]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (tim) [configure.ac] portability changes on test statements. Some shells
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
bc6f919d 17AC_INIT(OpenSSH, Portable)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
78
d423d822 79AC_C_INLINE
aff51935 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
d423d822 82fi
83
e6354014 84AC_ARG_WITH(rpath,
85 [ --without-rpath Disable auto-added -R linker paths],
86 [
87 if test "x$withval" = "xno" ; then
88 need_dash_r=""
89 fi
90 if test "x$withval" = "xyes" ; then
91 need_dash_r=1
92 fi
93 ]
94)
95
a0391976 96# Check for some target-specific stuff
a7effaac 97case "$host" in
9d6b1b96 98*-*-aix*)
aff51935 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 100 if (test -z "$blibpath"); then
0a15d73b 101 blibpath="/usr/lib:/lib"
68ece370 102 fi
103 saved_LDFLAGS="$LDFLAGS"
104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
105 if (test -z "$blibflags"); then
106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
107 AC_TRY_LINK([], [], [blibflags=$tryflags])
108 fi
109 done
110 if (test -z "$blibflags"); then
111 AC_MSG_RESULT(not found)
112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
113 else
114 AC_MSG_RESULT($blibflags)
bd499f9e 115 fi
68ece370 116 LDFLAGS="$saved_LDFLAGS"
e351e493 117 dnl Check for authenticate. Might be in libs.a on older AIXes
118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 119 [AC_CHECK_LIB(s,authenticate,
e351e493 120 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 121 LIBS="$LIBS -ls"
122 ])
123 ])
ba603e06 124 dnl Check for various auth function declarations in headers.
c85ed8e2 125 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
126 passwdexpired], , , [#include <usersec.h>])
e351e493 127 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 128 AC_CHECK_DECLS(loginfailed,
e351e493 129 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
130 AC_TRY_COMPILE(
f58c0e01 131 [#include <usersec.h>],
e351e493 132 [(void)loginfailed("user","host","tty",0);],
133 [AC_MSG_RESULT(yes)
134 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 135 [AC_MSG_RESULT(no)]
e351e493 136 )],
137 [],
138 [#include <usersec.h>]
139 )
2aa3a16c 140 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 141 check_for_aix_broken_getaddrinfo=1
1352689f 142 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 143 AC_DEFINE(SETEUID_BREAKS_SETUID)
144 AC_DEFINE(BROKEN_SETREUID)
145 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 146 dnl AIX handles lastlog as part of its login message
147 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 148 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 149 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 150 ;;
3c62e7eb 151*-*-cygwin*)
a52997bd 152 check_for_libcrypt_later=1
ffb8d130 153 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 154 AC_DEFINE(HAVE_CYGWIN)
7043a38d 155 AC_DEFINE(USE_PIPES)
3c62e7eb 156 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 157 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 158 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 159 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 160 AC_DEFINE(DISABLE_FD_PASSING)
3c62e7eb 161 ;;
d6fdb079 162*-*-dgux*)
163 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 164 AC_DEFINE(SETEUID_BREAKS_SETUID)
165 AC_DEFINE(BROKEN_SETREUID)
166 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 167 ;;
39c98ef7 168*-*-darwin*)
33e2e066 169 AC_MSG_CHECKING(if we have working getaddrinfo)
170 AC_TRY_RUN([#include <mach-o/dyld.h>
171main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
172 exit(0);
173 else
174 exit(1);
175}], [AC_MSG_RESULT(working)],
176 [AC_MSG_RESULT(buggy)
177 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 178 [AC_MSG_RESULT(assume it is working)])
635e0c42 179 AC_DEFINE(SETEUID_BREAKS_SETUID)
180 AC_DEFINE(BROKEN_SETREUID)
181 AC_DEFINE(BROKEN_SETREGID)
ff620033 182 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 183 ;;
6e879cb4 184*-*-hpux10.26)
185 if test -z "$GCC"; then
186 CFLAGS="$CFLAGS -Ae"
187 fi
188 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
189 IPADDR_IN_DISPLAY=yes
190 AC_DEFINE(HAVE_SECUREWARE)
191 AC_DEFINE(USE_PIPES)
192 AC_DEFINE(LOGIN_NO_ENDOPT)
193 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 194 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 195 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 196 LIBS="$LIBS -lsec -lsecpw"
197 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
6e879cb4 198 disable_ptmx_check=yes
199 ;;
a7effaac 200*-*-hpux10*)
201 if test -z "$GCC"; then
fc1e8bf4 202 CFLAGS="$CFLAGS -Ae"
a7effaac 203 fi
28564873 204 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 205 IPADDR_IN_DISPLAY=yes
137d7b6c 206 AC_DEFINE(USE_PIPES)
a2572aa7 207 AC_DEFINE(LOGIN_NO_ENDOPT)
208 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 209 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 210 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 211 LIBS="$LIBS -lsec"
212 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
a7effaac 213 ;;
2b763e31 214*-*-hpux11*)
b8fea62d 215 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 216 IPADDR_IN_DISPLAY=yes
adeebd37 217 AC_DEFINE(PAM_SUN_CODEBASE)
2b10f47a 218 AC_DEFINE(USE_PIPES)
a2572aa7 219 AC_DEFINE(LOGIN_NO_ENDOPT)
220 AC_DEFINE(LOGIN_NEEDS_UTMPX)
764d4113 221 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 222 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 223 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
b6610e8f 224 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
2fe51906 225 check_for_hpux_broken_getaddrinfo=1
b29fd59f 226 check_for_conflicting_getspnam=1
f75ca46d 227 LIBS="$LIBS -lsec"
228 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2b763e31 229 ;;
d94aa2ae 230*-*-irix5*)
6ac7829a 231 PATH="$PATH:/usr/etc"
416ed5a7 232 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 233 AC_DEFINE(SETEUID_BREAKS_SETUID)
234 AC_DEFINE(BROKEN_SETREUID)
235 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 236 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 237 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 238 ;;
239*-*-irix6*)
6ac7829a 240 PATH="$PATH:/usr/etc"
3206bb3b 241 AC_DEFINE(WITH_IRIX_ARRAY)
242 AC_DEFINE(WITH_IRIX_PROJECT)
243 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 244 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 245 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 246 AC_DEFINE(SETEUID_BREAKS_SETUID)
247 AC_DEFINE(BROKEN_SETREUID)
248 AC_DEFINE(BROKEN_SETREGID)
3d59832f 249 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 250 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 251 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 252 ;;
5cdfe03f 253*-*-linux*)
254 no_dev_ptmx=1
717057b6 255 check_for_libcrypt_later=1
eacb954e 256 check_for_openpty_ctty_bug=1
80faa19f 257 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 258 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 259 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 260 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 261 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 262 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
263 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 264 inet6_default_4in6=yes
bf7c1e6c 265 case `uname -r` in
ad84c479 266 1.*|2.0.*)
bf7c1e6c 267 AC_DEFINE(BROKEN_CMSG_TYPE)
268 ;;
bf7c1e6c 269 esac
5cdfe03f 270 ;;
66d6c27e 271mips-sony-bsd|mips-sony-newsos4)
272 AC_DEFINE(HAVE_NEWS4)
273 SONY=1
66d6c27e 274 ;;
d468fc76 275*-*-netbsd*)
33e2e066 276 check_for_libcrypt_before=1
e6354014 277 if test "x$withval" != "xno" ; then
278 need_dash_r=1
279 fi
d468fc76 280 ;;
86b416a7 281*-*-freebsd*)
282 check_for_libcrypt_later=1
283 ;;
8707b7eb 284*-*-bsdi*)
285 AC_DEFINE(SETEUID_BREAKS_SETUID)
286 AC_DEFINE(BROKEN_SETREUID)
287 AC_DEFINE(BROKEN_SETREGID)
288 ;;
729bfe59 289*-next-*)
729bfe59 290 conf_lastlog_location="/usr/adm/lastlog"
698d107e 291 conf_utmp_location=/etc/utmp
292 conf_wtmp_location=/usr/adm/wtmp
293 MAIL=/usr/spool/mail
729bfe59 294 AC_DEFINE(HAVE_NEXT)
443172c4 295 AC_DEFINE(BROKEN_REALPATH)
00937921 296 AC_DEFINE(USE_PIPES)
86b416a7 297 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 298 ;;
9d6b1b96 299*-*-solaris*)
010e9d5b 300 if test "x$withval" != "xno" ; then
301 need_dash_r=1
302 fi
adeebd37 303 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 304 AC_DEFINE(LOGIN_NEEDS_UTMPX)
305 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 306 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 307 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 308 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 309 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
310 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 311 external_path_file=/etc/default/login
1d7b9b20 312 # hardwire lastlog location (can't detect it on some versions)
313 conf_lastlog_location="/var/adm/lastlog"
32c80420 314 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
315 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
316 if test "$sol2ver" -ge 8; then
317 AC_MSG_RESULT(yes)
318 AC_DEFINE(DISABLE_UTMP)
319 AC_DEFINE(DISABLE_WTMP)
320 else
321 AC_MSG_RESULT(no)
322 fi
9d6b1b96 323 ;;
a423beaf 324*-*-sunos4*)
0c2fb82f 325 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 326 AC_CHECK_FUNCS(getpwanam)
adeebd37 327 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 328 conf_utmp_location=/etc/utmp
329 conf_wtmp_location=/var/adm/wtmp
330 conf_lastlog_location=/var/adm/lastlog
137d7b6c 331 AC_DEFINE(USE_PIPES)
a423beaf 332 ;;
6f68f28a 333*-ncr-sysv*)
98a7c37b 334 LIBS="$LIBS -lc89"
29525240 335 AC_DEFINE(USE_PIPES)
eabb99c6 336 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 337 AC_DEFINE(SETEUID_BREAKS_SETUID)
338 AC_DEFINE(BROKEN_SETREUID)
339 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 340 ;;
132dd316 341*-sni-sysv*)
c8c15bcb 342 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 343 AC_CHECK_LIB(dl, dlsym, ,)
85cf54ec 344 # -lresolv needs to be at then end of LIBS or DNS lookups break
345 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
9548d6c8 346 IPADDR_IN_DISPLAY=yes
347 AC_DEFINE(USE_PIPES)
132dd316 348 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 349 AC_DEFINE(SETEUID_BREAKS_SETUID)
350 AC_DEFINE(BROKEN_SETREUID)
351 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 352 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 353 external_path_file=/etc/default/login
c8c15bcb 354 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
355 # Attention: always take care to bind libsocket and libnsl before libc,
356 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 357 ;;
79a7ba96 358# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 359*-*-sysv4.2*)
ed6553e2 360 AC_DEFINE(USE_PIPES)
7ed101c0 361 AC_DEFINE(SETEUID_BREAKS_SETUID)
362 AC_DEFINE(BROKEN_SETREUID)
363 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 364 ;;
79a7ba96 365# UnixWare 7.x, OpenUNIX 8
77bb0bca 366*-*-sysv5*)
ed6553e2 367 AC_DEFINE(USE_PIPES)
7ed101c0 368 AC_DEFINE(SETEUID_BREAKS_SETUID)
369 AC_DEFINE(BROKEN_SETREUID)
370 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 371 ;;
9d6b1b96 372*-*-sysv*)
9d6b1b96 373 ;;
79a7ba96 374# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 375*-*-sco3.2v4*)
11cf4f1f 376 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 377 ;;
79a7ba96 378# SCO OpenServer 5.x
77bb0bca 379*-*-sco3.2v5*)
21710e39 380 if test -z "$GCC"; then
381 CFLAGS="$CFLAGS -belf"
382 fi
ed6553e2 383 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 384 no_dev_ptmx=1
ed6553e2 385 AC_DEFINE(USE_PIPES)
6e879cb4 386 AC_DEFINE(HAVE_SECUREWARE)
d287c664 387 AC_DEFINE(DISABLE_SHADOW)
94d8258b 388 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 389 AC_DEFINE(SETEUID_BREAKS_SETUID)
390 AC_DEFINE(BROKEN_SETREUID)
391 AC_DEFINE(BROKEN_SETREGID)
bcebad47 392 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 393 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 394 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 395 AC_CHECK_FUNCS(getluid setluid)
533875af 396 MANTYPE=man
a3245b92 397 TEST_SHELL=ksh
509b1f88 398 ;;
ccbb983c 399*-*-unicosmk*)
