]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [configure.ac] Check for headers before libraries for openssl an
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
b5902374 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
cd595991 112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
b55b0285 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
caa21240 127 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 128 # and/or platforms, so we test if we can. If it's not supported
53e2660a 129 # on a given platform gcc will emit a warning so we use -Werror.
caa21240 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
23c5c479 132 AC_MSG_CHECKING(if $CC supports $t)
caa21240 133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
23c5c479 135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
53e2660a 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
23c5c479 141 ])],
caa21240 142 [ AC_MSG_RESULT(yes)
23c5c479 143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
caa21240 145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
53e2660a 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
caa21240 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
23c5c479 156 )
caa21240 157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
eb5a7224 164
dfafb2e1 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
d423d822 176fi
177
0b9fdeb8 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
e6354014 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
82f4e93d 185 if test "x$withval" = "xno" ; then
e6354014 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
aa56f760 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
6d39a5c4 265 poll.h \
aa56f760 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
282 sys/ndir.h \
8aa5db7d 283 sys/poll.h \
aa56f760 284 sys/prctl.h \
285 sys/pstat.h \
286 sys/select.h \
287 sys/stat.h \
288 sys/stream.h \
289 sys/stropts.h \
290 sys/strtio.h \
4538e135 291 sys/statvfs.h \
aa56f760 292 sys/sysmacros.h \
293 sys/time.h \
294 sys/timers.h \
295 sys/un.h \
296 time.h \
297 tmpdir.h \
298 ttyent.h \
40701614 299 ucred.h \
aa56f760 300 unistd.h \
301 usersec.h \
302 util.h \
303 utime.h \
304 utmp.h \
305 utmpx.h \
306 vis.h \
307)
308
309# lastlog.h requires sys/time.h to be included first on Solaris
310AC_CHECK_HEADERS(lastlog.h, [], [], [
311#ifdef HAVE_SYS_TIME_H
312# include <sys/time.h>
313#endif
314])
315
316# sys/ptms.h requires sys/stream.h to be included first on Solaris
317AC_CHECK_HEADERS(sys/ptms.h, [], [], [
318#ifdef HAVE_SYS_STREAM_H
319# include <sys/stream.h>
320#endif
321])
322
323# login_cap.h requires sys/types.h on NetBSD
324AC_CHECK_HEADERS(login_cap.h, [], [], [
325#include <sys/types.h>
326])
327
0a008a4d 328# older BSDs need sys/param.h before sys/mount.h
329AC_CHECK_HEADERS(sys/mount.h, [], [], [
330#include <sys/param.h>
331])
332
5b84789f 333# Messages for features tested for in target-specific section
334SIA_MSG="no"
335SPC_MSG="no"
336
a0391976 337# Check for some target-specific stuff
a7effaac 338case "$host" in
9d6b1b96 339*-*-aix*)
25a2779b 340 # Some versions of VAC won't allow macro redefinitions at
341 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
342 # particularly with older versions of vac or xlc.
343 # It also throws errors about null macro argments, but these are
344 # not fatal.
345 AC_MSG_CHECKING(if compiler allows macro redefinitions)
346 AC_COMPILE_IFELSE(
347 [AC_LANG_SOURCE([[
348#define testmacro foo
349#define testmacro bar
350int main(void) { exit(0); }
351 ]])],
352 [ AC_MSG_RESULT(yes) ],
353 [ AC_MSG_RESULT(no)
354 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
355 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
356 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
357 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
358 ]
359 )
360
aff51935 361 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 362 if (test -z "$blibpath"); then
0a15d73b 363 blibpath="/usr/lib:/lib"
68ece370 364 fi
365 saved_LDFLAGS="$LDFLAGS"
e7479666 366 if test "$GCC" = "yes"; then
367 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
368 else
369 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
370 fi
371 for tryflags in $flags ;do
68ece370 372 if (test -z "$blibflags"); then
373 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
374 AC_TRY_LINK([], [], [blibflags=$tryflags])
375 fi
376 done
377 if (test -z "$blibflags"); then
378 AC_MSG_RESULT(not found)
379 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
380 else
381 AC_MSG_RESULT($blibflags)
bd499f9e 382 fi
68ece370 383 LDFLAGS="$saved_LDFLAGS"
e351e493 384 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 385 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
386 [Define if you want to enable AIX4's authenticate function])],
0764e748 387 [AC_CHECK_LIB(s,authenticate,
e351e493 388 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 389 LIBS="$LIBS -ls"
390 ])
391 ])
ba603e06 392 dnl Check for various auth function declarations in headers.
c85ed8e2 393 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 394 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 395 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 396 AC_CHECK_DECLS(loginfailed,
e351e493 397 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
398 AC_TRY_COMPILE(
f58c0e01 399 [#include <usersec.h>],
e351e493 400 [(void)loginfailed("user","host","tty",0);],
401 [AC_MSG_RESULT(yes)
3466e002 402 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
403 [Define if your AIX loginfailed() function
404 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 405 [AC_MSG_RESULT(no)]
e351e493 406 )],
407 [],
408 [#include <usersec.h>]
409 )
533a78f0 410 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 411 AC_CHECK_DECL(F_CLOSEM,
795e7517 412 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 413 [],
414 [ #include <limits.h>
415 #include <fcntl.h> ]
416 )
5ccf88cb 417 check_for_aix_broken_getaddrinfo=1
3466e002 418 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
419 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
420 [Define if your platform breaks doing a seteuid before a setuid])
421 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
422 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 423 dnl AIX handles lastlog as part of its login message
3466e002 424 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
425 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
426 [Some systems need a utmpx entry for /bin/login to work])
427 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
428 [Define to a Set Process Title type if your system is
429 supported by bsd-setproctitle.c])
961c2997 430 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
431 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 432 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 433 ;;
3c62e7eb 434*-*-cygwin*)
a52997bd 435 check_for_libcrypt_later=1
04765d02 436 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 437 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
438 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
439 AC_DEFINE(DISABLE_SHADOW, 1,
440 [Define if you want to disable shadow passwords])
3466e002 441 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
442 [Define if X11 doesn't support AF_UNIX sockets on that system])
443 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
444 [Define if the concept of ports only accessible to
445 superusers isn't known])
446 AC_DEFINE(DISABLE_FD_PASSING, 1,
447 [Define if your platform needs to skip post auth
448 file descriptor passing])
3c62e7eb 449 ;;
d6fdb079 450*-*-dgux*)
bc9a470b 451 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
452 [Define if your system choked on IP TOS setting])
0c6a72a5 453 AC_DEFINE(SETEUID_BREAKS_SETUID)
454 AC_DEFINE(BROKEN_SETREUID)
455 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 456 ;;
39c98ef7 457*-*-darwin*)
33e2e066 458 AC_MSG_CHECKING(if we have working getaddrinfo)
459 AC_TRY_RUN([#include <mach-o/dyld.h>
460main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
461 exit(0);
462 else
463 exit(1);
464}], [AC_MSG_RESULT(working)],
465 [AC_MSG_RESULT(buggy)
3466e002 466 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 467 [AC_MSG_RESULT(assume it is working)])
635e0c42 468 AC_DEFINE(SETEUID_BREAKS_SETUID)
469 AC_DEFINE(BROKEN_SETREUID)
470 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 471 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 472 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
473 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 474 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
475 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
476 [Use tunnel device compatibility to OpenBSD])
477 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
478 [Prepend the address family to IP tunnel traffic])
a74e9b64 479 m4_pattern_allow(AU_IPv)
480 AC_CHECK_DECL(AU_IPv4, [],
481 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
482 [#include <bsm/audit.h>]
295dd642 483 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1,
484 [Define if pututxline updates lastlog too])
a74e9b64 485 )
39c98ef7 486 ;;
36f36ba3 487*-*-dragonfly*)
488 SSHDLIBS="$SSHDLIBS -lcrypt"
489 ;;
7d458c86 490*-*-hpux*)
491 # first we define all of the options common to all HP-UX releases
b8fea62d 492 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 493 IPADDR_IN_DISPLAY=yes
2b10f47a 494 AC_DEFINE(USE_PIPES)
3466e002 495 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
496 [Define if your login program cannot handle end of options ("--")])
a2572aa7 497 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 498 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
499 [String used in /etc/passwd to denote locked account])
3a2b2b44 500 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 501 MAIL="/var/mail/username"
f75ca46d 502 LIBS="$LIBS -lsec"
7d458c86 503 AC_CHECK_LIB(xnet, t_error, ,
504 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
505
506 # next, we define all of the options specific to major releases
507 case "$host" in
508 *-*-hpux10*)
509 if test -z "$GCC"; then
510 CFLAGS="$CFLAGS -Ae"
511 fi
512 ;;
513 *-*-hpux11*)
3466e002 514 AC_DEFINE(PAM_SUN_CODEBASE, 1,
515 [Define if you are using Solaris-derived PAM which
516 passes pam_messages to the conversation function
517 with an extra level of indirection])
518 AC_DEFINE(DISABLE_UTMP, 1,
519 [Define if you don't want to use utmp])
7d458c86 520 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
521 check_for_hpux_broken_getaddrinfo=1
522 check_for_conflicting_getspnam=1
523 ;;
524 esac
525
526 # lastly, we define options specific to minor releases
527 case "$host" in
528 *-*-hpux10.26)
3466e002 529 AC_DEFINE(HAVE_SECUREWARE, 1,
530 [Define if you have SecureWare-based
531 protected password database])
7d458c86 532 disable_ptmx_check=yes
533 LIBS="$LIBS -lsecpw"
534 ;;
535 esac
2b763e31 536 ;;
d94aa2ae 537*-*-irix5*)
6ac7829a 538 PATH="$PATH:/usr/etc"
3466e002 539 AC_DEFINE(BROKEN_INET_NTOA, 1,
540 [Define if you system's inet_ntoa is busted
541 (e.g. Irix gcc issue)])
cb433561 542 AC_DEFINE(SETEUID_BREAKS_SETUID)
543 AC_DEFINE(BROKEN_SETREUID)
544 AC_DEFINE(BROKEN_SETREGID)
3466e002 545 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
546 [Define if you shouldn't strip 'tty' from your
547 ttyname in [uw]tmp])
3e6e3da0 548 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 549 ;;
550*-*-irix6*)
6ac7829a 551 PATH="$PATH:/usr/etc"
3466e002 552 AC_DEFINE(WITH_IRIX_ARRAY, 1,
553 [Define if you have/want arrays
554 (cluster-wide session managment, not C arrays)])
555 AC_DEFINE(WITH_IRIX_PROJECT, 1,
556 [Define if you want IRIX project management])
557 AC_DEFINE(WITH_IRIX_AUDIT, 1,
558 [Define if you want IRIX audit trails])
559 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
560 [Define if you want IRIX kernel jobs])])
416ed5a7 561 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 562 AC_DEFINE(SETEUID_BREAKS_SETUID)
563 AC_DEFINE(BROKEN_SETREUID)
564 AC_DEFINE(BROKEN_SETREGID)
3466e002 565 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 566 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 567 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 568 ;;
4c3b7423 569*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu)
570 check_for_libcrypt_later=1
571 AC_DEFINE(PAM_TTY_KLUDGE)
572 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
573 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
574 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
575 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
576 ;;
5cdfe03f 577*-*-linux*)
578 no_dev_ptmx=1
717057b6 579 check_for_libcrypt_later=1
eacb954e 580 check_for_openpty_ctty_bug=1
3466e002 581 AC_DEFINE(PAM_TTY_KLUDGE, 1,
582 [Work around problematic Linux PAM modules handling of PAM_TTY])
583 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
584 [String used in /etc/passwd to denote locked account])
3a2b2b44 585 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 586 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
587 [Define to whatever link() returns for "not supported"
588 if it doesn't return EOPNOTSUPP.])
