]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
b5902374 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
cd595991 112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
b55b0285 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
caa21240 127 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 128 # and/or platforms, so we test if we can. If it's not supported
53e2660a 129 # on a given platform gcc will emit a warning so we use -Werror.
caa21240 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
23c5c479 132 AC_MSG_CHECKING(if $CC supports $t)
caa21240 133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
23c5c479 135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
53e2660a 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
23c5c479 141 ])],
caa21240 142 [ AC_MSG_RESULT(yes)
23c5c479 143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
caa21240 145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
53e2660a 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
caa21240 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
23c5c479 156 )
caa21240 157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
eb5a7224 164
dfafb2e1 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
d423d822 176fi
177
0b9fdeb8 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
e6354014 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
82f4e93d 185 if test "x$withval" = "xno" ; then
e6354014 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
aa56f760 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
6d39a5c4 265 poll.h \
aa56f760 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
4538e135 282 sys/mount.h \
aa56f760 283 sys/ndir.h \
8aa5db7d 284 sys/poll.h \
aa56f760 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
4538e135 292 sys/statvfs.h \
aa56f760 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
40701614 300 ucred.h \
aa56f760 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
5b84789f 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
a0391976 333# Check for some target-specific stuff
a7effaac 334case "$host" in
9d6b1b96 335*-*-aix*)
25a2779b 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
aff51935 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 358 if (test -z "$blibpath"); then
0a15d73b 359 blibpath="/usr/lib:/lib"
68ece370 360 fi
361 saved_LDFLAGS="$LDFLAGS"
e7479666 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
68ece370 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
bd499f9e 378 fi
68ece370 379 LDFLAGS="$saved_LDFLAGS"
e351e493 380 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
0764e748 383 [AC_CHECK_LIB(s,authenticate,
e351e493 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 385 LIBS="$LIBS -ls"
386 ])
387 ])
ba603e06 388 dnl Check for various auth function declarations in headers.
c85ed8e2 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 392 AC_CHECK_DECLS(loginfailed,
e351e493 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
f58c0e01 395 [#include <usersec.h>],
e351e493 396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
3466e002 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 401 [AC_MSG_RESULT(no)]
e351e493 402 )],
403 [],
404 [#include <usersec.h>]
405 )
533a78f0 406 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 407 AC_CHECK_DECL(F_CLOSEM,
795e7517 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
5ccf88cb 413 check_for_aix_broken_getaddrinfo=1
3466e002 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 419 dnl AIX handles lastlog as part of its login message
3466e002 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
961c2997 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 429 ;;
3c62e7eb 430*-*-cygwin*)
a52997bd 431 check_for_libcrypt_later=1
04765d02 432 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
437 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
438 [Define if your system choked on IP TOS setting])
439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
440 [Define if X11 doesn't support AF_UNIX sockets on that system])
441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
442 [Define if the concept of ports only accessible to
443 superusers isn't known])
444 AC_DEFINE(DISABLE_FD_PASSING, 1,
445 [Define if your platform needs to skip post auth
446 file descriptor passing])
3c62e7eb 447 ;;
d6fdb079 448*-*-dgux*)
449 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 450 AC_DEFINE(SETEUID_BREAKS_SETUID)
451 AC_DEFINE(BROKEN_SETREUID)
452 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 453 ;;
39c98ef7 454*-*-darwin*)
33e2e066 455 AC_MSG_CHECKING(if we have working getaddrinfo)
456 AC_TRY_RUN([#include <mach-o/dyld.h>
457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
458 exit(0);
459 else
460 exit(1);
461}], [AC_MSG_RESULT(working)],
462 [AC_MSG_RESULT(buggy)
3466e002 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 464 [AC_MSG_RESULT(assume it is working)])
635e0c42 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
470 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
473 [Use tunnel device compatibility to OpenBSD])
474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
475 [Prepend the address family to IP tunnel traffic])
a74e9b64 476 m4_pattern_allow(AU_IPv)
477 AC_CHECK_DECL(AU_IPv4, [],
478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
479 [#include <bsm/audit.h>]
295dd642 480 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1,
481 [Define if pututxline updates lastlog too])
a74e9b64 482 )
39c98ef7 483 ;;
36f36ba3 484*-*-dragonfly*)
485 SSHDLIBS="$SSHDLIBS -lcrypt"
486 ;;
7d458c86 487*-*-hpux*)
488 # first we define all of the options common to all HP-UX releases
b8fea62d 489 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 490 IPADDR_IN_DISPLAY=yes
2b10f47a 491 AC_DEFINE(USE_PIPES)
3466e002 492 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
493 [Define if your login program cannot handle end of options ("--")])
a2572aa7 494 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 495 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
496 [String used in /etc/passwd to denote locked account])
3a2b2b44 497 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 498 MAIL="/var/mail/username"
f75ca46d 499 LIBS="$LIBS -lsec"
7d458c86 500 AC_CHECK_LIB(xnet, t_error, ,
501 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
502
503 # next, we define all of the options specific to major releases
504 case "$host" in
505 *-*-hpux10*)
506 if test -z "$GCC"; then
507 CFLAGS="$CFLAGS -Ae"
508 fi
509 ;;
510 *-*-hpux11*)
3466e002 511 AC_DEFINE(PAM_SUN_CODEBASE, 1,
512 [Define if you are using Solaris-derived PAM which
513 passes pam_messages to the conversation function
514 with an extra level of indirection])
515 AC_DEFINE(DISABLE_UTMP, 1,
516 [Define if you don't want to use utmp])
7d458c86 517 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
518 check_for_hpux_broken_getaddrinfo=1
519 check_for_conflicting_getspnam=1
520 ;;
521 esac
522
523 # lastly, we define options specific to minor releases
524 case "$host" in
525 *-*-hpux10.26)
3466e002 526 AC_DEFINE(HAVE_SECUREWARE, 1,
527 [Define if you have SecureWare-based
528 protected password database])
7d458c86 529 disable_ptmx_check=yes
530 LIBS="$LIBS -lsecpw"
531 ;;
532 esac
2b763e31 533 ;;
d94aa2ae 534*-*-irix5*)
6ac7829a 535 PATH="$PATH:/usr/etc"
3466e002 536 AC_DEFINE(BROKEN_INET_NTOA, 1,
537 [Define if you system's inet_ntoa is busted
538 (e.g. Irix gcc issue)])
cb433561 539 AC_DEFINE(SETEUID_BREAKS_SETUID)
540 AC_DEFINE(BROKEN_SETREUID)
541 AC_DEFINE(BROKEN_SETREGID)
3466e002 542 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
543 [Define if you shouldn't strip 'tty' from your
544 ttyname in [uw]tmp])
3e6e3da0 545 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 546 ;;
547*-*-irix6*)
6ac7829a 548 PATH="$PATH:/usr/etc"
3466e002 549 AC_DEFINE(WITH_IRIX_ARRAY, 1,
550 [Define if you have/want arrays
551 (cluster-wide session managment, not C arrays)])
552 AC_DEFINE(WITH_IRIX_PROJECT, 1,
553 [Define if you want IRIX project management])
554 AC_DEFINE(WITH_IRIX_AUDIT, 1,
555 [Define if you want IRIX audit trails])
556 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
557 [Define if you want IRIX kernel jobs])])
416ed5a7 558 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 559 AC_DEFINE(SETEUID_BREAKS_SETUID)
560 AC_DEFINE(BROKEN_SETREUID)
561 AC_DEFINE(BROKEN_SETREGID)
3466e002 562 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 563 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 564 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 565 ;;
4c3b7423 566*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu)
567 check_for_libcrypt_later=1
568 AC_DEFINE(PAM_TTY_KLUDGE)
569 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
570 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
571 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
572 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
573 ;;
5cdfe03f 574*-*-linux*)
575 no_dev_ptmx=1
717057b6 576 check_for_libcrypt_later=1
eacb954e 577 check_for_openpty_ctty_bug=1
3466e002 578 AC_DEFINE(PAM_TTY_KLUDGE, 1,
579 [Work around problematic Linux PAM modules handling of PAM_TTY])
580 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
581 [String used in /etc/passwd to denote locked account])
3a2b2b44 582 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 583 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
584 [Define to whatever link() returns for "not supported"
585 if it doesn't return EOPNOTSUPP.])
b6610e8f 586 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 587 AC_DEFINE(USE_BTMP)
80faa19f 588 inet6_default_4in6=yes
bf7c1e6c 589 case `uname -r` in
ad84c479 590 1.*|2.0.*)
3466e002 591 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
592 [Define if cmsg_type is not passed correctly])
bf7c1e6c 593 ;;
bf7c1e6c 594 esac
c40f09ca 595 # tun(4) forwarding compat code
d91775e1 596 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 597 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 598 AC_DEFINE(SSH_TUN_LINUX, 1,
599 [Open tunnel devices the Linux tun/tap way])
600 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
601 [Use tunnel device compatibility to OpenBSD])
602 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
603 [Prepend the address family to IP tunnel traffic])
604 fi
5cdfe03f 605 ;;
66d6c27e 606mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 607 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 608 SONY=1
66d6c27e 609 ;;
d468fc76 610*-*-netbsd*)
33e2e066 611 check_for_libcrypt_before=1
82f4e93d 612 if test "x$withval" != "xno" ; then
e6354014 613 need_dash_r=1
614 fi
0f6cb079 615 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
616 AC_CHECK_HEADER([net/if_tap.h], ,
617 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
618 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
619 [Prepend the address family to IP tunnel traffic])
d468fc76 620 ;;
86b416a7 621*-*-freebsd*)
622 check_for_libcrypt_later=1
988c5031 623 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 624 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
625 AC_CHECK_HEADER([net/if_tap.h], ,
626 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 627 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 628 ;;
8707b7eb 629*-*-bsdi*)
630 AC_DEFINE(SETEUID_BREAKS_SETUID)
631 AC_DEFINE(BROKEN_SETREUID)
632 AC_DEFINE(BROKEN_SETREGID)
633 ;;
729bfe59 634*-next-*)
729bfe59 635 conf_lastlog_location="/usr/adm/lastlog"
698d107e 636 conf_utmp_location=/etc/utmp
637 conf_wtmp_location=/usr/adm/wtmp
638 MAIL=/usr/spool/mail
3466e002 639 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 640 AC_DEFINE(BROKEN_REALPATH)
00937921 641 AC_DEFINE(USE_PIPES)
3466e002 642 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 643 ;;
5b7b5e23 644*-*-openbsd*)
645 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 646 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 647 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 648 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
649 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 650 ;;
9d6b1b96 651*-*-solaris*)
82f4e93d 652 if test "x$withval" != "xno" ; then
010e9d5b 653 need_dash_r=1
654 fi
adeebd37 655 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 656 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 657 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
658 [Some versions of /bin/login need the TERM supplied
659 on the commandline])
7f0a4ff1 660 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 661 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
662 [Define if pam_chauthtok wants real uid set
663 to the unpriv'ed user])
3e6e3da0 664 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 665 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 666 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
667 [Define if sshd somehow reacquires a controlling TTY
668 after setsid()])
795aa5f5 669 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
670 in case the name is longer than 8 chars])
95b99395 671 external_path_file=/etc/default/login
1d7b9b20 672 # hardwire lastlog location (can't detect it on some versions)
673 conf_lastlog_location="/var/adm/lastlog"
32c80420 674 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
675 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
676 if test "$sol2ver" -ge 8; then
677 AC_MSG_RESULT(yes)
678 AC_DEFINE(DISABLE_UTMP)
3466e002 679 AC_DEFINE(DISABLE_WTMP, 1,
680 [Define if you don't want to use wtmp])
32c80420 681 else
682 AC_MSG_RESULT(no)
683 fi
5b84789f 684 AC_ARG_WITH(solaris-contracts,
685 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
686 [
687 AC_CHECK_LIB(contract, ct_tmpl_activate,
688 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
689 [Define if you have Solaris process contracts])
690 SSHDLIBS="$SSHDLIBS -lcontract"
691 AC_SUBST(SSHDLIBS)
692 SPC_MSG="yes" ], )
693 ],
694 )
9d6b1b96 695 ;;
a423beaf 696*-*-sunos4*)
0c2fb82f 697 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 698 AC_CHECK_FUNCS(getpwanam)
adeebd37 699 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 700 conf_utmp_location=/etc/utmp
701 conf_wtmp_location=/var/adm/wtmp
702 conf_lastlog_location=/var/adm/lastlog
137d7b6c 703 AC_DEFINE(USE_PIPES)
a423beaf 704 ;;
6f68f28a 705*-ncr-sysv*)
98a7c37b 706 LIBS="$LIBS -lc89"
29525240 707 AC_DEFINE(USE_PIPES)
eabb99c6 708 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 709 AC_DEFINE(SETEUID_BREAKS_SETUID)
710 AC_DEFINE(BROKEN_SETREUID)
711 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 712 ;;
132dd316 713*-sni-sysv*)
c8c15bcb 714 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 715 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 716 # -lresolv needs to be at the end of LIBS or DNS lookups break
717 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 718 IPADDR_IN_DISPLAY=yes
719 AC_DEFINE(USE_PIPES)
132dd316 720 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 721 AC_DEFINE(SETEUID_BREAKS_SETUID)
722 AC_DEFINE(BROKEN_SETREUID)
723 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 724 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 725 external_path_file=/etc/default/login
c8c15bcb 726 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
727 # Attention: always take care to bind libsocket and libnsl before libc,
728 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 729 ;;
79a7ba96 730# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 731*-*-sysv4.2*)
ed6553e2 732 AC_DEFINE(USE_PIPES)
7ed101c0 733 AC_DEFINE(SETEUID_BREAKS_SETUID)
734 AC_DEFINE(BROKEN_SETREUID)
735 AC_DEFINE(BROKEN_SETREGID)
46f853b9 736 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 737 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 738 ;;
79a7ba96 739# UnixWare 7.x, OpenUNIX 8
77bb0bca 740*-*-sysv5*)
d7d2cc6e 741 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 742 AC_DEFINE(USE_PIPES)
7ed101c0 743 AC_DEFINE(SETEUID_BREAKS_SETUID)
744 AC_DEFINE(BROKEN_SETREUID)
745 AC_DEFINE(BROKEN_SETREGID)
3466e002 746 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 747 case "$host" in
748 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
749 TEST_SHELL=/u95/bin/sh
3466e002 750 AC_DEFINE(BROKEN_LIBIAF, 1,
751 [ia_uinfo routines not supported by OS yet])
5cc6ddad 752 AC_DEFINE(BROKEN_UPDWTMPX)
16076ac9 753 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
754 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
755 AC_DEFINE(HAVE_SECUREWARE)
756 AC_DEFINE(DISABLE_SHADOW)
757 ],,)
822015dd 758 ;;
e45da4d6 759 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
44a71983 760 check_for_libcrypt_later=1
e45da4d6 761 ;;
822015dd 762 esac
77bb0bca 763 ;;
9d6b1b96 764*-*-sysv*)
9d6b1b96 765 ;;
79a7ba96 766# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 767*-*-sco3.2v4*)
11cf4f1f 768 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 769 ;;
79a7ba96 770# SCO OpenServer 5.x
77bb0bca 771*-*-sco3.2v5*)
21710e39 772 if test -z "$GCC"; then
773 CFLAGS="$CFLAGS -belf"
774 fi
ed6553e2 775 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 776 no_dev_ptmx=1
ed6553e2 777 AC_DEFINE(USE_PIPES)
6e879cb4 778 AC_DEFINE(HAVE_SECUREWARE)
d287c664 779 AC_DEFINE(DISABLE_SHADOW)
94d8258b 780 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 781 AC_DEFINE(SETEUID_BREAKS_SETUID)
782 AC_DEFINE(BROKEN_SETREUID)
783 AC_DEFINE(BROKEN_SETREGID)
bcebad47 784 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 785 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 786 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 787 AC_CHECK_FUNCS(getluid setluid)
533875af 788 MANTYPE=man
a3245b92 789 TEST_SHELL=ksh
509b1f88 790 ;;
ccbb983c 791*-*-unicosmk*)
3466e002 792 AC_DEFINE(NO_SSH_LASTLOG, 1,
793 [Define if you don't want to use lastlog in session.c])
c1ad5966 794 AC_DEFINE(SETEUID_BREAKS_SETUID)
795 AC_DEFINE(BROKEN_SETREUID)
796 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 797 AC_DEFINE(USE_PIPES)
798 AC_DEFINE(DISABLE_FD_PASSING)
799 LDFLAGS="$LDFLAGS"
800 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
801 MANTYPE=cat
d262b7f2 802 ;;
7b9a8c6e 803*-*-unicosmp*)
c1ad5966 804 AC_DEFINE(SETEUID_BREAKS_SETUID)
805 AC_DEFINE(BROKEN_SETREUID)
806 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 807 AC_DEFINE(WITH_ABBREV_NO_TTY)
808 AC_DEFINE(USE_PIPES)
809 AC_DEFINE(DISABLE_FD_PASSING)
810 LDFLAGS="$LDFLAGS"
c1ad5966 811 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 812 MANTYPE=cat
813 ;;
ca5c7d6a 814*-*-unicos*)
c1ad5966 815 AC_DEFINE(SETEUID_BREAKS_SETUID)
816 AC_DEFINE(BROKEN_SETREUID)
817 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 818 AC_DEFINE(USE_PIPES)
94d8258b 819 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 820 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 821 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
822 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
823 MANTYPE=cat
a704dd54 824 ;;
4d33e531 825*-dec-osf*)
99c8ddac 826 AC_MSG_CHECKING(for Digital Unix SIA)
827 no_osfsia=""
828 AC_ARG_WITH(osfsia,
829 [ --with-osfsia Enable Digital Unix SIA],
830 [
831 if test "x$withval" = "xno" ; then
832 AC_MSG_RESULT(disabled)
833 no_osfsia=1
834 fi
835 ],
836 )
837 if test -z "$no_osfsia" ; then
4d33e531 838 if test -f /etc/sia/matrix.conf; then
839 AC_MSG_RESULT(yes)
3466e002 840 AC_DEFINE(HAVE_OSF_SIA, 1,
841 [Define if you have Digital Unix Security
842 Integration Architecture])
843 AC_DEFINE(DISABLE_LOGIN, 1,
844 [Define if you don't want to use your
845 system's login() call])
58d0df4e 846 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 847 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 848 SIA_MSG="yes"
4d33e531 849 else
850 AC_MSG_RESULT(no)
3466e002 851 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
852 [String used in /etc/passwd to denote locked account])
4d33e531 853 fi
854 fi
a6e67b60 855 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 856 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 857 AC_DEFINE(BROKEN_SETREUID)
858 AC_DEFINE(BROKEN_SETREGID)
6ed8a3ae 859 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
4d33e531 860 ;;
41cb4569 861
9c54c067 862*-*-nto-qnx*)
41cb4569 863 AC_DEFINE(USE_PIPES)
864 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 865 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
866 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
867 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 868 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 869 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 870 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 871 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 872 case "$host" in
873 *-*-nto-qnx6*)
874 AC_DEFINE(DISABLE_FD_PASSING)
875 ;;
876 esac
41cb4569 877 ;;
35fc74ed 878
879*-*-ultrix*)
3466e002 880 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
881 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 882 AC_DEFINE(NEED_SETPGRP)
b5765e1d 883 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
884 ;;
157b6700 885
886*-*-lynxos)
887 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 888 AC_DEFINE(MISSING_HOWMANY)
157b6700 889 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
890 ;;
a7effaac 891esac
892
c5829391 893AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 894AC_RUN_IFELSE(
895 [AC_LANG_SOURCE([
c5829391 896#include <stdio.h>
897int main(){exit(0);}
479cece8 898 ])],
c5829391 899 [ AC_MSG_RESULT(yes) ],
900 [
901 AC_MSG_RESULT(no)
902 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 903 ],
904 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 905)
906
b04a9f8c 907dnl Checks for header files.
