]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc.
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 110 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
b55b0285 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
caa21240 127 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 128 # and/or platforms, so we test if we can. If it's not supported
129 # on a give platform gcc will emit a warning so we use -Werror.
caa21240 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
23c5c479 132 AC_MSG_CHECKING(if $CC supports $t)
caa21240 133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
23c5c479 135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
139#include <stdlib.h>
140int main(void){return 0;}
141 ])],
caa21240 142 [ AC_MSG_RESULT(yes)
23c5c479 143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
caa21240 145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
148#include <stdlib.h>
149int main(void){exit(0);}
150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
23c5c479 156 )
caa21240 157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
eb5a7224 164
dfafb2e1 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
d423d822 176fi
177
0b9fdeb8 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
e6354014 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
82f4e93d 185 if test "x$withval" = "xno" ; then
e6354014 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
aa56f760 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
6d39a5c4 265 poll.h \
aa56f760 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
4538e135 282 sys/mount.h \
aa56f760 283 sys/ndir.h \
8aa5db7d 284 sys/poll.h \
aa56f760 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
4538e135 292 sys/statvfs.h \
aa56f760 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
40701614 300 ucred.h \
aa56f760 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
5b84789f 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
a0391976 333# Check for some target-specific stuff
a7effaac 334case "$host" in
9d6b1b96 335*-*-aix*)
25a2779b 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
aff51935 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 358 if (test -z "$blibpath"); then
0a15d73b 359 blibpath="/usr/lib:/lib"
68ece370 360 fi
361 saved_LDFLAGS="$LDFLAGS"
e7479666 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
68ece370 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
bd499f9e 378 fi
68ece370 379 LDFLAGS="$saved_LDFLAGS"
e351e493 380 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
0764e748 383 [AC_CHECK_LIB(s,authenticate,
e351e493 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 385 LIBS="$LIBS -ls"
386 ])
387 ])
ba603e06 388 dnl Check for various auth function declarations in headers.
c85ed8e2 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 392 AC_CHECK_DECLS(loginfailed,
e351e493 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
f58c0e01 395 [#include <usersec.h>],
e351e493 396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
3466e002 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 401 [AC_MSG_RESULT(no)]
e351e493 402 )],
403 [],
404 [#include <usersec.h>]
405 )
533a78f0 406 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 407 AC_CHECK_DECL(F_CLOSEM,
795e7517 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
5ccf88cb 413 check_for_aix_broken_getaddrinfo=1
3466e002 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 419 dnl AIX handles lastlog as part of its login message
3466e002 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
961c2997 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 429 ;;
3c62e7eb 430*-*-cygwin*)
a52997bd 431 check_for_libcrypt_later=1
04765d02 432 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
437 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
438 [Define if your system choked on IP TOS setting])
439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
440 [Define if X11 doesn't support AF_UNIX sockets on that system])
441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
442 [Define if the concept of ports only accessible to
443 superusers isn't known])
444 AC_DEFINE(DISABLE_FD_PASSING, 1,
445 [Define if your platform needs to skip post auth
446 file descriptor passing])
3c62e7eb 447 ;;
d6fdb079 448*-*-dgux*)
449 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 450 AC_DEFINE(SETEUID_BREAKS_SETUID)
451 AC_DEFINE(BROKEN_SETREUID)
452 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 453 ;;
39c98ef7 454*-*-darwin*)
33e2e066 455 AC_MSG_CHECKING(if we have working getaddrinfo)
456 AC_TRY_RUN([#include <mach-o/dyld.h>
457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
458 exit(0);
459 else
460 exit(1);
461}], [AC_MSG_RESULT(working)],
462 [AC_MSG_RESULT(buggy)
3466e002 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 464 [AC_MSG_RESULT(assume it is working)])
635e0c42 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
470 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
473 [Use tunnel device compatibility to OpenBSD])
474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
475 [Prepend the address family to IP tunnel traffic])
a74e9b64 476 m4_pattern_allow(AU_IPv)
477 AC_CHECK_DECL(AU_IPv4, [],
478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
479 [#include <bsm/audit.h>]
480 )
39c98ef7 481 ;;
36f36ba3 482*-*-dragonfly*)
483 SSHDLIBS="$SSHDLIBS -lcrypt"
484 ;;
7d458c86 485*-*-hpux*)
486 # first we define all of the options common to all HP-UX releases
b8fea62d 487 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 488 IPADDR_IN_DISPLAY=yes
2b10f47a 489 AC_DEFINE(USE_PIPES)
3466e002 490 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
491 [Define if your login program cannot handle end of options ("--")])
a2572aa7 492 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 493 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
494 [String used in /etc/passwd to denote locked account])
3a2b2b44 495 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 496 MAIL="/var/mail/username"
f75ca46d 497 LIBS="$LIBS -lsec"
7d458c86 498 AC_CHECK_LIB(xnet, t_error, ,
499 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
500
501 # next, we define all of the options specific to major releases
502 case "$host" in
503 *-*-hpux10*)
504 if test -z "$GCC"; then
505 CFLAGS="$CFLAGS -Ae"
506 fi
507 ;;
508 *-*-hpux11*)
3466e002 509 AC_DEFINE(PAM_SUN_CODEBASE, 1,
510 [Define if you are using Solaris-derived PAM which
511 passes pam_messages to the conversation function
512 with an extra level of indirection])
513 AC_DEFINE(DISABLE_UTMP, 1,
514 [Define if you don't want to use utmp])
7d458c86 515 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
516 check_for_hpux_broken_getaddrinfo=1
517 check_for_conflicting_getspnam=1
518 ;;
519 esac
520
521 # lastly, we define options specific to minor releases
522 case "$host" in
523 *-*-hpux10.26)
3466e002 524 AC_DEFINE(HAVE_SECUREWARE, 1,
525 [Define if you have SecureWare-based
526 protected password database])
7d458c86 527 disable_ptmx_check=yes
528 LIBS="$LIBS -lsecpw"
529 ;;
530 esac
2b763e31 531 ;;
d94aa2ae 532*-*-irix5*)
6ac7829a 533 PATH="$PATH:/usr/etc"
3466e002 534 AC_DEFINE(BROKEN_INET_NTOA, 1,
535 [Define if you system's inet_ntoa is busted
536 (e.g. Irix gcc issue)])
cb433561 537 AC_DEFINE(SETEUID_BREAKS_SETUID)
538 AC_DEFINE(BROKEN_SETREUID)
539 AC_DEFINE(BROKEN_SETREGID)
3466e002 540 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
541 [Define if you shouldn't strip 'tty' from your
542 ttyname in [uw]tmp])
3e6e3da0 543 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 544 ;;
545*-*-irix6*)
6ac7829a 546 PATH="$PATH:/usr/etc"
3466e002 547 AC_DEFINE(WITH_IRIX_ARRAY, 1,
548 [Define if you have/want arrays
549 (cluster-wide session managment, not C arrays)])
550 AC_DEFINE(WITH_IRIX_PROJECT, 1,
551 [Define if you want IRIX project management])
552 AC_DEFINE(WITH_IRIX_AUDIT, 1,
553 [Define if you want IRIX audit trails])
554 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
555 [Define if you want IRIX kernel jobs])])
416ed5a7 556 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 557 AC_DEFINE(SETEUID_BREAKS_SETUID)
558 AC_DEFINE(BROKEN_SETREUID)
559 AC_DEFINE(BROKEN_SETREGID)
3466e002 560 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 561 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 562 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 563 ;;
5cdfe03f 564*-*-linux*)
565 no_dev_ptmx=1
717057b6 566 check_for_libcrypt_later=1
eacb954e 567 check_for_openpty_ctty_bug=1
3466e002 568 AC_DEFINE(PAM_TTY_KLUDGE, 1,
569 [Work around problematic Linux PAM modules handling of PAM_TTY])
570 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
571 [String used in /etc/passwd to denote locked account])
3a2b2b44 572 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 573 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
574 [Define to whatever link() returns for "not supported"
575 if it doesn't return EOPNOTSUPP.])
b6610e8f 576 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 577 AC_DEFINE(USE_BTMP)
80faa19f 578 inet6_default_4in6=yes
bf7c1e6c 579 case `uname -r` in
ad84c479 580 1.*|2.0.*)
3466e002 581 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
582 [Define if cmsg_type is not passed correctly])
bf7c1e6c 583 ;;
bf7c1e6c 584 esac
c40f09ca 585 # tun(4) forwarding compat code
d91775e1 586 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 587 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 588 AC_DEFINE(SSH_TUN_LINUX, 1,
589 [Open tunnel devices the Linux tun/tap way])
590 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
591 [Use tunnel device compatibility to OpenBSD])
592 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
593 [Prepend the address family to IP tunnel traffic])
594 fi
5cdfe03f 595 ;;
66d6c27e 596mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 597 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 598 SONY=1
66d6c27e 599 ;;
d468fc76 600*-*-netbsd*)
33e2e066 601 check_for_libcrypt_before=1
82f4e93d 602 if test "x$withval" != "xno" ; then
e6354014 603 need_dash_r=1
604 fi
0f6cb079 605 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
606 AC_CHECK_HEADER([net/if_tap.h], ,
607 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
608 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
609 [Prepend the address family to IP tunnel traffic])
d468fc76 610 ;;
86b416a7 611*-*-freebsd*)
612 check_for_libcrypt_later=1
988c5031 613 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 614 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
615 AC_CHECK_HEADER([net/if_tap.h], ,
616 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 617 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 618 ;;
8707b7eb 619*-*-bsdi*)
620 AC_DEFINE(SETEUID_BREAKS_SETUID)
621 AC_DEFINE(BROKEN_SETREUID)
622 AC_DEFINE(BROKEN_SETREGID)
623 ;;
729bfe59 624*-next-*)
729bfe59 625 conf_lastlog_location="/usr/adm/lastlog"
698d107e 626 conf_utmp_location=/etc/utmp
627 conf_wtmp_location=/usr/adm/wtmp
628 MAIL=/usr/spool/mail
3466e002 629 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 630 AC_DEFINE(BROKEN_REALPATH)
00937921 631 AC_DEFINE(USE_PIPES)
3466e002 632 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 633 ;;
5b7b5e23 634*-*-openbsd*)
635 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 636 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 637 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 638 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
639 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 640 ;;
9d6b1b96 641*-*-solaris*)
82f4e93d 642 if test "x$withval" != "xno" ; then
010e9d5b 643 need_dash_r=1
644 fi
adeebd37 645 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 646 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 647 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
648 [Some versions of /bin/login need the TERM supplied
649 on the commandline])
7f0a4ff1 650 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 651 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
652 [Define if pam_chauthtok wants real uid set
653 to the unpriv'ed user])
3e6e3da0 654 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 655 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 656 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
657 [Define if sshd somehow reacquires a controlling TTY
658 after setsid()])
795aa5f5 659 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
660 in case the name is longer than 8 chars])
95b99395 661 external_path_file=/etc/default/login
1d7b9b20 662 # hardwire lastlog location (can't detect it on some versions)
663 conf_lastlog_location="/var/adm/lastlog"
32c80420 664 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
665 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
666 if test "$sol2ver" -ge 8; then
667 AC_MSG_RESULT(yes)
668 AC_DEFINE(DISABLE_UTMP)
3466e002 669 AC_DEFINE(DISABLE_WTMP, 1,
670 [Define if you don't want to use wtmp])
32c80420 671 else
672 AC_MSG_RESULT(no)
673 fi
5b84789f 674 AC_ARG_WITH(solaris-contracts,
675 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
676 [
677 AC_CHECK_LIB(contract, ct_tmpl_activate,
678 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
679 [Define if you have Solaris process contracts])
680 SSHDLIBS="$SSHDLIBS -lcontract"
681 AC_SUBST(SSHDLIBS)
682 SPC_MSG="yes" ], )
683 ],
684 )
9d6b1b96 685 ;;
a423beaf 686*-*-sunos4*)
0c2fb82f 687 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 688 AC_CHECK_FUNCS(getpwanam)
adeebd37 689 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 690 conf_utmp_location=/etc/utmp
691 conf_wtmp_location=/var/adm/wtmp
692 conf_lastlog_location=/var/adm/lastlog
137d7b6c 693 AC_DEFINE(USE_PIPES)
a423beaf 694 ;;
6f68f28a 695*-ncr-sysv*)
98a7c37b 696 LIBS="$LIBS -lc89"
29525240 697 AC_DEFINE(USE_PIPES)
eabb99c6 698 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 699 AC_DEFINE(SETEUID_BREAKS_SETUID)
700 AC_DEFINE(BROKEN_SETREUID)
701 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 702 ;;
132dd316 703*-sni-sysv*)
c8c15bcb 704 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 705 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 706 # -lresolv needs to be at the end of LIBS or DNS lookups break
707 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 708 IPADDR_IN_DISPLAY=yes
709 AC_DEFINE(USE_PIPES)
132dd316 710 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 711 AC_DEFINE(SETEUID_BREAKS_SETUID)
712 AC_DEFINE(BROKEN_SETREUID)
713 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 714 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 715 external_path_file=/etc/default/login
c8c15bcb 716 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
717 # Attention: always take care to bind libsocket and libnsl before libc,
718 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 719 ;;
79a7ba96 720# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 721*-*-sysv4.2*)
ed6553e2 722 AC_DEFINE(USE_PIPES)
7ed101c0 723 AC_DEFINE(SETEUID_BREAKS_SETUID)
724 AC_DEFINE(BROKEN_SETREUID)
725 AC_DEFINE(BROKEN_SETREGID)
46f853b9 726 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 727 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 728 ;;
79a7ba96 729# UnixWare 7.x, OpenUNIX 8
77bb0bca 730*-*-sysv5*)
d7d2cc6e 731 check_for_libcrypt_later=1
732 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 733 AC_DEFINE(USE_PIPES)
7ed101c0 734 AC_DEFINE(SETEUID_BREAKS_SETUID)
735 AC_DEFINE(BROKEN_SETREUID)
736 AC_DEFINE(BROKEN_SETREGID)
3466e002 737 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 738 case "$host" in
739 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
740 TEST_SHELL=/u95/bin/sh
3466e002 741 AC_DEFINE(BROKEN_LIBIAF, 1,
742 [ia_uinfo routines not supported by OS yet])
5cc6ddad 743 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 744 ;;
e45da4d6 745 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
746 ;;
822015dd 747 esac
77bb0bca 748 ;;
9d6b1b96 749*-*-sysv*)
9d6b1b96 750 ;;
79a7ba96 751# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 752*-*-sco3.2v4*)
11cf4f1f 753 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 754 ;;
79a7ba96 755# SCO OpenServer 5.x
77bb0bca 756*-*-sco3.2v5*)
21710e39 757 if test -z "$GCC"; then
758 CFLAGS="$CFLAGS -belf"
759 fi
ed6553e2 760 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 761 no_dev_ptmx=1
ed6553e2 762 AC_DEFINE(USE_PIPES)
6e879cb4 763 AC_DEFINE(HAVE_SECUREWARE)
d287c664 764 AC_DEFINE(DISABLE_SHADOW)
94d8258b 765 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 766 AC_DEFINE(SETEUID_BREAKS_SETUID)
767 AC_DEFINE(BROKEN_SETREUID)
768 AC_DEFINE(BROKEN_SETREGID)
bcebad47 769 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 770 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 771 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 772 AC_CHECK_FUNCS(getluid setluid)
533875af 773 MANTYPE=man
a3245b92 774 TEST_SHELL=ksh
509b1f88 775 ;;
ccbb983c 776*-*-unicosmk*)
3466e002 777 AC_DEFINE(NO_SSH_LASTLOG, 1,
778 [Define if you don't want to use lastlog in session.c])
c1ad5966 779 AC_DEFINE(SETEUID_BREAKS_SETUID)
780 AC_DEFINE(BROKEN_SETREUID)
781 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 782 AC_DEFINE(USE_PIPES)
783 AC_DEFINE(DISABLE_FD_PASSING)
784 LDFLAGS="$LDFLAGS"
785 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
786 MANTYPE=cat
d262b7f2 787 ;;
7b9a8c6e 788*-*-unicosmp*)
c1ad5966 789 AC_DEFINE(SETEUID_BREAKS_SETUID)
790 AC_DEFINE(BROKEN_SETREUID)
791 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 792 AC_DEFINE(WITH_ABBREV_NO_TTY)
793 AC_DEFINE(USE_PIPES)
794 AC_DEFINE(DISABLE_FD_PASSING)
795 LDFLAGS="$LDFLAGS"
c1ad5966 796 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 797 MANTYPE=cat
798 ;;
ca5c7d6a 799*-*-unicos*)
c1ad5966 800 AC_DEFINE(SETEUID_BREAKS_SETUID)
801 AC_DEFINE(BROKEN_SETREUID)
802 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 803 AC_DEFINE(USE_PIPES)
94d8258b 804 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 805 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 806 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
807 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
808 MANTYPE=cat
a704dd54 809 ;;
4d33e531 810*-dec-osf*)
99c8ddac 811 AC_MSG_CHECKING(for Digital Unix SIA)
812 no_osfsia=""
813 AC_ARG_WITH(osfsia,
814 [ --with-osfsia Enable Digital Unix SIA],
815 [
816 if test "x$withval" = "xno" ; then
817 AC_MSG_RESULT(disabled)
818 no_osfsia=1
819 fi
820 ],
821 )
822 if test -z "$no_osfsia" ; then
4d33e531 823 if test -f /etc/sia/matrix.conf; then
824 AC_MSG_RESULT(yes)
3466e002 825 AC_DEFINE(HAVE_OSF_SIA, 1,
826 [Define if you have Digital Unix Security
827 Integration Architecture])
828 AC_DEFINE(DISABLE_LOGIN, 1,
829 [Define if you don't want to use your
830 system's login() call])
58d0df4e 831 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 832 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 833 SIA_MSG="yes"
4d33e531 834 else
835 AC_MSG_RESULT(no)
3466e002 836 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
837 [String used in /etc/passwd to denote locked account])
4d33e531 838 fi
839 fi
a6e67b60 840 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 841 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 842 AC_DEFINE(BROKEN_SETREUID)
843 AC_DEFINE(BROKEN_SETREGID)
4d33e531 844 ;;
41cb4569 845
9c54c067 846*-*-nto-qnx*)
41cb4569 847 AC_DEFINE(USE_PIPES)
848 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 849 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
850 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
851 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 852 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 853 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 854 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 855 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 856 case "$host" in
857 *-*-nto-qnx6*)
858 AC_DEFINE(DISABLE_FD_PASSING)
859 ;;
860 esac
41cb4569 861 ;;
35fc74ed 862
863*-*-ultrix*)
3466e002 864 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
865 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 866 AC_DEFINE(NEED_SETPGRP)
b5765e1d 867 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
868 ;;
157b6700 869
870*-*-lynxos)
871 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 872 AC_DEFINE(MISSING_HOWMANY)
157b6700 873 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
874 ;;
a7effaac 875esac
876
c5829391 877AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 878AC_RUN_IFELSE(
879 [AC_LANG_SOURCE([
c5829391 880#include <stdio.h>
881int main(){exit(0);}
479cece8 882 ])],
c5829391 883 [ AC_MSG_RESULT(yes) ],
884 [
885 AC_MSG_RESULT(no)
886 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 887 ],
888 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 889)
890
b04a9f8c 891dnl Checks for header files.
