]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- dtucker@cvs.openbsd.org 2005/07/14 04:00:43
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
82f4e93d 78
d423d822 79AC_C_INLINE
dfafb2e1 80
81AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
82
aff51935 83if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 84 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
44d71ad5 85 CFLAGS="$CFLAGS -Wsign-compare"
8a3ff1aa 86
dfafb2e1 87 if test -z "$have_llong_max"; then
88 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
89 unset ac_cv_have_decl_LLONG_MAX
90 saved_CFLAGS="$CFLAGS"
91 CFLAGS="$CFLAGS -std=gnu99"
92 AC_CHECK_DECL(LLONG_MAX,
93 [have_llong_max=1],
94 [CFLAGS="$saved_CFLAGS"],
95 [#include <limits.h>]
96 )
97 fi
d423d822 98fi
99
343ba2ce 100if test -z "$have_llong_max"; then
101 AC_MSG_CHECKING([for max value of long long])
102 AC_RUN_IFELSE(
103 [AC_LANG_SOURCE([[
104#include <stdio.h>
105/* Why is this so damn hard? */
106#ifdef __GNUC__
107# undef __GNUC__
108#endif
109#define __USE_ISOC99
110#include <limits.h>
111#define DATA "conftest.llminmax"
112int main(void) {
113 FILE *f;
114 long long i, llmin, llmax = 0;
115
116 if((f = fopen(DATA,"w")) == NULL)
117 exit(1);
118
119#if defined(LLONG_MIN) && defined(LLONG_MAX)
120 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
121 llmin = LLONG_MIN;
122 llmax = LLONG_MAX;
123#else
124 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
125 /* This will work on one's complement and two's complement */
126 for (i = 1; i > llmax; i <<= 1, i++)
127 llmax = i;
128 llmin = llmax + 1LL; /* wrap */
129#endif
130
131 /* Sanity check */
132 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
133 || llmax - 1 > llmax) {
134 fprintf(f, "unknown unknown\n");
135 exit(2);
136 }
137
138 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
139 exit(3);
140
141 exit(0);
142}
143 ]])],
144 [
145 llong_min=`$AWK '{print $1}' conftest.llminmax`
146 llong_max=`$AWK '{print $2}' conftest.llminmax`
147 AC_MSG_RESULT($llong_max)
148 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
149 [max value of long long calculated by configure])
150 AC_MSG_CHECKING([for min value of long long])
151 AC_MSG_RESULT($llong_min)
152 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
153 [min value of long long calculated by configure])
154 ],
155 [
156 AC_MSG_RESULT(not found)
157 ],
158 [
159 AC_MSG_WARN([cross compiling: not checking])
160 ]
161 )
162fi
163
e6354014 164AC_ARG_WITH(rpath,
165 [ --without-rpath Disable auto-added -R linker paths],
166 [
82f4e93d 167 if test "x$withval" = "xno" ; then
e6354014 168 need_dash_r=""
169 fi
170 if test "x$withval" = "xyes" ; then
171 need_dash_r=1
172 fi
173 ]
174)
175
a0391976 176# Check for some target-specific stuff
a7effaac 177case "$host" in
9d6b1b96 178*-*-aix*)
aff51935 179 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 180 if (test -z "$blibpath"); then
0a15d73b 181 blibpath="/usr/lib:/lib"
68ece370 182 fi
183 saved_LDFLAGS="$LDFLAGS"
184 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
185 if (test -z "$blibflags"); then
186 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
187 AC_TRY_LINK([], [], [blibflags=$tryflags])
188 fi
189 done
190 if (test -z "$blibflags"); then
191 AC_MSG_RESULT(not found)
192 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
193 else
194 AC_MSG_RESULT($blibflags)
bd499f9e 195 fi
68ece370 196 LDFLAGS="$saved_LDFLAGS"
e351e493 197 dnl Check for authenticate. Might be in libs.a on older AIXes
198 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 199 [AC_CHECK_LIB(s,authenticate,
e351e493 200 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 201 LIBS="$LIBS -ls"
202 ])
203 ])
ba603e06 204 dnl Check for various auth function declarations in headers.
c85ed8e2 205 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 206 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 207 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 208 AC_CHECK_DECLS(loginfailed,
e351e493 209 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
210 AC_TRY_COMPILE(
f58c0e01 211 [#include <usersec.h>],
e351e493 212 [(void)loginfailed("user","host","tty",0);],
213 [AC_MSG_RESULT(yes)
214 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 215 [AC_MSG_RESULT(no)]
e351e493 216 )],
217 [],
218 [#include <usersec.h>]
219 )
2aa3a16c 220 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 221 check_for_aix_broken_getaddrinfo=1
1352689f 222 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 223 AC_DEFINE(SETEUID_BREAKS_SETUID)
224 AC_DEFINE(BROKEN_SETREUID)
225 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 226 dnl AIX handles lastlog as part of its login message
227 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 228 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 229 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 230 ;;
3c62e7eb 231*-*-cygwin*)
a52997bd 232 check_for_libcrypt_later=1
ffb8d130 233 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 234 AC_DEFINE(HAVE_CYGWIN)
7043a38d 235 AC_DEFINE(USE_PIPES)
3c62e7eb 236 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 237 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 238 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 239 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 240 AC_DEFINE(DISABLE_FD_PASSING)
3c62e7eb 241 ;;
d6fdb079 242*-*-dgux*)
243 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 244 AC_DEFINE(SETEUID_BREAKS_SETUID)
245 AC_DEFINE(BROKEN_SETREUID)
246 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 247 ;;
39c98ef7 248*-*-darwin*)
33e2e066 249 AC_MSG_CHECKING(if we have working getaddrinfo)
250 AC_TRY_RUN([#include <mach-o/dyld.h>
251main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
252 exit(0);
253 else
254 exit(1);
255}], [AC_MSG_RESULT(working)],
256 [AC_MSG_RESULT(buggy)
257 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 258 [AC_MSG_RESULT(assume it is working)])
635e0c42 259 AC_DEFINE(SETEUID_BREAKS_SETUID)
260 AC_DEFINE(BROKEN_SETREUID)
261 AC_DEFINE(BROKEN_SETREGID)
ff620033 262 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 263 ;;
7d458c86 264*-*-hpux*)
265 # first we define all of the options common to all HP-UX releases
b8fea62d 266 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 267 IPADDR_IN_DISPLAY=yes
2b10f47a 268 AC_DEFINE(USE_PIPES)
a2572aa7 269 AC_DEFINE(LOGIN_NO_ENDOPT)
270 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 271 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 272 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 273 LIBS="$LIBS -lsec"
7d458c86 274 AC_CHECK_LIB(xnet, t_error, ,
275 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
276
277 # next, we define all of the options specific to major releases
278 case "$host" in
279 *-*-hpux10*)
280 if test -z "$GCC"; then
281 CFLAGS="$CFLAGS -Ae"
282 fi
283 ;;
284 *-*-hpux11*)
285 AC_DEFINE(PAM_SUN_CODEBASE)
286 AC_DEFINE(DISABLE_UTMP)
287 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
288 check_for_hpux_broken_getaddrinfo=1
289 check_for_conflicting_getspnam=1
290 ;;
291 esac
292
293 # lastly, we define options specific to minor releases
294 case "$host" in
295 *-*-hpux10.26)
296 AC_DEFINE(HAVE_SECUREWARE)
297 disable_ptmx_check=yes
298 LIBS="$LIBS -lsecpw"
299 ;;
300 esac
2b763e31 301 ;;
d94aa2ae 302*-*-irix5*)
6ac7829a 303 PATH="$PATH:/usr/etc"
416ed5a7 304 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 305 AC_DEFINE(SETEUID_BREAKS_SETUID)
306 AC_DEFINE(BROKEN_SETREUID)
307 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 308 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 309 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 310 ;;
311*-*-irix6*)
6ac7829a 312 PATH="$PATH:/usr/etc"
3206bb3b 313 AC_DEFINE(WITH_IRIX_ARRAY)
314 AC_DEFINE(WITH_IRIX_PROJECT)
315 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 316 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 317 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 318 AC_DEFINE(SETEUID_BREAKS_SETUID)
319 AC_DEFINE(BROKEN_SETREUID)
320 AC_DEFINE(BROKEN_SETREGID)
3d59832f 321 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 322 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 323 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 324 ;;
5cdfe03f 325*-*-linux*)
326 no_dev_ptmx=1
717057b6 327 check_for_libcrypt_later=1
eacb954e 328 check_for_openpty_ctty_bug=1
80faa19f 329 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 330 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 331 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 332 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 333 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 334 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
335 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 336 inet6_default_4in6=yes
bf7c1e6c 337 case `uname -r` in
ad84c479 338 1.*|2.0.*)
bf7c1e6c 339 AC_DEFINE(BROKEN_CMSG_TYPE)
340 ;;
bf7c1e6c 341 esac
5cdfe03f 342 ;;
66d6c27e 343mips-sony-bsd|mips-sony-newsos4)
35fc74ed 344 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
66d6c27e 345 SONY=1
66d6c27e 346 ;;
d468fc76 347*-*-netbsd*)
33e2e066 348 check_for_libcrypt_before=1
82f4e93d 349 if test "x$withval" != "xno" ; then
e6354014 350 need_dash_r=1
351 fi
d468fc76 352 ;;
86b416a7 353*-*-freebsd*)
354 check_for_libcrypt_later=1
355 ;;
8707b7eb 356*-*-bsdi*)
357 AC_DEFINE(SETEUID_BREAKS_SETUID)
358 AC_DEFINE(BROKEN_SETREUID)
359 AC_DEFINE(BROKEN_SETREGID)
360 ;;
729bfe59 361*-next-*)
729bfe59 362 conf_lastlog_location="/usr/adm/lastlog"
698d107e 363 conf_utmp_location=/etc/utmp
364 conf_wtmp_location=/usr/adm/wtmp
365 MAIL=/usr/spool/mail
729bfe59 366 AC_DEFINE(HAVE_NEXT)
443172c4 367 AC_DEFINE(BROKEN_REALPATH)
00937921 368 AC_DEFINE(USE_PIPES)
86b416a7 369 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 370 ;;
9d6b1b96 371*-*-solaris*)
82f4e93d 372 if test "x$withval" != "xno" ; then
010e9d5b 373 need_dash_r=1
374 fi
adeebd37 375 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 376 AC_DEFINE(LOGIN_NEEDS_UTMPX)
377 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 378 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 379 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 380 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 381 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
382 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 383 external_path_file=/etc/default/login
1d7b9b20 384 # hardwire lastlog location (can't detect it on some versions)
385 conf_lastlog_location="/var/adm/lastlog"
32c80420 386 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
387 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
388 if test "$sol2ver" -ge 8; then
389 AC_MSG_RESULT(yes)
390 AC_DEFINE(DISABLE_UTMP)
391 AC_DEFINE(DISABLE_WTMP)
392 else
393 AC_MSG_RESULT(no)
394 fi
9d6b1b96 395 ;;
a423beaf 396*-*-sunos4*)
0c2fb82f 397 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 398 AC_CHECK_FUNCS(getpwanam)
adeebd37 399 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 400 conf_utmp_location=/etc/utmp
401 conf_wtmp_location=/var/adm/wtmp
402 conf_lastlog_location=/var/adm/lastlog
137d7b6c 403 AC_DEFINE(USE_PIPES)
a423beaf 404 ;;
6f68f28a 405*-ncr-sysv*)
98a7c37b 406 LIBS="$LIBS -lc89"
29525240 407 AC_DEFINE(USE_PIPES)
eabb99c6 408 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 409 AC_DEFINE(SETEUID_BREAKS_SETUID)
410 AC_DEFINE(BROKEN_SETREUID)
411 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 412 ;;
132dd316 413*-sni-sysv*)
c8c15bcb 414 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 415 AC_CHECK_LIB(dl, dlsym, ,)
85cf54ec 416 # -lresolv needs to be at then end of LIBS or DNS lookups break
417 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
