]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
bc6f919d 17AC_INIT(OpenSSH, Portable)
98a7c37b 18AC_CONFIG_SRCDIR([ssh.c])
5881cd60 19
20AC_CONFIG_HEADER(config.h)
b14b2ae7 21AC_PROG_CC
a7effaac 22AC_CANONICAL_HOST
cf0c5df5 23AC_C_BIGENDIAN
5881cd60 24
a0391976 25# Checks for programs.
4bbf95fa 26AC_PROG_AWK
4cca272e 27AC_PROG_CPP
5881cd60 28AC_PROG_RANLIB
cf8dd513 29AC_PROG_INSTALL
bee0a37e 30AC_PATH_PROG(AR, ar)
ddd8c95b 31AC_PATH_PROG(CAT, cat)
32AC_PATH_PROG(KILL, kill)
13dd877b 33AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 34AC_PATH_PROG(SED, sed)
a0f84251 35AC_SUBST(PERL)
ad85db64 36AC_PATH_PROG(ENT, ent)
37AC_SUBST(ENT)
6958bd37 38AC_PATH_PROG(TEST_MINUS_S_SH, bash)
39AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
40AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 41AC_PATH_PROG(SH, sh)
a3245b92 42AC_SUBST(TEST_SHELL,sh)
f498ed15 43
9cefe228 44dnl for buildpkg.sh
45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
46 [/usr/sbin${PATH_SEPARATOR}/etc])
47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
50
948fd8b9 51# System features
52AC_SYS_LARGEFILE
53
c193d002 54if test -z "$AR" ; then
55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
56fi
57
2e73a022 58# Use LOGIN_PROGRAM from environment if possible
59if test ! -z "$LOGIN_PROGRAM" ; then
60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
61else
62 # Search for login
63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
66 fi
67fi
68
37656beb 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
70if test ! -z "$PATH_PASSWD_PROG" ; then
71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG")
72fi
73
d423d822 74if test -z "$LD" ; then
75 LD=$CC
76fi
77AC_SUBST(LD)
78
d423d822 79AC_C_INLINE
aff51935 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
5ed2bb5b 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
d423d822 82fi
83
e6354014 84AC_ARG_WITH(rpath,
85 [ --without-rpath Disable auto-added -R linker paths],
86 [
87 if test "x$withval" = "xno" ; then
88 need_dash_r=""
89 fi
90 if test "x$withval" = "xyes" ; then
91 need_dash_r=1
92 fi
93 ]
94)
95
a0391976 96# Check for some target-specific stuff
a7effaac 97case "$host" in
9d6b1b96 98*-*-aix*)
aff51935 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 100 if (test -z "$blibpath"); then
0a15d73b 101 blibpath="/usr/lib:/lib"
68ece370 102 fi
103 saved_LDFLAGS="$LDFLAGS"
104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
105 if (test -z "$blibflags"); then
106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
107 AC_TRY_LINK([], [], [blibflags=$tryflags])
108 fi
109 done
110 if (test -z "$blibflags"); then
111 AC_MSG_RESULT(not found)
112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
113 else
114 AC_MSG_RESULT($blibflags)
bd499f9e 115 fi
68ece370 116 LDFLAGS="$saved_LDFLAGS"
e351e493 117 dnl Check for authenticate. Might be in libs.a on older AIXes
118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
0764e748 119 [AC_CHECK_LIB(s,authenticate,
e351e493 120 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 121 LIBS="$LIBS -ls"
122 ])
123 ])
ba603e06 124 dnl Check for various auth function declarations in headers.
125 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, passwdexpired],,
126 [#include <usersec.h>])
e351e493 127 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 128 AC_CHECK_DECLS(loginfailed,
e351e493 129 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
130 AC_TRY_COMPILE(
f58c0e01 131 [#include <usersec.h>],
e351e493 132 [(void)loginfailed("user","host","tty",0);],
133 [AC_MSG_RESULT(yes)
134 AC_DEFINE(AIX_LOGINFAILED_4ARG)],
f58c0e01 135 [AC_MSG_RESULT(no)]
e351e493 136 )],
137 [],
138 [#include <usersec.h>]
139 )
2aa3a16c 140 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 141 check_for_aix_broken_getaddrinfo=1
1352689f 142 AC_DEFINE(BROKEN_REALPATH)
3b8dff69 143 AC_DEFINE(SETEUID_BREAKS_SETUID)
144 AC_DEFINE(BROKEN_SETREUID)
145 AC_DEFINE(BROKEN_SETREGID)
a3cef3ca 146 dnl AIX handles lastlog as part of its login message
147 AC_DEFINE(DISABLE_LASTLOG)
58177c0a 148 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3a2b2b44 149 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
9d6b1b96 150 ;;
3c62e7eb 151*-*-cygwin*)
a52997bd 152 check_for_libcrypt_later=1
ffb8d130 153 LIBS="$LIBS /usr/lib/textmode.o"
3c62e7eb 154 AC_DEFINE(HAVE_CYGWIN)
7043a38d 155 AC_DEFINE(USE_PIPES)
3c62e7eb 156 AC_DEFINE(DISABLE_SHADOW)
3c62e7eb 157 AC_DEFINE(IP_TOS_IS_BROKEN)
3d114925 158 AC_DEFINE(NO_X11_UNIX_SOCKETS)
e6f15ed1 159 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
94d8258b 160 AC_DEFINE(DISABLE_FD_PASSING)
246446cd 161 AC_DEFINE(SETGROUPS_NOOP)
3c62e7eb 162 ;;
d6fdb079 163*-*-dgux*)
164 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 165 AC_DEFINE(SETEUID_BREAKS_SETUID)
166 AC_DEFINE(BROKEN_SETREUID)
167 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 168 ;;
39c98ef7 169*-*-darwin*)
33e2e066 170 AC_MSG_CHECKING(if we have working getaddrinfo)
171 AC_TRY_RUN([#include <mach-o/dyld.h>
172main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
173 exit(0);
174 else
175 exit(1);
176}], [AC_MSG_RESULT(working)],
177 [AC_MSG_RESULT(buggy)
178 AC_DEFINE(BROKEN_GETADDRINFO)],
b27e573d 179 [AC_MSG_RESULT(assume it is working)])
635e0c42 180 AC_DEFINE(SETEUID_BREAKS_SETUID)
181 AC_DEFINE(BROKEN_SETREUID)
182 AC_DEFINE(BROKEN_SETREGID)
ff620033 183 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
39c98ef7 184 ;;
6e879cb4 185*-*-hpux10.26)
186 if test -z "$GCC"; then
187 CFLAGS="$CFLAGS -Ae"
188 fi
189 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
190 IPADDR_IN_DISPLAY=yes
191 AC_DEFINE(HAVE_SECUREWARE)
192 AC_DEFINE(USE_PIPES)
193 AC_DEFINE(LOGIN_NO_ENDOPT)
194 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 195 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 196 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 197 LIBS="$LIBS -lsec -lsecpw"
198 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
6e879cb4 199 disable_ptmx_check=yes
200 ;;
a7effaac 201*-*-hpux10*)
202 if test -z "$GCC"; then
fc1e8bf4 203 CFLAGS="$CFLAGS -Ae"
a7effaac 204 fi
28564873 205 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 206 IPADDR_IN_DISPLAY=yes
137d7b6c 207 AC_DEFINE(USE_PIPES)
a2572aa7 208 AC_DEFINE(LOGIN_NO_ENDOPT)
209 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3e6e3da0 210 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 211 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
f75ca46d 212 LIBS="$LIBS -lsec"
213 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
a7effaac 214 ;;
2b763e31 215*-*-hpux11*)
b8fea62d 216 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 217 IPADDR_IN_DISPLAY=yes
adeebd37 218 AC_DEFINE(PAM_SUN_CODEBASE)
2b10f47a 219 AC_DEFINE(USE_PIPES)
a2572aa7 220 AC_DEFINE(LOGIN_NO_ENDOPT)
221 AC_DEFINE(LOGIN_NEEDS_UTMPX)
764d4113 222 AC_DEFINE(DISABLE_UTMP)
3e6e3da0 223 AC_DEFINE(LOCKED_PASSWD_STRING, "*")
3a2b2b44 224 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
b6610e8f 225 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
2fe51906 226 check_for_hpux_broken_getaddrinfo=1
b29fd59f 227 check_for_conflicting_getspnam=1
f75ca46d 228 LIBS="$LIBS -lsec"
229 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
2b763e31 230 ;;
d94aa2ae 231*-*-irix5*)
6ac7829a 232 PATH="$PATH:/usr/etc"
416ed5a7 233 AC_DEFINE(BROKEN_INET_NTOA)
cb433561 234 AC_DEFINE(SETEUID_BREAKS_SETUID)
235 AC_DEFINE(BROKEN_SETREUID)
236 AC_DEFINE(BROKEN_SETREGID)
0e8f4eba 237 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 238 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 239 ;;
240*-*-irix6*)
6ac7829a 241 PATH="$PATH:/usr/etc"
3206bb3b 242 AC_DEFINE(WITH_IRIX_ARRAY)
243 AC_DEFINE(WITH_IRIX_PROJECT)
244 AC_DEFINE(WITH_IRIX_AUDIT)
b5171f93 245 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
416ed5a7 246 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 247 AC_DEFINE(SETEUID_BREAKS_SETUID)
248 AC_DEFINE(BROKEN_SETREUID)
249 AC_DEFINE(BROKEN_SETREGID)
3d59832f 250 AC_DEFINE(BROKEN_UPDWTMPX)
0e8f4eba 251 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 252 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 253 ;;
5cdfe03f 254*-*-linux*)
255 no_dev_ptmx=1
717057b6 256 check_for_libcrypt_later=1
eacb954e 257 check_for_openpty_ctty_bug=1
80faa19f 258 AC_DEFINE(DONT_TRY_OTHER_AF)
a8545c6c 259 AC_DEFINE(PAM_TTY_KLUDGE)
b90bed9f 260 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!")
