]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [configure.ac] Relocate --with-pam parts in preparation for
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
a0391976 130# Check for some target-specific stuff
a7effaac 131case "$host" in
9d6b1b96 132*-*-aix*)
aff51935 133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 134 if (test -z "$blibpath"); then
0a15d73b 135 blibpath="/usr/lib:/lib"
68ece370 136 fi
137 saved_LDFLAGS="$LDFLAGS"
e7479666 138 if test "$GCC" = "yes"; then
139 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
140 else
141 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
142 fi
143 for tryflags in $flags ;do
68ece370 144 if (test -z "$blibflags"); then
145 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
146 AC_TRY_LINK([], [], [blibflags=$tryflags])
147 fi
148 done
149 if (test -z "$blibflags"); then
150 AC_MSG_RESULT(not found)
151 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
152 else
153 AC_MSG_RESULT($blibflags)
bd499f9e 154 fi
68ece370 155 LDFLAGS="$saved_LDFLAGS"
e351e493 156 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 157 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
158 [Define if you want to enable AIX4's authenticate function])],
0764e748 159 [AC_CHECK_LIB(s,authenticate,
e351e493 160 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 161 LIBS="$LIBS -ls"
162 ])
163 ])
ba603e06 164 dnl Check for various auth function declarations in headers.
c85ed8e2 165 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 166 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 167 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 168 AC_CHECK_DECLS(loginfailed,
e351e493 169 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
170 AC_TRY_COMPILE(
f58c0e01 171 [#include <usersec.h>],
e351e493 172 [(void)loginfailed("user","host","tty",0);],
173 [AC_MSG_RESULT(yes)
3466e002 174 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
175 [Define if your AIX loginfailed() function
176 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 177 [AC_MSG_RESULT(no)]
e351e493 178 )],
179 [],
180 [#include <usersec.h>]
181 )
2aa3a16c 182 AC_CHECK_FUNCS(setauthdb)
53c337ed 183 AC_CHECK_DECL(F_CLOSEM,
795e7517 184 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 185 [],
186 [ #include <limits.h>
187 #include <fcntl.h> ]
188 )
5ccf88cb 189 check_for_aix_broken_getaddrinfo=1
3466e002 190 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
191 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
192 [Define if your platform breaks doing a seteuid before a setuid])
193 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
194 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 195 dnl AIX handles lastlog as part of its login message
3466e002 196 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
197 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
198 [Some systems need a utmpx entry for /bin/login to work])
199 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
200 [Define to a Set Process Title type if your system is
201 supported by bsd-setproctitle.c])
961c2997 202 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
203 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 204 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 205 ;;
3c62e7eb 206*-*-cygwin*)
a52997bd 207 check_for_libcrypt_later=1
ffb8d130 208 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 209 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
210 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
211 AC_DEFINE(DISABLE_SHADOW, 1,
212 [Define if you want to disable shadow passwords])
213 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
214 [Define if your system choked on IP TOS setting])
215 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
216 [Define if X11 doesn't support AF_UNIX sockets on that system])
217 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
218 [Define if the concept of ports only accessible to
219 superusers isn't known])
220 AC_DEFINE(DISABLE_FD_PASSING, 1,
221 [Define if your platform needs to skip post auth
222 file descriptor passing])
3c62e7eb 223 ;;
d6fdb079 224*-*-dgux*)
225 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 226 AC_DEFINE(SETEUID_BREAKS_SETUID)
227 AC_DEFINE(BROKEN_SETREUID)
228 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 229 ;;
39c98ef7 230*-*-darwin*)
33e2e066 231 AC_MSG_CHECKING(if we have working getaddrinfo)
232 AC_TRY_RUN([#include <mach-o/dyld.h>
233main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
234 exit(0);
235 else
236 exit(1);
237}], [AC_MSG_RESULT(working)],
238 [AC_MSG_RESULT(buggy)
3466e002 239 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 240 [AC_MSG_RESULT(assume it is working)])
635e0c42 241 AC_DEFINE(SETEUID_BREAKS_SETUID)
242 AC_DEFINE(BROKEN_SETREUID)
243 AC_DEFINE(BROKEN_SETREGID)
3466e002 244 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
245 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 246 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
247 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
248 [Use tunnel device compatibility to OpenBSD])
249 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
250 [Prepend the address family to IP tunnel traffic])
39c98ef7 251 ;;
7d458c86 252*-*-hpux*)
253 # first we define all of the options common to all HP-UX releases
b8fea62d 254 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 255 IPADDR_IN_DISPLAY=yes
2b10f47a 256 AC_DEFINE(USE_PIPES)
3466e002 257 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
258 [Define if your login program cannot handle end of options ("--")])
a2572aa7 259 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 260 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
261 [String used in /etc/passwd to denote locked account])
3a2b2b44 262 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 263 MAIL="/var/mail/username"
f75ca46d 264 LIBS="$LIBS -lsec"
7d458c86 265 AC_CHECK_LIB(xnet, t_error, ,
266 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
267
268 # next, we define all of the options specific to major releases
269 case "$host" in
270 *-*-hpux10*)
271 if test -z "$GCC"; then
272 CFLAGS="$CFLAGS -Ae"
273 fi
274 ;;
275 *-*-hpux11*)
3466e002 276 AC_DEFINE(PAM_SUN_CODEBASE, 1,
277 [Define if you are using Solaris-derived PAM which
278 passes pam_messages to the conversation function
279 with an extra level of indirection])
280 AC_DEFINE(DISABLE_UTMP, 1,
281 [Define if you don't want to use utmp])
7d458c86 282 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
283 check_for_hpux_broken_getaddrinfo=1
284 check_for_conflicting_getspnam=1
285 ;;
286 esac
287
288 # lastly, we define options specific to minor releases
289 case "$host" in
290 *-*-hpux10.26)
3466e002 291 AC_DEFINE(HAVE_SECUREWARE, 1,
292 [Define if you have SecureWare-based
293 protected password database])
7d458c86 294 disable_ptmx_check=yes
295 LIBS="$LIBS -lsecpw"
296 ;;
297 esac
2b763e31 298 ;;
d94aa2ae 299*-*-irix5*)
6ac7829a 300 PATH="$PATH:/usr/etc"
3466e002 301 AC_DEFINE(BROKEN_INET_NTOA, 1,
302 [Define if you system's inet_ntoa is busted
303 (e.g. Irix gcc issue)])
cb433561 304 AC_DEFINE(SETEUID_BREAKS_SETUID)
305 AC_DEFINE(BROKEN_SETREUID)
306 AC_DEFINE(BROKEN_SETREGID)
3466e002 307 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
308 [Define if you shouldn't strip 'tty' from your
309 ttyname in [uw]tmp])
3e6e3da0 310 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 311 ;;
312*-*-irix6*)
6ac7829a 313 PATH="$PATH:/usr/etc"
3466e002 314 AC_DEFINE(WITH_IRIX_ARRAY, 1,
315 [Define if you have/want arrays
316 (cluster-wide session managment, not C arrays)])
317 AC_DEFINE(WITH_IRIX_PROJECT, 1,
318 [Define if you want IRIX project management])
319 AC_DEFINE(WITH_IRIX_AUDIT, 1,
320 [Define if you want IRIX audit trails])
321 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
322 [Define if you want IRIX kernel jobs])])
416ed5a7 323 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 324 AC_DEFINE(SETEUID_BREAKS_SETUID)
325 AC_DEFINE(BROKEN_SETREUID)
326 AC_DEFINE(BROKEN_SETREGID)
3466e002 327 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 328 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 329 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 330 ;;
5cdfe03f 331*-*-linux*)
332 no_dev_ptmx=1
717057b6 333 check_for_libcrypt_later=1
eacb954e 334 check_for_openpty_ctty_bug=1
3466e002 335 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
336 AC_DEFINE(PAM_TTY_KLUDGE, 1,
337 [Work around problematic Linux PAM modules handling of PAM_TTY])
338 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
339 [String used in /etc/passwd to denote locked account])
3a2b2b44 340 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 341 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
342 [Define to whatever link() returns for "not supported"
343 if it doesn't return EOPNOTSUPP.])
b6610e8f 344 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 345 AC_DEFINE(USE_BTMP)
80faa19f 346 inet6_default_4in6=yes
bf7c1e6c 347 case `uname -r` in
ad84c479 348 1.*|2.0.*)
3466e002 349 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
350 [Define if cmsg_type is not passed correctly])
bf7c1e6c 351 ;;
bf7c1e6c 352 esac
c40f09ca 353 # tun(4) forwarding compat code
d91775e1 354 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 355 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 356 AC_DEFINE(SSH_TUN_LINUX, 1,
357 [Open tunnel devices the Linux tun/tap way])
358 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
359 [Use tunnel device compatibility to OpenBSD])
360 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
361 [Prepend the address family to IP tunnel traffic])
362 fi
5cdfe03f 363 ;;
66d6c27e 364mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 365 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 366 SONY=1
66d6c27e 367 ;;
d468fc76 368*-*-netbsd*)
33e2e066 369 check_for_libcrypt_before=1
82f4e93d 370 if test "x$withval" != "xno" ; then
e6354014 371 need_dash_r=1
372 fi
0f6cb079 373 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
374 AC_CHECK_HEADER([net/if_tap.h], ,
375 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
376 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
377 [Prepend the address family to IP tunnel traffic])
d468fc76 378 ;;
86b416a7 379*-*-freebsd*)
380 check_for_libcrypt_later=1
988c5031 381 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 382 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
383 AC_CHECK_HEADER([net/if_tap.h], ,
384 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 385 ;;
8707b7eb 386*-*-bsdi*)
387 AC_DEFINE(SETEUID_BREAKS_SETUID)
388 AC_DEFINE(BROKEN_SETREUID)
389 AC_DEFINE(BROKEN_SETREGID)
390 ;;
729bfe59 391*-next-*)
729bfe59 392 conf_lastlog_location="/usr/adm/lastlog"
698d107e 393 conf_utmp_location=/etc/utmp
394 conf_wtmp_location=/usr/adm/wtmp
395 MAIL=/usr/spool/mail
3466e002 396 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 397 AC_DEFINE(BROKEN_REALPATH)
00937921 398 AC_DEFINE(USE_PIPES)
3466e002 399 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 400 ;;
5b7b5e23 401*-*-openbsd*)
402 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 403 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 404 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 405 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
406 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 407 ;;
9d6b1b96 408*-*-solaris*)
82f4e93d 409 if test "x$withval" != "xno" ; then
010e9d5b 410 need_dash_r=1
411 fi
adeebd37 412 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 413 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 414 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
415 [Some versions of /bin/login need the TERM supplied
416 on the commandline])
7f0a4ff1 417 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 418 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
419 [Define if pam_chauthtok wants real uid set
420 to the unpriv'ed user])
3e6e3da0 421 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 422 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 423 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
424 [Define if sshd somehow reacquires a controlling TTY
425 after setsid()])
795aa5f5 426 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
427 in case the name is longer than 8 chars])
95b99395 428 external_path_file=/etc/default/login
1d7b9b20 429 # hardwire lastlog location (can't detect it on some versions)
430 conf_lastlog_location="/var/adm/lastlog"
32c80420 431 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
432 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
433 if test "$sol2ver" -ge 8; then
434 AC_MSG_RESULT(yes)
435 AC_DEFINE(DISABLE_UTMP)
3466e002 436 AC_DEFINE(DISABLE_WTMP, 1,
437 [Define if you don't want to use wtmp])
32c80420 438 else
439 AC_MSG_RESULT(no)
440 fi
9d6b1b96 441 ;;
a423beaf 442*-*-sunos4*)
0c2fb82f 443 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 444 AC_CHECK_FUNCS(getpwanam)
adeebd37 445 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 446 conf_utmp_location=/etc/utmp
447 conf_wtmp_location=/var/adm/wtmp
448 conf_lastlog_location=/var/adm/lastlog
137d7b6c 449 AC_DEFINE(USE_PIPES)
a423beaf 450 ;;
6f68f28a 451*-ncr-sysv*)
98a7c37b 452 LIBS="$LIBS -lc89"
29525240 453 AC_DEFINE(USE_PIPES)
eabb99c6 454 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 455 AC_DEFINE(SETEUID_BREAKS_SETUID)
456 AC_DEFINE(BROKEN_SETREUID)
457 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 458 ;;
132dd316 459*-sni-sysv*)
c8c15bcb 460 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 461 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 462 # -lresolv needs to be at the end of LIBS or DNS lookups break
