]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 110 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
caa21240 115 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 116 # and/or platforms, so we test if we can. If it's not supported
117 # on a give platform gcc will emit a warning so we use -Werror.
caa21240 118 if test "x$use_stack_protector" = "x1"; then
119 for t in -fstack-protector-all -fstack-protector; do
23c5c479 120 AC_MSG_CHECKING(if $CC supports $t)
caa21240 121 saved_CFLAGS="$CFLAGS"
122 saved_LDFLAGS="$LDFLAGS"
23c5c479 123 CFLAGS="$CFLAGS $t -Werror"
124 LDFLAGS="$LDFLAGS $t -Werror"
125 AC_LINK_IFELSE(
126 [AC_LANG_SOURCE([
127#include <stdlib.h>
128int main(void){return 0;}
129 ])],
caa21240 130 [ AC_MSG_RESULT(yes)
23c5c479 131 CFLAGS="$saved_CFLAGS $t"
132 LDFLAGS="$saved_LDFLAGS $t"
caa21240 133 AC_MSG_CHECKING(if $t works)
134 AC_RUN_IFELSE(
135 [AC_LANG_SOURCE([
136#include <stdlib.h>
137int main(void){exit(0);}
138 ])],
139 [ AC_MSG_RESULT(yes)
140 break ],
141 [ AC_MSG_RESULT(no) ],
142 [ AC_MSG_WARN([cross compiling: cannot test])
143 break ]
23c5c479 144 )
caa21240 145 ],
146 [ AC_MSG_RESULT(no) ]
147 )
148 CFLAGS="$saved_CFLAGS"
149 LDFLAGS="$saved_LDFLAGS"
150 done
151 fi
eb5a7224 152
dfafb2e1 153 if test -z "$have_llong_max"; then
154 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
155 unset ac_cv_have_decl_LLONG_MAX
156 saved_CFLAGS="$CFLAGS"
157 CFLAGS="$CFLAGS -std=gnu99"
158 AC_CHECK_DECL(LLONG_MAX,
159 [have_llong_max=1],
160 [CFLAGS="$saved_CFLAGS"],
161 [#include <limits.h>]
162 )
163 fi
d423d822 164fi
165
0b9fdeb8 166if test "x$no_attrib_nonnull" != "x1" ; then
167 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
168fi
169
e6354014 170AC_ARG_WITH(rpath,
171 [ --without-rpath Disable auto-added -R linker paths],
172 [
82f4e93d 173 if test "x$withval" = "xno" ; then
e6354014 174 need_dash_r=""
175 fi
176 if test "x$withval" = "xyes" ; then
177 need_dash_r=1
178 fi
179 ]
180)
181
aa56f760 182# Allow user to specify flags
183AC_ARG_WITH(cflags,
184 [ --with-cflags Specify additional flags to pass to compiler],
185 [
186 if test -n "$withval" && test "x$withval" != "xno" && \
187 test "x${withval}" != "xyes"; then
188 CFLAGS="$CFLAGS $withval"
189 fi
190 ]
191)
192AC_ARG_WITH(cppflags,
193 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
194 [
195 if test -n "$withval" && test "x$withval" != "xno" && \
196 test "x${withval}" != "xyes"; then
197 CPPFLAGS="$CPPFLAGS $withval"
198 fi
199 ]
200)
201AC_ARG_WITH(ldflags,
202 [ --with-ldflags Specify additional flags to pass to linker],
203 [
204 if test -n "$withval" && test "x$withval" != "xno" && \
205 test "x${withval}" != "xyes"; then
206 LDFLAGS="$LDFLAGS $withval"
207 fi
208 ]
209)
210AC_ARG_WITH(libs,
211 [ --with-libs Specify additional libraries to link with],
212 [
213 if test -n "$withval" && test "x$withval" != "xno" && \
214 test "x${withval}" != "xyes"; then
215 LIBS="$LIBS $withval"
216 fi
217 ]
218)
219AC_ARG_WITH(Werror,
220 [ --with-Werror Build main code with -Werror],
221 [
222 if test -n "$withval" && test "x$withval" != "xno"; then
223 werror_flags="-Werror"
224 if test "x${withval}" != "xyes"; then
225 werror_flags="$withval"
226 fi
227 fi
228 ]
229)
230
231AC_CHECK_HEADERS( \
232 bstring.h \
233 crypt.h \
234 crypto/sha2.h \
235 dirent.h \
236 endian.h \
237 features.h \
238 fcntl.h \
239 floatingpoint.h \
240 getopt.h \
241 glob.h \
242 ia.h \
243 iaf.h \
244 limits.h \
245 login.h \
246 maillock.h \
247 ndir.h \
248 net/if_tun.h \
249 netdb.h \
250 netgroup.h \
251 pam/pam_appl.h \
252 paths.h \
6d39a5c4 253 poll.h \
aa56f760 254 pty.h \
255 readpassphrase.h \
256 rpc/types.h \
257 security/pam_appl.h \
258 sha2.h \
259 shadow.h \
260 stddef.h \
261 stdint.h \
262 string.h \
263 strings.h \
264 sys/audit.h \
265 sys/bitypes.h \
266 sys/bsdtty.h \
267 sys/cdefs.h \
268 sys/dir.h \
269 sys/mman.h \
270 sys/ndir.h \
8aa5db7d 271 sys/poll.h \
aa56f760 272 sys/prctl.h \
273 sys/pstat.h \
274 sys/select.h \
275 sys/stat.h \
276 sys/stream.h \
277 sys/stropts.h \
278 sys/strtio.h \
279 sys/sysmacros.h \
280 sys/time.h \
281 sys/timers.h \
282 sys/un.h \
283 time.h \
284 tmpdir.h \
285 ttyent.h \
40701614 286 ucred.h \
aa56f760 287 unistd.h \
288 usersec.h \
289 util.h \
290 utime.h \
291 utmp.h \
292 utmpx.h \
293 vis.h \
294)
295
296# lastlog.h requires sys/time.h to be included first on Solaris
297AC_CHECK_HEADERS(lastlog.h, [], [], [
298#ifdef HAVE_SYS_TIME_H
299# include <sys/time.h>
300#endif
301])
302
303# sys/ptms.h requires sys/stream.h to be included first on Solaris
304AC_CHECK_HEADERS(sys/ptms.h, [], [], [
305#ifdef HAVE_SYS_STREAM_H
306# include <sys/stream.h>
307#endif
308])
309
310# login_cap.h requires sys/types.h on NetBSD
311AC_CHECK_HEADERS(login_cap.h, [], [], [
312#include <sys/types.h>
313])
314
5b84789f 315# Messages for features tested for in target-specific section
316SIA_MSG="no"
317SPC_MSG="no"
318
a0391976 319# Check for some target-specific stuff
a7effaac 320case "$host" in
9d6b1b96 321*-*-aix*)
25a2779b 322 # Some versions of VAC won't allow macro redefinitions at
323 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
324 # particularly with older versions of vac or xlc.
325 # It also throws errors about null macro argments, but these are
326 # not fatal.
327 AC_MSG_CHECKING(if compiler allows macro redefinitions)
328 AC_COMPILE_IFELSE(
329 [AC_LANG_SOURCE([[
330#define testmacro foo
331#define testmacro bar
332int main(void) { exit(0); }
333 ]])],
334 [ AC_MSG_RESULT(yes) ],
335 [ AC_MSG_RESULT(no)
336 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
337 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
338 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
339 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
340 ]
341 )
342
aff51935 343 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 344 if (test -z "$blibpath"); then
0a15d73b 345 blibpath="/usr/lib:/lib"
68ece370 346 fi
347 saved_LDFLAGS="$LDFLAGS"
e7479666 348 if test "$GCC" = "yes"; then
349 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
350 else
351 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
352 fi
353 for tryflags in $flags ;do
68ece370 354 if (test -z "$blibflags"); then
355 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
356 AC_TRY_LINK([], [], [blibflags=$tryflags])
357 fi
358 done
359 if (test -z "$blibflags"); then
360 AC_MSG_RESULT(not found)
361 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
362 else
363 AC_MSG_RESULT($blibflags)
bd499f9e 364 fi
68ece370 365 LDFLAGS="$saved_LDFLAGS"
e351e493 366 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 367 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
368 [Define if you want to enable AIX4's authenticate function])],
0764e748 369 [AC_CHECK_LIB(s,authenticate,
e351e493 370 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 371 LIBS="$LIBS -ls"
372 ])
373 ])
ba603e06 374 dnl Check for various auth function declarations in headers.
c85ed8e2 375 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 376 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 377 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 378 AC_CHECK_DECLS(loginfailed,
e351e493 379 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
380 AC_TRY_COMPILE(
f58c0e01 381 [#include <usersec.h>],
e351e493 382 [(void)loginfailed("user","host","tty",0);],
383 [AC_MSG_RESULT(yes)
3466e002 384 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
385 [Define if your AIX loginfailed() function
386 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 387 [AC_MSG_RESULT(no)]
e351e493 388 )],
389 [],
390 [#include <usersec.h>]
391 )
533a78f0 392 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 393 AC_CHECK_DECL(F_CLOSEM,
795e7517 394 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 395 [],
396 [ #include <limits.h>
397 #include <fcntl.h> ]
398 )
5ccf88cb 399 check_for_aix_broken_getaddrinfo=1
3466e002 400 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
401 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
402 [Define if your platform breaks doing a seteuid before a setuid])
403 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
404 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 405 dnl AIX handles lastlog as part of its login message
3466e002 406 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
407 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
408 [Some systems need a utmpx entry for /bin/login to work])
409 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
410 [Define to a Set Process Title type if your system is
411 supported by bsd-setproctitle.c])
961c2997 412 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
413 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 414 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 415 ;;
3c62e7eb 416*-*-cygwin*)
a52997bd 417 check_for_libcrypt_later=1
04765d02 418 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 419 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
420 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
421 AC_DEFINE(DISABLE_SHADOW, 1,
422 [Define if you want to disable shadow passwords])
423 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
424 [Define if your system choked on IP TOS setting])
425 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
426 [Define if X11 doesn't support AF_UNIX sockets on that system])
427 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
428 [Define if the concept of ports only accessible to
429 superusers isn't known])
430 AC_DEFINE(DISABLE_FD_PASSING, 1,
431 [Define if your platform needs to skip post auth
432 file descriptor passing])
3c62e7eb 433 ;;
d6fdb079 434*-*-dgux*)
435 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 436 AC_DEFINE(SETEUID_BREAKS_SETUID)
437 AC_DEFINE(BROKEN_SETREUID)
438 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 439 ;;
39c98ef7 440*-*-darwin*)
33e2e066 441 AC_MSG_CHECKING(if we have working getaddrinfo)
442 AC_TRY_RUN([#include <mach-o/dyld.h>
443main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
444 exit(0);
445 else
446 exit(1);
447}], [AC_MSG_RESULT(working)],
448 [AC_MSG_RESULT(buggy)
3466e002 449 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 450 [AC_MSG_RESULT(assume it is working)])
635e0c42 451 AC_DEFINE(SETEUID_BREAKS_SETUID)
452 AC_DEFINE(BROKEN_SETREUID)
453 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 454 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 455 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
456 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 457 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
458 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
459 [Use tunnel device compatibility to OpenBSD])
460 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
461 [Prepend the address family to IP tunnel traffic])
a74e9b64 462 m4_pattern_allow(AU_IPv)
463 AC_CHECK_DECL(AU_IPv4, [],
464 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
465 [#include <bsm/audit.h>]
466 )
39c98ef7 467 ;;
36f36ba3 468*-*-dragonfly*)
469 SSHDLIBS="$SSHDLIBS -lcrypt"
470 ;;
7d458c86 471*-*-hpux*)
472 # first we define all of the options common to all HP-UX releases
b8fea62d 473 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 474 IPADDR_IN_DISPLAY=yes
2b10f47a 475 AC_DEFINE(USE_PIPES)
3466e002 476 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
477 [Define if your login program cannot handle end of options ("--")])
a2572aa7 478 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 479 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
480 [String used in /etc/passwd to denote locked account])
3a2b2b44 481 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 482 MAIL="/var/mail/username"
f75ca46d 483 LIBS="$LIBS -lsec"
7d458c86 484 AC_CHECK_LIB(xnet, t_error, ,
485 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
486
487 # next, we define all of the options specific to major releases
488 case "$host" in
489 *-*-hpux10*)
490 if test -z "$GCC"; then
491 CFLAGS="$CFLAGS -Ae"
492 fi
493 ;;
494 *-*-hpux11*)
3466e002 495 AC_DEFINE(PAM_SUN_CODEBASE, 1,
496 [Define if you are using Solaris-derived PAM which
497 passes pam_messages to the conversation function
498 with an extra level of indirection])
499 AC_DEFINE(DISABLE_UTMP, 1,
500 [Define if you don't want to use utmp])
7d458c86 501 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
502 check_for_hpux_broken_getaddrinfo=1
503 check_for_conflicting_getspnam=1
504 ;;
505 esac
506
507 # lastly, we define options specific to minor releases
508 case "$host" in
509 *-*-hpux10.26)
3466e002 510 AC_DEFINE(HAVE_SECUREWARE, 1,
511 [Define if you have SecureWare-based
512 protected password database])
7d458c86 513 disable_ptmx_check=yes
514 LIBS="$LIBS -lsecpw"
515 ;;
516 esac
2b763e31 517 ;;
d94aa2ae 518*-*-irix5*)
6ac7829a 519 PATH="$PATH:/usr/etc"
3466e002 520 AC_DEFINE(BROKEN_INET_NTOA, 1,
521 [Define if you system's inet_ntoa is busted
522 (e.g. Irix gcc issue)])
cb433561 523 AC_DEFINE(SETEUID_BREAKS_SETUID)
524 AC_DEFINE(BROKEN_SETREUID)
525 AC_DEFINE(BROKEN_SETREGID)
3466e002 526 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
527 [Define if you shouldn't strip 'tty' from your
528 ttyname in [uw]tmp])
3e6e3da0 529 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 530 ;;
531*-*-irix6*)
6ac7829a 532 PATH="$PATH:/usr/etc"
3466e002 533 AC_DEFINE(WITH_IRIX_ARRAY, 1,
534 [Define if you have/want arrays
535 (cluster-wide session managment, not C arrays)])
536 AC_DEFINE(WITH_IRIX_PROJECT, 1,
537 [Define if you want IRIX project management])
538 AC_DEFINE(WITH_IRIX_AUDIT, 1,
539 [Define if you want IRIX audit trails])
540 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
541 [Define if you want IRIX kernel jobs])])
416ed5a7 542 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 543 AC_DEFINE(SETEUID_BREAKS_SETUID)
544 AC_DEFINE(BROKEN_SETREUID)
545 AC_DEFINE(BROKEN_SETREGID)
3466e002 546 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 547 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 548 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 549 ;;
5cdfe03f 550*-*-linux*)
551 no_dev_ptmx=1
717057b6 552 check_for_libcrypt_later=1
eacb954e 553 check_for_openpty_ctty_bug=1
3466e002 554 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
555 AC_DEFINE(PAM_TTY_KLUDGE, 1,
556 [Work around problematic Linux PAM modules handling of PAM_TTY])
557 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
558 [String used in /etc/passwd to denote locked account])
3a2b2b44 559 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 560 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
561 [Define to whatever link() returns for "not supported"
562 if it doesn't return EOPNOTSUPP.])
