]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- grunk@cvs.openbsd.org 2008/06/13 20:13:26
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 110 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
caa21240 115 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 116 # and/or platforms, so we test if we can. If it's not supported
117 # on a give platform gcc will emit a warning so we use -Werror.
caa21240 118 if test "x$use_stack_protector" = "x1"; then
119 for t in -fstack-protector-all -fstack-protector; do
23c5c479 120 AC_MSG_CHECKING(if $CC supports $t)
caa21240 121 saved_CFLAGS="$CFLAGS"
122 saved_LDFLAGS="$LDFLAGS"
23c5c479 123 CFLAGS="$CFLAGS $t -Werror"
124 LDFLAGS="$LDFLAGS $t -Werror"
125 AC_LINK_IFELSE(
126 [AC_LANG_SOURCE([
127#include <stdlib.h>
128int main(void){return 0;}
129 ])],
caa21240 130 [ AC_MSG_RESULT(yes)
23c5c479 131 CFLAGS="$saved_CFLAGS $t"
132 LDFLAGS="$saved_LDFLAGS $t"
caa21240 133 AC_MSG_CHECKING(if $t works)
134 AC_RUN_IFELSE(
135 [AC_LANG_SOURCE([
136#include <stdlib.h>
137int main(void){exit(0);}
138 ])],
139 [ AC_MSG_RESULT(yes)
140 break ],
141 [ AC_MSG_RESULT(no) ],
142 [ AC_MSG_WARN([cross compiling: cannot test])
143 break ]
23c5c479 144 )
caa21240 145 ],
146 [ AC_MSG_RESULT(no) ]
147 )
148 CFLAGS="$saved_CFLAGS"
149 LDFLAGS="$saved_LDFLAGS"
150 done
151 fi
eb5a7224 152
dfafb2e1 153 if test -z "$have_llong_max"; then
154 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
155 unset ac_cv_have_decl_LLONG_MAX
156 saved_CFLAGS="$CFLAGS"
157 CFLAGS="$CFLAGS -std=gnu99"
158 AC_CHECK_DECL(LLONG_MAX,
159 [have_llong_max=1],
160 [CFLAGS="$saved_CFLAGS"],
161 [#include <limits.h>]
162 )
163 fi
d423d822 164fi
165
0b9fdeb8 166if test "x$no_attrib_nonnull" != "x1" ; then
167 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
168fi
169
e6354014 170AC_ARG_WITH(rpath,
171 [ --without-rpath Disable auto-added -R linker paths],
172 [
82f4e93d 173 if test "x$withval" = "xno" ; then
e6354014 174 need_dash_r=""
175 fi
176 if test "x$withval" = "xyes" ; then
177 need_dash_r=1
178 fi
179 ]
180)
181
aa56f760 182# Allow user to specify flags
183AC_ARG_WITH(cflags,
184 [ --with-cflags Specify additional flags to pass to compiler],
185 [
186 if test -n "$withval" && test "x$withval" != "xno" && \
187 test "x${withval}" != "xyes"; then
188 CFLAGS="$CFLAGS $withval"
189 fi
190 ]
191)
192AC_ARG_WITH(cppflags,
193 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
194 [
195 if test -n "$withval" && test "x$withval" != "xno" && \
196 test "x${withval}" != "xyes"; then
197 CPPFLAGS="$CPPFLAGS $withval"
198 fi
199 ]
200)
201AC_ARG_WITH(ldflags,
202 [ --with-ldflags Specify additional flags to pass to linker],
203 [
204 if test -n "$withval" && test "x$withval" != "xno" && \
205 test "x${withval}" != "xyes"; then
206 LDFLAGS="$LDFLAGS $withval"
207 fi
208 ]
209)
210AC_ARG_WITH(libs,
211 [ --with-libs Specify additional libraries to link with],
212 [
213 if test -n "$withval" && test "x$withval" != "xno" && \
214 test "x${withval}" != "xyes"; then
215 LIBS="$LIBS $withval"
216 fi
217 ]
218)
219AC_ARG_WITH(Werror,
220 [ --with-Werror Build main code with -Werror],
221 [
222 if test -n "$withval" && test "x$withval" != "xno"; then
223 werror_flags="-Werror"
224 if test "x${withval}" != "xyes"; then
225 werror_flags="$withval"
226 fi
227 fi
228 ]
229)
230
231AC_CHECK_HEADERS( \
232 bstring.h \
233 crypt.h \
234 crypto/sha2.h \
235 dirent.h \
236 endian.h \
237 features.h \
238 fcntl.h \
239 floatingpoint.h \
240 getopt.h \
241 glob.h \
242 ia.h \
243 iaf.h \
244 limits.h \
245 login.h \
246 maillock.h \
247 ndir.h \
248 net/if_tun.h \
249 netdb.h \
250 netgroup.h \
251 pam/pam_appl.h \
252 paths.h \
6d39a5c4 253 poll.h \
aa56f760 254 pty.h \
255 readpassphrase.h \
256 rpc/types.h \
257 security/pam_appl.h \
258 sha2.h \
259 shadow.h \
260 stddef.h \
261 stdint.h \
262 string.h \
263 strings.h \
264 sys/audit.h \
265 sys/bitypes.h \
266 sys/bsdtty.h \
267 sys/cdefs.h \
268 sys/dir.h \
269 sys/mman.h \
4538e135 270 sys/mount.h \
aa56f760 271 sys/ndir.h \
8aa5db7d 272 sys/poll.h \
aa56f760 273 sys/prctl.h \
274 sys/pstat.h \
275 sys/select.h \
276 sys/stat.h \
277 sys/stream.h \
278 sys/stropts.h \
279 sys/strtio.h \
4538e135 280 sys/statvfs.h \
aa56f760 281 sys/sysmacros.h \
282 sys/time.h \
283 sys/timers.h \
284 sys/un.h \
285 time.h \
286 tmpdir.h \
287 ttyent.h \
40701614 288 ucred.h \
aa56f760 289 unistd.h \
290 usersec.h \
291 util.h \
292 utime.h \
293 utmp.h \
294 utmpx.h \
295 vis.h \
296)
297
298# lastlog.h requires sys/time.h to be included first on Solaris
299AC_CHECK_HEADERS(lastlog.h, [], [], [
300#ifdef HAVE_SYS_TIME_H
301# include <sys/time.h>
302#endif
303])
304
305# sys/ptms.h requires sys/stream.h to be included first on Solaris
306AC_CHECK_HEADERS(sys/ptms.h, [], [], [
307#ifdef HAVE_SYS_STREAM_H
308# include <sys/stream.h>
309#endif
310])
311
312# login_cap.h requires sys/types.h on NetBSD
313AC_CHECK_HEADERS(login_cap.h, [], [], [
314#include <sys/types.h>
315])
316
5b84789f 317# Messages for features tested for in target-specific section
318SIA_MSG="no"
319SPC_MSG="no"
320
a0391976 321# Check for some target-specific stuff
a7effaac 322case "$host" in
9d6b1b96 323*-*-aix*)
25a2779b 324 # Some versions of VAC won't allow macro redefinitions at
325 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
326 # particularly with older versions of vac or xlc.
327 # It also throws errors about null macro argments, but these are
328 # not fatal.
329 AC_MSG_CHECKING(if compiler allows macro redefinitions)
330 AC_COMPILE_IFELSE(
331 [AC_LANG_SOURCE([[
332#define testmacro foo
333#define testmacro bar
334int main(void) { exit(0); }
335 ]])],
336 [ AC_MSG_RESULT(yes) ],
337 [ AC_MSG_RESULT(no)
338 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
339 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
340 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
341 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
342 ]
343 )
344
aff51935 345 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 346 if (test -z "$blibpath"); then
0a15d73b 347 blibpath="/usr/lib:/lib"
68ece370 348 fi
349 saved_LDFLAGS="$LDFLAGS"
e7479666 350 if test "$GCC" = "yes"; then
351 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
352 else
353 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
354 fi
355 for tryflags in $flags ;do
68ece370 356 if (test -z "$blibflags"); then
357 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
358 AC_TRY_LINK([], [], [blibflags=$tryflags])
359 fi
360 done
361 if (test -z "$blibflags"); then
362 AC_MSG_RESULT(not found)
363 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
364 else
365 AC_MSG_RESULT($blibflags)
bd499f9e 366 fi
68ece370 367 LDFLAGS="$saved_LDFLAGS"
e351e493 368 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 369 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
370 [Define if you want to enable AIX4's authenticate function])],
0764e748 371 [AC_CHECK_LIB(s,authenticate,
e351e493 372 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 373 LIBS="$LIBS -ls"
374 ])
375 ])
ba603e06 376 dnl Check for various auth function declarations in headers.
c85ed8e2 377 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 378 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 379 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 380 AC_CHECK_DECLS(loginfailed,
e351e493 381 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
382 AC_TRY_COMPILE(
f58c0e01 383 [#include <usersec.h>],
e351e493 384 [(void)loginfailed("user","host","tty",0);],
385 [AC_MSG_RESULT(yes)
3466e002 386 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
387 [Define if your AIX loginfailed() function
388 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 389 [AC_MSG_RESULT(no)]
e351e493 390 )],
391 [],
392 [#include <usersec.h>]
393 )
533a78f0 394 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 395 AC_CHECK_DECL(F_CLOSEM,
795e7517 396 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 397 [],
398 [ #include <limits.h>
399 #include <fcntl.h> ]
400 )
5ccf88cb 401 check_for_aix_broken_getaddrinfo=1
3466e002 402 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
403 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
404 [Define if your platform breaks doing a seteuid before a setuid])
405 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
406 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 407 dnl AIX handles lastlog as part of its login message
3466e002 408 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
409 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
410 [Some systems need a utmpx entry for /bin/login to work])
411 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
412 [Define to a Set Process Title type if your system is
413 supported by bsd-setproctitle.c])
961c2997 414 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
415 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 416 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 417 ;;
3c62e7eb 418*-*-cygwin*)
a52997bd 419 check_for_libcrypt_later=1
04765d02 420 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 421 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
422 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
423 AC_DEFINE(DISABLE_SHADOW, 1,
424 [Define if you want to disable shadow passwords])
425 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
426 [Define if your system choked on IP TOS setting])
427 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
428 [Define if X11 doesn't support AF_UNIX sockets on that system])
429 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
430 [Define if the concept of ports only accessible to
431 superusers isn't known])
432 AC_DEFINE(DISABLE_FD_PASSING, 1,
433 [Define if your platform needs to skip post auth
434 file descriptor passing])
3c62e7eb 435 ;;
d6fdb079 436*-*-dgux*)
437 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 438 AC_DEFINE(SETEUID_BREAKS_SETUID)
439 AC_DEFINE(BROKEN_SETREUID)
440 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 441 ;;
39c98ef7 442*-*-darwin*)
33e2e066 443 AC_MSG_CHECKING(if we have working getaddrinfo)
444 AC_TRY_RUN([#include <mach-o/dyld.h>
445main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
446 exit(0);
447 else
448 exit(1);
449}], [AC_MSG_RESULT(working)],
450 [AC_MSG_RESULT(buggy)
3466e002 451 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 452 [AC_MSG_RESULT(assume it is working)])
635e0c42 453 AC_DEFINE(SETEUID_BREAKS_SETUID)
454 AC_DEFINE(BROKEN_SETREUID)
455 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 456 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 457 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
458 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 459 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
460 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
461 [Use tunnel device compatibility to OpenBSD])
462 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
463 [Prepend the address family to IP tunnel traffic])
a74e9b64 464 m4_pattern_allow(AU_IPv)
465 AC_CHECK_DECL(AU_IPv4, [],
466 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
467 [#include <bsm/audit.h>]
468 )
39c98ef7 469 ;;
36f36ba3 470*-*-dragonfly*)
471 SSHDLIBS="$SSHDLIBS -lcrypt"
472 ;;
7d458c86 473*-*-hpux*)
474 # first we define all of the options common to all HP-UX releases
b8fea62d 475 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 476 IPADDR_IN_DISPLAY=yes
2b10f47a 477 AC_DEFINE(USE_PIPES)
3466e002 478 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
479 [Define if your login program cannot handle end of options ("--")])
a2572aa7 480 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 481 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
482 [String used in /etc/passwd to denote locked account])
3a2b2b44 483 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 484 MAIL="/var/mail/username"
f75ca46d 485 LIBS="$LIBS -lsec"
7d458c86 486 AC_CHECK_LIB(xnet, t_error, ,
487 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
488
489 # next, we define all of the options specific to major releases
490 case "$host" in
491 *-*-hpux10*)
492 if test -z "$GCC"; then
493 CFLAGS="$CFLAGS -Ae"
494 fi
495 ;;
496 *-*-hpux11*)
3466e002 497 AC_DEFINE(PAM_SUN_CODEBASE, 1,
498 [Define if you are using Solaris-derived PAM which
499 passes pam_messages to the conversation function
500 with an extra level of indirection])
501 AC_DEFINE(DISABLE_UTMP, 1,
502 [Define if you don't want to use utmp])
7d458c86 503 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
504 check_for_hpux_broken_getaddrinfo=1
505 check_for_conflicting_getspnam=1
506 ;;
507 esac
508
509 # lastly, we define options specific to minor releases
510 case "$host" in
511 *-*-hpux10.26)
3466e002 512 AC_DEFINE(HAVE_SECUREWARE, 1,
513 [Define if you have SecureWare-based
514 protected password database])
7d458c86 515 disable_ptmx_check=yes
516 LIBS="$LIBS -lsecpw"
517 ;;
518 esac
2b763e31 519 ;;
d94aa2ae 520*-*-irix5*)
6ac7829a 521 PATH="$PATH:/usr/etc"
3466e002 522 AC_DEFINE(BROKEN_INET_NTOA, 1,
523 [Define if you system's inet_ntoa is busted
524 (e.g. Irix gcc issue)])
cb433561 525 AC_DEFINE(SETEUID_BREAKS_SETUID)
526 AC_DEFINE(BROKEN_SETREUID)
527 AC_DEFINE(BROKEN_SETREGID)
3466e002 528 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
529 [Define if you shouldn't strip 'tty' from your
530 ttyname in [uw]tmp])
3e6e3da0 531 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 532 ;;
533*-*-irix6*)
6ac7829a 534 PATH="$PATH:/usr/etc"
3466e002 535 AC_DEFINE(WITH_IRIX_ARRAY, 1,
536 [Define if you have/want arrays
537 (cluster-wide session managment, not C arrays)])
538 AC_DEFINE(WITH_IRIX_PROJECT, 1,
539 [Define if you want IRIX project management])
540 AC_DEFINE(WITH_IRIX_AUDIT, 1,
541 [Define if you want IRIX audit trails])
542 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
543 [Define if you want IRIX kernel jobs])])
416ed5a7 544 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 545 AC_DEFINE(SETEUID_BREAKS_SETUID)
546 AC_DEFINE(BROKEN_SETREUID)
547 AC_DEFINE(BROKEN_SETREGID)
3466e002 548 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 549 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 550 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 551 ;;
5cdfe03f 552*-*-linux*)
553 no_dev_ptmx=1
717057b6 554 check_for_libcrypt_later=1
eacb954e 555 check_for_openpty_ctty_bug=1
3466e002 556 AC_DEFINE(PAM_TTY_KLUDGE, 1,
557 [Work around problematic Linux PAM modules handling of PAM_TTY])
558 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
559 [String used in /etc/passwd to denote locked account])
3a2b2b44 560 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 561 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
562 [Define to whatever link() returns for "not supported"
563 if it doesn't return EOPNOTSUPP.])