c1ad5966 400 AC_DEFINE(NO_SSH_LASTLOG)
401 AC_DEFINE(SETEUID_BREAKS_SETUID)
402 AC_DEFINE(BROKEN_SETREUID)
403 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 404 AC_DEFINE(USE_PIPES)
405 AC_DEFINE(DISABLE_FD_PASSING)
406 LDFLAGS="$LDFLAGS"
407 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
408 MANTYPE=cat
d262b7f2 409 ;;
7b9a8c6e 410*-*-unicosmp*)
c1ad5966 411 AC_DEFINE(SETEUID_BREAKS_SETUID)
412 AC_DEFINE(BROKEN_SETREUID)
413 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 414 AC_DEFINE(WITH_ABBREV_NO_TTY)
415 AC_DEFINE(USE_PIPES)
416 AC_DEFINE(DISABLE_FD_PASSING)
417 LDFLAGS="$LDFLAGS"
c1ad5966 418 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 419 MANTYPE=cat
420 ;;
ca5c7d6a 421*-*-unicos*)
c1ad5966 422 AC_DEFINE(SETEUID_BREAKS_SETUID)
423 AC_DEFINE(BROKEN_SETREUID)
424 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 425 AC_DEFINE(USE_PIPES)
94d8258b 426 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 427 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 428 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
429 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
430 MANTYPE=cat
a704dd54 431 ;;
4d33e531 432*-dec-osf*)
99c8ddac 433 AC_MSG_CHECKING(for Digital Unix SIA)
434 no_osfsia=""
435 AC_ARG_WITH(osfsia,
436 [ --with-osfsia Enable Digital Unix SIA],
437 [
438 if test "x$withval" = "xno" ; then
439 AC_MSG_RESULT(disabled)
440 no_osfsia=1
441 fi
442 ],
443 )
444 if test -z "$no_osfsia" ; then
4d33e531 445 if test -f /etc/sia/matrix.conf; then
446 AC_MSG_RESULT(yes)
447 AC_DEFINE(HAVE_OSF_SIA)
448 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 449 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 450 LIBS="$LIBS -lsecurity -ldb -lm -laud"
451 else
452 AC_MSG_RESULT(no)
dbf8efb3 453 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 454 fi
455 fi
a6e67b60 456 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 457 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 458 AC_DEFINE(BROKEN_SETREUID)
459 AC_DEFINE(BROKEN_SETREGID)
4d33e531 460 ;;
41cb4569 461
462*-*-nto-qnx)
463 AC_DEFINE(USE_PIPES)
464 AC_DEFINE(NO_X11_UNIX_SOCKETS)
465 AC_DEFINE(MISSING_NFDBITS)
466 AC_DEFINE(MISSING_HOWMANY)
467 AC_DEFINE(MISSING_FD_MASK)
468 ;;
a7effaac 469esac
470
8e7b16f8 471# Allow user to specify flags
472AC_ARG_WITH(cflags,
473 [ --with-cflags Specify additional flags to pass to compiler],
474 [
475 if test "x$withval" != "xno" ; then
476 CFLAGS="$CFLAGS $withval"
477 fi
478 ]
479)
0c2fb82f 480AC_ARG_WITH(cppflags,
481 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
482 [
483 if test "x$withval" != "xno"; then
484 CPPFLAGS="$CPPFLAGS $withval"
485 fi
486 ]
487)
8e7b16f8 488AC_ARG_WITH(ldflags,
97b378bf 489 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 490 [
491 if test "x$withval" != "xno" ; then
492 LDFLAGS="$LDFLAGS $withval"
493 fi
494 ]
495)
496AC_ARG_WITH(libs,
497 [ --with-libs Specify additional libraries to link with],
498 [
499 if test "x$withval" != "xno" ; then
500 LIBS="$LIBS $withval"
501 fi
502 ]
503)
504
c5829391 505AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 506AC_RUN_IFELSE(
507 [AC_LANG_SOURCE([
c5829391 508#include <stdio.h>
509int main(){exit(0);}
479cece8 510 ])],
c5829391 511 [ AC_MSG_RESULT(yes) ],
512 [
513 AC_MSG_RESULT(no)
514 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 515 ],
516 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 517)
518
ddceb1c8 519# Checks for header files.
419e26e7 520AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
521 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
522 login_cap.h maillock.h ndir.h netdb.h netgroup.h \
2511d104 523 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
5bbbc661 524 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
419e26e7 525 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
526 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
765a24cd 527 sys/pstat.h sys/select.h sys/stat.h sys/stream.h \
419e26e7 528 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
529 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
ddceb1c8 530
765a24cd 531# sys/ptms.h requires sys/stream.h to be included first on Solaris
532AC_CHECK_HEADERS(sys/ptms.h, [], [], [
533#ifdef HAVE_SYS_STREAM_H
534# include <sys/stream.h>
535#endif
536])
537
a0391976 538# Checks for libraries.
98a7c37b 539AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
540AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 541
446227d6 542dnl IRIX and Solaris 2.5.1 have dirname() in libgen
543AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
544 AC_CHECK_LIB(gen, dirname,[
545 AC_CACHE_CHECK([for broken dirname],
546 ac_cv_have_broken_dirname, [
547 save_LIBS="$LIBS"
548 LIBS="$LIBS -lgen"
549 AC_TRY_RUN(
550 [
551#include <libgen.h>
552#include <string.h>
553
554int main(int argc, char **argv) {
555 char *s, buf[32];
556
557 strncpy(buf,"/etc", 32);
558 s = dirname(buf);
559 if (!s || strncmp(s, "/", 32) != 0) {
560 exit(1);
561 } else {
562 exit(0);
563 }
564}
565 ],
566 [ ac_cv_have_broken_dirname="no" ],
567 [ ac_cv_have_broken_dirname="yes" ]
568 )
569 LIBS="$save_LIBS"
570 ])
571 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
572 LIBS="$LIBS -lgen"
573 AC_DEFINE(HAVE_DIRNAME)
574 AC_CHECK_HEADERS(libgen.h)
575 fi
576 ])
577])
578
579AC_CHECK_FUNC(getspnam, ,
580 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
581AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
582
98a7c37b 583dnl zlib is required
584AC_ARG_WITH(zlib,
585 [ --with-zlib=PATH Use zlib in PATH],
586 [
846f83ab 587 if test "x$withval" = "xno" ; then
f1b0ecc3 588 AC_MSG_ERROR([*** zlib is required ***])
589 fi
98a7c37b 590 if test -d "$withval/lib"; then
591 if test -n "${need_dash_r}"; then
5a162955 592 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 593 else
5a162955 594 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 595 fi
596 else
597 if test -n "${need_dash_r}"; then
5a162955 598 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 599 else
5a162955 600 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 601 fi
602 fi
603 if test -d "$withval/include"; then
5a162955 604 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 605 else
5a162955 606 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 607 fi
608 ]
609)
610
0a15d73b 611AC_CHECK_LIB(z, deflate, ,
612 [
613 saved_CPPFLAGS="$CPPFLAGS"
614 saved_LDFLAGS="$LDFLAGS"
615 save_LIBS="$LIBS"
616 dnl Check default zlib install dir
617 if test -n "${need_dash_r}"; then
618 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
619 else
620 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
621 fi
622 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
623 LIBS="$LIBS -lz"
624 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
625 [
626 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
627 ]
628 )
629 ]
630)
4ad65809 631AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 632
633AC_ARG_WITH(zlib-version-check,
634 [ --without-zlib-version-check Disable zlib version check],
635 [ if test "x$withval" = "xno" ; then
636 zlib_check_nonfatal=1
637 fi
638 ]
639)
640
4ad65809 641AC_MSG_CHECKING(for zlib 1.1.4 or greater)
479cece8 642AC_RUN_IFELSE([AC_LANG_SOURCE([[
4ad65809 643#include <zlib.h>
644int main()
645{
646 int a, b, c, v;
647 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
648 exit(1);
649 v = a*1000000 + b*1000 + c;
650 if (v >= 1001004)
651 exit(0);
652 exit(2);
653}
479cece8 654 ]])],
4ad65809 655 AC_MSG_RESULT(yes),
656 [ AC_MSG_RESULT(no)
8068d564 657 if test -z "$zlib_check_nonfatal" ; then
658 AC_MSG_ERROR([*** zlib too old - check config.log ***
659Your reported zlib version has known security problems. It's possible your
660vendor has fixed these problems without changing the version number. If you
661are sure this is the case, you can disable the check by running
662"./configure --without-zlib-version-check".
663If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
664 else
665 AC_MSG_WARN([zlib version may have security problems])
666 fi
1a01a50c 667 ],
668 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 669)
48e7916f 670
2c523de9 671dnl UnixWare 2.x
aff51935 672AC_CHECK_FUNC(strcasecmp,
2c523de9 673 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
674)
aff51935 675AC_CHECK_FUNC(utimes,
cda1ebcb 676 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
677 LIBS="$LIBS -lc89"]) ]
2c523de9 678)
4cca272e 679
7c6d759d 680dnl Checks for libutil functions
681AC_CHECK_HEADERS(libutil.h)
682AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
683AC_CHECK_FUNCS(logout updwtmp logwtmp)
684
a738c3b0 685AC_FUNC_STRFTIME
686
84ceda19 687# Check for ALTDIRFUNC glob() extension
688AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
689AC_EGREP_CPP(FOUNDIT,
690 [
691 #include <glob.h>
692 #ifdef GLOB_ALTDIRFUNC
693 FOUNDIT
694 #endif
aff51935 695 ],
84ceda19 696 [
697 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
698 AC_MSG_RESULT(yes)
699 ],
700 [
701 AC_MSG_RESULT(no)
702 ]
703)
4cca272e 704
40849fdb 705# Check for g.gl_matchc glob() extension
706AC_MSG_CHECKING(for gl_matchc field in glob_t)
707AC_EGREP_CPP(FOUNDIT,
aff51935 708 [
709 #include <glob.h>
40849fdb 710 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 711 ],
712 [
713 AC_DEFINE(GLOB_HAS_GL_MATCHC)
714 AC_MSG_RESULT(yes)
715 ],
716 [
717 AC_MSG_RESULT(no)
718 ]
40849fdb 719)
720
edbe6722 721AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 722AC_RUN_IFELSE(
479cece8 723 [AC_LANG_SOURCE([[
edbe6722 724#include <sys/types.h>
725#include <dirent.h>
aec4cb4f 726int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 727 ]])],
aff51935 728 [AC_MSG_RESULT(yes)],
edbe6722 729 [
730 AC_MSG_RESULT(no)
731 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 732 ],
733 [
734 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
735 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 736 ]
737)
738
419e26e7 739AC_MSG_CHECKING([for /proc/pid/fd directory])
740if test -d "/proc/$$/fd" ; then
741 AC_DEFINE(HAVE_PROC_PID)
742 AC_MSG_RESULT(yes)
743else
744 AC_MSG_RESULT(no)
745fi
746
278588d8 747# Check whether user wants S/Key support
aff51935 748SKEY_MSG="no"
278588d8 749AC_ARG_WITH(skey,
6ff3d0dc 750 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 751 [
752 if test "x$withval" != "xno" ; then
753
754 if test "x$withval" != "xyes" ; then
755 CPPFLAGS="$CPPFLAGS -I${withval}/include"
756 LDFLAGS="$LDFLAGS -L${withval}/lib"
757 fi
758
759 AC_DEFINE(SKEY)
760 LIBS="-lskey $LIBS"
aff51935 761 SKEY_MSG="yes"
278588d8 762
ddceb1c8 763 AC_MSG_CHECKING([for s/key support])
764 AC_TRY_RUN(
765 [
766#include <stdio.h>
767#include <skey.h>
aec4cb4f 768int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 769 ],
770 [AC_MSG_RESULT(yes)],
278588d8 771 [
ddceb1c8 772 AC_MSG_RESULT(no)
278588d8 773 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
774 ])
141fc639 775 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
776 AC_TRY_COMPILE(
777 [#include <stdio.h>
778 #include <skey.h>],
779 [(void)skeychallenge(NULL,"name","",0);],
780 [AC_MSG_RESULT(yes)
781 AC_DEFINE(SKEYCHALLENGE_4ARG)],
782 [AC_MSG_RESULT(no)]
783 )
278588d8 784 fi
785 ]
786)
787
788# Check whether user wants TCP wrappers support
98a7c37b 789TCPW_MSG="no"
278588d8 790AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 791 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 792 [
793 if test "x$withval" != "xno" ; then
794 saved_LIBS="$LIBS"
98a7c37b 795 saved_LDFLAGS="$LDFLAGS"
796 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 797 if test -n "${withval}" && \
798 test "${withval}" != "yes"; then
98a7c37b 799 if test -d "${withval}/lib"; then
800 if test -n "${need_dash_r}"; then
5a162955 801 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 802 else
5a162955 803 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 804 fi
805 else
806 if test -n "${need_dash_r}"; then
5a162955 807 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 808 else
5a162955 809 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 810 fi
811 fi
812 if test -d "${withval}/include"; then
5a162955 813 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 814 else
5a162955 815 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 816 fi
98a7c37b 817 fi
ddceb1c8 818 LIBWRAP="-lwrap"
819 LIBS="$LIBWRAP $LIBS"
