]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) [README README.privsep] Mention FreeBSD and NetBSD as being
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
82f4e93d 78
d423d822 79AC_C_INLINE
dfafb2e1 80
81AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
82
aff51935 83if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 84 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
8a3ff1aa 85
dfafb2e1 86 if test -z "$have_llong_max"; then
87 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
88 unset ac_cv_have_decl_LLONG_MAX
89 saved_CFLAGS="$CFLAGS"
90 CFLAGS="$CFLAGS -std=gnu99"
91 AC_CHECK_DECL(LLONG_MAX,
92 [have_llong_max=1],
93 [CFLAGS="$saved_CFLAGS"],
94 [#include <limits.h>]
95 )
96 fi
d423d822 97fi
98
e6354014 99AC_ARG_WITH(rpath,
100 [ --without-rpath Disable auto-added -R linker paths],
101 [
82f4e93d 102 if test "x$withval" = "xno" ; then
e6354014 103 need_dash_r=""
104 fi
105 if test "x$withval" = "xyes" ; then
106 need_dash_r=1
107 fi
108 ]
109)
110
a0391976 111# Check for some target-specific stuff
a7effaac 112case "$host" in
9d6b1b96 113*-*-aix*)
aff51935 114 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 115 if (test -z "$blibpath"); then
0a15d73b 116 blibpath="/usr/lib:/lib"
68ece370 117 fi
118 saved_LDFLAGS="$LDFLAGS"
119 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
120 if (test -z "$blibflags"); then
121 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
122 AC_TRY_LINK([], [], [blibflags=$tryflags])
123 fi
124 done
125 if (test -z "$blibflags"); then
126 AC_MSG_RESULT(not found)
127 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
128 else
129 AC_MSG_RESULT($blibflags)
bd499f9e 130 fi
68ece370 131 LDFLAGS="$saved_LDFLAGS"
e351e493 132 dnl Check for authenticate. Might be in libs.a on older AIXes
133 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 134 [AC_CHECK_LIB(s,authenticate,
e351e493 135 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 136 LIBS="$LIBS -ls"
137 ])
138 ])
ba603e06 139 dnl Check for various auth function declarations in headers.
c85ed8e2 140 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 141 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 142 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 143 AC_CHECK_DECLS(loginfailed,
e351e493 144 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
145 AC_TRY_COMPILE(
f58c0e01 146 [#include <usersec.h>],
e351e493 147 [(void)loginfailed("user","host","tty",0);],
148 [AC_MSG_RESULT(yes)
149 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 150 [AC_MSG_RESULT(no)]
e351e493 151 )],
152 [],
153 [#include <usersec.h>]
154 )
2aa3a16c 155 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 156 check_for_aix_broken_getaddrinfo=1
1352689f 157 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 158 AC_DEFINE(SETEUID_BREAKS_SETUID)
159 AC_DEFINE(BROKEN_SETREUID)
160 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 161 dnl AIX handles lastlog as part of its login message
162 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 163 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 164 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 165 ;;
3c62e7eb 166*-*-cygwin*)
a52997bd 167 check_for_libcrypt_later=1
ffb8d130 168 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 169 AC_DEFINE(HAVE_CYGWIN)
7043a38d 170 AC_DEFINE(USE_PIPES)
3c62e7eb 171 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 172 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 173 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 174 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 175 AC_DEFINE(DISABLE_FD_PASSING)
3c62e7eb 176 ;;
d6fdb079 177*-*-dgux*)
178 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 179 AC_DEFINE(SETEUID_BREAKS_SETUID)
180 AC_DEFINE(BROKEN_SETREUID)
181 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 182 ;;
39c98ef7 183*-*-darwin*)
33e2e066 184 AC_MSG_CHECKING(if we have working getaddrinfo)
185 AC_TRY_RUN([#include <mach-o/dyld.h>
186main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
187 exit(0);
188 else
189 exit(1);
190}], [AC_MSG_RESULT(working)],
191 [AC_MSG_RESULT(buggy)
192 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 193 [AC_MSG_RESULT(assume it is working)])
635e0c42 194 AC_DEFINE(SETEUID_BREAKS_SETUID)
195 AC_DEFINE(BROKEN_SETREUID)
196 AC_DEFINE(BROKEN_SETREGID)
ff620033 197 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 198 ;;
7d458c86 199*-*-hpux*)
200 # first we define all of the options common to all HP-UX releases
b8fea62d 201 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 202 IPADDR_IN_DISPLAY=yes
2b10f47a 203 AC_DEFINE(USE_PIPES)
a2572aa7 204 AC_DEFINE(LOGIN_NO_ENDOPT)
205 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 206 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 207 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 208 LIBS="$LIBS -lsec"
7d458c86 209 AC_CHECK_LIB(xnet, t_error, ,
210 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
211
212 # next, we define all of the options specific to major releases
213 case "$host" in
214 *-*-hpux10*)
215 if test -z "$GCC"; then
216 CFLAGS="$CFLAGS -Ae"
217 fi
218 ;;
219 *-*-hpux11*)
220 AC_DEFINE(PAM_SUN_CODEBASE)
221 AC_DEFINE(DISABLE_UTMP)
222 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
223 check_for_hpux_broken_getaddrinfo=1
224 check_for_conflicting_getspnam=1
225 ;;
226 esac
227
228 # lastly, we define options specific to minor releases
229 case "$host" in
230 *-*-hpux10.26)
231 AC_DEFINE(HAVE_SECUREWARE)
232 disable_ptmx_check=yes
233 LIBS="$LIBS -lsecpw"
234 ;;
235 esac
2b763e31 236 ;;
d94aa2ae 237*-*-irix5*)
6ac7829a 238 PATH="$PATH:/usr/etc"
416ed5a7 239 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 240 AC_DEFINE(SETEUID_BREAKS_SETUID)
241 AC_DEFINE(BROKEN_SETREUID)
242 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 243 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 244 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 245 ;;
246*-*-irix6*)
6ac7829a 247 PATH="$PATH:/usr/etc"
3206bb3b 248 AC_DEFINE(WITH_IRIX_ARRAY)
249 AC_DEFINE(WITH_IRIX_PROJECT)
250 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 251 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 252 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 253 AC_DEFINE(SETEUID_BREAKS_SETUID)
254 AC_DEFINE(BROKEN_SETREUID)
255 AC_DEFINE(BROKEN_SETREGID)
3d59832f 256 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 257 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 258 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 259 ;;
5cdfe03f 260*-*-linux*)
261 no_dev_ptmx=1
717057b6 262 check_for_libcrypt_later=1
eacb954e 263 check_for_openpty_ctty_bug=1
80faa19f 264 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 265 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 266 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 267 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 268 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 269 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
270 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 271 inet6_default_4in6=yes
bf7c1e6c 272 case `uname -r` in
ad84c479 273 1.*|2.0.*)
bf7c1e6c 274 AC_DEFINE(BROKEN_CMSG_TYPE)
275 ;;
bf7c1e6c 276 esac
5cdfe03f 277 ;;
66d6c27e 278mips-sony-bsd|mips-sony-newsos4)
35fc74ed 279 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
66d6c27e 280 SONY=1
66d6c27e 281 ;;
d468fc76 282*-*-netbsd*)
33e2e066 283 check_for_libcrypt_before=1
82f4e93d 284 if test "x$withval" != "xno" ; then
e6354014 285 need_dash_r=1
286 fi
d468fc76 287 ;;
86b416a7 288*-*-freebsd*)
289 check_for_libcrypt_later=1
290 ;;
8707b7eb 291*-*-bsdi*)
292 AC_DEFINE(SETEUID_BREAKS_SETUID)
293 AC_DEFINE(BROKEN_SETREUID)
294 AC_DEFINE(BROKEN_SETREGID)
295 ;;
729bfe59 296*-next-*)
729bfe59 297 conf_lastlog_location="/usr/adm/lastlog"
698d107e 298 conf_utmp_location=/etc/utmp
299 conf_wtmp_location=/usr/adm/wtmp
300 MAIL=/usr/spool/mail
729bfe59 301 AC_DEFINE(HAVE_NEXT)
443172c4 302 AC_DEFINE(BROKEN_REALPATH)
00937921 303 AC_DEFINE(USE_PIPES)
86b416a7 304 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 305 ;;
9d6b1b96 306*-*-solaris*)
82f4e93d 307 if test "x$withval" != "xno" ; then
010e9d5b 308 need_dash_r=1
309 fi
adeebd37 310 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 311 AC_DEFINE(LOGIN_NEEDS_UTMPX)
312 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 313 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 314 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 315 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 316 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
317 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 318 external_path_file=/etc/default/login
1d7b9b20 319 # hardwire lastlog location (can't detect it on some versions)
320 conf_lastlog_location="/var/adm/lastlog"
32c80420 321 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
322 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
323 if test "$sol2ver" -ge 8; then
324 AC_MSG_RESULT(yes)
325 AC_DEFINE(DISABLE_UTMP)
326 AC_DEFINE(DISABLE_WTMP)
327 else
328 AC_MSG_RESULT(no)
329 fi
9d6b1b96 330 ;;
a423beaf 331*-*-sunos4*)
0c2fb82f 332 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 333 AC_CHECK_FUNCS(getpwanam)
adeebd37 334 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 335 conf_utmp_location=/etc/utmp
336 conf_wtmp_location=/var/adm/wtmp
337 conf_lastlog_location=/var/adm/lastlog
137d7b6c 338 AC_DEFINE(USE_PIPES)
a423beaf 339 ;;
6f68f28a 340*-ncr-sysv*)
98a7c37b 341 LIBS="$LIBS -lc89"
29525240 342 AC_DEFINE(USE_PIPES)
eabb99c6 343 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 344 AC_DEFINE(SETEUID_BREAKS_SETUID)
345 AC_DEFINE(BROKEN_SETREUID)
346 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 347 ;;
132dd316 348*-sni-sysv*)
c8c15bcb 349 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 350 AC_CHECK_LIB(dl, dlsym, ,)
85cf54ec 351 # -lresolv needs to be at then end of LIBS or DNS lookups break
352 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
9548d6c8 353 IPADDR_IN_DISPLAY=yes
354 AC_DEFINE(USE_PIPES)
132dd316 355 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 356 AC_DEFINE(SETEUID_BREAKS_SETUID)
357 AC_DEFINE(BROKEN_SETREUID)
358 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 359 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 360 external_path_file=/etc/default/login
c8c15bcb 361 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
362 # Attention: always take care to bind libsocket and libnsl before libc,
363 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 364 ;;
79a7ba96 365# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 366*-*-sysv4.2*)
ed6553e2 367 AC_DEFINE(USE_PIPES)
7ed101c0 368 AC_DEFINE(SETEUID_BREAKS_SETUID)
369 AC_DEFINE(BROKEN_SETREUID)
370 AC_DEFINE(BROKEN_SETREGID)
46f853b9 371 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