9548d6c8 418 IPADDR_IN_DISPLAY=yes
419 AC_DEFINE(USE_PIPES)
132dd316 420 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 421 AC_DEFINE(SETEUID_BREAKS_SETUID)
422 AC_DEFINE(BROKEN_SETREUID)
423 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 424 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 425 external_path_file=/etc/default/login
c8c15bcb 426 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
427 # Attention: always take care to bind libsocket and libnsl before libc,
428 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 429 ;;
79a7ba96 430# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 431*-*-sysv4.2*)
ed6553e2 432 AC_DEFINE(USE_PIPES)
7ed101c0 433 AC_DEFINE(SETEUID_BREAKS_SETUID)
434 AC_DEFINE(BROKEN_SETREUID)
435 AC_DEFINE(BROKEN_SETREGID)
46f853b9 436 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
77bb0bca 437 ;;
79a7ba96 438# UnixWare 7.x, OpenUNIX 8
77bb0bca 439*-*-sysv5*)
ed6553e2 440 AC_DEFINE(USE_PIPES)
7ed101c0 441 AC_DEFINE(SETEUID_BREAKS_SETUID)
442 AC_DEFINE(BROKEN_SETREUID)
443 AC_DEFINE(BROKEN_SETREGID)
46f853b9 444 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
822015dd 445 case "$host" in
446 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
447 TEST_SHELL=/u95/bin/sh
448 ;;
449 esac
77bb0bca 450 ;;
9d6b1b96 451*-*-sysv*)
9d6b1b96 452 ;;
79a7ba96 453# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 454*-*-sco3.2v4*)
11cf4f1f 455 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 456 ;;
79a7ba96 457# SCO OpenServer 5.x
77bb0bca 458*-*-sco3.2v5*)
21710e39 459 if test -z "$GCC"; then
460 CFLAGS="$CFLAGS -belf"
461 fi
ed6553e2 462 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 463 no_dev_ptmx=1
ed6553e2 464 AC_DEFINE(USE_PIPES)
6e879cb4 465 AC_DEFINE(HAVE_SECUREWARE)
d287c664 466 AC_DEFINE(DISABLE_SHADOW)
94d8258b 467 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 468 AC_DEFINE(SETEUID_BREAKS_SETUID)
469 AC_DEFINE(BROKEN_SETREUID)
470 AC_DEFINE(BROKEN_SETREGID)
bcebad47 471 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 472 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 473 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 474 AC_CHECK_FUNCS(getluid setluid)
533875af 475 MANTYPE=man
a3245b92 476 TEST_SHELL=ksh
509b1f88 477 ;;
ccbb983c 478*-*-unicosmk*)
c1ad5966 479 AC_DEFINE(NO_SSH_LASTLOG)
480 AC_DEFINE(SETEUID_BREAKS_SETUID)
481 AC_DEFINE(BROKEN_SETREUID)
482 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 483 AC_DEFINE(USE_PIPES)
484 AC_DEFINE(DISABLE_FD_PASSING)
485 LDFLAGS="$LDFLAGS"
486 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
487 MANTYPE=cat
d262b7f2 488 ;;
7b9a8c6e 489*-*-unicosmp*)
c1ad5966 490 AC_DEFINE(SETEUID_BREAKS_SETUID)
491 AC_DEFINE(BROKEN_SETREUID)
492 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 493 AC_DEFINE(WITH_ABBREV_NO_TTY)
494 AC_DEFINE(USE_PIPES)
495 AC_DEFINE(DISABLE_FD_PASSING)
496 LDFLAGS="$LDFLAGS"
c1ad5966 497 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 498 MANTYPE=cat
499 ;;
ca5c7d6a 500*-*-unicos*)
c1ad5966 501 AC_DEFINE(SETEUID_BREAKS_SETUID)
502 AC_DEFINE(BROKEN_SETREUID)
503 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 504 AC_DEFINE(USE_PIPES)
94d8258b 505 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 506 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 507 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
508 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
509 MANTYPE=cat
a704dd54 510 ;;
4d33e531 511*-dec-osf*)
99c8ddac 512 AC_MSG_CHECKING(for Digital Unix SIA)
513 no_osfsia=""
514 AC_ARG_WITH(osfsia,
515 [ --with-osfsia Enable Digital Unix SIA],
516 [
517 if test "x$withval" = "xno" ; then
518 AC_MSG_RESULT(disabled)
519 no_osfsia=1
520 fi
521 ],
522 )
523 if test -z "$no_osfsia" ; then
4d33e531 524 if test -f /etc/sia/matrix.conf; then
525 AC_MSG_RESULT(yes)
526 AC_DEFINE(HAVE_OSF_SIA)
527 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 528 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 529 LIBS="$LIBS -lsecurity -ldb -lm -laud"
530 else
531 AC_MSG_RESULT(no)
dbf8efb3 532 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 533 fi
534 fi
a6e67b60 535 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 536 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 537 AC_DEFINE(BROKEN_SETREUID)
538 AC_DEFINE(BROKEN_SETREGID)
4d33e531 539 ;;
41cb4569 540
541*-*-nto-qnx)
542 AC_DEFINE(USE_PIPES)
543 AC_DEFINE(NO_X11_UNIX_SOCKETS)
544 AC_DEFINE(MISSING_NFDBITS)
545 AC_DEFINE(MISSING_HOWMANY)
546 AC_DEFINE(MISSING_FD_MASK)
547 ;;
35fc74ed 548
549*-*-ultrix*)
550 AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1])
551 AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files])
552 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
b5765e1d 553 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
554 ;;
a7effaac 555esac
556
8e7b16f8 557# Allow user to specify flags
558AC_ARG_WITH(cflags,
559 [ --with-cflags Specify additional flags to pass to compiler],
560 [
6cf0200f 561 if test -n "$withval" && test "x$withval" != "xno" && \
562 test "x${withval}" != "xyes"; then
8e7b16f8 563 CFLAGS="$CFLAGS $withval"
564 fi
82f4e93d 565 ]
8e7b16f8 566)
0c2fb82f 567AC_ARG_WITH(cppflags,
568 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
569 [
6cf0200f 570 if test -n "$withval" && test "x$withval" != "xno" && \
571 test "x${withval}" != "xyes"; then
0c2fb82f 572 CPPFLAGS="$CPPFLAGS $withval"
573 fi
574 ]
575)
8e7b16f8 576AC_ARG_WITH(ldflags,
97b378bf 577 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 578 [
6cf0200f 579 if test -n "$withval" && test "x$withval" != "xno" && \
580 test "x${withval}" != "xyes"; then
8e7b16f8 581 LDFLAGS="$LDFLAGS $withval"
582 fi
82f4e93d 583 ]
8e7b16f8 584)
585AC_ARG_WITH(libs,
586 [ --with-libs Specify additional libraries to link with],
587 [
6cf0200f 588 if test -n "$withval" && test "x$withval" != "xno" && \
589 test "x${withval}" != "xyes"; then
8e7b16f8 590 LIBS="$LIBS $withval"
591 fi
82f4e93d 592 ]
8e7b16f8 593)
594
c5829391 595AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 596AC_RUN_IFELSE(
597 [AC_LANG_SOURCE([
c5829391 598#include <stdio.h>
599int main(){exit(0);}
479cece8 600 ])],
c5829391 601 [ AC_MSG_RESULT(yes) ],
602 [
603 AC_MSG_RESULT(no)
604 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 605 ],
606 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 607)
608
b04a9f8c 609dnl Checks for header files.
610AC_CHECK_HEADERS( \
611 bstring.h \
612 crypt.h \
613 dirent.h \
614 endian.h \
615 features.h \
616 floatingpoint.h \
617 getopt.h \
618 glob.h \
619 ia.h \
620 lastlog.h \
621 limits.h \
622 login.h \
623 login_cap.h \
624 maillock.h \
625 ndir.h \
626 netdb.h \
627 netgroup.h \
628 netinet/in_systm.h \
629 pam/pam_appl.h \
630 paths.h \
631 pty.h \
632 readpassphrase.h \
633 rpc/types.h \
634 security/pam_appl.h \
635 shadow.h \
636 stddef.h \
637 stdint.h \
0957c2cf 638 string.h \
b04a9f8c 639 strings.h \
640 sys/audit.h \
641 sys/bitypes.h \
642 sys/bsdtty.h \
643 sys/cdefs.h \
644 sys/dir.h \
645 sys/mman.h \
646 sys/ndir.h \
647 sys/prctl.h \
648 sys/pstat.h \
649 sys/select.h \
650 sys/stat.h \
651 sys/stream.h \
652 sys/stropts.h \
653 sys/strtio.h \
654 sys/sysmacros.h \
655 sys/time.h \
656 sys/timers.h \
657 sys/un.h \
658 time.h \
659 tmpdir.h \
660 ttyent.h \
25dd2ce6 661 unistd.h \
b04a9f8c 662 usersec.h \
663 util.h \
664 utime.h \
665 utmp.h \
666 utmpx.h \
ea76f54c 667 vis.h \
b04a9f8c 668)
ddceb1c8 669
765a24cd 670# sys/ptms.h requires sys/stream.h to be included first on Solaris
671AC_CHECK_HEADERS(sys/ptms.h, [], [], [
672#ifdef HAVE_SYS_STREAM_H
673# include <sys/stream.h>
674#endif
675])
676
a0391976 677# Checks for libraries.
98a7c37b 678AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
679AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 680
446227d6 681dnl IRIX and Solaris 2.5.1 have dirname() in libgen
682AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
683 AC_CHECK_LIB(gen, dirname,[
684 AC_CACHE_CHECK([for broken dirname],
685 ac_cv_have_broken_dirname, [
686 save_LIBS="$LIBS"
687 LIBS="$LIBS -lgen"
688 AC_TRY_RUN(
689 [
690#include <libgen.h>
691#include <string.h>
692
693int main(int argc, char **argv) {
694 char *s, buf[32];
695
696 strncpy(buf,"/etc", 32);
697 s = dirname(buf);
698 if (!s || strncmp(s, "/", 32) != 0) {
699 exit(1);
700 } else {
701 exit(0);
702 }
703}
704 ],
705 [ ac_cv_have_broken_dirname="no" ],
706 [ ac_cv_have_broken_dirname="yes" ]
707 )
708 LIBS="$save_LIBS"
709 ])
710 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
711 LIBS="$LIBS -lgen"
712 AC_DEFINE(HAVE_DIRNAME)
713 AC_CHECK_HEADERS(libgen.h)
714 fi
715 ])
716])
717
718AC_CHECK_FUNC(getspnam, ,
719 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
720AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
721
98a7c37b 722dnl zlib is required
723AC_ARG_WITH(zlib,
724 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 725 [ if test "x$withval" = "xno" ; then
726 AC_MSG_ERROR([*** zlib is required ***])
727 elif test "x$withval" != "xyes"; then
98a7c37b 728 if test -d "$withval/lib"; then
729 if test -n "${need_dash_r}"; then
5a162955 730 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 731 else
5a162955 732 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 733 fi
734 else
735 if test -n "${need_dash_r}"; then
5a162955 736 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 737 else
5a162955 738 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 739 fi
740 fi
741 if test -d "$withval/include"; then
5a162955 742 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 743 else
5a162955 744 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 745 fi
6dd05556 746 fi ]
98a7c37b 747)
748
0a15d73b 749AC_CHECK_LIB(z, deflate, ,
750 [
751 saved_CPPFLAGS="$CPPFLAGS"
752 saved_LDFLAGS="$LDFLAGS"
753 save_LIBS="$LIBS"
754 dnl Check default zlib install dir
755 if test -n "${need_dash_r}"; then
756 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
757 else
758 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
759 fi
760 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
761 LIBS="$LIBS -lz"
762 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
763 [
764 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
765 ]
766 )
767 ]
768)
4ad65809 769AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 770
771AC_ARG_WITH(zlib-version-check,
772 [ --without-zlib-version-check Disable zlib version check],
773 [ if test "x$withval" = "xno" ; then
774 zlib_check_nonfatal=1
775 fi
776 ]
777)
778
5c7fc85d 779AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 780AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 781#include <stdio.h>
4ad65809 782#include <zlib.h>
783int main()
784{
5c7fc85d 785 int a=0, b=0, c=0, d=0, n, v;
786 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
787 if (n != 3 && n != 4)
4ad65809 788 exit(1);
5c7fc85d 789 v = a*1000000 + b*10000 + c*100 + d;
790 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
791
792 /* 1.1.4 is OK */
793 if (a == 1 && b == 1 && c >= 4)
4ad65809 794 exit(0);
5c7fc85d 795
796 /* 1.2.1.2 and up are OK */
797 if (v >= 1020102)
798 exit(0);
799
4ad65809 800 exit(2);
801}
479cece8 802 ]])],
5c7fc85d 803 AC_MSG_RESULT(no),
804 [ AC_MSG_RESULT(yes)
8068d564 805 if test -z "$zlib_check_nonfatal" ; then
806 AC_MSG_ERROR([*** zlib too old - check config.log ***
807Your reported zlib version has known security problems. It's possible your
808vendor has fixed these problems without changing the version number. If you
809are sure this is the case, you can disable the check by running
810"./configure --without-zlib-version-check".
5c7fc85d 811If you are in doubt, upgrade zlib to version 1.2.1.2 or greater.
812See http://www.gzip.org/zlib/ for details.])
