]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c]
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
bc6f919d 17AC_INIT(OpenSSH, Portable)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
78
d423d822 79AC_C_INLINE
aff51935 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
d423d822 82fi
83
e6354014 84AC_ARG_WITH(rpath,
85 [ --without-rpath Disable auto-added -R linker paths],
86 [
87 if test "x$withval" = "xno" ; then
88 need_dash_r=""
89 fi
90 if test "x$withval" = "xyes" ; then
91 need_dash_r=1
92 fi
93 ]
94)
95
a0391976 96# Check for some target-specific stuff
a7effaac 97case "$host" in
9d6b1b96 98*-*-aix*)
aff51935 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 100 if (test -z "$blibpath"); then
0a15d73b 101 blibpath="/usr/lib:/lib"
68ece370 102 fi
103 saved_LDFLAGS="$LDFLAGS"
104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
105 if (test -z "$blibflags"); then
106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
107 AC_TRY_LINK([], [], [blibflags=$tryflags])
108 fi
109 done
110 if (test -z "$blibflags"); then
111 AC_MSG_RESULT(not found)
112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
113 else
114 AC_MSG_RESULT($blibflags)
bd499f9e 115 fi
68ece370 116 LDFLAGS="$saved_LDFLAGS"
e351e493 117 dnl Check for authenticate. Might be in libs.a on older AIXes
118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 119 [AC_CHECK_LIB(s,authenticate,
e351e493 120 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 121 LIBS="$LIBS -ls"
122 ])
123 ])
e351e493 124 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
125 AC_CHECK_DECL(loginfailed,
126 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
127 AC_TRY_COMPILE(
f58c0e01 128 [#include <usersec.h>],
e351e493 129 [(void)loginfailed("user","host","tty",0);],
130 [AC_MSG_RESULT(yes)
131 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 132 [AC_MSG_RESULT(no)]
e351e493 133 )],
134 [],
135 [#include <usersec.h>]
136 )
2aa3a16c 137 AC_CHECK_FUNCS(setauthdb)
4c8ef3fb 138 AC_DEFINE(BROKEN_GETADDRINFO)
1352689f 139 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 140 AC_DEFINE(SETEUID_BREAKS_SETUID)
141 AC_DEFINE(BROKEN_SETREUID)
142 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 143 dnl AIX handles lastlog as part of its login message
144 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 145 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 146 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 147 ;;
3c62e7eb 148*-*-cygwin*)
a52997bd 149 check_for_libcrypt_later=1
ffb8d130 150 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 151 AC_DEFINE(HAVE_CYGWIN)
7043a38d 152 AC_DEFINE(USE_PIPES)
3c62e7eb 153 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 154 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 155 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 156 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 157 AC_DEFINE(DISABLE_FD_PASSING)
246446cd 158 AC_DEFINE(SETGROUPS_NOOP)
3c62e7eb 159 ;;
d6fdb079 160*-*-dgux*)
161 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 162 AC_DEFINE(SETEUID_BREAKS_SETUID)
163 AC_DEFINE(BROKEN_SETREUID)
164 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 165 ;;
39c98ef7 166*-*-darwin*)
33e2e066 167 AC_MSG_CHECKING(if we have working getaddrinfo)
168 AC_TRY_RUN([#include <mach-o/dyld.h>
169main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
170 exit(0);
171 else
172 exit(1);
173}], [AC_MSG_RESULT(working)],
174 [AC_MSG_RESULT(buggy)
175 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 176 [AC_MSG_RESULT(assume it is working)])
635e0c42 177 AC_DEFINE(SETEUID_BREAKS_SETUID)
178 AC_DEFINE(BROKEN_SETREUID)
179 AC_DEFINE(BROKEN_SETREGID)
ff620033 180 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 181 ;;
6e879cb4 182*-*-hpux10.26)
183 if test -z "$GCC"; then
184 CFLAGS="$CFLAGS -Ae"
185 fi
186 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
187 IPADDR_IN_DISPLAY=yes
188 AC_DEFINE(HAVE_SECUREWARE)
189 AC_DEFINE(USE_PIPES)
190 AC_DEFINE(LOGIN_NO_ENDOPT)
191 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 192 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 193 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 194 LIBS="$LIBS -lsec -lsecpw"
195 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
6e879cb4 196 disable_ptmx_check=yes
197 ;;
a7effaac 198*-*-hpux10*)
199 if test -z "$GCC"; then
fc1e8bf4 200 CFLAGS="$CFLAGS -Ae"
a7effaac 201 fi
28564873 202 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 203 IPADDR_IN_DISPLAY=yes
137d7b6c 204 AC_DEFINE(USE_PIPES)
a2572aa7 205 AC_DEFINE(LOGIN_NO_ENDOPT)
206 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 207 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 208 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 209 LIBS="$LIBS -lsec"
210 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
a7effaac 211 ;;
2b763e31 212*-*-hpux11*)
b8fea62d 213 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 214 IPADDR_IN_DISPLAY=yes
adeebd37 215 AC_DEFINE(PAM_SUN_CODEBASE)
2b10f47a 216 AC_DEFINE(USE_PIPES)
a2572aa7 217 AC_DEFINE(LOGIN_NO_ENDOPT)
218 AC_DEFINE(LOGIN_NEEDS_UTMPX)
764d4113 219 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 220 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 221 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
b6610e8f 222 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
2fe51906 223 check_for_hpux_broken_getaddrinfo=1
b29fd59f 224 check_for_conflicting_getspnam=1
f75ca46d 225 LIBS="$LIBS -lsec"
226 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2b763e31 227 ;;
d94aa2ae 228*-*-irix5*)
6ac7829a 229 PATH="$PATH:/usr/etc"
416ed5a7 230 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 231 AC_DEFINE(SETEUID_BREAKS_SETUID)
232 AC_DEFINE(BROKEN_SETREUID)
233 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 234 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 235 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 236 ;;
237*-*-irix6*)
6ac7829a 238 PATH="$PATH:/usr/etc"
3206bb3b 239 AC_DEFINE(WITH_IRIX_ARRAY)
240 AC_DEFINE(WITH_IRIX_PROJECT)
241 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 242 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 243 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 244 AC_DEFINE(SETEUID_BREAKS_SETUID)
245 AC_DEFINE(BROKEN_SETREUID)
246 AC_DEFINE(BROKEN_SETREGID)
3d59832f 247 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 248 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 249 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 250 ;;
5cdfe03f 251*-*-linux*)
252 no_dev_ptmx=1
717057b6 253 check_for_libcrypt_later=1
eacb954e 254 check_for_openpty_ctty_bug=1
80faa19f 255 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 256 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 257 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 258 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 259 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 260 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
261 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 262 inet6_default_4in6=yes
bf7c1e6c 263 case `uname -r` in
ad84c479 264 1.*|2.0.*)
bf7c1e6c 265 AC_DEFINE(BROKEN_CMSG_TYPE)
266 ;;
bf7c1e6c 267 esac
5cdfe03f 268 ;;
66d6c27e 269mips-sony-bsd|mips-sony-newsos4)
270 AC_DEFINE(HAVE_NEWS4)
271 SONY=1
66d6c27e 272 ;;
d468fc76 273*-*-netbsd*)
33e2e066 274 check_for_libcrypt_before=1
e6354014 275 if test "x$withval" != "xno" ; then
276 need_dash_r=1
277 fi
d468fc76 278 ;;
86b416a7 279*-*-freebsd*)
280 check_for_libcrypt_later=1
281 ;;
8707b7eb 282*-*-bsdi*)
283 AC_DEFINE(SETEUID_BREAKS_SETUID)
284 AC_DEFINE(BROKEN_SETREUID)
285 AC_DEFINE(BROKEN_SETREGID)
286 ;;
729bfe59 287*-next-*)
729bfe59 288 conf_lastlog_location="/usr/adm/lastlog"
698d107e 289 conf_utmp_location=/etc/utmp
290 conf_wtmp_location=/usr/adm/wtmp
291 MAIL=/usr/spool/mail
729bfe59 292 AC_DEFINE(HAVE_NEXT)
443172c4 293 AC_DEFINE(BROKEN_REALPATH)
00937921 294 AC_DEFINE(USE_PIPES)
86b416a7 295 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 296 ;;
9d6b1b96 297*-*-solaris*)
010e9d5b 298 if test "x$withval" != "xno" ; then
299 need_dash_r=1
300 fi
adeebd37 301 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 302 AC_DEFINE(LOGIN_NEEDS_UTMPX)
303 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 304 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 305 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 306 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 307 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
308 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 309 external_path_file=/etc/default/login
1d7b9b20 310 # hardwire lastlog location (can't detect it on some versions)
311 conf_lastlog_location="/var/adm/lastlog"
32c80420 312 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
313 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
314 if test "$sol2ver" -ge 8; then
315 AC_MSG_RESULT(yes)
316 AC_DEFINE(DISABLE_UTMP)
317 AC_DEFINE(DISABLE_WTMP)
318 else
319 AC_MSG_RESULT(no)
320 fi
9d6b1b96 321 ;;
a423beaf 322*-*-sunos4*)
0c2fb82f 323 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 324 AC_CHECK_FUNCS(getpwanam)
adeebd37 325 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 326 conf_utmp_location=/etc/utmp
327 conf_wtmp_location=/var/adm/wtmp
328 conf_lastlog_location=/var/adm/lastlog
137d7b6c 329 AC_DEFINE(USE_PIPES)
a423beaf 330 ;;
6f68f28a 331*-ncr-sysv*)
98a7c37b 332 LIBS="$LIBS -lc89"
29525240 333 AC_DEFINE(USE_PIPES)
eabb99c6 334 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 335 AC_DEFINE(SETEUID_BREAKS_SETUID)
336 AC_DEFINE(BROKEN_SETREUID)
337 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 338 ;;
132dd316 339*-sni-sysv*)
c8c15bcb 340 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 341 AC_CHECK_LIB(dl, dlsym, ,)
9548d6c8 342 IPADDR_IN_DISPLAY=yes
343 AC_DEFINE(USE_PIPES)
132dd316 344 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 345 AC_DEFINE(SETEUID_BREAKS_SETUID)
346 AC_DEFINE(BROKEN_SETREUID)
347 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 348 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 349 external_path_file=/etc/default/login
c8c15bcb 350 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
351 # Attention: always take care to bind libsocket and libnsl before libc,