a0391976 892# Checks for libraries.
98a7c37b 893AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
894AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 895
446227d6 896dnl IRIX and Solaris 2.5.1 have dirname() in libgen
897AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
898 AC_CHECK_LIB(gen, dirname,[
899 AC_CACHE_CHECK([for broken dirname],
900 ac_cv_have_broken_dirname, [
901 save_LIBS="$LIBS"
902 LIBS="$LIBS -lgen"
b0e7249f 903 AC_RUN_IFELSE(
904 [AC_LANG_SOURCE([[
446227d6 905#include <libgen.h>
906#include <string.h>
907
908int main(int argc, char **argv) {
909 char *s, buf[32];
910
911 strncpy(buf,"/etc", 32);
912 s = dirname(buf);
913 if (!s || strncmp(s, "/", 32) != 0) {
914 exit(1);
915 } else {
916 exit(0);
917 }
918}
b0e7249f 919 ]])],
920 [ ac_cv_have_broken_dirname="no" ],
921 [ ac_cv_have_broken_dirname="yes" ],
446227d6 922 [ ac_cv_have_broken_dirname="no" ],
446227d6 923 )
924 LIBS="$save_LIBS"
925 ])
926 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
927 LIBS="$LIBS -lgen"
928 AC_DEFINE(HAVE_DIRNAME)
929 AC_CHECK_HEADERS(libgen.h)
930 fi
931 ])
932])
933
934AC_CHECK_FUNC(getspnam, ,
935 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 936AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
937 [Define if you have the basename function.]))
446227d6 938
98a7c37b 939dnl zlib is required
940AC_ARG_WITH(zlib,
941 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 942 [ if test "x$withval" = "xno" ; then
943 AC_MSG_ERROR([*** zlib is required ***])
944 elif test "x$withval" != "xyes"; then
98a7c37b 945 if test -d "$withval/lib"; then
946 if test -n "${need_dash_r}"; then
5a162955 947 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 948 else
5a162955 949 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 950 fi
951 else
952 if test -n "${need_dash_r}"; then
5a162955 953 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 954 else
5a162955 955 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 956 fi
957 fi
958 if test -d "$withval/include"; then
5a162955 959 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 960 else
5a162955 961 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 962 fi
6dd05556 963 fi ]
98a7c37b 964)
965
0a15d73b 966AC_CHECK_LIB(z, deflate, ,
967 [
968 saved_CPPFLAGS="$CPPFLAGS"
969 saved_LDFLAGS="$LDFLAGS"
970 save_LIBS="$LIBS"
971 dnl Check default zlib install dir
972 if test -n "${need_dash_r}"; then
973 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
974 else
975 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
976 fi
977 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
978 LIBS="$LIBS -lz"
979 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
980 [
981 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
982 ]
983 )
984 ]
985)
4ad65809 986AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 987
988AC_ARG_WITH(zlib-version-check,
989 [ --without-zlib-version-check Disable zlib version check],
990 [ if test "x$withval" = "xno" ; then
991 zlib_check_nonfatal=1
992 fi
993 ]
994)
995
5c7fc85d 996AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 997AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 998#include <stdio.h>
4ad65809 999#include <zlib.h>
1000int main()
1001{
5c7fc85d 1002 int a=0, b=0, c=0, d=0, n, v;
1003 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1004 if (n != 3 && n != 4)
4ad65809 1005 exit(1);
5c7fc85d 1006 v = a*1000000 + b*10000 + c*100 + d;
1007 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1008
1009 /* 1.1.4 is OK */
1010 if (a == 1 && b == 1 && c >= 4)
4ad65809 1011 exit(0);
5c7fc85d 1012
0072b59d 1013 /* 1.2.3 and up are OK */
1014 if (v >= 1020300)
5c7fc85d 1015 exit(0);
1016
4ad65809 1017 exit(2);
1018}
479cece8 1019 ]])],
5c7fc85d 1020 AC_MSG_RESULT(no),
1021 [ AC_MSG_RESULT(yes)
8068d564 1022 if test -z "$zlib_check_nonfatal" ; then
1023 AC_MSG_ERROR([*** zlib too old - check config.log ***
1024Your reported zlib version has known security problems. It's possible your
1025vendor has fixed these problems without changing the version number. If you
1026are sure this is the case, you can disable the check by running
1027"./configure --without-zlib-version-check".
6090bcfe 1028If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1029See http://www.gzip.org/zlib/ for details.])
8068d564 1030 else
1031 AC_MSG_WARN([zlib version may have security problems])
1032 fi
1a01a50c 1033 ],
1034 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1035)
48e7916f 1036
2c523de9 1037dnl UnixWare 2.x
aff51935 1038AC_CHECK_FUNC(strcasecmp,
2c523de9 1039 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1040)
23361281 1041AC_CHECK_FUNCS(utimes,
cda1ebcb 1042 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1043 LIBS="$LIBS -lc89"]) ]
2c523de9 1044)
4cca272e 1045
7c6d759d 1046dnl Checks for libutil functions
1047AC_CHECK_HEADERS(libutil.h)
3466e002 1048AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1049 [Define if your libraries define login()])])
b3ef88dc 1050AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1051
a738c3b0 1052AC_FUNC_STRFTIME
1053
84ceda19 1054# Check for ALTDIRFUNC glob() extension
1055AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1056AC_EGREP_CPP(FOUNDIT,
1057 [
1058 #include <glob.h>
1059 #ifdef GLOB_ALTDIRFUNC
1060 FOUNDIT
1061 #endif
aff51935 1062 ],
84ceda19 1063 [
3466e002 1064 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1065 [Define if your system glob() function has
1066 the GLOB_ALTDIRFUNC extension])
84ceda19 1067 AC_MSG_RESULT(yes)
1068 ],
1069 [
1070 AC_MSG_RESULT(no)
1071 ]
1072)
4cca272e 1073
40849fdb 1074# Check for g.gl_matchc glob() extension
1075AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1076AC_TRY_COMPILE(
13ff27b7 1077 [ #include <glob.h> ],
1078 [glob_t g; g.gl_matchc = 1;],
aff51935 1079 [
3466e002 1080 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1081 [Define if your system glob() function has
1082 gl_matchc options in glob_t])
aff51935 1083 AC_MSG_RESULT(yes)
1084 ],
1085 [
1086 AC_MSG_RESULT(no)
1087 ]
40849fdb 1088)
1089
78888bab 1090AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1091
edbe6722 1092AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1093AC_RUN_IFELSE(
479cece8 1094 [AC_LANG_SOURCE([[
edbe6722 1095#include <sys/types.h>
1096#include <dirent.h>
aec4cb4f 1097int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1098 ]])],
aff51935 1099 [AC_MSG_RESULT(yes)],
edbe6722 1100 [
1101 AC_MSG_RESULT(no)
3466e002 1102 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1103 [Define if your struct dirent expects you to
3466e002 1104 allocate extra space for d_name])
1a01a50c 1105 ],
82f4e93d 1106 [
1a01a50c 1107 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1108 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1109 ]
1110)
1111
419e26e7 1112AC_MSG_CHECKING([for /proc/pid/fd directory])
1113if test -d "/proc/$$/fd" ; then
3466e002 1114 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1115 AC_MSG_RESULT(yes)
1116else
1117 AC_MSG_RESULT(no)
1118fi
1119
278588d8 1120# Check whether user wants S/Key support
aff51935 1121SKEY_MSG="no"
278588d8 1122AC_ARG_WITH(skey,
6ff3d0dc 1123 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1124 [
1125 if test "x$withval" != "xno" ; then
1126
1127 if test "x$withval" != "xyes" ; then
1128 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1129 LDFLAGS="$LDFLAGS -L${withval}/lib"
1130 fi
1131
3466e002 1132 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1133 LIBS="-lskey $LIBS"
aff51935 1134 SKEY_MSG="yes"
82f4e93d 1135
ddceb1c8 1136 AC_MSG_CHECKING([for s/key support])
b0e7249f 1137 AC_LINK_IFELSE(
1138 [AC_LANG_SOURCE([[
ddceb1c8 1139#include <stdio.h>
1140#include <skey.h>
aec4cb4f 1141int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1142 ]])],
ddceb1c8 1143 [AC_MSG_RESULT(yes)],
278588d8 1144 [
ddceb1c8 1145 AC_MSG_RESULT(no)
278588d8 1146 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1147 ])
141fc639 1148 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1149 AC_TRY_COMPILE(
1150 [#include <stdio.h>
1151 #include <skey.h>],
1152 [(void)skeychallenge(NULL,"name","",0);],
1153 [AC_MSG_RESULT(yes)
3466e002 1154 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1155 [Define if your skeychallenge()
1156 function takes 4 arguments (NetBSD)])],
141fc639 1157 [AC_MSG_RESULT(no)]
1158 )
278588d8 1159 fi
1160 ]
1161)
1162
1163# Check whether user wants TCP wrappers support
98a7c37b 1164TCPW_MSG="no"
278588d8 1165AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1166 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1167 [
1168 if test "x$withval" != "xno" ; then
1169 saved_LIBS="$LIBS"
98a7c37b 1170 saved_LDFLAGS="$LDFLAGS"
1171 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1172 if test -n "${withval}" && \
6cf0200f 1173 test "x${withval}" != "xyes"; then
98a7c37b 1174 if test -d "${withval}/lib"; then
1175 if test -n "${need_dash_r}"; then
5a162955 1176 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1177 else
5a162955 1178 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1179 fi
1180 else
1181 if test -n "${need_dash_r}"; then
5a162955 1182 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1183 else
5a162955 1184 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1185 fi
1186 fi
1187 if test -d "${withval}/include"; then
5a162955 1188 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1189 else
5a162955 1190 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1191 fi
98a7c37b 1192 fi
e54defb4 1193 LIBS="-lwrap $LIBS"
278588d8 1194 AC_MSG_CHECKING(for libwrap)
1195 AC_TRY_LINK(
1196 [
77f09220 1197#include <sys/types.h>
1198#include <sys/socket.h>
1199#include <netinet/in.h>
278588d8 1200#include <tcpd.h>
1201 int deny_severity = 0, allow_severity = 0;
1202 ],
1203 [hosts_access(0);],
1204 [
1205 AC_MSG_RESULT(yes)
3466e002 1206 AC_DEFINE(LIBWRAP, 1,
1207 [Define if you want
1208 TCP Wrappers support])
e54defb4 1209 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1210 TCPW_MSG="yes"
278588d8 1211 ],
1212 [
1213 AC_MSG_ERROR([*** libwrap missing])
1214 ]
1215 )
ddceb1c8 1216 LIBS="$saved_LIBS"
278588d8 1217 fi
1218 ]
1219)
1220
59031773 1221# Check whether user wants libedit support
1222LIBEDIT_MSG="no"
1223AC_ARG_WITH(libedit,
6ff3d0dc 1224 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1225 [ if test "x$withval" != "xno" ; then
737edf04 1226 if test "x$withval" != "xyes"; then
bb116c8e 1227 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1228 if test -n "${need_dash_r}"; then
1229 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1230 else
1231 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1232 fi
737edf04 1233 fi
59031773 1234 AC_CHECK_LIB(edit, el_init,
3466e002 1235 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1236 LIBEDIT="-ledit -lcurses"
1237 LIBEDIT_MSG="yes"
1238 AC_SUBST(LIBEDIT)
1239 ],
737edf04 1240 [ AC_MSG_ERROR(libedit not found) ],
1241 [ -lcurses ]
59031773 1242 )
f47ddccb 1243 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1244 AC_COMPILE_IFELSE(
1245 [AC_LANG_SOURCE([[
1246#include <histedit.h>
f47ddccb 1247int main(void)
1248{
1249 int i = H_SETSIZE;
1250 el_init("", NULL, NULL, NULL);
1251 exit(0);
1252}
d92622f9 1253 ]])],
f47ddccb 1254 [ AC_MSG_RESULT(yes) ],
1255 [ AC_MSG_RESULT(no)
1256 AC_MSG_ERROR(libedit version is not compatible) ]
1257 )
59031773 1258 fi ]
1259)
1260
7b578f7d 1261AUDIT_MODULE=none
1262AC_ARG_WITH(audit,
1263 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1264 [
1265 AC_MSG_CHECKING(for supported audit module)
1266 case "$withval" in
1267 bsm)
1268 AC_MSG_RESULT(bsm)
1269 AUDIT_MODULE=bsm
1270 dnl Checks for headers, libs and functions
1271 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1272 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1273 [
1274#ifdef HAVE_TIME_H
1275# include <time.h>
1276#endif
1277 ]
1278)
7b578f7d 1279 AC_CHECK_LIB(bsm, getaudit, [],
1280 [AC_MSG_ERROR(BSM enabled and required library not found)])
1281 AC_CHECK_FUNCS(getaudit, [],
1282 [AC_MSG_ERROR(BSM enabled and required function not found)])
1283 # These are optional
a74e9b64 1284 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1285 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1286 ;;
1287 debug)
1288 AUDIT_MODULE=debug
1289 AC_MSG_RESULT(debug)
3466e002 1290 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1291 ;;
a2b3321d 1292 no)
d92622f9 1293 AC_MSG_RESULT(no)
a2b3321d 1294 ;;
7b578f7d 1295 *)
1296 AC_MSG_ERROR([Unknown audit module $withval])
1297 ;;
1298 esac ]
1299)
1300
19160674 1301dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1302AC_CHECK_FUNCS( \
1303 arc4random \
185adaf8 1304 arc4random_buf \
1305 arc4random_uniform \
9a406e1e 1306 asprintf \
b04a9f8c 1307 b64_ntop \
1308 __b64_ntop \
1309 b64_pton \
1310 __b64_pton \
1311 bcopy \
1312 bindresvport_sa \
1313 clock \
1314 closefrom \
1315 dirfd \
b04a9f8c 1316 fchmod \
1317 fchown \
1318 freeaddrinfo \
22f5e872 1319 fstatvfs \
b04a9f8c 1320 futimes \
1321 getaddrinfo \
1322 getcwd \
1323 getgrouplist \
1324 getnameinfo \
1325 getopt \
1326 getpeereid \
1961d660 1327 getpeerucred \
b04a9f8c 1328 _getpty \
1329 getrlimit \
1330 getttyent \
1331 glob \
1332 inet_aton \
1333 inet_ntoa \
1334 inet_ntop \
1335 innetgr \
1336 login_getcapbool \
1337 md5_crypt \
1338 memmove \
1339 mkdtemp \
1340 mmap \
1341 ngetaddrinfo \
1342 nsleep \
1343 ogetaddrinfo \
1344 openlog_r \
1345 openpty \
6d39a5c4 1346 poll \
b04a9f8c 1347 prctl \
1348 pstat \
1349 readpassphrase \
1350 realpath \
1351 recvmsg \
1352 rresvport_af \
1353 sendmsg \
1354 setdtablesize \
1355 setegid \
1356 setenv \
1357 seteuid \
1358 setgroups \
1359 setlogin \
1360 setpcred \
