]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
trim pasto
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
0b9fdeb8 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
5fdabf45 106 esac
8a3ff1aa 107
dfafb2e1 108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
d423d822 119fi
120
0b9fdeb8 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
e6354014 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
82f4e93d 128 if test "x$withval" = "xno" ; then
e6354014 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
aa56f760 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
208 pty.h \
209 readpassphrase.h \
210 rpc/types.h \
211 security/pam_appl.h \
212 sha2.h \
213 shadow.h \
214 stddef.h \
215 stdint.h \
216 string.h \
217 strings.h \
218 sys/audit.h \
219 sys/bitypes.h \
220 sys/bsdtty.h \
221 sys/cdefs.h \
222 sys/dir.h \
223 sys/mman.h \
224 sys/ndir.h \
225 sys/prctl.h \
226 sys/pstat.h \
227 sys/select.h \
228 sys/stat.h \
229 sys/stream.h \
230 sys/stropts.h \
231 sys/strtio.h \
232 sys/sysmacros.h \
233 sys/time.h \
234 sys/timers.h \
235 sys/un.h \
236 time.h \
237 tmpdir.h \
238 ttyent.h \
239 unistd.h \
240 usersec.h \
241 util.h \
242 utime.h \
243 utmp.h \
244 utmpx.h \
245 vis.h \
246)
247
248# lastlog.h requires sys/time.h to be included first on Solaris
249AC_CHECK_HEADERS(lastlog.h, [], [], [
250#ifdef HAVE_SYS_TIME_H
251# include <sys/time.h>
252#endif
253])
254
255# sys/ptms.h requires sys/stream.h to be included first on Solaris
256AC_CHECK_HEADERS(sys/ptms.h, [], [], [
257#ifdef HAVE_SYS_STREAM_H
258# include <sys/stream.h>
259#endif
260])
261
262# login_cap.h requires sys/types.h on NetBSD
263AC_CHECK_HEADERS(login_cap.h, [], [], [
264#include <sys/types.h>
265])
266
5b84789f 267# Messages for features tested for in target-specific section
268SIA_MSG="no"
269SPC_MSG="no"
270
a0391976 271# Check for some target-specific stuff
a7effaac 272case "$host" in
9d6b1b96 273*-*-aix*)
25a2779b 274 # Some versions of VAC won't allow macro redefinitions at
275 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
276 # particularly with older versions of vac or xlc.
277 # It also throws errors about null macro argments, but these are
278 # not fatal.
279 AC_MSG_CHECKING(if compiler allows macro redefinitions)
280 AC_COMPILE_IFELSE(
281 [AC_LANG_SOURCE([[
282#define testmacro foo
283#define testmacro bar
284int main(void) { exit(0); }
285 ]])],
286 [ AC_MSG_RESULT(yes) ],
287 [ AC_MSG_RESULT(no)
288 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
289 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
290 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
291 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
292 ]
293 )
294
aff51935 295 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 296 if (test -z "$blibpath"); then
0a15d73b 297 blibpath="/usr/lib:/lib"
68ece370 298 fi
299 saved_LDFLAGS="$LDFLAGS"
e7479666 300 if test "$GCC" = "yes"; then
301 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
302 else
303 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
304 fi
305 for tryflags in $flags ;do
68ece370 306 if (test -z "$blibflags"); then
307 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
308 AC_TRY_LINK([], [], [blibflags=$tryflags])
309 fi
310 done
311 if (test -z "$blibflags"); then
312 AC_MSG_RESULT(not found)
313 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
314 else
315 AC_MSG_RESULT($blibflags)
bd499f9e 316 fi
68ece370 317 LDFLAGS="$saved_LDFLAGS"
e351e493 318 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 319 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
320 [Define if you want to enable AIX4's authenticate function])],
0764e748 321 [AC_CHECK_LIB(s,authenticate,
e351e493 322 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 323 LIBS="$LIBS -ls"
324 ])
325 ])
ba603e06 326 dnl Check for various auth function declarations in headers.
c85ed8e2 327 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 328 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 329 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 330 AC_CHECK_DECLS(loginfailed,
e351e493 331 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
332 AC_TRY_COMPILE(
f58c0e01 333 [#include <usersec.h>],
e351e493 334 [(void)loginfailed("user","host","tty",0);],
335 [AC_MSG_RESULT(yes)
3466e002 336 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
337 [Define if your AIX loginfailed() function
338 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 339 [AC_MSG_RESULT(no)]
e351e493 340 )],
341 [],
342 [#include <usersec.h>]
343 )
2aa3a16c 344 AC_CHECK_FUNCS(setauthdb)
53c337ed 345 AC_CHECK_DECL(F_CLOSEM,
795e7517 346 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 347 [],
348 [ #include <limits.h>
349 #include <fcntl.h> ]
350 )
5ccf88cb 351 check_for_aix_broken_getaddrinfo=1
3466e002 352 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
353 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
354 [Define if your platform breaks doing a seteuid before a setuid])
355 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
356 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 357 dnl AIX handles lastlog as part of its login message
3466e002 358 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
359 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
360 [Some systems need a utmpx entry for /bin/login to work])
361 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
362 [Define to a Set Process Title type if your system is
363 supported by bsd-setproctitle.c])
961c2997 364 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
365 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 366 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 367 ;;
3c62e7eb 368*-*-cygwin*)
a52997bd 369 check_for_libcrypt_later=1
04765d02 370 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 371 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
372 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
373 AC_DEFINE(DISABLE_SHADOW, 1,
374 [Define if you want to disable shadow passwords])
375 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
376 [Define if your system choked on IP TOS setting])
377 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
378 [Define if X11 doesn't support AF_UNIX sockets on that system])
379 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
380 [Define if the concept of ports only accessible to
381 superusers isn't known])
382 AC_DEFINE(DISABLE_FD_PASSING, 1,
383 [Define if your platform needs to skip post auth
384 file descriptor passing])
3c62e7eb 385 ;;
d6fdb079 386*-*-dgux*)
387 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 388 AC_DEFINE(SETEUID_BREAKS_SETUID)
389 AC_DEFINE(BROKEN_SETREUID)
390 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 391 ;;
39c98ef7 392*-*-darwin*)
33e2e066 393 AC_MSG_CHECKING(if we have working getaddrinfo)
394 AC_TRY_RUN([#include <mach-o/dyld.h>
395main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
396 exit(0);
397 else
398 exit(1);
399}], [AC_MSG_RESULT(working)],
400 [AC_MSG_RESULT(buggy)
3466e002 401 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 402 [AC_MSG_RESULT(assume it is working)])
635e0c42 403 AC_DEFINE(SETEUID_BREAKS_SETUID)
404 AC_DEFINE(BROKEN_SETREUID)
405 AC_DEFINE(BROKEN_SETREGID)
3466e002 406 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
407 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 408 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
409 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
410 [Use tunnel device compatibility to OpenBSD])
411 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
412 [Prepend the address family to IP tunnel traffic])
39c98ef7 413 ;;
36f36ba3 414*-*-dragonfly*)
415 SSHDLIBS="$SSHDLIBS -lcrypt"
416 ;;
7d458c86 417*-*-hpux*)
418 # first we define all of the options common to all HP-UX releases
b8fea62d 419 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 420 IPADDR_IN_DISPLAY=yes
2b10f47a 421 AC_DEFINE(USE_PIPES)
3466e002 422 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
423 [Define if your login program cannot handle end of options ("--")])
a2572aa7 424 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 425 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
426 [String used in /etc/passwd to denote locked account])
3a2b2b44 427 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 428 MAIL="/var/mail/username"
f75ca46d 429 LIBS="$LIBS -lsec"
7d458c86 430 AC_CHECK_LIB(xnet, t_error, ,
431 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
432
433 # next, we define all of the options specific to major releases
434 case "$host" in
435 *-*-hpux10*)
436 if test -z "$GCC"; then
437 CFLAGS="$CFLAGS -Ae"
438 fi
439 ;;
440 *-*-hpux11*)
3466e002 441 AC_DEFINE(PAM_SUN_CODEBASE, 1,
442 [Define if you are using Solaris-derived PAM which
443 passes pam_messages to the conversation function
444 with an extra level of indirection])
445 AC_DEFINE(DISABLE_UTMP, 1,
446 [Define if you don't want to use utmp])
7d458c86 447 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
448 check_for_hpux_broken_getaddrinfo=1
449 check_for_conflicting_getspnam=1
450 ;;
451 esac
452
453 # lastly, we define options specific to minor releases
454 case "$host" in
455 *-*-hpux10.26)
3466e002 456 AC_DEFINE(HAVE_SECUREWARE, 1,
457 [Define if you have SecureWare-based
458 protected password database])
7d458c86 459 disable_ptmx_check=yes
460 LIBS="$LIBS -lsecpw"
461 ;;
462 esac
2b763e31 463 ;;
d94aa2ae 464*-*-irix5*)
6ac7829a 465 PATH="$PATH:/usr/etc"
3466e002 466 AC_DEFINE(BROKEN_INET_NTOA, 1,
467 [Define if you system's inet_ntoa is busted
468 (e.g. Irix gcc issue)])
cb433561 469 AC_DEFINE(SETEUID_BREAKS_SETUID)
470 AC_DEFINE(BROKEN_SETREUID)
471 AC_DEFINE(BROKEN_SETREGID)
3466e002 472 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
473 [Define if you shouldn't strip 'tty' from your
474 ttyname in [uw]tmp])
3e6e3da0 475 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 476 ;;
477*-*-irix6*)
6ac7829a 478 PATH="$PATH:/usr/etc"
3466e002 479 AC_DEFINE(WITH_IRIX_ARRAY, 1,
480 [Define if you have/want arrays
481 (cluster-wide session managment, not C arrays)])
482 AC_DEFINE(WITH_IRIX_PROJECT, 1,
483 [Define if you want IRIX project management])
484 AC_DEFINE(WITH_IRIX_AUDIT, 1,
485 [Define if you want IRIX audit trails])
486 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
487 [Define if you want IRIX kernel jobs])])
416ed5a7 488 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 489 AC_DEFINE(SETEUID_BREAKS_SETUID)
490 AC_DEFINE(BROKEN_SETREUID)
491 AC_DEFINE(BROKEN_SETREGID)
3466e002 492 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 493 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 494 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 495 ;;
5cdfe03f 496*-*-linux*)
497 no_dev_ptmx=1
717057b6 498 check_for_libcrypt_later=1
eacb954e 499 check_for_openpty_ctty_bug=1
3466e002 500 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
501 AC_DEFINE(PAM_TTY_KLUDGE, 1,
502 [Work around problematic Linux PAM modules handling of PAM_TTY])
503 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
504 [String used in /etc/passwd to denote locked account])
3a2b2b44 505 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 506 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
507 [Define to whatever link() returns for "not supported"
508 if it doesn't return EOPNOTSUPP.])
b6610e8f 509 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 510 AC_DEFINE(USE_BTMP)
80faa19f 511 inet6_default_4in6=yes
bf7c1e6c 512 case `uname -r` in
ad84c479 513 1.*|2.0.*)
3466e002 514 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
515 [Define if cmsg_type is not passed correctly])
bf7c1e6c 516 ;;
bf7c1e6c 517 esac
c40f09ca 518 # tun(4) forwarding compat code
d91775e1 519 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 520 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 521 AC_DEFINE(SSH_TUN_LINUX, 1,
522 [Open tunnel devices the Linux tun/tap way])
523 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
524 [Use tunnel device compatibility to OpenBSD])
525 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
526 [Prepend the address family to IP tunnel traffic])
527 fi
5cdfe03f 528 ;;
66d6c27e 529mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 530 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 531 SONY=1
66d6c27e 532 ;;
d468fc76 533*-*-netbsd*)
33e2e066 534 check_for_libcrypt_before=1
82f4e93d 535 if test "x$withval" != "xno" ; then
e6354014 536 need_dash_r=1
537 fi
0f6cb079 538 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
539 AC_CHECK_HEADER([net/if_tap.h], ,
540 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
541 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
542 [Prepend the address family to IP tunnel traffic])
d468fc76 543 ;;
86b416a7 544*-*-freebsd*)
545 check_for_libcrypt_later=1
988c5031 546 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 547 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
548 AC_CHECK_HEADER([net/if_tap.h], ,
549 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 550 ;;
8707b7eb 551*-*-bsdi*)
552 AC_DEFINE(SETEUID_BREAKS_SETUID)
553 AC_DEFINE(BROKEN_SETREUID)
554 AC_DEFINE(BROKEN_SETREGID)
555 ;;
729bfe59 556*-next-*)
729bfe59 557 conf_lastlog_location="/usr/adm/lastlog"
698d107e 558 conf_utmp_location=/etc/utmp
559 conf_wtmp_location=/usr/adm/wtmp
560 MAIL=/usr/spool/mail
3466e002 561 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 562 AC_DEFINE(BROKEN_REALPATH)
00937921 563 AC_DEFINE(USE_PIPES)
3466e002 564 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 565 ;;
5b7b5e23 566*-*-openbsd*)
567 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 568 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 569 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 570 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
571 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 572 ;;
9d6b1b96 573*-*-solaris*)
82f4e93d 574 if test "x$withval" != "xno" ; then
010e9d5b 575 need_dash_r=1
576 fi
adeebd37 577 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 578 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 579 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
580 [Some versions of /bin/login need the TERM supplied