8068d564 813 else
814 AC_MSG_WARN([zlib version may have security problems])
815 fi
1a01a50c 816 ],
817 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 818)
48e7916f 819
2c523de9 820dnl UnixWare 2.x
aff51935 821AC_CHECK_FUNC(strcasecmp,
2c523de9 822 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
823)
aff51935 824AC_CHECK_FUNC(utimes,
cda1ebcb 825 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
826 LIBS="$LIBS -lc89"]) ]
2c523de9 827)
4cca272e 828
7c6d759d 829dnl Checks for libutil functions
830AC_CHECK_HEADERS(libutil.h)
831AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
832AC_CHECK_FUNCS(logout updwtmp logwtmp)
833
a738c3b0 834AC_FUNC_STRFTIME
835
84ceda19 836# Check for ALTDIRFUNC glob() extension
837AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
838AC_EGREP_CPP(FOUNDIT,
839 [
840 #include <glob.h>
841 #ifdef GLOB_ALTDIRFUNC
842 FOUNDIT
843 #endif
aff51935 844 ],
84ceda19 845 [
846 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
847 AC_MSG_RESULT(yes)
848 ],
849 [
850 AC_MSG_RESULT(no)
851 ]
852)
4cca272e 853
40849fdb 854# Check for g.gl_matchc glob() extension
855AC_MSG_CHECKING(for gl_matchc field in glob_t)
856AC_EGREP_CPP(FOUNDIT,
aff51935 857 [
858 #include <glob.h>
40849fdb 859 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 860 ],
861 [
862 AC_DEFINE(GLOB_HAS_GL_MATCHC)
863 AC_MSG_RESULT(yes)
864 ],
865 [
866 AC_MSG_RESULT(no)
867 ]
40849fdb 868)
869
edbe6722 870AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 871AC_RUN_IFELSE(
479cece8 872 [AC_LANG_SOURCE([[
edbe6722 873#include <sys/types.h>
874#include <dirent.h>
aec4cb4f 875int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 876 ]])],
aff51935 877 [AC_MSG_RESULT(yes)],
edbe6722 878 [
879 AC_MSG_RESULT(no)
880 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 881 ],
82f4e93d 882 [
1a01a50c 883 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
884 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 885 ]
886)
887
419e26e7 888AC_MSG_CHECKING([for /proc/pid/fd directory])
889if test -d "/proc/$$/fd" ; then
890 AC_DEFINE(HAVE_PROC_PID)
891 AC_MSG_RESULT(yes)
892else
893 AC_MSG_RESULT(no)
894fi
895
278588d8 896# Check whether user wants S/Key support
aff51935 897SKEY_MSG="no"
278588d8 898AC_ARG_WITH(skey,
6ff3d0dc 899 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 900 [
901 if test "x$withval" != "xno" ; then
902
903 if test "x$withval" != "xyes" ; then
904 CPPFLAGS="$CPPFLAGS -I${withval}/include"
905 LDFLAGS="$LDFLAGS -L${withval}/lib"
906 fi
907
908 AC_DEFINE(SKEY)
909 LIBS="-lskey $LIBS"
aff51935 910 SKEY_MSG="yes"
82f4e93d 911
ddceb1c8 912 AC_MSG_CHECKING([for s/key support])
913 AC_TRY_RUN(
914 [
915#include <stdio.h>
916#include <skey.h>
aec4cb4f 917int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 918 ],
919 [AC_MSG_RESULT(yes)],
278588d8 920 [
ddceb1c8 921 AC_MSG_RESULT(no)
278588d8 922 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
923 ])
141fc639 924 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
925 AC_TRY_COMPILE(
926 [#include <stdio.h>
927 #include <skey.h>],
928 [(void)skeychallenge(NULL,"name","",0);],
929 [AC_MSG_RESULT(yes)
930 AC_DEFINE(SKEYCHALLENGE_4ARG)],
931 [AC_MSG_RESULT(no)]
932 )
278588d8 933 fi
934 ]
935)
936
937# Check whether user wants TCP wrappers support
98a7c37b 938TCPW_MSG="no"
278588d8 939AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 940 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 941 [
942 if test "x$withval" != "xno" ; then
943 saved_LIBS="$LIBS"
98a7c37b 944 saved_LDFLAGS="$LDFLAGS"
945 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 946 if test -n "${withval}" && \
6cf0200f 947 test "x${withval}" != "xyes"; then
98a7c37b 948 if test -d "${withval}/lib"; then
949 if test -n "${need_dash_r}"; then
5a162955 950 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 951 else
5a162955 952 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 953 fi
954 else
955 if test -n "${need_dash_r}"; then
5a162955 956 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 957 else
5a162955 958 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 959 fi
960 fi
961 if test -d "${withval}/include"; then
5a162955 962 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 963 else
5a162955 964 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 965 fi
98a7c37b 966 fi
ddceb1c8 967 LIBWRAP="-lwrap"
968 LIBS="$LIBWRAP $LIBS"
278588d8 969 AC_MSG_CHECKING(for libwrap)
970 AC_TRY_LINK(
971 [
77f09220 972#include <sys/types.h>
973#include <sys/socket.h>
974#include <netinet/in.h>
278588d8 975#include <tcpd.h>
976 int deny_severity = 0, allow_severity = 0;
977 ],
978 [hosts_access(0);],
979 [
980 AC_MSG_RESULT(yes)
981 AC_DEFINE(LIBWRAP)
ddceb1c8 982 AC_SUBST(LIBWRAP)
98a7c37b 983 TCPW_MSG="yes"
278588d8 984 ],
985 [
986 AC_MSG_ERROR([*** libwrap missing])
987 ]
988 )
ddceb1c8 989 LIBS="$saved_LIBS"
278588d8 990 fi
991 ]
992)
993
59031773 994# Check whether user wants libedit support
995LIBEDIT_MSG="no"
996AC_ARG_WITH(libedit,
6ff3d0dc 997 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 998 [ if test "x$withval" != "xno" ; then
737edf04 999 if test "x$withval" != "xyes"; then
1000 CPPFLAGS="$CPPFLAGS -I$withval/include"
1001 LDFLAGS="$LDFLAGS -L$withval/lib"
1002 fi
59031773 1003 AC_CHECK_LIB(edit, el_init,
1004 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
1005 LIBEDIT="-ledit -lcurses"
1006 LIBEDIT_MSG="yes"
1007 AC_SUBST(LIBEDIT)
1008 ],
737edf04 1009 [ AC_MSG_ERROR(libedit not found) ],
1010 [ -lcurses ]
59031773 1011 )
1012 fi ]
1013)
1014
7b578f7d 1015AUDIT_MODULE=none
1016AC_ARG_WITH(audit,
1017 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1018 [
1019 AC_MSG_CHECKING(for supported audit module)
1020 case "$withval" in
1021 bsm)
1022 AC_MSG_RESULT(bsm)
1023 AUDIT_MODULE=bsm
1024 dnl Checks for headers, libs and functions
1025 AC_CHECK_HEADERS(bsm/audit.h, [],
1026 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1027 AC_CHECK_LIB(bsm, getaudit, [],
1028 [AC_MSG_ERROR(BSM enabled and required library not found)])
1029 AC_CHECK_FUNCS(getaudit, [],
1030 [AC_MSG_ERROR(BSM enabled and required function not found)])
1031 # These are optional
7939c496 1032 AC_CHECK_FUNCS(getaudit_addr)
7b578f7d 1033 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module])
1034 ;;
1035 debug)
1036 AUDIT_MODULE=debug
1037 AC_MSG_RESULT(debug)
1038 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
1039 ;;
1040 *)
1041 AC_MSG_ERROR([Unknown audit module $withval])
1042 ;;
1043 esac ]
1044)
1045
19160674 1046dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1047AC_CHECK_FUNCS( \
1048 arc4random \
1049 b64_ntop \
1050 __b64_ntop \
1051 b64_pton \
1052 __b64_pton \
1053 bcopy \
1054 bindresvport_sa \
1055 clock \
1056 closefrom \
1057 dirfd \
1058 fchdir \
1059 fchmod \
1060 fchown \
1061 freeaddrinfo \
1062 futimes \
1063 getaddrinfo \
1064 getcwd \
1065 getgrouplist \
1066 getnameinfo \
1067 getopt \
1068 getpeereid \
1069 _getpty \
1070 getrlimit \
1071 getttyent \
1072 glob \
1073 inet_aton \
1074 inet_ntoa \
1075 inet_ntop \
1076 innetgr \
1077 login_getcapbool \
1078 md5_crypt \
1079 memmove \
1080 mkdtemp \
1081 mmap \
1082 ngetaddrinfo \
1083 nsleep \
1084 ogetaddrinfo \
1085 openlog_r \
1086 openpty \
1087 prctl \
1088 pstat \
1089 readpassphrase \
1090 realpath \
1091 recvmsg \
1092 rresvport_af \
1093 sendmsg \
1094 setdtablesize \
1095 setegid \
1096 setenv \
1097 seteuid \
1098 setgroups \
1099 setlogin \
1100 setpcred \
1101 setproctitle \
1102 setregid \
1103 setreuid \
1104 setrlimit \
1105 setsid \
1106 setvbuf \
1107 sigaction \
1108 sigvec \
1109 snprintf \
1110 socketpair \
1111 strdup \
1112 strerror \
1113 strlcat \
1114 strlcpy \
1115 strmode \
1116 strnvis \
1117 strtonum \
1e29a0c8 1118 strtoll \
b04a9f8c 1119 strtoul \
1120 sysconf \
1121 tcgetpgrp \
1122 truncate \
1123 unsetenv \
1124 updwtmpx \
1125 utimes \
1126 vhangup \
1127 vsnprintf \
1128 waitpid \
19160674 1129)
98a7c37b 1130
1a086f97 1131# IRIX has a const char return value for gai_strerror()
1132AC_CHECK_FUNCS(gai_strerror,[
1133 AC_DEFINE(HAVE_GAI_STRERROR)
1134 AC_TRY_COMPILE([
1135#include <sys/types.h>
1136#include <sys/socket.h>
1137#include <netdb.h>
1138
1139const char *gai_strerror(int);],[
1140char *str;
1141
1142str = gai_strerror(0);],[
1143 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1144 [Define if gai_strerror() returns const char *])])])
1145
92b1decf 1146AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
1147
309709db 1148dnl Make sure prototypes are defined for these before using them.
309709db 1149AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1150AC_CHECK_DECL(strsep,
1151 [AC_CHECK_FUNCS(strsep)],
1152 [],
1153 [
1154#ifdef HAVE_STRING_H
1155# include <string.h>
1156#endif
1157 ])
08412d26 1158
3490699c 1159dnl tcsendbreak might be a macro
1160AC_CHECK_DECL(tcsendbreak,
1161 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1162 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1163 [#include <termios.h>]
1164)
1165
41e0e158 1166AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1167
3f176010 1168AC_CHECK_FUNCS(setresuid, [
1169 dnl Some platorms have setresuid that isn't implemented, test for this
1170 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1171 AC_RUN_IFELSE(
1172 [AC_LANG_SOURCE([[
9a3fe0e2 1173#include <stdlib.h>
1174#include <errno.h>
1175int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1176 ]])],
3f176010 1177 [AC_MSG_RESULT(yes)],
24a9171d 1178 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 1179 AC_MSG_RESULT(not implemented)],
1180 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1181 )
1182])
9a3fe0e2 1183
3f176010 1184AC_CHECK_FUNCS(setresgid, [
1185 dnl Some platorms have setresgid that isn't implemented, test for this
1186 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1187 AC_RUN_IFELSE(
1188 [AC_LANG_SOURCE([[
9a3fe0e2 1189#include <stdlib.h>
1190#include <errno.h>
1191int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1192 ]])],
3f176010 1193 [AC_MSG_RESULT(yes)],
1194 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 1195 AC_MSG_RESULT(not implemented)],
1196 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1197 )
1198])
9a3fe0e2 1199
2e73a022 1200dnl Checks for time functions
1d7b9b20 1201AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1202dnl Checks for utmp functions
b03bd394 1203AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1204AC_CHECK_FUNCS(utmpname)
2e73a022 1205dnl Checks for utmpx functions
b03bd394 1206AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1207AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1208
aff51935 1209AC_CHECK_FUNC(daemon,
beb43d31 1210 [AC_DEFINE(HAVE_DAEMON)],
1211 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
1212)
1213
aff51935 1214AC_CHECK_FUNC(getpagesize,
aa6bd60a 1215 [AC_DEFINE(HAVE_GETPAGESIZE)],
1216 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
1217)
1218
2647ae26 1219# Check for broken snprintf
1220if test "x$ac_cv_func_snprintf" = "xyes" ; then
1221 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1222 AC_RUN_IFELSE(
479cece8 1223 [AC_LANG_SOURCE([[
2647ae26 1224#include <stdio.h>
aec4cb4f 1225int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1226 ]])],
aff51935 1227 [AC_MSG_RESULT(yes)],
2647ae26 1228 [
1229 AC_MSG_RESULT(no)
1230 AC_DEFINE(BROKEN_SNPRINTF)
1231 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1232 ],
1233 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1234 )
1235fi
1236
2f6f9cff 1237# Check for missing getpeereid (or equiv) support
1238NO_PEERCHECK=""
1239if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1240 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1241 AC_TRY_COMPILE(
1242 [#include <sys/types.h>
1243 #include <sys/socket.h>],
1244 [int i = SO_PEERCRED;],
62eb7db4 1245 [ AC_MSG_RESULT(yes)
1246 AC_DEFINE(HAVE_SO_PEERCRED, [], [Have PEERCRED socket option])
1247 ],
2f6f9cff 1248 [AC_MSG_RESULT(no)
1249 NO_PEERCHECK=1]
1250 )
1251fi
1252
70e7d0b0 1253dnl see whether mkstemp() requires XXXXXX
1254if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1255AC_MSG_CHECKING([for (overly) strict mkstemp])
1256AC_TRY_RUN(
1257 [
1258#include <stdlib.h>
1259main() { char template[]="conftest.mkstemp-test";
1260if (mkstemp(template) == -1)
1261 exit(1);
1262unlink(template); exit(0);
1263}
1264 ],
1265 [
1266 AC_MSG_RESULT(no)