a0391976 908# Checks for libraries.
98a7c37b 909AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
910AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 911
446227d6 912dnl IRIX and Solaris 2.5.1 have dirname() in libgen
913AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
914 AC_CHECK_LIB(gen, dirname,[
915 AC_CACHE_CHECK([for broken dirname],
916 ac_cv_have_broken_dirname, [
917 save_LIBS="$LIBS"
918 LIBS="$LIBS -lgen"
b0e7249f 919 AC_RUN_IFELSE(
920 [AC_LANG_SOURCE([[
446227d6 921#include <libgen.h>
922#include <string.h>
923
924int main(int argc, char **argv) {
925 char *s, buf[32];
926
927 strncpy(buf,"/etc", 32);
928 s = dirname(buf);
929 if (!s || strncmp(s, "/", 32) != 0) {
930 exit(1);
931 } else {
932 exit(0);
933 }
934}
b0e7249f 935 ]])],
936 [ ac_cv_have_broken_dirname="no" ],
937 [ ac_cv_have_broken_dirname="yes" ],
446227d6 938 [ ac_cv_have_broken_dirname="no" ],
446227d6 939 )
940 LIBS="$save_LIBS"
941 ])
942 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
943 LIBS="$LIBS -lgen"
944 AC_DEFINE(HAVE_DIRNAME)
945 AC_CHECK_HEADERS(libgen.h)
946 fi
947 ])
948])
949
950AC_CHECK_FUNC(getspnam, ,
951 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 952AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
953 [Define if you have the basename function.]))
446227d6 954
98a7c37b 955dnl zlib is required
956AC_ARG_WITH(zlib,
957 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 958 [ if test "x$withval" = "xno" ; then
959 AC_MSG_ERROR([*** zlib is required ***])
960 elif test "x$withval" != "xyes"; then
98a7c37b 961 if test -d "$withval/lib"; then
962 if test -n "${need_dash_r}"; then
5a162955 963 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 964 else
5a162955 965 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 966 fi
967 else
968 if test -n "${need_dash_r}"; then
5a162955 969 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 970 else
5a162955 971 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 972 fi
973 fi
974 if test -d "$withval/include"; then
5a162955 975 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 976 else
5a162955 977 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 978 fi
6dd05556 979 fi ]
98a7c37b 980)
981
0a15d73b 982AC_CHECK_LIB(z, deflate, ,
983 [
984 saved_CPPFLAGS="$CPPFLAGS"
985 saved_LDFLAGS="$LDFLAGS"
986 save_LIBS="$LIBS"
987 dnl Check default zlib install dir
988 if test -n "${need_dash_r}"; then
989 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
990 else
991 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
992 fi
993 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
994 LIBS="$LIBS -lz"
995 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
996 [
997 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
998 ]
999 )
1000 ]
1001)
4ad65809 1002AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 1003
1004AC_ARG_WITH(zlib-version-check,
1005 [ --without-zlib-version-check Disable zlib version check],
1006 [ if test "x$withval" = "xno" ; then
1007 zlib_check_nonfatal=1
1008 fi
1009 ]
1010)
1011
5c7fc85d 1012AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 1013AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 1014#include <stdio.h>
4ad65809 1015#include <zlib.h>
1016int main()
1017{
5c7fc85d 1018 int a=0, b=0, c=0, d=0, n, v;
1019 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1020 if (n != 3 && n != 4)
4ad65809 1021 exit(1);
5c7fc85d 1022 v = a*1000000 + b*10000 + c*100 + d;
1023 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1024
1025 /* 1.1.4 is OK */
1026 if (a == 1 && b == 1 && c >= 4)
4ad65809 1027 exit(0);
5c7fc85d 1028
0072b59d 1029 /* 1.2.3 and up are OK */
1030 if (v >= 1020300)
5c7fc85d 1031 exit(0);
1032
4ad65809 1033 exit(2);
1034}
479cece8 1035 ]])],
5c7fc85d 1036 AC_MSG_RESULT(no),
1037 [ AC_MSG_RESULT(yes)
8068d564 1038 if test -z "$zlib_check_nonfatal" ; then
1039 AC_MSG_ERROR([*** zlib too old - check config.log ***
1040Your reported zlib version has known security problems. It's possible your
1041vendor has fixed these problems without changing the version number. If you
1042are sure this is the case, you can disable the check by running
1043"./configure --without-zlib-version-check".
6090bcfe 1044If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1045See http://www.gzip.org/zlib/ for details.])
8068d564 1046 else
1047 AC_MSG_WARN([zlib version may have security problems])
1048 fi
1a01a50c 1049 ],
1050 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1051)
48e7916f 1052
2c523de9 1053dnl UnixWare 2.x
aff51935 1054AC_CHECK_FUNC(strcasecmp,
2c523de9 1055 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1056)
23361281 1057AC_CHECK_FUNCS(utimes,
cda1ebcb 1058 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1059 LIBS="$LIBS -lc89"]) ]
2c523de9 1060)
4cca272e 1061
7c6d759d 1062dnl Checks for libutil functions
1063AC_CHECK_HEADERS(libutil.h)
3466e002 1064AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1065 [Define if your libraries define login()])])
b3ef88dc 1066AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1067
a738c3b0 1068AC_FUNC_STRFTIME
1069
84ceda19 1070# Check for ALTDIRFUNC glob() extension
1071AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1072AC_EGREP_CPP(FOUNDIT,
1073 [
1074 #include <glob.h>
1075 #ifdef GLOB_ALTDIRFUNC
1076 FOUNDIT
1077 #endif
aff51935 1078 ],
84ceda19 1079 [
3466e002 1080 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1081 [Define if your system glob() function has
1082 the GLOB_ALTDIRFUNC extension])
84ceda19 1083 AC_MSG_RESULT(yes)
1084 ],
1085 [
1086 AC_MSG_RESULT(no)
1087 ]
1088)
4cca272e 1089
40849fdb 1090# Check for g.gl_matchc glob() extension
1091AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1092AC_TRY_COMPILE(
13ff27b7 1093 [ #include <glob.h> ],
1094 [glob_t g; g.gl_matchc = 1;],
aff51935 1095 [
3466e002 1096 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1097 [Define if your system glob() function has
1098 gl_matchc options in glob_t])
aff51935 1099 AC_MSG_RESULT(yes)
1100 ],
1101 [
1102 AC_MSG_RESULT(no)
1103 ]
40849fdb 1104)
1105
78888bab 1106AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1107
edbe6722 1108AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1109AC_RUN_IFELSE(
479cece8 1110 [AC_LANG_SOURCE([[
edbe6722 1111#include <sys/types.h>
1112#include <dirent.h>
aec4cb4f 1113int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1114 ]])],
aff51935 1115 [AC_MSG_RESULT(yes)],
edbe6722 1116 [
1117 AC_MSG_RESULT(no)
3466e002 1118 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1119 [Define if your struct dirent expects you to
3466e002 1120 allocate extra space for d_name])
1a01a50c 1121 ],
82f4e93d 1122 [
1a01a50c 1123 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1124 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1125 ]
1126)
1127
419e26e7 1128AC_MSG_CHECKING([for /proc/pid/fd directory])
1129if test -d "/proc/$$/fd" ; then
3466e002 1130 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1131 AC_MSG_RESULT(yes)
1132else
1133 AC_MSG_RESULT(no)
1134fi
1135
278588d8 1136# Check whether user wants S/Key support
aff51935 1137SKEY_MSG="no"
278588d8 1138AC_ARG_WITH(skey,
6ff3d0dc 1139 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1140 [
1141 if test "x$withval" != "xno" ; then
1142
1143 if test "x$withval" != "xyes" ; then
1144 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1145 LDFLAGS="$LDFLAGS -L${withval}/lib"
1146 fi
1147
3466e002 1148 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1149 LIBS="-lskey $LIBS"
aff51935 1150 SKEY_MSG="yes"
82f4e93d 1151
ddceb1c8 1152 AC_MSG_CHECKING([for s/key support])
b0e7249f 1153 AC_LINK_IFELSE(
1154 [AC_LANG_SOURCE([[
ddceb1c8 1155#include <stdio.h>
1156#include <skey.h>
aec4cb4f 1157int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1158 ]])],
ddceb1c8 1159 [AC_MSG_RESULT(yes)],
278588d8 1160 [
ddceb1c8 1161 AC_MSG_RESULT(no)
278588d8 1162 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1163 ])
141fc639 1164 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1165 AC_TRY_COMPILE(
1166 [#include <stdio.h>
1167 #include <skey.h>],
1168 [(void)skeychallenge(NULL,"name","",0);],
1169 [AC_MSG_RESULT(yes)
3466e002 1170 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1171 [Define if your skeychallenge()
1172 function takes 4 arguments (NetBSD)])],
141fc639 1173 [AC_MSG_RESULT(no)]
1174 )
278588d8 1175 fi
1176 ]
1177)
1178
1179# Check whether user wants TCP wrappers support
98a7c37b 1180TCPW_MSG="no"
278588d8 1181AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1182 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1183 [
1184 if test "x$withval" != "xno" ; then
1185 saved_LIBS="$LIBS"
98a7c37b 1186 saved_LDFLAGS="$LDFLAGS"
1187 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1188 if test -n "${withval}" && \
6cf0200f 1189 test "x${withval}" != "xyes"; then
98a7c37b 1190 if test -d "${withval}/lib"; then
1191 if test -n "${need_dash_r}"; then
5a162955 1192 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1193 else
5a162955 1194 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1195 fi
1196 else
1197 if test -n "${need_dash_r}"; then
5a162955 1198 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1199 else
5a162955 1200 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1201 fi
1202 fi
1203 if test -d "${withval}/include"; then
5a162955 1204 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1205 else
5a162955 1206 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1207 fi
98a7c37b 1208 fi
e54defb4 1209 LIBS="-lwrap $LIBS"
278588d8 1210 AC_MSG_CHECKING(for libwrap)
1211 AC_TRY_LINK(
1212 [
77f09220 1213#include <sys/types.h>
1214#include <sys/socket.h>
1215#include <netinet/in.h>
278588d8 1216#include <tcpd.h>
1217 int deny_severity = 0, allow_severity = 0;
1218 ],
1219 [hosts_access(0);],
1220 [
1221 AC_MSG_RESULT(yes)
3466e002 1222 AC_DEFINE(LIBWRAP, 1,
1223 [Define if you want
1224 TCP Wrappers support])
e54defb4 1225 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1226 TCPW_MSG="yes"
278588d8 1227 ],
1228 [
1229 AC_MSG_ERROR([*** libwrap missing])
1230 ]
1231 )
ddceb1c8 1232 LIBS="$saved_LIBS"
278588d8 1233 fi
1234 ]
1235)
1236
59031773 1237# Check whether user wants libedit support
1238LIBEDIT_MSG="no"
1239AC_ARG_WITH(libedit,
6ff3d0dc 1240 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1241 [ if test "x$withval" != "xno" ; then
737edf04 1242 if test "x$withval" != "xyes"; then
bb116c8e 1243 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1244 if test -n "${need_dash_r}"; then
1245 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1246 else
1247 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1248 fi
737edf04 1249 fi
59031773 1250 AC_CHECK_LIB(edit, el_init,
3466e002 1251 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1252 LIBEDIT="-ledit -lcurses"
1253 LIBEDIT_MSG="yes"
1254 AC_SUBST(LIBEDIT)
1255 ],
737edf04 1256 [ AC_MSG_ERROR(libedit not found) ],
1257 [ -lcurses ]
59031773 1258 )
f47ddccb 1259 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1260 AC_COMPILE_IFELSE(
1261 [AC_LANG_SOURCE([[
1262#include <histedit.h>
f47ddccb 1263int main(void)
1264{
1265 int i = H_SETSIZE;
1266 el_init("", NULL, NULL, NULL);
1267 exit(0);
1268}
d92622f9 1269 ]])],
f47ddccb 1270 [ AC_MSG_RESULT(yes) ],
1271 [ AC_MSG_RESULT(no)
1272 AC_MSG_ERROR(libedit version is not compatible) ]
1273 )
59031773 1274 fi ]
1275)
1276
7b578f7d 1277AUDIT_MODULE=none
1278AC_ARG_WITH(audit,
1279 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1280 [
1281 AC_MSG_CHECKING(for supported audit module)
1282 case "$withval" in
1283 bsm)
1284 AC_MSG_RESULT(bsm)
1285 AUDIT_MODULE=bsm
1286 dnl Checks for headers, libs and functions
1287 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1288 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1289 [
1290#ifdef HAVE_TIME_H
1291# include <time.h>
1292#endif
1293 ]
1294)
7b578f7d 1295 AC_CHECK_LIB(bsm, getaudit, [],
1296 [AC_MSG_ERROR(BSM enabled and required library not found)])
1297 AC_CHECK_FUNCS(getaudit, [],
1298 [AC_MSG_ERROR(BSM enabled and required function not found)])
1299 # These are optional
a74e9b64 1300 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1301 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1302 ;;
1303 debug)
1304 AUDIT_MODULE=debug
1305 AC_MSG_RESULT(debug)
3466e002 1306 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1307 ;;
a2b3321d 1308 no)
d92622f9 1309 AC_MSG_RESULT(no)
a2b3321d 1310 ;;
7b578f7d 1311 *)
1312 AC_MSG_ERROR([Unknown audit module $withval])
1313 ;;
1314 esac ]
1315)
1316
19160674 1317dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1318AC_CHECK_FUNCS( \
1319 arc4random \
185adaf8 1320 arc4random_buf \
1321 arc4random_uniform \
9a406e1e 1322 asprintf \
b04a9f8c 1323 b64_ntop \
1324 __b64_ntop \
1325 b64_pton \
1326 __b64_pton \
1327 bcopy \
1328 bindresvport_sa \
1329 clock \
1330 closefrom \
1331 dirfd \
b04a9f8c 1332 fchmod \
1333 fchown \
1334 freeaddrinfo \
22f5e872 1335 fstatvfs \
b04a9f8c 1336 futimes \
1337 getaddrinfo \
1338 getcwd \
1339 getgrouplist \
1340 getnameinfo \
1341 getopt \
1342 getpeereid \
1961d660 1343 getpeerucred \
b04a9f8c 1344 _getpty \
1345 getrlimit \
1346 getttyent \
1347 glob \
1348 inet_aton \
1349 inet_ntoa \
1350 inet_ntop \
1351 innetgr \
1352 login_getcapbool \
1353 md5_crypt \
1354 memmove \
1355 mkdtemp \
1356 mmap \
1357 ngetaddrinfo \
1358 nsleep \
1359 ogetaddrinfo \
1360 openlog_r \
1361 openpty \
6d39a5c4 1362 poll \
b04a9f8c 1363 prctl \
1364 pstat \
1365 readpassphrase \
1366 realpath \
1367 recvmsg \
1368 rresvport_af \
1369 sendmsg \
1370 setdtablesize \
1371 setegid \
1372 setenv \
1373 seteuid \
1374 setgroups \
1375 setlogin \
1376 setpcred \
1377 setproctitle \
1378 setregid \
1379 setreuid \
1380 setrlimit \
1381 setsid \
1382 setvbuf \
1383 sigaction \
1384 sigvec \
1385 snprintf \
1386 socketpair \
