi
3906echo " Manpage format: $MANTYPE"
3e05e934 3907echo " PAM support: $PAM_MSG"
ecac8ee5 3908echo " KerberosV support: $KRB5_MSG"
ef4d1846 3909echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3910echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3911echo " S/KEY support: $SKEY_MSG"
3912echo " TCP Wrappers support: $TCPW_MSG"
3913echo " MD5 password support: $MD5_MSG"
59031773 3914echo " libedit support: $LIBEDIT_MSG"
3deb1408 3915echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3916echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3917echo " BSD Auth support: $BSD_AUTH_MSG"
3918echo " Random number source: $RAND_MSG"
f1b0ecc3 3919if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3920echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3921fi
3922
cbd7492e 3923echo ""
3924
0c2fb82f 3925echo " Host: ${host}"
3926echo " Compiler: ${CC}"
3927echo " Compiler flags: ${CFLAGS}"
3928echo "Preprocessor flags: ${CPPFLAGS}"
3929echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3930echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3931
3932echo ""
3933
9cefe228 3934if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3935 echo "SVR4 style packages are supported with \"make package\""
3936 echo ""
9cefe228 3937fi
3938
adeebd37 3939if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3940 echo "PAM is enabled. You may need to install a PAM control file "
3941 echo "for sshd, otherwise password authentication may fail. "
aff51935 3942 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3943 echo "subdirectory"
adeebd37 3944 echo ""
3945fi
3946
f1b0ecc3 3947if test ! -z "$RAND_HELPER_CMDHASH" ; then
3948 echo "WARNING: you are using the builtin random number collection "
3949 echo "service. Please read WARNING.RNG and request that your OS "
3950 echo "vendor includes kernel-based random number collection in "
3951 echo "future versions of your OS."
2c523de9 3952 echo ""
3953fi
af774732 3954
2f6f9cff 3955if test ! -z "$NO_PEERCHECK" ; then
3956 echo "WARNING: the operating system that you are using does not "
3957 echo "appear to support either the getpeereid() API nor the "
3958 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3959 echo "enforce security checks to prevent unauthorised connections to "
3960 echo "ssh-agent. Their absence increases the risk that a malicious "
3961 echo "user can connect to your agent. "
3962 echo ""
3963fi
3964
7b578f7d 3965if test "$AUDIT_MODULE" = "bsm" ; then
3966 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3967 echo "See the Solaris section in README.platform for details."
3968fi
git-cvsimport mirror of OpenSSH
This page took 1.032958 seconds and 5 git commands to generate.