]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [openbsd-compat/daemon.c] Add unistd.h for fork() prototype.
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
a0391976 130# Check for some target-specific stuff
a7effaac 131case "$host" in
9d6b1b96 132*-*-aix*)
aff51935 133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 134 if (test -z "$blibpath"); then
0a15d73b 135 blibpath="/usr/lib:/lib"
68ece370 136 fi
137 saved_LDFLAGS="$LDFLAGS"
e7479666 138 if test "$GCC" = "yes"; then
139 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
140 else
141 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
142 fi
143 for tryflags in $flags ;do
68ece370 144 if (test -z "$blibflags"); then
145 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
146 AC_TRY_LINK([], [], [blibflags=$tryflags])
147 fi
148 done
149 if (test -z "$blibflags"); then
150 AC_MSG_RESULT(not found)
151 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
152 else
153 AC_MSG_RESULT($blibflags)
bd499f9e 154 fi
68ece370 155 LDFLAGS="$saved_LDFLAGS"
e351e493 156 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 157 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
158 [Define if you want to enable AIX4's authenticate function])],
0764e748 159 [AC_CHECK_LIB(s,authenticate,
e351e493 160 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 161 LIBS="$LIBS -ls"
162 ])
163 ])
ba603e06 164 dnl Check for various auth function declarations in headers.
c85ed8e2 165 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 166 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 167 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 168 AC_CHECK_DECLS(loginfailed,
e351e493 169 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
170 AC_TRY_COMPILE(
f58c0e01 171 [#include <usersec.h>],
e351e493 172 [(void)loginfailed("user","host","tty",0);],
173 [AC_MSG_RESULT(yes)
3466e002 174 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
175 [Define if your AIX loginfailed() function
176 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 177 [AC_MSG_RESULT(no)]
e351e493 178 )],
179 [],
180 [#include <usersec.h>]
181 )
2aa3a16c 182 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 183 check_for_aix_broken_getaddrinfo=1
3466e002 184 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
185 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
186 [Define if your platform breaks doing a seteuid before a setuid])
187 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
188 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 189 dnl AIX handles lastlog as part of its login message
3466e002 190 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
191 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
192 [Some systems need a utmpx entry for /bin/login to work])
193 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
194 [Define to a Set Process Title type if your system is
195 supported by bsd-setproctitle.c])
961c2997 196 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
197 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 198 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 199 ;;
3c62e7eb 200*-*-cygwin*)
a52997bd 201 check_for_libcrypt_later=1
ffb8d130 202 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 203 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
204 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
205 AC_DEFINE(DISABLE_SHADOW, 1,
206 [Define if you want to disable shadow passwords])
207 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
208 [Define if your system choked on IP TOS setting])
209 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
210 [Define if X11 doesn't support AF_UNIX sockets on that system])
211 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
212 [Define if the concept of ports only accessible to
213 superusers isn't known])
214 AC_DEFINE(DISABLE_FD_PASSING, 1,
215 [Define if your platform needs to skip post auth
216 file descriptor passing])
3c62e7eb 217 ;;
d6fdb079 218*-*-dgux*)
219 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 220 AC_DEFINE(SETEUID_BREAKS_SETUID)
221 AC_DEFINE(BROKEN_SETREUID)
222 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 223 ;;
39c98ef7 224*-*-darwin*)
33e2e066 225 AC_MSG_CHECKING(if we have working getaddrinfo)
226 AC_TRY_RUN([#include <mach-o/dyld.h>
227main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
228 exit(0);
229 else
230 exit(1);
231}], [AC_MSG_RESULT(working)],
232 [AC_MSG_RESULT(buggy)
3466e002 233 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 234 [AC_MSG_RESULT(assume it is working)])
635e0c42 235 AC_DEFINE(SETEUID_BREAKS_SETUID)
236 AC_DEFINE(BROKEN_SETREUID)
237 AC_DEFINE(BROKEN_SETREGID)
3466e002 238 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
239 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 240 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
241 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
242 [Use tunnel device compatibility to OpenBSD])
243 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
244 [Prepend the address family to IP tunnel traffic])
39c98ef7 245 ;;
7d458c86 246*-*-hpux*)
247 # first we define all of the options common to all HP-UX releases
b8fea62d 248 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 249 IPADDR_IN_DISPLAY=yes
2b10f47a 250 AC_DEFINE(USE_PIPES)
3466e002 251 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
252 [Define if your login program cannot handle end of options ("--")])
a2572aa7 253 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 254 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
255 [String used in /etc/passwd to denote locked account])
3a2b2b44 256 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 257 MAIL="/var/mail/username"
f75ca46d 258 LIBS="$LIBS -lsec"
7d458c86 259 AC_CHECK_LIB(xnet, t_error, ,
260 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
261
262 # next, we define all of the options specific to major releases
263 case "$host" in
264 *-*-hpux10*)
265 if test -z "$GCC"; then
266 CFLAGS="$CFLAGS -Ae"
267 fi
268 ;;
269 *-*-hpux11*)
3466e002 270 AC_DEFINE(PAM_SUN_CODEBASE, 1,
271 [Define if you are using Solaris-derived PAM which
272 passes pam_messages to the conversation function
273 with an extra level of indirection])
274 AC_DEFINE(DISABLE_UTMP, 1,
275 [Define if you don't want to use utmp])
7d458c86 276 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
277 check_for_hpux_broken_getaddrinfo=1
278 check_for_conflicting_getspnam=1
279 ;;
280 esac
281
282 # lastly, we define options specific to minor releases
283 case "$host" in
284 *-*-hpux10.26)
3466e002 285 AC_DEFINE(HAVE_SECUREWARE, 1,
286 [Define if you have SecureWare-based
287 protected password database])
7d458c86 288 disable_ptmx_check=yes
289 LIBS="$LIBS -lsecpw"
290 ;;
291 esac
2b763e31 292 ;;
d94aa2ae 293*-*-irix5*)
6ac7829a 294 PATH="$PATH:/usr/etc"
3466e002 295 AC_DEFINE(BROKEN_INET_NTOA, 1,
296 [Define if you system's inet_ntoa is busted
297 (e.g. Irix gcc issue)])
cb433561 298 AC_DEFINE(SETEUID_BREAKS_SETUID)
299 AC_DEFINE(BROKEN_SETREUID)
300 AC_DEFINE(BROKEN_SETREGID)
3466e002 301 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
302 [Define if you shouldn't strip 'tty' from your
303 ttyname in [uw]tmp])
3e6e3da0 304 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 305 ;;
306*-*-irix6*)
6ac7829a 307 PATH="$PATH:/usr/etc"
3466e002 308 AC_DEFINE(WITH_IRIX_ARRAY, 1,
309 [Define if you have/want arrays
310 (cluster-wide session managment, not C arrays)])
311 AC_DEFINE(WITH_IRIX_PROJECT, 1,
312 [Define if you want IRIX project management])
313 AC_DEFINE(WITH_IRIX_AUDIT, 1,
314 [Define if you want IRIX audit trails])
315 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
316 [Define if you want IRIX kernel jobs])])
416ed5a7 317 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 318 AC_DEFINE(SETEUID_BREAKS_SETUID)
319 AC_DEFINE(BROKEN_SETREUID)
320 AC_DEFINE(BROKEN_SETREGID)
3466e002 321 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 322 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 323 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 324 ;;
5cdfe03f 325*-*-linux*)
326 no_dev_ptmx=1
717057b6 327 check_for_libcrypt_later=1
eacb954e 328 check_for_openpty_ctty_bug=1
3466e002 329 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
330 AC_DEFINE(PAM_TTY_KLUDGE, 1,
331 [Work around problematic Linux PAM modules handling of PAM_TTY])
332 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
333 [String used in /etc/passwd to denote locked account])
3a2b2b44 334 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 335 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
336 [Define to whatever link() returns for "not supported"
337 if it doesn't return EOPNOTSUPP.])
b6610e8f 338 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 339 AC_DEFINE(USE_BTMP)
80faa19f 340 inet6_default_4in6=yes
bf7c1e6c 341 case `uname -r` in
ad84c479 342 1.*|2.0.*)
3466e002 343 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
344 [Define if cmsg_type is not passed correctly])
bf7c1e6c 345 ;;
bf7c1e6c 346 esac
c40f09ca 347 # tun(4) forwarding compat code
d91775e1 348 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 349 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 350 AC_DEFINE(SSH_TUN_LINUX, 1,
351 [Open tunnel devices the Linux tun/tap way])
352 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
353 [Use tunnel device compatibility to OpenBSD])
354 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
355 [Prepend the address family to IP tunnel traffic])
356 fi
5cdfe03f 357 ;;
66d6c27e 358mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 359 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 360 SONY=1
66d6c27e 361 ;;
d468fc76 362*-*-netbsd*)
33e2e066 363 check_for_libcrypt_before=1
82f4e93d 364 if test "x$withval" != "xno" ; then
e6354014 365 need_dash_r=1
366 fi
0f6cb079 367 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
368 AC_CHECK_HEADER([net/if_tap.h], ,
369 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
370 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
371 [Prepend the address family to IP tunnel traffic])
d468fc76 372 ;;
86b416a7 373*-*-freebsd*)
374 check_for_libcrypt_later=1
988c5031 375 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 376 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
377 AC_CHECK_HEADER([net/if_tap.h], ,
378 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 379 ;;
8707b7eb 380*-*-bsdi*)
381 AC_DEFINE(SETEUID_BREAKS_SETUID)
382 AC_DEFINE(BROKEN_SETREUID)
383 AC_DEFINE(BROKEN_SETREGID)
384 ;;
729bfe59 385*-next-*)
729bfe59 386 conf_lastlog_location="/usr/adm/lastlog"
698d107e 387 conf_utmp_location=/etc/utmp
388 conf_wtmp_location=/usr/adm/wtmp
389 MAIL=/usr/spool/mail
3466e002 390 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 391 AC_DEFINE(BROKEN_REALPATH)
00937921 392 AC_DEFINE(USE_PIPES)
3466e002 393 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 394 ;;
5b7b5e23 395*-*-openbsd*)
396 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 397 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 398 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
5b7b5e23 399 ;;
9d6b1b96 400*-*-solaris*)
82f4e93d 401 if test "x$withval" != "xno" ; then
010e9d5b 402 need_dash_r=1
403 fi
adeebd37 404 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 405 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 406 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
407 [Some versions of /bin/login need the TERM supplied
408 on the commandline])
7f0a4ff1 409 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 410 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
411 [Define if pam_chauthtok wants real uid set
412 to the unpriv'ed user])
3e6e3da0 413 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 414 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 415 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
416 [Define if sshd somehow reacquires a controlling TTY
417 after setsid()])
795aa5f5 418 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
419 in case the name is longer than 8 chars])
95b99395 420 external_path_file=/etc/default/login
1d7b9b20 421 # hardwire lastlog location (can't detect it on some versions)
422 conf_lastlog_location="/var/adm/lastlog"
32c80420 423 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
424 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
425 if test "$sol2ver" -ge 8; then
426 AC_MSG_RESULT(yes)
427 AC_DEFINE(DISABLE_UTMP)
3466e002 428 AC_DEFINE(DISABLE_WTMP, 1,
429 [Define if you don't want to use wtmp])
32c80420 430 else
431 AC_MSG_RESULT(no)
432 fi
9d6b1b96 433 ;;
a423beaf 434*-*-sunos4*)
0c2fb82f 435 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 436 AC_CHECK_FUNCS(getpwanam)
adeebd37 437 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 438 conf_utmp_location=/etc/utmp
439 conf_wtmp_location=/var/adm/wtmp
440 conf_lastlog_location=/var/adm/lastlog
137d7b6c 441 AC_DEFINE(USE_PIPES)
a423beaf 442 ;;
6f68f28a 443*-ncr-sysv*)
98a7c37b 444 LIBS="$LIBS -lc89"
29525240 445 AC_DEFINE(USE_PIPES)
eabb99c6 446 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 447 AC_DEFINE(SETEUID_BREAKS_SETUID)
448 AC_DEFINE(BROKEN_SETREUID)
449 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 450 ;;
132dd316 451*-sni-sysv*)
c8c15bcb 452 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 453 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 454 # -lresolv needs to be at the end of LIBS or DNS lookups break
455 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 456 IPADDR_IN_DISPLAY=yes
457 AC_DEFINE(USE_PIPES)
