]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
0b9fdeb8 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
5fdabf45 106 esac
8a3ff1aa 107
bd326285 108 AC_MSG_CHECKING(if $CC understands -fstack-protector-all)
eb5a7224 109 saved_CFLAGS="$CFLAGS"
ebddd492 110 saved_LDFLAGS="$LDFLAGS"
eb5a7224 111 CFLAGS="$CFLAGS -fstack-protector-all"
ebddd492 112 LDFLAGS="$LDFLAGS -fstack-protector-all"
113 AC_TRY_LINK([], [ int main(void){return 0;} ],
eb5a7224 114 [ AC_MSG_RESULT(yes) ],
115 [ AC_MSG_RESULT(no)
ebddd492 116 CFLAGS="$saved_CFLAGS"
117 LDFLAGS="$saved_LDFLAGS"
118 ]
eb5a7224 119 )
120
dfafb2e1 121 if test -z "$have_llong_max"; then
122 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
123 unset ac_cv_have_decl_LLONG_MAX
124 saved_CFLAGS="$CFLAGS"
125 CFLAGS="$CFLAGS -std=gnu99"
126 AC_CHECK_DECL(LLONG_MAX,
127 [have_llong_max=1],
128 [CFLAGS="$saved_CFLAGS"],
129 [#include <limits.h>]
130 )
131 fi
d423d822 132fi
133
0b9fdeb8 134if test "x$no_attrib_nonnull" != "x1" ; then
135 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
136fi
137
e6354014 138AC_ARG_WITH(rpath,
139 [ --without-rpath Disable auto-added -R linker paths],
140 [
82f4e93d 141 if test "x$withval" = "xno" ; then
e6354014 142 need_dash_r=""
143 fi
144 if test "x$withval" = "xyes" ; then
145 need_dash_r=1
146 fi
147 ]
148)
149
aa56f760 150# Allow user to specify flags
151AC_ARG_WITH(cflags,
152 [ --with-cflags Specify additional flags to pass to compiler],
153 [
154 if test -n "$withval" && test "x$withval" != "xno" && \
155 test "x${withval}" != "xyes"; then
156 CFLAGS="$CFLAGS $withval"
157 fi
158 ]
159)
160AC_ARG_WITH(cppflags,
161 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
162 [
163 if test -n "$withval" && test "x$withval" != "xno" && \
164 test "x${withval}" != "xyes"; then
165 CPPFLAGS="$CPPFLAGS $withval"
166 fi
167 ]
168)
169AC_ARG_WITH(ldflags,
170 [ --with-ldflags Specify additional flags to pass to linker],
171 [
172 if test -n "$withval" && test "x$withval" != "xno" && \
173 test "x${withval}" != "xyes"; then
174 LDFLAGS="$LDFLAGS $withval"
175 fi
176 ]
177)
178AC_ARG_WITH(libs,
179 [ --with-libs Specify additional libraries to link with],
180 [
181 if test -n "$withval" && test "x$withval" != "xno" && \
182 test "x${withval}" != "xyes"; then
183 LIBS="$LIBS $withval"
184 fi
185 ]
186)
187AC_ARG_WITH(Werror,
188 [ --with-Werror Build main code with -Werror],
189 [
190 if test -n "$withval" && test "x$withval" != "xno"; then
191 werror_flags="-Werror"
192 if test "x${withval}" != "xyes"; then
193 werror_flags="$withval"
194 fi
195 fi
196 ]
197)
198
199AC_CHECK_HEADERS( \
200 bstring.h \
201 crypt.h \
202 crypto/sha2.h \
203 dirent.h \
204 endian.h \
205 features.h \
206 fcntl.h \
207 floatingpoint.h \
208 getopt.h \
209 glob.h \
210 ia.h \
211 iaf.h \
212 limits.h \
213 login.h \
214 maillock.h \
215 ndir.h \
216 net/if_tun.h \
217 netdb.h \
218 netgroup.h \
219 pam/pam_appl.h \
220 paths.h \
6d39a5c4 221 poll.h \
aa56f760 222 pty.h \
223 readpassphrase.h \
224 rpc/types.h \
225 security/pam_appl.h \
226 sha2.h \
227 shadow.h \
228 stddef.h \
229 stdint.h \
230 string.h \
231 strings.h \
232 sys/audit.h \
233 sys/bitypes.h \
234 sys/bsdtty.h \
235 sys/cdefs.h \
236 sys/dir.h \
237 sys/mman.h \
238 sys/ndir.h \
8aa5db7d 239 sys/poll.h \
aa56f760 240 sys/prctl.h \
241 sys/pstat.h \
242 sys/select.h \
243 sys/stat.h \
244 sys/stream.h \
245 sys/stropts.h \
246 sys/strtio.h \
247 sys/sysmacros.h \
248 sys/time.h \
249 sys/timers.h \
250 sys/un.h \
251 time.h \
252 tmpdir.h \
253 ttyent.h \
40701614 254 ucred.h \
aa56f760 255 unistd.h \
256 usersec.h \
257 util.h \
258 utime.h \
259 utmp.h \
260 utmpx.h \
261 vis.h \
262)
263
264# lastlog.h requires sys/time.h to be included first on Solaris
265AC_CHECK_HEADERS(lastlog.h, [], [], [
266#ifdef HAVE_SYS_TIME_H
267# include <sys/time.h>
268#endif
269])
270
271# sys/ptms.h requires sys/stream.h to be included first on Solaris
272AC_CHECK_HEADERS(sys/ptms.h, [], [], [
273#ifdef HAVE_SYS_STREAM_H
274# include <sys/stream.h>
275#endif
276])
277
278# login_cap.h requires sys/types.h on NetBSD
279AC_CHECK_HEADERS(login_cap.h, [], [], [
280#include <sys/types.h>
281])
282
5b84789f 283# Messages for features tested for in target-specific section
284SIA_MSG="no"
285SPC_MSG="no"
286
a0391976 287# Check for some target-specific stuff
a7effaac 288case "$host" in
9d6b1b96 289*-*-aix*)
25a2779b 290 # Some versions of VAC won't allow macro redefinitions at
291 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
292 # particularly with older versions of vac or xlc.
293 # It also throws errors about null macro argments, but these are
294 # not fatal.
295 AC_MSG_CHECKING(if compiler allows macro redefinitions)
296 AC_COMPILE_IFELSE(
297 [AC_LANG_SOURCE([[
298#define testmacro foo
299#define testmacro bar
300int main(void) { exit(0); }
301 ]])],
302 [ AC_MSG_RESULT(yes) ],
303 [ AC_MSG_RESULT(no)
304 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
305 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
306 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
307 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
308 ]
309 )
310
aff51935 311 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 312 if (test -z "$blibpath"); then
0a15d73b 313 blibpath="/usr/lib:/lib"
68ece370 314 fi
315 saved_LDFLAGS="$LDFLAGS"
e7479666 316 if test "$GCC" = "yes"; then
317 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
318 else
319 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
320 fi
321 for tryflags in $flags ;do
68ece370 322 if (test -z "$blibflags"); then
323 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
324 AC_TRY_LINK([], [], [blibflags=$tryflags])
325 fi
326 done
327 if (test -z "$blibflags"); then
328 AC_MSG_RESULT(not found)
329 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
330 else
331 AC_MSG_RESULT($blibflags)
bd499f9e 332 fi
68ece370 333 LDFLAGS="$saved_LDFLAGS"
e351e493 334 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 335 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
336 [Define if you want to enable AIX4's authenticate function])],
0764e748 337 [AC_CHECK_LIB(s,authenticate,
e351e493 338 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 339 LIBS="$LIBS -ls"
340 ])
341 ])
ba603e06 342 dnl Check for various auth function declarations in headers.
c85ed8e2 343 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 344 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 345 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 346 AC_CHECK_DECLS(loginfailed,
e351e493 347 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
348 AC_TRY_COMPILE(
f58c0e01 349 [#include <usersec.h>],
e351e493 350 [(void)loginfailed("user","host","tty",0);],
351 [AC_MSG_RESULT(yes)
3466e002 352 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
353 [Define if your AIX loginfailed() function
354 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 355 [AC_MSG_RESULT(no)]
e351e493 356 )],
357 [],
358 [#include <usersec.h>]
359 )
2aa3a16c 360 AC_CHECK_FUNCS(setauthdb)
53c337ed 361 AC_CHECK_DECL(F_CLOSEM,
795e7517 362 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 363 [],
364 [ #include <limits.h>
365 #include <fcntl.h> ]
366 )
5ccf88cb 367 check_for_aix_broken_getaddrinfo=1
3466e002 368 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
369 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
370 [Define if your platform breaks doing a seteuid before a setuid])
371 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
372 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 373 dnl AIX handles lastlog as part of its login message
3466e002 374 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
375 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
376 [Some systems need a utmpx entry for /bin/login to work])
377 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
378 [Define to a Set Process Title type if your system is
379 supported by bsd-setproctitle.c])
961c2997 380 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
381 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 382 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 383 ;;
3c62e7eb 384*-*-cygwin*)
a52997bd 385 check_for_libcrypt_later=1
04765d02 386 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 387 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
388 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
389 AC_DEFINE(DISABLE_SHADOW, 1,
390 [Define if you want to disable shadow passwords])
391 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
392 [Define if your system choked on IP TOS setting])
393 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
394 [Define if X11 doesn't support AF_UNIX sockets on that system])
395 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
396 [Define if the concept of ports only accessible to
397 superusers isn't known])
398 AC_DEFINE(DISABLE_FD_PASSING, 1,
399 [Define if your platform needs to skip post auth
400 file descriptor passing])
3c62e7eb 401 ;;
d6fdb079 402*-*-dgux*)
403 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 404 AC_DEFINE(SETEUID_BREAKS_SETUID)
405 AC_DEFINE(BROKEN_SETREUID)
406 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 407 ;;
39c98ef7 408*-*-darwin*)
33e2e066 409 AC_MSG_CHECKING(if we have working getaddrinfo)
410 AC_TRY_RUN([#include <mach-o/dyld.h>
411main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
412 exit(0);
413 else
414 exit(1);
415}], [AC_MSG_RESULT(working)],
416 [AC_MSG_RESULT(buggy)
3466e002 417 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 418 [AC_MSG_RESULT(assume it is working)])
635e0c42 419 AC_DEFINE(SETEUID_BREAKS_SETUID)
420 AC_DEFINE(BROKEN_SETREUID)
421 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 422 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 423 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
424 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 425 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
426 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
427 [Use tunnel device compatibility to OpenBSD])
428 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
429 [Prepend the address family to IP tunnel traffic])
a74e9b64 430 m4_pattern_allow(AU_IPv)
431 AC_CHECK_DECL(AU_IPv4, [],
432 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
433 [#include <bsm/audit.h>]
434 )
39c98ef7 435 ;;
36f36ba3 436*-*-dragonfly*)
437 SSHDLIBS="$SSHDLIBS -lcrypt"
438 ;;
7d458c86 439*-*-hpux*)
440 # first we define all of the options common to all HP-UX releases
b8fea62d 441 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 442 IPADDR_IN_DISPLAY=yes
2b10f47a 443 AC_DEFINE(USE_PIPES)
3466e002 444 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
445 [Define if your login program cannot handle end of options ("--")])
a2572aa7 446 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 447 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
448 [String used in /etc/passwd to denote locked account])
3a2b2b44 449 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 450 MAIL="/var/mail/username"
f75ca46d 451 LIBS="$LIBS -lsec"
7d458c86 452 AC_CHECK_LIB(xnet, t_error, ,
453 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
454
455 # next, we define all of the options specific to major releases
456 case "$host" in
457 *-*-hpux10*)
458 if test -z "$GCC"; then
459 CFLAGS="$CFLAGS -Ae"
460 fi
461 ;;
462 *-*-hpux11*)
3466e002 463 AC_DEFINE(PAM_SUN_CODEBASE, 1,
464 [Define if you are using Solaris-derived PAM which
465 passes pam_messages to the conversation function
466 with an extra level of indirection])
467 AC_DEFINE(DISABLE_UTMP, 1,
468 [Define if you don't want to use utmp])
7d458c86 469 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
470 check_for_hpux_broken_getaddrinfo=1
471 check_for_conflicting_getspnam=1
472 ;;
473 esac
474
475 # lastly, we define options specific to minor releases
476 case "$host" in
477 *-*-hpux10.26)
3466e002 478 AC_DEFINE(HAVE_SECUREWARE, 1,
479 [Define if you have SecureWare-based
480 protected password database])
7d458c86 481 disable_ptmx_check=yes
482 LIBS="$LIBS -lsecpw"
483 ;;
484 esac
2b763e31 485 ;;
d94aa2ae 486*-*-irix5*)
6ac7829a 487 PATH="$PATH:/usr/etc"
3466e002 488 AC_DEFINE(BROKEN_INET_NTOA, 1,
489 [Define if you system's inet_ntoa is busted
490 (e.g. Irix gcc issue)])
cb433561 491 AC_DEFINE(SETEUID_BREAKS_SETUID)
492 AC_DEFINE(BROKEN_SETREUID)
493 AC_DEFINE(BROKEN_SETREGID)
3466e002 494 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
495 [Define if you shouldn't strip 'tty' from your
496 ttyname in [uw]tmp])
3e6e3da0 497 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 498 ;;
499*-*-irix6*)
6ac7829a 500 PATH="$PATH:/usr/etc"
3466e002 501 AC_DEFINE(WITH_IRIX_ARRAY, 1,
502 [Define if you have/want arrays
503 (cluster-wide session managment, not C arrays)])
504 AC_DEFINE(WITH_IRIX_PROJECT, 1,
505 [Define if you want IRIX project management])
506 AC_DEFINE(WITH_IRIX_AUDIT, 1,
507 [Define if you want IRIX audit trails])
508 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
509 [Define if you want IRIX kernel jobs])])
416ed5a7 510 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 511 AC_DEFINE(SETEUID_BREAKS_SETUID)
512 AC_DEFINE(BROKEN_SETREUID)
513 AC_DEFINE(BROKEN_SETREGID)
3466e002 514 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 515 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 516 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 517 ;;
5cdfe03f 518*-*-linux*)
519 no_dev_ptmx=1
717057b6 520 check_for_libcrypt_later=1
eacb954e 521 check_for_openpty_ctty_bug=1
3466e002 522 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
523 AC_DEFINE(PAM_TTY_KLUDGE, 1,
524 [Work around problematic Linux PAM modules handling of PAM_TTY])
525 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
526 [String used in /etc/passwd to denote locked account])
3a2b2b44 527 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 528 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
529 [Define to whatever link() returns for "not supported"
530 if it doesn't return EOPNOTSUPP.])
