]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
82f4e93d 78
d423d822 79AC_C_INLINE
dfafb2e1 80
81AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
82
aff51935 83if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 84 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
44d71ad5 85 CFLAGS="$CFLAGS -Wsign-compare"
8a3ff1aa 86
dfafb2e1 87 if test -z "$have_llong_max"; then
88 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
89 unset ac_cv_have_decl_LLONG_MAX
90 saved_CFLAGS="$CFLAGS"
91 CFLAGS="$CFLAGS -std=gnu99"
92 AC_CHECK_DECL(LLONG_MAX,
93 [have_llong_max=1],
94 [CFLAGS="$saved_CFLAGS"],
95 [#include <limits.h>]
96 )
97 fi
d423d822 98fi
99
343ba2ce 100if test -z "$have_llong_max"; then
101 AC_MSG_CHECKING([for max value of long long])
102 AC_RUN_IFELSE(
103 [AC_LANG_SOURCE([[
104#include <stdio.h>
105/* Why is this so damn hard? */
106#ifdef __GNUC__
107# undef __GNUC__
108#endif
109#define __USE_ISOC99
110#include <limits.h>
111#define DATA "conftest.llminmax"
112int main(void) {
113 FILE *f;
114 long long i, llmin, llmax = 0;
115
116 if((f = fopen(DATA,"w")) == NULL)
117 exit(1);
118
119#if defined(LLONG_MIN) && defined(LLONG_MAX)
120 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
121 llmin = LLONG_MIN;
122 llmax = LLONG_MAX;
123#else
124 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
125 /* This will work on one's complement and two's complement */
126 for (i = 1; i > llmax; i <<= 1, i++)
127 llmax = i;
128 llmin = llmax + 1LL; /* wrap */
129#endif
130
131 /* Sanity check */
132 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
133 || llmax - 1 > llmax) {
134 fprintf(f, "unknown unknown\n");
135 exit(2);
136 }
137
138 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
139 exit(3);
140
141 exit(0);
142}
143 ]])],
144 [
145 llong_min=`$AWK '{print $1}' conftest.llminmax`
146 llong_max=`$AWK '{print $2}' conftest.llminmax`
147 AC_MSG_RESULT($llong_max)
148 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
149 [max value of long long calculated by configure])
150 AC_MSG_CHECKING([for min value of long long])
151 AC_MSG_RESULT($llong_min)
152 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
153 [min value of long long calculated by configure])
154 ],
155 [
156 AC_MSG_RESULT(not found)
157 ],
158 [
159 AC_MSG_WARN([cross compiling: not checking])
160 ]
161 )
162fi
163
e6354014 164AC_ARG_WITH(rpath,
165 [ --without-rpath Disable auto-added -R linker paths],
166 [
82f4e93d 167 if test "x$withval" = "xno" ; then
e6354014 168 need_dash_r=""
169 fi
170 if test "x$withval" = "xyes" ; then
171 need_dash_r=1
172 fi
173 ]
174)
175
a0391976 176# Check for some target-specific stuff
a7effaac 177case "$host" in
9d6b1b96 178*-*-aix*)
aff51935 179 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 180 if (test -z "$blibpath"); then
0a15d73b 181 blibpath="/usr/lib:/lib"
68ece370 182 fi
183 saved_LDFLAGS="$LDFLAGS"
184 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
185 if (test -z "$blibflags"); then
186 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
187 AC_TRY_LINK([], [], [blibflags=$tryflags])
188 fi
189 done
190 if (test -z "$blibflags"); then
191 AC_MSG_RESULT(not found)
192 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
193 else
194 AC_MSG_RESULT($blibflags)
bd499f9e 195 fi
68ece370 196 LDFLAGS="$saved_LDFLAGS"
e351e493 197 dnl Check for authenticate. Might be in libs.a on older AIXes
198 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 199 [AC_CHECK_LIB(s,authenticate,
e351e493 200 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 201 LIBS="$LIBS -ls"
202 ])
203 ])
ba603e06 204 dnl Check for various auth function declarations in headers.
c85ed8e2 205 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 206 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 207 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 208 AC_CHECK_DECLS(loginfailed,
e351e493 209 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
210 AC_TRY_COMPILE(
f58c0e01 211 [#include <usersec.h>],
e351e493 212 [(void)loginfailed("user","host","tty",0);],
213 [AC_MSG_RESULT(yes)
214 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 215 [AC_MSG_RESULT(no)]
e351e493 216 )],
217 [],
218 [#include <usersec.h>]
219 )
2aa3a16c 220 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 221 check_for_aix_broken_getaddrinfo=1
1352689f 222 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 223 AC_DEFINE(SETEUID_BREAKS_SETUID)
224 AC_DEFINE(BROKEN_SETREUID)
225 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 226 dnl AIX handles lastlog as part of its login message
227 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 228 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 229 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 230 ;;
3c62e7eb 231*-*-cygwin*)
a52997bd 232 check_for_libcrypt_later=1
ffb8d130 233 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 234 AC_DEFINE(HAVE_CYGWIN)
7043a38d 235 AC_DEFINE(USE_PIPES)
3c62e7eb 236 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 237 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 238 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 239 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 240 AC_DEFINE(DISABLE_FD_PASSING)
3c62e7eb 241 ;;
d6fdb079 242*-*-dgux*)
243 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 244 AC_DEFINE(SETEUID_BREAKS_SETUID)
245 AC_DEFINE(BROKEN_SETREUID)
246 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 247 ;;
39c98ef7 248*-*-darwin*)
33e2e066 249 AC_MSG_CHECKING(if we have working getaddrinfo)
250 AC_TRY_RUN([#include <mach-o/dyld.h>
251main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
252 exit(0);
253 else
254 exit(1);
255}], [AC_MSG_RESULT(working)],
256 [AC_MSG_RESULT(buggy)
257 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 258 [AC_MSG_RESULT(assume it is working)])
635e0c42 259 AC_DEFINE(SETEUID_BREAKS_SETUID)
260 AC_DEFINE(BROKEN_SETREUID)
261 AC_DEFINE(BROKEN_SETREGID)
ff620033 262 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 263 ;;
7d458c86 264*-*-hpux*)
265 # first we define all of the options common to all HP-UX releases
b8fea62d 266 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 267 IPADDR_IN_DISPLAY=yes
2b10f47a 268 AC_DEFINE(USE_PIPES)
a2572aa7 269 AC_DEFINE(LOGIN_NO_ENDOPT)
270 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 271 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 272 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 273 LIBS="$LIBS -lsec"
7d458c86 274 AC_CHECK_LIB(xnet, t_error, ,
275 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
276
277 # next, we define all of the options specific to major releases
278 case "$host" in
279 *-*-hpux10*)
280 if test -z "$GCC"; then
281 CFLAGS="$CFLAGS -Ae"
282 fi
283 ;;
284 *-*-hpux11*)
285 AC_DEFINE(PAM_SUN_CODEBASE)
286 AC_DEFINE(DISABLE_UTMP)
287 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
288 check_for_hpux_broken_getaddrinfo=1
289 check_for_conflicting_getspnam=1
290 ;;
291 esac
292
293 # lastly, we define options specific to minor releases
294 case "$host" in
295 *-*-hpux10.26)
296 AC_DEFINE(HAVE_SECUREWARE)
297 disable_ptmx_check=yes
298 LIBS="$LIBS -lsecpw"
299 ;;
300 esac
2b763e31 301 ;;
d94aa2ae 302*-*-irix5*)
6ac7829a 303 PATH="$PATH:/usr/etc"
416ed5a7 304 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 305 AC_DEFINE(SETEUID_BREAKS_SETUID)
306 AC_DEFINE(BROKEN_SETREUID)
307 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 308 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 309 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 310 ;;
311*-*-irix6*)
6ac7829a 312 PATH="$PATH:/usr/etc"
3206bb3b 313 AC_DEFINE(WITH_IRIX_ARRAY)
314 AC_DEFINE(WITH_IRIX_PROJECT)
315 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 316 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 317 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 318 AC_DEFINE(SETEUID_BREAKS_SETUID)
319 AC_DEFINE(BROKEN_SETREUID)
320 AC_DEFINE(BROKEN_SETREGID)
3d59832f 321 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 322 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 323 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 324 ;;
5cdfe03f 325*-*-linux*)
326 no_dev_ptmx=1
717057b6 327 check_for_libcrypt_later=1
eacb954e 328 check_for_openpty_ctty_bug=1
80faa19f 329 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 330 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 331 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 332 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 333 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 334 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
335 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 336 inet6_default_4in6=yes
bf7c1e6c 337 case `uname -r` in
ad84c479 338 1.*|2.0.*)
bf7c1e6c 339 AC_DEFINE(BROKEN_CMSG_TYPE)
340 ;;
bf7c1e6c 341 esac
5cdfe03f 342 ;;
66d6c27e 343mips-sony-bsd|mips-sony-newsos4)
35fc74ed 344 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
66d6c27e 345 SONY=1
66d6c27e 346 ;;
d468fc76 347*-*-netbsd*)
33e2e066 348 check_for_libcrypt_before=1
82f4e93d 349 if test "x$withval" != "xno" ; then
e6354014 350 need_dash_r=1
351 fi
d468fc76 352 ;;
86b416a7 353*-*-freebsd*)
354 check_for_libcrypt_later=1
355 ;;
8707b7eb 356*-*-bsdi*)
357 AC_DEFINE(SETEUID_BREAKS_SETUID)
358 AC_DEFINE(BROKEN_SETREUID)
359 AC_DEFINE(BROKEN_SETREGID)
360 ;;
729bfe59 361*-next-*)
729bfe59 362 conf_lastlog_location="/usr/adm/lastlog"
698d107e 363 conf_utmp_location=/etc/utmp
364 conf_wtmp_location=/usr/adm/wtmp
365 MAIL=/usr/spool/mail
729bfe59 366 AC_DEFINE(HAVE_NEXT)
443172c4 367 AC_DEFINE(BROKEN_REALPATH)
00937921 368 AC_DEFINE(USE_PIPES)
86b416a7 369 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 370 ;;
5b7b5e23 371*-*-openbsd*)
372 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
373 ;;
9d6b1b96 374*-*-solaris*)
82f4e93d 375 if test "x$withval" != "xno" ; then
010e9d5b 376 need_dash_r=1
377 fi
adeebd37 378 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 379 AC_DEFINE(LOGIN_NEEDS_UTMPX)
380 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 381 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 382 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 383 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 384 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
385 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 386 external_path_file=/etc/default/login
1d7b9b20 387 # hardwire lastlog location (can't detect it on some versions)
388 conf_lastlog_location="/var/adm/lastlog"
32c80420 389 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
390 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
391 if test "$sol2ver" -ge 8; then
392 AC_MSG_RESULT(yes)
393 AC_DEFINE(DISABLE_UTMP)
394 AC_DEFINE(DISABLE_WTMP)
395 else
396 AC_MSG_RESULT(no)
397 fi
9d6b1b96 398 ;;
a423beaf 399*-*-sunos4*)
0c2fb82f 400 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 401 AC_CHECK_FUNCS(getpwanam)
adeebd37 402 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 403 conf_utmp_location=/etc/utmp
404 conf_wtmp_location=/var/adm/wtmp
405 conf_lastlog_location=/var/adm/lastlog
137d7b6c 406 AC_DEFINE(USE_PIPES)
a423beaf 407 ;;
6f68f28a 408*-ncr-sysv*)
98a7c37b 409 LIBS="$LIBS -lc89"
29525240 410 AC_DEFINE(USE_PIPES)
eabb99c6 411 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 412 AC_DEFINE(SETEUID_BREAKS_SETUID)
413 AC_DEFINE(BROKEN_SETREUID)
414 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 415 ;;
132dd316 416*-sni-sysv*)
c8c15bcb 417 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 418 AC_CHECK_LIB(dl, dlsym, ,)
85cf54ec 419 # -lresolv needs to be at then end of LIBS or DNS lookups break
420 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
