]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [configure.ac openbsd-compat/openbsd-compat.h] Check for
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
5b84789f 130# Messages for features tested for in target-specific section
131SIA_MSG="no"
132SPC_MSG="no"
133
a0391976 134# Check for some target-specific stuff
a7effaac 135case "$host" in
9d6b1b96 136*-*-aix*)
aff51935 137 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 138 if (test -z "$blibpath"); then
0a15d73b 139 blibpath="/usr/lib:/lib"
68ece370 140 fi
141 saved_LDFLAGS="$LDFLAGS"
e7479666 142 if test "$GCC" = "yes"; then
143 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
144 else
145 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
146 fi
147 for tryflags in $flags ;do
68ece370 148 if (test -z "$blibflags"); then
149 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
150 AC_TRY_LINK([], [], [blibflags=$tryflags])
151 fi
152 done
153 if (test -z "$blibflags"); then
154 AC_MSG_RESULT(not found)
155 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
156 else
157 AC_MSG_RESULT($blibflags)
bd499f9e 158 fi
68ece370 159 LDFLAGS="$saved_LDFLAGS"
e351e493 160 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 161 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
162 [Define if you want to enable AIX4's authenticate function])],
0764e748 163 [AC_CHECK_LIB(s,authenticate,
e351e493 164 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 165 LIBS="$LIBS -ls"
166 ])
167 ])
ba603e06 168 dnl Check for various auth function declarations in headers.
c85ed8e2 169 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 170 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 171 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 172 AC_CHECK_DECLS(loginfailed,
e351e493 173 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
174 AC_TRY_COMPILE(
f58c0e01 175 [#include <usersec.h>],
e351e493 176 [(void)loginfailed("user","host","tty",0);],
177 [AC_MSG_RESULT(yes)
3466e002 178 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
179 [Define if your AIX loginfailed() function
180 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 181 [AC_MSG_RESULT(no)]
e351e493 182 )],
183 [],
184 [#include <usersec.h>]
185 )
2aa3a16c 186 AC_CHECK_FUNCS(setauthdb)
53c337ed 187 AC_CHECK_DECL(F_CLOSEM,
795e7517 188 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 189 [],
190 [ #include <limits.h>
191 #include <fcntl.h> ]
192 )
5ccf88cb 193 check_for_aix_broken_getaddrinfo=1
3466e002 194 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
195 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
196 [Define if your platform breaks doing a seteuid before a setuid])
197 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
198 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 199 dnl AIX handles lastlog as part of its login message
3466e002 200 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
201 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
202 [Some systems need a utmpx entry for /bin/login to work])
203 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
204 [Define to a Set Process Title type if your system is
205 supported by bsd-setproctitle.c])
961c2997 206 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
207 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 208 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 209 ;;
3c62e7eb 210*-*-cygwin*)
a52997bd 211 check_for_libcrypt_later=1
ffb8d130 212 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 213 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
214 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
215 AC_DEFINE(DISABLE_SHADOW, 1,
216 [Define if you want to disable shadow passwords])
217 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
218 [Define if your system choked on IP TOS setting])
219 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
220 [Define if X11 doesn't support AF_UNIX sockets on that system])
221 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
222 [Define if the concept of ports only accessible to
223 superusers isn't known])
224 AC_DEFINE(DISABLE_FD_PASSING, 1,
225 [Define if your platform needs to skip post auth
226 file descriptor passing])
3c62e7eb 227 ;;
d6fdb079 228*-*-dgux*)
229 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 230 AC_DEFINE(SETEUID_BREAKS_SETUID)
231 AC_DEFINE(BROKEN_SETREUID)
232 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 233 ;;
39c98ef7 234*-*-darwin*)
33e2e066 235 AC_MSG_CHECKING(if we have working getaddrinfo)
236 AC_TRY_RUN([#include <mach-o/dyld.h>
237main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
238 exit(0);
239 else
240 exit(1);
241}], [AC_MSG_RESULT(working)],
242 [AC_MSG_RESULT(buggy)
3466e002 243 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 244 [AC_MSG_RESULT(assume it is working)])
635e0c42 245 AC_DEFINE(SETEUID_BREAKS_SETUID)
246 AC_DEFINE(BROKEN_SETREUID)
247 AC_DEFINE(BROKEN_SETREGID)
3466e002 248 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
249 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 250 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
251 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
252 [Use tunnel device compatibility to OpenBSD])
253 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
254 [Prepend the address family to IP tunnel traffic])
39c98ef7 255 ;;
7d458c86 256*-*-hpux*)
257 # first we define all of the options common to all HP-UX releases
b8fea62d 258 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 259 IPADDR_IN_DISPLAY=yes
2b10f47a 260 AC_DEFINE(USE_PIPES)
3466e002 261 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
262 [Define if your login program cannot handle end of options ("--")])
a2572aa7 263 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 264 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
265 [String used in /etc/passwd to denote locked account])
3a2b2b44 266 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 267 MAIL="/var/mail/username"
f75ca46d 268 LIBS="$LIBS -lsec"
7d458c86 269 AC_CHECK_LIB(xnet, t_error, ,
270 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
271
272 # next, we define all of the options specific to major releases
273 case "$host" in
274 *-*-hpux10*)
275 if test -z "$GCC"; then
276 CFLAGS="$CFLAGS -Ae"
277 fi
278 ;;
279 *-*-hpux11*)
3466e002 280 AC_DEFINE(PAM_SUN_CODEBASE, 1,
281 [Define if you are using Solaris-derived PAM which
282 passes pam_messages to the conversation function
283 with an extra level of indirection])
284 AC_DEFINE(DISABLE_UTMP, 1,
285 [Define if you don't want to use utmp])
7d458c86 286 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
287 check_for_hpux_broken_getaddrinfo=1
288 check_for_conflicting_getspnam=1
289 ;;
290 esac
291
292 # lastly, we define options specific to minor releases
293 case "$host" in
294 *-*-hpux10.26)
3466e002 295 AC_DEFINE(HAVE_SECUREWARE, 1,
296 [Define if you have SecureWare-based
297 protected password database])
7d458c86 298 disable_ptmx_check=yes
299 LIBS="$LIBS -lsecpw"
300 ;;
301 esac
2b763e31 302 ;;
d94aa2ae 303*-*-irix5*)
6ac7829a 304 PATH="$PATH:/usr/etc"
3466e002 305 AC_DEFINE(BROKEN_INET_NTOA, 1,
306 [Define if you system's inet_ntoa is busted
307 (e.g. Irix gcc issue)])
cb433561 308 AC_DEFINE(SETEUID_BREAKS_SETUID)
309 AC_DEFINE(BROKEN_SETREUID)
310 AC_DEFINE(BROKEN_SETREGID)
3466e002 311 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
312 [Define if you shouldn't strip 'tty' from your
313 ttyname in [uw]tmp])
3e6e3da0 314 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 315 ;;
316*-*-irix6*)
6ac7829a 317 PATH="$PATH:/usr/etc"
3466e002 318 AC_DEFINE(WITH_IRIX_ARRAY, 1,
319 [Define if you have/want arrays
320 (cluster-wide session managment, not C arrays)])
321 AC_DEFINE(WITH_IRIX_PROJECT, 1,
322 [Define if you want IRIX project management])
323 AC_DEFINE(WITH_IRIX_AUDIT, 1,
324 [Define if you want IRIX audit trails])
325 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
326 [Define if you want IRIX kernel jobs])])
416ed5a7 327 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 328 AC_DEFINE(SETEUID_BREAKS_SETUID)
329 AC_DEFINE(BROKEN_SETREUID)
330 AC_DEFINE(BROKEN_SETREGID)
3466e002 331 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 332 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 333 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 334 ;;
5cdfe03f 335*-*-linux*)
336 no_dev_ptmx=1
717057b6 337 check_for_libcrypt_later=1
eacb954e 338 check_for_openpty_ctty_bug=1
3466e002 339 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
340 AC_DEFINE(PAM_TTY_KLUDGE, 1,
341 [Work around problematic Linux PAM modules handling of PAM_TTY])
342 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
343 [String used in /etc/passwd to denote locked account])
3a2b2b44 344 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 345 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
346 [Define to whatever link() returns for "not supported"
347 if it doesn't return EOPNOTSUPP.])
b6610e8f 348 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 349 AC_DEFINE(USE_BTMP)
80faa19f 350 inet6_default_4in6=yes
bf7c1e6c 351 case `uname -r` in
ad84c479 352 1.*|2.0.*)
3466e002 353 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
354 [Define if cmsg_type is not passed correctly])
bf7c1e6c 355 ;;
bf7c1e6c 356 esac
c40f09ca 357 # tun(4) forwarding compat code
d91775e1 358 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 359 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 360 AC_DEFINE(SSH_TUN_LINUX, 1,
361 [Open tunnel devices the Linux tun/tap way])
362 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
363 [Use tunnel device compatibility to OpenBSD])
364 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
365 [Prepend the address family to IP tunnel traffic])
366 fi
5cdfe03f 367 ;;
66d6c27e 368mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 369 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 370 SONY=1
66d6c27e 371 ;;
d468fc76 372*-*-netbsd*)
33e2e066 373 check_for_libcrypt_before=1
82f4e93d 374 if test "x$withval" != "xno" ; then
e6354014 375 need_dash_r=1
376 fi
0f6cb079 377 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
378 AC_CHECK_HEADER([net/if_tap.h], ,
379 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
380 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
381 [Prepend the address family to IP tunnel traffic])
d468fc76 382 ;;
86b416a7 383*-*-freebsd*)
384 check_for_libcrypt_later=1
988c5031 385 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 386 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
387 AC_CHECK_HEADER([net/if_tap.h], ,
388 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 389 ;;
8707b7eb 390*-*-bsdi*)
391 AC_DEFINE(SETEUID_BREAKS_SETUID)
392 AC_DEFINE(BROKEN_SETREUID)
393 AC_DEFINE(BROKEN_SETREGID)
394 ;;
729bfe59 395*-next-*)
729bfe59 396 conf_lastlog_location="/usr/adm/lastlog"
698d107e 397 conf_utmp_location=/etc/utmp
398 conf_wtmp_location=/usr/adm/wtmp
399 MAIL=/usr/spool/mail
3466e002 400 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 401 AC_DEFINE(BROKEN_REALPATH)
00937921 402 AC_DEFINE(USE_PIPES)
3466e002 403 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 404 ;;
5b7b5e23 405*-*-openbsd*)
406 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 407 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 408 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 409 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
410 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 411 ;;
9d6b1b96 412*-*-solaris*)
82f4e93d 413 if test "x$withval" != "xno" ; then
010e9d5b 414 need_dash_r=1
415 fi
adeebd37 416 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 417 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 418 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
419 [Some versions of /bin/login need the TERM supplied
420 on the commandline])
7f0a4ff1 421 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 422 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
423 [Define if pam_chauthtok wants real uid set
424 to the unpriv'ed user])
3e6e3da0 425 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 426 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 427 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
428 [Define if sshd somehow reacquires a controlling TTY
429 after setsid()])
795aa5f5 430 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
431 in case the name is longer than 8 chars])
95b99395 432 external_path_file=/etc/default/login
1d7b9b20 433 # hardwire lastlog location (can't detect it on some versions)
434 conf_lastlog_location="/var/adm/lastlog"
32c80420 435 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
436 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
437 if test "$sol2ver" -ge 8; then
438 AC_MSG_RESULT(yes)
439 AC_DEFINE(DISABLE_UTMP)
3466e002 440 AC_DEFINE(DISABLE_WTMP, 1,
441 [Define if you don't want to use wtmp])
32c80420 442 else
443 AC_MSG_RESULT(no)
444 fi
5b84789f 445 AC_ARG_WITH(solaris-contracts,
446 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
447 [
448 AC_CHECK_LIB(contract, ct_tmpl_activate,
449 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
450 [Define if you have Solaris process contracts])
451 SSHDLIBS="$SSHDLIBS -lcontract"
452 AC_SUBST(SSHDLIBS)
453 SPC_MSG="yes" ], )
454 ],
455 )
9d6b1b96 456 ;;
a423beaf 457*-*-sunos4*)
0c2fb82f 458 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 459 AC_CHECK_FUNCS(getpwanam)
adeebd37 460 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 461 conf_utmp_location=/etc/utmp
462 conf_wtmp_location=/var/adm/wtmp
463 conf_lastlog_location=/var/adm/lastlog
137d7b6c 464 AC_DEFINE(USE_PIPES)
a423beaf 465 ;;
6f68f28a 466*-ncr-sysv*)
98a7c37b 467 LIBS="$LIBS -lc89"
29525240 468 AC_DEFINE(USE_PIPES)
eabb99c6 469 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 470 AC_DEFINE(SETEUID_BREAKS_SETUID)
471 AC_DEFINE(BROKEN_SETREUID)
472 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 473 ;;
132dd316 474*-sni-sysv*)
