]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [session.c sshd.c] Bug #125 comment #49: Send disconnect audit
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
bc6f919d 17AC_INIT(OpenSSH, Portable)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
78
d423d822 79AC_C_INLINE
aff51935 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
d423d822 82fi
83
e6354014 84AC_ARG_WITH(rpath,
85 [ --without-rpath Disable auto-added -R linker paths],
86 [
87 if test "x$withval" = "xno" ; then
88 need_dash_r=""
89 fi
90 if test "x$withval" = "xyes" ; then
91 need_dash_r=1
92 fi
93 ]
94)
95
a0391976 96# Check for some target-specific stuff
a7effaac 97case "$host" in
9d6b1b96 98*-*-aix*)
aff51935 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 100 if (test -z "$blibpath"); then
0a15d73b 101 blibpath="/usr/lib:/lib"
68ece370 102 fi
103 saved_LDFLAGS="$LDFLAGS"
104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
105 if (test -z "$blibflags"); then
106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
107 AC_TRY_LINK([], [], [blibflags=$tryflags])
108 fi
109 done
110 if (test -z "$blibflags"); then
111 AC_MSG_RESULT(not found)
112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
113 else
114 AC_MSG_RESULT($blibflags)
bd499f9e 115 fi
68ece370 116 LDFLAGS="$saved_LDFLAGS"
e351e493 117 dnl Check for authenticate. Might be in libs.a on older AIXes
118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 119 [AC_CHECK_LIB(s,authenticate,
e351e493 120 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 121 LIBS="$LIBS -ls"
122 ])
123 ])
ba603e06 124 dnl Check for various auth function declarations in headers.
c85ed8e2 125 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
126 passwdexpired], , , [#include <usersec.h>])
e351e493 127 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 128 AC_CHECK_DECLS(loginfailed,
e351e493 129 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
130 AC_TRY_COMPILE(
f58c0e01 131 [#include <usersec.h>],
e351e493 132 [(void)loginfailed("user","host","tty",0);],
133 [AC_MSG_RESULT(yes)
134 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 135 [AC_MSG_RESULT(no)]
e351e493 136 )],
137 [],
138 [#include <usersec.h>]
139 )
2aa3a16c 140 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 141 check_for_aix_broken_getaddrinfo=1
1352689f 142 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 143 AC_DEFINE(SETEUID_BREAKS_SETUID)
144 AC_DEFINE(BROKEN_SETREUID)
145 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 146 dnl AIX handles lastlog as part of its login message
147 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 148 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 149 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 150 ;;
3c62e7eb 151*-*-cygwin*)
a52997bd 152 check_for_libcrypt_later=1
ffb8d130 153 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 154 AC_DEFINE(HAVE_CYGWIN)
7043a38d 155 AC_DEFINE(USE_PIPES)
3c62e7eb 156 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 157 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 158 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 159 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 160 AC_DEFINE(DISABLE_FD_PASSING)
3c62e7eb 161 ;;
d6fdb079 162*-*-dgux*)
163 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 164 AC_DEFINE(SETEUID_BREAKS_SETUID)
165 AC_DEFINE(BROKEN_SETREUID)
166 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 167 ;;
39c98ef7 168*-*-darwin*)
33e2e066 169 AC_MSG_CHECKING(if we have working getaddrinfo)
170 AC_TRY_RUN([#include <mach-o/dyld.h>
171main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
172 exit(0);
173 else
174 exit(1);
175}], [AC_MSG_RESULT(working)],
176 [AC_MSG_RESULT(buggy)
177 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 178 [AC_MSG_RESULT(assume it is working)])
635e0c42 179 AC_DEFINE(SETEUID_BREAKS_SETUID)
180 AC_DEFINE(BROKEN_SETREUID)
181 AC_DEFINE(BROKEN_SETREGID)
ff620033 182 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 183 ;;
6e879cb4 184*-*-hpux10.26)
185 if test -z "$GCC"; then
186 CFLAGS="$CFLAGS -Ae"
187 fi
188 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
189 IPADDR_IN_DISPLAY=yes
190 AC_DEFINE(HAVE_SECUREWARE)
191 AC_DEFINE(USE_PIPES)
192 AC_DEFINE(LOGIN_NO_ENDOPT)
193 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 194 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 195 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 196 LIBS="$LIBS -lsec -lsecpw"
197 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
6e879cb4 198 disable_ptmx_check=yes
199 ;;
a7effaac 200*-*-hpux10*)
201 if test -z "$GCC"; then
fc1e8bf4 202 CFLAGS="$CFLAGS -Ae"
a7effaac 203 fi
28564873 204 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 205 IPADDR_IN_DISPLAY=yes
137d7b6c 206 AC_DEFINE(USE_PIPES)
a2572aa7 207 AC_DEFINE(LOGIN_NO_ENDOPT)
208 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 209 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 210 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 211 LIBS="$LIBS -lsec"
212 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
a7effaac 213 ;;
2b763e31 214*-*-hpux11*)
b8fea62d 215 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 216 IPADDR_IN_DISPLAY=yes
adeebd37 217 AC_DEFINE(PAM_SUN_CODEBASE)
2b10f47a 218 AC_DEFINE(USE_PIPES)
a2572aa7 219 AC_DEFINE(LOGIN_NO_ENDOPT)
220 AC_DEFINE(LOGIN_NEEDS_UTMPX)
764d4113 221 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 222 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 223 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
b6610e8f 224 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
2fe51906 225 check_for_hpux_broken_getaddrinfo=1
b29fd59f 226 check_for_conflicting_getspnam=1
f75ca46d 227 LIBS="$LIBS -lsec"
228 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2b763e31 229 ;;
d94aa2ae 230*-*-irix5*)
6ac7829a 231 PATH="$PATH:/usr/etc"
416ed5a7 232 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 233 AC_DEFINE(SETEUID_BREAKS_SETUID)
234 AC_DEFINE(BROKEN_SETREUID)
235 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 236 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 237 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 238 ;;
239*-*-irix6*)
6ac7829a 240 PATH="$PATH:/usr/etc"
3206bb3b 241 AC_DEFINE(WITH_IRIX_ARRAY)
242 AC_DEFINE(WITH_IRIX_PROJECT)
243 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 244 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 245 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 246 AC_DEFINE(SETEUID_BREAKS_SETUID)
247 AC_DEFINE(BROKEN_SETREUID)
248 AC_DEFINE(BROKEN_SETREGID)
3d59832f 249 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 250 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 251 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 252 ;;
5cdfe03f 253*-*-linux*)
254 no_dev_ptmx=1
717057b6 255 check_for_libcrypt_later=1
eacb954e 256 check_for_openpty_ctty_bug=1
80faa19f 257 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 258 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 259 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 260 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 261 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 262 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
263 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 264 inet6_default_4in6=yes
bf7c1e6c 265 case `uname -r` in
ad84c479 266 1.*|2.0.*)
bf7c1e6c 267 AC_DEFINE(BROKEN_CMSG_TYPE)
268 ;;
bf7c1e6c 269 esac
5cdfe03f 270 ;;
66d6c27e 271mips-sony-bsd|mips-sony-newsos4)
272 AC_DEFINE(HAVE_NEWS4)
273 SONY=1
66d6c27e 274 ;;
d468fc76 275*-*-netbsd*)
33e2e066 276 check_for_libcrypt_before=1
e6354014 277 if test "x$withval" != "xno" ; then
278 need_dash_r=1
279 fi
d468fc76 280 ;;
86b416a7 281*-*-freebsd*)
282 check_for_libcrypt_later=1
283 ;;
8707b7eb 284*-*-bsdi*)
285 AC_DEFINE(SETEUID_BREAKS_SETUID)
286 AC_DEFINE(BROKEN_SETREUID)
287 AC_DEFINE(BROKEN_SETREGID)
288 ;;
729bfe59 289*-next-*)
729bfe59 290 conf_lastlog_location="/usr/adm/lastlog"
698d107e 291 conf_utmp_location=/etc/utmp
292 conf_wtmp_location=/usr/adm/wtmp
293 MAIL=/usr/spool/mail
729bfe59 294 AC_DEFINE(HAVE_NEXT)
443172c4 295 AC_DEFINE(BROKEN_REALPATH)
00937921 296 AC_DEFINE(USE_PIPES)
86b416a7 297 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 298 ;;
9d6b1b96 299*-*-solaris*)
010e9d5b 300 if test "x$withval" != "xno" ; then
301 need_dash_r=1
302 fi
adeebd37 303 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 304 AC_DEFINE(LOGIN_NEEDS_UTMPX)
305 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 306 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 307 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 308 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 309 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
310 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 311 external_path_file=/etc/default/login
1d7b9b20 312 # hardwire lastlog location (can't detect it on some versions)
313 conf_lastlog_location="/var/adm/lastlog"
32c80420 314 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
315 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
316 if test "$sol2ver" -ge 8; then
317 AC_MSG_RESULT(yes)
318 AC_DEFINE(DISABLE_UTMP)
319 AC_DEFINE(DISABLE_WTMP)
320 else
321 AC_MSG_RESULT(no)
322 fi
9d6b1b96 323 ;;
a423beaf 324*-*-sunos4*)
0c2fb82f 325 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 326 AC_CHECK_FUNCS(getpwanam)
adeebd37 327 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 328 conf_utmp_location=/etc/utmp
329 conf_wtmp_location=/var/adm/wtmp
330 conf_lastlog_location=/var/adm/lastlog
137d7b6c 331 AC_DEFINE(USE_PIPES)
a423beaf 332 ;;
6f68f28a 333*-ncr-sysv*)
98a7c37b 334 LIBS="$LIBS -lc89"
29525240 335 AC_DEFINE(USE_PIPES)
eabb99c6 336 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 337 AC_DEFINE(SETEUID_BREAKS_SETUID)
338 AC_DEFINE(BROKEN_SETREUID)
339 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 340 ;;
132dd316 341*-sni-sysv*)
c8c15bcb 342 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 343 AC_CHECK_LIB(dl, dlsym, ,)
85cf54ec 344 # -lresolv needs to be at then end of LIBS or DNS lookups break
345 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
9548d6c8 346 IPADDR_IN_DISPLAY=yes
347 AC_DEFINE(USE_PIPES)
132dd316 348 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 349 AC_DEFINE(SETEUID_BREAKS_SETUID)
350 AC_DEFINE(BROKEN_SETREUID)
351 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 352 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 353 external_path_file=/etc/default/login