463 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 464 IPADDR_IN_DISPLAY=yes
465 AC_DEFINE(USE_PIPES)
132dd316 466 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 467 AC_DEFINE(SETEUID_BREAKS_SETUID)
468 AC_DEFINE(BROKEN_SETREUID)
469 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 470 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 471 external_path_file=/etc/default/login
c8c15bcb 472 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
473 # Attention: always take care to bind libsocket and libnsl before libc,
474 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 475 ;;
79a7ba96 476# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 477*-*-sysv4.2*)
9a406e1e 478 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
ed6553e2 479 AC_DEFINE(USE_PIPES)
7ed101c0 480 AC_DEFINE(SETEUID_BREAKS_SETUID)
481 AC_DEFINE(BROKEN_SETREUID)
482 AC_DEFINE(BROKEN_SETREGID)
46f853b9 483 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 484 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 485 ;;
79a7ba96 486# UnixWare 7.x, OpenUNIX 8
77bb0bca 487*-*-sysv5*)
d7d2cc6e 488 check_for_libcrypt_later=1
489 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 490 AC_DEFINE(USE_PIPES)
7ed101c0 491 AC_DEFINE(SETEUID_BREAKS_SETUID)
492 AC_DEFINE(BROKEN_SETREUID)
493 AC_DEFINE(BROKEN_SETREGID)
3466e002 494 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 495 case "$host" in
496 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
497 TEST_SHELL=/u95/bin/sh
3466e002 498 AC_DEFINE(BROKEN_LIBIAF, 1,
499 [ia_uinfo routines not supported by OS yet])
822015dd 500 ;;
e45da4d6 501 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
502 ;;
822015dd 503 esac
77bb0bca 504 ;;
9d6b1b96 505*-*-sysv*)
9d6b1b96 506 ;;
79a7ba96 507# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 508*-*-sco3.2v4*)
11cf4f1f 509 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 510 ;;
79a7ba96 511# SCO OpenServer 5.x
77bb0bca 512*-*-sco3.2v5*)
21710e39 513 if test -z "$GCC"; then
514 CFLAGS="$CFLAGS -belf"
515 fi
ed6553e2 516 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 517 no_dev_ptmx=1
ed6553e2 518 AC_DEFINE(USE_PIPES)
6e879cb4 519 AC_DEFINE(HAVE_SECUREWARE)
d287c664 520 AC_DEFINE(DISABLE_SHADOW)
94d8258b 521 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 522 AC_DEFINE(SETEUID_BREAKS_SETUID)
523 AC_DEFINE(BROKEN_SETREUID)
524 AC_DEFINE(BROKEN_SETREGID)
bcebad47 525 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 526 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 527 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 528 AC_CHECK_FUNCS(getluid setluid)
533875af 529 MANTYPE=man
a3245b92 530 TEST_SHELL=ksh
509b1f88 531 ;;
ccbb983c 532*-*-unicosmk*)
3466e002 533 AC_DEFINE(NO_SSH_LASTLOG, 1,
534 [Define if you don't want to use lastlog in session.c])
c1ad5966 535 AC_DEFINE(SETEUID_BREAKS_SETUID)
536 AC_DEFINE(BROKEN_SETREUID)
537 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 538 AC_DEFINE(USE_PIPES)
539 AC_DEFINE(DISABLE_FD_PASSING)
540 LDFLAGS="$LDFLAGS"
541 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
542 MANTYPE=cat
d262b7f2 543 ;;
7b9a8c6e 544*-*-unicosmp*)
c1ad5966 545 AC_DEFINE(SETEUID_BREAKS_SETUID)
546 AC_DEFINE(BROKEN_SETREUID)
547 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 548 AC_DEFINE(WITH_ABBREV_NO_TTY)
549 AC_DEFINE(USE_PIPES)
550 AC_DEFINE(DISABLE_FD_PASSING)
551 LDFLAGS="$LDFLAGS"
c1ad5966 552 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 553 MANTYPE=cat
554 ;;
ca5c7d6a 555*-*-unicos*)
c1ad5966 556 AC_DEFINE(SETEUID_BREAKS_SETUID)
557 AC_DEFINE(BROKEN_SETREUID)
558 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 559 AC_DEFINE(USE_PIPES)
94d8258b 560 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 561 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 562 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
563 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
564 MANTYPE=cat
a704dd54 565 ;;
4d33e531 566*-dec-osf*)
99c8ddac 567 AC_MSG_CHECKING(for Digital Unix SIA)
568 no_osfsia=""
569 AC_ARG_WITH(osfsia,
570 [ --with-osfsia Enable Digital Unix SIA],
571 [
572 if test "x$withval" = "xno" ; then
573 AC_MSG_RESULT(disabled)
574 no_osfsia=1
575 fi
576 ],
577 )
578 if test -z "$no_osfsia" ; then
4d33e531 579 if test -f /etc/sia/matrix.conf; then
580 AC_MSG_RESULT(yes)
3466e002 581 AC_DEFINE(HAVE_OSF_SIA, 1,
582 [Define if you have Digital Unix Security
583 Integration Architecture])
584 AC_DEFINE(DISABLE_LOGIN, 1,
585 [Define if you don't want to use your
586 system's login() call])
58d0df4e 587 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 588 LIBS="$LIBS -lsecurity -ldb -lm -laud"
589 else
590 AC_MSG_RESULT(no)
3466e002 591 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
592 [String used in /etc/passwd to denote locked account])
4d33e531 593 fi
594 fi
a6e67b60 595 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 596 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 597 AC_DEFINE(BROKEN_SETREUID)
598 AC_DEFINE(BROKEN_SETREGID)
4d33e531 599 ;;
41cb4569 600
9c54c067 601*-*-nto-qnx*)
41cb4569 602 AC_DEFINE(USE_PIPES)
603 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 604 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
605 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
606 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 607 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 608 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 609 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 610 ;;
35fc74ed 611
612*-*-ultrix*)
3466e002 613 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
614 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 615 AC_DEFINE(NEED_SETPGRP)
b5765e1d 616 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
617 ;;
157b6700 618
619*-*-lynxos)
620 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 621 AC_DEFINE(MISSING_HOWMANY)
157b6700 622 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
623 ;;
a7effaac 624esac
625
8e7b16f8 626# Allow user to specify flags
627AC_ARG_WITH(cflags,
628 [ --with-cflags Specify additional flags to pass to compiler],
629 [
6cf0200f 630 if test -n "$withval" && test "x$withval" != "xno" && \
631 test "x${withval}" != "xyes"; then
8e7b16f8 632 CFLAGS="$CFLAGS $withval"
633 fi
82f4e93d 634 ]
8e7b16f8 635)
0c2fb82f 636AC_ARG_WITH(cppflags,
637 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
638 [
6cf0200f 639 if test -n "$withval" && test "x$withval" != "xno" && \
640 test "x${withval}" != "xyes"; then
0c2fb82f 641 CPPFLAGS="$CPPFLAGS $withval"
642 fi
643 ]
644)
8e7b16f8 645AC_ARG_WITH(ldflags,
97b378bf 646 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 647 [
6cf0200f 648 if test -n "$withval" && test "x$withval" != "xno" && \
649 test "x${withval}" != "xyes"; then
8e7b16f8 650 LDFLAGS="$LDFLAGS $withval"
651 fi
82f4e93d 652 ]
8e7b16f8 653)
654AC_ARG_WITH(libs,
655 [ --with-libs Specify additional libraries to link with],
656 [
6cf0200f 657 if test -n "$withval" && test "x$withval" != "xno" && \
658 test "x${withval}" != "xyes"; then
8e7b16f8 659 LIBS="$LIBS $withval"
660 fi
82f4e93d 661 ]
8e7b16f8 662)
ed89c848 663AC_ARG_WITH(Werror,
664 [ --with-Werror Build main code with -Werror],
665 [
666 if test -n "$withval" && test "x$withval" != "xno"; then
667 werror_flags="-Werror"
1012885d 668 if test "x${withval}" != "xyes"; then
ed89c848 669 werror_flags="$withval"
670 fi
671 fi
672 ]
673)
8e7b16f8 674
c5829391 675AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 676AC_RUN_IFELSE(
677 [AC_LANG_SOURCE([
c5829391 678#include <stdio.h>
679int main(){exit(0);}
479cece8 680 ])],
c5829391 681 [ AC_MSG_RESULT(yes) ],
682 [
683 AC_MSG_RESULT(no)
684 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 685 ],
686 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 687)
688
b04a9f8c 689dnl Checks for header files.
690AC_CHECK_HEADERS( \
691 bstring.h \
692 crypt.h \
2f360c89 693 crypto/sha2.h \
b04a9f8c 694 dirent.h \
695 endian.h \
696 features.h \
37259a8e 697 fcntl.h \
b04a9f8c 698 floatingpoint.h \
699 getopt.h \
700 glob.h \
701 ia.h \
4c653d8e 702 iaf.h \
b04a9f8c 703 limits.h \
704 login.h \
b04a9f8c 705 maillock.h \
706 ndir.h \
e02505e2 707 net/if_tun.h \
b04a9f8c 708 netdb.h \
709 netgroup.h \
b04a9f8c 710 pam/pam_appl.h \
711 paths.h \
712 pty.h \
713 readpassphrase.h \
714 rpc/types.h \
715 security/pam_appl.h \
f73e2ad7 716 sha2.h \
b04a9f8c 717 shadow.h \
718 stddef.h \
719 stdint.h \
0957c2cf 720 string.h \
b04a9f8c 721 strings.h \
722 sys/audit.h \
723 sys/bitypes.h \
724 sys/bsdtty.h \
725 sys/cdefs.h \
726 sys/dir.h \
727 sys/mman.h \
728 sys/ndir.h \
729 sys/prctl.h \
730 sys/pstat.h \
731 sys/select.h \
732 sys/stat.h \
733 sys/stream.h \
734 sys/stropts.h \
735 sys/strtio.h \
736 sys/sysmacros.h \
737 sys/time.h \
738 sys/timers.h \
739 sys/un.h \
740 time.h \
741 tmpdir.h \
742 ttyent.h \
25dd2ce6 743 unistd.h \
b04a9f8c 744 usersec.h \
745 util.h \
746 utime.h \
747 utmp.h \
748 utmpx.h \
ea76f54c 749 vis.h \
b04a9f8c 750)
ddceb1c8 751
823221b2 752# lastlog.h requires sys/time.h to be included first on Solaris
753AC_CHECK_HEADERS(lastlog.h, [], [], [
754#ifdef HAVE_SYS_TIME_H
755# include <sys/time.h>
756#endif
757])
758
765a24cd 759# sys/ptms.h requires sys/stream.h to be included first on Solaris
760AC_CHECK_HEADERS(sys/ptms.h, [], [], [
761#ifdef HAVE_SYS_STREAM_H
762# include <sys/stream.h>
763#endif
764])
765
3919d576 766# login_cap.h requires sys/types.h on NetBSD
767AC_CHECK_HEADERS(login_cap.h, [], [], [
768#include <sys/types.h>
769])
770
a0391976 771# Checks for libraries.
98a7c37b 772AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
773AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 774
446227d6 775dnl IRIX and Solaris 2.5.1 have dirname() in libgen
776AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
777 AC_CHECK_LIB(gen, dirname,[
778 AC_CACHE_CHECK([for broken dirname],
779 ac_cv_have_broken_dirname, [
780 save_LIBS="$LIBS"
781 LIBS="$LIBS -lgen"
b0e7249f 782 AC_RUN_IFELSE(
783 [AC_LANG_SOURCE([[
446227d6 784#include <libgen.h>
785#include <string.h>
786
787int main(int argc, char **argv) {
788 char *s, buf[32];
789
790 strncpy(buf,"/etc", 32);
791 s = dirname(buf);
792 if (!s || strncmp(s, "/", 32) != 0) {
793 exit(1);
794 } else {
795 exit(0);
796 }
797}
b0e7249f 798 ]])],
799 [ ac_cv_have_broken_dirname="no" ],
800 [ ac_cv_have_broken_dirname="yes" ],
446227d6 801 [ ac_cv_have_broken_dirname="no" ],
446227d6 802 )
803 LIBS="$save_LIBS"
804 ])
805 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
806 LIBS="$LIBS -lgen"
807 AC_DEFINE(HAVE_DIRNAME)
808 AC_CHECK_HEADERS(libgen.h)
809 fi
810 ])
811])
812
813AC_CHECK_FUNC(getspnam, ,
814 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 815AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
816 [Define if you have the basename function.]))
446227d6 817
98a7c37b 818dnl zlib is required
819AC_ARG_WITH(zlib,
820 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 821 [ if test "x$withval" = "xno" ; then
822 AC_MSG_ERROR([*** zlib is required ***])
823 elif test "x$withval" != "xyes"; then
98a7c37b 824 if test -d "$withval/lib"; then
825 if test -n "${need_dash_r}"; then
5a162955 826 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 827 else
5a162955 828 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 829 fi
830 else
831 if test -n "${need_dash_r}"; then
5a162955 832 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 833 else
5a162955 834 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 835 fi
836 fi
837 if test -d "$withval/include"; then
5a162955 838 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 839 else
5a162955 840 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 841 fi
6dd05556 842 fi ]
98a7c37b 843)
844
0a15d73b 845AC_CHECK_LIB(z, deflate, ,
846 [
847 saved_CPPFLAGS="$CPPFLAGS"
848 saved_LDFLAGS="$LDFLAGS"
849 save_LIBS="$LIBS"
850 dnl Check default zlib install dir
851 if test -n "${need_dash_r}"; then
852 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
853 else
854 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
855 fi
856 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
857 LIBS="$LIBS -lz"
858 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
859 [
860 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
861 ]
862 )
863 ]
864)
4ad65809 865AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 866
867AC_ARG_WITH(zlib-version-check,
868 [ --without-zlib-version-check Disable zlib version check],
869 [ if test "x$withval" = "xno" ; then
870 zlib_check_nonfatal=1
871 fi
872 ]
873)
874
5c7fc85d 875AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 876AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 877#include <stdio.h>
4ad65809 878#include <zlib.h>
879int main()
880{
5c7fc85d 881 int a=0, b=0, c=0, d=0, n, v;
882 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
883 if (n != 3 && n != 4)
4ad65809 884 exit(1);
5c7fc85d 885 v = a*1000000 + b*10000 + c*100 + d;
886 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
887
888 /* 1.1.4 is OK */
889 if (a == 1 && b == 1 && c >= 4)
4ad65809 890 exit(0);
5c7fc85d 891
0072b59d 892 /* 1.2.3 and up are OK */
893 if (v >= 1020300)
5c7fc85d 894 exit(0);
895
4ad65809 896 exit(2);
897}
479cece8 898 ]])],
5c7fc85d 899 AC_MSG_RESULT(no),
900 [ AC_MSG_RESULT(yes)
8068d564 901 if test -z "$zlib_check_nonfatal" ; then
902 AC_MSG_ERROR([*** zlib too old - check config.log ***
903Your reported zlib version has known security problems. It's possible your
904vendor has fixed these problems without changing the version number. If you
905are sure this is the case, you can disable the check by running
906"./configure --without-zlib-version-check".
6090bcfe 907If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 908See http://www.gzip.org/zlib/ for details.])