c8c15bcb 475 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 476 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 477 # -lresolv needs to be at the end of LIBS or DNS lookups break
478 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 479 IPADDR_IN_DISPLAY=yes
480 AC_DEFINE(USE_PIPES)
132dd316 481 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 482 AC_DEFINE(SETEUID_BREAKS_SETUID)
483 AC_DEFINE(BROKEN_SETREUID)
484 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 485 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 486 external_path_file=/etc/default/login
c8c15bcb 487 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
488 # Attention: always take care to bind libsocket and libnsl before libc,
489 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 490 ;;
79a7ba96 491# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 492*-*-sysv4.2*)
9a406e1e 493 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
ed6553e2 494 AC_DEFINE(USE_PIPES)
7ed101c0 495 AC_DEFINE(SETEUID_BREAKS_SETUID)
496 AC_DEFINE(BROKEN_SETREUID)
497 AC_DEFINE(BROKEN_SETREGID)
46f853b9 498 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 499 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 500 ;;
79a7ba96 501# UnixWare 7.x, OpenUNIX 8
77bb0bca 502*-*-sysv5*)
d7d2cc6e 503 check_for_libcrypt_later=1
504 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 505 AC_DEFINE(USE_PIPES)
7ed101c0 506 AC_DEFINE(SETEUID_BREAKS_SETUID)
507 AC_DEFINE(BROKEN_SETREUID)
508 AC_DEFINE(BROKEN_SETREGID)
3466e002 509 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 510 case "$host" in
511 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
512 TEST_SHELL=/u95/bin/sh
3466e002 513 AC_DEFINE(BROKEN_LIBIAF, 1,
514 [ia_uinfo routines not supported by OS yet])
822015dd 515 ;;
e45da4d6 516 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
517 ;;
822015dd 518 esac
77bb0bca 519 ;;
9d6b1b96 520*-*-sysv*)
9d6b1b96 521 ;;
79a7ba96 522# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 523*-*-sco3.2v4*)
11cf4f1f 524 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 525 ;;
79a7ba96 526# SCO OpenServer 5.x
77bb0bca 527*-*-sco3.2v5*)
21710e39 528 if test -z "$GCC"; then
529 CFLAGS="$CFLAGS -belf"
530 fi
ed6553e2 531 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 532 no_dev_ptmx=1
ed6553e2 533 AC_DEFINE(USE_PIPES)
6e879cb4 534 AC_DEFINE(HAVE_SECUREWARE)
d287c664 535 AC_DEFINE(DISABLE_SHADOW)
94d8258b 536 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 537 AC_DEFINE(SETEUID_BREAKS_SETUID)
538 AC_DEFINE(BROKEN_SETREUID)
539 AC_DEFINE(BROKEN_SETREGID)
bcebad47 540 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 541 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 542 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 543 AC_CHECK_FUNCS(getluid setluid)
533875af 544 MANTYPE=man
a3245b92 545 TEST_SHELL=ksh
509b1f88 546 ;;
ccbb983c 547*-*-unicosmk*)
3466e002 548 AC_DEFINE(NO_SSH_LASTLOG, 1,
549 [Define if you don't want to use lastlog in session.c])
c1ad5966 550 AC_DEFINE(SETEUID_BREAKS_SETUID)
551 AC_DEFINE(BROKEN_SETREUID)
552 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 553 AC_DEFINE(USE_PIPES)
554 AC_DEFINE(DISABLE_FD_PASSING)
555 LDFLAGS="$LDFLAGS"
556 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
557 MANTYPE=cat
d262b7f2 558 ;;
7b9a8c6e 559*-*-unicosmp*)
c1ad5966 560 AC_DEFINE(SETEUID_BREAKS_SETUID)
561 AC_DEFINE(BROKEN_SETREUID)
562 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 563 AC_DEFINE(WITH_ABBREV_NO_TTY)
564 AC_DEFINE(USE_PIPES)
565 AC_DEFINE(DISABLE_FD_PASSING)
566 LDFLAGS="$LDFLAGS"
c1ad5966 567 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 568 MANTYPE=cat
569 ;;
ca5c7d6a 570*-*-unicos*)
c1ad5966 571 AC_DEFINE(SETEUID_BREAKS_SETUID)
572 AC_DEFINE(BROKEN_SETREUID)
573 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 574 AC_DEFINE(USE_PIPES)
94d8258b 575 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 576 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 577 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
578 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
579 MANTYPE=cat
a704dd54 580 ;;
4d33e531 581*-dec-osf*)
99c8ddac 582 AC_MSG_CHECKING(for Digital Unix SIA)
583 no_osfsia=""
584 AC_ARG_WITH(osfsia,
585 [ --with-osfsia Enable Digital Unix SIA],
586 [
587 if test "x$withval" = "xno" ; then
588 AC_MSG_RESULT(disabled)
589 no_osfsia=1
590 fi
591 ],
592 )
593 if test -z "$no_osfsia" ; then
4d33e531 594 if test -f /etc/sia/matrix.conf; then
595 AC_MSG_RESULT(yes)
3466e002 596 AC_DEFINE(HAVE_OSF_SIA, 1,
597 [Define if you have Digital Unix Security
598 Integration Architecture])
599 AC_DEFINE(DISABLE_LOGIN, 1,
600 [Define if you don't want to use your
601 system's login() call])
58d0df4e 602 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 603 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 604 SIA_MSG="yes"
4d33e531 605 else
606 AC_MSG_RESULT(no)
3466e002 607 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
608 [String used in /etc/passwd to denote locked account])
4d33e531 609 fi
610 fi
a6e67b60 611 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 612 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 613 AC_DEFINE(BROKEN_SETREUID)
614 AC_DEFINE(BROKEN_SETREGID)
4d33e531 615 ;;
41cb4569 616
9c54c067 617*-*-nto-qnx*)
41cb4569 618 AC_DEFINE(USE_PIPES)
619 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 620 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
621 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
622 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 623 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 624 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 625 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 626 ;;
35fc74ed 627
628*-*-ultrix*)
3466e002 629 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
630 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 631 AC_DEFINE(NEED_SETPGRP)
b5765e1d 632 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
633 ;;
157b6700 634
635*-*-lynxos)
636 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 637 AC_DEFINE(MISSING_HOWMANY)
157b6700 638 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
639 ;;
a7effaac 640esac
641
8e7b16f8 642# Allow user to specify flags
643AC_ARG_WITH(cflags,
644 [ --with-cflags Specify additional flags to pass to compiler],
645 [
6cf0200f 646 if test -n "$withval" && test "x$withval" != "xno" && \
647 test "x${withval}" != "xyes"; then
8e7b16f8 648 CFLAGS="$CFLAGS $withval"
649 fi
82f4e93d 650 ]
8e7b16f8 651)
0c2fb82f 652AC_ARG_WITH(cppflags,
653 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
654 [
6cf0200f 655 if test -n "$withval" && test "x$withval" != "xno" && \
656 test "x${withval}" != "xyes"; then
0c2fb82f 657 CPPFLAGS="$CPPFLAGS $withval"
658 fi
659 ]
660)
8e7b16f8 661AC_ARG_WITH(ldflags,
97b378bf 662 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 663 [
6cf0200f 664 if test -n "$withval" && test "x$withval" != "xno" && \
665 test "x${withval}" != "xyes"; then
8e7b16f8 666 LDFLAGS="$LDFLAGS $withval"
667 fi
82f4e93d 668 ]
8e7b16f8 669)
670AC_ARG_WITH(libs,
671 [ --with-libs Specify additional libraries to link with],
672 [
6cf0200f 673 if test -n "$withval" && test "x$withval" != "xno" && \
674 test "x${withval}" != "xyes"; then
8e7b16f8 675 LIBS="$LIBS $withval"
676 fi
82f4e93d 677 ]
8e7b16f8 678)
ed89c848 679AC_ARG_WITH(Werror,
680 [ --with-Werror Build main code with -Werror],
681 [
682 if test -n "$withval" && test "x$withval" != "xno"; then
683 werror_flags="-Werror"
1012885d 684 if test "x${withval}" != "xyes"; then
ed89c848 685 werror_flags="$withval"
686 fi
687 fi
688 ]
689)
8e7b16f8 690
c5829391 691AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 692AC_RUN_IFELSE(
693 [AC_LANG_SOURCE([
c5829391 694#include <stdio.h>
695int main(){exit(0);}
479cece8 696 ])],
c5829391 697 [ AC_MSG_RESULT(yes) ],
698 [
699 AC_MSG_RESULT(no)
700 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 701 ],
702 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 703)
704
b04a9f8c 705dnl Checks for header files.
706AC_CHECK_HEADERS( \
707 bstring.h \
708 crypt.h \
2f360c89 709 crypto/sha2.h \
b04a9f8c 710 dirent.h \
711 endian.h \
712 features.h \
37259a8e 713 fcntl.h \
b04a9f8c 714 floatingpoint.h \
715 getopt.h \
716 glob.h \
717 ia.h \
4c653d8e 718 iaf.h \
b04a9f8c 719 limits.h \
720 login.h \
b04a9f8c 721 maillock.h \
722 ndir.h \
e02505e2 723 net/if_tun.h \
b04a9f8c 724 netdb.h \
725 netgroup.h \
b04a9f8c 726 pam/pam_appl.h \
727 paths.h \
728 pty.h \
729 readpassphrase.h \
730 rpc/types.h \
731 security/pam_appl.h \
f73e2ad7 732 sha2.h \
b04a9f8c 733 shadow.h \
734 stddef.h \
735 stdint.h \
0957c2cf 736 string.h \
b04a9f8c 737 strings.h \
738 sys/audit.h \
739 sys/bitypes.h \
740 sys/bsdtty.h \
741 sys/cdefs.h \
742 sys/dir.h \
743 sys/mman.h \
744 sys/ndir.h \
745 sys/prctl.h \
746 sys/pstat.h \
747 sys/select.h \
748 sys/stat.h \
749 sys/stream.h \
750 sys/stropts.h \
751 sys/strtio.h \
752 sys/sysmacros.h \
753 sys/time.h \
754 sys/timers.h \
755 sys/un.h \
756 time.h \
757 tmpdir.h \
758 ttyent.h \
25dd2ce6 759 unistd.h \
b04a9f8c 760 usersec.h \
761 util.h \
762 utime.h \
763 utmp.h \
764 utmpx.h \
ea76f54c 765 vis.h \
b04a9f8c 766)
ddceb1c8 767
823221b2 768# lastlog.h requires sys/time.h to be included first on Solaris
769AC_CHECK_HEADERS(lastlog.h, [], [], [
770#ifdef HAVE_SYS_TIME_H
771# include <sys/time.h>
772#endif
773])
774
765a24cd 775# sys/ptms.h requires sys/stream.h to be included first on Solaris
776AC_CHECK_HEADERS(sys/ptms.h, [], [], [
777#ifdef HAVE_SYS_STREAM_H
778# include <sys/stream.h>
779#endif
780])
781
3919d576 782# login_cap.h requires sys/types.h on NetBSD
783AC_CHECK_HEADERS(login_cap.h, [], [], [
784#include <sys/types.h>
785])
786
a0391976 787# Checks for libraries.
98a7c37b 788AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
789AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 790
446227d6 791dnl IRIX and Solaris 2.5.1 have dirname() in libgen
792AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
793 AC_CHECK_LIB(gen, dirname,[
794 AC_CACHE_CHECK([for broken dirname],
795 ac_cv_have_broken_dirname, [
796 save_LIBS="$LIBS"
797 LIBS="$LIBS -lgen"
b0e7249f 798 AC_RUN_IFELSE(
799 [AC_LANG_SOURCE([[
446227d6 800#include <libgen.h>
801#include <string.h>
802
803int main(int argc, char **argv) {
804 char *s, buf[32];
805
806 strncpy(buf,"/etc", 32);
807 s = dirname(buf);
808 if (!s || strncmp(s, "/", 32) != 0) {
809 exit(1);
810 } else {
811 exit(0);
812 }
813}
b0e7249f 814 ]])],
815 [ ac_cv_have_broken_dirname="no" ],
816 [ ac_cv_have_broken_dirname="yes" ],
446227d6 817 [ ac_cv_have_broken_dirname="no" ],
446227d6 818 )
819 LIBS="$save_LIBS"
820 ])
821 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
822 LIBS="$LIBS -lgen"
823 AC_DEFINE(HAVE_DIRNAME)
824 AC_CHECK_HEADERS(libgen.h)
825 fi
826 ])
827])
828
829AC_CHECK_FUNC(getspnam, ,
830 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 831AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
832 [Define if you have the basename function.]))
446227d6 833
98a7c37b 834dnl zlib is required
835AC_ARG_WITH(zlib,
836 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 837 [ if test "x$withval" = "xno" ; then
838 AC_MSG_ERROR([*** zlib is required ***])
839 elif test "x$withval" != "xyes"; then
98a7c37b 840 if test -d "$withval/lib"; then
841 if test -n "${need_dash_r}"; then
5a162955 842 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 843 else
5a162955 844 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 845 fi
846 else
847 if test -n "${need_dash_r}"; then
5a162955 848 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 849 else
5a162955 850 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 851 fi
852 fi
853 if test -d "$withval/include"; then
5a162955 854 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 855 else
5a162955 856 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 857 fi
6dd05556 858 fi ]
98a7c37b 859)
860
0a15d73b 861AC_CHECK_LIB(z, deflate, ,
862 [
863 saved_CPPFLAGS="$CPPFLAGS"
864 saved_LDFLAGS="$LDFLAGS"
865 save_LIBS="$LIBS"
866 dnl Check default zlib install dir
867 if test -n "${need_dash_r}"; then
868 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
869 else
870 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
871 fi
872 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
873 LIBS="$LIBS -lz"
874 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
875 [
876 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
877 ]
878 )
879 ]
880)
4ad65809 881AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 882
883AC_ARG_WITH(zlib-version-check,
884 [ --without-zlib-version-check Disable zlib version check],
885 [ if test "x$withval" = "xno" ; then
886 zlib_check_nonfatal=1
887 fi
888 ]
889)
890
5c7fc85d 891AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 892AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 893#include <stdio.h>
4ad65809 894#include <zlib.h>
895int main()
896{
5c7fc85d 897 int a=0, b=0, c=0, d=0, n, v;
898 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
899 if (n != 3 && n != 4)
4ad65809 900 exit(1);
5c7fc85d 901 v = a*1000000 + b*10000 + c*100 + d;
902 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
903
904 /* 1.1.4 is OK */
905 if (a == 1 && b == 1 && c >= 4)
4ad65809 906 exit(0);
5c7fc85d 907
0072b59d 908 /* 1.2.3 and up are OK */
909 if (v >= 1020300)
5c7fc85d 910 exit(0);
911
4ad65809 912 exit(2);
913}
479cece8 914 ]])],
5c7fc85d 915 AC_MSG_RESULT(no),
916 [ AC_MSG_RESULT(yes)
8068d564 917 if test -z "$zlib_check_nonfatal" ; then
918 AC_MSG_ERROR([*** zlib too old - check config.log ***
919Your reported zlib version has known security problems. It's possible your
920vendor has fixed these problems without changing the version number. If you
921are sure this is the case, you can disable the check by running
922"./configure --without-zlib-version-check".
6090bcfe 923If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 924See http://www.gzip.org/zlib/ for details.])
