]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [contrib/cygwin/ssh-host-config] better support for automated
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
b5902374 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
cd595991 112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
b55b0285 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
caa21240 127 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 128 # and/or platforms, so we test if we can. If it's not supported
53e2660a 129 # on a given platform gcc will emit a warning so we use -Werror.
caa21240 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
23c5c479 132 AC_MSG_CHECKING(if $CC supports $t)
caa21240 133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
23c5c479 135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
53e2660a 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
23c5c479 141 ])],
caa21240 142 [ AC_MSG_RESULT(yes)
23c5c479 143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
caa21240 145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
53e2660a 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
caa21240 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
23c5c479 156 )
caa21240 157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
eb5a7224 164
dfafb2e1 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
d423d822 176fi
177
0b9fdeb8 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
e6354014 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
82f4e93d 185 if test "x$withval" = "xno" ; then
e6354014 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
aa56f760 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
6d39a5c4 265 poll.h \
aa56f760 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
4538e135 282 sys/mount.h \
aa56f760 283 sys/ndir.h \
8aa5db7d 284 sys/poll.h \
aa56f760 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
4538e135 292 sys/statvfs.h \
aa56f760 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
40701614 300 ucred.h \
aa56f760 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
5b84789f 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
a0391976 333# Check for some target-specific stuff
a7effaac 334case "$host" in
9d6b1b96 335*-*-aix*)
25a2779b 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
aff51935 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 358 if (test -z "$blibpath"); then
0a15d73b 359 blibpath="/usr/lib:/lib"
68ece370 360 fi
361 saved_LDFLAGS="$LDFLAGS"
e7479666 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
68ece370 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
bd499f9e 378 fi
68ece370 379 LDFLAGS="$saved_LDFLAGS"
e351e493 380 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
0764e748 383 [AC_CHECK_LIB(s,authenticate,
e351e493 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 385 LIBS="$LIBS -ls"
386 ])
387 ])
ba603e06 388 dnl Check for various auth function declarations in headers.
c85ed8e2 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 392 AC_CHECK_DECLS(loginfailed,
e351e493 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
f58c0e01 395 [#include <usersec.h>],
e351e493 396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
3466e002 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 401 [AC_MSG_RESULT(no)]
e351e493 402 )],
403 [],
404 [#include <usersec.h>]
405 )
533a78f0 406 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 407 AC_CHECK_DECL(F_CLOSEM,
795e7517 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
5ccf88cb 413 check_for_aix_broken_getaddrinfo=1
3466e002 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 419 dnl AIX handles lastlog as part of its login message
3466e002 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
961c2997 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 429 ;;
3c62e7eb 430*-*-cygwin*)
a52997bd 431 check_for_libcrypt_later=1
04765d02 432 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
3466e002 437 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
438 [Define if X11 doesn't support AF_UNIX sockets on that system])
439 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
440 [Define if the concept of ports only accessible to
441 superusers isn't known])
442 AC_DEFINE(DISABLE_FD_PASSING, 1,
443 [Define if your platform needs to skip post auth
444 file descriptor passing])
3c62e7eb 445 ;;
d6fdb079 446*-*-dgux*)
bc9a470b 447 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
448 [Define if your system choked on IP TOS setting])
0c6a72a5 449 AC_DEFINE(SETEUID_BREAKS_SETUID)
450 AC_DEFINE(BROKEN_SETREUID)
451 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 452 ;;
39c98ef7 453*-*-darwin*)
33e2e066 454 AC_MSG_CHECKING(if we have working getaddrinfo)
455 AC_TRY_RUN([#include <mach-o/dyld.h>
456main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
457 exit(0);
458 else
459 exit(1);
460}], [AC_MSG_RESULT(working)],
461 [AC_MSG_RESULT(buggy)
3466e002 462 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 463 [AC_MSG_RESULT(assume it is working)])
635e0c42 464 AC_DEFINE(SETEUID_BREAKS_SETUID)
465 AC_DEFINE(BROKEN_SETREUID)
466 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 467 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 468 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
469 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 470 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
471 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
472 [Use tunnel device compatibility to OpenBSD])
473 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
474 [Prepend the address family to IP tunnel traffic])
a74e9b64 475 m4_pattern_allow(AU_IPv)
476 AC_CHECK_DECL(AU_IPv4, [],
477 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
478 [#include <bsm/audit.h>]
295dd642 479 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1,
480 [Define if pututxline updates lastlog too])
a74e9b64 481 )
39c98ef7 482 ;;
36f36ba3 483*-*-dragonfly*)
484 SSHDLIBS="$SSHDLIBS -lcrypt"
485 ;;
7d458c86 486*-*-hpux*)
487 # first we define all of the options common to all HP-UX releases
b8fea62d 488 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 489 IPADDR_IN_DISPLAY=yes
2b10f47a 490 AC_DEFINE(USE_PIPES)
3466e002 491 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
492 [Define if your login program cannot handle end of options ("--")])
a2572aa7 493 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 494 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
495 [String used in /etc/passwd to denote locked account])
3a2b2b44 496 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 497 MAIL="/var/mail/username"
f75ca46d 498 LIBS="$LIBS -lsec"
7d458c86 499 AC_CHECK_LIB(xnet, t_error, ,
500 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
501
502 # next, we define all of the options specific to major releases
503 case "$host" in
504 *-*-hpux10*)
505 if test -z "$GCC"; then
506 CFLAGS="$CFLAGS -Ae"
507 fi
508 ;;
509 *-*-hpux11*)
3466e002 510 AC_DEFINE(PAM_SUN_CODEBASE, 1,
511 [Define if you are using Solaris-derived PAM which
512 passes pam_messages to the conversation function
513 with an extra level of indirection])
514 AC_DEFINE(DISABLE_UTMP, 1,
515 [Define if you don't want to use utmp])
7d458c86 516 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
517 check_for_hpux_broken_getaddrinfo=1
518 check_for_conflicting_getspnam=1
519 ;;
520 esac
521
522 # lastly, we define options specific to minor releases
523 case "$host" in
524 *-*-hpux10.26)
3466e002 525 AC_DEFINE(HAVE_SECUREWARE, 1,
526 [Define if you have SecureWare-based
527 protected password database])
7d458c86 528 disable_ptmx_check=yes
529 LIBS="$LIBS -lsecpw"
530 ;;
531 esac
2b763e31 532 ;;
d94aa2ae 533*-*-irix5*)
6ac7829a 534 PATH="$PATH:/usr/etc"
3466e002 535 AC_DEFINE(BROKEN_INET_NTOA, 1,
536 [Define if you system's inet_ntoa is busted
537 (e.g. Irix gcc issue)])
cb433561 538 AC_DEFINE(SETEUID_BREAKS_SETUID)
539 AC_DEFINE(BROKEN_SETREUID)
540 AC_DEFINE(BROKEN_SETREGID)
3466e002 541 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
542 [Define if you shouldn't strip 'tty' from your
543 ttyname in [uw]tmp])
3e6e3da0 544 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 545 ;;
546*-*-irix6*)
6ac7829a 547 PATH="$PATH:/usr/etc"
3466e002 548 AC_DEFINE(WITH_IRIX_ARRAY, 1,
549 [Define if you have/want arrays
550 (cluster-wide session managment, not C arrays)])
551 AC_DEFINE(WITH_IRIX_PROJECT, 1,
552 [Define if you want IRIX project management])
553 AC_DEFINE(WITH_IRIX_AUDIT, 1,
554 [Define if you want IRIX audit trails])
555 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
556 [Define if you want IRIX kernel jobs])])
416ed5a7 557 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 558 AC_DEFINE(SETEUID_BREAKS_SETUID)
559 AC_DEFINE(BROKEN_SETREUID)
560 AC_DEFINE(BROKEN_SETREGID)
3466e002 561 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 562 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 563 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 564 ;;
4c3b7423 565*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu)
566 check_for_libcrypt_later=1
567 AC_DEFINE(PAM_TTY_KLUDGE)
568 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
569 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
570 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
571 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
572 ;;
5cdfe03f 573*-*-linux*)
574 no_dev_ptmx=1
717057b6 575 check_for_libcrypt_later=1
eacb954e 576 check_for_openpty_ctty_bug=1
3466e002 577 AC_DEFINE(PAM_TTY_KLUDGE, 1,
578 [Work around problematic Linux PAM modules handling of PAM_TTY])
579 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
580 [String used in /etc/passwd to denote locked account])
3a2b2b44 581 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 582 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
583 [Define to whatever link() returns for "not supported"
584 if it doesn't return EOPNOTSUPP.])
b6610e8f 585 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 586 AC_DEFINE(USE_BTMP)
80faa19f 587 inet6_default_4in6=yes
bf7c1e6c 588 case `uname -r` in
ad84c479 589 1.*|2.0.*)
3466e002 590 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
591 [Define if cmsg_type is not passed correctly])
bf7c1e6c 592 ;;
bf7c1e6c 593 esac
c40f09ca 594 # tun(4) forwarding compat code
d91775e1 595 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 596 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 597 AC_DEFINE(SSH_TUN_LINUX, 1,
598 [Open tunnel devices the Linux tun/tap way])
599 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
600 [Use tunnel device compatibility to OpenBSD])
601 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
602 [Prepend the address family to IP tunnel traffic])
603 fi
5cdfe03f 604 ;;
66d6c27e 605mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 606 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 607 SONY=1
66d6c27e 608 ;;
d468fc76 609*-*-netbsd*)
33e2e066 610 check_for_libcrypt_before=1
82f4e93d 611 if test "x$withval" != "xno" ; then
e6354014 612 need_dash_r=1
613 fi
0f6cb079 614 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
615 AC_CHECK_HEADER([net/if_tap.h], ,
616 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
617 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
618 [Prepend the address family to IP tunnel traffic])
d468fc76 619 ;;
86b416a7 620*-*-freebsd*)
621 check_for_libcrypt_later=1
988c5031 622 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 623 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
624 AC_CHECK_HEADER([net/if_tap.h], ,
625 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 626 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 627 ;;
8707b7eb 628*-*-bsdi*)
629 AC_DEFINE(SETEUID_BREAKS_SETUID)
630 AC_DEFINE(BROKEN_SETREUID)
631 AC_DEFINE(BROKEN_SETREGID)
632 ;;
729bfe59 633*-next-*)
729bfe59 634 conf_lastlog_location="/usr/adm/lastlog"
698d107e 635 conf_utmp_location=/etc/utmp
636 conf_wtmp_location=/usr/adm/wtmp
637 MAIL=/usr/spool/mail
3466e002 638 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 639 AC_DEFINE(BROKEN_REALPATH)
00937921 640 AC_DEFINE(USE_PIPES)
3466e002 641 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 642 ;;
5b7b5e23 643*-*-openbsd*)
644 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 645 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 646 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 647 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
648 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 649 ;;
9d6b1b96 650*-*-solaris*)
82f4e93d 651 if test "x$withval" != "xno" ; then
010e9d5b 652 need_dash_r=1
653 fi
adeebd37 654 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 655 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 656 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
657 [Some versions of /bin/login need the TERM supplied
658 on the commandline])
7f0a4ff1 659 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 660 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
661 [Define if pam_chauthtok wants real uid set
662 to the unpriv'ed user])
3e6e3da0 663 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 664 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 665 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
666 [Define if sshd somehow reacquires a controlling TTY
667 after setsid()])
795aa5f5 668 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
669 in case the name is longer than 8 chars])
95b99395 670 external_path_file=/etc/default/login
1d7b9b20 671 # hardwire lastlog location (can't detect it on some versions)
672 conf_lastlog_location="/var/adm/lastlog"
32c80420 673 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
674 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
675 if test "$sol2ver" -ge 8; then
676 AC_MSG_RESULT(yes)
677 AC_DEFINE(DISABLE_UTMP)
3466e002 678 AC_DEFINE(DISABLE_WTMP, 1,
679 [Define if you don't want to use wtmp])
32c80420 680 else
681 AC_MSG_RESULT(no)
682 fi
5b84789f 683 AC_ARG_WITH(solaris-contracts,
684 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
685 [
686 AC_CHECK_LIB(contract, ct_tmpl_activate,
687 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
688 [Define if you have Solaris process contracts])
689 SSHDLIBS="$SSHDLIBS -lcontract"
690 AC_SUBST(SSHDLIBS)
691 SPC_MSG="yes" ], )
692 ],
693 )
9d6b1b96 694 ;;
a423beaf 695*-*-sunos4*)
0c2fb82f 696 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 697 AC_CHECK_FUNCS(getpwanam)
adeebd37 698 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 699 conf_utmp_location=/etc/utmp
700 conf_wtmp_location=/var/adm/wtmp
701 conf_lastlog_location=/var/adm/lastlog
137d7b6c 702 AC_DEFINE(USE_PIPES)
a423beaf 703 ;;
6f68f28a 704*-ncr-sysv*)
98a7c37b 705 LIBS="$LIBS -lc89"
29525240 706 AC_DEFINE(USE_PIPES)
eabb99c6 707 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 708 AC_DEFINE(SETEUID_BREAKS_SETUID)
709 AC_DEFINE(BROKEN_SETREUID)
710 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 711 ;;
132dd316 712*-sni-sysv*)
c8c15bcb 713 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 714 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 715 # -lresolv needs to be at the end of LIBS or DNS lookups break
716 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 717 IPADDR_IN_DISPLAY=yes
718 AC_DEFINE(USE_PIPES)
132dd316 719 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 720 AC_DEFINE(SETEUID_BREAKS_SETUID)
721 AC_DEFINE(BROKEN_SETREUID)
722 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 723 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 724 external_path_file=/etc/default/login
c8c15bcb 725 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
726 # Attention: always take care to bind libsocket and libnsl before libc,
727 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 728 ;;
79a7ba96 729# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 730*-*-sysv4.2*)
ed6553e2 731 AC_DEFINE(USE_PIPES)
7ed101c0 732 AC_DEFINE(SETEUID_BREAKS_SETUID)
733 AC_DEFINE(BROKEN_SETREUID)
734 AC_DEFINE(BROKEN_SETREGID)
46f853b9 735 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 736 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 737 ;;
79a7ba96 738# UnixWare 7.x, OpenUNIX 8
77bb0bca 739*-*-sysv5*)
d7d2cc6e 740 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 741 AC_DEFINE(USE_PIPES)
7ed101c0 742 AC_DEFINE(SETEUID_BREAKS_SETUID)
743 AC_DEFINE(BROKEN_SETREUID)
744 AC_DEFINE(BROKEN_SETREGID)
3466e002 745 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 746 case "$host" in
747 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
748 TEST_SHELL=/u95/bin/sh
3466e002 749 AC_DEFINE(BROKEN_LIBIAF, 1,
750 [ia_uinfo routines not supported by OS yet])
5cc6ddad 751 AC_DEFINE(BROKEN_UPDWTMPX)
16076ac9 752 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
753 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
754 AC_DEFINE(HAVE_SECUREWARE)
755 AC_DEFINE(DISABLE_SHADOW)
756 ],,)
822015dd 757 ;;
e45da4d6 758 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
44a71983 759 check_for_libcrypt_later=1
e45da4d6 760 ;;
822015dd 761 esac
77bb0bca 762 ;;
9d6b1b96 763*-*-sysv*)
9d6b1b96 764 ;;
79a7ba96 765# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 766*-*-sco3.2v4*)
11cf4f1f 767 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 768 ;;
79a7ba96 769# SCO OpenServer 5.x
77bb0bca 770*-*-sco3.2v5*)
21710e39 771 if test -z "$GCC"; then
772 CFLAGS="$CFLAGS -belf"
773 fi
ed6553e2 774 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 775 no_dev_ptmx=1
ed6553e2 776 AC_DEFINE(USE_PIPES)
6e879cb4 777 AC_DEFINE(HAVE_SECUREWARE)
d287c664 778 AC_DEFINE(DISABLE_SHADOW)
94d8258b 779 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 780 AC_DEFINE(SETEUID_BREAKS_SETUID)
781 AC_DEFINE(BROKEN_SETREUID)
782 AC_DEFINE(BROKEN_SETREGID)
bcebad47 783 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 784 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 785 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 786 AC_CHECK_FUNCS(getluid setluid)
533875af 787 MANTYPE=man
a3245b92 788 TEST_SHELL=ksh
509b1f88 789 ;;
ccbb983c 790*-*-unicosmk*)
3466e002 791 AC_DEFINE(NO_SSH_LASTLOG, 1,
792 [Define if you don't want to use lastlog in session.c])
c1ad5966 793 AC_DEFINE(SETEUID_BREAKS_SETUID)
794 AC_DEFINE(BROKEN_SETREUID)
795 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 796 AC_DEFINE(USE_PIPES)
797 AC_DEFINE(DISABLE_FD_PASSING)
798 LDFLAGS="$LDFLAGS"
799 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
800 MANTYPE=cat
d262b7f2 801 ;;
7b9a8c6e 802*-*-unicosmp*)
c1ad5966 803 AC_DEFINE(SETEUID_BREAKS_SETUID)
804 AC_DEFINE(BROKEN_SETREUID)
805 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 806 AC_DEFINE(WITH_ABBREV_NO_TTY)
807 AC_DEFINE(USE_PIPES)
808 AC_DEFINE(DISABLE_FD_PASSING)
809 LDFLAGS="$LDFLAGS"
c1ad5966 810 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 811 MANTYPE=cat
812 ;;
ca5c7d6a 813*-*-unicos*)
c1ad5966 814 AC_DEFINE(SETEUID_BREAKS_SETUID)
815 AC_DEFINE(BROKEN_SETREUID)
816 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 817 AC_DEFINE(USE_PIPES)
94d8258b 818 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 819 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 820 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
821 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
822 MANTYPE=cat
a704dd54 823 ;;
4d33e531 824*-dec-osf*)
99c8ddac 825 AC_MSG_CHECKING(for Digital Unix SIA)
826 no_osfsia=""
827 AC_ARG_WITH(osfsia,
828 [ --with-osfsia Enable Digital Unix SIA],
829 [
830 if test "x$withval" = "xno" ; then
831 AC_MSG_RESULT(disabled)
832 no_osfsia=1
833 fi
834 ],
835 )
836 if test -z "$no_osfsia" ; then
4d33e531 837 if test -f /etc/sia/matrix.conf; then
838 AC_MSG_RESULT(yes)
3466e002 839 AC_DEFINE(HAVE_OSF_SIA, 1,
840 [Define if you have Digital Unix Security
841 Integration Architecture])
842 AC_DEFINE(DISABLE_LOGIN, 1,
843 [Define if you don't want to use your
844 system's login() call])
58d0df4e 845 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 846 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 847 SIA_MSG="yes"
4d33e531 848 else
849 AC_MSG_RESULT(no)
3466e002 850 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
851 [String used in /etc/passwd to denote locked account])
4d33e531 852 fi
853 fi
a6e67b60 854 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 855 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 856 AC_DEFINE(BROKEN_SETREUID)
857 AC_DEFINE(BROKEN_SETREGID)
6ed8a3ae 858 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
4d33e531 859 ;;
41cb4569 860
9c54c067 861*-*-nto-qnx*)
41cb4569 862 AC_DEFINE(USE_PIPES)
863 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 864 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
865 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
866 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 867 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 868 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 869 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 870 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 871 case "$host" in
872 *-*-nto-qnx6*)
873 AC_DEFINE(DISABLE_FD_PASSING)
874 ;;
875 esac
41cb4569 876 ;;
35fc74ed 877
878*-*-ultrix*)
3466e002 879 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
880 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 881 AC_DEFINE(NEED_SETPGRP)
b5765e1d 882 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
883 ;;
157b6700 884
885*-*-lynxos)
886 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 887 AC_DEFINE(MISSING_HOWMANY)
157b6700 888 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
889 ;;
a7effaac 890esac
891
c5829391 892AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 893AC_RUN_IFELSE(
894 [AC_LANG_SOURCE([
c5829391 895#include <stdio.h>
896int main(){exit(0);}
479cece8 897 ])],
c5829391 898 [ AC_MSG_RESULT(yes) ],
899 [
900 AC_MSG_RESULT(no)
901 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 902 ],
903 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 904)
905
b04a9f8c 906dnl Checks for header files.
