]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (tim) [buildpkg.sh.in openssh.xml.in] Clean up Solaris 10 smf(5) bits.
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
aa56f760 130# Allow user to specify flags
131AC_ARG_WITH(cflags,
132 [ --with-cflags Specify additional flags to pass to compiler],
133 [
134 if test -n "$withval" && test "x$withval" != "xno" && \
135 test "x${withval}" != "xyes"; then
136 CFLAGS="$CFLAGS $withval"
137 fi
138 ]
139)
140AC_ARG_WITH(cppflags,
141 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
142 [
143 if test -n "$withval" && test "x$withval" != "xno" && \
144 test "x${withval}" != "xyes"; then
145 CPPFLAGS="$CPPFLAGS $withval"
146 fi
147 ]
148)
149AC_ARG_WITH(ldflags,
150 [ --with-ldflags Specify additional flags to pass to linker],
151 [
152 if test -n "$withval" && test "x$withval" != "xno" && \
153 test "x${withval}" != "xyes"; then
154 LDFLAGS="$LDFLAGS $withval"
155 fi
156 ]
157)
158AC_ARG_WITH(libs,
159 [ --with-libs Specify additional libraries to link with],
160 [
161 if test -n "$withval" && test "x$withval" != "xno" && \
162 test "x${withval}" != "xyes"; then
163 LIBS="$LIBS $withval"
164 fi
165 ]
166)
167AC_ARG_WITH(Werror,
168 [ --with-Werror Build main code with -Werror],
169 [
170 if test -n "$withval" && test "x$withval" != "xno"; then
171 werror_flags="-Werror"
172 if test "x${withval}" != "xyes"; then
173 werror_flags="$withval"
174 fi
175 fi
176 ]
177)
178
179AC_CHECK_HEADERS( \
180 bstring.h \
181 crypt.h \
182 crypto/sha2.h \
183 dirent.h \
184 endian.h \
185 features.h \
186 fcntl.h \
187 floatingpoint.h \
188 getopt.h \
189 glob.h \
190 ia.h \
191 iaf.h \
192 limits.h \
193 login.h \
194 maillock.h \
195 ndir.h \
196 net/if_tun.h \
197 netdb.h \
198 netgroup.h \
199 pam/pam_appl.h \
200 paths.h \
201 pty.h \
202 readpassphrase.h \
203 rpc/types.h \
204 security/pam_appl.h \
205 sha2.h \
206 shadow.h \
207 stddef.h \
208 stdint.h \
209 string.h \
210 strings.h \
211 sys/audit.h \
212 sys/bitypes.h \
213 sys/bsdtty.h \
214 sys/cdefs.h \
215 sys/dir.h \
216 sys/mman.h \
217 sys/ndir.h \
218 sys/prctl.h \
219 sys/pstat.h \
220 sys/select.h \
221 sys/stat.h \
222 sys/stream.h \
223 sys/stropts.h \
224 sys/strtio.h \
225 sys/sysmacros.h \
226 sys/time.h \
227 sys/timers.h \
228 sys/un.h \
229 time.h \
230 tmpdir.h \
231 ttyent.h \
232 unistd.h \
233 usersec.h \
234 util.h \
235 utime.h \
236 utmp.h \
237 utmpx.h \
238 vis.h \
239)
240
241# lastlog.h requires sys/time.h to be included first on Solaris
242AC_CHECK_HEADERS(lastlog.h, [], [], [
243#ifdef HAVE_SYS_TIME_H
244# include <sys/time.h>
245#endif
246])
247
248# sys/ptms.h requires sys/stream.h to be included first on Solaris
249AC_CHECK_HEADERS(sys/ptms.h, [], [], [
250#ifdef HAVE_SYS_STREAM_H
251# include <sys/stream.h>
252#endif
253])
254
255# login_cap.h requires sys/types.h on NetBSD
256AC_CHECK_HEADERS(login_cap.h, [], [], [
257#include <sys/types.h>
258])
259
5b84789f 260# Messages for features tested for in target-specific section
261SIA_MSG="no"
262SPC_MSG="no"
263
a0391976 264# Check for some target-specific stuff
a7effaac 265case "$host" in
9d6b1b96 266*-*-aix*)
25a2779b 267 # Some versions of VAC won't allow macro redefinitions at
268 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
269 # particularly with older versions of vac or xlc.
270 # It also throws errors about null macro argments, but these are
271 # not fatal.
272 AC_MSG_CHECKING(if compiler allows macro redefinitions)
273 AC_COMPILE_IFELSE(
274 [AC_LANG_SOURCE([[
275#define testmacro foo
276#define testmacro bar
277int main(void) { exit(0); }
278 ]])],
279 [ AC_MSG_RESULT(yes) ],
280 [ AC_MSG_RESULT(no)
281 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
282 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
283 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
284 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
285 ]
286 )
287
aff51935 288 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 289 if (test -z "$blibpath"); then
0a15d73b 290 blibpath="/usr/lib:/lib"
68ece370 291 fi
292 saved_LDFLAGS="$LDFLAGS"
e7479666 293 if test "$GCC" = "yes"; then
294 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
295 else
296 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
297 fi
298 for tryflags in $flags ;do
68ece370 299 if (test -z "$blibflags"); then
300 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
301 AC_TRY_LINK([], [], [blibflags=$tryflags])
302 fi
303 done
304 if (test -z "$blibflags"); then
305 AC_MSG_RESULT(not found)
306 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
307 else
308 AC_MSG_RESULT($blibflags)
bd499f9e 309 fi
68ece370 310 LDFLAGS="$saved_LDFLAGS"
e351e493 311 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 312 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
313 [Define if you want to enable AIX4's authenticate function])],
0764e748 314 [AC_CHECK_LIB(s,authenticate,
e351e493 315 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 316 LIBS="$LIBS -ls"
317 ])
318 ])
ba603e06 319 dnl Check for various auth function declarations in headers.
c85ed8e2 320 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 321 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 322 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 323 AC_CHECK_DECLS(loginfailed,
e351e493 324 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
325 AC_TRY_COMPILE(
f58c0e01 326 [#include <usersec.h>],
e351e493 327 [(void)loginfailed("user","host","tty",0);],
328 [AC_MSG_RESULT(yes)
3466e002 329 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
330 [Define if your AIX loginfailed() function
331 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 332 [AC_MSG_RESULT(no)]
e351e493 333 )],
334 [],
335 [#include <usersec.h>]
336 )
2aa3a16c 337 AC_CHECK_FUNCS(setauthdb)
53c337ed 338 AC_CHECK_DECL(F_CLOSEM,
795e7517 339 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 340 [],
341 [ #include <limits.h>
342 #include <fcntl.h> ]
343 )
5ccf88cb 344 check_for_aix_broken_getaddrinfo=1
3466e002 345 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
346 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
347 [Define if your platform breaks doing a seteuid before a setuid])
348 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
349 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 350 dnl AIX handles lastlog as part of its login message
3466e002 351 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
352 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
353 [Some systems need a utmpx entry for /bin/login to work])
354 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
355 [Define to a Set Process Title type if your system is
356 supported by bsd-setproctitle.c])
961c2997 357 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
358 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 359 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 360 ;;
3c62e7eb 361*-*-cygwin*)
a52997bd 362 check_for_libcrypt_later=1
ffb8d130 363 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 364 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
365 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
366 AC_DEFINE(DISABLE_SHADOW, 1,
367 [Define if you want to disable shadow passwords])
368 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
369 [Define if your system choked on IP TOS setting])
370 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
371 [Define if X11 doesn't support AF_UNIX sockets on that system])
372 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
373 [Define if the concept of ports only accessible to
374 superusers isn't known])
375 AC_DEFINE(DISABLE_FD_PASSING, 1,
376 [Define if your platform needs to skip post auth
377 file descriptor passing])
3c62e7eb 378 ;;
d6fdb079 379*-*-dgux*)
380 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 381 AC_DEFINE(SETEUID_BREAKS_SETUID)
382 AC_DEFINE(BROKEN_SETREUID)
383 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 384 ;;
39c98ef7 385*-*-darwin*)
33e2e066 386 AC_MSG_CHECKING(if we have working getaddrinfo)
387 AC_TRY_RUN([#include <mach-o/dyld.h>
388main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
389 exit(0);
390 else
391 exit(1);
392}], [AC_MSG_RESULT(working)],
393 [AC_MSG_RESULT(buggy)
3466e002 394 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 395 [AC_MSG_RESULT(assume it is working)])
635e0c42 396 AC_DEFINE(SETEUID_BREAKS_SETUID)
397 AC_DEFINE(BROKEN_SETREUID)
398 AC_DEFINE(BROKEN_SETREGID)
3466e002 399 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
400 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 401 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
402 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
403 [Use tunnel device compatibility to OpenBSD])
404 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
405 [Prepend the address family to IP tunnel traffic])
39c98ef7 406 ;;
36f36ba3 407*-*-dragonfly*)
408 SSHDLIBS="$SSHDLIBS -lcrypt"
409 ;;
7d458c86 410*-*-hpux*)
411 # first we define all of the options common to all HP-UX releases
b8fea62d 412 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 413 IPADDR_IN_DISPLAY=yes
2b10f47a 414 AC_DEFINE(USE_PIPES)
3466e002 415 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
416 [Define if your login program cannot handle end of options ("--")])
a2572aa7 417 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 418 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
419 [String used in /etc/passwd to denote locked account])
3a2b2b44 420 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 421 MAIL="/var/mail/username"
f75ca46d 422 LIBS="$LIBS -lsec"
7d458c86 423 AC_CHECK_LIB(xnet, t_error, ,
424 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
425
426 # next, we define all of the options specific to major releases
427 case "$host" in
428 *-*-hpux10*)
429 if test -z "$GCC"; then
430 CFLAGS="$CFLAGS -Ae"
431 fi
432 ;;
433 *-*-hpux11*)
3466e002 434 AC_DEFINE(PAM_SUN_CODEBASE, 1,
435 [Define if you are using Solaris-derived PAM which
436 passes pam_messages to the conversation function
437 with an extra level of indirection])
438 AC_DEFINE(DISABLE_UTMP, 1,
439 [Define if you don't want to use utmp])
7d458c86 440 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
441 check_for_hpux_broken_getaddrinfo=1
442 check_for_conflicting_getspnam=1
443 ;;
444 esac
445
446 # lastly, we define options specific to minor releases
447 case "$host" in
448 *-*-hpux10.26)
3466e002 449 AC_DEFINE(HAVE_SECUREWARE, 1,
450 [Define if you have SecureWare-based
451 protected password database])
7d458c86 452 disable_ptmx_check=yes
453 LIBS="$LIBS -lsecpw"
454 ;;
455 esac
2b763e31 456 ;;
d94aa2ae 457*-*-irix5*)
6ac7829a 458 PATH="$PATH:/usr/etc"
3466e002 459 AC_DEFINE(BROKEN_INET_NTOA, 1,
460 [Define if you system's inet_ntoa is busted
461 (e.g. Irix gcc issue)])
cb433561 462 AC_DEFINE(SETEUID_BREAKS_SETUID)
463 AC_DEFINE(BROKEN_SETREUID)
464 AC_DEFINE(BROKEN_SETREGID)
3466e002 465 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
466 [Define if you shouldn't strip 'tty' from your
467 ttyname in [uw]tmp])
3e6e3da0 468 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 469 ;;
470*-*-irix6*)
6ac7829a 471 PATH="$PATH:/usr/etc"
3466e002 472 AC_DEFINE(WITH_IRIX_ARRAY, 1,
473 [Define if you have/want arrays
474 (cluster-wide session managment, not C arrays)])
475 AC_DEFINE(WITH_IRIX_PROJECT, 1,
476 [Define if you want IRIX project management])
477 AC_DEFINE(WITH_IRIX_AUDIT, 1,
478 [Define if you want IRIX audit trails])
479 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
480 [Define if you want IRIX kernel jobs])])
416ed5a7 481 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 482 AC_DEFINE(SETEUID_BREAKS_SETUID)
483 AC_DEFINE(BROKEN_SETREUID)
484 AC_DEFINE(BROKEN_SETREGID)
3466e002 485 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 486 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 487 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 488 ;;
5cdfe03f 489*-*-linux*)
490 no_dev_ptmx=1
717057b6 491 check_for_libcrypt_later=1
eacb954e 492 check_for_openpty_ctty_bug=1
3466e002 493 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
494 AC_DEFINE(PAM_TTY_KLUDGE, 1,
495 [Work around problematic Linux PAM modules handling of PAM_TTY])
496 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
497 [String used in /etc/passwd to denote locked account])
3a2b2b44 498 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 499 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
500 [Define to whatever link() returns for "not supported"
501 if it doesn't return EOPNOTSUPP.])