3a2b2b44 261 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
cd698186 262 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM)
b6610e8f 263 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
264 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
80faa19f 265 inet6_default_4in6=yes
bf7c1e6c 266 case `uname -r` in
ad84c479 267 1.*|2.0.*)
bf7c1e6c 268 AC_DEFINE(BROKEN_CMSG_TYPE)
269 ;;
bf7c1e6c 270 esac
5cdfe03f 271 ;;
66d6c27e 272mips-sony-bsd|mips-sony-newsos4)
273 AC_DEFINE(HAVE_NEWS4)
274 SONY=1
66d6c27e 275 ;;
d468fc76 276*-*-netbsd*)
33e2e066 277 check_for_libcrypt_before=1
e6354014 278 if test "x$withval" != "xno" ; then
279 need_dash_r=1
280 fi
d468fc76 281 ;;
86b416a7 282*-*-freebsd*)
283 check_for_libcrypt_later=1
284 ;;
8707b7eb 285*-*-bsdi*)
286 AC_DEFINE(SETEUID_BREAKS_SETUID)
287 AC_DEFINE(BROKEN_SETREUID)
288 AC_DEFINE(BROKEN_SETREGID)
289 ;;
729bfe59 290*-next-*)
729bfe59 291 conf_lastlog_location="/usr/adm/lastlog"
698d107e 292 conf_utmp_location=/etc/utmp
293 conf_wtmp_location=/usr/adm/wtmp
294 MAIL=/usr/spool/mail
729bfe59 295 AC_DEFINE(HAVE_NEXT)
443172c4 296 AC_DEFINE(BROKEN_REALPATH)
00937921 297 AC_DEFINE(USE_PIPES)
86b416a7 298 AC_DEFINE(BROKEN_SAVED_UIDS)
729bfe59 299 ;;
9d6b1b96 300*-*-solaris*)
010e9d5b 301 if test "x$withval" != "xno" ; then
302 need_dash_r=1
303 fi
adeebd37 304 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 305 AC_DEFINE(LOGIN_NEEDS_UTMPX)
306 AC_DEFINE(LOGIN_NEEDS_TERM)
7f0a4ff1 307 AC_DEFINE(PAM_TTY_KLUDGE)
059d3165 308 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID)
3e6e3da0 309 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 310 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
311 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 312 external_path_file=/etc/default/login
1d7b9b20 313 # hardwire lastlog location (can't detect it on some versions)
314 conf_lastlog_location="/var/adm/lastlog"
32c80420 315 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
316 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
317 if test "$sol2ver" -ge 8; then
318 AC_MSG_RESULT(yes)
319 AC_DEFINE(DISABLE_UTMP)
320 AC_DEFINE(DISABLE_WTMP)
321 else
322 AC_MSG_RESULT(no)
323 fi
9d6b1b96 324 ;;
a423beaf 325*-*-sunos4*)
0c2fb82f 326 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 327 AC_CHECK_FUNCS(getpwanam)
adeebd37 328 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 329 conf_utmp_location=/etc/utmp
330 conf_wtmp_location=/var/adm/wtmp
331 conf_lastlog_location=/var/adm/lastlog
137d7b6c 332 AC_DEFINE(USE_PIPES)
a423beaf 333 ;;
6f68f28a 334*-ncr-sysv*)
98a7c37b 335 LIBS="$LIBS -lc89"
29525240 336 AC_DEFINE(USE_PIPES)
eabb99c6 337 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 338 AC_DEFINE(SETEUID_BREAKS_SETUID)
339 AC_DEFINE(BROKEN_SETREUID)
340 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 341 ;;
132dd316 342*-sni-sysv*)
c8c15bcb 343 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 344 AC_CHECK_LIB(dl, dlsym, ,)
85cf54ec 345 # -lresolv needs to be at then end of LIBS or DNS lookups break
346 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
9548d6c8 347 IPADDR_IN_DISPLAY=yes
348 AC_DEFINE(USE_PIPES)
132dd316 349 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 350 AC_DEFINE(SETEUID_BREAKS_SETUID)
351 AC_DEFINE(BROKEN_SETREUID)
352 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 353 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 354 external_path_file=/etc/default/login
c8c15bcb 355 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
356 # Attention: always take care to bind libsocket and libnsl before libc,
357 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 358 ;;
79a7ba96 359# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 360*-*-sysv4.2*)
ed6553e2 361 AC_DEFINE(USE_PIPES)
7ed101c0 362 AC_DEFINE(SETEUID_BREAKS_SETUID)
363 AC_DEFINE(BROKEN_SETREUID)
364 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 365 ;;
79a7ba96 366# UnixWare 7.x, OpenUNIX 8
77bb0bca 367*-*-sysv5*)
ed6553e2 368 AC_DEFINE(USE_PIPES)
7ed101c0 369 AC_DEFINE(SETEUID_BREAKS_SETUID)
370 AC_DEFINE(BROKEN_SETREUID)
371 AC_DEFINE(BROKEN_SETREGID)
77bb0bca 372 ;;
9d6b1b96 373*-*-sysv*)
9d6b1b96 374 ;;
79a7ba96 375# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 376*-*-sco3.2v4*)
0a15d73b 377 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize"
f9e4952c 378 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm"
77bb0bca 379 RANLIB=true
ed6553e2 380 no_dev_ptmx=1
77bb0bca 381 AC_DEFINE(BROKEN_SYS_TERMIO_H)
ed6553e2 382 AC_DEFINE(USE_PIPES)
6e879cb4 383 AC_DEFINE(HAVE_SECUREWARE)
d287c664 384 AC_DEFINE(DISABLE_SHADOW)
86b416a7 385 AC_DEFINE(BROKEN_SAVED_UIDS)
9ff90d99 386 AC_DEFINE(SETEUID_BREAKS_SETUID)
387 AC_DEFINE(BROKEN_SETREUID)
388 AC_DEFINE(BROKEN_SETREGID)
bcebad47 389 AC_DEFINE(WITH_ABBREV_NO_TTY)
aca75d94 390 AC_CHECK_FUNCS(getluid setluid)
533875af 391 MANTYPE=man
98a7c37b 392 do_sco3_extra_lib_check=yes
a3245b92 393 TEST_SHELL=ksh
77bb0bca 394 ;;
79a7ba96 395# SCO OpenServer 5.x
77bb0bca 396*-*-sco3.2v5*)
21710e39 397 if test -z "$GCC"; then
398 CFLAGS="$CFLAGS -belf"
399 fi
ed6553e2 400 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 401 no_dev_ptmx=1
ed6553e2 402 AC_DEFINE(USE_PIPES)
6e879cb4 403 AC_DEFINE(HAVE_SECUREWARE)
d287c664 404 AC_DEFINE(DISABLE_SHADOW)
94d8258b 405 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 406 AC_DEFINE(SETEUID_BREAKS_SETUID)
407 AC_DEFINE(BROKEN_SETREUID)
408 AC_DEFINE(BROKEN_SETREGID)
bcebad47 409 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 410 AC_DEFINE(BROKEN_UPDWTMPX)
3ade3b57 411 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
aca75d94 412 AC_CHECK_FUNCS(getluid setluid)
533875af 413 MANTYPE=man
a3245b92 414 TEST_SHELL=ksh
509b1f88 415 ;;
ccbb983c 416*-*-unicosmk*)
c1ad5966 417 AC_DEFINE(NO_SSH_LASTLOG)
418 AC_DEFINE(SETEUID_BREAKS_SETUID)
419 AC_DEFINE(BROKEN_SETREUID)
420 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 421 AC_DEFINE(USE_PIPES)
422 AC_DEFINE(DISABLE_FD_PASSING)
423 LDFLAGS="$LDFLAGS"
424 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
425 MANTYPE=cat
d262b7f2 426 ;;
7b9a8c6e 427*-*-unicosmp*)
c1ad5966 428 AC_DEFINE(SETEUID_BREAKS_SETUID)
429 AC_DEFINE(BROKEN_SETREUID)
430 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 431 AC_DEFINE(WITH_ABBREV_NO_TTY)
432 AC_DEFINE(USE_PIPES)
433 AC_DEFINE(DISABLE_FD_PASSING)
434 LDFLAGS="$LDFLAGS"
c1ad5966 435 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 436 MANTYPE=cat
437 ;;
ca5c7d6a 438*-*-unicos*)
c1ad5966 439 AC_DEFINE(SETEUID_BREAKS_SETUID)
440 AC_DEFINE(BROKEN_SETREUID)
441 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 442 AC_DEFINE(USE_PIPES)
94d8258b 443 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 444 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 445 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
446 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
447 MANTYPE=cat
a704dd54 448 ;;
4d33e531 449*-dec-osf*)
99c8ddac 450 AC_MSG_CHECKING(for Digital Unix SIA)
451 no_osfsia=""
452 AC_ARG_WITH(osfsia,
453 [ --with-osfsia Enable Digital Unix SIA],
454 [
455 if test "x$withval" = "xno" ; then
456 AC_MSG_RESULT(disabled)
457 no_osfsia=1
458 fi
459 ],
460 )
461 if test -z "$no_osfsia" ; then
4d33e531 462 if test -f /etc/sia/matrix.conf; then
463 AC_MSG_RESULT(yes)
464 AC_DEFINE(HAVE_OSF_SIA)
465 AC_DEFINE(DISABLE_LOGIN)
58d0df4e 466 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 467 LIBS="$LIBS -lsecurity -ldb -lm -laud"
468 else
469 AC_MSG_RESULT(no)
dbf8efb3 470 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
4d33e531 471 fi
472 fi
a6e67b60 473 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 474 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 475 AC_DEFINE(BROKEN_SETREUID)
476 AC_DEFINE(BROKEN_SETREGID)
4d33e531 477 ;;
41cb4569 478
479*-*-nto-qnx)
480 AC_DEFINE(USE_PIPES)
481 AC_DEFINE(NO_X11_UNIX_SOCKETS)
482 AC_DEFINE(MISSING_NFDBITS)
483 AC_DEFINE(MISSING_HOWMANY)
484 AC_DEFINE(MISSING_FD_MASK)
485 ;;
a7effaac 486esac
487
8e7b16f8 488# Allow user to specify flags
489AC_ARG_WITH(cflags,
490 [ --with-cflags Specify additional flags to pass to compiler],
491 [
492 if test "x$withval" != "xno" ; then
493 CFLAGS="$CFLAGS $withval"
494 fi
495 ]
496)
0c2fb82f 497AC_ARG_WITH(cppflags,
498 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
499 [
500 if test "x$withval" != "xno"; then
501 CPPFLAGS="$CPPFLAGS $withval"
502 fi
503 ]
504)
8e7b16f8 505AC_ARG_WITH(ldflags,
97b378bf 506 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 507 [
508 if test "x$withval" != "xno" ; then
509 LDFLAGS="$LDFLAGS $withval"
510 fi
511 ]
512)
513AC_ARG_WITH(libs,
514 [ --with-libs Specify additional libraries to link with],
515 [
516 if test "x$withval" != "xno" ; then
517 LIBS="$LIBS $withval"
518 fi
519 ]
520)
521
c5829391 522AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 523AC_RUN_IFELSE(
524 [AC_LANG_SOURCE([
c5829391 525#include <stdio.h>
526int main(){exit(0);}
479cece8 527 ])],
c5829391 528 [ AC_MSG_RESULT(yes) ],
529 [
530 AC_MSG_RESULT(no)
531 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 532 ],
533 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 534)
535
ddceb1c8 536# Checks for header files.
419e26e7 537AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
538 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
539 login_cap.h maillock.h ndir.h netdb.h netgroup.h \
2511d104 540 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
5bbbc661 541 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
419e26e7 542 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
543 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
765a24cd 544 sys/pstat.h sys/select.h sys/stat.h sys/stream.h \
419e26e7 545 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
546 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
ddceb1c8 547
765a24cd 548# sys/ptms.h requires sys/stream.h to be included first on Solaris
549AC_CHECK_HEADERS(sys/ptms.h, [], [], [
550#ifdef HAVE_SYS_STREAM_H
551# include <sys/stream.h>
552#endif
553])
554
a0391976 555# Checks for libraries.
98a7c37b 556AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
557AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 558
f61d6b17 559dnl SCO OS3 needs this for libwrap
98a7c37b 560if test "x$with_tcp_wrappers" != "xno" ; then
561 if test "x$do_sco3_extra_lib_check" = "xyes" ; then
562 AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc)
563 fi
564fi
565
446227d6 566dnl IRIX and Solaris 2.5.1 have dirname() in libgen
567AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
568 AC_CHECK_LIB(gen, dirname,[
569 AC_CACHE_CHECK([for broken dirname],
570 ac_cv_have_broken_dirname, [
571 save_LIBS="$LIBS"
572 LIBS="$LIBS -lgen"
573 AC_TRY_RUN(
574 [
575#include <libgen.h>
576#include <string.h>
577
578int main(int argc, char **argv) {
579 char *s, buf[32];
580
581 strncpy(buf,"/etc", 32);
582 s = dirname(buf);
583 if (!s || strncmp(s, "/", 32) != 0) {
584 exit(1);
585 } else {
586 exit(0);
587 }
588}
589 ],
590 [ ac_cv_have_broken_dirname="no" ],
591 [ ac_cv_have_broken_dirname="yes" ]
592 )
593 LIBS="$save_LIBS"
594 ])
595 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
596 LIBS="$LIBS -lgen"
597 AC_DEFINE(HAVE_DIRNAME)
598 AC_CHECK_HEADERS(libgen.h)
599 fi
600 ])
601])
602
603AC_CHECK_FUNC(getspnam, ,
604 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
605AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
606
98a7c37b 607dnl zlib is required
608AC_ARG_WITH(zlib,
609 [ --with-zlib=PATH Use zlib in PATH],
610 [
846f83ab 611 if test "x$withval" = "xno" ; then
f1b0ecc3 612 AC_MSG_ERROR([*** zlib is required ***])
613 fi
98a7c37b 614 if test -d "$withval/lib"; then
615 if test -n "${need_dash_r}"; then
5a162955 616 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 617 else
5a162955 618 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 619 fi
620 else
621 if test -n "${need_dash_r}"; then
5a162955 622 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 623 else
5a162955 624 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 625 fi
626 fi
627 if test -d "$withval/include"; then
5a162955 628 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 629 else
5a162955 630 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 631 fi
632 ]
633)
634
0a15d73b 635AC_CHECK_LIB(z, deflate, ,
636 [
637 saved_CPPFLAGS="$CPPFLAGS"
638 saved_LDFLAGS="$LDFLAGS"
639 save_LIBS="$LIBS"
640 dnl Check default zlib install dir
641 if test -n "${need_dash_r}"; then
642 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
643 else
644 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
645 fi
646 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
647 LIBS="$LIBS -lz"
648 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
649 [
650 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
651 ]
652 )
653 ]
654)
4ad65809 655AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 656
657AC_ARG_WITH(zlib-version-check,
658 [ --without-zlib-version-check Disable zlib version check],
659 [ if test "x$withval" = "xno" ; then
660 zlib_check_nonfatal=1
661 fi
662 ]
663)
664
4ad65809 665AC_MSG_CHECKING(for zlib 1.1.4 or greater)
479cece8 666AC_RUN_IFELSE([AC_LANG_SOURCE([[
4ad65809 667#include <zlib.h>
668int main()
669{
670 int a, b, c, v;
671 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3)
672 exit(1);
673 v = a*1000000 + b*1000 + c;
674 if (v >= 1001004)
675 exit(0);
676 exit(2);
677}
479cece8 678 ]])],
4ad65809 679 AC_MSG_RESULT(yes),
680 [ AC_MSG_RESULT(no)
8068d564 681 if test -z "$zlib_check_nonfatal" ; then
682 AC_MSG_ERROR([*** zlib too old - check config.log ***
683Your reported zlib version has known security problems. It's possible your
684vendor has fixed these problems without changing the version number. If you
685are sure this is the case, you can disable the check by running
686"./configure --without-zlib-version-check".
687If you are in doubt, upgrade zlib to version 1.1.4 or greater.])
