]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (tim) [configure.ac] Bug 998. Make path for --with-opensc optional.
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
bc6f919d 17AC_INIT(OpenSSH, Portable)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
78
d423d822 79AC_C_INLINE
aff51935 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
d423d822 82fi
83
e6354014 84AC_ARG_WITH(rpath,
85 [ --without-rpath Disable auto-added -R linker paths],
86 [
87 if test "x$withval" = "xno" ; then
88 need_dash_r=""
89 fi
90 if test "x$withval" = "xyes" ; then
91 need_dash_r=1
92 fi
93 ]
94)
95
a0391976 96# Check for some target-specific stuff
a7effaac 97case "$host" in
9d6b1b96 98*-*-aix*)
aff51935 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 100 if (test -z "$blibpath"); then
0a15d73b 101 blibpath="/usr/lib:/lib"
68ece370 102 fi
103 saved_LDFLAGS="$LDFLAGS"
104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
105 if (test -z "$blibflags"); then
106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
107 AC_TRY_LINK([], [], [blibflags=$tryflags])
108 fi
109 done
110 if (test -z "$blibflags"); then
111 AC_MSG_RESULT(not found)
112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
113 else
114 AC_MSG_RESULT($blibflags)
bd499f9e 115 fi
68ece370 116 LDFLAGS="$saved_LDFLAGS"
e351e493 117 dnl Check for authenticate. Might be in libs.a on older AIXes
118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 119 [AC_CHECK_LIB(s,authenticate,
e351e493 120 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 121 LIBS="$LIBS -ls"
122 ])
123 ])
ba603e06 124 dnl Check for various auth function declarations in headers.
c85ed8e2 125 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
126 passwdexpired], , , [#include <usersec.h>])
e351e493 127 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 128 AC_CHECK_DECLS(loginfailed,
e351e493 129 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
130 AC_TRY_COMPILE(
f58c0e01 131 [#include <usersec.h>],
e351e493 132 [(void)loginfailed("user","host","tty",0);],
133 [AC_MSG_RESULT(yes)
134 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 135 [AC_MSG_RESULT(no)]
e351e493 136 )],
137 [],
138 [#include <usersec.h>]
139 )
2aa3a16c 140 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 141 check_for_aix_broken_getaddrinfo=1
1352689f 142 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 143 AC_DEFINE(SETEUID_BREAKS_SETUID)
144 AC_DEFINE(BROKEN_SETREUID)
145 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 146 dnl AIX handles lastlog as part of its login message
147 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 148 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 149 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 150 ;;
3c62e7eb 151*-*-cygwin*)
a52997bd 152 check_for_libcrypt_later=1
ffb8d130 153 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 154 AC_DEFINE(HAVE_CYGWIN)
7043a38d 155 AC_DEFINE(USE_PIPES)
3c62e7eb 156 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 157 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 158 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 159 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 160 AC_DEFINE(DISABLE_FD_PASSING)
3c62e7eb 161 ;;
d6fdb079 162*-*-dgux*)
163 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 164 AC_DEFINE(SETEUID_BREAKS_SETUID)
165 AC_DEFINE(BROKEN_SETREUID)
166 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 167 ;;
39c98ef7 168*-*-darwin*)
33e2e066 169 AC_MSG_CHECKING(if we have working getaddrinfo)
170 AC_TRY_RUN([#include <mach-o/dyld.h>
171main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
172 exit(0);
173 else
174 exit(1);
175}], [AC_MSG_RESULT(working)],
176 [AC_MSG_RESULT(buggy)
177 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 178 [AC_MSG_RESULT(assume it is working)])
635e0c42 179 AC_DEFINE(SETEUID_BREAKS_SETUID)
180 AC_DEFINE(BROKEN_SETREUID)
181 AC_DEFINE(BROKEN_SETREGID)
ff620033 182 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 183 ;;
6e879cb4 184*-*-hpux10.26)
185 if test -z "$GCC"; then
186 CFLAGS="$CFLAGS -Ae"
187 fi
188 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
189 IPADDR_IN_DISPLAY=yes
190 AC_DEFINE(HAVE_SECUREWARE)
191 AC_DEFINE(USE_PIPES)
192 AC_DEFINE(LOGIN_NO_ENDOPT)
193 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 194 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 195 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 196 LIBS="$LIBS -lsec -lsecpw"
197 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
6e879cb4 198 disable_ptmx_check=yes
199 ;;
a7effaac 200*-*-hpux10*)
201 if test -z "$GCC"; then
fc1e8bf4 202 CFLAGS="$CFLAGS -Ae"
a7effaac 203 fi
28564873 204 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 205 IPADDR_IN_DISPLAY=yes
137d7b6c 206 AC_DEFINE(USE_PIPES)
a2572aa7 207 AC_DEFINE(LOGIN_NO_ENDOPT)
208 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 209 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 210 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 211 LIBS="$LIBS -lsec"
212 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
a7effaac 213 ;;
2b763e31 214*-*-hpux11*)
b8fea62d 215 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 216 IPADDR_IN_DISPLAY=yes
adeebd37 217 AC_DEFINE(PAM_SUN_CODEBASE)
2b10f47a 218 AC_DEFINE(USE_PIPES)
a2572aa7 219 AC_DEFINE(LOGIN_NO_ENDOPT)
220 AC_DEFINE(LOGIN_NEEDS_UTMPX)
764d4113 221 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 222 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 223 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
b6610e8f 224 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
2fe51906 225 check_for_hpux_broken_getaddrinfo=1
b29fd59f 226 check_for_conflicting_getspnam=1
f75ca46d 227 LIBS="$LIBS -lsec"
228 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2b763e31 229 ;;
d94aa2ae 230*-*-irix5*)
6ac7829a 231 PATH="$PATH:/usr/etc"
416ed5a7 232 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 233 AC_DEFINE(SETEUID_BREAKS_SETUID)
234 AC_DEFINE(BROKEN_SETREUID)
235 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 236 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 237 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 238 ;;
239*-*-irix6*)
6ac7829a 240 PATH="$PATH:/usr/etc"
3206bb3b 241 AC_DEFINE(WITH_IRIX_ARRAY)
242 AC_DEFINE(WITH_IRIX_PROJECT)
243 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 244 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 245 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 246 AC_DEFINE(SETEUID_BREAKS_SETUID)
247 AC_DEFINE(BROKEN_SETREUID)
248 AC_DEFINE(BROKEN_SETREGID)
3d59832f 249 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 250 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 251 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 252 ;;
5cdfe03f 253*-*-linux*)
254 no_dev_ptmx=1
717057b6 255 check_for_libcrypt_later=1
eacb954e 256 check_for_openpty_ctty_bug=1
80faa19f 257 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 258 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 259 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 260 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 261 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 262 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
263 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 264 inet6_default_4in6=yes
bf7c1e6c 265 case `uname -r` in
ad84c479 266 1.*|2.0.*)
bf7c1e6c 267 AC_DEFINE(BROKEN_CMSG_TYPE)
268 ;;
bf7c1e6c 269 esac
5cdfe03f 270 ;;
66d6c27e 271mips-sony-bsd|mips-sony-newsos4)
272 AC_DEFINE(HAVE_NEWS4)
273 SONY=1
66d6c27e 274 ;;
d468fc76 275*-*-netbsd*)
33e2e066 276 check_for_libcrypt_before=1
e6354014 277 if test "x$withval" != "xno" ; then
278 need_dash_r=1
279 fi
d468fc76 280 ;;
86b416a7 281*-*-freebsd*)
282 check_for_libcrypt_later=1
283 ;;
8707b7eb 284*-*-bsdi*)
285 AC_DEFINE(SETEUID_BREAKS_SETUID)
286 AC_DEFINE(BROKEN_SETREUID)
287 AC_DEFINE(BROKEN_SETREGID)
288 ;;
729bfe59 289*-next-*)
729bfe59 290 conf_lastlog_location="/usr/adm/lastlog"
698d107e 291 conf_utmp_location=/etc/utmp
292 conf_wtmp_location=/usr/adm/wtmp
293 MAIL=/usr/spool/mail
729bfe59 294 AC_DEFINE(HAVE_NEXT)
443172c4 295 AC_DEFINE(BROKEN_REALPATH)
00937921 296 AC_DEFINE(USE_PIPES)
86b416a7 297 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 298 ;;
9d6b1b96 299*-*-solaris*)
010e9d5b 300 if test "x$withval" != "xno" ; then
301 need_dash_r=1
302 fi
adeebd37 303 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 304 AC_DEFINE(LOGIN_NEEDS_UTMPX)
305 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 306 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 307 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 308 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 309 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
310 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 311 external_path_file=/etc/default/login
1d7b9b20 312 # hardwire lastlog location (can't detect it on some versions)
313 conf_lastlog_location="/var/adm/lastlog"
32c80420 314 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
315 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
316 if test "$sol2ver" -ge 8; then
317 AC_MSG_RESULT(yes)
318 AC_DEFINE(DISABLE_UTMP)
319 AC_DEFINE(DISABLE_WTMP)
320 else
321 AC_MSG_RESULT(no)
322 fi
9d6b1b96 323 ;;
a423beaf 324*-*-sunos4*)
0c2fb82f 325 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 326 AC_CHECK_FUNCS(getpwanam)
adeebd37 327 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 328 conf_utmp_location=/etc/utmp
329 conf_wtmp_location=/var/adm/wtmp
330 conf_lastlog_location=/var/adm/lastlog
137d7b6c 331 AC_DEFINE(USE_PIPES)
a423beaf 332 ;;
6f68f28a 333*-ncr-sysv*)
98a7c37b 334 LIBS="$LIBS -lc89"
29525240 335 AC_DEFINE(USE_PIPES)
eabb99c6 336 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 337 AC_DEFINE(SETEUID_BREAKS_SETUID)
338 AC_DEFINE(BROKEN_SETREUID)
339 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 340 ;;
132dd316 341*-sni-sysv*)
c8c15bcb 342 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 343 AC_CHECK_LIB(dl, dlsym, ,)
85cf54ec 344 # -lresolv needs to be at then end of LIBS or DNS lookups break
345 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
9548d6c8 346 IPADDR_IN_DISPLAY=yes
347 AC_DEFINE(USE_PIPES)
132dd316 348 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 349 AC_DEFINE(SETEUID_BREAKS_SETUID)
350 AC_DEFINE(BROKEN_SETREUID)
351 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 352 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 353 external_path_file=/etc/default/login
c8c15bcb 354 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
355 # Attention: always take care to bind libsocket and libnsl before libc,
356 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 357 ;;
79a7ba96 358# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 359*-*-sysv4.2*)
ed6553e2 360 AC_DEFINE(USE_PIPES)
7ed101c0 361 AC_DEFINE(SETEUID_BREAKS_SETUID)
362 AC_DEFINE(BROKEN_SETREUID)
363 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 364 ;;
79a7ba96 365# UnixWare 7.x, OpenUNIX 8
77bb0bca 366*-*-sysv5*)
ed6553e2 367 AC_DEFINE(USE_PIPES)
7ed101c0 368 AC_DEFINE(SETEUID_BREAKS_SETUID)
369 AC_DEFINE(BROKEN_SETREUID)
370 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 371 ;;
9d6b1b96 372*-*-sysv*)
9d6b1b96 373 ;;
79a7ba96 374# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 375*-*-sco3.2v4*)
11cf4f1f 376 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 377 ;;
79a7ba96 378# SCO OpenServer 5.x
77bb0bca 379*-*-sco3.2v5*)
21710e39 380 if test -z "$GCC"; then
381 CFLAGS="$CFLAGS -belf"
382 fi
ed6553e2 383 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 384 no_dev_ptmx=1
ed6553e2 385 AC_DEFINE(USE_PIPES)
6e879cb4 386 AC_DEFINE(HAVE_SECUREWARE)
d287c664 387 AC_DEFINE(DISABLE_SHADOW)
94d8258b 388 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 389 AC_DEFINE(SETEUID_BREAKS_SETUID)
390 AC_DEFINE(BROKEN_SETREUID)
391 AC_DEFINE(BROKEN_SETREGID)
bcebad47 392 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 393 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 394 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 395 AC_CHECK_FUNCS(getluid setluid)
533875af 396 MANTYPE=man
a3245b92 397 TEST_SHELL=ksh
509b1f88 398 ;;
ccbb983c 399*-*-unicosmk*)