a0391976 907# Checks for libraries.
98a7c37b 908AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
909AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 910
446227d6 911dnl IRIX and Solaris 2.5.1 have dirname() in libgen
912AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
913 AC_CHECK_LIB(gen, dirname,[
914 AC_CACHE_CHECK([for broken dirname],
915 ac_cv_have_broken_dirname, [
916 save_LIBS="$LIBS"
917 LIBS="$LIBS -lgen"
b0e7249f 918 AC_RUN_IFELSE(
919 [AC_LANG_SOURCE([[
446227d6 920#include <libgen.h>
921#include <string.h>
922
923int main(int argc, char **argv) {
924 char *s, buf[32];
925
926 strncpy(buf,"/etc", 32);
927 s = dirname(buf);
928 if (!s || strncmp(s, "/", 32) != 0) {
929 exit(1);
930 } else {
931 exit(0);
932 }
933}
b0e7249f 934 ]])],
935 [ ac_cv_have_broken_dirname="no" ],
936 [ ac_cv_have_broken_dirname="yes" ],
446227d6 937 [ ac_cv_have_broken_dirname="no" ],
446227d6 938 )
939 LIBS="$save_LIBS"
940 ])
941 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
942 LIBS="$LIBS -lgen"
943 AC_DEFINE(HAVE_DIRNAME)
944 AC_CHECK_HEADERS(libgen.h)
945 fi
946 ])
947])
948
949AC_CHECK_FUNC(getspnam, ,
950 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 951AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
952 [Define if you have the basename function.]))
446227d6 953
98a7c37b 954dnl zlib is required
955AC_ARG_WITH(zlib,
956 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 957 [ if test "x$withval" = "xno" ; then
958 AC_MSG_ERROR([*** zlib is required ***])
959 elif test "x$withval" != "xyes"; then
98a7c37b 960 if test -d "$withval/lib"; then
961 if test -n "${need_dash_r}"; then
5a162955 962 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 963 else
5a162955 964 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 965 fi
966 else
967 if test -n "${need_dash_r}"; then
5a162955 968 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 969 else
5a162955 970 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 971 fi
972 fi
973 if test -d "$withval/include"; then
5a162955 974 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 975 else
5a162955 976 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 977 fi
6dd05556 978 fi ]
98a7c37b 979)
980
0a15d73b 981AC_CHECK_LIB(z, deflate, ,
982 [
983 saved_CPPFLAGS="$CPPFLAGS"
984 saved_LDFLAGS="$LDFLAGS"
985 save_LIBS="$LIBS"
986 dnl Check default zlib install dir
987 if test -n "${need_dash_r}"; then
988 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
989 else
990 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
991 fi
992 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
993 LIBS="$LIBS -lz"
994 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
995 [
996 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
997 ]
998 )
999 ]
1000)
4ad65809 1001AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 1002
1003AC_ARG_WITH(zlib-version-check,
1004 [ --without-zlib-version-check Disable zlib version check],
1005 [ if test "x$withval" = "xno" ; then
1006 zlib_check_nonfatal=1
1007 fi
1008 ]
1009)
1010
5c7fc85d 1011AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 1012AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 1013#include <stdio.h>
4ad65809 1014#include <zlib.h>
1015int main()
1016{
5c7fc85d 1017 int a=0, b=0, c=0, d=0, n, v;
1018 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1019 if (n != 3 && n != 4)
4ad65809 1020 exit(1);
5c7fc85d 1021 v = a*1000000 + b*10000 + c*100 + d;
1022 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1023
1024 /* 1.1.4 is OK */
1025 if (a == 1 && b == 1 && c >= 4)
4ad65809 1026 exit(0);
5c7fc85d 1027
0072b59d 1028 /* 1.2.3 and up are OK */
1029 if (v >= 1020300)
5c7fc85d 1030 exit(0);
1031
4ad65809 1032 exit(2);
1033}
479cece8 1034 ]])],
5c7fc85d 1035 AC_MSG_RESULT(no),
1036 [ AC_MSG_RESULT(yes)
8068d564 1037 if test -z "$zlib_check_nonfatal" ; then
1038 AC_MSG_ERROR([*** zlib too old - check config.log ***
1039Your reported zlib version has known security problems. It's possible your
1040vendor has fixed these problems without changing the version number. If you
1041are sure this is the case, you can disable the check by running
1042"./configure --without-zlib-version-check".
6090bcfe 1043If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1044See http://www.gzip.org/zlib/ for details.])
8068d564 1045 else
1046 AC_MSG_WARN([zlib version may have security problems])
1047 fi
1a01a50c 1048 ],
1049 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1050)
48e7916f 1051
2c523de9 1052dnl UnixWare 2.x
aff51935 1053AC_CHECK_FUNC(strcasecmp,
2c523de9 1054 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1055)
23361281 1056AC_CHECK_FUNCS(utimes,
cda1ebcb 1057 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1058 LIBS="$LIBS -lc89"]) ]
2c523de9 1059)
4cca272e 1060
7c6d759d 1061dnl Checks for libutil functions
1062AC_CHECK_HEADERS(libutil.h)
3466e002 1063AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1064 [Define if your libraries define login()])])
b3ef88dc 1065AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1066
a738c3b0 1067AC_FUNC_STRFTIME
1068
84ceda19 1069# Check for ALTDIRFUNC glob() extension
1070AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1071AC_EGREP_CPP(FOUNDIT,
1072 [
1073 #include <glob.h>
1074 #ifdef GLOB_ALTDIRFUNC
1075 FOUNDIT
1076 #endif
aff51935 1077 ],
84ceda19 1078 [
3466e002 1079 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1080 [Define if your system glob() function has
1081 the GLOB_ALTDIRFUNC extension])
84ceda19 1082 AC_MSG_RESULT(yes)
1083 ],
1084 [
1085 AC_MSG_RESULT(no)
1086 ]
1087)
4cca272e 1088
40849fdb 1089# Check for g.gl_matchc glob() extension
1090AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1091AC_TRY_COMPILE(
13ff27b7 1092 [ #include <glob.h> ],
1093 [glob_t g; g.gl_matchc = 1;],
aff51935 1094 [
3466e002 1095 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1096 [Define if your system glob() function has
1097 gl_matchc options in glob_t])
aff51935 1098 AC_MSG_RESULT(yes)
1099 ],
1100 [
1101 AC_MSG_RESULT(no)
1102 ]
40849fdb 1103)
1104
78888bab 1105AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1106
edbe6722 1107AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1108AC_RUN_IFELSE(
479cece8 1109 [AC_LANG_SOURCE([[
edbe6722 1110#include <sys/types.h>
1111#include <dirent.h>
aec4cb4f 1112int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1113 ]])],
aff51935 1114 [AC_MSG_RESULT(yes)],
edbe6722 1115 [
1116 AC_MSG_RESULT(no)
3466e002 1117 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1118 [Define if your struct dirent expects you to
3466e002 1119 allocate extra space for d_name])
1a01a50c 1120 ],
82f4e93d 1121 [
1a01a50c 1122 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1123 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1124 ]
1125)
1126
419e26e7 1127AC_MSG_CHECKING([for /proc/pid/fd directory])
1128if test -d "/proc/$$/fd" ; then
3466e002 1129 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1130 AC_MSG_RESULT(yes)
1131else
1132 AC_MSG_RESULT(no)
1133fi
1134
278588d8 1135# Check whether user wants S/Key support
aff51935 1136SKEY_MSG="no"
278588d8 1137AC_ARG_WITH(skey,
6ff3d0dc 1138 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1139 [
1140 if test "x$withval" != "xno" ; then
1141
1142 if test "x$withval" != "xyes" ; then
1143 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1144 LDFLAGS="$LDFLAGS -L${withval}/lib"
1145 fi
1146
3466e002 1147 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1148 LIBS="-lskey $LIBS"
aff51935 1149 SKEY_MSG="yes"
82f4e93d 1150
ddceb1c8 1151 AC_MSG_CHECKING([for s/key support])
b0e7249f 1152 AC_LINK_IFELSE(
1153 [AC_LANG_SOURCE([[
ddceb1c8 1154#include <stdio.h>
1155#include <skey.h>
aec4cb4f 1156int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1157 ]])],
ddceb1c8 1158 [AC_MSG_RESULT(yes)],
278588d8 1159 [
ddceb1c8 1160 AC_MSG_RESULT(no)
278588d8 1161 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1162 ])
141fc639 1163 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1164 AC_TRY_COMPILE(
1165 [#include <stdio.h>
1166 #include <skey.h>],
1167 [(void)skeychallenge(NULL,"name","",0);],
1168 [AC_MSG_RESULT(yes)
3466e002 1169 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1170 [Define if your skeychallenge()
1171 function takes 4 arguments (NetBSD)])],
141fc639 1172 [AC_MSG_RESULT(no)]
1173 )
278588d8 1174 fi
1175 ]
1176)
1177
1178# Check whether user wants TCP wrappers support
98a7c37b 1179TCPW_MSG="no"
278588d8 1180AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1181 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1182 [
1183 if test "x$withval" != "xno" ; then
1184 saved_LIBS="$LIBS"
98a7c37b 1185 saved_LDFLAGS="$LDFLAGS"
1186 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1187 if test -n "${withval}" && \
6cf0200f 1188 test "x${withval}" != "xyes"; then
98a7c37b 1189 if test -d "${withval}/lib"; then
1190 if test -n "${need_dash_r}"; then
5a162955 1191 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1192 else
5a162955 1193 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1194 fi
1195 else
1196 if test -n "${need_dash_r}"; then
5a162955 1197 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1198 else
5a162955 1199 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1200 fi
1201 fi
1202 if test -d "${withval}/include"; then
5a162955 1203 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1204 else
5a162955 1205 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1206 fi
98a7c37b 1207 fi
e54defb4 1208 LIBS="-lwrap $LIBS"
278588d8 1209 AC_MSG_CHECKING(for libwrap)
1210 AC_TRY_LINK(
1211 [
77f09220 1212#include <sys/types.h>
1213#include <sys/socket.h>
1214#include <netinet/in.h>
278588d8 1215#include <tcpd.h>
1216 int deny_severity = 0, allow_severity = 0;
1217 ],
1218 [hosts_access(0);],
1219 [
1220 AC_MSG_RESULT(yes)
3466e002 1221 AC_DEFINE(LIBWRAP, 1,
1222 [Define if you want
1223 TCP Wrappers support])
e54defb4 1224 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1225 TCPW_MSG="yes"
278588d8 1226 ],
1227 [
1228 AC_MSG_ERROR([*** libwrap missing])
1229 ]
1230 )
ddceb1c8 1231 LIBS="$saved_LIBS"
278588d8 1232 fi
1233 ]
1234)
1235
59031773 1236# Check whether user wants libedit support
1237LIBEDIT_MSG="no"
1238AC_ARG_WITH(libedit,
6ff3d0dc 1239 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1240 [ if test "x$withval" != "xno" ; then
737edf04 1241 if test "x$withval" != "xyes"; then
bb116c8e 1242 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1243 if test -n "${need_dash_r}"; then
1244 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1245 else
1246 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1247 fi
737edf04 1248 fi
59031773 1249 AC_CHECK_LIB(edit, el_init,
3466e002 1250 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1251 LIBEDIT="-ledit -lcurses"
1252 LIBEDIT_MSG="yes"
1253 AC_SUBST(LIBEDIT)
1254 ],
737edf04 1255 [ AC_MSG_ERROR(libedit not found) ],
1256 [ -lcurses ]
59031773 1257 )
f47ddccb 1258 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1259 AC_COMPILE_IFELSE(
1260 [AC_LANG_SOURCE([[
1261#include <histedit.h>
f47ddccb 1262int main(void)
1263{
1264 int i = H_SETSIZE;
1265 el_init("", NULL, NULL, NULL);
1266 exit(0);
1267}
d92622f9 1268 ]])],
f47ddccb 1269 [ AC_MSG_RESULT(yes) ],
1270 [ AC_MSG_RESULT(no)
1271 AC_MSG_ERROR(libedit version is not compatible) ]
1272 )
59031773 1273 fi ]
1274)
1275
7b578f7d 1276AUDIT_MODULE=none
1277AC_ARG_WITH(audit,
1278 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1279 [
1280 AC_MSG_CHECKING(for supported audit module)
1281 case "$withval" in
1282 bsm)
1283 AC_MSG_RESULT(bsm)
1284 AUDIT_MODULE=bsm
1285 dnl Checks for headers, libs and functions
1286 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1287 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1288 [
1289#ifdef HAVE_TIME_H
1290# include <time.h>
1291#endif
1292 ]
1293)
7b578f7d 1294 AC_CHECK_LIB(bsm, getaudit, [],
1295 [AC_MSG_ERROR(BSM enabled and required library not found)])
1296 AC_CHECK_FUNCS(getaudit, [],
1297 [AC_MSG_ERROR(BSM enabled and required function not found)])
1298 # These are optional
a74e9b64 1299 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1300 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1301 ;;
1302 debug)
1303 AUDIT_MODULE=debug
1304 AC_MSG_RESULT(debug)
3466e002 1305 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1306 ;;
a2b3321d 1307 no)
d92622f9 1308 AC_MSG_RESULT(no)
a2b3321d 1309 ;;
7b578f7d 1310 *)
1311 AC_MSG_ERROR([Unknown audit module $withval])
1312 ;;
1313 esac ]
1314)
1315
19160674 1316dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1317AC_CHECK_FUNCS( \
1318 arc4random \
185adaf8 1319 arc4random_buf \
1320 arc4random_uniform \
9a406e1e 1321 asprintf \
b04a9f8c 1322 b64_ntop \
1323 __b64_ntop \
1324 b64_pton \
1325 __b64_pton \
1326 bcopy \
1327 bindresvport_sa \
1328 clock \
1329 closefrom \
1330 dirfd \
b04a9f8c 1331 fchmod \
1332 fchown \
1333 freeaddrinfo \
22f5e872 1334 fstatvfs \
b04a9f8c 1335 futimes \
1336 getaddrinfo \
1337 getcwd \
1338 getgrouplist \
1339 getnameinfo \
1340 getopt \
1341 getpeereid \
1961d660 1342 getpeerucred \
b04a9f8c 1343 _getpty \
1344 getrlimit \
1345 getttyent \
1346 glob \
1347 inet_aton \
1348 inet_ntoa \
1349 inet_ntop \
1350 innetgr \
1351 login_getcapbool \
1352 md5_crypt \
1353 memmove \
1354 mkdtemp \
1355 mmap \
1356 ngetaddrinfo \
1357 nsleep \
1358 ogetaddrinfo \
1359 openlog_r \
1360 openpty \
6d39a5c4 1361 poll \
b04a9f8c 1362 prctl \
1363 pstat \
1364 readpassphrase \
1365 realpath \
1366 recvmsg \
1367 rresvport_af \
1368 sendmsg \
1369 setdtablesize \
1370 setegid \
1371 setenv \
1372 seteuid \
1373 setgroups \
1374 setlogin \
1375 setpcred \
1376 setproctitle \
1377 setregid \
1378 setreuid \
1379 setrlimit \
1380 setsid \
1381 setvbuf \
1382 sigaction \
1383 sigvec \
1384 snprintf \
1385 socketpair \