77bb0bca 372 ;;
79a7ba96 373# UnixWare 7.x, OpenUNIX 8
77bb0bca 374*-*-sysv5*)
ed6553e2 375 AC_DEFINE(USE_PIPES)
7ed101c0 376 AC_DEFINE(SETEUID_BREAKS_SETUID)
377 AC_DEFINE(BROKEN_SETREUID)
378 AC_DEFINE(BROKEN_SETREGID)
46f853b9 379 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
822015dd 380 case "$host" in
381 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
382 TEST_SHELL=/u95/bin/sh
383 ;;
384 esac
77bb0bca 385 ;;
9d6b1b96 386*-*-sysv*)
9d6b1b96 387 ;;
79a7ba96 388# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 389*-*-sco3.2v4*)
11cf4f1f 390 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 391 ;;
79a7ba96 392# SCO OpenServer 5.x
77bb0bca 393*-*-sco3.2v5*)
21710e39 394 if test -z "$GCC"; then
395 CFLAGS="$CFLAGS -belf"
396 fi
ed6553e2 397 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 398 no_dev_ptmx=1
ed6553e2 399 AC_DEFINE(USE_PIPES)
6e879cb4 400 AC_DEFINE(HAVE_SECUREWARE)
d287c664 401 AC_DEFINE(DISABLE_SHADOW)
94d8258b 402 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 403 AC_DEFINE(SETEUID_BREAKS_SETUID)
404 AC_DEFINE(BROKEN_SETREUID)
405 AC_DEFINE(BROKEN_SETREGID)
bcebad47 406 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 407 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 408 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 409 AC_CHECK_FUNCS(getluid setluid)
533875af 410 MANTYPE=man
a3245b92 411 TEST_SHELL=ksh
509b1f88 412 ;;
ccbb983c 413*-*-unicosmk*)
c1ad5966 414 AC_DEFINE(NO_SSH_LASTLOG)
415 AC_DEFINE(SETEUID_BREAKS_SETUID)
416 AC_DEFINE(BROKEN_SETREUID)
417 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 418 AC_DEFINE(USE_PIPES)
419 AC_DEFINE(DISABLE_FD_PASSING)
420 LDFLAGS="$LDFLAGS"
421 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
422 MANTYPE=cat
d262b7f2 423 ;;
7b9a8c6e 424*-*-unicosmp*)
c1ad5966 425 AC_DEFINE(SETEUID_BREAKS_SETUID)
426 AC_DEFINE(BROKEN_SETREUID)
427 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 428 AC_DEFINE(WITH_ABBREV_NO_TTY)
429 AC_DEFINE(USE_PIPES)
430 AC_DEFINE(DISABLE_FD_PASSING)
431 LDFLAGS="$LDFLAGS"
c1ad5966 432 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 433 MANTYPE=cat
434 ;;
ca5c7d6a 435*-*-unicos*)
c1ad5966 436 AC_DEFINE(SETEUID_BREAKS_SETUID)
437 AC_DEFINE(BROKEN_SETREUID)
438 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 439 AC_DEFINE(USE_PIPES)
94d8258b 440 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 441 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 442 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
443 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
444 MANTYPE=cat
a704dd54 445 ;;
4d33e531 446*-dec-osf*)
99c8ddac 447 AC_MSG_CHECKING(for Digital Unix SIA)
448 no_osfsia=""
449 AC_ARG_WITH(osfsia,
450 [ --with-osfsia Enable Digital Unix SIA],
451 [
452 if test "x$withval" = "xno" ; then
453 AC_MSG_RESULT(disabled)
454 no_osfsia=1
455 fi
456 ],
457 )
458 if test -z "$no_osfsia" ; then
4d33e531 459 if test -f /etc/sia/matrix.conf; then
460 AC_MSG_RESULT(yes)
461 AC_DEFINE(HAVE_OSF_SIA)
462 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 463 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 464 LIBS="$LIBS -lsecurity -ldb -lm -laud"
465 else
466 AC_MSG_RESULT(no)
dbf8efb3 467 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 468 fi
469 fi
a6e67b60 470 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 471 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 472 AC_DEFINE(BROKEN_SETREUID)
473 AC_DEFINE(BROKEN_SETREGID)
4d33e531 474 ;;
41cb4569 475
476*-*-nto-qnx)
477 AC_DEFINE(USE_PIPES)
478 AC_DEFINE(NO_X11_UNIX_SOCKETS)
479 AC_DEFINE(MISSING_NFDBITS)
480 AC_DEFINE(MISSING_HOWMANY)
481 AC_DEFINE(MISSING_FD_MASK)
482 ;;
35fc74ed 483
484*-*-ultrix*)
485 AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1])
486 AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files])
487 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
b5765e1d 488 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
489 ;;
a7effaac 490esac
491
8e7b16f8 492# Allow user to specify flags
493AC_ARG_WITH(cflags,
494 [ --with-cflags Specify additional flags to pass to compiler],
495 [
6cf0200f 496 if test -n "$withval" && test "x$withval" != "xno" && \
497 test "x${withval}" != "xyes"; then
8e7b16f8 498 CFLAGS="$CFLAGS $withval"
499 fi
82f4e93d 500 ]
8e7b16f8 501)
0c2fb82f 502AC_ARG_WITH(cppflags,
503 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
504 [
6cf0200f 505 if test -n "$withval" && test "x$withval" != "xno" && \
506 test "x${withval}" != "xyes"; then
0c2fb82f 507 CPPFLAGS="$CPPFLAGS $withval"
508 fi
509 ]
510)
8e7b16f8 511AC_ARG_WITH(ldflags,
97b378bf 512 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 513 [
6cf0200f 514 if test -n "$withval" && test "x$withval" != "xno" && \
515 test "x${withval}" != "xyes"; then
8e7b16f8 516 LDFLAGS="$LDFLAGS $withval"
517 fi
82f4e93d 518 ]
8e7b16f8 519)
520AC_ARG_WITH(libs,
521 [ --with-libs Specify additional libraries to link with],
522 [
6cf0200f 523 if test -n "$withval" && test "x$withval" != "xno" && \
524 test "x${withval}" != "xyes"; then
8e7b16f8 525 LIBS="$LIBS $withval"
526 fi
82f4e93d 527 ]
8e7b16f8 528)
529
c5829391 530AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 531AC_RUN_IFELSE(
532 [AC_LANG_SOURCE([
c5829391 533#include <stdio.h>
534int main(){exit(0);}
479cece8 535 ])],
c5829391 536 [ AC_MSG_RESULT(yes) ],
537 [
538 AC_MSG_RESULT(no)
539 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 540 ],
541 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 542)
543
b04a9f8c 544dnl Checks for header files.
545AC_CHECK_HEADERS( \
546 bstring.h \
547 crypt.h \
548 dirent.h \
549 endian.h \
550 features.h \
551 floatingpoint.h \
552 getopt.h \
553 glob.h \
554 ia.h \
555 lastlog.h \
556 limits.h \
557 login.h \
558 login_cap.h \
559 maillock.h \
560 ndir.h \
561 netdb.h \
562 netgroup.h \
563 netinet/in_systm.h \
564 pam/pam_appl.h \
565 paths.h \
566 pty.h \
567 readpassphrase.h \
568 rpc/types.h \
569 security/pam_appl.h \
570 shadow.h \
571 stddef.h \
572 stdint.h \
0957c2cf 573 string.h \
b04a9f8c 574 strings.h \
575 sys/audit.h \
576 sys/bitypes.h \
577 sys/bsdtty.h \
578 sys/cdefs.h \
579 sys/dir.h \
580 sys/mman.h \
581 sys/ndir.h \
582 sys/prctl.h \
583 sys/pstat.h \
584 sys/select.h \
585 sys/stat.h \
586 sys/stream.h \
587 sys/stropts.h \
588 sys/strtio.h \
589 sys/sysmacros.h \
590 sys/time.h \
591 sys/timers.h \
592 sys/un.h \
593 time.h \
594 tmpdir.h \
595 ttyent.h \
25dd2ce6 596 unistd.h \
b04a9f8c 597 usersec.h \
598 util.h \
599 utime.h \
600 utmp.h \
601 utmpx.h \
ea76f54c 602 vis.h \
b04a9f8c 603)
ddceb1c8 604
765a24cd 605# sys/ptms.h requires sys/stream.h to be included first on Solaris
606AC_CHECK_HEADERS(sys/ptms.h, [], [], [
607#ifdef HAVE_SYS_STREAM_H
608# include <sys/stream.h>
609#endif
610])
611
a0391976 612# Checks for libraries.
98a7c37b 613AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
614AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 615
446227d6 616dnl IRIX and Solaris 2.5.1 have dirname() in libgen
617AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
618 AC_CHECK_LIB(gen, dirname,[
619 AC_CACHE_CHECK([for broken dirname],
620 ac_cv_have_broken_dirname, [
621 save_LIBS="$LIBS"
622 LIBS="$LIBS -lgen"
623 AC_TRY_RUN(
624 [
625#include <libgen.h>
626#include <string.h>
627
628int main(int argc, char **argv) {
629 char *s, buf[32];
630
631 strncpy(buf,"/etc", 32);
632 s = dirname(buf);
633 if (!s || strncmp(s, "/", 32) != 0) {
634 exit(1);
635 } else {
636 exit(0);
637 }
638}
639 ],
640 [ ac_cv_have_broken_dirname="no" ],
641 [ ac_cv_have_broken_dirname="yes" ]
642 )
643 LIBS="$save_LIBS"
644 ])
645 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
646 LIBS="$LIBS -lgen"
647 AC_DEFINE(HAVE_DIRNAME)
648 AC_CHECK_HEADERS(libgen.h)
649 fi
650 ])
651])
652
653AC_CHECK_FUNC(getspnam, ,
654 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
655AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
656
98a7c37b 657dnl zlib is required
658AC_ARG_WITH(zlib,
659 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 660 [ if test "x$withval" = "xno" ; then
661 AC_MSG_ERROR([*** zlib is required ***])
662 elif test "x$withval" != "xyes"; then
98a7c37b 663 if test -d "$withval/lib"; then
664 if test -n "${need_dash_r}"; then
5a162955 665 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 666 else
5a162955 667 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 668 fi
669 else
670 if test -n "${need_dash_r}"; then
5a162955 671 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 672 else
5a162955 673 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 674 fi
675 fi
676 if test -d "$withval/include"; then
5a162955 677 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 678 else
5a162955 679 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 680 fi
6dd05556 681 fi ]
98a7c37b 682)
683
0a15d73b 684AC_CHECK_LIB(z, deflate, ,
685 [
686 saved_CPPFLAGS="$CPPFLAGS"
687 saved_LDFLAGS="$LDFLAGS"
688 save_LIBS="$LIBS"
689 dnl Check default zlib install dir
690 if test -n "${need_dash_r}"; then
691 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
692 else
693 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
694 fi
695 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
696 LIBS="$LIBS -lz"
697 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
698 [
699 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
700 ]
701 )
702 ]
703)
4ad65809 704AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 705
706AC_ARG_WITH(zlib-version-check,
707 [ --without-zlib-version-check Disable zlib version check],
708 [ if test "x$withval" = "xno" ; then
709 zlib_check_nonfatal=1
710 fi
711 ]
712)
713
5c7fc85d 714AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 715AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 716#include <stdio.h>
4ad65809 717#include <zlib.h>
718int main()
719{
5c7fc85d 720 int a=0, b=0, c=0, d=0, n, v;
721 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
722 if (n != 3 && n != 4)
4ad65809 723 exit(1);
5c7fc85d 724 v = a*1000000 + b*10000 + c*100 + d;
725 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
726
727 /* 1.1.4 is OK */
728 if (a == 1 && b == 1 && c >= 4)
4ad65809 729 exit(0);
5c7fc85d 730
731 /* 1.2.1.2 and up are OK */
732 if (v >= 1020102)
733 exit(0);
734
4ad65809 735 exit(2);
736}
479cece8 737 ]])],
5c7fc85d 738 AC_MSG_RESULT(no),
739 [ AC_MSG_RESULT(yes)
8068d564 740 if test -z "$zlib_check_nonfatal" ; then
741 AC_MSG_ERROR([*** zlib too old - check config.log ***
742Your reported zlib version has known security problems. It's possible your
743vendor has fixed these problems without changing the version number. If you
744are sure this is the case, you can disable the check by running
745"./configure --without-zlib-version-check".
5c7fc85d 746If you are in doubt, upgrade zlib to version 1.2.1.2 or greater.
747See http://www.gzip.org/zlib/ for details.])