688 else
689 AC_MSG_WARN([zlib version may have security problems])
690 fi
1a01a50c 691 ],
692 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 693)
48e7916f 694
2c523de9 695dnl UnixWare 2.x
aff51935 696AC_CHECK_FUNC(strcasecmp,
2c523de9 697 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
698)
aff51935 699AC_CHECK_FUNC(utimes,
cda1ebcb 700 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
701 LIBS="$LIBS -lc89"]) ]
2c523de9 702)
4cca272e 703
7c6d759d 704dnl Checks for libutil functions
705AC_CHECK_HEADERS(libutil.h)
706AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
707AC_CHECK_FUNCS(logout updwtmp logwtmp)
708
a738c3b0 709AC_FUNC_STRFTIME
710
84ceda19 711# Check for ALTDIRFUNC glob() extension
712AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
713AC_EGREP_CPP(FOUNDIT,
714 [
715 #include <glob.h>
716 #ifdef GLOB_ALTDIRFUNC
717 FOUNDIT
718 #endif
aff51935 719 ],
84ceda19 720 [
721 AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
722 AC_MSG_RESULT(yes)
723 ],
724 [
725 AC_MSG_RESULT(no)
726 ]
727)
4cca272e 728
40849fdb 729# Check for g.gl_matchc glob() extension
730AC_MSG_CHECKING(for gl_matchc field in glob_t)
731AC_EGREP_CPP(FOUNDIT,
aff51935 732 [
733 #include <glob.h>
40849fdb 734 int main(void){glob_t g; g.gl_matchc = 1;}
aff51935 735 ],
736 [
737 AC_DEFINE(GLOB_HAS_GL_MATCHC)
738 AC_MSG_RESULT(yes)
739 ],
740 [
741 AC_MSG_RESULT(no)
742 ]
40849fdb 743)
744
edbe6722 745AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 746AC_RUN_IFELSE(
479cece8 747 [AC_LANG_SOURCE([[
edbe6722 748#include <sys/types.h>
749#include <dirent.h>
aec4cb4f 750int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 751 ]])],
aff51935 752 [AC_MSG_RESULT(yes)],
edbe6722 753 [
754 AC_MSG_RESULT(no)
755 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
1a01a50c 756 ],
757 [
758 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
759 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 760 ]
761)
762
419e26e7 763AC_MSG_CHECKING([for /proc/pid/fd directory])
764if test -d "/proc/$$/fd" ; then
765 AC_DEFINE(HAVE_PROC_PID)
766 AC_MSG_RESULT(yes)
767else
768 AC_MSG_RESULT(no)
769fi
770
278588d8 771# Check whether user wants S/Key support
aff51935 772SKEY_MSG="no"
278588d8 773AC_ARG_WITH(skey,
6ff3d0dc 774 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 775 [
776 if test "x$withval" != "xno" ; then
777
778 if test "x$withval" != "xyes" ; then
779 CPPFLAGS="$CPPFLAGS -I${withval}/include"
780 LDFLAGS="$LDFLAGS -L${withval}/lib"
781 fi
782
783 AC_DEFINE(SKEY)
784 LIBS="-lskey $LIBS"
aff51935 785 SKEY_MSG="yes"
278588d8 786
ddceb1c8 787 AC_MSG_CHECKING([for s/key support])
788 AC_TRY_RUN(
789 [
790#include <stdio.h>
791#include <skey.h>
aec4cb4f 792int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
ddceb1c8 793 ],
794 [AC_MSG_RESULT(yes)],
278588d8 795 [
ddceb1c8 796 AC_MSG_RESULT(no)
278588d8 797 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
798 ])
141fc639 799 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
800 AC_TRY_COMPILE(
801 [#include <stdio.h>
802 #include <skey.h>],
803 [(void)skeychallenge(NULL,"name","",0);],
804 [AC_MSG_RESULT(yes)
805 AC_DEFINE(SKEYCHALLENGE_4ARG)],
806 [AC_MSG_RESULT(no)]
807 )
278588d8 808 fi
809 ]
810)
811
812# Check whether user wants TCP wrappers support
98a7c37b 813TCPW_MSG="no"
278588d8 814AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 815 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 816 [
817 if test "x$withval" != "xno" ; then
818 saved_LIBS="$LIBS"
98a7c37b 819 saved_LDFLAGS="$LDFLAGS"
820 saved_CPPFLAGS="$CPPFLAGS"
821 if test -n "${withval}" -a "${withval}" != "yes"; then
822 if test -d "${withval}/lib"; then
823 if test -n "${need_dash_r}"; then
5a162955 824 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 825 else
5a162955 826 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 827 fi
828 else
829 if test -n "${need_dash_r}"; then
5a162955 830 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 831 else
5a162955 832 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 833 fi
834 fi
835 if test -d "${withval}/include"; then
5a162955 836 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 837 else
5a162955 838 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 839 fi
98a7c37b 840 fi
ddceb1c8 841 LIBWRAP="-lwrap"
842 LIBS="$LIBWRAP $LIBS"
278588d8 843 AC_MSG_CHECKING(for libwrap)
844 AC_TRY_LINK(
845 [
77f09220 846#include <sys/types.h>
847#include <sys/socket.h>
848#include <netinet/in.h>
278588d8 849#include <tcpd.h>
850 int deny_severity = 0, allow_severity = 0;
851 ],
852 [hosts_access(0);],
853 [
854 AC_MSG_RESULT(yes)
855 AC_DEFINE(LIBWRAP)
ddceb1c8 856 AC_SUBST(LIBWRAP)
98a7c37b 857 TCPW_MSG="yes"
278588d8 858 ],
859 [
860 AC_MSG_ERROR([*** libwrap missing])
861 ]
862 )
ddceb1c8 863 LIBS="$saved_LIBS"
278588d8 864 fi
865 ]
866)
867
59031773 868# Check whether user wants libedit support
869LIBEDIT_MSG="no"
870AC_ARG_WITH(libedit,
6ff3d0dc 871 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 872 [ if test "x$withval" != "xno" ; then
873 AC_CHECK_LIB(edit, el_init,
874 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp])
875 LIBEDIT="-ledit -lcurses"
876 LIBEDIT_MSG="yes"
877 AC_SUBST(LIBEDIT)
878 ],
879 [], [-lcurses]
880 )
881 fi ]
882)
883
19160674 884dnl Checks for library functions. Please keep in alphabetical order
885AC_CHECK_FUNCS(\
2909d712 886 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
667abcc6 887 bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \
888 freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \
889 getopt getpeereid _getpty getrlimit getttyent glob inet_aton \
19160674 890 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
79d4fc55 891 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
e7f6070d 892 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
79d4fc55 893 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
3f176010 894 setproctitle setregid setreuid setrlimit \
688eed4a 895 setsid setvbuf sigaction sigvec snprintf socketpair strerror \
7111a85c 896 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
351f44a0 897 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
19160674 898)
98a7c37b 899
1a086f97 900# IRIX has a const char return value for gai_strerror()
901AC_CHECK_FUNCS(gai_strerror,[
902 AC_DEFINE(HAVE_GAI_STRERROR)
903 AC_TRY_COMPILE([
904#include <sys/types.h>
905#include <sys/socket.h>
906#include <netdb.h>
907
908const char *gai_strerror(int);],[
909char *str;
910
911str = gai_strerror(0);],[
912 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
913 [Define if gai_strerror() returns const char *])])])
914
92b1decf 915AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
916
309709db 917dnl Make sure prototypes are defined for these before using them.
08412d26 918AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
309709db 919AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
08412d26 920
3490699c 921dnl tcsendbreak might be a macro
922AC_CHECK_DECL(tcsendbreak,
923 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 924 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 925 [#include <termios.h>]
926)
927
41e0e158 928AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
929
3f176010 930AC_CHECK_FUNCS(setresuid, [
931 dnl Some platorms have setresuid that isn't implemented, test for this
932 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 933 AC_RUN_IFELSE(
934 [AC_LANG_SOURCE([[
9a3fe0e2 935#include <stdlib.h>
936#include <errno.h>
937int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 938 ]])],
3f176010 939 [AC_MSG_RESULT(yes)],
24a9171d 940 [AC_DEFINE(BROKEN_SETRESUID)
1a01a50c 941 AC_MSG_RESULT(not implemented)],
942 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 943 )
944])
9a3fe0e2 945
3f176010 946AC_CHECK_FUNCS(setresgid, [
947 dnl Some platorms have setresgid that isn't implemented, test for this
948 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 949 AC_RUN_IFELSE(
950 [AC_LANG_SOURCE([[
9a3fe0e2 951#include <stdlib.h>
952#include <errno.h>
953int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 954 ]])],
3f176010 955 [AC_MSG_RESULT(yes)],
956 [AC_DEFINE(BROKEN_SETRESGID)
1a01a50c 957 AC_MSG_RESULT(not implemented)],
958 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 959 )
960])
9a3fe0e2 961
2e73a022 962dnl Checks for time functions
1d7b9b20 963AC_CHECK_FUNCS(gettimeofday time)
2e73a022 964dnl Checks for utmp functions
b03bd394 965AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 966AC_CHECK_FUNCS(utmpname)
2e73a022 967dnl Checks for utmpx functions
b03bd394 968AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 969AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 970
aff51935 971AC_CHECK_FUNC(daemon,
beb43d31 972 [AC_DEFINE(HAVE_DAEMON)],
973 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
974)
975
aff51935 976AC_CHECK_FUNC(getpagesize,
aa6bd60a 977 [AC_DEFINE(HAVE_GETPAGESIZE)],
978 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
979)
980
2647ae26 981# Check for broken snprintf
982if test "x$ac_cv_func_snprintf" = "xyes" ; then
983 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 984 AC_RUN_IFELSE(
479cece8 985 [AC_LANG_SOURCE([[
2647ae26 986#include <stdio.h>
aec4cb4f 987int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 988 ]])],
aff51935 989 [AC_MSG_RESULT(yes)],
2647ae26 990 [
991 AC_MSG_RESULT(no)
992 AC_DEFINE(BROKEN_SNPRINTF)
993 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 994 ],
995 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 996 )
997fi
998
2f6f9cff 999# Check for missing getpeereid (or equiv) support
1000NO_PEERCHECK=""
1001if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1002 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1003 AC_TRY_COMPILE(
1004 [#include <sys/types.h>
1005 #include <sys/socket.h>],
1006 [int i = SO_PEERCRED;],
1007 [AC_MSG_RESULT(yes)],
1008 [AC_MSG_RESULT(no)
1009 NO_PEERCHECK=1]
1010 )
1011fi
1012
70e7d0b0 1013dnl see whether mkstemp() requires XXXXXX
1014if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1015AC_MSG_CHECKING([for (overly) strict mkstemp])
1016AC_TRY_RUN(
1017 [
1018#include <stdlib.h>
1019main() { char template[]="conftest.mkstemp-test";
1020if (mkstemp(template) == -1)
1021 exit(1);
1022unlink(template); exit(0);
1023}
1024 ],
1025 [
1026 AC_MSG_RESULT(no)
1027 ],
aff51935 1028 [
70e7d0b0 1029 AC_MSG_RESULT(yes)
1030 AC_DEFINE(HAVE_STRICT_MKSTEMP)
1031 ],
1032 [
1033 AC_MSG_RESULT(yes)
1034 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1035 ]
70e7d0b0 1036)
1037fi
1038
eacb954e 1039dnl make sure that openpty does not reacquire controlling terminal
1040if test ! -z "$check_for_openpty_ctty_bug"; then
1041 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
1042 AC_TRY_RUN(
1043 [
1044#include <stdio.h>
1045#include <sys/fcntl.h>
1046#include <sys/types.h>
1047#include <sys/wait.h>
1048
1049int
1050main()
1051{
1052 pid_t pid;
1053 int fd, ptyfd, ttyfd, status;
1054
1055 pid = fork();
1056 if (pid < 0) { /* failed */
1057 exit(1);
1058 } else if (pid > 0) { /* parent */
1059 waitpid(pid, &status, 0);
aff51935 1060 if (WIFEXITED(status))
eacb954e 1061 exit(WEXITSTATUS(status));
1062 else
1063 exit(2);
1064 } else { /* child */
1065 close(0); close(1); close(2);
1066 setsid();
1067 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1068 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1069 if (fd >= 0)
1070 exit(3); /* Acquired ctty: broken */
1071 else
1072 exit(0); /* Did not acquire ctty: OK */
1073 }
1074}
1075 ],
1076 [
1077 AC_MSG_RESULT(yes)
1078 ],
1079 [
1080 AC_MSG_RESULT(no)
1081 AC_DEFINE(SSHD_ACQUIRES_CTTY)
1082 ]
1083 )
1084fi
1085
2fe51906 1086if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
1087 AC_MSG_CHECKING(if getaddrinfo seems to work)
1088 AC_TRY_RUN(
1089 [
1090#include <stdio.h>
1091#include <sys/socket.h>
1092#include <netdb.h>
1093#include <errno.h>
1094#include <netinet/in.h>
1095
1096#define TEST_PORT "2222"
1097
1098int
1099main(void)
1100{
1101 int err, sock;
1102 struct addrinfo *gai_ai, *ai, hints;
1103 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1104
1105 memset(&hints, 0, sizeof(hints));
1106 hints.ai_family = PF_UNSPEC;
1107 hints.ai_socktype = SOCK_STREAM;
1108 hints.ai_flags = AI_PASSIVE;
1109
1110 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1111 if (err != 0) {
1112 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1113 exit(1);
1114 }
1115
1116 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1117 if (ai->ai_family != AF_INET6)
1118 continue;
1119
1120 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1121 sizeof(ntop), strport, sizeof(strport),
1122 NI_NUMERICHOST|NI_NUMERICSERV);
1123
1124 if (err != 0) {
1125 if (err == EAI_SYSTEM)
1126 perror("getnameinfo EAI_SYSTEM");
1127 else
1128 fprintf(stderr, "getnameinfo failed: %s\n",
1129 gai_strerror(err));
1130 exit(2);
1131 }
1132