b6610e8f 563 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 564 AC_DEFINE(USE_BTMP)
80faa19f 565 inet6_default_4in6=yes
bf7c1e6c 566 case `uname -r` in
ad84c479 567 1.*|2.0.*)
3466e002 568 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
569 [Define if cmsg_type is not passed correctly])
bf7c1e6c 570 ;;
bf7c1e6c 571 esac
c40f09ca 572 # tun(4) forwarding compat code
d91775e1 573 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 574 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 575 AC_DEFINE(SSH_TUN_LINUX, 1,
576 [Open tunnel devices the Linux tun/tap way])
577 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
578 [Use tunnel device compatibility to OpenBSD])
579 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
580 [Prepend the address family to IP tunnel traffic])
581 fi
5cdfe03f 582 ;;
66d6c27e 583mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 584 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 585 SONY=1
66d6c27e 586 ;;
d468fc76 587*-*-netbsd*)
33e2e066 588 check_for_libcrypt_before=1
82f4e93d 589 if test "x$withval" != "xno" ; then
e6354014 590 need_dash_r=1
591 fi
0f6cb079 592 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
593 AC_CHECK_HEADER([net/if_tap.h], ,
594 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
595 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
596 [Prepend the address family to IP tunnel traffic])
d468fc76 597 ;;
86b416a7 598*-*-freebsd*)
599 check_for_libcrypt_later=1
988c5031 600 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 601 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
602 AC_CHECK_HEADER([net/if_tap.h], ,
603 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 604 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 605 ;;
8707b7eb 606*-*-bsdi*)
607 AC_DEFINE(SETEUID_BREAKS_SETUID)
608 AC_DEFINE(BROKEN_SETREUID)
609 AC_DEFINE(BROKEN_SETREGID)
610 ;;
729bfe59 611*-next-*)
729bfe59 612 conf_lastlog_location="/usr/adm/lastlog"
698d107e 613 conf_utmp_location=/etc/utmp
614 conf_wtmp_location=/usr/adm/wtmp
615 MAIL=/usr/spool/mail
3466e002 616 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 617 AC_DEFINE(BROKEN_REALPATH)
00937921 618 AC_DEFINE(USE_PIPES)
3466e002 619 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 620 ;;
5b7b5e23 621*-*-openbsd*)
622 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 623 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 624 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 625 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
626 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 627 ;;
9d6b1b96 628*-*-solaris*)
82f4e93d 629 if test "x$withval" != "xno" ; then
010e9d5b 630 need_dash_r=1
631 fi
adeebd37 632 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 633 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 634 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
635 [Some versions of /bin/login need the TERM supplied
636 on the commandline])
7f0a4ff1 637 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 638 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
639 [Define if pam_chauthtok wants real uid set
640 to the unpriv'ed user])
3e6e3da0 641 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 642 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 643 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
644 [Define if sshd somehow reacquires a controlling TTY
645 after setsid()])
795aa5f5 646 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
647 in case the name is longer than 8 chars])
95b99395 648 external_path_file=/etc/default/login
1d7b9b20 649 # hardwire lastlog location (can't detect it on some versions)
650 conf_lastlog_location="/var/adm/lastlog"
32c80420 651 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
652 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
653 if test "$sol2ver" -ge 8; then
654 AC_MSG_RESULT(yes)
655 AC_DEFINE(DISABLE_UTMP)
3466e002 656 AC_DEFINE(DISABLE_WTMP, 1,
657 [Define if you don't want to use wtmp])
32c80420 658 else
659 AC_MSG_RESULT(no)
660 fi
5b84789f 661 AC_ARG_WITH(solaris-contracts,
662 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
663 [
664 AC_CHECK_LIB(contract, ct_tmpl_activate,
665 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
666 [Define if you have Solaris process contracts])
667 SSHDLIBS="$SSHDLIBS -lcontract"
668 AC_SUBST(SSHDLIBS)
669 SPC_MSG="yes" ], )
670 ],
671 )
9d6b1b96 672 ;;
a423beaf 673*-*-sunos4*)
0c2fb82f 674 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 675 AC_CHECK_FUNCS(getpwanam)
adeebd37 676 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 677 conf_utmp_location=/etc/utmp
678 conf_wtmp_location=/var/adm/wtmp
679 conf_lastlog_location=/var/adm/lastlog
137d7b6c 680 AC_DEFINE(USE_PIPES)
a423beaf 681 ;;
6f68f28a 682*-ncr-sysv*)
98a7c37b 683 LIBS="$LIBS -lc89"
29525240 684 AC_DEFINE(USE_PIPES)
eabb99c6 685 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 686 AC_DEFINE(SETEUID_BREAKS_SETUID)
687 AC_DEFINE(BROKEN_SETREUID)
688 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 689 ;;
132dd316 690*-sni-sysv*)
c8c15bcb 691 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 692 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 693 # -lresolv needs to be at the end of LIBS or DNS lookups break
694 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 695 IPADDR_IN_DISPLAY=yes
696 AC_DEFINE(USE_PIPES)
132dd316 697 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 698 AC_DEFINE(SETEUID_BREAKS_SETUID)
699 AC_DEFINE(BROKEN_SETREUID)
700 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 701 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 702 external_path_file=/etc/default/login
c8c15bcb 703 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
704 # Attention: always take care to bind libsocket and libnsl before libc,
705 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 706 ;;
79a7ba96 707# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 708*-*-sysv4.2*)
ed6553e2 709 AC_DEFINE(USE_PIPES)
7ed101c0 710 AC_DEFINE(SETEUID_BREAKS_SETUID)
711 AC_DEFINE(BROKEN_SETREUID)
712 AC_DEFINE(BROKEN_SETREGID)
46f853b9 713 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 714 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 715 ;;
79a7ba96 716# UnixWare 7.x, OpenUNIX 8
77bb0bca 717*-*-sysv5*)
d7d2cc6e 718 check_for_libcrypt_later=1
719 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 720 AC_DEFINE(USE_PIPES)
7ed101c0 721 AC_DEFINE(SETEUID_BREAKS_SETUID)
722 AC_DEFINE(BROKEN_SETREUID)
723 AC_DEFINE(BROKEN_SETREGID)
3466e002 724 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 725 case "$host" in
726 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
727 TEST_SHELL=/u95/bin/sh
3466e002 728 AC_DEFINE(BROKEN_LIBIAF, 1,
729 [ia_uinfo routines not supported by OS yet])
5cc6ddad 730 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 731 ;;
e45da4d6 732 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
733 ;;
822015dd 734 esac
77bb0bca 735 ;;
9d6b1b96 736*-*-sysv*)
9d6b1b96 737 ;;
79a7ba96 738# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 739*-*-sco3.2v4*)
11cf4f1f 740 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 741 ;;
79a7ba96 742# SCO OpenServer 5.x
77bb0bca 743*-*-sco3.2v5*)
21710e39 744 if test -z "$GCC"; then
745 CFLAGS="$CFLAGS -belf"
746 fi
ed6553e2 747 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 748 no_dev_ptmx=1
ed6553e2 749 AC_DEFINE(USE_PIPES)
6e879cb4 750 AC_DEFINE(HAVE_SECUREWARE)
d287c664 751 AC_DEFINE(DISABLE_SHADOW)
94d8258b 752 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 753 AC_DEFINE(SETEUID_BREAKS_SETUID)
754 AC_DEFINE(BROKEN_SETREUID)
755 AC_DEFINE(BROKEN_SETREGID)
bcebad47 756 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 757 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 758 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 759 AC_CHECK_FUNCS(getluid setluid)
533875af 760 MANTYPE=man
a3245b92 761 TEST_SHELL=ksh
509b1f88 762 ;;
ccbb983c 763*-*-unicosmk*)
3466e002 764 AC_DEFINE(NO_SSH_LASTLOG, 1,
765 [Define if you don't want to use lastlog in session.c])
c1ad5966 766 AC_DEFINE(SETEUID_BREAKS_SETUID)
767 AC_DEFINE(BROKEN_SETREUID)
768 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 769 AC_DEFINE(USE_PIPES)
770 AC_DEFINE(DISABLE_FD_PASSING)
771 LDFLAGS="$LDFLAGS"
772 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
773 MANTYPE=cat
d262b7f2 774 ;;
7b9a8c6e 775*-*-unicosmp*)
c1ad5966 776 AC_DEFINE(SETEUID_BREAKS_SETUID)
777 AC_DEFINE(BROKEN_SETREUID)
778 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 779 AC_DEFINE(WITH_ABBREV_NO_TTY)
780 AC_DEFINE(USE_PIPES)
781 AC_DEFINE(DISABLE_FD_PASSING)
782 LDFLAGS="$LDFLAGS"
c1ad5966 783 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 784 MANTYPE=cat
785 ;;
ca5c7d6a 786*-*-unicos*)
c1ad5966 787 AC_DEFINE(SETEUID_BREAKS_SETUID)
788 AC_DEFINE(BROKEN_SETREUID)
789 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 790 AC_DEFINE(USE_PIPES)
94d8258b 791 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 792 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 793 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
794 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
795 MANTYPE=cat
a704dd54 796 ;;
4d33e531 797*-dec-osf*)
99c8ddac 798 AC_MSG_CHECKING(for Digital Unix SIA)
799 no_osfsia=""
800 AC_ARG_WITH(osfsia,
801 [ --with-osfsia Enable Digital Unix SIA],
802 [
803 if test "x$withval" = "xno" ; then
804 AC_MSG_RESULT(disabled)
805 no_osfsia=1
806 fi
807 ],
808 )
809 if test -z "$no_osfsia" ; then
4d33e531 810 if test -f /etc/sia/matrix.conf; then
811 AC_MSG_RESULT(yes)
3466e002 812 AC_DEFINE(HAVE_OSF_SIA, 1,
813 [Define if you have Digital Unix Security
814 Integration Architecture])
815 AC_DEFINE(DISABLE_LOGIN, 1,
816 [Define if you don't want to use your
817 system's login() call])
58d0df4e 818 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 819 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 820 SIA_MSG="yes"
4d33e531 821 else
822 AC_MSG_RESULT(no)
3466e002 823 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
824 [String used in /etc/passwd to denote locked account])
4d33e531 825 fi
826 fi
a6e67b60 827 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 828 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 829 AC_DEFINE(BROKEN_SETREUID)
830 AC_DEFINE(BROKEN_SETREGID)
4d33e531 831 ;;
41cb4569 832
9c54c067 833*-*-nto-qnx*)
41cb4569 834 AC_DEFINE(USE_PIPES)
835 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 836 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
837 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
838 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 839 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 840 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 841 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 842 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 843 case "$host" in
844 *-*-nto-qnx6*)
845 AC_DEFINE(DISABLE_FD_PASSING)
846 ;;
847 esac
41cb4569 848 ;;
35fc74ed 849
850*-*-ultrix*)
3466e002 851 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
852 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 853 AC_DEFINE(NEED_SETPGRP)
b5765e1d 854 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
855 ;;
157b6700 856
857*-*-lynxos)
858 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 859 AC_DEFINE(MISSING_HOWMANY)
157b6700 860 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
861 ;;
a7effaac 862esac
863
c5829391 864AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 865AC_RUN_IFELSE(
866 [AC_LANG_SOURCE([
c5829391 867#include <stdio.h>
868int main(){exit(0);}
479cece8 869 ])],
c5829391 870 [ AC_MSG_RESULT(yes) ],
871 [
872 AC_MSG_RESULT(no)
873 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 874 ],
875 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 876)
877
b04a9f8c 878dnl Checks for header files.
a0391976 879# Checks for libraries.
98a7c37b 880AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
881AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 882
446227d6 883dnl IRIX and Solaris 2.5.1 have dirname() in libgen
884AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
885 AC_CHECK_LIB(gen, dirname,[
886 AC_CACHE_CHECK([for broken dirname],
887 ac_cv_have_broken_dirname, [
888 save_LIBS="$LIBS"
889 LIBS="$LIBS -lgen"
b0e7249f 890 AC_RUN_IFELSE(
891 [AC_LANG_SOURCE([[
446227d6 892#include <libgen.h>
893#include <string.h>
894
895int main(int argc, char **argv) {
896 char *s, buf[32];
897
898 strncpy(buf,"/etc", 32);
899 s = dirname(buf);
900 if (!s || strncmp(s, "/", 32) != 0) {
901 exit(1);
902 } else {
903 exit(0);
904 }
905}
b0e7249f 906 ]])],
907 [ ac_cv_have_broken_dirname="no" ],
908 [ ac_cv_have_broken_dirname="yes" ],
446227d6 909 [ ac_cv_have_broken_dirname="no" ],
446227d6 910 )
911 LIBS="$save_LIBS"
912 ])
913 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
914 LIBS="$LIBS -lgen"
915 AC_DEFINE(HAVE_DIRNAME)
916 AC_CHECK_HEADERS(libgen.h)
917 fi
918 ])
919])
920
921AC_CHECK_FUNC(getspnam, ,
922 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 923AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
924 [Define if you have the basename function.]))
446227d6 925
98a7c37b 926dnl zlib is required
927AC_ARG_WITH(zlib,
928 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 929 [ if test "x$withval" = "xno" ; then
930 AC_MSG_ERROR([*** zlib is required ***])
931 elif test "x$withval" != "xyes"; then
98a7c37b 932 if test -d "$withval/lib"; then
933 if test -n "${need_dash_r}"; then
5a162955 934 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 935 else
5a162955 936 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 937 fi
938 else
939 if test -n "${need_dash_r}"; then
5a162955 940 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 941 else
5a162955 942 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 943 fi
944 fi
945 if test -d "$withval/include"; then
5a162955 946 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 947 else
5a162955 948 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 949 fi
6dd05556 950 fi ]
98a7c37b 951)
952
0a15d73b 953AC_CHECK_LIB(z, deflate, ,
954 [
955 saved_CPPFLAGS="$CPPFLAGS"
956 saved_LDFLAGS="$LDFLAGS"
957 save_LIBS="$LIBS"
958 dnl Check default zlib install dir
959 if test -n "${need_dash_r}"; then
960 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
961 else
962 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
963 fi
964 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
965 LIBS="$LIBS -lz"
966 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
967 [
968 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
969 ]
970 )
971 ]
972)
4ad65809 973AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 974
975AC_ARG_WITH(zlib-version-check,
976 [ --without-zlib-version-check Disable zlib version check],
977 [ if test "x$withval" = "xno" ; then
978 zlib_check_nonfatal=1
979 fi
980 ]
981)
982
5c7fc85d 983AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 984AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 985#include <stdio.h>
4ad65809 986#include <zlib.h>
987int main()
988{
5c7fc85d 989 int a=0, b=0, c=0, d=0, n, v;
990 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
991 if (n != 3 && n != 4)
4ad65809 992 exit(1);
5c7fc85d 993 v = a*1000000 + b*10000 + c*100 + d;
994 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
995
996 /* 1.1.4 is OK */
997 if (a == 1 && b == 1 && c >= 4)
4ad65809 998 exit(0);
5c7fc85d 999
0072b59d 1000 /* 1.2.3 and up are OK */
1001 if (v >= 1020300)
5c7fc85d 1002 exit(0);
1003
4ad65809 1004 exit(2);
1005}
479cece8 1006 ]])],
5c7fc85d 1007 AC_MSG_RESULT(no),
1008 [ AC_MSG_RESULT(yes)
8068d564 1009 if test -z "$zlib_check_nonfatal" ; then
1010 AC_MSG_ERROR([*** zlib too old - check config.log ***
1011Your reported zlib version has known security problems. It's possible your
1012vendor has fixed these problems without changing the version number. If you
1013are sure this is the case, you can disable the check by running
1014"./configure --without-zlib-version-check".
6090bcfe 1015If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1016See http://www.gzip.org/zlib/ for details.])