8068d564 925 else
926 AC_MSG_WARN([zlib version may have security problems])
927 fi
1a01a50c 928 ],
929 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 930)
48e7916f 931
2c523de9 932dnl UnixWare 2.x
aff51935 933AC_CHECK_FUNC(strcasecmp,
2c523de9 934 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
935)
23361281 936AC_CHECK_FUNCS(utimes,
cda1ebcb 937 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
938 LIBS="$LIBS -lc89"]) ]
2c523de9 939)
4cca272e 940
7c6d759d 941dnl Checks for libutil functions
942AC_CHECK_HEADERS(libutil.h)
3466e002 943AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
944 [Define if your libraries define login()])])
7c6d759d 945AC_CHECK_FUNCS(logout updwtmp logwtmp)
946
a738c3b0 947AC_FUNC_STRFTIME
948
84ceda19 949# Check for ALTDIRFUNC glob() extension
950AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
951AC_EGREP_CPP(FOUNDIT,
952 [
953 #include <glob.h>
954 #ifdef GLOB_ALTDIRFUNC
955 FOUNDIT
956 #endif
aff51935 957 ],
84ceda19 958 [
3466e002 959 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
960 [Define if your system glob() function has
961 the GLOB_ALTDIRFUNC extension])
84ceda19 962 AC_MSG_RESULT(yes)
963 ],
964 [
965 AC_MSG_RESULT(no)
966 ]
967)
4cca272e 968
40849fdb 969# Check for g.gl_matchc glob() extension
970AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 971AC_TRY_COMPILE(
13ff27b7 972 [ #include <glob.h> ],
973 [glob_t g; g.gl_matchc = 1;],
aff51935 974 [
3466e002 975 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
976 [Define if your system glob() function has
977 gl_matchc options in glob_t])
aff51935 978 AC_MSG_RESULT(yes)
979 ],
980 [
981 AC_MSG_RESULT(no)
982 ]
40849fdb 983)
984
78888bab 985AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
986
edbe6722 987AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 988AC_RUN_IFELSE(
479cece8 989 [AC_LANG_SOURCE([[
edbe6722 990#include <sys/types.h>
991#include <dirent.h>
aec4cb4f 992int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 993 ]])],
aff51935 994 [AC_MSG_RESULT(yes)],
edbe6722 995 [
996 AC_MSG_RESULT(no)
3466e002 997 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 998 [Define if your struct dirent expects you to
3466e002 999 allocate extra space for d_name])
1a01a50c 1000 ],
82f4e93d 1001 [
1a01a50c 1002 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1003 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1004 ]
1005)
1006
419e26e7 1007AC_MSG_CHECKING([for /proc/pid/fd directory])
1008if test -d "/proc/$$/fd" ; then
3466e002 1009 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1010 AC_MSG_RESULT(yes)
1011else
1012 AC_MSG_RESULT(no)
1013fi
1014
278588d8 1015# Check whether user wants S/Key support
aff51935 1016SKEY_MSG="no"
278588d8 1017AC_ARG_WITH(skey,
6ff3d0dc 1018 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1019 [
1020 if test "x$withval" != "xno" ; then
1021
1022 if test "x$withval" != "xyes" ; then
1023 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1024 LDFLAGS="$LDFLAGS -L${withval}/lib"
1025 fi
1026
3466e002 1027 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1028 LIBS="-lskey $LIBS"
aff51935 1029 SKEY_MSG="yes"
82f4e93d 1030
ddceb1c8 1031 AC_MSG_CHECKING([for s/key support])
b0e7249f 1032 AC_LINK_IFELSE(
1033 [AC_LANG_SOURCE([[
ddceb1c8 1034#include <stdio.h>
1035#include <skey.h>
aec4cb4f 1036int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1037 ]])],
ddceb1c8 1038 [AC_MSG_RESULT(yes)],
278588d8 1039 [
ddceb1c8 1040 AC_MSG_RESULT(no)
278588d8 1041 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1042 ])
141fc639 1043 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1044 AC_TRY_COMPILE(
1045 [#include <stdio.h>
1046 #include <skey.h>],
1047 [(void)skeychallenge(NULL,"name","",0);],
1048 [AC_MSG_RESULT(yes)
3466e002 1049 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1050 [Define if your skeychallenge()
1051 function takes 4 arguments (NetBSD)])],
141fc639 1052 [AC_MSG_RESULT(no)]
1053 )
278588d8 1054 fi
1055 ]
1056)
1057
1058# Check whether user wants TCP wrappers support
98a7c37b 1059TCPW_MSG="no"
278588d8 1060AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1061 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1062 [
1063 if test "x$withval" != "xno" ; then
1064 saved_LIBS="$LIBS"
98a7c37b 1065 saved_LDFLAGS="$LDFLAGS"
1066 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1067 if test -n "${withval}" && \
6cf0200f 1068 test "x${withval}" != "xyes"; then
98a7c37b 1069 if test -d "${withval}/lib"; then
1070 if test -n "${need_dash_r}"; then
5a162955 1071 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1072 else
5a162955 1073 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1074 fi
1075 else
1076 if test -n "${need_dash_r}"; then
5a162955 1077 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1078 else
5a162955 1079 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1080 fi
1081 fi
1082 if test -d "${withval}/include"; then
5a162955 1083 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1084 else
5a162955 1085 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1086 fi
98a7c37b 1087 fi
ddceb1c8 1088 LIBWRAP="-lwrap"
1089 LIBS="$LIBWRAP $LIBS"
278588d8 1090 AC_MSG_CHECKING(for libwrap)
1091 AC_TRY_LINK(
1092 [
77f09220 1093#include <sys/types.h>
1094#include <sys/socket.h>
1095#include <netinet/in.h>
278588d8 1096#include <tcpd.h>
1097 int deny_severity = 0, allow_severity = 0;
1098 ],
1099 [hosts_access(0);],
1100 [
1101 AC_MSG_RESULT(yes)
3466e002 1102 AC_DEFINE(LIBWRAP, 1,
1103 [Define if you want
1104 TCP Wrappers support])
ddceb1c8 1105 AC_SUBST(LIBWRAP)
98a7c37b 1106 TCPW_MSG="yes"
278588d8 1107 ],
1108 [
1109 AC_MSG_ERROR([*** libwrap missing])
1110 ]
1111 )
ddceb1c8 1112 LIBS="$saved_LIBS"
278588d8 1113 fi
1114 ]
1115)
1116
59031773 1117# Check whether user wants libedit support
1118LIBEDIT_MSG="no"
1119AC_ARG_WITH(libedit,
6ff3d0dc 1120 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1121 [ if test "x$withval" != "xno" ; then
737edf04 1122 if test "x$withval" != "xyes"; then
bb116c8e 1123 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1124 if test -n "${need_dash_r}"; then
1125 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1126 else
1127 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1128 fi
737edf04 1129 fi
59031773 1130 AC_CHECK_LIB(edit, el_init,
3466e002 1131 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1132 LIBEDIT="-ledit -lcurses"
1133 LIBEDIT_MSG="yes"
1134 AC_SUBST(LIBEDIT)
1135 ],
737edf04 1136 [ AC_MSG_ERROR(libedit not found) ],
1137 [ -lcurses ]
59031773 1138 )
f47ddccb 1139 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1140 AC_COMPILE_IFELSE(
1141 [AC_LANG_SOURCE([[
1142#include <histedit.h>
f47ddccb 1143int main(void)
1144{
1145 int i = H_SETSIZE;
1146 el_init("", NULL, NULL, NULL);
1147 exit(0);
1148}
d92622f9 1149 ]])],
f47ddccb 1150 [ AC_MSG_RESULT(yes) ],
1151 [ AC_MSG_RESULT(no)
1152 AC_MSG_ERROR(libedit version is not compatible) ]
1153 )
59031773 1154 fi ]
1155)
1156
7b578f7d 1157AUDIT_MODULE=none
1158AC_ARG_WITH(audit,
1159 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1160 [
1161 AC_MSG_CHECKING(for supported audit module)
1162 case "$withval" in
1163 bsm)
1164 AC_MSG_RESULT(bsm)
1165 AUDIT_MODULE=bsm
1166 dnl Checks for headers, libs and functions
1167 AC_CHECK_HEADERS(bsm/audit.h, [],
1168 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1169 AC_CHECK_LIB(bsm, getaudit, [],
1170 [AC_MSG_ERROR(BSM enabled and required library not found)])
1171 AC_CHECK_FUNCS(getaudit, [],
1172 [AC_MSG_ERROR(BSM enabled and required function not found)])
1173 # These are optional
7939c496 1174 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1175 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1176 ;;
1177 debug)
1178 AUDIT_MODULE=debug
1179 AC_MSG_RESULT(debug)
3466e002 1180 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1181 ;;
a2b3321d 1182 no)
d92622f9 1183 AC_MSG_RESULT(no)
a2b3321d 1184 ;;
7b578f7d 1185 *)
1186 AC_MSG_ERROR([Unknown audit module $withval])
1187 ;;
1188 esac ]
1189)
1190
19160674 1191dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1192AC_CHECK_FUNCS( \
1193 arc4random \
9a406e1e 1194 asprintf \
b04a9f8c 1195 b64_ntop \
1196 __b64_ntop \
1197 b64_pton \
1198 __b64_pton \
1199 bcopy \
1200 bindresvport_sa \
1201 clock \
1202 closefrom \
1203 dirfd \
b04a9f8c 1204 fchmod \
1205 fchown \
1206 freeaddrinfo \
1207 futimes \
1208 getaddrinfo \
1209 getcwd \
1210 getgrouplist \
1211 getnameinfo \
1212 getopt \
1213 getpeereid \
1214 _getpty \
1215 getrlimit \
1216 getttyent \
1217 glob \
1218 inet_aton \
1219 inet_ntoa \
1220 inet_ntop \
1221 innetgr \
1222 login_getcapbool \
1223 md5_crypt \
1224 memmove \
1225 mkdtemp \
1226 mmap \
1227 ngetaddrinfo \
1228 nsleep \
1229 ogetaddrinfo \
1230 openlog_r \
1231 openpty \
1232 prctl \
1233 pstat \
1234 readpassphrase \
1235 realpath \
1236 recvmsg \
1237 rresvport_af \
1238 sendmsg \
1239 setdtablesize \
1240 setegid \
1241 setenv \
1242 seteuid \
1243 setgroups \
1244 setlogin \
1245 setpcred \
1246 setproctitle \
1247 setregid \
1248 setreuid \
1249 setrlimit \
1250 setsid \
1251 setvbuf \
1252 sigaction \
1253 sigvec \
1254 snprintf \
1255 socketpair \
1256 strdup \
1257 strerror \
1258 strlcat \
1259 strlcpy \
1260 strmode \
1261 strnvis \
1262 strtonum \
1e29a0c8 1263 strtoll \
b04a9f8c 1264 strtoul \
1265 sysconf \
1266 tcgetpgrp \
1267 truncate \
1268 unsetenv \
1269 updwtmpx \
9a406e1e 1270 vasprintf \
b04a9f8c 1271 vhangup \
1272 vsnprintf \
1273 waitpid \
19160674 1274)
98a7c37b 1275
1a086f97 1276# IRIX has a const char return value for gai_strerror()
1277AC_CHECK_FUNCS(gai_strerror,[
1278 AC_DEFINE(HAVE_GAI_STRERROR)
1279 AC_TRY_COMPILE([
1280#include <sys/types.h>
1281#include <sys/socket.h>
1282#include <netdb.h>
1283
1284const char *gai_strerror(int);],[
1285char *str;
1286
1287str = gai_strerror(0);],[
1288 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1289 [Define if gai_strerror() returns const char *])])])
1290
3466e002 1291AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1292 [Some systems put nanosleep outside of libc]))
92b1decf 1293
309709db 1294dnl Make sure prototypes are defined for these before using them.
309709db 1295AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1296AC_CHECK_DECL(strsep,
1297 [AC_CHECK_FUNCS(strsep)],
1298 [],
1299 [
1300#ifdef HAVE_STRING_H
1301# include <string.h>
1302#endif
1303 ])
08412d26 1304
3490699c 1305dnl tcsendbreak might be a macro
1306AC_CHECK_DECL(tcsendbreak,
1307 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1308 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1309 [#include <termios.h>]
1310)
1311
41e0e158 1312AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1313
71f4c727 1314AC_CHECK_DECLS(SHUT_RD, , ,
1315 [
1316#include <sys/types.h>
1317#include <sys/socket.h>
1318 ])
956d6743 1319
1320AC_CHECK_DECLS(O_NONBLOCK, , ,
1321 [
1322#include <sys/types.h>
1323#ifdef HAVE_SYS_STAT_H
1324# include <sys/stat.h>
1325#endif
1326#ifdef HAVE_FCNTL_H
1327# include <fcntl.h>
1328#endif
1329 ])
1330
752994dd 1331AC_CHECK_DECLS(writev, , , [
1332#include <sys/types.h>
1333#include <sys/uio.h>
1334#include <unistd.h>
1335 ])
1336
3f176010 1337AC_CHECK_FUNCS(setresuid, [
1338 dnl Some platorms have setresuid that isn't implemented, test for this
1339 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1340 AC_RUN_IFELSE(
1341 [AC_LANG_SOURCE([[
9a3fe0e2 1342#include <stdlib.h>
1343#include <errno.h>
1344int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1345 ]])],
3f176010 1346 [AC_MSG_RESULT(yes)],
3466e002 1347 [AC_DEFINE(BROKEN_SETRESUID, 1,
1348 [Define if your setresuid() is broken])
1a01a50c 1349 AC_MSG_RESULT(not implemented)],
1350 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1351 )
1352])
9a3fe0e2 1353
3f176010 1354AC_CHECK_FUNCS(setresgid, [
1355 dnl Some platorms have setresgid that isn't implemented, test for this
1356 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1357 AC_RUN_IFELSE(
1358 [AC_LANG_SOURCE([[
9a3fe0e2 1359#include <stdlib.h>
1360#include <errno.h>
1361int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1362 ]])],
3f176010 1363 [AC_MSG_RESULT(yes)],
3466e002 1364 [AC_DEFINE(BROKEN_SETRESGID, 1,
1365 [Define if your setresgid() is broken])
1a01a50c 1366 AC_MSG_RESULT(not implemented)],
1367 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1368 )
1369])
9a3fe0e2 1370
2e73a022 1371dnl Checks for time functions
1d7b9b20 1372AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1373dnl Checks for utmp functions
b03bd394 1374AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1375AC_CHECK_FUNCS(utmpname)
2e73a022 1376dnl Checks for utmpx functions
b03bd394 1377AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1378AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1379
aff51935 1380AC_CHECK_FUNC(daemon,
3466e002 1381 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1382 [AC_CHECK_LIB(bsd, daemon,
1383 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1384)
1385
aff51935 1386AC_CHECK_FUNC(getpagesize,
3466e002 1387 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1388 [Define if your libraries define getpagesize()])],
1389 [AC_CHECK_LIB(ucb, getpagesize,
1390 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1391)
1392
2647ae26 1393# Check for broken snprintf
1394if test "x$ac_cv_func_snprintf" = "xyes" ; then
1395 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1396 AC_RUN_IFELSE(
479cece8 1397 [AC_LANG_SOURCE([[
2647ae26 1398#include <stdio.h>
aec4cb4f 1399int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1400 ]])],
aff51935 1401 [AC_MSG_RESULT(yes)],
2647ae26 1402 [
1403 AC_MSG_RESULT(no)
3466e002 1404 AC_DEFINE(BROKEN_SNPRINTF, 1,
1405 [Define if your snprintf is busted])
2647ae26 1406 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1407 ],
1408 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1409 )
1410fi
1411
9a406e1e 1412# If we don't have a working asprintf, then we strongly depend on vsnprintf
1413# returning the right thing on overflow: the number of characters it tried to
1414# create (as per SUSv3)
1415if test "x$ac_cv_func_asprintf" != "xyes" && \
1416 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1417 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1418 AC_RUN_IFELSE(
1419 [AC_LANG_SOURCE([[
1420#include <sys/types.h>
1421#include <stdio.h>
1422#include <stdarg.h>
1423
1424int x_snprintf(char *str,size_t count,const char *fmt,...)
1425{
1426 size_t ret; va_list ap;
1427 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1428 return ret;
1429}
1430int main(void)
1431{
1432 char x[1];
1433 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1434} ]])],
1435 [AC_MSG_RESULT(yes)],
1436 [
1437 AC_MSG_RESULT(no)
1438 AC_DEFINE(BROKEN_SNPRINTF, 1,
1439 [Define if your snprintf is busted])
1440 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1441 ],
1442 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1443 )
1444fi
1445
31b0732a 1446# On systems where [v]snprintf is broken, but is declared in stdio,
1447# check that the fmt argument is const char * or just char *.
