]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh]
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
b5902374 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
cd595991 112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
b55b0285 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
caa21240 127 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 128 # and/or platforms, so we test if we can. If it's not supported
53e2660a 129 # on a given platform gcc will emit a warning so we use -Werror.
caa21240 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
23c5c479 132 AC_MSG_CHECKING(if $CC supports $t)
caa21240 133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
23c5c479 135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
53e2660a 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
23c5c479 141 ])],
caa21240 142 [ AC_MSG_RESULT(yes)
23c5c479 143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
caa21240 145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
53e2660a 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
caa21240 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
23c5c479 156 )
caa21240 157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
eb5a7224 164
dfafb2e1 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
d423d822 176fi
177
0b9fdeb8 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
e6354014 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
82f4e93d 185 if test "x$withval" = "xno" ; then
e6354014 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
aa56f760 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
6d39a5c4 265 poll.h \
aa56f760 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
4538e135 282 sys/mount.h \
aa56f760 283 sys/ndir.h \
8aa5db7d 284 sys/poll.h \
aa56f760 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
4538e135 292 sys/statvfs.h \
aa56f760 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
40701614 300 ucred.h \
aa56f760 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
5b84789f 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
a0391976 333# Check for some target-specific stuff
a7effaac 334case "$host" in
9d6b1b96 335*-*-aix*)
25a2779b 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
aff51935 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 358 if (test -z "$blibpath"); then
0a15d73b 359 blibpath="/usr/lib:/lib"
68ece370 360 fi
361 saved_LDFLAGS="$LDFLAGS"
e7479666 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
68ece370 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
bd499f9e 378 fi
68ece370 379 LDFLAGS="$saved_LDFLAGS"
e351e493 380 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
0764e748 383 [AC_CHECK_LIB(s,authenticate,
e351e493 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 385 LIBS="$LIBS -ls"
386 ])
387 ])
ba603e06 388 dnl Check for various auth function declarations in headers.
c85ed8e2 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 392 AC_CHECK_DECLS(loginfailed,
e351e493 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
f58c0e01 395 [#include <usersec.h>],
e351e493 396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
3466e002 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 401 [AC_MSG_RESULT(no)]
e351e493 402 )],
403 [],
404 [#include <usersec.h>]
405 )
533a78f0 406 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 407 AC_CHECK_DECL(F_CLOSEM,
795e7517 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
5ccf88cb 413 check_for_aix_broken_getaddrinfo=1
3466e002 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 419 dnl AIX handles lastlog as part of its login message
3466e002 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
961c2997 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 429 ;;
3c62e7eb 430*-*-cygwin*)
a52997bd 431 check_for_libcrypt_later=1
04765d02 432 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
437 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
438 [Define if your system choked on IP TOS setting])
439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
440 [Define if X11 doesn't support AF_UNIX sockets on that system])
441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
442 [Define if the concept of ports only accessible to
443 superusers isn't known])
444 AC_DEFINE(DISABLE_FD_PASSING, 1,
445 [Define if your platform needs to skip post auth
446 file descriptor passing])
3c62e7eb 447 ;;
d6fdb079 448*-*-dgux*)
449 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 450 AC_DEFINE(SETEUID_BREAKS_SETUID)
451 AC_DEFINE(BROKEN_SETREUID)
452 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 453 ;;
39c98ef7 454*-*-darwin*)
33e2e066 455 AC_MSG_CHECKING(if we have working getaddrinfo)
456 AC_TRY_RUN([#include <mach-o/dyld.h>
457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
458 exit(0);
459 else
460 exit(1);
461}], [AC_MSG_RESULT(working)],
462 [AC_MSG_RESULT(buggy)
3466e002 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 464 [AC_MSG_RESULT(assume it is working)])
635e0c42 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
470 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
473 [Use tunnel device compatibility to OpenBSD])
474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
475 [Prepend the address family to IP tunnel traffic])
a74e9b64 476 m4_pattern_allow(AU_IPv)
477 AC_CHECK_DECL(AU_IPv4, [],
478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
479 [#include <bsm/audit.h>]
295dd642 480 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1,
481 [Define if pututxline updates lastlog too])
a74e9b64 482 )
39c98ef7 483 ;;
36f36ba3 484*-*-dragonfly*)
485 SSHDLIBS="$SSHDLIBS -lcrypt"
486 ;;
7d458c86 487*-*-hpux*)
488 # first we define all of the options common to all HP-UX releases
b8fea62d 489 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 490 IPADDR_IN_DISPLAY=yes
2b10f47a 491 AC_DEFINE(USE_PIPES)
3466e002 492 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
493 [Define if your login program cannot handle end of options ("--")])
a2572aa7 494 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 495 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
496 [String used in /etc/passwd to denote locked account])
3a2b2b44 497 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 498 MAIL="/var/mail/username"
f75ca46d 499 LIBS="$LIBS -lsec"
7d458c86 500 AC_CHECK_LIB(xnet, t_error, ,
501 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
502
503 # next, we define all of the options specific to major releases
504 case "$host" in
505 *-*-hpux10*)
506 if test -z "$GCC"; then
507 CFLAGS="$CFLAGS -Ae"
508 fi
509 ;;
510 *-*-hpux11*)
3466e002 511 AC_DEFINE(PAM_SUN_CODEBASE, 1,
512 [Define if you are using Solaris-derived PAM which
513 passes pam_messages to the conversation function
514 with an extra level of indirection])
515 AC_DEFINE(DISABLE_UTMP, 1,
516 [Define if you don't want to use utmp])
7d458c86 517 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
518 check_for_hpux_broken_getaddrinfo=1
519 check_for_conflicting_getspnam=1
520 ;;
521 esac
522
523 # lastly, we define options specific to minor releases
524 case "$host" in
525 *-*-hpux10.26)
3466e002 526 AC_DEFINE(HAVE_SECUREWARE, 1,
527 [Define if you have SecureWare-based
528 protected password database])
7d458c86 529 disable_ptmx_check=yes
530 LIBS="$LIBS -lsecpw"
531 ;;
532 esac
2b763e31 533 ;;
d94aa2ae 534*-*-irix5*)
6ac7829a 535 PATH="$PATH:/usr/etc"
3466e002 536 AC_DEFINE(BROKEN_INET_NTOA, 1,
537 [Define if you system's inet_ntoa is busted
538 (e.g. Irix gcc issue)])
cb433561 539 AC_DEFINE(SETEUID_BREAKS_SETUID)
540 AC_DEFINE(BROKEN_SETREUID)
541 AC_DEFINE(BROKEN_SETREGID)
3466e002 542 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
543 [Define if you shouldn't strip 'tty' from your
544 ttyname in [uw]tmp])
3e6e3da0 545 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 546 ;;
547*-*-irix6*)
6ac7829a 548 PATH="$PATH:/usr/etc"
3466e002 549 AC_DEFINE(WITH_IRIX_ARRAY, 1,
550 [Define if you have/want arrays
551 (cluster-wide session managment, not C arrays)])
552 AC_DEFINE(WITH_IRIX_PROJECT, 1,
553 [Define if you want IRIX project management])
554 AC_DEFINE(WITH_IRIX_AUDIT, 1,
555 [Define if you want IRIX audit trails])
556 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
557 [Define if you want IRIX kernel jobs])])
416ed5a7 558 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 559 AC_DEFINE(SETEUID_BREAKS_SETUID)
560 AC_DEFINE(BROKEN_SETREUID)
561 AC_DEFINE(BROKEN_SETREGID)
3466e002 562 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 563 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 564 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 565 ;;
5cdfe03f 566*-*-linux*)
567 no_dev_ptmx=1
717057b6 568 check_for_libcrypt_later=1
eacb954e 569 check_for_openpty_ctty_bug=1
3466e002 570 AC_DEFINE(PAM_TTY_KLUDGE, 1,
571 [Work around problematic Linux PAM modules handling of PAM_TTY])
572 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
573 [String used in /etc/passwd to denote locked account])
3a2b2b44 574 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 575 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
576 [Define to whatever link() returns for "not supported"
577 if it doesn't return EOPNOTSUPP.])
b6610e8f 578 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 579 AC_DEFINE(USE_BTMP)
80faa19f 580 inet6_default_4in6=yes
bf7c1e6c 581 case `uname -r` in
ad84c479 582 1.*|2.0.*)
3466e002 583 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
584 [Define if cmsg_type is not passed correctly])
bf7c1e6c 585 ;;
bf7c1e6c 586 esac
c40f09ca 587 # tun(4) forwarding compat code
d91775e1 588 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 589 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 590 AC_DEFINE(SSH_TUN_LINUX, 1,
591 [Open tunnel devices the Linux tun/tap way])
592 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
593 [Use tunnel device compatibility to OpenBSD])
594 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
595 [Prepend the address family to IP tunnel traffic])
596 fi
5cdfe03f 597 ;;
66d6c27e 598mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 599 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 600 SONY=1
66d6c27e 601 ;;
d468fc76 602*-*-netbsd*)
33e2e066 603 check_for_libcrypt_before=1
82f4e93d 604 if test "x$withval" != "xno" ; then
e6354014 605 need_dash_r=1
606 fi
0f6cb079 607 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
608 AC_CHECK_HEADER([net/if_tap.h], ,
609 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
610 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
611 [Prepend the address family to IP tunnel traffic])
d468fc76 612 ;;
86b416a7 613*-*-freebsd*)
614 check_for_libcrypt_later=1
988c5031 615 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 616 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
617 AC_CHECK_HEADER([net/if_tap.h], ,
618 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 619 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 620 ;;
8707b7eb 621*-*-bsdi*)
622 AC_DEFINE(SETEUID_BREAKS_SETUID)
623 AC_DEFINE(BROKEN_SETREUID)
624 AC_DEFINE(BROKEN_SETREGID)
625 ;;
729bfe59 626*-next-*)
729bfe59 627 conf_lastlog_location="/usr/adm/lastlog"
698d107e 628 conf_utmp_location=/etc/utmp
629 conf_wtmp_location=/usr/adm/wtmp
630 MAIL=/usr/spool/mail
3466e002 631 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 632 AC_DEFINE(BROKEN_REALPATH)
00937921 633 AC_DEFINE(USE_PIPES)
3466e002 634 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 635 ;;
5b7b5e23 636*-*-openbsd*)
637 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 638 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 639 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 640 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
641 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 642 ;;
9d6b1b96 643*-*-solaris*)
82f4e93d 644 if test "x$withval" != "xno" ; then
010e9d5b 645 need_dash_r=1
646 fi
adeebd37 647 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 648 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 649 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
650 [Some versions of /bin/login need the TERM supplied
651 on the commandline])
7f0a4ff1 652 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 653 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
654 [Define if pam_chauthtok wants real uid set
655 to the unpriv'ed user])
3e6e3da0 656 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 657 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 658 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
659 [Define if sshd somehow reacquires a controlling TTY
660 after setsid()])
795aa5f5 661 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
662 in case the name is longer than 8 chars])
95b99395 663 external_path_file=/etc/default/login
1d7b9b20 664 # hardwire lastlog location (can't detect it on some versions)
665 conf_lastlog_location="/var/adm/lastlog"
32c80420 666 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
667 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
668 if test "$sol2ver" -ge 8; then
669 AC_MSG_RESULT(yes)
670 AC_DEFINE(DISABLE_UTMP)
3466e002 671 AC_DEFINE(DISABLE_WTMP, 1,
672 [Define if you don't want to use wtmp])
32c80420 673 else
674 AC_MSG_RESULT(no)
675 fi
5b84789f 676 AC_ARG_WITH(solaris-contracts,
677 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
678 [
679 AC_CHECK_LIB(contract, ct_tmpl_activate,
680 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
681 [Define if you have Solaris process contracts])
682 SSHDLIBS="$SSHDLIBS -lcontract"
683 AC_SUBST(SSHDLIBS)
684 SPC_MSG="yes" ], )
685 ],
686 )
9d6b1b96 687 ;;
a423beaf 688*-*-sunos4*)
0c2fb82f 689 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 690 AC_CHECK_FUNCS(getpwanam)
adeebd37 691 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 692 conf_utmp_location=/etc/utmp
693 conf_wtmp_location=/var/adm/wtmp
694 conf_lastlog_location=/var/adm/lastlog
137d7b6c 695 AC_DEFINE(USE_PIPES)
a423beaf 696 ;;
6f68f28a 697*-ncr-sysv*)
98a7c37b 698 LIBS="$LIBS -lc89"
29525240 699 AC_DEFINE(USE_PIPES)
eabb99c6 700 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 701 AC_DEFINE(SETEUID_BREAKS_SETUID)
702 AC_DEFINE(BROKEN_SETREUID)
703 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 704 ;;
132dd316 705*-sni-sysv*)
c8c15bcb 706 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 707 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 708 # -lresolv needs to be at the end of LIBS or DNS lookups break
709 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 710 IPADDR_IN_DISPLAY=yes
711 AC_DEFINE(USE_PIPES)
132dd316 712 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 713 AC_DEFINE(SETEUID_BREAKS_SETUID)
714 AC_DEFINE(BROKEN_SETREUID)
715 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 716 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 717 external_path_file=/etc/default/login
c8c15bcb 718 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
719 # Attention: always take care to bind libsocket and libnsl before libc,
720 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 721 ;;
79a7ba96 722# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 723*-*-sysv4.2*)
ed6553e2 724 AC_DEFINE(USE_PIPES)
7ed101c0 725 AC_DEFINE(SETEUID_BREAKS_SETUID)
726 AC_DEFINE(BROKEN_SETREUID)
727 AC_DEFINE(BROKEN_SETREGID)
46f853b9 728 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 729 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 730 ;;
79a7ba96 731# UnixWare 7.x, OpenUNIX 8
77bb0bca 732*-*-sysv5*)
d7d2cc6e 733 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 734 AC_DEFINE(USE_PIPES)
7ed101c0 735 AC_DEFINE(SETEUID_BREAKS_SETUID)
736 AC_DEFINE(BROKEN_SETREUID)
737 AC_DEFINE(BROKEN_SETREGID)
3466e002 738 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 739 case "$host" in
740 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
741 TEST_SHELL=/u95/bin/sh
3466e002 742 AC_DEFINE(BROKEN_LIBIAF, 1,
743 [ia_uinfo routines not supported by OS yet])
5cc6ddad 744 AC_DEFINE(BROKEN_UPDWTMPX)
16076ac9 745 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
746 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
747 AC_DEFINE(HAVE_SECUREWARE)
748 AC_DEFINE(DISABLE_SHADOW)
749 ],,)
822015dd 750 ;;
e45da4d6 751 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
44a71983 752 check_for_libcrypt_later=1
e45da4d6 753 ;;
822015dd 754 esac
77bb0bca 755 ;;
9d6b1b96 756*-*-sysv*)
9d6b1b96 757 ;;
79a7ba96 758# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 759*-*-sco3.2v4*)
11cf4f1f 760 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 761 ;;
79a7ba96 762# SCO OpenServer 5.x
77bb0bca 763*-*-sco3.2v5*)
21710e39 764 if test -z "$GCC"; then
765 CFLAGS="$CFLAGS -belf"
766 fi
ed6553e2 767 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 768 no_dev_ptmx=1
ed6553e2 769 AC_DEFINE(USE_PIPES)
6e879cb4 770 AC_DEFINE(HAVE_SECUREWARE)
d287c664 771 AC_DEFINE(DISABLE_SHADOW)
94d8258b 772 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 773 AC_DEFINE(SETEUID_BREAKS_SETUID)
774 AC_DEFINE(BROKEN_SETREUID)
775 AC_DEFINE(BROKEN_SETREGID)
bcebad47 776 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 777 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 778 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 779 AC_CHECK_FUNCS(getluid setluid)
533875af 780 MANTYPE=man
a3245b92 781 TEST_SHELL=ksh
509b1f88 782 ;;
ccbb983c 783*-*-unicosmk*)
3466e002 784 AC_DEFINE(NO_SSH_LASTLOG, 1,
785 [Define if you don't want to use lastlog in session.c])
c1ad5966 786 AC_DEFINE(SETEUID_BREAKS_SETUID)
787 AC_DEFINE(BROKEN_SETREUID)
788 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 789 AC_DEFINE(USE_PIPES)
790 AC_DEFINE(DISABLE_FD_PASSING)
791 LDFLAGS="$LDFLAGS"
792 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
793 MANTYPE=cat
d262b7f2 794 ;;
7b9a8c6e 795*-*-unicosmp*)
c1ad5966 796 AC_DEFINE(SETEUID_BREAKS_SETUID)
797 AC_DEFINE(BROKEN_SETREUID)
798 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 799 AC_DEFINE(WITH_ABBREV_NO_TTY)
800 AC_DEFINE(USE_PIPES)
801 AC_DEFINE(DISABLE_FD_PASSING)
802 LDFLAGS="$LDFLAGS"
c1ad5966 803 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 804 MANTYPE=cat
805 ;;
ca5c7d6a 806*-*-unicos*)
c1ad5966 807 AC_DEFINE(SETEUID_BREAKS_SETUID)
808 AC_DEFINE(BROKEN_SETREUID)
809 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 810 AC_DEFINE(USE_PIPES)
94d8258b 811 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 812 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 813 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
814 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
815 MANTYPE=cat
a704dd54 816 ;;
4d33e531 817*-dec-osf*)
99c8ddac 818 AC_MSG_CHECKING(for Digital Unix SIA)
819 no_osfsia=""
820 AC_ARG_WITH(osfsia,
821 [ --with-osfsia Enable Digital Unix SIA],
822 [
823 if test "x$withval" = "xno" ; then
824 AC_MSG_RESULT(disabled)
825 no_osfsia=1
826 fi
827 ],
828 )
829 if test -z "$no_osfsia" ; then
4d33e531 830 if test -f /etc/sia/matrix.conf; then
831 AC_MSG_RESULT(yes)
3466e002 832 AC_DEFINE(HAVE_OSF_SIA, 1,
833 [Define if you have Digital Unix Security
834 Integration Architecture])
835 AC_DEFINE(DISABLE_LOGIN, 1,
836 [Define if you don't want to use your
837 system's login() call])
58d0df4e 838 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 839 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 840 SIA_MSG="yes"
4d33e531 841 else
842 AC_MSG_RESULT(no)
3466e002 843 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
844 [String used in /etc/passwd to denote locked account])
4d33e531 845 fi
846 fi
a6e67b60 847 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 848 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 849 AC_DEFINE(BROKEN_SETREUID)
850 AC_DEFINE(BROKEN_SETREGID)
6ed8a3ae 851 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
4d33e531 852 ;;
41cb4569 853
9c54c067 854*-*-nto-qnx*)
41cb4569 855 AC_DEFINE(USE_PIPES)
856 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 857 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
858 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
859 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 860 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 861 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 862 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 863 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 864 case "$host" in
865 *-*-nto-qnx6*)
866 AC_DEFINE(DISABLE_FD_PASSING)
867 ;;
868 esac
41cb4569 869 ;;
35fc74ed 870
871*-*-ultrix*)
3466e002 872 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
873 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 874 AC_DEFINE(NEED_SETPGRP)
b5765e1d 875 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
876 ;;
157b6700 877
878*-*-lynxos)
879 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 880 AC_DEFINE(MISSING_HOWMANY)
157b6700 881 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
882 ;;
a7effaac 883esac
884
c5829391 885AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 886AC_RUN_IFELSE(
887 [AC_LANG_SOURCE([
c5829391 888#include <stdio.h>
889int main(){exit(0);}
479cece8 890 ])],
c5829391 891 [ AC_MSG_RESULT(yes) ],
892 [
893 AC_MSG_RESULT(no)
894 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 895 ],
896 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 897)
898
b04a9f8c 899dnl Checks for header files.