4538e135 1387 statfs \
1388 statvfs \
b04a9f8c 1389 strdup \
1390 strerror \
1391 strlcat \
1392 strlcpy \
1393 strmode \
1394 strnvis \
1395 strtonum \
1e29a0c8 1396 strtoll \
b04a9f8c 1397 strtoul \
1aac2117 1398 swap32 \
b04a9f8c 1399 sysconf \
1400 tcgetpgrp \
1401 truncate \
1402 unsetenv \
1403 updwtmpx \
9a406e1e 1404 vasprintf \
b04a9f8c 1405 vhangup \
1406 vsnprintf \
1407 waitpid \
19160674 1408)
98a7c37b 1409
1a086f97 1410# IRIX has a const char return value for gai_strerror()
1411AC_CHECK_FUNCS(gai_strerror,[
1412 AC_DEFINE(HAVE_GAI_STRERROR)
1413 AC_TRY_COMPILE([
1414#include <sys/types.h>
1415#include <sys/socket.h>
1416#include <netdb.h>
1417
1418const char *gai_strerror(int);],[
1419char *str;
1420
1421str = gai_strerror(0);],[
1422 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1423 [Define if gai_strerror() returns const char *])])])
1424
3466e002 1425AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1426 [Some systems put nanosleep outside of libc]))
92b1decf 1427
309709db 1428dnl Make sure prototypes are defined for these before using them.
309709db 1429AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1430AC_CHECK_DECL(strsep,
1431 [AC_CHECK_FUNCS(strsep)],
1432 [],
1433 [
1434#ifdef HAVE_STRING_H
1435# include <string.h>
1436#endif
1437 ])
08412d26 1438
3490699c 1439dnl tcsendbreak might be a macro
1440AC_CHECK_DECL(tcsendbreak,
1441 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1442 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1443 [#include <termios.h>]
1444)
1445
41e0e158 1446AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1447
71f4c727 1448AC_CHECK_DECLS(SHUT_RD, , ,
1449 [
1450#include <sys/types.h>
1451#include <sys/socket.h>
1452 ])
956d6743 1453
1454AC_CHECK_DECLS(O_NONBLOCK, , ,
1455 [
1456#include <sys/types.h>
1457#ifdef HAVE_SYS_STAT_H
1458# include <sys/stat.h>
1459#endif
1460#ifdef HAVE_FCNTL_H
1461# include <fcntl.h>
1462#endif
1463 ])
1464
752994dd 1465AC_CHECK_DECLS(writev, , , [
1466#include <sys/types.h>
1467#include <sys/uio.h>
1468#include <unistd.h>
1469 ])
1470
0bf6279d 1471AC_CHECK_DECLS(MAXSYMLINKS, , , [
1472#include <sys/param.h>
1473 ])
1474
b41ece30 1475AC_CHECK_DECLS(offsetof, , , [
1476#include <stddef.h>
1477 ])
1478
3f176010 1479AC_CHECK_FUNCS(setresuid, [
1480 dnl Some platorms have setresuid that isn't implemented, test for this
1481 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1482 AC_RUN_IFELSE(
1483 [AC_LANG_SOURCE([[
9a3fe0e2 1484#include <stdlib.h>
1485#include <errno.h>
1486int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1487 ]])],
3f176010 1488 [AC_MSG_RESULT(yes)],
3466e002 1489 [AC_DEFINE(BROKEN_SETRESUID, 1,
1490 [Define if your setresuid() is broken])
1a01a50c 1491 AC_MSG_RESULT(not implemented)],
1492 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1493 )
1494])
9a3fe0e2 1495
3f176010 1496AC_CHECK_FUNCS(setresgid, [
1497 dnl Some platorms have setresgid that isn't implemented, test for this
1498 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1499 AC_RUN_IFELSE(
1500 [AC_LANG_SOURCE([[
9a3fe0e2 1501#include <stdlib.h>
1502#include <errno.h>
1503int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1504 ]])],
3f176010 1505 [AC_MSG_RESULT(yes)],
3466e002 1506 [AC_DEFINE(BROKEN_SETRESGID, 1,
1507 [Define if your setresgid() is broken])
1a01a50c 1508 AC_MSG_RESULT(not implemented)],
1509 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1510 )
1511])
9a3fe0e2 1512
2e73a022 1513dnl Checks for time functions
1d7b9b20 1514AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1515dnl Checks for utmp functions
b03bd394 1516AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1517AC_CHECK_FUNCS(utmpname)
2e73a022 1518dnl Checks for utmpx functions
b03bd394 1519AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1520AC_CHECK_FUNCS(setutxent utmpxname)
295dd642 1521dnl Checks for lastlog functions
1522AC_CHECK_FUNCS(getlastlogxbyname)
76cd7316 1523
aff51935 1524AC_CHECK_FUNC(daemon,
3466e002 1525 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1526 [AC_CHECK_LIB(bsd, daemon,
1527 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1528)
1529
aff51935 1530AC_CHECK_FUNC(getpagesize,
3466e002 1531 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1532 [Define if your libraries define getpagesize()])],
1533 [AC_CHECK_LIB(ucb, getpagesize,
1534 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1535)
1536
2647ae26 1537# Check for broken snprintf
1538if test "x$ac_cv_func_snprintf" = "xyes" ; then
1539 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1540 AC_RUN_IFELSE(
479cece8 1541 [AC_LANG_SOURCE([[
2647ae26 1542#include <stdio.h>
aec4cb4f 1543int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1544 ]])],
aff51935 1545 [AC_MSG_RESULT(yes)],
2647ae26 1546 [
1547 AC_MSG_RESULT(no)
3466e002 1548 AC_DEFINE(BROKEN_SNPRINTF, 1,
1549 [Define if your snprintf is busted])
2647ae26 1550 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1551 ],
1552 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1553 )
1554fi
1555
9a406e1e 1556# If we don't have a working asprintf, then we strongly depend on vsnprintf
1557# returning the right thing on overflow: the number of characters it tried to
1558# create (as per SUSv3)
1559if test "x$ac_cv_func_asprintf" != "xyes" && \
1560 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1561 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1562 AC_RUN_IFELSE(
1563 [AC_LANG_SOURCE([[
1564#include <sys/types.h>
1565#include <stdio.h>
1566#include <stdarg.h>
1567
1568int x_snprintf(char *str,size_t count,const char *fmt,...)
1569{
1570 size_t ret; va_list ap;
1571 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1572 return ret;
1573}
1574int main(void)
1575{
1576 char x[1];
1577 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1578} ]])],
1579 [AC_MSG_RESULT(yes)],
1580 [
1581 AC_MSG_RESULT(no)
1582 AC_DEFINE(BROKEN_SNPRINTF, 1,
1583 [Define if your snprintf is busted])
1584 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1585 ],
1586 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1587 )
1588fi
1589
31b0732a 1590# On systems where [v]snprintf is broken, but is declared in stdio,
1591# check that the fmt argument is const char * or just char *.
1592# This is only useful for when BROKEN_SNPRINTF
1593AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1594AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1595 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1596 int main(void) { snprintf(0, 0, 0); }
1597 ]])],
1598 [AC_MSG_RESULT(yes)
1599 AC_DEFINE(SNPRINTF_CONST, [const],
1600 [Define as const if snprintf() can declare const char *fmt])],
1601 [AC_MSG_RESULT(no)
1602 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1603
2f6f9cff 1604# Check for missing getpeereid (or equiv) support
1605NO_PEERCHECK=""
1961d660 1606if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1607 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1608 AC_TRY_COMPILE(
1609 [#include <sys/types.h>
1610 #include <sys/socket.h>],
1611 [int i = SO_PEERCRED;],
62eb7db4 1612 [ AC_MSG_RESULT(yes)
3466e002 1613 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1614 ],
2f6f9cff 1615 [AC_MSG_RESULT(no)
1616 NO_PEERCHECK=1]
1617 )
1618fi
1619
70e7d0b0 1620dnl see whether mkstemp() requires XXXXXX
1621if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1622AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1623AC_RUN_IFELSE(
1624 [AC_LANG_SOURCE([[
70e7d0b0 1625#include <stdlib.h>
1626main() { char template[]="conftest.mkstemp-test";
1627if (mkstemp(template) == -1)
1628 exit(1);
1629unlink(template); exit(0);
1630}
b0e7249f 1631 ]])],
70e7d0b0 1632 [
1633 AC_MSG_RESULT(no)
1634 ],
aff51935 1635 [
70e7d0b0 1636 AC_MSG_RESULT(yes)
3466e002 1637 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1638 ],
1639 [
1640 AC_MSG_RESULT(yes)
1641 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1642 ]
70e7d0b0 1643)
1644fi
1645
eacb954e 1646dnl make sure that openpty does not reacquire controlling terminal
1647if test ! -z "$check_for_openpty_ctty_bug"; then
1648 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1649 AC_RUN_IFELSE(
1650 [AC_LANG_SOURCE([[
eacb954e 1651#include <stdio.h>
1652#include <sys/fcntl.h>
1653#include <sys/types.h>
1654#include <sys/wait.h>
1655
1656int
1657main()
1658{
1659 pid_t pid;
1660 int fd, ptyfd, ttyfd, status;
1661
1662 pid = fork();
1663 if (pid < 0) { /* failed */
1664 exit(1);
1665 } else if (pid > 0) { /* parent */
1666 waitpid(pid, &status, 0);
aff51935 1667 if (WIFEXITED(status))
eacb954e 1668 exit(WEXITSTATUS(status));
1669 else
1670 exit(2);
1671 } else { /* child */
1672 close(0); close(1); close(2);
1673 setsid();
1674 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1675 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1676 if (fd >= 0)
1677 exit(3); /* Acquired ctty: broken */
1678 else
1679 exit(0); /* Did not acquire ctty: OK */
1680 }
1681}
b0e7249f 1682 ]])],
eacb954e 1683 [
1684 AC_MSG_RESULT(yes)
1685 ],
1686 [
1687 AC_MSG_RESULT(no)
1688 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1689 ],
1690 [
1691 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1692 ]
1693 )
1694fi
1695
4b492aab 1696if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1697 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1698 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1699 AC_RUN_IFELSE(
1700 [AC_LANG_SOURCE([[
2fe51906 1701#include <stdio.h>
1702#include <sys/socket.h>
1703#include <netdb.h>
1704#include <errno.h>
1705#include <netinet/in.h>
1706
1707#define TEST_PORT "2222"
1708
1709int
1710main(void)
1711{
1712 int err, sock;
1713 struct addrinfo *gai_ai, *ai, hints;
1714 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1715
1716 memset(&hints, 0, sizeof(hints));
1717 hints.ai_family = PF_UNSPEC;
1718 hints.ai_socktype = SOCK_STREAM;
1719 hints.ai_flags = AI_PASSIVE;
1720
1721 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1722 if (err != 0) {
1723 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1724 exit(1);
1725 }
1726
1727 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1728 if (ai->ai_family != AF_INET6)
1729 continue;
1730
1731 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1732 sizeof(ntop), strport, sizeof(strport),
1733 NI_NUMERICHOST|NI_NUMERICSERV);
1734
1735 if (err != 0) {
1736 if (err == EAI_SYSTEM)
1737 perror("getnameinfo EAI_SYSTEM");
1738 else
1739 fprintf(stderr, "getnameinfo failed: %s\n",
1740 gai_strerror(err));
1741 exit(2);
1742 }
1743
1744 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1745 if (sock < 0)
1746 perror("socket");
1747 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1748 if (errno == EBADF)
1749 exit(3);
1750 }
1751 }
1752 exit(0);
1753}
b0e7249f 1754 ]])],
2fe51906 1755 [
1756 AC_MSG_RESULT(yes)
1757 ],
1758 [
1759 AC_MSG_RESULT(no)
1760 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1761 ],
1762 [
1763 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1764 ]
1765 )
1766fi
1767
4b492aab 1768if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1769 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1770 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1771 AC_RUN_IFELSE(
1772 [AC_LANG_SOURCE([[
5ccf88cb 1773#include <stdio.h>
1774#include <sys/socket.h>
1775#include <netdb.h>
1776#include <errno.h>
1777#include <netinet/in.h>
1778
1779#define TEST_PORT "2222"
1780
1781int
1782main(void)
1783{
1784 int err, sock;
1785 struct addrinfo *gai_ai, *ai, hints;
1786 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1787
1788 memset(&hints, 0, sizeof(hints));
1789 hints.ai_family = PF_UNSPEC;
1790 hints.ai_socktype = SOCK_STREAM;
1791 hints.ai_flags = AI_PASSIVE;
1792
1793 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1794 if (err != 0) {
1795 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1796 exit(1);
1797 }
1798
1799 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1800 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1801 continue;
1802
1803 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1804 sizeof(ntop), strport, sizeof(strport),
1805 NI_NUMERICHOST|NI_NUMERICSERV);
1806
1807 if (ai->ai_family == AF_INET && err != 0) {
1808 perror("getnameinfo");
1809 exit(2);
1810 }
1811 }
1812 exit(0);
1813}
b0e7249f 1814 ]])],
5ccf88cb 1815 [
1816 AC_MSG_RESULT(yes)
3466e002 1817 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1818 [Define if you have a getaddrinfo that fails
1819 for the all-zeros IPv6 address])
5ccf88cb 1820 ],
1821 [
1822 AC_MSG_RESULT(no)
1823 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1824 ],
ecd9ec09 1825 [
b0e7249f 1826 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1827 ]
1828 )
1829fi
1830
b29fd59f 1831if test "x$check_for_conflicting_getspnam" = "x1"; then
1832 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1833 AC_COMPILE_IFELSE(
1834 [
1835#include <shadow.h>
1836int main(void) {exit(0);}
1837 ],
1838 [
1839 AC_MSG_RESULT(no)
1840 ],
1841 [
1842 AC_MSG_RESULT(yes)
1843 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1844 [Conflicting defs for getspnam])
1845 ]
1846 )
1847fi
1848
7f8f5e00 1849AC_FUNC_GETPGRP
1850
5b991353 1851# Search for OpenSSL
1852saved_CPPFLAGS="$CPPFLAGS"
1853saved_LDFLAGS="$LDFLAGS"
a0391976 1854AC_ARG_WITH(ssl-dir,
1855 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1856 [
e9e4a1c7 1857 if test "x$withval" != "xno" ; then
99eb0f64 1858 case "$withval" in
1859 # Relative paths
1860 ./*|../*) withval="`pwd`/$withval"
1861 esac
5b991353 1862 if test -d "$withval/lib"; then
1863 if test -n "${need_dash_r}"; then
1864 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1865 else
1866 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1867 fi
1868 else
5b991353 1869 if test -n "${need_dash_r}"; then
1870 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1871 else
1872 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1873 fi
