]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- djm@cvs.openbsd.org 2006/08/18 14:40:34
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
a0391976 130# Check for some target-specific stuff
a7effaac 131case "$host" in
9d6b1b96 132*-*-aix*)
aff51935 133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 134 if (test -z "$blibpath"); then
0a15d73b 135 blibpath="/usr/lib:/lib"
68ece370 136 fi
137 saved_LDFLAGS="$LDFLAGS"
e7479666 138 if test "$GCC" = "yes"; then
139 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
140 else
141 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
142 fi
143 for tryflags in $flags ;do
68ece370 144 if (test -z "$blibflags"); then
145 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
146 AC_TRY_LINK([], [], [blibflags=$tryflags])
147 fi
148 done
149 if (test -z "$blibflags"); then
150 AC_MSG_RESULT(not found)
151 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
152 else
153 AC_MSG_RESULT($blibflags)
bd499f9e 154 fi
68ece370 155 LDFLAGS="$saved_LDFLAGS"
e351e493 156 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 157 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
158 [Define if you want to enable AIX4's authenticate function])],
0764e748 159 [AC_CHECK_LIB(s,authenticate,
e351e493 160 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 161 LIBS="$LIBS -ls"
162 ])
163 ])
ba603e06 164 dnl Check for various auth function declarations in headers.
c85ed8e2 165 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 166 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 167 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 168 AC_CHECK_DECLS(loginfailed,
e351e493 169 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
170 AC_TRY_COMPILE(
f58c0e01 171 [#include <usersec.h>],
e351e493 172 [(void)loginfailed("user","host","tty",0);],
173 [AC_MSG_RESULT(yes)
3466e002 174 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
175 [Define if your AIX loginfailed() function
176 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 177 [AC_MSG_RESULT(no)]
e351e493 178 )],
179 [],
180 [#include <usersec.h>]
181 )
2aa3a16c 182 AC_CHECK_FUNCS(setauthdb)
53c337ed 183 AC_CHECK_DECL(F_CLOSEM,
795e7517 184 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 185 [],
186 [ #include <limits.h>
187 #include <fcntl.h> ]
188 )
5ccf88cb 189 check_for_aix_broken_getaddrinfo=1
3466e002 190 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
191 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
192 [Define if your platform breaks doing a seteuid before a setuid])
193 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
194 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 195 dnl AIX handles lastlog as part of its login message
3466e002 196 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
197 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
198 [Some systems need a utmpx entry for /bin/login to work])
199 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
200 [Define to a Set Process Title type if your system is
201 supported by bsd-setproctitle.c])
961c2997 202 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
203 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 204 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 205 ;;
3c62e7eb 206*-*-cygwin*)
a52997bd 207 check_for_libcrypt_later=1
ffb8d130 208 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 209 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
210 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
211 AC_DEFINE(DISABLE_SHADOW, 1,
212 [Define if you want to disable shadow passwords])
213 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
214 [Define if your system choked on IP TOS setting])
215 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
216 [Define if X11 doesn't support AF_UNIX sockets on that system])
217 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
218 [Define if the concept of ports only accessible to
219 superusers isn't known])
220 AC_DEFINE(DISABLE_FD_PASSING, 1,
221 [Define if your platform needs to skip post auth
222 file descriptor passing])
3c62e7eb 223 ;;
d6fdb079 224*-*-dgux*)
225 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 226 AC_DEFINE(SETEUID_BREAKS_SETUID)
227 AC_DEFINE(BROKEN_SETREUID)
228 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 229 ;;
39c98ef7 230*-*-darwin*)
33e2e066 231 AC_MSG_CHECKING(if we have working getaddrinfo)
232 AC_TRY_RUN([#include <mach-o/dyld.h>
233main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
234 exit(0);
235 else
236 exit(1);
237}], [AC_MSG_RESULT(working)],
238 [AC_MSG_RESULT(buggy)
3466e002 239 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 240 [AC_MSG_RESULT(assume it is working)])
635e0c42 241 AC_DEFINE(SETEUID_BREAKS_SETUID)
242 AC_DEFINE(BROKEN_SETREUID)
243 AC_DEFINE(BROKEN_SETREGID)
3466e002 244 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
245 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 246 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
247 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
248 [Use tunnel device compatibility to OpenBSD])
249 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
250 [Prepend the address family to IP tunnel traffic])
39c98ef7 251 ;;
7d458c86 252*-*-hpux*)
253 # first we define all of the options common to all HP-UX releases
b8fea62d 254 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 255 IPADDR_IN_DISPLAY=yes
2b10f47a 256 AC_DEFINE(USE_PIPES)
3466e002 257 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
258 [Define if your login program cannot handle end of options ("--")])
a2572aa7 259 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 260 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
261 [String used in /etc/passwd to denote locked account])
3a2b2b44 262 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 263 MAIL="/var/mail/username"
f75ca46d 264 LIBS="$LIBS -lsec"
7d458c86 265 AC_CHECK_LIB(xnet, t_error, ,
266 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
267
268 # next, we define all of the options specific to major releases
269 case "$host" in
270 *-*-hpux10*)
271 if test -z "$GCC"; then
272 CFLAGS="$CFLAGS -Ae"
273 fi
274 ;;
275 *-*-hpux11*)
3466e002 276 AC_DEFINE(PAM_SUN_CODEBASE, 1,
277 [Define if you are using Solaris-derived PAM which
278 passes pam_messages to the conversation function
279 with an extra level of indirection])
280 AC_DEFINE(DISABLE_UTMP, 1,
281 [Define if you don't want to use utmp])
7d458c86 282 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
283 check_for_hpux_broken_getaddrinfo=1
284 check_for_conflicting_getspnam=1
285 ;;
286 esac
287
288 # lastly, we define options specific to minor releases
289 case "$host" in
290 *-*-hpux10.26)
3466e002 291 AC_DEFINE(HAVE_SECUREWARE, 1,
292 [Define if you have SecureWare-based
293 protected password database])
7d458c86 294 disable_ptmx_check=yes
295 LIBS="$LIBS -lsecpw"
296 ;;
297 esac
2b763e31 298 ;;
d94aa2ae 299*-*-irix5*)
6ac7829a 300 PATH="$PATH:/usr/etc"
3466e002 301 AC_DEFINE(BROKEN_INET_NTOA, 1,
302 [Define if you system's inet_ntoa is busted
303 (e.g. Irix gcc issue)])
cb433561 304 AC_DEFINE(SETEUID_BREAKS_SETUID)
305 AC_DEFINE(BROKEN_SETREUID)
306 AC_DEFINE(BROKEN_SETREGID)
3466e002 307 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
308 [Define if you shouldn't strip 'tty' from your
309 ttyname in [uw]tmp])
3e6e3da0 310 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 311 ;;
312*-*-irix6*)
6ac7829a 313 PATH="$PATH:/usr/etc"
3466e002 314 AC_DEFINE(WITH_IRIX_ARRAY, 1,
315 [Define if you have/want arrays
316 (cluster-wide session managment, not C arrays)])
317 AC_DEFINE(WITH_IRIX_PROJECT, 1,
318 [Define if you want IRIX project management])
319 AC_DEFINE(WITH_IRIX_AUDIT, 1,
320 [Define if you want IRIX audit trails])
321 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
322 [Define if you want IRIX kernel jobs])])
416ed5a7 323 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 324 AC_DEFINE(SETEUID_BREAKS_SETUID)
325 AC_DEFINE(BROKEN_SETREUID)
326 AC_DEFINE(BROKEN_SETREGID)
3466e002 327 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 328 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 329 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 330 ;;
5cdfe03f 331*-*-linux*)
332 no_dev_ptmx=1
717057b6 333 check_for_libcrypt_later=1
eacb954e 334 check_for_openpty_ctty_bug=1
3466e002 335 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
336 AC_DEFINE(PAM_TTY_KLUDGE, 1,
337 [Work around problematic Linux PAM modules handling of PAM_TTY])
338 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
339 [String used in /etc/passwd to denote locked account])
3a2b2b44 340 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 341 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
342 [Define to whatever link() returns for "not supported"
343 if it doesn't return EOPNOTSUPP.])
b6610e8f 344 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 345 AC_DEFINE(USE_BTMP)
80faa19f 346 inet6_default_4in6=yes
bf7c1e6c 347 case `uname -r` in
ad84c479 348 1.*|2.0.*)
3466e002 349 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
350 [Define if cmsg_type is not passed correctly])
bf7c1e6c 351 ;;
bf7c1e6c 352 esac
c40f09ca 353 # tun(4) forwarding compat code
d91775e1 354 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 355 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 356 AC_DEFINE(SSH_TUN_LINUX, 1,
357 [Open tunnel devices the Linux tun/tap way])
358 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
359 [Use tunnel device compatibility to OpenBSD])
360 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
361 [Prepend the address family to IP tunnel traffic])
362 fi
5cdfe03f 363 ;;
66d6c27e 364mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 365 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 366 SONY=1
66d6c27e 367 ;;
d468fc76 368*-*-netbsd*)
33e2e066 369 check_for_libcrypt_before=1
82f4e93d 370 if test "x$withval" != "xno" ; then
e6354014 371 need_dash_r=1
372 fi
0f6cb079 373 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
374 AC_CHECK_HEADER([net/if_tap.h], ,
375 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
376 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
377 [Prepend the address family to IP tunnel traffic])
d468fc76 378 ;;
86b416a7 379*-*-freebsd*)
380 check_for_libcrypt_later=1
988c5031 381 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 382 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
383 AC_CHECK_HEADER([net/if_tap.h], ,
384 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 385 ;;
8707b7eb 386*-*-bsdi*)
387 AC_DEFINE(SETEUID_BREAKS_SETUID)
388 AC_DEFINE(BROKEN_SETREUID)
389 AC_DEFINE(BROKEN_SETREGID)
390 ;;
729bfe59 391*-next-*)
729bfe59 392 conf_lastlog_location="/usr/adm/lastlog"
698d107e 393 conf_utmp_location=/etc/utmp
394 conf_wtmp_location=/usr/adm/wtmp
395 MAIL=/usr/spool/mail
3466e002 396 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 397 AC_DEFINE(BROKEN_REALPATH)
00937921 398 AC_DEFINE(USE_PIPES)
3466e002 399 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 400 ;;
5b7b5e23 401*-*-openbsd*)
402 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 403 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 404 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
5b7b5e23 405 ;;
9d6b1b96 406*-*-solaris*)
82f4e93d 407 if test "x$withval" != "xno" ; then
010e9d5b 408 need_dash_r=1
409 fi
adeebd37 410 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 411 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 412 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
413 [Some versions of /bin/login need the TERM supplied
414 on the commandline])
7f0a4ff1 415 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 416 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
417 [Define if pam_chauthtok wants real uid set
418 to the unpriv'ed user])
3e6e3da0 419 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 420 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 421 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
422 [Define if sshd somehow reacquires a controlling TTY
423 after setsid()])
795aa5f5 424 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
425 in case the name is longer than 8 chars])
95b99395 426 external_path_file=/etc/default/login
1d7b9b20 427 # hardwire lastlog location (can't detect it on some versions)
428 conf_lastlog_location="/var/adm/lastlog"
32c80420 429 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
430 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
431 if test "$sol2ver" -ge 8; then
432 AC_MSG_RESULT(yes)
433 AC_DEFINE(DISABLE_UTMP)
3466e002 434 AC_DEFINE(DISABLE_WTMP, 1,
435 [Define if you don't want to use wtmp])
32c80420 436 else
437 AC_MSG_RESULT(no)
438 fi
9d6b1b96 439 ;;
a423beaf 440*-*-sunos4*)
0c2fb82f 441 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 442 AC_CHECK_FUNCS(getpwanam)
adeebd37 443 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 444 conf_utmp_location=/etc/utmp
445 conf_wtmp_location=/var/adm/wtmp
446 conf_lastlog_location=/var/adm/lastlog
137d7b6c 447 AC_DEFINE(USE_PIPES)
a423beaf 448 ;;
6f68f28a 449*-ncr-sysv*)
98a7c37b 450 LIBS="$LIBS -lc89"
29525240 451 AC_DEFINE(USE_PIPES)
eabb99c6 452 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 453 AC_DEFINE(SETEUID_BREAKS_SETUID)
454 AC_DEFINE(BROKEN_SETREUID)
455 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 456 ;;
132dd316 457*-sni-sysv*)
c8c15bcb 458 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 459 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 460 # -lresolv needs to be at the end of LIBS or DNS lookups break