c1ad5966 400 AC_DEFINE(NO_SSH_LASTLOG)
401 AC_DEFINE(SETEUID_BREAKS_SETUID)
402 AC_DEFINE(BROKEN_SETREUID)
403 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 404 AC_DEFINE(USE_PIPES)
405 AC_DEFINE(DISABLE_FD_PASSING)
406 LDFLAGS="$LDFLAGS"
407 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
408 MANTYPE=cat
d262b7f2 409 ;;
7b9a8c6e 410*-*-unicosmp*)
c1ad5966 411 AC_DEFINE(SETEUID_BREAKS_SETUID)
412 AC_DEFINE(BROKEN_SETREUID)
413 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 414 AC_DEFINE(WITH_ABBREV_NO_TTY)
415 AC_DEFINE(USE_PIPES)
416 AC_DEFINE(DISABLE_FD_PASSING)
417 LDFLAGS="$LDFLAGS"
c1ad5966 418 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 419 MANTYPE=cat
420 ;;
ca5c7d6a 421*-*-unicos*)
c1ad5966 422 AC_DEFINE(SETEUID_BREAKS_SETUID)
423 AC_DEFINE(BROKEN_SETREUID)
424 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 425 AC_DEFINE(USE_PIPES)
94d8258b 426 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 427 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 428 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
429 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
430 MANTYPE=cat
a704dd54 431 ;;
4d33e531 432*-dec-osf*)
99c8ddac 433 AC_MSG_CHECKING(for Digital Unix SIA)
434 no_osfsia=""
435 AC_ARG_WITH(osfsia,
436 [ --with-osfsia Enable Digital Unix SIA],
437 [
438 if test "x$withval" = "xno" ; then
439 AC_MSG_RESULT(disabled)
440 no_osfsia=1
441 fi
442 ],
443 )
444 if test -z "$no_osfsia" ; then
4d33e531 445 if test -f /etc/sia/matrix.conf; then
446 AC_MSG_RESULT(yes)
447 AC_DEFINE(HAVE_OSF_SIA)
448 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 449 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 450 LIBS="$LIBS -lsecurity -ldb -lm -laud"
451 else
452 AC_MSG_RESULT(no)
dbf8efb3 453 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 454 fi
455 fi
a6e67b60 456 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 457 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 458 AC_DEFINE(BROKEN_SETREUID)
459 AC_DEFINE(BROKEN_SETREGID)
4d33e531 460 ;;
41cb4569 461
462*-*-nto-qnx)
463 AC_DEFINE(USE_PIPES)
464 AC_DEFINE(NO_X11_UNIX_SOCKETS)
465 AC_DEFINE(MISSING_NFDBITS)
466 AC_DEFINE(MISSING_HOWMANY)
467 AC_DEFINE(MISSING_FD_MASK)
468 ;;
a7effaac 469esac
470
8e7b16f8 471# Allow user to specify flags
472AC_ARG_WITH(cflags,
473 [ --with-cflags Specify additional flags to pass to compiler],
474 [
475 if test "x$withval" != "xno" ; then
476 CFLAGS="$CFLAGS $withval"
477 fi
478 ]
479)
0c2fb82f 480AC_ARG_WITH(cppflags,
481 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
482 [
483 if test "x$withval" != "xno"; then
484 CPPFLAGS="$CPPFLAGS $withval"
485 fi
486 ]
487)
8e7b16f8 488AC_ARG_WITH(ldflags,
97b378bf 489 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 490 [
491 if test "x$withval" != "xno" ; then
492 LDFLAGS="$LDFLAGS $withval"
493 fi
494 ]
495)
496AC_ARG_WITH(libs,
497 [ --with-libs Specify additional libraries to link with],
498 [
499 if test "x$withval" != "xno" ; then
500 LIBS="$LIBS $withval"
501 fi
502 ]
503)
504
c5829391 505AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 506AC_RUN_IFELSE(
507 [AC_LANG_SOURCE([
c5829391 508#include <stdio.h>
509int main(){exit(0);}
479cece8 510 ])],
c5829391 511 [ AC_MSG_RESULT(yes) ],
512 [
513 AC_MSG_RESULT(no)
514 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 515 ],
516 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 517)
518
ddceb1c8 519# Checks for header files.
419e26e7 520AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
521 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
522 login_cap.h maillock.h ndir.h netdb.h netgroup.h \
2511d104 523 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
5bbbc661 524 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
419e26e7 525 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
526 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
765a24cd 527 sys/pstat.h sys/select.h sys/stat.h sys/stream.h \
419e26e7 528 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
529 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
ddceb1c8 530
765a24cd 531# sys/ptms.h requires sys/stream.h to be included first on Solaris
532AC_CHECK_HEADERS(sys/ptms.h, [], [], [
533#ifdef HAVE_SYS_STREAM_H
534# include <sys/stream.h>
535#endif
536])
537
a0391976 538# Checks for libraries.
98a7c37b 539AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
540AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 541
446227d6 542dnl IRIX and Solaris 2.5.1 have dirname() in libgen
543AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
544 AC_CHECK_LIB(gen, dirname,[
545 AC_CACHE_CHECK([for broken dirname],
546 ac_cv_have_broken_dirname, [
547 save_LIBS="$LIBS"
548 LIBS="$LIBS -lgen"
549 AC_TRY_RUN(
550 [
551#include <libgen.h>
552#include <string.h>
553
554int main(int argc, char **argv) {
555 char *s, buf[32];
556
557 strncpy(buf,"/etc", 32);
558 s = dirname(buf);
559 if (!s || strncmp(s, "/", 32) != 0) {
560 exit(1);
561 } else {
562 exit(0);
563 }
564}
565 ],
566 [ ac_cv_have_broken_dirname="no" ],
567 [ ac_cv_have_broken_dirname="yes" ]
568 )
569 LIBS="$save_LIBS"
570 ])
571 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
572 LIBS="$LIBS -lgen"
573 AC_DEFINE(HAVE_DIRNAME)
574 AC_CHECK_HEADERS(libgen.h)
575 fi
576 ])
577])
578
579AC_CHECK_FUNC(getspnam, ,
580 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
581AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
582
98a7c37b 583dnl zlib is required
584AC_ARG_WITH(zlib,
585 [ --with-zlib=PATH Use zlib in PATH],
586 [
846f83ab 587 if test "x$withval" = "xno" ; then
f1b0ecc3 588 AC_MSG_ERROR([*** zlib is required ***])
589 fi
98a7c37b 590 if test -d "$withval/lib"; then
591 if test -n "${need_dash_r}"; then
5a162955 592 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 593 else
5a162955 594 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 595 fi
596 else
597 if test -n "${need_dash_r}"; then
5a162955 598 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 599 else
5a162955 600 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 601 fi
602 fi
603 if test -d "$withval/include"; then
5a162955 604 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 605 else
5a162955 606 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 607 fi
608 ]
609)
610
0a15d73b 611AC_CHECK_LIB(z, deflate, ,
612 [
613 saved_CPPFLAGS="$CPPFLAGS"
614 saved_LDFLAGS="$LDFLAGS"
615 save_LIBS="$LIBS"
616 dnl Check default zlib install dir
617 if test -n "${need_dash_r}"; then
618 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
619 else
620 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
621 fi
622 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
623 LIBS="$LIBS -lz"
624 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
625 [
626 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
627 ]
628 )
629 ]
630)
4ad65809 631AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 632
633AC_ARG_WITH(zlib-version-check,
634 [ --without-zlib-version-check Disable zlib version check],
635 [ if test "x$withval" = "xno" ; then
636 zlib_check_nonfatal=1
637 fi
638 ]
639)
640
4ad65809 641AC_MSG_CHECKING(for zlib 1.1.4 or greater)
479cece8 642AC_RUN_IFELSE([AC_LANG_SOURCE([[
4ad65809 643#include <zlib.h>
644int main()
645{
646 int a, b, c, v;
647 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
648 exit(1);
649 v = a*1000000 + b*1000 + c;
650 if (v >= 1001004)
651 exit(0);
652 exit(2);
653}
479cece8 654 ]])],
4ad65809 655 AC_MSG_RESULT(yes),
656 [ AC_MSG_RESULT(no)
8068d564 657 if test -z "$zlib_check_nonfatal" ; then
658 AC_MSG_ERROR([*** zlib too old - check config.log ***
659Your reported zlib version has known security problems. It's possible your
660vendor has fixed these problems without changing the version number. If you
661are sure this is the case, you can disable the check by running
662"./configure --without-zlib-version-check".
663If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
664 else
665 AC_MSG_WARN([zlib version may have security problems])
666 fi
1a01a50c 667 ],
668 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 669)
48e7916f 670
2c523de9 671dnl UnixWare 2.x
aff51935 672AC_CHECK_FUNC(strcasecmp,
2c523de9 673 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
674)
aff51935 675AC_CHECK_FUNC(utimes,
cda1ebcb 676 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
677 LIBS="$LIBS -lc89"]) ]
2c523de9 678)
4cca272e 679
7c6d759d 680dnl Checks for libutil functions
681AC_CHECK_HEADERS(libutil.h)
682AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
683AC_CHECK_FUNCS(logout updwtmp logwtmp)
684
a738c3b0 685AC_FUNC_STRFTIME
686
84ceda19 687# Check for ALTDIRFUNC glob() extension
688AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
689AC_EGREP_CPP(FOUNDIT,
690 [
691 #include <glob.h>
692 #ifdef GLOB_ALTDIRFUNC
693 FOUNDIT
694 #endif
aff51935 695 ],
84ceda19 696 [
697 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
698 AC_MSG_RESULT(yes)
699 ],
700 [
701 AC_MSG_RESULT(no)
702 ]
703)
4cca272e 704
40849fdb 705# Check for g.gl_matchc glob() extension
706AC_MSG_CHECKING(for gl_matchc field in glob_t)
707AC_EGREP_CPP(FOUNDIT,
aff51935 708 [
709 #include <glob.h>
40849fdb 710 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 711 ],
712 [
713 AC_DEFINE(GLOB_HAS_GL_MATCHC)
714 AC_MSG_RESULT(yes)
715 ],
716 [
717 AC_MSG_RESULT(no)
718 ]
40849fdb 719)
720
edbe6722 721AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 722AC_RUN_IFELSE(
479cece8 723 [AC_LANG_SOURCE([[
edbe6722 724#include <sys/types.h>
725#include <dirent.h>
aec4cb4f 726int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 727 ]])],
aff51935 728 [AC_MSG_RESULT(yes)],
edbe6722 729 [
730 AC_MSG_RESULT(no)
731 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 732 ],
733 [
734 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
735 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 736 ]
737)
738
419e26e7 739AC_MSG_CHECKING([for /proc/pid/fd directory])
740if test -d "/proc/$$/fd" ; then
741 AC_DEFINE(HAVE_PROC_PID)
742 AC_MSG_RESULT(yes)
743else
744 AC_MSG_RESULT(no)
745fi
746
278588d8 747# Check whether user wants S/Key support
aff51935 748SKEY_MSG="no"
278588d8 749AC_ARG_WITH(skey,
6ff3d0dc 750 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 751 [
752 if test "x$withval" != "xno" ; then
753
754 if test "x$withval" != "xyes" ; then
755 CPPFLAGS="$CPPFLAGS -I${withval}/include"
756 LDFLAGS="$LDFLAGS -L${withval}/lib"
757 fi
758
759 AC_DEFINE(SKEY)
760 LIBS="-lskey $LIBS"
aff51935 761 SKEY_MSG="yes"
278588d8 762
ddceb1c8 763 AC_MSG_CHECKING([for s/key support])
764 AC_TRY_RUN(
765 [
766#include <stdio.h>
767#include <skey.h>
aec4cb4f 768int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 769 ],
770 [AC_MSG_RESULT(yes)],
278588d8 771 [
ddceb1c8 772 AC_MSG_RESULT(no)
278588d8 773 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
774 ])
141fc639 775 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
776 AC_TRY_COMPILE(
777 [#include <stdio.h>
778 #include <skey.h>],
779 [(void)skeychallenge(NULL,"name","",0);],
780 [AC_MSG_RESULT(yes)
781 AC_DEFINE(SKEYCHALLENGE_4ARG)],
782 [AC_MSG_RESULT(no)]
783 )
278588d8 784 fi
785 ]
786)
787
788# Check whether user wants TCP wrappers support
98a7c37b 789TCPW_MSG="no"
278588d8 790AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 791 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 792 [
793 if test "x$withval" != "xno" ; then
794 saved_LIBS="$LIBS"
98a7c37b 795 saved_LDFLAGS="$LDFLAGS"
796 saved_CPPFLAGS="$CPPFLAGS"
797 if test -n "${withval}" -a "${withval}" != "yes"; then
798 if test -d "${withval}/lib"; then
799 if test -n "${need_dash_r}"; then
5a162955 800 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 801 else
5a162955 802 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 803 fi
804 else
805 if test -n "${need_dash_r}"; then
5a162955 806 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 807 else
5a162955 808 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 809 fi
810 fi
811 if test -d "${withval}/include"; then
5a162955 812 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 813 else
5a162955 814 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 815 fi
98a7c37b 816 fi
ddceb1c8 817 LIBWRAP="-lwrap"