4538e135 1386 statfs \
1387 statvfs \
b04a9f8c 1388 strdup \
1389 strerror \
1390 strlcat \
1391 strlcpy \
1392 strmode \
1393 strnvis \
1394 strtonum \
1e29a0c8 1395 strtoll \
b04a9f8c 1396 strtoul \
1aac2117 1397 swap32 \
b04a9f8c 1398 sysconf \
1399 tcgetpgrp \
1400 truncate \
1401 unsetenv \
1402 updwtmpx \
9a406e1e 1403 vasprintf \
b04a9f8c 1404 vhangup \
1405 vsnprintf \
1406 waitpid \
19160674 1407)
98a7c37b 1408
1a086f97 1409# IRIX has a const char return value for gai_strerror()
1410AC_CHECK_FUNCS(gai_strerror,[
1411 AC_DEFINE(HAVE_GAI_STRERROR)
1412 AC_TRY_COMPILE([
1413#include <sys/types.h>
1414#include <sys/socket.h>
1415#include <netdb.h>
1416
1417const char *gai_strerror(int);],[
1418char *str;
1419
1420str = gai_strerror(0);],[
1421 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1422 [Define if gai_strerror() returns const char *])])])
1423
3466e002 1424AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1425 [Some systems put nanosleep outside of libc]))
92b1decf 1426
309709db 1427dnl Make sure prototypes are defined for these before using them.
309709db 1428AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1429AC_CHECK_DECL(strsep,
1430 [AC_CHECK_FUNCS(strsep)],
1431 [],
1432 [
1433#ifdef HAVE_STRING_H
1434# include <string.h>
1435#endif
1436 ])
08412d26 1437
3490699c 1438dnl tcsendbreak might be a macro
1439AC_CHECK_DECL(tcsendbreak,
1440 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1441 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1442 [#include <termios.h>]
1443)
1444
41e0e158 1445AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1446
71f4c727 1447AC_CHECK_DECLS(SHUT_RD, , ,
1448 [
1449#include <sys/types.h>
1450#include <sys/socket.h>
1451 ])
956d6743 1452
1453AC_CHECK_DECLS(O_NONBLOCK, , ,
1454 [
1455#include <sys/types.h>
1456#ifdef HAVE_SYS_STAT_H
1457# include <sys/stat.h>
1458#endif
1459#ifdef HAVE_FCNTL_H
1460# include <fcntl.h>
1461#endif
1462 ])
1463
752994dd 1464AC_CHECK_DECLS(writev, , , [
1465#include <sys/types.h>
1466#include <sys/uio.h>
1467#include <unistd.h>
1468 ])
1469
0bf6279d 1470AC_CHECK_DECLS(MAXSYMLINKS, , , [
1471#include <sys/param.h>
1472 ])
1473
b41ece30 1474AC_CHECK_DECLS(offsetof, , , [
1475#include <stddef.h>
1476 ])
1477
3f176010 1478AC_CHECK_FUNCS(setresuid, [
1479 dnl Some platorms have setresuid that isn't implemented, test for this
1480 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1481 AC_RUN_IFELSE(
1482 [AC_LANG_SOURCE([[
9a3fe0e2 1483#include <stdlib.h>
1484#include <errno.h>
1485int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1486 ]])],
3f176010 1487 [AC_MSG_RESULT(yes)],
3466e002 1488 [AC_DEFINE(BROKEN_SETRESUID, 1,
1489 [Define if your setresuid() is broken])
1a01a50c 1490 AC_MSG_RESULT(not implemented)],
1491 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1492 )
1493])
9a3fe0e2 1494
3f176010 1495AC_CHECK_FUNCS(setresgid, [
1496 dnl Some platorms have setresgid that isn't implemented, test for this
1497 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1498 AC_RUN_IFELSE(
1499 [AC_LANG_SOURCE([[
9a3fe0e2 1500#include <stdlib.h>
1501#include <errno.h>
1502int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1503 ]])],
3f176010 1504 [AC_MSG_RESULT(yes)],
3466e002 1505 [AC_DEFINE(BROKEN_SETRESGID, 1,
1506 [Define if your setresgid() is broken])
1a01a50c 1507 AC_MSG_RESULT(not implemented)],
1508 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1509 )
1510])
9a3fe0e2 1511
2e73a022 1512dnl Checks for time functions
1d7b9b20 1513AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1514dnl Checks for utmp functions
b03bd394 1515AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1516AC_CHECK_FUNCS(utmpname)
2e73a022 1517dnl Checks for utmpx functions
b03bd394 1518AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1519AC_CHECK_FUNCS(setutxent utmpxname)
295dd642 1520dnl Checks for lastlog functions
1521AC_CHECK_FUNCS(getlastlogxbyname)
76cd7316 1522
aff51935 1523AC_CHECK_FUNC(daemon,
3466e002 1524 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1525 [AC_CHECK_LIB(bsd, daemon,
1526 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1527)
1528
aff51935 1529AC_CHECK_FUNC(getpagesize,
3466e002 1530 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1531 [Define if your libraries define getpagesize()])],
1532 [AC_CHECK_LIB(ucb, getpagesize,
1533 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1534)
1535
2647ae26 1536# Check for broken snprintf
1537if test "x$ac_cv_func_snprintf" = "xyes" ; then
1538 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1539 AC_RUN_IFELSE(
479cece8 1540 [AC_LANG_SOURCE([[
2647ae26 1541#include <stdio.h>
aec4cb4f 1542int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1543 ]])],
aff51935 1544 [AC_MSG_RESULT(yes)],
2647ae26 1545 [
1546 AC_MSG_RESULT(no)
3466e002 1547 AC_DEFINE(BROKEN_SNPRINTF, 1,
1548 [Define if your snprintf is busted])
2647ae26 1549 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1550 ],
1551 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1552 )
1553fi
1554
9a406e1e 1555# If we don't have a working asprintf, then we strongly depend on vsnprintf
1556# returning the right thing on overflow: the number of characters it tried to
1557# create (as per SUSv3)
1558if test "x$ac_cv_func_asprintf" != "xyes" && \
1559 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1560 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1561 AC_RUN_IFELSE(
1562 [AC_LANG_SOURCE([[
1563#include <sys/types.h>
1564#include <stdio.h>
1565#include <stdarg.h>
1566
1567int x_snprintf(char *str,size_t count,const char *fmt,...)
1568{
1569 size_t ret; va_list ap;
1570 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1571 return ret;
1572}
1573int main(void)
1574{
1575 char x[1];
1576 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1577} ]])],
1578 [AC_MSG_RESULT(yes)],
1579 [
1580 AC_MSG_RESULT(no)
1581 AC_DEFINE(BROKEN_SNPRINTF, 1,
1582 [Define if your snprintf is busted])
1583 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1584 ],
1585 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1586 )
1587fi
1588
31b0732a 1589# On systems where [v]snprintf is broken, but is declared in stdio,
1590# check that the fmt argument is const char * or just char *.
1591# This is only useful for when BROKEN_SNPRINTF
1592AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1593AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1594 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1595 int main(void) { snprintf(0, 0, 0); }
1596 ]])],
1597 [AC_MSG_RESULT(yes)
1598 AC_DEFINE(SNPRINTF_CONST, [const],
1599 [Define as const if snprintf() can declare const char *fmt])],
1600 [AC_MSG_RESULT(no)
1601 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1602
2f6f9cff 1603# Check for missing getpeereid (or equiv) support
1604NO_PEERCHECK=""
1961d660 1605if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1606 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1607 AC_TRY_COMPILE(
1608 [#include <sys/types.h>
1609 #include <sys/socket.h>],
1610 [int i = SO_PEERCRED;],
62eb7db4 1611 [ AC_MSG_RESULT(yes)
3466e002 1612 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1613 ],
2f6f9cff 1614 [AC_MSG_RESULT(no)
1615 NO_PEERCHECK=1]
1616 )
1617fi
1618
70e7d0b0 1619dnl see whether mkstemp() requires XXXXXX
1620if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1621AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1622AC_RUN_IFELSE(
1623 [AC_LANG_SOURCE([[
70e7d0b0 1624#include <stdlib.h>
1625main() { char template[]="conftest.mkstemp-test";
1626if (mkstemp(template) == -1)
1627 exit(1);
1628unlink(template); exit(0);
1629}
b0e7249f 1630 ]])],
70e7d0b0 1631 [
1632 AC_MSG_RESULT(no)
1633 ],
aff51935 1634 [
70e7d0b0 1635 AC_MSG_RESULT(yes)
3466e002 1636 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1637 ],
1638 [
1639 AC_MSG_RESULT(yes)
1640 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1641 ]
70e7d0b0 1642)
1643fi
1644
eacb954e 1645dnl make sure that openpty does not reacquire controlling terminal
1646if test ! -z "$check_for_openpty_ctty_bug"; then
1647 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1648 AC_RUN_IFELSE(
1649 [AC_LANG_SOURCE([[
eacb954e 1650#include <stdio.h>
1651#include <sys/fcntl.h>
1652#include <sys/types.h>
1653#include <sys/wait.h>
1654
1655int
1656main()
1657{
1658 pid_t pid;
1659 int fd, ptyfd, ttyfd, status;
1660
1661 pid = fork();
1662 if (pid < 0) { /* failed */
1663 exit(1);
1664 } else if (pid > 0) { /* parent */
1665 waitpid(pid, &status, 0);
aff51935 1666 if (WIFEXITED(status))
eacb954e 1667 exit(WEXITSTATUS(status));
1668 else
1669 exit(2);
1670 } else { /* child */
1671 close(0); close(1); close(2);
1672 setsid();
1673 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1674 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1675 if (fd >= 0)
1676 exit(3); /* Acquired ctty: broken */
1677 else
1678 exit(0); /* Did not acquire ctty: OK */
1679 }
1680}
b0e7249f 1681 ]])],
eacb954e 1682 [
1683 AC_MSG_RESULT(yes)
1684 ],
1685 [
1686 AC_MSG_RESULT(no)
1687 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1688 ],
1689 [
1690 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1691 ]
1692 )
1693fi
1694
4b492aab 1695if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1696 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1697 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1698 AC_RUN_IFELSE(
1699 [AC_LANG_SOURCE([[
2fe51906 1700#include <stdio.h>
1701#include <sys/socket.h>
1702#include <netdb.h>
1703#include <errno.h>
1704#include <netinet/in.h>
1705
1706#define TEST_PORT "2222"
1707
1708int
1709main(void)
1710{
1711 int err, sock;
1712 struct addrinfo *gai_ai, *ai, hints;
1713 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1714
1715 memset(&hints, 0, sizeof(hints));
1716 hints.ai_family = PF_UNSPEC;
1717 hints.ai_socktype = SOCK_STREAM;
1718 hints.ai_flags = AI_PASSIVE;
1719
1720 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1721 if (err != 0) {
1722 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1723 exit(1);
1724 }
1725
1726 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1727 if (ai->ai_family != AF_INET6)
1728 continue;
1729
1730 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1731 sizeof(ntop), strport, sizeof(strport),
1732 NI_NUMERICHOST|NI_NUMERICSERV);
1733
1734 if (err != 0) {
1735 if (err == EAI_SYSTEM)
1736 perror("getnameinfo EAI_SYSTEM");
1737 else
1738 fprintf(stderr, "getnameinfo failed: %s\n",
1739 gai_strerror(err));
1740 exit(2);
1741 }
1742
1743 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1744 if (sock < 0)
1745 perror("socket");
1746 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1747 if (errno == EBADF)
1748 exit(3);
1749 }
1750 }
1751 exit(0);
1752}
b0e7249f 1753 ]])],
2fe51906 1754 [
1755 AC_MSG_RESULT(yes)
1756 ],
1757 [
1758 AC_MSG_RESULT(no)
1759 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1760 ],
1761 [
1762 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1763 ]
1764 )
1765fi
1766
4b492aab 1767if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1768 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1769 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1770 AC_RUN_IFELSE(
1771 [AC_LANG_SOURCE([[
5ccf88cb 1772#include <stdio.h>
1773#include <sys/socket.h>
1774#include <netdb.h>
1775#include <errno.h>
1776#include <netinet/in.h>
1777
1778#define TEST_PORT "2222"
1779
1780int
1781main(void)
1782{
1783 int err, sock;
1784 struct addrinfo *gai_ai, *ai, hints;
1785 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1786
1787 memset(&hints, 0, sizeof(hints));
1788 hints.ai_family = PF_UNSPEC;
1789 hints.ai_socktype = SOCK_STREAM;
1790 hints.ai_flags = AI_PASSIVE;
1791
1792 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1793 if (err != 0) {
1794 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1795 exit(1);
1796 }
1797
1798 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1799 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1800 continue;
1801
1802 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1803 sizeof(ntop), strport, sizeof(strport),
1804 NI_NUMERICHOST|NI_NUMERICSERV);
1805
1806 if (ai->ai_family == AF_INET && err != 0) {
1807 perror("getnameinfo");
1808 exit(2);
1809 }
1810 }
1811 exit(0);
1812}
b0e7249f 1813 ]])],
5ccf88cb 1814 [
1815 AC_MSG_RESULT(yes)
3466e002 1816 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1817 [Define if you have a getaddrinfo that fails
1818 for the all-zeros IPv6 address])
5ccf88cb 1819 ],
1820 [
1821 AC_MSG_RESULT(no)
1822 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1823 ],
ecd9ec09 1824 [
b0e7249f 1825 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1826 ]
1827 )
1828fi
1829
b29fd59f 1830if test "x$check_for_conflicting_getspnam" = "x1"; then
1831 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1832 AC_COMPILE_IFELSE(
1833 [
1834#include <shadow.h>
1835int main(void) {exit(0);}
1836 ],
1837 [
1838 AC_MSG_RESULT(no)
1839 ],
1840 [
1841 AC_MSG_RESULT(yes)
1842 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1843 [Conflicting defs for getspnam])
1844 ]
1845 )
1846fi
1847
7f8f5e00 1848AC_FUNC_GETPGRP
1849
5b991353 1850# Search for OpenSSL
1851saved_CPPFLAGS="$CPPFLAGS"
1852saved_LDFLAGS="$LDFLAGS"
a0391976 1853AC_ARG_WITH(ssl-dir,
1854 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1855 [
e9e4a1c7 1856 if test "x$withval" != "xno" ; then
99eb0f64 1857 case "$withval" in
1858 # Relative paths
1859 ./*|../*) withval="`pwd`/$withval"
1860 esac
5b991353 1861 if test -d "$withval/lib"; then
1862 if test -n "${need_dash_r}"; then
1863 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1864 else
1865 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1866 fi
1867 else
5b991353 1868 if test -n "${need_dash_r}"; then
1869 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1870 else
1871 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1872 fi