461 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 462 IPADDR_IN_DISPLAY=yes
463 AC_DEFINE(USE_PIPES)
132dd316 464 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 468 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 469 external_path_file=/etc/default/login
c8c15bcb 470 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
471 # Attention: always take care to bind libsocket and libnsl before libc,
472 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 473 ;;
79a7ba96 474# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 475*-*-sysv4.2*)
9a406e1e 476 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
ed6553e2 477 AC_DEFINE(USE_PIPES)
7ed101c0 478 AC_DEFINE(SETEUID_BREAKS_SETUID)
479 AC_DEFINE(BROKEN_SETREUID)
480 AC_DEFINE(BROKEN_SETREGID)
46f853b9 481 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 482 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 483 ;;
79a7ba96 484# UnixWare 7.x, OpenUNIX 8
77bb0bca 485*-*-sysv5*)
d7d2cc6e 486 check_for_libcrypt_later=1
487 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 488 AC_DEFINE(USE_PIPES)
7ed101c0 489 AC_DEFINE(SETEUID_BREAKS_SETUID)
490 AC_DEFINE(BROKEN_SETREUID)
491 AC_DEFINE(BROKEN_SETREGID)
3466e002 492 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 493 case "$host" in
494 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
495 TEST_SHELL=/u95/bin/sh
3466e002 496 AC_DEFINE(BROKEN_LIBIAF, 1,
497 [ia_uinfo routines not supported by OS yet])
822015dd 498 ;;
e45da4d6 499 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
500 ;;
822015dd 501 esac
77bb0bca 502 ;;
9d6b1b96 503*-*-sysv*)
9d6b1b96 504 ;;
79a7ba96 505# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 506*-*-sco3.2v4*)
11cf4f1f 507 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 508 ;;
79a7ba96 509# SCO OpenServer 5.x
77bb0bca 510*-*-sco3.2v5*)
21710e39 511 if test -z "$GCC"; then
512 CFLAGS="$CFLAGS -belf"
513 fi
ed6553e2 514 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 515 no_dev_ptmx=1
ed6553e2 516 AC_DEFINE(USE_PIPES)
6e879cb4 517 AC_DEFINE(HAVE_SECUREWARE)
d287c664 518 AC_DEFINE(DISABLE_SHADOW)
94d8258b 519 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 520 AC_DEFINE(SETEUID_BREAKS_SETUID)
521 AC_DEFINE(BROKEN_SETREUID)
522 AC_DEFINE(BROKEN_SETREGID)
bcebad47 523 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 524 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 525 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 526 AC_CHECK_FUNCS(getluid setluid)
533875af 527 MANTYPE=man
a3245b92 528 TEST_SHELL=ksh
509b1f88 529 ;;
ccbb983c 530*-*-unicosmk*)
3466e002 531 AC_DEFINE(NO_SSH_LASTLOG, 1,
532 [Define if you don't want to use lastlog in session.c])
c1ad5966 533 AC_DEFINE(SETEUID_BREAKS_SETUID)
534 AC_DEFINE(BROKEN_SETREUID)
535 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 536 AC_DEFINE(USE_PIPES)
537 AC_DEFINE(DISABLE_FD_PASSING)
538 LDFLAGS="$LDFLAGS"
539 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
540 MANTYPE=cat
d262b7f2 541 ;;
7b9a8c6e 542*-*-unicosmp*)
c1ad5966 543 AC_DEFINE(SETEUID_BREAKS_SETUID)
544 AC_DEFINE(BROKEN_SETREUID)
545 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 546 AC_DEFINE(WITH_ABBREV_NO_TTY)
547 AC_DEFINE(USE_PIPES)
548 AC_DEFINE(DISABLE_FD_PASSING)
549 LDFLAGS="$LDFLAGS"
c1ad5966 550 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 551 MANTYPE=cat
552 ;;
ca5c7d6a 553*-*-unicos*)
c1ad5966 554 AC_DEFINE(SETEUID_BREAKS_SETUID)
555 AC_DEFINE(BROKEN_SETREUID)
556 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 557 AC_DEFINE(USE_PIPES)
94d8258b 558 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 559 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 560 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
561 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
562 MANTYPE=cat
a704dd54 563 ;;
4d33e531 564*-dec-osf*)
99c8ddac 565 AC_MSG_CHECKING(for Digital Unix SIA)
566 no_osfsia=""
567 AC_ARG_WITH(osfsia,
568 [ --with-osfsia Enable Digital Unix SIA],
569 [
570 if test "x$withval" = "xno" ; then
571 AC_MSG_RESULT(disabled)
572 no_osfsia=1
573 fi
574 ],
575 )
576 if test -z "$no_osfsia" ; then
4d33e531 577 if test -f /etc/sia/matrix.conf; then
578 AC_MSG_RESULT(yes)
3466e002 579 AC_DEFINE(HAVE_OSF_SIA, 1,
580 [Define if you have Digital Unix Security
581 Integration Architecture])
582 AC_DEFINE(DISABLE_LOGIN, 1,
583 [Define if you don't want to use your
584 system's login() call])
58d0df4e 585 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 586 LIBS="$LIBS -lsecurity -ldb -lm -laud"
587 else
588 AC_MSG_RESULT(no)
3466e002 589 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
590 [String used in /etc/passwd to denote locked account])
4d33e531 591 fi
592 fi
a6e67b60 593 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 594 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 595 AC_DEFINE(BROKEN_SETREUID)
596 AC_DEFINE(BROKEN_SETREGID)
4d33e531 597 ;;
41cb4569 598
9c54c067 599*-*-nto-qnx*)
41cb4569 600 AC_DEFINE(USE_PIPES)
601 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 602 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
603 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
604 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 605 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 606 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 607 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 608 ;;
35fc74ed 609
610*-*-ultrix*)
3466e002 611 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
612 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 613 AC_DEFINE(NEED_SETPGRP)
b5765e1d 614 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
615 ;;
157b6700 616
617*-*-lynxos)
618 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 619 AC_DEFINE(MISSING_HOWMANY)
157b6700 620 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
621 ;;
a7effaac 622esac
623
8e7b16f8 624# Allow user to specify flags
625AC_ARG_WITH(cflags,
626 [ --with-cflags Specify additional flags to pass to compiler],
627 [
6cf0200f 628 if test -n "$withval" && test "x$withval" != "xno" && \
629 test "x${withval}" != "xyes"; then
8e7b16f8 630 CFLAGS="$CFLAGS $withval"
631 fi
82f4e93d 632 ]
8e7b16f8 633)
0c2fb82f 634AC_ARG_WITH(cppflags,
635 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
636 [
6cf0200f 637 if test -n "$withval" && test "x$withval" != "xno" && \
638 test "x${withval}" != "xyes"; then
0c2fb82f 639 CPPFLAGS="$CPPFLAGS $withval"
640 fi
641 ]
642)
8e7b16f8 643AC_ARG_WITH(ldflags,
97b378bf 644 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 645 [
6cf0200f 646 if test -n "$withval" && test "x$withval" != "xno" && \
647 test "x${withval}" != "xyes"; then
8e7b16f8 648 LDFLAGS="$LDFLAGS $withval"
649 fi
82f4e93d 650 ]
8e7b16f8 651)
652AC_ARG_WITH(libs,
653 [ --with-libs Specify additional libraries to link with],
654 [
6cf0200f 655 if test -n "$withval" && test "x$withval" != "xno" && \
656 test "x${withval}" != "xyes"; then
8e7b16f8 657 LIBS="$LIBS $withval"
658 fi
82f4e93d 659 ]
8e7b16f8 660)
ed89c848 661AC_ARG_WITH(Werror,
662 [ --with-Werror Build main code with -Werror],
663 [
664 if test -n "$withval" && test "x$withval" != "xno"; then
665 werror_flags="-Werror"
1012885d 666 if test "x${withval}" != "xyes"; then
ed89c848 667 werror_flags="$withval"
668 fi
669 fi
670 ]
671)
8e7b16f8 672
c5829391 673AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 674AC_RUN_IFELSE(
675 [AC_LANG_SOURCE([
c5829391 676#include <stdio.h>
677int main(){exit(0);}
479cece8 678 ])],
c5829391 679 [ AC_MSG_RESULT(yes) ],
680 [
681 AC_MSG_RESULT(no)
682 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 683 ],
684 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 685)
686
b04a9f8c 687dnl Checks for header files.
688AC_CHECK_HEADERS( \
689 bstring.h \
690 crypt.h \
2f360c89 691 crypto/sha2.h \
b04a9f8c 692 dirent.h \
693 endian.h \
694 features.h \
37259a8e 695 fcntl.h \
b04a9f8c 696 floatingpoint.h \
697 getopt.h \
698 glob.h \
699 ia.h \
4c653d8e 700 iaf.h \
b04a9f8c 701 limits.h \
702 login.h \
b04a9f8c 703 maillock.h \
704 ndir.h \
e02505e2 705 net/if_tun.h \
b04a9f8c 706 netdb.h \
707 netgroup.h \
b04a9f8c 708 pam/pam_appl.h \
709 paths.h \
710 pty.h \
711 readpassphrase.h \
712 rpc/types.h \
713 security/pam_appl.h \
f73e2ad7 714 sha2.h \
b04a9f8c 715 shadow.h \
716 stddef.h \
717 stdint.h \
0957c2cf 718 string.h \
b04a9f8c 719 strings.h \
720 sys/audit.h \
721 sys/bitypes.h \
722 sys/bsdtty.h \
723 sys/cdefs.h \
724 sys/dir.h \
725 sys/mman.h \
726 sys/ndir.h \
727 sys/prctl.h \
728 sys/pstat.h \
729 sys/select.h \
730 sys/stat.h \
731 sys/stream.h \
732 sys/stropts.h \
733 sys/strtio.h \
734 sys/sysmacros.h \
735 sys/time.h \
736 sys/timers.h \
737 sys/un.h \
738 time.h \
739 tmpdir.h \
740 ttyent.h \
25dd2ce6 741 unistd.h \
b04a9f8c 742 usersec.h \
743 util.h \
744 utime.h \
745 utmp.h \
746 utmpx.h \
ea76f54c 747 vis.h \
b04a9f8c 748)
ddceb1c8 749
823221b2 750# lastlog.h requires sys/time.h to be included first on Solaris
751AC_CHECK_HEADERS(lastlog.h, [], [], [
752#ifdef HAVE_SYS_TIME_H
753# include <sys/time.h>
754#endif
755])
756
765a24cd 757# sys/ptms.h requires sys/stream.h to be included first on Solaris
758AC_CHECK_HEADERS(sys/ptms.h, [], [], [
759#ifdef HAVE_SYS_STREAM_H
760# include <sys/stream.h>
761#endif
762])
763
3919d576 764# login_cap.h requires sys/types.h on NetBSD
765AC_CHECK_HEADERS(login_cap.h, [], [], [
766#include <sys/types.h>
767])
768
a0391976 769# Checks for libraries.
98a7c37b 770AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
771AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 772
446227d6 773dnl IRIX and Solaris 2.5.1 have dirname() in libgen
774AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
775 AC_CHECK_LIB(gen, dirname,[
776 AC_CACHE_CHECK([for broken dirname],
777 ac_cv_have_broken_dirname, [
778 save_LIBS="$LIBS"
779 LIBS="$LIBS -lgen"
b0e7249f 780 AC_RUN_IFELSE(
781 [AC_LANG_SOURCE([[
446227d6 782#include <libgen.h>
783#include <string.h>
784
785int main(int argc, char **argv) {
786 char *s, buf[32];
787
788 strncpy(buf,"/etc", 32);
789 s = dirname(buf);
790 if (!s || strncmp(s, "/", 32) != 0) {
791 exit(1);
792 } else {
793 exit(0);
794 }
795}
b0e7249f 796 ]])],
797 [ ac_cv_have_broken_dirname="no" ],
798 [ ac_cv_have_broken_dirname="yes" ],
446227d6 799 [ ac_cv_have_broken_dirname="no" ],
446227d6 800 )
801 LIBS="$save_LIBS"
802 ])
803 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
804 LIBS="$LIBS -lgen"
805 AC_DEFINE(HAVE_DIRNAME)
806 AC_CHECK_HEADERS(libgen.h)
807 fi
808 ])
809])
810
811AC_CHECK_FUNC(getspnam, ,
812 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 813AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
814 [Define if you have the basename function.]))
446227d6 815
98a7c37b 816dnl zlib is required
817AC_ARG_WITH(zlib,
818 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 819 [ if test "x$withval" = "xno" ; then
820 AC_MSG_ERROR([*** zlib is required ***])
821 elif test "x$withval" != "xyes"; then
98a7c37b 822 if test -d "$withval/lib"; then
823 if test -n "${need_dash_r}"; then
5a162955 824 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 825 else
5a162955 826 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 827 fi
828 else
829 if test -n "${need_dash_r}"; then
5a162955 830 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 831 else
5a162955 832 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 833 fi
834 fi
835 if test -d "$withval/include"; then
5a162955 836 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 837 else
5a162955 838 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 839 fi
6dd05556 840 fi ]
98a7c37b 841)
842
0a15d73b 843AC_CHECK_LIB(z, deflate, ,
844 [
845 saved_CPPFLAGS="$CPPFLAGS"
846 saved_LDFLAGS="$LDFLAGS"
847 save_LIBS="$LIBS"
848 dnl Check default zlib install dir
849 if test -n "${need_dash_r}"; then
850 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
851 else
852 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
853 fi
854 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
855 LIBS="$LIBS -lz"
856 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
857 [
858 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
859 ]
860 )
861 ]
862)
4ad65809 863AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 864
865AC_ARG_WITH(zlib-version-check,
866 [ --without-zlib-version-check Disable zlib version check],
867 [ if test "x$withval" = "xno" ; then
868 zlib_check_nonfatal=1
869 fi
870 ]
871)
872
5c7fc85d 873AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 874AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 875#include <stdio.h>
4ad65809 876#include <zlib.h>
877int main()
878{
5c7fc85d 879 int a=0, b=0, c=0, d=0, n, v;
880 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
881 if (n != 3 && n != 4)
4ad65809 882 exit(1);
5c7fc85d 883 v = a*1000000 + b*10000 + c*100 + d;
884 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
885
886 /* 1.1.4 is OK */
887 if (a == 1 && b == 1 && c >= 4)
4ad65809 888 exit(0);
5c7fc85d 889
0072b59d 890 /* 1.2.3 and up are OK */
891 if (v >= 1020300)
5c7fc85d 892 exit(0);
893
4ad65809 894 exit(2);
895}
479cece8 896 ]])],
5c7fc85d 897 AC_MSG_RESULT(no),
898 [ AC_MSG_RESULT(yes)
8068d564 899 if test -z "$zlib_check_nonfatal" ; then
900 AC_MSG_ERROR([*** zlib too old - check config.log ***
901Your reported zlib version has known security problems. It's possible your
902vendor has fixed these problems without changing the version number. If you
903are sure this is the case, you can disable the check by running
904"./configure --without-zlib-version-check".
6090bcfe 905If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 906See http://www.gzip.org/zlib/ for details.])
