]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
0b202697 2
98a7c37b 3AC_INIT
4AC_CONFIG_SRCDIR([ssh.c])
5881cd60 5
6AC_CONFIG_HEADER(config.h)
b14b2ae7 7AC_PROG_CC
a7effaac 8AC_CANONICAL_HOST
cf0c5df5 9AC_C_BIGENDIAN
5881cd60 10
a0391976 11# Checks for programs.
4cca272e 12AC_PROG_CPP
5881cd60 13AC_PROG_RANLIB
cf8dd513 14AC_PROG_INSTALL
bee0a37e 15AC_PATH_PROG(AR, ar)
13dd877b 16AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 17AC_PATH_PROG(SED, sed)
a0f84251 18AC_SUBST(PERL)
ad85db64 19AC_PATH_PROG(ENT, ent)
20AC_SUBST(ENT)
6958bd37 21AC_PATH_PROG(TEST_MINUS_S_SH, bash)
22AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
23AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 24AC_PATH_PROG(SH, sh)
f498ed15 25
948fd8b9 26# System features
27AC_SYS_LARGEFILE
28
c193d002 29if test -z "$AR" ; then
30 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
31fi
32
2e73a022 33# Use LOGIN_PROGRAM from environment if possible
34if test ! -z "$LOGIN_PROGRAM" ; then
35 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
36else
37 # Search for login
38 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
39 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
40 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
41 fi
42fi
43
d423d822 44if test -z "$LD" ; then
45 LD=$CC
46fi
47AC_SUBST(LD)
48
d423d822 49AC_C_INLINE
5ed2bb5b 50if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
51 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
d423d822 52fi
53
a0391976 54# Check for some target-specific stuff
a7effaac 55case "$host" in
9d6b1b96 56*-*-aix*)
0c2fb82f 57 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
84afc958 58 LDFLAGS="$LDFLAGS -L/usr/local/lib"
68ece370 59 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
60 if (test -z "$blibpath"); then
61 blibpath="/usr/lib:/lib:/usr/local/lib"
62 fi
63 saved_LDFLAGS="$LDFLAGS"
64 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
65 if (test -z "$blibflags"); then
66 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
67 AC_TRY_LINK([], [], [blibflags=$tryflags])
68 fi
69 done
70 if (test -z "$blibflags"); then
71 AC_MSG_RESULT(not found)
72 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
73 else
74 AC_MSG_RESULT($blibflags)
bd499f9e 75 fi
68ece370 76 LDFLAGS="$saved_LDFLAGS"
e351e493 77 dnl Check for authenticate. Might be in libs.a on older AIXes
78 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 79 [AC_CHECK_LIB(s,authenticate,
e351e493 80 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 81 LIBS="$LIBS -ls"
82 ])
83 ])
e351e493 84 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
85 AC_CHECK_DECL(loginfailed,
86 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
87 AC_TRY_COMPILE(
f58c0e01 88 [#include <usersec.h>],
e351e493 89 [(void)loginfailed("user","host","tty",0);],
90 [AC_MSG_RESULT(yes)
91 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 92 [AC_MSG_RESULT(no)]
e351e493 93 )],
94 [],
95 [#include <usersec.h>]
96 )
2aa3a16c 97 AC_CHECK_FUNCS(setauthdb)
4c8ef3fb 98 AC_DEFINE(BROKEN_GETADDRINFO)
1352689f 99 AC_DEFINE(BROKEN_REALPATH)
a3cef3ca 100 dnl AIX handles lastlog as part of its login message
101 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 102 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 103 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 104 ;;
3c62e7eb 105*-*-cygwin*)
a52997bd 106 check_for_libcrypt_later=1
ffb8d130 107 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 108 AC_DEFINE(HAVE_CYGWIN)
7043a38d 109 AC_DEFINE(USE_PIPES)
3c62e7eb 110 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 111 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 112 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 113 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 114 AC_DEFINE(DISABLE_FD_PASSING)
246446cd 115 AC_DEFINE(SETGROUPS_NOOP)
3c62e7eb 116 ;;
d6fdb079 117*-*-dgux*)
118 AC_DEFINE(IP_TOS_IS_BROKEN)
119 ;;
39c98ef7 120*-*-darwin*)
33e2e066 121 AC_MSG_CHECKING(if we have working getaddrinfo)
122 AC_TRY_RUN([#include <mach-o/dyld.h>
123main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
124 exit(0);
125 else
126 exit(1);
127}], [AC_MSG_RESULT(working)],
128 [AC_MSG_RESULT(buggy)
129 AC_DEFINE(BROKEN_GETADDRINFO)],
130 [AC_MSG_RESULT(assume it is working)])
39c98ef7 131 ;;
6e879cb4 132*-*-hpux10.26)
133 if test -z "$GCC"; then
134 CFLAGS="$CFLAGS -Ae"
135 fi
136 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
137 IPADDR_IN_DISPLAY=yes
138 AC_DEFINE(HAVE_SECUREWARE)
139 AC_DEFINE(USE_PIPES)
140 AC_DEFINE(LOGIN_NO_ENDOPT)
141 AC_DEFINE(LOGIN_NEEDS_UTMPX)
142 AC_DEFINE(DISABLE_SHADOW)
143 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 144 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 145 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 146 LIBS="$LIBS -lsec -lsecpw"
147 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
6e879cb4 148 disable_ptmx_check=yes
149 ;;
a7effaac 150*-*-hpux10*)
151 if test -z "$GCC"; then
fc1e8bf4 152 CFLAGS="$CFLAGS -Ae"
a7effaac 153 fi
28564873 154 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 155 IPADDR_IN_DISPLAY=yes
137d7b6c 156 AC_DEFINE(USE_PIPES)
a2572aa7 157 AC_DEFINE(LOGIN_NO_ENDOPT)
158 AC_DEFINE(LOGIN_NEEDS_UTMPX)
0bbfbdeb 159 AC_DEFINE(DISABLE_SHADOW)
764d4113 160 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 161 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 162 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 163 LIBS="$LIBS -lsec"
164 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
a7effaac 165 ;;
2b763e31 166*-*-hpux11*)
b8fea62d 167 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 168 IPADDR_IN_DISPLAY=yes
adeebd37 169 AC_DEFINE(PAM_SUN_CODEBASE)
2b10f47a 170 AC_DEFINE(USE_PIPES)
a2572aa7 171 AC_DEFINE(LOGIN_NO_ENDOPT)
172 AC_DEFINE(LOGIN_NEEDS_UTMPX)
0bbfbdeb 173 AC_DEFINE(DISABLE_SHADOW)
764d4113 174 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 175 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 176 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 177 LIBS="$LIBS -lsec"
178 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2b763e31 179 ;;
d94aa2ae 180*-*-irix5*)
0c2fb82f 181 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
c5fa2eb0 182 LDFLAGS="$LDFLAGS"
6ac7829a 183 PATH="$PATH:/usr/etc"
416ed5a7 184 AC_DEFINE(BROKEN_INET_NTOA)
0e8f4eba 185 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 186 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 187 ;;
188*-*-irix6*)
0c2fb82f 189 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
c5fa2eb0 190 LDFLAGS="$LDFLAGS"
6ac7829a 191 PATH="$PATH:/usr/etc"
3206bb3b 192 AC_DEFINE(WITH_IRIX_ARRAY)
193 AC_DEFINE(WITH_IRIX_PROJECT)
194 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 195 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 196 AC_DEFINE(BROKEN_INET_NTOA)
0e8f4eba 197 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 198 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 199 ;;
5cdfe03f 200*-*-linux*)
201 no_dev_ptmx=1
717057b6 202 check_for_libcrypt_later=1
eacb954e 203 check_for_openpty_ctty_bug=1
80faa19f 204 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 205 AC_DEFINE(PAM_TTY_KLUDGE)
3e6e3da0 206 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!!")