1874 fi
5b991353 1875 if test -d "$withval/include"; then
1876 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1877 else
5b991353 1878 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1879 fi
a0391976 1880 fi
5b991353 1881 ]
1882)
5486a457 1883LIBS="-lcrypto $LIBS"
3466e002 1884AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1885 [Define if your ssl headers are included
1886 with #include <openssl/header.h>]),
d45e3d76 1887 [
5b991353 1888 dnl Check default openssl install dir
1889 if test -n "${need_dash_r}"; then
1890 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1891 else
5b991353 1892 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1893 fi
5b991353 1894 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1895 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1896 [
1897 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1898 ]
1899 )
1900 ]
1901)
1902
cd018561 1903# Determine OpenSSL header version
1904AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1905AC_RUN_IFELSE(
479cece8 1906 [AC_LANG_SOURCE([[
cd018561 1907#include <stdio.h>
1908#include <string.h>
1909#include <openssl/opensslv.h>
1910#define DATA "conftest.sslincver"
1911int main(void) {
aff51935 1912 FILE *fd;
1913 int rc;
cd018561 1914
aff51935 1915 fd = fopen(DATA,"w");
1916 if(fd == NULL)
1917 exit(1);
cd018561 1918
1919 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1920 exit(1);
1921
1922 exit(0);
1923}
479cece8 1924 ]])],
cd018561 1925 [
1926 ssl_header_ver=`cat conftest.sslincver`
1927 AC_MSG_RESULT($ssl_header_ver)
1928 ],
1929 [
1930 AC_MSG_RESULT(not found)
1931 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1932 ],
1933 [
1934 AC_MSG_WARN([cross compiling: not checking])
cd018561 1935 ]
1936)
1937
1938# Determine OpenSSL library version
1939AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1940AC_RUN_IFELSE(
479cece8 1941 [AC_LANG_SOURCE([[
cd018561 1942#include <stdio.h>
1943#include <string.h>
1944#include <openssl/opensslv.h>
1945#include <openssl/crypto.h>
1946#define DATA "conftest.ssllibver"
1947int main(void) {
aff51935 1948 FILE *fd;
1949 int rc;
cd018561 1950
aff51935 1951 fd = fopen(DATA,"w");
1952 if(fd == NULL)
1953 exit(1);
cd018561 1954
1955 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1956 exit(1);
1957
1958 exit(0);
1959}
479cece8 1960 ]])],
cd018561 1961 [
1962 ssl_library_ver=`cat conftest.ssllibver`
1963 AC_MSG_RESULT($ssl_library_ver)
1964 ],
1965 [
1966 AC_MSG_RESULT(not found)
1967 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1968 ],
1969 [
1970 AC_MSG_WARN([cross compiling: not checking])
cd018561 1971 ]
1972)
58d100bf 1973
1d42bcce 1974AC_ARG_WITH(openssl-header-check,
1975 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1976 [ if test "x$withval" = "xno" ; then
1977 openssl_check_nonfatal=1
1978 fi
1979 ]
1980)
1981
9780116c 1982# Sanity check OpenSSL headers
1983AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1984AC_RUN_IFELSE(
479cece8 1985 [AC_LANG_SOURCE([[
9780116c 1986#include <string.h>
1987#include <openssl/opensslv.h>
aec4cb4f 1988int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1989 ]])],
9780116c 1990 [
1991 AC_MSG_RESULT(yes)
1992 ],
1993 [
1994 AC_MSG_RESULT(no)
1d42bcce 1995 if test "x$openssl_check_nonfatal" = "x"; then
1996 AC_MSG_ERROR([Your OpenSSL headers do not match your
1997library. Check config.log for details.
1998If you are sure your installation is consistent, you can disable the check
1999by running "./configure --without-openssl-header-check".
2000Also see contrib/findssl.sh for help identifying header/library mismatches.
2001])
2002 else
2003 AC_MSG_WARN([Your OpenSSL headers do not match your
2004library. Check config.log for details.
e15ba28b 2005Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 2006 fi
1a01a50c 2007 ],
2008 [
2009 AC_MSG_WARN([cross compiling: not checking])
9780116c 2010 ]
2011)
2012
282d6408 2013AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2014AC_LINK_IFELSE(
2015 [AC_LANG_SOURCE([[
2016#include <openssl/evp.h>
2017int main(void) { SSLeay_add_all_algorithms(); }
2018 ]])],
2019 [
2020 AC_MSG_RESULT(yes)
2021 ],
2022 [
2023 AC_MSG_RESULT(no)
2024 saved_LIBS="$LIBS"
2025 LIBS="$LIBS -ldl"
2026 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2027 AC_LINK_IFELSE(
2028 [AC_LANG_SOURCE([[
2029#include <openssl/evp.h>
2030int main(void) { SSLeay_add_all_algorithms(); }
2031 ]])],
2032 [
2033 AC_MSG_RESULT(yes)
2034 ],
2035 [
2036 AC_MSG_RESULT(no)
2037 LIBS="$saved_LIBS"
2038 ]
2039 )
2040 ]
2041)
2042
c7ad0d99 2043AC_ARG_WITH(ssl-engine,
2044 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2045 [ if test "x$withval" != "xno" ; then
2046 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2047 AC_TRY_COMPILE(
2048 [ #include <openssl/engine.h>],
2049 [
24b2647b 2050ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2051 ],
2052 [ AC_MSG_RESULT(yes)
2053 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2054 [Enable OpenSSL engine support])
2055 ],
2056 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2057 )
2058 fi ]
2059)
2060
e5146707 2061# Check for OpenSSL without EVP_aes_{192,256}_cbc
2062AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2063AC_LINK_IFELSE(
e5146707 2064 [AC_LANG_SOURCE([[
2065#include <string.h>
2066#include <openssl/evp.h>
300ea548 2067int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2068 ]])],
2069 [
2070 AC_MSG_RESULT(no)
2071 ],
2072 [
2073 AC_MSG_RESULT(yes)
2074 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2075 [libcrypto is missing AES 192 and 256 bit functions])
2076 ]
2077)
2078
14e380c6 2079AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
2080AC_LINK_IFELSE(
2081 [AC_LANG_SOURCE([[
2082#include <string.h>
2083#include <openssl/evp.h>
2084int main(void) { if(EVP_DigestUpdate(NULL, NULL,0)) exit(0); }
2085 ]])],
2086 [
2087 AC_MSG_RESULT(yes)
2088 ],
2089 [
2090 AC_MSG_RESULT(no)
2091 AC_DEFINE(OPENSSL_EVP_DIGESTUPDATE_VOID, 1,
2092 [Define if EVP_DigestUpdate returns void])
2093 ]
2094)
2095
5486a457 2096# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2097# because the system crypt() is more featureful.
2098if test "x$check_for_libcrypt_before" = "x1"; then
2099 AC_CHECK_LIB(crypt, crypt)
2100fi
2101
aff51935 2102# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2103# version in OpenSSL.
05114c74 2104if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2105 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2106fi
2107
13ff27b7 2108# Search for SHA256 support in libc and/or OpenSSL
2109AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2110
a03acb8f 2111saved_LIBS="$LIBS"
2112AC_CHECK_LIB(iaf, ia_openinfo, [
2113 LIBS="$LIBS -liaf"
d837615a 2114 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2115 AC_DEFINE(HAVE_LIBIAF, 1,
2116 [Define if system has libiaf that supports set_id])
2117 ])
a03acb8f 2118])
2119LIBS="$saved_LIBS"
f1b0ecc3 2120
2121### Configure cryptographic random number support
2122
2123# Check wheter OpenSSL seeds itself
2124AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2125AC_RUN_IFELSE(
479cece8 2126 [AC_LANG_SOURCE([[
f1b0ecc3 2127#include <string.h>
2128#include <openssl/rand.h>
aec4cb4f 2129int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2130 ]])],
f1b0ecc3 2131 [
2132 OPENSSL_SEEDS_ITSELF=yes
2133 AC_MSG_RESULT(yes)
2134 ],
2135 [
2136 AC_MSG_RESULT(no)
2137 # Default to use of the rand helper if OpenSSL doesn't
2138 # seed itself
2139 USE_RAND_HELPER=yes
1a01a50c 2140 ],
2141 [
2142 AC_MSG_WARN([cross compiling: assuming yes])
2143 # This is safe, since all recent OpenSSL versions will
82f4e93d 2144 # complain at runtime if not seeded correctly.
1a01a50c 2145 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2146 ]
2147)
2148
a086f73b 2149# Check for PAM libs
2150PAM_MSG="no"
2151AC_ARG_WITH(pam,
2152 [ --with-pam Enable PAM support ],
2153 [
2154 if test "x$withval" != "xno" ; then
2155 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2156 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2157 AC_MSG_ERROR([PAM headers not found])
2158 fi
2159
2160 saved_LIBS="$LIBS"
2161 AC_CHECK_LIB(dl, dlopen, , )
2162 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2163 AC_CHECK_FUNCS(pam_getenvlist)
2164 AC_CHECK_FUNCS(pam_putenv)
2165 LIBS="$saved_LIBS"
2166
2167 PAM_MSG="yes"
2168
e54defb4 2169 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2170 AC_DEFINE(USE_PAM, 1,
2171 [Define if you want to enable PAM support])
282d6408 2172
a086f73b 2173 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2174 case "$LIBS" in
2175 *-ldl*)
2176 # libdl already in LIBS
2177 ;;
2178 *)
e54defb4 2179 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2180 ;;
2181 esac
a086f73b 2182 fi
a086f73b 2183 fi
2184 ]
2185)
2186
2187# Check for older PAM
2188if test "x$PAM_MSG" = "xyes" ; then
2189 # Check PAM strerror arguments (old PAM)
2190 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2191 AC_TRY_COMPILE(
2192 [
2193#include <stdlib.h>
2194#if defined(HAVE_SECURITY_PAM_APPL_H)
2195#include <security/pam_appl.h>
2196#elif defined (HAVE_PAM_PAM_APPL_H)
2197#include <pam/pam_appl.h>
2198#endif
2199 ],
2200 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2201 [AC_MSG_RESULT(no)],
2202 [
2203 AC_DEFINE(HAVE_OLD_PAM, 1,
2204 [Define if you have an old version of PAM
2205 which takes only one argument to pam_strerror])
2206 AC_MSG_RESULT(yes)
2207 PAM_MSG="yes (old library)"
2208 ]
2209 )
2210fi
f1b0ecc3 2211
2212# Do we want to force the use of the rand helper?
2213AC_ARG_WITH(rand-helper,
2214 [ --with-rand-helper Use subprocess to gather strong randomness ],
2215 [
2216 if test "x$withval" = "xno" ; then
aff51935 2217 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2218 # the previous test showed it to be unseeded.
2219 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2220 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2221 OPENSSL_SEEDS_ITSELF=yes
2222 USE_RAND_HELPER=""
2223 fi
2224 else
2225 USE_RAND_HELPER=yes
2226 fi
2227 ],
82f4e93d 2228)
f1b0ecc3 2229
2230# Which randomness source do we use?
4b492aab 2231if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2232 # OpenSSL only
3466e002 2233 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2234 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2235 RAND_MSG="OpenSSL internal ONLY"
2236 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2237elif test ! -z "$USE_RAND_HELPER" ; then
2238 # install rand helper
f1b0ecc3 2239 RAND_MSG="ssh-rand-helper"
2240 INSTALL_SSH_RAND_HELPER="yes"
2241fi
2242AC_SUBST(INSTALL_SSH_RAND_HELPER)
2243
2244### Configuration of ssh-rand-helper
2245
2246# PRNGD TCP socket
2247AC_ARG_WITH(prngd-port,
2248 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2249 [
eb5d7ff6 2250 case "$withval" in
2251 no)
2252 withval=""
2253 ;;
2254 [[0-9]]*)
2255 ;;
2256 *)
2257 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2258 ;;
2259 esac
2260 if test ! -z "$withval" ; then
f1b0ecc3 2261 PRNGD_PORT="$withval"
3466e002 2262 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2263 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2264 fi
2265 ]
2266)
2267
2268# PRNGD Unix domain socket
2269AC_ARG_WITH(prngd-socket,
2270 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2271 [
eb5d7ff6 2272 case "$withval" in
2273 yes)
f1b0ecc3 2274 withval="/var/run/egd-pool"
eb5d7ff6 2275 ;;
2276 no)
2277 withval=""
2278 ;;
2279 /*)
2280 ;;
2281 *)
2282 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2283 ;;
2284 esac
2285
2286 if test ! -z "$withval" ; then
f1b0ecc3 2287 if test ! -z "$PRNGD_PORT" ; then
2288 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2289 fi
906e811b 2290 if test ! -r "$withval" ; then
f1b0ecc3 2291 AC_MSG_WARN(Entropy socket is not readable)
2292 fi
2293 PRNGD_SOCKET="$withval"
3466e002 2294 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2295 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2296 fi
ddceb1c8 2297 ],
2298 [
2299 # Check for existing socket only if we don't have a random device already
2300 if test "$USE_RAND_HELPER" = yes ; then
2301 AC_MSG_CHECKING(for PRNGD/EGD socket)
2302 # Insert other locations here
2303 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2304 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2305 PRNGD_SOCKET="$sock"
2306 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2307 break;
2308 fi
2309 done
2310 if test ! -z "$PRNGD_SOCKET" ; then
2311 AC_MSG_RESULT($PRNGD_SOCKET)
2312 else
2313 AC_MSG_RESULT(not found)
2314 fi
2315 fi
f1b0ecc3 2316 ]
2317)
2318
2319# Change default command timeout for hashing entropy source
2320entropy_timeout=200
2321AC_ARG_WITH(entropy-timeout,
2322 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2323 [
6cf0200f 2324 if test -n "$withval" && test "x$withval" != "xno" && \
2325 test "x${withval}" != "xyes"; then
f1b0ecc3 2326 entropy_timeout=$withval
2327 fi
82f4e93d 2328 ]
f1b0ecc3 2329)
3466e002 2330AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2331 [Builtin PRNG command timeout])
f1b0ecc3 2332
fd3cbf67 2333SSH_PRIVSEP_USER=sshd
9a0fbcb3 2334AC_ARG_WITH(privsep-user,
5222e7ef 2335 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2336 [
6cf0200f 2337 if test -n "$withval" && test "x$withval" != "xno" && \
2338 test "x${withval}" != "xyes"; then
fd3cbf67 2339 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2340 fi
82f4e93d 2341 ]
9a0fbcb3 2342)
3466e002 2343AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2344 [non-privileged user for privilege separation])
fd3cbf67 2345AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2346
81dadca3 2347# We do this little dance with the search path to insure
2348# that programs that we select for use by installed programs
2349# (which may be run by the super-user) come from trusted
2350# locations before they come from the user's private area.