c8c15bcb 354 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
355 # Attention: always take care to bind libsocket and libnsl before libc,
356 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 357 ;;
79a7ba96 358# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 359*-*-sysv4.2*)
ed6553e2 360 AC_DEFINE(USE_PIPES)
7ed101c0 361 AC_DEFINE(SETEUID_BREAKS_SETUID)
362 AC_DEFINE(BROKEN_SETREUID)
363 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 364 ;;
79a7ba96 365# UnixWare 7.x, OpenUNIX 8
77bb0bca 366*-*-sysv5*)
ed6553e2 367 AC_DEFINE(USE_PIPES)
7ed101c0 368 AC_DEFINE(SETEUID_BREAKS_SETUID)
369 AC_DEFINE(BROKEN_SETREUID)
370 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 371 ;;
9d6b1b96 372*-*-sysv*)
9d6b1b96 373 ;;
79a7ba96 374# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 375*-*-sco3.2v4*)
0a15d73b 376 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize"
f9e4952c 377 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm"
77bb0bca 378 RANLIB=true
ed6553e2 379 no_dev_ptmx=1
77bb0bca 380 AC_DEFINE(BROKEN_SYS_TERMIO_H)
ed6553e2 381 AC_DEFINE(USE_PIPES)
6e879cb4 382 AC_DEFINE(HAVE_SECUREWARE)
d287c664 383 AC_DEFINE(DISABLE_SHADOW)
86b416a7 384 AC_DEFINE(BROKEN_SAVED_UIDS)
9ff90d99 385 AC_DEFINE(SETEUID_BREAKS_SETUID)
386 AC_DEFINE(BROKEN_SETREUID)
387 AC_DEFINE(BROKEN_SETREGID)
bcebad47 388 AC_DEFINE(WITH_ABBREV_NO_TTY)
aca75d94 389 AC_CHECK_FUNCS(getluid setluid)
533875af 390 MANTYPE=man
98a7c37b 391 do_sco3_extra_lib_check=yes
a3245b92 392 TEST_SHELL=ksh
77bb0bca 393 ;;
79a7ba96 394# SCO OpenServer 5.x
77bb0bca 395*-*-sco3.2v5*)
21710e39 396 if test -z "$GCC"; then
397 CFLAGS="$CFLAGS -belf"
398 fi
ed6553e2 399 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 400 no_dev_ptmx=1
ed6553e2 401 AC_DEFINE(USE_PIPES)
6e879cb4 402 AC_DEFINE(HAVE_SECUREWARE)
d287c664 403 AC_DEFINE(DISABLE_SHADOW)
94d8258b 404 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 405 AC_DEFINE(SETEUID_BREAKS_SETUID)
406 AC_DEFINE(BROKEN_SETREUID)
407 AC_DEFINE(BROKEN_SETREGID)
bcebad47 408 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 409 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 410 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 411 AC_CHECK_FUNCS(getluid setluid)
533875af 412 MANTYPE=man
a3245b92 413 TEST_SHELL=ksh
509b1f88 414 ;;
ccbb983c 415*-*-unicosmk*)
c1ad5966 416 AC_DEFINE(NO_SSH_LASTLOG)
417 AC_DEFINE(SETEUID_BREAKS_SETUID)
418 AC_DEFINE(BROKEN_SETREUID)
419 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 420 AC_DEFINE(USE_PIPES)
421 AC_DEFINE(DISABLE_FD_PASSING)
422 LDFLAGS="$LDFLAGS"
423 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
424 MANTYPE=cat
d262b7f2 425 ;;
7b9a8c6e 426*-*-unicosmp*)
c1ad5966 427 AC_DEFINE(SETEUID_BREAKS_SETUID)
428 AC_DEFINE(BROKEN_SETREUID)
429 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 430 AC_DEFINE(WITH_ABBREV_NO_TTY)
431 AC_DEFINE(USE_PIPES)
432 AC_DEFINE(DISABLE_FD_PASSING)
433 LDFLAGS="$LDFLAGS"
c1ad5966 434 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 435 MANTYPE=cat
436 ;;
ca5c7d6a 437*-*-unicos*)
c1ad5966 438 AC_DEFINE(SETEUID_BREAKS_SETUID)
439 AC_DEFINE(BROKEN_SETREUID)
440 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 441 AC_DEFINE(USE_PIPES)
94d8258b 442 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 443 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 444 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
445 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
446 MANTYPE=cat
a704dd54 447 ;;
4d33e531 448*-dec-osf*)
99c8ddac 449 AC_MSG_CHECKING(for Digital Unix SIA)
450 no_osfsia=""
451 AC_ARG_WITH(osfsia,
452 [ --with-osfsia Enable Digital Unix SIA],
453 [
454 if test "x$withval" = "xno" ; then
455 AC_MSG_RESULT(disabled)
456 no_osfsia=1
457 fi
458 ],
459 )
460 if test -z "$no_osfsia" ; then
4d33e531 461 if test -f /etc/sia/matrix.conf; then
462 AC_MSG_RESULT(yes)
463 AC_DEFINE(HAVE_OSF_SIA)
464 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 465 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 466 LIBS="$LIBS -lsecurity -ldb -lm -laud"
467 else
468 AC_MSG_RESULT(no)
dbf8efb3 469 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 470 fi
471 fi
a6e67b60 472 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 473 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 474 AC_DEFINE(BROKEN_SETREUID)
475 AC_DEFINE(BROKEN_SETREGID)
4d33e531 476 ;;
41cb4569 477
478*-*-nto-qnx)
479 AC_DEFINE(USE_PIPES)
480 AC_DEFINE(NO_X11_UNIX_SOCKETS)
481 AC_DEFINE(MISSING_NFDBITS)
482 AC_DEFINE(MISSING_HOWMANY)
483 AC_DEFINE(MISSING_FD_MASK)
484 ;;
a7effaac 485esac
486
8e7b16f8 487# Allow user to specify flags
488AC_ARG_WITH(cflags,
489 [ --with-cflags Specify additional flags to pass to compiler],
490 [
491 if test "x$withval" != "xno" ; then
492 CFLAGS="$CFLAGS $withval"
493 fi
494 ]
495)
0c2fb82f 496AC_ARG_WITH(cppflags,
497 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
498 [
499 if test "x$withval" != "xno"; then
500 CPPFLAGS="$CPPFLAGS $withval"
501 fi
502 ]
503)
8e7b16f8 504AC_ARG_WITH(ldflags,
97b378bf 505 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 506 [
507 if test "x$withval" != "xno" ; then
508 LDFLAGS="$LDFLAGS $withval"
509 fi
510 ]
511)
512AC_ARG_WITH(libs,
513 [ --with-libs Specify additional libraries to link with],
514 [
515 if test "x$withval" != "xno" ; then
516 LIBS="$LIBS $withval"
517 fi
518 ]
519)
520
c5829391 521AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 522AC_RUN_IFELSE(
523 [AC_LANG_SOURCE([
c5829391 524#include <stdio.h>
525int main(){exit(0);}
479cece8 526 ])],
c5829391 527 [ AC_MSG_RESULT(yes) ],
528 [
529 AC_MSG_RESULT(no)
530 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 531 ],
532 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 533)
534
ddceb1c8 535# Checks for header files.
419e26e7 536AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
537 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
538 login_cap.h maillock.h ndir.h netdb.h netgroup.h \
2511d104 539 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
5bbbc661 540 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
419e26e7 541 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
542 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
765a24cd 543 sys/pstat.h sys/select.h sys/stat.h sys/stream.h \
419e26e7 544 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
545 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
ddceb1c8 546
765a24cd 547# sys/ptms.h requires sys/stream.h to be included first on Solaris
548AC_CHECK_HEADERS(sys/ptms.h, [], [], [
549#ifdef HAVE_SYS_STREAM_H
550# include <sys/stream.h>
551#endif
552])
553
a0391976 554# Checks for libraries.
98a7c37b 555AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
556AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 557
f61d6b17 558dnl SCO OS3 needs this for libwrap
98a7c37b 559if test "x$with_tcp_wrappers" != "xno" ; then
560 if test "x$do_sco3_extra_lib_check" = "xyes" ; then
561 AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc)
562 fi
563fi
564
446227d6 565dnl IRIX and Solaris 2.5.1 have dirname() in libgen
566AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
567 AC_CHECK_LIB(gen, dirname,[
568 AC_CACHE_CHECK([for broken dirname],
569 ac_cv_have_broken_dirname, [
570 save_LIBS="$LIBS"
571 LIBS="$LIBS -lgen"
572 AC_TRY_RUN(
573 [
574#include <libgen.h>
575#include <string.h>
576
577int main(int argc, char **argv) {
578 char *s, buf[32];
579
580 strncpy(buf,"/etc", 32);
581 s = dirname(buf);
582 if (!s || strncmp(s, "/", 32) != 0) {
583 exit(1);
584 } else {
585 exit(0);
586 }
587}
588 ],
589 [ ac_cv_have_broken_dirname="no" ],
590 [ ac_cv_have_broken_dirname="yes" ]
591 )
592 LIBS="$save_LIBS"
593 ])
594 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
595 LIBS="$LIBS -lgen"
596 AC_DEFINE(HAVE_DIRNAME)
597 AC_CHECK_HEADERS(libgen.h)
598 fi
599 ])
600])
601
602AC_CHECK_FUNC(getspnam, ,
603 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
604AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
605
98a7c37b 606dnl zlib is required
607AC_ARG_WITH(zlib,
608 [ --with-zlib=PATH Use zlib in PATH],
609 [
846f83ab 610 if test "x$withval" = "xno" ; then
f1b0ecc3 611 AC_MSG_ERROR([*** zlib is required ***])
612 fi
98a7c37b 613 if test -d "$withval/lib"; then
614 if test -n "${need_dash_r}"; then
5a162955 615 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 616 else
5a162955 617 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 618 fi
619 else
620 if test -n "${need_dash_r}"; then
5a162955 621 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 622 else
5a162955 623 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 624 fi
625 fi
626 if test -d "$withval/include"; then
5a162955 627 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 628 else
5a162955 629 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 630 fi
631 ]
632)
633
0a15d73b 634AC_CHECK_LIB(z, deflate, ,
635 [
636 saved_CPPFLAGS="$CPPFLAGS"
637 saved_LDFLAGS="$LDFLAGS"
638 save_LIBS="$LIBS"
639 dnl Check default zlib install dir
640 if test -n "${need_dash_r}"; then
641 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
642 else
643 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
644 fi
645 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
646 LIBS="$LIBS -lz"
647 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
648 [
649 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
650 ]
651 )
652 ]
653)
4ad65809 654AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 655
656AC_ARG_WITH(zlib-version-check,
657 [ --without-zlib-version-check Disable zlib version check],
658 [ if test "x$withval" = "xno" ; then
659 zlib_check_nonfatal=1
660 fi
661 ]
662)
663
4ad65809 664AC_MSG_CHECKING(for zlib 1.1.4 or greater)
479cece8 665AC_RUN_IFELSE([AC_LANG_SOURCE([[
4ad65809 666#include <zlib.h>
667int main()
668{
669 int a, b, c, v;
670 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
671 exit(1);
672 v = a*1000000 + b*1000 + c;
673 if (v >= 1001004)
674 exit(0);
675 exit(2);
676}
479cece8 677 ]])],
4ad65809 678 AC_MSG_RESULT(yes),
679 [ AC_MSG_RESULT(no)
8068d564 680 if test -z "$zlib_check_nonfatal" ; then
681 AC_MSG_ERROR([*** zlib too old - check config.log ***
682Your reported zlib version has known security problems. It's possible your
683vendor has fixed these problems without changing the version number. If you
684are sure this is the case, you can disable the check by running
685"./configure --without-zlib-version-check".