1873 fi
5b991353 1874 if test -d "$withval/include"; then
1875 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1876 else
5b991353 1877 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1878 fi
a0391976 1879 fi
5b991353 1880 ]
1881)
5486a457 1882LIBS="-lcrypto $LIBS"
3466e002 1883AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1884 [Define if your ssl headers are included
1885 with #include <openssl/header.h>]),
d45e3d76 1886 [
5b991353 1887 dnl Check default openssl install dir
1888 if test -n "${need_dash_r}"; then
1889 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1890 else
5b991353 1891 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1892 fi
5b991353 1893 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1894 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1895 [
1896 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1897 ]
1898 )
1899 ]
1900)
1901
cd018561 1902# Determine OpenSSL header version
1903AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1904AC_RUN_IFELSE(
479cece8 1905 [AC_LANG_SOURCE([[
cd018561 1906#include <stdio.h>
1907#include <string.h>
1908#include <openssl/opensslv.h>
1909#define DATA "conftest.sslincver"
1910int main(void) {
aff51935 1911 FILE *fd;
1912 int rc;
cd018561 1913
aff51935 1914 fd = fopen(DATA,"w");
1915 if(fd == NULL)
1916 exit(1);
cd018561 1917
1918 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1919 exit(1);
1920
1921 exit(0);
1922}
479cece8 1923 ]])],
cd018561 1924 [
1925 ssl_header_ver=`cat conftest.sslincver`
1926 AC_MSG_RESULT($ssl_header_ver)
1927 ],
1928 [
1929 AC_MSG_RESULT(not found)
1930 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1931 ],
1932 [
1933 AC_MSG_WARN([cross compiling: not checking])
cd018561 1934 ]
1935)
1936
1937# Determine OpenSSL library version
1938AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1939AC_RUN_IFELSE(
479cece8 1940 [AC_LANG_SOURCE([[
cd018561 1941#include <stdio.h>
1942#include <string.h>
1943#include <openssl/opensslv.h>
1944#include <openssl/crypto.h>
1945#define DATA "conftest.ssllibver"
1946int main(void) {
aff51935 1947 FILE *fd;
1948 int rc;
cd018561 1949
aff51935 1950 fd = fopen(DATA,"w");
1951 if(fd == NULL)
1952 exit(1);
cd018561 1953
1954 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1955 exit(1);
1956
1957 exit(0);
1958}
479cece8 1959 ]])],
cd018561 1960 [
1961 ssl_library_ver=`cat conftest.ssllibver`
1962 AC_MSG_RESULT($ssl_library_ver)
1963 ],
1964 [
1965 AC_MSG_RESULT(not found)
1966 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1967 ],
1968 [
1969 AC_MSG_WARN([cross compiling: not checking])
cd018561 1970 ]
1971)
58d100bf 1972
1d42bcce 1973AC_ARG_WITH(openssl-header-check,
1974 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1975 [ if test "x$withval" = "xno" ; then
1976 openssl_check_nonfatal=1
1977 fi
1978 ]
1979)
1980
9780116c 1981# Sanity check OpenSSL headers
1982AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1983AC_RUN_IFELSE(
479cece8 1984 [AC_LANG_SOURCE([[
9780116c 1985#include <string.h>
1986#include <openssl/opensslv.h>
aec4cb4f 1987int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1988 ]])],
9780116c 1989 [
1990 AC_MSG_RESULT(yes)
1991 ],
1992 [
1993 AC_MSG_RESULT(no)
1d42bcce 1994 if test "x$openssl_check_nonfatal" = "x"; then
1995 AC_MSG_ERROR([Your OpenSSL headers do not match your
1996library. Check config.log for details.
1997If you are sure your installation is consistent, you can disable the check
1998by running "./configure --without-openssl-header-check".
1999Also see contrib/findssl.sh for help identifying header/library mismatches.
2000])
2001 else
2002 AC_MSG_WARN([Your OpenSSL headers do not match your
2003library. Check config.log for details.
e15ba28b 2004Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 2005 fi
1a01a50c 2006 ],
2007 [
2008 AC_MSG_WARN([cross compiling: not checking])
9780116c 2009 ]
2010)
2011
282d6408 2012AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2013AC_LINK_IFELSE(
2014 [AC_LANG_SOURCE([[
2015#include <openssl/evp.h>
2016int main(void) { SSLeay_add_all_algorithms(); }
2017 ]])],
2018 [
2019 AC_MSG_RESULT(yes)
2020 ],
2021 [
2022 AC_MSG_RESULT(no)
2023 saved_LIBS="$LIBS"
2024 LIBS="$LIBS -ldl"
2025 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2026 AC_LINK_IFELSE(
2027 [AC_LANG_SOURCE([[
2028#include <openssl/evp.h>
2029int main(void) { SSLeay_add_all_algorithms(); }
2030 ]])],
2031 [
2032 AC_MSG_RESULT(yes)
2033 ],
2034 [
2035 AC_MSG_RESULT(no)
2036 LIBS="$saved_LIBS"
2037 ]
2038 )
2039 ]
2040)
2041
c7ad0d99 2042AC_ARG_WITH(ssl-engine,
2043 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2044 [ if test "x$withval" != "xno" ; then
2045 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2046 AC_TRY_COMPILE(
2047 [ #include <openssl/engine.h>],
2048 [
24b2647b 2049ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2050 ],
2051 [ AC_MSG_RESULT(yes)
2052 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2053 [Enable OpenSSL engine support])
2054 ],
2055 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2056 )
2057 fi ]
2058)
2059
e5146707 2060# Check for OpenSSL without EVP_aes_{192,256}_cbc
2061AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2062AC_LINK_IFELSE(
e5146707 2063 [AC_LANG_SOURCE([[
2064#include <string.h>
2065#include <openssl/evp.h>
300ea548 2066int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2067 ]])],
2068 [
2069 AC_MSG_RESULT(no)
2070 ],
2071 [
2072 AC_MSG_RESULT(yes)
2073 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2074 [libcrypto is missing AES 192 and 256 bit functions])
2075 ]
2076)
2077
14e380c6 2078AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
2079AC_LINK_IFELSE(
2080 [AC_LANG_SOURCE([[
2081#include <string.h>
2082#include <openssl/evp.h>
2083int main(void) { if(EVP_DigestUpdate(NULL, NULL,0)) exit(0); }
2084 ]])],
2085 [
2086 AC_MSG_RESULT(yes)
2087 ],
2088 [
2089 AC_MSG_RESULT(no)
2090 AC_DEFINE(OPENSSL_EVP_DIGESTUPDATE_VOID, 1,
2091 [Define if EVP_DigestUpdate returns void])
2092 ]
2093)
2094
5486a457 2095# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2096# because the system crypt() is more featureful.
2097if test "x$check_for_libcrypt_before" = "x1"; then
2098 AC_CHECK_LIB(crypt, crypt)
2099fi
2100
aff51935 2101# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2102# version in OpenSSL.
05114c74 2103if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2104 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2105fi
2106
13ff27b7 2107# Search for SHA256 support in libc and/or OpenSSL
2108AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2109
a03acb8f 2110saved_LIBS="$LIBS"
2111AC_CHECK_LIB(iaf, ia_openinfo, [
2112 LIBS="$LIBS -liaf"
d837615a 2113 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2114 AC_DEFINE(HAVE_LIBIAF, 1,
2115 [Define if system has libiaf that supports set_id])
2116 ])
a03acb8f 2117])
2118LIBS="$saved_LIBS"
f1b0ecc3 2119
2120### Configure cryptographic random number support
2121
2122# Check wheter OpenSSL seeds itself
2123AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2124AC_RUN_IFELSE(
479cece8 2125 [AC_LANG_SOURCE([[
f1b0ecc3 2126#include <string.h>
2127#include <openssl/rand.h>
aec4cb4f 2128int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2129 ]])],
f1b0ecc3 2130 [
2131 OPENSSL_SEEDS_ITSELF=yes
2132 AC_MSG_RESULT(yes)
2133 ],
2134 [
2135 AC_MSG_RESULT(no)
2136 # Default to use of the rand helper if OpenSSL doesn't
2137 # seed itself
2138 USE_RAND_HELPER=yes
1a01a50c 2139 ],
2140 [
2141 AC_MSG_WARN([cross compiling: assuming yes])
2142 # This is safe, since all recent OpenSSL versions will
82f4e93d 2143 # complain at runtime if not seeded correctly.
1a01a50c 2144 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2145 ]
2146)
2147
a086f73b 2148# Check for PAM libs
2149PAM_MSG="no"
2150AC_ARG_WITH(pam,
2151 [ --with-pam Enable PAM support ],
2152 [
2153 if test "x$withval" != "xno" ; then
2154 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2155 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2156 AC_MSG_ERROR([PAM headers not found])
2157 fi
2158
2159 saved_LIBS="$LIBS"
2160 AC_CHECK_LIB(dl, dlopen, , )
2161 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2162 AC_CHECK_FUNCS(pam_getenvlist)
2163 AC_CHECK_FUNCS(pam_putenv)
2164 LIBS="$saved_LIBS"
2165
2166 PAM_MSG="yes"
2167
e54defb4 2168 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2169 AC_DEFINE(USE_PAM, 1,
2170 [Define if you want to enable PAM support])
282d6408 2171
a086f73b 2172 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2173 case "$LIBS" in
2174 *-ldl*)
2175 # libdl already in LIBS
2176 ;;
2177 *)
e54defb4 2178 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2179 ;;
2180 esac
a086f73b 2181 fi
a086f73b 2182 fi
2183 ]
2184)
2185
2186# Check for older PAM
2187if test "x$PAM_MSG" = "xyes" ; then
2188 # Check PAM strerror arguments (old PAM)
2189 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2190 AC_TRY_COMPILE(
2191 [
2192#include <stdlib.h>
2193#if defined(HAVE_SECURITY_PAM_APPL_H)
2194#include <security/pam_appl.h>
2195#elif defined (HAVE_PAM_PAM_APPL_H)
2196#include <pam/pam_appl.h>
2197#endif
2198 ],
2199 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2200 [AC_MSG_RESULT(no)],
2201 [
2202 AC_DEFINE(HAVE_OLD_PAM, 1,
2203 [Define if you have an old version of PAM
2204 which takes only one argument to pam_strerror])
2205 AC_MSG_RESULT(yes)
2206 PAM_MSG="yes (old library)"
2207 ]
2208 )
2209fi
f1b0ecc3 2210
2211# Do we want to force the use of the rand helper?
2212AC_ARG_WITH(rand-helper,
2213 [ --with-rand-helper Use subprocess to gather strong randomness ],
2214 [
2215 if test "x$withval" = "xno" ; then
aff51935 2216 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2217 # the previous test showed it to be unseeded.
2218 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2219 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2220 OPENSSL_SEEDS_ITSELF=yes
2221 USE_RAND_HELPER=""
2222 fi
2223 else
2224 USE_RAND_HELPER=yes
2225 fi
2226 ],
82f4e93d 2227)
f1b0ecc3 2228
2229# Which randomness source do we use?
4b492aab 2230if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2231 # OpenSSL only
3466e002 2232 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2233 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2234 RAND_MSG="OpenSSL internal ONLY"
2235 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2236elif test ! -z "$USE_RAND_HELPER" ; then
2237 # install rand helper
f1b0ecc3 2238 RAND_MSG="ssh-rand-helper"
2239 INSTALL_SSH_RAND_HELPER="yes"
2240fi
2241AC_SUBST(INSTALL_SSH_RAND_HELPER)
2242
2243### Configuration of ssh-rand-helper
2244
2245# PRNGD TCP socket
2246AC_ARG_WITH(prngd-port,
2247 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2248 [
eb5d7ff6 2249 case "$withval" in
2250 no)
2251 withval=""
2252 ;;
2253 [[0-9]]*)
2254 ;;
2255 *)
2256 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2257 ;;
2258 esac
2259 if test ! -z "$withval" ; then
f1b0ecc3 2260 PRNGD_PORT="$withval"
3466e002 2261 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2262 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2263 fi
2264 ]
2265)
2266
2267# PRNGD Unix domain socket
2268AC_ARG_WITH(prngd-socket,
2269 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2270 [
eb5d7ff6 2271 case "$withval" in
2272 yes)
f1b0ecc3 2273 withval="/var/run/egd-pool"
eb5d7ff6 2274 ;;
2275 no)
2276 withval=""
2277 ;;
2278 /*)
2279 ;;
2280 *)
2281 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2282 ;;
2283 esac
2284
2285 if test ! -z "$withval" ; then
f1b0ecc3 2286 if test ! -z "$PRNGD_PORT" ; then
2287 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2288 fi
906e811b 2289 if test ! -r "$withval" ; then
f1b0ecc3 2290 AC_MSG_WARN(Entropy socket is not readable)
2291 fi
2292 PRNGD_SOCKET="$withval"
3466e002 2293 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2294 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2295 fi
ddceb1c8 2296 ],
2297 [
2298 # Check for existing socket only if we don't have a random device already
2299 if test "$USE_RAND_HELPER" = yes ; then
2300 AC_MSG_CHECKING(for PRNGD/EGD socket)
2301 # Insert other locations here
2302 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2303 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2304 PRNGD_SOCKET="$sock"
2305 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2306 break;
2307 fi
2308 done
2309 if test ! -z "$PRNGD_SOCKET" ; then
2310 AC_MSG_RESULT($PRNGD_SOCKET)
2311 else
2312 AC_MSG_RESULT(not found)
2313 fi
2314 fi
f1b0ecc3 2315 ]
2316)
2317
2318# Change default command timeout for hashing entropy source
2319entropy_timeout=200
2320AC_ARG_WITH(entropy-timeout,
2321 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2322 [
6cf0200f 2323 if test -n "$withval" && test "x$withval" != "xno" && \
2324 test "x${withval}" != "xyes"; then
f1b0ecc3 2325 entropy_timeout=$withval
2326 fi
82f4e93d 2327 ]
f1b0ecc3 2328)
3466e002 2329AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2330 [Builtin PRNG command timeout])
f1b0ecc3 2331
fd3cbf67 2332SSH_PRIVSEP_USER=sshd
9a0fbcb3 2333AC_ARG_WITH(privsep-user,
5222e7ef 2334 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2335 [
6cf0200f 2336 if test -n "$withval" && test "x$withval" != "xno" && \
2337 test "x${withval}" != "xyes"; then
fd3cbf67 2338 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2339 fi
82f4e93d 2340 ]
9a0fbcb3 2341)
3466e002 2342AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2343 [non-privileged user for privilege separation])
fd3cbf67 2344AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2345
81dadca3 2346# We do this little dance with the search path to insure
2347# that programs that we select for use by installed programs
2348# (which may be run by the super-user) come from trusted
2349# locations before they come from the user's private area.