581 on the commandline])
7f0a4ff1 582 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 583 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
584 [Define if pam_chauthtok wants real uid set
585 to the unpriv'ed user])
3e6e3da0 586 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 587 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 588 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
589 [Define if sshd somehow reacquires a controlling TTY
590 after setsid()])
795aa5f5 591 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
592 in case the name is longer than 8 chars])
95b99395 593 external_path_file=/etc/default/login
1d7b9b20 594 # hardwire lastlog location (can't detect it on some versions)
595 conf_lastlog_location="/var/adm/lastlog"
32c80420 596 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
597 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
598 if test "$sol2ver" -ge 8; then
599 AC_MSG_RESULT(yes)
600 AC_DEFINE(DISABLE_UTMP)
3466e002 601 AC_DEFINE(DISABLE_WTMP, 1,
602 [Define if you don't want to use wtmp])
32c80420 603 else
604 AC_MSG_RESULT(no)
605 fi
5b84789f 606 AC_ARG_WITH(solaris-contracts,
607 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
608 [
609 AC_CHECK_LIB(contract, ct_tmpl_activate,
610 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
611 [Define if you have Solaris process contracts])
612 SSHDLIBS="$SSHDLIBS -lcontract"
613 AC_SUBST(SSHDLIBS)
614 SPC_MSG="yes" ], )
615 ],
616 )
9d6b1b96 617 ;;
a423beaf 618*-*-sunos4*)
0c2fb82f 619 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 620 AC_CHECK_FUNCS(getpwanam)
adeebd37 621 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 622 conf_utmp_location=/etc/utmp
623 conf_wtmp_location=/var/adm/wtmp
624 conf_lastlog_location=/var/adm/lastlog
137d7b6c 625 AC_DEFINE(USE_PIPES)
a423beaf 626 ;;
6f68f28a 627*-ncr-sysv*)
98a7c37b 628 LIBS="$LIBS -lc89"
29525240 629 AC_DEFINE(USE_PIPES)
eabb99c6 630 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 631 AC_DEFINE(SETEUID_BREAKS_SETUID)
632 AC_DEFINE(BROKEN_SETREUID)
633 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 634 ;;
132dd316 635*-sni-sysv*)
c8c15bcb 636 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 637 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 638 # -lresolv needs to be at the end of LIBS or DNS lookups break
639 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 640 IPADDR_IN_DISPLAY=yes
641 AC_DEFINE(USE_PIPES)
132dd316 642 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 643 AC_DEFINE(SETEUID_BREAKS_SETUID)
644 AC_DEFINE(BROKEN_SETREUID)
645 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 646 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 647 external_path_file=/etc/default/login
c8c15bcb 648 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
649 # Attention: always take care to bind libsocket and libnsl before libc,
650 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 651 ;;
79a7ba96 652# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 653*-*-sysv4.2*)
ed6553e2 654 AC_DEFINE(USE_PIPES)
7ed101c0 655 AC_DEFINE(SETEUID_BREAKS_SETUID)
656 AC_DEFINE(BROKEN_SETREUID)
657 AC_DEFINE(BROKEN_SETREGID)
46f853b9 658 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 659 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 660 ;;
79a7ba96 661# UnixWare 7.x, OpenUNIX 8
77bb0bca 662*-*-sysv5*)
d7d2cc6e 663 check_for_libcrypt_later=1
664 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 665 AC_DEFINE(USE_PIPES)
7ed101c0 666 AC_DEFINE(SETEUID_BREAKS_SETUID)
667 AC_DEFINE(BROKEN_SETREUID)
668 AC_DEFINE(BROKEN_SETREGID)
3466e002 669 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 670 case "$host" in
671 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
672 TEST_SHELL=/u95/bin/sh
3466e002 673 AC_DEFINE(BROKEN_LIBIAF, 1,
674 [ia_uinfo routines not supported by OS yet])
5cc6ddad 675 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 676 ;;
e45da4d6 677 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
678 ;;
822015dd 679 esac
77bb0bca 680 ;;
9d6b1b96 681*-*-sysv*)
9d6b1b96 682 ;;
79a7ba96 683# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 684*-*-sco3.2v4*)
11cf4f1f 685 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 686 ;;
79a7ba96 687# SCO OpenServer 5.x
77bb0bca 688*-*-sco3.2v5*)
21710e39 689 if test -z "$GCC"; then
690 CFLAGS="$CFLAGS -belf"
691 fi
ed6553e2 692 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 693 no_dev_ptmx=1
ed6553e2 694 AC_DEFINE(USE_PIPES)
6e879cb4 695 AC_DEFINE(HAVE_SECUREWARE)
d287c664 696 AC_DEFINE(DISABLE_SHADOW)
94d8258b 697 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 698 AC_DEFINE(SETEUID_BREAKS_SETUID)
699 AC_DEFINE(BROKEN_SETREUID)
700 AC_DEFINE(BROKEN_SETREGID)
bcebad47 701 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 702 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 703 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 704 AC_CHECK_FUNCS(getluid setluid)
533875af 705 MANTYPE=man
a3245b92 706 TEST_SHELL=ksh
509b1f88 707 ;;
ccbb983c 708*-*-unicosmk*)
3466e002 709 AC_DEFINE(NO_SSH_LASTLOG, 1,
710 [Define if you don't want to use lastlog in session.c])
c1ad5966 711 AC_DEFINE(SETEUID_BREAKS_SETUID)
712 AC_DEFINE(BROKEN_SETREUID)
713 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 714 AC_DEFINE(USE_PIPES)
715 AC_DEFINE(DISABLE_FD_PASSING)
716 LDFLAGS="$LDFLAGS"
717 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
718 MANTYPE=cat
d262b7f2 719 ;;
7b9a8c6e 720*-*-unicosmp*)
c1ad5966 721 AC_DEFINE(SETEUID_BREAKS_SETUID)
722 AC_DEFINE(BROKEN_SETREUID)
723 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 724 AC_DEFINE(WITH_ABBREV_NO_TTY)
725 AC_DEFINE(USE_PIPES)
726 AC_DEFINE(DISABLE_FD_PASSING)
727 LDFLAGS="$LDFLAGS"
c1ad5966 728 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 729 MANTYPE=cat
730 ;;
ca5c7d6a 731*-*-unicos*)
c1ad5966 732 AC_DEFINE(SETEUID_BREAKS_SETUID)
733 AC_DEFINE(BROKEN_SETREUID)
734 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 735 AC_DEFINE(USE_PIPES)
94d8258b 736 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 737 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 738 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
739 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
740 MANTYPE=cat
a704dd54 741 ;;
4d33e531 742*-dec-osf*)
99c8ddac 743 AC_MSG_CHECKING(for Digital Unix SIA)
744 no_osfsia=""
745 AC_ARG_WITH(osfsia,
746 [ --with-osfsia Enable Digital Unix SIA],
747 [
748 if test "x$withval" = "xno" ; then
749 AC_MSG_RESULT(disabled)
750 no_osfsia=1
751 fi
752 ],
753 )
754 if test -z "$no_osfsia" ; then
4d33e531 755 if test -f /etc/sia/matrix.conf; then
756 AC_MSG_RESULT(yes)
3466e002 757 AC_DEFINE(HAVE_OSF_SIA, 1,
758 [Define if you have Digital Unix Security
759 Integration Architecture])
760 AC_DEFINE(DISABLE_LOGIN, 1,
761 [Define if you don't want to use your
762 system's login() call])
58d0df4e 763 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 764 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 765 SIA_MSG="yes"
4d33e531 766 else
767 AC_MSG_RESULT(no)
3466e002 768 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
769 [String used in /etc/passwd to denote locked account])
4d33e531 770 fi
771 fi
a6e67b60 772 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 773 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 774 AC_DEFINE(BROKEN_SETREUID)
775 AC_DEFINE(BROKEN_SETREGID)
4d33e531 776 ;;
41cb4569 777
9c54c067 778*-*-nto-qnx*)
41cb4569 779 AC_DEFINE(USE_PIPES)
780 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 781 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
782 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
783 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 784 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 785 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 786 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 787 ;;
35fc74ed 788
789*-*-ultrix*)
3466e002 790 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
791 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 792 AC_DEFINE(NEED_SETPGRP)
b5765e1d 793 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
794 ;;
157b6700 795
796*-*-lynxos)
797 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 798 AC_DEFINE(MISSING_HOWMANY)
157b6700 799 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
800 ;;
a7effaac 801esac
802
c5829391 803AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 804AC_RUN_IFELSE(
805 [AC_LANG_SOURCE([
c5829391 806#include <stdio.h>
807int main(){exit(0);}
479cece8 808 ])],
c5829391 809 [ AC_MSG_RESULT(yes) ],
810 [
811 AC_MSG_RESULT(no)
812 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 813 ],
814 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 815)
816
b04a9f8c 817dnl Checks for header files.
a0391976 818# Checks for libraries.
98a7c37b 819AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
820AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 821
446227d6 822dnl IRIX and Solaris 2.5.1 have dirname() in libgen
823AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
824 AC_CHECK_LIB(gen, dirname,[
825 AC_CACHE_CHECK([for broken dirname],
826 ac_cv_have_broken_dirname, [
827 save_LIBS="$LIBS"
828 LIBS="$LIBS -lgen"
b0e7249f 829 AC_RUN_IFELSE(
830 [AC_LANG_SOURCE([[
446227d6 831#include <libgen.h>
832#include <string.h>
833
834int main(int argc, char **argv) {
835 char *s, buf[32];
836
837 strncpy(buf,"/etc", 32);
838 s = dirname(buf);
839 if (!s || strncmp(s, "/", 32) != 0) {
840 exit(1);
841 } else {
842 exit(0);
843 }
844}
b0e7249f 845 ]])],
846 [ ac_cv_have_broken_dirname="no" ],
847 [ ac_cv_have_broken_dirname="yes" ],
446227d6 848 [ ac_cv_have_broken_dirname="no" ],
446227d6 849 )
850 LIBS="$save_LIBS"
851 ])
852 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
853 LIBS="$LIBS -lgen"
854 AC_DEFINE(HAVE_DIRNAME)
855 AC_CHECK_HEADERS(libgen.h)
856 fi
857 ])
858])
859
860AC_CHECK_FUNC(getspnam, ,
861 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 862AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
863 [Define if you have the basename function.]))
446227d6 864
98a7c37b 865dnl zlib is required
866AC_ARG_WITH(zlib,
867 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 868 [ if test "x$withval" = "xno" ; then
869 AC_MSG_ERROR([*** zlib is required ***])
870 elif test "x$withval" != "xyes"; then
98a7c37b 871 if test -d "$withval/lib"; then
872 if test -n "${need_dash_r}"; then
5a162955 873 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 874 else
5a162955 875 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 876 fi
877 else
878 if test -n "${need_dash_r}"; then
5a162955 879 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 880 else
5a162955 881 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 882 fi
883 fi
884 if test -d "$withval/include"; then
5a162955 885 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 886 else
5a162955 887 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 888 fi
6dd05556 889 fi ]
98a7c37b 890)
891
0a15d73b 892AC_CHECK_LIB(z, deflate, ,
893 [
894 saved_CPPFLAGS="$CPPFLAGS"
895 saved_LDFLAGS="$LDFLAGS"
896 save_LIBS="$LIBS"
897 dnl Check default zlib install dir
898 if test -n "${need_dash_r}"; then
899 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
900 else
901 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
902 fi
903 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
904 LIBS="$LIBS -lz"
905 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
906 [
907 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
908 ]
909 )
910 ]
911)
4ad65809 912AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 913
914AC_ARG_WITH(zlib-version-check,
915 [ --without-zlib-version-check Disable zlib version check],
916 [ if test "x$withval" = "xno" ; then
917 zlib_check_nonfatal=1
918 fi
919 ]
920)
921
5c7fc85d 922AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 923AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 924#include <stdio.h>
4ad65809 925#include <zlib.h>
926int main()
927{
5c7fc85d 928 int a=0, b=0, c=0, d=0, n, v;
929 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
930 if (n != 3 && n != 4)
4ad65809 931 exit(1);
5c7fc85d 932 v = a*1000000 + b*10000 + c*100 + d;
933 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
934
935 /* 1.1.4 is OK */
936 if (a == 1 && b == 1 && c >= 4)
4ad65809 937 exit(0);
5c7fc85d 938
0072b59d 939 /* 1.2.3 and up are OK */
940 if (v >= 1020300)
5c7fc85d 941 exit(0);
942
4ad65809 943 exit(2);
944}
479cece8 945 ]])],
5c7fc85d 946 AC_MSG_RESULT(no),
947 [ AC_MSG_RESULT(yes)
8068d564 948 if test -z "$zlib_check_nonfatal" ; then
949 AC_MSG_ERROR([*** zlib too old - check config.log ***
950Your reported zlib version has known security problems. It's possible your
951vendor has fixed these problems without changing the version number. If you
952are sure this is the case, you can disable the check by running
953"./configure --without-zlib-version-check".
6090bcfe 954If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 955See http://www.gzip.org/zlib/ for details.])
8068d564 956 else
957 AC_MSG_WARN([zlib version may have security problems])
958 fi
1a01a50c 959 ],
960 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 961)
48e7916f 962
2c523de9 963dnl UnixWare 2.x
aff51935 964AC_CHECK_FUNC(strcasecmp,
2c523de9 965 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
966)
23361281 967AC_CHECK_FUNCS(utimes,
cda1ebcb 968 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
969 LIBS="$LIBS -lc89"]) ]
2c523de9 970)
4cca272e 971
7c6d759d 972dnl Checks for libutil functions
973AC_CHECK_HEADERS(libutil.h)
3466e002 974AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
975 [Define if your libraries define login()])])
7c6d759d 976AC_CHECK_FUNCS(logout updwtmp logwtmp)
977
a738c3b0 978AC_FUNC_STRFTIME
979
84ceda19 980# Check for ALTDIRFUNC glob() extension
981AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
982AC_EGREP_CPP(FOUNDIT,
983 [
984 #include <glob.h>
985 #ifdef GLOB_ALTDIRFUNC
986 FOUNDIT
987 #endif
aff51935 988 ],
84ceda19 989 [
3466e002 990 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
991 [Define if your system glob() function has
992 the GLOB_ALTDIRFUNC extension])
84ceda19 993 AC_MSG_RESULT(yes)
994 ],
995 [