9548d6c8 421 IPADDR_IN_DISPLAY=yes
422 AC_DEFINE(USE_PIPES)
132dd316 423 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 424 AC_DEFINE(SETEUID_BREAKS_SETUID)
425 AC_DEFINE(BROKEN_SETREUID)
426 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 427 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 428 external_path_file=/etc/default/login
c8c15bcb 429 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
430 # Attention: always take care to bind libsocket and libnsl before libc,
431 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 432 ;;
79a7ba96 433# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 434*-*-sysv4.2*)
ed6553e2 435 AC_DEFINE(USE_PIPES)
7ed101c0 436 AC_DEFINE(SETEUID_BREAKS_SETUID)
437 AC_DEFINE(BROKEN_SETREUID)
438 AC_DEFINE(BROKEN_SETREGID)
46f853b9 439 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
77bb0bca 440 ;;
79a7ba96 441# UnixWare 7.x, OpenUNIX 8
77bb0bca 442*-*-sysv5*)
ed6553e2 443 AC_DEFINE(USE_PIPES)
7ed101c0 444 AC_DEFINE(SETEUID_BREAKS_SETUID)
445 AC_DEFINE(BROKEN_SETREUID)
446 AC_DEFINE(BROKEN_SETREGID)
46f853b9 447 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
822015dd 448 case "$host" in
449 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
450 TEST_SHELL=/u95/bin/sh
451 ;;
452 esac
77bb0bca 453 ;;
9d6b1b96 454*-*-sysv*)
9d6b1b96 455 ;;
79a7ba96 456# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 457*-*-sco3.2v4*)
11cf4f1f 458 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 459 ;;
79a7ba96 460# SCO OpenServer 5.x
77bb0bca 461*-*-sco3.2v5*)
21710e39 462 if test -z "$GCC"; then
463 CFLAGS="$CFLAGS -belf"
464 fi
ed6553e2 465 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 466 no_dev_ptmx=1
ed6553e2 467 AC_DEFINE(USE_PIPES)
6e879cb4 468 AC_DEFINE(HAVE_SECUREWARE)
d287c664 469 AC_DEFINE(DISABLE_SHADOW)
94d8258b 470 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 471 AC_DEFINE(SETEUID_BREAKS_SETUID)
472 AC_DEFINE(BROKEN_SETREUID)
473 AC_DEFINE(BROKEN_SETREGID)
bcebad47 474 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 475 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 476 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 477 AC_CHECK_FUNCS(getluid setluid)
533875af 478 MANTYPE=man
a3245b92 479 TEST_SHELL=ksh
509b1f88 480 ;;
ccbb983c 481*-*-unicosmk*)
c1ad5966 482 AC_DEFINE(NO_SSH_LASTLOG)
483 AC_DEFINE(SETEUID_BREAKS_SETUID)
484 AC_DEFINE(BROKEN_SETREUID)
485 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 486 AC_DEFINE(USE_PIPES)
487 AC_DEFINE(DISABLE_FD_PASSING)
488 LDFLAGS="$LDFLAGS"
489 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
490 MANTYPE=cat
d262b7f2 491 ;;
7b9a8c6e 492*-*-unicosmp*)
c1ad5966 493 AC_DEFINE(SETEUID_BREAKS_SETUID)
494 AC_DEFINE(BROKEN_SETREUID)
495 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 496 AC_DEFINE(WITH_ABBREV_NO_TTY)
497 AC_DEFINE(USE_PIPES)
498 AC_DEFINE(DISABLE_FD_PASSING)
499 LDFLAGS="$LDFLAGS"
c1ad5966 500 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 501 MANTYPE=cat
502 ;;
ca5c7d6a 503*-*-unicos*)
c1ad5966 504 AC_DEFINE(SETEUID_BREAKS_SETUID)
505 AC_DEFINE(BROKEN_SETREUID)
506 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 507 AC_DEFINE(USE_PIPES)
94d8258b 508 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 509 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 510 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
511 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
512 MANTYPE=cat
a704dd54 513 ;;
4d33e531 514*-dec-osf*)
99c8ddac 515 AC_MSG_CHECKING(for Digital Unix SIA)
516 no_osfsia=""
517 AC_ARG_WITH(osfsia,
518 [ --with-osfsia Enable Digital Unix SIA],
519 [
520 if test "x$withval" = "xno" ; then
521 AC_MSG_RESULT(disabled)
522 no_osfsia=1
523 fi
524 ],
525 )
526 if test -z "$no_osfsia" ; then
4d33e531 527 if test -f /etc/sia/matrix.conf; then
528 AC_MSG_RESULT(yes)
529 AC_DEFINE(HAVE_OSF_SIA)
530 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 531 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 532 LIBS="$LIBS -lsecurity -ldb -lm -laud"
533 else
534 AC_MSG_RESULT(no)
dbf8efb3 535 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 536 fi
537 fi
a6e67b60 538 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 539 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 540 AC_DEFINE(BROKEN_SETREUID)
541 AC_DEFINE(BROKEN_SETREGID)
4d33e531 542 ;;
41cb4569 543
544*-*-nto-qnx)
545 AC_DEFINE(USE_PIPES)
546 AC_DEFINE(NO_X11_UNIX_SOCKETS)
547 AC_DEFINE(MISSING_NFDBITS)
548 AC_DEFINE(MISSING_HOWMANY)
549 AC_DEFINE(MISSING_FD_MASK)
550 ;;
35fc74ed 551
552*-*-ultrix*)
553 AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1])
554 AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files])
555 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
b5765e1d 556 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
557 ;;
a7effaac 558esac
559
8e7b16f8 560# Allow user to specify flags
561AC_ARG_WITH(cflags,
562 [ --with-cflags Specify additional flags to pass to compiler],
563 [
6cf0200f 564 if test -n "$withval" && test "x$withval" != "xno" && \
565 test "x${withval}" != "xyes"; then
8e7b16f8 566 CFLAGS="$CFLAGS $withval"
567 fi
82f4e93d 568 ]
8e7b16f8 569)
0c2fb82f 570AC_ARG_WITH(cppflags,
571 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
572 [
6cf0200f 573 if test -n "$withval" && test "x$withval" != "xno" && \
574 test "x${withval}" != "xyes"; then
0c2fb82f 575 CPPFLAGS="$CPPFLAGS $withval"
576 fi
577 ]
578)
8e7b16f8 579AC_ARG_WITH(ldflags,
97b378bf 580 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 581 [
6cf0200f 582 if test -n "$withval" && test "x$withval" != "xno" && \
583 test "x${withval}" != "xyes"; then
8e7b16f8 584 LDFLAGS="$LDFLAGS $withval"
585 fi
82f4e93d 586 ]
8e7b16f8 587)
588AC_ARG_WITH(libs,
589 [ --with-libs Specify additional libraries to link with],
590 [
6cf0200f 591 if test -n "$withval" && test "x$withval" != "xno" && \
592 test "x${withval}" != "xyes"; then
8e7b16f8 593 LIBS="$LIBS $withval"
594 fi
82f4e93d 595 ]
8e7b16f8 596)
597
c5829391 598AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 599AC_RUN_IFELSE(
600 [AC_LANG_SOURCE([
c5829391 601#include <stdio.h>
602int main(){exit(0);}
479cece8 603 ])],
c5829391 604 [ AC_MSG_RESULT(yes) ],
605 [
606 AC_MSG_RESULT(no)
607 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 608 ],
609 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 610)
611
b04a9f8c 612dnl Checks for header files.
613AC_CHECK_HEADERS( \
614 bstring.h \
615 crypt.h \
616 dirent.h \
617 endian.h \
618 features.h \
619 floatingpoint.h \
620 getopt.h \
621 glob.h \
622 ia.h \
623 lastlog.h \
624 limits.h \
625 login.h \
626 login_cap.h \
627 maillock.h \
628 ndir.h \
629 netdb.h \
630 netgroup.h \
631 netinet/in_systm.h \
632 pam/pam_appl.h \
633 paths.h \
634 pty.h \
635 readpassphrase.h \
636 rpc/types.h \
637 security/pam_appl.h \
638 shadow.h \
639 stddef.h \
640 stdint.h \
0957c2cf 641 string.h \
b04a9f8c 642 strings.h \
643 sys/audit.h \
644 sys/bitypes.h \
645 sys/bsdtty.h \
646 sys/cdefs.h \
647 sys/dir.h \
648 sys/mman.h \
649 sys/ndir.h \
650 sys/prctl.h \
651 sys/pstat.h \
652 sys/select.h \
653 sys/stat.h \
654 sys/stream.h \
655 sys/stropts.h \
656 sys/strtio.h \
657 sys/sysmacros.h \
658 sys/time.h \
659 sys/timers.h \
660 sys/un.h \
661 time.h \
662 tmpdir.h \
663 ttyent.h \
25dd2ce6 664 unistd.h \
b04a9f8c 665 usersec.h \
666 util.h \
667 utime.h \
668 utmp.h \
669 utmpx.h \
ea76f54c 670 vis.h \
b04a9f8c 671)
ddceb1c8 672
765a24cd 673# sys/ptms.h requires sys/stream.h to be included first on Solaris
674AC_CHECK_HEADERS(sys/ptms.h, [], [], [
675#ifdef HAVE_SYS_STREAM_H
676# include <sys/stream.h>
677#endif
678])
679
a0391976 680# Checks for libraries.
98a7c37b 681AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
682AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 683
446227d6 684dnl IRIX and Solaris 2.5.1 have dirname() in libgen
685AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
686 AC_CHECK_LIB(gen, dirname,[
687 AC_CACHE_CHECK([for broken dirname],
688 ac_cv_have_broken_dirname, [
689 save_LIBS="$LIBS"
690 LIBS="$LIBS -lgen"
691 AC_TRY_RUN(
692 [
693#include <libgen.h>
694#include <string.h>
695
696int main(int argc, char **argv) {
697 char *s, buf[32];
698
699 strncpy(buf,"/etc", 32);
700 s = dirname(buf);
701 if (!s || strncmp(s, "/", 32) != 0) {
702 exit(1);
703 } else {
704 exit(0);
705 }
706}
707 ],
708 [ ac_cv_have_broken_dirname="no" ],
709 [ ac_cv_have_broken_dirname="yes" ]
710 )
711 LIBS="$save_LIBS"
712 ])
713 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
714 LIBS="$LIBS -lgen"
715 AC_DEFINE(HAVE_DIRNAME)
716 AC_CHECK_HEADERS(libgen.h)
717 fi
718 ])
719])
720
721AC_CHECK_FUNC(getspnam, ,
722 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
723AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
724
98a7c37b 725dnl zlib is required
726AC_ARG_WITH(zlib,
727 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 728 [ if test "x$withval" = "xno" ; then
729 AC_MSG_ERROR([*** zlib is required ***])
730 elif test "x$withval" != "xyes"; then
98a7c37b 731 if test -d "$withval/lib"; then
732 if test -n "${need_dash_r}"; then
5a162955 733 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 734 else
5a162955 735 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 736 fi
737 else
738 if test -n "${need_dash_r}"; then
5a162955 739 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 740 else
5a162955 741 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 742 fi
743 fi
744 if test -d "$withval/include"; then
5a162955 745 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 746 else
5a162955 747 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 748 fi
6dd05556 749 fi ]
98a7c37b 750)
751
0a15d73b 752AC_CHECK_LIB(z, deflate, ,
753 [
754 saved_CPPFLAGS="$CPPFLAGS"
755 saved_LDFLAGS="$LDFLAGS"
756 save_LIBS="$LIBS"
757 dnl Check default zlib install dir
758 if test -n "${need_dash_r}"; then
759 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
760 else
761 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
762 fi
763 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
764 LIBS="$LIBS -lz"
765 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
766 [
767 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
768 ]
769 )
770 ]
771)
4ad65809 772AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 773
774AC_ARG_WITH(zlib-version-check,
775 [ --without-zlib-version-check Disable zlib version check],
776 [ if test "x$withval" = "xno" ; then
777 zlib_check_nonfatal=1
778 fi
779 ]
780)
781
5c7fc85d 782AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 783AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 784#include <stdio.h>
4ad65809 785#include <zlib.h>
786int main()
787{
5c7fc85d 788 int a=0, b=0, c=0, d=0, n, v;
789 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
790 if (n != 3 && n != 4)
4ad65809 791 exit(1);
5c7fc85d 792 v = a*1000000 + b*10000 + c*100 + d;
793 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
794
795 /* 1.1.4 is OK */
796 if (a == 1 && b == 1 && c >= 4)
4ad65809 797 exit(0);
5c7fc85d 798
799 /* 1.2.1.2 and up are OK */
800 if (v >= 1020102)
801 exit(0);
802
4ad65809 803 exit(2);
804}
479cece8 805 ]])],
5c7fc85d 806 AC_MSG_RESULT(no),
807 [ AC_MSG_RESULT(yes)
8068d564 808 if test -z "$zlib_check_nonfatal" ; then
809 AC_MSG_ERROR([*** zlib too old - check config.log ***
810Your reported zlib version has known security problems. It's possible your
811vendor has fixed these problems without changing the version number. If you
812are sure this is the case, you can disable the check by running
813"./configure --without-zlib-version-check".
5c7fc85d 814If you are in doubt, upgrade zlib to version 1.2.1.2 or greater.
815See http://www.gzip.org/zlib/ for details.])