352 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 353 ;;
79a7ba96 354# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 355*-*-sysv4.2*)
ed6553e2 356 AC_DEFINE(USE_PIPES)
7ed101c0 357 AC_DEFINE(SETEUID_BREAKS_SETUID)
358 AC_DEFINE(BROKEN_SETREUID)
359 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 360 ;;
79a7ba96 361# UnixWare 7.x, OpenUNIX 8
77bb0bca 362*-*-sysv5*)
ed6553e2 363 AC_DEFINE(USE_PIPES)
7ed101c0 364 AC_DEFINE(SETEUID_BREAKS_SETUID)
365 AC_DEFINE(BROKEN_SETREUID)
366 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 367 ;;
9d6b1b96 368*-*-sysv*)
9d6b1b96 369 ;;
79a7ba96 370# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 371*-*-sco3.2v4*)
0a15d73b 372 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize"
f9e4952c 373 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm"
77bb0bca 374 RANLIB=true
ed6553e2 375 no_dev_ptmx=1
77bb0bca 376 AC_DEFINE(BROKEN_SYS_TERMIO_H)
ed6553e2 377 AC_DEFINE(USE_PIPES)
6e879cb4 378 AC_DEFINE(HAVE_SECUREWARE)
d287c664 379 AC_DEFINE(DISABLE_SHADOW)
86b416a7 380 AC_DEFINE(BROKEN_SAVED_UIDS)
9ff90d99 381 AC_DEFINE(SETEUID_BREAKS_SETUID)
382 AC_DEFINE(BROKEN_SETREUID)
383 AC_DEFINE(BROKEN_SETREGID)
bcebad47 384 AC_DEFINE(WITH_ABBREV_NO_TTY)
aca75d94 385 AC_CHECK_FUNCS(getluid setluid)
533875af 386 MANTYPE=man
98a7c37b 387 do_sco3_extra_lib_check=yes
a3245b92 388 TEST_SHELL=ksh
77bb0bca 389 ;;
79a7ba96 390# SCO OpenServer 5.x
77bb0bca 391*-*-sco3.2v5*)
21710e39 392 if test -z "$GCC"; then
393 CFLAGS="$CFLAGS -belf"
394 fi
ed6553e2 395 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 396 no_dev_ptmx=1
ed6553e2 397 AC_DEFINE(USE_PIPES)
6e879cb4 398 AC_DEFINE(HAVE_SECUREWARE)
d287c664 399 AC_DEFINE(DISABLE_SHADOW)
94d8258b 400 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 401 AC_DEFINE(SETEUID_BREAKS_SETUID)
402 AC_DEFINE(BROKEN_SETREUID)
403 AC_DEFINE(BROKEN_SETREGID)
bcebad47 404 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 405 AC_DEFINE(BROKEN_UPDWTMPX)
aca75d94 406 AC_CHECK_FUNCS(getluid setluid)
533875af 407 MANTYPE=man
a3245b92 408 TEST_SHELL=ksh
509b1f88 409 ;;
ccbb983c 410*-*-unicosmk*)
c1ad5966 411 AC_DEFINE(NO_SSH_LASTLOG)
412 AC_DEFINE(SETEUID_BREAKS_SETUID)
413 AC_DEFINE(BROKEN_SETREUID)
414 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 415 AC_DEFINE(USE_PIPES)
416 AC_DEFINE(DISABLE_FD_PASSING)
417 LDFLAGS="$LDFLAGS"
418 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
419 MANTYPE=cat
d262b7f2 420 ;;
7b9a8c6e 421*-*-unicosmp*)
c1ad5966 422 AC_DEFINE(SETEUID_BREAKS_SETUID)
423 AC_DEFINE(BROKEN_SETREUID)
424 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 425 AC_DEFINE(WITH_ABBREV_NO_TTY)
426 AC_DEFINE(USE_PIPES)
427 AC_DEFINE(DISABLE_FD_PASSING)
428 LDFLAGS="$LDFLAGS"
c1ad5966 429 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 430 MANTYPE=cat
431 ;;
ca5c7d6a 432*-*-unicos*)
c1ad5966 433 AC_DEFINE(SETEUID_BREAKS_SETUID)
434 AC_DEFINE(BROKEN_SETREUID)
435 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 436 AC_DEFINE(USE_PIPES)
94d8258b 437 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 438 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 439 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
440 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
441 MANTYPE=cat
a704dd54 442 ;;
4d33e531 443*-dec-osf*)
99c8ddac 444 AC_MSG_CHECKING(for Digital Unix SIA)
445 no_osfsia=""
446 AC_ARG_WITH(osfsia,
447 [ --with-osfsia Enable Digital Unix SIA],
448 [
449 if test "x$withval" = "xno" ; then
450 AC_MSG_RESULT(disabled)
451 no_osfsia=1
452 fi
453 ],
454 )
455 if test -z "$no_osfsia" ; then
4d33e531 456 if test -f /etc/sia/matrix.conf; then
457 AC_MSG_RESULT(yes)
458 AC_DEFINE(HAVE_OSF_SIA)
459 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 460 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 461 LIBS="$LIBS -lsecurity -ldb -lm -laud"
462 else
463 AC_MSG_RESULT(no)
dbf8efb3 464 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 465 fi
466 fi
a6e67b60 467 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 468 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 469 AC_DEFINE(BROKEN_SETREUID)
470 AC_DEFINE(BROKEN_SETREGID)
4d33e531 471 ;;
41cb4569 472
473*-*-nto-qnx)
474 AC_DEFINE(USE_PIPES)
475 AC_DEFINE(NO_X11_UNIX_SOCKETS)
476 AC_DEFINE(MISSING_NFDBITS)
477 AC_DEFINE(MISSING_HOWMANY)
478 AC_DEFINE(MISSING_FD_MASK)
479 ;;
a7effaac 480esac
481
8e7b16f8 482# Allow user to specify flags
483AC_ARG_WITH(cflags,
484 [ --with-cflags Specify additional flags to pass to compiler],
485 [
486 if test "x$withval" != "xno" ; then
487 CFLAGS="$CFLAGS $withval"
488 fi
489 ]
490)
0c2fb82f 491AC_ARG_WITH(cppflags,
492 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
493 [
494 if test "x$withval" != "xno"; then
495 CPPFLAGS="$CPPFLAGS $withval"
496 fi
497 ]
498)
8e7b16f8 499AC_ARG_WITH(ldflags,
97b378bf 500 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 501 [
502 if test "x$withval" != "xno" ; then
503 LDFLAGS="$LDFLAGS $withval"
504 fi
505 ]
506)
507AC_ARG_WITH(libs,
508 [ --with-libs Specify additional libraries to link with],
509 [
510 if test "x$withval" != "xno" ; then
511 LIBS="$LIBS $withval"
512 fi
513 ]
514)
515
c5829391 516AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 517AC_RUN_IFELSE(
518 [AC_LANG_SOURCE([
c5829391 519#include <stdio.h>
520int main(){exit(0);}
479cece8 521 ])],
c5829391 522 [ AC_MSG_RESULT(yes) ],
523 [
524 AC_MSG_RESULT(no)
525 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 526 ],
527 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 528)
529
ddceb1c8 530# Checks for header files.
419e26e7 531AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
532 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
533 login_cap.h maillock.h ndir.h netdb.h netgroup.h \
2511d104 534 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
5bbbc661 535 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
419e26e7 536 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
537 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
765a24cd 538 sys/pstat.h sys/select.h sys/stat.h sys/stream.h \
419e26e7 539 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
540 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
ddceb1c8 541
765a24cd 542# sys/ptms.h requires sys/stream.h to be included first on Solaris
543AC_CHECK_HEADERS(sys/ptms.h, [], [], [
544#ifdef HAVE_SYS_STREAM_H
545# include <sys/stream.h>
546#endif
547])
548
a0391976 549# Checks for libraries.
98a7c37b 550AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
551AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 552
f61d6b17 553dnl SCO OS3 needs this for libwrap
98a7c37b 554if test "x$with_tcp_wrappers" != "xno" ; then
555 if test "x$do_sco3_extra_lib_check" = "xyes" ; then
556 AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc)
557 fi
558fi
559
446227d6 560dnl IRIX and Solaris 2.5.1 have dirname() in libgen
561AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
562 AC_CHECK_LIB(gen, dirname,[
563 AC_CACHE_CHECK([for broken dirname],
564 ac_cv_have_broken_dirname, [
565 save_LIBS="$LIBS"
566 LIBS="$LIBS -lgen"
567 AC_TRY_RUN(
568 [
569#include <libgen.h>
570#include <string.h>
571
572int main(int argc, char **argv) {
573 char *s, buf[32];
574
575 strncpy(buf,"/etc", 32);
576 s = dirname(buf);
577 if (!s || strncmp(s, "/", 32) != 0) {
578 exit(1);
579 } else {
580 exit(0);
581 }
582}
583 ],
584 [ ac_cv_have_broken_dirname="no" ],
585 [ ac_cv_have_broken_dirname="yes" ]
586 )
587 LIBS="$save_LIBS"
588 ])
589 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
590 LIBS="$LIBS -lgen"
591 AC_DEFINE(HAVE_DIRNAME)
592 AC_CHECK_HEADERS(libgen.h)
593 fi
594 ])
595])
596
597AC_CHECK_FUNC(getspnam, ,
598 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
599AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
600
98a7c37b 601dnl zlib is required
602AC_ARG_WITH(zlib,
603 [ --with-zlib=PATH Use zlib in PATH],
604 [
846f83ab 605 if test "x$withval" = "xno" ; then
f1b0ecc3 606 AC_MSG_ERROR([*** zlib is required ***])
607 fi
98a7c37b 608 if test -d "$withval/lib"; then
609 if test -n "${need_dash_r}"; then
5a162955 610 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 611 else
5a162955 612 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 613 fi
614 else
615 if test -n "${need_dash_r}"; then
5a162955 616 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 617 else
5a162955 618 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 619 fi
620 fi
621 if test -d "$withval/include"; then
5a162955 622 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 623 else
5a162955 624 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 625 fi
626 ]
627)
628
0a15d73b 629AC_CHECK_LIB(z, deflate, ,
630 [
631 saved_CPPFLAGS="$CPPFLAGS"
632 saved_LDFLAGS="$LDFLAGS"
633 save_LIBS="$LIBS"
634 dnl Check default zlib install dir
635 if test -n "${need_dash_r}"; then
636 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
637 else
638 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
639 fi
640 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
641 LIBS="$LIBS -lz"
642 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
643 [
644 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
645 ]
646 )
647 ]
648)
4ad65809 649AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 650
651AC_ARG_WITH(zlib-version-check,
652 [ --without-zlib-version-check Disable zlib version check],
653 [ if test "x$withval" = "xno" ; then
654 zlib_check_nonfatal=1
655 fi
656 ]
657)
658
4ad65809 659AC_MSG_CHECKING(for zlib 1.1.4 or greater)
479cece8 660AC_RUN_IFELSE([AC_LANG_SOURCE([[
4ad65809 661#include <zlib.h>
662int main()
663{
664 int a, b, c, v;
665 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
666 exit(1);
667 v = a*1000000 + b*1000 + c;
668 if (v >= 1001004)
669 exit(0);
670 exit(2);
671}
479cece8 672 ]])],
4ad65809 673 AC_MSG_RESULT(yes),
674 [ AC_MSG_RESULT(no)
8068d564 675 if test -z "$zlib_check_nonfatal" ; then
676 AC_MSG_ERROR([*** zlib too old - check config.log ***
677Your reported zlib version has known security problems. It's possible your
678vendor has fixed these problems without changing the version number. If you
679are sure this is the case, you can disable the check by running
680"./configure --without-zlib-version-check".
