]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [config.sh.in] Collect oslevel -r too.
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
bc6f919d 17AC_INIT(OpenSSH, Portable)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
78
d423d822 79AC_C_INLINE
aff51935 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
d423d822 82fi
83
e6354014 84AC_ARG_WITH(rpath,
85 [ --without-rpath Disable auto-added -R linker paths],
86 [
87 if test "x$withval" = "xno" ; then
88 need_dash_r=""
89 fi
90 if test "x$withval" = "xyes" ; then
91 need_dash_r=1
92 fi
93 ]
94)
95
a0391976 96# Check for some target-specific stuff
a7effaac 97case "$host" in
9d6b1b96 98*-*-aix*)
aff51935 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 100 if (test -z "$blibpath"); then
0a15d73b 101 blibpath="/usr/lib:/lib"
68ece370 102 fi
103 saved_LDFLAGS="$LDFLAGS"
104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
105 if (test -z "$blibflags"); then
106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
107 AC_TRY_LINK([], [], [blibflags=$tryflags])
108 fi
109 done
110 if (test -z "$blibflags"); then
111 AC_MSG_RESULT(not found)
112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
113 else
114 AC_MSG_RESULT($blibflags)
bd499f9e 115 fi
68ece370 116 LDFLAGS="$saved_LDFLAGS"
e351e493 117 dnl Check for authenticate. Might be in libs.a on older AIXes
118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 119 [AC_CHECK_LIB(s,authenticate,
e351e493 120 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 121 LIBS="$LIBS -ls"
122 ])
123 ])
e351e493 124 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
125 AC_CHECK_DECL(loginfailed,
126 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
127 AC_TRY_COMPILE(
f58c0e01 128 [#include <usersec.h>],
e351e493 129 [(void)loginfailed("user","host","tty",0);],
130 [AC_MSG_RESULT(yes)
131 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 132 [AC_MSG_RESULT(no)]
e351e493 133 )],
134 [],
135 [#include <usersec.h>]
136 )
2aa3a16c 137 AC_CHECK_FUNCS(setauthdb)
4c8ef3fb 138 AC_DEFINE(BROKEN_GETADDRINFO)
1352689f 139 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 140 AC_DEFINE(SETEUID_BREAKS_SETUID)
141 AC_DEFINE(BROKEN_SETREUID)
142 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 143 dnl AIX handles lastlog as part of its login message
144 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 145 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 146 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 147 ;;
3c62e7eb 148*-*-cygwin*)
a52997bd 149 check_for_libcrypt_later=1
ffb8d130 150 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 151 AC_DEFINE(HAVE_CYGWIN)
7043a38d 152 AC_DEFINE(USE_PIPES)
3c62e7eb 153 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 154 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 155 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 156 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 157 AC_DEFINE(DISABLE_FD_PASSING)
246446cd 158 AC_DEFINE(SETGROUPS_NOOP)
3c62e7eb 159 ;;
d6fdb079 160*-*-dgux*)
161 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 162 AC_DEFINE(SETEUID_BREAKS_SETUID)
163 AC_DEFINE(BROKEN_SETREUID)
164 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 165 ;;
39c98ef7 166*-*-darwin*)
33e2e066 167 AC_MSG_CHECKING(if we have working getaddrinfo)
168 AC_TRY_RUN([#include <mach-o/dyld.h>
169main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
170 exit(0);
171 else
172 exit(1);
173}], [AC_MSG_RESULT(working)],
174 [AC_MSG_RESULT(buggy)
175 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 176 [AC_MSG_RESULT(assume it is working)])
635e0c42 177 AC_DEFINE(SETEUID_BREAKS_SETUID)
178 AC_DEFINE(BROKEN_SETREUID)
179 AC_DEFINE(BROKEN_SETREGID)
ff620033 180 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 181 ;;
6e879cb4 182*-*-hpux10.26)
183 if test -z "$GCC"; then
184 CFLAGS="$CFLAGS -Ae"
185 fi
186 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
187 IPADDR_IN_DISPLAY=yes
188 AC_DEFINE(HAVE_SECUREWARE)
189 AC_DEFINE(USE_PIPES)
190 AC_DEFINE(LOGIN_NO_ENDOPT)
191 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 192 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 193 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 194 LIBS="$LIBS -lsec -lsecpw"
195 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
6e879cb4 196 disable_ptmx_check=yes
197 ;;
a7effaac 198*-*-hpux10*)
199 if test -z "$GCC"; then
fc1e8bf4 200 CFLAGS="$CFLAGS -Ae"
a7effaac 201 fi
28564873 202 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 203 IPADDR_IN_DISPLAY=yes
137d7b6c 204 AC_DEFINE(USE_PIPES)
a2572aa7 205 AC_DEFINE(LOGIN_NO_ENDOPT)
206 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 207 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 208 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 209 LIBS="$LIBS -lsec"
210 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
a7effaac 211 ;;
2b763e31 212*-*-hpux11*)
b8fea62d 213 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 214 IPADDR_IN_DISPLAY=yes
adeebd37 215 AC_DEFINE(PAM_SUN_CODEBASE)
2b10f47a 216 AC_DEFINE(USE_PIPES)
a2572aa7 217 AC_DEFINE(LOGIN_NO_ENDOPT)
218 AC_DEFINE(LOGIN_NEEDS_UTMPX)
764d4113 219 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 220 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 221 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
b6610e8f 222 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
2fe51906 223 check_for_hpux_broken_getaddrinfo=1
b29fd59f 224 check_for_conflicting_getspnam=1
f75ca46d 225 LIBS="$LIBS -lsec"
226 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2b763e31 227 ;;
d94aa2ae 228*-*-irix5*)
6ac7829a 229 PATH="$PATH:/usr/etc"
416ed5a7 230 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 231 AC_DEFINE(SETEUID_BREAKS_SETUID)
232 AC_DEFINE(BROKEN_SETREUID)
233 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 234 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 235 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 236 ;;
237*-*-irix6*)
6ac7829a 238 PATH="$PATH:/usr/etc"
3206bb3b 239 AC_DEFINE(WITH_IRIX_ARRAY)
240 AC_DEFINE(WITH_IRIX_PROJECT)
241 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 242 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 243 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 244 AC_DEFINE(SETEUID_BREAKS_SETUID)
245 AC_DEFINE(BROKEN_SETREUID)
246 AC_DEFINE(BROKEN_SETREGID)
3d59832f 247 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 248 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 249 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 250 ;;
5cdfe03f 251*-*-linux*)
252 no_dev_ptmx=1
717057b6 253 check_for_libcrypt_later=1
eacb954e 254 check_for_openpty_ctty_bug=1
80faa19f 255 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 256 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 257 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 258 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 259 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 260 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
261 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 262 inet6_default_4in6=yes
bf7c1e6c 263 case `uname -r` in
ad84c479 264 1.*|2.0.*)
bf7c1e6c 265 AC_DEFINE(BROKEN_CMSG_TYPE)
266 ;;
bf7c1e6c 267 esac
5cdfe03f 268 ;;
66d6c27e 269mips-sony-bsd|mips-sony-newsos4)
270 AC_DEFINE(HAVE_NEWS4)
271 SONY=1
66d6c27e 272 ;;
d468fc76 273*-*-netbsd*)
33e2e066 274 check_for_libcrypt_before=1
e6354014 275 if test "x$withval" != "xno" ; then
276 need_dash_r=1
277 fi
d468fc76 278 ;;
86b416a7 279*-*-freebsd*)
280 check_for_libcrypt_later=1
281 ;;
8707b7eb 282*-*-bsdi*)
283 AC_DEFINE(SETEUID_BREAKS_SETUID)
284 AC_DEFINE(BROKEN_SETREUID)
285 AC_DEFINE(BROKEN_SETREGID)
286 ;;
729bfe59 287*-next-*)
729bfe59 288 conf_lastlog_location="/usr/adm/lastlog"
698d107e 289 conf_utmp_location=/etc/utmp
290 conf_wtmp_location=/usr/adm/wtmp
291 MAIL=/usr/spool/mail
729bfe59 292 AC_DEFINE(HAVE_NEXT)
443172c4 293 AC_DEFINE(BROKEN_REALPATH)
00937921 294 AC_DEFINE(USE_PIPES)
86b416a7 295 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 296 ;;
9d6b1b96 297*-*-solaris*)
010e9d5b 298 if test "x$withval" != "xno" ; then
299 need_dash_r=1
300 fi
adeebd37 301 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 302 AC_DEFINE(LOGIN_NEEDS_UTMPX)
303 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 304 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 305 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 306 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 307 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
308 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 309 external_path_file=/etc/default/login
1d7b9b20 310 # hardwire lastlog location (can't detect it on some versions)
311 conf_lastlog_location="/var/adm/lastlog"
32c80420 312 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
313 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
314 if test "$sol2ver" -ge 8; then
315 AC_MSG_RESULT(yes)
316 AC_DEFINE(DISABLE_UTMP)
317 AC_DEFINE(DISABLE_WTMP)
318 else
319 AC_MSG_RESULT(no)
320 fi
9d6b1b96 321 ;;
a423beaf 322*-*-sunos4*)
0c2fb82f 323 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 324 AC_CHECK_FUNCS(getpwanam)
adeebd37 325 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 326 conf_utmp_location=/etc/utmp
327 conf_wtmp_location=/var/adm/wtmp
328 conf_lastlog_location=/var/adm/lastlog
137d7b6c 329 AC_DEFINE(USE_PIPES)
a423beaf 330 ;;
6f68f28a 331*-ncr-sysv*)
98a7c37b 332 LIBS="$LIBS -lc89"
29525240 333 AC_DEFINE(USE_PIPES)
eabb99c6 334 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 335 AC_DEFINE(SETEUID_BREAKS_SETUID)
336 AC_DEFINE(BROKEN_SETREUID)
337 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 338 ;;
132dd316 339*-sni-sysv*)
c8c15bcb 340 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 341 AC_CHECK_LIB(dl, dlsym, ,)
9548d6c8 342 IPADDR_IN_DISPLAY=yes
343 AC_DEFINE(USE_PIPES)
132dd316 344 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 345 AC_DEFINE(SETEUID_BREAKS_SETUID)
346 AC_DEFINE(BROKEN_SETREUID)
347 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 348 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 349 external_path_file=/etc/default/login
c8c15bcb 350 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
351 # Attention: always take care to bind libsocket and libnsl before libc,