818 LIBS="$LIBWRAP $LIBS"
278588d8 819 AC_MSG_CHECKING(for libwrap)
820 AC_TRY_LINK(
821 [
77f09220 822#include <sys/types.h>
823#include <sys/socket.h>
824#include <netinet/in.h>
278588d8 825#include <tcpd.h>
826 int deny_severity = 0, allow_severity = 0;
827 ],
828 [hosts_access(0);],
829 [
830 AC_MSG_RESULT(yes)
831 AC_DEFINE(LIBWRAP)
ddceb1c8 832 AC_SUBST(LIBWRAP)
98a7c37b 833 TCPW_MSG="yes"
278588d8 834 ],
835 [
836 AC_MSG_ERROR([*** libwrap missing])
837 ]
838 )
ddceb1c8 839 LIBS="$saved_LIBS"
278588d8 840 fi
841 ]
842)
843
59031773 844# Check whether user wants libedit support
845LIBEDIT_MSG="no"
846AC_ARG_WITH(libedit,
6ff3d0dc 847 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 848 [ if test "x$withval" != "xno" ; then
849 AC_CHECK_LIB(edit, el_init,
850 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
851 LIBEDIT="-ledit -lcurses"
852 LIBEDIT_MSG="yes"
853 AC_SUBST(LIBEDIT)
854 ],
855 [], [-lcurses]
856 )
857 fi ]
858)
859
7b578f7d 860AUDIT_MODULE=none
861AC_ARG_WITH(audit,
862 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
863 [
864 AC_MSG_CHECKING(for supported audit module)
865 case "$withval" in
866 bsm)
867 AC_MSG_RESULT(bsm)
868 AUDIT_MODULE=bsm
869 dnl Checks for headers, libs and functions
870 AC_CHECK_HEADERS(bsm/audit.h, [],
871 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
872 AC_CHECK_LIB(bsm, getaudit, [],
873 [AC_MSG_ERROR(BSM enabled and required library not found)])
874 AC_CHECK_FUNCS(getaudit, [],
875 [AC_MSG_ERROR(BSM enabled and required function not found)])
876 # These are optional
7939c496 877 AC_CHECK_FUNCS(getaudit_addr)
7b578f7d 878 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module])
879 ;;
880 debug)
881 AUDIT_MODULE=debug
882 AC_MSG_RESULT(debug)
883 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
884 ;;
885 *)
886 AC_MSG_ERROR([Unknown audit module $withval])
887 ;;
888 esac ]
889)
890
19160674 891dnl Checks for library functions. Please keep in alphabetical order
892AC_CHECK_FUNCS(\
2909d712 893 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
667abcc6 894 bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \
895 freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \
896 getopt getpeereid _getpty getrlimit getttyent glob inet_aton \
19160674 897 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
79d4fc55 898 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
e7f6070d 899 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
79d4fc55 900 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
3f176010 901 setproctitle setregid setreuid setrlimit \
688eed4a 902 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
7111a85c 903 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
351f44a0 904 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
19160674 905)
98a7c37b 906
1a086f97 907# IRIX has a const char return value for gai_strerror()
908AC_CHECK_FUNCS(gai_strerror,[
909 AC_DEFINE(HAVE_GAI_STRERROR)
910 AC_TRY_COMPILE([
911#include <sys/types.h>
912#include <sys/socket.h>
913#include <netdb.h>
914
915const char *gai_strerror(int);],[
916char *str;
917
918str = gai_strerror(0);],[
919 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
920 [Define if gai_strerror() returns const char *])])])
921
92b1decf 922AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
923
309709db 924dnl Make sure prototypes are defined for these before using them.
08412d26 925AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
309709db 926AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
08412d26 927
3490699c 928dnl tcsendbreak might be a macro
929AC_CHECK_DECL(tcsendbreak,
930 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 931 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 932 [#include <termios.h>]
933)
934
41e0e158 935AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
936
3f176010 937AC_CHECK_FUNCS(setresuid, [
938 dnl Some platorms have setresuid that isn't implemented, test for this
939 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 940 AC_RUN_IFELSE(
941 [AC_LANG_SOURCE([[
9a3fe0e2 942#include <stdlib.h>
943#include <errno.h>
944int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 945 ]])],
3f176010 946 [AC_MSG_RESULT(yes)],
24a9171d 947 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 948 AC_MSG_RESULT(not implemented)],
949 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 950 )
951])
9a3fe0e2 952
3f176010 953AC_CHECK_FUNCS(setresgid, [
954 dnl Some platorms have setresgid that isn't implemented, test for this
955 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 956 AC_RUN_IFELSE(
957 [AC_LANG_SOURCE([[
9a3fe0e2 958#include <stdlib.h>
959#include <errno.h>
960int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 961 ]])],
3f176010 962 [AC_MSG_RESULT(yes)],
963 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 964 AC_MSG_RESULT(not implemented)],
965 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 966 )
967])
9a3fe0e2 968
2e73a022 969dnl Checks for time functions
1d7b9b20 970AC_CHECK_FUNCS(gettimeofday time)
2e73a022 971dnl Checks for utmp functions
b03bd394 972AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 973AC_CHECK_FUNCS(utmpname)
2e73a022 974dnl Checks for utmpx functions
b03bd394 975AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 976AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 977
aff51935 978AC_CHECK_FUNC(daemon,
beb43d31 979 [AC_DEFINE(HAVE_DAEMON)],
980 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
981)
982
aff51935 983AC_CHECK_FUNC(getpagesize,
aa6bd60a 984 [AC_DEFINE(HAVE_GETPAGESIZE)],
985 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
986)
987
2647ae26 988# Check for broken snprintf
989if test "x$ac_cv_func_snprintf" = "xyes" ; then
990 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 991 AC_RUN_IFELSE(
479cece8 992 [AC_LANG_SOURCE([[
2647ae26 993#include <stdio.h>
aec4cb4f 994int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 995 ]])],
aff51935 996 [AC_MSG_RESULT(yes)],
2647ae26 997 [
998 AC_MSG_RESULT(no)
999 AC_DEFINE(BROKEN_SNPRINTF)
1000 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1001 ],
1002 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1003 )
1004fi
1005
2f6f9cff 1006# Check for missing getpeereid (or equiv) support
1007NO_PEERCHECK=""
1008if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1009 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1010 AC_TRY_COMPILE(
1011 [#include <sys/types.h>
1012 #include <sys/socket.h>],
1013 [int i = SO_PEERCRED;],
1014 [AC_MSG_RESULT(yes)],
1015 [AC_MSG_RESULT(no)
1016 NO_PEERCHECK=1]
1017 )
1018fi
1019
70e7d0b0 1020dnl see whether mkstemp() requires XXXXXX
1021if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1022AC_MSG_CHECKING([for (overly) strict mkstemp])
1023AC_TRY_RUN(
1024 [
1025#include <stdlib.h>
1026main() { char template[]="conftest.mkstemp-test";
1027if (mkstemp(template) == -1)
1028 exit(1);
1029unlink(template); exit(0);
1030}
1031 ],
1032 [
1033 AC_MSG_RESULT(no)
1034 ],
aff51935 1035 [
70e7d0b0 1036 AC_MSG_RESULT(yes)
1037 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1038 ],
1039 [
1040 AC_MSG_RESULT(yes)
1041 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1042 ]
70e7d0b0 1043)
1044fi
1045
eacb954e 1046dnl make sure that openpty does not reacquire controlling terminal
1047if test ! -z "$check_for_openpty_ctty_bug"; then
1048 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1049 AC_TRY_RUN(
1050 [
1051#include <stdio.h>
1052#include <sys/fcntl.h>
1053#include <sys/types.h>
1054#include <sys/wait.h>
1055
1056int
1057main()
1058{
1059 pid_t pid;
1060 int fd, ptyfd, ttyfd, status;
1061
1062 pid = fork();
1063 if (pid < 0) { /* failed */
1064 exit(1);
1065 } else if (pid > 0) { /* parent */
1066 waitpid(pid, &status, 0);
aff51935 1067 if (WIFEXITED(status))
eacb954e 1068 exit(WEXITSTATUS(status));
1069 else
1070 exit(2);
1071 } else { /* child */
1072 close(0); close(1); close(2);
1073 setsid();
1074 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1075 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1076 if (fd >= 0)
1077 exit(3); /* Acquired ctty: broken */
1078 else
1079 exit(0); /* Did not acquire ctty: OK */
1080 }
1081}
1082 ],
1083 [
1084 AC_MSG_RESULT(yes)
1085 ],
1086 [
1087 AC_MSG_RESULT(no)
1088 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1089 ]
1090 )
1091fi
1092
2fe51906 1093if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
1094 AC_MSG_CHECKING(if getaddrinfo seems to work)
1095 AC_TRY_RUN(
1096 [
1097#include <stdio.h>
1098#include <sys/socket.h>
1099#include <netdb.h>
1100#include <errno.h>
1101#include <netinet/in.h>
1102
1103#define TEST_PORT "2222"
1104
1105int
1106main(void)
1107{
1108 int err, sock;
1109 struct addrinfo *gai_ai, *ai, hints;
1110 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1111
1112 memset(&hints, 0, sizeof(hints));
1113 hints.ai_family = PF_UNSPEC;
1114 hints.ai_socktype = SOCK_STREAM;
1115 hints.ai_flags = AI_PASSIVE;
1116
1117 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1118 if (err != 0) {
1119 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1120 exit(1);
1121 }
1122
1123 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1124 if (ai->ai_family != AF_INET6)
1125 continue;
1126
1127 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1128 sizeof(ntop), strport, sizeof(strport),
1129 NI_NUMERICHOST|NI_NUMERICSERV);
1130
1131 if (err != 0) {
1132 if (err == EAI_SYSTEM)
1133 perror("getnameinfo EAI_SYSTEM");
1134 else
1135 fprintf(stderr, "getnameinfo failed: %s\n",
1136 gai_strerror(err));
1137 exit(2);
1138 }
1139
1140 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1141 if (sock < 0)
1142 perror("socket");
1143 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1144 if (errno == EBADF)
1145 exit(3);
1146 }
1147 }
1148 exit(0);
1149}
1150 ],
1151 [
1152 AC_MSG_RESULT(yes)
1153 ],
1154 [
1155 AC_MSG_RESULT(no)
1156 AC_DEFINE(BROKEN_GETADDRINFO)
1157 ]
1158 )
1159fi
1160
5ccf88cb 1161if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_aix_broken_getaddrinfo" = "x1"; then
1162 AC_MSG_CHECKING(if getaddrinfo seems to work)
1163 AC_TRY_RUN(
1164 [
1165#include <stdio.h>
1166#include <sys/socket.h>
1167#include <netdb.h>
1168#include <errno.h>
1169#include <netinet/in.h>
1170
1171#define TEST_PORT "2222"
1172
1173int
1174main(void)
1175{
1176 int err, sock;
1177 struct addrinfo *gai_ai, *ai, hints;
1178 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1179
1180 memset(&hints, 0, sizeof(hints));
1181 hints.ai_family = PF_UNSPEC;
1182 hints.ai_socktype = SOCK_STREAM;
1183 hints.ai_flags = AI_PASSIVE;
1184
1185 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1186 if (err != 0) {
1187 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1188 exit(1);
1189 }
1190
1191 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1192 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1193 continue;
1194
1195 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1196 sizeof(ntop), strport, sizeof(strport),
1197 NI_NUMERICHOST|NI_NUMERICSERV);
1198
1199 if (ai->ai_family == AF_INET && err != 0) {
1200 perror("getnameinfo");
1201 exit(2);
1202 }
1203 }
1204 exit(0);
1205}
1206 ],
1207 [
1208 AC_MSG_RESULT(yes)
1209 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1210[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1211 ],
1212 [
1213 AC_MSG_RESULT(no)
1214 AC_DEFINE(BROKEN_GETADDRINFO)
1215 ]
1216 )
1217fi
1218
b29fd59f 1219if test "x$check_for_conflicting_getspnam" = "x1"; then
1220 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1221 AC_COMPILE_IFELSE(
1222 [
1223#include <shadow.h>
1224int main(void) {exit(0);}
1225 ],
1226 [
1227 AC_MSG_RESULT(no)
1228 ],
1229 [
1230 AC_MSG_RESULT(yes)
1231 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1232 [Conflicting defs for getspnam])
1233 ]
1234 )
1235fi
1236
7f8f5e00 1237AC_FUNC_GETPGRP
1238
717057b6 1239# Check for PAM libs
cbd7492e 1240PAM_MSG="no"
a0391976 1241AC_ARG_WITH(pam,
717057b6 1242 [ --with-pam Enable PAM support ],
a0391976 1243 [
717057b6 1244 if test "x$withval" != "xno" ; then
2511d104 1245 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1246 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1247 AC_MSG_ERROR([PAM headers not found])
1248 fi
a0391976 1249