8068d564 1017 else
1018 AC_MSG_WARN([zlib version may have security problems])
1019 fi
1a01a50c 1020 ],
1021 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1022)
48e7916f 1023
2c523de9 1024dnl UnixWare 2.x
aff51935 1025AC_CHECK_FUNC(strcasecmp,
2c523de9 1026 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1027)
23361281 1028AC_CHECK_FUNCS(utimes,
cda1ebcb 1029 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1030 LIBS="$LIBS -lc89"]) ]
2c523de9 1031)
4cca272e 1032
7c6d759d 1033dnl Checks for libutil functions
1034AC_CHECK_HEADERS(libutil.h)
3466e002 1035AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1036 [Define if your libraries define login()])])
b3ef88dc 1037AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1038
a738c3b0 1039AC_FUNC_STRFTIME
1040
84ceda19 1041# Check for ALTDIRFUNC glob() extension
1042AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1043AC_EGREP_CPP(FOUNDIT,
1044 [
1045 #include <glob.h>
1046 #ifdef GLOB_ALTDIRFUNC
1047 FOUNDIT
1048 #endif
aff51935 1049 ],
84ceda19 1050 [
3466e002 1051 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1052 [Define if your system glob() function has
1053 the GLOB_ALTDIRFUNC extension])
84ceda19 1054 AC_MSG_RESULT(yes)
1055 ],
1056 [
1057 AC_MSG_RESULT(no)
1058 ]
1059)
4cca272e 1060
40849fdb 1061# Check for g.gl_matchc glob() extension
1062AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1063AC_TRY_COMPILE(
13ff27b7 1064 [ #include <glob.h> ],
1065 [glob_t g; g.gl_matchc = 1;],
aff51935 1066 [
3466e002 1067 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1068 [Define if your system glob() function has
1069 gl_matchc options in glob_t])
aff51935 1070 AC_MSG_RESULT(yes)
1071 ],
1072 [
1073 AC_MSG_RESULT(no)
1074 ]
40849fdb 1075)
1076
78888bab 1077AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1078
edbe6722 1079AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1080AC_RUN_IFELSE(
479cece8 1081 [AC_LANG_SOURCE([[
edbe6722 1082#include <sys/types.h>
1083#include <dirent.h>
aec4cb4f 1084int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1085 ]])],
aff51935 1086 [AC_MSG_RESULT(yes)],
edbe6722 1087 [
1088 AC_MSG_RESULT(no)
3466e002 1089 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1090 [Define if your struct dirent expects you to
3466e002 1091 allocate extra space for d_name])
1a01a50c 1092 ],
82f4e93d 1093 [
1a01a50c 1094 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1095 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1096 ]
1097)
1098
419e26e7 1099AC_MSG_CHECKING([for /proc/pid/fd directory])
1100if test -d "/proc/$$/fd" ; then
3466e002 1101 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1102 AC_MSG_RESULT(yes)
1103else
1104 AC_MSG_RESULT(no)
1105fi
1106
278588d8 1107# Check whether user wants S/Key support
aff51935 1108SKEY_MSG="no"
278588d8 1109AC_ARG_WITH(skey,
6ff3d0dc 1110 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1111 [
1112 if test "x$withval" != "xno" ; then
1113
1114 if test "x$withval" != "xyes" ; then
1115 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1116 LDFLAGS="$LDFLAGS -L${withval}/lib"
1117 fi
1118
3466e002 1119 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1120 LIBS="-lskey $LIBS"
aff51935 1121 SKEY_MSG="yes"
82f4e93d 1122
ddceb1c8 1123 AC_MSG_CHECKING([for s/key support])
b0e7249f 1124 AC_LINK_IFELSE(
1125 [AC_LANG_SOURCE([[
ddceb1c8 1126#include <stdio.h>
1127#include <skey.h>
aec4cb4f 1128int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1129 ]])],
ddceb1c8 1130 [AC_MSG_RESULT(yes)],
278588d8 1131 [
ddceb1c8 1132 AC_MSG_RESULT(no)
278588d8 1133 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1134 ])
141fc639 1135 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1136 AC_TRY_COMPILE(
1137 [#include <stdio.h>
1138 #include <skey.h>],
1139 [(void)skeychallenge(NULL,"name","",0);],
1140 [AC_MSG_RESULT(yes)
3466e002 1141 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1142 [Define if your skeychallenge()
1143 function takes 4 arguments (NetBSD)])],
141fc639 1144 [AC_MSG_RESULT(no)]
1145 )
278588d8 1146 fi
1147 ]
1148)
1149
1150# Check whether user wants TCP wrappers support
98a7c37b 1151TCPW_MSG="no"
278588d8 1152AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1153 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1154 [
1155 if test "x$withval" != "xno" ; then
1156 saved_LIBS="$LIBS"
98a7c37b 1157 saved_LDFLAGS="$LDFLAGS"
1158 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1159 if test -n "${withval}" && \
6cf0200f 1160 test "x${withval}" != "xyes"; then
98a7c37b 1161 if test -d "${withval}/lib"; then
1162 if test -n "${need_dash_r}"; then
5a162955 1163 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1164 else
5a162955 1165 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1166 fi
1167 else
1168 if test -n "${need_dash_r}"; then
5a162955 1169 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1170 else
5a162955 1171 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1172 fi
1173 fi
1174 if test -d "${withval}/include"; then
5a162955 1175 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1176 else
5a162955 1177 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1178 fi
98a7c37b 1179 fi
e54defb4 1180 LIBS="-lwrap $LIBS"
278588d8 1181 AC_MSG_CHECKING(for libwrap)
1182 AC_TRY_LINK(
1183 [
77f09220 1184#include <sys/types.h>
1185#include <sys/socket.h>
1186#include <netinet/in.h>
278588d8 1187#include <tcpd.h>
1188 int deny_severity = 0, allow_severity = 0;
1189 ],
1190 [hosts_access(0);],
1191 [
1192 AC_MSG_RESULT(yes)
3466e002 1193 AC_DEFINE(LIBWRAP, 1,
1194 [Define if you want
1195 TCP Wrappers support])
e54defb4 1196 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1197 TCPW_MSG="yes"
278588d8 1198 ],
1199 [
1200 AC_MSG_ERROR([*** libwrap missing])
1201 ]
1202 )
ddceb1c8 1203 LIBS="$saved_LIBS"
278588d8 1204 fi
1205 ]
1206)
1207
59031773 1208# Check whether user wants libedit support
1209LIBEDIT_MSG="no"
1210AC_ARG_WITH(libedit,
6ff3d0dc 1211 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1212 [ if test "x$withval" != "xno" ; then
737edf04 1213 if test "x$withval" != "xyes"; then
bb116c8e 1214 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1215 if test -n "${need_dash_r}"; then
1216 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1217 else
1218 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1219 fi
737edf04 1220 fi
59031773 1221 AC_CHECK_LIB(edit, el_init,
3466e002 1222 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1223 LIBEDIT="-ledit -lcurses"
1224 LIBEDIT_MSG="yes"
1225 AC_SUBST(LIBEDIT)
1226 ],
737edf04 1227 [ AC_MSG_ERROR(libedit not found) ],
1228 [ -lcurses ]
59031773 1229 )
f47ddccb 1230 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1231 AC_COMPILE_IFELSE(
1232 [AC_LANG_SOURCE([[
1233#include <histedit.h>
f47ddccb 1234int main(void)
1235{
1236 int i = H_SETSIZE;
1237 el_init("", NULL, NULL, NULL);
1238 exit(0);
1239}
d92622f9 1240 ]])],
f47ddccb 1241 [ AC_MSG_RESULT(yes) ],
1242 [ AC_MSG_RESULT(no)
1243 AC_MSG_ERROR(libedit version is not compatible) ]
1244 )
59031773 1245 fi ]
1246)
1247
7b578f7d 1248AUDIT_MODULE=none
1249AC_ARG_WITH(audit,
1250 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1251 [
1252 AC_MSG_CHECKING(for supported audit module)
1253 case "$withval" in
1254 bsm)
1255 AC_MSG_RESULT(bsm)
1256 AUDIT_MODULE=bsm
1257 dnl Checks for headers, libs and functions
1258 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1259 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1260 [
1261#ifdef HAVE_TIME_H
1262# include <time.h>
1263#endif
1264 ]
1265)
7b578f7d 1266 AC_CHECK_LIB(bsm, getaudit, [],
1267 [AC_MSG_ERROR(BSM enabled and required library not found)])
1268 AC_CHECK_FUNCS(getaudit, [],
1269 [AC_MSG_ERROR(BSM enabled and required function not found)])
1270 # These are optional
a74e9b64 1271 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1272 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1273 ;;
1274 debug)
1275 AUDIT_MODULE=debug
1276 AC_MSG_RESULT(debug)
3466e002 1277 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1278 ;;
a2b3321d 1279 no)
d92622f9 1280 AC_MSG_RESULT(no)
a2b3321d 1281 ;;
7b578f7d 1282 *)
1283 AC_MSG_ERROR([Unknown audit module $withval])
1284 ;;
1285 esac ]
1286)
1287
19160674 1288dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1289AC_CHECK_FUNCS( \
1290 arc4random \
185adaf8 1291 arc4random_buf \
1292 arc4random_uniform \
9a406e1e 1293 asprintf \
b04a9f8c 1294 b64_ntop \
1295 __b64_ntop \
1296 b64_pton \
1297 __b64_pton \
1298 bcopy \
1299 bindresvport_sa \
1300 clock \
1301 closefrom \
1302 dirfd \
b04a9f8c 1303 fchmod \
1304 fchown \
1305 freeaddrinfo \
1306 futimes \
1307 getaddrinfo \
1308 getcwd \
1309 getgrouplist \
1310 getnameinfo \
1311 getopt \
1312 getpeereid \
1961d660 1313 getpeerucred \
b04a9f8c 1314 _getpty \
1315 getrlimit \
1316 getttyent \
1317 glob \
1318 inet_aton \
1319 inet_ntoa \
1320 inet_ntop \
1321 innetgr \
1322 login_getcapbool \
1323 md5_crypt \
1324 memmove \
1325 mkdtemp \
1326 mmap \
1327 ngetaddrinfo \
1328 nsleep \
1329 ogetaddrinfo \
1330 openlog_r \
1331 openpty \
6d39a5c4 1332 poll \
b04a9f8c 1333 prctl \
1334 pstat \
1335 readpassphrase \
1336 realpath \
1337 recvmsg \
1338 rresvport_af \
1339 sendmsg \
1340 setdtablesize \
1341 setegid \
1342 setenv \
1343 seteuid \
1344 setgroups \
1345 setlogin \
1346 setpcred \
1347 setproctitle \
1348 setregid \
1349 setreuid \
1350 setrlimit \
1351 setsid \
1352 setvbuf \
1353 sigaction \
1354 sigvec \
1355 snprintf \
1356 socketpair \
1357 strdup \
1358 strerror \
1359 strlcat \
1360 strlcpy \
1361 strmode \
1362 strnvis \
1363 strtonum \
1e29a0c8 1364 strtoll \
b04a9f8c 1365 strtoul \
1aac2117 1366 swap32 \
b04a9f8c 1367 sysconf \
1368 tcgetpgrp \
1369 truncate \
1370 unsetenv \
1371 updwtmpx \
9a406e1e 1372 vasprintf \
b04a9f8c 1373 vhangup \
1374 vsnprintf \
1375 waitpid \
19160674 1376)
98a7c37b 1377
1a086f97 1378# IRIX has a const char return value for gai_strerror()
1379AC_CHECK_FUNCS(gai_strerror,[
1380 AC_DEFINE(HAVE_GAI_STRERROR)
1381 AC_TRY_COMPILE([
1382#include <sys/types.h>
1383#include <sys/socket.h>
1384#include <netdb.h>
1385
1386const char *gai_strerror(int);],[
1387char *str;
1388
1389str = gai_strerror(0);],[
1390 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1391 [Define if gai_strerror() returns const char *])])])
1392
3466e002 1393AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1394 [Some systems put nanosleep outside of libc]))
92b1decf 1395
309709db 1396dnl Make sure prototypes are defined for these before using them.
309709db 1397AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1398AC_CHECK_DECL(strsep,
1399 [AC_CHECK_FUNCS(strsep)],
1400 [],
1401 [
1402#ifdef HAVE_STRING_H
1403# include <string.h>
1404#endif
1405 ])
08412d26 1406
3490699c 1407dnl tcsendbreak might be a macro
1408AC_CHECK_DECL(tcsendbreak,
1409 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1410 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1411 [#include <termios.h>]
1412)
1413
41e0e158 1414AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1415
71f4c727 1416AC_CHECK_DECLS(SHUT_RD, , ,
1417 [
1418#include <sys/types.h>
1419#include <sys/socket.h>
1420 ])
956d6743 1421
1422AC_CHECK_DECLS(O_NONBLOCK, , ,
1423 [
1424#include <sys/types.h>
1425#ifdef HAVE_SYS_STAT_H
1426# include <sys/stat.h>
1427#endif
1428#ifdef HAVE_FCNTL_H
1429# include <fcntl.h>
1430#endif
1431 ])
1432
752994dd 1433AC_CHECK_DECLS(writev, , , [
1434#include <sys/types.h>
1435#include <sys/uio.h>
1436#include <unistd.h>
1437 ])
1438
0bf6279d 1439AC_CHECK_DECLS(MAXSYMLINKS, , , [
1440#include <sys/param.h>
1441 ])
1442
b41ece30 1443AC_CHECK_DECLS(offsetof, , , [
1444#include <stddef.h>
1445 ])
1446
3f176010 1447AC_CHECK_FUNCS(setresuid, [
1448 dnl Some platorms have setresuid that isn't implemented, test for this
1449 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1450 AC_RUN_IFELSE(
1451 [AC_LANG_SOURCE([[
9a3fe0e2 1452#include <stdlib.h>
1453#include <errno.h>
1454int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1455 ]])],
3f176010 1456 [AC_MSG_RESULT(yes)],
3466e002 1457 [AC_DEFINE(BROKEN_SETRESUID, 1,
1458 [Define if your setresuid() is broken])
1a01a50c 1459 AC_MSG_RESULT(not implemented)],
1460 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1461 )
1462])
9a3fe0e2 1463
3f176010 1464AC_CHECK_FUNCS(setresgid, [
1465 dnl Some platorms have setresgid that isn't implemented, test for this
1466 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1467 AC_RUN_IFELSE(
1468 [AC_LANG_SOURCE([[
9a3fe0e2 1469#include <stdlib.h>
1470#include <errno.h>
1471int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1472 ]])],
3f176010 1473 [AC_MSG_RESULT(yes)],
3466e002 1474 [AC_DEFINE(BROKEN_SETRESGID, 1,
1475 [Define if your setresgid() is broken])
1a01a50c 1476 AC_MSG_RESULT(not implemented)],
1477 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1478 )
1479])
9a3fe0e2 1480
2e73a022 1481dnl Checks for time functions
1d7b9b20 1482AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1483dnl Checks for utmp functions
b03bd394 1484AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1485AC_CHECK_FUNCS(utmpname)
2e73a022 1486dnl Checks for utmpx functions
b03bd394 1487AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1488AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1489
aff51935 1490AC_CHECK_FUNC(daemon,
3466e002 1491 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1492 [AC_CHECK_LIB(bsd, daemon,
1493 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1494)
1495
aff51935 1496AC_CHECK_FUNC(getpagesize,
3466e002 1497 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1498 [Define if your libraries define getpagesize()])],
1499 [AC_CHECK_LIB(ucb, getpagesize,
1500 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1501)
1502
2647ae26 1503# Check for broken snprintf
1504if test "x$ac_cv_func_snprintf" = "xyes" ; then
1505 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1506 AC_RUN_IFELSE(
479cece8 1507 [AC_LANG_SOURCE([[
2647ae26 1508#include <stdio.h>
aec4cb4f 1509int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1510 ]])],
aff51935 1511 [AC_MSG_RESULT(yes)],
2647ae26 1512 [
1513 AC_MSG_RESULT(no)
3466e002 1514 AC_DEFINE(BROKEN_SNPRINTF, 1,
1515 [Define if your snprintf is busted])
2647ae26 1516 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1517 ],
1518 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1519 )
1520fi
1521
9a406e1e 1522# If we don't have a working asprintf, then we strongly depend on vsnprintf
1523# returning the right thing on overflow: the number of characters it tried to
1524# create (as per SUSv3)
1525if test "x$ac_cv_func_asprintf" != "xyes" && \
1526 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1527 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1528 AC_RUN_IFELSE(
1529 [AC_LANG_SOURCE([[
1530#include <sys/types.h>
1531#include <stdio.h>
1532#include <stdarg.h>
1533
1534int x_snprintf(char *str,size_t count,const char *fmt,...)
1535{
1536 size_t ret; va_list ap;
1537 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1538 return ret;
1539}
1540int main(void)
1541{
1542 char x[1];
1543 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1544} ]])],
1545 [AC_MSG_RESULT(yes)],
1546 [
1547 AC_MSG_RESULT(no)
1548 AC_DEFINE(BROKEN_SNPRINTF, 1,
1549 [Define if your snprintf is busted])
1550 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1551 ],
1552 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1553 )
1554fi
1555
31b0732a 1556# On systems where [v]snprintf is broken, but is declared in stdio,
1557# check that the fmt argument is const char * or just char *.