996 AC_MSG_RESULT(no)
997 ]
998)
4cca272e 999
40849fdb 1000# Check for g.gl_matchc glob() extension
1001AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1002AC_TRY_COMPILE(
13ff27b7 1003 [ #include <glob.h> ],
1004 [glob_t g; g.gl_matchc = 1;],
aff51935 1005 [
3466e002 1006 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1007 [Define if your system glob() function has
1008 gl_matchc options in glob_t])
aff51935 1009 AC_MSG_RESULT(yes)
1010 ],
1011 [
1012 AC_MSG_RESULT(no)
1013 ]
40849fdb 1014)
1015
78888bab 1016AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1017
edbe6722 1018AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1019AC_RUN_IFELSE(
479cece8 1020 [AC_LANG_SOURCE([[
edbe6722 1021#include <sys/types.h>
1022#include <dirent.h>
aec4cb4f 1023int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1024 ]])],
aff51935 1025 [AC_MSG_RESULT(yes)],
edbe6722 1026 [
1027 AC_MSG_RESULT(no)
3466e002 1028 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1029 [Define if your struct dirent expects you to
3466e002 1030 allocate extra space for d_name])
1a01a50c 1031 ],
82f4e93d 1032 [
1a01a50c 1033 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1034 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1035 ]
1036)
1037
419e26e7 1038AC_MSG_CHECKING([for /proc/pid/fd directory])
1039if test -d "/proc/$$/fd" ; then
3466e002 1040 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1041 AC_MSG_RESULT(yes)
1042else
1043 AC_MSG_RESULT(no)
1044fi
1045
278588d8 1046# Check whether user wants S/Key support
aff51935 1047SKEY_MSG="no"
278588d8 1048AC_ARG_WITH(skey,
6ff3d0dc 1049 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1050 [
1051 if test "x$withval" != "xno" ; then
1052
1053 if test "x$withval" != "xyes" ; then
1054 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1055 LDFLAGS="$LDFLAGS -L${withval}/lib"
1056 fi
1057
3466e002 1058 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1059 LIBS="-lskey $LIBS"
aff51935 1060 SKEY_MSG="yes"
82f4e93d 1061
ddceb1c8 1062 AC_MSG_CHECKING([for s/key support])
b0e7249f 1063 AC_LINK_IFELSE(
1064 [AC_LANG_SOURCE([[
ddceb1c8 1065#include <stdio.h>
1066#include <skey.h>
aec4cb4f 1067int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1068 ]])],
ddceb1c8 1069 [AC_MSG_RESULT(yes)],
278588d8 1070 [
ddceb1c8 1071 AC_MSG_RESULT(no)
278588d8 1072 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1073 ])
141fc639 1074 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1075 AC_TRY_COMPILE(
1076 [#include <stdio.h>
1077 #include <skey.h>],
1078 [(void)skeychallenge(NULL,"name","",0);],
1079 [AC_MSG_RESULT(yes)
3466e002 1080 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1081 [Define if your skeychallenge()
1082 function takes 4 arguments (NetBSD)])],
141fc639 1083 [AC_MSG_RESULT(no)]
1084 )
278588d8 1085 fi
1086 ]
1087)
1088
1089# Check whether user wants TCP wrappers support
98a7c37b 1090TCPW_MSG="no"
278588d8 1091AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1092 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1093 [
1094 if test "x$withval" != "xno" ; then
1095 saved_LIBS="$LIBS"
98a7c37b 1096 saved_LDFLAGS="$LDFLAGS"
1097 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1098 if test -n "${withval}" && \
6cf0200f 1099 test "x${withval}" != "xyes"; then
98a7c37b 1100 if test -d "${withval}/lib"; then
1101 if test -n "${need_dash_r}"; then
5a162955 1102 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1103 else
5a162955 1104 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1105 fi
1106 else
1107 if test -n "${need_dash_r}"; then
5a162955 1108 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1109 else
5a162955 1110 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1111 fi
1112 fi
1113 if test -d "${withval}/include"; then
5a162955 1114 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1115 else
5a162955 1116 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1117 fi
98a7c37b 1118 fi
e54defb4 1119 LIBS="-lwrap $LIBS"
278588d8 1120 AC_MSG_CHECKING(for libwrap)
1121 AC_TRY_LINK(
1122 [
77f09220 1123#include <sys/types.h>
1124#include <sys/socket.h>
1125#include <netinet/in.h>
278588d8 1126#include <tcpd.h>
1127 int deny_severity = 0, allow_severity = 0;
1128 ],
1129 [hosts_access(0);],
1130 [
1131 AC_MSG_RESULT(yes)
3466e002 1132 AC_DEFINE(LIBWRAP, 1,
1133 [Define if you want
1134 TCP Wrappers support])
e54defb4 1135 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1136 TCPW_MSG="yes"
278588d8 1137 ],
1138 [
1139 AC_MSG_ERROR([*** libwrap missing])
1140 ]
1141 )
ddceb1c8 1142 LIBS="$saved_LIBS"
278588d8 1143 fi
1144 ]
1145)
1146
59031773 1147# Check whether user wants libedit support
1148LIBEDIT_MSG="no"
1149AC_ARG_WITH(libedit,
6ff3d0dc 1150 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1151 [ if test "x$withval" != "xno" ; then
737edf04 1152 if test "x$withval" != "xyes"; then
bb116c8e 1153 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1154 if test -n "${need_dash_r}"; then
1155 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1156 else
1157 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1158 fi
737edf04 1159 fi
59031773 1160 AC_CHECK_LIB(edit, el_init,
3466e002 1161 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1162 LIBEDIT="-ledit -lcurses"
1163 LIBEDIT_MSG="yes"
1164 AC_SUBST(LIBEDIT)
1165 ],
737edf04 1166 [ AC_MSG_ERROR(libedit not found) ],
1167 [ -lcurses ]
59031773 1168 )
f47ddccb 1169 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1170 AC_COMPILE_IFELSE(
1171 [AC_LANG_SOURCE([[
1172#include <histedit.h>
f47ddccb 1173int main(void)
1174{
1175 int i = H_SETSIZE;
1176 el_init("", NULL, NULL, NULL);
1177 exit(0);
1178}
d92622f9 1179 ]])],
f47ddccb 1180 [ AC_MSG_RESULT(yes) ],
1181 [ AC_MSG_RESULT(no)
1182 AC_MSG_ERROR(libedit version is not compatible) ]
1183 )
59031773 1184 fi ]
1185)
1186
7b578f7d 1187AUDIT_MODULE=none
1188AC_ARG_WITH(audit,
1189 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1190 [
1191 AC_MSG_CHECKING(for supported audit module)
1192 case "$withval" in
1193 bsm)
1194 AC_MSG_RESULT(bsm)
1195 AUDIT_MODULE=bsm
1196 dnl Checks for headers, libs and functions
1197 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1198 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1199 [
1200#ifdef HAVE_TIME_H
1201# include <time.h>
1202#endif
1203 ]
1204)
7b578f7d 1205 AC_CHECK_LIB(bsm, getaudit, [],
1206 [AC_MSG_ERROR(BSM enabled and required library not found)])
1207 AC_CHECK_FUNCS(getaudit, [],
1208 [AC_MSG_ERROR(BSM enabled and required function not found)])
1209 # These are optional
7939c496 1210 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1211 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1212 ;;
1213 debug)
1214 AUDIT_MODULE=debug
1215 AC_MSG_RESULT(debug)
3466e002 1216 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1217 ;;
a2b3321d 1218 no)
d92622f9 1219 AC_MSG_RESULT(no)
a2b3321d 1220 ;;
7b578f7d 1221 *)
1222 AC_MSG_ERROR([Unknown audit module $withval])
1223 ;;
1224 esac ]
1225)
1226
19160674 1227dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1228AC_CHECK_FUNCS( \
1229 arc4random \
9a406e1e 1230 asprintf \
b04a9f8c 1231 b64_ntop \
1232 __b64_ntop \
1233 b64_pton \
1234 __b64_pton \
1235 bcopy \
1236 bindresvport_sa \
1237 clock \
1238 closefrom \
1239 dirfd \
b04a9f8c 1240 fchmod \
1241 fchown \
1242 freeaddrinfo \
1243 futimes \
1244 getaddrinfo \
1245 getcwd \
1246 getgrouplist \
1247 getnameinfo \
1248 getopt \
1249 getpeereid \
1961d660 1250 getpeerucred \
b04a9f8c 1251 _getpty \
1252 getrlimit \
1253 getttyent \
1254 glob \
1255 inet_aton \
1256 inet_ntoa \
1257 inet_ntop \
1258 innetgr \
1259 login_getcapbool \
1260 md5_crypt \
1261 memmove \
1262 mkdtemp \
1263 mmap \
1264 ngetaddrinfo \
1265 nsleep \
1266 ogetaddrinfo \
1267 openlog_r \
1268 openpty \
1269 prctl \
1270 pstat \
1271 readpassphrase \
1272 realpath \
1273 recvmsg \
1274 rresvport_af \
1275 sendmsg \
1276 setdtablesize \
1277 setegid \
1278 setenv \
1279 seteuid \
1280 setgroups \
1281 setlogin \
1282 setpcred \
1283 setproctitle \
1284 setregid \
1285 setreuid \
1286 setrlimit \
1287 setsid \
1288 setvbuf \
1289 sigaction \
1290 sigvec \
1291 snprintf \
1292 socketpair \
1293 strdup \
1294 strerror \
1295 strlcat \
1296 strlcpy \
1297 strmode \
1298 strnvis \
1299 strtonum \
1e29a0c8 1300 strtoll \
b04a9f8c 1301 strtoul \
1302 sysconf \
1303 tcgetpgrp \
1304 truncate \
1305 unsetenv \
1306 updwtmpx \
9a406e1e 1307 vasprintf \
b04a9f8c 1308 vhangup \
1309 vsnprintf \
1310 waitpid \
19160674 1311)
98a7c37b 1312
1a086f97 1313# IRIX has a const char return value for gai_strerror()
1314AC_CHECK_FUNCS(gai_strerror,[
1315 AC_DEFINE(HAVE_GAI_STRERROR)
1316 AC_TRY_COMPILE([
1317#include <sys/types.h>
1318#include <sys/socket.h>
1319#include <netdb.h>
1320
1321const char *gai_strerror(int);],[
1322char *str;
1323
1324str = gai_strerror(0);],[
1325 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1326 [Define if gai_strerror() returns const char *])])])
1327
3466e002 1328AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1329 [Some systems put nanosleep outside of libc]))
92b1decf 1330
309709db 1331dnl Make sure prototypes are defined for these before using them.
309709db 1332AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1333AC_CHECK_DECL(strsep,
1334 [AC_CHECK_FUNCS(strsep)],
1335 [],
1336 [
1337#ifdef HAVE_STRING_H
1338# include <string.h>
1339#endif
1340 ])
08412d26 1341
3490699c 1342dnl tcsendbreak might be a macro
1343AC_CHECK_DECL(tcsendbreak,
1344 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1345 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1346 [#include <termios.h>]
1347)
1348
41e0e158 1349AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1350
71f4c727 1351AC_CHECK_DECLS(SHUT_RD, , ,
1352 [
1353#include <sys/types.h>
1354#include <sys/socket.h>
1355 ])
956d6743 1356
1357AC_CHECK_DECLS(O_NONBLOCK, , ,
1358 [
1359#include <sys/types.h>
1360#ifdef HAVE_SYS_STAT_H
1361# include <sys/stat.h>
1362#endif
1363#ifdef HAVE_FCNTL_H
1364# include <fcntl.h>
1365#endif
1366 ])
1367
752994dd 1368AC_CHECK_DECLS(writev, , , [
1369#include <sys/types.h>
1370#include <sys/uio.h>
1371#include <unistd.h>
1372 ])
1373
0bf6279d 1374AC_CHECK_DECLS(MAXSYMLINKS, , , [
1375#include <sys/param.h>
1376 ])
1377
b41ece30 1378AC_CHECK_DECLS(offsetof, , , [
1379#include <stddef.h>
1380 ])
1381
3f176010 1382AC_CHECK_FUNCS(setresuid, [
1383 dnl Some platorms have setresuid that isn't implemented, test for this
1384 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1385 AC_RUN_IFELSE(
1386 [AC_LANG_SOURCE([[
9a3fe0e2 1387#include <stdlib.h>
1388#include <errno.h>
1389int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1390 ]])],
3f176010 1391 [AC_MSG_RESULT(yes)],
3466e002 1392 [AC_DEFINE(BROKEN_SETRESUID, 1,
1393 [Define if your setresuid() is broken])
1a01a50c 1394 AC_MSG_RESULT(not implemented)],
1395 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1396 )
1397])
9a3fe0e2 1398
3f176010 1399AC_CHECK_FUNCS(setresgid, [
1400 dnl Some platorms have setresgid that isn't implemented, test for this
1401 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1402 AC_RUN_IFELSE(
1403 [AC_LANG_SOURCE([[
9a3fe0e2 1404#include <stdlib.h>
1405#include <errno.h>
1406int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1407 ]])],
3f176010 1408 [AC_MSG_RESULT(yes)],
3466e002 1409 [AC_DEFINE(BROKEN_SETRESGID, 1,
1410 [Define if your setresgid() is broken])
1a01a50c 1411 AC_MSG_RESULT(not implemented)],
1412 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1413 )
1414])
9a3fe0e2 1415
2e73a022 1416dnl Checks for time functions
1d7b9b20 1417AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1418dnl Checks for utmp functions
b03bd394 1419AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1420AC_CHECK_FUNCS(utmpname)
2e73a022 1421dnl Checks for utmpx functions
b03bd394 1422AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1423AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1424
aff51935 1425AC_CHECK_FUNC(daemon,
3466e002 1426 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1427 [AC_CHECK_LIB(bsd, daemon,
1428 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1429)
1430
aff51935 1431AC_CHECK_FUNC(getpagesize,
3466e002 1432 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1433 [Define if your libraries define getpagesize()])],
1434 [AC_CHECK_LIB(ucb, getpagesize,
1435 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1436)
1437
2647ae26 1438# Check for broken snprintf
1439if test "x$ac_cv_func_snprintf" = "xyes" ; then
1440 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1441 AC_RUN_IFELSE(
479cece8 1442 [AC_LANG_SOURCE([[
2647ae26 1443#include <stdio.h>
aec4cb4f 1444int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1445 ]])],
aff51935 1446 [AC_MSG_RESULT(yes)],
2647ae26 1447 [
1448 AC_MSG_RESULT(no)
3466e002 1449 AC_DEFINE(BROKEN_SNPRINTF, 1,
1450 [Define if your snprintf is busted])
2647ae26 1451 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1452 ],
1453 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1454 )
1455fi
1456
9a406e1e 1457# If we don't have a working asprintf, then we strongly depend on vsnprintf
1458# returning the right thing on overflow: the number of characters it tried to
1459# create (as per SUSv3)
1460if test "x$ac_cv_func_asprintf" != "xyes" && \
1461 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1462 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1463 AC_RUN_IFELSE(
1464 [AC_LANG_SOURCE([[
1465#include <sys/types.h>
1466#include <stdio.h>
1467#include <stdarg.h>
1468
1469int x_snprintf(char *str,size_t count,const char *fmt,...)
1470{
1471 size_t ret; va_list ap;
1472 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1473 return ret;
1474}
1475int main(void)
1476{
1477 char x[1];
1478 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1479} ]])],
1480 [AC_MSG_RESULT(yes)],
1481 [
1482 AC_MSG_RESULT(no)
1483 AC_DEFINE(BROKEN_SNPRINTF, 1,
1484 [Define if your snprintf is busted])
1485 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1486 ],
1487 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1488 )
1489fi
1490
31b0732a 1491# On systems where [v]snprintf is broken, but is declared in stdio,
1492# check that the fmt argument is const char * or just char *.