3a2b2b44 207 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
80faa19f 208 inet6_default_4in6=yes
bf7c1e6c 209 case `uname -r` in
ad84c479 210 1.*|2.0.*)
bf7c1e6c 211 AC_DEFINE(BROKEN_CMSG_TYPE)
212 ;;
bf7c1e6c 213 esac
5cdfe03f 214 ;;
66d6c27e 215mips-sony-bsd|mips-sony-newsos4)
216 AC_DEFINE(HAVE_NEWS4)
217 SONY=1
66d6c27e 218 ;;
d468fc76 219*-*-netbsd*)
33e2e066 220 check_for_libcrypt_before=1
a0391976 221 need_dash_r=1
d468fc76 222 ;;
86b416a7 223*-*-freebsd*)
224 check_for_libcrypt_later=1
225 ;;
729bfe59 226*-next-*)
729bfe59 227 conf_lastlog_location="/usr/adm/lastlog"
698d107e 228 conf_utmp_location=/etc/utmp
229 conf_wtmp_location=/usr/adm/wtmp
230 MAIL=/usr/spool/mail
729bfe59 231 AC_DEFINE(HAVE_NEXT)
443172c4 232 AC_DEFINE(BROKEN_REALPATH)
00937921 233 AC_DEFINE(USE_PIPES)
86b416a7 234 AC_DEFINE(BROKEN_SAVED_UIDS)
0c2fb82f 235 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
b1335fdf 236 CFLAGS="$CFLAGS"
729bfe59 237 ;;
9d6b1b96 238*-*-solaris*)
0c2fb82f 239 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
fbf305f1 240 LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib"
a0391976 241 need_dash_r=1
adeebd37 242 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 243 AC_DEFINE(LOGIN_NEEDS_UTMPX)
244 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 245 AC_DEFINE(PAM_TTY_KLUDGE)
3e6e3da0 246 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 247 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
248 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1d7b9b20 249 # hardwire lastlog location (can't detect it on some versions)
250 conf_lastlog_location="/var/adm/lastlog"
32c80420 251 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
252 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
253 if test "$sol2ver" -ge 8; then
254 AC_MSG_RESULT(yes)
255 AC_DEFINE(DISABLE_UTMP)
256 AC_DEFINE(DISABLE_WTMP)
257 else
258 AC_MSG_RESULT(no)
259 fi
9d6b1b96 260 ;;
a423beaf 261*-*-sunos4*)
0c2fb82f 262 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 263 AC_CHECK_FUNCS(getpwanam)
adeebd37 264 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 265 conf_utmp_location=/etc/utmp
266 conf_wtmp_location=/var/adm/wtmp
267 conf_lastlog_location=/var/adm/lastlog
137d7b6c 268 AC_DEFINE(USE_PIPES)
a423beaf 269 ;;
6f68f28a 270*-ncr-sysv*)
271 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
272 LDFLAGS="$LDFLAGS -L/usr/local/lib"
98a7c37b 273 LIBS="$LIBS -lc89"
29525240 274 AC_DEFINE(USE_PIPES)
eabb99c6 275 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6f68f28a 276 ;;
132dd316 277*-sni-sysv*)
0c2fb82f 278 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
c8c15bcb 279 # /usr/ucblib MUST NOT be searched on ReliantUNIX
280 LDFLAGS="$LDFLAGS -L/usr/local/lib"
9548d6c8 281 IPADDR_IN_DISPLAY=yes
282 AC_DEFINE(USE_PIPES)
132dd316 283 AC_DEFINE(IP_TOS_IS_BROKEN)
eabb99c6 284 AC_DEFINE(SSHD_ACQUIRES_CTTY)
c8c15bcb 285 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
286 # Attention: always take care to bind libsocket and libnsl before libc,
287 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 288 ;;
77bb0bca 289*-*-sysv4.2*)
0c2fb82f 290 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
77bb0bca 291 LDFLAGS="$LDFLAGS -L/usr/local/lib"
ed6553e2 292 AC_DEFINE(USE_PIPES)
77bb0bca 293 ;;
294*-*-sysv5*)
0c2fb82f 295 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
77bb0bca 296 LDFLAGS="$LDFLAGS -L/usr/local/lib"
ed6553e2 297 AC_DEFINE(USE_PIPES)
77bb0bca 298 ;;
9d6b1b96 299*-*-sysv*)
0c2fb82f 300 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
84afc958 301 LDFLAGS="$LDFLAGS -L/usr/local/lib"
9d6b1b96 302 ;;
77bb0bca 303*-*-sco3.2v4*)
0c2fb82f 304 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize -I/usr/local/include"
77bb0bca 305 LDFLAGS="$LDFLAGS -L/usr/local/lib"
98a7c37b 306 LIBS="$LIBS -los -lprot -lx -ltinfo -lm"
77bb0bca 307 RANLIB=true
ed6553e2 308 no_dev_ptmx=1
77bb0bca 309 AC_DEFINE(BROKEN_SYS_TERMIO_H)
ed6553e2 310 AC_DEFINE(USE_PIPES)
6e879cb4 311 AC_DEFINE(HAVE_SECUREWARE)
d287c664 312 AC_DEFINE(DISABLE_SHADOW)
86b416a7 313 AC_DEFINE(BROKEN_SAVED_UIDS)
aca75d94 314 AC_CHECK_FUNCS(getluid setluid)
533875af 315 MANTYPE=man
98a7c37b 316 do_sco3_extra_lib_check=yes
77bb0bca 317 ;;
318*-*-sco3.2v5*)
21710e39 319 if test -z "$GCC"; then
320 CFLAGS="$CFLAGS -belf"
321 fi
0c2fb82f 322 CPPFLAGS="$CPPFLAGS -I/usr/local/include"
509b1f88 323 LDFLAGS="$LDFLAGS -L/usr/local/lib"
ed6553e2 324 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 325 no_dev_ptmx=1
ed6553e2 326 AC_DEFINE(USE_PIPES)
6e879cb4 327 AC_DEFINE(HAVE_SECUREWARE)
d287c664 328 AC_DEFINE(DISABLE_SHADOW)
94d8258b 329 AC_DEFINE(DISABLE_FD_PASSING)
aca75d94 330 AC_CHECK_FUNCS(getluid setluid)
533875af 331 MANTYPE=man
509b1f88 332 ;;
ccbb983c 333*-*-unicosmk*)
ccbb983c 334 AC_DEFINE(USE_PIPES)
335 AC_DEFINE(DISABLE_FD_PASSING)
336 LDFLAGS="$LDFLAGS"
337 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
338 MANTYPE=cat
d262b7f2 339 ;;
ca5c7d6a 340*-*-unicos*)
ca5c7d6a 341 AC_DEFINE(USE_PIPES)
94d8258b 342 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 343 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 344 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
345 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
346 MANTYPE=cat
a704dd54 347 ;;
4d33e531 348*-dec-osf*)
99c8ddac 349 AC_MSG_CHECKING(for Digital Unix SIA)
350 no_osfsia=""
351 AC_ARG_WITH(osfsia,
352 [ --with-osfsia Enable Digital Unix SIA],
353 [
354 if test "x$withval" = "xno" ; then
355 AC_MSG_RESULT(disabled)
356 no_osfsia=1
357 fi
358 ],
359 )
360 if test -z "$no_osfsia" ; then
4d33e531 361 if test -f /etc/sia/matrix.conf; then
362 AC_MSG_RESULT(yes)
363 AC_DEFINE(HAVE_OSF_SIA)
364 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 365 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 366 LIBS="$LIBS -lsecurity -ldb -lm -laud"
367 else
368 AC_MSG_RESULT(no)
369 fi
370 fi
6af8f131 371 AC_DEFINE(DISABLE_FD_PASSING)
a6e67b60 372 AC_DEFINE(BROKEN_GETADDRINFO)
3e6e3da0 373 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 374 ;;
41cb4569 375
376*-*-nto-qnx)
377 AC_DEFINE(USE_PIPES)
378 AC_DEFINE(NO_X11_UNIX_SOCKETS)
379 AC_DEFINE(MISSING_NFDBITS)
380 AC_DEFINE(MISSING_HOWMANY)
381 AC_DEFINE(MISSING_FD_MASK)
382 ;;
a7effaac 383esac
384
8e7b16f8 385# Allow user to specify flags
386AC_ARG_WITH(cflags,
387 [ --with-cflags Specify additional flags to pass to compiler],
388 [
389 if test "x$withval" != "xno" ; then
390 CFLAGS="$CFLAGS $withval"
391 fi
392 ]
393)
0c2fb82f 394AC_ARG_WITH(cppflags,
395 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
396 [
397 if test "x$withval" != "xno"; then
398 CPPFLAGS="$CPPFLAGS $withval"
399 fi
400 ]
401)
8e7b16f8 402AC_ARG_WITH(ldflags,
97b378bf 403 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 404 [
405 if test "x$withval" != "xno" ; then
406 LDFLAGS="$LDFLAGS $withval"
407 fi
408 ]
409)
410AC_ARG_WITH(libs,
411 [ --with-libs Specify additional libraries to link with],
412 [
413 if test "x$withval" != "xno" ; then
414 LIBS="$LIBS $withval"
415 fi
416 ]
417)
418
c5829391 419AC_MSG_CHECKING(compiler and flags for sanity)
420AC_TRY_RUN([
421#include <stdio.h>
422int main(){exit(0);}
423 ],
424 [ AC_MSG_RESULT(yes) ],
425 [
426 AC_MSG_RESULT(no)
427 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
428 ]
429)
430
ddceb1c8 431# Checks for header files.
688eed4a 432AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \
7d132853 433 getopt.h glob.h ia.h lastlog.h libgen.h limits.h login.h \
ddceb1c8 434 login_cap.h maillock.h netdb.h netgroup.h \
75817f90 435 netinet/in_systm.h paths.h pty.h readpassphrase.h \
5bbbc661 436 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
f58c0e01 437 strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \
438 sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \
ad137007 439 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \
ef51930f 440 sys/un.h time.h tmpdir.h ttyent.h usersec.h \
ddceb1c8 441 util.h utime.h utmp.h utmpx.h)
442
a0391976 443# Checks for libraries.
98a7c37b 444AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
445AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 446
f61d6b17 447dnl SCO OS3 needs this for libwrap
98a7c37b 448if test "x$with_tcp_wrappers" != "xno" ; then
449 if test "x$do_sco3_extra_lib_check" = "xyes" ; then
450 AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc)
451 fi
452fi
453
454AC_CHECK_FUNC(getspnam, ,
455 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
98a7c37b 456
9d6b6505 457AC_ARG_WITH(rpath,
458 [ --without-rpath Disable auto-added -R linker paths],
459 [
460 if test "x$withval" = "xno" ; then
461 need_dash_r=""
462 fi
463 if test "x$withval" = "xyes" ; then
464 need_dash_r=1
465 fi
466 ]
467)
468
98a7c37b 469dnl zlib is required
470AC_ARG_WITH(zlib,
471 [ --with-zlib=PATH Use zlib in PATH],
472 [
846f83ab 473 if test "x$withval" = "xno" ; then
f1b0ecc3 474 AC_MSG_ERROR([*** zlib is required ***])
475 fi
98a7c37b 476 if test -d "$withval/lib"; then
477 if test -n "${need_dash_r}"; then
5a162955 478 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 479 else
5a162955 480 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 481 fi
482 else
483 if test -n "${need_dash_r}"; then
5a162955 484 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 485 else
5a162955 486 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 487 fi
488 fi
489 if test -d "$withval/include"; then
5a162955 490 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 491 else
5a162955 492 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 493 fi
494 ]
495)
496
051809f6 497AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]))
48e7916f 498
2c523de9 499dnl UnixWare 2.x
500AC_CHECK_FUNC(strcasecmp,
501 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
502)
503AC_CHECK_FUNC(utimes,
cda1ebcb 504 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
505 LIBS="$LIBS -lc89"]) ]
2c523de9 506)
4cca272e 507
7c6d759d 508dnl Checks for libutil functions
509AC_CHECK_HEADERS(libutil.h)
510AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
511AC_CHECK_FUNCS(logout updwtmp logwtmp)
512
a738c3b0 513AC_FUNC_STRFTIME
514
84ceda19 515# Check for ALTDIRFUNC glob() extension
516AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
517AC_EGREP_CPP(FOUNDIT,
518 [
519 #include <glob.h>
520 #ifdef GLOB_ALTDIRFUNC
521 FOUNDIT
522 #endif
523 ],
524 [
525 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
526 AC_MSG_RESULT(yes)
527 ],
528 [
529 AC_MSG_RESULT(no)
530 ]
531)
4cca272e 532
40849fdb 533# Check for g.gl_matchc glob() extension
534AC_MSG_CHECKING(for gl_matchc field in glob_t)
535AC_EGREP_CPP(FOUNDIT,
536 [
537 #include <glob.h>
538 int main(void){glob_t g; g.gl_matchc = 1;}
539 ],
540 [
541 AC_DEFINE(GLOB_HAS_GL_MATCHC)
542 AC_MSG_RESULT(yes)
543 ],
544 [
545 AC_MSG_RESULT(no)
546 ]
547)
548
edbe6722 549AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
550AC_TRY_RUN(
551 [
552#include <sys/types.h>
553#include <dirent.h>
aec4cb4f 554int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
edbe6722 555 ],
556 [AC_MSG_RESULT(yes)],
557 [
558 AC_MSG_RESULT(no)
559 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
560 ]
561)
562
278588d8 563# Check whether user wants S/Key support
564SKEY_MSG="no"
565AC_ARG_WITH(skey,
98a7c37b 566 [ --with-skey[[=PATH]] Enable S/Key support
567 (optionally in PATH)],
278588d8 568 [
569 if test "x$withval" != "xno" ; then
570
571 if test "x$withval" != "xyes" ; then
572 CPPFLAGS="$CPPFLAGS -I${withval}/include"
573 LDFLAGS="$LDFLAGS -L${withval}/lib"
574 fi
575
576 AC_DEFINE(SKEY)
577 LIBS="-lskey $LIBS"
578 SKEY_MSG="yes"
579
ddceb1c8 580 AC_MSG_CHECKING([for s/key support])
581 AC_TRY_RUN(
582 [
583#include <stdio.h>
584#include <skey.h>
aec4cb4f 585int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 586 ],
587 [AC_MSG_RESULT(yes)],
278588d8 588 [
ddceb1c8 589 AC_MSG_RESULT(no)
278588d8 590 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
591 ])
592 fi
593 ]
594)
595
596# Check whether user wants TCP wrappers support
98a7c37b 597TCPW_MSG="no"
278588d8 598AC_ARG_WITH(tcp-wrappers,
98a7c37b 599 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support
600 (optionally in PATH)],
278588d8 601 [
602 if test "x$withval" != "xno" ; then
603 saved_LIBS="$LIBS"
98a7c37b 604 saved_LDFLAGS="$LDFLAGS"
605 saved_CPPFLAGS="$CPPFLAGS"
606 if test -n "${withval}" -a "${withval}" != "yes"; then
607 if test -d "${withval}/lib"; then
608 if test -n "${need_dash_r}"; then
5a162955 609 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 610 else
5a162955 611 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 612 fi
613 else
614 if test -n "${need_dash_r}"; then
5a162955 615 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 616 else
5a162955 617 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 618 fi
619 fi
620 if test -d "${withval}/include"; then
5a162955 621 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 622 else
5a162955 623 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 624 fi
98a7c37b 625 fi
ddceb1c8 626 LIBWRAP="-lwrap"
627 LIBS="$LIBWRAP $LIBS"
278588d8 628 AC_MSG_CHECKING(for libwrap)
629 AC_TRY_LINK(
630 [
631#include <tcpd.h>
632 int deny_severity = 0, allow_severity = 0;
633 ],
634 [hosts_access(0);],
635 [
636 AC_MSG_RESULT(yes)
637 AC_DEFINE(LIBWRAP)
ddceb1c8 638 AC_SUBST(LIBWRAP)
98a7c37b 639 TCPW_MSG="yes"
278588d8 640 ],
641 [
642 AC_MSG_ERROR([*** libwrap missing])
643 ]
644 )
ddceb1c8 645 LIBS="$saved_LIBS"
278588d8 646 fi
647 ]
648)
649
19160674 650dnl Checks for library functions. Please keep in alphabetical order
651AC_CHECK_FUNCS(\
688eed4a 652 arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename \
653 bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \
19160674 654 gai_strerror getaddrinfo getcwd getgrouplist getnameinfo getopt \
309709db 655 getpeereid _getpty getrlimit getttyent glob inet_aton \
19160674 656 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
79d4fc55 657 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
658 pstat readpassphrase realpath recvmsg rresvport_af sendmsg \
659 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
688eed4a 660 setproctitle setregid setresgid setresuid setreuid setrlimit \
661 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
5af25b1d 662 strlcat strlcpy strmode strnvis sysconf tcgetpgrp tcsendbreak \
663 truncate utimes vhangup vsnprintf waitpid \
19160674 664)
98a7c37b 665
92b1decf 666AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
68ece370 667AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
92b1decf 668
309709db 669dnl Make sure prototypes are defined for these before using them.
