]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because we
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
0b9fdeb8 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
5fdabf45 106 esac
8a3ff1aa 107
dfafb2e1 108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
d423d822 119fi
120
0b9fdeb8 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
e6354014 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
82f4e93d 128 if test "x$withval" = "xno" ; then
e6354014 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
aa56f760 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
6d39a5c4 208 poll.h \
aa56f760 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
226 sys/prctl.h \
227 sys/pstat.h \
228 sys/select.h \
229 sys/stat.h \
230 sys/stream.h \
231 sys/stropts.h \
232 sys/strtio.h \
233 sys/sysmacros.h \
234 sys/time.h \
235 sys/timers.h \
236 sys/un.h \
237 time.h \
238 tmpdir.h \
239 ttyent.h \
40701614 240 ucred.h \
aa56f760 241 unistd.h \
242 usersec.h \
243 util.h \
244 utime.h \
245 utmp.h \
246 utmpx.h \
247 vis.h \
248)
249
250# lastlog.h requires sys/time.h to be included first on Solaris
251AC_CHECK_HEADERS(lastlog.h, [], [], [
252#ifdef HAVE_SYS_TIME_H
253# include <sys/time.h>
254#endif
255])
256
257# sys/ptms.h requires sys/stream.h to be included first on Solaris
258AC_CHECK_HEADERS(sys/ptms.h, [], [], [
259#ifdef HAVE_SYS_STREAM_H
260# include <sys/stream.h>
261#endif
262])
263
264# login_cap.h requires sys/types.h on NetBSD
265AC_CHECK_HEADERS(login_cap.h, [], [], [
266#include <sys/types.h>
267])
268
5b84789f 269# Messages for features tested for in target-specific section
270SIA_MSG="no"
271SPC_MSG="no"
272
a0391976 273# Check for some target-specific stuff
a7effaac 274case "$host" in
9d6b1b96 275*-*-aix*)
25a2779b 276 # Some versions of VAC won't allow macro redefinitions at
277 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
278 # particularly with older versions of vac or xlc.
279 # It also throws errors about null macro argments, but these are
280 # not fatal.
281 AC_MSG_CHECKING(if compiler allows macro redefinitions)
282 AC_COMPILE_IFELSE(
283 [AC_LANG_SOURCE([[
284#define testmacro foo
285#define testmacro bar
286int main(void) { exit(0); }
287 ]])],
288 [ AC_MSG_RESULT(yes) ],
289 [ AC_MSG_RESULT(no)
290 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
291 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
292 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
293 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 ]
295 )
296
aff51935 297 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 298 if (test -z "$blibpath"); then
0a15d73b 299 blibpath="/usr/lib:/lib"
68ece370 300 fi
301 saved_LDFLAGS="$LDFLAGS"
e7479666 302 if test "$GCC" = "yes"; then
303 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
304 else
305 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
306 fi
307 for tryflags in $flags ;do
68ece370 308 if (test -z "$blibflags"); then
309 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
310 AC_TRY_LINK([], [], [blibflags=$tryflags])
311 fi
312 done
313 if (test -z "$blibflags"); then
314 AC_MSG_RESULT(not found)
315 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
316 else
317 AC_MSG_RESULT($blibflags)
bd499f9e 318 fi
68ece370 319 LDFLAGS="$saved_LDFLAGS"
e351e493 320 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 321 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
322 [Define if you want to enable AIX4's authenticate function])],
0764e748 323 [AC_CHECK_LIB(s,authenticate,
e351e493 324 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 325 LIBS="$LIBS -ls"
326 ])
327 ])
ba603e06 328 dnl Check for various auth function declarations in headers.
c85ed8e2 329 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 330 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 331 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 332 AC_CHECK_DECLS(loginfailed,
e351e493 333 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
334 AC_TRY_COMPILE(
f58c0e01 335 [#include <usersec.h>],
e351e493 336 [(void)loginfailed("user","host","tty",0);],
337 [AC_MSG_RESULT(yes)
3466e002 338 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
339 [Define if your AIX loginfailed() function
340 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 341 [AC_MSG_RESULT(no)]
e351e493 342 )],
343 [],
344 [#include <usersec.h>]
345 )
2aa3a16c 346 AC_CHECK_FUNCS(setauthdb)
53c337ed 347 AC_CHECK_DECL(F_CLOSEM,
795e7517 348 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 349 [],
350 [ #include <limits.h>
351 #include <fcntl.h> ]
352 )
5ccf88cb 353 check_for_aix_broken_getaddrinfo=1
3466e002 354 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
355 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
356 [Define if your platform breaks doing a seteuid before a setuid])
357 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
358 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 359 dnl AIX handles lastlog as part of its login message
3466e002 360 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
361 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
362 [Some systems need a utmpx entry for /bin/login to work])
363 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
364 [Define to a Set Process Title type if your system is
365 supported by bsd-setproctitle.c])
961c2997 366 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
367 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 368 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 369 ;;
3c62e7eb 370*-*-cygwin*)
a52997bd 371 check_for_libcrypt_later=1
04765d02 372 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 373 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
374 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
375 AC_DEFINE(DISABLE_SHADOW, 1,
376 [Define if you want to disable shadow passwords])
377 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
378 [Define if your system choked on IP TOS setting])
379 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
380 [Define if X11 doesn't support AF_UNIX sockets on that system])
381 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
382 [Define if the concept of ports only accessible to
383 superusers isn't known])
384 AC_DEFINE(DISABLE_FD_PASSING, 1,
385 [Define if your platform needs to skip post auth
386 file descriptor passing])
3c62e7eb 387 ;;
d6fdb079 388*-*-dgux*)
389 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 390 AC_DEFINE(SETEUID_BREAKS_SETUID)
391 AC_DEFINE(BROKEN_SETREUID)
392 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 393 ;;
39c98ef7 394*-*-darwin*)
33e2e066 395 AC_MSG_CHECKING(if we have working getaddrinfo)
396 AC_TRY_RUN([#include <mach-o/dyld.h>
397main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
398 exit(0);
399 else
400 exit(1);
401}], [AC_MSG_RESULT(working)],
402 [AC_MSG_RESULT(buggy)
3466e002 403 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 404 [AC_MSG_RESULT(assume it is working)])
635e0c42 405 AC_DEFINE(SETEUID_BREAKS_SETUID)
406 AC_DEFINE(BROKEN_SETREUID)
407 AC_DEFINE(BROKEN_SETREGID)
3466e002 408 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
409 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 410 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
411 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
412 [Use tunnel device compatibility to OpenBSD])
413 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
414 [Prepend the address family to IP tunnel traffic])
39c98ef7 415 ;;
36f36ba3 416*-*-dragonfly*)
417 SSHDLIBS="$SSHDLIBS -lcrypt"
418 ;;
7d458c86 419*-*-hpux*)
420 # first we define all of the options common to all HP-UX releases
b8fea62d 421 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 422 IPADDR_IN_DISPLAY=yes
2b10f47a 423 AC_DEFINE(USE_PIPES)
3466e002 424 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
425 [Define if your login program cannot handle end of options ("--")])
a2572aa7 426 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 427 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
428 [String used in /etc/passwd to denote locked account])
3a2b2b44 429 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 430 MAIL="/var/mail/username"
f75ca46d 431 LIBS="$LIBS -lsec"
7d458c86 432 AC_CHECK_LIB(xnet, t_error, ,
433 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
434
435 # next, we define all of the options specific to major releases
436 case "$host" in
437 *-*-hpux10*)
438 if test -z "$GCC"; then
439 CFLAGS="$CFLAGS -Ae"
440 fi
441 ;;
442 *-*-hpux11*)
3466e002 443 AC_DEFINE(PAM_SUN_CODEBASE, 1,
444 [Define if you are using Solaris-derived PAM which
445 passes pam_messages to the conversation function
446 with an extra level of indirection])
447 AC_DEFINE(DISABLE_UTMP, 1,
448 [Define if you don't want to use utmp])
7d458c86 449 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
450 check_for_hpux_broken_getaddrinfo=1
451 check_for_conflicting_getspnam=1
452 ;;
453 esac
454
455 # lastly, we define options specific to minor releases
456 case "$host" in
457 *-*-hpux10.26)
3466e002 458 AC_DEFINE(HAVE_SECUREWARE, 1,
459 [Define if you have SecureWare-based
460 protected password database])
7d458c86 461 disable_ptmx_check=yes
462 LIBS="$LIBS -lsecpw"
463 ;;
464 esac
2b763e31 465 ;;
d94aa2ae 466*-*-irix5*)
6ac7829a 467 PATH="$PATH:/usr/etc"
3466e002 468 AC_DEFINE(BROKEN_INET_NTOA, 1,
469 [Define if you system's inet_ntoa is busted
470 (e.g. Irix gcc issue)])
cb433561 471 AC_DEFINE(SETEUID_BREAKS_SETUID)
472 AC_DEFINE(BROKEN_SETREUID)
473 AC_DEFINE(BROKEN_SETREGID)
3466e002 474 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
475 [Define if you shouldn't strip 'tty' from your
476 ttyname in [uw]tmp])
3e6e3da0 477 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 478 ;;
479*-*-irix6*)
6ac7829a 480 PATH="$PATH:/usr/etc"
3466e002 481 AC_DEFINE(WITH_IRIX_ARRAY, 1,
482 [Define if you have/want arrays
483 (cluster-wide session managment, not C arrays)])
484 AC_DEFINE(WITH_IRIX_PROJECT, 1,
485 [Define if you want IRIX project management])
486 AC_DEFINE(WITH_IRIX_AUDIT, 1,
487 [Define if you want IRIX audit trails])
488 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
489 [Define if you want IRIX kernel jobs])])
416ed5a7 490 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 491 AC_DEFINE(SETEUID_BREAKS_SETUID)
492 AC_DEFINE(BROKEN_SETREUID)
493 AC_DEFINE(BROKEN_SETREGID)
3466e002 494 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 495 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 496 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 497 ;;
5cdfe03f 498*-*-linux*)
499 no_dev_ptmx=1
717057b6 500 check_for_libcrypt_later=1
eacb954e 501 check_for_openpty_ctty_bug=1
3466e002 502 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
503 AC_DEFINE(PAM_TTY_KLUDGE, 1,
504 [Work around problematic Linux PAM modules handling of PAM_TTY])
505 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
506 [String used in /etc/passwd to denote locked account])
3a2b2b44 507 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 508 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
509 [Define to whatever link() returns for "not supported"
510 if it doesn't return EOPNOTSUPP.])
b6610e8f 511 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 512 AC_DEFINE(USE_BTMP)
80faa19f 513 inet6_default_4in6=yes
bf7c1e6c 514 case `uname -r` in
ad84c479 515 1.*|2.0.*)
3466e002 516 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
517 [Define if cmsg_type is not passed correctly])
bf7c1e6c 518 ;;
bf7c1e6c 519 esac
c40f09ca 520 # tun(4) forwarding compat code
d91775e1 521 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 522 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 523 AC_DEFINE(SSH_TUN_LINUX, 1,
524 [Open tunnel devices the Linux tun/tap way])
525 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
526 [Use tunnel device compatibility to OpenBSD])
527 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
528 [Prepend the address family to IP tunnel traffic])
529 fi
5cdfe03f 530 ;;
66d6c27e 531mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 532 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 533 SONY=1
66d6c27e 534 ;;
d468fc76 535*-*-netbsd*)
33e2e066 536 check_for_libcrypt_before=1
82f4e93d 537 if test "x$withval" != "xno" ; then
e6354014 538 need_dash_r=1
539 fi
0f6cb079 540 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
541 AC_CHECK_HEADER([net/if_tap.h], ,
542 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
543 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
544 [Prepend the address family to IP tunnel traffic])
d468fc76 545 ;;
86b416a7 546*-*-freebsd*)
547 check_for_libcrypt_later=1
988c5031 548 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 549 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
550 AC_CHECK_HEADER([net/if_tap.h], ,
551 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 552 ;;
8707b7eb 553*-*-bsdi*)
554 AC_DEFINE(SETEUID_BREAKS_SETUID)
555 AC_DEFINE(BROKEN_SETREUID)
556 AC_DEFINE(BROKEN_SETREGID)
557 ;;
729bfe59 558*-next-*)
729bfe59 559 conf_lastlog_location="/usr/adm/lastlog"
698d107e 560 conf_utmp_location=/etc/utmp
561 conf_wtmp_location=/usr/adm/wtmp
562 MAIL=/usr/spool/mail
3466e002 563 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 564 AC_DEFINE(BROKEN_REALPATH)
00937921 565 AC_DEFINE(USE_PIPES)
3466e002 566 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 567 ;;
5b7b5e23 568*-*-openbsd*)
569 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 570 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 571 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 572 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
573 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 574 ;;
9d6b1b96 575*-*-solaris*)
82f4e93d 576 if test "x$withval" != "xno" ; then
010e9d5b 577 need_dash_r=1
578 fi
adeebd37 579 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 580 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 581 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
582 [Some versions of /bin/login need the TERM supplied
583 on the commandline])
7f0a4ff1 584 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 585 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