1493# This is only useful for when BROKEN_SNPRINTF
1494AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1495AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1496 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1497 int main(void) { snprintf(0, 0, 0); }
1498 ]])],
1499 [AC_MSG_RESULT(yes)
1500 AC_DEFINE(SNPRINTF_CONST, [const],
1501 [Define as const if snprintf() can declare const char *fmt])],
1502 [AC_MSG_RESULT(no)
1503 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1504
2f6f9cff 1505# Check for missing getpeereid (or equiv) support
1506NO_PEERCHECK=""
1961d660 1507if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1508 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1509 AC_TRY_COMPILE(
1510 [#include <sys/types.h>
1511 #include <sys/socket.h>],
1512 [int i = SO_PEERCRED;],
62eb7db4 1513 [ AC_MSG_RESULT(yes)
3466e002 1514 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1515 ],
2f6f9cff 1516 [AC_MSG_RESULT(no)
1517 NO_PEERCHECK=1]
1518 )
1519fi
1520
70e7d0b0 1521dnl see whether mkstemp() requires XXXXXX
1522if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1523AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1524AC_RUN_IFELSE(
1525 [AC_LANG_SOURCE([[
70e7d0b0 1526#include <stdlib.h>
1527main() { char template[]="conftest.mkstemp-test";
1528if (mkstemp(template) == -1)
1529 exit(1);
1530unlink(template); exit(0);
1531}
b0e7249f 1532 ]])],
70e7d0b0 1533 [
1534 AC_MSG_RESULT(no)
1535 ],
aff51935 1536 [
70e7d0b0 1537 AC_MSG_RESULT(yes)
3466e002 1538 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1539 ],
1540 [
1541 AC_MSG_RESULT(yes)
1542 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1543 ]
70e7d0b0 1544)
1545fi
1546
eacb954e 1547dnl make sure that openpty does not reacquire controlling terminal
1548if test ! -z "$check_for_openpty_ctty_bug"; then
1549 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1550 AC_RUN_IFELSE(
1551 [AC_LANG_SOURCE([[
eacb954e 1552#include <stdio.h>
1553#include <sys/fcntl.h>
1554#include <sys/types.h>
1555#include <sys/wait.h>
1556
1557int
1558main()
1559{
1560 pid_t pid;
1561 int fd, ptyfd, ttyfd, status;
1562
1563 pid = fork();
1564 if (pid < 0) { /* failed */
1565 exit(1);
1566 } else if (pid > 0) { /* parent */
1567 waitpid(pid, &status, 0);
aff51935 1568 if (WIFEXITED(status))
eacb954e 1569 exit(WEXITSTATUS(status));
1570 else
1571 exit(2);
1572 } else { /* child */
1573 close(0); close(1); close(2);
1574 setsid();
1575 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1576 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1577 if (fd >= 0)
1578 exit(3); /* Acquired ctty: broken */
1579 else
1580 exit(0); /* Did not acquire ctty: OK */
1581 }
1582}
b0e7249f 1583 ]])],
eacb954e 1584 [
1585 AC_MSG_RESULT(yes)
1586 ],
1587 [
1588 AC_MSG_RESULT(no)
1589 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1590 ],
1591 [
1592 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1593 ]
1594 )
1595fi
1596
4b492aab 1597if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1598 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1599 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1600 AC_RUN_IFELSE(
1601 [AC_LANG_SOURCE([[
2fe51906 1602#include <stdio.h>
1603#include <sys/socket.h>
1604#include <netdb.h>
1605#include <errno.h>
1606#include <netinet/in.h>
1607
1608#define TEST_PORT "2222"
1609
1610int
1611main(void)
1612{
1613 int err, sock;
1614 struct addrinfo *gai_ai, *ai, hints;
1615 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1616
1617 memset(&hints, 0, sizeof(hints));
1618 hints.ai_family = PF_UNSPEC;
1619 hints.ai_socktype = SOCK_STREAM;
1620 hints.ai_flags = AI_PASSIVE;
1621
1622 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1623 if (err != 0) {
1624 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1625 exit(1);
1626 }
1627
1628 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1629 if (ai->ai_family != AF_INET6)
1630 continue;
1631
1632 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1633 sizeof(ntop), strport, sizeof(strport),
1634 NI_NUMERICHOST|NI_NUMERICSERV);
1635
1636 if (err != 0) {
1637 if (err == EAI_SYSTEM)
1638 perror("getnameinfo EAI_SYSTEM");
1639 else
1640 fprintf(stderr, "getnameinfo failed: %s\n",
1641 gai_strerror(err));
1642 exit(2);
1643 }
1644
1645 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1646 if (sock < 0)
1647 perror("socket");
1648 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1649 if (errno == EBADF)
1650 exit(3);
1651 }
1652 }
1653 exit(0);
1654}
b0e7249f 1655 ]])],
2fe51906 1656 [
1657 AC_MSG_RESULT(yes)
1658 ],
1659 [
1660 AC_MSG_RESULT(no)
1661 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1662 ],
1663 [
1664 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1665 ]
1666 )
1667fi
1668
4b492aab 1669if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1670 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1671 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1672 AC_RUN_IFELSE(
1673 [AC_LANG_SOURCE([[
5ccf88cb 1674#include <stdio.h>
1675#include <sys/socket.h>
1676#include <netdb.h>
1677#include <errno.h>
1678#include <netinet/in.h>
1679
1680#define TEST_PORT "2222"
1681
1682int
1683main(void)
1684{
1685 int err, sock;
1686 struct addrinfo *gai_ai, *ai, hints;
1687 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1688
1689 memset(&hints, 0, sizeof(hints));
1690 hints.ai_family = PF_UNSPEC;
1691 hints.ai_socktype = SOCK_STREAM;
1692 hints.ai_flags = AI_PASSIVE;
1693
1694 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1695 if (err != 0) {
1696 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1697 exit(1);
1698 }
1699
1700 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1701 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1702 continue;
1703
1704 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1705 sizeof(ntop), strport, sizeof(strport),
1706 NI_NUMERICHOST|NI_NUMERICSERV);
1707
1708 if (ai->ai_family == AF_INET && err != 0) {
1709 perror("getnameinfo");
1710 exit(2);
1711 }
1712 }
1713 exit(0);
1714}
b0e7249f 1715 ]])],
5ccf88cb 1716 [
1717 AC_MSG_RESULT(yes)
3466e002 1718 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1719 [Define if you have a getaddrinfo that fails
1720 for the all-zeros IPv6 address])
5ccf88cb 1721 ],
1722 [
1723 AC_MSG_RESULT(no)
1724 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1725 ],
ecd9ec09 1726 [
b0e7249f 1727 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1728 ]
1729 )
1730fi
1731
b29fd59f 1732if test "x$check_for_conflicting_getspnam" = "x1"; then
1733 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1734 AC_COMPILE_IFELSE(
1735 [
1736#include <shadow.h>
1737int main(void) {exit(0);}
1738 ],
1739 [
1740 AC_MSG_RESULT(no)
1741 ],
1742 [
1743 AC_MSG_RESULT(yes)
1744 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1745 [Conflicting defs for getspnam])
1746 ]
1747 )
1748fi
1749
7f8f5e00 1750AC_FUNC_GETPGRP
1751
5b991353 1752# Search for OpenSSL
1753saved_CPPFLAGS="$CPPFLAGS"
1754saved_LDFLAGS="$LDFLAGS"
a0391976 1755AC_ARG_WITH(ssl-dir,
1756 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1757 [
e9e4a1c7 1758 if test "x$withval" != "xno" ; then
99eb0f64 1759 case "$withval" in
1760 # Relative paths
1761 ./*|../*) withval="`pwd`/$withval"
1762 esac
5b991353 1763 if test -d "$withval/lib"; then
1764 if test -n "${need_dash_r}"; then
1765 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1766 else
1767 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1768 fi
1769 else
5b991353 1770 if test -n "${need_dash_r}"; then
1771 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1772 else
1773 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1774 fi
1775 fi
5b991353 1776 if test -d "$withval/include"; then
1777 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1778 else
5b991353 1779 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1780 fi
a0391976 1781 fi
5b991353 1782 ]
1783)
5486a457 1784LIBS="-lcrypto $LIBS"
3466e002 1785AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1786 [Define if your ssl headers are included
1787 with #include <openssl/header.h>]),
d45e3d76 1788 [
5b991353 1789 dnl Check default openssl install dir
1790 if test -n "${need_dash_r}"; then
1791 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1792 else
5b991353 1793 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1794 fi
5b991353 1795 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1796 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1797 [
1798 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1799 ]
1800 )
1801 ]
1802)
1803
cd018561 1804# Determine OpenSSL header version
1805AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1806AC_RUN_IFELSE(
479cece8 1807 [AC_LANG_SOURCE([[
cd018561 1808#include <stdio.h>
1809#include <string.h>
1810#include <openssl/opensslv.h>
1811#define DATA "conftest.sslincver"
1812int main(void) {
aff51935 1813 FILE *fd;
1814 int rc;
cd018561 1815
aff51935 1816 fd = fopen(DATA,"w");
1817 if(fd == NULL)
1818 exit(1);
cd018561 1819
1820 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1821 exit(1);
1822
1823 exit(0);
1824}
479cece8 1825 ]])],
cd018561 1826 [
1827 ssl_header_ver=`cat conftest.sslincver`
1828 AC_MSG_RESULT($ssl_header_ver)
1829 ],
1830 [
1831 AC_MSG_RESULT(not found)
1832 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1833 ],
1834 [
1835 AC_MSG_WARN([cross compiling: not checking])
cd018561 1836 ]
1837)
1838
1839# Determine OpenSSL library version
1840AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1841AC_RUN_IFELSE(
479cece8 1842 [AC_LANG_SOURCE([[
cd018561 1843#include <stdio.h>
1844#include <string.h>
1845#include <openssl/opensslv.h>
1846#include <openssl/crypto.h>
1847#define DATA "conftest.ssllibver"
1848int main(void) {
aff51935 1849 FILE *fd;
1850 int rc;
cd018561 1851
aff51935 1852 fd = fopen(DATA,"w");
1853 if(fd == NULL)
1854 exit(1);
cd018561 1855
1856 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1857 exit(1);
1858
1859 exit(0);
1860}
479cece8 1861 ]])],
cd018561 1862 [
1863 ssl_library_ver=`cat conftest.ssllibver`
1864 AC_MSG_RESULT($ssl_library_ver)
1865 ],
1866 [
1867 AC_MSG_RESULT(not found)
1868 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1869 ],
1870 [
1871 AC_MSG_WARN([cross compiling: not checking])
cd018561 1872 ]
1873)
58d100bf 1874
1d42bcce 1875AC_ARG_WITH(openssl-header-check,
1876 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1877 [ if test "x$withval" = "xno" ; then
1878 openssl_check_nonfatal=1
1879 fi
1880 ]
1881)
1882
9780116c 1883# Sanity check OpenSSL headers
1884AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1885AC_RUN_IFELSE(
479cece8 1886 [AC_LANG_SOURCE([[
9780116c 1887#include <string.h>
1888#include <openssl/opensslv.h>
aec4cb4f 1889int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1890 ]])],
9780116c 1891 [
1892 AC_MSG_RESULT(yes)
1893 ],
1894 [
1895 AC_MSG_RESULT(no)
1d42bcce 1896 if test "x$openssl_check_nonfatal" = "x"; then
1897 AC_MSG_ERROR([Your OpenSSL headers do not match your
1898library. Check config.log for details.
1899If you are sure your installation is consistent, you can disable the check
1900by running "./configure --without-openssl-header-check".
1901Also see contrib/findssl.sh for help identifying header/library mismatches.
1902])
1903 else
1904 AC_MSG_WARN([Your OpenSSL headers do not match your
1905library. Check config.log for details.
e15ba28b 1906Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1907 fi
1a01a50c 1908 ],
1909 [
1910 AC_MSG_WARN([cross compiling: not checking])
9780116c 1911 ]
1912)
1913
282d6408 1914AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1915AC_LINK_IFELSE(
1916 [AC_LANG_SOURCE([[
1917#include <openssl/evp.h>
1918int main(void) { SSLeay_add_all_algorithms(); }
1919 ]])],
1920 [
1921 AC_MSG_RESULT(yes)
1922 ],
1923 [
1924 AC_MSG_RESULT(no)
1925 saved_LIBS="$LIBS"
1926 LIBS="$LIBS -ldl"
1927 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1928 AC_LINK_IFELSE(
1929 [AC_LANG_SOURCE([[
1930#include <openssl/evp.h>
1931int main(void) { SSLeay_add_all_algorithms(); }
1932 ]])],
1933 [
1934 AC_MSG_RESULT(yes)
1935 ],
1936 [
1937 AC_MSG_RESULT(no)
1938 LIBS="$saved_LIBS"
1939 ]
1940 )
1941 ]
1942)
1943
c7ad0d99 1944AC_ARG_WITH(ssl-engine,
1945 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1946 [ if test "x$withval" != "xno" ; then
1947 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1948 AC_TRY_COMPILE(
1949 [ #include <openssl/engine.h>],
1950 [
24b2647b 1951ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 1952 ],
1953 [ AC_MSG_RESULT(yes)
1954 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1955 [Enable OpenSSL engine support])
1956 ],
1957 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1958 )
1959 fi ]
1960)
1961
e5146707 1962# Check for OpenSSL without EVP_aes_{192,256}_cbc
1963AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1964AC_LINK_IFELSE(
e5146707 1965 [AC_LANG_SOURCE([[
1966#include <string.h>
1967#include <openssl/evp.h>
300ea548 1968int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1969 ]])],
1970 [
1971 AC_MSG_RESULT(no)
1972 ],
1973 [
1974 AC_MSG_RESULT(yes)
1975 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1976 [libcrypto is missing AES 192 and 256 bit functions])
1977 ]
1978)
1979
5486a457 1980# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1981# because the system crypt() is more featureful.
1982if test "x$check_for_libcrypt_before" = "x1"; then
1983 AC_CHECK_LIB(crypt, crypt)
1984fi
1985
aff51935 1986# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1987# version in OpenSSL.
05114c74 1988if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1989 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1990fi
1991
13ff27b7 1992# Search for SHA256 support in libc and/or OpenSSL
1993AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1994
a03acb8f 1995saved_LIBS="$LIBS"
1996AC_CHECK_LIB(iaf, ia_openinfo, [
1997 LIBS="$LIBS -liaf"
1998 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"])
1999])
2000LIBS="$saved_LIBS"
f1b0ecc3 2001
2002### Configure cryptographic random number support
2003
2004# Check wheter OpenSSL seeds itself
2005AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2006AC_RUN_IFELSE(
479cece8 2007 [AC_LANG_SOURCE([[
f1b0ecc3 2008#include <string.h>
2009#include <openssl/rand.h>
aec4cb4f 2010int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2011 ]])],
f1b0ecc3 2012 [
2013 OPENSSL_SEEDS_ITSELF=yes
2014 AC_MSG_RESULT(yes)
2015 ],
2016 [
2017 AC_MSG_RESULT(no)
2018 # Default to use of the rand helper if OpenSSL doesn't
2019 # seed itself
2020 USE_RAND_HELPER=yes
1a01a50c 2021 ],
2022 [
2023 AC_MSG_WARN([cross compiling: assuming yes])
2024 # This is safe, since all recent OpenSSL versions will
82f4e93d 2025 # complain at runtime if not seeded correctly.
1a01a50c 2026 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2027 ]
2028)
2029
a086f73b 2030# Check for PAM libs
2031PAM_MSG="no"
2032AC_ARG_WITH(pam,
2033 [ --with-pam Enable PAM support ],
2034 [
2035 if test "x$withval" != "xno" ; then
2036 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2037 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2038 AC_MSG_ERROR([PAM headers not found])
2039 fi
2040
2041 saved_LIBS="$LIBS"
2042 AC_CHECK_LIB(dl, dlopen, , )
2043 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2044 AC_CHECK_FUNCS(pam_getenvlist)
2045 AC_CHECK_FUNCS(pam_putenv)
2046 LIBS="$saved_LIBS"
2047
2048 PAM_MSG="yes"
2049
e54defb4 2050 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2051 AC_DEFINE(USE_PAM, 1,
2052 [Define if you want to enable PAM support])
282d6408 2053
a086f73b 2054 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2055 case "$LIBS" in
2056 *-ldl*)
2057 # libdl already in LIBS
2058 ;;
2059 *)
e54defb4 2060 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2061 ;;
2062 esac
a086f73b 2063 fi
a086f73b 2064 fi
2065 ]
2066)
2067
2068# Check for older PAM
2069if test "x$PAM_MSG" = "xyes" ; then
2070 # Check PAM strerror arguments (old PAM)
2071 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2072 AC_TRY_COMPILE(
2073 [
2074#include <stdlib.h>
2075#if defined(HAVE_SECURITY_PAM_APPL_H)
2076#include <security/pam_appl.h>
2077#elif defined (HAVE_PAM_PAM_APPL_H)
2078#include <pam/pam_appl.h>
2079#endif
2080 ],
2081 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2082 [AC_MSG_RESULT(no)],
2083 [
2084 AC_DEFINE(HAVE_OLD_PAM, 1,
2085 [Define if you have an old version of PAM
2086 which takes only one argument to pam_strerror])
2087 AC_MSG_RESULT(yes)
2088 PAM_MSG="yes (old library)"
2089 ]
2090 )
2091fi
f1b0ecc3 2092
2093# Do we want to force the use of the rand helper?
2094AC_ARG_WITH(rand-helper,
2095 [ --with-rand-helper Use subprocess to gather strong randomness ],
2096 [
2097 if test "x$withval" = "xno" ; then
aff51935 2098 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2099 # the previous test showed it to be unseeded.
2100 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2101 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2102 OPENSSL_SEEDS_ITSELF=yes
2103 USE_RAND_HELPER=""
2104 fi
2105 else
2106 USE_RAND_HELPER=yes
2107 fi
2108 ],
82f4e93d 2109)
f1b0ecc3 2110
2111# Which randomness source do we use?
