]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- djm@cvs.openbsd.org 2007/10/29 23:49:41
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
0b9fdeb8 97 1.*) no_attrib_nonnull=1 ;;
98 2.8* | 2.9*)
99 CFLAGS="$CFLAGS -Wsign-compare"
100 no_attrib_nonnull=1
101 ;;
102 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 103 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 104 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
105 *) ;;
5fdabf45 106 esac
8a3ff1aa 107
dfafb2e1 108 if test -z "$have_llong_max"; then
109 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
110 unset ac_cv_have_decl_LLONG_MAX
111 saved_CFLAGS="$CFLAGS"
112 CFLAGS="$CFLAGS -std=gnu99"
113 AC_CHECK_DECL(LLONG_MAX,
114 [have_llong_max=1],
115 [CFLAGS="$saved_CFLAGS"],
116 [#include <limits.h>]
117 )
118 fi
d423d822 119fi
120
0b9fdeb8 121if test "x$no_attrib_nonnull" != "x1" ; then
122 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
123fi
124
e6354014 125AC_ARG_WITH(rpath,
126 [ --without-rpath Disable auto-added -R linker paths],
127 [
82f4e93d 128 if test "x$withval" = "xno" ; then
e6354014 129 need_dash_r=""
130 fi
131 if test "x$withval" = "xyes" ; then
132 need_dash_r=1
133 fi
134 ]
135)
136
aa56f760 137# Allow user to specify flags
138AC_ARG_WITH(cflags,
139 [ --with-cflags Specify additional flags to pass to compiler],
140 [
141 if test -n "$withval" && test "x$withval" != "xno" && \
142 test "x${withval}" != "xyes"; then
143 CFLAGS="$CFLAGS $withval"
144 fi
145 ]
146)
147AC_ARG_WITH(cppflags,
148 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
149 [
150 if test -n "$withval" && test "x$withval" != "xno" && \
151 test "x${withval}" != "xyes"; then
152 CPPFLAGS="$CPPFLAGS $withval"
153 fi
154 ]
155)
156AC_ARG_WITH(ldflags,
157 [ --with-ldflags Specify additional flags to pass to linker],
158 [
159 if test -n "$withval" && test "x$withval" != "xno" && \
160 test "x${withval}" != "xyes"; then
161 LDFLAGS="$LDFLAGS $withval"
162 fi
163 ]
164)
165AC_ARG_WITH(libs,
166 [ --with-libs Specify additional libraries to link with],
167 [
168 if test -n "$withval" && test "x$withval" != "xno" && \
169 test "x${withval}" != "xyes"; then
170 LIBS="$LIBS $withval"
171 fi
172 ]
173)
174AC_ARG_WITH(Werror,
175 [ --with-Werror Build main code with -Werror],
176 [
177 if test -n "$withval" && test "x$withval" != "xno"; then
178 werror_flags="-Werror"
179 if test "x${withval}" != "xyes"; then
180 werror_flags="$withval"
181 fi
182 fi
183 ]
184)
185
186AC_CHECK_HEADERS( \
187 bstring.h \
188 crypt.h \
189 crypto/sha2.h \
190 dirent.h \
191 endian.h \
192 features.h \
193 fcntl.h \
194 floatingpoint.h \
195 getopt.h \
196 glob.h \
197 ia.h \
198 iaf.h \
199 limits.h \
200 login.h \
201 maillock.h \
202 ndir.h \
203 net/if_tun.h \
204 netdb.h \
205 netgroup.h \
206 pam/pam_appl.h \
207 paths.h \
6d39a5c4 208 poll.h \
aa56f760 209 pty.h \
210 readpassphrase.h \
211 rpc/types.h \
212 security/pam_appl.h \
213 sha2.h \
214 shadow.h \
215 stddef.h \
216 stdint.h \
217 string.h \
218 strings.h \
219 sys/audit.h \
220 sys/bitypes.h \
221 sys/bsdtty.h \
222 sys/cdefs.h \
223 sys/dir.h \
224 sys/mman.h \
225 sys/ndir.h \
8aa5db7d 226 sys/poll.h \
aa56f760 227 sys/prctl.h \
228 sys/pstat.h \
229 sys/select.h \
230 sys/stat.h \
231 sys/stream.h \
232 sys/stropts.h \
233 sys/strtio.h \
234 sys/sysmacros.h \
235 sys/time.h \
236 sys/timers.h \
237 sys/un.h \
238 time.h \
239 tmpdir.h \
240 ttyent.h \
40701614 241 ucred.h \
aa56f760 242 unistd.h \
243 usersec.h \
244 util.h \
245 utime.h \
246 utmp.h \
247 utmpx.h \
248 vis.h \
249)
250
251# lastlog.h requires sys/time.h to be included first on Solaris
252AC_CHECK_HEADERS(lastlog.h, [], [], [
253#ifdef HAVE_SYS_TIME_H
254# include <sys/time.h>
255#endif
256])
257
258# sys/ptms.h requires sys/stream.h to be included first on Solaris
259AC_CHECK_HEADERS(sys/ptms.h, [], [], [
260#ifdef HAVE_SYS_STREAM_H
261# include <sys/stream.h>
262#endif
263])
264
265# login_cap.h requires sys/types.h on NetBSD
266AC_CHECK_HEADERS(login_cap.h, [], [], [
267#include <sys/types.h>
268])
269
5b84789f 270# Messages for features tested for in target-specific section
271SIA_MSG="no"
272SPC_MSG="no"
273
a0391976 274# Check for some target-specific stuff
a7effaac 275case "$host" in
9d6b1b96 276*-*-aix*)
25a2779b 277 # Some versions of VAC won't allow macro redefinitions at
278 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
279 # particularly with older versions of vac or xlc.
280 # It also throws errors about null macro argments, but these are
281 # not fatal.
282 AC_MSG_CHECKING(if compiler allows macro redefinitions)
283 AC_COMPILE_IFELSE(
284 [AC_LANG_SOURCE([[
285#define testmacro foo
286#define testmacro bar
287int main(void) { exit(0); }
288 ]])],
289 [ AC_MSG_RESULT(yes) ],
290 [ AC_MSG_RESULT(no)
291 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
292 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
293 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
294 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
295 ]
296 )
297
aff51935 298 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 299 if (test -z "$blibpath"); then
0a15d73b 300 blibpath="/usr/lib:/lib"
68ece370 301 fi
302 saved_LDFLAGS="$LDFLAGS"
e7479666 303 if test "$GCC" = "yes"; then
304 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
305 else
306 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
307 fi
308 for tryflags in $flags ;do
68ece370 309 if (test -z "$blibflags"); then
310 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
311 AC_TRY_LINK([], [], [blibflags=$tryflags])
312 fi
313 done
314 if (test -z "$blibflags"); then
315 AC_MSG_RESULT(not found)
316 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
317 else
318 AC_MSG_RESULT($blibflags)
bd499f9e 319 fi
68ece370 320 LDFLAGS="$saved_LDFLAGS"
e351e493 321 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 322 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
323 [Define if you want to enable AIX4's authenticate function])],
0764e748 324 [AC_CHECK_LIB(s,authenticate,
e351e493 325 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 326 LIBS="$LIBS -ls"
327 ])
328 ])
ba603e06 329 dnl Check for various auth function declarations in headers.
c85ed8e2 330 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 331 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 332 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 333 AC_CHECK_DECLS(loginfailed,
e351e493 334 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
335 AC_TRY_COMPILE(
f58c0e01 336 [#include <usersec.h>],
e351e493 337 [(void)loginfailed("user","host","tty",0);],
338 [AC_MSG_RESULT(yes)
3466e002 339 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
340 [Define if your AIX loginfailed() function
341 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 342 [AC_MSG_RESULT(no)]
e351e493 343 )],
344 [],
345 [#include <usersec.h>]
346 )
2aa3a16c 347 AC_CHECK_FUNCS(setauthdb)
53c337ed 348 AC_CHECK_DECL(F_CLOSEM,
795e7517 349 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 350 [],
351 [ #include <limits.h>
352 #include <fcntl.h> ]
353 )
5ccf88cb 354 check_for_aix_broken_getaddrinfo=1
3466e002 355 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
356 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
357 [Define if your platform breaks doing a seteuid before a setuid])
358 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
359 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 360 dnl AIX handles lastlog as part of its login message
3466e002 361 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
362 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
363 [Some systems need a utmpx entry for /bin/login to work])
364 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
365 [Define to a Set Process Title type if your system is
366 supported by bsd-setproctitle.c])
961c2997 367 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
368 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 369 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 370 ;;
3c62e7eb 371*-*-cygwin*)
a52997bd 372 check_for_libcrypt_later=1
04765d02 373 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 374 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
375 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
376 AC_DEFINE(DISABLE_SHADOW, 1,
377 [Define if you want to disable shadow passwords])
378 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
379 [Define if your system choked on IP TOS setting])
380 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
381 [Define if X11 doesn't support AF_UNIX sockets on that system])
382 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
383 [Define if the concept of ports only accessible to
384 superusers isn't known])
385 AC_DEFINE(DISABLE_FD_PASSING, 1,
386 [Define if your platform needs to skip post auth
387 file descriptor passing])
3c62e7eb 388 ;;
d6fdb079 389*-*-dgux*)
390 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 391 AC_DEFINE(SETEUID_BREAKS_SETUID)
392 AC_DEFINE(BROKEN_SETREUID)
393 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 394 ;;
39c98ef7 395*-*-darwin*)
33e2e066 396 AC_MSG_CHECKING(if we have working getaddrinfo)
397 AC_TRY_RUN([#include <mach-o/dyld.h>
398main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
399 exit(0);
400 else
401 exit(1);
402}], [AC_MSG_RESULT(working)],
403 [AC_MSG_RESULT(buggy)
3466e002 404 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 405 [AC_MSG_RESULT(assume it is working)])
635e0c42 406 AC_DEFINE(SETEUID_BREAKS_SETUID)
407 AC_DEFINE(BROKEN_SETREUID)
408 AC_DEFINE(BROKEN_SETREGID)
3466e002 409 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
410 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 411 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
412 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
413 [Use tunnel device compatibility to OpenBSD])
414 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
415 [Prepend the address family to IP tunnel traffic])
39c98ef7 416 ;;
36f36ba3 417*-*-dragonfly*)
418 SSHDLIBS="$SSHDLIBS -lcrypt"
419 ;;
7d458c86 420*-*-hpux*)
421 # first we define all of the options common to all HP-UX releases
b8fea62d 422 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 423 IPADDR_IN_DISPLAY=yes
2b10f47a 424 AC_DEFINE(USE_PIPES)
3466e002 425 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
426 [Define if your login program cannot handle end of options ("--")])
a2572aa7 427 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 428 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
429 [String used in /etc/passwd to denote locked account])
3a2b2b44 430 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 431 MAIL="/var/mail/username"
f75ca46d 432 LIBS="$LIBS -lsec"
7d458c86 433 AC_CHECK_LIB(xnet, t_error, ,
434 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
435
436 # next, we define all of the options specific to major releases
437 case "$host" in
438 *-*-hpux10*)
439 if test -z "$GCC"; then
440 CFLAGS="$CFLAGS -Ae"
441 fi
442 ;;
443 *-*-hpux11*)
3466e002 444 AC_DEFINE(PAM_SUN_CODEBASE, 1,
445 [Define if you are using Solaris-derived PAM which
446 passes pam_messages to the conversation function
447 with an extra level of indirection])
448 AC_DEFINE(DISABLE_UTMP, 1,
449 [Define if you don't want to use utmp])
7d458c86 450 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
451 check_for_hpux_broken_getaddrinfo=1
452 check_for_conflicting_getspnam=1
453 ;;
454 esac
455
456 # lastly, we define options specific to minor releases
457 case "$host" in
458 *-*-hpux10.26)
3466e002 459 AC_DEFINE(HAVE_SECUREWARE, 1,
460 [Define if you have SecureWare-based
461 protected password database])
7d458c86 462 disable_ptmx_check=yes
463 LIBS="$LIBS -lsecpw"
464 ;;
465 esac
2b763e31 466 ;;
d94aa2ae 467*-*-irix5*)
6ac7829a 468 PATH="$PATH:/usr/etc"
3466e002 469 AC_DEFINE(BROKEN_INET_NTOA, 1,
470 [Define if you system's inet_ntoa is busted
471 (e.g. Irix gcc issue)])
cb433561 472 AC_DEFINE(SETEUID_BREAKS_SETUID)
473 AC_DEFINE(BROKEN_SETREUID)
474 AC_DEFINE(BROKEN_SETREGID)
3466e002 475 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
476 [Define if you shouldn't strip 'tty' from your
477 ttyname in [uw]tmp])
3e6e3da0 478 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 479 ;;
480*-*-irix6*)
6ac7829a 481 PATH="$PATH:/usr/etc"
3466e002 482 AC_DEFINE(WITH_IRIX_ARRAY, 1,
483 [Define if you have/want arrays
484 (cluster-wide session managment, not C arrays)])
485 AC_DEFINE(WITH_IRIX_PROJECT, 1,
486 [Define if you want IRIX project management])
487 AC_DEFINE(WITH_IRIX_AUDIT, 1,
488 [Define if you want IRIX audit trails])
489 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
490 [Define if you want IRIX kernel jobs])])
416ed5a7 491 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 492 AC_DEFINE(SETEUID_BREAKS_SETUID)
493 AC_DEFINE(BROKEN_SETREUID)
494 AC_DEFINE(BROKEN_SETREGID)
3466e002 495 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 496 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 497 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 498 ;;
5cdfe03f 499*-*-linux*)
500 no_dev_ptmx=1
717057b6 501 check_for_libcrypt_later=1
eacb954e 502 check_for_openpty_ctty_bug=1
3466e002 503 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
504 AC_DEFINE(PAM_TTY_KLUDGE, 1,
505 [Work around problematic Linux PAM modules handling of PAM_TTY])
506 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
507 [String used in /etc/passwd to denote locked account])
3a2b2b44 508 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 509 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
510 [Define to whatever link() returns for "not supported"
511 if it doesn't return EOPNOTSUPP.])