1267 ],
aff51935 1268 [
70e7d0b0 1269 AC_MSG_RESULT(yes)
1270 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1271 ],
1272 [
1273 AC_MSG_RESULT(yes)
1274 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1275 ]
70e7d0b0 1276)
1277fi
1278
eacb954e 1279dnl make sure that openpty does not reacquire controlling terminal
1280if test ! -z "$check_for_openpty_ctty_bug"; then
1281 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1282 AC_TRY_RUN(
1283 [
1284#include <stdio.h>
1285#include <sys/fcntl.h>
1286#include <sys/types.h>
1287#include <sys/wait.h>
1288
1289int
1290main()
1291{
1292 pid_t pid;
1293 int fd, ptyfd, ttyfd, status;
1294
1295 pid = fork();
1296 if (pid < 0) { /* failed */
1297 exit(1);
1298 } else if (pid > 0) { /* parent */
1299 waitpid(pid, &status, 0);
aff51935 1300 if (WIFEXITED(status))
eacb954e 1301 exit(WEXITSTATUS(status));
1302 else
1303 exit(2);
1304 } else { /* child */
1305 close(0); close(1); close(2);
1306 setsid();
1307 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1308 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1309 if (fd >= 0)
1310 exit(3); /* Acquired ctty: broken */
1311 else
1312 exit(0); /* Did not acquire ctty: OK */
1313 }
1314}
1315 ],
1316 [
1317 AC_MSG_RESULT(yes)
1318 ],
1319 [
1320 AC_MSG_RESULT(no)
1321 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1322 ]
1323 )
1324fi
1325
4b492aab 1326if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1327 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1328 AC_MSG_CHECKING(if getaddrinfo seems to work)
1329 AC_TRY_RUN(
1330 [
1331#include <stdio.h>
1332#include <sys/socket.h>
1333#include <netdb.h>
1334#include <errno.h>
1335#include <netinet/in.h>
1336
1337#define TEST_PORT "2222"
1338
1339int
1340main(void)
1341{
1342 int err, sock;
1343 struct addrinfo *gai_ai, *ai, hints;
1344 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1345
1346 memset(&hints, 0, sizeof(hints));
1347 hints.ai_family = PF_UNSPEC;
1348 hints.ai_socktype = SOCK_STREAM;
1349 hints.ai_flags = AI_PASSIVE;
1350
1351 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1352 if (err != 0) {
1353 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1354 exit(1);
1355 }
1356
1357 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1358 if (ai->ai_family != AF_INET6)
1359 continue;
1360
1361 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1362 sizeof(ntop), strport, sizeof(strport),
1363 NI_NUMERICHOST|NI_NUMERICSERV);
1364
1365 if (err != 0) {
1366 if (err == EAI_SYSTEM)
1367 perror("getnameinfo EAI_SYSTEM");
1368 else
1369 fprintf(stderr, "getnameinfo failed: %s\n",
1370 gai_strerror(err));
1371 exit(2);
1372 }
1373
1374 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1375 if (sock < 0)
1376 perror("socket");
1377 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1378 if (errno == EBADF)
1379 exit(3);
1380 }
1381 }
1382 exit(0);
1383}
1384 ],
1385 [
1386 AC_MSG_RESULT(yes)
1387 ],
1388 [
1389 AC_MSG_RESULT(no)
1390 AC_DEFINE(BROKEN_GETADDRINFO)
1391 ]
1392 )
1393fi
1394
4b492aab 1395if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1396 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1397 AC_MSG_CHECKING(if getaddrinfo seems to work)
1398 AC_TRY_RUN(
1399 [
1400#include <stdio.h>
1401#include <sys/socket.h>
1402#include <netdb.h>
1403#include <errno.h>
1404#include <netinet/in.h>
1405
1406#define TEST_PORT "2222"
1407
1408int
1409main(void)
1410{
1411 int err, sock;
1412 struct addrinfo *gai_ai, *ai, hints;
1413 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1414
1415 memset(&hints, 0, sizeof(hints));
1416 hints.ai_family = PF_UNSPEC;
1417 hints.ai_socktype = SOCK_STREAM;
1418 hints.ai_flags = AI_PASSIVE;
1419
1420 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1421 if (err != 0) {
1422 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1423 exit(1);
1424 }
1425
1426 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1427 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1428 continue;
1429
1430 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1431 sizeof(ntop), strport, sizeof(strport),
1432 NI_NUMERICHOST|NI_NUMERICSERV);
1433
1434 if (ai->ai_family == AF_INET && err != 0) {
1435 perror("getnameinfo");
1436 exit(2);
1437 }
1438 }
1439 exit(0);
1440}
1441 ],
1442 [
1443 AC_MSG_RESULT(yes)
1444 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1445[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1446 ],
1447 [
1448 AC_MSG_RESULT(no)
1449 AC_DEFINE(BROKEN_GETADDRINFO)
1450 ]
1451 )
1452fi
1453
b29fd59f 1454if test "x$check_for_conflicting_getspnam" = "x1"; then
1455 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1456 AC_COMPILE_IFELSE(
1457 [
1458#include <shadow.h>
1459int main(void) {exit(0);}
1460 ],
1461 [
1462 AC_MSG_RESULT(no)
1463 ],
1464 [
1465 AC_MSG_RESULT(yes)
1466 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1467 [Conflicting defs for getspnam])
1468 ]
1469 )
1470fi
1471
7f8f5e00 1472AC_FUNC_GETPGRP
1473
717057b6 1474# Check for PAM libs
cbd7492e 1475PAM_MSG="no"
a0391976 1476AC_ARG_WITH(pam,
717057b6 1477 [ --with-pam Enable PAM support ],
a0391976 1478 [
717057b6 1479 if test "x$withval" != "xno" ; then
2511d104 1480 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1481 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1482 AC_MSG_ERROR([PAM headers not found])
1483 fi
a0391976 1484
717057b6 1485 AC_CHECK_LIB(dl, dlopen, , )
1486 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1487 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1488 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1489
717057b6 1490 PAM_MSG="yes"
4cb5ffa0 1491
717057b6 1492 AC_DEFINE(USE_PAM)
98f2d9d5 1493 if test $ac_cv_lib_dl_dlopen = yes; then
1494 LIBPAM="-lpam -ldl"
1495 else
1496 LIBPAM="-lpam"
1497 fi
1498 AC_SUBST(LIBPAM)
717057b6 1499 fi
1500 ]
1501)
cbd7492e 1502
717057b6 1503# Check for older PAM
1504if test "x$PAM_MSG" = "xyes" ; then
a0391976 1505 # Check PAM strerror arguments (old PAM)
1506 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1507 AC_TRY_COMPILE(
1508 [
18ba2aab 1509#include <stdlib.h>
2511d104 1510#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1511#include <security/pam_appl.h>
2511d104 1512#elif defined (HAVE_PAM_PAM_APPL_H)
1513#include <pam/pam_appl.h>
1514#endif
aff51935 1515 ],
1516 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1517 [AC_MSG_RESULT(no)],
1518 [
1519 AC_DEFINE(HAVE_OLD_PAM)
1520 AC_MSG_RESULT(yes)
cbd7492e 1521 PAM_MSG="yes (old library)"
a0391976 1522 ]
717057b6 1523 )
a0391976 1524fi
1525
5b991353 1526# Search for OpenSSL
1527saved_CPPFLAGS="$CPPFLAGS"
1528saved_LDFLAGS="$LDFLAGS"
a0391976 1529AC_ARG_WITH(ssl-dir,
1530 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1531 [
e9e4a1c7 1532 if test "x$withval" != "xno" ; then
99eb0f64 1533 case "$withval" in
1534 # Relative paths
1535 ./*|../*) withval="`pwd`/$withval"
1536 esac
5b991353 1537 if test -d "$withval/lib"; then
1538 if test -n "${need_dash_r}"; then
1539 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1540 else
1541 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1542 fi
1543 else
5b991353 1544 if test -n "${need_dash_r}"; then
1545 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1546 else
1547 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1548 fi
1549 fi
5b991353 1550 if test -d "$withval/include"; then
1551 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1552 else
5b991353 1553 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1554 fi
a0391976 1555 fi
5b991353 1556 ]
1557)
5486a457 1558LIBS="-lcrypto $LIBS"
5b991353 1559AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1560 [
5b991353 1561 dnl Check default openssl install dir
1562 if test -n "${need_dash_r}"; then
1563 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1564 else
5b991353 1565 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1566 fi
5b991353 1567 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1568 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1569 [
1570 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1571 ]
1572 )
1573 ]
1574)
1575
cd018561 1576# Determine OpenSSL header version
1577AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1578AC_RUN_IFELSE(
479cece8 1579 [AC_LANG_SOURCE([[
cd018561 1580#include <stdio.h>
1581#include <string.h>
1582#include <openssl/opensslv.h>
1583#define DATA "conftest.sslincver"
1584int main(void) {
aff51935 1585 FILE *fd;
1586 int rc;
cd018561 1587
aff51935 1588 fd = fopen(DATA,"w");
1589 if(fd == NULL)
1590 exit(1);
cd018561 1591
1592 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1593 exit(1);
1594
1595 exit(0);
1596}
479cece8 1597 ]])],
cd018561 1598 [
1599 ssl_header_ver=`cat conftest.sslincver`
1600 AC_MSG_RESULT($ssl_header_ver)
1601 ],
1602 [
1603 AC_MSG_RESULT(not found)
1604 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1605 ],
1606 [
1607 AC_MSG_WARN([cross compiling: not checking])
cd018561 1608 ]
1609)
1610
1611# Determine OpenSSL library version
1612AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1613AC_RUN_IFELSE(
479cece8 1614 [AC_LANG_SOURCE([[
cd018561 1615#include <stdio.h>
1616#include <string.h>
1617#include <openssl/opensslv.h>
1618#include <openssl/crypto.h>
1619#define DATA "conftest.ssllibver"
1620int main(void) {
aff51935 1621 FILE *fd;
1622 int rc;
cd018561 1623
aff51935 1624 fd = fopen(DATA,"w");
1625 if(fd == NULL)
1626 exit(1);
cd018561 1627
1628 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1629 exit(1);
1630
1631 exit(0);
1632}
479cece8 1633 ]])],
cd018561 1634 [
1635 ssl_library_ver=`cat conftest.ssllibver`
1636 AC_MSG_RESULT($ssl_library_ver)
1637 ],
1638 [
1639 AC_MSG_RESULT(not found)
1640 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1641 ],
1642 [
1643 AC_MSG_WARN([cross compiling: not checking])
cd018561 1644 ]
1645)
58d100bf 1646
9780116c 1647# Sanity check OpenSSL headers
1648AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1649AC_RUN_IFELSE(
479cece8 1650 [AC_LANG_SOURCE([[
9780116c 1651#include <string.h>
1652#include <openssl/opensslv.h>
aec4cb4f 1653int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1654 ]])],
9780116c 1655 [
1656 AC_MSG_RESULT(yes)
1657 ],
1658 [
1659 AC_MSG_RESULT(no)
e15ba28b 1660 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1661Check config.log for details.
1662Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1663 ],
1664 [
1665 AC_MSG_WARN([cross compiling: not checking])
9780116c 1666 ]
1667)
1668
5486a457 1669# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1670# because the system crypt() is more featureful.
1671if test "x$check_for_libcrypt_before" = "x1"; then
1672 AC_CHECK_LIB(crypt, crypt)
1673fi
1674
aff51935 1675# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1676# version in OpenSSL.
05114c74 1677if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1678 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1679fi
1680
f1b0ecc3 1681
1682### Configure cryptographic random number support
1683
1684# Check wheter OpenSSL seeds itself
1685AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1686AC_RUN_IFELSE(
479cece8 1687 [AC_LANG_SOURCE([[
f1b0ecc3 1688#include <string.h>
1689#include <openssl/rand.h>
aec4cb4f 1690int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1691 ]])],
f1b0ecc3 1692 [
1693 OPENSSL_SEEDS_ITSELF=yes
1694 AC_MSG_RESULT(yes)
1695 ],
1696 [
1697 AC_MSG_RESULT(no)
1698 # Default to use of the rand helper if OpenSSL doesn't
1699 # seed itself
1700 USE_RAND_HELPER=yes
1a01a50c 1701 ],
1702 [
1703 AC_MSG_WARN([cross compiling: assuming yes])
1704 # This is safe, since all recent OpenSSL versions will
82f4e93d 1705 # complain at runtime if not seeded correctly.
1a01a50c 1706 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1707 ]
1708)
1709
1710
1711# Do we want to force the use of the rand helper?
1712AC_ARG_WITH(rand-helper,
1713 [ --with-rand-helper Use subprocess to gather strong randomness ],
1714 [
1715 if test "x$withval" = "xno" ; then
aff51935 1716 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1717 # the previous test showed it to be unseeded.
1718 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1719 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1720 OPENSSL_SEEDS_ITSELF=yes
1721 USE_RAND_HELPER=""
1722 fi
1723 else
1724 USE_RAND_HELPER=yes
1725 fi
1726 ],
82f4e93d 1727)
f1b0ecc3 1728
1729# Which randomness source do we use?