2351# This should help avoid accidentally configuring some
2352# random version of a program in someone's personal bin.
2353
2354OPATH=$PATH
2355PATH=/bin:/usr/bin
f95c8ce8 2356test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2357test -d /sbin && PATH=$PATH:/sbin
2358test -d /usr/sbin && PATH=$PATH:/usr/sbin
2359PATH=$PATH:/etc:$OPATH
2360
aff51935 2361# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2362OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2363OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2364OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2365OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2366OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2367OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2368OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2369OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2370OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2371OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2372OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2373OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2374OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2375OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2376OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2377OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2378# restore PATH
2379PATH=$OPATH
f1b0ecc3 2380
2381# Where does ssh-rand-helper get its randomness from?
2382INSTALL_SSH_PRNG_CMDS=""
2383if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2384 if test ! -z "$PRNGD_PORT" ; then
2385 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2386 elif test ! -z "$PRNGD_SOCKET" ; then
2387 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2388 else
2389 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2390 RAND_HELPER_CMDHASH=yes
2391 INSTALL_SSH_PRNG_CMDS="yes"
2392 fi
2393fi
2394AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2395
2396
66d6c27e 2397# Cheap hack to ensure NEWS-OS libraries are arranged right.
2398if test ! -z "$SONY" ; then
2399 LIBS="$LIBS -liberty";
2400fi
2401
9a406e1e 2402# Check for long long datatypes
2403AC_CHECK_TYPES([long long, unsigned long long, long double])
2404
2405# Check datatype sizes
976f7e19 2406AC_CHECK_SIZEOF(char, 1)
2b942fe0 2407AC_CHECK_SIZEOF(short int, 2)
2408AC_CHECK_SIZEOF(int, 4)
2409AC_CHECK_SIZEOF(long int, 4)
2410AC_CHECK_SIZEOF(long long int, 8)
2411
52f1ccb2 2412# Sanity check long long for some platforms (AIX)
2413if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2414 ac_cv_sizeof_long_long_int=0
2415fi
2416
90f15776 2417# compute LLONG_MIN and LLONG_MAX if we don't know them.
2418if test -z "$have_llong_max"; then
2419 AC_MSG_CHECKING([for max value of long long])
2420 AC_RUN_IFELSE(
2421 [AC_LANG_SOURCE([[
2422#include <stdio.h>
2423/* Why is this so damn hard? */
2424#ifdef __GNUC__
2425# undef __GNUC__
2426#endif
2427#define __USE_ISOC99
2428#include <limits.h>
2429#define DATA "conftest.llminmax"
055252ed 2430#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2431
2432/*
2433 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2434 * we do this the hard way.
2435 */
2436static int
2437fprint_ll(FILE *f, long long n)
2438{
2439 unsigned int i;
2440 int l[sizeof(long long) * 8];
2441
2442 if (n < 0)
2443 if (fprintf(f, "-") < 0)
2444 return -1;
2445 for (i = 0; n != 0; i++) {
2446 l[i] = my_abs(n % 10);
2447 n /= 10;
2448 }
2449 do {
2450 if (fprintf(f, "%d", l[--i]) < 0)
2451 return -1;
2452 } while (i != 0);
2453 if (fprintf(f, " ") < 0)
2454 return -1;
2455 return 0;
2456}
2457
90f15776 2458int main(void) {
2459 FILE *f;
2460 long long i, llmin, llmax = 0;
2461
2462 if((f = fopen(DATA,"w")) == NULL)
2463 exit(1);
2464
2465#if defined(LLONG_MIN) && defined(LLONG_MAX)
2466 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2467 llmin = LLONG_MIN;
2468 llmax = LLONG_MAX;
2469#else
2470 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2471 /* This will work on one's complement and two's complement */
2472 for (i = 1; i > llmax; i <<= 1, i++)
2473 llmax = i;
2474 llmin = llmax + 1LL; /* wrap */
2475#endif
2476
2477 /* Sanity check */
2478 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2479 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2480 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2481 fprintf(f, "unknown unknown\n");
2482 exit(2);
2483 }
2484
055252ed 2485 if (fprint_ll(f, llmin) < 0)
90f15776 2486 exit(3);
055252ed 2487 if (fprint_ll(f, llmax) < 0)
2488 exit(4);
2489 if (fclose(f) < 0)
2490 exit(5);
90f15776 2491 exit(0);
2492}
2493 ]])],
2494 [
2495 llong_min=`$AWK '{print $1}' conftest.llminmax`
2496 llong_max=`$AWK '{print $2}' conftest.llminmax`
2497
90f15776 2498 AC_MSG_RESULT($llong_max)
2499 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2500 [max value of long long calculated by configure])
2501 AC_MSG_CHECKING([for min value of long long])
2502 AC_MSG_RESULT($llong_min)
2503 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2504 [min value of long long calculated by configure])
2505 ],
2506 [
2507 AC_MSG_RESULT(not found)
2508 ],
2509 [
2510 AC_MSG_WARN([cross compiling: not checking])
2511 ]
2512 )
2513fi
2514
2515
a0391976 2516# More checks for data types
14a9a859 2517AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2518 AC_TRY_COMPILE(
aff51935 2519 [ #include <sys/types.h> ],
2520 [ u_int a; a = 1;],
14a9a859 2521 [ ac_cv_have_u_int="yes" ],
2522 [ ac_cv_have_u_int="no" ]
2523 )
2524])
2525if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2526 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2527 have_u_int=1
2528fi
2529
58d100bf 2530AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2531 AC_TRY_COMPILE(
aff51935 2532 [ #include <sys/types.h> ],
2533 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2534 [ ac_cv_have_intxx_t="yes" ],
2535 [ ac_cv_have_intxx_t="no" ]
2536 )
2537])
2538if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2539 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2540 have_intxx_t=1
2541fi
41cb4569 2542
2543if (test -z "$have_intxx_t" && \
aff51935 2544 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2545then
2546 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2547 AC_TRY_COMPILE(
aff51935 2548 [ #include <stdint.h> ],
2549 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2550 [
2551 AC_DEFINE(HAVE_INTXX_T)
2552 AC_MSG_RESULT(yes)
2553 ],
2554 [ AC_MSG_RESULT(no) ]
2555 )
2556fi
2557
bd590612 2558AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2559 AC_TRY_COMPILE(
1cbbe6c8 2560 [
2561#include <sys/types.h>
2562#ifdef HAVE_STDINT_H
2563# include <stdint.h>
2564#endif
2565#include <sys/socket.h>
2566#ifdef HAVE_SYS_BITYPES_H
2567# include <sys/bitypes.h>
2568#endif
aff51935 2569 ],
2570 [ int64_t a; a = 1;],
bd590612 2571 [ ac_cv_have_int64_t="yes" ],
2572 [ ac_cv_have_int64_t="no" ]
2573 )
2574])
2575if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2576 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2577fi
2578
58d100bf 2579AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2580 AC_TRY_COMPILE(
aff51935 2581 [ #include <sys/types.h> ],
2582 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2583 [ ac_cv_have_u_intxx_t="yes" ],
2584 [ ac_cv_have_u_intxx_t="no" ]
2585 )
2586])
2587if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2588 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2589 have_u_intxx_t=1
2590fi
2b942fe0 2591
41cb4569 2592if test -z "$have_u_intxx_t" ; then
2593 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2594 AC_TRY_COMPILE(
aff51935 2595 [ #include <sys/socket.h> ],
2596 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2597 [
2598 AC_DEFINE(HAVE_U_INTXX_T)
2599 AC_MSG_RESULT(yes)
2600 ],
2601 [ AC_MSG_RESULT(no) ]
2602 )
2603fi
2604
bd590612 2605AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2606 AC_TRY_COMPILE(
aff51935 2607 [ #include <sys/types.h> ],
2608 [ u_int64_t a; a = 1;],
bd590612 2609 [ ac_cv_have_u_int64_t="yes" ],
2610 [ ac_cv_have_u_int64_t="no" ]
2611 )
2612])
2613if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2614 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2615 have_u_int64_t=1
2616fi
2617
ddceb1c8 2618if test -z "$have_u_int64_t" ; then
2619 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2620 AC_TRY_COMPILE(
aff51935 2621 [ #include <sys/bitypes.h> ],
ddceb1c8 2622 [ u_int64_t a; a = 1],
2623 [
2624 AC_DEFINE(HAVE_U_INT64_T)
2625 AC_MSG_RESULT(yes)
2626 ],
2627 [ AC_MSG_RESULT(no) ]
2628 )
2629fi
2630
41cb4569 2631if test -z "$have_u_intxx_t" ; then
2632 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2633 AC_TRY_COMPILE(
2634 [
2635#include <sys/types.h>
aff51935 2636 ],
2637 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2638 [ ac_cv_have_uintxx_t="yes" ],
2639 [ ac_cv_have_uintxx_t="no" ]
2640 )
2641 ])
2642 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2643 AC_DEFINE(HAVE_UINTXX_T, 1,
2644 [define if you have uintxx_t data type])
41cb4569 2645 fi
2646fi
2647
2648if test -z "$have_uintxx_t" ; then
2649 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2650 AC_TRY_COMPILE(
aff51935 2651 [ #include <stdint.h> ],
2652 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2653 [
2654 AC_DEFINE(HAVE_UINTXX_T)
2655 AC_MSG_RESULT(yes)
2656 ],
2657 [ AC_MSG_RESULT(no) ]
2658 )
2659fi
2660
e5fe9a1f 2661if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2662 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2663then
2664 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2665 AC_TRY_COMPILE(
58d100bf 2666 [
2667#include <sys/bitypes.h>
aff51935 2668 ],
5cdfe03f 2669 [
837c30b8 2670 int8_t a; int16_t b; int32_t c;
2671 u_int8_t e; u_int16_t f; u_int32_t g;
2672 a = b = c = e = f = g = 1;
aff51935 2673 ],
5cdfe03f 2674 [
2675 AC_DEFINE(HAVE_U_INTXX_T)
2676 AC_DEFINE(HAVE_INTXX_T)
2677 AC_MSG_RESULT(yes)
2678 ],
2679 [AC_MSG_RESULT(no)]
aff51935 2680 )
5cdfe03f 2681fi
2682
0362750e 2683
2684AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2685 AC_TRY_COMPILE(
2686 [
2687#include <sys/types.h>
2688 ],
2689 [ u_char foo; foo = 125; ],
2690 [ ac_cv_have_u_char="yes" ],
2691 [ ac_cv_have_u_char="no" ]
2692 )
2693])
2694if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2695 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2696fi
2697
98a7c37b 2698TYPE_SOCKLEN_T
2b942fe0 2699
2d16d9a3 2700AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2701AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2702#include <sys/types.h>
2703#ifdef HAVE_SYS_BITYPES_H
2704#include <sys/bitypes.h>
2705#endif
2706#ifdef HAVE_SYS_STATFS_H
2707#include <sys/statfs.h>
2708#endif
2709#ifdef HAVE_SYS_STATVFS_H
2710#include <sys/statvfs.h>
2711#endif
2712])
ddceb1c8 2713
86783a32 2714AC_CHECK_TYPES([in_addr_t, in_port_t],,,
777ece68 2715[#include <sys/types.h>
2716#include <netinet/in.h>])
7b578f7d 2717
58d100bf 2718AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2719 AC_TRY_COMPILE(
2720 [
18ba2aab 2721#include <sys/types.h>
58d100bf 2722 ],
2723 [ size_t foo; foo = 1235; ],
2724 [ ac_cv_have_size_t="yes" ],
2725 [ ac_cv_have_size_t="no" ]
2726 )
2727])
2728if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2729 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2730fi
ea1970a3 2731
c04f75f1 2732AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2733 AC_TRY_COMPILE(
2734 [
2735#include <sys/types.h>
2736 ],
2737 [ ssize_t foo; foo = 1235; ],
2738 [ ac_cv_have_ssize_t="yes" ],
2739 [ ac_cv_have_ssize_t="no" ]
2740 )
2741])
2742if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2743 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2744fi
2745
f1c4659d 2746AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2747 AC_TRY_COMPILE(
2748 [
2749#include <time.h>
2750 ],
2751 [ clock_t foo; foo = 1235; ],
2752 [ ac_cv_have_clock_t="yes" ],
2753 [ ac_cv_have_clock_t="no" ]
2754 )
2755])
2756if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2757 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2758fi
2759
1c04b088 2760AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2761 AC_TRY_COMPILE(
2762 [
2763#include <sys/types.h>
2764#include <sys/socket.h>
2765 ],
2766 [ sa_family_t foo; foo = 1235; ],
2767 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2768 [ AC_TRY_COMPILE(
2769 [
2770#include <sys/types.h>
2771#include <sys/socket.h>
2772#include <netinet/in.h>
2773 ],
2774 [ sa_family_t foo; foo = 1235; ],
2775 [ ac_cv_have_sa_family_t="yes" ],
2776
1c04b088 2777 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2778 )]
1c04b088 2779 )
2780])
2781if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2782 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2783 [define if you have sa_family_t data type])
1c04b088 2784fi
2785
729bfe59 2786AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2787 AC_TRY_COMPILE(
2788 [
2789#include <sys/types.h>
2790 ],
2791 [ pid_t foo; foo = 1235; ],
2792 [ ac_cv_have_pid_t="yes" ],
2793 [ ac_cv_have_pid_t="no" ]
2794 )
2795])
2796if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2797 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2798fi
2799
2800AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2801 AC_TRY_COMPILE(
2802 [
2803#include <sys/types.h>
2804 ],
2805 [ mode_t foo; foo = 1235; ],
2806 [ ac_cv_have_mode_t="yes" ],
2807 [ ac_cv_have_mode_t="no" ]
2808 )
2809])
2810if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2811 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2812fi
2813
e3a93db0 2814
58d100bf 2815AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2816 AC_TRY_COMPILE(
2817 [
18ba2aab 2818#include <sys/types.h>
2819#include <sys/socket.h>
58d100bf 2820 ],
2821 [ struct sockaddr_storage s; ],
2822 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2823 [ ac_cv_have_struct_sockaddr_storage="no" ]
2824 )
2825])
2826if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2827 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2828 [define if you have struct sockaddr_storage data type])
58d100bf 2829fi
48e671d5 2830
58d100bf 2831AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2832 AC_TRY_COMPILE(
2833 [
cbd7492e 2834#include <sys/types.h>
58d100bf 2835#include <netinet/in.h>
2836 ],
2837 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2838 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2839 [ ac_cv_have_struct_sockaddr_in6="no" ]
2840 )
2841])
2842if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2843 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2844 [define if you have struct sockaddr_in6 data type])
58d100bf 2845fi
48e671d5 2846
58d100bf 2847AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2848 AC_TRY_COMPILE(
2849 [
cbd7492e 2850#include <sys/types.h>
58d100bf 2851#include <netinet/in.h>
2852 ],
2853 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2854 [ ac_cv_have_struct_in6_addr="yes" ],
2855 [ ac_cv_have_struct_in6_addr="no" ]
2856 )
2857])
2858if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2859 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2860 [define if you have struct in6_addr data type])
95e16084 2861
2862dnl Now check for sin6_scope_id
2863 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2864 [
2865#ifdef HAVE_SYS_TYPES_H
2866#include <sys/types.h>
2867#endif
2868#include <netinet/in.h>
2869 ])
58d100bf 2870fi
48e671d5 2871
58d100bf 2872AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2873 AC_TRY_COMPILE(
2874 [
18ba2aab 2875#include <sys/types.h>
2876#include <sys/socket.h>
2877#include <netdb.h>
58d100bf 2878 ],
2879 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2880 [ ac_cv_have_struct_addrinfo="yes" ],
2881 [ ac_cv_have_struct_addrinfo="no" ]
2882 )
2883])
2884if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2885 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2886 [define if you have struct addrinfo data type])
58d100bf 2887fi
2888
89c7e31c 2889AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2890 AC_TRY_COMPILE(
aff51935 2891 [ #include <sys/time.h> ],
2892 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2893 [ ac_cv_have_struct_timeval="yes" ],
2894 [ ac_cv_have_struct_timeval="no" ]
2895 )
2896])
2897if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2898 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2899 have_struct_timeval=1
2900fi
2901
5271b55c 2902AC_CHECK_TYPES(struct timespec)
2903
85abc74b 2904# We need int64_t or else certian parts of the compile will fail.
