]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [configure.ac atomicio.c] Fall back to <sys/poll.h> if we don't
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
0b9fdeb8 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
5fdabf45 106 esac
8a3ff1aa 107
dfafb2e1 108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
d423d822 119fi
120
0b9fdeb8 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
e6354014 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
82f4e93d 128 if test "x$withval" = "xno" ; then
e6354014 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
aa56f760 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
6d39a5c4 208 poll.h \
aa56f760 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
8aa5db7d 226 sys/poll.h \
aa56f760 227 sys/prctl.h \
228 sys/pstat.h \
229 sys/select.h \
230 sys/stat.h \
231 sys/stream.h \
232 sys/stropts.h \
233 sys/strtio.h \
234 sys/sysmacros.h \
235 sys/time.h \
236 sys/timers.h \
237 sys/un.h \
238 time.h \
239 tmpdir.h \
240 ttyent.h \
40701614 241 ucred.h \
aa56f760 242 unistd.h \
243 usersec.h \
244 util.h \
245 utime.h \
246 utmp.h \
247 utmpx.h \
248 vis.h \
249)
250
251# lastlog.h requires sys/time.h to be included first on Solaris
252AC_CHECK_HEADERS(lastlog.h, [], [], [
253#ifdef HAVE_SYS_TIME_H
254# include <sys/time.h>
255#endif
256])
257
258# sys/ptms.h requires sys/stream.h to be included first on Solaris
259AC_CHECK_HEADERS(sys/ptms.h, [], [], [
260#ifdef HAVE_SYS_STREAM_H
261# include <sys/stream.h>
262#endif
263])
264
265# login_cap.h requires sys/types.h on NetBSD
266AC_CHECK_HEADERS(login_cap.h, [], [], [
267#include <sys/types.h>
268])
269
5b84789f 270# Messages for features tested for in target-specific section
271SIA_MSG="no"
272SPC_MSG="no"
273
a0391976 274# Check for some target-specific stuff
a7effaac 275case "$host" in
9d6b1b96 276*-*-aix*)
25a2779b 277 # Some versions of VAC won't allow macro redefinitions at
278 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
279 # particularly with older versions of vac or xlc.
280 # It also throws errors about null macro argments, but these are
281 # not fatal.
282 AC_MSG_CHECKING(if compiler allows macro redefinitions)
283 AC_COMPILE_IFELSE(
284 [AC_LANG_SOURCE([[
285#define testmacro foo
286#define testmacro bar
287int main(void) { exit(0); }
288 ]])],
289 [ AC_MSG_RESULT(yes) ],
290 [ AC_MSG_RESULT(no)
291 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
292 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
293 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
295 ]
296 )
297
aff51935 298 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 299 if (test -z "$blibpath"); then
0a15d73b 300 blibpath="/usr/lib:/lib"
68ece370 301 fi
302 saved_LDFLAGS="$LDFLAGS"
e7479666 303 if test "$GCC" = "yes"; then
304 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
305 else
306 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
307 fi
308 for tryflags in $flags ;do
68ece370 309 if (test -z "$blibflags"); then
310 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
311 AC_TRY_LINK([], [], [blibflags=$tryflags])
312 fi
313 done
314 if (test -z "$blibflags"); then
315 AC_MSG_RESULT(not found)
316 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
317 else
318 AC_MSG_RESULT($blibflags)
bd499f9e 319 fi
68ece370 320 LDFLAGS="$saved_LDFLAGS"
e351e493 321 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 322 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
323 [Define if you want to enable AIX4's authenticate function])],
0764e748 324 [AC_CHECK_LIB(s,authenticate,
e351e493 325 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 326 LIBS="$LIBS -ls"
327 ])
328 ])
ba603e06 329 dnl Check for various auth function declarations in headers.
c85ed8e2 330 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 331 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 332 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 333 AC_CHECK_DECLS(loginfailed,
e351e493 334 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
335 AC_TRY_COMPILE(
f58c0e01 336 [#include <usersec.h>],
e351e493 337 [(void)loginfailed("user","host","tty",0);],
338 [AC_MSG_RESULT(yes)
3466e002 339 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
340 [Define if your AIX loginfailed() function
341 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 342 [AC_MSG_RESULT(no)]
e351e493 343 )],
344 [],
345 [#include <usersec.h>]
346 )
2aa3a16c 347 AC_CHECK_FUNCS(setauthdb)
53c337ed 348 AC_CHECK_DECL(F_CLOSEM,
795e7517 349 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 350 [],
351 [ #include <limits.h>
352 #include <fcntl.h> ]
353 )
5ccf88cb 354 check_for_aix_broken_getaddrinfo=1
3466e002 355 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
356 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
357 [Define if your platform breaks doing a seteuid before a setuid])
358 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
359 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 360 dnl AIX handles lastlog as part of its login message
3466e002 361 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
362 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
363 [Some systems need a utmpx entry for /bin/login to work])
364 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
365 [Define to a Set Process Title type if your system is
366 supported by bsd-setproctitle.c])
961c2997 367 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
368 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 369 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 370 ;;
3c62e7eb 371*-*-cygwin*)
a52997bd 372 check_for_libcrypt_later=1
04765d02 373 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 374 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
375 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
376 AC_DEFINE(DISABLE_SHADOW, 1,
377 [Define if you want to disable shadow passwords])
378 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
379 [Define if your system choked on IP TOS setting])
380 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
381 [Define if X11 doesn't support AF_UNIX sockets on that system])
382 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
383 [Define if the concept of ports only accessible to
384 superusers isn't known])
385 AC_DEFINE(DISABLE_FD_PASSING, 1,
386 [Define if your platform needs to skip post auth
387 file descriptor passing])
3c62e7eb 388 ;;
d6fdb079 389*-*-dgux*)
390 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 391 AC_DEFINE(SETEUID_BREAKS_SETUID)
392 AC_DEFINE(BROKEN_SETREUID)
393 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 394 ;;
39c98ef7 395*-*-darwin*)
33e2e066 396 AC_MSG_CHECKING(if we have working getaddrinfo)
397 AC_TRY_RUN([#include <mach-o/dyld.h>
398main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
399 exit(0);
400 else
401 exit(1);
402}], [AC_MSG_RESULT(working)],
403 [AC_MSG_RESULT(buggy)
3466e002 404 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 405 [AC_MSG_RESULT(assume it is working)])
635e0c42 406 AC_DEFINE(SETEUID_BREAKS_SETUID)
407 AC_DEFINE(BROKEN_SETREUID)
408 AC_DEFINE(BROKEN_SETREGID)
3466e002 409 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
410 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 411 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
412 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
413 [Use tunnel device compatibility to OpenBSD])
414 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
415 [Prepend the address family to IP tunnel traffic])
39c98ef7 416 ;;
36f36ba3 417*-*-dragonfly*)
418 SSHDLIBS="$SSHDLIBS -lcrypt"
419 ;;
7d458c86 420*-*-hpux*)
421 # first we define all of the options common to all HP-UX releases
b8fea62d 422 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 423 IPADDR_IN_DISPLAY=yes
2b10f47a 424 AC_DEFINE(USE_PIPES)
3466e002 425 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
426 [Define if your login program cannot handle end of options ("--")])
a2572aa7 427 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 428 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
429 [String used in /etc/passwd to denote locked account])
3a2b2b44 430 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 431 MAIL="/var/mail/username"
f75ca46d 432 LIBS="$LIBS -lsec"
7d458c86 433 AC_CHECK_LIB(xnet, t_error, ,
434 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
435
436 # next, we define all of the options specific to major releases
437 case "$host" in
438 *-*-hpux10*)
439 if test -z "$GCC"; then
440 CFLAGS="$CFLAGS -Ae"
441 fi
442 ;;
443 *-*-hpux11*)
3466e002 444 AC_DEFINE(PAM_SUN_CODEBASE, 1,
445 [Define if you are using Solaris-derived PAM which
446 passes pam_messages to the conversation function
447 with an extra level of indirection])
448 AC_DEFINE(DISABLE_UTMP, 1,
449 [Define if you don't want to use utmp])
7d458c86 450 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
451 check_for_hpux_broken_getaddrinfo=1
452 check_for_conflicting_getspnam=1
453 ;;
454 esac
455
456 # lastly, we define options specific to minor releases
457 case "$host" in
458 *-*-hpux10.26)
3466e002 459 AC_DEFINE(HAVE_SECUREWARE, 1,
460 [Define if you have SecureWare-based
461 protected password database])
7d458c86 462 disable_ptmx_check=yes
463 LIBS="$LIBS -lsecpw"
464 ;;
465 esac
2b763e31 466 ;;
d94aa2ae 467*-*-irix5*)
6ac7829a 468 PATH="$PATH:/usr/etc"
3466e002 469 AC_DEFINE(BROKEN_INET_NTOA, 1,
470 [Define if you system's inet_ntoa is busted
471 (e.g. Irix gcc issue)])
cb433561 472 AC_DEFINE(SETEUID_BREAKS_SETUID)
473 AC_DEFINE(BROKEN_SETREUID)
474 AC_DEFINE(BROKEN_SETREGID)
3466e002 475 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
476 [Define if you shouldn't strip 'tty' from your
477 ttyname in [uw]tmp])
3e6e3da0 478 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 479 ;;
480*-*-irix6*)
6ac7829a 481 PATH="$PATH:/usr/etc"
3466e002 482 AC_DEFINE(WITH_IRIX_ARRAY, 1,
483 [Define if you have/want arrays
484 (cluster-wide session managment, not C arrays)])
485 AC_DEFINE(WITH_IRIX_PROJECT, 1,
486 [Define if you want IRIX project management])
487 AC_DEFINE(WITH_IRIX_AUDIT, 1,
488 [Define if you want IRIX audit trails])
489 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
490 [Define if you want IRIX kernel jobs])])
416ed5a7 491 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 492 AC_DEFINE(SETEUID_BREAKS_SETUID)
493 AC_DEFINE(BROKEN_SETREUID)
494 AC_DEFINE(BROKEN_SETREGID)
3466e002 495 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 496 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 497 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 498 ;;
5cdfe03f 499*-*-linux*)
500 no_dev_ptmx=1
717057b6 501 check_for_libcrypt_later=1
eacb954e 502 check_for_openpty_ctty_bug=1
3466e002 503 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
504 AC_DEFINE(PAM_TTY_KLUDGE, 1,
505 [Work around problematic Linux PAM modules handling of PAM_TTY])
506 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
507 [String used in /etc/passwd to denote locked account])
3a2b2b44 508 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 509 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
510 [Define to whatever link() returns for "not supported"
511 if it doesn't return EOPNOTSUPP.])
b6610e8f 512 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 513 AC_DEFINE(USE_BTMP)
80faa19f 514 inet6_default_4in6=yes
bf7c1e6c 515 case `uname -r` in
ad84c479 516 1.*|2.0.*)
3466e002 517 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
518 [Define if cmsg_type is not passed correctly])
bf7c1e6c 519 ;;
bf7c1e6c 520 esac
c40f09ca 521 # tun(4) forwarding compat code
d91775e1 522 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 523 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 524 AC_DEFINE(SSH_TUN_LINUX, 1,
525 [Open tunnel devices the Linux tun/tap way])
526 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
527 [Use tunnel device compatibility to OpenBSD])
528 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
529 [Prepend the address family to IP tunnel traffic])
530 fi
5cdfe03f 531 ;;
66d6c27e 532mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 533 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 534 SONY=1
66d6c27e 535 ;;
d468fc76 536*-*-netbsd*)
33e2e066 537 check_for_libcrypt_before=1
82f4e93d 538 if test "x$withval" != "xno" ; then
e6354014 539 need_dash_r=1
540 fi
0f6cb079 541 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
542 AC_CHECK_HEADER([net/if_tap.h], ,
543 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
544 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
545 [Prepend the address family to IP tunnel traffic])
d468fc76 546 ;;
86b416a7 547*-*-freebsd*)
548 check_for_libcrypt_later=1
988c5031 549 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 550 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
551 AC_CHECK_HEADER([net/if_tap.h], ,
552 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 553 ;;
8707b7eb 554*-*-bsdi*)
555 AC_DEFINE(SETEUID_BREAKS_SETUID)
556 AC_DEFINE(BROKEN_SETREUID)
557 AC_DEFINE(BROKEN_SETREGID)
558 ;;
729bfe59 559*-next-*)
729bfe59 560 conf_lastlog_location="/usr/adm/lastlog"
698d107e 561 conf_utmp_location=/etc/utmp
562 conf_wtmp_location=/usr/adm/wtmp
563 MAIL=/usr/spool/mail
3466e002 564 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 565 AC_DEFINE(BROKEN_REALPATH)
00937921 566 AC_DEFINE(USE_PIPES)
3466e002 567 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 568 ;;
5b7b5e23 569*-*-openbsd*)
570 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 571 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 572 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 573 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
574 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 575 ;;
9d6b1b96 576*-*-solaris*)
82f4e93d 577 if test "x$withval" != "xno" ; then
010e9d5b 578 need_dash_r=1
579 fi
adeebd37 580 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 581 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 582 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
583 [Some versions of /bin/login need the TERM supplied
584 on the commandline])
7f0a4ff1 585 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 586 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