b6610e8f 589 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 590 AC_DEFINE(USE_BTMP)
80faa19f 591 inet6_default_4in6=yes
bf7c1e6c 592 case `uname -r` in
ad84c479 593 1.*|2.0.*)
3466e002 594 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
595 [Define if cmsg_type is not passed correctly])
bf7c1e6c 596 ;;
bf7c1e6c 597 esac
c40f09ca 598 # tun(4) forwarding compat code
d91775e1 599 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 600 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 601 AC_DEFINE(SSH_TUN_LINUX, 1,
602 [Open tunnel devices the Linux tun/tap way])
603 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
604 [Use tunnel device compatibility to OpenBSD])
605 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
606 [Prepend the address family to IP tunnel traffic])
607 fi
5cdfe03f 608 ;;
66d6c27e 609mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 610 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 611 SONY=1
66d6c27e 612 ;;
d468fc76 613*-*-netbsd*)
33e2e066 614 check_for_libcrypt_before=1
82f4e93d 615 if test "x$withval" != "xno" ; then
e6354014 616 need_dash_r=1
617 fi
0f6cb079 618 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
619 AC_CHECK_HEADER([net/if_tap.h], ,
620 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
621 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
622 [Prepend the address family to IP tunnel traffic])
d468fc76 623 ;;
86b416a7 624*-*-freebsd*)
625 check_for_libcrypt_later=1
988c5031 626 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 627 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
628 AC_CHECK_HEADER([net/if_tap.h], ,
629 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 630 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 631 ;;
8707b7eb 632*-*-bsdi*)
633 AC_DEFINE(SETEUID_BREAKS_SETUID)
634 AC_DEFINE(BROKEN_SETREUID)
635 AC_DEFINE(BROKEN_SETREGID)
636 ;;
729bfe59 637*-next-*)
729bfe59 638 conf_lastlog_location="/usr/adm/lastlog"
698d107e 639 conf_utmp_location=/etc/utmp
640 conf_wtmp_location=/usr/adm/wtmp
641 MAIL=/usr/spool/mail
3466e002 642 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 643 AC_DEFINE(BROKEN_REALPATH)
00937921 644 AC_DEFINE(USE_PIPES)
3466e002 645 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 646 ;;
5b7b5e23 647*-*-openbsd*)
648 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 649 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 650 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 651 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
652 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 653 ;;
9d6b1b96 654*-*-solaris*)
82f4e93d 655 if test "x$withval" != "xno" ; then
010e9d5b 656 need_dash_r=1
657 fi
adeebd37 658 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 659 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 660 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
661 [Some versions of /bin/login need the TERM supplied
662 on the commandline])
7f0a4ff1 663 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 664 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
665 [Define if pam_chauthtok wants real uid set
666 to the unpriv'ed user])
3e6e3da0 667 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 668 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 669 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
670 [Define if sshd somehow reacquires a controlling TTY
671 after setsid()])
795aa5f5 672 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
673 in case the name is longer than 8 chars])
95b99395 674 external_path_file=/etc/default/login
1d7b9b20 675 # hardwire lastlog location (can't detect it on some versions)
676 conf_lastlog_location="/var/adm/lastlog"
32c80420 677 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
678 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
679 if test "$sol2ver" -ge 8; then
680 AC_MSG_RESULT(yes)
681 AC_DEFINE(DISABLE_UTMP)
3466e002 682 AC_DEFINE(DISABLE_WTMP, 1,
683 [Define if you don't want to use wtmp])
32c80420 684 else
685 AC_MSG_RESULT(no)
686 fi
5b84789f 687 AC_ARG_WITH(solaris-contracts,
688 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
689 [
690 AC_CHECK_LIB(contract, ct_tmpl_activate,
691 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
692 [Define if you have Solaris process contracts])
693 SSHDLIBS="$SSHDLIBS -lcontract"
694 AC_SUBST(SSHDLIBS)
695 SPC_MSG="yes" ], )
696 ],
697 )
9d6b1b96 698 ;;
a423beaf 699*-*-sunos4*)
0c2fb82f 700 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 701 AC_CHECK_FUNCS(getpwanam)
adeebd37 702 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 703 conf_utmp_location=/etc/utmp
704 conf_wtmp_location=/var/adm/wtmp
705 conf_lastlog_location=/var/adm/lastlog
137d7b6c 706 AC_DEFINE(USE_PIPES)
a423beaf 707 ;;
6f68f28a 708*-ncr-sysv*)
98a7c37b 709 LIBS="$LIBS -lc89"
29525240 710 AC_DEFINE(USE_PIPES)
eabb99c6 711 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 712 AC_DEFINE(SETEUID_BREAKS_SETUID)
713 AC_DEFINE(BROKEN_SETREUID)
714 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 715 ;;
132dd316 716*-sni-sysv*)
c8c15bcb 717 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 718 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 719 # -lresolv needs to be at the end of LIBS or DNS lookups break
720 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 721 IPADDR_IN_DISPLAY=yes
722 AC_DEFINE(USE_PIPES)
132dd316 723 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 724 AC_DEFINE(SETEUID_BREAKS_SETUID)
725 AC_DEFINE(BROKEN_SETREUID)
726 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 727 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 728 external_path_file=/etc/default/login
c8c15bcb 729 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
730 # Attention: always take care to bind libsocket and libnsl before libc,
731 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 732 ;;
79a7ba96 733# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 734*-*-sysv4.2*)
ed6553e2 735 AC_DEFINE(USE_PIPES)
7ed101c0 736 AC_DEFINE(SETEUID_BREAKS_SETUID)
737 AC_DEFINE(BROKEN_SETREUID)
738 AC_DEFINE(BROKEN_SETREGID)
46f853b9 739 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 740 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 741 ;;
79a7ba96 742# UnixWare 7.x, OpenUNIX 8
77bb0bca 743*-*-sysv5*)
d7d2cc6e 744 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 745 AC_DEFINE(USE_PIPES)
7ed101c0 746 AC_DEFINE(SETEUID_BREAKS_SETUID)
747 AC_DEFINE(BROKEN_SETREUID)
748 AC_DEFINE(BROKEN_SETREGID)
3466e002 749 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 750 case "$host" in
751 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
752 TEST_SHELL=/u95/bin/sh
3466e002 753 AC_DEFINE(BROKEN_LIBIAF, 1,
754 [ia_uinfo routines not supported by OS yet])
5cc6ddad 755 AC_DEFINE(BROKEN_UPDWTMPX)
16076ac9 756 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
757 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
758 AC_DEFINE(HAVE_SECUREWARE)
759 AC_DEFINE(DISABLE_SHADOW)
760 ],,)
822015dd 761 ;;
e45da4d6 762 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
44a71983 763 check_for_libcrypt_later=1
e45da4d6 764 ;;
822015dd 765 esac
77bb0bca 766 ;;
9d6b1b96 767*-*-sysv*)
9d6b1b96 768 ;;
79a7ba96 769# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 770*-*-sco3.2v4*)
11cf4f1f 771 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 772 ;;
79a7ba96 773# SCO OpenServer 5.x
77bb0bca 774*-*-sco3.2v5*)
21710e39 775 if test -z "$GCC"; then
776 CFLAGS="$CFLAGS -belf"
777 fi
ed6553e2 778 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 779 no_dev_ptmx=1
ed6553e2 780 AC_DEFINE(USE_PIPES)
6e879cb4 781 AC_DEFINE(HAVE_SECUREWARE)
d287c664 782 AC_DEFINE(DISABLE_SHADOW)
94d8258b 783 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 784 AC_DEFINE(SETEUID_BREAKS_SETUID)
785 AC_DEFINE(BROKEN_SETREUID)
786 AC_DEFINE(BROKEN_SETREGID)
bcebad47 787 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 788 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 789 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 790 AC_CHECK_FUNCS(getluid setluid)
533875af 791 MANTYPE=man
a3245b92 792 TEST_SHELL=ksh
509b1f88 793 ;;
ccbb983c 794*-*-unicosmk*)
3466e002 795 AC_DEFINE(NO_SSH_LASTLOG, 1,
796 [Define if you don't want to use lastlog in session.c])
c1ad5966 797 AC_DEFINE(SETEUID_BREAKS_SETUID)
798 AC_DEFINE(BROKEN_SETREUID)
799 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 800 AC_DEFINE(USE_PIPES)
801 AC_DEFINE(DISABLE_FD_PASSING)
802 LDFLAGS="$LDFLAGS"
803 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
804 MANTYPE=cat
d262b7f2 805 ;;
7b9a8c6e 806*-*-unicosmp*)
c1ad5966 807 AC_DEFINE(SETEUID_BREAKS_SETUID)
808 AC_DEFINE(BROKEN_SETREUID)
809 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 810 AC_DEFINE(WITH_ABBREV_NO_TTY)
811 AC_DEFINE(USE_PIPES)
812 AC_DEFINE(DISABLE_FD_PASSING)
813 LDFLAGS="$LDFLAGS"
c1ad5966 814 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 815 MANTYPE=cat
816 ;;
ca5c7d6a 817*-*-unicos*)
c1ad5966 818 AC_DEFINE(SETEUID_BREAKS_SETUID)
819 AC_DEFINE(BROKEN_SETREUID)
820 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 821 AC_DEFINE(USE_PIPES)
94d8258b 822 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 823 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 824 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
825 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
826 MANTYPE=cat
a704dd54 827 ;;
4d33e531 828*-dec-osf*)
99c8ddac 829 AC_MSG_CHECKING(for Digital Unix SIA)
830 no_osfsia=""
831 AC_ARG_WITH(osfsia,
832 [ --with-osfsia Enable Digital Unix SIA],
833 [
834 if test "x$withval" = "xno" ; then
835 AC_MSG_RESULT(disabled)
836 no_osfsia=1
837 fi
838 ],
839 )
840 if test -z "$no_osfsia" ; then
4d33e531 841 if test -f /etc/sia/matrix.conf; then
842 AC_MSG_RESULT(yes)
3466e002 843 AC_DEFINE(HAVE_OSF_SIA, 1,
844 [Define if you have Digital Unix Security
845 Integration Architecture])
846 AC_DEFINE(DISABLE_LOGIN, 1,
847 [Define if you don't want to use your
848 system's login() call])
58d0df4e 849 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 850 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 851 SIA_MSG="yes"
4d33e531 852 else
853 AC_MSG_RESULT(no)
3466e002 854 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
855 [String used in /etc/passwd to denote locked account])
4d33e531 856 fi
857 fi
a6e67b60 858 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 859 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 860 AC_DEFINE(BROKEN_SETREUID)
861 AC_DEFINE(BROKEN_SETREGID)
6ed8a3ae 862 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
4d33e531 863 ;;
41cb4569 864
9c54c067 865*-*-nto-qnx*)
41cb4569 866 AC_DEFINE(USE_PIPES)
867 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 868 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
869 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
870 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 871 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 872 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 873 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 874 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 875 case "$host" in
876 *-*-nto-qnx6*)
877 AC_DEFINE(DISABLE_FD_PASSING)
878 ;;
879 esac
41cb4569 880 ;;
35fc74ed 881
882*-*-ultrix*)
3466e002 883 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
884 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 885 AC_DEFINE(NEED_SETPGRP)
b5765e1d 886 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
887 ;;
157b6700 888
889*-*-lynxos)
890 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 891 AC_DEFINE(MISSING_HOWMANY)
157b6700 892 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
893 ;;
a7effaac 894esac
895
c5829391 896AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 897AC_RUN_IFELSE(
898 [AC_LANG_SOURCE([
c5829391 899#include <stdio.h>
900int main(){exit(0);}
479cece8 901 ])],
c5829391 902 [ AC_MSG_RESULT(yes) ],
903 [
904 AC_MSG_RESULT(no)
905 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 906 ],
907 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 908)
909
b04a9f8c 910dnl Checks for header files.
a0391976 911# Checks for libraries.
98a7c37b 912AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
913AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 914
446227d6 915dnl IRIX and Solaris 2.5.1 have dirname() in libgen
916AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
917 AC_CHECK_LIB(gen, dirname,[
918 AC_CACHE_CHECK([for broken dirname],
919 ac_cv_have_broken_dirname, [
920 save_LIBS="$LIBS"
921 LIBS="$LIBS -lgen"
b0e7249f 922 AC_RUN_IFELSE(
923 [AC_LANG_SOURCE([[
446227d6 924#include <libgen.h>
925#include <string.h>
926
927int main(int argc, char **argv) {
928 char *s, buf[32];
929
930 strncpy(buf,"/etc", 32);
931 s = dirname(buf);
932 if (!s || strncmp(s, "/", 32) != 0) {
933 exit(1);
934 } else {
935 exit(0);
936 }
937}
b0e7249f 938 ]])],
939 [ ac_cv_have_broken_dirname="no" ],
940 [ ac_cv_have_broken_dirname="yes" ],
446227d6 941 [ ac_cv_have_broken_dirname="no" ],
446227d6 942 )
943 LIBS="$save_LIBS"
944 ])
945 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
946 LIBS="$LIBS -lgen"
947 AC_DEFINE(HAVE_DIRNAME)
948 AC_CHECK_HEADERS(libgen.h)
949 fi
950 ])
951])
952
953AC_CHECK_FUNC(getspnam, ,
954 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 955AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
956 [Define if you have the basename function.]))
446227d6 957
98a7c37b 958dnl zlib is required
959AC_ARG_WITH(zlib,
960 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 961 [ if test "x$withval" = "xno" ; then
962 AC_MSG_ERROR([*** zlib is required ***])
963 elif test "x$withval" != "xyes"; then
98a7c37b 964 if test -d "$withval/lib"; then
965 if test -n "${need_dash_r}"; then
5a162955 966 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 967 else
5a162955 968 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 969 fi
970 else
971 if test -n "${need_dash_r}"; then
5a162955 972 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 973 else
5a162955 974 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 975 fi
976 fi
977 if test -d "$withval/include"; then
5a162955 978 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 979 else
5a162955 980 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 981 fi
6dd05556 982 fi ]
98a7c37b 983)
984
8295689f 985AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
0a15d73b 986AC_CHECK_LIB(z, deflate, ,
987 [
988 saved_CPPFLAGS="$CPPFLAGS"
989 saved_LDFLAGS="$LDFLAGS"
990 save_LIBS="$LIBS"
991 dnl Check default zlib install dir
992 if test -n "${need_dash_r}"; then
993 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
994 else
995 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
996 fi
997 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
998 LIBS="$LIBS -lz"
999 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
1000 [
1001 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
1002 ]
1003 )
1004 ]
1005)
8068d564 1006
1007AC_ARG_WITH(zlib-version-check,
1008 [ --without-zlib-version-check Disable zlib version check],
1009 [ if test "x$withval" = "xno" ; then
1010 zlib_check_nonfatal=1
1011 fi
1012 ]
1013)
1014
5c7fc85d 1015AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 1016AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 1017#include <stdio.h>
4ad65809 1018#include <zlib.h>
1019int main()
1020{
5c7fc85d 1021 int a=0, b=0, c=0, d=0, n, v;
1022 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1023 if (n != 3 && n != 4)
4ad65809 1024 exit(1);
5c7fc85d 1025 v = a*1000000 + b*10000 + c*100 + d;
1026 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1027
1028 /* 1.1.4 is OK */
1029 if (a == 1 && b == 1 && c >= 4)
4ad65809 1030 exit(0);
5c7fc85d 1031
0072b59d 1032 /* 1.2.3 and up are OK */
1033 if (v >= 1020300)
5c7fc85d 1034 exit(0);
1035
4ad65809 1036 exit(2);
1037}
479cece8 1038 ]])],
5c7fc85d 1039 AC_MSG_RESULT(no),
1040 [ AC_MSG_RESULT(yes)
8068d564 1041 if test -z "$zlib_check_nonfatal" ; then
1042 AC_MSG_ERROR([*** zlib too old - check config.log ***
1043Your reported zlib version has known security problems. It's possible your
1044vendor has fixed these problems without changing the version number. If you
1045are sure this is the case, you can disable the check by running
1046"./configure --without-zlib-version-check".
6090bcfe 1047If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1048See http://www.gzip.org/zlib/ for details.])