4b492aab 1730if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1731 # OpenSSL only
1732 AC_DEFINE(OPENSSL_PRNG_ONLY)
1733 RAND_MSG="OpenSSL internal ONLY"
1734 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1735elif test ! -z "$USE_RAND_HELPER" ; then
1736 # install rand helper
f1b0ecc3 1737 RAND_MSG="ssh-rand-helper"
1738 INSTALL_SSH_RAND_HELPER="yes"
1739fi
1740AC_SUBST(INSTALL_SSH_RAND_HELPER)
1741
1742### Configuration of ssh-rand-helper
1743
1744# PRNGD TCP socket
1745AC_ARG_WITH(prngd-port,
1746 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1747 [
eb5d7ff6 1748 case "$withval" in
1749 no)
1750 withval=""
1751 ;;
1752 [[0-9]]*)
1753 ;;
1754 *)
1755 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1756 ;;
1757 esac
1758 if test ! -z "$withval" ; then
f1b0ecc3 1759 PRNGD_PORT="$withval"
1760 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1761 fi
1762 ]
1763)
1764
1765# PRNGD Unix domain socket
1766AC_ARG_WITH(prngd-socket,
1767 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1768 [
eb5d7ff6 1769 case "$withval" in
1770 yes)
f1b0ecc3 1771 withval="/var/run/egd-pool"
eb5d7ff6 1772 ;;
1773 no)
1774 withval=""
1775 ;;
1776 /*)
1777 ;;
1778 *)
1779 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1780 ;;
1781 esac
1782
1783 if test ! -z "$withval" ; then
f1b0ecc3 1784 if test ! -z "$PRNGD_PORT" ; then
1785 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1786 fi
906e811b 1787 if test ! -r "$withval" ; then
f1b0ecc3 1788 AC_MSG_WARN(Entropy socket is not readable)
1789 fi
1790 PRNGD_SOCKET="$withval"
1791 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1792 fi
ddceb1c8 1793 ],
1794 [
1795 # Check for existing socket only if we don't have a random device already
1796 if test "$USE_RAND_HELPER" = yes ; then
1797 AC_MSG_CHECKING(for PRNGD/EGD socket)
1798 # Insert other locations here
1799 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1800 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1801 PRNGD_SOCKET="$sock"
1802 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1803 break;
1804 fi
1805 done
1806 if test ! -z "$PRNGD_SOCKET" ; then
1807 AC_MSG_RESULT($PRNGD_SOCKET)
1808 else
1809 AC_MSG_RESULT(not found)
1810 fi
1811 fi
f1b0ecc3 1812 ]
1813)
1814
1815# Change default command timeout for hashing entropy source
1816entropy_timeout=200
1817AC_ARG_WITH(entropy-timeout,
1818 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1819 [
6cf0200f 1820 if test -n "$withval" && test "x$withval" != "xno" && \
1821 test "x${withval}" != "xyes"; then
f1b0ecc3 1822 entropy_timeout=$withval
1823 fi
82f4e93d 1824 ]
f1b0ecc3 1825)
f1b0ecc3 1826AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1827
fd3cbf67 1828SSH_PRIVSEP_USER=sshd
9a0fbcb3 1829AC_ARG_WITH(privsep-user,
5222e7ef 1830 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1831 [
6cf0200f 1832 if test -n "$withval" && test "x$withval" != "xno" && \
1833 test "x${withval}" != "xyes"; then
fd3cbf67 1834 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1835 fi
82f4e93d 1836 ]
9a0fbcb3 1837)
fd3cbf67 1838AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1839AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1840
81dadca3 1841# We do this little dance with the search path to insure
1842# that programs that we select for use by installed programs
1843# (which may be run by the super-user) come from trusted
1844# locations before they come from the user's private area.
1845# This should help avoid accidentally configuring some
1846# random version of a program in someone's personal bin.
1847
1848OPATH=$PATH
1849PATH=/bin:/usr/bin
f95c8ce8 1850test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1851test -d /sbin && PATH=$PATH:/sbin
1852test -d /usr/sbin && PATH=$PATH:/usr/sbin
1853PATH=$PATH:/etc:$OPATH
1854
aff51935 1855# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1856OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1857OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1858OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1859OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1860OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1861OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1862OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1863OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1864OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1865OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1866OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1867OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1868OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1869OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1870OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1871OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1872# restore PATH
1873PATH=$OPATH
f1b0ecc3 1874
1875# Where does ssh-rand-helper get its randomness from?
1876INSTALL_SSH_PRNG_CMDS=""
1877if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1878 if test ! -z "$PRNGD_PORT" ; then
1879 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1880 elif test ! -z "$PRNGD_SOCKET" ; then
1881 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1882 else
1883 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1884 RAND_HELPER_CMDHASH=yes
1885 INSTALL_SSH_PRNG_CMDS="yes"
1886 fi
1887fi
1888AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1889
1890
66d6c27e 1891# Cheap hack to ensure NEWS-OS libraries are arranged right.
1892if test ! -z "$SONY" ; then
1893 LIBS="$LIBS -liberty";
1894fi
1895
a0391976 1896# Checks for data types
976f7e19 1897AC_CHECK_SIZEOF(char, 1)
2b942fe0 1898AC_CHECK_SIZEOF(short int, 2)
1899AC_CHECK_SIZEOF(int, 4)
1900AC_CHECK_SIZEOF(long int, 4)
1901AC_CHECK_SIZEOF(long long int, 8)
1902
52f1ccb2 1903# Sanity check long long for some platforms (AIX)
1904if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1905 ac_cv_sizeof_long_long_int=0
1906fi
1907
a0391976 1908# More checks for data types
14a9a859 1909AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1910 AC_TRY_COMPILE(
aff51935 1911 [ #include <sys/types.h> ],
1912 [ u_int a; a = 1;],
14a9a859 1913 [ ac_cv_have_u_int="yes" ],
1914 [ ac_cv_have_u_int="no" ]
1915 )
1916])
1917if test "x$ac_cv_have_u_int" = "xyes" ; then
1918 AC_DEFINE(HAVE_U_INT)
1919 have_u_int=1
1920fi
1921
58d100bf 1922AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1923 AC_TRY_COMPILE(
aff51935 1924 [ #include <sys/types.h> ],
1925 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1926 [ ac_cv_have_intxx_t="yes" ],
1927 [ ac_cv_have_intxx_t="no" ]
1928 )
1929])
1930if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1931 AC_DEFINE(HAVE_INTXX_T)
1932 have_intxx_t=1
1933fi
41cb4569 1934
1935if (test -z "$have_intxx_t" && \
aff51935 1936 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1937then
1938 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1939 AC_TRY_COMPILE(
aff51935 1940 [ #include <stdint.h> ],
1941 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1942 [
1943 AC_DEFINE(HAVE_INTXX_T)
1944 AC_MSG_RESULT(yes)
1945 ],
1946 [ AC_MSG_RESULT(no) ]
1947 )
1948fi
1949
bd590612 1950AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1951 AC_TRY_COMPILE(
1cbbe6c8 1952 [
1953#include <sys/types.h>
1954#ifdef HAVE_STDINT_H
1955# include <stdint.h>
1956#endif
1957#include <sys/socket.h>
1958#ifdef HAVE_SYS_BITYPES_H
1959# include <sys/bitypes.h>
1960#endif
aff51935 1961 ],
1962 [ int64_t a; a = 1;],
bd590612 1963 [ ac_cv_have_int64_t="yes" ],
1964 [ ac_cv_have_int64_t="no" ]
1965 )
1966])
1967if test "x$ac_cv_have_int64_t" = "xyes" ; then
1968 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1969fi
1970
58d100bf 1971AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1972 AC_TRY_COMPILE(
aff51935 1973 [ #include <sys/types.h> ],
1974 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1975 [ ac_cv_have_u_intxx_t="yes" ],
1976 [ ac_cv_have_u_intxx_t="no" ]
1977 )
1978])
1979if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1980 AC_DEFINE(HAVE_U_INTXX_T)
1981 have_u_intxx_t=1
1982fi
2b942fe0 1983
41cb4569 1984if test -z "$have_u_intxx_t" ; then
1985 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1986 AC_TRY_COMPILE(
aff51935 1987 [ #include <sys/socket.h> ],
1988 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1989 [
1990 AC_DEFINE(HAVE_U_INTXX_T)
1991 AC_MSG_RESULT(yes)
1992 ],
1993 [ AC_MSG_RESULT(no) ]
1994 )
1995fi
1996
bd590612 1997AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1998 AC_TRY_COMPILE(
aff51935 1999 [ #include <sys/types.h> ],
2000 [ u_int64_t a; a = 1;],
bd590612 2001 [ ac_cv_have_u_int64_t="yes" ],
2002 [ ac_cv_have_u_int64_t="no" ]
2003 )
2004])
2005if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2006 AC_DEFINE(HAVE_U_INT64_T)
2007 have_u_int64_t=1
2008fi
2009
ddceb1c8 2010if test -z "$have_u_int64_t" ; then
2011 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2012 AC_TRY_COMPILE(
aff51935 2013 [ #include <sys/bitypes.h> ],
ddceb1c8 2014 [ u_int64_t a; a = 1],
2015 [
2016 AC_DEFINE(HAVE_U_INT64_T)
2017 AC_MSG_RESULT(yes)
2018 ],
2019 [ AC_MSG_RESULT(no) ]
2020 )
2021fi
2022
41cb4569 2023if test -z "$have_u_intxx_t" ; then
2024 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2025 AC_TRY_COMPILE(
2026 [
2027#include <sys/types.h>
aff51935 2028 ],
2029 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2030 [ ac_cv_have_uintxx_t="yes" ],
2031 [ ac_cv_have_uintxx_t="no" ]
2032 )
2033 ])
2034 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2035 AC_DEFINE(HAVE_UINTXX_T)
2036 fi
2037fi
2038
2039if test -z "$have_uintxx_t" ; then
2040 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2041 AC_TRY_COMPILE(
aff51935 2042 [ #include <stdint.h> ],
2043 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2044 [
2045 AC_DEFINE(HAVE_UINTXX_T)
2046 AC_MSG_RESULT(yes)
2047 ],
2048 [ AC_MSG_RESULT(no) ]
2049 )
2050fi
2051
e5fe9a1f 2052if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2053 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2054then
2055 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2056 AC_TRY_COMPILE(
58d100bf 2057 [
2058#include <sys/bitypes.h>
aff51935 2059 ],
5cdfe03f 2060 [
837c30b8 2061 int8_t a; int16_t b; int32_t c;
2062 u_int8_t e; u_int16_t f; u_int32_t g;
2063 a = b = c = e = f = g = 1;
aff51935 2064 ],
5cdfe03f 2065 [
2066 AC_DEFINE(HAVE_U_INTXX_T)
2067 AC_DEFINE(HAVE_INTXX_T)
2068 AC_MSG_RESULT(yes)
2069 ],
2070 [AC_MSG_RESULT(no)]
aff51935 2071 )
5cdfe03f 2072fi
2073
0362750e 2074
2075AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2076 AC_TRY_COMPILE(
2077 [
2078#include <sys/types.h>
2079 ],
2080 [ u_char foo; foo = 125; ],
2081 [ ac_cv_have_u_char="yes" ],
2082 [ ac_cv_have_u_char="no" ]
2083 )
2084])
2085if test "x$ac_cv_have_u_char" = "xyes" ; then
2086 AC_DEFINE(HAVE_U_CHAR)
2087fi
2088
98a7c37b 2089TYPE_SOCKLEN_T
2b942fe0 2090
2d16d9a3 2091AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2092
777ece68 2093AC_CHECK_TYPES(in_addr_t,,,
2094[#include <sys/types.h>
2095#include <netinet/in.h>])
7b578f7d 2096
58d100bf 2097AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2098 AC_TRY_COMPILE(
2099 [
18ba2aab 2100#include <sys/types.h>
58d100bf 2101 ],
2102 [ size_t foo; foo = 1235; ],
2103 [ ac_cv_have_size_t="yes" ],
2104 [ ac_cv_have_size_t="no" ]
2105 )
2106])
2107if test "x$ac_cv_have_size_t" = "xyes" ; then
2108 AC_DEFINE(HAVE_SIZE_T)
2109fi
ea1970a3 2110
c04f75f1 2111AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2112 AC_TRY_COMPILE(
2113 [
2114#include <sys/types.h>
2115 ],
2116 [ ssize_t foo; foo = 1235; ],
2117 [ ac_cv_have_ssize_t="yes" ],
2118 [ ac_cv_have_ssize_t="no" ]
2119 )
2120])
2121if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2122 AC_DEFINE(HAVE_SSIZE_T)
2123fi
2124
f1c4659d 2125AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2126 AC_TRY_COMPILE(
2127 [
2128#include <time.h>
2129 ],
2130 [ clock_t foo; foo = 1235; ],
2131 [ ac_cv_have_clock_t="yes" ],
2132 [ ac_cv_have_clock_t="no" ]
2133 )
2134])
2135if test "x$ac_cv_have_clock_t" = "xyes" ; then
2136 AC_DEFINE(HAVE_CLOCK_T)
2137fi
2138
1c04b088 2139AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2140 AC_TRY_COMPILE(
2141 [
2142#include <sys/types.h>
2143#include <sys/socket.h>
2144 ],
2145 [ sa_family_t foo; foo = 1235; ],
2146 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2147 [ AC_TRY_COMPILE(
2148 [
2149#include <sys/types.h>
2150#include <sys/socket.h>
2151#include <netinet/in.h>
2152 ],
2153 [ sa_family_t foo; foo = 1235; ],
2154 [ ac_cv_have_sa_family_t="yes" ],
2155
1c04b088 2156 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2157 )]
1c04b088 2158 )
2159])
2160if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2161 AC_DEFINE(HAVE_SA_FAMILY_T)
2162fi
2163
729bfe59 2164AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2165 AC_TRY_COMPILE(
2166 [
2167#include <sys/types.h>
2168 ],
2169 [ pid_t foo; foo = 1235; ],
2170 [ ac_cv_have_pid_t="yes" ],
2171 [ ac_cv_have_pid_t="no" ]
2172 )
2173])
2174if test "x$ac_cv_have_pid_t" = "xyes" ; then
2175 AC_DEFINE(HAVE_PID_T)
2176fi
2177
2178AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2179 AC_TRY_COMPILE(
2180 [
2181#include <sys/types.h>
2182 ],
2183 [ mode_t foo; foo = 1235; ],
2184 [ ac_cv_have_mode_t="yes" ],
2185 [ ac_cv_have_mode_t="no" ]
2186 )
2187])
2188if test "x$ac_cv_have_mode_t" = "xyes" ; then
2189 AC_DEFINE(HAVE_MODE_T)
2190fi
2191
e3a93db0 2192
58d100bf 2193AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2194 AC_TRY_COMPILE(
2195 [
18ba2aab 2196#include <sys/types.h>
2197#include <sys/socket.h>
58d100bf 2198 ],
2199 [ struct sockaddr_storage s; ],
2200 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2201 [ ac_cv_have_struct_sockaddr_storage="no" ]
2202 )
2203])
2204if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2205 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
2206fi
48e671d5 2207
58d100bf 2208AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2209 AC_TRY_COMPILE(
2210 [
cbd7492e 2211#include <sys/types.h>
58d100bf 2212#include <netinet/in.h>
2213 ],
2214 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2215 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2216 [ ac_cv_have_struct_sockaddr_in6="no" ]
2217 )
2218])
2219if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2220 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
2221fi
48e671d5 2222
58d100bf 2223AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2224 AC_TRY_COMPILE(
2225 [
cbd7492e 2226#include <sys/types.h>
58d100bf 2227#include <netinet/in.h>
2228 ],
2229 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2230 [ ac_cv_have_struct_in6_addr="yes" ],
2231 [ ac_cv_have_struct_in6_addr="no" ]
2232 )
2233])
2234if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2235 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
2236fi
48e671d5 2237
58d100bf 2238AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2239 AC_TRY_COMPILE(
2240 [
18ba2aab 2241#include <sys/types.h>
2242#include <sys/socket.h>
2243#include <netdb.h>
58d100bf 2244 ],
2245 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2246 [ ac_cv_have_struct_addrinfo="yes" ],
2247 [ ac_cv_have_struct_addrinfo="no" ]
2248 )
2249])
2250if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2251 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2252fi
2253
89c7e31c 2254AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2255 AC_TRY_COMPILE(
aff51935 2256 [ #include <sys/time.h> ],
2257 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2258 [ ac_cv_have_struct_timeval="yes" ],
2259 [ ac_cv_have_struct_timeval="no" ]
2260 )
2261])
2262if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2263 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2264 have_struct_timeval=1
2265fi
2266
5271b55c 2267AC_CHECK_TYPES(struct timespec)
2268
85abc74b 2269# We need int64_t or else certian parts of the compile will fail.