587 [Define if pam_chauthtok wants real uid set
588 to the unpriv'ed user])
3e6e3da0 589 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 590 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 591 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
592 [Define if sshd somehow reacquires a controlling TTY
593 after setsid()])
795aa5f5 594 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
595 in case the name is longer than 8 chars])
95b99395 596 external_path_file=/etc/default/login
1d7b9b20 597 # hardwire lastlog location (can't detect it on some versions)
598 conf_lastlog_location="/var/adm/lastlog"
32c80420 599 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
600 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
601 if test "$sol2ver" -ge 8; then
602 AC_MSG_RESULT(yes)
603 AC_DEFINE(DISABLE_UTMP)
3466e002 604 AC_DEFINE(DISABLE_WTMP, 1,
605 [Define if you don't want to use wtmp])
32c80420 606 else
607 AC_MSG_RESULT(no)
608 fi
5b84789f 609 AC_ARG_WITH(solaris-contracts,
610 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
611 [
612 AC_CHECK_LIB(contract, ct_tmpl_activate,
613 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
614 [Define if you have Solaris process contracts])
615 SSHDLIBS="$SSHDLIBS -lcontract"
616 AC_SUBST(SSHDLIBS)
617 SPC_MSG="yes" ], )
618 ],
619 )
9d6b1b96 620 ;;
a423beaf 621*-*-sunos4*)
0c2fb82f 622 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 623 AC_CHECK_FUNCS(getpwanam)
adeebd37 624 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 625 conf_utmp_location=/etc/utmp
626 conf_wtmp_location=/var/adm/wtmp
627 conf_lastlog_location=/var/adm/lastlog
137d7b6c 628 AC_DEFINE(USE_PIPES)
a423beaf 629 ;;
6f68f28a 630*-ncr-sysv*)
98a7c37b 631 LIBS="$LIBS -lc89"
29525240 632 AC_DEFINE(USE_PIPES)
eabb99c6 633 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 634 AC_DEFINE(SETEUID_BREAKS_SETUID)
635 AC_DEFINE(BROKEN_SETREUID)
636 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 637 ;;
132dd316 638*-sni-sysv*)
c8c15bcb 639 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 640 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 641 # -lresolv needs to be at the end of LIBS or DNS lookups break
642 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 643 IPADDR_IN_DISPLAY=yes
644 AC_DEFINE(USE_PIPES)
132dd316 645 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 646 AC_DEFINE(SETEUID_BREAKS_SETUID)
647 AC_DEFINE(BROKEN_SETREUID)
648 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 649 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 650 external_path_file=/etc/default/login
c8c15bcb 651 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
652 # Attention: always take care to bind libsocket and libnsl before libc,
653 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 654 ;;
79a7ba96 655# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 656*-*-sysv4.2*)
ed6553e2 657 AC_DEFINE(USE_PIPES)
7ed101c0 658 AC_DEFINE(SETEUID_BREAKS_SETUID)
659 AC_DEFINE(BROKEN_SETREUID)
660 AC_DEFINE(BROKEN_SETREGID)
46f853b9 661 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 662 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 663 ;;
79a7ba96 664# UnixWare 7.x, OpenUNIX 8
77bb0bca 665*-*-sysv5*)
d7d2cc6e 666 check_for_libcrypt_later=1
667 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 668 AC_DEFINE(USE_PIPES)
7ed101c0 669 AC_DEFINE(SETEUID_BREAKS_SETUID)
670 AC_DEFINE(BROKEN_SETREUID)
671 AC_DEFINE(BROKEN_SETREGID)
3466e002 672 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 673 case "$host" in
674 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
675 TEST_SHELL=/u95/bin/sh
3466e002 676 AC_DEFINE(BROKEN_LIBIAF, 1,
677 [ia_uinfo routines not supported by OS yet])
5cc6ddad 678 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 679 ;;
e45da4d6 680 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
681 ;;
822015dd 682 esac
77bb0bca 683 ;;
9d6b1b96 684*-*-sysv*)
9d6b1b96 685 ;;
79a7ba96 686# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 687*-*-sco3.2v4*)
11cf4f1f 688 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 689 ;;
79a7ba96 690# SCO OpenServer 5.x
77bb0bca 691*-*-sco3.2v5*)
21710e39 692 if test -z "$GCC"; then
693 CFLAGS="$CFLAGS -belf"
694 fi
ed6553e2 695 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 696 no_dev_ptmx=1
ed6553e2 697 AC_DEFINE(USE_PIPES)
6e879cb4 698 AC_DEFINE(HAVE_SECUREWARE)
d287c664 699 AC_DEFINE(DISABLE_SHADOW)
94d8258b 700 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 701 AC_DEFINE(SETEUID_BREAKS_SETUID)
702 AC_DEFINE(BROKEN_SETREUID)
703 AC_DEFINE(BROKEN_SETREGID)
bcebad47 704 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 705 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 706 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 707 AC_CHECK_FUNCS(getluid setluid)
533875af 708 MANTYPE=man
a3245b92 709 TEST_SHELL=ksh
509b1f88 710 ;;
ccbb983c 711*-*-unicosmk*)
3466e002 712 AC_DEFINE(NO_SSH_LASTLOG, 1,
713 [Define if you don't want to use lastlog in session.c])
c1ad5966 714 AC_DEFINE(SETEUID_BREAKS_SETUID)
715 AC_DEFINE(BROKEN_SETREUID)
716 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 717 AC_DEFINE(USE_PIPES)
718 AC_DEFINE(DISABLE_FD_PASSING)
719 LDFLAGS="$LDFLAGS"
720 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
721 MANTYPE=cat
d262b7f2 722 ;;
7b9a8c6e 723*-*-unicosmp*)
c1ad5966 724 AC_DEFINE(SETEUID_BREAKS_SETUID)
725 AC_DEFINE(BROKEN_SETREUID)
726 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 727 AC_DEFINE(WITH_ABBREV_NO_TTY)
728 AC_DEFINE(USE_PIPES)
729 AC_DEFINE(DISABLE_FD_PASSING)
730 LDFLAGS="$LDFLAGS"
c1ad5966 731 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 732 MANTYPE=cat
733 ;;
ca5c7d6a 734*-*-unicos*)
c1ad5966 735 AC_DEFINE(SETEUID_BREAKS_SETUID)
736 AC_DEFINE(BROKEN_SETREUID)
737 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 738 AC_DEFINE(USE_PIPES)
94d8258b 739 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 740 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 741 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
742 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
743 MANTYPE=cat
a704dd54 744 ;;
4d33e531 745*-dec-osf*)
99c8ddac 746 AC_MSG_CHECKING(for Digital Unix SIA)
747 no_osfsia=""
748 AC_ARG_WITH(osfsia,
749 [ --with-osfsia Enable Digital Unix SIA],
750 [
751 if test "x$withval" = "xno" ; then
752 AC_MSG_RESULT(disabled)
753 no_osfsia=1
754 fi
755 ],
756 )
757 if test -z "$no_osfsia" ; then
4d33e531 758 if test -f /etc/sia/matrix.conf; then
759 AC_MSG_RESULT(yes)
3466e002 760 AC_DEFINE(HAVE_OSF_SIA, 1,
761 [Define if you have Digital Unix Security
762 Integration Architecture])
763 AC_DEFINE(DISABLE_LOGIN, 1,
764 [Define if you don't want to use your
765 system's login() call])
58d0df4e 766 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 767 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 768 SIA_MSG="yes"
4d33e531 769 else
770 AC_MSG_RESULT(no)
3466e002 771 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
772 [String used in /etc/passwd to denote locked account])
4d33e531 773 fi
774 fi
a6e67b60 775 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 776 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 777 AC_DEFINE(BROKEN_SETREUID)
778 AC_DEFINE(BROKEN_SETREGID)
4d33e531 779 ;;
41cb4569 780
9c54c067 781*-*-nto-qnx*)
41cb4569 782 AC_DEFINE(USE_PIPES)
783 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 784 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
785 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
786 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 787 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 788 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 789 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 790 case "$host" in
791 *-*-nto-qnx6*)
792 AC_DEFINE(DISABLE_FD_PASSING)
793 ;;
794 esac
41cb4569 795 ;;
35fc74ed 796
797*-*-ultrix*)
3466e002 798 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
799 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 800 AC_DEFINE(NEED_SETPGRP)
b5765e1d 801 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
802 ;;
157b6700 803
804*-*-lynxos)
805 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 806 AC_DEFINE(MISSING_HOWMANY)
157b6700 807 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
808 ;;
a7effaac 809esac
810
c5829391 811AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 812AC_RUN_IFELSE(
813 [AC_LANG_SOURCE([
c5829391 814#include <stdio.h>
815int main(){exit(0);}
479cece8 816 ])],
c5829391 817 [ AC_MSG_RESULT(yes) ],
818 [
819 AC_MSG_RESULT(no)
820 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 821 ],
822 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 823)
824
b04a9f8c 825dnl Checks for header files.
a0391976 826# Checks for libraries.
98a7c37b 827AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
828AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 829
446227d6 830dnl IRIX and Solaris 2.5.1 have dirname() in libgen
831AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
832 AC_CHECK_LIB(gen, dirname,[
833 AC_CACHE_CHECK([for broken dirname],
834 ac_cv_have_broken_dirname, [
835 save_LIBS="$LIBS"
836 LIBS="$LIBS -lgen"
b0e7249f 837 AC_RUN_IFELSE(
838 [AC_LANG_SOURCE([[
446227d6 839#include <libgen.h>
840#include <string.h>
841
842int main(int argc, char **argv) {
843 char *s, buf[32];
844
845 strncpy(buf,"/etc", 32);
846 s = dirname(buf);
847 if (!s || strncmp(s, "/", 32) != 0) {
848 exit(1);
849 } else {
850 exit(0);
851 }
852}
b0e7249f 853 ]])],
854 [ ac_cv_have_broken_dirname="no" ],
855 [ ac_cv_have_broken_dirname="yes" ],
446227d6 856 [ ac_cv_have_broken_dirname="no" ],
446227d6 857 )
858 LIBS="$save_LIBS"
859 ])
860 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
861 LIBS="$LIBS -lgen"
862 AC_DEFINE(HAVE_DIRNAME)
863 AC_CHECK_HEADERS(libgen.h)
864 fi
865 ])
866])
867
868AC_CHECK_FUNC(getspnam, ,
869 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 870AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
871 [Define if you have the basename function.]))
446227d6 872
98a7c37b 873dnl zlib is required
874AC_ARG_WITH(zlib,
875 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 876 [ if test "x$withval" = "xno" ; then
877 AC_MSG_ERROR([*** zlib is required ***])
878 elif test "x$withval" != "xyes"; then
98a7c37b 879 if test -d "$withval/lib"; then
880 if test -n "${need_dash_r}"; then
5a162955 881 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 882 else
5a162955 883 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 884 fi
885 else
886 if test -n "${need_dash_r}"; then
5a162955 887 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 888 else
5a162955 889 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 890 fi
891 fi
892 if test -d "$withval/include"; then
5a162955 893 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 894 else
5a162955 895 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 896 fi
6dd05556 897 fi ]
98a7c37b 898)
899
0a15d73b 900AC_CHECK_LIB(z, deflate, ,
901 [
902 saved_CPPFLAGS="$CPPFLAGS"
903 saved_LDFLAGS="$LDFLAGS"
904 save_LIBS="$LIBS"
905 dnl Check default zlib install dir
906 if test -n "${need_dash_r}"; then
907 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
908 else
909 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
910 fi
911 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
912 LIBS="$LIBS -lz"
913 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
914 [
915 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
916 ]
917 )
918 ]
919)
4ad65809 920AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 921
922AC_ARG_WITH(zlib-version-check,
923 [ --without-zlib-version-check Disable zlib version check],
924 [ if test "x$withval" = "xno" ; then
925 zlib_check_nonfatal=1
926 fi
927 ]
928)
929
5c7fc85d 930AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 931AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 932#include <stdio.h>
4ad65809 933#include <zlib.h>
934int main()
935{
5c7fc85d 936 int a=0, b=0, c=0, d=0, n, v;
937 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
938 if (n != 3 && n != 4)
4ad65809 939 exit(1);
5c7fc85d 940 v = a*1000000 + b*10000 + c*100 + d;
941 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
942
943 /* 1.1.4 is OK */
944 if (a == 1 && b == 1 && c >= 4)
4ad65809 945 exit(0);
5c7fc85d 946
0072b59d 947 /* 1.2.3 and up are OK */
948 if (v >= 1020300)
5c7fc85d 949 exit(0);
950
4ad65809 951 exit(2);
952}
479cece8 953 ]])],
5c7fc85d 954 AC_MSG_RESULT(no),
955 [ AC_MSG_RESULT(yes)
8068d564 956 if test -z "$zlib_check_nonfatal" ; then
957 AC_MSG_ERROR([*** zlib too old - check config.log ***
958Your reported zlib version has known security problems. It's possible your
959vendor has fixed these problems without changing the version number. If you
960are sure this is the case, you can disable the check by running
961"./configure --without-zlib-version-check".
6090bcfe 962If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 963See http://www.gzip.org/zlib/ for details.])
8068d564 964 else
965 AC_MSG_WARN([zlib version may have security problems])
966 fi
1a01a50c 967 ],
968 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 969)
48e7916f 970
2c523de9 971dnl UnixWare 2.x
aff51935 972AC_CHECK_FUNC(strcasecmp,
2c523de9 973 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
974)
23361281 975AC_CHECK_FUNCS(utimes,
cda1ebcb 976 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
977 LIBS="$LIBS -lc89"]) ]
2c523de9 978)
4cca272e 979
7c6d759d 980dnl Checks for libutil functions
981AC_CHECK_HEADERS(libutil.h)
3466e002 982AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
983 [Define if your libraries define login()])])
7c6d759d 984AC_CHECK_FUNCS(logout updwtmp logwtmp)
985
a738c3b0 986AC_FUNC_STRFTIME
987
84ceda19 988# Check for ALTDIRFUNC glob() extension
989AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
990AC_EGREP_CPP(FOUNDIT,
991 [
992 #include <glob.h>
993 #ifdef GLOB_ALTDIRFUNC
994 FOUNDIT
995 #endif
aff51935 996 ],
84ceda19 997 [
3466e002 998 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
999 [Define if your system glob() function has
1000 the GLOB_ALTDIRFUNC extension])
84ceda19 1001 AC_MSG_RESULT(yes)
1002 ],
1003 [
1004 AC_MSG_RESULT(no)
1005 ]
1006)
4cca272e 1007