b6610e8f 512 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 513 AC_DEFINE(USE_BTMP)
80faa19f 514 inet6_default_4in6=yes
bf7c1e6c 515 case `uname -r` in
ad84c479 516 1.*|2.0.*)
3466e002 517 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
518 [Define if cmsg_type is not passed correctly])
bf7c1e6c 519 ;;
bf7c1e6c 520 esac
c40f09ca 521 # tun(4) forwarding compat code
d91775e1 522 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 523 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 524 AC_DEFINE(SSH_TUN_LINUX, 1,
525 [Open tunnel devices the Linux tun/tap way])
526 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
527 [Use tunnel device compatibility to OpenBSD])
528 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
529 [Prepend the address family to IP tunnel traffic])
530 fi
5cdfe03f 531 ;;
66d6c27e 532mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 533 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 534 SONY=1
66d6c27e 535 ;;
d468fc76 536*-*-netbsd*)
33e2e066 537 check_for_libcrypt_before=1
82f4e93d 538 if test "x$withval" != "xno" ; then
e6354014 539 need_dash_r=1
540 fi
0f6cb079 541 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
542 AC_CHECK_HEADER([net/if_tap.h], ,
543 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
544 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
545 [Prepend the address family to IP tunnel traffic])
d468fc76 546 ;;
86b416a7 547*-*-freebsd*)
548 check_for_libcrypt_later=1
988c5031 549 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 550 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
551 AC_CHECK_HEADER([net/if_tap.h], ,
552 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 553 ;;
8707b7eb 554*-*-bsdi*)
555 AC_DEFINE(SETEUID_BREAKS_SETUID)
556 AC_DEFINE(BROKEN_SETREUID)
557 AC_DEFINE(BROKEN_SETREGID)
558 ;;
729bfe59 559*-next-*)
729bfe59 560 conf_lastlog_location="/usr/adm/lastlog"
698d107e 561 conf_utmp_location=/etc/utmp
562 conf_wtmp_location=/usr/adm/wtmp
563 MAIL=/usr/spool/mail
3466e002 564 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 565 AC_DEFINE(BROKEN_REALPATH)
00937921 566 AC_DEFINE(USE_PIPES)
3466e002 567 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 568 ;;
5b7b5e23 569*-*-openbsd*)
570 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 571 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 572 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 573 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
574 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 575 ;;
9d6b1b96 576*-*-solaris*)
82f4e93d 577 if test "x$withval" != "xno" ; then
010e9d5b 578 need_dash_r=1
579 fi
adeebd37 580 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 581 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 582 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
583 [Some versions of /bin/login need the TERM supplied
584 on the commandline])
7f0a4ff1 585 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 586 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
587 [Define if pam_chauthtok wants real uid set
588 to the unpriv'ed user])
3e6e3da0 589 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 590 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 591 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
592 [Define if sshd somehow reacquires a controlling TTY
593 after setsid()])
795aa5f5 594 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
595 in case the name is longer than 8 chars])
95b99395 596 external_path_file=/etc/default/login
1d7b9b20 597 # hardwire lastlog location (can't detect it on some versions)
598 conf_lastlog_location="/var/adm/lastlog"
32c80420 599 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
600 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
601 if test "$sol2ver" -ge 8; then
602 AC_MSG_RESULT(yes)
603 AC_DEFINE(DISABLE_UTMP)
3466e002 604 AC_DEFINE(DISABLE_WTMP, 1,
605 [Define if you don't want to use wtmp])
32c80420 606 else
607 AC_MSG_RESULT(no)
608 fi
5b84789f 609 AC_ARG_WITH(solaris-contracts,
610 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
611 [
612 AC_CHECK_LIB(contract, ct_tmpl_activate,
613 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
614 [Define if you have Solaris process contracts])
615 SSHDLIBS="$SSHDLIBS -lcontract"
616 AC_SUBST(SSHDLIBS)
617 SPC_MSG="yes" ], )
618 ],
619 )
9d6b1b96 620 ;;
a423beaf 621*-*-sunos4*)
0c2fb82f 622 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 623 AC_CHECK_FUNCS(getpwanam)
adeebd37 624 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 625 conf_utmp_location=/etc/utmp
626 conf_wtmp_location=/var/adm/wtmp
627 conf_lastlog_location=/var/adm/lastlog
137d7b6c 628 AC_DEFINE(USE_PIPES)
a423beaf 629 ;;
6f68f28a 630*-ncr-sysv*)
98a7c37b 631 LIBS="$LIBS -lc89"
29525240 632 AC_DEFINE(USE_PIPES)
eabb99c6 633 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 634 AC_DEFINE(SETEUID_BREAKS_SETUID)
635 AC_DEFINE(BROKEN_SETREUID)
636 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 637 ;;
132dd316 638*-sni-sysv*)
c8c15bcb 639 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 640 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 641 # -lresolv needs to be at the end of LIBS or DNS lookups break
642 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 643 IPADDR_IN_DISPLAY=yes
644 AC_DEFINE(USE_PIPES)
132dd316 645 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 646 AC_DEFINE(SETEUID_BREAKS_SETUID)
647 AC_DEFINE(BROKEN_SETREUID)
648 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 649 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 650 external_path_file=/etc/default/login
c8c15bcb 651 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
652 # Attention: always take care to bind libsocket and libnsl before libc,
653 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 654 ;;
79a7ba96 655# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 656*-*-sysv4.2*)
ed6553e2 657 AC_DEFINE(USE_PIPES)
7ed101c0 658 AC_DEFINE(SETEUID_BREAKS_SETUID)
659 AC_DEFINE(BROKEN_SETREUID)
660 AC_DEFINE(BROKEN_SETREGID)
46f853b9 661 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 662 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 663 ;;
79a7ba96 664# UnixWare 7.x, OpenUNIX 8
77bb0bca 665*-*-sysv5*)
d7d2cc6e 666 check_for_libcrypt_later=1
667 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 668 AC_DEFINE(USE_PIPES)
7ed101c0 669 AC_DEFINE(SETEUID_BREAKS_SETUID)
670 AC_DEFINE(BROKEN_SETREUID)
671 AC_DEFINE(BROKEN_SETREGID)
3466e002 672 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 673 case "$host" in
674 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
675 TEST_SHELL=/u95/bin/sh
3466e002 676 AC_DEFINE(BROKEN_LIBIAF, 1,
677 [ia_uinfo routines not supported by OS yet])
5cc6ddad 678 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 679 ;;
e45da4d6 680 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
681 ;;
822015dd 682 esac
77bb0bca 683 ;;
9d6b1b96 684*-*-sysv*)
9d6b1b96 685 ;;
79a7ba96 686# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 687*-*-sco3.2v4*)
11cf4f1f 688 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 689 ;;
79a7ba96 690# SCO OpenServer 5.x
77bb0bca 691*-*-sco3.2v5*)
21710e39 692 if test -z "$GCC"; then
693 CFLAGS="$CFLAGS -belf"
694 fi
ed6553e2 695 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 696 no_dev_ptmx=1
ed6553e2 697 AC_DEFINE(USE_PIPES)
6e879cb4 698 AC_DEFINE(HAVE_SECUREWARE)
d287c664 699 AC_DEFINE(DISABLE_SHADOW)
94d8258b 700 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 701 AC_DEFINE(SETEUID_BREAKS_SETUID)
702 AC_DEFINE(BROKEN_SETREUID)
703 AC_DEFINE(BROKEN_SETREGID)
bcebad47 704 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 705 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 706 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 707 AC_CHECK_FUNCS(getluid setluid)
533875af 708 MANTYPE=man
a3245b92 709 TEST_SHELL=ksh
509b1f88 710 ;;
ccbb983c 711*-*-unicosmk*)
3466e002 712 AC_DEFINE(NO_SSH_LASTLOG, 1,
713 [Define if you don't want to use lastlog in session.c])
c1ad5966 714 AC_DEFINE(SETEUID_BREAKS_SETUID)
715 AC_DEFINE(BROKEN_SETREUID)
716 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 717 AC_DEFINE(USE_PIPES)
718 AC_DEFINE(DISABLE_FD_PASSING)
719 LDFLAGS="$LDFLAGS"
720 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
721 MANTYPE=cat
d262b7f2 722 ;;
7b9a8c6e 723*-*-unicosmp*)
c1ad5966 724 AC_DEFINE(SETEUID_BREAKS_SETUID)
725 AC_DEFINE(BROKEN_SETREUID)
726 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 727 AC_DEFINE(WITH_ABBREV_NO_TTY)
728 AC_DEFINE(USE_PIPES)
729 AC_DEFINE(DISABLE_FD_PASSING)
730 LDFLAGS="$LDFLAGS"
c1ad5966 731 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 732 MANTYPE=cat
733 ;;
ca5c7d6a 734*-*-unicos*)
c1ad5966 735 AC_DEFINE(SETEUID_BREAKS_SETUID)
736 AC_DEFINE(BROKEN_SETREUID)
737 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 738 AC_DEFINE(USE_PIPES)
94d8258b 739 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 740 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 741 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
742 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
743 MANTYPE=cat
a704dd54 744 ;;
4d33e531 745*-dec-osf*)
99c8ddac 746 AC_MSG_CHECKING(for Digital Unix SIA)
747 no_osfsia=""
748 AC_ARG_WITH(osfsia,
749 [ --with-osfsia Enable Digital Unix SIA],
750 [
751 if test "x$withval" = "xno" ; then
752 AC_MSG_RESULT(disabled)
753 no_osfsia=1
754 fi
755 ],
756 )
757 if test -z "$no_osfsia" ; then
4d33e531 758 if test -f /etc/sia/matrix.conf; then
759 AC_MSG_RESULT(yes)
3466e002 760 AC_DEFINE(HAVE_OSF_SIA, 1,
761 [Define if you have Digital Unix Security
762 Integration Architecture])
763 AC_DEFINE(DISABLE_LOGIN, 1,
764 [Define if you don't want to use your
765 system's login() call])
58d0df4e 766 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 767 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 768 SIA_MSG="yes"
4d33e531 769 else
770 AC_MSG_RESULT(no)
3466e002 771 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
772 [String used in /etc/passwd to denote locked account])
4d33e531 773 fi
774 fi
a6e67b60 775 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 776 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 777 AC_DEFINE(BROKEN_SETREUID)
778 AC_DEFINE(BROKEN_SETREGID)
4d33e531 779 ;;
41cb4569 780
9c54c067 781*-*-nto-qnx*)
41cb4569 782 AC_DEFINE(USE_PIPES)
783 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 784 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
785 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
786 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 787 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 788 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 789 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 790 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 791 case "$host" in
792 *-*-nto-qnx6*)
793 AC_DEFINE(DISABLE_FD_PASSING)
794 ;;
795 esac
41cb4569 796 ;;
35fc74ed 797
798*-*-ultrix*)
3466e002 799 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
800 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 801 AC_DEFINE(NEED_SETPGRP)
b5765e1d 802 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
803 ;;
157b6700 804
805*-*-lynxos)
806 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 807 AC_DEFINE(MISSING_HOWMANY)
157b6700 808 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
809 ;;
a7effaac 810esac
811
c5829391 812AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 813AC_RUN_IFELSE(
814 [AC_LANG_SOURCE([
c5829391 815#include <stdio.h>
816int main(){exit(0);}
479cece8 817 ])],
c5829391 818 [ AC_MSG_RESULT(yes) ],
819 [
820 AC_MSG_RESULT(no)
821 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 822 ],
823 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 824)
825
b04a9f8c 826dnl Checks for header files.