352 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 353 ;;
79a7ba96 354# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 355*-*-sysv4.2*)
ed6553e2 356 AC_DEFINE(USE_PIPES)
7ed101c0 357 AC_DEFINE(SETEUID_BREAKS_SETUID)
358 AC_DEFINE(BROKEN_SETREUID)
359 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 360 ;;
79a7ba96 361# UnixWare 7.x, OpenUNIX 8
77bb0bca 362*-*-sysv5*)
ed6553e2 363 AC_DEFINE(USE_PIPES)
7ed101c0 364 AC_DEFINE(SETEUID_BREAKS_SETUID)
365 AC_DEFINE(BROKEN_SETREUID)
366 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 367 ;;
9d6b1b96 368*-*-sysv*)
9d6b1b96 369 ;;
79a7ba96 370# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 371*-*-sco3.2v4*)
0a15d73b 372 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize"
f9e4952c 373 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm"
77bb0bca 374 RANLIB=true
ed6553e2 375 no_dev_ptmx=1
77bb0bca 376 AC_DEFINE(BROKEN_SYS_TERMIO_H)
ed6553e2 377 AC_DEFINE(USE_PIPES)
6e879cb4 378 AC_DEFINE(HAVE_SECUREWARE)
d287c664 379 AC_DEFINE(DISABLE_SHADOW)
86b416a7 380 AC_DEFINE(BROKEN_SAVED_UIDS)
9ff90d99 381 AC_DEFINE(SETEUID_BREAKS_SETUID)
382 AC_DEFINE(BROKEN_SETREUID)
383 AC_DEFINE(BROKEN_SETREGID)
bcebad47 384 AC_DEFINE(WITH_ABBREV_NO_TTY)
aca75d94 385 AC_CHECK_FUNCS(getluid setluid)
533875af 386 MANTYPE=man
98a7c37b 387 do_sco3_extra_lib_check=yes
a3245b92 388 TEST_SHELL=ksh
77bb0bca 389 ;;
79a7ba96 390# SCO OpenServer 5.x
77bb0bca 391*-*-sco3.2v5*)
21710e39 392 if test -z "$GCC"; then
393 CFLAGS="$CFLAGS -belf"
394 fi
ed6553e2 395 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 396 no_dev_ptmx=1
ed6553e2 397 AC_DEFINE(USE_PIPES)
6e879cb4 398 AC_DEFINE(HAVE_SECUREWARE)
d287c664 399 AC_DEFINE(DISABLE_SHADOW)
94d8258b 400 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 401 AC_DEFINE(SETEUID_BREAKS_SETUID)
402 AC_DEFINE(BROKEN_SETREUID)
403 AC_DEFINE(BROKEN_SETREGID)
bcebad47 404 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 405 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 406 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 407 AC_CHECK_FUNCS(getluid setluid)
533875af 408 MANTYPE=man
a3245b92 409 TEST_SHELL=ksh
509b1f88 410 ;;
ccbb983c 411*-*-unicosmk*)
c1ad5966 412 AC_DEFINE(NO_SSH_LASTLOG)
413 AC_DEFINE(SETEUID_BREAKS_SETUID)
414 AC_DEFINE(BROKEN_SETREUID)
415 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 416 AC_DEFINE(USE_PIPES)
417 AC_DEFINE(DISABLE_FD_PASSING)
418 LDFLAGS="$LDFLAGS"
419 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
420 MANTYPE=cat
d262b7f2 421 ;;
7b9a8c6e 422*-*-unicosmp*)
c1ad5966 423 AC_DEFINE(SETEUID_BREAKS_SETUID)
424 AC_DEFINE(BROKEN_SETREUID)
425 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 426 AC_DEFINE(WITH_ABBREV_NO_TTY)
427 AC_DEFINE(USE_PIPES)
428 AC_DEFINE(DISABLE_FD_PASSING)
429 LDFLAGS="$LDFLAGS"
c1ad5966 430 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 431 MANTYPE=cat
432 ;;
ca5c7d6a 433*-*-unicos*)
c1ad5966 434 AC_DEFINE(SETEUID_BREAKS_SETUID)
435 AC_DEFINE(BROKEN_SETREUID)
436 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 437 AC_DEFINE(USE_PIPES)
94d8258b 438 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 439 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 440 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
441 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
442 MANTYPE=cat
a704dd54 443 ;;
4d33e531 444*-dec-osf*)
99c8ddac 445 AC_MSG_CHECKING(for Digital Unix SIA)
446 no_osfsia=""
447 AC_ARG_WITH(osfsia,
448 [ --with-osfsia Enable Digital Unix SIA],
449 [
450 if test "x$withval" = "xno" ; then
451 AC_MSG_RESULT(disabled)
452 no_osfsia=1
453 fi
454 ],
455 )
456 if test -z "$no_osfsia" ; then
4d33e531 457 if test -f /etc/sia/matrix.conf; then
458 AC_MSG_RESULT(yes)
459 AC_DEFINE(HAVE_OSF_SIA)
460 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 461 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 462 LIBS="$LIBS -lsecurity -ldb -lm -laud"
463 else
464 AC_MSG_RESULT(no)
dbf8efb3 465 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 466 fi
467 fi
a6e67b60 468 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 469 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 470 AC_DEFINE(BROKEN_SETREUID)
471 AC_DEFINE(BROKEN_SETREGID)
4d33e531 472 ;;
41cb4569 473
474*-*-nto-qnx)
475 AC_DEFINE(USE_PIPES)
476 AC_DEFINE(NO_X11_UNIX_SOCKETS)
477 AC_DEFINE(MISSING_NFDBITS)
478 AC_DEFINE(MISSING_HOWMANY)
479 AC_DEFINE(MISSING_FD_MASK)
480 ;;
a7effaac 481esac
482
8e7b16f8 483# Allow user to specify flags
484AC_ARG_WITH(cflags,
485 [ --with-cflags Specify additional flags to pass to compiler],
486 [
487 if test "x$withval" != "xno" ; then
488 CFLAGS="$CFLAGS $withval"
489 fi
490 ]
491)
0c2fb82f 492AC_ARG_WITH(cppflags,
493 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
494 [
495 if test "x$withval" != "xno"; then
496 CPPFLAGS="$CPPFLAGS $withval"
497 fi
498 ]
499)
8e7b16f8 500AC_ARG_WITH(ldflags,
97b378bf 501 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 502 [
503 if test "x$withval" != "xno" ; then
504 LDFLAGS="$LDFLAGS $withval"
505 fi
506 ]
507)
508AC_ARG_WITH(libs,
509 [ --with-libs Specify additional libraries to link with],
510 [
511 if test "x$withval" != "xno" ; then
512 LIBS="$LIBS $withval"
513 fi
514 ]
515)
516
c5829391 517AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 518AC_RUN_IFELSE(
519 [AC_LANG_SOURCE([
c5829391 520#include <stdio.h>
521int main(){exit(0);}
479cece8 522 ])],
c5829391 523 [ AC_MSG_RESULT(yes) ],
524 [
525 AC_MSG_RESULT(no)
526 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 527 ],
528 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 529)
530
ddceb1c8 531# Checks for header files.
419e26e7 532AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
533 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
534 login_cap.h maillock.h ndir.h netdb.h netgroup.h \
2511d104 535 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
5bbbc661 536 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
419e26e7 537 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
538 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
765a24cd 539 sys/pstat.h sys/select.h sys/stat.h sys/stream.h \
419e26e7 540 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
541 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
ddceb1c8 542
765a24cd 543# sys/ptms.h requires sys/stream.h to be included first on Solaris
544AC_CHECK_HEADERS(sys/ptms.h, [], [], [
545#ifdef HAVE_SYS_STREAM_H
546# include <sys/stream.h>
547#endif
548])
549
a0391976 550# Checks for libraries.
98a7c37b 551AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
552AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 553
f61d6b17 554dnl SCO OS3 needs this for libwrap
98a7c37b 555if test "x$with_tcp_wrappers" != "xno" ; then
556 if test "x$do_sco3_extra_lib_check" = "xyes" ; then
557 AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc)
558 fi
559fi
560
446227d6 561dnl IRIX and Solaris 2.5.1 have dirname() in libgen
562AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
563 AC_CHECK_LIB(gen, dirname,[
564 AC_CACHE_CHECK([for broken dirname],
565 ac_cv_have_broken_dirname, [
566 save_LIBS="$LIBS"
567 LIBS="$LIBS -lgen"
568 AC_TRY_RUN(
569 [
570#include <libgen.h>
571#include <string.h>
572
573int main(int argc, char **argv) {
574 char *s, buf[32];
575
576 strncpy(buf,"/etc", 32);
577 s = dirname(buf);
578 if (!s || strncmp(s, "/", 32) != 0) {
579 exit(1);
580 } else {
581 exit(0);
582 }
583}
584 ],
585 [ ac_cv_have_broken_dirname="no" ],
586 [ ac_cv_have_broken_dirname="yes" ]
587 )
588 LIBS="$save_LIBS"
589 ])
590 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
591 LIBS="$LIBS -lgen"
592 AC_DEFINE(HAVE_DIRNAME)
593 AC_CHECK_HEADERS(libgen.h)
594 fi
595 ])
596])
597
598AC_CHECK_FUNC(getspnam, ,
599 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
600AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
601
98a7c37b 602dnl zlib is required
603AC_ARG_WITH(zlib,
604 [ --with-zlib=PATH Use zlib in PATH],
605 [
846f83ab 606 if test "x$withval" = "xno" ; then
f1b0ecc3 607 AC_MSG_ERROR([*** zlib is required ***])
608 fi
98a7c37b 609 if test -d "$withval/lib"; then
610 if test -n "${need_dash_r}"; then
5a162955 611 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 612 else
5a162955 613 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 614 fi
615 else
616 if test -n "${need_dash_r}"; then
5a162955 617 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 618 else
5a162955 619 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 620 fi
621 fi
622 if test -d "$withval/include"; then
5a162955 623 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 624 else
5a162955 625 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 626 fi
627 ]
628)
629
0a15d73b 630AC_CHECK_LIB(z, deflate, ,
631 [
632 saved_CPPFLAGS="$CPPFLAGS"
633 saved_LDFLAGS="$LDFLAGS"
634 save_LIBS="$LIBS"
635 dnl Check default zlib install dir
636 if test -n "${need_dash_r}"; then
637 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
638 else
639 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
640 fi
641 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
642 LIBS="$LIBS -lz"
643 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
644 [
645 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
646 ]
647 )
648 ]
649)
4ad65809 650AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 651
652AC_ARG_WITH(zlib-version-check,
653 [ --without-zlib-version-check Disable zlib version check],
654 [ if test "x$withval" = "xno" ; then
655 zlib_check_nonfatal=1
656 fi
657 ]
658)
659
4ad65809 660AC_MSG_CHECKING(for zlib 1.1.4 or greater)
479cece8 661AC_RUN_IFELSE([AC_LANG_SOURCE([[
4ad65809 662#include <zlib.h>
663int main()
664{
665 int a, b, c, v;
666 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
667 exit(1);
668 v = a*1000000 + b*1000 + c;
669 if (v >= 1001004)
670 exit(0);
671 exit(2);
672}
479cece8 673 ]])],
4ad65809 674 AC_MSG_RESULT(yes),
675 [ AC_MSG_RESULT(no)
8068d564 676 if test -z "$zlib_check_nonfatal" ; then
677 AC_MSG_ERROR([*** zlib too old - check config.log ***
678Your reported zlib version has known security problems. It's possible your
679vendor has fixed these problems without changing the version number. If you
680are sure this is the case, you can disable the check by running
681"./configure --without-zlib-version-check".