b6610e8f 564 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 565 AC_DEFINE(USE_BTMP)
80faa19f 566 inet6_default_4in6=yes
bf7c1e6c 567 case `uname -r` in
ad84c479 568 1.*|2.0.*)
3466e002 569 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
570 [Define if cmsg_type is not passed correctly])
bf7c1e6c 571 ;;
bf7c1e6c 572 esac
c40f09ca 573 # tun(4) forwarding compat code
d91775e1 574 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 575 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 576 AC_DEFINE(SSH_TUN_LINUX, 1,
577 [Open tunnel devices the Linux tun/tap way])
578 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
579 [Use tunnel device compatibility to OpenBSD])
580 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
581 [Prepend the address family to IP tunnel traffic])
582 fi
5cdfe03f 583 ;;
66d6c27e 584mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 585 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 586 SONY=1
66d6c27e 587 ;;
d468fc76 588*-*-netbsd*)
33e2e066 589 check_for_libcrypt_before=1
82f4e93d 590 if test "x$withval" != "xno" ; then
e6354014 591 need_dash_r=1
592 fi
0f6cb079 593 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
594 AC_CHECK_HEADER([net/if_tap.h], ,
595 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
596 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
597 [Prepend the address family to IP tunnel traffic])
d468fc76 598 ;;
86b416a7 599*-*-freebsd*)
600 check_for_libcrypt_later=1
988c5031 601 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 602 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
603 AC_CHECK_HEADER([net/if_tap.h], ,
604 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 605 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 606 ;;
8707b7eb 607*-*-bsdi*)
608 AC_DEFINE(SETEUID_BREAKS_SETUID)
609 AC_DEFINE(BROKEN_SETREUID)
610 AC_DEFINE(BROKEN_SETREGID)
611 ;;
729bfe59 612*-next-*)
729bfe59 613 conf_lastlog_location="/usr/adm/lastlog"
698d107e 614 conf_utmp_location=/etc/utmp
615 conf_wtmp_location=/usr/adm/wtmp
616 MAIL=/usr/spool/mail
3466e002 617 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 618 AC_DEFINE(BROKEN_REALPATH)
00937921 619 AC_DEFINE(USE_PIPES)
3466e002 620 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 621 ;;
5b7b5e23 622*-*-openbsd*)
623 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 624 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 625 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 626 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
627 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 628 ;;
9d6b1b96 629*-*-solaris*)
82f4e93d 630 if test "x$withval" != "xno" ; then
010e9d5b 631 need_dash_r=1
632 fi
adeebd37 633 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 634 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 635 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
636 [Some versions of /bin/login need the TERM supplied
637 on the commandline])
7f0a4ff1 638 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 639 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
640 [Define if pam_chauthtok wants real uid set
641 to the unpriv'ed user])
3e6e3da0 642 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 643 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 644 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
645 [Define if sshd somehow reacquires a controlling TTY
646 after setsid()])
795aa5f5 647 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
648 in case the name is longer than 8 chars])
95b99395 649 external_path_file=/etc/default/login
1d7b9b20 650 # hardwire lastlog location (can't detect it on some versions)
651 conf_lastlog_location="/var/adm/lastlog"
32c80420 652 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
653 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
654 if test "$sol2ver" -ge 8; then
655 AC_MSG_RESULT(yes)
656 AC_DEFINE(DISABLE_UTMP)
3466e002 657 AC_DEFINE(DISABLE_WTMP, 1,
658 [Define if you don't want to use wtmp])
32c80420 659 else
660 AC_MSG_RESULT(no)
661 fi
5b84789f 662 AC_ARG_WITH(solaris-contracts,
663 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
664 [
665 AC_CHECK_LIB(contract, ct_tmpl_activate,
666 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
667 [Define if you have Solaris process contracts])
668 SSHDLIBS="$SSHDLIBS -lcontract"
669 AC_SUBST(SSHDLIBS)
670 SPC_MSG="yes" ], )
671 ],
672 )
9d6b1b96 673 ;;
a423beaf 674*-*-sunos4*)
0c2fb82f 675 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 676 AC_CHECK_FUNCS(getpwanam)
adeebd37 677 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 678 conf_utmp_location=/etc/utmp
679 conf_wtmp_location=/var/adm/wtmp
680 conf_lastlog_location=/var/adm/lastlog
137d7b6c 681 AC_DEFINE(USE_PIPES)
a423beaf 682 ;;
6f68f28a 683*-ncr-sysv*)
98a7c37b 684 LIBS="$LIBS -lc89"
29525240 685 AC_DEFINE(USE_PIPES)
eabb99c6 686 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 687 AC_DEFINE(SETEUID_BREAKS_SETUID)
688 AC_DEFINE(BROKEN_SETREUID)
689 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 690 ;;
132dd316 691*-sni-sysv*)
c8c15bcb 692 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 693 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 694 # -lresolv needs to be at the end of LIBS or DNS lookups break
695 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 696 IPADDR_IN_DISPLAY=yes
697 AC_DEFINE(USE_PIPES)
132dd316 698 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 699 AC_DEFINE(SETEUID_BREAKS_SETUID)
700 AC_DEFINE(BROKEN_SETREUID)
701 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 702 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 703 external_path_file=/etc/default/login
c8c15bcb 704 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
705 # Attention: always take care to bind libsocket and libnsl before libc,
706 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 707 ;;
79a7ba96 708# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 709*-*-sysv4.2*)
ed6553e2 710 AC_DEFINE(USE_PIPES)
7ed101c0 711 AC_DEFINE(SETEUID_BREAKS_SETUID)
712 AC_DEFINE(BROKEN_SETREUID)
713 AC_DEFINE(BROKEN_SETREGID)
46f853b9 714 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 715 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 716 ;;
79a7ba96 717# UnixWare 7.x, OpenUNIX 8
77bb0bca 718*-*-sysv5*)
d7d2cc6e 719 check_for_libcrypt_later=1
720 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 721 AC_DEFINE(USE_PIPES)
7ed101c0 722 AC_DEFINE(SETEUID_BREAKS_SETUID)
723 AC_DEFINE(BROKEN_SETREUID)
724 AC_DEFINE(BROKEN_SETREGID)
3466e002 725 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 726 case "$host" in
727 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
728 TEST_SHELL=/u95/bin/sh
3466e002 729 AC_DEFINE(BROKEN_LIBIAF, 1,
730 [ia_uinfo routines not supported by OS yet])
5cc6ddad 731 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 732 ;;
e45da4d6 733 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
734 ;;
822015dd 735 esac
77bb0bca 736 ;;
9d6b1b96 737*-*-sysv*)
9d6b1b96 738 ;;
79a7ba96 739# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 740*-*-sco3.2v4*)
11cf4f1f 741 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 742 ;;
79a7ba96 743# SCO OpenServer 5.x
77bb0bca 744*-*-sco3.2v5*)
21710e39 745 if test -z "$GCC"; then
746 CFLAGS="$CFLAGS -belf"
747 fi
ed6553e2 748 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 749 no_dev_ptmx=1
ed6553e2 750 AC_DEFINE(USE_PIPES)
6e879cb4 751 AC_DEFINE(HAVE_SECUREWARE)
d287c664 752 AC_DEFINE(DISABLE_SHADOW)
94d8258b 753 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 754 AC_DEFINE(SETEUID_BREAKS_SETUID)
755 AC_DEFINE(BROKEN_SETREUID)
756 AC_DEFINE(BROKEN_SETREGID)
bcebad47 757 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 758 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 759 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 760 AC_CHECK_FUNCS(getluid setluid)
533875af 761 MANTYPE=man
a3245b92 762 TEST_SHELL=ksh
509b1f88 763 ;;
ccbb983c 764*-*-unicosmk*)
3466e002 765 AC_DEFINE(NO_SSH_LASTLOG, 1,
766 [Define if you don't want to use lastlog in session.c])
c1ad5966 767 AC_DEFINE(SETEUID_BREAKS_SETUID)
768 AC_DEFINE(BROKEN_SETREUID)
769 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 770 AC_DEFINE(USE_PIPES)
771 AC_DEFINE(DISABLE_FD_PASSING)
772 LDFLAGS="$LDFLAGS"
773 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
774 MANTYPE=cat
d262b7f2 775 ;;
7b9a8c6e 776*-*-unicosmp*)
c1ad5966 777 AC_DEFINE(SETEUID_BREAKS_SETUID)
778 AC_DEFINE(BROKEN_SETREUID)
779 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 780 AC_DEFINE(WITH_ABBREV_NO_TTY)
781 AC_DEFINE(USE_PIPES)
782 AC_DEFINE(DISABLE_FD_PASSING)
783 LDFLAGS="$LDFLAGS"
c1ad5966 784 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 785 MANTYPE=cat
786 ;;
ca5c7d6a 787*-*-unicos*)
c1ad5966 788 AC_DEFINE(SETEUID_BREAKS_SETUID)
789 AC_DEFINE(BROKEN_SETREUID)
790 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 791 AC_DEFINE(USE_PIPES)
94d8258b 792 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 793 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 794 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
795 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
796 MANTYPE=cat
a704dd54 797 ;;
4d33e531 798*-dec-osf*)
99c8ddac 799 AC_MSG_CHECKING(for Digital Unix SIA)
800 no_osfsia=""
801 AC_ARG_WITH(osfsia,
802 [ --with-osfsia Enable Digital Unix SIA],
803 [
804 if test "x$withval" = "xno" ; then
805 AC_MSG_RESULT(disabled)
806 no_osfsia=1
807 fi
808 ],
809 )
810 if test -z "$no_osfsia" ; then
4d33e531 811 if test -f /etc/sia/matrix.conf; then
812 AC_MSG_RESULT(yes)
3466e002 813 AC_DEFINE(HAVE_OSF_SIA, 1,
814 [Define if you have Digital Unix Security
815 Integration Architecture])
816 AC_DEFINE(DISABLE_LOGIN, 1,
817 [Define if you don't want to use your
818 system's login() call])
58d0df4e 819 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 820 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 821 SIA_MSG="yes"
4d33e531 822 else
823 AC_MSG_RESULT(no)
3466e002 824 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
825 [String used in /etc/passwd to denote locked account])
4d33e531 826 fi
827 fi
a6e67b60 828 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 829 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 830 AC_DEFINE(BROKEN_SETREUID)
831 AC_DEFINE(BROKEN_SETREGID)
4d33e531 832 ;;
41cb4569 833
9c54c067 834*-*-nto-qnx*)
41cb4569 835 AC_DEFINE(USE_PIPES)
836 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 837 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
838 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
839 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 840 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 841 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 842 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 843 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 844 case "$host" in
845 *-*-nto-qnx6*)
846 AC_DEFINE(DISABLE_FD_PASSING)
847 ;;
848 esac
41cb4569 849 ;;
35fc74ed 850
851*-*-ultrix*)
3466e002 852 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
853 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 854 AC_DEFINE(NEED_SETPGRP)
b5765e1d 855 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
856 ;;
157b6700 857
858*-*-lynxos)
859 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 860 AC_DEFINE(MISSING_HOWMANY)
157b6700 861 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
862 ;;
a7effaac 863esac
864
c5829391 865AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 866AC_RUN_IFELSE(
867 [AC_LANG_SOURCE([
c5829391 868#include <stdio.h>
869int main(){exit(0);}
479cece8 870 ])],
c5829391 871 [ AC_MSG_RESULT(yes) ],
872 [
873 AC_MSG_RESULT(no)
874 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 875 ],
876 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 877)
878
b04a9f8c 879dnl Checks for header files.
a0391976 880# Checks for libraries.
98a7c37b 881AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
882AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 883
446227d6 884dnl IRIX and Solaris 2.5.1 have dirname() in libgen
885AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
886 AC_CHECK_LIB(gen, dirname,[
887 AC_CACHE_CHECK([for broken dirname],
888 ac_cv_have_broken_dirname, [
889 save_LIBS="$LIBS"
890 LIBS="$LIBS -lgen"
b0e7249f 891 AC_RUN_IFELSE(
892 [AC_LANG_SOURCE([[
446227d6 893#include <libgen.h>
894#include <string.h>
895
896int main(int argc, char **argv) {
897 char *s, buf[32];
898
899 strncpy(buf,"/etc", 32);
900 s = dirname(buf);
901 if (!s || strncmp(s, "/", 32) != 0) {
902 exit(1);
903 } else {
904 exit(0);
905 }
906}
b0e7249f 907 ]])],
908 [ ac_cv_have_broken_dirname="no" ],
909 [ ac_cv_have_broken_dirname="yes" ],
446227d6 910 [ ac_cv_have_broken_dirname="no" ],
446227d6 911 )
912 LIBS="$save_LIBS"
913 ])
914 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
915 LIBS="$LIBS -lgen"
916 AC_DEFINE(HAVE_DIRNAME)
917 AC_CHECK_HEADERS(libgen.h)
918 fi
919 ])
920])
921
922AC_CHECK_FUNC(getspnam, ,
923 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 924AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
925 [Define if you have the basename function.]))
446227d6 926
98a7c37b 927dnl zlib is required
928AC_ARG_WITH(zlib,
929 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 930 [ if test "x$withval" = "xno" ; then
931 AC_MSG_ERROR([*** zlib is required ***])
932 elif test "x$withval" != "xyes"; then
98a7c37b 933 if test -d "$withval/lib"; then
934 if test -n "${need_dash_r}"; then
5a162955 935 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 936 else
5a162955 937 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 938 fi
939 else
940 if test -n "${need_dash_r}"; then
5a162955 941 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 942 else
5a162955 943 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 944 fi
945 fi
946 if test -d "$withval/include"; then
5a162955 947 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 948 else
5a162955 949 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 950 fi
6dd05556 951 fi ]
98a7c37b 952)
953
0a15d73b 954AC_CHECK_LIB(z, deflate, ,
955 [
956 saved_CPPFLAGS="$CPPFLAGS"
957 saved_LDFLAGS="$LDFLAGS"
958 save_LIBS="$LIBS"
959 dnl Check default zlib install dir
960 if test -n "${need_dash_r}"; then
961 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
962 else
963 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
964 fi
965 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
966 LIBS="$LIBS -lz"
967 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
968 [
969 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
970 ]
971 )
972 ]
973)
4ad65809 974AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 975
976AC_ARG_WITH(zlib-version-check,
977 [ --without-zlib-version-check Disable zlib version check],
978 [ if test "x$withval" = "xno" ; then
979 zlib_check_nonfatal=1
980 fi
981 ]
982)
983
5c7fc85d 984AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 985AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 986#include <stdio.h>
4ad65809 987#include <zlib.h>
988int main()
989{
5c7fc85d 990 int a=0, b=0, c=0, d=0, n, v;
991 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
992 if (n != 3 && n != 4)
4ad65809 993 exit(1);
5c7fc85d 994 v = a*1000000 + b*10000 + c*100 + d;
995 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
996
997 /* 1.1.4 is OK */
998 if (a == 1 && b == 1 && c >= 4)
4ad65809 999 exit(0);
5c7fc85d 1000
0072b59d 1001 /* 1.2.3 and up are OK */
1002 if (v >= 1020300)
5c7fc85d 1003 exit(0);
1004
4ad65809 1005 exit(2);
1006}
479cece8 1007 ]])],
5c7fc85d 1008 AC_MSG_RESULT(no),
1009 [ AC_MSG_RESULT(yes)
8068d564 1010 if test -z "$zlib_check_nonfatal" ; then
1011 AC_MSG_ERROR([*** zlib too old - check config.log ***
1012Your reported zlib version has known security problems. It's possible your
1013vendor has fixed these problems without changing the version number. If you
1014are sure this is the case, you can disable the check by running
1015"./configure --without-zlib-version-check".
6090bcfe 1016If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1017See http://www.gzip.org/zlib/ for details.])