a0391976 827# Checks for libraries.
98a7c37b 828AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
829AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 830
446227d6 831dnl IRIX and Solaris 2.5.1 have dirname() in libgen
832AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
833 AC_CHECK_LIB(gen, dirname,[
834 AC_CACHE_CHECK([for broken dirname],
835 ac_cv_have_broken_dirname, [
836 save_LIBS="$LIBS"
837 LIBS="$LIBS -lgen"
b0e7249f 838 AC_RUN_IFELSE(
839 [AC_LANG_SOURCE([[
446227d6 840#include <libgen.h>
841#include <string.h>
842
843int main(int argc, char **argv) {
844 char *s, buf[32];
845
846 strncpy(buf,"/etc", 32);
847 s = dirname(buf);
848 if (!s || strncmp(s, "/", 32) != 0) {
849 exit(1);
850 } else {
851 exit(0);
852 }
853}
b0e7249f 854 ]])],
855 [ ac_cv_have_broken_dirname="no" ],
856 [ ac_cv_have_broken_dirname="yes" ],
446227d6 857 [ ac_cv_have_broken_dirname="no" ],
446227d6 858 )
859 LIBS="$save_LIBS"
860 ])
861 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
862 LIBS="$LIBS -lgen"
863 AC_DEFINE(HAVE_DIRNAME)
864 AC_CHECK_HEADERS(libgen.h)
865 fi
866 ])
867])
868
869AC_CHECK_FUNC(getspnam, ,
870 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 871AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
872 [Define if you have the basename function.]))
446227d6 873
98a7c37b 874dnl zlib is required
875AC_ARG_WITH(zlib,
876 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 877 [ if test "x$withval" = "xno" ; then
878 AC_MSG_ERROR([*** zlib is required ***])
879 elif test "x$withval" != "xyes"; then
98a7c37b 880 if test -d "$withval/lib"; then
881 if test -n "${need_dash_r}"; then
5a162955 882 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 883 else
5a162955 884 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 885 fi
886 else
887 if test -n "${need_dash_r}"; then
5a162955 888 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 889 else
5a162955 890 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 891 fi
892 fi
893 if test -d "$withval/include"; then
5a162955 894 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 895 else
5a162955 896 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 897 fi
6dd05556 898 fi ]
98a7c37b 899)
900
0a15d73b 901AC_CHECK_LIB(z, deflate, ,
902 [
903 saved_CPPFLAGS="$CPPFLAGS"
904 saved_LDFLAGS="$LDFLAGS"
905 save_LIBS="$LIBS"
906 dnl Check default zlib install dir
907 if test -n "${need_dash_r}"; then
908 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
909 else
910 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
911 fi
912 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
913 LIBS="$LIBS -lz"
914 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
915 [
916 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
917 ]
918 )
919 ]
920)
4ad65809 921AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 922
923AC_ARG_WITH(zlib-version-check,
924 [ --without-zlib-version-check Disable zlib version check],
925 [ if test "x$withval" = "xno" ; then
926 zlib_check_nonfatal=1
927 fi
928 ]
929)
930
5c7fc85d 931AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 932AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 933#include <stdio.h>
4ad65809 934#include <zlib.h>
935int main()
936{
5c7fc85d 937 int a=0, b=0, c=0, d=0, n, v;
938 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
939 if (n != 3 && n != 4)
4ad65809 940 exit(1);
5c7fc85d 941 v = a*1000000 + b*10000 + c*100 + d;
942 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
943
944 /* 1.1.4 is OK */
945 if (a == 1 && b == 1 && c >= 4)
4ad65809 946 exit(0);
5c7fc85d 947
0072b59d 948 /* 1.2.3 and up are OK */
949 if (v >= 1020300)
5c7fc85d 950 exit(0);
951
4ad65809 952 exit(2);
953}
479cece8 954 ]])],
5c7fc85d 955 AC_MSG_RESULT(no),
956 [ AC_MSG_RESULT(yes)
8068d564 957 if test -z "$zlib_check_nonfatal" ; then
958 AC_MSG_ERROR([*** zlib too old - check config.log ***
959Your reported zlib version has known security problems. It's possible your
960vendor has fixed these problems without changing the version number. If you
961are sure this is the case, you can disable the check by running
962"./configure --without-zlib-version-check".
6090bcfe 963If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 964See http://www.gzip.org/zlib/ for details.])
8068d564 965 else
966 AC_MSG_WARN([zlib version may have security problems])
967 fi
1a01a50c 968 ],
969 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 970)
48e7916f 971
2c523de9 972dnl UnixWare 2.x
aff51935 973AC_CHECK_FUNC(strcasecmp,
2c523de9 974 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
975)
23361281 976AC_CHECK_FUNCS(utimes,
cda1ebcb 977 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
978 LIBS="$LIBS -lc89"]) ]
2c523de9 979)
4cca272e 980
7c6d759d 981dnl Checks for libutil functions
982AC_CHECK_HEADERS(libutil.h)
3466e002 983AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
984 [Define if your libraries define login()])])
7c6d759d 985AC_CHECK_FUNCS(logout updwtmp logwtmp)
986
a738c3b0 987AC_FUNC_STRFTIME
988
84ceda19 989# Check for ALTDIRFUNC glob() extension
990AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
991AC_EGREP_CPP(FOUNDIT,
992 [
993 #include <glob.h>
994 #ifdef GLOB_ALTDIRFUNC
995 FOUNDIT
996 #endif
aff51935 997 ],
84ceda19 998 [
3466e002 999 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1000 [Define if your system glob() function has
1001 the GLOB_ALTDIRFUNC extension])
84ceda19 1002 AC_MSG_RESULT(yes)
1003 ],
1004 [
1005 AC_MSG_RESULT(no)
1006 ]
1007)
4cca272e 1008
40849fdb 1009# Check for g.gl_matchc glob() extension
1010AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1011AC_TRY_COMPILE(
13ff27b7 1012 [ #include <glob.h> ],
1013 [glob_t g; g.gl_matchc = 1;],
aff51935 1014 [
3466e002 1015 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1016 [Define if your system glob() function has
1017 gl_matchc options in glob_t])
aff51935 1018 AC_MSG_RESULT(yes)
1019 ],
1020 [
1021 AC_MSG_RESULT(no)
1022 ]
40849fdb 1023)
1024
78888bab 1025AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1026
edbe6722 1027AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1028AC_RUN_IFELSE(
479cece8 1029 [AC_LANG_SOURCE([[
edbe6722 1030#include <sys/types.h>
1031#include <dirent.h>
aec4cb4f 1032int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1033 ]])],
aff51935 1034 [AC_MSG_RESULT(yes)],
edbe6722 1035 [
1036 AC_MSG_RESULT(no)
3466e002 1037 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1038 [Define if your struct dirent expects you to
3466e002 1039 allocate extra space for d_name])
1a01a50c 1040 ],
82f4e93d 1041 [
1a01a50c 1042 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1043 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1044 ]
1045)
1046
419e26e7 1047AC_MSG_CHECKING([for /proc/pid/fd directory])
1048if test -d "/proc/$$/fd" ; then
3466e002 1049 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1050 AC_MSG_RESULT(yes)
1051else
1052 AC_MSG_RESULT(no)
1053fi
1054
278588d8 1055# Check whether user wants S/Key support
aff51935 1056SKEY_MSG="no"
278588d8 1057AC_ARG_WITH(skey,
6ff3d0dc 1058 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1059 [
1060 if test "x$withval" != "xno" ; then
1061
1062 if test "x$withval" != "xyes" ; then
1063 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1064 LDFLAGS="$LDFLAGS -L${withval}/lib"
1065 fi
1066
3466e002 1067 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1068 LIBS="-lskey $LIBS"
aff51935 1069 SKEY_MSG="yes"
82f4e93d 1070
ddceb1c8 1071 AC_MSG_CHECKING([for s/key support])
b0e7249f 1072 AC_LINK_IFELSE(
1073 [AC_LANG_SOURCE([[
ddceb1c8 1074#include <stdio.h>
1075#include <skey.h>
aec4cb4f 1076int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1077 ]])],
ddceb1c8 1078 [AC_MSG_RESULT(yes)],
278588d8 1079 [
ddceb1c8 1080 AC_MSG_RESULT(no)
278588d8 1081 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1082 ])
141fc639 1083 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1084 AC_TRY_COMPILE(
1085 [#include <stdio.h>
1086 #include <skey.h>],
1087 [(void)skeychallenge(NULL,"name","",0);],
1088 [AC_MSG_RESULT(yes)
3466e002 1089 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1090 [Define if your skeychallenge()
1091 function takes 4 arguments (NetBSD)])],
141fc639 1092 [AC_MSG_RESULT(no)]
1093 )
278588d8 1094 fi
1095 ]
1096)
1097
1098# Check whether user wants TCP wrappers support
98a7c37b 1099TCPW_MSG="no"
278588d8 1100AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1101 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1102 [
1103 if test "x$withval" != "xno" ; then
1104 saved_LIBS="$LIBS"
98a7c37b 1105 saved_LDFLAGS="$LDFLAGS"
1106 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1107 if test -n "${withval}" && \
6cf0200f 1108 test "x${withval}" != "xyes"; then
98a7c37b 1109 if test -d "${withval}/lib"; then
1110 if test -n "${need_dash_r}"; then
5a162955 1111 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1112 else
5a162955 1113 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1114 fi
1115 else
1116 if test -n "${need_dash_r}"; then
5a162955 1117 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1118 else
5a162955 1119 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1120 fi
1121 fi
1122 if test -d "${withval}/include"; then
5a162955 1123 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1124 else
5a162955 1125 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1126 fi
98a7c37b 1127 fi
e54defb4 1128 LIBS="-lwrap $LIBS"
278588d8 1129 AC_MSG_CHECKING(for libwrap)
1130 AC_TRY_LINK(
1131 [
77f09220 1132#include <sys/types.h>
1133#include <sys/socket.h>
1134#include <netinet/in.h>
278588d8 1135#include <tcpd.h>
1136 int deny_severity = 0, allow_severity = 0;
1137 ],
1138 [hosts_access(0);],
1139 [
1140 AC_MSG_RESULT(yes)
3466e002 1141 AC_DEFINE(LIBWRAP, 1,
1142 [Define if you want
1143 TCP Wrappers support])
e54defb4 1144 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1145 TCPW_MSG="yes"