b6610e8f 531 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 532 AC_DEFINE(USE_BTMP)
80faa19f 533 inet6_default_4in6=yes
bf7c1e6c 534 case `uname -r` in
ad84c479 535 1.*|2.0.*)
3466e002 536 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
537 [Define if cmsg_type is not passed correctly])
bf7c1e6c 538 ;;
bf7c1e6c 539 esac
c40f09ca 540 # tun(4) forwarding compat code
d91775e1 541 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 542 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 543 AC_DEFINE(SSH_TUN_LINUX, 1,
544 [Open tunnel devices the Linux tun/tap way])
545 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
546 [Use tunnel device compatibility to OpenBSD])
547 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
548 [Prepend the address family to IP tunnel traffic])
549 fi
5cdfe03f 550 ;;
66d6c27e 551mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 552 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 553 SONY=1
66d6c27e 554 ;;
d468fc76 555*-*-netbsd*)
33e2e066 556 check_for_libcrypt_before=1
82f4e93d 557 if test "x$withval" != "xno" ; then
e6354014 558 need_dash_r=1
559 fi
0f6cb079 560 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
561 AC_CHECK_HEADER([net/if_tap.h], ,
562 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
563 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
564 [Prepend the address family to IP tunnel traffic])
d468fc76 565 ;;
86b416a7 566*-*-freebsd*)
567 check_for_libcrypt_later=1
988c5031 568 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 569 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
570 AC_CHECK_HEADER([net/if_tap.h], ,
571 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 572 ;;
8707b7eb 573*-*-bsdi*)
574 AC_DEFINE(SETEUID_BREAKS_SETUID)
575 AC_DEFINE(BROKEN_SETREUID)
576 AC_DEFINE(BROKEN_SETREGID)
577 ;;
729bfe59 578*-next-*)
729bfe59 579 conf_lastlog_location="/usr/adm/lastlog"
698d107e 580 conf_utmp_location=/etc/utmp
581 conf_wtmp_location=/usr/adm/wtmp
582 MAIL=/usr/spool/mail
3466e002 583 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 584 AC_DEFINE(BROKEN_REALPATH)
00937921 585 AC_DEFINE(USE_PIPES)
3466e002 586 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 587 ;;
5b7b5e23 588*-*-openbsd*)
589 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 590 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 591 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 592 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
593 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 594 ;;
9d6b1b96 595*-*-solaris*)
82f4e93d 596 if test "x$withval" != "xno" ; then
010e9d5b 597 need_dash_r=1
598 fi
adeebd37 599 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 600 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 601 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
602 [Some versions of /bin/login need the TERM supplied
603 on the commandline])
7f0a4ff1 604 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 605 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
606 [Define if pam_chauthtok wants real uid set
607 to the unpriv'ed user])
3e6e3da0 608 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 609 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 610 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
611 [Define if sshd somehow reacquires a controlling TTY
612 after setsid()])
795aa5f5 613 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
614 in case the name is longer than 8 chars])
95b99395 615 external_path_file=/etc/default/login
1d7b9b20 616 # hardwire lastlog location (can't detect it on some versions)
617 conf_lastlog_location="/var/adm/lastlog"
32c80420 618 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
619 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
620 if test "$sol2ver" -ge 8; then
621 AC_MSG_RESULT(yes)
622 AC_DEFINE(DISABLE_UTMP)
3466e002 623 AC_DEFINE(DISABLE_WTMP, 1,
624 [Define if you don't want to use wtmp])
32c80420 625 else
626 AC_MSG_RESULT(no)
627 fi
5b84789f 628 AC_ARG_WITH(solaris-contracts,
629 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
630 [
631 AC_CHECK_LIB(contract, ct_tmpl_activate,
632 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
633 [Define if you have Solaris process contracts])
634 SSHDLIBS="$SSHDLIBS -lcontract"
635 AC_SUBST(SSHDLIBS)
636 SPC_MSG="yes" ], )
637 ],
638 )
9d6b1b96 639 ;;
a423beaf 640*-*-sunos4*)
0c2fb82f 641 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 642 AC_CHECK_FUNCS(getpwanam)
adeebd37 643 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 644 conf_utmp_location=/etc/utmp
645 conf_wtmp_location=/var/adm/wtmp
646 conf_lastlog_location=/var/adm/lastlog
137d7b6c 647 AC_DEFINE(USE_PIPES)
a423beaf 648 ;;
6f68f28a 649*-ncr-sysv*)
98a7c37b 650 LIBS="$LIBS -lc89"
29525240 651 AC_DEFINE(USE_PIPES)
eabb99c6 652 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 653 AC_DEFINE(SETEUID_BREAKS_SETUID)
654 AC_DEFINE(BROKEN_SETREUID)
655 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 656 ;;
132dd316 657*-sni-sysv*)
c8c15bcb 658 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 659 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 660 # -lresolv needs to be at the end of LIBS or DNS lookups break
661 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 662 IPADDR_IN_DISPLAY=yes
663 AC_DEFINE(USE_PIPES)
132dd316 664 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 665 AC_DEFINE(SETEUID_BREAKS_SETUID)
666 AC_DEFINE(BROKEN_SETREUID)
667 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 668 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 669 external_path_file=/etc/default/login
c8c15bcb 670 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
671 # Attention: always take care to bind libsocket and libnsl before libc,
672 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 673 ;;
79a7ba96 674# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 675*-*-sysv4.2*)
ed6553e2 676 AC_DEFINE(USE_PIPES)
7ed101c0 677 AC_DEFINE(SETEUID_BREAKS_SETUID)
678 AC_DEFINE(BROKEN_SETREUID)
679 AC_DEFINE(BROKEN_SETREGID)
46f853b9 680 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 681 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 682 ;;
79a7ba96 683# UnixWare 7.x, OpenUNIX 8
77bb0bca 684*-*-sysv5*)
d7d2cc6e 685 check_for_libcrypt_later=1
686 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 687 AC_DEFINE(USE_PIPES)
7ed101c0 688 AC_DEFINE(SETEUID_BREAKS_SETUID)
689 AC_DEFINE(BROKEN_SETREUID)
690 AC_DEFINE(BROKEN_SETREGID)
3466e002 691 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 692 case "$host" in
693 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
694 TEST_SHELL=/u95/bin/sh
3466e002 695 AC_DEFINE(BROKEN_LIBIAF, 1,
696 [ia_uinfo routines not supported by OS yet])
5cc6ddad 697 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 698 ;;
e45da4d6 699 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
700 ;;
822015dd 701 esac
77bb0bca 702 ;;
9d6b1b96 703*-*-sysv*)
9d6b1b96 704 ;;
79a7ba96 705# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 706*-*-sco3.2v4*)
11cf4f1f 707 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 708 ;;
79a7ba96 709# SCO OpenServer 5.x
77bb0bca 710*-*-sco3.2v5*)
21710e39 711 if test -z "$GCC"; then
712 CFLAGS="$CFLAGS -belf"
713 fi
ed6553e2 714 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 715 no_dev_ptmx=1
ed6553e2 716 AC_DEFINE(USE_PIPES)
6e879cb4 717 AC_DEFINE(HAVE_SECUREWARE)
d287c664 718 AC_DEFINE(DISABLE_SHADOW)
94d8258b 719 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 720 AC_DEFINE(SETEUID_BREAKS_SETUID)
721 AC_DEFINE(BROKEN_SETREUID)
722 AC_DEFINE(BROKEN_SETREGID)
bcebad47 723 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 724 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 725 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 726 AC_CHECK_FUNCS(getluid setluid)
533875af 727 MANTYPE=man
a3245b92 728 TEST_SHELL=ksh
509b1f88 729 ;;
ccbb983c 730*-*-unicosmk*)
3466e002 731 AC_DEFINE(NO_SSH_LASTLOG, 1,
732 [Define if you don't want to use lastlog in session.c])
c1ad5966 733 AC_DEFINE(SETEUID_BREAKS_SETUID)
734 AC_DEFINE(BROKEN_SETREUID)
735 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 736 AC_DEFINE(USE_PIPES)
737 AC_DEFINE(DISABLE_FD_PASSING)
738 LDFLAGS="$LDFLAGS"
739 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
740 MANTYPE=cat
d262b7f2 741 ;;
7b9a8c6e 742*-*-unicosmp*)
c1ad5966 743 AC_DEFINE(SETEUID_BREAKS_SETUID)
744 AC_DEFINE(BROKEN_SETREUID)
745 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 746 AC_DEFINE(WITH_ABBREV_NO_TTY)
747 AC_DEFINE(USE_PIPES)
748 AC_DEFINE(DISABLE_FD_PASSING)
749 LDFLAGS="$LDFLAGS"
c1ad5966 750 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 751 MANTYPE=cat
752 ;;
ca5c7d6a 753*-*-unicos*)
c1ad5966 754 AC_DEFINE(SETEUID_BREAKS_SETUID)
755 AC_DEFINE(BROKEN_SETREUID)
756 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 757 AC_DEFINE(USE_PIPES)
94d8258b 758 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 759 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 760 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
761 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
762 MANTYPE=cat
a704dd54 763 ;;
4d33e531 764*-dec-osf*)
99c8ddac 765 AC_MSG_CHECKING(for Digital Unix SIA)
766 no_osfsia=""
767 AC_ARG_WITH(osfsia,
768 [ --with-osfsia Enable Digital Unix SIA],
769 [
770 if test "x$withval" = "xno" ; then
771 AC_MSG_RESULT(disabled)
772 no_osfsia=1
773 fi
774 ],
775 )
776 if test -z "$no_osfsia" ; then
4d33e531 777 if test -f /etc/sia/matrix.conf; then
778 AC_MSG_RESULT(yes)
3466e002 779 AC_DEFINE(HAVE_OSF_SIA, 1,
780 [Define if you have Digital Unix Security
781 Integration Architecture])
782 AC_DEFINE(DISABLE_LOGIN, 1,
783 [Define if you don't want to use your
784 system's login() call])
58d0df4e 785 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 786 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 787 SIA_MSG="yes"
4d33e531 788 else
789 AC_MSG_RESULT(no)
3466e002 790 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
791 [String used in /etc/passwd to denote locked account])
4d33e531 792 fi
793 fi
a6e67b60 794 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 795 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 796 AC_DEFINE(BROKEN_SETREUID)
797 AC_DEFINE(BROKEN_SETREGID)
4d33e531 798 ;;
41cb4569 799
9c54c067 800*-*-nto-qnx*)
41cb4569 801 AC_DEFINE(USE_PIPES)
802 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 803 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
804 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
805 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 806 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 807 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 808 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 809 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 810 case "$host" in
811 *-*-nto-qnx6*)
812 AC_DEFINE(DISABLE_FD_PASSING)
813 ;;
814 esac
41cb4569 815 ;;
35fc74ed 816
817*-*-ultrix*)
3466e002 818 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
819 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 820 AC_DEFINE(NEED_SETPGRP)
b5765e1d 821 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
822 ;;
157b6700 823
824*-*-lynxos)
825 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 826 AC_DEFINE(MISSING_HOWMANY)
157b6700 827 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
828 ;;
a7effaac 829esac
830
c5829391 831AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 832AC_RUN_IFELSE(
833 [AC_LANG_SOURCE([
c5829391 834#include <stdio.h>
835int main(){exit(0);}
479cece8 836 ])],
c5829391 837 [ AC_MSG_RESULT(yes) ],
838 [
839 AC_MSG_RESULT(no)
840 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 841 ],
842 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 843)
844
b04a9f8c 845dnl Checks for header files.
a0391976 846# Checks for libraries.
98a7c37b 847AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
848AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 849
446227d6 850dnl IRIX and Solaris 2.5.1 have dirname() in libgen
851AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
852 AC_CHECK_LIB(gen, dirname,[
853 AC_CACHE_CHECK([for broken dirname],
854 ac_cv_have_broken_dirname, [
855 save_LIBS="$LIBS"
856 LIBS="$LIBS -lgen"
b0e7249f 857 AC_RUN_IFELSE(
858 [AC_LANG_SOURCE([[
446227d6 859#include <libgen.h>
860#include <string.h>
861
862int main(int argc, char **argv) {
863 char *s, buf[32];
864
865 strncpy(buf,"/etc", 32);
866 s = dirname(buf);
867 if (!s || strncmp(s, "/", 32) != 0) {
868 exit(1);
869 } else {
870 exit(0);
871 }
872}
b0e7249f 873 ]])],
874 [ ac_cv_have_broken_dirname="no" ],
875 [ ac_cv_have_broken_dirname="yes" ],
446227d6 876 [ ac_cv_have_broken_dirname="no" ],
446227d6 877 )
878 LIBS="$save_LIBS"
879 ])
880 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
881 LIBS="$LIBS -lgen"
882 AC_DEFINE(HAVE_DIRNAME)
883 AC_CHECK_HEADERS(libgen.h)
884 fi
885 ])
886])
887
888AC_CHECK_FUNC(getspnam, ,
889 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 890AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
891 [Define if you have the basename function.]))
446227d6 892
98a7c37b 893dnl zlib is required
894AC_ARG_WITH(zlib,
895 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 896 [ if test "x$withval" = "xno" ; then
897 AC_MSG_ERROR([*** zlib is required ***])
898 elif test "x$withval" != "xyes"; then
98a7c37b 899 if test -d "$withval/lib"; then
900 if test -n "${need_dash_r}"; then
5a162955 901 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 902 else
5a162955 903 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 904 fi
905 else
906 if test -n "${need_dash_r}"; then
5a162955 907 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 908 else
5a162955 909 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 910 fi
911 fi
912 if test -d "$withval/include"; then
5a162955 913 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 914 else
5a162955 915 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 916 fi
6dd05556 917 fi ]
98a7c37b 918)
919
0a15d73b 920AC_CHECK_LIB(z, deflate, ,
921 [
922 saved_CPPFLAGS="$CPPFLAGS"
923 saved_LDFLAGS="$LDFLAGS"
924 save_LIBS="$LIBS"
925 dnl Check default zlib install dir
926 if test -n "${need_dash_r}"; then
927 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
928 else
929 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
930 fi
931 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
932 LIBS="$LIBS -lz"
933 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
934 [
935 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
936 ]
937 )
938 ]
939)
4ad65809 940AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 941
942AC_ARG_WITH(zlib-version-check,
943 [ --without-zlib-version-check Disable zlib version check],
944 [ if test "x$withval" = "xno" ; then
945 zlib_check_nonfatal=1
946 fi
947 ]
948)
949
5c7fc85d 950AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 951AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 952#include <stdio.h>
4ad65809 953#include <zlib.h>
954int main()
955{
5c7fc85d 956 int a=0, b=0, c=0, d=0, n, v;
957 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
958 if (n != 3 && n != 4)
4ad65809 959 exit(1);
5c7fc85d 960 v = a*1000000 + b*10000 + c*100 + d;
961 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
962
963 /* 1.1.4 is OK */
964 if (a == 1 && b == 1 && c >= 4)
4ad65809 965 exit(0);
5c7fc85d 966
0072b59d 967 /* 1.2.3 and up are OK */
968 if (v >= 1020300)
5c7fc85d 969 exit(0);
970
4ad65809 971 exit(2);
972}
479cece8 973 ]])],
5c7fc85d 974 AC_MSG_RESULT(no),
975 [ AC_MSG_RESULT(yes)
8068d564 976 if test -z "$zlib_check_nonfatal" ; then
977 AC_MSG_ERROR([*** zlib too old - check config.log ***
978Your reported zlib version has known security problems. It's possible your
979vendor has fixed these problems without changing the version number. If you
980are sure this is the case, you can disable the check by running
981"./configure --without-zlib-version-check".
6090bcfe 982If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 983See http://www.gzip.org/zlib/ for details.])