686If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
687 else
688 AC_MSG_WARN([zlib version may have security problems])
689 fi
1a01a50c 690 ],
691 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 692)
48e7916f 693
2c523de9 694dnl UnixWare 2.x
aff51935 695AC_CHECK_FUNC(strcasecmp,
2c523de9 696 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
697)
aff51935 698AC_CHECK_FUNC(utimes,
cda1ebcb 699 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
700 LIBS="$LIBS -lc89"]) ]
2c523de9 701)
4cca272e 702
7c6d759d 703dnl Checks for libutil functions
704AC_CHECK_HEADERS(libutil.h)
705AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
706AC_CHECK_FUNCS(logout updwtmp logwtmp)
707
a738c3b0 708AC_FUNC_STRFTIME
709
84ceda19 710# Check for ALTDIRFUNC glob() extension
711AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
712AC_EGREP_CPP(FOUNDIT,
713 [
714 #include <glob.h>
715 #ifdef GLOB_ALTDIRFUNC
716 FOUNDIT
717 #endif
aff51935 718 ],
84ceda19 719 [
720 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
721 AC_MSG_RESULT(yes)
722 ],
723 [
724 AC_MSG_RESULT(no)
725 ]
726)
4cca272e 727
40849fdb 728# Check for g.gl_matchc glob() extension
729AC_MSG_CHECKING(for gl_matchc field in glob_t)
730AC_EGREP_CPP(FOUNDIT,
aff51935 731 [
732 #include <glob.h>
40849fdb 733 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 734 ],
735 [
736 AC_DEFINE(GLOB_HAS_GL_MATCHC)
737 AC_MSG_RESULT(yes)
738 ],
739 [
740 AC_MSG_RESULT(no)
741 ]
40849fdb 742)
743
edbe6722 744AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 745AC_RUN_IFELSE(
479cece8 746 [AC_LANG_SOURCE([[
edbe6722 747#include <sys/types.h>
748#include <dirent.h>
aec4cb4f 749int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 750 ]])],
aff51935 751 [AC_MSG_RESULT(yes)],
edbe6722 752 [
753 AC_MSG_RESULT(no)
754 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 755 ],
756 [
757 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
758 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 759 ]
760)
761
419e26e7 762AC_MSG_CHECKING([for /proc/pid/fd directory])
763if test -d "/proc/$$/fd" ; then
764 AC_DEFINE(HAVE_PROC_PID)
765 AC_MSG_RESULT(yes)
766else
767 AC_MSG_RESULT(no)
768fi
769
278588d8 770# Check whether user wants S/Key support
aff51935 771SKEY_MSG="no"
278588d8 772AC_ARG_WITH(skey,
6ff3d0dc 773 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 774 [
775 if test "x$withval" != "xno" ; then
776
777 if test "x$withval" != "xyes" ; then
778 CPPFLAGS="$CPPFLAGS -I${withval}/include"
779 LDFLAGS="$LDFLAGS -L${withval}/lib"
780 fi
781
782 AC_DEFINE(SKEY)
783 LIBS="-lskey $LIBS"
aff51935 784 SKEY_MSG="yes"
278588d8 785
ddceb1c8 786 AC_MSG_CHECKING([for s/key support])
787 AC_TRY_RUN(
788 [
789#include <stdio.h>
790#include <skey.h>
aec4cb4f 791int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 792 ],
793 [AC_MSG_RESULT(yes)],
278588d8 794 [
ddceb1c8 795 AC_MSG_RESULT(no)
278588d8 796 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
797 ])
141fc639 798 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
799 AC_TRY_COMPILE(
800 [#include <stdio.h>
801 #include <skey.h>],
802 [(void)skeychallenge(NULL,"name","",0);],
803 [AC_MSG_RESULT(yes)
804 AC_DEFINE(SKEYCHALLENGE_4ARG)],
805 [AC_MSG_RESULT(no)]
806 )
278588d8 807 fi
808 ]
809)
810
811# Check whether user wants TCP wrappers support
98a7c37b 812TCPW_MSG="no"
278588d8 813AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 814 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 815 [
816 if test "x$withval" != "xno" ; then
817 saved_LIBS="$LIBS"
98a7c37b 818 saved_LDFLAGS="$LDFLAGS"
819 saved_CPPFLAGS="$CPPFLAGS"
820 if test -n "${withval}" -a "${withval}" != "yes"; then
821 if test -d "${withval}/lib"; then
822 if test -n "${need_dash_r}"; then
5a162955 823 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 824 else
5a162955 825 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 826 fi
827 else
828 if test -n "${need_dash_r}"; then
5a162955 829 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 830 else
5a162955 831 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 832 fi
833 fi
834 if test -d "${withval}/include"; then
5a162955 835 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 836 else
5a162955 837 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 838 fi
98a7c37b 839 fi
ddceb1c8 840 LIBWRAP="-lwrap"
841 LIBS="$LIBWRAP $LIBS"
278588d8 842 AC_MSG_CHECKING(for libwrap)
843 AC_TRY_LINK(
844 [
77f09220 845#include <sys/types.h>
846#include <sys/socket.h>
847#include <netinet/in.h>
278588d8 848#include <tcpd.h>
849 int deny_severity = 0, allow_severity = 0;
850 ],
851 [hosts_access(0);],
852 [
853 AC_MSG_RESULT(yes)
854 AC_DEFINE(LIBWRAP)
ddceb1c8 855 AC_SUBST(LIBWRAP)
98a7c37b 856 TCPW_MSG="yes"
278588d8 857 ],
858 [
859 AC_MSG_ERROR([*** libwrap missing])
860 ]
861 )
ddceb1c8 862 LIBS="$saved_LIBS"
278588d8 863 fi
864 ]
865)
866
59031773 867# Check whether user wants libedit support
868LIBEDIT_MSG="no"
869AC_ARG_WITH(libedit,
6ff3d0dc 870 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 871 [ if test "x$withval" != "xno" ; then
872 AC_CHECK_LIB(edit, el_init,
873 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
874 LIBEDIT="-ledit -lcurses"
875 LIBEDIT_MSG="yes"
876 AC_SUBST(LIBEDIT)
877 ],
878 [], [-lcurses]
879 )
880 fi ]
881)
882
7b578f7d 883AUDIT_MODULE=none
884AC_ARG_WITH(audit,
885 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
886 [
887 AC_MSG_CHECKING(for supported audit module)
888 case "$withval" in
889 bsm)
890 AC_MSG_RESULT(bsm)
891 AUDIT_MODULE=bsm
892 dnl Checks for headers, libs and functions
893 AC_CHECK_HEADERS(bsm/audit.h, [],
894 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
895 AC_CHECK_LIB(bsm, getaudit, [],
896 [AC_MSG_ERROR(BSM enabled and required library not found)])
897 AC_CHECK_FUNCS(getaudit, [],
898 [AC_MSG_ERROR(BSM enabled and required function not found)])
899 # These are optional
900 AC_CHECK_FUNCS(getaudit_addr gettext)
901 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module])
902 ;;
903 debug)
904 AUDIT_MODULE=debug
905 AC_MSG_RESULT(debug)
906 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
907 ;;
908 *)
909 AC_MSG_ERROR([Unknown audit module $withval])
910 ;;
911 esac ]
912)
913
19160674 914dnl Checks for library functions. Please keep in alphabetical order
915AC_CHECK_FUNCS(\
2909d712 916 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
667abcc6 917 bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \
918 freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \
919 getopt getpeereid _getpty getrlimit getttyent glob inet_aton \
19160674 920 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
79d4fc55 921 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
e7f6070d 922 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
79d4fc55 923 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
3f176010 924 setproctitle setregid setreuid setrlimit \
688eed4a 925 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
7111a85c 926 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
351f44a0 927 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
19160674 928)
98a7c37b 929
1a086f97 930# IRIX has a const char return value for gai_strerror()
931AC_CHECK_FUNCS(gai_strerror,[
932 AC_DEFINE(HAVE_GAI_STRERROR)
933 AC_TRY_COMPILE([
934#include <sys/types.h>
935#include <sys/socket.h>
936#include <netdb.h>
937
938const char *gai_strerror(int);],[
939char *str;
940
941str = gai_strerror(0);],[
942 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
943 [Define if gai_strerror() returns const char *])])])
944
92b1decf 945AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
946
309709db 947dnl Make sure prototypes are defined for these before using them.
08412d26 948AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
309709db 949AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
08412d26 950
3490699c 951dnl tcsendbreak might be a macro
952AC_CHECK_DECL(tcsendbreak,
953 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 954 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 955 [#include <termios.h>]
956)
957
41e0e158 958AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
959
3f176010 960AC_CHECK_FUNCS(setresuid, [
961 dnl Some platorms have setresuid that isn't implemented, test for this
962 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 963 AC_RUN_IFELSE(
964 [AC_LANG_SOURCE([[
9a3fe0e2 965#include <stdlib.h>
966#include <errno.h>
967int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 968 ]])],
3f176010 969 [AC_MSG_RESULT(yes)],
24a9171d 970 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 971 AC_MSG_RESULT(not implemented)],
972 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 973 )
974])
9a3fe0e2 975
3f176010 976AC_CHECK_FUNCS(setresgid, [
977 dnl Some platorms have setresgid that isn't implemented, test for this
978 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 979 AC_RUN_IFELSE(
980 [AC_LANG_SOURCE([[
9a3fe0e2 981#include <stdlib.h>
982#include <errno.h>
983int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 984 ]])],
3f176010 985 [AC_MSG_RESULT(yes)],
986 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 987 AC_MSG_RESULT(not implemented)],
988 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 989 )
990])
9a3fe0e2 991
2e73a022 992dnl Checks for time functions
1d7b9b20 993AC_CHECK_FUNCS(gettimeofday time)
2e73a022 994dnl Checks for utmp functions
b03bd394 995AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 996AC_CHECK_FUNCS(utmpname)
2e73a022 997dnl Checks for utmpx functions
b03bd394 998AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 999AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1000
aff51935 1001AC_CHECK_FUNC(daemon,
beb43d31 1002 [AC_DEFINE(HAVE_DAEMON)],
1003 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
1004)
1005
aff51935 1006AC_CHECK_FUNC(getpagesize,
aa6bd60a 1007 [AC_DEFINE(HAVE_GETPAGESIZE)],
1008 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
1009)
1010
2647ae26 1011# Check for broken snprintf
1012if test "x$ac_cv_func_snprintf" = "xyes" ; then
1013 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1014 AC_RUN_IFELSE(
479cece8 1015 [AC_LANG_SOURCE([[
2647ae26 1016#include <stdio.h>
aec4cb4f 1017int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1018 ]])],
aff51935 1019 [AC_MSG_RESULT(yes)],
2647ae26 1020 [
1021 AC_MSG_RESULT(no)
1022 AC_DEFINE(BROKEN_SNPRINTF)
1023 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1024 ],
1025 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1026 )
1027fi
1028
2f6f9cff 1029# Check for missing getpeereid (or equiv) support
1030NO_PEERCHECK=""
1031if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1032 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1033 AC_TRY_COMPILE(
1034 [#include <sys/types.h>
1035 #include <sys/socket.h>],
1036 [int i = SO_PEERCRED;],
1037 [AC_MSG_RESULT(yes)],
1038 [AC_MSG_RESULT(no)
1039 NO_PEERCHECK=1]
1040 )
1041fi
1042
70e7d0b0 1043dnl see whether mkstemp() requires XXXXXX
1044if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1045AC_MSG_CHECKING([for (overly) strict mkstemp])
1046AC_TRY_RUN(
1047 [
1048#include <stdlib.h>
1049main() { char template[]="conftest.mkstemp-test";
1050if (mkstemp(template) == -1)
1051 exit(1);
1052unlink(template); exit(0);
1053}
1054 ],
1055 [
1056 AC_MSG_RESULT(no)
1057 ],
aff51935 1058 [
70e7d0b0 1059 AC_MSG_RESULT(yes)
1060 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1061 ],
1062 [
1063 AC_MSG_RESULT(yes)
1064 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1065 ]
70e7d0b0 1066)
1067fi
1068
eacb954e 1069dnl make sure that openpty does not reacquire controlling terminal
1070if test ! -z "$check_for_openpty_ctty_bug"; then
1071 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1072 AC_TRY_RUN(
1073 [
1074#include <stdio.h>
1075#include <sys/fcntl.h>
1076#include <sys/types.h>
1077#include <sys/wait.h>
1078
1079int
1080main()
1081{
1082 pid_t pid;
1083 int fd, ptyfd, ttyfd, status;
1084
1085 pid = fork();
1086 if (pid < 0) { /* failed */
1087 exit(1);
1088 } else if (pid > 0) { /* parent */
1089 waitpid(pid, &status, 0);
aff51935 1090 if (WIFEXITED(status))
eacb954e 1091 exit(WEXITSTATUS(status));
1092 else
1093 exit(2);
1094 } else { /* child */
1095 close(0); close(1); close(2);
1096 setsid();
1097 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1098 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1099 if (fd >= 0)
1100 exit(3); /* Acquired ctty: broken */
1101 else
1102 exit(0); /* Did not acquire ctty: OK */
1103 }
1104}
1105 ],
1106 [
1107 AC_MSG_RESULT(yes)
1108 ],
1109 [
1110 AC_MSG_RESULT(no)
1111 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1112 ]
1113 )
1114fi
1115
2fe51906 1116if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
1117 AC_MSG_CHECKING(if getaddrinfo seems to work)
1118 AC_TRY_RUN(
1119 [
1120#include <stdio.h>
1121#include <sys/socket.h>
1122#include <netdb.h>
1123#include <errno.h>
1124#include <netinet/in.h>
1125
1126#define TEST_PORT "2222"
1127
1128int
1129main(void)
1130{
1131 int err, sock;
1132 struct addrinfo *gai_ai, *ai, hints;
1133 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1134
1135 memset(&hints, 0, sizeof(hints));
1136 hints.ai_family = PF_UNSPEC;
1137 hints.ai_socktype = SOCK_STREAM;
1138 hints.ai_flags = AI_PASSIVE;
1139
1140 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1141 if (err != 0) {
1142 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1143 exit(1);
1144 }
1145
1146 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1147 if (ai->ai_family != AF_INET6)
1148 continue;
1149
1150 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1151 sizeof(ntop), strport, sizeof(strport),
1152 NI_NUMERICHOST|NI_NUMERICSERV);
1153
1154 if (err != 0) {
1155 if (err == EAI_SYSTEM)
1156 perror("getnameinfo EAI_SYSTEM");
1157 else
1158 fprintf(stderr, "getnameinfo failed: %s\n",
1159 gai_strerror(err));
1160 exit(2);
1161 }
1162
1163 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1164 if (sock < 0)
1165 perror("socket");
1166 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1167 if (errno == EBADF)
1168 exit(3);
1169 }
1170 }