a0391976 900# Checks for libraries.
98a7c37b 901AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
902AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 903
446227d6 904dnl IRIX and Solaris 2.5.1 have dirname() in libgen
905AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
906 AC_CHECK_LIB(gen, dirname,[
907 AC_CACHE_CHECK([for broken dirname],
908 ac_cv_have_broken_dirname, [
909 save_LIBS="$LIBS"
910 LIBS="$LIBS -lgen"
b0e7249f 911 AC_RUN_IFELSE(
912 [AC_LANG_SOURCE([[
446227d6 913#include <libgen.h>
914#include <string.h>
915
916int main(int argc, char **argv) {
917 char *s, buf[32];
918
919 strncpy(buf,"/etc", 32);
920 s = dirname(buf);
921 if (!s || strncmp(s, "/", 32) != 0) {
922 exit(1);
923 } else {
924 exit(0);
925 }
926}
b0e7249f 927 ]])],
928 [ ac_cv_have_broken_dirname="no" ],
929 [ ac_cv_have_broken_dirname="yes" ],
446227d6 930 [ ac_cv_have_broken_dirname="no" ],
446227d6 931 )
932 LIBS="$save_LIBS"
933 ])
934 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
935 LIBS="$LIBS -lgen"
936 AC_DEFINE(HAVE_DIRNAME)
937 AC_CHECK_HEADERS(libgen.h)
938 fi
939 ])
940])
941
942AC_CHECK_FUNC(getspnam, ,
943 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 944AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
945 [Define if you have the basename function.]))
446227d6 946
98a7c37b 947dnl zlib is required
948AC_ARG_WITH(zlib,
949 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 950 [ if test "x$withval" = "xno" ; then
951 AC_MSG_ERROR([*** zlib is required ***])
952 elif test "x$withval" != "xyes"; then
98a7c37b 953 if test -d "$withval/lib"; then
954 if test -n "${need_dash_r}"; then
5a162955 955 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 956 else
5a162955 957 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 958 fi
959 else
960 if test -n "${need_dash_r}"; then
5a162955 961 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 962 else
5a162955 963 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 964 fi
965 fi
966 if test -d "$withval/include"; then
5a162955 967 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 968 else
5a162955 969 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 970 fi
6dd05556 971 fi ]
98a7c37b 972)
973
0a15d73b 974AC_CHECK_LIB(z, deflate, ,
975 [
976 saved_CPPFLAGS="$CPPFLAGS"
977 saved_LDFLAGS="$LDFLAGS"
978 save_LIBS="$LIBS"
979 dnl Check default zlib install dir
980 if test -n "${need_dash_r}"; then
981 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
982 else
983 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
984 fi
985 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
986 LIBS="$LIBS -lz"
987 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
988 [
989 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
990 ]
991 )
992 ]
993)
4ad65809 994AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 995
996AC_ARG_WITH(zlib-version-check,
997 [ --without-zlib-version-check Disable zlib version check],
998 [ if test "x$withval" = "xno" ; then
999 zlib_check_nonfatal=1
1000 fi
1001 ]
1002)
1003
5c7fc85d 1004AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 1005AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 1006#include <stdio.h>
4ad65809 1007#include <zlib.h>
1008int main()
1009{
5c7fc85d 1010 int a=0, b=0, c=0, d=0, n, v;
1011 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1012 if (n != 3 && n != 4)
4ad65809 1013 exit(1);
5c7fc85d 1014 v = a*1000000 + b*10000 + c*100 + d;
1015 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1016
1017 /* 1.1.4 is OK */
1018 if (a == 1 && b == 1 && c >= 4)
4ad65809 1019 exit(0);
5c7fc85d 1020
0072b59d 1021 /* 1.2.3 and up are OK */
1022 if (v >= 1020300)
5c7fc85d 1023 exit(0);
1024
4ad65809 1025 exit(2);
1026}
479cece8 1027 ]])],
5c7fc85d 1028 AC_MSG_RESULT(no),
1029 [ AC_MSG_RESULT(yes)
8068d564 1030 if test -z "$zlib_check_nonfatal" ; then
1031 AC_MSG_ERROR([*** zlib too old - check config.log ***
1032Your reported zlib version has known security problems. It's possible your
1033vendor has fixed these problems without changing the version number. If you
1034are sure this is the case, you can disable the check by running
1035"./configure --without-zlib-version-check".
6090bcfe 1036If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1037See http://www.gzip.org/zlib/ for details.])
8068d564 1038 else
1039 AC_MSG_WARN([zlib version may have security problems])
1040 fi
1a01a50c 1041 ],
1042 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1043)
48e7916f 1044
2c523de9 1045dnl UnixWare 2.x
aff51935 1046AC_CHECK_FUNC(strcasecmp,
2c523de9 1047 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1048)
23361281 1049AC_CHECK_FUNCS(utimes,
cda1ebcb 1050 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1051 LIBS="$LIBS -lc89"]) ]
2c523de9 1052)
4cca272e 1053
7c6d759d 1054dnl Checks for libutil functions
1055AC_CHECK_HEADERS(libutil.h)
3466e002 1056AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1057 [Define if your libraries define login()])])
b3ef88dc 1058AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1059
a738c3b0 1060AC_FUNC_STRFTIME
1061
84ceda19 1062# Check for ALTDIRFUNC glob() extension
1063AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1064AC_EGREP_CPP(FOUNDIT,
1065 [
1066 #include <glob.h>
1067 #ifdef GLOB_ALTDIRFUNC
1068 FOUNDIT
1069 #endif
aff51935 1070 ],
84ceda19 1071 [
3466e002 1072 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1073 [Define if your system glob() function has
1074 the GLOB_ALTDIRFUNC extension])
84ceda19 1075 AC_MSG_RESULT(yes)
1076 ],
1077 [
1078 AC_MSG_RESULT(no)
1079 ]
1080)
4cca272e 1081
40849fdb 1082# Check for g.gl_matchc glob() extension
1083AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1084AC_TRY_COMPILE(
13ff27b7 1085 [ #include <glob.h> ],
1086 [glob_t g; g.gl_matchc = 1;],
aff51935 1087 [
3466e002 1088 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1089 [Define if your system glob() function has
1090 gl_matchc options in glob_t])
aff51935 1091 AC_MSG_RESULT(yes)
1092 ],
1093 [
1094 AC_MSG_RESULT(no)
1095 ]
40849fdb 1096)
1097
78888bab 1098AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1099
edbe6722 1100AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1101AC_RUN_IFELSE(
479cece8 1102 [AC_LANG_SOURCE([[
edbe6722 1103#include <sys/types.h>
1104#include <dirent.h>
aec4cb4f 1105int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1106 ]])],
aff51935 1107 [AC_MSG_RESULT(yes)],
edbe6722 1108 [
1109 AC_MSG_RESULT(no)
3466e002 1110 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1111 [Define if your struct dirent expects you to
3466e002 1112 allocate extra space for d_name])
1a01a50c 1113 ],
82f4e93d 1114 [
1a01a50c 1115 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1116 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1117 ]
1118)
1119
419e26e7 1120AC_MSG_CHECKING([for /proc/pid/fd directory])
1121if test -d "/proc/$$/fd" ; then
3466e002 1122 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1123 AC_MSG_RESULT(yes)
1124else
1125 AC_MSG_RESULT(no)
1126fi
1127
278588d8 1128# Check whether user wants S/Key support
aff51935 1129SKEY_MSG="no"
278588d8 1130AC_ARG_WITH(skey,
6ff3d0dc 1131 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1132 [
1133 if test "x$withval" != "xno" ; then
1134
1135 if test "x$withval" != "xyes" ; then
1136 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1137 LDFLAGS="$LDFLAGS -L${withval}/lib"
1138 fi
1139
3466e002 1140 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1141 LIBS="-lskey $LIBS"
aff51935 1142 SKEY_MSG="yes"
82f4e93d 1143
ddceb1c8 1144 AC_MSG_CHECKING([for s/key support])
b0e7249f 1145 AC_LINK_IFELSE(
1146 [AC_LANG_SOURCE([[
ddceb1c8 1147#include <stdio.h>
1148#include <skey.h>
aec4cb4f 1149int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1150 ]])],
ddceb1c8 1151 [AC_MSG_RESULT(yes)],
278588d8 1152 [
ddceb1c8 1153 AC_MSG_RESULT(no)
278588d8 1154 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1155 ])
141fc639 1156 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1157 AC_TRY_COMPILE(
1158 [#include <stdio.h>
1159 #include <skey.h>],
1160 [(void)skeychallenge(NULL,"name","",0);],
1161 [AC_MSG_RESULT(yes)
3466e002 1162 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1163 [Define if your skeychallenge()
1164 function takes 4 arguments (NetBSD)])],
141fc639 1165 [AC_MSG_RESULT(no)]
1166 )
278588d8 1167 fi
1168 ]
1169)
1170
1171# Check whether user wants TCP wrappers support
98a7c37b 1172TCPW_MSG="no"
278588d8 1173AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1174 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1175 [
1176 if test "x$withval" != "xno" ; then
1177 saved_LIBS="$LIBS"
98a7c37b 1178 saved_LDFLAGS="$LDFLAGS"
1179 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1180 if test -n "${withval}" && \
6cf0200f 1181 test "x${withval}" != "xyes"; then
98a7c37b 1182 if test -d "${withval}/lib"; then
1183 if test -n "${need_dash_r}"; then
5a162955 1184 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1185 else
5a162955 1186 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1187 fi
1188 else
1189 if test -n "${need_dash_r}"; then
5a162955 1190 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1191 else
5a162955 1192 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1193 fi
1194 fi
1195 if test -d "${withval}/include"; then
5a162955 1196 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1197 else
5a162955 1198 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1199 fi
98a7c37b 1200 fi
e54defb4 1201 LIBS="-lwrap $LIBS"
278588d8 1202 AC_MSG_CHECKING(for libwrap)
1203 AC_TRY_LINK(
1204 [
77f09220 1205#include <sys/types.h>
1206#include <sys/socket.h>
1207#include <netinet/in.h>
278588d8 1208#include <tcpd.h>
1209 int deny_severity = 0, allow_severity = 0;
1210 ],
1211 [hosts_access(0);],
1212 [
1213 AC_MSG_RESULT(yes)
3466e002 1214 AC_DEFINE(LIBWRAP, 1,
1215 [Define if you want
1216 TCP Wrappers support])
e54defb4 1217 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1218 TCPW_MSG="yes"
278588d8 1219 ],
1220 [
1221 AC_MSG_ERROR([*** libwrap missing])
1222 ]
1223 )
ddceb1c8 1224 LIBS="$saved_LIBS"
278588d8 1225 fi
1226 ]
1227)
1228
59031773 1229# Check whether user wants libedit support
1230LIBEDIT_MSG="no"
1231AC_ARG_WITH(libedit,
6ff3d0dc 1232 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1233 [ if test "x$withval" != "xno" ; then
737edf04 1234 if test "x$withval" != "xyes"; then
bb116c8e 1235 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1236 if test -n "${need_dash_r}"; then
1237 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1238 else
1239 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1240 fi
737edf04 1241 fi
59031773 1242 AC_CHECK_LIB(edit, el_init,
3466e002 1243 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1244 LIBEDIT="-ledit -lcurses"
1245 LIBEDIT_MSG="yes"
1246 AC_SUBST(LIBEDIT)
1247 ],
737edf04 1248 [ AC_MSG_ERROR(libedit not found) ],
1249 [ -lcurses ]
59031773 1250 )
f47ddccb 1251 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1252 AC_COMPILE_IFELSE(
1253 [AC_LANG_SOURCE([[
1254#include <histedit.h>
f47ddccb 1255int main(void)
1256{
1257 int i = H_SETSIZE;
1258 el_init("", NULL, NULL, NULL);
1259 exit(0);
1260}
d92622f9 1261 ]])],
f47ddccb 1262 [ AC_MSG_RESULT(yes) ],
1263 [ AC_MSG_RESULT(no)
1264 AC_MSG_ERROR(libedit version is not compatible) ]
1265 )
59031773 1266 fi ]
1267)
1268
7b578f7d 1269AUDIT_MODULE=none
1270AC_ARG_WITH(audit,
1271 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1272 [
1273 AC_MSG_CHECKING(for supported audit module)
1274 case "$withval" in
1275 bsm)
1276 AC_MSG_RESULT(bsm)
1277 AUDIT_MODULE=bsm
1278 dnl Checks for headers, libs and functions
1279 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1280 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1281 [
1282#ifdef HAVE_TIME_H
1283# include <time.h>
1284#endif
1285 ]
1286)
7b578f7d 1287 AC_CHECK_LIB(bsm, getaudit, [],
1288 [AC_MSG_ERROR(BSM enabled and required library not found)])
1289 AC_CHECK_FUNCS(getaudit, [],
1290 [AC_MSG_ERROR(BSM enabled and required function not found)])
1291 # These are optional
a74e9b64 1292 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1293 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1294 ;;
1295 debug)
1296 AUDIT_MODULE=debug
1297 AC_MSG_RESULT(debug)
3466e002 1298 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1299 ;;
a2b3321d 1300 no)
d92622f9 1301 AC_MSG_RESULT(no)
a2b3321d 1302 ;;
7b578f7d 1303 *)
1304 AC_MSG_ERROR([Unknown audit module $withval])
1305 ;;
1306 esac ]
1307)
1308
19160674 1309dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1310AC_CHECK_FUNCS( \
1311 arc4random \
185adaf8 1312 arc4random_buf \
1313 arc4random_uniform \
9a406e1e 1314 asprintf \
b04a9f8c 1315 b64_ntop \
1316 __b64_ntop \
1317 b64_pton \
1318 __b64_pton \
1319 bcopy \
1320 bindresvport_sa \
1321 clock \
1322 closefrom \
1323 dirfd \
b04a9f8c 1324 fchmod \
1325 fchown \
1326 freeaddrinfo \
22f5e872 1327 fstatvfs \
b04a9f8c 1328 futimes \
1329 getaddrinfo \
1330 getcwd \
1331 getgrouplist \
1332 getnameinfo \
1333 getopt \
1334 getpeereid \
1961d660 1335 getpeerucred \
b04a9f8c 1336 _getpty \
1337 getrlimit \
1338 getttyent \
1339 glob \
1340 inet_aton \
1341 inet_ntoa \
1342 inet_ntop \
1343 innetgr \
1344 login_getcapbool \
1345 md5_crypt \
1346 memmove \
1347 mkdtemp \
1348 mmap \
1349 ngetaddrinfo \
1350 nsleep \
1351 ogetaddrinfo \
1352 openlog_r \
1353 openpty \
6d39a5c4 1354 poll \
b04a9f8c 1355 prctl \
1356 pstat \
1357 readpassphrase \
1358 realpath \
1359 recvmsg \
1360 rresvport_af \
1361 sendmsg \
1362 setdtablesize \
1363 setegid \
1364 setenv \
1365 seteuid \
1366 setgroups \
1367 setlogin \
1368 setpcred \
1369 setproctitle \
1370 setregid \