2350# This should help avoid accidentally configuring some
2351# random version of a program in someone's personal bin.
2352
2353OPATH=$PATH
2354PATH=/bin:/usr/bin
f95c8ce8 2355test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2356test -d /sbin && PATH=$PATH:/sbin
2357test -d /usr/sbin && PATH=$PATH:/usr/sbin
2358PATH=$PATH:/etc:$OPATH
2359
aff51935 2360# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2361OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2362OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2363OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2364OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2365OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2366OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2367OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2368OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2369OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2370OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2371OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2372OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2373OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2374OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2375OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2376OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2377# restore PATH
2378PATH=$OPATH
f1b0ecc3 2379
2380# Where does ssh-rand-helper get its randomness from?
2381INSTALL_SSH_PRNG_CMDS=""
2382if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2383 if test ! -z "$PRNGD_PORT" ; then
2384 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2385 elif test ! -z "$PRNGD_SOCKET" ; then
2386 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2387 else
2388 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2389 RAND_HELPER_CMDHASH=yes
2390 INSTALL_SSH_PRNG_CMDS="yes"
2391 fi
2392fi
2393AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2394
2395
66d6c27e 2396# Cheap hack to ensure NEWS-OS libraries are arranged right.
2397if test ! -z "$SONY" ; then
2398 LIBS="$LIBS -liberty";
2399fi
2400
9a406e1e 2401# Check for long long datatypes
2402AC_CHECK_TYPES([long long, unsigned long long, long double])
2403
2404# Check datatype sizes
976f7e19 2405AC_CHECK_SIZEOF(char, 1)
2b942fe0 2406AC_CHECK_SIZEOF(short int, 2)
2407AC_CHECK_SIZEOF(int, 4)
2408AC_CHECK_SIZEOF(long int, 4)
2409AC_CHECK_SIZEOF(long long int, 8)
2410
52f1ccb2 2411# Sanity check long long for some platforms (AIX)
2412if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2413 ac_cv_sizeof_long_long_int=0
2414fi
2415
90f15776 2416# compute LLONG_MIN and LLONG_MAX if we don't know them.
2417if test -z "$have_llong_max"; then
2418 AC_MSG_CHECKING([for max value of long long])
2419 AC_RUN_IFELSE(
2420 [AC_LANG_SOURCE([[
2421#include <stdio.h>
2422/* Why is this so damn hard? */
2423#ifdef __GNUC__
2424# undef __GNUC__
2425#endif
2426#define __USE_ISOC99
2427#include <limits.h>
2428#define DATA "conftest.llminmax"
055252ed 2429#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2430
2431/*
2432 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2433 * we do this the hard way.
2434 */
2435static int
2436fprint_ll(FILE *f, long long n)
2437{
2438 unsigned int i;
2439 int l[sizeof(long long) * 8];
2440
2441 if (n < 0)
2442 if (fprintf(f, "-") < 0)
2443 return -1;
2444 for (i = 0; n != 0; i++) {
2445 l[i] = my_abs(n % 10);
2446 n /= 10;
2447 }
2448 do {
2449 if (fprintf(f, "%d", l[--i]) < 0)
2450 return -1;
2451 } while (i != 0);
2452 if (fprintf(f, " ") < 0)
2453 return -1;
2454 return 0;
2455}
2456
90f15776 2457int main(void) {
2458 FILE *f;
2459 long long i, llmin, llmax = 0;
2460
2461 if((f = fopen(DATA,"w")) == NULL)
2462 exit(1);
2463
2464#if defined(LLONG_MIN) && defined(LLONG_MAX)
2465 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2466 llmin = LLONG_MIN;
2467 llmax = LLONG_MAX;
2468#else
2469 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2470 /* This will work on one's complement and two's complement */
2471 for (i = 1; i > llmax; i <<= 1, i++)
2472 llmax = i;
2473 llmin = llmax + 1LL; /* wrap */
2474#endif
2475
2476 /* Sanity check */
2477 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2478 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2479 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2480 fprintf(f, "unknown unknown\n");
2481 exit(2);
2482 }
2483
055252ed 2484 if (fprint_ll(f, llmin) < 0)
90f15776 2485 exit(3);
055252ed 2486 if (fprint_ll(f, llmax) < 0)
2487 exit(4);
2488 if (fclose(f) < 0)
2489 exit(5);
90f15776 2490 exit(0);
2491}
2492 ]])],
2493 [
2494 llong_min=`$AWK '{print $1}' conftest.llminmax`
2495 llong_max=`$AWK '{print $2}' conftest.llminmax`
2496
90f15776 2497 AC_MSG_RESULT($llong_max)
2498 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2499 [max value of long long calculated by configure])
2500 AC_MSG_CHECKING([for min value of long long])
2501 AC_MSG_RESULT($llong_min)
2502 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2503 [min value of long long calculated by configure])
2504 ],
2505 [
2506 AC_MSG_RESULT(not found)
2507 ],
2508 [
2509 AC_MSG_WARN([cross compiling: not checking])
2510 ]
2511 )
2512fi
2513
2514
a0391976 2515# More checks for data types
14a9a859 2516AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2517 AC_TRY_COMPILE(
aff51935 2518 [ #include <sys/types.h> ],
2519 [ u_int a; a = 1;],
14a9a859 2520 [ ac_cv_have_u_int="yes" ],
2521 [ ac_cv_have_u_int="no" ]
2522 )
2523])
2524if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2525 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2526 have_u_int=1
2527fi
2528
58d100bf 2529AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2530 AC_TRY_COMPILE(
aff51935 2531 [ #include <sys/types.h> ],
2532 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2533 [ ac_cv_have_intxx_t="yes" ],
2534 [ ac_cv_have_intxx_t="no" ]
2535 )
2536])
2537if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2538 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2539 have_intxx_t=1
2540fi
41cb4569 2541
2542if (test -z "$have_intxx_t" && \
aff51935 2543 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2544then
2545 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2546 AC_TRY_COMPILE(
aff51935 2547 [ #include <stdint.h> ],
2548 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2549 [
2550 AC_DEFINE(HAVE_INTXX_T)
2551 AC_MSG_RESULT(yes)
2552 ],
2553 [ AC_MSG_RESULT(no) ]
2554 )
2555fi
2556
bd590612 2557AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2558 AC_TRY_COMPILE(
1cbbe6c8 2559 [
2560#include <sys/types.h>
2561#ifdef HAVE_STDINT_H
2562# include <stdint.h>
2563#endif
2564#include <sys/socket.h>
2565#ifdef HAVE_SYS_BITYPES_H
2566# include <sys/bitypes.h>
2567#endif
aff51935 2568 ],
2569 [ int64_t a; a = 1;],
bd590612 2570 [ ac_cv_have_int64_t="yes" ],
2571 [ ac_cv_have_int64_t="no" ]
2572 )
2573])
2574if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2575 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2576fi
2577
58d100bf 2578AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2579 AC_TRY_COMPILE(
aff51935 2580 [ #include <sys/types.h> ],
2581 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2582 [ ac_cv_have_u_intxx_t="yes" ],
2583 [ ac_cv_have_u_intxx_t="no" ]
2584 )
2585])
2586if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2587 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2588 have_u_intxx_t=1
2589fi
2b942fe0 2590
41cb4569 2591if test -z "$have_u_intxx_t" ; then
2592 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2593 AC_TRY_COMPILE(
aff51935 2594 [ #include <sys/socket.h> ],
2595 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2596 [
2597 AC_DEFINE(HAVE_U_INTXX_T)
2598 AC_MSG_RESULT(yes)
2599 ],
2600 [ AC_MSG_RESULT(no) ]
2601 )
2602fi
2603
bd590612 2604AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2605 AC_TRY_COMPILE(
aff51935 2606 [ #include <sys/types.h> ],
2607 [ u_int64_t a; a = 1;],
bd590612 2608 [ ac_cv_have_u_int64_t="yes" ],
2609 [ ac_cv_have_u_int64_t="no" ]
2610 )
2611])
2612if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2613 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2614 have_u_int64_t=1
2615fi
2616
ddceb1c8 2617if test -z "$have_u_int64_t" ; then
2618 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2619 AC_TRY_COMPILE(
aff51935 2620 [ #include <sys/bitypes.h> ],
ddceb1c8 2621 [ u_int64_t a; a = 1],
2622 [
2623 AC_DEFINE(HAVE_U_INT64_T)
2624 AC_MSG_RESULT(yes)
2625 ],
2626 [ AC_MSG_RESULT(no) ]
2627 )
2628fi
2629
41cb4569 2630if test -z "$have_u_intxx_t" ; then
2631 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2632 AC_TRY_COMPILE(
2633 [
2634#include <sys/types.h>
aff51935 2635 ],
2636 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2637 [ ac_cv_have_uintxx_t="yes" ],
2638 [ ac_cv_have_uintxx_t="no" ]
2639 )
2640 ])
2641 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2642 AC_DEFINE(HAVE_UINTXX_T, 1,
2643 [define if you have uintxx_t data type])
41cb4569 2644 fi
2645fi
2646
2647if test -z "$have_uintxx_t" ; then
2648 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2649 AC_TRY_COMPILE(
aff51935 2650 [ #include <stdint.h> ],
2651 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2652 [
2653 AC_DEFINE(HAVE_UINTXX_T)
2654 AC_MSG_RESULT(yes)
2655 ],
2656 [ AC_MSG_RESULT(no) ]
2657 )
2658fi
2659
e5fe9a1f 2660if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2661 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2662then
2663 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2664 AC_TRY_COMPILE(
58d100bf 2665 [
2666#include <sys/bitypes.h>
aff51935 2667 ],
5cdfe03f 2668 [
837c30b8 2669 int8_t a; int16_t b; int32_t c;
2670 u_int8_t e; u_int16_t f; u_int32_t g;
2671 a = b = c = e = f = g = 1;
aff51935 2672 ],
5cdfe03f 2673 [
2674 AC_DEFINE(HAVE_U_INTXX_T)
2675 AC_DEFINE(HAVE_INTXX_T)
2676 AC_MSG_RESULT(yes)
2677 ],
2678 [AC_MSG_RESULT(no)]
aff51935 2679 )
5cdfe03f 2680fi
2681
0362750e 2682
2683AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2684 AC_TRY_COMPILE(
2685 [
2686#include <sys/types.h>
2687 ],
2688 [ u_char foo; foo = 125; ],
2689 [ ac_cv_have_u_char="yes" ],
2690 [ ac_cv_have_u_char="no" ]
2691 )
2692])
2693if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2694 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2695fi
2696
98a7c37b 2697TYPE_SOCKLEN_T
2b942fe0 2698
2d16d9a3 2699AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2700AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2701#include <sys/types.h>
2702#ifdef HAVE_SYS_BITYPES_H
2703#include <sys/bitypes.h>
2704#endif
2705#ifdef HAVE_SYS_STATFS_H
2706#include <sys/statfs.h>
2707#endif
2708#ifdef HAVE_SYS_STATVFS_H
2709#include <sys/statvfs.h>
2710#endif
2711])
ddceb1c8 2712
86783a32 2713AC_CHECK_TYPES([in_addr_t, in_port_t],,,
777ece68 2714[#include <sys/types.h>
2715#include <netinet/in.h>])
7b578f7d 2716
58d100bf 2717AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2718 AC_TRY_COMPILE(
2719 [
18ba2aab 2720#include <sys/types.h>
58d100bf 2721 ],
2722 [ size_t foo; foo = 1235; ],
2723 [ ac_cv_have_size_t="yes" ],
2724 [ ac_cv_have_size_t="no" ]
2725 )
2726])
2727if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2728 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2729fi
ea1970a3 2730
c04f75f1 2731AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2732 AC_TRY_COMPILE(
2733 [
2734#include <sys/types.h>
2735 ],
2736 [ ssize_t foo; foo = 1235; ],
2737 [ ac_cv_have_ssize_t="yes" ],
2738 [ ac_cv_have_ssize_t="no" ]
2739 )
2740])
2741if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2742 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2743fi
2744
f1c4659d 2745AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2746 AC_TRY_COMPILE(
2747 [
2748#include <time.h>
2749 ],
2750 [ clock_t foo; foo = 1235; ],
2751 [ ac_cv_have_clock_t="yes" ],
2752 [ ac_cv_have_clock_t="no" ]
2753 )
2754])
2755if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2756 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2757fi
2758
1c04b088 2759AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2760 AC_TRY_COMPILE(
2761 [
2762#include <sys/types.h>
2763#include <sys/socket.h>
2764 ],
2765 [ sa_family_t foo; foo = 1235; ],
2766 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2767 [ AC_TRY_COMPILE(
2768 [
2769#include <sys/types.h>
2770#include <sys/socket.h>
2771#include <netinet/in.h>
2772 ],
2773 [ sa_family_t foo; foo = 1235; ],
2774 [ ac_cv_have_sa_family_t="yes" ],
2775
1c04b088 2776 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2777 )]
1c04b088 2778 )
2779])
2780if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2781 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2782 [define if you have sa_family_t data type])
1c04b088 2783fi
2784
729bfe59 2785AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2786 AC_TRY_COMPILE(
2787 [
2788#include <sys/types.h>
2789 ],
2790 [ pid_t foo; foo = 1235; ],
2791 [ ac_cv_have_pid_t="yes" ],
2792 [ ac_cv_have_pid_t="no" ]
2793 )
2794])
2795if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2796 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2797fi
2798
2799AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2800 AC_TRY_COMPILE(
2801 [
2802#include <sys/types.h>
2803 ],
2804 [ mode_t foo; foo = 1235; ],
2805 [ ac_cv_have_mode_t="yes" ],
2806 [ ac_cv_have_mode_t="no" ]
2807 )
2808])
2809if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2810 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2811fi
2812
e3a93db0 2813
58d100bf 2814AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2815 AC_TRY_COMPILE(
2816 [
18ba2aab 2817#include <sys/types.h>
2818#include <sys/socket.h>
58d100bf 2819 ],
2820 [ struct sockaddr_storage s; ],
2821 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2822 [ ac_cv_have_struct_sockaddr_storage="no" ]
2823 )
2824])
2825if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2826 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2827 [define if you have struct sockaddr_storage data type])
58d100bf 2828fi
48e671d5 2829
58d100bf 2830AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2831 AC_TRY_COMPILE(
2832 [
cbd7492e 2833#include <sys/types.h>
58d100bf 2834#include <netinet/in.h>
2835 ],
2836 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2837 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2838 [ ac_cv_have_struct_sockaddr_in6="no" ]
2839 )
2840])
2841if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2842 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2843 [define if you have struct sockaddr_in6 data type])
58d100bf 2844fi
48e671d5 2845
58d100bf 2846AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2847 AC_TRY_COMPILE(
2848 [
cbd7492e 2849#include <sys/types.h>
58d100bf 2850#include <netinet/in.h>
2851 ],
2852 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2853 [ ac_cv_have_struct_in6_addr="yes" ],
2854 [ ac_cv_have_struct_in6_addr="no" ]
2855 )
2856])
2857if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2858 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2859 [define if you have struct in6_addr data type])
95e16084 2860
2861dnl Now check for sin6_scope_id
2862 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2863 [
2864#ifdef HAVE_SYS_TYPES_H
2865#include <sys/types.h>
2866#endif
2867#include <netinet/in.h>
2868 ])
58d100bf 2869fi
48e671d5 2870
58d100bf 2871AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2872 AC_TRY_COMPILE(
2873 [
18ba2aab 2874#include <sys/types.h>
2875#include <sys/socket.h>
2876#include <netdb.h>
58d100bf 2877 ],
2878 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2879 [ ac_cv_have_struct_addrinfo="yes" ],
2880 [ ac_cv_have_struct_addrinfo="no" ]
2881 )
2882])
2883if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2884 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2885 [define if you have struct addrinfo data type])
58d100bf 2886fi
2887
89c7e31c 2888AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2889 AC_TRY_COMPILE(
aff51935 2890 [ #include <sys/time.h> ],
2891 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2892 [ ac_cv_have_struct_timeval="yes" ],
2893 [ ac_cv_have_struct_timeval="no" ]
2894 )
2895])
2896if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2897 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2898 have_struct_timeval=1
2899fi
2900
5271b55c 2901AC_CHECK_TYPES(struct timespec)
2902
85abc74b 2903# We need int64_t or else certian parts of the compile will fail.