8068d564 909 else
910 AC_MSG_WARN([zlib version may have security problems])
911 fi
1a01a50c 912 ],
913 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 914)
48e7916f 915
2c523de9 916dnl UnixWare 2.x
aff51935 917AC_CHECK_FUNC(strcasecmp,
2c523de9 918 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
919)
23361281 920AC_CHECK_FUNCS(utimes,
cda1ebcb 921 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
922 LIBS="$LIBS -lc89"]) ]
2c523de9 923)
4cca272e 924
7c6d759d 925dnl Checks for libutil functions
926AC_CHECK_HEADERS(libutil.h)
3466e002 927AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
928 [Define if your libraries define login()])])
7c6d759d 929AC_CHECK_FUNCS(logout updwtmp logwtmp)
930
a738c3b0 931AC_FUNC_STRFTIME
932
84ceda19 933# Check for ALTDIRFUNC glob() extension
934AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
935AC_EGREP_CPP(FOUNDIT,
936 [
937 #include <glob.h>
938 #ifdef GLOB_ALTDIRFUNC
939 FOUNDIT
940 #endif
aff51935 941 ],
84ceda19 942 [
3466e002 943 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
944 [Define if your system glob() function has
945 the GLOB_ALTDIRFUNC extension])
84ceda19 946 AC_MSG_RESULT(yes)
947 ],
948 [
949 AC_MSG_RESULT(no)
950 ]
951)
4cca272e 952
40849fdb 953# Check for g.gl_matchc glob() extension
954AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 955AC_TRY_COMPILE(
13ff27b7 956 [ #include <glob.h> ],
957 [glob_t g; g.gl_matchc = 1;],
aff51935 958 [
3466e002 959 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
960 [Define if your system glob() function has
961 gl_matchc options in glob_t])
aff51935 962 AC_MSG_RESULT(yes)
963 ],
964 [
965 AC_MSG_RESULT(no)
966 ]
40849fdb 967)
968
edbe6722 969AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 970AC_RUN_IFELSE(
479cece8 971 [AC_LANG_SOURCE([[
edbe6722 972#include <sys/types.h>
973#include <dirent.h>
aec4cb4f 974int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 975 ]])],
aff51935 976 [AC_MSG_RESULT(yes)],
edbe6722 977 [
978 AC_MSG_RESULT(no)
3466e002 979 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 980 [Define if your struct dirent expects you to
3466e002 981 allocate extra space for d_name])
1a01a50c 982 ],
82f4e93d 983 [
1a01a50c 984 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
985 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 986 ]
987)
988
419e26e7 989AC_MSG_CHECKING([for /proc/pid/fd directory])
990if test -d "/proc/$$/fd" ; then
3466e002 991 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 992 AC_MSG_RESULT(yes)
993else
994 AC_MSG_RESULT(no)
995fi
996
278588d8 997# Check whether user wants S/Key support
aff51935 998SKEY_MSG="no"
278588d8 999AC_ARG_WITH(skey,
6ff3d0dc 1000 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1001 [
1002 if test "x$withval" != "xno" ; then
1003
1004 if test "x$withval" != "xyes" ; then
1005 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1006 LDFLAGS="$LDFLAGS -L${withval}/lib"
1007 fi
1008
3466e002 1009 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1010 LIBS="-lskey $LIBS"
aff51935 1011 SKEY_MSG="yes"
82f4e93d 1012
ddceb1c8 1013 AC_MSG_CHECKING([for s/key support])
b0e7249f 1014 AC_LINK_IFELSE(
1015 [AC_LANG_SOURCE([[
ddceb1c8 1016#include <stdio.h>
1017#include <skey.h>
aec4cb4f 1018int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1019 ]])],
ddceb1c8 1020 [AC_MSG_RESULT(yes)],
278588d8 1021 [
ddceb1c8 1022 AC_MSG_RESULT(no)
278588d8 1023 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1024 ])
141fc639 1025 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1026 AC_TRY_COMPILE(
1027 [#include <stdio.h>
1028 #include <skey.h>],
1029 [(void)skeychallenge(NULL,"name","",0);],
1030 [AC_MSG_RESULT(yes)
3466e002 1031 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1032 [Define if your skeychallenge()
1033 function takes 4 arguments (NetBSD)])],
141fc639 1034 [AC_MSG_RESULT(no)]
1035 )
278588d8 1036 fi
1037 ]
1038)
1039
1040# Check whether user wants TCP wrappers support
98a7c37b 1041TCPW_MSG="no"
278588d8 1042AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1043 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1044 [
1045 if test "x$withval" != "xno" ; then
1046 saved_LIBS="$LIBS"
98a7c37b 1047 saved_LDFLAGS="$LDFLAGS"
1048 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1049 if test -n "${withval}" && \
6cf0200f 1050 test "x${withval}" != "xyes"; then
98a7c37b 1051 if test -d "${withval}/lib"; then
1052 if test -n "${need_dash_r}"; then
5a162955 1053 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1054 else
5a162955 1055 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1056 fi
1057 else
1058 if test -n "${need_dash_r}"; then
5a162955 1059 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1060 else
5a162955 1061 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1062 fi
1063 fi
1064 if test -d "${withval}/include"; then
5a162955 1065 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1066 else
5a162955 1067 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1068 fi
98a7c37b 1069 fi
ddceb1c8 1070 LIBWRAP="-lwrap"
1071 LIBS="$LIBWRAP $LIBS"
278588d8 1072 AC_MSG_CHECKING(for libwrap)
1073 AC_TRY_LINK(
1074 [
77f09220 1075#include <sys/types.h>
1076#include <sys/socket.h>
1077#include <netinet/in.h>
278588d8 1078#include <tcpd.h>
1079 int deny_severity = 0, allow_severity = 0;
1080 ],
1081 [hosts_access(0);],
1082 [
1083 AC_MSG_RESULT(yes)
3466e002 1084 AC_DEFINE(LIBWRAP, 1,
1085 [Define if you want
1086 TCP Wrappers support])
ddceb1c8 1087 AC_SUBST(LIBWRAP)
98a7c37b 1088 TCPW_MSG="yes"
278588d8 1089 ],
1090 [
1091 AC_MSG_ERROR([*** libwrap missing])
1092 ]
1093 )
ddceb1c8 1094 LIBS="$saved_LIBS"
278588d8 1095 fi
1096 ]
1097)
1098
59031773 1099# Check whether user wants libedit support
1100LIBEDIT_MSG="no"
1101AC_ARG_WITH(libedit,
6ff3d0dc 1102 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1103 [ if test "x$withval" != "xno" ; then
737edf04 1104 if test "x$withval" != "xyes"; then
bb116c8e 1105 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1106 if test -n "${need_dash_r}"; then
1107 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1108 else
1109 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1110 fi
737edf04 1111 fi
59031773 1112 AC_CHECK_LIB(edit, el_init,
3466e002 1113 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1114 LIBEDIT="-ledit -lcurses"
1115 LIBEDIT_MSG="yes"
1116 AC_SUBST(LIBEDIT)
1117 ],
737edf04 1118 [ AC_MSG_ERROR(libedit not found) ],
1119 [ -lcurses ]
59031773 1120 )
f47ddccb 1121 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1122 AC_COMPILE_IFELSE(
1123 [AC_LANG_SOURCE([[
1124#include <histedit.h>
f47ddccb 1125int main(void)
1126{
1127 int i = H_SETSIZE;
1128 el_init("", NULL, NULL, NULL);
1129 exit(0);
1130}
d92622f9 1131 ]])],
f47ddccb 1132 [ AC_MSG_RESULT(yes) ],
1133 [ AC_MSG_RESULT(no)
1134 AC_MSG_ERROR(libedit version is not compatible) ]
1135 )
59031773 1136 fi ]
1137)
1138
7b578f7d 1139AUDIT_MODULE=none
1140AC_ARG_WITH(audit,
1141 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1142 [
1143 AC_MSG_CHECKING(for supported audit module)
1144 case "$withval" in
1145 bsm)
1146 AC_MSG_RESULT(bsm)
1147 AUDIT_MODULE=bsm
1148 dnl Checks for headers, libs and functions
1149 AC_CHECK_HEADERS(bsm/audit.h, [],
1150 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1151 AC_CHECK_LIB(bsm, getaudit, [],
1152 [AC_MSG_ERROR(BSM enabled and required library not found)])
1153 AC_CHECK_FUNCS(getaudit, [],
1154 [AC_MSG_ERROR(BSM enabled and required function not found)])
1155 # These are optional
7939c496 1156 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1157 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1158 ;;
1159 debug)
1160 AUDIT_MODULE=debug
1161 AC_MSG_RESULT(debug)
3466e002 1162 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1163 ;;
a2b3321d 1164 no)
d92622f9 1165 AC_MSG_RESULT(no)
a2b3321d 1166 ;;
7b578f7d 1167 *)
1168 AC_MSG_ERROR([Unknown audit module $withval])
1169 ;;
1170 esac ]
1171)
1172
19160674 1173dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1174AC_CHECK_FUNCS( \
1175 arc4random \
9a406e1e 1176 asprintf \
b04a9f8c 1177 b64_ntop \
1178 __b64_ntop \
1179 b64_pton \
1180 __b64_pton \
1181 bcopy \
1182 bindresvport_sa \
1183 clock \
1184 closefrom \
1185 dirfd \
b04a9f8c 1186 fchmod \
1187 fchown \
1188 freeaddrinfo \
1189 futimes \
1190 getaddrinfo \
1191 getcwd \
1192 getgrouplist \
1193 getnameinfo \
1194 getopt \
1195 getpeereid \
1196 _getpty \
1197 getrlimit \
1198 getttyent \
1199 glob \
1200 inet_aton \
1201 inet_ntoa \
1202 inet_ntop \
1203 innetgr \
1204 login_getcapbool \
1205 md5_crypt \
1206 memmove \
1207 mkdtemp \
1208 mmap \
1209 ngetaddrinfo \
1210 nsleep \
1211 ogetaddrinfo \
1212 openlog_r \
1213 openpty \
1214 prctl \
1215 pstat \
1216 readpassphrase \
1217 realpath \
1218 recvmsg \
1219 rresvport_af \
1220 sendmsg \
1221 setdtablesize \
1222 setegid \
1223 setenv \
1224 seteuid \
1225 setgroups \
1226 setlogin \
1227 setpcred \
1228 setproctitle \
1229 setregid \
1230 setreuid \
1231 setrlimit \
1232 setsid \
1233 setvbuf \
1234 sigaction \
1235 sigvec \
1236 snprintf \
1237 socketpair \
1238 strdup \
1239 strerror \
1240 strlcat \
1241 strlcpy \
1242 strmode \
1243 strnvis \
1244 strtonum \
1e29a0c8 1245 strtoll \
b04a9f8c 1246 strtoul \
1247 sysconf \
1248 tcgetpgrp \
1249 truncate \
1250 unsetenv \
1251 updwtmpx \
9a406e1e 1252 vasprintf \
b04a9f8c 1253 vhangup \
1254 vsnprintf \
1255 waitpid \
19160674 1256)
98a7c37b 1257
1a086f97 1258# IRIX has a const char return value for gai_strerror()
1259AC_CHECK_FUNCS(gai_strerror,[
1260 AC_DEFINE(HAVE_GAI_STRERROR)
1261 AC_TRY_COMPILE([
1262#include <sys/types.h>
1263#include <sys/socket.h>
1264#include <netdb.h>
1265
1266const char *gai_strerror(int);],[
1267char *str;
1268
1269str = gai_strerror(0);],[
1270 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1271 [Define if gai_strerror() returns const char *])])])
1272
3466e002 1273AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1274 [Some systems put nanosleep outside of libc]))
92b1decf 1275
309709db 1276dnl Make sure prototypes are defined for these before using them.
309709db 1277AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1278AC_CHECK_DECL(strsep,
1279 [AC_CHECK_FUNCS(strsep)],
1280 [],
1281 [
1282#ifdef HAVE_STRING_H
1283# include <string.h>
1284#endif
1285 ])
08412d26 1286
3490699c 1287dnl tcsendbreak might be a macro
1288AC_CHECK_DECL(tcsendbreak,
1289 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1290 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1291 [#include <termios.h>]
1292)
1293
41e0e158 1294AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1295
71f4c727 1296AC_CHECK_DECLS(SHUT_RD, , ,
1297 [
1298#include <sys/types.h>
1299#include <sys/socket.h>
1300 ])
956d6743 1301
1302AC_CHECK_DECLS(O_NONBLOCK, , ,
1303 [
1304#include <sys/types.h>
1305#ifdef HAVE_SYS_STAT_H
1306# include <sys/stat.h>
1307#endif
1308#ifdef HAVE_FCNTL_H
1309# include <fcntl.h>
1310#endif
1311 ])
1312
3f176010 1313AC_CHECK_FUNCS(setresuid, [
1314 dnl Some platorms have setresuid that isn't implemented, test for this
1315 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1316 AC_RUN_IFELSE(
1317 [AC_LANG_SOURCE([[
9a3fe0e2 1318#include <stdlib.h>
1319#include <errno.h>
1320int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1321 ]])],
3f176010 1322 [AC_MSG_RESULT(yes)],
3466e002 1323 [AC_DEFINE(BROKEN_SETRESUID, 1,
1324 [Define if your setresuid() is broken])
1a01a50c 1325 AC_MSG_RESULT(not implemented)],
1326 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1327 )
1328])
9a3fe0e2 1329
3f176010 1330AC_CHECK_FUNCS(setresgid, [
1331 dnl Some platorms have setresgid that isn't implemented, test for this
1332 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1333 AC_RUN_IFELSE(
1334 [AC_LANG_SOURCE([[
9a3fe0e2 1335#include <stdlib.h>
1336#include <errno.h>
1337int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1338 ]])],
3f176010 1339 [AC_MSG_RESULT(yes)],
3466e002 1340 [AC_DEFINE(BROKEN_SETRESGID, 1,
1341 [Define if your setresgid() is broken])
1a01a50c 1342 AC_MSG_RESULT(not implemented)],
1343 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1344 )
1345])
9a3fe0e2 1346
2e73a022 1347dnl Checks for time functions
1d7b9b20 1348AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1349dnl Checks for utmp functions
b03bd394 1350AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1351AC_CHECK_FUNCS(utmpname)
2e73a022 1352dnl Checks for utmpx functions
b03bd394 1353AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1354AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1355
aff51935 1356AC_CHECK_FUNC(daemon,
3466e002 1357 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1358 [AC_CHECK_LIB(bsd, daemon,
1359 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1360)
1361
aff51935 1362AC_CHECK_FUNC(getpagesize,
3466e002 1363 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1364 [Define if your libraries define getpagesize()])],
1365 [AC_CHECK_LIB(ucb, getpagesize,
1366 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1367)
1368
2647ae26 1369# Check for broken snprintf
1370if test "x$ac_cv_func_snprintf" = "xyes" ; then
1371 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1372 AC_RUN_IFELSE(
479cece8 1373 [AC_LANG_SOURCE([[
2647ae26 1374#include <stdio.h>
aec4cb4f 1375int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1376 ]])],
aff51935 1377 [AC_MSG_RESULT(yes)],
2647ae26 1378 [
1379 AC_MSG_RESULT(no)
3466e002 1380 AC_DEFINE(BROKEN_SNPRINTF, 1,
1381 [Define if your snprintf is busted])
2647ae26 1382 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1383 ],
1384 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1385 )
1386fi
1387
9a406e1e 1388# If we don't have a working asprintf, then we strongly depend on vsnprintf
1389# returning the right thing on overflow: the number of characters it tried to
1390# create (as per SUSv3)
1391if test "x$ac_cv_func_asprintf" != "xyes" && \
1392 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1393 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1394 AC_RUN_IFELSE(
1395 [AC_LANG_SOURCE([[
1396#include <sys/types.h>
1397#include <stdio.h>
1398#include <stdarg.h>
1399
1400int x_snprintf(char *str,size_t count,const char *fmt,...)
1401{
1402 size_t ret; va_list ap;
1403 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1404 return ret;
1405}
1406int main(void)
1407{
1408 char x[1];
1409 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1410} ]])],
1411 [AC_MSG_RESULT(yes)],
1412 [
1413 AC_MSG_RESULT(no)
1414 AC_DEFINE(BROKEN_SNPRINTF, 1,
1415 [Define if your snprintf is busted])
1416 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1417 ],
1418 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1419 )
1420fi
1421
31b0732a 1422# On systems where [v]snprintf is broken, but is declared in stdio,
1423# check that the fmt argument is const char * or just char *.