278588d8 820 AC_MSG_CHECKING(for libwrap)
821 AC_TRY_LINK(
822 [
77f09220 823#include <sys/types.h>
824#include <sys/socket.h>
825#include <netinet/in.h>
278588d8 826#include <tcpd.h>
827 int deny_severity = 0, allow_severity = 0;
828 ],
829 [hosts_access(0);],
830 [
831 AC_MSG_RESULT(yes)
832 AC_DEFINE(LIBWRAP)
ddceb1c8 833 AC_SUBST(LIBWRAP)
98a7c37b 834 TCPW_MSG="yes"
278588d8 835 ],
836 [
837 AC_MSG_ERROR([*** libwrap missing])
838 ]
839 )
ddceb1c8 840 LIBS="$saved_LIBS"
278588d8 841 fi
842 ]
843)
844
59031773 845# Check whether user wants libedit support
846LIBEDIT_MSG="no"
847AC_ARG_WITH(libedit,
6ff3d0dc 848 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 849 [ if test "x$withval" != "xno" ; then
850 AC_CHECK_LIB(edit, el_init,
851 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
852 LIBEDIT="-ledit -lcurses"
853 LIBEDIT_MSG="yes"
854 AC_SUBST(LIBEDIT)
855 ],
856 [], [-lcurses]
857 )
858 fi ]
859)
860
7b578f7d 861AUDIT_MODULE=none
862AC_ARG_WITH(audit,
863 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
864 [
865 AC_MSG_CHECKING(for supported audit module)
866 case "$withval" in
867 bsm)
868 AC_MSG_RESULT(bsm)
869 AUDIT_MODULE=bsm
870 dnl Checks for headers, libs and functions
871 AC_CHECK_HEADERS(bsm/audit.h, [],
872 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
873 AC_CHECK_LIB(bsm, getaudit, [],
874 [AC_MSG_ERROR(BSM enabled and required library not found)])
875 AC_CHECK_FUNCS(getaudit, [],
876 [AC_MSG_ERROR(BSM enabled and required function not found)])
877 # These are optional
7939c496 878 AC_CHECK_FUNCS(getaudit_addr)
7b578f7d 879 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module])
880 ;;
881 debug)
882 AUDIT_MODULE=debug
883 AC_MSG_RESULT(debug)
884 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
885 ;;
886 *)
887 AC_MSG_ERROR([Unknown audit module $withval])
888 ;;
889 esac ]
890)
891
19160674 892dnl Checks for library functions. Please keep in alphabetical order
893AC_CHECK_FUNCS(\
2909d712 894 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
667abcc6 895 bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \
896 freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \
897 getopt getpeereid _getpty getrlimit getttyent glob inet_aton \
19160674 898 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
79d4fc55 899 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
e7f6070d 900 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
79d4fc55 901 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
3f176010 902 setproctitle setregid setreuid setrlimit \
688eed4a 903 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
7111a85c 904 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
351f44a0 905 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
19160674 906)
98a7c37b 907
1a086f97 908# IRIX has a const char return value for gai_strerror()
909AC_CHECK_FUNCS(gai_strerror,[
910 AC_DEFINE(HAVE_GAI_STRERROR)
911 AC_TRY_COMPILE([
912#include <sys/types.h>
913#include <sys/socket.h>
914#include <netdb.h>
915
916const char *gai_strerror(int);],[
917char *str;
918
919str = gai_strerror(0);],[
920 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
921 [Define if gai_strerror() returns const char *])])])
922
92b1decf 923AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
924
309709db 925dnl Make sure prototypes are defined for these before using them.
08412d26 926AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
309709db 927AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
08412d26 928
3490699c 929dnl tcsendbreak might be a macro
930AC_CHECK_DECL(tcsendbreak,
931 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 932 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 933 [#include <termios.h>]
934)
935
41e0e158 936AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
937
3f176010 938AC_CHECK_FUNCS(setresuid, [
939 dnl Some platorms have setresuid that isn't implemented, test for this
940 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 941 AC_RUN_IFELSE(
942 [AC_LANG_SOURCE([[
9a3fe0e2 943#include <stdlib.h>
944#include <errno.h>
945int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 946 ]])],
3f176010 947 [AC_MSG_RESULT(yes)],
24a9171d 948 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 949 AC_MSG_RESULT(not implemented)],
950 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 951 )
952])
9a3fe0e2 953
3f176010 954AC_CHECK_FUNCS(setresgid, [
955 dnl Some platorms have setresgid that isn't implemented, test for this
956 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 957 AC_RUN_IFELSE(
958 [AC_LANG_SOURCE([[
9a3fe0e2 959#include <stdlib.h>
960#include <errno.h>
961int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 962 ]])],
3f176010 963 [AC_MSG_RESULT(yes)],
964 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 965 AC_MSG_RESULT(not implemented)],
966 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 967 )
968])
9a3fe0e2 969
2e73a022 970dnl Checks for time functions
1d7b9b20 971AC_CHECK_FUNCS(gettimeofday time)
2e73a022 972dnl Checks for utmp functions
b03bd394 973AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 974AC_CHECK_FUNCS(utmpname)
2e73a022 975dnl Checks for utmpx functions
b03bd394 976AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 977AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 978
aff51935 979AC_CHECK_FUNC(daemon,
beb43d31 980 [AC_DEFINE(HAVE_DAEMON)],
981 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
982)
983
aff51935 984AC_CHECK_FUNC(getpagesize,
aa6bd60a 985 [AC_DEFINE(HAVE_GETPAGESIZE)],
986 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
987)
988
2647ae26 989# Check for broken snprintf
990if test "x$ac_cv_func_snprintf" = "xyes" ; then
991 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 992 AC_RUN_IFELSE(
479cece8 993 [AC_LANG_SOURCE([[
2647ae26 994#include <stdio.h>
aec4cb4f 995int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 996 ]])],
aff51935 997 [AC_MSG_RESULT(yes)],
2647ae26 998 [
999 AC_MSG_RESULT(no)
1000 AC_DEFINE(BROKEN_SNPRINTF)
1001 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1002 ],
1003 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1004 )
1005fi
1006
2f6f9cff 1007# Check for missing getpeereid (or equiv) support
1008NO_PEERCHECK=""
1009if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1010 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1011 AC_TRY_COMPILE(
1012 [#include <sys/types.h>
1013 #include <sys/socket.h>],
1014 [int i = SO_PEERCRED;],
1015 [AC_MSG_RESULT(yes)],
1016 [AC_MSG_RESULT(no)
1017 NO_PEERCHECK=1]
1018 )
1019fi
1020
70e7d0b0 1021dnl see whether mkstemp() requires XXXXXX
1022if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1023AC_MSG_CHECKING([for (overly) strict mkstemp])
1024AC_TRY_RUN(
1025 [
1026#include <stdlib.h>
1027main() { char template[]="conftest.mkstemp-test";
1028if (mkstemp(template) == -1)
1029 exit(1);
1030unlink(template); exit(0);
1031}
1032 ],
1033 [
1034 AC_MSG_RESULT(no)
1035 ],
aff51935 1036 [
70e7d0b0 1037 AC_MSG_RESULT(yes)
1038 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1039 ],
1040 [
1041 AC_MSG_RESULT(yes)
1042 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1043 ]
70e7d0b0 1044)
1045fi
1046
eacb954e 1047dnl make sure that openpty does not reacquire controlling terminal
1048if test ! -z "$check_for_openpty_ctty_bug"; then
1049 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1050 AC_TRY_RUN(
1051 [
1052#include <stdio.h>
1053#include <sys/fcntl.h>
1054#include <sys/types.h>
1055#include <sys/wait.h>
1056
1057int
1058main()
1059{
1060 pid_t pid;
1061 int fd, ptyfd, ttyfd, status;
1062
1063 pid = fork();
1064 if (pid < 0) { /* failed */
1065 exit(1);
1066 } else if (pid > 0) { /* parent */
1067 waitpid(pid, &status, 0);
aff51935 1068 if (WIFEXITED(status))
eacb954e 1069 exit(WEXITSTATUS(status));
1070 else
1071 exit(2);
1072 } else { /* child */
1073 close(0); close(1); close(2);
1074 setsid();
1075 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1076 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1077 if (fd >= 0)
1078 exit(3); /* Acquired ctty: broken */
1079 else
1080 exit(0); /* Did not acquire ctty: OK */
1081 }
1082}
1083 ],
1084 [
1085 AC_MSG_RESULT(yes)
1086 ],
1087 [
1088 AC_MSG_RESULT(no)
1089 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1090 ]
1091 )
1092fi
1093
4b492aab 1094if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1095 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1096 AC_MSG_CHECKING(if getaddrinfo seems to work)
1097 AC_TRY_RUN(
1098 [
1099#include <stdio.h>
1100#include <sys/socket.h>
1101#include <netdb.h>
1102#include <errno.h>
1103#include <netinet/in.h>
1104
1105#define TEST_PORT "2222"
1106
1107int
1108main(void)
1109{
1110 int err, sock;
1111 struct addrinfo *gai_ai, *ai, hints;
1112 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1113
1114 memset(&hints, 0, sizeof(hints));
1115 hints.ai_family = PF_UNSPEC;
1116 hints.ai_socktype = SOCK_STREAM;
1117 hints.ai_flags = AI_PASSIVE;
1118
1119 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1120 if (err != 0) {
1121 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1122 exit(1);
1123 }
1124
1125 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1126 if (ai->ai_family != AF_INET6)
1127 continue;
1128
1129 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1130 sizeof(ntop), strport, sizeof(strport),
1131 NI_NUMERICHOST|NI_NUMERICSERV);
1132
1133 if (err != 0) {
1134 if (err == EAI_SYSTEM)
1135 perror("getnameinfo EAI_SYSTEM");
1136 else
1137 fprintf(stderr, "getnameinfo failed: %s\n",
1138 gai_strerror(err));
1139 exit(2);
1140 }
1141
1142 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1143 if (sock < 0)
1144 perror("socket");
1145 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1146 if (errno == EBADF)
1147 exit(3);
1148 }
1149 }
1150 exit(0);
1151}
1152 ],
1153 [
1154 AC_MSG_RESULT(yes)
1155 ],
1156 [
1157 AC_MSG_RESULT(no)
1158 AC_DEFINE(BROKEN_GETADDRINFO)
1159 ]
1160 )
1161fi
1162
4b492aab 1163if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1164 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1165 AC_MSG_CHECKING(if getaddrinfo seems to work)
1166 AC_TRY_RUN(
1167 [
1168#include <stdio.h>
1169#include <sys/socket.h>
1170#include <netdb.h>
1171#include <errno.h>
1172#include <netinet/in.h>
1173
1174#define TEST_PORT "2222"
1175
1176int
1177main(void)
1178{
1179 int err, sock;
1180 struct addrinfo *gai_ai, *ai, hints;
1181 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1182
1183 memset(&hints, 0, sizeof(hints));
1184 hints.ai_family = PF_UNSPEC;
1185 hints.ai_socktype = SOCK_STREAM;
1186 hints.ai_flags = AI_PASSIVE;
1187
1188 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1189 if (err != 0) {
1190 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1191 exit(1);
1192 }
1193
1194 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1195 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1196 continue;
1197
1198 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1199 sizeof(ntop), strport, sizeof(strport),
1200 NI_NUMERICHOST|NI_NUMERICSERV);
1201
1202 if (ai->ai_family == AF_INET && err != 0) {
1203 perror("getnameinfo");
1204 exit(2);
1205 }
1206 }
1207 exit(0);
1208}
1209 ],
1210 [
1211 AC_MSG_RESULT(yes)
1212 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1213[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1214 ],
1215 [
1216 AC_MSG_RESULT(no)
1217 AC_DEFINE(BROKEN_GETADDRINFO)
1218 ]
1219 )
1220fi
1221
b29fd59f 1222if test "x$check_for_conflicting_getspnam" = "x1"; then
1223 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1224 AC_COMPILE_IFELSE(
1225 [
1226#include <shadow.h>
1227int main(void) {exit(0);}
1228 ],
1229 [
1230 AC_MSG_RESULT(no)
1231 ],
1232 [
1233 AC_MSG_RESULT(yes)
1234 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1235 [Conflicting defs for getspnam])
1236 ]
1237 )
1238fi
1239
7f8f5e00 1240AC_FUNC_GETPGRP
1241
717057b6 1242# Check for PAM libs
cbd7492e 1243PAM_MSG="no"
a0391976 1244AC_ARG_WITH(pam,
717057b6 1245 [ --with-pam Enable PAM support ],
a0391976 1246 [
717057b6 1247 if test "x$withval" != "xno" ; then
2511d104 1248 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1249 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1250 AC_MSG_ERROR([PAM headers not found])