4b492aab 2270if test "x$ac_cv_have_int64_t" = "xno" && \
2271 test "x$ac_cv_sizeof_long_int" != "x8" && \
2272 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2273 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2274 echo "an alternative compiler (I.E., GCC) before continuing."
2275 echo ""
2276 exit 1;
733cf7f4 2277else
2278dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2279 AC_RUN_IFELSE(
479cece8 2280 [AC_LANG_SOURCE([[
733cf7f4 2281#include <stdio.h>
2282#include <string.h>
2283#ifdef HAVE_SNPRINTF
2284main()
2285{
2286 char buf[50];
2287 char expected_out[50];
2288 int mazsize = 50 ;
2289#if (SIZEOF_LONG_INT == 8)
2290 long int num = 0x7fffffffffffffff;
2291#else
763a1a18 2292 long long num = 0x7fffffffffffffffll;
733cf7f4 2293#endif
2294 strcpy(expected_out, "9223372036854775807");
2295 snprintf(buf, mazsize, "%lld", num);
2296 if(strcmp(buf, expected_out) != 0)
aff51935 2297 exit(1);
733cf7f4 2298 exit(0);
2299}
2300#else
2301main() { exit(0); }
2302#endif
479cece8 2303 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2304 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2305 )
2c523de9 2306fi
2307
77bb0bca 2308dnl Checks for structure members
58d100bf 2309OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2310OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2311OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2312OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2313OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2314OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2315OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2316OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2317OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2318OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2319OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2320OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2321OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2322OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2323OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2324OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2325OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2326
2327AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2328
58d100bf 2329AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2330 ac_cv_have_ss_family_in_struct_ss, [
2331 AC_TRY_COMPILE(
2332 [
18ba2aab 2333#include <sys/types.h>
2334#include <sys/socket.h>
58d100bf 2335 ],
2336 [ struct sockaddr_storage s; s.ss_family = 1; ],
2337 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2338 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2339 )
2340])
2341if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2342 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2343fi
2344
58d100bf 2345AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2346 ac_cv_have___ss_family_in_struct_ss, [
2347 AC_TRY_COMPILE(
2348 [
18ba2aab 2349#include <sys/types.h>
2350#include <sys/socket.h>
58d100bf 2351 ],
2352 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2353 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2354 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2355 )
2356])
2357if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2358 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2359fi
2360
2e73a022 2361AC_CACHE_CHECK([for pw_class field in struct passwd],
2362 ac_cv_have_pw_class_in_struct_passwd, [
2363 AC_TRY_COMPILE(
2364 [
2e73a022 2365#include <pwd.h>
2366 ],
97994d32 2367 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2368 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2369 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2370 )
2371])
2372if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2373 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2374fi
2375
7751d4eb 2376AC_CACHE_CHECK([for pw_expire field in struct passwd],
2377 ac_cv_have_pw_expire_in_struct_passwd, [
2378 AC_TRY_COMPILE(
2379 [
2380#include <pwd.h>
2381 ],
2382 [ struct passwd p; p.pw_expire = 0; ],
2383 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2384 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2385 )
2386])
2387if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2388 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2389fi
2390
2391AC_CACHE_CHECK([for pw_change field in struct passwd],
2392 ac_cv_have_pw_change_in_struct_passwd, [
2393 AC_TRY_COMPILE(
2394 [
2395#include <pwd.h>
2396 ],
2397 [ struct passwd p; p.pw_change = 0; ],
2398 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2399 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2400 )
2401])
2402if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2403 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2404fi
58d100bf 2405
637f9177 2406dnl make sure we're using the real structure members and not defines
6f34652e 2407AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2408 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2409 AC_COMPILE_IFELSE(
6f34652e 2410 [
f95c8ce8 2411#include <sys/types.h>
6f34652e 2412#include <sys/socket.h>
2413#include <sys/uio.h>
637f9177 2414int main() {
2415#ifdef msg_accrights
1a01a50c 2416#error "msg_accrights is a macro"
637f9177 2417exit(1);
2418#endif
2419struct msghdr m;
2420m.msg_accrights = 0;
2421exit(0);
2422}
6f34652e 2423 ],
6f34652e 2424 [ ac_cv_have_accrights_in_msghdr="yes" ],
2425 [ ac_cv_have_accrights_in_msghdr="no" ]
2426 )
2427])
2428if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2429 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2430fi
2431
7176df4f 2432AC_CACHE_CHECK([for msg_control field in struct msghdr],
2433 ac_cv_have_control_in_msghdr, [
1a01a50c 2434 AC_COMPILE_IFELSE(
7176df4f 2435 [
f95c8ce8 2436#include <sys/types.h>
7176df4f 2437#include <sys/socket.h>
2438#include <sys/uio.h>
637f9177 2439int main() {
2440#ifdef msg_control
1a01a50c 2441#error "msg_control is a macro"
637f9177 2442exit(1);
2443#endif
2444struct msghdr m;
2445m.msg_control = 0;
2446exit(0);
2447}
7176df4f 2448 ],
7176df4f 2449 [ ac_cv_have_control_in_msghdr="yes" ],
2450 [ ac_cv_have_control_in_msghdr="no" ]
2451 )
2452])
2453if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2454 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2455fi
2456
58d100bf 2457AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2458 AC_TRY_LINK([],
2459 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2460 [ ac_cv_libc_defines___progname="yes" ],
2461 [ ac_cv_libc_defines___progname="no" ]
2462 )
2463])
2464if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2465 AC_DEFINE(HAVE___PROGNAME)
2466fi
8946db53 2467
c921ee00 2468AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2469 AC_TRY_LINK([
2470#include <stdio.h>
aff51935 2471],
2472 [ printf("%s", __FUNCTION__); ],
c921ee00 2473 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2474 [ ac_cv_cc_implements___FUNCTION__="no" ]
2475 )
2476])
2477if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2478 AC_DEFINE(HAVE___FUNCTION__)
2479fi
2480
2481AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2482 AC_TRY_LINK([
2483#include <stdio.h>
aff51935 2484],
2485 [ printf("%s", __func__); ],
c921ee00 2486 [ ac_cv_cc_implements___func__="yes" ],
2487 [ ac_cv_cc_implements___func__="no" ]
2488 )
2489])
2490if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2491 AC_DEFINE(HAVE___func__)
2492fi
2493
1812a662 2494AC_CACHE_CHECK([whether getopt has optreset support],
2495 ac_cv_have_getopt_optreset, [
2496 AC_TRY_LINK(
2497 [
2498#include <getopt.h>
2499 ],
2500 [ extern int optreset; optreset = 0; ],
2501 [ ac_cv_have_getopt_optreset="yes" ],
2502 [ ac_cv_have_getopt_optreset="no" ]
2503 )
2504])
2505if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2506 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2507fi
a0391976 2508
819b676f 2509AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2510 AC_TRY_LINK([],
2511 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2512 [ ac_cv_libc_defines_sys_errlist="yes" ],
2513 [ ac_cv_libc_defines_sys_errlist="no" ]
2514 )
2515])
2516if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2517 AC_DEFINE(HAVE_SYS_ERRLIST)
2518fi
2519
2520
416ed5a7 2521AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2522 AC_TRY_LINK([],
2523 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2524 [ ac_cv_libc_defines_sys_nerr="yes" ],
2525 [ ac_cv_libc_defines_sys_nerr="no" ]
2526 )
2527])
2528if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2529 AC_DEFINE(HAVE_SYS_NERR)
2530fi
2531
aff51935 2532SCARD_MSG="no"
295c8801 2533# Check whether user wants sectok support
2534AC_ARG_WITH(sectok,
2535 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2536 [
2537 if test "x$withval" != "xno" ; then
2538 if test "x$withval" != "xyes" ; then
2539 CPPFLAGS="$CPPFLAGS -I${withval}"
2540 LDFLAGS="$LDFLAGS -L${withval}"
2541 if test ! -z "$need_dash_r" ; then
2542 LDFLAGS="$LDFLAGS -R${withval}"
2543 fi
2544 if test ! -z "$blibpath" ; then
2545 blibpath="$blibpath:${withval}"
2546 fi
2547 fi
2548 AC_CHECK_HEADERS(sectok.h)
2549 if test "$ac_cv_header_sectok_h" != yes; then
2550 AC_MSG_ERROR(Can't find sectok.h)
2551 fi
2552 AC_CHECK_LIB(sectok, sectok_open)
2553 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2554 AC_MSG_ERROR(Can't find libsectok)
2555 fi
2556 AC_DEFINE(SMARTCARD)
295c8801 2557 AC_DEFINE(USE_SECTOK)
aff51935 2558 SCARD_MSG="yes, using sectok"
295c8801 2559 fi
2560 ]
2561)
2562
2563# Check whether user wants OpenSC support
987b458f 2564OPENSC_CONFIG="no"
295c8801 2565AC_ARG_WITH(opensc,
987b458f 2566 [--with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
2567 [
2568 if test "x$withval" != "xno" ; then
2569 if test "x$withval" != "xyes" ; then
2570 OPENSC_CONFIG=$withval/bin/opensc-config
2571 else
2572 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2573 fi
2574 if test "$OPENSC_CONFIG" != "no"; then
2575 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2576 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2577 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2578 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2579 AC_DEFINE(SMARTCARD)
2580 AC_DEFINE(USE_OPENSC)
2581 SCARD_MSG="yes, using OpenSC"
2582 fi
2583 fi
2584 ]
2585)
d0b19c95 2586
c31dc31c 2587# Check libraries needed by DNS fingerprint support
aff51935 2588AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2589 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2590 [
c31dc31c 2591 # Needed by our getrrsetbyname()
2592 AC_SEARCH_LIBS(res_query, resolv)
2593 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2594 AC_MSG_CHECKING(if res_query will link)
2595 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2596 [AC_MSG_RESULT(no)
2597 saved_LIBS="$LIBS"
2598 LIBS="$LIBS -lresolv"
2599 AC_MSG_CHECKING(for res_query in -lresolv)
2600 AC_LINK_IFELSE([
2601#include <resolv.h>
2602int main()
2603{
2604 res_query (0, 0, 0, 0, 0);
2605 return 0;
2606}
2607 ],
2608 [LIBS="$LIBS -lresolv"
2609 AC_MSG_RESULT(yes)],