1361 setproctitle \
1362 setregid \
1363 setreuid \
1364 setrlimit \
1365 setsid \
1366 setvbuf \
1367 sigaction \
1368 sigvec \
1369 snprintf \
1370 socketpair \
4538e135 1371 statfs \
1372 statvfs \
b04a9f8c 1373 strdup \
1374 strerror \
1375 strlcat \
1376 strlcpy \
1377 strmode \
1378 strnvis \
1379 strtonum \
1e29a0c8 1380 strtoll \
b04a9f8c 1381 strtoul \
1aac2117 1382 swap32 \
b04a9f8c 1383 sysconf \
1384 tcgetpgrp \
1385 truncate \
1386 unsetenv \
1387 updwtmpx \
9a406e1e 1388 vasprintf \
b04a9f8c 1389 vhangup \
1390 vsnprintf \
1391 waitpid \
19160674 1392)
98a7c37b 1393
1a086f97 1394# IRIX has a const char return value for gai_strerror()
1395AC_CHECK_FUNCS(gai_strerror,[
1396 AC_DEFINE(HAVE_GAI_STRERROR)
1397 AC_TRY_COMPILE([
1398#include <sys/types.h>
1399#include <sys/socket.h>
1400#include <netdb.h>
1401
1402const char *gai_strerror(int);],[
1403char *str;
1404
1405str = gai_strerror(0);],[
1406 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1407 [Define if gai_strerror() returns const char *])])])
1408
3466e002 1409AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1410 [Some systems put nanosleep outside of libc]))
92b1decf 1411
309709db 1412dnl Make sure prototypes are defined for these before using them.
309709db 1413AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1414AC_CHECK_DECL(strsep,
1415 [AC_CHECK_FUNCS(strsep)],
1416 [],
1417 [
1418#ifdef HAVE_STRING_H
1419# include <string.h>
1420#endif
1421 ])
08412d26 1422
3490699c 1423dnl tcsendbreak might be a macro
1424AC_CHECK_DECL(tcsendbreak,
1425 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1426 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1427 [#include <termios.h>]
1428)
1429
41e0e158 1430AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1431
71f4c727 1432AC_CHECK_DECLS(SHUT_RD, , ,
1433 [
1434#include <sys/types.h>
1435#include <sys/socket.h>
1436 ])
956d6743 1437
1438AC_CHECK_DECLS(O_NONBLOCK, , ,
1439 [
1440#include <sys/types.h>
1441#ifdef HAVE_SYS_STAT_H
1442# include <sys/stat.h>
1443#endif
1444#ifdef HAVE_FCNTL_H
1445# include <fcntl.h>
1446#endif
1447 ])
1448
752994dd 1449AC_CHECK_DECLS(writev, , , [
1450#include <sys/types.h>
1451#include <sys/uio.h>
1452#include <unistd.h>
1453 ])
1454
0bf6279d 1455AC_CHECK_DECLS(MAXSYMLINKS, , , [
1456#include <sys/param.h>
1457 ])
1458
b41ece30 1459AC_CHECK_DECLS(offsetof, , , [
1460#include <stddef.h>
1461 ])
1462
3f176010 1463AC_CHECK_FUNCS(setresuid, [
1464 dnl Some platorms have setresuid that isn't implemented, test for this
1465 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1466 AC_RUN_IFELSE(
1467 [AC_LANG_SOURCE([[
9a3fe0e2 1468#include <stdlib.h>
1469#include <errno.h>
1470int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1471 ]])],
3f176010 1472 [AC_MSG_RESULT(yes)],
3466e002 1473 [AC_DEFINE(BROKEN_SETRESUID, 1,
1474 [Define if your setresuid() is broken])
1a01a50c 1475 AC_MSG_RESULT(not implemented)],
1476 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1477 )
1478])
9a3fe0e2 1479
3f176010 1480AC_CHECK_FUNCS(setresgid, [
1481 dnl Some platorms have setresgid that isn't implemented, test for this
1482 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1483 AC_RUN_IFELSE(
1484 [AC_LANG_SOURCE([[
9a3fe0e2 1485#include <stdlib.h>
1486#include <errno.h>
1487int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1488 ]])],
3f176010 1489 [AC_MSG_RESULT(yes)],
3466e002 1490 [AC_DEFINE(BROKEN_SETRESGID, 1,
1491 [Define if your setresgid() is broken])
1a01a50c 1492 AC_MSG_RESULT(not implemented)],
1493 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1494 )
1495])
9a3fe0e2 1496
2e73a022 1497dnl Checks for time functions
1d7b9b20 1498AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1499dnl Checks for utmp functions
b03bd394 1500AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1501AC_CHECK_FUNCS(utmpname)
2e73a022 1502dnl Checks for utmpx functions
b03bd394 1503AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1504AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1505
aff51935 1506AC_CHECK_FUNC(daemon,
3466e002 1507 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1508 [AC_CHECK_LIB(bsd, daemon,
1509 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1510)
1511
aff51935 1512AC_CHECK_FUNC(getpagesize,
3466e002 1513 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1514 [Define if your libraries define getpagesize()])],
1515 [AC_CHECK_LIB(ucb, getpagesize,
1516 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1517)
1518
2647ae26 1519# Check for broken snprintf
1520if test "x$ac_cv_func_snprintf" = "xyes" ; then
1521 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1522 AC_RUN_IFELSE(
479cece8 1523 [AC_LANG_SOURCE([[
2647ae26 1524#include <stdio.h>
aec4cb4f 1525int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1526 ]])],
aff51935 1527 [AC_MSG_RESULT(yes)],
2647ae26 1528 [
1529 AC_MSG_RESULT(no)
3466e002 1530 AC_DEFINE(BROKEN_SNPRINTF, 1,
1531 [Define if your snprintf is busted])
2647ae26 1532 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1533 ],
1534 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1535 )
1536fi
1537
9a406e1e 1538# If we don't have a working asprintf, then we strongly depend on vsnprintf
1539# returning the right thing on overflow: the number of characters it tried to
1540# create (as per SUSv3)
1541if test "x$ac_cv_func_asprintf" != "xyes" && \
1542 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1543 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1544 AC_RUN_IFELSE(
1545 [AC_LANG_SOURCE([[
1546#include <sys/types.h>
1547#include <stdio.h>
1548#include <stdarg.h>
1549
1550int x_snprintf(char *str,size_t count,const char *fmt,...)
1551{
1552 size_t ret; va_list ap;
1553 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1554 return ret;
1555}
1556int main(void)
1557{
1558 char x[1];
1559 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1560} ]])],
1561 [AC_MSG_RESULT(yes)],
1562 [
1563 AC_MSG_RESULT(no)
1564 AC_DEFINE(BROKEN_SNPRINTF, 1,
1565 [Define if your snprintf is busted])
1566 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1567 ],
1568 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1569 )
1570fi
1571
31b0732a 1572# On systems where [v]snprintf is broken, but is declared in stdio,
1573# check that the fmt argument is const char * or just char *.
1574# This is only useful for when BROKEN_SNPRINTF
1575AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1576AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1577 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1578 int main(void) { snprintf(0, 0, 0); }
1579 ]])],
1580 [AC_MSG_RESULT(yes)
1581 AC_DEFINE(SNPRINTF_CONST, [const],
1582 [Define as const if snprintf() can declare const char *fmt])],
1583 [AC_MSG_RESULT(no)
1584 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1585
2f6f9cff 1586# Check for missing getpeereid (or equiv) support
1587NO_PEERCHECK=""
1961d660 1588if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1589 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1590 AC_TRY_COMPILE(
1591 [#include <sys/types.h>
1592 #include <sys/socket.h>],
1593 [int i = SO_PEERCRED;],
62eb7db4 1594 [ AC_MSG_RESULT(yes)
3466e002 1595 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1596 ],
2f6f9cff 1597 [AC_MSG_RESULT(no)
1598 NO_PEERCHECK=1]
1599 )
1600fi
1601
70e7d0b0 1602dnl see whether mkstemp() requires XXXXXX
1603if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1604AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1605AC_RUN_IFELSE(
1606 [AC_LANG_SOURCE([[
70e7d0b0 1607#include <stdlib.h>
1608main() { char template[]="conftest.mkstemp-test";
1609if (mkstemp(template) == -1)
1610 exit(1);
1611unlink(template); exit(0);
1612}
b0e7249f 1613 ]])],
70e7d0b0 1614 [
1615 AC_MSG_RESULT(no)
1616 ],
aff51935 1617 [
70e7d0b0 1618 AC_MSG_RESULT(yes)
3466e002 1619 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1620 ],
1621 [
1622 AC_MSG_RESULT(yes)
1623 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1624 ]
70e7d0b0 1625)
1626fi
1627
eacb954e 1628dnl make sure that openpty does not reacquire controlling terminal
1629if test ! -z "$check_for_openpty_ctty_bug"; then
1630 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1631 AC_RUN_IFELSE(
1632 [AC_LANG_SOURCE([[
eacb954e 1633#include <stdio.h>
1634#include <sys/fcntl.h>
1635#include <sys/types.h>
1636#include <sys/wait.h>
1637
1638int
1639main()
1640{
1641 pid_t pid;
1642 int fd, ptyfd, ttyfd, status;
1643
1644 pid = fork();
1645 if (pid < 0) { /* failed */
1646 exit(1);
1647 } else if (pid > 0) { /* parent */
1648 waitpid(pid, &status, 0);
aff51935 1649 if (WIFEXITED(status))
eacb954e 1650 exit(WEXITSTATUS(status));
1651 else
1652 exit(2);
1653 } else { /* child */
1654 close(0); close(1); close(2);
1655 setsid();
1656 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1657 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1658 if (fd >= 0)
1659 exit(3); /* Acquired ctty: broken */
1660 else
1661 exit(0); /* Did not acquire ctty: OK */
1662 }
1663}
b0e7249f 1664 ]])],
eacb954e 1665 [
1666 AC_MSG_RESULT(yes)
1667 ],
1668 [
1669 AC_MSG_RESULT(no)
1670 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1671 ],
1672 [
1673 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1674 ]
1675 )
1676fi
1677
4b492aab 1678if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1679 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1680 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1681 AC_RUN_IFELSE(
1682 [AC_LANG_SOURCE([[
2fe51906 1683#include <stdio.h>
1684#include <sys/socket.h>
1685#include <netdb.h>
1686#include <errno.h>
1687#include <netinet/in.h>
1688
1689#define TEST_PORT "2222"
1690
1691int
1692main(void)
1693{
1694 int err, sock;
1695 struct addrinfo *gai_ai, *ai, hints;
1696 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1697
1698 memset(&hints, 0, sizeof(hints));
1699 hints.ai_family = PF_UNSPEC;
1700 hints.ai_socktype = SOCK_STREAM;
1701 hints.ai_flags = AI_PASSIVE;
1702
1703 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1704 if (err != 0) {
1705 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1706 exit(1);
1707 }
1708
1709 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1710 if (ai->ai_family != AF_INET6)
1711 continue;
1712
1713 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1714 sizeof(ntop), strport, sizeof(strport),
1715 NI_NUMERICHOST|NI_NUMERICSERV);
1716
1717 if (err != 0) {
1718 if (err == EAI_SYSTEM)
1719 perror("getnameinfo EAI_SYSTEM");
1720 else
1721 fprintf(stderr, "getnameinfo failed: %s\n",
1722 gai_strerror(err));
1723 exit(2);
1724 }
1725
1726 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1727 if (sock < 0)
1728 perror("socket");
1729 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1730 if (errno == EBADF)
1731 exit(3);
1732 }
1733 }
1734 exit(0);
1735}
b0e7249f 1736 ]])],
2fe51906 1737 [
1738 AC_MSG_RESULT(yes)
1739 ],
1740 [
1741 AC_MSG_RESULT(no)
1742 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1743 ],
1744 [
1745 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1746 ]
1747 )
1748fi
1749
4b492aab 1750if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1751 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1752 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1753 AC_RUN_IFELSE(
1754 [AC_LANG_SOURCE([[
5ccf88cb 1755#include <stdio.h>
1756#include <sys/socket.h>
1757#include <netdb.h>
1758#include <errno.h>
1759#include <netinet/in.h>
1760
1761#define TEST_PORT "2222"
1762
1763int
1764main(void)
1765{
1766 int err, sock;
1767 struct addrinfo *gai_ai, *ai, hints;
1768 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1769
1770 memset(&hints, 0, sizeof(hints));
1771 hints.ai_family = PF_UNSPEC;
1772 hints.ai_socktype = SOCK_STREAM;
1773 hints.ai_flags = AI_PASSIVE;
1774
1775 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1776 if (err != 0) {
1777 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1778 exit(1);
1779 }
1780
1781 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1782 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1783 continue;
1784
1785 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1786 sizeof(ntop), strport, sizeof(strport),
1787 NI_NUMERICHOST|NI_NUMERICSERV);
1788
1789 if (ai->ai_family == AF_INET && err != 0) {
1790 perror("getnameinfo");
1791 exit(2);
1792 }
1793 }
1794 exit(0);
1795}
b0e7249f 1796 ]])],
5ccf88cb 1797 [
1798 AC_MSG_RESULT(yes)
3466e002 1799 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1800 [Define if you have a getaddrinfo that fails
1801 for the all-zeros IPv6 address])
5ccf88cb 1802 ],
1803 [
1804 AC_MSG_RESULT(no)
1805 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1806 ],
ecd9ec09 1807 [
b0e7249f 1808 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1809 ]
1810 )
1811fi
1812
b29fd59f 1813if test "x$check_for_conflicting_getspnam" = "x1"; then
1814 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1815 AC_COMPILE_IFELSE(
1816 [
1817#include <shadow.h>
1818int main(void) {exit(0);}
1819 ],
1820 [
1821 AC_MSG_RESULT(no)
1822 ],
1823 [
1824 AC_MSG_RESULT(yes)
1825 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1826 [Conflicting defs for getspnam])
1827 ]
1828 )
1829fi
1830
7f8f5e00 1831AC_FUNC_GETPGRP
1832
5b991353 1833# Search for OpenSSL
1834saved_CPPFLAGS="$CPPFLAGS"
1835saved_LDFLAGS="$LDFLAGS"
a0391976 1836AC_ARG_WITH(ssl-dir,
1837 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1838 [
e9e4a1c7 1839 if test "x$withval" != "xno" ; then
99eb0f64 1840 case "$withval" in
1841 # Relative paths
1842 ./*|../*) withval="`pwd`/$withval"
1843 esac
5b991353 1844 if test -d "$withval/lib"; then
1845 if test -n "${need_dash_r}"; then
1846 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1847 else