4b492aab 2112if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2113 # OpenSSL only
3466e002 2114 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2115 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2116 RAND_MSG="OpenSSL internal ONLY"
2117 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2118elif test ! -z "$USE_RAND_HELPER" ; then
2119 # install rand helper
f1b0ecc3 2120 RAND_MSG="ssh-rand-helper"
2121 INSTALL_SSH_RAND_HELPER="yes"
2122fi
2123AC_SUBST(INSTALL_SSH_RAND_HELPER)
2124
2125### Configuration of ssh-rand-helper
2126
2127# PRNGD TCP socket
2128AC_ARG_WITH(prngd-port,
2129 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2130 [
eb5d7ff6 2131 case "$withval" in
2132 no)
2133 withval=""
2134 ;;
2135 [[0-9]]*)
2136 ;;
2137 *)
2138 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2139 ;;
2140 esac
2141 if test ! -z "$withval" ; then
f1b0ecc3 2142 PRNGD_PORT="$withval"
3466e002 2143 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2144 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2145 fi
2146 ]
2147)
2148
2149# PRNGD Unix domain socket
2150AC_ARG_WITH(prngd-socket,
2151 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2152 [
eb5d7ff6 2153 case "$withval" in
2154 yes)
f1b0ecc3 2155 withval="/var/run/egd-pool"
eb5d7ff6 2156 ;;
2157 no)
2158 withval=""
2159 ;;
2160 /*)
2161 ;;
2162 *)
2163 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2164 ;;
2165 esac
2166
2167 if test ! -z "$withval" ; then
f1b0ecc3 2168 if test ! -z "$PRNGD_PORT" ; then
2169 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2170 fi
906e811b 2171 if test ! -r "$withval" ; then
f1b0ecc3 2172 AC_MSG_WARN(Entropy socket is not readable)
2173 fi
2174 PRNGD_SOCKET="$withval"
3466e002 2175 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2176 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2177 fi
ddceb1c8 2178 ],
2179 [
2180 # Check for existing socket only if we don't have a random device already
2181 if test "$USE_RAND_HELPER" = yes ; then
2182 AC_MSG_CHECKING(for PRNGD/EGD socket)
2183 # Insert other locations here
2184 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2185 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2186 PRNGD_SOCKET="$sock"
2187 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2188 break;
2189 fi
2190 done
2191 if test ! -z "$PRNGD_SOCKET" ; then
2192 AC_MSG_RESULT($PRNGD_SOCKET)
2193 else
2194 AC_MSG_RESULT(not found)
2195 fi
2196 fi
f1b0ecc3 2197 ]
2198)
2199
2200# Change default command timeout for hashing entropy source
2201entropy_timeout=200
2202AC_ARG_WITH(entropy-timeout,
2203 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2204 [
6cf0200f 2205 if test -n "$withval" && test "x$withval" != "xno" && \
2206 test "x${withval}" != "xyes"; then
f1b0ecc3 2207 entropy_timeout=$withval
2208 fi
82f4e93d 2209 ]
f1b0ecc3 2210)
3466e002 2211AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2212 [Builtin PRNG command timeout])
f1b0ecc3 2213
fd3cbf67 2214SSH_PRIVSEP_USER=sshd
9a0fbcb3 2215AC_ARG_WITH(privsep-user,
5222e7ef 2216 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2217 [
6cf0200f 2218 if test -n "$withval" && test "x$withval" != "xno" && \
2219 test "x${withval}" != "xyes"; then
fd3cbf67 2220 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2221 fi
82f4e93d 2222 ]
9a0fbcb3 2223)
3466e002 2224AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2225 [non-privileged user for privilege separation])
fd3cbf67 2226AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2227
81dadca3 2228# We do this little dance with the search path to insure
2229# that programs that we select for use by installed programs
2230# (which may be run by the super-user) come from trusted
2231# locations before they come from the user's private area.
2232# This should help avoid accidentally configuring some
2233# random version of a program in someone's personal bin.
2234
2235OPATH=$PATH
2236PATH=/bin:/usr/bin
f95c8ce8 2237test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2238test -d /sbin && PATH=$PATH:/sbin
2239test -d /usr/sbin && PATH=$PATH:/usr/sbin
2240PATH=$PATH:/etc:$OPATH
2241
aff51935 2242# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2243OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2244OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2245OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2246OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2247OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2248OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2249OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2250OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2251OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2252OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2253OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2254OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2255OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2256OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2257OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2258OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2259# restore PATH
2260PATH=$OPATH
f1b0ecc3 2261
2262# Where does ssh-rand-helper get its randomness from?
2263INSTALL_SSH_PRNG_CMDS=""
2264if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2265 if test ! -z "$PRNGD_PORT" ; then
2266 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2267 elif test ! -z "$PRNGD_SOCKET" ; then
2268 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2269 else
2270 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2271 RAND_HELPER_CMDHASH=yes
2272 INSTALL_SSH_PRNG_CMDS="yes"
2273 fi
2274fi
2275AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2276
2277
66d6c27e 2278# Cheap hack to ensure NEWS-OS libraries are arranged right.
2279if test ! -z "$SONY" ; then
2280 LIBS="$LIBS -liberty";
2281fi
2282
9a406e1e 2283# Check for long long datatypes
2284AC_CHECK_TYPES([long long, unsigned long long, long double])
2285
2286# Check datatype sizes
976f7e19 2287AC_CHECK_SIZEOF(char, 1)
2b942fe0 2288AC_CHECK_SIZEOF(short int, 2)
2289AC_CHECK_SIZEOF(int, 4)
2290AC_CHECK_SIZEOF(long int, 4)
2291AC_CHECK_SIZEOF(long long int, 8)
2292
52f1ccb2 2293# Sanity check long long for some platforms (AIX)
2294if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2295 ac_cv_sizeof_long_long_int=0
2296fi
2297
90f15776 2298# compute LLONG_MIN and LLONG_MAX if we don't know them.
2299if test -z "$have_llong_max"; then
2300 AC_MSG_CHECKING([for max value of long long])
2301 AC_RUN_IFELSE(
2302 [AC_LANG_SOURCE([[
2303#include <stdio.h>
2304/* Why is this so damn hard? */
2305#ifdef __GNUC__
2306# undef __GNUC__
2307#endif
2308#define __USE_ISOC99
2309#include <limits.h>
2310#define DATA "conftest.llminmax"
055252ed 2311#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2312
2313/*
2314 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2315 * we do this the hard way.
2316 */
2317static int
2318fprint_ll(FILE *f, long long n)
2319{
2320 unsigned int i;
2321 int l[sizeof(long long) * 8];
2322
2323 if (n < 0)
2324 if (fprintf(f, "-") < 0)
2325 return -1;
2326 for (i = 0; n != 0; i++) {
2327 l[i] = my_abs(n % 10);
2328 n /= 10;
2329 }
2330 do {
2331 if (fprintf(f, "%d", l[--i]) < 0)
2332 return -1;
2333 } while (i != 0);
2334 if (fprintf(f, " ") < 0)
2335 return -1;
2336 return 0;
2337}
2338
90f15776 2339int main(void) {
2340 FILE *f;
2341 long long i, llmin, llmax = 0;
2342
2343 if((f = fopen(DATA,"w")) == NULL)
2344 exit(1);
2345
2346#if defined(LLONG_MIN) && defined(LLONG_MAX)
2347 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2348 llmin = LLONG_MIN;
2349 llmax = LLONG_MAX;
2350#else
2351 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2352 /* This will work on one's complement and two's complement */
2353 for (i = 1; i > llmax; i <<= 1, i++)
2354 llmax = i;
2355 llmin = llmax + 1LL; /* wrap */
2356#endif
2357
2358 /* Sanity check */
2359 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2360 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2361 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2362 fprintf(f, "unknown unknown\n");
2363 exit(2);
2364 }
2365
055252ed 2366 if (fprint_ll(f, llmin) < 0)
90f15776 2367 exit(3);
055252ed 2368 if (fprint_ll(f, llmax) < 0)
2369 exit(4);
2370 if (fclose(f) < 0)
2371 exit(5);
90f15776 2372 exit(0);
2373}
2374 ]])],
2375 [
2376 llong_min=`$AWK '{print $1}' conftest.llminmax`
2377 llong_max=`$AWK '{print $2}' conftest.llminmax`
2378
90f15776 2379 AC_MSG_RESULT($llong_max)
2380 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2381 [max value of long long calculated by configure])
2382 AC_MSG_CHECKING([for min value of long long])
2383 AC_MSG_RESULT($llong_min)
2384 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2385 [min value of long long calculated by configure])
2386 ],
2387 [
2388 AC_MSG_RESULT(not found)
2389 ],
2390 [
2391 AC_MSG_WARN([cross compiling: not checking])
2392 ]
2393 )
2394fi
2395
2396
a0391976 2397# More checks for data types
14a9a859 2398AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2399 AC_TRY_COMPILE(
aff51935 2400 [ #include <sys/types.h> ],
2401 [ u_int a; a = 1;],
14a9a859 2402 [ ac_cv_have_u_int="yes" ],
2403 [ ac_cv_have_u_int="no" ]
2404 )
2405])
2406if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2407 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2408 have_u_int=1
2409fi
2410
58d100bf 2411AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2412 AC_TRY_COMPILE(
aff51935 2413 [ #include <sys/types.h> ],
2414 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2415 [ ac_cv_have_intxx_t="yes" ],
2416 [ ac_cv_have_intxx_t="no" ]
2417 )
2418])
2419if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2420 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2421 have_intxx_t=1
2422fi
41cb4569 2423
2424if (test -z "$have_intxx_t" && \
aff51935 2425 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2426then
2427 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2428 AC_TRY_COMPILE(
aff51935 2429 [ #include <stdint.h> ],
2430 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2431 [
2432 AC_DEFINE(HAVE_INTXX_T)
2433 AC_MSG_RESULT(yes)
2434 ],
2435 [ AC_MSG_RESULT(no) ]
2436 )
2437fi
2438
bd590612 2439AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2440 AC_TRY_COMPILE(
1cbbe6c8 2441 [
2442#include <sys/types.h>
2443#ifdef HAVE_STDINT_H
2444# include <stdint.h>
2445#endif
2446#include <sys/socket.h>
2447#ifdef HAVE_SYS_BITYPES_H
2448# include <sys/bitypes.h>
2449#endif
aff51935 2450 ],
2451 [ int64_t a; a = 1;],
bd590612 2452 [ ac_cv_have_int64_t="yes" ],
2453 [ ac_cv_have_int64_t="no" ]
2454 )
2455])
2456if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2457 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2458fi
2459
58d100bf 2460AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2461 AC_TRY_COMPILE(
aff51935 2462 [ #include <sys/types.h> ],
2463 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2464 [ ac_cv_have_u_intxx_t="yes" ],
2465 [ ac_cv_have_u_intxx_t="no" ]
2466 )
2467])
2468if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2469 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2470 have_u_intxx_t=1
2471fi
2b942fe0 2472
41cb4569 2473if test -z "$have_u_intxx_t" ; then
2474 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2475 AC_TRY_COMPILE(
aff51935 2476 [ #include <sys/socket.h> ],
2477 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2478 [
2479 AC_DEFINE(HAVE_U_INTXX_T)
2480 AC_MSG_RESULT(yes)
2481 ],
2482 [ AC_MSG_RESULT(no) ]
2483 )
2484fi
2485
bd590612 2486AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2487 AC_TRY_COMPILE(
aff51935 2488 [ #include <sys/types.h> ],
2489 [ u_int64_t a; a = 1;],
bd590612 2490 [ ac_cv_have_u_int64_t="yes" ],
2491 [ ac_cv_have_u_int64_t="no" ]
2492 )
2493])
2494if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2495 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2496 have_u_int64_t=1
2497fi
2498
ddceb1c8 2499if test -z "$have_u_int64_t" ; then
2500 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2501 AC_TRY_COMPILE(
aff51935 2502 [ #include <sys/bitypes.h> ],
ddceb1c8 2503 [ u_int64_t a; a = 1],
2504 [
2505 AC_DEFINE(HAVE_U_INT64_T)
2506 AC_MSG_RESULT(yes)
2507 ],
2508 [ AC_MSG_RESULT(no) ]
2509 )
2510fi
2511
41cb4569 2512if test -z "$have_u_intxx_t" ; then
2513 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2514 AC_TRY_COMPILE(
2515 [
2516#include <sys/types.h>
aff51935 2517 ],
2518 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2519 [ ac_cv_have_uintxx_t="yes" ],
2520 [ ac_cv_have_uintxx_t="no" ]
2521 )
2522 ])
2523 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2524 AC_DEFINE(HAVE_UINTXX_T, 1,
2525 [define if you have uintxx_t data type])
41cb4569 2526 fi
2527fi
2528
2529if test -z "$have_uintxx_t" ; then
2530 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2531 AC_TRY_COMPILE(
aff51935 2532 [ #include <stdint.h> ],
2533 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2534 [
2535 AC_DEFINE(HAVE_UINTXX_T)
2536 AC_MSG_RESULT(yes)
2537 ],
2538 [ AC_MSG_RESULT(no) ]
2539 )
2540fi
2541
e5fe9a1f 2542if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2543 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2544then
2545 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2546 AC_TRY_COMPILE(
58d100bf 2547 [
2548#include <sys/bitypes.h>
aff51935 2549 ],
5cdfe03f 2550 [
837c30b8 2551 int8_t a; int16_t b; int32_t c;
2552 u_int8_t e; u_int16_t f; u_int32_t g;
2553 a = b = c = e = f = g = 1;
aff51935 2554 ],
5cdfe03f 2555 [
2556 AC_DEFINE(HAVE_U_INTXX_T)
2557 AC_DEFINE(HAVE_INTXX_T)
2558 AC_MSG_RESULT(yes)
2559 ],
2560 [AC_MSG_RESULT(no)]
aff51935 2561 )
5cdfe03f 2562fi
2563
0362750e 2564
2565AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2566 AC_TRY_COMPILE(
2567 [
2568#include <sys/types.h>
2569 ],
2570 [ u_char foo; foo = 125; ],
2571 [ ac_cv_have_u_char="yes" ],
2572 [ ac_cv_have_u_char="no" ]
2573 )
2574])
2575if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2576 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2577fi
2578
98a7c37b 2579TYPE_SOCKLEN_T
2b942fe0 2580
2d16d9a3 2581AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2582
777ece68 2583AC_CHECK_TYPES(in_addr_t,,,
2584[#include <sys/types.h>
2585#include <netinet/in.h>])
7b578f7d 2586
58d100bf 2587AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2588 AC_TRY_COMPILE(
2589 [
18ba2aab 2590#include <sys/types.h>
58d100bf 2591 ],
2592 [ size_t foo; foo = 1235; ],
2593 [ ac_cv_have_size_t="yes" ],
2594 [ ac_cv_have_size_t="no" ]
2595 )
2596])
2597if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2598 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2599fi
ea1970a3 2600
c04f75f1 2601AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2602 AC_TRY_COMPILE(
2603 [
2604#include <sys/types.h>
2605 ],
2606 [ ssize_t foo; foo = 1235; ],
2607 [ ac_cv_have_ssize_t="yes" ],
2608 [ ac_cv_have_ssize_t="no" ]
2609 )
2610])
2611if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2612 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2613fi
2614
f1c4659d 2615AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2616 AC_TRY_COMPILE(
2617 [
2618#include <time.h>
2619 ],
2620 [ clock_t foo; foo = 1235; ],
2621 [ ac_cv_have_clock_t="yes" ],
2622 [ ac_cv_have_clock_t="no" ]
2623 )
2624])
2625if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2626 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2627fi
2628
1c04b088 2629AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2630 AC_TRY_COMPILE(
2631 [
2632#include <sys/types.h>
2633#include <sys/socket.h>
2634 ],
2635 [ sa_family_t foo; foo = 1235; ],
2636 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2637 [ AC_TRY_COMPILE(
2638 [
2639#include <sys/types.h>
2640#include <sys/socket.h>
2641#include <netinet/in.h>
2642 ],
2643 [ sa_family_t foo; foo = 1235; ],
2644 [ ac_cv_have_sa_family_t="yes" ],
2645
1c04b088 2646 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2647 )]
1c04b088 2648 )
2649])
2650if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2651 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2652 [define if you have sa_family_t data type])
1c04b088 2653fi
2654
729bfe59 2655AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2656 AC_TRY_COMPILE(
2657 [
2658#include <sys/types.h>
2659 ],
2660 [ pid_t foo; foo = 1235; ],
2661 [ ac_cv_have_pid_t="yes" ],
2662 [ ac_cv_have_pid_t="no" ]
2663 )
2664])
2665if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2666 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2667fi
2668
2669AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2670 AC_TRY_COMPILE(
2671 [
2672#include <sys/types.h>
2673 ],
2674 [ mode_t foo; foo = 1235; ],
2675 [ ac_cv_have_mode_t="yes" ],
2676 [ ac_cv_have_mode_t="no" ]
2677 )
2678])
2679if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2680 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2681fi
2682
e3a93db0 2683
58d100bf 2684AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2685 AC_TRY_COMPILE(
2686 [
18ba2aab 2687#include <sys/types.h>
2688#include <sys/socket.h>
58d100bf 2689 ],
2690 [ struct sockaddr_storage s; ],
2691 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2692 [ ac_cv_have_struct_sockaddr_storage="no" ]
2693 )
2694])
2695if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2696 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2697 [define if you have struct sockaddr_storage data type])
58d100bf 2698fi
48e671d5 2699
58d100bf 2700AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2701 AC_TRY_COMPILE(
2702 [
cbd7492e 2703#include <sys/types.h>
58d100bf 2704#include <netinet/in.h>
2705 ],
2706 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2707 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2708 [ ac_cv_have_struct_sockaddr_in6="no" ]
2709 )
2710])
2711if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2712 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2713 [define if you have struct sockaddr_in6 data type])
58d100bf 2714fi
48e671d5 2715
58d100bf 2716AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2717 AC_TRY_COMPILE(
2718 [
cbd7492e 2719#include <sys/types.h>
58d100bf 2720#include <netinet/in.h>
2721 ],
2722 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2723 [ ac_cv_have_struct_in6_addr="yes" ],
2724 [ ac_cv_have_struct_in6_addr="no" ]
2725 )
2726])
2727if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2728 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2729 [define if you have struct in6_addr data type])
58d100bf 2730fi
48e671d5 2731
58d100bf 2732AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2733 AC_TRY_COMPILE(
2734 [
18ba2aab 2735#include <sys/types.h>
2736#include <sys/socket.h>
2737#include <netdb.h>
58d100bf 2738 ],
2739 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2740 [ ac_cv_have_struct_addrinfo="yes" ],
2741 [ ac_cv_have_struct_addrinfo="no" ]
2742 )
2743])
2744if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2745 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2746 [define if you have struct addrinfo data type])
58d100bf 2747fi
2748
89c7e31c 2749AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2750 AC_TRY_COMPILE(
aff51935 2751 [ #include <sys/time.h> ],
2752 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2753 [ ac_cv_have_struct_timeval="yes" ],
2754 [ ac_cv_have_struct_timeval="no" ]
2755 )
2756])
2757if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2758 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2759 have_struct_timeval=1
2760fi
2761
5271b55c 2762AC_CHECK_TYPES(struct timespec)
2763
85abc74b 2764# We need int64_t or else certian parts of the compile will fail.