1251 fi
a0391976 1252
717057b6 1253 AC_CHECK_LIB(dl, dlopen, , )
1254 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1255 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1256 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1257
717057b6 1258 PAM_MSG="yes"
4cb5ffa0 1259
717057b6 1260 AC_DEFINE(USE_PAM)
98f2d9d5 1261 if test $ac_cv_lib_dl_dlopen = yes; then
1262 LIBPAM="-lpam -ldl"
1263 else
1264 LIBPAM="-lpam"
1265 fi
1266 AC_SUBST(LIBPAM)
717057b6 1267 fi
1268 ]
1269)
cbd7492e 1270
717057b6 1271# Check for older PAM
1272if test "x$PAM_MSG" = "xyes" ; then
a0391976 1273 # Check PAM strerror arguments (old PAM)
1274 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1275 AC_TRY_COMPILE(
1276 [
18ba2aab 1277#include <stdlib.h>
2511d104 1278#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1279#include <security/pam_appl.h>
2511d104 1280#elif defined (HAVE_PAM_PAM_APPL_H)
1281#include <pam/pam_appl.h>
1282#endif
aff51935 1283 ],
1284 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1285 [AC_MSG_RESULT(no)],
1286 [
1287 AC_DEFINE(HAVE_OLD_PAM)
1288 AC_MSG_RESULT(yes)
cbd7492e 1289 PAM_MSG="yes (old library)"
a0391976 1290 ]
717057b6 1291 )
a0391976 1292fi
1293
5b991353 1294# Search for OpenSSL
1295saved_CPPFLAGS="$CPPFLAGS"
1296saved_LDFLAGS="$LDFLAGS"
a0391976 1297AC_ARG_WITH(ssl-dir,
1298 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1299 [
e9e4a1c7 1300 if test "x$withval" != "xno" ; then
99eb0f64 1301 case "$withval" in
1302 # Relative paths
1303 ./*|../*) withval="`pwd`/$withval"
1304 esac
5b991353 1305 if test -d "$withval/lib"; then
1306 if test -n "${need_dash_r}"; then
1307 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1308 else
1309 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1310 fi
1311 else
5b991353 1312 if test -n "${need_dash_r}"; then
1313 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1314 else
1315 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1316 fi
1317 fi
5b991353 1318 if test -d "$withval/include"; then
1319 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1320 else
5b991353 1321 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1322 fi
a0391976 1323 fi
5b991353 1324 ]
1325)
5486a457 1326LIBS="-lcrypto $LIBS"
5b991353 1327AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1328 [
5b991353 1329 dnl Check default openssl install dir
1330 if test -n "${need_dash_r}"; then
1331 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1332 else
5b991353 1333 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1334 fi
5b991353 1335 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1336 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1337 [
1338 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1339 ]
1340 )
1341 ]
1342)
1343
cd018561 1344# Determine OpenSSL header version
1345AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1346AC_RUN_IFELSE(
479cece8 1347 [AC_LANG_SOURCE([[
cd018561 1348#include <stdio.h>
1349#include <string.h>
1350#include <openssl/opensslv.h>
1351#define DATA "conftest.sslincver"
1352int main(void) {
aff51935 1353 FILE *fd;
1354 int rc;
cd018561 1355
aff51935 1356 fd = fopen(DATA,"w");
1357 if(fd == NULL)
1358 exit(1);
cd018561 1359
1360 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1361 exit(1);
1362
1363 exit(0);
1364}
479cece8 1365 ]])],
cd018561 1366 [
1367 ssl_header_ver=`cat conftest.sslincver`
1368 AC_MSG_RESULT($ssl_header_ver)
1369 ],
1370 [
1371 AC_MSG_RESULT(not found)
1372 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1373 ],
1374 [
1375 AC_MSG_WARN([cross compiling: not checking])
cd018561 1376 ]
1377)
1378
1379# Determine OpenSSL library version
1380AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1381AC_RUN_IFELSE(
479cece8 1382 [AC_LANG_SOURCE([[
cd018561 1383#include <stdio.h>
1384#include <string.h>
1385#include <openssl/opensslv.h>
1386#include <openssl/crypto.h>
1387#define DATA "conftest.ssllibver"
1388int main(void) {
aff51935 1389 FILE *fd;
1390 int rc;
cd018561 1391
aff51935 1392 fd = fopen(DATA,"w");
1393 if(fd == NULL)
1394 exit(1);
cd018561 1395
1396 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1397 exit(1);
1398
1399 exit(0);
1400}
479cece8 1401 ]])],
cd018561 1402 [
1403 ssl_library_ver=`cat conftest.ssllibver`
1404 AC_MSG_RESULT($ssl_library_ver)
1405 ],
1406 [
1407 AC_MSG_RESULT(not found)
1408 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1409 ],
1410 [
1411 AC_MSG_WARN([cross compiling: not checking])
cd018561 1412 ]
1413)
58d100bf 1414
9780116c 1415# Sanity check OpenSSL headers
1416AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1417AC_RUN_IFELSE(
479cece8 1418 [AC_LANG_SOURCE([[
9780116c 1419#include <string.h>
1420#include <openssl/opensslv.h>
aec4cb4f 1421int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1422 ]])],
9780116c 1423 [
1424 AC_MSG_RESULT(yes)
1425 ],
1426 [
1427 AC_MSG_RESULT(no)
e15ba28b 1428 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1429Check config.log for details.
1430Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1431 ],
1432 [
1433 AC_MSG_WARN([cross compiling: not checking])
9780116c 1434 ]
1435)
1436
5486a457 1437# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1438# because the system crypt() is more featureful.
1439if test "x$check_for_libcrypt_before" = "x1"; then
1440 AC_CHECK_LIB(crypt, crypt)
1441fi
1442
aff51935 1443# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1444# version in OpenSSL.
05114c74 1445if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1446 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1447fi
1448
f1b0ecc3 1449
1450### Configure cryptographic random number support
1451
1452# Check wheter OpenSSL seeds itself
1453AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1454AC_RUN_IFELSE(
479cece8 1455 [AC_LANG_SOURCE([[
f1b0ecc3 1456#include <string.h>
1457#include <openssl/rand.h>
aec4cb4f 1458int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1459 ]])],
f1b0ecc3 1460 [
1461 OPENSSL_SEEDS_ITSELF=yes
1462 AC_MSG_RESULT(yes)
1463 ],
1464 [
1465 AC_MSG_RESULT(no)
1466 # Default to use of the rand helper if OpenSSL doesn't
1467 # seed itself
1468 USE_RAND_HELPER=yes
1a01a50c 1469 ],
1470 [
1471 AC_MSG_WARN([cross compiling: assuming yes])
1472 # This is safe, since all recent OpenSSL versions will
1473 # complain at runtime if not seeded correctly.
1474 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1475 ]
1476)
1477
1478
1479# Do we want to force the use of the rand helper?
1480AC_ARG_WITH(rand-helper,
1481 [ --with-rand-helper Use subprocess to gather strong randomness ],
1482 [
1483 if test "x$withval" = "xno" ; then
aff51935 1484 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1485 # the previous test showed it to be unseeded.
1486 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1487 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1488 OPENSSL_SEEDS_ITSELF=yes
1489 USE_RAND_HELPER=""
1490 fi
1491 else
1492 USE_RAND_HELPER=yes
1493 fi
1494 ],
1495)
1496
1497# Which randomness source do we use?
4b492aab 1498if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1499 # OpenSSL only
1500 AC_DEFINE(OPENSSL_PRNG_ONLY)
1501 RAND_MSG="OpenSSL internal ONLY"
1502 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1503elif test ! -z "$USE_RAND_HELPER" ; then
1504 # install rand helper
f1b0ecc3 1505 RAND_MSG="ssh-rand-helper"
1506 INSTALL_SSH_RAND_HELPER="yes"
1507fi
1508AC_SUBST(INSTALL_SSH_RAND_HELPER)
1509
1510### Configuration of ssh-rand-helper
1511
1512# PRNGD TCP socket
1513AC_ARG_WITH(prngd-port,
1514 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1515 [
eb5d7ff6 1516 case "$withval" in
1517 no)
1518 withval=""
1519 ;;
1520 [[0-9]]*)
1521 ;;
1522 *)
1523 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1524 ;;
1525 esac
1526 if test ! -z "$withval" ; then
f1b0ecc3 1527 PRNGD_PORT="$withval"
1528 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1529 fi
1530 ]
1531)
1532
1533# PRNGD Unix domain socket
1534AC_ARG_WITH(prngd-socket,
1535 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1536 [
eb5d7ff6 1537 case "$withval" in
1538 yes)
f1b0ecc3 1539 withval="/var/run/egd-pool"
eb5d7ff6 1540 ;;
1541 no)
1542 withval=""
1543 ;;
1544 /*)
1545 ;;
1546 *)
1547 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1548 ;;
1549 esac
1550
1551 if test ! -z "$withval" ; then
f1b0ecc3 1552 if test ! -z "$PRNGD_PORT" ; then
1553 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1554 fi
906e811b 1555 if test ! -r "$withval" ; then
f1b0ecc3 1556 AC_MSG_WARN(Entropy socket is not readable)
1557 fi
1558 PRNGD_SOCKET="$withval"
1559 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1560 fi
ddceb1c8 1561 ],
1562 [
1563 # Check for existing socket only if we don't have a random device already
1564 if test "$USE_RAND_HELPER" = yes ; then
1565 AC_MSG_CHECKING(for PRNGD/EGD socket)
1566 # Insert other locations here
1567 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1568 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1569 PRNGD_SOCKET="$sock"
1570 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1571 break;
1572 fi
1573 done
1574 if test ! -z "$PRNGD_SOCKET" ; then
1575 AC_MSG_RESULT($PRNGD_SOCKET)
1576 else
1577 AC_MSG_RESULT(not found)
1578 fi
1579 fi
f1b0ecc3 1580 ]
1581)
1582
1583# Change default command timeout for hashing entropy source
1584entropy_timeout=200
1585AC_ARG_WITH(entropy-timeout,
1586 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1587 [
1588 if test "x$withval" != "xno" ; then
1589 entropy_timeout=$withval
1590 fi
1591 ]
1592)
f1b0ecc3 1593AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1594
fd3cbf67 1595SSH_PRIVSEP_USER=sshd
9a0fbcb3 1596AC_ARG_WITH(privsep-user,
5222e7ef 1597 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1598 [
1599 if test -n "$withval"; then
fd3cbf67 1600 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1601 fi
1602 ]
1603)
fd3cbf67 1604AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1605AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1606
81dadca3 1607# We do this little dance with the search path to insure
1608# that programs that we select for use by installed programs
1609# (which may be run by the super-user) come from trusted
1610# locations before they come from the user's private area.
1611# This should help avoid accidentally configuring some
1612# random version of a program in someone's personal bin.
1613
1614OPATH=$PATH
1615PATH=/bin:/usr/bin
f95c8ce8 1616test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1617test -d /sbin && PATH=$PATH:/sbin
1618test -d /usr/sbin && PATH=$PATH:/usr/sbin
1619PATH=$PATH:/etc:$OPATH
1620
aff51935 1621# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1622OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1623OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1624OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1625OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1626OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1627OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1628OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1629OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1630OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1631OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1632OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1633OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1634OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1635OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1636OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1637OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1638# restore PATH
1639PATH=$OPATH
f1b0ecc3 1640
1641# Where does ssh-rand-helper get its randomness from?
1642INSTALL_SSH_PRNG_CMDS=""
1643if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1644 if test ! -z "$PRNGD_PORT" ; then
1645 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1646 elif test ! -z "$PRNGD_SOCKET" ; then
1647 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1648 else
1649 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1650 RAND_HELPER_CMDHASH=yes
1651 INSTALL_SSH_PRNG_CMDS="yes"
1652 fi
1653fi
1654AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1655
1656
66d6c27e 1657# Cheap hack to ensure NEWS-OS libraries are arranged right.