08412d26 670AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
309709db 671AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
08412d26 672
98a7c37b 673dnl IRIX and Solaris 2.5.1 have dirname() in libgen
051809f6 674AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
98a7c37b 675 AC_CHECK_LIB(gen, dirname,[
676 AC_CACHE_CHECK([for broken dirname],
677 ac_cv_have_broken_dirname, [
051809f6 678 save_LIBS="$LIBS"
679 LIBS="$LIBS -lgen"
98a7c37b 680 AC_TRY_RUN(
681 [
682#include <libgen.h>
683#include <string.h>
684
685int main(int argc, char **argv) {
686 char *s, buf[32];
687
688 strncpy(buf,"/etc", 32);
689 s = dirname(buf);
051809f6 690 if (!s || strncmp(s, "/", 32) != 0) {
98a7c37b 691 exit(1);
692 } else {
693 exit(0);
694 }
695}
696 ],
697 [ ac_cv_have_broken_dirname="no" ],
698 [ ac_cv_have_broken_dirname="yes" ]
699 )
051809f6 700 LIBS="$save_LIBS"
98a7c37b 701 ])
051809f6 702 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
98a7c37b 703 LIBS="$LIBS -lgen"
704 AC_DEFINE(HAVE_DIRNAME)
051809f6 705 AC_CHECK_HEADERS(libgen.h)
98a7c37b 706 fi
707 ])
708])
709
2e73a022 710dnl Checks for time functions
1d7b9b20 711AC_CHECK_FUNCS(gettimeofday time)
2e73a022 712dnl Checks for utmp functions
b03bd394 713AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 714AC_CHECK_FUNCS(utmpname)
2e73a022 715dnl Checks for utmpx functions
b03bd394 716AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 717AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 718
beb43d31 719AC_CHECK_FUNC(daemon,
720 [AC_DEFINE(HAVE_DAEMON)],
721 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
722)
723
aa6bd60a 724AC_CHECK_FUNC(getpagesize,
725 [AC_DEFINE(HAVE_GETPAGESIZE)],
726 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
727)
728
2647ae26 729# Check for broken snprintf
730if test "x$ac_cv_func_snprintf" = "xyes" ; then
731 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
732 AC_TRY_RUN(
733 [
734#include <stdio.h>
aec4cb4f 735int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
2647ae26 736 ],
737 [AC_MSG_RESULT(yes)],
738 [
739 AC_MSG_RESULT(no)
740 AC_DEFINE(BROKEN_SNPRINTF)
741 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
742 ]
743 )
744fi
745
70e7d0b0 746dnl see whether mkstemp() requires XXXXXX
747if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
748AC_MSG_CHECKING([for (overly) strict mkstemp])
749AC_TRY_RUN(
750 [
751#include <stdlib.h>
752main() { char template[]="conftest.mkstemp-test";
753if (mkstemp(template) == -1)
754 exit(1);
755unlink(template); exit(0);
756}
757 ],
758 [
759 AC_MSG_RESULT(no)
760 ],
761 [
762 AC_MSG_RESULT(yes)
763 AC_DEFINE(HAVE_STRICT_MKSTEMP)
764 ],
765 [
766 AC_MSG_RESULT(yes)
767 AC_DEFINE(HAVE_STRICT_MKSTEMP)
768 ]
769)
770fi
771
eacb954e 772dnl make sure that openpty does not reacquire controlling terminal
773if test ! -z "$check_for_openpty_ctty_bug"; then
774 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
775 AC_TRY_RUN(
776 [
777#include <stdio.h>
778#include <sys/fcntl.h>
779#include <sys/types.h>
780#include <sys/wait.h>
781
782int
783main()
784{
785 pid_t pid;
786 int fd, ptyfd, ttyfd, status;
787
788 pid = fork();
789 if (pid < 0) { /* failed */
790 exit(1);
791 } else if (pid > 0) { /* parent */
792 waitpid(pid, &status, 0);
793 if (WIFEXITED(status))
794 exit(WEXITSTATUS(status));
795 else
796 exit(2);
797 } else { /* child */
798 close(0); close(1); close(2);
799 setsid();
800 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
801 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
802 if (fd >= 0)
803 exit(3); /* Acquired ctty: broken */
804 else
805 exit(0); /* Did not acquire ctty: OK */
806 }
807}
808 ],
809 [
810 AC_MSG_RESULT(yes)
811 ],
812 [
813 AC_MSG_RESULT(no)
814 AC_DEFINE(SSHD_ACQUIRES_CTTY)
815 ]
816 )
817fi
818
7f8f5e00 819AC_FUNC_GETPGRP
820
717057b6 821# Check for PAM libs
cbd7492e 822PAM_MSG="no"
a0391976 823AC_ARG_WITH(pam,
717057b6 824 [ --with-pam Enable PAM support ],
a0391976 825 [
717057b6 826 if test "x$withval" != "xno" ; then
827 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" ; then
828 AC_MSG_ERROR([PAM headers not found])
829 fi
a0391976 830
717057b6 831 AC_CHECK_LIB(dl, dlopen, , )
832 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
833 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 834 AC_CHECK_FUNCS(pam_putenv)
2b763e31 835
717057b6 836 disable_shadow=yes
837 PAM_MSG="yes"
4cb5ffa0 838
717057b6 839 AC_DEFINE(USE_PAM)
98f2d9d5 840 if test $ac_cv_lib_dl_dlopen = yes; then
841 LIBPAM="-lpam -ldl"
842 else
843 LIBPAM="-lpam"
844 fi
845 AC_SUBST(LIBPAM)
717057b6 846 fi
847 ]
848)
cbd7492e 849
717057b6 850# Check for older PAM
851if test "x$PAM_MSG" = "xyes" ; then
a0391976 852 # Check PAM strerror arguments (old PAM)
853 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
854 AC_TRY_COMPILE(
855 [
18ba2aab 856#include <stdlib.h>
857#include <security/pam_appl.h>
a0391976 858 ],
859 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
860 [AC_MSG_RESULT(no)],
861 [
862 AC_DEFINE(HAVE_OLD_PAM)
863 AC_MSG_RESULT(yes)
cbd7492e 864 PAM_MSG="yes (old library)"
a0391976 865 ]
717057b6 866 )
a0391976 867fi
868
33e2e066 869# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
870# because the system crypt() is more featureful.
871if test "x$check_for_libcrypt_before" = "x1"; then
872 AC_CHECK_LIB(crypt, crypt)
873fi
874
5b991353 875# Search for OpenSSL
876saved_CPPFLAGS="$CPPFLAGS"
877saved_LDFLAGS="$LDFLAGS"
a0391976 878AC_ARG_WITH(ssl-dir,
879 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
880 [
e9e4a1c7 881 if test "x$withval" != "xno" ; then
5b991353 882 if test -d "$withval/lib"; then
883 if test -n "${need_dash_r}"; then
884 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
885 else
886 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 887 fi
888 else
5b991353 889 if test -n "${need_dash_r}"; then
890 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
891 else
892 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 893 fi
894 fi
5b991353 895 if test -d "$withval/include"; then
896 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 897 else
5b991353 898 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 899 fi
a0391976 900 fi
5b991353 901 ]
902)
903LIBS="$LIBS -lcrypto"
904AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 905 [
5b991353 906 dnl Check default openssl install dir
907 if test -n "${need_dash_r}"; then
908 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 909 else
5b991353 910 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 911 fi
5b991353 912 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
913 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
914 [
915 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
916 ]
917 )
918 ]
919)
920
cd018561 921# Determine OpenSSL header version
922AC_MSG_CHECKING([OpenSSL header version])
923AC_TRY_RUN(
924 [
925#include <stdio.h>
926#include <string.h>
927#include <openssl/opensslv.h>
928#define DATA "conftest.sslincver"
929int main(void) {
930 FILE *fd;
931 int rc;
932
933 fd = fopen(DATA,"w");
934 if(fd == NULL)
935 exit(1);
936
937 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
938 exit(1);
939
940 exit(0);
941}
942 ],
943 [
944 ssl_header_ver=`cat conftest.sslincver`
945 AC_MSG_RESULT($ssl_header_ver)
946 ],
947 [
948 AC_MSG_RESULT(not found)
949 AC_MSG_ERROR(OpenSSL version header not found.)
950 ]
951)
952
953# Determine OpenSSL library version
954AC_MSG_CHECKING([OpenSSL library version])
955AC_TRY_RUN(
956 [
957#include <stdio.h>
958#include <string.h>
959#include <openssl/opensslv.h>
960#include <openssl/crypto.h>
961#define DATA "conftest.ssllibver"
962int main(void) {
963 FILE *fd;
964 int rc;
965
966 fd = fopen(DATA,"w");
967 if(fd == NULL)
968 exit(1);
969
970 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
971 exit(1);
972
973 exit(0);
974}
975 ],
976 [
977 ssl_library_ver=`cat conftest.ssllibver`
978 AC_MSG_RESULT($ssl_library_ver)
979 ],
980 [
981 AC_MSG_RESULT(not found)
982 AC_MSG_ERROR(OpenSSL library not found.)
983 ]
984)
58d100bf 985
9780116c 986# Sanity check OpenSSL headers
987AC_MSG_CHECKING([whether OpenSSL's headers match the library])
988AC_TRY_RUN(
989 [
990#include <string.h>
991#include <openssl/opensslv.h>
aec4cb4f 992int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
9780116c 993 ],
994 [
995 AC_MSG_RESULT(yes)
996 ],
997 [
998 AC_MSG_RESULT(no)
e15ba28b 999 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1000Check config.log for details.