717057b6 1250 AC_CHECK_LIB(dl, dlopen, , )
1251 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1252 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1253 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1254
717057b6 1255 PAM_MSG="yes"
4cb5ffa0 1256
717057b6 1257 AC_DEFINE(USE_PAM)
98f2d9d5 1258 if test $ac_cv_lib_dl_dlopen = yes; then
1259 LIBPAM="-lpam -ldl"
1260 else
1261 LIBPAM="-lpam"
1262 fi
1263 AC_SUBST(LIBPAM)
717057b6 1264 fi
1265 ]
1266)
cbd7492e 1267
717057b6 1268# Check for older PAM
1269if test "x$PAM_MSG" = "xyes" ; then
a0391976 1270 # Check PAM strerror arguments (old PAM)
1271 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1272 AC_TRY_COMPILE(
1273 [
18ba2aab 1274#include <stdlib.h>
2511d104 1275#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1276#include <security/pam_appl.h>
2511d104 1277#elif defined (HAVE_PAM_PAM_APPL_H)
1278#include <pam/pam_appl.h>
1279#endif
aff51935 1280 ],
1281 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1282 [AC_MSG_RESULT(no)],
1283 [
1284 AC_DEFINE(HAVE_OLD_PAM)
1285 AC_MSG_RESULT(yes)
cbd7492e 1286 PAM_MSG="yes (old library)"
a0391976 1287 ]
717057b6 1288 )
a0391976 1289fi
1290
5b991353 1291# Search for OpenSSL
1292saved_CPPFLAGS="$CPPFLAGS"
1293saved_LDFLAGS="$LDFLAGS"
a0391976 1294AC_ARG_WITH(ssl-dir,
1295 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1296 [
e9e4a1c7 1297 if test "x$withval" != "xno" ; then
99eb0f64 1298 case "$withval" in
1299 # Relative paths
1300 ./*|../*) withval="`pwd`/$withval"
1301 esac
5b991353 1302 if test -d "$withval/lib"; then
1303 if test -n "${need_dash_r}"; then
1304 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1305 else
1306 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1307 fi
1308 else
5b991353 1309 if test -n "${need_dash_r}"; then
1310 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1311 else
1312 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1313 fi
1314 fi
5b991353 1315 if test -d "$withval/include"; then
1316 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1317 else
5b991353 1318 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1319 fi
a0391976 1320 fi
5b991353 1321 ]
1322)
5486a457 1323LIBS="-lcrypto $LIBS"
5b991353 1324AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1325 [
5b991353 1326 dnl Check default openssl install dir
1327 if test -n "${need_dash_r}"; then
1328 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1329 else
5b991353 1330 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1331 fi
5b991353 1332 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1333 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1334 [
1335 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1336 ]
1337 )
1338 ]
1339)
1340
cd018561 1341# Determine OpenSSL header version
1342AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1343AC_RUN_IFELSE(
479cece8 1344 [AC_LANG_SOURCE([[
cd018561 1345#include <stdio.h>
1346#include <string.h>
1347#include <openssl/opensslv.h>
1348#define DATA "conftest.sslincver"
1349int main(void) {
aff51935 1350 FILE *fd;
1351 int rc;
cd018561 1352
aff51935 1353 fd = fopen(DATA,"w");
1354 if(fd == NULL)
1355 exit(1);
cd018561 1356
1357 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1358 exit(1);
1359
1360 exit(0);
1361}
479cece8 1362 ]])],
cd018561 1363 [
1364 ssl_header_ver=`cat conftest.sslincver`
1365 AC_MSG_RESULT($ssl_header_ver)
1366 ],
1367 [
1368 AC_MSG_RESULT(not found)
1369 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1370 ],
1371 [
1372 AC_MSG_WARN([cross compiling: not checking])
cd018561 1373 ]
1374)
1375
1376# Determine OpenSSL library version
1377AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1378AC_RUN_IFELSE(
479cece8 1379 [AC_LANG_SOURCE([[
cd018561 1380#include <stdio.h>
1381#include <string.h>
1382#include <openssl/opensslv.h>
1383#include <openssl/crypto.h>
1384#define DATA "conftest.ssllibver"
1385int main(void) {
aff51935 1386 FILE *fd;
1387 int rc;
cd018561 1388
aff51935 1389 fd = fopen(DATA,"w");
1390 if(fd == NULL)
1391 exit(1);
cd018561 1392
1393 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1394 exit(1);
1395
1396 exit(0);
1397}
479cece8 1398 ]])],
cd018561 1399 [
1400 ssl_library_ver=`cat conftest.ssllibver`
1401 AC_MSG_RESULT($ssl_library_ver)
1402 ],
1403 [
1404 AC_MSG_RESULT(not found)
1405 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1406 ],
1407 [
1408 AC_MSG_WARN([cross compiling: not checking])
cd018561 1409 ]
1410)
58d100bf 1411
9780116c 1412# Sanity check OpenSSL headers
1413AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1414AC_RUN_IFELSE(
479cece8 1415 [AC_LANG_SOURCE([[
9780116c 1416#include <string.h>
1417#include <openssl/opensslv.h>
aec4cb4f 1418int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1419 ]])],
9780116c 1420 [
1421 AC_MSG_RESULT(yes)
1422 ],
1423 [
1424 AC_MSG_RESULT(no)
e15ba28b 1425 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1426Check config.log for details.
1427Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1428 ],
1429 [
1430 AC_MSG_WARN([cross compiling: not checking])
9780116c 1431 ]
1432)
1433
5486a457 1434# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1435# because the system crypt() is more featureful.
1436if test "x$check_for_libcrypt_before" = "x1"; then
1437 AC_CHECK_LIB(crypt, crypt)
1438fi
1439
aff51935 1440# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1441# version in OpenSSL.
05114c74 1442if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1443 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1444fi
1445
f1b0ecc3 1446
1447### Configure cryptographic random number support
1448
1449# Check wheter OpenSSL seeds itself
1450AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1451AC_RUN_IFELSE(
479cece8 1452 [AC_LANG_SOURCE([[
f1b0ecc3 1453#include <string.h>
1454#include <openssl/rand.h>
aec4cb4f 1455int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1456 ]])],
f1b0ecc3 1457 [
1458 OPENSSL_SEEDS_ITSELF=yes
1459 AC_MSG_RESULT(yes)
1460 ],
1461 [
1462 AC_MSG_RESULT(no)
1463 # Default to use of the rand helper if OpenSSL doesn't
1464 # seed itself
1465 USE_RAND_HELPER=yes
1a01a50c 1466 ],
1467 [
1468 AC_MSG_WARN([cross compiling: assuming yes])
1469 # This is safe, since all recent OpenSSL versions will
1470 # complain at runtime if not seeded correctly.
1471 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1472 ]
1473)
1474
1475
1476# Do we want to force the use of the rand helper?
1477AC_ARG_WITH(rand-helper,
1478 [ --with-rand-helper Use subprocess to gather strong randomness ],
1479 [
1480 if test "x$withval" = "xno" ; then
aff51935 1481 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1482 # the previous test showed it to be unseeded.
1483 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1484 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1485 OPENSSL_SEEDS_ITSELF=yes
1486 USE_RAND_HELPER=""
1487 fi
1488 else
1489 USE_RAND_HELPER=yes
1490 fi
1491 ],
1492)
1493
1494# Which randomness source do we use?
1495if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1496 # OpenSSL only
1497 AC_DEFINE(OPENSSL_PRNG_ONLY)
1498 RAND_MSG="OpenSSL internal ONLY"
1499 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1500elif test ! -z "$USE_RAND_HELPER" ; then
1501 # install rand helper
f1b0ecc3 1502 RAND_MSG="ssh-rand-helper"
1503 INSTALL_SSH_RAND_HELPER="yes"
1504fi
1505AC_SUBST(INSTALL_SSH_RAND_HELPER)
1506
1507### Configuration of ssh-rand-helper
1508
1509# PRNGD TCP socket
1510AC_ARG_WITH(prngd-port,
1511 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1512 [
eb5d7ff6 1513 case "$withval" in
1514 no)
1515 withval=""
1516 ;;
1517 [[0-9]]*)
1518 ;;
1519 *)
1520 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1521 ;;
1522 esac
1523 if test ! -z "$withval" ; then
f1b0ecc3 1524 PRNGD_PORT="$withval"
1525 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1526 fi
1527 ]
1528)
1529
1530# PRNGD Unix domain socket
1531AC_ARG_WITH(prngd-socket,
1532 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1533 [
eb5d7ff6 1534 case "$withval" in
1535 yes)
f1b0ecc3 1536 withval="/var/run/egd-pool"
eb5d7ff6 1537 ;;
1538 no)
1539 withval=""
1540 ;;
1541 /*)
1542 ;;
1543 *)
1544 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1545 ;;
1546 esac
1547
1548 if test ! -z "$withval" ; then
f1b0ecc3 1549 if test ! -z "$PRNGD_PORT" ; then
1550 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1551 fi
906e811b 1552 if test ! -r "$withval" ; then
f1b0ecc3 1553 AC_MSG_WARN(Entropy socket is not readable)
1554 fi
1555 PRNGD_SOCKET="$withval"
1556 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1557 fi
ddceb1c8 1558 ],
1559 [
1560 # Check for existing socket only if we don't have a random device already
1561 if test "$USE_RAND_HELPER" = yes ; then
1562 AC_MSG_CHECKING(for PRNGD/EGD socket)
1563 # Insert other locations here
1564 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1565 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1566 PRNGD_SOCKET="$sock"
1567 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1568 break;
1569 fi
1570 done
1571 if test ! -z "$PRNGD_SOCKET" ; then
1572 AC_MSG_RESULT($PRNGD_SOCKET)
1573 else
1574 AC_MSG_RESULT(not found)
1575 fi
1576 fi
f1b0ecc3 1577 ]
1578)
1579
1580# Change default command timeout for hashing entropy source
1581entropy_timeout=200
1582AC_ARG_WITH(entropy-timeout,
1583 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1584 [
1585 if test "x$withval" != "xno" ; then
1586 entropy_timeout=$withval
1587 fi
1588 ]
1589)
f1b0ecc3 1590AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1591
fd3cbf67 1592SSH_PRIVSEP_USER=sshd
9a0fbcb3 1593AC_ARG_WITH(privsep-user,
5222e7ef 1594 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1595 [
1596 if test -n "$withval"; then
fd3cbf67 1597 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1598 fi
1599 ]
1600)
fd3cbf67 1601AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1602AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1603
81dadca3 1604# We do this little dance with the search path to insure
1605# that programs that we select for use by installed programs
1606# (which may be run by the super-user) come from trusted
1607# locations before they come from the user's private area.
1608# This should help avoid accidentally configuring some
1609# random version of a program in someone's personal bin.
1610
1611OPATH=$PATH
1612PATH=/bin:/usr/bin
f95c8ce8 1613test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1614test -d /sbin && PATH=$PATH:/sbin
1615test -d /usr/sbin && PATH=$PATH:/usr/sbin
1616PATH=$PATH:/etc:$OPATH
1617
aff51935 1618# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1619OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1620OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1621OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1622OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1623OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1624OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1625OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1626OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1627OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1628OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1629OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1630OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1631OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1632OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1633OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1634OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1635# restore PATH
1636PATH=$OPATH
f1b0ecc3 1637
1638# Where does ssh-rand-helper get its randomness from?
1639INSTALL_SSH_PRNG_CMDS=""
1640if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1641 if test ! -z "$PRNGD_PORT" ; then
1642 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1643 elif test ! -z "$PRNGD_SOCKET" ; then
1644 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1645 else
1646 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1647 RAND_HELPER_CMDHASH=yes
1648 INSTALL_SSH_PRNG_CMDS="yes"
1649 fi
1650fi
1651AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1652
1653
66d6c27e 1654# Cheap hack to ensure NEWS-OS libraries are arranged right.