586 [Define if pam_chauthtok wants real uid set
587 to the unpriv'ed user])
3e6e3da0 588 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 589 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 590 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
591 [Define if sshd somehow reacquires a controlling TTY
592 after setsid()])
795aa5f5 593 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
594 in case the name is longer than 8 chars])
95b99395 595 external_path_file=/etc/default/login
1d7b9b20 596 # hardwire lastlog location (can't detect it on some versions)
597 conf_lastlog_location="/var/adm/lastlog"
32c80420 598 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
599 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
600 if test "$sol2ver" -ge 8; then
601 AC_MSG_RESULT(yes)
602 AC_DEFINE(DISABLE_UTMP)
3466e002 603 AC_DEFINE(DISABLE_WTMP, 1,
604 [Define if you don't want to use wtmp])
32c80420 605 else
606 AC_MSG_RESULT(no)
607 fi
5b84789f 608 AC_ARG_WITH(solaris-contracts,
609 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
610 [
611 AC_CHECK_LIB(contract, ct_tmpl_activate,
612 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
613 [Define if you have Solaris process contracts])
614 SSHDLIBS="$SSHDLIBS -lcontract"
615 AC_SUBST(SSHDLIBS)
616 SPC_MSG="yes" ], )
617 ],
618 )
9d6b1b96 619 ;;
a423beaf 620*-*-sunos4*)
0c2fb82f 621 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 622 AC_CHECK_FUNCS(getpwanam)
adeebd37 623 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 624 conf_utmp_location=/etc/utmp
625 conf_wtmp_location=/var/adm/wtmp
626 conf_lastlog_location=/var/adm/lastlog
137d7b6c 627 AC_DEFINE(USE_PIPES)
a423beaf 628 ;;
6f68f28a 629*-ncr-sysv*)
98a7c37b 630 LIBS="$LIBS -lc89"
29525240 631 AC_DEFINE(USE_PIPES)
eabb99c6 632 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 633 AC_DEFINE(SETEUID_BREAKS_SETUID)
634 AC_DEFINE(BROKEN_SETREUID)
635 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 636 ;;
132dd316 637*-sni-sysv*)
c8c15bcb 638 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 639 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 640 # -lresolv needs to be at the end of LIBS or DNS lookups break
641 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 642 IPADDR_IN_DISPLAY=yes
643 AC_DEFINE(USE_PIPES)
132dd316 644 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 645 AC_DEFINE(SETEUID_BREAKS_SETUID)
646 AC_DEFINE(BROKEN_SETREUID)
647 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 648 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 649 external_path_file=/etc/default/login
c8c15bcb 650 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
651 # Attention: always take care to bind libsocket and libnsl before libc,
652 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 653 ;;
79a7ba96 654# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 655*-*-sysv4.2*)
ed6553e2 656 AC_DEFINE(USE_PIPES)
7ed101c0 657 AC_DEFINE(SETEUID_BREAKS_SETUID)
658 AC_DEFINE(BROKEN_SETREUID)
659 AC_DEFINE(BROKEN_SETREGID)
46f853b9 660 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 661 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 662 ;;
79a7ba96 663# UnixWare 7.x, OpenUNIX 8
77bb0bca 664*-*-sysv5*)
d7d2cc6e 665 check_for_libcrypt_later=1
666 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 667 AC_DEFINE(USE_PIPES)
7ed101c0 668 AC_DEFINE(SETEUID_BREAKS_SETUID)
669 AC_DEFINE(BROKEN_SETREUID)
670 AC_DEFINE(BROKEN_SETREGID)
3466e002 671 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 672 case "$host" in
673 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
674 TEST_SHELL=/u95/bin/sh
3466e002 675 AC_DEFINE(BROKEN_LIBIAF, 1,
676 [ia_uinfo routines not supported by OS yet])
5cc6ddad 677 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 678 ;;
e45da4d6 679 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
680 ;;
822015dd 681 esac
77bb0bca 682 ;;
9d6b1b96 683*-*-sysv*)
9d6b1b96 684 ;;
79a7ba96 685# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 686*-*-sco3.2v4*)
11cf4f1f 687 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 688 ;;
79a7ba96 689# SCO OpenServer 5.x
77bb0bca 690*-*-sco3.2v5*)
21710e39 691 if test -z "$GCC"; then
692 CFLAGS="$CFLAGS -belf"
693 fi
ed6553e2 694 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 695 no_dev_ptmx=1
ed6553e2 696 AC_DEFINE(USE_PIPES)
6e879cb4 697 AC_DEFINE(HAVE_SECUREWARE)
d287c664 698 AC_DEFINE(DISABLE_SHADOW)
94d8258b 699 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 700 AC_DEFINE(SETEUID_BREAKS_SETUID)
701 AC_DEFINE(BROKEN_SETREUID)
702 AC_DEFINE(BROKEN_SETREGID)
bcebad47 703 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 704 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 705 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 706 AC_CHECK_FUNCS(getluid setluid)
533875af 707 MANTYPE=man
a3245b92 708 TEST_SHELL=ksh
509b1f88 709 ;;
ccbb983c 710*-*-unicosmk*)
3466e002 711 AC_DEFINE(NO_SSH_LASTLOG, 1,
712 [Define if you don't want to use lastlog in session.c])
c1ad5966 713 AC_DEFINE(SETEUID_BREAKS_SETUID)
714 AC_DEFINE(BROKEN_SETREUID)
715 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 716 AC_DEFINE(USE_PIPES)
717 AC_DEFINE(DISABLE_FD_PASSING)
718 LDFLAGS="$LDFLAGS"
719 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
720 MANTYPE=cat
d262b7f2 721 ;;
7b9a8c6e 722*-*-unicosmp*)
c1ad5966 723 AC_DEFINE(SETEUID_BREAKS_SETUID)
724 AC_DEFINE(BROKEN_SETREUID)
725 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 726 AC_DEFINE(WITH_ABBREV_NO_TTY)
727 AC_DEFINE(USE_PIPES)
728 AC_DEFINE(DISABLE_FD_PASSING)
729 LDFLAGS="$LDFLAGS"
c1ad5966 730 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 731 MANTYPE=cat
732 ;;
ca5c7d6a 733*-*-unicos*)
c1ad5966 734 AC_DEFINE(SETEUID_BREAKS_SETUID)
735 AC_DEFINE(BROKEN_SETREUID)
736 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 737 AC_DEFINE(USE_PIPES)
94d8258b 738 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 739 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 740 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
741 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
742 MANTYPE=cat
a704dd54 743 ;;
4d33e531 744*-dec-osf*)
99c8ddac 745 AC_MSG_CHECKING(for Digital Unix SIA)
746 no_osfsia=""
747 AC_ARG_WITH(osfsia,
748 [ --with-osfsia Enable Digital Unix SIA],
749 [
750 if test "x$withval" = "xno" ; then
751 AC_MSG_RESULT(disabled)
752 no_osfsia=1
753 fi
754 ],
755 )
756 if test -z "$no_osfsia" ; then
4d33e531 757 if test -f /etc/sia/matrix.conf; then
758 AC_MSG_RESULT(yes)
3466e002 759 AC_DEFINE(HAVE_OSF_SIA, 1,
760 [Define if you have Digital Unix Security
761 Integration Architecture])
762 AC_DEFINE(DISABLE_LOGIN, 1,
763 [Define if you don't want to use your
764 system's login() call])
58d0df4e 765 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 766 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 767 SIA_MSG="yes"
4d33e531 768 else
769 AC_MSG_RESULT(no)
3466e002 770 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
771 [String used in /etc/passwd to denote locked account])
4d33e531 772 fi
773 fi
a6e67b60 774 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 775 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 776 AC_DEFINE(BROKEN_SETREUID)
777 AC_DEFINE(BROKEN_SETREGID)
4d33e531 778 ;;
41cb4569 779
9c54c067 780*-*-nto-qnx*)
41cb4569 781 AC_DEFINE(USE_PIPES)
782 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 783 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
784 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
785 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 786 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 787 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 788 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 789 case "$host" in
790 *-*-nto-qnx6*)
791 AC_DEFINE(DISABLE_FD_PASSING)
792 ;;
793 esac
41cb4569 794 ;;
35fc74ed 795
796*-*-ultrix*)
3466e002 797 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
798 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 799 AC_DEFINE(NEED_SETPGRP)
b5765e1d 800 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
801 ;;
157b6700 802
803*-*-lynxos)
804 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 805 AC_DEFINE(MISSING_HOWMANY)
157b6700 806 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
807 ;;
a7effaac 808esac
809
c5829391 810AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 811AC_RUN_IFELSE(
812 [AC_LANG_SOURCE([
c5829391 813#include <stdio.h>
814int main(){exit(0);}
479cece8 815 ])],
c5829391 816 [ AC_MSG_RESULT(yes) ],
817 [
818 AC_MSG_RESULT(no)
819 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 820 ],
821 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 822)
823
b04a9f8c 824dnl Checks for header files.
a0391976 825# Checks for libraries.
98a7c37b 826AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
827AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 828
446227d6 829dnl IRIX and Solaris 2.5.1 have dirname() in libgen
830AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
831 AC_CHECK_LIB(gen, dirname,[
832 AC_CACHE_CHECK([for broken dirname],
833 ac_cv_have_broken_dirname, [
834 save_LIBS="$LIBS"
835 LIBS="$LIBS -lgen"
b0e7249f 836 AC_RUN_IFELSE(
837 [AC_LANG_SOURCE([[
446227d6 838#include <libgen.h>
839#include <string.h>
840
841int main(int argc, char **argv) {
842 char *s, buf[32];
843
844 strncpy(buf,"/etc", 32);
845 s = dirname(buf);
846 if (!s || strncmp(s, "/", 32) != 0) {
847 exit(1);
848 } else {
849 exit(0);
850 }
851}
b0e7249f 852 ]])],
853 [ ac_cv_have_broken_dirname="no" ],
854 [ ac_cv_have_broken_dirname="yes" ],
446227d6 855 [ ac_cv_have_broken_dirname="no" ],
446227d6 856 )
857 LIBS="$save_LIBS"
858 ])
859 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
860 LIBS="$LIBS -lgen"
861 AC_DEFINE(HAVE_DIRNAME)
862 AC_CHECK_HEADERS(libgen.h)
863 fi
864 ])
865])
866
867AC_CHECK_FUNC(getspnam, ,
868 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 869AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
870 [Define if you have the basename function.]))
446227d6 871
98a7c37b 872dnl zlib is required
873AC_ARG_WITH(zlib,
874 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 875 [ if test "x$withval" = "xno" ; then
876 AC_MSG_ERROR([*** zlib is required ***])
877 elif test "x$withval" != "xyes"; then
98a7c37b 878 if test -d "$withval/lib"; then
879 if test -n "${need_dash_r}"; then
5a162955 880 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 881 else
5a162955 882 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 883 fi
884 else
885 if test -n "${need_dash_r}"; then
5a162955 886 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 887 else
5a162955 888 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 889 fi
890 fi
891 if test -d "$withval/include"; then
5a162955 892 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 893 else
5a162955 894 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 895 fi
6dd05556 896 fi ]
98a7c37b 897)
898
0a15d73b 899AC_CHECK_LIB(z, deflate, ,
900 [
901 saved_CPPFLAGS="$CPPFLAGS"
902 saved_LDFLAGS="$LDFLAGS"
903 save_LIBS="$LIBS"
904 dnl Check default zlib install dir
905 if test -n "${need_dash_r}"; then
906 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
907 else
908 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
909 fi
910 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
911 LIBS="$LIBS -lz"
912 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
913 [
914 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
915 ]
916 )
917 ]
918)
4ad65809 919AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 920
921AC_ARG_WITH(zlib-version-check,
922 [ --without-zlib-version-check Disable zlib version check],
923 [ if test "x$withval" = "xno" ; then
924 zlib_check_nonfatal=1
925 fi
926 ]
927)
928
5c7fc85d 929AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 930AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 931#include <stdio.h>
4ad65809 932#include <zlib.h>
933int main()
934{
5c7fc85d 935 int a=0, b=0, c=0, d=0, n, v;
936 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
937 if (n != 3 && n != 4)
4ad65809 938 exit(1);
5c7fc85d 939 v = a*1000000 + b*10000 + c*100 + d;
940 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
941
942 /* 1.1.4 is OK */
943 if (a == 1 && b == 1 && c >= 4)
4ad65809 944 exit(0);
5c7fc85d 945
0072b59d 946 /* 1.2.3 and up are OK */
947 if (v >= 1020300)
5c7fc85d 948 exit(0);
949
4ad65809 950 exit(2);
951}
479cece8 952 ]])],
5c7fc85d 953 AC_MSG_RESULT(no),
954 [ AC_MSG_RESULT(yes)
8068d564 955 if test -z "$zlib_check_nonfatal" ; then
956 AC_MSG_ERROR([*** zlib too old - check config.log ***
957Your reported zlib version has known security problems. It's possible your
958vendor has fixed these problems without changing the version number. If you
959are sure this is the case, you can disable the check by running
960"./configure --without-zlib-version-check".
6090bcfe 961If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 962See http://www.gzip.org/zlib/ for details.])
8068d564 963 else
964 AC_MSG_WARN([zlib version may have security problems])
965 fi
1a01a50c 966 ],
967 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 968)
48e7916f 969
2c523de9 970dnl UnixWare 2.x
aff51935 971AC_CHECK_FUNC(strcasecmp,
2c523de9 972 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
973)
23361281 974AC_CHECK_FUNCS(utimes,
cda1ebcb 975 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
976 LIBS="$LIBS -lc89"]) ]
2c523de9 977)
4cca272e 978
7c6d759d 979dnl Checks for libutil functions
980AC_CHECK_HEADERS(libutil.h)
3466e002 981AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
982 [Define if your libraries define login()])])
7c6d759d 983AC_CHECK_FUNCS(logout updwtmp logwtmp)
984
a738c3b0 985AC_FUNC_STRFTIME
986
84ceda19 987# Check for ALTDIRFUNC glob() extension
988AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
989AC_EGREP_CPP(FOUNDIT,
990 [
991 #include <glob.h>
992 #ifdef GLOB_ALTDIRFUNC
993 FOUNDIT
994 #endif
aff51935 995 ],
84ceda19 996 [
3466e002 997 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
998 [Define if your system glob() function has
999 the GLOB_ALTDIRFUNC extension])
84ceda19 1000 AC_MSG_RESULT(yes)
1001 ],
1002 [
1003 AC_MSG_RESULT(no)
1004 ]
1005)
4cca272e 1006