132dd316 458 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 459 AC_DEFINE(SETEUID_BREAKS_SETUID)
460 AC_DEFINE(BROKEN_SETREUID)
461 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 462 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 463 external_path_file=/etc/default/login
c8c15bcb 464 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
465 # Attention: always take care to bind libsocket and libnsl before libc,
466 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 467 ;;
79a7ba96 468# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 469*-*-sysv4.2*)
9a406e1e 470 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
ed6553e2 471 AC_DEFINE(USE_PIPES)
7ed101c0 472 AC_DEFINE(SETEUID_BREAKS_SETUID)
473 AC_DEFINE(BROKEN_SETREUID)
474 AC_DEFINE(BROKEN_SETREGID)
46f853b9 475 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 476 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 477 ;;
79a7ba96 478# UnixWare 7.x, OpenUNIX 8
77bb0bca 479*-*-sysv5*)
d7d2cc6e 480 check_for_libcrypt_later=1
481 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 482 AC_DEFINE(USE_PIPES)
7ed101c0 483 AC_DEFINE(SETEUID_BREAKS_SETUID)
484 AC_DEFINE(BROKEN_SETREUID)
485 AC_DEFINE(BROKEN_SETREGID)
3466e002 486 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 487 case "$host" in
488 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
489 TEST_SHELL=/u95/bin/sh
3466e002 490 AC_DEFINE(BROKEN_LIBIAF, 1,
491 [ia_uinfo routines not supported by OS yet])
822015dd 492 ;;
e45da4d6 493 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
494 ;;
822015dd 495 esac
77bb0bca 496 ;;
9d6b1b96 497*-*-sysv*)
9d6b1b96 498 ;;
79a7ba96 499# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 500*-*-sco3.2v4*)
11cf4f1f 501 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 502 ;;
79a7ba96 503# SCO OpenServer 5.x
77bb0bca 504*-*-sco3.2v5*)
21710e39 505 if test -z "$GCC"; then
506 CFLAGS="$CFLAGS -belf"
507 fi
ed6553e2 508 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 509 no_dev_ptmx=1
ed6553e2 510 AC_DEFINE(USE_PIPES)
6e879cb4 511 AC_DEFINE(HAVE_SECUREWARE)
d287c664 512 AC_DEFINE(DISABLE_SHADOW)
94d8258b 513 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 514 AC_DEFINE(SETEUID_BREAKS_SETUID)
515 AC_DEFINE(BROKEN_SETREUID)
516 AC_DEFINE(BROKEN_SETREGID)
bcebad47 517 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 518 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 519 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 520 AC_CHECK_FUNCS(getluid setluid)
533875af 521 MANTYPE=man
a3245b92 522 TEST_SHELL=ksh
509b1f88 523 ;;
ccbb983c 524*-*-unicosmk*)
3466e002 525 AC_DEFINE(NO_SSH_LASTLOG, 1,
526 [Define if you don't want to use lastlog in session.c])
c1ad5966 527 AC_DEFINE(SETEUID_BREAKS_SETUID)
528 AC_DEFINE(BROKEN_SETREUID)
529 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 530 AC_DEFINE(USE_PIPES)
531 AC_DEFINE(DISABLE_FD_PASSING)
532 LDFLAGS="$LDFLAGS"
533 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
534 MANTYPE=cat
d262b7f2 535 ;;
7b9a8c6e 536*-*-unicosmp*)
c1ad5966 537 AC_DEFINE(SETEUID_BREAKS_SETUID)
538 AC_DEFINE(BROKEN_SETREUID)
539 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 540 AC_DEFINE(WITH_ABBREV_NO_TTY)
541 AC_DEFINE(USE_PIPES)
542 AC_DEFINE(DISABLE_FD_PASSING)
543 LDFLAGS="$LDFLAGS"
c1ad5966 544 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 545 MANTYPE=cat
546 ;;
ca5c7d6a 547*-*-unicos*)
c1ad5966 548 AC_DEFINE(SETEUID_BREAKS_SETUID)
549 AC_DEFINE(BROKEN_SETREUID)
550 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 551 AC_DEFINE(USE_PIPES)
94d8258b 552 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 553 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 554 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
555 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
556 MANTYPE=cat
a704dd54 557 ;;
4d33e531 558*-dec-osf*)
99c8ddac 559 AC_MSG_CHECKING(for Digital Unix SIA)
560 no_osfsia=""
561 AC_ARG_WITH(osfsia,
562 [ --with-osfsia Enable Digital Unix SIA],
563 [
564 if test "x$withval" = "xno" ; then
565 AC_MSG_RESULT(disabled)
566 no_osfsia=1
567 fi
568 ],
569 )
570 if test -z "$no_osfsia" ; then
4d33e531 571 if test -f /etc/sia/matrix.conf; then
572 AC_MSG_RESULT(yes)
3466e002 573 AC_DEFINE(HAVE_OSF_SIA, 1,
574 [Define if you have Digital Unix Security
575 Integration Architecture])
576 AC_DEFINE(DISABLE_LOGIN, 1,
577 [Define if you don't want to use your
578 system's login() call])
58d0df4e 579 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 580 LIBS="$LIBS -lsecurity -ldb -lm -laud"
581 else
582 AC_MSG_RESULT(no)
3466e002 583 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
584 [String used in /etc/passwd to denote locked account])
4d33e531 585 fi
586 fi
a6e67b60 587 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 588 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 589 AC_DEFINE(BROKEN_SETREUID)
590 AC_DEFINE(BROKEN_SETREGID)
4d33e531 591 ;;
41cb4569 592
9c54c067 593*-*-nto-qnx*)
41cb4569 594 AC_DEFINE(USE_PIPES)
595 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 596 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
597 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
598 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 599 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 600 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 601 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 602 ;;
35fc74ed 603
604*-*-ultrix*)
3466e002 605 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
606 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 607 AC_DEFINE(NEED_SETPGRP)
b5765e1d 608 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
609 ;;
157b6700 610
611*-*-lynxos)
612 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 613 AC_DEFINE(MISSING_HOWMANY)
157b6700 614 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
615 ;;
a7effaac 616esac
617
8e7b16f8 618# Allow user to specify flags
619AC_ARG_WITH(cflags,
620 [ --with-cflags Specify additional flags to pass to compiler],
621 [
6cf0200f 622 if test -n "$withval" && test "x$withval" != "xno" && \
623 test "x${withval}" != "xyes"; then
8e7b16f8 624 CFLAGS="$CFLAGS $withval"
625 fi
82f4e93d 626 ]
8e7b16f8 627)
0c2fb82f 628AC_ARG_WITH(cppflags,
629 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
630 [
6cf0200f 631 if test -n "$withval" && test "x$withval" != "xno" && \
632 test "x${withval}" != "xyes"; then
0c2fb82f 633 CPPFLAGS="$CPPFLAGS $withval"
634 fi
635 ]
636)
8e7b16f8 637AC_ARG_WITH(ldflags,
97b378bf 638 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 639 [
6cf0200f 640 if test -n "$withval" && test "x$withval" != "xno" && \
641 test "x${withval}" != "xyes"; then
8e7b16f8 642 LDFLAGS="$LDFLAGS $withval"
643 fi
82f4e93d 644 ]
8e7b16f8 645)
646AC_ARG_WITH(libs,
647 [ --with-libs Specify additional libraries to link with],
648 [
6cf0200f 649 if test -n "$withval" && test "x$withval" != "xno" && \
650 test "x${withval}" != "xyes"; then
8e7b16f8 651 LIBS="$LIBS $withval"
652 fi
82f4e93d 653 ]
8e7b16f8 654)
ed89c848 655AC_ARG_WITH(Werror,
656 [ --with-Werror Build main code with -Werror],
657 [
658 if test -n "$withval" && test "x$withval" != "xno"; then
659 werror_flags="-Werror"
1012885d 660 if test "x${withval}" != "xyes"; then
ed89c848 661 werror_flags="$withval"
662 fi
663 fi
664 ]
665)
8e7b16f8 666
c5829391 667AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 668AC_RUN_IFELSE(
669 [AC_LANG_SOURCE([
c5829391 670#include <stdio.h>
671int main(){exit(0);}
479cece8 672 ])],
c5829391 673 [ AC_MSG_RESULT(yes) ],
674 [
675 AC_MSG_RESULT(no)
676 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 677 ],
678 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 679)
680
b04a9f8c 681dnl Checks for header files.
682AC_CHECK_HEADERS( \
683 bstring.h \
684 crypt.h \
2f360c89 685 crypto/sha2.h \
b04a9f8c 686 dirent.h \
687 endian.h \
688 features.h \
37259a8e 689 fcntl.h \
b04a9f8c 690 floatingpoint.h \
691 getopt.h \
692 glob.h \
693 ia.h \
4c653d8e 694 iaf.h \
b04a9f8c 695 limits.h \
696 login.h \
b04a9f8c 697 maillock.h \
698 ndir.h \
e02505e2 699 net/if_tun.h \
b04a9f8c 700 netdb.h \
701 netgroup.h \
b04a9f8c 702 pam/pam_appl.h \
703 paths.h \
704 pty.h \
705 readpassphrase.h \
706 rpc/types.h \
707 security/pam_appl.h \
f73e2ad7 708 sha2.h \
b04a9f8c 709 shadow.h \
710 stddef.h \
711 stdint.h \
0957c2cf 712 string.h \
b04a9f8c 713 strings.h \
714 sys/audit.h \
715 sys/bitypes.h \
716 sys/bsdtty.h \
717 sys/cdefs.h \
718 sys/dir.h \
719 sys/mman.h \
720 sys/ndir.h \
721 sys/prctl.h \
722 sys/pstat.h \
723 sys/select.h \
724 sys/stat.h \
725 sys/stream.h \
726 sys/stropts.h \
727 sys/strtio.h \
728 sys/sysmacros.h \
729 sys/time.h \
730 sys/timers.h \
731 sys/un.h \
732 time.h \
733 tmpdir.h \
734 ttyent.h \
25dd2ce6 735 unistd.h \
b04a9f8c 736 usersec.h \
737 util.h \
738 utime.h \
739 utmp.h \
740 utmpx.h \
ea76f54c 741 vis.h \
b04a9f8c 742)
ddceb1c8 743
823221b2 744# lastlog.h requires sys/time.h to be included first on Solaris
745AC_CHECK_HEADERS(lastlog.h, [], [], [
746#ifdef HAVE_SYS_TIME_H
747# include <sys/time.h>
748#endif
749])
750
765a24cd 751# sys/ptms.h requires sys/stream.h to be included first on Solaris
752AC_CHECK_HEADERS(sys/ptms.h, [], [], [
753#ifdef HAVE_SYS_STREAM_H
754# include <sys/stream.h>
755#endif
756])
757
3919d576 758# login_cap.h requires sys/types.h on NetBSD
759AC_CHECK_HEADERS(login_cap.h, [], [], [
760#include <sys/types.h>
761])
762
a0391976 763# Checks for libraries.
98a7c37b 764AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
765AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 766
446227d6 767dnl IRIX and Solaris 2.5.1 have dirname() in libgen
768AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
769 AC_CHECK_LIB(gen, dirname,[
770 AC_CACHE_CHECK([for broken dirname],
771 ac_cv_have_broken_dirname, [
772 save_LIBS="$LIBS"
773 LIBS="$LIBS -lgen"
b0e7249f 774 AC_RUN_IFELSE(
775 [AC_LANG_SOURCE([[
446227d6 776#include <libgen.h>
777#include <string.h>
778
779int main(int argc, char **argv) {
780 char *s, buf[32];
781
782 strncpy(buf,"/etc", 32);
783 s = dirname(buf);
784 if (!s || strncmp(s, "/", 32) != 0) {
785 exit(1);
786 } else {
787 exit(0);
788 }
789}
b0e7249f 790 ]])],
791 [ ac_cv_have_broken_dirname="no" ],
792 [ ac_cv_have_broken_dirname="yes" ],
446227d6 793 [ ac_cv_have_broken_dirname="no" ],
446227d6 794 )
795 LIBS="$save_LIBS"
796 ])
797 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
798 LIBS="$LIBS -lgen"
799 AC_DEFINE(HAVE_DIRNAME)
800 AC_CHECK_HEADERS(libgen.h)
801 fi
802 ])
803])
804
805AC_CHECK_FUNC(getspnam, ,
806 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 807AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
808 [Define if you have the basename function.]))
446227d6 809
98a7c37b 810dnl zlib is required
811AC_ARG_WITH(zlib,
812 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 813 [ if test "x$withval" = "xno" ; then
814 AC_MSG_ERROR([*** zlib is required ***])
815 elif test "x$withval" != "xyes"; then
98a7c37b 816 if test -d "$withval/lib"; then
817 if test -n "${need_dash_r}"; then
5a162955 818 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 819 else
5a162955 820 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 821 fi
822 else
823 if test -n "${need_dash_r}"; then
5a162955 824 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 825 else
5a162955 826 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 827 fi
828 fi
829 if test -d "$withval/include"; then
5a162955 830 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 831 else
5a162955 832 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 833 fi
6dd05556 834 fi ]
98a7c37b 835)
836
0a15d73b 837AC_CHECK_LIB(z, deflate, ,
838 [
839 saved_CPPFLAGS="$CPPFLAGS"
840 saved_LDFLAGS="$LDFLAGS"
841 save_LIBS="$LIBS"
842 dnl Check default zlib install dir
843 if test -n "${need_dash_r}"; then
844 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
845 else
846 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
847 fi
848 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
849 LIBS="$LIBS -lz"
850 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
851 [
852 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
853 ]
854 )
855 ]
856)
4ad65809 857AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 858
859AC_ARG_WITH(zlib-version-check,
860 [ --without-zlib-version-check Disable zlib version check],
861 [ if test "x$withval" = "xno" ; then
862 zlib_check_nonfatal=1
863 fi
864 ]
865)
866
5c7fc85d 867AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 868AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 869#include <stdio.h>
4ad65809 870#include <zlib.h>
871int main()
872{
5c7fc85d 873 int a=0, b=0, c=0, d=0, n, v;
874 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
875 if (n != 3 && n != 4)
4ad65809 876 exit(1);
5c7fc85d 877 v = a*1000000 + b*10000 + c*100 + d;
878 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
879
880 /* 1.1.4 is OK */
881 if (a == 1 && b == 1 && c >= 4)
4ad65809 882 exit(0);
5c7fc85d 883
0072b59d 884 /* 1.2.3 and up are OK */
885 if (v >= 1020300)
5c7fc85d 886 exit(0);
887
4ad65809 888 exit(2);
889}
479cece8 890 ]])],
5c7fc85d 891 AC_MSG_RESULT(no),
892 [ AC_MSG_RESULT(yes)
8068d564 893 if test -z "$zlib_check_nonfatal" ; then
894 AC_MSG_ERROR([*** zlib too old - check config.log ***
895Your reported zlib version has known security problems. It's possible your
896vendor has fixed these problems without changing the version number. If you
897are sure this is the case, you can disable the check by running
898"./configure --without-zlib-version-check".
6090bcfe 899If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 900See http://www.gzip.org/zlib/ for details.])