8068d564 984 else
985 AC_MSG_WARN([zlib version may have security problems])
986 fi
1a01a50c 987 ],
988 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 989)
48e7916f 990
2c523de9 991dnl UnixWare 2.x
aff51935 992AC_CHECK_FUNC(strcasecmp,
2c523de9 993 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
994)
23361281 995AC_CHECK_FUNCS(utimes,
cda1ebcb 996 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
997 LIBS="$LIBS -lc89"]) ]
2c523de9 998)
4cca272e 999
7c6d759d 1000dnl Checks for libutil functions
1001AC_CHECK_HEADERS(libutil.h)
3466e002 1002AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1003 [Define if your libraries define login()])])
7c6d759d 1004AC_CHECK_FUNCS(logout updwtmp logwtmp)
1005
a738c3b0 1006AC_FUNC_STRFTIME
1007
84ceda19 1008# Check for ALTDIRFUNC glob() extension
1009AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1010AC_EGREP_CPP(FOUNDIT,
1011 [
1012 #include <glob.h>
1013 #ifdef GLOB_ALTDIRFUNC
1014 FOUNDIT
1015 #endif
aff51935 1016 ],
84ceda19 1017 [
3466e002 1018 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1019 [Define if your system glob() function has
1020 the GLOB_ALTDIRFUNC extension])
84ceda19 1021 AC_MSG_RESULT(yes)
1022 ],
1023 [
1024 AC_MSG_RESULT(no)
1025 ]
1026)
4cca272e 1027
40849fdb 1028# Check for g.gl_matchc glob() extension
1029AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1030AC_TRY_COMPILE(
13ff27b7 1031 [ #include <glob.h> ],
1032 [glob_t g; g.gl_matchc = 1;],
aff51935 1033 [
3466e002 1034 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1035 [Define if your system glob() function has
1036 gl_matchc options in glob_t])
aff51935 1037 AC_MSG_RESULT(yes)
1038 ],
1039 [
1040 AC_MSG_RESULT(no)
1041 ]
40849fdb 1042)
1043
78888bab 1044AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1045
edbe6722 1046AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1047AC_RUN_IFELSE(
479cece8 1048 [AC_LANG_SOURCE([[
edbe6722 1049#include <sys/types.h>
1050#include <dirent.h>
aec4cb4f 1051int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1052 ]])],
aff51935 1053 [AC_MSG_RESULT(yes)],
edbe6722 1054 [
1055 AC_MSG_RESULT(no)
3466e002 1056 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1057 [Define if your struct dirent expects you to
3466e002 1058 allocate extra space for d_name])
1a01a50c 1059 ],
82f4e93d 1060 [
1a01a50c 1061 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1062 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1063 ]
1064)
1065
419e26e7 1066AC_MSG_CHECKING([for /proc/pid/fd directory])
1067if test -d "/proc/$$/fd" ; then
3466e002 1068 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1069 AC_MSG_RESULT(yes)
1070else
1071 AC_MSG_RESULT(no)
1072fi
1073
278588d8 1074# Check whether user wants S/Key support
aff51935 1075SKEY_MSG="no"
278588d8 1076AC_ARG_WITH(skey,
6ff3d0dc 1077 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1078 [
1079 if test "x$withval" != "xno" ; then
1080
1081 if test "x$withval" != "xyes" ; then
1082 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1083 LDFLAGS="$LDFLAGS -L${withval}/lib"
1084 fi
1085
3466e002 1086 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1087 LIBS="-lskey $LIBS"
aff51935 1088 SKEY_MSG="yes"
82f4e93d 1089
ddceb1c8 1090 AC_MSG_CHECKING([for s/key support])
b0e7249f 1091 AC_LINK_IFELSE(
1092 [AC_LANG_SOURCE([[
ddceb1c8 1093#include <stdio.h>
1094#include <skey.h>
aec4cb4f 1095int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1096 ]])],
ddceb1c8 1097 [AC_MSG_RESULT(yes)],
278588d8 1098 [
ddceb1c8 1099 AC_MSG_RESULT(no)
278588d8 1100 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1101 ])
141fc639 1102 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1103 AC_TRY_COMPILE(
1104 [#include <stdio.h>
1105 #include <skey.h>],
1106 [(void)skeychallenge(NULL,"name","",0);],
1107 [AC_MSG_RESULT(yes)
3466e002 1108 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1109 [Define if your skeychallenge()
1110 function takes 4 arguments (NetBSD)])],
141fc639 1111 [AC_MSG_RESULT(no)]
1112 )
278588d8 1113 fi
1114 ]
1115)
1116
1117# Check whether user wants TCP wrappers support
98a7c37b 1118TCPW_MSG="no"
278588d8 1119AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1120 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1121 [
1122 if test "x$withval" != "xno" ; then
1123 saved_LIBS="$LIBS"
98a7c37b 1124 saved_LDFLAGS="$LDFLAGS"
1125 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1126 if test -n "${withval}" && \
6cf0200f 1127 test "x${withval}" != "xyes"; then
98a7c37b 1128 if test -d "${withval}/lib"; then
1129 if test -n "${need_dash_r}"; then
5a162955 1130 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1131 else
5a162955 1132 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1133 fi
1134 else
1135 if test -n "${need_dash_r}"; then
5a162955 1136 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1137 else
5a162955 1138 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1139 fi
1140 fi
1141 if test -d "${withval}/include"; then
5a162955 1142 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1143 else
5a162955 1144 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1145 fi
98a7c37b 1146 fi
e54defb4 1147 LIBS="-lwrap $LIBS"
278588d8 1148 AC_MSG_CHECKING(for libwrap)
1149 AC_TRY_LINK(
1150 [
77f09220 1151#include <sys/types.h>
1152#include <sys/socket.h>
1153#include <netinet/in.h>
278588d8 1154#include <tcpd.h>
1155 int deny_severity = 0, allow_severity = 0;
1156 ],
1157 [hosts_access(0);],
1158 [
1159 AC_MSG_RESULT(yes)
3466e002 1160 AC_DEFINE(LIBWRAP, 1,
1161 [Define if you want
1162 TCP Wrappers support])
e54defb4 1163 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1164 TCPW_MSG="yes"
278588d8 1165 ],
1166 [
1167 AC_MSG_ERROR([*** libwrap missing])
1168 ]
1169 )
ddceb1c8 1170 LIBS="$saved_LIBS"
278588d8 1171 fi
1172 ]
1173)
1174
59031773 1175# Check whether user wants libedit support
1176LIBEDIT_MSG="no"
1177AC_ARG_WITH(libedit,
6ff3d0dc 1178 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1179 [ if test "x$withval" != "xno" ; then
737edf04 1180 if test "x$withval" != "xyes"; then
bb116c8e 1181 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1182 if test -n "${need_dash_r}"; then
1183 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1184 else
1185 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1186 fi
737edf04 1187 fi
59031773 1188 AC_CHECK_LIB(edit, el_init,
3466e002 1189 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1190 LIBEDIT="-ledit -lcurses"
1191 LIBEDIT_MSG="yes"
1192 AC_SUBST(LIBEDIT)
1193 ],
737edf04 1194 [ AC_MSG_ERROR(libedit not found) ],
1195 [ -lcurses ]
59031773 1196 )
f47ddccb 1197 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1198 AC_COMPILE_IFELSE(
1199 [AC_LANG_SOURCE([[
1200#include <histedit.h>
f47ddccb 1201int main(void)
1202{
1203 int i = H_SETSIZE;
1204 el_init("", NULL, NULL, NULL);
1205 exit(0);
1206}
d92622f9 1207 ]])],
f47ddccb 1208 [ AC_MSG_RESULT(yes) ],
1209 [ AC_MSG_RESULT(no)
1210 AC_MSG_ERROR(libedit version is not compatible) ]
1211 )
59031773 1212 fi ]
1213)
1214
7b578f7d 1215AUDIT_MODULE=none
1216AC_ARG_WITH(audit,
1217 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1218 [
1219 AC_MSG_CHECKING(for supported audit module)
1220 case "$withval" in
1221 bsm)
1222 AC_MSG_RESULT(bsm)
1223 AUDIT_MODULE=bsm
1224 dnl Checks for headers, libs and functions
1225 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1226 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1227 [
1228#ifdef HAVE_TIME_H
1229# include <time.h>
1230#endif
1231 ]
1232)
7b578f7d 1233 AC_CHECK_LIB(bsm, getaudit, [],
1234 [AC_MSG_ERROR(BSM enabled and required library not found)])
1235 AC_CHECK_FUNCS(getaudit, [],
1236 [AC_MSG_ERROR(BSM enabled and required function not found)])
1237 # These are optional
a74e9b64 1238 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1239 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1240 ;;
1241 debug)
1242 AUDIT_MODULE=debug
1243 AC_MSG_RESULT(debug)
3466e002 1244 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1245 ;;
a2b3321d 1246 no)
d92622f9 1247 AC_MSG_RESULT(no)
a2b3321d 1248 ;;
7b578f7d 1249 *)
1250 AC_MSG_ERROR([Unknown audit module $withval])
1251 ;;
1252 esac ]
1253)
1254
19160674 1255dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1256AC_CHECK_FUNCS( \
1257 arc4random \
9a406e1e 1258 asprintf \
b04a9f8c 1259 b64_ntop \
1260 __b64_ntop \
1261 b64_pton \
1262 __b64_pton \
1263 bcopy \
1264 bindresvport_sa \
1265 clock \
1266 closefrom \
1267 dirfd \
b04a9f8c 1268 fchmod \
1269 fchown \
1270 freeaddrinfo \
1271 futimes \
1272 getaddrinfo \
1273 getcwd \
1274 getgrouplist \
1275 getnameinfo \
1276 getopt \
1277 getpeereid \
1961d660 1278 getpeerucred \
b04a9f8c 1279 _getpty \
1280 getrlimit \
1281 getttyent \
1282 glob \
1283 inet_aton \
1284 inet_ntoa \
1285 inet_ntop \
1286 innetgr \
1287 login_getcapbool \
1288 md5_crypt \
1289 memmove \
1290 mkdtemp \
1291 mmap \
1292 ngetaddrinfo \
1293 nsleep \
1294 ogetaddrinfo \
1295 openlog_r \
1296 openpty \
6d39a5c4 1297 poll \
b04a9f8c 1298 prctl \
1299 pstat \
1300 readpassphrase \
1301 realpath \
1302 recvmsg \
1303 rresvport_af \
1304 sendmsg \
1305 setdtablesize \
1306 setegid \
1307 setenv \
1308 seteuid \
1309 setgroups \
1310 setlogin \
1311 setpcred \
1312 setproctitle \
1313 setregid \
1314 setreuid \
1315 setrlimit \
1316 setsid \
1317 setvbuf \
1318 sigaction \
1319 sigvec \
1320 snprintf \
1321 socketpair \
1322 strdup \
1323 strerror \
1324 strlcat \
1325 strlcpy \
1326 strmode \
1327 strnvis \
1328 strtonum \
1e29a0c8 1329 strtoll \
b04a9f8c 1330 strtoul \
1aac2117 1331 swap32 \
b04a9f8c 1332 sysconf \
1333 tcgetpgrp \
1334 truncate \
1335 unsetenv \
1336 updwtmpx \
9a406e1e 1337 vasprintf \
b04a9f8c 1338 vhangup \
1339 vsnprintf \
1340 waitpid \
19160674 1341)
98a7c37b 1342
1a086f97 1343# IRIX has a const char return value for gai_strerror()
1344AC_CHECK_FUNCS(gai_strerror,[
1345 AC_DEFINE(HAVE_GAI_STRERROR)
1346 AC_TRY_COMPILE([
1347#include <sys/types.h>
1348#include <sys/socket.h>
1349#include <netdb.h>
1350
1351const char *gai_strerror(int);],[
1352char *str;
1353
1354str = gai_strerror(0);],[
1355 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1356 [Define if gai_strerror() returns const char *])])])
1357
3466e002 1358AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1359 [Some systems put nanosleep outside of libc]))
92b1decf 1360
309709db 1361dnl Make sure prototypes are defined for these before using them.
309709db 1362AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1363AC_CHECK_DECL(strsep,
1364 [AC_CHECK_FUNCS(strsep)],
1365 [],
1366 [
1367#ifdef HAVE_STRING_H
1368# include <string.h>
1369#endif
1370 ])
08412d26 1371
3490699c 1372dnl tcsendbreak might be a macro
1373AC_CHECK_DECL(tcsendbreak,
1374 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1375 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1376 [#include <termios.h>]
1377)
1378
41e0e158 1379AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1380
71f4c727 1381AC_CHECK_DECLS(SHUT_RD, , ,
1382 [
1383#include <sys/types.h>
1384#include <sys/socket.h>
1385 ])
956d6743 1386
1387AC_CHECK_DECLS(O_NONBLOCK, , ,
1388 [
1389#include <sys/types.h>
1390#ifdef HAVE_SYS_STAT_H
1391# include <sys/stat.h>
1392#endif
1393#ifdef HAVE_FCNTL_H
1394# include <fcntl.h>
1395#endif
1396 ])
1397
752994dd 1398AC_CHECK_DECLS(writev, , , [
1399#include <sys/types.h>
1400#include <sys/uio.h>
1401#include <unistd.h>
1402 ])
1403
0bf6279d 1404AC_CHECK_DECLS(MAXSYMLINKS, , , [
1405#include <sys/param.h>
1406 ])
1407
b41ece30 1408AC_CHECK_DECLS(offsetof, , , [
1409#include <stddef.h>
1410 ])
1411
3f176010 1412AC_CHECK_FUNCS(setresuid, [
1413 dnl Some platorms have setresuid that isn't implemented, test for this
1414 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1415 AC_RUN_IFELSE(
1416 [AC_LANG_SOURCE([[
9a3fe0e2 1417#include <stdlib.h>
1418#include <errno.h>
1419int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1420 ]])],
3f176010 1421 [AC_MSG_RESULT(yes)],
3466e002 1422 [AC_DEFINE(BROKEN_SETRESUID, 1,
1423 [Define if your setresuid() is broken])
1a01a50c 1424 AC_MSG_RESULT(not implemented)],
1425 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1426 )
1427])
9a3fe0e2 1428
3f176010 1429AC_CHECK_FUNCS(setresgid, [
1430 dnl Some platorms have setresgid that isn't implemented, test for this
1431 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1432 AC_RUN_IFELSE(
1433 [AC_LANG_SOURCE([[
9a3fe0e2 1434#include <stdlib.h>
1435#include <errno.h>
1436int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1437 ]])],
3f176010 1438 [AC_MSG_RESULT(yes)],
3466e002 1439 [AC_DEFINE(BROKEN_SETRESGID, 1,
1440 [Define if your setresgid() is broken])
1a01a50c 1441 AC_MSG_RESULT(not implemented)],
1442 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1443 )
1444])
9a3fe0e2 1445
2e73a022 1446dnl Checks for time functions
1d7b9b20 1447AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1448dnl Checks for utmp functions
b03bd394 1449AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1450AC_CHECK_FUNCS(utmpname)
2e73a022 1451dnl Checks for utmpx functions
b03bd394 1452AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1453AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1454
aff51935 1455AC_CHECK_FUNC(daemon,
3466e002 1456 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1457 [AC_CHECK_LIB(bsd, daemon,
1458 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1459)
1460
aff51935 1461AC_CHECK_FUNC(getpagesize,
3466e002 1462 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1463 [Define if your libraries define getpagesize()])],
1464 [AC_CHECK_LIB(ucb, getpagesize,
1465 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1466)
1467
2647ae26 1468# Check for broken snprintf
1469if test "x$ac_cv_func_snprintf" = "xyes" ; then
1470 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1471 AC_RUN_IFELSE(
479cece8 1472 [AC_LANG_SOURCE([[
2647ae26 1473#include <stdio.h>
aec4cb4f 1474int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1475 ]])],
aff51935 1476 [AC_MSG_RESULT(yes)],
2647ae26 1477 [
1478 AC_MSG_RESULT(no)
3466e002 1479 AC_DEFINE(BROKEN_SNPRINTF, 1,
1480 [Define if your snprintf is busted])
2647ae26 1481 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1482 ],
1483 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1484 )
1485fi
1486
9a406e1e 1487# If we don't have a working asprintf, then we strongly depend on vsnprintf
1488# returning the right thing on overflow: the number of characters it tried to
1489# create (as per SUSv3)
1490if test "x$ac_cv_func_asprintf" != "xyes" && \
1491 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1492 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1493 AC_RUN_IFELSE(
1494 [AC_LANG_SOURCE([[
1495#include <sys/types.h>
1496#include <stdio.h>
1497#include <stdarg.h>
1498
1499int x_snprintf(char *str,size_t count,const char *fmt,...)
1500{
1501 size_t ret; va_list ap;
1502 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1503 return ret;
1504}
1505int main(void)
1506{
1507 char x[1];
1508 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1509} ]])],
1510 [AC_MSG_RESULT(yes)],
1511 [
1512 AC_MSG_RESULT(no)
1513 AC_DEFINE(BROKEN_SNPRINTF, 1,
1514 [Define if your snprintf is busted])
1515 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1516 ],
1517 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1518 )
1519fi
1520
31b0732a 1521# On systems where [v]snprintf is broken, but is declared in stdio,
1522# check that the fmt argument is const char * or just char *.