40849fdb 1007# Check for g.gl_matchc glob() extension
1008AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1009AC_TRY_COMPILE(
13ff27b7 1010 [ #include <glob.h> ],
1011 [glob_t g; g.gl_matchc = 1;],
aff51935 1012 [
3466e002 1013 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1014 [Define if your system glob() function has
1015 gl_matchc options in glob_t])
aff51935 1016 AC_MSG_RESULT(yes)
1017 ],
1018 [
1019 AC_MSG_RESULT(no)
1020 ]
40849fdb 1021)
1022
78888bab 1023AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1024
edbe6722 1025AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1026AC_RUN_IFELSE(
479cece8 1027 [AC_LANG_SOURCE([[
edbe6722 1028#include <sys/types.h>
1029#include <dirent.h>
aec4cb4f 1030int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1031 ]])],
aff51935 1032 [AC_MSG_RESULT(yes)],
edbe6722 1033 [
1034 AC_MSG_RESULT(no)
3466e002 1035 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1036 [Define if your struct dirent expects you to
3466e002 1037 allocate extra space for d_name])
1a01a50c 1038 ],
82f4e93d 1039 [
1a01a50c 1040 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1041 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1042 ]
1043)
1044
419e26e7 1045AC_MSG_CHECKING([for /proc/pid/fd directory])
1046if test -d "/proc/$$/fd" ; then
3466e002 1047 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1048 AC_MSG_RESULT(yes)
1049else
1050 AC_MSG_RESULT(no)
1051fi
1052
278588d8 1053# Check whether user wants S/Key support
aff51935 1054SKEY_MSG="no"
278588d8 1055AC_ARG_WITH(skey,
6ff3d0dc 1056 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1057 [
1058 if test "x$withval" != "xno" ; then
1059
1060 if test "x$withval" != "xyes" ; then
1061 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1062 LDFLAGS="$LDFLAGS -L${withval}/lib"
1063 fi
1064
3466e002 1065 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1066 LIBS="-lskey $LIBS"
aff51935 1067 SKEY_MSG="yes"
82f4e93d 1068
ddceb1c8 1069 AC_MSG_CHECKING([for s/key support])
b0e7249f 1070 AC_LINK_IFELSE(
1071 [AC_LANG_SOURCE([[
ddceb1c8 1072#include <stdio.h>
1073#include <skey.h>
aec4cb4f 1074int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1075 ]])],
ddceb1c8 1076 [AC_MSG_RESULT(yes)],
278588d8 1077 [
ddceb1c8 1078 AC_MSG_RESULT(no)
278588d8 1079 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1080 ])
141fc639 1081 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1082 AC_TRY_COMPILE(
1083 [#include <stdio.h>
1084 #include <skey.h>],
1085 [(void)skeychallenge(NULL,"name","",0);],
1086 [AC_MSG_RESULT(yes)
3466e002 1087 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1088 [Define if your skeychallenge()
1089 function takes 4 arguments (NetBSD)])],
141fc639 1090 [AC_MSG_RESULT(no)]
1091 )
278588d8 1092 fi
1093 ]
1094)
1095
1096# Check whether user wants TCP wrappers support
98a7c37b 1097TCPW_MSG="no"
278588d8 1098AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1099 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1100 [
1101 if test "x$withval" != "xno" ; then
1102 saved_LIBS="$LIBS"
98a7c37b 1103 saved_LDFLAGS="$LDFLAGS"
1104 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1105 if test -n "${withval}" && \
6cf0200f 1106 test "x${withval}" != "xyes"; then
98a7c37b 1107 if test -d "${withval}/lib"; then
1108 if test -n "${need_dash_r}"; then
5a162955 1109 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1110 else
5a162955 1111 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1112 fi
1113 else
1114 if test -n "${need_dash_r}"; then
5a162955 1115 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1116 else
5a162955 1117 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1118 fi
1119 fi
1120 if test -d "${withval}/include"; then
5a162955 1121 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1122 else
5a162955 1123 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1124 fi
98a7c37b 1125 fi
e54defb4 1126 LIBS="-lwrap $LIBS"
278588d8 1127 AC_MSG_CHECKING(for libwrap)
1128 AC_TRY_LINK(
1129 [
77f09220 1130#include <sys/types.h>
1131#include <sys/socket.h>
1132#include <netinet/in.h>
278588d8 1133#include <tcpd.h>
1134 int deny_severity = 0, allow_severity = 0;
1135 ],
1136 [hosts_access(0);],
1137 [
1138 AC_MSG_RESULT(yes)
3466e002 1139 AC_DEFINE(LIBWRAP, 1,
1140 [Define if you want
1141 TCP Wrappers support])
e54defb4 1142 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1143 TCPW_MSG="yes"
278588d8 1144 ],
1145 [
1146 AC_MSG_ERROR([*** libwrap missing])
1147 ]
1148 )
ddceb1c8 1149 LIBS="$saved_LIBS"
278588d8 1150 fi
1151 ]
1152)
1153
59031773 1154# Check whether user wants libedit support
1155LIBEDIT_MSG="no"
1156AC_ARG_WITH(libedit,
6ff3d0dc 1157 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1158 [ if test "x$withval" != "xno" ; then
737edf04 1159 if test "x$withval" != "xyes"; then
bb116c8e 1160 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1161 if test -n "${need_dash_r}"; then
1162 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1163 else
1164 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1165 fi
737edf04 1166 fi
59031773 1167 AC_CHECK_LIB(edit, el_init,
3466e002 1168 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1169 LIBEDIT="-ledit -lcurses"
1170 LIBEDIT_MSG="yes"
1171 AC_SUBST(LIBEDIT)
1172 ],
737edf04 1173 [ AC_MSG_ERROR(libedit not found) ],
1174 [ -lcurses ]
59031773 1175 )
f47ddccb 1176 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1177 AC_COMPILE_IFELSE(
1178 [AC_LANG_SOURCE([[
1179#include <histedit.h>
f47ddccb 1180int main(void)
1181{
1182 int i = H_SETSIZE;
1183 el_init("", NULL, NULL, NULL);
1184 exit(0);
1185}
d92622f9 1186 ]])],
f47ddccb 1187 [ AC_MSG_RESULT(yes) ],
1188 [ AC_MSG_RESULT(no)
1189 AC_MSG_ERROR(libedit version is not compatible) ]
1190 )
59031773 1191 fi ]
1192)
1193
7b578f7d 1194AUDIT_MODULE=none
1195AC_ARG_WITH(audit,
1196 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1197 [
1198 AC_MSG_CHECKING(for supported audit module)
1199 case "$withval" in
1200 bsm)
1201 AC_MSG_RESULT(bsm)
1202 AUDIT_MODULE=bsm
1203 dnl Checks for headers, libs and functions
1204 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1205 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1206 [
1207#ifdef HAVE_TIME_H
1208# include <time.h>
1209#endif
1210 ]
1211)
7b578f7d 1212 AC_CHECK_LIB(bsm, getaudit, [],
1213 [AC_MSG_ERROR(BSM enabled and required library not found)])
1214 AC_CHECK_FUNCS(getaudit, [],
1215 [AC_MSG_ERROR(BSM enabled and required function not found)])
1216 # These are optional
7939c496 1217 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1218 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1219 ;;
1220 debug)
1221 AUDIT_MODULE=debug
1222 AC_MSG_RESULT(debug)
3466e002 1223 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1224 ;;
a2b3321d 1225 no)
d92622f9 1226 AC_MSG_RESULT(no)
a2b3321d 1227 ;;
7b578f7d 1228 *)
1229 AC_MSG_ERROR([Unknown audit module $withval])
1230 ;;
1231 esac ]
1232)
1233
19160674 1234dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1235AC_CHECK_FUNCS( \
1236 arc4random \
9a406e1e 1237 asprintf \
b04a9f8c 1238 b64_ntop \
1239 __b64_ntop \
1240 b64_pton \
1241 __b64_pton \
1242 bcopy \
1243 bindresvport_sa \
1244 clock \
1245 closefrom \
1246 dirfd \
b04a9f8c 1247 fchmod \
1248 fchown \
1249 freeaddrinfo \
1250 futimes \
1251 getaddrinfo \
1252 getcwd \
1253 getgrouplist \
1254 getnameinfo \
1255 getopt \
1256 getpeereid \
1961d660 1257 getpeerucred \
b04a9f8c 1258 _getpty \
1259 getrlimit \
1260 getttyent \
1261 glob \
1262 inet_aton \
1263 inet_ntoa \
1264 inet_ntop \
1265 innetgr \
1266 login_getcapbool \
1267 md5_crypt \
1268 memmove \
1269 mkdtemp \
1270 mmap \
1271 ngetaddrinfo \
1272 nsleep \
1273 ogetaddrinfo \
1274 openlog_r \
1275 openpty \
6d39a5c4 1276 poll \
b04a9f8c 1277 prctl \
1278 pstat \
1279 readpassphrase \
1280 realpath \
1281 recvmsg \
1282 rresvport_af \
1283 sendmsg \
1284 setdtablesize \
1285 setegid \
1286 setenv \
1287 seteuid \
1288 setgroups \
1289 setlogin \
1290 setpcred \
1291 setproctitle \
1292 setregid \
1293 setreuid \
1294 setrlimit \
1295 setsid \
1296 setvbuf \
1297 sigaction \
1298 sigvec \
1299 snprintf \
1300 socketpair \
1301 strdup \
1302 strerror \
1303 strlcat \
1304 strlcpy \
1305 strmode \
1306 strnvis \
1307 strtonum \
1e29a0c8 1308 strtoll \
b04a9f8c 1309 strtoul \
1aac2117 1310 swap32 \
b04a9f8c 1311 sysconf \
1312 tcgetpgrp \
1313 truncate \
1314 unsetenv \
1315 updwtmpx \
9a406e1e 1316 vasprintf \
b04a9f8c 1317 vhangup \
1318 vsnprintf \
1319 waitpid \
19160674 1320)
98a7c37b 1321
1a086f97 1322# IRIX has a const char return value for gai_strerror()
1323AC_CHECK_FUNCS(gai_strerror,[
1324 AC_DEFINE(HAVE_GAI_STRERROR)
1325 AC_TRY_COMPILE([
1326#include <sys/types.h>
1327#include <sys/socket.h>
1328#include <netdb.h>
1329
1330const char *gai_strerror(int);],[
1331char *str;
1332
1333str = gai_strerror(0);],[
1334 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1335 [Define if gai_strerror() returns const char *])])])
1336
3466e002 1337AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1338 [Some systems put nanosleep outside of libc]))
92b1decf 1339
309709db 1340dnl Make sure prototypes are defined for these before using them.
309709db 1341AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1342AC_CHECK_DECL(strsep,
1343 [AC_CHECK_FUNCS(strsep)],
1344 [],
1345 [
1346#ifdef HAVE_STRING_H
1347# include <string.h>
1348#endif
1349 ])
08412d26 1350
3490699c 1351dnl tcsendbreak might be a macro
1352AC_CHECK_DECL(tcsendbreak,
1353 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1354 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1355 [#include <termios.h>]
1356)
1357
41e0e158 1358AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1359
71f4c727 1360AC_CHECK_DECLS(SHUT_RD, , ,
1361 [
1362#include <sys/types.h>
1363#include <sys/socket.h>
1364 ])
956d6743 1365
1366AC_CHECK_DECLS(O_NONBLOCK, , ,
1367 [
1368#include <sys/types.h>
1369#ifdef HAVE_SYS_STAT_H
1370# include <sys/stat.h>
1371#endif
1372#ifdef HAVE_FCNTL_H
1373# include <fcntl.h>
1374#endif
1375 ])
1376
752994dd 1377AC_CHECK_DECLS(writev, , , [
1378#include <sys/types.h>
1379#include <sys/uio.h>
1380#include <unistd.h>
1381 ])
1382
0bf6279d 1383AC_CHECK_DECLS(MAXSYMLINKS, , , [
1384#include <sys/param.h>
1385 ])
1386
b41ece30 1387AC_CHECK_DECLS(offsetof, , , [
1388#include <stddef.h>
1389 ])
1390
3f176010 1391AC_CHECK_FUNCS(setresuid, [
1392 dnl Some platorms have setresuid that isn't implemented, test for this
1393 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1394 AC_RUN_IFELSE(
1395 [AC_LANG_SOURCE([[
9a3fe0e2 1396#include <stdlib.h>
1397#include <errno.h>
1398int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1399 ]])],
3f176010 1400 [AC_MSG_RESULT(yes)],
3466e002 1401 [AC_DEFINE(BROKEN_SETRESUID, 1,
1402 [Define if your setresuid() is broken])
1a01a50c 1403 AC_MSG_RESULT(not implemented)],
1404 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1405 )
1406])
9a3fe0e2 1407
3f176010 1408AC_CHECK_FUNCS(setresgid, [
1409 dnl Some platorms have setresgid that isn't implemented, test for this
1410 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1411 AC_RUN_IFELSE(
1412 [AC_LANG_SOURCE([[
9a3fe0e2 1413#include <stdlib.h>
1414#include <errno.h>
1415int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1416 ]])],
3f176010 1417 [AC_MSG_RESULT(yes)],
3466e002 1418 [AC_DEFINE(BROKEN_SETRESGID, 1,
1419 [Define if your setresgid() is broken])
1a01a50c 1420 AC_MSG_RESULT(not implemented)],
1421 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1422 )
1423])
9a3fe0e2 1424
2e73a022 1425dnl Checks for time functions
1d7b9b20 1426AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1427dnl Checks for utmp functions
b03bd394 1428AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1429AC_CHECK_FUNCS(utmpname)
2e73a022 1430dnl Checks for utmpx functions
b03bd394 1431AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1432AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1433
aff51935 1434AC_CHECK_FUNC(daemon,
3466e002 1435 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1436 [AC_CHECK_LIB(bsd, daemon,
1437 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1438)
1439
aff51935 1440AC_CHECK_FUNC(getpagesize,
3466e002 1441 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1442 [Define if your libraries define getpagesize()])],
1443 [AC_CHECK_LIB(ucb, getpagesize,
1444 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1445)
1446
2647ae26 1447# Check for broken snprintf
1448if test "x$ac_cv_func_snprintf" = "xyes" ; then
1449 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1450 AC_RUN_IFELSE(
479cece8 1451 [AC_LANG_SOURCE([[
2647ae26 1452#include <stdio.h>
aec4cb4f 1453int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1454 ]])],
aff51935 1455 [AC_MSG_RESULT(yes)],
2647ae26 1456 [
1457 AC_MSG_RESULT(no)
3466e002 1458 AC_DEFINE(BROKEN_SNPRINTF, 1,
1459 [Define if your snprintf is busted])
2647ae26 1460 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1461 ],
1462 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1463 )
1464fi
1465
9a406e1e 1466# If we don't have a working asprintf, then we strongly depend on vsnprintf
1467# returning the right thing on overflow: the number of characters it tried to
1468# create (as per SUSv3)
1469if test "x$ac_cv_func_asprintf" != "xyes" && \
1470 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1471 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1472 AC_RUN_IFELSE(
1473 [AC_LANG_SOURCE([[
1474#include <sys/types.h>
1475#include <stdio.h>
1476#include <stdarg.h>
1477
1478int x_snprintf(char *str,size_t count,const char *fmt,...)
1479{
1480 size_t ret; va_list ap;
1481 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1482 return ret;
1483}
1484int main(void)
1485{
1486 char x[1];
1487 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1488} ]])],
1489 [AC_MSG_RESULT(yes)],
1490 [
1491 AC_MSG_RESULT(no)
1492 AC_DEFINE(BROKEN_SNPRINTF, 1,
1493 [Define if your snprintf is busted])
1494 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1495 ],
1496 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1497 )
1498fi
1499
31b0732a 1500# On systems where [v]snprintf is broken, but is declared in stdio,
1501# check that the fmt argument is const char * or just char *.