8068d564 907 else
908 AC_MSG_WARN([zlib version may have security problems])
909 fi
1a01a50c 910 ],
911 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 912)
48e7916f 913
2c523de9 914dnl UnixWare 2.x
aff51935 915AC_CHECK_FUNC(strcasecmp,
2c523de9 916 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
917)
23361281 918AC_CHECK_FUNCS(utimes,
cda1ebcb 919 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
920 LIBS="$LIBS -lc89"]) ]
2c523de9 921)
4cca272e 922
7c6d759d 923dnl Checks for libutil functions
924AC_CHECK_HEADERS(libutil.h)
3466e002 925AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
926 [Define if your libraries define login()])])
7c6d759d 927AC_CHECK_FUNCS(logout updwtmp logwtmp)
928
a738c3b0 929AC_FUNC_STRFTIME
930
84ceda19 931# Check for ALTDIRFUNC glob() extension
932AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
933AC_EGREP_CPP(FOUNDIT,
934 [
935 #include <glob.h>
936 #ifdef GLOB_ALTDIRFUNC
937 FOUNDIT
938 #endif
aff51935 939 ],
84ceda19 940 [
3466e002 941 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
942 [Define if your system glob() function has
943 the GLOB_ALTDIRFUNC extension])
84ceda19 944 AC_MSG_RESULT(yes)
945 ],
946 [
947 AC_MSG_RESULT(no)
948 ]
949)
4cca272e 950
40849fdb 951# Check for g.gl_matchc glob() extension
952AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 953AC_TRY_COMPILE(
13ff27b7 954 [ #include <glob.h> ],
955 [glob_t g; g.gl_matchc = 1;],
aff51935 956 [
3466e002 957 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
958 [Define if your system glob() function has
959 gl_matchc options in glob_t])
aff51935 960 AC_MSG_RESULT(yes)
961 ],
962 [
963 AC_MSG_RESULT(no)
964 ]
40849fdb 965)
966
edbe6722 967AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 968AC_RUN_IFELSE(
479cece8 969 [AC_LANG_SOURCE([[
edbe6722 970#include <sys/types.h>
971#include <dirent.h>
aec4cb4f 972int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 973 ]])],
aff51935 974 [AC_MSG_RESULT(yes)],
edbe6722 975 [
976 AC_MSG_RESULT(no)
3466e002 977 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 978 [Define if your struct dirent expects you to
3466e002 979 allocate extra space for d_name])
1a01a50c 980 ],
82f4e93d 981 [
1a01a50c 982 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
983 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 984 ]
985)
986
419e26e7 987AC_MSG_CHECKING([for /proc/pid/fd directory])
988if test -d "/proc/$$/fd" ; then
3466e002 989 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 990 AC_MSG_RESULT(yes)
991else
992 AC_MSG_RESULT(no)
993fi
994
278588d8 995# Check whether user wants S/Key support
aff51935 996SKEY_MSG="no"
278588d8 997AC_ARG_WITH(skey,
6ff3d0dc 998 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 999 [
1000 if test "x$withval" != "xno" ; then
1001
1002 if test "x$withval" != "xyes" ; then
1003 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1004 LDFLAGS="$LDFLAGS -L${withval}/lib"
1005 fi
1006
3466e002 1007 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1008 LIBS="-lskey $LIBS"
aff51935 1009 SKEY_MSG="yes"
82f4e93d 1010
ddceb1c8 1011 AC_MSG_CHECKING([for s/key support])
b0e7249f 1012 AC_LINK_IFELSE(
1013 [AC_LANG_SOURCE([[
ddceb1c8 1014#include <stdio.h>
1015#include <skey.h>
aec4cb4f 1016int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1017 ]])],
ddceb1c8 1018 [AC_MSG_RESULT(yes)],
278588d8 1019 [
ddceb1c8 1020 AC_MSG_RESULT(no)
278588d8 1021 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1022 ])
141fc639 1023 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1024 AC_TRY_COMPILE(
1025 [#include <stdio.h>
1026 #include <skey.h>],
1027 [(void)skeychallenge(NULL,"name","",0);],
1028 [AC_MSG_RESULT(yes)
3466e002 1029 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1030 [Define if your skeychallenge()
1031 function takes 4 arguments (NetBSD)])],
141fc639 1032 [AC_MSG_RESULT(no)]
1033 )
278588d8 1034 fi
1035 ]
1036)
1037
1038# Check whether user wants TCP wrappers support
98a7c37b 1039TCPW_MSG="no"
278588d8 1040AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1041 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1042 [
1043 if test "x$withval" != "xno" ; then
1044 saved_LIBS="$LIBS"
98a7c37b 1045 saved_LDFLAGS="$LDFLAGS"
1046 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1047 if test -n "${withval}" && \
6cf0200f 1048 test "x${withval}" != "xyes"; then
98a7c37b 1049 if test -d "${withval}/lib"; then
1050 if test -n "${need_dash_r}"; then
5a162955 1051 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1052 else
5a162955 1053 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1054 fi
1055 else
1056 if test -n "${need_dash_r}"; then
5a162955 1057 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1058 else
5a162955 1059 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1060 fi
1061 fi
1062 if test -d "${withval}/include"; then
5a162955 1063 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1064 else
5a162955 1065 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1066 fi
98a7c37b 1067 fi
ddceb1c8 1068 LIBWRAP="-lwrap"
1069 LIBS="$LIBWRAP $LIBS"
278588d8 1070 AC_MSG_CHECKING(for libwrap)
1071 AC_TRY_LINK(
1072 [
77f09220 1073#include <sys/types.h>
1074#include <sys/socket.h>
1075#include <netinet/in.h>
278588d8 1076#include <tcpd.h>
1077 int deny_severity = 0, allow_severity = 0;
1078 ],
1079 [hosts_access(0);],
1080 [
1081 AC_MSG_RESULT(yes)
3466e002 1082 AC_DEFINE(LIBWRAP, 1,
1083 [Define if you want
1084 TCP Wrappers support])
ddceb1c8 1085 AC_SUBST(LIBWRAP)
98a7c37b 1086 TCPW_MSG="yes"
278588d8 1087 ],
1088 [
1089 AC_MSG_ERROR([*** libwrap missing])
1090 ]
1091 )
ddceb1c8 1092 LIBS="$saved_LIBS"
278588d8 1093 fi
1094 ]
1095)
1096
59031773 1097# Check whether user wants libedit support
1098LIBEDIT_MSG="no"
1099AC_ARG_WITH(libedit,
6ff3d0dc 1100 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1101 [ if test "x$withval" != "xno" ; then
737edf04 1102 if test "x$withval" != "xyes"; then
bb116c8e 1103 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1104 if test -n "${need_dash_r}"; then
1105 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1106 else
1107 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1108 fi
737edf04 1109 fi
59031773 1110 AC_CHECK_LIB(edit, el_init,
3466e002 1111 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1112 LIBEDIT="-ledit -lcurses"
1113 LIBEDIT_MSG="yes"
1114 AC_SUBST(LIBEDIT)
1115 ],
737edf04 1116 [ AC_MSG_ERROR(libedit not found) ],
1117 [ -lcurses ]
59031773 1118 )
f47ddccb 1119 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1120 AC_COMPILE_IFELSE(
1121 [AC_LANG_SOURCE([[
1122#include <histedit.h>
f47ddccb 1123int main(void)
1124{
1125 int i = H_SETSIZE;
1126 el_init("", NULL, NULL, NULL);
1127 exit(0);
1128}
d92622f9 1129 ]])],
f47ddccb 1130 [ AC_MSG_RESULT(yes) ],
1131 [ AC_MSG_RESULT(no)
1132 AC_MSG_ERROR(libedit version is not compatible) ]
1133 )
59031773 1134 fi ]
1135)
1136
7b578f7d 1137AUDIT_MODULE=none
1138AC_ARG_WITH(audit,
1139 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1140 [
1141 AC_MSG_CHECKING(for supported audit module)
1142 case "$withval" in
1143 bsm)
1144 AC_MSG_RESULT(bsm)
1145 AUDIT_MODULE=bsm
1146 dnl Checks for headers, libs and functions
1147 AC_CHECK_HEADERS(bsm/audit.h, [],
1148 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1149 AC_CHECK_LIB(bsm, getaudit, [],
1150 [AC_MSG_ERROR(BSM enabled and required library not found)])
1151 AC_CHECK_FUNCS(getaudit, [],
1152 [AC_MSG_ERROR(BSM enabled and required function not found)])
1153 # These are optional
7939c496 1154 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1155 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1156 ;;
1157 debug)
1158 AUDIT_MODULE=debug
1159 AC_MSG_RESULT(debug)
3466e002 1160 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1161 ;;
a2b3321d 1162 no)
d92622f9 1163 AC_MSG_RESULT(no)
a2b3321d 1164 ;;
7b578f7d 1165 *)
1166 AC_MSG_ERROR([Unknown audit module $withval])
1167 ;;
1168 esac ]
1169)
1170
19160674 1171dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1172AC_CHECK_FUNCS( \
1173 arc4random \
9a406e1e 1174 asprintf \
b04a9f8c 1175 b64_ntop \
1176 __b64_ntop \
1177 b64_pton \
1178 __b64_pton \
1179 bcopy \
1180 bindresvport_sa \
1181 clock \
1182 closefrom \
1183 dirfd \
b04a9f8c 1184 fchmod \
1185 fchown \
1186 freeaddrinfo \
1187 futimes \
1188 getaddrinfo \
1189 getcwd \
1190 getgrouplist \
1191 getnameinfo \
1192 getopt \
1193 getpeereid \
1194 _getpty \
1195 getrlimit \
1196 getttyent \
1197 glob \
1198 inet_aton \
1199 inet_ntoa \
1200 inet_ntop \
1201 innetgr \
1202 login_getcapbool \
1203 md5_crypt \
1204 memmove \
1205 mkdtemp \
1206 mmap \
1207 ngetaddrinfo \
1208 nsleep \
1209 ogetaddrinfo \
1210 openlog_r \
1211 openpty \
1212 prctl \
1213 pstat \
1214 readpassphrase \
1215 realpath \
1216 recvmsg \
1217 rresvport_af \
1218 sendmsg \
1219 setdtablesize \
1220 setegid \
1221 setenv \
1222 seteuid \
1223 setgroups \
1224 setlogin \
1225 setpcred \
1226 setproctitle \
1227 setregid \
1228 setreuid \
1229 setrlimit \
1230 setsid \
1231 setvbuf \
1232 sigaction \
1233 sigvec \
1234 snprintf \
1235 socketpair \
1236 strdup \
1237 strerror \
1238 strlcat \
1239 strlcpy \
1240 strmode \
1241 strnvis \
1242 strtonum \
1e29a0c8 1243 strtoll \
b04a9f8c 1244 strtoul \
1245 sysconf \
1246 tcgetpgrp \
1247 truncate \
1248 unsetenv \
1249 updwtmpx \
9a406e1e 1250 vasprintf \
b04a9f8c 1251 vhangup \
1252 vsnprintf \
1253 waitpid \
19160674 1254)
98a7c37b 1255
1a086f97 1256# IRIX has a const char return value for gai_strerror()
1257AC_CHECK_FUNCS(gai_strerror,[
1258 AC_DEFINE(HAVE_GAI_STRERROR)
1259 AC_TRY_COMPILE([
1260#include <sys/types.h>
1261#include <sys/socket.h>
1262#include <netdb.h>
1263
1264const char *gai_strerror(int);],[
1265char *str;
1266
1267str = gai_strerror(0);],[
1268 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1269 [Define if gai_strerror() returns const char *])])])
1270
3466e002 1271AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1272 [Some systems put nanosleep outside of libc]))
92b1decf 1273
309709db 1274dnl Make sure prototypes are defined for these before using them.
309709db 1275AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1276AC_CHECK_DECL(strsep,
1277 [AC_CHECK_FUNCS(strsep)],
1278 [],
1279 [
1280#ifdef HAVE_STRING_H
1281# include <string.h>
1282#endif
1283 ])
08412d26 1284
3490699c 1285dnl tcsendbreak might be a macro
1286AC_CHECK_DECL(tcsendbreak,
1287 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1288 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1289 [#include <termios.h>]
1290)
1291
41e0e158 1292AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1293
71f4c727 1294AC_CHECK_DECLS(SHUT_RD, , ,
1295 [
1296#include <sys/types.h>
1297#include <sys/socket.h>
1298 ])
956d6743 1299
1300AC_CHECK_DECLS(O_NONBLOCK, , ,
1301 [
1302#include <sys/types.h>
1303#ifdef HAVE_SYS_STAT_H
1304# include <sys/stat.h>
1305#endif
1306#ifdef HAVE_FCNTL_H
1307# include <fcntl.h>
1308#endif
1309 ])
1310
3f176010 1311AC_CHECK_FUNCS(setresuid, [
1312 dnl Some platorms have setresuid that isn't implemented, test for this
1313 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1314 AC_RUN_IFELSE(
1315 [AC_LANG_SOURCE([[
9a3fe0e2 1316#include <stdlib.h>
1317#include <errno.h>
1318int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1319 ]])],
3f176010 1320 [AC_MSG_RESULT(yes)],
3466e002 1321 [AC_DEFINE(BROKEN_SETRESUID, 1,
1322 [Define if your setresuid() is broken])
1a01a50c 1323 AC_MSG_RESULT(not implemented)],
1324 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1325 )
1326])
9a3fe0e2 1327
3f176010 1328AC_CHECK_FUNCS(setresgid, [
1329 dnl Some platorms have setresgid that isn't implemented, test for this
1330 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1331 AC_RUN_IFELSE(
1332 [AC_LANG_SOURCE([[
9a3fe0e2 1333#include <stdlib.h>
1334#include <errno.h>
1335int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1336 ]])],
3f176010 1337 [AC_MSG_RESULT(yes)],
3466e002 1338 [AC_DEFINE(BROKEN_SETRESGID, 1,
1339 [Define if your setresgid() is broken])
1a01a50c 1340 AC_MSG_RESULT(not implemented)],
1341 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1342 )
1343])
9a3fe0e2 1344
2e73a022 1345dnl Checks for time functions
1d7b9b20 1346AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1347dnl Checks for utmp functions
b03bd394 1348AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1349AC_CHECK_FUNCS(utmpname)
2e73a022 1350dnl Checks for utmpx functions
b03bd394 1351AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1352AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1353
aff51935 1354AC_CHECK_FUNC(daemon,
3466e002 1355 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1356 [AC_CHECK_LIB(bsd, daemon,
1357 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1358)
1359
aff51935 1360AC_CHECK_FUNC(getpagesize,
3466e002 1361 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1362 [Define if your libraries define getpagesize()])],
1363 [AC_CHECK_LIB(ucb, getpagesize,
1364 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1365)
1366
2647ae26 1367# Check for broken snprintf
1368if test "x$ac_cv_func_snprintf" = "xyes" ; then
1369 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1370 AC_RUN_IFELSE(
479cece8 1371 [AC_LANG_SOURCE([[
2647ae26 1372#include <stdio.h>
aec4cb4f 1373int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1374 ]])],
aff51935 1375 [AC_MSG_RESULT(yes)],
2647ae26 1376 [
1377 AC_MSG_RESULT(no)
3466e002 1378 AC_DEFINE(BROKEN_SNPRINTF, 1,
1379 [Define if your snprintf is busted])
2647ae26 1380 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1381 ],
1382 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1383 )
1384fi
1385
9a406e1e 1386# If we don't have a working asprintf, then we strongly depend on vsnprintf
1387# returning the right thing on overflow: the number of characters it tried to
1388# create (as per SUSv3)
1389if test "x$ac_cv_func_asprintf" != "xyes" && \
1390 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1391 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1392 AC_RUN_IFELSE(
1393 [AC_LANG_SOURCE([[
1394#include <sys/types.h>
1395#include <stdio.h>
1396#include <stdarg.h>
1397
1398int x_snprintf(char *str,size_t count,const char *fmt,...)
1399{
1400 size_t ret; va_list ap;
1401 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1402 return ret;
1403}
1404int main(void)
1405{
1406 char x[1];
1407 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1408} ]])],
1409 [AC_MSG_RESULT(yes)],
1410 [
1411 AC_MSG_RESULT(no)
1412 AC_DEFINE(BROKEN_SNPRINTF, 1,
1413 [Define if your snprintf is busted])
1414 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1415 ],
1416 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1417 )
1418fi
1419
31b0732a 1420# On systems where [v]snprintf is broken, but is declared in stdio,
1421# check that the fmt argument is const char * or just char *.