8068d564 1018 else
1019 AC_MSG_WARN([zlib version may have security problems])
1020 fi
1a01a50c 1021 ],
1022 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1023)
48e7916f 1024
2c523de9 1025dnl UnixWare 2.x
aff51935 1026AC_CHECK_FUNC(strcasecmp,
2c523de9 1027 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1028)
23361281 1029AC_CHECK_FUNCS(utimes,
cda1ebcb 1030 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1031 LIBS="$LIBS -lc89"]) ]
2c523de9 1032)
4cca272e 1033
7c6d759d 1034dnl Checks for libutil functions
1035AC_CHECK_HEADERS(libutil.h)
3466e002 1036AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1037 [Define if your libraries define login()])])
b3ef88dc 1038AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1039
a738c3b0 1040AC_FUNC_STRFTIME
1041
84ceda19 1042# Check for ALTDIRFUNC glob() extension
1043AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1044AC_EGREP_CPP(FOUNDIT,
1045 [
1046 #include <glob.h>
1047 #ifdef GLOB_ALTDIRFUNC
1048 FOUNDIT
1049 #endif
aff51935 1050 ],
84ceda19 1051 [
3466e002 1052 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1053 [Define if your system glob() function has
1054 the GLOB_ALTDIRFUNC extension])
84ceda19 1055 AC_MSG_RESULT(yes)
1056 ],
1057 [
1058 AC_MSG_RESULT(no)
1059 ]
1060)
4cca272e 1061
40849fdb 1062# Check for g.gl_matchc glob() extension
1063AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1064AC_TRY_COMPILE(
13ff27b7 1065 [ #include <glob.h> ],
1066 [glob_t g; g.gl_matchc = 1;],
aff51935 1067 [
3466e002 1068 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1069 [Define if your system glob() function has
1070 gl_matchc options in glob_t])
aff51935 1071 AC_MSG_RESULT(yes)
1072 ],
1073 [
1074 AC_MSG_RESULT(no)
1075 ]
40849fdb 1076)
1077
78888bab 1078AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1079
edbe6722 1080AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1081AC_RUN_IFELSE(
479cece8 1082 [AC_LANG_SOURCE([[
edbe6722 1083#include <sys/types.h>
1084#include <dirent.h>
aec4cb4f 1085int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1086 ]])],
aff51935 1087 [AC_MSG_RESULT(yes)],
edbe6722 1088 [
1089 AC_MSG_RESULT(no)
3466e002 1090 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1091 [Define if your struct dirent expects you to
3466e002 1092 allocate extra space for d_name])
1a01a50c 1093 ],
82f4e93d 1094 [
1a01a50c 1095 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1096 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1097 ]
1098)
1099
419e26e7 1100AC_MSG_CHECKING([for /proc/pid/fd directory])
1101if test -d "/proc/$$/fd" ; then
3466e002 1102 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1103 AC_MSG_RESULT(yes)
1104else
1105 AC_MSG_RESULT(no)
1106fi
1107
278588d8 1108# Check whether user wants S/Key support
aff51935 1109SKEY_MSG="no"
278588d8 1110AC_ARG_WITH(skey,
6ff3d0dc 1111 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1112 [
1113 if test "x$withval" != "xno" ; then
1114
1115 if test "x$withval" != "xyes" ; then
1116 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1117 LDFLAGS="$LDFLAGS -L${withval}/lib"
1118 fi
1119
3466e002 1120 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1121 LIBS="-lskey $LIBS"
aff51935 1122 SKEY_MSG="yes"
82f4e93d 1123
ddceb1c8 1124 AC_MSG_CHECKING([for s/key support])
b0e7249f 1125 AC_LINK_IFELSE(
1126 [AC_LANG_SOURCE([[
ddceb1c8 1127#include <stdio.h>
1128#include <skey.h>
aec4cb4f 1129int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1130 ]])],
ddceb1c8 1131 [AC_MSG_RESULT(yes)],
278588d8 1132 [
ddceb1c8 1133 AC_MSG_RESULT(no)
278588d8 1134 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1135 ])
141fc639 1136 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1137 AC_TRY_COMPILE(
1138 [#include <stdio.h>
1139 #include <skey.h>],
1140 [(void)skeychallenge(NULL,"name","",0);],
1141 [AC_MSG_RESULT(yes)
3466e002 1142 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1143 [Define if your skeychallenge()
1144 function takes 4 arguments (NetBSD)])],
141fc639 1145 [AC_MSG_RESULT(no)]
1146 )
278588d8 1147 fi
1148 ]
1149)
1150
1151# Check whether user wants TCP wrappers support
98a7c37b 1152TCPW_MSG="no"
278588d8 1153AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1154 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1155 [
1156 if test "x$withval" != "xno" ; then
1157 saved_LIBS="$LIBS"
98a7c37b 1158 saved_LDFLAGS="$LDFLAGS"
1159 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1160 if test -n "${withval}" && \
6cf0200f 1161 test "x${withval}" != "xyes"; then
98a7c37b 1162 if test -d "${withval}/lib"; then
1163 if test -n "${need_dash_r}"; then
5a162955 1164 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1165 else
5a162955 1166 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1167 fi
1168 else
1169 if test -n "${need_dash_r}"; then
5a162955 1170 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1171 else
5a162955 1172 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1173 fi
1174 fi
1175 if test -d "${withval}/include"; then
5a162955 1176 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1177 else
5a162955 1178 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1179 fi
98a7c37b 1180 fi
e54defb4 1181 LIBS="-lwrap $LIBS"
278588d8 1182 AC_MSG_CHECKING(for libwrap)
1183 AC_TRY_LINK(
1184 [
77f09220 1185#include <sys/types.h>
1186#include <sys/socket.h>
1187#include <netinet/in.h>
278588d8 1188#include <tcpd.h>
1189 int deny_severity = 0, allow_severity = 0;
1190 ],
1191 [hosts_access(0);],
1192 [
1193 AC_MSG_RESULT(yes)
3466e002 1194 AC_DEFINE(LIBWRAP, 1,
1195 [Define if you want
1196 TCP Wrappers support])
e54defb4 1197 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1198 TCPW_MSG="yes"
278588d8 1199 ],
1200 [
1201 AC_MSG_ERROR([*** libwrap missing])
1202 ]
1203 )
ddceb1c8 1204 LIBS="$saved_LIBS"
278588d8 1205 fi
1206 ]
1207)
1208
59031773 1209# Check whether user wants libedit support
1210LIBEDIT_MSG="no"
1211AC_ARG_WITH(libedit,
6ff3d0dc 1212 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1213 [ if test "x$withval" != "xno" ; then
737edf04 1214 if test "x$withval" != "xyes"; then
bb116c8e 1215 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1216 if test -n "${need_dash_r}"; then
1217 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1218 else
1219 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1220 fi
737edf04 1221 fi
59031773 1222 AC_CHECK_LIB(edit, el_init,
3466e002 1223 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1224 LIBEDIT="-ledit -lcurses"
1225 LIBEDIT_MSG="yes"
1226 AC_SUBST(LIBEDIT)
1227 ],
737edf04 1228 [ AC_MSG_ERROR(libedit not found) ],
1229 [ -lcurses ]
59031773 1230 )
f47ddccb 1231 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1232 AC_COMPILE_IFELSE(
1233 [AC_LANG_SOURCE([[
1234#include <histedit.h>
f47ddccb 1235int main(void)
1236{
1237 int i = H_SETSIZE;
1238 el_init("", NULL, NULL, NULL);
1239 exit(0);
1240}
d92622f9 1241 ]])],
f47ddccb 1242 [ AC_MSG_RESULT(yes) ],
1243 [ AC_MSG_RESULT(no)
1244 AC_MSG_ERROR(libedit version is not compatible) ]
1245 )
59031773 1246 fi ]
1247)
1248
7b578f7d 1249AUDIT_MODULE=none
1250AC_ARG_WITH(audit,
1251 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1252 [
1253 AC_MSG_CHECKING(for supported audit module)
1254 case "$withval" in
1255 bsm)
1256 AC_MSG_RESULT(bsm)
1257 AUDIT_MODULE=bsm
1258 dnl Checks for headers, libs and functions
1259 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1260 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1261 [
1262#ifdef HAVE_TIME_H
1263# include <time.h>
1264#endif
1265 ]
1266)
7b578f7d 1267 AC_CHECK_LIB(bsm, getaudit, [],
1268 [AC_MSG_ERROR(BSM enabled and required library not found)])
1269 AC_CHECK_FUNCS(getaudit, [],
1270 [AC_MSG_ERROR(BSM enabled and required function not found)])
1271 # These are optional
a74e9b64 1272 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1273 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1274 ;;
1275 debug)
1276 AUDIT_MODULE=debug
1277 AC_MSG_RESULT(debug)
3466e002 1278 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1279 ;;
a2b3321d 1280 no)
d92622f9 1281 AC_MSG_RESULT(no)
a2b3321d 1282 ;;
7b578f7d 1283 *)
1284 AC_MSG_ERROR([Unknown audit module $withval])
1285 ;;
1286 esac ]
1287)
1288
19160674 1289dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1290AC_CHECK_FUNCS( \
1291 arc4random \
185adaf8 1292 arc4random_buf \
1293 arc4random_uniform \
9a406e1e 1294 asprintf \
b04a9f8c 1295 b64_ntop \
1296 __b64_ntop \
1297 b64_pton \
1298 __b64_pton \
1299 bcopy \
1300 bindresvport_sa \
1301 clock \
1302 closefrom \
1303 dirfd \
b04a9f8c 1304 fchmod \
1305 fchown \
1306 freeaddrinfo \
22f5e872 1307 fstatvfs \
b04a9f8c 1308 futimes \
1309 getaddrinfo \
1310 getcwd \
1311 getgrouplist \
1312 getnameinfo \
1313 getopt \
1314 getpeereid \
1961d660 1315 getpeerucred \
b04a9f8c 1316 _getpty \
1317 getrlimit \
1318 getttyent \
1319 glob \
1320 inet_aton \
1321 inet_ntoa \
1322 inet_ntop \
1323 innetgr \
1324 login_getcapbool \
1325 md5_crypt \
1326 memmove \
1327 mkdtemp \
1328 mmap \
1329 ngetaddrinfo \
1330 nsleep \
1331 ogetaddrinfo \
1332 openlog_r \
1333 openpty \
6d39a5c4 1334 poll \
b04a9f8c 1335 prctl \
1336 pstat \
1337 readpassphrase \
1338 realpath \
1339 recvmsg \
1340 rresvport_af \
1341 sendmsg \
1342 setdtablesize \
1343 setegid \
1344 setenv \
1345 seteuid \
1346 setgroups \
1347 setlogin \
1348 setpcred \
1349 setproctitle \
1350 setregid \
1351 setreuid \
1352 setrlimit \
1353 setsid \
1354 setvbuf \
1355 sigaction \
1356 sigvec \
1357 snprintf \
1358 socketpair \
4538e135 1359 statfs \
1360 statvfs \
b04a9f8c 1361 strdup \
1362 strerror \
1363 strlcat \
1364 strlcpy \
1365 strmode \
1366 strnvis \
1367 strtonum \
1e29a0c8 1368 strtoll \
b04a9f8c 1369 strtoul \
1aac2117 1370 swap32 \
b04a9f8c 1371 sysconf \
1372 tcgetpgrp \
1373 truncate \
1374 unsetenv \
1375 updwtmpx \
9a406e1e 1376 vasprintf \
b04a9f8c 1377 vhangup \
1378 vsnprintf \
1379 waitpid \
19160674 1380)
98a7c37b 1381
1a086f97 1382# IRIX has a const char return value for gai_strerror()
1383AC_CHECK_FUNCS(gai_strerror,[
1384 AC_DEFINE(HAVE_GAI_STRERROR)
1385 AC_TRY_COMPILE([
1386#include <sys/types.h>
1387#include <sys/socket.h>
1388#include <netdb.h>
1389
1390const char *gai_strerror(int);],[
1391char *str;
1392
1393str = gai_strerror(0);],[
1394 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1395 [Define if gai_strerror() returns const char *])])])
1396
3466e002 1397AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1398 [Some systems put nanosleep outside of libc]))
92b1decf 1399
309709db 1400dnl Make sure prototypes are defined for these before using them.
309709db 1401AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1402AC_CHECK_DECL(strsep,
1403 [AC_CHECK_FUNCS(strsep)],
1404 [],
1405 [
1406#ifdef HAVE_STRING_H
1407# include <string.h>
1408#endif
1409 ])
08412d26 1410
3490699c 1411dnl tcsendbreak might be a macro
1412AC_CHECK_DECL(tcsendbreak,
1413 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1414 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1415 [#include <termios.h>]
1416)
1417
41e0e158 1418AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1419
71f4c727 1420AC_CHECK_DECLS(SHUT_RD, , ,
1421 [
1422#include <sys/types.h>
1423#include <sys/socket.h>
1424 ])
956d6743 1425
1426AC_CHECK_DECLS(O_NONBLOCK, , ,
1427 [
1428#include <sys/types.h>
1429#ifdef HAVE_SYS_STAT_H
1430# include <sys/stat.h>
1431#endif
1432#ifdef HAVE_FCNTL_H
1433# include <fcntl.h>
1434#endif
1435 ])
1436
752994dd 1437AC_CHECK_DECLS(writev, , , [
1438#include <sys/types.h>
1439#include <sys/uio.h>
1440#include <unistd.h>
1441 ])
1442
0bf6279d 1443AC_CHECK_DECLS(MAXSYMLINKS, , , [
1444#include <sys/param.h>
1445 ])
1446
b41ece30 1447AC_CHECK_DECLS(offsetof, , , [
1448#include <stddef.h>
1449 ])
1450
3f176010 1451AC_CHECK_FUNCS(setresuid, [
1452 dnl Some platorms have setresuid that isn't implemented, test for this
1453 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1454 AC_RUN_IFELSE(
1455 [AC_LANG_SOURCE([[
9a3fe0e2 1456#include <stdlib.h>
1457#include <errno.h>
1458int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1459 ]])],
3f176010 1460 [AC_MSG_RESULT(yes)],
3466e002 1461 [AC_DEFINE(BROKEN_SETRESUID, 1,
1462 [Define if your setresuid() is broken])
1a01a50c 1463 AC_MSG_RESULT(not implemented)],
1464 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1465 )
1466])
9a3fe0e2 1467
3f176010 1468AC_CHECK_FUNCS(setresgid, [
1469 dnl Some platorms have setresgid that isn't implemented, test for this
1470 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1471 AC_RUN_IFELSE(
1472 [AC_LANG_SOURCE([[
9a3fe0e2 1473#include <stdlib.h>
1474#include <errno.h>
1475int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1476 ]])],
3f176010 1477 [AC_MSG_RESULT(yes)],
3466e002 1478 [AC_DEFINE(BROKEN_SETRESGID, 1,
1479 [Define if your setresgid() is broken])
1a01a50c 1480 AC_MSG_RESULT(not implemented)],
1481 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1482 )
1483])
9a3fe0e2 1484
2e73a022 1485dnl Checks for time functions
1d7b9b20 1486AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1487dnl Checks for utmp functions
b03bd394 1488AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1489AC_CHECK_FUNCS(utmpname)
2e73a022 1490dnl Checks for utmpx functions
b03bd394 1491AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1492AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1493
aff51935 1494AC_CHECK_FUNC(daemon,
3466e002 1495 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1496 [AC_CHECK_LIB(bsd, daemon,
1497 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1498)
1499
aff51935 1500AC_CHECK_FUNC(getpagesize,
3466e002 1501 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1502 [Define if your libraries define getpagesize()])],
1503 [AC_CHECK_LIB(ucb, getpagesize,
1504 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1505)
1506
2647ae26 1507# Check for broken snprintf
1508if test "x$ac_cv_func_snprintf" = "xyes" ; then
1509 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1510 AC_RUN_IFELSE(
479cece8 1511 [AC_LANG_SOURCE([[
2647ae26 1512#include <stdio.h>
aec4cb4f 1513int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1514 ]])],
aff51935 1515 [AC_MSG_RESULT(yes)],
2647ae26 1516 [
1517 AC_MSG_RESULT(no)
3466e002 1518 AC_DEFINE(BROKEN_SNPRINTF, 1,
1519 [Define if your snprintf is busted])
2647ae26 1520 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1521 ],
1522 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1523 )
1524fi
1525
9a406e1e 1526# If we don't have a working asprintf, then we strongly depend on vsnprintf
1527# returning the right thing on overflow: the number of characters it tried to
1528# create (as per SUSv3)
1529if test "x$ac_cv_func_asprintf" != "xyes" && \
1530 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1531 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1532 AC_RUN_IFELSE(
1533 [AC_LANG_SOURCE([[
1534#include <sys/types.h>
1535#include <stdio.h>
1536#include <stdarg.h>
1537
1538int x_snprintf(char *str,size_t count,const char *fmt,...)
1539{
1540 size_t ret; va_list ap;
1541 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1542 return ret;
1543}
1544int main(void)
1545{
1546 char x[1];
1547 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1548} ]])],
1549 [AC_MSG_RESULT(yes)],
1550 [
1551 AC_MSG_RESULT(no)
1552 AC_DEFINE(BROKEN_SNPRINTF, 1,
1553 [Define if your snprintf is busted])
1554 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1555 ],
1556 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1557 )
1558fi
1559
31b0732a 1560# On systems where [v]snprintf is broken, but is declared in stdio,
1561# check that the fmt argument is const char * or just char *.