40849fdb 1008# Check for g.gl_matchc glob() extension
1009AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1010AC_TRY_COMPILE(
13ff27b7 1011 [ #include <glob.h> ],
1012 [glob_t g; g.gl_matchc = 1;],
aff51935 1013 [
3466e002 1014 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1015 [Define if your system glob() function has
1016 gl_matchc options in glob_t])
aff51935 1017 AC_MSG_RESULT(yes)
1018 ],
1019 [
1020 AC_MSG_RESULT(no)
1021 ]
40849fdb 1022)
1023
78888bab 1024AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1025
edbe6722 1026AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1027AC_RUN_IFELSE(
479cece8 1028 [AC_LANG_SOURCE([[
edbe6722 1029#include <sys/types.h>
1030#include <dirent.h>
aec4cb4f 1031int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1032 ]])],
aff51935 1033 [AC_MSG_RESULT(yes)],
edbe6722 1034 [
1035 AC_MSG_RESULT(no)
3466e002 1036 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1037 [Define if your struct dirent expects you to
3466e002 1038 allocate extra space for d_name])
1a01a50c 1039 ],
82f4e93d 1040 [
1a01a50c 1041 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1042 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1043 ]
1044)
1045
419e26e7 1046AC_MSG_CHECKING([for /proc/pid/fd directory])
1047if test -d "/proc/$$/fd" ; then
3466e002 1048 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1049 AC_MSG_RESULT(yes)
1050else
1051 AC_MSG_RESULT(no)
1052fi
1053
278588d8 1054# Check whether user wants S/Key support
aff51935 1055SKEY_MSG="no"
278588d8 1056AC_ARG_WITH(skey,
6ff3d0dc 1057 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1058 [
1059 if test "x$withval" != "xno" ; then
1060
1061 if test "x$withval" != "xyes" ; then
1062 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1063 LDFLAGS="$LDFLAGS -L${withval}/lib"
1064 fi
1065
3466e002 1066 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1067 LIBS="-lskey $LIBS"
aff51935 1068 SKEY_MSG="yes"
82f4e93d 1069
ddceb1c8 1070 AC_MSG_CHECKING([for s/key support])
b0e7249f 1071 AC_LINK_IFELSE(
1072 [AC_LANG_SOURCE([[
ddceb1c8 1073#include <stdio.h>
1074#include <skey.h>
aec4cb4f 1075int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1076 ]])],
ddceb1c8 1077 [AC_MSG_RESULT(yes)],
278588d8 1078 [
ddceb1c8 1079 AC_MSG_RESULT(no)
278588d8 1080 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1081 ])
141fc639 1082 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1083 AC_TRY_COMPILE(
1084 [#include <stdio.h>
1085 #include <skey.h>],
1086 [(void)skeychallenge(NULL,"name","",0);],
1087 [AC_MSG_RESULT(yes)
3466e002 1088 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1089 [Define if your skeychallenge()
1090 function takes 4 arguments (NetBSD)])],
141fc639 1091 [AC_MSG_RESULT(no)]
1092 )
278588d8 1093 fi
1094 ]
1095)
1096
1097# Check whether user wants TCP wrappers support
98a7c37b 1098TCPW_MSG="no"
278588d8 1099AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1100 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1101 [
1102 if test "x$withval" != "xno" ; then
1103 saved_LIBS="$LIBS"
98a7c37b 1104 saved_LDFLAGS="$LDFLAGS"
1105 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1106 if test -n "${withval}" && \
6cf0200f 1107 test "x${withval}" != "xyes"; then
98a7c37b 1108 if test -d "${withval}/lib"; then
1109 if test -n "${need_dash_r}"; then
5a162955 1110 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1111 else
5a162955 1112 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1113 fi
1114 else
1115 if test -n "${need_dash_r}"; then
5a162955 1116 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1117 else
5a162955 1118 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1119 fi
1120 fi
1121 if test -d "${withval}/include"; then
5a162955 1122 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1123 else
5a162955 1124 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1125 fi
98a7c37b 1126 fi
e54defb4 1127 LIBS="-lwrap $LIBS"
278588d8 1128 AC_MSG_CHECKING(for libwrap)
1129 AC_TRY_LINK(
1130 [
77f09220 1131#include <sys/types.h>
1132#include <sys/socket.h>
1133#include <netinet/in.h>
278588d8 1134#include <tcpd.h>
1135 int deny_severity = 0, allow_severity = 0;
1136 ],
1137 [hosts_access(0);],
1138 [
1139 AC_MSG_RESULT(yes)
3466e002 1140 AC_DEFINE(LIBWRAP, 1,
1141 [Define if you want
1142 TCP Wrappers support])
e54defb4 1143 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1144 TCPW_MSG="yes"
278588d8 1145 ],
1146 [
1147 AC_MSG_ERROR([*** libwrap missing])
1148 ]
1149 )
ddceb1c8 1150 LIBS="$saved_LIBS"
278588d8 1151 fi
1152 ]
1153)
1154
59031773 1155# Check whether user wants libedit support
1156LIBEDIT_MSG="no"
1157AC_ARG_WITH(libedit,
6ff3d0dc 1158 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1159 [ if test "x$withval" != "xno" ; then
737edf04 1160 if test "x$withval" != "xyes"; then
bb116c8e 1161 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1162 if test -n "${need_dash_r}"; then
1163 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1164 else
1165 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1166 fi
737edf04 1167 fi
59031773 1168 AC_CHECK_LIB(edit, el_init,
3466e002 1169 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1170 LIBEDIT="-ledit -lcurses"
1171 LIBEDIT_MSG="yes"
1172 AC_SUBST(LIBEDIT)
1173 ],
737edf04 1174 [ AC_MSG_ERROR(libedit not found) ],
1175 [ -lcurses ]
59031773 1176 )
f47ddccb 1177 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1178 AC_COMPILE_IFELSE(
1179 [AC_LANG_SOURCE([[
1180#include <histedit.h>
f47ddccb 1181int main(void)
1182{
1183 int i = H_SETSIZE;
1184 el_init("", NULL, NULL, NULL);
1185 exit(0);
1186}
d92622f9 1187 ]])],
f47ddccb 1188 [ AC_MSG_RESULT(yes) ],
1189 [ AC_MSG_RESULT(no)
1190 AC_MSG_ERROR(libedit version is not compatible) ]
1191 )
59031773 1192 fi ]
1193)
1194
7b578f7d 1195AUDIT_MODULE=none
1196AC_ARG_WITH(audit,
1197 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1198 [
1199 AC_MSG_CHECKING(for supported audit module)
1200 case "$withval" in
1201 bsm)
1202 AC_MSG_RESULT(bsm)
1203 AUDIT_MODULE=bsm
1204 dnl Checks for headers, libs and functions
1205 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1206 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1207 [
1208#ifdef HAVE_TIME_H
1209# include <time.h>
1210#endif
1211 ]
1212)
7b578f7d 1213 AC_CHECK_LIB(bsm, getaudit, [],
1214 [AC_MSG_ERROR(BSM enabled and required library not found)])
1215 AC_CHECK_FUNCS(getaudit, [],
1216 [AC_MSG_ERROR(BSM enabled and required function not found)])
1217 # These are optional
7939c496 1218 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1219 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1220 ;;
1221 debug)
1222 AUDIT_MODULE=debug
1223 AC_MSG_RESULT(debug)
3466e002 1224 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1225 ;;
a2b3321d 1226 no)
d92622f9 1227 AC_MSG_RESULT(no)
a2b3321d 1228 ;;
7b578f7d 1229 *)
1230 AC_MSG_ERROR([Unknown audit module $withval])
1231 ;;
1232 esac ]
1233)
1234
19160674 1235dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1236AC_CHECK_FUNCS( \
1237 arc4random \
9a406e1e 1238 asprintf \
b04a9f8c 1239 b64_ntop \
1240 __b64_ntop \
1241 b64_pton \
1242 __b64_pton \
1243 bcopy \
1244 bindresvport_sa \
1245 clock \
1246 closefrom \
1247 dirfd \
b04a9f8c 1248 fchmod \
1249 fchown \
1250 freeaddrinfo \
1251 futimes \
1252 getaddrinfo \
1253 getcwd \
1254 getgrouplist \
1255 getnameinfo \
1256 getopt \
1257 getpeereid \
1961d660 1258 getpeerucred \
b04a9f8c 1259 _getpty \
1260 getrlimit \
1261 getttyent \
1262 glob \
1263 inet_aton \
1264 inet_ntoa \
1265 inet_ntop \
1266 innetgr \
1267 login_getcapbool \
1268 md5_crypt \
1269 memmove \
1270 mkdtemp \
1271 mmap \
1272 ngetaddrinfo \
1273 nsleep \
1274 ogetaddrinfo \
1275 openlog_r \
1276 openpty \
6d39a5c4 1277 poll \
b04a9f8c 1278 prctl \
1279 pstat \
1280 readpassphrase \
1281 realpath \
1282 recvmsg \
1283 rresvport_af \
1284 sendmsg \
1285 setdtablesize \
1286 setegid \
1287 setenv \
1288 seteuid \
1289 setgroups \
1290 setlogin \
1291 setpcred \
1292 setproctitle \
1293 setregid \
1294 setreuid \
1295 setrlimit \
1296 setsid \
1297 setvbuf \
1298 sigaction \
1299 sigvec \
1300 snprintf \
1301 socketpair \
1302 strdup \
1303 strerror \
1304 strlcat \
1305 strlcpy \
1306 strmode \
1307 strnvis \
1308 strtonum \
1e29a0c8 1309 strtoll \
b04a9f8c 1310 strtoul \
1aac2117 1311 swap32 \
b04a9f8c 1312 sysconf \
1313 tcgetpgrp \
1314 truncate \
1315 unsetenv \
1316 updwtmpx \
9a406e1e 1317 vasprintf \
b04a9f8c 1318 vhangup \
1319 vsnprintf \
1320 waitpid \
19160674 1321)
98a7c37b 1322
1a086f97 1323# IRIX has a const char return value for gai_strerror()
1324AC_CHECK_FUNCS(gai_strerror,[
1325 AC_DEFINE(HAVE_GAI_STRERROR)
1326 AC_TRY_COMPILE([
1327#include <sys/types.h>
1328#include <sys/socket.h>
1329#include <netdb.h>
1330
1331const char *gai_strerror(int);],[
1332char *str;
1333
1334str = gai_strerror(0);],[
1335 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1336 [Define if gai_strerror() returns const char *])])])
1337
3466e002 1338AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1339 [Some systems put nanosleep outside of libc]))
92b1decf 1340
309709db 1341dnl Make sure prototypes are defined for these before using them.
309709db 1342AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1343AC_CHECK_DECL(strsep,
1344 [AC_CHECK_FUNCS(strsep)],
1345 [],
1346 [
1347#ifdef HAVE_STRING_H
1348# include <string.h>
1349#endif
1350 ])
08412d26 1351
3490699c 1352dnl tcsendbreak might be a macro
1353AC_CHECK_DECL(tcsendbreak,
1354 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1355 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1356 [#include <termios.h>]
1357)
1358
41e0e158 1359AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1360
71f4c727 1361AC_CHECK_DECLS(SHUT_RD, , ,
1362 [
1363#include <sys/types.h>
1364#include <sys/socket.h>
1365 ])
956d6743 1366
1367AC_CHECK_DECLS(O_NONBLOCK, , ,
1368 [
1369#include <sys/types.h>
1370#ifdef HAVE_SYS_STAT_H
1371# include <sys/stat.h>
1372#endif
1373#ifdef HAVE_FCNTL_H
1374# include <fcntl.h>
1375#endif
1376 ])
1377
752994dd 1378AC_CHECK_DECLS(writev, , , [
1379#include <sys/types.h>
1380#include <sys/uio.h>
1381#include <unistd.h>
1382 ])
1383
0bf6279d 1384AC_CHECK_DECLS(MAXSYMLINKS, , , [
1385#include <sys/param.h>
1386 ])
1387
b41ece30 1388AC_CHECK_DECLS(offsetof, , , [
1389#include <stddef.h>
1390 ])
1391
3f176010 1392AC_CHECK_FUNCS(setresuid, [
1393 dnl Some platorms have setresuid that isn't implemented, test for this
1394 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1395 AC_RUN_IFELSE(
1396 [AC_LANG_SOURCE([[
9a3fe0e2 1397#include <stdlib.h>
1398#include <errno.h>
1399int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1400 ]])],
3f176010 1401 [AC_MSG_RESULT(yes)],
3466e002 1402 [AC_DEFINE(BROKEN_SETRESUID, 1,
1403 [Define if your setresuid() is broken])
1a01a50c 1404 AC_MSG_RESULT(not implemented)],
1405 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1406 )
1407])
9a3fe0e2 1408
3f176010 1409AC_CHECK_FUNCS(setresgid, [
1410 dnl Some platorms have setresgid that isn't implemented, test for this
1411 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1412 AC_RUN_IFELSE(
1413 [AC_LANG_SOURCE([[
9a3fe0e2 1414#include <stdlib.h>
1415#include <errno.h>
1416int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1417 ]])],
3f176010 1418 [AC_MSG_RESULT(yes)],
3466e002 1419 [AC_DEFINE(BROKEN_SETRESGID, 1,
1420 [Define if your setresgid() is broken])
1a01a50c 1421 AC_MSG_RESULT(not implemented)],
1422 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1423 )
1424])
9a3fe0e2 1425
2e73a022 1426dnl Checks for time functions
1d7b9b20 1427AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1428dnl Checks for utmp functions
b03bd394 1429AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1430AC_CHECK_FUNCS(utmpname)
2e73a022 1431dnl Checks for utmpx functions
b03bd394 1432AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1433AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1434
aff51935 1435AC_CHECK_FUNC(daemon,
3466e002 1436 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1437 [AC_CHECK_LIB(bsd, daemon,
1438 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1439)
1440
aff51935 1441AC_CHECK_FUNC(getpagesize,
3466e002 1442 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1443 [Define if your libraries define getpagesize()])],
1444 [AC_CHECK_LIB(ucb, getpagesize,
1445 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1446)
1447
2647ae26 1448# Check for broken snprintf
1449if test "x$ac_cv_func_snprintf" = "xyes" ; then
1450 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1451 AC_RUN_IFELSE(
479cece8 1452 [AC_LANG_SOURCE([[
2647ae26 1453#include <stdio.h>
aec4cb4f 1454int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1455 ]])],
aff51935 1456 [AC_MSG_RESULT(yes)],
2647ae26 1457 [
1458 AC_MSG_RESULT(no)
3466e002 1459 AC_DEFINE(BROKEN_SNPRINTF, 1,
1460 [Define if your snprintf is busted])
2647ae26 1461 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1462 ],
1463 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1464 )
1465fi
1466
9a406e1e 1467# If we don't have a working asprintf, then we strongly depend on vsnprintf
1468# returning the right thing on overflow: the number of characters it tried to
1469# create (as per SUSv3)
1470if test "x$ac_cv_func_asprintf" != "xyes" && \
1471 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1472 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1473 AC_RUN_IFELSE(
1474 [AC_LANG_SOURCE([[
1475#include <sys/types.h>
1476#include <stdio.h>
1477#include <stdarg.h>
1478
1479int x_snprintf(char *str,size_t count,const char *fmt,...)
1480{
1481 size_t ret; va_list ap;
1482 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1483 return ret;
1484}
1485int main(void)
1486{
1487 char x[1];
1488 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1489} ]])],
1490 [AC_MSG_RESULT(yes)],
1491 [
1492 AC_MSG_RESULT(no)
1493 AC_DEFINE(BROKEN_SNPRINTF, 1,
1494 [Define if your snprintf is busted])
1495 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1496 ],
1497 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1498 )
1499fi
1500
31b0732a 1501# On systems where [v]snprintf is broken, but is declared in stdio,
1502# check that the fmt argument is const char * or just char *.