1523# This is only useful for when BROKEN_SNPRINTF
1524AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1525AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1526 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1527 int main(void) { snprintf(0, 0, 0); }
1528 ]])],
1529 [AC_MSG_RESULT(yes)
1530 AC_DEFINE(SNPRINTF_CONST, [const],
1531 [Define as const if snprintf() can declare const char *fmt])],
1532 [AC_MSG_RESULT(no)
1533 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1534
2f6f9cff 1535# Check for missing getpeereid (or equiv) support
1536NO_PEERCHECK=""
1961d660 1537if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1538 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1539 AC_TRY_COMPILE(
1540 [#include <sys/types.h>
1541 #include <sys/socket.h>],
1542 [int i = SO_PEERCRED;],
62eb7db4 1543 [ AC_MSG_RESULT(yes)
3466e002 1544 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1545 ],
2f6f9cff 1546 [AC_MSG_RESULT(no)
1547 NO_PEERCHECK=1]
1548 )
1549fi
1550
70e7d0b0 1551dnl see whether mkstemp() requires XXXXXX
1552if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1553AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1554AC_RUN_IFELSE(
1555 [AC_LANG_SOURCE([[
70e7d0b0 1556#include <stdlib.h>
1557main() { char template[]="conftest.mkstemp-test";
1558if (mkstemp(template) == -1)
1559 exit(1);
1560unlink(template); exit(0);
1561}
b0e7249f 1562 ]])],
70e7d0b0 1563 [
1564 AC_MSG_RESULT(no)
1565 ],
aff51935 1566 [
70e7d0b0 1567 AC_MSG_RESULT(yes)
3466e002 1568 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1569 ],
1570 [
1571 AC_MSG_RESULT(yes)
1572 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1573 ]
70e7d0b0 1574)
1575fi
1576
eacb954e 1577dnl make sure that openpty does not reacquire controlling terminal
1578if test ! -z "$check_for_openpty_ctty_bug"; then
1579 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1580 AC_RUN_IFELSE(
1581 [AC_LANG_SOURCE([[
eacb954e 1582#include <stdio.h>
1583#include <sys/fcntl.h>
1584#include <sys/types.h>
1585#include <sys/wait.h>
1586
1587int
1588main()
1589{
1590 pid_t pid;
1591 int fd, ptyfd, ttyfd, status;
1592
1593 pid = fork();
1594 if (pid < 0) { /* failed */
1595 exit(1);
1596 } else if (pid > 0) { /* parent */
1597 waitpid(pid, &status, 0);
aff51935 1598 if (WIFEXITED(status))
eacb954e 1599 exit(WEXITSTATUS(status));
1600 else
1601 exit(2);
1602 } else { /* child */
1603 close(0); close(1); close(2);
1604 setsid();
1605 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1606 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1607 if (fd >= 0)
1608 exit(3); /* Acquired ctty: broken */
1609 else
1610 exit(0); /* Did not acquire ctty: OK */
1611 }
1612}
b0e7249f 1613 ]])],
eacb954e 1614 [
1615 AC_MSG_RESULT(yes)
1616 ],
1617 [
1618 AC_MSG_RESULT(no)
1619 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1620 ],
1621 [
1622 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1623 ]
1624 )
1625fi
1626
4b492aab 1627if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1628 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1629 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1630 AC_RUN_IFELSE(
1631 [AC_LANG_SOURCE([[
2fe51906 1632#include <stdio.h>
1633#include <sys/socket.h>
1634#include <netdb.h>
1635#include <errno.h>
1636#include <netinet/in.h>
1637
1638#define TEST_PORT "2222"
1639
1640int
1641main(void)
1642{
1643 int err, sock;
1644 struct addrinfo *gai_ai, *ai, hints;
1645 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1646
1647 memset(&hints, 0, sizeof(hints));
1648 hints.ai_family = PF_UNSPEC;
1649 hints.ai_socktype = SOCK_STREAM;
1650 hints.ai_flags = AI_PASSIVE;
1651
1652 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1653 if (err != 0) {
1654 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1655 exit(1);
1656 }
1657
1658 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1659 if (ai->ai_family != AF_INET6)
1660 continue;
1661
1662 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1663 sizeof(ntop), strport, sizeof(strport),
1664 NI_NUMERICHOST|NI_NUMERICSERV);
1665
1666 if (err != 0) {
1667 if (err == EAI_SYSTEM)
1668 perror("getnameinfo EAI_SYSTEM");
1669 else
1670 fprintf(stderr, "getnameinfo failed: %s\n",
1671 gai_strerror(err));
1672 exit(2);
1673 }
1674
1675 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1676 if (sock < 0)
1677 perror("socket");
1678 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1679 if (errno == EBADF)
1680 exit(3);
1681 }
1682 }
1683 exit(0);
1684}
b0e7249f 1685 ]])],
2fe51906 1686 [
1687 AC_MSG_RESULT(yes)
1688 ],
1689 [
1690 AC_MSG_RESULT(no)
1691 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1692 ],
1693 [
1694 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1695 ]
1696 )
1697fi
1698
4b492aab 1699if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1700 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1701 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1702 AC_RUN_IFELSE(
1703 [AC_LANG_SOURCE([[
5ccf88cb 1704#include <stdio.h>
1705#include <sys/socket.h>
1706#include <netdb.h>
1707#include <errno.h>
1708#include <netinet/in.h>
1709
1710#define TEST_PORT "2222"
1711
1712int
1713main(void)
1714{
1715 int err, sock;
1716 struct addrinfo *gai_ai, *ai, hints;
1717 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1718
1719 memset(&hints, 0, sizeof(hints));
1720 hints.ai_family = PF_UNSPEC;
1721 hints.ai_socktype = SOCK_STREAM;
1722 hints.ai_flags = AI_PASSIVE;
1723
1724 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1725 if (err != 0) {
1726 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1727 exit(1);
1728 }
1729
1730 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1731 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1732 continue;
1733
1734 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1735 sizeof(ntop), strport, sizeof(strport),
1736 NI_NUMERICHOST|NI_NUMERICSERV);
1737
1738 if (ai->ai_family == AF_INET && err != 0) {
1739 perror("getnameinfo");
1740 exit(2);
1741 }
1742 }
1743 exit(0);
1744}
b0e7249f 1745 ]])],
5ccf88cb 1746 [
1747 AC_MSG_RESULT(yes)
3466e002 1748 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1749 [Define if you have a getaddrinfo that fails
1750 for the all-zeros IPv6 address])
5ccf88cb 1751 ],
1752 [
1753 AC_MSG_RESULT(no)
1754 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1755 ],
ecd9ec09 1756 [
b0e7249f 1757 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1758 ]
1759 )
1760fi
1761
b29fd59f 1762if test "x$check_for_conflicting_getspnam" = "x1"; then
1763 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1764 AC_COMPILE_IFELSE(
1765 [
1766#include <shadow.h>
1767int main(void) {exit(0);}
1768 ],
1769 [
1770 AC_MSG_RESULT(no)
1771 ],
1772 [
1773 AC_MSG_RESULT(yes)
1774 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1775 [Conflicting defs for getspnam])
1776 ]
1777 )
1778fi
1779
7f8f5e00 1780AC_FUNC_GETPGRP
1781
5b991353 1782# Search for OpenSSL
1783saved_CPPFLAGS="$CPPFLAGS"
1784saved_LDFLAGS="$LDFLAGS"
a0391976 1785AC_ARG_WITH(ssl-dir,
1786 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1787 [
e9e4a1c7 1788 if test "x$withval" != "xno" ; then
99eb0f64 1789 case "$withval" in
1790 # Relative paths
1791 ./*|../*) withval="`pwd`/$withval"
1792 esac
5b991353 1793 if test -d "$withval/lib"; then
1794 if test -n "${need_dash_r}"; then
1795 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1796 else
1797 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1798 fi
1799 else
5b991353 1800 if test -n "${need_dash_r}"; then
1801 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1802 else
1803 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1804 fi
1805 fi
5b991353 1806 if test -d "$withval/include"; then
1807 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1808 else
5b991353 1809 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1810 fi
a0391976 1811 fi
5b991353 1812 ]
1813)
5486a457 1814LIBS="-lcrypto $LIBS"
3466e002 1815AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1816 [Define if your ssl headers are included
1817 with #include <openssl/header.h>]),
d45e3d76 1818 [
5b991353 1819 dnl Check default openssl install dir
1820 if test -n "${need_dash_r}"; then
1821 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1822 else
5b991353 1823 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1824 fi
5b991353 1825 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1826 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1827 [
1828 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1829 ]
1830 )
1831 ]
1832)
1833
cd018561 1834# Determine OpenSSL header version
1835AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1836AC_RUN_IFELSE(
479cece8 1837 [AC_LANG_SOURCE([[
cd018561 1838#include <stdio.h>
1839#include <string.h>
1840#include <openssl/opensslv.h>
1841#define DATA "conftest.sslincver"
1842int main(void) {
aff51935 1843 FILE *fd;
1844 int rc;
cd018561 1845
aff51935 1846 fd = fopen(DATA,"w");
1847 if(fd == NULL)
1848 exit(1);
cd018561 1849
1850 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1851 exit(1);
1852
1853 exit(0);
1854}
479cece8 1855 ]])],
cd018561 1856 [
1857 ssl_header_ver=`cat conftest.sslincver`
1858 AC_MSG_RESULT($ssl_header_ver)
1859 ],
1860 [
1861 AC_MSG_RESULT(not found)
1862 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1863 ],
1864 [
1865 AC_MSG_WARN([cross compiling: not checking])
cd018561 1866 ]
1867)
1868
1869# Determine OpenSSL library version
1870AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1871AC_RUN_IFELSE(
479cece8 1872 [AC_LANG_SOURCE([[
cd018561 1873#include <stdio.h>
1874#include <string.h>
1875#include <openssl/opensslv.h>
1876#include <openssl/crypto.h>
1877#define DATA "conftest.ssllibver"
1878int main(void) {
aff51935 1879 FILE *fd;
1880 int rc;
cd018561 1881
aff51935 1882 fd = fopen(DATA,"w");
1883 if(fd == NULL)
1884 exit(1);
cd018561 1885
1886 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1887 exit(1);
1888
1889 exit(0);
1890}
479cece8 1891 ]])],
cd018561 1892 [
1893 ssl_library_ver=`cat conftest.ssllibver`
1894 AC_MSG_RESULT($ssl_library_ver)
1895 ],
1896 [
1897 AC_MSG_RESULT(not found)
1898 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1899 ],
1900 [
1901 AC_MSG_WARN([cross compiling: not checking])
cd018561 1902 ]
1903)
58d100bf 1904
1d42bcce 1905AC_ARG_WITH(openssl-header-check,
1906 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1907 [ if test "x$withval" = "xno" ; then
1908 openssl_check_nonfatal=1
1909 fi
1910 ]
1911)
1912
9780116c 1913# Sanity check OpenSSL headers
1914AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1915AC_RUN_IFELSE(
479cece8 1916 [AC_LANG_SOURCE([[
9780116c 1917#include <string.h>
1918#include <openssl/opensslv.h>
aec4cb4f 1919int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1920 ]])],
9780116c 1921 [
1922 AC_MSG_RESULT(yes)
1923 ],
1924 [
1925 AC_MSG_RESULT(no)
1d42bcce 1926 if test "x$openssl_check_nonfatal" = "x"; then
1927 AC_MSG_ERROR([Your OpenSSL headers do not match your
1928library. Check config.log for details.
1929If you are sure your installation is consistent, you can disable the check
1930by running "./configure --without-openssl-header-check".
1931Also see contrib/findssl.sh for help identifying header/library mismatches.
1932])
1933 else
1934 AC_MSG_WARN([Your OpenSSL headers do not match your
1935library. Check config.log for details.
e15ba28b 1936Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1937 fi
1a01a50c 1938 ],
1939 [
1940 AC_MSG_WARN([cross compiling: not checking])
9780116c 1941 ]
1942)
1943
282d6408 1944AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1945AC_LINK_IFELSE(
1946 [AC_LANG_SOURCE([[
1947#include <openssl/evp.h>
1948int main(void) { SSLeay_add_all_algorithms(); }
1949 ]])],
1950 [
1951 AC_MSG_RESULT(yes)
1952 ],
1953 [
1954 AC_MSG_RESULT(no)
1955 saved_LIBS="$LIBS"
1956 LIBS="$LIBS -ldl"
1957 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1958 AC_LINK_IFELSE(
1959 [AC_LANG_SOURCE([[
1960#include <openssl/evp.h>
1961int main(void) { SSLeay_add_all_algorithms(); }
1962 ]])],
1963 [
1964 AC_MSG_RESULT(yes)
1965 ],
1966 [
1967 AC_MSG_RESULT(no)
1968 LIBS="$saved_LIBS"
1969 ]
1970 )
1971 ]
1972)
1973
c7ad0d99 1974AC_ARG_WITH(ssl-engine,
1975 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1976 [ if test "x$withval" != "xno" ; then
1977 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1978 AC_TRY_COMPILE(
1979 [ #include <openssl/engine.h>],
1980 [
24b2647b 1981ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 1982 ],
1983 [ AC_MSG_RESULT(yes)
1984 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1985 [Enable OpenSSL engine support])
1986 ],
1987 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1988 )
1989 fi ]
1990)
1991
e5146707 1992# Check for OpenSSL without EVP_aes_{192,256}_cbc
1993AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1994AC_LINK_IFELSE(
e5146707 1995 [AC_LANG_SOURCE([[
1996#include <string.h>
1997#include <openssl/evp.h>
300ea548 1998int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1999 ]])],
2000 [
2001 AC_MSG_RESULT(no)
2002 ],
2003 [
2004 AC_MSG_RESULT(yes)
2005 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2006 [libcrypto is missing AES 192 and 256 bit functions])
2007 ]
2008)
2009
5486a457 2010# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2011# because the system crypt() is more featureful.
2012if test "x$check_for_libcrypt_before" = "x1"; then
2013 AC_CHECK_LIB(crypt, crypt)
2014fi
2015
aff51935 2016# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2017# version in OpenSSL.
05114c74 2018if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2019 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2020fi
2021
13ff27b7 2022# Search for SHA256 support in libc and/or OpenSSL
2023AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2024
a03acb8f 2025saved_LIBS="$LIBS"
2026AC_CHECK_LIB(iaf, ia_openinfo, [
2027 LIBS="$LIBS -liaf"
d837615a 2028 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2029 AC_DEFINE(HAVE_LIBIAF, 1,
2030 [Define if system has libiaf that supports set_id])
2031 ])
a03acb8f 2032])
2033LIBS="$saved_LIBS"
f1b0ecc3 2034
2035### Configure cryptographic random number support
2036
2037# Check wheter OpenSSL seeds itself
2038AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2039AC_RUN_IFELSE(
479cece8 2040 [AC_LANG_SOURCE([[
f1b0ecc3 2041#include <string.h>
2042#include <openssl/rand.h>
aec4cb4f 2043int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2044 ]])],
f1b0ecc3 2045 [
2046 OPENSSL_SEEDS_ITSELF=yes
2047 AC_MSG_RESULT(yes)
2048 ],
2049 [
2050 AC_MSG_RESULT(no)
2051 # Default to use of the rand helper if OpenSSL doesn't
2052 # seed itself
2053 USE_RAND_HELPER=yes
1a01a50c 2054 ],
2055 [
2056 AC_MSG_WARN([cross compiling: assuming yes])
2057 # This is safe, since all recent OpenSSL versions will
82f4e93d 2058 # complain at runtime if not seeded correctly.
1a01a50c 2059 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2060 ]
2061)
2062
a086f73b 2063# Check for PAM libs
2064PAM_MSG="no"
2065AC_ARG_WITH(pam,
2066 [ --with-pam Enable PAM support ],
2067 [
2068 if test "x$withval" != "xno" ; then
2069 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2070 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2071 AC_MSG_ERROR([PAM headers not found])
2072 fi
2073
2074 saved_LIBS="$LIBS"
2075 AC_CHECK_LIB(dl, dlopen, , )
2076 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2077 AC_CHECK_FUNCS(pam_getenvlist)
2078 AC_CHECK_FUNCS(pam_putenv)
2079 LIBS="$saved_LIBS"
2080
2081 PAM_MSG="yes"
2082
e54defb4 2083 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2084 AC_DEFINE(USE_PAM, 1,
2085 [Define if you want to enable PAM support])
282d6408 2086
a086f73b 2087 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2088 case "$LIBS" in
2089 *-ldl*)
2090 # libdl already in LIBS
2091 ;;
2092 *)
e54defb4 2093 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2094 ;;
2095 esac
a086f73b 2096 fi
a086f73b 2097 fi
2098 ]
2099)
2100
2101# Check for older PAM
2102if test "x$PAM_MSG" = "xyes" ; then
2103 # Check PAM strerror arguments (old PAM)
2104 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2105 AC_TRY_COMPILE(
2106 [
2107#include <stdlib.h>
2108#if defined(HAVE_SECURITY_PAM_APPL_H)
2109#include <security/pam_appl.h>
2110#elif defined (HAVE_PAM_PAM_APPL_H)
2111#include <pam/pam_appl.h>
2112#endif
2113 ],
2114 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2115 [AC_MSG_RESULT(no)],
2116 [
2117 AC_DEFINE(HAVE_OLD_PAM, 1,
2118 [Define if you have an old version of PAM
2119 which takes only one argument to pam_strerror])
2120 AC_MSG_RESULT(yes)
2121 PAM_MSG="yes (old library)"
2122 ]
2123 )
2124fi
f1b0ecc3 2125
2126# Do we want to force the use of the rand helper?