1422# This is only useful for when BROKEN_SNPRINTF
1423AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1424AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1425 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1426 int main(void) { snprintf(0, 0, 0); }
1427 ]])],
1428 [AC_MSG_RESULT(yes)
1429 AC_DEFINE(SNPRINTF_CONST, [const],
1430 [Define as const if snprintf() can declare const char *fmt])],
1431 [AC_MSG_RESULT(no)
1432 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1433
2f6f9cff 1434# Check for missing getpeereid (or equiv) support
1435NO_PEERCHECK=""
1436if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1437 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1438 AC_TRY_COMPILE(
1439 [#include <sys/types.h>
1440 #include <sys/socket.h>],
1441 [int i = SO_PEERCRED;],
62eb7db4 1442 [ AC_MSG_RESULT(yes)
3466e002 1443 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1444 ],
2f6f9cff 1445 [AC_MSG_RESULT(no)
1446 NO_PEERCHECK=1]
1447 )
1448fi
1449
70e7d0b0 1450dnl see whether mkstemp() requires XXXXXX
1451if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1452AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1453AC_RUN_IFELSE(
1454 [AC_LANG_SOURCE([[
70e7d0b0 1455#include <stdlib.h>
1456main() { char template[]="conftest.mkstemp-test";
1457if (mkstemp(template) == -1)
1458 exit(1);
1459unlink(template); exit(0);
1460}
b0e7249f 1461 ]])],
70e7d0b0 1462 [
1463 AC_MSG_RESULT(no)
1464 ],
aff51935 1465 [
70e7d0b0 1466 AC_MSG_RESULT(yes)
3466e002 1467 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1468 ],
1469 [
1470 AC_MSG_RESULT(yes)
1471 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1472 ]
70e7d0b0 1473)
1474fi
1475
eacb954e 1476dnl make sure that openpty does not reacquire controlling terminal
1477if test ! -z "$check_for_openpty_ctty_bug"; then
1478 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1479 AC_RUN_IFELSE(
1480 [AC_LANG_SOURCE([[
eacb954e 1481#include <stdio.h>
1482#include <sys/fcntl.h>
1483#include <sys/types.h>
1484#include <sys/wait.h>
1485
1486int
1487main()
1488{
1489 pid_t pid;
1490 int fd, ptyfd, ttyfd, status;
1491
1492 pid = fork();
1493 if (pid < 0) { /* failed */
1494 exit(1);
1495 } else if (pid > 0) { /* parent */
1496 waitpid(pid, &status, 0);
aff51935 1497 if (WIFEXITED(status))
eacb954e 1498 exit(WEXITSTATUS(status));
1499 else
1500 exit(2);
1501 } else { /* child */
1502 close(0); close(1); close(2);
1503 setsid();
1504 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1505 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1506 if (fd >= 0)
1507 exit(3); /* Acquired ctty: broken */
1508 else
1509 exit(0); /* Did not acquire ctty: OK */
1510 }
1511}
b0e7249f 1512 ]])],
eacb954e 1513 [
1514 AC_MSG_RESULT(yes)
1515 ],
1516 [
1517 AC_MSG_RESULT(no)
1518 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1519 ],
1520 [
1521 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1522 ]
1523 )
1524fi
1525
4b492aab 1526if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1527 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1528 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1529 AC_RUN_IFELSE(
1530 [AC_LANG_SOURCE([[
2fe51906 1531#include <stdio.h>
1532#include <sys/socket.h>
1533#include <netdb.h>
1534#include <errno.h>
1535#include <netinet/in.h>
1536
1537#define TEST_PORT "2222"
1538
1539int
1540main(void)
1541{
1542 int err, sock;
1543 struct addrinfo *gai_ai, *ai, hints;
1544 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1545
1546 memset(&hints, 0, sizeof(hints));
1547 hints.ai_family = PF_UNSPEC;
1548 hints.ai_socktype = SOCK_STREAM;
1549 hints.ai_flags = AI_PASSIVE;
1550
1551 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1552 if (err != 0) {
1553 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1554 exit(1);
1555 }
1556
1557 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1558 if (ai->ai_family != AF_INET6)
1559 continue;
1560
1561 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1562 sizeof(ntop), strport, sizeof(strport),
1563 NI_NUMERICHOST|NI_NUMERICSERV);
1564
1565 if (err != 0) {
1566 if (err == EAI_SYSTEM)
1567 perror("getnameinfo EAI_SYSTEM");
1568 else
1569 fprintf(stderr, "getnameinfo failed: %s\n",
1570 gai_strerror(err));
1571 exit(2);
1572 }
1573
1574 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1575 if (sock < 0)
1576 perror("socket");
1577 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1578 if (errno == EBADF)
1579 exit(3);
1580 }
1581 }
1582 exit(0);
1583}
b0e7249f 1584 ]])],
2fe51906 1585 [
1586 AC_MSG_RESULT(yes)
1587 ],
1588 [
1589 AC_MSG_RESULT(no)
1590 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1591 ],
1592 [
1593 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1594 ]
1595 )
1596fi
1597
4b492aab 1598if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1599 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1600 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1601 AC_RUN_IFELSE(
1602 [AC_LANG_SOURCE([[
5ccf88cb 1603#include <stdio.h>
1604#include <sys/socket.h>
1605#include <netdb.h>
1606#include <errno.h>
1607#include <netinet/in.h>
1608
1609#define TEST_PORT "2222"
1610
1611int
1612main(void)
1613{
1614 int err, sock;
1615 struct addrinfo *gai_ai, *ai, hints;
1616 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1617
1618 memset(&hints, 0, sizeof(hints));
1619 hints.ai_family = PF_UNSPEC;
1620 hints.ai_socktype = SOCK_STREAM;
1621 hints.ai_flags = AI_PASSIVE;
1622
1623 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1624 if (err != 0) {
1625 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1626 exit(1);
1627 }
1628
1629 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1630 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1631 continue;
1632
1633 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1634 sizeof(ntop), strport, sizeof(strport),
1635 NI_NUMERICHOST|NI_NUMERICSERV);
1636
1637 if (ai->ai_family == AF_INET && err != 0) {
1638 perror("getnameinfo");
1639 exit(2);
1640 }
1641 }
1642 exit(0);
1643}
b0e7249f 1644 ]])],
5ccf88cb 1645 [
1646 AC_MSG_RESULT(yes)
3466e002 1647 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1648 [Define if you have a getaddrinfo that fails
1649 for the all-zeros IPv6 address])
5ccf88cb 1650 ],
1651 [
1652 AC_MSG_RESULT(no)
1653 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1654 ],
ecd9ec09 1655 [
b0e7249f 1656 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1657 ]
1658 )
1659fi
1660
b29fd59f 1661if test "x$check_for_conflicting_getspnam" = "x1"; then
1662 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1663 AC_COMPILE_IFELSE(
1664 [
1665#include <shadow.h>
1666int main(void) {exit(0);}
1667 ],
1668 [
1669 AC_MSG_RESULT(no)
1670 ],
1671 [
1672 AC_MSG_RESULT(yes)
1673 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1674 [Conflicting defs for getspnam])
1675 ]
1676 )
1677fi
1678
7f8f5e00 1679AC_FUNC_GETPGRP
1680
717057b6 1681# Check for PAM libs
cbd7492e 1682PAM_MSG="no"
a0391976 1683AC_ARG_WITH(pam,
717057b6 1684 [ --with-pam Enable PAM support ],
a0391976 1685 [
717057b6 1686 if test "x$withval" != "xno" ; then
2511d104 1687 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1688 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1689 AC_MSG_ERROR([PAM headers not found])
1690 fi
a0391976 1691
717057b6 1692 AC_CHECK_LIB(dl, dlopen, , )
1693 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1694 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1695 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1696
717057b6 1697 PAM_MSG="yes"
4cb5ffa0 1698
3466e002 1699 AC_DEFINE(USE_PAM, 1,
1700 [Define if you want to enable PAM support])
98f2d9d5 1701 if test $ac_cv_lib_dl_dlopen = yes; then
1702 LIBPAM="-lpam -ldl"
1703 else
1704 LIBPAM="-lpam"
1705 fi
1706 AC_SUBST(LIBPAM)
717057b6 1707 fi
1708 ]
1709)
cbd7492e 1710
717057b6 1711# Check for older PAM
1712if test "x$PAM_MSG" = "xyes" ; then
a0391976 1713 # Check PAM strerror arguments (old PAM)
1714 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1715 AC_TRY_COMPILE(
1716 [
18ba2aab 1717#include <stdlib.h>
2511d104 1718#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1719#include <security/pam_appl.h>
2511d104 1720#elif defined (HAVE_PAM_PAM_APPL_H)
1721#include <pam/pam_appl.h>
1722#endif
aff51935 1723 ],
1724 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1725 [AC_MSG_RESULT(no)],
1726 [
3466e002 1727 AC_DEFINE(HAVE_OLD_PAM, 1,
1728 [Define if you have an old version of PAM
1729 which takes only one argument to pam_strerror])
a0391976 1730 AC_MSG_RESULT(yes)
cbd7492e 1731 PAM_MSG="yes (old library)"
a0391976 1732 ]
717057b6 1733 )
a0391976 1734fi
1735
5b991353 1736# Search for OpenSSL
1737saved_CPPFLAGS="$CPPFLAGS"
1738saved_LDFLAGS="$LDFLAGS"
a0391976 1739AC_ARG_WITH(ssl-dir,
1740 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1741 [
e9e4a1c7 1742 if test "x$withval" != "xno" ; then
99eb0f64 1743 case "$withval" in
1744 # Relative paths
1745 ./*|../*) withval="`pwd`/$withval"
1746 esac
5b991353 1747 if test -d "$withval/lib"; then
1748 if test -n "${need_dash_r}"; then
1749 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1750 else
1751 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1752 fi
1753 else
5b991353 1754 if test -n "${need_dash_r}"; then
1755 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1756 else
1757 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1758 fi
1759 fi
5b991353 1760 if test -d "$withval/include"; then
1761 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1762 else
5b991353 1763 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1764 fi
a0391976 1765 fi
5b991353 1766 ]
1767)
5486a457 1768LIBS="-lcrypto $LIBS"
3466e002 1769AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1770 [Define if your ssl headers are included
1771 with #include <openssl/header.h>]),
d45e3d76 1772 [
5b991353 1773 dnl Check default openssl install dir
1774 if test -n "${need_dash_r}"; then
1775 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1776 else
5b991353 1777 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1778 fi
5b991353 1779 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1780 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1781 [
1782 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1783 ]
1784 )
1785 ]
1786)
1787
cd018561 1788# Determine OpenSSL header version
1789AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1790AC_RUN_IFELSE(
479cece8 1791 [AC_LANG_SOURCE([[
cd018561 1792#include <stdio.h>
1793#include <string.h>
1794#include <openssl/opensslv.h>
1795#define DATA "conftest.sslincver"
1796int main(void) {
aff51935 1797 FILE *fd;
1798 int rc;
cd018561 1799
aff51935 1800 fd = fopen(DATA,"w");
1801 if(fd == NULL)
1802 exit(1);
cd018561 1803
1804 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1805 exit(1);
1806
1807 exit(0);
1808}
479cece8 1809 ]])],
cd018561 1810 [
1811 ssl_header_ver=`cat conftest.sslincver`
1812 AC_MSG_RESULT($ssl_header_ver)
1813 ],
1814 [
1815 AC_MSG_RESULT(not found)
1816 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1817 ],
1818 [
1819 AC_MSG_WARN([cross compiling: not checking])
cd018561 1820 ]
1821)
1822
1823# Determine OpenSSL library version
1824AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1825AC_RUN_IFELSE(
479cece8 1826 [AC_LANG_SOURCE([[
cd018561 1827#include <stdio.h>
1828#include <string.h>
1829#include <openssl/opensslv.h>
1830#include <openssl/crypto.h>
1831#define DATA "conftest.ssllibver"
1832int main(void) {
aff51935 1833 FILE *fd;
1834 int rc;
cd018561 1835
aff51935 1836 fd = fopen(DATA,"w");
1837 if(fd == NULL)
1838 exit(1);
cd018561 1839
1840 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1841 exit(1);
1842
1843 exit(0);
1844}
479cece8 1845 ]])],
cd018561 1846 [
1847 ssl_library_ver=`cat conftest.ssllibver`
1848 AC_MSG_RESULT($ssl_library_ver)
1849 ],
1850 [
1851 AC_MSG_RESULT(not found)
1852 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1853 ],
1854 [
1855 AC_MSG_WARN([cross compiling: not checking])
cd018561 1856 ]
1857)
58d100bf 1858
9780116c 1859# Sanity check OpenSSL headers
1860AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1861AC_RUN_IFELSE(
479cece8 1862 [AC_LANG_SOURCE([[
9780116c 1863#include <string.h>
1864#include <openssl/opensslv.h>
aec4cb4f 1865int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1866 ]])],
9780116c 1867 [
1868 AC_MSG_RESULT(yes)
1869 ],
1870 [
1871 AC_MSG_RESULT(no)
e15ba28b 1872 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1873Check config.log for details.
1874Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1875 ],
1876 [
1877 AC_MSG_WARN([cross compiling: not checking])
9780116c 1878 ]
1879)
1880
c7ad0d99 1881AC_ARG_WITH(ssl-engine,
1882 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1883 [ if test "x$withval" != "xno" ; then
1884 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1885 AC_TRY_COMPILE(
1886 [ #include <openssl/engine.h>],
1887 [
1888int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1889 ],
1890 [ AC_MSG_RESULT(yes)
1891 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1892 [Enable OpenSSL engine support])
1893 ],
1894 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1895 )
1896 fi ]
1897)
1898
e5146707 1899# Check for OpenSSL without EVP_aes_{192,256}_cbc
1900AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1901AC_LINK_IFELSE(
e5146707 1902 [AC_LANG_SOURCE([[
1903#include <string.h>
1904#include <openssl/evp.h>
300ea548 1905int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1906 ]])],
1907 [
1908 AC_MSG_RESULT(no)
1909 ],
1910 [
1911 AC_MSG_RESULT(yes)
1912 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1913 [libcrypto is missing AES 192 and 256 bit functions])
1914 ]
1915)
1916
5486a457 1917# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1918# because the system crypt() is more featureful.
1919if test "x$check_for_libcrypt_before" = "x1"; then
1920 AC_CHECK_LIB(crypt, crypt)
1921fi
1922
aff51935 1923# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1924# version in OpenSSL.
05114c74 1925if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1926 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1927fi
1928
13ff27b7 1929# Search for SHA256 support in libc and/or OpenSSL
1930AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1931
4c653d8e 1932AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1933
1934### Configure cryptographic random number support
1935
1936# Check wheter OpenSSL seeds itself
1937AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1938AC_RUN_IFELSE(
479cece8 1939 [AC_LANG_SOURCE([[
f1b0ecc3 1940#include <string.h>
1941#include <openssl/rand.h>
aec4cb4f 1942int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1943 ]])],
f1b0ecc3 1944 [
1945 OPENSSL_SEEDS_ITSELF=yes
1946 AC_MSG_RESULT(yes)
1947 ],
1948 [
1949 AC_MSG_RESULT(no)
1950 # Default to use of the rand helper if OpenSSL doesn't
1951 # seed itself
1952 USE_RAND_HELPER=yes
1a01a50c 1953 ],
1954 [
1955 AC_MSG_WARN([cross compiling: assuming yes])
1956 # This is safe, since all recent OpenSSL versions will
82f4e93d 1957 # complain at runtime if not seeded correctly.
1a01a50c 1958 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1959 ]
1960)
1961
1962
1963# Do we want to force the use of the rand helper?
1964AC_ARG_WITH(rand-helper,
1965 [ --with-rand-helper Use subprocess to gather strong randomness ],
1966 [
1967 if test "x$withval" = "xno" ; then
aff51935 1968 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1969 # the previous test showed it to be unseeded.
1970 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1971 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1972 OPENSSL_SEEDS_ITSELF=yes
1973 USE_RAND_HELPER=""
1974 fi
1975 else
1976 USE_RAND_HELPER=yes
1977 fi
1978 ],
82f4e93d 1979)
f1b0ecc3 1980
1981# Which randomness source do we use?