1503# This is only useful for when BROKEN_SNPRINTF
1504AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1505AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1506 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1507 int main(void) { snprintf(0, 0, 0); }
1508 ]])],
1509 [AC_MSG_RESULT(yes)
1510 AC_DEFINE(SNPRINTF_CONST, [const],
1511 [Define as const if snprintf() can declare const char *fmt])],
1512 [AC_MSG_RESULT(no)
1513 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1514
2f6f9cff 1515# Check for missing getpeereid (or equiv) support
1516NO_PEERCHECK=""
1961d660 1517if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1518 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1519 AC_TRY_COMPILE(
1520 [#include <sys/types.h>
1521 #include <sys/socket.h>],
1522 [int i = SO_PEERCRED;],
62eb7db4 1523 [ AC_MSG_RESULT(yes)
3466e002 1524 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1525 ],
2f6f9cff 1526 [AC_MSG_RESULT(no)
1527 NO_PEERCHECK=1]
1528 )
1529fi
1530
70e7d0b0 1531dnl see whether mkstemp() requires XXXXXX
1532if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1533AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1534AC_RUN_IFELSE(
1535 [AC_LANG_SOURCE([[
70e7d0b0 1536#include <stdlib.h>
1537main() { char template[]="conftest.mkstemp-test";
1538if (mkstemp(template) == -1)
1539 exit(1);
1540unlink(template); exit(0);
1541}
b0e7249f 1542 ]])],
70e7d0b0 1543 [
1544 AC_MSG_RESULT(no)
1545 ],
aff51935 1546 [
70e7d0b0 1547 AC_MSG_RESULT(yes)
3466e002 1548 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1549 ],
1550 [
1551 AC_MSG_RESULT(yes)
1552 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1553 ]
70e7d0b0 1554)
1555fi
1556
eacb954e 1557dnl make sure that openpty does not reacquire controlling terminal
1558if test ! -z "$check_for_openpty_ctty_bug"; then
1559 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1560 AC_RUN_IFELSE(
1561 [AC_LANG_SOURCE([[
eacb954e 1562#include <stdio.h>
1563#include <sys/fcntl.h>
1564#include <sys/types.h>
1565#include <sys/wait.h>
1566
1567int
1568main()
1569{
1570 pid_t pid;
1571 int fd, ptyfd, ttyfd, status;
1572
1573 pid = fork();
1574 if (pid < 0) { /* failed */
1575 exit(1);
1576 } else if (pid > 0) { /* parent */
1577 waitpid(pid, &status, 0);
aff51935 1578 if (WIFEXITED(status))
eacb954e 1579 exit(WEXITSTATUS(status));
1580 else
1581 exit(2);
1582 } else { /* child */
1583 close(0); close(1); close(2);
1584 setsid();
1585 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1586 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1587 if (fd >= 0)
1588 exit(3); /* Acquired ctty: broken */
1589 else
1590 exit(0); /* Did not acquire ctty: OK */
1591 }
1592}
b0e7249f 1593 ]])],
eacb954e 1594 [
1595 AC_MSG_RESULT(yes)
1596 ],
1597 [
1598 AC_MSG_RESULT(no)
1599 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1600 ],
1601 [
1602 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1603 ]
1604 )
1605fi
1606
4b492aab 1607if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1608 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1609 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1610 AC_RUN_IFELSE(
1611 [AC_LANG_SOURCE([[
2fe51906 1612#include <stdio.h>
1613#include <sys/socket.h>
1614#include <netdb.h>
1615#include <errno.h>
1616#include <netinet/in.h>
1617
1618#define TEST_PORT "2222"
1619
1620int
1621main(void)
1622{
1623 int err, sock;
1624 struct addrinfo *gai_ai, *ai, hints;
1625 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1626
1627 memset(&hints, 0, sizeof(hints));
1628 hints.ai_family = PF_UNSPEC;
1629 hints.ai_socktype = SOCK_STREAM;
1630 hints.ai_flags = AI_PASSIVE;
1631
1632 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1633 if (err != 0) {
1634 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1635 exit(1);
1636 }
1637
1638 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1639 if (ai->ai_family != AF_INET6)
1640 continue;
1641
1642 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1643 sizeof(ntop), strport, sizeof(strport),
1644 NI_NUMERICHOST|NI_NUMERICSERV);
1645
1646 if (err != 0) {
1647 if (err == EAI_SYSTEM)
1648 perror("getnameinfo EAI_SYSTEM");
1649 else
1650 fprintf(stderr, "getnameinfo failed: %s\n",
1651 gai_strerror(err));
1652 exit(2);
1653 }
1654
1655 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1656 if (sock < 0)
1657 perror("socket");
1658 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1659 if (errno == EBADF)
1660 exit(3);
1661 }
1662 }
1663 exit(0);
1664}
b0e7249f 1665 ]])],
2fe51906 1666 [
1667 AC_MSG_RESULT(yes)
1668 ],
1669 [
1670 AC_MSG_RESULT(no)
1671 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1672 ],
1673 [
1674 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1675 ]
1676 )
1677fi
1678
4b492aab 1679if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1680 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1681 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1682 AC_RUN_IFELSE(
1683 [AC_LANG_SOURCE([[
5ccf88cb 1684#include <stdio.h>
1685#include <sys/socket.h>
1686#include <netdb.h>
1687#include <errno.h>
1688#include <netinet/in.h>
1689
1690#define TEST_PORT "2222"
1691
1692int
1693main(void)
1694{
1695 int err, sock;
1696 struct addrinfo *gai_ai, *ai, hints;
1697 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1698
1699 memset(&hints, 0, sizeof(hints));
1700 hints.ai_family = PF_UNSPEC;
1701 hints.ai_socktype = SOCK_STREAM;
1702 hints.ai_flags = AI_PASSIVE;
1703
1704 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1705 if (err != 0) {
1706 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1707 exit(1);
1708 }
1709
1710 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1711 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1712 continue;
1713
1714 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1715 sizeof(ntop), strport, sizeof(strport),
1716 NI_NUMERICHOST|NI_NUMERICSERV);
1717
1718 if (ai->ai_family == AF_INET && err != 0) {
1719 perror("getnameinfo");
1720 exit(2);
1721 }
1722 }
1723 exit(0);
1724}
b0e7249f 1725 ]])],
5ccf88cb 1726 [
1727 AC_MSG_RESULT(yes)
3466e002 1728 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1729 [Define if you have a getaddrinfo that fails
1730 for the all-zeros IPv6 address])
5ccf88cb 1731 ],
1732 [
1733 AC_MSG_RESULT(no)
1734 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1735 ],
ecd9ec09 1736 [
b0e7249f 1737 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1738 ]
1739 )
1740fi
1741
b29fd59f 1742if test "x$check_for_conflicting_getspnam" = "x1"; then
1743 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1744 AC_COMPILE_IFELSE(
1745 [
1746#include <shadow.h>
1747int main(void) {exit(0);}
1748 ],
1749 [
1750 AC_MSG_RESULT(no)
1751 ],
1752 [
1753 AC_MSG_RESULT(yes)
1754 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1755 [Conflicting defs for getspnam])
1756 ]
1757 )
1758fi
1759
7f8f5e00 1760AC_FUNC_GETPGRP
1761
5b991353 1762# Search for OpenSSL
1763saved_CPPFLAGS="$CPPFLAGS"
1764saved_LDFLAGS="$LDFLAGS"
a0391976 1765AC_ARG_WITH(ssl-dir,
1766 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1767 [
e9e4a1c7 1768 if test "x$withval" != "xno" ; then
99eb0f64 1769 case "$withval" in
1770 # Relative paths
1771 ./*|../*) withval="`pwd`/$withval"
1772 esac
5b991353 1773 if test -d "$withval/lib"; then
1774 if test -n "${need_dash_r}"; then
1775 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1776 else
1777 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1778 fi
1779 else
5b991353 1780 if test -n "${need_dash_r}"; then
1781 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1782 else
1783 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1784 fi
1785 fi
5b991353 1786 if test -d "$withval/include"; then
1787 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1788 else
5b991353 1789 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1790 fi
a0391976 1791 fi
5b991353 1792 ]
1793)
5486a457 1794LIBS="-lcrypto $LIBS"
3466e002 1795AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1796 [Define if your ssl headers are included
1797 with #include <openssl/header.h>]),
d45e3d76 1798 [
5b991353 1799 dnl Check default openssl install dir
1800 if test -n "${need_dash_r}"; then
1801 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1802 else
5b991353 1803 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1804 fi
5b991353 1805 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1806 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1807 [
1808 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1809 ]
1810 )
1811 ]
1812)
1813
cd018561 1814# Determine OpenSSL header version
1815AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1816AC_RUN_IFELSE(
479cece8 1817 [AC_LANG_SOURCE([[
cd018561 1818#include <stdio.h>
1819#include <string.h>
1820#include <openssl/opensslv.h>
1821#define DATA "conftest.sslincver"
1822int main(void) {
aff51935 1823 FILE *fd;
1824 int rc;
cd018561 1825
aff51935 1826 fd = fopen(DATA,"w");
1827 if(fd == NULL)
1828 exit(1);
cd018561 1829
1830 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1831 exit(1);
1832
1833 exit(0);
1834}
479cece8 1835 ]])],
cd018561 1836 [
1837 ssl_header_ver=`cat conftest.sslincver`
1838 AC_MSG_RESULT($ssl_header_ver)
1839 ],
1840 [
1841 AC_MSG_RESULT(not found)
1842 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1843 ],
1844 [
1845 AC_MSG_WARN([cross compiling: not checking])
cd018561 1846 ]
1847)
1848
1849# Determine OpenSSL library version
1850AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1851AC_RUN_IFELSE(
479cece8 1852 [AC_LANG_SOURCE([[
cd018561 1853#include <stdio.h>
1854#include <string.h>
1855#include <openssl/opensslv.h>
1856#include <openssl/crypto.h>
1857#define DATA "conftest.ssllibver"
1858int main(void) {
aff51935 1859 FILE *fd;
1860 int rc;
cd018561 1861
aff51935 1862 fd = fopen(DATA,"w");
1863 if(fd == NULL)
1864 exit(1);
cd018561 1865
1866 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1867 exit(1);
1868
1869 exit(0);
1870}
479cece8 1871 ]])],
cd018561 1872 [
1873 ssl_library_ver=`cat conftest.ssllibver`
1874 AC_MSG_RESULT($ssl_library_ver)
1875 ],
1876 [
1877 AC_MSG_RESULT(not found)
1878 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1879 ],
1880 [
1881 AC_MSG_WARN([cross compiling: not checking])
cd018561 1882 ]
1883)
58d100bf 1884
1d42bcce 1885AC_ARG_WITH(openssl-header-check,
1886 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1887 [ if test "x$withval" = "xno" ; then
1888 openssl_check_nonfatal=1
1889 fi
1890 ]
1891)
1892
9780116c 1893# Sanity check OpenSSL headers
1894AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1895AC_RUN_IFELSE(
479cece8 1896 [AC_LANG_SOURCE([[
9780116c 1897#include <string.h>
1898#include <openssl/opensslv.h>
aec4cb4f 1899int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1900 ]])],
9780116c 1901 [
1902 AC_MSG_RESULT(yes)
1903 ],
1904 [
1905 AC_MSG_RESULT(no)
1d42bcce 1906 if test "x$openssl_check_nonfatal" = "x"; then
1907 AC_MSG_ERROR([Your OpenSSL headers do not match your
1908library. Check config.log for details.
1909If you are sure your installation is consistent, you can disable the check
1910by running "./configure --without-openssl-header-check".
1911Also see contrib/findssl.sh for help identifying header/library mismatches.
1912])
1913 else
1914 AC_MSG_WARN([Your OpenSSL headers do not match your
1915library. Check config.log for details.
e15ba28b 1916Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1917 fi
1a01a50c 1918 ],
1919 [
1920 AC_MSG_WARN([cross compiling: not checking])
9780116c 1921 ]
1922)
1923
282d6408 1924AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1925AC_LINK_IFELSE(
1926 [AC_LANG_SOURCE([[
1927#include <openssl/evp.h>
1928int main(void) { SSLeay_add_all_algorithms(); }
1929 ]])],
1930 [
1931 AC_MSG_RESULT(yes)
1932 ],
1933 [
1934 AC_MSG_RESULT(no)
1935 saved_LIBS="$LIBS"
1936 LIBS="$LIBS -ldl"
1937 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1938 AC_LINK_IFELSE(
1939 [AC_LANG_SOURCE([[
1940#include <openssl/evp.h>
1941int main(void) { SSLeay_add_all_algorithms(); }
1942 ]])],
1943 [
1944 AC_MSG_RESULT(yes)
1945 ],
1946 [
1947 AC_MSG_RESULT(no)
1948 LIBS="$saved_LIBS"
1949 ]
1950 )
1951 ]
1952)
1953
c7ad0d99 1954AC_ARG_WITH(ssl-engine,
1955 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1956 [ if test "x$withval" != "xno" ; then
1957 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1958 AC_TRY_COMPILE(
1959 [ #include <openssl/engine.h>],
1960 [
24b2647b 1961ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 1962 ],
1963 [ AC_MSG_RESULT(yes)
1964 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1965 [Enable OpenSSL engine support])
1966 ],
1967 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1968 )
1969 fi ]
1970)
1971
e5146707 1972# Check for OpenSSL without EVP_aes_{192,256}_cbc
1973AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1974AC_LINK_IFELSE(
e5146707 1975 [AC_LANG_SOURCE([[
1976#include <string.h>
1977#include <openssl/evp.h>
300ea548 1978int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1979 ]])],
1980 [
1981 AC_MSG_RESULT(no)
1982 ],
1983 [
1984 AC_MSG_RESULT(yes)
1985 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1986 [libcrypto is missing AES 192 and 256 bit functions])
1987 ]
1988)
1989
5486a457 1990# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1991# because the system crypt() is more featureful.
1992if test "x$check_for_libcrypt_before" = "x1"; then
1993 AC_CHECK_LIB(crypt, crypt)
1994fi
1995
aff51935 1996# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1997# version in OpenSSL.
05114c74 1998if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1999 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2000fi
2001
13ff27b7 2002# Search for SHA256 support in libc and/or OpenSSL
2003AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2004
a03acb8f 2005saved_LIBS="$LIBS"
2006AC_CHECK_LIB(iaf, ia_openinfo, [
2007 LIBS="$LIBS -liaf"
d837615a 2008 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2009 AC_DEFINE(HAVE_LIBIAF, 1,
2010 [Define if system has libiaf that supports set_id])
2011 ])
a03acb8f 2012])
2013LIBS="$saved_LIBS"
f1b0ecc3 2014
2015### Configure cryptographic random number support
2016
2017# Check wheter OpenSSL seeds itself
2018AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2019AC_RUN_IFELSE(
479cece8 2020 [AC_LANG_SOURCE([[
f1b0ecc3 2021#include <string.h>
2022#include <openssl/rand.h>
aec4cb4f 2023int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2024 ]])],
f1b0ecc3 2025 [
2026 OPENSSL_SEEDS_ITSELF=yes
2027 AC_MSG_RESULT(yes)
2028 ],
2029 [
2030 AC_MSG_RESULT(no)
2031 # Default to use of the rand helper if OpenSSL doesn't
2032 # seed itself
2033 USE_RAND_HELPER=yes
1a01a50c 2034 ],
2035 [
2036 AC_MSG_WARN([cross compiling: assuming yes])
2037 # This is safe, since all recent OpenSSL versions will
82f4e93d 2038 # complain at runtime if not seeded correctly.
1a01a50c 2039 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2040 ]
2041)
2042
a086f73b 2043# Check for PAM libs
2044PAM_MSG="no"
2045AC_ARG_WITH(pam,
2046 [ --with-pam Enable PAM support ],
2047 [
2048 if test "x$withval" != "xno" ; then
2049 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2050 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2051 AC_MSG_ERROR([PAM headers not found])
2052 fi
2053
2054 saved_LIBS="$LIBS"
2055 AC_CHECK_LIB(dl, dlopen, , )
2056 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2057 AC_CHECK_FUNCS(pam_getenvlist)
2058 AC_CHECK_FUNCS(pam_putenv)
2059 LIBS="$saved_LIBS"
2060
2061 PAM_MSG="yes"
2062
e54defb4 2063 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2064 AC_DEFINE(USE_PAM, 1,
2065 [Define if you want to enable PAM support])
282d6408 2066
a086f73b 2067 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2068 case "$LIBS" in
2069 *-ldl*)
2070 # libdl already in LIBS
2071 ;;
2072 *)
e54defb4 2073 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2074 ;;
2075 esac
a086f73b 2076 fi
a086f73b 2077 fi
2078 ]
2079)
2080
2081# Check for older PAM
2082if test "x$PAM_MSG" = "xyes" ; then
2083 # Check PAM strerror arguments (old PAM)
2084 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2085 AC_TRY_COMPILE(
2086 [
2087#include <stdlib.h>
2088#if defined(HAVE_SECURITY_PAM_APPL_H)
2089#include <security/pam_appl.h>
2090#elif defined (HAVE_PAM_PAM_APPL_H)
2091#include <pam/pam_appl.h>
2092#endif
2093 ],
2094 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2095 [AC_MSG_RESULT(no)],
2096 [
2097 AC_DEFINE(HAVE_OLD_PAM, 1,
2098 [Define if you have an old version of PAM
2099 which takes only one argument to pam_strerror])
2100 AC_MSG_RESULT(yes)
2101 PAM_MSG="yes (old library)"
2102 ]
2103 )
2104fi
f1b0ecc3 2105
2106# Do we want to force the use of the rand helper?
2107AC_ARG_WITH(rand-helper,
2108 [ --with-rand-helper Use subprocess to gather strong randomness ],
2109 [
2110 if test "x$withval" = "xno" ; then
aff51935 2111 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2112 # the previous test showed it to be unseeded.
2113 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2114 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2115 OPENSSL_SEEDS_ITSELF=yes
2116 USE_RAND_HELPER=""
2117 fi
2118 else
2119 USE_RAND_HELPER=yes
2120 fi
2121 ],
82f4e93d 2122)
f1b0ecc3 2123
2124# Which randomness source do we use?