8068d564 1049 else
1050 AC_MSG_WARN([zlib version may have security problems])
1051 fi
1a01a50c 1052 ],
1053 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1054)
48e7916f 1055
2c523de9 1056dnl UnixWare 2.x
aff51935 1057AC_CHECK_FUNC(strcasecmp,
2c523de9 1058 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1059)
23361281 1060AC_CHECK_FUNCS(utimes,
cda1ebcb 1061 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1062 LIBS="$LIBS -lc89"]) ]
2c523de9 1063)
4cca272e 1064
7c6d759d 1065dnl Checks for libutil functions
1066AC_CHECK_HEADERS(libutil.h)
3466e002 1067AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1068 [Define if your libraries define login()])])
b3ef88dc 1069AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1070
a738c3b0 1071AC_FUNC_STRFTIME
1072
84ceda19 1073# Check for ALTDIRFUNC glob() extension
1074AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1075AC_EGREP_CPP(FOUNDIT,
1076 [
1077 #include <glob.h>
1078 #ifdef GLOB_ALTDIRFUNC
1079 FOUNDIT
1080 #endif
aff51935 1081 ],
84ceda19 1082 [
3466e002 1083 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1084 [Define if your system glob() function has
1085 the GLOB_ALTDIRFUNC extension])
84ceda19 1086 AC_MSG_RESULT(yes)
1087 ],
1088 [
1089 AC_MSG_RESULT(no)
1090 ]
1091)
4cca272e 1092
40849fdb 1093# Check for g.gl_matchc glob() extension
1094AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1095AC_TRY_COMPILE(
13ff27b7 1096 [ #include <glob.h> ],
1097 [glob_t g; g.gl_matchc = 1;],
aff51935 1098 [
3466e002 1099 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1100 [Define if your system glob() function has
1101 gl_matchc options in glob_t])
aff51935 1102 AC_MSG_RESULT(yes)
1103 ],
1104 [
1105 AC_MSG_RESULT(no)
1106 ]
40849fdb 1107)
1108
78888bab 1109AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1110
edbe6722 1111AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1112AC_RUN_IFELSE(
479cece8 1113 [AC_LANG_SOURCE([[
edbe6722 1114#include <sys/types.h>
1115#include <dirent.h>
aec4cb4f 1116int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1117 ]])],
aff51935 1118 [AC_MSG_RESULT(yes)],
edbe6722 1119 [
1120 AC_MSG_RESULT(no)
3466e002 1121 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1122 [Define if your struct dirent expects you to
3466e002 1123 allocate extra space for d_name])
1a01a50c 1124 ],
82f4e93d 1125 [
1a01a50c 1126 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1127 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1128 ]
1129)
1130
419e26e7 1131AC_MSG_CHECKING([for /proc/pid/fd directory])
1132if test -d "/proc/$$/fd" ; then
3466e002 1133 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1134 AC_MSG_RESULT(yes)
1135else
1136 AC_MSG_RESULT(no)
1137fi
1138
278588d8 1139# Check whether user wants S/Key support
aff51935 1140SKEY_MSG="no"
278588d8 1141AC_ARG_WITH(skey,
6ff3d0dc 1142 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1143 [
1144 if test "x$withval" != "xno" ; then
1145
1146 if test "x$withval" != "xyes" ; then
1147 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1148 LDFLAGS="$LDFLAGS -L${withval}/lib"
1149 fi
1150
3466e002 1151 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1152 LIBS="-lskey $LIBS"
aff51935 1153 SKEY_MSG="yes"
82f4e93d 1154
ddceb1c8 1155 AC_MSG_CHECKING([for s/key support])
b0e7249f 1156 AC_LINK_IFELSE(
1157 [AC_LANG_SOURCE([[
ddceb1c8 1158#include <stdio.h>
1159#include <skey.h>
aec4cb4f 1160int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1161 ]])],
ddceb1c8 1162 [AC_MSG_RESULT(yes)],
278588d8 1163 [
ddceb1c8 1164 AC_MSG_RESULT(no)
278588d8 1165 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1166 ])
141fc639 1167 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1168 AC_TRY_COMPILE(
1169 [#include <stdio.h>
1170 #include <skey.h>],
1171 [(void)skeychallenge(NULL,"name","",0);],
1172 [AC_MSG_RESULT(yes)
3466e002 1173 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1174 [Define if your skeychallenge()
1175 function takes 4 arguments (NetBSD)])],
141fc639 1176 [AC_MSG_RESULT(no)]
1177 )
278588d8 1178 fi
1179 ]
1180)
1181
1182# Check whether user wants TCP wrappers support
98a7c37b 1183TCPW_MSG="no"
278588d8 1184AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1185 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1186 [
1187 if test "x$withval" != "xno" ; then
1188 saved_LIBS="$LIBS"
98a7c37b 1189 saved_LDFLAGS="$LDFLAGS"
1190 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1191 if test -n "${withval}" && \
6cf0200f 1192 test "x${withval}" != "xyes"; then
98a7c37b 1193 if test -d "${withval}/lib"; then
1194 if test -n "${need_dash_r}"; then
5a162955 1195 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1196 else
5a162955 1197 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1198 fi
1199 else
1200 if test -n "${need_dash_r}"; then
5a162955 1201 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1202 else
5a162955 1203 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1204 fi
1205 fi
1206 if test -d "${withval}/include"; then
5a162955 1207 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1208 else
5a162955 1209 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1210 fi
98a7c37b 1211 fi
e54defb4 1212 LIBS="-lwrap $LIBS"
278588d8 1213 AC_MSG_CHECKING(for libwrap)
1214 AC_TRY_LINK(
1215 [
77f09220 1216#include <sys/types.h>
1217#include <sys/socket.h>
1218#include <netinet/in.h>
278588d8 1219#include <tcpd.h>
1220 int deny_severity = 0, allow_severity = 0;
1221 ],
1222 [hosts_access(0);],
1223 [
1224 AC_MSG_RESULT(yes)
3466e002 1225 AC_DEFINE(LIBWRAP, 1,
1226 [Define if you want
1227 TCP Wrappers support])
e54defb4 1228 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1229 TCPW_MSG="yes"
278588d8 1230 ],
1231 [
1232 AC_MSG_ERROR([*** libwrap missing])
1233 ]
1234 )
ddceb1c8 1235 LIBS="$saved_LIBS"
278588d8 1236 fi
1237 ]
1238)
1239
59031773 1240# Check whether user wants libedit support
1241LIBEDIT_MSG="no"
1242AC_ARG_WITH(libedit,
6ff3d0dc 1243 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1244 [ if test "x$withval" != "xno" ; then
737edf04 1245 if test "x$withval" != "xyes"; then
bb116c8e 1246 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1247 if test -n "${need_dash_r}"; then
1248 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1249 else
1250 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1251 fi
737edf04 1252 fi
59031773 1253 AC_CHECK_LIB(edit, el_init,
3466e002 1254 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1255 LIBEDIT="-ledit -lcurses"
1256 LIBEDIT_MSG="yes"
1257 AC_SUBST(LIBEDIT)
1258 ],
737edf04 1259 [ AC_MSG_ERROR(libedit not found) ],
1260 [ -lcurses ]
59031773 1261 )
f47ddccb 1262 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1263 AC_COMPILE_IFELSE(
1264 [AC_LANG_SOURCE([[
1265#include <histedit.h>
f47ddccb 1266int main(void)
1267{
1268 int i = H_SETSIZE;
1269 el_init("", NULL, NULL, NULL);
1270 exit(0);
1271}
d92622f9 1272 ]])],
f47ddccb 1273 [ AC_MSG_RESULT(yes) ],
1274 [ AC_MSG_RESULT(no)
1275 AC_MSG_ERROR(libedit version is not compatible) ]
1276 )
59031773 1277 fi ]
1278)
1279
7b578f7d 1280AUDIT_MODULE=none
1281AC_ARG_WITH(audit,
1282 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1283 [
1284 AC_MSG_CHECKING(for supported audit module)
1285 case "$withval" in
1286 bsm)
1287 AC_MSG_RESULT(bsm)
1288 AUDIT_MODULE=bsm
1289 dnl Checks for headers, libs and functions
1290 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1291 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1292 [
1293#ifdef HAVE_TIME_H
1294# include <time.h>
1295#endif
1296 ]
1297)
7b578f7d 1298 AC_CHECK_LIB(bsm, getaudit, [],
1299 [AC_MSG_ERROR(BSM enabled and required library not found)])
1300 AC_CHECK_FUNCS(getaudit, [],
1301 [AC_MSG_ERROR(BSM enabled and required function not found)])
1302 # These are optional
a74e9b64 1303 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1304 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1305 ;;
1306 debug)
1307 AUDIT_MODULE=debug
1308 AC_MSG_RESULT(debug)
3466e002 1309 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1310 ;;
a2b3321d 1311 no)
d92622f9 1312 AC_MSG_RESULT(no)
a2b3321d 1313 ;;
7b578f7d 1314 *)
1315 AC_MSG_ERROR([Unknown audit module $withval])
1316 ;;
1317 esac ]
1318)
1319
19160674 1320dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1321AC_CHECK_FUNCS( \
1322 arc4random \
185adaf8 1323 arc4random_buf \
1324 arc4random_uniform \
9a406e1e 1325 asprintf \
b04a9f8c 1326 b64_ntop \
1327 __b64_ntop \
1328 b64_pton \
1329 __b64_pton \
1330 bcopy \
1331 bindresvport_sa \
1332 clock \
1333 closefrom \
1334 dirfd \
b04a9f8c 1335 fchmod \
1336 fchown \
1337 freeaddrinfo \
22f5e872 1338 fstatvfs \
b04a9f8c 1339 futimes \
1340 getaddrinfo \
1341 getcwd \
1342 getgrouplist \
1343 getnameinfo \
1344 getopt \
1345 getpeereid \
1961d660 1346 getpeerucred \
b04a9f8c 1347 _getpty \
1348 getrlimit \
1349 getttyent \
1350 glob \
1351 inet_aton \
1352 inet_ntoa \
1353 inet_ntop \
1354 innetgr \
1355 login_getcapbool \
1356 md5_crypt \
1357 memmove \
1358 mkdtemp \
1359 mmap \
1360 ngetaddrinfo \
1361 nsleep \
1362 ogetaddrinfo \
1363 openlog_r \
1364 openpty \
6d39a5c4 1365 poll \
b04a9f8c 1366 prctl \
1367 pstat \
1368 readpassphrase \
1369 realpath \
1370 recvmsg \
1371 rresvport_af \
1372 sendmsg \
1373 setdtablesize \
1374 setegid \
1375 setenv \
1376 seteuid \
1377 setgroups \
1378 setlogin \
1379 setpcred \
1380 setproctitle \
1381 setregid \
1382 setreuid \
1383 setrlimit \
1384 setsid \
1385 setvbuf \
1386 sigaction \
1387 sigvec \
1388 snprintf \
1389 socketpair \
4538e135 1390 statfs \
1391 statvfs \
b04a9f8c 1392 strdup \
1393 strerror \
1394 strlcat \
1395 strlcpy \
1396 strmode \
1397 strnvis \
1398 strtonum \
1e29a0c8 1399 strtoll \
b04a9f8c 1400 strtoul \
1aac2117 1401 swap32 \
b04a9f8c 1402 sysconf \
1403 tcgetpgrp \
1404 truncate \
1405 unsetenv \
1406 updwtmpx \
9a406e1e 1407 vasprintf \
b04a9f8c 1408 vhangup \
1409 vsnprintf \
1410 waitpid \
19160674 1411)
98a7c37b 1412
1a086f97 1413# IRIX has a const char return value for gai_strerror()
1414AC_CHECK_FUNCS(gai_strerror,[
1415 AC_DEFINE(HAVE_GAI_STRERROR)
1416 AC_TRY_COMPILE([
1417#include <sys/types.h>
1418#include <sys/socket.h>
1419#include <netdb.h>
1420
1421const char *gai_strerror(int);],[
1422char *str;
1423
1424str = gai_strerror(0);],[
1425 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1426 [Define if gai_strerror() returns const char *])])])
1427
3466e002 1428AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1429 [Some systems put nanosleep outside of libc]))
92b1decf 1430
309709db 1431dnl Make sure prototypes are defined for these before using them.
309709db 1432AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1433AC_CHECK_DECL(strsep,
1434 [AC_CHECK_FUNCS(strsep)],
1435 [],
1436 [
1437#ifdef HAVE_STRING_H
1438# include <string.h>
1439#endif
1440 ])
08412d26 1441
3490699c 1442dnl tcsendbreak might be a macro
1443AC_CHECK_DECL(tcsendbreak,
1444 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1445 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1446 [#include <termios.h>]
1447)
1448
41e0e158 1449AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1450
71f4c727 1451AC_CHECK_DECLS(SHUT_RD, , ,
1452 [
1453#include <sys/types.h>
1454#include <sys/socket.h>
1455 ])
956d6743 1456
1457AC_CHECK_DECLS(O_NONBLOCK, , ,
1458 [
1459#include <sys/types.h>
1460#ifdef HAVE_SYS_STAT_H
1461# include <sys/stat.h>
1462#endif
1463#ifdef HAVE_FCNTL_H
1464# include <fcntl.h>
1465#endif
1466 ])
1467
752994dd 1468AC_CHECK_DECLS(writev, , , [
1469#include <sys/types.h>
1470#include <sys/uio.h>
1471#include <unistd.h>
1472 ])
1473
0bf6279d 1474AC_CHECK_DECLS(MAXSYMLINKS, , , [
1475#include <sys/param.h>
1476 ])
1477
b41ece30 1478AC_CHECK_DECLS(offsetof, , , [
1479#include <stddef.h>
1480 ])
1481
3f176010 1482AC_CHECK_FUNCS(setresuid, [
1483 dnl Some platorms have setresuid that isn't implemented, test for this
1484 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1485 AC_RUN_IFELSE(
1486 [AC_LANG_SOURCE([[
9a3fe0e2 1487#include <stdlib.h>
1488#include <errno.h>
1489int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1490 ]])],
3f176010 1491 [AC_MSG_RESULT(yes)],
3466e002 1492 [AC_DEFINE(BROKEN_SETRESUID, 1,
1493 [Define if your setresuid() is broken])
1a01a50c 1494 AC_MSG_RESULT(not implemented)],
1495 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1496 )
1497])
9a3fe0e2 1498
3f176010 1499AC_CHECK_FUNCS(setresgid, [
1500 dnl Some platorms have setresgid that isn't implemented, test for this
1501 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1502 AC_RUN_IFELSE(
1503 [AC_LANG_SOURCE([[
9a3fe0e2 1504#include <stdlib.h>
1505#include <errno.h>
1506int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1507 ]])],
3f176010 1508 [AC_MSG_RESULT(yes)],
3466e002 1509 [AC_DEFINE(BROKEN_SETRESGID, 1,
1510 [Define if your setresgid() is broken])
1a01a50c 1511 AC_MSG_RESULT(not implemented)],
1512 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1513 )
1514])
9a3fe0e2 1515
2e73a022 1516dnl Checks for time functions
1d7b9b20 1517AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1518dnl Checks for utmp functions
b03bd394 1519AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1520AC_CHECK_FUNCS(utmpname)
2e73a022 1521dnl Checks for utmpx functions
b03bd394 1522AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1523AC_CHECK_FUNCS(setutxent utmpxname)
295dd642 1524dnl Checks for lastlog functions
1525AC_CHECK_FUNCS(getlastlogxbyname)
76cd7316 1526
aff51935 1527AC_CHECK_FUNC(daemon,
3466e002 1528 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1529 [AC_CHECK_LIB(bsd, daemon,
1530 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1531)
1532
aff51935 1533AC_CHECK_FUNC(getpagesize,
3466e002 1534 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1535 [Define if your libraries define getpagesize()])],
1536 [AC_CHECK_LIB(ucb, getpagesize,
1537 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1538)
1539
2647ae26 1540# Check for broken snprintf
1541if test "x$ac_cv_func_snprintf" = "xyes" ; then
1542 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1543 AC_RUN_IFELSE(
479cece8 1544 [AC_LANG_SOURCE([[
2647ae26 1545#include <stdio.h>
aec4cb4f 1546int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1547 ]])],
aff51935 1548 [AC_MSG_RESULT(yes)],
2647ae26 1549 [
1550 AC_MSG_RESULT(no)
3466e002 1551 AC_DEFINE(BROKEN_SNPRINTF, 1,
1552 [Define if your snprintf is busted])
2647ae26 1553 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1554 ],
1555 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1556 )
1557fi
1558
9a406e1e 1559# If we don't have a working asprintf, then we strongly depend on vsnprintf
1560# returning the right thing on overflow: the number of characters it tried to
1561# create (as per SUSv3)
1562if test "x$ac_cv_func_asprintf" != "xyes" && \
1563 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1564 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1565 AC_RUN_IFELSE(
1566 [AC_LANG_SOURCE([[
1567#include <sys/types.h>
1568#include <stdio.h>
1569#include <stdarg.h>
1570
1571int x_snprintf(char *str,size_t count,const char *fmt,...)
1572{
1573 size_t ret; va_list ap;
1574 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1575 return ret;
1576}
1577int main(void)
1578{
1579 char x[1];
1580 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1581} ]])],
1582 [AC_MSG_RESULT(yes)],
1583 [
1584 AC_MSG_RESULT(no)
1585 AC_DEFINE(BROKEN_SNPRINTF, 1,
1586 [Define if your snprintf is busted])
1587 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1588 ],
1589 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1590 )
1591fi
1592
31b0732a 1593# On systems where [v]snprintf is broken, but is declared in stdio,
1594# check that the fmt argument is const char * or just char *.