1655if test ! -z "$SONY" ; then
1656 LIBS="$LIBS -liberty";
1657fi
1658
a0391976 1659# Checks for data types
976f7e19 1660AC_CHECK_SIZEOF(char, 1)
2b942fe0 1661AC_CHECK_SIZEOF(short int, 2)
1662AC_CHECK_SIZEOF(int, 4)
1663AC_CHECK_SIZEOF(long int, 4)
1664AC_CHECK_SIZEOF(long long int, 8)
1665
52f1ccb2 1666# Sanity check long long for some platforms (AIX)
1667if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1668 ac_cv_sizeof_long_long_int=0
1669fi
1670
a0391976 1671# More checks for data types
14a9a859 1672AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1673 AC_TRY_COMPILE(
aff51935 1674 [ #include <sys/types.h> ],
1675 [ u_int a; a = 1;],
14a9a859 1676 [ ac_cv_have_u_int="yes" ],
1677 [ ac_cv_have_u_int="no" ]
1678 )
1679])
1680if test "x$ac_cv_have_u_int" = "xyes" ; then
1681 AC_DEFINE(HAVE_U_INT)
1682 have_u_int=1
1683fi
1684
58d100bf 1685AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1686 AC_TRY_COMPILE(
aff51935 1687 [ #include <sys/types.h> ],
1688 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1689 [ ac_cv_have_intxx_t="yes" ],
1690 [ ac_cv_have_intxx_t="no" ]
1691 )
1692])
1693if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1694 AC_DEFINE(HAVE_INTXX_T)
1695 have_intxx_t=1
1696fi
41cb4569 1697
1698if (test -z "$have_intxx_t" && \
aff51935 1699 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1700then
1701 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1702 AC_TRY_COMPILE(
aff51935 1703 [ #include <stdint.h> ],
1704 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1705 [
1706 AC_DEFINE(HAVE_INTXX_T)
1707 AC_MSG_RESULT(yes)
1708 ],
1709 [ AC_MSG_RESULT(no) ]
1710 )
1711fi
1712
bd590612 1713AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1714 AC_TRY_COMPILE(
1cbbe6c8 1715 [
1716#include <sys/types.h>
1717#ifdef HAVE_STDINT_H
1718# include <stdint.h>
1719#endif
1720#include <sys/socket.h>
1721#ifdef HAVE_SYS_BITYPES_H
1722# include <sys/bitypes.h>
1723#endif
aff51935 1724 ],
1725 [ int64_t a; a = 1;],
bd590612 1726 [ ac_cv_have_int64_t="yes" ],
1727 [ ac_cv_have_int64_t="no" ]
1728 )
1729])
1730if test "x$ac_cv_have_int64_t" = "xyes" ; then
1731 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1732fi
1733
58d100bf 1734AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1735 AC_TRY_COMPILE(
aff51935 1736 [ #include <sys/types.h> ],
1737 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1738 [ ac_cv_have_u_intxx_t="yes" ],
1739 [ ac_cv_have_u_intxx_t="no" ]
1740 )
1741])
1742if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1743 AC_DEFINE(HAVE_U_INTXX_T)
1744 have_u_intxx_t=1
1745fi
2b942fe0 1746
41cb4569 1747if test -z "$have_u_intxx_t" ; then
1748 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1749 AC_TRY_COMPILE(
aff51935 1750 [ #include <sys/socket.h> ],
1751 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1752 [
1753 AC_DEFINE(HAVE_U_INTXX_T)
1754 AC_MSG_RESULT(yes)
1755 ],
1756 [ AC_MSG_RESULT(no) ]
1757 )
1758fi
1759
bd590612 1760AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1761 AC_TRY_COMPILE(
aff51935 1762 [ #include <sys/types.h> ],
1763 [ u_int64_t a; a = 1;],
bd590612 1764 [ ac_cv_have_u_int64_t="yes" ],
1765 [ ac_cv_have_u_int64_t="no" ]
1766 )
1767])
1768if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1769 AC_DEFINE(HAVE_U_INT64_T)
1770 have_u_int64_t=1
1771fi
1772
ddceb1c8 1773if test -z "$have_u_int64_t" ; then
1774 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1775 AC_TRY_COMPILE(
aff51935 1776 [ #include <sys/bitypes.h> ],
ddceb1c8 1777 [ u_int64_t a; a = 1],
1778 [
1779 AC_DEFINE(HAVE_U_INT64_T)
1780 AC_MSG_RESULT(yes)
1781 ],
1782 [ AC_MSG_RESULT(no) ]
1783 )
1784fi
1785
41cb4569 1786if test -z "$have_u_intxx_t" ; then
1787 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1788 AC_TRY_COMPILE(
1789 [
1790#include <sys/types.h>
aff51935 1791 ],
1792 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 1793 [ ac_cv_have_uintxx_t="yes" ],
1794 [ ac_cv_have_uintxx_t="no" ]
1795 )
1796 ])
1797 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1798 AC_DEFINE(HAVE_UINTXX_T)
1799 fi
1800fi
1801
1802if test -z "$have_uintxx_t" ; then
1803 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1804 AC_TRY_COMPILE(
aff51935 1805 [ #include <stdint.h> ],
1806 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 1807 [
1808 AC_DEFINE(HAVE_UINTXX_T)
1809 AC_MSG_RESULT(yes)
1810 ],
1811 [ AC_MSG_RESULT(no) ]
1812 )
1813fi
1814
e5fe9a1f 1815if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 1816 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1817then
1818 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1819 AC_TRY_COMPILE(
58d100bf 1820 [
1821#include <sys/bitypes.h>
aff51935 1822 ],
5cdfe03f 1823 [
837c30b8 1824 int8_t a; int16_t b; int32_t c;
1825 u_int8_t e; u_int16_t f; u_int32_t g;
1826 a = b = c = e = f = g = 1;
aff51935 1827 ],
5cdfe03f 1828 [
1829 AC_DEFINE(HAVE_U_INTXX_T)
1830 AC_DEFINE(HAVE_INTXX_T)
1831 AC_MSG_RESULT(yes)
1832 ],
1833 [AC_MSG_RESULT(no)]
aff51935 1834 )
5cdfe03f 1835fi
1836
0362750e 1837
1838AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1839 AC_TRY_COMPILE(
1840 [
1841#include <sys/types.h>
1842 ],
1843 [ u_char foo; foo = 125; ],
1844 [ ac_cv_have_u_char="yes" ],
1845 [ ac_cv_have_u_char="no" ]
1846 )
1847])
1848if test "x$ac_cv_have_u_char" = "xyes" ; then
1849 AC_DEFINE(HAVE_U_CHAR)
1850fi
1851
98a7c37b 1852TYPE_SOCKLEN_T
2b942fe0 1853
2d16d9a3 1854AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 1855
777ece68 1856AC_CHECK_TYPES(in_addr_t,,,
1857[#include <sys/types.h>
1858#include <netinet/in.h>])
7b578f7d 1859
58d100bf 1860AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1861 AC_TRY_COMPILE(
1862 [
18ba2aab 1863#include <sys/types.h>
58d100bf 1864 ],
1865 [ size_t foo; foo = 1235; ],
1866 [ ac_cv_have_size_t="yes" ],
1867 [ ac_cv_have_size_t="no" ]
1868 )
1869])
1870if test "x$ac_cv_have_size_t" = "xyes" ; then
1871 AC_DEFINE(HAVE_SIZE_T)
1872fi
ea1970a3 1873
c04f75f1 1874AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1875 AC_TRY_COMPILE(
1876 [
1877#include <sys/types.h>
1878 ],
1879 [ ssize_t foo; foo = 1235; ],
1880 [ ac_cv_have_ssize_t="yes" ],
1881 [ ac_cv_have_ssize_t="no" ]
1882 )
1883])
1884if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1885 AC_DEFINE(HAVE_SSIZE_T)
1886fi
1887
f1c4659d 1888AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1889 AC_TRY_COMPILE(
1890 [
1891#include <time.h>
1892 ],
1893 [ clock_t foo; foo = 1235; ],
1894 [ ac_cv_have_clock_t="yes" ],
1895 [ ac_cv_have_clock_t="no" ]
1896 )
1897])
1898if test "x$ac_cv_have_clock_t" = "xyes" ; then
1899 AC_DEFINE(HAVE_CLOCK_T)
1900fi
1901
1c04b088 1902AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1903 AC_TRY_COMPILE(
1904 [
1905#include <sys/types.h>
1906#include <sys/socket.h>
1907 ],
1908 [ sa_family_t foo; foo = 1235; ],
1909 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 1910 [ AC_TRY_COMPILE(
1911 [
1912#include <sys/types.h>
1913#include <sys/socket.h>
1914#include <netinet/in.h>
1915 ],
1916 [ sa_family_t foo; foo = 1235; ],
1917 [ ac_cv_have_sa_family_t="yes" ],
1918
1c04b088 1919 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 1920 )]
1c04b088 1921 )
1922])
1923if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1924 AC_DEFINE(HAVE_SA_FAMILY_T)
1925fi
1926
729bfe59 1927AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1928 AC_TRY_COMPILE(
1929 [
1930#include <sys/types.h>
1931 ],
1932 [ pid_t foo; foo = 1235; ],
1933 [ ac_cv_have_pid_t="yes" ],
1934 [ ac_cv_have_pid_t="no" ]
1935 )
1936])
1937if test "x$ac_cv_have_pid_t" = "xyes" ; then
1938 AC_DEFINE(HAVE_PID_T)
1939fi
1940
1941AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1942 AC_TRY_COMPILE(
1943 [
1944#include <sys/types.h>
1945 ],
1946 [ mode_t foo; foo = 1235; ],
1947 [ ac_cv_have_mode_t="yes" ],
1948 [ ac_cv_have_mode_t="no" ]
1949 )
1950])
1951if test "x$ac_cv_have_mode_t" = "xyes" ; then
1952 AC_DEFINE(HAVE_MODE_T)
1953fi
1954
e3a93db0 1955
58d100bf 1956AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1957 AC_TRY_COMPILE(
1958 [
18ba2aab 1959#include <sys/types.h>
1960#include <sys/socket.h>
58d100bf 1961 ],
1962 [ struct sockaddr_storage s; ],
1963 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1964 [ ac_cv_have_struct_sockaddr_storage="no" ]
1965 )
1966])
1967if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1968 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1969fi
48e671d5 1970
58d100bf 1971AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1972 AC_TRY_COMPILE(
1973 [
cbd7492e 1974#include <sys/types.h>
58d100bf 1975#include <netinet/in.h>
1976 ],
1977 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
1978 [ ac_cv_have_struct_sockaddr_in6="yes" ],
1979 [ ac_cv_have_struct_sockaddr_in6="no" ]
1980 )
1981])
1982if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
1983 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
1984fi
48e671d5 1985
58d100bf 1986AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
1987 AC_TRY_COMPILE(
1988 [
cbd7492e 1989#include <sys/types.h>
58d100bf 1990#include <netinet/in.h>
1991 ],
1992 [ struct in6_addr s; s.s6_addr[0] = 0; ],
1993 [ ac_cv_have_struct_in6_addr="yes" ],
1994 [ ac_cv_have_struct_in6_addr="no" ]
1995 )
1996])
1997if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
1998 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
1999fi
48e671d5 2000
58d100bf 2001AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2002 AC_TRY_COMPILE(
2003 [
18ba2aab 2004#include <sys/types.h>
2005#include <sys/socket.h>
2006#include <netdb.h>
58d100bf 2007 ],
2008 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2009 [ ac_cv_have_struct_addrinfo="yes" ],
2010 [ ac_cv_have_struct_addrinfo="no" ]
2011 )
2012])
2013if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2014 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2015fi
2016
89c7e31c 2017AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2018 AC_TRY_COMPILE(
aff51935 2019 [ #include <sys/time.h> ],
2020 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2021 [ ac_cv_have_struct_timeval="yes" ],
2022 [ ac_cv_have_struct_timeval="no" ]
2023 )
2024])
2025if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2026 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2027 have_struct_timeval=1
2028fi
2029
5271b55c 2030AC_CHECK_TYPES(struct timespec)
2031
85abc74b 2032# We need int64_t or else certian parts of the compile will fail.
2c523de9 2033if test "x$ac_cv_have_int64_t" = "xno" -a \
2034 "x$ac_cv_sizeof_long_int" != "x8" -a \
2035 "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2036 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2037 echo "an alternative compiler (I.E., GCC) before continuing."