4b492aab 2125if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2126 # OpenSSL only
3466e002 2127 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2128 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2129 RAND_MSG="OpenSSL internal ONLY"
2130 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2131elif test ! -z "$USE_RAND_HELPER" ; then
2132 # install rand helper
f1b0ecc3 2133 RAND_MSG="ssh-rand-helper"
2134 INSTALL_SSH_RAND_HELPER="yes"
2135fi
2136AC_SUBST(INSTALL_SSH_RAND_HELPER)
2137
2138### Configuration of ssh-rand-helper
2139
2140# PRNGD TCP socket
2141AC_ARG_WITH(prngd-port,
2142 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2143 [
eb5d7ff6 2144 case "$withval" in
2145 no)
2146 withval=""
2147 ;;
2148 [[0-9]]*)
2149 ;;
2150 *)
2151 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2152 ;;
2153 esac
2154 if test ! -z "$withval" ; then
f1b0ecc3 2155 PRNGD_PORT="$withval"
3466e002 2156 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2157 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2158 fi
2159 ]
2160)
2161
2162# PRNGD Unix domain socket
2163AC_ARG_WITH(prngd-socket,
2164 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2165 [
eb5d7ff6 2166 case "$withval" in
2167 yes)
f1b0ecc3 2168 withval="/var/run/egd-pool"
eb5d7ff6 2169 ;;
2170 no)
2171 withval=""
2172 ;;
2173 /*)
2174 ;;
2175 *)
2176 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2177 ;;
2178 esac
2179
2180 if test ! -z "$withval" ; then
f1b0ecc3 2181 if test ! -z "$PRNGD_PORT" ; then
2182 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2183 fi
906e811b 2184 if test ! -r "$withval" ; then
f1b0ecc3 2185 AC_MSG_WARN(Entropy socket is not readable)
2186 fi
2187 PRNGD_SOCKET="$withval"
3466e002 2188 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2189 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2190 fi
ddceb1c8 2191 ],
2192 [
2193 # Check for existing socket only if we don't have a random device already
2194 if test "$USE_RAND_HELPER" = yes ; then
2195 AC_MSG_CHECKING(for PRNGD/EGD socket)
2196 # Insert other locations here
2197 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2198 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2199 PRNGD_SOCKET="$sock"
2200 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2201 break;
2202 fi
2203 done
2204 if test ! -z "$PRNGD_SOCKET" ; then
2205 AC_MSG_RESULT($PRNGD_SOCKET)
2206 else
2207 AC_MSG_RESULT(not found)
2208 fi
2209 fi
f1b0ecc3 2210 ]
2211)
2212
2213# Change default command timeout for hashing entropy source
2214entropy_timeout=200
2215AC_ARG_WITH(entropy-timeout,
2216 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2217 [
6cf0200f 2218 if test -n "$withval" && test "x$withval" != "xno" && \
2219 test "x${withval}" != "xyes"; then
f1b0ecc3 2220 entropy_timeout=$withval
2221 fi
82f4e93d 2222 ]
f1b0ecc3 2223)
3466e002 2224AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2225 [Builtin PRNG command timeout])
f1b0ecc3 2226
fd3cbf67 2227SSH_PRIVSEP_USER=sshd
9a0fbcb3 2228AC_ARG_WITH(privsep-user,
5222e7ef 2229 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2230 [
6cf0200f 2231 if test -n "$withval" && test "x$withval" != "xno" && \
2232 test "x${withval}" != "xyes"; then
fd3cbf67 2233 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2234 fi
82f4e93d 2235 ]
9a0fbcb3 2236)
3466e002 2237AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2238 [non-privileged user for privilege separation])
fd3cbf67 2239AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2240
81dadca3 2241# We do this little dance with the search path to insure
2242# that programs that we select for use by installed programs
2243# (which may be run by the super-user) come from trusted
2244# locations before they come from the user's private area.
2245# This should help avoid accidentally configuring some
2246# random version of a program in someone's personal bin.
2247
2248OPATH=$PATH
2249PATH=/bin:/usr/bin
f95c8ce8 2250test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2251test -d /sbin && PATH=$PATH:/sbin
2252test -d /usr/sbin && PATH=$PATH:/usr/sbin
2253PATH=$PATH:/etc:$OPATH
2254
aff51935 2255# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2256OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2257OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2258OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2259OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2260OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2261OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2262OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2263OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2264OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2265OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2266OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2267OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2268OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2269OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2270OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2271OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2272# restore PATH
2273PATH=$OPATH
f1b0ecc3 2274
2275# Where does ssh-rand-helper get its randomness from?
2276INSTALL_SSH_PRNG_CMDS=""
2277if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2278 if test ! -z "$PRNGD_PORT" ; then
2279 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2280 elif test ! -z "$PRNGD_SOCKET" ; then
2281 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2282 else
2283 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2284 RAND_HELPER_CMDHASH=yes
2285 INSTALL_SSH_PRNG_CMDS="yes"
2286 fi
2287fi
2288AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2289
2290
66d6c27e 2291# Cheap hack to ensure NEWS-OS libraries are arranged right.
2292if test ! -z "$SONY" ; then
2293 LIBS="$LIBS -liberty";
2294fi
2295
9a406e1e 2296# Check for long long datatypes
2297AC_CHECK_TYPES([long long, unsigned long long, long double])
2298
2299# Check datatype sizes
976f7e19 2300AC_CHECK_SIZEOF(char, 1)
2b942fe0 2301AC_CHECK_SIZEOF(short int, 2)
2302AC_CHECK_SIZEOF(int, 4)
2303AC_CHECK_SIZEOF(long int, 4)
2304AC_CHECK_SIZEOF(long long int, 8)
2305
52f1ccb2 2306# Sanity check long long for some platforms (AIX)
2307if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2308 ac_cv_sizeof_long_long_int=0
2309fi
2310
90f15776 2311# compute LLONG_MIN and LLONG_MAX if we don't know them.
2312if test -z "$have_llong_max"; then
2313 AC_MSG_CHECKING([for max value of long long])
2314 AC_RUN_IFELSE(
2315 [AC_LANG_SOURCE([[
2316#include <stdio.h>
2317/* Why is this so damn hard? */
2318#ifdef __GNUC__
2319# undef __GNUC__
2320#endif
2321#define __USE_ISOC99
2322#include <limits.h>
2323#define DATA "conftest.llminmax"
055252ed 2324#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2325
2326/*
2327 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2328 * we do this the hard way.
2329 */
2330static int
2331fprint_ll(FILE *f, long long n)
2332{
2333 unsigned int i;
2334 int l[sizeof(long long) * 8];
2335
2336 if (n < 0)
2337 if (fprintf(f, "-") < 0)
2338 return -1;
2339 for (i = 0; n != 0; i++) {
2340 l[i] = my_abs(n % 10);
2341 n /= 10;
2342 }
2343 do {
2344 if (fprintf(f, "%d", l[--i]) < 0)
2345 return -1;
2346 } while (i != 0);
2347 if (fprintf(f, " ") < 0)
2348 return -1;
2349 return 0;
2350}
2351
90f15776 2352int main(void) {
2353 FILE *f;
2354 long long i, llmin, llmax = 0;
2355
2356 if((f = fopen(DATA,"w")) == NULL)
2357 exit(1);
2358
2359#if defined(LLONG_MIN) && defined(LLONG_MAX)
2360 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2361 llmin = LLONG_MIN;
2362 llmax = LLONG_MAX;
2363#else
2364 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2365 /* This will work on one's complement and two's complement */
2366 for (i = 1; i > llmax; i <<= 1, i++)
2367 llmax = i;
2368 llmin = llmax + 1LL; /* wrap */
2369#endif
2370
2371 /* Sanity check */
2372 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2373 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2374 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2375 fprintf(f, "unknown unknown\n");
2376 exit(2);
2377 }
2378
055252ed 2379 if (fprint_ll(f, llmin) < 0)
90f15776 2380 exit(3);
055252ed 2381 if (fprint_ll(f, llmax) < 0)
2382 exit(4);
2383 if (fclose(f) < 0)
2384 exit(5);
90f15776 2385 exit(0);
2386}
2387 ]])],
2388 [
2389 llong_min=`$AWK '{print $1}' conftest.llminmax`
2390 llong_max=`$AWK '{print $2}' conftest.llminmax`
2391
90f15776 2392 AC_MSG_RESULT($llong_max)
2393 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2394 [max value of long long calculated by configure])
2395 AC_MSG_CHECKING([for min value of long long])
2396 AC_MSG_RESULT($llong_min)
2397 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2398 [min value of long long calculated by configure])
2399 ],
2400 [
2401 AC_MSG_RESULT(not found)
2402 ],
2403 [
2404 AC_MSG_WARN([cross compiling: not checking])
2405 ]
2406 )
2407fi
2408
2409
a0391976 2410# More checks for data types
14a9a859 2411AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2412 AC_TRY_COMPILE(
aff51935 2413 [ #include <sys/types.h> ],
2414 [ u_int a; a = 1;],
14a9a859 2415 [ ac_cv_have_u_int="yes" ],
2416 [ ac_cv_have_u_int="no" ]
2417 )
2418])
2419if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2420 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2421 have_u_int=1
2422fi
2423
58d100bf 2424AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2425 AC_TRY_COMPILE(
aff51935 2426 [ #include <sys/types.h> ],
2427 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2428 [ ac_cv_have_intxx_t="yes" ],
2429 [ ac_cv_have_intxx_t="no" ]
2430 )
2431])
2432if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2433 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2434 have_intxx_t=1
2435fi
41cb4569 2436
2437if (test -z "$have_intxx_t" && \
aff51935 2438 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2439then
2440 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2441 AC_TRY_COMPILE(
aff51935 2442 [ #include <stdint.h> ],
2443 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2444 [
2445 AC_DEFINE(HAVE_INTXX_T)
2446 AC_MSG_RESULT(yes)
2447 ],
2448 [ AC_MSG_RESULT(no) ]
2449 )
2450fi
2451
bd590612 2452AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2453 AC_TRY_COMPILE(
1cbbe6c8 2454 [
2455#include <sys/types.h>
2456#ifdef HAVE_STDINT_H
2457# include <stdint.h>
2458#endif
2459#include <sys/socket.h>
2460#ifdef HAVE_SYS_BITYPES_H
2461# include <sys/bitypes.h>
2462#endif
aff51935 2463 ],
2464 [ int64_t a; a = 1;],
bd590612 2465 [ ac_cv_have_int64_t="yes" ],
2466 [ ac_cv_have_int64_t="no" ]
2467 )
2468])
2469if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2470 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2471fi
2472
58d100bf 2473AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2474 AC_TRY_COMPILE(
aff51935 2475 [ #include <sys/types.h> ],
2476 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2477 [ ac_cv_have_u_intxx_t="yes" ],
2478 [ ac_cv_have_u_intxx_t="no" ]
2479 )
2480])
2481if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2482 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2483 have_u_intxx_t=1
2484fi
2b942fe0 2485
41cb4569 2486if test -z "$have_u_intxx_t" ; then
2487 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2488 AC_TRY_COMPILE(
aff51935 2489 [ #include <sys/socket.h> ],
2490 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2491 [
2492 AC_DEFINE(HAVE_U_INTXX_T)
2493 AC_MSG_RESULT(yes)
2494 ],
2495 [ AC_MSG_RESULT(no) ]
2496 )
2497fi
2498
bd590612 2499AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2500 AC_TRY_COMPILE(
aff51935 2501 [ #include <sys/types.h> ],
2502 [ u_int64_t a; a = 1;],
bd590612 2503 [ ac_cv_have_u_int64_t="yes" ],
2504 [ ac_cv_have_u_int64_t="no" ]
2505 )
2506])
2507if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2508 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2509 have_u_int64_t=1
2510fi
2511
ddceb1c8 2512if test -z "$have_u_int64_t" ; then
2513 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2514 AC_TRY_COMPILE(
aff51935 2515 [ #include <sys/bitypes.h> ],
ddceb1c8 2516 [ u_int64_t a; a = 1],
2517 [
2518 AC_DEFINE(HAVE_U_INT64_T)
2519 AC_MSG_RESULT(yes)
2520 ],
2521 [ AC_MSG_RESULT(no) ]
2522 )
2523fi
2524
41cb4569 2525if test -z "$have_u_intxx_t" ; then
2526 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2527 AC_TRY_COMPILE(
2528 [
2529#include <sys/types.h>
aff51935 2530 ],
2531 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2532 [ ac_cv_have_uintxx_t="yes" ],
2533 [ ac_cv_have_uintxx_t="no" ]
2534 )
2535 ])
2536 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2537 AC_DEFINE(HAVE_UINTXX_T, 1,
2538 [define if you have uintxx_t data type])
41cb4569 2539 fi
2540fi
2541
2542if test -z "$have_uintxx_t" ; then
2543 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2544 AC_TRY_COMPILE(
aff51935 2545 [ #include <stdint.h> ],
2546 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2547 [
2548 AC_DEFINE(HAVE_UINTXX_T)
2549 AC_MSG_RESULT(yes)
2550 ],
2551 [ AC_MSG_RESULT(no) ]
2552 )
2553fi
2554
e5fe9a1f 2555if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2556 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2557then
2558 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2559 AC_TRY_COMPILE(
58d100bf 2560 [
2561#include <sys/bitypes.h>
aff51935 2562 ],
5cdfe03f 2563 [
837c30b8 2564 int8_t a; int16_t b; int32_t c;
2565 u_int8_t e; u_int16_t f; u_int32_t g;
2566 a = b = c = e = f = g = 1;
aff51935 2567 ],
5cdfe03f 2568 [
2569 AC_DEFINE(HAVE_U_INTXX_T)
2570 AC_DEFINE(HAVE_INTXX_T)
2571 AC_MSG_RESULT(yes)
2572 ],
2573 [AC_MSG_RESULT(no)]
aff51935 2574 )
5cdfe03f 2575fi
2576
0362750e 2577
2578AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2579 AC_TRY_COMPILE(
2580 [
2581#include <sys/types.h>
2582 ],
2583 [ u_char foo; foo = 125; ],
2584 [ ac_cv_have_u_char="yes" ],
2585 [ ac_cv_have_u_char="no" ]
2586 )
2587])
2588if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2589 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2590fi
2591
98a7c37b 2592TYPE_SOCKLEN_T
2b942fe0 2593
2d16d9a3 2594AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2595
777ece68 2596AC_CHECK_TYPES(in_addr_t,,,
2597[#include <sys/types.h>
2598#include <netinet/in.h>])
7b578f7d 2599
58d100bf 2600AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2601 AC_TRY_COMPILE(
2602 [
18ba2aab 2603#include <sys/types.h>
58d100bf 2604 ],
2605 [ size_t foo; foo = 1235; ],
2606 [ ac_cv_have_size_t="yes" ],
2607 [ ac_cv_have_size_t="no" ]
2608 )
2609])
2610if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2611 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2612fi
ea1970a3 2613
c04f75f1 2614AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2615 AC_TRY_COMPILE(
2616 [
2617#include <sys/types.h>
2618 ],
2619 [ ssize_t foo; foo = 1235; ],
2620 [ ac_cv_have_ssize_t="yes" ],
2621 [ ac_cv_have_ssize_t="no" ]
2622 )
2623])
2624if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2625 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2626fi
2627
f1c4659d 2628AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2629 AC_TRY_COMPILE(
2630 [
2631#include <time.h>
2632 ],
2633 [ clock_t foo; foo = 1235; ],
2634 [ ac_cv_have_clock_t="yes" ],
2635 [ ac_cv_have_clock_t="no" ]
2636 )
2637])
2638if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2639 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2640fi
2641
1c04b088 2642AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2643 AC_TRY_COMPILE(
2644 [
2645#include <sys/types.h>
2646#include <sys/socket.h>
2647 ],
2648 [ sa_family_t foo; foo = 1235; ],
2649 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2650 [ AC_TRY_COMPILE(
2651 [
2652#include <sys/types.h>
2653#include <sys/socket.h>
2654#include <netinet/in.h>
2655 ],
2656 [ sa_family_t foo; foo = 1235; ],
2657 [ ac_cv_have_sa_family_t="yes" ],
2658
1c04b088 2659 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2660 )]
1c04b088 2661 )
2662])
2663if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2664 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2665 [define if you have sa_family_t data type])
1c04b088 2666fi
2667
729bfe59 2668AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2669 AC_TRY_COMPILE(
2670 [
2671#include <sys/types.h>
2672 ],
2673 [ pid_t foo; foo = 1235; ],
2674 [ ac_cv_have_pid_t="yes" ],
2675 [ ac_cv_have_pid_t="no" ]
2676 )
2677])
2678if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2679 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2680fi
2681
2682AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2683 AC_TRY_COMPILE(
2684 [
2685#include <sys/types.h>
2686 ],
2687 [ mode_t foo; foo = 1235; ],
2688 [ ac_cv_have_mode_t="yes" ],
2689 [ ac_cv_have_mode_t="no" ]
2690 )
2691])
2692if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2693 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2694fi
2695
e3a93db0 2696
58d100bf 2697AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2698 AC_TRY_COMPILE(
2699 [
18ba2aab 2700#include <sys/types.h>
2701#include <sys/socket.h>
58d100bf 2702 ],
2703 [ struct sockaddr_storage s; ],
2704 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2705 [ ac_cv_have_struct_sockaddr_storage="no" ]
2706 )
2707])
2708if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2709 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2710 [define if you have struct sockaddr_storage data type])
58d100bf 2711fi
48e671d5 2712
58d100bf 2713AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2714 AC_TRY_COMPILE(
2715 [
cbd7492e 2716#include <sys/types.h>
58d100bf 2717#include <netinet/in.h>
2718 ],
2719 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2720 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2721 [ ac_cv_have_struct_sockaddr_in6="no" ]
2722 )
2723])
2724if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2725 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2726 [define if you have struct sockaddr_in6 data type])
58d100bf 2727fi
48e671d5 2728
58d100bf 2729AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2730 AC_TRY_COMPILE(
2731 [
cbd7492e 2732#include <sys/types.h>
58d100bf 2733#include <netinet/in.h>
2734 ],
2735 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2736 [ ac_cv_have_struct_in6_addr="yes" ],
2737 [ ac_cv_have_struct_in6_addr="no" ]
2738 )
2739])
2740if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2741 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2742 [define if you have struct in6_addr data type])
58d100bf 2743fi
48e671d5 2744
58d100bf 2745AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2746 AC_TRY_COMPILE(
2747 [
18ba2aab 2748#include <sys/types.h>
2749#include <sys/socket.h>
2750#include <netdb.h>
58d100bf 2751 ],
2752 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2753 [ ac_cv_have_struct_addrinfo="yes" ],
2754 [ ac_cv_have_struct_addrinfo="no" ]
2755 )
2756])
2757if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2758 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2759 [define if you have struct addrinfo data type])
58d100bf 2760fi
2761
89c7e31c 2762AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2763 AC_TRY_COMPILE(
aff51935 2764 [ #include <sys/time.h> ],
2765 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2766 [ ac_cv_have_struct_timeval="yes" ],
2767 [ ac_cv_have_struct_timeval="no" ]
2768 )
2769])
2770if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2771 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2772 have_struct_timeval=1
2773fi
2774
5271b55c 2775AC_CHECK_TYPES(struct timespec)
2776
85abc74b 2777# We need int64_t or else certian parts of the compile will fail.