278588d8 1146 ],
1147 [
1148 AC_MSG_ERROR([*** libwrap missing])
1149 ]
1150 )
ddceb1c8 1151 LIBS="$saved_LIBS"
278588d8 1152 fi
1153 ]
1154)
1155
59031773 1156# Check whether user wants libedit support
1157LIBEDIT_MSG="no"
1158AC_ARG_WITH(libedit,
6ff3d0dc 1159 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1160 [ if test "x$withval" != "xno" ; then
737edf04 1161 if test "x$withval" != "xyes"; then
bb116c8e 1162 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1163 if test -n "${need_dash_r}"; then
1164 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1165 else
1166 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1167 fi
737edf04 1168 fi
59031773 1169 AC_CHECK_LIB(edit, el_init,
3466e002 1170 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1171 LIBEDIT="-ledit -lcurses"
1172 LIBEDIT_MSG="yes"
1173 AC_SUBST(LIBEDIT)
1174 ],
737edf04 1175 [ AC_MSG_ERROR(libedit not found) ],
1176 [ -lcurses ]
59031773 1177 )
f47ddccb 1178 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1179 AC_COMPILE_IFELSE(
1180 [AC_LANG_SOURCE([[
1181#include <histedit.h>
f47ddccb 1182int main(void)
1183{
1184 int i = H_SETSIZE;
1185 el_init("", NULL, NULL, NULL);
1186 exit(0);
1187}
d92622f9 1188 ]])],
f47ddccb 1189 [ AC_MSG_RESULT(yes) ],
1190 [ AC_MSG_RESULT(no)
1191 AC_MSG_ERROR(libedit version is not compatible) ]
1192 )
59031773 1193 fi ]
1194)
1195
7b578f7d 1196AUDIT_MODULE=none
1197AC_ARG_WITH(audit,
1198 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1199 [
1200 AC_MSG_CHECKING(for supported audit module)
1201 case "$withval" in
1202 bsm)
1203 AC_MSG_RESULT(bsm)
1204 AUDIT_MODULE=bsm
1205 dnl Checks for headers, libs and functions
1206 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1207 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1208 [
1209#ifdef HAVE_TIME_H
1210# include <time.h>
1211#endif
1212 ]
1213)
7b578f7d 1214 AC_CHECK_LIB(bsm, getaudit, [],
1215 [AC_MSG_ERROR(BSM enabled and required library not found)])
1216 AC_CHECK_FUNCS(getaudit, [],
1217 [AC_MSG_ERROR(BSM enabled and required function not found)])
1218 # These are optional
7939c496 1219 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1220 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1221 ;;
1222 debug)
1223 AUDIT_MODULE=debug
1224 AC_MSG_RESULT(debug)
3466e002 1225 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1226 ;;
a2b3321d 1227 no)
d92622f9 1228 AC_MSG_RESULT(no)
a2b3321d 1229 ;;
7b578f7d 1230 *)
1231 AC_MSG_ERROR([Unknown audit module $withval])
1232 ;;
1233 esac ]
1234)
1235
19160674 1236dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1237AC_CHECK_FUNCS( \
1238 arc4random \
9a406e1e 1239 asprintf \
b04a9f8c 1240 b64_ntop \
1241 __b64_ntop \
1242 b64_pton \
1243 __b64_pton \
1244 bcopy \
1245 bindresvport_sa \
1246 clock \
1247 closefrom \
1248 dirfd \
b04a9f8c 1249 fchmod \
1250 fchown \
1251 freeaddrinfo \
1252 futimes \
1253 getaddrinfo \
1254 getcwd \
1255 getgrouplist \
1256 getnameinfo \
1257 getopt \
1258 getpeereid \
1961d660 1259 getpeerucred \
b04a9f8c 1260 _getpty \
1261 getrlimit \
1262 getttyent \
1263 glob \
1264 inet_aton \
1265 inet_ntoa \
1266 inet_ntop \
1267 innetgr \
1268 login_getcapbool \
1269 md5_crypt \
1270 memmove \
1271 mkdtemp \
1272 mmap \
1273 ngetaddrinfo \
1274 nsleep \
1275 ogetaddrinfo \
1276 openlog_r \
1277 openpty \
6d39a5c4 1278 poll \
b04a9f8c 1279 prctl \
1280 pstat \
1281 readpassphrase \
1282 realpath \
1283 recvmsg \
1284 rresvport_af \
1285 sendmsg \
1286 setdtablesize \
1287 setegid \
1288 setenv \
1289 seteuid \
1290 setgroups \
1291 setlogin \
1292 setpcred \
1293 setproctitle \
1294 setregid \
1295 setreuid \
1296 setrlimit \
1297 setsid \
1298 setvbuf \
1299 sigaction \
1300 sigvec \
1301 snprintf \
1302 socketpair \
1303 strdup \
1304 strerror \
1305 strlcat \
1306 strlcpy \
1307 strmode \
1308 strnvis \
1309 strtonum \
1e29a0c8 1310 strtoll \
b04a9f8c 1311 strtoul \
1aac2117 1312 swap32 \
b04a9f8c 1313 sysconf \
1314 tcgetpgrp \
1315 truncate \
1316 unsetenv \
1317 updwtmpx \
9a406e1e 1318 vasprintf \
b04a9f8c 1319 vhangup \
1320 vsnprintf \
1321 waitpid \
19160674 1322)
98a7c37b 1323
1a086f97 1324# IRIX has a const char return value for gai_strerror()
1325AC_CHECK_FUNCS(gai_strerror,[
1326 AC_DEFINE(HAVE_GAI_STRERROR)
1327 AC_TRY_COMPILE([
1328#include <sys/types.h>
1329#include <sys/socket.h>
1330#include <netdb.h>
1331
1332const char *gai_strerror(int);],[
1333char *str;
1334
1335str = gai_strerror(0);],[
1336 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1337 [Define if gai_strerror() returns const char *])])])
1338
3466e002 1339AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1340 [Some systems put nanosleep outside of libc]))
92b1decf 1341
309709db 1342dnl Make sure prototypes are defined for these before using them.
309709db 1343AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1344AC_CHECK_DECL(strsep,
1345 [AC_CHECK_FUNCS(strsep)],
1346 [],
1347 [
1348#ifdef HAVE_STRING_H
1349# include <string.h>
1350#endif
1351 ])
08412d26 1352
3490699c 1353dnl tcsendbreak might be a macro
1354AC_CHECK_DECL(tcsendbreak,
1355 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1356 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1357 [#include <termios.h>]
1358)
1359
41e0e158 1360AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1361
71f4c727 1362AC_CHECK_DECLS(SHUT_RD, , ,
1363 [
1364#include <sys/types.h>
1365#include <sys/socket.h>
1366 ])
956d6743 1367
1368AC_CHECK_DECLS(O_NONBLOCK, , ,
1369 [
1370#include <sys/types.h>
1371#ifdef HAVE_SYS_STAT_H
1372# include <sys/stat.h>
1373#endif
1374#ifdef HAVE_FCNTL_H
1375# include <fcntl.h>
1376#endif
1377 ])
1378
752994dd 1379AC_CHECK_DECLS(writev, , , [
1380#include <sys/types.h>
1381#include <sys/uio.h>
1382#include <unistd.h>
1383 ])
1384
0bf6279d 1385AC_CHECK_DECLS(MAXSYMLINKS, , , [
1386#include <sys/param.h>
1387 ])
1388
b41ece30 1389AC_CHECK_DECLS(offsetof, , , [
1390#include <stddef.h>
1391 ])
1392
3f176010 1393AC_CHECK_FUNCS(setresuid, [
1394 dnl Some platorms have setresuid that isn't implemented, test for this
1395 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1396 AC_RUN_IFELSE(
1397 [AC_LANG_SOURCE([[
9a3fe0e2 1398#include <stdlib.h>
1399#include <errno.h>
1400int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1401 ]])],
3f176010 1402 [AC_MSG_RESULT(yes)],
3466e002 1403 [AC_DEFINE(BROKEN_SETRESUID, 1,
1404 [Define if your setresuid() is broken])
1a01a50c 1405 AC_MSG_RESULT(not implemented)],
1406 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1407 )
1408])
9a3fe0e2 1409
3f176010 1410AC_CHECK_FUNCS(setresgid, [
1411 dnl Some platorms have setresgid that isn't implemented, test for this
1412 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1413 AC_RUN_IFELSE(
1414 [AC_LANG_SOURCE([[
9a3fe0e2 1415#include <stdlib.h>
1416#include <errno.h>
1417int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1418 ]])],
3f176010 1419 [AC_MSG_RESULT(yes)],
3466e002 1420 [AC_DEFINE(BROKEN_SETRESGID, 1,
1421 [Define if your setresgid() is broken])
1a01a50c 1422 AC_MSG_RESULT(not implemented)],
1423 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1424 )
1425])
9a3fe0e2 1426
2e73a022 1427dnl Checks for time functions
1d7b9b20 1428AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1429dnl Checks for utmp functions
b03bd394 1430AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1431AC_CHECK_FUNCS(utmpname)
2e73a022 1432dnl Checks for utmpx functions
b03bd394 1433AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1434AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1435
aff51935 1436AC_CHECK_FUNC(daemon,
3466e002 1437 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1438 [AC_CHECK_LIB(bsd, daemon,
1439 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1440)
1441
aff51935 1442AC_CHECK_FUNC(getpagesize,
3466e002 1443 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1444 [Define if your libraries define getpagesize()])],
1445 [AC_CHECK_LIB(ucb, getpagesize,
1446 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1447)
1448
2647ae26 1449# Check for broken snprintf
1450if test "x$ac_cv_func_snprintf" = "xyes" ; then
1451 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1452 AC_RUN_IFELSE(
479cece8 1453 [AC_LANG_SOURCE([[
2647ae26 1454#include <stdio.h>
aec4cb4f 1455int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1456 ]])],
aff51935 1457 [AC_MSG_RESULT(yes)],
2647ae26 1458 [
1459 AC_MSG_RESULT(no)
3466e002 1460 AC_DEFINE(BROKEN_SNPRINTF, 1,
1461 [Define if your snprintf is busted])
2647ae26 1462 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1463 ],
1464 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1465 )
1466fi
1467
9a406e1e 1468# If we don't have a working asprintf, then we strongly depend on vsnprintf
1469# returning the right thing on overflow: the number of characters it tried to
1470# create (as per SUSv3)
1471if test "x$ac_cv_func_asprintf" != "xyes" && \
1472 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1473 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1474 AC_RUN_IFELSE(
1475 [AC_LANG_SOURCE([[
1476#include <sys/types.h>
1477#include <stdio.h>
1478#include <stdarg.h>
1479
1480int x_snprintf(char *str,size_t count,const char *fmt,...)
1481{
1482 size_t ret; va_list ap;
1483 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1484 return ret;
1485}
1486int main(void)
1487{
1488 char x[1];
1489 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1490} ]])],
1491 [AC_MSG_RESULT(yes)],
1492 [
1493 AC_MSG_RESULT(no)
1494 AC_DEFINE(BROKEN_SNPRINTF, 1,
1495 [Define if your snprintf is busted])
1496 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1497 ],
1498 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1499 )
1500fi
1501
31b0732a 1502# On systems where [v]snprintf is broken, but is declared in stdio,
1503# check that the fmt argument is const char * or just char *.