1562# This is only useful for when BROKEN_SNPRINTF
1563AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1564AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1565 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1566 int main(void) { snprintf(0, 0, 0); }
1567 ]])],
1568 [AC_MSG_RESULT(yes)
1569 AC_DEFINE(SNPRINTF_CONST, [const],
1570 [Define as const if snprintf() can declare const char *fmt])],
1571 [AC_MSG_RESULT(no)
1572 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1573
2f6f9cff 1574# Check for missing getpeereid (or equiv) support
1575NO_PEERCHECK=""
1961d660 1576if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1577 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1578 AC_TRY_COMPILE(
1579 [#include <sys/types.h>
1580 #include <sys/socket.h>],
1581 [int i = SO_PEERCRED;],
62eb7db4 1582 [ AC_MSG_RESULT(yes)
3466e002 1583 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1584 ],
2f6f9cff 1585 [AC_MSG_RESULT(no)
1586 NO_PEERCHECK=1]
1587 )
1588fi
1589
70e7d0b0 1590dnl see whether mkstemp() requires XXXXXX
1591if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1592AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1593AC_RUN_IFELSE(
1594 [AC_LANG_SOURCE([[
70e7d0b0 1595#include <stdlib.h>
1596main() { char template[]="conftest.mkstemp-test";
1597if (mkstemp(template) == -1)
1598 exit(1);
1599unlink(template); exit(0);
1600}
b0e7249f 1601 ]])],
70e7d0b0 1602 [
1603 AC_MSG_RESULT(no)
1604 ],
aff51935 1605 [
70e7d0b0 1606 AC_MSG_RESULT(yes)
3466e002 1607 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1608 ],
1609 [
1610 AC_MSG_RESULT(yes)
1611 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1612 ]
70e7d0b0 1613)
1614fi
1615
eacb954e 1616dnl make sure that openpty does not reacquire controlling terminal
1617if test ! -z "$check_for_openpty_ctty_bug"; then
1618 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1619 AC_RUN_IFELSE(
1620 [AC_LANG_SOURCE([[
eacb954e 1621#include <stdio.h>
1622#include <sys/fcntl.h>
1623#include <sys/types.h>
1624#include <sys/wait.h>
1625
1626int
1627main()
1628{
1629 pid_t pid;
1630 int fd, ptyfd, ttyfd, status;
1631
1632 pid = fork();
1633 if (pid < 0) { /* failed */
1634 exit(1);
1635 } else if (pid > 0) { /* parent */
1636 waitpid(pid, &status, 0);
aff51935 1637 if (WIFEXITED(status))
eacb954e 1638 exit(WEXITSTATUS(status));
1639 else
1640 exit(2);
1641 } else { /* child */
1642 close(0); close(1); close(2);
1643 setsid();
1644 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1645 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1646 if (fd >= 0)
1647 exit(3); /* Acquired ctty: broken */
1648 else
1649 exit(0); /* Did not acquire ctty: OK */
1650 }
1651}
b0e7249f 1652 ]])],
eacb954e 1653 [
1654 AC_MSG_RESULT(yes)
1655 ],
1656 [
1657 AC_MSG_RESULT(no)
1658 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1659 ],
1660 [
1661 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1662 ]
1663 )
1664fi
1665
4b492aab 1666if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1667 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1668 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1669 AC_RUN_IFELSE(
1670 [AC_LANG_SOURCE([[
2fe51906 1671#include <stdio.h>
1672#include <sys/socket.h>
1673#include <netdb.h>
1674#include <errno.h>
1675#include <netinet/in.h>
1676
1677#define TEST_PORT "2222"
1678
1679int
1680main(void)
1681{
1682 int err, sock;
1683 struct addrinfo *gai_ai, *ai, hints;
1684 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1685
1686 memset(&hints, 0, sizeof(hints));
1687 hints.ai_family = PF_UNSPEC;
1688 hints.ai_socktype = SOCK_STREAM;
1689 hints.ai_flags = AI_PASSIVE;
1690
1691 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1692 if (err != 0) {
1693 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1694 exit(1);
1695 }
1696
1697 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1698 if (ai->ai_family != AF_INET6)
1699 continue;
1700
1701 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1702 sizeof(ntop), strport, sizeof(strport),
1703 NI_NUMERICHOST|NI_NUMERICSERV);
1704
1705 if (err != 0) {
1706 if (err == EAI_SYSTEM)
1707 perror("getnameinfo EAI_SYSTEM");
1708 else
1709 fprintf(stderr, "getnameinfo failed: %s\n",
1710 gai_strerror(err));
1711 exit(2);
1712 }
1713
1714 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1715 if (sock < 0)
1716 perror("socket");
1717 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1718 if (errno == EBADF)
1719 exit(3);
1720 }
1721 }
1722 exit(0);
1723}
b0e7249f 1724 ]])],
2fe51906 1725 [
1726 AC_MSG_RESULT(yes)
1727 ],
1728 [
1729 AC_MSG_RESULT(no)
1730 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1731 ],
1732 [
1733 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1734 ]
1735 )
1736fi
1737
4b492aab 1738if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1739 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1740 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1741 AC_RUN_IFELSE(
1742 [AC_LANG_SOURCE([[
5ccf88cb 1743#include <stdio.h>
1744#include <sys/socket.h>
1745#include <netdb.h>
1746#include <errno.h>
1747#include <netinet/in.h>
1748
1749#define TEST_PORT "2222"
1750
1751int
1752main(void)
1753{
1754 int err, sock;
1755 struct addrinfo *gai_ai, *ai, hints;
1756 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1757
1758 memset(&hints, 0, sizeof(hints));
1759 hints.ai_family = PF_UNSPEC;
1760 hints.ai_socktype = SOCK_STREAM;
1761 hints.ai_flags = AI_PASSIVE;
1762
1763 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1764 if (err != 0) {
1765 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1766 exit(1);
1767 }
1768
1769 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1770 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1771 continue;
1772
1773 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1774 sizeof(ntop), strport, sizeof(strport),
1775 NI_NUMERICHOST|NI_NUMERICSERV);
1776
1777 if (ai->ai_family == AF_INET && err != 0) {
1778 perror("getnameinfo");
1779 exit(2);
1780 }
1781 }
1782 exit(0);
1783}
b0e7249f 1784 ]])],
5ccf88cb 1785 [
1786 AC_MSG_RESULT(yes)
3466e002 1787 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1788 [Define if you have a getaddrinfo that fails
1789 for the all-zeros IPv6 address])
5ccf88cb 1790 ],
1791 [
1792 AC_MSG_RESULT(no)
1793 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1794 ],
ecd9ec09 1795 [
b0e7249f 1796 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1797 ]
1798 )
1799fi
1800
b29fd59f 1801if test "x$check_for_conflicting_getspnam" = "x1"; then
1802 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1803 AC_COMPILE_IFELSE(
1804 [
1805#include <shadow.h>
1806int main(void) {exit(0);}
1807 ],
1808 [
1809 AC_MSG_RESULT(no)
1810 ],
1811 [
1812 AC_MSG_RESULT(yes)
1813 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1814 [Conflicting defs for getspnam])
1815 ]
1816 )
1817fi
1818
7f8f5e00 1819AC_FUNC_GETPGRP
1820
5b991353 1821# Search for OpenSSL
1822saved_CPPFLAGS="$CPPFLAGS"
1823saved_LDFLAGS="$LDFLAGS"
a0391976 1824AC_ARG_WITH(ssl-dir,
1825 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1826 [
e9e4a1c7 1827 if test "x$withval" != "xno" ; then
99eb0f64 1828 case "$withval" in
1829 # Relative paths
1830 ./*|../*) withval="`pwd`/$withval"
1831 esac
5b991353 1832 if test -d "$withval/lib"; then
1833 if test -n "${need_dash_r}"; then
1834 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1835 else
1836 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1837 fi
1838 else
5b991353 1839 if test -n "${need_dash_r}"; then
1840 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1841 else
1842 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1843 fi
1844 fi
5b991353 1845 if test -d "$withval/include"; then
1846 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1847 else
5b991353 1848 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1849 fi
a0391976 1850 fi
5b991353 1851 ]
1852)
5486a457 1853LIBS="-lcrypto $LIBS"
3466e002 1854AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1855 [Define if your ssl headers are included
1856 with #include <openssl/header.h>]),
d45e3d76 1857 [
5b991353 1858 dnl Check default openssl install dir
1859 if test -n "${need_dash_r}"; then
1860 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1861 else
5b991353 1862 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1863 fi
5b991353 1864 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1865 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1866 [
1867 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1868 ]
1869 )
1870 ]
1871)
1872
cd018561 1873# Determine OpenSSL header version
1874AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1875AC_RUN_IFELSE(
479cece8 1876 [AC_LANG_SOURCE([[
cd018561 1877#include <stdio.h>
1878#include <string.h>
1879#include <openssl/opensslv.h>
1880#define DATA "conftest.sslincver"
1881int main(void) {
aff51935 1882 FILE *fd;
1883 int rc;
cd018561 1884
aff51935 1885 fd = fopen(DATA,"w");
1886 if(fd == NULL)
1887 exit(1);
cd018561 1888
1889 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1890 exit(1);
1891
1892 exit(0);
1893}
479cece8 1894 ]])],
cd018561 1895 [
1896 ssl_header_ver=`cat conftest.sslincver`
1897 AC_MSG_RESULT($ssl_header_ver)
1898 ],
1899 [
1900 AC_MSG_RESULT(not found)
1901 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1902 ],
1903 [
1904 AC_MSG_WARN([cross compiling: not checking])
cd018561 1905 ]
1906)
1907
1908# Determine OpenSSL library version
1909AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1910AC_RUN_IFELSE(
479cece8 1911 [AC_LANG_SOURCE([[
cd018561 1912#include <stdio.h>
1913#include <string.h>
1914#include <openssl/opensslv.h>
1915#include <openssl/crypto.h>
1916#define DATA "conftest.ssllibver"
1917int main(void) {
aff51935 1918 FILE *fd;
1919 int rc;
cd018561 1920
aff51935 1921 fd = fopen(DATA,"w");
1922 if(fd == NULL)
1923 exit(1);
cd018561 1924
1925 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1926 exit(1);
1927
1928 exit(0);
1929}
479cece8 1930 ]])],
cd018561 1931 [
1932 ssl_library_ver=`cat conftest.ssllibver`
1933 AC_MSG_RESULT($ssl_library_ver)
1934 ],
1935 [
1936 AC_MSG_RESULT(not found)
1937 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1938 ],
1939 [
1940 AC_MSG_WARN([cross compiling: not checking])
cd018561 1941 ]
1942)
58d100bf 1943
1d42bcce 1944AC_ARG_WITH(openssl-header-check,
1945 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1946 [ if test "x$withval" = "xno" ; then
1947 openssl_check_nonfatal=1
1948 fi
1949 ]
1950)
1951
9780116c 1952# Sanity check OpenSSL headers
1953AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1954AC_RUN_IFELSE(
479cece8 1955 [AC_LANG_SOURCE([[
9780116c 1956#include <string.h>
1957#include <openssl/opensslv.h>
aec4cb4f 1958int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1959 ]])],
9780116c 1960 [
1961 AC_MSG_RESULT(yes)
1962 ],
1963 [
1964 AC_MSG_RESULT(no)
1d42bcce 1965 if test "x$openssl_check_nonfatal" = "x"; then
1966 AC_MSG_ERROR([Your OpenSSL headers do not match your
1967library. Check config.log for details.
1968If you are sure your installation is consistent, you can disable the check
1969by running "./configure --without-openssl-header-check".
1970Also see contrib/findssl.sh for help identifying header/library mismatches.
1971])
1972 else
1973 AC_MSG_WARN([Your OpenSSL headers do not match your
1974library. Check config.log for details.
e15ba28b 1975Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1976 fi
1a01a50c 1977 ],
1978 [
1979 AC_MSG_WARN([cross compiling: not checking])
9780116c 1980 ]
1981)
1982
282d6408 1983AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1984AC_LINK_IFELSE(
1985 [AC_LANG_SOURCE([[
1986#include <openssl/evp.h>
1987int main(void) { SSLeay_add_all_algorithms(); }
1988 ]])],
1989 [
1990 AC_MSG_RESULT(yes)
1991 ],
1992 [
1993 AC_MSG_RESULT(no)
1994 saved_LIBS="$LIBS"
1995 LIBS="$LIBS -ldl"
1996 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1997 AC_LINK_IFELSE(
1998 [AC_LANG_SOURCE([[
1999#include <openssl/evp.h>
2000int main(void) { SSLeay_add_all_algorithms(); }
2001 ]])],
2002 [
2003 AC_MSG_RESULT(yes)
2004 ],
2005 [
2006 AC_MSG_RESULT(no)
2007 LIBS="$saved_LIBS"
2008 ]
2009 )
2010 ]
2011)
2012
c7ad0d99 2013AC_ARG_WITH(ssl-engine,
2014 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2015 [ if test "x$withval" != "xno" ; then
2016 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2017 AC_TRY_COMPILE(
2018 [ #include <openssl/engine.h>],
2019 [
24b2647b 2020ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2021 ],
2022 [ AC_MSG_RESULT(yes)
2023 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2024 [Enable OpenSSL engine support])
2025 ],
2026 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2027 )
2028 fi ]
2029)
2030
e5146707 2031# Check for OpenSSL without EVP_aes_{192,256}_cbc
2032AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2033AC_LINK_IFELSE(
e5146707 2034 [AC_LANG_SOURCE([[
2035#include <string.h>
2036#include <openssl/evp.h>
300ea548 2037int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2038 ]])],
2039 [
2040 AC_MSG_RESULT(no)
2041 ],
2042 [
2043 AC_MSG_RESULT(yes)
2044 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2045 [libcrypto is missing AES 192 and 256 bit functions])
2046 ]
2047)
2048
5486a457 2049# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2050# because the system crypt() is more featureful.
2051if test "x$check_for_libcrypt_before" = "x1"; then
2052 AC_CHECK_LIB(crypt, crypt)
2053fi
2054
aff51935 2055# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2056# version in OpenSSL.
05114c74 2057if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2058 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2059fi
2060
13ff27b7 2061# Search for SHA256 support in libc and/or OpenSSL
2062AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2063
a03acb8f 2064saved_LIBS="$LIBS"
2065AC_CHECK_LIB(iaf, ia_openinfo, [
2066 LIBS="$LIBS -liaf"
d837615a 2067 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2068 AC_DEFINE(HAVE_LIBIAF, 1,
2069 [Define if system has libiaf that supports set_id])
2070 ])
a03acb8f 2071])
2072LIBS="$saved_LIBS"
f1b0ecc3 2073
2074### Configure cryptographic random number support
2075
2076# Check wheter OpenSSL seeds itself
2077AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2078AC_RUN_IFELSE(
479cece8 2079 [AC_LANG_SOURCE([[
f1b0ecc3 2080#include <string.h>
2081#include <openssl/rand.h>
aec4cb4f 2082int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2083 ]])],
f1b0ecc3 2084 [
2085 OPENSSL_SEEDS_ITSELF=yes
2086 AC_MSG_RESULT(yes)
2087 ],
2088 [
2089 AC_MSG_RESULT(no)
2090 # Default to use of the rand helper if OpenSSL doesn't
2091 # seed itself
2092 USE_RAND_HELPER=yes
1a01a50c 2093 ],
2094 [
2095 AC_MSG_WARN([cross compiling: assuming yes])
2096 # This is safe, since all recent OpenSSL versions will
82f4e93d 2097 # complain at runtime if not seeded correctly.
1a01a50c 2098 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2099 ]
2100)
2101
a086f73b 2102# Check for PAM libs
2103PAM_MSG="no"
2104AC_ARG_WITH(pam,
2105 [ --with-pam Enable PAM support ],
2106 [
2107 if test "x$withval" != "xno" ; then
2108 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2109 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2110 AC_MSG_ERROR([PAM headers not found])
2111 fi
2112
2113 saved_LIBS="$LIBS"
2114 AC_CHECK_LIB(dl, dlopen, , )
2115 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2116 AC_CHECK_FUNCS(pam_getenvlist)
2117 AC_CHECK_FUNCS(pam_putenv)
2118 LIBS="$saved_LIBS"
2119
2120 PAM_MSG="yes"
2121
e54defb4 2122 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2123 AC_DEFINE(USE_PAM, 1,
2124 [Define if you want to enable PAM support])
282d6408 2125
a086f73b 2126 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2127 case "$LIBS" in
2128 *-ldl*)
2129 # libdl already in LIBS
2130 ;;
2131 *)
e54defb4 2132 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2133 ;;
2134 esac
a086f73b 2135 fi
a086f73b 2136 fi
2137 ]
2138)
2139
2140# Check for older PAM
2141if test "x$PAM_MSG" = "xyes" ; then
2142 # Check PAM strerror arguments (old PAM)
2143 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2144 AC_TRY_COMPILE(
2145 [
2146#include <stdlib.h>
2147#if defined(HAVE_SECURITY_PAM_APPL_H)
2148#include <security/pam_appl.h>
2149#elif defined (HAVE_PAM_PAM_APPL_H)
2150#include <pam/pam_appl.h>
2151#endif
2152 ],
2153 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2154 [AC_MSG_RESULT(no)],
2155 [
2156 AC_DEFINE(HAVE_OLD_PAM, 1,
2157 [Define if you have an old version of PAM
2158 which takes only one argument to pam_strerror])
2159 AC_MSG_RESULT(yes)
2160 PAM_MSG="yes (old library)"
2161 ]
2162 )
2163fi
f1b0ecc3 2164
2165# Do we want to force the use of the rand helper?