1595# This is only useful for when BROKEN_SNPRINTF
1596AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1597AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1598 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1599 int main(void) { snprintf(0, 0, 0); }
1600 ]])],
1601 [AC_MSG_RESULT(yes)
1602 AC_DEFINE(SNPRINTF_CONST, [const],
1603 [Define as const if snprintf() can declare const char *fmt])],
1604 [AC_MSG_RESULT(no)
1605 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1606
2f6f9cff 1607# Check for missing getpeereid (or equiv) support
1608NO_PEERCHECK=""
1961d660 1609if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1610 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1611 AC_TRY_COMPILE(
1612 [#include <sys/types.h>
1613 #include <sys/socket.h>],
1614 [int i = SO_PEERCRED;],
62eb7db4 1615 [ AC_MSG_RESULT(yes)
3466e002 1616 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1617 ],
2f6f9cff 1618 [AC_MSG_RESULT(no)
1619 NO_PEERCHECK=1]
1620 )
1621fi
1622
70e7d0b0 1623dnl see whether mkstemp() requires XXXXXX
1624if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1625AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1626AC_RUN_IFELSE(
1627 [AC_LANG_SOURCE([[
70e7d0b0 1628#include <stdlib.h>
1629main() { char template[]="conftest.mkstemp-test";
1630if (mkstemp(template) == -1)
1631 exit(1);
1632unlink(template); exit(0);
1633}
b0e7249f 1634 ]])],
70e7d0b0 1635 [
1636 AC_MSG_RESULT(no)
1637 ],
aff51935 1638 [
70e7d0b0 1639 AC_MSG_RESULT(yes)
3466e002 1640 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1641 ],
1642 [
1643 AC_MSG_RESULT(yes)
1644 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1645 ]
70e7d0b0 1646)
1647fi
1648
eacb954e 1649dnl make sure that openpty does not reacquire controlling terminal
1650if test ! -z "$check_for_openpty_ctty_bug"; then
1651 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1652 AC_RUN_IFELSE(
1653 [AC_LANG_SOURCE([[
eacb954e 1654#include <stdio.h>
1655#include <sys/fcntl.h>
1656#include <sys/types.h>
1657#include <sys/wait.h>
1658
1659int
1660main()
1661{
1662 pid_t pid;
1663 int fd, ptyfd, ttyfd, status;
1664
1665 pid = fork();
1666 if (pid < 0) { /* failed */
1667 exit(1);
1668 } else if (pid > 0) { /* parent */
1669 waitpid(pid, &status, 0);
aff51935 1670 if (WIFEXITED(status))
eacb954e 1671 exit(WEXITSTATUS(status));
1672 else
1673 exit(2);
1674 } else { /* child */
1675 close(0); close(1); close(2);
1676 setsid();
1677 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1678 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1679 if (fd >= 0)
1680 exit(3); /* Acquired ctty: broken */
1681 else
1682 exit(0); /* Did not acquire ctty: OK */
1683 }
1684}
b0e7249f 1685 ]])],
eacb954e 1686 [
1687 AC_MSG_RESULT(yes)
1688 ],
1689 [
1690 AC_MSG_RESULT(no)
1691 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1692 ],
1693 [
1694 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1695 ]
1696 )
1697fi
1698
4b492aab 1699if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1700 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1701 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1702 AC_RUN_IFELSE(
1703 [AC_LANG_SOURCE([[
2fe51906 1704#include <stdio.h>
1705#include <sys/socket.h>
1706#include <netdb.h>
1707#include <errno.h>
1708#include <netinet/in.h>
1709
1710#define TEST_PORT "2222"
1711
1712int
1713main(void)
1714{
1715 int err, sock;
1716 struct addrinfo *gai_ai, *ai, hints;
1717 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1718
1719 memset(&hints, 0, sizeof(hints));
1720 hints.ai_family = PF_UNSPEC;
1721 hints.ai_socktype = SOCK_STREAM;
1722 hints.ai_flags = AI_PASSIVE;
1723
1724 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1725 if (err != 0) {
1726 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1727 exit(1);
1728 }
1729
1730 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1731 if (ai->ai_family != AF_INET6)
1732 continue;
1733
1734 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1735 sizeof(ntop), strport, sizeof(strport),
1736 NI_NUMERICHOST|NI_NUMERICSERV);
1737
1738 if (err != 0) {
1739 if (err == EAI_SYSTEM)
1740 perror("getnameinfo EAI_SYSTEM");
1741 else
1742 fprintf(stderr, "getnameinfo failed: %s\n",
1743 gai_strerror(err));
1744 exit(2);
1745 }
1746
1747 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1748 if (sock < 0)
1749 perror("socket");
1750 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1751 if (errno == EBADF)
1752 exit(3);
1753 }
1754 }
1755 exit(0);
1756}
b0e7249f 1757 ]])],
2fe51906 1758 [
1759 AC_MSG_RESULT(yes)
1760 ],
1761 [
1762 AC_MSG_RESULT(no)
1763 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1764 ],
1765 [
1766 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1767 ]
1768 )
1769fi
1770
4b492aab 1771if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1772 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1773 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1774 AC_RUN_IFELSE(
1775 [AC_LANG_SOURCE([[
5ccf88cb 1776#include <stdio.h>
1777#include <sys/socket.h>
1778#include <netdb.h>
1779#include <errno.h>
1780#include <netinet/in.h>
1781
1782#define TEST_PORT "2222"
1783
1784int
1785main(void)
1786{
1787 int err, sock;
1788 struct addrinfo *gai_ai, *ai, hints;
1789 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1790
1791 memset(&hints, 0, sizeof(hints));
1792 hints.ai_family = PF_UNSPEC;
1793 hints.ai_socktype = SOCK_STREAM;
1794 hints.ai_flags = AI_PASSIVE;
1795
1796 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1797 if (err != 0) {
1798 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1799 exit(1);
1800 }
1801
1802 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1803 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1804 continue;
1805
1806 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1807 sizeof(ntop), strport, sizeof(strport),
1808 NI_NUMERICHOST|NI_NUMERICSERV);
1809
1810 if (ai->ai_family == AF_INET && err != 0) {
1811 perror("getnameinfo");
1812 exit(2);
1813 }
1814 }
1815 exit(0);
1816}
b0e7249f 1817 ]])],
5ccf88cb 1818 [
1819 AC_MSG_RESULT(yes)
3466e002 1820 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1821 [Define if you have a getaddrinfo that fails
1822 for the all-zeros IPv6 address])
5ccf88cb 1823 ],
1824 [
1825 AC_MSG_RESULT(no)
1826 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1827 ],
ecd9ec09 1828 [
b0e7249f 1829 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1830 ]
1831 )
1832fi
1833
b29fd59f 1834if test "x$check_for_conflicting_getspnam" = "x1"; then
1835 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1836 AC_COMPILE_IFELSE(
1837 [
1838#include <shadow.h>
1839int main(void) {exit(0);}
1840 ],
1841 [
1842 AC_MSG_RESULT(no)
1843 ],
1844 [
1845 AC_MSG_RESULT(yes)
1846 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1847 [Conflicting defs for getspnam])
1848 ]
1849 )
1850fi
1851
7f8f5e00 1852AC_FUNC_GETPGRP
1853
5b991353 1854# Search for OpenSSL
1855saved_CPPFLAGS="$CPPFLAGS"
1856saved_LDFLAGS="$LDFLAGS"
a0391976 1857AC_ARG_WITH(ssl-dir,
1858 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1859 [
e9e4a1c7 1860 if test "x$withval" != "xno" ; then
99eb0f64 1861 case "$withval" in
1862 # Relative paths
1863 ./*|../*) withval="`pwd`/$withval"
1864 esac
5b991353 1865 if test -d "$withval/lib"; then
1866 if test -n "${need_dash_r}"; then
1867 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1868 else
1869 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1870 fi
1871 else
5b991353 1872 if test -n "${need_dash_r}"; then
1873 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1874 else
1875 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1876 fi
1877 fi
5b991353 1878 if test -d "$withval/include"; then
1879 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1880 else
5b991353 1881 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1882 fi
a0391976 1883 fi
5b991353 1884 ]
1885)
5486a457 1886LIBS="-lcrypto $LIBS"
3466e002 1887AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1888 [Define if your ssl headers are included
1889 with #include <openssl/header.h>]),
d45e3d76 1890 [
5b991353 1891 dnl Check default openssl install dir
1892 if test -n "${need_dash_r}"; then
1893 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1894 else
5b991353 1895 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1896 fi
5b991353 1897 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
8295689f 1898 AC_CHECK_HEADER([openssl/opensslv.h], ,
1899 AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***]))
5b991353 1900 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1901 [
1902 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1903 ]
1904 )
1905 ]
1906)
1907
cd018561 1908# Determine OpenSSL header version
1909AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1910AC_RUN_IFELSE(
479cece8 1911 [AC_LANG_SOURCE([[
cd018561 1912#include <stdio.h>
1913#include <string.h>
1914#include <openssl/opensslv.h>
1915#define DATA "conftest.sslincver"
1916int main(void) {
aff51935 1917 FILE *fd;
1918 int rc;
cd018561 1919
aff51935 1920 fd = fopen(DATA,"w");
1921 if(fd == NULL)
1922 exit(1);
cd018561 1923
1924 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1925 exit(1);
1926
1927 exit(0);
1928}
479cece8 1929 ]])],
cd018561 1930 [
1931 ssl_header_ver=`cat conftest.sslincver`
1932 AC_MSG_RESULT($ssl_header_ver)
1933 ],
1934 [
1935 AC_MSG_RESULT(not found)
1936 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1937 ],
1938 [
1939 AC_MSG_WARN([cross compiling: not checking])
cd018561 1940 ]
1941)
1942
1943# Determine OpenSSL library version
1944AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1945AC_RUN_IFELSE(
479cece8 1946 [AC_LANG_SOURCE([[
cd018561 1947#include <stdio.h>
1948#include <string.h>
1949#include <openssl/opensslv.h>
1950#include <openssl/crypto.h>
1951#define DATA "conftest.ssllibver"
1952int main(void) {
aff51935 1953 FILE *fd;
1954 int rc;
cd018561 1955
aff51935 1956 fd = fopen(DATA,"w");
1957 if(fd == NULL)
1958 exit(1);
cd018561 1959
1960 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1961 exit(1);
1962
1963 exit(0);
1964}
479cece8 1965 ]])],
cd018561 1966 [
1967 ssl_library_ver=`cat conftest.ssllibver`
1968 AC_MSG_RESULT($ssl_library_ver)
1969 ],
1970 [
1971 AC_MSG_RESULT(not found)
1972 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1973 ],
1974 [
1975 AC_MSG_WARN([cross compiling: not checking])
cd018561 1976 ]
1977)
58d100bf 1978
1d42bcce 1979AC_ARG_WITH(openssl-header-check,
1980 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1981 [ if test "x$withval" = "xno" ; then
1982 openssl_check_nonfatal=1
1983 fi
1984 ]
1985)
1986
9780116c 1987# Sanity check OpenSSL headers
1988AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1989AC_RUN_IFELSE(
479cece8 1990 [AC_LANG_SOURCE([[
9780116c 1991#include <string.h>
1992#include <openssl/opensslv.h>
aec4cb4f 1993int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1994 ]])],
9780116c 1995 [
1996 AC_MSG_RESULT(yes)
1997 ],
1998 [
1999 AC_MSG_RESULT(no)
1d42bcce 2000 if test "x$openssl_check_nonfatal" = "x"; then
2001 AC_MSG_ERROR([Your OpenSSL headers do not match your
2002library. Check config.log for details.
2003If you are sure your installation is consistent, you can disable the check
2004by running "./configure --without-openssl-header-check".
2005Also see contrib/findssl.sh for help identifying header/library mismatches.
2006])
2007 else
2008 AC_MSG_WARN([Your OpenSSL headers do not match your
2009library. Check config.log for details.
e15ba28b 2010Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 2011 fi
1a01a50c 2012 ],
2013 [
2014 AC_MSG_WARN([cross compiling: not checking])
9780116c 2015 ]
2016)
2017
282d6408 2018AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2019AC_LINK_IFELSE(
2020 [AC_LANG_SOURCE([[
2021#include <openssl/evp.h>
2022int main(void) { SSLeay_add_all_algorithms(); }
2023 ]])],
2024 [
2025 AC_MSG_RESULT(yes)
2026 ],
2027 [
2028 AC_MSG_RESULT(no)
2029 saved_LIBS="$LIBS"
2030 LIBS="$LIBS -ldl"
2031 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2032 AC_LINK_IFELSE(
2033 [AC_LANG_SOURCE([[
2034#include <openssl/evp.h>
2035int main(void) { SSLeay_add_all_algorithms(); }
2036 ]])],
2037 [
2038 AC_MSG_RESULT(yes)
2039 ],
2040 [
2041 AC_MSG_RESULT(no)
2042 LIBS="$saved_LIBS"
2043 ]
2044 )
2045 ]
2046)
2047
c7ad0d99 2048AC_ARG_WITH(ssl-engine,
2049 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2050 [ if test "x$withval" != "xno" ; then
2051 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2052 AC_TRY_COMPILE(
2053 [ #include <openssl/engine.h>],
2054 [
24b2647b 2055ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2056 ],
2057 [ AC_MSG_RESULT(yes)
2058 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2059 [Enable OpenSSL engine support])
2060 ],
2061 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2062 )
2063 fi ]
2064)
2065
e5146707 2066# Check for OpenSSL without EVP_aes_{192,256}_cbc
2067AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2068AC_LINK_IFELSE(
e5146707 2069 [AC_LANG_SOURCE([[
2070#include <string.h>
2071#include <openssl/evp.h>
300ea548 2072int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2073 ]])],
2074 [
2075 AC_MSG_RESULT(no)
2076 ],
2077 [
2078 AC_MSG_RESULT(yes)
2079 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2080 [libcrypto is missing AES 192 and 256 bit functions])
2081 ]
2082)
2083
14e380c6 2084AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
2085AC_LINK_IFELSE(
2086 [AC_LANG_SOURCE([[
2087#include <string.h>
2088#include <openssl/evp.h>
2089int main(void) { if(EVP_DigestUpdate(NULL, NULL,0)) exit(0); }
2090 ]])],
2091 [
2092 AC_MSG_RESULT(yes)
2093 ],
2094 [
2095 AC_MSG_RESULT(no)
2096 AC_DEFINE(OPENSSL_EVP_DIGESTUPDATE_VOID, 1,
2097 [Define if EVP_DigestUpdate returns void])
2098 ]
2099)
2100
5486a457 2101# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2102# because the system crypt() is more featureful.
2103if test "x$check_for_libcrypt_before" = "x1"; then
2104 AC_CHECK_LIB(crypt, crypt)
2105fi
2106
aff51935 2107# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2108# version in OpenSSL.
05114c74 2109if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2110 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2111fi
2112
13ff27b7 2113# Search for SHA256 support in libc and/or OpenSSL
2114AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2115
a03acb8f 2116saved_LIBS="$LIBS"
2117AC_CHECK_LIB(iaf, ia_openinfo, [
2118 LIBS="$LIBS -liaf"
d837615a 2119 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2120 AC_DEFINE(HAVE_LIBIAF, 1,
2121 [Define if system has libiaf that supports set_id])
2122 ])
a03acb8f 2123])
2124LIBS="$saved_LIBS"
f1b0ecc3 2125
2126### Configure cryptographic random number support
2127
2128# Check wheter OpenSSL seeds itself
2129AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2130AC_RUN_IFELSE(
479cece8 2131 [AC_LANG_SOURCE([[
f1b0ecc3 2132#include <string.h>
2133#include <openssl/rand.h>
aec4cb4f 2134int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2135 ]])],
f1b0ecc3 2136 [
2137 OPENSSL_SEEDS_ITSELF=yes
2138 AC_MSG_RESULT(yes)
2139 ],
2140 [
2141 AC_MSG_RESULT(no)
2142 # Default to use of the rand helper if OpenSSL doesn't
2143 # seed itself
2144 USE_RAND_HELPER=yes
1a01a50c 2145 ],
2146 [
2147 AC_MSG_WARN([cross compiling: assuming yes])
2148 # This is safe, since all recent OpenSSL versions will
82f4e93d 2149 # complain at runtime if not seeded correctly.
1a01a50c 2150 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2151 ]
2152)
2153
a086f73b 2154# Check for PAM libs
2155PAM_MSG="no"
2156AC_ARG_WITH(pam,
2157 [ --with-pam Enable PAM support ],
2158 [
2159 if test "x$withval" != "xno" ; then
2160 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2161 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2162 AC_MSG_ERROR([PAM headers not found])
2163 fi
2164
2165 saved_LIBS="$LIBS"
2166 AC_CHECK_LIB(dl, dlopen, , )
2167 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2168 AC_CHECK_FUNCS(pam_getenvlist)
2169 AC_CHECK_FUNCS(pam_putenv)
2170 LIBS="$saved_LIBS"
2171
2172 PAM_MSG="yes"
2173
e54defb4 2174 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2175 AC_DEFINE(USE_PAM, 1,
2176 [Define if you want to enable PAM support])
282d6408 2177
a086f73b 2178 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2179 case "$LIBS" in
2180 *-ldl*)
2181 # libdl already in LIBS
2182 ;;
2183 *)
e54defb4 2184 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2185 ;;
2186 esac
a086f73b 2187 fi
a086f73b 2188 fi
2189 ]
2190)
2191
2192# Check for older PAM
2193if test "x$PAM_MSG" = "xyes" ; then
2194 # Check PAM strerror arguments (old PAM)
2195 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2196 AC_TRY_COMPILE(
2197 [
2198#include <stdlib.h>
2199#if defined(HAVE_SECURITY_PAM_APPL_H)
2200#include <security/pam_appl.h>
2201#elif defined (HAVE_PAM_PAM_APPL_H)
2202#include <pam/pam_appl.h>
2203#endif
2204 ],
2205 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2206 [AC_MSG_RESULT(no)],
2207 [
2208 AC_DEFINE(HAVE_OLD_PAM, 1,
2209 [Define if you have an old version of PAM
2210 which takes only one argument to pam_strerror])
2211 AC_MSG_RESULT(yes)
2212 PAM_MSG="yes (old library)"
2213 ]
2214 )
2215fi
f1b0ecc3 2216
2217# Do we want to force the use of the rand helper?
2218AC_ARG_WITH(rand-helper,
2219 [ --with-rand-helper Use subprocess to gather strong randomness ],
2220 [
2221 if test "x$withval" = "xno" ; then
aff51935 2222 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2223 # the previous test showed it to be unseeded.
2224 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2225 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2226 OPENSSL_SEEDS_ITSELF=yes
2227 USE_RAND_HELPER=""
2228 fi
2229 else
2230 USE_RAND_HELPER=yes
2231 fi
2232 ],
82f4e93d 2233)
f1b0ecc3 2234
2235# Which randomness source do we use?