b6610e8f 502 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 503 AC_DEFINE(USE_BTMP)
80faa19f 504 inet6_default_4in6=yes
bf7c1e6c 505 case `uname -r` in
ad84c479 506 1.*|2.0.*)
3466e002 507 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
508 [Define if cmsg_type is not passed correctly])
bf7c1e6c 509 ;;
bf7c1e6c 510 esac
c40f09ca 511 # tun(4) forwarding compat code
d91775e1 512 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 513 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 514 AC_DEFINE(SSH_TUN_LINUX, 1,
515 [Open tunnel devices the Linux tun/tap way])
516 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
517 [Use tunnel device compatibility to OpenBSD])
518 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
519 [Prepend the address family to IP tunnel traffic])
520 fi
5cdfe03f 521 ;;
66d6c27e 522mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 523 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 524 SONY=1
66d6c27e 525 ;;
d468fc76 526*-*-netbsd*)
33e2e066 527 check_for_libcrypt_before=1
82f4e93d 528 if test "x$withval" != "xno" ; then
e6354014 529 need_dash_r=1
530 fi
0f6cb079 531 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
532 AC_CHECK_HEADER([net/if_tap.h], ,
533 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
534 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
535 [Prepend the address family to IP tunnel traffic])
d468fc76 536 ;;
86b416a7 537*-*-freebsd*)
538 check_for_libcrypt_later=1
988c5031 539 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 540 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
541 AC_CHECK_HEADER([net/if_tap.h], ,
542 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 543 ;;
8707b7eb 544*-*-bsdi*)
545 AC_DEFINE(SETEUID_BREAKS_SETUID)
546 AC_DEFINE(BROKEN_SETREUID)
547 AC_DEFINE(BROKEN_SETREGID)
548 ;;
729bfe59 549*-next-*)
729bfe59 550 conf_lastlog_location="/usr/adm/lastlog"
698d107e 551 conf_utmp_location=/etc/utmp
552 conf_wtmp_location=/usr/adm/wtmp
553 MAIL=/usr/spool/mail
3466e002 554 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 555 AC_DEFINE(BROKEN_REALPATH)
00937921 556 AC_DEFINE(USE_PIPES)
3466e002 557 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 558 ;;
5b7b5e23 559*-*-openbsd*)
560 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 561 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 562 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 563 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
564 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 565 ;;
9d6b1b96 566*-*-solaris*)
82f4e93d 567 if test "x$withval" != "xno" ; then
010e9d5b 568 need_dash_r=1
569 fi
adeebd37 570 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 571 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 572 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
573 [Some versions of /bin/login need the TERM supplied
574 on the commandline])
7f0a4ff1 575 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 576 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
577 [Define if pam_chauthtok wants real uid set
578 to the unpriv'ed user])
3e6e3da0 579 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 580 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 581 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
582 [Define if sshd somehow reacquires a controlling TTY
583 after setsid()])
795aa5f5 584 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
585 in case the name is longer than 8 chars])
95b99395 586 external_path_file=/etc/default/login
1d7b9b20 587 # hardwire lastlog location (can't detect it on some versions)
588 conf_lastlog_location="/var/adm/lastlog"
32c80420 589 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
590 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
591 if test "$sol2ver" -ge 8; then
592 AC_MSG_RESULT(yes)
593 AC_DEFINE(DISABLE_UTMP)
3466e002 594 AC_DEFINE(DISABLE_WTMP, 1,
595 [Define if you don't want to use wtmp])
32c80420 596 else
597 AC_MSG_RESULT(no)
598 fi
5b84789f 599 AC_ARG_WITH(solaris-contracts,
600 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
601 [
602 AC_CHECK_LIB(contract, ct_tmpl_activate,
603 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
604 [Define if you have Solaris process contracts])
605 SSHDLIBS="$SSHDLIBS -lcontract"
606 AC_SUBST(SSHDLIBS)
607 SPC_MSG="yes" ], )
608 ],
609 )
9d6b1b96 610 ;;
a423beaf 611*-*-sunos4*)
0c2fb82f 612 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 613 AC_CHECK_FUNCS(getpwanam)
adeebd37 614 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 615 conf_utmp_location=/etc/utmp
616 conf_wtmp_location=/var/adm/wtmp
617 conf_lastlog_location=/var/adm/lastlog
137d7b6c 618 AC_DEFINE(USE_PIPES)
a423beaf 619 ;;
6f68f28a 620*-ncr-sysv*)
98a7c37b 621 LIBS="$LIBS -lc89"
29525240 622 AC_DEFINE(USE_PIPES)
eabb99c6 623 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 624 AC_DEFINE(SETEUID_BREAKS_SETUID)
625 AC_DEFINE(BROKEN_SETREUID)
626 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 627 ;;
132dd316 628*-sni-sysv*)
c8c15bcb 629 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 630 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 631 # -lresolv needs to be at the end of LIBS or DNS lookups break
632 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 633 IPADDR_IN_DISPLAY=yes
634 AC_DEFINE(USE_PIPES)
132dd316 635 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 636 AC_DEFINE(SETEUID_BREAKS_SETUID)
637 AC_DEFINE(BROKEN_SETREUID)
638 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 639 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 640 external_path_file=/etc/default/login
c8c15bcb 641 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
642 # Attention: always take care to bind libsocket and libnsl before libc,
643 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 644 ;;
79a7ba96 645# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 646*-*-sysv4.2*)
ed6553e2 647 AC_DEFINE(USE_PIPES)
7ed101c0 648 AC_DEFINE(SETEUID_BREAKS_SETUID)
649 AC_DEFINE(BROKEN_SETREUID)
650 AC_DEFINE(BROKEN_SETREGID)
46f853b9 651 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 652 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 653 ;;
79a7ba96 654# UnixWare 7.x, OpenUNIX 8
77bb0bca 655*-*-sysv5*)
d7d2cc6e 656 check_for_libcrypt_later=1
657 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 658 AC_DEFINE(USE_PIPES)
7ed101c0 659 AC_DEFINE(SETEUID_BREAKS_SETUID)
660 AC_DEFINE(BROKEN_SETREUID)
661 AC_DEFINE(BROKEN_SETREGID)
3466e002 662 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 663 case "$host" in
664 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
665 TEST_SHELL=/u95/bin/sh
3466e002 666 AC_DEFINE(BROKEN_LIBIAF, 1,
667 [ia_uinfo routines not supported by OS yet])
5cc6ddad 668 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 669 ;;
e45da4d6 670 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
671 ;;
822015dd 672 esac
77bb0bca 673 ;;
9d6b1b96 674*-*-sysv*)
9d6b1b96 675 ;;
79a7ba96 676# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 677*-*-sco3.2v4*)
11cf4f1f 678 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 679 ;;
79a7ba96 680# SCO OpenServer 5.x
77bb0bca 681*-*-sco3.2v5*)
21710e39 682 if test -z "$GCC"; then
683 CFLAGS="$CFLAGS -belf"
684 fi
ed6553e2 685 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 686 no_dev_ptmx=1
ed6553e2 687 AC_DEFINE(USE_PIPES)
6e879cb4 688 AC_DEFINE(HAVE_SECUREWARE)
d287c664 689 AC_DEFINE(DISABLE_SHADOW)
94d8258b 690 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 691 AC_DEFINE(SETEUID_BREAKS_SETUID)
692 AC_DEFINE(BROKEN_SETREUID)
693 AC_DEFINE(BROKEN_SETREGID)
bcebad47 694 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 695 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 696 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 697 AC_CHECK_FUNCS(getluid setluid)
533875af 698 MANTYPE=man
a3245b92 699 TEST_SHELL=ksh
509b1f88 700 ;;
ccbb983c 701*-*-unicosmk*)
3466e002 702 AC_DEFINE(NO_SSH_LASTLOG, 1,
703 [Define if you don't want to use lastlog in session.c])
c1ad5966 704 AC_DEFINE(SETEUID_BREAKS_SETUID)
705 AC_DEFINE(BROKEN_SETREUID)
706 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 707 AC_DEFINE(USE_PIPES)
708 AC_DEFINE(DISABLE_FD_PASSING)
709 LDFLAGS="$LDFLAGS"
710 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
711 MANTYPE=cat
d262b7f2 712 ;;
7b9a8c6e 713*-*-unicosmp*)
c1ad5966 714 AC_DEFINE(SETEUID_BREAKS_SETUID)
715 AC_DEFINE(BROKEN_SETREUID)
716 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 717 AC_DEFINE(WITH_ABBREV_NO_TTY)
718 AC_DEFINE(USE_PIPES)
719 AC_DEFINE(DISABLE_FD_PASSING)
720 LDFLAGS="$LDFLAGS"
c1ad5966 721 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 722 MANTYPE=cat
723 ;;
ca5c7d6a 724*-*-unicos*)
c1ad5966 725 AC_DEFINE(SETEUID_BREAKS_SETUID)
726 AC_DEFINE(BROKEN_SETREUID)
727 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 728 AC_DEFINE(USE_PIPES)
94d8258b 729 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 730 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 731 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
732 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
733 MANTYPE=cat
a704dd54 734 ;;
4d33e531 735*-dec-osf*)
99c8ddac 736 AC_MSG_CHECKING(for Digital Unix SIA)
737 no_osfsia=""
738 AC_ARG_WITH(osfsia,
739 [ --with-osfsia Enable Digital Unix SIA],
740 [
741 if test "x$withval" = "xno" ; then
742 AC_MSG_RESULT(disabled)
743 no_osfsia=1
744 fi
745 ],
746 )
747 if test -z "$no_osfsia" ; then
4d33e531 748 if test -f /etc/sia/matrix.conf; then
749 AC_MSG_RESULT(yes)
3466e002 750 AC_DEFINE(HAVE_OSF_SIA, 1,
751 [Define if you have Digital Unix Security
752 Integration Architecture])
753 AC_DEFINE(DISABLE_LOGIN, 1,
754 [Define if you don't want to use your
755 system's login() call])
58d0df4e 756 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 757 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 758 SIA_MSG="yes"
4d33e531 759 else
760 AC_MSG_RESULT(no)
3466e002 761 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
762 [String used in /etc/passwd to denote locked account])
4d33e531 763 fi
764 fi
a6e67b60 765 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 766 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 767 AC_DEFINE(BROKEN_SETREUID)
768 AC_DEFINE(BROKEN_SETREGID)
4d33e531 769 ;;
41cb4569 770
9c54c067 771*-*-nto-qnx*)
41cb4569 772 AC_DEFINE(USE_PIPES)
773 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 774 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
775 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
776 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 777 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 778 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 779 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 780 ;;
35fc74ed 781
782*-*-ultrix*)
3466e002 783 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
784 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 785 AC_DEFINE(NEED_SETPGRP)
b5765e1d 786 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
787 ;;
157b6700 788
789*-*-lynxos)
790 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 791 AC_DEFINE(MISSING_HOWMANY)
157b6700 792 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
793 ;;
a7effaac 794esac
795
c5829391 796AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 797AC_RUN_IFELSE(
798 [AC_LANG_SOURCE([
c5829391 799#include <stdio.h>
800int main(){exit(0);}
479cece8 801 ])],
c5829391 802 [ AC_MSG_RESULT(yes) ],
803 [
804 AC_MSG_RESULT(no)
805 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 806 ],
807 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 808)
809
b04a9f8c 810dnl Checks for header files.
a0391976 811# Checks for libraries.
98a7c37b 812AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
813AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 814
446227d6 815dnl IRIX and Solaris 2.5.1 have dirname() in libgen
816AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
817 AC_CHECK_LIB(gen, dirname,[
818 AC_CACHE_CHECK([for broken dirname],
819 ac_cv_have_broken_dirname, [
820 save_LIBS="$LIBS"
821 LIBS="$LIBS -lgen"
b0e7249f 822 AC_RUN_IFELSE(
823 [AC_LANG_SOURCE([[
446227d6 824#include <libgen.h>
825#include <string.h>
826
827int main(int argc, char **argv) {
828 char *s, buf[32];
829
830 strncpy(buf,"/etc", 32);
831 s = dirname(buf);
832 if (!s || strncmp(s, "/", 32) != 0) {
833 exit(1);
834 } else {
835 exit(0);
836 }
837}
b0e7249f 838 ]])],
839 [ ac_cv_have_broken_dirname="no" ],
840 [ ac_cv_have_broken_dirname="yes" ],
446227d6 841 [ ac_cv_have_broken_dirname="no" ],
446227d6 842 )
843 LIBS="$save_LIBS"
844 ])
845 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
846 LIBS="$LIBS -lgen"
847 AC_DEFINE(HAVE_DIRNAME)
848 AC_CHECK_HEADERS(libgen.h)
849 fi
850 ])
851])
852
853AC_CHECK_FUNC(getspnam, ,
854 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 855AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
856 [Define if you have the basename function.]))
446227d6 857
98a7c37b 858dnl zlib is required
859AC_ARG_WITH(zlib,
860 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 861 [ if test "x$withval" = "xno" ; then
862 AC_MSG_ERROR([*** zlib is required ***])
863 elif test "x$withval" != "xyes"; then
98a7c37b 864 if test -d "$withval/lib"; then
865 if test -n "${need_dash_r}"; then
5a162955 866 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 867 else
5a162955 868 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 869 fi
870 else
871 if test -n "${need_dash_r}"; then
5a162955 872 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 873 else
5a162955 874 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 875 fi
876 fi
877 if test -d "$withval/include"; then
5a162955 878 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 879 else
5a162955 880 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 881 fi
6dd05556 882 fi ]
98a7c37b 883)
884
0a15d73b 885AC_CHECK_LIB(z, deflate, ,
886 [
887 saved_CPPFLAGS="$CPPFLAGS"
888 saved_LDFLAGS="$LDFLAGS"
889 save_LIBS="$LIBS"
890 dnl Check default zlib install dir
891 if test -n "${need_dash_r}"; then
892 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
893 else
894 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
895 fi
896 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
897 LIBS="$LIBS -lz"
898 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
899 [
900 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
901 ]
902 )
903 ]
904)
4ad65809 905AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 906
907AC_ARG_WITH(zlib-version-check,
908 [ --without-zlib-version-check Disable zlib version check],
909 [ if test "x$withval" = "xno" ; then
910 zlib_check_nonfatal=1
911 fi
912 ]
913)
914
5c7fc85d 915AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 916AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 917#include <stdio.h>
4ad65809 918#include <zlib.h>
919int main()
920{
5c7fc85d 921 int a=0, b=0, c=0, d=0, n, v;
922 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
923 if (n != 3 && n != 4)
4ad65809 924 exit(1);
5c7fc85d 925 v = a*1000000 + b*10000 + c*100 + d;
926 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
927
928 /* 1.1.4 is OK */
929 if (a == 1 && b == 1 && c >= 4)
4ad65809 930 exit(0);
5c7fc85d 931
0072b59d 932 /* 1.2.3 and up are OK */
933 if (v >= 1020300)
5c7fc85d 934 exit(0);
935
4ad65809 936 exit(2);
937}
479cece8 938 ]])],
5c7fc85d 939 AC_MSG_RESULT(no),
940 [ AC_MSG_RESULT(yes)
8068d564 941 if test -z "$zlib_check_nonfatal" ; then
942 AC_MSG_ERROR([*** zlib too old - check config.log ***
943Your reported zlib version has known security problems. It's possible your
944vendor has fixed these problems without changing the version number. If you
945are sure this is the case, you can disable the check by running
946"./configure --without-zlib-version-check".
6090bcfe 947If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 948See http://www.gzip.org/zlib/ for details.])