682If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
683 else
684 AC_MSG_WARN([zlib version may have security problems])
685 fi
1a01a50c 686 ],
687 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 688)
48e7916f 689
2c523de9 690dnl UnixWare 2.x
aff51935 691AC_CHECK_FUNC(strcasecmp,
2c523de9 692 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
693)
aff51935 694AC_CHECK_FUNC(utimes,
cda1ebcb 695 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
696 LIBS="$LIBS -lc89"]) ]
2c523de9 697)
4cca272e 698
7c6d759d 699dnl Checks for libutil functions
700AC_CHECK_HEADERS(libutil.h)
701AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
702AC_CHECK_FUNCS(logout updwtmp logwtmp)
703
a738c3b0 704AC_FUNC_STRFTIME
705
84ceda19 706# Check for ALTDIRFUNC glob() extension
707AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
708AC_EGREP_CPP(FOUNDIT,
709 [
710 #include <glob.h>
711 #ifdef GLOB_ALTDIRFUNC
712 FOUNDIT
713 #endif
aff51935 714 ],
84ceda19 715 [
716 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
717 AC_MSG_RESULT(yes)
718 ],
719 [
720 AC_MSG_RESULT(no)
721 ]
722)
4cca272e 723
40849fdb 724# Check for g.gl_matchc glob() extension
725AC_MSG_CHECKING(for gl_matchc field in glob_t)
726AC_EGREP_CPP(FOUNDIT,
aff51935 727 [
728 #include <glob.h>
40849fdb 729 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 730 ],
731 [
732 AC_DEFINE(GLOB_HAS_GL_MATCHC)
733 AC_MSG_RESULT(yes)
734 ],
735 [
736 AC_MSG_RESULT(no)
737 ]
40849fdb 738)
739
edbe6722 740AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 741AC_RUN_IFELSE(
479cece8 742 [AC_LANG_SOURCE([[
edbe6722 743#include <sys/types.h>
744#include <dirent.h>
aec4cb4f 745int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 746 ]])],
aff51935 747 [AC_MSG_RESULT(yes)],
edbe6722 748 [
749 AC_MSG_RESULT(no)
750 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 751 ],
752 [
753 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
754 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 755 ]
756)
757
419e26e7 758AC_MSG_CHECKING([for /proc/pid/fd directory])
759if test -d "/proc/$$/fd" ; then
760 AC_DEFINE(HAVE_PROC_PID)
761 AC_MSG_RESULT(yes)
762else
763 AC_MSG_RESULT(no)
764fi
765
278588d8 766# Check whether user wants S/Key support
aff51935 767SKEY_MSG="no"
278588d8 768AC_ARG_WITH(skey,
6ff3d0dc 769 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 770 [
771 if test "x$withval" != "xno" ; then
772
773 if test "x$withval" != "xyes" ; then
774 CPPFLAGS="$CPPFLAGS -I${withval}/include"
775 LDFLAGS="$LDFLAGS -L${withval}/lib"
776 fi
777
778 AC_DEFINE(SKEY)
779 LIBS="-lskey $LIBS"
aff51935 780 SKEY_MSG="yes"
278588d8 781
ddceb1c8 782 AC_MSG_CHECKING([for s/key support])
783 AC_TRY_RUN(
784 [
785#include <stdio.h>
786#include <skey.h>
aec4cb4f 787int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 788 ],
789 [AC_MSG_RESULT(yes)],
278588d8 790 [
ddceb1c8 791 AC_MSG_RESULT(no)
278588d8 792 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
793 ])
141fc639 794 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
795 AC_TRY_COMPILE(
796 [#include <stdio.h>
797 #include <skey.h>],
798 [(void)skeychallenge(NULL,"name","",0);],
799 [AC_MSG_RESULT(yes)
800 AC_DEFINE(SKEYCHALLENGE_4ARG)],
801 [AC_MSG_RESULT(no)]
802 )
278588d8 803 fi
804 ]
805)
806
807# Check whether user wants TCP wrappers support
98a7c37b 808TCPW_MSG="no"
278588d8 809AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 810 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 811 [
812 if test "x$withval" != "xno" ; then
813 saved_LIBS="$LIBS"
98a7c37b 814 saved_LDFLAGS="$LDFLAGS"
815 saved_CPPFLAGS="$CPPFLAGS"
816 if test -n "${withval}" -a "${withval}" != "yes"; then
817 if test -d "${withval}/lib"; then
818 if test -n "${need_dash_r}"; then
5a162955 819 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 820 else
5a162955 821 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 822 fi
823 else
824 if test -n "${need_dash_r}"; then
5a162955 825 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 826 else
5a162955 827 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 828 fi
829 fi
830 if test -d "${withval}/include"; then
5a162955 831 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 832 else
5a162955 833 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 834 fi
98a7c37b 835 fi
ddceb1c8 836 LIBWRAP="-lwrap"
837 LIBS="$LIBWRAP $LIBS"
278588d8 838 AC_MSG_CHECKING(for libwrap)
839 AC_TRY_LINK(
840 [
77f09220 841#include <sys/types.h>
842#include <sys/socket.h>
843#include <netinet/in.h>
278588d8 844#include <tcpd.h>
845 int deny_severity = 0, allow_severity = 0;
846 ],
847 [hosts_access(0);],
848 [
849 AC_MSG_RESULT(yes)
850 AC_DEFINE(LIBWRAP)
ddceb1c8 851 AC_SUBST(LIBWRAP)
98a7c37b 852 TCPW_MSG="yes"
278588d8 853 ],
854 [
855 AC_MSG_ERROR([*** libwrap missing])
856 ]
857 )
ddceb1c8 858 LIBS="$saved_LIBS"
278588d8 859 fi
860 ]
861)
862
59031773 863# Check whether user wants libedit support
864LIBEDIT_MSG="no"
865AC_ARG_WITH(libedit,
6ff3d0dc 866 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 867 [ if test "x$withval" != "xno" ; then
868 AC_CHECK_LIB(edit, el_init,
869 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
870 LIBEDIT="-ledit -lcurses"
871 LIBEDIT_MSG="yes"
872 AC_SUBST(LIBEDIT)
873 ],
874 [], [-lcurses]
875 )
876 fi ]
877)
878
19160674 879dnl Checks for library functions. Please keep in alphabetical order
880AC_CHECK_FUNCS(\
2909d712 881 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
667abcc6 882 bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \
883 freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \
884 getopt getpeereid _getpty getrlimit getttyent glob inet_aton \
19160674 885 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
79d4fc55 886 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
e7f6070d 887 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
79d4fc55 888 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
3f176010 889 setproctitle setregid setreuid setrlimit \
688eed4a 890 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
7111a85c 891 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
351f44a0 892 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
19160674 893)
98a7c37b 894
1a086f97 895# IRIX has a const char return value for gai_strerror()
896AC_CHECK_FUNCS(gai_strerror,[
897 AC_DEFINE(HAVE_GAI_STRERROR)
898 AC_TRY_COMPILE([
899#include <sys/types.h>
900#include <sys/socket.h>
901#include <netdb.h>
902
903const char *gai_strerror(int);],[
904char *str;
905
906str = gai_strerror(0);],[
907 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
908 [Define if gai_strerror() returns const char *])])])
909
92b1decf 910AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
911
309709db 912dnl Make sure prototypes are defined for these before using them.
08412d26 913AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
309709db 914AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
08412d26 915
3490699c 916dnl tcsendbreak might be a macro
917AC_CHECK_DECL(tcsendbreak,
918 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 919 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 920 [#include <termios.h>]
921)
922
41e0e158 923AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
924
3f176010 925AC_CHECK_FUNCS(setresuid, [
926 dnl Some platorms have setresuid that isn't implemented, test for this
927 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 928 AC_RUN_IFELSE(
929 [AC_LANG_SOURCE([[
9a3fe0e2 930#include <stdlib.h>
931#include <errno.h>
932int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 933 ]])],
3f176010 934 [AC_MSG_RESULT(yes)],
24a9171d 935 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 936 AC_MSG_RESULT(not implemented)],
937 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 938 )
939])
9a3fe0e2 940
3f176010 941AC_CHECK_FUNCS(setresgid, [
942 dnl Some platorms have setresgid that isn't implemented, test for this
943 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 944 AC_RUN_IFELSE(
945 [AC_LANG_SOURCE([[
9a3fe0e2 946#include <stdlib.h>
947#include <errno.h>
948int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 949 ]])],
3f176010 950 [AC_MSG_RESULT(yes)],
951 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 952 AC_MSG_RESULT(not implemented)],
953 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 954 )
955])
9a3fe0e2 956
2e73a022 957dnl Checks for time functions
1d7b9b20 958AC_CHECK_FUNCS(gettimeofday time)
2e73a022 959dnl Checks for utmp functions
b03bd394 960AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 961AC_CHECK_FUNCS(utmpname)
2e73a022 962dnl Checks for utmpx functions
b03bd394 963AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 964AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 965
aff51935 966AC_CHECK_FUNC(daemon,
beb43d31 967 [AC_DEFINE(HAVE_DAEMON)],
968 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
969)
970
aff51935 971AC_CHECK_FUNC(getpagesize,
aa6bd60a 972 [AC_DEFINE(HAVE_GETPAGESIZE)],
973 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
974)
975
2647ae26 976# Check for broken snprintf
977if test "x$ac_cv_func_snprintf" = "xyes" ; then
978 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 979 AC_RUN_IFELSE(
479cece8 980 [AC_LANG_SOURCE([[
2647ae26 981#include <stdio.h>
aec4cb4f 982int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 983 ]])],
aff51935 984 [AC_MSG_RESULT(yes)],
2647ae26 985 [
986 AC_MSG_RESULT(no)
987 AC_DEFINE(BROKEN_SNPRINTF)
988 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 989 ],
990 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 991 )
992fi
993
2f6f9cff 994# Check for missing getpeereid (or equiv) support
995NO_PEERCHECK=""
996if test "x$ac_cv_func_getpeereid" != "xyes" ; then
997 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
998 AC_TRY_COMPILE(
999 [#include <sys/types.h>
1000 #include <sys/socket.h>],
1001 [int i = SO_PEERCRED;],
1002 [AC_MSG_RESULT(yes)],
1003 [AC_MSG_RESULT(no)
1004 NO_PEERCHECK=1]
1005 )
1006fi
1007
70e7d0b0 1008dnl see whether mkstemp() requires XXXXXX
1009if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1010AC_MSG_CHECKING([for (overly) strict mkstemp])
1011AC_TRY_RUN(
1012 [
1013#include <stdlib.h>
1014main() { char template[]="conftest.mkstemp-test";
1015if (mkstemp(template) == -1)
1016 exit(1);
1017unlink(template); exit(0);
1018}
1019 ],
1020 [
1021 AC_MSG_RESULT(no)
1022 ],
aff51935 1023 [
70e7d0b0 1024 AC_MSG_RESULT(yes)
1025 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1026 ],
1027 [
1028 AC_MSG_RESULT(yes)
1029 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1030 ]
70e7d0b0 1031)
1032fi
1033
eacb954e 1034dnl make sure that openpty does not reacquire controlling terminal
1035if test ! -z "$check_for_openpty_ctty_bug"; then
1036 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1037 AC_TRY_RUN(
1038 [
1039#include <stdio.h>
1040#include <sys/fcntl.h>
1041#include <sys/types.h>
1042#include <sys/wait.h>
1043
1044int
1045main()
1046{
1047 pid_t pid;
1048 int fd, ptyfd, ttyfd, status;
1049
1050 pid = fork();
1051 if (pid < 0) { /* failed */
1052 exit(1);
1053 } else if (pid > 0) { /* parent */
1054 waitpid(pid, &status, 0);
aff51935 1055 if (WIFEXITED(status))
eacb954e 1056 exit(WEXITSTATUS(status));
1057 else
1058 exit(2);
1059 } else { /* child */
1060 close(0); close(1); close(2);
1061 setsid();
1062 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1063 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1064 if (fd >= 0)
1065 exit(3); /* Acquired ctty: broken */
1066 else
1067 exit(0); /* Did not acquire ctty: OK */
1068 }
1069}
1070 ],
1071 [
1072 AC_MSG_RESULT(yes)
1073 ],
1074 [
1075 AC_MSG_RESULT(no)
1076 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1077 ]
1078 )
1079fi
1080
2fe51906 1081if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
1082 AC_MSG_CHECKING(if getaddrinfo seems to work)
1083 AC_TRY_RUN(
1084 [
1085#include <stdio.h>
1086#include <sys/socket.h>
1087#include <netdb.h>
1088#include <errno.h>
1089#include <netinet/in.h>
1090
1091#define TEST_PORT "2222"
1092
1093int
1094main(void)
1095{
1096 int err, sock;
1097 struct addrinfo *gai_ai, *ai, hints;
1098 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1099
1100 memset(&hints, 0, sizeof(hints));
1101 hints.ai_family = PF_UNSPEC;
1102 hints.ai_socktype = SOCK_STREAM;
1103 hints.ai_flags = AI_PASSIVE;
1104
1105 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1106 if (err != 0) {
1107 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1108 exit(1);
1109 }
1110
1111 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1112 if (ai->ai_family != AF_INET6)
1113 continue;
1114
1115 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1116 sizeof(ntop), strport, sizeof(strport),
1117 NI_NUMERICHOST|NI_NUMERICSERV);
1118
1119 if (err != 0) {
1120 if (err == EAI_SYSTEM)
1121 perror("getnameinfo EAI_SYSTEM");
1122 else
1123 fprintf(stderr, "getnameinfo failed: %s\n",
1124 gai_strerror(err));
1125 exit(2);
1126 }
1127
1128 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1129 if (sock < 0)
1130 perror("socket");
1131 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1132 if (errno == EBADF)
1133 exit(3);
1134 }
1135 }
1136 exit(0);
1137}
1138 ],
1139 [