2166AC_ARG_WITH(rand-helper,
2167 [ --with-rand-helper Use subprocess to gather strong randomness ],
2168 [
2169 if test "x$withval" = "xno" ; then
aff51935 2170 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2171 # the previous test showed it to be unseeded.
2172 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2173 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2174 OPENSSL_SEEDS_ITSELF=yes
2175 USE_RAND_HELPER=""
2176 fi
2177 else
2178 USE_RAND_HELPER=yes
2179 fi
2180 ],
82f4e93d 2181)
f1b0ecc3 2182
2183# Which randomness source do we use?
4b492aab 2184if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2185 # OpenSSL only
3466e002 2186 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2187 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2188 RAND_MSG="OpenSSL internal ONLY"
2189 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2190elif test ! -z "$USE_RAND_HELPER" ; then
2191 # install rand helper
f1b0ecc3 2192 RAND_MSG="ssh-rand-helper"
2193 INSTALL_SSH_RAND_HELPER="yes"
2194fi
2195AC_SUBST(INSTALL_SSH_RAND_HELPER)
2196
2197### Configuration of ssh-rand-helper
2198
2199# PRNGD TCP socket
2200AC_ARG_WITH(prngd-port,
2201 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2202 [
eb5d7ff6 2203 case "$withval" in
2204 no)
2205 withval=""
2206 ;;
2207 [[0-9]]*)
2208 ;;
2209 *)
2210 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2211 ;;
2212 esac
2213 if test ! -z "$withval" ; then
f1b0ecc3 2214 PRNGD_PORT="$withval"
3466e002 2215 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2216 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2217 fi
2218 ]
2219)
2220
2221# PRNGD Unix domain socket
2222AC_ARG_WITH(prngd-socket,
2223 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2224 [
eb5d7ff6 2225 case "$withval" in
2226 yes)
f1b0ecc3 2227 withval="/var/run/egd-pool"
eb5d7ff6 2228 ;;
2229 no)
2230 withval=""
2231 ;;
2232 /*)
2233 ;;
2234 *)
2235 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2236 ;;
2237 esac
2238
2239 if test ! -z "$withval" ; then
f1b0ecc3 2240 if test ! -z "$PRNGD_PORT" ; then
2241 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2242 fi
906e811b 2243 if test ! -r "$withval" ; then
f1b0ecc3 2244 AC_MSG_WARN(Entropy socket is not readable)
2245 fi
2246 PRNGD_SOCKET="$withval"
3466e002 2247 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2248 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2249 fi
ddceb1c8 2250 ],
2251 [
2252 # Check for existing socket only if we don't have a random device already
2253 if test "$USE_RAND_HELPER" = yes ; then
2254 AC_MSG_CHECKING(for PRNGD/EGD socket)
2255 # Insert other locations here
2256 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2257 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2258 PRNGD_SOCKET="$sock"
2259 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2260 break;
2261 fi
2262 done
2263 if test ! -z "$PRNGD_SOCKET" ; then
2264 AC_MSG_RESULT($PRNGD_SOCKET)
2265 else
2266 AC_MSG_RESULT(not found)
2267 fi
2268 fi
f1b0ecc3 2269 ]
2270)
2271
2272# Change default command timeout for hashing entropy source
2273entropy_timeout=200
2274AC_ARG_WITH(entropy-timeout,
2275 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2276 [
6cf0200f 2277 if test -n "$withval" && test "x$withval" != "xno" && \
2278 test "x${withval}" != "xyes"; then
f1b0ecc3 2279 entropy_timeout=$withval
2280 fi
82f4e93d 2281 ]
f1b0ecc3 2282)
3466e002 2283AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2284 [Builtin PRNG command timeout])
f1b0ecc3 2285
fd3cbf67 2286SSH_PRIVSEP_USER=sshd
9a0fbcb3 2287AC_ARG_WITH(privsep-user,
5222e7ef 2288 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2289 [
6cf0200f 2290 if test -n "$withval" && test "x$withval" != "xno" && \
2291 test "x${withval}" != "xyes"; then
fd3cbf67 2292 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2293 fi
82f4e93d 2294 ]
9a0fbcb3 2295)
3466e002 2296AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2297 [non-privileged user for privilege separation])
fd3cbf67 2298AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2299
81dadca3 2300# We do this little dance with the search path to insure
2301# that programs that we select for use by installed programs
2302# (which may be run by the super-user) come from trusted
2303# locations before they come from the user's private area.
2304# This should help avoid accidentally configuring some
2305# random version of a program in someone's personal bin.
2306
2307OPATH=$PATH
2308PATH=/bin:/usr/bin
f95c8ce8 2309test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2310test -d /sbin && PATH=$PATH:/sbin
2311test -d /usr/sbin && PATH=$PATH:/usr/sbin
2312PATH=$PATH:/etc:$OPATH
2313
aff51935 2314# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2315OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2316OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2317OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2318OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2319OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2320OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2321OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2322OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2323OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2324OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2325OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2326OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2327OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2328OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2329OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2330OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2331# restore PATH
2332PATH=$OPATH
f1b0ecc3 2333
2334# Where does ssh-rand-helper get its randomness from?
2335INSTALL_SSH_PRNG_CMDS=""
2336if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2337 if test ! -z "$PRNGD_PORT" ; then
2338 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2339 elif test ! -z "$PRNGD_SOCKET" ; then
2340 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2341 else
2342 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2343 RAND_HELPER_CMDHASH=yes
2344 INSTALL_SSH_PRNG_CMDS="yes"
2345 fi
2346fi
2347AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2348
2349
66d6c27e 2350# Cheap hack to ensure NEWS-OS libraries are arranged right.
2351if test ! -z "$SONY" ; then
2352 LIBS="$LIBS -liberty";
2353fi
2354
9a406e1e 2355# Check for long long datatypes
2356AC_CHECK_TYPES([long long, unsigned long long, long double])
2357
2358# Check datatype sizes
976f7e19 2359AC_CHECK_SIZEOF(char, 1)
2b942fe0 2360AC_CHECK_SIZEOF(short int, 2)
2361AC_CHECK_SIZEOF(int, 4)
2362AC_CHECK_SIZEOF(long int, 4)
2363AC_CHECK_SIZEOF(long long int, 8)
2364
52f1ccb2 2365# Sanity check long long for some platforms (AIX)
2366if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2367 ac_cv_sizeof_long_long_int=0
2368fi
2369
90f15776 2370# compute LLONG_MIN and LLONG_MAX if we don't know them.
2371if test -z "$have_llong_max"; then
2372 AC_MSG_CHECKING([for max value of long long])
2373 AC_RUN_IFELSE(
2374 [AC_LANG_SOURCE([[
2375#include <stdio.h>
2376/* Why is this so damn hard? */
2377#ifdef __GNUC__
2378# undef __GNUC__
2379#endif
2380#define __USE_ISOC99
2381#include <limits.h>
2382#define DATA "conftest.llminmax"
055252ed 2383#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2384
2385/*
2386 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2387 * we do this the hard way.
2388 */
2389static int
2390fprint_ll(FILE *f, long long n)
2391{
2392 unsigned int i;
2393 int l[sizeof(long long) * 8];
2394
2395 if (n < 0)
2396 if (fprintf(f, "-") < 0)
2397 return -1;
2398 for (i = 0; n != 0; i++) {
2399 l[i] = my_abs(n % 10);
2400 n /= 10;
2401 }
2402 do {
2403 if (fprintf(f, "%d", l[--i]) < 0)
2404 return -1;
2405 } while (i != 0);
2406 if (fprintf(f, " ") < 0)
2407 return -1;
2408 return 0;
2409}
2410
90f15776 2411int main(void) {
2412 FILE *f;
2413 long long i, llmin, llmax = 0;
2414
2415 if((f = fopen(DATA,"w")) == NULL)
2416 exit(1);
2417
2418#if defined(LLONG_MIN) && defined(LLONG_MAX)
2419 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2420 llmin = LLONG_MIN;
2421 llmax = LLONG_MAX;
2422#else
2423 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2424 /* This will work on one's complement and two's complement */
2425 for (i = 1; i > llmax; i <<= 1, i++)
2426 llmax = i;
2427 llmin = llmax + 1LL; /* wrap */
2428#endif
2429
2430 /* Sanity check */
2431 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2432 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2433 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2434 fprintf(f, "unknown unknown\n");
2435 exit(2);
2436 }
2437
055252ed 2438 if (fprint_ll(f, llmin) < 0)
90f15776 2439 exit(3);
055252ed 2440 if (fprint_ll(f, llmax) < 0)
2441 exit(4);
2442 if (fclose(f) < 0)
2443 exit(5);
90f15776 2444 exit(0);
2445}
2446 ]])],
2447 [
2448 llong_min=`$AWK '{print $1}' conftest.llminmax`
2449 llong_max=`$AWK '{print $2}' conftest.llminmax`
2450
90f15776 2451 AC_MSG_RESULT($llong_max)
2452 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2453 [max value of long long calculated by configure])
2454 AC_MSG_CHECKING([for min value of long long])
2455 AC_MSG_RESULT($llong_min)
2456 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2457 [min value of long long calculated by configure])
2458 ],
2459 [
2460 AC_MSG_RESULT(not found)
2461 ],
2462 [
2463 AC_MSG_WARN([cross compiling: not checking])
2464 ]
2465 )
2466fi
2467
2468
a0391976 2469# More checks for data types
14a9a859 2470AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2471 AC_TRY_COMPILE(
aff51935 2472 [ #include <sys/types.h> ],
2473 [ u_int a; a = 1;],
14a9a859 2474 [ ac_cv_have_u_int="yes" ],
2475 [ ac_cv_have_u_int="no" ]
2476 )
2477])
2478if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2479 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2480 have_u_int=1
2481fi
2482
58d100bf 2483AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2484 AC_TRY_COMPILE(
aff51935 2485 [ #include <sys/types.h> ],
2486 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2487 [ ac_cv_have_intxx_t="yes" ],
2488 [ ac_cv_have_intxx_t="no" ]
2489 )
2490])
2491if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2492 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2493 have_intxx_t=1
2494fi
41cb4569 2495
2496if (test -z "$have_intxx_t" && \
aff51935 2497 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2498then
2499 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2500 AC_TRY_COMPILE(
aff51935 2501 [ #include <stdint.h> ],
2502 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2503 [
2504 AC_DEFINE(HAVE_INTXX_T)
2505 AC_MSG_RESULT(yes)
2506 ],
2507 [ AC_MSG_RESULT(no) ]
2508 )
2509fi
2510
bd590612 2511AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2512 AC_TRY_COMPILE(
1cbbe6c8 2513 [
2514#include <sys/types.h>
2515#ifdef HAVE_STDINT_H
2516# include <stdint.h>
2517#endif
2518#include <sys/socket.h>
2519#ifdef HAVE_SYS_BITYPES_H
2520# include <sys/bitypes.h>
2521#endif
aff51935 2522 ],
2523 [ int64_t a; a = 1;],
bd590612 2524 [ ac_cv_have_int64_t="yes" ],
2525 [ ac_cv_have_int64_t="no" ]
2526 )
2527])
2528if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2529 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2530fi
2531
58d100bf 2532AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2533 AC_TRY_COMPILE(
aff51935 2534 [ #include <sys/types.h> ],
2535 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2536 [ ac_cv_have_u_intxx_t="yes" ],
2537 [ ac_cv_have_u_intxx_t="no" ]
2538 )
2539])
2540if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2541 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2542 have_u_intxx_t=1
2543fi
2b942fe0 2544
41cb4569 2545if test -z "$have_u_intxx_t" ; then
2546 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2547 AC_TRY_COMPILE(
aff51935 2548 [ #include <sys/socket.h> ],
2549 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2550 [
2551 AC_DEFINE(HAVE_U_INTXX_T)
2552 AC_MSG_RESULT(yes)
2553 ],
2554 [ AC_MSG_RESULT(no) ]
2555 )
2556fi
2557
bd590612 2558AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2559 AC_TRY_COMPILE(
aff51935 2560 [ #include <sys/types.h> ],
2561 [ u_int64_t a; a = 1;],
bd590612 2562 [ ac_cv_have_u_int64_t="yes" ],
2563 [ ac_cv_have_u_int64_t="no" ]
2564 )
2565])
2566if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2567 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2568 have_u_int64_t=1
2569fi
2570
ddceb1c8 2571if test -z "$have_u_int64_t" ; then
2572 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2573 AC_TRY_COMPILE(
aff51935 2574 [ #include <sys/bitypes.h> ],
ddceb1c8 2575 [ u_int64_t a; a = 1],
2576 [
2577 AC_DEFINE(HAVE_U_INT64_T)
2578 AC_MSG_RESULT(yes)
2579 ],
2580 [ AC_MSG_RESULT(no) ]
2581 )
2582fi
2583
41cb4569 2584if test -z "$have_u_intxx_t" ; then
2585 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2586 AC_TRY_COMPILE(
2587 [
2588#include <sys/types.h>
aff51935 2589 ],
2590 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2591 [ ac_cv_have_uintxx_t="yes" ],
2592 [ ac_cv_have_uintxx_t="no" ]
2593 )
2594 ])
2595 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2596 AC_DEFINE(HAVE_UINTXX_T, 1,
2597 [define if you have uintxx_t data type])
41cb4569 2598 fi
2599fi
2600
2601if test -z "$have_uintxx_t" ; then
2602 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2603 AC_TRY_COMPILE(
aff51935 2604 [ #include <stdint.h> ],
2605 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2606 [
2607 AC_DEFINE(HAVE_UINTXX_T)
2608 AC_MSG_RESULT(yes)
2609 ],
2610 [ AC_MSG_RESULT(no) ]
2611 )
2612fi
2613
e5fe9a1f 2614if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2615 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2616then
2617 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2618 AC_TRY_COMPILE(
58d100bf 2619 [
2620#include <sys/bitypes.h>
aff51935 2621 ],
5cdfe03f 2622 [
837c30b8 2623 int8_t a; int16_t b; int32_t c;
2624 u_int8_t e; u_int16_t f; u_int32_t g;
2625 a = b = c = e = f = g = 1;
aff51935 2626 ],
5cdfe03f 2627 [
2628 AC_DEFINE(HAVE_U_INTXX_T)
2629 AC_DEFINE(HAVE_INTXX_T)
2630 AC_MSG_RESULT(yes)
2631 ],
2632 [AC_MSG_RESULT(no)]
aff51935 2633 )
5cdfe03f 2634fi
2635
0362750e 2636
2637AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2638 AC_TRY_COMPILE(
2639 [
2640#include <sys/types.h>
2641 ],
2642 [ u_char foo; foo = 125; ],
2643 [ ac_cv_have_u_char="yes" ],
2644 [ ac_cv_have_u_char="no" ]
2645 )
2646])
2647if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2648 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2649fi
2650
98a7c37b 2651TYPE_SOCKLEN_T
2b942fe0 2652
2d16d9a3 2653AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2654AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2655#include <sys/types.h>
2656#ifdef HAVE_SYS_BITYPES_H
2657#include <sys/bitypes.h>
2658#endif
2659#ifdef HAVE_SYS_STATFS_H
2660#include <sys/statfs.h>
2661#endif
2662#ifdef HAVE_SYS_STATVFS_H
2663#include <sys/statvfs.h>
2664#endif
2665])
ddceb1c8 2666
777ece68 2667AC_CHECK_TYPES(in_addr_t,,,
2668[#include <sys/types.h>
2669#include <netinet/in.h>])
7b578f7d 2670
58d100bf 2671AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2672 AC_TRY_COMPILE(
2673 [
18ba2aab 2674#include <sys/types.h>
58d100bf 2675 ],
2676 [ size_t foo; foo = 1235; ],
2677 [ ac_cv_have_size_t="yes" ],
2678 [ ac_cv_have_size_t="no" ]
2679 )
2680])
2681if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2682 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2683fi
ea1970a3 2684
c04f75f1 2685AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2686 AC_TRY_COMPILE(
2687 [
2688#include <sys/types.h>
2689 ],
2690 [ ssize_t foo; foo = 1235; ],
2691 [ ac_cv_have_ssize_t="yes" ],
2692 [ ac_cv_have_ssize_t="no" ]
2693 )
2694])
2695if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2696 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2697fi
2698
f1c4659d 2699AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2700 AC_TRY_COMPILE(
2701 [
2702#include <time.h>
2703 ],
2704 [ clock_t foo; foo = 1235; ],
2705 [ ac_cv_have_clock_t="yes" ],
2706 [ ac_cv_have_clock_t="no" ]
2707 )
2708])
2709if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2710 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2711fi
2712
1c04b088 2713AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2714 AC_TRY_COMPILE(
2715 [
2716#include <sys/types.h>
2717#include <sys/socket.h>
2718 ],
2719 [ sa_family_t foo; foo = 1235; ],
2720 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2721 [ AC_TRY_COMPILE(
2722 [
2723#include <sys/types.h>
2724#include <sys/socket.h>
2725#include <netinet/in.h>
2726 ],
2727 [ sa_family_t foo; foo = 1235; ],
2728 [ ac_cv_have_sa_family_t="yes" ],
2729
1c04b088 2730 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2731 )]
1c04b088 2732 )
2733])
2734if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2735 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2736 [define if you have sa_family_t data type])
1c04b088 2737fi
2738
729bfe59 2739AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2740 AC_TRY_COMPILE(
2741 [
2742#include <sys/types.h>
2743 ],
2744 [ pid_t foo; foo = 1235; ],
2745 [ ac_cv_have_pid_t="yes" ],
2746 [ ac_cv_have_pid_t="no" ]
2747 )
2748])
2749if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2750 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2751fi
2752
2753AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2754 AC_TRY_COMPILE(
2755 [
2756#include <sys/types.h>
2757 ],
2758 [ mode_t foo; foo = 1235; ],
2759 [ ac_cv_have_mode_t="yes" ],
2760 [ ac_cv_have_mode_t="no" ]
2761 )
2762])
2763if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2764 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2765fi
2766
e3a93db0 2767
58d100bf 2768AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2769 AC_TRY_COMPILE(
2770 [
18ba2aab 2771#include <sys/types.h>
2772#include <sys/socket.h>
58d100bf 2773 ],
2774 [ struct sockaddr_storage s; ],
2775 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2776 [ ac_cv_have_struct_sockaddr_storage="no" ]
2777 )
2778])
2779if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2780 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2781 [define if you have struct sockaddr_storage data type])
58d100bf 2782fi
48e671d5 2783
58d100bf 2784AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2785 AC_TRY_COMPILE(
2786 [
cbd7492e 2787#include <sys/types.h>
58d100bf 2788#include <netinet/in.h>
2789 ],
2790 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2791 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2792 [ ac_cv_have_struct_sockaddr_in6="no" ]
2793 )
2794])
2795if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2796 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2797 [define if you have struct sockaddr_in6 data type])
58d100bf 2798fi
48e671d5 2799
58d100bf 2800AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2801 AC_TRY_COMPILE(
2802 [
cbd7492e 2803#include <sys/types.h>
58d100bf 2804#include <netinet/in.h>
2805 ],
2806 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2807 [ ac_cv_have_struct_in6_addr="yes" ],
2808 [ ac_cv_have_struct_in6_addr="no" ]
2809 )
2810])
2811if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2812 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2813 [define if you have struct in6_addr data type])
58d100bf 2814fi
48e671d5 2815
58d100bf 2816AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2817 AC_TRY_COMPILE(
2818 [
18ba2aab 2819#include <sys/types.h>
2820#include <sys/socket.h>
2821#include <netdb.h>
58d100bf 2822 ],
2823 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2824 [ ac_cv_have_struct_addrinfo="yes" ],
2825 [ ac_cv_have_struct_addrinfo="no" ]
2826 )
2827])
2828if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2829 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2830 [define if you have struct addrinfo data type])
58d100bf 2831fi
2832
89c7e31c 2833AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2834 AC_TRY_COMPILE(
aff51935 2835 [ #include <sys/time.h> ],
2836 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2837 [ ac_cv_have_struct_timeval="yes" ],
2838 [ ac_cv_have_struct_timeval="no" ]
2839 )
2840])
2841if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2842 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2843 have_struct_timeval=1
2844fi
2845
5271b55c 2846AC_CHECK_TYPES(struct timespec)
2847
85abc74b 2848# We need int64_t or else certian parts of the compile will fail.