4b492aab 2236if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2237 # OpenSSL only
3466e002 2238 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2239 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2240 RAND_MSG="OpenSSL internal ONLY"
2241 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2242elif test ! -z "$USE_RAND_HELPER" ; then
2243 # install rand helper
f1b0ecc3 2244 RAND_MSG="ssh-rand-helper"
2245 INSTALL_SSH_RAND_HELPER="yes"
2246fi
2247AC_SUBST(INSTALL_SSH_RAND_HELPER)
2248
2249### Configuration of ssh-rand-helper
2250
2251# PRNGD TCP socket
2252AC_ARG_WITH(prngd-port,
2253 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2254 [
eb5d7ff6 2255 case "$withval" in
2256 no)
2257 withval=""
2258 ;;
2259 [[0-9]]*)
2260 ;;
2261 *)
2262 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2263 ;;
2264 esac
2265 if test ! -z "$withval" ; then
f1b0ecc3 2266 PRNGD_PORT="$withval"
3466e002 2267 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2268 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2269 fi
2270 ]
2271)
2272
2273# PRNGD Unix domain socket
2274AC_ARG_WITH(prngd-socket,
2275 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2276 [
eb5d7ff6 2277 case "$withval" in
2278 yes)
f1b0ecc3 2279 withval="/var/run/egd-pool"
eb5d7ff6 2280 ;;
2281 no)
2282 withval=""
2283 ;;
2284 /*)
2285 ;;
2286 *)
2287 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2288 ;;
2289 esac
2290
2291 if test ! -z "$withval" ; then
f1b0ecc3 2292 if test ! -z "$PRNGD_PORT" ; then
2293 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2294 fi
906e811b 2295 if test ! -r "$withval" ; then
f1b0ecc3 2296 AC_MSG_WARN(Entropy socket is not readable)
2297 fi
2298 PRNGD_SOCKET="$withval"
3466e002 2299 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2300 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2301 fi
ddceb1c8 2302 ],
2303 [
2304 # Check for existing socket only if we don't have a random device already
2305 if test "$USE_RAND_HELPER" = yes ; then
2306 AC_MSG_CHECKING(for PRNGD/EGD socket)
2307 # Insert other locations here
2308 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2309 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2310 PRNGD_SOCKET="$sock"
2311 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2312 break;
2313 fi
2314 done
2315 if test ! -z "$PRNGD_SOCKET" ; then
2316 AC_MSG_RESULT($PRNGD_SOCKET)
2317 else
2318 AC_MSG_RESULT(not found)
2319 fi
2320 fi
f1b0ecc3 2321 ]
2322)
2323
2324# Change default command timeout for hashing entropy source
2325entropy_timeout=200
2326AC_ARG_WITH(entropy-timeout,
2327 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2328 [
6cf0200f 2329 if test -n "$withval" && test "x$withval" != "xno" && \
2330 test "x${withval}" != "xyes"; then
f1b0ecc3 2331 entropy_timeout=$withval
2332 fi
82f4e93d 2333 ]
f1b0ecc3 2334)
3466e002 2335AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2336 [Builtin PRNG command timeout])
f1b0ecc3 2337
fd3cbf67 2338SSH_PRIVSEP_USER=sshd
9a0fbcb3 2339AC_ARG_WITH(privsep-user,
5222e7ef 2340 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2341 [
6cf0200f 2342 if test -n "$withval" && test "x$withval" != "xno" && \
2343 test "x${withval}" != "xyes"; then
fd3cbf67 2344 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2345 fi
82f4e93d 2346 ]
9a0fbcb3 2347)
3466e002 2348AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2349 [non-privileged user for privilege separation])
fd3cbf67 2350AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2351
81dadca3 2352# We do this little dance with the search path to insure
2353# that programs that we select for use by installed programs
2354# (which may be run by the super-user) come from trusted
2355# locations before they come from the user's private area.
2356# This should help avoid accidentally configuring some
2357# random version of a program in someone's personal bin.
2358
2359OPATH=$PATH
2360PATH=/bin:/usr/bin
f95c8ce8 2361test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2362test -d /sbin && PATH=$PATH:/sbin
2363test -d /usr/sbin && PATH=$PATH:/usr/sbin
2364PATH=$PATH:/etc:$OPATH
2365
aff51935 2366# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2367OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2368OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2369OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2370OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2371OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2372OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2373OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2374OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2375OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2376OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2377OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2378OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2379OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2380OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2381OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2382OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2383# restore PATH
2384PATH=$OPATH
f1b0ecc3 2385
2386# Where does ssh-rand-helper get its randomness from?
2387INSTALL_SSH_PRNG_CMDS=""
2388if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2389 if test ! -z "$PRNGD_PORT" ; then
2390 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2391 elif test ! -z "$PRNGD_SOCKET" ; then
2392 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2393 else
2394 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2395 RAND_HELPER_CMDHASH=yes
2396 INSTALL_SSH_PRNG_CMDS="yes"
2397 fi
2398fi
2399AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2400
2401
66d6c27e 2402# Cheap hack to ensure NEWS-OS libraries are arranged right.
2403if test ! -z "$SONY" ; then
2404 LIBS="$LIBS -liberty";
2405fi
2406
9a406e1e 2407# Check for long long datatypes
2408AC_CHECK_TYPES([long long, unsigned long long, long double])
2409
2410# Check datatype sizes
976f7e19 2411AC_CHECK_SIZEOF(char, 1)
2b942fe0 2412AC_CHECK_SIZEOF(short int, 2)
2413AC_CHECK_SIZEOF(int, 4)
2414AC_CHECK_SIZEOF(long int, 4)
2415AC_CHECK_SIZEOF(long long int, 8)
2416
52f1ccb2 2417# Sanity check long long for some platforms (AIX)
2418if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2419 ac_cv_sizeof_long_long_int=0
2420fi
2421
90f15776 2422# compute LLONG_MIN and LLONG_MAX if we don't know them.
2423if test -z "$have_llong_max"; then
2424 AC_MSG_CHECKING([for max value of long long])
2425 AC_RUN_IFELSE(
2426 [AC_LANG_SOURCE([[
2427#include <stdio.h>
2428/* Why is this so damn hard? */
2429#ifdef __GNUC__
2430# undef __GNUC__
2431#endif
2432#define __USE_ISOC99
2433#include <limits.h>
2434#define DATA "conftest.llminmax"
055252ed 2435#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2436
2437/*
2438 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2439 * we do this the hard way.
2440 */
2441static int
2442fprint_ll(FILE *f, long long n)
2443{
2444 unsigned int i;
2445 int l[sizeof(long long) * 8];
2446
2447 if (n < 0)
2448 if (fprintf(f, "-") < 0)
2449 return -1;
2450 for (i = 0; n != 0; i++) {
2451 l[i] = my_abs(n % 10);
2452 n /= 10;
2453 }
2454 do {
2455 if (fprintf(f, "%d", l[--i]) < 0)
2456 return -1;
2457 } while (i != 0);
2458 if (fprintf(f, " ") < 0)
2459 return -1;
2460 return 0;
2461}
2462
90f15776 2463int main(void) {
2464 FILE *f;
2465 long long i, llmin, llmax = 0;
2466
2467 if((f = fopen(DATA,"w")) == NULL)
2468 exit(1);
2469
2470#if defined(LLONG_MIN) && defined(LLONG_MAX)
2471 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2472 llmin = LLONG_MIN;
2473 llmax = LLONG_MAX;
2474#else
2475 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2476 /* This will work on one's complement and two's complement */
2477 for (i = 1; i > llmax; i <<= 1, i++)
2478 llmax = i;
2479 llmin = llmax + 1LL; /* wrap */
2480#endif
2481
2482 /* Sanity check */
2483 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2484 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2485 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2486 fprintf(f, "unknown unknown\n");
2487 exit(2);
2488 }
2489
055252ed 2490 if (fprint_ll(f, llmin) < 0)
90f15776 2491 exit(3);
055252ed 2492 if (fprint_ll(f, llmax) < 0)
2493 exit(4);
2494 if (fclose(f) < 0)
2495 exit(5);
90f15776 2496 exit(0);
2497}
2498 ]])],
2499 [
2500 llong_min=`$AWK '{print $1}' conftest.llminmax`
2501 llong_max=`$AWK '{print $2}' conftest.llminmax`
2502
90f15776 2503 AC_MSG_RESULT($llong_max)
2504 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2505 [max value of long long calculated by configure])
2506 AC_MSG_CHECKING([for min value of long long])
2507 AC_MSG_RESULT($llong_min)
2508 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2509 [min value of long long calculated by configure])
2510 ],
2511 [
2512 AC_MSG_RESULT(not found)
2513 ],
2514 [
2515 AC_MSG_WARN([cross compiling: not checking])
2516 ]
2517 )
2518fi
2519
2520
a0391976 2521# More checks for data types
14a9a859 2522AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2523 AC_TRY_COMPILE(
aff51935 2524 [ #include <sys/types.h> ],
2525 [ u_int a; a = 1;],
14a9a859 2526 [ ac_cv_have_u_int="yes" ],
2527 [ ac_cv_have_u_int="no" ]
2528 )
2529])
2530if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2531 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2532 have_u_int=1
2533fi
2534
58d100bf 2535AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2536 AC_TRY_COMPILE(
aff51935 2537 [ #include <sys/types.h> ],
2538 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2539 [ ac_cv_have_intxx_t="yes" ],
2540 [ ac_cv_have_intxx_t="no" ]
2541 )
2542])
2543if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2544 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2545 have_intxx_t=1
2546fi
41cb4569 2547
2548if (test -z "$have_intxx_t" && \
aff51935 2549 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2550then
2551 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2552 AC_TRY_COMPILE(
aff51935 2553 [ #include <stdint.h> ],
2554 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2555 [
2556 AC_DEFINE(HAVE_INTXX_T)
2557 AC_MSG_RESULT(yes)
2558 ],
2559 [ AC_MSG_RESULT(no) ]
2560 )
2561fi
2562
bd590612 2563AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2564 AC_TRY_COMPILE(
1cbbe6c8 2565 [
2566#include <sys/types.h>
2567#ifdef HAVE_STDINT_H
2568# include <stdint.h>
2569#endif
2570#include <sys/socket.h>
2571#ifdef HAVE_SYS_BITYPES_H
2572# include <sys/bitypes.h>
2573#endif
aff51935 2574 ],
2575 [ int64_t a; a = 1;],
bd590612 2576 [ ac_cv_have_int64_t="yes" ],
2577 [ ac_cv_have_int64_t="no" ]
2578 )
2579])
2580if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2581 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2582fi
2583
58d100bf 2584AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2585 AC_TRY_COMPILE(
aff51935 2586 [ #include <sys/types.h> ],
2587 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2588 [ ac_cv_have_u_intxx_t="yes" ],
2589 [ ac_cv_have_u_intxx_t="no" ]
2590 )
2591])
2592if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2593 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2594 have_u_intxx_t=1
2595fi
2b942fe0 2596
41cb4569 2597if test -z "$have_u_intxx_t" ; then
2598 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2599 AC_TRY_COMPILE(
aff51935 2600 [ #include <sys/socket.h> ],
2601 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2602 [
2603 AC_DEFINE(HAVE_U_INTXX_T)
2604 AC_MSG_RESULT(yes)
2605 ],
2606 [ AC_MSG_RESULT(no) ]
2607 )
2608fi
2609
bd590612 2610AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2611 AC_TRY_COMPILE(
aff51935 2612 [ #include <sys/types.h> ],
2613 [ u_int64_t a; a = 1;],
bd590612 2614 [ ac_cv_have_u_int64_t="yes" ],
2615 [ ac_cv_have_u_int64_t="no" ]
2616 )
2617])
2618if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2619 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2620 have_u_int64_t=1
2621fi
2622
ddceb1c8 2623if test -z "$have_u_int64_t" ; then
2624 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2625 AC_TRY_COMPILE(
aff51935 2626 [ #include <sys/bitypes.h> ],
ddceb1c8 2627 [ u_int64_t a; a = 1],
2628 [
2629 AC_DEFINE(HAVE_U_INT64_T)
2630 AC_MSG_RESULT(yes)
2631 ],
2632 [ AC_MSG_RESULT(no) ]
2633 )
2634fi
2635
41cb4569 2636if test -z "$have_u_intxx_t" ; then
2637 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2638 AC_TRY_COMPILE(
2639 [
2640#include <sys/types.h>
aff51935 2641 ],
2642 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2643 [ ac_cv_have_uintxx_t="yes" ],
2644 [ ac_cv_have_uintxx_t="no" ]
2645 )
2646 ])
2647 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2648 AC_DEFINE(HAVE_UINTXX_T, 1,
2649 [define if you have uintxx_t data type])
41cb4569 2650 fi
2651fi
2652
2653if test -z "$have_uintxx_t" ; then
2654 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2655 AC_TRY_COMPILE(
aff51935 2656 [ #include <stdint.h> ],
2657 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2658 [
2659 AC_DEFINE(HAVE_UINTXX_T)
2660 AC_MSG_RESULT(yes)
2661 ],
2662 [ AC_MSG_RESULT(no) ]
2663 )
2664fi
2665
e5fe9a1f 2666if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2667 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2668then
2669 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2670 AC_TRY_COMPILE(
58d100bf 2671 [
2672#include <sys/bitypes.h>
aff51935 2673 ],
5cdfe03f 2674 [
837c30b8 2675 int8_t a; int16_t b; int32_t c;
2676 u_int8_t e; u_int16_t f; u_int32_t g;
2677 a = b = c = e = f = g = 1;
aff51935 2678 ],
5cdfe03f 2679 [
2680 AC_DEFINE(HAVE_U_INTXX_T)
2681 AC_DEFINE(HAVE_INTXX_T)
2682 AC_MSG_RESULT(yes)
2683 ],
2684 [AC_MSG_RESULT(no)]
aff51935 2685 )
5cdfe03f 2686fi
2687
0362750e 2688
2689AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2690 AC_TRY_COMPILE(
2691 [
2692#include <sys/types.h>
2693 ],
2694 [ u_char foo; foo = 125; ],
2695 [ ac_cv_have_u_char="yes" ],
2696 [ ac_cv_have_u_char="no" ]
2697 )
2698])
2699if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2700 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2701fi
2702
98a7c37b 2703TYPE_SOCKLEN_T
2b942fe0 2704
2d16d9a3 2705AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2706AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2707#include <sys/types.h>
2708#ifdef HAVE_SYS_BITYPES_H
2709#include <sys/bitypes.h>
2710#endif
2711#ifdef HAVE_SYS_STATFS_H
2712#include <sys/statfs.h>
2713#endif
2714#ifdef HAVE_SYS_STATVFS_H
2715#include <sys/statvfs.h>
2716#endif
2717])
ddceb1c8 2718
86783a32 2719AC_CHECK_TYPES([in_addr_t, in_port_t],,,
777ece68 2720[#include <sys/types.h>
2721#include <netinet/in.h>])
7b578f7d 2722
58d100bf 2723AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2724 AC_TRY_COMPILE(
2725 [
18ba2aab 2726#include <sys/types.h>
58d100bf 2727 ],
2728 [ size_t foo; foo = 1235; ],
2729 [ ac_cv_have_size_t="yes" ],
2730 [ ac_cv_have_size_t="no" ]
2731 )
2732])
2733if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2734 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2735fi
ea1970a3 2736
c04f75f1 2737AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2738 AC_TRY_COMPILE(
2739 [
2740#include <sys/types.h>
2741 ],
2742 [ ssize_t foo; foo = 1235; ],
2743 [ ac_cv_have_ssize_t="yes" ],
2744 [ ac_cv_have_ssize_t="no" ]
2745 )
2746])
2747if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2748 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2749fi
2750
f1c4659d 2751AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2752 AC_TRY_COMPILE(
2753 [
2754#include <time.h>
2755 ],
2756 [ clock_t foo; foo = 1235; ],
2757 [ ac_cv_have_clock_t="yes" ],
2758 [ ac_cv_have_clock_t="no" ]
2759 )
2760])
2761if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2762 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2763fi
2764
1c04b088 2765AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2766 AC_TRY_COMPILE(
2767 [
2768#include <sys/types.h>
2769#include <sys/socket.h>
2770 ],
2771 [ sa_family_t foo; foo = 1235; ],
2772 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2773 [ AC_TRY_COMPILE(
2774 [
2775#include <sys/types.h>
2776#include <sys/socket.h>
2777#include <netinet/in.h>
2778 ],
2779 [ sa_family_t foo; foo = 1235; ],
2780 [ ac_cv_have_sa_family_t="yes" ],
2781
1c04b088 2782 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2783 )]
1c04b088 2784 )
2785])
2786if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2787 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2788 [define if you have sa_family_t data type])
1c04b088 2789fi
2790
729bfe59 2791AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2792 AC_TRY_COMPILE(
2793 [
2794#include <sys/types.h>
2795 ],
2796 [ pid_t foo; foo = 1235; ],
2797 [ ac_cv_have_pid_t="yes" ],
2798 [ ac_cv_have_pid_t="no" ]
2799 )
2800])
2801if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2802 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2803fi
2804
2805AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2806 AC_TRY_COMPILE(
2807 [
2808#include <sys/types.h>
2809 ],
2810 [ mode_t foo; foo = 1235; ],
2811 [ ac_cv_have_mode_t="yes" ],
2812 [ ac_cv_have_mode_t="no" ]
2813 )
2814])
2815if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2816 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2817fi
2818
e3a93db0 2819
58d100bf 2820AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2821 AC_TRY_COMPILE(
2822 [
18ba2aab 2823#include <sys/types.h>
2824#include <sys/socket.h>
58d100bf 2825 ],
2826 [ struct sockaddr_storage s; ],
2827 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2828 [ ac_cv_have_struct_sockaddr_storage="no" ]
2829 )
2830])
2831if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2832 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2833 [define if you have struct sockaddr_storage data type])
58d100bf 2834fi
48e671d5 2835
58d100bf 2836AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2837 AC_TRY_COMPILE(
2838 [
cbd7492e 2839#include <sys/types.h>
58d100bf 2840#include <netinet/in.h>
2841 ],
2842 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2843 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2844 [ ac_cv_have_struct_sockaddr_in6="no" ]
2845 )
2846])
2847if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2848 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2849 [define if you have struct sockaddr_in6 data type])
58d100bf 2850fi
48e671d5 2851
58d100bf 2852AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2853 AC_TRY_COMPILE(
2854 [
cbd7492e 2855#include <sys/types.h>
58d100bf 2856#include <netinet/in.h>
2857 ],
2858 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2859 [ ac_cv_have_struct_in6_addr="yes" ],
2860 [ ac_cv_have_struct_in6_addr="no" ]
2861 )
2862])
2863if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2864 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2865 [define if you have struct in6_addr data type])
95e16084 2866
2867dnl Now check for sin6_scope_id
2868 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2869 [
2870#ifdef HAVE_SYS_TYPES_H
2871#include <sys/types.h>
2872#endif
2873#include <netinet/in.h>
2874 ])
58d100bf 2875fi
48e671d5 2876
58d100bf 2877AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2878 AC_TRY_COMPILE(
2879 [
18ba2aab 2880#include <sys/types.h>
2881#include <sys/socket.h>
2882#include <netdb.h>
58d100bf 2883 ],
2884 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2885 [ ac_cv_have_struct_addrinfo="yes" ],
2886 [ ac_cv_have_struct_addrinfo="no" ]
2887 )
2888])
2889if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2890 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2891 [define if you have struct addrinfo data type])
58d100bf 2892fi
2893
89c7e31c 2894AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2895 AC_TRY_COMPILE(
aff51935 2896 [ #include <sys/time.h> ],
2897 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2898 [ ac_cv_have_struct_timeval="yes" ],
2899 [ ac_cv_have_struct_timeval="no" ]
2900 )
2901])
2902if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2903 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2904 have_struct_timeval=1
2905fi
2906
5271b55c 2907AC_CHECK_TYPES(struct timespec)
2908
85abc74b 2909# We need int64_t or else certian parts of the compile will fail.