2038 echo ""
2039 exit 1;
733cf7f4 2040else
2041dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2042 AC_RUN_IFELSE(
479cece8 2043 [AC_LANG_SOURCE([[
733cf7f4 2044#include <stdio.h>
2045#include <string.h>
2046#ifdef HAVE_SNPRINTF
2047main()
2048{
2049 char buf[50];
2050 char expected_out[50];
2051 int mazsize = 50 ;
2052#if (SIZEOF_LONG_INT == 8)
2053 long int num = 0x7fffffffffffffff;
2054#else
763a1a18 2055 long long num = 0x7fffffffffffffffll;
733cf7f4 2056#endif
2057 strcpy(expected_out, "9223372036854775807");
2058 snprintf(buf, mazsize, "%lld", num);
2059 if(strcmp(buf, expected_out) != 0)
aff51935 2060 exit(1);
733cf7f4 2061 exit(0);
2062}
2063#else
2064main() { exit(0); }
2065#endif
479cece8 2066 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2067 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2068 )
2c523de9 2069fi
2070
77bb0bca 2071dnl Checks for structure members
58d100bf 2072OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2073OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2074OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2075OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2076OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2077OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2078OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2079OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2080OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2081OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2082OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2083OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2084OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2085OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2086OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2087OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2088OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2089
2090AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2091
58d100bf 2092AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2093 ac_cv_have_ss_family_in_struct_ss, [
2094 AC_TRY_COMPILE(
2095 [
18ba2aab 2096#include <sys/types.h>
2097#include <sys/socket.h>
58d100bf 2098 ],
2099 [ struct sockaddr_storage s; s.ss_family = 1; ],
2100 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2101 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2102 )
2103])
2104if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2105 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2106fi
2107
58d100bf 2108AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2109 ac_cv_have___ss_family_in_struct_ss, [
2110 AC_TRY_COMPILE(
2111 [
18ba2aab 2112#include <sys/types.h>
2113#include <sys/socket.h>
58d100bf 2114 ],
2115 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2116 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2117 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2118 )
2119])
2120if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2121 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2122fi
2123
2e73a022 2124AC_CACHE_CHECK([for pw_class field in struct passwd],
2125 ac_cv_have_pw_class_in_struct_passwd, [
2126 AC_TRY_COMPILE(
2127 [
2e73a022 2128#include <pwd.h>
2129 ],
97994d32 2130 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2131 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2132 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2133 )
2134])
2135if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2136 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2137fi
2138
7751d4eb 2139AC_CACHE_CHECK([for pw_expire field in struct passwd],
2140 ac_cv_have_pw_expire_in_struct_passwd, [
2141 AC_TRY_COMPILE(
2142 [
2143#include <pwd.h>
2144 ],
2145 [ struct passwd p; p.pw_expire = 0; ],
2146 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2147 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2148 )
2149])
2150if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2151 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2152fi
2153
2154AC_CACHE_CHECK([for pw_change field in struct passwd],
2155 ac_cv_have_pw_change_in_struct_passwd, [
2156 AC_TRY_COMPILE(
2157 [
2158#include <pwd.h>
2159 ],
2160 [ struct passwd p; p.pw_change = 0; ],
2161 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2162 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2163 )
2164])
2165if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2166 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2167fi
58d100bf 2168
637f9177 2169dnl make sure we're using the real structure members and not defines
6f34652e 2170AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2171 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2172 AC_COMPILE_IFELSE(
6f34652e 2173 [
f95c8ce8 2174#include <sys/types.h>
6f34652e 2175#include <sys/socket.h>
2176#include <sys/uio.h>
637f9177 2177int main() {
2178#ifdef msg_accrights
1a01a50c 2179#error "msg_accrights is a macro"
637f9177 2180exit(1);
2181#endif
2182struct msghdr m;
2183m.msg_accrights = 0;
2184exit(0);
2185}
6f34652e 2186 ],
6f34652e 2187 [ ac_cv_have_accrights_in_msghdr="yes" ],
2188 [ ac_cv_have_accrights_in_msghdr="no" ]
2189 )
2190])
2191if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2192 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2193fi
2194
7176df4f 2195AC_CACHE_CHECK([for msg_control field in struct msghdr],
2196 ac_cv_have_control_in_msghdr, [
1a01a50c 2197 AC_COMPILE_IFELSE(
7176df4f 2198 [
f95c8ce8 2199#include <sys/types.h>
7176df4f 2200#include <sys/socket.h>
2201#include <sys/uio.h>
637f9177 2202int main() {
2203#ifdef msg_control
1a01a50c 2204#error "msg_control is a macro"
637f9177 2205exit(1);
2206#endif
2207struct msghdr m;
2208m.msg_control = 0;
2209exit(0);
2210}
7176df4f 2211 ],
7176df4f 2212 [ ac_cv_have_control_in_msghdr="yes" ],
2213 [ ac_cv_have_control_in_msghdr="no" ]
2214 )
2215])
2216if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2217 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2218fi
2219
58d100bf 2220AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2221 AC_TRY_LINK([],
2222 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2223 [ ac_cv_libc_defines___progname="yes" ],
2224 [ ac_cv_libc_defines___progname="no" ]
2225 )
2226])
2227if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2228 AC_DEFINE(HAVE___PROGNAME)
2229fi
8946db53 2230
c921ee00 2231AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2232 AC_TRY_LINK([
2233#include <stdio.h>
aff51935 2234],
2235 [ printf("%s", __FUNCTION__); ],
c921ee00 2236 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2237 [ ac_cv_cc_implements___FUNCTION__="no" ]
2238 )
2239])
2240if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2241 AC_DEFINE(HAVE___FUNCTION__)
2242fi
2243
2244AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2245 AC_TRY_LINK([
2246#include <stdio.h>
aff51935 2247],
2248 [ printf("%s", __func__); ],
c921ee00 2249 [ ac_cv_cc_implements___func__="yes" ],
2250 [ ac_cv_cc_implements___func__="no" ]
2251 )
2252])
2253if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2254 AC_DEFINE(HAVE___func__)
2255fi
2256
1812a662 2257AC_CACHE_CHECK([whether getopt has optreset support],
2258 ac_cv_have_getopt_optreset, [
2259 AC_TRY_LINK(
2260 [
2261#include <getopt.h>
2262 ],
2263 [ extern int optreset; optreset = 0; ],
2264 [ ac_cv_have_getopt_optreset="yes" ],
2265 [ ac_cv_have_getopt_optreset="no" ]
2266 )
2267])
2268if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2269 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2270fi
a0391976 2271
819b676f 2272AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2273 AC_TRY_LINK([],
2274 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2275 [ ac_cv_libc_defines_sys_errlist="yes" ],
2276 [ ac_cv_libc_defines_sys_errlist="no" ]
2277 )
2278])
2279if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2280 AC_DEFINE(HAVE_SYS_ERRLIST)
2281fi
2282
2283
416ed5a7 2284AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2285 AC_TRY_LINK([],
2286 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2287 [ ac_cv_libc_defines_sys_nerr="yes" ],
2288 [ ac_cv_libc_defines_sys_nerr="no" ]
2289 )
2290])
2291if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2292 AC_DEFINE(HAVE_SYS_NERR)
2293fi
2294
aff51935 2295SCARD_MSG="no"
295c8801 2296# Check whether user wants sectok support
2297AC_ARG_WITH(sectok,
2298 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2299 [
2300 if test "x$withval" != "xno" ; then
2301 if test "x$withval" != "xyes" ; then
2302 CPPFLAGS="$CPPFLAGS -I${withval}"
2303 LDFLAGS="$LDFLAGS -L${withval}"
2304 if test ! -z "$need_dash_r" ; then
2305 LDFLAGS="$LDFLAGS -R${withval}"
2306 fi
2307 if test ! -z "$blibpath" ; then
2308 blibpath="$blibpath:${withval}"
2309 fi
2310 fi
2311 AC_CHECK_HEADERS(sectok.h)
2312 if test "$ac_cv_header_sectok_h" != yes; then
2313 AC_MSG_ERROR(Can't find sectok.h)
2314 fi
2315 AC_CHECK_LIB(sectok, sectok_open)
2316 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2317 AC_MSG_ERROR(Can't find libsectok)
2318 fi
2319 AC_DEFINE(SMARTCARD)
295c8801 2320 AC_DEFINE(USE_SECTOK)
aff51935 2321 SCARD_MSG="yes, using sectok"
295c8801 2322 fi
2323 ]
2324)
2325
2326# Check whether user wants OpenSC support
987b458f 2327OPENSC_CONFIG="no"
295c8801 2328AC_ARG_WITH(opensc,
987b458f 2329 [--with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
2330 [
2331 if test "x$withval" != "xno" ; then
2332 if test "x$withval" != "xyes" ; then
2333 OPENSC_CONFIG=$withval/bin/opensc-config
2334 else
2335 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2336 fi
2337 if test "$OPENSC_CONFIG" != "no"; then
2338 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2339 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2340 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2341 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2342 AC_DEFINE(SMARTCARD)
2343 AC_DEFINE(USE_OPENSC)
2344 SCARD_MSG="yes, using OpenSC"
2345 fi
2346 fi
2347 ]
2348)
d0b19c95 2349
c31dc31c 2350# Check libraries needed by DNS fingerprint support
aff51935 2351AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2352 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2353 [
c31dc31c 2354 # Needed by our getrrsetbyname()
2355 AC_SEARCH_LIBS(res_query, resolv)
2356 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2357 AC_MSG_CHECKING(if res_query will link)
2358 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2359 [AC_MSG_RESULT(no)
2360 saved_LIBS="$LIBS"
2361 LIBS="$LIBS -lresolv"
2362 AC_MSG_CHECKING(for res_query in -lresolv)
2363 AC_LINK_IFELSE([
2364#include <resolv.h>
2365int main()
2366{
2367 res_query (0, 0, 0, 0, 0);
2368 return 0;
2369}
2370 ],
2371 [LIBS="$LIBS -lresolv"
2372 AC_MSG_RESULT(yes)],
2373 [LIBS="$saved_LIBS"
2374 AC_MSG_RESULT(no)])
2375 ])
c31dc31c 2376 AC_CHECK_FUNCS(_getshort _getlong)
2377 AC_CHECK_MEMBER(HEADER.ad,
2378 [AC_DEFINE(HAVE_HEADER_AD)],,
2379 [#include <arpa/nameser.h>])
2380 ])
3e05e934 2381
12928e80 2382# Check whether user wants Kerberos 5 support
aff51935 2383KRB5_MSG="no"
12928e80 2384AC_ARG_WITH(kerberos5,
aff51935 2385 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2386 [ if test "x$withval" != "xno" ; then
2387 if test "x$withval" = "xyes" ; then
2388 KRB5ROOT="/usr/local"
2389 else
2390 KRB5ROOT=${withval}
2391 fi
2392
2393 AC_DEFINE(KRB5)
2394 KRB5_MSG="yes"
2395
2396 AC_MSG_CHECKING(for krb5-config)
2397 if test -x $KRB5ROOT/bin/krb5-config ; then
2398 KRB5CONF=$KRB5ROOT/bin/krb5-config
2399 AC_MSG_RESULT($KRB5CONF)
2400
2401 AC_MSG_CHECKING(for gssapi support)
2402 if $KRB5CONF | grep gssapi >/dev/null ; then
2403 AC_MSG_RESULT(yes)
071970fb 2404 AC_DEFINE(GSSAPI)
2405 k5confopts=gssapi
aff51935 2406 else
5585c441 2407 AC_MSG_RESULT(no)
071970fb 2408 k5confopts=""
aff51935 2409 fi
071970fb 2410 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2411 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2412 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2413 AC_MSG_CHECKING(whether we are using Heimdal)
2414 AC_TRY_COMPILE([ #include <krb5.h> ],
2415 [ char *tmp = heimdal_version; ],
2416 [ AC_MSG_RESULT(yes)
2417 AC_DEFINE(HEIMDAL) ],
2418 AC_MSG_RESULT(no)
2419 )
2420 else
2421 AC_MSG_RESULT(no)