8068d564 816 else
817 AC_MSG_WARN([zlib version may have security problems])
818 fi
1a01a50c 819 ],
820 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 821)
48e7916f 822
2c523de9 823dnl UnixWare 2.x
aff51935 824AC_CHECK_FUNC(strcasecmp,
2c523de9 825 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
826)
aff51935 827AC_CHECK_FUNC(utimes,
cda1ebcb 828 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
829 LIBS="$LIBS -lc89"]) ]
2c523de9 830)
4cca272e 831
7c6d759d 832dnl Checks for libutil functions
833AC_CHECK_HEADERS(libutil.h)
834AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
835AC_CHECK_FUNCS(logout updwtmp logwtmp)
836
a738c3b0 837AC_FUNC_STRFTIME
838
84ceda19 839# Check for ALTDIRFUNC glob() extension
840AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
841AC_EGREP_CPP(FOUNDIT,
842 [
843 #include <glob.h>
844 #ifdef GLOB_ALTDIRFUNC
845 FOUNDIT
846 #endif
aff51935 847 ],
84ceda19 848 [
849 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
850 AC_MSG_RESULT(yes)
851 ],
852 [
853 AC_MSG_RESULT(no)
854 ]
855)
4cca272e 856
40849fdb 857# Check for g.gl_matchc glob() extension
858AC_MSG_CHECKING(for gl_matchc field in glob_t)
859AC_EGREP_CPP(FOUNDIT,
aff51935 860 [
861 #include <glob.h>
40849fdb 862 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 863 ],
864 [
865 AC_DEFINE(GLOB_HAS_GL_MATCHC)
866 AC_MSG_RESULT(yes)
867 ],
868 [
869 AC_MSG_RESULT(no)
870 ]
40849fdb 871)
872
edbe6722 873AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 874AC_RUN_IFELSE(
479cece8 875 [AC_LANG_SOURCE([[
edbe6722 876#include <sys/types.h>
877#include <dirent.h>
aec4cb4f 878int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 879 ]])],
aff51935 880 [AC_MSG_RESULT(yes)],
edbe6722 881 [
882 AC_MSG_RESULT(no)
883 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 884 ],
82f4e93d 885 [
1a01a50c 886 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
887 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 888 ]
889)
890
419e26e7 891AC_MSG_CHECKING([for /proc/pid/fd directory])
892if test -d "/proc/$$/fd" ; then
893 AC_DEFINE(HAVE_PROC_PID)
894 AC_MSG_RESULT(yes)
895else
896 AC_MSG_RESULT(no)
897fi
898
278588d8 899# Check whether user wants S/Key support
aff51935 900SKEY_MSG="no"
278588d8 901AC_ARG_WITH(skey,
6ff3d0dc 902 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 903 [
904 if test "x$withval" != "xno" ; then
905
906 if test "x$withval" != "xyes" ; then
907 CPPFLAGS="$CPPFLAGS -I${withval}/include"
908 LDFLAGS="$LDFLAGS -L${withval}/lib"
909 fi
910
911 AC_DEFINE(SKEY)
912 LIBS="-lskey $LIBS"
aff51935 913 SKEY_MSG="yes"
82f4e93d 914
ddceb1c8 915 AC_MSG_CHECKING([for s/key support])
916 AC_TRY_RUN(
917 [
918#include <stdio.h>
919#include <skey.h>
aec4cb4f 920int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 921 ],
922 [AC_MSG_RESULT(yes)],
278588d8 923 [
ddceb1c8 924 AC_MSG_RESULT(no)
278588d8 925 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
926 ])
141fc639 927 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
928 AC_TRY_COMPILE(
929 [#include <stdio.h>
930 #include <skey.h>],
931 [(void)skeychallenge(NULL,"name","",0);],
932 [AC_MSG_RESULT(yes)
933 AC_DEFINE(SKEYCHALLENGE_4ARG)],
934 [AC_MSG_RESULT(no)]
935 )
278588d8 936 fi
937 ]
938)
939
940# Check whether user wants TCP wrappers support
98a7c37b 941TCPW_MSG="no"
278588d8 942AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 943 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 944 [
945 if test "x$withval" != "xno" ; then
946 saved_LIBS="$LIBS"
98a7c37b 947 saved_LDFLAGS="$LDFLAGS"
948 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 949 if test -n "${withval}" && \
6cf0200f 950 test "x${withval}" != "xyes"; then
98a7c37b 951 if test -d "${withval}/lib"; then
952 if test -n "${need_dash_r}"; then
5a162955 953 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 954 else
5a162955 955 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 956 fi
957 else
958 if test -n "${need_dash_r}"; then
5a162955 959 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 960 else
5a162955 961 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 962 fi
963 fi
964 if test -d "${withval}/include"; then
5a162955 965 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 966 else
5a162955 967 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 968 fi
98a7c37b 969 fi
ddceb1c8 970 LIBWRAP="-lwrap"
971 LIBS="$LIBWRAP $LIBS"
278588d8 972 AC_MSG_CHECKING(for libwrap)
973 AC_TRY_LINK(
974 [
77f09220 975#include <sys/types.h>
976#include <sys/socket.h>
977#include <netinet/in.h>
278588d8 978#include <tcpd.h>
979 int deny_severity = 0, allow_severity = 0;
980 ],
981 [hosts_access(0);],
982 [
983 AC_MSG_RESULT(yes)
984 AC_DEFINE(LIBWRAP)
ddceb1c8 985 AC_SUBST(LIBWRAP)
98a7c37b 986 TCPW_MSG="yes"
278588d8 987 ],
988 [
989 AC_MSG_ERROR([*** libwrap missing])
990 ]
991 )
ddceb1c8 992 LIBS="$saved_LIBS"
278588d8 993 fi
994 ]
995)
996
59031773 997# Check whether user wants libedit support
998LIBEDIT_MSG="no"
999AC_ARG_WITH(libedit,
6ff3d0dc 1000 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1001 [ if test "x$withval" != "xno" ; then
737edf04 1002 if test "x$withval" != "xyes"; then
1003 CPPFLAGS="$CPPFLAGS -I$withval/include"
1004 LDFLAGS="$LDFLAGS -L$withval/lib"
1005 fi
59031773 1006 AC_CHECK_LIB(edit, el_init,
1007 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
1008 LIBEDIT="-ledit -lcurses"
1009 LIBEDIT_MSG="yes"
1010 AC_SUBST(LIBEDIT)
1011 ],
737edf04 1012 [ AC_MSG_ERROR(libedit not found) ],
1013 [ -lcurses ]
59031773 1014 )
1015 fi ]
1016)
1017
7b578f7d 1018AUDIT_MODULE=none
1019AC_ARG_WITH(audit,
1020 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1021 [
1022 AC_MSG_CHECKING(for supported audit module)
1023 case "$withval" in
1024 bsm)
1025 AC_MSG_RESULT(bsm)
1026 AUDIT_MODULE=bsm
1027 dnl Checks for headers, libs and functions
1028 AC_CHECK_HEADERS(bsm/audit.h, [],
1029 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1030 AC_CHECK_LIB(bsm, getaudit, [],
1031 [AC_MSG_ERROR(BSM enabled and required library not found)])
1032 AC_CHECK_FUNCS(getaudit, [],
1033 [AC_MSG_ERROR(BSM enabled and required function not found)])
1034 # These are optional
7939c496 1035 AC_CHECK_FUNCS(getaudit_addr)
7b578f7d 1036 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module])
1037 ;;
1038 debug)
1039 AUDIT_MODULE=debug
1040 AC_MSG_RESULT(debug)
1041 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
1042 ;;
1043 *)
1044 AC_MSG_ERROR([Unknown audit module $withval])
1045 ;;
1046 esac ]
1047)
1048
19160674 1049dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1050AC_CHECK_FUNCS( \
1051 arc4random \
1052 b64_ntop \
1053 __b64_ntop \
1054 b64_pton \
1055 __b64_pton \
1056 bcopy \
1057 bindresvport_sa \
1058 clock \
1059 closefrom \
1060 dirfd \
1061 fchdir \
1062 fchmod \
1063 fchown \
1064 freeaddrinfo \
1065 futimes \
1066 getaddrinfo \
1067 getcwd \
1068 getgrouplist \
1069 getnameinfo \
1070 getopt \
1071 getpeereid \
1072 _getpty \
1073 getrlimit \
1074 getttyent \
1075 glob \
1076 inet_aton \
1077 inet_ntoa \
1078 inet_ntop \
1079 innetgr \
1080 login_getcapbool \
1081 md5_crypt \
1082 memmove \
1083 mkdtemp \
1084 mmap \
1085 ngetaddrinfo \
1086 nsleep \
1087 ogetaddrinfo \
1088 openlog_r \
1089 openpty \
1090 prctl \
1091 pstat \
1092 readpassphrase \
1093 realpath \
1094 recvmsg \
1095 rresvport_af \
1096 sendmsg \
1097 setdtablesize \
1098 setegid \
1099 setenv \
1100 seteuid \
1101 setgroups \
1102 setlogin \
1103 setpcred \
1104 setproctitle \
1105 setregid \
1106 setreuid \
1107 setrlimit \
1108 setsid \
1109 setvbuf \
1110 sigaction \
1111 sigvec \
1112 snprintf \
1113 socketpair \
1114 strdup \
1115 strerror \
1116 strlcat \
1117 strlcpy \
1118 strmode \
1119 strnvis \
1120 strtonum \
1e29a0c8 1121 strtoll \
b04a9f8c 1122 strtoul \
1123 sysconf \
1124 tcgetpgrp \
1125 truncate \
1126 unsetenv \
1127 updwtmpx \
1128 utimes \
1129 vhangup \
1130 vsnprintf \
1131 waitpid \
19160674 1132)
98a7c37b 1133
1a086f97 1134# IRIX has a const char return value for gai_strerror()
1135AC_CHECK_FUNCS(gai_strerror,[
1136 AC_DEFINE(HAVE_GAI_STRERROR)
1137 AC_TRY_COMPILE([
1138#include <sys/types.h>
1139#include <sys/socket.h>
1140#include <netdb.h>
1141
1142const char *gai_strerror(int);],[
1143char *str;
1144
1145str = gai_strerror(0);],[
1146 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1147 [Define if gai_strerror() returns const char *])])])
1148
92b1decf 1149AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
1150
309709db 1151dnl Make sure prototypes are defined for these before using them.
309709db 1152AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1153AC_CHECK_DECL(strsep,
1154 [AC_CHECK_FUNCS(strsep)],
1155 [],
1156 [
1157#ifdef HAVE_STRING_H
1158# include <string.h>
1159#endif
1160 ])
08412d26 1161
3490699c 1162dnl tcsendbreak might be a macro
1163AC_CHECK_DECL(tcsendbreak,
1164 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1165 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1166 [#include <termios.h>]
1167)
1168
41e0e158 1169AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1170
3f176010 1171AC_CHECK_FUNCS(setresuid, [
1172 dnl Some platorms have setresuid that isn't implemented, test for this
1173 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1174 AC_RUN_IFELSE(
1175 [AC_LANG_SOURCE([[
9a3fe0e2 1176#include <stdlib.h>
1177#include <errno.h>
1178int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1179 ]])],
3f176010 1180 [AC_MSG_RESULT(yes)],
24a9171d 1181 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 1182 AC_MSG_RESULT(not implemented)],
1183 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1184 )
1185])
9a3fe0e2 1186
3f176010 1187AC_CHECK_FUNCS(setresgid, [
1188 dnl Some platorms have setresgid that isn't implemented, test for this
1189 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1190 AC_RUN_IFELSE(
1191 [AC_LANG_SOURCE([[
9a3fe0e2 1192#include <stdlib.h>
1193#include <errno.h>
1194int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1195 ]])],
3f176010 1196 [AC_MSG_RESULT(yes)],
1197 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 1198 AC_MSG_RESULT(not implemented)],
1199 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1200 )
1201])
9a3fe0e2 1202
2e73a022 1203dnl Checks for time functions
1d7b9b20 1204AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1205dnl Checks for utmp functions
b03bd394 1206AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1207AC_CHECK_FUNCS(utmpname)
2e73a022 1208dnl Checks for utmpx functions
b03bd394 1209AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1210AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1211
aff51935 1212AC_CHECK_FUNC(daemon,
beb43d31 1213 [AC_DEFINE(HAVE_DAEMON)],
1214 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
1215)
1216
aff51935 1217AC_CHECK_FUNC(getpagesize,
aa6bd60a 1218 [AC_DEFINE(HAVE_GETPAGESIZE)],
1219 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
1220)
1221
2647ae26 1222# Check for broken snprintf
1223if test "x$ac_cv_func_snprintf" = "xyes" ; then
1224 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1225 AC_RUN_IFELSE(
479cece8 1226 [AC_LANG_SOURCE([[
2647ae26 1227#include <stdio.h>
aec4cb4f 1228int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1229 ]])],
aff51935 1230 [AC_MSG_RESULT(yes)],
2647ae26 1231 [
1232 AC_MSG_RESULT(no)
1233 AC_DEFINE(BROKEN_SNPRINTF)
1234 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1235 ],
1236 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1237 )
1238fi
1239
2f6f9cff 1240# Check for missing getpeereid (or equiv) support
1241NO_PEERCHECK=""
1242if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1243 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1244 AC_TRY_COMPILE(
1245 [#include <sys/types.h>
1246 #include <sys/socket.h>],
1247 [int i = SO_PEERCRED;],
62eb7db4 1248 [ AC_MSG_RESULT(yes)
1249 AC_DEFINE(HAVE_SO_PEERCRED, [], [Have PEERCRED socket option])
1250 ],
2f6f9cff 1251 [AC_MSG_RESULT(no)
1252 NO_PEERCHECK=1]
1253 )
1254fi
1255
70e7d0b0 1256dnl see whether mkstemp() requires XXXXXX
1257if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1258AC_MSG_CHECKING([for (overly) strict mkstemp])
1259AC_TRY_RUN(
1260 [
1261#include <stdlib.h>
1262main() { char template[]="conftest.mkstemp-test";
1263if (mkstemp(template) == -1)
1264 exit(1);
1265unlink(template); exit(0);
1266}
1267 ],
1268 [
1269 AC_MSG_RESULT(no)