1558# This is only useful for when BROKEN_SNPRINTF
1559AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1560AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1561 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1562 int main(void) { snprintf(0, 0, 0); }
1563 ]])],
1564 [AC_MSG_RESULT(yes)
1565 AC_DEFINE(SNPRINTF_CONST, [const],
1566 [Define as const if snprintf() can declare const char *fmt])],
1567 [AC_MSG_RESULT(no)
1568 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1569
2f6f9cff 1570# Check for missing getpeereid (or equiv) support
1571NO_PEERCHECK=""
1961d660 1572if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1573 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1574 AC_TRY_COMPILE(
1575 [#include <sys/types.h>
1576 #include <sys/socket.h>],
1577 [int i = SO_PEERCRED;],
62eb7db4 1578 [ AC_MSG_RESULT(yes)
3466e002 1579 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1580 ],
2f6f9cff 1581 [AC_MSG_RESULT(no)
1582 NO_PEERCHECK=1]
1583 )
1584fi
1585
70e7d0b0 1586dnl see whether mkstemp() requires XXXXXX
1587if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1588AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1589AC_RUN_IFELSE(
1590 [AC_LANG_SOURCE([[
70e7d0b0 1591#include <stdlib.h>
1592main() { char template[]="conftest.mkstemp-test";
1593if (mkstemp(template) == -1)
1594 exit(1);
1595unlink(template); exit(0);
1596}
b0e7249f 1597 ]])],
70e7d0b0 1598 [
1599 AC_MSG_RESULT(no)
1600 ],
aff51935 1601 [
70e7d0b0 1602 AC_MSG_RESULT(yes)
3466e002 1603 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1604 ],
1605 [
1606 AC_MSG_RESULT(yes)
1607 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1608 ]
70e7d0b0 1609)
1610fi
1611
eacb954e 1612dnl make sure that openpty does not reacquire controlling terminal
1613if test ! -z "$check_for_openpty_ctty_bug"; then
1614 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1615 AC_RUN_IFELSE(
1616 [AC_LANG_SOURCE([[
eacb954e 1617#include <stdio.h>
1618#include <sys/fcntl.h>
1619#include <sys/types.h>
1620#include <sys/wait.h>
1621
1622int
1623main()
1624{
1625 pid_t pid;
1626 int fd, ptyfd, ttyfd, status;
1627
1628 pid = fork();
1629 if (pid < 0) { /* failed */
1630 exit(1);
1631 } else if (pid > 0) { /* parent */
1632 waitpid(pid, &status, 0);
aff51935 1633 if (WIFEXITED(status))
eacb954e 1634 exit(WEXITSTATUS(status));
1635 else
1636 exit(2);
1637 } else { /* child */
1638 close(0); close(1); close(2);
1639 setsid();
1640 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1641 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1642 if (fd >= 0)
1643 exit(3); /* Acquired ctty: broken */
1644 else
1645 exit(0); /* Did not acquire ctty: OK */
1646 }
1647}
b0e7249f 1648 ]])],
eacb954e 1649 [
1650 AC_MSG_RESULT(yes)
1651 ],
1652 [
1653 AC_MSG_RESULT(no)
1654 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1655 ],
1656 [
1657 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1658 ]
1659 )
1660fi
1661
4b492aab 1662if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1663 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1664 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1665 AC_RUN_IFELSE(
1666 [AC_LANG_SOURCE([[
2fe51906 1667#include <stdio.h>
1668#include <sys/socket.h>
1669#include <netdb.h>
1670#include <errno.h>
1671#include <netinet/in.h>
1672
1673#define TEST_PORT "2222"
1674
1675int
1676main(void)
1677{
1678 int err, sock;
1679 struct addrinfo *gai_ai, *ai, hints;
1680 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1681
1682 memset(&hints, 0, sizeof(hints));
1683 hints.ai_family = PF_UNSPEC;
1684 hints.ai_socktype = SOCK_STREAM;
1685 hints.ai_flags = AI_PASSIVE;
1686
1687 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1688 if (err != 0) {
1689 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1690 exit(1);
1691 }
1692
1693 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1694 if (ai->ai_family != AF_INET6)
1695 continue;
1696
1697 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1698 sizeof(ntop), strport, sizeof(strport),
1699 NI_NUMERICHOST|NI_NUMERICSERV);
1700
1701 if (err != 0) {
1702 if (err == EAI_SYSTEM)
1703 perror("getnameinfo EAI_SYSTEM");
1704 else
1705 fprintf(stderr, "getnameinfo failed: %s\n",
1706 gai_strerror(err));
1707 exit(2);
1708 }
1709
1710 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1711 if (sock < 0)
1712 perror("socket");
1713 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1714 if (errno == EBADF)
1715 exit(3);
1716 }
1717 }
1718 exit(0);
1719}
b0e7249f 1720 ]])],
2fe51906 1721 [
1722 AC_MSG_RESULT(yes)
1723 ],
1724 [
1725 AC_MSG_RESULT(no)
1726 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1727 ],
1728 [
1729 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1730 ]
1731 )
1732fi
1733
4b492aab 1734if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1735 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1736 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1737 AC_RUN_IFELSE(
1738 [AC_LANG_SOURCE([[
5ccf88cb 1739#include <stdio.h>
1740#include <sys/socket.h>
1741#include <netdb.h>
1742#include <errno.h>
1743#include <netinet/in.h>
1744
1745#define TEST_PORT "2222"
1746
1747int
1748main(void)
1749{
1750 int err, sock;
1751 struct addrinfo *gai_ai, *ai, hints;
1752 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1753
1754 memset(&hints, 0, sizeof(hints));
1755 hints.ai_family = PF_UNSPEC;
1756 hints.ai_socktype = SOCK_STREAM;
1757 hints.ai_flags = AI_PASSIVE;
1758
1759 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1760 if (err != 0) {
1761 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1762 exit(1);
1763 }
1764
1765 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1766 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1767 continue;
1768
1769 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1770 sizeof(ntop), strport, sizeof(strport),
1771 NI_NUMERICHOST|NI_NUMERICSERV);
1772
1773 if (ai->ai_family == AF_INET && err != 0) {
1774 perror("getnameinfo");
1775 exit(2);
1776 }
1777 }
1778 exit(0);
1779}
b0e7249f 1780 ]])],
5ccf88cb 1781 [
1782 AC_MSG_RESULT(yes)
3466e002 1783 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1784 [Define if you have a getaddrinfo that fails
1785 for the all-zeros IPv6 address])
5ccf88cb 1786 ],
1787 [
1788 AC_MSG_RESULT(no)
1789 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1790 ],
ecd9ec09 1791 [
b0e7249f 1792 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1793 ]
1794 )
1795fi
1796
b29fd59f 1797if test "x$check_for_conflicting_getspnam" = "x1"; then
1798 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1799 AC_COMPILE_IFELSE(
1800 [
1801#include <shadow.h>
1802int main(void) {exit(0);}
1803 ],
1804 [
1805 AC_MSG_RESULT(no)
1806 ],
1807 [
1808 AC_MSG_RESULT(yes)
1809 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1810 [Conflicting defs for getspnam])
1811 ]
1812 )
1813fi
1814
7f8f5e00 1815AC_FUNC_GETPGRP
1816
5b991353 1817# Search for OpenSSL
1818saved_CPPFLAGS="$CPPFLAGS"
1819saved_LDFLAGS="$LDFLAGS"
a0391976 1820AC_ARG_WITH(ssl-dir,
1821 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1822 [
e9e4a1c7 1823 if test "x$withval" != "xno" ; then
99eb0f64 1824 case "$withval" in
1825 # Relative paths
1826 ./*|../*) withval="`pwd`/$withval"
1827 esac
5b991353 1828 if test -d "$withval/lib"; then
1829 if test -n "${need_dash_r}"; then
1830 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1831 else
1832 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1833 fi
1834 else
5b991353 1835 if test -n "${need_dash_r}"; then
1836 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1837 else
1838 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1839 fi
1840 fi
5b991353 1841 if test -d "$withval/include"; then
1842 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1843 else
5b991353 1844 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1845 fi
a0391976 1846 fi
5b991353 1847 ]
1848)
5486a457 1849LIBS="-lcrypto $LIBS"
3466e002 1850AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1851 [Define if your ssl headers are included
1852 with #include <openssl/header.h>]),
d45e3d76 1853 [
5b991353 1854 dnl Check default openssl install dir
1855 if test -n "${need_dash_r}"; then
1856 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1857 else
5b991353 1858 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1859 fi
5b991353 1860 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1861 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1862 [
1863 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1864 ]
1865 )
1866 ]
1867)
1868
cd018561 1869# Determine OpenSSL header version
1870AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1871AC_RUN_IFELSE(
479cece8 1872 [AC_LANG_SOURCE([[
cd018561 1873#include <stdio.h>
1874#include <string.h>
1875#include <openssl/opensslv.h>
1876#define DATA "conftest.sslincver"
1877int main(void) {
aff51935 1878 FILE *fd;
1879 int rc;
cd018561 1880
aff51935 1881 fd = fopen(DATA,"w");
1882 if(fd == NULL)
1883 exit(1);
cd018561 1884
1885 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1886 exit(1);
1887
1888 exit(0);
1889}
479cece8 1890 ]])],
cd018561 1891 [
1892 ssl_header_ver=`cat conftest.sslincver`
1893 AC_MSG_RESULT($ssl_header_ver)
1894 ],
1895 [
1896 AC_MSG_RESULT(not found)
1897 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1898 ],
1899 [
1900 AC_MSG_WARN([cross compiling: not checking])
cd018561 1901 ]
1902)
1903
1904# Determine OpenSSL library version
1905AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1906AC_RUN_IFELSE(
479cece8 1907 [AC_LANG_SOURCE([[
cd018561 1908#include <stdio.h>
1909#include <string.h>
1910#include <openssl/opensslv.h>
1911#include <openssl/crypto.h>
1912#define DATA "conftest.ssllibver"
1913int main(void) {
aff51935 1914 FILE *fd;
1915 int rc;
cd018561 1916
aff51935 1917 fd = fopen(DATA,"w");
1918 if(fd == NULL)
1919 exit(1);
cd018561 1920
1921 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1922 exit(1);
1923
1924 exit(0);
1925}
479cece8 1926 ]])],
cd018561 1927 [
1928 ssl_library_ver=`cat conftest.ssllibver`
1929 AC_MSG_RESULT($ssl_library_ver)
1930 ],
1931 [
1932 AC_MSG_RESULT(not found)
1933 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1934 ],
1935 [
1936 AC_MSG_WARN([cross compiling: not checking])
cd018561 1937 ]
1938)
58d100bf 1939
1d42bcce 1940AC_ARG_WITH(openssl-header-check,
1941 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1942 [ if test "x$withval" = "xno" ; then
1943 openssl_check_nonfatal=1
1944 fi
1945 ]
1946)
1947
9780116c 1948# Sanity check OpenSSL headers
1949AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1950AC_RUN_IFELSE(
479cece8 1951 [AC_LANG_SOURCE([[
9780116c 1952#include <string.h>
1953#include <openssl/opensslv.h>
aec4cb4f 1954int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1955 ]])],
9780116c 1956 [
1957 AC_MSG_RESULT(yes)
1958 ],
1959 [
1960 AC_MSG_RESULT(no)
1d42bcce 1961 if test "x$openssl_check_nonfatal" = "x"; then
1962 AC_MSG_ERROR([Your OpenSSL headers do not match your
1963library. Check config.log for details.
1964If you are sure your installation is consistent, you can disable the check
1965by running "./configure --without-openssl-header-check".
1966Also see contrib/findssl.sh for help identifying header/library mismatches.
1967])
1968 else
1969 AC_MSG_WARN([Your OpenSSL headers do not match your
1970library. Check config.log for details.
e15ba28b 1971Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1972 fi
1a01a50c 1973 ],
1974 [
1975 AC_MSG_WARN([cross compiling: not checking])
9780116c 1976 ]
1977)
1978
282d6408 1979AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1980AC_LINK_IFELSE(
1981 [AC_LANG_SOURCE([[
1982#include <openssl/evp.h>
1983int main(void) { SSLeay_add_all_algorithms(); }
1984 ]])],
1985 [
1986 AC_MSG_RESULT(yes)
1987 ],
1988 [
1989 AC_MSG_RESULT(no)
1990 saved_LIBS="$LIBS"
1991 LIBS="$LIBS -ldl"
1992 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1993 AC_LINK_IFELSE(
1994 [AC_LANG_SOURCE([[
1995#include <openssl/evp.h>
1996int main(void) { SSLeay_add_all_algorithms(); }
1997 ]])],
1998 [
1999 AC_MSG_RESULT(yes)
2000 ],
2001 [
2002 AC_MSG_RESULT(no)
2003 LIBS="$saved_LIBS"
2004 ]
2005 )
2006 ]
2007)
2008
c7ad0d99 2009AC_ARG_WITH(ssl-engine,
2010 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2011 [ if test "x$withval" != "xno" ; then
2012 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2013 AC_TRY_COMPILE(
2014 [ #include <openssl/engine.h>],
2015 [
24b2647b 2016ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2017 ],
2018 [ AC_MSG_RESULT(yes)
2019 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2020 [Enable OpenSSL engine support])
2021 ],
2022 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2023 )
2024 fi ]
2025)
2026
e5146707 2027# Check for OpenSSL without EVP_aes_{192,256}_cbc
2028AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2029AC_LINK_IFELSE(
e5146707 2030 [AC_LANG_SOURCE([[
2031#include <string.h>
2032#include <openssl/evp.h>
300ea548 2033int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2034 ]])],
2035 [
2036 AC_MSG_RESULT(no)
2037 ],
2038 [
2039 AC_MSG_RESULT(yes)
2040 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2041 [libcrypto is missing AES 192 and 256 bit functions])
2042 ]
2043)
2044
5486a457 2045# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2046# because the system crypt() is more featureful.
2047if test "x$check_for_libcrypt_before" = "x1"; then
2048 AC_CHECK_LIB(crypt, crypt)
2049fi
2050
aff51935 2051# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2052# version in OpenSSL.
05114c74 2053if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2054 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2055fi
2056
13ff27b7 2057# Search for SHA256 support in libc and/or OpenSSL
2058AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2059
a03acb8f 2060saved_LIBS="$LIBS"
2061AC_CHECK_LIB(iaf, ia_openinfo, [
2062 LIBS="$LIBS -liaf"
d837615a 2063 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2064 AC_DEFINE(HAVE_LIBIAF, 1,
2065 [Define if system has libiaf that supports set_id])
2066 ])
a03acb8f 2067])
2068LIBS="$saved_LIBS"
f1b0ecc3 2069
2070### Configure cryptographic random number support
2071
2072# Check wheter OpenSSL seeds itself
2073AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2074AC_RUN_IFELSE(
479cece8 2075 [AC_LANG_SOURCE([[
f1b0ecc3 2076#include <string.h>
2077#include <openssl/rand.h>
aec4cb4f 2078int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2079 ]])],
f1b0ecc3 2080 [
2081 OPENSSL_SEEDS_ITSELF=yes
2082 AC_MSG_RESULT(yes)
2083 ],
2084 [
2085 AC_MSG_RESULT(no)
2086 # Default to use of the rand helper if OpenSSL doesn't
2087 # seed itself
2088 USE_RAND_HELPER=yes
1a01a50c 2089 ],
2090 [
2091 AC_MSG_WARN([cross compiling: assuming yes])
2092 # This is safe, since all recent OpenSSL versions will
82f4e93d 2093 # complain at runtime if not seeded correctly.