12928e80 2422 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2423 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2424 AC_MSG_CHECKING(whether we are using Heimdal)
2425 AC_TRY_COMPILE([ #include <krb5.h> ],
2426 [ char *tmp = heimdal_version; ],
2427 [ AC_MSG_RESULT(yes)
2428 AC_DEFINE(HEIMDAL)
41707f74 2429 K5LIBS="-lkrb5 -ldes"
2430 K5LIBS="$K5LIBS -lcom_err -lasn1"
2431 AC_CHECK_LIB(roken, net_write,
2432 [K5LIBS="$K5LIBS -lroken"])
aff51935 2433 ],
2434 [ AC_MSG_RESULT(no)
2435 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2436 ]
2437 )
4e00038c 2438 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2439
749560dd 2440 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2441 [ AC_DEFINE(GSSAPI)
2442 K5LIBS="-lgssapi $K5LIBS" ],
2443 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2444 [ AC_DEFINE(GSSAPI)
aff51935 2445 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2446 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2447 $K5LIBS)
2448 ],
2449 $K5LIBS)
2450
2451 AC_CHECK_HEADER(gssapi.h, ,
2452 [ unset ac_cv_header_gssapi_h
aff51935 2453 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2454 AC_CHECK_HEADERS(gssapi.h, ,
2455 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2456 )
749560dd 2457 ]
2458 )
2459
2460 oldCPP="$CPPFLAGS"
2461 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2462 AC_CHECK_HEADER(gssapi_krb5.h, ,
2463 [ CPPFLAGS="$oldCPP" ])
2464
aff51935 2465 fi
5585c441 2466 if test ! -z "$need_dash_r" ; then
2467 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2468 fi
2469 if test ! -z "$blibpath" ; then
2470 blibpath="$blibpath:${KRB5ROOT}/lib"
2471 fi
071970fb 2472 fi
2473
2474 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2475 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2476 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2477
2478 LIBS="$LIBS $K5LIBS"
2479 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
79753592 2480 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
071970fb 2481 ]
12928e80 2482)
b5b68128 2483
a0391976 2484# Looking for programs, paths and files
a0391976 2485
ecac8ee5 2486PRIVSEP_PATH=/var/empty
2487AC_ARG_WITH(privsep-path,
cda1ebcb 2488 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2489 [
2490 if test "x$withval" != "$no" ; then
2491 PRIVSEP_PATH=$withval
2492 fi
2493 ]
2494)
2495AC_SUBST(PRIVSEP_PATH)
2496
a0391976 2497AC_ARG_WITH(xauth,
2498 [ --with-xauth=PATH Specify path to xauth program ],
2499 [
00937921 2500 if test "x$withval" != "xno" ; then
cbd7492e 2501 xauth_path=$withval
a0391976 2502 fi
2503 ],
2504 [
2bf42e4a 2505 TestPath="$PATH"
2506 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2507 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2508 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2509 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2510 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2511 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2512 xauth_path="/usr/openwin/bin/xauth"
2513 fi
2514 ]
2515)
2516
65a4b4af 2517STRIP_OPT=-s
2518AC_ARG_ENABLE(strip,
2519 [ --disable-strip Disable calling strip(1) on install],
2520 [
2521 if test "x$enableval" = "xno" ; then
2522 STRIP_OPT=
2523 fi
2524 ]
2525)
2526AC_SUBST(STRIP_OPT)
2527
b3ec54b4 2528if test -z "$xauth_path" ; then
2529 XAUTH_PATH="undefined"
2530 AC_SUBST(XAUTH_PATH)
2531else
a0391976 2532 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2533 XAUTH_PATH=$xauth_path
2534 AC_SUBST(XAUTH_PATH)
a0391976 2535fi
a0391976 2536
2537# Check for mail directory (last resort if we cannot get it from headers)
2538if test ! -z "$MAIL" ; then
2539 maildir=`dirname $MAIL`
2540 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2541fi
2542
479cece8 2543if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2544 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2545 disable_ptmx_check=yes
2546fi
a0391976 2547if test -z "$no_dev_ptmx" ; then
6e879cb4 2548 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2549 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2550 [
2551 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2552 have_dev_ptmx=1
2553 ]
2554 )
2555 fi
3276571c 2556fi
1a01a50c 2557
479cece8 2558if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2559 AC_CHECK_FILE("/dev/ptc",
2560 [
2561 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2562 have_dev_ptc=1
2563 ]
2564 )
2565else
2566 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2567fi
3276571c 2568
a0391976 2569# Options from here on. Some of these are preset by platform above
fdf6b7aa 2570AC_ARG_WITH(mantype,
5d97cfbf 2571 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2572 [
5d97cfbf 2573 case "$withval" in
2574 man|cat|doc)
2575 MANTYPE=$withval
2576 ;;
2577 *)
2578 AC_MSG_ERROR(invalid man type: $withval)
2579 ;;
2580 esac
c54a6257 2581 ]
2582)
e0c4d3ac 2583if test -z "$MANTYPE"; then
2bf42e4a 2584 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2585 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2586 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2587 MANTYPE=doc
2588 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2589 MANTYPE=man
2590 else
2591 MANTYPE=cat
2592 fi
2593fi
c54a6257 2594AC_SUBST(MANTYPE)
e0c4d3ac 2595if test "$MANTYPE" = "doc"; then
2596 mansubdir=man;
2597else
2598 mansubdir=$MANTYPE;
2599fi
2600AC_SUBST(mansubdir)
0bc5b6fb 2601
a0391976 2602# Check whether to enable MD5 passwords
aff51935 2603MD5_MSG="no"
2ddcfdf3 2604AC_ARG_WITH(md5-passwords,
caf3bc51 2605 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2606 [
bcf36c78 2607 if test "x$withval" != "xno" ; then
0bc5b6fb 2608 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2609 MD5_MSG="yes"
0bc5b6fb 2610 fi
2611 ]
caf3bc51 2612)
2613
a0391976 2614# Whether to disable shadow password support
a7effaac 2615AC_ARG_WITH(shadow,
2616 [ --without-shadow Disable shadow password support],
2617 [
2618 if test "x$withval" = "xno" ; then
2619 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2620 disable_shadow=yes
a7effaac 2621 fi
2622 ]
2623)
2624
4cb5ffa0 2625if test -z "$disable_shadow" ; then
2626 AC_MSG_CHECKING([if the systems has expire shadow information])
2627 AC_TRY_COMPILE(
2628 [
2629#include <sys/types.h>
2630#include <shadow.h>
2631 struct spwd sp;
2632 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2633 [ sp_expire_available=yes ], []
2634 )
2635
2636 if test "x$sp_expire_available" = "xyes" ; then
2637 AC_MSG_RESULT(yes)
2638 AC_DEFINE(HAS_SHADOW_EXPIRE)
2639 else
2640 AC_MSG_RESULT(no)
2641 fi
2642fi
2643
a0391976 2644# Use ip address instead of hostname in $DISPLAY
44839801 2645if test ! -z "$IPADDR_IN_DISPLAY" ; then
2646 DISPLAY_HACK_MSG="yes"
2647 AC_DEFINE(IPADDR_IN_DISPLAY)
2648else
aff51935 2649 DISPLAY_HACK_MSG="no"
44839801 2650 AC_ARG_WITH(ipaddr-display,
2651 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2652 [
2653 if test "x$withval" != "xno" ; then
2654 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2655 DISPLAY_HACK_MSG="yes"
44839801 2656 fi
2657 ]
2658 )
2659fi
a7effaac 2660
95b99395 2661# check for /etc/default/login and use it if present.
daa41e62 2662AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2663 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2664 [ if test "x$enableval" = "xno"; then
2665 AC_MSG_NOTICE([/etc/default/login handling disabled])
2666 etc_default_login=no
2667 else
2668 etc_default_login=yes
2669 fi ],
2670 [ etc_default_login=yes ]
2671)
95b99395 2672
694d0cef 2673if test "x$etc_default_login" != "xno"; then
2674 AC_CHECK_FILE("/etc/default/login",
2675 [ external_path_file=/etc/default/login ])
479cece8 2676 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2677 then
1a01a50c 2678 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2679 elif test "x$external_path_file" = "x/etc/default/login"; then
2680 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2681 fi
694d0cef 2682fi
95b99395 2683
8d184c09 2684dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2685if test $ac_cv_func_login_getcapbool = "yes" -a \
2686 $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2687 external_path_file=/etc/login.conf
8d184c09 2688fi
95b99395 2689
a0391976 2690# Whether to mess with the default path
aff51935 2691SERVER_PATH_MSG="(default)"
c43d69a9 2692AC_ARG_WITH(default-path,
75817f90 2693 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2694 [
95b99395 2695 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2696 AC_MSG_WARN([
2697--with-default-path=PATH has no effect on this system.
2698Edit /etc/login.conf instead.])
2699 elif test "x$withval" != "xno" ; then
89bbd457 2700 if test ! -z "$external_path_file" ; then
95b99395 2701 AC_MSG_WARN([
2702--with-default-path=PATH will only be used if PATH is not defined in
2703$external_path_file .])
2704 fi
b2d818e6 2705 user_path="$withval"
aff51935 2706 SERVER_PATH_MSG="$withval"
cb807f40 2707 fi
b2d818e6 2708 ],
95b99395 2709 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2710 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2711 else
89bbd457 2712 if test ! -z "$external_path_file" ; then
95b99395 2713 AC_MSG_WARN([
2714If PATH is defined in $external_path_file, ensure the path to scp is included,
2715otherwise scp will not work.])
2716 fi
2717 AC_TRY_RUN(
2718 [
b2d818e6 2719/* find out what STDPATH is */
2720#include <stdio.h>
b2d818e6 2721#ifdef HAVE_PATHS_H
2722# include <paths.h>
2723#endif
2724#ifndef _PATH_STDPATH
d9a4e55b 2725# ifdef _PATH_USERPATH /* Irix */
2726# define _PATH_STDPATH _PATH_USERPATH
2727# else
2728# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2729# endif
b2d818e6 2730#endif
2731#include <sys/types.h>
2732#include <sys/stat.h>
2733#include <fcntl.h>
2734#define DATA "conftest.stdpath"
2735
2736main()
2737{
2738 FILE *fd;
2739 int rc;
2740
2741 fd = fopen(DATA,"w");
2742 if(fd == NULL)
2743 exit(1);
2744
2745 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2746 exit(1);
2747
2748 exit(0);
2749}
2750 ], [ user_path=`cat conftest.stdpath` ],
2751 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2752 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2753 )
2754# make sure $bindir is in USER_PATH so scp will work
2755 t_bindir=`eval echo ${bindir}`
2756 case $t_bindir in
2757 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2758 esac
2759 case $t_bindir in
2760 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2761 esac
2762 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2763 if test $? -ne 0 ; then
2764 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2765 if test $? -ne 0 ; then
2766 user_path=$user_path:$t_bindir
2767 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2768 fi
2769 fi
8d184c09 2770 fi ]
cb807f40 2771)
95b99395 2772if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 2773 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2774 AC_SUBST(user_path)
2775fi
cb807f40 2776
06617857 2777# Set superuser path separately to user path
06617857 2778AC_ARG_WITH(superuser-path,
2779 [ --with-superuser-path= Specify different path for super-user],
2780 [
2781 if test "x$withval" != "xno" ; then
2782 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2783 superuser_path=$withval
2784 fi
2785 ]
2786)
2787
2788
58d100bf 2789AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 2790IPV4_IN6_HACK_MSG="no"
80faa19f 2791AC_ARG_WITH(4in6,
2792 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2793 [
2794 if test "x$withval" != "xno" ; then
2795 AC_MSG_RESULT(yes)
2796 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2797 IPV4_IN6_HACK_MSG="yes"
80faa19f 2798 else
2799 AC_MSG_RESULT(no)
2800 fi
2801 ],[
2802 if test "x$inet6_default_4in6" = "xyes"; then
2803 AC_MSG_RESULT([yes (default)])
2804 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2805 IPV4_IN6_HACK_MSG="yes"
80faa19f 2806 else
2807 AC_MSG_RESULT([no (default)])
2808 fi
2809 ]
2810)
2811
af774732 2812# Whether to enable BSD auth support
f1b0ecc3 2813BSD_AUTH_MSG=no
af774732 2814AC_ARG_WITH(bsd-auth,
2815 [ --with-bsd-auth Enable BSD auth support],
2816 [
2817 if test "x$withval" != "xno" ; then
2818 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2819 BSD_AUTH_MSG=yes
af774732 2820 fi
2821 ]
2822)
2823
a0391976 2824# Where to place sshd.pid
19d9ac2a 2825piddir=/var/run
81dadca3 2826# make sure the directory exists