8068d564 949 else
950 AC_MSG_WARN([zlib version may have security problems])
951 fi
1a01a50c 952 ],
953 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 954)
48e7916f 955
2c523de9 956dnl UnixWare 2.x
aff51935 957AC_CHECK_FUNC(strcasecmp,
2c523de9 958 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
959)
23361281 960AC_CHECK_FUNCS(utimes,
cda1ebcb 961 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
962 LIBS="$LIBS -lc89"]) ]
2c523de9 963)
4cca272e 964
7c6d759d 965dnl Checks for libutil functions
966AC_CHECK_HEADERS(libutil.h)
3466e002 967AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
968 [Define if your libraries define login()])])
7c6d759d 969AC_CHECK_FUNCS(logout updwtmp logwtmp)
970
a738c3b0 971AC_FUNC_STRFTIME
972
84ceda19 973# Check for ALTDIRFUNC glob() extension
974AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
975AC_EGREP_CPP(FOUNDIT,
976 [
977 #include <glob.h>
978 #ifdef GLOB_ALTDIRFUNC
979 FOUNDIT
980 #endif
aff51935 981 ],
84ceda19 982 [
3466e002 983 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
984 [Define if your system glob() function has
985 the GLOB_ALTDIRFUNC extension])
84ceda19 986 AC_MSG_RESULT(yes)
987 ],
988 [
989 AC_MSG_RESULT(no)
990 ]
991)
4cca272e 992
40849fdb 993# Check for g.gl_matchc glob() extension
994AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 995AC_TRY_COMPILE(
13ff27b7 996 [ #include <glob.h> ],
997 [glob_t g; g.gl_matchc = 1;],
aff51935 998 [
3466e002 999 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1000 [Define if your system glob() function has
1001 gl_matchc options in glob_t])
aff51935 1002 AC_MSG_RESULT(yes)
1003 ],
1004 [
1005 AC_MSG_RESULT(no)
1006 ]
40849fdb 1007)
1008
78888bab 1009AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1010
edbe6722 1011AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1012AC_RUN_IFELSE(
479cece8 1013 [AC_LANG_SOURCE([[
edbe6722 1014#include <sys/types.h>
1015#include <dirent.h>
aec4cb4f 1016int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1017 ]])],
aff51935 1018 [AC_MSG_RESULT(yes)],
edbe6722 1019 [
1020 AC_MSG_RESULT(no)
3466e002 1021 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1022 [Define if your struct dirent expects you to
3466e002 1023 allocate extra space for d_name])
1a01a50c 1024 ],
82f4e93d 1025 [
1a01a50c 1026 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1027 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1028 ]
1029)
1030
419e26e7 1031AC_MSG_CHECKING([for /proc/pid/fd directory])
1032if test -d "/proc/$$/fd" ; then
3466e002 1033 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1034 AC_MSG_RESULT(yes)
1035else
1036 AC_MSG_RESULT(no)
1037fi
1038
278588d8 1039# Check whether user wants S/Key support
aff51935 1040SKEY_MSG="no"
278588d8 1041AC_ARG_WITH(skey,
6ff3d0dc 1042 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1043 [
1044 if test "x$withval" != "xno" ; then
1045
1046 if test "x$withval" != "xyes" ; then
1047 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1048 LDFLAGS="$LDFLAGS -L${withval}/lib"
1049 fi
1050
3466e002 1051 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1052 LIBS="-lskey $LIBS"
aff51935 1053 SKEY_MSG="yes"
82f4e93d 1054
ddceb1c8 1055 AC_MSG_CHECKING([for s/key support])
b0e7249f 1056 AC_LINK_IFELSE(
1057 [AC_LANG_SOURCE([[
ddceb1c8 1058#include <stdio.h>
1059#include <skey.h>
aec4cb4f 1060int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1061 ]])],
ddceb1c8 1062 [AC_MSG_RESULT(yes)],
278588d8 1063 [
ddceb1c8 1064 AC_MSG_RESULT(no)
278588d8 1065 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1066 ])
141fc639 1067 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1068 AC_TRY_COMPILE(
1069 [#include <stdio.h>
1070 #include <skey.h>],
1071 [(void)skeychallenge(NULL,"name","",0);],
1072 [AC_MSG_RESULT(yes)
3466e002 1073 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1074 [Define if your skeychallenge()
1075 function takes 4 arguments (NetBSD)])],
141fc639 1076 [AC_MSG_RESULT(no)]
1077 )
278588d8 1078 fi
1079 ]
1080)
1081
1082# Check whether user wants TCP wrappers support
98a7c37b 1083TCPW_MSG="no"
278588d8 1084AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1085 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1086 [
1087 if test "x$withval" != "xno" ; then
1088 saved_LIBS="$LIBS"
98a7c37b 1089 saved_LDFLAGS="$LDFLAGS"
1090 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1091 if test -n "${withval}" && \
6cf0200f 1092 test "x${withval}" != "xyes"; then
98a7c37b 1093 if test -d "${withval}/lib"; then
1094 if test -n "${need_dash_r}"; then
5a162955 1095 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1096 else
5a162955 1097 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1098 fi
1099 else
1100 if test -n "${need_dash_r}"; then
5a162955 1101 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1102 else
5a162955 1103 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1104 fi
1105 fi
1106 if test -d "${withval}/include"; then
5a162955 1107 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1108 else
5a162955 1109 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1110 fi
98a7c37b 1111 fi
ddceb1c8 1112 LIBWRAP="-lwrap"
1113 LIBS="$LIBWRAP $LIBS"
278588d8 1114 AC_MSG_CHECKING(for libwrap)
1115 AC_TRY_LINK(
1116 [
77f09220 1117#include <sys/types.h>
1118#include <sys/socket.h>
1119#include <netinet/in.h>
278588d8 1120#include <tcpd.h>
1121 int deny_severity = 0, allow_severity = 0;
1122 ],
1123 [hosts_access(0);],
1124 [
1125 AC_MSG_RESULT(yes)
3466e002 1126 AC_DEFINE(LIBWRAP, 1,
1127 [Define if you want
1128 TCP Wrappers support])
ddceb1c8 1129 AC_SUBST(LIBWRAP)
98a7c37b 1130 TCPW_MSG="yes"
278588d8 1131 ],
1132 [
1133 AC_MSG_ERROR([*** libwrap missing])
1134 ]
1135 )
ddceb1c8 1136 LIBS="$saved_LIBS"
278588d8 1137 fi
1138 ]
1139)
1140
59031773 1141# Check whether user wants libedit support
1142LIBEDIT_MSG="no"
1143AC_ARG_WITH(libedit,
6ff3d0dc 1144 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1145 [ if test "x$withval" != "xno" ; then
737edf04 1146 if test "x$withval" != "xyes"; then
bb116c8e 1147 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1148 if test -n "${need_dash_r}"; then
1149 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1150 else
1151 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1152 fi
737edf04 1153 fi
59031773 1154 AC_CHECK_LIB(edit, el_init,
3466e002 1155 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1156 LIBEDIT="-ledit -lcurses"
1157 LIBEDIT_MSG="yes"
1158 AC_SUBST(LIBEDIT)
1159 ],
737edf04 1160 [ AC_MSG_ERROR(libedit not found) ],
1161 [ -lcurses ]
59031773 1162 )
f47ddccb 1163 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1164 AC_COMPILE_IFELSE(
1165 [AC_LANG_SOURCE([[
1166#include <histedit.h>
f47ddccb 1167int main(void)
1168{
1169 int i = H_SETSIZE;
1170 el_init("", NULL, NULL, NULL);
1171 exit(0);
1172}
d92622f9 1173 ]])],
f47ddccb 1174 [ AC_MSG_RESULT(yes) ],
1175 [ AC_MSG_RESULT(no)
1176 AC_MSG_ERROR(libedit version is not compatible) ]
1177 )
59031773 1178 fi ]
1179)
1180
7b578f7d 1181AUDIT_MODULE=none
1182AC_ARG_WITH(audit,
1183 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1184 [
1185 AC_MSG_CHECKING(for supported audit module)
1186 case "$withval" in
1187 bsm)
1188 AC_MSG_RESULT(bsm)
1189 AUDIT_MODULE=bsm
1190 dnl Checks for headers, libs and functions
1191 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1192 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1193 [
1194#ifdef HAVE_TIME_H
1195# include <time.h>
1196#endif
1197 ]
1198)
7b578f7d 1199 AC_CHECK_LIB(bsm, getaudit, [],
1200 [AC_MSG_ERROR(BSM enabled and required library not found)])
1201 AC_CHECK_FUNCS(getaudit, [],
1202 [AC_MSG_ERROR(BSM enabled and required function not found)])
1203 # These are optional
7939c496 1204 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1205 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1206 ;;
1207 debug)
1208 AUDIT_MODULE=debug
1209 AC_MSG_RESULT(debug)
3466e002 1210 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1211 ;;
a2b3321d 1212 no)
d92622f9 1213 AC_MSG_RESULT(no)
a2b3321d 1214 ;;
7b578f7d 1215 *)
1216 AC_MSG_ERROR([Unknown audit module $withval])
1217 ;;
1218 esac ]
1219)
1220
19160674 1221dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1222AC_CHECK_FUNCS( \
1223 arc4random \
9a406e1e 1224 asprintf \
b04a9f8c 1225 b64_ntop \
1226 __b64_ntop \
1227 b64_pton \
1228 __b64_pton \
1229 bcopy \
1230 bindresvport_sa \
1231 clock \
1232 closefrom \
1233 dirfd \
b04a9f8c 1234 fchmod \
1235 fchown \
1236 freeaddrinfo \
1237 futimes \
1238 getaddrinfo \
1239 getcwd \
1240 getgrouplist \
1241 getnameinfo \
1242 getopt \
1243 getpeereid \
1244 _getpty \
1245 getrlimit \
1246 getttyent \
1247 glob \
1248 inet_aton \
1249 inet_ntoa \
1250 inet_ntop \
1251 innetgr \
1252 login_getcapbool \
1253 md5_crypt \
1254 memmove \
1255 mkdtemp \
1256 mmap \
1257 ngetaddrinfo \
1258 nsleep \
1259 ogetaddrinfo \
1260 openlog_r \
1261 openpty \
1262 prctl \
1263 pstat \
1264 readpassphrase \
1265 realpath \
1266 recvmsg \
1267 rresvport_af \
1268 sendmsg \
1269 setdtablesize \
1270 setegid \
1271 setenv \
1272 seteuid \
1273 setgroups \
1274 setlogin \
1275 setpcred \
1276 setproctitle \
1277 setregid \
1278 setreuid \
1279 setrlimit \
1280 setsid \
1281 setvbuf \
1282 sigaction \
1283 sigvec \
1284 snprintf \
1285 socketpair \
1286 strdup \
1287 strerror \
1288 strlcat \
1289 strlcpy \
1290 strmode \
1291 strnvis \
1292 strtonum \
1e29a0c8 1293 strtoll \
b04a9f8c 1294 strtoul \
1295 sysconf \
1296 tcgetpgrp \
1297 truncate \
1298 unsetenv \
1299 updwtmpx \
9a406e1e 1300 vasprintf \
b04a9f8c 1301 vhangup \
1302 vsnprintf \
1303 waitpid \
19160674 1304)
98a7c37b 1305
1a086f97 1306# IRIX has a const char return value for gai_strerror()
1307AC_CHECK_FUNCS(gai_strerror,[
1308 AC_DEFINE(HAVE_GAI_STRERROR)
1309 AC_TRY_COMPILE([
1310#include <sys/types.h>
1311#include <sys/socket.h>
1312#include <netdb.h>
1313
1314const char *gai_strerror(int);],[
1315char *str;
1316
1317str = gai_strerror(0);],[
1318 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1319 [Define if gai_strerror() returns const char *])])])
1320
3466e002 1321AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1322 [Some systems put nanosleep outside of libc]))
92b1decf 1323
309709db 1324dnl Make sure prototypes are defined for these before using them.
309709db 1325AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1326AC_CHECK_DECL(strsep,
1327 [AC_CHECK_FUNCS(strsep)],
1328 [],
1329 [
1330#ifdef HAVE_STRING_H
1331# include <string.h>
1332#endif
1333 ])
08412d26 1334
3490699c 1335dnl tcsendbreak might be a macro
1336AC_CHECK_DECL(tcsendbreak,
1337 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1338 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1339 [#include <termios.h>]
1340)
1341
41e0e158 1342AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1343
71f4c727 1344AC_CHECK_DECLS(SHUT_RD, , ,
1345 [
1346#include <sys/types.h>
1347#include <sys/socket.h>
1348 ])
956d6743 1349
1350AC_CHECK_DECLS(O_NONBLOCK, , ,
1351 [
1352#include <sys/types.h>
1353#ifdef HAVE_SYS_STAT_H
1354# include <sys/stat.h>
1355#endif
1356#ifdef HAVE_FCNTL_H
1357# include <fcntl.h>
1358#endif
1359 ])
1360
752994dd 1361AC_CHECK_DECLS(writev, , , [
1362#include <sys/types.h>
1363#include <sys/uio.h>
1364#include <unistd.h>
1365 ])
1366
3f176010 1367AC_CHECK_FUNCS(setresuid, [
1368 dnl Some platorms have setresuid that isn't implemented, test for this
1369 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1370 AC_RUN_IFELSE(
1371 [AC_LANG_SOURCE([[
9a3fe0e2 1372#include <stdlib.h>
1373#include <errno.h>
1374int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1375 ]])],
3f176010 1376 [AC_MSG_RESULT(yes)],
3466e002 1377 [AC_DEFINE(BROKEN_SETRESUID, 1,
1378 [Define if your setresuid() is broken])
1a01a50c 1379 AC_MSG_RESULT(not implemented)],
1380 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1381 )
1382])
9a3fe0e2 1383
3f176010 1384AC_CHECK_FUNCS(setresgid, [
1385 dnl Some platorms have setresgid that isn't implemented, test for this
1386 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1387 AC_RUN_IFELSE(
1388 [AC_LANG_SOURCE([[
9a3fe0e2 1389#include <stdlib.h>
1390#include <errno.h>
1391int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1392 ]])],
3f176010 1393 [AC_MSG_RESULT(yes)],
3466e002 1394 [AC_DEFINE(BROKEN_SETRESGID, 1,
1395 [Define if your setresgid() is broken])
1a01a50c 1396 AC_MSG_RESULT(not implemented)],
1397 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1398 )
1399])
9a3fe0e2 1400
2e73a022 1401dnl Checks for time functions
1d7b9b20 1402AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1403dnl Checks for utmp functions
b03bd394 1404AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1405AC_CHECK_FUNCS(utmpname)
2e73a022 1406dnl Checks for utmpx functions
b03bd394 1407AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1408AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1409
aff51935 1410AC_CHECK_FUNC(daemon,
3466e002 1411 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1412 [AC_CHECK_LIB(bsd, daemon,
1413 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1414)
1415
aff51935 1416AC_CHECK_FUNC(getpagesize,
3466e002 1417 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1418 [Define if your libraries define getpagesize()])],
1419 [AC_CHECK_LIB(ucb, getpagesize,
1420 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1421)
1422
2647ae26 1423# Check for broken snprintf
1424if test "x$ac_cv_func_snprintf" = "xyes" ; then
1425 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1426 AC_RUN_IFELSE(
479cece8 1427 [AC_LANG_SOURCE([[
2647ae26 1428#include <stdio.h>
aec4cb4f 1429int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1430 ]])],
aff51935 1431 [AC_MSG_RESULT(yes)],
2647ae26 1432 [
1433 AC_MSG_RESULT(no)
3466e002 1434 AC_DEFINE(BROKEN_SNPRINTF, 1,
1435 [Define if your snprintf is busted])
2647ae26 1436 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1437 ],
1438 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1439 )
1440fi
1441
9a406e1e 1442# If we don't have a working asprintf, then we strongly depend on vsnprintf
1443# returning the right thing on overflow: the number of characters it tried to
1444# create (as per SUSv3)
1445if test "x$ac_cv_func_asprintf" != "xyes" && \
1446 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1447 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1448 AC_RUN_IFELSE(
1449 [AC_LANG_SOURCE([[
1450#include <sys/types.h>
1451#include <stdio.h>
1452#include <stdarg.h>
1453
1454int x_snprintf(char *str,size_t count,const char *fmt,...)
1455{
1456 size_t ret; va_list ap;
1457 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1458 return ret;
1459}
1460int main(void)
1461{
1462 char x[1];
1463 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1464} ]])],
1465 [AC_MSG_RESULT(yes)],
1466 [
1467 AC_MSG_RESULT(no)
1468 AC_DEFINE(BROKEN_SNPRINTF, 1,
1469 [Define if your snprintf is busted])
1470 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1471 ],
1472 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1473 )
1474fi
1475
31b0732a 1476# On systems where [v]snprintf is broken, but is declared in stdio,
1477# check that the fmt argument is const char * or just char *.