681If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
682 else
683 AC_MSG_WARN([zlib version may have security problems])
684 fi
1a01a50c 685 ],
686 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 687)
48e7916f 688
2c523de9 689dnl UnixWare 2.x
aff51935 690AC_CHECK_FUNC(strcasecmp,
2c523de9 691 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
692)
aff51935 693AC_CHECK_FUNC(utimes,
cda1ebcb 694 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
695 LIBS="$LIBS -lc89"]) ]
2c523de9 696)
4cca272e 697
7c6d759d 698dnl Checks for libutil functions
699AC_CHECK_HEADERS(libutil.h)
700AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
701AC_CHECK_FUNCS(logout updwtmp logwtmp)
702
a738c3b0 703AC_FUNC_STRFTIME
704
84ceda19 705# Check for ALTDIRFUNC glob() extension
706AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
707AC_EGREP_CPP(FOUNDIT,
708 [
709 #include <glob.h>
710 #ifdef GLOB_ALTDIRFUNC
711 FOUNDIT
712 #endif
aff51935 713 ],
84ceda19 714 [
715 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
716 AC_MSG_RESULT(yes)
717 ],
718 [
719 AC_MSG_RESULT(no)
720 ]
721)
4cca272e 722
40849fdb 723# Check for g.gl_matchc glob() extension
724AC_MSG_CHECKING(for gl_matchc field in glob_t)
725AC_EGREP_CPP(FOUNDIT,
aff51935 726 [
727 #include <glob.h>
40849fdb 728 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 729 ],
730 [
731 AC_DEFINE(GLOB_HAS_GL_MATCHC)
732 AC_MSG_RESULT(yes)
733 ],
734 [
735 AC_MSG_RESULT(no)
736 ]
40849fdb 737)
738
edbe6722 739AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 740AC_RUN_IFELSE(
479cece8 741 [AC_LANG_SOURCE([[
edbe6722 742#include <sys/types.h>
743#include <dirent.h>
aec4cb4f 744int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 745 ]])],
aff51935 746 [AC_MSG_RESULT(yes)],
edbe6722 747 [
748 AC_MSG_RESULT(no)
749 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 750 ],
751 [
752 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
753 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 754 ]
755)
756
419e26e7 757AC_MSG_CHECKING([for /proc/pid/fd directory])
758if test -d "/proc/$$/fd" ; then
759 AC_DEFINE(HAVE_PROC_PID)
760 AC_MSG_RESULT(yes)
761else
762 AC_MSG_RESULT(no)
763fi
764
278588d8 765# Check whether user wants S/Key support
aff51935 766SKEY_MSG="no"
278588d8 767AC_ARG_WITH(skey,
98a7c37b 768 [ --with-skey[[=PATH]] Enable S/Key support
aff51935 769 (optionally in PATH)],
278588d8 770 [
771 if test "x$withval" != "xno" ; then
772
773 if test "x$withval" != "xyes" ; then
774 CPPFLAGS="$CPPFLAGS -I${withval}/include"
775 LDFLAGS="$LDFLAGS -L${withval}/lib"
776 fi
777
778 AC_DEFINE(SKEY)
779 LIBS="-lskey $LIBS"
aff51935 780 SKEY_MSG="yes"
278588d8 781
ddceb1c8 782 AC_MSG_CHECKING([for s/key support])
783 AC_TRY_RUN(
784 [
785#include <stdio.h>
786#include <skey.h>
aec4cb4f 787int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 788 ],
789 [AC_MSG_RESULT(yes)],
278588d8 790 [
ddceb1c8 791 AC_MSG_RESULT(no)
278588d8 792 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
793 ])
141fc639 794 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
795 AC_TRY_COMPILE(
796 [#include <stdio.h>
797 #include <skey.h>],
798 [(void)skeychallenge(NULL,"name","",0);],
799 [AC_MSG_RESULT(yes)
800 AC_DEFINE(SKEYCHALLENGE_4ARG)],
801 [AC_MSG_RESULT(no)]
802 )
278588d8 803 fi
804 ]
805)
806
807# Check whether user wants TCP wrappers support
98a7c37b 808TCPW_MSG="no"
278588d8 809AC_ARG_WITH(tcp-wrappers,
98a7c37b 810 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support
aff51935 811 (optionally in PATH)],
278588d8 812 [
813 if test "x$withval" != "xno" ; then
814 saved_LIBS="$LIBS"
98a7c37b 815 saved_LDFLAGS="$LDFLAGS"
816 saved_CPPFLAGS="$CPPFLAGS"
817 if test -n "${withval}" -a "${withval}" != "yes"; then
818 if test -d "${withval}/lib"; then
819 if test -n "${need_dash_r}"; then
5a162955 820 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 821 else
5a162955 822 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 823 fi
824 else
825 if test -n "${need_dash_r}"; then
5a162955 826 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 827 else
5a162955 828 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 829 fi
830 fi
831 if test -d "${withval}/include"; then
5a162955 832 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 833 else
5a162955 834 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 835 fi
98a7c37b 836 fi
ddceb1c8 837 LIBWRAP="-lwrap"
838 LIBS="$LIBWRAP $LIBS"
278588d8 839 AC_MSG_CHECKING(for libwrap)
840 AC_TRY_LINK(
841 [
77f09220 842#include <sys/types.h>
843#include <sys/socket.h>
844#include <netinet/in.h>
278588d8 845#include <tcpd.h>
846 int deny_severity = 0, allow_severity = 0;
847 ],
848 [hosts_access(0);],
849 [
850 AC_MSG_RESULT(yes)
851 AC_DEFINE(LIBWRAP)
ddceb1c8 852 AC_SUBST(LIBWRAP)
98a7c37b 853 TCPW_MSG="yes"
278588d8 854 ],
855 [
856 AC_MSG_ERROR([*** libwrap missing])
857 ]
858 )
ddceb1c8 859 LIBS="$saved_LIBS"
278588d8 860 fi
861 ]
862)
863
59031773 864# Check whether user wants libedit support
865LIBEDIT_MSG="no"
866AC_ARG_WITH(libedit,
867 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
868 [ if test "x$withval" != "xno" ; then
869 AC_CHECK_LIB(edit, el_init,
870 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
871 LIBEDIT="-ledit -lcurses"
872 LIBEDIT_MSG="yes"
873 AC_SUBST(LIBEDIT)
874 ],
875 [], [-lcurses]
876 )
877 fi ]
878)
879
19160674 880dnl Checks for library functions. Please keep in alphabetical order
881AC_CHECK_FUNCS(\
2909d712 882 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
667abcc6 883 bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \
884 freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \
885 getopt getpeereid _getpty getrlimit getttyent glob inet_aton \
19160674 886 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
79d4fc55 887 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
e7f6070d 888 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
79d4fc55 889 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
3f176010 890 setproctitle setregid setreuid setrlimit \
688eed4a 891 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
7111a85c 892 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
351f44a0 893 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
19160674 894)
98a7c37b 895
1a086f97 896# IRIX has a const char return value for gai_strerror()
897AC_CHECK_FUNCS(gai_strerror,[
898 AC_DEFINE(HAVE_GAI_STRERROR)
899 AC_TRY_COMPILE([
900#include <sys/types.h>
901#include <sys/socket.h>
902#include <netdb.h>
903
904const char *gai_strerror(int);],[
905char *str;
906
907str = gai_strerror(0);],[
908 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
909 [Define if gai_strerror() returns const char *])])])
910
92b1decf 911AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
912
309709db 913dnl Make sure prototypes are defined for these before using them.
08412d26 914AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
309709db 915AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
08412d26 916
3490699c 917dnl tcsendbreak might be a macro
918AC_CHECK_DECL(tcsendbreak,
919 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 920 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 921 [#include <termios.h>]
922)
923
41e0e158 924AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
925
3f176010 926AC_CHECK_FUNCS(setresuid, [
927 dnl Some platorms have setresuid that isn't implemented, test for this
928 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 929 AC_RUN_IFELSE(
930 [AC_LANG_SOURCE([[
9a3fe0e2 931#include <stdlib.h>
932#include <errno.h>
933int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 934 ]])],
3f176010 935 [AC_MSG_RESULT(yes)],
24a9171d 936 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 937 AC_MSG_RESULT(not implemented)],
938 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 939 )
940])
9a3fe0e2 941
3f176010 942AC_CHECK_FUNCS(setresgid, [
943 dnl Some platorms have setresgid that isn't implemented, test for this
944 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 945 AC_RUN_IFELSE(
946 [AC_LANG_SOURCE([[
9a3fe0e2 947#include <stdlib.h>
948#include <errno.h>
949int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 950 ]])],
3f176010 951 [AC_MSG_RESULT(yes)],
952 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 953 AC_MSG_RESULT(not implemented)],
954 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 955 )
956])
9a3fe0e2 957
2e73a022 958dnl Checks for time functions
1d7b9b20 959AC_CHECK_FUNCS(gettimeofday time)
2e73a022 960dnl Checks for utmp functions
b03bd394 961AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 962AC_CHECK_FUNCS(utmpname)
2e73a022 963dnl Checks for utmpx functions
b03bd394 964AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 965AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 966
aff51935 967AC_CHECK_FUNC(daemon,
beb43d31 968 [AC_DEFINE(HAVE_DAEMON)],
969 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
970)
971
aff51935 972AC_CHECK_FUNC(getpagesize,
aa6bd60a 973 [AC_DEFINE(HAVE_GETPAGESIZE)],
974 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
975)
976
2647ae26 977# Check for broken snprintf
978if test "x$ac_cv_func_snprintf" = "xyes" ; then
979 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 980 AC_RUN_IFELSE(
479cece8 981 [AC_LANG_SOURCE([[
2647ae26 982#include <stdio.h>
aec4cb4f 983int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 984 ]])],
aff51935 985 [AC_MSG_RESULT(yes)],
2647ae26 986 [
987 AC_MSG_RESULT(no)
988 AC_DEFINE(BROKEN_SNPRINTF)
989 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 990 ],
991 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 992 )
993fi
994
2f6f9cff 995# Check for missing getpeereid (or equiv) support
996NO_PEERCHECK=""
997if test "x$ac_cv_func_getpeereid" != "xyes" ; then
998 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
999 AC_TRY_COMPILE(
1000 [#include <sys/types.h>
1001 #include <sys/socket.h>],
1002 [int i = SO_PEERCRED;],
1003 [AC_MSG_RESULT(yes)],
1004 [AC_MSG_RESULT(no)
1005 NO_PEERCHECK=1]
1006 )
1007fi
1008
70e7d0b0 1009dnl see whether mkstemp() requires XXXXXX
1010if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1011AC_MSG_CHECKING([for (overly) strict mkstemp])
1012AC_TRY_RUN(
1013 [
1014#include <stdlib.h>
1015main() { char template[]="conftest.mkstemp-test";
1016if (mkstemp(template) == -1)
1017 exit(1);
1018unlink(template); exit(0);
1019}
1020 ],
1021 [
1022 AC_MSG_RESULT(no)
1023 ],
aff51935 1024 [
70e7d0b0 1025 AC_MSG_RESULT(yes)
1026 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1027 ],
1028 [
1029 AC_MSG_RESULT(yes)
1030 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1031 ]
70e7d0b0 1032)
1033fi
1034
eacb954e 1035dnl make sure that openpty does not reacquire controlling terminal
1036if test ! -z "$check_for_openpty_ctty_bug"; then
1037 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1038 AC_TRY_RUN(
1039 [
1040#include <stdio.h>
1041#include <sys/fcntl.h>
1042#include <sys/types.h>
1043#include <sys/wait.h>
1044
1045int
1046main()
1047{
1048 pid_t pid;
1049 int fd, ptyfd, ttyfd, status;
1050
1051 pid = fork();
1052 if (pid < 0) { /* failed */
1053 exit(1);
1054 } else if (pid > 0) { /* parent */
1055 waitpid(pid, &status, 0);
aff51935 1056 if (WIFEXITED(status))
eacb954e 1057 exit(WEXITSTATUS(status));
1058 else
1059 exit(2);
1060 } else { /* child */
1061 close(0); close(1); close(2);
1062 setsid();
1063 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1064 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1065 if (fd >= 0)
1066 exit(3); /* Acquired ctty: broken */
1067 else
1068 exit(0); /* Did not acquire ctty: OK */
1069 }
1070}
1071 ],
1072 [
1073 AC_MSG_RESULT(yes)
1074 ],
1075 [
1076 AC_MSG_RESULT(no)
1077 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1078 ]
1079 )
1080fi
1081
2fe51906 1082if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
1083 AC_MSG_CHECKING(if getaddrinfo seems to work)
1084 AC_TRY_RUN(
1085 [
1086#include <stdio.h>
1087#include <sys/socket.h>
1088#include <netdb.h>
1089#include <errno.h>
1090#include <netinet/in.h>
1091
1092#define TEST_PORT "2222"
1093
1094int
1095main(void)
1096{
1097 int err, sock;
1098 struct addrinfo *gai_ai, *ai, hints;
1099 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1100
1101 memset(&hints, 0, sizeof(hints));
1102 hints.ai_family = PF_UNSPEC;
1103 hints.ai_socktype = SOCK_STREAM;
1104 hints.ai_flags = AI_PASSIVE;
1105
1106 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1107 if (err != 0) {
1108 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1109 exit(1);
1110 }
1111
1112 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1113 if (ai->ai_family != AF_INET6)
1114 continue;
1115
1116 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1117 sizeof(ntop), strport, sizeof(strport),
1118 NI_NUMERICHOST|NI_NUMERICSERV);
1119
1120 if (err != 0) {
1121 if (err == EAI_SYSTEM)
1122 perror("getnameinfo EAI_SYSTEM");
1123 else
1124 fprintf(stderr, "getnameinfo failed: %s\n",
1125 gai_strerror(err));
1126 exit(2);
1127 }
1128
1129 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1130 if (sock < 0)
1131 perror("socket");
1132 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1133 if (errno == EBADF)