1133 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1134 if (sock < 0)
1135 perror("socket");
1136 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1137 if (errno == EBADF)
1138 exit(3);
1139 }
1140 }
1141 exit(0);
1142}
1143 ],
1144 [
1145 AC_MSG_RESULT(yes)
1146 ],
1147 [
1148 AC_MSG_RESULT(no)
1149 AC_DEFINE(BROKEN_GETADDRINFO)
1150 ]
1151 )
1152fi
1153
5ccf88cb 1154if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_aix_broken_getaddrinfo" = "x1"; then
1155 AC_MSG_CHECKING(if getaddrinfo seems to work)
1156 AC_TRY_RUN(
1157 [
1158#include <stdio.h>
1159#include <sys/socket.h>
1160#include <netdb.h>
1161#include <errno.h>
1162#include <netinet/in.h>
1163
1164#define TEST_PORT "2222"
1165
1166int
1167main(void)
1168{
1169 int err, sock;
1170 struct addrinfo *gai_ai, *ai, hints;
1171 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1172
1173 memset(&hints, 0, sizeof(hints));
1174 hints.ai_family = PF_UNSPEC;
1175 hints.ai_socktype = SOCK_STREAM;
1176 hints.ai_flags = AI_PASSIVE;
1177
1178 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1179 if (err != 0) {
1180 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1181 exit(1);
1182 }
1183
1184 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1185 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1186 continue;
1187
1188 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1189 sizeof(ntop), strport, sizeof(strport),
1190 NI_NUMERICHOST|NI_NUMERICSERV);
1191
1192 if (ai->ai_family == AF_INET && err != 0) {
1193 perror("getnameinfo");
1194 exit(2);
1195 }
1196 }
1197 exit(0);
1198}
1199 ],
1200 [
1201 AC_MSG_RESULT(yes)
1202 AC_DEFINE(AIX_GETNAMEINFO_HACK, [],
1203[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address])
1204 ],
1205 [
1206 AC_MSG_RESULT(no)
1207 AC_DEFINE(BROKEN_GETADDRINFO)
1208 ]
1209 )
1210fi
1211
b29fd59f 1212if test "x$check_for_conflicting_getspnam" = "x1"; then
1213 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1214 AC_COMPILE_IFELSE(
1215 [
1216#include <shadow.h>
1217int main(void) {exit(0);}
1218 ],
1219 [
1220 AC_MSG_RESULT(no)
1221 ],
1222 [
1223 AC_MSG_RESULT(yes)
1224 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1225 [Conflicting defs for getspnam])
1226 ]
1227 )
1228fi
1229
7f8f5e00 1230AC_FUNC_GETPGRP
1231
717057b6 1232# Check for PAM libs
cbd7492e 1233PAM_MSG="no"
a0391976 1234AC_ARG_WITH(pam,
717057b6 1235 [ --with-pam Enable PAM support ],
a0391976 1236 [
717057b6 1237 if test "x$withval" != "xno" ; then
2511d104 1238 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1239 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1240 AC_MSG_ERROR([PAM headers not found])
1241 fi
a0391976 1242
717057b6 1243 AC_CHECK_LIB(dl, dlopen, , )
1244 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1245 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1246 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1247
717057b6 1248 PAM_MSG="yes"
4cb5ffa0 1249
717057b6 1250 AC_DEFINE(USE_PAM)
98f2d9d5 1251 if test $ac_cv_lib_dl_dlopen = yes; then
1252 LIBPAM="-lpam -ldl"
1253 else
1254 LIBPAM="-lpam"
1255 fi
1256 AC_SUBST(LIBPAM)
717057b6 1257 fi
1258 ]
1259)
cbd7492e 1260
717057b6 1261# Check for older PAM
1262if test "x$PAM_MSG" = "xyes" ; then
a0391976 1263 # Check PAM strerror arguments (old PAM)
1264 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1265 AC_TRY_COMPILE(
1266 [
18ba2aab 1267#include <stdlib.h>
2511d104 1268#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1269#include <security/pam_appl.h>
2511d104 1270#elif defined (HAVE_PAM_PAM_APPL_H)
1271#include <pam/pam_appl.h>
1272#endif
aff51935 1273 ],
1274 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1275 [AC_MSG_RESULT(no)],
1276 [
1277 AC_DEFINE(HAVE_OLD_PAM)
1278 AC_MSG_RESULT(yes)
cbd7492e 1279 PAM_MSG="yes (old library)"
a0391976 1280 ]
717057b6 1281 )
a0391976 1282fi
1283
5b991353 1284# Search for OpenSSL
1285saved_CPPFLAGS="$CPPFLAGS"
1286saved_LDFLAGS="$LDFLAGS"
a0391976 1287AC_ARG_WITH(ssl-dir,
1288 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1289 [
e9e4a1c7 1290 if test "x$withval" != "xno" ; then
99eb0f64 1291 case "$withval" in
1292 # Relative paths
1293 ./*|../*) withval="`pwd`/$withval"
1294 esac
5b991353 1295 if test -d "$withval/lib"; then
1296 if test -n "${need_dash_r}"; then
1297 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1298 else
1299 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1300 fi
1301 else
5b991353 1302 if test -n "${need_dash_r}"; then
1303 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1304 else
1305 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1306 fi
1307 fi
5b991353 1308 if test -d "$withval/include"; then
1309 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1310 else
5b991353 1311 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1312 fi
a0391976 1313 fi
5b991353 1314 ]
1315)
5486a457 1316LIBS="-lcrypto $LIBS"
5b991353 1317AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
d45e3d76 1318 [
5b991353 1319 dnl Check default openssl install dir
1320 if test -n "${need_dash_r}"; then
1321 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1322 else
5b991353 1323 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1324 fi
5b991353 1325 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1326 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1327 [
1328 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1329 ]
1330 )
1331 ]
1332)
1333
cd018561 1334# Determine OpenSSL header version
1335AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1336AC_RUN_IFELSE(
479cece8 1337 [AC_LANG_SOURCE([[
cd018561 1338#include <stdio.h>
1339#include <string.h>
1340#include <openssl/opensslv.h>
1341#define DATA "conftest.sslincver"
1342int main(void) {
aff51935 1343 FILE *fd;
1344 int rc;
cd018561 1345
aff51935 1346 fd = fopen(DATA,"w");
1347 if(fd == NULL)
1348 exit(1);
cd018561 1349
1350 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1351 exit(1);
1352
1353 exit(0);
1354}
479cece8 1355 ]])],
cd018561 1356 [
1357 ssl_header_ver=`cat conftest.sslincver`
1358 AC_MSG_RESULT($ssl_header_ver)
1359 ],
1360 [
1361 AC_MSG_RESULT(not found)
1362 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1363 ],
1364 [
1365 AC_MSG_WARN([cross compiling: not checking])
cd018561 1366 ]
1367)
1368
1369# Determine OpenSSL library version
1370AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1371AC_RUN_IFELSE(
479cece8 1372 [AC_LANG_SOURCE([[
cd018561 1373#include <stdio.h>
1374#include <string.h>
1375#include <openssl/opensslv.h>
1376#include <openssl/crypto.h>
1377#define DATA "conftest.ssllibver"
1378int main(void) {
aff51935 1379 FILE *fd;
1380 int rc;
cd018561 1381
aff51935 1382 fd = fopen(DATA,"w");
1383 if(fd == NULL)
1384 exit(1);
cd018561 1385
1386 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1387 exit(1);
1388
1389 exit(0);
1390}
479cece8 1391 ]])],
cd018561 1392 [
1393 ssl_library_ver=`cat conftest.ssllibver`
1394 AC_MSG_RESULT($ssl_library_ver)
1395 ],
1396 [
1397 AC_MSG_RESULT(not found)
1398 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1399 ],
1400 [
1401 AC_MSG_WARN([cross compiling: not checking])
cd018561 1402 ]
1403)
58d100bf 1404
9780116c 1405# Sanity check OpenSSL headers
1406AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1407AC_RUN_IFELSE(
479cece8 1408 [AC_LANG_SOURCE([[
9780116c 1409#include <string.h>
1410#include <openssl/opensslv.h>
aec4cb4f 1411int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1412 ]])],
9780116c 1413 [
1414 AC_MSG_RESULT(yes)
1415 ],
1416 [
1417 AC_MSG_RESULT(no)
e15ba28b 1418 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1419Check config.log for details.
1420Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1421 ],
1422 [
1423 AC_MSG_WARN([cross compiling: not checking])
9780116c 1424 ]
1425)
1426
5486a457 1427# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1428# because the system crypt() is more featureful.
1429if test "x$check_for_libcrypt_before" = "x1"; then
1430 AC_CHECK_LIB(crypt, crypt)
1431fi
1432
aff51935 1433# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1434# version in OpenSSL.
05114c74 1435if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1436 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1437fi
1438
f1b0ecc3 1439
1440### Configure cryptographic random number support
1441
1442# Check wheter OpenSSL seeds itself
1443AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1444AC_RUN_IFELSE(
479cece8 1445 [AC_LANG_SOURCE([[
f1b0ecc3 1446#include <string.h>
1447#include <openssl/rand.h>
aec4cb4f 1448int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1449 ]])],
f1b0ecc3 1450 [
1451 OPENSSL_SEEDS_ITSELF=yes
1452 AC_MSG_RESULT(yes)
1453 ],
1454 [
1455 AC_MSG_RESULT(no)
1456 # Default to use of the rand helper if OpenSSL doesn't
1457 # seed itself
1458 USE_RAND_HELPER=yes
1a01a50c 1459 ],
1460 [
1461 AC_MSG_WARN([cross compiling: assuming yes])
1462 # This is safe, since all recent OpenSSL versions will
1463 # complain at runtime if not seeded correctly.
1464 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1465 ]
1466)
1467
1468
1469# Do we want to force the use of the rand helper?
1470AC_ARG_WITH(rand-helper,
1471 [ --with-rand-helper Use subprocess to gather strong randomness ],
1472 [
1473 if test "x$withval" = "xno" ; then
aff51935 1474 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1475 # the previous test showed it to be unseeded.
1476 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1477 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1478 OPENSSL_SEEDS_ITSELF=yes
1479 USE_RAND_HELPER=""
1480 fi
1481 else
1482 USE_RAND_HELPER=yes
1483 fi
1484 ],
1485)
1486
1487# Which randomness source do we use?
1488if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1489 # OpenSSL only
1490 AC_DEFINE(OPENSSL_PRNG_ONLY)
1491 RAND_MSG="OpenSSL internal ONLY"
1492 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1493elif test ! -z "$USE_RAND_HELPER" ; then
1494 # install rand helper
f1b0ecc3 1495 RAND_MSG="ssh-rand-helper"
1496 INSTALL_SSH_RAND_HELPER="yes"
1497fi
1498AC_SUBST(INSTALL_SSH_RAND_HELPER)
1499
1500### Configuration of ssh-rand-helper
1501
1502# PRNGD TCP socket
1503AC_ARG_WITH(prngd-port,
1504 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1505 [
eb5d7ff6 1506 case "$withval" in
1507 no)
1508 withval=""
1509 ;;
1510 [[0-9]]*)
1511 ;;
1512 *)
1513 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1514 ;;
1515 esac
1516 if test ! -z "$withval" ; then
f1b0ecc3 1517 PRNGD_PORT="$withval"
1518 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
1519 fi
1520 ]
1521)
1522
1523# PRNGD Unix domain socket
1524AC_ARG_WITH(prngd-socket,
1525 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1526 [
eb5d7ff6 1527 case "$withval" in
1528 yes)
f1b0ecc3 1529 withval="/var/run/egd-pool"
eb5d7ff6 1530 ;;
1531 no)
1532 withval=""
1533 ;;
1534 /*)
1535 ;;
1536 *)
1537 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
1538 ;;
1539 esac
1540
1541 if test ! -z "$withval" ; then
f1b0ecc3 1542 if test ! -z "$PRNGD_PORT" ; then
1543 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
1544 fi
906e811b 1545 if test ! -r "$withval" ; then
f1b0ecc3 1546 AC_MSG_WARN(Entropy socket is not readable)
1547 fi
1548 PRNGD_SOCKET="$withval"
1549 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1550 fi
ddceb1c8 1551 ],
1552 [
1553 # Check for existing socket only if we don't have a random device already
1554 if test "$USE_RAND_HELPER" = yes ; then
1555 AC_MSG_CHECKING(for PRNGD/EGD socket)
1556 # Insert other locations here
1557 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
1558 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
1559 PRNGD_SOCKET="$sock"
1560 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
1561 break;
1562 fi
1563 done
1564 if test ! -z "$PRNGD_SOCKET" ; then
1565 AC_MSG_RESULT($PRNGD_SOCKET)
1566 else
1567 AC_MSG_RESULT(not found)
1568 fi
1569 fi
f1b0ecc3 1570 ]
1571)
1572
1573# Change default command timeout for hashing entropy source
1574entropy_timeout=200
1575AC_ARG_WITH(entropy-timeout,
1576 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1577 [
1578 if test "x$withval" != "xno" ; then
1579 entropy_timeout=$withval
1580 fi
1581 ]
1582)
f1b0ecc3 1583AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1584
fd3cbf67 1585SSH_PRIVSEP_USER=sshd
9a0fbcb3 1586AC_ARG_WITH(privsep-user,
5222e7ef 1587 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 1588 [
1589 if test -n "$withval"; then
fd3cbf67 1590 SSH_PRIVSEP_USER=$withval
9a0fbcb3 1591 fi
1592 ]
1593)
fd3cbf67 1594AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
1595AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 1596
81dadca3 1597# We do this little dance with the search path to insure
1598# that programs that we select for use by installed programs
1599# (which may be run by the super-user) come from trusted
1600# locations before they come from the user's private area.