4b492aab 2904if test "x$ac_cv_have_int64_t" = "xno" && \
2905 test "x$ac_cv_sizeof_long_int" != "x8" && \
2906 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2907 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2908 echo "an alternative compiler (I.E., GCC) before continuing."
2909 echo ""
2910 exit 1;
733cf7f4 2911else
2912dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2913 AC_RUN_IFELSE(
479cece8 2914 [AC_LANG_SOURCE([[
733cf7f4 2915#include <stdio.h>
2916#include <string.h>
2917#ifdef HAVE_SNPRINTF
2918main()
2919{
2920 char buf[50];
2921 char expected_out[50];
2922 int mazsize = 50 ;
2923#if (SIZEOF_LONG_INT == 8)
2924 long int num = 0x7fffffffffffffff;
2925#else
763a1a18 2926 long long num = 0x7fffffffffffffffll;
733cf7f4 2927#endif
2928 strcpy(expected_out, "9223372036854775807");
2929 snprintf(buf, mazsize, "%lld", num);
2930 if(strcmp(buf, expected_out) != 0)
aff51935 2931 exit(1);
733cf7f4 2932 exit(0);
2933}
2934#else
2935main() { exit(0); }
2936#endif
479cece8 2937 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2938 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2939 )
2c523de9 2940fi
2941
77bb0bca 2942dnl Checks for structure members
58d100bf 2943OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2944OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2945OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2946OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2947OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2948OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2949OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2950OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2951OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2952OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2953OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2954OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2955OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2956OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2957OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2958OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2959OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2960
2961AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2962AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2963 [Define if we don't have struct __res_state in resolv.h])],
2964[
2965#include <stdio.h>
2966#if HAVE_SYS_TYPES_H
2967# include <sys/types.h>
2968#endif
2969#include <netinet/in.h>
2970#include <arpa/nameser.h>
2971#include <resolv.h>
2972])
1d7b9b20 2973
58d100bf 2974AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2975 ac_cv_have_ss_family_in_struct_ss, [
2976 AC_TRY_COMPILE(
2977 [
18ba2aab 2978#include <sys/types.h>
2979#include <sys/socket.h>
58d100bf 2980 ],
2981 [ struct sockaddr_storage s; s.ss_family = 1; ],
2982 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2983 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2984 )
2985])
2986if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2987 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2988fi
2989
58d100bf 2990AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2991 ac_cv_have___ss_family_in_struct_ss, [
2992 AC_TRY_COMPILE(
2993 [
18ba2aab 2994#include <sys/types.h>
2995#include <sys/socket.h>
58d100bf 2996 ],
2997 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2998 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2999 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3000 )
3001])
3002if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 3003 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3004 [Fields in struct sockaddr_storage])
58d100bf 3005fi
3006
2e73a022 3007AC_CACHE_CHECK([for pw_class field in struct passwd],
3008 ac_cv_have_pw_class_in_struct_passwd, [
3009 AC_TRY_COMPILE(
3010 [
2e73a022 3011#include <pwd.h>
3012 ],
97994d32 3013 [ struct passwd p; p.pw_class = 0; ],
2e73a022 3014 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3015 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3016 )
3017])
3018if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 3019 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3020 [Define if your password has a pw_class field])
2e73a022 3021fi
3022
7751d4eb 3023AC_CACHE_CHECK([for pw_expire field in struct passwd],
3024 ac_cv_have_pw_expire_in_struct_passwd, [
3025 AC_TRY_COMPILE(
3026 [
3027#include <pwd.h>
3028 ],
3029 [ struct passwd p; p.pw_expire = 0; ],
3030 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3031 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3032 )
3033])
3034if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 3035 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3036 [Define if your password has a pw_expire field])
7751d4eb 3037fi
3038
3039AC_CACHE_CHECK([for pw_change field in struct passwd],
3040 ac_cv_have_pw_change_in_struct_passwd, [
3041 AC_TRY_COMPILE(
3042 [
3043#include <pwd.h>
3044 ],
3045 [ struct passwd p; p.pw_change = 0; ],
3046 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3047 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3048 )
3049])
3050if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 3051 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3052 [Define if your password has a pw_change field])
7751d4eb 3053fi
58d100bf 3054
637f9177 3055dnl make sure we're using the real structure members and not defines
6f34652e 3056AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3057 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3058 AC_COMPILE_IFELSE(
6f34652e 3059 [
f95c8ce8 3060#include <sys/types.h>
6f34652e 3061#include <sys/socket.h>
3062#include <sys/uio.h>
637f9177 3063int main() {
3064#ifdef msg_accrights
1a01a50c 3065#error "msg_accrights is a macro"
637f9177 3066exit(1);
3067#endif
3068struct msghdr m;
3069m.msg_accrights = 0;
3070exit(0);
3071}
6f34652e 3072 ],
6f34652e 3073 [ ac_cv_have_accrights_in_msghdr="yes" ],
3074 [ ac_cv_have_accrights_in_msghdr="no" ]
3075 )
3076])
3077if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3078 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3079 [Define if your system uses access rights style
3080 file descriptor passing])
6f34652e 3081fi
3082
87562a58 3083AC_MSG_CHECKING(if struct statvfs.f_fsid is integral type)
7a4f468b 3084AC_TRY_COMPILE([
3085#include <sys/types.h>
87562a58 3086#include <sys/stat.h>
3087#ifdef HAVE_SYS_TIME_H
3088# include <sys/time.h>
3089#endif
3090#ifdef HAVE_SYS_MOUNT_H
3091#include <sys/mount.h>
3092#endif
3093#ifdef HAVE_SYS_STATVFS_H
3094#include <sys/statvfs.h>
3095#endif
3096], [struct statvfs s; s.f_fsid = 0;],
3097[ AC_MSG_RESULT(yes) ],
3098[ AC_MSG_RESULT(no)
3099
3100 AC_MSG_CHECKING(if fsid_t has member val)
3101 AC_TRY_COMPILE([
3102#include <sys/types.h>
7a4f468b 3103#include <sys/statvfs.h>],
87562a58 3104 [fsid_t t; t.val[0] = 0;],
7a4f468b 3105 [ AC_MSG_RESULT(yes)
87562a58 3106 AC_DEFINE(FSID_HAS_VAL, 1, fsid_t has member val) ],
3107 [ AC_MSG_RESULT(no) ])
3108
3109 AC_MSG_CHECKING(if f_fsid has member __val)
3110 AC_TRY_COMPILE([
3111#include <sys/types.h>
3112#include <sys/statvfs.h>],
3113 [fsid_t t; t.__val[0] = 0;],
3114 [ AC_MSG_RESULT(yes)
3115 AC_DEFINE(FSID_HAS___VAL, 1, fsid_t has member __val) ],
3116 [ AC_MSG_RESULT(no) ])
3117])
7a4f468b 3118
7176df4f 3119AC_CACHE_CHECK([for msg_control field in struct msghdr],
3120 ac_cv_have_control_in_msghdr, [
1a01a50c 3121 AC_COMPILE_IFELSE(
7176df4f 3122 [
f95c8ce8 3123#include <sys/types.h>
7176df4f 3124#include <sys/socket.h>
3125#include <sys/uio.h>
637f9177 3126int main() {
3127#ifdef msg_control
1a01a50c 3128#error "msg_control is a macro"
637f9177 3129exit(1);
3130#endif
3131struct msghdr m;
3132m.msg_control = 0;
3133exit(0);
3134}
7176df4f 3135 ],
7176df4f 3136 [ ac_cv_have_control_in_msghdr="yes" ],
3137 [ ac_cv_have_control_in_msghdr="no" ]
3138 )
3139])
3140if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3141 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3142 [Define if your system uses ancillary data style
3143 file descriptor passing])
7176df4f 3144fi
3145
58d100bf 3146AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3147 AC_TRY_LINK([],
3148 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3149 [ ac_cv_libc_defines___progname="yes" ],
3150 [ ac_cv_libc_defines___progname="no" ]
3151 )
3152])
3153if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3154 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3155fi
8946db53 3156
c921ee00 3157AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3158 AC_TRY_LINK([
3159#include <stdio.h>
aff51935 3160],
3161 [ printf("%s", __FUNCTION__); ],
c921ee00 3162 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3163 [ ac_cv_cc_implements___FUNCTION__="no" ]
3164 )
3165])
3166if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3167 AC_DEFINE(HAVE___FUNCTION__, 1,
3168 [Define if compiler implements __FUNCTION__])
c921ee00 3169fi
3170
3171AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3172 AC_TRY_LINK([
3173#include <stdio.h>
aff51935 3174],
3175 [ printf("%s", __func__); ],
c921ee00 3176 [ ac_cv_cc_implements___func__="yes" ],
3177 [ ac_cv_cc_implements___func__="no" ]
3178 )
3179])
3180if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3181 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3182fi
3183
9a406e1e 3184AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3185 AC_TRY_LINK(
3186 [#include <stdarg.h>
3187 va_list x,y;],
3188 [va_copy(x,y);],
3189 [ ac_cv_have_va_copy="yes" ],
3190 [ ac_cv_have_va_copy="no" ]
3191 )
3192])
3193if test "x$ac_cv_have_va_copy" = "xyes" ; then
3194 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3195fi
3196
3197AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3198 AC_TRY_LINK(
3199 [#include <stdarg.h>
3200 va_list x,y;],
3201 [__va_copy(x,y);],
3202 [ ac_cv_have___va_copy="yes" ],
3203 [ ac_cv_have___va_copy="no" ]
3204 )
3205])
3206if test "x$ac_cv_have___va_copy" = "xyes" ; then
3207 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3208fi
3209
1812a662 3210AC_CACHE_CHECK([whether getopt has optreset support],
3211 ac_cv_have_getopt_optreset, [
3212 AC_TRY_LINK(
3213 [
3214#include <getopt.h>
3215 ],
3216 [ extern int optreset; optreset = 0; ],
3217 [ ac_cv_have_getopt_optreset="yes" ],
3218 [ ac_cv_have_getopt_optreset="no" ]
3219 )
3220])
3221if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3222 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3223 [Define if your getopt(3) defines and uses optreset])
1812a662 3224fi
a0391976 3225
819b676f 3226AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3227 AC_TRY_LINK([],
3228 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3229 [ ac_cv_libc_defines_sys_errlist="yes" ],
3230 [ ac_cv_libc_defines_sys_errlist="no" ]
3231 )
3232])
3233if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3234 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3235 [Define if your system defines sys_errlist[]])
819b676f 3236fi
3237
3238
416ed5a7 3239AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3240 AC_TRY_LINK([],
3241 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3242 [ ac_cv_libc_defines_sys_nerr="yes" ],
3243 [ ac_cv_libc_defines_sys_nerr="no" ]
3244 )
3245])
3246if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3247 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3248fi
3249
aff51935 3250SCARD_MSG="no"
295c8801 3251# Check whether user wants sectok support
3252AC_ARG_WITH(sectok,
3253 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3254 [
3255 if test "x$withval" != "xno" ; then
3256 if test "x$withval" != "xyes" ; then
3257 CPPFLAGS="$CPPFLAGS -I${withval}"
3258 LDFLAGS="$LDFLAGS -L${withval}"
3259 if test ! -z "$need_dash_r" ; then
3260 LDFLAGS="$LDFLAGS -R${withval}"
3261 fi
3262 if test ! -z "$blibpath" ; then
3263 blibpath="$blibpath:${withval}"
3264 fi
3265 fi
3266 AC_CHECK_HEADERS(sectok.h)
3267 if test "$ac_cv_header_sectok_h" != yes; then
3268 AC_MSG_ERROR(Can't find sectok.h)
3269 fi
3270 AC_CHECK_LIB(sectok, sectok_open)
3271 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3272 AC_MSG_ERROR(Can't find libsectok)
3273 fi
3466e002 3274 AC_DEFINE(SMARTCARD, 1,
3275 [Define if you want smartcard support])
3276 AC_DEFINE(USE_SECTOK, 1,
3277 [Define if you want smartcard support
3278 using sectok])
aff51935 3279 SCARD_MSG="yes, using sectok"
295c8801 3280 fi
3281 ]
3282)
3283
3284# Check whether user wants OpenSC support
987b458f 3285OPENSC_CONFIG="no"
295c8801 3286AC_ARG_WITH(opensc,
e47fb473 3287 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3288 [
3289 if test "x$withval" != "xno" ; then
3290 if test "x$withval" != "xyes" ; then
3291 OPENSC_CONFIG=$withval/bin/opensc-config
3292 else
3293 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3294 fi
3295 if test "$OPENSC_CONFIG" != "no"; then
3296 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3297 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3298 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3299 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3300 AC_DEFINE(SMARTCARD)
3466e002 3301 AC_DEFINE(USE_OPENSC, 1,
3302 [Define if you want smartcard support
3303 using OpenSC])
987b458f 3304 SCARD_MSG="yes, using OpenSC"
3305 fi
3306 fi
3307 ]
3308)
d0b19c95 3309
c31dc31c 3310# Check libraries needed by DNS fingerprint support
aff51935 3311AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3312 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3313 [Define if getrrsetbyname() exists])],
3e05e934 3314 [
c31dc31c 3315 # Needed by our getrrsetbyname()
3316 AC_SEARCH_LIBS(res_query, resolv)
3317 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3318 AC_MSG_CHECKING(if res_query will link)