8068d564 748 else
749 AC_MSG_WARN([zlib version may have security problems])
750 fi
1a01a50c 751 ],
752 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 753)
48e7916f 754
2c523de9 755dnl UnixWare 2.x
aff51935 756AC_CHECK_FUNC(strcasecmp,
2c523de9 757 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
758)
aff51935 759AC_CHECK_FUNC(utimes,
cda1ebcb 760 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
761 LIBS="$LIBS -lc89"]) ]
2c523de9 762)
4cca272e 763
7c6d759d 764dnl Checks for libutil functions
765AC_CHECK_HEADERS(libutil.h)
766AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
767AC_CHECK_FUNCS(logout updwtmp logwtmp)
768
a738c3b0 769AC_FUNC_STRFTIME
770
84ceda19 771# Check for ALTDIRFUNC glob() extension
772AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
773AC_EGREP_CPP(FOUNDIT,
774 [
775 #include <glob.h>
776 #ifdef GLOB_ALTDIRFUNC
777 FOUNDIT
778 #endif
aff51935 779 ],
84ceda19 780 [
781 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
782 AC_MSG_RESULT(yes)
783 ],
784 [
785 AC_MSG_RESULT(no)
786 ]
787)
4cca272e 788
40849fdb 789# Check for g.gl_matchc glob() extension
790AC_MSG_CHECKING(for gl_matchc field in glob_t)
791AC_EGREP_CPP(FOUNDIT,
aff51935 792 [
793 #include <glob.h>
40849fdb 794 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 795 ],
796 [
797 AC_DEFINE(GLOB_HAS_GL_MATCHC)
798 AC_MSG_RESULT(yes)
799 ],
800 [
801 AC_MSG_RESULT(no)
802 ]
40849fdb 803)
804
edbe6722 805AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 806AC_RUN_IFELSE(
479cece8 807 [AC_LANG_SOURCE([[
edbe6722 808#include <sys/types.h>
809#include <dirent.h>
aec4cb4f 810int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 811 ]])],
aff51935 812 [AC_MSG_RESULT(yes)],
edbe6722 813 [
814 AC_MSG_RESULT(no)
815 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 816 ],
82f4e93d 817 [
1a01a50c 818 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
819 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 820 ]
821)
822
419e26e7 823AC_MSG_CHECKING([for /proc/pid/fd directory])
824if test -d "/proc/$$/fd" ; then
825 AC_DEFINE(HAVE_PROC_PID)
826 AC_MSG_RESULT(yes)
827else
828 AC_MSG_RESULT(no)
829fi
830
278588d8 831# Check whether user wants S/Key support
aff51935 832SKEY_MSG="no"
278588d8 833AC_ARG_WITH(skey,
6ff3d0dc 834 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 835 [
836 if test "x$withval" != "xno" ; then
837
838 if test "x$withval" != "xyes" ; then
839 CPPFLAGS="$CPPFLAGS -I${withval}/include"
840 LDFLAGS="$LDFLAGS -L${withval}/lib"
841 fi
842
843 AC_DEFINE(SKEY)
844 LIBS="-lskey $LIBS"
aff51935 845 SKEY_MSG="yes"
82f4e93d 846
ddceb1c8 847 AC_MSG_CHECKING([for s/key support])
848 AC_TRY_RUN(
849 [
850#include <stdio.h>
851#include <skey.h>
aec4cb4f 852int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 853 ],
854 [AC_MSG_RESULT(yes)],
278588d8 855 [
ddceb1c8 856 AC_MSG_RESULT(no)
278588d8 857 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
858 ])
141fc639 859 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
860 AC_TRY_COMPILE(
861 [#include <stdio.h>
862 #include <skey.h>],
863 [(void)skeychallenge(NULL,"name","",0);],
864 [AC_MSG_RESULT(yes)
865 AC_DEFINE(SKEYCHALLENGE_4ARG)],
866 [AC_MSG_RESULT(no)]
867 )
278588d8 868 fi
869 ]
870)
871
872# Check whether user wants TCP wrappers support
98a7c37b 873TCPW_MSG="no"
278588d8 874AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 875 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 876 [
877 if test "x$withval" != "xno" ; then
878 saved_LIBS="$LIBS"
98a7c37b 879 saved_LDFLAGS="$LDFLAGS"
880 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 881 if test -n "${withval}" && \
6cf0200f 882 test "x${withval}" != "xyes"; then
98a7c37b 883 if test -d "${withval}/lib"; then
884 if test -n "${need_dash_r}"; then
5a162955 885 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 886 else
5a162955 887 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 888 fi
889 else
890 if test -n "${need_dash_r}"; then
5a162955 891 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 892 else
5a162955 893 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 894 fi
895 fi
896 if test -d "${withval}/include"; then
5a162955 897 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 898 else
5a162955 899 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 900 fi
98a7c37b 901 fi
ddceb1c8 902 LIBWRAP="-lwrap"
903 LIBS="$LIBWRAP $LIBS"
278588d8 904 AC_MSG_CHECKING(for libwrap)
905 AC_TRY_LINK(
906 [
77f09220 907#include <sys/types.h>
908#include <sys/socket.h>
909#include <netinet/in.h>
278588d8 910#include <tcpd.h>
911 int deny_severity = 0, allow_severity = 0;
912 ],
913 [hosts_access(0);],
914 [
915 AC_MSG_RESULT(yes)
916 AC_DEFINE(LIBWRAP)
ddceb1c8 917 AC_SUBST(LIBWRAP)
98a7c37b 918 TCPW_MSG="yes"
278588d8 919 ],
920 [
921 AC_MSG_ERROR([*** libwrap missing])
922 ]
923 )
ddceb1c8 924 LIBS="$saved_LIBS"
278588d8 925 fi
926 ]
927)
928
59031773 929# Check whether user wants libedit support
930LIBEDIT_MSG="no"
931AC_ARG_WITH(libedit,
6ff3d0dc 932 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 933 [ if test "x$withval" != "xno" ; then
737edf04 934 if test "x$withval" != "xyes"; then
935 CPPFLAGS="$CPPFLAGS -I$withval/include"
936 LDFLAGS="$LDFLAGS -L$withval/lib"
937 fi
59031773 938 AC_CHECK_LIB(edit, el_init,
939 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
940 LIBEDIT="-ledit -lcurses"
941 LIBEDIT_MSG="yes"
942 AC_SUBST(LIBEDIT)
943 ],
737edf04 944 [ AC_MSG_ERROR(libedit not found) ],
945 [ -lcurses ]
59031773 946 )
947 fi ]
948)
949
7b578f7d 950AUDIT_MODULE=none
951AC_ARG_WITH(audit,
952 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
953 [
954 AC_MSG_CHECKING(for supported audit module)
955 case "$withval" in
956 bsm)
957 AC_MSG_RESULT(bsm)
958 AUDIT_MODULE=bsm
959 dnl Checks for headers, libs and functions
960 AC_CHECK_HEADERS(bsm/audit.h, [],
961 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
962 AC_CHECK_LIB(bsm, getaudit, [],
963 [AC_MSG_ERROR(BSM enabled and required library not found)])
964 AC_CHECK_FUNCS(getaudit, [],
965 [AC_MSG_ERROR(BSM enabled and required function not found)])
966 # These are optional
7939c496 967 AC_CHECK_FUNCS(getaudit_addr)
7b578f7d 968 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module])
969 ;;
970 debug)
971 AUDIT_MODULE=debug
972 AC_MSG_RESULT(debug)
973 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
974 ;;
975 *)
976 AC_MSG_ERROR([Unknown audit module $withval])
977 ;;
978 esac ]
979)
980
19160674 981dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 982AC_CHECK_FUNCS( \
983 arc4random \
984 b64_ntop \
985 __b64_ntop \
986 b64_pton \
987 __b64_pton \
988 bcopy \
989 bindresvport_sa \
990 clock \
991 closefrom \
992 dirfd \
993 fchdir \
994 fchmod \
995 fchown \
996 freeaddrinfo \
997 futimes \
998 getaddrinfo \
999 getcwd \
1000 getgrouplist \
1001 getnameinfo \
1002 getopt \
1003 getpeereid \
1004 _getpty \
1005 getrlimit \
1006 getttyent \
1007 glob \
1008 inet_aton \
1009 inet_ntoa \
1010 inet_ntop \
1011 innetgr \
1012 login_getcapbool \
1013 md5_crypt \
1014 memmove \
1015 mkdtemp \
1016 mmap \
1017 ngetaddrinfo \
1018 nsleep \
1019 ogetaddrinfo \
1020 openlog_r \
1021 openpty \
1022 prctl \
1023 pstat \
1024 readpassphrase \
1025 realpath \
1026 recvmsg \
1027 rresvport_af \
1028 sendmsg \
1029 setdtablesize \
1030 setegid \
1031 setenv \
1032 seteuid \
1033 setgroups \
1034 setlogin \
1035 setpcred \
1036 setproctitle \
1037 setregid \
1038 setreuid \
1039 setrlimit \
1040 setsid \
1041 setvbuf \
1042 sigaction \
1043 sigvec \
1044 snprintf \
1045 socketpair \
1046 strdup \
1047 strerror \
1048 strlcat \
1049 strlcpy \
1050 strmode \
1051 strnvis \
1052 strtonum \
1e29a0c8 1053 strtoll \
b04a9f8c 1054 strtoul \
1055 sysconf \
1056 tcgetpgrp \
1057 truncate \
1058 unsetenv \
1059 updwtmpx \
1060 utimes \
1061 vhangup \
1062 vsnprintf \
1063 waitpid \
19160674 1064)
98a7c37b 1065
1a086f97 1066# IRIX has a const char return value for gai_strerror()
1067AC_CHECK_FUNCS(gai_strerror,[
1068 AC_DEFINE(HAVE_GAI_STRERROR)
1069 AC_TRY_COMPILE([
1070#include <sys/types.h>
1071#include <sys/socket.h>
1072#include <netdb.h>
1073
1074const char *gai_strerror(int);],[
1075char *str;
1076
1077str = gai_strerror(0);],[
1078 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1079 [Define if gai_strerror() returns const char *])])])
1080
92b1decf 1081AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
1082
309709db 1083dnl Make sure prototypes are defined for these before using them.
309709db 1084AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1085AC_CHECK_DECL(strsep,
1086 [AC_CHECK_FUNCS(strsep)],
1087 [],
1088 [
1089#ifdef HAVE_STRING_H
1090# include <string.h>
1091#endif
1092 ])
08412d26 1093
3490699c 1094dnl tcsendbreak might be a macro
1095AC_CHECK_DECL(tcsendbreak,
1096 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1097 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1098 [#include <termios.h>]
1099)
1100
41e0e158 1101AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1102
3f176010 1103AC_CHECK_FUNCS(setresuid, [
1104 dnl Some platorms have setresuid that isn't implemented, test for this
1105 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1106 AC_RUN_IFELSE(
1107 [AC_LANG_SOURCE([[
9a3fe0e2 1108#include <stdlib.h>
1109#include <errno.h>
1110int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1111 ]])],
3f176010 1112 [AC_MSG_RESULT(yes)],
24a9171d 1113 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 1114 AC_MSG_RESULT(not implemented)],
1115 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1116 )
1117])
9a3fe0e2 1118
3f176010 1119AC_CHECK_FUNCS(setresgid, [
1120 dnl Some platorms have setresgid that isn't implemented, test for this
1121 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1122 AC_RUN_IFELSE(
1123 [AC_LANG_SOURCE([[
9a3fe0e2 1124#include <stdlib.h>
1125#include <errno.h>
1126int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1127 ]])],
3f176010 1128 [AC_MSG_RESULT(yes)],
1129 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 1130 AC_MSG_RESULT(not implemented)],
1131 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1132 )
1133])
9a3fe0e2 1134
2e73a022 1135dnl Checks for time functions
1d7b9b20 1136AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1137dnl Checks for utmp functions
b03bd394 1138AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1139AC_CHECK_FUNCS(utmpname)
2e73a022 1140dnl Checks for utmpx functions
b03bd394 1141AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1142AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1143
aff51935 1144AC_CHECK_FUNC(daemon,
beb43d31 1145 [AC_DEFINE(HAVE_DAEMON)],
1146 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
1147)
1148
aff51935 1149AC_CHECK_FUNC(getpagesize,
aa6bd60a 1150 [AC_DEFINE(HAVE_GETPAGESIZE)],
1151 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
1152)
1153
2647ae26 1154# Check for broken snprintf
1155if test "x$ac_cv_func_snprintf" = "xyes" ; then
1156 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1157 AC_RUN_IFELSE(
479cece8 1158 [AC_LANG_SOURCE([[
2647ae26 1159#include <stdio.h>
aec4cb4f 1160int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1161 ]])],
aff51935 1162 [AC_MSG_RESULT(yes)],
2647ae26 1163 [
1164 AC_MSG_RESULT(no)
1165 AC_DEFINE(BROKEN_SNPRINTF)
1166 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1167 ],
1168 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1169 )
1170fi
1171
2f6f9cff 1172# Check for missing getpeereid (or equiv) support
1173NO_PEERCHECK=""
1174if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1175 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1176 AC_TRY_COMPILE(
1177 [#include <sys/types.h>
1178 #include <sys/socket.h>],
1179 [int i = SO_PEERCRED;],
62eb7db4 1180 [ AC_MSG_RESULT(yes)
1181 AC_DEFINE(HAVE_SO_PEERCRED, [], [Have PEERCRED socket option])
1182 ],
2f6f9cff 1183 [AC_MSG_RESULT(no)
1184 NO_PEERCHECK=1]
1185 )
1186fi
1187
70e7d0b0 1188dnl see whether mkstemp() requires XXXXXX
1189if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1190AC_MSG_CHECKING([for (overly) strict mkstemp])
1191AC_TRY_RUN(
1192 [
1193#include <stdlib.h>
1194main() { char template[]="conftest.mkstemp-test";
1195if (mkstemp(template) == -1)
1196 exit(1);
1197unlink(template); exit(0);
1198}
1199 ],
1200 [
1201 AC_MSG_RESULT(no)
1202 ],
aff51935 1203 [
70e7d0b0 1204 AC_MSG_RESULT(yes)
1205 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1206 ],
1207 [
1208 AC_MSG_RESULT(yes)
1209 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1210 ]
70e7d0b0 1211)
1212fi
1213
eacb954e 1214dnl make sure that openpty does not reacquire controlling terminal
1215if test ! -z "$check_for_openpty_ctty_bug"; then
1216 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1217 AC_TRY_RUN(
1218 [
1219#include <stdio.h>
1220#include <sys/fcntl.h>
1221#include <sys/types.h>
1222#include <sys/wait.h>
1223
1224int
1225main()
1226{
1227 pid_t pid;
1228 int fd, ptyfd, ttyfd, status;
1229
1230 pid = fork();
1231 if (pid < 0) { /* failed */
1232 exit(1);
1233 } else if (pid > 0) { /* parent */
1234 waitpid(pid, &status, 0);
aff51935 1235 if (WIFEXITED(status))
eacb954e 1236 exit(WEXITSTATUS(status));
1237 else
1238 exit(2);
1239 } else { /* child */
1240 close(0); close(1); close(2);
1241 setsid();
1242 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1243 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1244 if (fd >= 0)
1245 exit(3); /* Acquired ctty: broken */
1246 else
1247 exit(0); /* Did not acquire ctty: OK */
1248 }
1249}
1250 ],
1251 [
1252 AC_MSG_RESULT(yes)
1253 ],
1254 [
1255 AC_MSG_RESULT(no)
1256 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1257 ]
1258 )
1259fi
1260
4b492aab 1261if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1262 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1263 AC_MSG_CHECKING(if getaddrinfo seems to work)
1264 AC_TRY_RUN(
1265 [
1266#include <stdio.h>
1267#include <sys/socket.h>
1268#include <netdb.h>
1269#include <errno.h>
1270#include <netinet/in.h>
1271
1272#define TEST_PORT "2222"
1273
1274int
1275main(void)