1478# This is only useful for when BROKEN_SNPRINTF
1479AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1480AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1481 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1482 int main(void) { snprintf(0, 0, 0); }
1483 ]])],
1484 [AC_MSG_RESULT(yes)
1485 AC_DEFINE(SNPRINTF_CONST, [const],
1486 [Define as const if snprintf() can declare const char *fmt])],
1487 [AC_MSG_RESULT(no)
1488 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1489
2f6f9cff 1490# Check for missing getpeereid (or equiv) support
1491NO_PEERCHECK=""
1492if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1493 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1494 AC_TRY_COMPILE(
1495 [#include <sys/types.h>
1496 #include <sys/socket.h>],
1497 [int i = SO_PEERCRED;],
62eb7db4 1498 [ AC_MSG_RESULT(yes)
3466e002 1499 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1500 ],
2f6f9cff 1501 [AC_MSG_RESULT(no)
1502 NO_PEERCHECK=1]
1503 )
1504fi
1505
70e7d0b0 1506dnl see whether mkstemp() requires XXXXXX
1507if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1508AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1509AC_RUN_IFELSE(
1510 [AC_LANG_SOURCE([[
70e7d0b0 1511#include <stdlib.h>
1512main() { char template[]="conftest.mkstemp-test";
1513if (mkstemp(template) == -1)
1514 exit(1);
1515unlink(template); exit(0);
1516}
b0e7249f 1517 ]])],
70e7d0b0 1518 [
1519 AC_MSG_RESULT(no)
1520 ],
aff51935 1521 [
70e7d0b0 1522 AC_MSG_RESULT(yes)
3466e002 1523 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1524 ],
1525 [
1526 AC_MSG_RESULT(yes)
1527 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1528 ]
70e7d0b0 1529)
1530fi
1531
eacb954e 1532dnl make sure that openpty does not reacquire controlling terminal
1533if test ! -z "$check_for_openpty_ctty_bug"; then
1534 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1535 AC_RUN_IFELSE(
1536 [AC_LANG_SOURCE([[
eacb954e 1537#include <stdio.h>
1538#include <sys/fcntl.h>
1539#include <sys/types.h>
1540#include <sys/wait.h>
1541
1542int
1543main()
1544{
1545 pid_t pid;
1546 int fd, ptyfd, ttyfd, status;
1547
1548 pid = fork();
1549 if (pid < 0) { /* failed */
1550 exit(1);
1551 } else if (pid > 0) { /* parent */
1552 waitpid(pid, &status, 0);
aff51935 1553 if (WIFEXITED(status))
eacb954e 1554 exit(WEXITSTATUS(status));
1555 else
1556 exit(2);
1557 } else { /* child */
1558 close(0); close(1); close(2);
1559 setsid();
1560 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1561 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1562 if (fd >= 0)
1563 exit(3); /* Acquired ctty: broken */
1564 else
1565 exit(0); /* Did not acquire ctty: OK */
1566 }
1567}
b0e7249f 1568 ]])],
eacb954e 1569 [
1570 AC_MSG_RESULT(yes)
1571 ],
1572 [
1573 AC_MSG_RESULT(no)
1574 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1575 ],
1576 [
1577 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1578 ]
1579 )
1580fi
1581
4b492aab 1582if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1583 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1584 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1585 AC_RUN_IFELSE(
1586 [AC_LANG_SOURCE([[
2fe51906 1587#include <stdio.h>
1588#include <sys/socket.h>
1589#include <netdb.h>
1590#include <errno.h>
1591#include <netinet/in.h>
1592
1593#define TEST_PORT "2222"
1594
1595int
1596main(void)
1597{
1598 int err, sock;
1599 struct addrinfo *gai_ai, *ai, hints;
1600 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1601
1602 memset(&hints, 0, sizeof(hints));
1603 hints.ai_family = PF_UNSPEC;
1604 hints.ai_socktype = SOCK_STREAM;
1605 hints.ai_flags = AI_PASSIVE;
1606
1607 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1608 if (err != 0) {
1609 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1610 exit(1);
1611 }
1612
1613 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1614 if (ai->ai_family != AF_INET6)
1615 continue;
1616
1617 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1618 sizeof(ntop), strport, sizeof(strport),
1619 NI_NUMERICHOST|NI_NUMERICSERV);
1620
1621 if (err != 0) {
1622 if (err == EAI_SYSTEM)
1623 perror("getnameinfo EAI_SYSTEM");
1624 else
1625 fprintf(stderr, "getnameinfo failed: %s\n",
1626 gai_strerror(err));
1627 exit(2);
1628 }
1629
1630 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1631 if (sock < 0)
1632 perror("socket");
1633 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1634 if (errno == EBADF)
1635 exit(3);
1636 }
1637 }
1638 exit(0);
1639}
b0e7249f 1640 ]])],
2fe51906 1641 [
1642 AC_MSG_RESULT(yes)
1643 ],
1644 [
1645 AC_MSG_RESULT(no)
1646 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1647 ],
1648 [
1649 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1650 ]
1651 )
1652fi
1653
4b492aab 1654if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1655 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1656 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1657 AC_RUN_IFELSE(
1658 [AC_LANG_SOURCE([[
5ccf88cb 1659#include <stdio.h>
1660#include <sys/socket.h>
1661#include <netdb.h>
1662#include <errno.h>
1663#include <netinet/in.h>
1664
1665#define TEST_PORT "2222"
1666
1667int
1668main(void)
1669{
1670 int err, sock;
1671 struct addrinfo *gai_ai, *ai, hints;
1672 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1673
1674 memset(&hints, 0, sizeof(hints));
1675 hints.ai_family = PF_UNSPEC;
1676 hints.ai_socktype = SOCK_STREAM;
1677 hints.ai_flags = AI_PASSIVE;
1678
1679 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1680 if (err != 0) {
1681 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1682 exit(1);
1683 }
1684
1685 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1686 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1687 continue;
1688
1689 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1690 sizeof(ntop), strport, sizeof(strport),
1691 NI_NUMERICHOST|NI_NUMERICSERV);
1692
1693 if (ai->ai_family == AF_INET && err != 0) {
1694 perror("getnameinfo");
1695 exit(2);
1696 }
1697 }
1698 exit(0);
1699}
b0e7249f 1700 ]])],
5ccf88cb 1701 [
1702 AC_MSG_RESULT(yes)
3466e002 1703 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1704 [Define if you have a getaddrinfo that fails
1705 for the all-zeros IPv6 address])
5ccf88cb 1706 ],
1707 [
1708 AC_MSG_RESULT(no)
1709 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1710 ],
ecd9ec09 1711 [
b0e7249f 1712 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1713 ]
1714 )
1715fi
1716
b29fd59f 1717if test "x$check_for_conflicting_getspnam" = "x1"; then
1718 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1719 AC_COMPILE_IFELSE(
1720 [
1721#include <shadow.h>
1722int main(void) {exit(0);}
1723 ],
1724 [
1725 AC_MSG_RESULT(no)
1726 ],
1727 [
1728 AC_MSG_RESULT(yes)
1729 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1730 [Conflicting defs for getspnam])
1731 ]
1732 )
1733fi
1734
7f8f5e00 1735AC_FUNC_GETPGRP
1736
5b991353 1737# Search for OpenSSL
1738saved_CPPFLAGS="$CPPFLAGS"
1739saved_LDFLAGS="$LDFLAGS"
a0391976 1740AC_ARG_WITH(ssl-dir,
1741 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1742 [
e9e4a1c7 1743 if test "x$withval" != "xno" ; then
99eb0f64 1744 case "$withval" in
1745 # Relative paths
1746 ./*|../*) withval="`pwd`/$withval"
1747 esac
5b991353 1748 if test -d "$withval/lib"; then
1749 if test -n "${need_dash_r}"; then
1750 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1751 else
1752 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1753 fi
1754 else
5b991353 1755 if test -n "${need_dash_r}"; then
1756 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1757 else
1758 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1759 fi
1760 fi
5b991353 1761 if test -d "$withval/include"; then
1762 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1763 else
5b991353 1764 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1765 fi
a0391976 1766 fi
5b991353 1767 ]
1768)
5486a457 1769LIBS="-lcrypto $LIBS"
3466e002 1770AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1771 [Define if your ssl headers are included
1772 with #include <openssl/header.h>]),
d45e3d76 1773 [
5b991353 1774 dnl Check default openssl install dir
1775 if test -n "${need_dash_r}"; then
1776 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1777 else
5b991353 1778 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1779 fi
5b991353 1780 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1781 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1782 [
1783 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1784 ]
1785 )
1786 ]
1787)
1788
cd018561 1789# Determine OpenSSL header version
1790AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1791AC_RUN_IFELSE(
479cece8 1792 [AC_LANG_SOURCE([[
cd018561 1793#include <stdio.h>
1794#include <string.h>
1795#include <openssl/opensslv.h>
1796#define DATA "conftest.sslincver"
1797int main(void) {
aff51935 1798 FILE *fd;
1799 int rc;
cd018561 1800
aff51935 1801 fd = fopen(DATA,"w");
1802 if(fd == NULL)
1803 exit(1);
cd018561 1804
1805 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1806 exit(1);
1807
1808 exit(0);
1809}
479cece8 1810 ]])],
cd018561 1811 [
1812 ssl_header_ver=`cat conftest.sslincver`
1813 AC_MSG_RESULT($ssl_header_ver)
1814 ],
1815 [
1816 AC_MSG_RESULT(not found)
1817 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1818 ],
1819 [
1820 AC_MSG_WARN([cross compiling: not checking])
cd018561 1821 ]
1822)
1823
1824# Determine OpenSSL library version
1825AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1826AC_RUN_IFELSE(
479cece8 1827 [AC_LANG_SOURCE([[
cd018561 1828#include <stdio.h>
1829#include <string.h>
1830#include <openssl/opensslv.h>
1831#include <openssl/crypto.h>
1832#define DATA "conftest.ssllibver"
1833int main(void) {
aff51935 1834 FILE *fd;
1835 int rc;
cd018561 1836
aff51935 1837 fd = fopen(DATA,"w");
1838 if(fd == NULL)
1839 exit(1);
cd018561 1840
1841 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1842 exit(1);
1843
1844 exit(0);
1845}
479cece8 1846 ]])],
cd018561 1847 [
1848 ssl_library_ver=`cat conftest.ssllibver`
1849 AC_MSG_RESULT($ssl_library_ver)
1850 ],
1851 [
1852 AC_MSG_RESULT(not found)
1853 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1854 ],
1855 [
1856 AC_MSG_WARN([cross compiling: not checking])
cd018561 1857 ]
1858)
58d100bf 1859
9780116c 1860# Sanity check OpenSSL headers
1861AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1862AC_RUN_IFELSE(
479cece8 1863 [AC_LANG_SOURCE([[
9780116c 1864#include <string.h>
1865#include <openssl/opensslv.h>
aec4cb4f 1866int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1867 ]])],
9780116c 1868 [
1869 AC_MSG_RESULT(yes)
1870 ],
1871 [
1872 AC_MSG_RESULT(no)
e15ba28b 1873 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1874Check config.log for details.
1875Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1876 ],
1877 [
1878 AC_MSG_WARN([cross compiling: not checking])
9780116c 1879 ]
1880)
1881
282d6408 1882AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1883AC_LINK_IFELSE(
1884 [AC_LANG_SOURCE([[
1885#include <openssl/evp.h>
1886int main(void) { SSLeay_add_all_algorithms(); }
1887 ]])],
1888 [
1889 AC_MSG_RESULT(yes)
1890 ],
1891 [
1892 AC_MSG_RESULT(no)
1893 saved_LIBS="$LIBS"
1894 LIBS="$LIBS -ldl"
1895 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1896 AC_LINK_IFELSE(
1897 [AC_LANG_SOURCE([[
1898#include <openssl/evp.h>
1899int main(void) { SSLeay_add_all_algorithms(); }
1900 ]])],
1901 [
1902 AC_MSG_RESULT(yes)
1903 ],
1904 [
1905 AC_MSG_RESULT(no)
1906 LIBS="$saved_LIBS"
1907 ]
1908 )
1909 ]
1910)
1911
c7ad0d99 1912AC_ARG_WITH(ssl-engine,
1913 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1914 [ if test "x$withval" != "xno" ; then
1915 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1916 AC_TRY_COMPILE(
1917 [ #include <openssl/engine.h>],
1918 [
24b2647b 1919ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 1920 ],
1921 [ AC_MSG_RESULT(yes)
1922 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1923 [Enable OpenSSL engine support])
1924 ],
1925 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1926 )
1927 fi ]
1928)
1929
e5146707 1930# Check for OpenSSL without EVP_aes_{192,256}_cbc
1931AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1932AC_LINK_IFELSE(
e5146707 1933 [AC_LANG_SOURCE([[
1934#include <string.h>
1935#include <openssl/evp.h>
300ea548 1936int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1937 ]])],
1938 [
1939 AC_MSG_RESULT(no)
1940 ],
1941 [
1942 AC_MSG_RESULT(yes)
1943 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1944 [libcrypto is missing AES 192 and 256 bit functions])
1945 ]
1946)
1947
5486a457 1948# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1949# because the system crypt() is more featureful.
1950if test "x$check_for_libcrypt_before" = "x1"; then
1951 AC_CHECK_LIB(crypt, crypt)
1952fi
1953
aff51935 1954# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1955# version in OpenSSL.
05114c74 1956if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1957 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1958fi
1959
13ff27b7 1960# Search for SHA256 support in libc and/or OpenSSL
1961AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1962
4c653d8e 1963AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1964
1965### Configure cryptographic random number support
1966
1967# Check wheter OpenSSL seeds itself
1968AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1969AC_RUN_IFELSE(
479cece8 1970 [AC_LANG_SOURCE([[
f1b0ecc3 1971#include <string.h>
1972#include <openssl/rand.h>
aec4cb4f 1973int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1974 ]])],
f1b0ecc3 1975 [
1976 OPENSSL_SEEDS_ITSELF=yes
1977 AC_MSG_RESULT(yes)
1978 ],
1979 [
1980 AC_MSG_RESULT(no)
1981 # Default to use of the rand helper if OpenSSL doesn't
1982 # seed itself
1983 USE_RAND_HELPER=yes
1a01a50c 1984 ],
1985 [
1986 AC_MSG_WARN([cross compiling: assuming yes])
1987 # This is safe, since all recent OpenSSL versions will
82f4e93d 1988 # complain at runtime if not seeded correctly.
1a01a50c 1989 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1990 ]
1991)
1992
a086f73b 1993# Check for PAM libs
1994PAM_MSG="no"
1995AC_ARG_WITH(pam,
1996 [ --with-pam Enable PAM support ],
1997 [
1998 if test "x$withval" != "xno" ; then
1999 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2000 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2001 AC_MSG_ERROR([PAM headers not found])
2002 fi
2003
2004 saved_LIBS="$LIBS"
2005 AC_CHECK_LIB(dl, dlopen, , )
2006 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2007 AC_CHECK_FUNCS(pam_getenvlist)
2008 AC_CHECK_FUNCS(pam_putenv)
2009 LIBS="$saved_LIBS"
2010
2011 PAM_MSG="yes"
2012
282d6408 2013 LIBPAM="-lpam"
a086f73b 2014 AC_DEFINE(USE_PAM, 1,
2015 [Define if you want to enable PAM support])
282d6408 2016
a086f73b 2017 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2018 case "$LIBS" in
2019 *-ldl*)
2020 # libdl already in LIBS
2021 ;;
2022 *)
08164407 2023 LIBPAM="$LIBPAM -ldl"
282d6408 2024 ;;
2025 esac
a086f73b 2026 fi
2027 AC_SUBST(LIBPAM)
2028 fi
2029 ]
2030)
2031
2032# Check for older PAM
2033if test "x$PAM_MSG" = "xyes" ; then
2034 # Check PAM strerror arguments (old PAM)
2035 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2036 AC_TRY_COMPILE(
2037 [
2038#include <stdlib.h>
2039#if defined(HAVE_SECURITY_PAM_APPL_H)
2040#include <security/pam_appl.h>
2041#elif defined (HAVE_PAM_PAM_APPL_H)
2042#include <pam/pam_appl.h>
2043#endif
2044 ],
2045 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2046 [AC_MSG_RESULT(no)],
2047 [
2048 AC_DEFINE(HAVE_OLD_PAM, 1,
2049 [Define if you have an old version of PAM
2050 which takes only one argument to pam_strerror])
2051 AC_MSG_RESULT(yes)
2052 PAM_MSG="yes (old library)"
2053 ]
2054 )
2055fi
f1b0ecc3 2056
2057# Do we want to force the use of the rand helper?
2058AC_ARG_WITH(rand-helper,
2059 [ --with-rand-helper Use subprocess to gather strong randomness ],
2060 [
2061 if test "x$withval" = "xno" ; then
aff51935 2062 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2063 # the previous test showed it to be unseeded.
2064 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2065 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2066 OPENSSL_SEEDS_ITSELF=yes
2067 USE_RAND_HELPER=""
2068 fi
2069 else
2070 USE_RAND_HELPER=yes
2071 fi
2072 ],
82f4e93d 2073)
f1b0ecc3 2074
2075# Which randomness source do we use?