1502# This is only useful for when BROKEN_SNPRINTF
1503AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1504AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1505 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1506 int main(void) { snprintf(0, 0, 0); }
1507 ]])],
1508 [AC_MSG_RESULT(yes)
1509 AC_DEFINE(SNPRINTF_CONST, [const],
1510 [Define as const if snprintf() can declare const char *fmt])],
1511 [AC_MSG_RESULT(no)
1512 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1513
2f6f9cff 1514# Check for missing getpeereid (or equiv) support
1515NO_PEERCHECK=""
1961d660 1516if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1517 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1518 AC_TRY_COMPILE(
1519 [#include <sys/types.h>
1520 #include <sys/socket.h>],
1521 [int i = SO_PEERCRED;],
62eb7db4 1522 [ AC_MSG_RESULT(yes)
3466e002 1523 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1524 ],
2f6f9cff 1525 [AC_MSG_RESULT(no)
1526 NO_PEERCHECK=1]
1527 )
1528fi
1529
70e7d0b0 1530dnl see whether mkstemp() requires XXXXXX
1531if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1532AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1533AC_RUN_IFELSE(
1534 [AC_LANG_SOURCE([[
70e7d0b0 1535#include <stdlib.h>
1536main() { char template[]="conftest.mkstemp-test";
1537if (mkstemp(template) == -1)
1538 exit(1);
1539unlink(template); exit(0);
1540}
b0e7249f 1541 ]])],
70e7d0b0 1542 [
1543 AC_MSG_RESULT(no)
1544 ],
aff51935 1545 [
70e7d0b0 1546 AC_MSG_RESULT(yes)
3466e002 1547 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1548 ],
1549 [
1550 AC_MSG_RESULT(yes)
1551 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1552 ]
70e7d0b0 1553)
1554fi
1555
eacb954e 1556dnl make sure that openpty does not reacquire controlling terminal
1557if test ! -z "$check_for_openpty_ctty_bug"; then
1558 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1559 AC_RUN_IFELSE(
1560 [AC_LANG_SOURCE([[
eacb954e 1561#include <stdio.h>
1562#include <sys/fcntl.h>
1563#include <sys/types.h>
1564#include <sys/wait.h>
1565
1566int
1567main()
1568{
1569 pid_t pid;
1570 int fd, ptyfd, ttyfd, status;
1571
1572 pid = fork();
1573 if (pid < 0) { /* failed */
1574 exit(1);
1575 } else if (pid > 0) { /* parent */
1576 waitpid(pid, &status, 0);
aff51935 1577 if (WIFEXITED(status))
eacb954e 1578 exit(WEXITSTATUS(status));
1579 else
1580 exit(2);
1581 } else { /* child */
1582 close(0); close(1); close(2);
1583 setsid();
1584 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1585 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1586 if (fd >= 0)
1587 exit(3); /* Acquired ctty: broken */
1588 else
1589 exit(0); /* Did not acquire ctty: OK */
1590 }
1591}
b0e7249f 1592 ]])],
eacb954e 1593 [
1594 AC_MSG_RESULT(yes)
1595 ],
1596 [
1597 AC_MSG_RESULT(no)
1598 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1599 ],
1600 [
1601 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1602 ]
1603 )
1604fi
1605
4b492aab 1606if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1607 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1608 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1609 AC_RUN_IFELSE(
1610 [AC_LANG_SOURCE([[
2fe51906 1611#include <stdio.h>
1612#include <sys/socket.h>
1613#include <netdb.h>
1614#include <errno.h>
1615#include <netinet/in.h>
1616
1617#define TEST_PORT "2222"
1618
1619int
1620main(void)
1621{
1622 int err, sock;
1623 struct addrinfo *gai_ai, *ai, hints;
1624 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1625
1626 memset(&hints, 0, sizeof(hints));
1627 hints.ai_family = PF_UNSPEC;
1628 hints.ai_socktype = SOCK_STREAM;
1629 hints.ai_flags = AI_PASSIVE;
1630
1631 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1632 if (err != 0) {
1633 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1634 exit(1);
1635 }
1636
1637 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1638 if (ai->ai_family != AF_INET6)
1639 continue;
1640
1641 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1642 sizeof(ntop), strport, sizeof(strport),
1643 NI_NUMERICHOST|NI_NUMERICSERV);
1644
1645 if (err != 0) {
1646 if (err == EAI_SYSTEM)
1647 perror("getnameinfo EAI_SYSTEM");
1648 else
1649 fprintf(stderr, "getnameinfo failed: %s\n",
1650 gai_strerror(err));
1651 exit(2);
1652 }
1653
1654 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1655 if (sock < 0)
1656 perror("socket");
1657 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1658 if (errno == EBADF)
1659 exit(3);
1660 }
1661 }
1662 exit(0);
1663}
b0e7249f 1664 ]])],
2fe51906 1665 [
1666 AC_MSG_RESULT(yes)
1667 ],
1668 [
1669 AC_MSG_RESULT(no)
1670 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1671 ],
1672 [
1673 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1674 ]
1675 )
1676fi
1677
4b492aab 1678if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1679 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1680 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1681 AC_RUN_IFELSE(
1682 [AC_LANG_SOURCE([[
5ccf88cb 1683#include <stdio.h>
1684#include <sys/socket.h>
1685#include <netdb.h>
1686#include <errno.h>
1687#include <netinet/in.h>
1688
1689#define TEST_PORT "2222"
1690
1691int
1692main(void)
1693{
1694 int err, sock;
1695 struct addrinfo *gai_ai, *ai, hints;
1696 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1697
1698 memset(&hints, 0, sizeof(hints));
1699 hints.ai_family = PF_UNSPEC;
1700 hints.ai_socktype = SOCK_STREAM;
1701 hints.ai_flags = AI_PASSIVE;
1702
1703 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1704 if (err != 0) {
1705 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1706 exit(1);
1707 }
1708
1709 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1710 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1711 continue;
1712
1713 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1714 sizeof(ntop), strport, sizeof(strport),
1715 NI_NUMERICHOST|NI_NUMERICSERV);
1716
1717 if (ai->ai_family == AF_INET && err != 0) {
1718 perror("getnameinfo");
1719 exit(2);
1720 }
1721 }
1722 exit(0);
1723}
b0e7249f 1724 ]])],
5ccf88cb 1725 [
1726 AC_MSG_RESULT(yes)
3466e002 1727 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1728 [Define if you have a getaddrinfo that fails
1729 for the all-zeros IPv6 address])
5ccf88cb 1730 ],
1731 [
1732 AC_MSG_RESULT(no)
1733 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1734 ],
ecd9ec09 1735 [
b0e7249f 1736 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1737 ]
1738 )
1739fi
1740
b29fd59f 1741if test "x$check_for_conflicting_getspnam" = "x1"; then
1742 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1743 AC_COMPILE_IFELSE(
1744 [
1745#include <shadow.h>
1746int main(void) {exit(0);}
1747 ],
1748 [
1749 AC_MSG_RESULT(no)
1750 ],
1751 [
1752 AC_MSG_RESULT(yes)
1753 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1754 [Conflicting defs for getspnam])
1755 ]
1756 )
1757fi
1758
7f8f5e00 1759AC_FUNC_GETPGRP
1760
5b991353 1761# Search for OpenSSL
1762saved_CPPFLAGS="$CPPFLAGS"
1763saved_LDFLAGS="$LDFLAGS"
a0391976 1764AC_ARG_WITH(ssl-dir,
1765 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1766 [
e9e4a1c7 1767 if test "x$withval" != "xno" ; then
99eb0f64 1768 case "$withval" in
1769 # Relative paths
1770 ./*|../*) withval="`pwd`/$withval"
1771 esac
5b991353 1772 if test -d "$withval/lib"; then
1773 if test -n "${need_dash_r}"; then
1774 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1775 else
1776 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1777 fi
1778 else
5b991353 1779 if test -n "${need_dash_r}"; then
1780 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1781 else
1782 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1783 fi
1784 fi
5b991353 1785 if test -d "$withval/include"; then
1786 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1787 else
5b991353 1788 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1789 fi
a0391976 1790 fi
5b991353 1791 ]
1792)
5486a457 1793LIBS="-lcrypto $LIBS"
3466e002 1794AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1795 [Define if your ssl headers are included
1796 with #include <openssl/header.h>]),
d45e3d76 1797 [
5b991353 1798 dnl Check default openssl install dir
1799 if test -n "${need_dash_r}"; then
1800 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1801 else
5b991353 1802 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1803 fi
5b991353 1804 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1805 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1806 [
1807 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1808 ]
1809 )
1810 ]
1811)
1812
cd018561 1813# Determine OpenSSL header version
1814AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1815AC_RUN_IFELSE(
479cece8 1816 [AC_LANG_SOURCE([[
cd018561 1817#include <stdio.h>
1818#include <string.h>
1819#include <openssl/opensslv.h>
1820#define DATA "conftest.sslincver"
1821int main(void) {
aff51935 1822 FILE *fd;
1823 int rc;
cd018561 1824
aff51935 1825 fd = fopen(DATA,"w");
1826 if(fd == NULL)
1827 exit(1);
cd018561 1828
1829 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1830 exit(1);
1831
1832 exit(0);
1833}
479cece8 1834 ]])],
cd018561 1835 [
1836 ssl_header_ver=`cat conftest.sslincver`
1837 AC_MSG_RESULT($ssl_header_ver)
1838 ],
1839 [
1840 AC_MSG_RESULT(not found)
1841 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1842 ],
1843 [
1844 AC_MSG_WARN([cross compiling: not checking])
cd018561 1845 ]
1846)
1847
1848# Determine OpenSSL library version
1849AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1850AC_RUN_IFELSE(
479cece8 1851 [AC_LANG_SOURCE([[
cd018561 1852#include <stdio.h>
1853#include <string.h>
1854#include <openssl/opensslv.h>
1855#include <openssl/crypto.h>
1856#define DATA "conftest.ssllibver"
1857int main(void) {
aff51935 1858 FILE *fd;
1859 int rc;
cd018561 1860
aff51935 1861 fd = fopen(DATA,"w");
1862 if(fd == NULL)
1863 exit(1);
cd018561 1864
1865 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1866 exit(1);
1867
1868 exit(0);
1869}
479cece8 1870 ]])],
cd018561 1871 [
1872 ssl_library_ver=`cat conftest.ssllibver`
1873 AC_MSG_RESULT($ssl_library_ver)
1874 ],
1875 [
1876 AC_MSG_RESULT(not found)
1877 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1878 ],
1879 [
1880 AC_MSG_WARN([cross compiling: not checking])
cd018561 1881 ]
1882)
58d100bf 1883
1d42bcce 1884AC_ARG_WITH(openssl-header-check,
1885 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1886 [ if test "x$withval" = "xno" ; then
1887 openssl_check_nonfatal=1
1888 fi
1889 ]
1890)
1891
9780116c 1892# Sanity check OpenSSL headers
1893AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1894AC_RUN_IFELSE(
479cece8 1895 [AC_LANG_SOURCE([[
9780116c 1896#include <string.h>
1897#include <openssl/opensslv.h>
aec4cb4f 1898int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1899 ]])],
9780116c 1900 [
1901 AC_MSG_RESULT(yes)
1902 ],
1903 [
1904 AC_MSG_RESULT(no)
1d42bcce 1905 if test "x$openssl_check_nonfatal" = "x"; then
1906 AC_MSG_ERROR([Your OpenSSL headers do not match your
1907library. Check config.log for details.
1908If you are sure your installation is consistent, you can disable the check
1909by running "./configure --without-openssl-header-check".
1910Also see contrib/findssl.sh for help identifying header/library mismatches.
1911])
1912 else
1913 AC_MSG_WARN([Your OpenSSL headers do not match your
1914library. Check config.log for details.
e15ba28b 1915Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1916 fi
1a01a50c 1917 ],
1918 [
1919 AC_MSG_WARN([cross compiling: not checking])
9780116c 1920 ]
1921)
1922
282d6408 1923AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1924AC_LINK_IFELSE(
1925 [AC_LANG_SOURCE([[
1926#include <openssl/evp.h>
1927int main(void) { SSLeay_add_all_algorithms(); }
1928 ]])],
1929 [
1930 AC_MSG_RESULT(yes)
1931 ],
1932 [
1933 AC_MSG_RESULT(no)
1934 saved_LIBS="$LIBS"
1935 LIBS="$LIBS -ldl"
1936 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1937 AC_LINK_IFELSE(
1938 [AC_LANG_SOURCE([[
1939#include <openssl/evp.h>
1940int main(void) { SSLeay_add_all_algorithms(); }
1941 ]])],
1942 [
1943 AC_MSG_RESULT(yes)
1944 ],
1945 [
1946 AC_MSG_RESULT(no)
1947 LIBS="$saved_LIBS"
1948 ]
1949 )
1950 ]
1951)
1952
c7ad0d99 1953AC_ARG_WITH(ssl-engine,
1954 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1955 [ if test "x$withval" != "xno" ; then
1956 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1957 AC_TRY_COMPILE(
1958 [ #include <openssl/engine.h>],
1959 [
24b2647b 1960ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 1961 ],
1962 [ AC_MSG_RESULT(yes)
1963 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1964 [Enable OpenSSL engine support])
1965 ],
1966 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1967 )
1968 fi ]
1969)
1970
e5146707 1971# Check for OpenSSL without EVP_aes_{192,256}_cbc
1972AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1973AC_LINK_IFELSE(
e5146707 1974 [AC_LANG_SOURCE([[
1975#include <string.h>
1976#include <openssl/evp.h>
300ea548 1977int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1978 ]])],
1979 [
1980 AC_MSG_RESULT(no)
1981 ],
1982 [
1983 AC_MSG_RESULT(yes)
1984 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1985 [libcrypto is missing AES 192 and 256 bit functions])
1986 ]
1987)
1988
5486a457 1989# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1990# because the system crypt() is more featureful.
1991if test "x$check_for_libcrypt_before" = "x1"; then
1992 AC_CHECK_LIB(crypt, crypt)
1993fi
1994
aff51935 1995# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1996# version in OpenSSL.
05114c74 1997if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1998 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1999fi
2000
13ff27b7 2001# Search for SHA256 support in libc and/or OpenSSL
2002AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2003
a03acb8f 2004saved_LIBS="$LIBS"
2005AC_CHECK_LIB(iaf, ia_openinfo, [
2006 LIBS="$LIBS -liaf"
d837615a 2007 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2008 AC_DEFINE(HAVE_LIBIAF, 1,
2009 [Define if system has libiaf that supports set_id])
2010 ])
a03acb8f 2011])
2012LIBS="$saved_LIBS"
f1b0ecc3 2013
2014### Configure cryptographic random number support
2015
2016# Check wheter OpenSSL seeds itself
2017AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2018AC_RUN_IFELSE(
479cece8 2019 [AC_LANG_SOURCE([[
f1b0ecc3 2020#include <string.h>
2021#include <openssl/rand.h>
aec4cb4f 2022int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2023 ]])],
f1b0ecc3 2024 [
2025 OPENSSL_SEEDS_ITSELF=yes
2026 AC_MSG_RESULT(yes)
2027 ],
2028 [
2029 AC_MSG_RESULT(no)
2030 # Default to use of the rand helper if OpenSSL doesn't
2031 # seed itself
2032 USE_RAND_HELPER=yes
1a01a50c 2033 ],
2034 [
2035 AC_MSG_WARN([cross compiling: assuming yes])
2036 # This is safe, since all recent OpenSSL versions will
82f4e93d 2037 # complain at runtime if not seeded correctly.
1a01a50c 2038 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2039 ]
2040)
2041
a086f73b 2042# Check for PAM libs
2043PAM_MSG="no"
2044AC_ARG_WITH(pam,
2045 [ --with-pam Enable PAM support ],
2046 [
2047 if test "x$withval" != "xno" ; then
2048 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2049 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2050 AC_MSG_ERROR([PAM headers not found])
2051 fi
2052
2053 saved_LIBS="$LIBS"
2054 AC_CHECK_LIB(dl, dlopen, , )
2055 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2056 AC_CHECK_FUNCS(pam_getenvlist)
2057 AC_CHECK_FUNCS(pam_putenv)
2058 LIBS="$saved_LIBS"
2059
2060 PAM_MSG="yes"
2061
e54defb4 2062 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2063 AC_DEFINE(USE_PAM, 1,
2064 [Define if you want to enable PAM support])
282d6408 2065
a086f73b 2066 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2067 case "$LIBS" in
2068 *-ldl*)
2069 # libdl already in LIBS
2070 ;;
2071 *)
e54defb4 2072 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2073 ;;
2074 esac
a086f73b 2075 fi
a086f73b 2076 fi
2077 ]
2078)
2079
2080# Check for older PAM
2081if test "x$PAM_MSG" = "xyes" ; then
2082 # Check PAM strerror arguments (old PAM)
2083 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2084 AC_TRY_COMPILE(
2085 [
2086#include <stdlib.h>
2087#if defined(HAVE_SECURITY_PAM_APPL_H)
2088#include <security/pam_appl.h>
2089#elif defined (HAVE_PAM_PAM_APPL_H)
2090#include <pam/pam_appl.h>
2091#endif
2092 ],
2093 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2094 [AC_MSG_RESULT(no)],
2095 [
2096 AC_DEFINE(HAVE_OLD_PAM, 1,
2097 [Define if you have an old version of PAM
2098 which takes only one argument to pam_strerror])
2099 AC_MSG_RESULT(yes)
2100 PAM_MSG="yes (old library)"
2101 ]
2102 )
2103fi
f1b0ecc3 2104
2105# Do we want to force the use of the rand helper?
2106AC_ARG_WITH(rand-helper,
2107 [ --with-rand-helper Use subprocess to gather strong randomness ],
2108 [
2109 if test "x$withval" = "xno" ; then
aff51935 2110 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2111 # the previous test showed it to be unseeded.
2112 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2113 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2114 OPENSSL_SEEDS_ITSELF=yes
2115 USE_RAND_HELPER=""
2116 fi
2117 else
2118 USE_RAND_HELPER=yes
2119 fi
2120 ],
82f4e93d 2121)
f1b0ecc3 2122
2123# Which randomness source do we use?