8068d564 901 else
902 AC_MSG_WARN([zlib version may have security problems])
903 fi
1a01a50c 904 ],
905 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 906)
48e7916f 907
2c523de9 908dnl UnixWare 2.x
aff51935 909AC_CHECK_FUNC(strcasecmp,
2c523de9 910 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
911)
23361281 912AC_CHECK_FUNCS(utimes,
cda1ebcb 913 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
914 LIBS="$LIBS -lc89"]) ]
2c523de9 915)
4cca272e 916
7c6d759d 917dnl Checks for libutil functions
918AC_CHECK_HEADERS(libutil.h)
3466e002 919AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
920 [Define if your libraries define login()])])
7c6d759d 921AC_CHECK_FUNCS(logout updwtmp logwtmp)
922
a738c3b0 923AC_FUNC_STRFTIME
924
84ceda19 925# Check for ALTDIRFUNC glob() extension
926AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
927AC_EGREP_CPP(FOUNDIT,
928 [
929 #include <glob.h>
930 #ifdef GLOB_ALTDIRFUNC
931 FOUNDIT
932 #endif
aff51935 933 ],
84ceda19 934 [
3466e002 935 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
936 [Define if your system glob() function has
937 the GLOB_ALTDIRFUNC extension])
84ceda19 938 AC_MSG_RESULT(yes)
939 ],
940 [
941 AC_MSG_RESULT(no)
942 ]
943)
4cca272e 944
40849fdb 945# Check for g.gl_matchc glob() extension
946AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 947AC_TRY_COMPILE(
13ff27b7 948 [ #include <glob.h> ],
949 [glob_t g; g.gl_matchc = 1;],
aff51935 950 [
3466e002 951 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
952 [Define if your system glob() function has
953 gl_matchc options in glob_t])
aff51935 954 AC_MSG_RESULT(yes)
955 ],
956 [
957 AC_MSG_RESULT(no)
958 ]
40849fdb 959)
960
edbe6722 961AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 962AC_RUN_IFELSE(
479cece8 963 [AC_LANG_SOURCE([[
edbe6722 964#include <sys/types.h>
965#include <dirent.h>
aec4cb4f 966int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 967 ]])],
aff51935 968 [AC_MSG_RESULT(yes)],
edbe6722 969 [
970 AC_MSG_RESULT(no)
3466e002 971 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 972 [Define if your struct dirent expects you to
3466e002 973 allocate extra space for d_name])
1a01a50c 974 ],
82f4e93d 975 [
1a01a50c 976 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
977 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 978 ]
979)
980
419e26e7 981AC_MSG_CHECKING([for /proc/pid/fd directory])
982if test -d "/proc/$$/fd" ; then
3466e002 983 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 984 AC_MSG_RESULT(yes)
985else
986 AC_MSG_RESULT(no)
987fi
988
278588d8 989# Check whether user wants S/Key support
aff51935 990SKEY_MSG="no"
278588d8 991AC_ARG_WITH(skey,
6ff3d0dc 992 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 993 [
994 if test "x$withval" != "xno" ; then
995
996 if test "x$withval" != "xyes" ; then
997 CPPFLAGS="$CPPFLAGS -I${withval}/include"
998 LDFLAGS="$LDFLAGS -L${withval}/lib"
999 fi
1000
3466e002 1001 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1002 LIBS="-lskey $LIBS"
aff51935 1003 SKEY_MSG="yes"
82f4e93d 1004
ddceb1c8 1005 AC_MSG_CHECKING([for s/key support])
b0e7249f 1006 AC_LINK_IFELSE(
1007 [AC_LANG_SOURCE([[
ddceb1c8 1008#include <stdio.h>
1009#include <skey.h>
aec4cb4f 1010int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1011 ]])],
ddceb1c8 1012 [AC_MSG_RESULT(yes)],
278588d8 1013 [
ddceb1c8 1014 AC_MSG_RESULT(no)
278588d8 1015 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1016 ])
141fc639 1017 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1018 AC_TRY_COMPILE(
1019 [#include <stdio.h>
1020 #include <skey.h>],
1021 [(void)skeychallenge(NULL,"name","",0);],
1022 [AC_MSG_RESULT(yes)
3466e002 1023 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1024 [Define if your skeychallenge()
1025 function takes 4 arguments (NetBSD)])],
141fc639 1026 [AC_MSG_RESULT(no)]
1027 )
278588d8 1028 fi
1029 ]
1030)
1031
1032# Check whether user wants TCP wrappers support
98a7c37b 1033TCPW_MSG="no"
278588d8 1034AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1035 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1036 [
1037 if test "x$withval" != "xno" ; then
1038 saved_LIBS="$LIBS"
98a7c37b 1039 saved_LDFLAGS="$LDFLAGS"
1040 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1041 if test -n "${withval}" && \
6cf0200f 1042 test "x${withval}" != "xyes"; then
98a7c37b 1043 if test -d "${withval}/lib"; then
1044 if test -n "${need_dash_r}"; then
5a162955 1045 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1046 else
5a162955 1047 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1048 fi
1049 else
1050 if test -n "${need_dash_r}"; then
5a162955 1051 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1052 else
5a162955 1053 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1054 fi
1055 fi
1056 if test -d "${withval}/include"; then
5a162955 1057 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1058 else
5a162955 1059 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1060 fi
98a7c37b 1061 fi
ddceb1c8 1062 LIBWRAP="-lwrap"
1063 LIBS="$LIBWRAP $LIBS"
278588d8 1064 AC_MSG_CHECKING(for libwrap)
1065 AC_TRY_LINK(
1066 [
77f09220 1067#include <sys/types.h>
1068#include <sys/socket.h>
1069#include <netinet/in.h>
278588d8 1070#include <tcpd.h>
1071 int deny_severity = 0, allow_severity = 0;
1072 ],
1073 [hosts_access(0);],
1074 [
1075 AC_MSG_RESULT(yes)
3466e002 1076 AC_DEFINE(LIBWRAP, 1,
1077 [Define if you want
1078 TCP Wrappers support])
ddceb1c8 1079 AC_SUBST(LIBWRAP)
98a7c37b 1080 TCPW_MSG="yes"
278588d8 1081 ],
1082 [
1083 AC_MSG_ERROR([*** libwrap missing])
1084 ]
1085 )
ddceb1c8 1086 LIBS="$saved_LIBS"
278588d8 1087 fi
1088 ]
1089)
1090
59031773 1091# Check whether user wants libedit support
1092LIBEDIT_MSG="no"
1093AC_ARG_WITH(libedit,
6ff3d0dc 1094 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1095 [ if test "x$withval" != "xno" ; then
737edf04 1096 if test "x$withval" != "xyes"; then
bb116c8e 1097 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1098 if test -n "${need_dash_r}"; then
1099 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1100 else
1101 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1102 fi
737edf04 1103 fi
59031773 1104 AC_CHECK_LIB(edit, el_init,
3466e002 1105 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1106 LIBEDIT="-ledit -lcurses"
1107 LIBEDIT_MSG="yes"
1108 AC_SUBST(LIBEDIT)
1109 ],
737edf04 1110 [ AC_MSG_ERROR(libedit not found) ],
1111 [ -lcurses ]
59031773 1112 )
f47ddccb 1113 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1114 AC_COMPILE_IFELSE(
1115 [AC_LANG_SOURCE([[
1116#include <histedit.h>
f47ddccb 1117int main(void)
1118{
1119 int i = H_SETSIZE;
1120 el_init("", NULL, NULL, NULL);
1121 exit(0);
1122}
d92622f9 1123 ]])],
f47ddccb 1124 [ AC_MSG_RESULT(yes) ],
1125 [ AC_MSG_RESULT(no)
1126 AC_MSG_ERROR(libedit version is not compatible) ]
1127 )
59031773 1128 fi ]
1129)
1130
7b578f7d 1131AUDIT_MODULE=none
1132AC_ARG_WITH(audit,
1133 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1134 [
1135 AC_MSG_CHECKING(for supported audit module)
1136 case "$withval" in
1137 bsm)
1138 AC_MSG_RESULT(bsm)
1139 AUDIT_MODULE=bsm
1140 dnl Checks for headers, libs and functions
1141 AC_CHECK_HEADERS(bsm/audit.h, [],
1142 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1143 AC_CHECK_LIB(bsm, getaudit, [],
1144 [AC_MSG_ERROR(BSM enabled and required library not found)])
1145 AC_CHECK_FUNCS(getaudit, [],
1146 [AC_MSG_ERROR(BSM enabled and required function not found)])
1147 # These are optional
7939c496 1148 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1149 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1150 ;;
1151 debug)
1152 AUDIT_MODULE=debug
1153 AC_MSG_RESULT(debug)
3466e002 1154 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1155 ;;
a2b3321d 1156 no)
d92622f9 1157 AC_MSG_RESULT(no)
a2b3321d 1158 ;;
7b578f7d 1159 *)
1160 AC_MSG_ERROR([Unknown audit module $withval])
1161 ;;
1162 esac ]
1163)
1164
19160674 1165dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1166AC_CHECK_FUNCS( \
1167 arc4random \
9a406e1e 1168 asprintf \
b04a9f8c 1169 b64_ntop \
1170 __b64_ntop \
1171 b64_pton \
1172 __b64_pton \
1173 bcopy \
1174 bindresvport_sa \
1175 clock \
1176 closefrom \
1177 dirfd \
b04a9f8c 1178 fchmod \
1179 fchown \
1180 freeaddrinfo \
1181 futimes \
1182 getaddrinfo \
1183 getcwd \
1184 getgrouplist \
1185 getnameinfo \
1186 getopt \
1187 getpeereid \
1188 _getpty \
1189 getrlimit \
1190 getttyent \
1191 glob \
1192 inet_aton \
1193 inet_ntoa \
1194 inet_ntop \
1195 innetgr \
1196 login_getcapbool \
1197 md5_crypt \
1198 memmove \
1199 mkdtemp \
1200 mmap \
1201 ngetaddrinfo \
1202 nsleep \
1203 ogetaddrinfo \
1204 openlog_r \
1205 openpty \
1206 prctl \
1207 pstat \
1208 readpassphrase \
1209 realpath \
1210 recvmsg \
1211 rresvport_af \
1212 sendmsg \
1213 setdtablesize \
1214 setegid \
1215 setenv \
1216 seteuid \
1217 setgroups \
1218 setlogin \
1219 setpcred \
1220 setproctitle \
1221 setregid \
1222 setreuid \
1223 setrlimit \
1224 setsid \
1225 setvbuf \
1226 sigaction \
1227 sigvec \
1228 snprintf \
1229 socketpair \
1230 strdup \
1231 strerror \
1232 strlcat \
1233 strlcpy \
1234 strmode \
1235 strnvis \
1236 strtonum \
1e29a0c8 1237 strtoll \
b04a9f8c 1238 strtoul \
1239 sysconf \
1240 tcgetpgrp \
1241 truncate \
1242 unsetenv \
1243 updwtmpx \
9a406e1e 1244 vasprintf \
b04a9f8c 1245 vhangup \
1246 vsnprintf \
1247 waitpid \
19160674 1248)
98a7c37b 1249
1a086f97 1250# IRIX has a const char return value for gai_strerror()
1251AC_CHECK_FUNCS(gai_strerror,[
1252 AC_DEFINE(HAVE_GAI_STRERROR)
1253 AC_TRY_COMPILE([
1254#include <sys/types.h>
1255#include <sys/socket.h>
1256#include <netdb.h>
1257
1258const char *gai_strerror(int);],[
1259char *str;
1260
1261str = gai_strerror(0);],[
1262 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1263 [Define if gai_strerror() returns const char *])])])
1264
3466e002 1265AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1266 [Some systems put nanosleep outside of libc]))
92b1decf 1267
309709db 1268dnl Make sure prototypes are defined for these before using them.
309709db 1269AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1270AC_CHECK_DECL(strsep,
1271 [AC_CHECK_FUNCS(strsep)],
1272 [],
1273 [
1274#ifdef HAVE_STRING_H
1275# include <string.h>
1276#endif
1277 ])
08412d26 1278
3490699c 1279dnl tcsendbreak might be a macro
1280AC_CHECK_DECL(tcsendbreak,
1281 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1282 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1283 [#include <termios.h>]
1284)
1285
41e0e158 1286AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1287
71f4c727 1288AC_CHECK_DECLS(SHUT_RD, , ,
1289 [
1290#include <sys/types.h>
1291#include <sys/socket.h>
1292 ])
956d6743 1293
1294AC_CHECK_DECLS(O_NONBLOCK, , ,
1295 [
1296#include <sys/types.h>
1297#ifdef HAVE_SYS_STAT_H
1298# include <sys/stat.h>
1299#endif
1300#ifdef HAVE_FCNTL_H
1301# include <fcntl.h>
1302#endif
1303 ])
1304
3f176010 1305AC_CHECK_FUNCS(setresuid, [
1306 dnl Some platorms have setresuid that isn't implemented, test for this
1307 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1308 AC_RUN_IFELSE(
1309 [AC_LANG_SOURCE([[
9a3fe0e2 1310#include <stdlib.h>
1311#include <errno.h>
1312int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1313 ]])],
3f176010 1314 [AC_MSG_RESULT(yes)],
3466e002 1315 [AC_DEFINE(BROKEN_SETRESUID, 1,
1316 [Define if your setresuid() is broken])
1a01a50c 1317 AC_MSG_RESULT(not implemented)],
1318 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1319 )
1320])
9a3fe0e2 1321
3f176010 1322AC_CHECK_FUNCS(setresgid, [
1323 dnl Some platorms have setresgid that isn't implemented, test for this
1324 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1325 AC_RUN_IFELSE(
1326 [AC_LANG_SOURCE([[
9a3fe0e2 1327#include <stdlib.h>
1328#include <errno.h>
1329int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1330 ]])],
3f176010 1331 [AC_MSG_RESULT(yes)],
3466e002 1332 [AC_DEFINE(BROKEN_SETRESGID, 1,
1333 [Define if your setresgid() is broken])
1a01a50c 1334 AC_MSG_RESULT(not implemented)],
1335 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1336 )
1337])
9a3fe0e2 1338
2e73a022 1339dnl Checks for time functions
1d7b9b20 1340AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1341dnl Checks for utmp functions
b03bd394 1342AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1343AC_CHECK_FUNCS(utmpname)
2e73a022 1344dnl Checks for utmpx functions
b03bd394 1345AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1346AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1347
aff51935 1348AC_CHECK_FUNC(daemon,
3466e002 1349 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1350 [AC_CHECK_LIB(bsd, daemon,
1351 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1352)
1353
aff51935 1354AC_CHECK_FUNC(getpagesize,
3466e002 1355 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1356 [Define if your libraries define getpagesize()])],
1357 [AC_CHECK_LIB(ucb, getpagesize,
1358 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1359)
1360
2647ae26 1361# Check for broken snprintf
1362if test "x$ac_cv_func_snprintf" = "xyes" ; then
1363 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1364 AC_RUN_IFELSE(
479cece8 1365 [AC_LANG_SOURCE([[
2647ae26 1366#include <stdio.h>
aec4cb4f 1367int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1368 ]])],
aff51935 1369 [AC_MSG_RESULT(yes)],
2647ae26 1370 [
1371 AC_MSG_RESULT(no)
3466e002 1372 AC_DEFINE(BROKEN_SNPRINTF, 1,
1373 [Define if your snprintf is busted])
2647ae26 1374 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1375 ],
1376 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1377 )
1378fi
1379
9a406e1e 1380# If we don't have a working asprintf, then we strongly depend on vsnprintf
1381# returning the right thing on overflow: the number of characters it tried to
1382# create (as per SUSv3)
1383if test "x$ac_cv_func_asprintf" != "xyes" && \
1384 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1385 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1386 AC_RUN_IFELSE(
1387 [AC_LANG_SOURCE([[
1388#include <sys/types.h>
1389#include <stdio.h>
1390#include <stdarg.h>
1391
1392int x_snprintf(char *str,size_t count,const char *fmt,...)
1393{
1394 size_t ret; va_list ap;
1395 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1396 return ret;
1397}
1398int main(void)
1399{
1400 char x[1];
1401 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1402} ]])],
1403 [AC_MSG_RESULT(yes)],
1404 [
1405 AC_MSG_RESULT(no)
1406 AC_DEFINE(BROKEN_SNPRINTF, 1,
1407 [Define if your snprintf is busted])
1408 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1409 ],
1410 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1411 )
1412fi
1413
31b0732a 1414# On systems where [v]snprintf is broken, but is declared in stdio,
1415# check that the fmt argument is const char * or just char *.