1171 exit(0);
1172}
1173 ],
1174 [
1175 AC_MSG_RESULT(yes)
1176 ],
1177 [
1178 AC_MSG_RESULT(no)
1179 AC_DEFINE(BROKEN_GETADDRINFO)
1180 ]
1181 )
1182fi
1183
5ccf88cb 1184if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_aix_broken_getaddrinfo" = "x1"; then
1185 AC_MSG_CHECKING(if getaddrinfo seems to work)
1186 AC_TRY_RUN(
1187 [
1188#include <stdio.h>
1189#include <sys/socket.h>
1190#include <netdb.h>
1191#include <errno.h>
1192#include <netinet/in.h>
1193
1194#define TEST_PORT "2222"
1195
1196int
1197main(void)
1198{
1199 int err, sock;
1200 struct addrinfo *gai_ai, *ai, hints;
1201 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1202
1203 memset(&hints, 0, sizeof(hints));
1204 hints.ai_family = PF_UNSPEC;
1205 hints.ai_socktype = SOCK_STREAM;
1206 hints.ai_flags = AI_PASSIVE;
1207
1208 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1209 if (err != 0) {
1210 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1211 exit(1);
1212 }
1213
1214 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1215 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1216 continue;
1217
1218 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1219 sizeof(ntop), strport, sizeof(strport),
1220 NI_NUMERICHOST|NI_NUMERICSERV);
1221
1222 if (ai->ai_family == AF_INET && err != 0) {
1223 perror("getnameinfo");
1224 exit(2);
1225 }
1226 }
1227 exit(0);
1228}
1229 ],
1230 [
1231 AC_MSG_RESULT(yes)
1232 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1233[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1234 ],
1235 [
1236 AC_MSG_RESULT(no)
1237 AC_DEFINE(BROKEN_GETADDRINFO)
1238 ]
1239 )
1240fi
1241
b29fd59f 1242if test "x$check_for_conflicting_getspnam" = "x1"; then
1243 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1244 AC_COMPILE_IFELSE(
1245 [
1246#include <shadow.h>
1247int main(void) {exit(0);}
1248 ],
1249 [
1250 AC_MSG_RESULT(no)
1251 ],
1252 [
1253 AC_MSG_RESULT(yes)
1254 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1255 [Conflicting defs for getspnam])
1256 ]
1257 )
1258fi
1259
7f8f5e00 1260AC_FUNC_GETPGRP
1261
717057b6 1262# Check for PAM libs
cbd7492e 1263PAM_MSG="no"
a0391976 1264AC_ARG_WITH(pam,
717057b6 1265 [ --with-pam Enable PAM support ],
a0391976 1266 [
717057b6 1267 if test "x$withval" != "xno" ; then
2511d104 1268 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1269 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1270 AC_MSG_ERROR([PAM headers not found])
1271 fi
a0391976 1272
717057b6 1273 AC_CHECK_LIB(dl, dlopen, , )
1274 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1275 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1276 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1277
717057b6 1278 PAM_MSG="yes"
4cb5ffa0 1279
717057b6 1280 AC_DEFINE(USE_PAM)
98f2d9d5 1281 if test $ac_cv_lib_dl_dlopen = yes; then
1282 LIBPAM="-lpam -ldl"
1283 else
1284 LIBPAM="-lpam"
1285 fi
1286 AC_SUBST(LIBPAM)
717057b6 1287 fi
1288 ]
1289)
cbd7492e 1290
717057b6 1291# Check for older PAM
1292if test "x$PAM_MSG" = "xyes" ; then
a0391976 1293 # Check PAM strerror arguments (old PAM)
1294 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1295 AC_TRY_COMPILE(
1296 [
18ba2aab 1297#include <stdlib.h>
2511d104 1298#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1299#include <security/pam_appl.h>
2511d104 1300#elif defined (HAVE_PAM_PAM_APPL_H)
1301#include <pam/pam_appl.h>
1302#endif
aff51935 1303 ],
1304 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1305 [AC_MSG_RESULT(no)],
1306 [
1307 AC_DEFINE(HAVE_OLD_PAM)
1308 AC_MSG_RESULT(yes)
cbd7492e 1309 PAM_MSG="yes (old library)"
a0391976 1310 ]
717057b6 1311 )
a0391976 1312fi
1313
5b991353 1314# Search for OpenSSL
1315saved_CPPFLAGS="$CPPFLAGS"
1316saved_LDFLAGS="$LDFLAGS"
a0391976 1317AC_ARG_WITH(ssl-dir,
1318 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1319 [
e9e4a1c7 1320 if test "x$withval" != "xno" ; then
99eb0f64 1321 case "$withval" in
1322 # Relative paths
1323 ./*|../*) withval="`pwd`/$withval"
1324 esac
5b991353 1325 if test -d "$withval/lib"; then
1326 if test -n "${need_dash_r}"; then
1327 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1328 else
1329 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1330 fi
1331 else
5b991353 1332 if test -n "${need_dash_r}"; then
1333 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1334 else
1335 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1336 fi
1337 fi
5b991353 1338 if test -d "$withval/include"; then
1339 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1340 else
5b991353 1341 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1342 fi
a0391976 1343 fi
5b991353 1344 ]
1345)
5486a457 1346LIBS="-lcrypto $LIBS"
5b991353 1347AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1348 [
5b991353 1349 dnl Check default openssl install dir
1350 if test -n "${need_dash_r}"; then
1351 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1352 else
5b991353 1353 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1354 fi
5b991353 1355 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1356 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1357 [
1358 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1359 ]
1360 )
1361 ]
1362)
1363
cd018561 1364# Determine OpenSSL header version
1365AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1366AC_RUN_IFELSE(
479cece8 1367 [AC_LANG_SOURCE([[
cd018561 1368#include <stdio.h>
1369#include <string.h>
1370#include <openssl/opensslv.h>
1371#define DATA "conftest.sslincver"
1372int main(void) {
aff51935 1373 FILE *fd;
1374 int rc;
cd018561 1375
aff51935 1376 fd = fopen(DATA,"w");
1377 if(fd == NULL)
1378 exit(1);
cd018561 1379
1380 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1381 exit(1);
1382
1383 exit(0);
1384}
479cece8 1385 ]])],
cd018561 1386 [
1387 ssl_header_ver=`cat conftest.sslincver`
1388 AC_MSG_RESULT($ssl_header_ver)
1389 ],
1390 [
1391 AC_MSG_RESULT(not found)
1392 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1393 ],
1394 [
1395 AC_MSG_WARN([cross compiling: not checking])
cd018561 1396 ]
1397)
1398
1399# Determine OpenSSL library version
1400AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1401AC_RUN_IFELSE(
479cece8 1402 [AC_LANG_SOURCE([[
cd018561 1403#include <stdio.h>
1404#include <string.h>
1405#include <openssl/opensslv.h>
1406#include <openssl/crypto.h>
1407#define DATA "conftest.ssllibver"
1408int main(void) {
aff51935 1409 FILE *fd;
1410 int rc;
cd018561 1411
aff51935 1412 fd = fopen(DATA,"w");
1413 if(fd == NULL)
1414 exit(1);
cd018561 1415
1416 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1417 exit(1);
1418
1419 exit(0);
1420}
479cece8 1421 ]])],
cd018561 1422 [
1423 ssl_library_ver=`cat conftest.ssllibver`
1424 AC_MSG_RESULT($ssl_library_ver)
1425 ],
1426 [
1427 AC_MSG_RESULT(not found)
1428 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1429 ],
1430 [
1431 AC_MSG_WARN([cross compiling: not checking])
cd018561 1432 ]
1433)
58d100bf 1434
9780116c 1435# Sanity check OpenSSL headers
1436AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1437AC_RUN_IFELSE(
479cece8 1438 [AC_LANG_SOURCE([[
9780116c 1439#include <string.h>
1440#include <openssl/opensslv.h>
aec4cb4f 1441int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1442 ]])],
9780116c 1443 [
1444 AC_MSG_RESULT(yes)
1445 ],
1446 [
1447 AC_MSG_RESULT(no)
e15ba28b 1448 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1449Check config.log for details.
1450Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1451 ],
1452 [
1453 AC_MSG_WARN([cross compiling: not checking])
9780116c 1454 ]
1455)
1456
5486a457 1457# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1458# because the system crypt() is more featureful.
1459if test "x$check_for_libcrypt_before" = "x1"; then
1460 AC_CHECK_LIB(crypt, crypt)
1461fi
1462
aff51935 1463# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1464# version in OpenSSL.
05114c74 1465if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1466 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1467fi
1468
f1b0ecc3 1469
1470### Configure cryptographic random number support
1471
1472# Check wheter OpenSSL seeds itself
1473AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1474AC_RUN_IFELSE(
479cece8 1475 [AC_LANG_SOURCE([[
f1b0ecc3 1476#include <string.h>
1477#include <openssl/rand.h>
aec4cb4f 1478int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1479 ]])],
f1b0ecc3 1480 [
1481 OPENSSL_SEEDS_ITSELF=yes
1482 AC_MSG_RESULT(yes)
1483 ],
1484 [
1485 AC_MSG_RESULT(no)
1486 # Default to use of the rand helper if OpenSSL doesn't
1487 # seed itself
1488 USE_RAND_HELPER=yes
1a01a50c 1489 ],
1490 [
1491 AC_MSG_WARN([cross compiling: assuming yes])
1492 # This is safe, since all recent OpenSSL versions will
1493 # complain at runtime if not seeded correctly.
1494 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1495 ]
1496)
1497
1498
1499# Do we want to force the use of the rand helper?
1500AC_ARG_WITH(rand-helper,
1501 [ --with-rand-helper Use subprocess to gather strong randomness ],
1502 [
1503 if test "x$withval" = "xno" ; then
aff51935 1504 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1505 # the previous test showed it to be unseeded.
1506 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1507 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1508 OPENSSL_SEEDS_ITSELF=yes
1509 USE_RAND_HELPER=""
1510 fi
1511 else
1512 USE_RAND_HELPER=yes
1513 fi
1514 ],
1515)
1516
1517# Which randomness source do we use?
1518if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1519 # OpenSSL only
1520 AC_DEFINE(OPENSSL_PRNG_ONLY)
1521 RAND_MSG="OpenSSL internal ONLY"
1522 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1523elif test ! -z "$USE_RAND_HELPER" ; then
1524 # install rand helper
f1b0ecc3 1525 RAND_MSG="ssh-rand-helper"
1526 INSTALL_SSH_RAND_HELPER="yes"
1527fi
1528AC_SUBST(INSTALL_SSH_RAND_HELPER)
1529
1530### Configuration of ssh-rand-helper
1531
1532# PRNGD TCP socket
1533AC_ARG_WITH(prngd-port,
1534 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1535 [
eb5d7ff6 1536 case "$withval" in
1537 no)
1538 withval=""
1539 ;;
1540 [[0-9]]*)
1541 ;;
1542 *)
1543 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1544 ;;
1545 esac
1546 if test ! -z "$withval" ; then
f1b0ecc3 1547 PRNGD_PORT="$withval"
1548 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1549 fi
1550 ]
1551)
1552
1553# PRNGD Unix domain socket
1554AC_ARG_WITH(prngd-socket,
1555 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1556 [
eb5d7ff6 1557 case "$withval" in
1558 yes)
f1b0ecc3 1559 withval="/var/run/egd-pool"
eb5d7ff6 1560 ;;
1561 no)
1562 withval=""
1563 ;;
1564 /*)
1565 ;;
1566 *)
1567 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1568 ;;
1569 esac
1570
1571 if test ! -z "$withval" ; then
f1b0ecc3 1572 if test ! -z "$PRNGD_PORT" ; then
1573 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1574 fi
906e811b 1575 if test ! -r "$withval" ; then
f1b0ecc3 1576 AC_MSG_WARN(Entropy socket is not readable)
1577 fi
1578 PRNGD_SOCKET="$withval"
1579 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1580 fi
ddceb1c8 1581 ],
1582 [
1583 # Check for existing socket only if we don't have a random device already
1584 if test "$USE_RAND_HELPER" = yes ; then
1585 AC_MSG_CHECKING(for PRNGD/EGD socket)
1586 # Insert other locations here
1587 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1588 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1589 PRNGD_SOCKET="$sock"
1590 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1591 break;
1592 fi
1593 done
1594 if test ! -z "$PRNGD_SOCKET" ; then
1595 AC_MSG_RESULT($PRNGD_SOCKET)
1596 else
1597 AC_MSG_RESULT(not found)
1598 fi
1599 fi
f1b0ecc3 1600 ]
1601)
1602
1603# Change default command timeout for hashing entropy source
1604entropy_timeout=200
1605AC_ARG_WITH(entropy-timeout,
1606 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1607 [
1608 if test "x$withval" != "xno" ; then
1609 entropy_timeout=$withval
1610 fi
1611 ]
1612)
f1b0ecc3 1613AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1614
fd3cbf67 1615SSH_PRIVSEP_USER=sshd
9a0fbcb3 1616AC_ARG_WITH(privsep-user,
5222e7ef 1617 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1618 [
1619 if test -n "$withval"; then
fd3cbf67 1620 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1621 fi
1622 ]
1623)
fd3cbf67 1624AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1625AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1626
81dadca3 1627# We do this little dance with the search path to insure
1628# that programs that we select for use by installed programs
1629# (which may be run by the super-user) come from trusted
1630# locations before they come from the user's private area.
1631# This should help avoid accidentally configuring some
1632# random version of a program in someone's personal bin.
1633
1634OPATH=$PATH
1635PATH=/bin:/usr/bin
f95c8ce8 1636test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1637test -d /sbin && PATH=$PATH:/sbin
1638test -d /usr/sbin && PATH=$PATH:/usr/sbin
1639PATH=$PATH:/etc:$OPATH
1640
aff51935 1641# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1642OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1643OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1644OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1645OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1646OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1647OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1648OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1649OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1650OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1651OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1652OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1653OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1654OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1655OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1656OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1657OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1658# restore PATH
1659PATH=$OPATH
f1b0ecc3 1660
1661# Where does ssh-rand-helper get its randomness from?