4b492aab 2124if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2125 # OpenSSL only
3466e002 2126 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2127 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2128 RAND_MSG="OpenSSL internal ONLY"
2129 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2130elif test ! -z "$USE_RAND_HELPER" ; then
2131 # install rand helper
f1b0ecc3 2132 RAND_MSG="ssh-rand-helper"
2133 INSTALL_SSH_RAND_HELPER="yes"
2134fi
2135AC_SUBST(INSTALL_SSH_RAND_HELPER)
2136
2137### Configuration of ssh-rand-helper
2138
2139# PRNGD TCP socket
2140AC_ARG_WITH(prngd-port,
2141 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2142 [
eb5d7ff6 2143 case "$withval" in
2144 no)
2145 withval=""
2146 ;;
2147 [[0-9]]*)
2148 ;;
2149 *)
2150 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2151 ;;
2152 esac
2153 if test ! -z "$withval" ; then
f1b0ecc3 2154 PRNGD_PORT="$withval"
3466e002 2155 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2156 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2157 fi
2158 ]
2159)
2160
2161# PRNGD Unix domain socket
2162AC_ARG_WITH(prngd-socket,
2163 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2164 [
eb5d7ff6 2165 case "$withval" in
2166 yes)
f1b0ecc3 2167 withval="/var/run/egd-pool"
eb5d7ff6 2168 ;;
2169 no)
2170 withval=""
2171 ;;
2172 /*)
2173 ;;
2174 *)
2175 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2176 ;;
2177 esac
2178
2179 if test ! -z "$withval" ; then
f1b0ecc3 2180 if test ! -z "$PRNGD_PORT" ; then
2181 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2182 fi
906e811b 2183 if test ! -r "$withval" ; then
f1b0ecc3 2184 AC_MSG_WARN(Entropy socket is not readable)
2185 fi
2186 PRNGD_SOCKET="$withval"
3466e002 2187 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2188 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2189 fi
ddceb1c8 2190 ],
2191 [
2192 # Check for existing socket only if we don't have a random device already
2193 if test "$USE_RAND_HELPER" = yes ; then
2194 AC_MSG_CHECKING(for PRNGD/EGD socket)
2195 # Insert other locations here
2196 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2197 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2198 PRNGD_SOCKET="$sock"
2199 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2200 break;
2201 fi
2202 done
2203 if test ! -z "$PRNGD_SOCKET" ; then
2204 AC_MSG_RESULT($PRNGD_SOCKET)
2205 else
2206 AC_MSG_RESULT(not found)
2207 fi
2208 fi
f1b0ecc3 2209 ]
2210)
2211
2212# Change default command timeout for hashing entropy source
2213entropy_timeout=200
2214AC_ARG_WITH(entropy-timeout,
2215 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2216 [
6cf0200f 2217 if test -n "$withval" && test "x$withval" != "xno" && \
2218 test "x${withval}" != "xyes"; then
f1b0ecc3 2219 entropy_timeout=$withval
2220 fi
82f4e93d 2221 ]
f1b0ecc3 2222)
3466e002 2223AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2224 [Builtin PRNG command timeout])
f1b0ecc3 2225
fd3cbf67 2226SSH_PRIVSEP_USER=sshd
9a0fbcb3 2227AC_ARG_WITH(privsep-user,
5222e7ef 2228 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2229 [
6cf0200f 2230 if test -n "$withval" && test "x$withval" != "xno" && \
2231 test "x${withval}" != "xyes"; then
fd3cbf67 2232 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2233 fi
82f4e93d 2234 ]
9a0fbcb3 2235)
3466e002 2236AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2237 [non-privileged user for privilege separation])
fd3cbf67 2238AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2239
81dadca3 2240# We do this little dance with the search path to insure
2241# that programs that we select for use by installed programs
2242# (which may be run by the super-user) come from trusted
2243# locations before they come from the user's private area.
2244# This should help avoid accidentally configuring some
2245# random version of a program in someone's personal bin.
2246
2247OPATH=$PATH
2248PATH=/bin:/usr/bin
f95c8ce8 2249test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2250test -d /sbin && PATH=$PATH:/sbin
2251test -d /usr/sbin && PATH=$PATH:/usr/sbin
2252PATH=$PATH:/etc:$OPATH
2253
aff51935 2254# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2255OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2256OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2257OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2258OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2259OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2260OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2261OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2262OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2263OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2264OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2265OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2266OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2267OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2268OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2269OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2270OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2271# restore PATH
2272PATH=$OPATH
f1b0ecc3 2273
2274# Where does ssh-rand-helper get its randomness from?
2275INSTALL_SSH_PRNG_CMDS=""
2276if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2277 if test ! -z "$PRNGD_PORT" ; then
2278 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2279 elif test ! -z "$PRNGD_SOCKET" ; then
2280 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2281 else
2282 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2283 RAND_HELPER_CMDHASH=yes
2284 INSTALL_SSH_PRNG_CMDS="yes"
2285 fi
2286fi
2287AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2288
2289
66d6c27e 2290# Cheap hack to ensure NEWS-OS libraries are arranged right.
2291if test ! -z "$SONY" ; then
2292 LIBS="$LIBS -liberty";
2293fi
2294
9a406e1e 2295# Check for long long datatypes
2296AC_CHECK_TYPES([long long, unsigned long long, long double])
2297
2298# Check datatype sizes
976f7e19 2299AC_CHECK_SIZEOF(char, 1)
2b942fe0 2300AC_CHECK_SIZEOF(short int, 2)
2301AC_CHECK_SIZEOF(int, 4)
2302AC_CHECK_SIZEOF(long int, 4)
2303AC_CHECK_SIZEOF(long long int, 8)
2304
52f1ccb2 2305# Sanity check long long for some platforms (AIX)
2306if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2307 ac_cv_sizeof_long_long_int=0
2308fi
2309
90f15776 2310# compute LLONG_MIN and LLONG_MAX if we don't know them.
2311if test -z "$have_llong_max"; then
2312 AC_MSG_CHECKING([for max value of long long])
2313 AC_RUN_IFELSE(
2314 [AC_LANG_SOURCE([[
2315#include <stdio.h>
2316/* Why is this so damn hard? */
2317#ifdef __GNUC__
2318# undef __GNUC__
2319#endif
2320#define __USE_ISOC99
2321#include <limits.h>
2322#define DATA "conftest.llminmax"
055252ed 2323#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2324
2325/*
2326 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2327 * we do this the hard way.
2328 */
2329static int
2330fprint_ll(FILE *f, long long n)
2331{
2332 unsigned int i;
2333 int l[sizeof(long long) * 8];
2334
2335 if (n < 0)
2336 if (fprintf(f, "-") < 0)
2337 return -1;
2338 for (i = 0; n != 0; i++) {
2339 l[i] = my_abs(n % 10);
2340 n /= 10;
2341 }
2342 do {
2343 if (fprintf(f, "%d", l[--i]) < 0)
2344 return -1;
2345 } while (i != 0);
2346 if (fprintf(f, " ") < 0)
2347 return -1;
2348 return 0;
2349}
2350
90f15776 2351int main(void) {
2352 FILE *f;
2353 long long i, llmin, llmax = 0;
2354
2355 if((f = fopen(DATA,"w")) == NULL)
2356 exit(1);
2357
2358#if defined(LLONG_MIN) && defined(LLONG_MAX)
2359 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2360 llmin = LLONG_MIN;
2361 llmax = LLONG_MAX;
2362#else
2363 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2364 /* This will work on one's complement and two's complement */
2365 for (i = 1; i > llmax; i <<= 1, i++)
2366 llmax = i;
2367 llmin = llmax + 1LL; /* wrap */
2368#endif
2369
2370 /* Sanity check */
2371 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2372 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2373 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2374 fprintf(f, "unknown unknown\n");
2375 exit(2);
2376 }
2377
055252ed 2378 if (fprint_ll(f, llmin) < 0)
90f15776 2379 exit(3);
055252ed 2380 if (fprint_ll(f, llmax) < 0)
2381 exit(4);
2382 if (fclose(f) < 0)
2383 exit(5);
90f15776 2384 exit(0);
2385}
2386 ]])],
2387 [
2388 llong_min=`$AWK '{print $1}' conftest.llminmax`
2389 llong_max=`$AWK '{print $2}' conftest.llminmax`
2390
90f15776 2391 AC_MSG_RESULT($llong_max)
2392 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2393 [max value of long long calculated by configure])
2394 AC_MSG_CHECKING([for min value of long long])
2395 AC_MSG_RESULT($llong_min)
2396 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2397 [min value of long long calculated by configure])
2398 ],
2399 [
2400 AC_MSG_RESULT(not found)
2401 ],
2402 [
2403 AC_MSG_WARN([cross compiling: not checking])
2404 ]
2405 )
2406fi
2407
2408
a0391976 2409# More checks for data types
14a9a859 2410AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2411 AC_TRY_COMPILE(
aff51935 2412 [ #include <sys/types.h> ],
2413 [ u_int a; a = 1;],
14a9a859 2414 [ ac_cv_have_u_int="yes" ],
2415 [ ac_cv_have_u_int="no" ]
2416 )
2417])
2418if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2419 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2420 have_u_int=1
2421fi
2422
58d100bf 2423AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2424 AC_TRY_COMPILE(
aff51935 2425 [ #include <sys/types.h> ],
2426 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2427 [ ac_cv_have_intxx_t="yes" ],
2428 [ ac_cv_have_intxx_t="no" ]
2429 )
2430])
2431if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2432 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2433 have_intxx_t=1
2434fi
41cb4569 2435
2436if (test -z "$have_intxx_t" && \
aff51935 2437 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2438then
2439 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2440 AC_TRY_COMPILE(
aff51935 2441 [ #include <stdint.h> ],
2442 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2443 [
2444 AC_DEFINE(HAVE_INTXX_T)
2445 AC_MSG_RESULT(yes)
2446 ],
2447 [ AC_MSG_RESULT(no) ]
2448 )
2449fi
2450
bd590612 2451AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2452 AC_TRY_COMPILE(
1cbbe6c8 2453 [
2454#include <sys/types.h>
2455#ifdef HAVE_STDINT_H
2456# include <stdint.h>
2457#endif
2458#include <sys/socket.h>
2459#ifdef HAVE_SYS_BITYPES_H
2460# include <sys/bitypes.h>
2461#endif
aff51935 2462 ],
2463 [ int64_t a; a = 1;],
bd590612 2464 [ ac_cv_have_int64_t="yes" ],
2465 [ ac_cv_have_int64_t="no" ]
2466 )
2467])
2468if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2469 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2470fi
2471
58d100bf 2472AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2473 AC_TRY_COMPILE(
aff51935 2474 [ #include <sys/types.h> ],
2475 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2476 [ ac_cv_have_u_intxx_t="yes" ],
2477 [ ac_cv_have_u_intxx_t="no" ]
2478 )
2479])
2480if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2481 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2482 have_u_intxx_t=1
2483fi
2b942fe0 2484
41cb4569 2485if test -z "$have_u_intxx_t" ; then
2486 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2487 AC_TRY_COMPILE(
aff51935 2488 [ #include <sys/socket.h> ],
2489 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2490 [
2491 AC_DEFINE(HAVE_U_INTXX_T)
2492 AC_MSG_RESULT(yes)
2493 ],
2494 [ AC_MSG_RESULT(no) ]
2495 )
2496fi
2497
bd590612 2498AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2499 AC_TRY_COMPILE(
aff51935 2500 [ #include <sys/types.h> ],
2501 [ u_int64_t a; a = 1;],
bd590612 2502 [ ac_cv_have_u_int64_t="yes" ],
2503 [ ac_cv_have_u_int64_t="no" ]
2504 )
2505])
2506if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2507 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2508 have_u_int64_t=1
2509fi
2510
ddceb1c8 2511if test -z "$have_u_int64_t" ; then
2512 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2513 AC_TRY_COMPILE(
aff51935 2514 [ #include <sys/bitypes.h> ],
ddceb1c8 2515 [ u_int64_t a; a = 1],
2516 [
2517 AC_DEFINE(HAVE_U_INT64_T)
2518 AC_MSG_RESULT(yes)
2519 ],
2520 [ AC_MSG_RESULT(no) ]
2521 )
2522fi
2523
41cb4569 2524if test -z "$have_u_intxx_t" ; then
2525 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2526 AC_TRY_COMPILE(
2527 [
2528#include <sys/types.h>
aff51935 2529 ],
2530 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2531 [ ac_cv_have_uintxx_t="yes" ],
2532 [ ac_cv_have_uintxx_t="no" ]
2533 )
2534 ])
2535 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2536 AC_DEFINE(HAVE_UINTXX_T, 1,
2537 [define if you have uintxx_t data type])
41cb4569 2538 fi
2539fi
2540
2541if test -z "$have_uintxx_t" ; then
2542 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2543 AC_TRY_COMPILE(
aff51935 2544 [ #include <stdint.h> ],
2545 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2546 [
2547 AC_DEFINE(HAVE_UINTXX_T)
2548 AC_MSG_RESULT(yes)
2549 ],
2550 [ AC_MSG_RESULT(no) ]
2551 )
2552fi
2553
e5fe9a1f 2554if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2555 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2556then
2557 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2558 AC_TRY_COMPILE(
58d100bf 2559 [
2560#include <sys/bitypes.h>
aff51935 2561 ],
5cdfe03f 2562 [
837c30b8 2563 int8_t a; int16_t b; int32_t c;
2564 u_int8_t e; u_int16_t f; u_int32_t g;
2565 a = b = c = e = f = g = 1;
aff51935 2566 ],
5cdfe03f 2567 [
2568 AC_DEFINE(HAVE_U_INTXX_T)
2569 AC_DEFINE(HAVE_INTXX_T)
2570 AC_MSG_RESULT(yes)
2571 ],
2572 [AC_MSG_RESULT(no)]
aff51935 2573 )
5cdfe03f 2574fi
2575
0362750e 2576
2577AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2578 AC_TRY_COMPILE(
2579 [
2580#include <sys/types.h>
2581 ],
2582 [ u_char foo; foo = 125; ],
2583 [ ac_cv_have_u_char="yes" ],
2584 [ ac_cv_have_u_char="no" ]
2585 )
2586])
2587if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2588 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2589fi
2590
98a7c37b 2591TYPE_SOCKLEN_T
2b942fe0 2592
2d16d9a3 2593AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2594
777ece68 2595AC_CHECK_TYPES(in_addr_t,,,
2596[#include <sys/types.h>
2597#include <netinet/in.h>])
7b578f7d 2598
58d100bf 2599AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2600 AC_TRY_COMPILE(
2601 [
18ba2aab 2602#include <sys/types.h>
58d100bf 2603 ],
2604 [ size_t foo; foo = 1235; ],
2605 [ ac_cv_have_size_t="yes" ],
2606 [ ac_cv_have_size_t="no" ]
2607 )
2608])
2609if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2610 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2611fi
ea1970a3 2612
c04f75f1 2613AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2614 AC_TRY_COMPILE(
2615 [
2616#include <sys/types.h>
2617 ],
2618 [ ssize_t foo; foo = 1235; ],
2619 [ ac_cv_have_ssize_t="yes" ],
2620 [ ac_cv_have_ssize_t="no" ]
2621 )
2622])
2623if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2624 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2625fi
2626
f1c4659d 2627AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2628 AC_TRY_COMPILE(
2629 [
2630#include <time.h>
2631 ],
2632 [ clock_t foo; foo = 1235; ],
2633 [ ac_cv_have_clock_t="yes" ],
2634 [ ac_cv_have_clock_t="no" ]
2635 )
2636])
2637if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2638 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2639fi
2640
1c04b088 2641AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2642 AC_TRY_COMPILE(
2643 [
2644#include <sys/types.h>
2645#include <sys/socket.h>
2646 ],
2647 [ sa_family_t foo; foo = 1235; ],
2648 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2649 [ AC_TRY_COMPILE(
2650 [
2651#include <sys/types.h>
2652#include <sys/socket.h>
2653#include <netinet/in.h>
2654 ],
2655 [ sa_family_t foo; foo = 1235; ],
2656 [ ac_cv_have_sa_family_t="yes" ],
2657
1c04b088 2658 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2659 )]
1c04b088 2660 )
2661])
2662if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2663 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2664 [define if you have sa_family_t data type])
1c04b088 2665fi
2666
729bfe59 2667AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2668 AC_TRY_COMPILE(
2669 [
2670#include <sys/types.h>
2671 ],
2672 [ pid_t foo; foo = 1235; ],
2673 [ ac_cv_have_pid_t="yes" ],
2674 [ ac_cv_have_pid_t="no" ]
2675 )
2676])
2677if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2678 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2679fi
2680
2681AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2682 AC_TRY_COMPILE(
2683 [
2684#include <sys/types.h>
2685 ],
2686 [ mode_t foo; foo = 1235; ],
2687 [ ac_cv_have_mode_t="yes" ],
2688 [ ac_cv_have_mode_t="no" ]
2689 )
2690])
2691if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2692 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2693fi
2694
e3a93db0 2695
58d100bf 2696AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2697 AC_TRY_COMPILE(
2698 [
18ba2aab 2699#include <sys/types.h>
2700#include <sys/socket.h>
58d100bf 2701 ],
2702 [ struct sockaddr_storage s; ],
2703 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2704 [ ac_cv_have_struct_sockaddr_storage="no" ]
2705 )
2706])
2707if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2708 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2709 [define if you have struct sockaddr_storage data type])
58d100bf 2710fi
48e671d5 2711
58d100bf 2712AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2713 AC_TRY_COMPILE(
2714 [
cbd7492e 2715#include <sys/types.h>
58d100bf 2716#include <netinet/in.h>
2717 ],
2718 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2719 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2720 [ ac_cv_have_struct_sockaddr_in6="no" ]
2721 )
2722])
2723if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2724 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2725 [define if you have struct sockaddr_in6 data type])
58d100bf 2726fi
48e671d5 2727
58d100bf 2728AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2729 AC_TRY_COMPILE(
2730 [
cbd7492e 2731#include <sys/types.h>
58d100bf 2732#include <netinet/in.h>
2733 ],
2734 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2735 [ ac_cv_have_struct_in6_addr="yes" ],
2736 [ ac_cv_have_struct_in6_addr="no" ]
2737 )
2738])
2739if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2740 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2741 [define if you have struct in6_addr data type])
58d100bf 2742fi
48e671d5 2743
58d100bf 2744AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2745 AC_TRY_COMPILE(
2746 [
18ba2aab 2747#include <sys/types.h>
2748#include <sys/socket.h>
2749#include <netdb.h>
58d100bf 2750 ],
2751 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2752 [ ac_cv_have_struct_addrinfo="yes" ],
2753 [ ac_cv_have_struct_addrinfo="no" ]
2754 )
2755])
2756if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2757 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2758 [define if you have struct addrinfo data type])
58d100bf 2759fi
2760
89c7e31c 2761AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2762 AC_TRY_COMPILE(
aff51935 2763 [ #include <sys/time.h> ],
2764 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2765 [ ac_cv_have_struct_timeval="yes" ],
2766 [ ac_cv_have_struct_timeval="no" ]
2767 )
2768])
2769if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2770 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2771 have_struct_timeval=1
2772fi
2773
5271b55c 2774AC_CHECK_TYPES(struct timespec)
2775
85abc74b 2776# We need int64_t or else certian parts of the compile will fail.