1371 setreuid \
1372 setrlimit \
1373 setsid \
1374 setvbuf \
1375 sigaction \
1376 sigvec \
1377 snprintf \
1378 socketpair \
4538e135 1379 statfs \
1380 statvfs \
b04a9f8c 1381 strdup \
1382 strerror \
1383 strlcat \
1384 strlcpy \
1385 strmode \
1386 strnvis \
1387 strtonum \
1e29a0c8 1388 strtoll \
b04a9f8c 1389 strtoul \
1aac2117 1390 swap32 \
b04a9f8c 1391 sysconf \
1392 tcgetpgrp \
1393 truncate \
1394 unsetenv \
1395 updwtmpx \
9a406e1e 1396 vasprintf \
b04a9f8c 1397 vhangup \
1398 vsnprintf \
1399 waitpid \
19160674 1400)
98a7c37b 1401
1a086f97 1402# IRIX has a const char return value for gai_strerror()
1403AC_CHECK_FUNCS(gai_strerror,[
1404 AC_DEFINE(HAVE_GAI_STRERROR)
1405 AC_TRY_COMPILE([
1406#include <sys/types.h>
1407#include <sys/socket.h>
1408#include <netdb.h>
1409
1410const char *gai_strerror(int);],[
1411char *str;
1412
1413str = gai_strerror(0);],[
1414 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1415 [Define if gai_strerror() returns const char *])])])
1416
3466e002 1417AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1418 [Some systems put nanosleep outside of libc]))
92b1decf 1419
309709db 1420dnl Make sure prototypes are defined for these before using them.
309709db 1421AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1422AC_CHECK_DECL(strsep,
1423 [AC_CHECK_FUNCS(strsep)],
1424 [],
1425 [
1426#ifdef HAVE_STRING_H
1427# include <string.h>
1428#endif
1429 ])
08412d26 1430
3490699c 1431dnl tcsendbreak might be a macro
1432AC_CHECK_DECL(tcsendbreak,
1433 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1434 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1435 [#include <termios.h>]
1436)
1437
41e0e158 1438AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1439
71f4c727 1440AC_CHECK_DECLS(SHUT_RD, , ,
1441 [
1442#include <sys/types.h>
1443#include <sys/socket.h>
1444 ])
956d6743 1445
1446AC_CHECK_DECLS(O_NONBLOCK, , ,
1447 [
1448#include <sys/types.h>
1449#ifdef HAVE_SYS_STAT_H
1450# include <sys/stat.h>
1451#endif
1452#ifdef HAVE_FCNTL_H
1453# include <fcntl.h>
1454#endif
1455 ])
1456
752994dd 1457AC_CHECK_DECLS(writev, , , [
1458#include <sys/types.h>
1459#include <sys/uio.h>
1460#include <unistd.h>
1461 ])
1462
0bf6279d 1463AC_CHECK_DECLS(MAXSYMLINKS, , , [
1464#include <sys/param.h>
1465 ])
1466
b41ece30 1467AC_CHECK_DECLS(offsetof, , , [
1468#include <stddef.h>
1469 ])
1470
3f176010 1471AC_CHECK_FUNCS(setresuid, [
1472 dnl Some platorms have setresuid that isn't implemented, test for this
1473 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1474 AC_RUN_IFELSE(
1475 [AC_LANG_SOURCE([[
9a3fe0e2 1476#include <stdlib.h>
1477#include <errno.h>
1478int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1479 ]])],
3f176010 1480 [AC_MSG_RESULT(yes)],
3466e002 1481 [AC_DEFINE(BROKEN_SETRESUID, 1,
1482 [Define if your setresuid() is broken])
1a01a50c 1483 AC_MSG_RESULT(not implemented)],
1484 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1485 )
1486])
9a3fe0e2 1487
3f176010 1488AC_CHECK_FUNCS(setresgid, [
1489 dnl Some platorms have setresgid that isn't implemented, test for this
1490 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1491 AC_RUN_IFELSE(
1492 [AC_LANG_SOURCE([[
9a3fe0e2 1493#include <stdlib.h>
1494#include <errno.h>
1495int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1496 ]])],
3f176010 1497 [AC_MSG_RESULT(yes)],
3466e002 1498 [AC_DEFINE(BROKEN_SETRESGID, 1,
1499 [Define if your setresgid() is broken])
1a01a50c 1500 AC_MSG_RESULT(not implemented)],
1501 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1502 )
1503])
9a3fe0e2 1504
2e73a022 1505dnl Checks for time functions
1d7b9b20 1506AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1507dnl Checks for utmp functions
b03bd394 1508AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1509AC_CHECK_FUNCS(utmpname)
2e73a022 1510dnl Checks for utmpx functions
b03bd394 1511AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1512AC_CHECK_FUNCS(setutxent utmpxname)
295dd642 1513dnl Checks for lastlog functions
1514AC_CHECK_FUNCS(getlastlogxbyname)
76cd7316 1515
aff51935 1516AC_CHECK_FUNC(daemon,
3466e002 1517 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1518 [AC_CHECK_LIB(bsd, daemon,
1519 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1520)
1521
aff51935 1522AC_CHECK_FUNC(getpagesize,
3466e002 1523 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1524 [Define if your libraries define getpagesize()])],
1525 [AC_CHECK_LIB(ucb, getpagesize,
1526 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1527)
1528
2647ae26 1529# Check for broken snprintf
1530if test "x$ac_cv_func_snprintf" = "xyes" ; then
1531 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1532 AC_RUN_IFELSE(
479cece8 1533 [AC_LANG_SOURCE([[
2647ae26 1534#include <stdio.h>
aec4cb4f 1535int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1536 ]])],
aff51935 1537 [AC_MSG_RESULT(yes)],
2647ae26 1538 [
1539 AC_MSG_RESULT(no)
3466e002 1540 AC_DEFINE(BROKEN_SNPRINTF, 1,
1541 [Define if your snprintf is busted])
2647ae26 1542 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1543 ],
1544 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1545 )
1546fi
1547
9a406e1e 1548# If we don't have a working asprintf, then we strongly depend on vsnprintf
1549# returning the right thing on overflow: the number of characters it tried to
1550# create (as per SUSv3)
1551if test "x$ac_cv_func_asprintf" != "xyes" && \
1552 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1553 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1554 AC_RUN_IFELSE(
1555 [AC_LANG_SOURCE([[
1556#include <sys/types.h>
1557#include <stdio.h>
1558#include <stdarg.h>
1559
1560int x_snprintf(char *str,size_t count,const char *fmt,...)
1561{
1562 size_t ret; va_list ap;
1563 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1564 return ret;
1565}
1566int main(void)
1567{
1568 char x[1];
1569 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1570} ]])],
1571 [AC_MSG_RESULT(yes)],
1572 [
1573 AC_MSG_RESULT(no)
1574 AC_DEFINE(BROKEN_SNPRINTF, 1,
1575 [Define if your snprintf is busted])
1576 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1577 ],
1578 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1579 )
1580fi
1581
31b0732a 1582# On systems where [v]snprintf is broken, but is declared in stdio,
1583# check that the fmt argument is const char * or just char *.
1584# This is only useful for when BROKEN_SNPRINTF
1585AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1586AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1587 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1588 int main(void) { snprintf(0, 0, 0); }
1589 ]])],
1590 [AC_MSG_RESULT(yes)
1591 AC_DEFINE(SNPRINTF_CONST, [const],
1592 [Define as const if snprintf() can declare const char *fmt])],
1593 [AC_MSG_RESULT(no)
1594 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1595
2f6f9cff 1596# Check for missing getpeereid (or equiv) support
1597NO_PEERCHECK=""
1961d660 1598if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1599 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1600 AC_TRY_COMPILE(
1601 [#include <sys/types.h>
1602 #include <sys/socket.h>],
1603 [int i = SO_PEERCRED;],
62eb7db4 1604 [ AC_MSG_RESULT(yes)
3466e002 1605 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1606 ],
2f6f9cff 1607 [AC_MSG_RESULT(no)
1608 NO_PEERCHECK=1]
1609 )
1610fi
1611
70e7d0b0 1612dnl see whether mkstemp() requires XXXXXX
1613if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1614AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1615AC_RUN_IFELSE(
1616 [AC_LANG_SOURCE([[
70e7d0b0 1617#include <stdlib.h>
1618main() { char template[]="conftest.mkstemp-test";
1619if (mkstemp(template) == -1)
1620 exit(1);
1621unlink(template); exit(0);
1622}
b0e7249f 1623 ]])],
70e7d0b0 1624 [
1625 AC_MSG_RESULT(no)
1626 ],
aff51935 1627 [
70e7d0b0 1628 AC_MSG_RESULT(yes)
3466e002 1629 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1630 ],
1631 [
1632 AC_MSG_RESULT(yes)
1633 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1634 ]
70e7d0b0 1635)
1636fi
1637
eacb954e 1638dnl make sure that openpty does not reacquire controlling terminal
1639if test ! -z "$check_for_openpty_ctty_bug"; then
1640 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1641 AC_RUN_IFELSE(
1642 [AC_LANG_SOURCE([[
eacb954e 1643#include <stdio.h>
1644#include <sys/fcntl.h>
1645#include <sys/types.h>
1646#include <sys/wait.h>
1647
1648int
1649main()
1650{
1651 pid_t pid;
1652 int fd, ptyfd, ttyfd, status;
1653
1654 pid = fork();
1655 if (pid < 0) { /* failed */
1656 exit(1);
1657 } else if (pid > 0) { /* parent */
1658 waitpid(pid, &status, 0);
aff51935 1659 if (WIFEXITED(status))
eacb954e 1660 exit(WEXITSTATUS(status));
1661 else
1662 exit(2);
1663 } else { /* child */
1664 close(0); close(1); close(2);
1665 setsid();
1666 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1667 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1668 if (fd >= 0)
1669 exit(3); /* Acquired ctty: broken */
1670 else
1671 exit(0); /* Did not acquire ctty: OK */
1672 }
1673}
b0e7249f 1674 ]])],
eacb954e 1675 [
1676 AC_MSG_RESULT(yes)
1677 ],
1678 [
1679 AC_MSG_RESULT(no)
1680 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1681 ],
1682 [
1683 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1684 ]
1685 )
1686fi
1687
4b492aab 1688if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1689 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1690 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1691 AC_RUN_IFELSE(
1692 [AC_LANG_SOURCE([[
2fe51906 1693#include <stdio.h>
1694#include <sys/socket.h>
1695#include <netdb.h>
1696#include <errno.h>
1697#include <netinet/in.h>
1698
1699#define TEST_PORT "2222"
1700
1701int
1702main(void)
1703{
1704 int err, sock;
1705 struct addrinfo *gai_ai, *ai, hints;
1706 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1707
1708 memset(&hints, 0, sizeof(hints));
1709 hints.ai_family = PF_UNSPEC;
1710 hints.ai_socktype = SOCK_STREAM;
1711 hints.ai_flags = AI_PASSIVE;
1712
1713 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1714 if (err != 0) {
1715 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1716 exit(1);
1717 }
1718
1719 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1720 if (ai->ai_family != AF_INET6)
1721 continue;
1722
1723 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1724 sizeof(ntop), strport, sizeof(strport),
1725 NI_NUMERICHOST|NI_NUMERICSERV);
1726
1727 if (err != 0) {
1728 if (err == EAI_SYSTEM)
1729 perror("getnameinfo EAI_SYSTEM");
1730 else
1731 fprintf(stderr, "getnameinfo failed: %s\n",
1732 gai_strerror(err));
1733 exit(2);
1734 }
1735
1736 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1737 if (sock < 0)
1738 perror("socket");
1739 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1740 if (errno == EBADF)
1741 exit(3);
1742 }
1743 }
1744 exit(0);
1745}
b0e7249f 1746 ]])],
2fe51906 1747 [
1748 AC_MSG_RESULT(yes)
1749 ],
1750 [
1751 AC_MSG_RESULT(no)
1752 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1753 ],
1754 [
1755 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1756 ]
1757 )
1758fi
1759
4b492aab 1760if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1761 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1762 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1763 AC_RUN_IFELSE(
1764 [AC_LANG_SOURCE([[
5ccf88cb 1765#include <stdio.h>
1766#include <sys/socket.h>
1767#include <netdb.h>
1768#include <errno.h>
1769#include <netinet/in.h>
1770
1771#define TEST_PORT "2222"
1772
1773int
1774main(void)
1775{
1776 int err, sock;
1777 struct addrinfo *gai_ai, *ai, hints;
1778 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1779
1780 memset(&hints, 0, sizeof(hints));
1781 hints.ai_family = PF_UNSPEC;
1782 hints.ai_socktype = SOCK_STREAM;
1783 hints.ai_flags = AI_PASSIVE;
1784
1785 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1786 if (err != 0) {
1787 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1788 exit(1);
1789 }
1790
1791 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1792 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1793 continue;
1794
1795 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1796 sizeof(ntop), strport, sizeof(strport),
1797 NI_NUMERICHOST|NI_NUMERICSERV);
1798
1799 if (ai->ai_family == AF_INET && err != 0) {
1800 perror("getnameinfo");
1801 exit(2);
1802 }
1803 }
1804 exit(0);
1805}
b0e7249f 1806 ]])],
5ccf88cb 1807 [
1808 AC_MSG_RESULT(yes)
3466e002 1809 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1810 [Define if you have a getaddrinfo that fails
1811 for the all-zeros IPv6 address])
5ccf88cb 1812 ],
1813 [
1814 AC_MSG_RESULT(no)
1815 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1816 ],
ecd9ec09 1817 [
b0e7249f 1818 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1819 ]
1820 )
1821fi
1822
b29fd59f 1823if test "x$check_for_conflicting_getspnam" = "x1"; then
1824 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1825 AC_COMPILE_IFELSE(
1826 [
1827#include <shadow.h>
1828int main(void) {exit(0);}
1829 ],
1830 [
1831 AC_MSG_RESULT(no)
1832 ],
1833 [
1834 AC_MSG_RESULT(yes)
1835 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1836 [Conflicting defs for getspnam])
1837 ]
1838 )
1839fi
1840
7f8f5e00 1841AC_FUNC_GETPGRP
1842
5b991353 1843# Search for OpenSSL
1844saved_CPPFLAGS="$CPPFLAGS"
1845saved_LDFLAGS="$LDFLAGS"
a0391976 1846AC_ARG_WITH(ssl-dir,
1847 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1848 [
e9e4a1c7 1849 if test "x$withval" != "xno" ; then
99eb0f64 1850 case "$withval" in
1851 # Relative paths
1852 ./*|../*) withval="`pwd`/$withval"
1853 esac
5b991353 1854 if test -d "$withval/lib"; then
1855 if test -n "${need_dash_r}"; then