1424# This is only useful for when BROKEN_SNPRINTF
1425AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1426AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1427 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1428 int main(void) { snprintf(0, 0, 0); }
1429 ]])],
1430 [AC_MSG_RESULT(yes)
1431 AC_DEFINE(SNPRINTF_CONST, [const],
1432 [Define as const if snprintf() can declare const char *fmt])],
1433 [AC_MSG_RESULT(no)
1434 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1435
2f6f9cff 1436# Check for missing getpeereid (or equiv) support
1437NO_PEERCHECK=""
1438if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1439 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1440 AC_TRY_COMPILE(
1441 [#include <sys/types.h>
1442 #include <sys/socket.h>],
1443 [int i = SO_PEERCRED;],
62eb7db4 1444 [ AC_MSG_RESULT(yes)
3466e002 1445 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1446 ],
2f6f9cff 1447 [AC_MSG_RESULT(no)
1448 NO_PEERCHECK=1]
1449 )
1450fi
1451
70e7d0b0 1452dnl see whether mkstemp() requires XXXXXX
1453if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1454AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1455AC_RUN_IFELSE(
1456 [AC_LANG_SOURCE([[
70e7d0b0 1457#include <stdlib.h>
1458main() { char template[]="conftest.mkstemp-test";
1459if (mkstemp(template) == -1)
1460 exit(1);
1461unlink(template); exit(0);
1462}
b0e7249f 1463 ]])],
70e7d0b0 1464 [
1465 AC_MSG_RESULT(no)
1466 ],
aff51935 1467 [
70e7d0b0 1468 AC_MSG_RESULT(yes)
3466e002 1469 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1470 ],
1471 [
1472 AC_MSG_RESULT(yes)
1473 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1474 ]
70e7d0b0 1475)
1476fi
1477
eacb954e 1478dnl make sure that openpty does not reacquire controlling terminal
1479if test ! -z "$check_for_openpty_ctty_bug"; then
1480 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1481 AC_RUN_IFELSE(
1482 [AC_LANG_SOURCE([[
eacb954e 1483#include <stdio.h>
1484#include <sys/fcntl.h>
1485#include <sys/types.h>
1486#include <sys/wait.h>
1487
1488int
1489main()
1490{
1491 pid_t pid;
1492 int fd, ptyfd, ttyfd, status;
1493
1494 pid = fork();
1495 if (pid < 0) { /* failed */
1496 exit(1);
1497 } else if (pid > 0) { /* parent */
1498 waitpid(pid, &status, 0);
aff51935 1499 if (WIFEXITED(status))
eacb954e 1500 exit(WEXITSTATUS(status));
1501 else
1502 exit(2);
1503 } else { /* child */
1504 close(0); close(1); close(2);
1505 setsid();
1506 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1507 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1508 if (fd >= 0)
1509 exit(3); /* Acquired ctty: broken */
1510 else
1511 exit(0); /* Did not acquire ctty: OK */
1512 }
1513}
b0e7249f 1514 ]])],
eacb954e 1515 [
1516 AC_MSG_RESULT(yes)
1517 ],
1518 [
1519 AC_MSG_RESULT(no)
1520 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1521 ],
1522 [
1523 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1524 ]
1525 )
1526fi
1527
4b492aab 1528if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1529 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1530 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1531 AC_RUN_IFELSE(
1532 [AC_LANG_SOURCE([[
2fe51906 1533#include <stdio.h>
1534#include <sys/socket.h>
1535#include <netdb.h>
1536#include <errno.h>
1537#include <netinet/in.h>
1538
1539#define TEST_PORT "2222"
1540
1541int
1542main(void)
1543{
1544 int err, sock;
1545 struct addrinfo *gai_ai, *ai, hints;
1546 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1547
1548 memset(&hints, 0, sizeof(hints));
1549 hints.ai_family = PF_UNSPEC;
1550 hints.ai_socktype = SOCK_STREAM;
1551 hints.ai_flags = AI_PASSIVE;
1552
1553 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1554 if (err != 0) {
1555 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1556 exit(1);
1557 }
1558
1559 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1560 if (ai->ai_family != AF_INET6)
1561 continue;
1562
1563 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1564 sizeof(ntop), strport, sizeof(strport),
1565 NI_NUMERICHOST|NI_NUMERICSERV);
1566
1567 if (err != 0) {
1568 if (err == EAI_SYSTEM)
1569 perror("getnameinfo EAI_SYSTEM");
1570 else
1571 fprintf(stderr, "getnameinfo failed: %s\n",
1572 gai_strerror(err));
1573 exit(2);
1574 }
1575
1576 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1577 if (sock < 0)
1578 perror("socket");
1579 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1580 if (errno == EBADF)
1581 exit(3);
1582 }
1583 }
1584 exit(0);
1585}
b0e7249f 1586 ]])],
2fe51906 1587 [
1588 AC_MSG_RESULT(yes)
1589 ],
1590 [
1591 AC_MSG_RESULT(no)
1592 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1593 ],
1594 [
1595 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1596 ]
1597 )
1598fi
1599
4b492aab 1600if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1601 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1602 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1603 AC_RUN_IFELSE(
1604 [AC_LANG_SOURCE([[
5ccf88cb 1605#include <stdio.h>
1606#include <sys/socket.h>
1607#include <netdb.h>
1608#include <errno.h>
1609#include <netinet/in.h>
1610
1611#define TEST_PORT "2222"
1612
1613int
1614main(void)
1615{
1616 int err, sock;
1617 struct addrinfo *gai_ai, *ai, hints;
1618 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1619
1620 memset(&hints, 0, sizeof(hints));
1621 hints.ai_family = PF_UNSPEC;
1622 hints.ai_socktype = SOCK_STREAM;
1623 hints.ai_flags = AI_PASSIVE;
1624
1625 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1626 if (err != 0) {
1627 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1628 exit(1);
1629 }
1630
1631 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1632 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1633 continue;
1634
1635 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1636 sizeof(ntop), strport, sizeof(strport),
1637 NI_NUMERICHOST|NI_NUMERICSERV);
1638
1639 if (ai->ai_family == AF_INET && err != 0) {
1640 perror("getnameinfo");
1641 exit(2);
1642 }
1643 }
1644 exit(0);
1645}
b0e7249f 1646 ]])],
5ccf88cb 1647 [
1648 AC_MSG_RESULT(yes)
3466e002 1649 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1650 [Define if you have a getaddrinfo that fails
1651 for the all-zeros IPv6 address])
5ccf88cb 1652 ],
1653 [
1654 AC_MSG_RESULT(no)
1655 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1656 ],
ecd9ec09 1657 [
b0e7249f 1658 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1659 ]
1660 )
1661fi
1662
b29fd59f 1663if test "x$check_for_conflicting_getspnam" = "x1"; then
1664 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1665 AC_COMPILE_IFELSE(
1666 [
1667#include <shadow.h>
1668int main(void) {exit(0);}
1669 ],
1670 [
1671 AC_MSG_RESULT(no)
1672 ],
1673 [
1674 AC_MSG_RESULT(yes)
1675 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1676 [Conflicting defs for getspnam])
1677 ]
1678 )
1679fi
1680
7f8f5e00 1681AC_FUNC_GETPGRP
1682
5b991353 1683# Search for OpenSSL
1684saved_CPPFLAGS="$CPPFLAGS"
1685saved_LDFLAGS="$LDFLAGS"
a0391976 1686AC_ARG_WITH(ssl-dir,
1687 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1688 [
e9e4a1c7 1689 if test "x$withval" != "xno" ; then
99eb0f64 1690 case "$withval" in
1691 # Relative paths
1692 ./*|../*) withval="`pwd`/$withval"
1693 esac
5b991353 1694 if test -d "$withval/lib"; then
1695 if test -n "${need_dash_r}"; then
1696 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1697 else
1698 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1699 fi
1700 else
5b991353 1701 if test -n "${need_dash_r}"; then
1702 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1703 else
1704 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1705 fi
1706 fi
5b991353 1707 if test -d "$withval/include"; then
1708 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1709 else
5b991353 1710 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1711 fi
a0391976 1712 fi
5b991353 1713 ]
1714)
5486a457 1715LIBS="-lcrypto $LIBS"
3466e002 1716AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1717 [Define if your ssl headers are included
1718 with #include <openssl/header.h>]),
d45e3d76 1719 [
5b991353 1720 dnl Check default openssl install dir
1721 if test -n "${need_dash_r}"; then
1722 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1723 else
5b991353 1724 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1725 fi
5b991353 1726 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1727 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1728 [
1729 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1730 ]
1731 )
1732 ]
1733)
1734
cd018561 1735# Determine OpenSSL header version
1736AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1737AC_RUN_IFELSE(
479cece8 1738 [AC_LANG_SOURCE([[
cd018561 1739#include <stdio.h>
1740#include <string.h>
1741#include <openssl/opensslv.h>
1742#define DATA "conftest.sslincver"
1743int main(void) {
aff51935 1744 FILE *fd;
1745 int rc;
cd018561 1746
aff51935 1747 fd = fopen(DATA,"w");
1748 if(fd == NULL)
1749 exit(1);
cd018561 1750
1751 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1752 exit(1);
1753
1754 exit(0);
1755}
479cece8 1756 ]])],
cd018561 1757 [
1758 ssl_header_ver=`cat conftest.sslincver`
1759 AC_MSG_RESULT($ssl_header_ver)
1760 ],
1761 [
1762 AC_MSG_RESULT(not found)
1763 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1764 ],
1765 [
1766 AC_MSG_WARN([cross compiling: not checking])
cd018561 1767 ]
1768)
1769
1770# Determine OpenSSL library version
1771AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1772AC_RUN_IFELSE(
479cece8 1773 [AC_LANG_SOURCE([[
cd018561 1774#include <stdio.h>
1775#include <string.h>
1776#include <openssl/opensslv.h>
1777#include <openssl/crypto.h>
1778#define DATA "conftest.ssllibver"
1779int main(void) {
aff51935 1780 FILE *fd;
1781 int rc;
cd018561 1782
aff51935 1783 fd = fopen(DATA,"w");
1784 if(fd == NULL)
1785 exit(1);
cd018561 1786
1787 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1788 exit(1);
1789
1790 exit(0);
1791}
479cece8 1792 ]])],
cd018561 1793 [
1794 ssl_library_ver=`cat conftest.ssllibver`
1795 AC_MSG_RESULT($ssl_library_ver)
1796 ],
1797 [
1798 AC_MSG_RESULT(not found)
1799 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1800 ],
1801 [
1802 AC_MSG_WARN([cross compiling: not checking])
cd018561 1803 ]
1804)
58d100bf 1805
9780116c 1806# Sanity check OpenSSL headers
1807AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1808AC_RUN_IFELSE(
479cece8 1809 [AC_LANG_SOURCE([[
9780116c 1810#include <string.h>
1811#include <openssl/opensslv.h>
aec4cb4f 1812int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1813 ]])],
9780116c 1814 [
1815 AC_MSG_RESULT(yes)
1816 ],
1817 [
1818 AC_MSG_RESULT(no)
e15ba28b 1819 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1820Check config.log for details.
1821Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1822 ],
1823 [
1824 AC_MSG_WARN([cross compiling: not checking])
9780116c 1825 ]
1826)
1827
c7ad0d99 1828AC_ARG_WITH(ssl-engine,
1829 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1830 [ if test "x$withval" != "xno" ; then
1831 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1832 AC_TRY_COMPILE(
1833 [ #include <openssl/engine.h>],
1834 [
1835int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1836 ],
1837 [ AC_MSG_RESULT(yes)
1838 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1839 [Enable OpenSSL engine support])
1840 ],
1841 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1842 )
1843 fi ]
1844)
1845
e5146707 1846# Check for OpenSSL without EVP_aes_{192,256}_cbc
1847AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1848AC_LINK_IFELSE(
e5146707 1849 [AC_LANG_SOURCE([[
1850#include <string.h>
1851#include <openssl/evp.h>
300ea548 1852int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1853 ]])],
1854 [
1855 AC_MSG_RESULT(no)
1856 ],
1857 [
1858 AC_MSG_RESULT(yes)
1859 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1860 [libcrypto is missing AES 192 and 256 bit functions])
1861 ]
1862)
1863
5486a457 1864# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1865# because the system crypt() is more featureful.
1866if test "x$check_for_libcrypt_before" = "x1"; then
1867 AC_CHECK_LIB(crypt, crypt)
1868fi
1869
aff51935 1870# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1871# version in OpenSSL.
05114c74 1872if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1873 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1874fi
1875
13ff27b7 1876# Search for SHA256 support in libc and/or OpenSSL
1877AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1878
4c653d8e 1879AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1880
1881### Configure cryptographic random number support
1882
1883# Check wheter OpenSSL seeds itself
1884AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1885AC_RUN_IFELSE(
479cece8 1886 [AC_LANG_SOURCE([[
f1b0ecc3 1887#include <string.h>
1888#include <openssl/rand.h>
aec4cb4f 1889int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1890 ]])],
f1b0ecc3 1891 [
1892 OPENSSL_SEEDS_ITSELF=yes
1893 AC_MSG_RESULT(yes)
1894 ],
1895 [
1896 AC_MSG_RESULT(no)
1897 # Default to use of the rand helper if OpenSSL doesn't
1898 # seed itself
1899 USE_RAND_HELPER=yes
1a01a50c 1900 ],
1901 [
1902 AC_MSG_WARN([cross compiling: assuming yes])
1903 # This is safe, since all recent OpenSSL versions will
82f4e93d 1904 # complain at runtime if not seeded correctly.
1a01a50c 1905 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1906 ]
1907)
1908
a086f73b 1909# Check for PAM libs
1910PAM_MSG="no"
1911AC_ARG_WITH(pam,
1912 [ --with-pam Enable PAM support ],
1913 [
1914 if test "x$withval" != "xno" ; then
1915 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1916 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
1917 AC_MSG_ERROR([PAM headers not found])
1918 fi
1919
1920 saved_LIBS="$LIBS"
1921 AC_CHECK_LIB(dl, dlopen, , )
1922 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1923 AC_CHECK_FUNCS(pam_getenvlist)
1924 AC_CHECK_FUNCS(pam_putenv)
1925 LIBS="$saved_LIBS"
1926
1927 PAM_MSG="yes"
1928
1929 AC_DEFINE(USE_PAM, 1,
1930 [Define if you want to enable PAM support])
1931 if test $ac_cv_lib_dl_dlopen = yes; then
1932 LIBPAM="-lpam -ldl"
1933 else
1934 LIBPAM="-lpam"
1935 fi
1936 AC_SUBST(LIBPAM)
1937 fi
1938 ]
1939)
1940
1941# Check for older PAM
1942if test "x$PAM_MSG" = "xyes" ; then
1943 # Check PAM strerror arguments (old PAM)
1944 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1945 AC_TRY_COMPILE(
1946 [
1947#include <stdlib.h>
1948#if defined(HAVE_SECURITY_PAM_APPL_H)
1949#include <security/pam_appl.h>
1950#elif defined (HAVE_PAM_PAM_APPL_H)
1951#include <pam/pam_appl.h>
1952#endif
1953 ],
1954 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
1955 [AC_MSG_RESULT(no)],
1956 [
1957 AC_DEFINE(HAVE_OLD_PAM, 1,
1958 [Define if you have an old version of PAM
1959 which takes only one argument to pam_strerror])
1960 AC_MSG_RESULT(yes)
1961 PAM_MSG="yes (old library)"
1962 ]
1963 )
1964fi
f1b0ecc3 1965
1966# Do we want to force the use of the rand helper?
1967AC_ARG_WITH(rand-helper,
1968 [ --with-rand-helper Use subprocess to gather strong randomness ],
1969 [
1970 if test "x$withval" = "xno" ; then
aff51935 1971 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1972 # the previous test showed it to be unseeded.
1973 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1974 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1975 OPENSSL_SEEDS_ITSELF=yes
1976 USE_RAND_HELPER=""
1977 fi
1978 else
1979 USE_RAND_HELPER=yes
1980 fi
1981 ],
82f4e93d 1982)
f1b0ecc3 1983
1984# Which randomness source do we use?