1134 exit(3);
1135 }
1136 }
1137 exit(0);
1138}
1139 ],
1140 [
1141 AC_MSG_RESULT(yes)
1142 ],
1143 [
1144 AC_MSG_RESULT(no)
1145 AC_DEFINE(BROKEN_GETADDRINFO)
1146 ]
1147 )
1148fi
1149
b29fd59f 1150if test "x$check_for_conflicting_getspnam" = "x1"; then
1151 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1152 AC_COMPILE_IFELSE(
1153 [
1154#include <shadow.h>
1155int main(void) {exit(0);}
1156 ],
1157 [
1158 AC_MSG_RESULT(no)
1159 ],
1160 [
1161 AC_MSG_RESULT(yes)
1162 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1163 [Conflicting defs for getspnam])
1164 ]
1165 )
1166fi
1167
7f8f5e00 1168AC_FUNC_GETPGRP
1169
717057b6 1170# Check for PAM libs
cbd7492e 1171PAM_MSG="no"
a0391976 1172AC_ARG_WITH(pam,
717057b6 1173 [ --with-pam Enable PAM support ],
a0391976 1174 [
717057b6 1175 if test "x$withval" != "xno" ; then
2511d104 1176 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1177 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1178 AC_MSG_ERROR([PAM headers not found])
1179 fi
a0391976 1180
717057b6 1181 AC_CHECK_LIB(dl, dlopen, , )
1182 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1183 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1184 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1185
717057b6 1186 PAM_MSG="yes"
4cb5ffa0 1187
717057b6 1188 AC_DEFINE(USE_PAM)
98f2d9d5 1189 if test $ac_cv_lib_dl_dlopen = yes; then
1190 LIBPAM="-lpam -ldl"
1191 else
1192 LIBPAM="-lpam"
1193 fi
1194 AC_SUBST(LIBPAM)
717057b6 1195 fi
1196 ]
1197)
cbd7492e 1198
717057b6 1199# Check for older PAM
1200if test "x$PAM_MSG" = "xyes" ; then
a0391976 1201 # Check PAM strerror arguments (old PAM)
1202 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1203 AC_TRY_COMPILE(
1204 [
18ba2aab 1205#include <stdlib.h>
2511d104 1206#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1207#include <security/pam_appl.h>
2511d104 1208#elif defined (HAVE_PAM_PAM_APPL_H)
1209#include <pam/pam_appl.h>
1210#endif
aff51935 1211 ],
1212 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1213 [AC_MSG_RESULT(no)],
1214 [
1215 AC_DEFINE(HAVE_OLD_PAM)
1216 AC_MSG_RESULT(yes)
cbd7492e 1217 PAM_MSG="yes (old library)"
a0391976 1218 ]
717057b6 1219 )
a0391976 1220fi
1221
5b991353 1222# Search for OpenSSL
1223saved_CPPFLAGS="$CPPFLAGS"
1224saved_LDFLAGS="$LDFLAGS"
a0391976 1225AC_ARG_WITH(ssl-dir,
1226 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1227 [
e9e4a1c7 1228 if test "x$withval" != "xno" ; then
5b991353 1229 if test -d "$withval/lib"; then
1230 if test -n "${need_dash_r}"; then
1231 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1232 else
1233 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1234 fi
1235 else
5b991353 1236 if test -n "${need_dash_r}"; then
1237 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1238 else
1239 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1240 fi
1241 fi
5b991353 1242 if test -d "$withval/include"; then
1243 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1244 else
5b991353 1245 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1246 fi
a0391976 1247 fi
5b991353 1248 ]
1249)
5486a457 1250LIBS="-lcrypto $LIBS"
5b991353 1251AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1252 [
5b991353 1253 dnl Check default openssl install dir
1254 if test -n "${need_dash_r}"; then
1255 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1256 else
5b991353 1257 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1258 fi
5b991353 1259 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1260 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1261 [
1262 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1263 ]
1264 )
1265 ]
1266)
1267
cd018561 1268# Determine OpenSSL header version
1269AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1270AC_RUN_IFELSE(
479cece8 1271 [AC_LANG_SOURCE([[
cd018561 1272#include <stdio.h>
1273#include <string.h>
1274#include <openssl/opensslv.h>
1275#define DATA "conftest.sslincver"
1276int main(void) {
aff51935 1277 FILE *fd;
1278 int rc;
cd018561 1279
aff51935 1280 fd = fopen(DATA,"w");
1281 if(fd == NULL)
1282 exit(1);
cd018561 1283
1284 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1285 exit(1);
1286
1287 exit(0);
1288}
479cece8 1289 ]])],
cd018561 1290 [
1291 ssl_header_ver=`cat conftest.sslincver`
1292 AC_MSG_RESULT($ssl_header_ver)
1293 ],
1294 [
1295 AC_MSG_RESULT(not found)
1296 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1297 ],
1298 [
1299 AC_MSG_WARN([cross compiling: not checking])
cd018561 1300 ]
1301)
1302
1303# Determine OpenSSL library version
1304AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1305AC_RUN_IFELSE(
479cece8 1306 [AC_LANG_SOURCE([[
cd018561 1307#include <stdio.h>
1308#include <string.h>
1309#include <openssl/opensslv.h>
1310#include <openssl/crypto.h>
1311#define DATA "conftest.ssllibver"
1312int main(void) {
aff51935 1313 FILE *fd;
1314 int rc;
cd018561 1315
aff51935 1316 fd = fopen(DATA,"w");
1317 if(fd == NULL)
1318 exit(1);
cd018561 1319
1320 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1321 exit(1);
1322
1323 exit(0);
1324}
479cece8 1325 ]])],
cd018561 1326 [
1327 ssl_library_ver=`cat conftest.ssllibver`
1328 AC_MSG_RESULT($ssl_library_ver)
1329 ],
1330 [
1331 AC_MSG_RESULT(not found)
1332 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1333 ],
1334 [
1335 AC_MSG_WARN([cross compiling: not checking])
cd018561 1336 ]
1337)
58d100bf 1338
9780116c 1339# Sanity check OpenSSL headers
1340AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1341AC_RUN_IFELSE(
479cece8 1342 [AC_LANG_SOURCE([[
9780116c 1343#include <string.h>
1344#include <openssl/opensslv.h>
aec4cb4f 1345int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1346 ]])],
9780116c 1347 [
1348 AC_MSG_RESULT(yes)
1349 ],
1350 [
1351 AC_MSG_RESULT(no)
e15ba28b 1352 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1353Check config.log for details.
1354Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1355 ],
1356 [
1357 AC_MSG_WARN([cross compiling: not checking])
9780116c 1358 ]
1359)
1360
5486a457 1361# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1362# because the system crypt() is more featureful.
1363if test "x$check_for_libcrypt_before" = "x1"; then
1364 AC_CHECK_LIB(crypt, crypt)
1365fi
1366
aff51935 1367# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1368# version in OpenSSL.
05114c74 1369if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1370 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1371fi
1372
f1b0ecc3 1373
1374### Configure cryptographic random number support
1375
1376# Check wheter OpenSSL seeds itself
1377AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1378AC_RUN_IFELSE(
479cece8 1379 [AC_LANG_SOURCE([[
f1b0ecc3 1380#include <string.h>
1381#include <openssl/rand.h>
aec4cb4f 1382int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1383 ]])],
f1b0ecc3 1384 [
1385 OPENSSL_SEEDS_ITSELF=yes
1386 AC_MSG_RESULT(yes)
1387 ],
1388 [
1389 AC_MSG_RESULT(no)
1390 # Default to use of the rand helper if OpenSSL doesn't
1391 # seed itself
1392 USE_RAND_HELPER=yes
1a01a50c 1393 ],
1394 [
1395 AC_MSG_WARN([cross compiling: assuming yes])
1396 # This is safe, since all recent OpenSSL versions will
1397 # complain at runtime if not seeded correctly.
1398 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1399 ]
1400)
1401
1402
1403# Do we want to force the use of the rand helper?
1404AC_ARG_WITH(rand-helper,
1405 [ --with-rand-helper Use subprocess to gather strong randomness ],
1406 [
1407 if test "x$withval" = "xno" ; then
aff51935 1408 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1409 # the previous test showed it to be unseeded.
1410 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1411 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1412 OPENSSL_SEEDS_ITSELF=yes
1413 USE_RAND_HELPER=""
1414 fi
1415 else
1416 USE_RAND_HELPER=yes
1417 fi
1418 ],
1419)
1420
1421# Which randomness source do we use?
1422if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1423 # OpenSSL only
1424 AC_DEFINE(OPENSSL_PRNG_ONLY)
1425 RAND_MSG="OpenSSL internal ONLY"
1426 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1427elif test ! -z "$USE_RAND_HELPER" ; then
1428 # install rand helper
f1b0ecc3 1429 RAND_MSG="ssh-rand-helper"
1430 INSTALL_SSH_RAND_HELPER="yes"
1431fi
1432AC_SUBST(INSTALL_SSH_RAND_HELPER)
1433
1434### Configuration of ssh-rand-helper
1435
1436# PRNGD TCP socket
1437AC_ARG_WITH(prngd-port,
1438 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1439 [
eb5d7ff6 1440 case "$withval" in
1441 no)
1442 withval=""
1443 ;;
1444 [[0-9]]*)
1445 ;;
1446 *)
1447 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1448 ;;
1449 esac
1450 if test ! -z "$withval" ; then
f1b0ecc3 1451 PRNGD_PORT="$withval"
1452 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1453 fi
1454 ]
1455)
1456
1457# PRNGD Unix domain socket
1458AC_ARG_WITH(prngd-socket,
1459 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1460 [
eb5d7ff6 1461 case "$withval" in
1462 yes)
f1b0ecc3 1463 withval="/var/run/egd-pool"
eb5d7ff6 1464 ;;
1465 no)
1466 withval=""
1467 ;;
1468 /*)
1469 ;;
1470 *)
1471 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1472 ;;
1473 esac
1474
1475 if test ! -z "$withval" ; then
f1b0ecc3 1476 if test ! -z "$PRNGD_PORT" ; then
1477 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1478 fi
906e811b 1479 if test ! -r "$withval" ; then
f1b0ecc3 1480 AC_MSG_WARN(Entropy socket is not readable)
1481 fi
1482 PRNGD_SOCKET="$withval"
1483 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1484 fi
ddceb1c8 1485 ],
1486 [
1487 # Check for existing socket only if we don't have a random device already
1488 if test "$USE_RAND_HELPER" = yes ; then
1489 AC_MSG_CHECKING(for PRNGD/EGD socket)
1490 # Insert other locations here
1491 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1492 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1493 PRNGD_SOCKET="$sock"
1494 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1495 break;
1496 fi
1497 done
1498 if test ! -z "$PRNGD_SOCKET" ; then
1499 AC_MSG_RESULT($PRNGD_SOCKET)
1500 else
1501 AC_MSG_RESULT(not found)
1502 fi
1503 fi
f1b0ecc3 1504 ]
1505)
1506
1507# Change default command timeout for hashing entropy source
1508entropy_timeout=200
1509AC_ARG_WITH(entropy-timeout,
1510 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1511 [
1512 if test "x$withval" != "xno" ; then
1513 entropy_timeout=$withval
1514 fi
1515 ]
1516)
f1b0ecc3 1517AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1518
fd3cbf67 1519SSH_PRIVSEP_USER=sshd
9a0fbcb3 1520AC_ARG_WITH(privsep-user,
5222e7ef 1521 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1522 [
1523 if test -n "$withval"; then
fd3cbf67 1524 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1525 fi
1526 ]
1527)
fd3cbf67 1528AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1529AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1530
81dadca3 1531# We do this little dance with the search path to insure
1532# that programs that we select for use by installed programs
1533# (which may be run by the super-user) come from trusted
1534# locations before they come from the user's private area.
1535# This should help avoid accidentally configuring some
1536# random version of a program in someone's personal bin.
1537
1538OPATH=$PATH
1539PATH=/bin:/usr/bin
f95c8ce8 1540test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1541test -d /sbin && PATH=$PATH:/sbin
1542test -d /usr/sbin && PATH=$PATH:/usr/sbin
1543PATH=$PATH:/etc:$OPATH
1544
aff51935 1545# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1546OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1547OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1548OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1549OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1550OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1551OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1552OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1553OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1554OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1555OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1556OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1557OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1558OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1559OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1560OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1561OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1562# restore PATH
1563PATH=$OPATH
f1b0ecc3 1564
1565# Where does ssh-rand-helper get its randomness from?
1566INSTALL_SSH_PRNG_CMDS=""
1567if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1568 if test ! -z "$PRNGD_PORT" ; then
1569 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1570 elif test ! -z "$PRNGD_SOCKET" ; then
1571 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1572 else
1573 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1574 RAND_HELPER_CMDHASH=yes
1575 INSTALL_SSH_PRNG_CMDS="yes"
1576 fi
1577fi
1578AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1579
1580
66d6c27e 1581# Cheap hack to ensure NEWS-OS libraries are arranged right.