1856 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1857 else
1858 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1859 fi
1860 else
5b991353 1861 if test -n "${need_dash_r}"; then
1862 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1863 else
1864 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1865 fi
1866 fi
5b991353 1867 if test -d "$withval/include"; then
1868 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1869 else
5b991353 1870 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1871 fi
a0391976 1872 fi
5b991353 1873 ]
1874)
5486a457 1875LIBS="-lcrypto $LIBS"
3466e002 1876AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1877 [Define if your ssl headers are included
1878 with #include <openssl/header.h>]),
d45e3d76 1879 [
5b991353 1880 dnl Check default openssl install dir
1881 if test -n "${need_dash_r}"; then
1882 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1883 else
5b991353 1884 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1885 fi
5b991353 1886 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1887 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1888 [
1889 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1890 ]
1891 )
1892 ]
1893)
1894
cd018561 1895# Determine OpenSSL header version
1896AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1897AC_RUN_IFELSE(
479cece8 1898 [AC_LANG_SOURCE([[
cd018561 1899#include <stdio.h>
1900#include <string.h>
1901#include <openssl/opensslv.h>
1902#define DATA "conftest.sslincver"
1903int main(void) {
aff51935 1904 FILE *fd;
1905 int rc;
cd018561 1906
aff51935 1907 fd = fopen(DATA,"w");
1908 if(fd == NULL)
1909 exit(1);
cd018561 1910
1911 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1912 exit(1);
1913
1914 exit(0);
1915}
479cece8 1916 ]])],
cd018561 1917 [
1918 ssl_header_ver=`cat conftest.sslincver`
1919 AC_MSG_RESULT($ssl_header_ver)
1920 ],
1921 [
1922 AC_MSG_RESULT(not found)
1923 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1924 ],
1925 [
1926 AC_MSG_WARN([cross compiling: not checking])
cd018561 1927 ]
1928)
1929
1930# Determine OpenSSL library version
1931AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1932AC_RUN_IFELSE(
479cece8 1933 [AC_LANG_SOURCE([[
cd018561 1934#include <stdio.h>
1935#include <string.h>
1936#include <openssl/opensslv.h>
1937#include <openssl/crypto.h>
1938#define DATA "conftest.ssllibver"
1939int main(void) {
aff51935 1940 FILE *fd;
1941 int rc;
cd018561 1942
aff51935 1943 fd = fopen(DATA,"w");
1944 if(fd == NULL)
1945 exit(1);
cd018561 1946
1947 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1948 exit(1);
1949
1950 exit(0);
1951}
479cece8 1952 ]])],
cd018561 1953 [
1954 ssl_library_ver=`cat conftest.ssllibver`
1955 AC_MSG_RESULT($ssl_library_ver)
1956 ],
1957 [
1958 AC_MSG_RESULT(not found)
1959 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1960 ],
1961 [
1962 AC_MSG_WARN([cross compiling: not checking])
cd018561 1963 ]
1964)
58d100bf 1965
1d42bcce 1966AC_ARG_WITH(openssl-header-check,
1967 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1968 [ if test "x$withval" = "xno" ; then
1969 openssl_check_nonfatal=1
1970 fi
1971 ]
1972)
1973
9780116c 1974# Sanity check OpenSSL headers
1975AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1976AC_RUN_IFELSE(
479cece8 1977 [AC_LANG_SOURCE([[
9780116c 1978#include <string.h>
1979#include <openssl/opensslv.h>
aec4cb4f 1980int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1981 ]])],
9780116c 1982 [
1983 AC_MSG_RESULT(yes)
1984 ],
1985 [
1986 AC_MSG_RESULT(no)
1d42bcce 1987 if test "x$openssl_check_nonfatal" = "x"; then
1988 AC_MSG_ERROR([Your OpenSSL headers do not match your
1989library. Check config.log for details.
1990If you are sure your installation is consistent, you can disable the check
1991by running "./configure --without-openssl-header-check".
1992Also see contrib/findssl.sh for help identifying header/library mismatches.
1993])
1994 else
1995 AC_MSG_WARN([Your OpenSSL headers do not match your
1996library. Check config.log for details.
e15ba28b 1997Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1998 fi
1a01a50c 1999 ],
2000 [
2001 AC_MSG_WARN([cross compiling: not checking])
9780116c 2002 ]
2003)
2004
282d6408 2005AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2006AC_LINK_IFELSE(
2007 [AC_LANG_SOURCE([[
2008#include <openssl/evp.h>
2009int main(void) { SSLeay_add_all_algorithms(); }
2010 ]])],
2011 [
2012 AC_MSG_RESULT(yes)
2013 ],
2014 [
2015 AC_MSG_RESULT(no)
2016 saved_LIBS="$LIBS"
2017 LIBS="$LIBS -ldl"
2018 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2019 AC_LINK_IFELSE(
2020 [AC_LANG_SOURCE([[
2021#include <openssl/evp.h>
2022int main(void) { SSLeay_add_all_algorithms(); }
2023 ]])],
2024 [
2025 AC_MSG_RESULT(yes)
2026 ],
2027 [
2028 AC_MSG_RESULT(no)
2029 LIBS="$saved_LIBS"
2030 ]
2031 )
2032 ]
2033)
2034
c7ad0d99 2035AC_ARG_WITH(ssl-engine,
2036 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2037 [ if test "x$withval" != "xno" ; then
2038 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2039 AC_TRY_COMPILE(
2040 [ #include <openssl/engine.h>],
2041 [
24b2647b 2042ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2043 ],
2044 [ AC_MSG_RESULT(yes)
2045 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2046 [Enable OpenSSL engine support])
2047 ],
2048 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2049 )
2050 fi ]
2051)
2052
e5146707 2053# Check for OpenSSL without EVP_aes_{192,256}_cbc
2054AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2055AC_LINK_IFELSE(
e5146707 2056 [AC_LANG_SOURCE([[
2057#include <string.h>
2058#include <openssl/evp.h>
300ea548 2059int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2060 ]])],
2061 [
2062 AC_MSG_RESULT(no)
2063 ],
2064 [
2065 AC_MSG_RESULT(yes)
2066 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2067 [libcrypto is missing AES 192 and 256 bit functions])
2068 ]
2069)
2070
5486a457 2071# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2072# because the system crypt() is more featureful.
2073if test "x$check_for_libcrypt_before" = "x1"; then
2074 AC_CHECK_LIB(crypt, crypt)
2075fi
2076
aff51935 2077# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2078# version in OpenSSL.
05114c74 2079if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2080 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2081fi
2082
13ff27b7 2083# Search for SHA256 support in libc and/or OpenSSL
2084AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2085
a03acb8f 2086saved_LIBS="$LIBS"
2087AC_CHECK_LIB(iaf, ia_openinfo, [
2088 LIBS="$LIBS -liaf"
d837615a 2089 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2090 AC_DEFINE(HAVE_LIBIAF, 1,
2091 [Define if system has libiaf that supports set_id])
2092 ])
a03acb8f 2093])
2094LIBS="$saved_LIBS"
f1b0ecc3 2095
2096### Configure cryptographic random number support
2097
2098# Check wheter OpenSSL seeds itself
2099AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2100AC_RUN_IFELSE(
479cece8 2101 [AC_LANG_SOURCE([[
f1b0ecc3 2102#include <string.h>
2103#include <openssl/rand.h>
aec4cb4f 2104int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2105 ]])],
f1b0ecc3 2106 [
2107 OPENSSL_SEEDS_ITSELF=yes
2108 AC_MSG_RESULT(yes)
2109 ],
2110 [
2111 AC_MSG_RESULT(no)
2112 # Default to use of the rand helper if OpenSSL doesn't
2113 # seed itself
2114 USE_RAND_HELPER=yes
1a01a50c 2115 ],
2116 [
2117 AC_MSG_WARN([cross compiling: assuming yes])
2118 # This is safe, since all recent OpenSSL versions will
82f4e93d 2119 # complain at runtime if not seeded correctly.
1a01a50c 2120 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2121 ]
2122)
2123
a086f73b 2124# Check for PAM libs
2125PAM_MSG="no"
2126AC_ARG_WITH(pam,
2127 [ --with-pam Enable PAM support ],
2128 [
2129 if test "x$withval" != "xno" ; then
2130 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2131 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2132 AC_MSG_ERROR([PAM headers not found])
2133 fi
2134
2135 saved_LIBS="$LIBS"
2136 AC_CHECK_LIB(dl, dlopen, , )
2137 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2138 AC_CHECK_FUNCS(pam_getenvlist)
2139 AC_CHECK_FUNCS(pam_putenv)
2140 LIBS="$saved_LIBS"
2141
2142 PAM_MSG="yes"
2143
e54defb4 2144 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2145 AC_DEFINE(USE_PAM, 1,
2146 [Define if you want to enable PAM support])
282d6408 2147
a086f73b 2148 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2149 case "$LIBS" in
2150 *-ldl*)
2151 # libdl already in LIBS
2152 ;;
2153 *)
e54defb4 2154 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2155 ;;
2156 esac
a086f73b 2157 fi
a086f73b 2158 fi
2159 ]
2160)
2161
2162# Check for older PAM
2163if test "x$PAM_MSG" = "xyes" ; then
2164 # Check PAM strerror arguments (old PAM)
2165 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2166 AC_TRY_COMPILE(
2167 [
2168#include <stdlib.h>
2169#if defined(HAVE_SECURITY_PAM_APPL_H)
2170#include <security/pam_appl.h>
2171#elif defined (HAVE_PAM_PAM_APPL_H)
2172#include <pam/pam_appl.h>
2173#endif
2174 ],
2175 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2176 [AC_MSG_RESULT(no)],
2177 [
2178 AC_DEFINE(HAVE_OLD_PAM, 1,
2179 [Define if you have an old version of PAM
2180 which takes only one argument to pam_strerror])
2181 AC_MSG_RESULT(yes)
2182 PAM_MSG="yes (old library)"
2183 ]
2184 )
2185fi
f1b0ecc3 2186
2187# Do we want to force the use of the rand helper?
2188AC_ARG_WITH(rand-helper,
2189 [ --with-rand-helper Use subprocess to gather strong randomness ],
2190 [
2191 if test "x$withval" = "xno" ; then
aff51935 2192 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2193 # the previous test showed it to be unseeded.
2194 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2195 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2196 OPENSSL_SEEDS_ITSELF=yes
2197 USE_RAND_HELPER=""
2198 fi
2199 else
2200 USE_RAND_HELPER=yes
2201 fi
2202 ],
82f4e93d 2203)
f1b0ecc3 2204
2205# Which randomness source do we use?
4b492aab 2206if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2207 # OpenSSL only
3466e002 2208 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2209 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2210 RAND_MSG="OpenSSL internal ONLY"
2211 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2212elif test ! -z "$USE_RAND_HELPER" ; then
2213 # install rand helper
f1b0ecc3 2214 RAND_MSG="ssh-rand-helper"
2215 INSTALL_SSH_RAND_HELPER="yes"
2216fi
2217AC_SUBST(INSTALL_SSH_RAND_HELPER)
2218
2219### Configuration of ssh-rand-helper
2220
2221# PRNGD TCP socket
2222AC_ARG_WITH(prngd-port,
2223 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2224 [
eb5d7ff6 2225 case "$withval" in
2226 no)
2227 withval=""
2228 ;;
2229 [[0-9]]*)
2230 ;;
2231 *)
2232 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2233 ;;
2234 esac
2235 if test ! -z "$withval" ; then
f1b0ecc3 2236 PRNGD_PORT="$withval"
3466e002 2237 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2238 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2239 fi
2240 ]
2241)
2242
2243# PRNGD Unix domain socket
2244AC_ARG_WITH(prngd-socket,
2245 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2246 [
eb5d7ff6 2247 case "$withval" in
2248 yes)
f1b0ecc3 2249 withval="/var/run/egd-pool"
eb5d7ff6 2250 ;;
2251 no)
2252 withval=""
2253 ;;
2254 /*)
2255 ;;
2256 *)
2257 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2258 ;;
2259 esac
2260
2261 if test ! -z "$withval" ; then
f1b0ecc3 2262 if test ! -z "$PRNGD_PORT" ; then
2263 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2264 fi
906e811b 2265 if test ! -r "$withval" ; then
f1b0ecc3 2266 AC_MSG_WARN(Entropy socket is not readable)
2267 fi
2268 PRNGD_SOCKET="$withval"
3466e002 2269 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2270 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2271 fi
ddceb1c8 2272 ],
2273 [
2274 # Check for existing socket only if we don't have a random device already
2275 if test "$USE_RAND_HELPER" = yes ; then
2276 AC_MSG_CHECKING(for PRNGD/EGD socket)
2277 # Insert other locations here
2278 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2279 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2280 PRNGD_SOCKET="$sock"
2281 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2282 break;
2283 fi
2284 done
2285 if test ! -z "$PRNGD_SOCKET" ; then
2286 AC_MSG_RESULT($PRNGD_SOCKET)
2287 else
2288 AC_MSG_RESULT(not found)
2289 fi
2290 fi
f1b0ecc3 2291 ]
2292)
2293
2294# Change default command timeout for hashing entropy source
2295entropy_timeout=200
2296AC_ARG_WITH(entropy-timeout,
2297 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2298 [
6cf0200f 2299 if test -n "$withval" && test "x$withval" != "xno" && \
2300 test "x${withval}" != "xyes"; then
f1b0ecc3 2301 entropy_timeout=$withval
2302 fi
82f4e93d 2303 ]
f1b0ecc3 2304)
3466e002 2305AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2306 [Builtin PRNG command timeout])
f1b0ecc3 2307
fd3cbf67 2308SSH_PRIVSEP_USER=sshd
9a0fbcb3 2309AC_ARG_WITH(privsep-user,
5222e7ef 2310 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2311 [
6cf0200f 2312 if test -n "$withval" && test "x$withval" != "xno" && \
2313 test "x${withval}" != "xyes"; then
fd3cbf67 2314 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2315 fi
82f4e93d 2316 ]
9a0fbcb3 2317)
3466e002 2318AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2319 [non-privileged user for privilege separation])
fd3cbf67 2320AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2321
81dadca3 2322# We do this little dance with the search path to insure
2323# that programs that we select for use by installed programs
2324# (which may be run by the super-user) come from trusted
2325# locations before they come from the user's private area.