1140 AC_MSG_RESULT(yes)
1141 ],
1142 [
1143 AC_MSG_RESULT(no)
1144 AC_DEFINE(BROKEN_GETADDRINFO)
1145 ]
1146 )
1147fi
1148
b29fd59f 1149if test "x$check_for_conflicting_getspnam" = "x1"; then
1150 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1151 AC_COMPILE_IFELSE(
1152 [
1153#include <shadow.h>
1154int main(void) {exit(0);}
1155 ],
1156 [
1157 AC_MSG_RESULT(no)
1158 ],
1159 [
1160 AC_MSG_RESULT(yes)
1161 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1162 [Conflicting defs for getspnam])
1163 ]
1164 )
1165fi
1166
7f8f5e00 1167AC_FUNC_GETPGRP
1168
717057b6 1169# Check for PAM libs
cbd7492e 1170PAM_MSG="no"
a0391976 1171AC_ARG_WITH(pam,
717057b6 1172 [ --with-pam Enable PAM support ],
a0391976 1173 [
717057b6 1174 if test "x$withval" != "xno" ; then
2511d104 1175 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1176 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1177 AC_MSG_ERROR([PAM headers not found])
1178 fi
a0391976 1179
717057b6 1180 AC_CHECK_LIB(dl, dlopen, , )
1181 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1182 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1183 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1184
717057b6 1185 PAM_MSG="yes"
4cb5ffa0 1186
717057b6 1187 AC_DEFINE(USE_PAM)
98f2d9d5 1188 if test $ac_cv_lib_dl_dlopen = yes; then
1189 LIBPAM="-lpam -ldl"
1190 else
1191 LIBPAM="-lpam"
1192 fi
1193 AC_SUBST(LIBPAM)
717057b6 1194 fi
1195 ]
1196)
cbd7492e 1197
717057b6 1198# Check for older PAM
1199if test "x$PAM_MSG" = "xyes" ; then
a0391976 1200 # Check PAM strerror arguments (old PAM)
1201 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1202 AC_TRY_COMPILE(
1203 [
18ba2aab 1204#include <stdlib.h>
2511d104 1205#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1206#include <security/pam_appl.h>
2511d104 1207#elif defined (HAVE_PAM_PAM_APPL_H)
1208#include <pam/pam_appl.h>
1209#endif
aff51935 1210 ],
1211 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1212 [AC_MSG_RESULT(no)],
1213 [
1214 AC_DEFINE(HAVE_OLD_PAM)
1215 AC_MSG_RESULT(yes)
cbd7492e 1216 PAM_MSG="yes (old library)"
a0391976 1217 ]
717057b6 1218 )
a0391976 1219fi
1220
5b991353 1221# Search for OpenSSL
1222saved_CPPFLAGS="$CPPFLAGS"
1223saved_LDFLAGS="$LDFLAGS"
a0391976 1224AC_ARG_WITH(ssl-dir,
1225 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1226 [
e9e4a1c7 1227 if test "x$withval" != "xno" ; then
99eb0f64 1228 case "$withval" in
1229 # Relative paths
1230 ./*|../*) withval="`pwd`/$withval"
1231 esac
5b991353 1232 if test -d "$withval/lib"; then
1233 if test -n "${need_dash_r}"; then
1234 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1235 else
1236 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1237 fi
1238 else
5b991353 1239 if test -n "${need_dash_r}"; then
1240 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1241 else
1242 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1243 fi
1244 fi
5b991353 1245 if test -d "$withval/include"; then
1246 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1247 else
5b991353 1248 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1249 fi
a0391976 1250 fi
5b991353 1251 ]
1252)
5486a457 1253LIBS="-lcrypto $LIBS"
5b991353 1254AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1255 [
5b991353 1256 dnl Check default openssl install dir
1257 if test -n "${need_dash_r}"; then
1258 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1259 else
5b991353 1260 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1261 fi
5b991353 1262 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1263 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1264 [
1265 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1266 ]
1267 )
1268 ]
1269)
1270
cd018561 1271# Determine OpenSSL header version
1272AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1273AC_RUN_IFELSE(
479cece8 1274 [AC_LANG_SOURCE([[
cd018561 1275#include <stdio.h>
1276#include <string.h>
1277#include <openssl/opensslv.h>
1278#define DATA "conftest.sslincver"
1279int main(void) {
aff51935 1280 FILE *fd;
1281 int rc;
cd018561 1282
aff51935 1283 fd = fopen(DATA,"w");
1284 if(fd == NULL)
1285 exit(1);
cd018561 1286
1287 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1288 exit(1);
1289
1290 exit(0);
1291}
479cece8 1292 ]])],
cd018561 1293 [
1294 ssl_header_ver=`cat conftest.sslincver`
1295 AC_MSG_RESULT($ssl_header_ver)
1296 ],
1297 [
1298 AC_MSG_RESULT(not found)
1299 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1300 ],
1301 [
1302 AC_MSG_WARN([cross compiling: not checking])
cd018561 1303 ]
1304)
1305
1306# Determine OpenSSL library version
1307AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1308AC_RUN_IFELSE(
479cece8 1309 [AC_LANG_SOURCE([[
cd018561 1310#include <stdio.h>
1311#include <string.h>
1312#include <openssl/opensslv.h>
1313#include <openssl/crypto.h>
1314#define DATA "conftest.ssllibver"
1315int main(void) {
aff51935 1316 FILE *fd;
1317 int rc;
cd018561 1318
aff51935 1319 fd = fopen(DATA,"w");
1320 if(fd == NULL)
1321 exit(1);
cd018561 1322
1323 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1324 exit(1);
1325
1326 exit(0);
1327}
479cece8 1328 ]])],
cd018561 1329 [
1330 ssl_library_ver=`cat conftest.ssllibver`
1331 AC_MSG_RESULT($ssl_library_ver)
1332 ],
1333 [
1334 AC_MSG_RESULT(not found)
1335 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1336 ],
1337 [
1338 AC_MSG_WARN([cross compiling: not checking])
cd018561 1339 ]
1340)
58d100bf 1341
9780116c 1342# Sanity check OpenSSL headers
1343AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1344AC_RUN_IFELSE(
479cece8 1345 [AC_LANG_SOURCE([[
9780116c 1346#include <string.h>
1347#include <openssl/opensslv.h>
aec4cb4f 1348int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1349 ]])],
9780116c 1350 [
1351 AC_MSG_RESULT(yes)
1352 ],
1353 [
1354 AC_MSG_RESULT(no)
e15ba28b 1355 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1356Check config.log for details.
1357Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1358 ],
1359 [
1360 AC_MSG_WARN([cross compiling: not checking])
9780116c 1361 ]
1362)
1363
5486a457 1364# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1365# because the system crypt() is more featureful.
1366if test "x$check_for_libcrypt_before" = "x1"; then
1367 AC_CHECK_LIB(crypt, crypt)
1368fi
1369
aff51935 1370# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1371# version in OpenSSL.
05114c74 1372if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1373 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1374fi
1375
f1b0ecc3 1376
1377### Configure cryptographic random number support
1378
1379# Check wheter OpenSSL seeds itself
1380AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1381AC_RUN_IFELSE(
479cece8 1382 [AC_LANG_SOURCE([[
f1b0ecc3 1383#include <string.h>
1384#include <openssl/rand.h>
aec4cb4f 1385int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1386 ]])],
f1b0ecc3 1387 [
1388 OPENSSL_SEEDS_ITSELF=yes
1389 AC_MSG_RESULT(yes)
1390 ],
1391 [
1392 AC_MSG_RESULT(no)
1393 # Default to use of the rand helper if OpenSSL doesn't
1394 # seed itself
1395 USE_RAND_HELPER=yes
1a01a50c 1396 ],
1397 [
1398 AC_MSG_WARN([cross compiling: assuming yes])
1399 # This is safe, since all recent OpenSSL versions will
1400 # complain at runtime if not seeded correctly.
1401 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1402 ]
1403)
1404
1405
1406# Do we want to force the use of the rand helper?
1407AC_ARG_WITH(rand-helper,
1408 [ --with-rand-helper Use subprocess to gather strong randomness ],
1409 [
1410 if test "x$withval" = "xno" ; then
aff51935 1411 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1412 # the previous test showed it to be unseeded.
1413 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1414 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1415 OPENSSL_SEEDS_ITSELF=yes
1416 USE_RAND_HELPER=""
1417 fi
1418 else
1419 USE_RAND_HELPER=yes
1420 fi
1421 ],
1422)
1423
1424# Which randomness source do we use?
1425if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1426 # OpenSSL only
1427 AC_DEFINE(OPENSSL_PRNG_ONLY)
1428 RAND_MSG="OpenSSL internal ONLY"
1429 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1430elif test ! -z "$USE_RAND_HELPER" ; then
1431 # install rand helper
f1b0ecc3 1432 RAND_MSG="ssh-rand-helper"
1433 INSTALL_SSH_RAND_HELPER="yes"
1434fi
1435AC_SUBST(INSTALL_SSH_RAND_HELPER)
1436
1437### Configuration of ssh-rand-helper
1438
1439# PRNGD TCP socket
1440AC_ARG_WITH(prngd-port,
1441 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1442 [
eb5d7ff6 1443 case "$withval" in
1444 no)
1445 withval=""
1446 ;;
1447 [[0-9]]*)
1448 ;;
1449 *)
1450 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1451 ;;
1452 esac
1453 if test ! -z "$withval" ; then
f1b0ecc3 1454 PRNGD_PORT="$withval"
1455 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1456 fi
1457 ]
1458)
1459
1460# PRNGD Unix domain socket
1461AC_ARG_WITH(prngd-socket,
1462 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1463 [
eb5d7ff6 1464 case "$withval" in
1465 yes)
f1b0ecc3 1466 withval="/var/run/egd-pool"
eb5d7ff6 1467 ;;
1468 no)
1469 withval=""
1470 ;;
1471 /*)
1472 ;;
1473 *)
1474 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1475 ;;
1476 esac
1477
1478 if test ! -z "$withval" ; then
f1b0ecc3 1479 if test ! -z "$PRNGD_PORT" ; then
1480 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1481 fi
906e811b 1482 if test ! -r "$withval" ; then
f1b0ecc3 1483 AC_MSG_WARN(Entropy socket is not readable)
1484 fi
1485 PRNGD_SOCKET="$withval"
1486 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1487 fi
ddceb1c8 1488 ],
1489 [
1490 # Check for existing socket only if we don't have a random device already
1491 if test "$USE_RAND_HELPER" = yes ; then
1492 AC_MSG_CHECKING(for PRNGD/EGD socket)
1493 # Insert other locations here
1494 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1495 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1496 PRNGD_SOCKET="$sock"
1497 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1498 break;
1499 fi
1500 done
1501 if test ! -z "$PRNGD_SOCKET" ; then
1502 AC_MSG_RESULT($PRNGD_SOCKET)
1503 else
1504 AC_MSG_RESULT(not found)
1505 fi
1506 fi
f1b0ecc3 1507 ]
1508)
1509
1510# Change default command timeout for hashing entropy source
1511entropy_timeout=200
1512AC_ARG_WITH(entropy-timeout,
1513 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1514 [
1515 if test "x$withval" != "xno" ; then
1516 entropy_timeout=$withval
1517 fi
1518 ]
1519)
f1b0ecc3 1520AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1521
fd3cbf67 1522SSH_PRIVSEP_USER=sshd
9a0fbcb3 1523AC_ARG_WITH(privsep-user,
5222e7ef 1524 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1525 [
1526 if test -n "$withval"; then
fd3cbf67 1527 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1528 fi
1529 ]
1530)
fd3cbf67 1531AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1532AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1533
81dadca3 1534# We do this little dance with the search path to insure
1535# that programs that we select for use by installed programs
1536# (which may be run by the super-user) come from trusted
1537# locations before they come from the user's private area.
1538# This should help avoid accidentally configuring some
1539# random version of a program in someone's personal bin.
1540
1541OPATH=$PATH
1542PATH=/bin:/usr/bin
f95c8ce8 1543test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1544test -d /sbin && PATH=$PATH:/sbin
1545test -d /usr/sbin && PATH=$PATH:/usr/sbin
1546PATH=$PATH:/etc:$OPATH
1547
aff51935 1548# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1549OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1550OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1551OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1552OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1553OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1554OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1555OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1556OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1557OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1558OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1559OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1560OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1561OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1562OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1563OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1564OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1565# restore PATH
1566PATH=$OPATH
f1b0ecc3 1567
1568# Where does ssh-rand-helper get its randomness from?
1569INSTALL_SSH_PRNG_CMDS=""
1570if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1571 if test ! -z "$PRNGD_PORT" ; then
1572 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1573 elif test ! -z "$PRNGD_SOCKET" ; then
1574 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1575 else
1576 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1577 RAND_HELPER_CMDHASH=yes
1578 INSTALL_SSH_PRNG_CMDS="yes"
1579 fi
1580fi
1581AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1582
1583
66d6c27e 1584# Cheap hack to ensure NEWS-OS libraries are arranged right.