1504# This is only useful for when BROKEN_SNPRINTF
1505AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1506AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1507 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1508 int main(void) { snprintf(0, 0, 0); }
1509 ]])],
1510 [AC_MSG_RESULT(yes)
1511 AC_DEFINE(SNPRINTF_CONST, [const],
1512 [Define as const if snprintf() can declare const char *fmt])],
1513 [AC_MSG_RESULT(no)
1514 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1515
2f6f9cff 1516# Check for missing getpeereid (or equiv) support
1517NO_PEERCHECK=""
1961d660 1518if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1519 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1520 AC_TRY_COMPILE(
1521 [#include <sys/types.h>
1522 #include <sys/socket.h>],
1523 [int i = SO_PEERCRED;],
62eb7db4 1524 [ AC_MSG_RESULT(yes)
3466e002 1525 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1526 ],
2f6f9cff 1527 [AC_MSG_RESULT(no)
1528 NO_PEERCHECK=1]
1529 )
1530fi
1531
70e7d0b0 1532dnl see whether mkstemp() requires XXXXXX
1533if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1534AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1535AC_RUN_IFELSE(
1536 [AC_LANG_SOURCE([[
70e7d0b0 1537#include <stdlib.h>
1538main() { char template[]="conftest.mkstemp-test";
1539if (mkstemp(template) == -1)
1540 exit(1);
1541unlink(template); exit(0);
1542}
b0e7249f 1543 ]])],
70e7d0b0 1544 [
1545 AC_MSG_RESULT(no)
1546 ],
aff51935 1547 [
70e7d0b0 1548 AC_MSG_RESULT(yes)
3466e002 1549 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1550 ],
1551 [
1552 AC_MSG_RESULT(yes)
1553 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1554 ]
70e7d0b0 1555)
1556fi
1557
eacb954e 1558dnl make sure that openpty does not reacquire controlling terminal
1559if test ! -z "$check_for_openpty_ctty_bug"; then
1560 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1561 AC_RUN_IFELSE(
1562 [AC_LANG_SOURCE([[
eacb954e 1563#include <stdio.h>
1564#include <sys/fcntl.h>
1565#include <sys/types.h>
1566#include <sys/wait.h>
1567
1568int
1569main()
1570{
1571 pid_t pid;
1572 int fd, ptyfd, ttyfd, status;
1573
1574 pid = fork();
1575 if (pid < 0) { /* failed */
1576 exit(1);
1577 } else if (pid > 0) { /* parent */
1578 waitpid(pid, &status, 0);
aff51935 1579 if (WIFEXITED(status))
eacb954e 1580 exit(WEXITSTATUS(status));
1581 else
1582 exit(2);
1583 } else { /* child */
1584 close(0); close(1); close(2);
1585 setsid();
1586 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1587 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1588 if (fd >= 0)
1589 exit(3); /* Acquired ctty: broken */
1590 else
1591 exit(0); /* Did not acquire ctty: OK */
1592 }
1593}
b0e7249f 1594 ]])],
eacb954e 1595 [
1596 AC_MSG_RESULT(yes)
1597 ],
1598 [
1599 AC_MSG_RESULT(no)
1600 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1601 ],
1602 [
1603 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1604 ]
1605 )
1606fi
1607
4b492aab 1608if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1609 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1610 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1611 AC_RUN_IFELSE(
1612 [AC_LANG_SOURCE([[
2fe51906 1613#include <stdio.h>
1614#include <sys/socket.h>
1615#include <netdb.h>
1616#include <errno.h>
1617#include <netinet/in.h>
1618
1619#define TEST_PORT "2222"
1620
1621int
1622main(void)
1623{
1624 int err, sock;
1625 struct addrinfo *gai_ai, *ai, hints;
1626 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1627
1628 memset(&hints, 0, sizeof(hints));
1629 hints.ai_family = PF_UNSPEC;
1630 hints.ai_socktype = SOCK_STREAM;
1631 hints.ai_flags = AI_PASSIVE;
1632
1633 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1634 if (err != 0) {
1635 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1636 exit(1);
1637 }
1638
1639 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1640 if (ai->ai_family != AF_INET6)
1641 continue;
1642
1643 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1644 sizeof(ntop), strport, sizeof(strport),
1645 NI_NUMERICHOST|NI_NUMERICSERV);
1646
1647 if (err != 0) {
1648 if (err == EAI_SYSTEM)
1649 perror("getnameinfo EAI_SYSTEM");
1650 else
1651 fprintf(stderr, "getnameinfo failed: %s\n",
1652 gai_strerror(err));
1653 exit(2);
1654 }
1655
1656 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1657 if (sock < 0)
1658 perror("socket");
1659 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1660 if (errno == EBADF)
1661 exit(3);
1662 }
1663 }
1664 exit(0);
1665}
b0e7249f 1666 ]])],
2fe51906 1667 [
1668 AC_MSG_RESULT(yes)
1669 ],
1670 [
1671 AC_MSG_RESULT(no)
1672 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1673 ],
1674 [
1675 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1676 ]
1677 )
1678fi
1679
4b492aab 1680if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1681 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1682 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1683 AC_RUN_IFELSE(
1684 [AC_LANG_SOURCE([[
5ccf88cb 1685#include <stdio.h>
1686#include <sys/socket.h>
1687#include <netdb.h>
1688#include <errno.h>
1689#include <netinet/in.h>
1690
1691#define TEST_PORT "2222"
1692
1693int
1694main(void)
1695{
1696 int err, sock;
1697 struct addrinfo *gai_ai, *ai, hints;
1698 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1699
1700 memset(&hints, 0, sizeof(hints));
1701 hints.ai_family = PF_UNSPEC;
1702 hints.ai_socktype = SOCK_STREAM;
1703 hints.ai_flags = AI_PASSIVE;
1704
1705 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1706 if (err != 0) {
1707 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1708 exit(1);
1709 }
1710
1711 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1712 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1713 continue;
1714
1715 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1716 sizeof(ntop), strport, sizeof(strport),
1717 NI_NUMERICHOST|NI_NUMERICSERV);
1718
1719 if (ai->ai_family == AF_INET && err != 0) {
1720 perror("getnameinfo");
1721 exit(2);
1722 }
1723 }
1724 exit(0);
1725}
b0e7249f 1726 ]])],
5ccf88cb 1727 [
1728 AC_MSG_RESULT(yes)
3466e002 1729 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1730 [Define if you have a getaddrinfo that fails
1731 for the all-zeros IPv6 address])
5ccf88cb 1732 ],
1733 [
1734 AC_MSG_RESULT(no)
1735 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1736 ],
ecd9ec09 1737 [
b0e7249f 1738 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1739 ]
1740 )
1741fi
1742
b29fd59f 1743if test "x$check_for_conflicting_getspnam" = "x1"; then
1744 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1745 AC_COMPILE_IFELSE(
1746 [
1747#include <shadow.h>
1748int main(void) {exit(0);}
1749 ],
1750 [
1751 AC_MSG_RESULT(no)
1752 ],
1753 [
1754 AC_MSG_RESULT(yes)
1755 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1756 [Conflicting defs for getspnam])
1757 ]
1758 )
1759fi
1760
7f8f5e00 1761AC_FUNC_GETPGRP
1762
5b991353 1763# Search for OpenSSL
1764saved_CPPFLAGS="$CPPFLAGS"
1765saved_LDFLAGS="$LDFLAGS"
a0391976 1766AC_ARG_WITH(ssl-dir,
1767 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1768 [
e9e4a1c7 1769 if test "x$withval" != "xno" ; then
99eb0f64 1770 case "$withval" in
1771 # Relative paths
1772 ./*|../*) withval="`pwd`/$withval"
1773 esac
5b991353 1774 if test -d "$withval/lib"; then
1775 if test -n "${need_dash_r}"; then
1776 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1777 else
1778 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1779 fi
1780 else
5b991353 1781 if test -n "${need_dash_r}"; then
1782 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1783 else
1784 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1785 fi
1786 fi
5b991353 1787 if test -d "$withval/include"; then
1788 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1789 else
5b991353 1790 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1791 fi
a0391976 1792 fi
5b991353 1793 ]
1794)
5486a457 1795LIBS="-lcrypto $LIBS"
3466e002 1796AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1797 [Define if your ssl headers are included
1798 with #include <openssl/header.h>]),
d45e3d76 1799 [
5b991353 1800 dnl Check default openssl install dir
1801 if test -n "${need_dash_r}"; then
1802 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1803 else
5b991353 1804 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1805 fi
5b991353 1806 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1807 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1808 [
1809 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1810 ]
1811 )
1812 ]
1813)
1814
cd018561 1815# Determine OpenSSL header version
1816AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1817AC_RUN_IFELSE(
479cece8 1818 [AC_LANG_SOURCE([[
cd018561 1819#include <stdio.h>
1820#include <string.h>
1821#include <openssl/opensslv.h>
1822#define DATA "conftest.sslincver"
1823int main(void) {
aff51935 1824 FILE *fd;
1825 int rc;
cd018561 1826
aff51935 1827 fd = fopen(DATA,"w");
1828 if(fd == NULL)
1829 exit(1);
cd018561 1830
1831 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1832 exit(1);
1833
1834 exit(0);
1835}
479cece8 1836 ]])],
cd018561 1837 [
1838 ssl_header_ver=`cat conftest.sslincver`
1839 AC_MSG_RESULT($ssl_header_ver)
1840 ],
1841 [
1842 AC_MSG_RESULT(not found)
1843 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1844 ],
1845 [
1846 AC_MSG_WARN([cross compiling: not checking])
cd018561 1847 ]
1848)
1849
1850# Determine OpenSSL library version
1851AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1852AC_RUN_IFELSE(
479cece8 1853 [AC_LANG_SOURCE([[
cd018561 1854#include <stdio.h>
1855#include <string.h>
1856#include <openssl/opensslv.h>
1857#include <openssl/crypto.h>
1858#define DATA "conftest.ssllibver"
1859int main(void) {
aff51935 1860 FILE *fd;
1861 int rc;
cd018561 1862
aff51935 1863 fd = fopen(DATA,"w");
1864 if(fd == NULL)
1865 exit(1);
cd018561 1866
1867 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1868 exit(1);
1869
1870 exit(0);
1871}
479cece8 1872 ]])],
cd018561 1873 [
1874 ssl_library_ver=`cat conftest.ssllibver`
1875 AC_MSG_RESULT($ssl_library_ver)
1876 ],
1877 [
1878 AC_MSG_RESULT(not found)
1879 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1880 ],
1881 [
1882 AC_MSG_WARN([cross compiling: not checking])
cd018561 1883 ]
1884)
58d100bf 1885
1d42bcce 1886AC_ARG_WITH(openssl-header-check,
1887 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1888 [ if test "x$withval" = "xno" ; then
1889 openssl_check_nonfatal=1
1890 fi
1891 ]
1892)
1893
9780116c 1894# Sanity check OpenSSL headers
1895AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1896AC_RUN_IFELSE(
479cece8 1897 [AC_LANG_SOURCE([[
9780116c 1898#include <string.h>
1899#include <openssl/opensslv.h>
aec4cb4f 1900int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1901 ]])],
9780116c 1902 [
1903 AC_MSG_RESULT(yes)
1904 ],
1905 [
1906 AC_MSG_RESULT(no)
1d42bcce 1907 if test "x$openssl_check_nonfatal" = "x"; then
1908 AC_MSG_ERROR([Your OpenSSL headers do not match your
1909library. Check config.log for details.
1910If you are sure your installation is consistent, you can disable the check
1911by running "./configure --without-openssl-header-check".
1912Also see contrib/findssl.sh for help identifying header/library mismatches.