1448# This is only useful for when BROKEN_SNPRINTF
1449AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1450AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1451 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1452 int main(void) { snprintf(0, 0, 0); }
1453 ]])],
1454 [AC_MSG_RESULT(yes)
1455 AC_DEFINE(SNPRINTF_CONST, [const],
1456 [Define as const if snprintf() can declare const char *fmt])],
1457 [AC_MSG_RESULT(no)
1458 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1459
2f6f9cff 1460# Check for missing getpeereid (or equiv) support
1461NO_PEERCHECK=""
1462if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1463 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1464 AC_TRY_COMPILE(
1465 [#include <sys/types.h>
1466 #include <sys/socket.h>],
1467 [int i = SO_PEERCRED;],
62eb7db4 1468 [ AC_MSG_RESULT(yes)
3466e002 1469 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1470 ],
2f6f9cff 1471 [AC_MSG_RESULT(no)
1472 NO_PEERCHECK=1]
1473 )
1474fi
1475
70e7d0b0 1476dnl see whether mkstemp() requires XXXXXX
1477if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1478AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1479AC_RUN_IFELSE(
1480 [AC_LANG_SOURCE([[
70e7d0b0 1481#include <stdlib.h>
1482main() { char template[]="conftest.mkstemp-test";
1483if (mkstemp(template) == -1)
1484 exit(1);
1485unlink(template); exit(0);
1486}
b0e7249f 1487 ]])],
70e7d0b0 1488 [
1489 AC_MSG_RESULT(no)
1490 ],
aff51935 1491 [
70e7d0b0 1492 AC_MSG_RESULT(yes)
3466e002 1493 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1494 ],
1495 [
1496 AC_MSG_RESULT(yes)
1497 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1498 ]
70e7d0b0 1499)
1500fi
1501
eacb954e 1502dnl make sure that openpty does not reacquire controlling terminal
1503if test ! -z "$check_for_openpty_ctty_bug"; then
1504 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1505 AC_RUN_IFELSE(
1506 [AC_LANG_SOURCE([[
eacb954e 1507#include <stdio.h>
1508#include <sys/fcntl.h>
1509#include <sys/types.h>
1510#include <sys/wait.h>
1511
1512int
1513main()
1514{
1515 pid_t pid;
1516 int fd, ptyfd, ttyfd, status;
1517
1518 pid = fork();
1519 if (pid < 0) { /* failed */
1520 exit(1);
1521 } else if (pid > 0) { /* parent */
1522 waitpid(pid, &status, 0);
aff51935 1523 if (WIFEXITED(status))
eacb954e 1524 exit(WEXITSTATUS(status));
1525 else
1526 exit(2);
1527 } else { /* child */
1528 close(0); close(1); close(2);
1529 setsid();
1530 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1531 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1532 if (fd >= 0)
1533 exit(3); /* Acquired ctty: broken */
1534 else
1535 exit(0); /* Did not acquire ctty: OK */
1536 }
1537}
b0e7249f 1538 ]])],
eacb954e 1539 [
1540 AC_MSG_RESULT(yes)
1541 ],
1542 [
1543 AC_MSG_RESULT(no)
1544 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1545 ],
1546 [
1547 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1548 ]
1549 )
1550fi
1551
4b492aab 1552if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1553 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1554 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1555 AC_RUN_IFELSE(
1556 [AC_LANG_SOURCE([[
2fe51906 1557#include <stdio.h>
1558#include <sys/socket.h>
1559#include <netdb.h>
1560#include <errno.h>
1561#include <netinet/in.h>
1562
1563#define TEST_PORT "2222"
1564
1565int
1566main(void)
1567{
1568 int err, sock;
1569 struct addrinfo *gai_ai, *ai, hints;
1570 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1571
1572 memset(&hints, 0, sizeof(hints));
1573 hints.ai_family = PF_UNSPEC;
1574 hints.ai_socktype = SOCK_STREAM;
1575 hints.ai_flags = AI_PASSIVE;
1576
1577 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1578 if (err != 0) {
1579 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1580 exit(1);
1581 }
1582
1583 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1584 if (ai->ai_family != AF_INET6)
1585 continue;
1586
1587 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1588 sizeof(ntop), strport, sizeof(strport),
1589 NI_NUMERICHOST|NI_NUMERICSERV);
1590
1591 if (err != 0) {
1592 if (err == EAI_SYSTEM)
1593 perror("getnameinfo EAI_SYSTEM");
1594 else
1595 fprintf(stderr, "getnameinfo failed: %s\n",
1596 gai_strerror(err));
1597 exit(2);
1598 }
1599
1600 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1601 if (sock < 0)
1602 perror("socket");
1603 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1604 if (errno == EBADF)
1605 exit(3);
1606 }
1607 }
1608 exit(0);
1609}
b0e7249f 1610 ]])],
2fe51906 1611 [
1612 AC_MSG_RESULT(yes)
1613 ],
1614 [
1615 AC_MSG_RESULT(no)
1616 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1617 ],
1618 [
1619 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1620 ]
1621 )
1622fi
1623
4b492aab 1624if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1625 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1626 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1627 AC_RUN_IFELSE(
1628 [AC_LANG_SOURCE([[
5ccf88cb 1629#include <stdio.h>
1630#include <sys/socket.h>
1631#include <netdb.h>
1632#include <errno.h>
1633#include <netinet/in.h>
1634
1635#define TEST_PORT "2222"
1636
1637int
1638main(void)
1639{
1640 int err, sock;
1641 struct addrinfo *gai_ai, *ai, hints;
1642 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1643
1644 memset(&hints, 0, sizeof(hints));
1645 hints.ai_family = PF_UNSPEC;
1646 hints.ai_socktype = SOCK_STREAM;
1647 hints.ai_flags = AI_PASSIVE;
1648
1649 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1650 if (err != 0) {
1651 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1652 exit(1);
1653 }
1654
1655 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1656 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1657 continue;
1658
1659 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1660 sizeof(ntop), strport, sizeof(strport),
1661 NI_NUMERICHOST|NI_NUMERICSERV);
1662
1663 if (ai->ai_family == AF_INET && err != 0) {
1664 perror("getnameinfo");
1665 exit(2);
1666 }
1667 }
1668 exit(0);
1669}
b0e7249f 1670 ]])],
5ccf88cb 1671 [
1672 AC_MSG_RESULT(yes)
3466e002 1673 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1674 [Define if you have a getaddrinfo that fails
1675 for the all-zeros IPv6 address])
5ccf88cb 1676 ],
1677 [
1678 AC_MSG_RESULT(no)
1679 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1680 ],
ecd9ec09 1681 [
b0e7249f 1682 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1683 ]
1684 )
1685fi
1686
b29fd59f 1687if test "x$check_for_conflicting_getspnam" = "x1"; then
1688 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1689 AC_COMPILE_IFELSE(
1690 [
1691#include <shadow.h>
1692int main(void) {exit(0);}
1693 ],
1694 [
1695 AC_MSG_RESULT(no)
1696 ],
1697 [
1698 AC_MSG_RESULT(yes)
1699 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1700 [Conflicting defs for getspnam])
1701 ]
1702 )
1703fi
1704
7f8f5e00 1705AC_FUNC_GETPGRP
1706
5b991353 1707# Search for OpenSSL
1708saved_CPPFLAGS="$CPPFLAGS"
1709saved_LDFLAGS="$LDFLAGS"
a0391976 1710AC_ARG_WITH(ssl-dir,
1711 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1712 [
e9e4a1c7 1713 if test "x$withval" != "xno" ; then
99eb0f64 1714 case "$withval" in
1715 # Relative paths
1716 ./*|../*) withval="`pwd`/$withval"
1717 esac
5b991353 1718 if test -d "$withval/lib"; then
1719 if test -n "${need_dash_r}"; then
1720 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1721 else
1722 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1723 fi
1724 else
5b991353 1725 if test -n "${need_dash_r}"; then
1726 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1727 else
1728 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1729 fi
1730 fi
5b991353 1731 if test -d "$withval/include"; then
1732 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1733 else
5b991353 1734 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1735 fi
a0391976 1736 fi
5b991353 1737 ]
1738)
5486a457 1739LIBS="-lcrypto $LIBS"
3466e002 1740AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1741 [Define if your ssl headers are included
1742 with #include <openssl/header.h>]),
d45e3d76 1743 [
5b991353 1744 dnl Check default openssl install dir
1745 if test -n "${need_dash_r}"; then
1746 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1747 else
5b991353 1748 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1749 fi
5b991353 1750 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1751 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1752 [
1753 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1754 ]
1755 )
1756 ]
1757)
1758
cd018561 1759# Determine OpenSSL header version
1760AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1761AC_RUN_IFELSE(
479cece8 1762 [AC_LANG_SOURCE([[
cd018561 1763#include <stdio.h>
1764#include <string.h>
1765#include <openssl/opensslv.h>
1766#define DATA "conftest.sslincver"
1767int main(void) {
aff51935 1768 FILE *fd;
1769 int rc;
cd018561 1770
aff51935 1771 fd = fopen(DATA,"w");
1772 if(fd == NULL)
1773 exit(1);
cd018561 1774
1775 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1776 exit(1);
1777
1778 exit(0);
1779}
479cece8 1780 ]])],
cd018561 1781 [
1782 ssl_header_ver=`cat conftest.sslincver`
1783 AC_MSG_RESULT($ssl_header_ver)
1784 ],
1785 [
1786 AC_MSG_RESULT(not found)
1787 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1788 ],
1789 [
1790 AC_MSG_WARN([cross compiling: not checking])
cd018561 1791 ]
1792)
1793
1794# Determine OpenSSL library version
1795AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1796AC_RUN_IFELSE(
479cece8 1797 [AC_LANG_SOURCE([[
cd018561 1798#include <stdio.h>
1799#include <string.h>
1800#include <openssl/opensslv.h>
1801#include <openssl/crypto.h>
1802#define DATA "conftest.ssllibver"
1803int main(void) {
aff51935 1804 FILE *fd;
1805 int rc;
cd018561 1806
aff51935 1807 fd = fopen(DATA,"w");
1808 if(fd == NULL)
1809 exit(1);
cd018561 1810
1811 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1812 exit(1);
1813
1814 exit(0);
1815}
479cece8 1816 ]])],
cd018561 1817 [
1818 ssl_library_ver=`cat conftest.ssllibver`
1819 AC_MSG_RESULT($ssl_library_ver)
1820 ],
1821 [
1822 AC_MSG_RESULT(not found)
1823 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1824 ],
1825 [
1826 AC_MSG_WARN([cross compiling: not checking])
cd018561 1827 ]
1828)
58d100bf 1829
9780116c 1830# Sanity check OpenSSL headers
1831AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1832AC_RUN_IFELSE(
479cece8 1833 [AC_LANG_SOURCE([[
9780116c 1834#include <string.h>
1835#include <openssl/opensslv.h>
aec4cb4f 1836int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1837 ]])],
9780116c 1838 [
1839 AC_MSG_RESULT(yes)
1840 ],
1841 [
1842 AC_MSG_RESULT(no)
e15ba28b 1843 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1844Check config.log for details.
1845Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1846 ],
1847 [
1848 AC_MSG_WARN([cross compiling: not checking])
9780116c 1849 ]
1850)
1851
282d6408 1852AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1853AC_LINK_IFELSE(
1854 [AC_LANG_SOURCE([[
1855#include <openssl/evp.h>
1856int main(void) { SSLeay_add_all_algorithms(); }
1857 ]])],
1858 [
1859 AC_MSG_RESULT(yes)
1860 ],
1861 [
1862 AC_MSG_RESULT(no)
1863 saved_LIBS="$LIBS"
1864 LIBS="$LIBS -ldl"
1865 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1866 AC_LINK_IFELSE(
1867 [AC_LANG_SOURCE([[
1868#include <openssl/evp.h>
1869int main(void) { SSLeay_add_all_algorithms(); }
1870 ]])],
1871 [
1872 AC_MSG_RESULT(yes)
1873 ],
1874 [
1875 AC_MSG_RESULT(no)
1876 LIBS="$saved_LIBS"
1877 ]
1878 )
1879 ]
1880)
1881
c7ad0d99 1882AC_ARG_WITH(ssl-engine,
1883 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1884 [ if test "x$withval" != "xno" ; then
1885 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1886 AC_TRY_COMPILE(
1887 [ #include <openssl/engine.h>],
1888 [
1889int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1890 ],
1891 [ AC_MSG_RESULT(yes)
1892 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1893 [Enable OpenSSL engine support])
1894 ],
1895 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1896 )
1897 fi ]
1898)
1899
e5146707 1900# Check for OpenSSL without EVP_aes_{192,256}_cbc
1901AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1902AC_LINK_IFELSE(
e5146707 1903 [AC_LANG_SOURCE([[
1904#include <string.h>
1905#include <openssl/evp.h>
300ea548 1906int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1907 ]])],
1908 [
1909 AC_MSG_RESULT(no)
1910 ],
1911 [
1912 AC_MSG_RESULT(yes)
1913 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1914 [libcrypto is missing AES 192 and 256 bit functions])
1915 ]
1916)
1917
5486a457 1918# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1919# because the system crypt() is more featureful.
1920if test "x$check_for_libcrypt_before" = "x1"; then
1921 AC_CHECK_LIB(crypt, crypt)
1922fi
1923
aff51935 1924# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1925# version in OpenSSL.
05114c74 1926if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1927 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1928fi
1929
13ff27b7 1930# Search for SHA256 support in libc and/or OpenSSL
1931AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1932
4c653d8e 1933AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1934
1935### Configure cryptographic random number support
1936
1937# Check wheter OpenSSL seeds itself
1938AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1939AC_RUN_IFELSE(
479cece8 1940 [AC_LANG_SOURCE([[
f1b0ecc3 1941#include <string.h>
1942#include <openssl/rand.h>
aec4cb4f 1943int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1944 ]])],
f1b0ecc3 1945 [
1946 OPENSSL_SEEDS_ITSELF=yes
1947 AC_MSG_RESULT(yes)
1948 ],
1949 [
1950 AC_MSG_RESULT(no)
1951 # Default to use of the rand helper if OpenSSL doesn't
1952 # seed itself
1953 USE_RAND_HELPER=yes
1a01a50c 1954 ],
1955 [
1956 AC_MSG_WARN([cross compiling: assuming yes])
1957 # This is safe, since all recent OpenSSL versions will
82f4e93d 1958 # complain at runtime if not seeded correctly.
1a01a50c 1959 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1960 ]
1961)
1962
a086f73b 1963# Check for PAM libs
1964PAM_MSG="no"
1965AC_ARG_WITH(pam,
1966 [ --with-pam Enable PAM support ],
1967 [
1968 if test "x$withval" != "xno" ; then
1969 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1970 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
1971 AC_MSG_ERROR([PAM headers not found])
1972 fi
1973
1974 saved_LIBS="$LIBS"
1975 AC_CHECK_LIB(dl, dlopen, , )
1976 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1977 AC_CHECK_FUNCS(pam_getenvlist)
1978 AC_CHECK_FUNCS(pam_putenv)
1979 LIBS="$saved_LIBS"
1980
1981 PAM_MSG="yes"
1982
282d6408 1983 LIBPAM="-lpam"
a086f73b 1984 AC_DEFINE(USE_PAM, 1,
1985 [Define if you want to enable PAM support])
282d6408 1986
a086f73b 1987 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 1988 case "$LIBS" in
1989 *-ldl*)
1990 # libdl already in LIBS
1991 ;;
1992 *)
08164407 1993 LIBPAM="$LIBPAM -ldl"
282d6408 1994 ;;
1995 esac
a086f73b 1996 fi
1997 AC_SUBST(LIBPAM)
1998 fi
1999 ]
2000)
2001
2002# Check for older PAM
2003if test "x$PAM_MSG" = "xyes" ; then
2004 # Check PAM strerror arguments (old PAM)
2005 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2006 AC_TRY_COMPILE(
2007 [
2008#include <stdlib.h>
2009#if defined(HAVE_SECURITY_PAM_APPL_H)
2010#include <security/pam_appl.h>
2011#elif defined (HAVE_PAM_PAM_APPL_H)
2012#include <pam/pam_appl.h>
2013#endif
2014 ],
2015 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2016 [AC_MSG_RESULT(no)],
2017 [
2018 AC_DEFINE(HAVE_OLD_PAM, 1,
2019 [Define if you have an old version of PAM
2020 which takes only one argument to pam_strerror])
2021 AC_MSG_RESULT(yes)
2022 PAM_MSG="yes (old library)"
2023 ]
2024 )
2025fi
f1b0ecc3 2026
2027# Do we want to force the use of the rand helper?
2028AC_ARG_WITH(rand-helper,
2029 [ --with-rand-helper Use subprocess to gather strong randomness ],
2030 [
2031 if test "x$withval" = "xno" ; then
aff51935 2032 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2033 # the previous test showed it to be unseeded.
2034 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2035 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2036 OPENSSL_SEEDS_ITSELF=yes
2037 USE_RAND_HELPER=""
2038 fi
2039 else
2040 USE_RAND_HELPER=yes
2041 fi
2042 ],
82f4e93d 2043)
f1b0ecc3 2044
2045# Which randomness source do we use?