4b492aab 2849if test "x$ac_cv_have_int64_t" = "xno" && \
2850 test "x$ac_cv_sizeof_long_int" != "x8" && \
2851 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2852 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2853 echo "an alternative compiler (I.E., GCC) before continuing."
2854 echo ""
2855 exit 1;
733cf7f4 2856else
2857dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2858 AC_RUN_IFELSE(
479cece8 2859 [AC_LANG_SOURCE([[
733cf7f4 2860#include <stdio.h>
2861#include <string.h>
2862#ifdef HAVE_SNPRINTF
2863main()
2864{
2865 char buf[50];
2866 char expected_out[50];
2867 int mazsize = 50 ;
2868#if (SIZEOF_LONG_INT == 8)
2869 long int num = 0x7fffffffffffffff;
2870#else
763a1a18 2871 long long num = 0x7fffffffffffffffll;
733cf7f4 2872#endif
2873 strcpy(expected_out, "9223372036854775807");
2874 snprintf(buf, mazsize, "%lld", num);
2875 if(strcmp(buf, expected_out) != 0)
aff51935 2876 exit(1);
733cf7f4 2877 exit(0);
2878}
2879#else
2880main() { exit(0); }
2881#endif
479cece8 2882 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2883 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2884 )
2c523de9 2885fi
2886
77bb0bca 2887dnl Checks for structure members
58d100bf 2888OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2889OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2890OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2891OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2892OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2893OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2894OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2895OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2896OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2897OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2898OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2899OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2900OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2901OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2902OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2903OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2904OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2905
2906AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2907AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2908 [Define if we don't have struct __res_state in resolv.h])],
2909[
2910#include <stdio.h>
2911#if HAVE_SYS_TYPES_H
2912# include <sys/types.h>
2913#endif
2914#include <netinet/in.h>
2915#include <arpa/nameser.h>
2916#include <resolv.h>
2917])
1d7b9b20 2918
58d100bf 2919AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2920 ac_cv_have_ss_family_in_struct_ss, [
2921 AC_TRY_COMPILE(
2922 [
18ba2aab 2923#include <sys/types.h>
2924#include <sys/socket.h>
58d100bf 2925 ],
2926 [ struct sockaddr_storage s; s.ss_family = 1; ],
2927 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2928 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2929 )
2930])
2931if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2932 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2933fi
2934
58d100bf 2935AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2936 ac_cv_have___ss_family_in_struct_ss, [
2937 AC_TRY_COMPILE(
2938 [
18ba2aab 2939#include <sys/types.h>
2940#include <sys/socket.h>
58d100bf 2941 ],
2942 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2943 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2944 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2945 )
2946])
2947if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2948 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2949 [Fields in struct sockaddr_storage])
58d100bf 2950fi
2951
2e73a022 2952AC_CACHE_CHECK([for pw_class field in struct passwd],
2953 ac_cv_have_pw_class_in_struct_passwd, [
2954 AC_TRY_COMPILE(
2955 [
2e73a022 2956#include <pwd.h>
2957 ],
97994d32 2958 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2959 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2960 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2961 )
2962])
2963if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2964 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2965 [Define if your password has a pw_class field])
2e73a022 2966fi
2967
7751d4eb 2968AC_CACHE_CHECK([for pw_expire field in struct passwd],
2969 ac_cv_have_pw_expire_in_struct_passwd, [
2970 AC_TRY_COMPILE(
2971 [
2972#include <pwd.h>
2973 ],
2974 [ struct passwd p; p.pw_expire = 0; ],
2975 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2976 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2977 )
2978])
2979if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2980 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2981 [Define if your password has a pw_expire field])
7751d4eb 2982fi
2983
2984AC_CACHE_CHECK([for pw_change field in struct passwd],
2985 ac_cv_have_pw_change_in_struct_passwd, [
2986 AC_TRY_COMPILE(
2987 [
2988#include <pwd.h>
2989 ],
2990 [ struct passwd p; p.pw_change = 0; ],
2991 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2992 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2993 )
2994])
2995if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2996 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2997 [Define if your password has a pw_change field])
7751d4eb 2998fi
58d100bf 2999
637f9177 3000dnl make sure we're using the real structure members and not defines
6f34652e 3001AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3002 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3003 AC_COMPILE_IFELSE(
6f34652e 3004 [
f95c8ce8 3005#include <sys/types.h>
6f34652e 3006#include <sys/socket.h>
3007#include <sys/uio.h>
637f9177 3008int main() {
3009#ifdef msg_accrights
1a01a50c 3010#error "msg_accrights is a macro"
637f9177 3011exit(1);
3012#endif
3013struct msghdr m;
3014m.msg_accrights = 0;
3015exit(0);
3016}
6f34652e 3017 ],
6f34652e 3018 [ ac_cv_have_accrights_in_msghdr="yes" ],
3019 [ ac_cv_have_accrights_in_msghdr="no" ]
3020 )
3021])
3022if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3023 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3024 [Define if your system uses access rights style
3025 file descriptor passing])
6f34652e 3026fi
3027
7a4f468b 3028AC_MSG_CHECKING(if f_fsid has val members)
3029AC_TRY_COMPILE([
3030#include <sys/types.h>
3031#include <sys/statvfs.h>],
3032[struct fsid_t t; t.val[0] = 0;],
3033 [ AC_MSG_RESULT(yes)
3034 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3035 [ AC_MSG_RESULT(no) ]
3036)
3037
7176df4f 3038AC_CACHE_CHECK([for msg_control field in struct msghdr],
3039 ac_cv_have_control_in_msghdr, [
1a01a50c 3040 AC_COMPILE_IFELSE(
7176df4f 3041 [
f95c8ce8 3042#include <sys/types.h>
7176df4f 3043#include <sys/socket.h>
3044#include <sys/uio.h>
637f9177 3045int main() {
3046#ifdef msg_control
1a01a50c 3047#error "msg_control is a macro"
637f9177 3048exit(1);
3049#endif
3050struct msghdr m;
3051m.msg_control = 0;
3052exit(0);
3053}
7176df4f 3054 ],
7176df4f 3055 [ ac_cv_have_control_in_msghdr="yes" ],
3056 [ ac_cv_have_control_in_msghdr="no" ]
3057 )
3058])
3059if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3060 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3061 [Define if your system uses ancillary data style
3062 file descriptor passing])
7176df4f 3063fi
3064
58d100bf 3065AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3066 AC_TRY_LINK([],
3067 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3068 [ ac_cv_libc_defines___progname="yes" ],
3069 [ ac_cv_libc_defines___progname="no" ]
3070 )
3071])
3072if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3073 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3074fi
8946db53 3075
c921ee00 3076AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3077 AC_TRY_LINK([
3078#include <stdio.h>
aff51935 3079],
3080 [ printf("%s", __FUNCTION__); ],
c921ee00 3081 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3082 [ ac_cv_cc_implements___FUNCTION__="no" ]
3083 )
3084])
3085if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3086 AC_DEFINE(HAVE___FUNCTION__, 1,
3087 [Define if compiler implements __FUNCTION__])
c921ee00 3088fi
3089
3090AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3091 AC_TRY_LINK([
3092#include <stdio.h>
aff51935 3093],
3094 [ printf("%s", __func__); ],
c921ee00 3095 [ ac_cv_cc_implements___func__="yes" ],
3096 [ ac_cv_cc_implements___func__="no" ]
3097 )
3098])
3099if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3100 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3101fi
3102
9a406e1e 3103AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3104 AC_TRY_LINK(
3105 [#include <stdarg.h>
3106 va_list x,y;],
3107 [va_copy(x,y);],
3108 [ ac_cv_have_va_copy="yes" ],
3109 [ ac_cv_have_va_copy="no" ]
3110 )
3111])
3112if test "x$ac_cv_have_va_copy" = "xyes" ; then
3113 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3114fi
3115
3116AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3117 AC_TRY_LINK(
3118 [#include <stdarg.h>
3119 va_list x,y;],
3120 [__va_copy(x,y);],
3121 [ ac_cv_have___va_copy="yes" ],
3122 [ ac_cv_have___va_copy="no" ]
3123 )
3124])
3125if test "x$ac_cv_have___va_copy" = "xyes" ; then
3126 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3127fi
3128
1812a662 3129AC_CACHE_CHECK([whether getopt has optreset support],
3130 ac_cv_have_getopt_optreset, [
3131 AC_TRY_LINK(
3132 [
3133#include <getopt.h>
3134 ],
3135 [ extern int optreset; optreset = 0; ],
3136 [ ac_cv_have_getopt_optreset="yes" ],
3137 [ ac_cv_have_getopt_optreset="no" ]
3138 )
3139])
3140if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3141 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3142 [Define if your getopt(3) defines and uses optreset])
1812a662 3143fi
a0391976 3144
819b676f 3145AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3146 AC_TRY_LINK([],
3147 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3148 [ ac_cv_libc_defines_sys_errlist="yes" ],
3149 [ ac_cv_libc_defines_sys_errlist="no" ]
3150 )
3151])
3152if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3153 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3154 [Define if your system defines sys_errlist[]])
819b676f 3155fi
3156
3157
416ed5a7 3158AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3159 AC_TRY_LINK([],
3160 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3161 [ ac_cv_libc_defines_sys_nerr="yes" ],
3162 [ ac_cv_libc_defines_sys_nerr="no" ]
3163 )
3164])
3165if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3166 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3167fi
3168
aff51935 3169SCARD_MSG="no"
295c8801 3170# Check whether user wants sectok support
3171AC_ARG_WITH(sectok,
3172 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3173 [
3174 if test "x$withval" != "xno" ; then
3175 if test "x$withval" != "xyes" ; then
3176 CPPFLAGS="$CPPFLAGS -I${withval}"
3177 LDFLAGS="$LDFLAGS -L${withval}"
3178 if test ! -z "$need_dash_r" ; then
3179 LDFLAGS="$LDFLAGS -R${withval}"
3180 fi
3181 if test ! -z "$blibpath" ; then
3182 blibpath="$blibpath:${withval}"
3183 fi
3184 fi
3185 AC_CHECK_HEADERS(sectok.h)
3186 if test "$ac_cv_header_sectok_h" != yes; then
3187 AC_MSG_ERROR(Can't find sectok.h)
3188 fi
3189 AC_CHECK_LIB(sectok, sectok_open)
3190 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3191 AC_MSG_ERROR(Can't find libsectok)
3192 fi
3466e002 3193 AC_DEFINE(SMARTCARD, 1,
3194 [Define if you want smartcard support])
3195 AC_DEFINE(USE_SECTOK, 1,
3196 [Define if you want smartcard support
3197 using sectok])
aff51935 3198 SCARD_MSG="yes, using sectok"
295c8801 3199 fi
3200 ]
3201)
3202
3203# Check whether user wants OpenSC support
987b458f 3204OPENSC_CONFIG="no"
295c8801 3205AC_ARG_WITH(opensc,
e47fb473 3206 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3207 [
3208 if test "x$withval" != "xno" ; then
3209 if test "x$withval" != "xyes" ; then
3210 OPENSC_CONFIG=$withval/bin/opensc-config
3211 else
3212 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3213 fi
3214 if test "$OPENSC_CONFIG" != "no"; then
3215 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3216 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3217 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3218 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3219 AC_DEFINE(SMARTCARD)
3466e002 3220 AC_DEFINE(USE_OPENSC, 1,
3221 [Define if you want smartcard support
3222 using OpenSC])
987b458f 3223 SCARD_MSG="yes, using OpenSC"
3224 fi
3225 fi
3226 ]
3227)
d0b19c95 3228
c31dc31c 3229# Check libraries needed by DNS fingerprint support
aff51935 3230AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3231 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3232 [Define if getrrsetbyname() exists])],
3e05e934 3233 [
c31dc31c 3234 # Needed by our getrrsetbyname()
3235 AC_SEARCH_LIBS(res_query, resolv)
3236 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3237 AC_MSG_CHECKING(if res_query will link)
3238 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3239 [AC_MSG_RESULT(no)
3240 saved_LIBS="$LIBS"
3241 LIBS="$LIBS -lresolv"
3242 AC_MSG_CHECKING(for res_query in -lresolv)
3243 AC_LINK_IFELSE([
3244#include <resolv.h>
3245int main()
3246{
3247 res_query (0, 0, 0, 0, 0);
3248 return 0;
3249}
3250 ],
3251 [LIBS="$LIBS -lresolv"
3252 AC_MSG_RESULT(yes)],
3253 [LIBS="$saved_LIBS"