1276{
1277 int err, sock;
1278 struct addrinfo *gai_ai, *ai, hints;
1279 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1280
1281 memset(&hints, 0, sizeof(hints));
1282 hints.ai_family = PF_UNSPEC;
1283 hints.ai_socktype = SOCK_STREAM;
1284 hints.ai_flags = AI_PASSIVE;
1285
1286 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1287 if (err != 0) {
1288 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1289 exit(1);
1290 }
1291
1292 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1293 if (ai->ai_family != AF_INET6)
1294 continue;
1295
1296 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1297 sizeof(ntop), strport, sizeof(strport),
1298 NI_NUMERICHOST|NI_NUMERICSERV);
1299
1300 if (err != 0) {
1301 if (err == EAI_SYSTEM)
1302 perror("getnameinfo EAI_SYSTEM");
1303 else
1304 fprintf(stderr, "getnameinfo failed: %s\n",
1305 gai_strerror(err));
1306 exit(2);
1307 }
1308
1309 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1310 if (sock < 0)
1311 perror("socket");
1312 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1313 if (errno == EBADF)
1314 exit(3);
1315 }
1316 }
1317 exit(0);
1318}
1319 ],
1320 [
1321 AC_MSG_RESULT(yes)
1322 ],
1323 [
1324 AC_MSG_RESULT(no)
1325 AC_DEFINE(BROKEN_GETADDRINFO)
1326 ]
1327 )
1328fi
1329
4b492aab 1330if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1331 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1332 AC_MSG_CHECKING(if getaddrinfo seems to work)
1333 AC_TRY_RUN(
1334 [
1335#include <stdio.h>
1336#include <sys/socket.h>
1337#include <netdb.h>
1338#include <errno.h>
1339#include <netinet/in.h>
1340
1341#define TEST_PORT "2222"
1342
1343int
1344main(void)
1345{
1346 int err, sock;
1347 struct addrinfo *gai_ai, *ai, hints;
1348 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1349
1350 memset(&hints, 0, sizeof(hints));
1351 hints.ai_family = PF_UNSPEC;
1352 hints.ai_socktype = SOCK_STREAM;
1353 hints.ai_flags = AI_PASSIVE;
1354
1355 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1356 if (err != 0) {
1357 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1358 exit(1);
1359 }
1360
1361 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1362 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1363 continue;
1364
1365 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1366 sizeof(ntop), strport, sizeof(strport),
1367 NI_NUMERICHOST|NI_NUMERICSERV);
1368
1369 if (ai->ai_family == AF_INET && err != 0) {
1370 perror("getnameinfo");
1371 exit(2);
1372 }
1373 }
1374 exit(0);
1375}
1376 ],
1377 [
1378 AC_MSG_RESULT(yes)
1379 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1380[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1381 ],
1382 [
1383 AC_MSG_RESULT(no)
1384 AC_DEFINE(BROKEN_GETADDRINFO)
1385 ]
1386 )
1387fi
1388
b29fd59f 1389if test "x$check_for_conflicting_getspnam" = "x1"; then
1390 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1391 AC_COMPILE_IFELSE(
1392 [
1393#include <shadow.h>
1394int main(void) {exit(0);}
1395 ],
1396 [
1397 AC_MSG_RESULT(no)
1398 ],
1399 [
1400 AC_MSG_RESULT(yes)
1401 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1402 [Conflicting defs for getspnam])
1403 ]
1404 )
1405fi
1406
7f8f5e00 1407AC_FUNC_GETPGRP
1408
717057b6 1409# Check for PAM libs
cbd7492e 1410PAM_MSG="no"
a0391976 1411AC_ARG_WITH(pam,
717057b6 1412 [ --with-pam Enable PAM support ],
a0391976 1413 [
717057b6 1414 if test "x$withval" != "xno" ; then
2511d104 1415 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1416 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1417 AC_MSG_ERROR([PAM headers not found])
1418 fi
a0391976 1419
717057b6 1420 AC_CHECK_LIB(dl, dlopen, , )
1421 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1422 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1423 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1424
717057b6 1425 PAM_MSG="yes"
4cb5ffa0 1426
717057b6 1427 AC_DEFINE(USE_PAM)
98f2d9d5 1428 if test $ac_cv_lib_dl_dlopen = yes; then
1429 LIBPAM="-lpam -ldl"
1430 else
1431 LIBPAM="-lpam"
1432 fi
1433 AC_SUBST(LIBPAM)
717057b6 1434 fi
1435 ]
1436)
cbd7492e 1437
717057b6 1438# Check for older PAM
1439if test "x$PAM_MSG" = "xyes" ; then
a0391976 1440 # Check PAM strerror arguments (old PAM)
1441 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1442 AC_TRY_COMPILE(
1443 [
18ba2aab 1444#include <stdlib.h>
2511d104 1445#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1446#include <security/pam_appl.h>
2511d104 1447#elif defined (HAVE_PAM_PAM_APPL_H)
1448#include <pam/pam_appl.h>
1449#endif
aff51935 1450 ],
1451 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1452 [AC_MSG_RESULT(no)],
1453 [
1454 AC_DEFINE(HAVE_OLD_PAM)
1455 AC_MSG_RESULT(yes)
cbd7492e 1456 PAM_MSG="yes (old library)"
a0391976 1457 ]
717057b6 1458 )
a0391976 1459fi
1460
5b991353 1461# Search for OpenSSL
1462saved_CPPFLAGS="$CPPFLAGS"
1463saved_LDFLAGS="$LDFLAGS"
a0391976 1464AC_ARG_WITH(ssl-dir,
1465 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1466 [
e9e4a1c7 1467 if test "x$withval" != "xno" ; then
99eb0f64 1468 case "$withval" in
1469 # Relative paths
1470 ./*|../*) withval="`pwd`/$withval"
1471 esac
5b991353 1472 if test -d "$withval/lib"; then
1473 if test -n "${need_dash_r}"; then
1474 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1475 else
1476 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1477 fi
1478 else
5b991353 1479 if test -n "${need_dash_r}"; then
1480 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1481 else
1482 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1483 fi
1484 fi
5b991353 1485 if test -d "$withval/include"; then
1486 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1487 else
5b991353 1488 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1489 fi
a0391976 1490 fi
5b991353 1491 ]
1492)
5486a457 1493LIBS="-lcrypto $LIBS"
5b991353 1494AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1495 [
5b991353 1496 dnl Check default openssl install dir
1497 if test -n "${need_dash_r}"; then
1498 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1499 else
5b991353 1500 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1501 fi
5b991353 1502 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1503 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1504 [
1505 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1506 ]
1507 )
1508 ]
1509)
1510
cd018561 1511# Determine OpenSSL header version
1512AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1513AC_RUN_IFELSE(
479cece8 1514 [AC_LANG_SOURCE([[
cd018561 1515#include <stdio.h>
1516#include <string.h>
1517#include <openssl/opensslv.h>
1518#define DATA "conftest.sslincver"
1519int main(void) {
aff51935 1520 FILE *fd;
1521 int rc;
cd018561 1522
aff51935 1523 fd = fopen(DATA,"w");
1524 if(fd == NULL)
1525 exit(1);
cd018561 1526
1527 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1528 exit(1);
1529
1530 exit(0);
1531}
479cece8 1532 ]])],
cd018561 1533 [
1534 ssl_header_ver=`cat conftest.sslincver`
1535 AC_MSG_RESULT($ssl_header_ver)
1536 ],
1537 [
1538 AC_MSG_RESULT(not found)
1539 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1540 ],
1541 [
1542 AC_MSG_WARN([cross compiling: not checking])
cd018561 1543 ]
1544)
1545
1546# Determine OpenSSL library version
1547AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1548AC_RUN_IFELSE(
479cece8 1549 [AC_LANG_SOURCE([[
cd018561 1550#include <stdio.h>
1551#include <string.h>
1552#include <openssl/opensslv.h>
1553#include <openssl/crypto.h>
1554#define DATA "conftest.ssllibver"
1555int main(void) {
aff51935 1556 FILE *fd;
1557 int rc;
cd018561 1558
aff51935 1559 fd = fopen(DATA,"w");
1560 if(fd == NULL)
1561 exit(1);
cd018561 1562
1563 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1564 exit(1);
1565
1566 exit(0);
1567}
479cece8 1568 ]])],
cd018561 1569 [
1570 ssl_library_ver=`cat conftest.ssllibver`
1571 AC_MSG_RESULT($ssl_library_ver)
1572 ],
1573 [
1574 AC_MSG_RESULT(not found)
1575 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1576 ],
1577 [
1578 AC_MSG_WARN([cross compiling: not checking])
cd018561 1579 ]
1580)
58d100bf 1581
9780116c 1582# Sanity check OpenSSL headers
1583AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1584AC_RUN_IFELSE(
479cece8 1585 [AC_LANG_SOURCE([[
9780116c 1586#include <string.h>
1587#include <openssl/opensslv.h>
aec4cb4f 1588int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1589 ]])],
9780116c 1590 [
1591 AC_MSG_RESULT(yes)
1592 ],
1593 [
1594 AC_MSG_RESULT(no)
e15ba28b 1595 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1596Check config.log for details.
1597Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1598 ],
1599 [
1600 AC_MSG_WARN([cross compiling: not checking])
9780116c 1601 ]
1602)
1603
5486a457 1604# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1605# because the system crypt() is more featureful.
1606if test "x$check_for_libcrypt_before" = "x1"; then
1607 AC_CHECK_LIB(crypt, crypt)
1608fi
1609
aff51935 1610# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1611# version in OpenSSL.
05114c74 1612if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1613 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1614fi
1615
f1b0ecc3 1616
1617### Configure cryptographic random number support
1618
1619# Check wheter OpenSSL seeds itself
1620AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1621AC_RUN_IFELSE(
479cece8 1622 [AC_LANG_SOURCE([[
f1b0ecc3 1623#include <string.h>
1624#include <openssl/rand.h>
aec4cb4f 1625int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1626 ]])],
f1b0ecc3 1627 [
1628 OPENSSL_SEEDS_ITSELF=yes
1629 AC_MSG_RESULT(yes)
1630 ],
1631 [
1632 AC_MSG_RESULT(no)
1633 # Default to use of the rand helper if OpenSSL doesn't
1634 # seed itself
1635 USE_RAND_HELPER=yes
1a01a50c 1636 ],
1637 [
1638 AC_MSG_WARN([cross compiling: assuming yes])
1639 # This is safe, since all recent OpenSSL versions will
82f4e93d 1640 # complain at runtime if not seeded correctly.
1a01a50c 1641 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1642 ]
1643)
1644
1645
1646# Do we want to force the use of the rand helper?
1647AC_ARG_WITH(rand-helper,
1648 [ --with-rand-helper Use subprocess to gather strong randomness ],
1649 [
1650 if test "x$withval" = "xno" ; then
aff51935 1651 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1652 # the previous test showed it to be unseeded.
1653 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1654 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1655 OPENSSL_SEEDS_ITSELF=yes
1656 USE_RAND_HELPER=""
1657 fi
1658 else
1659 USE_RAND_HELPER=yes
1660 fi
1661 ],
82f4e93d 1662)
f1b0ecc3 1663
1664# Which randomness source do we use?
4b492aab 1665if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1666 # OpenSSL only
1667 AC_DEFINE(OPENSSL_PRNG_ONLY)
1668 RAND_MSG="OpenSSL internal ONLY"
1669 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1670elif test ! -z "$USE_RAND_HELPER" ; then
1671 # install rand helper
f1b0ecc3 1672 RAND_MSG="ssh-rand-helper"
1673 INSTALL_SSH_RAND_HELPER="yes"
1674fi
1675AC_SUBST(INSTALL_SSH_RAND_HELPER)
1676
1677### Configuration of ssh-rand-helper
1678
1679# PRNGD TCP socket
1680AC_ARG_WITH(prngd-port,
1681 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1682 [
eb5d7ff6 1683 case "$withval" in
1684 no)
1685 withval=""
1686 ;;
1687 [[0-9]]*)
1688 ;;
1689 *)
1690 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1691 ;;
1692 esac
1693 if test ! -z "$withval" ; then
f1b0ecc3 1694 PRNGD_PORT="$withval"
1695 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1696 fi
1697 ]
1698)
1699
1700# PRNGD Unix domain socket
1701AC_ARG_WITH(prngd-socket,
1702 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1703 [
eb5d7ff6 1704 case "$withval" in
1705 yes)
f1b0ecc3 1706 withval="/var/run/egd-pool"
eb5d7ff6 1707 ;;
1708 no)
1709 withval=""
1710 ;;
1711 /*)
1712 ;;
1713 *)
1714 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1715 ;;
1716 esac
1717
1718 if test ! -z "$withval" ; then
f1b0ecc3 1719 if test ! -z "$PRNGD_PORT" ; then
1720 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1721 fi
906e811b 1722 if test ! -r "$withval" ; then
f1b0ecc3 1723 AC_MSG_WARN(Entropy socket is not readable)
1724 fi
1725 PRNGD_SOCKET="$withval"
1726 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1727 fi
ddceb1c8 1728 ],
1729 [
1730 # Check for existing socket only if we don't have a random device already
1731 if test "$USE_RAND_HELPER" = yes ; then
1732 AC_MSG_CHECKING(for PRNGD/EGD socket)
1733 # Insert other locations here
1734 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1735 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1736 PRNGD_SOCKET="$sock"
1737 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1738 break;
1739 fi
1740 done
1741 if test ! -z "$PRNGD_SOCKET" ; then
1742 AC_MSG_RESULT($PRNGD_SOCKET)
1743 else
1744 AC_MSG_RESULT(not found)
1745 fi
1746 fi
f1b0ecc3 1747 ]
1748)
1749
1750# Change default command timeout for hashing entropy source
1751entropy_timeout=200
1752AC_ARG_WITH(entropy-timeout,
1753 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1754 [
6cf0200f 1755 if test -n "$withval" && test "x$withval" != "xno" && \
1756 test "x${withval}" != "xyes"; then
f1b0ecc3 1757 entropy_timeout=$withval
1758 fi
82f4e93d 1759 ]
f1b0ecc3 1760)
f1b0ecc3 1761AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1762
fd3cbf67 1763SSH_PRIVSEP_USER=sshd
9a0fbcb3 1764AC_ARG_WITH(privsep-user,
5222e7ef 1765 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1766 [
6cf0200f 1767 if test -n "$withval" && test "x$withval" != "xno" && \
1768 test "x${withval}" != "xyes"; then
fd3cbf67 1769 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1770 fi
82f4e93d 1771 ]
9a0fbcb3 1772)
fd3cbf67 1773AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1774AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1775
81dadca3 1776# We do this little dance with the search path to insure
1777# that programs that we select for use by installed programs
1778# (which may be run by the super-user) come from trusted
1779# locations before they come from the user's private area.