1585if test ! -z "$SONY" ; then
1586 LIBS="$LIBS -liberty";
1587fi
1588
a0391976 1589# Checks for data types
976f7e19 1590AC_CHECK_SIZEOF(char, 1)
2b942fe0 1591AC_CHECK_SIZEOF(short int, 2)
1592AC_CHECK_SIZEOF(int, 4)
1593AC_CHECK_SIZEOF(long int, 4)
1594AC_CHECK_SIZEOF(long long int, 8)
1595
52f1ccb2 1596# Sanity check long long for some platforms (AIX)
1597if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1598 ac_cv_sizeof_long_long_int=0
1599fi
1600
a0391976 1601# More checks for data types
14a9a859 1602AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1603 AC_TRY_COMPILE(
aff51935 1604 [ #include <sys/types.h> ],
1605 [ u_int a; a = 1;],
14a9a859 1606 [ ac_cv_have_u_int="yes" ],
1607 [ ac_cv_have_u_int="no" ]
1608 )
1609])
1610if test "x$ac_cv_have_u_int" = "xyes" ; then
1611 AC_DEFINE(HAVE_U_INT)
1612 have_u_int=1
1613fi
1614
58d100bf 1615AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1616 AC_TRY_COMPILE(
aff51935 1617 [ #include <sys/types.h> ],
1618 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1619 [ ac_cv_have_intxx_t="yes" ],
1620 [ ac_cv_have_intxx_t="no" ]
1621 )
1622])
1623if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1624 AC_DEFINE(HAVE_INTXX_T)
1625 have_intxx_t=1
1626fi
41cb4569 1627
1628if (test -z "$have_intxx_t" && \
aff51935 1629 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1630then
1631 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1632 AC_TRY_COMPILE(
aff51935 1633 [ #include <stdint.h> ],
1634 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1635 [
1636 AC_DEFINE(HAVE_INTXX_T)
1637 AC_MSG_RESULT(yes)
1638 ],
1639 [ AC_MSG_RESULT(no) ]
1640 )
1641fi
1642
bd590612 1643AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1644 AC_TRY_COMPILE(
1cbbe6c8 1645 [
1646#include <sys/types.h>
1647#ifdef HAVE_STDINT_H
1648# include <stdint.h>
1649#endif
1650#include <sys/socket.h>
1651#ifdef HAVE_SYS_BITYPES_H
1652# include <sys/bitypes.h>
1653#endif
aff51935 1654 ],
1655 [ int64_t a; a = 1;],
bd590612 1656 [ ac_cv_have_int64_t="yes" ],
1657 [ ac_cv_have_int64_t="no" ]
1658 )
1659])
1660if test "x$ac_cv_have_int64_t" = "xyes" ; then
1661 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1662fi
1663
58d100bf 1664AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1665 AC_TRY_COMPILE(
aff51935 1666 [ #include <sys/types.h> ],
1667 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1668 [ ac_cv_have_u_intxx_t="yes" ],
1669 [ ac_cv_have_u_intxx_t="no" ]
1670 )
1671])
1672if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1673 AC_DEFINE(HAVE_U_INTXX_T)
1674 have_u_intxx_t=1
1675fi
2b942fe0 1676
41cb4569 1677if test -z "$have_u_intxx_t" ; then
1678 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1679 AC_TRY_COMPILE(
aff51935 1680 [ #include <sys/socket.h> ],
1681 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1682 [
1683 AC_DEFINE(HAVE_U_INTXX_T)
1684 AC_MSG_RESULT(yes)
1685 ],
1686 [ AC_MSG_RESULT(no) ]
1687 )
1688fi
1689
bd590612 1690AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1691 AC_TRY_COMPILE(
aff51935 1692 [ #include <sys/types.h> ],
1693 [ u_int64_t a; a = 1;],
bd590612 1694 [ ac_cv_have_u_int64_t="yes" ],
1695 [ ac_cv_have_u_int64_t="no" ]
1696 )
1697])
1698if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1699 AC_DEFINE(HAVE_U_INT64_T)
1700 have_u_int64_t=1
1701fi
1702
ddceb1c8 1703if test -z "$have_u_int64_t" ; then
1704 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1705 AC_TRY_COMPILE(
aff51935 1706 [ #include <sys/bitypes.h> ],
ddceb1c8 1707 [ u_int64_t a; a = 1],
1708 [
1709 AC_DEFINE(HAVE_U_INT64_T)
1710 AC_MSG_RESULT(yes)
1711 ],
1712 [ AC_MSG_RESULT(no) ]
1713 )
1714fi
1715
41cb4569 1716if test -z "$have_u_intxx_t" ; then
1717 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1718 AC_TRY_COMPILE(
1719 [
1720#include <sys/types.h>
aff51935 1721 ],
1722 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 1723 [ ac_cv_have_uintxx_t="yes" ],
1724 [ ac_cv_have_uintxx_t="no" ]
1725 )
1726 ])
1727 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1728 AC_DEFINE(HAVE_UINTXX_T)
1729 fi
1730fi
1731
1732if test -z "$have_uintxx_t" ; then
1733 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1734 AC_TRY_COMPILE(
aff51935 1735 [ #include <stdint.h> ],
1736 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 1737 [
1738 AC_DEFINE(HAVE_UINTXX_T)
1739 AC_MSG_RESULT(yes)
1740 ],
1741 [ AC_MSG_RESULT(no) ]
1742 )
1743fi
1744
e5fe9a1f 1745if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 1746 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1747then
1748 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1749 AC_TRY_COMPILE(
58d100bf 1750 [
1751#include <sys/bitypes.h>
aff51935 1752 ],
5cdfe03f 1753 [
837c30b8 1754 int8_t a; int16_t b; int32_t c;
1755 u_int8_t e; u_int16_t f; u_int32_t g;
1756 a = b = c = e = f = g = 1;
aff51935 1757 ],
5cdfe03f 1758 [
1759 AC_DEFINE(HAVE_U_INTXX_T)
1760 AC_DEFINE(HAVE_INTXX_T)
1761 AC_MSG_RESULT(yes)
1762 ],
1763 [AC_MSG_RESULT(no)]
aff51935 1764 )
5cdfe03f 1765fi
1766
0362750e 1767
1768AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1769 AC_TRY_COMPILE(
1770 [
1771#include <sys/types.h>
1772 ],
1773 [ u_char foo; foo = 125; ],
1774 [ ac_cv_have_u_char="yes" ],
1775 [ ac_cv_have_u_char="no" ]
1776 )
1777])
1778if test "x$ac_cv_have_u_char" = "xyes" ; then
1779 AC_DEFINE(HAVE_U_CHAR)
1780fi
1781
98a7c37b 1782TYPE_SOCKLEN_T
2b942fe0 1783
2d16d9a3 1784AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 1785
58d100bf 1786AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1787 AC_TRY_COMPILE(
1788 [
18ba2aab 1789#include <sys/types.h>
58d100bf 1790 ],
1791 [ size_t foo; foo = 1235; ],
1792 [ ac_cv_have_size_t="yes" ],
1793 [ ac_cv_have_size_t="no" ]
1794 )
1795])
1796if test "x$ac_cv_have_size_t" = "xyes" ; then
1797 AC_DEFINE(HAVE_SIZE_T)
1798fi
ea1970a3 1799
c04f75f1 1800AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1801 AC_TRY_COMPILE(
1802 [
1803#include <sys/types.h>
1804 ],
1805 [ ssize_t foo; foo = 1235; ],
1806 [ ac_cv_have_ssize_t="yes" ],
1807 [ ac_cv_have_ssize_t="no" ]
1808 )
1809])
1810if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1811 AC_DEFINE(HAVE_SSIZE_T)
1812fi
1813
f1c4659d 1814AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1815 AC_TRY_COMPILE(
1816 [
1817#include <time.h>
1818 ],
1819 [ clock_t foo; foo = 1235; ],
1820 [ ac_cv_have_clock_t="yes" ],
1821 [ ac_cv_have_clock_t="no" ]
1822 )
1823])
1824if test "x$ac_cv_have_clock_t" = "xyes" ; then
1825 AC_DEFINE(HAVE_CLOCK_T)
1826fi
1827
1c04b088 1828AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1829 AC_TRY_COMPILE(
1830 [
1831#include <sys/types.h>
1832#include <sys/socket.h>
1833 ],
1834 [ sa_family_t foo; foo = 1235; ],
1835 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 1836 [ AC_TRY_COMPILE(
1837 [
1838#include <sys/types.h>
1839#include <sys/socket.h>
1840#include <netinet/in.h>
1841 ],
1842 [ sa_family_t foo; foo = 1235; ],
1843 [ ac_cv_have_sa_family_t="yes" ],
1844
1c04b088 1845 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 1846 )]
1c04b088 1847 )
1848])
1849if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1850 AC_DEFINE(HAVE_SA_FAMILY_T)
1851fi
1852
729bfe59 1853AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1854 AC_TRY_COMPILE(
1855 [
1856#include <sys/types.h>
1857 ],
1858 [ pid_t foo; foo = 1235; ],
1859 [ ac_cv_have_pid_t="yes" ],
1860 [ ac_cv_have_pid_t="no" ]
1861 )
1862])
1863if test "x$ac_cv_have_pid_t" = "xyes" ; then
1864 AC_DEFINE(HAVE_PID_T)
1865fi
1866
1867AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1868 AC_TRY_COMPILE(
1869 [
1870#include <sys/types.h>
1871 ],
1872 [ mode_t foo; foo = 1235; ],
1873 [ ac_cv_have_mode_t="yes" ],
1874 [ ac_cv_have_mode_t="no" ]
1875 )
1876])
1877if test "x$ac_cv_have_mode_t" = "xyes" ; then
1878 AC_DEFINE(HAVE_MODE_T)
1879fi
1880
e3a93db0 1881
58d100bf 1882AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1883 AC_TRY_COMPILE(
1884 [
18ba2aab 1885#include <sys/types.h>
1886#include <sys/socket.h>
58d100bf 1887 ],
1888 [ struct sockaddr_storage s; ],
1889 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1890 [ ac_cv_have_struct_sockaddr_storage="no" ]
1891 )
1892])
1893if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1894 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1895fi
48e671d5 1896
58d100bf 1897AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1898 AC_TRY_COMPILE(
1899 [
cbd7492e 1900#include <sys/types.h>
58d100bf 1901#include <netinet/in.h>
1902 ],
1903 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
1904 [ ac_cv_have_struct_sockaddr_in6="yes" ],
1905 [ ac_cv_have_struct_sockaddr_in6="no" ]
1906 )
1907])
1908if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
1909 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
1910fi
48e671d5 1911
58d100bf 1912AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
1913 AC_TRY_COMPILE(
1914 [
cbd7492e 1915#include <sys/types.h>
58d100bf 1916#include <netinet/in.h>
1917 ],
1918 [ struct in6_addr s; s.s6_addr[0] = 0; ],
1919 [ ac_cv_have_struct_in6_addr="yes" ],
1920 [ ac_cv_have_struct_in6_addr="no" ]
1921 )
1922])
1923if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
1924 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
1925fi
48e671d5 1926
58d100bf 1927AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
1928 AC_TRY_COMPILE(
1929 [
18ba2aab 1930#include <sys/types.h>
1931#include <sys/socket.h>
1932#include <netdb.h>
58d100bf 1933 ],
1934 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
1935 [ ac_cv_have_struct_addrinfo="yes" ],
1936 [ ac_cv_have_struct_addrinfo="no" ]
1937 )
1938])
1939if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
1940 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
1941fi
1942
89c7e31c 1943AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
1944 AC_TRY_COMPILE(
aff51935 1945 [ #include <sys/time.h> ],
1946 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 1947 [ ac_cv_have_struct_timeval="yes" ],
1948 [ ac_cv_have_struct_timeval="no" ]
1949 )
1950])
1951if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
1952 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
1953 have_struct_timeval=1
1954fi
1955
5271b55c 1956AC_CHECK_TYPES(struct timespec)
1957
85abc74b 1958# We need int64_t or else certian parts of the compile will fail.
2c523de9 1959if test "x$ac_cv_have_int64_t" = "xno" -a \
1960 "x$ac_cv_sizeof_long_int" != "x8" -a \
1961 "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 1962 echo "OpenSSH requires int64_t support. Contact your vendor or install"
1963 echo "an alternative compiler (I.E., GCC) before continuing."