4b492aab 2777if test "x$ac_cv_have_int64_t" = "xno" && \
2778 test "x$ac_cv_sizeof_long_int" != "x8" && \
2779 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2780 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2781 echo "an alternative compiler (I.E., GCC) before continuing."
2782 echo ""
2783 exit 1;
733cf7f4 2784else
2785dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2786 AC_RUN_IFELSE(
479cece8 2787 [AC_LANG_SOURCE([[
733cf7f4 2788#include <stdio.h>
2789#include <string.h>
2790#ifdef HAVE_SNPRINTF
2791main()
2792{
2793 char buf[50];
2794 char expected_out[50];
2795 int mazsize = 50 ;
2796#if (SIZEOF_LONG_INT == 8)
2797 long int num = 0x7fffffffffffffff;
2798#else
763a1a18 2799 long long num = 0x7fffffffffffffffll;
733cf7f4 2800#endif
2801 strcpy(expected_out, "9223372036854775807");
2802 snprintf(buf, mazsize, "%lld", num);
2803 if(strcmp(buf, expected_out) != 0)
aff51935 2804 exit(1);
733cf7f4 2805 exit(0);
2806}
2807#else
2808main() { exit(0); }
2809#endif
479cece8 2810 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2811 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2812 )
2c523de9 2813fi
2814
77bb0bca 2815dnl Checks for structure members
58d100bf 2816OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2817OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2818OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2819OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2820OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2821OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2822OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2823OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2824OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2825OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2826OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2827OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2828OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2829OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2830OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2831OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2832OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2833
2834AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2835AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2836 [Define if we don't have struct __res_state in resolv.h])],
2837[
2838#include <stdio.h>
2839#if HAVE_SYS_TYPES_H
2840# include <sys/types.h>
2841#endif
2842#include <netinet/in.h>
2843#include <arpa/nameser.h>
2844#include <resolv.h>
2845])
1d7b9b20 2846
58d100bf 2847AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2848 ac_cv_have_ss_family_in_struct_ss, [
2849 AC_TRY_COMPILE(
2850 [
18ba2aab 2851#include <sys/types.h>
2852#include <sys/socket.h>
58d100bf 2853 ],
2854 [ struct sockaddr_storage s; s.ss_family = 1; ],
2855 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2856 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2857 )
2858])
2859if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2860 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2861fi
2862
58d100bf 2863AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2864 ac_cv_have___ss_family_in_struct_ss, [
2865 AC_TRY_COMPILE(
2866 [
18ba2aab 2867#include <sys/types.h>
2868#include <sys/socket.h>
58d100bf 2869 ],
2870 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2871 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2872 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2873 )
2874])
2875if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2876 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2877 [Fields in struct sockaddr_storage])
58d100bf 2878fi
2879
2e73a022 2880AC_CACHE_CHECK([for pw_class field in struct passwd],
2881 ac_cv_have_pw_class_in_struct_passwd, [
2882 AC_TRY_COMPILE(
2883 [
2e73a022 2884#include <pwd.h>
2885 ],
97994d32 2886 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2887 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2888 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2889 )
2890])
2891if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2892 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2893 [Define if your password has a pw_class field])
2e73a022 2894fi
2895
7751d4eb 2896AC_CACHE_CHECK([for pw_expire field in struct passwd],
2897 ac_cv_have_pw_expire_in_struct_passwd, [
2898 AC_TRY_COMPILE(
2899 [
2900#include <pwd.h>
2901 ],
2902 [ struct passwd p; p.pw_expire = 0; ],
2903 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2904 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2905 )
2906])
2907if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2908 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2909 [Define if your password has a pw_expire field])
7751d4eb 2910fi
2911
2912AC_CACHE_CHECK([for pw_change field in struct passwd],
2913 ac_cv_have_pw_change_in_struct_passwd, [
2914 AC_TRY_COMPILE(
2915 [
2916#include <pwd.h>
2917 ],
2918 [ struct passwd p; p.pw_change = 0; ],
2919 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2920 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2921 )
2922])
2923if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2924 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2925 [Define if your password has a pw_change field])
7751d4eb 2926fi
58d100bf 2927
637f9177 2928dnl make sure we're using the real structure members and not defines
6f34652e 2929AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2930 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2931 AC_COMPILE_IFELSE(
6f34652e 2932 [
f95c8ce8 2933#include <sys/types.h>
6f34652e 2934#include <sys/socket.h>
2935#include <sys/uio.h>
637f9177 2936int main() {
2937#ifdef msg_accrights
1a01a50c 2938#error "msg_accrights is a macro"
637f9177 2939exit(1);
2940#endif
2941struct msghdr m;
2942m.msg_accrights = 0;
2943exit(0);
2944}
6f34652e 2945 ],
6f34652e 2946 [ ac_cv_have_accrights_in_msghdr="yes" ],
2947 [ ac_cv_have_accrights_in_msghdr="no" ]
2948 )
2949])
2950if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2951 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2952 [Define if your system uses access rights style
2953 file descriptor passing])
6f34652e 2954fi
2955
7176df4f 2956AC_CACHE_CHECK([for msg_control field in struct msghdr],
2957 ac_cv_have_control_in_msghdr, [
1a01a50c 2958 AC_COMPILE_IFELSE(
7176df4f 2959 [
f95c8ce8 2960#include <sys/types.h>
7176df4f 2961#include <sys/socket.h>
2962#include <sys/uio.h>
637f9177 2963int main() {
2964#ifdef msg_control
1a01a50c 2965#error "msg_control is a macro"
637f9177 2966exit(1);
2967#endif
2968struct msghdr m;
2969m.msg_control = 0;
2970exit(0);
2971}
7176df4f 2972 ],
7176df4f 2973 [ ac_cv_have_control_in_msghdr="yes" ],
2974 [ ac_cv_have_control_in_msghdr="no" ]
2975 )
2976])
2977if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2978 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2979 [Define if your system uses ancillary data style
2980 file descriptor passing])
7176df4f 2981fi
2982
58d100bf 2983AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2984 AC_TRY_LINK([],
2985 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2986 [ ac_cv_libc_defines___progname="yes" ],
2987 [ ac_cv_libc_defines___progname="no" ]
2988 )
2989])
2990if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2991 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2992fi
8946db53 2993
c921ee00 2994AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2995 AC_TRY_LINK([
2996#include <stdio.h>
aff51935 2997],
2998 [ printf("%s", __FUNCTION__); ],
c921ee00 2999 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3000 [ ac_cv_cc_implements___FUNCTION__="no" ]
3001 )
3002])
3003if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3004 AC_DEFINE(HAVE___FUNCTION__, 1,
3005 [Define if compiler implements __FUNCTION__])
c921ee00 3006fi
3007
3008AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3009 AC_TRY_LINK([
3010#include <stdio.h>
aff51935 3011],
3012 [ printf("%s", __func__); ],
c921ee00 3013 [ ac_cv_cc_implements___func__="yes" ],
3014 [ ac_cv_cc_implements___func__="no" ]
3015 )
3016])
3017if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3018 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3019fi
3020
9a406e1e 3021AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3022 AC_TRY_LINK(
3023 [#include <stdarg.h>
3024 va_list x,y;],
3025 [va_copy(x,y);],
3026 [ ac_cv_have_va_copy="yes" ],
3027 [ ac_cv_have_va_copy="no" ]
3028 )
3029])
3030if test "x$ac_cv_have_va_copy" = "xyes" ; then
3031 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3032fi
3033
3034AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3035 AC_TRY_LINK(
3036 [#include <stdarg.h>
3037 va_list x,y;],
3038 [__va_copy(x,y);],
3039 [ ac_cv_have___va_copy="yes" ],
3040 [ ac_cv_have___va_copy="no" ]
3041 )
3042])
3043if test "x$ac_cv_have___va_copy" = "xyes" ; then
3044 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3045fi
3046
1812a662 3047AC_CACHE_CHECK([whether getopt has optreset support],
3048 ac_cv_have_getopt_optreset, [
3049 AC_TRY_LINK(
3050 [
3051#include <getopt.h>
3052 ],
3053 [ extern int optreset; optreset = 0; ],
3054 [ ac_cv_have_getopt_optreset="yes" ],
3055 [ ac_cv_have_getopt_optreset="no" ]
3056 )
3057])
3058if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3059 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3060 [Define if your getopt(3) defines and uses optreset])
1812a662 3061fi
a0391976 3062
819b676f 3063AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3064 AC_TRY_LINK([],
3065 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3066 [ ac_cv_libc_defines_sys_errlist="yes" ],
3067 [ ac_cv_libc_defines_sys_errlist="no" ]
3068 )
3069])
3070if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3071 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3072 [Define if your system defines sys_errlist[]])
819b676f 3073fi
3074
3075
416ed5a7 3076AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3077 AC_TRY_LINK([],
3078 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3079 [ ac_cv_libc_defines_sys_nerr="yes" ],
3080 [ ac_cv_libc_defines_sys_nerr="no" ]
3081 )
3082])
3083if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3084 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3085fi
3086
aff51935 3087SCARD_MSG="no"
295c8801 3088# Check whether user wants sectok support
3089AC_ARG_WITH(sectok,
3090 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3091 [
3092 if test "x$withval" != "xno" ; then
3093 if test "x$withval" != "xyes" ; then
3094 CPPFLAGS="$CPPFLAGS -I${withval}"
3095 LDFLAGS="$LDFLAGS -L${withval}"
3096 if test ! -z "$need_dash_r" ; then
3097 LDFLAGS="$LDFLAGS -R${withval}"
3098 fi
3099 if test ! -z "$blibpath" ; then
3100 blibpath="$blibpath:${withval}"
3101 fi
3102 fi
3103 AC_CHECK_HEADERS(sectok.h)
3104 if test "$ac_cv_header_sectok_h" != yes; then
3105 AC_MSG_ERROR(Can't find sectok.h)
3106 fi
3107 AC_CHECK_LIB(sectok, sectok_open)
3108 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3109 AC_MSG_ERROR(Can't find libsectok)
3110 fi
3466e002 3111 AC_DEFINE(SMARTCARD, 1,
3112 [Define if you want smartcard support])
3113 AC_DEFINE(USE_SECTOK, 1,
3114 [Define if you want smartcard support
3115 using sectok])
aff51935 3116 SCARD_MSG="yes, using sectok"
295c8801 3117 fi
3118 ]
3119)
3120
3121# Check whether user wants OpenSC support
987b458f 3122OPENSC_CONFIG="no"
295c8801 3123AC_ARG_WITH(opensc,
e47fb473 3124 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3125 [
3126 if test "x$withval" != "xno" ; then
3127 if test "x$withval" != "xyes" ; then
3128 OPENSC_CONFIG=$withval/bin/opensc-config
3129 else
3130 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3131 fi
3132 if test "$OPENSC_CONFIG" != "no"; then
3133 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3134 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3135 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3136 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3137 AC_DEFINE(SMARTCARD)
3466e002 3138 AC_DEFINE(USE_OPENSC, 1,
3139 [Define if you want smartcard support
3140 using OpenSC])
987b458f 3141 SCARD_MSG="yes, using OpenSC"
3142 fi
3143 fi
3144 ]
3145)
d0b19c95 3146
c31dc31c 3147# Check libraries needed by DNS fingerprint support
aff51935 3148AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3149 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3150 [Define if getrrsetbyname() exists])],
3e05e934 3151 [
c31dc31c 3152 # Needed by our getrrsetbyname()
3153 AC_SEARCH_LIBS(res_query, resolv)
3154 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3155 AC_MSG_CHECKING(if res_query will link)
3156 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3157 [AC_MSG_RESULT(no)
3158 saved_LIBS="$LIBS"
3159 LIBS="$LIBS -lresolv"
3160 AC_MSG_CHECKING(for res_query in -lresolv)
3161 AC_LINK_IFELSE([
3162#include <resolv.h>
3163int main()
3164{
3165 res_query (0, 0, 0, 0, 0);
3166 return 0;
3167}
3168 ],
3169 [LIBS="$LIBS -lresolv"
3170 AC_MSG_RESULT(yes)],
3171 [LIBS="$saved_LIBS"
3172 AC_MSG_RESULT(no)])
3173 ])
c31dc31c 3174 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3175 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3176 [#include <sys/types.h>