3254 AC_MSG_RESULT(no)])
3255 ])
c31dc31c 3256 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3257 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3258 [#include <sys/types.h>
3259 #include <arpa/nameser.h>])
c31dc31c 3260 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3261 [AC_DEFINE(HAVE_HEADER_AD, 1,
3262 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3263 [#include <arpa/nameser.h>])
3264 ])
3e05e934 3265
560acf80 3266AC_MSG_CHECKING(if struct __res_state _res is an extern)
3267AC_LINK_IFELSE([
3268#include <stdio.h>
3269#if HAVE_SYS_TYPES_H
3270# include <sys/types.h>
3271#endif
3272#include <netinet/in.h>
3273#include <arpa/nameser.h>
3274#include <resolv.h>
3275extern struct __res_state _res;
3276int main() { return 0; }
3277 ],
3278 [AC_MSG_RESULT(yes)
3279 AC_DEFINE(HAVE__RES_EXTERN, 1,
3280 [Define if you have struct __res_state _res as an extern])
3281 ],
3282 [ AC_MSG_RESULT(no) ]
3283)
3284
ef4d1846 3285# Check whether user wants SELinux support
3286SELINUX_MSG="no"
3287LIBSELINUX=""
3288AC_ARG_WITH(selinux,
bb23b54f 3289 [ --with-selinux Enable SELinux support],
ef4d1846 3290 [ if test "x$withval" != "xno" ; then
e54defb4 3291 save_LIBS="$LIBS"
ef4d1846 3292 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3293 SELINUX_MSG="yes"
3294 AC_CHECK_HEADER([selinux/selinux.h], ,
3295 AC_MSG_ERROR(SELinux support requires selinux.h header))
3296 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3297 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3298 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3299 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3300 LIBS="$save_LIBS"
ef4d1846 3301 fi ]
3302)
ef4d1846 3303
12928e80 3304# Check whether user wants Kerberos 5 support
aff51935 3305KRB5_MSG="no"
12928e80 3306AC_ARG_WITH(kerberos5,
aff51935 3307 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3308 [ if test "x$withval" != "xno" ; then
3309 if test "x$withval" = "xyes" ; then
3310 KRB5ROOT="/usr/local"
3311 else
3312 KRB5ROOT=${withval}
3313 fi
3314
3466e002 3315 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3316 KRB5_MSG="yes"
3317
3318 AC_MSG_CHECKING(for krb5-config)
3319 if test -x $KRB5ROOT/bin/krb5-config ; then
3320 KRB5CONF=$KRB5ROOT/bin/krb5-config
3321 AC_MSG_RESULT($KRB5CONF)
3322
3323 AC_MSG_CHECKING(for gssapi support)
3324 if $KRB5CONF | grep gssapi >/dev/null ; then
3325 AC_MSG_RESULT(yes)
3466e002 3326 AC_DEFINE(GSSAPI, 1,
3327 [Define this if you want GSSAPI
3328 support in the version 2 protocol])
071970fb 3329 k5confopts=gssapi
aff51935 3330 else
5585c441 3331 AC_MSG_RESULT(no)
071970fb 3332 k5confopts=""
aff51935 3333 fi
071970fb 3334 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3335 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3336 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3337 AC_MSG_CHECKING(whether we are using Heimdal)
3338 AC_TRY_COMPILE([ #include <krb5.h> ],
3339 [ char *tmp = heimdal_version; ],
3340 [ AC_MSG_RESULT(yes)
3466e002 3341 AC_DEFINE(HEIMDAL, 1,
3342 [Define this if you are using the
3343 Heimdal version of Kerberos V5]) ],
5585c441 3344 AC_MSG_RESULT(no)
3345 )
3346 else
3347 AC_MSG_RESULT(no)
12928e80 3348 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3349 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3350 AC_MSG_CHECKING(whether we are using Heimdal)
3351 AC_TRY_COMPILE([ #include <krb5.h> ],
3352 [ char *tmp = heimdal_version; ],
3353 [ AC_MSG_RESULT(yes)
3354 AC_DEFINE(HEIMDAL)
41707f74 3355 K5LIBS="-lkrb5 -ldes"
3356 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3357 AC_CHECK_LIB(roken, net_write,
41707f74 3358 [K5LIBS="$K5LIBS -lroken"])
aff51935 3359 ],
3360 [ AC_MSG_RESULT(no)
3361 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3362 ]
3363 )
4e00038c 3364 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3365
749560dd 3366 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3367 [ AC_DEFINE(GSSAPI)
3368 K5LIBS="-lgssapi $K5LIBS" ],
3369 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3370 [ AC_DEFINE(GSSAPI)
aff51935 3371 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3372 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3373 $K5LIBS)
3374 ],
3375 $K5LIBS)
82f4e93d 3376
749560dd 3377 AC_CHECK_HEADER(gssapi.h, ,
3378 [ unset ac_cv_header_gssapi_h
aff51935 3379 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3380 AC_CHECK_HEADERS(gssapi.h, ,
3381 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3382 )
749560dd 3383 ]
3384 )
3385
3386 oldCPP="$CPPFLAGS"
3387 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3388 AC_CHECK_HEADER(gssapi_krb5.h, ,
3389 [ CPPFLAGS="$oldCPP" ])
3390
aff51935 3391 fi
5585c441 3392 if test ! -z "$need_dash_r" ; then
3393 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3394 fi
3395 if test ! -z "$blibpath" ; then
3396 blibpath="$blibpath:${KRB5ROOT}/lib"
3397 fi
071970fb 3398
f5555364 3399 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3400 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3401 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3402
f5555364 3403 LIBS="$LIBS $K5LIBS"
3466e002 3404 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3405 [Define this if you want to use libkafs' AFS support]))
f5555364 3406 fi
071970fb 3407 ]
12928e80 3408)
b5b68128 3409
a0391976 3410# Looking for programs, paths and files
a0391976 3411
ecac8ee5 3412PRIVSEP_PATH=/var/empty
3413AC_ARG_WITH(privsep-path,
cda1ebcb 3414 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3415 [
6cf0200f 3416 if test -n "$withval" && test "x$withval" != "xno" && \
3417 test "x${withval}" != "xyes"; then
ecac8ee5 3418 PRIVSEP_PATH=$withval
3419 fi
3420 ]
3421)
3422AC_SUBST(PRIVSEP_PATH)
3423
a0391976 3424AC_ARG_WITH(xauth,
3425 [ --with-xauth=PATH Specify path to xauth program ],
3426 [
6cf0200f 3427 if test -n "$withval" && test "x$withval" != "xno" && \
3428 test "x${withval}" != "xyes"; then
cbd7492e 3429 xauth_path=$withval
a0391976 3430 fi
3431 ],
3432 [
2bf42e4a 3433 TestPath="$PATH"
3434 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3435 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3436 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3437 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3438 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3439 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3440 xauth_path="/usr/openwin/bin/xauth"
3441 fi
3442 ]
3443)
3444
65a4b4af 3445STRIP_OPT=-s
3446AC_ARG_ENABLE(strip,
3447 [ --disable-strip Disable calling strip(1) on install],
3448 [
3449 if test "x$enableval" = "xno" ; then
3450 STRIP_OPT=
3451 fi
3452 ]
3453)
3454AC_SUBST(STRIP_OPT)
3455
b3ec54b4 3456if test -z "$xauth_path" ; then
3457 XAUTH_PATH="undefined"
3458 AC_SUBST(XAUTH_PATH)
3459else
3466e002 3460 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3461 [Define if xauth is found in your path])
b3ec54b4 3462 XAUTH_PATH=$xauth_path
3463 AC_SUBST(XAUTH_PATH)
a0391976 3464fi
a0391976 3465
3466# Check for mail directory (last resort if we cannot get it from headers)
3467if test ! -z "$MAIL" ; then
3468 maildir=`dirname $MAIL`
3466e002 3469 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3470 [Set this to your mail directory if you don't have maillock.h])
a0391976 3471fi
3472
479cece8 3473if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3474 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3475 disable_ptmx_check=yes
3476fi
a0391976 3477if test -z "$no_dev_ptmx" ; then
6e879cb4 3478 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3479 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3480 [
3466e002 3481 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3482 [Define if you have /dev/ptmx])
6e879cb4 3483 have_dev_ptmx=1
3484 ]
3485 )
3486 fi
3276571c 3487fi
1a01a50c 3488
479cece8 3489if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3490 AC_CHECK_FILE("/dev/ptc",
3491 [
3466e002 3492 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3493 [Define if you have /dev/ptc])
1a01a50c 3494 have_dev_ptc=1
3495 ]
3496 )
3497else
3498 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3499fi
3276571c 3500
a0391976 3501# Options from here on. Some of these are preset by platform above
fdf6b7aa 3502AC_ARG_WITH(mantype,
5d97cfbf 3503 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3504 [
5d97cfbf 3505 case "$withval" in
3506 man|cat|doc)
3507 MANTYPE=$withval
3508 ;;
3509 *)
3510 AC_MSG_ERROR(invalid man type: $withval)
3511 ;;
3512 esac
c54a6257 3513 ]
3514)
e0c4d3ac 3515if test -z "$MANTYPE"; then
2bf42e4a 3516 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3517 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3518 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3519 MANTYPE=doc
3520 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3521 MANTYPE=man
3522 else
3523 MANTYPE=cat
3524 fi
3525fi
c54a6257 3526AC_SUBST(MANTYPE)
e0c4d3ac 3527if test "$MANTYPE" = "doc"; then
3528 mansubdir=man;
3529else
3530 mansubdir=$MANTYPE;
3531fi
3532AC_SUBST(mansubdir)
0bc5b6fb 3533
a0391976 3534# Check whether to enable MD5 passwords
aff51935 3535MD5_MSG="no"
2ddcfdf3 3536AC_ARG_WITH(md5-passwords,
caf3bc51 3537 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3538 [
bcf36c78 3539 if test "x$withval" != "xno" ; then
3466e002 3540 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3541 [Define if you want to allow MD5 passwords])
aff51935 3542 MD5_MSG="yes"
0bc5b6fb 3543 fi
3544 ]
caf3bc51 3545)
3546
a0391976 3547# Whether to disable shadow password support
a7effaac 3548AC_ARG_WITH(shadow,
3549 [ --without-shadow Disable shadow password support],
3550 [
82f4e93d 3551 if test "x$withval" = "xno" ; then
a7effaac 3552 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3553 disable_shadow=yes
a7effaac 3554 fi
3555 ]
3556)
3557
4cb5ffa0 3558if test -z "$disable_shadow" ; then
3559 AC_MSG_CHECKING([if the systems has expire shadow information])
3560 AC_TRY_COMPILE(
3561 [
3562#include <sys/types.h>
3563#include <shadow.h>
3564 struct spwd sp;
3565 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3566 [ sp_expire_available=yes ], []
3567 )
3568
3569 if test "x$sp_expire_available" = "xyes" ; then
3570 AC_MSG_RESULT(yes)
3466e002 3571 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3572 [Define if you want to use shadow password expire field])
4cb5ffa0 3573 else
3574 AC_MSG_RESULT(no)
3575 fi
3576fi
3577
a0391976 3578# Use ip address instead of hostname in $DISPLAY
44839801 3579if test ! -z "$IPADDR_IN_DISPLAY" ; then
3580 DISPLAY_HACK_MSG="yes"
3466e002 3581 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3582 [Define if you need to use IP address
3583 instead of hostname in $DISPLAY])
44839801 3584else
aff51935 3585 DISPLAY_HACK_MSG="no"
44839801 3586 AC_ARG_WITH(ipaddr-display,
3587 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3588 [
82f4e93d 3589 if test "x$withval" != "xno" ; then
44839801 3590 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3591 DISPLAY_HACK_MSG="yes"
44839801 3592 fi
3593 ]
3594 )
3595fi
a7effaac 3596
95b99395 3597# check for /etc/default/login and use it if present.
daa41e62 3598AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3599 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3600 [ if test "x$enableval" = "xno"; then
3601 AC_MSG_NOTICE([/etc/default/login handling disabled])
3602 etc_default_login=no
3603 else
3604 etc_default_login=yes
3605 fi ],
b0e7249f 3606 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3607 then
3608 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3609 etc_default_login=no
3610 else
3611 etc_default_login=yes
3612 fi ]
694d0cef 3613)
95b99395 3614
694d0cef 3615if test "x$etc_default_login" != "xno"; then
3616 AC_CHECK_FILE("/etc/default/login",
3617 [ external_path_file=/etc/default/login ])
b0e7249f 3618 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3619 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3620 [Define if your system has /etc/default/login])
1a01a50c 3621 fi
694d0cef 3622fi
95b99395 3623
8d184c09 3624dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3625if test $ac_cv_func_login_getcapbool = "yes" && \
3626 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3627 external_path_file=/etc/login.conf
8d184c09 3628fi
95b99395 3629
a0391976 3630# Whether to mess with the default path
aff51935 3631SERVER_PATH_MSG="(default)"
c43d69a9 3632AC_ARG_WITH(default-path,
75817f90 3633 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3634 [
95b99395 3635 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3636 AC_MSG_WARN([
3637--with-default-path=PATH has no effect on this system.
3638Edit /etc/login.conf instead.])
82f4e93d 3639 elif test "x$withval" != "xno" ; then
89bbd457 3640 if test ! -z "$external_path_file" ; then
95b99395 3641 AC_MSG_WARN([
3642--with-default-path=PATH will only be used if PATH is not defined in
3643$external_path_file .])
3644 fi
b2d818e6 3645 user_path="$withval"
aff51935 3646 SERVER_PATH_MSG="$withval"
cb807f40 3647 fi
b2d818e6 3648 ],
95b99395 3649 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3650 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3651 else
89bbd457 3652 if test ! -z "$external_path_file" ; then
95b99395 3653 AC_MSG_WARN([
3654If PATH is defined in $external_path_file, ensure the path to scp is included,
3655otherwise scp will not work.])