1001Also see contrib/findssl.sh for help identifying header/library mismatches.])
9780116c 1002 ]
1003)
1004
717057b6 1005# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
1006# version in OpenSSL. Skip this for PAM
05114c74 1007if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1008 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1009fi
1010
f1b0ecc3 1011
1012### Configure cryptographic random number support
1013
1014# Check wheter OpenSSL seeds itself
1015AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1016AC_TRY_RUN(
1017 [
1018#include <string.h>
1019#include <openssl/rand.h>
aec4cb4f 1020int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
f1b0ecc3 1021 ],
1022 [
1023 OPENSSL_SEEDS_ITSELF=yes
1024 AC_MSG_RESULT(yes)
1025 ],
1026 [
1027 AC_MSG_RESULT(no)
1028 # Default to use of the rand helper if OpenSSL doesn't
1029 # seed itself
1030 USE_RAND_HELPER=yes
1031 ]
1032)
1033
1034
1035# Do we want to force the use of the rand helper?
1036AC_ARG_WITH(rand-helper,
1037 [ --with-rand-helper Use subprocess to gather strong randomness ],
1038 [
1039 if test "x$withval" = "xno" ; then
1040 # Force use of OpenSSL's internal RNG, even if
1041 # the previous test showed it to be unseeded.
1042 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1043 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1044 OPENSSL_SEEDS_ITSELF=yes
1045 USE_RAND_HELPER=""
1046 fi
1047 else
1048 USE_RAND_HELPER=yes
1049 fi
1050 ],
1051)
1052
1053# Which randomness source do we use?
1054if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1055 # OpenSSL only
1056 AC_DEFINE(OPENSSL_PRNG_ONLY)
1057 RAND_MSG="OpenSSL internal ONLY"
1058 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1059elif test ! -z "$USE_RAND_HELPER" ; then
1060 # install rand helper
f1b0ecc3 1061 RAND_MSG="ssh-rand-helper"
1062 INSTALL_SSH_RAND_HELPER="yes"
1063fi
1064AC_SUBST(INSTALL_SSH_RAND_HELPER)
1065
1066### Configuration of ssh-rand-helper
1067
1068# PRNGD TCP socket
1069AC_ARG_WITH(prngd-port,
1070 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1071 [
eb5d7ff6 1072 case "$withval" in
1073 no)
1074 withval=""
1075 ;;
1076 [[0-9]]*)
1077 ;;
1078 *)
1079 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1080 ;;
1081 esac
1082 if test ! -z "$withval" ; then
f1b0ecc3 1083 PRNGD_PORT="$withval"
1084 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1085 fi
1086 ]
1087)
1088
1089# PRNGD Unix domain socket
1090AC_ARG_WITH(prngd-socket,
1091 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1092 [
eb5d7ff6 1093 case "$withval" in
1094 yes)
f1b0ecc3 1095 withval="/var/run/egd-pool"
eb5d7ff6 1096 ;;
1097 no)
1098 withval=""
1099 ;;
1100 /*)
1101 ;;
1102 *)
1103 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1104 ;;
1105 esac
1106
1107 if test ! -z "$withval" ; then
f1b0ecc3 1108 if test ! -z "$PRNGD_PORT" ; then
1109 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1110 fi
906e811b 1111 if test ! -r "$withval" ; then
f1b0ecc3 1112 AC_MSG_WARN(Entropy socket is not readable)
1113 fi
1114 PRNGD_SOCKET="$withval"
1115 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1116 fi
ddceb1c8 1117 ],
1118 [
1119 # Check for existing socket only if we don't have a random device already
1120 if test "$USE_RAND_HELPER" = yes ; then
1121 AC_MSG_CHECKING(for PRNGD/EGD socket)
1122 # Insert other locations here
1123 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1124 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1125 PRNGD_SOCKET="$sock"
1126 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1127 break;
1128 fi
1129 done
1130 if test ! -z "$PRNGD_SOCKET" ; then
1131 AC_MSG_RESULT($PRNGD_SOCKET)
1132 else
1133 AC_MSG_RESULT(not found)
1134 fi
1135 fi
f1b0ecc3 1136 ]
1137)
1138
1139# Change default command timeout for hashing entropy source
1140entropy_timeout=200
1141AC_ARG_WITH(entropy-timeout,
1142 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1143 [
1144 if test "x$withval" != "xno" ; then
1145 entropy_timeout=$withval
1146 fi
1147 ]
1148)
f1b0ecc3 1149AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1150
fd3cbf67 1151SSH_PRIVSEP_USER=sshd
9a0fbcb3 1152AC_ARG_WITH(privsep-user,
5222e7ef 1153 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1154 [
1155 if test -n "$withval"; then
fd3cbf67 1156 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1157 fi
1158 ]
1159)
fd3cbf67 1160AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1161AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1162
81dadca3 1163# We do this little dance with the search path to insure
1164# that programs that we select for use by installed programs
1165# (which may be run by the super-user) come from trusted
1166# locations before they come from the user's private area.
1167# This should help avoid accidentally configuring some
1168# random version of a program in someone's personal bin.
1169
1170OPATH=$PATH
1171PATH=/bin:/usr/bin
f95c8ce8 1172test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1173test -d /sbin && PATH=$PATH:/sbin
1174test -d /usr/sbin && PATH=$PATH:/usr/sbin
1175PATH=$PATH:/etc:$OPATH
1176
f1b0ecc3 1177# These programs are used by the command hashing source to gather entropy
1178OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1179OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1180OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1181OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1182OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1183OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1184OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1185OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1186OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1187OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1188OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1189OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1190OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1191OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1192OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1193OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1194# restore PATH
1195PATH=$OPATH
f1b0ecc3 1196
1197# Where does ssh-rand-helper get its randomness from?
1198INSTALL_SSH_PRNG_CMDS=""
1199if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1200 if test ! -z "$PRNGD_PORT" ; then
1201 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1202 elif test ! -z "$PRNGD_SOCKET" ; then
1203 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1204 else
1205 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1206 RAND_HELPER_CMDHASH=yes
1207 INSTALL_SSH_PRNG_CMDS="yes"
1208 fi
1209fi
1210AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1211
1212
66d6c27e 1213# Cheap hack to ensure NEWS-OS libraries are arranged right.
1214if test ! -z "$SONY" ; then
1215 LIBS="$LIBS -liberty";
1216fi
1217
a0391976 1218# Checks for data types
976f7e19 1219AC_CHECK_SIZEOF(char, 1)
2b942fe0 1220AC_CHECK_SIZEOF(short int, 2)
1221AC_CHECK_SIZEOF(int, 4)
1222AC_CHECK_SIZEOF(long int, 4)
1223AC_CHECK_SIZEOF(long long int, 8)
1224
52f1ccb2 1225# Sanity check long long for some platforms (AIX)
1226if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1227 ac_cv_sizeof_long_long_int=0
1228fi
1229
a0391976 1230# More checks for data types
14a9a859 1231AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1232 AC_TRY_COMPILE(
1233 [ #include <sys/types.h> ],
1234 [ u_int a; a = 1;],
1235 [ ac_cv_have_u_int="yes" ],
1236 [ ac_cv_have_u_int="no" ]
1237 )
1238])
1239if test "x$ac_cv_have_u_int" = "xyes" ; then
1240 AC_DEFINE(HAVE_U_INT)
1241 have_u_int=1
1242fi
1243
58d100bf 1244AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1245 AC_TRY_COMPILE(
1246 [ #include <sys/types.h> ],
1247 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
1248 [ ac_cv_have_intxx_t="yes" ],
1249 [ ac_cv_have_intxx_t="no" ]
1250 )
1251])
1252if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1253 AC_DEFINE(HAVE_INTXX_T)
1254 have_intxx_t=1
1255fi
41cb4569 1256
1257if (test -z "$have_intxx_t" && \
1258 test "x$ac_cv_header_stdint_h" = "xyes")
1259then
1260 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1261 AC_TRY_COMPILE(
1262 [ #include <stdint.h> ],
1263 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
1264 [
1265 AC_DEFINE(HAVE_INTXX_T)
1266 AC_MSG_RESULT(yes)
1267 ],
1268 [ AC_MSG_RESULT(no) ]
1269 )
1270fi
1271
bd590612 1272AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1273 AC_TRY_COMPILE(
1cbbe6c8 1274 [
1275#include <sys/types.h>
1276#ifdef HAVE_STDINT_H
1277# include <stdint.h>
1278#endif
1279#include <sys/socket.h>