1582if test ! -z "$SONY" ; then
1583 LIBS="$LIBS -liberty";
1584fi
1585
a0391976 1586# Checks for data types
976f7e19 1587AC_CHECK_SIZEOF(char, 1)
2b942fe0 1588AC_CHECK_SIZEOF(short int, 2)
1589AC_CHECK_SIZEOF(int, 4)
1590AC_CHECK_SIZEOF(long int, 4)
1591AC_CHECK_SIZEOF(long long int, 8)
1592
52f1ccb2 1593# Sanity check long long for some platforms (AIX)
1594if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1595 ac_cv_sizeof_long_long_int=0
1596fi
1597
a0391976 1598# More checks for data types
14a9a859 1599AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1600 AC_TRY_COMPILE(
aff51935 1601 [ #include <sys/types.h> ],
1602 [ u_int a; a = 1;],
14a9a859 1603 [ ac_cv_have_u_int="yes" ],
1604 [ ac_cv_have_u_int="no" ]
1605 )
1606])
1607if test "x$ac_cv_have_u_int" = "xyes" ; then
1608 AC_DEFINE(HAVE_U_INT)
1609 have_u_int=1
1610fi
1611
58d100bf 1612AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1613 AC_TRY_COMPILE(
aff51935 1614 [ #include <sys/types.h> ],
1615 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1616 [ ac_cv_have_intxx_t="yes" ],
1617 [ ac_cv_have_intxx_t="no" ]
1618 )
1619])
1620if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1621 AC_DEFINE(HAVE_INTXX_T)
1622 have_intxx_t=1
1623fi
41cb4569 1624
1625if (test -z "$have_intxx_t" && \
aff51935 1626 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1627then
1628 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1629 AC_TRY_COMPILE(
aff51935 1630 [ #include <stdint.h> ],
1631 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1632 [
1633 AC_DEFINE(HAVE_INTXX_T)
1634 AC_MSG_RESULT(yes)
1635 ],
1636 [ AC_MSG_RESULT(no) ]
1637 )
1638fi
1639
bd590612 1640AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1641 AC_TRY_COMPILE(
1cbbe6c8 1642 [
1643#include <sys/types.h>
1644#ifdef HAVE_STDINT_H
1645# include <stdint.h>
1646#endif
1647#include <sys/socket.h>
1648#ifdef HAVE_SYS_BITYPES_H
1649# include <sys/bitypes.h>
1650#endif
aff51935 1651 ],
1652 [ int64_t a; a = 1;],
bd590612 1653 [ ac_cv_have_int64_t="yes" ],
1654 [ ac_cv_have_int64_t="no" ]
1655 )
1656])
1657if test "x$ac_cv_have_int64_t" = "xyes" ; then
1658 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1659fi
1660
58d100bf 1661AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1662 AC_TRY_COMPILE(
aff51935 1663 [ #include <sys/types.h> ],
1664 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1665 [ ac_cv_have_u_intxx_t="yes" ],
1666 [ ac_cv_have_u_intxx_t="no" ]
1667 )
1668])
1669if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1670 AC_DEFINE(HAVE_U_INTXX_T)
1671 have_u_intxx_t=1
1672fi
2b942fe0 1673
41cb4569 1674if test -z "$have_u_intxx_t" ; then
1675 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1676 AC_TRY_COMPILE(
aff51935 1677 [ #include <sys/socket.h> ],
1678 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1679 [
1680 AC_DEFINE(HAVE_U_INTXX_T)
1681 AC_MSG_RESULT(yes)
1682 ],
1683 [ AC_MSG_RESULT(no) ]
1684 )
1685fi
1686
bd590612 1687AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1688 AC_TRY_COMPILE(
aff51935 1689 [ #include <sys/types.h> ],
1690 [ u_int64_t a; a = 1;],
bd590612 1691 [ ac_cv_have_u_int64_t="yes" ],
1692 [ ac_cv_have_u_int64_t="no" ]
1693 )
1694])
1695if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1696 AC_DEFINE(HAVE_U_INT64_T)
1697 have_u_int64_t=1
1698fi
1699
ddceb1c8 1700if test -z "$have_u_int64_t" ; then
1701 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1702 AC_TRY_COMPILE(
aff51935 1703 [ #include <sys/bitypes.h> ],
ddceb1c8 1704 [ u_int64_t a; a = 1],
1705 [
1706 AC_DEFINE(HAVE_U_INT64_T)
1707 AC_MSG_RESULT(yes)
1708 ],
1709 [ AC_MSG_RESULT(no) ]
1710 )
1711fi
1712
41cb4569 1713if test -z "$have_u_intxx_t" ; then
1714 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1715 AC_TRY_COMPILE(
1716 [
1717#include <sys/types.h>
aff51935 1718 ],
1719 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 1720 [ ac_cv_have_uintxx_t="yes" ],
1721 [ ac_cv_have_uintxx_t="no" ]
1722 )
1723 ])
1724 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1725 AC_DEFINE(HAVE_UINTXX_T)
1726 fi
1727fi
1728
1729if test -z "$have_uintxx_t" ; then
1730 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1731 AC_TRY_COMPILE(
aff51935 1732 [ #include <stdint.h> ],
1733 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 1734 [
1735 AC_DEFINE(HAVE_UINTXX_T)
1736 AC_MSG_RESULT(yes)
1737 ],
1738 [ AC_MSG_RESULT(no) ]
1739 )
1740fi
1741
e5fe9a1f 1742if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 1743 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1744then
1745 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1746 AC_TRY_COMPILE(
58d100bf 1747 [
1748#include <sys/bitypes.h>
aff51935 1749 ],
5cdfe03f 1750 [
837c30b8 1751 int8_t a; int16_t b; int32_t c;
1752 u_int8_t e; u_int16_t f; u_int32_t g;
1753 a = b = c = e = f = g = 1;
aff51935 1754 ],
5cdfe03f 1755 [
1756 AC_DEFINE(HAVE_U_INTXX_T)
1757 AC_DEFINE(HAVE_INTXX_T)
1758 AC_MSG_RESULT(yes)
1759 ],
1760 [AC_MSG_RESULT(no)]
aff51935 1761 )
5cdfe03f 1762fi
1763
0362750e 1764
1765AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1766 AC_TRY_COMPILE(
1767 [
1768#include <sys/types.h>
1769 ],
1770 [ u_char foo; foo = 125; ],
1771 [ ac_cv_have_u_char="yes" ],
1772 [ ac_cv_have_u_char="no" ]
1773 )
1774])
1775if test "x$ac_cv_have_u_char" = "xyes" ; then
1776 AC_DEFINE(HAVE_U_CHAR)
1777fi
1778
98a7c37b 1779TYPE_SOCKLEN_T
2b942fe0 1780
2d16d9a3 1781AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 1782
58d100bf 1783AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1784 AC_TRY_COMPILE(
1785 [
18ba2aab 1786#include <sys/types.h>
58d100bf 1787 ],
1788 [ size_t foo; foo = 1235; ],
1789 [ ac_cv_have_size_t="yes" ],
1790 [ ac_cv_have_size_t="no" ]
1791 )
1792])
1793if test "x$ac_cv_have_size_t" = "xyes" ; then
1794 AC_DEFINE(HAVE_SIZE_T)
1795fi
ea1970a3 1796
c04f75f1 1797AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1798 AC_TRY_COMPILE(
1799 [
1800#include <sys/types.h>
1801 ],
1802 [ ssize_t foo; foo = 1235; ],
1803 [ ac_cv_have_ssize_t="yes" ],
1804 [ ac_cv_have_ssize_t="no" ]
1805 )
1806])
1807if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1808 AC_DEFINE(HAVE_SSIZE_T)
1809fi
1810
f1c4659d 1811AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1812 AC_TRY_COMPILE(
1813 [
1814#include <time.h>
1815 ],
1816 [ clock_t foo; foo = 1235; ],
1817 [ ac_cv_have_clock_t="yes" ],
1818 [ ac_cv_have_clock_t="no" ]
1819 )
1820])
1821if test "x$ac_cv_have_clock_t" = "xyes" ; then
1822 AC_DEFINE(HAVE_CLOCK_T)
1823fi
1824
1c04b088 1825AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1826 AC_TRY_COMPILE(
1827 [
1828#include <sys/types.h>
1829#include <sys/socket.h>
1830 ],
1831 [ sa_family_t foo; foo = 1235; ],
1832 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 1833 [ AC_TRY_COMPILE(
1834 [
1835#include <sys/types.h>
1836#include <sys/socket.h>
1837#include <netinet/in.h>
1838 ],
1839 [ sa_family_t foo; foo = 1235; ],
1840 [ ac_cv_have_sa_family_t="yes" ],
1841
1c04b088 1842 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 1843 )]
1c04b088 1844 )
1845])
1846if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1847 AC_DEFINE(HAVE_SA_FAMILY_T)
1848fi
1849
729bfe59 1850AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1851 AC_TRY_COMPILE(
1852 [
1853#include <sys/types.h>
1854 ],
1855 [ pid_t foo; foo = 1235; ],
1856 [ ac_cv_have_pid_t="yes" ],
1857 [ ac_cv_have_pid_t="no" ]
1858 )
1859])
1860if test "x$ac_cv_have_pid_t" = "xyes" ; then
1861 AC_DEFINE(HAVE_PID_T)
1862fi
1863
1864AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1865 AC_TRY_COMPILE(
1866 [
1867#include <sys/types.h>
1868 ],
1869 [ mode_t foo; foo = 1235; ],
1870 [ ac_cv_have_mode_t="yes" ],
1871 [ ac_cv_have_mode_t="no" ]
1872 )
1873])
1874if test "x$ac_cv_have_mode_t" = "xyes" ; then
1875 AC_DEFINE(HAVE_MODE_T)
1876fi
1877
e3a93db0 1878
58d100bf 1879AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1880 AC_TRY_COMPILE(
1881 [
18ba2aab 1882#include <sys/types.h>
1883#include <sys/socket.h>
58d100bf 1884 ],
1885 [ struct sockaddr_storage s; ],
1886 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1887 [ ac_cv_have_struct_sockaddr_storage="no" ]
1888 )
1889])
1890if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1891 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1892fi
48e671d5 1893
58d100bf 1894AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1895 AC_TRY_COMPILE(
1896 [
cbd7492e 1897#include <sys/types.h>
58d100bf 1898#include <netinet/in.h>
1899 ],
1900 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
1901 [ ac_cv_have_struct_sockaddr_in6="yes" ],
1902 [ ac_cv_have_struct_sockaddr_in6="no" ]
1903 )
1904])
1905if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
1906 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
1907fi
48e671d5 1908
58d100bf 1909AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
1910 AC_TRY_COMPILE(
1911 [
cbd7492e 1912#include <sys/types.h>
58d100bf 1913#include <netinet/in.h>
1914 ],
1915 [ struct in6_addr s; s.s6_addr[0] = 0; ],
1916 [ ac_cv_have_struct_in6_addr="yes" ],
1917 [ ac_cv_have_struct_in6_addr="no" ]
1918 )
1919])
1920if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
1921 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
1922fi
48e671d5 1923
58d100bf 1924AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
1925 AC_TRY_COMPILE(
1926 [
18ba2aab 1927#include <sys/types.h>
1928#include <sys/socket.h>
1929#include <netdb.h>
58d100bf 1930 ],
1931 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
1932 [ ac_cv_have_struct_addrinfo="yes" ],
1933 [ ac_cv_have_struct_addrinfo="no" ]
1934 )
1935])
1936if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
1937 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
1938fi
1939
89c7e31c 1940AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
1941 AC_TRY_COMPILE(
aff51935 1942 [ #include <sys/time.h> ],
1943 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 1944 [ ac_cv_have_struct_timeval="yes" ],
1945 [ ac_cv_have_struct_timeval="no" ]
1946 )
1947])
1948if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
1949 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
1950 have_struct_timeval=1
1951fi
1952
5271b55c 1953AC_CHECK_TYPES(struct timespec)
1954
85abc74b 1955# We need int64_t or else certian parts of the compile will fail.
2c523de9 1956if test "x$ac_cv_have_int64_t" = "xno" -a \
1957 "x$ac_cv_sizeof_long_int" != "x8" -a \
1958 "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 1959 echo "OpenSSH requires int64_t support. Contact your vendor or install"
1960 echo "an alternative compiler (I.E., GCC) before continuing."