3656 fi
b0e7249f 3657 AC_RUN_IFELSE(
3658 [AC_LANG_SOURCE([[
b2d818e6 3659/* find out what STDPATH is */
3660#include <stdio.h>
b2d818e6 3661#ifdef HAVE_PATHS_H
3662# include <paths.h>
3663#endif
3664#ifndef _PATH_STDPATH
d9a4e55b 3665# ifdef _PATH_USERPATH /* Irix */
3666# define _PATH_STDPATH _PATH_USERPATH
3667# else
3668# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3669# endif
b2d818e6 3670#endif
3671#include <sys/types.h>
3672#include <sys/stat.h>
3673#include <fcntl.h>
3674#define DATA "conftest.stdpath"
3675
3676main()
3677{
3678 FILE *fd;
3679 int rc;
82f4e93d 3680
b2d818e6 3681 fd = fopen(DATA,"w");
3682 if(fd == NULL)
3683 exit(1);
82f4e93d 3684
b2d818e6 3685 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3686 exit(1);
3687
3688 exit(0);
3689}
b0e7249f 3690 ]])],
3691 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3692 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3693 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3694 )
3695# make sure $bindir is in USER_PATH so scp will work
3696 t_bindir=`eval echo ${bindir}`
3697 case $t_bindir in
3698 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3699 esac
3700 case $t_bindir in
3701 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3702 esac
3703 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3704 if test $? -ne 0 ; then
3705 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3706 if test $? -ne 0 ; then
3707 user_path=$user_path:$t_bindir
3708 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3709 fi
3710 fi
8d184c09 3711 fi ]
cb807f40 3712)
95b99395 3713if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3714 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3715 AC_SUBST(user_path)
3716fi
cb807f40 3717
06617857 3718# Set superuser path separately to user path
06617857 3719AC_ARG_WITH(superuser-path,
3720 [ --with-superuser-path= Specify different path for super-user],
3721 [
6cf0200f 3722 if test -n "$withval" && test "x$withval" != "xno" && \
3723 test "x${withval}" != "xyes"; then
3466e002 3724 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3725 [Define if you want a different $PATH
3726 for the superuser])
06617857 3727 superuser_path=$withval
3728 fi
3729 ]
3730)
3731
3732
58d100bf 3733AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3734IPV4_IN6_HACK_MSG="no"
80faa19f 3735AC_ARG_WITH(4in6,
3736 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3737 [
3738 if test "x$withval" != "xno" ; then
3739 AC_MSG_RESULT(yes)
3466e002 3740 AC_DEFINE(IPV4_IN_IPV6, 1,
3741 [Detect IPv4 in IPv6 mapped addresses
3742 and treat as IPv4])
aff51935 3743 IPV4_IN6_HACK_MSG="yes"
80faa19f 3744 else
3745 AC_MSG_RESULT(no)
3746 fi
3747 ],[
3748 if test "x$inet6_default_4in6" = "xyes"; then
3749 AC_MSG_RESULT([yes (default)])
3750 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3751 IPV4_IN6_HACK_MSG="yes"
80faa19f 3752 else
3753 AC_MSG_RESULT([no (default)])
3754 fi
3755 ]
3756)
3757
af774732 3758# Whether to enable BSD auth support
f1b0ecc3 3759BSD_AUTH_MSG=no
af774732 3760AC_ARG_WITH(bsd-auth,
3761 [ --with-bsd-auth Enable BSD auth support],
3762 [
82f4e93d 3763 if test "x$withval" != "xno" ; then
3466e002 3764 AC_DEFINE(BSD_AUTH, 1,
3765 [Define if you have BSD auth support])
f1b0ecc3 3766 BSD_AUTH_MSG=yes
af774732 3767 fi
3768 ]
3769)
3770
a0391976 3771# Where to place sshd.pid
19d9ac2a 3772piddir=/var/run
81dadca3 3773# make sure the directory exists
82f4e93d 3774if test ! -d $piddir ; then
81dadca3 3775 piddir=`eval echo ${sysconfdir}`
3776 case $piddir in
aff51935 3777 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3778 esac
3779fi
3780
47e45e44 3781AC_ARG_WITH(pid-dir,
3782 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3783 [
6cf0200f 3784 if test -n "$withval" && test "x$withval" != "xno" && \
3785 test "x${withval}" != "xyes"; then
19d9ac2a 3786 piddir=$withval
82f4e93d 3787 if test ! -d $piddir ; then
81dadca3 3788 AC_MSG_WARN([** no $piddir directory on this system **])
3789 fi
47e45e44 3790 fi
3791 ]
3792)
b7a87eea 3793
3466e002 3794AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3795AC_SUBST(piddir)
47e45e44 3796
1d7b9b20 3797dnl allow user to disable some login recording features
3798AC_ARG_ENABLE(lastlog,
bfd550a2 3799 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3800 [
3801 if test "x$enableval" = "xno" ; then
3802 AC_DEFINE(DISABLE_LASTLOG)
3803 fi
3804 ]
1d7b9b20 3805)
3806AC_ARG_ENABLE(utmp,
bfd550a2 3807 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3808 [
3809 if test "x$enableval" = "xno" ; then
3810 AC_DEFINE(DISABLE_UTMP)
3811 fi
3812 ]
1d7b9b20 3813)
3814AC_ARG_ENABLE(utmpx,
bfd550a2 3815 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3816 [
3817 if test "x$enableval" = "xno" ; then
3466e002 3818 AC_DEFINE(DISABLE_UTMPX, 1,
3819 [Define if you don't want to use utmpx])
ddb154b3 3820 fi
3821 ]
1d7b9b20 3822)
3823AC_ARG_ENABLE(wtmp,
bfd550a2 3824 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3825 [
3826 if test "x$enableval" = "xno" ; then
3827 AC_DEFINE(DISABLE_WTMP)
3828 fi
3829 ]
1d7b9b20 3830)
3831AC_ARG_ENABLE(wtmpx,
bfd550a2 3832 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3833 [
3834 if test "x$enableval" = "xno" ; then
3466e002 3835 AC_DEFINE(DISABLE_WTMPX, 1,
3836 [Define if you don't want to use wtmpx])
ddb154b3 3837 fi
3838 ]
1d7b9b20 3839)
3840AC_ARG_ENABLE(libutil,
bfd550a2 3841 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3842 [
3843 if test "x$enableval" = "xno" ; then
3844 AC_DEFINE(DISABLE_LOGIN)
3845 fi
3846 ]
1d7b9b20 3847)
3848AC_ARG_ENABLE(pututline,
bfd550a2 3849 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3850 [
3851 if test "x$enableval" = "xno" ; then
3466e002 3852 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3853 [Define if you don't want to use pututline()
3854 etc. to write [uw]tmp])
ddb154b3 3855 fi
3856 ]
1d7b9b20 3857)
3858AC_ARG_ENABLE(pututxline,
bfd550a2 3859 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3860 [
3861 if test "x$enableval" = "xno" ; then
3466e002 3862 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3863 [Define if you don't want to use pututxline()
3864 etc. to write [uw]tmpx])
ddb154b3 3865 fi
3866 ]
1d7b9b20 3867)
3868AC_ARG_WITH(lastlog,
bfd550a2 3869 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3870 [
82f4e93d 3871 if test "x$withval" = "xno" ; then
8c89dd2b 3872 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3873 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3874 conf_lastlog_location=$withval
3875 fi
3876 ]
3877)
1d7b9b20 3878
3879dnl lastlog, [uw]tmpx? detection
3880dnl NOTE: set the paths in the platform section to avoid the
3881dnl need for command-line parameters
3882dnl lastlog and [uw]tmp are subject to a file search if all else fails
3883
3884dnl lastlog detection
3885dnl NOTE: the code itself will detect if lastlog is a directory
3886AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3887AC_TRY_COMPILE([
3888#include <sys/types.h>
3889#include <utmp.h>
3890#ifdef HAVE_LASTLOG_H
3891# include <lastlog.h>
3892#endif
d7c0f3d5 3893#ifdef HAVE_PATHS_H
1d7b9b20 3894# include <paths.h>
41cb4569 3895#endif
3896#ifdef HAVE_LOGIN_H
3897# include <login.h>
1d7b9b20 3898#endif
3899 ],
3900 [ char *lastlog = LASTLOG_FILE; ],
3901 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3902 [
3903 AC_MSG_RESULT(no)
3904 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3905 AC_TRY_COMPILE([
3906#include <sys/types.h>
3907#include <utmp.h>
3908#ifdef HAVE_LASTLOG_H
3909# include <lastlog.h>
3910#endif
3911#ifdef HAVE_PATHS_H
3912# include <paths.h>
3913#endif
3914 ],
3915 [ char *lastlog = _PATH_LASTLOG; ],
3916 [ AC_MSG_RESULT(yes) ],
3917 [
f282b668 3918 AC_MSG_RESULT(no)
d7c0f3d5 3919 system_lastlog_path=no
3920 ])
3921 ]
1d7b9b20 3922)
d7c0f3d5 3923
1d7b9b20 3924if test -z "$conf_lastlog_location"; then
3925 if test x"$system_lastlog_path" = x"no" ; then
3926 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3927 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3928 conf_lastlog_location=$f
3929 fi
3930 done
3931 if test -z "$conf_lastlog_location"; then
f8119cef 3932 AC_MSG_WARN([** Cannot find lastlog **])
3933 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3934 fi
3935 fi
3936fi
3937
3938if test -n "$conf_lastlog_location"; then
3466e002 3939 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3940 [Define if you want to specify the path to your lastlog file])
82f4e93d 3941fi
1d7b9b20 3942
3943dnl utmp detection
3944AC_MSG_CHECKING([if your system defines UTMP_FILE])
3945AC_TRY_COMPILE([
3946#include <sys/types.h>
3947#include <utmp.h>
d7c0f3d5 3948#ifdef HAVE_PATHS_H
1d7b9b20 3949# include <paths.h>
3950#endif
3951 ],
3952 [ char *utmp = UTMP_FILE; ],
3953 [ AC_MSG_RESULT(yes) ],
3954 [ AC_MSG_RESULT(no)
3955 system_utmp_path=no ]
3956)
3957if test -z "$conf_utmp_location"; then
3958 if test x"$system_utmp_path" = x"no" ; then
3959 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3960 if test -f $f ; then
3961 conf_utmp_location=$f
3962 fi
3963 done
3964 if test -z "$conf_utmp_location"; then
3965 AC_DEFINE(DISABLE_UTMP)
3966 fi
3967 fi
3968fi
3969if test -n "$conf_utmp_location"; then
3466e002 3970 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3971 [Define if you want to specify the path to your utmp file])
82f4e93d 3972fi
1d7b9b20 3973
3974dnl wtmp detection
3975AC_MSG_CHECKING([if your system defines WTMP_FILE])
3976AC_TRY_COMPILE([
3977#include <sys/types.h>
3978#include <utmp.h>
d7c0f3d5 3979#ifdef HAVE_PATHS_H
1d7b9b20 3980# include <paths.h>
3981#endif
3982 ],
3983 [ char *wtmp = WTMP_FILE; ],
3984 [ AC_MSG_RESULT(yes) ],
3985 [ AC_MSG_RESULT(no)
3986 system_wtmp_path=no ]
3987)
3988if test -z "$conf_wtmp_location"; then
3989 if test x"$system_wtmp_path" = x"no" ; then
3990 for f in /usr/adm/wtmp /var/log/wtmp; do
3991 if test -f $f ; then
3992 conf_wtmp_location=$f
3993 fi
3994 done
3995 if test -z "$conf_wtmp_location"; then
3996 AC_DEFINE(DISABLE_WTMP)
3997 fi
3998 fi
3999fi
4000if test -n "$conf_wtmp_location"; then
3466e002 4001 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4002 [Define if you want to specify the path to your wtmp file])
82f4e93d 4003fi
1d7b9b20 4004
4005
4006dnl utmpx detection - I don't know any system so perverse as to require
4007dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4008dnl there, though.
4009AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4010AC_TRY_COMPILE([
4011#include <sys/types.h>
4012#include <utmp.h>
4013#ifdef HAVE_UTMPX_H
4014#include <utmpx.h>
4015#endif
d7c0f3d5 4016#ifdef HAVE_PATHS_H
1d7b9b20 4017# include <paths.h>
4018#endif
4019 ],
4020 [ char *utmpx = UTMPX_FILE; ],
4021 [ AC_MSG_RESULT(yes) ],
4022 [ AC_MSG_RESULT(no)
4023 system_utmpx_path=no ]
4024)
4025if test -z "$conf_utmpx_location"; then
4026 if test x"$system_utmpx_path" = x"no" ; then
4027 AC_DEFINE(DISABLE_UTMPX)
4028 fi
4029else
3466e002 4030 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4031 [Define if you want to specify the path to your utmpx file])
82f4e93d 4032fi
1d7b9b20 4033
4034dnl wtmpx detection
4035AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4036AC_TRY_COMPILE([
4037#include <sys/types.h>
4038#include <utmp.h>
4039#ifdef HAVE_UTMPX_H
4040#include <utmpx.h>
4041#endif
d7c0f3d5 4042#ifdef HAVE_PATHS_H
1d7b9b20 4043# include <paths.h>
4044#endif
4045 ],
4046 [ char *wtmpx = WTMPX_FILE; ],
4047 [ AC_MSG_RESULT(yes) ],
4048 [ AC_MSG_RESULT(no)
4049 system_wtmpx_path=no ]
4050)
4051if test -z "$conf_wtmpx_location"; then
4052 if test x"$system_wtmpx_path" = x"no" ; then
4053 AC_DEFINE(DISABLE_WTMPX)
4054 fi
4055else
3466e002 4056 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4057 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4058fi
1d7b9b20 4059
b7a87eea 4060
bd499f9e 4061if test ! -z "$blibpath" ; then
68ece370 4062 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4063 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4064fi
4065
ed89c848 4066dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4067dnl Add now.
4068CFLAGS="$CFLAGS $werror_flags"
4069
edee47f5 4070if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4071 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4072 AC_SUBST(TEST_SSH_IPV6, no)
4073else
4074 AC_SUBST(TEST_SSH_IPV6, yes)
4075fi
4076
3c62e7eb 4077AC_EXEEXT
29eadd7c 4078AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4079 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4080 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4081AC_OUTPUT
d3083fbd 4082
cbd7492e 4083# Print summary of options
4084
cbd7492e 4085# Someone please show me a better way :)
4086A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4087B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4088C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4089D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4090E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4091F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4092G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4093H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4094I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4095J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4096
4097echo ""
26de7942 4098echo "OpenSSH has been configured with the following options:"
ecac8ee5 4099echo " User binaries: $B"
4100echo " System binaries: $C"
4101echo " Configuration files: $D"
4102echo " Askpass program: $E"
4103echo " Manual pages: $F"
4104echo " PID file: $G"
4105echo " Privilege separation chroot path: $H"
95b99395 4106if test "x$external_path_file" = "x/etc/login.conf" ; then
4107echo " At runtime, sshd will use the path defined in $external_path_file"
4108echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4109else
ecac8ee5 4110echo " sshd default user PATH: $I"
89bbd457 4111 if test ! -z "$external_path_file"; then
95b99395 4112echo " (If PATH is set in $external_path_file it will be used instead. If"
4113echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4114 fi
8d184c09 4115fi
06617857 4116if test ! -z "$superuser_path" ; then
ecac8ee5 4117echo " sshd superuser user PATH: $J"
4118fi
4119echo " Manpage format: $MANTYPE"
3e05e934 4120echo " PAM support: $PAM_MSG"
5b84789f 4121echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4122echo " KerberosV support: $KRB5_MSG"
ef4d1846 4123echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4124echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4125echo " S/KEY support: $SKEY_MSG"
4126echo " TCP Wrappers support: $TCPW_MSG"
4127echo " MD5 password support: $MD5_MSG"
59031773 4128echo " libedit support: $LIBEDIT_MSG"
5b84789f 4129echo " Solaris process contract support: $SPC_MSG"
3deb1408 4130echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4131echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4132echo " BSD Auth support: $BSD_AUTH_MSG"
4133echo " Random number source: $RAND_MSG"
f1b0ecc3 4134if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4135echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4136fi
4137
cbd7492e 4138echo ""
4139
0c2fb82f 4140echo " Host: ${host}"
4141echo " Compiler: ${CC}"
4142echo " Compiler flags: ${CFLAGS}"
4143echo "Preprocessor flags: ${CPPFLAGS}"
4144echo " Linker flags: ${LDFLAGS}"
e54defb4 4145echo " Libraries: ${LIBS}"
4146if test ! -z "${SSHDLIBS}"; then
4147echo " +for sshd: ${SSHDLIBS}"
4148fi
cbd7492e 4149
4150echo ""
4151
9cefe228 4152if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4153 echo "SVR4 style packages are supported with \"make package\""
4154 echo ""
9cefe228 4155fi
4156
adeebd37 4157if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4158 echo "PAM is enabled. You may need to install a PAM control file "
4159 echo "for sshd, otherwise password authentication may fail. "
aff51935 4160 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4161 echo "subdirectory"
adeebd37 4162 echo ""
4163fi
4164
f1b0ecc3 4165if test ! -z "$RAND_HELPER_CMDHASH" ; then
4166 echo "WARNING: you are using the builtin random number collection "
4167 echo "service. Please read WARNING.RNG and request that your OS "
4168 echo "vendor includes kernel-based random number collection in "
4169 echo "future versions of your OS."
2c523de9 4170 echo ""
4171fi
af774732 4172
2f6f9cff 4173if test ! -z "$NO_PEERCHECK" ; then
1961d660 4174 echo "WARNING: the operating system that you are using does not"
4175 echo "appear to support getpeereid(), getpeerucred() or the"
4176 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4177 echo "enforce security checks to prevent unauthorised connections to"
4178 echo "ssh-agent. Their absence increases the risk that a malicious"
4179 echo "user can connect to your agent."
2f6f9cff 4180 echo ""
4181fi
4182
7b578f7d 4183if test "$AUDIT_MODULE" = "bsm" ; then
4184 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4185 echo "See the Solaris section in README.platform for details."
4186fi
git-cvsimport mirror of OpenSSH
This page took 1.294375 seconds and 5 git commands to generate.