2326# This should help avoid accidentally configuring some
2327# random version of a program in someone's personal bin.
2328
2329OPATH=$PATH
2330PATH=/bin:/usr/bin
f95c8ce8 2331test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2332test -d /sbin && PATH=$PATH:/sbin
2333test -d /usr/sbin && PATH=$PATH:/usr/sbin
2334PATH=$PATH:/etc:$OPATH
2335
aff51935 2336# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2337OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2338OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2339OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2340OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2341OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2342OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2343OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2344OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2345OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2346OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2347OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2348OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2349OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2350OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2351OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2352OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2353# restore PATH
2354PATH=$OPATH
f1b0ecc3 2355
2356# Where does ssh-rand-helper get its randomness from?
2357INSTALL_SSH_PRNG_CMDS=""
2358if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2359 if test ! -z "$PRNGD_PORT" ; then
2360 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2361 elif test ! -z "$PRNGD_SOCKET" ; then
2362 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2363 else
2364 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2365 RAND_HELPER_CMDHASH=yes
2366 INSTALL_SSH_PRNG_CMDS="yes"
2367 fi
2368fi
2369AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2370
2371
66d6c27e 2372# Cheap hack to ensure NEWS-OS libraries are arranged right.
2373if test ! -z "$SONY" ; then
2374 LIBS="$LIBS -liberty";
2375fi
2376
9a406e1e 2377# Check for long long datatypes
2378AC_CHECK_TYPES([long long, unsigned long long, long double])
2379
2380# Check datatype sizes
976f7e19 2381AC_CHECK_SIZEOF(char, 1)
2b942fe0 2382AC_CHECK_SIZEOF(short int, 2)
2383AC_CHECK_SIZEOF(int, 4)
2384AC_CHECK_SIZEOF(long int, 4)
2385AC_CHECK_SIZEOF(long long int, 8)
2386
52f1ccb2 2387# Sanity check long long for some platforms (AIX)
2388if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2389 ac_cv_sizeof_long_long_int=0
2390fi
2391
90f15776 2392# compute LLONG_MIN and LLONG_MAX if we don't know them.
2393if test -z "$have_llong_max"; then
2394 AC_MSG_CHECKING([for max value of long long])
2395 AC_RUN_IFELSE(
2396 [AC_LANG_SOURCE([[
2397#include <stdio.h>
2398/* Why is this so damn hard? */
2399#ifdef __GNUC__
2400# undef __GNUC__
2401#endif
2402#define __USE_ISOC99
2403#include <limits.h>
2404#define DATA "conftest.llminmax"
055252ed 2405#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2406
2407/*
2408 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2409 * we do this the hard way.
2410 */
2411static int
2412fprint_ll(FILE *f, long long n)
2413{
2414 unsigned int i;
2415 int l[sizeof(long long) * 8];
2416
2417 if (n < 0)
2418 if (fprintf(f, "-") < 0)
2419 return -1;
2420 for (i = 0; n != 0; i++) {
2421 l[i] = my_abs(n % 10);
2422 n /= 10;
2423 }
2424 do {
2425 if (fprintf(f, "%d", l[--i]) < 0)
2426 return -1;
2427 } while (i != 0);
2428 if (fprintf(f, " ") < 0)
2429 return -1;
2430 return 0;
2431}
2432
90f15776 2433int main(void) {
2434 FILE *f;
2435 long long i, llmin, llmax = 0;
2436
2437 if((f = fopen(DATA,"w")) == NULL)
2438 exit(1);
2439
2440#if defined(LLONG_MIN) && defined(LLONG_MAX)
2441 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2442 llmin = LLONG_MIN;
2443 llmax = LLONG_MAX;
2444#else
2445 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2446 /* This will work on one's complement and two's complement */
2447 for (i = 1; i > llmax; i <<= 1, i++)
2448 llmax = i;
2449 llmin = llmax + 1LL; /* wrap */
2450#endif
2451
2452 /* Sanity check */
2453 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2454 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2455 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2456 fprintf(f, "unknown unknown\n");
2457 exit(2);
2458 }
2459
055252ed 2460 if (fprint_ll(f, llmin) < 0)
90f15776 2461 exit(3);
055252ed 2462 if (fprint_ll(f, llmax) < 0)
2463 exit(4);
2464 if (fclose(f) < 0)
2465 exit(5);
90f15776 2466 exit(0);
2467}
2468 ]])],
2469 [
2470 llong_min=`$AWK '{print $1}' conftest.llminmax`
2471 llong_max=`$AWK '{print $2}' conftest.llminmax`
2472
90f15776 2473 AC_MSG_RESULT($llong_max)
2474 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2475 [max value of long long calculated by configure])
2476 AC_MSG_CHECKING([for min value of long long])
2477 AC_MSG_RESULT($llong_min)
2478 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2479 [min value of long long calculated by configure])
2480 ],
2481 [
2482 AC_MSG_RESULT(not found)
2483 ],
2484 [
2485 AC_MSG_WARN([cross compiling: not checking])
2486 ]
2487 )
2488fi
2489
2490
a0391976 2491# More checks for data types
14a9a859 2492AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2493 AC_TRY_COMPILE(
aff51935 2494 [ #include <sys/types.h> ],
2495 [ u_int a; a = 1;],
14a9a859 2496 [ ac_cv_have_u_int="yes" ],
2497 [ ac_cv_have_u_int="no" ]
2498 )
2499])
2500if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2501 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2502 have_u_int=1
2503fi
2504
58d100bf 2505AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2506 AC_TRY_COMPILE(
aff51935 2507 [ #include <sys/types.h> ],
2508 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2509 [ ac_cv_have_intxx_t="yes" ],
2510 [ ac_cv_have_intxx_t="no" ]
2511 )
2512])
2513if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2514 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2515 have_intxx_t=1
2516fi
41cb4569 2517
2518if (test -z "$have_intxx_t" && \
aff51935 2519 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2520then
2521 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2522 AC_TRY_COMPILE(
aff51935 2523 [ #include <stdint.h> ],
2524 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2525 [
2526 AC_DEFINE(HAVE_INTXX_T)
2527 AC_MSG_RESULT(yes)
2528 ],
2529 [ AC_MSG_RESULT(no) ]
2530 )
2531fi
2532
bd590612 2533AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2534 AC_TRY_COMPILE(
1cbbe6c8 2535 [
2536#include <sys/types.h>
2537#ifdef HAVE_STDINT_H
2538# include <stdint.h>
2539#endif
2540#include <sys/socket.h>
2541#ifdef HAVE_SYS_BITYPES_H
2542# include <sys/bitypes.h>
2543#endif
aff51935 2544 ],
2545 [ int64_t a; a = 1;],
bd590612 2546 [ ac_cv_have_int64_t="yes" ],
2547 [ ac_cv_have_int64_t="no" ]
2548 )
2549])
2550if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2551 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2552fi
2553
58d100bf 2554AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2555 AC_TRY_COMPILE(
aff51935 2556 [ #include <sys/types.h> ],
2557 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2558 [ ac_cv_have_u_intxx_t="yes" ],
2559 [ ac_cv_have_u_intxx_t="no" ]
2560 )
2561])
2562if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2563 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2564 have_u_intxx_t=1
2565fi
2b942fe0 2566
41cb4569 2567if test -z "$have_u_intxx_t" ; then
2568 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2569 AC_TRY_COMPILE(
aff51935 2570 [ #include <sys/socket.h> ],
2571 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2572 [
2573 AC_DEFINE(HAVE_U_INTXX_T)
2574 AC_MSG_RESULT(yes)
2575 ],
2576 [ AC_MSG_RESULT(no) ]
2577 )
2578fi
2579
bd590612 2580AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2581 AC_TRY_COMPILE(
aff51935 2582 [ #include <sys/types.h> ],
2583 [ u_int64_t a; a = 1;],
bd590612 2584 [ ac_cv_have_u_int64_t="yes" ],
2585 [ ac_cv_have_u_int64_t="no" ]
2586 )
2587])
2588if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2589 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2590 have_u_int64_t=1
2591fi
2592
ddceb1c8 2593if test -z "$have_u_int64_t" ; then
2594 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2595 AC_TRY_COMPILE(
aff51935 2596 [ #include <sys/bitypes.h> ],
ddceb1c8 2597 [ u_int64_t a; a = 1],
2598 [
2599 AC_DEFINE(HAVE_U_INT64_T)
2600 AC_MSG_RESULT(yes)
2601 ],
2602 [ AC_MSG_RESULT(no) ]
2603 )
2604fi
2605
41cb4569 2606if test -z "$have_u_intxx_t" ; then
2607 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2608 AC_TRY_COMPILE(
2609 [
2610#include <sys/types.h>
aff51935 2611 ],
2612 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2613 [ ac_cv_have_uintxx_t="yes" ],
2614 [ ac_cv_have_uintxx_t="no" ]
2615 )
2616 ])
2617 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2618 AC_DEFINE(HAVE_UINTXX_T, 1,
2619 [define if you have uintxx_t data type])
41cb4569 2620 fi
2621fi
2622
2623if test -z "$have_uintxx_t" ; then
2624 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2625 AC_TRY_COMPILE(
aff51935 2626 [ #include <stdint.h> ],
2627 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2628 [
2629 AC_DEFINE(HAVE_UINTXX_T)
2630 AC_MSG_RESULT(yes)
2631 ],
2632 [ AC_MSG_RESULT(no) ]
2633 )
2634fi
2635
e5fe9a1f 2636if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2637 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2638then
2639 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2640 AC_TRY_COMPILE(
58d100bf 2641 [
2642#include <sys/bitypes.h>
aff51935 2643 ],
5cdfe03f 2644 [
837c30b8 2645 int8_t a; int16_t b; int32_t c;
2646 u_int8_t e; u_int16_t f; u_int32_t g;
2647 a = b = c = e = f = g = 1;
aff51935 2648 ],
5cdfe03f 2649 [
2650 AC_DEFINE(HAVE_U_INTXX_T)
2651 AC_DEFINE(HAVE_INTXX_T)
2652 AC_MSG_RESULT(yes)
2653 ],
2654 [AC_MSG_RESULT(no)]
aff51935 2655 )
5cdfe03f 2656fi
2657
0362750e 2658
2659AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2660 AC_TRY_COMPILE(
2661 [
2662#include <sys/types.h>
2663 ],
2664 [ u_char foo; foo = 125; ],
2665 [ ac_cv_have_u_char="yes" ],
2666 [ ac_cv_have_u_char="no" ]
2667 )
2668])
2669if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2670 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2671fi
2672
98a7c37b 2673TYPE_SOCKLEN_T
2b942fe0 2674
2d16d9a3 2675AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2676AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2677#include <sys/types.h>
2678#ifdef HAVE_SYS_BITYPES_H
2679#include <sys/bitypes.h>
2680#endif
2681#ifdef HAVE_SYS_STATFS_H
2682#include <sys/statfs.h>
2683#endif
2684#ifdef HAVE_SYS_STATVFS_H
2685#include <sys/statvfs.h>
2686#endif
2687])
ddceb1c8 2688
777ece68 2689AC_CHECK_TYPES(in_addr_t,,,
2690[#include <sys/types.h>
2691#include <netinet/in.h>])
7b578f7d 2692
58d100bf 2693AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2694 AC_TRY_COMPILE(
2695 [
18ba2aab 2696#include <sys/types.h>
58d100bf 2697 ],
2698 [ size_t foo; foo = 1235; ],
2699 [ ac_cv_have_size_t="yes" ],
2700 [ ac_cv_have_size_t="no" ]
2701 )
2702])
2703if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2704 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2705fi
ea1970a3 2706
c04f75f1 2707AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2708 AC_TRY_COMPILE(
2709 [
2710#include <sys/types.h>
2711 ],
2712 [ ssize_t foo; foo = 1235; ],
2713 [ ac_cv_have_ssize_t="yes" ],
2714 [ ac_cv_have_ssize_t="no" ]
2715 )
2716])
2717if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2718 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2719fi
2720
f1c4659d 2721AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2722 AC_TRY_COMPILE(
2723 [
2724#include <time.h>
2725 ],
2726 [ clock_t foo; foo = 1235; ],
2727 [ ac_cv_have_clock_t="yes" ],
2728 [ ac_cv_have_clock_t="no" ]
2729 )
2730])
2731if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2732 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2733fi
2734
1c04b088 2735AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2736 AC_TRY_COMPILE(
2737 [
2738#include <sys/types.h>
2739#include <sys/socket.h>
2740 ],
2741 [ sa_family_t foo; foo = 1235; ],
2742 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2743 [ AC_TRY_COMPILE(
2744 [
2745#include <sys/types.h>
2746#include <sys/socket.h>
2747#include <netinet/in.h>
2748 ],
2749 [ sa_family_t foo; foo = 1235; ],
2750 [ ac_cv_have_sa_family_t="yes" ],
2751
1c04b088 2752 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2753 )]
1c04b088 2754 )
2755])
2756if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2757 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2758 [define if you have sa_family_t data type])
1c04b088 2759fi
2760
729bfe59 2761AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2762 AC_TRY_COMPILE(
2763 [
2764#include <sys/types.h>
2765 ],
2766 [ pid_t foo; foo = 1235; ],
2767 [ ac_cv_have_pid_t="yes" ],
2768 [ ac_cv_have_pid_t="no" ]
2769 )
2770])
2771if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2772 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2773fi
2774
2775AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2776 AC_TRY_COMPILE(
2777 [
2778#include <sys/types.h>
2779 ],
2780 [ mode_t foo; foo = 1235; ],
2781 [ ac_cv_have_mode_t="yes" ],
2782 [ ac_cv_have_mode_t="no" ]
2783 )
2784])
2785if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2786 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2787fi
2788
e3a93db0 2789
58d100bf 2790AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2791 AC_TRY_COMPILE(
2792 [
18ba2aab 2793#include <sys/types.h>
2794#include <sys/socket.h>
58d100bf 2795 ],
2796 [ struct sockaddr_storage s; ],
2797 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2798 [ ac_cv_have_struct_sockaddr_storage="no" ]
2799 )
2800])
2801if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2802 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2803 [define if you have struct sockaddr_storage data type])
58d100bf 2804fi
48e671d5 2805
58d100bf 2806AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2807 AC_TRY_COMPILE(
2808 [
cbd7492e 2809#include <sys/types.h>
58d100bf 2810#include <netinet/in.h>
2811 ],
2812 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2813 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2814 [ ac_cv_have_struct_sockaddr_in6="no" ]
2815 )
2816])
2817if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2818 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2819 [define if you have struct sockaddr_in6 data type])
58d100bf 2820fi
48e671d5 2821
58d100bf 2822AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2823 AC_TRY_COMPILE(
2824 [
cbd7492e 2825#include <sys/types.h>
58d100bf 2826#include <netinet/in.h>
2827 ],
2828 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2829 [ ac_cv_have_struct_in6_addr="yes" ],
2830 [ ac_cv_have_struct_in6_addr="no" ]
2831 )
2832])
2833if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2834 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2835 [define if you have struct in6_addr data type])
95e16084 2836
2837dnl Now check for sin6_scope_id
2838 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2839 [
2840#ifdef HAVE_SYS_TYPES_H
2841#include <sys/types.h>
2842#endif
2843#include <netinet/in.h>
2844 ])
58d100bf 2845fi
48e671d5 2846
58d100bf 2847AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2848 AC_TRY_COMPILE(
2849 [
18ba2aab 2850#include <sys/types.h>
2851#include <sys/socket.h>
2852#include <netdb.h>
58d100bf 2853 ],
2854 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2855 [ ac_cv_have_struct_addrinfo="yes" ],
2856 [ ac_cv_have_struct_addrinfo="no" ]
2857 )
2858])
2859if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2860 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2861 [define if you have struct addrinfo data type])
58d100bf 2862fi
2863
89c7e31c 2864AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2865 AC_TRY_COMPILE(
aff51935 2866 [ #include <sys/time.h> ],
2867 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2868 [ ac_cv_have_struct_timeval="yes" ],
2869 [ ac_cv_have_struct_timeval="no" ]
2870 )
2871])
2872if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2873 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2874 have_struct_timeval=1
2875fi
2876
5271b55c 2877AC_CHECK_TYPES(struct timespec)
2878
85abc74b 2879# We need int64_t or else certian parts of the compile will fail.