1913])
1914 else
1915 AC_MSG_WARN([Your OpenSSL headers do not match your
1916library. Check config.log for details.
e15ba28b 1917Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1918 fi
1a01a50c 1919 ],
1920 [
1921 AC_MSG_WARN([cross compiling: not checking])
9780116c 1922 ]
1923)
1924
282d6408 1925AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1926AC_LINK_IFELSE(
1927 [AC_LANG_SOURCE([[
1928#include <openssl/evp.h>
1929int main(void) { SSLeay_add_all_algorithms(); }
1930 ]])],
1931 [
1932 AC_MSG_RESULT(yes)
1933 ],
1934 [
1935 AC_MSG_RESULT(no)
1936 saved_LIBS="$LIBS"
1937 LIBS="$LIBS -ldl"
1938 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1939 AC_LINK_IFELSE(
1940 [AC_LANG_SOURCE([[
1941#include <openssl/evp.h>
1942int main(void) { SSLeay_add_all_algorithms(); }
1943 ]])],
1944 [
1945 AC_MSG_RESULT(yes)
1946 ],
1947 [
1948 AC_MSG_RESULT(no)
1949 LIBS="$saved_LIBS"
1950 ]
1951 )
1952 ]
1953)
1954
c7ad0d99 1955AC_ARG_WITH(ssl-engine,
1956 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1957 [ if test "x$withval" != "xno" ; then
1958 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1959 AC_TRY_COMPILE(
1960 [ #include <openssl/engine.h>],
1961 [
24b2647b 1962ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 1963 ],
1964 [ AC_MSG_RESULT(yes)
1965 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1966 [Enable OpenSSL engine support])
1967 ],
1968 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1969 )
1970 fi ]
1971)
1972
e5146707 1973# Check for OpenSSL without EVP_aes_{192,256}_cbc
1974AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1975AC_LINK_IFELSE(
e5146707 1976 [AC_LANG_SOURCE([[
1977#include <string.h>
1978#include <openssl/evp.h>
300ea548 1979int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1980 ]])],
1981 [
1982 AC_MSG_RESULT(no)
1983 ],
1984 [
1985 AC_MSG_RESULT(yes)
1986 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1987 [libcrypto is missing AES 192 and 256 bit functions])
1988 ]
1989)
1990
5486a457 1991# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1992# because the system crypt() is more featureful.
1993if test "x$check_for_libcrypt_before" = "x1"; then
1994 AC_CHECK_LIB(crypt, crypt)
1995fi
1996
aff51935 1997# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1998# version in OpenSSL.
05114c74 1999if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2000 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2001fi
2002
13ff27b7 2003# Search for SHA256 support in libc and/or OpenSSL
2004AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2005
a03acb8f 2006saved_LIBS="$LIBS"
2007AC_CHECK_LIB(iaf, ia_openinfo, [
2008 LIBS="$LIBS -liaf"
d837615a 2009 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2010 AC_DEFINE(HAVE_LIBIAF, 1,
2011 [Define if system has libiaf that supports set_id])
2012 ])
a03acb8f 2013])
2014LIBS="$saved_LIBS"
f1b0ecc3 2015
2016### Configure cryptographic random number support
2017
2018# Check wheter OpenSSL seeds itself
2019AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2020AC_RUN_IFELSE(
479cece8 2021 [AC_LANG_SOURCE([[
f1b0ecc3 2022#include <string.h>
2023#include <openssl/rand.h>
aec4cb4f 2024int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2025 ]])],
f1b0ecc3 2026 [
2027 OPENSSL_SEEDS_ITSELF=yes
2028 AC_MSG_RESULT(yes)
2029 ],
2030 [
2031 AC_MSG_RESULT(no)
2032 # Default to use of the rand helper if OpenSSL doesn't
2033 # seed itself
2034 USE_RAND_HELPER=yes
1a01a50c 2035 ],
2036 [
2037 AC_MSG_WARN([cross compiling: assuming yes])
2038 # This is safe, since all recent OpenSSL versions will
82f4e93d 2039 # complain at runtime if not seeded correctly.
1a01a50c 2040 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2041 ]
2042)
2043
a086f73b 2044# Check for PAM libs
2045PAM_MSG="no"
2046AC_ARG_WITH(pam,
2047 [ --with-pam Enable PAM support ],
2048 [
2049 if test "x$withval" != "xno" ; then
2050 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2051 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2052 AC_MSG_ERROR([PAM headers not found])
2053 fi
2054
2055 saved_LIBS="$LIBS"
2056 AC_CHECK_LIB(dl, dlopen, , )
2057 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2058 AC_CHECK_FUNCS(pam_getenvlist)
2059 AC_CHECK_FUNCS(pam_putenv)
2060 LIBS="$saved_LIBS"
2061
2062 PAM_MSG="yes"
2063
e54defb4 2064 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2065 AC_DEFINE(USE_PAM, 1,
2066 [Define if you want to enable PAM support])
282d6408 2067
a086f73b 2068 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2069 case "$LIBS" in
2070 *-ldl*)
2071 # libdl already in LIBS
2072 ;;
2073 *)
e54defb4 2074 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2075 ;;
2076 esac
a086f73b 2077 fi
a086f73b 2078 fi
2079 ]
2080)
2081
2082# Check for older PAM
2083if test "x$PAM_MSG" = "xyes" ; then
2084 # Check PAM strerror arguments (old PAM)
2085 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2086 AC_TRY_COMPILE(
2087 [
2088#include <stdlib.h>
2089#if defined(HAVE_SECURITY_PAM_APPL_H)
2090#include <security/pam_appl.h>
2091#elif defined (HAVE_PAM_PAM_APPL_H)
2092#include <pam/pam_appl.h>
2093#endif
2094 ],
2095 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2096 [AC_MSG_RESULT(no)],
2097 [
2098 AC_DEFINE(HAVE_OLD_PAM, 1,
2099 [Define if you have an old version of PAM
2100 which takes only one argument to pam_strerror])
2101 AC_MSG_RESULT(yes)
2102 PAM_MSG="yes (old library)"
2103 ]
2104 )
2105fi
f1b0ecc3 2106
2107# Do we want to force the use of the rand helper?
2108AC_ARG_WITH(rand-helper,
2109 [ --with-rand-helper Use subprocess to gather strong randomness ],
2110 [
2111 if test "x$withval" = "xno" ; then
aff51935 2112 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2113 # the previous test showed it to be unseeded.
2114 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2115 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2116 OPENSSL_SEEDS_ITSELF=yes
2117 USE_RAND_HELPER=""
2118 fi
2119 else
2120 USE_RAND_HELPER=yes
2121 fi
2122 ],
82f4e93d 2123)
f1b0ecc3 2124
2125# Which randomness source do we use?
4b492aab 2126if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2127 # OpenSSL only
3466e002 2128 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2129 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2130 RAND_MSG="OpenSSL internal ONLY"
2131 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2132elif test ! -z "$USE_RAND_HELPER" ; then
2133 # install rand helper
f1b0ecc3 2134 RAND_MSG="ssh-rand-helper"
2135 INSTALL_SSH_RAND_HELPER="yes"
2136fi
2137AC_SUBST(INSTALL_SSH_RAND_HELPER)
2138
2139### Configuration of ssh-rand-helper
2140
2141# PRNGD TCP socket
2142AC_ARG_WITH(prngd-port,
2143 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2144 [
eb5d7ff6 2145 case "$withval" in
2146 no)
2147 withval=""
2148 ;;
2149 [[0-9]]*)
2150 ;;
2151 *)
2152 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2153 ;;
2154 esac
2155 if test ! -z "$withval" ; then
f1b0ecc3 2156 PRNGD_PORT="$withval"
3466e002 2157 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2158 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2159 fi
2160 ]
2161)
2162
2163# PRNGD Unix domain socket
2164AC_ARG_WITH(prngd-socket,
2165 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2166 [
eb5d7ff6 2167 case "$withval" in
2168 yes)
f1b0ecc3 2169 withval="/var/run/egd-pool"
eb5d7ff6 2170 ;;
2171 no)
2172 withval=""
2173 ;;
2174 /*)
2175 ;;
2176 *)
2177 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2178 ;;
2179 esac
2180
2181 if test ! -z "$withval" ; then
f1b0ecc3 2182 if test ! -z "$PRNGD_PORT" ; then
2183 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2184 fi
906e811b 2185 if test ! -r "$withval" ; then
f1b0ecc3 2186 AC_MSG_WARN(Entropy socket is not readable)
2187 fi
2188 PRNGD_SOCKET="$withval"
3466e002 2189 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2190 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2191 fi
ddceb1c8 2192 ],
2193 [
2194 # Check for existing socket only if we don't have a random device already
2195 if test "$USE_RAND_HELPER" = yes ; then
2196 AC_MSG_CHECKING(for PRNGD/EGD socket)
2197 # Insert other locations here
2198 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2199 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2200 PRNGD_SOCKET="$sock"
2201 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2202 break;
2203 fi
2204 done
2205 if test ! -z "$PRNGD_SOCKET" ; then
2206 AC_MSG_RESULT($PRNGD_SOCKET)
2207 else
2208 AC_MSG_RESULT(not found)
2209 fi
2210 fi
f1b0ecc3 2211 ]
2212)
2213
2214# Change default command timeout for hashing entropy source
2215entropy_timeout=200
2216AC_ARG_WITH(entropy-timeout,
2217 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2218 [
6cf0200f 2219 if test -n "$withval" && test "x$withval" != "xno" && \
2220 test "x${withval}" != "xyes"; then
f1b0ecc3 2221 entropy_timeout=$withval
2222 fi
82f4e93d 2223 ]
f1b0ecc3 2224)
3466e002 2225AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2226 [Builtin PRNG command timeout])
f1b0ecc3 2227
fd3cbf67 2228SSH_PRIVSEP_USER=sshd
9a0fbcb3 2229AC_ARG_WITH(privsep-user,
5222e7ef 2230 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2231 [
6cf0200f 2232 if test -n "$withval" && test "x$withval" != "xno" && \
2233 test "x${withval}" != "xyes"; then
fd3cbf67 2234 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2235 fi
82f4e93d 2236 ]
9a0fbcb3 2237)
3466e002 2238AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2239 [non-privileged user for privilege separation])
fd3cbf67 2240AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2241
81dadca3 2242# We do this little dance with the search path to insure
2243# that programs that we select for use by installed programs
2244# (which may be run by the super-user) come from trusted
2245# locations before they come from the user's private area.
2246# This should help avoid accidentally configuring some
2247# random version of a program in someone's personal bin.
2248
2249OPATH=$PATH
2250PATH=/bin:/usr/bin
f95c8ce8 2251test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2252test -d /sbin && PATH=$PATH:/sbin
2253test -d /usr/sbin && PATH=$PATH:/usr/sbin
2254PATH=$PATH:/etc:$OPATH
2255
aff51935 2256# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2257OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2258OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2259OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2260OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2261OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2262OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2263OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2264OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2265OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2266OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2267OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2268OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2269OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2270OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2271OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2272OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2273# restore PATH
2274PATH=$OPATH
f1b0ecc3 2275
2276# Where does ssh-rand-helper get its randomness from?
2277INSTALL_SSH_PRNG_CMDS=""
2278if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2279 if test ! -z "$PRNGD_PORT" ; then
2280 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2281 elif test ! -z "$PRNGD_SOCKET" ; then
2282 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2283 else
2284 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2285 RAND_HELPER_CMDHASH=yes
2286 INSTALL_SSH_PRNG_CMDS="yes"
2287 fi
2288fi
2289AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2290
2291
66d6c27e 2292# Cheap hack to ensure NEWS-OS libraries are arranged right.