1848 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1849 fi
1850 else
5b991353 1851 if test -n "${need_dash_r}"; then
1852 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1853 else
1854 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1855 fi
1856 fi
5b991353 1857 if test -d "$withval/include"; then
1858 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1859 else
5b991353 1860 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1861 fi
a0391976 1862 fi
5b991353 1863 ]
1864)
5486a457 1865LIBS="-lcrypto $LIBS"
3466e002 1866AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1867 [Define if your ssl headers are included
1868 with #include <openssl/header.h>]),
d45e3d76 1869 [
5b991353 1870 dnl Check default openssl install dir
1871 if test -n "${need_dash_r}"; then
1872 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1873 else
5b991353 1874 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1875 fi
5b991353 1876 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1877 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1878 [
1879 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1880 ]
1881 )
1882 ]
1883)
1884
cd018561 1885# Determine OpenSSL header version
1886AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1887AC_RUN_IFELSE(
479cece8 1888 [AC_LANG_SOURCE([[
cd018561 1889#include <stdio.h>
1890#include <string.h>
1891#include <openssl/opensslv.h>
1892#define DATA "conftest.sslincver"
1893int main(void) {
aff51935 1894 FILE *fd;
1895 int rc;
cd018561 1896
aff51935 1897 fd = fopen(DATA,"w");
1898 if(fd == NULL)
1899 exit(1);
cd018561 1900
1901 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1902 exit(1);
1903
1904 exit(0);
1905}
479cece8 1906 ]])],
cd018561 1907 [
1908 ssl_header_ver=`cat conftest.sslincver`
1909 AC_MSG_RESULT($ssl_header_ver)
1910 ],
1911 [
1912 AC_MSG_RESULT(not found)
1913 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1914 ],
1915 [
1916 AC_MSG_WARN([cross compiling: not checking])
cd018561 1917 ]
1918)
1919
1920# Determine OpenSSL library version
1921AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1922AC_RUN_IFELSE(
479cece8 1923 [AC_LANG_SOURCE([[
cd018561 1924#include <stdio.h>
1925#include <string.h>
1926#include <openssl/opensslv.h>
1927#include <openssl/crypto.h>
1928#define DATA "conftest.ssllibver"
1929int main(void) {
aff51935 1930 FILE *fd;
1931 int rc;
cd018561 1932
aff51935 1933 fd = fopen(DATA,"w");
1934 if(fd == NULL)
1935 exit(1);
cd018561 1936
1937 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1938 exit(1);
1939
1940 exit(0);
1941}
479cece8 1942 ]])],
cd018561 1943 [
1944 ssl_library_ver=`cat conftest.ssllibver`
1945 AC_MSG_RESULT($ssl_library_ver)
1946 ],
1947 [
1948 AC_MSG_RESULT(not found)
1949 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1950 ],
1951 [
1952 AC_MSG_WARN([cross compiling: not checking])
cd018561 1953 ]
1954)
58d100bf 1955
1d42bcce 1956AC_ARG_WITH(openssl-header-check,
1957 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1958 [ if test "x$withval" = "xno" ; then
1959 openssl_check_nonfatal=1
1960 fi
1961 ]
1962)
1963
9780116c 1964# Sanity check OpenSSL headers
1965AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1966AC_RUN_IFELSE(
479cece8 1967 [AC_LANG_SOURCE([[
9780116c 1968#include <string.h>
1969#include <openssl/opensslv.h>
aec4cb4f 1970int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1971 ]])],
9780116c 1972 [
1973 AC_MSG_RESULT(yes)
1974 ],
1975 [
1976 AC_MSG_RESULT(no)
1d42bcce 1977 if test "x$openssl_check_nonfatal" = "x"; then
1978 AC_MSG_ERROR([Your OpenSSL headers do not match your
1979library. Check config.log for details.
1980If you are sure your installation is consistent, you can disable the check
1981by running "./configure --without-openssl-header-check".
1982Also see contrib/findssl.sh for help identifying header/library mismatches.
1983])
1984 else
1985 AC_MSG_WARN([Your OpenSSL headers do not match your
1986library. Check config.log for details.
e15ba28b 1987Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1988 fi
1a01a50c 1989 ],
1990 [
1991 AC_MSG_WARN([cross compiling: not checking])
9780116c 1992 ]
1993)
1994
282d6408 1995AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1996AC_LINK_IFELSE(
1997 [AC_LANG_SOURCE([[
1998#include <openssl/evp.h>
1999int main(void) { SSLeay_add_all_algorithms(); }
2000 ]])],
2001 [
2002 AC_MSG_RESULT(yes)
2003 ],
2004 [
2005 AC_MSG_RESULT(no)
2006 saved_LIBS="$LIBS"
2007 LIBS="$LIBS -ldl"
2008 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2009 AC_LINK_IFELSE(
2010 [AC_LANG_SOURCE([[
2011#include <openssl/evp.h>
2012int main(void) { SSLeay_add_all_algorithms(); }
2013 ]])],
2014 [
2015 AC_MSG_RESULT(yes)
2016 ],
2017 [
2018 AC_MSG_RESULT(no)
2019 LIBS="$saved_LIBS"
2020 ]
2021 )
2022 ]
2023)
2024
c7ad0d99 2025AC_ARG_WITH(ssl-engine,
2026 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2027 [ if test "x$withval" != "xno" ; then
2028 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2029 AC_TRY_COMPILE(
2030 [ #include <openssl/engine.h>],
2031 [
24b2647b 2032ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2033 ],
2034 [ AC_MSG_RESULT(yes)
2035 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2036 [Enable OpenSSL engine support])
2037 ],
2038 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2039 )
2040 fi ]
2041)
2042
e5146707 2043# Check for OpenSSL without EVP_aes_{192,256}_cbc
2044AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2045AC_LINK_IFELSE(
e5146707 2046 [AC_LANG_SOURCE([[
2047#include <string.h>
2048#include <openssl/evp.h>
300ea548 2049int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2050 ]])],
2051 [
2052 AC_MSG_RESULT(no)
2053 ],
2054 [
2055 AC_MSG_RESULT(yes)
2056 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2057 [libcrypto is missing AES 192 and 256 bit functions])
2058 ]
2059)
2060
5486a457 2061# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2062# because the system crypt() is more featureful.
2063if test "x$check_for_libcrypt_before" = "x1"; then
2064 AC_CHECK_LIB(crypt, crypt)
2065fi
2066
aff51935 2067# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2068# version in OpenSSL.
05114c74 2069if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2070 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2071fi
2072
13ff27b7 2073# Search for SHA256 support in libc and/or OpenSSL
2074AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2075
a03acb8f 2076saved_LIBS="$LIBS"
2077AC_CHECK_LIB(iaf, ia_openinfo, [
2078 LIBS="$LIBS -liaf"
d837615a 2079 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2080 AC_DEFINE(HAVE_LIBIAF, 1,
2081 [Define if system has libiaf that supports set_id])
2082 ])
a03acb8f 2083])
2084LIBS="$saved_LIBS"
f1b0ecc3 2085
2086### Configure cryptographic random number support
2087
2088# Check wheter OpenSSL seeds itself
2089AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2090AC_RUN_IFELSE(
479cece8 2091 [AC_LANG_SOURCE([[
f1b0ecc3 2092#include <string.h>
2093#include <openssl/rand.h>
aec4cb4f 2094int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2095 ]])],
f1b0ecc3 2096 [
2097 OPENSSL_SEEDS_ITSELF=yes
2098 AC_MSG_RESULT(yes)
2099 ],
2100 [
2101 AC_MSG_RESULT(no)
2102 # Default to use of the rand helper if OpenSSL doesn't
2103 # seed itself
2104 USE_RAND_HELPER=yes
1a01a50c 2105 ],
2106 [
2107 AC_MSG_WARN([cross compiling: assuming yes])
2108 # This is safe, since all recent OpenSSL versions will
82f4e93d 2109 # complain at runtime if not seeded correctly.
1a01a50c 2110 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2111 ]
2112)
2113
a086f73b 2114# Check for PAM libs
2115PAM_MSG="no"
2116AC_ARG_WITH(pam,
2117 [ --with-pam Enable PAM support ],
2118 [
2119 if test "x$withval" != "xno" ; then
2120 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2121 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2122 AC_MSG_ERROR([PAM headers not found])
2123 fi
2124
2125 saved_LIBS="$LIBS"
2126 AC_CHECK_LIB(dl, dlopen, , )
2127 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2128 AC_CHECK_FUNCS(pam_getenvlist)
2129 AC_CHECK_FUNCS(pam_putenv)
2130 LIBS="$saved_LIBS"
2131
2132 PAM_MSG="yes"
2133
e54defb4 2134 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2135 AC_DEFINE(USE_PAM, 1,
2136 [Define if you want to enable PAM support])
282d6408 2137
a086f73b 2138 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2139 case "$LIBS" in
2140 *-ldl*)
2141 # libdl already in LIBS
2142 ;;
2143 *)
e54defb4 2144 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2145 ;;
2146 esac
a086f73b 2147 fi
a086f73b 2148 fi
2149 ]
2150)
2151
2152# Check for older PAM
2153if test "x$PAM_MSG" = "xyes" ; then
2154 # Check PAM strerror arguments (old PAM)
2155 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2156 AC_TRY_COMPILE(
2157 [
2158#include <stdlib.h>
2159#if defined(HAVE_SECURITY_PAM_APPL_H)
2160#include <security/pam_appl.h>
2161#elif defined (HAVE_PAM_PAM_APPL_H)
2162#include <pam/pam_appl.h>
2163#endif
2164 ],
2165 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2166 [AC_MSG_RESULT(no)],
2167 [
2168 AC_DEFINE(HAVE_OLD_PAM, 1,
2169 [Define if you have an old version of PAM
2170 which takes only one argument to pam_strerror])
2171 AC_MSG_RESULT(yes)
2172 PAM_MSG="yes (old library)"
2173 ]
2174 )
2175fi
f1b0ecc3 2176
2177# Do we want to force the use of the rand helper?
2178AC_ARG_WITH(rand-helper,
2179 [ --with-rand-helper Use subprocess to gather strong randomness ],
2180 [
2181 if test "x$withval" = "xno" ; then
aff51935 2182 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2183 # the previous test showed it to be unseeded.
2184 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2185 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2186 OPENSSL_SEEDS_ITSELF=yes
2187 USE_RAND_HELPER=""
2188 fi
2189 else
2190 USE_RAND_HELPER=yes
2191 fi
2192 ],
82f4e93d 2193)
f1b0ecc3 2194
2195# Which randomness source do we use?
4b492aab 2196if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2197 # OpenSSL only
3466e002 2198 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2199 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2200 RAND_MSG="OpenSSL internal ONLY"
2201 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2202elif test ! -z "$USE_RAND_HELPER" ; then
2203 # install rand helper
f1b0ecc3 2204 RAND_MSG="ssh-rand-helper"
2205 INSTALL_SSH_RAND_HELPER="yes"
2206fi
2207AC_SUBST(INSTALL_SSH_RAND_HELPER)
2208
2209### Configuration of ssh-rand-helper
2210
2211# PRNGD TCP socket
2212AC_ARG_WITH(prngd-port,
2213 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2214 [
eb5d7ff6 2215 case "$withval" in
2216 no)
2217 withval=""
2218 ;;
2219 [[0-9]]*)
2220 ;;
2221 *)
2222 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2223 ;;
2224 esac
2225 if test ! -z "$withval" ; then
f1b0ecc3 2226 PRNGD_PORT="$withval"
3466e002 2227 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2228 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2229 fi
2230 ]
2231)
2232
2233# PRNGD Unix domain socket
2234AC_ARG_WITH(prngd-socket,
2235 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2236 [
eb5d7ff6 2237 case "$withval" in
2238 yes)
f1b0ecc3 2239 withval="/var/run/egd-pool"
eb5d7ff6 2240 ;;
2241 no)
2242 withval=""
2243 ;;
2244 /*)
2245 ;;
2246 *)
2247 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2248 ;;
2249 esac
2250
2251 if test ! -z "$withval" ; then
f1b0ecc3 2252 if test ! -z "$PRNGD_PORT" ; then
2253 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2254 fi
906e811b 2255 if test ! -r "$withval" ; then
f1b0ecc3 2256 AC_MSG_WARN(Entropy socket is not readable)
2257 fi
2258 PRNGD_SOCKET="$withval"
3466e002 2259 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2260 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2261 fi
ddceb1c8 2262 ],
2263 [
2264 # Check for existing socket only if we don't have a random device already
2265 if test "$USE_RAND_HELPER" = yes ; then
2266 AC_MSG_CHECKING(for PRNGD/EGD socket)
2267 # Insert other locations here
2268 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2269 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2270 PRNGD_SOCKET="$sock"
2271 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2272 break;
2273 fi
2274 done
2275 if test ! -z "$PRNGD_SOCKET" ; then
2276 AC_MSG_RESULT($PRNGD_SOCKET)
2277 else
2278 AC_MSG_RESULT(not found)
2279 fi
2280 fi
f1b0ecc3 2281 ]
2282)
2283
2284# Change default command timeout for hashing entropy source
2285entropy_timeout=200
2286AC_ARG_WITH(entropy-timeout,
2287 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2288 [
6cf0200f 2289 if test -n "$withval" && test "x$withval" != "xno" && \
2290 test "x${withval}" != "xyes"; then
f1b0ecc3 2291 entropy_timeout=$withval
2292 fi
82f4e93d 2293 ]
f1b0ecc3 2294)
3466e002 2295AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2296 [Builtin PRNG command timeout])
f1b0ecc3 2297
fd3cbf67 2298SSH_PRIVSEP_USER=sshd
9a0fbcb3 2299AC_ARG_WITH(privsep-user,
5222e7ef 2300 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2301 [
6cf0200f 2302 if test -n "$withval" && test "x$withval" != "xno" && \
2303 test "x${withval}" != "xyes"; then
fd3cbf67 2304 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2305 fi
82f4e93d 2306 ]
9a0fbcb3 2307)
3466e002 2308AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2309 [non-privileged user for privilege separation])
fd3cbf67 2310AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2311
81dadca3 2312# We do this little dance with the search path to insure
2313# that programs that we select for use by installed programs
2314# (which may be run by the super-user) come from trusted
2315# locations before they come from the user's private area.