4b492aab 2765if test "x$ac_cv_have_int64_t" = "xno" && \
2766 test "x$ac_cv_sizeof_long_int" != "x8" && \
2767 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2768 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2769 echo "an alternative compiler (I.E., GCC) before continuing."
2770 echo ""
2771 exit 1;
733cf7f4 2772else
2773dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2774 AC_RUN_IFELSE(
479cece8 2775 [AC_LANG_SOURCE([[
733cf7f4 2776#include <stdio.h>
2777#include <string.h>
2778#ifdef HAVE_SNPRINTF
2779main()
2780{
2781 char buf[50];
2782 char expected_out[50];
2783 int mazsize = 50 ;
2784#if (SIZEOF_LONG_INT == 8)
2785 long int num = 0x7fffffffffffffff;
2786#else
763a1a18 2787 long long num = 0x7fffffffffffffffll;
733cf7f4 2788#endif
2789 strcpy(expected_out, "9223372036854775807");
2790 snprintf(buf, mazsize, "%lld", num);
2791 if(strcmp(buf, expected_out) != 0)
aff51935 2792 exit(1);
733cf7f4 2793 exit(0);
2794}
2795#else
2796main() { exit(0); }
2797#endif
479cece8 2798 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2799 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2800 )
2c523de9 2801fi
2802
77bb0bca 2803dnl Checks for structure members
58d100bf 2804OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2805OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2806OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2807OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2808OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2809OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2810OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2811OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2812OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2813OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2814OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2815OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2816OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2817OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2818OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2819OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2820OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2821
2822AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2823AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2824 [Define if we don't have struct __res_state in resolv.h])],
2825[
2826#include <stdio.h>
2827#if HAVE_SYS_TYPES_H
2828# include <sys/types.h>
2829#endif
2830#include <netinet/in.h>
2831#include <arpa/nameser.h>
2832#include <resolv.h>
2833])
1d7b9b20 2834
58d100bf 2835AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2836 ac_cv_have_ss_family_in_struct_ss, [
2837 AC_TRY_COMPILE(
2838 [
18ba2aab 2839#include <sys/types.h>
2840#include <sys/socket.h>
58d100bf 2841 ],
2842 [ struct sockaddr_storage s; s.ss_family = 1; ],
2843 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2844 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2845 )
2846])
2847if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2848 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2849fi
2850
58d100bf 2851AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2852 ac_cv_have___ss_family_in_struct_ss, [
2853 AC_TRY_COMPILE(
2854 [
18ba2aab 2855#include <sys/types.h>
2856#include <sys/socket.h>
58d100bf 2857 ],
2858 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2859 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2860 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2861 )
2862])
2863if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2864 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2865 [Fields in struct sockaddr_storage])
58d100bf 2866fi
2867
2e73a022 2868AC_CACHE_CHECK([for pw_class field in struct passwd],
2869 ac_cv_have_pw_class_in_struct_passwd, [
2870 AC_TRY_COMPILE(
2871 [
2e73a022 2872#include <pwd.h>
2873 ],
97994d32 2874 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2875 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2876 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2877 )
2878])
2879if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2880 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2881 [Define if your password has a pw_class field])
2e73a022 2882fi
2883
7751d4eb 2884AC_CACHE_CHECK([for pw_expire field in struct passwd],
2885 ac_cv_have_pw_expire_in_struct_passwd, [
2886 AC_TRY_COMPILE(
2887 [
2888#include <pwd.h>
2889 ],
2890 [ struct passwd p; p.pw_expire = 0; ],
2891 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2892 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2893 )
2894])
2895if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2896 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2897 [Define if your password has a pw_expire field])
7751d4eb 2898fi
2899
2900AC_CACHE_CHECK([for pw_change field in struct passwd],
2901 ac_cv_have_pw_change_in_struct_passwd, [
2902 AC_TRY_COMPILE(
2903 [
2904#include <pwd.h>
2905 ],
2906 [ struct passwd p; p.pw_change = 0; ],
2907 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2908 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2909 )
2910])
2911if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2912 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2913 [Define if your password has a pw_change field])
7751d4eb 2914fi
58d100bf 2915
637f9177 2916dnl make sure we're using the real structure members and not defines
6f34652e 2917AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2918 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2919 AC_COMPILE_IFELSE(
6f34652e 2920 [
f95c8ce8 2921#include <sys/types.h>
6f34652e 2922#include <sys/socket.h>
2923#include <sys/uio.h>
637f9177 2924int main() {
2925#ifdef msg_accrights
1a01a50c 2926#error "msg_accrights is a macro"
637f9177 2927exit(1);
2928#endif
2929struct msghdr m;
2930m.msg_accrights = 0;
2931exit(0);
2932}
6f34652e 2933 ],
6f34652e 2934 [ ac_cv_have_accrights_in_msghdr="yes" ],
2935 [ ac_cv_have_accrights_in_msghdr="no" ]
2936 )
2937])
2938if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2939 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2940 [Define if your system uses access rights style
2941 file descriptor passing])
6f34652e 2942fi
2943
7176df4f 2944AC_CACHE_CHECK([for msg_control field in struct msghdr],
2945 ac_cv_have_control_in_msghdr, [
1a01a50c 2946 AC_COMPILE_IFELSE(
7176df4f 2947 [
f95c8ce8 2948#include <sys/types.h>
7176df4f 2949#include <sys/socket.h>
2950#include <sys/uio.h>
637f9177 2951int main() {
2952#ifdef msg_control
1a01a50c 2953#error "msg_control is a macro"
637f9177 2954exit(1);
2955#endif
2956struct msghdr m;
2957m.msg_control = 0;
2958exit(0);
2959}
7176df4f 2960 ],
7176df4f 2961 [ ac_cv_have_control_in_msghdr="yes" ],
2962 [ ac_cv_have_control_in_msghdr="no" ]
2963 )
2964])
2965if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2966 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2967 [Define if your system uses ancillary data style
2968 file descriptor passing])
7176df4f 2969fi
2970
58d100bf 2971AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2972 AC_TRY_LINK([],
2973 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2974 [ ac_cv_libc_defines___progname="yes" ],
2975 [ ac_cv_libc_defines___progname="no" ]
2976 )
2977])
2978if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2979 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2980fi
8946db53 2981
c921ee00 2982AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2983 AC_TRY_LINK([
2984#include <stdio.h>
aff51935 2985],
2986 [ printf("%s", __FUNCTION__); ],
c921ee00 2987 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2988 [ ac_cv_cc_implements___FUNCTION__="no" ]
2989 )
2990])
2991if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2992 AC_DEFINE(HAVE___FUNCTION__, 1,
2993 [Define if compiler implements __FUNCTION__])
c921ee00 2994fi
2995
2996AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2997 AC_TRY_LINK([
2998#include <stdio.h>
aff51935 2999],
3000 [ printf("%s", __func__); ],
c921ee00 3001 [ ac_cv_cc_implements___func__="yes" ],
3002 [ ac_cv_cc_implements___func__="no" ]
3003 )
3004])
3005if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3006 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3007fi
3008
9a406e1e 3009AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3010 AC_TRY_LINK(
3011 [#include <stdarg.h>
3012 va_list x,y;],
3013 [va_copy(x,y);],
3014 [ ac_cv_have_va_copy="yes" ],
3015 [ ac_cv_have_va_copy="no" ]
3016 )
3017])
3018if test "x$ac_cv_have_va_copy" = "xyes" ; then
3019 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3020fi
3021
3022AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3023 AC_TRY_LINK(
3024 [#include <stdarg.h>
3025 va_list x,y;],
3026 [__va_copy(x,y);],
3027 [ ac_cv_have___va_copy="yes" ],
3028 [ ac_cv_have___va_copy="no" ]
3029 )
3030])
3031if test "x$ac_cv_have___va_copy" = "xyes" ; then
3032 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3033fi
3034
1812a662 3035AC_CACHE_CHECK([whether getopt has optreset support],
3036 ac_cv_have_getopt_optreset, [
3037 AC_TRY_LINK(
3038 [
3039#include <getopt.h>
3040 ],
3041 [ extern int optreset; optreset = 0; ],
3042 [ ac_cv_have_getopt_optreset="yes" ],
3043 [ ac_cv_have_getopt_optreset="no" ]
3044 )
3045])
3046if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3047 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3048 [Define if your getopt(3) defines and uses optreset])
1812a662 3049fi
a0391976 3050
819b676f 3051AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3052 AC_TRY_LINK([],
3053 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3054 [ ac_cv_libc_defines_sys_errlist="yes" ],
3055 [ ac_cv_libc_defines_sys_errlist="no" ]
3056 )
3057])
3058if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3059 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3060 [Define if your system defines sys_errlist[]])
819b676f 3061fi
3062
3063
416ed5a7 3064AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3065 AC_TRY_LINK([],
3066 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3067 [ ac_cv_libc_defines_sys_nerr="yes" ],
3068 [ ac_cv_libc_defines_sys_nerr="no" ]
3069 )
3070])
3071if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3072 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3073fi
3074
aff51935 3075SCARD_MSG="no"
295c8801 3076# Check whether user wants sectok support
3077AC_ARG_WITH(sectok,
3078 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3079 [
3080 if test "x$withval" != "xno" ; then
3081 if test "x$withval" != "xyes" ; then
3082 CPPFLAGS="$CPPFLAGS -I${withval}"
3083 LDFLAGS="$LDFLAGS -L${withval}"
3084 if test ! -z "$need_dash_r" ; then
3085 LDFLAGS="$LDFLAGS -R${withval}"
3086 fi
3087 if test ! -z "$blibpath" ; then
3088 blibpath="$blibpath:${withval}"
3089 fi
3090 fi
3091 AC_CHECK_HEADERS(sectok.h)
3092 if test "$ac_cv_header_sectok_h" != yes; then
3093 AC_MSG_ERROR(Can't find sectok.h)
3094 fi
3095 AC_CHECK_LIB(sectok, sectok_open)
3096 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3097 AC_MSG_ERROR(Can't find libsectok)
3098 fi
3466e002 3099 AC_DEFINE(SMARTCARD, 1,
3100 [Define if you want smartcard support])
3101 AC_DEFINE(USE_SECTOK, 1,
3102 [Define if you want smartcard support
3103 using sectok])
aff51935 3104 SCARD_MSG="yes, using sectok"
295c8801 3105 fi
3106 ]
3107)
3108
3109# Check whether user wants OpenSC support
987b458f 3110OPENSC_CONFIG="no"
295c8801 3111AC_ARG_WITH(opensc,
e47fb473 3112 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3113 [
3114 if test "x$withval" != "xno" ; then
3115 if test "x$withval" != "xyes" ; then
3116 OPENSC_CONFIG=$withval/bin/opensc-config
3117 else
3118 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3119 fi
3120 if test "$OPENSC_CONFIG" != "no"; then
3121 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3122 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3123 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3124 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3125 AC_DEFINE(SMARTCARD)
3466e002 3126 AC_DEFINE(USE_OPENSC, 1,
3127 [Define if you want smartcard support
3128 using OpenSC])
987b458f 3129 SCARD_MSG="yes, using OpenSC"
3130 fi
3131 fi
3132 ]
3133)
d0b19c95 3134
c31dc31c 3135# Check libraries needed by DNS fingerprint support
aff51935 3136AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3137 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3138 [Define if getrrsetbyname() exists])],
3e05e934 3139 [
c31dc31c 3140 # Needed by our getrrsetbyname()
3141 AC_SEARCH_LIBS(res_query, resolv)
3142 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3143 AC_MSG_CHECKING(if res_query will link)
3144 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3145 [AC_MSG_RESULT(no)
3146 saved_LIBS="$LIBS"
3147 LIBS="$LIBS -lresolv"
3148 AC_MSG_CHECKING(for res_query in -lresolv)
3149 AC_LINK_IFELSE([
3150#include <resolv.h>
3151int main()
3152{
3153 res_query (0, 0, 0, 0, 0);
3154 return 0;
3155}
3156 ],
3157 [LIBS="$LIBS -lresolv"
3158 AC_MSG_RESULT(yes)],
3159 [LIBS="$saved_LIBS"
3160 AC_MSG_RESULT(no)])
3161 ])
c31dc31c 3162 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3163 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3164 [#include <sys/types.h>