1416# This is only useful for when BROKEN_SNPRINTF
1417AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1418AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1419 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1420 int main(void) { snprintf(0, 0, 0); }
1421 ]])],
1422 [AC_MSG_RESULT(yes)
1423 AC_DEFINE(SNPRINTF_CONST, [const],
1424 [Define as const if snprintf() can declare const char *fmt])],
1425 [AC_MSG_RESULT(no)
1426 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1427
2f6f9cff 1428# Check for missing getpeereid (or equiv) support
1429NO_PEERCHECK=""
1430if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1431 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1432 AC_TRY_COMPILE(
1433 [#include <sys/types.h>
1434 #include <sys/socket.h>],
1435 [int i = SO_PEERCRED;],
62eb7db4 1436 [ AC_MSG_RESULT(yes)
3466e002 1437 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1438 ],
2f6f9cff 1439 [AC_MSG_RESULT(no)
1440 NO_PEERCHECK=1]
1441 )
1442fi
1443
70e7d0b0 1444dnl see whether mkstemp() requires XXXXXX
1445if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1446AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1447AC_RUN_IFELSE(
1448 [AC_LANG_SOURCE([[
70e7d0b0 1449#include <stdlib.h>
1450main() { char template[]="conftest.mkstemp-test";
1451if (mkstemp(template) == -1)
1452 exit(1);
1453unlink(template); exit(0);
1454}
b0e7249f 1455 ]])],
70e7d0b0 1456 [
1457 AC_MSG_RESULT(no)
1458 ],
aff51935 1459 [
70e7d0b0 1460 AC_MSG_RESULT(yes)
3466e002 1461 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1462 ],
1463 [
1464 AC_MSG_RESULT(yes)
1465 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1466 ]
70e7d0b0 1467)
1468fi
1469
eacb954e 1470dnl make sure that openpty does not reacquire controlling terminal
1471if test ! -z "$check_for_openpty_ctty_bug"; then
1472 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1473 AC_RUN_IFELSE(
1474 [AC_LANG_SOURCE([[
eacb954e 1475#include <stdio.h>
1476#include <sys/fcntl.h>
1477#include <sys/types.h>
1478#include <sys/wait.h>
1479
1480int
1481main()
1482{
1483 pid_t pid;
1484 int fd, ptyfd, ttyfd, status;
1485
1486 pid = fork();
1487 if (pid < 0) { /* failed */
1488 exit(1);
1489 } else if (pid > 0) { /* parent */
1490 waitpid(pid, &status, 0);
aff51935 1491 if (WIFEXITED(status))
eacb954e 1492 exit(WEXITSTATUS(status));
1493 else
1494 exit(2);
1495 } else { /* child */
1496 close(0); close(1); close(2);
1497 setsid();
1498 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1499 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1500 if (fd >= 0)
1501 exit(3); /* Acquired ctty: broken */
1502 else
1503 exit(0); /* Did not acquire ctty: OK */
1504 }
1505}
b0e7249f 1506 ]])],
eacb954e 1507 [
1508 AC_MSG_RESULT(yes)
1509 ],
1510 [
1511 AC_MSG_RESULT(no)
1512 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1513 ],
1514 [
1515 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1516 ]
1517 )
1518fi
1519
4b492aab 1520if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1521 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1522 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1523 AC_RUN_IFELSE(
1524 [AC_LANG_SOURCE([[
2fe51906 1525#include <stdio.h>
1526#include <sys/socket.h>
1527#include <netdb.h>
1528#include <errno.h>
1529#include <netinet/in.h>
1530
1531#define TEST_PORT "2222"
1532
1533int
1534main(void)
1535{
1536 int err, sock;
1537 struct addrinfo *gai_ai, *ai, hints;
1538 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1539
1540 memset(&hints, 0, sizeof(hints));
1541 hints.ai_family = PF_UNSPEC;
1542 hints.ai_socktype = SOCK_STREAM;
1543 hints.ai_flags = AI_PASSIVE;
1544
1545 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1546 if (err != 0) {
1547 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1548 exit(1);
1549 }
1550
1551 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1552 if (ai->ai_family != AF_INET6)
1553 continue;
1554
1555 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1556 sizeof(ntop), strport, sizeof(strport),
1557 NI_NUMERICHOST|NI_NUMERICSERV);
1558
1559 if (err != 0) {
1560 if (err == EAI_SYSTEM)
1561 perror("getnameinfo EAI_SYSTEM");
1562 else
1563 fprintf(stderr, "getnameinfo failed: %s\n",
1564 gai_strerror(err));
1565 exit(2);
1566 }
1567
1568 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1569 if (sock < 0)
1570 perror("socket");
1571 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1572 if (errno == EBADF)
1573 exit(3);
1574 }
1575 }
1576 exit(0);
1577}
b0e7249f 1578 ]])],
2fe51906 1579 [
1580 AC_MSG_RESULT(yes)
1581 ],
1582 [
1583 AC_MSG_RESULT(no)
1584 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1585 ],
1586 [
1587 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1588 ]
1589 )
1590fi
1591
4b492aab 1592if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1593 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1594 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1595 AC_RUN_IFELSE(
1596 [AC_LANG_SOURCE([[
5ccf88cb 1597#include <stdio.h>
1598#include <sys/socket.h>
1599#include <netdb.h>
1600#include <errno.h>
1601#include <netinet/in.h>
1602
1603#define TEST_PORT "2222"
1604
1605int
1606main(void)
1607{
1608 int err, sock;
1609 struct addrinfo *gai_ai, *ai, hints;
1610 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1611
1612 memset(&hints, 0, sizeof(hints));
1613 hints.ai_family = PF_UNSPEC;
1614 hints.ai_socktype = SOCK_STREAM;
1615 hints.ai_flags = AI_PASSIVE;
1616
1617 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1618 if (err != 0) {
1619 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1620 exit(1);
1621 }
1622
1623 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1624 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1625 continue;
1626
1627 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1628 sizeof(ntop), strport, sizeof(strport),
1629 NI_NUMERICHOST|NI_NUMERICSERV);
1630
1631 if (ai->ai_family == AF_INET && err != 0) {
1632 perror("getnameinfo");
1633 exit(2);
1634 }
1635 }
1636 exit(0);
1637}
b0e7249f 1638 ]])],
5ccf88cb 1639 [
1640 AC_MSG_RESULT(yes)
3466e002 1641 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1642 [Define if you have a getaddrinfo that fails
1643 for the all-zeros IPv6 address])
5ccf88cb 1644 ],
1645 [
1646 AC_MSG_RESULT(no)
1647 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1648 ],
ecd9ec09 1649 [
b0e7249f 1650 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1651 ]
1652 )
1653fi
1654
b29fd59f 1655if test "x$check_for_conflicting_getspnam" = "x1"; then
1656 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1657 AC_COMPILE_IFELSE(
1658 [
1659#include <shadow.h>
1660int main(void) {exit(0);}
1661 ],
1662 [
1663 AC_MSG_RESULT(no)
1664 ],
1665 [
1666 AC_MSG_RESULT(yes)
1667 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1668 [Conflicting defs for getspnam])
1669 ]
1670 )
1671fi
1672
7f8f5e00 1673AC_FUNC_GETPGRP
1674
717057b6 1675# Check for PAM libs
cbd7492e 1676PAM_MSG="no"
a0391976 1677AC_ARG_WITH(pam,
717057b6 1678 [ --with-pam Enable PAM support ],
a0391976 1679 [
717057b6 1680 if test "x$withval" != "xno" ; then
2511d104 1681 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1682 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1683 AC_MSG_ERROR([PAM headers not found])
1684 fi
a0391976 1685
717057b6 1686 AC_CHECK_LIB(dl, dlopen, , )
1687 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1688 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1689 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1690
717057b6 1691 PAM_MSG="yes"
4cb5ffa0 1692
3466e002 1693 AC_DEFINE(USE_PAM, 1,
1694 [Define if you want to enable PAM support])
98f2d9d5 1695 if test $ac_cv_lib_dl_dlopen = yes; then
1696 LIBPAM="-lpam -ldl"
1697 else
1698 LIBPAM="-lpam"
1699 fi
1700 AC_SUBST(LIBPAM)
717057b6 1701 fi
1702 ]
1703)
cbd7492e 1704
717057b6 1705# Check for older PAM
1706if test "x$PAM_MSG" = "xyes" ; then
a0391976 1707 # Check PAM strerror arguments (old PAM)
1708 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1709 AC_TRY_COMPILE(
1710 [
18ba2aab 1711#include <stdlib.h>
2511d104 1712#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1713#include <security/pam_appl.h>
2511d104 1714#elif defined (HAVE_PAM_PAM_APPL_H)
1715#include <pam/pam_appl.h>
1716#endif
aff51935 1717 ],
1718 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1719 [AC_MSG_RESULT(no)],
1720 [
3466e002 1721 AC_DEFINE(HAVE_OLD_PAM, 1,
1722 [Define if you have an old version of PAM
1723 which takes only one argument to pam_strerror])
a0391976 1724 AC_MSG_RESULT(yes)
cbd7492e 1725 PAM_MSG="yes (old library)"
a0391976 1726 ]
717057b6 1727 )
a0391976 1728fi
1729
5b991353 1730# Search for OpenSSL
1731saved_CPPFLAGS="$CPPFLAGS"
1732saved_LDFLAGS="$LDFLAGS"
a0391976 1733AC_ARG_WITH(ssl-dir,
1734 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1735 [
e9e4a1c7 1736 if test "x$withval" != "xno" ; then
99eb0f64 1737 case "$withval" in
1738 # Relative paths
1739 ./*|../*) withval="`pwd`/$withval"
1740 esac
5b991353 1741 if test -d "$withval/lib"; then
1742 if test -n "${need_dash_r}"; then
1743 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1744 else
1745 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1746 fi
1747 else
5b991353 1748 if test -n "${need_dash_r}"; then
1749 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1750 else
1751 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1752 fi
1753 fi
5b991353 1754 if test -d "$withval/include"; then
1755 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1756 else
5b991353 1757 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1758 fi
a0391976 1759 fi
5b991353 1760 ]
1761)
5486a457 1762LIBS="-lcrypto $LIBS"
3466e002 1763AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1764 [Define if your ssl headers are included
1765 with #include <openssl/header.h>]),
d45e3d76 1766 [
5b991353 1767 dnl Check default openssl install dir
1768 if test -n "${need_dash_r}"; then
1769 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1770 else
5b991353 1771 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1772 fi
5b991353 1773 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1774 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1775 [
1776 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1777 ]
1778 )
1779 ]
1780)
1781
cd018561 1782# Determine OpenSSL header version
1783AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1784AC_RUN_IFELSE(
479cece8 1785 [AC_LANG_SOURCE([[
cd018561 1786#include <stdio.h>
1787#include <string.h>
1788#include <openssl/opensslv.h>
1789#define DATA "conftest.sslincver"
1790int main(void) {
aff51935 1791 FILE *fd;
1792 int rc;
cd018561 1793
aff51935 1794 fd = fopen(DATA,"w");
1795 if(fd == NULL)
1796 exit(1);
cd018561 1797
1798 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1799 exit(1);
1800
1801 exit(0);
1802}
479cece8 1803 ]])],
cd018561 1804 [
1805 ssl_header_ver=`cat conftest.sslincver`
1806 AC_MSG_RESULT($ssl_header_ver)
1807 ],
1808 [
1809 AC_MSG_RESULT(not found)
1810 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1811 ],
1812 [
1813 AC_MSG_WARN([cross compiling: not checking])
cd018561 1814 ]
1815)
1816
1817# Determine OpenSSL library version
1818AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1819AC_RUN_IFELSE(
479cece8 1820 [AC_LANG_SOURCE([[
cd018561 1821#include <stdio.h>
1822#include <string.h>
1823#include <openssl/opensslv.h>
1824#include <openssl/crypto.h>
1825#define DATA "conftest.ssllibver"
1826int main(void) {
aff51935 1827 FILE *fd;
1828 int rc;
cd018561 1829
aff51935 1830 fd = fopen(DATA,"w");
1831 if(fd == NULL)
1832 exit(1);
cd018561 1833
1834 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1835 exit(1);
1836
1837 exit(0);
1838}
479cece8 1839 ]])],
cd018561 1840 [
1841 ssl_library_ver=`cat conftest.ssllibver`
1842 AC_MSG_RESULT($ssl_library_ver)
1843 ],
1844 [
1845 AC_MSG_RESULT(not found)
1846 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1847 ],
1848 [
1849 AC_MSG_WARN([cross compiling: not checking])
cd018561 1850 ]
1851)
58d100bf 1852
9780116c 1853# Sanity check OpenSSL headers
1854AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1855AC_RUN_IFELSE(
479cece8 1856 [AC_LANG_SOURCE([[
9780116c 1857#include <string.h>
1858#include <openssl/opensslv.h>
aec4cb4f 1859int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1860 ]])],
9780116c 1861 [
1862 AC_MSG_RESULT(yes)
1863 ],
1864 [
1865 AC_MSG_RESULT(no)
e15ba28b 1866 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1867Check config.log for details.
1868Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1869 ],
1870 [
1871 AC_MSG_WARN([cross compiling: not checking])
9780116c 1872 ]
1873)
1874
c7ad0d99 1875AC_ARG_WITH(ssl-engine,
1876 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1877 [ if test "x$withval" != "xno" ; then
1878 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1879 AC_TRY_COMPILE(
1880 [ #include <openssl/engine.h>],
1881 [
1882int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1883 ],
1884 [ AC_MSG_RESULT(yes)
1885 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1886 [Enable OpenSSL engine support])
1887 ],
1888 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1889 )
1890 fi ]
1891)
1892
e5146707 1893# Check for OpenSSL without EVP_aes_{192,256}_cbc
1894AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
1895AC_COMPILE_IFELSE(
1896 [AC_LANG_SOURCE([[
1897#include <string.h>
1898#include <openssl/evp.h>
300ea548 1899int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1900 ]])],
1901 [
1902 AC_MSG_RESULT(no)
1903 ],
1904 [
1905 AC_MSG_RESULT(yes)
1906 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1907 [libcrypto is missing AES 192 and 256 bit functions])
1908 ]
1909)
1910
5486a457 1911# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1912# because the system crypt() is more featureful.
1913if test "x$check_for_libcrypt_before" = "x1"; then
1914 AC_CHECK_LIB(crypt, crypt)
1915fi
1916
aff51935 1917# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1918# version in OpenSSL.
05114c74 1919if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1920 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1921fi
1922
13ff27b7 1923# Search for SHA256 support in libc and/or OpenSSL
1924AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1925
4c653d8e 1926AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1927
1928### Configure cryptographic random number support
1929
1930# Check wheter OpenSSL seeds itself
1931AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1932AC_RUN_IFELSE(
479cece8 1933 [AC_LANG_SOURCE([[
f1b0ecc3 1934#include <string.h>
1935#include <openssl/rand.h>
aec4cb4f 1936int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1937 ]])],
f1b0ecc3 1938 [
1939 OPENSSL_SEEDS_ITSELF=yes
1940 AC_MSG_RESULT(yes)
1941 ],
1942 [
1943 AC_MSG_RESULT(no)
1944 # Default to use of the rand helper if OpenSSL doesn't
1945 # seed itself
1946 USE_RAND_HELPER=yes
1a01a50c 1947 ],
1948 [
1949 AC_MSG_WARN([cross compiling: assuming yes])
1950 # This is safe, since all recent OpenSSL versions will
82f4e93d 1951 # complain at runtime if not seeded correctly.
1a01a50c 1952 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1953 ]
1954)
1955
1956
1957# Do we want to force the use of the rand helper?
1958AC_ARG_WITH(rand-helper,
1959 [ --with-rand-helper Use subprocess to gather strong randomness ],
1960 [
1961 if test "x$withval" = "xno" ; then
aff51935 1962 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1963 # the previous test showed it to be unseeded.
1964 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1965 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1966 OPENSSL_SEEDS_ITSELF=yes
1967 USE_RAND_HELPER=""
1968 fi
1969 else
1970 USE_RAND_HELPER=yes
1971 fi
1972 ],
82f4e93d 1973)
f1b0ecc3 1974
1975# Which randomness source do we use?