1280#ifdef HAVE_SYS_BITYPES_H
1281# include <sys/bitypes.h>
1282#endif
1283 ],
bd590612 1284 [ int64_t a; a = 1;],
1285 [ ac_cv_have_int64_t="yes" ],
1286 [ ac_cv_have_int64_t="no" ]
1287 )
1288])
1289if test "x$ac_cv_have_int64_t" = "xyes" ; then
1290 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1291fi
1292
58d100bf 1293AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1294 AC_TRY_COMPILE(
1295 [ #include <sys/types.h> ],
1296 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
1297 [ ac_cv_have_u_intxx_t="yes" ],
1298 [ ac_cv_have_u_intxx_t="no" ]
1299 )
1300])
1301if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1302 AC_DEFINE(HAVE_U_INTXX_T)
1303 have_u_intxx_t=1
1304fi
2b942fe0 1305
41cb4569 1306if test -z "$have_u_intxx_t" ; then
1307 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1308 AC_TRY_COMPILE(
1309 [ #include <sys/socket.h> ],
1310 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
1311 [
1312 AC_DEFINE(HAVE_U_INTXX_T)
1313 AC_MSG_RESULT(yes)
1314 ],
1315 [ AC_MSG_RESULT(no) ]
1316 )
1317fi
1318
bd590612 1319AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1320 AC_TRY_COMPILE(
1321 [ #include <sys/types.h> ],
1322 [ u_int64_t a; a = 1;],
1323 [ ac_cv_have_u_int64_t="yes" ],
1324 [ ac_cv_have_u_int64_t="no" ]
1325 )
1326])
1327if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1328 AC_DEFINE(HAVE_U_INT64_T)
1329 have_u_int64_t=1
1330fi
1331
ddceb1c8 1332if test -z "$have_u_int64_t" ; then
1333 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1334 AC_TRY_COMPILE(
1335 [ #include <sys/bitypes.h> ],
1336 [ u_int64_t a; a = 1],
1337 [
1338 AC_DEFINE(HAVE_U_INT64_T)
1339 AC_MSG_RESULT(yes)
1340 ],
1341 [ AC_MSG_RESULT(no) ]
1342 )
1343fi
1344
41cb4569 1345if test -z "$have_u_intxx_t" ; then
1346 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1347 AC_TRY_COMPILE(
1348 [
1349#include <sys/types.h>
1350 ],
1351 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
1352 [ ac_cv_have_uintxx_t="yes" ],
1353 [ ac_cv_have_uintxx_t="no" ]
1354 )
1355 ])
1356 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1357 AC_DEFINE(HAVE_UINTXX_T)
1358 fi
1359fi
1360
1361if test -z "$have_uintxx_t" ; then
1362 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1363 AC_TRY_COMPILE(
1364 [ #include <stdint.h> ],
1365 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
1366 [
1367 AC_DEFINE(HAVE_UINTXX_T)
1368 AC_MSG_RESULT(yes)
1369 ],
1370 [ AC_MSG_RESULT(no) ]
1371 )
1372fi
1373
e5fe9a1f 1374if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
1375 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1376then
1377 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1378 AC_TRY_COMPILE(
58d100bf 1379 [
1380#include <sys/bitypes.h>
1381 ],
5cdfe03f 1382 [
837c30b8 1383 int8_t a; int16_t b; int32_t c;
1384 u_int8_t e; u_int16_t f; u_int32_t g;
1385 a = b = c = e = f = g = 1;
5cdfe03f 1386 ],
1387 [
1388 AC_DEFINE(HAVE_U_INTXX_T)
1389 AC_DEFINE(HAVE_INTXX_T)
1390 AC_MSG_RESULT(yes)
1391 ],
1392 [AC_MSG_RESULT(no)]
1393 )
1394fi
1395
0362750e 1396
1397AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1398 AC_TRY_COMPILE(
1399 [
1400#include <sys/types.h>
1401 ],
1402 [ u_char foo; foo = 125; ],
1403 [ ac_cv_have_u_char="yes" ],
1404 [ ac_cv_have_u_char="no" ]
1405 )
1406])
1407if test "x$ac_cv_have_u_char" = "xyes" ; then
1408 AC_DEFINE(HAVE_U_CHAR)
1409fi
1410
98a7c37b 1411TYPE_SOCKLEN_T
2b942fe0 1412
2d16d9a3 1413AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 1414
58d100bf 1415AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1416 AC_TRY_COMPILE(
1417 [
18ba2aab 1418#include <sys/types.h>
58d100bf 1419 ],
1420 [ size_t foo; foo = 1235; ],
1421 [ ac_cv_have_size_t="yes" ],
1422 [ ac_cv_have_size_t="no" ]
1423 )
1424])
1425if test "x$ac_cv_have_size_t" = "xyes" ; then
1426 AC_DEFINE(HAVE_SIZE_T)
1427fi
ea1970a3 1428
c04f75f1 1429AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1430 AC_TRY_COMPILE(
1431 [
1432#include <sys/types.h>
1433 ],
1434 [ ssize_t foo; foo = 1235; ],
1435 [ ac_cv_have_ssize_t="yes" ],
1436 [ ac_cv_have_ssize_t="no" ]
1437 )
1438])
1439if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1440 AC_DEFINE(HAVE_SSIZE_T)
1441fi
1442
f1c4659d 1443AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1444 AC_TRY_COMPILE(
1445 [
1446#include <time.h>
1447 ],
1448 [ clock_t foo; foo = 1235; ],
1449 [ ac_cv_have_clock_t="yes" ],
1450 [ ac_cv_have_clock_t="no" ]
1451 )
1452])
1453if test "x$ac_cv_have_clock_t" = "xyes" ; then
1454 AC_DEFINE(HAVE_CLOCK_T)
1455fi
1456
1c04b088 1457AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1458 AC_TRY_COMPILE(
1459 [
1460#include <sys/types.h>
1461#include <sys/socket.h>
1462 ],
1463 [ sa_family_t foo; foo = 1235; ],
1464 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 1465 [ AC_TRY_COMPILE(
1466 [
1467#include <sys/types.h>
1468#include <sys/socket.h>
1469#include <netinet/in.h>
1470 ],
1471 [ sa_family_t foo; foo = 1235; ],
1472 [ ac_cv_have_sa_family_t="yes" ],
1473
1c04b088 1474 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 1475 )]
1c04b088 1476 )
1477])
1478if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1479 AC_DEFINE(HAVE_SA_FAMILY_T)
1480fi
1481
729bfe59 1482AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1483 AC_TRY_COMPILE(
1484 [
1485#include <sys/types.h>
1486 ],
1487 [ pid_t foo; foo = 1235; ],
1488 [ ac_cv_have_pid_t="yes" ],
1489 [ ac_cv_have_pid_t="no" ]
1490 )
1491])
1492if test "x$ac_cv_have_pid_t" = "xyes" ; then
1493 AC_DEFINE(HAVE_PID_T)
1494fi
1495
1496AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1497 AC_TRY_COMPILE(
1498 [
1499#include <sys/types.h>
1500 ],
1501 [ mode_t foo; foo = 1235; ],
1502 [ ac_cv_have_mode_t="yes" ],
1503 [ ac_cv_have_mode_t="no" ]
1504 )
1505])
1506if test "x$ac_cv_have_mode_t" = "xyes" ; then
1507 AC_DEFINE(HAVE_MODE_T)
1508fi
1509
e3a93db0 1510
58d100bf 1511AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1512 AC_TRY_COMPILE(
1513 [
18ba2aab 1514#include <sys/types.h>
1515#include <sys/socket.h>
58d100bf 1516 ],
1517 [ struct sockaddr_storage s; ],
1518 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1519 [ ac_cv_have_struct_sockaddr_storage="no" ]
1520 )
1521])
1522if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1523 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1524fi
48e671d5 1525
58d100bf 1526AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1527 AC_TRY_COMPILE(
1528 [
cbd7492e 1529#include <sys/types.h>
58d100bf 1530#include <netinet/in.h>
1531 ],
1532 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
1533 [ ac_cv_have_struct_sockaddr_in6="yes" ],
1534 [ ac_cv_have_struct_sockaddr_in6="no" ]
1535 )
1536])
1537if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
1538 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
1539fi
48e671d5 1540
58d100bf 1541AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
1542 AC_TRY_COMPILE(
1543 [
cbd7492e 1544#include <sys/types.h>
58d100bf 1545#include <netinet/in.h>
1546 ],
1547 [ struct in6_addr s; s.s6_addr[0] = 0; ],
1548 [ ac_cv_have_struct_in6_addr="yes" ],
1549 [ ac_cv_have_struct_in6_addr="no" ]
1550 )
1551])
1552if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
1553 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
1554fi
48e671d5 1555
58d100bf 1556AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
1557 AC_TRY_COMPILE(
1558 [
18ba2aab 1559#include <sys/types.h>
1560#include <sys/socket.h>
1561#include <netdb.h>
58d100bf 1562 ],
1563 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
1564 [ ac_cv_have_struct_addrinfo="yes" ],
1565 [ ac_cv_have_struct_addrinfo="no" ]
1566 )
1567])
1568if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
1569 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
1570fi
1571
89c7e31c 1572AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
1573 AC_TRY_COMPILE(
1574 [ #include <sys/time.h> ],
1575 [ struct timeval tv; tv.tv_sec = 1;],
1576 [ ac_cv_have_struct_timeval="yes" ],
1577 [ ac_cv_have_struct_timeval="no" ]
1578 )
1579])
1580if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
1581 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
1582 have_struct_timeval=1
1583fi
1584
5271b55c 1585AC_CHECK_TYPES(struct timespec)
1586
85abc74b 1587# We need int64_t or else certian parts of the compile will fail.
2c523de9 1588if test "x$ac_cv_have_int64_t" = "xno" -a \
1589 "x$ac_cv_sizeof_long_int" != "x8" -a \
1590 "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 1591 echo "OpenSSH requires int64_t support. Contact your vendor or install"
1592 echo "an alternative compiler (I.E., GCC) before continuing."