1270 ],
aff51935 1271 [
70e7d0b0 1272 AC_MSG_RESULT(yes)
1273 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1274 ],
1275 [
1276 AC_MSG_RESULT(yes)
1277 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1278 ]
70e7d0b0 1279)
1280fi
1281
eacb954e 1282dnl make sure that openpty does not reacquire controlling terminal
1283if test ! -z "$check_for_openpty_ctty_bug"; then
1284 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1285 AC_TRY_RUN(
1286 [
1287#include <stdio.h>
1288#include <sys/fcntl.h>
1289#include <sys/types.h>
1290#include <sys/wait.h>
1291
1292int
1293main()
1294{
1295 pid_t pid;
1296 int fd, ptyfd, ttyfd, status;
1297
1298 pid = fork();
1299 if (pid < 0) { /* failed */
1300 exit(1);
1301 } else if (pid > 0) { /* parent */
1302 waitpid(pid, &status, 0);
aff51935 1303 if (WIFEXITED(status))
eacb954e 1304 exit(WEXITSTATUS(status));
1305 else
1306 exit(2);
1307 } else { /* child */
1308 close(0); close(1); close(2);
1309 setsid();
1310 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1311 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1312 if (fd >= 0)
1313 exit(3); /* Acquired ctty: broken */
1314 else
1315 exit(0); /* Did not acquire ctty: OK */
1316 }
1317}
1318 ],
1319 [
1320 AC_MSG_RESULT(yes)
1321 ],
1322 [
1323 AC_MSG_RESULT(no)
1324 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1325 ]
1326 )
1327fi
1328
4b492aab 1329if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1330 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1331 AC_MSG_CHECKING(if getaddrinfo seems to work)
1332 AC_TRY_RUN(
1333 [
1334#include <stdio.h>
1335#include <sys/socket.h>
1336#include <netdb.h>
1337#include <errno.h>
1338#include <netinet/in.h>
1339
1340#define TEST_PORT "2222"
1341
1342int
1343main(void)
1344{
1345 int err, sock;
1346 struct addrinfo *gai_ai, *ai, hints;
1347 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1348
1349 memset(&hints, 0, sizeof(hints));
1350 hints.ai_family = PF_UNSPEC;
1351 hints.ai_socktype = SOCK_STREAM;
1352 hints.ai_flags = AI_PASSIVE;
1353
1354 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1355 if (err != 0) {
1356 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1357 exit(1);
1358 }
1359
1360 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1361 if (ai->ai_family != AF_INET6)
1362 continue;
1363
1364 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1365 sizeof(ntop), strport, sizeof(strport),
1366 NI_NUMERICHOST|NI_NUMERICSERV);
1367
1368 if (err != 0) {
1369 if (err == EAI_SYSTEM)
1370 perror("getnameinfo EAI_SYSTEM");
1371 else
1372 fprintf(stderr, "getnameinfo failed: %s\n",
1373 gai_strerror(err));
1374 exit(2);
1375 }
1376
1377 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1378 if (sock < 0)
1379 perror("socket");
1380 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1381 if (errno == EBADF)
1382 exit(3);
1383 }
1384 }
1385 exit(0);
1386}
1387 ],
1388 [
1389 AC_MSG_RESULT(yes)
1390 ],
1391 [
1392 AC_MSG_RESULT(no)
1393 AC_DEFINE(BROKEN_GETADDRINFO)
1394 ]
1395 )
1396fi
1397
4b492aab 1398if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1399 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1400 AC_MSG_CHECKING(if getaddrinfo seems to work)
1401 AC_TRY_RUN(
1402 [
1403#include <stdio.h>
1404#include <sys/socket.h>
1405#include <netdb.h>
1406#include <errno.h>
1407#include <netinet/in.h>
1408
1409#define TEST_PORT "2222"
1410
1411int
1412main(void)
1413{
1414 int err, sock;
1415 struct addrinfo *gai_ai, *ai, hints;
1416 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1417
1418 memset(&hints, 0, sizeof(hints));
1419 hints.ai_family = PF_UNSPEC;
1420 hints.ai_socktype = SOCK_STREAM;
1421 hints.ai_flags = AI_PASSIVE;
1422
1423 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1424 if (err != 0) {
1425 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1426 exit(1);
1427 }
1428
1429 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1430 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1431 continue;
1432
1433 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1434 sizeof(ntop), strport, sizeof(strport),
1435 NI_NUMERICHOST|NI_NUMERICSERV);
1436
1437 if (ai->ai_family == AF_INET && err != 0) {
1438 perror("getnameinfo");
1439 exit(2);
1440 }
1441 }
1442 exit(0);
1443}
1444 ],
1445 [
1446 AC_MSG_RESULT(yes)
1447 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1448[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1449 ],
1450 [
1451 AC_MSG_RESULT(no)
1452 AC_DEFINE(BROKEN_GETADDRINFO)
1453 ]
1454 )
1455fi
1456
b29fd59f 1457if test "x$check_for_conflicting_getspnam" = "x1"; then
1458 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1459 AC_COMPILE_IFELSE(
1460 [
1461#include <shadow.h>
1462int main(void) {exit(0);}
1463 ],
1464 [
1465 AC_MSG_RESULT(no)
1466 ],
1467 [
1468 AC_MSG_RESULT(yes)
1469 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1470 [Conflicting defs for getspnam])
1471 ]
1472 )
1473fi
1474
7f8f5e00 1475AC_FUNC_GETPGRP
1476
717057b6 1477# Check for PAM libs
cbd7492e 1478PAM_MSG="no"
a0391976 1479AC_ARG_WITH(pam,
717057b6 1480 [ --with-pam Enable PAM support ],
a0391976 1481 [
717057b6 1482 if test "x$withval" != "xno" ; then
2511d104 1483 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1484 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1485 AC_MSG_ERROR([PAM headers not found])
1486 fi
a0391976 1487
717057b6 1488 AC_CHECK_LIB(dl, dlopen, , )
1489 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1490 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1491 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1492
717057b6 1493 PAM_MSG="yes"
4cb5ffa0 1494
717057b6 1495 AC_DEFINE(USE_PAM)
98f2d9d5 1496 if test $ac_cv_lib_dl_dlopen = yes; then
1497 LIBPAM="-lpam -ldl"
1498 else
1499 LIBPAM="-lpam"
1500 fi
1501 AC_SUBST(LIBPAM)
717057b6 1502 fi
1503 ]
1504)
cbd7492e 1505
717057b6 1506# Check for older PAM
1507if test "x$PAM_MSG" = "xyes" ; then
a0391976 1508 # Check PAM strerror arguments (old PAM)
1509 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1510 AC_TRY_COMPILE(
1511 [
18ba2aab 1512#include <stdlib.h>
2511d104 1513#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1514#include <security/pam_appl.h>
2511d104 1515#elif defined (HAVE_PAM_PAM_APPL_H)
1516#include <pam/pam_appl.h>
1517#endif
aff51935 1518 ],
1519 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1520 [AC_MSG_RESULT(no)],
1521 [
1522 AC_DEFINE(HAVE_OLD_PAM)
1523 AC_MSG_RESULT(yes)
cbd7492e 1524 PAM_MSG="yes (old library)"
a0391976 1525 ]
717057b6 1526 )
a0391976 1527fi
1528
5b991353 1529# Search for OpenSSL
1530saved_CPPFLAGS="$CPPFLAGS"
1531saved_LDFLAGS="$LDFLAGS"
a0391976 1532AC_ARG_WITH(ssl-dir,
1533 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1534 [
e9e4a1c7 1535 if test "x$withval" != "xno" ; then
99eb0f64 1536 case "$withval" in
1537 # Relative paths
1538 ./*|../*) withval="`pwd`/$withval"
1539 esac
5b991353 1540 if test -d "$withval/lib"; then
1541 if test -n "${need_dash_r}"; then
1542 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1543 else
1544 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1545 fi
1546 else
5b991353 1547 if test -n "${need_dash_r}"; then
1548 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1549 else
1550 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1551 fi
1552 fi
5b991353 1553 if test -d "$withval/include"; then
1554 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1555 else
5b991353 1556 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1557 fi
a0391976 1558 fi
5b991353 1559 ]
1560)
5486a457 1561LIBS="-lcrypto $LIBS"
5b991353 1562AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1563 [
5b991353 1564 dnl Check default openssl install dir
1565 if test -n "${need_dash_r}"; then
1566 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1567 else
5b991353 1568 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1569 fi
5b991353 1570 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1571 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1572 [
1573 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1574 ]
1575 )
1576 ]
1577)
1578
cd018561 1579# Determine OpenSSL header version
1580AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1581AC_RUN_IFELSE(
479cece8 1582 [AC_LANG_SOURCE([[
cd018561 1583#include <stdio.h>
1584#include <string.h>
1585#include <openssl/opensslv.h>
1586#define DATA "conftest.sslincver"
1587int main(void) {
aff51935 1588 FILE *fd;
1589 int rc;
cd018561 1590
aff51935 1591 fd = fopen(DATA,"w");
1592 if(fd == NULL)
1593 exit(1);
cd018561 1594
1595 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1596 exit(1);
1597
1598 exit(0);
1599}
479cece8 1600 ]])],
cd018561 1601 [
1602 ssl_header_ver=`cat conftest.sslincver`
1603 AC_MSG_RESULT($ssl_header_ver)
1604 ],
1605 [
1606 AC_MSG_RESULT(not found)
1607 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1608 ],
1609 [
1610 AC_MSG_WARN([cross compiling: not checking])
cd018561 1611 ]
1612)
1613
1614# Determine OpenSSL library version
1615AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1616AC_RUN_IFELSE(
479cece8 1617 [AC_LANG_SOURCE([[
cd018561 1618#include <stdio.h>
1619#include <string.h>
1620#include <openssl/opensslv.h>
1621#include <openssl/crypto.h>
1622#define DATA "conftest.ssllibver"
1623int main(void) {
aff51935 1624 FILE *fd;
1625 int rc;
cd018561 1626
aff51935 1627 fd = fopen(DATA,"w");
1628 if(fd == NULL)
1629 exit(1);
cd018561 1630
1631 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1632 exit(1);
1633
1634 exit(0);
1635}
479cece8 1636 ]])],
cd018561 1637 [
1638 ssl_library_ver=`cat conftest.ssllibver`
1639 AC_MSG_RESULT($ssl_library_ver)
1640 ],
1641 [
1642 AC_MSG_RESULT(not found)
1643 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1644 ],
1645 [
1646 AC_MSG_WARN([cross compiling: not checking])
cd018561 1647 ]
1648)
58d100bf 1649
9780116c 1650# Sanity check OpenSSL headers
1651AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1652AC_RUN_IFELSE(
479cece8 1653 [AC_LANG_SOURCE([[
9780116c 1654#include <string.h>
1655#include <openssl/opensslv.h>
aec4cb4f 1656int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1657 ]])],
9780116c 1658 [
1659 AC_MSG_RESULT(yes)
1660 ],
1661 [
1662 AC_MSG_RESULT(no)
e15ba28b 1663 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1664Check config.log for details.
1665Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1666 ],
1667 [
1668 AC_MSG_WARN([cross compiling: not checking])
9780116c 1669 ]
1670)
1671
5486a457 1672# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1673# because the system crypt() is more featureful.
1674if test "x$check_for_libcrypt_before" = "x1"; then
1675 AC_CHECK_LIB(crypt, crypt)
1676fi
1677
aff51935 1678# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1679# version in OpenSSL.
05114c74 1680if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1681 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1682fi
1683
f1b0ecc3 1684
1685### Configure cryptographic random number support
1686
1687# Check wheter OpenSSL seeds itself
1688AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1689AC_RUN_IFELSE(
479cece8 1690 [AC_LANG_SOURCE([[
f1b0ecc3 1691#include <string.h>
1692#include <openssl/rand.h>
aec4cb4f 1693int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1694 ]])],
f1b0ecc3 1695 [
1696 OPENSSL_SEEDS_ITSELF=yes
1697 AC_MSG_RESULT(yes)
1698 ],
1699 [
1700 AC_MSG_RESULT(no)
1701 # Default to use of the rand helper if OpenSSL doesn't
1702 # seed itself
1703 USE_RAND_HELPER=yes
1a01a50c 1704 ],
1705 [
1706 AC_MSG_WARN([cross compiling: assuming yes])
1707 # This is safe, since all recent OpenSSL versions will
82f4e93d 1708 # complain at runtime if not seeded correctly.
1a01a50c 1709 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1710 ]
1711)
1712
1713
1714# Do we want to force the use of the rand helper?
1715AC_ARG_WITH(rand-helper,
1716 [ --with-rand-helper Use subprocess to gather strong randomness ],
1717 [
1718 if test "x$withval" = "xno" ; then
aff51935 1719 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1720 # the previous test showed it to be unseeded.
1721 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1722 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1723 OPENSSL_SEEDS_ITSELF=yes
1724 USE_RAND_HELPER=""
1725 fi
1726 else
1727 USE_RAND_HELPER=yes
1728 fi
1729 ],
82f4e93d 1730)
f1b0ecc3 1731
1732# Which randomness source do we use?