4b492aab 2076if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2077 # OpenSSL only
3466e002 2078 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2079 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2080 RAND_MSG="OpenSSL internal ONLY"
2081 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2082elif test ! -z "$USE_RAND_HELPER" ; then
2083 # install rand helper
f1b0ecc3 2084 RAND_MSG="ssh-rand-helper"
2085 INSTALL_SSH_RAND_HELPER="yes"
2086fi
2087AC_SUBST(INSTALL_SSH_RAND_HELPER)
2088
2089### Configuration of ssh-rand-helper
2090
2091# PRNGD TCP socket
2092AC_ARG_WITH(prngd-port,
2093 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2094 [
eb5d7ff6 2095 case "$withval" in
2096 no)
2097 withval=""
2098 ;;
2099 [[0-9]]*)
2100 ;;
2101 *)
2102 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2103 ;;
2104 esac
2105 if test ! -z "$withval" ; then
f1b0ecc3 2106 PRNGD_PORT="$withval"
3466e002 2107 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2108 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2109 fi
2110 ]
2111)
2112
2113# PRNGD Unix domain socket
2114AC_ARG_WITH(prngd-socket,
2115 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2116 [
eb5d7ff6 2117 case "$withval" in
2118 yes)
f1b0ecc3 2119 withval="/var/run/egd-pool"
eb5d7ff6 2120 ;;
2121 no)
2122 withval=""
2123 ;;
2124 /*)
2125 ;;
2126 *)
2127 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2128 ;;
2129 esac
2130
2131 if test ! -z "$withval" ; then
f1b0ecc3 2132 if test ! -z "$PRNGD_PORT" ; then
2133 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2134 fi
906e811b 2135 if test ! -r "$withval" ; then
f1b0ecc3 2136 AC_MSG_WARN(Entropy socket is not readable)
2137 fi
2138 PRNGD_SOCKET="$withval"
3466e002 2139 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2140 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2141 fi
ddceb1c8 2142 ],
2143 [
2144 # Check for existing socket only if we don't have a random device already
2145 if test "$USE_RAND_HELPER" = yes ; then
2146 AC_MSG_CHECKING(for PRNGD/EGD socket)
2147 # Insert other locations here
2148 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2149 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2150 PRNGD_SOCKET="$sock"
2151 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2152 break;
2153 fi
2154 done
2155 if test ! -z "$PRNGD_SOCKET" ; then
2156 AC_MSG_RESULT($PRNGD_SOCKET)
2157 else
2158 AC_MSG_RESULT(not found)
2159 fi
2160 fi
f1b0ecc3 2161 ]
2162)
2163
2164# Change default command timeout for hashing entropy source
2165entropy_timeout=200
2166AC_ARG_WITH(entropy-timeout,
2167 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2168 [
6cf0200f 2169 if test -n "$withval" && test "x$withval" != "xno" && \
2170 test "x${withval}" != "xyes"; then
f1b0ecc3 2171 entropy_timeout=$withval
2172 fi
82f4e93d 2173 ]
f1b0ecc3 2174)
3466e002 2175AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2176 [Builtin PRNG command timeout])
f1b0ecc3 2177
fd3cbf67 2178SSH_PRIVSEP_USER=sshd
9a0fbcb3 2179AC_ARG_WITH(privsep-user,
5222e7ef 2180 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2181 [
6cf0200f 2182 if test -n "$withval" && test "x$withval" != "xno" && \
2183 test "x${withval}" != "xyes"; then
fd3cbf67 2184 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2185 fi
82f4e93d 2186 ]
9a0fbcb3 2187)
3466e002 2188AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2189 [non-privileged user for privilege separation])
fd3cbf67 2190AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2191
81dadca3 2192# We do this little dance with the search path to insure
2193# that programs that we select for use by installed programs
2194# (which may be run by the super-user) come from trusted
2195# locations before they come from the user's private area.
2196# This should help avoid accidentally configuring some
2197# random version of a program in someone's personal bin.
2198
2199OPATH=$PATH
2200PATH=/bin:/usr/bin
f95c8ce8 2201test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2202test -d /sbin && PATH=$PATH:/sbin
2203test -d /usr/sbin && PATH=$PATH:/usr/sbin
2204PATH=$PATH:/etc:$OPATH
2205
aff51935 2206# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2207OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2208OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2209OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2210OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2211OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2212OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2213OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2214OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2215OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2216OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2217OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2218OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2219OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2220OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2221OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2222OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2223# restore PATH
2224PATH=$OPATH
f1b0ecc3 2225
2226# Where does ssh-rand-helper get its randomness from?
2227INSTALL_SSH_PRNG_CMDS=""
2228if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2229 if test ! -z "$PRNGD_PORT" ; then
2230 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2231 elif test ! -z "$PRNGD_SOCKET" ; then
2232 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2233 else
2234 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2235 RAND_HELPER_CMDHASH=yes
2236 INSTALL_SSH_PRNG_CMDS="yes"
2237 fi
2238fi
2239AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2240
2241
66d6c27e 2242# Cheap hack to ensure NEWS-OS libraries are arranged right.
2243if test ! -z "$SONY" ; then
2244 LIBS="$LIBS -liberty";
2245fi
2246
9a406e1e 2247# Check for long long datatypes
2248AC_CHECK_TYPES([long long, unsigned long long, long double])
2249
2250# Check datatype sizes
976f7e19 2251AC_CHECK_SIZEOF(char, 1)
2b942fe0 2252AC_CHECK_SIZEOF(short int, 2)
2253AC_CHECK_SIZEOF(int, 4)
2254AC_CHECK_SIZEOF(long int, 4)
2255AC_CHECK_SIZEOF(long long int, 8)
2256
52f1ccb2 2257# Sanity check long long for some platforms (AIX)
2258if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2259 ac_cv_sizeof_long_long_int=0
2260fi
2261
90f15776 2262# compute LLONG_MIN and LLONG_MAX if we don't know them.
2263if test -z "$have_llong_max"; then
2264 AC_MSG_CHECKING([for max value of long long])
2265 AC_RUN_IFELSE(
2266 [AC_LANG_SOURCE([[
2267#include <stdio.h>
2268/* Why is this so damn hard? */
2269#ifdef __GNUC__
2270# undef __GNUC__
2271#endif
2272#define __USE_ISOC99
2273#include <limits.h>
2274#define DATA "conftest.llminmax"
055252ed 2275#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2276
2277/*
2278 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2279 * we do this the hard way.
2280 */
2281static int
2282fprint_ll(FILE *f, long long n)
2283{
2284 unsigned int i;
2285 int l[sizeof(long long) * 8];
2286
2287 if (n < 0)
2288 if (fprintf(f, "-") < 0)
2289 return -1;
2290 for (i = 0; n != 0; i++) {
2291 l[i] = my_abs(n % 10);
2292 n /= 10;
2293 }
2294 do {
2295 if (fprintf(f, "%d", l[--i]) < 0)
2296 return -1;
2297 } while (i != 0);
2298 if (fprintf(f, " ") < 0)
2299 return -1;
2300 return 0;
2301}
2302
90f15776 2303int main(void) {
2304 FILE *f;
2305 long long i, llmin, llmax = 0;
2306
2307 if((f = fopen(DATA,"w")) == NULL)
2308 exit(1);
2309
2310#if defined(LLONG_MIN) && defined(LLONG_MAX)
2311 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2312 llmin = LLONG_MIN;
2313 llmax = LLONG_MAX;
2314#else
2315 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2316 /* This will work on one's complement and two's complement */
2317 for (i = 1; i > llmax; i <<= 1, i++)
2318 llmax = i;
2319 llmin = llmax + 1LL; /* wrap */
2320#endif
2321
2322 /* Sanity check */
2323 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2324 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2325 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2326 fprintf(f, "unknown unknown\n");
2327 exit(2);
2328 }
2329
055252ed 2330 if (fprint_ll(f, llmin) < 0)
90f15776 2331 exit(3);
055252ed 2332 if (fprint_ll(f, llmax) < 0)
2333 exit(4);
2334 if (fclose(f) < 0)
2335 exit(5);
90f15776 2336 exit(0);
2337}
2338 ]])],
2339 [
2340 llong_min=`$AWK '{print $1}' conftest.llminmax`
2341 llong_max=`$AWK '{print $2}' conftest.llminmax`
2342
90f15776 2343 AC_MSG_RESULT($llong_max)
2344 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2345 [max value of long long calculated by configure])
2346 AC_MSG_CHECKING([for min value of long long])
2347 AC_MSG_RESULT($llong_min)
2348 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2349 [min value of long long calculated by configure])
2350 ],
2351 [
2352 AC_MSG_RESULT(not found)
2353 ],
2354 [
2355 AC_MSG_WARN([cross compiling: not checking])
2356 ]
2357 )
2358fi
2359
2360
a0391976 2361# More checks for data types
14a9a859 2362AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2363 AC_TRY_COMPILE(
aff51935 2364 [ #include <sys/types.h> ],
2365 [ u_int a; a = 1;],
14a9a859 2366 [ ac_cv_have_u_int="yes" ],
2367 [ ac_cv_have_u_int="no" ]
2368 )
2369])
2370if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2371 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2372 have_u_int=1
2373fi
2374
58d100bf 2375AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2376 AC_TRY_COMPILE(
aff51935 2377 [ #include <sys/types.h> ],
2378 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2379 [ ac_cv_have_intxx_t="yes" ],
2380 [ ac_cv_have_intxx_t="no" ]
2381 )
2382])
2383if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2384 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2385 have_intxx_t=1
2386fi
41cb4569 2387
2388if (test -z "$have_intxx_t" && \
aff51935 2389 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2390then
2391 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2392 AC_TRY_COMPILE(
aff51935 2393 [ #include <stdint.h> ],
2394 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2395 [
2396 AC_DEFINE(HAVE_INTXX_T)
2397 AC_MSG_RESULT(yes)
2398 ],
2399 [ AC_MSG_RESULT(no) ]
2400 )
2401fi
2402
bd590612 2403AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2404 AC_TRY_COMPILE(
1cbbe6c8 2405 [
2406#include <sys/types.h>
2407#ifdef HAVE_STDINT_H
2408# include <stdint.h>
2409#endif
2410#include <sys/socket.h>
2411#ifdef HAVE_SYS_BITYPES_H
2412# include <sys/bitypes.h>
2413#endif
aff51935 2414 ],
2415 [ int64_t a; a = 1;],
bd590612 2416 [ ac_cv_have_int64_t="yes" ],
2417 [ ac_cv_have_int64_t="no" ]
2418 )
2419])
2420if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2421 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2422fi
2423
58d100bf 2424AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2425 AC_TRY_COMPILE(
aff51935 2426 [ #include <sys/types.h> ],
2427 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2428 [ ac_cv_have_u_intxx_t="yes" ],
2429 [ ac_cv_have_u_intxx_t="no" ]
2430 )
2431])
2432if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2433 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2434 have_u_intxx_t=1
2435fi
2b942fe0 2436
41cb4569 2437if test -z "$have_u_intxx_t" ; then
2438 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2439 AC_TRY_COMPILE(
aff51935 2440 [ #include <sys/socket.h> ],
2441 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2442 [
2443 AC_DEFINE(HAVE_U_INTXX_T)
2444 AC_MSG_RESULT(yes)
2445 ],
2446 [ AC_MSG_RESULT(no) ]
2447 )
2448fi
2449
bd590612 2450AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2451 AC_TRY_COMPILE(
aff51935 2452 [ #include <sys/types.h> ],
2453 [ u_int64_t a; a = 1;],
bd590612 2454 [ ac_cv_have_u_int64_t="yes" ],
2455 [ ac_cv_have_u_int64_t="no" ]
2456 )
2457])
2458if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2459 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2460 have_u_int64_t=1
2461fi
2462
ddceb1c8 2463if test -z "$have_u_int64_t" ; then
2464 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2465 AC_TRY_COMPILE(
aff51935 2466 [ #include <sys/bitypes.h> ],
ddceb1c8 2467 [ u_int64_t a; a = 1],
2468 [
2469 AC_DEFINE(HAVE_U_INT64_T)
2470 AC_MSG_RESULT(yes)
2471 ],
2472 [ AC_MSG_RESULT(no) ]
2473 )
2474fi
2475
41cb4569 2476if test -z "$have_u_intxx_t" ; then
2477 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2478 AC_TRY_COMPILE(
2479 [
2480#include <sys/types.h>
aff51935 2481 ],
2482 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2483 [ ac_cv_have_uintxx_t="yes" ],
2484 [ ac_cv_have_uintxx_t="no" ]
2485 )
2486 ])
2487 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2488 AC_DEFINE(HAVE_UINTXX_T, 1,
2489 [define if you have uintxx_t data type])
41cb4569 2490 fi
2491fi
2492
2493if test -z "$have_uintxx_t" ; then
2494 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2495 AC_TRY_COMPILE(
aff51935 2496 [ #include <stdint.h> ],
2497 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2498 [
2499 AC_DEFINE(HAVE_UINTXX_T)
2500 AC_MSG_RESULT(yes)
2501 ],
2502 [ AC_MSG_RESULT(no) ]
2503 )
2504fi
2505
e5fe9a1f 2506if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2507 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2508then
2509 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2510 AC_TRY_COMPILE(
58d100bf 2511 [
2512#include <sys/bitypes.h>
aff51935 2513 ],
5cdfe03f 2514 [
837c30b8 2515 int8_t a; int16_t b; int32_t c;
2516 u_int8_t e; u_int16_t f; u_int32_t g;
2517 a = b = c = e = f = g = 1;
aff51935 2518 ],
5cdfe03f 2519 [
2520 AC_DEFINE(HAVE_U_INTXX_T)
2521 AC_DEFINE(HAVE_INTXX_T)
2522 AC_MSG_RESULT(yes)
2523 ],
2524 [AC_MSG_RESULT(no)]
aff51935 2525 )
5cdfe03f 2526fi
2527
0362750e 2528
2529AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2530 AC_TRY_COMPILE(
2531 [
2532#include <sys/types.h>
2533 ],
2534 [ u_char foo; foo = 125; ],
2535 [ ac_cv_have_u_char="yes" ],
2536 [ ac_cv_have_u_char="no" ]
2537 )
2538])
2539if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2540 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2541fi
2542
98a7c37b 2543TYPE_SOCKLEN_T
2b942fe0 2544
2d16d9a3 2545AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2546
777ece68 2547AC_CHECK_TYPES(in_addr_t,,,
2548[#include <sys/types.h>
2549#include <netinet/in.h>])
7b578f7d 2550
58d100bf 2551AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2552 AC_TRY_COMPILE(
2553 [
18ba2aab 2554#include <sys/types.h>
58d100bf 2555 ],
2556 [ size_t foo; foo = 1235; ],
2557 [ ac_cv_have_size_t="yes" ],
2558 [ ac_cv_have_size_t="no" ]
2559 )
2560])
2561if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2562 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2563fi
ea1970a3 2564
c04f75f1 2565AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2566 AC_TRY_COMPILE(
2567 [
2568#include <sys/types.h>
2569 ],
2570 [ ssize_t foo; foo = 1235; ],
2571 [ ac_cv_have_ssize_t="yes" ],
2572 [ ac_cv_have_ssize_t="no" ]
2573 )
2574])
2575if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2576 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2577fi
2578
f1c4659d 2579AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2580 AC_TRY_COMPILE(
2581 [
2582#include <time.h>
2583 ],
2584 [ clock_t foo; foo = 1235; ],
2585 [ ac_cv_have_clock_t="yes" ],
2586 [ ac_cv_have_clock_t="no" ]
2587 )
2588])
2589if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2590 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2591fi
2592
1c04b088 2593AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2594 AC_TRY_COMPILE(
2595 [
2596#include <sys/types.h>
2597#include <sys/socket.h>
2598 ],
2599 [ sa_family_t foo; foo = 1235; ],
2600 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2601 [ AC_TRY_COMPILE(
2602 [
2603#include <sys/types.h>
2604#include <sys/socket.h>
2605#include <netinet/in.h>
2606 ],
2607 [ sa_family_t foo; foo = 1235; ],
2608 [ ac_cv_have_sa_family_t="yes" ],
2609
1c04b088 2610 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2611 )]
1c04b088 2612 )
2613])
2614if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2615 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2616 [define if you have sa_family_t data type])
1c04b088 2617fi
2618
729bfe59 2619AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2620 AC_TRY_COMPILE(
2621 [
2622#include <sys/types.h>
2623 ],
2624 [ pid_t foo; foo = 1235; ],
2625 [ ac_cv_have_pid_t="yes" ],
2626 [ ac_cv_have_pid_t="no" ]
2627 )
2628])
2629if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2630 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2631fi
2632
2633AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2634 AC_TRY_COMPILE(
2635 [
2636#include <sys/types.h>
2637 ],
2638 [ mode_t foo; foo = 1235; ],
2639 [ ac_cv_have_mode_t="yes" ],
2640 [ ac_cv_have_mode_t="no" ]
2641 )
2642])
2643if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2644 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2645fi
2646
e3a93db0 2647
58d100bf 2648AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2649 AC_TRY_COMPILE(
2650 [
18ba2aab 2651#include <sys/types.h>
2652#include <sys/socket.h>
58d100bf 2653 ],
2654 [ struct sockaddr_storage s; ],
2655 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2656 [ ac_cv_have_struct_sockaddr_storage="no" ]
2657 )
2658])
2659if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2660 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2661 [define if you have struct sockaddr_storage data type])
58d100bf 2662fi
48e671d5 2663
58d100bf 2664AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2665 AC_TRY_COMPILE(
2666 [
cbd7492e 2667#include <sys/types.h>
58d100bf 2668#include <netinet/in.h>
2669 ],
2670 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2671 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2672 [ ac_cv_have_struct_sockaddr_in6="no" ]
2673 )
2674])
2675if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2676 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2677 [define if you have struct sockaddr_in6 data type])
58d100bf 2678fi
48e671d5 2679
58d100bf 2680AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2681 AC_TRY_COMPILE(
2682 [
cbd7492e 2683#include <sys/types.h>
58d100bf 2684#include <netinet/in.h>
2685 ],
2686 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2687 [ ac_cv_have_struct_in6_addr="yes" ],
2688 [ ac_cv_have_struct_in6_addr="no" ]
2689 )
2690])
2691if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2692 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2693 [define if you have struct in6_addr data type])
58d100bf 2694fi
48e671d5 2695
58d100bf 2696AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2697 AC_TRY_COMPILE(
2698 [
18ba2aab 2699#include <sys/types.h>
2700#include <sys/socket.h>
2701#include <netdb.h>
58d100bf 2702 ],
2703 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2704 [ ac_cv_have_struct_addrinfo="yes" ],
2705 [ ac_cv_have_struct_addrinfo="no" ]
2706 )
2707])
2708if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2709 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2710 [define if you have struct addrinfo data type])
58d100bf 2711fi
2712
89c7e31c 2713AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2714 AC_TRY_COMPILE(
aff51935 2715 [ #include <sys/time.h> ],
2716 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2717 [ ac_cv_have_struct_timeval="yes" ],
2718 [ ac_cv_have_struct_timeval="no" ]
2719 )
2720])
2721if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2722 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2723 have_struct_timeval=1
2724fi
2725
5271b55c 2726AC_CHECK_TYPES(struct timespec)
2727
85abc74b 2728# We need int64_t or else certian parts of the compile will fail.