4b492aab 2046if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2047 # OpenSSL only
3466e002 2048 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2049 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2050 RAND_MSG="OpenSSL internal ONLY"
2051 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2052elif test ! -z "$USE_RAND_HELPER" ; then
2053 # install rand helper
f1b0ecc3 2054 RAND_MSG="ssh-rand-helper"
2055 INSTALL_SSH_RAND_HELPER="yes"
2056fi
2057AC_SUBST(INSTALL_SSH_RAND_HELPER)
2058
2059### Configuration of ssh-rand-helper
2060
2061# PRNGD TCP socket
2062AC_ARG_WITH(prngd-port,
2063 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2064 [
eb5d7ff6 2065 case "$withval" in
2066 no)
2067 withval=""
2068 ;;
2069 [[0-9]]*)
2070 ;;
2071 *)
2072 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2073 ;;
2074 esac
2075 if test ! -z "$withval" ; then
f1b0ecc3 2076 PRNGD_PORT="$withval"
3466e002 2077 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2078 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2079 fi
2080 ]
2081)
2082
2083# PRNGD Unix domain socket
2084AC_ARG_WITH(prngd-socket,
2085 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2086 [
eb5d7ff6 2087 case "$withval" in
2088 yes)
f1b0ecc3 2089 withval="/var/run/egd-pool"
eb5d7ff6 2090 ;;
2091 no)
2092 withval=""
2093 ;;
2094 /*)
2095 ;;
2096 *)
2097 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2098 ;;
2099 esac
2100
2101 if test ! -z "$withval" ; then
f1b0ecc3 2102 if test ! -z "$PRNGD_PORT" ; then
2103 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2104 fi
906e811b 2105 if test ! -r "$withval" ; then
f1b0ecc3 2106 AC_MSG_WARN(Entropy socket is not readable)
2107 fi
2108 PRNGD_SOCKET="$withval"
3466e002 2109 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2110 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2111 fi
ddceb1c8 2112 ],
2113 [
2114 # Check for existing socket only if we don't have a random device already
2115 if test "$USE_RAND_HELPER" = yes ; then
2116 AC_MSG_CHECKING(for PRNGD/EGD socket)
2117 # Insert other locations here
2118 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2119 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2120 PRNGD_SOCKET="$sock"
2121 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2122 break;
2123 fi
2124 done
2125 if test ! -z "$PRNGD_SOCKET" ; then
2126 AC_MSG_RESULT($PRNGD_SOCKET)
2127 else
2128 AC_MSG_RESULT(not found)
2129 fi
2130 fi
f1b0ecc3 2131 ]
2132)
2133
2134# Change default command timeout for hashing entropy source
2135entropy_timeout=200
2136AC_ARG_WITH(entropy-timeout,
2137 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2138 [
6cf0200f 2139 if test -n "$withval" && test "x$withval" != "xno" && \
2140 test "x${withval}" != "xyes"; then
f1b0ecc3 2141 entropy_timeout=$withval
2142 fi
82f4e93d 2143 ]
f1b0ecc3 2144)
3466e002 2145AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2146 [Builtin PRNG command timeout])
f1b0ecc3 2147
fd3cbf67 2148SSH_PRIVSEP_USER=sshd
9a0fbcb3 2149AC_ARG_WITH(privsep-user,
5222e7ef 2150 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2151 [
6cf0200f 2152 if test -n "$withval" && test "x$withval" != "xno" && \
2153 test "x${withval}" != "xyes"; then
fd3cbf67 2154 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2155 fi
82f4e93d 2156 ]
9a0fbcb3 2157)
3466e002 2158AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2159 [non-privileged user for privilege separation])
fd3cbf67 2160AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2161
81dadca3 2162# We do this little dance with the search path to insure
2163# that programs that we select for use by installed programs
2164# (which may be run by the super-user) come from trusted
2165# locations before they come from the user's private area.
2166# This should help avoid accidentally configuring some
2167# random version of a program in someone's personal bin.
2168
2169OPATH=$PATH
2170PATH=/bin:/usr/bin
f95c8ce8 2171test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2172test -d /sbin && PATH=$PATH:/sbin
2173test -d /usr/sbin && PATH=$PATH:/usr/sbin
2174PATH=$PATH:/etc:$OPATH
2175
aff51935 2176# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2177OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2178OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2179OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2180OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2181OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2182OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2183OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2184OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2185OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2186OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2187OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2188OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2189OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2190OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2191OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2192OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2193# restore PATH
2194PATH=$OPATH
f1b0ecc3 2195
2196# Where does ssh-rand-helper get its randomness from?
2197INSTALL_SSH_PRNG_CMDS=""
2198if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2199 if test ! -z "$PRNGD_PORT" ; then
2200 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2201 elif test ! -z "$PRNGD_SOCKET" ; then
2202 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2203 else
2204 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2205 RAND_HELPER_CMDHASH=yes
2206 INSTALL_SSH_PRNG_CMDS="yes"
2207 fi
2208fi
2209AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2210
2211
66d6c27e 2212# Cheap hack to ensure NEWS-OS libraries are arranged right.
2213if test ! -z "$SONY" ; then
2214 LIBS="$LIBS -liberty";
2215fi
2216
9a406e1e 2217# Check for long long datatypes
2218AC_CHECK_TYPES([long long, unsigned long long, long double])
2219
2220# Check datatype sizes
976f7e19 2221AC_CHECK_SIZEOF(char, 1)
2b942fe0 2222AC_CHECK_SIZEOF(short int, 2)
2223AC_CHECK_SIZEOF(int, 4)
2224AC_CHECK_SIZEOF(long int, 4)
2225AC_CHECK_SIZEOF(long long int, 8)
2226
52f1ccb2 2227# Sanity check long long for some platforms (AIX)
2228if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2229 ac_cv_sizeof_long_long_int=0
2230fi
2231
90f15776 2232# compute LLONG_MIN and LLONG_MAX if we don't know them.
2233if test -z "$have_llong_max"; then
2234 AC_MSG_CHECKING([for max value of long long])
2235 AC_RUN_IFELSE(
2236 [AC_LANG_SOURCE([[
2237#include <stdio.h>
2238/* Why is this so damn hard? */
2239#ifdef __GNUC__
2240# undef __GNUC__
2241#endif
2242#define __USE_ISOC99
2243#include <limits.h>
2244#define DATA "conftest.llminmax"
055252ed 2245#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2246
2247/*
2248 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2249 * we do this the hard way.
2250 */
2251static int
2252fprint_ll(FILE *f, long long n)
2253{
2254 unsigned int i;
2255 int l[sizeof(long long) * 8];
2256
2257 if (n < 0)
2258 if (fprintf(f, "-") < 0)
2259 return -1;
2260 for (i = 0; n != 0; i++) {
2261 l[i] = my_abs(n % 10);
2262 n /= 10;
2263 }
2264 do {
2265 if (fprintf(f, "%d", l[--i]) < 0)
2266 return -1;
2267 } while (i != 0);
2268 if (fprintf(f, " ") < 0)
2269 return -1;
2270 return 0;
2271}
2272
90f15776 2273int main(void) {
2274 FILE *f;
2275 long long i, llmin, llmax = 0;
2276
2277 if((f = fopen(DATA,"w")) == NULL)
2278 exit(1);
2279
2280#if defined(LLONG_MIN) && defined(LLONG_MAX)
2281 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2282 llmin = LLONG_MIN;
2283 llmax = LLONG_MAX;
2284#else
2285 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2286 /* This will work on one's complement and two's complement */
2287 for (i = 1; i > llmax; i <<= 1, i++)
2288 llmax = i;
2289 llmin = llmax + 1LL; /* wrap */
2290#endif
2291
2292 /* Sanity check */
2293 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2294 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2295 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2296 fprintf(f, "unknown unknown\n");
2297 exit(2);
2298 }
2299
055252ed 2300 if (fprint_ll(f, llmin) < 0)
90f15776 2301 exit(3);
055252ed 2302 if (fprint_ll(f, llmax) < 0)
2303 exit(4);
2304 if (fclose(f) < 0)
2305 exit(5);
90f15776 2306 exit(0);
2307}
2308 ]])],
2309 [
2310 llong_min=`$AWK '{print $1}' conftest.llminmax`
2311 llong_max=`$AWK '{print $2}' conftest.llminmax`
2312
90f15776 2313 AC_MSG_RESULT($llong_max)
2314 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2315 [max value of long long calculated by configure])
2316 AC_MSG_CHECKING([for min value of long long])
2317 AC_MSG_RESULT($llong_min)
2318 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2319 [min value of long long calculated by configure])
2320 ],
2321 [
2322 AC_MSG_RESULT(not found)
2323 ],
2324 [
2325 AC_MSG_WARN([cross compiling: not checking])
2326 ]
2327 )
2328fi
2329
2330
a0391976 2331# More checks for data types
14a9a859 2332AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2333 AC_TRY_COMPILE(
aff51935 2334 [ #include <sys/types.h> ],
2335 [ u_int a; a = 1;],
14a9a859 2336 [ ac_cv_have_u_int="yes" ],
2337 [ ac_cv_have_u_int="no" ]
2338 )
2339])
2340if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2341 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2342 have_u_int=1
2343fi
2344
58d100bf 2345AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2346 AC_TRY_COMPILE(
aff51935 2347 [ #include <sys/types.h> ],
2348 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2349 [ ac_cv_have_intxx_t="yes" ],
2350 [ ac_cv_have_intxx_t="no" ]
2351 )
2352])
2353if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2354 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2355 have_intxx_t=1
2356fi
41cb4569 2357
2358if (test -z "$have_intxx_t" && \
aff51935 2359 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2360then
2361 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2362 AC_TRY_COMPILE(
aff51935 2363 [ #include <stdint.h> ],
2364 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2365 [
2366 AC_DEFINE(HAVE_INTXX_T)
2367 AC_MSG_RESULT(yes)
2368 ],
2369 [ AC_MSG_RESULT(no) ]
2370 )
2371fi
2372
bd590612 2373AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2374 AC_TRY_COMPILE(
1cbbe6c8 2375 [
2376#include <sys/types.h>
2377#ifdef HAVE_STDINT_H
2378# include <stdint.h>
2379#endif
2380#include <sys/socket.h>
2381#ifdef HAVE_SYS_BITYPES_H
2382# include <sys/bitypes.h>
2383#endif
aff51935 2384 ],
2385 [ int64_t a; a = 1;],
bd590612 2386 [ ac_cv_have_int64_t="yes" ],
2387 [ ac_cv_have_int64_t="no" ]
2388 )
2389])
2390if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2391 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2392fi
2393
58d100bf 2394AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2395 AC_TRY_COMPILE(
aff51935 2396 [ #include <sys/types.h> ],
2397 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2398 [ ac_cv_have_u_intxx_t="yes" ],
2399 [ ac_cv_have_u_intxx_t="no" ]
2400 )
2401])
2402if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2403 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2404 have_u_intxx_t=1
2405fi
2b942fe0 2406
41cb4569 2407if test -z "$have_u_intxx_t" ; then
2408 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2409 AC_TRY_COMPILE(
aff51935 2410 [ #include <sys/socket.h> ],
2411 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2412 [
2413 AC_DEFINE(HAVE_U_INTXX_T)
2414 AC_MSG_RESULT(yes)
2415 ],
2416 [ AC_MSG_RESULT(no) ]
2417 )
2418fi
2419
bd590612 2420AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2421 AC_TRY_COMPILE(
aff51935 2422 [ #include <sys/types.h> ],
2423 [ u_int64_t a; a = 1;],
bd590612 2424 [ ac_cv_have_u_int64_t="yes" ],
2425 [ ac_cv_have_u_int64_t="no" ]
2426 )
2427])
2428if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2429 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2430 have_u_int64_t=1
2431fi
2432
ddceb1c8 2433if test -z "$have_u_int64_t" ; then
2434 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2435 AC_TRY_COMPILE(
aff51935 2436 [ #include <sys/bitypes.h> ],
ddceb1c8 2437 [ u_int64_t a; a = 1],
2438 [
2439 AC_DEFINE(HAVE_U_INT64_T)
2440 AC_MSG_RESULT(yes)
2441 ],
2442 [ AC_MSG_RESULT(no) ]
2443 )
2444fi
2445
41cb4569 2446if test -z "$have_u_intxx_t" ; then
2447 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2448 AC_TRY_COMPILE(
2449 [
2450#include <sys/types.h>
aff51935 2451 ],
2452 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2453 [ ac_cv_have_uintxx_t="yes" ],
2454 [ ac_cv_have_uintxx_t="no" ]
2455 )
2456 ])
2457 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2458 AC_DEFINE(HAVE_UINTXX_T, 1,
2459 [define if you have uintxx_t data type])
41cb4569 2460 fi
2461fi
2462
2463if test -z "$have_uintxx_t" ; then
2464 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2465 AC_TRY_COMPILE(
aff51935 2466 [ #include <stdint.h> ],
2467 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2468 [
2469 AC_DEFINE(HAVE_UINTXX_T)
2470 AC_MSG_RESULT(yes)
2471 ],
2472 [ AC_MSG_RESULT(no) ]
2473 )
2474fi
2475
e5fe9a1f 2476if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2477 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2478then
2479 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2480 AC_TRY_COMPILE(
58d100bf 2481 [
2482#include <sys/bitypes.h>
aff51935 2483 ],
5cdfe03f 2484 [
837c30b8 2485 int8_t a; int16_t b; int32_t c;
2486 u_int8_t e; u_int16_t f; u_int32_t g;
2487 a = b = c = e = f = g = 1;
aff51935 2488 ],
5cdfe03f 2489 [
2490 AC_DEFINE(HAVE_U_INTXX_T)
2491 AC_DEFINE(HAVE_INTXX_T)
2492 AC_MSG_RESULT(yes)
2493 ],
2494 [AC_MSG_RESULT(no)]
aff51935 2495 )
5cdfe03f 2496fi
2497
0362750e 2498
2499AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2500 AC_TRY_COMPILE(
2501 [
2502#include <sys/types.h>
2503 ],
2504 [ u_char foo; foo = 125; ],
2505 [ ac_cv_have_u_char="yes" ],
2506 [ ac_cv_have_u_char="no" ]
2507 )
2508])
2509if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2510 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2511fi
2512
98a7c37b 2513TYPE_SOCKLEN_T
2b942fe0 2514
2d16d9a3 2515AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2516
777ece68 2517AC_CHECK_TYPES(in_addr_t,,,
2518[#include <sys/types.h>
2519#include <netinet/in.h>])
7b578f7d 2520
58d100bf 2521AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2522 AC_TRY_COMPILE(
2523 [
18ba2aab 2524#include <sys/types.h>
58d100bf 2525 ],
2526 [ size_t foo; foo = 1235; ],
2527 [ ac_cv_have_size_t="yes" ],
2528 [ ac_cv_have_size_t="no" ]
2529 )
2530])
2531if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2532 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2533fi
ea1970a3 2534
c04f75f1 2535AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2536 AC_TRY_COMPILE(
2537 [
2538#include <sys/types.h>
2539 ],
2540 [ ssize_t foo; foo = 1235; ],
2541 [ ac_cv_have_ssize_t="yes" ],
2542 [ ac_cv_have_ssize_t="no" ]
2543 )
2544])
2545if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2546 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2547fi
2548
f1c4659d 2549AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2550 AC_TRY_COMPILE(
2551 [
2552#include <time.h>
2553 ],
2554 [ clock_t foo; foo = 1235; ],
2555 [ ac_cv_have_clock_t="yes" ],
2556 [ ac_cv_have_clock_t="no" ]
2557 )
2558])
2559if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2560 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2561fi
2562
1c04b088 2563AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2564 AC_TRY_COMPILE(
2565 [
2566#include <sys/types.h>
2567#include <sys/socket.h>
2568 ],
2569 [ sa_family_t foo; foo = 1235; ],
2570 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2571 [ AC_TRY_COMPILE(
2572 [
2573#include <sys/types.h>
2574#include <sys/socket.h>
2575#include <netinet/in.h>
2576 ],
2577 [ sa_family_t foo; foo = 1235; ],
2578 [ ac_cv_have_sa_family_t="yes" ],
2579
1c04b088 2580 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2581 )]
1c04b088 2582 )
2583])
2584if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2585 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2586 [define if you have sa_family_t data type])
1c04b088 2587fi
2588
729bfe59 2589AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2590 AC_TRY_COMPILE(
2591 [
2592#include <sys/types.h>
2593 ],
2594 [ pid_t foo; foo = 1235; ],
2595 [ ac_cv_have_pid_t="yes" ],
2596 [ ac_cv_have_pid_t="no" ]
2597 )
2598])
2599if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2600 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2601fi
2602
2603AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2604 AC_TRY_COMPILE(
2605 [
2606#include <sys/types.h>
2607 ],
2608 [ mode_t foo; foo = 1235; ],
2609 [ ac_cv_have_mode_t="yes" ],
2610 [ ac_cv_have_mode_t="no" ]
2611 )
2612])
2613if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2614 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2615fi
2616
e3a93db0 2617
58d100bf 2618AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2619 AC_TRY_COMPILE(
2620 [
18ba2aab 2621#include <sys/types.h>
2622#include <sys/socket.h>
58d100bf 2623 ],
2624 [ struct sockaddr_storage s; ],
2625 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2626 [ ac_cv_have_struct_sockaddr_storage="no" ]
2627 )
2628])
2629if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2630 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2631 [define if you have struct sockaddr_storage data type])
58d100bf 2632fi
48e671d5 2633
58d100bf 2634AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2635 AC_TRY_COMPILE(
2636 [
cbd7492e 2637#include <sys/types.h>
58d100bf 2638#include <netinet/in.h>
2639 ],
2640 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2641 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2642 [ ac_cv_have_struct_sockaddr_in6="no" ]
2643 )
2644])
2645if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2646 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2647 [define if you have struct sockaddr_in6 data type])
58d100bf 2648fi
48e671d5 2649
58d100bf 2650AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2651 AC_TRY_COMPILE(
2652 [
cbd7492e 2653#include <sys/types.h>
58d100bf 2654#include <netinet/in.h>
2655 ],
2656 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2657 [ ac_cv_have_struct_in6_addr="yes" ],
2658 [ ac_cv_have_struct_in6_addr="no" ]
2659 )
2660])
2661if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2662 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2663 [define if you have struct in6_addr data type])
58d100bf 2664fi
48e671d5 2665
58d100bf 2666AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2667 AC_TRY_COMPILE(
2668 [
18ba2aab 2669#include <sys/types.h>
2670#include <sys/socket.h>
2671#include <netdb.h>
58d100bf 2672 ],
2673 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2674 [ ac_cv_have_struct_addrinfo="yes" ],
2675 [ ac_cv_have_struct_addrinfo="no" ]
2676 )
2677])
2678if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2679 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2680 [define if you have struct addrinfo data type])
58d100bf 2681fi
2682
89c7e31c 2683AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2684 AC_TRY_COMPILE(
aff51935 2685 [ #include <sys/time.h> ],
2686 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2687 [ ac_cv_have_struct_timeval="yes" ],
2688 [ ac_cv_have_struct_timeval="no" ]
2689 )
2690])
2691if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2692 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2693 have_struct_timeval=1
2694fi
2695
5271b55c 2696AC_CHECK_TYPES(struct timespec)
2697
85abc74b 2698# We need int64_t or else certian parts of the compile will fail.