4b492aab 1982if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1983 # OpenSSL only
3466e002 1984 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
1985 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 1986 RAND_MSG="OpenSSL internal ONLY"
1987 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1988elif test ! -z "$USE_RAND_HELPER" ; then
1989 # install rand helper
f1b0ecc3 1990 RAND_MSG="ssh-rand-helper"
1991 INSTALL_SSH_RAND_HELPER="yes"
1992fi
1993AC_SUBST(INSTALL_SSH_RAND_HELPER)
1994
1995### Configuration of ssh-rand-helper
1996
1997# PRNGD TCP socket
1998AC_ARG_WITH(prngd-port,
1999 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2000 [
eb5d7ff6 2001 case "$withval" in
2002 no)
2003 withval=""
2004 ;;
2005 [[0-9]]*)
2006 ;;
2007 *)
2008 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2009 ;;
2010 esac
2011 if test ! -z "$withval" ; then
f1b0ecc3 2012 PRNGD_PORT="$withval"
3466e002 2013 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2014 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2015 fi
2016 ]
2017)
2018
2019# PRNGD Unix domain socket
2020AC_ARG_WITH(prngd-socket,
2021 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2022 [
eb5d7ff6 2023 case "$withval" in
2024 yes)
f1b0ecc3 2025 withval="/var/run/egd-pool"
eb5d7ff6 2026 ;;
2027 no)
2028 withval=""
2029 ;;
2030 /*)
2031 ;;
2032 *)
2033 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2034 ;;
2035 esac
2036
2037 if test ! -z "$withval" ; then
f1b0ecc3 2038 if test ! -z "$PRNGD_PORT" ; then
2039 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2040 fi
906e811b 2041 if test ! -r "$withval" ; then
f1b0ecc3 2042 AC_MSG_WARN(Entropy socket is not readable)
2043 fi
2044 PRNGD_SOCKET="$withval"
3466e002 2045 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2046 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2047 fi
ddceb1c8 2048 ],
2049 [
2050 # Check for existing socket only if we don't have a random device already
2051 if test "$USE_RAND_HELPER" = yes ; then
2052 AC_MSG_CHECKING(for PRNGD/EGD socket)
2053 # Insert other locations here
2054 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2055 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2056 PRNGD_SOCKET="$sock"
2057 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2058 break;
2059 fi
2060 done
2061 if test ! -z "$PRNGD_SOCKET" ; then
2062 AC_MSG_RESULT($PRNGD_SOCKET)
2063 else
2064 AC_MSG_RESULT(not found)
2065 fi
2066 fi
f1b0ecc3 2067 ]
2068)
2069
2070# Change default command timeout for hashing entropy source
2071entropy_timeout=200
2072AC_ARG_WITH(entropy-timeout,
2073 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2074 [
6cf0200f 2075 if test -n "$withval" && test "x$withval" != "xno" && \
2076 test "x${withval}" != "xyes"; then
f1b0ecc3 2077 entropy_timeout=$withval
2078 fi
82f4e93d 2079 ]
f1b0ecc3 2080)
3466e002 2081AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2082 [Builtin PRNG command timeout])
f1b0ecc3 2083
fd3cbf67 2084SSH_PRIVSEP_USER=sshd
9a0fbcb3 2085AC_ARG_WITH(privsep-user,
5222e7ef 2086 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2087 [
6cf0200f 2088 if test -n "$withval" && test "x$withval" != "xno" && \
2089 test "x${withval}" != "xyes"; then
fd3cbf67 2090 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2091 fi
82f4e93d 2092 ]
9a0fbcb3 2093)
3466e002 2094AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2095 [non-privileged user for privilege separation])
fd3cbf67 2096AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2097
81dadca3 2098# We do this little dance with the search path to insure
2099# that programs that we select for use by installed programs
2100# (which may be run by the super-user) come from trusted
2101# locations before they come from the user's private area.
2102# This should help avoid accidentally configuring some
2103# random version of a program in someone's personal bin.
2104
2105OPATH=$PATH
2106PATH=/bin:/usr/bin
f95c8ce8 2107test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2108test -d /sbin && PATH=$PATH:/sbin
2109test -d /usr/sbin && PATH=$PATH:/usr/sbin
2110PATH=$PATH:/etc:$OPATH
2111
aff51935 2112# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2113OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2114OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2115OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2116OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2117OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2118OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2119OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2120OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2121OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2122OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2123OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2124OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2125OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2126OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2127OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2128OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2129# restore PATH
2130PATH=$OPATH
f1b0ecc3 2131
2132# Where does ssh-rand-helper get its randomness from?
2133INSTALL_SSH_PRNG_CMDS=""
2134if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2135 if test ! -z "$PRNGD_PORT" ; then
2136 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2137 elif test ! -z "$PRNGD_SOCKET" ; then
2138 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2139 else
2140 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2141 RAND_HELPER_CMDHASH=yes
2142 INSTALL_SSH_PRNG_CMDS="yes"
2143 fi
2144fi
2145AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2146
2147
66d6c27e 2148# Cheap hack to ensure NEWS-OS libraries are arranged right.
2149if test ! -z "$SONY" ; then
2150 LIBS="$LIBS -liberty";
2151fi
2152
9a406e1e 2153# Check for long long datatypes
2154AC_CHECK_TYPES([long long, unsigned long long, long double])
2155
2156# Check datatype sizes
976f7e19 2157AC_CHECK_SIZEOF(char, 1)
2b942fe0 2158AC_CHECK_SIZEOF(short int, 2)
2159AC_CHECK_SIZEOF(int, 4)
2160AC_CHECK_SIZEOF(long int, 4)
2161AC_CHECK_SIZEOF(long long int, 8)
2162
52f1ccb2 2163# Sanity check long long for some platforms (AIX)
2164if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2165 ac_cv_sizeof_long_long_int=0
2166fi
2167
90f15776 2168# compute LLONG_MIN and LLONG_MAX if we don't know them.
2169if test -z "$have_llong_max"; then
2170 AC_MSG_CHECKING([for max value of long long])
2171 AC_RUN_IFELSE(
2172 [AC_LANG_SOURCE([[
2173#include <stdio.h>
2174/* Why is this so damn hard? */
2175#ifdef __GNUC__
2176# undef __GNUC__
2177#endif
2178#define __USE_ISOC99
2179#include <limits.h>
2180#define DATA "conftest.llminmax"
055252ed 2181#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2182
2183/*
2184 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2185 * we do this the hard way.
2186 */
2187static int
2188fprint_ll(FILE *f, long long n)
2189{
2190 unsigned int i;
2191 int l[sizeof(long long) * 8];
2192
2193 if (n < 0)
2194 if (fprintf(f, "-") < 0)
2195 return -1;
2196 for (i = 0; n != 0; i++) {
2197 l[i] = my_abs(n % 10);
2198 n /= 10;
2199 }
2200 do {
2201 if (fprintf(f, "%d", l[--i]) < 0)
2202 return -1;
2203 } while (i != 0);
2204 if (fprintf(f, " ") < 0)
2205 return -1;
2206 return 0;
2207}
2208
90f15776 2209int main(void) {
2210 FILE *f;
2211 long long i, llmin, llmax = 0;
2212
2213 if((f = fopen(DATA,"w")) == NULL)
2214 exit(1);
2215
2216#if defined(LLONG_MIN) && defined(LLONG_MAX)
2217 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2218 llmin = LLONG_MIN;
2219 llmax = LLONG_MAX;
2220#else
2221 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2222 /* This will work on one's complement and two's complement */
2223 for (i = 1; i > llmax; i <<= 1, i++)
2224 llmax = i;
2225 llmin = llmax + 1LL; /* wrap */
2226#endif
2227
2228 /* Sanity check */
2229 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2230 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2231 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2232 fprintf(f, "unknown unknown\n");
2233 exit(2);
2234 }
2235
055252ed 2236 if (fprint_ll(f, llmin) < 0)
90f15776 2237 exit(3);
055252ed 2238 if (fprint_ll(f, llmax) < 0)
2239 exit(4);
2240 if (fclose(f) < 0)
2241 exit(5);
90f15776 2242 exit(0);
2243}
2244 ]])],
2245 [
2246 llong_min=`$AWK '{print $1}' conftest.llminmax`
2247 llong_max=`$AWK '{print $2}' conftest.llminmax`
2248
90f15776 2249 AC_MSG_RESULT($llong_max)
2250 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2251 [max value of long long calculated by configure])
2252 AC_MSG_CHECKING([for min value of long long])
2253 AC_MSG_RESULT($llong_min)
2254 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2255 [min value of long long calculated by configure])
2256 ],
2257 [
2258 AC_MSG_RESULT(not found)
2259 ],
2260 [
2261 AC_MSG_WARN([cross compiling: not checking])
2262 ]
2263 )
2264fi
2265
2266
a0391976 2267# More checks for data types
14a9a859 2268AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2269 AC_TRY_COMPILE(
aff51935 2270 [ #include <sys/types.h> ],
2271 [ u_int a; a = 1;],
14a9a859 2272 [ ac_cv_have_u_int="yes" ],
2273 [ ac_cv_have_u_int="no" ]
2274 )
2275])
2276if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2277 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2278 have_u_int=1
2279fi
2280
58d100bf 2281AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2282 AC_TRY_COMPILE(
aff51935 2283 [ #include <sys/types.h> ],
2284 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2285 [ ac_cv_have_intxx_t="yes" ],
2286 [ ac_cv_have_intxx_t="no" ]
2287 )
2288])
2289if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2290 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2291 have_intxx_t=1
2292fi
41cb4569 2293
2294if (test -z "$have_intxx_t" && \
aff51935 2295 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2296then
2297 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2298 AC_TRY_COMPILE(
aff51935 2299 [ #include <stdint.h> ],
2300 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2301 [
2302 AC_DEFINE(HAVE_INTXX_T)
2303 AC_MSG_RESULT(yes)
2304 ],
2305 [ AC_MSG_RESULT(no) ]
2306 )
2307fi
2308
bd590612 2309AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2310 AC_TRY_COMPILE(
1cbbe6c8 2311 [
2312#include <sys/types.h>
2313#ifdef HAVE_STDINT_H
2314# include <stdint.h>
2315#endif
2316#include <sys/socket.h>
2317#ifdef HAVE_SYS_BITYPES_H
2318# include <sys/bitypes.h>
2319#endif
aff51935 2320 ],
2321 [ int64_t a; a = 1;],
bd590612 2322 [ ac_cv_have_int64_t="yes" ],
2323 [ ac_cv_have_int64_t="no" ]
2324 )
2325])
2326if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2327 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2328fi
2329
58d100bf 2330AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2331 AC_TRY_COMPILE(
aff51935 2332 [ #include <sys/types.h> ],
2333 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2334 [ ac_cv_have_u_intxx_t="yes" ],
2335 [ ac_cv_have_u_intxx_t="no" ]
2336 )
2337])
2338if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2339 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2340 have_u_intxx_t=1
2341fi
2b942fe0 2342
41cb4569 2343if test -z "$have_u_intxx_t" ; then
2344 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2345 AC_TRY_COMPILE(
aff51935 2346 [ #include <sys/socket.h> ],
2347 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2348 [
2349 AC_DEFINE(HAVE_U_INTXX_T)
2350 AC_MSG_RESULT(yes)
2351 ],
2352 [ AC_MSG_RESULT(no) ]
2353 )
2354fi
2355
bd590612 2356AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2357 AC_TRY_COMPILE(
aff51935 2358 [ #include <sys/types.h> ],
2359 [ u_int64_t a; a = 1;],
bd590612 2360 [ ac_cv_have_u_int64_t="yes" ],
2361 [ ac_cv_have_u_int64_t="no" ]
2362 )
2363])
2364if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2365 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2366 have_u_int64_t=1
2367fi
2368
ddceb1c8 2369if test -z "$have_u_int64_t" ; then
2370 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2371 AC_TRY_COMPILE(
aff51935 2372 [ #include <sys/bitypes.h> ],
ddceb1c8 2373 [ u_int64_t a; a = 1],
2374 [
2375 AC_DEFINE(HAVE_U_INT64_T)
2376 AC_MSG_RESULT(yes)
2377 ],
2378 [ AC_MSG_RESULT(no) ]
2379 )
2380fi
2381
41cb4569 2382if test -z "$have_u_intxx_t" ; then
2383 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2384 AC_TRY_COMPILE(
2385 [
2386#include <sys/types.h>
aff51935 2387 ],
2388 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2389 [ ac_cv_have_uintxx_t="yes" ],
2390 [ ac_cv_have_uintxx_t="no" ]
2391 )
2392 ])
2393 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2394 AC_DEFINE(HAVE_UINTXX_T, 1,
2395 [define if you have uintxx_t data type])
41cb4569 2396 fi
2397fi
2398
2399if test -z "$have_uintxx_t" ; then
2400 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2401 AC_TRY_COMPILE(
aff51935 2402 [ #include <stdint.h> ],
2403 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2404 [
2405 AC_DEFINE(HAVE_UINTXX_T)
2406 AC_MSG_RESULT(yes)
2407 ],
2408 [ AC_MSG_RESULT(no) ]
2409 )
2410fi
2411
e5fe9a1f 2412if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2413 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2414then
2415 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2416 AC_TRY_COMPILE(
58d100bf 2417 [
2418#include <sys/bitypes.h>
aff51935 2419 ],
5cdfe03f 2420 [
837c30b8 2421 int8_t a; int16_t b; int32_t c;
2422 u_int8_t e; u_int16_t f; u_int32_t g;
2423 a = b = c = e = f = g = 1;
aff51935 2424 ],
5cdfe03f 2425 [
2426 AC_DEFINE(HAVE_U_INTXX_T)
2427 AC_DEFINE(HAVE_INTXX_T)
2428 AC_MSG_RESULT(yes)
2429 ],
2430 [AC_MSG_RESULT(no)]
aff51935 2431 )
5cdfe03f 2432fi
2433
0362750e 2434
2435AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2436 AC_TRY_COMPILE(
2437 [
2438#include <sys/types.h>
2439 ],
2440 [ u_char foo; foo = 125; ],
2441 [ ac_cv_have_u_char="yes" ],
2442 [ ac_cv_have_u_char="no" ]
2443 )
2444])
2445if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2446 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2447fi
2448
98a7c37b 2449TYPE_SOCKLEN_T
2b942fe0 2450
2d16d9a3 2451AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2452
777ece68 2453AC_CHECK_TYPES(in_addr_t,,,
2454[#include <sys/types.h>
2455#include <netinet/in.h>])
7b578f7d 2456
58d100bf 2457AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2458 AC_TRY_COMPILE(
2459 [
18ba2aab 2460#include <sys/types.h>
58d100bf 2461 ],
2462 [ size_t foo; foo = 1235; ],
2463 [ ac_cv_have_size_t="yes" ],
2464 [ ac_cv_have_size_t="no" ]
2465 )
2466])
2467if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2468 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2469fi
ea1970a3 2470
c04f75f1 2471AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2472 AC_TRY_COMPILE(
2473 [
2474#include <sys/types.h>
2475 ],
2476 [ ssize_t foo; foo = 1235; ],
2477 [ ac_cv_have_ssize_t="yes" ],
2478 [ ac_cv_have_ssize_t="no" ]
2479 )
2480])
2481if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2482 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2483fi
2484
f1c4659d 2485AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2486 AC_TRY_COMPILE(
2487 [
2488#include <time.h>
2489 ],
2490 [ clock_t foo; foo = 1235; ],
2491 [ ac_cv_have_clock_t="yes" ],
2492 [ ac_cv_have_clock_t="no" ]
2493 )
2494])
2495if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2496 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2497fi
2498
1c04b088 2499AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2500 AC_TRY_COMPILE(
2501 [
2502#include <sys/types.h>
2503#include <sys/socket.h>
2504 ],
2505 [ sa_family_t foo; foo = 1235; ],
2506 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2507 [ AC_TRY_COMPILE(
2508 [
2509#include <sys/types.h>
2510#include <sys/socket.h>
2511#include <netinet/in.h>
2512 ],
2513 [ sa_family_t foo; foo = 1235; ],
2514 [ ac_cv_have_sa_family_t="yes" ],
2515
1c04b088 2516 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2517 )]
1c04b088 2518 )
2519])
2520if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2521 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2522 [define if you have sa_family_t data type])
1c04b088 2523fi
2524
729bfe59 2525AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2526 AC_TRY_COMPILE(
2527 [
2528#include <sys/types.h>
2529 ],
2530 [ pid_t foo; foo = 1235; ],
2531 [ ac_cv_have_pid_t="yes" ],
2532 [ ac_cv_have_pid_t="no" ]
2533 )
2534])
2535if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2536 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2537fi
2538
2539AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2540 AC_TRY_COMPILE(
2541 [
2542#include <sys/types.h>
2543 ],
2544 [ mode_t foo; foo = 1235; ],
2545 [ ac_cv_have_mode_t="yes" ],
2546 [ ac_cv_have_mode_t="no" ]
2547 )
2548])
2549if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2550 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2551fi
2552
e3a93db0 2553
58d100bf 2554AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2555 AC_TRY_COMPILE(
2556 [
18ba2aab 2557#include <sys/types.h>
2558#include <sys/socket.h>
58d100bf 2559 ],
2560 [ struct sockaddr_storage s; ],
2561 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2562 [ ac_cv_have_struct_sockaddr_storage="no" ]
2563 )
2564])
2565if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2566 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2567 [define if you have struct sockaddr_storage data type])
58d100bf 2568fi
48e671d5 2569
58d100bf 2570AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2571 AC_TRY_COMPILE(
2572 [
cbd7492e 2573#include <sys/types.h>
58d100bf 2574#include <netinet/in.h>
2575 ],
2576 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2577 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2578 [ ac_cv_have_struct_sockaddr_in6="no" ]
2579 )
2580])
2581if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2582 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2583 [define if you have struct sockaddr_in6 data type])
58d100bf 2584fi
48e671d5 2585
58d100bf 2586AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2587 AC_TRY_COMPILE(
2588 [
cbd7492e 2589#include <sys/types.h>
58d100bf 2590#include <netinet/in.h>
2591 ],
2592 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2593 [ ac_cv_have_struct_in6_addr="yes" ],
2594 [ ac_cv_have_struct_in6_addr="no" ]
2595 )
2596])
2597if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2598 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2599 [define if you have struct in6_addr data type])
58d100bf 2600fi
48e671d5 2601
58d100bf 2602AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2603 AC_TRY_COMPILE(
2604 [
18ba2aab 2605#include <sys/types.h>
2606#include <sys/socket.h>
2607#include <netdb.h>
58d100bf 2608 ],
2609 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2610 [ ac_cv_have_struct_addrinfo="yes" ],
2611 [ ac_cv_have_struct_addrinfo="no" ]
2612 )
2613])
2614if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2615 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2616 [define if you have struct addrinfo data type])
58d100bf 2617fi
2618
89c7e31c 2619AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2620 AC_TRY_COMPILE(
aff51935 2621 [ #include <sys/time.h> ],
2622 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2623 [ ac_cv_have_struct_timeval="yes" ],
2624 [ ac_cv_have_struct_timeval="no" ]
2625 )
2626])
2627if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2628 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2629 have_struct_timeval=1
2630fi
2631
5271b55c 2632AC_CHECK_TYPES(struct timespec)
2633
85abc74b 2634# We need int64_t or else certian parts of the compile will fail.