4b492aab 2910if test "x$ac_cv_have_int64_t" = "xno" && \
2911 test "x$ac_cv_sizeof_long_int" != "x8" && \
2912 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2913 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2914 echo "an alternative compiler (I.E., GCC) before continuing."
2915 echo ""
2916 exit 1;
733cf7f4 2917else
2918dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2919 AC_RUN_IFELSE(
479cece8 2920 [AC_LANG_SOURCE([[
733cf7f4 2921#include <stdio.h>
2922#include <string.h>
2923#ifdef HAVE_SNPRINTF
2924main()
2925{
2926 char buf[50];
2927 char expected_out[50];
2928 int mazsize = 50 ;
2929#if (SIZEOF_LONG_INT == 8)
2930 long int num = 0x7fffffffffffffff;
2931#else
763a1a18 2932 long long num = 0x7fffffffffffffffll;
733cf7f4 2933#endif
2934 strcpy(expected_out, "9223372036854775807");
2935 snprintf(buf, mazsize, "%lld", num);
2936 if(strcmp(buf, expected_out) != 0)
aff51935 2937 exit(1);
733cf7f4 2938 exit(0);
2939}
2940#else
2941main() { exit(0); }
2942#endif
479cece8 2943 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2944 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2945 )
2c523de9 2946fi
2947
77bb0bca 2948dnl Checks for structure members
58d100bf 2949OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2950OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2951OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2952OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2953OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2954OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2955OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2956OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2957OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2958OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2959OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2960OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2961OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2962OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2963OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2964OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2965OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2966
2967AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2968AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2969 [Define if we don't have struct __res_state in resolv.h])],
2970[
2971#include <stdio.h>
2972#if HAVE_SYS_TYPES_H
2973# include <sys/types.h>
2974#endif
2975#include <netinet/in.h>
2976#include <arpa/nameser.h>
2977#include <resolv.h>
2978])
1d7b9b20 2979
58d100bf 2980AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2981 ac_cv_have_ss_family_in_struct_ss, [
2982 AC_TRY_COMPILE(
2983 [
18ba2aab 2984#include <sys/types.h>
2985#include <sys/socket.h>
58d100bf 2986 ],
2987 [ struct sockaddr_storage s; s.ss_family = 1; ],
2988 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2989 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2990 )
2991])
2992if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2993 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2994fi
2995
58d100bf 2996AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2997 ac_cv_have___ss_family_in_struct_ss, [
2998 AC_TRY_COMPILE(
2999 [
18ba2aab 3000#include <sys/types.h>
3001#include <sys/socket.h>
58d100bf 3002 ],
3003 [ struct sockaddr_storage s; s.__ss_family = 1; ],
3004 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
3005 [ ac_cv_have___ss_family_in_struct_ss="no" ]
3006 )
3007])
3008if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 3009 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
3010 [Fields in struct sockaddr_storage])
58d100bf 3011fi
3012
2e73a022 3013AC_CACHE_CHECK([for pw_class field in struct passwd],
3014 ac_cv_have_pw_class_in_struct_passwd, [
3015 AC_TRY_COMPILE(
3016 [
2e73a022 3017#include <pwd.h>
3018 ],
97994d32 3019 [ struct passwd p; p.pw_class = 0; ],
2e73a022 3020 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
3021 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
3022 )
3023])
3024if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 3025 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
3026 [Define if your password has a pw_class field])
2e73a022 3027fi
3028
7751d4eb 3029AC_CACHE_CHECK([for pw_expire field in struct passwd],
3030 ac_cv_have_pw_expire_in_struct_passwd, [
3031 AC_TRY_COMPILE(
3032 [
3033#include <pwd.h>
3034 ],
3035 [ struct passwd p; p.pw_expire = 0; ],
3036 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3037 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3038 )
3039])
3040if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 3041 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3042 [Define if your password has a pw_expire field])
7751d4eb 3043fi
3044
3045AC_CACHE_CHECK([for pw_change field in struct passwd],
3046 ac_cv_have_pw_change_in_struct_passwd, [
3047 AC_TRY_COMPILE(
3048 [
3049#include <pwd.h>
3050 ],
3051 [ struct passwd p; p.pw_change = 0; ],
3052 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3053 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3054 )
3055])
3056if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 3057 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3058 [Define if your password has a pw_change field])
7751d4eb 3059fi
58d100bf 3060
637f9177 3061dnl make sure we're using the real structure members and not defines
6f34652e 3062AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3063 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3064 AC_COMPILE_IFELSE(
6f34652e 3065 [
f95c8ce8 3066#include <sys/types.h>
6f34652e 3067#include <sys/socket.h>
3068#include <sys/uio.h>
637f9177 3069int main() {
3070#ifdef msg_accrights
1a01a50c 3071#error "msg_accrights is a macro"
637f9177 3072exit(1);
3073#endif
3074struct msghdr m;
3075m.msg_accrights = 0;
3076exit(0);
3077}
6f34652e 3078 ],
6f34652e 3079 [ ac_cv_have_accrights_in_msghdr="yes" ],
3080 [ ac_cv_have_accrights_in_msghdr="no" ]
3081 )
3082])
3083if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3084 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3085 [Define if your system uses access rights style
3086 file descriptor passing])
6f34652e 3087fi
3088
87562a58 3089AC_MSG_CHECKING(if struct statvfs.f_fsid is integral type)
7a4f468b 3090AC_TRY_COMPILE([
3091#include <sys/types.h>
87562a58 3092#include <sys/stat.h>
3093#ifdef HAVE_SYS_TIME_H
3094# include <sys/time.h>
3095#endif
3096#ifdef HAVE_SYS_MOUNT_H
3097#include <sys/mount.h>
3098#endif
3099#ifdef HAVE_SYS_STATVFS_H
3100#include <sys/statvfs.h>
3101#endif
3102], [struct statvfs s; s.f_fsid = 0;],
3103[ AC_MSG_RESULT(yes) ],
3104[ AC_MSG_RESULT(no)
3105
3106 AC_MSG_CHECKING(if fsid_t has member val)
3107 AC_TRY_COMPILE([
3108#include <sys/types.h>
7a4f468b 3109#include <sys/statvfs.h>],
87562a58 3110 [fsid_t t; t.val[0] = 0;],
7a4f468b 3111 [ AC_MSG_RESULT(yes)
87562a58 3112 AC_DEFINE(FSID_HAS_VAL, 1, fsid_t has member val) ],
3113 [ AC_MSG_RESULT(no) ])
3114
3115 AC_MSG_CHECKING(if f_fsid has member __val)
3116 AC_TRY_COMPILE([
3117#include <sys/types.h>
3118#include <sys/statvfs.h>],
3119 [fsid_t t; t.__val[0] = 0;],
3120 [ AC_MSG_RESULT(yes)
3121 AC_DEFINE(FSID_HAS___VAL, 1, fsid_t has member __val) ],
3122 [ AC_MSG_RESULT(no) ])
3123])
7a4f468b 3124
7176df4f 3125AC_CACHE_CHECK([for msg_control field in struct msghdr],
3126 ac_cv_have_control_in_msghdr, [
1a01a50c 3127 AC_COMPILE_IFELSE(
7176df4f 3128 [
f95c8ce8 3129#include <sys/types.h>
7176df4f 3130#include <sys/socket.h>
3131#include <sys/uio.h>
637f9177 3132int main() {
3133#ifdef msg_control
1a01a50c 3134#error "msg_control is a macro"
637f9177 3135exit(1);
3136#endif
3137struct msghdr m;
3138m.msg_control = 0;
3139exit(0);
3140}
7176df4f 3141 ],
7176df4f 3142 [ ac_cv_have_control_in_msghdr="yes" ],
3143 [ ac_cv_have_control_in_msghdr="no" ]
3144 )
3145])
3146if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3147 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3148 [Define if your system uses ancillary data style
3149 file descriptor passing])
7176df4f 3150fi
3151
58d100bf 3152AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3153 AC_TRY_LINK([],
3154 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3155 [ ac_cv_libc_defines___progname="yes" ],
3156 [ ac_cv_libc_defines___progname="no" ]
3157 )
3158])
3159if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3160 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3161fi
8946db53 3162
c921ee00 3163AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3164 AC_TRY_LINK([
3165#include <stdio.h>
aff51935 3166],
3167 [ printf("%s", __FUNCTION__); ],
c921ee00 3168 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3169 [ ac_cv_cc_implements___FUNCTION__="no" ]
3170 )
3171])
3172if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3173 AC_DEFINE(HAVE___FUNCTION__, 1,
3174 [Define if compiler implements __FUNCTION__])
c921ee00 3175fi
3176
3177AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3178 AC_TRY_LINK([
3179#include <stdio.h>
aff51935 3180],
3181 [ printf("%s", __func__); ],
c921ee00 3182 [ ac_cv_cc_implements___func__="yes" ],
3183 [ ac_cv_cc_implements___func__="no" ]
3184 )
3185])
3186if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3187 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3188fi
3189
9a406e1e 3190AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3191 AC_TRY_LINK(
3192 [#include <stdarg.h>
3193 va_list x,y;],
3194 [va_copy(x,y);],
3195 [ ac_cv_have_va_copy="yes" ],
3196 [ ac_cv_have_va_copy="no" ]
3197 )
3198])
3199if test "x$ac_cv_have_va_copy" = "xyes" ; then
3200 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3201fi
3202
3203AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3204 AC_TRY_LINK(
3205 [#include <stdarg.h>
3206 va_list x,y;],
3207 [__va_copy(x,y);],
3208 [ ac_cv_have___va_copy="yes" ],
3209 [ ac_cv_have___va_copy="no" ]
3210 )
3211])
3212if test "x$ac_cv_have___va_copy" = "xyes" ; then
3213 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3214fi
3215
1812a662 3216AC_CACHE_CHECK([whether getopt has optreset support],
3217 ac_cv_have_getopt_optreset, [
3218 AC_TRY_LINK(
3219 [
3220#include <getopt.h>
3221 ],
3222 [ extern int optreset; optreset = 0; ],
3223 [ ac_cv_have_getopt_optreset="yes" ],
3224 [ ac_cv_have_getopt_optreset="no" ]
3225 )
3226])
3227if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3228 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3229 [Define if your getopt(3) defines and uses optreset])
1812a662 3230fi
a0391976 3231
819b676f 3232AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3233 AC_TRY_LINK([],
3234 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3235 [ ac_cv_libc_defines_sys_errlist="yes" ],
3236 [ ac_cv_libc_defines_sys_errlist="no" ]
3237 )
3238])
3239if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3240 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3241 [Define if your system defines sys_errlist[]])
819b676f 3242fi
3243
3244
416ed5a7 3245AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3246 AC_TRY_LINK([],
3247 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3248 [ ac_cv_libc_defines_sys_nerr="yes" ],
3249 [ ac_cv_libc_defines_sys_nerr="no" ]
3250 )
3251])
3252if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3253 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3254fi
3255
aff51935 3256SCARD_MSG="no"
295c8801 3257# Check whether user wants sectok support
3258AC_ARG_WITH(sectok,
3259 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3260 [
3261 if test "x$withval" != "xno" ; then
3262 if test "x$withval" != "xyes" ; then
3263 CPPFLAGS="$CPPFLAGS -I${withval}"
3264 LDFLAGS="$LDFLAGS -L${withval}"
3265 if test ! -z "$need_dash_r" ; then
3266 LDFLAGS="$LDFLAGS -R${withval}"
3267 fi
3268 if test ! -z "$blibpath" ; then
3269 blibpath="$blibpath:${withval}"
3270 fi
3271 fi
3272 AC_CHECK_HEADERS(sectok.h)
3273 if test "$ac_cv_header_sectok_h" != yes; then
3274 AC_MSG_ERROR(Can't find sectok.h)
3275 fi
3276 AC_CHECK_LIB(sectok, sectok_open)
3277 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3278 AC_MSG_ERROR(Can't find libsectok)
3279 fi
3466e002 3280 AC_DEFINE(SMARTCARD, 1,
3281 [Define if you want smartcard support])
3282 AC_DEFINE(USE_SECTOK, 1,
3283 [Define if you want smartcard support
3284 using sectok])
aff51935 3285 SCARD_MSG="yes, using sectok"
295c8801 3286 fi
3287 ]
3288)
3289
3290# Check whether user wants OpenSC support
987b458f 3291OPENSC_CONFIG="no"
295c8801 3292AC_ARG_WITH(opensc,
e47fb473 3293 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3294 [
3295 if test "x$withval" != "xno" ; then
3296 if test "x$withval" != "xyes" ; then
3297 OPENSC_CONFIG=$withval/bin/opensc-config
3298 else
3299 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3300 fi
3301 if test "$OPENSC_CONFIG" != "no"; then
3302 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3303 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3304 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3305 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3306 AC_DEFINE(SMARTCARD)
3466e002 3307 AC_DEFINE(USE_OPENSC, 1,
3308 [Define if you want smartcard support
3309 using OpenSC])
987b458f 3310 SCARD_MSG="yes, using OpenSC"
3311 fi
3312 fi
3313 ]
3314)
d0b19c95 3315
c31dc31c 3316# Check libraries needed by DNS fingerprint support
aff51935 3317AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3318 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3319 [Define if getrrsetbyname() exists])],
3e05e934 3320 [
c31dc31c 3321 # Needed by our getrrsetbyname()
3322 AC_SEARCH_LIBS(res_query, resolv)
3323 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3324 AC_MSG_CHECKING(if res_query will link)