1a01a50c 2094 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2095 ]
2096)
2097
a086f73b 2098# Check for PAM libs
2099PAM_MSG="no"
2100AC_ARG_WITH(pam,
2101 [ --with-pam Enable PAM support ],
2102 [
2103 if test "x$withval" != "xno" ; then
2104 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2105 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2106 AC_MSG_ERROR([PAM headers not found])
2107 fi
2108
2109 saved_LIBS="$LIBS"
2110 AC_CHECK_LIB(dl, dlopen, , )
2111 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2112 AC_CHECK_FUNCS(pam_getenvlist)
2113 AC_CHECK_FUNCS(pam_putenv)
2114 LIBS="$saved_LIBS"
2115
2116 PAM_MSG="yes"
2117
e54defb4 2118 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2119 AC_DEFINE(USE_PAM, 1,
2120 [Define if you want to enable PAM support])
282d6408 2121
a086f73b 2122 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2123 case "$LIBS" in
2124 *-ldl*)
2125 # libdl already in LIBS
2126 ;;
2127 *)
e54defb4 2128 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2129 ;;
2130 esac
a086f73b 2131 fi
a086f73b 2132 fi
2133 ]
2134)
2135
2136# Check for older PAM
2137if test "x$PAM_MSG" = "xyes" ; then
2138 # Check PAM strerror arguments (old PAM)
2139 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2140 AC_TRY_COMPILE(
2141 [
2142#include <stdlib.h>
2143#if defined(HAVE_SECURITY_PAM_APPL_H)
2144#include <security/pam_appl.h>
2145#elif defined (HAVE_PAM_PAM_APPL_H)
2146#include <pam/pam_appl.h>
2147#endif
2148 ],
2149 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2150 [AC_MSG_RESULT(no)],
2151 [
2152 AC_DEFINE(HAVE_OLD_PAM, 1,
2153 [Define if you have an old version of PAM
2154 which takes only one argument to pam_strerror])
2155 AC_MSG_RESULT(yes)
2156 PAM_MSG="yes (old library)"
2157 ]
2158 )
2159fi
f1b0ecc3 2160
2161# Do we want to force the use of the rand helper?
2162AC_ARG_WITH(rand-helper,
2163 [ --with-rand-helper Use subprocess to gather strong randomness ],
2164 [
2165 if test "x$withval" = "xno" ; then
aff51935 2166 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2167 # the previous test showed it to be unseeded.
2168 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2169 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2170 OPENSSL_SEEDS_ITSELF=yes
2171 USE_RAND_HELPER=""
2172 fi
2173 else
2174 USE_RAND_HELPER=yes
2175 fi
2176 ],
82f4e93d 2177)
f1b0ecc3 2178
2179# Which randomness source do we use?
4b492aab 2180if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2181 # OpenSSL only
3466e002 2182 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2183 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2184 RAND_MSG="OpenSSL internal ONLY"
2185 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2186elif test ! -z "$USE_RAND_HELPER" ; then
2187 # install rand helper
f1b0ecc3 2188 RAND_MSG="ssh-rand-helper"
2189 INSTALL_SSH_RAND_HELPER="yes"
2190fi
2191AC_SUBST(INSTALL_SSH_RAND_HELPER)
2192
2193### Configuration of ssh-rand-helper
2194
2195# PRNGD TCP socket
2196AC_ARG_WITH(prngd-port,
2197 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2198 [
eb5d7ff6 2199 case "$withval" in
2200 no)
2201 withval=""
2202 ;;
2203 [[0-9]]*)
2204 ;;
2205 *)
2206 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2207 ;;
2208 esac
2209 if test ! -z "$withval" ; then
f1b0ecc3 2210 PRNGD_PORT="$withval"
3466e002 2211 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2212 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2213 fi
2214 ]
2215)
2216
2217# PRNGD Unix domain socket
2218AC_ARG_WITH(prngd-socket,
2219 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2220 [
eb5d7ff6 2221 case "$withval" in
2222 yes)
f1b0ecc3 2223 withval="/var/run/egd-pool"
eb5d7ff6 2224 ;;
2225 no)
2226 withval=""
2227 ;;
2228 /*)
2229 ;;
2230 *)
2231 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2232 ;;
2233 esac
2234
2235 if test ! -z "$withval" ; then
f1b0ecc3 2236 if test ! -z "$PRNGD_PORT" ; then
2237 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2238 fi
906e811b 2239 if test ! -r "$withval" ; then
f1b0ecc3 2240 AC_MSG_WARN(Entropy socket is not readable)
2241 fi
2242 PRNGD_SOCKET="$withval"
3466e002 2243 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2244 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2245 fi
ddceb1c8 2246 ],
2247 [
2248 # Check for existing socket only if we don't have a random device already
2249 if test "$USE_RAND_HELPER" = yes ; then
2250 AC_MSG_CHECKING(for PRNGD/EGD socket)
2251 # Insert other locations here
2252 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2253 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2254 PRNGD_SOCKET="$sock"
2255 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2256 break;
2257 fi
2258 done
2259 if test ! -z "$PRNGD_SOCKET" ; then
2260 AC_MSG_RESULT($PRNGD_SOCKET)
2261 else
2262 AC_MSG_RESULT(not found)
2263 fi
2264 fi
f1b0ecc3 2265 ]
2266)
2267
2268# Change default command timeout for hashing entropy source
2269entropy_timeout=200
2270AC_ARG_WITH(entropy-timeout,
2271 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2272 [
6cf0200f 2273 if test -n "$withval" && test "x$withval" != "xno" && \
2274 test "x${withval}" != "xyes"; then
f1b0ecc3 2275 entropy_timeout=$withval
2276 fi
82f4e93d 2277 ]
f1b0ecc3 2278)
3466e002 2279AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2280 [Builtin PRNG command timeout])
f1b0ecc3 2281
fd3cbf67 2282SSH_PRIVSEP_USER=sshd
9a0fbcb3 2283AC_ARG_WITH(privsep-user,
5222e7ef 2284 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2285 [
6cf0200f 2286 if test -n "$withval" && test "x$withval" != "xno" && \
2287 test "x${withval}" != "xyes"; then
fd3cbf67 2288 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2289 fi
82f4e93d 2290 ]
9a0fbcb3 2291)
3466e002 2292AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2293 [non-privileged user for privilege separation])
fd3cbf67 2294AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2295
81dadca3 2296# We do this little dance with the search path to insure
2297# that programs that we select for use by installed programs
2298# (which may be run by the super-user) come from trusted
2299# locations before they come from the user's private area.
2300# This should help avoid accidentally configuring some
2301# random version of a program in someone's personal bin.
2302
2303OPATH=$PATH
2304PATH=/bin:/usr/bin
f95c8ce8 2305test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2306test -d /sbin && PATH=$PATH:/sbin
2307test -d /usr/sbin && PATH=$PATH:/usr/sbin
2308PATH=$PATH:/etc:$OPATH
2309
aff51935 2310# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2311OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2312OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2313OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2314OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2315OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2316OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2317OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2318OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2319OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2320OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2321OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2322OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2323OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2324OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2325OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2326OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2327# restore PATH
2328PATH=$OPATH
f1b0ecc3 2329
2330# Where does ssh-rand-helper get its randomness from?
2331INSTALL_SSH_PRNG_CMDS=""
2332if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2333 if test ! -z "$PRNGD_PORT" ; then
2334 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2335 elif test ! -z "$PRNGD_SOCKET" ; then
2336 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2337 else
2338 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2339 RAND_HELPER_CMDHASH=yes
2340 INSTALL_SSH_PRNG_CMDS="yes"
2341 fi
2342fi
2343AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2344
2345
66d6c27e 2346# Cheap hack to ensure NEWS-OS libraries are arranged right.
2347if test ! -z "$SONY" ; then
2348 LIBS="$LIBS -liberty";
2349fi
2350
9a406e1e 2351# Check for long long datatypes
2352AC_CHECK_TYPES([long long, unsigned long long, long double])
2353
2354# Check datatype sizes
976f7e19 2355AC_CHECK_SIZEOF(char, 1)
2b942fe0 2356AC_CHECK_SIZEOF(short int, 2)
2357AC_CHECK_SIZEOF(int, 4)
2358AC_CHECK_SIZEOF(long int, 4)
2359AC_CHECK_SIZEOF(long long int, 8)
2360
52f1ccb2 2361# Sanity check long long for some platforms (AIX)
2362if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2363 ac_cv_sizeof_long_long_int=0
2364fi
2365
90f15776 2366# compute LLONG_MIN and LLONG_MAX if we don't know them.
2367if test -z "$have_llong_max"; then
2368 AC_MSG_CHECKING([for max value of long long])
2369 AC_RUN_IFELSE(
2370 [AC_LANG_SOURCE([[
2371#include <stdio.h>
2372/* Why is this so damn hard? */
2373#ifdef __GNUC__
2374# undef __GNUC__
2375#endif
2376#define __USE_ISOC99
2377#include <limits.h>
2378#define DATA "conftest.llminmax"
055252ed 2379#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2380
2381/*
2382 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2383 * we do this the hard way.
2384 */
2385static int
2386fprint_ll(FILE *f, long long n)
2387{
2388 unsigned int i;
2389 int l[sizeof(long long) * 8];
2390
2391 if (n < 0)
2392 if (fprintf(f, "-") < 0)
2393 return -1;
2394 for (i = 0; n != 0; i++) {
2395 l[i] = my_abs(n % 10);
2396 n /= 10;
2397 }
2398 do {
2399 if (fprintf(f, "%d", l[--i]) < 0)
2400 return -1;
2401 } while (i != 0);
2402 if (fprintf(f, " ") < 0)
2403 return -1;
2404 return 0;
2405}
2406
90f15776 2407int main(void) {
2408 FILE *f;
2409 long long i, llmin, llmax = 0;
2410
2411 if((f = fopen(DATA,"w")) == NULL)
2412 exit(1);
2413
2414#if defined(LLONG_MIN) && defined(LLONG_MAX)
2415 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2416 llmin = LLONG_MIN;
2417 llmax = LLONG_MAX;
2418#else
2419 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2420 /* This will work on one's complement and two's complement */
2421 for (i = 1; i > llmax; i <<= 1, i++)
2422 llmax = i;
2423 llmin = llmax + 1LL; /* wrap */
2424#endif
2425
2426 /* Sanity check */
2427 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2428 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2429 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2430 fprintf(f, "unknown unknown\n");
2431 exit(2);
2432 }
2433
055252ed 2434 if (fprint_ll(f, llmin) < 0)
90f15776 2435 exit(3);
055252ed 2436 if (fprint_ll(f, llmax) < 0)
2437 exit(4);
2438 if (fclose(f) < 0)
2439 exit(5);
90f15776 2440 exit(0);
2441}
2442 ]])],
2443 [
2444 llong_min=`$AWK '{print $1}' conftest.llminmax`
2445 llong_max=`$AWK '{print $2}' conftest.llminmax`
2446
90f15776 2447 AC_MSG_RESULT($llong_max)
2448 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2449 [max value of long long calculated by configure])
2450 AC_MSG_CHECKING([for min value of long long])
2451 AC_MSG_RESULT($llong_min)
2452 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2453 [min value of long long calculated by configure])
2454 ],
2455 [
2456 AC_MSG_RESULT(not found)
2457 ],
2458 [
2459 AC_MSG_WARN([cross compiling: not checking])
2460 ]
2461 )
2462fi
2463
2464
a0391976 2465# More checks for data types
14a9a859 2466AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2467 AC_TRY_COMPILE(
aff51935 2468 [ #include <sys/types.h> ],
2469 [ u_int a; a = 1;],
14a9a859 2470 [ ac_cv_have_u_int="yes" ],
2471 [ ac_cv_have_u_int="no" ]
2472 )
2473])
2474if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2475 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2476 have_u_int=1
2477fi
2478
58d100bf 2479AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2480 AC_TRY_COMPILE(
aff51935 2481 [ #include <sys/types.h> ],
2482 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2483 [ ac_cv_have_intxx_t="yes" ],
2484 [ ac_cv_have_intxx_t="no" ]
2485 )
2486])
2487if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2488 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2489 have_intxx_t=1
2490fi
41cb4569 2491
2492if (test -z "$have_intxx_t" && \
aff51935 2493 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2494then
2495 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2496 AC_TRY_COMPILE(
aff51935 2497 [ #include <stdint.h> ],
2498 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2499 [
2500 AC_DEFINE(HAVE_INTXX_T)
2501 AC_MSG_RESULT(yes)
2502 ],
2503 [ AC_MSG_RESULT(no) ]
2504 )
2505fi
2506
bd590612 2507AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2508 AC_TRY_COMPILE(
1cbbe6c8 2509 [
2510#include <sys/types.h>
2511#ifdef HAVE_STDINT_H
2512# include <stdint.h>
2513#endif
2514#include <sys/socket.h>
2515#ifdef HAVE_SYS_BITYPES_H
2516# include <sys/bitypes.h>
2517#endif
aff51935 2518 ],
2519 [ int64_t a; a = 1;],
bd590612 2520 [ ac_cv_have_int64_t="yes" ],
2521 [ ac_cv_have_int64_t="no" ]
2522 )
2523])
2524if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2525 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2526fi
2527
58d100bf 2528AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2529 AC_TRY_COMPILE(
aff51935 2530 [ #include <sys/types.h> ],
2531 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2532 [ ac_cv_have_u_intxx_t="yes" ],
2533 [ ac_cv_have_u_intxx_t="no" ]
2534 )
2535])
2536if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2537 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2538 have_u_intxx_t=1
2539fi
2b942fe0 2540
41cb4569 2541if test -z "$have_u_intxx_t" ; then
2542 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2543 AC_TRY_COMPILE(
aff51935 2544 [ #include <sys/socket.h> ],
2545 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2546 [
2547 AC_DEFINE(HAVE_U_INTXX_T)
2548 AC_MSG_RESULT(yes)
2549 ],
2550 [ AC_MSG_RESULT(no) ]
2551 )
2552fi
2553
bd590612 2554AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2555 AC_TRY_COMPILE(
aff51935 2556 [ #include <sys/types.h> ],
2557 [ u_int64_t a; a = 1;],
bd590612 2558 [ ac_cv_have_u_int64_t="yes" ],
2559 [ ac_cv_have_u_int64_t="no" ]
2560 )
2561])
2562if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2563 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2564 have_u_int64_t=1
2565fi
2566
ddceb1c8 2567if test -z "$have_u_int64_t" ; then
2568 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2569 AC_TRY_COMPILE(
aff51935 2570 [ #include <sys/bitypes.h> ],
ddceb1c8 2571 [ u_int64_t a; a = 1],
2572 [
2573 AC_DEFINE(HAVE_U_INT64_T)
2574 AC_MSG_RESULT(yes)
2575 ],
2576 [ AC_MSG_RESULT(no) ]
2577 )
2578fi
2579
41cb4569 2580if test -z "$have_u_intxx_t" ; then
2581 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2582 AC_TRY_COMPILE(
2583 [
2584#include <sys/types.h>
aff51935 2585 ],
2586 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2587 [ ac_cv_have_uintxx_t="yes" ],
2588 [ ac_cv_have_uintxx_t="no" ]
2589 )
2590 ])
2591 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2592 AC_DEFINE(HAVE_UINTXX_T, 1,
2593 [define if you have uintxx_t data type])
41cb4569 2594 fi
2595fi
2596
2597if test -z "$have_uintxx_t" ; then
2598 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2599 AC_TRY_COMPILE(
aff51935 2600 [ #include <stdint.h> ],
2601 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2602 [
2603 AC_DEFINE(HAVE_UINTXX_T)
2604 AC_MSG_RESULT(yes)
2605 ],
2606 [ AC_MSG_RESULT(no) ]
2607 )
2608fi
2609
e5fe9a1f 2610if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2611 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2612then
2613 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2614 AC_TRY_COMPILE(
58d100bf 2615 [
2616#include <sys/bitypes.h>
aff51935 2617 ],
5cdfe03f 2618 [
837c30b8 2619 int8_t a; int16_t b; int32_t c;
2620 u_int8_t e; u_int16_t f; u_int32_t g;
2621 a = b = c = e = f = g = 1;
aff51935 2622 ],
5cdfe03f 2623 [
2624 AC_DEFINE(HAVE_U_INTXX_T)
2625 AC_DEFINE(HAVE_INTXX_T)
2626 AC_MSG_RESULT(yes)
2627 ],
2628 [AC_MSG_RESULT(no)]
aff51935 2629 )
5cdfe03f 2630fi
2631
0362750e 2632
2633AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2634 AC_TRY_COMPILE(
2635 [
2636#include <sys/types.h>
2637 ],
2638 [ u_char foo; foo = 125; ],
2639 [ ac_cv_have_u_char="yes" ],
2640 [ ac_cv_have_u_char="no" ]
2641 )
2642])
2643if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2644 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2645fi
2646
98a7c37b 2647TYPE_SOCKLEN_T
2b942fe0 2648
2d16d9a3 2649AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2650
777ece68 2651AC_CHECK_TYPES(in_addr_t,,,
2652[#include <sys/types.h>
2653#include <netinet/in.h>])
7b578f7d 2654
58d100bf 2655AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2656 AC_TRY_COMPILE(
2657 [
18ba2aab 2658#include <sys/types.h>
58d100bf 2659 ],
2660 [ size_t foo; foo = 1235; ],
2661 [ ac_cv_have_size_t="yes" ],
2662 [ ac_cv_have_size_t="no" ]
2663 )
2664])
2665if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2666 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2667fi
ea1970a3 2668
c04f75f1 2669AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2670 AC_TRY_COMPILE(
2671 [
2672#include <sys/types.h>
2673 ],
2674 [ ssize_t foo; foo = 1235; ],
2675 [ ac_cv_have_ssize_t="yes" ],
2676 [ ac_cv_have_ssize_t="no" ]
2677 )
2678])
2679if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2680 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2681fi
2682
f1c4659d 2683AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2684 AC_TRY_COMPILE(
2685 [
2686#include <time.h>
2687 ],
2688 [ clock_t foo; foo = 1235; ],
2689 [ ac_cv_have_clock_t="yes" ],
2690 [ ac_cv_have_clock_t="no" ]
2691 )
2692])
2693if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2694 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2695fi
2696
1c04b088 2697AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2698 AC_TRY_COMPILE(
2699 [
2700#include <sys/types.h>
2701#include <sys/socket.h>
2702 ],
2703 [ sa_family_t foo; foo = 1235; ],
2704 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2705 [ AC_TRY_COMPILE(
2706 [
2707#include <sys/types.h>
2708#include <sys/socket.h>
2709#include <netinet/in.h>
2710 ],
2711 [ sa_family_t foo; foo = 1235; ],
2712 [ ac_cv_have_sa_family_t="yes" ],
2713
1c04b088 2714 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2715 )]
1c04b088 2716 )
2717])
2718if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2719 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2720 [define if you have sa_family_t data type])
1c04b088 2721fi
2722
729bfe59 2723AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2724 AC_TRY_COMPILE(
2725 [
2726#include <sys/types.h>
2727 ],
2728 [ pid_t foo; foo = 1235; ],
2729 [ ac_cv_have_pid_t="yes" ],
2730 [ ac_cv_have_pid_t="no" ]
2731 )
2732])
2733if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2734 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2735fi
2736
2737AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2738 AC_TRY_COMPILE(
2739 [
2740#include <sys/types.h>
2741 ],
2742 [ mode_t foo; foo = 1235; ],
2743 [ ac_cv_have_mode_t="yes" ],
2744 [ ac_cv_have_mode_t="no" ]
2745 )
2746])
2747if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2748 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2749fi
2750
e3a93db0 2751
58d100bf 2752AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2753 AC_TRY_COMPILE(
2754 [
18ba2aab 2755#include <sys/types.h>
2756#include <sys/socket.h>
58d100bf 2757 ],
2758 [ struct sockaddr_storage s; ],
2759 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2760 [ ac_cv_have_struct_sockaddr_storage="no" ]
2761 )
2762])
2763if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2764 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2765 [define if you have struct sockaddr_storage data type])
58d100bf 2766fi
48e671d5 2767
58d100bf 2768AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2769 AC_TRY_COMPILE(
2770 [
cbd7492e 2771#include <sys/types.h>
58d100bf 2772#include <netinet/in.h>
2773 ],
2774 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2775 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2776 [ ac_cv_have_struct_sockaddr_in6="no" ]
2777 )
2778])
2779if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2780 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2781 [define if you have struct sockaddr_in6 data type])
58d100bf 2782fi
48e671d5 2783
58d100bf 2784AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2785 AC_TRY_COMPILE(
2786 [
cbd7492e 2787#include <sys/types.h>
58d100bf 2788#include <netinet/in.h>
2789 ],
2790 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2791 [ ac_cv_have_struct_in6_addr="yes" ],
2792 [ ac_cv_have_struct_in6_addr="no" ]
2793 )
2794])
2795if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2796 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2797 [define if you have struct in6_addr data type])
58d100bf 2798fi
48e671d5 2799
58d100bf 2800AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2801 AC_TRY_COMPILE(
2802 [
18ba2aab 2803#include <sys/types.h>
2804#include <sys/socket.h>
2805#include <netdb.h>
58d100bf 2806 ],
2807 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2808 [ ac_cv_have_struct_addrinfo="yes" ],
2809 [ ac_cv_have_struct_addrinfo="no" ]
2810 )
2811])
2812if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2813 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2814 [define if you have struct addrinfo data type])
58d100bf 2815fi
2816
89c7e31c 2817AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2818 AC_TRY_COMPILE(
aff51935 2819 [ #include <sys/time.h> ],
2820 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2821 [ ac_cv_have_struct_timeval="yes" ],
2822 [ ac_cv_have_struct_timeval="no" ]
2823 )
2824])
2825if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2826 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2827 have_struct_timeval=1
2828fi
2829
5271b55c 2830AC_CHECK_TYPES(struct timespec)
2831
85abc74b 2832# We need int64_t or else certian parts of the compile will fail.