3319 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3320 [AC_MSG_RESULT(no)
3321 saved_LIBS="$LIBS"
3322 LIBS="$LIBS -lresolv"
3323 AC_MSG_CHECKING(for res_query in -lresolv)
3324 AC_LINK_IFELSE([
3325#include <resolv.h>
3326int main()
3327{
3328 res_query (0, 0, 0, 0, 0);
3329 return 0;
3330}
3331 ],
3332 [LIBS="$LIBS -lresolv"
3333 AC_MSG_RESULT(yes)],
3334 [LIBS="$saved_LIBS"
3335 AC_MSG_RESULT(no)])
3336 ])
c31dc31c 3337 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3338 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3339 [#include <sys/types.h>
3340 #include <arpa/nameser.h>])
c31dc31c 3341 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3342 [AC_DEFINE(HAVE_HEADER_AD, 1,
3343 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3344 [#include <arpa/nameser.h>])
3345 ])
3e05e934 3346
560acf80 3347AC_MSG_CHECKING(if struct __res_state _res is an extern)
3348AC_LINK_IFELSE([
3349#include <stdio.h>
3350#if HAVE_SYS_TYPES_H
3351# include <sys/types.h>
3352#endif
3353#include <netinet/in.h>
3354#include <arpa/nameser.h>
3355#include <resolv.h>
3356extern struct __res_state _res;
3357int main() { return 0; }
3358 ],
3359 [AC_MSG_RESULT(yes)
3360 AC_DEFINE(HAVE__RES_EXTERN, 1,
3361 [Define if you have struct __res_state _res as an extern])
3362 ],
3363 [ AC_MSG_RESULT(no) ]
3364)
3365
ef4d1846 3366# Check whether user wants SELinux support
3367SELINUX_MSG="no"
3368LIBSELINUX=""
3369AC_ARG_WITH(selinux,
bb23b54f 3370 [ --with-selinux Enable SELinux support],
ef4d1846 3371 [ if test "x$withval" != "xno" ; then
e54defb4 3372 save_LIBS="$LIBS"
ef4d1846 3373 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3374 SELINUX_MSG="yes"
3375 AC_CHECK_HEADER([selinux/selinux.h], ,
3376 AC_MSG_ERROR(SELinux support requires selinux.h header))
3377 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3378 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3379 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3380 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3381 LIBS="$save_LIBS"
ef4d1846 3382 fi ]
3383)
ef4d1846 3384
12928e80 3385# Check whether user wants Kerberos 5 support
aff51935 3386KRB5_MSG="no"
12928e80 3387AC_ARG_WITH(kerberos5,
aff51935 3388 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3389 [ if test "x$withval" != "xno" ; then
3390 if test "x$withval" = "xyes" ; then
3391 KRB5ROOT="/usr/local"
3392 else
3393 KRB5ROOT=${withval}
3394 fi
3395
3466e002 3396 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3397 KRB5_MSG="yes"
3398
3399 AC_MSG_CHECKING(for krb5-config)
3400 if test -x $KRB5ROOT/bin/krb5-config ; then
3401 KRB5CONF=$KRB5ROOT/bin/krb5-config
3402 AC_MSG_RESULT($KRB5CONF)
3403
3404 AC_MSG_CHECKING(for gssapi support)
3405 if $KRB5CONF | grep gssapi >/dev/null ; then
3406 AC_MSG_RESULT(yes)
3466e002 3407 AC_DEFINE(GSSAPI, 1,
3408 [Define this if you want GSSAPI
3409 support in the version 2 protocol])
071970fb 3410 k5confopts=gssapi
aff51935 3411 else
5585c441 3412 AC_MSG_RESULT(no)
071970fb 3413 k5confopts=""
aff51935 3414 fi
071970fb 3415 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3416 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3417 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3418 AC_MSG_CHECKING(whether we are using Heimdal)
3419 AC_TRY_COMPILE([ #include <krb5.h> ],
3420 [ char *tmp = heimdal_version; ],
3421 [ AC_MSG_RESULT(yes)
3466e002 3422 AC_DEFINE(HEIMDAL, 1,
3423 [Define this if you are using the
3424 Heimdal version of Kerberos V5]) ],
5585c441 3425 AC_MSG_RESULT(no)
3426 )
3427 else
3428 AC_MSG_RESULT(no)
12928e80 3429 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3430 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3431 AC_MSG_CHECKING(whether we are using Heimdal)
3432 AC_TRY_COMPILE([ #include <krb5.h> ],
3433 [ char *tmp = heimdal_version; ],
3434 [ AC_MSG_RESULT(yes)
3435 AC_DEFINE(HEIMDAL)
41707f74 3436 K5LIBS="-lkrb5 -ldes"
3437 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3438 AC_CHECK_LIB(roken, net_write,
41707f74 3439 [K5LIBS="$K5LIBS -lroken"])
aff51935 3440 ],
3441 [ AC_MSG_RESULT(no)
3442 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3443 ]
3444 )
4e00038c 3445 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3446
596a825b 3447 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
749560dd 3448 [ AC_DEFINE(GSSAPI)
596a825b 3449 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3450 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
749560dd 3451 [ AC_DEFINE(GSSAPI)
596a825b 3452 K5LIBS="-lgssapi $K5LIBS" ],
749560dd 3453 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3454 $K5LIBS)
3455 ],
3456 $K5LIBS)
82f4e93d 3457
749560dd 3458 AC_CHECK_HEADER(gssapi.h, ,
3459 [ unset ac_cv_header_gssapi_h
aff51935 3460 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3461 AC_CHECK_HEADERS(gssapi.h, ,
3462 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3463 )
749560dd 3464 ]
3465 )
3466
3467 oldCPP="$CPPFLAGS"
3468 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3469 AC_CHECK_HEADER(gssapi_krb5.h, ,
3470 [ CPPFLAGS="$oldCPP" ])
3471
aff51935 3472 fi
5585c441 3473 if test ! -z "$need_dash_r" ; then
3474 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3475 fi
3476 if test ! -z "$blibpath" ; then
3477 blibpath="$blibpath:${KRB5ROOT}/lib"
3478 fi
071970fb 3479
f5555364 3480 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3481 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3482 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3483
f5555364 3484 LIBS="$LIBS $K5LIBS"
3466e002 3485 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3486 [Define this if you want to use libkafs' AFS support]))
f5555364 3487 fi
071970fb 3488 ]
12928e80 3489)
b5b68128 3490
a0391976 3491# Looking for programs, paths and files
a0391976 3492
ecac8ee5 3493PRIVSEP_PATH=/var/empty
3494AC_ARG_WITH(privsep-path,
cda1ebcb 3495 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3496 [
6cf0200f 3497 if test -n "$withval" && test "x$withval" != "xno" && \
3498 test "x${withval}" != "xyes"; then
ecac8ee5 3499 PRIVSEP_PATH=$withval
3500 fi
3501 ]
3502)
3503AC_SUBST(PRIVSEP_PATH)
3504
a0391976 3505AC_ARG_WITH(xauth,
3506 [ --with-xauth=PATH Specify path to xauth program ],
3507 [
6cf0200f 3508 if test -n "$withval" && test "x$withval" != "xno" && \
3509 test "x${withval}" != "xyes"; then
cbd7492e 3510 xauth_path=$withval
a0391976 3511 fi
3512 ],
3513 [
2bf42e4a 3514 TestPath="$PATH"
3515 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3516 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3517 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3518 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3519 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3520 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3521 xauth_path="/usr/openwin/bin/xauth"
3522 fi
3523 ]
3524)
3525
65a4b4af 3526STRIP_OPT=-s
3527AC_ARG_ENABLE(strip,
3528 [ --disable-strip Disable calling strip(1) on install],
3529 [
3530 if test "x$enableval" = "xno" ; then
3531 STRIP_OPT=
3532 fi
3533 ]
3534)
3535AC_SUBST(STRIP_OPT)
3536
b3ec54b4 3537if test -z "$xauth_path" ; then
3538 XAUTH_PATH="undefined"
3539 AC_SUBST(XAUTH_PATH)
3540else
3466e002 3541 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3542 [Define if xauth is found in your path])
b3ec54b4 3543 XAUTH_PATH=$xauth_path
3544 AC_SUBST(XAUTH_PATH)
a0391976 3545fi
a0391976 3546
3547# Check for mail directory (last resort if we cannot get it from headers)
3548if test ! -z "$MAIL" ; then
3549 maildir=`dirname $MAIL`
3466e002 3550 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3551 [Set this to your mail directory if you don't have maillock.h])
a0391976 3552fi
3553
479cece8 3554if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3555 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3556 disable_ptmx_check=yes
3557fi
a0391976 3558if test -z "$no_dev_ptmx" ; then
6e879cb4 3559 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3560 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3561 [
3466e002 3562 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3563 [Define if you have /dev/ptmx])
6e879cb4 3564 have_dev_ptmx=1
3565 ]
3566 )
3567 fi
3276571c 3568fi
1a01a50c 3569
479cece8 3570if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3571 AC_CHECK_FILE("/dev/ptc",
3572 [
3466e002 3573 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3574 [Define if you have /dev/ptc])
1a01a50c 3575 have_dev_ptc=1
3576 ]
3577 )
3578else
3579 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3580fi
3276571c 3581
a0391976 3582# Options from here on. Some of these are preset by platform above
fdf6b7aa 3583AC_ARG_WITH(mantype,
5d97cfbf 3584 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3585 [
5d97cfbf 3586 case "$withval" in
3587 man|cat|doc)
3588 MANTYPE=$withval
3589 ;;
3590 *)
3591 AC_MSG_ERROR(invalid man type: $withval)
3592 ;;
3593 esac
c54a6257 3594 ]
3595)
e0c4d3ac 3596if test -z "$MANTYPE"; then
2bf42e4a 3597 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3598 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3599 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3600 MANTYPE=doc
3601 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3602 MANTYPE=man
3603 else
3604 MANTYPE=cat
3605 fi
3606fi
c54a6257 3607AC_SUBST(MANTYPE)
e0c4d3ac 3608if test "$MANTYPE" = "doc"; then
3609 mansubdir=man;
3610else
3611 mansubdir=$MANTYPE;
3612fi
3613AC_SUBST(mansubdir)
0bc5b6fb 3614
a0391976 3615# Check whether to enable MD5 passwords
aff51935 3616MD5_MSG="no"
2ddcfdf3 3617AC_ARG_WITH(md5-passwords,
caf3bc51 3618 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3619 [
bcf36c78 3620 if test "x$withval" != "xno" ; then
3466e002 3621 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3622 [Define if you want to allow MD5 passwords])
aff51935 3623 MD5_MSG="yes"
0bc5b6fb 3624 fi
3625 ]
caf3bc51 3626)
3627
a0391976 3628# Whether to disable shadow password support
a7effaac 3629AC_ARG_WITH(shadow,
3630 [ --without-shadow Disable shadow password support],
3631 [
82f4e93d 3632 if test "x$withval" = "xno" ; then
a7effaac 3633 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3634 disable_shadow=yes
a7effaac 3635 fi
3636 ]
3637)
3638
4cb5ffa0 3639if test -z "$disable_shadow" ; then
3640 AC_MSG_CHECKING([if the systems has expire shadow information])
3641 AC_TRY_COMPILE(
3642 [
3643#include <sys/types.h>
3644#include <shadow.h>
3645 struct spwd sp;
3646 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3647 [ sp_expire_available=yes ], []
3648 )
3649
3650 if test "x$sp_expire_available" = "xyes" ; then
3651 AC_MSG_RESULT(yes)
3466e002 3652 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3653 [Define if you want to use shadow password expire field])
4cb5ffa0 3654 else
3655 AC_MSG_RESULT(no)
3656 fi
3657fi
3658
a0391976 3659# Use ip address instead of hostname in $DISPLAY
44839801 3660if test ! -z "$IPADDR_IN_DISPLAY" ; then
3661 DISPLAY_HACK_MSG="yes"
3466e002 3662 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3663 [Define if you need to use IP address
3664 instead of hostname in $DISPLAY])
44839801 3665else
aff51935 3666 DISPLAY_HACK_MSG="no"
44839801 3667 AC_ARG_WITH(ipaddr-display,
3668 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3669 [
82f4e93d 3670 if test "x$withval" != "xno" ; then
44839801 3671 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3672 DISPLAY_HACK_MSG="yes"
44839801 3673 fi
3674 ]
3675 )
3676fi
a7effaac 3677
95b99395 3678# check for /etc/default/login and use it if present.
daa41e62 3679AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3680 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3681 [ if test "x$enableval" = "xno"; then
3682 AC_MSG_NOTICE([/etc/default/login handling disabled])
3683 etc_default_login=no
3684 else
3685 etc_default_login=yes
3686 fi ],
b0e7249f 3687 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3688 then
3689 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3690 etc_default_login=no
3691 else
3692 etc_default_login=yes
3693 fi ]
694d0cef 3694)
95b99395 3695
694d0cef 3696if test "x$etc_default_login" != "xno"; then
3697 AC_CHECK_FILE("/etc/default/login",
3698 [ external_path_file=/etc/default/login ])
b0e7249f 3699 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3700 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3701 [Define if your system has /etc/default/login])
1a01a50c 3702 fi
694d0cef 3703fi
95b99395 3704
8d184c09 3705dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3706if test $ac_cv_func_login_getcapbool = "yes" && \
3707 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3708 external_path_file=/etc/login.conf
8d184c09 3709fi
95b99395 3710
a0391976 3711# Whether to mess with the default path
aff51935 3712SERVER_PATH_MSG="(default)"
c43d69a9 3713AC_ARG_WITH(default-path,
75817f90 3714 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3715 [
95b99395 3716 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3717 AC_MSG_WARN([
3718--with-default-path=PATH has no effect on this system.
3719Edit /etc/login.conf instead.])
82f4e93d 3720 elif test "x$withval" != "xno" ; then
89bbd457 3721 if test ! -z "$external_path_file" ; then
95b99395 3722 AC_MSG_WARN([
3723--with-default-path=PATH will only be used if PATH is not defined in
3724$external_path_file .])
3725 fi
b2d818e6 3726 user_path="$withval"
aff51935 3727 SERVER_PATH_MSG="$withval"
cb807f40 3728 fi
b2d818e6 3729 ],
95b99395 3730 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3731 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3732 else
89bbd457 3733 if test ! -z "$external_path_file" ; then
95b99395 3734 AC_MSG_WARN([
3735If PATH is defined in $external_path_file, ensure the path to scp is included,
3736otherwise scp will not work.])