4b492aab 2880if test "x$ac_cv_have_int64_t" = "xno" && \
2881 test "x$ac_cv_sizeof_long_int" != "x8" && \
2882 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2883 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2884 echo "an alternative compiler (I.E., GCC) before continuing."
2885 echo ""
2886 exit 1;
733cf7f4 2887else
2888dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2889 AC_RUN_IFELSE(
479cece8 2890 [AC_LANG_SOURCE([[
733cf7f4 2891#include <stdio.h>
2892#include <string.h>
2893#ifdef HAVE_SNPRINTF
2894main()
2895{
2896 char buf[50];
2897 char expected_out[50];
2898 int mazsize = 50 ;
2899#if (SIZEOF_LONG_INT == 8)
2900 long int num = 0x7fffffffffffffff;
2901#else
763a1a18 2902 long long num = 0x7fffffffffffffffll;
733cf7f4 2903#endif
2904 strcpy(expected_out, "9223372036854775807");
2905 snprintf(buf, mazsize, "%lld", num);
2906 if(strcmp(buf, expected_out) != 0)
aff51935 2907 exit(1);
733cf7f4 2908 exit(0);
2909}
2910#else
2911main() { exit(0); }
2912#endif
479cece8 2913 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2914 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2915 )
2c523de9 2916fi
2917
77bb0bca 2918dnl Checks for structure members
58d100bf 2919OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2920OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2921OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2922OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2923OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2924OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2925OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2926OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2927OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2928OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2929OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2930OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2931OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2932OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2933OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2934OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2935OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2936
2937AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2938AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2939 [Define if we don't have struct __res_state in resolv.h])],
2940[
2941#include <stdio.h>
2942#if HAVE_SYS_TYPES_H
2943# include <sys/types.h>
2944#endif
2945#include <netinet/in.h>
2946#include <arpa/nameser.h>
2947#include <resolv.h>
2948])
1d7b9b20 2949
58d100bf 2950AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2951 ac_cv_have_ss_family_in_struct_ss, [
2952 AC_TRY_COMPILE(
2953 [
18ba2aab 2954#include <sys/types.h>
2955#include <sys/socket.h>
58d100bf 2956 ],
2957 [ struct sockaddr_storage s; s.ss_family = 1; ],
2958 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2959 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2960 )
2961])
2962if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2963 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2964fi
2965
58d100bf 2966AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2967 ac_cv_have___ss_family_in_struct_ss, [
2968 AC_TRY_COMPILE(
2969 [
18ba2aab 2970#include <sys/types.h>
2971#include <sys/socket.h>
58d100bf 2972 ],
2973 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2974 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2975 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2976 )
2977])
2978if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2979 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2980 [Fields in struct sockaddr_storage])
58d100bf 2981fi
2982
2e73a022 2983AC_CACHE_CHECK([for pw_class field in struct passwd],
2984 ac_cv_have_pw_class_in_struct_passwd, [
2985 AC_TRY_COMPILE(
2986 [
2e73a022 2987#include <pwd.h>
2988 ],
97994d32 2989 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2990 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2991 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2992 )
2993])
2994if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2995 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2996 [Define if your password has a pw_class field])
2e73a022 2997fi
2998
7751d4eb 2999AC_CACHE_CHECK([for pw_expire field in struct passwd],
3000 ac_cv_have_pw_expire_in_struct_passwd, [
3001 AC_TRY_COMPILE(
3002 [
3003#include <pwd.h>
3004 ],
3005 [ struct passwd p; p.pw_expire = 0; ],
3006 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3007 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3008 )
3009])
3010if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 3011 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3012 [Define if your password has a pw_expire field])
7751d4eb 3013fi
3014
3015AC_CACHE_CHECK([for pw_change field in struct passwd],
3016 ac_cv_have_pw_change_in_struct_passwd, [
3017 AC_TRY_COMPILE(
3018 [
3019#include <pwd.h>
3020 ],
3021 [ struct passwd p; p.pw_change = 0; ],
3022 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3023 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3024 )
3025])
3026if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 3027 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3028 [Define if your password has a pw_change field])
7751d4eb 3029fi
58d100bf 3030
637f9177 3031dnl make sure we're using the real structure members and not defines
6f34652e 3032AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3033 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3034 AC_COMPILE_IFELSE(
6f34652e 3035 [
f95c8ce8 3036#include <sys/types.h>
6f34652e 3037#include <sys/socket.h>
3038#include <sys/uio.h>
637f9177 3039int main() {
3040#ifdef msg_accrights
1a01a50c 3041#error "msg_accrights is a macro"
637f9177 3042exit(1);
3043#endif
3044struct msghdr m;
3045m.msg_accrights = 0;
3046exit(0);
3047}
6f34652e 3048 ],
6f34652e 3049 [ ac_cv_have_accrights_in_msghdr="yes" ],
3050 [ ac_cv_have_accrights_in_msghdr="no" ]
3051 )
3052])
3053if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3054 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3055 [Define if your system uses access rights style
3056 file descriptor passing])
6f34652e 3057fi
3058
7a4f468b 3059AC_MSG_CHECKING(if f_fsid has val members)
3060AC_TRY_COMPILE([
3061#include <sys/types.h>
3062#include <sys/statvfs.h>],
3063[struct fsid_t t; t.val[0] = 0;],
3064 [ AC_MSG_RESULT(yes)
3065 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3066 [ AC_MSG_RESULT(no) ]
3067)
3068
7176df4f 3069AC_CACHE_CHECK([for msg_control field in struct msghdr],
3070 ac_cv_have_control_in_msghdr, [
1a01a50c 3071 AC_COMPILE_IFELSE(
7176df4f 3072 [
f95c8ce8 3073#include <sys/types.h>
7176df4f 3074#include <sys/socket.h>
3075#include <sys/uio.h>
637f9177 3076int main() {
3077#ifdef msg_control
1a01a50c 3078#error "msg_control is a macro"
637f9177 3079exit(1);
3080#endif
3081struct msghdr m;
3082m.msg_control = 0;
3083exit(0);
3084}
7176df4f 3085 ],
7176df4f 3086 [ ac_cv_have_control_in_msghdr="yes" ],
3087 [ ac_cv_have_control_in_msghdr="no" ]
3088 )
3089])
3090if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3091 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3092 [Define if your system uses ancillary data style
3093 file descriptor passing])
7176df4f 3094fi
3095
58d100bf 3096AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3097 AC_TRY_LINK([],
3098 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3099 [ ac_cv_libc_defines___progname="yes" ],
3100 [ ac_cv_libc_defines___progname="no" ]
3101 )
3102])
3103if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3104 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3105fi
8946db53 3106
c921ee00 3107AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3108 AC_TRY_LINK([
3109#include <stdio.h>
aff51935 3110],
3111 [ printf("%s", __FUNCTION__); ],
c921ee00 3112 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3113 [ ac_cv_cc_implements___FUNCTION__="no" ]
3114 )
3115])
3116if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3117 AC_DEFINE(HAVE___FUNCTION__, 1,
3118 [Define if compiler implements __FUNCTION__])
c921ee00 3119fi
3120
3121AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3122 AC_TRY_LINK([
3123#include <stdio.h>
aff51935 3124],
3125 [ printf("%s", __func__); ],
c921ee00 3126 [ ac_cv_cc_implements___func__="yes" ],
3127 [ ac_cv_cc_implements___func__="no" ]
3128 )
3129])
3130if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3131 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3132fi
3133
9a406e1e 3134AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3135 AC_TRY_LINK(
3136 [#include <stdarg.h>
3137 va_list x,y;],
3138 [va_copy(x,y);],
3139 [ ac_cv_have_va_copy="yes" ],
3140 [ ac_cv_have_va_copy="no" ]
3141 )
3142])
3143if test "x$ac_cv_have_va_copy" = "xyes" ; then
3144 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3145fi
3146
3147AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3148 AC_TRY_LINK(
3149 [#include <stdarg.h>
3150 va_list x,y;],
3151 [__va_copy(x,y);],
3152 [ ac_cv_have___va_copy="yes" ],
3153 [ ac_cv_have___va_copy="no" ]
3154 )
3155])
3156if test "x$ac_cv_have___va_copy" = "xyes" ; then
3157 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3158fi
3159
1812a662 3160AC_CACHE_CHECK([whether getopt has optreset support],
3161 ac_cv_have_getopt_optreset, [
3162 AC_TRY_LINK(
3163 [
3164#include <getopt.h>
3165 ],
3166 [ extern int optreset; optreset = 0; ],
3167 [ ac_cv_have_getopt_optreset="yes" ],
3168 [ ac_cv_have_getopt_optreset="no" ]
3169 )
3170])
3171if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3172 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3173 [Define if your getopt(3) defines and uses optreset])
1812a662 3174fi
a0391976 3175
819b676f 3176AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3177 AC_TRY_LINK([],
3178 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3179 [ ac_cv_libc_defines_sys_errlist="yes" ],
3180 [ ac_cv_libc_defines_sys_errlist="no" ]
3181 )
3182])
3183if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3184 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3185 [Define if your system defines sys_errlist[]])
819b676f 3186fi
3187
3188
416ed5a7 3189AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3190 AC_TRY_LINK([],
3191 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3192 [ ac_cv_libc_defines_sys_nerr="yes" ],
3193 [ ac_cv_libc_defines_sys_nerr="no" ]
3194 )
3195])
3196if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3197 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3198fi
3199
aff51935 3200SCARD_MSG="no"
295c8801 3201# Check whether user wants sectok support
3202AC_ARG_WITH(sectok,
3203 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3204 [
3205 if test "x$withval" != "xno" ; then
3206 if test "x$withval" != "xyes" ; then
3207 CPPFLAGS="$CPPFLAGS -I${withval}"
3208 LDFLAGS="$LDFLAGS -L${withval}"
3209 if test ! -z "$need_dash_r" ; then
3210 LDFLAGS="$LDFLAGS -R${withval}"
3211 fi
3212 if test ! -z "$blibpath" ; then
3213 blibpath="$blibpath:${withval}"
3214 fi
3215 fi
3216 AC_CHECK_HEADERS(sectok.h)
3217 if test "$ac_cv_header_sectok_h" != yes; then
3218 AC_MSG_ERROR(Can't find sectok.h)
3219 fi
3220 AC_CHECK_LIB(sectok, sectok_open)
3221 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3222 AC_MSG_ERROR(Can't find libsectok)
3223 fi
3466e002 3224 AC_DEFINE(SMARTCARD, 1,
3225 [Define if you want smartcard support])
3226 AC_DEFINE(USE_SECTOK, 1,
3227 [Define if you want smartcard support
3228 using sectok])
aff51935 3229 SCARD_MSG="yes, using sectok"
295c8801 3230 fi
3231 ]
3232)
3233
3234# Check whether user wants OpenSC support
987b458f 3235OPENSC_CONFIG="no"
295c8801 3236AC_ARG_WITH(opensc,
e47fb473 3237 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3238 [
3239 if test "x$withval" != "xno" ; then
3240 if test "x$withval" != "xyes" ; then
3241 OPENSC_CONFIG=$withval/bin/opensc-config
3242 else
3243 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3244 fi
3245 if test "$OPENSC_CONFIG" != "no"; then
3246 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3247 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3248 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3249 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3250 AC_DEFINE(SMARTCARD)
3466e002 3251 AC_DEFINE(USE_OPENSC, 1,
3252 [Define if you want smartcard support
3253 using OpenSC])
987b458f 3254 SCARD_MSG="yes, using OpenSC"
3255 fi
3256 fi
3257 ]
3258)
d0b19c95 3259
c31dc31c 3260# Check libraries needed by DNS fingerprint support
aff51935 3261AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3262 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3263 [Define if getrrsetbyname() exists])],
3e05e934 3264 [
c31dc31c 3265 # Needed by our getrrsetbyname()
3266 AC_SEARCH_LIBS(res_query, resolv)
3267 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3268 AC_MSG_CHECKING(if res_query will link)
3269 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3270 [AC_MSG_RESULT(no)
3271 saved_LIBS="$LIBS"
3272 LIBS="$LIBS -lresolv"
3273 AC_MSG_CHECKING(for res_query in -lresolv)
3274 AC_LINK_IFELSE([
3275#include <resolv.h>
3276int main()
3277{
3278 res_query (0, 0, 0, 0, 0);
3279 return 0;
3280}
3281 ],
3282 [LIBS="$LIBS -lresolv"
3283 AC_MSG_RESULT(yes)],
3284 [LIBS="$saved_LIBS"
3285 AC_MSG_RESULT(no)])