3325 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3326 [AC_MSG_RESULT(no)
3327 saved_LIBS="$LIBS"
3328 LIBS="$LIBS -lresolv"
3329 AC_MSG_CHECKING(for res_query in -lresolv)
3330 AC_LINK_IFELSE([
3331#include <resolv.h>
3332int main()
3333{
3334 res_query (0, 0, 0, 0, 0);
3335 return 0;
3336}
3337 ],
3338 [LIBS="$LIBS -lresolv"
3339 AC_MSG_RESULT(yes)],
3340 [LIBS="$saved_LIBS"
3341 AC_MSG_RESULT(no)])
3342 ])
c31dc31c 3343 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3344 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3345 [#include <sys/types.h>
3346 #include <arpa/nameser.h>])
c31dc31c 3347 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3348 [AC_DEFINE(HAVE_HEADER_AD, 1,
3349 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3350 [#include <arpa/nameser.h>])
3351 ])
3e05e934 3352
560acf80 3353AC_MSG_CHECKING(if struct __res_state _res is an extern)
3354AC_LINK_IFELSE([
3355#include <stdio.h>
3356#if HAVE_SYS_TYPES_H
3357# include <sys/types.h>
3358#endif
3359#include <netinet/in.h>
3360#include <arpa/nameser.h>
3361#include <resolv.h>
3362extern struct __res_state _res;
3363int main() { return 0; }
3364 ],
3365 [AC_MSG_RESULT(yes)
3366 AC_DEFINE(HAVE__RES_EXTERN, 1,
3367 [Define if you have struct __res_state _res as an extern])
3368 ],
3369 [ AC_MSG_RESULT(no) ]
3370)
3371
ef4d1846 3372# Check whether user wants SELinux support
3373SELINUX_MSG="no"
3374LIBSELINUX=""
3375AC_ARG_WITH(selinux,
bb23b54f 3376 [ --with-selinux Enable SELinux support],
ef4d1846 3377 [ if test "x$withval" != "xno" ; then
e54defb4 3378 save_LIBS="$LIBS"
ef4d1846 3379 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3380 SELINUX_MSG="yes"
3381 AC_CHECK_HEADER([selinux/selinux.h], ,
3382 AC_MSG_ERROR(SELinux support requires selinux.h header))
3383 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3384 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3385 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3386 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3387 LIBS="$save_LIBS"
ef4d1846 3388 fi ]
3389)
ef4d1846 3390
12928e80 3391# Check whether user wants Kerberos 5 support
aff51935 3392KRB5_MSG="no"
12928e80 3393AC_ARG_WITH(kerberos5,
aff51935 3394 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3395 [ if test "x$withval" != "xno" ; then
3396 if test "x$withval" = "xyes" ; then
3397 KRB5ROOT="/usr/local"
3398 else
3399 KRB5ROOT=${withval}
3400 fi
3401
3466e002 3402 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3403 KRB5_MSG="yes"
3404
3405 AC_MSG_CHECKING(for krb5-config)
3406 if test -x $KRB5ROOT/bin/krb5-config ; then
3407 KRB5CONF=$KRB5ROOT/bin/krb5-config
3408 AC_MSG_RESULT($KRB5CONF)
3409
3410 AC_MSG_CHECKING(for gssapi support)
3411 if $KRB5CONF | grep gssapi >/dev/null ; then
3412 AC_MSG_RESULT(yes)
3466e002 3413 AC_DEFINE(GSSAPI, 1,
3414 [Define this if you want GSSAPI
3415 support in the version 2 protocol])
071970fb 3416 k5confopts=gssapi
aff51935 3417 else
5585c441 3418 AC_MSG_RESULT(no)
071970fb 3419 k5confopts=""
aff51935 3420 fi
071970fb 3421 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3422 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3423 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3424 AC_MSG_CHECKING(whether we are using Heimdal)
3425 AC_TRY_COMPILE([ #include <krb5.h> ],
3426 [ char *tmp = heimdal_version; ],
3427 [ AC_MSG_RESULT(yes)
3466e002 3428 AC_DEFINE(HEIMDAL, 1,
3429 [Define this if you are using the
3430 Heimdal version of Kerberos V5]) ],
5585c441 3431 AC_MSG_RESULT(no)
3432 )
3433 else
3434 AC_MSG_RESULT(no)
12928e80 3435 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3436 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3437 AC_MSG_CHECKING(whether we are using Heimdal)
3438 AC_TRY_COMPILE([ #include <krb5.h> ],
3439 [ char *tmp = heimdal_version; ],
3440 [ AC_MSG_RESULT(yes)
3441 AC_DEFINE(HEIMDAL)
41707f74 3442 K5LIBS="-lkrb5 -ldes"
3443 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3444 AC_CHECK_LIB(roken, net_write,
41707f74 3445 [K5LIBS="$K5LIBS -lroken"])
aff51935 3446 ],
3447 [ AC_MSG_RESULT(no)
3448 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3449 ]
3450 )
4e00038c 3451 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3452
596a825b 3453 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
749560dd 3454 [ AC_DEFINE(GSSAPI)
596a825b 3455 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3456 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
749560dd 3457 [ AC_DEFINE(GSSAPI)
596a825b 3458 K5LIBS="-lgssapi $K5LIBS" ],
749560dd 3459 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3460 $K5LIBS)
3461 ],
3462 $K5LIBS)
82f4e93d 3463
749560dd 3464 AC_CHECK_HEADER(gssapi.h, ,
3465 [ unset ac_cv_header_gssapi_h
aff51935 3466 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3467 AC_CHECK_HEADERS(gssapi.h, ,
3468 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3469 )
749560dd 3470 ]
3471 )
3472
3473 oldCPP="$CPPFLAGS"
3474 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3475 AC_CHECK_HEADER(gssapi_krb5.h, ,
3476 [ CPPFLAGS="$oldCPP" ])
3477
aff51935 3478 fi
5585c441 3479 if test ! -z "$need_dash_r" ; then
3480 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3481 fi
3482 if test ! -z "$blibpath" ; then
3483 blibpath="$blibpath:${KRB5ROOT}/lib"
3484 fi
071970fb 3485
f5555364 3486 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3487 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3488 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3489
f5555364 3490 LIBS="$LIBS $K5LIBS"
3466e002 3491 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3492 [Define this if you want to use libkafs' AFS support]))
f5555364 3493 fi
071970fb 3494 ]
12928e80 3495)
b5b68128 3496
a0391976 3497# Looking for programs, paths and files
a0391976 3498
ecac8ee5 3499PRIVSEP_PATH=/var/empty
3500AC_ARG_WITH(privsep-path,
cda1ebcb 3501 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3502 [
6cf0200f 3503 if test -n "$withval" && test "x$withval" != "xno" && \
3504 test "x${withval}" != "xyes"; then
ecac8ee5 3505 PRIVSEP_PATH=$withval
3506 fi
3507 ]
3508)
3509AC_SUBST(PRIVSEP_PATH)
3510
a0391976 3511AC_ARG_WITH(xauth,
3512 [ --with-xauth=PATH Specify path to xauth program ],
3513 [
6cf0200f 3514 if test -n "$withval" && test "x$withval" != "xno" && \
3515 test "x${withval}" != "xyes"; then
cbd7492e 3516 xauth_path=$withval
a0391976 3517 fi
3518 ],
3519 [
2bf42e4a 3520 TestPath="$PATH"
3521 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3522 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3523 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3524 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3525 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3526 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3527 xauth_path="/usr/openwin/bin/xauth"
3528 fi
3529 ]
3530)
3531
65a4b4af 3532STRIP_OPT=-s
3533AC_ARG_ENABLE(strip,
3534 [ --disable-strip Disable calling strip(1) on install],
3535 [
3536 if test "x$enableval" = "xno" ; then
3537 STRIP_OPT=
3538 fi
3539 ]
3540)
3541AC_SUBST(STRIP_OPT)
3542
b3ec54b4 3543if test -z "$xauth_path" ; then
3544 XAUTH_PATH="undefined"
3545 AC_SUBST(XAUTH_PATH)
3546else
3466e002 3547 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3548 [Define if xauth is found in your path])
b3ec54b4 3549 XAUTH_PATH=$xauth_path
3550 AC_SUBST(XAUTH_PATH)
a0391976 3551fi
a0391976 3552
3553# Check for mail directory (last resort if we cannot get it from headers)
3554if test ! -z "$MAIL" ; then
3555 maildir=`dirname $MAIL`
3466e002 3556 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3557 [Set this to your mail directory if you don't have maillock.h])
a0391976 3558fi
3559
479cece8 3560if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3561 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3562 disable_ptmx_check=yes
3563fi
a0391976 3564if test -z "$no_dev_ptmx" ; then
6e879cb4 3565 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3566 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3567 [
3466e002 3568 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3569 [Define if you have /dev/ptmx])
6e879cb4 3570 have_dev_ptmx=1
3571 ]
3572 )
3573 fi
3276571c 3574fi
1a01a50c 3575
479cece8 3576if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3577 AC_CHECK_FILE("/dev/ptc",
3578 [
3466e002 3579 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3580 [Define if you have /dev/ptc])
1a01a50c 3581 have_dev_ptc=1
3582 ]
3583 )
3584else
3585 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3586fi
3276571c 3587
a0391976 3588# Options from here on. Some of these are preset by platform above
fdf6b7aa 3589AC_ARG_WITH(mantype,
5d97cfbf 3590 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3591 [
5d97cfbf 3592 case "$withval" in
3593 man|cat|doc)
3594 MANTYPE=$withval
3595 ;;
3596 *)
3597 AC_MSG_ERROR(invalid man type: $withval)
3598 ;;
3599 esac
c54a6257 3600 ]
3601)
e0c4d3ac 3602if test -z "$MANTYPE"; then
2bf42e4a 3603 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3604 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3605 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3606 MANTYPE=doc
3607 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3608 MANTYPE=man
3609 else
3610 MANTYPE=cat
3611 fi
3612fi
c54a6257 3613AC_SUBST(MANTYPE)
e0c4d3ac 3614if test "$MANTYPE" = "doc"; then
3615 mansubdir=man;
3616else
3617 mansubdir=$MANTYPE;
3618fi
3619AC_SUBST(mansubdir)
0bc5b6fb 3620
a0391976 3621# Check whether to enable MD5 passwords
aff51935 3622MD5_MSG="no"
2ddcfdf3 3623AC_ARG_WITH(md5-passwords,
caf3bc51 3624 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3625 [
bcf36c78 3626 if test "x$withval" != "xno" ; then
3466e002 3627 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3628 [Define if you want to allow MD5 passwords])
aff51935 3629 MD5_MSG="yes"
0bc5b6fb 3630 fi
3631 ]
caf3bc51 3632)
3633
a0391976 3634# Whether to disable shadow password support
a7effaac 3635AC_ARG_WITH(shadow,
3636 [ --without-shadow Disable shadow password support],
3637 [
82f4e93d 3638 if test "x$withval" = "xno" ; then
a7effaac 3639 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3640 disable_shadow=yes
a7effaac 3641 fi
3642 ]
3643)
3644
4cb5ffa0 3645if test -z "$disable_shadow" ; then
3646 AC_MSG_CHECKING([if the systems has expire shadow information])
3647 AC_TRY_COMPILE(
3648 [
3649#include <sys/types.h>
3650#include <shadow.h>
3651 struct spwd sp;
3652 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3653 [ sp_expire_available=yes ], []
3654 )
3655
3656 if test "x$sp_expire_available" = "xyes" ; then
3657 AC_MSG_RESULT(yes)
3466e002 3658 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3659 [Define if you want to use shadow password expire field])
4cb5ffa0 3660 else
3661 AC_MSG_RESULT(no)
3662 fi
3663fi
3664
a0391976 3665# Use ip address instead of hostname in $DISPLAY
44839801 3666if test ! -z "$IPADDR_IN_DISPLAY" ; then
3667 DISPLAY_HACK_MSG="yes"
3466e002 3668 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3669 [Define if you need to use IP address
3670 instead of hostname in $DISPLAY])
44839801 3671else
aff51935 3672 DISPLAY_HACK_MSG="no"
44839801 3673 AC_ARG_WITH(ipaddr-display,
3674 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3675 [
82f4e93d 3676 if test "x$withval" != "xno" ; then
44839801 3677 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3678 DISPLAY_HACK_MSG="yes"
44839801 3679 fi
3680 ]
3681 )
3682fi
a7effaac 3683
95b99395 3684# check for /etc/default/login and use it if present.
daa41e62 3685AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3686 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3687 [ if test "x$enableval" = "xno"; then
3688 AC_MSG_NOTICE([/etc/default/login handling disabled])
3689 etc_default_login=no
3690 else
3691 etc_default_login=yes
3692 fi ],
b0e7249f 3693 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3694 then
3695 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3696 etc_default_login=no
3697 else
3698 etc_default_login=yes
3699 fi ]
694d0cef 3700)
95b99395 3701
694d0cef 3702if test "x$etc_default_login" != "xno"; then
3703 AC_CHECK_FILE("/etc/default/login",
3704 [ external_path_file=/etc/default/login ])
b0e7249f 3705 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3706 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3707 [Define if your system has /etc/default/login])
1a01a50c 3708 fi
694d0cef 3709fi
95b99395 3710
8d184c09 3711dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3712if test $ac_cv_func_login_getcapbool = "yes" && \
3713 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3714 external_path_file=/etc/login.conf
8d184c09 3715fi
95b99395 3716
a0391976 3717# Whether to mess with the default path
aff51935 3718SERVER_PATH_MSG="(default)"
c43d69a9 3719AC_ARG_WITH(default-path,
75817f90 3720 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3721 [
95b99395 3722 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3723 AC_MSG_WARN([
3724--with-default-path=PATH has no effect on this system.
3725Edit /etc/login.conf instead.])
82f4e93d 3726 elif test "x$withval" != "xno" ; then
89bbd457 3727 if test ! -z "$external_path_file" ; then
95b99395 3728 AC_MSG_WARN([
3729--with-default-path=PATH will only be used if PATH is not defined in
3730$external_path_file .])
3731 fi
b2d818e6 3732 user_path="$withval"
aff51935 3733 SERVER_PATH_MSG="$withval"
cb807f40 3734 fi
b2d818e6 3735 ],
95b99395 3736 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3737 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3738 else
89bbd457 3739 if test ! -z "$external_path_file" ; then
95b99395 3740 AC_MSG_WARN([
3741If PATH is defined in $external_path_file, ensure the path to scp is included,
3742otherwise scp will not work.])