1601# This should help avoid accidentally configuring some
1602# random version of a program in someone's personal bin.
1603
1604OPATH=$PATH
1605PATH=/bin:/usr/bin
f95c8ce8 1606test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 1607test -d /sbin && PATH=$PATH:/sbin
1608test -d /usr/sbin && PATH=$PATH:/usr/sbin
1609PATH=$PATH:/etc:$OPATH
1610
aff51935 1611# These programs are used by the command hashing source to gather entropy
f1b0ecc3 1612OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1613OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1614OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1615OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1616OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
1617OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1618OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
1619OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1620OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1621OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1622OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1623OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1624OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1625OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1626OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1627OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 1628# restore PATH
1629PATH=$OPATH
f1b0ecc3 1630
1631# Where does ssh-rand-helper get its randomness from?
1632INSTALL_SSH_PRNG_CMDS=""
1633if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
1634 if test ! -z "$PRNGD_PORT" ; then
1635 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1636 elif test ! -z "$PRNGD_SOCKET" ; then
1637 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
1638 else
1639 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
1640 RAND_HELPER_CMDHASH=yes
1641 INSTALL_SSH_PRNG_CMDS="yes"
1642 fi
1643fi
1644AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1645
1646
66d6c27e 1647# Cheap hack to ensure NEWS-OS libraries are arranged right.
1648if test ! -z "$SONY" ; then
1649 LIBS="$LIBS -liberty";
1650fi
1651
a0391976 1652# Checks for data types
976f7e19 1653AC_CHECK_SIZEOF(char, 1)
2b942fe0 1654AC_CHECK_SIZEOF(short int, 2)
1655AC_CHECK_SIZEOF(int, 4)
1656AC_CHECK_SIZEOF(long int, 4)
1657AC_CHECK_SIZEOF(long long int, 8)
1658
52f1ccb2 1659# Sanity check long long for some platforms (AIX)
1660if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
1661 ac_cv_sizeof_long_long_int=0
1662fi
1663
a0391976 1664# More checks for data types
14a9a859 1665AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
1666 AC_TRY_COMPILE(
aff51935 1667 [ #include <sys/types.h> ],
1668 [ u_int a; a = 1;],
14a9a859 1669 [ ac_cv_have_u_int="yes" ],
1670 [ ac_cv_have_u_int="no" ]
1671 )
1672])
1673if test "x$ac_cv_have_u_int" = "xyes" ; then
1674 AC_DEFINE(HAVE_U_INT)
1675 have_u_int=1
1676fi
1677
58d100bf 1678AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
1679 AC_TRY_COMPILE(
aff51935 1680 [ #include <sys/types.h> ],
1681 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 1682 [ ac_cv_have_intxx_t="yes" ],
1683 [ ac_cv_have_intxx_t="no" ]
1684 )
1685])
1686if test "x$ac_cv_have_intxx_t" = "xyes" ; then
1687 AC_DEFINE(HAVE_INTXX_T)
1688 have_intxx_t=1
1689fi
41cb4569 1690
1691if (test -z "$have_intxx_t" && \
aff51935 1692 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 1693then
1694 AC_MSG_CHECKING([for intXX_t types in stdint.h])
1695 AC_TRY_COMPILE(
aff51935 1696 [ #include <stdint.h> ],
1697 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 1698 [
1699 AC_DEFINE(HAVE_INTXX_T)
1700 AC_MSG_RESULT(yes)
1701 ],
1702 [ AC_MSG_RESULT(no) ]
1703 )
1704fi
1705
bd590612 1706AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
1707 AC_TRY_COMPILE(
1cbbe6c8 1708 [
1709#include <sys/types.h>
1710#ifdef HAVE_STDINT_H
1711# include <stdint.h>
1712#endif
1713#include <sys/socket.h>
1714#ifdef HAVE_SYS_BITYPES_H
1715# include <sys/bitypes.h>
1716#endif
aff51935 1717 ],
1718 [ int64_t a; a = 1;],
bd590612 1719 [ ac_cv_have_int64_t="yes" ],
1720 [ ac_cv_have_int64_t="no" ]
1721 )
1722])
1723if test "x$ac_cv_have_int64_t" = "xyes" ; then
1724 AC_DEFINE(HAVE_INT64_T)
ddceb1c8 1725fi
1726
58d100bf 1727AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
1728 AC_TRY_COMPILE(
aff51935 1729 [ #include <sys/types.h> ],
1730 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 1731 [ ac_cv_have_u_intxx_t="yes" ],
1732 [ ac_cv_have_u_intxx_t="no" ]
1733 )
1734])
1735if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
1736 AC_DEFINE(HAVE_U_INTXX_T)
1737 have_u_intxx_t=1
1738fi
2b942fe0 1739
41cb4569 1740if test -z "$have_u_intxx_t" ; then
1741 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
1742 AC_TRY_COMPILE(
aff51935 1743 [ #include <sys/socket.h> ],
1744 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 1745 [
1746 AC_DEFINE(HAVE_U_INTXX_T)
1747 AC_MSG_RESULT(yes)
1748 ],
1749 [ AC_MSG_RESULT(no) ]
1750 )
1751fi
1752
bd590612 1753AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
1754 AC_TRY_COMPILE(
aff51935 1755 [ #include <sys/types.h> ],
1756 [ u_int64_t a; a = 1;],
bd590612 1757 [ ac_cv_have_u_int64_t="yes" ],
1758 [ ac_cv_have_u_int64_t="no" ]
1759 )
1760])
1761if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
1762 AC_DEFINE(HAVE_U_INT64_T)
1763 have_u_int64_t=1
1764fi
1765
ddceb1c8 1766if test -z "$have_u_int64_t" ; then
1767 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
1768 AC_TRY_COMPILE(
aff51935 1769 [ #include <sys/bitypes.h> ],
ddceb1c8 1770 [ u_int64_t a; a = 1],
1771 [
1772 AC_DEFINE(HAVE_U_INT64_T)
1773 AC_MSG_RESULT(yes)
1774 ],
1775 [ AC_MSG_RESULT(no) ]
1776 )
1777fi
1778
41cb4569 1779if test -z "$have_u_intxx_t" ; then
1780 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
1781 AC_TRY_COMPILE(
1782 [
1783#include <sys/types.h>
aff51935 1784 ],
1785 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 1786 [ ac_cv_have_uintxx_t="yes" ],
1787 [ ac_cv_have_uintxx_t="no" ]
1788 )
1789 ])
1790 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
1791 AC_DEFINE(HAVE_UINTXX_T)
1792 fi
1793fi
1794
1795if test -z "$have_uintxx_t" ; then
1796 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
1797 AC_TRY_COMPILE(
aff51935 1798 [ #include <stdint.h> ],
1799 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 1800 [
1801 AC_DEFINE(HAVE_UINTXX_T)
1802 AC_MSG_RESULT(yes)
1803 ],
1804 [ AC_MSG_RESULT(no) ]
1805 )
1806fi
1807
e5fe9a1f 1808if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 1809 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 1810then
1811 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
1812 AC_TRY_COMPILE(
58d100bf 1813 [
1814#include <sys/bitypes.h>
aff51935 1815 ],
5cdfe03f 1816 [
837c30b8 1817 int8_t a; int16_t b; int32_t c;
1818 u_int8_t e; u_int16_t f; u_int32_t g;
1819 a = b = c = e = f = g = 1;
aff51935 1820 ],
5cdfe03f 1821 [
1822 AC_DEFINE(HAVE_U_INTXX_T)
1823 AC_DEFINE(HAVE_INTXX_T)
1824 AC_MSG_RESULT(yes)
1825 ],
1826 [AC_MSG_RESULT(no)]
aff51935 1827 )
5cdfe03f 1828fi
1829
0362750e 1830
1831AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
1832 AC_TRY_COMPILE(
1833 [
1834#include <sys/types.h>
1835 ],
1836 [ u_char foo; foo = 125; ],
1837 [ ac_cv_have_u_char="yes" ],
1838 [ ac_cv_have_u_char="no" ]
1839 )
1840])
1841if test "x$ac_cv_have_u_char" = "xyes" ; then
1842 AC_DEFINE(HAVE_U_CHAR)
1843fi
1844
98a7c37b 1845TYPE_SOCKLEN_T
2b942fe0 1846
2d16d9a3 1847AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 1848
58d100bf 1849AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
1850 AC_TRY_COMPILE(
1851 [
18ba2aab 1852#include <sys/types.h>
58d100bf 1853 ],
1854 [ size_t foo; foo = 1235; ],
1855 [ ac_cv_have_size_t="yes" ],
1856 [ ac_cv_have_size_t="no" ]
1857 )
1858])
1859if test "x$ac_cv_have_size_t" = "xyes" ; then
1860 AC_DEFINE(HAVE_SIZE_T)
1861fi
ea1970a3 1862
c04f75f1 1863AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
1864 AC_TRY_COMPILE(
1865 [
1866#include <sys/types.h>
1867 ],
1868 [ ssize_t foo; foo = 1235; ],
1869 [ ac_cv_have_ssize_t="yes" ],
1870 [ ac_cv_have_ssize_t="no" ]
1871 )
1872])
1873if test "x$ac_cv_have_ssize_t" = "xyes" ; then
1874 AC_DEFINE(HAVE_SSIZE_T)
1875fi
1876
f1c4659d 1877AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
1878 AC_TRY_COMPILE(
1879 [
1880#include <time.h>
1881 ],
1882 [ clock_t foo; foo = 1235; ],
1883 [ ac_cv_have_clock_t="yes" ],
1884 [ ac_cv_have_clock_t="no" ]
1885 )
1886])
1887if test "x$ac_cv_have_clock_t" = "xyes" ; then
1888 AC_DEFINE(HAVE_CLOCK_T)
1889fi
1890
1c04b088 1891AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
1892 AC_TRY_COMPILE(
1893 [
1894#include <sys/types.h>
1895#include <sys/socket.h>
1896 ],
1897 [ sa_family_t foo; foo = 1235; ],
1898 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 1899 [ AC_TRY_COMPILE(
1900 [
1901#include <sys/types.h>
1902#include <sys/socket.h>
1903#include <netinet/in.h>
1904 ],
1905 [ sa_family_t foo; foo = 1235; ],
1906 [ ac_cv_have_sa_family_t="yes" ],
1907
1c04b088 1908 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 1909 )]
1c04b088 1910 )
1911])
1912if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
1913 AC_DEFINE(HAVE_SA_FAMILY_T)
1914fi
1915
729bfe59 1916AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
1917 AC_TRY_COMPILE(
1918 [
1919#include <sys/types.h>
1920 ],
1921 [ pid_t foo; foo = 1235; ],
1922 [ ac_cv_have_pid_t="yes" ],
1923 [ ac_cv_have_pid_t="no" ]
1924 )
1925])
1926if test "x$ac_cv_have_pid_t" = "xyes" ; then
1927 AC_DEFINE(HAVE_PID_T)
1928fi
1929
1930AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
1931 AC_TRY_COMPILE(
1932 [
1933#include <sys/types.h>
1934 ],
1935 [ mode_t foo; foo = 1235; ],
1936 [ ac_cv_have_mode_t="yes" ],
1937 [ ac_cv_have_mode_t="no" ]
1938 )
1939])
1940if test "x$ac_cv_have_mode_t" = "xyes" ; then
1941 AC_DEFINE(HAVE_MODE_T)
1942fi
1943
e3a93db0 1944
58d100bf 1945AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
1946 AC_TRY_COMPILE(
1947 [
18ba2aab 1948#include <sys/types.h>
1949#include <sys/socket.h>
58d100bf 1950 ],
1951 [ struct sockaddr_storage s; ],
1952 [ ac_cv_have_struct_sockaddr_storage="yes" ],
1953 [ ac_cv_have_struct_sockaddr_storage="no" ]
1954 )
1955])
1956if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
1957 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
1958fi
48e671d5 1959
58d100bf 1960AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
1961 AC_TRY_COMPILE(
1962 [
cbd7492e 1963#include <sys/types.h>
58d100bf 1964#include <netinet/in.h>
1965 ],
1966 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
1967 [ ac_cv_have_struct_sockaddr_in6="yes" ],
1968 [ ac_cv_have_struct_sockaddr_in6="no" ]
1969 )
1970])
1971if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
1972 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
1973fi
48e671d5 1974
58d100bf 1975AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
1976 AC_TRY_COMPILE(
1977 [
cbd7492e 1978#include <sys/types.h>
58d100bf 1979#include <netinet/in.h>
1980 ],
1981 [ struct in6_addr s; s.s6_addr[0] = 0; ],
1982 [ ac_cv_have_struct_in6_addr="yes" ],
1983 [ ac_cv_have_struct_in6_addr="no" ]
1984 )
1985])
1986if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
1987 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
1988fi
48e671d5 1989
58d100bf 1990AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
1991 AC_TRY_COMPILE(
1992 [
18ba2aab 1993#include <sys/types.h>
1994#include <sys/socket.h>
1995#include <netdb.h>
58d100bf 1996 ],
1997 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
1998 [ ac_cv_have_struct_addrinfo="yes" ],
1999 [ ac_cv_have_struct_addrinfo="no" ]
2000 )
2001])
2002if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
2003 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
2004fi
2005
89c7e31c 2006AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2007 AC_TRY_COMPILE(
aff51935 2008 [ #include <sys/time.h> ],
2009 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2010 [ ac_cv_have_struct_timeval="yes" ],
2011 [ ac_cv_have_struct_timeval="no" ]
2012 )
2013])
2014if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
2015 AC_DEFINE(HAVE_STRUCT_TIMEVAL)
2016 have_struct_timeval=1
2017fi
2018
5271b55c 2019AC_CHECK_TYPES(struct timespec)
2020
85abc74b 2021# We need int64_t or else certian parts of the compile will fail.