3165 #include <arpa/nameser.h>])
c31dc31c 3166 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3167 [AC_DEFINE(HAVE_HEADER_AD, 1,
3168 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3169 [#include <arpa/nameser.h>])
3170 ])
3e05e934 3171
560acf80 3172AC_MSG_CHECKING(if struct __res_state _res is an extern)
3173AC_LINK_IFELSE([
3174#include <stdio.h>
3175#if HAVE_SYS_TYPES_H
3176# include <sys/types.h>
3177#endif
3178#include <netinet/in.h>
3179#include <arpa/nameser.h>
3180#include <resolv.h>
3181extern struct __res_state _res;
3182int main() { return 0; }
3183 ],
3184 [AC_MSG_RESULT(yes)
3185 AC_DEFINE(HAVE__RES_EXTERN, 1,
3186 [Define if you have struct __res_state _res as an extern])
3187 ],
3188 [ AC_MSG_RESULT(no) ]
3189)
3190
ef4d1846 3191# Check whether user wants SELinux support
3192SELINUX_MSG="no"
3193LIBSELINUX=""
3194AC_ARG_WITH(selinux,
3195 [ --with-selinux Enable SELinux support],
3196 [ if test "x$withval" != "xno" ; then
e54defb4 3197 save_LIBS="$LIBS"
ef4d1846 3198 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3199 SELINUX_MSG="yes"
3200 AC_CHECK_HEADER([selinux/selinux.h], ,
3201 AC_MSG_ERROR(SELinux support requires selinux.h header))
3202 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3203 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3204 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3205 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3206 LIBS="$save_LIBS"
ef4d1846 3207 fi ]
3208)
ef4d1846 3209
12928e80 3210# Check whether user wants Kerberos 5 support
aff51935 3211KRB5_MSG="no"
12928e80 3212AC_ARG_WITH(kerberos5,
aff51935 3213 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3214 [ if test "x$withval" != "xno" ; then
3215 if test "x$withval" = "xyes" ; then
3216 KRB5ROOT="/usr/local"
3217 else
3218 KRB5ROOT=${withval}
3219 fi
3220
3466e002 3221 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3222 KRB5_MSG="yes"
3223
3224 AC_MSG_CHECKING(for krb5-config)
3225 if test -x $KRB5ROOT/bin/krb5-config ; then
3226 KRB5CONF=$KRB5ROOT/bin/krb5-config
3227 AC_MSG_RESULT($KRB5CONF)
3228
3229 AC_MSG_CHECKING(for gssapi support)
3230 if $KRB5CONF | grep gssapi >/dev/null ; then
3231 AC_MSG_RESULT(yes)
3466e002 3232 AC_DEFINE(GSSAPI, 1,
3233 [Define this if you want GSSAPI
3234 support in the version 2 protocol])
071970fb 3235 k5confopts=gssapi
aff51935 3236 else
5585c441 3237 AC_MSG_RESULT(no)
071970fb 3238 k5confopts=""
aff51935 3239 fi
071970fb 3240 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3241 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3242 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3243 AC_MSG_CHECKING(whether we are using Heimdal)
3244 AC_TRY_COMPILE([ #include <krb5.h> ],
3245 [ char *tmp = heimdal_version; ],
3246 [ AC_MSG_RESULT(yes)
3466e002 3247 AC_DEFINE(HEIMDAL, 1,
3248 [Define this if you are using the
3249 Heimdal version of Kerberos V5]) ],
5585c441 3250 AC_MSG_RESULT(no)
3251 )
3252 else
3253 AC_MSG_RESULT(no)
12928e80 3254 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3255 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3256 AC_MSG_CHECKING(whether we are using Heimdal)
3257 AC_TRY_COMPILE([ #include <krb5.h> ],
3258 [ char *tmp = heimdal_version; ],
3259 [ AC_MSG_RESULT(yes)
3260 AC_DEFINE(HEIMDAL)
41707f74 3261 K5LIBS="-lkrb5 -ldes"
3262 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3263 AC_CHECK_LIB(roken, net_write,
41707f74 3264 [K5LIBS="$K5LIBS -lroken"])
aff51935 3265 ],
3266 [ AC_MSG_RESULT(no)
3267 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3268 ]
3269 )
4e00038c 3270 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3271
749560dd 3272 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3273 [ AC_DEFINE(GSSAPI)
3274 K5LIBS="-lgssapi $K5LIBS" ],
3275 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3276 [ AC_DEFINE(GSSAPI)
aff51935 3277 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3278 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3279 $K5LIBS)
3280 ],
3281 $K5LIBS)
82f4e93d 3282
749560dd 3283 AC_CHECK_HEADER(gssapi.h, ,
3284 [ unset ac_cv_header_gssapi_h
aff51935 3285 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3286 AC_CHECK_HEADERS(gssapi.h, ,
3287 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3288 )
749560dd 3289 ]
3290 )
3291
3292 oldCPP="$CPPFLAGS"
3293 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3294 AC_CHECK_HEADER(gssapi_krb5.h, ,
3295 [ CPPFLAGS="$oldCPP" ])
3296
aff51935 3297 fi
5585c441 3298 if test ! -z "$need_dash_r" ; then
3299 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3300 fi
3301 if test ! -z "$blibpath" ; then
3302 blibpath="$blibpath:${KRB5ROOT}/lib"
3303 fi
071970fb 3304
f5555364 3305 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3306 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3307 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3308
f5555364 3309 LIBS="$LIBS $K5LIBS"
3466e002 3310 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3311 [Define this if you want to use libkafs' AFS support]))
f5555364 3312 fi
071970fb 3313 ]
12928e80 3314)
b5b68128 3315
a0391976 3316# Looking for programs, paths and files
a0391976 3317
ecac8ee5 3318PRIVSEP_PATH=/var/empty
3319AC_ARG_WITH(privsep-path,
cda1ebcb 3320 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3321 [
6cf0200f 3322 if test -n "$withval" && test "x$withval" != "xno" && \
3323 test "x${withval}" != "xyes"; then
ecac8ee5 3324 PRIVSEP_PATH=$withval
3325 fi
3326 ]
3327)
3328AC_SUBST(PRIVSEP_PATH)
3329
a0391976 3330AC_ARG_WITH(xauth,
3331 [ --with-xauth=PATH Specify path to xauth program ],
3332 [
6cf0200f 3333 if test -n "$withval" && test "x$withval" != "xno" && \
3334 test "x${withval}" != "xyes"; then
cbd7492e 3335 xauth_path=$withval
a0391976 3336 fi
3337 ],
3338 [
2bf42e4a 3339 TestPath="$PATH"
3340 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3341 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3342 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3343 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3344 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3345 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3346 xauth_path="/usr/openwin/bin/xauth"
3347 fi
3348 ]
3349)
3350
65a4b4af 3351STRIP_OPT=-s
3352AC_ARG_ENABLE(strip,
3353 [ --disable-strip Disable calling strip(1) on install],
3354 [
3355 if test "x$enableval" = "xno" ; then
3356 STRIP_OPT=
3357 fi
3358 ]
3359)
3360AC_SUBST(STRIP_OPT)
3361
b3ec54b4 3362if test -z "$xauth_path" ; then
3363 XAUTH_PATH="undefined"
3364 AC_SUBST(XAUTH_PATH)
3365else
3466e002 3366 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3367 [Define if xauth is found in your path])
b3ec54b4 3368 XAUTH_PATH=$xauth_path
3369 AC_SUBST(XAUTH_PATH)
a0391976 3370fi
a0391976 3371
3372# Check for mail directory (last resort if we cannot get it from headers)
3373if test ! -z "$MAIL" ; then
3374 maildir=`dirname $MAIL`
3466e002 3375 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3376 [Set this to your mail directory if you don't have maillock.h])
a0391976 3377fi
3378
479cece8 3379if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3380 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3381 disable_ptmx_check=yes
3382fi
a0391976 3383if test -z "$no_dev_ptmx" ; then
6e879cb4 3384 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3385 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3386 [
3466e002 3387 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3388 [Define if you have /dev/ptmx])
6e879cb4 3389 have_dev_ptmx=1
3390 ]
3391 )
3392 fi
3276571c 3393fi
1a01a50c 3394
479cece8 3395if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3396 AC_CHECK_FILE("/dev/ptc",
3397 [
3466e002 3398 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3399 [Define if you have /dev/ptc])
1a01a50c 3400 have_dev_ptc=1
3401 ]
3402 )
3403else
3404 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3405fi
3276571c 3406
a0391976 3407# Options from here on. Some of these are preset by platform above
fdf6b7aa 3408AC_ARG_WITH(mantype,
5d97cfbf 3409 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3410 [
5d97cfbf 3411 case "$withval" in
3412 man|cat|doc)
3413 MANTYPE=$withval
3414 ;;
3415 *)
3416 AC_MSG_ERROR(invalid man type: $withval)
3417 ;;
3418 esac
c54a6257 3419 ]
3420)
e0c4d3ac 3421if test -z "$MANTYPE"; then
2bf42e4a 3422 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3423 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3424 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3425 MANTYPE=doc
3426 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3427 MANTYPE=man
3428 else
3429 MANTYPE=cat
3430 fi
3431fi
c54a6257 3432AC_SUBST(MANTYPE)
e0c4d3ac 3433if test "$MANTYPE" = "doc"; then
3434 mansubdir=man;
3435else
3436 mansubdir=$MANTYPE;
3437fi
3438AC_SUBST(mansubdir)
0bc5b6fb 3439
a0391976 3440# Check whether to enable MD5 passwords
aff51935 3441MD5_MSG="no"
2ddcfdf3 3442AC_ARG_WITH(md5-passwords,
caf3bc51 3443 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3444 [
bcf36c78 3445 if test "x$withval" != "xno" ; then
3466e002 3446 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3447 [Define if you want to allow MD5 passwords])
aff51935 3448 MD5_MSG="yes"
0bc5b6fb 3449 fi
3450 ]
caf3bc51 3451)
3452
a0391976 3453# Whether to disable shadow password support
a7effaac 3454AC_ARG_WITH(shadow,
3455 [ --without-shadow Disable shadow password support],
3456 [
82f4e93d 3457 if test "x$withval" = "xno" ; then
a7effaac 3458 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3459 disable_shadow=yes
a7effaac 3460 fi
3461 ]
3462)
3463
4cb5ffa0 3464if test -z "$disable_shadow" ; then
3465 AC_MSG_CHECKING([if the systems has expire shadow information])
3466 AC_TRY_COMPILE(
3467 [
3468#include <sys/types.h>
3469#include <shadow.h>
3470 struct spwd sp;
3471 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3472 [ sp_expire_available=yes ], []
3473 )
3474
3475 if test "x$sp_expire_available" = "xyes" ; then
3476 AC_MSG_RESULT(yes)
3466e002 3477 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3478 [Define if you want to use shadow password expire field])
4cb5ffa0 3479 else
3480 AC_MSG_RESULT(no)
3481 fi
3482fi
3483
a0391976 3484# Use ip address instead of hostname in $DISPLAY
44839801 3485if test ! -z "$IPADDR_IN_DISPLAY" ; then
3486 DISPLAY_HACK_MSG="yes"
3466e002 3487 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3488 [Define if you need to use IP address
3489 instead of hostname in $DISPLAY])
44839801 3490else
aff51935 3491 DISPLAY_HACK_MSG="no"
44839801 3492 AC_ARG_WITH(ipaddr-display,
3493 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3494 [
82f4e93d 3495 if test "x$withval" != "xno" ; then
44839801 3496 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3497 DISPLAY_HACK_MSG="yes"
44839801 3498 fi
3499 ]
3500 )
3501fi
a7effaac 3502
95b99395 3503# check for /etc/default/login and use it if present.
daa41e62 3504AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3505 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3506 [ if test "x$enableval" = "xno"; then
3507 AC_MSG_NOTICE([/etc/default/login handling disabled])
3508 etc_default_login=no
3509 else
3510 etc_default_login=yes
3511 fi ],
b0e7249f 3512 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3513 then
3514 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3515 etc_default_login=no
3516 else
3517 etc_default_login=yes
3518 fi ]
694d0cef 3519)
95b99395 3520
694d0cef 3521if test "x$etc_default_login" != "xno"; then
3522 AC_CHECK_FILE("/etc/default/login",
3523 [ external_path_file=/etc/default/login ])
b0e7249f 3524 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3525 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3526 [Define if your system has /etc/default/login])
1a01a50c 3527 fi
694d0cef 3528fi
95b99395 3529
8d184c09 3530dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3531if test $ac_cv_func_login_getcapbool = "yes" && \
3532 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3533 external_path_file=/etc/login.conf
8d184c09 3534fi
95b99395 3535
a0391976 3536# Whether to mess with the default path
aff51935 3537SERVER_PATH_MSG="(default)"
c43d69a9 3538AC_ARG_WITH(default-path,
75817f90 3539 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3540 [
95b99395 3541 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3542 AC_MSG_WARN([
3543--with-default-path=PATH has no effect on this system.
3544Edit /etc/login.conf instead.])
82f4e93d 3545 elif test "x$withval" != "xno" ; then
89bbd457 3546 if test ! -z "$external_path_file" ; then
95b99395 3547 AC_MSG_WARN([
3548--with-default-path=PATH will only be used if PATH is not defined in
3549$external_path_file .])
3550 fi
b2d818e6 3551 user_path="$withval"
aff51935 3552 SERVER_PATH_MSG="$withval"
cb807f40 3553 fi
b2d818e6 3554 ],
95b99395 3555 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3556 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3557 else
89bbd457 3558 if test ! -z "$external_path_file" ; then
95b99395 3559 AC_MSG_WARN([
3560If PATH is defined in $external_path_file, ensure the path to scp is included,
3561otherwise scp will not work.])