3743 fi
b0e7249f 3744 AC_RUN_IFELSE(
3745 [AC_LANG_SOURCE([[
b2d818e6 3746/* find out what STDPATH is */
3747#include <stdio.h>
b2d818e6 3748#ifdef HAVE_PATHS_H
3749# include <paths.h>
3750#endif
3751#ifndef _PATH_STDPATH
d9a4e55b 3752# ifdef _PATH_USERPATH /* Irix */
3753# define _PATH_STDPATH _PATH_USERPATH
3754# else
3755# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3756# endif
b2d818e6 3757#endif
3758#include <sys/types.h>
3759#include <sys/stat.h>
3760#include <fcntl.h>
3761#define DATA "conftest.stdpath"
3762
3763main()
3764{
3765 FILE *fd;
3766 int rc;
82f4e93d 3767
b2d818e6 3768 fd = fopen(DATA,"w");
3769 if(fd == NULL)
3770 exit(1);
82f4e93d 3771
b2d818e6 3772 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3773 exit(1);
3774
3775 exit(0);
3776}
b0e7249f 3777 ]])],
3778 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3779 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3780 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3781 )
3782# make sure $bindir is in USER_PATH so scp will work
3783 t_bindir=`eval echo ${bindir}`
3784 case $t_bindir in
3785 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3786 esac
3787 case $t_bindir in
3788 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3789 esac
3790 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3791 if test $? -ne 0 ; then
3792 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3793 if test $? -ne 0 ; then
3794 user_path=$user_path:$t_bindir
3795 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3796 fi
3797 fi
8d184c09 3798 fi ]
cb807f40 3799)
95b99395 3800if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3801 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3802 AC_SUBST(user_path)
3803fi
cb807f40 3804
06617857 3805# Set superuser path separately to user path
06617857 3806AC_ARG_WITH(superuser-path,
3807 [ --with-superuser-path= Specify different path for super-user],
3808 [
6cf0200f 3809 if test -n "$withval" && test "x$withval" != "xno" && \
3810 test "x${withval}" != "xyes"; then
3466e002 3811 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3812 [Define if you want a different $PATH
3813 for the superuser])
06617857 3814 superuser_path=$withval
3815 fi
3816 ]
3817)
3818
3819
58d100bf 3820AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3821IPV4_IN6_HACK_MSG="no"
80faa19f 3822AC_ARG_WITH(4in6,
3823 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3824 [
3825 if test "x$withval" != "xno" ; then
3826 AC_MSG_RESULT(yes)
3466e002 3827 AC_DEFINE(IPV4_IN_IPV6, 1,
3828 [Detect IPv4 in IPv6 mapped addresses
3829 and treat as IPv4])
aff51935 3830 IPV4_IN6_HACK_MSG="yes"
80faa19f 3831 else
3832 AC_MSG_RESULT(no)
3833 fi
3834 ],[
3835 if test "x$inet6_default_4in6" = "xyes"; then
3836 AC_MSG_RESULT([yes (default)])
3837 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3838 IPV4_IN6_HACK_MSG="yes"
80faa19f 3839 else
3840 AC_MSG_RESULT([no (default)])
3841 fi
3842 ]
3843)
3844
af774732 3845# Whether to enable BSD auth support
f1b0ecc3 3846BSD_AUTH_MSG=no
af774732 3847AC_ARG_WITH(bsd-auth,
3848 [ --with-bsd-auth Enable BSD auth support],
3849 [
82f4e93d 3850 if test "x$withval" != "xno" ; then
3466e002 3851 AC_DEFINE(BSD_AUTH, 1,
3852 [Define if you have BSD auth support])
f1b0ecc3 3853 BSD_AUTH_MSG=yes
af774732 3854 fi
3855 ]
3856)
3857
a0391976 3858# Where to place sshd.pid
19d9ac2a 3859piddir=/var/run
81dadca3 3860# make sure the directory exists
82f4e93d 3861if test ! -d $piddir ; then
81dadca3 3862 piddir=`eval echo ${sysconfdir}`
3863 case $piddir in
aff51935 3864 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3865 esac
3866fi
3867
47e45e44 3868AC_ARG_WITH(pid-dir,
3869 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3870 [
6cf0200f 3871 if test -n "$withval" && test "x$withval" != "xno" && \
3872 test "x${withval}" != "xyes"; then
19d9ac2a 3873 piddir=$withval
82f4e93d 3874 if test ! -d $piddir ; then
81dadca3 3875 AC_MSG_WARN([** no $piddir directory on this system **])
3876 fi
47e45e44 3877 fi
3878 ]
3879)
b7a87eea 3880
3466e002 3881AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3882AC_SUBST(piddir)
47e45e44 3883
1d7b9b20 3884dnl allow user to disable some login recording features
3885AC_ARG_ENABLE(lastlog,
bfd550a2 3886 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3887 [
3888 if test "x$enableval" = "xno" ; then
3889 AC_DEFINE(DISABLE_LASTLOG)
3890 fi
3891 ]
1d7b9b20 3892)
3893AC_ARG_ENABLE(utmp,
bfd550a2 3894 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3895 [
3896 if test "x$enableval" = "xno" ; then
3897 AC_DEFINE(DISABLE_UTMP)
3898 fi
3899 ]
1d7b9b20 3900)
3901AC_ARG_ENABLE(utmpx,
bfd550a2 3902 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3903 [
3904 if test "x$enableval" = "xno" ; then
3466e002 3905 AC_DEFINE(DISABLE_UTMPX, 1,
3906 [Define if you don't want to use utmpx])
ddb154b3 3907 fi
3908 ]
1d7b9b20 3909)
3910AC_ARG_ENABLE(wtmp,
bfd550a2 3911 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3912 [
3913 if test "x$enableval" = "xno" ; then
3914 AC_DEFINE(DISABLE_WTMP)
3915 fi
3916 ]
1d7b9b20 3917)
3918AC_ARG_ENABLE(wtmpx,
bfd550a2 3919 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3920 [
3921 if test "x$enableval" = "xno" ; then
3466e002 3922 AC_DEFINE(DISABLE_WTMPX, 1,
3923 [Define if you don't want to use wtmpx])
ddb154b3 3924 fi
3925 ]
1d7b9b20 3926)
3927AC_ARG_ENABLE(libutil,
bfd550a2 3928 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3929 [
3930 if test "x$enableval" = "xno" ; then
3931 AC_DEFINE(DISABLE_LOGIN)
3932 fi
3933 ]
1d7b9b20 3934)
3935AC_ARG_ENABLE(pututline,
bfd550a2 3936 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3937 [
3938 if test "x$enableval" = "xno" ; then
3466e002 3939 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3940 [Define if you don't want to use pututline()
3941 etc. to write [uw]tmp])
ddb154b3 3942 fi
3943 ]
1d7b9b20 3944)
3945AC_ARG_ENABLE(pututxline,
bfd550a2 3946 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3947 [
3948 if test "x$enableval" = "xno" ; then
3466e002 3949 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3950 [Define if you don't want to use pututxline()
3951 etc. to write [uw]tmpx])
ddb154b3 3952 fi
3953 ]
1d7b9b20 3954)
3955AC_ARG_WITH(lastlog,
bfd550a2 3956 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3957 [
82f4e93d 3958 if test "x$withval" = "xno" ; then
8c89dd2b 3959 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3960 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3961 conf_lastlog_location=$withval
3962 fi
3963 ]
3964)
1d7b9b20 3965
3966dnl lastlog, [uw]tmpx? detection
3967dnl NOTE: set the paths in the platform section to avoid the
3968dnl need for command-line parameters
3969dnl lastlog and [uw]tmp are subject to a file search if all else fails
3970
3971dnl lastlog detection
3972dnl NOTE: the code itself will detect if lastlog is a directory
3973AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3974AC_TRY_COMPILE([
3975#include <sys/types.h>
3976#include <utmp.h>
3977#ifdef HAVE_LASTLOG_H
3978# include <lastlog.h>
3979#endif
d7c0f3d5 3980#ifdef HAVE_PATHS_H
1d7b9b20 3981# include <paths.h>
41cb4569 3982#endif
3983#ifdef HAVE_LOGIN_H
3984# include <login.h>
1d7b9b20 3985#endif
3986 ],
3987 [ char *lastlog = LASTLOG_FILE; ],
3988 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3989 [
3990 AC_MSG_RESULT(no)
3991 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3992 AC_TRY_COMPILE([
3993#include <sys/types.h>
3994#include <utmp.h>
3995#ifdef HAVE_LASTLOG_H
3996# include <lastlog.h>
3997#endif
3998#ifdef HAVE_PATHS_H
3999# include <paths.h>
4000#endif
4001 ],
4002 [ char *lastlog = _PATH_LASTLOG; ],
4003 [ AC_MSG_RESULT(yes) ],
4004 [
f282b668 4005 AC_MSG_RESULT(no)
d7c0f3d5 4006 system_lastlog_path=no
4007 ])
4008 ]
1d7b9b20 4009)
d7c0f3d5 4010
1d7b9b20 4011if test -z "$conf_lastlog_location"; then
4012 if test x"$system_lastlog_path" = x"no" ; then
4013 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 4014 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 4015 conf_lastlog_location=$f
4016 fi
4017 done
4018 if test -z "$conf_lastlog_location"; then
f8119cef 4019 AC_MSG_WARN([** Cannot find lastlog **])
4020 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 4021 fi
4022 fi
4023fi
4024
4025if test -n "$conf_lastlog_location"; then
3466e002 4026 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
4027 [Define if you want to specify the path to your lastlog file])
82f4e93d 4028fi
1d7b9b20 4029
4030dnl utmp detection
4031AC_MSG_CHECKING([if your system defines UTMP_FILE])
4032AC_TRY_COMPILE([
4033#include <sys/types.h>
4034#include <utmp.h>
d7c0f3d5 4035#ifdef HAVE_PATHS_H
1d7b9b20 4036# include <paths.h>
4037#endif
4038 ],
4039 [ char *utmp = UTMP_FILE; ],
4040 [ AC_MSG_RESULT(yes) ],
4041 [ AC_MSG_RESULT(no)
4042 system_utmp_path=no ]
4043)
4044if test -z "$conf_utmp_location"; then
4045 if test x"$system_utmp_path" = x"no" ; then
4046 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
4047 if test -f $f ; then
4048 conf_utmp_location=$f
4049 fi
4050 done
4051 if test -z "$conf_utmp_location"; then
4052 AC_DEFINE(DISABLE_UTMP)
4053 fi
4054 fi
4055fi
4056if test -n "$conf_utmp_location"; then
3466e002 4057 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4058 [Define if you want to specify the path to your utmp file])
82f4e93d 4059fi
1d7b9b20 4060
4061dnl wtmp detection
4062AC_MSG_CHECKING([if your system defines WTMP_FILE])
4063AC_TRY_COMPILE([
4064#include <sys/types.h>
4065#include <utmp.h>
d7c0f3d5 4066#ifdef HAVE_PATHS_H
1d7b9b20 4067# include <paths.h>
4068#endif
4069 ],
4070 [ char *wtmp = WTMP_FILE; ],
4071 [ AC_MSG_RESULT(yes) ],
4072 [ AC_MSG_RESULT(no)
4073 system_wtmp_path=no ]
4074)
4075if test -z "$conf_wtmp_location"; then
4076 if test x"$system_wtmp_path" = x"no" ; then
4077 for f in /usr/adm/wtmp /var/log/wtmp; do
4078 if test -f $f ; then
4079 conf_wtmp_location=$f
4080 fi
4081 done
4082 if test -z "$conf_wtmp_location"; then
4083 AC_DEFINE(DISABLE_WTMP)
4084 fi
4085 fi
4086fi
4087if test -n "$conf_wtmp_location"; then
3466e002 4088 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4089 [Define if you want to specify the path to your wtmp file])
82f4e93d 4090fi
1d7b9b20 4091
4092
4093dnl utmpx detection - I don't know any system so perverse as to require
4094dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4095dnl there, though.
4096AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4097AC_TRY_COMPILE([
4098#include <sys/types.h>
4099#include <utmp.h>
4100#ifdef HAVE_UTMPX_H
4101#include <utmpx.h>
4102#endif
d7c0f3d5 4103#ifdef HAVE_PATHS_H
1d7b9b20 4104# include <paths.h>
4105#endif
4106 ],
4107 [ char *utmpx = UTMPX_FILE; ],
4108 [ AC_MSG_RESULT(yes) ],
4109 [ AC_MSG_RESULT(no)
4110 system_utmpx_path=no ]
4111)
4112if test -z "$conf_utmpx_location"; then
4113 if test x"$system_utmpx_path" = x"no" ; then
4114 AC_DEFINE(DISABLE_UTMPX)
4115 fi
4116else
3466e002 4117 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4118 [Define if you want to specify the path to your utmpx file])
82f4e93d 4119fi
1d7b9b20 4120
4121dnl wtmpx detection
4122AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4123AC_TRY_COMPILE([
4124#include <sys/types.h>
4125#include <utmp.h>
4126#ifdef HAVE_UTMPX_H
4127#include <utmpx.h>
4128#endif
d7c0f3d5 4129#ifdef HAVE_PATHS_H
1d7b9b20 4130# include <paths.h>
4131#endif
4132 ],
4133 [ char *wtmpx = WTMPX_FILE; ],
4134 [ AC_MSG_RESULT(yes) ],
4135 [ AC_MSG_RESULT(no)
4136 system_wtmpx_path=no ]
4137)
4138if test -z "$conf_wtmpx_location"; then
4139 if test x"$system_wtmpx_path" = x"no" ; then
4140 AC_DEFINE(DISABLE_WTMPX)
4141 fi
4142else
3466e002 4143 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4144 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4145fi
1d7b9b20 4146
b7a87eea 4147
bd499f9e 4148if test ! -z "$blibpath" ; then
68ece370 4149 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4150 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4151fi
4152
ed89c848 4153dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4154dnl Add now.
4155CFLAGS="$CFLAGS $werror_flags"
4156
edee47f5 4157if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4158 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4159 AC_SUBST(TEST_SSH_IPV6, no)
4160else
4161 AC_SUBST(TEST_SSH_IPV6, yes)
4162fi
4163
3c62e7eb 4164AC_EXEEXT
29eadd7c 4165AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4166 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4167 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4168AC_OUTPUT
d3083fbd 4169
cbd7492e 4170# Print summary of options
4171
cbd7492e 4172# Someone please show me a better way :)
4173A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4174B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4175C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4176D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4177E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4178F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4179G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4180H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4181I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4182J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4183
4184echo ""
26de7942 4185echo "OpenSSH has been configured with the following options:"
ecac8ee5 4186echo " User binaries: $B"
4187echo " System binaries: $C"
4188echo " Configuration files: $D"
4189echo " Askpass program: $E"
4190echo " Manual pages: $F"
4191echo " PID file: $G"
4192echo " Privilege separation chroot path: $H"
95b99395 4193if test "x$external_path_file" = "x/etc/login.conf" ; then
4194echo " At runtime, sshd will use the path defined in $external_path_file"
4195echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4196else
ecac8ee5 4197echo " sshd default user PATH: $I"
89bbd457 4198 if test ! -z "$external_path_file"; then
95b99395 4199echo " (If PATH is set in $external_path_file it will be used instead. If"
4200echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4201 fi
8d184c09 4202fi
06617857 4203if test ! -z "$superuser_path" ; then
ecac8ee5 4204echo " sshd superuser user PATH: $J"
4205fi
4206echo " Manpage format: $MANTYPE"
3e05e934 4207echo " PAM support: $PAM_MSG"
5b84789f 4208echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4209echo " KerberosV support: $KRB5_MSG"
ef4d1846 4210echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4211echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4212echo " S/KEY support: $SKEY_MSG"
4213echo " TCP Wrappers support: $TCPW_MSG"
4214echo " MD5 password support: $MD5_MSG"
59031773 4215echo " libedit support: $LIBEDIT_MSG"
5b84789f 4216echo " Solaris process contract support: $SPC_MSG"
3deb1408 4217echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4218echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4219echo " BSD Auth support: $BSD_AUTH_MSG"
4220echo " Random number source: $RAND_MSG"
f1b0ecc3 4221if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4222echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4223fi
4224
cbd7492e 4225echo ""
4226
0c2fb82f 4227echo " Host: ${host}"
4228echo " Compiler: ${CC}"
4229echo " Compiler flags: ${CFLAGS}"
4230echo "Preprocessor flags: ${CPPFLAGS}"
4231echo " Linker flags: ${LDFLAGS}"
e54defb4 4232echo " Libraries: ${LIBS}"
4233if test ! -z "${SSHDLIBS}"; then
4234echo " +for sshd: ${SSHDLIBS}"
4235fi
cbd7492e 4236
4237echo ""
4238
9cefe228 4239if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4240 echo "SVR4 style packages are supported with \"make package\""
4241 echo ""
9cefe228 4242fi
4243
adeebd37 4244if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4245 echo "PAM is enabled. You may need to install a PAM control file "
4246 echo "for sshd, otherwise password authentication may fail. "
aff51935 4247 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4248 echo "subdirectory"
adeebd37 4249 echo ""
4250fi
4251
f1b0ecc3 4252if test ! -z "$RAND_HELPER_CMDHASH" ; then
4253 echo "WARNING: you are using the builtin random number collection "
4254 echo "service. Please read WARNING.RNG and request that your OS "
4255 echo "vendor includes kernel-based random number collection in "
4256 echo "future versions of your OS."
2c523de9 4257 echo ""
4258fi
af774732 4259
2f6f9cff 4260if test ! -z "$NO_PEERCHECK" ; then
1961d660 4261 echo "WARNING: the operating system that you are using does not"
4262 echo "appear to support getpeereid(), getpeerucred() or the"
4263 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4264 echo "enforce security checks to prevent unauthorised connections to"
4265 echo "ssh-agent. Their absence increases the risk that a malicious"
4266 echo "user can connect to your agent."
2f6f9cff 4267 echo ""
4268fi
4269
7b578f7d 4270if test "$AUDIT_MODULE" = "bsm" ; then
4271 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4272 echo "See the Solaris section in README.platform for details."
4273fi
git-cvsimport mirror of OpenSSH
This page took 1.122652 seconds and 5 git commands to generate.