1662INSTALL_SSH_PRNG_CMDS=""
1663if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1664 if test ! -z "$PRNGD_PORT" ; then
1665 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1666 elif test ! -z "$PRNGD_SOCKET" ; then
1667 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1668 else
1669 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1670 RAND_HELPER_CMDHASH=yes
1671 INSTALL_SSH_PRNG_CMDS="yes"
1672 fi
1673fi
1674AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1675
1676
66d6c27e 1677# Cheap hack to ensure NEWS-OS libraries are arranged right.
1678if test ! -z "$SONY" ; then
1679 LIBS="$LIBS -liberty";
1680fi
1681
a0391976 1682# Checks for data types
976f7e19 1683AC_CHECK_SIZEOF(char, 1)
2b942fe0 1684AC_CHECK_SIZEOF(short int, 2)
1685AC_CHECK_SIZEOF(int, 4)
1686AC_CHECK_SIZEOF(long int, 4)
1687AC_CHECK_SIZEOF(long long int, 8)
1688
52f1ccb2 1689# Sanity check long long for some platforms (AIX)
1690if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1691 ac_cv_sizeof_long_long_int=0
1692fi
1693
a0391976 1694# More checks for data types
14a9a859 1695AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1696 AC_TRY_COMPILE(
aff51935 1697 [ #include <sys/types.h> ],
1698 [ u_int a; a = 1;],
14a9a859 1699 [ ac_cv_have_u_int="yes" ],
1700 [ ac_cv_have_u_int="no" ]
1701 )
1702])
1703if test "x$ac_cv_have_u_int" = "xyes" ; then
1704 AC_DEFINE(HAVE_U_INT)
1705 have_u_int=1
1706fi
1707
58d100bf 1708AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1709 AC_TRY_COMPILE(
aff51935 1710 [ #include <sys/types.h> ],
1711 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1712 [ ac_cv_have_intxx_t="yes" ],
1713 [ ac_cv_have_intxx_t="no" ]
1714 )
1715])
1716if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1717 AC_DEFINE(HAVE_INTXX_T)
1718 have_intxx_t=1
1719fi
41cb4569 1720
1721if (test -z "$have_intxx_t" && \
aff51935 1722 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1723then
1724 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1725 AC_TRY_COMPILE(
aff51935 1726 [ #include <stdint.h> ],
1727 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1728 [
1729 AC_DEFINE(HAVE_INTXX_T)
1730 AC_MSG_RESULT(yes)
1731 ],
1732 [ AC_MSG_RESULT(no) ]
1733 )
1734fi
1735
bd590612 1736AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1737 AC_TRY_COMPILE(
1cbbe6c8 1738 [
1739#include <sys/types.h>
1740#ifdef HAVE_STDINT_H
1741# include <stdint.h>
1742#endif
1743#include <sys/socket.h>
1744#ifdef HAVE_SYS_BITYPES_H
1745# include <sys/bitypes.h>
1746#endif
aff51935 1747 ],
1748 [ int64_t a; a = 1;],
bd590612 1749 [ ac_cv_have_int64_t="yes" ],
1750 [ ac_cv_have_int64_t="no" ]
1751 )
1752])
1753if test "x$ac_cv_have_int64_t" = "xyes" ; then
1754 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1755fi
1756
58d100bf 1757AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1758 AC_TRY_COMPILE(
aff51935 1759 [ #include <sys/types.h> ],
1760 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1761 [ ac_cv_have_u_intxx_t="yes" ],
1762 [ ac_cv_have_u_intxx_t="no" ]
1763 )
1764])
1765if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1766 AC_DEFINE(HAVE_U_INTXX_T)
1767 have_u_intxx_t=1
1768fi
2b942fe0 1769
41cb4569 1770if test -z "$have_u_intxx_t" ; then
1771 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1772 AC_TRY_COMPILE(
aff51935 1773 [ #include <sys/socket.h> ],
1774 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1775 [
1776 AC_DEFINE(HAVE_U_INTXX_T)
1777 AC_MSG_RESULT(yes)
1778 ],
1779 [ AC_MSG_RESULT(no) ]
1780 )
1781fi
1782
bd590612 1783AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1784 AC_TRY_COMPILE(
aff51935 1785 [ #include <sys/types.h> ],
1786 [ u_int64_t a; a = 1;],
bd590612 1787 [ ac_cv_have_u_int64_t="yes" ],
1788 [ ac_cv_have_u_int64_t="no" ]
1789 )
1790])
1791if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1792 AC_DEFINE(HAVE_U_INT64_T)
1793 have_u_int64_t=1
1794fi
1795
ddceb1c8 1796if test -z "$have_u_int64_t" ; then
1797 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1798 AC_TRY_COMPILE(
aff51935 1799 [ #include <sys/bitypes.h> ],
ddceb1c8 1800 [ u_int64_t a; a = 1],
1801 [
1802 AC_DEFINE(HAVE_U_INT64_T)
1803 AC_MSG_RESULT(yes)
1804 ],
1805 [ AC_MSG_RESULT(no) ]
1806 )
1807fi
1808
41cb4569 1809if test -z "$have_u_intxx_t" ; then
1810 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1811 AC_TRY_COMPILE(
1812 [
1813#include <sys/types.h>
aff51935 1814 ],
1815 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 1816 [ ac_cv_have_uintxx_t="yes" ],
1817 [ ac_cv_have_uintxx_t="no" ]
1818 )
1819 ])
1820 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1821 AC_DEFINE(HAVE_UINTXX_T)
1822 fi
1823fi
1824
1825if test -z "$have_uintxx_t" ; then
1826 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1827 AC_TRY_COMPILE(
aff51935 1828 [ #include <stdint.h> ],
1829 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 1830 [
1831 AC_DEFINE(HAVE_UINTXX_T)
1832 AC_MSG_RESULT(yes)
1833 ],
1834 [ AC_MSG_RESULT(no) ]
1835 )
1836fi
1837
e5fe9a1f 1838if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 1839 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1840then
1841 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1842 AC_TRY_COMPILE(
58d100bf 1843 [
1844#include <sys/bitypes.h>
aff51935 1845 ],
5cdfe03f 1846 [
837c30b8 1847 int8_t a; int16_t b; int32_t c;
1848 u_int8_t e; u_int16_t f; u_int32_t g;
1849 a = b = c = e = f = g = 1;
aff51935 1850 ],
5cdfe03f 1851 [
1852 AC_DEFINE(HAVE_U_INTXX_T)
1853 AC_DEFINE(HAVE_INTXX_T)
1854 AC_MSG_RESULT(yes)
1855 ],
1856 [AC_MSG_RESULT(no)]
aff51935 1857 )
5cdfe03f 1858fi
1859
0362750e 1860
1861AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1862 AC_TRY_COMPILE(
1863 [
1864#include <sys/types.h>
1865 ],
1866 [ u_char foo; foo = 125; ],
1867 [ ac_cv_have_u_char="yes" ],
1868 [ ac_cv_have_u_char="no" ]
1869 )
1870])
1871if test "x$ac_cv_have_u_char" = "xyes" ; then
1872 AC_DEFINE(HAVE_U_CHAR)
1873fi
1874
98a7c37b 1875TYPE_SOCKLEN_T
2b942fe0 1876
2d16d9a3 1877AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 1878
777ece68 1879AC_CHECK_TYPES(in_addr_t,,,
1880[#include <sys/types.h>
1881#include <netinet/in.h>])
7b578f7d 1882
58d100bf 1883AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1884 AC_TRY_COMPILE(
1885 [
18ba2aab 1886#include <sys/types.h>
58d100bf 1887 ],
1888 [ size_t foo; foo = 1235; ],
1889 [ ac_cv_have_size_t="yes" ],
1890 [ ac_cv_have_size_t="no" ]
1891 )
1892])
1893if test "x$ac_cv_have_size_t" = "xyes" ; then
1894 AC_DEFINE(HAVE_SIZE_T)
1895fi
ea1970a3 1896
c04f75f1 1897AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1898 AC_TRY_COMPILE(
1899 [
1900#include <sys/types.h>
1901 ],
1902 [ ssize_t foo; foo = 1235; ],
1903 [ ac_cv_have_ssize_t="yes" ],
1904 [ ac_cv_have_ssize_t="no" ]
1905 )
1906])
1907if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1908 AC_DEFINE(HAVE_SSIZE_T)
1909fi
1910
f1c4659d 1911AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1912 AC_TRY_COMPILE(
1913 [
1914#include <time.h>
1915 ],
1916 [ clock_t foo; foo = 1235; ],
1917 [ ac_cv_have_clock_t="yes" ],
1918 [ ac_cv_have_clock_t="no" ]
1919 )
1920])
1921if test "x$ac_cv_have_clock_t" = "xyes" ; then
1922 AC_DEFINE(HAVE_CLOCK_T)
1923fi
1924
1c04b088 1925AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1926 AC_TRY_COMPILE(
1927 [
1928#include <sys/types.h>
1929#include <sys/socket.h>
1930 ],
1931 [ sa_family_t foo; foo = 1235; ],
1932 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 1933 [ AC_TRY_COMPILE(
1934 [
1935#include <sys/types.h>
1936#include <sys/socket.h>
1937#include <netinet/in.h>
1938 ],
1939 [ sa_family_t foo; foo = 1235; ],
1940 [ ac_cv_have_sa_family_t="yes" ],
1941
1c04b088 1942 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 1943 )]
1c04b088 1944 )
1945])
1946if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1947 AC_DEFINE(HAVE_SA_FAMILY_T)
1948fi
1949
729bfe59 1950AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1951 AC_TRY_COMPILE(
1952 [
1953#include <sys/types.h>
1954 ],
1955 [ pid_t foo; foo = 1235; ],
1956 [ ac_cv_have_pid_t="yes" ],
1957 [ ac_cv_have_pid_t="no" ]
1958 )
1959])
1960if test "x$ac_cv_have_pid_t" = "xyes" ; then
1961 AC_DEFINE(HAVE_PID_T)
1962fi
1963
1964AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1965 AC_TRY_COMPILE(
1966 [
1967#include <sys/types.h>
1968 ],
1969 [ mode_t foo; foo = 1235; ],
1970 [ ac_cv_have_mode_t="yes" ],
1971 [ ac_cv_have_mode_t="no" ]
1972 )
1973])
1974if test "x$ac_cv_have_mode_t" = "xyes" ; then
1975 AC_DEFINE(HAVE_MODE_T)
1976fi
1977
e3a93db0 1978
58d100bf 1979AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1980 AC_TRY_COMPILE(
1981 [
18ba2aab 1982#include <sys/types.h>
1983#include <sys/socket.h>
58d100bf 1984 ],
1985 [ struct sockaddr_storage s; ],
1986 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1987 [ ac_cv_have_struct_sockaddr_storage="no" ]
1988 )
1989])
1990if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1991 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1992fi
48e671d5 1993
58d100bf 1994AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1995 AC_TRY_COMPILE(
1996 [
cbd7492e 1997#include <sys/types.h>
58d100bf 1998#include <netinet/in.h>
1999 ],
2000 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2001 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2002 [ ac_cv_have_struct_sockaddr_in6="no" ]
2003 )
2004])
2005if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2006 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
2007fi
48e671d5 2008
58d100bf 2009AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2010 AC_TRY_COMPILE(
2011 [
cbd7492e 2012#include <sys/types.h>
58d100bf 2013#include <netinet/in.h>
2014 ],
2015 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2016 [ ac_cv_have_struct_in6_addr="yes" ],
2017 [ ac_cv_have_struct_in6_addr="no" ]
2018 )
2019])
2020if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2021 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
2022fi
48e671d5 2023
58d100bf 2024AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2025 AC_TRY_COMPILE(
2026 [
18ba2aab 2027#include <sys/types.h>
2028#include <sys/socket.h>
2029#include <netdb.h>
58d100bf 2030 ],
2031 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2032 [ ac_cv_have_struct_addrinfo="yes" ],
2033 [ ac_cv_have_struct_addrinfo="no" ]
2034 )
2035])
2036if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2037 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2038fi
2039
89c7e31c 2040AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2041 AC_TRY_COMPILE(
aff51935 2042 [ #include <sys/time.h> ],
2043 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2044 [ ac_cv_have_struct_timeval="yes" ],
2045 [ ac_cv_have_struct_timeval="no" ]
2046 )
2047])
2048if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2049 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2050 have_struct_timeval=1
2051fi
2052
5271b55c 2053AC_CHECK_TYPES(struct timespec)
2054
85abc74b 2055# We need int64_t or else certian parts of the compile will fail.