4b492aab 1733if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1734 # OpenSSL only
1735 AC_DEFINE(OPENSSL_PRNG_ONLY)
1736 RAND_MSG="OpenSSL internal ONLY"
1737 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1738elif test ! -z "$USE_RAND_HELPER" ; then
1739 # install rand helper
f1b0ecc3 1740 RAND_MSG="ssh-rand-helper"
1741 INSTALL_SSH_RAND_HELPER="yes"
1742fi
1743AC_SUBST(INSTALL_SSH_RAND_HELPER)
1744
1745### Configuration of ssh-rand-helper
1746
1747# PRNGD TCP socket
1748AC_ARG_WITH(prngd-port,
1749 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1750 [
eb5d7ff6 1751 case "$withval" in
1752 no)
1753 withval=""
1754 ;;
1755 [[0-9]]*)
1756 ;;
1757 *)
1758 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1759 ;;
1760 esac
1761 if test ! -z "$withval" ; then
f1b0ecc3 1762 PRNGD_PORT="$withval"
1763 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1764 fi
1765 ]
1766)
1767
1768# PRNGD Unix domain socket
1769AC_ARG_WITH(prngd-socket,
1770 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1771 [
eb5d7ff6 1772 case "$withval" in
1773 yes)
f1b0ecc3 1774 withval="/var/run/egd-pool"
eb5d7ff6 1775 ;;
1776 no)
1777 withval=""
1778 ;;
1779 /*)
1780 ;;
1781 *)
1782 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1783 ;;
1784 esac
1785
1786 if test ! -z "$withval" ; then
f1b0ecc3 1787 if test ! -z "$PRNGD_PORT" ; then
1788 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1789 fi
906e811b 1790 if test ! -r "$withval" ; then
f1b0ecc3 1791 AC_MSG_WARN(Entropy socket is not readable)
1792 fi
1793 PRNGD_SOCKET="$withval"
1794 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1795 fi
ddceb1c8 1796 ],
1797 [
1798 # Check for existing socket only if we don't have a random device already
1799 if test "$USE_RAND_HELPER" = yes ; then
1800 AC_MSG_CHECKING(for PRNGD/EGD socket)
1801 # Insert other locations here
1802 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1803 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1804 PRNGD_SOCKET="$sock"
1805 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1806 break;
1807 fi
1808 done
1809 if test ! -z "$PRNGD_SOCKET" ; then
1810 AC_MSG_RESULT($PRNGD_SOCKET)
1811 else
1812 AC_MSG_RESULT(not found)
1813 fi
1814 fi
f1b0ecc3 1815 ]
1816)
1817
1818# Change default command timeout for hashing entropy source
1819entropy_timeout=200
1820AC_ARG_WITH(entropy-timeout,
1821 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1822 [
6cf0200f 1823 if test -n "$withval" && test "x$withval" != "xno" && \
1824 test "x${withval}" != "xyes"; then
f1b0ecc3 1825 entropy_timeout=$withval
1826 fi
82f4e93d 1827 ]
f1b0ecc3 1828)
f1b0ecc3 1829AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1830
fd3cbf67 1831SSH_PRIVSEP_USER=sshd
9a0fbcb3 1832AC_ARG_WITH(privsep-user,
5222e7ef 1833 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1834 [
6cf0200f 1835 if test -n "$withval" && test "x$withval" != "xno" && \
1836 test "x${withval}" != "xyes"; then
fd3cbf67 1837 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1838 fi
82f4e93d 1839 ]
9a0fbcb3 1840)
fd3cbf67 1841AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1842AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1843
81dadca3 1844# We do this little dance with the search path to insure
1845# that programs that we select for use by installed programs
1846# (which may be run by the super-user) come from trusted
1847# locations before they come from the user's private area.
1848# This should help avoid accidentally configuring some
1849# random version of a program in someone's personal bin.
1850
1851OPATH=$PATH
1852PATH=/bin:/usr/bin
f95c8ce8 1853test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1854test -d /sbin && PATH=$PATH:/sbin
1855test -d /usr/sbin && PATH=$PATH:/usr/sbin
1856PATH=$PATH:/etc:$OPATH
1857
aff51935 1858# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1859OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1860OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1861OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1862OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1863OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1864OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1865OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1866OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1867OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1868OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1869OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1870OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1871OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1872OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1873OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1874OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1875# restore PATH
1876PATH=$OPATH
f1b0ecc3 1877
1878# Where does ssh-rand-helper get its randomness from?
1879INSTALL_SSH_PRNG_CMDS=""
1880if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1881 if test ! -z "$PRNGD_PORT" ; then
1882 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1883 elif test ! -z "$PRNGD_SOCKET" ; then
1884 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1885 else
1886 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1887 RAND_HELPER_CMDHASH=yes
1888 INSTALL_SSH_PRNG_CMDS="yes"
1889 fi
1890fi
1891AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1892
1893
66d6c27e 1894# Cheap hack to ensure NEWS-OS libraries are arranged right.
1895if test ! -z "$SONY" ; then
1896 LIBS="$LIBS -liberty";
1897fi
1898
a0391976 1899# Checks for data types
976f7e19 1900AC_CHECK_SIZEOF(char, 1)
2b942fe0 1901AC_CHECK_SIZEOF(short int, 2)
1902AC_CHECK_SIZEOF(int, 4)
1903AC_CHECK_SIZEOF(long int, 4)
1904AC_CHECK_SIZEOF(long long int, 8)
1905
52f1ccb2 1906# Sanity check long long for some platforms (AIX)
1907if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1908 ac_cv_sizeof_long_long_int=0
1909fi
1910
a0391976 1911# More checks for data types
14a9a859 1912AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1913 AC_TRY_COMPILE(
aff51935 1914 [ #include <sys/types.h> ],
1915 [ u_int a; a = 1;],
14a9a859 1916 [ ac_cv_have_u_int="yes" ],
1917 [ ac_cv_have_u_int="no" ]
1918 )
1919])
1920if test "x$ac_cv_have_u_int" = "xyes" ; then
1921 AC_DEFINE(HAVE_U_INT)
1922 have_u_int=1
1923fi
1924
58d100bf 1925AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1926 AC_TRY_COMPILE(
aff51935 1927 [ #include <sys/types.h> ],
1928 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1929 [ ac_cv_have_intxx_t="yes" ],
1930 [ ac_cv_have_intxx_t="no" ]
1931 )
1932])
1933if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1934 AC_DEFINE(HAVE_INTXX_T)
1935 have_intxx_t=1
1936fi
41cb4569 1937
1938if (test -z "$have_intxx_t" && \
aff51935 1939 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1940then
1941 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1942 AC_TRY_COMPILE(
aff51935 1943 [ #include <stdint.h> ],
1944 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1945 [
1946 AC_DEFINE(HAVE_INTXX_T)
1947 AC_MSG_RESULT(yes)
1948 ],
1949 [ AC_MSG_RESULT(no) ]
1950 )
1951fi
1952
bd590612 1953AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1954 AC_TRY_COMPILE(
1cbbe6c8 1955 [
1956#include <sys/types.h>
1957#ifdef HAVE_STDINT_H
1958# include <stdint.h>
1959#endif
1960#include <sys/socket.h>
1961#ifdef HAVE_SYS_BITYPES_H
1962# include <sys/bitypes.h>
1963#endif
aff51935 1964 ],
1965 [ int64_t a; a = 1;],
bd590612 1966 [ ac_cv_have_int64_t="yes" ],
1967 [ ac_cv_have_int64_t="no" ]
1968 )
1969])
1970if test "x$ac_cv_have_int64_t" = "xyes" ; then
1971 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1972fi
1973
58d100bf 1974AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1975 AC_TRY_COMPILE(
aff51935 1976 [ #include <sys/types.h> ],
1977 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1978 [ ac_cv_have_u_intxx_t="yes" ],
1979 [ ac_cv_have_u_intxx_t="no" ]
1980 )
1981])
1982if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1983 AC_DEFINE(HAVE_U_INTXX_T)
1984 have_u_intxx_t=1
1985fi
2b942fe0 1986
41cb4569 1987if test -z "$have_u_intxx_t" ; then
1988 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1989 AC_TRY_COMPILE(
aff51935 1990 [ #include <sys/socket.h> ],
1991 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1992 [
1993 AC_DEFINE(HAVE_U_INTXX_T)
1994 AC_MSG_RESULT(yes)
1995 ],
1996 [ AC_MSG_RESULT(no) ]
1997 )
1998fi
1999
bd590612 2000AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2001 AC_TRY_COMPILE(
aff51935 2002 [ #include <sys/types.h> ],
2003 [ u_int64_t a; a = 1;],
bd590612 2004 [ ac_cv_have_u_int64_t="yes" ],
2005 [ ac_cv_have_u_int64_t="no" ]
2006 )
2007])
2008if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
2009 AC_DEFINE(HAVE_U_INT64_T)
2010 have_u_int64_t=1
2011fi
2012
ddceb1c8 2013if test -z "$have_u_int64_t" ; then
2014 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2015 AC_TRY_COMPILE(
aff51935 2016 [ #include <sys/bitypes.h> ],
ddceb1c8 2017 [ u_int64_t a; a = 1],
2018 [
2019 AC_DEFINE(HAVE_U_INT64_T)
2020 AC_MSG_RESULT(yes)
2021 ],
2022 [ AC_MSG_RESULT(no) ]
2023 )
2024fi
2025
41cb4569 2026if test -z "$have_u_intxx_t" ; then
2027 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2028 AC_TRY_COMPILE(
2029 [
2030#include <sys/types.h>
aff51935 2031 ],
2032 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2033 [ ac_cv_have_uintxx_t="yes" ],
2034 [ ac_cv_have_uintxx_t="no" ]
2035 )
2036 ])
2037 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
2038 AC_DEFINE(HAVE_UINTXX_T)
2039 fi
2040fi
2041
2042if test -z "$have_uintxx_t" ; then
2043 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2044 AC_TRY_COMPILE(
aff51935 2045 [ #include <stdint.h> ],
2046 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2047 [
2048 AC_DEFINE(HAVE_UINTXX_T)
2049 AC_MSG_RESULT(yes)
2050 ],
2051 [ AC_MSG_RESULT(no) ]
2052 )
2053fi
2054
e5fe9a1f 2055if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2056 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2057then
2058 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2059 AC_TRY_COMPILE(
58d100bf 2060 [
2061#include <sys/bitypes.h>
aff51935 2062 ],
5cdfe03f 2063 [
837c30b8 2064 int8_t a; int16_t b; int32_t c;
2065 u_int8_t e; u_int16_t f; u_int32_t g;
2066 a = b = c = e = f = g = 1;
aff51935 2067 ],
5cdfe03f 2068 [
2069 AC_DEFINE(HAVE_U_INTXX_T)
2070 AC_DEFINE(HAVE_INTXX_T)
2071 AC_MSG_RESULT(yes)
2072 ],
2073 [AC_MSG_RESULT(no)]
aff51935 2074 )
5cdfe03f 2075fi
2076
0362750e 2077
2078AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2079 AC_TRY_COMPILE(
2080 [
2081#include <sys/types.h>
2082 ],
2083 [ u_char foo; foo = 125; ],
2084 [ ac_cv_have_u_char="yes" ],
2085 [ ac_cv_have_u_char="no" ]
2086 )
2087])
2088if test "x$ac_cv_have_u_char" = "xyes" ; then
2089 AC_DEFINE(HAVE_U_CHAR)
2090fi
2091
98a7c37b 2092TYPE_SOCKLEN_T
2b942fe0 2093
2d16d9a3 2094AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2095
777ece68 2096AC_CHECK_TYPES(in_addr_t,,,
2097[#include <sys/types.h>
2098#include <netinet/in.h>])
7b578f7d 2099
58d100bf 2100AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2101 AC_TRY_COMPILE(
2102 [
18ba2aab 2103#include <sys/types.h>
58d100bf 2104 ],
2105 [ size_t foo; foo = 1235; ],
2106 [ ac_cv_have_size_t="yes" ],
2107 [ ac_cv_have_size_t="no" ]
2108 )
2109])
2110if test "x$ac_cv_have_size_t" = "xyes" ; then
2111 AC_DEFINE(HAVE_SIZE_T)
2112fi
ea1970a3 2113
c04f75f1 2114AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2115 AC_TRY_COMPILE(
2116 [
2117#include <sys/types.h>
2118 ],
2119 [ ssize_t foo; foo = 1235; ],
2120 [ ac_cv_have_ssize_t="yes" ],
2121 [ ac_cv_have_ssize_t="no" ]
2122 )
2123])
2124if test "x$ac_cv_have_ssize_t" = "xyes" ; then
2125 AC_DEFINE(HAVE_SSIZE_T)
2126fi
2127
f1c4659d 2128AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2129 AC_TRY_COMPILE(
2130 [
2131#include <time.h>
2132 ],
2133 [ clock_t foo; foo = 1235; ],
2134 [ ac_cv_have_clock_t="yes" ],
2135 [ ac_cv_have_clock_t="no" ]
2136 )
2137])
2138if test "x$ac_cv_have_clock_t" = "xyes" ; then
2139 AC_DEFINE(HAVE_CLOCK_T)
2140fi
2141
1c04b088 2142AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2143 AC_TRY_COMPILE(
2144 [
2145#include <sys/types.h>
2146#include <sys/socket.h>
2147 ],
2148 [ sa_family_t foo; foo = 1235; ],
2149 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2150 [ AC_TRY_COMPILE(
2151 [
2152#include <sys/types.h>
2153#include <sys/socket.h>
2154#include <netinet/in.h>
2155 ],
2156 [ sa_family_t foo; foo = 1235; ],
2157 [ ac_cv_have_sa_family_t="yes" ],
2158
1c04b088 2159 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2160 )]
1c04b088 2161 )
2162])
2163if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
2164 AC_DEFINE(HAVE_SA_FAMILY_T)
2165fi
2166
729bfe59 2167AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2168 AC_TRY_COMPILE(
2169 [
2170#include <sys/types.h>
2171 ],
2172 [ pid_t foo; foo = 1235; ],
2173 [ ac_cv_have_pid_t="yes" ],
2174 [ ac_cv_have_pid_t="no" ]
2175 )
2176])
2177if test "x$ac_cv_have_pid_t" = "xyes" ; then
2178 AC_DEFINE(HAVE_PID_T)
2179fi
2180
2181AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2182 AC_TRY_COMPILE(
2183 [
2184#include <sys/types.h>
2185 ],
2186 [ mode_t foo; foo = 1235; ],
2187 [ ac_cv_have_mode_t="yes" ],
2188 [ ac_cv_have_mode_t="no" ]
2189 )
2190])
2191if test "x$ac_cv_have_mode_t" = "xyes" ; then
2192 AC_DEFINE(HAVE_MODE_T)
2193fi
2194
e3a93db0 2195
58d100bf 2196AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2197 AC_TRY_COMPILE(
2198 [
18ba2aab 2199#include <sys/types.h>
2200#include <sys/socket.h>
58d100bf 2201 ],
2202 [ struct sockaddr_storage s; ],
2203 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2204 [ ac_cv_have_struct_sockaddr_storage="no" ]
2205 )
2206])
2207if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
2208 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
2209fi
48e671d5 2210
58d100bf 2211AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2212 AC_TRY_COMPILE(
2213 [
cbd7492e 2214#include <sys/types.h>
58d100bf 2215#include <netinet/in.h>
2216 ],
2217 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2218 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2219 [ ac_cv_have_struct_sockaddr_in6="no" ]
2220 )
2221])
2222if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
2223 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
2224fi
48e671d5 2225
58d100bf 2226AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2227 AC_TRY_COMPILE(
2228 [
cbd7492e 2229#include <sys/types.h>
58d100bf 2230#include <netinet/in.h>
2231 ],
2232 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2233 [ ac_cv_have_struct_in6_addr="yes" ],
2234 [ ac_cv_have_struct_in6_addr="no" ]
2235 )
2236])
2237if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
2238 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
2239fi
48e671d5 2240
58d100bf 2241AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2242 AC_TRY_COMPILE(
2243 [
18ba2aab 2244#include <sys/types.h>
2245#include <sys/socket.h>
2246#include <netdb.h>
58d100bf 2247 ],
2248 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2249 [ ac_cv_have_struct_addrinfo="yes" ],
2250 [ ac_cv_have_struct_addrinfo="no" ]
2251 )
2252])
2253if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2254 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2255fi
2256
89c7e31c 2257AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2258 AC_TRY_COMPILE(
aff51935 2259 [ #include <sys/time.h> ],
2260 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2261 [ ac_cv_have_struct_timeval="yes" ],
2262 [ ac_cv_have_struct_timeval="no" ]
2263 )
2264])
2265if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2266 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2267 have_struct_timeval=1
2268fi
2269
5271b55c 2270AC_CHECK_TYPES(struct timespec)
2271
85abc74b 2272# We need int64_t or else certian parts of the compile will fail.