4b492aab 2905if test "x$ac_cv_have_int64_t" = "xno" && \
2906 test "x$ac_cv_sizeof_long_int" != "x8" && \
2907 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2908 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2909 echo "an alternative compiler (I.E., GCC) before continuing."
2910 echo ""
2911 exit 1;
733cf7f4 2912else
2913dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2914 AC_RUN_IFELSE(
479cece8 2915 [AC_LANG_SOURCE([[
733cf7f4 2916#include <stdio.h>
2917#include <string.h>
2918#ifdef HAVE_SNPRINTF
2919main()
2920{
2921 char buf[50];
2922 char expected_out[50];
2923 int mazsize = 50 ;
2924#if (SIZEOF_LONG_INT == 8)
2925 long int num = 0x7fffffffffffffff;
2926#else
763a1a18 2927 long long num = 0x7fffffffffffffffll;
733cf7f4 2928#endif
2929 strcpy(expected_out, "9223372036854775807");
2930 snprintf(buf, mazsize, "%lld", num);
2931 if(strcmp(buf, expected_out) != 0)
aff51935 2932 exit(1);
733cf7f4 2933 exit(0);
2934}
2935#else
2936main() { exit(0); }
2937#endif
479cece8 2938 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2939 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2940 )
2c523de9 2941fi
2942
77bb0bca 2943dnl Checks for structure members
58d100bf 2944OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2945OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2946OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2947OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2948OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2949OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2950OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2951OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2952OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2953OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2954OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2955OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2956OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2957OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2958OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2959OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2960OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2961
2962AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2963AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2964 [Define if we don't have struct __res_state in resolv.h])],
2965[
2966#include <stdio.h>
2967#if HAVE_SYS_TYPES_H
2968# include <sys/types.h>
2969#endif
2970#include <netinet/in.h>
2971#include <arpa/nameser.h>
2972#include <resolv.h>
2973])
1d7b9b20 2974
58d100bf 2975AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2976 ac_cv_have_ss_family_in_struct_ss, [
2977 AC_TRY_COMPILE(
2978 [
18ba2aab 2979#include <sys/types.h>
2980#include <sys/socket.h>
58d100bf 2981 ],
2982 [ struct sockaddr_storage s; s.ss_family = 1; ],
2983 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2984 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2985 )
2986])
2987if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2988 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2989fi
2990
58d100bf 2991AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2992 ac_cv_have___ss_family_in_struct_ss, [
2993 AC_TRY_COMPILE(
2994 [
18ba2aab 2995#include <sys/types.h>
2996#include <sys/socket.h>
58d100bf 2997 ],
2998 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2999 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3000 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3001 )
3002])
3003if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 3004 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3005 [Fields in struct sockaddr_storage])
58d100bf 3006fi
3007
2e73a022 3008AC_CACHE_CHECK([for pw_class field in struct passwd],
3009 ac_cv_have_pw_class_in_struct_passwd, [
3010 AC_TRY_COMPILE(
3011 [
2e73a022 3012#include <pwd.h>
3013 ],
97994d32 3014 [ struct passwd p; p.pw_class = 0; ],
2e73a022 3015 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3016 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3017 )
3018])
3019if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 3020 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3021 [Define if your password has a pw_class field])
2e73a022 3022fi
3023
7751d4eb 3024AC_CACHE_CHECK([for pw_expire field in struct passwd],
3025 ac_cv_have_pw_expire_in_struct_passwd, [
3026 AC_TRY_COMPILE(
3027 [
3028#include <pwd.h>
3029 ],
3030 [ struct passwd p; p.pw_expire = 0; ],
3031 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3032 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3033 )
3034])
3035if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 3036 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3037 [Define if your password has a pw_expire field])
7751d4eb 3038fi
3039
3040AC_CACHE_CHECK([for pw_change field in struct passwd],
3041 ac_cv_have_pw_change_in_struct_passwd, [
3042 AC_TRY_COMPILE(
3043 [
3044#include <pwd.h>
3045 ],
3046 [ struct passwd p; p.pw_change = 0; ],
3047 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3048 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3049 )
3050])
3051if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 3052 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3053 [Define if your password has a pw_change field])
7751d4eb 3054fi
58d100bf 3055
637f9177 3056dnl make sure we're using the real structure members and not defines
6f34652e 3057AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3058 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3059 AC_COMPILE_IFELSE(
6f34652e 3060 [
f95c8ce8 3061#include <sys/types.h>
6f34652e 3062#include <sys/socket.h>
3063#include <sys/uio.h>
637f9177 3064int main() {
3065#ifdef msg_accrights
1a01a50c 3066#error "msg_accrights is a macro"
637f9177 3067exit(1);
3068#endif
3069struct msghdr m;
3070m.msg_accrights = 0;
3071exit(0);
3072}
6f34652e 3073 ],
6f34652e 3074 [ ac_cv_have_accrights_in_msghdr="yes" ],
3075 [ ac_cv_have_accrights_in_msghdr="no" ]
3076 )
3077])
3078if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3079 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3080 [Define if your system uses access rights style
3081 file descriptor passing])
6f34652e 3082fi
3083
7a4f468b 3084AC_MSG_CHECKING(if f_fsid has val members)
3085AC_TRY_COMPILE([
3086#include <sys/types.h>
3087#include <sys/statvfs.h>],
3088[struct fsid_t t; t.val[0] = 0;],
3089 [ AC_MSG_RESULT(yes)
3090 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3091 [ AC_MSG_RESULT(no) ]
3092)
3093
7176df4f 3094AC_CACHE_CHECK([for msg_control field in struct msghdr],
3095 ac_cv_have_control_in_msghdr, [
1a01a50c 3096 AC_COMPILE_IFELSE(
7176df4f 3097 [
f95c8ce8 3098#include <sys/types.h>
7176df4f 3099#include <sys/socket.h>
3100#include <sys/uio.h>
637f9177 3101int main() {
3102#ifdef msg_control
1a01a50c 3103#error "msg_control is a macro"
637f9177 3104exit(1);
3105#endif
3106struct msghdr m;
3107m.msg_control = 0;
3108exit(0);
3109}
7176df4f 3110 ],
7176df4f 3111 [ ac_cv_have_control_in_msghdr="yes" ],
3112 [ ac_cv_have_control_in_msghdr="no" ]
3113 )
3114])
3115if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3116 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3117 [Define if your system uses ancillary data style
3118 file descriptor passing])
7176df4f 3119fi
3120
58d100bf 3121AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3122 AC_TRY_LINK([],
3123 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3124 [ ac_cv_libc_defines___progname="yes" ],
3125 [ ac_cv_libc_defines___progname="no" ]
3126 )
3127])
3128if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3129 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3130fi
8946db53 3131
c921ee00 3132AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3133 AC_TRY_LINK([
3134#include <stdio.h>
aff51935 3135],
3136 [ printf("%s", __FUNCTION__); ],
c921ee00 3137 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3138 [ ac_cv_cc_implements___FUNCTION__="no" ]
3139 )
3140])
3141if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3142 AC_DEFINE(HAVE___FUNCTION__, 1,
3143 [Define if compiler implements __FUNCTION__])
c921ee00 3144fi
3145
3146AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3147 AC_TRY_LINK([
3148#include <stdio.h>
aff51935 3149],
3150 [ printf("%s", __func__); ],
c921ee00 3151 [ ac_cv_cc_implements___func__="yes" ],
3152 [ ac_cv_cc_implements___func__="no" ]
3153 )
3154])
3155if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3156 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3157fi
3158
9a406e1e 3159AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3160 AC_TRY_LINK(
3161 [#include <stdarg.h>
3162 va_list x,y;],
3163 [va_copy(x,y);],
3164 [ ac_cv_have_va_copy="yes" ],
3165 [ ac_cv_have_va_copy="no" ]
3166 )
3167])
3168if test "x$ac_cv_have_va_copy" = "xyes" ; then
3169 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3170fi
3171
3172AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3173 AC_TRY_LINK(
3174 [#include <stdarg.h>
3175 va_list x,y;],
3176 [__va_copy(x,y);],
3177 [ ac_cv_have___va_copy="yes" ],
3178 [ ac_cv_have___va_copy="no" ]
3179 )
3180])
3181if test "x$ac_cv_have___va_copy" = "xyes" ; then
3182 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3183fi
3184
1812a662 3185AC_CACHE_CHECK([whether getopt has optreset support],
3186 ac_cv_have_getopt_optreset, [
3187 AC_TRY_LINK(
3188 [
3189#include <getopt.h>
3190 ],
3191 [ extern int optreset; optreset = 0; ],
3192 [ ac_cv_have_getopt_optreset="yes" ],
3193 [ ac_cv_have_getopt_optreset="no" ]
3194 )
3195])
3196if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3197 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3198 [Define if your getopt(3) defines and uses optreset])
1812a662 3199fi
a0391976 3200
819b676f 3201AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3202 AC_TRY_LINK([],
3203 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3204 [ ac_cv_libc_defines_sys_errlist="yes" ],
3205 [ ac_cv_libc_defines_sys_errlist="no" ]
3206 )
3207])
3208if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3209 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3210 [Define if your system defines sys_errlist[]])
819b676f 3211fi
3212
3213
416ed5a7 3214AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3215 AC_TRY_LINK([],
3216 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3217 [ ac_cv_libc_defines_sys_nerr="yes" ],
3218 [ ac_cv_libc_defines_sys_nerr="no" ]
3219 )
3220])
3221if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3222 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3223fi
3224
aff51935 3225SCARD_MSG="no"
295c8801 3226# Check whether user wants sectok support
3227AC_ARG_WITH(sectok,
3228 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3229 [
3230 if test "x$withval" != "xno" ; then
3231 if test "x$withval" != "xyes" ; then
3232 CPPFLAGS="$CPPFLAGS -I${withval}"
3233 LDFLAGS="$LDFLAGS -L${withval}"
3234 if test ! -z "$need_dash_r" ; then
3235 LDFLAGS="$LDFLAGS -R${withval}"
3236 fi
3237 if test ! -z "$blibpath" ; then
3238 blibpath="$blibpath:${withval}"
3239 fi
3240 fi
3241 AC_CHECK_HEADERS(sectok.h)
3242 if test "$ac_cv_header_sectok_h" != yes; then
3243 AC_MSG_ERROR(Can't find sectok.h)
3244 fi
3245 AC_CHECK_LIB(sectok, sectok_open)
3246 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3247 AC_MSG_ERROR(Can't find libsectok)
3248 fi
3466e002 3249 AC_DEFINE(SMARTCARD, 1,
3250 [Define if you want smartcard support])
3251 AC_DEFINE(USE_SECTOK, 1,
3252 [Define if you want smartcard support
3253 using sectok])
aff51935 3254 SCARD_MSG="yes, using sectok"
295c8801 3255 fi
3256 ]
3257)
3258
3259# Check whether user wants OpenSC support
987b458f 3260OPENSC_CONFIG="no"
295c8801 3261AC_ARG_WITH(opensc,
e47fb473 3262 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3263 [
3264 if test "x$withval" != "xno" ; then
3265 if test "x$withval" != "xyes" ; then
3266 OPENSC_CONFIG=$withval/bin/opensc-config
3267 else
3268 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3269 fi
3270 if test "$OPENSC_CONFIG" != "no"; then
3271 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3272 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3273 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3274 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3275 AC_DEFINE(SMARTCARD)
3466e002 3276 AC_DEFINE(USE_OPENSC, 1,
3277 [Define if you want smartcard support
3278 using OpenSC])
987b458f 3279 SCARD_MSG="yes, using OpenSC"
3280 fi
3281 fi
3282 ]
3283)
d0b19c95 3284
c31dc31c 3285# Check libraries needed by DNS fingerprint support
aff51935 3286AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3287 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3288 [Define if getrrsetbyname() exists])],
3e05e934 3289 [
c31dc31c 3290 # Needed by our getrrsetbyname()
3291 AC_SEARCH_LIBS(res_query, resolv)
3292 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3293 AC_MSG_CHECKING(if res_query will link)
3294 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3295 [AC_MSG_RESULT(no)
3296 saved_LIBS="$LIBS"
3297 LIBS="$LIBS -lresolv"
3298 AC_MSG_CHECKING(for res_query in -lresolv)
3299 AC_LINK_IFELSE([
3300#include <resolv.h>
3301int main()
3302{
3303 res_query (0, 0, 0, 0, 0);
3304 return 0;
3305}
3306 ],
3307 [LIBS="$LIBS -lresolv"
3308 AC_MSG_RESULT(yes)],
3309 [LIBS="$saved_LIBS"
3310 AC_MSG_RESULT(no)])