1961 echo ""
1962 exit 1;
733cf7f4 1963else
1964dnl test snprintf (broken on SCO w/gcc)
1a01a50c 1965 AC_RUN_IFELSE(
479cece8 1966 [AC_LANG_SOURCE([[
733cf7f4 1967#include <stdio.h>
1968#include <string.h>
1969#ifdef HAVE_SNPRINTF
1970main()
1971{
1972 char buf[50];
1973 char expected_out[50];
1974 int mazsize = 50 ;
1975#if (SIZEOF_LONG_INT == 8)
1976 long int num = 0x7fffffffffffffff;
1977#else
763a1a18 1978 long long num = 0x7fffffffffffffffll;
733cf7f4 1979#endif
1980 strcpy(expected_out, "9223372036854775807");
1981 snprintf(buf, mazsize, "%lld", num);
1982 if(strcmp(buf, expected_out) != 0)
aff51935 1983 exit(1);
733cf7f4 1984 exit(0);
1985}
1986#else
1987main() { exit(0); }
1988#endif
479cece8 1989 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 1990 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 1991 )
2c523de9 1992fi
1993
77bb0bca 1994dnl Checks for structure members
58d100bf 1995OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
1996OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
1997OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
1998OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
1999OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2000OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2001OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2002OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2003OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2004OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2005OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2006OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2007OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2008OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2009OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2010OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2011OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2012
2013AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2014
58d100bf 2015AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2016 ac_cv_have_ss_family_in_struct_ss, [
2017 AC_TRY_COMPILE(
2018 [
18ba2aab 2019#include <sys/types.h>
2020#include <sys/socket.h>
58d100bf 2021 ],
2022 [ struct sockaddr_storage s; s.ss_family = 1; ],
2023 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2024 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2025 )
2026])
2027if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2028 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2029fi
2030
58d100bf 2031AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2032 ac_cv_have___ss_family_in_struct_ss, [
2033 AC_TRY_COMPILE(
2034 [
18ba2aab 2035#include <sys/types.h>
2036#include <sys/socket.h>
58d100bf 2037 ],
2038 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2039 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2040 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2041 )
2042])
2043if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2044 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2045fi
2046
2e73a022 2047AC_CACHE_CHECK([for pw_class field in struct passwd],
2048 ac_cv_have_pw_class_in_struct_passwd, [
2049 AC_TRY_COMPILE(
2050 [
2e73a022 2051#include <pwd.h>
2052 ],
97994d32 2053 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2054 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2055 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2056 )
2057])
2058if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2059 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2060fi
2061
7751d4eb 2062AC_CACHE_CHECK([for pw_expire field in struct passwd],
2063 ac_cv_have_pw_expire_in_struct_passwd, [
2064 AC_TRY_COMPILE(
2065 [
2066#include <pwd.h>
2067 ],
2068 [ struct passwd p; p.pw_expire = 0; ],
2069 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2070 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2071 )
2072])
2073if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2074 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2075fi
2076
2077AC_CACHE_CHECK([for pw_change field in struct passwd],
2078 ac_cv_have_pw_change_in_struct_passwd, [
2079 AC_TRY_COMPILE(
2080 [
2081#include <pwd.h>
2082 ],
2083 [ struct passwd p; p.pw_change = 0; ],
2084 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2085 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2086 )
2087])
2088if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2089 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2090fi
58d100bf 2091
637f9177 2092dnl make sure we're using the real structure members and not defines
6f34652e 2093AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2094 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2095 AC_COMPILE_IFELSE(
6f34652e 2096 [
f95c8ce8 2097#include <sys/types.h>
6f34652e 2098#include <sys/socket.h>
2099#include <sys/uio.h>
637f9177 2100int main() {
2101#ifdef msg_accrights
1a01a50c 2102#error "msg_accrights is a macro"
637f9177 2103exit(1);
2104#endif
2105struct msghdr m;
2106m.msg_accrights = 0;
2107exit(0);
2108}
6f34652e 2109 ],
6f34652e 2110 [ ac_cv_have_accrights_in_msghdr="yes" ],
2111 [ ac_cv_have_accrights_in_msghdr="no" ]
2112 )
2113])
2114if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2115 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2116fi
2117
7176df4f 2118AC_CACHE_CHECK([for msg_control field in struct msghdr],
2119 ac_cv_have_control_in_msghdr, [
1a01a50c 2120 AC_COMPILE_IFELSE(
7176df4f 2121 [
f95c8ce8 2122#include <sys/types.h>
7176df4f 2123#include <sys/socket.h>
2124#include <sys/uio.h>
637f9177 2125int main() {
2126#ifdef msg_control
1a01a50c 2127#error "msg_control is a macro"
637f9177 2128exit(1);
2129#endif
2130struct msghdr m;
2131m.msg_control = 0;
2132exit(0);
2133}
7176df4f 2134 ],
7176df4f 2135 [ ac_cv_have_control_in_msghdr="yes" ],
2136 [ ac_cv_have_control_in_msghdr="no" ]
2137 )
2138])
2139if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2140 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2141fi
2142
58d100bf 2143AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2144 AC_TRY_LINK([],
2145 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2146 [ ac_cv_libc_defines___progname="yes" ],
2147 [ ac_cv_libc_defines___progname="no" ]
2148 )
2149])
2150if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2151 AC_DEFINE(HAVE___PROGNAME)
2152fi
8946db53 2153
c921ee00 2154AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2155 AC_TRY_LINK([
2156#include <stdio.h>
aff51935 2157],
2158 [ printf("%s", __FUNCTION__); ],
c921ee00 2159 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2160 [ ac_cv_cc_implements___FUNCTION__="no" ]
2161 )
2162])
2163if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2164 AC_DEFINE(HAVE___FUNCTION__)
2165fi
2166
2167AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2168 AC_TRY_LINK([
2169#include <stdio.h>
aff51935 2170],
2171 [ printf("%s", __func__); ],
c921ee00 2172 [ ac_cv_cc_implements___func__="yes" ],
2173 [ ac_cv_cc_implements___func__="no" ]
2174 )
2175])
2176if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2177 AC_DEFINE(HAVE___func__)
2178fi
2179
1812a662 2180AC_CACHE_CHECK([whether getopt has optreset support],
2181 ac_cv_have_getopt_optreset, [
2182 AC_TRY_LINK(
2183 [
2184#include <getopt.h>
2185 ],
2186 [ extern int optreset; optreset = 0; ],
2187 [ ac_cv_have_getopt_optreset="yes" ],
2188 [ ac_cv_have_getopt_optreset="no" ]
2189 )
2190])
2191if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2192 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2193fi
a0391976 2194
819b676f 2195AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2196 AC_TRY_LINK([],
2197 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2198 [ ac_cv_libc_defines_sys_errlist="yes" ],
2199 [ ac_cv_libc_defines_sys_errlist="no" ]
2200 )
2201])
2202if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2203 AC_DEFINE(HAVE_SYS_ERRLIST)
2204fi
2205
2206
416ed5a7 2207AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2208 AC_TRY_LINK([],
2209 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2210 [ ac_cv_libc_defines_sys_nerr="yes" ],
2211 [ ac_cv_libc_defines_sys_nerr="no" ]
2212 )
2213])
2214if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2215 AC_DEFINE(HAVE_SYS_NERR)
2216fi
2217
aff51935 2218SCARD_MSG="no"
295c8801 2219# Check whether user wants sectok support
2220AC_ARG_WITH(sectok,
2221 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2222 [
2223 if test "x$withval" != "xno" ; then
2224 if test "x$withval" != "xyes" ; then
2225 CPPFLAGS="$CPPFLAGS -I${withval}"
2226 LDFLAGS="$LDFLAGS -L${withval}"
2227 if test ! -z "$need_dash_r" ; then
2228 LDFLAGS="$LDFLAGS -R${withval}"
2229 fi
2230 if test ! -z "$blibpath" ; then
2231 blibpath="$blibpath:${withval}"
2232 fi
2233 fi
2234 AC_CHECK_HEADERS(sectok.h)
2235 if test "$ac_cv_header_sectok_h" != yes; then
2236 AC_MSG_ERROR(Can't find sectok.h)
2237 fi
2238 AC_CHECK_LIB(sectok, sectok_open)
2239 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2240 AC_MSG_ERROR(Can't find libsectok)
2241 fi
2242 AC_DEFINE(SMARTCARD)
295c8801 2243 AC_DEFINE(USE_SECTOK)
aff51935 2244 SCARD_MSG="yes, using sectok"
295c8801 2245 fi
2246 ]
2247)
2248
2249# Check whether user wants OpenSC support
2250AC_ARG_WITH(opensc,
49ef62db 2251 AC_HELP_STRING([--with-opensc=PFX],
2252 [Enable smartcard support using OpenSC]),
2253 opensc_config_prefix="$withval", opensc_config_prefix="")
2254if test x$opensc_config_prefix != x ; then
2255 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
2256 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2257 if test "$OPENSC_CONFIG" != "no"; then
2258 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2259 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2260 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2261 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2262 AC_DEFINE(SMARTCARD)
2263 AC_DEFINE(USE_OPENSC)
aff51935 2264 SCARD_MSG="yes, using OpenSC"
49ef62db 2265 fi
2266fi
d0b19c95 2267
c31dc31c 2268# Check libraries needed by DNS fingerprint support
aff51935 2269AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2270 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2271 [
c31dc31c 2272 # Needed by our getrrsetbyname()
2273 AC_SEARCH_LIBS(res_query, resolv)
2274 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2275 AC_MSG_CHECKING(if res_query will link)
2276 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2277 [AC_MSG_RESULT(no)
2278 saved_LIBS="$LIBS"
2279 LIBS="$LIBS -lresolv"
2280 AC_MSG_CHECKING(for res_query in -lresolv)
2281 AC_LINK_IFELSE([
2282#include <resolv.h>
2283int main()
2284{
2285 res_query (0, 0, 0, 0, 0);
2286 return 0;
2287}
2288 ],
2289 [LIBS="$LIBS -lresolv"
2290 AC_MSG_RESULT(yes)],
2291 [LIBS="$saved_LIBS"
2292 AC_MSG_RESULT(no)])
2293 ])
c31dc31c 2294 AC_CHECK_FUNCS(_getshort _getlong)
2295 AC_CHECK_MEMBER(HEADER.ad,
2296 [AC_DEFINE(HAVE_HEADER_AD)],,
2297 [#include <arpa/nameser.h>])
2298 ])
3e05e934 2299
12928e80 2300# Check whether user wants Kerberos 5 support
aff51935 2301KRB5_MSG="no"
12928e80 2302AC_ARG_WITH(kerberos5,
aff51935 2303 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2304 [ if test "x$withval" != "xno" ; then
2305 if test "x$withval" = "xyes" ; then
2306 KRB5ROOT="/usr/local"
2307 else
2308 KRB5ROOT=${withval}
2309 fi
2310
2311 AC_DEFINE(KRB5)
2312 KRB5_MSG="yes"
2313
2314 AC_MSG_CHECKING(for krb5-config)
2315 if test -x $KRB5ROOT/bin/krb5-config ; then
2316 KRB5CONF=$KRB5ROOT/bin/krb5-config
2317 AC_MSG_RESULT($KRB5CONF)
2318
2319 AC_MSG_CHECKING(for gssapi support)
2320 if $KRB5CONF | grep gssapi >/dev/null ; then
2321 AC_MSG_RESULT(yes)
071970fb 2322 AC_DEFINE(GSSAPI)
2323 k5confopts=gssapi
aff51935 2324 else
5585c441 2325 AC_MSG_RESULT(no)
071970fb 2326 k5confopts=""
aff51935 2327 fi
071970fb 2328 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2329 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2330 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2331 AC_MSG_CHECKING(whether we are using Heimdal)
2332 AC_TRY_COMPILE([ #include <krb5.h> ],
2333 [ char *tmp = heimdal_version; ],
2334 [ AC_MSG_RESULT(yes)