4b492aab 1985if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1986 # OpenSSL only
3466e002 1987 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
1988 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 1989 RAND_MSG="OpenSSL internal ONLY"
1990 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1991elif test ! -z "$USE_RAND_HELPER" ; then
1992 # install rand helper
f1b0ecc3 1993 RAND_MSG="ssh-rand-helper"
1994 INSTALL_SSH_RAND_HELPER="yes"
1995fi
1996AC_SUBST(INSTALL_SSH_RAND_HELPER)
1997
1998### Configuration of ssh-rand-helper
1999
2000# PRNGD TCP socket
2001AC_ARG_WITH(prngd-port,
2002 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2003 [
eb5d7ff6 2004 case "$withval" in
2005 no)
2006 withval=""
2007 ;;
2008 [[0-9]]*)
2009 ;;
2010 *)
2011 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2012 ;;
2013 esac
2014 if test ! -z "$withval" ; then
f1b0ecc3 2015 PRNGD_PORT="$withval"
3466e002 2016 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2017 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2018 fi
2019 ]
2020)
2021
2022# PRNGD Unix domain socket
2023AC_ARG_WITH(prngd-socket,
2024 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2025 [
eb5d7ff6 2026 case "$withval" in
2027 yes)
f1b0ecc3 2028 withval="/var/run/egd-pool"
eb5d7ff6 2029 ;;
2030 no)
2031 withval=""
2032 ;;
2033 /*)
2034 ;;
2035 *)
2036 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2037 ;;
2038 esac
2039
2040 if test ! -z "$withval" ; then
f1b0ecc3 2041 if test ! -z "$PRNGD_PORT" ; then
2042 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2043 fi
906e811b 2044 if test ! -r "$withval" ; then
f1b0ecc3 2045 AC_MSG_WARN(Entropy socket is not readable)
2046 fi
2047 PRNGD_SOCKET="$withval"
3466e002 2048 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2049 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2050 fi
ddceb1c8 2051 ],
2052 [
2053 # Check for existing socket only if we don't have a random device already
2054 if test "$USE_RAND_HELPER" = yes ; then
2055 AC_MSG_CHECKING(for PRNGD/EGD socket)
2056 # Insert other locations here
2057 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2058 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2059 PRNGD_SOCKET="$sock"
2060 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2061 break;
2062 fi
2063 done
2064 if test ! -z "$PRNGD_SOCKET" ; then
2065 AC_MSG_RESULT($PRNGD_SOCKET)
2066 else
2067 AC_MSG_RESULT(not found)
2068 fi
2069 fi
f1b0ecc3 2070 ]
2071)
2072
2073# Change default command timeout for hashing entropy source
2074entropy_timeout=200
2075AC_ARG_WITH(entropy-timeout,
2076 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2077 [
6cf0200f 2078 if test -n "$withval" && test "x$withval" != "xno" && \
2079 test "x${withval}" != "xyes"; then
f1b0ecc3 2080 entropy_timeout=$withval
2081 fi
82f4e93d 2082 ]
f1b0ecc3 2083)
3466e002 2084AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2085 [Builtin PRNG command timeout])
f1b0ecc3 2086
fd3cbf67 2087SSH_PRIVSEP_USER=sshd
9a0fbcb3 2088AC_ARG_WITH(privsep-user,
5222e7ef 2089 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2090 [
6cf0200f 2091 if test -n "$withval" && test "x$withval" != "xno" && \
2092 test "x${withval}" != "xyes"; then
fd3cbf67 2093 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2094 fi
82f4e93d 2095 ]
9a0fbcb3 2096)
3466e002 2097AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2098 [non-privileged user for privilege separation])
fd3cbf67 2099AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2100
81dadca3 2101# We do this little dance with the search path to insure
2102# that programs that we select for use by installed programs
2103# (which may be run by the super-user) come from trusted
2104# locations before they come from the user's private area.
2105# This should help avoid accidentally configuring some
2106# random version of a program in someone's personal bin.
2107
2108OPATH=$PATH
2109PATH=/bin:/usr/bin
f95c8ce8 2110test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2111test -d /sbin && PATH=$PATH:/sbin
2112test -d /usr/sbin && PATH=$PATH:/usr/sbin
2113PATH=$PATH:/etc:$OPATH
2114
aff51935 2115# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2116OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2117OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2118OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2119OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2120OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2121OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2122OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2123OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2124OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2125OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2126OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2127OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2128OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2129OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2130OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2131OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2132# restore PATH
2133PATH=$OPATH
f1b0ecc3 2134
2135# Where does ssh-rand-helper get its randomness from?
2136INSTALL_SSH_PRNG_CMDS=""
2137if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2138 if test ! -z "$PRNGD_PORT" ; then
2139 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2140 elif test ! -z "$PRNGD_SOCKET" ; then
2141 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2142 else
2143 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2144 RAND_HELPER_CMDHASH=yes
2145 INSTALL_SSH_PRNG_CMDS="yes"
2146 fi
2147fi
2148AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2149
2150
66d6c27e 2151# Cheap hack to ensure NEWS-OS libraries are arranged right.
2152if test ! -z "$SONY" ; then
2153 LIBS="$LIBS -liberty";
2154fi
2155
9a406e1e 2156# Check for long long datatypes
2157AC_CHECK_TYPES([long long, unsigned long long, long double])
2158
2159# Check datatype sizes
976f7e19 2160AC_CHECK_SIZEOF(char, 1)
2b942fe0 2161AC_CHECK_SIZEOF(short int, 2)
2162AC_CHECK_SIZEOF(int, 4)
2163AC_CHECK_SIZEOF(long int, 4)
2164AC_CHECK_SIZEOF(long long int, 8)
2165
52f1ccb2 2166# Sanity check long long for some platforms (AIX)
2167if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2168 ac_cv_sizeof_long_long_int=0
2169fi
2170
90f15776 2171# compute LLONG_MIN and LLONG_MAX if we don't know them.
2172if test -z "$have_llong_max"; then
2173 AC_MSG_CHECKING([for max value of long long])
2174 AC_RUN_IFELSE(
2175 [AC_LANG_SOURCE([[
2176#include <stdio.h>
2177/* Why is this so damn hard? */
2178#ifdef __GNUC__
2179# undef __GNUC__
2180#endif
2181#define __USE_ISOC99
2182#include <limits.h>
2183#define DATA "conftest.llminmax"
055252ed 2184#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2185
2186/*
2187 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2188 * we do this the hard way.
2189 */
2190static int
2191fprint_ll(FILE *f, long long n)
2192{
2193 unsigned int i;
2194 int l[sizeof(long long) * 8];
2195
2196 if (n < 0)
2197 if (fprintf(f, "-") < 0)
2198 return -1;
2199 for (i = 0; n != 0; i++) {
2200 l[i] = my_abs(n % 10);
2201 n /= 10;
2202 }
2203 do {
2204 if (fprintf(f, "%d", l[--i]) < 0)
2205 return -1;
2206 } while (i != 0);
2207 if (fprintf(f, " ") < 0)
2208 return -1;
2209 return 0;
2210}
2211
90f15776 2212int main(void) {
2213 FILE *f;
2214 long long i, llmin, llmax = 0;
2215
2216 if((f = fopen(DATA,"w")) == NULL)
2217 exit(1);
2218
2219#if defined(LLONG_MIN) && defined(LLONG_MAX)
2220 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2221 llmin = LLONG_MIN;
2222 llmax = LLONG_MAX;
2223#else
2224 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2225 /* This will work on one's complement and two's complement */
2226 for (i = 1; i > llmax; i <<= 1, i++)
2227 llmax = i;
2228 llmin = llmax + 1LL; /* wrap */
2229#endif
2230
2231 /* Sanity check */
2232 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2233 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2234 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2235 fprintf(f, "unknown unknown\n");
2236 exit(2);
2237 }
2238
055252ed 2239 if (fprint_ll(f, llmin) < 0)
90f15776 2240 exit(3);
055252ed 2241 if (fprint_ll(f, llmax) < 0)
2242 exit(4);
2243 if (fclose(f) < 0)
2244 exit(5);
90f15776 2245 exit(0);
2246}
2247 ]])],
2248 [
2249 llong_min=`$AWK '{print $1}' conftest.llminmax`
2250 llong_max=`$AWK '{print $2}' conftest.llminmax`
2251
90f15776 2252 AC_MSG_RESULT($llong_max)
2253 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2254 [max value of long long calculated by configure])
2255 AC_MSG_CHECKING([for min value of long long])
2256 AC_MSG_RESULT($llong_min)
2257 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2258 [min value of long long calculated by configure])
2259 ],
2260 [
2261 AC_MSG_RESULT(not found)
2262 ],
2263 [
2264 AC_MSG_WARN([cross compiling: not checking])
2265 ]
2266 )
2267fi
2268
2269
a0391976 2270# More checks for data types
14a9a859 2271AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2272 AC_TRY_COMPILE(
aff51935 2273 [ #include <sys/types.h> ],
2274 [ u_int a; a = 1;],
14a9a859 2275 [ ac_cv_have_u_int="yes" ],
2276 [ ac_cv_have_u_int="no" ]
2277 )
2278])
2279if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2280 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2281 have_u_int=1
2282fi
2283
58d100bf 2284AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2285 AC_TRY_COMPILE(
aff51935 2286 [ #include <sys/types.h> ],
2287 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2288 [ ac_cv_have_intxx_t="yes" ],
2289 [ ac_cv_have_intxx_t="no" ]
2290 )
2291])
2292if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2293 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2294 have_intxx_t=1
2295fi
41cb4569 2296
2297if (test -z "$have_intxx_t" && \
aff51935 2298 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2299then
2300 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2301 AC_TRY_COMPILE(
aff51935 2302 [ #include <stdint.h> ],
2303 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2304 [
2305 AC_DEFINE(HAVE_INTXX_T)
2306 AC_MSG_RESULT(yes)
2307 ],
2308 [ AC_MSG_RESULT(no) ]
2309 )
2310fi
2311
bd590612 2312AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2313 AC_TRY_COMPILE(
1cbbe6c8 2314 [
2315#include <sys/types.h>
2316#ifdef HAVE_STDINT_H
2317# include <stdint.h>
2318#endif
2319#include <sys/socket.h>
2320#ifdef HAVE_SYS_BITYPES_H
2321# include <sys/bitypes.h>
2322#endif
aff51935 2323 ],
2324 [ int64_t a; a = 1;],
bd590612 2325 [ ac_cv_have_int64_t="yes" ],
2326 [ ac_cv_have_int64_t="no" ]
2327 )
2328])
2329if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2330 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2331fi
2332
58d100bf 2333AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2334 AC_TRY_COMPILE(
aff51935 2335 [ #include <sys/types.h> ],
2336 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2337 [ ac_cv_have_u_intxx_t="yes" ],
2338 [ ac_cv_have_u_intxx_t="no" ]
2339 )
2340])
2341if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2342 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2343 have_u_intxx_t=1
2344fi
2b942fe0 2345
41cb4569 2346if test -z "$have_u_intxx_t" ; then
2347 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2348 AC_TRY_COMPILE(
aff51935 2349 [ #include <sys/socket.h> ],
2350 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2351 [
2352 AC_DEFINE(HAVE_U_INTXX_T)
2353 AC_MSG_RESULT(yes)
2354 ],
2355 [ AC_MSG_RESULT(no) ]
2356 )
2357fi
2358
bd590612 2359AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2360 AC_TRY_COMPILE(
aff51935 2361 [ #include <sys/types.h> ],
2362 [ u_int64_t a; a = 1;],
bd590612 2363 [ ac_cv_have_u_int64_t="yes" ],
2364 [ ac_cv_have_u_int64_t="no" ]
2365 )
2366])
2367if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2368 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2369 have_u_int64_t=1
2370fi
2371
ddceb1c8 2372if test -z "$have_u_int64_t" ; then
2373 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2374 AC_TRY_COMPILE(
aff51935 2375 [ #include <sys/bitypes.h> ],
ddceb1c8 2376 [ u_int64_t a; a = 1],
2377 [
2378 AC_DEFINE(HAVE_U_INT64_T)
2379 AC_MSG_RESULT(yes)
2380 ],
2381 [ AC_MSG_RESULT(no) ]
2382 )
2383fi
2384
41cb4569 2385if test -z "$have_u_intxx_t" ; then
2386 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2387 AC_TRY_COMPILE(
2388 [
2389#include <sys/types.h>
aff51935 2390 ],
2391 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2392 [ ac_cv_have_uintxx_t="yes" ],
2393 [ ac_cv_have_uintxx_t="no" ]
2394 )
2395 ])
2396 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2397 AC_DEFINE(HAVE_UINTXX_T, 1,
2398 [define if you have uintxx_t data type])
41cb4569 2399 fi
2400fi
2401
2402if test -z "$have_uintxx_t" ; then
2403 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2404 AC_TRY_COMPILE(
aff51935 2405 [ #include <stdint.h> ],
2406 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2407 [
2408 AC_DEFINE(HAVE_UINTXX_T)
2409 AC_MSG_RESULT(yes)
2410 ],
2411 [ AC_MSG_RESULT(no) ]
2412 )
2413fi
2414
e5fe9a1f 2415if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2416 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2417then
2418 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2419 AC_TRY_COMPILE(
58d100bf 2420 [
2421#include <sys/bitypes.h>
aff51935 2422 ],
5cdfe03f 2423 [
837c30b8 2424 int8_t a; int16_t b; int32_t c;
2425 u_int8_t e; u_int16_t f; u_int32_t g;
2426 a = b = c = e = f = g = 1;
aff51935 2427 ],
5cdfe03f 2428 [
2429 AC_DEFINE(HAVE_U_INTXX_T)
2430 AC_DEFINE(HAVE_INTXX_T)
2431 AC_MSG_RESULT(yes)
2432 ],
2433 [AC_MSG_RESULT(no)]
aff51935 2434 )
5cdfe03f 2435fi
2436
0362750e 2437
2438AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2439 AC_TRY_COMPILE(
2440 [
2441#include <sys/types.h>
2442 ],
2443 [ u_char foo; foo = 125; ],
2444 [ ac_cv_have_u_char="yes" ],
2445 [ ac_cv_have_u_char="no" ]
2446 )
2447])
2448if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2449 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2450fi
2451
98a7c37b 2452TYPE_SOCKLEN_T
2b942fe0 2453
2d16d9a3 2454AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2455
777ece68 2456AC_CHECK_TYPES(in_addr_t,,,
2457[#include <sys/types.h>
2458#include <netinet/in.h>])
7b578f7d 2459
58d100bf 2460AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2461 AC_TRY_COMPILE(
2462 [
18ba2aab 2463#include <sys/types.h>
58d100bf 2464 ],
2465 [ size_t foo; foo = 1235; ],
2466 [ ac_cv_have_size_t="yes" ],
2467 [ ac_cv_have_size_t="no" ]
2468 )
2469])
2470if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2471 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2472fi
ea1970a3 2473
c04f75f1 2474AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2475 AC_TRY_COMPILE(
2476 [
2477#include <sys/types.h>
2478 ],
2479 [ ssize_t foo; foo = 1235; ],
2480 [ ac_cv_have_ssize_t="yes" ],
2481 [ ac_cv_have_ssize_t="no" ]
2482 )
2483])
2484if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2485 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2486fi
2487
f1c4659d 2488AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2489 AC_TRY_COMPILE(
2490 [
2491#include <time.h>
2492 ],
2493 [ clock_t foo; foo = 1235; ],
2494 [ ac_cv_have_clock_t="yes" ],
2495 [ ac_cv_have_clock_t="no" ]
2496 )
2497])
2498if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2499 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2500fi
2501
1c04b088 2502AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2503 AC_TRY_COMPILE(
2504 [
2505#include <sys/types.h>
2506#include <sys/socket.h>
2507 ],
2508 [ sa_family_t foo; foo = 1235; ],
2509 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2510 [ AC_TRY_COMPILE(
2511 [
2512#include <sys/types.h>
2513#include <sys/socket.h>
2514#include <netinet/in.h>
2515 ],
2516 [ sa_family_t foo; foo = 1235; ],
2517 [ ac_cv_have_sa_family_t="yes" ],
2518
1c04b088 2519 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2520 )]
1c04b088 2521 )
2522])
2523if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2524 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2525 [define if you have sa_family_t data type])
1c04b088 2526fi
2527
729bfe59 2528AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2529 AC_TRY_COMPILE(
2530 [
2531#include <sys/types.h>
2532 ],
2533 [ pid_t foo; foo = 1235; ],
2534 [ ac_cv_have_pid_t="yes" ],
2535 [ ac_cv_have_pid_t="no" ]
2536 )
2537])
2538if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2539 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2540fi
2541
2542AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2543 AC_TRY_COMPILE(
2544 [
2545#include <sys/types.h>
2546 ],
2547 [ mode_t foo; foo = 1235; ],
2548 [ ac_cv_have_mode_t="yes" ],
2549 [ ac_cv_have_mode_t="no" ]
2550 )
2551])
2552if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2553 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2554fi
2555
e3a93db0 2556
58d100bf 2557AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2558 AC_TRY_COMPILE(
2559 [
18ba2aab 2560#include <sys/types.h>
2561#include <sys/socket.h>
58d100bf 2562 ],
2563 [ struct sockaddr_storage s; ],
2564 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2565 [ ac_cv_have_struct_sockaddr_storage="no" ]
2566 )
2567])
2568if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2569 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2570 [define if you have struct sockaddr_storage data type])
58d100bf 2571fi
48e671d5 2572
58d100bf 2573AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2574 AC_TRY_COMPILE(
2575 [
cbd7492e 2576#include <sys/types.h>
58d100bf 2577#include <netinet/in.h>
2578 ],
2579 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2580 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2581 [ ac_cv_have_struct_sockaddr_in6="no" ]
2582 )
2583])
2584if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2585 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2586 [define if you have struct sockaddr_in6 data type])
58d100bf 2587fi
48e671d5 2588
58d100bf 2589AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2590 AC_TRY_COMPILE(
2591 [
cbd7492e 2592#include <sys/types.h>
58d100bf 2593#include <netinet/in.h>
2594 ],
2595 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2596 [ ac_cv_have_struct_in6_addr="yes" ],
2597 [ ac_cv_have_struct_in6_addr="no" ]
2598 )
2599])
2600if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2601 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2602 [define if you have struct in6_addr data type])
58d100bf 2603fi
48e671d5 2604
58d100bf 2605AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2606 AC_TRY_COMPILE(
2607 [
18ba2aab 2608#include <sys/types.h>
2609#include <sys/socket.h>
2610#include <netdb.h>
58d100bf 2611 ],
2612 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2613 [ ac_cv_have_struct_addrinfo="yes" ],
2614 [ ac_cv_have_struct_addrinfo="no" ]
2615 )
2616])
2617if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2618 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2619 [define if you have struct addrinfo data type])
58d100bf 2620fi
2621
89c7e31c 2622AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2623 AC_TRY_COMPILE(
aff51935 2624 [ #include <sys/time.h> ],
2625 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2626 [ ac_cv_have_struct_timeval="yes" ],
2627 [ ac_cv_have_struct_timeval="no" ]
2628 )
2629])
2630if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2631 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2632 have_struct_timeval=1
2633fi
2634
5271b55c 2635AC_CHECK_TYPES(struct timespec)
2636
85abc74b 2637# We need int64_t or else certian parts of the compile will fail.