2293if test ! -z "$SONY" ; then
2294 LIBS="$LIBS -liberty";
2295fi
2296
9a406e1e 2297# Check for long long datatypes
2298AC_CHECK_TYPES([long long, unsigned long long, long double])
2299
2300# Check datatype sizes
976f7e19 2301AC_CHECK_SIZEOF(char, 1)
2b942fe0 2302AC_CHECK_SIZEOF(short int, 2)
2303AC_CHECK_SIZEOF(int, 4)
2304AC_CHECK_SIZEOF(long int, 4)
2305AC_CHECK_SIZEOF(long long int, 8)
2306
52f1ccb2 2307# Sanity check long long for some platforms (AIX)
2308if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2309 ac_cv_sizeof_long_long_int=0
2310fi
2311
90f15776 2312# compute LLONG_MIN and LLONG_MAX if we don't know them.
2313if test -z "$have_llong_max"; then
2314 AC_MSG_CHECKING([for max value of long long])
2315 AC_RUN_IFELSE(
2316 [AC_LANG_SOURCE([[
2317#include <stdio.h>
2318/* Why is this so damn hard? */
2319#ifdef __GNUC__
2320# undef __GNUC__
2321#endif
2322#define __USE_ISOC99
2323#include <limits.h>
2324#define DATA "conftest.llminmax"
055252ed 2325#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2326
2327/*
2328 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2329 * we do this the hard way.
2330 */
2331static int
2332fprint_ll(FILE *f, long long n)
2333{
2334 unsigned int i;
2335 int l[sizeof(long long) * 8];
2336
2337 if (n < 0)
2338 if (fprintf(f, "-") < 0)
2339 return -1;
2340 for (i = 0; n != 0; i++) {
2341 l[i] = my_abs(n % 10);
2342 n /= 10;
2343 }
2344 do {
2345 if (fprintf(f, "%d", l[--i]) < 0)
2346 return -1;
2347 } while (i != 0);
2348 if (fprintf(f, " ") < 0)
2349 return -1;
2350 return 0;
2351}
2352
90f15776 2353int main(void) {
2354 FILE *f;
2355 long long i, llmin, llmax = 0;
2356
2357 if((f = fopen(DATA,"w")) == NULL)
2358 exit(1);
2359
2360#if defined(LLONG_MIN) && defined(LLONG_MAX)
2361 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2362 llmin = LLONG_MIN;
2363 llmax = LLONG_MAX;
2364#else
2365 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2366 /* This will work on one's complement and two's complement */
2367 for (i = 1; i > llmax; i <<= 1, i++)
2368 llmax = i;
2369 llmin = llmax + 1LL; /* wrap */
2370#endif
2371
2372 /* Sanity check */
2373 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2374 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2375 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2376 fprintf(f, "unknown unknown\n");
2377 exit(2);
2378 }
2379
055252ed 2380 if (fprint_ll(f, llmin) < 0)
90f15776 2381 exit(3);
055252ed 2382 if (fprint_ll(f, llmax) < 0)
2383 exit(4);
2384 if (fclose(f) < 0)
2385 exit(5);
90f15776 2386 exit(0);
2387}
2388 ]])],
2389 [
2390 llong_min=`$AWK '{print $1}' conftest.llminmax`
2391 llong_max=`$AWK '{print $2}' conftest.llminmax`
2392
90f15776 2393 AC_MSG_RESULT($llong_max)
2394 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2395 [max value of long long calculated by configure])
2396 AC_MSG_CHECKING([for min value of long long])
2397 AC_MSG_RESULT($llong_min)
2398 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2399 [min value of long long calculated by configure])
2400 ],
2401 [
2402 AC_MSG_RESULT(not found)
2403 ],
2404 [
2405 AC_MSG_WARN([cross compiling: not checking])
2406 ]
2407 )
2408fi
2409
2410
a0391976 2411# More checks for data types
14a9a859 2412AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2413 AC_TRY_COMPILE(
aff51935 2414 [ #include <sys/types.h> ],
2415 [ u_int a; a = 1;],
14a9a859 2416 [ ac_cv_have_u_int="yes" ],
2417 [ ac_cv_have_u_int="no" ]
2418 )
2419])
2420if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2421 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2422 have_u_int=1
2423fi
2424
58d100bf 2425AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2426 AC_TRY_COMPILE(
aff51935 2427 [ #include <sys/types.h> ],
2428 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2429 [ ac_cv_have_intxx_t="yes" ],
2430 [ ac_cv_have_intxx_t="no" ]
2431 )
2432])
2433if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2434 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2435 have_intxx_t=1
2436fi
41cb4569 2437
2438if (test -z "$have_intxx_t" && \
aff51935 2439 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2440then
2441 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2442 AC_TRY_COMPILE(
aff51935 2443 [ #include <stdint.h> ],
2444 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2445 [
2446 AC_DEFINE(HAVE_INTXX_T)
2447 AC_MSG_RESULT(yes)
2448 ],
2449 [ AC_MSG_RESULT(no) ]
2450 )
2451fi
2452
bd590612 2453AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2454 AC_TRY_COMPILE(
1cbbe6c8 2455 [
2456#include <sys/types.h>
2457#ifdef HAVE_STDINT_H
2458# include <stdint.h>
2459#endif
2460#include <sys/socket.h>
2461#ifdef HAVE_SYS_BITYPES_H
2462# include <sys/bitypes.h>
2463#endif
aff51935 2464 ],
2465 [ int64_t a; a = 1;],
bd590612 2466 [ ac_cv_have_int64_t="yes" ],
2467 [ ac_cv_have_int64_t="no" ]
2468 )
2469])
2470if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2471 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2472fi
2473
58d100bf 2474AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2475 AC_TRY_COMPILE(
aff51935 2476 [ #include <sys/types.h> ],
2477 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2478 [ ac_cv_have_u_intxx_t="yes" ],
2479 [ ac_cv_have_u_intxx_t="no" ]
2480 )
2481])
2482if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2483 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2484 have_u_intxx_t=1
2485fi
2b942fe0 2486
41cb4569 2487if test -z "$have_u_intxx_t" ; then
2488 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2489 AC_TRY_COMPILE(
aff51935 2490 [ #include <sys/socket.h> ],
2491 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2492 [
2493 AC_DEFINE(HAVE_U_INTXX_T)
2494 AC_MSG_RESULT(yes)
2495 ],
2496 [ AC_MSG_RESULT(no) ]
2497 )
2498fi
2499
bd590612 2500AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2501 AC_TRY_COMPILE(
aff51935 2502 [ #include <sys/types.h> ],
2503 [ u_int64_t a; a = 1;],
bd590612 2504 [ ac_cv_have_u_int64_t="yes" ],
2505 [ ac_cv_have_u_int64_t="no" ]
2506 )
2507])
2508if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2509 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2510 have_u_int64_t=1
2511fi
2512
ddceb1c8 2513if test -z "$have_u_int64_t" ; then
2514 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2515 AC_TRY_COMPILE(
aff51935 2516 [ #include <sys/bitypes.h> ],
ddceb1c8 2517 [ u_int64_t a; a = 1],
2518 [
2519 AC_DEFINE(HAVE_U_INT64_T)
2520 AC_MSG_RESULT(yes)
2521 ],
2522 [ AC_MSG_RESULT(no) ]
2523 )
2524fi
2525
41cb4569 2526if test -z "$have_u_intxx_t" ; then
2527 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2528 AC_TRY_COMPILE(
2529 [
2530#include <sys/types.h>
aff51935 2531 ],
2532 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2533 [ ac_cv_have_uintxx_t="yes" ],
2534 [ ac_cv_have_uintxx_t="no" ]
2535 )
2536 ])
2537 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2538 AC_DEFINE(HAVE_UINTXX_T, 1,
2539 [define if you have uintxx_t data type])
41cb4569 2540 fi
2541fi
2542
2543if test -z "$have_uintxx_t" ; then
2544 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2545 AC_TRY_COMPILE(
aff51935 2546 [ #include <stdint.h> ],
2547 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2548 [
2549 AC_DEFINE(HAVE_UINTXX_T)
2550 AC_MSG_RESULT(yes)
2551 ],
2552 [ AC_MSG_RESULT(no) ]
2553 )
2554fi
2555
e5fe9a1f 2556if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2557 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2558then
2559 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2560 AC_TRY_COMPILE(
58d100bf 2561 [
2562#include <sys/bitypes.h>
aff51935 2563 ],
5cdfe03f 2564 [
837c30b8 2565 int8_t a; int16_t b; int32_t c;
2566 u_int8_t e; u_int16_t f; u_int32_t g;
2567 a = b = c = e = f = g = 1;
aff51935 2568 ],
5cdfe03f 2569 [
2570 AC_DEFINE(HAVE_U_INTXX_T)
2571 AC_DEFINE(HAVE_INTXX_T)
2572 AC_MSG_RESULT(yes)
2573 ],
2574 [AC_MSG_RESULT(no)]
aff51935 2575 )
5cdfe03f 2576fi
2577
0362750e 2578
2579AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2580 AC_TRY_COMPILE(
2581 [
2582#include <sys/types.h>
2583 ],
2584 [ u_char foo; foo = 125; ],
2585 [ ac_cv_have_u_char="yes" ],
2586 [ ac_cv_have_u_char="no" ]
2587 )
2588])
2589if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2590 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2591fi
2592
98a7c37b 2593TYPE_SOCKLEN_T
2b942fe0 2594
2d16d9a3 2595AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2596
777ece68 2597AC_CHECK_TYPES(in_addr_t,,,
2598[#include <sys/types.h>
2599#include <netinet/in.h>])
7b578f7d 2600
58d100bf 2601AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2602 AC_TRY_COMPILE(
2603 [
18ba2aab 2604#include <sys/types.h>
58d100bf 2605 ],
2606 [ size_t foo; foo = 1235; ],
2607 [ ac_cv_have_size_t="yes" ],
2608 [ ac_cv_have_size_t="no" ]
2609 )
2610])
2611if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2612 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2613fi
ea1970a3 2614
c04f75f1 2615AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2616 AC_TRY_COMPILE(
2617 [
2618#include <sys/types.h>
2619 ],
2620 [ ssize_t foo; foo = 1235; ],
2621 [ ac_cv_have_ssize_t="yes" ],
2622 [ ac_cv_have_ssize_t="no" ]
2623 )
2624])
2625if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2626 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2627fi
2628
f1c4659d 2629AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2630 AC_TRY_COMPILE(
2631 [
2632#include <time.h>
2633 ],
2634 [ clock_t foo; foo = 1235; ],
2635 [ ac_cv_have_clock_t="yes" ],
2636 [ ac_cv_have_clock_t="no" ]
2637 )
2638])
2639if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2640 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2641fi
2642
1c04b088 2643AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2644 AC_TRY_COMPILE(
2645 [
2646#include <sys/types.h>
2647#include <sys/socket.h>
2648 ],
2649 [ sa_family_t foo; foo = 1235; ],
2650 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2651 [ AC_TRY_COMPILE(
2652 [
2653#include <sys/types.h>
2654#include <sys/socket.h>
2655#include <netinet/in.h>
2656 ],
2657 [ sa_family_t foo; foo = 1235; ],
2658 [ ac_cv_have_sa_family_t="yes" ],
2659
1c04b088 2660 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2661 )]
1c04b088 2662 )
2663])
2664if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2665 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2666 [define if you have sa_family_t data type])
1c04b088 2667fi
2668
729bfe59 2669AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2670 AC_TRY_COMPILE(
2671 [
2672#include <sys/types.h>
2673 ],
2674 [ pid_t foo; foo = 1235; ],
2675 [ ac_cv_have_pid_t="yes" ],
2676 [ ac_cv_have_pid_t="no" ]
2677 )
2678])
2679if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2680 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2681fi
2682
2683AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2684 AC_TRY_COMPILE(
2685 [
2686#include <sys/types.h>
2687 ],
2688 [ mode_t foo; foo = 1235; ],
2689 [ ac_cv_have_mode_t="yes" ],
2690 [ ac_cv_have_mode_t="no" ]
2691 )
2692])
2693if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2694 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2695fi
2696
e3a93db0 2697
58d100bf 2698AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2699 AC_TRY_COMPILE(
2700 [
18ba2aab 2701#include <sys/types.h>
2702#include <sys/socket.h>
58d100bf 2703 ],
2704 [ struct sockaddr_storage s; ],
2705 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2706 [ ac_cv_have_struct_sockaddr_storage="no" ]
2707 )
2708])
2709if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2710 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2711 [define if you have struct sockaddr_storage data type])
58d100bf 2712fi
48e671d5 2713
58d100bf 2714AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2715 AC_TRY_COMPILE(
2716 [
cbd7492e 2717#include <sys/types.h>
58d100bf 2718#include <netinet/in.h>
2719 ],
2720 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2721 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2722 [ ac_cv_have_struct_sockaddr_in6="no" ]
2723 )
2724])
2725if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2726 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2727 [define if you have struct sockaddr_in6 data type])
58d100bf 2728fi
48e671d5 2729
58d100bf 2730AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2731 AC_TRY_COMPILE(
2732 [
cbd7492e 2733#include <sys/types.h>
58d100bf 2734#include <netinet/in.h>
2735 ],
2736 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2737 [ ac_cv_have_struct_in6_addr="yes" ],
2738 [ ac_cv_have_struct_in6_addr="no" ]
2739 )
2740])
2741if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2742 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2743 [define if you have struct in6_addr data type])
58d100bf 2744fi
48e671d5 2745
58d100bf 2746AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2747 AC_TRY_COMPILE(
2748 [
18ba2aab 2749#include <sys/types.h>
2750#include <sys/socket.h>
2751#include <netdb.h>
58d100bf 2752 ],
2753 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2754 [ ac_cv_have_struct_addrinfo="yes" ],
2755 [ ac_cv_have_struct_addrinfo="no" ]
2756 )
2757])
2758if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2759 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2760 [define if you have struct addrinfo data type])
58d100bf 2761fi
2762
89c7e31c 2763AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2764 AC_TRY_COMPILE(
aff51935 2765 [ #include <sys/time.h> ],
2766 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2767 [ ac_cv_have_struct_timeval="yes" ],
2768 [ ac_cv_have_struct_timeval="no" ]
2769 )
2770])
2771if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2772 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2773 have_struct_timeval=1
2774fi
2775
5271b55c 2776AC_CHECK_TYPES(struct timespec)
2777
85abc74b 2778# We need int64_t or else certian parts of the compile will fail.