4b492aab 2273if test "x$ac_cv_have_int64_t" = "xno" && \
2274 test "x$ac_cv_sizeof_long_int" != "x8" && \
2275 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2276 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2277 echo "an alternative compiler (I.E., GCC) before continuing."
2278 echo ""
2279 exit 1;
733cf7f4 2280else
2281dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2282 AC_RUN_IFELSE(
479cece8 2283 [AC_LANG_SOURCE([[
733cf7f4 2284#include <stdio.h>
2285#include <string.h>
2286#ifdef HAVE_SNPRINTF
2287main()
2288{
2289 char buf[50];
2290 char expected_out[50];
2291 int mazsize = 50 ;
2292#if (SIZEOF_LONG_INT == 8)
2293 long int num = 0x7fffffffffffffff;
2294#else
763a1a18 2295 long long num = 0x7fffffffffffffffll;
733cf7f4 2296#endif
2297 strcpy(expected_out, "9223372036854775807");
2298 snprintf(buf, mazsize, "%lld", num);
2299 if(strcmp(buf, expected_out) != 0)
aff51935 2300 exit(1);
733cf7f4 2301 exit(0);
2302}
2303#else
2304main() { exit(0); }
2305#endif
479cece8 2306 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2307 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2308 )
2c523de9 2309fi
2310
77bb0bca 2311dnl Checks for structure members
58d100bf 2312OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2313OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2314OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2315OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2316OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2317OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2318OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2319OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2320OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2321OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2322OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2323OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2324OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2325OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2326OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2327OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2328OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2329
2330AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2331
58d100bf 2332AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2333 ac_cv_have_ss_family_in_struct_ss, [
2334 AC_TRY_COMPILE(
2335 [
18ba2aab 2336#include <sys/types.h>
2337#include <sys/socket.h>
58d100bf 2338 ],
2339 [ struct sockaddr_storage s; s.ss_family = 1; ],
2340 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2341 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2342 )
2343])
2344if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2345 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2346fi
2347
58d100bf 2348AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2349 ac_cv_have___ss_family_in_struct_ss, [
2350 AC_TRY_COMPILE(
2351 [
18ba2aab 2352#include <sys/types.h>
2353#include <sys/socket.h>
58d100bf 2354 ],
2355 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2356 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2357 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2358 )
2359])
2360if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2361 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2362fi
2363
2e73a022 2364AC_CACHE_CHECK([for pw_class field in struct passwd],
2365 ac_cv_have_pw_class_in_struct_passwd, [
2366 AC_TRY_COMPILE(
2367 [
2e73a022 2368#include <pwd.h>
2369 ],
97994d32 2370 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2371 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2372 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2373 )
2374])
2375if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2376 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2377fi
2378
7751d4eb 2379AC_CACHE_CHECK([for pw_expire field in struct passwd],
2380 ac_cv_have_pw_expire_in_struct_passwd, [
2381 AC_TRY_COMPILE(
2382 [
2383#include <pwd.h>
2384 ],
2385 [ struct passwd p; p.pw_expire = 0; ],
2386 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2387 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2388 )
2389])
2390if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2391 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2392fi
2393
2394AC_CACHE_CHECK([for pw_change field in struct passwd],
2395 ac_cv_have_pw_change_in_struct_passwd, [
2396 AC_TRY_COMPILE(
2397 [
2398#include <pwd.h>
2399 ],
2400 [ struct passwd p; p.pw_change = 0; ],
2401 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2402 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2403 )
2404])
2405if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2406 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2407fi
58d100bf 2408
637f9177 2409dnl make sure we're using the real structure members and not defines
6f34652e 2410AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2411 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2412 AC_COMPILE_IFELSE(
6f34652e 2413 [
f95c8ce8 2414#include <sys/types.h>
6f34652e 2415#include <sys/socket.h>
2416#include <sys/uio.h>
637f9177 2417int main() {
2418#ifdef msg_accrights
1a01a50c 2419#error "msg_accrights is a macro"
637f9177 2420exit(1);
2421#endif
2422struct msghdr m;
2423m.msg_accrights = 0;
2424exit(0);
2425}
6f34652e 2426 ],
6f34652e 2427 [ ac_cv_have_accrights_in_msghdr="yes" ],
2428 [ ac_cv_have_accrights_in_msghdr="no" ]
2429 )
2430])
2431if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2432 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2433fi
2434
7176df4f 2435AC_CACHE_CHECK([for msg_control field in struct msghdr],
2436 ac_cv_have_control_in_msghdr, [
1a01a50c 2437 AC_COMPILE_IFELSE(
7176df4f 2438 [
f95c8ce8 2439#include <sys/types.h>
7176df4f 2440#include <sys/socket.h>
2441#include <sys/uio.h>
637f9177 2442int main() {
2443#ifdef msg_control
1a01a50c 2444#error "msg_control is a macro"
637f9177 2445exit(1);
2446#endif
2447struct msghdr m;
2448m.msg_control = 0;
2449exit(0);
2450}
7176df4f 2451 ],
7176df4f 2452 [ ac_cv_have_control_in_msghdr="yes" ],
2453 [ ac_cv_have_control_in_msghdr="no" ]
2454 )
2455])
2456if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2457 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2458fi
2459
58d100bf 2460AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2461 AC_TRY_LINK([],
2462 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2463 [ ac_cv_libc_defines___progname="yes" ],
2464 [ ac_cv_libc_defines___progname="no" ]
2465 )
2466])
2467if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2468 AC_DEFINE(HAVE___PROGNAME)
2469fi
8946db53 2470
c921ee00 2471AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2472 AC_TRY_LINK([
2473#include <stdio.h>
aff51935 2474],
2475 [ printf("%s", __FUNCTION__); ],
c921ee00 2476 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2477 [ ac_cv_cc_implements___FUNCTION__="no" ]
2478 )
2479])
2480if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2481 AC_DEFINE(HAVE___FUNCTION__)
2482fi
2483
2484AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2485 AC_TRY_LINK([
2486#include <stdio.h>
aff51935 2487],
2488 [ printf("%s", __func__); ],
c921ee00 2489 [ ac_cv_cc_implements___func__="yes" ],
2490 [ ac_cv_cc_implements___func__="no" ]
2491 )
2492])
2493if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2494 AC_DEFINE(HAVE___func__)
2495fi
2496
1812a662 2497AC_CACHE_CHECK([whether getopt has optreset support],
2498 ac_cv_have_getopt_optreset, [
2499 AC_TRY_LINK(
2500 [
2501#include <getopt.h>
2502 ],
2503 [ extern int optreset; optreset = 0; ],
2504 [ ac_cv_have_getopt_optreset="yes" ],
2505 [ ac_cv_have_getopt_optreset="no" ]
2506 )
2507])
2508if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2509 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2510fi
a0391976 2511
819b676f 2512AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2513 AC_TRY_LINK([],
2514 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2515 [ ac_cv_libc_defines_sys_errlist="yes" ],
2516 [ ac_cv_libc_defines_sys_errlist="no" ]
2517 )
2518])
2519if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2520 AC_DEFINE(HAVE_SYS_ERRLIST)
2521fi
2522
2523
416ed5a7 2524AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2525 AC_TRY_LINK([],
2526 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2527 [ ac_cv_libc_defines_sys_nerr="yes" ],
2528 [ ac_cv_libc_defines_sys_nerr="no" ]
2529 )
2530])
2531if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2532 AC_DEFINE(HAVE_SYS_NERR)
2533fi
2534
aff51935 2535SCARD_MSG="no"
295c8801 2536# Check whether user wants sectok support
2537AC_ARG_WITH(sectok,
2538 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2539 [
2540 if test "x$withval" != "xno" ; then
2541 if test "x$withval" != "xyes" ; then
2542 CPPFLAGS="$CPPFLAGS -I${withval}"
2543 LDFLAGS="$LDFLAGS -L${withval}"
2544 if test ! -z "$need_dash_r" ; then
2545 LDFLAGS="$LDFLAGS -R${withval}"
2546 fi
2547 if test ! -z "$blibpath" ; then
2548 blibpath="$blibpath:${withval}"
2549 fi
2550 fi
2551 AC_CHECK_HEADERS(sectok.h)
2552 if test "$ac_cv_header_sectok_h" != yes; then
2553 AC_MSG_ERROR(Can't find sectok.h)
2554 fi
2555 AC_CHECK_LIB(sectok, sectok_open)
2556 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2557 AC_MSG_ERROR(Can't find libsectok)
2558 fi
2559 AC_DEFINE(SMARTCARD)
295c8801 2560 AC_DEFINE(USE_SECTOK)
aff51935 2561 SCARD_MSG="yes, using sectok"
295c8801 2562 fi
2563 ]
2564)
2565
2566# Check whether user wants OpenSC support
987b458f 2567OPENSC_CONFIG="no"
295c8801 2568AC_ARG_WITH(opensc,
987b458f 2569 [--with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
2570 [
2571 if test "x$withval" != "xno" ; then
2572 if test "x$withval" != "xyes" ; then
2573 OPENSC_CONFIG=$withval/bin/opensc-config
2574 else
2575 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2576 fi
2577 if test "$OPENSC_CONFIG" != "no"; then
2578 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2579 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2580 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2581 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2582 AC_DEFINE(SMARTCARD)
2583 AC_DEFINE(USE_OPENSC)
2584 SCARD_MSG="yes, using OpenSC"
2585 fi
2586 fi
2587 ]
2588)
d0b19c95 2589
c31dc31c 2590# Check libraries needed by DNS fingerprint support
aff51935 2591AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2592 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2593 [
c31dc31c 2594 # Needed by our getrrsetbyname()
2595 AC_SEARCH_LIBS(res_query, resolv)
2596 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2597 AC_MSG_CHECKING(if res_query will link)
2598 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2599 [AC_MSG_RESULT(no)
2600 saved_LIBS="$LIBS"
2601 LIBS="$LIBS -lresolv"
2602 AC_MSG_CHECKING(for res_query in -lresolv)
2603 AC_LINK_IFELSE([
2604#include <resolv.h>
2605int main()
2606{
2607 res_query (0, 0, 0, 0, 0);
2608 return 0;
2609}
2610 ],
2611 [LIBS="$LIBS -lresolv"
2612 AC_MSG_RESULT(yes)],