1658if test ! -z "$SONY" ; then
1659 LIBS="$LIBS -liberty";
1660fi
1661
a0391976 1662# Checks for data types
976f7e19 1663AC_CHECK_SIZEOF(char, 1)
2b942fe0 1664AC_CHECK_SIZEOF(short int, 2)
1665AC_CHECK_SIZEOF(int, 4)
1666AC_CHECK_SIZEOF(long int, 4)
1667AC_CHECK_SIZEOF(long long int, 8)
1668
52f1ccb2 1669# Sanity check long long for some platforms (AIX)
1670if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1671 ac_cv_sizeof_long_long_int=0
1672fi
1673
a0391976 1674# More checks for data types
14a9a859 1675AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1676 AC_TRY_COMPILE(
aff51935 1677 [ #include <sys/types.h> ],
1678 [ u_int a; a = 1;],
14a9a859 1679 [ ac_cv_have_u_int="yes" ],
1680 [ ac_cv_have_u_int="no" ]
1681 )
1682])
1683if test "x$ac_cv_have_u_int" = "xyes" ; then
1684 AC_DEFINE(HAVE_U_INT)
1685 have_u_int=1
1686fi
1687
58d100bf 1688AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1689 AC_TRY_COMPILE(
aff51935 1690 [ #include <sys/types.h> ],
1691 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1692 [ ac_cv_have_intxx_t="yes" ],
1693 [ ac_cv_have_intxx_t="no" ]
1694 )
1695])
1696if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1697 AC_DEFINE(HAVE_INTXX_T)
1698 have_intxx_t=1
1699fi
41cb4569 1700
1701if (test -z "$have_intxx_t" && \
aff51935 1702 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1703then
1704 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1705 AC_TRY_COMPILE(
aff51935 1706 [ #include <stdint.h> ],
1707 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1708 [
1709 AC_DEFINE(HAVE_INTXX_T)
1710 AC_MSG_RESULT(yes)
1711 ],
1712 [ AC_MSG_RESULT(no) ]
1713 )
1714fi
1715
bd590612 1716AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1717 AC_TRY_COMPILE(
1cbbe6c8 1718 [
1719#include <sys/types.h>
1720#ifdef HAVE_STDINT_H
1721# include <stdint.h>
1722#endif
1723#include <sys/socket.h>
1724#ifdef HAVE_SYS_BITYPES_H
1725# include <sys/bitypes.h>
1726#endif
aff51935 1727 ],
1728 [ int64_t a; a = 1;],
bd590612 1729 [ ac_cv_have_int64_t="yes" ],
1730 [ ac_cv_have_int64_t="no" ]
1731 )
1732])
1733if test "x$ac_cv_have_int64_t" = "xyes" ; then
1734 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1735fi
1736
58d100bf 1737AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1738 AC_TRY_COMPILE(
aff51935 1739 [ #include <sys/types.h> ],
1740 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1741 [ ac_cv_have_u_intxx_t="yes" ],
1742 [ ac_cv_have_u_intxx_t="no" ]
1743 )
1744])
1745if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1746 AC_DEFINE(HAVE_U_INTXX_T)
1747 have_u_intxx_t=1
1748fi
2b942fe0 1749
41cb4569 1750if test -z "$have_u_intxx_t" ; then
1751 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1752 AC_TRY_COMPILE(
aff51935 1753 [ #include <sys/socket.h> ],
1754 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1755 [
1756 AC_DEFINE(HAVE_U_INTXX_T)
1757 AC_MSG_RESULT(yes)
1758 ],
1759 [ AC_MSG_RESULT(no) ]
1760 )
1761fi
1762
bd590612 1763AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1764 AC_TRY_COMPILE(
aff51935 1765 [ #include <sys/types.h> ],
1766 [ u_int64_t a; a = 1;],
bd590612 1767 [ ac_cv_have_u_int64_t="yes" ],
1768 [ ac_cv_have_u_int64_t="no" ]
1769 )
1770])
1771if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1772 AC_DEFINE(HAVE_U_INT64_T)
1773 have_u_int64_t=1
1774fi
1775
ddceb1c8 1776if test -z "$have_u_int64_t" ; then
1777 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1778 AC_TRY_COMPILE(
aff51935 1779 [ #include <sys/bitypes.h> ],
ddceb1c8 1780 [ u_int64_t a; a = 1],
1781 [
1782 AC_DEFINE(HAVE_U_INT64_T)
1783 AC_MSG_RESULT(yes)
1784 ],
1785 [ AC_MSG_RESULT(no) ]
1786 )
1787fi
1788
41cb4569 1789if test -z "$have_u_intxx_t" ; then
1790 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1791 AC_TRY_COMPILE(
1792 [
1793#include <sys/types.h>
aff51935 1794 ],
1795 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 1796 [ ac_cv_have_uintxx_t="yes" ],
1797 [ ac_cv_have_uintxx_t="no" ]
1798 )
1799 ])
1800 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1801 AC_DEFINE(HAVE_UINTXX_T)
1802 fi
1803fi
1804
1805if test -z "$have_uintxx_t" ; then
1806 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1807 AC_TRY_COMPILE(
aff51935 1808 [ #include <stdint.h> ],
1809 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 1810 [
1811 AC_DEFINE(HAVE_UINTXX_T)
1812 AC_MSG_RESULT(yes)
1813 ],
1814 [ AC_MSG_RESULT(no) ]
1815 )
1816fi
1817
e5fe9a1f 1818if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 1819 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1820then
1821 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1822 AC_TRY_COMPILE(
58d100bf 1823 [
1824#include <sys/bitypes.h>
aff51935 1825 ],
5cdfe03f 1826 [
837c30b8 1827 int8_t a; int16_t b; int32_t c;
1828 u_int8_t e; u_int16_t f; u_int32_t g;
1829 a = b = c = e = f = g = 1;
aff51935 1830 ],
5cdfe03f 1831 [
1832 AC_DEFINE(HAVE_U_INTXX_T)
1833 AC_DEFINE(HAVE_INTXX_T)
1834 AC_MSG_RESULT(yes)
1835 ],
1836 [AC_MSG_RESULT(no)]
aff51935 1837 )
5cdfe03f 1838fi
1839
0362750e 1840
1841AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1842 AC_TRY_COMPILE(
1843 [
1844#include <sys/types.h>
1845 ],
1846 [ u_char foo; foo = 125; ],
1847 [ ac_cv_have_u_char="yes" ],
1848 [ ac_cv_have_u_char="no" ]
1849 )
1850])
1851if test "x$ac_cv_have_u_char" = "xyes" ; then
1852 AC_DEFINE(HAVE_U_CHAR)
1853fi
1854
98a7c37b 1855TYPE_SOCKLEN_T
2b942fe0 1856
2d16d9a3 1857AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 1858
777ece68 1859AC_CHECK_TYPES(in_addr_t,,,
1860[#include <sys/types.h>
1861#include <netinet/in.h>])
7b578f7d 1862
58d100bf 1863AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1864 AC_TRY_COMPILE(
1865 [
18ba2aab 1866#include <sys/types.h>
58d100bf 1867 ],
1868 [ size_t foo; foo = 1235; ],
1869 [ ac_cv_have_size_t="yes" ],
1870 [ ac_cv_have_size_t="no" ]
1871 )
1872])
1873if test "x$ac_cv_have_size_t" = "xyes" ; then
1874 AC_DEFINE(HAVE_SIZE_T)
1875fi
ea1970a3 1876
c04f75f1 1877AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1878 AC_TRY_COMPILE(
1879 [
1880#include <sys/types.h>
1881 ],
1882 [ ssize_t foo; foo = 1235; ],
1883 [ ac_cv_have_ssize_t="yes" ],
1884 [ ac_cv_have_ssize_t="no" ]
1885 )
1886])
1887if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1888 AC_DEFINE(HAVE_SSIZE_T)
1889fi
1890
f1c4659d 1891AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1892 AC_TRY_COMPILE(
1893 [
1894#include <time.h>
1895 ],
1896 [ clock_t foo; foo = 1235; ],
1897 [ ac_cv_have_clock_t="yes" ],
1898 [ ac_cv_have_clock_t="no" ]
1899 )
1900])
1901if test "x$ac_cv_have_clock_t" = "xyes" ; then
1902 AC_DEFINE(HAVE_CLOCK_T)
1903fi
1904
1c04b088 1905AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1906 AC_TRY_COMPILE(
1907 [
1908#include <sys/types.h>
1909#include <sys/socket.h>
1910 ],
1911 [ sa_family_t foo; foo = 1235; ],
1912 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 1913 [ AC_TRY_COMPILE(
1914 [
1915#include <sys/types.h>
1916#include <sys/socket.h>
1917#include <netinet/in.h>
1918 ],
1919 [ sa_family_t foo; foo = 1235; ],
1920 [ ac_cv_have_sa_family_t="yes" ],
1921
1c04b088 1922 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 1923 )]
1c04b088 1924 )
1925])
1926if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1927 AC_DEFINE(HAVE_SA_FAMILY_T)
1928fi
1929
729bfe59 1930AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1931 AC_TRY_COMPILE(
1932 [
1933#include <sys/types.h>
1934 ],
1935 [ pid_t foo; foo = 1235; ],
1936 [ ac_cv_have_pid_t="yes" ],
1937 [ ac_cv_have_pid_t="no" ]
1938 )
1939])
1940if test "x$ac_cv_have_pid_t" = "xyes" ; then
1941 AC_DEFINE(HAVE_PID_T)
1942fi
1943
1944AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1945 AC_TRY_COMPILE(
1946 [
1947#include <sys/types.h>
1948 ],
1949 [ mode_t foo; foo = 1235; ],
1950 [ ac_cv_have_mode_t="yes" ],
1951 [ ac_cv_have_mode_t="no" ]
1952 )
1953])
1954if test "x$ac_cv_have_mode_t" = "xyes" ; then
1955 AC_DEFINE(HAVE_MODE_T)
1956fi
1957
e3a93db0 1958
58d100bf 1959AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1960 AC_TRY_COMPILE(
1961 [
18ba2aab 1962#include <sys/types.h>
1963#include <sys/socket.h>
58d100bf 1964 ],
1965 [ struct sockaddr_storage s; ],
1966 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1967 [ ac_cv_have_struct_sockaddr_storage="no" ]
1968 )
1969])
1970if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1971 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1972fi
48e671d5 1973
58d100bf 1974AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1975 AC_TRY_COMPILE(
1976 [
cbd7492e 1977#include <sys/types.h>
58d100bf 1978#include <netinet/in.h>
1979 ],
1980 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
1981 [ ac_cv_have_struct_sockaddr_in6="yes" ],
1982 [ ac_cv_have_struct_sockaddr_in6="no" ]
1983 )
1984])
1985if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
1986 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
1987fi
48e671d5 1988
58d100bf 1989AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
1990 AC_TRY_COMPILE(
1991 [
cbd7492e 1992#include <sys/types.h>
58d100bf 1993#include <netinet/in.h>
1994 ],
1995 [ struct in6_addr s; s.s6_addr[0] = 0; ],
1996 [ ac_cv_have_struct_in6_addr="yes" ],
1997 [ ac_cv_have_struct_in6_addr="no" ]
1998 )
1999])
2000if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2001 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
2002fi
48e671d5 2003
58d100bf 2004AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2005 AC_TRY_COMPILE(
2006 [
18ba2aab 2007#include <sys/types.h>
2008#include <sys/socket.h>
2009#include <netdb.h>
58d100bf 2010 ],
2011 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2012 [ ac_cv_have_struct_addrinfo="yes" ],
2013 [ ac_cv_have_struct_addrinfo="no" ]
2014 )
2015])
2016if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2017 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2018fi
2019
89c7e31c 2020AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2021 AC_TRY_COMPILE(
aff51935 2022 [ #include <sys/time.h> ],
2023 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2024 [ ac_cv_have_struct_timeval="yes" ],
2025 [ ac_cv_have_struct_timeval="no" ]
2026 )
2027])
2028if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2029 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2030 have_struct_timeval=1
2031fi
2032
5271b55c 2033AC_CHECK_TYPES(struct timespec)
2034
85abc74b 2035# We need int64_t or else certian parts of the compile will fail.
4b492aab 2036if test "x$ac_cv_have_int64_t" = "xno" && \
2037 test "x$ac_cv_sizeof_long_int" != "x8" && \
2038 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2039 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2040 echo "an alternative compiler (I.E., GCC) before continuing."