2127AC_ARG_WITH(rand-helper,
2128 [ --with-rand-helper Use subprocess to gather strong randomness ],
2129 [
2130 if test "x$withval" = "xno" ; then
aff51935 2131 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2132 # the previous test showed it to be unseeded.
2133 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2134 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2135 OPENSSL_SEEDS_ITSELF=yes
2136 USE_RAND_HELPER=""
2137 fi
2138 else
2139 USE_RAND_HELPER=yes
2140 fi
2141 ],
82f4e93d 2142)
f1b0ecc3 2143
2144# Which randomness source do we use?
4b492aab 2145if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2146 # OpenSSL only
3466e002 2147 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2148 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2149 RAND_MSG="OpenSSL internal ONLY"
2150 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2151elif test ! -z "$USE_RAND_HELPER" ; then
2152 # install rand helper
f1b0ecc3 2153 RAND_MSG="ssh-rand-helper"
2154 INSTALL_SSH_RAND_HELPER="yes"
2155fi
2156AC_SUBST(INSTALL_SSH_RAND_HELPER)
2157
2158### Configuration of ssh-rand-helper
2159
2160# PRNGD TCP socket
2161AC_ARG_WITH(prngd-port,
2162 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2163 [
eb5d7ff6 2164 case "$withval" in
2165 no)
2166 withval=""
2167 ;;
2168 [[0-9]]*)
2169 ;;
2170 *)
2171 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2172 ;;
2173 esac
2174 if test ! -z "$withval" ; then
f1b0ecc3 2175 PRNGD_PORT="$withval"
3466e002 2176 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2177 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2178 fi
2179 ]
2180)
2181
2182# PRNGD Unix domain socket
2183AC_ARG_WITH(prngd-socket,
2184 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2185 [
eb5d7ff6 2186 case "$withval" in
2187 yes)
f1b0ecc3 2188 withval="/var/run/egd-pool"
eb5d7ff6 2189 ;;
2190 no)
2191 withval=""
2192 ;;
2193 /*)
2194 ;;
2195 *)
2196 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2197 ;;
2198 esac
2199
2200 if test ! -z "$withval" ; then
f1b0ecc3 2201 if test ! -z "$PRNGD_PORT" ; then
2202 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2203 fi
906e811b 2204 if test ! -r "$withval" ; then
f1b0ecc3 2205 AC_MSG_WARN(Entropy socket is not readable)
2206 fi
2207 PRNGD_SOCKET="$withval"
3466e002 2208 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2209 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2210 fi
ddceb1c8 2211 ],
2212 [
2213 # Check for existing socket only if we don't have a random device already
2214 if test "$USE_RAND_HELPER" = yes ; then
2215 AC_MSG_CHECKING(for PRNGD/EGD socket)
2216 # Insert other locations here
2217 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2218 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2219 PRNGD_SOCKET="$sock"
2220 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2221 break;
2222 fi
2223 done
2224 if test ! -z "$PRNGD_SOCKET" ; then
2225 AC_MSG_RESULT($PRNGD_SOCKET)
2226 else
2227 AC_MSG_RESULT(not found)
2228 fi
2229 fi
f1b0ecc3 2230 ]
2231)
2232
2233# Change default command timeout for hashing entropy source
2234entropy_timeout=200
2235AC_ARG_WITH(entropy-timeout,
2236 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2237 [
6cf0200f 2238 if test -n "$withval" && test "x$withval" != "xno" && \
2239 test "x${withval}" != "xyes"; then
f1b0ecc3 2240 entropy_timeout=$withval
2241 fi
82f4e93d 2242 ]
f1b0ecc3 2243)
3466e002 2244AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2245 [Builtin PRNG command timeout])
f1b0ecc3 2246
fd3cbf67 2247SSH_PRIVSEP_USER=sshd
9a0fbcb3 2248AC_ARG_WITH(privsep-user,
5222e7ef 2249 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2250 [
6cf0200f 2251 if test -n "$withval" && test "x$withval" != "xno" && \
2252 test "x${withval}" != "xyes"; then
fd3cbf67 2253 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2254 fi
82f4e93d 2255 ]
9a0fbcb3 2256)
3466e002 2257AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2258 [non-privileged user for privilege separation])
fd3cbf67 2259AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2260
81dadca3 2261# We do this little dance with the search path to insure
2262# that programs that we select for use by installed programs
2263# (which may be run by the super-user) come from trusted
2264# locations before they come from the user's private area.
2265# This should help avoid accidentally configuring some
2266# random version of a program in someone's personal bin.
2267
2268OPATH=$PATH
2269PATH=/bin:/usr/bin
f95c8ce8 2270test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2271test -d /sbin && PATH=$PATH:/sbin
2272test -d /usr/sbin && PATH=$PATH:/usr/sbin
2273PATH=$PATH:/etc:$OPATH
2274
aff51935 2275# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2276OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2277OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2278OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2279OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2280OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2281OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2282OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2283OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2284OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2285OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2286OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2287OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2288OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2289OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2290OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2291OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2292# restore PATH
2293PATH=$OPATH
f1b0ecc3 2294
2295# Where does ssh-rand-helper get its randomness from?
2296INSTALL_SSH_PRNG_CMDS=""
2297if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2298 if test ! -z "$PRNGD_PORT" ; then
2299 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2300 elif test ! -z "$PRNGD_SOCKET" ; then
2301 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2302 else
2303 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2304 RAND_HELPER_CMDHASH=yes
2305 INSTALL_SSH_PRNG_CMDS="yes"
2306 fi
2307fi
2308AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2309
2310
66d6c27e 2311# Cheap hack to ensure NEWS-OS libraries are arranged right.
2312if test ! -z "$SONY" ; then
2313 LIBS="$LIBS -liberty";
2314fi
2315
9a406e1e 2316# Check for long long datatypes
2317AC_CHECK_TYPES([long long, unsigned long long, long double])
2318
2319# Check datatype sizes
976f7e19 2320AC_CHECK_SIZEOF(char, 1)
2b942fe0 2321AC_CHECK_SIZEOF(short int, 2)
2322AC_CHECK_SIZEOF(int, 4)
2323AC_CHECK_SIZEOF(long int, 4)
2324AC_CHECK_SIZEOF(long long int, 8)
2325
52f1ccb2 2326# Sanity check long long for some platforms (AIX)
2327if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2328 ac_cv_sizeof_long_long_int=0
2329fi
2330
90f15776 2331# compute LLONG_MIN and LLONG_MAX if we don't know them.
2332if test -z "$have_llong_max"; then
2333 AC_MSG_CHECKING([for max value of long long])
2334 AC_RUN_IFELSE(
2335 [AC_LANG_SOURCE([[
2336#include <stdio.h>
2337/* Why is this so damn hard? */
2338#ifdef __GNUC__
2339# undef __GNUC__
2340#endif
2341#define __USE_ISOC99
2342#include <limits.h>
2343#define DATA "conftest.llminmax"
055252ed 2344#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2345
2346/*
2347 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2348 * we do this the hard way.
2349 */
2350static int
2351fprint_ll(FILE *f, long long n)
2352{
2353 unsigned int i;
2354 int l[sizeof(long long) * 8];
2355
2356 if (n < 0)
2357 if (fprintf(f, "-") < 0)
2358 return -1;
2359 for (i = 0; n != 0; i++) {
2360 l[i] = my_abs(n % 10);
2361 n /= 10;
2362 }
2363 do {
2364 if (fprintf(f, "%d", l[--i]) < 0)
2365 return -1;
2366 } while (i != 0);
2367 if (fprintf(f, " ") < 0)
2368 return -1;
2369 return 0;
2370}
2371
90f15776 2372int main(void) {
2373 FILE *f;
2374 long long i, llmin, llmax = 0;
2375
2376 if((f = fopen(DATA,"w")) == NULL)
2377 exit(1);
2378
2379#if defined(LLONG_MIN) && defined(LLONG_MAX)
2380 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2381 llmin = LLONG_MIN;
2382 llmax = LLONG_MAX;
2383#else
2384 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2385 /* This will work on one's complement and two's complement */
2386 for (i = 1; i > llmax; i <<= 1, i++)
2387 llmax = i;
2388 llmin = llmax + 1LL; /* wrap */
2389#endif
2390
2391 /* Sanity check */
2392 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2393 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2394 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2395 fprintf(f, "unknown unknown\n");
2396 exit(2);
2397 }
2398
055252ed 2399 if (fprint_ll(f, llmin) < 0)
90f15776 2400 exit(3);
055252ed 2401 if (fprint_ll(f, llmax) < 0)
2402 exit(4);
2403 if (fclose(f) < 0)
2404 exit(5);
90f15776 2405 exit(0);
2406}
2407 ]])],
2408 [
2409 llong_min=`$AWK '{print $1}' conftest.llminmax`
2410 llong_max=`$AWK '{print $2}' conftest.llminmax`
2411
90f15776 2412 AC_MSG_RESULT($llong_max)
2413 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2414 [max value of long long calculated by configure])
2415 AC_MSG_CHECKING([for min value of long long])
2416 AC_MSG_RESULT($llong_min)
2417 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2418 [min value of long long calculated by configure])
2419 ],
2420 [
2421 AC_MSG_RESULT(not found)
2422 ],
2423 [
2424 AC_MSG_WARN([cross compiling: not checking])
2425 ]
2426 )
2427fi
2428
2429
a0391976 2430# More checks for data types
14a9a859 2431AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2432 AC_TRY_COMPILE(
aff51935 2433 [ #include <sys/types.h> ],
2434 [ u_int a; a = 1;],
14a9a859 2435 [ ac_cv_have_u_int="yes" ],
2436 [ ac_cv_have_u_int="no" ]
2437 )
2438])
2439if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2440 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2441 have_u_int=1
2442fi
2443
58d100bf 2444AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2445 AC_TRY_COMPILE(
aff51935 2446 [ #include <sys/types.h> ],
2447 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2448 [ ac_cv_have_intxx_t="yes" ],
2449 [ ac_cv_have_intxx_t="no" ]
2450 )
2451])
2452if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2453 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2454 have_intxx_t=1
2455fi
41cb4569 2456
2457if (test -z "$have_intxx_t" && \
aff51935 2458 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2459then
2460 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2461 AC_TRY_COMPILE(
aff51935 2462 [ #include <stdint.h> ],
2463 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2464 [
2465 AC_DEFINE(HAVE_INTXX_T)
2466 AC_MSG_RESULT(yes)
2467 ],
2468 [ AC_MSG_RESULT(no) ]
2469 )
2470fi
2471
bd590612 2472AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2473 AC_TRY_COMPILE(
1cbbe6c8 2474 [
2475#include <sys/types.h>
2476#ifdef HAVE_STDINT_H
2477# include <stdint.h>
2478#endif
2479#include <sys/socket.h>
2480#ifdef HAVE_SYS_BITYPES_H
2481# include <sys/bitypes.h>
2482#endif
aff51935 2483 ],
2484 [ int64_t a; a = 1;],
bd590612 2485 [ ac_cv_have_int64_t="yes" ],
2486 [ ac_cv_have_int64_t="no" ]
2487 )
2488])
2489if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2490 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2491fi
2492
58d100bf 2493AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2494 AC_TRY_COMPILE(
aff51935 2495 [ #include <sys/types.h> ],
2496 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2497 [ ac_cv_have_u_intxx_t="yes" ],
2498 [ ac_cv_have_u_intxx_t="no" ]
2499 )
2500])
2501if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2502 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2503 have_u_intxx_t=1
2504fi
2b942fe0 2505
41cb4569 2506if test -z "$have_u_intxx_t" ; then
2507 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2508 AC_TRY_COMPILE(
aff51935 2509 [ #include <sys/socket.h> ],
2510 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2511 [
2512 AC_DEFINE(HAVE_U_INTXX_T)
2513 AC_MSG_RESULT(yes)
2514 ],
2515 [ AC_MSG_RESULT(no) ]
2516 )
2517fi
2518
bd590612 2519AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2520 AC_TRY_COMPILE(
aff51935 2521 [ #include <sys/types.h> ],
2522 [ u_int64_t a; a = 1;],
bd590612 2523 [ ac_cv_have_u_int64_t="yes" ],
2524 [ ac_cv_have_u_int64_t="no" ]
2525 )
2526])
2527if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2528 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2529 have_u_int64_t=1
2530fi
2531
ddceb1c8 2532if test -z "$have_u_int64_t" ; then
2533 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2534 AC_TRY_COMPILE(
aff51935 2535 [ #include <sys/bitypes.h> ],
ddceb1c8 2536 [ u_int64_t a; a = 1],
2537 [
2538 AC_DEFINE(HAVE_U_INT64_T)
2539 AC_MSG_RESULT(yes)
2540 ],
2541 [ AC_MSG_RESULT(no) ]
2542 )
2543fi
2544
41cb4569 2545if test -z "$have_u_intxx_t" ; then
2546 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2547 AC_TRY_COMPILE(
2548 [
2549#include <sys/types.h>
aff51935 2550 ],
2551 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2552 [ ac_cv_have_uintxx_t="yes" ],
2553 [ ac_cv_have_uintxx_t="no" ]
2554 )
2555 ])
2556 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2557 AC_DEFINE(HAVE_UINTXX_T, 1,
2558 [define if you have uintxx_t data type])
41cb4569 2559 fi
2560fi
2561
2562if test -z "$have_uintxx_t" ; then
2563 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2564 AC_TRY_COMPILE(
aff51935 2565 [ #include <stdint.h> ],
2566 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2567 [
2568 AC_DEFINE(HAVE_UINTXX_T)
2569 AC_MSG_RESULT(yes)
2570 ],
2571 [ AC_MSG_RESULT(no) ]
2572 )
2573fi
2574
e5fe9a1f 2575if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2576 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2577then
2578 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2579 AC_TRY_COMPILE(
58d100bf 2580 [
2581#include <sys/bitypes.h>
aff51935 2582 ],
5cdfe03f 2583 [
837c30b8 2584 int8_t a; int16_t b; int32_t c;
2585 u_int8_t e; u_int16_t f; u_int32_t g;
2586 a = b = c = e = f = g = 1;
aff51935 2587 ],
5cdfe03f 2588 [
2589 AC_DEFINE(HAVE_U_INTXX_T)
2590 AC_DEFINE(HAVE_INTXX_T)
2591 AC_MSG_RESULT(yes)
2592 ],
2593 [AC_MSG_RESULT(no)]
aff51935 2594 )
5cdfe03f 2595fi
2596
0362750e 2597
2598AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2599 AC_TRY_COMPILE(
2600 [
2601#include <sys/types.h>
2602 ],
2603 [ u_char foo; foo = 125; ],
2604 [ ac_cv_have_u_char="yes" ],
2605 [ ac_cv_have_u_char="no" ]
2606 )
2607])
2608if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2609 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2610fi
2611
98a7c37b 2612TYPE_SOCKLEN_T
2b942fe0 2613
2d16d9a3 2614AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2615
777ece68 2616AC_CHECK_TYPES(in_addr_t,,,
2617[#include <sys/types.h>
2618#include <netinet/in.h>])
7b578f7d 2619
58d100bf 2620AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2621 AC_TRY_COMPILE(
2622 [
18ba2aab 2623#include <sys/types.h>
58d100bf 2624 ],
2625 [ size_t foo; foo = 1235; ],
2626 [ ac_cv_have_size_t="yes" ],
2627 [ ac_cv_have_size_t="no" ]
2628 )
2629])
2630if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2631 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2632fi
ea1970a3 2633
c04f75f1 2634AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2635 AC_TRY_COMPILE(
2636 [
2637#include <sys/types.h>
2638 ],
2639 [ ssize_t foo; foo = 1235; ],
2640 [ ac_cv_have_ssize_t="yes" ],
2641 [ ac_cv_have_ssize_t="no" ]
2642 )
2643])
2644if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2645 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2646fi
2647
f1c4659d 2648AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2649 AC_TRY_COMPILE(
2650 [
2651#include <time.h>
2652 ],
2653 [ clock_t foo; foo = 1235; ],
2654 [ ac_cv_have_clock_t="yes" ],
2655 [ ac_cv_have_clock_t="no" ]
2656 )
2657])
2658if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2659 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2660fi
2661
1c04b088 2662AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2663 AC_TRY_COMPILE(
2664 [
2665#include <sys/types.h>
2666#include <sys/socket.h>
2667 ],
2668 [ sa_family_t foo; foo = 1235; ],
2669 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2670 [ AC_TRY_COMPILE(
2671 [
2672#include <sys/types.h>
2673#include <sys/socket.h>
2674#include <netinet/in.h>
2675 ],
2676 [ sa_family_t foo; foo = 1235; ],
2677 [ ac_cv_have_sa_family_t="yes" ],
2678
1c04b088 2679 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2680 )]
1c04b088 2681 )
2682])
2683if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2684 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2685 [define if you have sa_family_t data type])
1c04b088 2686fi
2687
729bfe59 2688AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2689 AC_TRY_COMPILE(
2690 [
2691#include <sys/types.h>
2692 ],
2693 [ pid_t foo; foo = 1235; ],
2694 [ ac_cv_have_pid_t="yes" ],
2695 [ ac_cv_have_pid_t="no" ]
2696 )
2697])
2698if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2699 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2700fi
2701
2702AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2703 AC_TRY_COMPILE(
2704 [
2705#include <sys/types.h>
2706 ],
2707 [ mode_t foo; foo = 1235; ],
2708 [ ac_cv_have_mode_t="yes" ],
2709 [ ac_cv_have_mode_t="no" ]
2710 )
2711])
2712if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2713 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2714fi
2715
e3a93db0 2716
58d100bf 2717AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2718 AC_TRY_COMPILE(
2719 [
18ba2aab 2720#include <sys/types.h>
2721#include <sys/socket.h>
58d100bf 2722 ],
2723 [ struct sockaddr_storage s; ],
2724 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2725 [ ac_cv_have_struct_sockaddr_storage="no" ]
2726 )
2727])
2728if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2729 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2730 [define if you have struct sockaddr_storage data type])
58d100bf 2731fi
48e671d5 2732
58d100bf 2733AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2734 AC_TRY_COMPILE(
2735 [
cbd7492e 2736#include <sys/types.h>
58d100bf 2737#include <netinet/in.h>
2738 ],
2739 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2740 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2741 [ ac_cv_have_struct_sockaddr_in6="no" ]
2742 )
2743])
2744if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2745 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2746 [define if you have struct sockaddr_in6 data type])
58d100bf 2747fi
48e671d5 2748
58d100bf 2749AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2750 AC_TRY_COMPILE(
2751 [
cbd7492e 2752#include <sys/types.h>
58d100bf 2753#include <netinet/in.h>
2754 ],
2755 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2756 [ ac_cv_have_struct_in6_addr="yes" ],
2757 [ ac_cv_have_struct_in6_addr="no" ]
2758 )
2759])
2760if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2761 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2762 [define if you have struct in6_addr data type])
58d100bf 2763fi
48e671d5 2764
58d100bf 2765AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2766 AC_TRY_COMPILE(
2767 [
18ba2aab 2768#include <sys/types.h>
2769#include <sys/socket.h>
2770#include <netdb.h>
58d100bf 2771 ],
2772 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2773 [ ac_cv_have_struct_addrinfo="yes" ],
2774 [ ac_cv_have_struct_addrinfo="no" ]
2775 )
2776])
2777if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2778 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2779 [define if you have struct addrinfo data type])
58d100bf 2780fi
2781
89c7e31c 2782AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2783 AC_TRY_COMPILE(
aff51935 2784 [ #include <sys/time.h> ],
2785 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2786 [ ac_cv_have_struct_timeval="yes" ],
2787 [ ac_cv_have_struct_timeval="no" ]
2788 )
2789])
2790if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2791 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2792 have_struct_timeval=1
2793fi
2794
5271b55c 2795AC_CHECK_TYPES(struct timespec)
2796
85abc74b 2797# We need int64_t or else certian parts of the compile will fail.