2335 AC_DEFINE(HEIMDAL) ],
2336 AC_MSG_RESULT(no)
2337 )
2338 else
2339 AC_MSG_RESULT(no)
12928e80 2340 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2341 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2342 AC_MSG_CHECKING(whether we are using Heimdal)
2343 AC_TRY_COMPILE([ #include <krb5.h> ],
2344 [ char *tmp = heimdal_version; ],
2345 [ AC_MSG_RESULT(yes)
2346 AC_DEFINE(HEIMDAL)
41707f74 2347 K5LIBS="-lkrb5 -ldes"
2348 K5LIBS="$K5LIBS -lcom_err -lasn1"
2349 AC_CHECK_LIB(roken, net_write,
2350 [K5LIBS="$K5LIBS -lroken"])
aff51935 2351 ],
2352 [ AC_MSG_RESULT(no)
2353 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2354 ]
2355 )
4e00038c 2356 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2357
749560dd 2358 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2359 [ AC_DEFINE(GSSAPI)
2360 K5LIBS="-lgssapi $K5LIBS" ],
2361 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2362 [ AC_DEFINE(GSSAPI)
aff51935 2363 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2364 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2365 $K5LIBS)
2366 ],
2367 $K5LIBS)
2368
2369 AC_CHECK_HEADER(gssapi.h, ,
2370 [ unset ac_cv_header_gssapi_h
aff51935 2371 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2372 AC_CHECK_HEADERS(gssapi.h, ,
2373 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2374 )
749560dd 2375 ]
2376 )
2377
2378 oldCPP="$CPPFLAGS"
2379 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2380 AC_CHECK_HEADER(gssapi_krb5.h, ,
2381 [ CPPFLAGS="$oldCPP" ])
2382
aff51935 2383 fi
5585c441 2384 if test ! -z "$need_dash_r" ; then
2385 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2386 fi
2387 if test ! -z "$blibpath" ; then
2388 blibpath="$blibpath:${KRB5ROOT}/lib"
2389 fi
071970fb 2390 fi
2391
2392 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2393 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2394 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2395
2396 LIBS="$LIBS $K5LIBS"
2397 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
79753592 2398 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
071970fb 2399 ]
12928e80 2400)
b5b68128 2401
a0391976 2402# Looking for programs, paths and files
a0391976 2403
ecac8ee5 2404PRIVSEP_PATH=/var/empty
2405AC_ARG_WITH(privsep-path,
cda1ebcb 2406 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2407 [
2408 if test "x$withval" != "$no" ; then
2409 PRIVSEP_PATH=$withval
2410 fi
2411 ]
2412)
2413AC_SUBST(PRIVSEP_PATH)
2414
a0391976 2415AC_ARG_WITH(xauth,
2416 [ --with-xauth=PATH Specify path to xauth program ],
2417 [
00937921 2418 if test "x$withval" != "xno" ; then
cbd7492e 2419 xauth_path=$withval
a0391976 2420 fi
2421 ],
2422 [
2bf42e4a 2423 TestPath="$PATH"
2424 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2425 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2426 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2427 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2428 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2429 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2430 xauth_path="/usr/openwin/bin/xauth"
2431 fi
2432 ]
2433)
2434
65a4b4af 2435STRIP_OPT=-s
2436AC_ARG_ENABLE(strip,
2437 [ --disable-strip Disable calling strip(1) on install],
2438 [
2439 if test "x$enableval" = "xno" ; then
2440 STRIP_OPT=
2441 fi
2442 ]
2443)
2444AC_SUBST(STRIP_OPT)
2445
b3ec54b4 2446if test -z "$xauth_path" ; then
2447 XAUTH_PATH="undefined"
2448 AC_SUBST(XAUTH_PATH)
2449else
a0391976 2450 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2451 XAUTH_PATH=$xauth_path
2452 AC_SUBST(XAUTH_PATH)
a0391976 2453fi
a0391976 2454
2455# Check for mail directory (last resort if we cannot get it from headers)
2456if test ! -z "$MAIL" ; then
2457 maildir=`dirname $MAIL`
2458 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2459fi
2460
479cece8 2461if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2462 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2463 disable_ptmx_check=yes
2464fi
a0391976 2465if test -z "$no_dev_ptmx" ; then
6e879cb4 2466 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2467 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2468 [
2469 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2470 have_dev_ptmx=1
2471 ]
2472 )
2473 fi
3276571c 2474fi
1a01a50c 2475
479cece8 2476if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2477 AC_CHECK_FILE("/dev/ptc",
2478 [
2479 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2480 have_dev_ptc=1
2481 ]
2482 )
2483else
2484 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2485fi
3276571c 2486
a0391976 2487# Options from here on. Some of these are preset by platform above
fdf6b7aa 2488AC_ARG_WITH(mantype,
5d97cfbf 2489 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2490 [
5d97cfbf 2491 case "$withval" in
2492 man|cat|doc)
2493 MANTYPE=$withval
2494 ;;
2495 *)
2496 AC_MSG_ERROR(invalid man type: $withval)
2497 ;;
2498 esac
c54a6257 2499 ]
2500)
e0c4d3ac 2501if test -z "$MANTYPE"; then
2bf42e4a 2502 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2503 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2504 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2505 MANTYPE=doc
2506 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2507 MANTYPE=man
2508 else
2509 MANTYPE=cat
2510 fi
2511fi
c54a6257 2512AC_SUBST(MANTYPE)
e0c4d3ac 2513if test "$MANTYPE" = "doc"; then
2514 mansubdir=man;
2515else
2516 mansubdir=$MANTYPE;
2517fi
2518AC_SUBST(mansubdir)
0bc5b6fb 2519
a0391976 2520# Check whether to enable MD5 passwords
aff51935 2521MD5_MSG="no"
2ddcfdf3 2522AC_ARG_WITH(md5-passwords,
caf3bc51 2523 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2524 [
bcf36c78 2525 if test "x$withval" != "xno" ; then
0bc5b6fb 2526 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2527 MD5_MSG="yes"
0bc5b6fb 2528 fi
2529 ]
caf3bc51 2530)
2531
a0391976 2532# Whether to disable shadow password support
a7effaac 2533AC_ARG_WITH(shadow,
2534 [ --without-shadow Disable shadow password support],
2535 [
2536 if test "x$withval" = "xno" ; then
2537 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2538 disable_shadow=yes
a7effaac 2539 fi
2540 ]
2541)
2542
4cb5ffa0 2543if test -z "$disable_shadow" ; then
2544 AC_MSG_CHECKING([if the systems has expire shadow information])
2545 AC_TRY_COMPILE(
2546 [
2547#include <sys/types.h>
2548#include <shadow.h>
2549 struct spwd sp;
2550 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2551 [ sp_expire_available=yes ], []
2552 )
2553
2554 if test "x$sp_expire_available" = "xyes" ; then
2555 AC_MSG_RESULT(yes)
2556 AC_DEFINE(HAS_SHADOW_EXPIRE)
2557 else
2558 AC_MSG_RESULT(no)
2559 fi
2560fi
2561
a0391976 2562# Use ip address instead of hostname in $DISPLAY
44839801 2563if test ! -z "$IPADDR_IN_DISPLAY" ; then
2564 DISPLAY_HACK_MSG="yes"
2565 AC_DEFINE(IPADDR_IN_DISPLAY)
2566else
aff51935 2567 DISPLAY_HACK_MSG="no"
44839801 2568 AC_ARG_WITH(ipaddr-display,
2569 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2570 [
2571 if test "x$withval" != "xno" ; then
2572 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2573 DISPLAY_HACK_MSG="yes"
44839801 2574 fi
2575 ]
2576 )
2577fi
a7effaac 2578
95b99395 2579# check for /etc/default/login and use it if present.
daa41e62 2580AC_ARG_ENABLE(etc-default-login,
2581 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],,
1a01a50c 2582 [ AC_CHECK_FILE("/etc/default/login",
2583 [ external_path_file=/etc/default/login ])
95b99395 2584
479cece8 2585 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2586 then
1a01a50c 2587 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2588 elif test "x$external_path_file" = "x/etc/default/login"; then
2589 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2590 fi
2591 ]
2592)
95b99395 2593
8d184c09 2594dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2595if test $ac_cv_func_login_getcapbool = "yes" -a \
2596 $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2597 external_path_file=/etc/login.conf
8d184c09 2598fi
95b99395 2599
a0391976 2600# Whether to mess with the default path
aff51935 2601SERVER_PATH_MSG="(default)"
c43d69a9 2602AC_ARG_WITH(default-path,
75817f90 2603 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2604 [
95b99395 2605 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2606 AC_MSG_WARN([
2607--with-default-path=PATH has no effect on this system.
2608Edit /etc/login.conf instead.])
2609 elif test "x$withval" != "xno" ; then
89bbd457 2610 if test ! -z "$external_path_file" ; then
95b99395 2611 AC_MSG_WARN([
2612--with-default-path=PATH will only be used if PATH is not defined in
2613$external_path_file .])
2614 fi
b2d818e6 2615 user_path="$withval"
aff51935 2616 SERVER_PATH_MSG="$withval"
cb807f40 2617 fi
b2d818e6 2618 ],
95b99395 2619 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2620 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2621 else
89bbd457 2622 if test ! -z "$external_path_file" ; then
95b99395 2623 AC_MSG_WARN([
2624If PATH is defined in $external_path_file, ensure the path to scp is included,
2625otherwise scp will not work.])
2626 fi
2627 AC_TRY_RUN(
2628 [
b2d818e6 2629/* find out what STDPATH is */
2630#include <stdio.h>
b2d818e6 2631#ifdef HAVE_PATHS_H
2632# include <paths.h>
2633#endif
2634#ifndef _PATH_STDPATH
d9a4e55b 2635# ifdef _PATH_USERPATH /* Irix */
2636# define _PATH_STDPATH _PATH_USERPATH
2637# else
2638# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2639# endif
b2d818e6 2640#endif
2641#include <sys/types.h>
2642#include <sys/stat.h>
2643#include <fcntl.h>
2644#define DATA "conftest.stdpath"
2645
2646main()
2647{
2648 FILE *fd;
2649 int rc;
2650
2651 fd = fopen(DATA,"w");
2652 if(fd == NULL)
2653 exit(1);
2654
2655 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2656 exit(1);
2657
2658 exit(0);
2659}
2660 ], [ user_path=`cat conftest.stdpath` ],
2661 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2662 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2663 )
2664# make sure $bindir is in USER_PATH so scp will work
2665 t_bindir=`eval echo ${bindir}`
2666 case $t_bindir in
2667 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2668 esac
2669 case $t_bindir in
2670 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2671 esac
2672 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2673 if test $? -ne 0 ; then
2674 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2675 if test $? -ne 0 ; then
2676 user_path=$user_path:$t_bindir
2677 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2678 fi
2679 fi
8d184c09 2680 fi ]
cb807f40 2681)
95b99395 2682if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 2683 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2684 AC_SUBST(user_path)
2685fi
cb807f40 2686
06617857 2687# Set superuser path separately to user path
06617857 2688AC_ARG_WITH(superuser-path,
2689 [ --with-superuser-path= Specify different path for super-user],
2690 [
2691 if test "x$withval" != "xno" ; then
2692 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2693 superuser_path=$withval
2694 fi
2695 ]
2696)
2697
2698
58d100bf 2699AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 2700IPV4_IN6_HACK_MSG="no"
80faa19f 2701AC_ARG_WITH(4in6,
2702 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2703 [
2704 if test "x$withval" != "xno" ; then
2705 AC_MSG_RESULT(yes)
2706 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2707 IPV4_IN6_HACK_MSG="yes"
80faa19f 2708 else
2709 AC_MSG_RESULT(no)
2710 fi
2711 ],[
2712 if test "x$inet6_default_4in6" = "xyes"; then
2713 AC_MSG_RESULT([yes (default)])
2714 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2715 IPV4_IN6_HACK_MSG="yes"
80faa19f 2716 else
2717 AC_MSG_RESULT([no (default)])
2718 fi
2719 ]
2720)
2721
af774732 2722# Whether to enable BSD auth support
f1b0ecc3 2723BSD_AUTH_MSG=no
af774732 2724AC_ARG_WITH(bsd-auth,
2725 [ --with-bsd-auth Enable BSD auth support],
2726 [
2727 if test "x$withval" != "xno" ; then
2728 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2729 BSD_AUTH_MSG=yes
af774732 2730 fi
2731 ]
2732)
2733
a0391976 2734# Where to place sshd.pid
19d9ac2a 2735piddir=/var/run
81dadca3 2736# make sure the directory exists