2316# This should help avoid accidentally configuring some
2317# random version of a program in someone's personal bin.
2318
2319OPATH=$PATH
2320PATH=/bin:/usr/bin
f95c8ce8 2321test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2322test -d /sbin && PATH=$PATH:/sbin
2323test -d /usr/sbin && PATH=$PATH:/usr/sbin
2324PATH=$PATH:/etc:$OPATH
2325
aff51935 2326# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2327OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2328OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2329OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2330OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2331OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2332OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2333OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2334OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2335OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2336OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2337OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2338OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2339OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2340OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2341OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2342OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2343# restore PATH
2344PATH=$OPATH
f1b0ecc3 2345
2346# Where does ssh-rand-helper get its randomness from?
2347INSTALL_SSH_PRNG_CMDS=""
2348if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2349 if test ! -z "$PRNGD_PORT" ; then
2350 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2351 elif test ! -z "$PRNGD_SOCKET" ; then
2352 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2353 else
2354 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2355 RAND_HELPER_CMDHASH=yes
2356 INSTALL_SSH_PRNG_CMDS="yes"
2357 fi
2358fi
2359AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2360
2361
66d6c27e 2362# Cheap hack to ensure NEWS-OS libraries are arranged right.
2363if test ! -z "$SONY" ; then
2364 LIBS="$LIBS -liberty";
2365fi
2366
9a406e1e 2367# Check for long long datatypes
2368AC_CHECK_TYPES([long long, unsigned long long, long double])
2369
2370# Check datatype sizes
976f7e19 2371AC_CHECK_SIZEOF(char, 1)
2b942fe0 2372AC_CHECK_SIZEOF(short int, 2)
2373AC_CHECK_SIZEOF(int, 4)
2374AC_CHECK_SIZEOF(long int, 4)
2375AC_CHECK_SIZEOF(long long int, 8)
2376
52f1ccb2 2377# Sanity check long long for some platforms (AIX)
2378if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2379 ac_cv_sizeof_long_long_int=0
2380fi
2381
90f15776 2382# compute LLONG_MIN and LLONG_MAX if we don't know them.
2383if test -z "$have_llong_max"; then
2384 AC_MSG_CHECKING([for max value of long long])
2385 AC_RUN_IFELSE(
2386 [AC_LANG_SOURCE([[
2387#include <stdio.h>
2388/* Why is this so damn hard? */
2389#ifdef __GNUC__
2390# undef __GNUC__
2391#endif
2392#define __USE_ISOC99
2393#include <limits.h>
2394#define DATA "conftest.llminmax"
055252ed 2395#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2396
2397/*
2398 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2399 * we do this the hard way.
2400 */
2401static int
2402fprint_ll(FILE *f, long long n)
2403{
2404 unsigned int i;
2405 int l[sizeof(long long) * 8];
2406
2407 if (n < 0)
2408 if (fprintf(f, "-") < 0)
2409 return -1;
2410 for (i = 0; n != 0; i++) {
2411 l[i] = my_abs(n % 10);
2412 n /= 10;
2413 }
2414 do {
2415 if (fprintf(f, "%d", l[--i]) < 0)
2416 return -1;
2417 } while (i != 0);
2418 if (fprintf(f, " ") < 0)
2419 return -1;
2420 return 0;
2421}
2422
90f15776 2423int main(void) {
2424 FILE *f;
2425 long long i, llmin, llmax = 0;
2426
2427 if((f = fopen(DATA,"w")) == NULL)
2428 exit(1);
2429
2430#if defined(LLONG_MIN) && defined(LLONG_MAX)
2431 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2432 llmin = LLONG_MIN;
2433 llmax = LLONG_MAX;
2434#else
2435 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2436 /* This will work on one's complement and two's complement */
2437 for (i = 1; i > llmax; i <<= 1, i++)
2438 llmax = i;
2439 llmin = llmax + 1LL; /* wrap */
2440#endif
2441
2442 /* Sanity check */
2443 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2444 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2445 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2446 fprintf(f, "unknown unknown\n");
2447 exit(2);
2448 }
2449
055252ed 2450 if (fprint_ll(f, llmin) < 0)
90f15776 2451 exit(3);
055252ed 2452 if (fprint_ll(f, llmax) < 0)
2453 exit(4);
2454 if (fclose(f) < 0)
2455 exit(5);
90f15776 2456 exit(0);
2457}
2458 ]])],
2459 [
2460 llong_min=`$AWK '{print $1}' conftest.llminmax`
2461 llong_max=`$AWK '{print $2}' conftest.llminmax`
2462
90f15776 2463 AC_MSG_RESULT($llong_max)
2464 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2465 [max value of long long calculated by configure])
2466 AC_MSG_CHECKING([for min value of long long])
2467 AC_MSG_RESULT($llong_min)
2468 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2469 [min value of long long calculated by configure])
2470 ],
2471 [
2472 AC_MSG_RESULT(not found)
2473 ],
2474 [
2475 AC_MSG_WARN([cross compiling: not checking])
2476 ]
2477 )
2478fi
2479
2480
a0391976 2481# More checks for data types
14a9a859 2482AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2483 AC_TRY_COMPILE(
aff51935 2484 [ #include <sys/types.h> ],
2485 [ u_int a; a = 1;],
14a9a859 2486 [ ac_cv_have_u_int="yes" ],
2487 [ ac_cv_have_u_int="no" ]
2488 )
2489])
2490if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2491 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2492 have_u_int=1
2493fi
2494
58d100bf 2495AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2496 AC_TRY_COMPILE(
aff51935 2497 [ #include <sys/types.h> ],
2498 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2499 [ ac_cv_have_intxx_t="yes" ],
2500 [ ac_cv_have_intxx_t="no" ]
2501 )
2502])
2503if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2504 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2505 have_intxx_t=1
2506fi
41cb4569 2507
2508if (test -z "$have_intxx_t" && \
aff51935 2509 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2510then
2511 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2512 AC_TRY_COMPILE(
aff51935 2513 [ #include <stdint.h> ],
2514 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2515 [
2516 AC_DEFINE(HAVE_INTXX_T)
2517 AC_MSG_RESULT(yes)
2518 ],
2519 [ AC_MSG_RESULT(no) ]
2520 )
2521fi
2522
bd590612 2523AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2524 AC_TRY_COMPILE(
1cbbe6c8 2525 [
2526#include <sys/types.h>
2527#ifdef HAVE_STDINT_H
2528# include <stdint.h>
2529#endif
2530#include <sys/socket.h>
2531#ifdef HAVE_SYS_BITYPES_H
2532# include <sys/bitypes.h>
2533#endif
aff51935 2534 ],
2535 [ int64_t a; a = 1;],
bd590612 2536 [ ac_cv_have_int64_t="yes" ],
2537 [ ac_cv_have_int64_t="no" ]
2538 )
2539])
2540if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2541 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2542fi
2543
58d100bf 2544AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2545 AC_TRY_COMPILE(
aff51935 2546 [ #include <sys/types.h> ],
2547 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2548 [ ac_cv_have_u_intxx_t="yes" ],
2549 [ ac_cv_have_u_intxx_t="no" ]
2550 )
2551])
2552if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2553 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2554 have_u_intxx_t=1
2555fi
2b942fe0 2556
41cb4569 2557if test -z "$have_u_intxx_t" ; then
2558 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2559 AC_TRY_COMPILE(
aff51935 2560 [ #include <sys/socket.h> ],
2561 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2562 [
2563 AC_DEFINE(HAVE_U_INTXX_T)
2564 AC_MSG_RESULT(yes)
2565 ],
2566 [ AC_MSG_RESULT(no) ]
2567 )
2568fi
2569
bd590612 2570AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2571 AC_TRY_COMPILE(
aff51935 2572 [ #include <sys/types.h> ],
2573 [ u_int64_t a; a = 1;],
bd590612 2574 [ ac_cv_have_u_int64_t="yes" ],
2575 [ ac_cv_have_u_int64_t="no" ]
2576 )
2577])
2578if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2579 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2580 have_u_int64_t=1
2581fi
2582
ddceb1c8 2583if test -z "$have_u_int64_t" ; then
2584 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2585 AC_TRY_COMPILE(
aff51935 2586 [ #include <sys/bitypes.h> ],
ddceb1c8 2587 [ u_int64_t a; a = 1],
2588 [
2589 AC_DEFINE(HAVE_U_INT64_T)
2590 AC_MSG_RESULT(yes)
2591 ],
2592 [ AC_MSG_RESULT(no) ]
2593 )
2594fi
2595
41cb4569 2596if test -z "$have_u_intxx_t" ; then
2597 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2598 AC_TRY_COMPILE(
2599 [
2600#include <sys/types.h>
aff51935 2601 ],
2602 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2603 [ ac_cv_have_uintxx_t="yes" ],
2604 [ ac_cv_have_uintxx_t="no" ]
2605 )
2606 ])
2607 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2608 AC_DEFINE(HAVE_UINTXX_T, 1,
2609 [define if you have uintxx_t data type])
41cb4569 2610 fi
2611fi
2612
2613if test -z "$have_uintxx_t" ; then
2614 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2615 AC_TRY_COMPILE(
aff51935 2616 [ #include <stdint.h> ],
2617 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2618 [
2619 AC_DEFINE(HAVE_UINTXX_T)
2620 AC_MSG_RESULT(yes)
2621 ],
2622 [ AC_MSG_RESULT(no) ]
2623 )
2624fi
2625
e5fe9a1f 2626if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2627 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2628then
2629 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2630 AC_TRY_COMPILE(
58d100bf 2631 [
2632#include <sys/bitypes.h>
aff51935 2633 ],
5cdfe03f 2634 [
837c30b8 2635 int8_t a; int16_t b; int32_t c;
2636 u_int8_t e; u_int16_t f; u_int32_t g;
2637 a = b = c = e = f = g = 1;
aff51935 2638 ],
5cdfe03f 2639 [
2640 AC_DEFINE(HAVE_U_INTXX_T)
2641 AC_DEFINE(HAVE_INTXX_T)
2642 AC_MSG_RESULT(yes)
2643 ],
2644 [AC_MSG_RESULT(no)]
aff51935 2645 )
5cdfe03f 2646fi
2647
0362750e 2648
2649AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2650 AC_TRY_COMPILE(
2651 [
2652#include <sys/types.h>
2653 ],
2654 [ u_char foo; foo = 125; ],
2655 [ ac_cv_have_u_char="yes" ],
2656 [ ac_cv_have_u_char="no" ]
2657 )
2658])
2659if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2660 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2661fi
2662
98a7c37b 2663TYPE_SOCKLEN_T
2b942fe0 2664
2d16d9a3 2665AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2666AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2667#include <sys/types.h>
2668#ifdef HAVE_SYS_BITYPES_H
2669#include <sys/bitypes.h>
2670#endif
2671#ifdef HAVE_SYS_STATFS_H
2672#include <sys/statfs.h>
2673#endif
2674#ifdef HAVE_SYS_STATVFS_H
2675#include <sys/statvfs.h>
2676#endif
2677])
ddceb1c8 2678
777ece68 2679AC_CHECK_TYPES(in_addr_t,,,
2680[#include <sys/types.h>
2681#include <netinet/in.h>])
7b578f7d 2682
58d100bf 2683AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2684 AC_TRY_COMPILE(
2685 [
18ba2aab 2686#include <sys/types.h>
58d100bf 2687 ],
2688 [ size_t foo; foo = 1235; ],
2689 [ ac_cv_have_size_t="yes" ],
2690 [ ac_cv_have_size_t="no" ]
2691 )
2692])
2693if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2694 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2695fi
ea1970a3 2696
c04f75f1 2697AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2698 AC_TRY_COMPILE(
2699 [
2700#include <sys/types.h>
2701 ],
2702 [ ssize_t foo; foo = 1235; ],
2703 [ ac_cv_have_ssize_t="yes" ],
2704 [ ac_cv_have_ssize_t="no" ]
2705 )
2706])
2707if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2708 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2709fi
2710
f1c4659d 2711AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2712 AC_TRY_COMPILE(
2713 [
2714#include <time.h>
2715 ],
2716 [ clock_t foo; foo = 1235; ],
2717 [ ac_cv_have_clock_t="yes" ],
2718 [ ac_cv_have_clock_t="no" ]
2719 )
2720])
2721if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2722 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2723fi
2724
1c04b088 2725AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2726 AC_TRY_COMPILE(
2727 [
2728#include <sys/types.h>
2729#include <sys/socket.h>
2730 ],
2731 [ sa_family_t foo; foo = 1235; ],
2732 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2733 [ AC_TRY_COMPILE(
2734 [
2735#include <sys/types.h>
2736#include <sys/socket.h>
2737#include <netinet/in.h>
2738 ],
2739 [ sa_family_t foo; foo = 1235; ],
2740 [ ac_cv_have_sa_family_t="yes" ],
2741
1c04b088 2742 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2743 )]
1c04b088 2744 )
2745])
2746if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2747 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2748 [define if you have sa_family_t data type])
1c04b088 2749fi
2750
729bfe59 2751AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2752 AC_TRY_COMPILE(
2753 [
2754#include <sys/types.h>
2755 ],
2756 [ pid_t foo; foo = 1235; ],
2757 [ ac_cv_have_pid_t="yes" ],
2758 [ ac_cv_have_pid_t="no" ]
2759 )
2760])
2761if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2762 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2763fi
2764
2765AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2766 AC_TRY_COMPILE(
2767 [
2768#include <sys/types.h>
2769 ],
2770 [ mode_t foo; foo = 1235; ],
2771 [ ac_cv_have_mode_t="yes" ],
2772 [ ac_cv_have_mode_t="no" ]
2773 )
2774])
2775if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2776 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2777fi
2778
e3a93db0 2779
58d100bf 2780AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2781 AC_TRY_COMPILE(
2782 [
18ba2aab 2783#include <sys/types.h>
2784#include <sys/socket.h>
58d100bf 2785 ],
2786 [ struct sockaddr_storage s; ],
2787 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2788 [ ac_cv_have_struct_sockaddr_storage="no" ]
2789 )
2790])
2791if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2792 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2793 [define if you have struct sockaddr_storage data type])
58d100bf 2794fi
48e671d5 2795
58d100bf 2796AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2797 AC_TRY_COMPILE(
2798 [
cbd7492e 2799#include <sys/types.h>
58d100bf 2800#include <netinet/in.h>
2801 ],
2802 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2803 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2804 [ ac_cv_have_struct_sockaddr_in6="no" ]
2805 )
2806])
2807if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2808 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2809 [define if you have struct sockaddr_in6 data type])
58d100bf 2810fi
48e671d5 2811
58d100bf 2812AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2813 AC_TRY_COMPILE(
2814 [
cbd7492e 2815#include <sys/types.h>
58d100bf 2816#include <netinet/in.h>
2817 ],
2818 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2819 [ ac_cv_have_struct_in6_addr="yes" ],
2820 [ ac_cv_have_struct_in6_addr="no" ]
2821 )
2822])
2823if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2824 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2825 [define if you have struct in6_addr data type])
58d100bf 2826fi
48e671d5 2827
58d100bf 2828AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2829 AC_TRY_COMPILE(
2830 [
18ba2aab 2831#include <sys/types.h>
2832#include <sys/socket.h>
2833#include <netdb.h>
58d100bf 2834 ],
2835 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2836 [ ac_cv_have_struct_addrinfo="yes" ],
2837 [ ac_cv_have_struct_addrinfo="no" ]
2838 )
2839])
2840if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2841 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2842 [define if you have struct addrinfo data type])
58d100bf 2843fi
2844
89c7e31c 2845AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2846 AC_TRY_COMPILE(
aff51935 2847 [ #include <sys/time.h> ],
2848 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2849 [ ac_cv_have_struct_timeval="yes" ],
2850 [ ac_cv_have_struct_timeval="no" ]
2851 )
2852])
2853if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2854 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2855 have_struct_timeval=1
2856fi
2857
5271b55c 2858AC_CHECK_TYPES(struct timespec)
2859
85abc74b 2860# We need int64_t or else certian parts of the compile will fail.