4b492aab 2798if test "x$ac_cv_have_int64_t" = "xno" && \
2799 test "x$ac_cv_sizeof_long_int" != "x8" && \
2800 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2801 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2802 echo "an alternative compiler (I.E., GCC) before continuing."
2803 echo ""
2804 exit 1;
733cf7f4 2805else
2806dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2807 AC_RUN_IFELSE(
479cece8 2808 [AC_LANG_SOURCE([[
733cf7f4 2809#include <stdio.h>
2810#include <string.h>
2811#ifdef HAVE_SNPRINTF
2812main()
2813{
2814 char buf[50];
2815 char expected_out[50];
2816 int mazsize = 50 ;
2817#if (SIZEOF_LONG_INT == 8)
2818 long int num = 0x7fffffffffffffff;
2819#else
763a1a18 2820 long long num = 0x7fffffffffffffffll;
733cf7f4 2821#endif
2822 strcpy(expected_out, "9223372036854775807");
2823 snprintf(buf, mazsize, "%lld", num);
2824 if(strcmp(buf, expected_out) != 0)
aff51935 2825 exit(1);
733cf7f4 2826 exit(0);
2827}
2828#else
2829main() { exit(0); }
2830#endif
479cece8 2831 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2832 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2833 )
2c523de9 2834fi
2835
77bb0bca 2836dnl Checks for structure members
58d100bf 2837OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2838OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2839OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2840OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2841OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2842OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2843OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2844OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2845OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2846OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2847OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2848OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2849OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2850OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2851OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2852OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2853OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2854
2855AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2856AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2857 [Define if we don't have struct __res_state in resolv.h])],
2858[
2859#include <stdio.h>
2860#if HAVE_SYS_TYPES_H
2861# include <sys/types.h>
2862#endif
2863#include <netinet/in.h>
2864#include <arpa/nameser.h>
2865#include <resolv.h>
2866])
1d7b9b20 2867
58d100bf 2868AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2869 ac_cv_have_ss_family_in_struct_ss, [
2870 AC_TRY_COMPILE(
2871 [
18ba2aab 2872#include <sys/types.h>
2873#include <sys/socket.h>
58d100bf 2874 ],
2875 [ struct sockaddr_storage s; s.ss_family = 1; ],
2876 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2877 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2878 )
2879])
2880if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2881 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2882fi
2883
58d100bf 2884AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2885 ac_cv_have___ss_family_in_struct_ss, [
2886 AC_TRY_COMPILE(
2887 [
18ba2aab 2888#include <sys/types.h>
2889#include <sys/socket.h>
58d100bf 2890 ],
2891 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2892 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2893 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2894 )
2895])
2896if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2897 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2898 [Fields in struct sockaddr_storage])
58d100bf 2899fi
2900
2e73a022 2901AC_CACHE_CHECK([for pw_class field in struct passwd],
2902 ac_cv_have_pw_class_in_struct_passwd, [
2903 AC_TRY_COMPILE(
2904 [
2e73a022 2905#include <pwd.h>
2906 ],
97994d32 2907 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2908 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2909 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2910 )
2911])
2912if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2913 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2914 [Define if your password has a pw_class field])
2e73a022 2915fi
2916
7751d4eb 2917AC_CACHE_CHECK([for pw_expire field in struct passwd],
2918 ac_cv_have_pw_expire_in_struct_passwd, [
2919 AC_TRY_COMPILE(
2920 [
2921#include <pwd.h>
2922 ],
2923 [ struct passwd p; p.pw_expire = 0; ],
2924 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2925 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2926 )
2927])
2928if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2929 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2930 [Define if your password has a pw_expire field])
7751d4eb 2931fi
2932
2933AC_CACHE_CHECK([for pw_change field in struct passwd],
2934 ac_cv_have_pw_change_in_struct_passwd, [
2935 AC_TRY_COMPILE(
2936 [
2937#include <pwd.h>
2938 ],
2939 [ struct passwd p; p.pw_change = 0; ],
2940 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2941 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2942 )
2943])
2944if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2945 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2946 [Define if your password has a pw_change field])
7751d4eb 2947fi
58d100bf 2948
637f9177 2949dnl make sure we're using the real structure members and not defines
6f34652e 2950AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2951 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2952 AC_COMPILE_IFELSE(
6f34652e 2953 [
f95c8ce8 2954#include <sys/types.h>
6f34652e 2955#include <sys/socket.h>
2956#include <sys/uio.h>
637f9177 2957int main() {
2958#ifdef msg_accrights
1a01a50c 2959#error "msg_accrights is a macro"
637f9177 2960exit(1);
2961#endif
2962struct msghdr m;
2963m.msg_accrights = 0;
2964exit(0);
2965}
6f34652e 2966 ],
6f34652e 2967 [ ac_cv_have_accrights_in_msghdr="yes" ],
2968 [ ac_cv_have_accrights_in_msghdr="no" ]
2969 )
2970])
2971if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2972 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2973 [Define if your system uses access rights style
2974 file descriptor passing])
6f34652e 2975fi
2976
7176df4f 2977AC_CACHE_CHECK([for msg_control field in struct msghdr],
2978 ac_cv_have_control_in_msghdr, [
1a01a50c 2979 AC_COMPILE_IFELSE(
7176df4f 2980 [
f95c8ce8 2981#include <sys/types.h>
7176df4f 2982#include <sys/socket.h>
2983#include <sys/uio.h>
637f9177 2984int main() {
2985#ifdef msg_control
1a01a50c 2986#error "msg_control is a macro"
637f9177 2987exit(1);
2988#endif
2989struct msghdr m;
2990m.msg_control = 0;
2991exit(0);
2992}
7176df4f 2993 ],
7176df4f 2994 [ ac_cv_have_control_in_msghdr="yes" ],
2995 [ ac_cv_have_control_in_msghdr="no" ]
2996 )
2997])
2998if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2999 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3000 [Define if your system uses ancillary data style
3001 file descriptor passing])
7176df4f 3002fi
3003
58d100bf 3004AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3005 AC_TRY_LINK([],
3006 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3007 [ ac_cv_libc_defines___progname="yes" ],
3008 [ ac_cv_libc_defines___progname="no" ]
3009 )
3010])
3011if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3012 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3013fi
8946db53 3014
c921ee00 3015AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3016 AC_TRY_LINK([
3017#include <stdio.h>
aff51935 3018],
3019 [ printf("%s", __FUNCTION__); ],
c921ee00 3020 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3021 [ ac_cv_cc_implements___FUNCTION__="no" ]
3022 )
3023])
3024if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3025 AC_DEFINE(HAVE___FUNCTION__, 1,
3026 [Define if compiler implements __FUNCTION__])
c921ee00 3027fi
3028
3029AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3030 AC_TRY_LINK([
3031#include <stdio.h>
aff51935 3032],
3033 [ printf("%s", __func__); ],
c921ee00 3034 [ ac_cv_cc_implements___func__="yes" ],
3035 [ ac_cv_cc_implements___func__="no" ]
3036 )
3037])
3038if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3039 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3040fi
3041
9a406e1e 3042AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3043 AC_TRY_LINK(
3044 [#include <stdarg.h>
3045 va_list x,y;],
3046 [va_copy(x,y);],
3047 [ ac_cv_have_va_copy="yes" ],
3048 [ ac_cv_have_va_copy="no" ]
3049 )
3050])
3051if test "x$ac_cv_have_va_copy" = "xyes" ; then
3052 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3053fi
3054
3055AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3056 AC_TRY_LINK(
3057 [#include <stdarg.h>
3058 va_list x,y;],
3059 [__va_copy(x,y);],
3060 [ ac_cv_have___va_copy="yes" ],
3061 [ ac_cv_have___va_copy="no" ]
3062 )
3063])
3064if test "x$ac_cv_have___va_copy" = "xyes" ; then
3065 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3066fi
3067
1812a662 3068AC_CACHE_CHECK([whether getopt has optreset support],
3069 ac_cv_have_getopt_optreset, [
3070 AC_TRY_LINK(
3071 [
3072#include <getopt.h>
3073 ],
3074 [ extern int optreset; optreset = 0; ],
3075 [ ac_cv_have_getopt_optreset="yes" ],
3076 [ ac_cv_have_getopt_optreset="no" ]
3077 )
3078])
3079if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3080 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3081 [Define if your getopt(3) defines and uses optreset])
1812a662 3082fi
a0391976 3083
819b676f 3084AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3085 AC_TRY_LINK([],
3086 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3087 [ ac_cv_libc_defines_sys_errlist="yes" ],
3088 [ ac_cv_libc_defines_sys_errlist="no" ]
3089 )
3090])
3091if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3092 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3093 [Define if your system defines sys_errlist[]])
819b676f 3094fi
3095
3096
416ed5a7 3097AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3098 AC_TRY_LINK([],
3099 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3100 [ ac_cv_libc_defines_sys_nerr="yes" ],
3101 [ ac_cv_libc_defines_sys_nerr="no" ]
3102 )
3103])
3104if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3105 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3106fi
3107
aff51935 3108SCARD_MSG="no"
295c8801 3109# Check whether user wants sectok support
3110AC_ARG_WITH(sectok,
3111 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3112 [
3113 if test "x$withval" != "xno" ; then
3114 if test "x$withval" != "xyes" ; then
3115 CPPFLAGS="$CPPFLAGS -I${withval}"
3116 LDFLAGS="$LDFLAGS -L${withval}"
3117 if test ! -z "$need_dash_r" ; then
3118 LDFLAGS="$LDFLAGS -R${withval}"
3119 fi
3120 if test ! -z "$blibpath" ; then
3121 blibpath="$blibpath:${withval}"
3122 fi
3123 fi
3124 AC_CHECK_HEADERS(sectok.h)
3125 if test "$ac_cv_header_sectok_h" != yes; then
3126 AC_MSG_ERROR(Can't find sectok.h)
3127 fi
3128 AC_CHECK_LIB(sectok, sectok_open)
3129 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3130 AC_MSG_ERROR(Can't find libsectok)
3131 fi
3466e002 3132 AC_DEFINE(SMARTCARD, 1,
3133 [Define if you want smartcard support])
3134 AC_DEFINE(USE_SECTOK, 1,
3135 [Define if you want smartcard support
3136 using sectok])
aff51935 3137 SCARD_MSG="yes, using sectok"
295c8801 3138 fi
3139 ]
3140)
3141
3142# Check whether user wants OpenSC support
987b458f 3143OPENSC_CONFIG="no"
295c8801 3144AC_ARG_WITH(opensc,
e47fb473 3145 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3146 [
3147 if test "x$withval" != "xno" ; then
3148 if test "x$withval" != "xyes" ; then
3149 OPENSC_CONFIG=$withval/bin/opensc-config
3150 else
3151 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3152 fi
3153 if test "$OPENSC_CONFIG" != "no"; then
3154 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3155 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3156 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3157 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3158 AC_DEFINE(SMARTCARD)
3466e002 3159 AC_DEFINE(USE_OPENSC, 1,
3160 [Define if you want smartcard support
3161 using OpenSC])
987b458f 3162 SCARD_MSG="yes, using OpenSC"
3163 fi
3164 fi
3165 ]
3166)
d0b19c95 3167
c31dc31c 3168# Check libraries needed by DNS fingerprint support
aff51935 3169AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3170 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3171 [Define if getrrsetbyname() exists])],
3e05e934 3172 [
c31dc31c 3173 # Needed by our getrrsetbyname()
3174 AC_SEARCH_LIBS(res_query, resolv)
3175 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3176 AC_MSG_CHECKING(if res_query will link)
3177 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3178 [AC_MSG_RESULT(no)
3179 saved_LIBS="$LIBS"
3180 LIBS="$LIBS -lresolv"
3181 AC_MSG_CHECKING(for res_query in -lresolv)
3182 AC_LINK_IFELSE([
3183#include <resolv.h>
3184int main()
3185{
3186 res_query (0, 0, 0, 0, 0);
3187 return 0;
3188}
3189 ],
3190 [LIBS="$LIBS -lresolv"
3191 AC_MSG_RESULT(yes)],
3192 [LIBS="$saved_LIBS"
3193 AC_MSG_RESULT(no)])
3194 ])
c31dc31c 3195 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3196 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3197 [#include <sys/types.h>