1964 echo ""
1965 exit 1;
733cf7f4 1966else
1967dnl test snprintf (broken on SCO w/gcc)
1a01a50c 1968 AC_RUN_IFELSE(
479cece8 1969 [AC_LANG_SOURCE([[
733cf7f4 1970#include <stdio.h>
1971#include <string.h>
1972#ifdef HAVE_SNPRINTF
1973main()
1974{
1975 char buf[50];
1976 char expected_out[50];
1977 int mazsize = 50 ;
1978#if (SIZEOF_LONG_INT == 8)
1979 long int num = 0x7fffffffffffffff;
1980#else
763a1a18 1981 long long num = 0x7fffffffffffffffll;
733cf7f4 1982#endif
1983 strcpy(expected_out, "9223372036854775807");
1984 snprintf(buf, mazsize, "%lld", num);
1985 if(strcmp(buf, expected_out) != 0)
aff51935 1986 exit(1);
733cf7f4 1987 exit(0);
1988}
1989#else
1990main() { exit(0); }
1991#endif
479cece8 1992 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 1993 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 1994 )
2c523de9 1995fi
1996
77bb0bca 1997dnl Checks for structure members
58d100bf 1998OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
1999OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2000OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2001OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2002OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2003OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2004OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2005OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2006OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2007OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2008OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2009OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2010OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2011OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2012OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2013OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2014OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2015
2016AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2017
58d100bf 2018AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2019 ac_cv_have_ss_family_in_struct_ss, [
2020 AC_TRY_COMPILE(
2021 [
18ba2aab 2022#include <sys/types.h>
2023#include <sys/socket.h>
58d100bf 2024 ],
2025 [ struct sockaddr_storage s; s.ss_family = 1; ],
2026 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2027 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2028 )
2029])
2030if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2031 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2032fi
2033
58d100bf 2034AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2035 ac_cv_have___ss_family_in_struct_ss, [
2036 AC_TRY_COMPILE(
2037 [
18ba2aab 2038#include <sys/types.h>
2039#include <sys/socket.h>
58d100bf 2040 ],
2041 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2042 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2043 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2044 )
2045])
2046if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2047 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2048fi
2049
2e73a022 2050AC_CACHE_CHECK([for pw_class field in struct passwd],
2051 ac_cv_have_pw_class_in_struct_passwd, [
2052 AC_TRY_COMPILE(
2053 [
2e73a022 2054#include <pwd.h>
2055 ],
97994d32 2056 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2057 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2058 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2059 )
2060])
2061if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2062 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2063fi
2064
7751d4eb 2065AC_CACHE_CHECK([for pw_expire field in struct passwd],
2066 ac_cv_have_pw_expire_in_struct_passwd, [
2067 AC_TRY_COMPILE(
2068 [
2069#include <pwd.h>
2070 ],
2071 [ struct passwd p; p.pw_expire = 0; ],
2072 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2073 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2074 )
2075])
2076if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2077 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2078fi
2079
2080AC_CACHE_CHECK([for pw_change field in struct passwd],
2081 ac_cv_have_pw_change_in_struct_passwd, [
2082 AC_TRY_COMPILE(
2083 [
2084#include <pwd.h>
2085 ],
2086 [ struct passwd p; p.pw_change = 0; ],
2087 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2088 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2089 )
2090])
2091if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2092 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2093fi
58d100bf 2094
637f9177 2095dnl make sure we're using the real structure members and not defines
6f34652e 2096AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2097 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2098 AC_COMPILE_IFELSE(
6f34652e 2099 [
f95c8ce8 2100#include <sys/types.h>
6f34652e 2101#include <sys/socket.h>
2102#include <sys/uio.h>
637f9177 2103int main() {
2104#ifdef msg_accrights
1a01a50c 2105#error "msg_accrights is a macro"
637f9177 2106exit(1);
2107#endif
2108struct msghdr m;
2109m.msg_accrights = 0;
2110exit(0);
2111}
6f34652e 2112 ],
6f34652e 2113 [ ac_cv_have_accrights_in_msghdr="yes" ],
2114 [ ac_cv_have_accrights_in_msghdr="no" ]
2115 )
2116])
2117if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2118 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2119fi
2120
7176df4f 2121AC_CACHE_CHECK([for msg_control field in struct msghdr],
2122 ac_cv_have_control_in_msghdr, [
1a01a50c 2123 AC_COMPILE_IFELSE(
7176df4f 2124 [
f95c8ce8 2125#include <sys/types.h>
7176df4f 2126#include <sys/socket.h>
2127#include <sys/uio.h>
637f9177 2128int main() {
2129#ifdef msg_control
1a01a50c 2130#error "msg_control is a macro"
637f9177 2131exit(1);
2132#endif
2133struct msghdr m;
2134m.msg_control = 0;
2135exit(0);
2136}
7176df4f 2137 ],
7176df4f 2138 [ ac_cv_have_control_in_msghdr="yes" ],
2139 [ ac_cv_have_control_in_msghdr="no" ]
2140 )
2141])
2142if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2143 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2144fi
2145
58d100bf 2146AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2147 AC_TRY_LINK([],
2148 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2149 [ ac_cv_libc_defines___progname="yes" ],
2150 [ ac_cv_libc_defines___progname="no" ]
2151 )
2152])
2153if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2154 AC_DEFINE(HAVE___PROGNAME)
2155fi
8946db53 2156
c921ee00 2157AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2158 AC_TRY_LINK([
2159#include <stdio.h>
aff51935 2160],
2161 [ printf("%s", __FUNCTION__); ],
c921ee00 2162 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2163 [ ac_cv_cc_implements___FUNCTION__="no" ]
2164 )
2165])
2166if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2167 AC_DEFINE(HAVE___FUNCTION__)
2168fi
2169
2170AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2171 AC_TRY_LINK([
2172#include <stdio.h>
aff51935 2173],
2174 [ printf("%s", __func__); ],
c921ee00 2175 [ ac_cv_cc_implements___func__="yes" ],
2176 [ ac_cv_cc_implements___func__="no" ]
2177 )
2178])
2179if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2180 AC_DEFINE(HAVE___func__)
2181fi
2182
1812a662 2183AC_CACHE_CHECK([whether getopt has optreset support],
2184 ac_cv_have_getopt_optreset, [
2185 AC_TRY_LINK(
2186 [
2187#include <getopt.h>
2188 ],
2189 [ extern int optreset; optreset = 0; ],
2190 [ ac_cv_have_getopt_optreset="yes" ],
2191 [ ac_cv_have_getopt_optreset="no" ]
2192 )
2193])
2194if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2195 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2196fi
a0391976 2197
819b676f 2198AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2199 AC_TRY_LINK([],
2200 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2201 [ ac_cv_libc_defines_sys_errlist="yes" ],
2202 [ ac_cv_libc_defines_sys_errlist="no" ]
2203 )
2204])
2205if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2206 AC_DEFINE(HAVE_SYS_ERRLIST)
2207fi
2208
2209
416ed5a7 2210AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2211 AC_TRY_LINK([],
2212 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2213 [ ac_cv_libc_defines_sys_nerr="yes" ],
2214 [ ac_cv_libc_defines_sys_nerr="no" ]
2215 )
2216])
2217if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2218 AC_DEFINE(HAVE_SYS_NERR)
2219fi
2220
aff51935 2221SCARD_MSG="no"
295c8801 2222# Check whether user wants sectok support
2223AC_ARG_WITH(sectok,
2224 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2225 [
2226 if test "x$withval" != "xno" ; then
2227 if test "x$withval" != "xyes" ; then
2228 CPPFLAGS="$CPPFLAGS -I${withval}"
2229 LDFLAGS="$LDFLAGS -L${withval}"
2230 if test ! -z "$need_dash_r" ; then
2231 LDFLAGS="$LDFLAGS -R${withval}"
2232 fi
2233 if test ! -z "$blibpath" ; then
2234 blibpath="$blibpath:${withval}"
2235 fi
2236 fi
2237 AC_CHECK_HEADERS(sectok.h)
2238 if test "$ac_cv_header_sectok_h" != yes; then
2239 AC_MSG_ERROR(Can't find sectok.h)
2240 fi
2241 AC_CHECK_LIB(sectok, sectok_open)
2242 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2243 AC_MSG_ERROR(Can't find libsectok)
2244 fi
2245 AC_DEFINE(SMARTCARD)
295c8801 2246 AC_DEFINE(USE_SECTOK)
aff51935 2247 SCARD_MSG="yes, using sectok"
295c8801 2248 fi
2249 ]
2250)
2251
2252# Check whether user wants OpenSC support
2253AC_ARG_WITH(opensc,
49ef62db 2254 AC_HELP_STRING([--with-opensc=PFX],
2255 [Enable smartcard support using OpenSC]),
2256 opensc_config_prefix="$withval", opensc_config_prefix="")
2257if test x$opensc_config_prefix != x ; then
2258 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
2259 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2260 if test "$OPENSC_CONFIG" != "no"; then
2261 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2262 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2263 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2264 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2265 AC_DEFINE(SMARTCARD)
2266 AC_DEFINE(USE_OPENSC)
aff51935 2267 SCARD_MSG="yes, using OpenSC"
49ef62db 2268 fi
2269fi
d0b19c95 2270
c31dc31c 2271# Check libraries needed by DNS fingerprint support
aff51935 2272AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2273 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2274 [
c31dc31c 2275 # Needed by our getrrsetbyname()
2276 AC_SEARCH_LIBS(res_query, resolv)
2277 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2278 AC_MSG_CHECKING(if res_query will link)
2279 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2280 [AC_MSG_RESULT(no)
2281 saved_LIBS="$LIBS"
2282 LIBS="$LIBS -lresolv"
2283 AC_MSG_CHECKING(for res_query in -lresolv)
2284 AC_LINK_IFELSE([
2285#include <resolv.h>
2286int main()
2287{
2288 res_query (0, 0, 0, 0, 0);
2289 return 0;
2290}
2291 ],
2292 [LIBS="$LIBS -lresolv"
2293 AC_MSG_RESULT(yes)],
2294 [LIBS="$saved_LIBS"
2295 AC_MSG_RESULT(no)])
2296 ])
c31dc31c 2297 AC_CHECK_FUNCS(_getshort _getlong)
2298 AC_CHECK_MEMBER(HEADER.ad,
2299 [AC_DEFINE(HAVE_HEADER_AD)],,
2300 [#include <arpa/nameser.h>])
2301 ])
3e05e934 2302
12928e80 2303# Check whether user wants Kerberos 5 support
aff51935 2304KRB5_MSG="no"
12928e80 2305AC_ARG_WITH(kerberos5,
aff51935 2306 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2307 [ if test "x$withval" != "xno" ; then
2308 if test "x$withval" = "xyes" ; then
2309 KRB5ROOT="/usr/local"
2310 else
2311 KRB5ROOT=${withval}
2312 fi
2313
2314 AC_DEFINE(KRB5)
2315 KRB5_MSG="yes"
2316
2317 AC_MSG_CHECKING(for krb5-config)
2318 if test -x $KRB5ROOT/bin/krb5-config ; then
2319 KRB5CONF=$KRB5ROOT/bin/krb5-config
2320 AC_MSG_RESULT($KRB5CONF)
2321
2322 AC_MSG_CHECKING(for gssapi support)
2323 if $KRB5CONF | grep gssapi >/dev/null ; then
2324 AC_MSG_RESULT(yes)
071970fb 2325 AC_DEFINE(GSSAPI)
2326 k5confopts=gssapi
aff51935 2327 else
5585c441 2328 AC_MSG_RESULT(no)
071970fb 2329 k5confopts=""
aff51935 2330 fi
071970fb 2331 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2332 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2333 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2334 AC_MSG_CHECKING(whether we are using Heimdal)
2335 AC_TRY_COMPILE([ #include <krb5.h> ],
2336 [ char *tmp = heimdal_version; ],
2337 [ AC_MSG_RESULT(yes)
2338 AC_DEFINE(HEIMDAL) ],
2339 AC_MSG_RESULT(no)
2340 )
2341 else
2342 AC_MSG_RESULT(no)