3562 fi
b0e7249f 3563 AC_RUN_IFELSE(
3564 [AC_LANG_SOURCE([[
b2d818e6 3565/* find out what STDPATH is */
3566#include <stdio.h>
b2d818e6 3567#ifdef HAVE_PATHS_H
3568# include <paths.h>
3569#endif
3570#ifndef _PATH_STDPATH
d9a4e55b 3571# ifdef _PATH_USERPATH /* Irix */
3572# define _PATH_STDPATH _PATH_USERPATH
3573# else
3574# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3575# endif
b2d818e6 3576#endif
3577#include <sys/types.h>
3578#include <sys/stat.h>
3579#include <fcntl.h>
3580#define DATA "conftest.stdpath"
3581
3582main()
3583{
3584 FILE *fd;
3585 int rc;
82f4e93d 3586
b2d818e6 3587 fd = fopen(DATA,"w");
3588 if(fd == NULL)
3589 exit(1);
82f4e93d 3590
b2d818e6 3591 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3592 exit(1);
3593
3594 exit(0);
3595}
b0e7249f 3596 ]])],
3597 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3598 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3599 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3600 )
3601# make sure $bindir is in USER_PATH so scp will work
3602 t_bindir=`eval echo ${bindir}`
3603 case $t_bindir in
3604 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3605 esac
3606 case $t_bindir in
3607 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3608 esac
3609 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3610 if test $? -ne 0 ; then
3611 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3612 if test $? -ne 0 ; then
3613 user_path=$user_path:$t_bindir
3614 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3615 fi
3616 fi
8d184c09 3617 fi ]
cb807f40 3618)
95b99395 3619if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3620 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3621 AC_SUBST(user_path)
3622fi
cb807f40 3623
06617857 3624# Set superuser path separately to user path
06617857 3625AC_ARG_WITH(superuser-path,
3626 [ --with-superuser-path= Specify different path for super-user],
3627 [
6cf0200f 3628 if test -n "$withval" && test "x$withval" != "xno" && \
3629 test "x${withval}" != "xyes"; then
3466e002 3630 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3631 [Define if you want a different $PATH
3632 for the superuser])
06617857 3633 superuser_path=$withval
3634 fi
3635 ]
3636)
3637
3638
58d100bf 3639AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3640IPV4_IN6_HACK_MSG="no"
80faa19f 3641AC_ARG_WITH(4in6,
3642 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3643 [
3644 if test "x$withval" != "xno" ; then
3645 AC_MSG_RESULT(yes)
3466e002 3646 AC_DEFINE(IPV4_IN_IPV6, 1,
3647 [Detect IPv4 in IPv6 mapped addresses
3648 and treat as IPv4])
aff51935 3649 IPV4_IN6_HACK_MSG="yes"
80faa19f 3650 else
3651 AC_MSG_RESULT(no)
3652 fi
3653 ],[
3654 if test "x$inet6_default_4in6" = "xyes"; then
3655 AC_MSG_RESULT([yes (default)])
3656 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3657 IPV4_IN6_HACK_MSG="yes"
80faa19f 3658 else
3659 AC_MSG_RESULT([no (default)])
3660 fi
3661 ]
3662)
3663
af774732 3664# Whether to enable BSD auth support
f1b0ecc3 3665BSD_AUTH_MSG=no
af774732 3666AC_ARG_WITH(bsd-auth,
3667 [ --with-bsd-auth Enable BSD auth support],
3668 [
82f4e93d 3669 if test "x$withval" != "xno" ; then
3466e002 3670 AC_DEFINE(BSD_AUTH, 1,
3671 [Define if you have BSD auth support])
f1b0ecc3 3672 BSD_AUTH_MSG=yes
af774732 3673 fi
3674 ]
3675)
3676
a0391976 3677# Where to place sshd.pid
19d9ac2a 3678piddir=/var/run
81dadca3 3679# make sure the directory exists
82f4e93d 3680if test ! -d $piddir ; then
81dadca3 3681 piddir=`eval echo ${sysconfdir}`
3682 case $piddir in
aff51935 3683 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3684 esac
3685fi
3686
47e45e44 3687AC_ARG_WITH(pid-dir,
3688 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3689 [
6cf0200f 3690 if test -n "$withval" && test "x$withval" != "xno" && \
3691 test "x${withval}" != "xyes"; then
19d9ac2a 3692 piddir=$withval
82f4e93d 3693 if test ! -d $piddir ; then
81dadca3 3694 AC_MSG_WARN([** no $piddir directory on this system **])
3695 fi
47e45e44 3696 fi
3697 ]
3698)
b7a87eea 3699
3466e002 3700AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3701AC_SUBST(piddir)
47e45e44 3702
1d7b9b20 3703dnl allow user to disable some login recording features
3704AC_ARG_ENABLE(lastlog,
bfd550a2 3705 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3706 [
3707 if test "x$enableval" = "xno" ; then
3708 AC_DEFINE(DISABLE_LASTLOG)
3709 fi
3710 ]
1d7b9b20 3711)
3712AC_ARG_ENABLE(utmp,
bfd550a2 3713 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3714 [
3715 if test "x$enableval" = "xno" ; then
3716 AC_DEFINE(DISABLE_UTMP)
3717 fi
3718 ]
1d7b9b20 3719)
3720AC_ARG_ENABLE(utmpx,
bfd550a2 3721 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3722 [
3723 if test "x$enableval" = "xno" ; then
3466e002 3724 AC_DEFINE(DISABLE_UTMPX, 1,
3725 [Define if you don't want to use utmpx])
ddb154b3 3726 fi
3727 ]
1d7b9b20 3728)
3729AC_ARG_ENABLE(wtmp,
bfd550a2 3730 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3731 [
3732 if test "x$enableval" = "xno" ; then
3733 AC_DEFINE(DISABLE_WTMP)
3734 fi
3735 ]
1d7b9b20 3736)
3737AC_ARG_ENABLE(wtmpx,
bfd550a2 3738 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3739 [
3740 if test "x$enableval" = "xno" ; then
3466e002 3741 AC_DEFINE(DISABLE_WTMPX, 1,
3742 [Define if you don't want to use wtmpx])
ddb154b3 3743 fi
3744 ]
1d7b9b20 3745)
3746AC_ARG_ENABLE(libutil,
bfd550a2 3747 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3748 [
3749 if test "x$enableval" = "xno" ; then
3750 AC_DEFINE(DISABLE_LOGIN)
3751 fi
3752 ]
1d7b9b20 3753)
3754AC_ARG_ENABLE(pututline,
bfd550a2 3755 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3756 [
3757 if test "x$enableval" = "xno" ; then
3466e002 3758 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3759 [Define if you don't want to use pututline()
3760 etc. to write [uw]tmp])
ddb154b3 3761 fi
3762 ]
1d7b9b20 3763)
3764AC_ARG_ENABLE(pututxline,
bfd550a2 3765 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3766 [
3767 if test "x$enableval" = "xno" ; then
3466e002 3768 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3769 [Define if you don't want to use pututxline()
3770 etc. to write [uw]tmpx])
ddb154b3 3771 fi
3772 ]
1d7b9b20 3773)
3774AC_ARG_WITH(lastlog,
bfd550a2 3775 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3776 [
82f4e93d 3777 if test "x$withval" = "xno" ; then
8c89dd2b 3778 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3779 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3780 conf_lastlog_location=$withval
3781 fi
3782 ]
3783)
1d7b9b20 3784
3785dnl lastlog, [uw]tmpx? detection
3786dnl NOTE: set the paths in the platform section to avoid the
3787dnl need for command-line parameters
3788dnl lastlog and [uw]tmp are subject to a file search if all else fails
3789
3790dnl lastlog detection
3791dnl NOTE: the code itself will detect if lastlog is a directory
3792AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3793AC_TRY_COMPILE([
3794#include <sys/types.h>
3795#include <utmp.h>
3796#ifdef HAVE_LASTLOG_H
3797# include <lastlog.h>
3798#endif
d7c0f3d5 3799#ifdef HAVE_PATHS_H
1d7b9b20 3800# include <paths.h>
41cb4569 3801#endif
3802#ifdef HAVE_LOGIN_H
3803# include <login.h>
1d7b9b20 3804#endif
3805 ],
3806 [ char *lastlog = LASTLOG_FILE; ],
3807 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3808 [
3809 AC_MSG_RESULT(no)
3810 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3811 AC_TRY_COMPILE([
3812#include <sys/types.h>
3813#include <utmp.h>
3814#ifdef HAVE_LASTLOG_H
3815# include <lastlog.h>
3816#endif
3817#ifdef HAVE_PATHS_H
3818# include <paths.h>
3819#endif
3820 ],
3821 [ char *lastlog = _PATH_LASTLOG; ],
3822 [ AC_MSG_RESULT(yes) ],
3823 [
f282b668 3824 AC_MSG_RESULT(no)
d7c0f3d5 3825 system_lastlog_path=no
3826 ])
3827 ]
1d7b9b20 3828)
d7c0f3d5 3829
1d7b9b20 3830if test -z "$conf_lastlog_location"; then
3831 if test x"$system_lastlog_path" = x"no" ; then
3832 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3833 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3834 conf_lastlog_location=$f
3835 fi
3836 done
3837 if test -z "$conf_lastlog_location"; then
f8119cef 3838 AC_MSG_WARN([** Cannot find lastlog **])
3839 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3840 fi
3841 fi
3842fi
3843
3844if test -n "$conf_lastlog_location"; then
3466e002 3845 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3846 [Define if you want to specify the path to your lastlog file])
82f4e93d 3847fi
1d7b9b20 3848
3849dnl utmp detection
3850AC_MSG_CHECKING([if your system defines UTMP_FILE])
3851AC_TRY_COMPILE([
3852#include <sys/types.h>
3853#include <utmp.h>
d7c0f3d5 3854#ifdef HAVE_PATHS_H
1d7b9b20 3855# include <paths.h>
3856#endif
3857 ],
3858 [ char *utmp = UTMP_FILE; ],
3859 [ AC_MSG_RESULT(yes) ],
3860 [ AC_MSG_RESULT(no)
3861 system_utmp_path=no ]
3862)
3863if test -z "$conf_utmp_location"; then
3864 if test x"$system_utmp_path" = x"no" ; then
3865 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3866 if test -f $f ; then
3867 conf_utmp_location=$f
3868 fi
3869 done
3870 if test -z "$conf_utmp_location"; then
3871 AC_DEFINE(DISABLE_UTMP)
3872 fi
3873 fi
3874fi
3875if test -n "$conf_utmp_location"; then
3466e002 3876 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3877 [Define if you want to specify the path to your utmp file])
82f4e93d 3878fi
1d7b9b20 3879
3880dnl wtmp detection
3881AC_MSG_CHECKING([if your system defines WTMP_FILE])
3882AC_TRY_COMPILE([
3883#include <sys/types.h>
3884#include <utmp.h>
d7c0f3d5 3885#ifdef HAVE_PATHS_H
1d7b9b20 3886# include <paths.h>
3887#endif
3888 ],
3889 [ char *wtmp = WTMP_FILE; ],
3890 [ AC_MSG_RESULT(yes) ],
3891 [ AC_MSG_RESULT(no)
3892 system_wtmp_path=no ]
3893)
3894if test -z "$conf_wtmp_location"; then
3895 if test x"$system_wtmp_path" = x"no" ; then
3896 for f in /usr/adm/wtmp /var/log/wtmp; do
3897 if test -f $f ; then
3898 conf_wtmp_location=$f
3899 fi
3900 done
3901 if test -z "$conf_wtmp_location"; then
3902 AC_DEFINE(DISABLE_WTMP)
3903 fi
3904 fi
3905fi
3906if test -n "$conf_wtmp_location"; then
3466e002 3907 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3908 [Define if you want to specify the path to your wtmp file])
82f4e93d 3909fi
1d7b9b20 3910
3911
3912dnl utmpx detection - I don't know any system so perverse as to require
3913dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3914dnl there, though.
3915AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3916AC_TRY_COMPILE([
3917#include <sys/types.h>
3918#include <utmp.h>
3919#ifdef HAVE_UTMPX_H
3920#include <utmpx.h>
3921#endif
d7c0f3d5 3922#ifdef HAVE_PATHS_H
1d7b9b20 3923# include <paths.h>
3924#endif
3925 ],
3926 [ char *utmpx = UTMPX_FILE; ],
3927 [ AC_MSG_RESULT(yes) ],
3928 [ AC_MSG_RESULT(no)
3929 system_utmpx_path=no ]
3930)
3931if test -z "$conf_utmpx_location"; then
3932 if test x"$system_utmpx_path" = x"no" ; then
3933 AC_DEFINE(DISABLE_UTMPX)
3934 fi
3935else
3466e002 3936 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3937 [Define if you want to specify the path to your utmpx file])
82f4e93d 3938fi
1d7b9b20 3939
3940dnl wtmpx detection
3941AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3942AC_TRY_COMPILE([
3943#include <sys/types.h>
3944#include <utmp.h>
3945#ifdef HAVE_UTMPX_H
3946#include <utmpx.h>
3947#endif
d7c0f3d5 3948#ifdef HAVE_PATHS_H
1d7b9b20 3949# include <paths.h>
3950#endif
3951 ],
3952 [ char *wtmpx = WTMPX_FILE; ],
3953 [ AC_MSG_RESULT(yes) ],
3954 [ AC_MSG_RESULT(no)
3955 system_wtmpx_path=no ]
3956)
3957if test -z "$conf_wtmpx_location"; then
3958 if test x"$system_wtmpx_path" = x"no" ; then
3959 AC_DEFINE(DISABLE_WTMPX)
3960 fi
3961else
3466e002 3962 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3963 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3964fi
1d7b9b20 3965
b7a87eea 3966
bd499f9e 3967if test ! -z "$blibpath" ; then
68ece370 3968 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3969 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3970fi
3971
ed89c848 3972dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3973dnl Add now.
3974CFLAGS="$CFLAGS $werror_flags"
3975
3c62e7eb 3976AC_EXEEXT
29eadd7c 3977AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
3978 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
3979 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3980AC_OUTPUT
d3083fbd 3981
cbd7492e 3982# Print summary of options
3983
cbd7492e 3984# Someone please show me a better way :)
3985A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3986B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3987C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3988D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3989E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3990F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3991G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3992H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3993I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3994J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3995
3996echo ""
26de7942 3997echo "OpenSSH has been configured with the following options:"
ecac8ee5 3998echo " User binaries: $B"
3999echo " System binaries: $C"
4000echo " Configuration files: $D"
4001echo " Askpass program: $E"
4002echo " Manual pages: $F"
4003echo " PID file: $G"
4004echo " Privilege separation chroot path: $H"
95b99395 4005if test "x$external_path_file" = "x/etc/login.conf" ; then
4006echo " At runtime, sshd will use the path defined in $external_path_file"
4007echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4008else
ecac8ee5 4009echo " sshd default user PATH: $I"
89bbd457 4010 if test ! -z "$external_path_file"; then
95b99395 4011echo " (If PATH is set in $external_path_file it will be used instead. If"
4012echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4013 fi
8d184c09 4014fi
06617857 4015if test ! -z "$superuser_path" ; then
ecac8ee5 4016echo " sshd superuser user PATH: $J"
4017fi
4018echo " Manpage format: $MANTYPE"
3e05e934 4019echo " PAM support: $PAM_MSG"
5b84789f 4020echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4021echo " KerberosV support: $KRB5_MSG"
ef4d1846 4022echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4023echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4024echo " S/KEY support: $SKEY_MSG"
4025echo " TCP Wrappers support: $TCPW_MSG"
4026echo " MD5 password support: $MD5_MSG"
59031773 4027echo " libedit support: $LIBEDIT_MSG"
5b84789f 4028echo " Solaris process contract support: $SPC_MSG"
3deb1408 4029echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4030echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4031echo " BSD Auth support: $BSD_AUTH_MSG"
4032echo " Random number source: $RAND_MSG"
f1b0ecc3 4033if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4034echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4035fi
4036
cbd7492e 4037echo ""
4038
0c2fb82f 4039echo " Host: ${host}"
4040echo " Compiler: ${CC}"
4041echo " Compiler flags: ${CFLAGS}"
4042echo "Preprocessor flags: ${CPPFLAGS}"
4043echo " Linker flags: ${LDFLAGS}"
e54defb4 4044echo " Libraries: ${LIBS}"
4045if test ! -z "${SSHDLIBS}"; then
4046echo " +for sshd: ${SSHDLIBS}"
4047fi
cbd7492e 4048
4049echo ""
4050
9cefe228 4051if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4052 echo "SVR4 style packages are supported with \"make package\""
4053 echo ""
9cefe228 4054fi
4055
adeebd37 4056if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4057 echo "PAM is enabled. You may need to install a PAM control file "
4058 echo "for sshd, otherwise password authentication may fail. "
aff51935 4059 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4060 echo "subdirectory"
adeebd37 4061 echo ""
4062fi
4063
f1b0ecc3 4064if test ! -z "$RAND_HELPER_CMDHASH" ; then
4065 echo "WARNING: you are using the builtin random number collection "
4066 echo "service. Please read WARNING.RNG and request that your OS "
4067 echo "vendor includes kernel-based random number collection in "
4068 echo "future versions of your OS."
2c523de9 4069 echo ""
4070fi
af774732 4071
2f6f9cff 4072if test ! -z "$NO_PEERCHECK" ; then
1961d660 4073 echo "WARNING: the operating system that you are using does not"
4074 echo "appear to support getpeereid(), getpeerucred() or the"
4075 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4076 echo "enforce security checks to prevent unauthorised connections to"
4077 echo "ssh-agent. Their absence increases the risk that a malicious"
4078 echo "user can connect to your agent."
2f6f9cff 4079 echo ""
4080fi
4081
7b578f7d 4082if test "$AUDIT_MODULE" = "bsm" ; then
4083 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4084 echo "See the Solaris section in README.platform for details."
4085fi
git-cvsimport mirror of OpenSSH
This page took 4.113178 seconds and 5 git commands to generate.