4b492aab 2833if test "x$ac_cv_have_int64_t" = "xno" && \
2834 test "x$ac_cv_sizeof_long_int" != "x8" && \
2835 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2836 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2837 echo "an alternative compiler (I.E., GCC) before continuing."
2838 echo ""
2839 exit 1;
733cf7f4 2840else
2841dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2842 AC_RUN_IFELSE(
479cece8 2843 [AC_LANG_SOURCE([[
733cf7f4 2844#include <stdio.h>
2845#include <string.h>
2846#ifdef HAVE_SNPRINTF
2847main()
2848{
2849 char buf[50];
2850 char expected_out[50];
2851 int mazsize = 50 ;
2852#if (SIZEOF_LONG_INT == 8)
2853 long int num = 0x7fffffffffffffff;
2854#else
763a1a18 2855 long long num = 0x7fffffffffffffffll;
733cf7f4 2856#endif
2857 strcpy(expected_out, "9223372036854775807");
2858 snprintf(buf, mazsize, "%lld", num);
2859 if(strcmp(buf, expected_out) != 0)
aff51935 2860 exit(1);
733cf7f4 2861 exit(0);
2862}
2863#else
2864main() { exit(0); }
2865#endif
479cece8 2866 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2867 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2868 )
2c523de9 2869fi
2870
77bb0bca 2871dnl Checks for structure members
58d100bf 2872OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2873OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2874OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2875OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2876OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2877OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2878OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2879OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2880OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2881OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2882OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2883OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2884OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2885OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2886OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2887OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2888OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2889
2890AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2891AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2892 [Define if we don't have struct __res_state in resolv.h])],
2893[
2894#include <stdio.h>
2895#if HAVE_SYS_TYPES_H
2896# include <sys/types.h>
2897#endif
2898#include <netinet/in.h>
2899#include <arpa/nameser.h>
2900#include <resolv.h>
2901])
1d7b9b20 2902
58d100bf 2903AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2904 ac_cv_have_ss_family_in_struct_ss, [
2905 AC_TRY_COMPILE(
2906 [
18ba2aab 2907#include <sys/types.h>
2908#include <sys/socket.h>
58d100bf 2909 ],
2910 [ struct sockaddr_storage s; s.ss_family = 1; ],
2911 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2912 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2913 )
2914])
2915if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2916 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2917fi
2918
58d100bf 2919AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2920 ac_cv_have___ss_family_in_struct_ss, [
2921 AC_TRY_COMPILE(
2922 [
18ba2aab 2923#include <sys/types.h>
2924#include <sys/socket.h>
58d100bf 2925 ],
2926 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2927 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2928 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2929 )
2930])
2931if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2932 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2933 [Fields in struct sockaddr_storage])
58d100bf 2934fi
2935
2e73a022 2936AC_CACHE_CHECK([for pw_class field in struct passwd],
2937 ac_cv_have_pw_class_in_struct_passwd, [
2938 AC_TRY_COMPILE(
2939 [
2e73a022 2940#include <pwd.h>
2941 ],
97994d32 2942 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2943 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2944 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2945 )
2946])
2947if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2948 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2949 [Define if your password has a pw_class field])
2e73a022 2950fi
2951
7751d4eb 2952AC_CACHE_CHECK([for pw_expire field in struct passwd],
2953 ac_cv_have_pw_expire_in_struct_passwd, [
2954 AC_TRY_COMPILE(
2955 [
2956#include <pwd.h>
2957 ],
2958 [ struct passwd p; p.pw_expire = 0; ],
2959 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2960 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2961 )
2962])
2963if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2964 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2965 [Define if your password has a pw_expire field])
7751d4eb 2966fi
2967
2968AC_CACHE_CHECK([for pw_change field in struct passwd],
2969 ac_cv_have_pw_change_in_struct_passwd, [
2970 AC_TRY_COMPILE(
2971 [
2972#include <pwd.h>
2973 ],
2974 [ struct passwd p; p.pw_change = 0; ],
2975 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2976 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2977 )
2978])
2979if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2980 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2981 [Define if your password has a pw_change field])
7751d4eb 2982fi
58d100bf 2983
637f9177 2984dnl make sure we're using the real structure members and not defines
6f34652e 2985AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2986 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2987 AC_COMPILE_IFELSE(
6f34652e 2988 [
f95c8ce8 2989#include <sys/types.h>
6f34652e 2990#include <sys/socket.h>
2991#include <sys/uio.h>
637f9177 2992int main() {
2993#ifdef msg_accrights
1a01a50c 2994#error "msg_accrights is a macro"
637f9177 2995exit(1);
2996#endif
2997struct msghdr m;
2998m.msg_accrights = 0;
2999exit(0);
3000}
6f34652e 3001 ],
6f34652e 3002 [ ac_cv_have_accrights_in_msghdr="yes" ],
3003 [ ac_cv_have_accrights_in_msghdr="no" ]
3004 )
3005])
3006if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3007 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3008 [Define if your system uses access rights style
3009 file descriptor passing])
6f34652e 3010fi
3011
7176df4f 3012AC_CACHE_CHECK([for msg_control field in struct msghdr],
3013 ac_cv_have_control_in_msghdr, [
1a01a50c 3014 AC_COMPILE_IFELSE(
7176df4f 3015 [
f95c8ce8 3016#include <sys/types.h>
7176df4f 3017#include <sys/socket.h>
3018#include <sys/uio.h>
637f9177 3019int main() {
3020#ifdef msg_control
1a01a50c 3021#error "msg_control is a macro"
637f9177 3022exit(1);
3023#endif
3024struct msghdr m;
3025m.msg_control = 0;
3026exit(0);
3027}
7176df4f 3028 ],
7176df4f 3029 [ ac_cv_have_control_in_msghdr="yes" ],
3030 [ ac_cv_have_control_in_msghdr="no" ]
3031 )
3032])
3033if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3034 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3035 [Define if your system uses ancillary data style
3036 file descriptor passing])
7176df4f 3037fi
3038
58d100bf 3039AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3040 AC_TRY_LINK([],
3041 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3042 [ ac_cv_libc_defines___progname="yes" ],
3043 [ ac_cv_libc_defines___progname="no" ]
3044 )
3045])
3046if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3047 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3048fi
8946db53 3049
c921ee00 3050AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3051 AC_TRY_LINK([
3052#include <stdio.h>
aff51935 3053],
3054 [ printf("%s", __FUNCTION__); ],
c921ee00 3055 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3056 [ ac_cv_cc_implements___FUNCTION__="no" ]
3057 )
3058])
3059if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3060 AC_DEFINE(HAVE___FUNCTION__, 1,
3061 [Define if compiler implements __FUNCTION__])
c921ee00 3062fi
3063
3064AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3065 AC_TRY_LINK([
3066#include <stdio.h>
aff51935 3067],
3068 [ printf("%s", __func__); ],
c921ee00 3069 [ ac_cv_cc_implements___func__="yes" ],
3070 [ ac_cv_cc_implements___func__="no" ]
3071 )
3072])
3073if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3074 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3075fi
3076
9a406e1e 3077AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3078 AC_TRY_LINK(
3079 [#include <stdarg.h>
3080 va_list x,y;],
3081 [va_copy(x,y);],
3082 [ ac_cv_have_va_copy="yes" ],
3083 [ ac_cv_have_va_copy="no" ]
3084 )
3085])
3086if test "x$ac_cv_have_va_copy" = "xyes" ; then
3087 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3088fi
3089
3090AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3091 AC_TRY_LINK(
3092 [#include <stdarg.h>
3093 va_list x,y;],
3094 [__va_copy(x,y);],
3095 [ ac_cv_have___va_copy="yes" ],
3096 [ ac_cv_have___va_copy="no" ]
3097 )
3098])
3099if test "x$ac_cv_have___va_copy" = "xyes" ; then
3100 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3101fi
3102
1812a662 3103AC_CACHE_CHECK([whether getopt has optreset support],
3104 ac_cv_have_getopt_optreset, [
3105 AC_TRY_LINK(
3106 [
3107#include <getopt.h>
3108 ],
3109 [ extern int optreset; optreset = 0; ],
3110 [ ac_cv_have_getopt_optreset="yes" ],
3111 [ ac_cv_have_getopt_optreset="no" ]
3112 )
3113])
3114if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3115 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3116 [Define if your getopt(3) defines and uses optreset])
1812a662 3117fi
a0391976 3118
819b676f 3119AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3120 AC_TRY_LINK([],
3121 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3122 [ ac_cv_libc_defines_sys_errlist="yes" ],
3123 [ ac_cv_libc_defines_sys_errlist="no" ]
3124 )
3125])
3126if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3127 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3128 [Define if your system defines sys_errlist[]])
819b676f 3129fi
3130
3131
416ed5a7 3132AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3133 AC_TRY_LINK([],
3134 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3135 [ ac_cv_libc_defines_sys_nerr="yes" ],
3136 [ ac_cv_libc_defines_sys_nerr="no" ]
3137 )
3138])
3139if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3140 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3141fi
3142
aff51935 3143SCARD_MSG="no"
295c8801 3144# Check whether user wants sectok support
3145AC_ARG_WITH(sectok,
3146 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3147 [
3148 if test "x$withval" != "xno" ; then
3149 if test "x$withval" != "xyes" ; then
3150 CPPFLAGS="$CPPFLAGS -I${withval}"
3151 LDFLAGS="$LDFLAGS -L${withval}"
3152 if test ! -z "$need_dash_r" ; then
3153 LDFLAGS="$LDFLAGS -R${withval}"
3154 fi
3155 if test ! -z "$blibpath" ; then
3156 blibpath="$blibpath:${withval}"
3157 fi
3158 fi
3159 AC_CHECK_HEADERS(sectok.h)
3160 if test "$ac_cv_header_sectok_h" != yes; then
3161 AC_MSG_ERROR(Can't find sectok.h)
3162 fi
3163 AC_CHECK_LIB(sectok, sectok_open)
3164 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3165 AC_MSG_ERROR(Can't find libsectok)
3166 fi
3466e002 3167 AC_DEFINE(SMARTCARD, 1,
3168 [Define if you want smartcard support])
3169 AC_DEFINE(USE_SECTOK, 1,
3170 [Define if you want smartcard support
3171 using sectok])
aff51935 3172 SCARD_MSG="yes, using sectok"
295c8801 3173 fi
3174 ]
3175)
3176
3177# Check whether user wants OpenSC support
987b458f 3178OPENSC_CONFIG="no"
295c8801 3179AC_ARG_WITH(opensc,
e47fb473 3180 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3181 [
3182 if test "x$withval" != "xno" ; then
3183 if test "x$withval" != "xyes" ; then
3184 OPENSC_CONFIG=$withval/bin/opensc-config
3185 else
3186 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3187 fi
3188 if test "$OPENSC_CONFIG" != "no"; then
3189 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3190 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3191 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3192 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3193 AC_DEFINE(SMARTCARD)
3466e002 3194 AC_DEFINE(USE_OPENSC, 1,
3195 [Define if you want smartcard support
3196 using OpenSC])
987b458f 3197 SCARD_MSG="yes, using OpenSC"
3198 fi
3199 fi
3200 ]
3201)
d0b19c95 3202
c31dc31c 3203# Check libraries needed by DNS fingerprint support
aff51935 3204AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3205 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3206 [Define if getrrsetbyname() exists])],
3e05e934 3207 [
c31dc31c 3208 # Needed by our getrrsetbyname()
3209 AC_SEARCH_LIBS(res_query, resolv)
3210 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3211 AC_MSG_CHECKING(if res_query will link)
3212 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3213 [AC_MSG_RESULT(no)
3214 saved_LIBS="$LIBS"
3215 LIBS="$LIBS -lresolv"
3216 AC_MSG_CHECKING(for res_query in -lresolv)
3217 AC_LINK_IFELSE([
3218#include <resolv.h>
3219int main()
3220{
3221 res_query (0, 0, 0, 0, 0);
3222 return 0;
3223}
3224 ],
3225 [LIBS="$LIBS -lresolv"
3226 AC_MSG_RESULT(yes)],
3227 [LIBS="$saved_LIBS"
3228 AC_MSG_RESULT(no)])
3229 ])
c31dc31c 3230 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3231 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3232 [#include <sys/types.h>