3198 #include <arpa/nameser.h>])
c31dc31c 3199 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3200 [AC_DEFINE(HAVE_HEADER_AD, 1,
3201 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3202 [#include <arpa/nameser.h>])
3203 ])
3e05e934 3204
560acf80 3205AC_MSG_CHECKING(if struct __res_state _res is an extern)
3206AC_LINK_IFELSE([
3207#include <stdio.h>
3208#if HAVE_SYS_TYPES_H
3209# include <sys/types.h>
3210#endif
3211#include <netinet/in.h>
3212#include <arpa/nameser.h>
3213#include <resolv.h>
3214extern struct __res_state _res;
3215int main() { return 0; }
3216 ],
3217 [AC_MSG_RESULT(yes)
3218 AC_DEFINE(HAVE__RES_EXTERN, 1,
3219 [Define if you have struct __res_state _res as an extern])
3220 ],
3221 [ AC_MSG_RESULT(no) ]
3222)
3223
ef4d1846 3224# Check whether user wants SELinux support
3225SELINUX_MSG="no"
3226LIBSELINUX=""
3227AC_ARG_WITH(selinux,
3228 [ --with-selinux Enable SELinux support],
3229 [ if test "x$withval" != "xno" ; then
e54defb4 3230 save_LIBS="$LIBS"
ef4d1846 3231 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3232 SELINUX_MSG="yes"
3233 AC_CHECK_HEADER([selinux/selinux.h], ,
3234 AC_MSG_ERROR(SELinux support requires selinux.h header))
3235 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3236 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3237 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3238 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3239 LIBS="$save_LIBS"
ef4d1846 3240 fi ]
3241)
ef4d1846 3242
12928e80 3243# Check whether user wants Kerberos 5 support
aff51935 3244KRB5_MSG="no"
12928e80 3245AC_ARG_WITH(kerberos5,
aff51935 3246 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3247 [ if test "x$withval" != "xno" ; then
3248 if test "x$withval" = "xyes" ; then
3249 KRB5ROOT="/usr/local"
3250 else
3251 KRB5ROOT=${withval}
3252 fi
3253
3466e002 3254 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3255 KRB5_MSG="yes"
3256
3257 AC_MSG_CHECKING(for krb5-config)
3258 if test -x $KRB5ROOT/bin/krb5-config ; then
3259 KRB5CONF=$KRB5ROOT/bin/krb5-config
3260 AC_MSG_RESULT($KRB5CONF)
3261
3262 AC_MSG_CHECKING(for gssapi support)
3263 if $KRB5CONF | grep gssapi >/dev/null ; then
3264 AC_MSG_RESULT(yes)
3466e002 3265 AC_DEFINE(GSSAPI, 1,
3266 [Define this if you want GSSAPI
3267 support in the version 2 protocol])
071970fb 3268 k5confopts=gssapi
aff51935 3269 else
5585c441 3270 AC_MSG_RESULT(no)
071970fb 3271 k5confopts=""
aff51935 3272 fi
071970fb 3273 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3274 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3275 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3276 AC_MSG_CHECKING(whether we are using Heimdal)
3277 AC_TRY_COMPILE([ #include <krb5.h> ],
3278 [ char *tmp = heimdal_version; ],
3279 [ AC_MSG_RESULT(yes)
3466e002 3280 AC_DEFINE(HEIMDAL, 1,
3281 [Define this if you are using the
3282 Heimdal version of Kerberos V5]) ],
5585c441 3283 AC_MSG_RESULT(no)
3284 )
3285 else
3286 AC_MSG_RESULT(no)
12928e80 3287 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3288 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3289 AC_MSG_CHECKING(whether we are using Heimdal)
3290 AC_TRY_COMPILE([ #include <krb5.h> ],
3291 [ char *tmp = heimdal_version; ],
3292 [ AC_MSG_RESULT(yes)
3293 AC_DEFINE(HEIMDAL)
41707f74 3294 K5LIBS="-lkrb5 -ldes"
3295 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3296 AC_CHECK_LIB(roken, net_write,
41707f74 3297 [K5LIBS="$K5LIBS -lroken"])
aff51935 3298 ],
3299 [ AC_MSG_RESULT(no)
3300 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3301 ]
3302 )
4e00038c 3303 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3304
749560dd 3305 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3306 [ AC_DEFINE(GSSAPI)
3307 K5LIBS="-lgssapi $K5LIBS" ],
3308 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3309 [ AC_DEFINE(GSSAPI)
aff51935 3310 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3311 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3312 $K5LIBS)
3313 ],
3314 $K5LIBS)
82f4e93d 3315
749560dd 3316 AC_CHECK_HEADER(gssapi.h, ,
3317 [ unset ac_cv_header_gssapi_h
aff51935 3318 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3319 AC_CHECK_HEADERS(gssapi.h, ,
3320 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3321 )
749560dd 3322 ]
3323 )
3324
3325 oldCPP="$CPPFLAGS"
3326 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3327 AC_CHECK_HEADER(gssapi_krb5.h, ,
3328 [ CPPFLAGS="$oldCPP" ])
3329
aff51935 3330 fi
5585c441 3331 if test ! -z "$need_dash_r" ; then
3332 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3333 fi
3334 if test ! -z "$blibpath" ; then
3335 blibpath="$blibpath:${KRB5ROOT}/lib"
3336 fi
071970fb 3337
f5555364 3338 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3339 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3340 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3341
f5555364 3342 LIBS="$LIBS $K5LIBS"
3466e002 3343 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3344 [Define this if you want to use libkafs' AFS support]))
f5555364 3345 fi
071970fb 3346 ]
12928e80 3347)
b5b68128 3348
a0391976 3349# Looking for programs, paths and files
a0391976 3350
ecac8ee5 3351PRIVSEP_PATH=/var/empty
3352AC_ARG_WITH(privsep-path,
cda1ebcb 3353 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3354 [
6cf0200f 3355 if test -n "$withval" && test "x$withval" != "xno" && \
3356 test "x${withval}" != "xyes"; then
ecac8ee5 3357 PRIVSEP_PATH=$withval
3358 fi
3359 ]
3360)
3361AC_SUBST(PRIVSEP_PATH)
3362
a0391976 3363AC_ARG_WITH(xauth,
3364 [ --with-xauth=PATH Specify path to xauth program ],
3365 [
6cf0200f 3366 if test -n "$withval" && test "x$withval" != "xno" && \
3367 test "x${withval}" != "xyes"; then
cbd7492e 3368 xauth_path=$withval
a0391976 3369 fi
3370 ],
3371 [
2bf42e4a 3372 TestPath="$PATH"
3373 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3374 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3375 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3376 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3377 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3378 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3379 xauth_path="/usr/openwin/bin/xauth"
3380 fi
3381 ]
3382)
3383
65a4b4af 3384STRIP_OPT=-s
3385AC_ARG_ENABLE(strip,
3386 [ --disable-strip Disable calling strip(1) on install],
3387 [
3388 if test "x$enableval" = "xno" ; then
3389 STRIP_OPT=
3390 fi
3391 ]
3392)
3393AC_SUBST(STRIP_OPT)
3394
b3ec54b4 3395if test -z "$xauth_path" ; then
3396 XAUTH_PATH="undefined"
3397 AC_SUBST(XAUTH_PATH)
3398else
3466e002 3399 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3400 [Define if xauth is found in your path])
b3ec54b4 3401 XAUTH_PATH=$xauth_path
3402 AC_SUBST(XAUTH_PATH)
a0391976 3403fi
a0391976 3404
3405# Check for mail directory (last resort if we cannot get it from headers)
3406if test ! -z "$MAIL" ; then
3407 maildir=`dirname $MAIL`
3466e002 3408 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3409 [Set this to your mail directory if you don't have maillock.h])
a0391976 3410fi
3411
479cece8 3412if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3413 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3414 disable_ptmx_check=yes
3415fi
a0391976 3416if test -z "$no_dev_ptmx" ; then
6e879cb4 3417 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3418 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3419 [
3466e002 3420 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3421 [Define if you have /dev/ptmx])
6e879cb4 3422 have_dev_ptmx=1
3423 ]
3424 )
3425 fi
3276571c 3426fi
1a01a50c 3427
479cece8 3428if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3429 AC_CHECK_FILE("/dev/ptc",
3430 [
3466e002 3431 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3432 [Define if you have /dev/ptc])
1a01a50c 3433 have_dev_ptc=1
3434 ]
3435 )
3436else
3437 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3438fi
3276571c 3439
a0391976 3440# Options from here on. Some of these are preset by platform above
fdf6b7aa 3441AC_ARG_WITH(mantype,
5d97cfbf 3442 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3443 [
5d97cfbf 3444 case "$withval" in
3445 man|cat|doc)
3446 MANTYPE=$withval
3447 ;;
3448 *)
3449 AC_MSG_ERROR(invalid man type: $withval)
3450 ;;
3451 esac
c54a6257 3452 ]
3453)
e0c4d3ac 3454if test -z "$MANTYPE"; then
2bf42e4a 3455 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3456 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3457 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3458 MANTYPE=doc
3459 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3460 MANTYPE=man
3461 else
3462 MANTYPE=cat
3463 fi
3464fi
c54a6257 3465AC_SUBST(MANTYPE)
e0c4d3ac 3466if test "$MANTYPE" = "doc"; then
3467 mansubdir=man;
3468else
3469 mansubdir=$MANTYPE;
3470fi
3471AC_SUBST(mansubdir)
0bc5b6fb 3472
a0391976 3473# Check whether to enable MD5 passwords
aff51935 3474MD5_MSG="no"
2ddcfdf3 3475AC_ARG_WITH(md5-passwords,
caf3bc51 3476 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3477 [
bcf36c78 3478 if test "x$withval" != "xno" ; then
3466e002 3479 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3480 [Define if you want to allow MD5 passwords])
aff51935 3481 MD5_MSG="yes"
0bc5b6fb 3482 fi
3483 ]
caf3bc51 3484)
3485
a0391976 3486# Whether to disable shadow password support
a7effaac 3487AC_ARG_WITH(shadow,
3488 [ --without-shadow Disable shadow password support],
3489 [
82f4e93d 3490 if test "x$withval" = "xno" ; then
a7effaac 3491 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3492 disable_shadow=yes
a7effaac 3493 fi
3494 ]
3495)
3496
4cb5ffa0 3497if test -z "$disable_shadow" ; then
3498 AC_MSG_CHECKING([if the systems has expire shadow information])
3499 AC_TRY_COMPILE(
3500 [
3501#include <sys/types.h>
3502#include <shadow.h>
3503 struct spwd sp;
3504 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3505 [ sp_expire_available=yes ], []
3506 )
3507
3508 if test "x$sp_expire_available" = "xyes" ; then
3509 AC_MSG_RESULT(yes)
3466e002 3510 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3511 [Define if you want to use shadow password expire field])
4cb5ffa0 3512 else
3513 AC_MSG_RESULT(no)
3514 fi
3515fi
3516
a0391976 3517# Use ip address instead of hostname in $DISPLAY
44839801 3518if test ! -z "$IPADDR_IN_DISPLAY" ; then
3519 DISPLAY_HACK_MSG="yes"
3466e002 3520 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3521 [Define if you need to use IP address
3522 instead of hostname in $DISPLAY])
44839801 3523else
aff51935 3524 DISPLAY_HACK_MSG="no"
44839801 3525 AC_ARG_WITH(ipaddr-display,
3526 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3527 [
82f4e93d 3528 if test "x$withval" != "xno" ; then
44839801 3529 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3530 DISPLAY_HACK_MSG="yes"
44839801 3531 fi
3532 ]
3533 )
3534fi
a7effaac 3535
95b99395 3536# check for /etc/default/login and use it if present.
daa41e62 3537AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3538 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3539 [ if test "x$enableval" = "xno"; then
3540 AC_MSG_NOTICE([/etc/default/login handling disabled])
3541 etc_default_login=no
3542 else
3543 etc_default_login=yes
3544 fi ],
b0e7249f 3545 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3546 then
3547 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3548 etc_default_login=no
3549 else
3550 etc_default_login=yes
3551 fi ]
694d0cef 3552)
95b99395 3553
694d0cef 3554if test "x$etc_default_login" != "xno"; then
3555 AC_CHECK_FILE("/etc/default/login",
3556 [ external_path_file=/etc/default/login ])
b0e7249f 3557 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3558 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3559 [Define if your system has /etc/default/login])
1a01a50c 3560 fi
694d0cef 3561fi
95b99395 3562
8d184c09 3563dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3564if test $ac_cv_func_login_getcapbool = "yes" && \
3565 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3566 external_path_file=/etc/login.conf
8d184c09 3567fi
95b99395 3568
a0391976 3569# Whether to mess with the default path
aff51935 3570SERVER_PATH_MSG="(default)"
c43d69a9 3571AC_ARG_WITH(default-path,
75817f90 3572 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3573 [
95b99395 3574 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3575 AC_MSG_WARN([
3576--with-default-path=PATH has no effect on this system.
3577Edit /etc/login.conf instead.])
82f4e93d 3578 elif test "x$withval" != "xno" ; then
89bbd457 3579 if test ! -z "$external_path_file" ; then
95b99395 3580 AC_MSG_WARN([
3581--with-default-path=PATH will only be used if PATH is not defined in
3582$external_path_file .])
3583 fi
b2d818e6 3584 user_path="$withval"
aff51935 3585 SERVER_PATH_MSG="$withval"
cb807f40 3586 fi
b2d818e6 3587 ],
95b99395 3588 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3589 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3590 else
89bbd457 3591 if test ! -z "$external_path_file" ; then
95b99395 3592 AC_MSG_WARN([
3593If PATH is defined in $external_path_file, ensure the path to scp is included,
3594otherwise scp will not work.])