4b492aab 2729if test "x$ac_cv_have_int64_t" = "xno" && \
2730 test "x$ac_cv_sizeof_long_int" != "x8" && \
2731 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2732 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2733 echo "an alternative compiler (I.E., GCC) before continuing."
2734 echo ""
2735 exit 1;
733cf7f4 2736else
2737dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2738 AC_RUN_IFELSE(
479cece8 2739 [AC_LANG_SOURCE([[
733cf7f4 2740#include <stdio.h>
2741#include <string.h>
2742#ifdef HAVE_SNPRINTF
2743main()
2744{
2745 char buf[50];
2746 char expected_out[50];
2747 int mazsize = 50 ;
2748#if (SIZEOF_LONG_INT == 8)
2749 long int num = 0x7fffffffffffffff;
2750#else
763a1a18 2751 long long num = 0x7fffffffffffffffll;
733cf7f4 2752#endif
2753 strcpy(expected_out, "9223372036854775807");
2754 snprintf(buf, mazsize, "%lld", num);
2755 if(strcmp(buf, expected_out) != 0)
aff51935 2756 exit(1);
733cf7f4 2757 exit(0);
2758}
2759#else
2760main() { exit(0); }
2761#endif
479cece8 2762 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2763 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2764 )
2c523de9 2765fi
2766
77bb0bca 2767dnl Checks for structure members
58d100bf 2768OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2769OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2770OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2771OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2772OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2773OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2774OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2775OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2776OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2777OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2778OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2779OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2780OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2781OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2782OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2783OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2784OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2785
2786AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2787AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2788 [Define if we don't have struct __res_state in resolv.h])],
2789[
2790#include <stdio.h>
2791#if HAVE_SYS_TYPES_H
2792# include <sys/types.h>
2793#endif
2794#include <netinet/in.h>
2795#include <arpa/nameser.h>
2796#include <resolv.h>
2797])
1d7b9b20 2798
58d100bf 2799AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2800 ac_cv_have_ss_family_in_struct_ss, [
2801 AC_TRY_COMPILE(
2802 [
18ba2aab 2803#include <sys/types.h>
2804#include <sys/socket.h>
58d100bf 2805 ],
2806 [ struct sockaddr_storage s; s.ss_family = 1; ],
2807 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2808 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2809 )
2810])
2811if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2812 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2813fi
2814
58d100bf 2815AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2816 ac_cv_have___ss_family_in_struct_ss, [
2817 AC_TRY_COMPILE(
2818 [
18ba2aab 2819#include <sys/types.h>
2820#include <sys/socket.h>
58d100bf 2821 ],
2822 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2823 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2824 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2825 )
2826])
2827if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2828 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2829 [Fields in struct sockaddr_storage])
58d100bf 2830fi
2831
2e73a022 2832AC_CACHE_CHECK([for pw_class field in struct passwd],
2833 ac_cv_have_pw_class_in_struct_passwd, [
2834 AC_TRY_COMPILE(
2835 [
2e73a022 2836#include <pwd.h>
2837 ],
97994d32 2838 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2839 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2840 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2841 )
2842])
2843if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2844 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2845 [Define if your password has a pw_class field])
2e73a022 2846fi
2847
7751d4eb 2848AC_CACHE_CHECK([for pw_expire field in struct passwd],
2849 ac_cv_have_pw_expire_in_struct_passwd, [
2850 AC_TRY_COMPILE(
2851 [
2852#include <pwd.h>
2853 ],
2854 [ struct passwd p; p.pw_expire = 0; ],
2855 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2856 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2857 )
2858])
2859if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2860 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2861 [Define if your password has a pw_expire field])
7751d4eb 2862fi
2863
2864AC_CACHE_CHECK([for pw_change field in struct passwd],
2865 ac_cv_have_pw_change_in_struct_passwd, [
2866 AC_TRY_COMPILE(
2867 [
2868#include <pwd.h>
2869 ],
2870 [ struct passwd p; p.pw_change = 0; ],
2871 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2872 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2873 )
2874])
2875if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2876 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2877 [Define if your password has a pw_change field])
7751d4eb 2878fi
58d100bf 2879
637f9177 2880dnl make sure we're using the real structure members and not defines
6f34652e 2881AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2882 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2883 AC_COMPILE_IFELSE(
6f34652e 2884 [
f95c8ce8 2885#include <sys/types.h>
6f34652e 2886#include <sys/socket.h>
2887#include <sys/uio.h>
637f9177 2888int main() {
2889#ifdef msg_accrights
1a01a50c 2890#error "msg_accrights is a macro"
637f9177 2891exit(1);
2892#endif
2893struct msghdr m;
2894m.msg_accrights = 0;
2895exit(0);
2896}
6f34652e 2897 ],
6f34652e 2898 [ ac_cv_have_accrights_in_msghdr="yes" ],
2899 [ ac_cv_have_accrights_in_msghdr="no" ]
2900 )
2901])
2902if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2903 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2904 [Define if your system uses access rights style
2905 file descriptor passing])
6f34652e 2906fi
2907
7176df4f 2908AC_CACHE_CHECK([for msg_control field in struct msghdr],
2909 ac_cv_have_control_in_msghdr, [
1a01a50c 2910 AC_COMPILE_IFELSE(
7176df4f 2911 [
f95c8ce8 2912#include <sys/types.h>
7176df4f 2913#include <sys/socket.h>
2914#include <sys/uio.h>
637f9177 2915int main() {
2916#ifdef msg_control
1a01a50c 2917#error "msg_control is a macro"
637f9177 2918exit(1);
2919#endif
2920struct msghdr m;
2921m.msg_control = 0;
2922exit(0);
2923}
7176df4f 2924 ],
7176df4f 2925 [ ac_cv_have_control_in_msghdr="yes" ],
2926 [ ac_cv_have_control_in_msghdr="no" ]
2927 )
2928])
2929if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2930 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2931 [Define if your system uses ancillary data style
2932 file descriptor passing])
7176df4f 2933fi
2934
58d100bf 2935AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2936 AC_TRY_LINK([],
2937 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2938 [ ac_cv_libc_defines___progname="yes" ],
2939 [ ac_cv_libc_defines___progname="no" ]
2940 )
2941])
2942if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2943 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2944fi
8946db53 2945
c921ee00 2946AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2947 AC_TRY_LINK([
2948#include <stdio.h>
aff51935 2949],
2950 [ printf("%s", __FUNCTION__); ],
c921ee00 2951 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2952 [ ac_cv_cc_implements___FUNCTION__="no" ]
2953 )
2954])
2955if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2956 AC_DEFINE(HAVE___FUNCTION__, 1,
2957 [Define if compiler implements __FUNCTION__])
c921ee00 2958fi
2959
2960AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2961 AC_TRY_LINK([
2962#include <stdio.h>
aff51935 2963],
2964 [ printf("%s", __func__); ],
c921ee00 2965 [ ac_cv_cc_implements___func__="yes" ],
2966 [ ac_cv_cc_implements___func__="no" ]
2967 )
2968])
2969if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2970 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2971fi
2972
9a406e1e 2973AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2974 AC_TRY_LINK(
2975 [#include <stdarg.h>
2976 va_list x,y;],
2977 [va_copy(x,y);],
2978 [ ac_cv_have_va_copy="yes" ],
2979 [ ac_cv_have_va_copy="no" ]
2980 )
2981])
2982if test "x$ac_cv_have_va_copy" = "xyes" ; then
2983 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2984fi
2985
2986AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2987 AC_TRY_LINK(
2988 [#include <stdarg.h>
2989 va_list x,y;],
2990 [__va_copy(x,y);],
2991 [ ac_cv_have___va_copy="yes" ],
2992 [ ac_cv_have___va_copy="no" ]
2993 )
2994])
2995if test "x$ac_cv_have___va_copy" = "xyes" ; then
2996 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2997fi
2998
1812a662 2999AC_CACHE_CHECK([whether getopt has optreset support],
3000 ac_cv_have_getopt_optreset, [
3001 AC_TRY_LINK(
3002 [
3003#include <getopt.h>
3004 ],
3005 [ extern int optreset; optreset = 0; ],
3006 [ ac_cv_have_getopt_optreset="yes" ],
3007 [ ac_cv_have_getopt_optreset="no" ]
3008 )
3009])
3010if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3011 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3012 [Define if your getopt(3) defines and uses optreset])
1812a662 3013fi
a0391976 3014
819b676f 3015AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3016 AC_TRY_LINK([],
3017 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3018 [ ac_cv_libc_defines_sys_errlist="yes" ],
3019 [ ac_cv_libc_defines_sys_errlist="no" ]
3020 )
3021])
3022if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3023 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3024 [Define if your system defines sys_errlist[]])
819b676f 3025fi
3026
3027
416ed5a7 3028AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3029 AC_TRY_LINK([],
3030 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3031 [ ac_cv_libc_defines_sys_nerr="yes" ],
3032 [ ac_cv_libc_defines_sys_nerr="no" ]
3033 )
3034])
3035if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3036 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3037fi
3038
aff51935 3039SCARD_MSG="no"
295c8801 3040# Check whether user wants sectok support
3041AC_ARG_WITH(sectok,
3042 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3043 [
3044 if test "x$withval" != "xno" ; then
3045 if test "x$withval" != "xyes" ; then
3046 CPPFLAGS="$CPPFLAGS -I${withval}"
3047 LDFLAGS="$LDFLAGS -L${withval}"
3048 if test ! -z "$need_dash_r" ; then
3049 LDFLAGS="$LDFLAGS -R${withval}"
3050 fi
3051 if test ! -z "$blibpath" ; then
3052 blibpath="$blibpath:${withval}"
3053 fi
3054 fi
3055 AC_CHECK_HEADERS(sectok.h)
3056 if test "$ac_cv_header_sectok_h" != yes; then
3057 AC_MSG_ERROR(Can't find sectok.h)
3058 fi
3059 AC_CHECK_LIB(sectok, sectok_open)
3060 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3061 AC_MSG_ERROR(Can't find libsectok)
3062 fi
3466e002 3063 AC_DEFINE(SMARTCARD, 1,
3064 [Define if you want smartcard support])
3065 AC_DEFINE(USE_SECTOK, 1,
3066 [Define if you want smartcard support
3067 using sectok])
aff51935 3068 SCARD_MSG="yes, using sectok"
295c8801 3069 fi
3070 ]
3071)
3072
3073# Check whether user wants OpenSC support
987b458f 3074OPENSC_CONFIG="no"
295c8801 3075AC_ARG_WITH(opensc,
e47fb473 3076 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3077 [
3078 if test "x$withval" != "xno" ; then
3079 if test "x$withval" != "xyes" ; then
3080 OPENSC_CONFIG=$withval/bin/opensc-config
3081 else
3082 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3083 fi
3084 if test "$OPENSC_CONFIG" != "no"; then
3085 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3086 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3087 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3088 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3089 AC_DEFINE(SMARTCARD)
3466e002 3090 AC_DEFINE(USE_OPENSC, 1,
3091 [Define if you want smartcard support
3092 using OpenSC])
987b458f 3093 SCARD_MSG="yes, using OpenSC"
3094 fi
3095 fi
3096 ]
3097)
d0b19c95 3098
c31dc31c 3099# Check libraries needed by DNS fingerprint support
aff51935 3100AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3101 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3102 [Define if getrrsetbyname() exists])],
3e05e934 3103 [
c31dc31c 3104 # Needed by our getrrsetbyname()
3105 AC_SEARCH_LIBS(res_query, resolv)
3106 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3107 AC_MSG_CHECKING(if res_query will link)
3108 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3109 [AC_MSG_RESULT(no)
3110 saved_LIBS="$LIBS"
3111 LIBS="$LIBS -lresolv"
3112 AC_MSG_CHECKING(for res_query in -lresolv)
3113 AC_LINK_IFELSE([
3114#include <resolv.h>
3115int main()
3116{
3117 res_query (0, 0, 0, 0, 0);