4b492aab 2699if test "x$ac_cv_have_int64_t" = "xno" && \
2700 test "x$ac_cv_sizeof_long_int" != "x8" && \
2701 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2702 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2703 echo "an alternative compiler (I.E., GCC) before continuing."
2704 echo ""
2705 exit 1;
733cf7f4 2706else
2707dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2708 AC_RUN_IFELSE(
479cece8 2709 [AC_LANG_SOURCE([[
733cf7f4 2710#include <stdio.h>
2711#include <string.h>
2712#ifdef HAVE_SNPRINTF
2713main()
2714{
2715 char buf[50];
2716 char expected_out[50];
2717 int mazsize = 50 ;
2718#if (SIZEOF_LONG_INT == 8)
2719 long int num = 0x7fffffffffffffff;
2720#else
763a1a18 2721 long long num = 0x7fffffffffffffffll;
733cf7f4 2722#endif
2723 strcpy(expected_out, "9223372036854775807");
2724 snprintf(buf, mazsize, "%lld", num);
2725 if(strcmp(buf, expected_out) != 0)
aff51935 2726 exit(1);
733cf7f4 2727 exit(0);
2728}
2729#else
2730main() { exit(0); }
2731#endif
479cece8 2732 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2733 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2734 )
2c523de9 2735fi
2736
77bb0bca 2737dnl Checks for structure members
58d100bf 2738OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2739OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2740OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2741OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2742OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2743OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2744OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2745OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2746OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2747OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2748OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2749OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2750OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2751OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2752OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2753OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2754OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2755
2756AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2757AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2758 [Define if we don't have struct __res_state in resolv.h])],
2759[
2760#include <stdio.h>
2761#if HAVE_SYS_TYPES_H
2762# include <sys/types.h>
2763#endif
2764#include <netinet/in.h>
2765#include <arpa/nameser.h>
2766#include <resolv.h>
2767])
1d7b9b20 2768
58d100bf 2769AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2770 ac_cv_have_ss_family_in_struct_ss, [
2771 AC_TRY_COMPILE(
2772 [
18ba2aab 2773#include <sys/types.h>
2774#include <sys/socket.h>
58d100bf 2775 ],
2776 [ struct sockaddr_storage s; s.ss_family = 1; ],
2777 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2778 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2779 )
2780])
2781if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2782 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2783fi
2784
58d100bf 2785AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2786 ac_cv_have___ss_family_in_struct_ss, [
2787 AC_TRY_COMPILE(
2788 [
18ba2aab 2789#include <sys/types.h>
2790#include <sys/socket.h>
58d100bf 2791 ],
2792 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2793 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2794 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2795 )
2796])
2797if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2798 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2799 [Fields in struct sockaddr_storage])
58d100bf 2800fi
2801
2e73a022 2802AC_CACHE_CHECK([for pw_class field in struct passwd],
2803 ac_cv_have_pw_class_in_struct_passwd, [
2804 AC_TRY_COMPILE(
2805 [
2e73a022 2806#include <pwd.h>
2807 ],
97994d32 2808 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2809 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2810 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2811 )
2812])
2813if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2814 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2815 [Define if your password has a pw_class field])
2e73a022 2816fi
2817
7751d4eb 2818AC_CACHE_CHECK([for pw_expire field in struct passwd],
2819 ac_cv_have_pw_expire_in_struct_passwd, [
2820 AC_TRY_COMPILE(
2821 [
2822#include <pwd.h>
2823 ],
2824 [ struct passwd p; p.pw_expire = 0; ],
2825 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2826 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2827 )
2828])
2829if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2830 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2831 [Define if your password has a pw_expire field])
7751d4eb 2832fi
2833
2834AC_CACHE_CHECK([for pw_change field in struct passwd],
2835 ac_cv_have_pw_change_in_struct_passwd, [
2836 AC_TRY_COMPILE(
2837 [
2838#include <pwd.h>
2839 ],
2840 [ struct passwd p; p.pw_change = 0; ],
2841 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2842 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2843 )
2844])
2845if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2846 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2847 [Define if your password has a pw_change field])
7751d4eb 2848fi
58d100bf 2849
637f9177 2850dnl make sure we're using the real structure members and not defines
6f34652e 2851AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2852 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2853 AC_COMPILE_IFELSE(
6f34652e 2854 [
f95c8ce8 2855#include <sys/types.h>
6f34652e 2856#include <sys/socket.h>
2857#include <sys/uio.h>
637f9177 2858int main() {
2859#ifdef msg_accrights
1a01a50c 2860#error "msg_accrights is a macro"
637f9177 2861exit(1);
2862#endif
2863struct msghdr m;
2864m.msg_accrights = 0;
2865exit(0);
2866}
6f34652e 2867 ],
6f34652e 2868 [ ac_cv_have_accrights_in_msghdr="yes" ],
2869 [ ac_cv_have_accrights_in_msghdr="no" ]
2870 )
2871])
2872if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2873 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2874 [Define if your system uses access rights style
2875 file descriptor passing])
6f34652e 2876fi
2877
7176df4f 2878AC_CACHE_CHECK([for msg_control field in struct msghdr],
2879 ac_cv_have_control_in_msghdr, [
1a01a50c 2880 AC_COMPILE_IFELSE(
7176df4f 2881 [
f95c8ce8 2882#include <sys/types.h>
7176df4f 2883#include <sys/socket.h>
2884#include <sys/uio.h>
637f9177 2885int main() {
2886#ifdef msg_control
1a01a50c 2887#error "msg_control is a macro"
637f9177 2888exit(1);
2889#endif
2890struct msghdr m;
2891m.msg_control = 0;
2892exit(0);
2893}
7176df4f 2894 ],
7176df4f 2895 [ ac_cv_have_control_in_msghdr="yes" ],
2896 [ ac_cv_have_control_in_msghdr="no" ]
2897 )
2898])
2899if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2900 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2901 [Define if your system uses ancillary data style
2902 file descriptor passing])
7176df4f 2903fi
2904
58d100bf 2905AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2906 AC_TRY_LINK([],
2907 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2908 [ ac_cv_libc_defines___progname="yes" ],
2909 [ ac_cv_libc_defines___progname="no" ]
2910 )
2911])
2912if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2913 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2914fi
8946db53 2915
c921ee00 2916AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2917 AC_TRY_LINK([
2918#include <stdio.h>
aff51935 2919],
2920 [ printf("%s", __FUNCTION__); ],
c921ee00 2921 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2922 [ ac_cv_cc_implements___FUNCTION__="no" ]
2923 )
2924])
2925if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2926 AC_DEFINE(HAVE___FUNCTION__, 1,
2927 [Define if compiler implements __FUNCTION__])
c921ee00 2928fi
2929
2930AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2931 AC_TRY_LINK([
2932#include <stdio.h>
aff51935 2933],
2934 [ printf("%s", __func__); ],
c921ee00 2935 [ ac_cv_cc_implements___func__="yes" ],
2936 [ ac_cv_cc_implements___func__="no" ]
2937 )
2938])
2939if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2940 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2941fi
2942
9a406e1e 2943AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2944 AC_TRY_LINK(
2945 [#include <stdarg.h>
2946 va_list x,y;],
2947 [va_copy(x,y);],
2948 [ ac_cv_have_va_copy="yes" ],
2949 [ ac_cv_have_va_copy="no" ]
2950 )
2951])
2952if test "x$ac_cv_have_va_copy" = "xyes" ; then
2953 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2954fi
2955
2956AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2957 AC_TRY_LINK(
2958 [#include <stdarg.h>
2959 va_list x,y;],
2960 [__va_copy(x,y);],
2961 [ ac_cv_have___va_copy="yes" ],
2962 [ ac_cv_have___va_copy="no" ]
2963 )
2964])
2965if test "x$ac_cv_have___va_copy" = "xyes" ; then
2966 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2967fi
2968
1812a662 2969AC_CACHE_CHECK([whether getopt has optreset support],
2970 ac_cv_have_getopt_optreset, [
2971 AC_TRY_LINK(
2972 [
2973#include <getopt.h>
2974 ],
2975 [ extern int optreset; optreset = 0; ],
2976 [ ac_cv_have_getopt_optreset="yes" ],
2977 [ ac_cv_have_getopt_optreset="no" ]
2978 )
2979])
2980if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 2981 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2982 [Define if your getopt(3) defines and uses optreset])
1812a662 2983fi
a0391976 2984
819b676f 2985AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2986 AC_TRY_LINK([],
2987 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2988 [ ac_cv_libc_defines_sys_errlist="yes" ],
2989 [ ac_cv_libc_defines_sys_errlist="no" ]
2990 )
2991])
2992if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 2993 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2994 [Define if your system defines sys_errlist[]])
819b676f 2995fi
2996
2997
416ed5a7 2998AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2999 AC_TRY_LINK([],
3000 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3001 [ ac_cv_libc_defines_sys_nerr="yes" ],
3002 [ ac_cv_libc_defines_sys_nerr="no" ]
3003 )
3004])
3005if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3006 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3007fi
3008
aff51935 3009SCARD_MSG="no"
295c8801 3010# Check whether user wants sectok support
3011AC_ARG_WITH(sectok,
3012 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3013 [
3014 if test "x$withval" != "xno" ; then
3015 if test "x$withval" != "xyes" ; then
3016 CPPFLAGS="$CPPFLAGS -I${withval}"
3017 LDFLAGS="$LDFLAGS -L${withval}"
3018 if test ! -z "$need_dash_r" ; then
3019 LDFLAGS="$LDFLAGS -R${withval}"
3020 fi
3021 if test ! -z "$blibpath" ; then
3022 blibpath="$blibpath:${withval}"
3023 fi
3024 fi
3025 AC_CHECK_HEADERS(sectok.h)
3026 if test "$ac_cv_header_sectok_h" != yes; then
3027 AC_MSG_ERROR(Can't find sectok.h)
3028 fi
3029 AC_CHECK_LIB(sectok, sectok_open)
3030 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3031 AC_MSG_ERROR(Can't find libsectok)
3032 fi
3466e002 3033 AC_DEFINE(SMARTCARD, 1,
3034 [Define if you want smartcard support])
3035 AC_DEFINE(USE_SECTOK, 1,
3036 [Define if you want smartcard support
3037 using sectok])
aff51935 3038 SCARD_MSG="yes, using sectok"
295c8801 3039 fi
3040 ]
3041)
3042
3043# Check whether user wants OpenSC support
987b458f 3044OPENSC_CONFIG="no"
295c8801 3045AC_ARG_WITH(opensc,
e47fb473 3046 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3047 [
3048 if test "x$withval" != "xno" ; then
3049 if test "x$withval" != "xyes" ; then
3050 OPENSC_CONFIG=$withval/bin/opensc-config
3051 else
3052 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3053 fi
3054 if test "$OPENSC_CONFIG" != "no"; then
3055 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3056 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3057 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
3058 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
3059 AC_DEFINE(SMARTCARD)
3466e002 3060 AC_DEFINE(USE_OPENSC, 1,
3061 [Define if you want smartcard support
3062 using OpenSC])
987b458f 3063 SCARD_MSG="yes, using OpenSC"
3064 fi
3065 fi
3066 ]
3067)
d0b19c95 3068
c31dc31c 3069# Check libraries needed by DNS fingerprint support
aff51935 3070AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3071 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3072 [Define if getrrsetbyname() exists])],
3e05e934 3073 [
c31dc31c 3074 # Needed by our getrrsetbyname()
3075 AC_SEARCH_LIBS(res_query, resolv)
3076 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3077 AC_MSG_CHECKING(if res_query will link)
3078 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3079 [AC_MSG_RESULT(no)
3080 saved_LIBS="$LIBS"
3081 LIBS="$LIBS -lresolv"
3082 AC_MSG_CHECKING(for res_query in -lresolv)
3083 AC_LINK_IFELSE([
3084#include <resolv.h>