12928e80 2343 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2344 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2345 AC_MSG_CHECKING(whether we are using Heimdal)
2346 AC_TRY_COMPILE([ #include <krb5.h> ],
2347 [ char *tmp = heimdal_version; ],
2348 [ AC_MSG_RESULT(yes)
2349 AC_DEFINE(HEIMDAL)
41707f74 2350 K5LIBS="-lkrb5 -ldes"
2351 K5LIBS="$K5LIBS -lcom_err -lasn1"
2352 AC_CHECK_LIB(roken, net_write,
2353 [K5LIBS="$K5LIBS -lroken"])
aff51935 2354 ],
2355 [ AC_MSG_RESULT(no)
2356 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2357 ]
2358 )
4e00038c 2359 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2360
749560dd 2361 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2362 [ AC_DEFINE(GSSAPI)
2363 K5LIBS="-lgssapi $K5LIBS" ],
2364 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2365 [ AC_DEFINE(GSSAPI)
aff51935 2366 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2367 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2368 $K5LIBS)
2369 ],
2370 $K5LIBS)
2371
2372 AC_CHECK_HEADER(gssapi.h, ,
2373 [ unset ac_cv_header_gssapi_h
aff51935 2374 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2375 AC_CHECK_HEADERS(gssapi.h, ,
2376 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2377 )
749560dd 2378 ]
2379 )
2380
2381 oldCPP="$CPPFLAGS"
2382 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2383 AC_CHECK_HEADER(gssapi_krb5.h, ,
2384 [ CPPFLAGS="$oldCPP" ])
2385
aff51935 2386 fi
5585c441 2387 if test ! -z "$need_dash_r" ; then
2388 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2389 fi
2390 if test ! -z "$blibpath" ; then
2391 blibpath="$blibpath:${KRB5ROOT}/lib"
2392 fi
071970fb 2393 fi
2394
2395 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2396 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2397 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2398
2399 LIBS="$LIBS $K5LIBS"
2400 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
79753592 2401 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
071970fb 2402 ]
12928e80 2403)
b5b68128 2404
a0391976 2405# Looking for programs, paths and files
a0391976 2406
ecac8ee5 2407PRIVSEP_PATH=/var/empty
2408AC_ARG_WITH(privsep-path,
cda1ebcb 2409 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2410 [
2411 if test "x$withval" != "$no" ; then
2412 PRIVSEP_PATH=$withval
2413 fi
2414 ]
2415)
2416AC_SUBST(PRIVSEP_PATH)
2417
a0391976 2418AC_ARG_WITH(xauth,
2419 [ --with-xauth=PATH Specify path to xauth program ],
2420 [
00937921 2421 if test "x$withval" != "xno" ; then
cbd7492e 2422 xauth_path=$withval
a0391976 2423 fi
2424 ],
2425 [
2bf42e4a 2426 TestPath="$PATH"
2427 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2428 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2429 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2430 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2431 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2432 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2433 xauth_path="/usr/openwin/bin/xauth"
2434 fi
2435 ]
2436)
2437
65a4b4af 2438STRIP_OPT=-s
2439AC_ARG_ENABLE(strip,
2440 [ --disable-strip Disable calling strip(1) on install],
2441 [
2442 if test "x$enableval" = "xno" ; then
2443 STRIP_OPT=
2444 fi
2445 ]
2446)
2447AC_SUBST(STRIP_OPT)
2448
b3ec54b4 2449if test -z "$xauth_path" ; then
2450 XAUTH_PATH="undefined"
2451 AC_SUBST(XAUTH_PATH)
2452else
a0391976 2453 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2454 XAUTH_PATH=$xauth_path
2455 AC_SUBST(XAUTH_PATH)
a0391976 2456fi
a0391976 2457
2458# Check for mail directory (last resort if we cannot get it from headers)
2459if test ! -z "$MAIL" ; then
2460 maildir=`dirname $MAIL`
2461 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2462fi
2463
479cece8 2464if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2465 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2466 disable_ptmx_check=yes
2467fi
a0391976 2468if test -z "$no_dev_ptmx" ; then
6e879cb4 2469 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2470 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2471 [
2472 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2473 have_dev_ptmx=1
2474 ]
2475 )
2476 fi
3276571c 2477fi
1a01a50c 2478
479cece8 2479if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2480 AC_CHECK_FILE("/dev/ptc",
2481 [
2482 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2483 have_dev_ptc=1
2484 ]
2485 )
2486else
2487 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2488fi
3276571c 2489
a0391976 2490# Options from here on. Some of these are preset by platform above
fdf6b7aa 2491AC_ARG_WITH(mantype,
5d97cfbf 2492 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2493 [
5d97cfbf 2494 case "$withval" in
2495 man|cat|doc)
2496 MANTYPE=$withval
2497 ;;
2498 *)
2499 AC_MSG_ERROR(invalid man type: $withval)
2500 ;;
2501 esac
c54a6257 2502 ]
2503)
e0c4d3ac 2504if test -z "$MANTYPE"; then
2bf42e4a 2505 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2506 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2507 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2508 MANTYPE=doc
2509 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2510 MANTYPE=man
2511 else
2512 MANTYPE=cat
2513 fi
2514fi
c54a6257 2515AC_SUBST(MANTYPE)
e0c4d3ac 2516if test "$MANTYPE" = "doc"; then
2517 mansubdir=man;
2518else
2519 mansubdir=$MANTYPE;
2520fi
2521AC_SUBST(mansubdir)
0bc5b6fb 2522
a0391976 2523# Check whether to enable MD5 passwords
aff51935 2524MD5_MSG="no"
2ddcfdf3 2525AC_ARG_WITH(md5-passwords,
caf3bc51 2526 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2527 [
bcf36c78 2528 if test "x$withval" != "xno" ; then
0bc5b6fb 2529 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2530 MD5_MSG="yes"
0bc5b6fb 2531 fi
2532 ]
caf3bc51 2533)
2534
a0391976 2535# Whether to disable shadow password support
a7effaac 2536AC_ARG_WITH(shadow,
2537 [ --without-shadow Disable shadow password support],
2538 [
2539 if test "x$withval" = "xno" ; then
2540 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2541 disable_shadow=yes
a7effaac 2542 fi
2543 ]
2544)
2545
4cb5ffa0 2546if test -z "$disable_shadow" ; then
2547 AC_MSG_CHECKING([if the systems has expire shadow information])
2548 AC_TRY_COMPILE(
2549 [
2550#include <sys/types.h>
2551#include <shadow.h>
2552 struct spwd sp;
2553 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2554 [ sp_expire_available=yes ], []
2555 )
2556
2557 if test "x$sp_expire_available" = "xyes" ; then
2558 AC_MSG_RESULT(yes)
2559 AC_DEFINE(HAS_SHADOW_EXPIRE)
2560 else
2561 AC_MSG_RESULT(no)
2562 fi
2563fi
2564
a0391976 2565# Use ip address instead of hostname in $DISPLAY
44839801 2566if test ! -z "$IPADDR_IN_DISPLAY" ; then
2567 DISPLAY_HACK_MSG="yes"
2568 AC_DEFINE(IPADDR_IN_DISPLAY)
2569else
aff51935 2570 DISPLAY_HACK_MSG="no"
44839801 2571 AC_ARG_WITH(ipaddr-display,
2572 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2573 [
2574 if test "x$withval" != "xno" ; then
2575 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2576 DISPLAY_HACK_MSG="yes"
44839801 2577 fi
2578 ]
2579 )
2580fi
a7effaac 2581
95b99395 2582# check for /etc/default/login and use it if present.
daa41e62 2583AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2584 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2585 [ if test "x$enableval" = "xno"; then
2586 AC_MSG_NOTICE([/etc/default/login handling disabled])
2587 etc_default_login=no
2588 else
2589 etc_default_login=yes
2590 fi ],
2591 [ etc_default_login=yes ]
2592)
95b99395 2593
694d0cef 2594if test "x$etc_default_login" != "xno"; then
2595 AC_CHECK_FILE("/etc/default/login",
2596 [ external_path_file=/etc/default/login ])
479cece8 2597 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2598 then
1a01a50c 2599 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2600 elif test "x$external_path_file" = "x/etc/default/login"; then
2601 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2602 fi
694d0cef 2603fi
95b99395 2604
8d184c09 2605dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2606if test $ac_cv_func_login_getcapbool = "yes" -a \
2607 $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2608 external_path_file=/etc/login.conf
8d184c09 2609fi
95b99395 2610
a0391976 2611# Whether to mess with the default path
aff51935 2612SERVER_PATH_MSG="(default)"
c43d69a9 2613AC_ARG_WITH(default-path,
75817f90 2614 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2615 [
95b99395 2616 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2617 AC_MSG_WARN([
2618--with-default-path=PATH has no effect on this system.
2619Edit /etc/login.conf instead.])
2620 elif test "x$withval" != "xno" ; then
89bbd457 2621 if test ! -z "$external_path_file" ; then
95b99395 2622 AC_MSG_WARN([
2623--with-default-path=PATH will only be used if PATH is not defined in
2624$external_path_file .])
2625 fi
b2d818e6 2626 user_path="$withval"
aff51935 2627 SERVER_PATH_MSG="$withval"
cb807f40 2628 fi
b2d818e6 2629 ],
95b99395 2630 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2631 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2632 else
89bbd457 2633 if test ! -z "$external_path_file" ; then
95b99395 2634 AC_MSG_WARN([
2635If PATH is defined in $external_path_file, ensure the path to scp is included,
2636otherwise scp will not work.])
2637 fi
2638 AC_TRY_RUN(
2639 [
b2d818e6 2640/* find out what STDPATH is */
2641#include <stdio.h>
b2d818e6 2642#ifdef HAVE_PATHS_H
2643# include <paths.h>
2644#endif
2645#ifndef _PATH_STDPATH
d9a4e55b 2646# ifdef _PATH_USERPATH /* Irix */
2647# define _PATH_STDPATH _PATH_USERPATH
2648# else
2649# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2650# endif
b2d818e6 2651#endif
2652#include <sys/types.h>
2653#include <sys/stat.h>
2654#include <fcntl.h>
2655#define DATA "conftest.stdpath"
2656
2657main()
2658{
2659 FILE *fd;
2660 int rc;
2661
2662 fd = fopen(DATA,"w");
2663 if(fd == NULL)
2664 exit(1);
2665
2666 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2667 exit(1);
2668
2669 exit(0);
2670}
2671 ], [ user_path=`cat conftest.stdpath` ],
2672 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2673 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2674 )
2675# make sure $bindir is in USER_PATH so scp will work
2676 t_bindir=`eval echo ${bindir}`
2677 case $t_bindir in
2678 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2679 esac
2680 case $t_bindir in
2681 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2682 esac
2683 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2684 if test $? -ne 0 ; then
2685 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2686 if test $? -ne 0 ; then
2687 user_path=$user_path:$t_bindir
2688 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2689 fi
2690 fi
8d184c09 2691 fi ]
cb807f40 2692)
95b99395 2693if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 2694 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2695 AC_SUBST(user_path)
2696fi
cb807f40 2697
06617857 2698# Set superuser path separately to user path
06617857 2699AC_ARG_WITH(superuser-path,
2700 [ --with-superuser-path= Specify different path for super-user],
2701 [
2702 if test "x$withval" != "xno" ; then
2703 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2704 superuser_path=$withval
2705 fi
2706 ]
2707)
2708
2709
58d100bf 2710AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 2711IPV4_IN6_HACK_MSG="no"
80faa19f 2712AC_ARG_WITH(4in6,
2713 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2714 [
2715 if test "x$withval" != "xno" ; then
2716 AC_MSG_RESULT(yes)
2717 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2718 IPV4_IN6_HACK_MSG="yes"
80faa19f 2719 else
2720 AC_MSG_RESULT(no)
2721 fi
2722 ],[
2723 if test "x$inet6_default_4in6" = "xyes"; then
2724 AC_MSG_RESULT([yes (default)])
2725 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2726 IPV4_IN6_HACK_MSG="yes"
80faa19f 2727 else
2728 AC_MSG_RESULT([no (default)])
2729 fi
2730 ]
2731)
2732
af774732 2733# Whether to enable BSD auth support
f1b0ecc3 2734BSD_AUTH_MSG=no
af774732 2735AC_ARG_WITH(bsd-auth,
2736 [ --with-bsd-auth Enable BSD auth support],
2737 [
2738 if test "x$withval" != "xno" ; then
2739 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2740 BSD_AUTH_MSG=yes
af774732 2741 fi
2742 ]
2743)
2744