3233 #include <arpa/nameser.h>])
c31dc31c 3234 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3235 [AC_DEFINE(HAVE_HEADER_AD, 1,
3236 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3237 [#include <arpa/nameser.h>])
3238 ])
3e05e934 3239
560acf80 3240AC_MSG_CHECKING(if struct __res_state _res is an extern)
3241AC_LINK_IFELSE([
3242#include <stdio.h>
3243#if HAVE_SYS_TYPES_H
3244# include <sys/types.h>
3245#endif
3246#include <netinet/in.h>
3247#include <arpa/nameser.h>
3248#include <resolv.h>
3249extern struct __res_state _res;
3250int main() { return 0; }
3251 ],
3252 [AC_MSG_RESULT(yes)
3253 AC_DEFINE(HAVE__RES_EXTERN, 1,
3254 [Define if you have struct __res_state _res as an extern])
3255 ],
3256 [ AC_MSG_RESULT(no) ]
3257)
3258
ef4d1846 3259# Check whether user wants SELinux support
3260SELINUX_MSG="no"
3261LIBSELINUX=""
3262AC_ARG_WITH(selinux,
bb23b54f 3263 [ --with-selinux Enable SELinux support],
ef4d1846 3264 [ if test "x$withval" != "xno" ; then
e54defb4 3265 save_LIBS="$LIBS"
ef4d1846 3266 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3267 SELINUX_MSG="yes"
3268 AC_CHECK_HEADER([selinux/selinux.h], ,
3269 AC_MSG_ERROR(SELinux support requires selinux.h header))
3270 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3271 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3272 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3273 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3274 LIBS="$save_LIBS"
ef4d1846 3275 fi ]
3276)
ef4d1846 3277
12928e80 3278# Check whether user wants Kerberos 5 support
aff51935 3279KRB5_MSG="no"
12928e80 3280AC_ARG_WITH(kerberos5,
aff51935 3281 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3282 [ if test "x$withval" != "xno" ; then
3283 if test "x$withval" = "xyes" ; then
3284 KRB5ROOT="/usr/local"
3285 else
3286 KRB5ROOT=${withval}
3287 fi
3288
3466e002 3289 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3290 KRB5_MSG="yes"
3291
3292 AC_MSG_CHECKING(for krb5-config)
3293 if test -x $KRB5ROOT/bin/krb5-config ; then
3294 KRB5CONF=$KRB5ROOT/bin/krb5-config
3295 AC_MSG_RESULT($KRB5CONF)
3296
3297 AC_MSG_CHECKING(for gssapi support)
3298 if $KRB5CONF | grep gssapi >/dev/null ; then
3299 AC_MSG_RESULT(yes)
3466e002 3300 AC_DEFINE(GSSAPI, 1,
3301 [Define this if you want GSSAPI
3302 support in the version 2 protocol])
071970fb 3303 k5confopts=gssapi
aff51935 3304 else
5585c441 3305 AC_MSG_RESULT(no)
071970fb 3306 k5confopts=""
aff51935 3307 fi
071970fb 3308 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3309 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3310 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3311 AC_MSG_CHECKING(whether we are using Heimdal)
3312 AC_TRY_COMPILE([ #include <krb5.h> ],
3313 [ char *tmp = heimdal_version; ],
3314 [ AC_MSG_RESULT(yes)
3466e002 3315 AC_DEFINE(HEIMDAL, 1,
3316 [Define this if you are using the
3317 Heimdal version of Kerberos V5]) ],
5585c441 3318 AC_MSG_RESULT(no)
3319 )
3320 else
3321 AC_MSG_RESULT(no)
12928e80 3322 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3323 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3324 AC_MSG_CHECKING(whether we are using Heimdal)
3325 AC_TRY_COMPILE([ #include <krb5.h> ],
3326 [ char *tmp = heimdal_version; ],
3327 [ AC_MSG_RESULT(yes)
3328 AC_DEFINE(HEIMDAL)
41707f74 3329 K5LIBS="-lkrb5 -ldes"
3330 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3331 AC_CHECK_LIB(roken, net_write,
41707f74 3332 [K5LIBS="$K5LIBS -lroken"])
aff51935 3333 ],
3334 [ AC_MSG_RESULT(no)
3335 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3336 ]
3337 )
4e00038c 3338 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3339
749560dd 3340 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3341 [ AC_DEFINE(GSSAPI)
3342 K5LIBS="-lgssapi $K5LIBS" ],
3343 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3344 [ AC_DEFINE(GSSAPI)
aff51935 3345 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3346 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3347 $K5LIBS)
3348 ],
3349 $K5LIBS)
82f4e93d 3350
749560dd 3351 AC_CHECK_HEADER(gssapi.h, ,
3352 [ unset ac_cv_header_gssapi_h
aff51935 3353 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3354 AC_CHECK_HEADERS(gssapi.h, ,
3355 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3356 )
749560dd 3357 ]
3358 )
3359
3360 oldCPP="$CPPFLAGS"
3361 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3362 AC_CHECK_HEADER(gssapi_krb5.h, ,
3363 [ CPPFLAGS="$oldCPP" ])
3364
aff51935 3365 fi
5585c441 3366 if test ! -z "$need_dash_r" ; then
3367 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3368 fi
3369 if test ! -z "$blibpath" ; then
3370 blibpath="$blibpath:${KRB5ROOT}/lib"
3371 fi
071970fb 3372
f5555364 3373 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3374 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3375 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3376
f5555364 3377 LIBS="$LIBS $K5LIBS"
3466e002 3378 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3379 [Define this if you want to use libkafs' AFS support]))
f5555364 3380 fi
071970fb 3381 ]
12928e80 3382)
b5b68128 3383
a0391976 3384# Looking for programs, paths and files
a0391976 3385
ecac8ee5 3386PRIVSEP_PATH=/var/empty
3387AC_ARG_WITH(privsep-path,
cda1ebcb 3388 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3389 [
6cf0200f 3390 if test -n "$withval" && test "x$withval" != "xno" && \
3391 test "x${withval}" != "xyes"; then
ecac8ee5 3392 PRIVSEP_PATH=$withval
3393 fi
3394 ]
3395)
3396AC_SUBST(PRIVSEP_PATH)
3397
a0391976 3398AC_ARG_WITH(xauth,
3399 [ --with-xauth=PATH Specify path to xauth program ],
3400 [
6cf0200f 3401 if test -n "$withval" && test "x$withval" != "xno" && \
3402 test "x${withval}" != "xyes"; then
cbd7492e 3403 xauth_path=$withval
a0391976 3404 fi
3405 ],
3406 [
2bf42e4a 3407 TestPath="$PATH"
3408 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3409 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3410 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3411 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3412 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3413 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3414 xauth_path="/usr/openwin/bin/xauth"
3415 fi
3416 ]
3417)
3418
65a4b4af 3419STRIP_OPT=-s
3420AC_ARG_ENABLE(strip,
3421 [ --disable-strip Disable calling strip(1) on install],
3422 [
3423 if test "x$enableval" = "xno" ; then
3424 STRIP_OPT=
3425 fi
3426 ]
3427)
3428AC_SUBST(STRIP_OPT)
3429
b3ec54b4 3430if test -z "$xauth_path" ; then
3431 XAUTH_PATH="undefined"
3432 AC_SUBST(XAUTH_PATH)
3433else
3466e002 3434 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3435 [Define if xauth is found in your path])
b3ec54b4 3436 XAUTH_PATH=$xauth_path
3437 AC_SUBST(XAUTH_PATH)
a0391976 3438fi
a0391976 3439
3440# Check for mail directory (last resort if we cannot get it from headers)
3441if test ! -z "$MAIL" ; then
3442 maildir=`dirname $MAIL`
3466e002 3443 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3444 [Set this to your mail directory if you don't have maillock.h])
a0391976 3445fi
3446
479cece8 3447if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3448 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3449 disable_ptmx_check=yes
3450fi
a0391976 3451if test -z "$no_dev_ptmx" ; then
6e879cb4 3452 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3453 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3454 [
3466e002 3455 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3456 [Define if you have /dev/ptmx])
6e879cb4 3457 have_dev_ptmx=1
3458 ]
3459 )
3460 fi
3276571c 3461fi
1a01a50c 3462
479cece8 3463if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3464 AC_CHECK_FILE("/dev/ptc",
3465 [
3466e002 3466 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3467 [Define if you have /dev/ptc])
1a01a50c 3468 have_dev_ptc=1
3469 ]
3470 )
3471else
3472 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3473fi
3276571c 3474
a0391976 3475# Options from here on. Some of these are preset by platform above
fdf6b7aa 3476AC_ARG_WITH(mantype,
5d97cfbf 3477 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3478 [
5d97cfbf 3479 case "$withval" in
3480 man|cat|doc)
3481 MANTYPE=$withval
3482 ;;
3483 *)
3484 AC_MSG_ERROR(invalid man type: $withval)
3485 ;;
3486 esac
c54a6257 3487 ]
3488)
e0c4d3ac 3489if test -z "$MANTYPE"; then
2bf42e4a 3490 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3491 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3492 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3493 MANTYPE=doc
3494 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3495 MANTYPE=man
3496 else
3497 MANTYPE=cat
3498 fi
3499fi
c54a6257 3500AC_SUBST(MANTYPE)
e0c4d3ac 3501if test "$MANTYPE" = "doc"; then
3502 mansubdir=man;
3503else
3504 mansubdir=$MANTYPE;
3505fi
3506AC_SUBST(mansubdir)
0bc5b6fb 3507
a0391976 3508# Check whether to enable MD5 passwords
aff51935 3509MD5_MSG="no"
2ddcfdf3 3510AC_ARG_WITH(md5-passwords,
caf3bc51 3511 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3512 [
bcf36c78 3513 if test "x$withval" != "xno" ; then
3466e002 3514 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3515 [Define if you want to allow MD5 passwords])
aff51935 3516 MD5_MSG="yes"
0bc5b6fb 3517 fi
3518 ]
caf3bc51 3519)
3520
a0391976 3521# Whether to disable shadow password support
a7effaac 3522AC_ARG_WITH(shadow,
3523 [ --without-shadow Disable shadow password support],
3524 [
82f4e93d 3525 if test "x$withval" = "xno" ; then
a7effaac 3526 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3527 disable_shadow=yes
a7effaac 3528 fi
3529 ]
3530)
3531
4cb5ffa0 3532if test -z "$disable_shadow" ; then
3533 AC_MSG_CHECKING([if the systems has expire shadow information])
3534 AC_TRY_COMPILE(
3535 [
3536#include <sys/types.h>
3537#include <shadow.h>
3538 struct spwd sp;
3539 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3540 [ sp_expire_available=yes ], []
3541 )
3542
3543 if test "x$sp_expire_available" = "xyes" ; then
3544 AC_MSG_RESULT(yes)
3466e002 3545 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3546 [Define if you want to use shadow password expire field])
4cb5ffa0 3547 else
3548 AC_MSG_RESULT(no)
3549 fi
3550fi
3551
a0391976 3552# Use ip address instead of hostname in $DISPLAY
44839801 3553if test ! -z "$IPADDR_IN_DISPLAY" ; then
3554 DISPLAY_HACK_MSG="yes"
3466e002 3555 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3556 [Define if you need to use IP address
3557 instead of hostname in $DISPLAY])
44839801 3558else
aff51935 3559 DISPLAY_HACK_MSG="no"
44839801 3560 AC_ARG_WITH(ipaddr-display,
3561 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3562 [
82f4e93d 3563 if test "x$withval" != "xno" ; then
44839801 3564 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3565 DISPLAY_HACK_MSG="yes"
44839801 3566 fi
3567 ]
3568 )
3569fi
a7effaac 3570
95b99395 3571# check for /etc/default/login and use it if present.
daa41e62 3572AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3573 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3574 [ if test "x$enableval" = "xno"; then
3575 AC_MSG_NOTICE([/etc/default/login handling disabled])
3576 etc_default_login=no
3577 else
3578 etc_default_login=yes
3579 fi ],
b0e7249f 3580 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3581 then
3582 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3583 etc_default_login=no
3584 else
3585 etc_default_login=yes
3586 fi ]
694d0cef 3587)
95b99395 3588
694d0cef 3589if test "x$etc_default_login" != "xno"; then
3590 AC_CHECK_FILE("/etc/default/login",
3591 [ external_path_file=/etc/default/login ])
b0e7249f 3592 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3593 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3594 [Define if your system has /etc/default/login])
1a01a50c 3595 fi
694d0cef 3596fi
95b99395 3597
8d184c09 3598dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3599if test $ac_cv_func_login_getcapbool = "yes" && \
3600 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3601 external_path_file=/etc/login.conf
8d184c09 3602fi
95b99395 3603
a0391976 3604# Whether to mess with the default path
aff51935 3605SERVER_PATH_MSG="(default)"
c43d69a9 3606AC_ARG_WITH(default-path,
75817f90 3607 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3608 [
95b99395 3609 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3610 AC_MSG_WARN([
3611--with-default-path=PATH has no effect on this system.
3612Edit /etc/login.conf instead.])
82f4e93d 3613 elif test "x$withval" != "xno" ; then
89bbd457 3614 if test ! -z "$external_path_file" ; then
95b99395 3615 AC_MSG_WARN([
3616--with-default-path=PATH will only be used if PATH is not defined in
3617$external_path_file .])
3618 fi
b2d818e6 3619 user_path="$withval"
aff51935 3620 SERVER_PATH_MSG="$withval"
cb807f40 3621 fi
b2d818e6 3622 ],
95b99395 3623 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3624 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3625 else
89bbd457 3626 if test ! -z "$external_path_file" ; then
95b99395 3627 AC_MSG_WARN([
3628If PATH is defined in $external_path_file, ensure the path to scp is included,
3629otherwise scp will not work.])