3085int main()
3086{
3087 res_query (0, 0, 0, 0, 0);
3088 return 0;
3089}
3090 ],
3091 [LIBS="$LIBS -lresolv"
3092 AC_MSG_RESULT(yes)],
3093 [LIBS="$saved_LIBS"
3094 AC_MSG_RESULT(no)])
3095 ])
c31dc31c 3096 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3097 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3098 [#include <sys/types.h>
3099 #include <arpa/nameser.h>])
c31dc31c 3100 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3101 [AC_DEFINE(HAVE_HEADER_AD, 1,
3102 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3103 [#include <arpa/nameser.h>])
3104 ])
3e05e934 3105
ef4d1846 3106# Check whether user wants SELinux support
3107SELINUX_MSG="no"
3108LIBSELINUX=""
3109AC_ARG_WITH(selinux,
3110 [ --with-selinux Enable SELinux support],
3111 [ if test "x$withval" != "xno" ; then
3112 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3113 SELINUX_MSG="yes"
3114 AC_CHECK_HEADER([selinux/selinux.h], ,
3115 AC_MSG_ERROR(SELinux support requires selinux.h header))
3116 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3117 AC_MSG_ERROR(SELinux support requires libselinux library))
3118 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3119 fi ]
3120)
3121AC_SUBST(LIBSELINUX)
3122
12928e80 3123# Check whether user wants Kerberos 5 support
aff51935 3124KRB5_MSG="no"
12928e80 3125AC_ARG_WITH(kerberos5,
aff51935 3126 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3127 [ if test "x$withval" != "xno" ; then
3128 if test "x$withval" = "xyes" ; then
3129 KRB5ROOT="/usr/local"
3130 else
3131 KRB5ROOT=${withval}
3132 fi
3133
3466e002 3134 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3135 KRB5_MSG="yes"
3136
3137 AC_MSG_CHECKING(for krb5-config)
3138 if test -x $KRB5ROOT/bin/krb5-config ; then
3139 KRB5CONF=$KRB5ROOT/bin/krb5-config
3140 AC_MSG_RESULT($KRB5CONF)
3141
3142 AC_MSG_CHECKING(for gssapi support)
3143 if $KRB5CONF | grep gssapi >/dev/null ; then
3144 AC_MSG_RESULT(yes)
3466e002 3145 AC_DEFINE(GSSAPI, 1,
3146 [Define this if you want GSSAPI
3147 support in the version 2 protocol])
071970fb 3148 k5confopts=gssapi
aff51935 3149 else
5585c441 3150 AC_MSG_RESULT(no)
071970fb 3151 k5confopts=""
aff51935 3152 fi
071970fb 3153 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3154 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3155 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3156 AC_MSG_CHECKING(whether we are using Heimdal)
3157 AC_TRY_COMPILE([ #include <krb5.h> ],
3158 [ char *tmp = heimdal_version; ],
3159 [ AC_MSG_RESULT(yes)
3466e002 3160 AC_DEFINE(HEIMDAL, 1,
3161 [Define this if you are using the
3162 Heimdal version of Kerberos V5]) ],
5585c441 3163 AC_MSG_RESULT(no)
3164 )
3165 else
3166 AC_MSG_RESULT(no)
12928e80 3167 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3168 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3169 AC_MSG_CHECKING(whether we are using Heimdal)
3170 AC_TRY_COMPILE([ #include <krb5.h> ],
3171 [ char *tmp = heimdal_version; ],
3172 [ AC_MSG_RESULT(yes)
3173 AC_DEFINE(HEIMDAL)
41707f74 3174 K5LIBS="-lkrb5 -ldes"
3175 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3176 AC_CHECK_LIB(roken, net_write,
41707f74 3177 [K5LIBS="$K5LIBS -lroken"])
aff51935 3178 ],
3179 [ AC_MSG_RESULT(no)
3180 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3181 ]
3182 )
4e00038c 3183 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3184
749560dd 3185 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3186 [ AC_DEFINE(GSSAPI)
3187 K5LIBS="-lgssapi $K5LIBS" ],
3188 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3189 [ AC_DEFINE(GSSAPI)
aff51935 3190 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3191 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3192 $K5LIBS)
3193 ],
3194 $K5LIBS)
82f4e93d 3195
749560dd 3196 AC_CHECK_HEADER(gssapi.h, ,
3197 [ unset ac_cv_header_gssapi_h
aff51935 3198 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3199 AC_CHECK_HEADERS(gssapi.h, ,
3200 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3201 )
749560dd 3202 ]
3203 )
3204
3205 oldCPP="$CPPFLAGS"
3206 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3207 AC_CHECK_HEADER(gssapi_krb5.h, ,
3208 [ CPPFLAGS="$oldCPP" ])
3209
aff51935 3210 fi
5585c441 3211 if test ! -z "$need_dash_r" ; then
3212 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3213 fi
3214 if test ! -z "$blibpath" ; then
3215 blibpath="$blibpath:${KRB5ROOT}/lib"
3216 fi
071970fb 3217
f5555364 3218 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3219 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3220 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3221
f5555364 3222 LIBS="$LIBS $K5LIBS"
3466e002 3223 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3224 [Define this if you want to use libkafs' AFS support]))
f5555364 3225 fi
071970fb 3226 ]
12928e80 3227)
b5b68128 3228
a0391976 3229# Looking for programs, paths and files
a0391976 3230
ecac8ee5 3231PRIVSEP_PATH=/var/empty
3232AC_ARG_WITH(privsep-path,
cda1ebcb 3233 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3234 [
6cf0200f 3235 if test -n "$withval" && test "x$withval" != "xno" && \
3236 test "x${withval}" != "xyes"; then
ecac8ee5 3237 PRIVSEP_PATH=$withval
3238 fi
3239 ]
3240)
3241AC_SUBST(PRIVSEP_PATH)
3242
a0391976 3243AC_ARG_WITH(xauth,
3244 [ --with-xauth=PATH Specify path to xauth program ],
3245 [
6cf0200f 3246 if test -n "$withval" && test "x$withval" != "xno" && \
3247 test "x${withval}" != "xyes"; then
cbd7492e 3248 xauth_path=$withval
a0391976 3249 fi
3250 ],
3251 [
2bf42e4a 3252 TestPath="$PATH"
3253 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3254 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3255 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3256 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3257 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3258 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3259 xauth_path="/usr/openwin/bin/xauth"
3260 fi
3261 ]
3262)
3263
65a4b4af 3264STRIP_OPT=-s
3265AC_ARG_ENABLE(strip,
3266 [ --disable-strip Disable calling strip(1) on install],
3267 [
3268 if test "x$enableval" = "xno" ; then
3269 STRIP_OPT=
3270 fi
3271 ]
3272)
3273AC_SUBST(STRIP_OPT)
3274
b3ec54b4 3275if test -z "$xauth_path" ; then
3276 XAUTH_PATH="undefined"
3277 AC_SUBST(XAUTH_PATH)
3278else
3466e002 3279 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3280 [Define if xauth is found in your path])
b3ec54b4 3281 XAUTH_PATH=$xauth_path
3282 AC_SUBST(XAUTH_PATH)
a0391976 3283fi
a0391976 3284
3285# Check for mail directory (last resort if we cannot get it from headers)
3286if test ! -z "$MAIL" ; then
3287 maildir=`dirname $MAIL`
3466e002 3288 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3289 [Set this to your mail directory if you don't have maillock.h])
a0391976 3290fi
3291
479cece8 3292if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3293 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3294 disable_ptmx_check=yes
3295fi
a0391976 3296if test -z "$no_dev_ptmx" ; then
6e879cb4 3297 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3298 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3299 [
3466e002 3300 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3301 [Define if you have /dev/ptmx])
6e879cb4 3302 have_dev_ptmx=1
3303 ]
3304 )
3305 fi
3276571c 3306fi
1a01a50c 3307
479cece8 3308if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3309 AC_CHECK_FILE("/dev/ptc",
3310 [
3466e002 3311 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3312 [Define if you have /dev/ptc])
1a01a50c 3313 have_dev_ptc=1
3314 ]
3315 )
3316else
3317 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3318fi
3276571c 3319
a0391976 3320# Options from here on. Some of these are preset by platform above
fdf6b7aa 3321AC_ARG_WITH(mantype,
5d97cfbf 3322 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3323 [
5d97cfbf 3324 case "$withval" in
3325 man|cat|doc)
3326 MANTYPE=$withval
3327 ;;
3328 *)
3329 AC_MSG_ERROR(invalid man type: $withval)
3330 ;;
3331 esac
c54a6257 3332 ]
3333)
e0c4d3ac 3334if test -z "$MANTYPE"; then
2bf42e4a 3335 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3336 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3337 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3338 MANTYPE=doc
3339 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3340 MANTYPE=man
3341 else
3342 MANTYPE=cat
3343 fi
3344fi
c54a6257 3345AC_SUBST(MANTYPE)
e0c4d3ac 3346if test "$MANTYPE" = "doc"; then
3347 mansubdir=man;
3348else
3349 mansubdir=$MANTYPE;
3350fi
3351AC_SUBST(mansubdir)
0bc5b6fb 3352
a0391976 3353# Check whether to enable MD5 passwords
aff51935 3354MD5_MSG="no"
2ddcfdf3 3355AC_ARG_WITH(md5-passwords,
caf3bc51 3356 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3357 [
bcf36c78 3358 if test "x$withval" != "xno" ; then
3466e002 3359 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3360 [Define if you want to allow MD5 passwords])
aff51935 3361 MD5_MSG="yes"
0bc5b6fb 3362 fi
3363 ]
caf3bc51 3364)
3365
a0391976 3366# Whether to disable shadow password support
a7effaac 3367AC_ARG_WITH(shadow,
3368 [ --without-shadow Disable shadow password support],
3369 [
82f4e93d 3370 if test "x$withval" = "xno" ; then
a7effaac 3371 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3372 disable_shadow=yes
a7effaac 3373 fi
3374 ]
3375)
3376
4cb5ffa0 3377if test -z "$disable_shadow" ; then
3378 AC_MSG_CHECKING([if the systems has expire shadow information])
3379 AC_TRY_COMPILE(
3380 [
3381#include <sys/types.h>
3382#include <shadow.h>
3383 struct spwd sp;
3384 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3385 [ sp_expire_available=yes ], []
3386 )
3387
3388 if test "x$sp_expire_available" = "xyes" ; then
3389 AC_MSG_RESULT(yes)
3466e002 3390 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3391 [Define if you want to use shadow password expire field])
4cb5ffa0 3392 else
3393 AC_MSG_RESULT(no)
3394 fi
3395fi
3396
a0391976 3397# Use ip address instead of hostname in $DISPLAY
44839801 3398if test ! -z "$IPADDR_IN_DISPLAY" ; then
3399 DISPLAY_HACK_MSG="yes"
3466e002 3400 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3401 [Define if you need to use IP address
3402 instead of hostname in $DISPLAY])
44839801 3403else
aff51935 3404 DISPLAY_HACK_MSG="no"
44839801 3405 AC_ARG_WITH(ipaddr-display,
3406 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3407 [
82f4e93d 3408 if test "x$withval" != "xno" ; then
44839801 3409 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3410 DISPLAY_HACK_MSG="yes"
44839801 3411 fi
3412 ]
3413 )
3414fi
a7effaac 3415
95b99395 3416# check for /etc/default/login and use it if present.
daa41e62 3417AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3418 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3419 [ if test "x$enableval" = "xno"; then
3420 AC_MSG_NOTICE([/etc/default/login handling disabled])
3421 etc_default_login=no
3422 else
3423 etc_default_login=yes
3424 fi ],
b0e7249f 3425 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3426 then
3427 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3428 etc_default_login=no
3429 else
3430 etc_default_login=yes
3431 fi ]
694d0cef 3432)
95b99395 3433
694d0cef 3434if test "x$etc_default_login" != "xno"; then
3435 AC_CHECK_FILE("/etc/default/login",
3436 [ external_path_file=/etc/default/login ])
b0e7249f 3437 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3438 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3439 [Define if your system has /etc/default/login])
1a01a50c 3440 fi
694d0cef 3441fi
95b99395 3442
8d184c09 3443dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3444if test $ac_cv_func_login_getcapbool = "yes" && \
3445 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3446 external_path_file=/etc/login.conf
8d184c09 3447fi
95b99395 3448
a0391976 3449# Whether to mess with the default path
aff51935 3450SERVER_PATH_MSG="(default)"
c43d69a9 3451AC_ARG_WITH(default-path,
75817f90 3452 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3453 [
95b99395 3454 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3455 AC_MSG_WARN([
3456--with-default-path=PATH has no effect on this system.
3457Edit /etc/login.conf instead.])
82f4e93d 3458 elif test "x$withval" != "xno" ; then
89bbd457 3459 if test ! -z "$external_path_file" ; then
95b99395 3460 AC_MSG_WARN([
3461--with-default-path=PATH will only be used if PATH is not defined in
3462$external_path_file .])
3463 fi
b2d818e6 3464 user_path="$withval"
aff51935 3465 SERVER_PATH_MSG="$withval"
cb807f40 3466 fi
b2d818e6 3467 ],
95b99395 3468 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3469 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3470 else
89bbd457 3471 if test ! -z "$external_path_file" ; then
95b99395 3472 AC_MSG_WARN([
3473If PATH is defined in $external_path_file, ensure the path to scp is included,
3474otherwise scp will not work.])