3118 return 0;
3119}
3120 ],
3121 [LIBS="$LIBS -lresolv"
3122 AC_MSG_RESULT(yes)],
3123 [LIBS="$saved_LIBS"
3124 AC_MSG_RESULT(no)])
3125 ])
c31dc31c 3126 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3127 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3128 [#include <sys/types.h>
3129 #include <arpa/nameser.h>])
c31dc31c 3130 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3131 [AC_DEFINE(HAVE_HEADER_AD, 1,
3132 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3133 [#include <arpa/nameser.h>])
3134 ])
3e05e934 3135
ef4d1846 3136# Check whether user wants SELinux support
3137SELINUX_MSG="no"
3138LIBSELINUX=""
3139AC_ARG_WITH(selinux,
3140 [ --with-selinux Enable SELinux support],
3141 [ if test "x$withval" != "xno" ; then
3142 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3143 SELINUX_MSG="yes"
3144 AC_CHECK_HEADER([selinux/selinux.h], ,
3145 AC_MSG_ERROR(SELinux support requires selinux.h header))
3146 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3147 AC_MSG_ERROR(SELinux support requires libselinux library))
5ba277eb 3148 save_LIBS="$LIBS"
3149 LIBS="$LIBS $LIBSELINUX"
ef4d1846 3150 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3151 LIBS="$save_LIBS"
ef4d1846 3152 fi ]
3153)
3154AC_SUBST(LIBSELINUX)
3155
12928e80 3156# Check whether user wants Kerberos 5 support
aff51935 3157KRB5_MSG="no"
12928e80 3158AC_ARG_WITH(kerberos5,
aff51935 3159 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3160 [ if test "x$withval" != "xno" ; then
3161 if test "x$withval" = "xyes" ; then
3162 KRB5ROOT="/usr/local"
3163 else
3164 KRB5ROOT=${withval}
3165 fi
3166
3466e002 3167 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3168 KRB5_MSG="yes"
3169
3170 AC_MSG_CHECKING(for krb5-config)
3171 if test -x $KRB5ROOT/bin/krb5-config ; then
3172 KRB5CONF=$KRB5ROOT/bin/krb5-config
3173 AC_MSG_RESULT($KRB5CONF)
3174
3175 AC_MSG_CHECKING(for gssapi support)
3176 if $KRB5CONF | grep gssapi >/dev/null ; then
3177 AC_MSG_RESULT(yes)
3466e002 3178 AC_DEFINE(GSSAPI, 1,
3179 [Define this if you want GSSAPI
3180 support in the version 2 protocol])
071970fb 3181 k5confopts=gssapi
aff51935 3182 else
5585c441 3183 AC_MSG_RESULT(no)
071970fb 3184 k5confopts=""
aff51935 3185 fi
071970fb 3186 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3187 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3188 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3189 AC_MSG_CHECKING(whether we are using Heimdal)
3190 AC_TRY_COMPILE([ #include <krb5.h> ],
3191 [ char *tmp = heimdal_version; ],
3192 [ AC_MSG_RESULT(yes)
3466e002 3193 AC_DEFINE(HEIMDAL, 1,
3194 [Define this if you are using the
3195 Heimdal version of Kerberos V5]) ],
5585c441 3196 AC_MSG_RESULT(no)
3197 )
3198 else
3199 AC_MSG_RESULT(no)
12928e80 3200 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3201 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3202 AC_MSG_CHECKING(whether we are using Heimdal)
3203 AC_TRY_COMPILE([ #include <krb5.h> ],
3204 [ char *tmp = heimdal_version; ],
3205 [ AC_MSG_RESULT(yes)
3206 AC_DEFINE(HEIMDAL)
41707f74 3207 K5LIBS="-lkrb5 -ldes"
3208 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3209 AC_CHECK_LIB(roken, net_write,
41707f74 3210 [K5LIBS="$K5LIBS -lroken"])
aff51935 3211 ],
3212 [ AC_MSG_RESULT(no)
3213 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3214 ]
3215 )
4e00038c 3216 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3217
749560dd 3218 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3219 [ AC_DEFINE(GSSAPI)
3220 K5LIBS="-lgssapi $K5LIBS" ],
3221 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3222 [ AC_DEFINE(GSSAPI)
aff51935 3223 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3224 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3225 $K5LIBS)
3226 ],
3227 $K5LIBS)
82f4e93d 3228
749560dd 3229 AC_CHECK_HEADER(gssapi.h, ,
3230 [ unset ac_cv_header_gssapi_h
aff51935 3231 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3232 AC_CHECK_HEADERS(gssapi.h, ,
3233 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3234 )
749560dd 3235 ]
3236 )
3237
3238 oldCPP="$CPPFLAGS"
3239 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3240 AC_CHECK_HEADER(gssapi_krb5.h, ,
3241 [ CPPFLAGS="$oldCPP" ])
3242
aff51935 3243 fi
5585c441 3244 if test ! -z "$need_dash_r" ; then
3245 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3246 fi
3247 if test ! -z "$blibpath" ; then
3248 blibpath="$blibpath:${KRB5ROOT}/lib"
3249 fi
071970fb 3250
f5555364 3251 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3252 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3253 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3254
f5555364 3255 LIBS="$LIBS $K5LIBS"
3466e002 3256 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3257 [Define this if you want to use libkafs' AFS support]))
f5555364 3258 fi
071970fb 3259 ]
12928e80 3260)
b5b68128 3261
a0391976 3262# Looking for programs, paths and files
a0391976 3263
ecac8ee5 3264PRIVSEP_PATH=/var/empty
3265AC_ARG_WITH(privsep-path,
cda1ebcb 3266 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3267 [
6cf0200f 3268 if test -n "$withval" && test "x$withval" != "xno" && \
3269 test "x${withval}" != "xyes"; then
ecac8ee5 3270 PRIVSEP_PATH=$withval
3271 fi
3272 ]
3273)
3274AC_SUBST(PRIVSEP_PATH)
3275
a0391976 3276AC_ARG_WITH(xauth,
3277 [ --with-xauth=PATH Specify path to xauth program ],
3278 [
6cf0200f 3279 if test -n "$withval" && test "x$withval" != "xno" && \
3280 test "x${withval}" != "xyes"; then
cbd7492e 3281 xauth_path=$withval
a0391976 3282 fi
3283 ],
3284 [
2bf42e4a 3285 TestPath="$PATH"
3286 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3287 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3288 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3289 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3290 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3291 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3292 xauth_path="/usr/openwin/bin/xauth"
3293 fi
3294 ]
3295)
3296
65a4b4af 3297STRIP_OPT=-s
3298AC_ARG_ENABLE(strip,
3299 [ --disable-strip Disable calling strip(1) on install],
3300 [
3301 if test "x$enableval" = "xno" ; then
3302 STRIP_OPT=
3303 fi
3304 ]
3305)
3306AC_SUBST(STRIP_OPT)
3307
b3ec54b4 3308if test -z "$xauth_path" ; then
3309 XAUTH_PATH="undefined"
3310 AC_SUBST(XAUTH_PATH)
3311else
3466e002 3312 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3313 [Define if xauth is found in your path])
b3ec54b4 3314 XAUTH_PATH=$xauth_path
3315 AC_SUBST(XAUTH_PATH)
a0391976 3316fi
a0391976 3317
3318# Check for mail directory (last resort if we cannot get it from headers)
3319if test ! -z "$MAIL" ; then
3320 maildir=`dirname $MAIL`
3466e002 3321 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3322 [Set this to your mail directory if you don't have maillock.h])
a0391976 3323fi
3324
479cece8 3325if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3326 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3327 disable_ptmx_check=yes
3328fi
a0391976 3329if test -z "$no_dev_ptmx" ; then
6e879cb4 3330 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3331 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3332 [
3466e002 3333 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3334 [Define if you have /dev/ptmx])
6e879cb4 3335 have_dev_ptmx=1
3336 ]
3337 )
3338 fi
3276571c 3339fi
1a01a50c 3340
479cece8 3341if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3342 AC_CHECK_FILE("/dev/ptc",
3343 [
3466e002 3344 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3345 [Define if you have /dev/ptc])
1a01a50c 3346 have_dev_ptc=1
3347 ]
3348 )
3349else
3350 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3351fi
3276571c 3352
a0391976 3353# Options from here on. Some of these are preset by platform above
fdf6b7aa 3354AC_ARG_WITH(mantype,
5d97cfbf 3355 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3356 [
5d97cfbf 3357 case "$withval" in
3358 man|cat|doc)
3359 MANTYPE=$withval
3360 ;;
3361 *)
3362 AC_MSG_ERROR(invalid man type: $withval)
3363 ;;
3364 esac
c54a6257 3365 ]
3366)
e0c4d3ac 3367if test -z "$MANTYPE"; then
2bf42e4a 3368 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3369 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3370 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3371 MANTYPE=doc
3372 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3373 MANTYPE=man
3374 else
3375 MANTYPE=cat
3376 fi
3377fi
c54a6257 3378AC_SUBST(MANTYPE)
e0c4d3ac 3379if test "$MANTYPE" = "doc"; then
3380 mansubdir=man;
3381else
3382 mansubdir=$MANTYPE;
3383fi
3384AC_SUBST(mansubdir)
0bc5b6fb 3385
a0391976 3386# Check whether to enable MD5 passwords
aff51935 3387MD5_MSG="no"
2ddcfdf3 3388AC_ARG_WITH(md5-passwords,
caf3bc51 3389 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3390 [
bcf36c78 3391 if test "x$withval" != "xno" ; then
3466e002 3392 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3393 [Define if you want to allow MD5 passwords])
aff51935 3394 MD5_MSG="yes"
0bc5b6fb 3395 fi
3396 ]
caf3bc51 3397)
3398
a0391976 3399# Whether to disable shadow password support
a7effaac 3400AC_ARG_WITH(shadow,
3401 [ --without-shadow Disable shadow password support],
3402 [
82f4e93d 3403 if test "x$withval" = "xno" ; then
a7effaac 3404 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3405 disable_shadow=yes
a7effaac 3406 fi
3407 ]
3408)
3409
4cb5ffa0 3410if test -z "$disable_shadow" ; then
3411 AC_MSG_CHECKING([if the systems has expire shadow information])
3412 AC_TRY_COMPILE(
3413 [
3414#include <sys/types.h>
3415#include <shadow.h>
3416 struct spwd sp;
3417 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3418 [ sp_expire_available=yes ], []
3419 )
3420
3421 if test "x$sp_expire_available" = "xyes" ; then
3422 AC_MSG_RESULT(yes)
3466e002 3423 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3424 [Define if you want to use shadow password expire field])
4cb5ffa0 3425 else
3426 AC_MSG_RESULT(no)
3427 fi
3428fi
3429
a0391976 3430# Use ip address instead of hostname in $DISPLAY
44839801 3431if test ! -z "$IPADDR_IN_DISPLAY" ; then
3432 DISPLAY_HACK_MSG="yes"
3466e002 3433 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3434 [Define if you need to use IP address
3435 instead of hostname in $DISPLAY])
44839801 3436else
aff51935 3437 DISPLAY_HACK_MSG="no"
44839801 3438 AC_ARG_WITH(ipaddr-display,
3439 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3440 [
82f4e93d 3441 if test "x$withval" != "xno" ; then
44839801 3442 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3443 DISPLAY_HACK_MSG="yes"
44839801 3444 fi
3445 ]
3446 )
3447fi
a7effaac 3448
95b99395 3449# check for /etc/default/login and use it if present.
daa41e62 3450AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3451 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3452 [ if test "x$enableval" = "xno"; then
3453 AC_MSG_NOTICE([/etc/default/login handling disabled])
3454 etc_default_login=no
3455 else
3456 etc_default_login=yes
3457 fi ],
b0e7249f 3458 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3459 then
3460 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3461 etc_default_login=no
3462 else
3463 etc_default_login=yes
3464 fi ]
694d0cef 3465)
95b99395 3466
694d0cef 3467if test "x$etc_default_login" != "xno"; then
3468 AC_CHECK_FILE("/etc/default/login",
3469 [ external_path_file=/etc/default/login ])
b0e7249f 3470 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3471 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3472 [Define if your system has /etc/default/login])
1a01a50c 3473 fi
694d0cef 3474fi
95b99395 3475
8d184c09 3476dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3477if test $ac_cv_func_login_getcapbool = "yes" && \
3478 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3479 external_path_file=/etc/login.conf
8d184c09 3480fi
95b99395 3481
a0391976 3482# Whether to mess with the default path
aff51935 3483SERVER_PATH_MSG="(default)"
c43d69a9 3484AC_ARG_WITH(default-path,
75817f90 3485 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3486 [
95b99395 3487 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3488 AC_MSG_WARN([
3489--with-default-path=PATH has no effect on this system.
3490Edit /etc/login.conf instead.])
82f4e93d 3491 elif test "x$withval" != "xno" ; then
89bbd457 3492 if test ! -z "$external_path_file" ; then
95b99395 3493 AC_MSG_WARN([
3494--with-default-path=PATH will only be used if PATH is not defined in
3495$external_path_file .])
3496 fi
b2d818e6 3497 user_path="$withval"
aff51935 3498 SERVER_PATH_MSG="$withval"
cb807f40 3499 fi
b2d818e6 3500 ],
95b99395 3501 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3502 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3503 else
89bbd457 3504 if test ! -z "$external_path_file" ; then
95b99395 3505 AC_MSG_WARN([
3506If PATH is defined in $external_path_file, ensure the path to scp is included,
3507otherwise scp will not work.])