4b492aab 2861if test "x$ac_cv_have_int64_t" = "xno" && \
2862 test "x$ac_cv_sizeof_long_int" != "x8" && \
2863 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2864 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2865 echo "an alternative compiler (I.E., GCC) before continuing."
2866 echo ""
2867 exit 1;
733cf7f4 2868else
2869dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2870 AC_RUN_IFELSE(
479cece8 2871 [AC_LANG_SOURCE([[
733cf7f4 2872#include <stdio.h>
2873#include <string.h>
2874#ifdef HAVE_SNPRINTF
2875main()
2876{
2877 char buf[50];
2878 char expected_out[50];
2879 int mazsize = 50 ;
2880#if (SIZEOF_LONG_INT == 8)
2881 long int num = 0x7fffffffffffffff;
2882#else
763a1a18 2883 long long num = 0x7fffffffffffffffll;
733cf7f4 2884#endif
2885 strcpy(expected_out, "9223372036854775807");
2886 snprintf(buf, mazsize, "%lld", num);
2887 if(strcmp(buf, expected_out) != 0)
aff51935 2888 exit(1);
733cf7f4 2889 exit(0);
2890}
2891#else
2892main() { exit(0); }
2893#endif
479cece8 2894 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2895 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2896 )
2c523de9 2897fi
2898
77bb0bca 2899dnl Checks for structure members
58d100bf 2900OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2901OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2902OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2903OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2904OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2905OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2906OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2907OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2908OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2909OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2910OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2911OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2912OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2913OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2914OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2915OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2916OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2917
2918AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2919AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2920 [Define if we don't have struct __res_state in resolv.h])],
2921[
2922#include <stdio.h>
2923#if HAVE_SYS_TYPES_H
2924# include <sys/types.h>
2925#endif
2926#include <netinet/in.h>
2927#include <arpa/nameser.h>
2928#include <resolv.h>
2929])
1d7b9b20 2930
58d100bf 2931AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2932 ac_cv_have_ss_family_in_struct_ss, [
2933 AC_TRY_COMPILE(
2934 [
18ba2aab 2935#include <sys/types.h>
2936#include <sys/socket.h>
58d100bf 2937 ],
2938 [ struct sockaddr_storage s; s.ss_family = 1; ],
2939 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2940 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2941 )
2942])
2943if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2944 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2945fi
2946
58d100bf 2947AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2948 ac_cv_have___ss_family_in_struct_ss, [
2949 AC_TRY_COMPILE(
2950 [
18ba2aab 2951#include <sys/types.h>
2952#include <sys/socket.h>
58d100bf 2953 ],
2954 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2955 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2956 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2957 )
2958])
2959if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2960 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2961 [Fields in struct sockaddr_storage])
58d100bf 2962fi
2963
2e73a022 2964AC_CACHE_CHECK([for pw_class field in struct passwd],
2965 ac_cv_have_pw_class_in_struct_passwd, [
2966 AC_TRY_COMPILE(
2967 [
2e73a022 2968#include <pwd.h>
2969 ],
97994d32 2970 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2971 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2972 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2973 )
2974])
2975if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2976 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2977 [Define if your password has a pw_class field])
2e73a022 2978fi
2979
7751d4eb 2980AC_CACHE_CHECK([for pw_expire field in struct passwd],
2981 ac_cv_have_pw_expire_in_struct_passwd, [
2982 AC_TRY_COMPILE(
2983 [
2984#include <pwd.h>
2985 ],
2986 [ struct passwd p; p.pw_expire = 0; ],
2987 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2988 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2989 )
2990])
2991if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2992 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2993 [Define if your password has a pw_expire field])
7751d4eb 2994fi
2995
2996AC_CACHE_CHECK([for pw_change field in struct passwd],
2997 ac_cv_have_pw_change_in_struct_passwd, [
2998 AC_TRY_COMPILE(
2999 [
3000#include <pwd.h>
3001 ],
3002 [ struct passwd p; p.pw_change = 0; ],
3003 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3004 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3005 )
3006])
3007if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 3008 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3009 [Define if your password has a pw_change field])
7751d4eb 3010fi
58d100bf 3011
637f9177 3012dnl make sure we're using the real structure members and not defines
6f34652e 3013AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3014 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3015 AC_COMPILE_IFELSE(
6f34652e 3016 [
f95c8ce8 3017#include <sys/types.h>
6f34652e 3018#include <sys/socket.h>
3019#include <sys/uio.h>
637f9177 3020int main() {
3021#ifdef msg_accrights
1a01a50c 3022#error "msg_accrights is a macro"
637f9177 3023exit(1);
3024#endif
3025struct msghdr m;
3026m.msg_accrights = 0;
3027exit(0);
3028}
6f34652e 3029 ],
6f34652e 3030 [ ac_cv_have_accrights_in_msghdr="yes" ],
3031 [ ac_cv_have_accrights_in_msghdr="no" ]
3032 )
3033])
3034if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3035 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3036 [Define if your system uses access rights style
3037 file descriptor passing])
6f34652e 3038fi
3039
7a4f468b 3040AC_MSG_CHECKING(if f_fsid has val members)
3041AC_TRY_COMPILE([
3042#include <sys/types.h>
3043#include <sys/statvfs.h>],
3044[struct fsid_t t; t.val[0] = 0;],
3045 [ AC_MSG_RESULT(yes)
3046 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3047 [ AC_MSG_RESULT(no) ]
3048)
3049
7176df4f 3050AC_CACHE_CHECK([for msg_control field in struct msghdr],
3051 ac_cv_have_control_in_msghdr, [
1a01a50c 3052 AC_COMPILE_IFELSE(
7176df4f 3053 [
f95c8ce8 3054#include <sys/types.h>
7176df4f 3055#include <sys/socket.h>
3056#include <sys/uio.h>
637f9177 3057int main() {
3058#ifdef msg_control
1a01a50c 3059#error "msg_control is a macro"
637f9177 3060exit(1);
3061#endif
3062struct msghdr m;
3063m.msg_control = 0;
3064exit(0);
3065}
7176df4f 3066 ],
7176df4f 3067 [ ac_cv_have_control_in_msghdr="yes" ],
3068 [ ac_cv_have_control_in_msghdr="no" ]
3069 )
3070])
3071if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3072 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3073 [Define if your system uses ancillary data style
3074 file descriptor passing])
7176df4f 3075fi
3076
58d100bf 3077AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3078 AC_TRY_LINK([],
3079 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3080 [ ac_cv_libc_defines___progname="yes" ],
3081 [ ac_cv_libc_defines___progname="no" ]
3082 )
3083])
3084if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3085 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3086fi
8946db53 3087
c921ee00 3088AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3089 AC_TRY_LINK([
3090#include <stdio.h>
aff51935 3091],
3092 [ printf("%s", __FUNCTION__); ],
c921ee00 3093 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3094 [ ac_cv_cc_implements___FUNCTION__="no" ]
3095 )
3096])
3097if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3098 AC_DEFINE(HAVE___FUNCTION__, 1,
3099 [Define if compiler implements __FUNCTION__])
c921ee00 3100fi
3101
3102AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3103 AC_TRY_LINK([
3104#include <stdio.h>
aff51935 3105],
3106 [ printf("%s", __func__); ],
c921ee00 3107 [ ac_cv_cc_implements___func__="yes" ],
3108 [ ac_cv_cc_implements___func__="no" ]
3109 )
3110])
3111if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3112 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3113fi
3114
9a406e1e 3115AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3116 AC_TRY_LINK(
3117 [#include <stdarg.h>
3118 va_list x,y;],
3119 [va_copy(x,y);],
3120 [ ac_cv_have_va_copy="yes" ],
3121 [ ac_cv_have_va_copy="no" ]
3122 )
3123])
3124if test "x$ac_cv_have_va_copy" = "xyes" ; then
3125 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3126fi
3127
3128AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3129 AC_TRY_LINK(
3130 [#include <stdarg.h>
3131 va_list x,y;],
3132 [__va_copy(x,y);],
3133 [ ac_cv_have___va_copy="yes" ],
3134 [ ac_cv_have___va_copy="no" ]
3135 )
3136])
3137if test "x$ac_cv_have___va_copy" = "xyes" ; then
3138 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3139fi
3140
1812a662 3141AC_CACHE_CHECK([whether getopt has optreset support],
3142 ac_cv_have_getopt_optreset, [
3143 AC_TRY_LINK(
3144 [
3145#include <getopt.h>
3146 ],
3147 [ extern int optreset; optreset = 0; ],
3148 [ ac_cv_have_getopt_optreset="yes" ],
3149 [ ac_cv_have_getopt_optreset="no" ]
3150 )
3151])
3152if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3153 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3154 [Define if your getopt(3) defines and uses optreset])
1812a662 3155fi
a0391976 3156
819b676f 3157AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3158 AC_TRY_LINK([],
3159 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3160 [ ac_cv_libc_defines_sys_errlist="yes" ],
3161 [ ac_cv_libc_defines_sys_errlist="no" ]
3162 )
3163])
3164if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3165 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3166 [Define if your system defines sys_errlist[]])
819b676f 3167fi
3168
3169
416ed5a7 3170AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3171 AC_TRY_LINK([],
3172 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3173 [ ac_cv_libc_defines_sys_nerr="yes" ],
3174 [ ac_cv_libc_defines_sys_nerr="no" ]
3175 )
3176])
3177if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3178 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3179fi
3180
aff51935 3181SCARD_MSG="no"
295c8801 3182# Check whether user wants sectok support
3183AC_ARG_WITH(sectok,
3184 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3185 [
3186 if test "x$withval" != "xno" ; then
3187 if test "x$withval" != "xyes" ; then
3188 CPPFLAGS="$CPPFLAGS -I${withval}"
3189 LDFLAGS="$LDFLAGS -L${withval}"
3190 if test ! -z "$need_dash_r" ; then
3191 LDFLAGS="$LDFLAGS -R${withval}"
3192 fi
3193 if test ! -z "$blibpath" ; then
3194 blibpath="$blibpath:${withval}"
3195 fi
3196 fi
3197 AC_CHECK_HEADERS(sectok.h)
3198 if test "$ac_cv_header_sectok_h" != yes; then
3199 AC_MSG_ERROR(Can't find sectok.h)
3200 fi
3201 AC_CHECK_LIB(sectok, sectok_open)
3202 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3203 AC_MSG_ERROR(Can't find libsectok)
3204 fi
3466e002 3205 AC_DEFINE(SMARTCARD, 1,
3206 [Define if you want smartcard support])
3207 AC_DEFINE(USE_SECTOK, 1,
3208 [Define if you want smartcard support
3209 using sectok])
aff51935 3210 SCARD_MSG="yes, using sectok"
295c8801 3211 fi
3212 ]
3213)
3214
3215# Check whether user wants OpenSC support
987b458f 3216OPENSC_CONFIG="no"
295c8801 3217AC_ARG_WITH(opensc,
e47fb473 3218 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3219 [
3220 if test "x$withval" != "xno" ; then
3221 if test "x$withval" != "xyes" ; then
3222 OPENSC_CONFIG=$withval/bin/opensc-config
3223 else
3224 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3225 fi
3226 if test "$OPENSC_CONFIG" != "no"; then
3227 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3228 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3229 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3230 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3231 AC_DEFINE(SMARTCARD)
3466e002 3232 AC_DEFINE(USE_OPENSC, 1,
3233 [Define if you want smartcard support
3234 using OpenSC])
987b458f 3235 SCARD_MSG="yes, using OpenSC"
3236 fi
3237 fi
3238 ]
3239)
d0b19c95 3240
c31dc31c 3241# Check libraries needed by DNS fingerprint support
aff51935 3242AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3243 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3244 [Define if getrrsetbyname() exists])],
3e05e934 3245 [
c31dc31c 3246 # Needed by our getrrsetbyname()
3247 AC_SEARCH_LIBS(res_query, resolv)
3248 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3249 AC_MSG_CHECKING(if res_query will link)
3250 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3251 [AC_MSG_RESULT(no)
3252 saved_LIBS="$LIBS"
3253 LIBS="$LIBS -lresolv"
3254 AC_MSG_CHECKING(for res_query in -lresolv)
3255 AC_LINK_IFELSE([
3256#include <resolv.h>
3257int main()
3258{
3259 res_query (0, 0, 0, 0, 0);
3260 return 0;
3261}
3262 ],
3263 [LIBS="$LIBS -lresolv"
3264 AC_MSG_RESULT(yes)],
3265 [LIBS="$saved_LIBS"
3266 AC_MSG_RESULT(no)])