3475 fi
b0e7249f 3476 AC_RUN_IFELSE(
3477 [AC_LANG_SOURCE([[
b2d818e6 3478/* find out what STDPATH is */
3479#include <stdio.h>
b2d818e6 3480#ifdef HAVE_PATHS_H
3481# include <paths.h>
3482#endif
3483#ifndef _PATH_STDPATH
d9a4e55b 3484# ifdef _PATH_USERPATH /* Irix */
3485# define _PATH_STDPATH _PATH_USERPATH
3486# else
3487# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3488# endif
b2d818e6 3489#endif
3490#include <sys/types.h>
3491#include <sys/stat.h>
3492#include <fcntl.h>
3493#define DATA "conftest.stdpath"
3494
3495main()
3496{
3497 FILE *fd;
3498 int rc;
82f4e93d 3499
b2d818e6 3500 fd = fopen(DATA,"w");
3501 if(fd == NULL)
3502 exit(1);
82f4e93d 3503
b2d818e6 3504 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3505 exit(1);
3506
3507 exit(0);
3508}
b0e7249f 3509 ]])],
3510 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3511 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3512 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3513 )
3514# make sure $bindir is in USER_PATH so scp will work
3515 t_bindir=`eval echo ${bindir}`
3516 case $t_bindir in
3517 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3518 esac
3519 case $t_bindir in
3520 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3521 esac
3522 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3523 if test $? -ne 0 ; then
3524 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3525 if test $? -ne 0 ; then
3526 user_path=$user_path:$t_bindir
3527 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3528 fi
3529 fi
8d184c09 3530 fi ]
cb807f40 3531)
95b99395 3532if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3533 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3534 AC_SUBST(user_path)
3535fi
cb807f40 3536
06617857 3537# Set superuser path separately to user path
06617857 3538AC_ARG_WITH(superuser-path,
3539 [ --with-superuser-path= Specify different path for super-user],
3540 [
6cf0200f 3541 if test -n "$withval" && test "x$withval" != "xno" && \
3542 test "x${withval}" != "xyes"; then
3466e002 3543 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3544 [Define if you want a different $PATH
3545 for the superuser])
06617857 3546 superuser_path=$withval
3547 fi
3548 ]
3549)
3550
3551
58d100bf 3552AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3553IPV4_IN6_HACK_MSG="no"
80faa19f 3554AC_ARG_WITH(4in6,
3555 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3556 [
3557 if test "x$withval" != "xno" ; then
3558 AC_MSG_RESULT(yes)
3466e002 3559 AC_DEFINE(IPV4_IN_IPV6, 1,
3560 [Detect IPv4 in IPv6 mapped addresses
3561 and treat as IPv4])
aff51935 3562 IPV4_IN6_HACK_MSG="yes"
80faa19f 3563 else
3564 AC_MSG_RESULT(no)
3565 fi
3566 ],[
3567 if test "x$inet6_default_4in6" = "xyes"; then
3568 AC_MSG_RESULT([yes (default)])
3569 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3570 IPV4_IN6_HACK_MSG="yes"
80faa19f 3571 else
3572 AC_MSG_RESULT([no (default)])
3573 fi
3574 ]
3575)
3576
af774732 3577# Whether to enable BSD auth support
f1b0ecc3 3578BSD_AUTH_MSG=no
af774732 3579AC_ARG_WITH(bsd-auth,
3580 [ --with-bsd-auth Enable BSD auth support],
3581 [
82f4e93d 3582 if test "x$withval" != "xno" ; then
3466e002 3583 AC_DEFINE(BSD_AUTH, 1,
3584 [Define if you have BSD auth support])
f1b0ecc3 3585 BSD_AUTH_MSG=yes
af774732 3586 fi
3587 ]
3588)
3589
a0391976 3590# Where to place sshd.pid
19d9ac2a 3591piddir=/var/run
81dadca3 3592# make sure the directory exists
82f4e93d 3593if test ! -d $piddir ; then
81dadca3 3594 piddir=`eval echo ${sysconfdir}`
3595 case $piddir in
aff51935 3596 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3597 esac
3598fi
3599
47e45e44 3600AC_ARG_WITH(pid-dir,
3601 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3602 [
6cf0200f 3603 if test -n "$withval" && test "x$withval" != "xno" && \
3604 test "x${withval}" != "xyes"; then
19d9ac2a 3605 piddir=$withval
82f4e93d 3606 if test ! -d $piddir ; then
81dadca3 3607 AC_MSG_WARN([** no $piddir directory on this system **])
3608 fi
47e45e44 3609 fi
3610 ]
3611)
b7a87eea 3612
3466e002 3613AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3614AC_SUBST(piddir)
47e45e44 3615
1d7b9b20 3616dnl allow user to disable some login recording features
3617AC_ARG_ENABLE(lastlog,
bfd550a2 3618 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3619 [
3620 if test "x$enableval" = "xno" ; then
3621 AC_DEFINE(DISABLE_LASTLOG)
3622 fi
3623 ]
1d7b9b20 3624)
3625AC_ARG_ENABLE(utmp,
bfd550a2 3626 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3627 [
3628 if test "x$enableval" = "xno" ; then
3629 AC_DEFINE(DISABLE_UTMP)
3630 fi
3631 ]
1d7b9b20 3632)
3633AC_ARG_ENABLE(utmpx,
bfd550a2 3634 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3635 [
3636 if test "x$enableval" = "xno" ; then
3466e002 3637 AC_DEFINE(DISABLE_UTMPX, 1,
3638 [Define if you don't want to use utmpx])
ddb154b3 3639 fi
3640 ]
1d7b9b20 3641)
3642AC_ARG_ENABLE(wtmp,
bfd550a2 3643 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3644 [
3645 if test "x$enableval" = "xno" ; then
3646 AC_DEFINE(DISABLE_WTMP)
3647 fi
3648 ]
1d7b9b20 3649)
3650AC_ARG_ENABLE(wtmpx,
bfd550a2 3651 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3652 [
3653 if test "x$enableval" = "xno" ; then
3466e002 3654 AC_DEFINE(DISABLE_WTMPX, 1,
3655 [Define if you don't want to use wtmpx])
ddb154b3 3656 fi
3657 ]
1d7b9b20 3658)
3659AC_ARG_ENABLE(libutil,
bfd550a2 3660 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3661 [
3662 if test "x$enableval" = "xno" ; then
3663 AC_DEFINE(DISABLE_LOGIN)
3664 fi
3665 ]
1d7b9b20 3666)
3667AC_ARG_ENABLE(pututline,
bfd550a2 3668 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3669 [
3670 if test "x$enableval" = "xno" ; then
3466e002 3671 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3672 [Define if you don't want to use pututline()
3673 etc. to write [uw]tmp])
ddb154b3 3674 fi
3675 ]
1d7b9b20 3676)
3677AC_ARG_ENABLE(pututxline,
bfd550a2 3678 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3679 [
3680 if test "x$enableval" = "xno" ; then
3466e002 3681 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3682 [Define if you don't want to use pututxline()
3683 etc. to write [uw]tmpx])
ddb154b3 3684 fi
3685 ]
1d7b9b20 3686)
3687AC_ARG_WITH(lastlog,
bfd550a2 3688 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3689 [
82f4e93d 3690 if test "x$withval" = "xno" ; then
8c89dd2b 3691 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3692 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3693 conf_lastlog_location=$withval
3694 fi
3695 ]
3696)
1d7b9b20 3697
3698dnl lastlog, [uw]tmpx? detection
3699dnl NOTE: set the paths in the platform section to avoid the
3700dnl need for command-line parameters
3701dnl lastlog and [uw]tmp are subject to a file search if all else fails
3702
3703dnl lastlog detection
3704dnl NOTE: the code itself will detect if lastlog is a directory
3705AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3706AC_TRY_COMPILE([
3707#include <sys/types.h>
3708#include <utmp.h>
3709#ifdef HAVE_LASTLOG_H
3710# include <lastlog.h>
3711#endif
d7c0f3d5 3712#ifdef HAVE_PATHS_H
1d7b9b20 3713# include <paths.h>
41cb4569 3714#endif
3715#ifdef HAVE_LOGIN_H
3716# include <login.h>
1d7b9b20 3717#endif
3718 ],
3719 [ char *lastlog = LASTLOG_FILE; ],
3720 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3721 [
3722 AC_MSG_RESULT(no)
3723 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3724 AC_TRY_COMPILE([
3725#include <sys/types.h>
3726#include <utmp.h>
3727#ifdef HAVE_LASTLOG_H
3728# include <lastlog.h>
3729#endif
3730#ifdef HAVE_PATHS_H
3731# include <paths.h>
3732#endif
3733 ],
3734 [ char *lastlog = _PATH_LASTLOG; ],
3735 [ AC_MSG_RESULT(yes) ],
3736 [
f282b668 3737 AC_MSG_RESULT(no)
d7c0f3d5 3738 system_lastlog_path=no
3739 ])
3740 ]
1d7b9b20 3741)
d7c0f3d5 3742
1d7b9b20 3743if test -z "$conf_lastlog_location"; then
3744 if test x"$system_lastlog_path" = x"no" ; then
3745 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3746 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3747 conf_lastlog_location=$f
3748 fi
3749 done
3750 if test -z "$conf_lastlog_location"; then
f8119cef 3751 AC_MSG_WARN([** Cannot find lastlog **])
3752 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3753 fi
3754 fi
3755fi
3756
3757if test -n "$conf_lastlog_location"; then
3466e002 3758 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3759 [Define if you want to specify the path to your lastlog file])
82f4e93d 3760fi
1d7b9b20 3761
3762dnl utmp detection
3763AC_MSG_CHECKING([if your system defines UTMP_FILE])
3764AC_TRY_COMPILE([
3765#include <sys/types.h>
3766#include <utmp.h>
d7c0f3d5 3767#ifdef HAVE_PATHS_H
1d7b9b20 3768# include <paths.h>
3769#endif
3770 ],
3771 [ char *utmp = UTMP_FILE; ],
3772 [ AC_MSG_RESULT(yes) ],
3773 [ AC_MSG_RESULT(no)
3774 system_utmp_path=no ]
3775)
3776if test -z "$conf_utmp_location"; then
3777 if test x"$system_utmp_path" = x"no" ; then
3778 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3779 if test -f $f ; then
3780 conf_utmp_location=$f
3781 fi
3782 done
3783 if test -z "$conf_utmp_location"; then
3784 AC_DEFINE(DISABLE_UTMP)
3785 fi
3786 fi
3787fi
3788if test -n "$conf_utmp_location"; then
3466e002 3789 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3790 [Define if you want to specify the path to your utmp file])
82f4e93d 3791fi
1d7b9b20 3792
3793dnl wtmp detection
3794AC_MSG_CHECKING([if your system defines WTMP_FILE])
3795AC_TRY_COMPILE([
3796#include <sys/types.h>
3797#include <utmp.h>
d7c0f3d5 3798#ifdef HAVE_PATHS_H
1d7b9b20 3799# include <paths.h>
3800#endif
3801 ],
3802 [ char *wtmp = WTMP_FILE; ],
3803 [ AC_MSG_RESULT(yes) ],
3804 [ AC_MSG_RESULT(no)
3805 system_wtmp_path=no ]
3806)
3807if test -z "$conf_wtmp_location"; then
3808 if test x"$system_wtmp_path" = x"no" ; then
3809 for f in /usr/adm/wtmp /var/log/wtmp; do
3810 if test -f $f ; then
3811 conf_wtmp_location=$f
3812 fi
3813 done
3814 if test -z "$conf_wtmp_location"; then
3815 AC_DEFINE(DISABLE_WTMP)
3816 fi
3817 fi
3818fi
3819if test -n "$conf_wtmp_location"; then
3466e002 3820 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3821 [Define if you want to specify the path to your wtmp file])
82f4e93d 3822fi
1d7b9b20 3823
3824
3825dnl utmpx detection - I don't know any system so perverse as to require
3826dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3827dnl there, though.
3828AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3829AC_TRY_COMPILE([
3830#include <sys/types.h>
3831#include <utmp.h>
3832#ifdef HAVE_UTMPX_H
3833#include <utmpx.h>
3834#endif
d7c0f3d5 3835#ifdef HAVE_PATHS_H
1d7b9b20 3836# include <paths.h>
3837#endif
3838 ],
3839 [ char *utmpx = UTMPX_FILE; ],
3840 [ AC_MSG_RESULT(yes) ],
3841 [ AC_MSG_RESULT(no)
3842 system_utmpx_path=no ]
3843)
3844if test -z "$conf_utmpx_location"; then
3845 if test x"$system_utmpx_path" = x"no" ; then
3846 AC_DEFINE(DISABLE_UTMPX)
3847 fi
3848else
3466e002 3849 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3850 [Define if you want to specify the path to your utmpx file])
82f4e93d 3851fi
1d7b9b20 3852
3853dnl wtmpx detection
3854AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3855AC_TRY_COMPILE([
3856#include <sys/types.h>
3857#include <utmp.h>
3858#ifdef HAVE_UTMPX_H
3859#include <utmpx.h>
3860#endif
d7c0f3d5 3861#ifdef HAVE_PATHS_H
1d7b9b20 3862# include <paths.h>
3863#endif
3864 ],
3865 [ char *wtmpx = WTMPX_FILE; ],
3866 [ AC_MSG_RESULT(yes) ],
3867 [ AC_MSG_RESULT(no)
3868 system_wtmpx_path=no ]
3869)
3870if test -z "$conf_wtmpx_location"; then
3871 if test x"$system_wtmpx_path" = x"no" ; then
3872 AC_DEFINE(DISABLE_WTMPX)
3873 fi
3874else
3466e002 3875 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3876 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3877fi
1d7b9b20 3878
b7a87eea 3879
bd499f9e 3880if test ! -z "$blibpath" ; then
68ece370 3881 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3882 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3883fi
3884
ed89c848 3885dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3886dnl Add now.
3887CFLAGS="$CFLAGS $werror_flags"
3888
3c62e7eb 3889AC_EXEEXT
d7cfdd7c 3890AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
46096a5b 3891 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3892AC_OUTPUT
d3083fbd 3893
cbd7492e 3894# Print summary of options
3895
cbd7492e 3896# Someone please show me a better way :)
3897A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3898B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3899C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3900D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3901E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3902F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3903G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3904H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3905I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3906J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3907
3908echo ""
26de7942 3909echo "OpenSSH has been configured with the following options:"
ecac8ee5 3910echo " User binaries: $B"
3911echo " System binaries: $C"
3912echo " Configuration files: $D"
3913echo " Askpass program: $E"
3914echo " Manual pages: $F"
3915echo " PID file: $G"
3916echo " Privilege separation chroot path: $H"
95b99395 3917if test "x$external_path_file" = "x/etc/login.conf" ; then
3918echo " At runtime, sshd will use the path defined in $external_path_file"
3919echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3920else
ecac8ee5 3921echo " sshd default user PATH: $I"
89bbd457 3922 if test ! -z "$external_path_file"; then
95b99395 3923echo " (If PATH is set in $external_path_file it will be used instead. If"
3924echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3925 fi
8d184c09 3926fi
06617857 3927if test ! -z "$superuser_path" ; then
ecac8ee5 3928echo " sshd superuser user PATH: $J"
3929fi
3930echo " Manpage format: $MANTYPE"
3e05e934 3931echo " PAM support: $PAM_MSG"
5b84789f 3932echo " OSF SIA support: $SIA_MSG"
ecac8ee5 3933echo " KerberosV support: $KRB5_MSG"
ef4d1846 3934echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3935echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3936echo " S/KEY support: $SKEY_MSG"
3937echo " TCP Wrappers support: $TCPW_MSG"
3938echo " MD5 password support: $MD5_MSG"
59031773 3939echo " libedit support: $LIBEDIT_MSG"
5b84789f 3940echo " Solaris process contract support: $SPC_MSG"
3deb1408 3941echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3942echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3943echo " BSD Auth support: $BSD_AUTH_MSG"
3944echo " Random number source: $RAND_MSG"
f1b0ecc3 3945if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3946echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3947fi
3948
cbd7492e 3949echo ""
3950
0c2fb82f 3951echo " Host: ${host}"
3952echo " Compiler: ${CC}"
3953echo " Compiler flags: ${CFLAGS}"
3954echo "Preprocessor flags: ${CPPFLAGS}"
3955echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3956echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3957
3958echo ""
3959
9cefe228 3960if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3961 echo "SVR4 style packages are supported with \"make package\""
3962 echo ""
9cefe228 3963fi
3964
adeebd37 3965if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3966 echo "PAM is enabled. You may need to install a PAM control file "
3967 echo "for sshd, otherwise password authentication may fail. "
aff51935 3968 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3969 echo "subdirectory"
adeebd37 3970 echo ""
3971fi
3972
f1b0ecc3 3973if test ! -z "$RAND_HELPER_CMDHASH" ; then
3974 echo "WARNING: you are using the builtin random number collection "
3975 echo "service. Please read WARNING.RNG and request that your OS "
3976 echo "vendor includes kernel-based random number collection in "
3977 echo "future versions of your OS."
2c523de9 3978 echo ""
3979fi
af774732 3980
2f6f9cff 3981if test ! -z "$NO_PEERCHECK" ; then
3982 echo "WARNING: the operating system that you are using does not "
3983 echo "appear to support either the getpeereid() API nor the "
3984 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3985 echo "enforce security checks to prevent unauthorised connections to "
3986 echo "ssh-agent. Their absence increases the risk that a malicious "
3987 echo "user can connect to your agent. "
3988 echo ""
3989fi
3990
7b578f7d 3991if test "$AUDIT_MODULE" = "bsm" ; then
3992 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3993 echo "See the Solaris section in README.platform for details."
3994fi
git-cvsimport mirror of OpenSSH
This page took 1.002652 seconds and 5 git commands to generate.