4b492aab 2638if test "x$ac_cv_have_int64_t" = "xno" && \
2639 test "x$ac_cv_sizeof_long_int" != "x8" && \
2640 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2641 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2642 echo "an alternative compiler (I.E., GCC) before continuing."
2643 echo ""
2644 exit 1;
733cf7f4 2645else
2646dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2647 AC_RUN_IFELSE(
479cece8 2648 [AC_LANG_SOURCE([[
733cf7f4 2649#include <stdio.h>
2650#include <string.h>
2651#ifdef HAVE_SNPRINTF
2652main()
2653{
2654 char buf[50];
2655 char expected_out[50];
2656 int mazsize = 50 ;
2657#if (SIZEOF_LONG_INT == 8)
2658 long int num = 0x7fffffffffffffff;
2659#else
763a1a18 2660 long long num = 0x7fffffffffffffffll;
733cf7f4 2661#endif
2662 strcpy(expected_out, "9223372036854775807");
2663 snprintf(buf, mazsize, "%lld", num);
2664 if(strcmp(buf, expected_out) != 0)
aff51935 2665 exit(1);
733cf7f4 2666 exit(0);
2667}
2668#else
2669main() { exit(0); }
2670#endif
479cece8 2671 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2672 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2673 )
2c523de9 2674fi
2675
77bb0bca 2676dnl Checks for structure members
58d100bf 2677OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2678OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2679OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2680OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2681OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2682OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2683OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2684OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2685OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2686OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2687OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2688OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2689OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2690OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2691OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2692OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2693OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2694
2695AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2696AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2697 [Define if we don't have struct __res_state in resolv.h])],
2698[
2699#include <stdio.h>
2700#if HAVE_SYS_TYPES_H
2701# include <sys/types.h>
2702#endif
2703#include <netinet/in.h>
2704#include <arpa/nameser.h>
2705#include <resolv.h>
2706])
1d7b9b20 2707
58d100bf 2708AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2709 ac_cv_have_ss_family_in_struct_ss, [
2710 AC_TRY_COMPILE(
2711 [
18ba2aab 2712#include <sys/types.h>
2713#include <sys/socket.h>
58d100bf 2714 ],
2715 [ struct sockaddr_storage s; s.ss_family = 1; ],
2716 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2717 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2718 )
2719])
2720if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2721 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2722fi
2723
58d100bf 2724AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2725 ac_cv_have___ss_family_in_struct_ss, [
2726 AC_TRY_COMPILE(
2727 [
18ba2aab 2728#include <sys/types.h>
2729#include <sys/socket.h>
58d100bf 2730 ],
2731 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2732 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2733 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2734 )
2735])
2736if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2737 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2738 [Fields in struct sockaddr_storage])
58d100bf 2739fi
2740
2e73a022 2741AC_CACHE_CHECK([for pw_class field in struct passwd],
2742 ac_cv_have_pw_class_in_struct_passwd, [
2743 AC_TRY_COMPILE(
2744 [
2e73a022 2745#include <pwd.h>
2746 ],
97994d32 2747 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2748 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2749 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2750 )
2751])
2752if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2753 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2754 [Define if your password has a pw_class field])
2e73a022 2755fi
2756
7751d4eb 2757AC_CACHE_CHECK([for pw_expire field in struct passwd],
2758 ac_cv_have_pw_expire_in_struct_passwd, [
2759 AC_TRY_COMPILE(
2760 [
2761#include <pwd.h>
2762 ],
2763 [ struct passwd p; p.pw_expire = 0; ],
2764 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2765 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2766 )
2767])
2768if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2769 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2770 [Define if your password has a pw_expire field])
7751d4eb 2771fi
2772
2773AC_CACHE_CHECK([for pw_change field in struct passwd],
2774 ac_cv_have_pw_change_in_struct_passwd, [
2775 AC_TRY_COMPILE(
2776 [
2777#include <pwd.h>
2778 ],
2779 [ struct passwd p; p.pw_change = 0; ],
2780 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2781 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2782 )
2783])
2784if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2785 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2786 [Define if your password has a pw_change field])
7751d4eb 2787fi
58d100bf 2788
637f9177 2789dnl make sure we're using the real structure members and not defines
6f34652e 2790AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2791 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2792 AC_COMPILE_IFELSE(
6f34652e 2793 [
f95c8ce8 2794#include <sys/types.h>
6f34652e 2795#include <sys/socket.h>
2796#include <sys/uio.h>
637f9177 2797int main() {
2798#ifdef msg_accrights
1a01a50c 2799#error "msg_accrights is a macro"
637f9177 2800exit(1);
2801#endif
2802struct msghdr m;
2803m.msg_accrights = 0;
2804exit(0);
2805}
6f34652e 2806 ],
6f34652e 2807 [ ac_cv_have_accrights_in_msghdr="yes" ],
2808 [ ac_cv_have_accrights_in_msghdr="no" ]
2809 )
2810])
2811if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2812 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2813 [Define if your system uses access rights style
2814 file descriptor passing])
6f34652e 2815fi
2816
7176df4f 2817AC_CACHE_CHECK([for msg_control field in struct msghdr],
2818 ac_cv_have_control_in_msghdr, [
1a01a50c 2819 AC_COMPILE_IFELSE(
7176df4f 2820 [
f95c8ce8 2821#include <sys/types.h>
7176df4f 2822#include <sys/socket.h>
2823#include <sys/uio.h>
637f9177 2824int main() {
2825#ifdef msg_control
1a01a50c 2826#error "msg_control is a macro"
637f9177 2827exit(1);
2828#endif
2829struct msghdr m;
2830m.msg_control = 0;
2831exit(0);
2832}
7176df4f 2833 ],
7176df4f 2834 [ ac_cv_have_control_in_msghdr="yes" ],
2835 [ ac_cv_have_control_in_msghdr="no" ]
2836 )
2837])
2838if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2839 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2840 [Define if your system uses ancillary data style
2841 file descriptor passing])
7176df4f 2842fi
2843
58d100bf 2844AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2845 AC_TRY_LINK([],
2846 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2847 [ ac_cv_libc_defines___progname="yes" ],
2848 [ ac_cv_libc_defines___progname="no" ]
2849 )
2850])
2851if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2852 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2853fi
8946db53 2854
c921ee00 2855AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2856 AC_TRY_LINK([
2857#include <stdio.h>
aff51935 2858],
2859 [ printf("%s", __FUNCTION__); ],
c921ee00 2860 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2861 [ ac_cv_cc_implements___FUNCTION__="no" ]
2862 )
2863])
2864if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2865 AC_DEFINE(HAVE___FUNCTION__, 1,
2866 [Define if compiler implements __FUNCTION__])
c921ee00 2867fi
2868
2869AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2870 AC_TRY_LINK([
2871#include <stdio.h>
aff51935 2872],
2873 [ printf("%s", __func__); ],
c921ee00 2874 [ ac_cv_cc_implements___func__="yes" ],
2875 [ ac_cv_cc_implements___func__="no" ]
2876 )
2877])
2878if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2879 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2880fi
2881
9a406e1e 2882AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2883 AC_TRY_LINK(
2884 [#include <stdarg.h>
2885 va_list x,y;],
2886 [va_copy(x,y);],
2887 [ ac_cv_have_va_copy="yes" ],
2888 [ ac_cv_have_va_copy="no" ]
2889 )
2890])
2891if test "x$ac_cv_have_va_copy" = "xyes" ; then
2892 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2893fi
2894
2895AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2896 AC_TRY_LINK(
2897 [#include <stdarg.h>
2898 va_list x,y;],
2899 [__va_copy(x,y);],
2900 [ ac_cv_have___va_copy="yes" ],
2901 [ ac_cv_have___va_copy="no" ]
2902 )
2903])
2904if test "x$ac_cv_have___va_copy" = "xyes" ; then
2905 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2906fi
2907
1812a662 2908AC_CACHE_CHECK([whether getopt has optreset support],
2909 ac_cv_have_getopt_optreset, [
2910 AC_TRY_LINK(
2911 [
2912#include <getopt.h>
2913 ],
2914 [ extern int optreset; optreset = 0; ],
2915 [ ac_cv_have_getopt_optreset="yes" ],
2916 [ ac_cv_have_getopt_optreset="no" ]
2917 )
2918])
2919if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 2920 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2921 [Define if your getopt(3) defines and uses optreset])
1812a662 2922fi
a0391976 2923
819b676f 2924AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2925 AC_TRY_LINK([],
2926 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2927 [ ac_cv_libc_defines_sys_errlist="yes" ],
2928 [ ac_cv_libc_defines_sys_errlist="no" ]
2929 )
2930])
2931if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 2932 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2933 [Define if your system defines sys_errlist[]])
819b676f 2934fi
2935
2936
416ed5a7 2937AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2938 AC_TRY_LINK([],
2939 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2940 [ ac_cv_libc_defines_sys_nerr="yes" ],
2941 [ ac_cv_libc_defines_sys_nerr="no" ]
2942 )
2943])
2944if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 2945 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 2946fi
2947
aff51935 2948SCARD_MSG="no"
295c8801 2949# Check whether user wants sectok support
2950AC_ARG_WITH(sectok,
2951 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2952 [
2953 if test "x$withval" != "xno" ; then
2954 if test "x$withval" != "xyes" ; then
2955 CPPFLAGS="$CPPFLAGS -I${withval}"
2956 LDFLAGS="$LDFLAGS -L${withval}"
2957 if test ! -z "$need_dash_r" ; then
2958 LDFLAGS="$LDFLAGS -R${withval}"
2959 fi
2960 if test ! -z "$blibpath" ; then
2961 blibpath="$blibpath:${withval}"
2962 fi
2963 fi
2964 AC_CHECK_HEADERS(sectok.h)
2965 if test "$ac_cv_header_sectok_h" != yes; then
2966 AC_MSG_ERROR(Can't find sectok.h)
2967 fi
2968 AC_CHECK_LIB(sectok, sectok_open)
2969 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2970 AC_MSG_ERROR(Can't find libsectok)
2971 fi
3466e002 2972 AC_DEFINE(SMARTCARD, 1,
2973 [Define if you want smartcard support])
2974 AC_DEFINE(USE_SECTOK, 1,
2975 [Define if you want smartcard support
2976 using sectok])
aff51935 2977 SCARD_MSG="yes, using sectok"
295c8801 2978 fi
2979 ]
2980)
2981
2982# Check whether user wants OpenSC support
987b458f 2983OPENSC_CONFIG="no"
295c8801 2984AC_ARG_WITH(opensc,
e47fb473 2985 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 2986 [
2987 if test "x$withval" != "xno" ; then
2988 if test "x$withval" != "xyes" ; then
2989 OPENSC_CONFIG=$withval/bin/opensc-config
2990 else
2991 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2992 fi
2993 if test "$OPENSC_CONFIG" != "no"; then
2994 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2995 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2996 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2997 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2998 AC_DEFINE(SMARTCARD)
3466e002 2999 AC_DEFINE(USE_OPENSC, 1,
3000 [Define if you want smartcard support
3001 using OpenSC])
987b458f 3002 SCARD_MSG="yes, using OpenSC"
3003 fi
3004 fi
3005 ]
3006)
d0b19c95 3007
c31dc31c 3008# Check libraries needed by DNS fingerprint support
aff51935 3009AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3010 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3011 [Define if getrrsetbyname() exists])],
3e05e934 3012 [
c31dc31c 3013 # Needed by our getrrsetbyname()
3014 AC_SEARCH_LIBS(res_query, resolv)
3015 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3016 AC_MSG_CHECKING(if res_query will link)
3017 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3018 [AC_MSG_RESULT(no)
3019 saved_LIBS="$LIBS"
3020 LIBS="$LIBS -lresolv"
3021 AC_MSG_CHECKING(for res_query in -lresolv)
3022 AC_LINK_IFELSE([
3023#include <resolv.h>