2613 [LIBS="$saved_LIBS"
2614 AC_MSG_RESULT(no)])
2615 ])
c31dc31c 2616 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 2617 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 2618 [#include <sys/types.h>
2619 #include <arpa/nameser.h>])
c31dc31c 2620 AC_CHECK_MEMBER(HEADER.ad,
2621 [AC_DEFINE(HAVE_HEADER_AD)],,
2622 [#include <arpa/nameser.h>])
2623 ])
3e05e934 2624
12928e80 2625# Check whether user wants Kerberos 5 support
aff51935 2626KRB5_MSG="no"
12928e80 2627AC_ARG_WITH(kerberos5,
aff51935 2628 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2629 [ if test "x$withval" != "xno" ; then
2630 if test "x$withval" = "xyes" ; then
2631 KRB5ROOT="/usr/local"
2632 else
2633 KRB5ROOT=${withval}
2634 fi
2635
2636 AC_DEFINE(KRB5)
2637 KRB5_MSG="yes"
2638
2639 AC_MSG_CHECKING(for krb5-config)
2640 if test -x $KRB5ROOT/bin/krb5-config ; then
2641 KRB5CONF=$KRB5ROOT/bin/krb5-config
2642 AC_MSG_RESULT($KRB5CONF)
2643
2644 AC_MSG_CHECKING(for gssapi support)
2645 if $KRB5CONF | grep gssapi >/dev/null ; then
2646 AC_MSG_RESULT(yes)
071970fb 2647 AC_DEFINE(GSSAPI)
2648 k5confopts=gssapi
aff51935 2649 else
5585c441 2650 AC_MSG_RESULT(no)
071970fb 2651 k5confopts=""
aff51935 2652 fi
071970fb 2653 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2654 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2655 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2656 AC_MSG_CHECKING(whether we are using Heimdal)
2657 AC_TRY_COMPILE([ #include <krb5.h> ],
2658 [ char *tmp = heimdal_version; ],
2659 [ AC_MSG_RESULT(yes)
2660 AC_DEFINE(HEIMDAL) ],
2661 AC_MSG_RESULT(no)
2662 )
2663 else
2664 AC_MSG_RESULT(no)
12928e80 2665 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2666 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2667 AC_MSG_CHECKING(whether we are using Heimdal)
2668 AC_TRY_COMPILE([ #include <krb5.h> ],
2669 [ char *tmp = heimdal_version; ],
2670 [ AC_MSG_RESULT(yes)
2671 AC_DEFINE(HEIMDAL)
41707f74 2672 K5LIBS="-lkrb5 -ldes"
2673 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 2674 AC_CHECK_LIB(roken, net_write,
41707f74 2675 [K5LIBS="$K5LIBS -lroken"])
aff51935 2676 ],
2677 [ AC_MSG_RESULT(no)
2678 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2679 ]
2680 )
4e00038c 2681 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2682
749560dd 2683 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2684 [ AC_DEFINE(GSSAPI)
2685 K5LIBS="-lgssapi $K5LIBS" ],
2686 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2687 [ AC_DEFINE(GSSAPI)
aff51935 2688 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2689 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2690 $K5LIBS)
2691 ],
2692 $K5LIBS)
82f4e93d 2693
749560dd 2694 AC_CHECK_HEADER(gssapi.h, ,
2695 [ unset ac_cv_header_gssapi_h
aff51935 2696 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2697 AC_CHECK_HEADERS(gssapi.h, ,
2698 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2699 )
749560dd 2700 ]
2701 )
2702
2703 oldCPP="$CPPFLAGS"
2704 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2705 AC_CHECK_HEADER(gssapi_krb5.h, ,
2706 [ CPPFLAGS="$oldCPP" ])
2707
aff51935 2708 fi
5585c441 2709 if test ! -z "$need_dash_r" ; then
2710 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2711 fi
2712 if test ! -z "$blibpath" ; then
2713 blibpath="$blibpath:${KRB5ROOT}/lib"
2714 fi
071970fb 2715 fi
2716
2717 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2718 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2719 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2720
2721 LIBS="$LIBS $K5LIBS"
2722 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
2723 ]
12928e80 2724)
b5b68128 2725
a0391976 2726# Looking for programs, paths and files
a0391976 2727
ecac8ee5 2728PRIVSEP_PATH=/var/empty
2729AC_ARG_WITH(privsep-path,
cda1ebcb 2730 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2731 [
6cf0200f 2732 if test -n "$withval" && test "x$withval" != "xno" && \
2733 test "x${withval}" != "xyes"; then
ecac8ee5 2734 PRIVSEP_PATH=$withval
2735 fi
2736 ]
2737)
2738AC_SUBST(PRIVSEP_PATH)
2739
a0391976 2740AC_ARG_WITH(xauth,
2741 [ --with-xauth=PATH Specify path to xauth program ],
2742 [
6cf0200f 2743 if test -n "$withval" && test "x$withval" != "xno" && \
2744 test "x${withval}" != "xyes"; then
cbd7492e 2745 xauth_path=$withval
a0391976 2746 fi
2747 ],
2748 [
2bf42e4a 2749 TestPath="$PATH"
2750 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2751 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2752 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2753 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2754 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2755 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2756 xauth_path="/usr/openwin/bin/xauth"
2757 fi
2758 ]
2759)
2760
65a4b4af 2761STRIP_OPT=-s
2762AC_ARG_ENABLE(strip,
2763 [ --disable-strip Disable calling strip(1) on install],
2764 [
2765 if test "x$enableval" = "xno" ; then
2766 STRIP_OPT=
2767 fi
2768 ]
2769)
2770AC_SUBST(STRIP_OPT)
2771
b3ec54b4 2772if test -z "$xauth_path" ; then
2773 XAUTH_PATH="undefined"
2774 AC_SUBST(XAUTH_PATH)
2775else
a0391976 2776 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2777 XAUTH_PATH=$xauth_path
2778 AC_SUBST(XAUTH_PATH)
a0391976 2779fi
a0391976 2780
2781# Check for mail directory (last resort if we cannot get it from headers)
2782if test ! -z "$MAIL" ; then
2783 maildir=`dirname $MAIL`
2784 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2785fi
2786
479cece8 2787if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2788 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2789 disable_ptmx_check=yes
2790fi
a0391976 2791if test -z "$no_dev_ptmx" ; then
6e879cb4 2792 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2793 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2794 [
2795 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2796 have_dev_ptmx=1
2797 ]
2798 )
2799 fi
3276571c 2800fi
1a01a50c 2801
479cece8 2802if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2803 AC_CHECK_FILE("/dev/ptc",
2804 [
2805 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2806 have_dev_ptc=1
2807 ]
2808 )
2809else
2810 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2811fi
3276571c 2812
a0391976 2813# Options from here on. Some of these are preset by platform above
fdf6b7aa 2814AC_ARG_WITH(mantype,
5d97cfbf 2815 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2816 [
5d97cfbf 2817 case "$withval" in
2818 man|cat|doc)
2819 MANTYPE=$withval
2820 ;;
2821 *)
2822 AC_MSG_ERROR(invalid man type: $withval)
2823 ;;
2824 esac
c54a6257 2825 ]
2826)
e0c4d3ac 2827if test -z "$MANTYPE"; then
2bf42e4a 2828 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2829 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2830 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2831 MANTYPE=doc
2832 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2833 MANTYPE=man
2834 else
2835 MANTYPE=cat
2836 fi
2837fi
c54a6257 2838AC_SUBST(MANTYPE)
e0c4d3ac 2839if test "$MANTYPE" = "doc"; then
2840 mansubdir=man;
2841else
2842 mansubdir=$MANTYPE;
2843fi
2844AC_SUBST(mansubdir)
0bc5b6fb 2845
a0391976 2846# Check whether to enable MD5 passwords
aff51935 2847MD5_MSG="no"
2ddcfdf3 2848AC_ARG_WITH(md5-passwords,
caf3bc51 2849 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2850 [
bcf36c78 2851 if test "x$withval" != "xno" ; then
0bc5b6fb 2852 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2853 MD5_MSG="yes"
0bc5b6fb 2854 fi
2855 ]
caf3bc51 2856)
2857
a0391976 2858# Whether to disable shadow password support
a7effaac 2859AC_ARG_WITH(shadow,
2860 [ --without-shadow Disable shadow password support],
2861 [
82f4e93d 2862 if test "x$withval" = "xno" ; then
a7effaac 2863 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2864 disable_shadow=yes
a7effaac 2865 fi
2866 ]
2867)
2868
4cb5ffa0 2869if test -z "$disable_shadow" ; then
2870 AC_MSG_CHECKING([if the systems has expire shadow information])
2871 AC_TRY_COMPILE(
2872 [
2873#include <sys/types.h>
2874#include <shadow.h>
2875 struct spwd sp;
2876 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2877 [ sp_expire_available=yes ], []
2878 )
2879
2880 if test "x$sp_expire_available" = "xyes" ; then
2881 AC_MSG_RESULT(yes)
2882 AC_DEFINE(HAS_SHADOW_EXPIRE)
2883 else
2884 AC_MSG_RESULT(no)
2885 fi
2886fi
2887
a0391976 2888# Use ip address instead of hostname in $DISPLAY
44839801 2889if test ! -z "$IPADDR_IN_DISPLAY" ; then
2890 DISPLAY_HACK_MSG="yes"
2891 AC_DEFINE(IPADDR_IN_DISPLAY)
2892else
aff51935 2893 DISPLAY_HACK_MSG="no"
44839801 2894 AC_ARG_WITH(ipaddr-display,
2895 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2896 [
82f4e93d 2897 if test "x$withval" != "xno" ; then
44839801 2898 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2899 DISPLAY_HACK_MSG="yes"
44839801 2900 fi
2901 ]
2902 )
2903fi
a7effaac 2904
95b99395 2905# check for /etc/default/login and use it if present.
daa41e62 2906AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2907 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2908 [ if test "x$enableval" = "xno"; then
2909 AC_MSG_NOTICE([/etc/default/login handling disabled])
2910 etc_default_login=no
2911 else
2912 etc_default_login=yes
2913 fi ],
2914 [ etc_default_login=yes ]
2915)
95b99395 2916
694d0cef 2917if test "x$etc_default_login" != "xno"; then
2918 AC_CHECK_FILE("/etc/default/login",
2919 [ external_path_file=/etc/default/login ])
479cece8 2920 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2921 then
1a01a50c 2922 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2923 elif test "x$external_path_file" = "x/etc/default/login"; then
2924 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2925 fi
694d0cef 2926fi
95b99395 2927
8d184c09 2928dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 2929if test $ac_cv_func_login_getcapbool = "yes" && \
2930 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2931 external_path_file=/etc/login.conf
8d184c09 2932fi
95b99395 2933
a0391976 2934# Whether to mess with the default path
aff51935 2935SERVER_PATH_MSG="(default)"
c43d69a9 2936AC_ARG_WITH(default-path,
75817f90 2937 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2938 [
95b99395 2939 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2940 AC_MSG_WARN([
2941--with-default-path=PATH has no effect on this system.
2942Edit /etc/login.conf instead.])
82f4e93d 2943 elif test "x$withval" != "xno" ; then
89bbd457 2944 if test ! -z "$external_path_file" ; then
95b99395 2945 AC_MSG_WARN([
2946--with-default-path=PATH will only be used if PATH is not defined in
2947$external_path_file .])
2948 fi
b2d818e6 2949 user_path="$withval"
aff51935 2950 SERVER_PATH_MSG="$withval"
cb807f40 2951 fi
b2d818e6 2952 ],
95b99395 2953 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2954 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2955 else
89bbd457 2956 if test ! -z "$external_path_file" ; then
95b99395 2957 AC_MSG_WARN([
2958If PATH is defined in $external_path_file, ensure the path to scp is included,
2959otherwise scp will not work.])