2c523de9 2056if test "x$ac_cv_have_int64_t" = "xno" -a \
2057 "x$ac_cv_sizeof_long_int" != "x8" -a \
2058 "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2059 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2060 echo "an alternative compiler (I.E., GCC) before continuing."
2061 echo ""
2062 exit 1;
733cf7f4 2063else
2064dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2065 AC_RUN_IFELSE(
479cece8 2066 [AC_LANG_SOURCE([[
733cf7f4 2067#include <stdio.h>
2068#include <string.h>
2069#ifdef HAVE_SNPRINTF
2070main()
2071{
2072 char buf[50];
2073 char expected_out[50];
2074 int mazsize = 50 ;
2075#if (SIZEOF_LONG_INT == 8)
2076 long int num = 0x7fffffffffffffff;
2077#else
763a1a18 2078 long long num = 0x7fffffffffffffffll;
733cf7f4 2079#endif
2080 strcpy(expected_out, "9223372036854775807");
2081 snprintf(buf, mazsize, "%lld", num);
2082 if(strcmp(buf, expected_out) != 0)
aff51935 2083 exit(1);
733cf7f4 2084 exit(0);
2085}
2086#else
2087main() { exit(0); }
2088#endif
479cece8 2089 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2090 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2091 )
2c523de9 2092fi
2093
77bb0bca 2094dnl Checks for structure members
58d100bf 2095OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2096OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2097OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2098OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2099OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2100OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2101OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2102OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2103OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2104OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2105OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2106OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2107OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2108OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2109OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2110OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2111OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2112
2113AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2114
58d100bf 2115AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2116 ac_cv_have_ss_family_in_struct_ss, [
2117 AC_TRY_COMPILE(
2118 [
18ba2aab 2119#include <sys/types.h>
2120#include <sys/socket.h>
58d100bf 2121 ],
2122 [ struct sockaddr_storage s; s.ss_family = 1; ],
2123 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2124 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2125 )
2126])
2127if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2128 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2129fi
2130
58d100bf 2131AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2132 ac_cv_have___ss_family_in_struct_ss, [
2133 AC_TRY_COMPILE(
2134 [
18ba2aab 2135#include <sys/types.h>
2136#include <sys/socket.h>
58d100bf 2137 ],
2138 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2139 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2140 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2141 )
2142])
2143if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2144 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2145fi
2146
2e73a022 2147AC_CACHE_CHECK([for pw_class field in struct passwd],
2148 ac_cv_have_pw_class_in_struct_passwd, [
2149 AC_TRY_COMPILE(
2150 [
2e73a022 2151#include <pwd.h>
2152 ],
97994d32 2153 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2154 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2155 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2156 )
2157])
2158if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2159 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2160fi
2161
7751d4eb 2162AC_CACHE_CHECK([for pw_expire field in struct passwd],
2163 ac_cv_have_pw_expire_in_struct_passwd, [
2164 AC_TRY_COMPILE(
2165 [
2166#include <pwd.h>
2167 ],
2168 [ struct passwd p; p.pw_expire = 0; ],
2169 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2170 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2171 )
2172])
2173if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2174 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2175fi
2176
2177AC_CACHE_CHECK([for pw_change field in struct passwd],
2178 ac_cv_have_pw_change_in_struct_passwd, [
2179 AC_TRY_COMPILE(
2180 [
2181#include <pwd.h>
2182 ],
2183 [ struct passwd p; p.pw_change = 0; ],
2184 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2185 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2186 )
2187])
2188if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2189 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2190fi
58d100bf 2191
637f9177 2192dnl make sure we're using the real structure members and not defines
6f34652e 2193AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2194 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2195 AC_COMPILE_IFELSE(
6f34652e 2196 [
f95c8ce8 2197#include <sys/types.h>
6f34652e 2198#include <sys/socket.h>
2199#include <sys/uio.h>
637f9177 2200int main() {
2201#ifdef msg_accrights
1a01a50c 2202#error "msg_accrights is a macro"
637f9177 2203exit(1);
2204#endif
2205struct msghdr m;
2206m.msg_accrights = 0;
2207exit(0);
2208}
6f34652e 2209 ],
6f34652e 2210 [ ac_cv_have_accrights_in_msghdr="yes" ],
2211 [ ac_cv_have_accrights_in_msghdr="no" ]
2212 )
2213])
2214if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2215 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2216fi
2217
7176df4f 2218AC_CACHE_CHECK([for msg_control field in struct msghdr],
2219 ac_cv_have_control_in_msghdr, [
1a01a50c 2220 AC_COMPILE_IFELSE(
7176df4f 2221 [
f95c8ce8 2222#include <sys/types.h>
7176df4f 2223#include <sys/socket.h>
2224#include <sys/uio.h>
637f9177 2225int main() {
2226#ifdef msg_control
1a01a50c 2227#error "msg_control is a macro"
637f9177 2228exit(1);
2229#endif
2230struct msghdr m;
2231m.msg_control = 0;
2232exit(0);
2233}
7176df4f 2234 ],
7176df4f 2235 [ ac_cv_have_control_in_msghdr="yes" ],
2236 [ ac_cv_have_control_in_msghdr="no" ]
2237 )
2238])
2239if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2240 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2241fi
2242
58d100bf 2243AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2244 AC_TRY_LINK([],
2245 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2246 [ ac_cv_libc_defines___progname="yes" ],
2247 [ ac_cv_libc_defines___progname="no" ]
2248 )
2249])
2250if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2251 AC_DEFINE(HAVE___PROGNAME)
2252fi
8946db53 2253
c921ee00 2254AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2255 AC_TRY_LINK([
2256#include <stdio.h>
aff51935 2257],
2258 [ printf("%s", __FUNCTION__); ],
c921ee00 2259 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2260 [ ac_cv_cc_implements___FUNCTION__="no" ]
2261 )
2262])
2263if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2264 AC_DEFINE(HAVE___FUNCTION__)
2265fi
2266
2267AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2268 AC_TRY_LINK([
2269#include <stdio.h>
aff51935 2270],
2271 [ printf("%s", __func__); ],
c921ee00 2272 [ ac_cv_cc_implements___func__="yes" ],
2273 [ ac_cv_cc_implements___func__="no" ]
2274 )
2275])
2276if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2277 AC_DEFINE(HAVE___func__)
2278fi
2279
1812a662 2280AC_CACHE_CHECK([whether getopt has optreset support],
2281 ac_cv_have_getopt_optreset, [
2282 AC_TRY_LINK(
2283 [
2284#include <getopt.h>
2285 ],
2286 [ extern int optreset; optreset = 0; ],
2287 [ ac_cv_have_getopt_optreset="yes" ],
2288 [ ac_cv_have_getopt_optreset="no" ]
2289 )
2290])
2291if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2292 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2293fi
a0391976 2294
819b676f 2295AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2296 AC_TRY_LINK([],
2297 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2298 [ ac_cv_libc_defines_sys_errlist="yes" ],
2299 [ ac_cv_libc_defines_sys_errlist="no" ]
2300 )
2301])
2302if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2303 AC_DEFINE(HAVE_SYS_ERRLIST)
2304fi
2305
2306
416ed5a7 2307AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2308 AC_TRY_LINK([],
2309 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2310 [ ac_cv_libc_defines_sys_nerr="yes" ],
2311 [ ac_cv_libc_defines_sys_nerr="no" ]
2312 )
2313])
2314if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2315 AC_DEFINE(HAVE_SYS_NERR)
2316fi
2317
aff51935 2318SCARD_MSG="no"
295c8801 2319# Check whether user wants sectok support
2320AC_ARG_WITH(sectok,
2321 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2322 [
2323 if test "x$withval" != "xno" ; then
2324 if test "x$withval" != "xyes" ; then
2325 CPPFLAGS="$CPPFLAGS -I${withval}"
2326 LDFLAGS="$LDFLAGS -L${withval}"
2327 if test ! -z "$need_dash_r" ; then
2328 LDFLAGS="$LDFLAGS -R${withval}"
2329 fi
2330 if test ! -z "$blibpath" ; then
2331 blibpath="$blibpath:${withval}"
2332 fi
2333 fi
2334 AC_CHECK_HEADERS(sectok.h)
2335 if test "$ac_cv_header_sectok_h" != yes; then
2336 AC_MSG_ERROR(Can't find sectok.h)
2337 fi
2338 AC_CHECK_LIB(sectok, sectok_open)
2339 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2340 AC_MSG_ERROR(Can't find libsectok)
2341 fi
2342 AC_DEFINE(SMARTCARD)
295c8801 2343 AC_DEFINE(USE_SECTOK)
aff51935 2344 SCARD_MSG="yes, using sectok"
295c8801 2345 fi
2346 ]
2347)
2348
2349# Check whether user wants OpenSC support
2350AC_ARG_WITH(opensc,
49ef62db 2351 AC_HELP_STRING([--with-opensc=PFX],
2352 [Enable smartcard support using OpenSC]),
2353 opensc_config_prefix="$withval", opensc_config_prefix="")
2354if test x$opensc_config_prefix != x ; then
2355 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
2356 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2357 if test "$OPENSC_CONFIG" != "no"; then
2358 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2359 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2360 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2361 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2362 AC_DEFINE(SMARTCARD)
2363 AC_DEFINE(USE_OPENSC)
aff51935 2364 SCARD_MSG="yes, using OpenSC"
49ef62db 2365 fi
2366fi
d0b19c95 2367
c31dc31c 2368# Check libraries needed by DNS fingerprint support
aff51935 2369AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2370 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2371 [
c31dc31c 2372 # Needed by our getrrsetbyname()
2373 AC_SEARCH_LIBS(res_query, resolv)
2374 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2375 AC_MSG_CHECKING(if res_query will link)
2376 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2377 [AC_MSG_RESULT(no)
2378 saved_LIBS="$LIBS"
2379 LIBS="$LIBS -lresolv"
2380 AC_MSG_CHECKING(for res_query in -lresolv)
2381 AC_LINK_IFELSE([
2382#include <resolv.h>