3024int main()
3025{
3026 res_query (0, 0, 0, 0, 0);
3027 return 0;
3028}
3029 ],
3030 [LIBS="$LIBS -lresolv"
3031 AC_MSG_RESULT(yes)],
3032 [LIBS="$saved_LIBS"
3033 AC_MSG_RESULT(no)])
3034 ])
c31dc31c 3035 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3036 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3037 [#include <sys/types.h>
3038 #include <arpa/nameser.h>])
c31dc31c 3039 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3040 [AC_DEFINE(HAVE_HEADER_AD, 1,
3041 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3042 [#include <arpa/nameser.h>])
3043 ])
3e05e934 3044
ef4d1846 3045# Check whether user wants SELinux support
3046SELINUX_MSG="no"
3047LIBSELINUX=""
3048AC_ARG_WITH(selinux,
3049 [ --with-selinux Enable SELinux support],
3050 [ if test "x$withval" != "xno" ; then
3051 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3052 SELINUX_MSG="yes"
3053 AC_CHECK_HEADER([selinux/selinux.h], ,
3054 AC_MSG_ERROR(SELinux support requires selinux.h header))
3055 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3056 AC_MSG_ERROR(SELinux support requires libselinux library))
3057 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3058 fi ]
3059)
3060AC_SUBST(LIBSELINUX)
3061
12928e80 3062# Check whether user wants Kerberos 5 support
aff51935 3063KRB5_MSG="no"
12928e80 3064AC_ARG_WITH(kerberos5,
aff51935 3065 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3066 [ if test "x$withval" != "xno" ; then
3067 if test "x$withval" = "xyes" ; then
3068 KRB5ROOT="/usr/local"
3069 else
3070 KRB5ROOT=${withval}
3071 fi
3072
3466e002 3073 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3074 KRB5_MSG="yes"
3075
3076 AC_MSG_CHECKING(for krb5-config)
3077 if test -x $KRB5ROOT/bin/krb5-config ; then
3078 KRB5CONF=$KRB5ROOT/bin/krb5-config
3079 AC_MSG_RESULT($KRB5CONF)
3080
3081 AC_MSG_CHECKING(for gssapi support)
3082 if $KRB5CONF | grep gssapi >/dev/null ; then
3083 AC_MSG_RESULT(yes)
3466e002 3084 AC_DEFINE(GSSAPI, 1,
3085 [Define this if you want GSSAPI
3086 support in the version 2 protocol])
071970fb 3087 k5confopts=gssapi
aff51935 3088 else
5585c441 3089 AC_MSG_RESULT(no)
071970fb 3090 k5confopts=""
aff51935 3091 fi
071970fb 3092 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3093 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3094 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3095 AC_MSG_CHECKING(whether we are using Heimdal)
3096 AC_TRY_COMPILE([ #include <krb5.h> ],
3097 [ char *tmp = heimdal_version; ],
3098 [ AC_MSG_RESULT(yes)
3466e002 3099 AC_DEFINE(HEIMDAL, 1,
3100 [Define this if you are using the
3101 Heimdal version of Kerberos V5]) ],
5585c441 3102 AC_MSG_RESULT(no)
3103 )
3104 else
3105 AC_MSG_RESULT(no)
12928e80 3106 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3107 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3108 AC_MSG_CHECKING(whether we are using Heimdal)
3109 AC_TRY_COMPILE([ #include <krb5.h> ],
3110 [ char *tmp = heimdal_version; ],
3111 [ AC_MSG_RESULT(yes)
3112 AC_DEFINE(HEIMDAL)
41707f74 3113 K5LIBS="-lkrb5 -ldes"
3114 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3115 AC_CHECK_LIB(roken, net_write,
41707f74 3116 [K5LIBS="$K5LIBS -lroken"])
aff51935 3117 ],
3118 [ AC_MSG_RESULT(no)
3119 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3120 ]
3121 )
4e00038c 3122 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3123
749560dd 3124 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3125 [ AC_DEFINE(GSSAPI)
3126 K5LIBS="-lgssapi $K5LIBS" ],
3127 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3128 [ AC_DEFINE(GSSAPI)
aff51935 3129 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3130 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3131 $K5LIBS)
3132 ],
3133 $K5LIBS)
82f4e93d 3134
749560dd 3135 AC_CHECK_HEADER(gssapi.h, ,
3136 [ unset ac_cv_header_gssapi_h
aff51935 3137 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3138 AC_CHECK_HEADERS(gssapi.h, ,
3139 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3140 )
749560dd 3141 ]
3142 )
3143
3144 oldCPP="$CPPFLAGS"
3145 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3146 AC_CHECK_HEADER(gssapi_krb5.h, ,
3147 [ CPPFLAGS="$oldCPP" ])
3148
aff51935 3149 fi
5585c441 3150 if test ! -z "$need_dash_r" ; then
3151 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3152 fi
3153 if test ! -z "$blibpath" ; then
3154 blibpath="$blibpath:${KRB5ROOT}/lib"
3155 fi
071970fb 3156
f5555364 3157 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3158 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3159 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3160
f5555364 3161 LIBS="$LIBS $K5LIBS"
3466e002 3162 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3163 [Define this if you want to use libkafs' AFS support]))
f5555364 3164 fi
071970fb 3165 ]
12928e80 3166)
b5b68128 3167
a0391976 3168# Looking for programs, paths and files
a0391976 3169
ecac8ee5 3170PRIVSEP_PATH=/var/empty
3171AC_ARG_WITH(privsep-path,
cda1ebcb 3172 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3173 [
6cf0200f 3174 if test -n "$withval" && test "x$withval" != "xno" && \
3175 test "x${withval}" != "xyes"; then
ecac8ee5 3176 PRIVSEP_PATH=$withval
3177 fi
3178 ]
3179)
3180AC_SUBST(PRIVSEP_PATH)
3181
a0391976 3182AC_ARG_WITH(xauth,
3183 [ --with-xauth=PATH Specify path to xauth program ],
3184 [
6cf0200f 3185 if test -n "$withval" && test "x$withval" != "xno" && \
3186 test "x${withval}" != "xyes"; then
cbd7492e 3187 xauth_path=$withval
a0391976 3188 fi
3189 ],
3190 [
2bf42e4a 3191 TestPath="$PATH"
3192 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3193 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3194 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3195 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3196 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3197 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3198 xauth_path="/usr/openwin/bin/xauth"
3199 fi
3200 ]
3201)
3202
65a4b4af 3203STRIP_OPT=-s
3204AC_ARG_ENABLE(strip,
3205 [ --disable-strip Disable calling strip(1) on install],
3206 [
3207 if test "x$enableval" = "xno" ; then
3208 STRIP_OPT=
3209 fi
3210 ]
3211)
3212AC_SUBST(STRIP_OPT)
3213
b3ec54b4 3214if test -z "$xauth_path" ; then
3215 XAUTH_PATH="undefined"
3216 AC_SUBST(XAUTH_PATH)
3217else
3466e002 3218 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3219 [Define if xauth is found in your path])
b3ec54b4 3220 XAUTH_PATH=$xauth_path
3221 AC_SUBST(XAUTH_PATH)
a0391976 3222fi
a0391976 3223
3224# Check for mail directory (last resort if we cannot get it from headers)
3225if test ! -z "$MAIL" ; then
3226 maildir=`dirname $MAIL`
3466e002 3227 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3228 [Set this to your mail directory if you don't have maillock.h])
a0391976 3229fi
3230
479cece8 3231if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3232 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3233 disable_ptmx_check=yes
3234fi
a0391976 3235if test -z "$no_dev_ptmx" ; then
6e879cb4 3236 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3237 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3238 [
3466e002 3239 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3240 [Define if you have /dev/ptmx])
6e879cb4 3241 have_dev_ptmx=1
3242 ]
3243 )
3244 fi
3276571c 3245fi
1a01a50c 3246
479cece8 3247if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3248 AC_CHECK_FILE("/dev/ptc",
3249 [
3466e002 3250 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3251 [Define if you have /dev/ptc])
1a01a50c 3252 have_dev_ptc=1
3253 ]
3254 )
3255else
3256 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3257fi
3276571c 3258
a0391976 3259# Options from here on. Some of these are preset by platform above
fdf6b7aa 3260AC_ARG_WITH(mantype,
5d97cfbf 3261 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3262 [
5d97cfbf 3263 case "$withval" in
3264 man|cat|doc)
3265 MANTYPE=$withval
3266 ;;
3267 *)
3268 AC_MSG_ERROR(invalid man type: $withval)
3269 ;;
3270 esac
c54a6257 3271 ]
3272)
e0c4d3ac 3273if test -z "$MANTYPE"; then
2bf42e4a 3274 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3275 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3276 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3277 MANTYPE=doc
3278 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3279 MANTYPE=man
3280 else
3281 MANTYPE=cat
3282 fi
3283fi
c54a6257 3284AC_SUBST(MANTYPE)
e0c4d3ac 3285if test "$MANTYPE" = "doc"; then
3286 mansubdir=man;
3287else
3288 mansubdir=$MANTYPE;
3289fi
3290AC_SUBST(mansubdir)
0bc5b6fb 3291
a0391976 3292# Check whether to enable MD5 passwords
aff51935 3293MD5_MSG="no"
2ddcfdf3 3294AC_ARG_WITH(md5-passwords,
caf3bc51 3295 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3296 [
bcf36c78 3297 if test "x$withval" != "xno" ; then
3466e002 3298 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3299 [Define if you want to allow MD5 passwords])
aff51935 3300 MD5_MSG="yes"
0bc5b6fb 3301 fi
3302 ]
caf3bc51 3303)
3304
a0391976 3305# Whether to disable shadow password support
a7effaac 3306AC_ARG_WITH(shadow,
3307 [ --without-shadow Disable shadow password support],
3308 [
82f4e93d 3309 if test "x$withval" = "xno" ; then
a7effaac 3310 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3311 disable_shadow=yes
a7effaac 3312 fi
3313 ]
3314)
3315
4cb5ffa0 3316if test -z "$disable_shadow" ; then
3317 AC_MSG_CHECKING([if the systems has expire shadow information])
3318 AC_TRY_COMPILE(
3319 [
3320#include <sys/types.h>
3321#include <shadow.h>
3322 struct spwd sp;
3323 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3324 [ sp_expire_available=yes ], []
3325 )
3326
3327 if test "x$sp_expire_available" = "xyes" ; then
3328 AC_MSG_RESULT(yes)
3466e002 3329 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3330 [Define if you want to use shadow password expire field])
4cb5ffa0 3331 else
3332 AC_MSG_RESULT(no)
3333 fi
3334fi
3335
a0391976 3336# Use ip address instead of hostname in $DISPLAY
44839801 3337if test ! -z "$IPADDR_IN_DISPLAY" ; then
3338 DISPLAY_HACK_MSG="yes"
3466e002 3339 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3340 [Define if you need to use IP address
3341 instead of hostname in $DISPLAY])
44839801 3342else
aff51935 3343 DISPLAY_HACK_MSG="no"
44839801 3344 AC_ARG_WITH(ipaddr-display,
3345 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3346 [
82f4e93d 3347 if test "x$withval" != "xno" ; then
44839801 3348 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3349 DISPLAY_HACK_MSG="yes"
44839801 3350 fi
3351 ]
3352 )
3353fi
a7effaac 3354
95b99395 3355# check for /etc/default/login and use it if present.
daa41e62 3356AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3357 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3358 [ if test "x$enableval" = "xno"; then
3359 AC_MSG_NOTICE([/etc/default/login handling disabled])
3360 etc_default_login=no
3361 else
3362 etc_default_login=yes
3363 fi ],
b0e7249f 3364 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3365 then
3366 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3367 etc_default_login=no
3368 else
3369 etc_default_login=yes
3370 fi ]
694d0cef 3371)
95b99395 3372
694d0cef 3373if test "x$etc_default_login" != "xno"; then
3374 AC_CHECK_FILE("/etc/default/login",
3375 [ external_path_file=/etc/default/login ])
b0e7249f 3376 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3377 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3378 [Define if your system has /etc/default/login])
1a01a50c 3379 fi
694d0cef 3380fi
95b99395 3381
8d184c09 3382dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3383if test $ac_cv_func_login_getcapbool = "yes" && \
3384 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3385 external_path_file=/etc/login.conf
8d184c09 3386fi
95b99395 3387
a0391976 3388# Whether to mess with the default path
aff51935 3389SERVER_PATH_MSG="(default)"
c43d69a9 3390AC_ARG_WITH(default-path,
75817f90 3391 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3392 [
95b99395 3393 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3394 AC_MSG_WARN([
3395--with-default-path=PATH has no effect on this system.
3396Edit /etc/login.conf instead.])
82f4e93d 3397 elif test "x$withval" != "xno" ; then
89bbd457 3398 if test ! -z "$external_path_file" ; then
95b99395 3399 AC_MSG_WARN([
3400--with-default-path=PATH will only be used if PATH is not defined in
3401$external_path_file .])
3402 fi
b2d818e6 3403 user_path="$withval"
aff51935 3404 SERVER_PATH_MSG="$withval"
cb807f40 3405 fi
b2d818e6 3406 ],
95b99395 3407 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3408 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3409 else
89bbd457 3410 if test ! -z "$external_path_file" ; then
95b99395 3411 AC_MSG_WARN([
3412If PATH is defined in $external_path_file, ensure the path to scp is included,
3413otherwise scp will not work.])