4b492aab 1976if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1977 # OpenSSL only
3466e002 1978 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
1979 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 1980 RAND_MSG="OpenSSL internal ONLY"
1981 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1982elif test ! -z "$USE_RAND_HELPER" ; then
1983 # install rand helper
f1b0ecc3 1984 RAND_MSG="ssh-rand-helper"
1985 INSTALL_SSH_RAND_HELPER="yes"
1986fi
1987AC_SUBST(INSTALL_SSH_RAND_HELPER)
1988
1989### Configuration of ssh-rand-helper
1990
1991# PRNGD TCP socket
1992AC_ARG_WITH(prngd-port,
1993 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1994 [
eb5d7ff6 1995 case "$withval" in
1996 no)
1997 withval=""
1998 ;;
1999 [[0-9]]*)
2000 ;;
2001 *)
2002 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2003 ;;
2004 esac
2005 if test ! -z "$withval" ; then
f1b0ecc3 2006 PRNGD_PORT="$withval"
3466e002 2007 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2008 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2009 fi
2010 ]
2011)
2012
2013# PRNGD Unix domain socket
2014AC_ARG_WITH(prngd-socket,
2015 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2016 [
eb5d7ff6 2017 case "$withval" in
2018 yes)
f1b0ecc3 2019 withval="/var/run/egd-pool"
eb5d7ff6 2020 ;;
2021 no)
2022 withval=""
2023 ;;
2024 /*)
2025 ;;
2026 *)
2027 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2028 ;;
2029 esac
2030
2031 if test ! -z "$withval" ; then
f1b0ecc3 2032 if test ! -z "$PRNGD_PORT" ; then
2033 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2034 fi
906e811b 2035 if test ! -r "$withval" ; then
f1b0ecc3 2036 AC_MSG_WARN(Entropy socket is not readable)
2037 fi
2038 PRNGD_SOCKET="$withval"
3466e002 2039 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2040 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2041 fi
ddceb1c8 2042 ],
2043 [
2044 # Check for existing socket only if we don't have a random device already
2045 if test "$USE_RAND_HELPER" = yes ; then
2046 AC_MSG_CHECKING(for PRNGD/EGD socket)
2047 # Insert other locations here
2048 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2049 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2050 PRNGD_SOCKET="$sock"
2051 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2052 break;
2053 fi
2054 done
2055 if test ! -z "$PRNGD_SOCKET" ; then
2056 AC_MSG_RESULT($PRNGD_SOCKET)
2057 else
2058 AC_MSG_RESULT(not found)
2059 fi
2060 fi
f1b0ecc3 2061 ]
2062)
2063
2064# Change default command timeout for hashing entropy source
2065entropy_timeout=200
2066AC_ARG_WITH(entropy-timeout,
2067 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2068 [
6cf0200f 2069 if test -n "$withval" && test "x$withval" != "xno" && \
2070 test "x${withval}" != "xyes"; then
f1b0ecc3 2071 entropy_timeout=$withval
2072 fi
82f4e93d 2073 ]
f1b0ecc3 2074)
3466e002 2075AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2076 [Builtin PRNG command timeout])
f1b0ecc3 2077
fd3cbf67 2078SSH_PRIVSEP_USER=sshd
9a0fbcb3 2079AC_ARG_WITH(privsep-user,
5222e7ef 2080 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2081 [
6cf0200f 2082 if test -n "$withval" && test "x$withval" != "xno" && \
2083 test "x${withval}" != "xyes"; then
fd3cbf67 2084 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2085 fi
82f4e93d 2086 ]
9a0fbcb3 2087)
3466e002 2088AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2089 [non-privileged user for privilege separation])
fd3cbf67 2090AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2091
81dadca3 2092# We do this little dance with the search path to insure
2093# that programs that we select for use by installed programs
2094# (which may be run by the super-user) come from trusted
2095# locations before they come from the user's private area.
2096# This should help avoid accidentally configuring some
2097# random version of a program in someone's personal bin.
2098
2099OPATH=$PATH
2100PATH=/bin:/usr/bin
f95c8ce8 2101test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2102test -d /sbin && PATH=$PATH:/sbin
2103test -d /usr/sbin && PATH=$PATH:/usr/sbin
2104PATH=$PATH:/etc:$OPATH
2105
aff51935 2106# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2107OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2108OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2109OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2110OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2111OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2112OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2113OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2114OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2115OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2116OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2117OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2118OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2119OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2120OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2121OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2122OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2123# restore PATH
2124PATH=$OPATH
f1b0ecc3 2125
2126# Where does ssh-rand-helper get its randomness from?
2127INSTALL_SSH_PRNG_CMDS=""
2128if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2129 if test ! -z "$PRNGD_PORT" ; then
2130 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2131 elif test ! -z "$PRNGD_SOCKET" ; then
2132 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2133 else
2134 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2135 RAND_HELPER_CMDHASH=yes
2136 INSTALL_SSH_PRNG_CMDS="yes"
2137 fi
2138fi
2139AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2140
2141
66d6c27e 2142# Cheap hack to ensure NEWS-OS libraries are arranged right.
2143if test ! -z "$SONY" ; then
2144 LIBS="$LIBS -liberty";
2145fi
2146
9a406e1e 2147# Check for long long datatypes
2148AC_CHECK_TYPES([long long, unsigned long long, long double])
2149
2150# Check datatype sizes
976f7e19 2151AC_CHECK_SIZEOF(char, 1)
2b942fe0 2152AC_CHECK_SIZEOF(short int, 2)
2153AC_CHECK_SIZEOF(int, 4)
2154AC_CHECK_SIZEOF(long int, 4)
2155AC_CHECK_SIZEOF(long long int, 8)
2156
52f1ccb2 2157# Sanity check long long for some platforms (AIX)
2158if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2159 ac_cv_sizeof_long_long_int=0
2160fi
2161
90f15776 2162# compute LLONG_MIN and LLONG_MAX if we don't know them.
2163if test -z "$have_llong_max"; then
2164 AC_MSG_CHECKING([for max value of long long])
2165 AC_RUN_IFELSE(
2166 [AC_LANG_SOURCE([[
2167#include <stdio.h>
2168/* Why is this so damn hard? */
2169#ifdef __GNUC__
2170# undef __GNUC__
2171#endif
2172#define __USE_ISOC99
2173#include <limits.h>
2174#define DATA "conftest.llminmax"
055252ed 2175#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2176
2177/*
2178 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2179 * we do this the hard way.
2180 */
2181static int
2182fprint_ll(FILE *f, long long n)
2183{
2184 unsigned int i;
2185 int l[sizeof(long long) * 8];
2186
2187 if (n < 0)
2188 if (fprintf(f, "-") < 0)
2189 return -1;
2190 for (i = 0; n != 0; i++) {
2191 l[i] = my_abs(n % 10);
2192 n /= 10;
2193 }
2194 do {
2195 if (fprintf(f, "%d", l[--i]) < 0)
2196 return -1;
2197 } while (i != 0);
2198 if (fprintf(f, " ") < 0)
2199 return -1;
2200 return 0;
2201}
2202
90f15776 2203int main(void) {
2204 FILE *f;
2205 long long i, llmin, llmax = 0;
2206
2207 if((f = fopen(DATA,"w")) == NULL)
2208 exit(1);
2209
2210#if defined(LLONG_MIN) && defined(LLONG_MAX)
2211 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2212 llmin = LLONG_MIN;
2213 llmax = LLONG_MAX;
2214#else
2215 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2216 /* This will work on one's complement and two's complement */
2217 for (i = 1; i > llmax; i <<= 1, i++)
2218 llmax = i;
2219 llmin = llmax + 1LL; /* wrap */
2220#endif
2221
2222 /* Sanity check */
2223 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2224 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2225 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2226 fprintf(f, "unknown unknown\n");
2227 exit(2);
2228 }
2229
055252ed 2230 if (fprint_ll(f, llmin) < 0)
90f15776 2231 exit(3);
055252ed 2232 if (fprint_ll(f, llmax) < 0)
2233 exit(4);
2234 if (fclose(f) < 0)
2235 exit(5);
90f15776 2236 exit(0);
2237}
2238 ]])],
2239 [
2240 llong_min=`$AWK '{print $1}' conftest.llminmax`
2241 llong_max=`$AWK '{print $2}' conftest.llminmax`
2242
90f15776 2243 AC_MSG_RESULT($llong_max)
2244 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2245 [max value of long long calculated by configure])
2246 AC_MSG_CHECKING([for min value of long long])
2247 AC_MSG_RESULT($llong_min)
2248 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2249 [min value of long long calculated by configure])
2250 ],
2251 [
2252 AC_MSG_RESULT(not found)
2253 ],
2254 [
2255 AC_MSG_WARN([cross compiling: not checking])
2256 ]
2257 )
2258fi
2259
2260
a0391976 2261# More checks for data types
14a9a859 2262AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2263 AC_TRY_COMPILE(
aff51935 2264 [ #include <sys/types.h> ],
2265 [ u_int a; a = 1;],
14a9a859 2266 [ ac_cv_have_u_int="yes" ],
2267 [ ac_cv_have_u_int="no" ]
2268 )
2269])
2270if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2271 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2272 have_u_int=1
2273fi
2274
58d100bf 2275AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2276 AC_TRY_COMPILE(
aff51935 2277 [ #include <sys/types.h> ],
2278 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2279 [ ac_cv_have_intxx_t="yes" ],
2280 [ ac_cv_have_intxx_t="no" ]
2281 )
2282])
2283if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2284 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2285 have_intxx_t=1
2286fi
41cb4569 2287
2288if (test -z "$have_intxx_t" && \
aff51935 2289 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2290then
2291 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2292 AC_TRY_COMPILE(
aff51935 2293 [ #include <stdint.h> ],
2294 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2295 [
2296 AC_DEFINE(HAVE_INTXX_T)
2297 AC_MSG_RESULT(yes)
2298 ],
2299 [ AC_MSG_RESULT(no) ]
2300 )
2301fi
2302
bd590612 2303AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2304 AC_TRY_COMPILE(
1cbbe6c8 2305 [
2306#include <sys/types.h>
2307#ifdef HAVE_STDINT_H
2308# include <stdint.h>
2309#endif
2310#include <sys/socket.h>
2311#ifdef HAVE_SYS_BITYPES_H
2312# include <sys/bitypes.h>
2313#endif
aff51935 2314 ],
2315 [ int64_t a; a = 1;],
bd590612 2316 [ ac_cv_have_int64_t="yes" ],
2317 [ ac_cv_have_int64_t="no" ]
2318 )
2319])
2320if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2321 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2322fi
2323
58d100bf 2324AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2325 AC_TRY_COMPILE(
aff51935 2326 [ #include <sys/types.h> ],
2327 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2328 [ ac_cv_have_u_intxx_t="yes" ],
2329 [ ac_cv_have_u_intxx_t="no" ]
2330 )
2331])
2332if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2333 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2334 have_u_intxx_t=1
2335fi
2b942fe0 2336
41cb4569 2337if test -z "$have_u_intxx_t" ; then
2338 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2339 AC_TRY_COMPILE(
aff51935 2340 [ #include <sys/socket.h> ],
2341 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2342 [
2343 AC_DEFINE(HAVE_U_INTXX_T)
2344 AC_MSG_RESULT(yes)
2345 ],
2346 [ AC_MSG_RESULT(no) ]
2347 )
2348fi
2349
bd590612 2350AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2351 AC_TRY_COMPILE(
aff51935 2352 [ #include <sys/types.h> ],
2353 [ u_int64_t a; a = 1;],
bd590612 2354 [ ac_cv_have_u_int64_t="yes" ],
2355 [ ac_cv_have_u_int64_t="no" ]
2356 )
2357])
2358if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2359 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2360 have_u_int64_t=1
2361fi
2362
ddceb1c8 2363if test -z "$have_u_int64_t" ; then
2364 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2365 AC_TRY_COMPILE(
aff51935 2366 [ #include <sys/bitypes.h> ],
ddceb1c8 2367 [ u_int64_t a; a = 1],
2368 [
2369 AC_DEFINE(HAVE_U_INT64_T)
2370 AC_MSG_RESULT(yes)
2371 ],
2372 [ AC_MSG_RESULT(no) ]
2373 )
2374fi
2375
41cb4569 2376if test -z "$have_u_intxx_t" ; then
2377 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2378 AC_TRY_COMPILE(
2379 [
2380#include <sys/types.h>
aff51935 2381 ],
2382 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2383 [ ac_cv_have_uintxx_t="yes" ],
2384 [ ac_cv_have_uintxx_t="no" ]
2385 )
2386 ])
2387 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2388 AC_DEFINE(HAVE_UINTXX_T, 1,
2389 [define if you have uintxx_t data type])
41cb4569 2390 fi
2391fi
2392
2393if test -z "$have_uintxx_t" ; then
2394 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2395 AC_TRY_COMPILE(
aff51935 2396 [ #include <stdint.h> ],
2397 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2398 [
2399 AC_DEFINE(HAVE_UINTXX_T)
2400 AC_MSG_RESULT(yes)
2401 ],
2402 [ AC_MSG_RESULT(no) ]
2403 )
2404fi
2405
e5fe9a1f 2406if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2407 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2408then
2409 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2410 AC_TRY_COMPILE(
58d100bf 2411 [
2412#include <sys/bitypes.h>
aff51935 2413 ],
5cdfe03f 2414 [
837c30b8 2415 int8_t a; int16_t b; int32_t c;
2416 u_int8_t e; u_int16_t f; u_int32_t g;
2417 a = b = c = e = f = g = 1;
aff51935 2418 ],
5cdfe03f 2419 [
2420 AC_DEFINE(HAVE_U_INTXX_T)
2421 AC_DEFINE(HAVE_INTXX_T)
2422 AC_MSG_RESULT(yes)
2423 ],
2424 [AC_MSG_RESULT(no)]
aff51935 2425 )
5cdfe03f 2426fi
2427
0362750e 2428
2429AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2430 AC_TRY_COMPILE(
2431 [
2432#include <sys/types.h>
2433 ],
2434 [ u_char foo; foo = 125; ],
2435 [ ac_cv_have_u_char="yes" ],
2436 [ ac_cv_have_u_char="no" ]
2437 )
2438])
2439if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2440 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2441fi
2442
98a7c37b 2443TYPE_SOCKLEN_T
2b942fe0 2444
2d16d9a3 2445AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2446
777ece68 2447AC_CHECK_TYPES(in_addr_t,,,
2448[#include <sys/types.h>
2449#include <netinet/in.h>])
7b578f7d 2450
58d100bf 2451AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2452 AC_TRY_COMPILE(
2453 [
18ba2aab 2454#include <sys/types.h>
58d100bf 2455 ],
2456 [ size_t foo; foo = 1235; ],
2457 [ ac_cv_have_size_t="yes" ],
2458 [ ac_cv_have_size_t="no" ]
2459 )
2460])
2461if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2462 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2463fi
ea1970a3 2464
c04f75f1 2465AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2466 AC_TRY_COMPILE(
2467 [
2468#include <sys/types.h>
2469 ],
2470 [ ssize_t foo; foo = 1235; ],
2471 [ ac_cv_have_ssize_t="yes" ],
2472 [ ac_cv_have_ssize_t="no" ]
2473 )
2474])
2475if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2476 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2477fi
2478
f1c4659d 2479AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2480 AC_TRY_COMPILE(
2481 [
2482#include <time.h>
2483 ],
2484 [ clock_t foo; foo = 1235; ],
2485 [ ac_cv_have_clock_t="yes" ],
2486 [ ac_cv_have_clock_t="no" ]
2487 )
2488])
2489if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2490 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2491fi
2492
1c04b088 2493AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2494 AC_TRY_COMPILE(
2495 [
2496#include <sys/types.h>
2497#include <sys/socket.h>
2498 ],
2499 [ sa_family_t foo; foo = 1235; ],
2500 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2501 [ AC_TRY_COMPILE(
2502 [
2503#include <sys/types.h>
2504#include <sys/socket.h>
2505#include <netinet/in.h>
2506 ],
2507 [ sa_family_t foo; foo = 1235; ],
2508 [ ac_cv_have_sa_family_t="yes" ],
2509
1c04b088 2510 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2511 )]
1c04b088 2512 )
2513])
2514if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2515 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2516 [define if you have sa_family_t data type])
1c04b088 2517fi
2518
729bfe59 2519AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2520 AC_TRY_COMPILE(
2521 [
2522#include <sys/types.h>
2523 ],
2524 [ pid_t foo; foo = 1235; ],
2525 [ ac_cv_have_pid_t="yes" ],
2526 [ ac_cv_have_pid_t="no" ]
2527 )
2528])
2529if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2530 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2531fi
2532
2533AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2534 AC_TRY_COMPILE(
2535 [
2536#include <sys/types.h>
2537 ],
2538 [ mode_t foo; foo = 1235; ],
2539 [ ac_cv_have_mode_t="yes" ],
2540 [ ac_cv_have_mode_t="no" ]
2541 )
2542])
2543if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2544 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2545fi
2546
e3a93db0 2547
58d100bf 2548AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2549 AC_TRY_COMPILE(
2550 [
18ba2aab 2551#include <sys/types.h>
2552#include <sys/socket.h>
58d100bf 2553 ],
2554 [ struct sockaddr_storage s; ],
2555 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2556 [ ac_cv_have_struct_sockaddr_storage="no" ]
2557 )
2558])
2559if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2560 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2561 [define if you have struct sockaddr_storage data type])
58d100bf 2562fi
48e671d5 2563
58d100bf 2564AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2565 AC_TRY_COMPILE(
2566 [
cbd7492e 2567#include <sys/types.h>
58d100bf 2568#include <netinet/in.h>
2569 ],
2570 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2571 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2572 [ ac_cv_have_struct_sockaddr_in6="no" ]
2573 )
2574])
2575if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2576 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2577 [define if you have struct sockaddr_in6 data type])
58d100bf 2578fi
48e671d5 2579
58d100bf 2580AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2581 AC_TRY_COMPILE(
2582 [
cbd7492e 2583#include <sys/types.h>
58d100bf 2584#include <netinet/in.h>
2585 ],
2586 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2587 [ ac_cv_have_struct_in6_addr="yes" ],
2588 [ ac_cv_have_struct_in6_addr="no" ]
2589 )
2590])
2591if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2592 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2593 [define if you have struct in6_addr data type])
58d100bf 2594fi
48e671d5 2595
58d100bf 2596AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2597 AC_TRY_COMPILE(
2598 [
18ba2aab 2599#include <sys/types.h>
2600#include <sys/socket.h>
2601#include <netdb.h>
58d100bf 2602 ],
2603 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2604 [ ac_cv_have_struct_addrinfo="yes" ],
2605 [ ac_cv_have_struct_addrinfo="no" ]
2606 )
2607])
2608if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2609 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2610 [define if you have struct addrinfo data type])
58d100bf 2611fi
2612
89c7e31c 2613AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2614 AC_TRY_COMPILE(
aff51935 2615 [ #include <sys/time.h> ],
2616 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2617 [ ac_cv_have_struct_timeval="yes" ],
2618 [ ac_cv_have_struct_timeval="no" ]
2619 )
2620])
2621if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2622 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2623 have_struct_timeval=1
2624fi
2625
5271b55c 2626AC_CHECK_TYPES(struct timespec)
2627
85abc74b 2628# We need int64_t or else certian parts of the compile will fail.