4b492aab 2778if test "x$ac_cv_have_int64_t" = "xno" && \
2779 test "x$ac_cv_sizeof_long_int" != "x8" && \
2780 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2781 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2782 echo "an alternative compiler (I.E., GCC) before continuing."
2783 echo ""
2784 exit 1;
733cf7f4 2785else
2786dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2787 AC_RUN_IFELSE(
479cece8 2788 [AC_LANG_SOURCE([[
733cf7f4 2789#include <stdio.h>
2790#include <string.h>
2791#ifdef HAVE_SNPRINTF
2792main()
2793{
2794 char buf[50];
2795 char expected_out[50];
2796 int mazsize = 50 ;
2797#if (SIZEOF_LONG_INT == 8)
2798 long int num = 0x7fffffffffffffff;
2799#else
763a1a18 2800 long long num = 0x7fffffffffffffffll;
733cf7f4 2801#endif
2802 strcpy(expected_out, "9223372036854775807");
2803 snprintf(buf, mazsize, "%lld", num);
2804 if(strcmp(buf, expected_out) != 0)
aff51935 2805 exit(1);
733cf7f4 2806 exit(0);
2807}
2808#else
2809main() { exit(0); }
2810#endif
479cece8 2811 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2812 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2813 )
2c523de9 2814fi
2815
77bb0bca 2816dnl Checks for structure members
58d100bf 2817OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2818OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2819OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2820OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2821OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2822OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2823OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2824OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2825OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2826OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2827OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2828OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2829OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2830OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2831OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2832OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2833OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2834
2835AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2836AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2837 [Define if we don't have struct __res_state in resolv.h])],
2838[
2839#include <stdio.h>
2840#if HAVE_SYS_TYPES_H
2841# include <sys/types.h>
2842#endif
2843#include <netinet/in.h>
2844#include <arpa/nameser.h>
2845#include <resolv.h>
2846])
1d7b9b20 2847
58d100bf 2848AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2849 ac_cv_have_ss_family_in_struct_ss, [
2850 AC_TRY_COMPILE(
2851 [
18ba2aab 2852#include <sys/types.h>
2853#include <sys/socket.h>
58d100bf 2854 ],
2855 [ struct sockaddr_storage s; s.ss_family = 1; ],
2856 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2857 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2858 )
2859])
2860if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2861 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2862fi
2863
58d100bf 2864AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2865 ac_cv_have___ss_family_in_struct_ss, [
2866 AC_TRY_COMPILE(
2867 [
18ba2aab 2868#include <sys/types.h>
2869#include <sys/socket.h>
58d100bf 2870 ],
2871 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2872 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2873 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2874 )
2875])
2876if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2877 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2878 [Fields in struct sockaddr_storage])
58d100bf 2879fi
2880
2e73a022 2881AC_CACHE_CHECK([for pw_class field in struct passwd],
2882 ac_cv_have_pw_class_in_struct_passwd, [
2883 AC_TRY_COMPILE(
2884 [
2e73a022 2885#include <pwd.h>
2886 ],
97994d32 2887 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2888 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2889 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2890 )
2891])
2892if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2893 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2894 [Define if your password has a pw_class field])
2e73a022 2895fi
2896
7751d4eb 2897AC_CACHE_CHECK([for pw_expire field in struct passwd],
2898 ac_cv_have_pw_expire_in_struct_passwd, [
2899 AC_TRY_COMPILE(
2900 [
2901#include <pwd.h>
2902 ],
2903 [ struct passwd p; p.pw_expire = 0; ],
2904 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2905 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2906 )
2907])
2908if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2909 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2910 [Define if your password has a pw_expire field])
7751d4eb 2911fi
2912
2913AC_CACHE_CHECK([for pw_change field in struct passwd],
2914 ac_cv_have_pw_change_in_struct_passwd, [
2915 AC_TRY_COMPILE(
2916 [
2917#include <pwd.h>
2918 ],
2919 [ struct passwd p; p.pw_change = 0; ],
2920 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2921 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2922 )
2923])
2924if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2925 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2926 [Define if your password has a pw_change field])
7751d4eb 2927fi
58d100bf 2928
637f9177 2929dnl make sure we're using the real structure members and not defines
6f34652e 2930AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2931 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2932 AC_COMPILE_IFELSE(
6f34652e 2933 [
f95c8ce8 2934#include <sys/types.h>
6f34652e 2935#include <sys/socket.h>
2936#include <sys/uio.h>
637f9177 2937int main() {
2938#ifdef msg_accrights
1a01a50c 2939#error "msg_accrights is a macro"
637f9177 2940exit(1);
2941#endif
2942struct msghdr m;
2943m.msg_accrights = 0;
2944exit(0);
2945}
6f34652e 2946 ],
6f34652e 2947 [ ac_cv_have_accrights_in_msghdr="yes" ],
2948 [ ac_cv_have_accrights_in_msghdr="no" ]
2949 )
2950])
2951if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2952 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2953 [Define if your system uses access rights style
2954 file descriptor passing])
6f34652e 2955fi
2956
7176df4f 2957AC_CACHE_CHECK([for msg_control field in struct msghdr],
2958 ac_cv_have_control_in_msghdr, [
1a01a50c 2959 AC_COMPILE_IFELSE(
7176df4f 2960 [
f95c8ce8 2961#include <sys/types.h>
7176df4f 2962#include <sys/socket.h>
2963#include <sys/uio.h>
637f9177 2964int main() {
2965#ifdef msg_control
1a01a50c 2966#error "msg_control is a macro"
637f9177 2967exit(1);
2968#endif
2969struct msghdr m;
2970m.msg_control = 0;
2971exit(0);
2972}
7176df4f 2973 ],
7176df4f 2974 [ ac_cv_have_control_in_msghdr="yes" ],
2975 [ ac_cv_have_control_in_msghdr="no" ]
2976 )
2977])
2978if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2979 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2980 [Define if your system uses ancillary data style
2981 file descriptor passing])
7176df4f 2982fi
2983
58d100bf 2984AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2985 AC_TRY_LINK([],
2986 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2987 [ ac_cv_libc_defines___progname="yes" ],
2988 [ ac_cv_libc_defines___progname="no" ]
2989 )
2990])
2991if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2992 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2993fi
8946db53 2994
c921ee00 2995AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2996 AC_TRY_LINK([
2997#include <stdio.h>
aff51935 2998],
2999 [ printf("%s", __FUNCTION__); ],
c921ee00 3000 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3001 [ ac_cv_cc_implements___FUNCTION__="no" ]
3002 )
3003])
3004if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3005 AC_DEFINE(HAVE___FUNCTION__, 1,
3006 [Define if compiler implements __FUNCTION__])
c921ee00 3007fi
3008
3009AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3010 AC_TRY_LINK([
3011#include <stdio.h>
aff51935 3012],
3013 [ printf("%s", __func__); ],
c921ee00 3014 [ ac_cv_cc_implements___func__="yes" ],
3015 [ ac_cv_cc_implements___func__="no" ]
3016 )
3017])
3018if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3019 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3020fi
3021
9a406e1e 3022AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3023 AC_TRY_LINK(
3024 [#include <stdarg.h>
3025 va_list x,y;],
3026 [va_copy(x,y);],
3027 [ ac_cv_have_va_copy="yes" ],
3028 [ ac_cv_have_va_copy="no" ]
3029 )
3030])
3031if test "x$ac_cv_have_va_copy" = "xyes" ; then
3032 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3033fi
3034
3035AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3036 AC_TRY_LINK(
3037 [#include <stdarg.h>
3038 va_list x,y;],
3039 [__va_copy(x,y);],
3040 [ ac_cv_have___va_copy="yes" ],
3041 [ ac_cv_have___va_copy="no" ]
3042 )
3043])
3044if test "x$ac_cv_have___va_copy" = "xyes" ; then
3045 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3046fi
3047
1812a662 3048AC_CACHE_CHECK([whether getopt has optreset support],
3049 ac_cv_have_getopt_optreset, [
3050 AC_TRY_LINK(
3051 [
3052#include <getopt.h>
3053 ],
3054 [ extern int optreset; optreset = 0; ],
3055 [ ac_cv_have_getopt_optreset="yes" ],
3056 [ ac_cv_have_getopt_optreset="no" ]
3057 )
3058])
3059if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3060 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3061 [Define if your getopt(3) defines and uses optreset])
1812a662 3062fi
a0391976 3063
819b676f 3064AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3065 AC_TRY_LINK([],
3066 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3067 [ ac_cv_libc_defines_sys_errlist="yes" ],
3068 [ ac_cv_libc_defines_sys_errlist="no" ]
3069 )
3070])
3071if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3072 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3073 [Define if your system defines sys_errlist[]])
819b676f 3074fi
3075
3076
416ed5a7 3077AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3078 AC_TRY_LINK([],
3079 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3080 [ ac_cv_libc_defines_sys_nerr="yes" ],
3081 [ ac_cv_libc_defines_sys_nerr="no" ]
3082 )
3083])
3084if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3085 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3086fi
3087
aff51935 3088SCARD_MSG="no"
295c8801 3089# Check whether user wants sectok support
3090AC_ARG_WITH(sectok,
3091 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3092 [
3093 if test "x$withval" != "xno" ; then
3094 if test "x$withval" != "xyes" ; then
3095 CPPFLAGS="$CPPFLAGS -I${withval}"
3096 LDFLAGS="$LDFLAGS -L${withval}"
3097 if test ! -z "$need_dash_r" ; then
3098 LDFLAGS="$LDFLAGS -R${withval}"
3099 fi
3100 if test ! -z "$blibpath" ; then
3101 blibpath="$blibpath:${withval}"
3102 fi
3103 fi
3104 AC_CHECK_HEADERS(sectok.h)
3105 if test "$ac_cv_header_sectok_h" != yes; then
3106 AC_MSG_ERROR(Can't find sectok.h)
3107 fi
3108 AC_CHECK_LIB(sectok, sectok_open)
3109 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3110 AC_MSG_ERROR(Can't find libsectok)
3111 fi
3466e002 3112 AC_DEFINE(SMARTCARD, 1,
3113 [Define if you want smartcard support])
3114 AC_DEFINE(USE_SECTOK, 1,
3115 [Define if you want smartcard support
3116 using sectok])
aff51935 3117 SCARD_MSG="yes, using sectok"
295c8801 3118 fi
3119 ]
3120)
3121
3122# Check whether user wants OpenSC support
987b458f 3123OPENSC_CONFIG="no"
295c8801 3124AC_ARG_WITH(opensc,
e47fb473 3125 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3126 [
3127 if test "x$withval" != "xno" ; then
3128 if test "x$withval" != "xyes" ; then
3129 OPENSC_CONFIG=$withval/bin/opensc-config
3130 else
3131 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3132 fi
3133 if test "$OPENSC_CONFIG" != "no"; then
3134 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3135 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3136 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3137 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3138 AC_DEFINE(SMARTCARD)
3466e002 3139 AC_DEFINE(USE_OPENSC, 1,
3140 [Define if you want smartcard support
3141 using OpenSC])
987b458f 3142 SCARD_MSG="yes, using OpenSC"
3143 fi
3144 fi
3145 ]
3146)
d0b19c95 3147
c31dc31c 3148# Check libraries needed by DNS fingerprint support
aff51935 3149AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3150 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3151 [Define if getrrsetbyname() exists])],
3e05e934 3152 [
c31dc31c 3153 # Needed by our getrrsetbyname()
3154 AC_SEARCH_LIBS(res_query, resolv)
3155 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3156 AC_MSG_CHECKING(if res_query will link)
3157 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3158 [AC_MSG_RESULT(no)
3159 saved_LIBS="$LIBS"
3160 LIBS="$LIBS -lresolv"
3161 AC_MSG_CHECKING(for res_query in -lresolv)
3162 AC_LINK_IFELSE([
3163#include <resolv.h>
3164int main()
3165{
3166 res_query (0, 0, 0, 0, 0);
3167 return 0;
3168}
3169 ],
3170 [LIBS="$LIBS -lresolv"
3171 AC_MSG_RESULT(yes)],
3172 [LIBS="$saved_LIBS"
3173 AC_MSG_RESULT(no)])
3174 ])
c31dc31c 3175 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3176 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3177 [#include <sys/types.h>