3267 ])
c31dc31c 3268 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3269 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3270 [#include <sys/types.h>
3271 #include <arpa/nameser.h>])
c31dc31c 3272 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3273 [AC_DEFINE(HAVE_HEADER_AD, 1,
3274 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3275 [#include <arpa/nameser.h>])
3276 ])
3e05e934 3277
560acf80 3278AC_MSG_CHECKING(if struct __res_state _res is an extern)
3279AC_LINK_IFELSE([
3280#include <stdio.h>
3281#if HAVE_SYS_TYPES_H
3282# include <sys/types.h>
3283#endif
3284#include <netinet/in.h>
3285#include <arpa/nameser.h>
3286#include <resolv.h>
3287extern struct __res_state _res;
3288int main() { return 0; }
3289 ],
3290 [AC_MSG_RESULT(yes)
3291 AC_DEFINE(HAVE__RES_EXTERN, 1,
3292 [Define if you have struct __res_state _res as an extern])
3293 ],
3294 [ AC_MSG_RESULT(no) ]
3295)
3296
ef4d1846 3297# Check whether user wants SELinux support
3298SELINUX_MSG="no"
3299LIBSELINUX=""
3300AC_ARG_WITH(selinux,
bb23b54f 3301 [ --with-selinux Enable SELinux support],
ef4d1846 3302 [ if test "x$withval" != "xno" ; then
e54defb4 3303 save_LIBS="$LIBS"
ef4d1846 3304 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3305 SELINUX_MSG="yes"
3306 AC_CHECK_HEADER([selinux/selinux.h], ,
3307 AC_MSG_ERROR(SELinux support requires selinux.h header))
3308 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3309 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3310 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3311 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3312 LIBS="$save_LIBS"
ef4d1846 3313 fi ]
3314)
ef4d1846 3315
12928e80 3316# Check whether user wants Kerberos 5 support
aff51935 3317KRB5_MSG="no"
12928e80 3318AC_ARG_WITH(kerberos5,
aff51935 3319 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3320 [ if test "x$withval" != "xno" ; then
3321 if test "x$withval" = "xyes" ; then
3322 KRB5ROOT="/usr/local"
3323 else
3324 KRB5ROOT=${withval}
3325 fi
3326
3466e002 3327 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3328 KRB5_MSG="yes"
3329
3330 AC_MSG_CHECKING(for krb5-config)
3331 if test -x $KRB5ROOT/bin/krb5-config ; then
3332 KRB5CONF=$KRB5ROOT/bin/krb5-config
3333 AC_MSG_RESULT($KRB5CONF)
3334
3335 AC_MSG_CHECKING(for gssapi support)
3336 if $KRB5CONF | grep gssapi >/dev/null ; then
3337 AC_MSG_RESULT(yes)
3466e002 3338 AC_DEFINE(GSSAPI, 1,
3339 [Define this if you want GSSAPI
3340 support in the version 2 protocol])
071970fb 3341 k5confopts=gssapi
aff51935 3342 else
5585c441 3343 AC_MSG_RESULT(no)
071970fb 3344 k5confopts=""
aff51935 3345 fi
071970fb 3346 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3347 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3348 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3349 AC_MSG_CHECKING(whether we are using Heimdal)
3350 AC_TRY_COMPILE([ #include <krb5.h> ],
3351 [ char *tmp = heimdal_version; ],
3352 [ AC_MSG_RESULT(yes)
3466e002 3353 AC_DEFINE(HEIMDAL, 1,
3354 [Define this if you are using the
3355 Heimdal version of Kerberos V5]) ],
5585c441 3356 AC_MSG_RESULT(no)
3357 )
3358 else
3359 AC_MSG_RESULT(no)
12928e80 3360 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3361 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3362 AC_MSG_CHECKING(whether we are using Heimdal)
3363 AC_TRY_COMPILE([ #include <krb5.h> ],
3364 [ char *tmp = heimdal_version; ],
3365 [ AC_MSG_RESULT(yes)
3366 AC_DEFINE(HEIMDAL)
41707f74 3367 K5LIBS="-lkrb5 -ldes"
3368 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3369 AC_CHECK_LIB(roken, net_write,
41707f74 3370 [K5LIBS="$K5LIBS -lroken"])
aff51935 3371 ],
3372 [ AC_MSG_RESULT(no)
3373 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3374 ]
3375 )
4e00038c 3376 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3377
596a825b 3378 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
749560dd 3379 [ AC_DEFINE(GSSAPI)
596a825b 3380 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3381 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
749560dd 3382 [ AC_DEFINE(GSSAPI)
596a825b 3383 K5LIBS="-lgssapi $K5LIBS" ],
749560dd 3384 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3385 $K5LIBS)
3386 ],
3387 $K5LIBS)
82f4e93d 3388
749560dd 3389 AC_CHECK_HEADER(gssapi.h, ,
3390 [ unset ac_cv_header_gssapi_h
aff51935 3391 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3392 AC_CHECK_HEADERS(gssapi.h, ,
3393 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3394 )
749560dd 3395 ]
3396 )
3397
3398 oldCPP="$CPPFLAGS"
3399 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3400 AC_CHECK_HEADER(gssapi_krb5.h, ,
3401 [ CPPFLAGS="$oldCPP" ])
3402
aff51935 3403 fi
5585c441 3404 if test ! -z "$need_dash_r" ; then
3405 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3406 fi
3407 if test ! -z "$blibpath" ; then
3408 blibpath="$blibpath:${KRB5ROOT}/lib"
3409 fi
071970fb 3410
f5555364 3411 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3412 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3413 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3414
f5555364 3415 LIBS="$LIBS $K5LIBS"
3466e002 3416 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3417 [Define this if you want to use libkafs' AFS support]))
f5555364 3418 fi
071970fb 3419 ]
12928e80 3420)
b5b68128 3421
a0391976 3422# Looking for programs, paths and files
a0391976 3423
ecac8ee5 3424PRIVSEP_PATH=/var/empty
3425AC_ARG_WITH(privsep-path,
cda1ebcb 3426 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3427 [
6cf0200f 3428 if test -n "$withval" && test "x$withval" != "xno" && \
3429 test "x${withval}" != "xyes"; then
ecac8ee5 3430 PRIVSEP_PATH=$withval
3431 fi
3432 ]
3433)
3434AC_SUBST(PRIVSEP_PATH)
3435
a0391976 3436AC_ARG_WITH(xauth,
3437 [ --with-xauth=PATH Specify path to xauth program ],
3438 [
6cf0200f 3439 if test -n "$withval" && test "x$withval" != "xno" && \
3440 test "x${withval}" != "xyes"; then
cbd7492e 3441 xauth_path=$withval
a0391976 3442 fi
3443 ],
3444 [
2bf42e4a 3445 TestPath="$PATH"
3446 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3447 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3448 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3449 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3450 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3451 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3452 xauth_path="/usr/openwin/bin/xauth"
3453 fi
3454 ]
3455)
3456
65a4b4af 3457STRIP_OPT=-s
3458AC_ARG_ENABLE(strip,
3459 [ --disable-strip Disable calling strip(1) on install],
3460 [
3461 if test "x$enableval" = "xno" ; then
3462 STRIP_OPT=
3463 fi
3464 ]
3465)
3466AC_SUBST(STRIP_OPT)
3467
b3ec54b4 3468if test -z "$xauth_path" ; then
3469 XAUTH_PATH="undefined"
3470 AC_SUBST(XAUTH_PATH)
3471else
3466e002 3472 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3473 [Define if xauth is found in your path])
b3ec54b4 3474 XAUTH_PATH=$xauth_path
3475 AC_SUBST(XAUTH_PATH)
a0391976 3476fi
a0391976 3477
3478# Check for mail directory (last resort if we cannot get it from headers)
3479if test ! -z "$MAIL" ; then
3480 maildir=`dirname $MAIL`
3466e002 3481 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3482 [Set this to your mail directory if you don't have maillock.h])
a0391976 3483fi
3484
479cece8 3485if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3486 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3487 disable_ptmx_check=yes
3488fi
a0391976 3489if test -z "$no_dev_ptmx" ; then
6e879cb4 3490 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3491 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3492 [
3466e002 3493 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3494 [Define if you have /dev/ptmx])
6e879cb4 3495 have_dev_ptmx=1
3496 ]
3497 )
3498 fi
3276571c 3499fi
1a01a50c 3500
479cece8 3501if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3502 AC_CHECK_FILE("/dev/ptc",
3503 [
3466e002 3504 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3505 [Define if you have /dev/ptc])
1a01a50c 3506 have_dev_ptc=1
3507 ]
3508 )
3509else
3510 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3511fi
3276571c 3512
a0391976 3513# Options from here on. Some of these are preset by platform above
fdf6b7aa 3514AC_ARG_WITH(mantype,
5d97cfbf 3515 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3516 [
5d97cfbf 3517 case "$withval" in
3518 man|cat|doc)
3519 MANTYPE=$withval
3520 ;;
3521 *)
3522 AC_MSG_ERROR(invalid man type: $withval)
3523 ;;
3524 esac
c54a6257 3525 ]
3526)
e0c4d3ac 3527if test -z "$MANTYPE"; then
2bf42e4a 3528 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3529 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3530 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3531 MANTYPE=doc
3532 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3533 MANTYPE=man
3534 else
3535 MANTYPE=cat
3536 fi
3537fi
c54a6257 3538AC_SUBST(MANTYPE)
e0c4d3ac 3539if test "$MANTYPE" = "doc"; then
3540 mansubdir=man;
3541else
3542 mansubdir=$MANTYPE;
3543fi
3544AC_SUBST(mansubdir)
0bc5b6fb 3545
a0391976 3546# Check whether to enable MD5 passwords
aff51935 3547MD5_MSG="no"
2ddcfdf3 3548AC_ARG_WITH(md5-passwords,
caf3bc51 3549 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3550 [
bcf36c78 3551 if test "x$withval" != "xno" ; then
3466e002 3552 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3553 [Define if you want to allow MD5 passwords])
aff51935 3554 MD5_MSG="yes"
0bc5b6fb 3555 fi
3556 ]
caf3bc51 3557)
3558
a0391976 3559# Whether to disable shadow password support
a7effaac 3560AC_ARG_WITH(shadow,
3561 [ --without-shadow Disable shadow password support],
3562 [
82f4e93d 3563 if test "x$withval" = "xno" ; then
a7effaac 3564 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3565 disable_shadow=yes
a7effaac 3566 fi
3567 ]
3568)
3569
4cb5ffa0 3570if test -z "$disable_shadow" ; then
3571 AC_MSG_CHECKING([if the systems has expire shadow information])
3572 AC_TRY_COMPILE(
3573 [
3574#include <sys/types.h>
3575#include <shadow.h>
3576 struct spwd sp;
3577 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3578 [ sp_expire_available=yes ], []
3579 )
3580
3581 if test "x$sp_expire_available" = "xyes" ; then
3582 AC_MSG_RESULT(yes)
3466e002 3583 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3584 [Define if you want to use shadow password expire field])
4cb5ffa0 3585 else
3586 AC_MSG_RESULT(no)
3587 fi
3588fi
3589
a0391976 3590# Use ip address instead of hostname in $DISPLAY
44839801 3591if test ! -z "$IPADDR_IN_DISPLAY" ; then
3592 DISPLAY_HACK_MSG="yes"
3466e002 3593 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3594 [Define if you need to use IP address
3595 instead of hostname in $DISPLAY])
44839801 3596else
aff51935 3597 DISPLAY_HACK_MSG="no"
44839801 3598 AC_ARG_WITH(ipaddr-display,
3599 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3600 [
82f4e93d 3601 if test "x$withval" != "xno" ; then
44839801 3602 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3603 DISPLAY_HACK_MSG="yes"
44839801 3604 fi
3605 ]
3606 )
3607fi
a7effaac 3608
95b99395 3609# check for /etc/default/login and use it if present.
daa41e62 3610AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3611 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3612 [ if test "x$enableval" = "xno"; then
3613 AC_MSG_NOTICE([/etc/default/login handling disabled])
3614 etc_default_login=no
3615 else
3616 etc_default_login=yes
3617 fi ],
b0e7249f 3618 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3619 then
3620 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3621 etc_default_login=no
3622 else
3623 etc_default_login=yes
3624 fi ]
694d0cef 3625)
95b99395 3626
694d0cef 3627if test "x$etc_default_login" != "xno"; then
3628 AC_CHECK_FILE("/etc/default/login",
3629 [ external_path_file=/etc/default/login ])
b0e7249f 3630 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3631 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3632 [Define if your system has /etc/default/login])
1a01a50c 3633 fi
694d0cef 3634fi
95b99395 3635
8d184c09 3636dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3637if test $ac_cv_func_login_getcapbool = "yes" && \
3638 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3639 external_path_file=/etc/login.conf
8d184c09 3640fi
95b99395 3641
a0391976 3642# Whether to mess with the default path
aff51935 3643SERVER_PATH_MSG="(default)"
c43d69a9 3644AC_ARG_WITH(default-path,
75817f90 3645 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3646 [
95b99395 3647 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3648 AC_MSG_WARN([
3649--with-default-path=PATH has no effect on this system.
3650Edit /etc/login.conf instead.])
82f4e93d 3651 elif test "x$withval" != "xno" ; then
89bbd457 3652 if test ! -z "$external_path_file" ; then
95b99395 3653 AC_MSG_WARN([
3654--with-default-path=PATH will only be used if PATH is not defined in
3655$external_path_file .])
3656 fi
b2d818e6 3657 user_path="$withval"
aff51935 3658 SERVER_PATH_MSG="$withval"
cb807f40 3659 fi
b2d818e6 3660 ],
95b99395 3661 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3662 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3663 else
89bbd457 3664 if test ! -z "$external_path_file" ; then
95b99395 3665 AC_MSG_WARN([
3666If PATH is defined in $external_path_file, ensure the path to scp is included,
3667otherwise scp will not work.])