1780# This should help avoid accidentally configuring some
1781# random version of a program in someone's personal bin.
1782
1783OPATH=$PATH
1784PATH=/bin:/usr/bin
f95c8ce8 1785test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1786test -d /sbin && PATH=$PATH:/sbin
1787test -d /usr/sbin && PATH=$PATH:/usr/sbin
1788PATH=$PATH:/etc:$OPATH
1789
aff51935 1790# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1791OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1792OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1793OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1794OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1795OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1796OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1797OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1798OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1799OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1800OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1801OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1802OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1803OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1804OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1805OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1806OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1807# restore PATH
1808PATH=$OPATH
f1b0ecc3 1809
1810# Where does ssh-rand-helper get its randomness from?
1811INSTALL_SSH_PRNG_CMDS=""
1812if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1813 if test ! -z "$PRNGD_PORT" ; then
1814 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1815 elif test ! -z "$PRNGD_SOCKET" ; then
1816 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1817 else
1818 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1819 RAND_HELPER_CMDHASH=yes
1820 INSTALL_SSH_PRNG_CMDS="yes"
1821 fi
1822fi
1823AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1824
1825
66d6c27e 1826# Cheap hack to ensure NEWS-OS libraries are arranged right.
1827if test ! -z "$SONY" ; then
1828 LIBS="$LIBS -liberty";
1829fi
1830
a0391976 1831# Checks for data types
976f7e19 1832AC_CHECK_SIZEOF(char, 1)
2b942fe0 1833AC_CHECK_SIZEOF(short int, 2)
1834AC_CHECK_SIZEOF(int, 4)
1835AC_CHECK_SIZEOF(long int, 4)
1836AC_CHECK_SIZEOF(long long int, 8)
1837
52f1ccb2 1838# Sanity check long long for some platforms (AIX)
1839if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1840 ac_cv_sizeof_long_long_int=0
1841fi
1842
a0391976 1843# More checks for data types
14a9a859 1844AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1845 AC_TRY_COMPILE(
aff51935 1846 [ #include <sys/types.h> ],
1847 [ u_int a; a = 1;],
14a9a859 1848 [ ac_cv_have_u_int="yes" ],
1849 [ ac_cv_have_u_int="no" ]
1850 )
1851])
1852if test "x$ac_cv_have_u_int" = "xyes" ; then
1853 AC_DEFINE(HAVE_U_INT)
1854 have_u_int=1
1855fi
1856
58d100bf 1857AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1858 AC_TRY_COMPILE(
aff51935 1859 [ #include <sys/types.h> ],
1860 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1861 [ ac_cv_have_intxx_t="yes" ],
1862 [ ac_cv_have_intxx_t="no" ]
1863 )
1864])
1865if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1866 AC_DEFINE(HAVE_INTXX_T)
1867 have_intxx_t=1
1868fi
41cb4569 1869
1870if (test -z "$have_intxx_t" && \
aff51935 1871 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1872then
1873 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1874 AC_TRY_COMPILE(
aff51935 1875 [ #include <stdint.h> ],
1876 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1877 [
1878 AC_DEFINE(HAVE_INTXX_T)
1879 AC_MSG_RESULT(yes)
1880 ],
1881 [ AC_MSG_RESULT(no) ]
1882 )
1883fi
1884
bd590612 1885AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1886 AC_TRY_COMPILE(
1cbbe6c8 1887 [
1888#include <sys/types.h>
1889#ifdef HAVE_STDINT_H
1890# include <stdint.h>
1891#endif
1892#include <sys/socket.h>
1893#ifdef HAVE_SYS_BITYPES_H
1894# include <sys/bitypes.h>
1895#endif
aff51935 1896 ],
1897 [ int64_t a; a = 1;],
bd590612 1898 [ ac_cv_have_int64_t="yes" ],
1899 [ ac_cv_have_int64_t="no" ]
1900 )
1901])
1902if test "x$ac_cv_have_int64_t" = "xyes" ; then
1903 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1904fi
1905
58d100bf 1906AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1907 AC_TRY_COMPILE(
aff51935 1908 [ #include <sys/types.h> ],
1909 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1910 [ ac_cv_have_u_intxx_t="yes" ],
1911 [ ac_cv_have_u_intxx_t="no" ]
1912 )
1913])
1914if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1915 AC_DEFINE(HAVE_U_INTXX_T)
1916 have_u_intxx_t=1
1917fi
2b942fe0 1918
41cb4569 1919if test -z "$have_u_intxx_t" ; then
1920 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1921 AC_TRY_COMPILE(
aff51935 1922 [ #include <sys/socket.h> ],
1923 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1924 [
1925 AC_DEFINE(HAVE_U_INTXX_T)
1926 AC_MSG_RESULT(yes)
1927 ],
1928 [ AC_MSG_RESULT(no) ]
1929 )
1930fi
1931
bd590612 1932AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1933 AC_TRY_COMPILE(
aff51935 1934 [ #include <sys/types.h> ],
1935 [ u_int64_t a; a = 1;],
bd590612 1936 [ ac_cv_have_u_int64_t="yes" ],
1937 [ ac_cv_have_u_int64_t="no" ]
1938 )
1939])
1940if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1941 AC_DEFINE(HAVE_U_INT64_T)
1942 have_u_int64_t=1
1943fi
1944
ddceb1c8 1945if test -z "$have_u_int64_t" ; then
1946 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1947 AC_TRY_COMPILE(
aff51935 1948 [ #include <sys/bitypes.h> ],
ddceb1c8 1949 [ u_int64_t a; a = 1],
1950 [
1951 AC_DEFINE(HAVE_U_INT64_T)
1952 AC_MSG_RESULT(yes)
1953 ],
1954 [ AC_MSG_RESULT(no) ]
1955 )
1956fi
1957
41cb4569 1958if test -z "$have_u_intxx_t" ; then
1959 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1960 AC_TRY_COMPILE(
1961 [
1962#include <sys/types.h>
aff51935 1963 ],
1964 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 1965 [ ac_cv_have_uintxx_t="yes" ],
1966 [ ac_cv_have_uintxx_t="no" ]
1967 )
1968 ])
1969 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1970 AC_DEFINE(HAVE_UINTXX_T)
1971 fi
1972fi
1973
1974if test -z "$have_uintxx_t" ; then
1975 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1976 AC_TRY_COMPILE(
aff51935 1977 [ #include <stdint.h> ],
1978 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 1979 [
1980 AC_DEFINE(HAVE_UINTXX_T)
1981 AC_MSG_RESULT(yes)
1982 ],
1983 [ AC_MSG_RESULT(no) ]
1984 )
1985fi
1986
e5fe9a1f 1987if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 1988 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1989then
1990 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1991 AC_TRY_COMPILE(
58d100bf 1992 [
1993#include <sys/bitypes.h>
aff51935 1994 ],
5cdfe03f 1995 [
837c30b8 1996 int8_t a; int16_t b; int32_t c;
1997 u_int8_t e; u_int16_t f; u_int32_t g;
1998 a = b = c = e = f = g = 1;
aff51935 1999 ],
5cdfe03f 2000 [
2001 AC_DEFINE(HAVE_U_INTXX_T)
2002 AC_DEFINE(HAVE_INTXX_T)
2003 AC_MSG_RESULT(yes)
2004 ],
2005 [AC_MSG_RESULT(no)]
aff51935 2006 )
5cdfe03f 2007fi
2008
0362750e 2009
2010AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2011 AC_TRY_COMPILE(
2012 [
2013#include <sys/types.h>
2014 ],
2015 [ u_char foo; foo = 125; ],
2016 [ ac_cv_have_u_char="yes" ],
2017 [ ac_cv_have_u_char="no" ]
2018 )
2019])
2020if test "x$ac_cv_have_u_char" = "xyes" ; then
2021 AC_DEFINE(HAVE_U_CHAR)
2022fi
2023
98a7c37b 2024TYPE_SOCKLEN_T
2b942fe0 2025
2d16d9a3 2026AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2027
777ece68 2028AC_CHECK_TYPES(in_addr_t,,,
2029[#include <sys/types.h>
2030#include <netinet/in.h>])
7b578f7d 2031
58d100bf 2032AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2033 AC_TRY_COMPILE(
2034 [
18ba2aab 2035#include <sys/types.h>
58d100bf 2036 ],
2037 [ size_t foo; foo = 1235; ],
2038 [ ac_cv_have_size_t="yes" ],
2039 [ ac_cv_have_size_t="no" ]
2040 )
2041])
2042if test "x$ac_cv_have_size_t" = "xyes" ; then
2043 AC_DEFINE(HAVE_SIZE_T)
2044fi
ea1970a3 2045
c04f75f1 2046AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2047 AC_TRY_COMPILE(
2048 [
2049#include <sys/types.h>
2050 ],
2051 [ ssize_t foo; foo = 1235; ],
2052 [ ac_cv_have_ssize_t="yes" ],
2053 [ ac_cv_have_ssize_t="no" ]
2054 )
2055])
2056if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2057 AC_DEFINE(HAVE_SSIZE_T)
2058fi
2059
f1c4659d 2060AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2061 AC_TRY_COMPILE(
2062 [
2063#include <time.h>
2064 ],
2065 [ clock_t foo; foo = 1235; ],
2066 [ ac_cv_have_clock_t="yes" ],
2067 [ ac_cv_have_clock_t="no" ]
2068 )
2069])
2070if test "x$ac_cv_have_clock_t" = "xyes" ; then
2071 AC_DEFINE(HAVE_CLOCK_T)
2072fi
2073
1c04b088 2074AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2075 AC_TRY_COMPILE(
2076 [
2077#include <sys/types.h>
2078#include <sys/socket.h>
2079 ],
2080 [ sa_family_t foo; foo = 1235; ],
2081 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2082 [ AC_TRY_COMPILE(
2083 [
2084#include <sys/types.h>
2085#include <sys/socket.h>
2086#include <netinet/in.h>
2087 ],
2088 [ sa_family_t foo; foo = 1235; ],
2089 [ ac_cv_have_sa_family_t="yes" ],
2090
1c04b088 2091 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2092 )]
1c04b088 2093 )
2094])
2095if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2096 AC_DEFINE(HAVE_SA_FAMILY_T)
2097fi
2098
729bfe59 2099AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2100 AC_TRY_COMPILE(
2101 [
2102#include <sys/types.h>
2103 ],
2104 [ pid_t foo; foo = 1235; ],
2105 [ ac_cv_have_pid_t="yes" ],
2106 [ ac_cv_have_pid_t="no" ]
2107 )
2108])
2109if test "x$ac_cv_have_pid_t" = "xyes" ; then
2110 AC_DEFINE(HAVE_PID_T)
2111fi
2112
2113AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2114 AC_TRY_COMPILE(
2115 [
2116#include <sys/types.h>
2117 ],
2118 [ mode_t foo; foo = 1235; ],
2119 [ ac_cv_have_mode_t="yes" ],
2120 [ ac_cv_have_mode_t="no" ]
2121 )
2122])
2123if test "x$ac_cv_have_mode_t" = "xyes" ; then
2124 AC_DEFINE(HAVE_MODE_T)
2125fi
2126
e3a93db0 2127
58d100bf 2128AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2129 AC_TRY_COMPILE(
2130 [
18ba2aab 2131#include <sys/types.h>
2132#include <sys/socket.h>
58d100bf 2133 ],
2134 [ struct sockaddr_storage s; ],
2135 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2136 [ ac_cv_have_struct_sockaddr_storage="no" ]
2137 )
2138])
2139if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2140 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
2141fi
48e671d5 2142
58d100bf 2143AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2144 AC_TRY_COMPILE(
2145 [
cbd7492e 2146#include <sys/types.h>
58d100bf 2147#include <netinet/in.h>
2148 ],
2149 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2150 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2151 [ ac_cv_have_struct_sockaddr_in6="no" ]
2152 )
2153])
2154if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2155 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
2156fi
48e671d5 2157
58d100bf 2158AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2159 AC_TRY_COMPILE(
2160 [
cbd7492e 2161#include <sys/types.h>
58d100bf 2162#include <netinet/in.h>
2163 ],
2164 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2165 [ ac_cv_have_struct_in6_addr="yes" ],
2166 [ ac_cv_have_struct_in6_addr="no" ]
2167 )
2168])
2169if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2170 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
2171fi
48e671d5 2172
58d100bf 2173AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2174 AC_TRY_COMPILE(
2175 [
18ba2aab 2176#include <sys/types.h>
2177#include <sys/socket.h>
2178#include <netdb.h>
58d100bf 2179 ],
2180 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2181 [ ac_cv_have_struct_addrinfo="yes" ],
2182 [ ac_cv_have_struct_addrinfo="no" ]
2183 )
2184])
2185if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2186 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2187fi
2188
89c7e31c 2189AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2190 AC_TRY_COMPILE(
aff51935 2191 [ #include <sys/time.h> ],
2192 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2193 [ ac_cv_have_struct_timeval="yes" ],
2194 [ ac_cv_have_struct_timeval="no" ]
2195 )
2196])
2197if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2198 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2199 have_struct_timeval=1
2200fi
2201
5271b55c 2202AC_CHECK_TYPES(struct timespec)
2203
85abc74b 2204# We need int64_t or else certian parts of the compile will fail.