2737if test ! -d $piddir ; then
2738 piddir=`eval echo ${sysconfdir}`
2739 case $piddir in
aff51935 2740 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 2741 esac
2742fi
2743
47e45e44 2744AC_ARG_WITH(pid-dir,
2745 [ --with-pid-dir=PATH Specify location of ssh.pid file],
2746 [
2747 if test "x$withval" != "xno" ; then
19d9ac2a 2748 piddir=$withval
81dadca3 2749 if test ! -d $piddir ; then
2750 AC_MSG_WARN([** no $piddir directory on this system **])
2751 fi
47e45e44 2752 fi
2753 ]
2754)
b7a87eea 2755
42f11eb2 2756AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 2757AC_SUBST(piddir)
47e45e44 2758
1d7b9b20 2759dnl allow user to disable some login recording features
2760AC_ARG_ENABLE(lastlog,
bfd550a2 2761 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 2762 [
2763 if test "x$enableval" = "xno" ; then
2764 AC_DEFINE(DISABLE_LASTLOG)
2765 fi
2766 ]
1d7b9b20 2767)
2768AC_ARG_ENABLE(utmp,
bfd550a2 2769 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 2770 [
2771 if test "x$enableval" = "xno" ; then
2772 AC_DEFINE(DISABLE_UTMP)
2773 fi
2774 ]
1d7b9b20 2775)
2776AC_ARG_ENABLE(utmpx,
bfd550a2 2777 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 2778 [
2779 if test "x$enableval" = "xno" ; then
2780 AC_DEFINE(DISABLE_UTMPX)
2781 fi
2782 ]
1d7b9b20 2783)
2784AC_ARG_ENABLE(wtmp,
bfd550a2 2785 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 2786 [
2787 if test "x$enableval" = "xno" ; then
2788 AC_DEFINE(DISABLE_WTMP)
2789 fi
2790 ]
1d7b9b20 2791)
2792AC_ARG_ENABLE(wtmpx,
bfd550a2 2793 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 2794 [
2795 if test "x$enableval" = "xno" ; then
2796 AC_DEFINE(DISABLE_WTMPX)
2797 fi
2798 ]
1d7b9b20 2799)
2800AC_ARG_ENABLE(libutil,
bfd550a2 2801 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 2802 [
2803 if test "x$enableval" = "xno" ; then
2804 AC_DEFINE(DISABLE_LOGIN)
2805 fi
2806 ]
1d7b9b20 2807)
2808AC_ARG_ENABLE(pututline,
bfd550a2 2809 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 2810 [
2811 if test "x$enableval" = "xno" ; then
aff51935 2812 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 2813 fi
2814 ]
1d7b9b20 2815)
2816AC_ARG_ENABLE(pututxline,
bfd550a2 2817 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 2818 [
2819 if test "x$enableval" = "xno" ; then
2820 AC_DEFINE(DISABLE_PUTUTXLINE)
2821 fi
2822 ]
1d7b9b20 2823)
2824AC_ARG_WITH(lastlog,
bfd550a2 2825 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 2826 [
2827 if test "x$withval" = "xno" ; then
2828 AC_DEFINE(DISABLE_LASTLOG)
2829 else
2830 conf_lastlog_location=$withval
2831 fi
2832 ]
2833)
1d7b9b20 2834
2835dnl lastlog, [uw]tmpx? detection
2836dnl NOTE: set the paths in the platform section to avoid the
2837dnl need for command-line parameters
2838dnl lastlog and [uw]tmp are subject to a file search if all else fails
2839
2840dnl lastlog detection
2841dnl NOTE: the code itself will detect if lastlog is a directory
2842AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2843AC_TRY_COMPILE([
2844#include <sys/types.h>
2845#include <utmp.h>
2846#ifdef HAVE_LASTLOG_H
2847# include <lastlog.h>
2848#endif
d7c0f3d5 2849#ifdef HAVE_PATHS_H
1d7b9b20 2850# include <paths.h>
41cb4569 2851#endif
2852#ifdef HAVE_LOGIN_H
2853# include <login.h>
1d7b9b20 2854#endif
2855 ],
2856 [ char *lastlog = LASTLOG_FILE; ],
2857 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 2858 [
2859 AC_MSG_RESULT(no)
2860 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2861 AC_TRY_COMPILE([
2862#include <sys/types.h>
2863#include <utmp.h>
2864#ifdef HAVE_LASTLOG_H
2865# include <lastlog.h>
2866#endif
2867#ifdef HAVE_PATHS_H
2868# include <paths.h>
2869#endif
2870 ],
2871 [ char *lastlog = _PATH_LASTLOG; ],
2872 [ AC_MSG_RESULT(yes) ],
2873 [
f282b668 2874 AC_MSG_RESULT(no)
d7c0f3d5 2875 system_lastlog_path=no
2876 ])
2877 ]
1d7b9b20 2878)
d7c0f3d5 2879
1d7b9b20 2880if test -z "$conf_lastlog_location"; then
2881 if test x"$system_lastlog_path" = x"no" ; then
2882 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 2883 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 2884 conf_lastlog_location=$f
2885 fi
2886 done
2887 if test -z "$conf_lastlog_location"; then
f8119cef 2888 AC_MSG_WARN([** Cannot find lastlog **])
2889 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 2890 fi
2891 fi
2892fi
2893
2894if test -n "$conf_lastlog_location"; then
2895 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
2896fi
2897
2898dnl utmp detection
2899AC_MSG_CHECKING([if your system defines UTMP_FILE])
2900AC_TRY_COMPILE([
2901#include <sys/types.h>
2902#include <utmp.h>
d7c0f3d5 2903#ifdef HAVE_PATHS_H
1d7b9b20 2904# include <paths.h>
2905#endif
2906 ],
2907 [ char *utmp = UTMP_FILE; ],
2908 [ AC_MSG_RESULT(yes) ],
2909 [ AC_MSG_RESULT(no)
2910 system_utmp_path=no ]
2911)
2912if test -z "$conf_utmp_location"; then
2913 if test x"$system_utmp_path" = x"no" ; then
2914 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
2915 if test -f $f ; then
2916 conf_utmp_location=$f
2917 fi
2918 done
2919 if test -z "$conf_utmp_location"; then
2920 AC_DEFINE(DISABLE_UTMP)
2921 fi
2922 fi
2923fi
2924if test -n "$conf_utmp_location"; then
2925 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
2926fi
2927
2928dnl wtmp detection
2929AC_MSG_CHECKING([if your system defines WTMP_FILE])
2930AC_TRY_COMPILE([
2931#include <sys/types.h>
2932#include <utmp.h>
d7c0f3d5 2933#ifdef HAVE_PATHS_H
1d7b9b20 2934# include <paths.h>
2935#endif
2936 ],
2937 [ char *wtmp = WTMP_FILE; ],
2938 [ AC_MSG_RESULT(yes) ],
2939 [ AC_MSG_RESULT(no)
2940 system_wtmp_path=no ]
2941)
2942if test -z "$conf_wtmp_location"; then
2943 if test x"$system_wtmp_path" = x"no" ; then
2944 for f in /usr/adm/wtmp /var/log/wtmp; do
2945 if test -f $f ; then
2946 conf_wtmp_location=$f
2947 fi
2948 done
2949 if test -z "$conf_wtmp_location"; then
2950 AC_DEFINE(DISABLE_WTMP)
2951 fi
2952 fi
2953fi
2954if test -n "$conf_wtmp_location"; then
2955 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
2956fi
2957
2958
2959dnl utmpx detection - I don't know any system so perverse as to require
2960dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
2961dnl there, though.
2962AC_MSG_CHECKING([if your system defines UTMPX_FILE])
2963AC_TRY_COMPILE([
2964#include <sys/types.h>
2965#include <utmp.h>
2966#ifdef HAVE_UTMPX_H
2967#include <utmpx.h>
2968#endif
d7c0f3d5 2969#ifdef HAVE_PATHS_H
1d7b9b20 2970# include <paths.h>
2971#endif
2972 ],
2973 [ char *utmpx = UTMPX_FILE; ],
2974 [ AC_MSG_RESULT(yes) ],
2975 [ AC_MSG_RESULT(no)
2976 system_utmpx_path=no ]
2977)
2978if test -z "$conf_utmpx_location"; then
2979 if test x"$system_utmpx_path" = x"no" ; then
2980 AC_DEFINE(DISABLE_UTMPX)
2981 fi
2982else
2983 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
2984fi
2985
2986dnl wtmpx detection
2987AC_MSG_CHECKING([if your system defines WTMPX_FILE])
2988AC_TRY_COMPILE([
2989#include <sys/types.h>
2990#include <utmp.h>
2991#ifdef HAVE_UTMPX_H
2992#include <utmpx.h>
2993#endif
d7c0f3d5 2994#ifdef HAVE_PATHS_H
1d7b9b20 2995# include <paths.h>
2996#endif
2997 ],
2998 [ char *wtmpx = WTMPX_FILE; ],
2999 [ AC_MSG_RESULT(yes) ],
3000 [ AC_MSG_RESULT(no)
3001 system_wtmpx_path=no ]
3002)
3003if test -z "$conf_wtmpx_location"; then
3004 if test x"$system_wtmpx_path" = x"no" ; then
3005 AC_DEFINE(DISABLE_WTMPX)
3006 fi
3007else
3008 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
3009fi
3010
b7a87eea 3011
bd499f9e 3012if test ! -z "$blibpath" ; then
68ece370 3013 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3014 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3015fi
3016
ddceb1c8 3017dnl remove pam and dl because they are in $LIBPAM
3018if test "$PAM_MSG" = yes ; then
98f2d9d5 3019 LIBS=`echo $LIBS | sed 's/-lpam //'`
3020fi
3021if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3022 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3023fi
3024
3c62e7eb 3025AC_EXEEXT
d7cfdd7c 3026AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3027 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3028AC_OUTPUT
d3083fbd 3029
cbd7492e 3030# Print summary of options
3031
cbd7492e 3032# Someone please show me a better way :)
3033A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3034B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3035C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3036D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3037E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3038F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3039G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3040H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3041I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3042J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3043
3044echo ""
26de7942 3045echo "OpenSSH has been configured with the following options:"
ecac8ee5 3046echo " User binaries: $B"
3047echo " System binaries: $C"
3048echo " Configuration files: $D"
3049echo " Askpass program: $E"
3050echo " Manual pages: $F"
3051echo " PID file: $G"
3052echo " Privilege separation chroot path: $H"
95b99395 3053if test "x$external_path_file" = "x/etc/login.conf" ; then
3054echo " At runtime, sshd will use the path defined in $external_path_file"
3055echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3056else
ecac8ee5 3057echo " sshd default user PATH: $I"
89bbd457 3058 if test ! -z "$external_path_file"; then
95b99395 3059echo " (If PATH is set in $external_path_file it will be used instead. If"
3060echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3061 fi
8d184c09 3062fi
06617857 3063if test ! -z "$superuser_path" ; then
ecac8ee5 3064echo " sshd superuser user PATH: $J"
3065fi
3066echo " Manpage format: $MANTYPE"
3e05e934 3067echo " PAM support: $PAM_MSG"
ecac8ee5 3068echo " KerberosV support: $KRB5_MSG"
3069echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3070echo " S/KEY support: $SKEY_MSG"
3071echo " TCP Wrappers support: $TCPW_MSG"
3072echo " MD5 password support: $MD5_MSG"
59031773 3073echo " libedit support: $LIBEDIT_MSG"
3deb1408 3074echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3075echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3076echo " BSD Auth support: $BSD_AUTH_MSG"
3077echo " Random number source: $RAND_MSG"
f1b0ecc3 3078if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3079echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3080fi
3081
cbd7492e 3082echo ""
3083
0c2fb82f 3084echo " Host: ${host}"
3085echo " Compiler: ${CC}"
3086echo " Compiler flags: ${CFLAGS}"
3087echo "Preprocessor flags: ${CPPFLAGS}"
3088echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3089echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3090
3091echo ""
3092
9cefe228 3093if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3094 echo "SVR4 style packages are supported with \"make package\""
3095 echo ""
9cefe228 3096fi
3097
adeebd37 3098if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3099 echo "PAM is enabled. You may need to install a PAM control file "
3100 echo "for sshd, otherwise password authentication may fail. "
aff51935 3101 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3102 echo "subdirectory"
adeebd37 3103 echo ""
3104fi
3105
f1b0ecc3 3106if test ! -z "$RAND_HELPER_CMDHASH" ; then
3107 echo "WARNING: you are using the builtin random number collection "
3108 echo "service. Please read WARNING.RNG and request that your OS "
3109 echo "vendor includes kernel-based random number collection in "
3110 echo "future versions of your OS."
2c523de9 3111 echo ""
3112fi
af774732 3113
2f6f9cff 3114if test ! -z "$NO_PEERCHECK" ; then
3115 echo "WARNING: the operating system that you are using does not "
3116 echo "appear to support either the getpeereid() API nor the "
3117 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3118 echo "enforce security checks to prevent unauthorised connections to "
3119 echo "ssh-agent. Their absence increases the risk that a malicious "
3120 echo "user can connect to your agent. "
3121 echo ""
3122fi
3123
git-cvsimport mirror of OpenSSH
This page took 0.824509 seconds and 5 git commands to generate.