1593 echo ""
1594 exit 1;
733cf7f4 1595else
1596dnl test snprintf (broken on SCO w/gcc)
1597 AC_TRY_RUN(
1598 [
1599#include <stdio.h>
1600#include <string.h>
1601#ifdef HAVE_SNPRINTF
1602main()
1603{
1604 char buf[50];
1605 char expected_out[50];
1606 int mazsize = 50 ;
1607#if (SIZEOF_LONG_INT == 8)
1608 long int num = 0x7fffffffffffffff;
1609#else
763a1a18 1610 long long num = 0x7fffffffffffffffll;
733cf7f4 1611#endif
1612 strcpy(expected_out, "9223372036854775807");
1613 snprintf(buf, mazsize, "%lld", num);
1614 if(strcmp(buf, expected_out) != 0)
1615 exit(1);
1616 exit(0);
1617}
1618#else
1619main() { exit(0); }
1620#endif
1621 ], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ]
1622 )
2c523de9 1623fi
1624
77bb0bca 1625dnl Checks for structure members
58d100bf 1626OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
1627OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
1628OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
1629OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
1630OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 1631OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 1632OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
1633OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 1634OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 1635OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
1636OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
1637OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
1638OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 1639OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
1640OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
1641OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
1642OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 1643
1644AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 1645
58d100bf 1646AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
1647 ac_cv_have_ss_family_in_struct_ss, [
1648 AC_TRY_COMPILE(
1649 [
18ba2aab 1650#include <sys/types.h>
1651#include <sys/socket.h>
58d100bf 1652 ],
1653 [ struct sockaddr_storage s; s.ss_family = 1; ],
1654 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
1655 [ ac_cv_have_ss_family_in_struct_ss="no" ],
1656 )
1657])
1658if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
1659 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
1660fi
1661
58d100bf 1662AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
1663 ac_cv_have___ss_family_in_struct_ss, [
1664 AC_TRY_COMPILE(
1665 [
18ba2aab 1666#include <sys/types.h>
1667#include <sys/socket.h>
58d100bf 1668 ],
1669 [ struct sockaddr_storage s; s.__ss_family = 1; ],
1670 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
1671 [ ac_cv_have___ss_family_in_struct_ss="no" ]
1672 )
1673])
1674if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
1675 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
1676fi
1677
2e73a022 1678AC_CACHE_CHECK([for pw_class field in struct passwd],
1679 ac_cv_have_pw_class_in_struct_passwd, [
1680 AC_TRY_COMPILE(
1681 [
2e73a022 1682#include <pwd.h>
1683 ],
97994d32 1684 [ struct passwd p; p.pw_class = 0; ],
2e73a022 1685 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
1686 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
1687 )
1688])
1689if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
1690 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
1691fi
1692
7751d4eb 1693AC_CACHE_CHECK([for pw_expire field in struct passwd],
1694 ac_cv_have_pw_expire_in_struct_passwd, [
1695 AC_TRY_COMPILE(
1696 [
1697#include <pwd.h>
1698 ],
1699 [ struct passwd p; p.pw_expire = 0; ],
1700 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
1701 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
1702 )
1703])
1704if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
1705 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
1706fi
1707
1708AC_CACHE_CHECK([for pw_change field in struct passwd],
1709 ac_cv_have_pw_change_in_struct_passwd, [
1710 AC_TRY_COMPILE(
1711 [
1712#include <pwd.h>
1713 ],
1714 [ struct passwd p; p.pw_change = 0; ],
1715 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
1716 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
1717 )
1718])
1719if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
1720 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
1721fi
58d100bf 1722
637f9177 1723dnl make sure we're using the real structure members and not defines
6f34652e 1724AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
1725 ac_cv_have_accrights_in_msghdr, [
637f9177 1726 AC_TRY_RUN(
6f34652e 1727 [
f95c8ce8 1728#include <sys/types.h>
6f34652e 1729#include <sys/socket.h>
1730#include <sys/uio.h>
637f9177 1731int main() {
1732#ifdef msg_accrights
1733exit(1);
1734#endif
1735struct msghdr m;
1736m.msg_accrights = 0;
1737exit(0);
1738}
6f34652e 1739 ],
6f34652e 1740 [ ac_cv_have_accrights_in_msghdr="yes" ],
1741 [ ac_cv_have_accrights_in_msghdr="no" ]
1742 )
1743])
1744if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
1745 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
1746fi
1747
7176df4f 1748AC_CACHE_CHECK([for msg_control field in struct msghdr],
1749 ac_cv_have_control_in_msghdr, [
637f9177 1750 AC_TRY_RUN(
7176df4f 1751 [
f95c8ce8 1752#include <sys/types.h>
7176df4f 1753#include <sys/socket.h>
1754#include <sys/uio.h>
637f9177 1755int main() {
1756#ifdef msg_control
1757exit(1);
1758#endif
1759struct msghdr m;
1760m.msg_control = 0;
1761exit(0);
1762}
7176df4f 1763 ],
7176df4f 1764 [ ac_cv_have_control_in_msghdr="yes" ],
1765 [ ac_cv_have_control_in_msghdr="no" ]
1766 )
1767])
1768if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
1769 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
1770fi
1771
58d100bf 1772AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
1773 AC_TRY_LINK([],
1774 [ extern char *__progname; printf("%s", __progname); ],
1775 [ ac_cv_libc_defines___progname="yes" ],
1776 [ ac_cv_libc_defines___progname="no" ]
1777 )
1778])
1779if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
1780 AC_DEFINE(HAVE___PROGNAME)
1781fi
8946db53 1782
c921ee00 1783AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
1784 AC_TRY_LINK([
1785#include <stdio.h>
1786],
1787 [ printf("%s", __FUNCTION__); ],
1788 [ ac_cv_cc_implements___FUNCTION__="yes" ],
1789 [ ac_cv_cc_implements___FUNCTION__="no" ]
1790 )
1791])
1792if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
1793 AC_DEFINE(HAVE___FUNCTION__)
1794fi
1795
1796AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
1797 AC_TRY_LINK([
1798#include <stdio.h>
1799],
1800 [ printf("%s", __func__); ],
1801 [ ac_cv_cc_implements___func__="yes" ],
1802 [ ac_cv_cc_implements___func__="no" ]
1803 )
1804])
1805if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
1806 AC_DEFINE(HAVE___func__)
1807fi
1808
1812a662 1809AC_CACHE_CHECK([whether getopt has optreset support],
1810 ac_cv_have_getopt_optreset, [
1811 AC_TRY_LINK(
1812 [
1813#include <getopt.h>
1814 ],
1815 [ extern int optreset; optreset = 0; ],
1816 [ ac_cv_have_getopt_optreset="yes" ],
1817 [ ac_cv_have_getopt_optreset="no" ]
1818 )
1819])
1820if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
1821 AC_DEFINE(HAVE_GETOPT_OPTRESET)
1822fi
a0391976 1823
819b676f 1824AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
1825 AC_TRY_LINK([],
1826 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
1827 [ ac_cv_libc_defines_sys_errlist="yes" ],
1828 [ ac_cv_libc_defines_sys_errlist="no" ]
1829 )
1830])
1831if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
1832 AC_DEFINE(HAVE_SYS_ERRLIST)
1833fi
1834
1835
416ed5a7 1836AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
1837 AC_TRY_LINK([],
1838 [ extern int sys_nerr; printf("%i", sys_nerr);],
1839 [ ac_cv_libc_defines_sys_nerr="yes" ],
1840 [ ac_cv_libc_defines_sys_nerr="no" ]
1841 )
1842])
1843if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
1844 AC_DEFINE(HAVE_SYS_NERR)
1845fi
1846
d0b19c95 1847SCARD_MSG="no"
295c8801 1848# Check whether user wants sectok support
1849AC_ARG_WITH(sectok,
1850 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 1851 [
1852 if test "x$withval" != "xno" ; then
1853 if test "x$withval" != "xyes" ; then
1854 CPPFLAGS="$CPPFLAGS -I${withval}"
1855 LDFLAGS="$LDFLAGS -L${withval}"
1856 if test ! -z "$need_dash_r" ; then
1857 LDFLAGS="$LDFLAGS -R${withval}"
1858 fi
1859 if test ! -z "$blibpath" ; then
1860 blibpath="$blibpath:${withval}"
1861 fi
1862 fi
1863 AC_CHECK_HEADERS(sectok.h)
1864 if test "$ac_cv_header_sectok_h" != yes; then
1865 AC_MSG_ERROR(Can't find sectok.h)
1866 fi
1867 AC_CHECK_LIB(sectok, sectok_open)
1868 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
1869 AC_MSG_ERROR(Can't find libsectok)
1870 fi
1871 AC_DEFINE(SMARTCARD)
295c8801 1872 AC_DEFINE(USE_SECTOK)
1873 SCARD_MSG="yes, using sectok"
1874 fi
1875 ]
1876)
1877
1878# Check whether user wants OpenSC support
1879AC_ARG_WITH(opensc,
49ef62db 1880 AC_HELP_STRING([--with-opensc=PFX],
1881 [Enable smartcard support using OpenSC]),
1882 opensc_config_prefix="$withval", opensc_config_prefix="")
1883if test x$opensc_config_prefix != x ; then
1884 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
1885 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
1886 if test "$OPENSC_CONFIG" != "no"; then
1887 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
1888 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
1889 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
1890 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
1891 AC_DEFINE(SMARTCARD)
1892 AC_DEFINE(USE_OPENSC)
1893 SCARD_MSG="yes, using OpenSC"
1894 fi
1895fi
d0b19c95 1896
3e05e934 1897# Check whether user wants DNS support
1898DNS_MSG="no"
1899AC_ARG_WITH(dns,
1900 [ --with-dns Support for fetching keys from DNS (experimental)],
1901 [
1902 if test "x$withval" != "xno" ; then
4460d509 1903 DNS_MSG="yes"
1904 AC_DEFINE(DNS)
1905 AC_SEARCH_LIBS(getrrsetbyname, resolv,
4e00038c 1906 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
1907 [
1908 # Needed by our getrrsetbyname()
1909 AC_SEARCH_LIBS(res_query, resolv)
1910 AC_SEARCH_LIBS(dn_expand, resolv)
1911 ])
3e05e934 1912 fi
1913 ]
1914)
1915
12928e80 1916# Check whether user wants Kerberos 5 support
1917KRB5_MSG="no"
1918AC_ARG_WITH(kerberos5,
1919 [ --with-kerberos5=PATH Enable Kerberos 5 support],
1920 [
1921 if test "x$withval" != "xno" ; then
1922 if test "x$withval" = "xyes" ; then
1923 KRB5ROOT="/usr/local"
1924 else
1925 KRB5ROOT=${withval}
1926 fi
1927 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