3311 ])
c31dc31c 3312 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3313 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3314 [#include <sys/types.h>
3315 #include <arpa/nameser.h>])
c31dc31c 3316 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3317 [AC_DEFINE(HAVE_HEADER_AD, 1,
3318 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3319 [#include <arpa/nameser.h>])
3320 ])
3e05e934 3321
560acf80 3322AC_MSG_CHECKING(if struct __res_state _res is an extern)
3323AC_LINK_IFELSE([
3324#include <stdio.h>
3325#if HAVE_SYS_TYPES_H
3326# include <sys/types.h>
3327#endif
3328#include <netinet/in.h>
3329#include <arpa/nameser.h>
3330#include <resolv.h>
3331extern struct __res_state _res;
3332int main() { return 0; }
3333 ],
3334 [AC_MSG_RESULT(yes)
3335 AC_DEFINE(HAVE__RES_EXTERN, 1,
3336 [Define if you have struct __res_state _res as an extern])
3337 ],
3338 [ AC_MSG_RESULT(no) ]
3339)
3340
ef4d1846 3341# Check whether user wants SELinux support
3342SELINUX_MSG="no"
3343LIBSELINUX=""
3344AC_ARG_WITH(selinux,
bb23b54f 3345 [ --with-selinux Enable SELinux support],
ef4d1846 3346 [ if test "x$withval" != "xno" ; then
e54defb4 3347 save_LIBS="$LIBS"
ef4d1846 3348 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3349 SELINUX_MSG="yes"
3350 AC_CHECK_HEADER([selinux/selinux.h], ,
3351 AC_MSG_ERROR(SELinux support requires selinux.h header))
3352 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3353 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3354 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3355 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3356 LIBS="$save_LIBS"
ef4d1846 3357 fi ]
3358)
ef4d1846 3359
12928e80 3360# Check whether user wants Kerberos 5 support
aff51935 3361KRB5_MSG="no"
12928e80 3362AC_ARG_WITH(kerberos5,
aff51935 3363 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3364 [ if test "x$withval" != "xno" ; then
3365 if test "x$withval" = "xyes" ; then
3366 KRB5ROOT="/usr/local"
3367 else
3368 KRB5ROOT=${withval}
3369 fi
3370
3466e002 3371 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3372 KRB5_MSG="yes"
3373
3374 AC_MSG_CHECKING(for krb5-config)
3375 if test -x $KRB5ROOT/bin/krb5-config ; then
3376 KRB5CONF=$KRB5ROOT/bin/krb5-config
3377 AC_MSG_RESULT($KRB5CONF)
3378
3379 AC_MSG_CHECKING(for gssapi support)
3380 if $KRB5CONF | grep gssapi >/dev/null ; then
3381 AC_MSG_RESULT(yes)
3466e002 3382 AC_DEFINE(GSSAPI, 1,
3383 [Define this if you want GSSAPI
3384 support in the version 2 protocol])
071970fb 3385 k5confopts=gssapi
aff51935 3386 else
5585c441 3387 AC_MSG_RESULT(no)
071970fb 3388 k5confopts=""
aff51935 3389 fi
071970fb 3390 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3391 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3392 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3393 AC_MSG_CHECKING(whether we are using Heimdal)
3394 AC_TRY_COMPILE([ #include <krb5.h> ],
3395 [ char *tmp = heimdal_version; ],
3396 [ AC_MSG_RESULT(yes)
3466e002 3397 AC_DEFINE(HEIMDAL, 1,
3398 [Define this if you are using the
3399 Heimdal version of Kerberos V5]) ],
5585c441 3400 AC_MSG_RESULT(no)
3401 )
3402 else
3403 AC_MSG_RESULT(no)
12928e80 3404 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3405 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3406 AC_MSG_CHECKING(whether we are using Heimdal)
3407 AC_TRY_COMPILE([ #include <krb5.h> ],
3408 [ char *tmp = heimdal_version; ],
3409 [ AC_MSG_RESULT(yes)
3410 AC_DEFINE(HEIMDAL)
41707f74 3411 K5LIBS="-lkrb5 -ldes"
3412 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3413 AC_CHECK_LIB(roken, net_write,
41707f74 3414 [K5LIBS="$K5LIBS -lroken"])
aff51935 3415 ],
3416 [ AC_MSG_RESULT(no)
3417 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3418 ]
3419 )
4e00038c 3420 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3421
596a825b 3422 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
749560dd 3423 [ AC_DEFINE(GSSAPI)
596a825b 3424 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3425 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
749560dd 3426 [ AC_DEFINE(GSSAPI)
596a825b 3427 K5LIBS="-lgssapi $K5LIBS" ],
749560dd 3428 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3429 $K5LIBS)
3430 ],
3431 $K5LIBS)
82f4e93d 3432
749560dd 3433 AC_CHECK_HEADER(gssapi.h, ,
3434 [ unset ac_cv_header_gssapi_h
aff51935 3435 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3436 AC_CHECK_HEADERS(gssapi.h, ,
3437 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3438 )
749560dd 3439 ]
3440 )
3441
3442 oldCPP="$CPPFLAGS"
3443 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3444 AC_CHECK_HEADER(gssapi_krb5.h, ,
3445 [ CPPFLAGS="$oldCPP" ])
3446
aff51935 3447 fi
5585c441 3448 if test ! -z "$need_dash_r" ; then
3449 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3450 fi
3451 if test ! -z "$blibpath" ; then
3452 blibpath="$blibpath:${KRB5ROOT}/lib"
3453 fi
071970fb 3454
f5555364 3455 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3456 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3457 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3458
f5555364 3459 LIBS="$LIBS $K5LIBS"
3466e002 3460 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3461 [Define this if you want to use libkafs' AFS support]))
f5555364 3462 fi
071970fb 3463 ]
12928e80 3464)
b5b68128 3465
a0391976 3466# Looking for programs, paths and files
a0391976 3467
ecac8ee5 3468PRIVSEP_PATH=/var/empty
3469AC_ARG_WITH(privsep-path,
cda1ebcb 3470 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3471 [
6cf0200f 3472 if test -n "$withval" && test "x$withval" != "xno" && \
3473 test "x${withval}" != "xyes"; then
ecac8ee5 3474 PRIVSEP_PATH=$withval
3475 fi
3476 ]
3477)
3478AC_SUBST(PRIVSEP_PATH)
3479
a0391976 3480AC_ARG_WITH(xauth,
3481 [ --with-xauth=PATH Specify path to xauth program ],
3482 [
6cf0200f 3483 if test -n "$withval" && test "x$withval" != "xno" && \
3484 test "x${withval}" != "xyes"; then
cbd7492e 3485 xauth_path=$withval
a0391976 3486 fi
3487 ],
3488 [
2bf42e4a 3489 TestPath="$PATH"
3490 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3491 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3492 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3493 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3494 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3495 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3496 xauth_path="/usr/openwin/bin/xauth"
3497 fi
3498 ]
3499)
3500
65a4b4af 3501STRIP_OPT=-s
3502AC_ARG_ENABLE(strip,
3503 [ --disable-strip Disable calling strip(1) on install],
3504 [
3505 if test "x$enableval" = "xno" ; then
3506 STRIP_OPT=
3507 fi
3508 ]
3509)
3510AC_SUBST(STRIP_OPT)
3511
b3ec54b4 3512if test -z "$xauth_path" ; then
3513 XAUTH_PATH="undefined"
3514 AC_SUBST(XAUTH_PATH)
3515else
3466e002 3516 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3517 [Define if xauth is found in your path])
b3ec54b4 3518 XAUTH_PATH=$xauth_path
3519 AC_SUBST(XAUTH_PATH)
a0391976 3520fi
a0391976 3521
3522# Check for mail directory (last resort if we cannot get it from headers)
3523if test ! -z "$MAIL" ; then
3524 maildir=`dirname $MAIL`
3466e002 3525 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3526 [Set this to your mail directory if you don't have maillock.h])
a0391976 3527fi
3528
479cece8 3529if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3530 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3531 disable_ptmx_check=yes
3532fi
a0391976 3533if test -z "$no_dev_ptmx" ; then
6e879cb4 3534 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3535 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3536 [
3466e002 3537 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3538 [Define if you have /dev/ptmx])
6e879cb4 3539 have_dev_ptmx=1
3540 ]
3541 )
3542 fi
3276571c 3543fi
1a01a50c 3544
479cece8 3545if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3546 AC_CHECK_FILE("/dev/ptc",
3547 [
3466e002 3548 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3549 [Define if you have /dev/ptc])
1a01a50c 3550 have_dev_ptc=1
3551 ]
3552 )
3553else
3554 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3555fi
3276571c 3556
a0391976 3557# Options from here on. Some of these are preset by platform above
fdf6b7aa 3558AC_ARG_WITH(mantype,
5d97cfbf 3559 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3560 [
5d97cfbf 3561 case "$withval" in
3562 man|cat|doc)
3563 MANTYPE=$withval
3564 ;;
3565 *)
3566 AC_MSG_ERROR(invalid man type: $withval)
3567 ;;
3568 esac
c54a6257 3569 ]
3570)
e0c4d3ac 3571if test -z "$MANTYPE"; then
2bf42e4a 3572 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3573 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3574 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3575 MANTYPE=doc
3576 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3577 MANTYPE=man
3578 else
3579 MANTYPE=cat
3580 fi
3581fi
c54a6257 3582AC_SUBST(MANTYPE)
e0c4d3ac 3583if test "$MANTYPE" = "doc"; then
3584 mansubdir=man;
3585else
3586 mansubdir=$MANTYPE;
3587fi
3588AC_SUBST(mansubdir)
0bc5b6fb 3589
a0391976 3590# Check whether to enable MD5 passwords
aff51935 3591MD5_MSG="no"
2ddcfdf3 3592AC_ARG_WITH(md5-passwords,
caf3bc51 3593 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3594 [
bcf36c78 3595 if test "x$withval" != "xno" ; then
3466e002 3596 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3597 [Define if you want to allow MD5 passwords])
aff51935 3598 MD5_MSG="yes"
0bc5b6fb 3599 fi
3600 ]
caf3bc51 3601)
3602
a0391976 3603# Whether to disable shadow password support
a7effaac 3604AC_ARG_WITH(shadow,
3605 [ --without-shadow Disable shadow password support],
3606 [
82f4e93d 3607 if test "x$withval" = "xno" ; then
a7effaac 3608 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3609 disable_shadow=yes
a7effaac 3610 fi
3611 ]
3612)
3613
4cb5ffa0 3614if test -z "$disable_shadow" ; then
3615 AC_MSG_CHECKING([if the systems has expire shadow information])
3616 AC_TRY_COMPILE(
3617 [
3618#include <sys/types.h>
3619#include <shadow.h>
3620 struct spwd sp;
3621 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3622 [ sp_expire_available=yes ], []
3623 )
3624
3625 if test "x$sp_expire_available" = "xyes" ; then
3626 AC_MSG_RESULT(yes)
3466e002 3627 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3628 [Define if you want to use shadow password expire field])
4cb5ffa0 3629 else
3630 AC_MSG_RESULT(no)
3631 fi
3632fi
3633
a0391976 3634# Use ip address instead of hostname in $DISPLAY
44839801 3635if test ! -z "$IPADDR_IN_DISPLAY" ; then
3636 DISPLAY_HACK_MSG="yes"
3466e002 3637 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3638 [Define if you need to use IP address
3639 instead of hostname in $DISPLAY])
44839801 3640else
aff51935 3641 DISPLAY_HACK_MSG="no"
44839801 3642 AC_ARG_WITH(ipaddr-display,
3643 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3644 [
82f4e93d 3645 if test "x$withval" != "xno" ; then
44839801 3646 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3647 DISPLAY_HACK_MSG="yes"
44839801 3648 fi
3649 ]
3650 )
3651fi
a7effaac 3652
95b99395 3653# check for /etc/default/login and use it if present.
daa41e62 3654AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3655 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3656 [ if test "x$enableval" = "xno"; then
3657 AC_MSG_NOTICE([/etc/default/login handling disabled])
3658 etc_default_login=no
3659 else
3660 etc_default_login=yes
3661 fi ],
b0e7249f 3662 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3663 then
3664 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3665 etc_default_login=no
3666 else
3667 etc_default_login=yes
3668 fi ]
694d0cef 3669)
95b99395 3670
694d0cef 3671if test "x$etc_default_login" != "xno"; then
3672 AC_CHECK_FILE("/etc/default/login",
3673 [ external_path_file=/etc/default/login ])
b0e7249f 3674 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3675 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3676 [Define if your system has /etc/default/login])
1a01a50c 3677 fi
694d0cef 3678fi
95b99395 3679
8d184c09 3680dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3681if test $ac_cv_func_login_getcapbool = "yes" && \
3682 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3683 external_path_file=/etc/login.conf
8d184c09 3684fi
95b99395 3685
a0391976 3686# Whether to mess with the default path
aff51935 3687SERVER_PATH_MSG="(default)"
c43d69a9 3688AC_ARG_WITH(default-path,
75817f90 3689 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3690 [
95b99395 3691 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3692 AC_MSG_WARN([
3693--with-default-path=PATH has no effect on this system.
3694Edit /etc/login.conf instead.])
82f4e93d 3695 elif test "x$withval" != "xno" ; then
89bbd457 3696 if test ! -z "$external_path_file" ; then
95b99395 3697 AC_MSG_WARN([
3698--with-default-path=PATH will only be used if PATH is not defined in
3699$external_path_file .])
3700 fi
b2d818e6 3701 user_path="$withval"
aff51935 3702 SERVER_PATH_MSG="$withval"
cb807f40 3703 fi
b2d818e6 3704 ],
95b99395 3705 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3706 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3707 else
89bbd457 3708 if test ! -z "$external_path_file" ; then
95b99395 3709 AC_MSG_WARN([
3710If PATH is defined in $external_path_file, ensure the path to scp is included,
3711otherwise scp will not work.])