3286 ])
c31dc31c 3287 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3288 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3289 [#include <sys/types.h>
3290 #include <arpa/nameser.h>])
c31dc31c 3291 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3292 [AC_DEFINE(HAVE_HEADER_AD, 1,
3293 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3294 [#include <arpa/nameser.h>])
3295 ])
3e05e934 3296
560acf80 3297AC_MSG_CHECKING(if struct __res_state _res is an extern)
3298AC_LINK_IFELSE([
3299#include <stdio.h>
3300#if HAVE_SYS_TYPES_H
3301# include <sys/types.h>
3302#endif
3303#include <netinet/in.h>
3304#include <arpa/nameser.h>
3305#include <resolv.h>
3306extern struct __res_state _res;
3307int main() { return 0; }
3308 ],
3309 [AC_MSG_RESULT(yes)
3310 AC_DEFINE(HAVE__RES_EXTERN, 1,
3311 [Define if you have struct __res_state _res as an extern])
3312 ],
3313 [ AC_MSG_RESULT(no) ]
3314)
3315
ef4d1846 3316# Check whether user wants SELinux support
3317SELINUX_MSG="no"
3318LIBSELINUX=""
3319AC_ARG_WITH(selinux,
bb23b54f 3320 [ --with-selinux Enable SELinux support],
ef4d1846 3321 [ if test "x$withval" != "xno" ; then
e54defb4 3322 save_LIBS="$LIBS"
ef4d1846 3323 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3324 SELINUX_MSG="yes"
3325 AC_CHECK_HEADER([selinux/selinux.h], ,
3326 AC_MSG_ERROR(SELinux support requires selinux.h header))
3327 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3328 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3329 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3330 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3331 LIBS="$save_LIBS"
ef4d1846 3332 fi ]
3333)
ef4d1846 3334
12928e80 3335# Check whether user wants Kerberos 5 support
aff51935 3336KRB5_MSG="no"
12928e80 3337AC_ARG_WITH(kerberos5,
aff51935 3338 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3339 [ if test "x$withval" != "xno" ; then
3340 if test "x$withval" = "xyes" ; then
3341 KRB5ROOT="/usr/local"
3342 else
3343 KRB5ROOT=${withval}
3344 fi
3345
3466e002 3346 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3347 KRB5_MSG="yes"
3348
3349 AC_MSG_CHECKING(for krb5-config)
3350 if test -x $KRB5ROOT/bin/krb5-config ; then
3351 KRB5CONF=$KRB5ROOT/bin/krb5-config
3352 AC_MSG_RESULT($KRB5CONF)
3353
3354 AC_MSG_CHECKING(for gssapi support)
3355 if $KRB5CONF | grep gssapi >/dev/null ; then
3356 AC_MSG_RESULT(yes)
3466e002 3357 AC_DEFINE(GSSAPI, 1,
3358 [Define this if you want GSSAPI
3359 support in the version 2 protocol])
071970fb 3360 k5confopts=gssapi
aff51935 3361 else
5585c441 3362 AC_MSG_RESULT(no)
071970fb 3363 k5confopts=""
aff51935 3364 fi
071970fb 3365 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3366 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3367 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3368 AC_MSG_CHECKING(whether we are using Heimdal)
3369 AC_TRY_COMPILE([ #include <krb5.h> ],
3370 [ char *tmp = heimdal_version; ],
3371 [ AC_MSG_RESULT(yes)
3466e002 3372 AC_DEFINE(HEIMDAL, 1,
3373 [Define this if you are using the
3374 Heimdal version of Kerberos V5]) ],
5585c441 3375 AC_MSG_RESULT(no)
3376 )
3377 else
3378 AC_MSG_RESULT(no)
12928e80 3379 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3380 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3381 AC_MSG_CHECKING(whether we are using Heimdal)
3382 AC_TRY_COMPILE([ #include <krb5.h> ],
3383 [ char *tmp = heimdal_version; ],
3384 [ AC_MSG_RESULT(yes)
3385 AC_DEFINE(HEIMDAL)
41707f74 3386 K5LIBS="-lkrb5 -ldes"
3387 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3388 AC_CHECK_LIB(roken, net_write,
41707f74 3389 [K5LIBS="$K5LIBS -lroken"])
aff51935 3390 ],
3391 [ AC_MSG_RESULT(no)
3392 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3393 ]
3394 )
4e00038c 3395 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3396
596a825b 3397 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
749560dd 3398 [ AC_DEFINE(GSSAPI)
596a825b 3399 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3400 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
749560dd 3401 [ AC_DEFINE(GSSAPI)
596a825b 3402 K5LIBS="-lgssapi $K5LIBS" ],
749560dd 3403 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3404 $K5LIBS)
3405 ],
3406 $K5LIBS)
82f4e93d 3407
749560dd 3408 AC_CHECK_HEADER(gssapi.h, ,
3409 [ unset ac_cv_header_gssapi_h
aff51935 3410 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3411 AC_CHECK_HEADERS(gssapi.h, ,
3412 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3413 )
749560dd 3414 ]
3415 )
3416
3417 oldCPP="$CPPFLAGS"
3418 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3419 AC_CHECK_HEADER(gssapi_krb5.h, ,
3420 [ CPPFLAGS="$oldCPP" ])
3421
aff51935 3422 fi
5585c441 3423 if test ! -z "$need_dash_r" ; then
3424 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3425 fi
3426 if test ! -z "$blibpath" ; then
3427 blibpath="$blibpath:${KRB5ROOT}/lib"
3428 fi
071970fb 3429
f5555364 3430 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3431 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3432 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3433
f5555364 3434 LIBS="$LIBS $K5LIBS"
3466e002 3435 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3436 [Define this if you want to use libkafs' AFS support]))
f5555364 3437 fi
071970fb 3438 ]
12928e80 3439)
b5b68128 3440
a0391976 3441# Looking for programs, paths and files
a0391976 3442
ecac8ee5 3443PRIVSEP_PATH=/var/empty
3444AC_ARG_WITH(privsep-path,
cda1ebcb 3445 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3446 [
6cf0200f 3447 if test -n "$withval" && test "x$withval" != "xno" && \
3448 test "x${withval}" != "xyes"; then
ecac8ee5 3449 PRIVSEP_PATH=$withval
3450 fi
3451 ]
3452)
3453AC_SUBST(PRIVSEP_PATH)
3454
a0391976 3455AC_ARG_WITH(xauth,
3456 [ --with-xauth=PATH Specify path to xauth program ],
3457 [
6cf0200f 3458 if test -n "$withval" && test "x$withval" != "xno" && \
3459 test "x${withval}" != "xyes"; then
cbd7492e 3460 xauth_path=$withval
a0391976 3461 fi
3462 ],
3463 [
2bf42e4a 3464 TestPath="$PATH"
3465 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3466 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3467 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3468 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3469 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3470 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3471 xauth_path="/usr/openwin/bin/xauth"
3472 fi
3473 ]
3474)
3475
65a4b4af 3476STRIP_OPT=-s
3477AC_ARG_ENABLE(strip,
3478 [ --disable-strip Disable calling strip(1) on install],
3479 [
3480 if test "x$enableval" = "xno" ; then
3481 STRIP_OPT=
3482 fi
3483 ]
3484)
3485AC_SUBST(STRIP_OPT)
3486
b3ec54b4 3487if test -z "$xauth_path" ; then
3488 XAUTH_PATH="undefined"
3489 AC_SUBST(XAUTH_PATH)
3490else
3466e002 3491 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3492 [Define if xauth is found in your path])
b3ec54b4 3493 XAUTH_PATH=$xauth_path
3494 AC_SUBST(XAUTH_PATH)
a0391976 3495fi
a0391976 3496
3497# Check for mail directory (last resort if we cannot get it from headers)
3498if test ! -z "$MAIL" ; then
3499 maildir=`dirname $MAIL`
3466e002 3500 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3501 [Set this to your mail directory if you don't have maillock.h])
a0391976 3502fi
3503
479cece8 3504if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3505 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3506 disable_ptmx_check=yes
3507fi
a0391976 3508if test -z "$no_dev_ptmx" ; then
6e879cb4 3509 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3510 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3511 [
3466e002 3512 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3513 [Define if you have /dev/ptmx])
6e879cb4 3514 have_dev_ptmx=1
3515 ]
3516 )
3517 fi
3276571c 3518fi
1a01a50c 3519
479cece8 3520if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3521 AC_CHECK_FILE("/dev/ptc",
3522 [
3466e002 3523 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3524 [Define if you have /dev/ptc])
1a01a50c 3525 have_dev_ptc=1
3526 ]
3527 )
3528else
3529 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3530fi
3276571c 3531
a0391976 3532# Options from here on. Some of these are preset by platform above
fdf6b7aa 3533AC_ARG_WITH(mantype,
5d97cfbf 3534 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3535 [
5d97cfbf 3536 case "$withval" in
3537 man|cat|doc)
3538 MANTYPE=$withval
3539 ;;
3540 *)
3541 AC_MSG_ERROR(invalid man type: $withval)
3542 ;;
3543 esac
c54a6257 3544 ]
3545)
e0c4d3ac 3546if test -z "$MANTYPE"; then
2bf42e4a 3547 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3548 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3549 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3550 MANTYPE=doc
3551 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3552 MANTYPE=man
3553 else
3554 MANTYPE=cat
3555 fi
3556fi
c54a6257 3557AC_SUBST(MANTYPE)
e0c4d3ac 3558if test "$MANTYPE" = "doc"; then
3559 mansubdir=man;
3560else
3561 mansubdir=$MANTYPE;
3562fi
3563AC_SUBST(mansubdir)
0bc5b6fb 3564
a0391976 3565# Check whether to enable MD5 passwords
aff51935 3566MD5_MSG="no"
2ddcfdf3 3567AC_ARG_WITH(md5-passwords,
caf3bc51 3568 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3569 [
bcf36c78 3570 if test "x$withval" != "xno" ; then
3466e002 3571 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3572 [Define if you want to allow MD5 passwords])
aff51935 3573 MD5_MSG="yes"
0bc5b6fb 3574 fi
3575 ]
caf3bc51 3576)
3577
a0391976 3578# Whether to disable shadow password support
a7effaac 3579AC_ARG_WITH(shadow,
3580 [ --without-shadow Disable shadow password support],
3581 [
82f4e93d 3582 if test "x$withval" = "xno" ; then
a7effaac 3583 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3584 disable_shadow=yes
a7effaac 3585 fi
3586 ]
3587)
3588
4cb5ffa0 3589if test -z "$disable_shadow" ; then
3590 AC_MSG_CHECKING([if the systems has expire shadow information])
3591 AC_TRY_COMPILE(
3592 [
3593#include <sys/types.h>
3594#include <shadow.h>
3595 struct spwd sp;
3596 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3597 [ sp_expire_available=yes ], []
3598 )
3599
3600 if test "x$sp_expire_available" = "xyes" ; then
3601 AC_MSG_RESULT(yes)
3466e002 3602 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3603 [Define if you want to use shadow password expire field])
4cb5ffa0 3604 else
3605 AC_MSG_RESULT(no)
3606 fi
3607fi
3608
a0391976 3609# Use ip address instead of hostname in $DISPLAY
44839801 3610if test ! -z "$IPADDR_IN_DISPLAY" ; then
3611 DISPLAY_HACK_MSG="yes"
3466e002 3612 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3613 [Define if you need to use IP address
3614 instead of hostname in $DISPLAY])
44839801 3615else
aff51935 3616 DISPLAY_HACK_MSG="no"
44839801 3617 AC_ARG_WITH(ipaddr-display,
3618 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3619 [
82f4e93d 3620 if test "x$withval" != "xno" ; then
44839801 3621 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3622 DISPLAY_HACK_MSG="yes"
44839801 3623 fi
3624 ]
3625 )
3626fi
a7effaac 3627
95b99395 3628# check for /etc/default/login and use it if present.
daa41e62 3629AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3630 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3631 [ if test "x$enableval" = "xno"; then
3632 AC_MSG_NOTICE([/etc/default/login handling disabled])
3633 etc_default_login=no
3634 else
3635 etc_default_login=yes
3636 fi ],
b0e7249f 3637 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3638 then
3639 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3640 etc_default_login=no
3641 else
3642 etc_default_login=yes
3643 fi ]
694d0cef 3644)
95b99395 3645
694d0cef 3646if test "x$etc_default_login" != "xno"; then
3647 AC_CHECK_FILE("/etc/default/login",
3648 [ external_path_file=/etc/default/login ])
b0e7249f 3649 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3650 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3651 [Define if your system has /etc/default/login])
1a01a50c 3652 fi
694d0cef 3653fi
95b99395 3654
8d184c09 3655dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3656if test $ac_cv_func_login_getcapbool = "yes" && \
3657 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3658 external_path_file=/etc/login.conf
8d184c09 3659fi
95b99395 3660
a0391976 3661# Whether to mess with the default path
aff51935 3662SERVER_PATH_MSG="(default)"
c43d69a9 3663AC_ARG_WITH(default-path,
75817f90 3664 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3665 [
95b99395 3666 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3667 AC_MSG_WARN([
3668--with-default-path=PATH has no effect on this system.
3669Edit /etc/login.conf instead.])
82f4e93d 3670 elif test "x$withval" != "xno" ; then
89bbd457 3671 if test ! -z "$external_path_file" ; then
95b99395 3672 AC_MSG_WARN([
3673--with-default-path=PATH will only be used if PATH is not defined in
3674$external_path_file .])
3675 fi
b2d818e6 3676 user_path="$withval"
aff51935 3677 SERVER_PATH_MSG="$withval"
cb807f40 3678 fi
b2d818e6 3679 ],
95b99395 3680 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3681 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3682 else
89bbd457 3683 if test ! -z "$external_path_file" ; then
95b99395 3684 AC_MSG_WARN([
3685If PATH is defined in $external_path_file, ensure the path to scp is included,
3686otherwise scp will not work.])