3414 fi
b0e7249f 3415 AC_RUN_IFELSE(
3416 [AC_LANG_SOURCE([[
b2d818e6 3417/* find out what STDPATH is */
3418#include <stdio.h>
b2d818e6 3419#ifdef HAVE_PATHS_H
3420# include <paths.h>
3421#endif
3422#ifndef _PATH_STDPATH
d9a4e55b 3423# ifdef _PATH_USERPATH /* Irix */
3424# define _PATH_STDPATH _PATH_USERPATH
3425# else
3426# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3427# endif
b2d818e6 3428#endif
3429#include <sys/types.h>
3430#include <sys/stat.h>
3431#include <fcntl.h>
3432#define DATA "conftest.stdpath"
3433
3434main()
3435{
3436 FILE *fd;
3437 int rc;
82f4e93d 3438
b2d818e6 3439 fd = fopen(DATA,"w");
3440 if(fd == NULL)
3441 exit(1);
82f4e93d 3442
b2d818e6 3443 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3444 exit(1);
3445
3446 exit(0);
3447}
b0e7249f 3448 ]])],
3449 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3450 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3451 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3452 )
3453# make sure $bindir is in USER_PATH so scp will work
3454 t_bindir=`eval echo ${bindir}`
3455 case $t_bindir in
3456 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3457 esac
3458 case $t_bindir in
3459 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3460 esac
3461 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3462 if test $? -ne 0 ; then
3463 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3464 if test $? -ne 0 ; then
3465 user_path=$user_path:$t_bindir
3466 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3467 fi
3468 fi
8d184c09 3469 fi ]
cb807f40 3470)
95b99395 3471if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3472 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3473 AC_SUBST(user_path)
3474fi
cb807f40 3475
06617857 3476# Set superuser path separately to user path
06617857 3477AC_ARG_WITH(superuser-path,
3478 [ --with-superuser-path= Specify different path for super-user],
3479 [
6cf0200f 3480 if test -n "$withval" && test "x$withval" != "xno" && \
3481 test "x${withval}" != "xyes"; then
3466e002 3482 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3483 [Define if you want a different $PATH
3484 for the superuser])
06617857 3485 superuser_path=$withval
3486 fi
3487 ]
3488)
3489
3490
58d100bf 3491AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3492IPV4_IN6_HACK_MSG="no"
80faa19f 3493AC_ARG_WITH(4in6,
3494 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3495 [
3496 if test "x$withval" != "xno" ; then
3497 AC_MSG_RESULT(yes)
3466e002 3498 AC_DEFINE(IPV4_IN_IPV6, 1,
3499 [Detect IPv4 in IPv6 mapped addresses
3500 and treat as IPv4])
aff51935 3501 IPV4_IN6_HACK_MSG="yes"
80faa19f 3502 else
3503 AC_MSG_RESULT(no)
3504 fi
3505 ],[
3506 if test "x$inet6_default_4in6" = "xyes"; then
3507 AC_MSG_RESULT([yes (default)])
3508 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3509 IPV4_IN6_HACK_MSG="yes"
80faa19f 3510 else
3511 AC_MSG_RESULT([no (default)])
3512 fi
3513 ]
3514)
3515
af774732 3516# Whether to enable BSD auth support
f1b0ecc3 3517BSD_AUTH_MSG=no
af774732 3518AC_ARG_WITH(bsd-auth,
3519 [ --with-bsd-auth Enable BSD auth support],
3520 [
82f4e93d 3521 if test "x$withval" != "xno" ; then
3466e002 3522 AC_DEFINE(BSD_AUTH, 1,
3523 [Define if you have BSD auth support])
f1b0ecc3 3524 BSD_AUTH_MSG=yes
af774732 3525 fi
3526 ]
3527)
3528
a0391976 3529# Where to place sshd.pid
19d9ac2a 3530piddir=/var/run
81dadca3 3531# make sure the directory exists
82f4e93d 3532if test ! -d $piddir ; then
81dadca3 3533 piddir=`eval echo ${sysconfdir}`
3534 case $piddir in
aff51935 3535 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3536 esac
3537fi
3538
47e45e44 3539AC_ARG_WITH(pid-dir,
3540 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3541 [
6cf0200f 3542 if test -n "$withval" && test "x$withval" != "xno" && \
3543 test "x${withval}" != "xyes"; then
19d9ac2a 3544 piddir=$withval
82f4e93d 3545 if test ! -d $piddir ; then
81dadca3 3546 AC_MSG_WARN([** no $piddir directory on this system **])
3547 fi
47e45e44 3548 fi
3549 ]
3550)
b7a87eea 3551
3466e002 3552AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3553AC_SUBST(piddir)
47e45e44 3554
1d7b9b20 3555dnl allow user to disable some login recording features
3556AC_ARG_ENABLE(lastlog,
bfd550a2 3557 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3558 [
3559 if test "x$enableval" = "xno" ; then
3560 AC_DEFINE(DISABLE_LASTLOG)
3561 fi
3562 ]
1d7b9b20 3563)
3564AC_ARG_ENABLE(utmp,
bfd550a2 3565 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3566 [
3567 if test "x$enableval" = "xno" ; then
3568 AC_DEFINE(DISABLE_UTMP)
3569 fi
3570 ]
1d7b9b20 3571)
3572AC_ARG_ENABLE(utmpx,
bfd550a2 3573 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3574 [
3575 if test "x$enableval" = "xno" ; then
3466e002 3576 AC_DEFINE(DISABLE_UTMPX, 1,
3577 [Define if you don't want to use utmpx])
ddb154b3 3578 fi
3579 ]
1d7b9b20 3580)
3581AC_ARG_ENABLE(wtmp,
bfd550a2 3582 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3583 [
3584 if test "x$enableval" = "xno" ; then
3585 AC_DEFINE(DISABLE_WTMP)
3586 fi
3587 ]
1d7b9b20 3588)
3589AC_ARG_ENABLE(wtmpx,
bfd550a2 3590 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3591 [
3592 if test "x$enableval" = "xno" ; then
3466e002 3593 AC_DEFINE(DISABLE_WTMPX, 1,
3594 [Define if you don't want to use wtmpx])
ddb154b3 3595 fi
3596 ]
1d7b9b20 3597)
3598AC_ARG_ENABLE(libutil,
bfd550a2 3599 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3600 [
3601 if test "x$enableval" = "xno" ; then
3602 AC_DEFINE(DISABLE_LOGIN)
3603 fi
3604 ]
1d7b9b20 3605)
3606AC_ARG_ENABLE(pututline,
bfd550a2 3607 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3608 [
3609 if test "x$enableval" = "xno" ; then
3466e002 3610 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3611 [Define if you don't want to use pututline()
3612 etc. to write [uw]tmp])
ddb154b3 3613 fi
3614 ]
1d7b9b20 3615)
3616AC_ARG_ENABLE(pututxline,
bfd550a2 3617 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3618 [
3619 if test "x$enableval" = "xno" ; then
3466e002 3620 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3621 [Define if you don't want to use pututxline()
3622 etc. to write [uw]tmpx])
ddb154b3 3623 fi
3624 ]
1d7b9b20 3625)
3626AC_ARG_WITH(lastlog,
bfd550a2 3627 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3628 [
82f4e93d 3629 if test "x$withval" = "xno" ; then
8c89dd2b 3630 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3631 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3632 conf_lastlog_location=$withval
3633 fi
3634 ]
3635)
1d7b9b20 3636
3637dnl lastlog, [uw]tmpx? detection
3638dnl NOTE: set the paths in the platform section to avoid the
3639dnl need for command-line parameters
3640dnl lastlog and [uw]tmp are subject to a file search if all else fails
3641
3642dnl lastlog detection
3643dnl NOTE: the code itself will detect if lastlog is a directory
3644AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3645AC_TRY_COMPILE([
3646#include <sys/types.h>
3647#include <utmp.h>
3648#ifdef HAVE_LASTLOG_H
3649# include <lastlog.h>
3650#endif
d7c0f3d5 3651#ifdef HAVE_PATHS_H
1d7b9b20 3652# include <paths.h>
41cb4569 3653#endif
3654#ifdef HAVE_LOGIN_H
3655# include <login.h>
1d7b9b20 3656#endif
3657 ],
3658 [ char *lastlog = LASTLOG_FILE; ],
3659 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3660 [
3661 AC_MSG_RESULT(no)
3662 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3663 AC_TRY_COMPILE([
3664#include <sys/types.h>
3665#include <utmp.h>
3666#ifdef HAVE_LASTLOG_H
3667# include <lastlog.h>
3668#endif
3669#ifdef HAVE_PATHS_H
3670# include <paths.h>
3671#endif
3672 ],
3673 [ char *lastlog = _PATH_LASTLOG; ],
3674 [ AC_MSG_RESULT(yes) ],
3675 [
f282b668 3676 AC_MSG_RESULT(no)
d7c0f3d5 3677 system_lastlog_path=no
3678 ])
3679 ]
1d7b9b20 3680)
d7c0f3d5 3681
1d7b9b20 3682if test -z "$conf_lastlog_location"; then
3683 if test x"$system_lastlog_path" = x"no" ; then
3684 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3685 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3686 conf_lastlog_location=$f
3687 fi
3688 done
3689 if test -z "$conf_lastlog_location"; then
f8119cef 3690 AC_MSG_WARN([** Cannot find lastlog **])
3691 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3692 fi
3693 fi
3694fi
3695
3696if test -n "$conf_lastlog_location"; then
3466e002 3697 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3698 [Define if you want to specify the path to your lastlog file])
82f4e93d 3699fi
1d7b9b20 3700
3701dnl utmp detection
3702AC_MSG_CHECKING([if your system defines UTMP_FILE])
3703AC_TRY_COMPILE([
3704#include <sys/types.h>
3705#include <utmp.h>
d7c0f3d5 3706#ifdef HAVE_PATHS_H
1d7b9b20 3707# include <paths.h>
3708#endif
3709 ],
3710 [ char *utmp = UTMP_FILE; ],
3711 [ AC_MSG_RESULT(yes) ],
3712 [ AC_MSG_RESULT(no)
3713 system_utmp_path=no ]
3714)
3715if test -z "$conf_utmp_location"; then
3716 if test x"$system_utmp_path" = x"no" ; then
3717 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3718 if test -f $f ; then
3719 conf_utmp_location=$f
3720 fi
3721 done
3722 if test -z "$conf_utmp_location"; then
3723 AC_DEFINE(DISABLE_UTMP)
3724 fi
3725 fi
3726fi
3727if test -n "$conf_utmp_location"; then
3466e002 3728 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3729 [Define if you want to specify the path to your utmp file])
82f4e93d 3730fi
1d7b9b20 3731
3732dnl wtmp detection
3733AC_MSG_CHECKING([if your system defines WTMP_FILE])
3734AC_TRY_COMPILE([
3735#include <sys/types.h>
3736#include <utmp.h>
d7c0f3d5 3737#ifdef HAVE_PATHS_H
1d7b9b20 3738# include <paths.h>
3739#endif
3740 ],
3741 [ char *wtmp = WTMP_FILE; ],
3742 [ AC_MSG_RESULT(yes) ],
3743 [ AC_MSG_RESULT(no)
3744 system_wtmp_path=no ]
3745)
3746if test -z "$conf_wtmp_location"; then
3747 if test x"$system_wtmp_path" = x"no" ; then
3748 for f in /usr/adm/wtmp /var/log/wtmp; do
3749 if test -f $f ; then
3750 conf_wtmp_location=$f
3751 fi
3752 done
3753 if test -z "$conf_wtmp_location"; then
3754 AC_DEFINE(DISABLE_WTMP)
3755 fi
3756 fi
3757fi
3758if test -n "$conf_wtmp_location"; then
3466e002 3759 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3760 [Define if you want to specify the path to your wtmp file])
82f4e93d 3761fi
1d7b9b20 3762
3763
3764dnl utmpx detection - I don't know any system so perverse as to require
3765dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3766dnl there, though.
3767AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3768AC_TRY_COMPILE([
3769#include <sys/types.h>
3770#include <utmp.h>
3771#ifdef HAVE_UTMPX_H
3772#include <utmpx.h>
3773#endif
d7c0f3d5 3774#ifdef HAVE_PATHS_H
1d7b9b20 3775# include <paths.h>
3776#endif
3777 ],
3778 [ char *utmpx = UTMPX_FILE; ],
3779 [ AC_MSG_RESULT(yes) ],
3780 [ AC_MSG_RESULT(no)
3781 system_utmpx_path=no ]
3782)
3783if test -z "$conf_utmpx_location"; then
3784 if test x"$system_utmpx_path" = x"no" ; then
3785 AC_DEFINE(DISABLE_UTMPX)
3786 fi
3787else
3466e002 3788 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3789 [Define if you want to specify the path to your utmpx file])
82f4e93d 3790fi
1d7b9b20 3791
3792dnl wtmpx detection
3793AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3794AC_TRY_COMPILE([
3795#include <sys/types.h>
3796#include <utmp.h>
3797#ifdef HAVE_UTMPX_H
3798#include <utmpx.h>
3799#endif
d7c0f3d5 3800#ifdef HAVE_PATHS_H
1d7b9b20 3801# include <paths.h>
3802#endif
3803 ],
3804 [ char *wtmpx = WTMPX_FILE; ],
3805 [ AC_MSG_RESULT(yes) ],
3806 [ AC_MSG_RESULT(no)
3807 system_wtmpx_path=no ]
3808)
3809if test -z "$conf_wtmpx_location"; then
3810 if test x"$system_wtmpx_path" = x"no" ; then
3811 AC_DEFINE(DISABLE_WTMPX)
3812 fi
3813else
3466e002 3814 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3815 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3816fi
1d7b9b20 3817
b7a87eea 3818
bd499f9e 3819if test ! -z "$blibpath" ; then
68ece370 3820 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3821 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3822fi
3823
ed89c848 3824dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3825dnl Add now.
3826CFLAGS="$CFLAGS $werror_flags"
3827
3c62e7eb 3828AC_EXEEXT
d7cfdd7c 3829AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
46096a5b 3830 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3831AC_OUTPUT
d3083fbd 3832
cbd7492e 3833# Print summary of options
3834
cbd7492e 3835# Someone please show me a better way :)
3836A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3837B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3838C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3839D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3840E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3841F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3842G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3843H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3844I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3845J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3846
3847echo ""
26de7942 3848echo "OpenSSH has been configured with the following options:"
ecac8ee5 3849echo " User binaries: $B"
3850echo " System binaries: $C"
3851echo " Configuration files: $D"
3852echo " Askpass program: $E"
3853echo " Manual pages: $F"
3854echo " PID file: $G"
3855echo " Privilege separation chroot path: $H"
95b99395 3856if test "x$external_path_file" = "x/etc/login.conf" ; then
3857echo " At runtime, sshd will use the path defined in $external_path_file"
3858echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3859else
ecac8ee5 3860echo " sshd default user PATH: $I"
89bbd457 3861 if test ! -z "$external_path_file"; then
95b99395 3862echo " (If PATH is set in $external_path_file it will be used instead. If"
3863echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3864 fi
8d184c09 3865fi
06617857 3866if test ! -z "$superuser_path" ; then
ecac8ee5 3867echo " sshd superuser user PATH: $J"
3868fi
3869echo " Manpage format: $MANTYPE"
3e05e934 3870echo " PAM support: $PAM_MSG"
ecac8ee5 3871echo " KerberosV support: $KRB5_MSG"
ef4d1846 3872echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3873echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3874echo " S/KEY support: $SKEY_MSG"
3875echo " TCP Wrappers support: $TCPW_MSG"
3876echo " MD5 password support: $MD5_MSG"
59031773 3877echo " libedit support: $LIBEDIT_MSG"
3deb1408 3878echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3879echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3880echo " BSD Auth support: $BSD_AUTH_MSG"
3881echo " Random number source: $RAND_MSG"
f1b0ecc3 3882if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3883echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3884fi
3885
cbd7492e 3886echo ""
3887
0c2fb82f 3888echo " Host: ${host}"
3889echo " Compiler: ${CC}"
3890echo " Compiler flags: ${CFLAGS}"
3891echo "Preprocessor flags: ${CPPFLAGS}"
3892echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3893echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3894
3895echo ""
3896
9cefe228 3897if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3898 echo "SVR4 style packages are supported with \"make package\""
3899 echo ""
9cefe228 3900fi
3901
adeebd37 3902if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3903 echo "PAM is enabled. You may need to install a PAM control file "
3904 echo "for sshd, otherwise password authentication may fail. "
aff51935 3905 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3906 echo "subdirectory"
adeebd37 3907 echo ""
3908fi
3909
f1b0ecc3 3910if test ! -z "$RAND_HELPER_CMDHASH" ; then
3911 echo "WARNING: you are using the builtin random number collection "
3912 echo "service. Please read WARNING.RNG and request that your OS "
3913 echo "vendor includes kernel-based random number collection in "
3914 echo "future versions of your OS."
2c523de9 3915 echo ""
3916fi
af774732 3917
2f6f9cff 3918if test ! -z "$NO_PEERCHECK" ; then
3919 echo "WARNING: the operating system that you are using does not "
3920 echo "appear to support either the getpeereid() API nor the "
3921 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3922 echo "enforce security checks to prevent unauthorised connections to "
3923 echo "ssh-agent. Their absence increases the risk that a malicious "
3924 echo "user can connect to your agent. "
3925 echo ""
3926fi
3927
7b578f7d 3928if test "$AUDIT_MODULE" = "bsm" ; then
3929 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3930 echo "See the Solaris section in README.platform for details."
3931fi
git-cvsimport mirror of OpenSSH
This page took 1.060244 seconds and 5 git commands to generate.