a0391976 2745# Where to place sshd.pid
19d9ac2a 2746piddir=/var/run
81dadca3 2747# make sure the directory exists
2748if test ! -d $piddir ; then
2749 piddir=`eval echo ${sysconfdir}`
2750 case $piddir in
aff51935 2751 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 2752 esac
2753fi
2754
47e45e44 2755AC_ARG_WITH(pid-dir,
2756 [ --with-pid-dir=PATH Specify location of ssh.pid file],
2757 [
2758 if test "x$withval" != "xno" ; then
19d9ac2a 2759 piddir=$withval
81dadca3 2760 if test ! -d $piddir ; then
2761 AC_MSG_WARN([** no $piddir directory on this system **])
2762 fi
47e45e44 2763 fi
2764 ]
2765)
b7a87eea 2766
42f11eb2 2767AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 2768AC_SUBST(piddir)
47e45e44 2769
1d7b9b20 2770dnl allow user to disable some login recording features
2771AC_ARG_ENABLE(lastlog,
bfd550a2 2772 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 2773 [
2774 if test "x$enableval" = "xno" ; then
2775 AC_DEFINE(DISABLE_LASTLOG)
2776 fi
2777 ]
1d7b9b20 2778)
2779AC_ARG_ENABLE(utmp,
bfd550a2 2780 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 2781 [
2782 if test "x$enableval" = "xno" ; then
2783 AC_DEFINE(DISABLE_UTMP)
2784 fi
2785 ]
1d7b9b20 2786)
2787AC_ARG_ENABLE(utmpx,
bfd550a2 2788 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 2789 [
2790 if test "x$enableval" = "xno" ; then
2791 AC_DEFINE(DISABLE_UTMPX)
2792 fi
2793 ]
1d7b9b20 2794)
2795AC_ARG_ENABLE(wtmp,
bfd550a2 2796 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 2797 [
2798 if test "x$enableval" = "xno" ; then
2799 AC_DEFINE(DISABLE_WTMP)
2800 fi
2801 ]
1d7b9b20 2802)
2803AC_ARG_ENABLE(wtmpx,
bfd550a2 2804 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 2805 [
2806 if test "x$enableval" = "xno" ; then
2807 AC_DEFINE(DISABLE_WTMPX)
2808 fi
2809 ]
1d7b9b20 2810)
2811AC_ARG_ENABLE(libutil,
bfd550a2 2812 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 2813 [
2814 if test "x$enableval" = "xno" ; then
2815 AC_DEFINE(DISABLE_LOGIN)
2816 fi
2817 ]
1d7b9b20 2818)
2819AC_ARG_ENABLE(pututline,
bfd550a2 2820 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 2821 [
2822 if test "x$enableval" = "xno" ; then
aff51935 2823 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 2824 fi
2825 ]
1d7b9b20 2826)
2827AC_ARG_ENABLE(pututxline,
bfd550a2 2828 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 2829 [
2830 if test "x$enableval" = "xno" ; then
2831 AC_DEFINE(DISABLE_PUTUTXLINE)
2832 fi
2833 ]
1d7b9b20 2834)
2835AC_ARG_WITH(lastlog,
bfd550a2 2836 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 2837 [
2838 if test "x$withval" = "xno" ; then
2839 AC_DEFINE(DISABLE_LASTLOG)
2840 else
2841 conf_lastlog_location=$withval
2842 fi
2843 ]
2844)
1d7b9b20 2845
2846dnl lastlog, [uw]tmpx? detection
2847dnl NOTE: set the paths in the platform section to avoid the
2848dnl need for command-line parameters
2849dnl lastlog and [uw]tmp are subject to a file search if all else fails
2850
2851dnl lastlog detection
2852dnl NOTE: the code itself will detect if lastlog is a directory
2853AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2854AC_TRY_COMPILE([
2855#include <sys/types.h>
2856#include <utmp.h>
2857#ifdef HAVE_LASTLOG_H
2858# include <lastlog.h>
2859#endif
d7c0f3d5 2860#ifdef HAVE_PATHS_H
1d7b9b20 2861# include <paths.h>
41cb4569 2862#endif
2863#ifdef HAVE_LOGIN_H
2864# include <login.h>
1d7b9b20 2865#endif
2866 ],
2867 [ char *lastlog = LASTLOG_FILE; ],
2868 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 2869 [
2870 AC_MSG_RESULT(no)
2871 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2872 AC_TRY_COMPILE([
2873#include <sys/types.h>
2874#include <utmp.h>
2875#ifdef HAVE_LASTLOG_H
2876# include <lastlog.h>
2877#endif
2878#ifdef HAVE_PATHS_H
2879# include <paths.h>
2880#endif
2881 ],
2882 [ char *lastlog = _PATH_LASTLOG; ],
2883 [ AC_MSG_RESULT(yes) ],
2884 [
f282b668 2885 AC_MSG_RESULT(no)
d7c0f3d5 2886 system_lastlog_path=no
2887 ])
2888 ]
1d7b9b20 2889)
d7c0f3d5 2890
1d7b9b20 2891if test -z "$conf_lastlog_location"; then
2892 if test x"$system_lastlog_path" = x"no" ; then
2893 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 2894 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 2895 conf_lastlog_location=$f
2896 fi
2897 done
2898 if test -z "$conf_lastlog_location"; then
f8119cef 2899 AC_MSG_WARN([** Cannot find lastlog **])
2900 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 2901 fi
2902 fi
2903fi
2904
2905if test -n "$conf_lastlog_location"; then
2906 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
2907fi
2908
2909dnl utmp detection
2910AC_MSG_CHECKING([if your system defines UTMP_FILE])
2911AC_TRY_COMPILE([
2912#include <sys/types.h>
2913#include <utmp.h>
d7c0f3d5 2914#ifdef HAVE_PATHS_H
1d7b9b20 2915# include <paths.h>
2916#endif
2917 ],
2918 [ char *utmp = UTMP_FILE; ],
2919 [ AC_MSG_RESULT(yes) ],
2920 [ AC_MSG_RESULT(no)
2921 system_utmp_path=no ]
2922)
2923if test -z "$conf_utmp_location"; then
2924 if test x"$system_utmp_path" = x"no" ; then
2925 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
2926 if test -f $f ; then
2927 conf_utmp_location=$f
2928 fi
2929 done
2930 if test -z "$conf_utmp_location"; then
2931 AC_DEFINE(DISABLE_UTMP)
2932 fi
2933 fi
2934fi
2935if test -n "$conf_utmp_location"; then
2936 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
2937fi
2938
2939dnl wtmp detection
2940AC_MSG_CHECKING([if your system defines WTMP_FILE])
2941AC_TRY_COMPILE([
2942#include <sys/types.h>
2943#include <utmp.h>
d7c0f3d5 2944#ifdef HAVE_PATHS_H
1d7b9b20 2945# include <paths.h>
2946#endif
2947 ],
2948 [ char *wtmp = WTMP_FILE; ],
2949 [ AC_MSG_RESULT(yes) ],
2950 [ AC_MSG_RESULT(no)
2951 system_wtmp_path=no ]
2952)
2953if test -z "$conf_wtmp_location"; then
2954 if test x"$system_wtmp_path" = x"no" ; then
2955 for f in /usr/adm/wtmp /var/log/wtmp; do
2956 if test -f $f ; then
2957 conf_wtmp_location=$f
2958 fi
2959 done
2960 if test -z "$conf_wtmp_location"; then
2961 AC_DEFINE(DISABLE_WTMP)
2962 fi
2963 fi
2964fi
2965if test -n "$conf_wtmp_location"; then
2966 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
2967fi
2968
2969
2970dnl utmpx detection - I don't know any system so perverse as to require
2971dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
2972dnl there, though.
2973AC_MSG_CHECKING([if your system defines UTMPX_FILE])
2974AC_TRY_COMPILE([
2975#include <sys/types.h>
2976#include <utmp.h>
2977#ifdef HAVE_UTMPX_H
2978#include <utmpx.h>
2979#endif
d7c0f3d5 2980#ifdef HAVE_PATHS_H
1d7b9b20 2981# include <paths.h>
2982#endif
2983 ],
2984 [ char *utmpx = UTMPX_FILE; ],
2985 [ AC_MSG_RESULT(yes) ],
2986 [ AC_MSG_RESULT(no)
2987 system_utmpx_path=no ]
2988)
2989if test -z "$conf_utmpx_location"; then
2990 if test x"$system_utmpx_path" = x"no" ; then
2991 AC_DEFINE(DISABLE_UTMPX)
2992 fi
2993else
2994 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
2995fi
2996
2997dnl wtmpx detection
2998AC_MSG_CHECKING([if your system defines WTMPX_FILE])
2999AC_TRY_COMPILE([
3000#include <sys/types.h>
3001#include <utmp.h>
3002#ifdef HAVE_UTMPX_H
3003#include <utmpx.h>
3004#endif
d7c0f3d5 3005#ifdef HAVE_PATHS_H
1d7b9b20 3006# include <paths.h>
3007#endif
3008 ],
3009 [ char *wtmpx = WTMPX_FILE; ],
3010 [ AC_MSG_RESULT(yes) ],
3011 [ AC_MSG_RESULT(no)
3012 system_wtmpx_path=no ]
3013)
3014if test -z "$conf_wtmpx_location"; then
3015 if test x"$system_wtmpx_path" = x"no" ; then
3016 AC_DEFINE(DISABLE_WTMPX)
3017 fi
3018else
3019 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
3020fi
3021
b7a87eea 3022
bd499f9e 3023if test ! -z "$blibpath" ; then
68ece370 3024 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3025 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3026fi
3027
ddceb1c8 3028dnl remove pam and dl because they are in $LIBPAM
3029if test "$PAM_MSG" = yes ; then
98f2d9d5 3030 LIBS=`echo $LIBS | sed 's/-lpam //'`
3031fi
3032if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3033 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3034fi
3035
3c62e7eb 3036AC_EXEEXT
d7cfdd7c 3037AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3038 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3039AC_OUTPUT
d3083fbd 3040
cbd7492e 3041# Print summary of options
3042
cbd7492e 3043# Someone please show me a better way :)
3044A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3045B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3046C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3047D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3048E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3049F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3050G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3051H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3052I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3053J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3054
3055echo ""
26de7942 3056echo "OpenSSH has been configured with the following options:"
ecac8ee5 3057echo " User binaries: $B"
3058echo " System binaries: $C"
3059echo " Configuration files: $D"
3060echo " Askpass program: $E"
3061echo " Manual pages: $F"
3062echo " PID file: $G"
3063echo " Privilege separation chroot path: $H"
95b99395 3064if test "x$external_path_file" = "x/etc/login.conf" ; then
3065echo " At runtime, sshd will use the path defined in $external_path_file"
3066echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3067else
ecac8ee5 3068echo " sshd default user PATH: $I"
89bbd457 3069 if test ! -z "$external_path_file"; then
95b99395 3070echo " (If PATH is set in $external_path_file it will be used instead. If"
3071echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3072 fi
8d184c09 3073fi
06617857 3074if test ! -z "$superuser_path" ; then
ecac8ee5 3075echo " sshd superuser user PATH: $J"
3076fi
3077echo " Manpage format: $MANTYPE"
3e05e934 3078echo " PAM support: $PAM_MSG"
ecac8ee5 3079echo " KerberosV support: $KRB5_MSG"
3080echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3081echo " S/KEY support: $SKEY_MSG"
3082echo " TCP Wrappers support: $TCPW_MSG"
3083echo " MD5 password support: $MD5_MSG"
59031773 3084echo " libedit support: $LIBEDIT_MSG"
3deb1408 3085echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3086echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3087echo " BSD Auth support: $BSD_AUTH_MSG"
3088echo " Random number source: $RAND_MSG"
f1b0ecc3 3089if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3090echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3091fi
3092
cbd7492e 3093echo ""
3094
0c2fb82f 3095echo " Host: ${host}"
3096echo " Compiler: ${CC}"
3097echo " Compiler flags: ${CFLAGS}"
3098echo "Preprocessor flags: ${CPPFLAGS}"
3099echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3100echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3101
3102echo ""
3103
9cefe228 3104if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3105 echo "SVR4 style packages are supported with \"make package\""
3106 echo ""
9cefe228 3107fi
3108
adeebd37 3109if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3110 echo "PAM is enabled. You may need to install a PAM control file "
3111 echo "for sshd, otherwise password authentication may fail. "
aff51935 3112 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3113 echo "subdirectory"
adeebd37 3114 echo ""
3115fi
3116
f1b0ecc3 3117if test ! -z "$RAND_HELPER_CMDHASH" ; then
3118 echo "WARNING: you are using the builtin random number collection "
3119 echo "service. Please read WARNING.RNG and request that your OS "
3120 echo "vendor includes kernel-based random number collection in "
3121 echo "future versions of your OS."
2c523de9 3122 echo ""
3123fi
af774732 3124
2f6f9cff 3125if test ! -z "$NO_PEERCHECK" ; then
3126 echo "WARNING: the operating system that you are using does not "
3127 echo "appear to support either the getpeereid() API nor the "
3128 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3129 echo "enforce security checks to prevent unauthorised connections to "
3130 echo "ssh-agent. Their absence increases the risk that a malicious "
3131 echo "user can connect to your agent. "
3132 echo ""
3133fi
3134
git-cvsimport mirror of OpenSSH
This page took 1.386391 seconds and 5 git commands to generate.