4b492aab 2629if test "x$ac_cv_have_int64_t" = "xno" && \
2630 test "x$ac_cv_sizeof_long_int" != "x8" && \
2631 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2632 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2633 echo "an alternative compiler (I.E., GCC) before continuing."
2634 echo ""
2635 exit 1;
733cf7f4 2636else
2637dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2638 AC_RUN_IFELSE(
479cece8 2639 [AC_LANG_SOURCE([[
733cf7f4 2640#include <stdio.h>
2641#include <string.h>
2642#ifdef HAVE_SNPRINTF
2643main()
2644{
2645 char buf[50];
2646 char expected_out[50];
2647 int mazsize = 50 ;
2648#if (SIZEOF_LONG_INT == 8)
2649 long int num = 0x7fffffffffffffff;
2650#else
763a1a18 2651 long long num = 0x7fffffffffffffffll;
733cf7f4 2652#endif
2653 strcpy(expected_out, "9223372036854775807");
2654 snprintf(buf, mazsize, "%lld", num);
2655 if(strcmp(buf, expected_out) != 0)
aff51935 2656 exit(1);
733cf7f4 2657 exit(0);
2658}
2659#else
2660main() { exit(0); }
2661#endif
479cece8 2662 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2663 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2664 )
2c523de9 2665fi
2666
77bb0bca 2667dnl Checks for structure members
58d100bf 2668OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2669OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2670OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2671OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2672OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2673OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2674OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2675OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2676OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2677OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2678OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2679OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2680OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2681OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2682OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2683OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2684OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2685
2686AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2687AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2688 [Define if we don't have struct __res_state in resolv.h])],
2689[
2690#include <stdio.h>
2691#if HAVE_SYS_TYPES_H
2692# include <sys/types.h>
2693#endif
2694#include <netinet/in.h>
2695#include <arpa/nameser.h>
2696#include <resolv.h>
2697])
1d7b9b20 2698
58d100bf 2699AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2700 ac_cv_have_ss_family_in_struct_ss, [
2701 AC_TRY_COMPILE(
2702 [
18ba2aab 2703#include <sys/types.h>
2704#include <sys/socket.h>
58d100bf 2705 ],
2706 [ struct sockaddr_storage s; s.ss_family = 1; ],
2707 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2708 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2709 )
2710])
2711if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2712 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2713fi
2714
58d100bf 2715AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2716 ac_cv_have___ss_family_in_struct_ss, [
2717 AC_TRY_COMPILE(
2718 [
18ba2aab 2719#include <sys/types.h>
2720#include <sys/socket.h>
58d100bf 2721 ],
2722 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2723 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2724 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2725 )
2726])
2727if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2728 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2729 [Fields in struct sockaddr_storage])
58d100bf 2730fi
2731
2e73a022 2732AC_CACHE_CHECK([for pw_class field in struct passwd],
2733 ac_cv_have_pw_class_in_struct_passwd, [
2734 AC_TRY_COMPILE(
2735 [
2e73a022 2736#include <pwd.h>
2737 ],
97994d32 2738 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2739 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2740 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2741 )
2742])
2743if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2744 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2745 [Define if your password has a pw_class field])
2e73a022 2746fi
2747
7751d4eb 2748AC_CACHE_CHECK([for pw_expire field in struct passwd],
2749 ac_cv_have_pw_expire_in_struct_passwd, [
2750 AC_TRY_COMPILE(
2751 [
2752#include <pwd.h>
2753 ],
2754 [ struct passwd p; p.pw_expire = 0; ],
2755 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2756 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2757 )
2758])
2759if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2760 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2761 [Define if your password has a pw_expire field])
7751d4eb 2762fi
2763
2764AC_CACHE_CHECK([for pw_change field in struct passwd],
2765 ac_cv_have_pw_change_in_struct_passwd, [
2766 AC_TRY_COMPILE(
2767 [
2768#include <pwd.h>
2769 ],
2770 [ struct passwd p; p.pw_change = 0; ],
2771 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2772 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2773 )
2774])
2775if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2776 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2777 [Define if your password has a pw_change field])
7751d4eb 2778fi
58d100bf 2779
637f9177 2780dnl make sure we're using the real structure members and not defines
6f34652e 2781AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2782 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2783 AC_COMPILE_IFELSE(
6f34652e 2784 [
f95c8ce8 2785#include <sys/types.h>
6f34652e 2786#include <sys/socket.h>
2787#include <sys/uio.h>
637f9177 2788int main() {
2789#ifdef msg_accrights
1a01a50c 2790#error "msg_accrights is a macro"
637f9177 2791exit(1);
2792#endif
2793struct msghdr m;
2794m.msg_accrights = 0;
2795exit(0);
2796}
6f34652e 2797 ],
6f34652e 2798 [ ac_cv_have_accrights_in_msghdr="yes" ],
2799 [ ac_cv_have_accrights_in_msghdr="no" ]
2800 )
2801])
2802if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2803 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2804 [Define if your system uses access rights style
2805 file descriptor passing])
6f34652e 2806fi
2807
7176df4f 2808AC_CACHE_CHECK([for msg_control field in struct msghdr],
2809 ac_cv_have_control_in_msghdr, [
1a01a50c 2810 AC_COMPILE_IFELSE(
7176df4f 2811 [
f95c8ce8 2812#include <sys/types.h>
7176df4f 2813#include <sys/socket.h>
2814#include <sys/uio.h>
637f9177 2815int main() {
2816#ifdef msg_control
1a01a50c 2817#error "msg_control is a macro"
637f9177 2818exit(1);
2819#endif
2820struct msghdr m;
2821m.msg_control = 0;
2822exit(0);
2823}
7176df4f 2824 ],
7176df4f 2825 [ ac_cv_have_control_in_msghdr="yes" ],
2826 [ ac_cv_have_control_in_msghdr="no" ]
2827 )
2828])
2829if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2830 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2831 [Define if your system uses ancillary data style
2832 file descriptor passing])
7176df4f 2833fi
2834
58d100bf 2835AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2836 AC_TRY_LINK([],
2837 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2838 [ ac_cv_libc_defines___progname="yes" ],
2839 [ ac_cv_libc_defines___progname="no" ]
2840 )
2841])
2842if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2843 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2844fi
8946db53 2845
c921ee00 2846AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2847 AC_TRY_LINK([
2848#include <stdio.h>
aff51935 2849],
2850 [ printf("%s", __FUNCTION__); ],
c921ee00 2851 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2852 [ ac_cv_cc_implements___FUNCTION__="no" ]
2853 )
2854])
2855if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2856 AC_DEFINE(HAVE___FUNCTION__, 1,
2857 [Define if compiler implements __FUNCTION__])
c921ee00 2858fi
2859
2860AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2861 AC_TRY_LINK([
2862#include <stdio.h>
aff51935 2863],
2864 [ printf("%s", __func__); ],
c921ee00 2865 [ ac_cv_cc_implements___func__="yes" ],
2866 [ ac_cv_cc_implements___func__="no" ]
2867 )
2868])
2869if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2870 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2871fi
2872
9a406e1e 2873AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2874 AC_TRY_LINK(
2875 [#include <stdarg.h>
2876 va_list x,y;],
2877 [va_copy(x,y);],
2878 [ ac_cv_have_va_copy="yes" ],
2879 [ ac_cv_have_va_copy="no" ]
2880 )
2881])
2882if test "x$ac_cv_have_va_copy" = "xyes" ; then
2883 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2884fi
2885
2886AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2887 AC_TRY_LINK(
2888 [#include <stdarg.h>
2889 va_list x,y;],
2890 [__va_copy(x,y);],
2891 [ ac_cv_have___va_copy="yes" ],
2892 [ ac_cv_have___va_copy="no" ]
2893 )
2894])
2895if test "x$ac_cv_have___va_copy" = "xyes" ; then
2896 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2897fi
2898
1812a662 2899AC_CACHE_CHECK([whether getopt has optreset support],
2900 ac_cv_have_getopt_optreset, [
2901 AC_TRY_LINK(
2902 [
2903#include <getopt.h>
2904 ],
2905 [ extern int optreset; optreset = 0; ],
2906 [ ac_cv_have_getopt_optreset="yes" ],
2907 [ ac_cv_have_getopt_optreset="no" ]
2908 )
2909])
2910if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 2911 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2912 [Define if your getopt(3) defines and uses optreset])
1812a662 2913fi
a0391976 2914
819b676f 2915AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2916 AC_TRY_LINK([],
2917 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2918 [ ac_cv_libc_defines_sys_errlist="yes" ],
2919 [ ac_cv_libc_defines_sys_errlist="no" ]
2920 )
2921])
2922if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 2923 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2924 [Define if your system defines sys_errlist[]])
819b676f 2925fi
2926
2927
416ed5a7 2928AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2929 AC_TRY_LINK([],
2930 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2931 [ ac_cv_libc_defines_sys_nerr="yes" ],
2932 [ ac_cv_libc_defines_sys_nerr="no" ]
2933 )
2934])
2935if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 2936 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 2937fi
2938
aff51935 2939SCARD_MSG="no"
295c8801 2940# Check whether user wants sectok support
2941AC_ARG_WITH(sectok,
2942 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2943 [
2944 if test "x$withval" != "xno" ; then
2945 if test "x$withval" != "xyes" ; then
2946 CPPFLAGS="$CPPFLAGS -I${withval}"
2947 LDFLAGS="$LDFLAGS -L${withval}"
2948 if test ! -z "$need_dash_r" ; then
2949 LDFLAGS="$LDFLAGS -R${withval}"
2950 fi
2951 if test ! -z "$blibpath" ; then
2952 blibpath="$blibpath:${withval}"
2953 fi
2954 fi
2955 AC_CHECK_HEADERS(sectok.h)
2956 if test "$ac_cv_header_sectok_h" != yes; then
2957 AC_MSG_ERROR(Can't find sectok.h)
2958 fi
2959 AC_CHECK_LIB(sectok, sectok_open)
2960 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2961 AC_MSG_ERROR(Can't find libsectok)
2962 fi
3466e002 2963 AC_DEFINE(SMARTCARD, 1,
2964 [Define if you want smartcard support])
2965 AC_DEFINE(USE_SECTOK, 1,
2966 [Define if you want smartcard support
2967 using sectok])
aff51935 2968 SCARD_MSG="yes, using sectok"
295c8801 2969 fi
2970 ]
2971)
2972
2973# Check whether user wants OpenSC support
987b458f 2974OPENSC_CONFIG="no"
295c8801 2975AC_ARG_WITH(opensc,
e47fb473 2976 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 2977 [
2978 if test "x$withval" != "xno" ; then
2979 if test "x$withval" != "xyes" ; then
2980 OPENSC_CONFIG=$withval/bin/opensc-config
2981 else
2982 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2983 fi
2984 if test "$OPENSC_CONFIG" != "no"; then
2985 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2986 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2987 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2988 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2989 AC_DEFINE(SMARTCARD)
3466e002 2990 AC_DEFINE(USE_OPENSC, 1,
2991 [Define if you want smartcard support
2992 using OpenSC])
987b458f 2993 SCARD_MSG="yes, using OpenSC"
2994 fi
2995 fi
2996 ]
2997)
d0b19c95 2998
c31dc31c 2999# Check libraries needed by DNS fingerprint support
aff51935 3000AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3001 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3002 [Define if getrrsetbyname() exists])],
3e05e934 3003 [
c31dc31c 3004 # Needed by our getrrsetbyname()
3005 AC_SEARCH_LIBS(res_query, resolv)
3006 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3007 AC_MSG_CHECKING(if res_query will link)
3008 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3009 [AC_MSG_RESULT(no)
3010 saved_LIBS="$LIBS"
3011 LIBS="$LIBS -lresolv"
3012 AC_MSG_CHECKING(for res_query in -lresolv)
3013 AC_LINK_IFELSE([
3014#include <resolv.h>