3712 fi
b0e7249f 3713 AC_RUN_IFELSE(
3714 [AC_LANG_SOURCE([[
b2d818e6 3715/* find out what STDPATH is */
3716#include <stdio.h>
b2d818e6 3717#ifdef HAVE_PATHS_H
3718# include <paths.h>
3719#endif
3720#ifndef _PATH_STDPATH
d9a4e55b 3721# ifdef _PATH_USERPATH /* Irix */
3722# define _PATH_STDPATH _PATH_USERPATH
3723# else
3724# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3725# endif
b2d818e6 3726#endif
3727#include <sys/types.h>
3728#include <sys/stat.h>
3729#include <fcntl.h>
3730#define DATA "conftest.stdpath"
3731
3732main()
3733{
3734 FILE *fd;
3735 int rc;
82f4e93d 3736
b2d818e6 3737 fd = fopen(DATA,"w");
3738 if(fd == NULL)
3739 exit(1);
82f4e93d 3740
b2d818e6 3741 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3742 exit(1);
3743
3744 exit(0);
3745}
b0e7249f 3746 ]])],
3747 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3748 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3749 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3750 )
3751# make sure $bindir is in USER_PATH so scp will work
3752 t_bindir=`eval echo ${bindir}`
3753 case $t_bindir in
3754 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3755 esac
3756 case $t_bindir in
3757 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3758 esac
3759 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3760 if test $? -ne 0 ; then
3761 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3762 if test $? -ne 0 ; then
3763 user_path=$user_path:$t_bindir
3764 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3765 fi
3766 fi
8d184c09 3767 fi ]
cb807f40 3768)
95b99395 3769if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3770 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3771 AC_SUBST(user_path)
3772fi
cb807f40 3773
06617857 3774# Set superuser path separately to user path
06617857 3775AC_ARG_WITH(superuser-path,
3776 [ --with-superuser-path= Specify different path for super-user],
3777 [
6cf0200f 3778 if test -n "$withval" && test "x$withval" != "xno" && \
3779 test "x${withval}" != "xyes"; then
3466e002 3780 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3781 [Define if you want a different $PATH
3782 for the superuser])
06617857 3783 superuser_path=$withval
3784 fi
3785 ]
3786)
3787
3788
58d100bf 3789AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3790IPV4_IN6_HACK_MSG="no"
80faa19f 3791AC_ARG_WITH(4in6,
3792 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3793 [
3794 if test "x$withval" != "xno" ; then
3795 AC_MSG_RESULT(yes)
3466e002 3796 AC_DEFINE(IPV4_IN_IPV6, 1,
3797 [Detect IPv4 in IPv6 mapped addresses
3798 and treat as IPv4])
aff51935 3799 IPV4_IN6_HACK_MSG="yes"
80faa19f 3800 else
3801 AC_MSG_RESULT(no)
3802 fi
3803 ],[
3804 if test "x$inet6_default_4in6" = "xyes"; then
3805 AC_MSG_RESULT([yes (default)])
3806 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3807 IPV4_IN6_HACK_MSG="yes"
80faa19f 3808 else
3809 AC_MSG_RESULT([no (default)])
3810 fi
3811 ]
3812)
3813
af774732 3814# Whether to enable BSD auth support
f1b0ecc3 3815BSD_AUTH_MSG=no
af774732 3816AC_ARG_WITH(bsd-auth,
3817 [ --with-bsd-auth Enable BSD auth support],
3818 [
82f4e93d 3819 if test "x$withval" != "xno" ; then
3466e002 3820 AC_DEFINE(BSD_AUTH, 1,
3821 [Define if you have BSD auth support])
f1b0ecc3 3822 BSD_AUTH_MSG=yes
af774732 3823 fi
3824 ]
3825)
3826
a0391976 3827# Where to place sshd.pid
19d9ac2a 3828piddir=/var/run
81dadca3 3829# make sure the directory exists
82f4e93d 3830if test ! -d $piddir ; then
81dadca3 3831 piddir=`eval echo ${sysconfdir}`
3832 case $piddir in
aff51935 3833 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3834 esac
3835fi
3836
47e45e44 3837AC_ARG_WITH(pid-dir,
3838 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3839 [
6cf0200f 3840 if test -n "$withval" && test "x$withval" != "xno" && \
3841 test "x${withval}" != "xyes"; then
19d9ac2a 3842 piddir=$withval
82f4e93d 3843 if test ! -d $piddir ; then
81dadca3 3844 AC_MSG_WARN([** no $piddir directory on this system **])
3845 fi
47e45e44 3846 fi
3847 ]
3848)
b7a87eea 3849
3466e002 3850AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3851AC_SUBST(piddir)
47e45e44 3852
1d7b9b20 3853dnl allow user to disable some login recording features
3854AC_ARG_ENABLE(lastlog,
bfd550a2 3855 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3856 [
3857 if test "x$enableval" = "xno" ; then
3858 AC_DEFINE(DISABLE_LASTLOG)
3859 fi
3860 ]
1d7b9b20 3861)
3862AC_ARG_ENABLE(utmp,
bfd550a2 3863 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3864 [
3865 if test "x$enableval" = "xno" ; then
3866 AC_DEFINE(DISABLE_UTMP)
3867 fi
3868 ]
1d7b9b20 3869)
3870AC_ARG_ENABLE(utmpx,
bfd550a2 3871 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3872 [
3873 if test "x$enableval" = "xno" ; then
3466e002 3874 AC_DEFINE(DISABLE_UTMPX, 1,
3875 [Define if you don't want to use utmpx])
ddb154b3 3876 fi
3877 ]
1d7b9b20 3878)
3879AC_ARG_ENABLE(wtmp,
bfd550a2 3880 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3881 [
3882 if test "x$enableval" = "xno" ; then
3883 AC_DEFINE(DISABLE_WTMP)
3884 fi
3885 ]
1d7b9b20 3886)
3887AC_ARG_ENABLE(wtmpx,
bfd550a2 3888 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3889 [
3890 if test "x$enableval" = "xno" ; then
3466e002 3891 AC_DEFINE(DISABLE_WTMPX, 1,
3892 [Define if you don't want to use wtmpx])
ddb154b3 3893 fi
3894 ]
1d7b9b20 3895)
3896AC_ARG_ENABLE(libutil,
bfd550a2 3897 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3898 [
3899 if test "x$enableval" = "xno" ; then
3900 AC_DEFINE(DISABLE_LOGIN)
3901 fi
3902 ]
1d7b9b20 3903)
3904AC_ARG_ENABLE(pututline,
bfd550a2 3905 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3906 [
3907 if test "x$enableval" = "xno" ; then
3466e002 3908 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3909 [Define if you don't want to use pututline()
3910 etc. to write [uw]tmp])
ddb154b3 3911 fi
3912 ]
1d7b9b20 3913)
3914AC_ARG_ENABLE(pututxline,
bfd550a2 3915 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3916 [
3917 if test "x$enableval" = "xno" ; then
3466e002 3918 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3919 [Define if you don't want to use pututxline()
3920 etc. to write [uw]tmpx])
ddb154b3 3921 fi
3922 ]
1d7b9b20 3923)
3924AC_ARG_WITH(lastlog,
bfd550a2 3925 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3926 [
82f4e93d 3927 if test "x$withval" = "xno" ; then
8c89dd2b 3928 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3929 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3930 conf_lastlog_location=$withval
3931 fi
3932 ]
3933)
1d7b9b20 3934
3935dnl lastlog, [uw]tmpx? detection
3936dnl NOTE: set the paths in the platform section to avoid the
3937dnl need for command-line parameters
3938dnl lastlog and [uw]tmp are subject to a file search if all else fails
3939
3940dnl lastlog detection
3941dnl NOTE: the code itself will detect if lastlog is a directory
3942AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3943AC_TRY_COMPILE([
3944#include <sys/types.h>
3945#include <utmp.h>
3946#ifdef HAVE_LASTLOG_H
3947# include <lastlog.h>
3948#endif
d7c0f3d5 3949#ifdef HAVE_PATHS_H
1d7b9b20 3950# include <paths.h>
41cb4569 3951#endif
3952#ifdef HAVE_LOGIN_H
3953# include <login.h>
1d7b9b20 3954#endif
3955 ],
3956 [ char *lastlog = LASTLOG_FILE; ],
3957 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3958 [
3959 AC_MSG_RESULT(no)
3960 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3961 AC_TRY_COMPILE([
3962#include <sys/types.h>
3963#include <utmp.h>
3964#ifdef HAVE_LASTLOG_H
3965# include <lastlog.h>
3966#endif
3967#ifdef HAVE_PATHS_H
3968# include <paths.h>
3969#endif
3970 ],
3971 [ char *lastlog = _PATH_LASTLOG; ],
3972 [ AC_MSG_RESULT(yes) ],
3973 [
f282b668 3974 AC_MSG_RESULT(no)
d7c0f3d5 3975 system_lastlog_path=no
3976 ])
3977 ]
1d7b9b20 3978)
d7c0f3d5 3979
1d7b9b20 3980if test -z "$conf_lastlog_location"; then
3981 if test x"$system_lastlog_path" = x"no" ; then
3982 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3983 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3984 conf_lastlog_location=$f
3985 fi
3986 done
3987 if test -z "$conf_lastlog_location"; then
f8119cef 3988 AC_MSG_WARN([** Cannot find lastlog **])
3989 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3990 fi
3991 fi
3992fi
3993
3994if test -n "$conf_lastlog_location"; then
3466e002 3995 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3996 [Define if you want to specify the path to your lastlog file])
82f4e93d 3997fi
1d7b9b20 3998
3999dnl utmp detection
4000AC_MSG_CHECKING([if your system defines UTMP_FILE])
4001AC_TRY_COMPILE([
4002#include <sys/types.h>
4003#include <utmp.h>
d7c0f3d5 4004#ifdef HAVE_PATHS_H
1d7b9b20 4005# include <paths.h>
4006#endif
4007 ],
4008 [ char *utmp = UTMP_FILE; ],
4009 [ AC_MSG_RESULT(yes) ],
4010 [ AC_MSG_RESULT(no)
4011 system_utmp_path=no ]
4012)
4013if test -z "$conf_utmp_location"; then
4014 if test x"$system_utmp_path" = x"no" ; then
4015 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4016 if test -f $f ; then
4017 conf_utmp_location=$f
4018 fi
4019 done
4020 if test -z "$conf_utmp_location"; then
4021 AC_DEFINE(DISABLE_UTMP)
4022 fi
4023 fi
4024fi
4025if test -n "$conf_utmp_location"; then
3466e002 4026 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4027 [Define if you want to specify the path to your utmp file])
82f4e93d 4028fi
1d7b9b20 4029
4030dnl wtmp detection
4031AC_MSG_CHECKING([if your system defines WTMP_FILE])
4032AC_TRY_COMPILE([
4033#include <sys/types.h>
4034#include <utmp.h>
d7c0f3d5 4035#ifdef HAVE_PATHS_H
1d7b9b20 4036# include <paths.h>
4037#endif
4038 ],
4039 [ char *wtmp = WTMP_FILE; ],
4040 [ AC_MSG_RESULT(yes) ],
4041 [ AC_MSG_RESULT(no)
4042 system_wtmp_path=no ]
4043)
4044if test -z "$conf_wtmp_location"; then
4045 if test x"$system_wtmp_path" = x"no" ; then
4046 for f in /usr/adm/wtmp /var/log/wtmp; do
4047 if test -f $f ; then
4048 conf_wtmp_location=$f
4049 fi
4050 done
4051 if test -z "$conf_wtmp_location"; then
4052 AC_DEFINE(DISABLE_WTMP)
4053 fi
4054 fi
4055fi
4056if test -n "$conf_wtmp_location"; then
3466e002 4057 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4058 [Define if you want to specify the path to your wtmp file])
82f4e93d 4059fi
1d7b9b20 4060
4061
4062dnl utmpx detection - I don't know any system so perverse as to require
4063dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4064dnl there, though.
4065AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4066AC_TRY_COMPILE([
4067#include <sys/types.h>
4068#include <utmp.h>
4069#ifdef HAVE_UTMPX_H
4070#include <utmpx.h>
4071#endif
d7c0f3d5 4072#ifdef HAVE_PATHS_H
1d7b9b20 4073# include <paths.h>
4074#endif
4075 ],
4076 [ char *utmpx = UTMPX_FILE; ],
4077 [ AC_MSG_RESULT(yes) ],
4078 [ AC_MSG_RESULT(no)
4079 system_utmpx_path=no ]
4080)
4081if test -z "$conf_utmpx_location"; then
4082 if test x"$system_utmpx_path" = x"no" ; then
4083 AC_DEFINE(DISABLE_UTMPX)
4084 fi
4085else
3466e002 4086 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4087 [Define if you want to specify the path to your utmpx file])
82f4e93d 4088fi
1d7b9b20 4089
4090dnl wtmpx detection
4091AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4092AC_TRY_COMPILE([
4093#include <sys/types.h>
4094#include <utmp.h>
4095#ifdef HAVE_UTMPX_H
4096#include <utmpx.h>
4097#endif
d7c0f3d5 4098#ifdef HAVE_PATHS_H
1d7b9b20 4099# include <paths.h>
4100#endif
4101 ],
4102 [ char *wtmpx = WTMPX_FILE; ],
4103 [ AC_MSG_RESULT(yes) ],
4104 [ AC_MSG_RESULT(no)
4105 system_wtmpx_path=no ]
4106)
4107if test -z "$conf_wtmpx_location"; then
4108 if test x"$system_wtmpx_path" = x"no" ; then
4109 AC_DEFINE(DISABLE_WTMPX)
4110 fi
4111else
3466e002 4112 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4113 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4114fi
1d7b9b20 4115
b7a87eea 4116
bd499f9e 4117if test ! -z "$blibpath" ; then
68ece370 4118 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4119 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4120fi
4121
ed89c848 4122dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4123dnl Add now.
4124CFLAGS="$CFLAGS $werror_flags"
4125
edee47f5 4126if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4127 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4128 AC_SUBST(TEST_SSH_IPV6, no)
4129else
4130 AC_SUBST(TEST_SSH_IPV6, yes)
4131fi
4132
3c62e7eb 4133AC_EXEEXT
29eadd7c 4134AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4135 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4136 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4137AC_OUTPUT
d3083fbd 4138
cbd7492e 4139# Print summary of options
4140
cbd7492e 4141# Someone please show me a better way :)
4142A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4143B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4144C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4145D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4146E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4147F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4148G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4149H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4150I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4151J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4152
4153echo ""
26de7942 4154echo "OpenSSH has been configured with the following options:"
ecac8ee5 4155echo " User binaries: $B"
4156echo " System binaries: $C"
4157echo " Configuration files: $D"
4158echo " Askpass program: $E"
4159echo " Manual pages: $F"
4160echo " PID file: $G"
4161echo " Privilege separation chroot path: $H"
95b99395 4162if test "x$external_path_file" = "x/etc/login.conf" ; then
4163echo " At runtime, sshd will use the path defined in $external_path_file"
4164echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4165else
ecac8ee5 4166echo " sshd default user PATH: $I"
89bbd457 4167 if test ! -z "$external_path_file"; then
95b99395 4168echo " (If PATH is set in $external_path_file it will be used instead. If"
4169echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4170 fi
8d184c09 4171fi
06617857 4172if test ! -z "$superuser_path" ; then
ecac8ee5 4173echo " sshd superuser user PATH: $J"
4174fi
4175echo " Manpage format: $MANTYPE"
3e05e934 4176echo " PAM support: $PAM_MSG"
5b84789f 4177echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4178echo " KerberosV support: $KRB5_MSG"
ef4d1846 4179echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4180echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4181echo " S/KEY support: $SKEY_MSG"
4182echo " TCP Wrappers support: $TCPW_MSG"
4183echo " MD5 password support: $MD5_MSG"
59031773 4184echo " libedit support: $LIBEDIT_MSG"
5b84789f 4185echo " Solaris process contract support: $SPC_MSG"
3deb1408 4186echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4187echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4188echo " BSD Auth support: $BSD_AUTH_MSG"
4189echo " Random number source: $RAND_MSG"
f1b0ecc3 4190if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4191echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4192fi
4193
cbd7492e 4194echo ""
4195
0c2fb82f 4196echo " Host: ${host}"
4197echo " Compiler: ${CC}"
4198echo " Compiler flags: ${CFLAGS}"
4199echo "Preprocessor flags: ${CPPFLAGS}"
4200echo " Linker flags: ${LDFLAGS}"
e54defb4 4201echo " Libraries: ${LIBS}"
4202if test ! -z "${SSHDLIBS}"; then
4203echo " +for sshd: ${SSHDLIBS}"
4204fi
cbd7492e 4205
4206echo ""
4207
9cefe228 4208if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4209 echo "SVR4 style packages are supported with \"make package\""
4210 echo ""
9cefe228 4211fi
4212
adeebd37 4213if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4214 echo "PAM is enabled. You may need to install a PAM control file "
4215 echo "for sshd, otherwise password authentication may fail. "
aff51935 4216 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4217 echo "subdirectory"
adeebd37 4218 echo ""
4219fi
4220
f1b0ecc3 4221if test ! -z "$RAND_HELPER_CMDHASH" ; then
4222 echo "WARNING: you are using the builtin random number collection "
4223 echo "service. Please read WARNING.RNG and request that your OS "
4224 echo "vendor includes kernel-based random number collection in "
4225 echo "future versions of your OS."
2c523de9 4226 echo ""
4227fi
af774732 4228
2f6f9cff 4229if test ! -z "$NO_PEERCHECK" ; then
1961d660 4230 echo "WARNING: the operating system that you are using does not"
4231 echo "appear to support getpeereid(), getpeerucred() or the"
4232 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4233 echo "enforce security checks to prevent unauthorised connections to"
4234 echo "ssh-agent. Their absence increases the risk that a malicious"
4235 echo "user can connect to your agent."
2f6f9cff 4236 echo ""
4237fi
4238
7b578f7d 4239if test "$AUDIT_MODULE" = "bsm" ; then
4240 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4241 echo "See the Solaris section in README.platform for details."
4242fi
git-cvsimport mirror of OpenSSH
This page took 5.573996 seconds and 5 git commands to generate.