2c523de9 2022if test "x$ac_cv_have_int64_t" = "xno" -a \
2023 "x$ac_cv_sizeof_long_int" != "x8" -a \
2024 "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2025 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2026 echo "an alternative compiler (I.E., GCC) before continuing."
2027 echo ""
2028 exit 1;
733cf7f4 2029else
2030dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2031 AC_RUN_IFELSE(
479cece8 2032 [AC_LANG_SOURCE([[
733cf7f4 2033#include <stdio.h>
2034#include <string.h>
2035#ifdef HAVE_SNPRINTF
2036main()
2037{
2038 char buf[50];
2039 char expected_out[50];
2040 int mazsize = 50 ;
2041#if (SIZEOF_LONG_INT == 8)
2042 long int num = 0x7fffffffffffffff;
2043#else
763a1a18 2044 long long num = 0x7fffffffffffffffll;
733cf7f4 2045#endif
2046 strcpy(expected_out, "9223372036854775807");
2047 snprintf(buf, mazsize, "%lld", num);
2048 if(strcmp(buf, expected_out) != 0)
aff51935 2049 exit(1);
733cf7f4 2050 exit(0);
2051}
2052#else
2053main() { exit(0); }
2054#endif
479cece8 2055 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2056 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2057 )
2c523de9 2058fi
2059
77bb0bca 2060dnl Checks for structure members
58d100bf 2061OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2062OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2063OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2064OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2065OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2066OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2067OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2068OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2069OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2070OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2071OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2072OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2073OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2074OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2075OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2076OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2077OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2078
2079AC_CHECK_MEMBERS([struct stat.st_blksize])
1d7b9b20 2080
58d100bf 2081AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2082 ac_cv_have_ss_family_in_struct_ss, [
2083 AC_TRY_COMPILE(
2084 [
18ba2aab 2085#include <sys/types.h>
2086#include <sys/socket.h>
58d100bf 2087 ],
2088 [ struct sockaddr_storage s; s.ss_family = 1; ],
2089 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2090 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2091 )
2092])
2093if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
2094 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
2095fi
2096
58d100bf 2097AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2098 ac_cv_have___ss_family_in_struct_ss, [
2099 AC_TRY_COMPILE(
2100 [
18ba2aab 2101#include <sys/types.h>
2102#include <sys/socket.h>
58d100bf 2103 ],
2104 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2105 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2106 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2107 )
2108])
2109if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
2110 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
2111fi
2112
2e73a022 2113AC_CACHE_CHECK([for pw_class field in struct passwd],
2114 ac_cv_have_pw_class_in_struct_passwd, [
2115 AC_TRY_COMPILE(
2116 [
2e73a022 2117#include <pwd.h>
2118 ],
97994d32 2119 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2120 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2121 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2122 )
2123])
2124if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
2125 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
2126fi
2127
7751d4eb 2128AC_CACHE_CHECK([for pw_expire field in struct passwd],
2129 ac_cv_have_pw_expire_in_struct_passwd, [
2130 AC_TRY_COMPILE(
2131 [
2132#include <pwd.h>
2133 ],
2134 [ struct passwd p; p.pw_expire = 0; ],
2135 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2136 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2137 )
2138])
2139if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
2140 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD)
2141fi
2142
2143AC_CACHE_CHECK([for pw_change field in struct passwd],
2144 ac_cv_have_pw_change_in_struct_passwd, [
2145 AC_TRY_COMPILE(
2146 [
2147#include <pwd.h>
2148 ],
2149 [ struct passwd p; p.pw_change = 0; ],
2150 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2151 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2152 )
2153])
2154if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
2155 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD)
2156fi
58d100bf 2157
637f9177 2158dnl make sure we're using the real structure members and not defines
6f34652e 2159AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2160 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2161 AC_COMPILE_IFELSE(
6f34652e 2162 [
f95c8ce8 2163#include <sys/types.h>
6f34652e 2164#include <sys/socket.h>
2165#include <sys/uio.h>
637f9177 2166int main() {
2167#ifdef msg_accrights
1a01a50c 2168#error "msg_accrights is a macro"
637f9177 2169exit(1);
2170#endif
2171struct msghdr m;
2172m.msg_accrights = 0;
2173exit(0);
2174}
6f34652e 2175 ],
6f34652e 2176 [ ac_cv_have_accrights_in_msghdr="yes" ],
2177 [ ac_cv_have_accrights_in_msghdr="no" ]
2178 )
2179])
2180if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
2181 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR)
2182fi
2183
7176df4f 2184AC_CACHE_CHECK([for msg_control field in struct msghdr],
2185 ac_cv_have_control_in_msghdr, [
1a01a50c 2186 AC_COMPILE_IFELSE(
7176df4f 2187 [
f95c8ce8 2188#include <sys/types.h>
7176df4f 2189#include <sys/socket.h>
2190#include <sys/uio.h>
637f9177 2191int main() {
2192#ifdef msg_control
1a01a50c 2193#error "msg_control is a macro"
637f9177 2194exit(1);
2195#endif
2196struct msghdr m;
2197m.msg_control = 0;
2198exit(0);
2199}
7176df4f 2200 ],
7176df4f 2201 [ ac_cv_have_control_in_msghdr="yes" ],
2202 [ ac_cv_have_control_in_msghdr="no" ]
2203 )
2204])
2205if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
2206 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR)
2207fi
2208
58d100bf 2209AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2210 AC_TRY_LINK([],
2211 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2212 [ ac_cv_libc_defines___progname="yes" ],
2213 [ ac_cv_libc_defines___progname="no" ]
2214 )
2215])
2216if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
2217 AC_DEFINE(HAVE___PROGNAME)
2218fi
8946db53 2219
c921ee00 2220AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2221 AC_TRY_LINK([
2222#include <stdio.h>
aff51935 2223],
2224 [ printf("%s", __FUNCTION__); ],
c921ee00 2225 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2226 [ ac_cv_cc_implements___FUNCTION__="no" ]
2227 )
2228])
2229if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
2230 AC_DEFINE(HAVE___FUNCTION__)
2231fi
2232
2233AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2234 AC_TRY_LINK([
2235#include <stdio.h>
aff51935 2236],
2237 [ printf("%s", __func__); ],
c921ee00 2238 [ ac_cv_cc_implements___func__="yes" ],
2239 [ ac_cv_cc_implements___func__="no" ]
2240 )
2241])
2242if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
2243 AC_DEFINE(HAVE___func__)
2244fi
2245
1812a662 2246AC_CACHE_CHECK([whether getopt has optreset support],
2247 ac_cv_have_getopt_optreset, [
2248 AC_TRY_LINK(
2249 [
2250#include <getopt.h>
2251 ],
2252 [ extern int optreset; optreset = 0; ],
2253 [ ac_cv_have_getopt_optreset="yes" ],
2254 [ ac_cv_have_getopt_optreset="no" ]
2255 )
2256])
2257if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
2258 AC_DEFINE(HAVE_GETOPT_OPTRESET)
2259fi
a0391976 2260
819b676f 2261AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2262 AC_TRY_LINK([],
2263 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2264 [ ac_cv_libc_defines_sys_errlist="yes" ],
2265 [ ac_cv_libc_defines_sys_errlist="no" ]
2266 )
2267])
2268if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
2269 AC_DEFINE(HAVE_SYS_ERRLIST)
2270fi
2271
2272
416ed5a7 2273AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2274 AC_TRY_LINK([],
2275 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2276 [ ac_cv_libc_defines_sys_nerr="yes" ],
2277 [ ac_cv_libc_defines_sys_nerr="no" ]
2278 )
2279])
2280if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
2281 AC_DEFINE(HAVE_SYS_NERR)
2282fi
2283
aff51935 2284SCARD_MSG="no"
295c8801 2285# Check whether user wants sectok support
2286AC_ARG_WITH(sectok,
2287 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2288 [
2289 if test "x$withval" != "xno" ; then
2290 if test "x$withval" != "xyes" ; then
2291 CPPFLAGS="$CPPFLAGS -I${withval}"
2292 LDFLAGS="$LDFLAGS -L${withval}"
2293 if test ! -z "$need_dash_r" ; then
2294 LDFLAGS="$LDFLAGS -R${withval}"
2295 fi
2296 if test ! -z "$blibpath" ; then
2297 blibpath="$blibpath:${withval}"
2298 fi
2299 fi
2300 AC_CHECK_HEADERS(sectok.h)
2301 if test "$ac_cv_header_sectok_h" != yes; then
2302 AC_MSG_ERROR(Can't find sectok.h)
2303 fi
2304 AC_CHECK_LIB(sectok, sectok_open)
2305 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2306 AC_MSG_ERROR(Can't find libsectok)
2307 fi
2308 AC_DEFINE(SMARTCARD)
295c8801 2309 AC_DEFINE(USE_SECTOK)
aff51935 2310 SCARD_MSG="yes, using sectok"
295c8801 2311 fi
2312 ]
2313)
2314
2315# Check whether user wants OpenSC support
2316AC_ARG_WITH(opensc,
49ef62db 2317 AC_HELP_STRING([--with-opensc=PFX],
2318 [Enable smartcard support using OpenSC]),
2319 opensc_config_prefix="$withval", opensc_config_prefix="")
2320if test x$opensc_config_prefix != x ; then
2321 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
2322 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2323 if test "$OPENSC_CONFIG" != "no"; then
2324 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2325 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2326 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2327 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2328 AC_DEFINE(SMARTCARD)
2329 AC_DEFINE(USE_OPENSC)
aff51935 2330 SCARD_MSG="yes, using OpenSC"
49ef62db 2331 fi
2332fi
d0b19c95 2333
c31dc31c 2334# Check libraries needed by DNS fingerprint support
aff51935 2335AC_SEARCH_LIBS(getrrsetbyname, resolv,
c31dc31c 2336 [AC_DEFINE(HAVE_GETRRSETBYNAME)],
3e05e934 2337 [
c31dc31c 2338 # Needed by our getrrsetbyname()
2339 AC_SEARCH_LIBS(res_query, resolv)
2340 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2341 AC_MSG_CHECKING(if res_query will link)
2342 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2343 [AC_MSG_RESULT(no)
2344 saved_LIBS="$LIBS"
2345 LIBS="$LIBS -lresolv"
2346 AC_MSG_CHECKING(for res_query in -lresolv)
2347 AC_LINK_IFELSE([
2348#include <resolv.h>
2349int main()
2350{