3015int main()
3016{
3017 res_query (0, 0, 0, 0, 0);
3018 return 0;
3019}
3020 ],
3021 [LIBS="$LIBS -lresolv"
3022 AC_MSG_RESULT(yes)],
3023 [LIBS="$saved_LIBS"
3024 AC_MSG_RESULT(no)])
3025 ])
c31dc31c 3026 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3027 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3028 [#include <sys/types.h>
3029 #include <arpa/nameser.h>])
c31dc31c 3030 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3031 [AC_DEFINE(HAVE_HEADER_AD, 1,
3032 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3033 [#include <arpa/nameser.h>])
3034 ])
3e05e934 3035
ef4d1846 3036# Check whether user wants SELinux support
3037SELINUX_MSG="no"
3038LIBSELINUX=""
3039AC_ARG_WITH(selinux,
3040 [ --with-selinux Enable SELinux support],
3041 [ if test "x$withval" != "xno" ; then
3042 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3043 SELINUX_MSG="yes"
3044 AC_CHECK_HEADER([selinux/selinux.h], ,
3045 AC_MSG_ERROR(SELinux support requires selinux.h header))
3046 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3047 AC_MSG_ERROR(SELinux support requires libselinux library))
3048 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3049 fi ]
3050)
3051AC_SUBST(LIBSELINUX)
3052
12928e80 3053# Check whether user wants Kerberos 5 support
aff51935 3054KRB5_MSG="no"
12928e80 3055AC_ARG_WITH(kerberos5,
aff51935 3056 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3057 [ if test "x$withval" != "xno" ; then
3058 if test "x$withval" = "xyes" ; then
3059 KRB5ROOT="/usr/local"
3060 else
3061 KRB5ROOT=${withval}
3062 fi
3063
3466e002 3064 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3065 KRB5_MSG="yes"
3066
3067 AC_MSG_CHECKING(for krb5-config)
3068 if test -x $KRB5ROOT/bin/krb5-config ; then
3069 KRB5CONF=$KRB5ROOT/bin/krb5-config
3070 AC_MSG_RESULT($KRB5CONF)
3071
3072 AC_MSG_CHECKING(for gssapi support)
3073 if $KRB5CONF | grep gssapi >/dev/null ; then
3074 AC_MSG_RESULT(yes)
3466e002 3075 AC_DEFINE(GSSAPI, 1,
3076 [Define this if you want GSSAPI
3077 support in the version 2 protocol])
071970fb 3078 k5confopts=gssapi
aff51935 3079 else
5585c441 3080 AC_MSG_RESULT(no)
071970fb 3081 k5confopts=""
aff51935 3082 fi
071970fb 3083 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3084 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3085 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3086 AC_MSG_CHECKING(whether we are using Heimdal)
3087 AC_TRY_COMPILE([ #include <krb5.h> ],
3088 [ char *tmp = heimdal_version; ],
3089 [ AC_MSG_RESULT(yes)
3466e002 3090 AC_DEFINE(HEIMDAL, 1,
3091 [Define this if you are using the
3092 Heimdal version of Kerberos V5]) ],
5585c441 3093 AC_MSG_RESULT(no)
3094 )
3095 else
3096 AC_MSG_RESULT(no)
12928e80 3097 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3098 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3099 AC_MSG_CHECKING(whether we are using Heimdal)
3100 AC_TRY_COMPILE([ #include <krb5.h> ],
3101 [ char *tmp = heimdal_version; ],
3102 [ AC_MSG_RESULT(yes)
3103 AC_DEFINE(HEIMDAL)
41707f74 3104 K5LIBS="-lkrb5 -ldes"
3105 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3106 AC_CHECK_LIB(roken, net_write,
41707f74 3107 [K5LIBS="$K5LIBS -lroken"])
aff51935 3108 ],
3109 [ AC_MSG_RESULT(no)
3110 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3111 ]
3112 )
4e00038c 3113 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3114
749560dd 3115 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3116 [ AC_DEFINE(GSSAPI)
3117 K5LIBS="-lgssapi $K5LIBS" ],
3118 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3119 [ AC_DEFINE(GSSAPI)
aff51935 3120 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3121 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3122 $K5LIBS)
3123 ],
3124 $K5LIBS)
82f4e93d 3125
749560dd 3126 AC_CHECK_HEADER(gssapi.h, ,
3127 [ unset ac_cv_header_gssapi_h
aff51935 3128 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3129 AC_CHECK_HEADERS(gssapi.h, ,
3130 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3131 )
749560dd 3132 ]
3133 )
3134
3135 oldCPP="$CPPFLAGS"
3136 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3137 AC_CHECK_HEADER(gssapi_krb5.h, ,
3138 [ CPPFLAGS="$oldCPP" ])
3139
aff51935 3140 fi
5585c441 3141 if test ! -z "$need_dash_r" ; then
3142 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3143 fi
3144 if test ! -z "$blibpath" ; then
3145 blibpath="$blibpath:${KRB5ROOT}/lib"
3146 fi
071970fb 3147
f5555364 3148 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3149 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3150 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3151
f5555364 3152 LIBS="$LIBS $K5LIBS"
3466e002 3153 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3154 [Define this if you want to use libkafs' AFS support]))
f5555364 3155 fi
071970fb 3156 ]
12928e80 3157)
b5b68128 3158
a0391976 3159# Looking for programs, paths and files
a0391976 3160
ecac8ee5 3161PRIVSEP_PATH=/var/empty
3162AC_ARG_WITH(privsep-path,
cda1ebcb 3163 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3164 [
6cf0200f 3165 if test -n "$withval" && test "x$withval" != "xno" && \
3166 test "x${withval}" != "xyes"; then
ecac8ee5 3167 PRIVSEP_PATH=$withval
3168 fi
3169 ]
3170)
3171AC_SUBST(PRIVSEP_PATH)
3172
a0391976 3173AC_ARG_WITH(xauth,
3174 [ --with-xauth=PATH Specify path to xauth program ],
3175 [
6cf0200f 3176 if test -n "$withval" && test "x$withval" != "xno" && \
3177 test "x${withval}" != "xyes"; then
cbd7492e 3178 xauth_path=$withval
a0391976 3179 fi
3180 ],
3181 [
2bf42e4a 3182 TestPath="$PATH"
3183 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3184 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3185 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3186 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3187 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3188 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3189 xauth_path="/usr/openwin/bin/xauth"
3190 fi
3191 ]
3192)
3193
65a4b4af 3194STRIP_OPT=-s
3195AC_ARG_ENABLE(strip,
3196 [ --disable-strip Disable calling strip(1) on install],
3197 [
3198 if test "x$enableval" = "xno" ; then
3199 STRIP_OPT=
3200 fi
3201 ]
3202)
3203AC_SUBST(STRIP_OPT)
3204
b3ec54b4 3205if test -z "$xauth_path" ; then
3206 XAUTH_PATH="undefined"
3207 AC_SUBST(XAUTH_PATH)
3208else
3466e002 3209 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3210 [Define if xauth is found in your path])
b3ec54b4 3211 XAUTH_PATH=$xauth_path
3212 AC_SUBST(XAUTH_PATH)
a0391976 3213fi
a0391976 3214
3215# Check for mail directory (last resort if we cannot get it from headers)
3216if test ! -z "$MAIL" ; then
3217 maildir=`dirname $MAIL`
3466e002 3218 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3219 [Set this to your mail directory if you don't have maillock.h])
a0391976 3220fi
3221
479cece8 3222if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3223 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3224 disable_ptmx_check=yes
3225fi
a0391976 3226if test -z "$no_dev_ptmx" ; then
6e879cb4 3227 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3228 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3229 [
3466e002 3230 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3231 [Define if you have /dev/ptmx])
6e879cb4 3232 have_dev_ptmx=1
3233 ]
3234 )
3235 fi
3276571c 3236fi
1a01a50c 3237
479cece8 3238if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3239 AC_CHECK_FILE("/dev/ptc",
3240 [
3466e002 3241 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3242 [Define if you have /dev/ptc])
1a01a50c 3243 have_dev_ptc=1
3244 ]
3245 )
3246else
3247 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3248fi
3276571c 3249
a0391976 3250# Options from here on. Some of these are preset by platform above
fdf6b7aa 3251AC_ARG_WITH(mantype,
5d97cfbf 3252 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3253 [
5d97cfbf 3254 case "$withval" in
3255 man|cat|doc)
3256 MANTYPE=$withval
3257 ;;
3258 *)
3259 AC_MSG_ERROR(invalid man type: $withval)
3260 ;;
3261 esac
c54a6257 3262 ]
3263)
e0c4d3ac 3264if test -z "$MANTYPE"; then
2bf42e4a 3265 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3266 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3267 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3268 MANTYPE=doc
3269 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3270 MANTYPE=man
3271 else
3272 MANTYPE=cat
3273 fi
3274fi
c54a6257 3275AC_SUBST(MANTYPE)
e0c4d3ac 3276if test "$MANTYPE" = "doc"; then
3277 mansubdir=man;
3278else
3279 mansubdir=$MANTYPE;
3280fi
3281AC_SUBST(mansubdir)
0bc5b6fb 3282
a0391976 3283# Check whether to enable MD5 passwords
aff51935 3284MD5_MSG="no"
2ddcfdf3 3285AC_ARG_WITH(md5-passwords,
caf3bc51 3286 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3287 [
bcf36c78 3288 if test "x$withval" != "xno" ; then
3466e002 3289 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3290 [Define if you want to allow MD5 passwords])
aff51935 3291 MD5_MSG="yes"
0bc5b6fb 3292 fi
3293 ]
caf3bc51 3294)
3295
a0391976 3296# Whether to disable shadow password support
a7effaac 3297AC_ARG_WITH(shadow,
3298 [ --without-shadow Disable shadow password support],
3299 [
82f4e93d 3300 if test "x$withval" = "xno" ; then
a7effaac 3301 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3302 disable_shadow=yes
a7effaac 3303 fi
3304 ]
3305)
3306
4cb5ffa0 3307if test -z "$disable_shadow" ; then
3308 AC_MSG_CHECKING([if the systems has expire shadow information])
3309 AC_TRY_COMPILE(
3310 [
3311#include <sys/types.h>
3312#include <shadow.h>
3313 struct spwd sp;
3314 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3315 [ sp_expire_available=yes ], []
3316 )
3317
3318 if test "x$sp_expire_available" = "xyes" ; then
3319 AC_MSG_RESULT(yes)
3466e002 3320 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3321 [Define if you want to use shadow password expire field])
4cb5ffa0 3322 else
3323 AC_MSG_RESULT(no)
3324 fi
3325fi
3326
a0391976 3327# Use ip address instead of hostname in $DISPLAY
44839801 3328if test ! -z "$IPADDR_IN_DISPLAY" ; then
3329 DISPLAY_HACK_MSG="yes"
3466e002 3330 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3331 [Define if you need to use IP address
3332 instead of hostname in $DISPLAY])
44839801 3333else
aff51935 3334 DISPLAY_HACK_MSG="no"
44839801 3335 AC_ARG_WITH(ipaddr-display,
3336 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3337 [
82f4e93d 3338 if test "x$withval" != "xno" ; then
44839801 3339 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3340 DISPLAY_HACK_MSG="yes"
44839801 3341 fi
3342 ]
3343 )
3344fi
a7effaac 3345
95b99395 3346# check for /etc/default/login and use it if present.
daa41e62 3347AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3348 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3349 [ if test "x$enableval" = "xno"; then
3350 AC_MSG_NOTICE([/etc/default/login handling disabled])
3351 etc_default_login=no
3352 else
3353 etc_default_login=yes
3354 fi ],
b0e7249f 3355 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3356 then
3357 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3358 etc_default_login=no
3359 else
3360 etc_default_login=yes
3361 fi ]
694d0cef 3362)
95b99395 3363
694d0cef 3364if test "x$etc_default_login" != "xno"; then
3365 AC_CHECK_FILE("/etc/default/login",
3366 [ external_path_file=/etc/default/login ])
b0e7249f 3367 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3368 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3369 [Define if your system has /etc/default/login])
1a01a50c 3370 fi
694d0cef 3371fi
95b99395 3372
8d184c09 3373dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3374if test $ac_cv_func_login_getcapbool = "yes" && \
3375 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3376 external_path_file=/etc/login.conf
8d184c09 3377fi
95b99395 3378
a0391976 3379# Whether to mess with the default path
aff51935 3380SERVER_PATH_MSG="(default)"
c43d69a9 3381AC_ARG_WITH(default-path,
75817f90 3382 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3383 [
95b99395 3384 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3385 AC_MSG_WARN([
3386--with-default-path=PATH has no effect on this system.
3387Edit /etc/login.conf instead.])
82f4e93d 3388 elif test "x$withval" != "xno" ; then
89bbd457 3389 if test ! -z "$external_path_file" ; then
95b99395 3390 AC_MSG_WARN([
3391--with-default-path=PATH will only be used if PATH is not defined in
3392$external_path_file .])
3393 fi
b2d818e6 3394 user_path="$withval"
aff51935 3395 SERVER_PATH_MSG="$withval"
cb807f40 3396 fi
b2d818e6 3397 ],
95b99395 3398 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3399 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3400 else
89bbd457 3401 if test ! -z "$external_path_file" ; then
95b99395 3402 AC_MSG_WARN([
3403If PATH is defined in $external_path_file, ensure the path to scp is included,
3404otherwise scp will not work.])