4b492aab 2205if test "x$ac_cv_have_int64_t" = "xno" && \
2206 test "x$ac_cv_sizeof_long_int" != "x8" && \
2207 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2208 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2209 echo "an alternative compiler (I.E., GCC) before continuing."
2210 echo ""
2211 exit 1;
733cf7f4 2212else
2213dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2214 AC_RUN_IFELSE(
479cece8 2215 [AC_LANG_SOURCE([[
733cf7f4 2216#include <stdio.h>
2217#include <string.h>
2218#ifdef HAVE_SNPRINTF
2219main()
2220{
2221 char buf[50];
2222 char expected_out[50];
2223 int mazsize = 50 ;
2224#if (SIZEOF_LONG_INT == 8)
2225 long int num = 0x7fffffffffffffff;
2226#else
763a1a18 2227 long long num = 0x7fffffffffffffffll;
733cf7f4 2228#endif
2229 strcpy(expected_out, "9223372036854775807");
2230 snprintf(buf, mazsize, "%lld", num);
2231 if(strcmp(buf, expected_out) != 0)
aff51935 2232 exit(1);
733cf7f4 2233 exit(0);
2234}
2235#else
2236main() { exit(0); }
2237#endif
479cece8 2238 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2239 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2240 )
2c523de9 2241fi
2242
77bb0bca 2243dnl Checks for structure members
58d100bf 2244OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2245OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2246OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2247OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2248OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2249OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2250OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2251OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2252OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2253OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2254OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2255OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2256OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2257OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2258OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2259OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2260OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2261
2262AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2263
58d100bf 2264AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2265 ac_cv_have_ss_family_in_struct_ss, [
2266 AC_TRY_COMPILE(
2267 [
18ba2aab 2268#include <sys/types.h>
2269#include <sys/socket.h>
58d100bf 2270 ],
2271 [ struct sockaddr_storage s; s.ss_family = 1; ],
2272 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2273 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2274 )
2275])
2276if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2277 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2278fi
2279
58d100bf 2280AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2281 ac_cv_have___ss_family_in_struct_ss, [
2282 AC_TRY_COMPILE(
2283 [
18ba2aab 2284#include <sys/types.h>
2285#include <sys/socket.h>
58d100bf 2286 ],
2287 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2288 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2289 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2290 )
2291])
2292if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2293 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2294fi
2295
2e73a022 2296AC_CACHE_CHECK([for pw_class field in struct passwd],
2297 ac_cv_have_pw_class_in_struct_passwd, [
2298 AC_TRY_COMPILE(
2299 [
2e73a022 2300#include <pwd.h>
2301 ],
97994d32 2302 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2303 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2304 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2305 )
2306])
2307if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2308 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2309fi
2310
7751d4eb 2311AC_CACHE_CHECK([for pw_expire field in struct passwd],
2312 ac_cv_have_pw_expire_in_struct_passwd, [
2313 AC_TRY_COMPILE(
2314 [
2315#include <pwd.h>
2316 ],
2317 [ struct passwd p; p.pw_expire = 0; ],
2318 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2319 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2320 )
2321])
2322if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2323 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2324fi
2325
2326AC_CACHE_CHECK([for pw_change field in struct passwd],
2327 ac_cv_have_pw_change_in_struct_passwd, [
2328 AC_TRY_COMPILE(
2329 [
2330#include <pwd.h>
2331 ],
2332 [ struct passwd p; p.pw_change = 0; ],
2333 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2334 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2335 )
2336])
2337if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2338 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2339fi
58d100bf 2340
637f9177 2341dnl make sure we're using the real structure members and not defines
6f34652e 2342AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2343 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2344 AC_COMPILE_IFELSE(
6f34652e 2345 [
f95c8ce8 2346#include <sys/types.h>
6f34652e 2347#include <sys/socket.h>
2348#include <sys/uio.h>
637f9177 2349int main() {
2350#ifdef msg_accrights
1a01a50c 2351#error "msg_accrights is a macro"
637f9177 2352exit(1);
2353#endif
2354struct msghdr m;
2355m.msg_accrights = 0;
2356exit(0);
2357}
6f34652e 2358 ],
6f34652e 2359 [ ac_cv_have_accrights_in_msghdr="yes" ],
2360 [ ac_cv_have_accrights_in_msghdr="no" ]
2361 )
2362])
2363if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2364 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2365fi
2366
7176df4f 2367AC_CACHE_CHECK([for msg_control field in struct msghdr],
2368 ac_cv_have_control_in_msghdr, [
1a01a50c 2369 AC_COMPILE_IFELSE(
7176df4f 2370 [
f95c8ce8 2371#include <sys/types.h>
7176df4f 2372#include <sys/socket.h>
2373#include <sys/uio.h>
637f9177 2374int main() {
2375#ifdef msg_control
1a01a50c 2376#error "msg_control is a macro"
637f9177 2377exit(1);
2378#endif
2379struct msghdr m;
2380m.msg_control = 0;
2381exit(0);
2382}
7176df4f 2383 ],
7176df4f 2384 [ ac_cv_have_control_in_msghdr="yes" ],
2385 [ ac_cv_have_control_in_msghdr="no" ]
2386 )
2387])
2388if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2389 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2390fi
2391
58d100bf 2392AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2393 AC_TRY_LINK([],
2394 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2395 [ ac_cv_libc_defines___progname="yes" ],
2396 [ ac_cv_libc_defines___progname="no" ]
2397 )
2398])
2399if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2400 AC_DEFINE(HAVE___PROGNAME)
2401fi
8946db53 2402
c921ee00 2403AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2404 AC_TRY_LINK([
2405#include <stdio.h>
aff51935 2406],
2407 [ printf("%s", __FUNCTION__); ],
c921ee00 2408 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2409 [ ac_cv_cc_implements___FUNCTION__="no" ]
2410 )
2411])
2412if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2413 AC_DEFINE(HAVE___FUNCTION__)
2414fi
2415
2416AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2417 AC_TRY_LINK([
2418#include <stdio.h>
aff51935 2419],
2420 [ printf("%s", __func__); ],
c921ee00 2421 [ ac_cv_cc_implements___func__="yes" ],
2422 [ ac_cv_cc_implements___func__="no" ]
2423 )
2424])
2425if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2426 AC_DEFINE(HAVE___func__)
2427fi
2428
1812a662 2429AC_CACHE_CHECK([whether getopt has optreset support],
2430 ac_cv_have_getopt_optreset, [
2431 AC_TRY_LINK(
2432 [
2433#include <getopt.h>
2434 ],
2435 [ extern int optreset; optreset = 0; ],
2436 [ ac_cv_have_getopt_optreset="yes" ],
2437 [ ac_cv_have_getopt_optreset="no" ]
2438 )
2439])
2440if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2441 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2442fi
a0391976 2443
819b676f 2444AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2445 AC_TRY_LINK([],
2446 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2447 [ ac_cv_libc_defines_sys_errlist="yes" ],
2448 [ ac_cv_libc_defines_sys_errlist="no" ]
2449 )
2450])
2451if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2452 AC_DEFINE(HAVE_SYS_ERRLIST)
2453fi
2454
2455
416ed5a7 2456AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2457 AC_TRY_LINK([],
2458 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2459 [ ac_cv_libc_defines_sys_nerr="yes" ],
2460 [ ac_cv_libc_defines_sys_nerr="no" ]
2461 )
2462])
2463if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2464 AC_DEFINE(HAVE_SYS_NERR)
2465fi
2466
aff51935 2467SCARD_MSG="no"
295c8801 2468# Check whether user wants sectok support
2469AC_ARG_WITH(sectok,
2470 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2471 [
2472 if test "x$withval" != "xno" ; then
2473 if test "x$withval" != "xyes" ; then
2474 CPPFLAGS="$CPPFLAGS -I${withval}"
2475 LDFLAGS="$LDFLAGS -L${withval}"
2476 if test ! -z "$need_dash_r" ; then
2477 LDFLAGS="$LDFLAGS -R${withval}"
2478 fi
2479 if test ! -z "$blibpath" ; then
2480 blibpath="$blibpath:${withval}"
2481 fi
2482 fi
2483 AC_CHECK_HEADERS(sectok.h)
2484 if test "$ac_cv_header_sectok_h" != yes; then
2485 AC_MSG_ERROR(Can't find sectok.h)
2486 fi
2487 AC_CHECK_LIB(sectok, sectok_open)
2488 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2489 AC_MSG_ERROR(Can't find libsectok)
2490 fi
2491 AC_DEFINE(SMARTCARD)
295c8801 2492 AC_DEFINE(USE_SECTOK)
aff51935 2493 SCARD_MSG="yes, using sectok"
295c8801 2494 fi
2495 ]
2496)
2497
2498# Check whether user wants OpenSC support
987b458f 2499OPENSC_CONFIG="no"
295c8801 2500AC_ARG_WITH(opensc,
987b458f 2501 [--with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
2502 [
2503 if test "x$withval" != "xno" ; then
2504 if test "x$withval" != "xyes" ; then
2505 OPENSC_CONFIG=$withval/bin/opensc-config
2506 else
2507 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2508 fi
2509 if test "$OPENSC_CONFIG" != "no"; then
2510 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2511 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2512 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2513 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2514 AC_DEFINE(SMARTCARD)
2515 AC_DEFINE(USE_OPENSC)
2516 SCARD_MSG="yes, using OpenSC"
2517 fi
2518 fi
2519 ]
2520)
d0b19c95 2521
c31dc31c 2522# Check libraries needed by DNS fingerprint support
aff51935 2523AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2524 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2525 [
c31dc31c 2526 # Needed by our getrrsetbyname()
2527 AC_SEARCH_LIBS(res_query, resolv)
2528 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2529 AC_MSG_CHECKING(if res_query will link)
2530 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2531 [AC_MSG_RESULT(no)
2532 saved_LIBS="$LIBS"
2533 LIBS="$LIBS -lresolv"
2534 AC_MSG_CHECKING(for res_query in -lresolv)
2535 AC_LINK_IFELSE([
2536#include <resolv.h>
2537int main()
2538{
2539 res_query (0, 0, 0, 0, 0);
2540 return 0;
2541}
2542 ],
2543 [LIBS="$LIBS -lresolv"
2544 AC_MSG_RESULT(yes)],
2545 [LIBS="$saved_LIBS"
2546 AC_MSG_RESULT(no)])