2351 res_query (0, 0, 0, 0, 0);
2352 return 0;
2353}
2354 ],
2355 [LIBS="$LIBS -lresolv"
2356 AC_MSG_RESULT(yes)],
2357 [LIBS="$saved_LIBS"
2358 AC_MSG_RESULT(no)])
2359 ])
c31dc31c 2360 AC_CHECK_FUNCS(_getshort _getlong)
2361 AC_CHECK_MEMBER(HEADER.ad,
2362 [AC_DEFINE(HAVE_HEADER_AD)],,
2363 [#include <arpa/nameser.h>])
2364 ])
3e05e934 2365
12928e80 2366# Check whether user wants Kerberos 5 support
aff51935 2367KRB5_MSG="no"
12928e80 2368AC_ARG_WITH(kerberos5,
aff51935 2369 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 2370 [ if test "x$withval" != "xno" ; then
2371 if test "x$withval" = "xyes" ; then
2372 KRB5ROOT="/usr/local"
2373 else
2374 KRB5ROOT=${withval}
2375 fi
2376
2377 AC_DEFINE(KRB5)
2378 KRB5_MSG="yes"
2379
2380 AC_MSG_CHECKING(for krb5-config)
2381 if test -x $KRB5ROOT/bin/krb5-config ; then
2382 KRB5CONF=$KRB5ROOT/bin/krb5-config
2383 AC_MSG_RESULT($KRB5CONF)
2384
2385 AC_MSG_CHECKING(for gssapi support)
2386 if $KRB5CONF | grep gssapi >/dev/null ; then
2387 AC_MSG_RESULT(yes)
071970fb 2388 AC_DEFINE(GSSAPI)
2389 k5confopts=gssapi
aff51935 2390 else
5585c441 2391 AC_MSG_RESULT(no)
071970fb 2392 k5confopts=""
aff51935 2393 fi
071970fb 2394 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
2395 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 2396 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 2397 AC_MSG_CHECKING(whether we are using Heimdal)
2398 AC_TRY_COMPILE([ #include <krb5.h> ],
2399 [ char *tmp = heimdal_version; ],
2400 [ AC_MSG_RESULT(yes)
2401 AC_DEFINE(HEIMDAL) ],
2402 AC_MSG_RESULT(no)
2403 )
2404 else
2405 AC_MSG_RESULT(no)
12928e80 2406 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 2407 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 2408 AC_MSG_CHECKING(whether we are using Heimdal)
2409 AC_TRY_COMPILE([ #include <krb5.h> ],
2410 [ char *tmp = heimdal_version; ],
2411 [ AC_MSG_RESULT(yes)
2412 AC_DEFINE(HEIMDAL)
41707f74 2413 K5LIBS="-lkrb5 -ldes"
2414 K5LIBS="$K5LIBS -lcom_err -lasn1"
2415 AC_CHECK_LIB(roken, net_write,
2416 [K5LIBS="$K5LIBS -lroken"])
aff51935 2417 ],
2418 [ AC_MSG_RESULT(no)
2419 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
2420 ]
2421 )
4e00038c 2422 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 2423
749560dd 2424 AC_CHECK_LIB(gssapi,gss_init_sec_context,
2425 [ AC_DEFINE(GSSAPI)
2426 K5LIBS="-lgssapi $K5LIBS" ],
2427 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
2428 [ AC_DEFINE(GSSAPI)
aff51935 2429 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 2430 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
2431 $K5LIBS)
2432 ],
2433 $K5LIBS)
2434
2435 AC_CHECK_HEADER(gssapi.h, ,
2436 [ unset ac_cv_header_gssapi_h
aff51935 2437 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 2438 AC_CHECK_HEADERS(gssapi.h, ,
2439 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 2440 )
749560dd 2441 ]
2442 )
2443
2444 oldCPP="$CPPFLAGS"
2445 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
2446 AC_CHECK_HEADER(gssapi_krb5.h, ,
2447 [ CPPFLAGS="$oldCPP" ])
2448
aff51935 2449 fi
5585c441 2450 if test ! -z "$need_dash_r" ; then
2451 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
2452 fi
2453 if test ! -z "$blibpath" ; then
2454 blibpath="$blibpath:${KRB5ROOT}/lib"
2455 fi
071970fb 2456 fi
2457
2458 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
2459 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
2460 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
2461
2462 LIBS="$LIBS $K5LIBS"
2463 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
79753592 2464 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
071970fb 2465 ]
12928e80 2466)
b5b68128 2467
a0391976 2468# Looking for programs, paths and files
a0391976 2469
ecac8ee5 2470PRIVSEP_PATH=/var/empty
2471AC_ARG_WITH(privsep-path,
cda1ebcb 2472 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 2473 [
2474 if test "x$withval" != "$no" ; then
2475 PRIVSEP_PATH=$withval
2476 fi
2477 ]
2478)
2479AC_SUBST(PRIVSEP_PATH)
2480
a0391976 2481AC_ARG_WITH(xauth,
2482 [ --with-xauth=PATH Specify path to xauth program ],
2483 [
00937921 2484 if test "x$withval" != "xno" ; then
cbd7492e 2485 xauth_path=$withval
a0391976 2486 fi
2487 ],
2488 [
2bf42e4a 2489 TestPath="$PATH"
2490 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
2491 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
2492 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
2493 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
2494 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 2495 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 2496 xauth_path="/usr/openwin/bin/xauth"
2497 fi
2498 ]
2499)
2500
65a4b4af 2501STRIP_OPT=-s
2502AC_ARG_ENABLE(strip,
2503 [ --disable-strip Disable calling strip(1) on install],
2504 [
2505 if test "x$enableval" = "xno" ; then
2506 STRIP_OPT=
2507 fi
2508 ]
2509)
2510AC_SUBST(STRIP_OPT)
2511
b3ec54b4 2512if test -z "$xauth_path" ; then
2513 XAUTH_PATH="undefined"
2514 AC_SUBST(XAUTH_PATH)
2515else
a0391976 2516 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
b3ec54b4 2517 XAUTH_PATH=$xauth_path
2518 AC_SUBST(XAUTH_PATH)
a0391976 2519fi
a0391976 2520
2521# Check for mail directory (last resort if we cannot get it from headers)
2522if test ! -z "$MAIL" ; then
2523 maildir=`dirname $MAIL`
2524 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
2525fi
2526
479cece8 2527if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 2528 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
2529 disable_ptmx_check=yes
2530fi
a0391976 2531if test -z "$no_dev_ptmx" ; then
6e879cb4 2532 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 2533 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 2534 [
2535 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
2536 have_dev_ptmx=1
2537 ]
2538 )
2539 fi
3276571c 2540fi
1a01a50c 2541
479cece8 2542if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 2543 AC_CHECK_FILE("/dev/ptc",
2544 [
2545 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
2546 have_dev_ptc=1
2547 ]
2548 )
2549else
2550 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
2551fi
3276571c 2552
a0391976 2553# Options from here on. Some of these are preset by platform above
fdf6b7aa 2554AC_ARG_WITH(mantype,
5d97cfbf 2555 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 2556 [
5d97cfbf 2557 case "$withval" in
2558 man|cat|doc)
2559 MANTYPE=$withval
2560 ;;
2561 *)
2562 AC_MSG_ERROR(invalid man type: $withval)
2563 ;;
2564 esac
c54a6257 2565 ]
2566)
e0c4d3ac 2567if test -z "$MANTYPE"; then
2bf42e4a 2568 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
2569 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 2570 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
2571 MANTYPE=doc
2572 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
2573 MANTYPE=man
2574 else
2575 MANTYPE=cat
2576 fi
2577fi
c54a6257 2578AC_SUBST(MANTYPE)
e0c4d3ac 2579if test "$MANTYPE" = "doc"; then
2580 mansubdir=man;
2581else
2582 mansubdir=$MANTYPE;
2583fi
2584AC_SUBST(mansubdir)
0bc5b6fb 2585
a0391976 2586# Check whether to enable MD5 passwords
aff51935 2587MD5_MSG="no"
2ddcfdf3 2588AC_ARG_WITH(md5-passwords,
caf3bc51 2589 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 2590 [
bcf36c78 2591 if test "x$withval" != "xno" ; then
0bc5b6fb 2592 AC_DEFINE(HAVE_MD5_PASSWORDS)
aff51935 2593 MD5_MSG="yes"
0bc5b6fb 2594 fi
2595 ]
caf3bc51 2596)
2597
a0391976 2598# Whether to disable shadow password support
a7effaac 2599AC_ARG_WITH(shadow,
2600 [ --without-shadow Disable shadow password support],
2601 [
2602 if test "x$withval" = "xno" ; then
2603 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 2604 disable_shadow=yes
a7effaac 2605 fi
2606 ]
2607)
2608
4cb5ffa0 2609if test -z "$disable_shadow" ; then
2610 AC_MSG_CHECKING([if the systems has expire shadow information])
2611 AC_TRY_COMPILE(
2612 [
2613#include <sys/types.h>
2614#include <shadow.h>
2615 struct spwd sp;
2616 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
2617 [ sp_expire_available=yes ], []
2618 )
2619
2620 if test "x$sp_expire_available" = "xyes" ; then
2621 AC_MSG_RESULT(yes)
2622 AC_DEFINE(HAS_SHADOW_EXPIRE)
2623 else
2624 AC_MSG_RESULT(no)
2625 fi
2626fi
2627
a0391976 2628# Use ip address instead of hostname in $DISPLAY
44839801 2629if test ! -z "$IPADDR_IN_DISPLAY" ; then
2630 DISPLAY_HACK_MSG="yes"
2631 AC_DEFINE(IPADDR_IN_DISPLAY)
2632else
aff51935 2633 DISPLAY_HACK_MSG="no"
44839801 2634 AC_ARG_WITH(ipaddr-display,
2635 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
2636 [
2637 if test "x$withval" != "xno" ; then
2638 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 2639 DISPLAY_HACK_MSG="yes"
44839801 2640 fi
2641 ]
2642 )
2643fi
a7effaac 2644
95b99395 2645# check for /etc/default/login and use it if present.
daa41e62 2646AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 2647 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 2648 [ if test "x$enableval" = "xno"; then
2649 AC_MSG_NOTICE([/etc/default/login handling disabled])
2650 etc_default_login=no
2651 else
2652 etc_default_login=yes
2653 fi ],
2654 [ etc_default_login=yes ]
2655)
95b99395 2656
694d0cef 2657if test "x$etc_default_login" != "xno"; then
2658 AC_CHECK_FILE("/etc/default/login",
2659 [ external_path_file=/etc/default/login ])
479cece8 2660 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
2661 then
1a01a50c 2662 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
2663 elif test "x$external_path_file" = "x/etc/default/login"; then
2664 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
2665 fi
694d0cef 2666fi
95b99395 2667
8d184c09 2668dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
2669if test $ac_cv_func_login_getcapbool = "yes" -a \
2670 $ac_cv_header_login_cap_h = "yes" ; then
95b99395 2671 external_path_file=/etc/login.conf
8d184c09 2672fi
95b99395 2673
a0391976 2674# Whether to mess with the default path
aff51935 2675SERVER_PATH_MSG="(default)"
c43d69a9 2676AC_ARG_WITH(default-path,
75817f90 2677 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 2678 [
95b99395 2679 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 2680 AC_MSG_WARN([
2681--with-default-path=PATH has no effect on this system.
2682Edit /etc/login.conf instead.])
2683 elif test "x$withval" != "xno" ; then
89bbd457 2684 if test ! -z "$external_path_file" ; then
95b99395 2685 AC_MSG_WARN([
2686--with-default-path=PATH will only be used if PATH is not defined in
2687$external_path_file .])
2688 fi
b2d818e6 2689 user_path="$withval"
aff51935 2690 SERVER_PATH_MSG="$withval"
cb807f40 2691 fi
b2d818e6 2692 ],
95b99395 2693 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
2694 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 2695 else
89bbd457 2696 if test ! -z "$external_path_file" ; then
95b99395 2697 AC_MSG_WARN([
2698If PATH is defined in $external_path_file, ensure the path to scp is included,
2699otherwise scp will not work.])