3595 fi
b0e7249f 3596 AC_RUN_IFELSE(
3597 [AC_LANG_SOURCE([[
b2d818e6 3598/* find out what STDPATH is */
3599#include <stdio.h>
b2d818e6 3600#ifdef HAVE_PATHS_H
3601# include <paths.h>
3602#endif
3603#ifndef _PATH_STDPATH
d9a4e55b 3604# ifdef _PATH_USERPATH /* Irix */
3605# define _PATH_STDPATH _PATH_USERPATH
3606# else
3607# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3608# endif
b2d818e6 3609#endif
3610#include <sys/types.h>
3611#include <sys/stat.h>
3612#include <fcntl.h>
3613#define DATA "conftest.stdpath"
3614
3615main()
3616{
3617 FILE *fd;
3618 int rc;
82f4e93d 3619
b2d818e6 3620 fd = fopen(DATA,"w");
3621 if(fd == NULL)
3622 exit(1);
82f4e93d 3623
b2d818e6 3624 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3625 exit(1);
3626
3627 exit(0);
3628}
b0e7249f 3629 ]])],
3630 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3631 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3632 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3633 )
3634# make sure $bindir is in USER_PATH so scp will work
3635 t_bindir=`eval echo ${bindir}`
3636 case $t_bindir in
3637 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3638 esac
3639 case $t_bindir in
3640 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3641 esac
3642 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3643 if test $? -ne 0 ; then
3644 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3645 if test $? -ne 0 ; then
3646 user_path=$user_path:$t_bindir
3647 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3648 fi
3649 fi
8d184c09 3650 fi ]
cb807f40 3651)
95b99395 3652if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3653 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3654 AC_SUBST(user_path)
3655fi
cb807f40 3656
06617857 3657# Set superuser path separately to user path
06617857 3658AC_ARG_WITH(superuser-path,
3659 [ --with-superuser-path= Specify different path for super-user],
3660 [
6cf0200f 3661 if test -n "$withval" && test "x$withval" != "xno" && \
3662 test "x${withval}" != "xyes"; then
3466e002 3663 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3664 [Define if you want a different $PATH
3665 for the superuser])
06617857 3666 superuser_path=$withval
3667 fi
3668 ]
3669)
3670
3671
58d100bf 3672AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3673IPV4_IN6_HACK_MSG="no"
80faa19f 3674AC_ARG_WITH(4in6,
3675 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3676 [
3677 if test "x$withval" != "xno" ; then
3678 AC_MSG_RESULT(yes)
3466e002 3679 AC_DEFINE(IPV4_IN_IPV6, 1,
3680 [Detect IPv4 in IPv6 mapped addresses
3681 and treat as IPv4])
aff51935 3682 IPV4_IN6_HACK_MSG="yes"
80faa19f 3683 else
3684 AC_MSG_RESULT(no)
3685 fi
3686 ],[
3687 if test "x$inet6_default_4in6" = "xyes"; then
3688 AC_MSG_RESULT([yes (default)])
3689 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3690 IPV4_IN6_HACK_MSG="yes"
80faa19f 3691 else
3692 AC_MSG_RESULT([no (default)])
3693 fi
3694 ]
3695)
3696
af774732 3697# Whether to enable BSD auth support
f1b0ecc3 3698BSD_AUTH_MSG=no
af774732 3699AC_ARG_WITH(bsd-auth,
3700 [ --with-bsd-auth Enable BSD auth support],
3701 [
82f4e93d 3702 if test "x$withval" != "xno" ; then
3466e002 3703 AC_DEFINE(BSD_AUTH, 1,
3704 [Define if you have BSD auth support])
f1b0ecc3 3705 BSD_AUTH_MSG=yes
af774732 3706 fi
3707 ]
3708)
3709
a0391976 3710# Where to place sshd.pid
19d9ac2a 3711piddir=/var/run
81dadca3 3712# make sure the directory exists
82f4e93d 3713if test ! -d $piddir ; then
81dadca3 3714 piddir=`eval echo ${sysconfdir}`
3715 case $piddir in
aff51935 3716 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3717 esac
3718fi
3719
47e45e44 3720AC_ARG_WITH(pid-dir,
3721 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3722 [
6cf0200f 3723 if test -n "$withval" && test "x$withval" != "xno" && \
3724 test "x${withval}" != "xyes"; then
19d9ac2a 3725 piddir=$withval
82f4e93d 3726 if test ! -d $piddir ; then
81dadca3 3727 AC_MSG_WARN([** no $piddir directory on this system **])
3728 fi
47e45e44 3729 fi
3730 ]
3731)
b7a87eea 3732
3466e002 3733AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3734AC_SUBST(piddir)
47e45e44 3735
1d7b9b20 3736dnl allow user to disable some login recording features
3737AC_ARG_ENABLE(lastlog,
bfd550a2 3738 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3739 [
3740 if test "x$enableval" = "xno" ; then
3741 AC_DEFINE(DISABLE_LASTLOG)
3742 fi
3743 ]
1d7b9b20 3744)
3745AC_ARG_ENABLE(utmp,
bfd550a2 3746 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3747 [
3748 if test "x$enableval" = "xno" ; then
3749 AC_DEFINE(DISABLE_UTMP)
3750 fi
3751 ]
1d7b9b20 3752)
3753AC_ARG_ENABLE(utmpx,
bfd550a2 3754 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3755 [
3756 if test "x$enableval" = "xno" ; then
3466e002 3757 AC_DEFINE(DISABLE_UTMPX, 1,
3758 [Define if you don't want to use utmpx])
ddb154b3 3759 fi
3760 ]
1d7b9b20 3761)
3762AC_ARG_ENABLE(wtmp,
bfd550a2 3763 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3764 [
3765 if test "x$enableval" = "xno" ; then
3766 AC_DEFINE(DISABLE_WTMP)
3767 fi
3768 ]
1d7b9b20 3769)
3770AC_ARG_ENABLE(wtmpx,
bfd550a2 3771 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3772 [
3773 if test "x$enableval" = "xno" ; then
3466e002 3774 AC_DEFINE(DISABLE_WTMPX, 1,
3775 [Define if you don't want to use wtmpx])
ddb154b3 3776 fi
3777 ]
1d7b9b20 3778)
3779AC_ARG_ENABLE(libutil,
bfd550a2 3780 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3781 [
3782 if test "x$enableval" = "xno" ; then
3783 AC_DEFINE(DISABLE_LOGIN)
3784 fi
3785 ]
1d7b9b20 3786)
3787AC_ARG_ENABLE(pututline,
bfd550a2 3788 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3789 [
3790 if test "x$enableval" = "xno" ; then
3466e002 3791 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3792 [Define if you don't want to use pututline()
3793 etc. to write [uw]tmp])
ddb154b3 3794 fi
3795 ]
1d7b9b20 3796)
3797AC_ARG_ENABLE(pututxline,
bfd550a2 3798 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3799 [
3800 if test "x$enableval" = "xno" ; then
3466e002 3801 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3802 [Define if you don't want to use pututxline()
3803 etc. to write [uw]tmpx])
ddb154b3 3804 fi
3805 ]
1d7b9b20 3806)
3807AC_ARG_WITH(lastlog,
bfd550a2 3808 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3809 [
82f4e93d 3810 if test "x$withval" = "xno" ; then
8c89dd2b 3811 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3812 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3813 conf_lastlog_location=$withval
3814 fi
3815 ]
3816)
1d7b9b20 3817
3818dnl lastlog, [uw]tmpx? detection
3819dnl NOTE: set the paths in the platform section to avoid the
3820dnl need for command-line parameters
3821dnl lastlog and [uw]tmp are subject to a file search if all else fails
3822
3823dnl lastlog detection
3824dnl NOTE: the code itself will detect if lastlog is a directory
3825AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3826AC_TRY_COMPILE([
3827#include <sys/types.h>
3828#include <utmp.h>
3829#ifdef HAVE_LASTLOG_H
3830# include <lastlog.h>
3831#endif
d7c0f3d5 3832#ifdef HAVE_PATHS_H
1d7b9b20 3833# include <paths.h>
41cb4569 3834#endif
3835#ifdef HAVE_LOGIN_H
3836# include <login.h>
1d7b9b20 3837#endif
3838 ],
3839 [ char *lastlog = LASTLOG_FILE; ],
3840 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3841 [
3842 AC_MSG_RESULT(no)
3843 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3844 AC_TRY_COMPILE([
3845#include <sys/types.h>
3846#include <utmp.h>
3847#ifdef HAVE_LASTLOG_H
3848# include <lastlog.h>
3849#endif
3850#ifdef HAVE_PATHS_H
3851# include <paths.h>
3852#endif
3853 ],
3854 [ char *lastlog = _PATH_LASTLOG; ],
3855 [ AC_MSG_RESULT(yes) ],
3856 [
f282b668 3857 AC_MSG_RESULT(no)
d7c0f3d5 3858 system_lastlog_path=no
3859 ])
3860 ]
1d7b9b20 3861)
d7c0f3d5 3862
1d7b9b20 3863if test -z "$conf_lastlog_location"; then
3864 if test x"$system_lastlog_path" = x"no" ; then
3865 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3866 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3867 conf_lastlog_location=$f
3868 fi
3869 done
3870 if test -z "$conf_lastlog_location"; then
f8119cef 3871 AC_MSG_WARN([** Cannot find lastlog **])
3872 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3873 fi
3874 fi
3875fi
3876
3877if test -n "$conf_lastlog_location"; then
3466e002 3878 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3879 [Define if you want to specify the path to your lastlog file])
82f4e93d 3880fi
1d7b9b20 3881
3882dnl utmp detection
3883AC_MSG_CHECKING([if your system defines UTMP_FILE])
3884AC_TRY_COMPILE([
3885#include <sys/types.h>
3886#include <utmp.h>
d7c0f3d5 3887#ifdef HAVE_PATHS_H
1d7b9b20 3888# include <paths.h>
3889#endif
3890 ],
3891 [ char *utmp = UTMP_FILE; ],
3892 [ AC_MSG_RESULT(yes) ],
3893 [ AC_MSG_RESULT(no)
3894 system_utmp_path=no ]
3895)
3896if test -z "$conf_utmp_location"; then
3897 if test x"$system_utmp_path" = x"no" ; then
3898 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3899 if test -f $f ; then
3900 conf_utmp_location=$f
3901 fi
3902 done
3903 if test -z "$conf_utmp_location"; then
3904 AC_DEFINE(DISABLE_UTMP)
3905 fi
3906 fi
3907fi
3908if test -n "$conf_utmp_location"; then
3466e002 3909 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3910 [Define if you want to specify the path to your utmp file])
82f4e93d 3911fi
1d7b9b20 3912
3913dnl wtmp detection
3914AC_MSG_CHECKING([if your system defines WTMP_FILE])
3915AC_TRY_COMPILE([
3916#include <sys/types.h>
3917#include <utmp.h>
d7c0f3d5 3918#ifdef HAVE_PATHS_H
1d7b9b20 3919# include <paths.h>
3920#endif
3921 ],
3922 [ char *wtmp = WTMP_FILE; ],
3923 [ AC_MSG_RESULT(yes) ],
3924 [ AC_MSG_RESULT(no)
3925 system_wtmp_path=no ]
3926)
3927if test -z "$conf_wtmp_location"; then
3928 if test x"$system_wtmp_path" = x"no" ; then
3929 for f in /usr/adm/wtmp /var/log/wtmp; do
3930 if test -f $f ; then
3931 conf_wtmp_location=$f
3932 fi
3933 done
3934 if test -z "$conf_wtmp_location"; then
3935 AC_DEFINE(DISABLE_WTMP)
3936 fi
3937 fi
3938fi
3939if test -n "$conf_wtmp_location"; then
3466e002 3940 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3941 [Define if you want to specify the path to your wtmp file])
82f4e93d 3942fi
1d7b9b20 3943
3944
3945dnl utmpx detection - I don't know any system so perverse as to require
3946dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3947dnl there, though.
3948AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3949AC_TRY_COMPILE([
3950#include <sys/types.h>
3951#include <utmp.h>
3952#ifdef HAVE_UTMPX_H
3953#include <utmpx.h>
3954#endif
d7c0f3d5 3955#ifdef HAVE_PATHS_H
1d7b9b20 3956# include <paths.h>
3957#endif
3958 ],
3959 [ char *utmpx = UTMPX_FILE; ],
3960 [ AC_MSG_RESULT(yes) ],
3961 [ AC_MSG_RESULT(no)
3962 system_utmpx_path=no ]
3963)
3964if test -z "$conf_utmpx_location"; then
3965 if test x"$system_utmpx_path" = x"no" ; then
3966 AC_DEFINE(DISABLE_UTMPX)
3967 fi
3968else
3466e002 3969 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3970 [Define if you want to specify the path to your utmpx file])
82f4e93d 3971fi
1d7b9b20 3972
3973dnl wtmpx detection
3974AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3975AC_TRY_COMPILE([
3976#include <sys/types.h>
3977#include <utmp.h>
3978#ifdef HAVE_UTMPX_H
3979#include <utmpx.h>
3980#endif
d7c0f3d5 3981#ifdef HAVE_PATHS_H
1d7b9b20 3982# include <paths.h>
3983#endif
3984 ],
3985 [ char *wtmpx = WTMPX_FILE; ],
3986 [ AC_MSG_RESULT(yes) ],
3987 [ AC_MSG_RESULT(no)
3988 system_wtmpx_path=no ]
3989)
3990if test -z "$conf_wtmpx_location"; then
3991 if test x"$system_wtmpx_path" = x"no" ; then
3992 AC_DEFINE(DISABLE_WTMPX)
3993 fi
3994else
3466e002 3995 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3996 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3997fi
1d7b9b20 3998
b7a87eea 3999
bd499f9e 4000if test ! -z "$blibpath" ; then
68ece370 4001 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4002 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4003fi
4004
ed89c848 4005dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4006dnl Add now.
4007CFLAGS="$CFLAGS $werror_flags"
4008
3c62e7eb 4009AC_EXEEXT
29eadd7c 4010AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4011 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4012 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4013AC_OUTPUT
d3083fbd 4014
cbd7492e 4015# Print summary of options
4016
cbd7492e 4017# Someone please show me a better way :)
4018A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4019B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4020C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4021D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4022E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4023F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4024G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4025H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4026I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4027J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4028
4029echo ""
26de7942 4030echo "OpenSSH has been configured with the following options:"
ecac8ee5 4031echo " User binaries: $B"
4032echo " System binaries: $C"
4033echo " Configuration files: $D"
4034echo " Askpass program: $E"
4035echo " Manual pages: $F"
4036echo " PID file: $G"
4037echo " Privilege separation chroot path: $H"
95b99395 4038if test "x$external_path_file" = "x/etc/login.conf" ; then
4039echo " At runtime, sshd will use the path defined in $external_path_file"
4040echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4041else
ecac8ee5 4042echo " sshd default user PATH: $I"
89bbd457 4043 if test ! -z "$external_path_file"; then
95b99395 4044echo " (If PATH is set in $external_path_file it will be used instead. If"
4045echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4046 fi
8d184c09 4047fi
06617857 4048if test ! -z "$superuser_path" ; then
ecac8ee5 4049echo " sshd superuser user PATH: $J"
4050fi
4051echo " Manpage format: $MANTYPE"
3e05e934 4052echo " PAM support: $PAM_MSG"
5b84789f 4053echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4054echo " KerberosV support: $KRB5_MSG"
ef4d1846 4055echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4056echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4057echo " S/KEY support: $SKEY_MSG"
4058echo " TCP Wrappers support: $TCPW_MSG"
4059echo " MD5 password support: $MD5_MSG"
59031773 4060echo " libedit support: $LIBEDIT_MSG"
5b84789f 4061echo " Solaris process contract support: $SPC_MSG"
3deb1408 4062echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4063echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4064echo " BSD Auth support: $BSD_AUTH_MSG"
4065echo " Random number source: $RAND_MSG"
f1b0ecc3 4066if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4067echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4068fi
4069
cbd7492e 4070echo ""
4071
0c2fb82f 4072echo " Host: ${host}"
4073echo " Compiler: ${CC}"
4074echo " Compiler flags: ${CFLAGS}"
4075echo "Preprocessor flags: ${CPPFLAGS}"
4076echo " Linker flags: ${LDFLAGS}"
e54defb4 4077echo " Libraries: ${LIBS}"
4078if test ! -z "${SSHDLIBS}"; then
4079echo " +for sshd: ${SSHDLIBS}"
4080fi
cbd7492e 4081
4082echo ""
4083
9cefe228 4084if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4085 echo "SVR4 style packages are supported with \"make package\""
4086 echo ""
9cefe228 4087fi
4088
adeebd37 4089if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4090 echo "PAM is enabled. You may need to install a PAM control file "
4091 echo "for sshd, otherwise password authentication may fail. "
aff51935 4092 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4093 echo "subdirectory"
adeebd37 4094 echo ""
4095fi
4096
f1b0ecc3 4097if test ! -z "$RAND_HELPER_CMDHASH" ; then
4098 echo "WARNING: you are using the builtin random number collection "
4099 echo "service. Please read WARNING.RNG and request that your OS "
4100 echo "vendor includes kernel-based random number collection in "
4101 echo "future versions of your OS."
2c523de9 4102 echo ""
4103fi
af774732 4104
2f6f9cff 4105if test ! -z "$NO_PEERCHECK" ; then
1961d660 4106 echo "WARNING: the operating system that you are using does not"
4107 echo "appear to support getpeereid(), getpeerucred() or the"
4108 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4109 echo "enforce security checks to prevent unauthorised connections to"
4110 echo "ssh-agent. Their absence increases the risk that a malicious"
4111 echo "user can connect to your agent."
2f6f9cff 4112 echo ""
4113fi
4114
7b578f7d 4115if test "$AUDIT_MODULE" = "bsm" ; then
4116 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4117 echo "See the Solaris section in README.platform for details."
4118fi
git-cvsimport mirror of OpenSSH
This page took 5.501809 seconds and 5 git commands to generate.