2547 ])
c31dc31c 2548 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 2549 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 2550 [#include <sys/types.h>
2551 #include <arpa/nameser.h>])
c31dc31c 2552 AC_CHECK_MEMBER(HEADER.ad,
2553 [AC_DEFINE(HAVE_HEADER_AD)],,
2554 [#include <arpa/nameser.h>])
2555 ])
3e05e934 2556
12928e80 2557# Check whether user wants Kerberos 5 support
aff51935 2558KRB5_MSG="no"
12928e80 2559AC_ARG_WITH(kerberos5,
aff51935 2560 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2561 [ if test "x$withval" != "xno" ; then
2562 if test "x$withval" = "xyes" ; then
2563 KRB5ROOT="/usr/local"
2564 else
2565 KRB5ROOT=${withval}
2566 fi
2567
2568 AC_DEFINE(KRB5)
2569 KRB5_MSG="yes"
2570
2571 AC_MSG_CHECKING(for krb5-config)
2572 if test -x $KRB5ROOT/bin/krb5-config ; then
2573 KRB5CONF=$KRB5ROOT/bin/krb5-config
2574 AC_MSG_RESULT($KRB5CONF)
2575
2576 AC_MSG_CHECKING(for gssapi support)
2577 if $KRB5CONF | grep gssapi >/dev/null ; then
2578 AC_MSG_RESULT(yes)
071970fb 2579 AC_DEFINE(GSSAPI)
2580 k5confopts=gssapi
aff51935 2581 else
5585c441 2582 AC_MSG_RESULT(no)
071970fb 2583 k5confopts=""
aff51935 2584 fi
071970fb 2585 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2586 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2587 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2588 AC_MSG_CHECKING(whether we are using Heimdal)
2589 AC_TRY_COMPILE([ #include <krb5.h> ],
2590 [ char *tmp = heimdal_version; ],
2591 [ AC_MSG_RESULT(yes)
2592 AC_DEFINE(HEIMDAL) ],
2593 AC_MSG_RESULT(no)
2594 )
2595 else
2596 AC_MSG_RESULT(no)
12928e80 2597 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2598 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2599 AC_MSG_CHECKING(whether we are using Heimdal)
2600 AC_TRY_COMPILE([ #include <krb5.h> ],
2601 [ char *tmp = heimdal_version; ],
2602 [ AC_MSG_RESULT(yes)
2603 AC_DEFINE(HEIMDAL)
41707f74 2604 K5LIBS="-lkrb5 -ldes"
2605 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 2606 AC_CHECK_LIB(roken, net_write,
41707f74 2607 [K5LIBS="$K5LIBS -lroken"])
aff51935 2608 ],
2609 [ AC_MSG_RESULT(no)
2610 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2611 ]
2612 )
4e00038c 2613 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2614
749560dd 2615 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2616 [ AC_DEFINE(GSSAPI)
2617 K5LIBS="-lgssapi $K5LIBS" ],
2618 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2619 [ AC_DEFINE(GSSAPI)
aff51935 2620 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2621 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2622 $K5LIBS)
2623 ],
2624 $K5LIBS)
82f4e93d 2625
749560dd 2626 AC_CHECK_HEADER(gssapi.h, ,
2627 [ unset ac_cv_header_gssapi_h
aff51935 2628 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2629 AC_CHECK_HEADERS(gssapi.h, ,
2630 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2631 )
749560dd 2632 ]
2633 )
2634
2635 oldCPP="$CPPFLAGS"
2636 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2637 AC_CHECK_HEADER(gssapi_krb5.h, ,
2638 [ CPPFLAGS="$oldCPP" ])
2639
aff51935 2640 fi
5585c441 2641 if test ! -z "$need_dash_r" ; then
2642 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2643 fi
2644 if test ! -z "$blibpath" ; then
2645 blibpath="$blibpath:${KRB5ROOT}/lib"
2646 fi
071970fb 2647 fi
2648
2649 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2650 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2651 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2652
2653 LIBS="$LIBS $K5LIBS"
2654 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
79753592 2655 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
071970fb 2656 ]
12928e80 2657)
b5b68128 2658
a0391976 2659# Looking for programs, paths and files
a0391976 2660
ecac8ee5 2661PRIVSEP_PATH=/var/empty
2662AC_ARG_WITH(privsep-path,
cda1ebcb 2663 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2664 [
6cf0200f 2665 if test -n "$withval" && test "x$withval" != "xno" && \
2666 test "x${withval}" != "xyes"; then
ecac8ee5 2667 PRIVSEP_PATH=$withval
2668 fi
2669 ]
2670)
2671AC_SUBST(PRIVSEP_PATH)
2672
a0391976 2673AC_ARG_WITH(xauth,
2674 [ --with-xauth=PATH Specify path to xauth program ],
2675 [
6cf0200f 2676 if test -n "$withval" && test "x$withval" != "xno" && \
2677 test "x${withval}" != "xyes"; then
cbd7492e 2678 xauth_path=$withval
a0391976 2679 fi
2680 ],
2681 [
2bf42e4a 2682 TestPath="$PATH"
2683 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2684 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2685 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2686 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2687 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2688 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2689 xauth_path="/usr/openwin/bin/xauth"
2690 fi
2691 ]
2692)
2693
65a4b4af 2694STRIP_OPT=-s
2695AC_ARG_ENABLE(strip,
2696 [ --disable-strip Disable calling strip(1) on install],
2697 [
2698 if test "x$enableval" = "xno" ; then
2699 STRIP_OPT=
2700 fi
2701 ]
2702)
2703AC_SUBST(STRIP_OPT)
2704
b3ec54b4 2705if test -z "$xauth_path" ; then
2706 XAUTH_PATH="undefined"
2707 AC_SUBST(XAUTH_PATH)
2708else
a0391976 2709 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2710 XAUTH_PATH=$xauth_path
2711 AC_SUBST(XAUTH_PATH)
a0391976 2712fi
a0391976 2713
2714# Check for mail directory (last resort if we cannot get it from headers)
2715if test ! -z "$MAIL" ; then
2716 maildir=`dirname $MAIL`
2717 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2718fi
2719
479cece8 2720if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2721 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2722 disable_ptmx_check=yes
2723fi
a0391976 2724if test -z "$no_dev_ptmx" ; then
6e879cb4 2725 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2726 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2727 [
2728 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2729 have_dev_ptmx=1
2730 ]
2731 )
2732 fi
3276571c 2733fi
1a01a50c 2734
479cece8 2735if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2736 AC_CHECK_FILE("/dev/ptc",
2737 [
2738 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2739 have_dev_ptc=1
2740 ]
2741 )
2742else
2743 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2744fi
3276571c 2745
a0391976 2746# Options from here on. Some of these are preset by platform above
fdf6b7aa 2747AC_ARG_WITH(mantype,
5d97cfbf 2748 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2749 [
5d97cfbf 2750 case "$withval" in
2751 man|cat|doc)
2752 MANTYPE=$withval
2753 ;;
2754 *)
2755 AC_MSG_ERROR(invalid man type: $withval)
2756 ;;
2757 esac
c54a6257 2758 ]
2759)
e0c4d3ac 2760if test -z "$MANTYPE"; then
2bf42e4a 2761 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2762 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2763 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2764 MANTYPE=doc
2765 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2766 MANTYPE=man
2767 else
2768 MANTYPE=cat
2769 fi
2770fi
c54a6257 2771AC_SUBST(MANTYPE)
e0c4d3ac 2772if test "$MANTYPE" = "doc"; then
2773 mansubdir=man;
2774else
2775 mansubdir=$MANTYPE;
2776fi
2777AC_SUBST(mansubdir)
0bc5b6fb 2778
a0391976 2779# Check whether to enable MD5 passwords
aff51935 2780MD5_MSG="no"
2ddcfdf3 2781AC_ARG_WITH(md5-passwords,
caf3bc51 2782 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2783 [
bcf36c78 2784 if test "x$withval" != "xno" ; then
0bc5b6fb 2785 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2786 MD5_MSG="yes"
0bc5b6fb 2787 fi
2788 ]
caf3bc51 2789)
2790
a0391976 2791# Whether to disable shadow password support
a7effaac 2792AC_ARG_WITH(shadow,
2793 [ --without-shadow Disable shadow password support],
2794 [
82f4e93d 2795 if test "x$withval" = "xno" ; then
a7effaac 2796 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2797 disable_shadow=yes
a7effaac 2798 fi
2799 ]
2800)
2801
4cb5ffa0 2802if test -z "$disable_shadow" ; then
2803 AC_MSG_CHECKING([if the systems has expire shadow information])
2804 AC_TRY_COMPILE(
2805 [
2806#include <sys/types.h>
2807#include <shadow.h>
2808 struct spwd sp;
2809 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2810 [ sp_expire_available=yes ], []
2811 )
2812
2813 if test "x$sp_expire_available" = "xyes" ; then
2814 AC_MSG_RESULT(yes)
2815 AC_DEFINE(HAS_SHADOW_EXPIRE)
2816 else
2817 AC_MSG_RESULT(no)
2818 fi
2819fi
2820
a0391976 2821# Use ip address instead of hostname in $DISPLAY
44839801 2822if test ! -z "$IPADDR_IN_DISPLAY" ; then
2823 DISPLAY_HACK_MSG="yes"
2824 AC_DEFINE(IPADDR_IN_DISPLAY)
2825else
aff51935 2826 DISPLAY_HACK_MSG="no"
44839801 2827 AC_ARG_WITH(ipaddr-display,
2828 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2829 [
82f4e93d 2830 if test "x$withval" != "xno" ; then
44839801 2831 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2832 DISPLAY_HACK_MSG="yes"
44839801 2833 fi
2834 ]
2835 )
2836fi
a7effaac 2837
95b99395 2838# check for /etc/default/login and use it if present.
daa41e62 2839AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2840 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2841 [ if test "x$enableval" = "xno"; then
2842 AC_MSG_NOTICE([/etc/default/login handling disabled])
2843 etc_default_login=no
2844 else
2845 etc_default_login=yes
2846 fi ],
2847 [ etc_default_login=yes ]
2848)
95b99395 2849
694d0cef 2850if test "x$etc_default_login" != "xno"; then
2851 AC_CHECK_FILE("/etc/default/login",
2852 [ external_path_file=/etc/default/login ])
479cece8 2853 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2854 then
1a01a50c 2855 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2856 elif test "x$external_path_file" = "x/etc/default/login"; then
2857 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2858 fi
694d0cef 2859fi
95b99395 2860
8d184c09 2861dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 2862if test $ac_cv_func_login_getcapbool = "yes" && \
2863 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2864 external_path_file=/etc/login.conf
8d184c09 2865fi
95b99395 2866
a0391976 2867# Whether to mess with the default path
aff51935 2868SERVER_PATH_MSG="(default)"
c43d69a9 2869AC_ARG_WITH(default-path,
75817f90 2870 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2871 [
95b99395 2872 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2873 AC_MSG_WARN([
2874--with-default-path=PATH has no effect on this system.
2875Edit /etc/login.conf instead.])
82f4e93d 2876 elif test "x$withval" != "xno" ; then
89bbd457 2877 if test ! -z "$external_path_file" ; then
95b99395 2878 AC_MSG_WARN([
2879--with-default-path=PATH will only be used if PATH is not defined in
2880$external_path_file .])
2881 fi
b2d818e6 2882 user_path="$withval"
aff51935 2883 SERVER_PATH_MSG="$withval"
cb807f40 2884 fi
b2d818e6 2885 ],
95b99395 2886 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2887 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2888 else
89bbd457 2889 if test ! -z "$external_path_file" ; then
95b99395 2890 AC_MSG_WARN([
2891If PATH is defined in $external_path_file, ensure the path to scp is included,
2892otherwise scp will not work.])