3508 fi
b0e7249f 3509 AC_RUN_IFELSE(
3510 [AC_LANG_SOURCE([[
b2d818e6 3511/* find out what STDPATH is */
3512#include <stdio.h>
b2d818e6 3513#ifdef HAVE_PATHS_H
3514# include <paths.h>
3515#endif
3516#ifndef _PATH_STDPATH
d9a4e55b 3517# ifdef _PATH_USERPATH /* Irix */
3518# define _PATH_STDPATH _PATH_USERPATH
3519# else
3520# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3521# endif
b2d818e6 3522#endif
3523#include <sys/types.h>
3524#include <sys/stat.h>
3525#include <fcntl.h>
3526#define DATA "conftest.stdpath"
3527
3528main()
3529{
3530 FILE *fd;
3531 int rc;
82f4e93d 3532
b2d818e6 3533 fd = fopen(DATA,"w");
3534 if(fd == NULL)
3535 exit(1);
82f4e93d 3536
b2d818e6 3537 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3538 exit(1);
3539
3540 exit(0);
3541}
b0e7249f 3542 ]])],
3543 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3544 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3545 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3546 )
3547# make sure $bindir is in USER_PATH so scp will work
3548 t_bindir=`eval echo ${bindir}`
3549 case $t_bindir in
3550 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3551 esac
3552 case $t_bindir in
3553 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3554 esac
3555 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3556 if test $? -ne 0 ; then
3557 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3558 if test $? -ne 0 ; then
3559 user_path=$user_path:$t_bindir
3560 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3561 fi
3562 fi
8d184c09 3563 fi ]
cb807f40 3564)
95b99395 3565if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3566 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3567 AC_SUBST(user_path)
3568fi
cb807f40 3569
06617857 3570# Set superuser path separately to user path
06617857 3571AC_ARG_WITH(superuser-path,
3572 [ --with-superuser-path= Specify different path for super-user],
3573 [
6cf0200f 3574 if test -n "$withval" && test "x$withval" != "xno" && \
3575 test "x${withval}" != "xyes"; then
3466e002 3576 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3577 [Define if you want a different $PATH
3578 for the superuser])
06617857 3579 superuser_path=$withval
3580 fi
3581 ]
3582)
3583
3584
58d100bf 3585AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3586IPV4_IN6_HACK_MSG="no"
80faa19f 3587AC_ARG_WITH(4in6,
3588 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3589 [
3590 if test "x$withval" != "xno" ; then
3591 AC_MSG_RESULT(yes)
3466e002 3592 AC_DEFINE(IPV4_IN_IPV6, 1,
3593 [Detect IPv4 in IPv6 mapped addresses
3594 and treat as IPv4])
aff51935 3595 IPV4_IN6_HACK_MSG="yes"
80faa19f 3596 else
3597 AC_MSG_RESULT(no)
3598 fi
3599 ],[
3600 if test "x$inet6_default_4in6" = "xyes"; then
3601 AC_MSG_RESULT([yes (default)])
3602 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3603 IPV4_IN6_HACK_MSG="yes"
80faa19f 3604 else
3605 AC_MSG_RESULT([no (default)])
3606 fi
3607 ]
3608)
3609
af774732 3610# Whether to enable BSD auth support
f1b0ecc3 3611BSD_AUTH_MSG=no
af774732 3612AC_ARG_WITH(bsd-auth,
3613 [ --with-bsd-auth Enable BSD auth support],
3614 [
82f4e93d 3615 if test "x$withval" != "xno" ; then
3466e002 3616 AC_DEFINE(BSD_AUTH, 1,
3617 [Define if you have BSD auth support])
f1b0ecc3 3618 BSD_AUTH_MSG=yes
af774732 3619 fi
3620 ]
3621)
3622
a0391976 3623# Where to place sshd.pid
19d9ac2a 3624piddir=/var/run
81dadca3 3625# make sure the directory exists
82f4e93d 3626if test ! -d $piddir ; then
81dadca3 3627 piddir=`eval echo ${sysconfdir}`
3628 case $piddir in
aff51935 3629 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3630 esac
3631fi
3632
47e45e44 3633AC_ARG_WITH(pid-dir,
3634 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3635 [
6cf0200f 3636 if test -n "$withval" && test "x$withval" != "xno" && \
3637 test "x${withval}" != "xyes"; then
19d9ac2a 3638 piddir=$withval
82f4e93d 3639 if test ! -d $piddir ; then
81dadca3 3640 AC_MSG_WARN([** no $piddir directory on this system **])
3641 fi
47e45e44 3642 fi
3643 ]
3644)
b7a87eea 3645
3466e002 3646AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3647AC_SUBST(piddir)
47e45e44 3648
1d7b9b20 3649dnl allow user to disable some login recording features
3650AC_ARG_ENABLE(lastlog,
bfd550a2 3651 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3652 [
3653 if test "x$enableval" = "xno" ; then
3654 AC_DEFINE(DISABLE_LASTLOG)
3655 fi
3656 ]
1d7b9b20 3657)
3658AC_ARG_ENABLE(utmp,
bfd550a2 3659 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3660 [
3661 if test "x$enableval" = "xno" ; then
3662 AC_DEFINE(DISABLE_UTMP)
3663 fi
3664 ]
1d7b9b20 3665)
3666AC_ARG_ENABLE(utmpx,
bfd550a2 3667 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3668 [
3669 if test "x$enableval" = "xno" ; then
3466e002 3670 AC_DEFINE(DISABLE_UTMPX, 1,
3671 [Define if you don't want to use utmpx])
ddb154b3 3672 fi
3673 ]
1d7b9b20 3674)
3675AC_ARG_ENABLE(wtmp,
bfd550a2 3676 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3677 [
3678 if test "x$enableval" = "xno" ; then
3679 AC_DEFINE(DISABLE_WTMP)
3680 fi
3681 ]
1d7b9b20 3682)
3683AC_ARG_ENABLE(wtmpx,
bfd550a2 3684 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3685 [
3686 if test "x$enableval" = "xno" ; then
3466e002 3687 AC_DEFINE(DISABLE_WTMPX, 1,
3688 [Define if you don't want to use wtmpx])
ddb154b3 3689 fi
3690 ]
1d7b9b20 3691)
3692AC_ARG_ENABLE(libutil,
bfd550a2 3693 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3694 [
3695 if test "x$enableval" = "xno" ; then
3696 AC_DEFINE(DISABLE_LOGIN)
3697 fi
3698 ]
1d7b9b20 3699)
3700AC_ARG_ENABLE(pututline,
bfd550a2 3701 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3702 [
3703 if test "x$enableval" = "xno" ; then
3466e002 3704 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3705 [Define if you don't want to use pututline()
3706 etc. to write [uw]tmp])
ddb154b3 3707 fi
3708 ]
1d7b9b20 3709)
3710AC_ARG_ENABLE(pututxline,
bfd550a2 3711 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3712 [
3713 if test "x$enableval" = "xno" ; then
3466e002 3714 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3715 [Define if you don't want to use pututxline()
3716 etc. to write [uw]tmpx])
ddb154b3 3717 fi
3718 ]
1d7b9b20 3719)
3720AC_ARG_WITH(lastlog,
bfd550a2 3721 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3722 [
82f4e93d 3723 if test "x$withval" = "xno" ; then
8c89dd2b 3724 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3725 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3726 conf_lastlog_location=$withval
3727 fi
3728 ]
3729)
1d7b9b20 3730
3731dnl lastlog, [uw]tmpx? detection
3732dnl NOTE: set the paths in the platform section to avoid the
3733dnl need for command-line parameters
3734dnl lastlog and [uw]tmp are subject to a file search if all else fails
3735
3736dnl lastlog detection
3737dnl NOTE: the code itself will detect if lastlog is a directory
3738AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3739AC_TRY_COMPILE([
3740#include <sys/types.h>
3741#include <utmp.h>
3742#ifdef HAVE_LASTLOG_H
3743# include <lastlog.h>
3744#endif
d7c0f3d5 3745#ifdef HAVE_PATHS_H
1d7b9b20 3746# include <paths.h>
41cb4569 3747#endif
3748#ifdef HAVE_LOGIN_H
3749# include <login.h>
1d7b9b20 3750#endif
3751 ],
3752 [ char *lastlog = LASTLOG_FILE; ],
3753 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3754 [
3755 AC_MSG_RESULT(no)
3756 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3757 AC_TRY_COMPILE([
3758#include <sys/types.h>
3759#include <utmp.h>
3760#ifdef HAVE_LASTLOG_H
3761# include <lastlog.h>
3762#endif
3763#ifdef HAVE_PATHS_H
3764# include <paths.h>
3765#endif
3766 ],
3767 [ char *lastlog = _PATH_LASTLOG; ],
3768 [ AC_MSG_RESULT(yes) ],
3769 [
f282b668 3770 AC_MSG_RESULT(no)
d7c0f3d5 3771 system_lastlog_path=no
3772 ])
3773 ]
1d7b9b20 3774)
d7c0f3d5 3775
1d7b9b20 3776if test -z "$conf_lastlog_location"; then
3777 if test x"$system_lastlog_path" = x"no" ; then
3778 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3779 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3780 conf_lastlog_location=$f
3781 fi
3782 done
3783 if test -z "$conf_lastlog_location"; then
f8119cef 3784 AC_MSG_WARN([** Cannot find lastlog **])
3785 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3786 fi
3787 fi
3788fi
3789
3790if test -n "$conf_lastlog_location"; then
3466e002 3791 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3792 [Define if you want to specify the path to your lastlog file])
82f4e93d 3793fi
1d7b9b20 3794
3795dnl utmp detection
3796AC_MSG_CHECKING([if your system defines UTMP_FILE])
3797AC_TRY_COMPILE([
3798#include <sys/types.h>
3799#include <utmp.h>
d7c0f3d5 3800#ifdef HAVE_PATHS_H
1d7b9b20 3801# include <paths.h>
3802#endif
3803 ],
3804 [ char *utmp = UTMP_FILE; ],
3805 [ AC_MSG_RESULT(yes) ],
3806 [ AC_MSG_RESULT(no)
3807 system_utmp_path=no ]
3808)
3809if test -z "$conf_utmp_location"; then
3810 if test x"$system_utmp_path" = x"no" ; then
3811 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3812 if test -f $f ; then
3813 conf_utmp_location=$f
3814 fi
3815 done
3816 if test -z "$conf_utmp_location"; then
3817 AC_DEFINE(DISABLE_UTMP)
3818 fi
3819 fi
3820fi
3821if test -n "$conf_utmp_location"; then
3466e002 3822 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3823 [Define if you want to specify the path to your utmp file])
82f4e93d 3824fi
1d7b9b20 3825
3826dnl wtmp detection
3827AC_MSG_CHECKING([if your system defines WTMP_FILE])
3828AC_TRY_COMPILE([
3829#include <sys/types.h>
3830#include <utmp.h>
d7c0f3d5 3831#ifdef HAVE_PATHS_H
1d7b9b20 3832# include <paths.h>
3833#endif
3834 ],
3835 [ char *wtmp = WTMP_FILE; ],
3836 [ AC_MSG_RESULT(yes) ],
3837 [ AC_MSG_RESULT(no)
3838 system_wtmp_path=no ]
3839)
3840if test -z "$conf_wtmp_location"; then
3841 if test x"$system_wtmp_path" = x"no" ; then
3842 for f in /usr/adm/wtmp /var/log/wtmp; do
3843 if test -f $f ; then
3844 conf_wtmp_location=$f
3845 fi
3846 done
3847 if test -z "$conf_wtmp_location"; then
3848 AC_DEFINE(DISABLE_WTMP)
3849 fi
3850 fi
3851fi
3852if test -n "$conf_wtmp_location"; then
3466e002 3853 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3854 [Define if you want to specify the path to your wtmp file])
82f4e93d 3855fi
1d7b9b20 3856
3857
3858dnl utmpx detection - I don't know any system so perverse as to require
3859dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3860dnl there, though.
3861AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3862AC_TRY_COMPILE([
3863#include <sys/types.h>
3864#include <utmp.h>
3865#ifdef HAVE_UTMPX_H
3866#include <utmpx.h>
3867#endif
d7c0f3d5 3868#ifdef HAVE_PATHS_H
1d7b9b20 3869# include <paths.h>
3870#endif
3871 ],
3872 [ char *utmpx = UTMPX_FILE; ],
3873 [ AC_MSG_RESULT(yes) ],
3874 [ AC_MSG_RESULT(no)
3875 system_utmpx_path=no ]
3876)
3877if test -z "$conf_utmpx_location"; then
3878 if test x"$system_utmpx_path" = x"no" ; then
3879 AC_DEFINE(DISABLE_UTMPX)
3880 fi
3881else
3466e002 3882 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3883 [Define if you want to specify the path to your utmpx file])
82f4e93d 3884fi
1d7b9b20 3885
3886dnl wtmpx detection
3887AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3888AC_TRY_COMPILE([
3889#include <sys/types.h>
3890#include <utmp.h>
3891#ifdef HAVE_UTMPX_H
3892#include <utmpx.h>
3893#endif
d7c0f3d5 3894#ifdef HAVE_PATHS_H
1d7b9b20 3895# include <paths.h>
3896#endif
3897 ],
3898 [ char *wtmpx = WTMPX_FILE; ],
3899 [ AC_MSG_RESULT(yes) ],
3900 [ AC_MSG_RESULT(no)
3901 system_wtmpx_path=no ]
3902)
3903if test -z "$conf_wtmpx_location"; then
3904 if test x"$system_wtmpx_path" = x"no" ; then
3905 AC_DEFINE(DISABLE_WTMPX)
3906 fi
3907else
3466e002 3908 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3909 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3910fi
1d7b9b20 3911
b7a87eea 3912
bd499f9e 3913if test ! -z "$blibpath" ; then
68ece370 3914 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3915 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3916fi
3917
ed89c848 3918dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3919dnl Add now.
3920CFLAGS="$CFLAGS $werror_flags"
3921
3c62e7eb 3922AC_EXEEXT
29eadd7c 3923AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
3924 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
3925 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3926AC_OUTPUT
d3083fbd 3927
cbd7492e 3928# Print summary of options
3929
cbd7492e 3930# Someone please show me a better way :)
3931A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3932B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3933C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3934D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3935E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3936F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3937G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3938H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3939I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3940J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3941
3942echo ""
26de7942 3943echo "OpenSSH has been configured with the following options:"
ecac8ee5 3944echo " User binaries: $B"
3945echo " System binaries: $C"
3946echo " Configuration files: $D"
3947echo " Askpass program: $E"
3948echo " Manual pages: $F"
3949echo " PID file: $G"
3950echo " Privilege separation chroot path: $H"
95b99395 3951if test "x$external_path_file" = "x/etc/login.conf" ; then
3952echo " At runtime, sshd will use the path defined in $external_path_file"
3953echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3954else
ecac8ee5 3955echo " sshd default user PATH: $I"
89bbd457 3956 if test ! -z "$external_path_file"; then
95b99395 3957echo " (If PATH is set in $external_path_file it will be used instead. If"
3958echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3959 fi
8d184c09 3960fi
06617857 3961if test ! -z "$superuser_path" ; then
ecac8ee5 3962echo " sshd superuser user PATH: $J"
3963fi
3964echo " Manpage format: $MANTYPE"
3e05e934 3965echo " PAM support: $PAM_MSG"
5b84789f 3966echo " OSF SIA support: $SIA_MSG"
ecac8ee5 3967echo " KerberosV support: $KRB5_MSG"
ef4d1846 3968echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3969echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3970echo " S/KEY support: $SKEY_MSG"
3971echo " TCP Wrappers support: $TCPW_MSG"
3972echo " MD5 password support: $MD5_MSG"
59031773 3973echo " libedit support: $LIBEDIT_MSG"
5b84789f 3974echo " Solaris process contract support: $SPC_MSG"
3deb1408 3975echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3976echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3977echo " BSD Auth support: $BSD_AUTH_MSG"
3978echo " Random number source: $RAND_MSG"
f1b0ecc3 3979if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3980echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3981fi
3982
cbd7492e 3983echo ""
3984
0c2fb82f 3985echo " Host: ${host}"
3986echo " Compiler: ${CC}"
3987echo " Compiler flags: ${CFLAGS}"
3988echo "Preprocessor flags: ${CPPFLAGS}"
3989echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3990echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3991
3992echo ""
3993
9cefe228 3994if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3995 echo "SVR4 style packages are supported with \"make package\""
3996 echo ""
9cefe228 3997fi
3998
adeebd37 3999if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4000 echo "PAM is enabled. You may need to install a PAM control file "
4001 echo "for sshd, otherwise password authentication may fail. "
aff51935 4002 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4003 echo "subdirectory"
adeebd37 4004 echo ""
4005fi
4006
f1b0ecc3 4007if test ! -z "$RAND_HELPER_CMDHASH" ; then
4008 echo "WARNING: you are using the builtin random number collection "
4009 echo "service. Please read WARNING.RNG and request that your OS "
4010 echo "vendor includes kernel-based random number collection in "
4011 echo "future versions of your OS."
2c523de9 4012 echo ""
4013fi
af774732 4014
2f6f9cff 4015if test ! -z "$NO_PEERCHECK" ; then
4016 echo "WARNING: the operating system that you are using does not "
4017 echo "appear to support either the getpeereid() API nor the "
4018 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
4019 echo "enforce security checks to prevent unauthorised connections to "
4020 echo "ssh-agent. Their absence increases the risk that a malicious "
4021 echo "user can connect to your agent. "
4022 echo ""
4023fi
4024
7b578f7d 4025if test "$AUDIT_MODULE" = "bsm" ; then
4026 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4027 echo "See the Solaris section in README.platform for details."
4028fi
git-cvsimport mirror of OpenSSH
This page took 1.082958 seconds and 5 git commands to generate.