2610 [LIBS="$saved_LIBS"
2611 AC_MSG_RESULT(no)])
2612 ])
c31dc31c 2613 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 2614 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 2615 [#include <sys/types.h>
2616 #include <arpa/nameser.h>])
c31dc31c 2617 AC_CHECK_MEMBER(HEADER.ad,
2618 [AC_DEFINE(HAVE_HEADER_AD)],,
2619 [#include <arpa/nameser.h>])
2620 ])
3e05e934 2621
12928e80 2622# Check whether user wants Kerberos 5 support
aff51935 2623KRB5_MSG="no"
12928e80 2624AC_ARG_WITH(kerberos5,
aff51935 2625 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2626 [ if test "x$withval" != "xno" ; then
2627 if test "x$withval" = "xyes" ; then
2628 KRB5ROOT="/usr/local"
2629 else
2630 KRB5ROOT=${withval}
2631 fi
2632
2633 AC_DEFINE(KRB5)
2634 KRB5_MSG="yes"
2635
2636 AC_MSG_CHECKING(for krb5-config)
2637 if test -x $KRB5ROOT/bin/krb5-config ; then
2638 KRB5CONF=$KRB5ROOT/bin/krb5-config
2639 AC_MSG_RESULT($KRB5CONF)
2640
2641 AC_MSG_CHECKING(for gssapi support)
2642 if $KRB5CONF | grep gssapi >/dev/null ; then
2643 AC_MSG_RESULT(yes)
071970fb 2644 AC_DEFINE(GSSAPI)
2645 k5confopts=gssapi
aff51935 2646 else
5585c441 2647 AC_MSG_RESULT(no)
071970fb 2648 k5confopts=""
aff51935 2649 fi
071970fb 2650 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2651 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2652 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2653 AC_MSG_CHECKING(whether we are using Heimdal)
2654 AC_TRY_COMPILE([ #include <krb5.h> ],
2655 [ char *tmp = heimdal_version; ],
2656 [ AC_MSG_RESULT(yes)
2657 AC_DEFINE(HEIMDAL) ],
2658 AC_MSG_RESULT(no)
2659 )
2660 else
2661 AC_MSG_RESULT(no)
12928e80 2662 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2663 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2664 AC_MSG_CHECKING(whether we are using Heimdal)
2665 AC_TRY_COMPILE([ #include <krb5.h> ],
2666 [ char *tmp = heimdal_version; ],
2667 [ AC_MSG_RESULT(yes)
2668 AC_DEFINE(HEIMDAL)
41707f74 2669 K5LIBS="-lkrb5 -ldes"
2670 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 2671 AC_CHECK_LIB(roken, net_write,
41707f74 2672 [K5LIBS="$K5LIBS -lroken"])
aff51935 2673 ],
2674 [ AC_MSG_RESULT(no)
2675 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2676 ]
2677 )
4e00038c 2678 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2679
749560dd 2680 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2681 [ AC_DEFINE(GSSAPI)
2682 K5LIBS="-lgssapi $K5LIBS" ],
2683 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2684 [ AC_DEFINE(GSSAPI)
aff51935 2685 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2686 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2687 $K5LIBS)
2688 ],
2689 $K5LIBS)
82f4e93d 2690
749560dd 2691 AC_CHECK_HEADER(gssapi.h, ,
2692 [ unset ac_cv_header_gssapi_h
aff51935 2693 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2694 AC_CHECK_HEADERS(gssapi.h, ,
2695 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2696 )
749560dd 2697 ]
2698 )
2699
2700 oldCPP="$CPPFLAGS"
2701 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2702 AC_CHECK_HEADER(gssapi_krb5.h, ,
2703 [ CPPFLAGS="$oldCPP" ])
2704
aff51935 2705 fi
5585c441 2706 if test ! -z "$need_dash_r" ; then
2707 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2708 fi
2709 if test ! -z "$blibpath" ; then
2710 blibpath="$blibpath:${KRB5ROOT}/lib"
2711 fi
071970fb 2712 fi
2713
2714 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2715 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2716 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2717
2718 LIBS="$LIBS $K5LIBS"
2719 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
2720 ]
12928e80 2721)
b5b68128 2722
a0391976 2723# Looking for programs, paths and files
a0391976 2724
ecac8ee5 2725PRIVSEP_PATH=/var/empty
2726AC_ARG_WITH(privsep-path,
cda1ebcb 2727 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2728 [
6cf0200f 2729 if test -n "$withval" && test "x$withval" != "xno" && \
2730 test "x${withval}" != "xyes"; then
ecac8ee5 2731 PRIVSEP_PATH=$withval
2732 fi
2733 ]
2734)
2735AC_SUBST(PRIVSEP_PATH)
2736
a0391976 2737AC_ARG_WITH(xauth,
2738 [ --with-xauth=PATH Specify path to xauth program ],
2739 [
6cf0200f 2740 if test -n "$withval" && test "x$withval" != "xno" && \
2741 test "x${withval}" != "xyes"; then
cbd7492e 2742 xauth_path=$withval
a0391976 2743 fi
2744 ],
2745 [
2bf42e4a 2746 TestPath="$PATH"
2747 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2748 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2749 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2750 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2751 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2752 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2753 xauth_path="/usr/openwin/bin/xauth"
2754 fi
2755 ]
2756)
2757
65a4b4af 2758STRIP_OPT=-s
2759AC_ARG_ENABLE(strip,
2760 [ --disable-strip Disable calling strip(1) on install],
2761 [
2762 if test "x$enableval" = "xno" ; then
2763 STRIP_OPT=
2764 fi
2765 ]
2766)
2767AC_SUBST(STRIP_OPT)
2768
b3ec54b4 2769if test -z "$xauth_path" ; then
2770 XAUTH_PATH="undefined"
2771 AC_SUBST(XAUTH_PATH)
2772else
a0391976 2773 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2774 XAUTH_PATH=$xauth_path
2775 AC_SUBST(XAUTH_PATH)
a0391976 2776fi
a0391976 2777
2778# Check for mail directory (last resort if we cannot get it from headers)
2779if test ! -z "$MAIL" ; then
2780 maildir=`dirname $MAIL`
2781 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2782fi
2783
479cece8 2784if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2785 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2786 disable_ptmx_check=yes
2787fi
a0391976 2788if test -z "$no_dev_ptmx" ; then
6e879cb4 2789 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2790 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2791 [
2792 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2793 have_dev_ptmx=1
2794 ]
2795 )
2796 fi
3276571c 2797fi
1a01a50c 2798
479cece8 2799if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2800 AC_CHECK_FILE("/dev/ptc",
2801 [
2802 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2803 have_dev_ptc=1
2804 ]
2805 )
2806else
2807 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2808fi
3276571c 2809
a0391976 2810# Options from here on. Some of these are preset by platform above
fdf6b7aa 2811AC_ARG_WITH(mantype,
5d97cfbf 2812 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2813 [
5d97cfbf 2814 case "$withval" in
2815 man|cat|doc)
2816 MANTYPE=$withval
2817 ;;
2818 *)
2819 AC_MSG_ERROR(invalid man type: $withval)
2820 ;;
2821 esac
c54a6257 2822 ]
2823)
e0c4d3ac 2824if test -z "$MANTYPE"; then
2bf42e4a 2825 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2826 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2827 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2828 MANTYPE=doc
2829 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2830 MANTYPE=man
2831 else
2832 MANTYPE=cat
2833 fi
2834fi
c54a6257 2835AC_SUBST(MANTYPE)
e0c4d3ac 2836if test "$MANTYPE" = "doc"; then
2837 mansubdir=man;
2838else
2839 mansubdir=$MANTYPE;
2840fi
2841AC_SUBST(mansubdir)
0bc5b6fb 2842
a0391976 2843# Check whether to enable MD5 passwords
aff51935 2844MD5_MSG="no"
2ddcfdf3 2845AC_ARG_WITH(md5-passwords,
caf3bc51 2846 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2847 [
bcf36c78 2848 if test "x$withval" != "xno" ; then
0bc5b6fb 2849 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2850 MD5_MSG="yes"
0bc5b6fb 2851 fi
2852 ]
caf3bc51 2853)
2854
a0391976 2855# Whether to disable shadow password support
a7effaac 2856AC_ARG_WITH(shadow,
2857 [ --without-shadow Disable shadow password support],
2858 [
82f4e93d 2859 if test "x$withval" = "xno" ; then
a7effaac 2860 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2861 disable_shadow=yes
a7effaac 2862 fi
2863 ]
2864)
2865
4cb5ffa0 2866if test -z "$disable_shadow" ; then
2867 AC_MSG_CHECKING([if the systems has expire shadow information])
2868 AC_TRY_COMPILE(
2869 [
2870#include <sys/types.h>
2871#include <shadow.h>
2872 struct spwd sp;
2873 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2874 [ sp_expire_available=yes ], []
2875 )
2876
2877 if test "x$sp_expire_available" = "xyes" ; then
2878 AC_MSG_RESULT(yes)
2879 AC_DEFINE(HAS_SHADOW_EXPIRE)
2880 else
2881 AC_MSG_RESULT(no)
2882 fi
2883fi
2884
a0391976 2885# Use ip address instead of hostname in $DISPLAY
44839801 2886if test ! -z "$IPADDR_IN_DISPLAY" ; then
2887 DISPLAY_HACK_MSG="yes"
2888 AC_DEFINE(IPADDR_IN_DISPLAY)
2889else
aff51935 2890 DISPLAY_HACK_MSG="no"
44839801 2891 AC_ARG_WITH(ipaddr-display,
2892 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2893 [
82f4e93d 2894 if test "x$withval" != "xno" ; then
44839801 2895 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2896 DISPLAY_HACK_MSG="yes"
44839801 2897 fi
2898 ]
2899 )
2900fi
a7effaac 2901
95b99395 2902# check for /etc/default/login and use it if present.
daa41e62 2903AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2904 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2905 [ if test "x$enableval" = "xno"; then
2906 AC_MSG_NOTICE([/etc/default/login handling disabled])
2907 etc_default_login=no
2908 else
2909 etc_default_login=yes
2910 fi ],
2911 [ etc_default_login=yes ]
2912)
95b99395 2913
694d0cef 2914if test "x$etc_default_login" != "xno"; then
2915 AC_CHECK_FILE("/etc/default/login",
2916 [ external_path_file=/etc/default/login ])
479cece8 2917 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2918 then
1a01a50c 2919 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2920 elif test "x$external_path_file" = "x/etc/default/login"; then
2921 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2922 fi
694d0cef 2923fi
95b99395 2924
8d184c09 2925dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 2926if test $ac_cv_func_login_getcapbool = "yes" && \
2927 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2928 external_path_file=/etc/login.conf
8d184c09 2929fi
95b99395 2930
a0391976 2931# Whether to mess with the default path
aff51935 2932SERVER_PATH_MSG="(default)"
c43d69a9 2933AC_ARG_WITH(default-path,
75817f90 2934 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2935 [
95b99395 2936 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2937 AC_MSG_WARN([
2938--with-default-path=PATH has no effect on this system.
2939Edit /etc/login.conf instead.])
82f4e93d 2940 elif test "x$withval" != "xno" ; then
89bbd457 2941 if test ! -z "$external_path_file" ; then
95b99395 2942 AC_MSG_WARN([
2943--with-default-path=PATH will only be used if PATH is not defined in
2944$external_path_file .])
2945 fi
b2d818e6 2946 user_path="$withval"
aff51935 2947 SERVER_PATH_MSG="$withval"
cb807f40 2948 fi
b2d818e6 2949 ],
95b99395 2950 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2951 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2952 else
89bbd457 2953 if test ! -z "$external_path_file" ; then
95b99395 2954 AC_MSG_WARN([
2955If PATH is defined in $external_path_file, ensure the path to scp is included,
2956otherwise scp will not work.])