4b492aab 2635if test "x$ac_cv_have_int64_t" = "xno" && \
2636 test "x$ac_cv_sizeof_long_int" != "x8" && \
2637 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2638 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2639 echo "an alternative compiler (I.E., GCC) before continuing."
2640 echo ""
2641 exit 1;
733cf7f4 2642else
2643dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2644 AC_RUN_IFELSE(
479cece8 2645 [AC_LANG_SOURCE([[
733cf7f4 2646#include <stdio.h>
2647#include <string.h>
2648#ifdef HAVE_SNPRINTF
2649main()
2650{
2651 char buf[50];
2652 char expected_out[50];
2653 int mazsize = 50 ;
2654#if (SIZEOF_LONG_INT == 8)
2655 long int num = 0x7fffffffffffffff;
2656#else
763a1a18 2657 long long num = 0x7fffffffffffffffll;
733cf7f4 2658#endif
2659 strcpy(expected_out, "9223372036854775807");
2660 snprintf(buf, mazsize, "%lld", num);
2661 if(strcmp(buf, expected_out) != 0)
aff51935 2662 exit(1);
733cf7f4 2663 exit(0);
2664}
2665#else
2666main() { exit(0); }
2667#endif
479cece8 2668 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2669 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2670 )
2c523de9 2671fi
2672
77bb0bca 2673dnl Checks for structure members
58d100bf 2674OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2675OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2676OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2677OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2678OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2679OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2680OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2681OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2682OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2683OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2684OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2685OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2686OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2687OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2688OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2689OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2690OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2691
2692AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2693AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2694 [Define if we don't have struct __res_state in resolv.h])],
2695[
2696#include <stdio.h>
2697#if HAVE_SYS_TYPES_H
2698# include <sys/types.h>
2699#endif
2700#include <netinet/in.h>
2701#include <arpa/nameser.h>
2702#include <resolv.h>
2703])
1d7b9b20 2704
58d100bf 2705AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2706 ac_cv_have_ss_family_in_struct_ss, [
2707 AC_TRY_COMPILE(
2708 [
18ba2aab 2709#include <sys/types.h>
2710#include <sys/socket.h>
58d100bf 2711 ],
2712 [ struct sockaddr_storage s; s.ss_family = 1; ],
2713 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2714 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2715 )
2716])
2717if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2718 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2719fi
2720
58d100bf 2721AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2722 ac_cv_have___ss_family_in_struct_ss, [
2723 AC_TRY_COMPILE(
2724 [
18ba2aab 2725#include <sys/types.h>
2726#include <sys/socket.h>
58d100bf 2727 ],
2728 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2729 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2730 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2731 )
2732])
2733if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2734 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2735 [Fields in struct sockaddr_storage])
58d100bf 2736fi
2737
2e73a022 2738AC_CACHE_CHECK([for pw_class field in struct passwd],
2739 ac_cv_have_pw_class_in_struct_passwd, [
2740 AC_TRY_COMPILE(
2741 [
2e73a022 2742#include <pwd.h>
2743 ],
97994d32 2744 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2745 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2746 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2747 )
2748])
2749if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2750 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2751 [Define if your password has a pw_class field])
2e73a022 2752fi
2753
7751d4eb 2754AC_CACHE_CHECK([for pw_expire field in struct passwd],
2755 ac_cv_have_pw_expire_in_struct_passwd, [
2756 AC_TRY_COMPILE(
2757 [
2758#include <pwd.h>
2759 ],
2760 [ struct passwd p; p.pw_expire = 0; ],
2761 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2762 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2763 )
2764])
2765if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2766 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2767 [Define if your password has a pw_expire field])
7751d4eb 2768fi
2769
2770AC_CACHE_CHECK([for pw_change field in struct passwd],
2771 ac_cv_have_pw_change_in_struct_passwd, [
2772 AC_TRY_COMPILE(
2773 [
2774#include <pwd.h>
2775 ],
2776 [ struct passwd p; p.pw_change = 0; ],
2777 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2778 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2779 )
2780])
2781if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2782 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2783 [Define if your password has a pw_change field])
7751d4eb 2784fi
58d100bf 2785
637f9177 2786dnl make sure we're using the real structure members and not defines
6f34652e 2787AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2788 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2789 AC_COMPILE_IFELSE(
6f34652e 2790 [
f95c8ce8 2791#include <sys/types.h>
6f34652e 2792#include <sys/socket.h>
2793#include <sys/uio.h>
637f9177 2794int main() {
2795#ifdef msg_accrights
1a01a50c 2796#error "msg_accrights is a macro"
637f9177 2797exit(1);
2798#endif
2799struct msghdr m;
2800m.msg_accrights = 0;
2801exit(0);
2802}
6f34652e 2803 ],
6f34652e 2804 [ ac_cv_have_accrights_in_msghdr="yes" ],
2805 [ ac_cv_have_accrights_in_msghdr="no" ]
2806 )
2807])
2808if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2809 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2810 [Define if your system uses access rights style
2811 file descriptor passing])
6f34652e 2812fi
2813
7176df4f 2814AC_CACHE_CHECK([for msg_control field in struct msghdr],
2815 ac_cv_have_control_in_msghdr, [
1a01a50c 2816 AC_COMPILE_IFELSE(
7176df4f 2817 [
f95c8ce8 2818#include <sys/types.h>
7176df4f 2819#include <sys/socket.h>
2820#include <sys/uio.h>
637f9177 2821int main() {
2822#ifdef msg_control
1a01a50c 2823#error "msg_control is a macro"
637f9177 2824exit(1);
2825#endif
2826struct msghdr m;
2827m.msg_control = 0;
2828exit(0);
2829}
7176df4f 2830 ],
7176df4f 2831 [ ac_cv_have_control_in_msghdr="yes" ],
2832 [ ac_cv_have_control_in_msghdr="no" ]
2833 )
2834])
2835if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2836 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2837 [Define if your system uses ancillary data style
2838 file descriptor passing])
7176df4f 2839fi
2840
58d100bf 2841AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2842 AC_TRY_LINK([],
2843 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2844 [ ac_cv_libc_defines___progname="yes" ],
2845 [ ac_cv_libc_defines___progname="no" ]
2846 )
2847])
2848if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2849 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2850fi
8946db53 2851
c921ee00 2852AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2853 AC_TRY_LINK([
2854#include <stdio.h>
aff51935 2855],
2856 [ printf("%s", __FUNCTION__); ],
c921ee00 2857 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2858 [ ac_cv_cc_implements___FUNCTION__="no" ]
2859 )
2860])
2861if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2862 AC_DEFINE(HAVE___FUNCTION__, 1,
2863 [Define if compiler implements __FUNCTION__])
c921ee00 2864fi
2865
2866AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2867 AC_TRY_LINK([
2868#include <stdio.h>
aff51935 2869],
2870 [ printf("%s", __func__); ],
c921ee00 2871 [ ac_cv_cc_implements___func__="yes" ],
2872 [ ac_cv_cc_implements___func__="no" ]
2873 )
2874])
2875if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2876 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2877fi
2878
9a406e1e 2879AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2880 AC_TRY_LINK(
2881 [#include <stdarg.h>
2882 va_list x,y;],
2883 [va_copy(x,y);],
2884 [ ac_cv_have_va_copy="yes" ],
2885 [ ac_cv_have_va_copy="no" ]
2886 )
2887])
2888if test "x$ac_cv_have_va_copy" = "xyes" ; then
2889 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2890fi
2891
2892AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2893 AC_TRY_LINK(
2894 [#include <stdarg.h>
2895 va_list x,y;],
2896 [__va_copy(x,y);],
2897 [ ac_cv_have___va_copy="yes" ],
2898 [ ac_cv_have___va_copy="no" ]
2899 )
2900])
2901if test "x$ac_cv_have___va_copy" = "xyes" ; then
2902 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2903fi
2904
1812a662 2905AC_CACHE_CHECK([whether getopt has optreset support],
2906 ac_cv_have_getopt_optreset, [
2907 AC_TRY_LINK(
2908 [
2909#include <getopt.h>
2910 ],
2911 [ extern int optreset; optreset = 0; ],
2912 [ ac_cv_have_getopt_optreset="yes" ],
2913 [ ac_cv_have_getopt_optreset="no" ]
2914 )
2915])
2916if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 2917 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2918 [Define if your getopt(3) defines and uses optreset])
1812a662 2919fi
a0391976 2920
819b676f 2921AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2922 AC_TRY_LINK([],
2923 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2924 [ ac_cv_libc_defines_sys_errlist="yes" ],
2925 [ ac_cv_libc_defines_sys_errlist="no" ]
2926 )
2927])
2928if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 2929 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2930 [Define if your system defines sys_errlist[]])
819b676f 2931fi
2932
2933
416ed5a7 2934AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2935 AC_TRY_LINK([],
2936 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2937 [ ac_cv_libc_defines_sys_nerr="yes" ],
2938 [ ac_cv_libc_defines_sys_nerr="no" ]
2939 )
2940])
2941if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 2942 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 2943fi
2944
aff51935 2945SCARD_MSG="no"
295c8801 2946# Check whether user wants sectok support
2947AC_ARG_WITH(sectok,
2948 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2949 [
2950 if test "x$withval" != "xno" ; then
2951 if test "x$withval" != "xyes" ; then
2952 CPPFLAGS="$CPPFLAGS -I${withval}"
2953 LDFLAGS="$LDFLAGS -L${withval}"
2954 if test ! -z "$need_dash_r" ; then
2955 LDFLAGS="$LDFLAGS -R${withval}"
2956 fi
2957 if test ! -z "$blibpath" ; then
2958 blibpath="$blibpath:${withval}"
2959 fi
2960 fi
2961 AC_CHECK_HEADERS(sectok.h)
2962 if test "$ac_cv_header_sectok_h" != yes; then
2963 AC_MSG_ERROR(Can't find sectok.h)
2964 fi
2965 AC_CHECK_LIB(sectok, sectok_open)
2966 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2967 AC_MSG_ERROR(Can't find libsectok)
2968 fi
3466e002 2969 AC_DEFINE(SMARTCARD, 1,
2970 [Define if you want smartcard support])
2971 AC_DEFINE(USE_SECTOK, 1,
2972 [Define if you want smartcard support
2973 using sectok])
aff51935 2974 SCARD_MSG="yes, using sectok"
295c8801 2975 fi
2976 ]
2977)
2978
2979# Check whether user wants OpenSC support
987b458f 2980OPENSC_CONFIG="no"
295c8801 2981AC_ARG_WITH(opensc,
e47fb473 2982 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 2983 [
2984 if test "x$withval" != "xno" ; then
2985 if test "x$withval" != "xyes" ; then
2986 OPENSC_CONFIG=$withval/bin/opensc-config
2987 else
2988 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2989 fi
2990 if test "$OPENSC_CONFIG" != "no"; then
2991 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2992 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2993 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2994 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2995 AC_DEFINE(SMARTCARD)
3466e002 2996 AC_DEFINE(USE_OPENSC, 1,
2997 [Define if you want smartcard support
2998 using OpenSC])
987b458f 2999 SCARD_MSG="yes, using OpenSC"
3000 fi
3001 fi
3002 ]
3003)
d0b19c95 3004
c31dc31c 3005# Check libraries needed by DNS fingerprint support
aff51935 3006AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3007 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3008 [Define if getrrsetbyname() exists])],
3e05e934 3009 [
c31dc31c 3010 # Needed by our getrrsetbyname()
3011 AC_SEARCH_LIBS(res_query, resolv)
3012 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3013 AC_MSG_CHECKING(if res_query will link)
3014 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3015 [AC_MSG_RESULT(no)
3016 saved_LIBS="$LIBS"
3017 LIBS="$LIBS -lresolv"
3018 AC_MSG_CHECKING(for res_query in -lresolv)
3019 AC_LINK_IFELSE([
3020#include <resolv.h>