1928 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
1929 AC_DEFINE(KRB5)
1930 KRB5_MSG="yes"
1931 AC_MSG_CHECKING(whether we are using Heimdal)
1932 AC_TRY_COMPILE([ #include <krb5.h> ],
1933 [ char *tmp = heimdal_version; ],
1934 [ AC_MSG_RESULT(yes)
1935 AC_DEFINE(HEIMDAL)
1936 K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken"
1937 ],
1938 [ AC_MSG_RESULT(no)
1939 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
1940 ]
1941 )
1942 if test ! -z "$need_dash_r" ; then
1943 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
1944 fi
1945 if test ! -z "$blibpath" ; then
1946 blibpath="$blibpath:${KRB5ROOT}/lib"
1947 fi
4e00038c 1948 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 1949
749560dd 1950 AC_CHECK_LIB(gssapi,gss_init_sec_context,
1951 [ AC_DEFINE(GSSAPI)
1952 K5LIBS="-lgssapi $K5LIBS" ],
1953 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
1954 [ AC_DEFINE(GSSAPI)
1955 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
1956 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
1957 $K5LIBS)
1958 ],
1959 $K5LIBS)
1960
1961 AC_CHECK_HEADER(gssapi.h, ,
1962 [ unset ac_cv_header_gssapi_h
1963 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
1964 AC_CHECK_HEADERS(gssapi.h, ,
1965 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
1966 )
1967 ]
1968 )
1969
1970 oldCPP="$CPPFLAGS"
1971 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
1972 AC_CHECK_HEADER(gssapi_krb5.h, ,
1973 [ CPPFLAGS="$oldCPP" ])
1974
12928e80 1975 KRB5=yes
1976 fi
1977 ]
1978)
1c590258 1979LIBS="$LIBS $K5LIBS"
b5b68128 1980
a0391976 1981# Looking for programs, paths and files
a0391976 1982
ecac8ee5 1983PRIVSEP_PATH=/var/empty
1984AC_ARG_WITH(privsep-path,
cda1ebcb 1985 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 1986 [
1987 if test "x$withval" != "$no" ; then
1988 PRIVSEP_PATH=$withval
1989 fi
1990 ]
1991)
1992AC_SUBST(PRIVSEP_PATH)
1993
a0391976 1994AC_ARG_WITH(xauth,
1995 [ --with-xauth=PATH Specify path to xauth program ],
1996 [
00937921 1997 if test "x$withval" != "xno" ; then
cbd7492e 1998 xauth_path=$withval
a0391976 1999 fi
2000 ],
2001 [
2bf42e4a 2002 TestPath="$PATH"
2003 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2004 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2005 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2006 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2007 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2008 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2009 xauth_path="/usr/openwin/bin/xauth"
2010 fi
2011 ]
2012)
2013
65a4b4af 2014STRIP_OPT=-s
2015AC_ARG_ENABLE(strip,
2016 [ --disable-strip Disable calling strip(1) on install],
2017 [
2018 if test "x$enableval" = "xno" ; then
2019 STRIP_OPT=
2020 fi
2021 ]
2022)
2023AC_SUBST(STRIP_OPT)
2024
b3ec54b4 2025if test -z "$xauth_path" ; then
2026 XAUTH_PATH="undefined"
2027 AC_SUBST(XAUTH_PATH)
2028else
a0391976 2029 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2030 XAUTH_PATH=$xauth_path
2031 AC_SUBST(XAUTH_PATH)
a0391976 2032fi
a0391976 2033
2034# Check for mail directory (last resort if we cannot get it from headers)
2035if test ! -z "$MAIL" ; then
2036 maildir=`dirname $MAIL`
2037 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2038fi
2039
a0391976 2040if test -z "$no_dev_ptmx" ; then
6e879cb4 2041 if test "x$disable_ptmx_check" != "xyes" ; then
2042 AC_CHECK_FILE("/dev/ptmx",
2043 [
2044 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2045 have_dev_ptmx=1
2046 ]
2047 )
2048 fi
3276571c 2049fi
2050AC_CHECK_FILE("/dev/ptc",
2051 [
2052 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2053 have_dev_ptc=1
2054 ]
2055)
2056
a0391976 2057# Options from here on. Some of these are preset by platform above
fdf6b7aa 2058AC_ARG_WITH(mantype,
5d97cfbf 2059 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2060 [
5d97cfbf 2061 case "$withval" in
2062 man|cat|doc)
2063 MANTYPE=$withval
2064 ;;
2065 *)
2066 AC_MSG_ERROR(invalid man type: $withval)
2067 ;;
2068 esac
c54a6257 2069 ]
2070)
e0c4d3ac 2071if test -z "$MANTYPE"; then
2bf42e4a 2072 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2073 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2074 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2075 MANTYPE=doc
2076 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2077 MANTYPE=man
2078 else
2079 MANTYPE=cat
2080 fi
2081fi
c54a6257 2082AC_SUBST(MANTYPE)
e0c4d3ac 2083if test "$MANTYPE" = "doc"; then
2084 mansubdir=man;
2085else
2086 mansubdir=$MANTYPE;
2087fi
2088AC_SUBST(mansubdir)
0bc5b6fb 2089
a0391976 2090# Check whether to enable MD5 passwords
cbd7492e 2091MD5_MSG="no"
2ddcfdf3 2092AC_ARG_WITH(md5-passwords,
caf3bc51 2093 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2094 [
bcf36c78 2095 if test "x$withval" != "xno" ; then
0bc5b6fb 2096 AC_DEFINE(HAVE_MD5_PASSWORDS)
cbd7492e 2097 MD5_MSG="yes"
0bc5b6fb 2098 fi
2099 ]
caf3bc51 2100)
2101
a0391976 2102# Whether to disable shadow password support
a7effaac 2103AC_ARG_WITH(shadow,
2104 [ --without-shadow Disable shadow password support],
2105 [
2106 if test "x$withval" = "xno" ; then
2107 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2108 disable_shadow=yes
a7effaac 2109 fi
2110 ]
2111)
2112
4cb5ffa0 2113if test -z "$disable_shadow" ; then
2114 AC_MSG_CHECKING([if the systems has expire shadow information])
2115 AC_TRY_COMPILE(
2116 [
2117#include <sys/types.h>
2118#include <shadow.h>
2119 struct spwd sp;
2120 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2121 [ sp_expire_available=yes ], []
2122 )
2123
2124 if test "x$sp_expire_available" = "xyes" ; then
2125 AC_MSG_RESULT(yes)
2126 AC_DEFINE(HAS_SHADOW_EXPIRE)
2127 else
2128 AC_MSG_RESULT(no)
2129 fi
2130fi
2131
a0391976 2132# Use ip address instead of hostname in $DISPLAY
44839801 2133if test ! -z "$IPADDR_IN_DISPLAY" ; then
2134 DISPLAY_HACK_MSG="yes"
2135 AC_DEFINE(IPADDR_IN_DISPLAY)
2136else
2137 DISPLAY_HACK_MSG="no"
2138 AC_ARG_WITH(ipaddr-display,
2139 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2140 [
2141 if test "x$withval" != "xno" ; then
2142 AC_DEFINE(IPADDR_IN_DISPLAY)
2143 DISPLAY_HACK_MSG="yes"
2144 fi
2145 ]
2146 )
2147fi
a7effaac 2148
8d184c09 2149dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2150if test $ac_cv_func_login_getcapbool = "yes" -a \
2151 $ac_cv_header_login_cap_h = "yes" ; then
2152 USES_LOGIN_CONF=yes
2153fi
a0391976 2154# Whether to mess with the default path
cbd7492e 2155SERVER_PATH_MSG="(default)"
c43d69a9 2156AC_ARG_WITH(default-path,
75817f90 2157 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2158 [
8d184c09 2159 if test "$USES_LOGIN_CONF" = "yes" ; then
2160 AC_MSG_WARN([
2161--with-default-path=PATH has no effect on this system.
2162Edit /etc/login.conf instead.])
2163 elif test "x$withval" != "xno" ; then
b2d818e6 2164 user_path="$withval"
cbd7492e 2165 SERVER_PATH_MSG="$withval"
cb807f40 2166 fi
b2d818e6 2167 ],
8d184c09 2168 [ if test "$USES_LOGIN_CONF" = "yes" ; then
2169 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
2170 else
b2d818e6 2171 AC_TRY_RUN(
2172 [
2173/* find out what STDPATH is */
2174#include <stdio.h>
b2d818e6 2175#ifdef HAVE_PATHS_H
2176# include <paths.h>
2177#endif
2178#ifndef _PATH_STDPATH
d9a4e55b 2179# ifdef _PATH_USERPATH /* Irix */
2180# define _PATH_STDPATH _PATH_USERPATH
2181# else
2182# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2183# endif
b2d818e6 2184#endif
2185#include <sys/types.h>
2186#include <sys/stat.h>
2187#include <fcntl.h>
2188#define DATA "conftest.stdpath"
2189
2190main()
2191{
2192 FILE *fd;
2193 int rc;
2194
2195 fd = fopen(DATA,"w");
2196 if(fd == NULL)
2197 exit(1);
2198
2199 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2200 exit(1);
2201
2202 exit(0);
2203}
2204 ], [ user_path=`cat conftest.stdpath` ],
2205 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2206 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2207 )
2208# make sure $bindir is in USER_PATH so scp will work
2209 t_bindir=`eval echo ${bindir}`
2210 case $t_bindir in
2211 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2212 esac
2213 case $t_bindir in
2214 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2215 esac
2216 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2217 if test $? -ne 0 ; then
2218 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2219 if test $? -ne 0 ; then
2220 user_path=$user_path:$t_bindir
2221 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2222 fi
2223 fi
8d184c09 2224 fi ]
cb807f40 2225)
8d184c09 2226if test "$USES_LOGIN_CONF" != "yes" ; then
2227 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2228 AC_SUBST(user_path)
2229fi
cb807f40 2230
06617857 2231# Set superuser path separately to user path
06617857 2232AC_ARG_WITH(superuser-path,
2233 [ --with-superuser-path= Specify different path for super-user],
2234 [
2235 if test "x$withval" != "xno" ; then
2236 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2237 superuser_path=$withval
2238 fi
2239 ]
2240)
2241
2242
58d100bf 2243AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
cbd7492e 2244IPV4_IN6_HACK_MSG="no"
80faa19f 2245AC_ARG_WITH(4in6,
2246 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2247 [
2248 if test "x$withval" != "xno" ; then
2249 AC_MSG_RESULT(yes)
2250 AC_DEFINE(IPV4_IN_IPV6)
cbd7492e 2251 IPV4_IN6_HACK_MSG="yes"
80faa19f 2252 else
2253 AC_MSG_RESULT(no)
2254 fi
2255 ],[
2256 if test "x$inet6_default_4in6" = "xyes"; then
2257 AC_MSG_RESULT([yes (default)])
2258 AC_DEFINE(IPV4_IN_IPV6)
cbd7492e 2259 IPV4_IN6_HACK_MSG="yes"
80faa19f 2260 else
2261 AC_MSG_RESULT([no (default)])
2262 fi
2263 ]
2264)
2265
af774732 2266# Whether to enable BSD auth support
f1b0ecc3 2267BSD_AUTH_MSG=no
af774732 2268AC_ARG_WITH(bsd-auth,
2269 [ --with-bsd-auth Enable BSD auth support],
2270 [
2271 if test "x$withval" != "xno" ; then
2272 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2273 BSD_AUTH_MSG=yes
af774732 2274 fi
2275 ]
2276)
2277
a0391976 2278# Where to place sshd.pid
19d9ac2a 2279piddir=/var/run
81dadca3 2280# make sure the directory exists
2281if test ! -d $piddir ; then
2282 piddir=`eval echo ${sysconfdir}`
2283 case $piddir in
2284 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
2285 esac
2286fi
2287
47e45e44 2288AC_ARG_WITH(pid-dir,
2289 [ --with-pid-dir=PATH Specify location of ssh.pid file],
2290 [
2291 if test "x$withval" != "xno" ; then
19d9ac2a 2292 piddir=$withval
81dadca3 2293 if test ! -d $piddir ; then
2294 AC_MSG_WARN([** no $piddir directory on this system **])
2295 fi
47e45e44 2296 fi
2297 ]
2298)
b7a87eea 2299