3405 fi
b0e7249f 3406 AC_RUN_IFELSE(
3407 [AC_LANG_SOURCE([[
b2d818e6 3408/* find out what STDPATH is */
3409#include <stdio.h>
b2d818e6 3410#ifdef HAVE_PATHS_H
3411# include <paths.h>
3412#endif
3413#ifndef _PATH_STDPATH
d9a4e55b 3414# ifdef _PATH_USERPATH /* Irix */
3415# define _PATH_STDPATH _PATH_USERPATH
3416# else
3417# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3418# endif
b2d818e6 3419#endif
3420#include <sys/types.h>
3421#include <sys/stat.h>
3422#include <fcntl.h>
3423#define DATA "conftest.stdpath"
3424
3425main()
3426{
3427 FILE *fd;
3428 int rc;
82f4e93d 3429
b2d818e6 3430 fd = fopen(DATA,"w");
3431 if(fd == NULL)
3432 exit(1);
82f4e93d 3433
b2d818e6 3434 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3435 exit(1);
3436
3437 exit(0);
3438}
b0e7249f 3439 ]])],
3440 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3441 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3442 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3443 )
3444# make sure $bindir is in USER_PATH so scp will work
3445 t_bindir=`eval echo ${bindir}`
3446 case $t_bindir in
3447 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3448 esac
3449 case $t_bindir in
3450 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3451 esac
3452 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3453 if test $? -ne 0 ; then
3454 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3455 if test $? -ne 0 ; then
3456 user_path=$user_path:$t_bindir
3457 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3458 fi
3459 fi
8d184c09 3460 fi ]
cb807f40 3461)
95b99395 3462if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3463 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3464 AC_SUBST(user_path)
3465fi
cb807f40 3466
06617857 3467# Set superuser path separately to user path
06617857 3468AC_ARG_WITH(superuser-path,
3469 [ --with-superuser-path= Specify different path for super-user],
3470 [
6cf0200f 3471 if test -n "$withval" && test "x$withval" != "xno" && \
3472 test "x${withval}" != "xyes"; then
3466e002 3473 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3474 [Define if you want a different $PATH
3475 for the superuser])
06617857 3476 superuser_path=$withval
3477 fi
3478 ]
3479)
3480
3481
58d100bf 3482AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3483IPV4_IN6_HACK_MSG="no"
80faa19f 3484AC_ARG_WITH(4in6,
3485 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3486 [
3487 if test "x$withval" != "xno" ; then
3488 AC_MSG_RESULT(yes)
3466e002 3489 AC_DEFINE(IPV4_IN_IPV6, 1,
3490 [Detect IPv4 in IPv6 mapped addresses
3491 and treat as IPv4])
aff51935 3492 IPV4_IN6_HACK_MSG="yes"
80faa19f 3493 else
3494 AC_MSG_RESULT(no)
3495 fi
3496 ],[
3497 if test "x$inet6_default_4in6" = "xyes"; then
3498 AC_MSG_RESULT([yes (default)])
3499 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3500 IPV4_IN6_HACK_MSG="yes"
80faa19f 3501 else
3502 AC_MSG_RESULT([no (default)])
3503 fi
3504 ]
3505)
3506
af774732 3507# Whether to enable BSD auth support
f1b0ecc3 3508BSD_AUTH_MSG=no
af774732 3509AC_ARG_WITH(bsd-auth,
3510 [ --with-bsd-auth Enable BSD auth support],
3511 [
82f4e93d 3512 if test "x$withval" != "xno" ; then
3466e002 3513 AC_DEFINE(BSD_AUTH, 1,
3514 [Define if you have BSD auth support])
f1b0ecc3 3515 BSD_AUTH_MSG=yes
af774732 3516 fi
3517 ]
3518)
3519
a0391976 3520# Where to place sshd.pid
19d9ac2a 3521piddir=/var/run
81dadca3 3522# make sure the directory exists
82f4e93d 3523if test ! -d $piddir ; then
81dadca3 3524 piddir=`eval echo ${sysconfdir}`
3525 case $piddir in
aff51935 3526 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3527 esac
3528fi
3529
47e45e44 3530AC_ARG_WITH(pid-dir,
3531 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3532 [
6cf0200f 3533 if test -n "$withval" && test "x$withval" != "xno" && \
3534 test "x${withval}" != "xyes"; then
19d9ac2a 3535 piddir=$withval
82f4e93d 3536 if test ! -d $piddir ; then
81dadca3 3537 AC_MSG_WARN([** no $piddir directory on this system **])
3538 fi
47e45e44 3539 fi
3540 ]
3541)
b7a87eea 3542
3466e002 3543AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3544AC_SUBST(piddir)
47e45e44 3545
1d7b9b20 3546dnl allow user to disable some login recording features
3547AC_ARG_ENABLE(lastlog,
bfd550a2 3548 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3549 [
3550 if test "x$enableval" = "xno" ; then
3551 AC_DEFINE(DISABLE_LASTLOG)
3552 fi
3553 ]
1d7b9b20 3554)
3555AC_ARG_ENABLE(utmp,
bfd550a2 3556 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3557 [
3558 if test "x$enableval" = "xno" ; then
3559 AC_DEFINE(DISABLE_UTMP)
3560 fi
3561 ]
1d7b9b20 3562)
3563AC_ARG_ENABLE(utmpx,
bfd550a2 3564 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3565 [
3566 if test "x$enableval" = "xno" ; then
3466e002 3567 AC_DEFINE(DISABLE_UTMPX, 1,
3568 [Define if you don't want to use utmpx])
ddb154b3 3569 fi
3570 ]
1d7b9b20 3571)
3572AC_ARG_ENABLE(wtmp,
bfd550a2 3573 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3574 [
3575 if test "x$enableval" = "xno" ; then
3576 AC_DEFINE(DISABLE_WTMP)
3577 fi
3578 ]
1d7b9b20 3579)
3580AC_ARG_ENABLE(wtmpx,
bfd550a2 3581 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3582 [
3583 if test "x$enableval" = "xno" ; then
3466e002 3584 AC_DEFINE(DISABLE_WTMPX, 1,
3585 [Define if you don't want to use wtmpx])
ddb154b3 3586 fi
3587 ]
1d7b9b20 3588)
3589AC_ARG_ENABLE(libutil,
bfd550a2 3590 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3591 [
3592 if test "x$enableval" = "xno" ; then
3593 AC_DEFINE(DISABLE_LOGIN)
3594 fi
3595 ]
1d7b9b20 3596)
3597AC_ARG_ENABLE(pututline,
bfd550a2 3598 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3599 [
3600 if test "x$enableval" = "xno" ; then
3466e002 3601 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3602 [Define if you don't want to use pututline()
3603 etc. to write [uw]tmp])
ddb154b3 3604 fi
3605 ]
1d7b9b20 3606)
3607AC_ARG_ENABLE(pututxline,
bfd550a2 3608 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3609 [
3610 if test "x$enableval" = "xno" ; then
3466e002 3611 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3612 [Define if you don't want to use pututxline()
3613 etc. to write [uw]tmpx])
ddb154b3 3614 fi
3615 ]
1d7b9b20 3616)
3617AC_ARG_WITH(lastlog,
bfd550a2 3618 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3619 [
82f4e93d 3620 if test "x$withval" = "xno" ; then
8c89dd2b 3621 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3622 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3623 conf_lastlog_location=$withval
3624 fi
3625 ]
3626)
1d7b9b20 3627
3628dnl lastlog, [uw]tmpx? detection
3629dnl NOTE: set the paths in the platform section to avoid the
3630dnl need for command-line parameters
3631dnl lastlog and [uw]tmp are subject to a file search if all else fails
3632
3633dnl lastlog detection
3634dnl NOTE: the code itself will detect if lastlog is a directory
3635AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3636AC_TRY_COMPILE([
3637#include <sys/types.h>
3638#include <utmp.h>
3639#ifdef HAVE_LASTLOG_H
3640# include <lastlog.h>
3641#endif
d7c0f3d5 3642#ifdef HAVE_PATHS_H
1d7b9b20 3643# include <paths.h>
41cb4569 3644#endif
3645#ifdef HAVE_LOGIN_H
3646# include <login.h>
1d7b9b20 3647#endif
3648 ],
3649 [ char *lastlog = LASTLOG_FILE; ],
3650 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3651 [
3652 AC_MSG_RESULT(no)
3653 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3654 AC_TRY_COMPILE([
3655#include <sys/types.h>
3656#include <utmp.h>
3657#ifdef HAVE_LASTLOG_H
3658# include <lastlog.h>
3659#endif
3660#ifdef HAVE_PATHS_H
3661# include <paths.h>
3662#endif
3663 ],
3664 [ char *lastlog = _PATH_LASTLOG; ],
3665 [ AC_MSG_RESULT(yes) ],
3666 [
f282b668 3667 AC_MSG_RESULT(no)
d7c0f3d5 3668 system_lastlog_path=no
3669 ])
3670 ]
1d7b9b20 3671)
d7c0f3d5 3672
1d7b9b20 3673if test -z "$conf_lastlog_location"; then
3674 if test x"$system_lastlog_path" = x"no" ; then
3675 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3676 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3677 conf_lastlog_location=$f
3678 fi
3679 done
3680 if test -z "$conf_lastlog_location"; then
f8119cef 3681 AC_MSG_WARN([** Cannot find lastlog **])
3682 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3683 fi
3684 fi
3685fi
3686
3687if test -n "$conf_lastlog_location"; then
3466e002 3688 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3689 [Define if you want to specify the path to your lastlog file])
82f4e93d 3690fi
1d7b9b20 3691
3692dnl utmp detection
3693AC_MSG_CHECKING([if your system defines UTMP_FILE])
3694AC_TRY_COMPILE([
3695#include <sys/types.h>
3696#include <utmp.h>
d7c0f3d5 3697#ifdef HAVE_PATHS_H
1d7b9b20 3698# include <paths.h>
3699#endif
3700 ],
3701 [ char *utmp = UTMP_FILE; ],
3702 [ AC_MSG_RESULT(yes) ],
3703 [ AC_MSG_RESULT(no)
3704 system_utmp_path=no ]
3705)
3706if test -z "$conf_utmp_location"; then
3707 if test x"$system_utmp_path" = x"no" ; then
3708 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3709 if test -f $f ; then
3710 conf_utmp_location=$f
3711 fi
3712 done
3713 if test -z "$conf_utmp_location"; then
3714 AC_DEFINE(DISABLE_UTMP)
3715 fi
3716 fi
3717fi
3718if test -n "$conf_utmp_location"; then
3466e002 3719 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3720 [Define if you want to specify the path to your utmp file])
82f4e93d 3721fi
1d7b9b20 3722
3723dnl wtmp detection
3724AC_MSG_CHECKING([if your system defines WTMP_FILE])
3725AC_TRY_COMPILE([
3726#include <sys/types.h>
3727#include <utmp.h>
d7c0f3d5 3728#ifdef HAVE_PATHS_H
1d7b9b20 3729# include <paths.h>
3730#endif
3731 ],
3732 [ char *wtmp = WTMP_FILE; ],
3733 [ AC_MSG_RESULT(yes) ],
3734 [ AC_MSG_RESULT(no)
3735 system_wtmp_path=no ]
3736)
3737if test -z "$conf_wtmp_location"; then
3738 if test x"$system_wtmp_path" = x"no" ; then
3739 for f in /usr/adm/wtmp /var/log/wtmp; do
3740 if test -f $f ; then
3741 conf_wtmp_location=$f
3742 fi
3743 done
3744 if test -z "$conf_wtmp_location"; then
3745 AC_DEFINE(DISABLE_WTMP)
3746 fi
3747 fi
3748fi
3749if test -n "$conf_wtmp_location"; then
3466e002 3750 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3751 [Define if you want to specify the path to your wtmp file])
82f4e93d 3752fi
1d7b9b20 3753
3754
3755dnl utmpx detection - I don't know any system so perverse as to require
3756dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3757dnl there, though.
3758AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3759AC_TRY_COMPILE([
3760#include <sys/types.h>
3761#include <utmp.h>
3762#ifdef HAVE_UTMPX_H
3763#include <utmpx.h>
3764#endif
d7c0f3d5 3765#ifdef HAVE_PATHS_H
1d7b9b20 3766# include <paths.h>
3767#endif
3768 ],
3769 [ char *utmpx = UTMPX_FILE; ],
3770 [ AC_MSG_RESULT(yes) ],
3771 [ AC_MSG_RESULT(no)
3772 system_utmpx_path=no ]
3773)
3774if test -z "$conf_utmpx_location"; then
3775 if test x"$system_utmpx_path" = x"no" ; then
3776 AC_DEFINE(DISABLE_UTMPX)
3777 fi
3778else
3466e002 3779 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3780 [Define if you want to specify the path to your utmpx file])
82f4e93d 3781fi
1d7b9b20 3782
3783dnl wtmpx detection
3784AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3785AC_TRY_COMPILE([
3786#include <sys/types.h>
3787#include <utmp.h>
3788#ifdef HAVE_UTMPX_H
3789#include <utmpx.h>
3790#endif
d7c0f3d5 3791#ifdef HAVE_PATHS_H
1d7b9b20 3792# include <paths.h>
3793#endif
3794 ],
3795 [ char *wtmpx = WTMPX_FILE; ],
3796 [ AC_MSG_RESULT(yes) ],
3797 [ AC_MSG_RESULT(no)
3798 system_wtmpx_path=no ]
3799)
3800if test -z "$conf_wtmpx_location"; then
3801 if test x"$system_wtmpx_path" = x"no" ; then
3802 AC_DEFINE(DISABLE_WTMPX)
3803 fi
3804else
3466e002 3805 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3806 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3807fi
1d7b9b20 3808
b7a87eea 3809
bd499f9e 3810if test ! -z "$blibpath" ; then
68ece370 3811 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3812 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3813fi
3814
ddceb1c8 3815dnl remove pam and dl because they are in $LIBPAM
3816if test "$PAM_MSG" = yes ; then
98f2d9d5 3817 LIBS=`echo $LIBS | sed 's/-lpam //'`
3818fi
3819if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3820 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3821fi
3822
ed89c848 3823dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3824dnl Add now.
3825CFLAGS="$CFLAGS $werror_flags"
3826
3c62e7eb 3827AC_EXEEXT
d7cfdd7c 3828AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
46096a5b 3829 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3830AC_OUTPUT
d3083fbd 3831
cbd7492e 3832# Print summary of options
3833
cbd7492e 3834# Someone please show me a better way :)
3835A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3836B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3837C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3838D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3839E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3840F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3841G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3842H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3843I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3844J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3845
3846echo ""
26de7942 3847echo "OpenSSH has been configured with the following options:"
ecac8ee5 3848echo " User binaries: $B"
3849echo " System binaries: $C"
3850echo " Configuration files: $D"
3851echo " Askpass program: $E"
3852echo " Manual pages: $F"
3853echo " PID file: $G"
3854echo " Privilege separation chroot path: $H"
95b99395 3855if test "x$external_path_file" = "x/etc/login.conf" ; then
3856echo " At runtime, sshd will use the path defined in $external_path_file"
3857echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3858else
ecac8ee5 3859echo " sshd default user PATH: $I"
89bbd457 3860 if test ! -z "$external_path_file"; then
95b99395 3861echo " (If PATH is set in $external_path_file it will be used instead. If"
3862echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3863 fi
8d184c09 3864fi
06617857 3865if test ! -z "$superuser_path" ; then
ecac8ee5 3866echo " sshd superuser user PATH: $J"
3867fi
3868echo " Manpage format: $MANTYPE"
3e05e934 3869echo " PAM support: $PAM_MSG"
ecac8ee5 3870echo " KerberosV support: $KRB5_MSG"
ef4d1846 3871echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3872echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3873echo " S/KEY support: $SKEY_MSG"
3874echo " TCP Wrappers support: $TCPW_MSG"
3875echo " MD5 password support: $MD5_MSG"
59031773 3876echo " libedit support: $LIBEDIT_MSG"
3deb1408 3877echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3878echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3879echo " BSD Auth support: $BSD_AUTH_MSG"
3880echo " Random number source: $RAND_MSG"
f1b0ecc3 3881if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3882echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3883fi
3884
cbd7492e 3885echo ""
3886
0c2fb82f 3887echo " Host: ${host}"
3888echo " Compiler: ${CC}"
3889echo " Compiler flags: ${CFLAGS}"
3890echo "Preprocessor flags: ${CPPFLAGS}"
3891echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3892echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3893
3894echo ""
3895
9cefe228 3896if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3897 echo "SVR4 style packages are supported with \"make package\""
3898 echo ""
9cefe228 3899fi
3900
adeebd37 3901if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3902 echo "PAM is enabled. You may need to install a PAM control file "
3903 echo "for sshd, otherwise password authentication may fail. "
aff51935 3904 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3905 echo "subdirectory"
adeebd37 3906 echo ""
3907fi
3908
f1b0ecc3 3909if test ! -z "$RAND_HELPER_CMDHASH" ; then
3910 echo "WARNING: you are using the builtin random number collection "
3911 echo "service. Please read WARNING.RNG and request that your OS "
3912 echo "vendor includes kernel-based random number collection in "
3913 echo "future versions of your OS."
2c523de9 3914 echo ""
3915fi
af774732 3916
2f6f9cff 3917if test ! -z "$NO_PEERCHECK" ; then
3918 echo "WARNING: the operating system that you are using does not "
3919 echo "appear to support either the getpeereid() API nor the "
3920 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3921 echo "enforce security checks to prevent unauthorised connections to "
3922 echo "ssh-agent. Their absence increases the risk that a malicious "
3923 echo "user can connect to your agent. "
3924 echo ""
3925fi
3926
7b578f7d 3927if test "$AUDIT_MODULE" = "bsm" ; then
3928 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3929 echo "See the Solaris section in README.platform for details."
3930fi
git-cvsimport mirror of OpenSSH
This page took 1.03661 seconds and 5 git commands to generate.