3021int main()
3022{
3023 res_query (0, 0, 0, 0, 0);
3024 return 0;
3025}
3026 ],
3027 [LIBS="$LIBS -lresolv"
3028 AC_MSG_RESULT(yes)],
3029 [LIBS="$saved_LIBS"
3030 AC_MSG_RESULT(no)])
3031 ])
c31dc31c 3032 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3033 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3034 [#include <sys/types.h>
3035 #include <arpa/nameser.h>])
c31dc31c 3036 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3037 [AC_DEFINE(HAVE_HEADER_AD, 1,
3038 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3039 [#include <arpa/nameser.h>])
3040 ])
3e05e934 3041
ef4d1846 3042# Check whether user wants SELinux support
3043SELINUX_MSG="no"
3044LIBSELINUX=""
3045AC_ARG_WITH(selinux,
3046 [ --with-selinux Enable SELinux support],
3047 [ if test "x$withval" != "xno" ; then
3048 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3049 SELINUX_MSG="yes"
3050 AC_CHECK_HEADER([selinux/selinux.h], ,
3051 AC_MSG_ERROR(SELinux support requires selinux.h header))
3052 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3053 AC_MSG_ERROR(SELinux support requires libselinux library))
3054 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3055 fi ]
3056)
3057AC_SUBST(LIBSELINUX)
3058
12928e80 3059# Check whether user wants Kerberos 5 support
aff51935 3060KRB5_MSG="no"
12928e80 3061AC_ARG_WITH(kerberos5,
aff51935 3062 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3063 [ if test "x$withval" != "xno" ; then
3064 if test "x$withval" = "xyes" ; then
3065 KRB5ROOT="/usr/local"
3066 else
3067 KRB5ROOT=${withval}
3068 fi
3069
3466e002 3070 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3071 KRB5_MSG="yes"
3072
3073 AC_MSG_CHECKING(for krb5-config)
3074 if test -x $KRB5ROOT/bin/krb5-config ; then
3075 KRB5CONF=$KRB5ROOT/bin/krb5-config
3076 AC_MSG_RESULT($KRB5CONF)
3077
3078 AC_MSG_CHECKING(for gssapi support)
3079 if $KRB5CONF | grep gssapi >/dev/null ; then
3080 AC_MSG_RESULT(yes)
3466e002 3081 AC_DEFINE(GSSAPI, 1,
3082 [Define this if you want GSSAPI
3083 support in the version 2 protocol])
071970fb 3084 k5confopts=gssapi
aff51935 3085 else
5585c441 3086 AC_MSG_RESULT(no)
071970fb 3087 k5confopts=""
aff51935 3088 fi
071970fb 3089 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3090 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3091 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3092 AC_MSG_CHECKING(whether we are using Heimdal)
3093 AC_TRY_COMPILE([ #include <krb5.h> ],
3094 [ char *tmp = heimdal_version; ],
3095 [ AC_MSG_RESULT(yes)
3466e002 3096 AC_DEFINE(HEIMDAL, 1,
3097 [Define this if you are using the
3098 Heimdal version of Kerberos V5]) ],
5585c441 3099 AC_MSG_RESULT(no)
3100 )
3101 else
3102 AC_MSG_RESULT(no)
12928e80 3103 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3104 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3105 AC_MSG_CHECKING(whether we are using Heimdal)
3106 AC_TRY_COMPILE([ #include <krb5.h> ],
3107 [ char *tmp = heimdal_version; ],
3108 [ AC_MSG_RESULT(yes)
3109 AC_DEFINE(HEIMDAL)
41707f74 3110 K5LIBS="-lkrb5 -ldes"
3111 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3112 AC_CHECK_LIB(roken, net_write,
41707f74 3113 [K5LIBS="$K5LIBS -lroken"])
aff51935 3114 ],
3115 [ AC_MSG_RESULT(no)
3116 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3117 ]
3118 )
4e00038c 3119 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3120
749560dd 3121 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3122 [ AC_DEFINE(GSSAPI)
3123 K5LIBS="-lgssapi $K5LIBS" ],
3124 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3125 [ AC_DEFINE(GSSAPI)
aff51935 3126 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3127 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3128 $K5LIBS)
3129 ],
3130 $K5LIBS)
82f4e93d 3131
749560dd 3132 AC_CHECK_HEADER(gssapi.h, ,
3133 [ unset ac_cv_header_gssapi_h
aff51935 3134 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3135 AC_CHECK_HEADERS(gssapi.h, ,
3136 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3137 )
749560dd 3138 ]
3139 )
3140
3141 oldCPP="$CPPFLAGS"
3142 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3143 AC_CHECK_HEADER(gssapi_krb5.h, ,
3144 [ CPPFLAGS="$oldCPP" ])
3145
aff51935 3146 fi
5585c441 3147 if test ! -z "$need_dash_r" ; then
3148 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3149 fi
3150 if test ! -z "$blibpath" ; then
3151 blibpath="$blibpath:${KRB5ROOT}/lib"
3152 fi
071970fb 3153
f5555364 3154 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3155 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3156 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3157
f5555364 3158 LIBS="$LIBS $K5LIBS"
3466e002 3159 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3160 [Define this if you want to use libkafs' AFS support]))
f5555364 3161 fi
071970fb 3162 ]
12928e80 3163)
b5b68128 3164
a0391976 3165# Looking for programs, paths and files
a0391976 3166
ecac8ee5 3167PRIVSEP_PATH=/var/empty
3168AC_ARG_WITH(privsep-path,
cda1ebcb 3169 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3170 [
6cf0200f 3171 if test -n "$withval" && test "x$withval" != "xno" && \
3172 test "x${withval}" != "xyes"; then
ecac8ee5 3173 PRIVSEP_PATH=$withval
3174 fi
3175 ]
3176)
3177AC_SUBST(PRIVSEP_PATH)
3178
a0391976 3179AC_ARG_WITH(xauth,
3180 [ --with-xauth=PATH Specify path to xauth program ],
3181 [
6cf0200f 3182 if test -n "$withval" && test "x$withval" != "xno" && \
3183 test "x${withval}" != "xyes"; then
cbd7492e 3184 xauth_path=$withval
a0391976 3185 fi
3186 ],
3187 [
2bf42e4a 3188 TestPath="$PATH"
3189 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3190 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3191 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3192 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3193 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3194 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3195 xauth_path="/usr/openwin/bin/xauth"
3196 fi
3197 ]
3198)
3199
65a4b4af 3200STRIP_OPT=-s
3201AC_ARG_ENABLE(strip,
3202 [ --disable-strip Disable calling strip(1) on install],
3203 [
3204 if test "x$enableval" = "xno" ; then
3205 STRIP_OPT=
3206 fi
3207 ]
3208)
3209AC_SUBST(STRIP_OPT)
3210
b3ec54b4 3211if test -z "$xauth_path" ; then
3212 XAUTH_PATH="undefined"
3213 AC_SUBST(XAUTH_PATH)
3214else
3466e002 3215 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3216 [Define if xauth is found in your path])
b3ec54b4 3217 XAUTH_PATH=$xauth_path
3218 AC_SUBST(XAUTH_PATH)
a0391976 3219fi
a0391976 3220
3221# Check for mail directory (last resort if we cannot get it from headers)
3222if test ! -z "$MAIL" ; then
3223 maildir=`dirname $MAIL`
3466e002 3224 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3225 [Set this to your mail directory if you don't have maillock.h])
a0391976 3226fi
3227
479cece8 3228if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3229 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3230 disable_ptmx_check=yes
3231fi
a0391976 3232if test -z "$no_dev_ptmx" ; then
6e879cb4 3233 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3234 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3235 [
3466e002 3236 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3237 [Define if you have /dev/ptmx])
6e879cb4 3238 have_dev_ptmx=1
3239 ]
3240 )
3241 fi
3276571c 3242fi
1a01a50c 3243
479cece8 3244if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3245 AC_CHECK_FILE("/dev/ptc",
3246 [
3466e002 3247 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3248 [Define if you have /dev/ptc])
1a01a50c 3249 have_dev_ptc=1
3250 ]
3251 )
3252else
3253 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3254fi
3276571c 3255
a0391976 3256# Options from here on. Some of these are preset by platform above
fdf6b7aa 3257AC_ARG_WITH(mantype,
5d97cfbf 3258 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3259 [
5d97cfbf 3260 case "$withval" in
3261 man|cat|doc)
3262 MANTYPE=$withval
3263 ;;
3264 *)
3265 AC_MSG_ERROR(invalid man type: $withval)
3266 ;;
3267 esac
c54a6257 3268 ]
3269)
e0c4d3ac 3270if test -z "$MANTYPE"; then
2bf42e4a 3271 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3272 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3273 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3274 MANTYPE=doc
3275 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3276 MANTYPE=man
3277 else
3278 MANTYPE=cat
3279 fi
3280fi
c54a6257 3281AC_SUBST(MANTYPE)
e0c4d3ac 3282if test "$MANTYPE" = "doc"; then
3283 mansubdir=man;
3284else
3285 mansubdir=$MANTYPE;
3286fi
3287AC_SUBST(mansubdir)
0bc5b6fb 3288
a0391976 3289# Check whether to enable MD5 passwords
aff51935 3290MD5_MSG="no"
2ddcfdf3 3291AC_ARG_WITH(md5-passwords,
caf3bc51 3292 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3293 [
bcf36c78 3294 if test "x$withval" != "xno" ; then
3466e002 3295 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3296 [Define if you want to allow MD5 passwords])
aff51935 3297 MD5_MSG="yes"
0bc5b6fb 3298 fi
3299 ]
caf3bc51 3300)
3301
a0391976 3302# Whether to disable shadow password support
a7effaac 3303AC_ARG_WITH(shadow,
3304 [ --without-shadow Disable shadow password support],
3305 [
82f4e93d 3306 if test "x$withval" = "xno" ; then
a7effaac 3307 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3308 disable_shadow=yes
a7effaac 3309 fi
3310 ]
3311)
3312
4cb5ffa0 3313if test -z "$disable_shadow" ; then
3314 AC_MSG_CHECKING([if the systems has expire shadow information])
3315 AC_TRY_COMPILE(
3316 [
3317#include <sys/types.h>
3318#include <shadow.h>
3319 struct spwd sp;
3320 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3321 [ sp_expire_available=yes ], []
3322 )
3323
3324 if test "x$sp_expire_available" = "xyes" ; then
3325 AC_MSG_RESULT(yes)
3466e002 3326 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3327 [Define if you want to use shadow password expire field])
4cb5ffa0 3328 else
3329 AC_MSG_RESULT(no)
3330 fi
3331fi
3332
a0391976 3333# Use ip address instead of hostname in $DISPLAY
44839801 3334if test ! -z "$IPADDR_IN_DISPLAY" ; then
3335 DISPLAY_HACK_MSG="yes"
3466e002 3336 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3337 [Define if you need to use IP address
3338 instead of hostname in $DISPLAY])
44839801 3339else
aff51935 3340 DISPLAY_HACK_MSG="no"
44839801 3341 AC_ARG_WITH(ipaddr-display,
3342 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3343 [
82f4e93d 3344 if test "x$withval" != "xno" ; then
44839801 3345 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3346 DISPLAY_HACK_MSG="yes"
44839801 3347 fi
3348 ]
3349 )
3350fi
a7effaac 3351
95b99395 3352# check for /etc/default/login and use it if present.
daa41e62 3353AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3354 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3355 [ if test "x$enableval" = "xno"; then
3356 AC_MSG_NOTICE([/etc/default/login handling disabled])
3357 etc_default_login=no
3358 else
3359 etc_default_login=yes
3360 fi ],
b0e7249f 3361 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3362 then
3363 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3364 etc_default_login=no
3365 else
3366 etc_default_login=yes
3367 fi ]
694d0cef 3368)
95b99395 3369
694d0cef 3370if test "x$etc_default_login" != "xno"; then
3371 AC_CHECK_FILE("/etc/default/login",
3372 [ external_path_file=/etc/default/login ])
b0e7249f 3373 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3374 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3375 [Define if your system has /etc/default/login])
1a01a50c 3376 fi
694d0cef 3377fi
95b99395 3378
8d184c09 3379dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3380if test $ac_cv_func_login_getcapbool = "yes" && \
3381 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3382 external_path_file=/etc/login.conf
8d184c09 3383fi
95b99395 3384
a0391976 3385# Whether to mess with the default path
aff51935 3386SERVER_PATH_MSG="(default)"
c43d69a9 3387AC_ARG_WITH(default-path,
75817f90 3388 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3389 [
95b99395 3390 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3391 AC_MSG_WARN([
3392--with-default-path=PATH has no effect on this system.
3393Edit /etc/login.conf instead.])
82f4e93d 3394 elif test "x$withval" != "xno" ; then
89bbd457 3395 if test ! -z "$external_path_file" ; then
95b99395 3396 AC_MSG_WARN([
3397--with-default-path=PATH will only be used if PATH is not defined in
3398$external_path_file .])
3399 fi
b2d818e6 3400 user_path="$withval"
aff51935 3401 SERVER_PATH_MSG="$withval"
cb807f40 3402 fi
b2d818e6 3403 ],
95b99395 3404 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3405 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3406 else
89bbd457 3407 if test ! -z "$external_path_file" ; then
95b99395 3408 AC_MSG_WARN([
3409If PATH is defined in $external_path_file, ensure the path to scp is included,
3410otherwise scp will not work.])