3178 #include <arpa/nameser.h>])
c31dc31c 3179 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3180 [AC_DEFINE(HAVE_HEADER_AD, 1,
3181 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3182 [#include <arpa/nameser.h>])
3183 ])
3e05e934 3184
560acf80 3185AC_MSG_CHECKING(if struct __res_state _res is an extern)
3186AC_LINK_IFELSE([
3187#include <stdio.h>
3188#if HAVE_SYS_TYPES_H
3189# include <sys/types.h>
3190#endif
3191#include <netinet/in.h>
3192#include <arpa/nameser.h>
3193#include <resolv.h>
3194extern struct __res_state _res;
3195int main() { return 0; }
3196 ],
3197 [AC_MSG_RESULT(yes)
3198 AC_DEFINE(HAVE__RES_EXTERN, 1,
3199 [Define if you have struct __res_state _res as an extern])
3200 ],
3201 [ AC_MSG_RESULT(no) ]
3202)
3203
ef4d1846 3204# Check whether user wants SELinux support
3205SELINUX_MSG="no"
3206LIBSELINUX=""
3207AC_ARG_WITH(selinux,
3208 [ --with-selinux Enable SELinux support],
3209 [ if test "x$withval" != "xno" ; then
e54defb4 3210 save_LIBS="$LIBS"
ef4d1846 3211 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3212 SELINUX_MSG="yes"
3213 AC_CHECK_HEADER([selinux/selinux.h], ,
3214 AC_MSG_ERROR(SELinux support requires selinux.h header))
3215 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3216 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3217 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3218 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3219 LIBS="$save_LIBS"
ef4d1846 3220 fi ]
3221)
ef4d1846 3222
12928e80 3223# Check whether user wants Kerberos 5 support
aff51935 3224KRB5_MSG="no"
12928e80 3225AC_ARG_WITH(kerberos5,
aff51935 3226 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3227 [ if test "x$withval" != "xno" ; then
3228 if test "x$withval" = "xyes" ; then
3229 KRB5ROOT="/usr/local"
3230 else
3231 KRB5ROOT=${withval}
3232 fi
3233
3466e002 3234 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3235 KRB5_MSG="yes"
3236
3237 AC_MSG_CHECKING(for krb5-config)
3238 if test -x $KRB5ROOT/bin/krb5-config ; then
3239 KRB5CONF=$KRB5ROOT/bin/krb5-config
3240 AC_MSG_RESULT($KRB5CONF)
3241
3242 AC_MSG_CHECKING(for gssapi support)
3243 if $KRB5CONF | grep gssapi >/dev/null ; then
3244 AC_MSG_RESULT(yes)
3466e002 3245 AC_DEFINE(GSSAPI, 1,
3246 [Define this if you want GSSAPI
3247 support in the version 2 protocol])
071970fb 3248 k5confopts=gssapi
aff51935 3249 else
5585c441 3250 AC_MSG_RESULT(no)
071970fb 3251 k5confopts=""
aff51935 3252 fi
071970fb 3253 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3254 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3255 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3256 AC_MSG_CHECKING(whether we are using Heimdal)
3257 AC_TRY_COMPILE([ #include <krb5.h> ],
3258 [ char *tmp = heimdal_version; ],
3259 [ AC_MSG_RESULT(yes)
3466e002 3260 AC_DEFINE(HEIMDAL, 1,
3261 [Define this if you are using the
3262 Heimdal version of Kerberos V5]) ],
5585c441 3263 AC_MSG_RESULT(no)
3264 )
3265 else
3266 AC_MSG_RESULT(no)
12928e80 3267 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3268 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3269 AC_MSG_CHECKING(whether we are using Heimdal)
3270 AC_TRY_COMPILE([ #include <krb5.h> ],
3271 [ char *tmp = heimdal_version; ],
3272 [ AC_MSG_RESULT(yes)
3273 AC_DEFINE(HEIMDAL)
41707f74 3274 K5LIBS="-lkrb5 -ldes"
3275 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3276 AC_CHECK_LIB(roken, net_write,
41707f74 3277 [K5LIBS="$K5LIBS -lroken"])
aff51935 3278 ],
3279 [ AC_MSG_RESULT(no)
3280 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3281 ]
3282 )
4e00038c 3283 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3284
749560dd 3285 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3286 [ AC_DEFINE(GSSAPI)
3287 K5LIBS="-lgssapi $K5LIBS" ],
3288 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3289 [ AC_DEFINE(GSSAPI)
aff51935 3290 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3291 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3292 $K5LIBS)
3293 ],
3294 $K5LIBS)
82f4e93d 3295
749560dd 3296 AC_CHECK_HEADER(gssapi.h, ,
3297 [ unset ac_cv_header_gssapi_h
aff51935 3298 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3299 AC_CHECK_HEADERS(gssapi.h, ,
3300 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3301 )
749560dd 3302 ]
3303 )
3304
3305 oldCPP="$CPPFLAGS"
3306 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3307 AC_CHECK_HEADER(gssapi_krb5.h, ,
3308 [ CPPFLAGS="$oldCPP" ])
3309
aff51935 3310 fi
5585c441 3311 if test ! -z "$need_dash_r" ; then
3312 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3313 fi
3314 if test ! -z "$blibpath" ; then
3315 blibpath="$blibpath:${KRB5ROOT}/lib"
3316 fi
071970fb 3317
f5555364 3318 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3319 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3320 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3321
f5555364 3322 LIBS="$LIBS $K5LIBS"
3466e002 3323 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3324 [Define this if you want to use libkafs' AFS support]))
f5555364 3325 fi
071970fb 3326 ]
12928e80 3327)
b5b68128 3328
a0391976 3329# Looking for programs, paths and files
a0391976 3330
ecac8ee5 3331PRIVSEP_PATH=/var/empty
3332AC_ARG_WITH(privsep-path,
cda1ebcb 3333 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3334 [
6cf0200f 3335 if test -n "$withval" && test "x$withval" != "xno" && \
3336 test "x${withval}" != "xyes"; then
ecac8ee5 3337 PRIVSEP_PATH=$withval
3338 fi
3339 ]
3340)
3341AC_SUBST(PRIVSEP_PATH)
3342
a0391976 3343AC_ARG_WITH(xauth,
3344 [ --with-xauth=PATH Specify path to xauth program ],
3345 [
6cf0200f 3346 if test -n "$withval" && test "x$withval" != "xno" && \
3347 test "x${withval}" != "xyes"; then
cbd7492e 3348 xauth_path=$withval
a0391976 3349 fi
3350 ],
3351 [
2bf42e4a 3352 TestPath="$PATH"
3353 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3354 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3355 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3356 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3357 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3358 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3359 xauth_path="/usr/openwin/bin/xauth"
3360 fi
3361 ]
3362)
3363
65a4b4af 3364STRIP_OPT=-s
3365AC_ARG_ENABLE(strip,
3366 [ --disable-strip Disable calling strip(1) on install],
3367 [
3368 if test "x$enableval" = "xno" ; then
3369 STRIP_OPT=
3370 fi
3371 ]
3372)
3373AC_SUBST(STRIP_OPT)
3374
b3ec54b4 3375if test -z "$xauth_path" ; then
3376 XAUTH_PATH="undefined"
3377 AC_SUBST(XAUTH_PATH)
3378else
3466e002 3379 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3380 [Define if xauth is found in your path])
b3ec54b4 3381 XAUTH_PATH=$xauth_path
3382 AC_SUBST(XAUTH_PATH)
a0391976 3383fi
a0391976 3384
3385# Check for mail directory (last resort if we cannot get it from headers)
3386if test ! -z "$MAIL" ; then
3387 maildir=`dirname $MAIL`
3466e002 3388 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3389 [Set this to your mail directory if you don't have maillock.h])
a0391976 3390fi
3391
479cece8 3392if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3393 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3394 disable_ptmx_check=yes
3395fi
a0391976 3396if test -z "$no_dev_ptmx" ; then
6e879cb4 3397 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3398 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3399 [
3466e002 3400 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3401 [Define if you have /dev/ptmx])
6e879cb4 3402 have_dev_ptmx=1
3403 ]
3404 )
3405 fi
3276571c 3406fi
1a01a50c 3407
479cece8 3408if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3409 AC_CHECK_FILE("/dev/ptc",
3410 [
3466e002 3411 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3412 [Define if you have /dev/ptc])
1a01a50c 3413 have_dev_ptc=1
3414 ]
3415 )
3416else
3417 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3418fi
3276571c 3419
a0391976 3420# Options from here on. Some of these are preset by platform above
fdf6b7aa 3421AC_ARG_WITH(mantype,
5d97cfbf 3422 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3423 [
5d97cfbf 3424 case "$withval" in
3425 man|cat|doc)
3426 MANTYPE=$withval
3427 ;;
3428 *)
3429 AC_MSG_ERROR(invalid man type: $withval)
3430 ;;
3431 esac
c54a6257 3432 ]
3433)
e0c4d3ac 3434if test -z "$MANTYPE"; then
2bf42e4a 3435 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3436 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3437 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3438 MANTYPE=doc
3439 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3440 MANTYPE=man
3441 else
3442 MANTYPE=cat
3443 fi
3444fi
c54a6257 3445AC_SUBST(MANTYPE)
e0c4d3ac 3446if test "$MANTYPE" = "doc"; then
3447 mansubdir=man;
3448else
3449 mansubdir=$MANTYPE;
3450fi
3451AC_SUBST(mansubdir)
0bc5b6fb 3452
a0391976 3453# Check whether to enable MD5 passwords
aff51935 3454MD5_MSG="no"
2ddcfdf3 3455AC_ARG_WITH(md5-passwords,
caf3bc51 3456 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3457 [
bcf36c78 3458 if test "x$withval" != "xno" ; then
3466e002 3459 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3460 [Define if you want to allow MD5 passwords])
aff51935 3461 MD5_MSG="yes"
0bc5b6fb 3462 fi
3463 ]
caf3bc51 3464)
3465
a0391976 3466# Whether to disable shadow password support
a7effaac 3467AC_ARG_WITH(shadow,
3468 [ --without-shadow Disable shadow password support],
3469 [
82f4e93d 3470 if test "x$withval" = "xno" ; then
a7effaac 3471 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3472 disable_shadow=yes
a7effaac 3473 fi
3474 ]
3475)
3476
4cb5ffa0 3477if test -z "$disable_shadow" ; then
3478 AC_MSG_CHECKING([if the systems has expire shadow information])
3479 AC_TRY_COMPILE(
3480 [
3481#include <sys/types.h>
3482#include <shadow.h>
3483 struct spwd sp;
3484 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3485 [ sp_expire_available=yes ], []
3486 )
3487
3488 if test "x$sp_expire_available" = "xyes" ; then
3489 AC_MSG_RESULT(yes)
3466e002 3490 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3491 [Define if you want to use shadow password expire field])
4cb5ffa0 3492 else
3493 AC_MSG_RESULT(no)
3494 fi
3495fi
3496
a0391976 3497# Use ip address instead of hostname in $DISPLAY
44839801 3498if test ! -z "$IPADDR_IN_DISPLAY" ; then
3499 DISPLAY_HACK_MSG="yes"
3466e002 3500 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3501 [Define if you need to use IP address
3502 instead of hostname in $DISPLAY])
44839801 3503else
aff51935 3504 DISPLAY_HACK_MSG="no"
44839801 3505 AC_ARG_WITH(ipaddr-display,
3506 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3507 [
82f4e93d 3508 if test "x$withval" != "xno" ; then
44839801 3509 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3510 DISPLAY_HACK_MSG="yes"
44839801 3511 fi
3512 ]
3513 )
3514fi
a7effaac 3515
95b99395 3516# check for /etc/default/login and use it if present.
daa41e62 3517AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3518 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3519 [ if test "x$enableval" = "xno"; then
3520 AC_MSG_NOTICE([/etc/default/login handling disabled])
3521 etc_default_login=no
3522 else
3523 etc_default_login=yes
3524 fi ],
b0e7249f 3525 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3526 then
3527 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3528 etc_default_login=no
3529 else
3530 etc_default_login=yes
3531 fi ]
694d0cef 3532)
95b99395 3533
694d0cef 3534if test "x$etc_default_login" != "xno"; then
3535 AC_CHECK_FILE("/etc/default/login",
3536 [ external_path_file=/etc/default/login ])
b0e7249f 3537 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3538 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3539 [Define if your system has /etc/default/login])
1a01a50c 3540 fi
694d0cef 3541fi
95b99395 3542
8d184c09 3543dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3544if test $ac_cv_func_login_getcapbool = "yes" && \
3545 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3546 external_path_file=/etc/login.conf
8d184c09 3547fi
95b99395 3548
a0391976 3549# Whether to mess with the default path
aff51935 3550SERVER_PATH_MSG="(default)"
c43d69a9 3551AC_ARG_WITH(default-path,
75817f90 3552 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3553 [
95b99395 3554 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3555 AC_MSG_WARN([
3556--with-default-path=PATH has no effect on this system.
3557Edit /etc/login.conf instead.])
82f4e93d 3558 elif test "x$withval" != "xno" ; then
89bbd457 3559 if test ! -z "$external_path_file" ; then
95b99395 3560 AC_MSG_WARN([
3561--with-default-path=PATH will only be used if PATH is not defined in
3562$external_path_file .])
3563 fi
b2d818e6 3564 user_path="$withval"
aff51935 3565 SERVER_PATH_MSG="$withval"
cb807f40 3566 fi
b2d818e6 3567 ],
95b99395 3568 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3569 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3570 else
89bbd457 3571 if test ! -z "$external_path_file" ; then
95b99395 3572 AC_MSG_WARN([
3573If PATH is defined in $external_path_file, ensure the path to scp is included,
3574otherwise scp will not work.])