2383int main()
2384{
2385 res_query (0, 0, 0, 0, 0);
2386 return 0;
2387}
2388 ],
2389 [LIBS="$LIBS -lresolv"
2390 AC_MSG_RESULT(yes)],
2391 [LIBS="$saved_LIBS"
2392 AC_MSG_RESULT(no)])
2393 ])
c31dc31c 2394 AC_CHECK_FUNCS(_getshort _getlong)
2395 AC_CHECK_MEMBER(HEADER.ad,
2396 [AC_DEFINE(HAVE_HEADER_AD)],,
2397 [#include <arpa/nameser.h>])
2398 ])
3e05e934 2399
12928e80 2400# Check whether user wants Kerberos 5 support
aff51935 2401KRB5_MSG="no"
12928e80 2402AC_ARG_WITH(kerberos5,
aff51935 2403 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2404 [ if test "x$withval" != "xno" ; then
2405 if test "x$withval" = "xyes" ; then
2406 KRB5ROOT="/usr/local"
2407 else
2408 KRB5ROOT=${withval}
2409 fi
2410
2411 AC_DEFINE(KRB5)
2412 KRB5_MSG="yes"
2413
2414 AC_MSG_CHECKING(for krb5-config)
2415 if test -x $KRB5ROOT/bin/krb5-config ; then
2416 KRB5CONF=$KRB5ROOT/bin/krb5-config
2417 AC_MSG_RESULT($KRB5CONF)
2418
2419 AC_MSG_CHECKING(for gssapi support)
2420 if $KRB5CONF | grep gssapi >/dev/null ; then
2421 AC_MSG_RESULT(yes)
071970fb 2422 AC_DEFINE(GSSAPI)
2423 k5confopts=gssapi
aff51935 2424 else
5585c441 2425 AC_MSG_RESULT(no)
071970fb 2426 k5confopts=""
aff51935 2427 fi
071970fb 2428 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2429 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2430 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2431 AC_MSG_CHECKING(whether we are using Heimdal)
2432 AC_TRY_COMPILE([ #include <krb5.h> ],
2433 [ char *tmp = heimdal_version; ],
2434 [ AC_MSG_RESULT(yes)
2435 AC_DEFINE(HEIMDAL) ],
2436 AC_MSG_RESULT(no)
2437 )
2438 else
2439 AC_MSG_RESULT(no)
12928e80 2440 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2441 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2442 AC_MSG_CHECKING(whether we are using Heimdal)
2443 AC_TRY_COMPILE([ #include <krb5.h> ],
2444 [ char *tmp = heimdal_version; ],
2445 [ AC_MSG_RESULT(yes)
2446 AC_DEFINE(HEIMDAL)
41707f74 2447 K5LIBS="-lkrb5 -ldes"
2448 K5LIBS="$K5LIBS -lcom_err -lasn1"
2449 AC_CHECK_LIB(roken, net_write,
2450 [K5LIBS="$K5LIBS -lroken"])
aff51935 2451 ],
2452 [ AC_MSG_RESULT(no)
2453 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2454 ]
2455 )
4e00038c 2456 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2457
749560dd 2458 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2459 [ AC_DEFINE(GSSAPI)
2460 K5LIBS="-lgssapi $K5LIBS" ],
2461 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2462 [ AC_DEFINE(GSSAPI)
aff51935 2463 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2464 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2465 $K5LIBS)
2466 ],
2467 $K5LIBS)
2468
2469 AC_CHECK_HEADER(gssapi.h, ,
2470 [ unset ac_cv_header_gssapi_h
aff51935 2471 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2472 AC_CHECK_HEADERS(gssapi.h, ,
2473 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2474 )
749560dd 2475 ]
2476 )
2477
2478 oldCPP="$CPPFLAGS"
2479 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2480 AC_CHECK_HEADER(gssapi_krb5.h, ,
2481 [ CPPFLAGS="$oldCPP" ])
2482
aff51935 2483 fi
5585c441 2484 if test ! -z "$need_dash_r" ; then
2485 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2486 fi
2487 if test ! -z "$blibpath" ; then
2488 blibpath="$blibpath:${KRB5ROOT}/lib"
2489 fi
071970fb 2490 fi
2491
2492 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2493 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2494 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2495
2496 LIBS="$LIBS $K5LIBS"
2497 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
79753592 2498 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
071970fb 2499 ]
12928e80 2500)
b5b68128 2501
a0391976 2502# Looking for programs, paths and files
a0391976 2503
ecac8ee5 2504PRIVSEP_PATH=/var/empty
2505AC_ARG_WITH(privsep-path,
cda1ebcb 2506 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2507 [
2508 if test "x$withval" != "$no" ; then
2509 PRIVSEP_PATH=$withval
2510 fi
2511 ]
2512)
2513AC_SUBST(PRIVSEP_PATH)
2514
a0391976 2515AC_ARG_WITH(xauth,
2516 [ --with-xauth=PATH Specify path to xauth program ],
2517 [
00937921 2518 if test "x$withval" != "xno" ; then
cbd7492e 2519 xauth_path=$withval
a0391976 2520 fi
2521 ],
2522 [
2bf42e4a 2523 TestPath="$PATH"
2524 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2525 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2526 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2527 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2528 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2529 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2530 xauth_path="/usr/openwin/bin/xauth"
2531 fi
2532 ]
2533)
2534
65a4b4af 2535STRIP_OPT=-s
2536AC_ARG_ENABLE(strip,
2537 [ --disable-strip Disable calling strip(1) on install],
2538 [
2539 if test "x$enableval" = "xno" ; then
2540 STRIP_OPT=
2541 fi
2542 ]
2543)
2544AC_SUBST(STRIP_OPT)
2545
b3ec54b4 2546if test -z "$xauth_path" ; then
2547 XAUTH_PATH="undefined"
2548 AC_SUBST(XAUTH_PATH)
2549else
a0391976 2550 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2551 XAUTH_PATH=$xauth_path
2552 AC_SUBST(XAUTH_PATH)
a0391976 2553fi
a0391976 2554
2555# Check for mail directory (last resort if we cannot get it from headers)
2556if test ! -z "$MAIL" ; then
2557 maildir=`dirname $MAIL`
2558 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2559fi
2560
479cece8 2561if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2562 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2563 disable_ptmx_check=yes
2564fi
a0391976 2565if test -z "$no_dev_ptmx" ; then
6e879cb4 2566 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2567 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2568 [
2569 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2570 have_dev_ptmx=1
2571 ]
2572 )
2573 fi
3276571c 2574fi
1a01a50c 2575
479cece8 2576if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2577 AC_CHECK_FILE("/dev/ptc",
2578 [
2579 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2580 have_dev_ptc=1
2581 ]
2582 )
2583else
2584 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2585fi
3276571c 2586
a0391976 2587# Options from here on. Some of these are preset by platform above
fdf6b7aa 2588AC_ARG_WITH(mantype,
5d97cfbf 2589 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2590 [
5d97cfbf 2591 case "$withval" in
2592 man|cat|doc)
2593 MANTYPE=$withval
2594 ;;
2595 *)
2596 AC_MSG_ERROR(invalid man type: $withval)
2597 ;;
2598 esac
c54a6257 2599 ]
2600)
e0c4d3ac 2601if test -z "$MANTYPE"; then
2bf42e4a 2602 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2603 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2604 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2605 MANTYPE=doc
2606 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2607 MANTYPE=man
2608 else
2609 MANTYPE=cat
2610 fi
2611fi
c54a6257 2612AC_SUBST(MANTYPE)
e0c4d3ac 2613if test "$MANTYPE" = "doc"; then
2614 mansubdir=man;
2615else
2616 mansubdir=$MANTYPE;
2617fi
2618AC_SUBST(mansubdir)
0bc5b6fb 2619
a0391976 2620# Check whether to enable MD5 passwords
aff51935 2621MD5_MSG="no"
2ddcfdf3 2622AC_ARG_WITH(md5-passwords,
caf3bc51 2623 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2624 [
bcf36c78 2625 if test "x$withval" != "xno" ; then
0bc5b6fb 2626 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2627 MD5_MSG="yes"
0bc5b6fb 2628 fi
2629 ]
caf3bc51 2630)
2631
a0391976 2632# Whether to disable shadow password support
a7effaac 2633AC_ARG_WITH(shadow,
2634 [ --without-shadow Disable shadow password support],
2635 [
2636 if test "x$withval" = "xno" ; then
2637 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2638 disable_shadow=yes
a7effaac 2639 fi
2640 ]
2641)
2642
4cb5ffa0 2643if test -z "$disable_shadow" ; then
2644 AC_MSG_CHECKING([if the systems has expire shadow information])
2645 AC_TRY_COMPILE(
2646 [
2647#include <sys/types.h>
2648#include <shadow.h>
2649 struct spwd sp;
2650 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2651 [ sp_expire_available=yes ], []
2652 )
2653
2654 if test "x$sp_expire_available" = "xyes" ; then
2655 AC_MSG_RESULT(yes)
2656 AC_DEFINE(HAS_SHADOW_EXPIRE)
2657 else
2658 AC_MSG_RESULT(no)
2659 fi
2660fi
2661
a0391976 2662# Use ip address instead of hostname in $DISPLAY
44839801 2663if test ! -z "$IPADDR_IN_DISPLAY" ; then
2664 DISPLAY_HACK_MSG="yes"
2665 AC_DEFINE(IPADDR_IN_DISPLAY)
2666else
aff51935 2667 DISPLAY_HACK_MSG="no"
44839801 2668 AC_ARG_WITH(ipaddr-display,
2669 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2670 [
2671 if test "x$withval" != "xno" ; then
2672 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2673 DISPLAY_HACK_MSG="yes"
44839801 2674 fi
2675 ]
2676 )
2677fi
a7effaac 2678
95b99395 2679# check for /etc/default/login and use it if present.
daa41e62 2680AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2681 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2682 [ if test "x$enableval" = "xno"; then
2683 AC_MSG_NOTICE([/etc/default/login handling disabled])
2684 etc_default_login=no
2685 else
2686 etc_default_login=yes
2687 fi ],
2688 [ etc_default_login=yes ]
2689)
95b99395 2690
694d0cef 2691if test "x$etc_default_login" != "xno"; then
2692 AC_CHECK_FILE("/etc/default/login",
2693 [ external_path_file=/etc/default/login ])
479cece8 2694 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2695 then
1a01a50c 2696 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2697 elif test "x$external_path_file" = "x/etc/default/login"; then
2698 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2699 fi
694d0cef 2700fi
95b99395 2701
8d184c09 2702dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2703if test $ac_cv_func_login_getcapbool = "yes" -a \
2704 $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2705 external_path_file=/etc/login.conf
8d184c09 2706fi
95b99395 2707
a0391976 2708# Whether to mess with the default path
aff51935 2709SERVER_PATH_MSG="(default)"
c43d69a9 2710AC_ARG_WITH(default-path,
75817f90 2711 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2712 [
95b99395 2713 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2714 AC_MSG_WARN([
2715--with-default-path=PATH has no effect on this system.
2716Edit /etc/login.conf instead.])
2717 elif test "x$withval" != "xno" ; then
89bbd457 2718 if test ! -z "$external_path_file" ; then
95b99395 2719 AC_MSG_WARN([
2720--with-default-path=PATH will only be used if PATH is not defined in
2721$external_path_file .])
2722 fi
b2d818e6 2723 user_path="$withval"
aff51935 2724 SERVER_PATH_MSG="$withval"
cb807f40 2725 fi
b2d818e6 2726 ],
95b99395 2727 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2728 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2729 else
89bbd457 2730 if test ! -z "$external_path_file" ; then
95b99395 2731 AC_MSG_WARN([
2732If PATH is defined in $external_path_file, ensure the path to scp is included,
2733otherwise scp will not work.])