3630 fi
b0e7249f 3631 AC_RUN_IFELSE(
3632 [AC_LANG_SOURCE([[
b2d818e6 3633/* find out what STDPATH is */
3634#include <stdio.h>
b2d818e6 3635#ifdef HAVE_PATHS_H
3636# include <paths.h>
3637#endif
3638#ifndef _PATH_STDPATH
d9a4e55b 3639# ifdef _PATH_USERPATH /* Irix */
3640# define _PATH_STDPATH _PATH_USERPATH
3641# else
3642# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3643# endif
b2d818e6 3644#endif
3645#include <sys/types.h>
3646#include <sys/stat.h>
3647#include <fcntl.h>
3648#define DATA "conftest.stdpath"
3649
3650main()
3651{
3652 FILE *fd;
3653 int rc;
82f4e93d 3654
b2d818e6 3655 fd = fopen(DATA,"w");
3656 if(fd == NULL)
3657 exit(1);
82f4e93d 3658
b2d818e6 3659 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3660 exit(1);
3661
3662 exit(0);
3663}
b0e7249f 3664 ]])],
3665 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3666 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3667 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3668 )
3669# make sure $bindir is in USER_PATH so scp will work
3670 t_bindir=`eval echo ${bindir}`
3671 case $t_bindir in
3672 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3673 esac
3674 case $t_bindir in
3675 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3676 esac
3677 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3678 if test $? -ne 0 ; then
3679 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3680 if test $? -ne 0 ; then
3681 user_path=$user_path:$t_bindir
3682 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3683 fi
3684 fi
8d184c09 3685 fi ]
cb807f40 3686)
95b99395 3687if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3688 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3689 AC_SUBST(user_path)
3690fi
cb807f40 3691
06617857 3692# Set superuser path separately to user path
06617857 3693AC_ARG_WITH(superuser-path,
3694 [ --with-superuser-path= Specify different path for super-user],
3695 [
6cf0200f 3696 if test -n "$withval" && test "x$withval" != "xno" && \
3697 test "x${withval}" != "xyes"; then
3466e002 3698 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3699 [Define if you want a different $PATH
3700 for the superuser])
06617857 3701 superuser_path=$withval
3702 fi
3703 ]
3704)
3705
3706
58d100bf 3707AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3708IPV4_IN6_HACK_MSG="no"
80faa19f 3709AC_ARG_WITH(4in6,
3710 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3711 [
3712 if test "x$withval" != "xno" ; then
3713 AC_MSG_RESULT(yes)
3466e002 3714 AC_DEFINE(IPV4_IN_IPV6, 1,
3715 [Detect IPv4 in IPv6 mapped addresses
3716 and treat as IPv4])
aff51935 3717 IPV4_IN6_HACK_MSG="yes"
80faa19f 3718 else
3719 AC_MSG_RESULT(no)
3720 fi
3721 ],[
3722 if test "x$inet6_default_4in6" = "xyes"; then
3723 AC_MSG_RESULT([yes (default)])
3724 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3725 IPV4_IN6_HACK_MSG="yes"
80faa19f 3726 else
3727 AC_MSG_RESULT([no (default)])
3728 fi
3729 ]
3730)
3731
af774732 3732# Whether to enable BSD auth support
f1b0ecc3 3733BSD_AUTH_MSG=no
af774732 3734AC_ARG_WITH(bsd-auth,
3735 [ --with-bsd-auth Enable BSD auth support],
3736 [
82f4e93d 3737 if test "x$withval" != "xno" ; then
3466e002 3738 AC_DEFINE(BSD_AUTH, 1,
3739 [Define if you have BSD auth support])
f1b0ecc3 3740 BSD_AUTH_MSG=yes
af774732 3741 fi
3742 ]
3743)
3744
a0391976 3745# Where to place sshd.pid
19d9ac2a 3746piddir=/var/run
81dadca3 3747# make sure the directory exists
82f4e93d 3748if test ! -d $piddir ; then
81dadca3 3749 piddir=`eval echo ${sysconfdir}`
3750 case $piddir in
aff51935 3751 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3752 esac
3753fi
3754
47e45e44 3755AC_ARG_WITH(pid-dir,
3756 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3757 [
6cf0200f 3758 if test -n "$withval" && test "x$withval" != "xno" && \
3759 test "x${withval}" != "xyes"; then
19d9ac2a 3760 piddir=$withval
82f4e93d 3761 if test ! -d $piddir ; then
81dadca3 3762 AC_MSG_WARN([** no $piddir directory on this system **])
3763 fi
47e45e44 3764 fi
3765 ]
3766)
b7a87eea 3767
3466e002 3768AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3769AC_SUBST(piddir)
47e45e44 3770
1d7b9b20 3771dnl allow user to disable some login recording features
3772AC_ARG_ENABLE(lastlog,
bfd550a2 3773 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3774 [
3775 if test "x$enableval" = "xno" ; then
3776 AC_DEFINE(DISABLE_LASTLOG)
3777 fi
3778 ]
1d7b9b20 3779)
3780AC_ARG_ENABLE(utmp,
bfd550a2 3781 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3782 [
3783 if test "x$enableval" = "xno" ; then
3784 AC_DEFINE(DISABLE_UTMP)
3785 fi
3786 ]
1d7b9b20 3787)
3788AC_ARG_ENABLE(utmpx,
bfd550a2 3789 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3790 [
3791 if test "x$enableval" = "xno" ; then
3466e002 3792 AC_DEFINE(DISABLE_UTMPX, 1,
3793 [Define if you don't want to use utmpx])
ddb154b3 3794 fi
3795 ]
1d7b9b20 3796)
3797AC_ARG_ENABLE(wtmp,
bfd550a2 3798 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3799 [
3800 if test "x$enableval" = "xno" ; then
3801 AC_DEFINE(DISABLE_WTMP)
3802 fi
3803 ]
1d7b9b20 3804)
3805AC_ARG_ENABLE(wtmpx,
bfd550a2 3806 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3807 [
3808 if test "x$enableval" = "xno" ; then
3466e002 3809 AC_DEFINE(DISABLE_WTMPX, 1,
3810 [Define if you don't want to use wtmpx])
ddb154b3 3811 fi
3812 ]
1d7b9b20 3813)
3814AC_ARG_ENABLE(libutil,
bfd550a2 3815 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3816 [
3817 if test "x$enableval" = "xno" ; then
3818 AC_DEFINE(DISABLE_LOGIN)
3819 fi
3820 ]
1d7b9b20 3821)
3822AC_ARG_ENABLE(pututline,
bfd550a2 3823 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3824 [
3825 if test "x$enableval" = "xno" ; then
3466e002 3826 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3827 [Define if you don't want to use pututline()
3828 etc. to write [uw]tmp])
ddb154b3 3829 fi
3830 ]
1d7b9b20 3831)
3832AC_ARG_ENABLE(pututxline,
bfd550a2 3833 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3834 [
3835 if test "x$enableval" = "xno" ; then
3466e002 3836 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3837 [Define if you don't want to use pututxline()
3838 etc. to write [uw]tmpx])
ddb154b3 3839 fi
3840 ]
1d7b9b20 3841)
3842AC_ARG_WITH(lastlog,
bfd550a2 3843 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3844 [
82f4e93d 3845 if test "x$withval" = "xno" ; then
8c89dd2b 3846 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3847 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3848 conf_lastlog_location=$withval
3849 fi
3850 ]
3851)
1d7b9b20 3852
3853dnl lastlog, [uw]tmpx? detection
3854dnl NOTE: set the paths in the platform section to avoid the
3855dnl need for command-line parameters
3856dnl lastlog and [uw]tmp are subject to a file search if all else fails
3857
3858dnl lastlog detection
3859dnl NOTE: the code itself will detect if lastlog is a directory
3860AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3861AC_TRY_COMPILE([
3862#include <sys/types.h>
3863#include <utmp.h>
3864#ifdef HAVE_LASTLOG_H
3865# include <lastlog.h>
3866#endif
d7c0f3d5 3867#ifdef HAVE_PATHS_H
1d7b9b20 3868# include <paths.h>
41cb4569 3869#endif
3870#ifdef HAVE_LOGIN_H
3871# include <login.h>
1d7b9b20 3872#endif
3873 ],
3874 [ char *lastlog = LASTLOG_FILE; ],
3875 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3876 [
3877 AC_MSG_RESULT(no)
3878 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3879 AC_TRY_COMPILE([
3880#include <sys/types.h>
3881#include <utmp.h>
3882#ifdef HAVE_LASTLOG_H
3883# include <lastlog.h>
3884#endif
3885#ifdef HAVE_PATHS_H
3886# include <paths.h>
3887#endif
3888 ],
3889 [ char *lastlog = _PATH_LASTLOG; ],
3890 [ AC_MSG_RESULT(yes) ],
3891 [
f282b668 3892 AC_MSG_RESULT(no)
d7c0f3d5 3893 system_lastlog_path=no
3894 ])
3895 ]
1d7b9b20 3896)
d7c0f3d5 3897
1d7b9b20 3898if test -z "$conf_lastlog_location"; then
3899 if test x"$system_lastlog_path" = x"no" ; then
3900 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3901 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3902 conf_lastlog_location=$f
3903 fi
3904 done
3905 if test -z "$conf_lastlog_location"; then
f8119cef 3906 AC_MSG_WARN([** Cannot find lastlog **])
3907 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3908 fi
3909 fi
3910fi
3911
3912if test -n "$conf_lastlog_location"; then
3466e002 3913 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3914 [Define if you want to specify the path to your lastlog file])
82f4e93d 3915fi
1d7b9b20 3916
3917dnl utmp detection
3918AC_MSG_CHECKING([if your system defines UTMP_FILE])
3919AC_TRY_COMPILE([
3920#include <sys/types.h>
3921#include <utmp.h>
d7c0f3d5 3922#ifdef HAVE_PATHS_H
1d7b9b20 3923# include <paths.h>
3924#endif
3925 ],
3926 [ char *utmp = UTMP_FILE; ],
3927 [ AC_MSG_RESULT(yes) ],
3928 [ AC_MSG_RESULT(no)
3929 system_utmp_path=no ]
3930)
3931if test -z "$conf_utmp_location"; then
3932 if test x"$system_utmp_path" = x"no" ; then
3933 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3934 if test -f $f ; then
3935 conf_utmp_location=$f
3936 fi
3937 done
3938 if test -z "$conf_utmp_location"; then
3939 AC_DEFINE(DISABLE_UTMP)
3940 fi
3941 fi
3942fi
3943if test -n "$conf_utmp_location"; then
3466e002 3944 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3945 [Define if you want to specify the path to your utmp file])
82f4e93d 3946fi
1d7b9b20 3947
3948dnl wtmp detection
3949AC_MSG_CHECKING([if your system defines WTMP_FILE])
3950AC_TRY_COMPILE([
3951#include <sys/types.h>
3952#include <utmp.h>
d7c0f3d5 3953#ifdef HAVE_PATHS_H
1d7b9b20 3954# include <paths.h>
3955#endif
3956 ],
3957 [ char *wtmp = WTMP_FILE; ],
3958 [ AC_MSG_RESULT(yes) ],
3959 [ AC_MSG_RESULT(no)
3960 system_wtmp_path=no ]
3961)
3962if test -z "$conf_wtmp_location"; then
3963 if test x"$system_wtmp_path" = x"no" ; then
3964 for f in /usr/adm/wtmp /var/log/wtmp; do
3965 if test -f $f ; then
3966 conf_wtmp_location=$f
3967 fi
3968 done
3969 if test -z "$conf_wtmp_location"; then
3970 AC_DEFINE(DISABLE_WTMP)
3971 fi
3972 fi
3973fi
3974if test -n "$conf_wtmp_location"; then
3466e002 3975 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3976 [Define if you want to specify the path to your wtmp file])
82f4e93d 3977fi
1d7b9b20 3978
3979
3980dnl utmpx detection - I don't know any system so perverse as to require
3981dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3982dnl there, though.
3983AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3984AC_TRY_COMPILE([
3985#include <sys/types.h>
3986#include <utmp.h>
3987#ifdef HAVE_UTMPX_H
3988#include <utmpx.h>
3989#endif
d7c0f3d5 3990#ifdef HAVE_PATHS_H
1d7b9b20 3991# include <paths.h>
3992#endif
3993 ],
3994 [ char *utmpx = UTMPX_FILE; ],
3995 [ AC_MSG_RESULT(yes) ],
3996 [ AC_MSG_RESULT(no)
3997 system_utmpx_path=no ]
3998)
3999if test -z "$conf_utmpx_location"; then
4000 if test x"$system_utmpx_path" = x"no" ; then
4001 AC_DEFINE(DISABLE_UTMPX)
4002 fi
4003else
3466e002 4004 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4005 [Define if you want to specify the path to your utmpx file])
82f4e93d 4006fi
1d7b9b20 4007
4008dnl wtmpx detection
4009AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4010AC_TRY_COMPILE([
4011#include <sys/types.h>
4012#include <utmp.h>
4013#ifdef HAVE_UTMPX_H
4014#include <utmpx.h>
4015#endif
d7c0f3d5 4016#ifdef HAVE_PATHS_H
1d7b9b20 4017# include <paths.h>
4018#endif
4019 ],
4020 [ char *wtmpx = WTMPX_FILE; ],
4021 [ AC_MSG_RESULT(yes) ],
4022 [ AC_MSG_RESULT(no)
4023 system_wtmpx_path=no ]
4024)
4025if test -z "$conf_wtmpx_location"; then
4026 if test x"$system_wtmpx_path" = x"no" ; then
4027 AC_DEFINE(DISABLE_WTMPX)
4028 fi
4029else
3466e002 4030 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4031 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4032fi
1d7b9b20 4033
b7a87eea 4034
bd499f9e 4035if test ! -z "$blibpath" ; then
68ece370 4036 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4037 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4038fi
4039
ed89c848 4040dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4041dnl Add now.
4042CFLAGS="$CFLAGS $werror_flags"
4043
3c62e7eb 4044AC_EXEEXT
29eadd7c 4045AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4046 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4047 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4048AC_OUTPUT
d3083fbd 4049
cbd7492e 4050# Print summary of options
4051
cbd7492e 4052# Someone please show me a better way :)
4053A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4054B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4055C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4056D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4057E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4058F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4059G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4060H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4061I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4062J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4063
4064echo ""
26de7942 4065echo "OpenSSH has been configured with the following options:"
ecac8ee5 4066echo " User binaries: $B"
4067echo " System binaries: $C"
4068echo " Configuration files: $D"
4069echo " Askpass program: $E"
4070echo " Manual pages: $F"
4071echo " PID file: $G"
4072echo " Privilege separation chroot path: $H"
95b99395 4073if test "x$external_path_file" = "x/etc/login.conf" ; then
4074echo " At runtime, sshd will use the path defined in $external_path_file"
4075echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4076else
ecac8ee5 4077echo " sshd default user PATH: $I"
89bbd457 4078 if test ! -z "$external_path_file"; then
95b99395 4079echo " (If PATH is set in $external_path_file it will be used instead. If"
4080echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4081 fi
8d184c09 4082fi
06617857 4083if test ! -z "$superuser_path" ; then
ecac8ee5 4084echo " sshd superuser user PATH: $J"
4085fi
4086echo " Manpage format: $MANTYPE"
3e05e934 4087echo " PAM support: $PAM_MSG"
5b84789f 4088echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4089echo " KerberosV support: $KRB5_MSG"
ef4d1846 4090echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4091echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4092echo " S/KEY support: $SKEY_MSG"
4093echo " TCP Wrappers support: $TCPW_MSG"
4094echo " MD5 password support: $MD5_MSG"
59031773 4095echo " libedit support: $LIBEDIT_MSG"
5b84789f 4096echo " Solaris process contract support: $SPC_MSG"
3deb1408 4097echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4098echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4099echo " BSD Auth support: $BSD_AUTH_MSG"
4100echo " Random number source: $RAND_MSG"
f1b0ecc3 4101if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4102echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4103fi
4104
cbd7492e 4105echo ""
4106
0c2fb82f 4107echo " Host: ${host}"
4108echo " Compiler: ${CC}"
4109echo " Compiler flags: ${CFLAGS}"
4110echo "Preprocessor flags: ${CPPFLAGS}"
4111echo " Linker flags: ${LDFLAGS}"
e54defb4 4112echo " Libraries: ${LIBS}"
4113if test ! -z "${SSHDLIBS}"; then
4114echo " +for sshd: ${SSHDLIBS}"
4115fi
cbd7492e 4116
4117echo ""
4118
9cefe228 4119if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4120 echo "SVR4 style packages are supported with \"make package\""
4121 echo ""
9cefe228 4122fi
4123
adeebd37 4124if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4125 echo "PAM is enabled. You may need to install a PAM control file "
4126 echo "for sshd, otherwise password authentication may fail. "
aff51935 4127 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4128 echo "subdirectory"
adeebd37 4129 echo ""
4130fi
4131
f1b0ecc3 4132if test ! -z "$RAND_HELPER_CMDHASH" ; then
4133 echo "WARNING: you are using the builtin random number collection "
4134 echo "service. Please read WARNING.RNG and request that your OS "
4135 echo "vendor includes kernel-based random number collection in "
4136 echo "future versions of your OS."
2c523de9 4137 echo ""
4138fi
af774732 4139
2f6f9cff 4140if test ! -z "$NO_PEERCHECK" ; then
1961d660 4141 echo "WARNING: the operating system that you are using does not"
4142 echo "appear to support getpeereid(), getpeerucred() or the"
4143 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4144 echo "enforce security checks to prevent unauthorised connections to"
4145 echo "ssh-agent. Their absence increases the risk that a malicious"
4146 echo "user can connect to your agent."
2f6f9cff 4147 echo ""
4148fi
4149
7b578f7d 4150if test "$AUDIT_MODULE" = "bsm" ; then
4151 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4152 echo "See the Solaris section in README.platform for details."
4153fi
git-cvsimport mirror of OpenSSH
This page took 1.163472 seconds and 5 git commands to generate.