3737 fi
b0e7249f 3738 AC_RUN_IFELSE(
3739 [AC_LANG_SOURCE([[
b2d818e6 3740/* find out what STDPATH is */
3741#include <stdio.h>
b2d818e6 3742#ifdef HAVE_PATHS_H
3743# include <paths.h>
3744#endif
3745#ifndef _PATH_STDPATH
d9a4e55b 3746# ifdef _PATH_USERPATH /* Irix */
3747# define _PATH_STDPATH _PATH_USERPATH
3748# else
3749# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3750# endif
b2d818e6 3751#endif
3752#include <sys/types.h>
3753#include <sys/stat.h>
3754#include <fcntl.h>
3755#define DATA "conftest.stdpath"
3756
3757main()
3758{
3759 FILE *fd;
3760 int rc;
82f4e93d 3761
b2d818e6 3762 fd = fopen(DATA,"w");
3763 if(fd == NULL)
3764 exit(1);
82f4e93d 3765
b2d818e6 3766 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3767 exit(1);
3768
3769 exit(0);
3770}
b0e7249f 3771 ]])],
3772 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3773 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3774 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3775 )
3776# make sure $bindir is in USER_PATH so scp will work
3777 t_bindir=`eval echo ${bindir}`
3778 case $t_bindir in
3779 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3780 esac
3781 case $t_bindir in
3782 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3783 esac
3784 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3785 if test $? -ne 0 ; then
3786 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3787 if test $? -ne 0 ; then
3788 user_path=$user_path:$t_bindir
3789 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3790 fi
3791 fi
8d184c09 3792 fi ]
cb807f40 3793)
95b99395 3794if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3795 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3796 AC_SUBST(user_path)
3797fi
cb807f40 3798
06617857 3799# Set superuser path separately to user path
06617857 3800AC_ARG_WITH(superuser-path,
3801 [ --with-superuser-path= Specify different path for super-user],
3802 [
6cf0200f 3803 if test -n "$withval" && test "x$withval" != "xno" && \
3804 test "x${withval}" != "xyes"; then
3466e002 3805 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3806 [Define if you want a different $PATH
3807 for the superuser])
06617857 3808 superuser_path=$withval
3809 fi
3810 ]
3811)
3812
3813
58d100bf 3814AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3815IPV4_IN6_HACK_MSG="no"
80faa19f 3816AC_ARG_WITH(4in6,
3817 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3818 [
3819 if test "x$withval" != "xno" ; then
3820 AC_MSG_RESULT(yes)
3466e002 3821 AC_DEFINE(IPV4_IN_IPV6, 1,
3822 [Detect IPv4 in IPv6 mapped addresses
3823 and treat as IPv4])
aff51935 3824 IPV4_IN6_HACK_MSG="yes"
80faa19f 3825 else
3826 AC_MSG_RESULT(no)
3827 fi
3828 ],[
3829 if test "x$inet6_default_4in6" = "xyes"; then
3830 AC_MSG_RESULT([yes (default)])
3831 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3832 IPV4_IN6_HACK_MSG="yes"
80faa19f 3833 else
3834 AC_MSG_RESULT([no (default)])
3835 fi
3836 ]
3837)
3838
af774732 3839# Whether to enable BSD auth support
f1b0ecc3 3840BSD_AUTH_MSG=no
af774732 3841AC_ARG_WITH(bsd-auth,
3842 [ --with-bsd-auth Enable BSD auth support],
3843 [
82f4e93d 3844 if test "x$withval" != "xno" ; then
3466e002 3845 AC_DEFINE(BSD_AUTH, 1,
3846 [Define if you have BSD auth support])
f1b0ecc3 3847 BSD_AUTH_MSG=yes
af774732 3848 fi
3849 ]
3850)
3851
a0391976 3852# Where to place sshd.pid
19d9ac2a 3853piddir=/var/run
81dadca3 3854# make sure the directory exists
82f4e93d 3855if test ! -d $piddir ; then
81dadca3 3856 piddir=`eval echo ${sysconfdir}`
3857 case $piddir in
aff51935 3858 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3859 esac
3860fi
3861
47e45e44 3862AC_ARG_WITH(pid-dir,
3863 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3864 [
6cf0200f 3865 if test -n "$withval" && test "x$withval" != "xno" && \
3866 test "x${withval}" != "xyes"; then
19d9ac2a 3867 piddir=$withval
82f4e93d 3868 if test ! -d $piddir ; then
81dadca3 3869 AC_MSG_WARN([** no $piddir directory on this system **])
3870 fi
47e45e44 3871 fi
3872 ]
3873)
b7a87eea 3874
3466e002 3875AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3876AC_SUBST(piddir)
47e45e44 3877
1d7b9b20 3878dnl allow user to disable some login recording features
3879AC_ARG_ENABLE(lastlog,
bfd550a2 3880 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3881 [
3882 if test "x$enableval" = "xno" ; then
3883 AC_DEFINE(DISABLE_LASTLOG)
3884 fi
3885 ]
1d7b9b20 3886)
3887AC_ARG_ENABLE(utmp,
bfd550a2 3888 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3889 [
3890 if test "x$enableval" = "xno" ; then
3891 AC_DEFINE(DISABLE_UTMP)
3892 fi
3893 ]
1d7b9b20 3894)
3895AC_ARG_ENABLE(utmpx,
bfd550a2 3896 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3897 [
3898 if test "x$enableval" = "xno" ; then
3466e002 3899 AC_DEFINE(DISABLE_UTMPX, 1,
3900 [Define if you don't want to use utmpx])
ddb154b3 3901 fi
3902 ]
1d7b9b20 3903)
3904AC_ARG_ENABLE(wtmp,
bfd550a2 3905 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3906 [
3907 if test "x$enableval" = "xno" ; then
3908 AC_DEFINE(DISABLE_WTMP)
3909 fi
3910 ]
1d7b9b20 3911)
3912AC_ARG_ENABLE(wtmpx,
bfd550a2 3913 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3914 [
3915 if test "x$enableval" = "xno" ; then
3466e002 3916 AC_DEFINE(DISABLE_WTMPX, 1,
3917 [Define if you don't want to use wtmpx])
ddb154b3 3918 fi
3919 ]
1d7b9b20 3920)
3921AC_ARG_ENABLE(libutil,
bfd550a2 3922 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3923 [
3924 if test "x$enableval" = "xno" ; then
3925 AC_DEFINE(DISABLE_LOGIN)
3926 fi
3927 ]
1d7b9b20 3928)
3929AC_ARG_ENABLE(pututline,
bfd550a2 3930 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3931 [
3932 if test "x$enableval" = "xno" ; then
3466e002 3933 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3934 [Define if you don't want to use pututline()
3935 etc. to write [uw]tmp])
ddb154b3 3936 fi
3937 ]
1d7b9b20 3938)
3939AC_ARG_ENABLE(pututxline,
bfd550a2 3940 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3941 [
3942 if test "x$enableval" = "xno" ; then
3466e002 3943 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3944 [Define if you don't want to use pututxline()
3945 etc. to write [uw]tmpx])
ddb154b3 3946 fi
3947 ]
1d7b9b20 3948)
3949AC_ARG_WITH(lastlog,
bfd550a2 3950 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3951 [
82f4e93d 3952 if test "x$withval" = "xno" ; then
8c89dd2b 3953 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3954 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3955 conf_lastlog_location=$withval
3956 fi
3957 ]
3958)
1d7b9b20 3959
3960dnl lastlog, [uw]tmpx? detection
3961dnl NOTE: set the paths in the platform section to avoid the
3962dnl need for command-line parameters
3963dnl lastlog and [uw]tmp are subject to a file search if all else fails
3964
3965dnl lastlog detection
3966dnl NOTE: the code itself will detect if lastlog is a directory
3967AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3968AC_TRY_COMPILE([
3969#include <sys/types.h>
3970#include <utmp.h>
3971#ifdef HAVE_LASTLOG_H
3972# include <lastlog.h>
3973#endif
d7c0f3d5 3974#ifdef HAVE_PATHS_H
1d7b9b20 3975# include <paths.h>
41cb4569 3976#endif
3977#ifdef HAVE_LOGIN_H
3978# include <login.h>
1d7b9b20 3979#endif
3980 ],
3981 [ char *lastlog = LASTLOG_FILE; ],
3982 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3983 [
3984 AC_MSG_RESULT(no)
3985 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3986 AC_TRY_COMPILE([
3987#include <sys/types.h>
3988#include <utmp.h>
3989#ifdef HAVE_LASTLOG_H
3990# include <lastlog.h>
3991#endif
3992#ifdef HAVE_PATHS_H
3993# include <paths.h>
3994#endif
3995 ],
3996 [ char *lastlog = _PATH_LASTLOG; ],
3997 [ AC_MSG_RESULT(yes) ],
3998 [
f282b668 3999 AC_MSG_RESULT(no)
d7c0f3d5 4000 system_lastlog_path=no
4001 ])
4002 ]
1d7b9b20 4003)
d7c0f3d5 4004
1d7b9b20 4005if test -z "$conf_lastlog_location"; then
4006 if test x"$system_lastlog_path" = x"no" ; then
4007 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 4008 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 4009 conf_lastlog_location=$f
4010 fi
4011 done
4012 if test -z "$conf_lastlog_location"; then
f8119cef 4013 AC_MSG_WARN([** Cannot find lastlog **])
4014 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 4015 fi
4016 fi
4017fi
4018
4019if test -n "$conf_lastlog_location"; then
3466e002 4020 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4021 [Define if you want to specify the path to your lastlog file])
82f4e93d 4022fi
1d7b9b20 4023
4024dnl utmp detection
4025AC_MSG_CHECKING([if your system defines UTMP_FILE])
4026AC_TRY_COMPILE([
4027#include <sys/types.h>
4028#include <utmp.h>
d7c0f3d5 4029#ifdef HAVE_PATHS_H
1d7b9b20 4030# include <paths.h>
4031#endif
4032 ],
4033 [ char *utmp = UTMP_FILE; ],
4034 [ AC_MSG_RESULT(yes) ],
4035 [ AC_MSG_RESULT(no)
4036 system_utmp_path=no ]
4037)
4038if test -z "$conf_utmp_location"; then
4039 if test x"$system_utmp_path" = x"no" ; then
4040 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4041 if test -f $f ; then
4042 conf_utmp_location=$f
4043 fi
4044 done
4045 if test -z "$conf_utmp_location"; then
4046 AC_DEFINE(DISABLE_UTMP)
4047 fi
4048 fi
4049fi
4050if test -n "$conf_utmp_location"; then
3466e002 4051 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4052 [Define if you want to specify the path to your utmp file])
82f4e93d 4053fi
1d7b9b20 4054
4055dnl wtmp detection
4056AC_MSG_CHECKING([if your system defines WTMP_FILE])
4057AC_TRY_COMPILE([
4058#include <sys/types.h>
4059#include <utmp.h>
d7c0f3d5 4060#ifdef HAVE_PATHS_H
1d7b9b20 4061# include <paths.h>
4062#endif
4063 ],
4064 [ char *wtmp = WTMP_FILE; ],
4065 [ AC_MSG_RESULT(yes) ],
4066 [ AC_MSG_RESULT(no)
4067 system_wtmp_path=no ]
4068)
4069if test -z "$conf_wtmp_location"; then
4070 if test x"$system_wtmp_path" = x"no" ; then
4071 for f in /usr/adm/wtmp /var/log/wtmp; do
4072 if test -f $f ; then
4073 conf_wtmp_location=$f
4074 fi
4075 done
4076 if test -z "$conf_wtmp_location"; then
4077 AC_DEFINE(DISABLE_WTMP)
4078 fi
4079 fi
4080fi
4081if test -n "$conf_wtmp_location"; then
3466e002 4082 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4083 [Define if you want to specify the path to your wtmp file])
82f4e93d 4084fi
1d7b9b20 4085
4086
4087dnl utmpx detection - I don't know any system so perverse as to require
4088dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4089dnl there, though.
4090AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4091AC_TRY_COMPILE([
4092#include <sys/types.h>
4093#include <utmp.h>
4094#ifdef HAVE_UTMPX_H
4095#include <utmpx.h>
4096#endif
d7c0f3d5 4097#ifdef HAVE_PATHS_H
1d7b9b20 4098# include <paths.h>
4099#endif
4100 ],
4101 [ char *utmpx = UTMPX_FILE; ],
4102 [ AC_MSG_RESULT(yes) ],
4103 [ AC_MSG_RESULT(no)
4104 system_utmpx_path=no ]
4105)
4106if test -z "$conf_utmpx_location"; then
4107 if test x"$system_utmpx_path" = x"no" ; then
4108 AC_DEFINE(DISABLE_UTMPX)
4109 fi
4110else
3466e002 4111 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4112 [Define if you want to specify the path to your utmpx file])
82f4e93d 4113fi
1d7b9b20 4114
4115dnl wtmpx detection
4116AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4117AC_TRY_COMPILE([
4118#include <sys/types.h>
4119#include <utmp.h>
4120#ifdef HAVE_UTMPX_H
4121#include <utmpx.h>
4122#endif
d7c0f3d5 4123#ifdef HAVE_PATHS_H
1d7b9b20 4124# include <paths.h>
4125#endif
4126 ],
4127 [ char *wtmpx = WTMPX_FILE; ],
4128 [ AC_MSG_RESULT(yes) ],
4129 [ AC_MSG_RESULT(no)
4130 system_wtmpx_path=no ]
4131)
4132if test -z "$conf_wtmpx_location"; then
4133 if test x"$system_wtmpx_path" = x"no" ; then
4134 AC_DEFINE(DISABLE_WTMPX)
4135 fi
4136else
3466e002 4137 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4138 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4139fi
1d7b9b20 4140
b7a87eea 4141
bd499f9e 4142if test ! -z "$blibpath" ; then
68ece370 4143 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4144 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4145fi
4146
ed89c848 4147dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4148dnl Add now.
4149CFLAGS="$CFLAGS $werror_flags"
4150
edee47f5 4151if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4152 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4153 AC_SUBST(TEST_SSH_IPV6, no)
4154else
4155 AC_SUBST(TEST_SSH_IPV6, yes)
4156fi
4157
3c62e7eb 4158AC_EXEEXT
29eadd7c 4159AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4160 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4161 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4162AC_OUTPUT
d3083fbd 4163
cbd7492e 4164# Print summary of options
4165
cbd7492e 4166# Someone please show me a better way :)
4167A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4168B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4169C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4170D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4171E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4172F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4173G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4174H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4175I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4176J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4177
4178echo ""
26de7942 4179echo "OpenSSH has been configured with the following options:"
ecac8ee5 4180echo " User binaries: $B"
4181echo " System binaries: $C"
4182echo " Configuration files: $D"
4183echo " Askpass program: $E"
4184echo " Manual pages: $F"
4185echo " PID file: $G"
4186echo " Privilege separation chroot path: $H"
95b99395 4187if test "x$external_path_file" = "x/etc/login.conf" ; then
4188echo " At runtime, sshd will use the path defined in $external_path_file"
4189echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4190else
ecac8ee5 4191echo " sshd default user PATH: $I"
89bbd457 4192 if test ! -z "$external_path_file"; then
95b99395 4193echo " (If PATH is set in $external_path_file it will be used instead. If"
4194echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4195 fi
8d184c09 4196fi
06617857 4197if test ! -z "$superuser_path" ; then
ecac8ee5 4198echo " sshd superuser user PATH: $J"
4199fi
4200echo " Manpage format: $MANTYPE"
3e05e934 4201echo " PAM support: $PAM_MSG"
5b84789f 4202echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4203echo " KerberosV support: $KRB5_MSG"
ef4d1846 4204echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4205echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4206echo " S/KEY support: $SKEY_MSG"
4207echo " TCP Wrappers support: $TCPW_MSG"
4208echo " MD5 password support: $MD5_MSG"
59031773 4209echo " libedit support: $LIBEDIT_MSG"
5b84789f 4210echo " Solaris process contract support: $SPC_MSG"
3deb1408 4211echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4212echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4213echo " BSD Auth support: $BSD_AUTH_MSG"
4214echo " Random number source: $RAND_MSG"
f1b0ecc3 4215if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4216echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4217fi
4218
cbd7492e 4219echo ""
4220
0c2fb82f 4221echo " Host: ${host}"
4222echo " Compiler: ${CC}"
4223echo " Compiler flags: ${CFLAGS}"
4224echo "Preprocessor flags: ${CPPFLAGS}"
4225echo " Linker flags: ${LDFLAGS}"
e54defb4 4226echo " Libraries: ${LIBS}"
4227if test ! -z "${SSHDLIBS}"; then
4228echo " +for sshd: ${SSHDLIBS}"
4229fi
cbd7492e 4230
4231echo ""
4232
9cefe228 4233if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4234 echo "SVR4 style packages are supported with \"make package\""
4235 echo ""
9cefe228 4236fi
4237
adeebd37 4238if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4239 echo "PAM is enabled. You may need to install a PAM control file "
4240 echo "for sshd, otherwise password authentication may fail. "
aff51935 4241 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4242 echo "subdirectory"
adeebd37 4243 echo ""
4244fi
4245
f1b0ecc3 4246if test ! -z "$RAND_HELPER_CMDHASH" ; then
4247 echo "WARNING: you are using the builtin random number collection "
4248 echo "service. Please read WARNING.RNG and request that your OS "
4249 echo "vendor includes kernel-based random number collection in "
4250 echo "future versions of your OS."
2c523de9 4251 echo ""
4252fi
af774732 4253
2f6f9cff 4254if test ! -z "$NO_PEERCHECK" ; then
1961d660 4255 echo "WARNING: the operating system that you are using does not"
4256 echo "appear to support getpeereid(), getpeerucred() or the"
4257 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4258 echo "enforce security checks to prevent unauthorised connections to"
4259 echo "ssh-agent. Their absence increases the risk that a malicious"
4260 echo "user can connect to your agent."
2f6f9cff 4261 echo ""
4262fi
4263
7b578f7d 4264if test "$AUDIT_MODULE" = "bsm" ; then
4265 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4266 echo "See the Solaris section in README.platform for details."
4267fi
git-cvsimport mirror of OpenSSH
This page took 1.658484 seconds and 5 git commands to generate.