3177 #include <arpa/nameser.h>])
c31dc31c 3178 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3179 [AC_DEFINE(HAVE_HEADER_AD, 1,
3180 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3181 [#include <arpa/nameser.h>])
3182 ])
3e05e934 3183
560acf80 3184AC_MSG_CHECKING(if struct __res_state _res is an extern)
3185AC_LINK_IFELSE([
3186#include <stdio.h>
3187#if HAVE_SYS_TYPES_H
3188# include <sys/types.h>
3189#endif
3190#include <netinet/in.h>
3191#include <arpa/nameser.h>
3192#include <resolv.h>
3193extern struct __res_state _res;
3194int main() { return 0; }
3195 ],
3196 [AC_MSG_RESULT(yes)
3197 AC_DEFINE(HAVE__RES_EXTERN, 1,
3198 [Define if you have struct __res_state _res as an extern])
3199 ],
3200 [ AC_MSG_RESULT(no) ]
3201)
3202
ef4d1846 3203# Check whether user wants SELinux support
3204SELINUX_MSG="no"
3205LIBSELINUX=""
3206AC_ARG_WITH(selinux,
3207 [ --with-selinux Enable SELinux support],
3208 [ if test "x$withval" != "xno" ; then
e54defb4 3209 save_LIBS="$LIBS"
ef4d1846 3210 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3211 SELINUX_MSG="yes"
3212 AC_CHECK_HEADER([selinux/selinux.h], ,
3213 AC_MSG_ERROR(SELinux support requires selinux.h header))
3214 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3215 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3216 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3217 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3218 LIBS="$save_LIBS"
ef4d1846 3219 fi ]
3220)
ef4d1846 3221
12928e80 3222# Check whether user wants Kerberos 5 support
aff51935 3223KRB5_MSG="no"
12928e80 3224AC_ARG_WITH(kerberos5,
aff51935 3225 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3226 [ if test "x$withval" != "xno" ; then
3227 if test "x$withval" = "xyes" ; then
3228 KRB5ROOT="/usr/local"
3229 else
3230 KRB5ROOT=${withval}
3231 fi
3232
3466e002 3233 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3234 KRB5_MSG="yes"
3235
3236 AC_MSG_CHECKING(for krb5-config)
3237 if test -x $KRB5ROOT/bin/krb5-config ; then
3238 KRB5CONF=$KRB5ROOT/bin/krb5-config
3239 AC_MSG_RESULT($KRB5CONF)
3240
3241 AC_MSG_CHECKING(for gssapi support)
3242 if $KRB5CONF | grep gssapi >/dev/null ; then
3243 AC_MSG_RESULT(yes)
3466e002 3244 AC_DEFINE(GSSAPI, 1,
3245 [Define this if you want GSSAPI
3246 support in the version 2 protocol])
071970fb 3247 k5confopts=gssapi
aff51935 3248 else
5585c441 3249 AC_MSG_RESULT(no)
071970fb 3250 k5confopts=""
aff51935 3251 fi
071970fb 3252 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3253 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3254 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3255 AC_MSG_CHECKING(whether we are using Heimdal)
3256 AC_TRY_COMPILE([ #include <krb5.h> ],
3257 [ char *tmp = heimdal_version; ],
3258 [ AC_MSG_RESULT(yes)
3466e002 3259 AC_DEFINE(HEIMDAL, 1,
3260 [Define this if you are using the
3261 Heimdal version of Kerberos V5]) ],
5585c441 3262 AC_MSG_RESULT(no)
3263 )
3264 else
3265 AC_MSG_RESULT(no)
12928e80 3266 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3267 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3268 AC_MSG_CHECKING(whether we are using Heimdal)
3269 AC_TRY_COMPILE([ #include <krb5.h> ],
3270 [ char *tmp = heimdal_version; ],
3271 [ AC_MSG_RESULT(yes)
3272 AC_DEFINE(HEIMDAL)
41707f74 3273 K5LIBS="-lkrb5 -ldes"
3274 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3275 AC_CHECK_LIB(roken, net_write,
41707f74 3276 [K5LIBS="$K5LIBS -lroken"])
aff51935 3277 ],
3278 [ AC_MSG_RESULT(no)
3279 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3280 ]
3281 )
4e00038c 3282 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3283
749560dd 3284 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3285 [ AC_DEFINE(GSSAPI)
3286 K5LIBS="-lgssapi $K5LIBS" ],
3287 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3288 [ AC_DEFINE(GSSAPI)
aff51935 3289 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3290 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3291 $K5LIBS)
3292 ],
3293 $K5LIBS)
82f4e93d 3294
749560dd 3295 AC_CHECK_HEADER(gssapi.h, ,
3296 [ unset ac_cv_header_gssapi_h
aff51935 3297 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3298 AC_CHECK_HEADERS(gssapi.h, ,
3299 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3300 )
749560dd 3301 ]
3302 )
3303
3304 oldCPP="$CPPFLAGS"
3305 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3306 AC_CHECK_HEADER(gssapi_krb5.h, ,
3307 [ CPPFLAGS="$oldCPP" ])
3308
aff51935 3309 fi
5585c441 3310 if test ! -z "$need_dash_r" ; then
3311 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3312 fi
3313 if test ! -z "$blibpath" ; then
3314 blibpath="$blibpath:${KRB5ROOT}/lib"
3315 fi
071970fb 3316
f5555364 3317 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3318 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3319 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3320
f5555364 3321 LIBS="$LIBS $K5LIBS"
3466e002 3322 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3323 [Define this if you want to use libkafs' AFS support]))
f5555364 3324 fi
071970fb 3325 ]
12928e80 3326)
b5b68128 3327
a0391976 3328# Looking for programs, paths and files
a0391976 3329
ecac8ee5 3330PRIVSEP_PATH=/var/empty
3331AC_ARG_WITH(privsep-path,
cda1ebcb 3332 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3333 [
6cf0200f 3334 if test -n "$withval" && test "x$withval" != "xno" && \
3335 test "x${withval}" != "xyes"; then
ecac8ee5 3336 PRIVSEP_PATH=$withval
3337 fi
3338 ]
3339)
3340AC_SUBST(PRIVSEP_PATH)
3341
a0391976 3342AC_ARG_WITH(xauth,
3343 [ --with-xauth=PATH Specify path to xauth program ],
3344 [
6cf0200f 3345 if test -n "$withval" && test "x$withval" != "xno" && \
3346 test "x${withval}" != "xyes"; then
cbd7492e 3347 xauth_path=$withval
a0391976 3348 fi
3349 ],
3350 [
2bf42e4a 3351 TestPath="$PATH"
3352 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3353 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3354 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3355 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3356 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3357 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3358 xauth_path="/usr/openwin/bin/xauth"
3359 fi
3360 ]
3361)
3362
65a4b4af 3363STRIP_OPT=-s
3364AC_ARG_ENABLE(strip,
3365 [ --disable-strip Disable calling strip(1) on install],
3366 [
3367 if test "x$enableval" = "xno" ; then
3368 STRIP_OPT=
3369 fi
3370 ]
3371)
3372AC_SUBST(STRIP_OPT)
3373
b3ec54b4 3374if test -z "$xauth_path" ; then
3375 XAUTH_PATH="undefined"
3376 AC_SUBST(XAUTH_PATH)
3377else
3466e002 3378 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3379 [Define if xauth is found in your path])
b3ec54b4 3380 XAUTH_PATH=$xauth_path
3381 AC_SUBST(XAUTH_PATH)
a0391976 3382fi
a0391976 3383
3384# Check for mail directory (last resort if we cannot get it from headers)
3385if test ! -z "$MAIL" ; then
3386 maildir=`dirname $MAIL`
3466e002 3387 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3388 [Set this to your mail directory if you don't have maillock.h])
a0391976 3389fi
3390
479cece8 3391if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3392 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3393 disable_ptmx_check=yes
3394fi
a0391976 3395if test -z "$no_dev_ptmx" ; then
6e879cb4 3396 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3397 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3398 [
3466e002 3399 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3400 [Define if you have /dev/ptmx])
6e879cb4 3401 have_dev_ptmx=1
3402 ]
3403 )
3404 fi
3276571c 3405fi
1a01a50c 3406
479cece8 3407if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3408 AC_CHECK_FILE("/dev/ptc",
3409 [
3466e002 3410 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3411 [Define if you have /dev/ptc])
1a01a50c 3412 have_dev_ptc=1
3413 ]
3414 )
3415else
3416 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3417fi
3276571c 3418
a0391976 3419# Options from here on. Some of these are preset by platform above
fdf6b7aa 3420AC_ARG_WITH(mantype,
5d97cfbf 3421 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3422 [
5d97cfbf 3423 case "$withval" in
3424 man|cat|doc)
3425 MANTYPE=$withval
3426 ;;
3427 *)
3428 AC_MSG_ERROR(invalid man type: $withval)
3429 ;;
3430 esac
c54a6257 3431 ]
3432)
e0c4d3ac 3433if test -z "$MANTYPE"; then
2bf42e4a 3434 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3435 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3436 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3437 MANTYPE=doc
3438 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3439 MANTYPE=man
3440 else
3441 MANTYPE=cat
3442 fi
3443fi
c54a6257 3444AC_SUBST(MANTYPE)
e0c4d3ac 3445if test "$MANTYPE" = "doc"; then
3446 mansubdir=man;
3447else
3448 mansubdir=$MANTYPE;
3449fi
3450AC_SUBST(mansubdir)
0bc5b6fb 3451
a0391976 3452# Check whether to enable MD5 passwords
aff51935 3453MD5_MSG="no"
2ddcfdf3 3454AC_ARG_WITH(md5-passwords,
caf3bc51 3455 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3456 [
bcf36c78 3457 if test "x$withval" != "xno" ; then
3466e002 3458 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3459 [Define if you want to allow MD5 passwords])
aff51935 3460 MD5_MSG="yes"
0bc5b6fb 3461 fi
3462 ]
caf3bc51 3463)
3464
a0391976 3465# Whether to disable shadow password support
a7effaac 3466AC_ARG_WITH(shadow,
3467 [ --without-shadow Disable shadow password support],
3468 [
82f4e93d 3469 if test "x$withval" = "xno" ; then
a7effaac 3470 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3471 disable_shadow=yes
a7effaac 3472 fi
3473 ]
3474)
3475
4cb5ffa0 3476if test -z "$disable_shadow" ; then
3477 AC_MSG_CHECKING([if the systems has expire shadow information])
3478 AC_TRY_COMPILE(
3479 [
3480#include <sys/types.h>
3481#include <shadow.h>
3482 struct spwd sp;
3483 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3484 [ sp_expire_available=yes ], []
3485 )
3486
3487 if test "x$sp_expire_available" = "xyes" ; then
3488 AC_MSG_RESULT(yes)
3466e002 3489 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3490 [Define if you want to use shadow password expire field])
4cb5ffa0 3491 else
3492 AC_MSG_RESULT(no)
3493 fi
3494fi
3495
a0391976 3496# Use ip address instead of hostname in $DISPLAY
44839801 3497if test ! -z "$IPADDR_IN_DISPLAY" ; then
3498 DISPLAY_HACK_MSG="yes"
3466e002 3499 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3500 [Define if you need to use IP address
3501 instead of hostname in $DISPLAY])
44839801 3502else
aff51935 3503 DISPLAY_HACK_MSG="no"
44839801 3504 AC_ARG_WITH(ipaddr-display,
3505 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3506 [
82f4e93d 3507 if test "x$withval" != "xno" ; then
44839801 3508 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3509 DISPLAY_HACK_MSG="yes"
44839801 3510 fi
3511 ]
3512 )
3513fi
a7effaac 3514
95b99395 3515# check for /etc/default/login and use it if present.
daa41e62 3516AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3517 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3518 [ if test "x$enableval" = "xno"; then
3519 AC_MSG_NOTICE([/etc/default/login handling disabled])
3520 etc_default_login=no
3521 else
3522 etc_default_login=yes
3523 fi ],
b0e7249f 3524 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3525 then
3526 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3527 etc_default_login=no
3528 else
3529 etc_default_login=yes
3530 fi ]
694d0cef 3531)
95b99395 3532
694d0cef 3533if test "x$etc_default_login" != "xno"; then
3534 AC_CHECK_FILE("/etc/default/login",
3535 [ external_path_file=/etc/default/login ])
b0e7249f 3536 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3537 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3538 [Define if your system has /etc/default/login])
1a01a50c 3539 fi
694d0cef 3540fi
95b99395 3541
8d184c09 3542dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3543if test $ac_cv_func_login_getcapbool = "yes" && \
3544 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3545 external_path_file=/etc/login.conf
8d184c09 3546fi
95b99395 3547
a0391976 3548# Whether to mess with the default path
aff51935 3549SERVER_PATH_MSG="(default)"
c43d69a9 3550AC_ARG_WITH(default-path,
75817f90 3551 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3552 [
95b99395 3553 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3554 AC_MSG_WARN([
3555--with-default-path=PATH has no effect on this system.
3556Edit /etc/login.conf instead.])
82f4e93d 3557 elif test "x$withval" != "xno" ; then
89bbd457 3558 if test ! -z "$external_path_file" ; then
95b99395 3559 AC_MSG_WARN([
3560--with-default-path=PATH will only be used if PATH is not defined in
3561$external_path_file .])
3562 fi
b2d818e6 3563 user_path="$withval"
aff51935 3564 SERVER_PATH_MSG="$withval"
cb807f40 3565 fi
b2d818e6 3566 ],
95b99395 3567 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3568 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3569 else
89bbd457 3570 if test ! -z "$external_path_file" ; then
95b99395 3571 AC_MSG_WARN([
3572If PATH is defined in $external_path_file, ensure the path to scp is included,
3573otherwise scp will not work.])