3687 fi
b0e7249f 3688 AC_RUN_IFELSE(
3689 [AC_LANG_SOURCE([[
b2d818e6 3690/* find out what STDPATH is */
3691#include <stdio.h>
b2d818e6 3692#ifdef HAVE_PATHS_H
3693# include <paths.h>
3694#endif
3695#ifndef _PATH_STDPATH
d9a4e55b 3696# ifdef _PATH_USERPATH /* Irix */
3697# define _PATH_STDPATH _PATH_USERPATH
3698# else
3699# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3700# endif
b2d818e6 3701#endif
3702#include <sys/types.h>
3703#include <sys/stat.h>
3704#include <fcntl.h>
3705#define DATA "conftest.stdpath"
3706
3707main()
3708{
3709 FILE *fd;
3710 int rc;
82f4e93d 3711
b2d818e6 3712 fd = fopen(DATA,"w");
3713 if(fd == NULL)
3714 exit(1);
82f4e93d 3715
b2d818e6 3716 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3717 exit(1);
3718
3719 exit(0);
3720}
b0e7249f 3721 ]])],
3722 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3723 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3724 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3725 )
3726# make sure $bindir is in USER_PATH so scp will work
3727 t_bindir=`eval echo ${bindir}`
3728 case $t_bindir in
3729 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3730 esac
3731 case $t_bindir in
3732 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3733 esac
3734 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3735 if test $? -ne 0 ; then
3736 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3737 if test $? -ne 0 ; then
3738 user_path=$user_path:$t_bindir
3739 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3740 fi
3741 fi
8d184c09 3742 fi ]
cb807f40 3743)
95b99395 3744if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3745 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3746 AC_SUBST(user_path)
3747fi
cb807f40 3748
06617857 3749# Set superuser path separately to user path
06617857 3750AC_ARG_WITH(superuser-path,
3751 [ --with-superuser-path= Specify different path for super-user],
3752 [
6cf0200f 3753 if test -n "$withval" && test "x$withval" != "xno" && \
3754 test "x${withval}" != "xyes"; then
3466e002 3755 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3756 [Define if you want a different $PATH
3757 for the superuser])
06617857 3758 superuser_path=$withval
3759 fi
3760 ]
3761)
3762
3763
58d100bf 3764AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3765IPV4_IN6_HACK_MSG="no"
80faa19f 3766AC_ARG_WITH(4in6,
3767 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3768 [
3769 if test "x$withval" != "xno" ; then
3770 AC_MSG_RESULT(yes)
3466e002 3771 AC_DEFINE(IPV4_IN_IPV6, 1,
3772 [Detect IPv4 in IPv6 mapped addresses
3773 and treat as IPv4])
aff51935 3774 IPV4_IN6_HACK_MSG="yes"
80faa19f 3775 else
3776 AC_MSG_RESULT(no)
3777 fi
3778 ],[
3779 if test "x$inet6_default_4in6" = "xyes"; then
3780 AC_MSG_RESULT([yes (default)])
3781 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3782 IPV4_IN6_HACK_MSG="yes"
80faa19f 3783 else
3784 AC_MSG_RESULT([no (default)])
3785 fi
3786 ]
3787)
3788
af774732 3789# Whether to enable BSD auth support
f1b0ecc3 3790BSD_AUTH_MSG=no
af774732 3791AC_ARG_WITH(bsd-auth,
3792 [ --with-bsd-auth Enable BSD auth support],
3793 [
82f4e93d 3794 if test "x$withval" != "xno" ; then
3466e002 3795 AC_DEFINE(BSD_AUTH, 1,
3796 [Define if you have BSD auth support])
f1b0ecc3 3797 BSD_AUTH_MSG=yes
af774732 3798 fi
3799 ]
3800)
3801
a0391976 3802# Where to place sshd.pid
19d9ac2a 3803piddir=/var/run
81dadca3 3804# make sure the directory exists
82f4e93d 3805if test ! -d $piddir ; then
81dadca3 3806 piddir=`eval echo ${sysconfdir}`
3807 case $piddir in
aff51935 3808 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3809 esac
3810fi
3811
47e45e44 3812AC_ARG_WITH(pid-dir,
3813 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3814 [
6cf0200f 3815 if test -n "$withval" && test "x$withval" != "xno" && \
3816 test "x${withval}" != "xyes"; then
19d9ac2a 3817 piddir=$withval
82f4e93d 3818 if test ! -d $piddir ; then
81dadca3 3819 AC_MSG_WARN([** no $piddir directory on this system **])
3820 fi
47e45e44 3821 fi
3822 ]
3823)
b7a87eea 3824
3466e002 3825AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3826AC_SUBST(piddir)
47e45e44 3827
1d7b9b20 3828dnl allow user to disable some login recording features
3829AC_ARG_ENABLE(lastlog,
bfd550a2 3830 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3831 [
3832 if test "x$enableval" = "xno" ; then
3833 AC_DEFINE(DISABLE_LASTLOG)
3834 fi
3835 ]
1d7b9b20 3836)
3837AC_ARG_ENABLE(utmp,
bfd550a2 3838 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3839 [
3840 if test "x$enableval" = "xno" ; then
3841 AC_DEFINE(DISABLE_UTMP)
3842 fi
3843 ]
1d7b9b20 3844)
3845AC_ARG_ENABLE(utmpx,
bfd550a2 3846 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3847 [
3848 if test "x$enableval" = "xno" ; then
3466e002 3849 AC_DEFINE(DISABLE_UTMPX, 1,
3850 [Define if you don't want to use utmpx])
ddb154b3 3851 fi
3852 ]
1d7b9b20 3853)
3854AC_ARG_ENABLE(wtmp,
bfd550a2 3855 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3856 [
3857 if test "x$enableval" = "xno" ; then
3858 AC_DEFINE(DISABLE_WTMP)
3859 fi
3860 ]
1d7b9b20 3861)
3862AC_ARG_ENABLE(wtmpx,
bfd550a2 3863 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3864 [
3865 if test "x$enableval" = "xno" ; then
3466e002 3866 AC_DEFINE(DISABLE_WTMPX, 1,
3867 [Define if you don't want to use wtmpx])
ddb154b3 3868 fi
3869 ]
1d7b9b20 3870)
3871AC_ARG_ENABLE(libutil,
bfd550a2 3872 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3873 [
3874 if test "x$enableval" = "xno" ; then
3875 AC_DEFINE(DISABLE_LOGIN)
3876 fi
3877 ]
1d7b9b20 3878)
3879AC_ARG_ENABLE(pututline,
bfd550a2 3880 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3881 [
3882 if test "x$enableval" = "xno" ; then
3466e002 3883 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3884 [Define if you don't want to use pututline()
3885 etc. to write [uw]tmp])
ddb154b3 3886 fi
3887 ]
1d7b9b20 3888)
3889AC_ARG_ENABLE(pututxline,
bfd550a2 3890 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3891 [
3892 if test "x$enableval" = "xno" ; then
3466e002 3893 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3894 [Define if you don't want to use pututxline()
3895 etc. to write [uw]tmpx])
ddb154b3 3896 fi
3897 ]
1d7b9b20 3898)
3899AC_ARG_WITH(lastlog,
bfd550a2 3900 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3901 [
82f4e93d 3902 if test "x$withval" = "xno" ; then
8c89dd2b 3903 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3904 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3905 conf_lastlog_location=$withval
3906 fi
3907 ]
3908)
1d7b9b20 3909
3910dnl lastlog, [uw]tmpx? detection
3911dnl NOTE: set the paths in the platform section to avoid the
3912dnl need for command-line parameters
3913dnl lastlog and [uw]tmp are subject to a file search if all else fails
3914
3915dnl lastlog detection
3916dnl NOTE: the code itself will detect if lastlog is a directory
3917AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3918AC_TRY_COMPILE([
3919#include <sys/types.h>
3920#include <utmp.h>
3921#ifdef HAVE_LASTLOG_H
3922# include <lastlog.h>
3923#endif
d7c0f3d5 3924#ifdef HAVE_PATHS_H
1d7b9b20 3925# include <paths.h>
41cb4569 3926#endif
3927#ifdef HAVE_LOGIN_H
3928# include <login.h>
1d7b9b20 3929#endif
3930 ],
3931 [ char *lastlog = LASTLOG_FILE; ],
3932 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3933 [
3934 AC_MSG_RESULT(no)
3935 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3936 AC_TRY_COMPILE([
3937#include <sys/types.h>
3938#include <utmp.h>
3939#ifdef HAVE_LASTLOG_H
3940# include <lastlog.h>
3941#endif
3942#ifdef HAVE_PATHS_H
3943# include <paths.h>
3944#endif
3945 ],
3946 [ char *lastlog = _PATH_LASTLOG; ],
3947 [ AC_MSG_RESULT(yes) ],
3948 [
f282b668 3949 AC_MSG_RESULT(no)
d7c0f3d5 3950 system_lastlog_path=no
3951 ])
3952 ]
1d7b9b20 3953)
d7c0f3d5 3954
1d7b9b20 3955if test -z "$conf_lastlog_location"; then
3956 if test x"$system_lastlog_path" = x"no" ; then
3957 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3958 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3959 conf_lastlog_location=$f
3960 fi
3961 done
3962 if test -z "$conf_lastlog_location"; then
f8119cef 3963 AC_MSG_WARN([** Cannot find lastlog **])
3964 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3965 fi
3966 fi
3967fi
3968
3969if test -n "$conf_lastlog_location"; then
3466e002 3970 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3971 [Define if you want to specify the path to your lastlog file])
82f4e93d 3972fi
1d7b9b20 3973
3974dnl utmp detection
3975AC_MSG_CHECKING([if your system defines UTMP_FILE])
3976AC_TRY_COMPILE([
3977#include <sys/types.h>
3978#include <utmp.h>
d7c0f3d5 3979#ifdef HAVE_PATHS_H
1d7b9b20 3980# include <paths.h>
3981#endif
3982 ],
3983 [ char *utmp = UTMP_FILE; ],
3984 [ AC_MSG_RESULT(yes) ],
3985 [ AC_MSG_RESULT(no)
3986 system_utmp_path=no ]
3987)
3988if test -z "$conf_utmp_location"; then
3989 if test x"$system_utmp_path" = x"no" ; then
3990 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3991 if test -f $f ; then
3992 conf_utmp_location=$f
3993 fi
3994 done
3995 if test -z "$conf_utmp_location"; then
3996 AC_DEFINE(DISABLE_UTMP)
3997 fi
3998 fi
3999fi
4000if test -n "$conf_utmp_location"; then
3466e002 4001 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
4002 [Define if you want to specify the path to your utmp file])
82f4e93d 4003fi
1d7b9b20 4004
4005dnl wtmp detection
4006AC_MSG_CHECKING([if your system defines WTMP_FILE])
4007AC_TRY_COMPILE([
4008#include <sys/types.h>
4009#include <utmp.h>
d7c0f3d5 4010#ifdef HAVE_PATHS_H
1d7b9b20 4011# include <paths.h>
4012#endif
4013 ],
4014 [ char *wtmp = WTMP_FILE; ],
4015 [ AC_MSG_RESULT(yes) ],
4016 [ AC_MSG_RESULT(no)
4017 system_wtmp_path=no ]
4018)
4019if test -z "$conf_wtmp_location"; then
4020 if test x"$system_wtmp_path" = x"no" ; then
4021 for f in /usr/adm/wtmp /var/log/wtmp; do
4022 if test -f $f ; then
4023 conf_wtmp_location=$f
4024 fi
4025 done
4026 if test -z "$conf_wtmp_location"; then
4027 AC_DEFINE(DISABLE_WTMP)
4028 fi
4029 fi
4030fi
4031if test -n "$conf_wtmp_location"; then
3466e002 4032 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4033 [Define if you want to specify the path to your wtmp file])
82f4e93d 4034fi
1d7b9b20 4035
4036
4037dnl utmpx detection - I don't know any system so perverse as to require
4038dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4039dnl there, though.
4040AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4041AC_TRY_COMPILE([
4042#include <sys/types.h>
4043#include <utmp.h>
4044#ifdef HAVE_UTMPX_H
4045#include <utmpx.h>
4046#endif
d7c0f3d5 4047#ifdef HAVE_PATHS_H
1d7b9b20 4048# include <paths.h>
4049#endif
4050 ],
4051 [ char *utmpx = UTMPX_FILE; ],
4052 [ AC_MSG_RESULT(yes) ],
4053 [ AC_MSG_RESULT(no)
4054 system_utmpx_path=no ]
4055)
4056if test -z "$conf_utmpx_location"; then
4057 if test x"$system_utmpx_path" = x"no" ; then
4058 AC_DEFINE(DISABLE_UTMPX)
4059 fi
4060else
3466e002 4061 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4062 [Define if you want to specify the path to your utmpx file])
82f4e93d 4063fi
1d7b9b20 4064
4065dnl wtmpx detection
4066AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4067AC_TRY_COMPILE([
4068#include <sys/types.h>
4069#include <utmp.h>
4070#ifdef HAVE_UTMPX_H
4071#include <utmpx.h>
4072#endif
d7c0f3d5 4073#ifdef HAVE_PATHS_H
1d7b9b20 4074# include <paths.h>
4075#endif
4076 ],
4077 [ char *wtmpx = WTMPX_FILE; ],
4078 [ AC_MSG_RESULT(yes) ],
4079 [ AC_MSG_RESULT(no)
4080 system_wtmpx_path=no ]
4081)
4082if test -z "$conf_wtmpx_location"; then
4083 if test x"$system_wtmpx_path" = x"no" ; then
4084 AC_DEFINE(DISABLE_WTMPX)
4085 fi
4086else
3466e002 4087 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4088 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4089fi
1d7b9b20 4090
b7a87eea 4091
bd499f9e 4092if test ! -z "$blibpath" ; then
68ece370 4093 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4094 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4095fi
4096
ed89c848 4097dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4098dnl Add now.
4099CFLAGS="$CFLAGS $werror_flags"
4100
edee47f5 4101if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4102 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4103 AC_SUBST(TEST_SSH_IPV6, no)
4104else
4105 AC_SUBST(TEST_SSH_IPV6, yes)
4106fi
4107
3c62e7eb 4108AC_EXEEXT
29eadd7c 4109AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4110 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4111 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4112AC_OUTPUT
d3083fbd 4113
cbd7492e 4114# Print summary of options
4115
cbd7492e 4116# Someone please show me a better way :)
4117A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4118B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4119C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4120D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4121E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4122F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4123G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4124H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4125I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4126J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4127
4128echo ""
26de7942 4129echo "OpenSSH has been configured with the following options:"
ecac8ee5 4130echo " User binaries: $B"
4131echo " System binaries: $C"
4132echo " Configuration files: $D"
4133echo " Askpass program: $E"
4134echo " Manual pages: $F"
4135echo " PID file: $G"
4136echo " Privilege separation chroot path: $H"
95b99395 4137if test "x$external_path_file" = "x/etc/login.conf" ; then
4138echo " At runtime, sshd will use the path defined in $external_path_file"
4139echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4140else
ecac8ee5 4141echo " sshd default user PATH: $I"
89bbd457 4142 if test ! -z "$external_path_file"; then
95b99395 4143echo " (If PATH is set in $external_path_file it will be used instead. If"
4144echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4145 fi
8d184c09 4146fi
06617857 4147if test ! -z "$superuser_path" ; then
ecac8ee5 4148echo " sshd superuser user PATH: $J"
4149fi
4150echo " Manpage format: $MANTYPE"
3e05e934 4151echo " PAM support: $PAM_MSG"
5b84789f 4152echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4153echo " KerberosV support: $KRB5_MSG"
ef4d1846 4154echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4155echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4156echo " S/KEY support: $SKEY_MSG"
4157echo " TCP Wrappers support: $TCPW_MSG"
4158echo " MD5 password support: $MD5_MSG"
59031773 4159echo " libedit support: $LIBEDIT_MSG"
5b84789f 4160echo " Solaris process contract support: $SPC_MSG"
3deb1408 4161echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4162echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4163echo " BSD Auth support: $BSD_AUTH_MSG"
4164echo " Random number source: $RAND_MSG"
f1b0ecc3 4165if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4166echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4167fi
4168
cbd7492e 4169echo ""
4170
0c2fb82f 4171echo " Host: ${host}"
4172echo " Compiler: ${CC}"
4173echo " Compiler flags: ${CFLAGS}"
4174echo "Preprocessor flags: ${CPPFLAGS}"
4175echo " Linker flags: ${LDFLAGS}"
e54defb4 4176echo " Libraries: ${LIBS}"
4177if test ! -z "${SSHDLIBS}"; then
4178echo " +for sshd: ${SSHDLIBS}"
4179fi
cbd7492e 4180
4181echo ""
4182
9cefe228 4183if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4184 echo "SVR4 style packages are supported with \"make package\""
4185 echo ""
9cefe228 4186fi
4187
adeebd37 4188if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4189 echo "PAM is enabled. You may need to install a PAM control file "
4190 echo "for sshd, otherwise password authentication may fail. "
aff51935 4191 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4192 echo "subdirectory"
adeebd37 4193 echo ""
4194fi
4195
f1b0ecc3 4196if test ! -z "$RAND_HELPER_CMDHASH" ; then
4197 echo "WARNING: you are using the builtin random number collection "
4198 echo "service. Please read WARNING.RNG and request that your OS "
4199 echo "vendor includes kernel-based random number collection in "
4200 echo "future versions of your OS."
2c523de9 4201 echo ""
4202fi
af774732 4203
2f6f9cff 4204if test ! -z "$NO_PEERCHECK" ; then
1961d660 4205 echo "WARNING: the operating system that you are using does not"
4206 echo "appear to support getpeereid(), getpeerucred() or the"
4207 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4208 echo "enforce security checks to prevent unauthorised connections to"
4209 echo "ssh-agent. Their absence increases the risk that a malicious"
4210 echo "user can connect to your agent."
2f6f9cff 4211 echo ""
4212fi
4213
7b578f7d 4214if test "$AUDIT_MODULE" = "bsm" ; then
4215 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4216 echo "See the Solaris section in README.platform for details."
4217fi
git-cvsimport mirror of OpenSSH
This page took 2.028988 seconds and 5 git commands to generate.