2827if test ! -d $piddir ; then
2828 piddir=`eval echo ${sysconfdir}`
2829 case $piddir in
aff51935 2830 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 2831 esac
2832fi
2833
47e45e44 2834AC_ARG_WITH(pid-dir,
2835 [ --with-pid-dir=PATH Specify location of ssh.pid file],
2836 [
2837 if test "x$withval" != "xno" ; then
19d9ac2a 2838 piddir=$withval
81dadca3 2839 if test ! -d $piddir ; then
2840 AC_MSG_WARN([** no $piddir directory on this system **])
2841 fi
47e45e44 2842 fi
2843 ]
2844)
b7a87eea 2845
42f11eb2 2846AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 2847AC_SUBST(piddir)
47e45e44 2848
1d7b9b20 2849dnl allow user to disable some login recording features
2850AC_ARG_ENABLE(lastlog,
bfd550a2 2851 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 2852 [
2853 if test "x$enableval" = "xno" ; then
2854 AC_DEFINE(DISABLE_LASTLOG)
2855 fi
2856 ]
1d7b9b20 2857)
2858AC_ARG_ENABLE(utmp,
bfd550a2 2859 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 2860 [
2861 if test "x$enableval" = "xno" ; then
2862 AC_DEFINE(DISABLE_UTMP)
2863 fi
2864 ]
1d7b9b20 2865)
2866AC_ARG_ENABLE(utmpx,
bfd550a2 2867 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 2868 [
2869 if test "x$enableval" = "xno" ; then
2870 AC_DEFINE(DISABLE_UTMPX)
2871 fi
2872 ]
1d7b9b20 2873)
2874AC_ARG_ENABLE(wtmp,
bfd550a2 2875 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 2876 [
2877 if test "x$enableval" = "xno" ; then
2878 AC_DEFINE(DISABLE_WTMP)
2879 fi
2880 ]
1d7b9b20 2881)
2882AC_ARG_ENABLE(wtmpx,
bfd550a2 2883 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 2884 [
2885 if test "x$enableval" = "xno" ; then
2886 AC_DEFINE(DISABLE_WTMPX)
2887 fi
2888 ]
1d7b9b20 2889)
2890AC_ARG_ENABLE(libutil,
bfd550a2 2891 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 2892 [
2893 if test "x$enableval" = "xno" ; then
2894 AC_DEFINE(DISABLE_LOGIN)
2895 fi
2896 ]
1d7b9b20 2897)
2898AC_ARG_ENABLE(pututline,
bfd550a2 2899 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 2900 [
2901 if test "x$enableval" = "xno" ; then
aff51935 2902 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 2903 fi
2904 ]
1d7b9b20 2905)
2906AC_ARG_ENABLE(pututxline,
bfd550a2 2907 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 2908 [
2909 if test "x$enableval" = "xno" ; then
2910 AC_DEFINE(DISABLE_PUTUTXLINE)
2911 fi
2912 ]
1d7b9b20 2913)
2914AC_ARG_WITH(lastlog,
bfd550a2 2915 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 2916 [
2917 if test "x$withval" = "xno" ; then
2918 AC_DEFINE(DISABLE_LASTLOG)
2919 else
2920 conf_lastlog_location=$withval
2921 fi
2922 ]
2923)
1d7b9b20 2924
2925dnl lastlog, [uw]tmpx? detection
2926dnl NOTE: set the paths in the platform section to avoid the
2927dnl need for command-line parameters
2928dnl lastlog and [uw]tmp are subject to a file search if all else fails
2929
2930dnl lastlog detection
2931dnl NOTE: the code itself will detect if lastlog is a directory
2932AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2933AC_TRY_COMPILE([
2934#include <sys/types.h>
2935#include <utmp.h>
2936#ifdef HAVE_LASTLOG_H
2937# include <lastlog.h>
2938#endif
d7c0f3d5 2939#ifdef HAVE_PATHS_H
1d7b9b20 2940# include <paths.h>
41cb4569 2941#endif
2942#ifdef HAVE_LOGIN_H
2943# include <login.h>
1d7b9b20 2944#endif
2945 ],
2946 [ char *lastlog = LASTLOG_FILE; ],
2947 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 2948 [
2949 AC_MSG_RESULT(no)
2950 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2951 AC_TRY_COMPILE([
2952#include <sys/types.h>
2953#include <utmp.h>
2954#ifdef HAVE_LASTLOG_H
2955# include <lastlog.h>
2956#endif
2957#ifdef HAVE_PATHS_H
2958# include <paths.h>
2959#endif
2960 ],
2961 [ char *lastlog = _PATH_LASTLOG; ],
2962 [ AC_MSG_RESULT(yes) ],
2963 [
f282b668 2964 AC_MSG_RESULT(no)
d7c0f3d5 2965 system_lastlog_path=no
2966 ])
2967 ]
1d7b9b20 2968)
d7c0f3d5 2969
1d7b9b20 2970if test -z "$conf_lastlog_location"; then
2971 if test x"$system_lastlog_path" = x"no" ; then
2972 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 2973 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 2974 conf_lastlog_location=$f
2975 fi
2976 done
2977 if test -z "$conf_lastlog_location"; then
f8119cef 2978 AC_MSG_WARN([** Cannot find lastlog **])
2979 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 2980 fi
2981 fi
2982fi
2983
2984if test -n "$conf_lastlog_location"; then
2985 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
2986fi
2987
2988dnl utmp detection
2989AC_MSG_CHECKING([if your system defines UTMP_FILE])
2990AC_TRY_COMPILE([
2991#include <sys/types.h>
2992#include <utmp.h>
d7c0f3d5 2993#ifdef HAVE_PATHS_H
1d7b9b20 2994# include <paths.h>
2995#endif
2996 ],
2997 [ char *utmp = UTMP_FILE; ],
2998 [ AC_MSG_RESULT(yes) ],
2999 [ AC_MSG_RESULT(no)
3000 system_utmp_path=no ]
3001)
3002if test -z "$conf_utmp_location"; then
3003 if test x"$system_utmp_path" = x"no" ; then
3004 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3005 if test -f $f ; then
3006 conf_utmp_location=$f
3007 fi
3008 done
3009 if test -z "$conf_utmp_location"; then
3010 AC_DEFINE(DISABLE_UTMP)
3011 fi
3012 fi
3013fi
3014if test -n "$conf_utmp_location"; then
3015 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
3016fi
3017
3018dnl wtmp detection
3019AC_MSG_CHECKING([if your system defines WTMP_FILE])
3020AC_TRY_COMPILE([
3021#include <sys/types.h>
3022#include <utmp.h>
d7c0f3d5 3023#ifdef HAVE_PATHS_H
1d7b9b20 3024# include <paths.h>
3025#endif
3026 ],
3027 [ char *wtmp = WTMP_FILE; ],
3028 [ AC_MSG_RESULT(yes) ],
3029 [ AC_MSG_RESULT(no)
3030 system_wtmp_path=no ]
3031)
3032if test -z "$conf_wtmp_location"; then
3033 if test x"$system_wtmp_path" = x"no" ; then
3034 for f in /usr/adm/wtmp /var/log/wtmp; do
3035 if test -f $f ; then
3036 conf_wtmp_location=$f
3037 fi
3038 done
3039 if test -z "$conf_wtmp_location"; then
3040 AC_DEFINE(DISABLE_WTMP)
3041 fi
3042 fi
3043fi
3044if test -n "$conf_wtmp_location"; then
3045 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
3046fi
3047
3048
3049dnl utmpx detection - I don't know any system so perverse as to require
3050dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3051dnl there, though.
3052AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3053AC_TRY_COMPILE([
3054#include <sys/types.h>
3055#include <utmp.h>
3056#ifdef HAVE_UTMPX_H
3057#include <utmpx.h>
3058#endif
d7c0f3d5 3059#ifdef HAVE_PATHS_H
1d7b9b20 3060# include <paths.h>
3061#endif
3062 ],
3063 [ char *utmpx = UTMPX_FILE; ],
3064 [ AC_MSG_RESULT(yes) ],
3065 [ AC_MSG_RESULT(no)
3066 system_utmpx_path=no ]
3067)
3068if test -z "$conf_utmpx_location"; then
3069 if test x"$system_utmpx_path" = x"no" ; then
3070 AC_DEFINE(DISABLE_UTMPX)
3071 fi
3072else
3073 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
3074fi
3075
3076dnl wtmpx detection
3077AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3078AC_TRY_COMPILE([
3079#include <sys/types.h>
3080#include <utmp.h>
3081#ifdef HAVE_UTMPX_H
3082#include <utmpx.h>
3083#endif
d7c0f3d5 3084#ifdef HAVE_PATHS_H
1d7b9b20 3085# include <paths.h>
3086#endif
3087 ],
3088 [ char *wtmpx = WTMPX_FILE; ],
3089 [ AC_MSG_RESULT(yes) ],
3090 [ AC_MSG_RESULT(no)
3091 system_wtmpx_path=no ]
3092)
3093if test -z "$conf_wtmpx_location"; then
3094 if test x"$system_wtmpx_path" = x"no" ; then
3095 AC_DEFINE(DISABLE_WTMPX)
3096 fi
3097else
3098 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
3099fi
3100
b7a87eea 3101
bd499f9e 3102if test ! -z "$blibpath" ; then
68ece370 3103 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3104 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3105fi
3106
ddceb1c8 3107dnl remove pam and dl because they are in $LIBPAM
3108if test "$PAM_MSG" = yes ; then
98f2d9d5 3109 LIBS=`echo $LIBS | sed 's/-lpam //'`
3110fi
3111if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3112 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3113fi
3114
3c62e7eb 3115AC_EXEEXT
d7cfdd7c 3116AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3117 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3118AC_OUTPUT
d3083fbd 3119
cbd7492e 3120# Print summary of options
3121
cbd7492e 3122# Someone please show me a better way :)
3123A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3124B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3125C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3126D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3127E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3128F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3129G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3130H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3131I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3132J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3133
3134echo ""
26de7942 3135echo "OpenSSH has been configured with the following options:"
ecac8ee5 3136echo " User binaries: $B"
3137echo " System binaries: $C"
3138echo " Configuration files: $D"
3139echo " Askpass program: $E"
3140echo " Manual pages: $F"
3141echo " PID file: $G"
3142echo " Privilege separation chroot path: $H"
95b99395 3143if test "x$external_path_file" = "x/etc/login.conf" ; then
3144echo " At runtime, sshd will use the path defined in $external_path_file"
3145echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3146else
ecac8ee5 3147echo " sshd default user PATH: $I"
89bbd457 3148 if test ! -z "$external_path_file"; then
95b99395 3149echo " (If PATH is set in $external_path_file it will be used instead. If"
3150echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3151 fi
8d184c09 3152fi
06617857 3153if test ! -z "$superuser_path" ; then
ecac8ee5 3154echo " sshd superuser user PATH: $J"
3155fi
3156echo " Manpage format: $MANTYPE"
3e05e934 3157echo " PAM support: $PAM_MSG"
ecac8ee5 3158echo " KerberosV support: $KRB5_MSG"
3159echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3160echo " S/KEY support: $SKEY_MSG"
3161echo " TCP Wrappers support: $TCPW_MSG"
3162echo " MD5 password support: $MD5_MSG"
59031773 3163echo " libedit support: $LIBEDIT_MSG"
3deb1408 3164echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3165echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3166echo " BSD Auth support: $BSD_AUTH_MSG"
3167echo " Random number source: $RAND_MSG"
f1b0ecc3 3168if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3169echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3170fi
3171
cbd7492e 3172echo ""
3173
0c2fb82f 3174echo " Host: ${host}"
3175echo " Compiler: ${CC}"
3176echo " Compiler flags: ${CFLAGS}"
3177echo "Preprocessor flags: ${CPPFLAGS}"
3178echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3179echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3180
3181echo ""
3182
9cefe228 3183if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3184 echo "SVR4 style packages are supported with \"make package\""
3185 echo ""
9cefe228 3186fi
3187
adeebd37 3188if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3189 echo "PAM is enabled. You may need to install a PAM control file "
3190 echo "for sshd, otherwise password authentication may fail. "
aff51935 3191 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3192 echo "subdirectory"
adeebd37 3193 echo ""
3194fi
3195
f1b0ecc3 3196if test ! -z "$RAND_HELPER_CMDHASH" ; then
3197 echo "WARNING: you are using the builtin random number collection "
3198 echo "service. Please read WARNING.RNG and request that your OS "
3199 echo "vendor includes kernel-based random number collection in "
3200 echo "future versions of your OS."
2c523de9 3201 echo ""
3202fi
af774732 3203
2f6f9cff 3204if test ! -z "$NO_PEERCHECK" ; then
3205 echo "WARNING: the operating system that you are using does not "
3206 echo "appear to support either the getpeereid() API nor the "
3207 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3208 echo "enforce security checks to prevent unauthorised connections to "
3209 echo "ssh-agent. Their absence increases the risk that a malicious "
3210 echo "user can connect to your agent. "
3211 echo ""
3212fi
3213
7b578f7d 3214if test "$AUDIT_MODULE" = "bsm" ; then
3215 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3216 echo "See the Solaris section in README.platform for details."
3217fi
git-cvsimport mirror of OpenSSH
This page took 0.860477 seconds and 5 git commands to generate.