2960 fi
2961 AC_TRY_RUN(
2962 [
b2d818e6 2963/* find out what STDPATH is */
2964#include <stdio.h>
b2d818e6 2965#ifdef HAVE_PATHS_H
2966# include <paths.h>
2967#endif
2968#ifndef _PATH_STDPATH
d9a4e55b 2969# ifdef _PATH_USERPATH /* Irix */
2970# define _PATH_STDPATH _PATH_USERPATH
2971# else
2972# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2973# endif
b2d818e6 2974#endif
2975#include <sys/types.h>
2976#include <sys/stat.h>
2977#include <fcntl.h>
2978#define DATA "conftest.stdpath"
2979
2980main()
2981{
2982 FILE *fd;
2983 int rc;
82f4e93d 2984
b2d818e6 2985 fd = fopen(DATA,"w");
2986 if(fd == NULL)
2987 exit(1);
82f4e93d 2988
b2d818e6 2989 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2990 exit(1);
2991
2992 exit(0);
2993}
2994 ], [ user_path=`cat conftest.stdpath` ],
2995 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2996 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2997 )
2998# make sure $bindir is in USER_PATH so scp will work
2999 t_bindir=`eval echo ${bindir}`
3000 case $t_bindir in
3001 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3002 esac
3003 case $t_bindir in
3004 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3005 esac
3006 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3007 if test $? -ne 0 ; then
3008 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3009 if test $? -ne 0 ; then
3010 user_path=$user_path:$t_bindir
3011 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3012 fi
3013 fi
8d184c09 3014 fi ]
cb807f40 3015)
95b99395 3016if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 3017 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
3018 AC_SUBST(user_path)
3019fi
cb807f40 3020
06617857 3021# Set superuser path separately to user path
06617857 3022AC_ARG_WITH(superuser-path,
3023 [ --with-superuser-path= Specify different path for super-user],
3024 [
6cf0200f 3025 if test -n "$withval" && test "x$withval" != "xno" && \
3026 test "x${withval}" != "xyes"; then
06617857 3027 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
3028 superuser_path=$withval
3029 fi
3030 ]
3031)
3032
3033
58d100bf 3034AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3035IPV4_IN6_HACK_MSG="no"
80faa19f 3036AC_ARG_WITH(4in6,
3037 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3038 [
3039 if test "x$withval" != "xno" ; then
3040 AC_MSG_RESULT(yes)
3041 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3042 IPV4_IN6_HACK_MSG="yes"
80faa19f 3043 else
3044 AC_MSG_RESULT(no)
3045 fi
3046 ],[
3047 if test "x$inet6_default_4in6" = "xyes"; then
3048 AC_MSG_RESULT([yes (default)])
3049 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3050 IPV4_IN6_HACK_MSG="yes"
80faa19f 3051 else
3052 AC_MSG_RESULT([no (default)])
3053 fi
3054 ]
3055)
3056
af774732 3057# Whether to enable BSD auth support
f1b0ecc3 3058BSD_AUTH_MSG=no
af774732 3059AC_ARG_WITH(bsd-auth,
3060 [ --with-bsd-auth Enable BSD auth support],
3061 [
82f4e93d 3062 if test "x$withval" != "xno" ; then
af774732 3063 AC_DEFINE(BSD_AUTH)
f1b0ecc3 3064 BSD_AUTH_MSG=yes
af774732 3065 fi
3066 ]
3067)
3068
a0391976 3069# Where to place sshd.pid
19d9ac2a 3070piddir=/var/run
81dadca3 3071# make sure the directory exists
82f4e93d 3072if test ! -d $piddir ; then
81dadca3 3073 piddir=`eval echo ${sysconfdir}`
3074 case $piddir in
aff51935 3075 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3076 esac
3077fi
3078
47e45e44 3079AC_ARG_WITH(pid-dir,
3080 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3081 [
6cf0200f 3082 if test -n "$withval" && test "x$withval" != "xno" && \
3083 test "x${withval}" != "xyes"; then
19d9ac2a 3084 piddir=$withval
82f4e93d 3085 if test ! -d $piddir ; then
81dadca3 3086 AC_MSG_WARN([** no $piddir directory on this system **])
3087 fi
47e45e44 3088 fi
3089 ]
3090)
b7a87eea 3091
42f11eb2 3092AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 3093AC_SUBST(piddir)
47e45e44 3094
1d7b9b20 3095dnl allow user to disable some login recording features
3096AC_ARG_ENABLE(lastlog,
bfd550a2 3097 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3098 [
3099 if test "x$enableval" = "xno" ; then
3100 AC_DEFINE(DISABLE_LASTLOG)
3101 fi
3102 ]
1d7b9b20 3103)
3104AC_ARG_ENABLE(utmp,
bfd550a2 3105 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3106 [
3107 if test "x$enableval" = "xno" ; then
3108 AC_DEFINE(DISABLE_UTMP)
3109 fi
3110 ]
1d7b9b20 3111)
3112AC_ARG_ENABLE(utmpx,
bfd550a2 3113 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3114 [
3115 if test "x$enableval" = "xno" ; then
3116 AC_DEFINE(DISABLE_UTMPX)
3117 fi
3118 ]
1d7b9b20 3119)
3120AC_ARG_ENABLE(wtmp,
bfd550a2 3121 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3122 [
3123 if test "x$enableval" = "xno" ; then
3124 AC_DEFINE(DISABLE_WTMP)
3125 fi
3126 ]
1d7b9b20 3127)
3128AC_ARG_ENABLE(wtmpx,
bfd550a2 3129 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3130 [
3131 if test "x$enableval" = "xno" ; then
3132 AC_DEFINE(DISABLE_WTMPX)
3133 fi
3134 ]
1d7b9b20 3135)
3136AC_ARG_ENABLE(libutil,
bfd550a2 3137 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3138 [
3139 if test "x$enableval" = "xno" ; then
3140 AC_DEFINE(DISABLE_LOGIN)
3141 fi
3142 ]
1d7b9b20 3143)
3144AC_ARG_ENABLE(pututline,
bfd550a2 3145 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3146 [
3147 if test "x$enableval" = "xno" ; then
aff51935 3148 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 3149 fi
3150 ]
1d7b9b20 3151)
3152AC_ARG_ENABLE(pututxline,
bfd550a2 3153 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3154 [
3155 if test "x$enableval" = "xno" ; then
3156 AC_DEFINE(DISABLE_PUTUTXLINE)
3157 fi
3158 ]
1d7b9b20 3159)
3160AC_ARG_WITH(lastlog,
bfd550a2 3161 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3162 [
82f4e93d 3163 if test "x$withval" = "xno" ; then
8c89dd2b 3164 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3165 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3166 conf_lastlog_location=$withval
3167 fi
3168 ]
3169)
1d7b9b20 3170
3171dnl lastlog, [uw]tmpx? detection
3172dnl NOTE: set the paths in the platform section to avoid the
3173dnl need for command-line parameters
3174dnl lastlog and [uw]tmp are subject to a file search if all else fails
3175
3176dnl lastlog detection
3177dnl NOTE: the code itself will detect if lastlog is a directory
3178AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3179AC_TRY_COMPILE([
3180#include <sys/types.h>
3181#include <utmp.h>
3182#ifdef HAVE_LASTLOG_H
3183# include <lastlog.h>
3184#endif
d7c0f3d5 3185#ifdef HAVE_PATHS_H
1d7b9b20 3186# include <paths.h>
41cb4569 3187#endif
3188#ifdef HAVE_LOGIN_H
3189# include <login.h>
1d7b9b20 3190#endif
3191 ],
3192 [ char *lastlog = LASTLOG_FILE; ],
3193 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3194 [
3195 AC_MSG_RESULT(no)
3196 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3197 AC_TRY_COMPILE([
3198#include <sys/types.h>
3199#include <utmp.h>
3200#ifdef HAVE_LASTLOG_H
3201# include <lastlog.h>
3202#endif
3203#ifdef HAVE_PATHS_H
3204# include <paths.h>
3205#endif
3206 ],
3207 [ char *lastlog = _PATH_LASTLOG; ],
3208 [ AC_MSG_RESULT(yes) ],
3209 [
f282b668 3210 AC_MSG_RESULT(no)
d7c0f3d5 3211 system_lastlog_path=no
3212 ])
3213 ]
1d7b9b20 3214)
d7c0f3d5 3215
1d7b9b20 3216if test -z "$conf_lastlog_location"; then
3217 if test x"$system_lastlog_path" = x"no" ; then
3218 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3219 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3220 conf_lastlog_location=$f
3221 fi
3222 done
3223 if test -z "$conf_lastlog_location"; then
f8119cef 3224 AC_MSG_WARN([** Cannot find lastlog **])
3225 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3226 fi
3227 fi
3228fi
3229
3230if test -n "$conf_lastlog_location"; then
3231 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
82f4e93d 3232fi
1d7b9b20 3233
3234dnl utmp detection
3235AC_MSG_CHECKING([if your system defines UTMP_FILE])
3236AC_TRY_COMPILE([
3237#include <sys/types.h>
3238#include <utmp.h>
d7c0f3d5 3239#ifdef HAVE_PATHS_H
1d7b9b20 3240# include <paths.h>
3241#endif
3242 ],
3243 [ char *utmp = UTMP_FILE; ],
3244 [ AC_MSG_RESULT(yes) ],
3245 [ AC_MSG_RESULT(no)
3246 system_utmp_path=no ]
3247)
3248if test -z "$conf_utmp_location"; then
3249 if test x"$system_utmp_path" = x"no" ; then
3250 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3251 if test -f $f ; then
3252 conf_utmp_location=$f
3253 fi
3254 done
3255 if test -z "$conf_utmp_location"; then
3256 AC_DEFINE(DISABLE_UTMP)
3257 fi
3258 fi
3259fi
3260if test -n "$conf_utmp_location"; then
3261 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
82f4e93d 3262fi
1d7b9b20 3263
3264dnl wtmp detection
3265AC_MSG_CHECKING([if your system defines WTMP_FILE])
3266AC_TRY_COMPILE([
3267#include <sys/types.h>
3268#include <utmp.h>
d7c0f3d5 3269#ifdef HAVE_PATHS_H
1d7b9b20 3270# include <paths.h>
3271#endif
3272 ],
3273 [ char *wtmp = WTMP_FILE; ],
3274 [ AC_MSG_RESULT(yes) ],
3275 [ AC_MSG_RESULT(no)
3276 system_wtmp_path=no ]
3277)
3278if test -z "$conf_wtmp_location"; then
3279 if test x"$system_wtmp_path" = x"no" ; then
3280 for f in /usr/adm/wtmp /var/log/wtmp; do
3281 if test -f $f ; then
3282 conf_wtmp_location=$f
3283 fi
3284 done
3285 if test -z "$conf_wtmp_location"; then
3286 AC_DEFINE(DISABLE_WTMP)
3287 fi
3288 fi
3289fi
3290if test -n "$conf_wtmp_location"; then
3291 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
82f4e93d 3292fi
1d7b9b20 3293
3294
3295dnl utmpx detection - I don't know any system so perverse as to require
3296dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3297dnl there, though.
3298AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3299AC_TRY_COMPILE([
3300#include <sys/types.h>
3301#include <utmp.h>
3302#ifdef HAVE_UTMPX_H
3303#include <utmpx.h>
3304#endif
d7c0f3d5 3305#ifdef HAVE_PATHS_H
1d7b9b20 3306# include <paths.h>
3307#endif
3308 ],
3309 [ char *utmpx = UTMPX_FILE; ],
3310 [ AC_MSG_RESULT(yes) ],
3311 [ AC_MSG_RESULT(no)
3312 system_utmpx_path=no ]
3313)
3314if test -z "$conf_utmpx_location"; then
3315 if test x"$system_utmpx_path" = x"no" ; then
3316 AC_DEFINE(DISABLE_UTMPX)
3317 fi
3318else
3319 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
82f4e93d 3320fi
1d7b9b20 3321
3322dnl wtmpx detection
3323AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3324AC_TRY_COMPILE([
3325#include <sys/types.h>
3326#include <utmp.h>
3327#ifdef HAVE_UTMPX_H
3328#include <utmpx.h>
3329#endif
d7c0f3d5 3330#ifdef HAVE_PATHS_H
1d7b9b20 3331# include <paths.h>
3332#endif
3333 ],
3334 [ char *wtmpx = WTMPX_FILE; ],
3335 [ AC_MSG_RESULT(yes) ],
3336 [ AC_MSG_RESULT(no)
3337 system_wtmpx_path=no ]
3338)
3339if test -z "$conf_wtmpx_location"; then
3340 if test x"$system_wtmpx_path" = x"no" ; then
3341 AC_DEFINE(DISABLE_WTMPX)
3342 fi
3343else
3344 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
82f4e93d 3345fi
1d7b9b20 3346
b7a87eea 3347
bd499f9e 3348if test ! -z "$blibpath" ; then
68ece370 3349 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3350 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3351fi
3352
ddceb1c8 3353dnl remove pam and dl because they are in $LIBPAM
3354if test "$PAM_MSG" = yes ; then
98f2d9d5 3355 LIBS=`echo $LIBS | sed 's/-lpam //'`
3356fi
3357if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3358 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3359fi
3360
3c62e7eb 3361AC_EXEEXT
d7cfdd7c 3362AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3363 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3364AC_OUTPUT
d3083fbd 3365
cbd7492e 3366# Print summary of options
3367
cbd7492e 3368# Someone please show me a better way :)
3369A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3370B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3371C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3372D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3373E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3374F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3375G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3376H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3377I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3378J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3379
3380echo ""
26de7942 3381echo "OpenSSH has been configured with the following options:"
ecac8ee5 3382echo " User binaries: $B"
3383echo " System binaries: $C"
3384echo " Configuration files: $D"
3385echo " Askpass program: $E"
3386echo " Manual pages: $F"
3387echo " PID file: $G"
3388echo " Privilege separation chroot path: $H"
95b99395 3389if test "x$external_path_file" = "x/etc/login.conf" ; then
3390echo " At runtime, sshd will use the path defined in $external_path_file"
3391echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3392else
ecac8ee5 3393echo " sshd default user PATH: $I"
89bbd457 3394 if test ! -z "$external_path_file"; then
95b99395 3395echo " (If PATH is set in $external_path_file it will be used instead. If"
3396echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3397 fi
8d184c09 3398fi
06617857 3399if test ! -z "$superuser_path" ; then
ecac8ee5 3400echo " sshd superuser user PATH: $J"
3401fi
3402echo " Manpage format: $MANTYPE"
3e05e934 3403echo " PAM support: $PAM_MSG"
ecac8ee5 3404echo " KerberosV support: $KRB5_MSG"
3405echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3406echo " S/KEY support: $SKEY_MSG"
3407echo " TCP Wrappers support: $TCPW_MSG"
3408echo " MD5 password support: $MD5_MSG"
59031773 3409echo " libedit support: $LIBEDIT_MSG"
3deb1408 3410echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3411echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3412echo " BSD Auth support: $BSD_AUTH_MSG"
3413echo " Random number source: $RAND_MSG"
f1b0ecc3 3414if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3415echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3416fi
3417
cbd7492e 3418echo ""
3419
0c2fb82f 3420echo " Host: ${host}"
3421echo " Compiler: ${CC}"
3422echo " Compiler flags: ${CFLAGS}"
3423echo "Preprocessor flags: ${CPPFLAGS}"
3424echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3425echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3426
3427echo ""
3428
9cefe228 3429if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3430 echo "SVR4 style packages are supported with \"make package\""
3431 echo ""
9cefe228 3432fi
3433
adeebd37 3434if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3435 echo "PAM is enabled. You may need to install a PAM control file "
3436 echo "for sshd, otherwise password authentication may fail. "
aff51935 3437 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3438 echo "subdirectory"
adeebd37 3439 echo ""
3440fi
3441
f1b0ecc3 3442if test ! -z "$RAND_HELPER_CMDHASH" ; then
3443 echo "WARNING: you are using the builtin random number collection "
3444 echo "service. Please read WARNING.RNG and request that your OS "
3445 echo "vendor includes kernel-based random number collection in "
3446 echo "future versions of your OS."
2c523de9 3447 echo ""
3448fi
af774732 3449
2f6f9cff 3450if test ! -z "$NO_PEERCHECK" ; then
3451 echo "WARNING: the operating system that you are using does not "
3452 echo "appear to support either the getpeereid() API nor the "
3453 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3454 echo "enforce security checks to prevent unauthorised connections to "
3455 echo "ssh-agent. Their absence increases the risk that a malicious "
3456 echo "user can connect to your agent. "
3457 echo ""
3458fi
3459
7b578f7d 3460if test "$AUDIT_MODULE" = "bsm" ; then
3461 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3462 echo "See the Solaris section in README.platform for details."
3463fi
git-cvsimport mirror of OpenSSH
This page took 1.03314 seconds and 5 git commands to generate.