3574 fi
b0e7249f 3575 AC_RUN_IFELSE(
3576 [AC_LANG_SOURCE([[
b2d818e6 3577/* find out what STDPATH is */
3578#include <stdio.h>
b2d818e6 3579#ifdef HAVE_PATHS_H
3580# include <paths.h>
3581#endif
3582#ifndef _PATH_STDPATH
d9a4e55b 3583# ifdef _PATH_USERPATH /* Irix */
3584# define _PATH_STDPATH _PATH_USERPATH
3585# else
3586# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3587# endif
b2d818e6 3588#endif
3589#include <sys/types.h>
3590#include <sys/stat.h>
3591#include <fcntl.h>
3592#define DATA "conftest.stdpath"
3593
3594main()
3595{
3596 FILE *fd;
3597 int rc;
82f4e93d 3598
b2d818e6 3599 fd = fopen(DATA,"w");
3600 if(fd == NULL)
3601 exit(1);
82f4e93d 3602
b2d818e6 3603 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3604 exit(1);
3605
3606 exit(0);
3607}
b0e7249f 3608 ]])],
3609 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3610 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3611 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3612 )
3613# make sure $bindir is in USER_PATH so scp will work
3614 t_bindir=`eval echo ${bindir}`
3615 case $t_bindir in
3616 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3617 esac
3618 case $t_bindir in
3619 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3620 esac
3621 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3622 if test $? -ne 0 ; then
3623 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3624 if test $? -ne 0 ; then
3625 user_path=$user_path:$t_bindir
3626 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3627 fi
3628 fi
8d184c09 3629 fi ]
cb807f40 3630)
95b99395 3631if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3632 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3633 AC_SUBST(user_path)
3634fi
cb807f40 3635
06617857 3636# Set superuser path separately to user path
06617857 3637AC_ARG_WITH(superuser-path,
3638 [ --with-superuser-path= Specify different path for super-user],
3639 [
6cf0200f 3640 if test -n "$withval" && test "x$withval" != "xno" && \
3641 test "x${withval}" != "xyes"; then
3466e002 3642 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3643 [Define if you want a different $PATH
3644 for the superuser])
06617857 3645 superuser_path=$withval
3646 fi
3647 ]
3648)
3649
3650
58d100bf 3651AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3652IPV4_IN6_HACK_MSG="no"
80faa19f 3653AC_ARG_WITH(4in6,
3654 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3655 [
3656 if test "x$withval" != "xno" ; then
3657 AC_MSG_RESULT(yes)
3466e002 3658 AC_DEFINE(IPV4_IN_IPV6, 1,
3659 [Detect IPv4 in IPv6 mapped addresses
3660 and treat as IPv4])
aff51935 3661 IPV4_IN6_HACK_MSG="yes"
80faa19f 3662 else
3663 AC_MSG_RESULT(no)
3664 fi
3665 ],[
3666 if test "x$inet6_default_4in6" = "xyes"; then
3667 AC_MSG_RESULT([yes (default)])
3668 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3669 IPV4_IN6_HACK_MSG="yes"
80faa19f 3670 else
3671 AC_MSG_RESULT([no (default)])
3672 fi
3673 ]
3674)
3675
af774732 3676# Whether to enable BSD auth support
f1b0ecc3 3677BSD_AUTH_MSG=no
af774732 3678AC_ARG_WITH(bsd-auth,
3679 [ --with-bsd-auth Enable BSD auth support],
3680 [
82f4e93d 3681 if test "x$withval" != "xno" ; then
3466e002 3682 AC_DEFINE(BSD_AUTH, 1,
3683 [Define if you have BSD auth support])
f1b0ecc3 3684 BSD_AUTH_MSG=yes
af774732 3685 fi
3686 ]
3687)
3688
a0391976 3689# Where to place sshd.pid
19d9ac2a 3690piddir=/var/run
81dadca3 3691# make sure the directory exists
82f4e93d 3692if test ! -d $piddir ; then
81dadca3 3693 piddir=`eval echo ${sysconfdir}`
3694 case $piddir in
aff51935 3695 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3696 esac
3697fi
3698
47e45e44 3699AC_ARG_WITH(pid-dir,
3700 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3701 [
6cf0200f 3702 if test -n "$withval" && test "x$withval" != "xno" && \
3703 test "x${withval}" != "xyes"; then
19d9ac2a 3704 piddir=$withval
82f4e93d 3705 if test ! -d $piddir ; then
81dadca3 3706 AC_MSG_WARN([** no $piddir directory on this system **])
3707 fi
47e45e44 3708 fi
3709 ]
3710)
b7a87eea 3711
3466e002 3712AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3713AC_SUBST(piddir)
47e45e44 3714
1d7b9b20 3715dnl allow user to disable some login recording features
3716AC_ARG_ENABLE(lastlog,
bfd550a2 3717 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3718 [
3719 if test "x$enableval" = "xno" ; then
3720 AC_DEFINE(DISABLE_LASTLOG)
3721 fi
3722 ]
1d7b9b20 3723)
3724AC_ARG_ENABLE(utmp,
bfd550a2 3725 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3726 [
3727 if test "x$enableval" = "xno" ; then
3728 AC_DEFINE(DISABLE_UTMP)
3729 fi
3730 ]
1d7b9b20 3731)
3732AC_ARG_ENABLE(utmpx,
bfd550a2 3733 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3734 [
3735 if test "x$enableval" = "xno" ; then
3466e002 3736 AC_DEFINE(DISABLE_UTMPX, 1,
3737 [Define if you don't want to use utmpx])
ddb154b3 3738 fi
3739 ]
1d7b9b20 3740)
3741AC_ARG_ENABLE(wtmp,
bfd550a2 3742 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3743 [
3744 if test "x$enableval" = "xno" ; then
3745 AC_DEFINE(DISABLE_WTMP)
3746 fi
3747 ]
1d7b9b20 3748)
3749AC_ARG_ENABLE(wtmpx,
bfd550a2 3750 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3751 [
3752 if test "x$enableval" = "xno" ; then
3466e002 3753 AC_DEFINE(DISABLE_WTMPX, 1,
3754 [Define if you don't want to use wtmpx])
ddb154b3 3755 fi
3756 ]
1d7b9b20 3757)
3758AC_ARG_ENABLE(libutil,
bfd550a2 3759 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3760 [
3761 if test "x$enableval" = "xno" ; then
3762 AC_DEFINE(DISABLE_LOGIN)
3763 fi
3764 ]
1d7b9b20 3765)
3766AC_ARG_ENABLE(pututline,
bfd550a2 3767 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3768 [
3769 if test "x$enableval" = "xno" ; then
3466e002 3770 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3771 [Define if you don't want to use pututline()
3772 etc. to write [uw]tmp])
ddb154b3 3773 fi
3774 ]
1d7b9b20 3775)
3776AC_ARG_ENABLE(pututxline,
bfd550a2 3777 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3778 [
3779 if test "x$enableval" = "xno" ; then
3466e002 3780 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3781 [Define if you don't want to use pututxline()
3782 etc. to write [uw]tmpx])
ddb154b3 3783 fi
3784 ]
1d7b9b20 3785)
3786AC_ARG_WITH(lastlog,
bfd550a2 3787 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3788 [
82f4e93d 3789 if test "x$withval" = "xno" ; then
8c89dd2b 3790 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3791 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3792 conf_lastlog_location=$withval
3793 fi
3794 ]
3795)
1d7b9b20 3796
3797dnl lastlog, [uw]tmpx? detection
3798dnl NOTE: set the paths in the platform section to avoid the
3799dnl need for command-line parameters
3800dnl lastlog and [uw]tmp are subject to a file search if all else fails
3801
3802dnl lastlog detection
3803dnl NOTE: the code itself will detect if lastlog is a directory
3804AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3805AC_TRY_COMPILE([
3806#include <sys/types.h>
3807#include <utmp.h>
3808#ifdef HAVE_LASTLOG_H
3809# include <lastlog.h>
3810#endif
d7c0f3d5 3811#ifdef HAVE_PATHS_H
1d7b9b20 3812# include <paths.h>
41cb4569 3813#endif
3814#ifdef HAVE_LOGIN_H
3815# include <login.h>
1d7b9b20 3816#endif
3817 ],
3818 [ char *lastlog = LASTLOG_FILE; ],
3819 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3820 [
3821 AC_MSG_RESULT(no)
3822 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3823 AC_TRY_COMPILE([
3824#include <sys/types.h>
3825#include <utmp.h>
3826#ifdef HAVE_LASTLOG_H
3827# include <lastlog.h>
3828#endif
3829#ifdef HAVE_PATHS_H
3830# include <paths.h>
3831#endif
3832 ],
3833 [ char *lastlog = _PATH_LASTLOG; ],
3834 [ AC_MSG_RESULT(yes) ],
3835 [
f282b668 3836 AC_MSG_RESULT(no)
d7c0f3d5 3837 system_lastlog_path=no
3838 ])
3839 ]
1d7b9b20 3840)
d7c0f3d5 3841
1d7b9b20 3842if test -z "$conf_lastlog_location"; then
3843 if test x"$system_lastlog_path" = x"no" ; then
3844 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3845 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3846 conf_lastlog_location=$f
3847 fi
3848 done
3849 if test -z "$conf_lastlog_location"; then
f8119cef 3850 AC_MSG_WARN([** Cannot find lastlog **])
3851 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3852 fi
3853 fi
3854fi
3855
3856if test -n "$conf_lastlog_location"; then
3466e002 3857 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3858 [Define if you want to specify the path to your lastlog file])
82f4e93d 3859fi
1d7b9b20 3860
3861dnl utmp detection
3862AC_MSG_CHECKING([if your system defines UTMP_FILE])
3863AC_TRY_COMPILE([
3864#include <sys/types.h>
3865#include <utmp.h>
d7c0f3d5 3866#ifdef HAVE_PATHS_H
1d7b9b20 3867# include <paths.h>
3868#endif
3869 ],
3870 [ char *utmp = UTMP_FILE; ],
3871 [ AC_MSG_RESULT(yes) ],
3872 [ AC_MSG_RESULT(no)
3873 system_utmp_path=no ]
3874)
3875if test -z "$conf_utmp_location"; then
3876 if test x"$system_utmp_path" = x"no" ; then
3877 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3878 if test -f $f ; then
3879 conf_utmp_location=$f
3880 fi
3881 done
3882 if test -z "$conf_utmp_location"; then
3883 AC_DEFINE(DISABLE_UTMP)
3884 fi
3885 fi
3886fi
3887if test -n "$conf_utmp_location"; then
3466e002 3888 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3889 [Define if you want to specify the path to your utmp file])
82f4e93d 3890fi
1d7b9b20 3891
3892dnl wtmp detection
3893AC_MSG_CHECKING([if your system defines WTMP_FILE])
3894AC_TRY_COMPILE([
3895#include <sys/types.h>
3896#include <utmp.h>
d7c0f3d5 3897#ifdef HAVE_PATHS_H
1d7b9b20 3898# include <paths.h>
3899#endif
3900 ],
3901 [ char *wtmp = WTMP_FILE; ],
3902 [ AC_MSG_RESULT(yes) ],
3903 [ AC_MSG_RESULT(no)
3904 system_wtmp_path=no ]
3905)
3906if test -z "$conf_wtmp_location"; then
3907 if test x"$system_wtmp_path" = x"no" ; then
3908 for f in /usr/adm/wtmp /var/log/wtmp; do
3909 if test -f $f ; then
3910 conf_wtmp_location=$f
3911 fi
3912 done
3913 if test -z "$conf_wtmp_location"; then
3914 AC_DEFINE(DISABLE_WTMP)
3915 fi
3916 fi
3917fi
3918if test -n "$conf_wtmp_location"; then
3466e002 3919 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3920 [Define if you want to specify the path to your wtmp file])
82f4e93d 3921fi
1d7b9b20 3922
3923
3924dnl utmpx detection - I don't know any system so perverse as to require
3925dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3926dnl there, though.
3927AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3928AC_TRY_COMPILE([
3929#include <sys/types.h>
3930#include <utmp.h>
3931#ifdef HAVE_UTMPX_H
3932#include <utmpx.h>
3933#endif
d7c0f3d5 3934#ifdef HAVE_PATHS_H
1d7b9b20 3935# include <paths.h>
3936#endif
3937 ],
3938 [ char *utmpx = UTMPX_FILE; ],
3939 [ AC_MSG_RESULT(yes) ],
3940 [ AC_MSG_RESULT(no)
3941 system_utmpx_path=no ]
3942)
3943if test -z "$conf_utmpx_location"; then
3944 if test x"$system_utmpx_path" = x"no" ; then
3945 AC_DEFINE(DISABLE_UTMPX)
3946 fi
3947else
3466e002 3948 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3949 [Define if you want to specify the path to your utmpx file])
82f4e93d 3950fi
1d7b9b20 3951
3952dnl wtmpx detection
3953AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3954AC_TRY_COMPILE([
3955#include <sys/types.h>
3956#include <utmp.h>
3957#ifdef HAVE_UTMPX_H
3958#include <utmpx.h>
3959#endif
d7c0f3d5 3960#ifdef HAVE_PATHS_H
1d7b9b20 3961# include <paths.h>
3962#endif
3963 ],
3964 [ char *wtmpx = WTMPX_FILE; ],
3965 [ AC_MSG_RESULT(yes) ],
3966 [ AC_MSG_RESULT(no)
3967 system_wtmpx_path=no ]
3968)
3969if test -z "$conf_wtmpx_location"; then
3970 if test x"$system_wtmpx_path" = x"no" ; then
3971 AC_DEFINE(DISABLE_WTMPX)
3972 fi
3973else
3466e002 3974 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3975 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3976fi
1d7b9b20 3977
b7a87eea 3978
bd499f9e 3979if test ! -z "$blibpath" ; then
68ece370 3980 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3981 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3982fi
3983
ed89c848 3984dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3985dnl Add now.
3986CFLAGS="$CFLAGS $werror_flags"
3987
3c62e7eb 3988AC_EXEEXT
29eadd7c 3989AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
3990 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
3991 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3992AC_OUTPUT
d3083fbd 3993
cbd7492e 3994# Print summary of options
3995
cbd7492e 3996# Someone please show me a better way :)
3997A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3998B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3999C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4000D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4001E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4002F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4003G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4004H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4005I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4006J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4007
4008echo ""
26de7942 4009echo "OpenSSH has been configured with the following options:"
ecac8ee5 4010echo " User binaries: $B"
4011echo " System binaries: $C"
4012echo " Configuration files: $D"
4013echo " Askpass program: $E"
4014echo " Manual pages: $F"
4015echo " PID file: $G"
4016echo " Privilege separation chroot path: $H"
95b99395 4017if test "x$external_path_file" = "x/etc/login.conf" ; then
4018echo " At runtime, sshd will use the path defined in $external_path_file"
4019echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4020else
ecac8ee5 4021echo " sshd default user PATH: $I"
89bbd457 4022 if test ! -z "$external_path_file"; then
95b99395 4023echo " (If PATH is set in $external_path_file it will be used instead. If"
4024echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4025 fi
8d184c09 4026fi
06617857 4027if test ! -z "$superuser_path" ; then
ecac8ee5 4028echo " sshd superuser user PATH: $J"
4029fi
4030echo " Manpage format: $MANTYPE"
3e05e934 4031echo " PAM support: $PAM_MSG"
5b84789f 4032echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4033echo " KerberosV support: $KRB5_MSG"
ef4d1846 4034echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4035echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4036echo " S/KEY support: $SKEY_MSG"
4037echo " TCP Wrappers support: $TCPW_MSG"
4038echo " MD5 password support: $MD5_MSG"
59031773 4039echo " libedit support: $LIBEDIT_MSG"
5b84789f 4040echo " Solaris process contract support: $SPC_MSG"
3deb1408 4041echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4042echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4043echo " BSD Auth support: $BSD_AUTH_MSG"
4044echo " Random number source: $RAND_MSG"
f1b0ecc3 4045if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4046echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4047fi
4048
cbd7492e 4049echo ""
4050
0c2fb82f 4051echo " Host: ${host}"
4052echo " Compiler: ${CC}"
4053echo " Compiler flags: ${CFLAGS}"
4054echo "Preprocessor flags: ${CPPFLAGS}"
4055echo " Linker flags: ${LDFLAGS}"
e54defb4 4056echo " Libraries: ${LIBS}"
4057if test ! -z "${SSHDLIBS}"; then
4058echo " +for sshd: ${SSHDLIBS}"
4059fi
cbd7492e 4060
4061echo ""
4062
9cefe228 4063if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4064 echo "SVR4 style packages are supported with \"make package\""
4065 echo ""
9cefe228 4066fi
4067
adeebd37 4068if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4069 echo "PAM is enabled. You may need to install a PAM control file "
4070 echo "for sshd, otherwise password authentication may fail. "
aff51935 4071 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4072 echo "subdirectory"
adeebd37 4073 echo ""
4074fi
4075
f1b0ecc3 4076if test ! -z "$RAND_HELPER_CMDHASH" ; then
4077 echo "WARNING: you are using the builtin random number collection "
4078 echo "service. Please read WARNING.RNG and request that your OS "
4079 echo "vendor includes kernel-based random number collection in "
4080 echo "future versions of your OS."
2c523de9 4081 echo ""
4082fi
af774732 4083
2f6f9cff 4084if test ! -z "$NO_PEERCHECK" ; then
1961d660 4085 echo "WARNING: the operating system that you are using does not"
4086 echo "appear to support getpeereid(), getpeerucred() or the"
4087 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4088 echo "enforce security checks to prevent unauthorised connections to"
4089 echo "ssh-agent. Their absence increases the risk that a malicious"
4090 echo "user can connect to your agent."
2f6f9cff 4091 echo ""
4092fi
4093
7b578f7d 4094if test "$AUDIT_MODULE" = "bsm" ; then
4095 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4096 echo "See the Solaris section in README.platform for details."
4097fi
git-cvsimport mirror of OpenSSH
This page took 1.071717 seconds and 5 git commands to generate.