3411 fi
b0e7249f 3412 AC_RUN_IFELSE(
3413 [AC_LANG_SOURCE([[
b2d818e6 3414/* find out what STDPATH is */
3415#include <stdio.h>
b2d818e6 3416#ifdef HAVE_PATHS_H
3417# include <paths.h>
3418#endif
3419#ifndef _PATH_STDPATH
d9a4e55b 3420# ifdef _PATH_USERPATH /* Irix */
3421# define _PATH_STDPATH _PATH_USERPATH
3422# else
3423# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3424# endif
b2d818e6 3425#endif
3426#include <sys/types.h>
3427#include <sys/stat.h>
3428#include <fcntl.h>
3429#define DATA "conftest.stdpath"
3430
3431main()
3432{
3433 FILE *fd;
3434 int rc;
82f4e93d 3435
b2d818e6 3436 fd = fopen(DATA,"w");
3437 if(fd == NULL)
3438 exit(1);
82f4e93d 3439
b2d818e6 3440 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3441 exit(1);
3442
3443 exit(0);
3444}
b0e7249f 3445 ]])],
3446 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3447 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3448 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3449 )
3450# make sure $bindir is in USER_PATH so scp will work
3451 t_bindir=`eval echo ${bindir}`
3452 case $t_bindir in
3453 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3454 esac
3455 case $t_bindir in
3456 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3457 esac
3458 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3459 if test $? -ne 0 ; then
3460 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3461 if test $? -ne 0 ; then
3462 user_path=$user_path:$t_bindir
3463 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3464 fi
3465 fi
8d184c09 3466 fi ]
cb807f40 3467)
95b99395 3468if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3469 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3470 AC_SUBST(user_path)
3471fi
cb807f40 3472
06617857 3473# Set superuser path separately to user path
06617857 3474AC_ARG_WITH(superuser-path,
3475 [ --with-superuser-path= Specify different path for super-user],
3476 [
6cf0200f 3477 if test -n "$withval" && test "x$withval" != "xno" && \
3478 test "x${withval}" != "xyes"; then
3466e002 3479 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3480 [Define if you want a different $PATH
3481 for the superuser])
06617857 3482 superuser_path=$withval
3483 fi
3484 ]
3485)
3486
3487
58d100bf 3488AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3489IPV4_IN6_HACK_MSG="no"
80faa19f 3490AC_ARG_WITH(4in6,
3491 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3492 [
3493 if test "x$withval" != "xno" ; then
3494 AC_MSG_RESULT(yes)
3466e002 3495 AC_DEFINE(IPV4_IN_IPV6, 1,
3496 [Detect IPv4 in IPv6 mapped addresses
3497 and treat as IPv4])
aff51935 3498 IPV4_IN6_HACK_MSG="yes"
80faa19f 3499 else
3500 AC_MSG_RESULT(no)
3501 fi
3502 ],[
3503 if test "x$inet6_default_4in6" = "xyes"; then
3504 AC_MSG_RESULT([yes (default)])
3505 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3506 IPV4_IN6_HACK_MSG="yes"
80faa19f 3507 else
3508 AC_MSG_RESULT([no (default)])
3509 fi
3510 ]
3511)
3512
af774732 3513# Whether to enable BSD auth support
f1b0ecc3 3514BSD_AUTH_MSG=no
af774732 3515AC_ARG_WITH(bsd-auth,
3516 [ --with-bsd-auth Enable BSD auth support],
3517 [
82f4e93d 3518 if test "x$withval" != "xno" ; then
3466e002 3519 AC_DEFINE(BSD_AUTH, 1,
3520 [Define if you have BSD auth support])
f1b0ecc3 3521 BSD_AUTH_MSG=yes
af774732 3522 fi
3523 ]
3524)
3525
a0391976 3526# Where to place sshd.pid
19d9ac2a 3527piddir=/var/run
81dadca3 3528# make sure the directory exists
82f4e93d 3529if test ! -d $piddir ; then
81dadca3 3530 piddir=`eval echo ${sysconfdir}`
3531 case $piddir in
aff51935 3532 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3533 esac
3534fi
3535
47e45e44 3536AC_ARG_WITH(pid-dir,
3537 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3538 [
6cf0200f 3539 if test -n "$withval" && test "x$withval" != "xno" && \
3540 test "x${withval}" != "xyes"; then
19d9ac2a 3541 piddir=$withval
82f4e93d 3542 if test ! -d $piddir ; then
81dadca3 3543 AC_MSG_WARN([** no $piddir directory on this system **])
3544 fi
47e45e44 3545 fi
3546 ]
3547)
b7a87eea 3548
3466e002 3549AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3550AC_SUBST(piddir)
47e45e44 3551
1d7b9b20 3552dnl allow user to disable some login recording features
3553AC_ARG_ENABLE(lastlog,
bfd550a2 3554 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3555 [
3556 if test "x$enableval" = "xno" ; then
3557 AC_DEFINE(DISABLE_LASTLOG)
3558 fi
3559 ]
1d7b9b20 3560)
3561AC_ARG_ENABLE(utmp,
bfd550a2 3562 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3563 [
3564 if test "x$enableval" = "xno" ; then
3565 AC_DEFINE(DISABLE_UTMP)
3566 fi
3567 ]
1d7b9b20 3568)
3569AC_ARG_ENABLE(utmpx,
bfd550a2 3570 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3571 [
3572 if test "x$enableval" = "xno" ; then
3466e002 3573 AC_DEFINE(DISABLE_UTMPX, 1,
3574 [Define if you don't want to use utmpx])
ddb154b3 3575 fi
3576 ]
1d7b9b20 3577)
3578AC_ARG_ENABLE(wtmp,
bfd550a2 3579 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3580 [
3581 if test "x$enableval" = "xno" ; then
3582 AC_DEFINE(DISABLE_WTMP)
3583 fi
3584 ]
1d7b9b20 3585)
3586AC_ARG_ENABLE(wtmpx,
bfd550a2 3587 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3588 [
3589 if test "x$enableval" = "xno" ; then
3466e002 3590 AC_DEFINE(DISABLE_WTMPX, 1,
3591 [Define if you don't want to use wtmpx])
ddb154b3 3592 fi
3593 ]
1d7b9b20 3594)
3595AC_ARG_ENABLE(libutil,
bfd550a2 3596 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3597 [
3598 if test "x$enableval" = "xno" ; then
3599 AC_DEFINE(DISABLE_LOGIN)
3600 fi
3601 ]
1d7b9b20 3602)
3603AC_ARG_ENABLE(pututline,
bfd550a2 3604 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3605 [
3606 if test "x$enableval" = "xno" ; then
3466e002 3607 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3608 [Define if you don't want to use pututline()
3609 etc. to write [uw]tmp])
ddb154b3 3610 fi
3611 ]
1d7b9b20 3612)
3613AC_ARG_ENABLE(pututxline,
bfd550a2 3614 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3615 [
3616 if test "x$enableval" = "xno" ; then
3466e002 3617 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3618 [Define if you don't want to use pututxline()
3619 etc. to write [uw]tmpx])
ddb154b3 3620 fi
3621 ]
1d7b9b20 3622)
3623AC_ARG_WITH(lastlog,
bfd550a2 3624 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3625 [
82f4e93d 3626 if test "x$withval" = "xno" ; then
8c89dd2b 3627 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3628 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3629 conf_lastlog_location=$withval
3630 fi
3631 ]
3632)
1d7b9b20 3633
3634dnl lastlog, [uw]tmpx? detection
3635dnl NOTE: set the paths in the platform section to avoid the
3636dnl need for command-line parameters
3637dnl lastlog and [uw]tmp are subject to a file search if all else fails
3638
3639dnl lastlog detection
3640dnl NOTE: the code itself will detect if lastlog is a directory
3641AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3642AC_TRY_COMPILE([
3643#include <sys/types.h>
3644#include <utmp.h>
3645#ifdef HAVE_LASTLOG_H
3646# include <lastlog.h>
3647#endif
d7c0f3d5 3648#ifdef HAVE_PATHS_H
1d7b9b20 3649# include <paths.h>
41cb4569 3650#endif
3651#ifdef HAVE_LOGIN_H
3652# include <login.h>
1d7b9b20 3653#endif
3654 ],
3655 [ char *lastlog = LASTLOG_FILE; ],
3656 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3657 [
3658 AC_MSG_RESULT(no)
3659 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3660 AC_TRY_COMPILE([
3661#include <sys/types.h>
3662#include <utmp.h>
3663#ifdef HAVE_LASTLOG_H
3664# include <lastlog.h>
3665#endif
3666#ifdef HAVE_PATHS_H
3667# include <paths.h>
3668#endif
3669 ],
3670 [ char *lastlog = _PATH_LASTLOG; ],
3671 [ AC_MSG_RESULT(yes) ],
3672 [
f282b668 3673 AC_MSG_RESULT(no)
d7c0f3d5 3674 system_lastlog_path=no
3675 ])
3676 ]
1d7b9b20 3677)
d7c0f3d5 3678
1d7b9b20 3679if test -z "$conf_lastlog_location"; then
3680 if test x"$system_lastlog_path" = x"no" ; then
3681 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3682 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3683 conf_lastlog_location=$f
3684 fi
3685 done
3686 if test -z "$conf_lastlog_location"; then
f8119cef 3687 AC_MSG_WARN([** Cannot find lastlog **])
3688 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3689 fi
3690 fi
3691fi
3692
3693if test -n "$conf_lastlog_location"; then
3466e002 3694 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3695 [Define if you want to specify the path to your lastlog file])
82f4e93d 3696fi
1d7b9b20 3697
3698dnl utmp detection
3699AC_MSG_CHECKING([if your system defines UTMP_FILE])
3700AC_TRY_COMPILE([
3701#include <sys/types.h>
3702#include <utmp.h>
d7c0f3d5 3703#ifdef HAVE_PATHS_H
1d7b9b20 3704# include <paths.h>
3705#endif
3706 ],
3707 [ char *utmp = UTMP_FILE; ],
3708 [ AC_MSG_RESULT(yes) ],
3709 [ AC_MSG_RESULT(no)
3710 system_utmp_path=no ]
3711)
3712if test -z "$conf_utmp_location"; then
3713 if test x"$system_utmp_path" = x"no" ; then
3714 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3715 if test -f $f ; then
3716 conf_utmp_location=$f
3717 fi
3718 done
3719 if test -z "$conf_utmp_location"; then
3720 AC_DEFINE(DISABLE_UTMP)
3721 fi
3722 fi
3723fi
3724if test -n "$conf_utmp_location"; then
3466e002 3725 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3726 [Define if you want to specify the path to your utmp file])
82f4e93d 3727fi
1d7b9b20 3728
3729dnl wtmp detection
3730AC_MSG_CHECKING([if your system defines WTMP_FILE])
3731AC_TRY_COMPILE([
3732#include <sys/types.h>
3733#include <utmp.h>
d7c0f3d5 3734#ifdef HAVE_PATHS_H
1d7b9b20 3735# include <paths.h>
3736#endif
3737 ],
3738 [ char *wtmp = WTMP_FILE; ],
3739 [ AC_MSG_RESULT(yes) ],
3740 [ AC_MSG_RESULT(no)
3741 system_wtmp_path=no ]
3742)
3743if test -z "$conf_wtmp_location"; then
3744 if test x"$system_wtmp_path" = x"no" ; then
3745 for f in /usr/adm/wtmp /var/log/wtmp; do
3746 if test -f $f ; then
3747 conf_wtmp_location=$f
3748 fi
3749 done
3750 if test -z "$conf_wtmp_location"; then
3751 AC_DEFINE(DISABLE_WTMP)
3752 fi
3753 fi
3754fi
3755if test -n "$conf_wtmp_location"; then
3466e002 3756 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3757 [Define if you want to specify the path to your wtmp file])
82f4e93d 3758fi
1d7b9b20 3759
3760
3761dnl utmpx detection - I don't know any system so perverse as to require
3762dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3763dnl there, though.
3764AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3765AC_TRY_COMPILE([
3766#include <sys/types.h>
3767#include <utmp.h>
3768#ifdef HAVE_UTMPX_H
3769#include <utmpx.h>
3770#endif
d7c0f3d5 3771#ifdef HAVE_PATHS_H
1d7b9b20 3772# include <paths.h>
3773#endif
3774 ],
3775 [ char *utmpx = UTMPX_FILE; ],
3776 [ AC_MSG_RESULT(yes) ],
3777 [ AC_MSG_RESULT(no)
3778 system_utmpx_path=no ]
3779)
3780if test -z "$conf_utmpx_location"; then
3781 if test x"$system_utmpx_path" = x"no" ; then
3782 AC_DEFINE(DISABLE_UTMPX)
3783 fi
3784else
3466e002 3785 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3786 [Define if you want to specify the path to your utmpx file])
82f4e93d 3787fi
1d7b9b20 3788
3789dnl wtmpx detection
3790AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3791AC_TRY_COMPILE([
3792#include <sys/types.h>
3793#include <utmp.h>
3794#ifdef HAVE_UTMPX_H
3795#include <utmpx.h>
3796#endif
d7c0f3d5 3797#ifdef HAVE_PATHS_H
1d7b9b20 3798# include <paths.h>
3799#endif
3800 ],
3801 [ char *wtmpx = WTMPX_FILE; ],
3802 [ AC_MSG_RESULT(yes) ],
3803 [ AC_MSG_RESULT(no)
3804 system_wtmpx_path=no ]
3805)
3806if test -z "$conf_wtmpx_location"; then
3807 if test x"$system_wtmpx_path" = x"no" ; then
3808 AC_DEFINE(DISABLE_WTMPX)
3809 fi
3810else
3466e002 3811 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3812 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3813fi
1d7b9b20 3814
b7a87eea 3815
bd499f9e 3816if test ! -z "$blibpath" ; then
68ece370 3817 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3818 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3819fi
3820
ddceb1c8 3821dnl remove pam and dl because they are in $LIBPAM
3822if test "$PAM_MSG" = yes ; then
98f2d9d5 3823 LIBS=`echo $LIBS | sed 's/-lpam //'`
3824fi
3825if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3826 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3827fi
3828
ed89c848 3829dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3830dnl Add now.
3831CFLAGS="$CFLAGS $werror_flags"
3832
3c62e7eb 3833AC_EXEEXT
d7cfdd7c 3834AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
46096a5b 3835 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3836AC_OUTPUT
d3083fbd 3837
cbd7492e 3838# Print summary of options
3839
cbd7492e 3840# Someone please show me a better way :)
3841A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3842B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3843C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3844D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3845E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3846F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3847G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3848H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3849I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3850J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3851
3852echo ""
26de7942 3853echo "OpenSSH has been configured with the following options:"
ecac8ee5 3854echo " User binaries: $B"
3855echo " System binaries: $C"
3856echo " Configuration files: $D"
3857echo " Askpass program: $E"
3858echo " Manual pages: $F"
3859echo " PID file: $G"
3860echo " Privilege separation chroot path: $H"
95b99395 3861if test "x$external_path_file" = "x/etc/login.conf" ; then
3862echo " At runtime, sshd will use the path defined in $external_path_file"
3863echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3864else
ecac8ee5 3865echo " sshd default user PATH: $I"
89bbd457 3866 if test ! -z "$external_path_file"; then
95b99395 3867echo " (If PATH is set in $external_path_file it will be used instead. If"
3868echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3869 fi
8d184c09 3870fi
06617857 3871if test ! -z "$superuser_path" ; then
ecac8ee5 3872echo " sshd superuser user PATH: $J"
3873fi
3874echo " Manpage format: $MANTYPE"
3e05e934 3875echo " PAM support: $PAM_MSG"
ecac8ee5 3876echo " KerberosV support: $KRB5_MSG"
ef4d1846 3877echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3878echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3879echo " S/KEY support: $SKEY_MSG"
3880echo " TCP Wrappers support: $TCPW_MSG"
3881echo " MD5 password support: $MD5_MSG"
59031773 3882echo " libedit support: $LIBEDIT_MSG"
3deb1408 3883echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3884echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3885echo " BSD Auth support: $BSD_AUTH_MSG"
3886echo " Random number source: $RAND_MSG"
f1b0ecc3 3887if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3888echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3889fi
3890
cbd7492e 3891echo ""
3892
0c2fb82f 3893echo " Host: ${host}"
3894echo " Compiler: ${CC}"
3895echo " Compiler flags: ${CFLAGS}"
3896echo "Preprocessor flags: ${CPPFLAGS}"
3897echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3898echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3899
3900echo ""
3901
9cefe228 3902if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3903 echo "SVR4 style packages are supported with \"make package\""
3904 echo ""
9cefe228 3905fi
3906
adeebd37 3907if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3908 echo "PAM is enabled. You may need to install a PAM control file "
3909 echo "for sshd, otherwise password authentication may fail. "
aff51935 3910 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3911 echo "subdirectory"
adeebd37 3912 echo ""
3913fi
3914
f1b0ecc3 3915if test ! -z "$RAND_HELPER_CMDHASH" ; then
3916 echo "WARNING: you are using the builtin random number collection "
3917 echo "service. Please read WARNING.RNG and request that your OS "
3918 echo "vendor includes kernel-based random number collection in "
3919 echo "future versions of your OS."
2c523de9 3920 echo ""
3921fi
af774732 3922
2f6f9cff 3923if test ! -z "$NO_PEERCHECK" ; then
3924 echo "WARNING: the operating system that you are using does not "
3925 echo "appear to support either the getpeereid() API nor the "
3926 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3927 echo "enforce security checks to prevent unauthorised connections to "
3928 echo "ssh-agent. Their absence increases the risk that a malicious "
3929 echo "user can connect to your agent. "
3930 echo ""
3931fi
3932
7b578f7d 3933if test "$AUDIT_MODULE" = "bsm" ; then
3934 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3935 echo "See the Solaris section in README.platform for details."
3936fi
git-cvsimport mirror of OpenSSH
This page took 4.943354 seconds and 5 git commands to generate.