2041 echo ""
2042 exit 1;
733cf7f4 2043else
2044dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2045 AC_RUN_IFELSE(
479cece8 2046 [AC_LANG_SOURCE([[
733cf7f4 2047#include <stdio.h>
2048#include <string.h>
2049#ifdef HAVE_SNPRINTF
2050main()
2051{
2052 char buf[50];
2053 char expected_out[50];
2054 int mazsize = 50 ;
2055#if (SIZEOF_LONG_INT == 8)
2056 long int num = 0x7fffffffffffffff;
2057#else
763a1a18 2058 long long num = 0x7fffffffffffffffll;
733cf7f4 2059#endif
2060 strcpy(expected_out, "9223372036854775807");
2061 snprintf(buf, mazsize, "%lld", num);
2062 if(strcmp(buf, expected_out) != 0)
aff51935 2063 exit(1);
733cf7f4 2064 exit(0);
2065}
2066#else
2067main() { exit(0); }
2068#endif
479cece8 2069 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2070 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2071 )
2c523de9 2072fi
2073
77bb0bca 2074dnl Checks for structure members
58d100bf 2075OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2076OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2077OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2078OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2079OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2080OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2081OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2082OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2083OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2084OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2085OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2086OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2087OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2088OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2089OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2090OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2091OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2092
2093AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2094
58d100bf 2095AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2096 ac_cv_have_ss_family_in_struct_ss, [
2097 AC_TRY_COMPILE(
2098 [
18ba2aab 2099#include <sys/types.h>
2100#include <sys/socket.h>
58d100bf 2101 ],
2102 [ struct sockaddr_storage s; s.ss_family = 1; ],
2103 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2104 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2105 )
2106])
2107if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2108 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2109fi
2110
58d100bf 2111AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2112 ac_cv_have___ss_family_in_struct_ss, [
2113 AC_TRY_COMPILE(
2114 [
18ba2aab 2115#include <sys/types.h>
2116#include <sys/socket.h>
58d100bf 2117 ],
2118 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2119 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2120 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2121 )
2122])
2123if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2124 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2125fi
2126
2e73a022 2127AC_CACHE_CHECK([for pw_class field in struct passwd],
2128 ac_cv_have_pw_class_in_struct_passwd, [
2129 AC_TRY_COMPILE(
2130 [
2e73a022 2131#include <pwd.h>
2132 ],
97994d32 2133 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2134 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2135 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2136 )
2137])
2138if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2139 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2140fi
2141
7751d4eb 2142AC_CACHE_CHECK([for pw_expire field in struct passwd],
2143 ac_cv_have_pw_expire_in_struct_passwd, [
2144 AC_TRY_COMPILE(
2145 [
2146#include <pwd.h>
2147 ],
2148 [ struct passwd p; p.pw_expire = 0; ],
2149 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2150 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2151 )
2152])
2153if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2154 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2155fi
2156
2157AC_CACHE_CHECK([for pw_change field in struct passwd],
2158 ac_cv_have_pw_change_in_struct_passwd, [
2159 AC_TRY_COMPILE(
2160 [
2161#include <pwd.h>
2162 ],
2163 [ struct passwd p; p.pw_change = 0; ],
2164 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2165 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2166 )
2167])
2168if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2169 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2170fi
58d100bf 2171
637f9177 2172dnl make sure we're using the real structure members and not defines
6f34652e 2173AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2174 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2175 AC_COMPILE_IFELSE(
6f34652e 2176 [
f95c8ce8 2177#include <sys/types.h>
6f34652e 2178#include <sys/socket.h>
2179#include <sys/uio.h>
637f9177 2180int main() {
2181#ifdef msg_accrights
1a01a50c 2182#error "msg_accrights is a macro"
637f9177 2183exit(1);
2184#endif
2185struct msghdr m;
2186m.msg_accrights = 0;
2187exit(0);
2188}
6f34652e 2189 ],
6f34652e 2190 [ ac_cv_have_accrights_in_msghdr="yes" ],
2191 [ ac_cv_have_accrights_in_msghdr="no" ]
2192 )
2193])
2194if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2195 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2196fi
2197
7176df4f 2198AC_CACHE_CHECK([for msg_control field in struct msghdr],
2199 ac_cv_have_control_in_msghdr, [
1a01a50c 2200 AC_COMPILE_IFELSE(
7176df4f 2201 [
f95c8ce8 2202#include <sys/types.h>
7176df4f 2203#include <sys/socket.h>
2204#include <sys/uio.h>
637f9177 2205int main() {
2206#ifdef msg_control
1a01a50c 2207#error "msg_control is a macro"
637f9177 2208exit(1);
2209#endif
2210struct msghdr m;
2211m.msg_control = 0;
2212exit(0);
2213}
7176df4f 2214 ],
7176df4f 2215 [ ac_cv_have_control_in_msghdr="yes" ],
2216 [ ac_cv_have_control_in_msghdr="no" ]
2217 )
2218])
2219if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2220 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2221fi
2222
58d100bf 2223AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2224 AC_TRY_LINK([],
2225 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2226 [ ac_cv_libc_defines___progname="yes" ],
2227 [ ac_cv_libc_defines___progname="no" ]
2228 )
2229])
2230if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2231 AC_DEFINE(HAVE___PROGNAME)
2232fi
8946db53 2233
c921ee00 2234AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2235 AC_TRY_LINK([
2236#include <stdio.h>
aff51935 2237],
2238 [ printf("%s", __FUNCTION__); ],
c921ee00 2239 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2240 [ ac_cv_cc_implements___FUNCTION__="no" ]
2241 )
2242])
2243if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2244 AC_DEFINE(HAVE___FUNCTION__)
2245fi
2246
2247AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2248 AC_TRY_LINK([
2249#include <stdio.h>
aff51935 2250],
2251 [ printf("%s", __func__); ],
c921ee00 2252 [ ac_cv_cc_implements___func__="yes" ],
2253 [ ac_cv_cc_implements___func__="no" ]
2254 )
2255])
2256if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2257 AC_DEFINE(HAVE___func__)
2258fi
2259
1812a662 2260AC_CACHE_CHECK([whether getopt has optreset support],
2261 ac_cv_have_getopt_optreset, [
2262 AC_TRY_LINK(
2263 [
2264#include <getopt.h>
2265 ],
2266 [ extern int optreset; optreset = 0; ],
2267 [ ac_cv_have_getopt_optreset="yes" ],
2268 [ ac_cv_have_getopt_optreset="no" ]
2269 )
2270])
2271if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2272 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2273fi
a0391976 2274
819b676f 2275AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2276 AC_TRY_LINK([],
2277 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2278 [ ac_cv_libc_defines_sys_errlist="yes" ],
2279 [ ac_cv_libc_defines_sys_errlist="no" ]
2280 )
2281])
2282if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2283 AC_DEFINE(HAVE_SYS_ERRLIST)
2284fi
2285
2286
416ed5a7 2287AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2288 AC_TRY_LINK([],
2289 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2290 [ ac_cv_libc_defines_sys_nerr="yes" ],
2291 [ ac_cv_libc_defines_sys_nerr="no" ]
2292 )
2293])
2294if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2295 AC_DEFINE(HAVE_SYS_NERR)
2296fi
2297
aff51935 2298SCARD_MSG="no"
295c8801 2299# Check whether user wants sectok support
2300AC_ARG_WITH(sectok,
2301 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2302 [
2303 if test "x$withval" != "xno" ; then
2304 if test "x$withval" != "xyes" ; then
2305 CPPFLAGS="$CPPFLAGS -I${withval}"
2306 LDFLAGS="$LDFLAGS -L${withval}"
2307 if test ! -z "$need_dash_r" ; then
2308 LDFLAGS="$LDFLAGS -R${withval}"
2309 fi
2310 if test ! -z "$blibpath" ; then
2311 blibpath="$blibpath:${withval}"
2312 fi
2313 fi
2314 AC_CHECK_HEADERS(sectok.h)
2315 if test "$ac_cv_header_sectok_h" != yes; then
2316 AC_MSG_ERROR(Can't find sectok.h)
2317 fi
2318 AC_CHECK_LIB(sectok, sectok_open)
2319 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2320 AC_MSG_ERROR(Can't find libsectok)
2321 fi
2322 AC_DEFINE(SMARTCARD)
295c8801 2323 AC_DEFINE(USE_SECTOK)
aff51935 2324 SCARD_MSG="yes, using sectok"
295c8801 2325 fi
2326 ]
2327)
2328
2329# Check whether user wants OpenSC support
987b458f 2330OPENSC_CONFIG="no"
295c8801 2331AC_ARG_WITH(opensc,
987b458f 2332 [--with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
2333 [
2334 if test "x$withval" != "xno" ; then
2335 if test "x$withval" != "xyes" ; then
2336 OPENSC_CONFIG=$withval/bin/opensc-config
2337 else
2338 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2339 fi
2340 if test "$OPENSC_CONFIG" != "no"; then
2341 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2342 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2343 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2344 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2345 AC_DEFINE(SMARTCARD)
2346 AC_DEFINE(USE_OPENSC)
2347 SCARD_MSG="yes, using OpenSC"
2348 fi
2349 fi
2350 ]
2351)
d0b19c95 2352
c31dc31c 2353# Check libraries needed by DNS fingerprint support
aff51935 2354AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2355 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2356 [
c31dc31c 2357 # Needed by our getrrsetbyname()
2358 AC_SEARCH_LIBS(res_query, resolv)
2359 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2360 AC_MSG_CHECKING(if res_query will link)
2361 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2362 [AC_MSG_RESULT(no)
2363 saved_LIBS="$LIBS"
2364 LIBS="$LIBS -lresolv"
2365 AC_MSG_CHECKING(for res_query in -lresolv)
2366 AC_LINK_IFELSE([
2367#include <resolv.h>
2368int main()
2369{
2370 res_query (0, 0, 0, 0, 0);
2371 return 0;
2372}
2373 ],
2374 [LIBS="$LIBS -lresolv"
2375 AC_MSG_RESULT(yes)],
2376 [LIBS="$saved_LIBS"
2377 AC_MSG_RESULT(no)])
2378 ])
c31dc31c 2379 AC_CHECK_FUNCS(_getshort _getlong)
2380 AC_CHECK_MEMBER(HEADER.ad,
2381 [AC_DEFINE(HAVE_HEADER_AD)],,
2382 [#include <arpa/nameser.h>])
2383 ])
3e05e934 2384
12928e80 2385# Check whether user wants Kerberos 5 support
aff51935 2386KRB5_MSG="no"
12928e80 2387AC_ARG_WITH(kerberos5,
aff51935 2388 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2389 [ if test "x$withval" != "xno" ; then
2390 if test "x$withval" = "xyes" ; then
2391 KRB5ROOT="/usr/local"
2392 else
2393 KRB5ROOT=${withval}
2394 fi
2395
2396 AC_DEFINE(KRB5)
2397 KRB5_MSG="yes"
2398
2399 AC_MSG_CHECKING(for krb5-config)
2400 if test -x $KRB5ROOT/bin/krb5-config ; then
2401 KRB5CONF=$KRB5ROOT/bin/krb5-config
2402 AC_MSG_RESULT($KRB5CONF)
2403
2404 AC_MSG_CHECKING(for gssapi support)
2405 if $KRB5CONF | grep gssapi >/dev/null ; then
2406 AC_MSG_RESULT(yes)
071970fb 2407 AC_DEFINE(GSSAPI)
2408 k5confopts=gssapi
aff51935 2409 else
5585c441 2410 AC_MSG_RESULT(no)
071970fb 2411 k5confopts=""
aff51935 2412 fi
071970fb 2413 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2414 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2415 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2416 AC_MSG_CHECKING(whether we are using Heimdal)
2417 AC_TRY_COMPILE([ #include <krb5.h> ],
2418 [ char *tmp = heimdal_version; ],
2419 [ AC_MSG_RESULT(yes)
2420 AC_DEFINE(HEIMDAL) ],
2421 AC_MSG_RESULT(no)
2422 )
2423 else
2424 AC_MSG_RESULT(no)