3575 fi
b0e7249f 3576 AC_RUN_IFELSE(
3577 [AC_LANG_SOURCE([[
b2d818e6 3578/* find out what STDPATH is */
3579#include <stdio.h>
b2d818e6 3580#ifdef HAVE_PATHS_H
3581# include <paths.h>
3582#endif
3583#ifndef _PATH_STDPATH
d9a4e55b 3584# ifdef _PATH_USERPATH /* Irix */
3585# define _PATH_STDPATH _PATH_USERPATH
3586# else
3587# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3588# endif
b2d818e6 3589#endif
3590#include <sys/types.h>
3591#include <sys/stat.h>
3592#include <fcntl.h>
3593#define DATA "conftest.stdpath"
3594
3595main()
3596{
3597 FILE *fd;
3598 int rc;
82f4e93d 3599
b2d818e6 3600 fd = fopen(DATA,"w");
3601 if(fd == NULL)
3602 exit(1);
82f4e93d 3603
b2d818e6 3604 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3605 exit(1);
3606
3607 exit(0);
3608}
b0e7249f 3609 ]])],
3610 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3611 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3612 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3613 )
3614# make sure $bindir is in USER_PATH so scp will work
3615 t_bindir=`eval echo ${bindir}`
3616 case $t_bindir in
3617 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3618 esac
3619 case $t_bindir in
3620 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3621 esac
3622 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3623 if test $? -ne 0 ; then
3624 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3625 if test $? -ne 0 ; then
3626 user_path=$user_path:$t_bindir
3627 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3628 fi
3629 fi
8d184c09 3630 fi ]
cb807f40 3631)
95b99395 3632if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3633 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3634 AC_SUBST(user_path)
3635fi
cb807f40 3636
06617857 3637# Set superuser path separately to user path
06617857 3638AC_ARG_WITH(superuser-path,
3639 [ --with-superuser-path= Specify different path for super-user],
3640 [
6cf0200f 3641 if test -n "$withval" && test "x$withval" != "xno" && \
3642 test "x${withval}" != "xyes"; then
3466e002 3643 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3644 [Define if you want a different $PATH
3645 for the superuser])
06617857 3646 superuser_path=$withval
3647 fi
3648 ]
3649)
3650
3651
58d100bf 3652AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3653IPV4_IN6_HACK_MSG="no"
80faa19f 3654AC_ARG_WITH(4in6,
3655 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3656 [
3657 if test "x$withval" != "xno" ; then
3658 AC_MSG_RESULT(yes)
3466e002 3659 AC_DEFINE(IPV4_IN_IPV6, 1,
3660 [Detect IPv4 in IPv6 mapped addresses
3661 and treat as IPv4])
aff51935 3662 IPV4_IN6_HACK_MSG="yes"
80faa19f 3663 else
3664 AC_MSG_RESULT(no)
3665 fi
3666 ],[
3667 if test "x$inet6_default_4in6" = "xyes"; then
3668 AC_MSG_RESULT([yes (default)])
3669 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3670 IPV4_IN6_HACK_MSG="yes"
80faa19f 3671 else
3672 AC_MSG_RESULT([no (default)])
3673 fi
3674 ]
3675)
3676
af774732 3677# Whether to enable BSD auth support
f1b0ecc3 3678BSD_AUTH_MSG=no
af774732 3679AC_ARG_WITH(bsd-auth,
3680 [ --with-bsd-auth Enable BSD auth support],
3681 [
82f4e93d 3682 if test "x$withval" != "xno" ; then
3466e002 3683 AC_DEFINE(BSD_AUTH, 1,
3684 [Define if you have BSD auth support])
f1b0ecc3 3685 BSD_AUTH_MSG=yes
af774732 3686 fi
3687 ]
3688)
3689
a0391976 3690# Where to place sshd.pid
19d9ac2a 3691piddir=/var/run
81dadca3 3692# make sure the directory exists
82f4e93d 3693if test ! -d $piddir ; then
81dadca3 3694 piddir=`eval echo ${sysconfdir}`
3695 case $piddir in
aff51935 3696 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3697 esac
3698fi
3699
47e45e44 3700AC_ARG_WITH(pid-dir,
3701 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3702 [
6cf0200f 3703 if test -n "$withval" && test "x$withval" != "xno" && \
3704 test "x${withval}" != "xyes"; then
19d9ac2a 3705 piddir=$withval
82f4e93d 3706 if test ! -d $piddir ; then
81dadca3 3707 AC_MSG_WARN([** no $piddir directory on this system **])
3708 fi
47e45e44 3709 fi
3710 ]
3711)
b7a87eea 3712
3466e002 3713AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3714AC_SUBST(piddir)
47e45e44 3715
1d7b9b20 3716dnl allow user to disable some login recording features
3717AC_ARG_ENABLE(lastlog,
bfd550a2 3718 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3719 [
3720 if test "x$enableval" = "xno" ; then
3721 AC_DEFINE(DISABLE_LASTLOG)
3722 fi
3723 ]
1d7b9b20 3724)
3725AC_ARG_ENABLE(utmp,
bfd550a2 3726 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3727 [
3728 if test "x$enableval" = "xno" ; then
3729 AC_DEFINE(DISABLE_UTMP)
3730 fi
3731 ]
1d7b9b20 3732)
3733AC_ARG_ENABLE(utmpx,
bfd550a2 3734 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3735 [
3736 if test "x$enableval" = "xno" ; then
3466e002 3737 AC_DEFINE(DISABLE_UTMPX, 1,
3738 [Define if you don't want to use utmpx])
ddb154b3 3739 fi
3740 ]
1d7b9b20 3741)
3742AC_ARG_ENABLE(wtmp,
bfd550a2 3743 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3744 [
3745 if test "x$enableval" = "xno" ; then
3746 AC_DEFINE(DISABLE_WTMP)
3747 fi
3748 ]
1d7b9b20 3749)
3750AC_ARG_ENABLE(wtmpx,
bfd550a2 3751 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3752 [
3753 if test "x$enableval" = "xno" ; then
3466e002 3754 AC_DEFINE(DISABLE_WTMPX, 1,
3755 [Define if you don't want to use wtmpx])
ddb154b3 3756 fi
3757 ]
1d7b9b20 3758)
3759AC_ARG_ENABLE(libutil,
bfd550a2 3760 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3761 [
3762 if test "x$enableval" = "xno" ; then
3763 AC_DEFINE(DISABLE_LOGIN)
3764 fi
3765 ]
1d7b9b20 3766)
3767AC_ARG_ENABLE(pututline,
bfd550a2 3768 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3769 [
3770 if test "x$enableval" = "xno" ; then
3466e002 3771 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3772 [Define if you don't want to use pututline()
3773 etc. to write [uw]tmp])
ddb154b3 3774 fi
3775 ]
1d7b9b20 3776)
3777AC_ARG_ENABLE(pututxline,
bfd550a2 3778 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3779 [
3780 if test "x$enableval" = "xno" ; then
3466e002 3781 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3782 [Define if you don't want to use pututxline()
3783 etc. to write [uw]tmpx])
ddb154b3 3784 fi
3785 ]
1d7b9b20 3786)
3787AC_ARG_WITH(lastlog,
bfd550a2 3788 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3789 [
82f4e93d 3790 if test "x$withval" = "xno" ; then
8c89dd2b 3791 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3792 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3793 conf_lastlog_location=$withval
3794 fi
3795 ]
3796)
1d7b9b20 3797
3798dnl lastlog, [uw]tmpx? detection
3799dnl NOTE: set the paths in the platform section to avoid the
3800dnl need for command-line parameters
3801dnl lastlog and [uw]tmp are subject to a file search if all else fails
3802
3803dnl lastlog detection
3804dnl NOTE: the code itself will detect if lastlog is a directory
3805AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3806AC_TRY_COMPILE([
3807#include <sys/types.h>
3808#include <utmp.h>
3809#ifdef HAVE_LASTLOG_H
3810# include <lastlog.h>
3811#endif
d7c0f3d5 3812#ifdef HAVE_PATHS_H
1d7b9b20 3813# include <paths.h>
41cb4569 3814#endif
3815#ifdef HAVE_LOGIN_H
3816# include <login.h>
1d7b9b20 3817#endif
3818 ],
3819 [ char *lastlog = LASTLOG_FILE; ],
3820 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3821 [
3822 AC_MSG_RESULT(no)
3823 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3824 AC_TRY_COMPILE([
3825#include <sys/types.h>
3826#include <utmp.h>
3827#ifdef HAVE_LASTLOG_H
3828# include <lastlog.h>
3829#endif
3830#ifdef HAVE_PATHS_H
3831# include <paths.h>
3832#endif
3833 ],
3834 [ char *lastlog = _PATH_LASTLOG; ],
3835 [ AC_MSG_RESULT(yes) ],
3836 [
f282b668 3837 AC_MSG_RESULT(no)
d7c0f3d5 3838 system_lastlog_path=no
3839 ])
3840 ]
1d7b9b20 3841)
d7c0f3d5 3842
1d7b9b20 3843if test -z "$conf_lastlog_location"; then
3844 if test x"$system_lastlog_path" = x"no" ; then
3845 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3846 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3847 conf_lastlog_location=$f
3848 fi
3849 done
3850 if test -z "$conf_lastlog_location"; then
f8119cef 3851 AC_MSG_WARN([** Cannot find lastlog **])
3852 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3853 fi
3854 fi
3855fi
3856
3857if test -n "$conf_lastlog_location"; then
3466e002 3858 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3859 [Define if you want to specify the path to your lastlog file])
82f4e93d 3860fi
1d7b9b20 3861
3862dnl utmp detection
3863AC_MSG_CHECKING([if your system defines UTMP_FILE])
3864AC_TRY_COMPILE([
3865#include <sys/types.h>
3866#include <utmp.h>
d7c0f3d5 3867#ifdef HAVE_PATHS_H
1d7b9b20 3868# include <paths.h>
3869#endif
3870 ],
3871 [ char *utmp = UTMP_FILE; ],
3872 [ AC_MSG_RESULT(yes) ],
3873 [ AC_MSG_RESULT(no)
3874 system_utmp_path=no ]
3875)
3876if test -z "$conf_utmp_location"; then
3877 if test x"$system_utmp_path" = x"no" ; then
3878 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3879 if test -f $f ; then
3880 conf_utmp_location=$f
3881 fi
3882 done
3883 if test -z "$conf_utmp_location"; then
3884 AC_DEFINE(DISABLE_UTMP)
3885 fi
3886 fi
3887fi
3888if test -n "$conf_utmp_location"; then
3466e002 3889 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3890 [Define if you want to specify the path to your utmp file])
82f4e93d 3891fi
1d7b9b20 3892
3893dnl wtmp detection
3894AC_MSG_CHECKING([if your system defines WTMP_FILE])
3895AC_TRY_COMPILE([
3896#include <sys/types.h>
3897#include <utmp.h>
d7c0f3d5 3898#ifdef HAVE_PATHS_H
1d7b9b20 3899# include <paths.h>
3900#endif
3901 ],
3902 [ char *wtmp = WTMP_FILE; ],
3903 [ AC_MSG_RESULT(yes) ],
3904 [ AC_MSG_RESULT(no)
3905 system_wtmp_path=no ]
3906)
3907if test -z "$conf_wtmp_location"; then
3908 if test x"$system_wtmp_path" = x"no" ; then
3909 for f in /usr/adm/wtmp /var/log/wtmp; do
3910 if test -f $f ; then
3911 conf_wtmp_location=$f
3912 fi
3913 done
3914 if test -z "$conf_wtmp_location"; then
3915 AC_DEFINE(DISABLE_WTMP)
3916 fi
3917 fi
3918fi
3919if test -n "$conf_wtmp_location"; then
3466e002 3920 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3921 [Define if you want to specify the path to your wtmp file])
82f4e93d 3922fi
1d7b9b20 3923
3924
3925dnl utmpx detection - I don't know any system so perverse as to require
3926dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3927dnl there, though.
3928AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3929AC_TRY_COMPILE([
3930#include <sys/types.h>
3931#include <utmp.h>
3932#ifdef HAVE_UTMPX_H
3933#include <utmpx.h>
3934#endif
d7c0f3d5 3935#ifdef HAVE_PATHS_H
1d7b9b20 3936# include <paths.h>
3937#endif
3938 ],
3939 [ char *utmpx = UTMPX_FILE; ],
3940 [ AC_MSG_RESULT(yes) ],
3941 [ AC_MSG_RESULT(no)
3942 system_utmpx_path=no ]
3943)
3944if test -z "$conf_utmpx_location"; then
3945 if test x"$system_utmpx_path" = x"no" ; then
3946 AC_DEFINE(DISABLE_UTMPX)
3947 fi
3948else
3466e002 3949 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3950 [Define if you want to specify the path to your utmpx file])
82f4e93d 3951fi
1d7b9b20 3952
3953dnl wtmpx detection
3954AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3955AC_TRY_COMPILE([
3956#include <sys/types.h>
3957#include <utmp.h>
3958#ifdef HAVE_UTMPX_H
3959#include <utmpx.h>
3960#endif
d7c0f3d5 3961#ifdef HAVE_PATHS_H
1d7b9b20 3962# include <paths.h>
3963#endif
3964 ],
3965 [ char *wtmpx = WTMPX_FILE; ],
3966 [ AC_MSG_RESULT(yes) ],
3967 [ AC_MSG_RESULT(no)
3968 system_wtmpx_path=no ]
3969)
3970if test -z "$conf_wtmpx_location"; then
3971 if test x"$system_wtmpx_path" = x"no" ; then
3972 AC_DEFINE(DISABLE_WTMPX)
3973 fi
3974else
3466e002 3975 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3976 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3977fi
1d7b9b20 3978
b7a87eea 3979
bd499f9e 3980if test ! -z "$blibpath" ; then
68ece370 3981 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3982 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3983fi
3984
ed89c848 3985dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3986dnl Add now.
3987CFLAGS="$CFLAGS $werror_flags"
3988
3c62e7eb 3989AC_EXEEXT
29eadd7c 3990AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
3991 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
3992 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3993AC_OUTPUT
d3083fbd 3994
cbd7492e 3995# Print summary of options
3996
cbd7492e 3997# Someone please show me a better way :)
3998A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3999B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4000C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4001D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4002E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4003F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4004G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4005H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4006I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4007J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4008
4009echo ""
26de7942 4010echo "OpenSSH has been configured with the following options:"
ecac8ee5 4011echo " User binaries: $B"
4012echo " System binaries: $C"
4013echo " Configuration files: $D"
4014echo " Askpass program: $E"
4015echo " Manual pages: $F"
4016echo " PID file: $G"
4017echo " Privilege separation chroot path: $H"
95b99395 4018if test "x$external_path_file" = "x/etc/login.conf" ; then
4019echo " At runtime, sshd will use the path defined in $external_path_file"
4020echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4021else
ecac8ee5 4022echo " sshd default user PATH: $I"
89bbd457 4023 if test ! -z "$external_path_file"; then
95b99395 4024echo " (If PATH is set in $external_path_file it will be used instead. If"
4025echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4026 fi
8d184c09 4027fi
06617857 4028if test ! -z "$superuser_path" ; then
ecac8ee5 4029echo " sshd superuser user PATH: $J"
4030fi
4031echo " Manpage format: $MANTYPE"
3e05e934 4032echo " PAM support: $PAM_MSG"
5b84789f 4033echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4034echo " KerberosV support: $KRB5_MSG"
ef4d1846 4035echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4036echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4037echo " S/KEY support: $SKEY_MSG"
4038echo " TCP Wrappers support: $TCPW_MSG"
4039echo " MD5 password support: $MD5_MSG"
59031773 4040echo " libedit support: $LIBEDIT_MSG"
5b84789f 4041echo " Solaris process contract support: $SPC_MSG"
3deb1408 4042echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4043echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4044echo " BSD Auth support: $BSD_AUTH_MSG"
4045echo " Random number source: $RAND_MSG"
f1b0ecc3 4046if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4047echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4048fi
4049
cbd7492e 4050echo ""
4051
0c2fb82f 4052echo " Host: ${host}"
4053echo " Compiler: ${CC}"
4054echo " Compiler flags: ${CFLAGS}"
4055echo "Preprocessor flags: ${CPPFLAGS}"
4056echo " Linker flags: ${LDFLAGS}"
e54defb4 4057echo " Libraries: ${LIBS}"
4058if test ! -z "${SSHDLIBS}"; then
4059echo " +for sshd: ${SSHDLIBS}"
4060fi
cbd7492e 4061
4062echo ""
4063
9cefe228 4064if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4065 echo "SVR4 style packages are supported with \"make package\""
4066 echo ""
9cefe228 4067fi
4068
adeebd37 4069if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4070 echo "PAM is enabled. You may need to install a PAM control file "
4071 echo "for sshd, otherwise password authentication may fail. "
aff51935 4072 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4073 echo "subdirectory"
adeebd37 4074 echo ""
4075fi
4076
f1b0ecc3 4077if test ! -z "$RAND_HELPER_CMDHASH" ; then
4078 echo "WARNING: you are using the builtin random number collection "
4079 echo "service. Please read WARNING.RNG and request that your OS "
4080 echo "vendor includes kernel-based random number collection in "
4081 echo "future versions of your OS."
2c523de9 4082 echo ""
4083fi
af774732 4084
2f6f9cff 4085if test ! -z "$NO_PEERCHECK" ; then
1961d660 4086 echo "WARNING: the operating system that you are using does not"
4087 echo "appear to support getpeereid(), getpeerucred() or the"
4088 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4089 echo "enforce security checks to prevent unauthorised connections to"
4090 echo "ssh-agent. Their absence increases the risk that a malicious"
4091 echo "user can connect to your agent."
2f6f9cff 4092 echo ""
4093fi
4094
7b578f7d 4095if test "$AUDIT_MODULE" = "bsm" ; then
4096 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4097 echo "See the Solaris section in README.platform for details."
4098fi
git-cvsimport mirror of OpenSSH
This page took 1.197862 seconds and 5 git commands to generate.