2893 fi
2894 AC_TRY_RUN(
2895 [
b2d818e6 2896/* find out what STDPATH is */
2897#include <stdio.h>
b2d818e6 2898#ifdef HAVE_PATHS_H
2899# include <paths.h>
2900#endif
2901#ifndef _PATH_STDPATH
d9a4e55b 2902# ifdef _PATH_USERPATH /* Irix */
2903# define _PATH_STDPATH _PATH_USERPATH
2904# else
2905# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2906# endif
b2d818e6 2907#endif
2908#include <sys/types.h>
2909#include <sys/stat.h>
2910#include <fcntl.h>
2911#define DATA "conftest.stdpath"
2912
2913main()
2914{
2915 FILE *fd;
2916 int rc;
82f4e93d 2917
b2d818e6 2918 fd = fopen(DATA,"w");
2919 if(fd == NULL)
2920 exit(1);
82f4e93d 2921
b2d818e6 2922 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2923 exit(1);
2924
2925 exit(0);
2926}
2927 ], [ user_path=`cat conftest.stdpath` ],
2928 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2929 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2930 )
2931# make sure $bindir is in USER_PATH so scp will work
2932 t_bindir=`eval echo ${bindir}`
2933 case $t_bindir in
2934 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2935 esac
2936 case $t_bindir in
2937 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2938 esac
2939 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2940 if test $? -ne 0 ; then
2941 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2942 if test $? -ne 0 ; then
2943 user_path=$user_path:$t_bindir
2944 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2945 fi
2946 fi
8d184c09 2947 fi ]
cb807f40 2948)
95b99395 2949if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 2950 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2951 AC_SUBST(user_path)
2952fi
cb807f40 2953
06617857 2954# Set superuser path separately to user path
06617857 2955AC_ARG_WITH(superuser-path,
2956 [ --with-superuser-path= Specify different path for super-user],
2957 [
6cf0200f 2958 if test -n "$withval" && test "x$withval" != "xno" && \
2959 test "x${withval}" != "xyes"; then
06617857 2960 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2961 superuser_path=$withval
2962 fi
2963 ]
2964)
2965
2966
58d100bf 2967AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 2968IPV4_IN6_HACK_MSG="no"
80faa19f 2969AC_ARG_WITH(4in6,
2970 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2971 [
2972 if test "x$withval" != "xno" ; then
2973 AC_MSG_RESULT(yes)
2974 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2975 IPV4_IN6_HACK_MSG="yes"
80faa19f 2976 else
2977 AC_MSG_RESULT(no)
2978 fi
2979 ],[
2980 if test "x$inet6_default_4in6" = "xyes"; then
2981 AC_MSG_RESULT([yes (default)])
2982 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2983 IPV4_IN6_HACK_MSG="yes"
80faa19f 2984 else
2985 AC_MSG_RESULT([no (default)])
2986 fi
2987 ]
2988)
2989
af774732 2990# Whether to enable BSD auth support
f1b0ecc3 2991BSD_AUTH_MSG=no
af774732 2992AC_ARG_WITH(bsd-auth,
2993 [ --with-bsd-auth Enable BSD auth support],
2994 [
82f4e93d 2995 if test "x$withval" != "xno" ; then
af774732 2996 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2997 BSD_AUTH_MSG=yes
af774732 2998 fi
2999 ]
3000)
3001
a0391976 3002# Where to place sshd.pid
19d9ac2a 3003piddir=/var/run
81dadca3 3004# make sure the directory exists
82f4e93d 3005if test ! -d $piddir ; then
81dadca3 3006 piddir=`eval echo ${sysconfdir}`
3007 case $piddir in
aff51935 3008 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3009 esac
3010fi
3011
47e45e44 3012AC_ARG_WITH(pid-dir,
3013 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3014 [
6cf0200f 3015 if test -n "$withval" && test "x$withval" != "xno" && \
3016 test "x${withval}" != "xyes"; then
19d9ac2a 3017 piddir=$withval
82f4e93d 3018 if test ! -d $piddir ; then
81dadca3 3019 AC_MSG_WARN([** no $piddir directory on this system **])
3020 fi
47e45e44 3021 fi
3022 ]
3023)
b7a87eea 3024
42f11eb2 3025AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 3026AC_SUBST(piddir)
47e45e44 3027
1d7b9b20 3028dnl allow user to disable some login recording features
3029AC_ARG_ENABLE(lastlog,
bfd550a2 3030 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3031 [
3032 if test "x$enableval" = "xno" ; then
3033 AC_DEFINE(DISABLE_LASTLOG)
3034 fi
3035 ]
1d7b9b20 3036)
3037AC_ARG_ENABLE(utmp,
bfd550a2 3038 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3039 [
3040 if test "x$enableval" = "xno" ; then
3041 AC_DEFINE(DISABLE_UTMP)
3042 fi
3043 ]
1d7b9b20 3044)
3045AC_ARG_ENABLE(utmpx,
bfd550a2 3046 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3047 [
3048 if test "x$enableval" = "xno" ; then
3049 AC_DEFINE(DISABLE_UTMPX)
3050 fi
3051 ]
1d7b9b20 3052)
3053AC_ARG_ENABLE(wtmp,
bfd550a2 3054 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3055 [
3056 if test "x$enableval" = "xno" ; then
3057 AC_DEFINE(DISABLE_WTMP)
3058 fi
3059 ]
1d7b9b20 3060)
3061AC_ARG_ENABLE(wtmpx,
bfd550a2 3062 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3063 [
3064 if test "x$enableval" = "xno" ; then
3065 AC_DEFINE(DISABLE_WTMPX)
3066 fi
3067 ]
1d7b9b20 3068)
3069AC_ARG_ENABLE(libutil,
bfd550a2 3070 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3071 [
3072 if test "x$enableval" = "xno" ; then
3073 AC_DEFINE(DISABLE_LOGIN)
3074 fi
3075 ]
1d7b9b20 3076)
3077AC_ARG_ENABLE(pututline,
bfd550a2 3078 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3079 [
3080 if test "x$enableval" = "xno" ; then
aff51935 3081 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 3082 fi
3083 ]
1d7b9b20 3084)
3085AC_ARG_ENABLE(pututxline,
bfd550a2 3086 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3087 [
3088 if test "x$enableval" = "xno" ; then
3089 AC_DEFINE(DISABLE_PUTUTXLINE)
3090 fi
3091 ]
1d7b9b20 3092)
3093AC_ARG_WITH(lastlog,
bfd550a2 3094 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3095 [
82f4e93d 3096 if test "x$withval" = "xno" ; then
8c89dd2b 3097 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3098 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3099 conf_lastlog_location=$withval
3100 fi
3101 ]
3102)
1d7b9b20 3103
3104dnl lastlog, [uw]tmpx? detection
3105dnl NOTE: set the paths in the platform section to avoid the
3106dnl need for command-line parameters
3107dnl lastlog and [uw]tmp are subject to a file search if all else fails
3108
3109dnl lastlog detection
3110dnl NOTE: the code itself will detect if lastlog is a directory
3111AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3112AC_TRY_COMPILE([
3113#include <sys/types.h>
3114#include <utmp.h>
3115#ifdef HAVE_LASTLOG_H
3116# include <lastlog.h>
3117#endif
d7c0f3d5 3118#ifdef HAVE_PATHS_H
1d7b9b20 3119# include <paths.h>
41cb4569 3120#endif
3121#ifdef HAVE_LOGIN_H
3122# include <login.h>
1d7b9b20 3123#endif
3124 ],
3125 [ char *lastlog = LASTLOG_FILE; ],
3126 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3127 [
3128 AC_MSG_RESULT(no)
3129 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3130 AC_TRY_COMPILE([
3131#include <sys/types.h>
3132#include <utmp.h>
3133#ifdef HAVE_LASTLOG_H
3134# include <lastlog.h>
3135#endif
3136#ifdef HAVE_PATHS_H
3137# include <paths.h>
3138#endif
3139 ],
3140 [ char *lastlog = _PATH_LASTLOG; ],
3141 [ AC_MSG_RESULT(yes) ],
3142 [
f282b668 3143 AC_MSG_RESULT(no)
d7c0f3d5 3144 system_lastlog_path=no
3145 ])
3146 ]
1d7b9b20 3147)
d7c0f3d5 3148
1d7b9b20 3149if test -z "$conf_lastlog_location"; then
3150 if test x"$system_lastlog_path" = x"no" ; then
3151 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3152 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3153 conf_lastlog_location=$f
3154 fi
3155 done
3156 if test -z "$conf_lastlog_location"; then
f8119cef 3157 AC_MSG_WARN([** Cannot find lastlog **])
3158 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3159 fi
3160 fi
3161fi
3162
3163if test -n "$conf_lastlog_location"; then
3164 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
82f4e93d 3165fi
1d7b9b20 3166
3167dnl utmp detection
3168AC_MSG_CHECKING([if your system defines UTMP_FILE])
3169AC_TRY_COMPILE([
3170#include <sys/types.h>
3171#include <utmp.h>
d7c0f3d5 3172#ifdef HAVE_PATHS_H
1d7b9b20 3173# include <paths.h>
3174#endif
3175 ],
3176 [ char *utmp = UTMP_FILE; ],
3177 [ AC_MSG_RESULT(yes) ],
3178 [ AC_MSG_RESULT(no)
3179 system_utmp_path=no ]
3180)
3181if test -z "$conf_utmp_location"; then
3182 if test x"$system_utmp_path" = x"no" ; then
3183 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3184 if test -f $f ; then
3185 conf_utmp_location=$f
3186 fi
3187 done
3188 if test -z "$conf_utmp_location"; then
3189 AC_DEFINE(DISABLE_UTMP)
3190 fi
3191 fi
3192fi
3193if test -n "$conf_utmp_location"; then
3194 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
82f4e93d 3195fi
1d7b9b20 3196
3197dnl wtmp detection
3198AC_MSG_CHECKING([if your system defines WTMP_FILE])
3199AC_TRY_COMPILE([
3200#include <sys/types.h>
3201#include <utmp.h>
d7c0f3d5 3202#ifdef HAVE_PATHS_H
1d7b9b20 3203# include <paths.h>
3204#endif
3205 ],
3206 [ char *wtmp = WTMP_FILE; ],
3207 [ AC_MSG_RESULT(yes) ],
3208 [ AC_MSG_RESULT(no)
3209 system_wtmp_path=no ]
3210)
3211if test -z "$conf_wtmp_location"; then
3212 if test x"$system_wtmp_path" = x"no" ; then
3213 for f in /usr/adm/wtmp /var/log/wtmp; do
3214 if test -f $f ; then
3215 conf_wtmp_location=$f
3216 fi
3217 done
3218 if test -z "$conf_wtmp_location"; then
3219 AC_DEFINE(DISABLE_WTMP)
3220 fi
3221 fi
3222fi
3223if test -n "$conf_wtmp_location"; then
3224 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
82f4e93d 3225fi
1d7b9b20 3226
3227
3228dnl utmpx detection - I don't know any system so perverse as to require
3229dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3230dnl there, though.
3231AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3232AC_TRY_COMPILE([
3233#include <sys/types.h>
3234#include <utmp.h>
3235#ifdef HAVE_UTMPX_H
3236#include <utmpx.h>
3237#endif
d7c0f3d5 3238#ifdef HAVE_PATHS_H
1d7b9b20 3239# include <paths.h>
3240#endif
3241 ],
3242 [ char *utmpx = UTMPX_FILE; ],
3243 [ AC_MSG_RESULT(yes) ],
3244 [ AC_MSG_RESULT(no)
3245 system_utmpx_path=no ]
3246)
3247if test -z "$conf_utmpx_location"; then
3248 if test x"$system_utmpx_path" = x"no" ; then
3249 AC_DEFINE(DISABLE_UTMPX)
3250 fi
3251else
3252 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
82f4e93d 3253fi
1d7b9b20 3254
3255dnl wtmpx detection
3256AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3257AC_TRY_COMPILE([
3258#include <sys/types.h>
3259#include <utmp.h>
3260#ifdef HAVE_UTMPX_H
3261#include <utmpx.h>
3262#endif
d7c0f3d5 3263#ifdef HAVE_PATHS_H
1d7b9b20 3264# include <paths.h>
3265#endif
3266 ],
3267 [ char *wtmpx = WTMPX_FILE; ],
3268 [ AC_MSG_RESULT(yes) ],
3269 [ AC_MSG_RESULT(no)
3270 system_wtmpx_path=no ]
3271)
3272if test -z "$conf_wtmpx_location"; then
3273 if test x"$system_wtmpx_path" = x"no" ; then
3274 AC_DEFINE(DISABLE_WTMPX)
3275 fi
3276else
3277 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
82f4e93d 3278fi
1d7b9b20 3279
b7a87eea 3280
bd499f9e 3281if test ! -z "$blibpath" ; then
68ece370 3282 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3283 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3284fi
3285
ddceb1c8 3286dnl remove pam and dl because they are in $LIBPAM
3287if test "$PAM_MSG" = yes ; then
98f2d9d5 3288 LIBS=`echo $LIBS | sed 's/-lpam //'`
3289fi
3290if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3291 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3292fi
3293
3c62e7eb 3294AC_EXEEXT
d7cfdd7c 3295AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3296 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3297AC_OUTPUT
d3083fbd 3298
cbd7492e 3299# Print summary of options
3300
cbd7492e 3301# Someone please show me a better way :)
3302A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3303B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3304C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3305D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3306E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3307F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3308G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3309H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3310I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3311J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3312
3313echo ""
26de7942 3314echo "OpenSSH has been configured with the following options:"
ecac8ee5 3315echo " User binaries: $B"
3316echo " System binaries: $C"
3317echo " Configuration files: $D"
3318echo " Askpass program: $E"
3319echo " Manual pages: $F"
3320echo " PID file: $G"
3321echo " Privilege separation chroot path: $H"
95b99395 3322if test "x$external_path_file" = "x/etc/login.conf" ; then
3323echo " At runtime, sshd will use the path defined in $external_path_file"
3324echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3325else
ecac8ee5 3326echo " sshd default user PATH: $I"
89bbd457 3327 if test ! -z "$external_path_file"; then
95b99395 3328echo " (If PATH is set in $external_path_file it will be used instead. If"
3329echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3330 fi
8d184c09 3331fi
06617857 3332if test ! -z "$superuser_path" ; then
ecac8ee5 3333echo " sshd superuser user PATH: $J"
3334fi
3335echo " Manpage format: $MANTYPE"
3e05e934 3336echo " PAM support: $PAM_MSG"
ecac8ee5 3337echo " KerberosV support: $KRB5_MSG"
3338echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3339echo " S/KEY support: $SKEY_MSG"
3340echo " TCP Wrappers support: $TCPW_MSG"
3341echo " MD5 password support: $MD5_MSG"
59031773 3342echo " libedit support: $LIBEDIT_MSG"
3deb1408 3343echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3344echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3345echo " BSD Auth support: $BSD_AUTH_MSG"
3346echo " Random number source: $RAND_MSG"
f1b0ecc3 3347if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3348echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3349fi
3350
cbd7492e 3351echo ""
3352
0c2fb82f 3353echo " Host: ${host}"
3354echo " Compiler: ${CC}"
3355echo " Compiler flags: ${CFLAGS}"
3356echo "Preprocessor flags: ${CPPFLAGS}"
3357echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3358echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3359
3360echo ""
3361
9cefe228 3362if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3363 echo "SVR4 style packages are supported with \"make package\""
3364 echo ""
9cefe228 3365fi
3366
adeebd37 3367if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3368 echo "PAM is enabled. You may need to install a PAM control file "
3369 echo "for sshd, otherwise password authentication may fail. "
aff51935 3370 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3371 echo "subdirectory"
adeebd37 3372 echo ""
3373fi
3374
f1b0ecc3 3375if test ! -z "$RAND_HELPER_CMDHASH" ; then
3376 echo "WARNING: you are using the builtin random number collection "
3377 echo "service. Please read WARNING.RNG and request that your OS "
3378 echo "vendor includes kernel-based random number collection in "
3379 echo "future versions of your OS."
2c523de9 3380 echo ""
3381fi
af774732 3382
2f6f9cff 3383if test ! -z "$NO_PEERCHECK" ; then
3384 echo "WARNING: the operating system that you are using does not "
3385 echo "appear to support either the getpeereid() API nor the "
3386 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3387 echo "enforce security checks to prevent unauthorised connections to "
3388 echo "ssh-agent. Their absence increases the risk that a malicious "
3389 echo "user can connect to your agent. "
3390 echo ""
3391fi
3392
7b578f7d 3393if test "$AUDIT_MODULE" = "bsm" ; then
3394 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3395 echo "See the Solaris section in README.platform for details."
3396fi
git-cvsimport mirror of OpenSSH
This page took 0.914899 seconds and 5 git commands to generate.