2700 fi
2701 AC_TRY_RUN(
2702 [
b2d818e6 2703/* find out what STDPATH is */
2704#include <stdio.h>
b2d818e6 2705#ifdef HAVE_PATHS_H
2706# include <paths.h>
2707#endif
2708#ifndef _PATH_STDPATH
d9a4e55b 2709# ifdef _PATH_USERPATH /* Irix */
2710# define _PATH_STDPATH _PATH_USERPATH
2711# else
2712# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
2713# endif
b2d818e6 2714#endif
2715#include <sys/types.h>
2716#include <sys/stat.h>
2717#include <fcntl.h>
2718#define DATA "conftest.stdpath"
2719
2720main()
2721{
2722 FILE *fd;
2723 int rc;
2724
2725 fd = fopen(DATA,"w");
2726 if(fd == NULL)
2727 exit(1);
2728
2729 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
2730 exit(1);
2731
2732 exit(0);
2733}
2734 ], [ user_path=`cat conftest.stdpath` ],
2735 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
2736 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
2737 )
2738# make sure $bindir is in USER_PATH so scp will work
2739 t_bindir=`eval echo ${bindir}`
2740 case $t_bindir in
2741 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
2742 esac
2743 case $t_bindir in
2744 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
2745 esac
2746 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
2747 if test $? -ne 0 ; then
2748 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
2749 if test $? -ne 0 ; then
2750 user_path=$user_path:$t_bindir
2751 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
2752 fi
2753 fi
8d184c09 2754 fi ]
cb807f40 2755)
95b99395 2756if test "x$external_path_file" != "x/etc/login.conf" ; then
8d184c09 2757 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
2758 AC_SUBST(user_path)
2759fi
cb807f40 2760
06617857 2761# Set superuser path separately to user path
06617857 2762AC_ARG_WITH(superuser-path,
2763 [ --with-superuser-path= Specify different path for super-user],
2764 [
2765 if test "x$withval" != "xno" ; then
2766 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
2767 superuser_path=$withval
2768 fi
2769 ]
2770)
2771
2772
58d100bf 2773AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 2774IPV4_IN6_HACK_MSG="no"
80faa19f 2775AC_ARG_WITH(4in6,
2776 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
2777 [
2778 if test "x$withval" != "xno" ; then
2779 AC_MSG_RESULT(yes)
2780 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2781 IPV4_IN6_HACK_MSG="yes"
80faa19f 2782 else
2783 AC_MSG_RESULT(no)
2784 fi
2785 ],[
2786 if test "x$inet6_default_4in6" = "xyes"; then
2787 AC_MSG_RESULT([yes (default)])
2788 AC_DEFINE(IPV4_IN_IPV6)
aff51935 2789 IPV4_IN6_HACK_MSG="yes"
80faa19f 2790 else
2791 AC_MSG_RESULT([no (default)])
2792 fi
2793 ]
2794)
2795
af774732 2796# Whether to enable BSD auth support
f1b0ecc3 2797BSD_AUTH_MSG=no
af774732 2798AC_ARG_WITH(bsd-auth,
2799 [ --with-bsd-auth Enable BSD auth support],
2800 [
2801 if test "x$withval" != "xno" ; then
2802 AC_DEFINE(BSD_AUTH)
f1b0ecc3 2803 BSD_AUTH_MSG=yes
af774732 2804 fi
2805 ]
2806)
2807
a0391976 2808# Where to place sshd.pid
19d9ac2a 2809piddir=/var/run
81dadca3 2810# make sure the directory exists
2811if test ! -d $piddir ; then
2812 piddir=`eval echo ${sysconfdir}`
2813 case $piddir in
aff51935 2814 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 2815 esac
2816fi
2817
47e45e44 2818AC_ARG_WITH(pid-dir,
2819 [ --with-pid-dir=PATH Specify location of ssh.pid file],
2820 [
2821 if test "x$withval" != "xno" ; then
19d9ac2a 2822 piddir=$withval
81dadca3 2823 if test ! -d $piddir ; then
2824 AC_MSG_WARN([** no $piddir directory on this system **])
2825 fi
47e45e44 2826 fi
2827 ]
2828)
b7a87eea 2829
42f11eb2 2830AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir")
19d9ac2a 2831AC_SUBST(piddir)
47e45e44 2832
1d7b9b20 2833dnl allow user to disable some login recording features
2834AC_ARG_ENABLE(lastlog,
bfd550a2 2835 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 2836 [
2837 if test "x$enableval" = "xno" ; then
2838 AC_DEFINE(DISABLE_LASTLOG)
2839 fi
2840 ]
1d7b9b20 2841)
2842AC_ARG_ENABLE(utmp,
bfd550a2 2843 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 2844 [
2845 if test "x$enableval" = "xno" ; then
2846 AC_DEFINE(DISABLE_UTMP)
2847 fi
2848 ]
1d7b9b20 2849)
2850AC_ARG_ENABLE(utmpx,
bfd550a2 2851 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 2852 [
2853 if test "x$enableval" = "xno" ; then
2854 AC_DEFINE(DISABLE_UTMPX)
2855 fi
2856 ]
1d7b9b20 2857)
2858AC_ARG_ENABLE(wtmp,
bfd550a2 2859 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 2860 [
2861 if test "x$enableval" = "xno" ; then
2862 AC_DEFINE(DISABLE_WTMP)
2863 fi
2864 ]
1d7b9b20 2865)
2866AC_ARG_ENABLE(wtmpx,
bfd550a2 2867 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 2868 [
2869 if test "x$enableval" = "xno" ; then
2870 AC_DEFINE(DISABLE_WTMPX)
2871 fi
2872 ]
1d7b9b20 2873)
2874AC_ARG_ENABLE(libutil,
bfd550a2 2875 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 2876 [
2877 if test "x$enableval" = "xno" ; then
2878 AC_DEFINE(DISABLE_LOGIN)
2879 fi
2880 ]
1d7b9b20 2881)
2882AC_ARG_ENABLE(pututline,
bfd550a2 2883 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 2884 [
2885 if test "x$enableval" = "xno" ; then
aff51935 2886 AC_DEFINE(DISABLE_PUTUTLINE)
ddb154b3 2887 fi
2888 ]
1d7b9b20 2889)
2890AC_ARG_ENABLE(pututxline,
bfd550a2 2891 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 2892 [
2893 if test "x$enableval" = "xno" ; then
2894 AC_DEFINE(DISABLE_PUTUTXLINE)
2895 fi
2896 ]
1d7b9b20 2897)
2898AC_ARG_WITH(lastlog,
bfd550a2 2899 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 2900 [
2901 if test "x$withval" = "xno" ; then
2902 AC_DEFINE(DISABLE_LASTLOG)
2903 else
2904 conf_lastlog_location=$withval
2905 fi
2906 ]
2907)
1d7b9b20 2908
2909dnl lastlog, [uw]tmpx? detection
2910dnl NOTE: set the paths in the platform section to avoid the
2911dnl need for command-line parameters
2912dnl lastlog and [uw]tmp are subject to a file search if all else fails
2913
2914dnl lastlog detection
2915dnl NOTE: the code itself will detect if lastlog is a directory
2916AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
2917AC_TRY_COMPILE([
2918#include <sys/types.h>
2919#include <utmp.h>
2920#ifdef HAVE_LASTLOG_H
2921# include <lastlog.h>
2922#endif
d7c0f3d5 2923#ifdef HAVE_PATHS_H
1d7b9b20 2924# include <paths.h>
41cb4569 2925#endif
2926#ifdef HAVE_LOGIN_H
2927# include <login.h>
1d7b9b20 2928#endif
2929 ],
2930 [ char *lastlog = LASTLOG_FILE; ],
2931 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 2932 [
2933 AC_MSG_RESULT(no)
2934 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
2935 AC_TRY_COMPILE([
2936#include <sys/types.h>
2937#include <utmp.h>
2938#ifdef HAVE_LASTLOG_H
2939# include <lastlog.h>
2940#endif
2941#ifdef HAVE_PATHS_H
2942# include <paths.h>
2943#endif
2944 ],
2945 [ char *lastlog = _PATH_LASTLOG; ],
2946 [ AC_MSG_RESULT(yes) ],
2947 [
f282b668 2948 AC_MSG_RESULT(no)
d7c0f3d5 2949 system_lastlog_path=no
2950 ])
2951 ]
1d7b9b20 2952)
d7c0f3d5 2953
1d7b9b20 2954if test -z "$conf_lastlog_location"; then
2955 if test x"$system_lastlog_path" = x"no" ; then
2956 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 2957 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 2958 conf_lastlog_location=$f
2959 fi
2960 done
2961 if test -z "$conf_lastlog_location"; then
f8119cef 2962 AC_MSG_WARN([** Cannot find lastlog **])
2963 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 2964 fi
2965 fi
2966fi
2967
2968if test -n "$conf_lastlog_location"; then
2969 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
2970fi
2971
2972dnl utmp detection
2973AC_MSG_CHECKING([if your system defines UTMP_FILE])
2974AC_TRY_COMPILE([
2975#include <sys/types.h>
2976#include <utmp.h>
d7c0f3d5 2977#ifdef HAVE_PATHS_H
1d7b9b20 2978# include <paths.h>
2979#endif
2980 ],
2981 [ char *utmp = UTMP_FILE; ],
2982 [ AC_MSG_RESULT(yes) ],
2983 [ AC_MSG_RESULT(no)
2984 system_utmp_path=no ]
2985)
2986if test -z "$conf_utmp_location"; then
2987 if test x"$system_utmp_path" = x"no" ; then
2988 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
2989 if test -f $f ; then
2990 conf_utmp_location=$f
2991 fi
2992 done
2993 if test -z "$conf_utmp_location"; then
2994 AC_DEFINE(DISABLE_UTMP)
2995 fi
2996 fi
2997fi
2998if test -n "$conf_utmp_location"; then
2999 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
3000fi
3001
3002dnl wtmp detection
3003AC_MSG_CHECKING([if your system defines WTMP_FILE])
3004AC_TRY_COMPILE([
3005#include <sys/types.h>
3006#include <utmp.h>
d7c0f3d5 3007#ifdef HAVE_PATHS_H
1d7b9b20 3008# include <paths.h>
3009#endif
3010 ],
3011 [ char *wtmp = WTMP_FILE; ],
3012 [ AC_MSG_RESULT(yes) ],
3013 [ AC_MSG_RESULT(no)
3014 system_wtmp_path=no ]
3015)
3016if test -z "$conf_wtmp_location"; then
3017 if test x"$system_wtmp_path" = x"no" ; then
3018 for f in /usr/adm/wtmp /var/log/wtmp; do
3019 if test -f $f ; then
3020 conf_wtmp_location=$f
3021 fi
3022 done
3023 if test -z "$conf_wtmp_location"; then
3024 AC_DEFINE(DISABLE_WTMP)
3025 fi
3026 fi
3027fi
3028if test -n "$conf_wtmp_location"; then
3029 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
3030fi
3031
3032
3033dnl utmpx detection - I don't know any system so perverse as to require
3034dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3035dnl there, though.
3036AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3037AC_TRY_COMPILE([
3038#include <sys/types.h>
3039#include <utmp.h>
3040#ifdef HAVE_UTMPX_H
3041#include <utmpx.h>
3042#endif
d7c0f3d5 3043#ifdef HAVE_PATHS_H
1d7b9b20 3044# include <paths.h>
3045#endif
3046 ],
3047 [ char *utmpx = UTMPX_FILE; ],
3048 [ AC_MSG_RESULT(yes) ],
3049 [ AC_MSG_RESULT(no)
3050 system_utmpx_path=no ]
3051)
3052if test -z "$conf_utmpx_location"; then
3053 if test x"$system_utmpx_path" = x"no" ; then
3054 AC_DEFINE(DISABLE_UTMPX)
3055 fi
3056else
3057 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
3058fi
3059
3060dnl wtmpx detection
3061AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3062AC_TRY_COMPILE([
3063#include <sys/types.h>
3064#include <utmp.h>
3065#ifdef HAVE_UTMPX_H
3066#include <utmpx.h>
3067#endif
d7c0f3d5 3068#ifdef HAVE_PATHS_H
1d7b9b20 3069# include <paths.h>
3070#endif
3071 ],
3072 [ char *wtmpx = WTMPX_FILE; ],
3073 [ AC_MSG_RESULT(yes) ],
3074 [ AC_MSG_RESULT(no)
3075 system_wtmpx_path=no ]
3076)
3077if test -z "$conf_wtmpx_location"; then
3078 if test x"$system_wtmpx_path" = x"no" ; then
3079 AC_DEFINE(DISABLE_WTMPX)
3080 fi
3081else
3082 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
3083fi
3084
b7a87eea 3085
bd499f9e 3086if test ! -z "$blibpath" ; then
68ece370 3087 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3088 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3089fi
3090
ddceb1c8 3091dnl remove pam and dl because they are in $LIBPAM
3092if test "$PAM_MSG" = yes ; then
98f2d9d5 3093 LIBS=`echo $LIBS | sed 's/-lpam //'`
3094fi
3095if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3096 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3097fi
3098
3c62e7eb 3099AC_EXEEXT
d7cfdd7c 3100AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3101 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3102AC_OUTPUT
d3083fbd 3103
cbd7492e 3104# Print summary of options
3105
cbd7492e 3106# Someone please show me a better way :)
3107A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3108B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3109C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3110D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3111E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3112F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3113G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3114H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3115I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3116J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3117
3118echo ""
26de7942 3119echo "OpenSSH has been configured with the following options:"
ecac8ee5 3120echo " User binaries: $B"
3121echo " System binaries: $C"
3122echo " Configuration files: $D"
3123echo " Askpass program: $E"
3124echo " Manual pages: $F"
3125echo " PID file: $G"
3126echo " Privilege separation chroot path: $H"
95b99395 3127if test "x$external_path_file" = "x/etc/login.conf" ; then
3128echo " At runtime, sshd will use the path defined in $external_path_file"
3129echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3130else
ecac8ee5 3131echo " sshd default user PATH: $I"
89bbd457 3132 if test ! -z "$external_path_file"; then
95b99395 3133echo " (If PATH is set in $external_path_file it will be used instead. If"
3134echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3135 fi
8d184c09 3136fi
06617857 3137if test ! -z "$superuser_path" ; then
ecac8ee5 3138echo " sshd superuser user PATH: $J"
3139fi
3140echo " Manpage format: $MANTYPE"
3e05e934 3141echo " PAM support: $PAM_MSG"
ecac8ee5 3142echo " KerberosV support: $KRB5_MSG"
3143echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3144echo " S/KEY support: $SKEY_MSG"
3145echo " TCP Wrappers support: $TCPW_MSG"
3146echo " MD5 password support: $MD5_MSG"
59031773 3147echo " libedit support: $LIBEDIT_MSG"
3deb1408 3148echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3149echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3150echo " BSD Auth support: $BSD_AUTH_MSG"
3151echo " Random number source: $RAND_MSG"
f1b0ecc3 3152if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3153echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3154fi
3155
cbd7492e 3156echo ""
3157
0c2fb82f 3158echo " Host: ${host}"
3159echo " Compiler: ${CC}"
3160echo " Compiler flags: ${CFLAGS}"
3161echo "Preprocessor flags: ${CPPFLAGS}"
3162echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3163echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3164
3165echo ""
3166
9cefe228 3167if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3168 echo "SVR4 style packages are supported with \"make package\""
3169 echo ""
9cefe228 3170fi
3171
adeebd37 3172if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3173 echo "PAM is enabled. You may need to install a PAM control file "
3174 echo "for sshd, otherwise password authentication may fail. "
aff51935 3175 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3176 echo "subdirectory"
adeebd37 3177 echo ""
3178fi
3179
f1b0ecc3 3180if test ! -z "$RAND_HELPER_CMDHASH" ; then
3181 echo "WARNING: you are using the builtin random number collection "
3182 echo "service. Please read WARNING.RNG and request that your OS "
3183 echo "vendor includes kernel-based random number collection in "
3184 echo "future versions of your OS."
2c523de9 3185 echo ""
3186fi
af774732 3187
2f6f9cff 3188if test ! -z "$NO_PEERCHECK" ; then
3189 echo "WARNING: the operating system that you are using does not "
3190 echo "appear to support either the getpeereid() API nor the "
3191 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3192 echo "enforce security checks to prevent unauthorised connections to "
3193 echo "ssh-agent. Their absence increases the risk that a malicious "
3194 echo "user can connect to your agent. "
3195 echo ""
3196fi
3197
git-cvsimport mirror of OpenSSH
This page took 2.54063 seconds and 5 git commands to generate.