3668 fi
b0e7249f 3669 AC_RUN_IFELSE(
3670 [AC_LANG_SOURCE([[
b2d818e6 3671/* find out what STDPATH is */
3672#include <stdio.h>
b2d818e6 3673#ifdef HAVE_PATHS_H
3674# include <paths.h>
3675#endif
3676#ifndef _PATH_STDPATH
d9a4e55b 3677# ifdef _PATH_USERPATH /* Irix */
3678# define _PATH_STDPATH _PATH_USERPATH
3679# else
3680# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3681# endif
b2d818e6 3682#endif
3683#include <sys/types.h>
3684#include <sys/stat.h>
3685#include <fcntl.h>
3686#define DATA "conftest.stdpath"
3687
3688main()
3689{
3690 FILE *fd;
3691 int rc;
82f4e93d 3692
b2d818e6 3693 fd = fopen(DATA,"w");
3694 if(fd == NULL)
3695 exit(1);
82f4e93d 3696
b2d818e6 3697 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3698 exit(1);
3699
3700 exit(0);
3701}
b0e7249f 3702 ]])],
3703 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3704 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3705 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3706 )
3707# make sure $bindir is in USER_PATH so scp will work
3708 t_bindir=`eval echo ${bindir}`
3709 case $t_bindir in
3710 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3711 esac
3712 case $t_bindir in
3713 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3714 esac
3715 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3716 if test $? -ne 0 ; then
3717 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3718 if test $? -ne 0 ; then
3719 user_path=$user_path:$t_bindir
3720 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3721 fi
3722 fi
8d184c09 3723 fi ]
cb807f40 3724)
95b99395 3725if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3726 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3727 AC_SUBST(user_path)
3728fi
cb807f40 3729
06617857 3730# Set superuser path separately to user path
06617857 3731AC_ARG_WITH(superuser-path,
3732 [ --with-superuser-path= Specify different path for super-user],
3733 [
6cf0200f 3734 if test -n "$withval" && test "x$withval" != "xno" && \
3735 test "x${withval}" != "xyes"; then
3466e002 3736 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3737 [Define if you want a different $PATH
3738 for the superuser])
06617857 3739 superuser_path=$withval
3740 fi
3741 ]
3742)
3743
3744
58d100bf 3745AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3746IPV4_IN6_HACK_MSG="no"
80faa19f 3747AC_ARG_WITH(4in6,
3748 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3749 [
3750 if test "x$withval" != "xno" ; then
3751 AC_MSG_RESULT(yes)
3466e002 3752 AC_DEFINE(IPV4_IN_IPV6, 1,
3753 [Detect IPv4 in IPv6 mapped addresses
3754 and treat as IPv4])
aff51935 3755 IPV4_IN6_HACK_MSG="yes"
80faa19f 3756 else
3757 AC_MSG_RESULT(no)
3758 fi
3759 ],[
3760 if test "x$inet6_default_4in6" = "xyes"; then
3761 AC_MSG_RESULT([yes (default)])
3762 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3763 IPV4_IN6_HACK_MSG="yes"
80faa19f 3764 else
3765 AC_MSG_RESULT([no (default)])
3766 fi
3767 ]
3768)
3769
af774732 3770# Whether to enable BSD auth support
f1b0ecc3 3771BSD_AUTH_MSG=no
af774732 3772AC_ARG_WITH(bsd-auth,
3773 [ --with-bsd-auth Enable BSD auth support],
3774 [
82f4e93d 3775 if test "x$withval" != "xno" ; then
3466e002 3776 AC_DEFINE(BSD_AUTH, 1,
3777 [Define if you have BSD auth support])
f1b0ecc3 3778 BSD_AUTH_MSG=yes
af774732 3779 fi
3780 ]
3781)
3782
a0391976 3783# Where to place sshd.pid
19d9ac2a 3784piddir=/var/run
81dadca3 3785# make sure the directory exists
82f4e93d 3786if test ! -d $piddir ; then
81dadca3 3787 piddir=`eval echo ${sysconfdir}`
3788 case $piddir in
aff51935 3789 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3790 esac
3791fi
3792
47e45e44 3793AC_ARG_WITH(pid-dir,
3794 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3795 [
6cf0200f 3796 if test -n "$withval" && test "x$withval" != "xno" && \
3797 test "x${withval}" != "xyes"; then
19d9ac2a 3798 piddir=$withval
82f4e93d 3799 if test ! -d $piddir ; then
81dadca3 3800 AC_MSG_WARN([** no $piddir directory on this system **])
3801 fi
47e45e44 3802 fi
3803 ]
3804)
b7a87eea 3805
3466e002 3806AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3807AC_SUBST(piddir)
47e45e44 3808
1d7b9b20 3809dnl allow user to disable some login recording features
3810AC_ARG_ENABLE(lastlog,
bfd550a2 3811 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3812 [
3813 if test "x$enableval" = "xno" ; then
3814 AC_DEFINE(DISABLE_LASTLOG)
3815 fi
3816 ]
1d7b9b20 3817)
3818AC_ARG_ENABLE(utmp,
bfd550a2 3819 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3820 [
3821 if test "x$enableval" = "xno" ; then
3822 AC_DEFINE(DISABLE_UTMP)
3823 fi
3824 ]
1d7b9b20 3825)
3826AC_ARG_ENABLE(utmpx,
bfd550a2 3827 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3828 [
3829 if test "x$enableval" = "xno" ; then
3466e002 3830 AC_DEFINE(DISABLE_UTMPX, 1,
3831 [Define if you don't want to use utmpx])
ddb154b3 3832 fi
3833 ]
1d7b9b20 3834)
3835AC_ARG_ENABLE(wtmp,
bfd550a2 3836 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3837 [
3838 if test "x$enableval" = "xno" ; then
3839 AC_DEFINE(DISABLE_WTMP)
3840 fi
3841 ]
1d7b9b20 3842)
3843AC_ARG_ENABLE(wtmpx,
bfd550a2 3844 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3845 [
3846 if test "x$enableval" = "xno" ; then
3466e002 3847 AC_DEFINE(DISABLE_WTMPX, 1,
3848 [Define if you don't want to use wtmpx])
ddb154b3 3849 fi
3850 ]
1d7b9b20 3851)
3852AC_ARG_ENABLE(libutil,
bfd550a2 3853 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3854 [
3855 if test "x$enableval" = "xno" ; then
3856 AC_DEFINE(DISABLE_LOGIN)
3857 fi
3858 ]
1d7b9b20 3859)
3860AC_ARG_ENABLE(pututline,
bfd550a2 3861 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3862 [
3863 if test "x$enableval" = "xno" ; then
3466e002 3864 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3865 [Define if you don't want to use pututline()
3866 etc. to write [uw]tmp])
ddb154b3 3867 fi
3868 ]
1d7b9b20 3869)
3870AC_ARG_ENABLE(pututxline,
bfd550a2 3871 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3872 [
3873 if test "x$enableval" = "xno" ; then
3466e002 3874 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3875 [Define if you don't want to use pututxline()
3876 etc. to write [uw]tmpx])
ddb154b3 3877 fi
3878 ]
1d7b9b20 3879)
3880AC_ARG_WITH(lastlog,
bfd550a2 3881 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3882 [
82f4e93d 3883 if test "x$withval" = "xno" ; then
8c89dd2b 3884 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3885 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3886 conf_lastlog_location=$withval
3887 fi
3888 ]
3889)
1d7b9b20 3890
3891dnl lastlog, [uw]tmpx? detection
3892dnl NOTE: set the paths in the platform section to avoid the
3893dnl need for command-line parameters
3894dnl lastlog and [uw]tmp are subject to a file search if all else fails
3895
3896dnl lastlog detection
3897dnl NOTE: the code itself will detect if lastlog is a directory
3898AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3899AC_TRY_COMPILE([
3900#include <sys/types.h>
3901#include <utmp.h>
3902#ifdef HAVE_LASTLOG_H
3903# include <lastlog.h>
3904#endif
d7c0f3d5 3905#ifdef HAVE_PATHS_H
1d7b9b20 3906# include <paths.h>
41cb4569 3907#endif
3908#ifdef HAVE_LOGIN_H
3909# include <login.h>
1d7b9b20 3910#endif
3911 ],
3912 [ char *lastlog = LASTLOG_FILE; ],
3913 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3914 [
3915 AC_MSG_RESULT(no)
3916 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3917 AC_TRY_COMPILE([
3918#include <sys/types.h>
3919#include <utmp.h>
3920#ifdef HAVE_LASTLOG_H
3921# include <lastlog.h>
3922#endif
3923#ifdef HAVE_PATHS_H
3924# include <paths.h>
3925#endif
3926 ],
3927 [ char *lastlog = _PATH_LASTLOG; ],
3928 [ AC_MSG_RESULT(yes) ],
3929 [
f282b668 3930 AC_MSG_RESULT(no)
d7c0f3d5 3931 system_lastlog_path=no
3932 ])
3933 ]
1d7b9b20 3934)
d7c0f3d5 3935
1d7b9b20 3936if test -z "$conf_lastlog_location"; then
3937 if test x"$system_lastlog_path" = x"no" ; then
3938 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3939 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3940 conf_lastlog_location=$f
3941 fi
3942 done
3943 if test -z "$conf_lastlog_location"; then
f8119cef 3944 AC_MSG_WARN([** Cannot find lastlog **])
3945 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3946 fi
3947 fi
3948fi
3949
3950if test -n "$conf_lastlog_location"; then
3466e002 3951 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3952 [Define if you want to specify the path to your lastlog file])
82f4e93d 3953fi
1d7b9b20 3954
3955dnl utmp detection
3956AC_MSG_CHECKING([if your system defines UTMP_FILE])
3957AC_TRY_COMPILE([
3958#include <sys/types.h>
3959#include <utmp.h>
d7c0f3d5 3960#ifdef HAVE_PATHS_H
1d7b9b20 3961# include <paths.h>
3962#endif
3963 ],
3964 [ char *utmp = UTMP_FILE; ],
3965 [ AC_MSG_RESULT(yes) ],
3966 [ AC_MSG_RESULT(no)
3967 system_utmp_path=no ]
3968)
3969if test -z "$conf_utmp_location"; then
3970 if test x"$system_utmp_path" = x"no" ; then
3971 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3972 if test -f $f ; then
3973 conf_utmp_location=$f
3974 fi
3975 done
3976 if test -z "$conf_utmp_location"; then
3977 AC_DEFINE(DISABLE_UTMP)
3978 fi
3979 fi
3980fi
3981if test -n "$conf_utmp_location"; then
3466e002 3982 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3983 [Define if you want to specify the path to your utmp file])
82f4e93d 3984fi
1d7b9b20 3985
3986dnl wtmp detection
3987AC_MSG_CHECKING([if your system defines WTMP_FILE])
3988AC_TRY_COMPILE([
3989#include <sys/types.h>
3990#include <utmp.h>
d7c0f3d5 3991#ifdef HAVE_PATHS_H
1d7b9b20 3992# include <paths.h>
3993#endif
3994 ],
3995 [ char *wtmp = WTMP_FILE; ],
3996 [ AC_MSG_RESULT(yes) ],
3997 [ AC_MSG_RESULT(no)
3998 system_wtmp_path=no ]
3999)
4000if test -z "$conf_wtmp_location"; then
4001 if test x"$system_wtmp_path" = x"no" ; then
4002 for f in /usr/adm/wtmp /var/log/wtmp; do
4003 if test -f $f ; then
4004 conf_wtmp_location=$f
4005 fi
4006 done
4007 if test -z "$conf_wtmp_location"; then
4008 AC_DEFINE(DISABLE_WTMP)
4009 fi
4010 fi
4011fi
4012if test -n "$conf_wtmp_location"; then
3466e002 4013 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4014 [Define if you want to specify the path to your wtmp file])
82f4e93d 4015fi
1d7b9b20 4016
4017
4018dnl utmpx detection - I don't know any system so perverse as to require
4019dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4020dnl there, though.
4021AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4022AC_TRY_COMPILE([
4023#include <sys/types.h>
4024#include <utmp.h>
4025#ifdef HAVE_UTMPX_H
4026#include <utmpx.h>
4027#endif
d7c0f3d5 4028#ifdef HAVE_PATHS_H
1d7b9b20 4029# include <paths.h>
4030#endif
4031 ],
4032 [ char *utmpx = UTMPX_FILE; ],
4033 [ AC_MSG_RESULT(yes) ],
4034 [ AC_MSG_RESULT(no)
4035 system_utmpx_path=no ]
4036)
4037if test -z "$conf_utmpx_location"; then
4038 if test x"$system_utmpx_path" = x"no" ; then
4039 AC_DEFINE(DISABLE_UTMPX)
4040 fi
4041else
3466e002 4042 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4043 [Define if you want to specify the path to your utmpx file])
82f4e93d 4044fi
1d7b9b20 4045
4046dnl wtmpx detection
4047AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4048AC_TRY_COMPILE([
4049#include <sys/types.h>
4050#include <utmp.h>
4051#ifdef HAVE_UTMPX_H
4052#include <utmpx.h>
4053#endif
d7c0f3d5 4054#ifdef HAVE_PATHS_H
1d7b9b20 4055# include <paths.h>
4056#endif
4057 ],
4058 [ char *wtmpx = WTMPX_FILE; ],
4059 [ AC_MSG_RESULT(yes) ],
4060 [ AC_MSG_RESULT(no)
4061 system_wtmpx_path=no ]
4062)
4063if test -z "$conf_wtmpx_location"; then
4064 if test x"$system_wtmpx_path" = x"no" ; then
4065 AC_DEFINE(DISABLE_WTMPX)
4066 fi
4067else
3466e002 4068 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4069 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4070fi
1d7b9b20 4071
b7a87eea 4072
bd499f9e 4073if test ! -z "$blibpath" ; then
68ece370 4074 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4075 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4076fi
4077
ed89c848 4078dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4079dnl Add now.
4080CFLAGS="$CFLAGS $werror_flags"
4081
edee47f5 4082if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4083 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4084 AC_SUBST(TEST_SSH_IPV6, no)
4085else
4086 AC_SUBST(TEST_SSH_IPV6, yes)
4087fi
4088
3c62e7eb 4089AC_EXEEXT
29eadd7c 4090AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4091 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4092 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4093AC_OUTPUT
d3083fbd 4094
cbd7492e 4095# Print summary of options
4096
cbd7492e 4097# Someone please show me a better way :)
4098A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4099B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4100C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4101D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4102E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4103F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4104G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4105H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4106I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4107J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4108
4109echo ""
26de7942 4110echo "OpenSSH has been configured with the following options:"
ecac8ee5 4111echo " User binaries: $B"
4112echo " System binaries: $C"
4113echo " Configuration files: $D"
4114echo " Askpass program: $E"
4115echo " Manual pages: $F"
4116echo " PID file: $G"
4117echo " Privilege separation chroot path: $H"
95b99395 4118if test "x$external_path_file" = "x/etc/login.conf" ; then
4119echo " At runtime, sshd will use the path defined in $external_path_file"
4120echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4121else
ecac8ee5 4122echo " sshd default user PATH: $I"
89bbd457 4123 if test ! -z "$external_path_file"; then
95b99395 4124echo " (If PATH is set in $external_path_file it will be used instead. If"
4125echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4126 fi
8d184c09 4127fi
06617857 4128if test ! -z "$superuser_path" ; then
ecac8ee5 4129echo " sshd superuser user PATH: $J"
4130fi
4131echo " Manpage format: $MANTYPE"
3e05e934 4132echo " PAM support: $PAM_MSG"
5b84789f 4133echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4134echo " KerberosV support: $KRB5_MSG"
ef4d1846 4135echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4136echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4137echo " S/KEY support: $SKEY_MSG"
4138echo " TCP Wrappers support: $TCPW_MSG"
4139echo " MD5 password support: $MD5_MSG"
59031773 4140echo " libedit support: $LIBEDIT_MSG"
5b84789f 4141echo " Solaris process contract support: $SPC_MSG"
3deb1408 4142echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4143echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4144echo " BSD Auth support: $BSD_AUTH_MSG"
4145echo " Random number source: $RAND_MSG"
f1b0ecc3 4146if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4147echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4148fi
4149
cbd7492e 4150echo ""
4151
0c2fb82f 4152echo " Host: ${host}"
4153echo " Compiler: ${CC}"
4154echo " Compiler flags: ${CFLAGS}"
4155echo "Preprocessor flags: ${CPPFLAGS}"
4156echo " Linker flags: ${LDFLAGS}"
e54defb4 4157echo " Libraries: ${LIBS}"
4158if test ! -z "${SSHDLIBS}"; then
4159echo " +for sshd: ${SSHDLIBS}"
4160fi
cbd7492e 4161
4162echo ""
4163
9cefe228 4164if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4165 echo "SVR4 style packages are supported with \"make package\""
4166 echo ""
9cefe228 4167fi
4168
adeebd37 4169if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4170 echo "PAM is enabled. You may need to install a PAM control file "
4171 echo "for sshd, otherwise password authentication may fail. "
aff51935 4172 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4173 echo "subdirectory"
adeebd37 4174 echo ""
4175fi
4176
f1b0ecc3 4177if test ! -z "$RAND_HELPER_CMDHASH" ; then
4178 echo "WARNING: you are using the builtin random number collection "
4179 echo "service. Please read WARNING.RNG and request that your OS "
4180 echo "vendor includes kernel-based random number collection in "
4181 echo "future versions of your OS."
2c523de9 4182 echo ""
4183fi
af774732 4184
2f6f9cff 4185if test ! -z "$NO_PEERCHECK" ; then
1961d660 4186 echo "WARNING: the operating system that you are using does not"
4187 echo "appear to support getpeereid(), getpeerucred() or the"
4188 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4189 echo "enforce security checks to prevent unauthorised connections to"
4190 echo "ssh-agent. Their absence increases the risk that a malicious"
4191 echo "user can connect to your agent."
2f6f9cff 4192 echo ""
4193fi
4194
7b578f7d 4195if test "$AUDIT_MODULE" = "bsm" ; then
4196 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4197 echo "See the Solaris section in README.platform for details."
4198fi
git-cvsimport mirror of OpenSSH
This page took 1.118415 seconds and 5 git commands to generate.