12928e80 2425 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2426 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2427 AC_MSG_CHECKING(whether we are using Heimdal)
2428 AC_TRY_COMPILE([ #include <krb5.h> ],
2429 [ char *tmp = heimdal_version; ],
2430 [ AC_MSG_RESULT(yes)
2431 AC_DEFINE(HEIMDAL)
41707f74 2432 K5LIBS="-lkrb5 -ldes"
2433 K5LIBS="$K5LIBS -lcom_err -lasn1"
2434 AC_CHECK_LIB(roken, net_write,
2435 [K5LIBS="$K5LIBS -lroken"])
aff51935 2436 ],
2437 [ AC_MSG_RESULT(no)
2438 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2439 ]
2440 )
4e00038c 2441 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2442
749560dd 2443 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2444 [ AC_DEFINE(GSSAPI)
2445 K5LIBS="-lgssapi $K5LIBS" ],
2446 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2447 [ AC_DEFINE(GSSAPI)
aff51935 2448 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2449 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2450 $K5LIBS)
2451 ],
2452 $K5LIBS)
2453
2454 AC_CHECK_HEADER(gssapi.h, ,
2455 [ unset ac_cv_header_gssapi_h
aff51935 2456 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2457 AC_CHECK_HEADERS(gssapi.h, ,
2458 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2459 )
749560dd 2460 ]
2461 )
2462
2463 oldCPP="$CPPFLAGS"
2464 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2465 AC_CHECK_HEADER(gssapi_krb5.h, ,
2466 [ CPPFLAGS="$oldCPP" ])
2467
aff51935 2468 fi
5585c441 2469 if test ! -z "$need_dash_r" ; then
2470 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2471 fi
2472 if test ! -z "$blibpath" ; then
2473 blibpath="$blibpath:${KRB5ROOT}/lib"
2474 fi
071970fb 2475 fi
2476
2477 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2478 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2479 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2480
2481 LIBS="$LIBS $K5LIBS"
2482 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
79753592 2483 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
071970fb 2484 ]
12928e80 2485)
b5b68128 2486
a0391976 2487# Looking for programs, paths and files
a0391976 2488
ecac8ee5 2489PRIVSEP_PATH=/var/empty
2490AC_ARG_WITH(privsep-path,
cda1ebcb 2491 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2492 [
2493 if test "x$withval" != "$no" ; then
2494 PRIVSEP_PATH=$withval
2495 fi
2496 ]
2497)
2498AC_SUBST(PRIVSEP_PATH)
2499
a0391976 2500AC_ARG_WITH(xauth,
2501 [ --with-xauth=PATH Specify path to xauth program ],
2502 [
00937921 2503 if test "x$withval" != "xno" ; then
cbd7492e 2504 xauth_path=$withval
a0391976 2505 fi
2506 ],
2507 [
2bf42e4a 2508 TestPath="$PATH"
2509 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2510 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2511 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2512 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2513 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2514 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2515 xauth_path="/usr/openwin/bin/xauth"
2516 fi
2517 ]
2518)
2519
65a4b4af 2520STRIP_OPT=-s
2521AC_ARG_ENABLE(strip,
2522 [ --disable-strip Disable calling strip(1) on install],
2523 [
2524 if test "x$enableval" = "xno" ; then
2525 STRIP_OPT=
2526 fi
2527 ]
2528)
2529AC_SUBST(STRIP_OPT)
2530
b3ec54b4 2531if test -z "$xauth_path" ; then
2532 XAUTH_PATH="undefined"
2533 AC_SUBST(XAUTH_PATH)
2534else
a0391976 2535 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2536 XAUTH_PATH=$xauth_path
2537 AC_SUBST(XAUTH_PATH)
a0391976 2538fi
a0391976 2539
2540# Check for mail directory (last resort if we cannot get it from headers)
2541if test ! -z "$MAIL" ; then
2542 maildir=`dirname $MAIL`
2543 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2544fi
2545
479cece8 2546if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2547 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2548 disable_ptmx_check=yes
2549fi
a0391976 2550if test -z "$no_dev_ptmx" ; then
6e879cb4 2551 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2552 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2553 [
2554 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2555 have_dev_ptmx=1
2556 ]
2557 )
2558 fi
3276571c 2559fi
1a01a50c 2560
479cece8 2561if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2562 AC_CHECK_FILE("/dev/ptc",
2563 [
2564 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2565 have_dev_ptc=1
2566 ]
2567 )
2568else
2569 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2570fi
3276571c 2571
a0391976 2572# Options from here on. Some of these are preset by platform above
fdf6b7aa 2573AC_ARG_WITH(mantype,
5d97cfbf 2574 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2575 [
5d97cfbf 2576 case "$withval" in
2577 man|cat|doc)
2578 MANTYPE=$withval
2579 ;;
2580 *)
2581 AC_MSG_ERROR(invalid man type: $withval)
2582 ;;
2583 esac
c54a6257 2584 ]
2585)
e0c4d3ac 2586if test -z "$MANTYPE"; then
2bf42e4a 2587 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2588 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2589 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2590 MANTYPE=doc
2591 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2592 MANTYPE=man
2593 else
2594 MANTYPE=cat
2595 fi
2596fi
c54a6257 2597AC_SUBST(MANTYPE)
e0c4d3ac 2598if test "$MANTYPE" = "doc"; then
2599 mansubdir=man;
2600else
2601 mansubdir=$MANTYPE;
2602fi
2603AC_SUBST(mansubdir)
0bc5b6fb 2604
a0391976 2605# Check whether to enable MD5 passwords
aff51935 2606MD5_MSG="no"
2ddcfdf3 2607AC_ARG_WITH(md5-passwords,
caf3bc51 2608 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2609 [
bcf36c78 2610 if test "x$withval" != "xno" ; then
0bc5b6fb 2611 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2612 MD5_MSG="yes"
0bc5b6fb 2613 fi
2614 ]
caf3bc51 2615)
2616
a0391976 2617# Whether to disable shadow password support
a7effaac 2618AC_ARG_WITH(shadow,
2619 [ --without-shadow Disable shadow password support],
2620 [
2621 if test "x$withval" = "xno" ; then
2622 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2623 disable_shadow=yes
a7effaac 2624 fi
2625 ]
2626)
2627
4cb5ffa0 2628if test -z "$disable_shadow" ; then
2629 AC_MSG_CHECKING([if the systems has expire shadow information])
2630 AC_TRY_COMPILE(
2631 [
2632#include <sys/types.h>
2633#include <shadow.h>
2634 struct spwd sp;
2635 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2636 [ sp_expire_available=yes ], []
2637 )
2638
2639 if test "x$sp_expire_available" = "xyes" ; then
2640 AC_MSG_RESULT(yes)
2641 AC_DEFINE(HAS_SHADOW_EXPIRE)
2642 else
2643 AC_MSG_RESULT(no)
2644 fi
2645fi
2646
a0391976 2647# Use ip address instead of hostname in $DISPLAY
44839801 2648if test ! -z "$IPADDR_IN_DISPLAY" ; then
2649 DISPLAY_HACK_MSG="yes"
2650 AC_DEFINE(IPADDR_IN_DISPLAY)
2651else
aff51935 2652 DISPLAY_HACK_MSG="no"
44839801 2653 AC_ARG_WITH(ipaddr-display,
2654 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2655 [
2656 if test "x$withval" != "xno" ; then
2657 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2658 DISPLAY_HACK_MSG="yes"
44839801 2659 fi
2660 ]
2661 )
2662fi
a7effaac 2663
95b99395 2664# check for /etc/default/login and use it if present.
daa41e62 2665AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2666 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2667 [ if test "x$enableval" = "xno"; then
2668 AC_MSG_NOTICE([/etc/default/login handling disabled])
2669 etc_default_login=no
2670 else
2671 etc_default_login=yes
2672 fi ],
2673 [ etc_default_login=yes ]
2674)
95b99395 2675
694d0cef 2676if test "x$etc_default_login" != "xno"; then
2677 AC_CHECK_FILE("/etc/default/login",
2678 [ external_path_file=/etc/default/login ])
479cece8 2679 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2680 then
1a01a50c 2681 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2682 elif test "x$external_path_file" = "x/etc/default/login"; then
2683 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2684 fi
694d0cef 2685fi
95b99395 2686
8d184c09 2687dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 2688if test $ac_cv_func_login_getcapbool = "yes" && \
2689 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2690 external_path_file=/etc/login.conf
8d184c09 2691fi
95b99395 2692
a0391976 2693# Whether to mess with the default path
aff51935 2694SERVER_PATH_MSG="(default)"
c43d69a9 2695AC_ARG_WITH(default-path,
75817f90 2696 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2697 [
95b99395 2698 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2699 AC_MSG_WARN([
2700--with-default-path=PATH has no effect on this system.
2701Edit /etc/login.conf instead.])
2702 elif test "x$withval" != "xno" ; then
89bbd457 2703 if test ! -z "$external_path_file" ; then
95b99395 2704 AC_MSG_WARN([
2705--with-default-path=PATH will only be used if PATH is not defined in
2706$external_path_file .])
2707 fi
b2d818e6 2708 user_path="$withval"
aff51935 2709 SERVER_PATH_MSG="$withval"
cb807f40 2710 fi
b2d818e6 2711 ],
95b99395 2712 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2713 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2714 else
89bbd457 2715 if test ! -z "$external_path_file" ; then
95b99395 2716 AC_MSG_WARN([
2717If PATH is defined in $external_path_file, ensure the path to scp is included,
2718otherwise scp will not work.])
2719 fi
2720 AC_TRY_RUN(
2721 [
b2d818e6 2722/* find out what STDPATH is */
2723#include <stdio.h>
b2d818e6 2724#ifdef HAVE_PATHS_H
2725# include <paths.h>
2726#endif
2727#ifndef _PATH_STDPATH
d9a4e55b 2728# ifdef _PATH_USERPATH /* Irix */
2729# define _PATH_STDPATH _PATH_USERPATH
2730# else
2731# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2732# endif
b2d818e6 2733#endif
2734#include <sys/types.h>
2735#include <sys/stat.h>
2736#include <fcntl.h>
2737#define DATA "conftest.stdpath"
2738
2739main()
2740{
2741 FILE *fd;
2742 int rc;
2743
2744 fd = fopen(DATA,"w");
2745 if(fd == NULL)
2746 exit(1);
2747
2748 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2749 exit(1);
2750
2751 exit(0);
2752}
2753 ], [ user_path=`cat conftest.stdpath` ],
2754 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2755 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2756 )
2757# make sure $bindir is in USER_PATH so scp will work
2758 t_bindir=`eval echo ${bindir}`
2759 case $t_bindir in
2760 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2761 esac
2762 case $t_bindir in
2763 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2764 esac
2765 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2766 if test $? -ne 0 ; then
2767 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2768 if test $? -ne 0 ; then
2769 user_path=$user_path:$t_bindir
2770 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2771 fi
2772 fi
8d184c09 2773 fi ]
cb807f40 2774)
95b99395 2775if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 2776 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2777 AC_SUBST(user_path)
2778fi
cb807f40 2779
06617857 2780# Set superuser path separately to user path
06617857 2781AC_ARG_WITH(superuser-path,
2782 [ --with-superuser-path= Specify different path for super-user],
2783 [
2784 if test "x$withval" != "xno" ; then
2785 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2786 superuser_path=$withval
2787 fi
2788 ]
2789)
2790
2791
58d100bf 2792AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 2793IPV4_IN6_HACK_MSG="no"
80faa19f 2794AC_ARG_WITH(4in6,
2795 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2796 [
2797 if test "x$withval" != "xno" ; then
2798 AC_MSG_RESULT(yes)
2799 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2800 IPV4_IN6_HACK_MSG="yes"
80faa19f 2801 else
2802 AC_MSG_RESULT(no)
2803 fi
2804 ],[
2805 if test "x$inet6_default_4in6" = "xyes"; then
2806 AC_MSG_RESULT([yes (default)])
2807 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2808 IPV4_IN6_HACK_MSG="yes"
80faa19f 2809 else
2810 AC_MSG_RESULT([no (default)])
2811 fi
2812 ]
2813)
2814
af774732 2815# Whether to enable BSD auth support
f1b0ecc3 2816BSD_AUTH_MSG=no
af774732 2817AC_ARG_WITH(bsd-auth,
2818 [ --with-bsd-auth Enable BSD auth support],
2819 [
2820 if test "x$withval" != "xno" ; then
2821 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2822 BSD_AUTH_MSG=yes
af774732 2823 fi
2824 ]
2825)
2826
a0391976 2827# Where to place sshd.pid
19d9ac2a 2828piddir=/var/run
81dadca3 2829# make sure the directory exists