2734 fi
2735 AC_TRY_RUN(
2736 [
b2d818e6 2737/* find out what STDPATH is */
2738#include <stdio.h>
b2d818e6 2739#ifdef HAVE_PATHS_H
2740# include <paths.h>
2741#endif
2742#ifndef _PATH_STDPATH
d9a4e55b 2743# ifdef _PATH_USERPATH /* Irix */
2744# define _PATH_STDPATH _PATH_USERPATH
2745# else
2746# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2747# endif
b2d818e6 2748#endif
2749#include <sys/types.h>
2750#include <sys/stat.h>
2751#include <fcntl.h>
2752#define DATA "conftest.stdpath"
2753
2754main()
2755{
2756 FILE *fd;
2757 int rc;
2758
2759 fd = fopen(DATA,"w");
2760 if(fd == NULL)
2761 exit(1);
2762
2763 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2764 exit(1);
2765
2766 exit(0);
2767}
2768 ], [ user_path=`cat conftest.stdpath` ],
2769 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2770 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2771 )
2772# make sure $bindir is in USER_PATH so scp will work
2773 t_bindir=`eval echo ${bindir}`
2774 case $t_bindir in
2775 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2776 esac
2777 case $t_bindir in
2778 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2779 esac
2780 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2781 if test $? -ne 0 ; then
2782 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2783 if test $? -ne 0 ; then
2784 user_path=$user_path:$t_bindir
2785 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2786 fi
2787 fi
8d184c09 2788 fi ]
cb807f40 2789)
95b99395 2790if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 2791 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2792 AC_SUBST(user_path)
2793fi
cb807f40 2794
06617857 2795# Set superuser path separately to user path
06617857 2796AC_ARG_WITH(superuser-path,
2797 [ --with-superuser-path= Specify different path for super-user],
2798 [
2799 if test "x$withval" != "xno" ; then
2800 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2801 superuser_path=$withval
2802 fi
2803 ]
2804)
2805
2806
58d100bf 2807AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 2808IPV4_IN6_HACK_MSG="no"
80faa19f 2809AC_ARG_WITH(4in6,
2810 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2811 [
2812 if test "x$withval" != "xno" ; then
2813 AC_MSG_RESULT(yes)
2814 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2815 IPV4_IN6_HACK_MSG="yes"
80faa19f 2816 else
2817 AC_MSG_RESULT(no)
2818 fi
2819 ],[
2820 if test "x$inet6_default_4in6" = "xyes"; then
2821 AC_MSG_RESULT([yes (default)])
2822 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2823 IPV4_IN6_HACK_MSG="yes"
80faa19f 2824 else
2825 AC_MSG_RESULT([no (default)])
2826 fi
2827 ]
2828)
2829
af774732 2830# Whether to enable BSD auth support
f1b0ecc3 2831BSD_AUTH_MSG=no
af774732 2832AC_ARG_WITH(bsd-auth,
2833 [ --with-bsd-auth Enable BSD auth support],
2834 [
2835 if test "x$withval" != "xno" ; then
2836 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2837 BSD_AUTH_MSG=yes
af774732 2838 fi
2839 ]
2840)
2841
a0391976 2842# Where to place sshd.pid
19d9ac2a 2843piddir=/var/run
81dadca3 2844# make sure the directory exists
2845if test ! -d $piddir ; then
2846 piddir=`eval echo ${sysconfdir}`
2847 case $piddir in
aff51935 2848 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 2849 esac
2850fi
2851
47e45e44 2852AC_ARG_WITH(pid-dir,
2853 [ --with-pid-dir=PATH Specify location of ssh.pid file],
2854 [
2855 if test "x$withval" != "xno" ; then
19d9ac2a 2856 piddir=$withval
81dadca3 2857 if test ! -d $piddir ; then
2858 AC_MSG_WARN([** no $piddir directory on this system **])
2859 fi
47e45e44 2860 fi
2861 ]
2862)
b7a87eea 2863
42f11eb2 2864AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 2865AC_SUBST(piddir)
47e45e44 2866
1d7b9b20 2867dnl allow user to disable some login recording features
2868AC_ARG_ENABLE(lastlog,
bfd550a2 2869 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 2870 [
2871 if test "x$enableval" = "xno" ; then
2872 AC_DEFINE(DISABLE_LASTLOG)
2873 fi
2874 ]
1d7b9b20 2875)
2876AC_ARG_ENABLE(utmp,
bfd550a2 2877 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 2878 [
2879 if test "x$enableval" = "xno" ; then
2880 AC_DEFINE(DISABLE_UTMP)
2881 fi
2882 ]
1d7b9b20 2883)
2884AC_ARG_ENABLE(utmpx,
bfd550a2 2885 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 2886 [
2887 if test "x$enableval" = "xno" ; then
2888 AC_DEFINE(DISABLE_UTMPX)
2889 fi
2890 ]
1d7b9b20 2891)
2892AC_ARG_ENABLE(wtmp,
bfd550a2 2893 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 2894 [
2895 if test "x$enableval" = "xno" ; then
2896 AC_DEFINE(DISABLE_WTMP)
2897 fi
2898 ]
1d7b9b20 2899)
2900AC_ARG_ENABLE(wtmpx,
bfd550a2 2901 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 2902 [
2903 if test "x$enableval" = "xno" ; then
2904 AC_DEFINE(DISABLE_WTMPX)
2905 fi
2906 ]
1d7b9b20 2907)
2908AC_ARG_ENABLE(libutil,
bfd550a2 2909 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 2910 [
2911 if test "x$enableval" = "xno" ; then
2912 AC_DEFINE(DISABLE_LOGIN)
2913 fi
2914 ]
1d7b9b20 2915)
2916AC_ARG_ENABLE(pututline,
bfd550a2 2917 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 2918 [
2919 if test "x$enableval" = "xno" ; then
aff51935 2920 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 2921 fi
2922 ]
1d7b9b20 2923)
2924AC_ARG_ENABLE(pututxline,
bfd550a2 2925 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 2926 [
2927 if test "x$enableval" = "xno" ; then
2928 AC_DEFINE(DISABLE_PUTUTXLINE)
2929 fi
2930 ]
1d7b9b20 2931)
2932AC_ARG_WITH(lastlog,
bfd550a2 2933 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 2934 [
2935 if test "x$withval" = "xno" ; then
2936 AC_DEFINE(DISABLE_LASTLOG)
2937 else
2938 conf_lastlog_location=$withval
2939 fi
2940 ]
2941)
1d7b9b20 2942
2943dnl lastlog, [uw]tmpx? detection
2944dnl NOTE: set the paths in the platform section to avoid the
2945dnl need for command-line parameters
2946dnl lastlog and [uw]tmp are subject to a file search if all else fails
2947
2948dnl lastlog detection
2949dnl NOTE: the code itself will detect if lastlog is a directory
2950AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2951AC_TRY_COMPILE([
2952#include <sys/types.h>
2953#include <utmp.h>
2954#ifdef HAVE_LASTLOG_H
2955# include <lastlog.h>
2956#endif
d7c0f3d5 2957#ifdef HAVE_PATHS_H
1d7b9b20 2958# include <paths.h>
41cb4569 2959#endif
2960#ifdef HAVE_LOGIN_H
2961# include <login.h>
1d7b9b20 2962#endif
2963 ],
2964 [ char *lastlog = LASTLOG_FILE; ],
2965 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 2966 [
2967 AC_MSG_RESULT(no)
2968 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2969 AC_TRY_COMPILE([
2970#include <sys/types.h>
2971#include <utmp.h>
2972#ifdef HAVE_LASTLOG_H
2973# include <lastlog.h>
2974#endif
2975#ifdef HAVE_PATHS_H
2976# include <paths.h>
2977#endif
2978 ],
2979 [ char *lastlog = _PATH_LASTLOG; ],
2980 [ AC_MSG_RESULT(yes) ],
2981 [
f282b668 2982 AC_MSG_RESULT(no)
d7c0f3d5 2983 system_lastlog_path=no
2984 ])
2985 ]
1d7b9b20 2986)
d7c0f3d5 2987
1d7b9b20 2988if test -z "$conf_lastlog_location"; then
2989 if test x"$system_lastlog_path" = x"no" ; then
2990 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 2991 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 2992 conf_lastlog_location=$f
2993 fi
2994 done
2995 if test -z "$conf_lastlog_location"; then
f8119cef 2996 AC_MSG_WARN([** Cannot find lastlog **])
2997 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 2998 fi
2999 fi
3000fi
3001
3002if test -n "$conf_lastlog_location"; then
3003 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
3004fi
3005
3006dnl utmp detection
3007AC_MSG_CHECKING([if your system defines UTMP_FILE])
3008AC_TRY_COMPILE([
3009#include <sys/types.h>
3010#include <utmp.h>
d7c0f3d5 3011#ifdef HAVE_PATHS_H
1d7b9b20 3012# include <paths.h>
3013#endif
3014 ],
3015 [ char *utmp = UTMP_FILE; ],
3016 [ AC_MSG_RESULT(yes) ],
3017 [ AC_MSG_RESULT(no)
3018 system_utmp_path=no ]
3019)
3020if test -z "$conf_utmp_location"; then
3021 if test x"$system_utmp_path" = x"no" ; then
3022 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3023 if test -f $f ; then
3024 conf_utmp_location=$f
3025 fi
3026 done
3027 if test -z "$conf_utmp_location"; then
3028 AC_DEFINE(DISABLE_UTMP)
3029 fi
3030 fi
3031fi
3032if test -n "$conf_utmp_location"; then
3033 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
3034fi
3035
3036dnl wtmp detection
3037AC_MSG_CHECKING([if your system defines WTMP_FILE])
3038AC_TRY_COMPILE([
3039#include <sys/types.h>
3040#include <utmp.h>
d7c0f3d5 3041#ifdef HAVE_PATHS_H
1d7b9b20 3042# include <paths.h>
3043#endif
3044 ],
3045 [ char *wtmp = WTMP_FILE; ],
3046 [ AC_MSG_RESULT(yes) ],
3047 [ AC_MSG_RESULT(no)
3048 system_wtmp_path=no ]
3049)
3050if test -z "$conf_wtmp_location"; then
3051 if test x"$system_wtmp_path" = x"no" ; then
3052 for f in /usr/adm/wtmp /var/log/wtmp; do
3053 if test -f $f ; then
3054 conf_wtmp_location=$f
3055 fi
3056 done
3057 if test -z "$conf_wtmp_location"; then
3058 AC_DEFINE(DISABLE_WTMP)
3059 fi
3060 fi
3061fi
3062if test -n "$conf_wtmp_location"; then
3063 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
3064fi
3065
3066
3067dnl utmpx detection - I don't know any system so perverse as to require
3068dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3069dnl there, though.
3070AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3071AC_TRY_COMPILE([
3072#include <sys/types.h>
3073#include <utmp.h>
3074#ifdef HAVE_UTMPX_H
3075#include <utmpx.h>
3076#endif
d7c0f3d5 3077#ifdef HAVE_PATHS_H
1d7b9b20 3078# include <paths.h>
3079#endif
3080 ],
3081 [ char *utmpx = UTMPX_FILE; ],
3082 [ AC_MSG_RESULT(yes) ],
3083 [ AC_MSG_RESULT(no)
3084 system_utmpx_path=no ]
3085)
3086if test -z "$conf_utmpx_location"; then
3087 if test x"$system_utmpx_path" = x"no" ; then
3088 AC_DEFINE(DISABLE_UTMPX)
3089 fi
3090else
3091 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
3092fi
3093
3094dnl wtmpx detection
3095AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3096AC_TRY_COMPILE([
3097#include <sys/types.h>
3098#include <utmp.h>
3099#ifdef HAVE_UTMPX_H
3100#include <utmpx.h>
3101#endif
d7c0f3d5 3102#ifdef HAVE_PATHS_H
1d7b9b20 3103# include <paths.h>
3104#endif
3105 ],
3106 [ char *wtmpx = WTMPX_FILE; ],
3107 [ AC_MSG_RESULT(yes) ],
3108 [ AC_MSG_RESULT(no)
3109 system_wtmpx_path=no ]
3110)
3111if test -z "$conf_wtmpx_location"; then
3112 if test x"$system_wtmpx_path" = x"no" ; then
3113 AC_DEFINE(DISABLE_WTMPX)
3114 fi
3115else
3116 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
3117fi
3118
b7a87eea 3119
bd499f9e 3120if test ! -z "$blibpath" ; then
68ece370 3121 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3122 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3123fi
3124
ddceb1c8 3125dnl remove pam and dl because they are in $LIBPAM
3126if test "$PAM_MSG" = yes ; then
98f2d9d5 3127 LIBS=`echo $LIBS | sed 's/-lpam //'`
3128fi
3129if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3130 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3131fi
3132
3c62e7eb 3133AC_EXEEXT
d7cfdd7c 3134AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3135 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3136AC_OUTPUT
d3083fbd 3137
cbd7492e 3138# Print summary of options
3139
cbd7492e 3140# Someone please show me a better way :)
3141A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3142B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3143C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3144D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3145E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3146F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3147G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3148H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3149I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3150J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3151
3152echo ""
26de7942 3153echo "OpenSSH has been configured with the following options:"
ecac8ee5 3154echo " User binaries: $B"
3155echo " System binaries: $C"
3156echo " Configuration files: $D"
3157echo " Askpass program: $E"
3158echo " Manual pages: $F"
3159echo " PID file: $G"
3160echo " Privilege separation chroot path: $H"
95b99395 3161if test "x$external_path_file" = "x/etc/login.conf" ; then
3162echo " At runtime, sshd will use the path defined in $external_path_file"
3163echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3164else
ecac8ee5 3165echo " sshd default user PATH: $I"
89bbd457 3166 if test ! -z "$external_path_file"; then
95b99395 3167echo " (If PATH is set in $external_path_file it will be used instead. If"
3168echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3169 fi
8d184c09 3170fi
06617857 3171if test ! -z "$superuser_path" ; then
ecac8ee5 3172echo " sshd superuser user PATH: $J"
3173fi
3174echo " Manpage format: $MANTYPE"
3e05e934 3175echo " PAM support: $PAM_MSG"
ecac8ee5 3176echo " KerberosV support: $KRB5_MSG"
3177echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3178echo " S/KEY support: $SKEY_MSG"
3179echo " TCP Wrappers support: $TCPW_MSG"
3180echo " MD5 password support: $MD5_MSG"
59031773 3181echo " libedit support: $LIBEDIT_MSG"
3deb1408 3182echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3183echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3184echo " BSD Auth support: $BSD_AUTH_MSG"
3185echo " Random number source: $RAND_MSG"
f1b0ecc3 3186if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3187echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3188fi
3189
cbd7492e 3190echo ""
3191
0c2fb82f 3192echo " Host: ${host}"
3193echo " Compiler: ${CC}"
3194echo " Compiler flags: ${CFLAGS}"
3195echo "Preprocessor flags: ${CPPFLAGS}"
3196echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3197echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3198
3199echo ""
3200
9cefe228 3201if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3202 echo "SVR4 style packages are supported with \"make package\""
3203 echo ""
9cefe228 3204fi
3205
adeebd37 3206if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3207 echo "PAM is enabled. You may need to install a PAM control file "
3208 echo "for sshd, otherwise password authentication may fail. "
aff51935 3209 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3210 echo "subdirectory"
adeebd37 3211 echo ""
3212fi
3213
f1b0ecc3 3214if test ! -z "$RAND_HELPER_CMDHASH" ; then
3215 echo "WARNING: you are using the builtin random number collection "
3216 echo "service. Please read WARNING.RNG and request that your OS "
3217 echo "vendor includes kernel-based random number collection in "
3218 echo "future versions of your OS."
2c523de9 3219 echo ""
3220fi
af774732 3221
2f6f9cff 3222if test ! -z "$NO_PEERCHECK" ; then
3223 echo "WARNING: the operating system that you are using does not "
3224 echo "appear to support either the getpeereid() API nor the "
3225 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3226 echo "enforce security checks to prevent unauthorised connections to "
3227 echo "ssh-agent. Their absence increases the risk that a malicious "
3228 echo "user can connect to your agent. "
3229 echo ""
3230fi
3231
7b578f7d 3232if test "$AUDIT_MODULE" = "bsm" ; then
3233 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3234 echo "See the Solaris section in README.platform for details."
3235fi
git-cvsimport mirror of OpenSSH
This page took 0.869861 seconds and 5 git commands to generate.