2957 fi
2958 AC_TRY_RUN(
2959 [
b2d818e6 2960/* find out what STDPATH is */
2961#include <stdio.h>
b2d818e6 2962#ifdef HAVE_PATHS_H
2963# include <paths.h>
2964#endif
2965#ifndef _PATH_STDPATH
d9a4e55b 2966# ifdef _PATH_USERPATH /* Irix */
2967# define _PATH_STDPATH _PATH_USERPATH
2968# else
2969# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2970# endif
b2d818e6 2971#endif
2972#include <sys/types.h>
2973#include <sys/stat.h>
2974#include <fcntl.h>
2975#define DATA "conftest.stdpath"
2976
2977main()
2978{
2979 FILE *fd;
2980 int rc;
82f4e93d 2981
b2d818e6 2982 fd = fopen(DATA,"w");
2983 if(fd == NULL)
2984 exit(1);
82f4e93d 2985
b2d818e6 2986 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2987 exit(1);
2988
2989 exit(0);
2990}
2991 ], [ user_path=`cat conftest.stdpath` ],
2992 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2993 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2994 )
2995# make sure $bindir is in USER_PATH so scp will work
2996 t_bindir=`eval echo ${bindir}`
2997 case $t_bindir in
2998 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2999 esac
3000 case $t_bindir in
3001 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3002 esac
3003 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3004 if test $? -ne 0 ; then
3005 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3006 if test $? -ne 0 ; then
3007 user_path=$user_path:$t_bindir
3008 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3009 fi
3010 fi
8d184c09 3011 fi ]
cb807f40 3012)
95b99395 3013if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 3014 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
3015 AC_SUBST(user_path)
3016fi
cb807f40 3017
06617857 3018# Set superuser path separately to user path
06617857 3019AC_ARG_WITH(superuser-path,
3020 [ --with-superuser-path= Specify different path for super-user],
3021 [
6cf0200f 3022 if test -n "$withval" && test "x$withval" != "xno" && \
3023 test "x${withval}" != "xyes"; then
06617857 3024 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
3025 superuser_path=$withval
3026 fi
3027 ]
3028)
3029
3030
58d100bf 3031AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3032IPV4_IN6_HACK_MSG="no"
80faa19f 3033AC_ARG_WITH(4in6,
3034 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3035 [
3036 if test "x$withval" != "xno" ; then
3037 AC_MSG_RESULT(yes)
3038 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3039 IPV4_IN6_HACK_MSG="yes"
80faa19f 3040 else
3041 AC_MSG_RESULT(no)
3042 fi
3043 ],[
3044 if test "x$inet6_default_4in6" = "xyes"; then
3045 AC_MSG_RESULT([yes (default)])
3046 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3047 IPV4_IN6_HACK_MSG="yes"
80faa19f 3048 else
3049 AC_MSG_RESULT([no (default)])
3050 fi
3051 ]
3052)
3053
af774732 3054# Whether to enable BSD auth support
f1b0ecc3 3055BSD_AUTH_MSG=no
af774732 3056AC_ARG_WITH(bsd-auth,
3057 [ --with-bsd-auth Enable BSD auth support],
3058 [
82f4e93d 3059 if test "x$withval" != "xno" ; then
af774732 3060 AC_DEFINE(BSD_AUTH)
f1b0ecc3 3061 BSD_AUTH_MSG=yes
af774732 3062 fi
3063 ]
3064)
3065
a0391976 3066# Where to place sshd.pid
19d9ac2a 3067piddir=/var/run
81dadca3 3068# make sure the directory exists
82f4e93d 3069if test ! -d $piddir ; then
81dadca3 3070 piddir=`eval echo ${sysconfdir}`
3071 case $piddir in
aff51935 3072 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3073 esac
3074fi
3075
47e45e44 3076AC_ARG_WITH(pid-dir,
3077 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3078 [
6cf0200f 3079 if test -n "$withval" && test "x$withval" != "xno" && \
3080 test "x${withval}" != "xyes"; then
19d9ac2a 3081 piddir=$withval
82f4e93d 3082 if test ! -d $piddir ; then
81dadca3 3083 AC_MSG_WARN([** no $piddir directory on this system **])
3084 fi
47e45e44 3085 fi
3086 ]
3087)
b7a87eea 3088
42f11eb2 3089AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 3090AC_SUBST(piddir)
47e45e44 3091
1d7b9b20 3092dnl allow user to disable some login recording features
3093AC_ARG_ENABLE(lastlog,
bfd550a2 3094 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3095 [
3096 if test "x$enableval" = "xno" ; then
3097 AC_DEFINE(DISABLE_LASTLOG)
3098 fi
3099 ]
1d7b9b20 3100)
3101AC_ARG_ENABLE(utmp,
bfd550a2 3102 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3103 [
3104 if test "x$enableval" = "xno" ; then
3105 AC_DEFINE(DISABLE_UTMP)
3106 fi
3107 ]
1d7b9b20 3108)
3109AC_ARG_ENABLE(utmpx,
bfd550a2 3110 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3111 [
3112 if test "x$enableval" = "xno" ; then
3113 AC_DEFINE(DISABLE_UTMPX)
3114 fi
3115 ]
1d7b9b20 3116)
3117AC_ARG_ENABLE(wtmp,
bfd550a2 3118 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3119 [
3120 if test "x$enableval" = "xno" ; then
3121 AC_DEFINE(DISABLE_WTMP)
3122 fi
3123 ]
1d7b9b20 3124)
3125AC_ARG_ENABLE(wtmpx,
bfd550a2 3126 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3127 [
3128 if test "x$enableval" = "xno" ; then
3129 AC_DEFINE(DISABLE_WTMPX)
3130 fi
3131 ]
1d7b9b20 3132)
3133AC_ARG_ENABLE(libutil,
bfd550a2 3134 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3135 [
3136 if test "x$enableval" = "xno" ; then
3137 AC_DEFINE(DISABLE_LOGIN)
3138 fi
3139 ]
1d7b9b20 3140)
3141AC_ARG_ENABLE(pututline,
bfd550a2 3142 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3143 [
3144 if test "x$enableval" = "xno" ; then
aff51935 3145 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 3146 fi
3147 ]
1d7b9b20 3148)
3149AC_ARG_ENABLE(pututxline,
bfd550a2 3150 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3151 [
3152 if test "x$enableval" = "xno" ; then
3153 AC_DEFINE(DISABLE_PUTUTXLINE)
3154 fi
3155 ]
1d7b9b20 3156)
3157AC_ARG_WITH(lastlog,
bfd550a2 3158 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3159 [
82f4e93d 3160 if test "x$withval" = "xno" ; then
8c89dd2b 3161 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3162 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3163 conf_lastlog_location=$withval
3164 fi
3165 ]
3166)
1d7b9b20 3167
3168dnl lastlog, [uw]tmpx? detection
3169dnl NOTE: set the paths in the platform section to avoid the
3170dnl need for command-line parameters
3171dnl lastlog and [uw]tmp are subject to a file search if all else fails
3172
3173dnl lastlog detection
3174dnl NOTE: the code itself will detect if lastlog is a directory
3175AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3176AC_TRY_COMPILE([
3177#include <sys/types.h>
3178#include <utmp.h>
3179#ifdef HAVE_LASTLOG_H
3180# include <lastlog.h>
3181#endif
d7c0f3d5 3182#ifdef HAVE_PATHS_H
1d7b9b20 3183# include <paths.h>
41cb4569 3184#endif
3185#ifdef HAVE_LOGIN_H
3186# include <login.h>
1d7b9b20 3187#endif
3188 ],
3189 [ char *lastlog = LASTLOG_FILE; ],
3190 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3191 [
3192 AC_MSG_RESULT(no)
3193 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3194 AC_TRY_COMPILE([
3195#include <sys/types.h>
3196#include <utmp.h>
3197#ifdef HAVE_LASTLOG_H
3198# include <lastlog.h>
3199#endif
3200#ifdef HAVE_PATHS_H
3201# include <paths.h>
3202#endif
3203 ],
3204 [ char *lastlog = _PATH_LASTLOG; ],
3205 [ AC_MSG_RESULT(yes) ],
3206 [
f282b668 3207 AC_MSG_RESULT(no)
d7c0f3d5 3208 system_lastlog_path=no
3209 ])
3210 ]
1d7b9b20 3211)
d7c0f3d5 3212
1d7b9b20 3213if test -z "$conf_lastlog_location"; then
3214 if test x"$system_lastlog_path" = x"no" ; then
3215 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3216 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3217 conf_lastlog_location=$f
3218 fi
3219 done
3220 if test -z "$conf_lastlog_location"; then
f8119cef 3221 AC_MSG_WARN([** Cannot find lastlog **])
3222 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3223 fi
3224 fi
3225fi
3226
3227if test -n "$conf_lastlog_location"; then
3228 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
82f4e93d 3229fi
1d7b9b20 3230
3231dnl utmp detection
3232AC_MSG_CHECKING([if your system defines UTMP_FILE])
3233AC_TRY_COMPILE([
3234#include <sys/types.h>
3235#include <utmp.h>
d7c0f3d5 3236#ifdef HAVE_PATHS_H
1d7b9b20 3237# include <paths.h>
3238#endif
3239 ],
3240 [ char *utmp = UTMP_FILE; ],
3241 [ AC_MSG_RESULT(yes) ],
3242 [ AC_MSG_RESULT(no)
3243 system_utmp_path=no ]
3244)
3245if test -z "$conf_utmp_location"; then
3246 if test x"$system_utmp_path" = x"no" ; then
3247 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3248 if test -f $f ; then
3249 conf_utmp_location=$f
3250 fi
3251 done
3252 if test -z "$conf_utmp_location"; then
3253 AC_DEFINE(DISABLE_UTMP)
3254 fi
3255 fi
3256fi
3257if test -n "$conf_utmp_location"; then
3258 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
82f4e93d 3259fi
1d7b9b20 3260
3261dnl wtmp detection
3262AC_MSG_CHECKING([if your system defines WTMP_FILE])
3263AC_TRY_COMPILE([
3264#include <sys/types.h>
3265#include <utmp.h>
d7c0f3d5 3266#ifdef HAVE_PATHS_H
1d7b9b20 3267# include <paths.h>
3268#endif
3269 ],
3270 [ char *wtmp = WTMP_FILE; ],
3271 [ AC_MSG_RESULT(yes) ],
3272 [ AC_MSG_RESULT(no)
3273 system_wtmp_path=no ]
3274)
3275if test -z "$conf_wtmp_location"; then
3276 if test x"$system_wtmp_path" = x"no" ; then
3277 for f in /usr/adm/wtmp /var/log/wtmp; do
3278 if test -f $f ; then
3279 conf_wtmp_location=$f
3280 fi
3281 done
3282 if test -z "$conf_wtmp_location"; then
3283 AC_DEFINE(DISABLE_WTMP)
3284 fi
3285 fi
3286fi
3287if test -n "$conf_wtmp_location"; then
3288 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
82f4e93d 3289fi
1d7b9b20 3290
3291
3292dnl utmpx detection - I don't know any system so perverse as to require
3293dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3294dnl there, though.
3295AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3296AC_TRY_COMPILE([
3297#include <sys/types.h>
3298#include <utmp.h>
3299#ifdef HAVE_UTMPX_H
3300#include <utmpx.h>
3301#endif
d7c0f3d5 3302#ifdef HAVE_PATHS_H
1d7b9b20 3303# include <paths.h>
3304#endif
3305 ],
3306 [ char *utmpx = UTMPX_FILE; ],
3307 [ AC_MSG_RESULT(yes) ],
3308 [ AC_MSG_RESULT(no)
3309 system_utmpx_path=no ]
3310)
3311if test -z "$conf_utmpx_location"; then
3312 if test x"$system_utmpx_path" = x"no" ; then
3313 AC_DEFINE(DISABLE_UTMPX)
3314 fi
3315else
3316 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
82f4e93d 3317fi
1d7b9b20 3318
3319dnl wtmpx detection
3320AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3321AC_TRY_COMPILE([
3322#include <sys/types.h>
3323#include <utmp.h>
3324#ifdef HAVE_UTMPX_H
3325#include <utmpx.h>
3326#endif
d7c0f3d5 3327#ifdef HAVE_PATHS_H
1d7b9b20 3328# include <paths.h>
3329#endif
3330 ],
3331 [ char *wtmpx = WTMPX_FILE; ],
3332 [ AC_MSG_RESULT(yes) ],
3333 [ AC_MSG_RESULT(no)
3334 system_wtmpx_path=no ]
3335)
3336if test -z "$conf_wtmpx_location"; then
3337 if test x"$system_wtmpx_path" = x"no" ; then
3338 AC_DEFINE(DISABLE_WTMPX)
3339 fi
3340else
3341 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
82f4e93d 3342fi
1d7b9b20 3343
b7a87eea 3344
bd499f9e 3345if test ! -z "$blibpath" ; then
68ece370 3346 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3347 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3348fi
3349
ddceb1c8 3350dnl remove pam and dl because they are in $LIBPAM
3351if test "$PAM_MSG" = yes ; then
98f2d9d5 3352 LIBS=`echo $LIBS | sed 's/-lpam //'`
3353fi
3354if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3355 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3356fi
3357
3c62e7eb 3358AC_EXEEXT
d7cfdd7c 3359AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3360 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3361AC_OUTPUT
d3083fbd 3362
cbd7492e 3363# Print summary of options
3364
cbd7492e 3365# Someone please show me a better way :)
3366A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3367B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3368C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3369D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3370E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3371F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3372G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3373H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3374I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3375J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3376
3377echo ""
26de7942 3378echo "OpenSSH has been configured with the following options:"
ecac8ee5 3379echo " User binaries: $B"
3380echo " System binaries: $C"
3381echo " Configuration files: $D"
3382echo " Askpass program: $E"
3383echo " Manual pages: $F"
3384echo " PID file: $G"
3385echo " Privilege separation chroot path: $H"
95b99395 3386if test "x$external_path_file" = "x/etc/login.conf" ; then
3387echo " At runtime, sshd will use the path defined in $external_path_file"
3388echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3389else
ecac8ee5 3390echo " sshd default user PATH: $I"
89bbd457 3391 if test ! -z "$external_path_file"; then
95b99395 3392echo " (If PATH is set in $external_path_file it will be used instead. If"
3393echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3394 fi
8d184c09 3395fi
06617857 3396if test ! -z "$superuser_path" ; then
ecac8ee5 3397echo " sshd superuser user PATH: $J"
3398fi
3399echo " Manpage format: $MANTYPE"
3e05e934 3400echo " PAM support: $PAM_MSG"
ecac8ee5 3401echo " KerberosV support: $KRB5_MSG"
3402echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3403echo " S/KEY support: $SKEY_MSG"
3404echo " TCP Wrappers support: $TCPW_MSG"
3405echo " MD5 password support: $MD5_MSG"
59031773 3406echo " libedit support: $LIBEDIT_MSG"
3deb1408 3407echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3408echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3409echo " BSD Auth support: $BSD_AUTH_MSG"
3410echo " Random number source: $RAND_MSG"
f1b0ecc3 3411if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3412echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3413fi
3414
cbd7492e 3415echo ""
3416
0c2fb82f 3417echo " Host: ${host}"
3418echo " Compiler: ${CC}"
3419echo " Compiler flags: ${CFLAGS}"
3420echo "Preprocessor flags: ${CPPFLAGS}"
3421echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3422echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3423
3424echo ""
3425
9cefe228 3426if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3427 echo "SVR4 style packages are supported with \"make package\""
3428 echo ""
9cefe228 3429fi
3430
adeebd37 3431if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3432 echo "PAM is enabled. You may need to install a PAM control file "
3433 echo "for sshd, otherwise password authentication may fail. "
aff51935 3434 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3435 echo "subdirectory"
adeebd37 3436 echo ""
3437fi
3438
f1b0ecc3 3439if test ! -z "$RAND_HELPER_CMDHASH" ; then
3440 echo "WARNING: you are using the builtin random number collection "
3441 echo "service. Please read WARNING.RNG and request that your OS "
3442 echo "vendor includes kernel-based random number collection in "
3443 echo "future versions of your OS."
2c523de9 3444 echo ""
3445fi
af774732 3446
2f6f9cff 3447if test ! -z "$NO_PEERCHECK" ; then
3448 echo "WARNING: the operating system that you are using does not "
3449 echo "appear to support either the getpeereid() API nor the "
3450 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3451 echo "enforce security checks to prevent unauthorised connections to "
3452 echo "ssh-agent. Their absence increases the risk that a malicious "
3453 echo "user can connect to your agent. "
3454 echo ""
3455fi
3456
7b578f7d 3457if test "$AUDIT_MODULE" = "bsm" ; then
3458 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3459 echo "See the Solaris section in README.platform for details."
3460fi
git-cvsimport mirror of OpenSSH
This page took 1.192695 seconds and 5 git commands to generate.