42f11eb2 2300AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 2301AC_SUBST(piddir)
47e45e44 2302
1d7b9b20 2303dnl allow user to disable some login recording features
2304AC_ARG_ENABLE(lastlog,
bfd550a2 2305 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 2306 [
2307 if test "x$enableval" = "xno" ; then
2308 AC_DEFINE(DISABLE_LASTLOG)
2309 fi
2310 ]
1d7b9b20 2311)
2312AC_ARG_ENABLE(utmp,
bfd550a2 2313 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 2314 [
2315 if test "x$enableval" = "xno" ; then
2316 AC_DEFINE(DISABLE_UTMP)
2317 fi
2318 ]
1d7b9b20 2319)
2320AC_ARG_ENABLE(utmpx,
bfd550a2 2321 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 2322 [
2323 if test "x$enableval" = "xno" ; then
2324 AC_DEFINE(DISABLE_UTMPX)
2325 fi
2326 ]
1d7b9b20 2327)
2328AC_ARG_ENABLE(wtmp,
bfd550a2 2329 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 2330 [
2331 if test "x$enableval" = "xno" ; then
2332 AC_DEFINE(DISABLE_WTMP)
2333 fi
2334 ]
1d7b9b20 2335)
2336AC_ARG_ENABLE(wtmpx,
bfd550a2 2337 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 2338 [
2339 if test "x$enableval" = "xno" ; then
2340 AC_DEFINE(DISABLE_WTMPX)
2341 fi
2342 ]
1d7b9b20 2343)
2344AC_ARG_ENABLE(libutil,
bfd550a2 2345 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 2346 [
2347 if test "x$enableval" = "xno" ; then
2348 AC_DEFINE(DISABLE_LOGIN)
2349 fi
2350 ]
1d7b9b20 2351)
2352AC_ARG_ENABLE(pututline,
bfd550a2 2353 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 2354 [
2355 if test "x$enableval" = "xno" ; then
2356 AC_DEFINE(DISABLE_PUTUTLINE)
2357 fi
2358 ]
1d7b9b20 2359)
2360AC_ARG_ENABLE(pututxline,
bfd550a2 2361 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 2362 [
2363 if test "x$enableval" = "xno" ; then
2364 AC_DEFINE(DISABLE_PUTUTXLINE)
2365 fi
2366 ]
1d7b9b20 2367)
2368AC_ARG_WITH(lastlog,
bfd550a2 2369 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 2370 [
2371 if test "x$withval" = "xno" ; then
2372 AC_DEFINE(DISABLE_LASTLOG)
2373 else
2374 conf_lastlog_location=$withval
2375 fi
2376 ]
2377)
1d7b9b20 2378
2379dnl lastlog, [uw]tmpx? detection
2380dnl NOTE: set the paths in the platform section to avoid the
2381dnl need for command-line parameters
2382dnl lastlog and [uw]tmp are subject to a file search if all else fails
2383
2384dnl lastlog detection
2385dnl NOTE: the code itself will detect if lastlog is a directory
2386AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2387AC_TRY_COMPILE([
2388#include <sys/types.h>
2389#include <utmp.h>
2390#ifdef HAVE_LASTLOG_H
2391# include <lastlog.h>
2392#endif
d7c0f3d5 2393#ifdef HAVE_PATHS_H
1d7b9b20 2394# include <paths.h>
41cb4569 2395#endif
2396#ifdef HAVE_LOGIN_H
2397# include <login.h>
1d7b9b20 2398#endif
2399 ],
2400 [ char *lastlog = LASTLOG_FILE; ],
2401 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 2402 [
2403 AC_MSG_RESULT(no)
2404 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2405 AC_TRY_COMPILE([
2406#include <sys/types.h>
2407#include <utmp.h>
2408#ifdef HAVE_LASTLOG_H
2409# include <lastlog.h>
2410#endif
2411#ifdef HAVE_PATHS_H
2412# include <paths.h>
2413#endif
2414 ],
2415 [ char *lastlog = _PATH_LASTLOG; ],
2416 [ AC_MSG_RESULT(yes) ],
2417 [
f282b668 2418 AC_MSG_RESULT(no)
d7c0f3d5 2419 system_lastlog_path=no
2420 ])
2421 ]
1d7b9b20 2422)
d7c0f3d5 2423
1d7b9b20 2424if test -z "$conf_lastlog_location"; then
2425 if test x"$system_lastlog_path" = x"no" ; then
2426 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 2427 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 2428 conf_lastlog_location=$f
2429 fi
2430 done
2431 if test -z "$conf_lastlog_location"; then
f8119cef 2432 AC_MSG_WARN([** Cannot find lastlog **])
2433 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 2434 fi
2435 fi
2436fi
2437
2438if test -n "$conf_lastlog_location"; then
2439 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
2440fi
2441
2442dnl utmp detection
2443AC_MSG_CHECKING([if your system defines UTMP_FILE])
2444AC_TRY_COMPILE([
2445#include <sys/types.h>
2446#include <utmp.h>
d7c0f3d5 2447#ifdef HAVE_PATHS_H
1d7b9b20 2448# include <paths.h>
2449#endif
2450 ],
2451 [ char *utmp = UTMP_FILE; ],
2452 [ AC_MSG_RESULT(yes) ],
2453 [ AC_MSG_RESULT(no)
2454 system_utmp_path=no ]
2455)
2456if test -z "$conf_utmp_location"; then
2457 if test x"$system_utmp_path" = x"no" ; then
2458 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
2459 if test -f $f ; then
2460 conf_utmp_location=$f
2461 fi
2462 done
2463 if test -z "$conf_utmp_location"; then
2464 AC_DEFINE(DISABLE_UTMP)
2465 fi
2466 fi
2467fi
2468if test -n "$conf_utmp_location"; then
2469 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
2470fi
2471
2472dnl wtmp detection
2473AC_MSG_CHECKING([if your system defines WTMP_FILE])
2474AC_TRY_COMPILE([
2475#include <sys/types.h>
2476#include <utmp.h>
d7c0f3d5 2477#ifdef HAVE_PATHS_H
1d7b9b20 2478# include <paths.h>
2479#endif
2480 ],
2481 [ char *wtmp = WTMP_FILE; ],
2482 [ AC_MSG_RESULT(yes) ],
2483 [ AC_MSG_RESULT(no)
2484 system_wtmp_path=no ]
2485)
2486if test -z "$conf_wtmp_location"; then
2487 if test x"$system_wtmp_path" = x"no" ; then
2488 for f in /usr/adm/wtmp /var/log/wtmp; do
2489 if test -f $f ; then
2490 conf_wtmp_location=$f
2491 fi
2492 done
2493 if test -z "$conf_wtmp_location"; then
2494 AC_DEFINE(DISABLE_WTMP)
2495 fi
2496 fi
2497fi
2498if test -n "$conf_wtmp_location"; then
2499 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
2500fi
2501
2502
2503dnl utmpx detection - I don't know any system so perverse as to require
2504dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
2505dnl there, though.
2506AC_MSG_CHECKING([if your system defines UTMPX_FILE])
2507AC_TRY_COMPILE([
2508#include <sys/types.h>
2509#include <utmp.h>
2510#ifdef HAVE_UTMPX_H
2511#include <utmpx.h>
2512#endif
d7c0f3d5 2513#ifdef HAVE_PATHS_H
1d7b9b20 2514# include <paths.h>
2515#endif
2516 ],
2517 [ char *utmpx = UTMPX_FILE; ],
2518 [ AC_MSG_RESULT(yes) ],
2519 [ AC_MSG_RESULT(no)
2520 system_utmpx_path=no ]
2521)
2522if test -z "$conf_utmpx_location"; then
2523 if test x"$system_utmpx_path" = x"no" ; then
2524 AC_DEFINE(DISABLE_UTMPX)
2525 fi
2526else
2527 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
2528fi
2529
2530dnl wtmpx detection
2531AC_MSG_CHECKING([if your system defines WTMPX_FILE])
2532AC_TRY_COMPILE([
2533#include <sys/types.h>
2534#include <utmp.h>
2535#ifdef HAVE_UTMPX_H
2536#include <utmpx.h>
2537#endif
d7c0f3d5 2538#ifdef HAVE_PATHS_H
1d7b9b20 2539# include <paths.h>
2540#endif
2541 ],
2542 [ char *wtmpx = WTMPX_FILE; ],
2543 [ AC_MSG_RESULT(yes) ],
2544 [ AC_MSG_RESULT(no)
2545 system_wtmpx_path=no ]
2546)
2547if test -z "$conf_wtmpx_location"; then
2548 if test x"$system_wtmpx_path" = x"no" ; then
2549 AC_DEFINE(DISABLE_WTMPX)
2550 fi
2551else
2552 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
2553fi
2554
b7a87eea 2555
bd499f9e 2556if test ! -z "$blibpath" ; then
68ece370 2557 LDFLAGS="$LDFLAGS $blibflags$blibpath"
2558 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 2559fi
2560
ddceb1c8 2561dnl remove pam and dl because they are in $LIBPAM
2562if test "$PAM_MSG" = yes ; then
98f2d9d5 2563 LIBS=`echo $LIBS | sed 's/-lpam //'`
2564fi
2565if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
2566 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 2567fi
2568
3c62e7eb 2569AC_EXEEXT
98a7c37b 2570AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds])
2571AC_OUTPUT
d3083fbd 2572
cbd7492e 2573# Print summary of options
2574
cbd7492e 2575# Someone please show me a better way :)
2576A=`eval echo ${prefix}` ; A=`eval echo ${A}`
2577B=`eval echo ${bindir}` ; B=`eval echo ${B}`
2578C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
2579D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 2580E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 2581F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 2582G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 2583H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
2584I=`eval echo ${user_path}` ; I=`eval echo ${I}`
2585J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 2586
2587echo ""
26de7942 2588echo "OpenSSH has been configured with the following options:"
ecac8ee5 2589echo " User binaries: $B"
2590echo " System binaries: $C"
2591echo " Configuration files: $D"
2592echo " Askpass program: $E"
2593echo " Manual pages: $F"
2594echo " PID file: $G"
2595echo " Privilege separation chroot path: $H"
8d184c09 2596if test "$USES_LOGIN_CONF" = "yes" ; then
ecac8ee5 2597echo " At runtime, sshd will use the path defined in /etc/login.conf"
8d184c09 2598else
ecac8ee5 2599echo " sshd default user PATH: $I"
8d184c09 2600fi
06617857 2601if test ! -z "$superuser_path" ; then
ecac8ee5 2602echo " sshd superuser user PATH: $J"
2603fi
2604echo " Manpage format: $MANTYPE"
3deeea1a 2605echo " DNS support: $DNS_MSG"
3e05e934 2606echo " PAM support: $PAM_MSG"
ecac8ee5 2607echo " KerberosV support: $KRB5_MSG"
2608echo " Smartcard support: $SCARD_MSG"
ecac8ee5 2609echo " S/KEY support: $SKEY_MSG"
2610echo " TCP Wrappers support: $TCPW_MSG"
2611echo " MD5 password support: $MD5_MSG"
3deb1408 2612echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 2613echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
2614echo " BSD Auth support: $BSD_AUTH_MSG"
2615echo " Random number source: $RAND_MSG"
f1b0ecc3 2616if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 2617echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 2618fi
2619
cbd7492e 2620echo ""
2621
0c2fb82f 2622echo " Host: ${host}"
2623echo " Compiler: ${CC}"
2624echo " Compiler flags: ${CFLAGS}"
2625echo "Preprocessor flags: ${CPPFLAGS}"
2626echo " Linker flags: ${LDFLAGS}"
ddceb1c8 2627echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 2628
2629echo ""
2630
adeebd37 2631if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 2632 echo "PAM is enabled. You may need to install a PAM control file "
2633 echo "for sshd, otherwise password authentication may fail. "
2634 echo "Example PAM control files can be found in the contrib/ "
2635 echo "subdirectory"
adeebd37 2636 echo ""
2637fi
2638
f1b0ecc3 2639if test ! -z "$RAND_HELPER_CMDHASH" ; then
2640 echo "WARNING: you are using the builtin random number collection "
2641 echo "service. Please read WARNING.RNG and request that your OS "
2642 echo "vendor includes kernel-based random number collection in "
2643 echo "future versions of your OS."
2c523de9 2644 echo ""
2645fi
af774732 2646
git-cvsimport mirror of OpenSSH
This page took 0.962034 seconds and 5 git commands to generate.