2830if test ! -d $piddir ; then
2831 piddir=`eval echo ${sysconfdir}`
2832 case $piddir in
aff51935 2833 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 2834 esac
2835fi
2836
47e45e44 2837AC_ARG_WITH(pid-dir,
2838 [ --with-pid-dir=PATH Specify location of ssh.pid file],
2839 [
2840 if test "x$withval" != "xno" ; then
19d9ac2a 2841 piddir=$withval
81dadca3 2842 if test ! -d $piddir ; then
2843 AC_MSG_WARN([** no $piddir directory on this system **])
2844 fi
47e45e44 2845 fi
2846 ]
2847)
b7a87eea 2848
42f11eb2 2849AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 2850AC_SUBST(piddir)
47e45e44 2851
1d7b9b20 2852dnl allow user to disable some login recording features
2853AC_ARG_ENABLE(lastlog,
bfd550a2 2854 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 2855 [
2856 if test "x$enableval" = "xno" ; then
2857 AC_DEFINE(DISABLE_LASTLOG)
2858 fi
2859 ]
1d7b9b20 2860)
2861AC_ARG_ENABLE(utmp,
bfd550a2 2862 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 2863 [
2864 if test "x$enableval" = "xno" ; then
2865 AC_DEFINE(DISABLE_UTMP)
2866 fi
2867 ]
1d7b9b20 2868)
2869AC_ARG_ENABLE(utmpx,
bfd550a2 2870 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 2871 [
2872 if test "x$enableval" = "xno" ; then
2873 AC_DEFINE(DISABLE_UTMPX)
2874 fi
2875 ]
1d7b9b20 2876)
2877AC_ARG_ENABLE(wtmp,
bfd550a2 2878 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 2879 [
2880 if test "x$enableval" = "xno" ; then
2881 AC_DEFINE(DISABLE_WTMP)
2882 fi
2883 ]
1d7b9b20 2884)
2885AC_ARG_ENABLE(wtmpx,
bfd550a2 2886 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 2887 [
2888 if test "x$enableval" = "xno" ; then
2889 AC_DEFINE(DISABLE_WTMPX)
2890 fi
2891 ]
1d7b9b20 2892)
2893AC_ARG_ENABLE(libutil,
bfd550a2 2894 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 2895 [
2896 if test "x$enableval" = "xno" ; then
2897 AC_DEFINE(DISABLE_LOGIN)
2898 fi
2899 ]
1d7b9b20 2900)
2901AC_ARG_ENABLE(pututline,
bfd550a2 2902 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 2903 [
2904 if test "x$enableval" = "xno" ; then
aff51935 2905 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 2906 fi
2907 ]
1d7b9b20 2908)
2909AC_ARG_ENABLE(pututxline,
bfd550a2 2910 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 2911 [
2912 if test "x$enableval" = "xno" ; then
2913 AC_DEFINE(DISABLE_PUTUTXLINE)
2914 fi
2915 ]
1d7b9b20 2916)
2917AC_ARG_WITH(lastlog,
bfd550a2 2918 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 2919 [
2920 if test "x$withval" = "xno" ; then
2921 AC_DEFINE(DISABLE_LASTLOG)
2922 else
2923 conf_lastlog_location=$withval
2924 fi
2925 ]
2926)
1d7b9b20 2927
2928dnl lastlog, [uw]tmpx? detection
2929dnl NOTE: set the paths in the platform section to avoid the
2930dnl need for command-line parameters
2931dnl lastlog and [uw]tmp are subject to a file search if all else fails
2932
2933dnl lastlog detection
2934dnl NOTE: the code itself will detect if lastlog is a directory
2935AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2936AC_TRY_COMPILE([
2937#include <sys/types.h>
2938#include <utmp.h>
2939#ifdef HAVE_LASTLOG_H
2940# include <lastlog.h>
2941#endif
d7c0f3d5 2942#ifdef HAVE_PATHS_H
1d7b9b20 2943# include <paths.h>
41cb4569 2944#endif
2945#ifdef HAVE_LOGIN_H
2946# include <login.h>
1d7b9b20 2947#endif
2948 ],
2949 [ char *lastlog = LASTLOG_FILE; ],
2950 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 2951 [
2952 AC_MSG_RESULT(no)
2953 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2954 AC_TRY_COMPILE([
2955#include <sys/types.h>
2956#include <utmp.h>
2957#ifdef HAVE_LASTLOG_H
2958# include <lastlog.h>
2959#endif
2960#ifdef HAVE_PATHS_H
2961# include <paths.h>
2962#endif
2963 ],
2964 [ char *lastlog = _PATH_LASTLOG; ],
2965 [ AC_MSG_RESULT(yes) ],
2966 [
f282b668 2967 AC_MSG_RESULT(no)
d7c0f3d5 2968 system_lastlog_path=no
2969 ])
2970 ]
1d7b9b20 2971)
d7c0f3d5 2972
1d7b9b20 2973if test -z "$conf_lastlog_location"; then
2974 if test x"$system_lastlog_path" = x"no" ; then
2975 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 2976 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 2977 conf_lastlog_location=$f
2978 fi
2979 done
2980 if test -z "$conf_lastlog_location"; then
f8119cef 2981 AC_MSG_WARN([** Cannot find lastlog **])
2982 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 2983 fi
2984 fi
2985fi
2986
2987if test -n "$conf_lastlog_location"; then
2988 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
2989fi
2990
2991dnl utmp detection
2992AC_MSG_CHECKING([if your system defines UTMP_FILE])
2993AC_TRY_COMPILE([
2994#include <sys/types.h>
2995#include <utmp.h>
d7c0f3d5 2996#ifdef HAVE_PATHS_H
1d7b9b20 2997# include <paths.h>
2998#endif
2999 ],
3000 [ char *utmp = UTMP_FILE; ],
3001 [ AC_MSG_RESULT(yes) ],
3002 [ AC_MSG_RESULT(no)
3003 system_utmp_path=no ]
3004)
3005if test -z "$conf_utmp_location"; then
3006 if test x"$system_utmp_path" = x"no" ; then
3007 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3008 if test -f $f ; then
3009 conf_utmp_location=$f
3010 fi
3011 done
3012 if test -z "$conf_utmp_location"; then
3013 AC_DEFINE(DISABLE_UTMP)
3014 fi
3015 fi
3016fi
3017if test -n "$conf_utmp_location"; then
3018 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
3019fi
3020
3021dnl wtmp detection
3022AC_MSG_CHECKING([if your system defines WTMP_FILE])
3023AC_TRY_COMPILE([
3024#include <sys/types.h>
3025#include <utmp.h>
d7c0f3d5 3026#ifdef HAVE_PATHS_H
1d7b9b20 3027# include <paths.h>
3028#endif
3029 ],
3030 [ char *wtmp = WTMP_FILE; ],
3031 [ AC_MSG_RESULT(yes) ],
3032 [ AC_MSG_RESULT(no)
3033 system_wtmp_path=no ]
3034)
3035if test -z "$conf_wtmp_location"; then
3036 if test x"$system_wtmp_path" = x"no" ; then
3037 for f in /usr/adm/wtmp /var/log/wtmp; do
3038 if test -f $f ; then
3039 conf_wtmp_location=$f
3040 fi
3041 done
3042 if test -z "$conf_wtmp_location"; then
3043 AC_DEFINE(DISABLE_WTMP)
3044 fi
3045 fi
3046fi
3047if test -n "$conf_wtmp_location"; then
3048 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
3049fi
3050
3051
3052dnl utmpx detection - I don't know any system so perverse as to require
3053dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3054dnl there, though.
3055AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3056AC_TRY_COMPILE([
3057#include <sys/types.h>
3058#include <utmp.h>
3059#ifdef HAVE_UTMPX_H
3060#include <utmpx.h>
3061#endif
d7c0f3d5 3062#ifdef HAVE_PATHS_H
1d7b9b20 3063# include <paths.h>
3064#endif
3065 ],
3066 [ char *utmpx = UTMPX_FILE; ],
3067 [ AC_MSG_RESULT(yes) ],
3068 [ AC_MSG_RESULT(no)
3069 system_utmpx_path=no ]
3070)
3071if test -z "$conf_utmpx_location"; then
3072 if test x"$system_utmpx_path" = x"no" ; then
3073 AC_DEFINE(DISABLE_UTMPX)
3074 fi
3075else
3076 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
3077fi
3078
3079dnl wtmpx detection
3080AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3081AC_TRY_COMPILE([
3082#include <sys/types.h>
3083#include <utmp.h>
3084#ifdef HAVE_UTMPX_H
3085#include <utmpx.h>
3086#endif
d7c0f3d5 3087#ifdef HAVE_PATHS_H
1d7b9b20 3088# include <paths.h>
3089#endif
3090 ],
3091 [ char *wtmpx = WTMPX_FILE; ],
3092 [ AC_MSG_RESULT(yes) ],
3093 [ AC_MSG_RESULT(no)
3094 system_wtmpx_path=no ]
3095)
3096if test -z "$conf_wtmpx_location"; then
3097 if test x"$system_wtmpx_path" = x"no" ; then
3098 AC_DEFINE(DISABLE_WTMPX)
3099 fi
3100else
3101 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
3102fi
3103
b7a87eea 3104
bd499f9e 3105if test ! -z "$blibpath" ; then
68ece370 3106 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3107 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3108fi
3109
ddceb1c8 3110dnl remove pam and dl because they are in $LIBPAM
3111if test "$PAM_MSG" = yes ; then
98f2d9d5 3112 LIBS=`echo $LIBS | sed 's/-lpam //'`
3113fi
3114if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3115 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3116fi
3117
3c62e7eb 3118AC_EXEEXT
d7cfdd7c 3119AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3120 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3121AC_OUTPUT
d3083fbd 3122
cbd7492e 3123# Print summary of options
3124
cbd7492e 3125# Someone please show me a better way :)
3126A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3127B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3128C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3129D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3130E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3131F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3132G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3133H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3134I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3135J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3136
3137echo ""
26de7942 3138echo "OpenSSH has been configured with the following options:"
ecac8ee5 3139echo " User binaries: $B"
3140echo " System binaries: $C"
3141echo " Configuration files: $D"
3142echo " Askpass program: $E"
3143echo " Manual pages: $F"
3144echo " PID file: $G"
3145echo " Privilege separation chroot path: $H"
95b99395 3146if test "x$external_path_file" = "x/etc/login.conf" ; then
3147echo " At runtime, sshd will use the path defined in $external_path_file"
3148echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3149else
ecac8ee5 3150echo " sshd default user PATH: $I"
89bbd457 3151 if test ! -z "$external_path_file"; then
95b99395 3152echo " (If PATH is set in $external_path_file it will be used instead. If"
3153echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3154 fi
8d184c09 3155fi
06617857 3156if test ! -z "$superuser_path" ; then
ecac8ee5 3157echo " sshd superuser user PATH: $J"
3158fi
3159echo " Manpage format: $MANTYPE"
3e05e934 3160echo " PAM support: $PAM_MSG"
ecac8ee5 3161echo " KerberosV support: $KRB5_MSG"
3162echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3163echo " S/KEY support: $SKEY_MSG"
3164echo " TCP Wrappers support: $TCPW_MSG"
3165echo " MD5 password support: $MD5_MSG"
59031773 3166echo " libedit support: $LIBEDIT_MSG"
3deb1408 3167echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3168echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3169echo " BSD Auth support: $BSD_AUTH_MSG"
3170echo " Random number source: $RAND_MSG"
f1b0ecc3 3171if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3172echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3173fi
3174
cbd7492e 3175echo ""
3176
0c2fb82f 3177echo " Host: ${host}"
3178echo " Compiler: ${CC}"
3179echo " Compiler flags: ${CFLAGS}"
3180echo "Preprocessor flags: ${CPPFLAGS}"
3181echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3182echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3183
3184echo ""
3185
9cefe228 3186if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3187 echo "SVR4 style packages are supported with \"make package\""
3188 echo ""
9cefe228 3189fi
3190
adeebd37 3191if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3192 echo "PAM is enabled. You may need to install a PAM control file "
3193 echo "for sshd, otherwise password authentication may fail. "
aff51935 3194 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3195 echo "subdirectory"
adeebd37 3196 echo ""
3197fi
3198
f1b0ecc3 3199if test ! -z "$RAND_HELPER_CMDHASH" ; then
3200 echo "WARNING: you are using the builtin random number collection "
3201 echo "service. Please read WARNING.RNG and request that your OS "
3202 echo "vendor includes kernel-based random number collection in "
3203 echo "future versions of your OS."
2c523de9 3204 echo ""
3205fi
af774732 3206
2f6f9cff 3207if test ! -z "$NO_PEERCHECK" ; then
3208 echo "WARNING: the operating system that you are using does not "
3209 echo "appear to support either the getpeereid() API nor the "
3210 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3211 echo "enforce security checks to prevent unauthorised connections to "
3212 echo "ssh-agent. Their absence increases the risk that a malicious "
3213 echo "user can connect to your agent. "
3214 echo ""
3215fi
3216
7b578f7d 3217if test "$AUDIT_MODULE" = "bsm" ; then
3218 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3219 echo "See the Solaris section in README.platform for details."
3220fi
git-cvsimport mirror of OpenSSH
This page took 0.81812 seconds and 5 git commands to generate.