4b492aab 2779if test "x$ac_cv_have_int64_t" = "xno" && \
2780 test "x$ac_cv_sizeof_long_int" != "x8" && \
2781 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2782 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2783 echo "an alternative compiler (I.E., GCC) before continuing."
2784 echo ""
2785 exit 1;
733cf7f4 2786else
2787dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2788 AC_RUN_IFELSE(
479cece8 2789 [AC_LANG_SOURCE([[
733cf7f4 2790#include <stdio.h>
2791#include <string.h>
2792#ifdef HAVE_SNPRINTF
2793main()
2794{
2795 char buf[50];
2796 char expected_out[50];
2797 int mazsize = 50 ;
2798#if (SIZEOF_LONG_INT == 8)
2799 long int num = 0x7fffffffffffffff;
2800#else
763a1a18 2801 long long num = 0x7fffffffffffffffll;
733cf7f4 2802#endif
2803 strcpy(expected_out, "9223372036854775807");
2804 snprintf(buf, mazsize, "%lld", num);
2805 if(strcmp(buf, expected_out) != 0)
aff51935 2806 exit(1);
733cf7f4 2807 exit(0);
2808}
2809#else
2810main() { exit(0); }
2811#endif
479cece8 2812 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2813 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2814 )
2c523de9 2815fi
2816
77bb0bca 2817dnl Checks for structure members
58d100bf 2818OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2819OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2820OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2821OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2822OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2823OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2824OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2825OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2826OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2827OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2828OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2829OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2830OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2831OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2832OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2833OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2834OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2835
2836AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2837AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2838 [Define if we don't have struct __res_state in resolv.h])],
2839[
2840#include <stdio.h>
2841#if HAVE_SYS_TYPES_H
2842# include <sys/types.h>
2843#endif
2844#include <netinet/in.h>
2845#include <arpa/nameser.h>
2846#include <resolv.h>
2847])
1d7b9b20 2848
58d100bf 2849AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2850 ac_cv_have_ss_family_in_struct_ss, [
2851 AC_TRY_COMPILE(
2852 [
18ba2aab 2853#include <sys/types.h>
2854#include <sys/socket.h>
58d100bf 2855 ],
2856 [ struct sockaddr_storage s; s.ss_family = 1; ],
2857 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2858 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2859 )
2860])
2861if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2862 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2863fi
2864
58d100bf 2865AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2866 ac_cv_have___ss_family_in_struct_ss, [
2867 AC_TRY_COMPILE(
2868 [
18ba2aab 2869#include <sys/types.h>
2870#include <sys/socket.h>
58d100bf 2871 ],
2872 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2873 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2874 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2875 )
2876])
2877if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2878 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2879 [Fields in struct sockaddr_storage])
58d100bf 2880fi
2881
2e73a022 2882AC_CACHE_CHECK([for pw_class field in struct passwd],
2883 ac_cv_have_pw_class_in_struct_passwd, [
2884 AC_TRY_COMPILE(
2885 [
2e73a022 2886#include <pwd.h>
2887 ],
97994d32 2888 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2889 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2890 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2891 )
2892])
2893if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2894 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2895 [Define if your password has a pw_class field])
2e73a022 2896fi
2897
7751d4eb 2898AC_CACHE_CHECK([for pw_expire field in struct passwd],
2899 ac_cv_have_pw_expire_in_struct_passwd, [
2900 AC_TRY_COMPILE(
2901 [
2902#include <pwd.h>
2903 ],
2904 [ struct passwd p; p.pw_expire = 0; ],
2905 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2906 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2907 )
2908])
2909if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2910 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2911 [Define if your password has a pw_expire field])
7751d4eb 2912fi
2913
2914AC_CACHE_CHECK([for pw_change field in struct passwd],
2915 ac_cv_have_pw_change_in_struct_passwd, [
2916 AC_TRY_COMPILE(
2917 [
2918#include <pwd.h>
2919 ],
2920 [ struct passwd p; p.pw_change = 0; ],
2921 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2922 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2923 )
2924])
2925if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2926 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2927 [Define if your password has a pw_change field])
7751d4eb 2928fi
58d100bf 2929
637f9177 2930dnl make sure we're using the real structure members and not defines
6f34652e 2931AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2932 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2933 AC_COMPILE_IFELSE(
6f34652e 2934 [
f95c8ce8 2935#include <sys/types.h>
6f34652e 2936#include <sys/socket.h>
2937#include <sys/uio.h>
637f9177 2938int main() {
2939#ifdef msg_accrights
1a01a50c 2940#error "msg_accrights is a macro"
637f9177 2941exit(1);
2942#endif
2943struct msghdr m;
2944m.msg_accrights = 0;
2945exit(0);
2946}
6f34652e 2947 ],
6f34652e 2948 [ ac_cv_have_accrights_in_msghdr="yes" ],
2949 [ ac_cv_have_accrights_in_msghdr="no" ]
2950 )
2951])
2952if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2953 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2954 [Define if your system uses access rights style
2955 file descriptor passing])
6f34652e 2956fi
2957
7176df4f 2958AC_CACHE_CHECK([for msg_control field in struct msghdr],
2959 ac_cv_have_control_in_msghdr, [
1a01a50c 2960 AC_COMPILE_IFELSE(
7176df4f 2961 [
f95c8ce8 2962#include <sys/types.h>
7176df4f 2963#include <sys/socket.h>
2964#include <sys/uio.h>
637f9177 2965int main() {
2966#ifdef msg_control
1a01a50c 2967#error "msg_control is a macro"
637f9177 2968exit(1);
2969#endif
2970struct msghdr m;
2971m.msg_control = 0;
2972exit(0);
2973}
7176df4f 2974 ],
7176df4f 2975 [ ac_cv_have_control_in_msghdr="yes" ],
2976 [ ac_cv_have_control_in_msghdr="no" ]
2977 )
2978])
2979if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2980 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2981 [Define if your system uses ancillary data style
2982 file descriptor passing])
7176df4f 2983fi
2984
58d100bf 2985AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2986 AC_TRY_LINK([],
2987 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2988 [ ac_cv_libc_defines___progname="yes" ],
2989 [ ac_cv_libc_defines___progname="no" ]
2990 )
2991])
2992if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2993 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2994fi
8946db53 2995
c921ee00 2996AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2997 AC_TRY_LINK([
2998#include <stdio.h>
aff51935 2999],
3000 [ printf("%s", __FUNCTION__); ],
c921ee00 3001 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3002 [ ac_cv_cc_implements___FUNCTION__="no" ]
3003 )
3004])
3005if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3006 AC_DEFINE(HAVE___FUNCTION__, 1,
3007 [Define if compiler implements __FUNCTION__])
c921ee00 3008fi
3009
3010AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3011 AC_TRY_LINK([
3012#include <stdio.h>
aff51935 3013],
3014 [ printf("%s", __func__); ],
c921ee00 3015 [ ac_cv_cc_implements___func__="yes" ],
3016 [ ac_cv_cc_implements___func__="no" ]
3017 )
3018])
3019if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3020 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3021fi
3022
9a406e1e 3023AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3024 AC_TRY_LINK(
3025 [#include <stdarg.h>
3026 va_list x,y;],
3027 [va_copy(x,y);],
3028 [ ac_cv_have_va_copy="yes" ],
3029 [ ac_cv_have_va_copy="no" ]
3030 )
3031])
3032if test "x$ac_cv_have_va_copy" = "xyes" ; then
3033 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3034fi
3035
3036AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3037 AC_TRY_LINK(
3038 [#include <stdarg.h>
3039 va_list x,y;],
3040 [__va_copy(x,y);],
3041 [ ac_cv_have___va_copy="yes" ],
3042 [ ac_cv_have___va_copy="no" ]
3043 )
3044])
3045if test "x$ac_cv_have___va_copy" = "xyes" ; then
3046 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3047fi
3048
1812a662 3049AC_CACHE_CHECK([whether getopt has optreset support],
3050 ac_cv_have_getopt_optreset, [
3051 AC_TRY_LINK(
3052 [
3053#include <getopt.h>
3054 ],
3055 [ extern int optreset; optreset = 0; ],
3056 [ ac_cv_have_getopt_optreset="yes" ],
3057 [ ac_cv_have_getopt_optreset="no" ]
3058 )
3059])
3060if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3061 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3062 [Define if your getopt(3) defines and uses optreset])
1812a662 3063fi
a0391976 3064
819b676f 3065AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3066 AC_TRY_LINK([],
3067 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3068 [ ac_cv_libc_defines_sys_errlist="yes" ],
3069 [ ac_cv_libc_defines_sys_errlist="no" ]
3070 )
3071])
3072if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3073 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3074 [Define if your system defines sys_errlist[]])
819b676f 3075fi
3076
3077
416ed5a7 3078AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3079 AC_TRY_LINK([],
3080 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3081 [ ac_cv_libc_defines_sys_nerr="yes" ],
3082 [ ac_cv_libc_defines_sys_nerr="no" ]
3083 )
3084])
3085if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3086 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3087fi
3088
aff51935 3089SCARD_MSG="no"
295c8801 3090# Check whether user wants sectok support
3091AC_ARG_WITH(sectok,
3092 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3093 [
3094 if test "x$withval" != "xno" ; then
3095 if test "x$withval" != "xyes" ; then
3096 CPPFLAGS="$CPPFLAGS -I${withval}"
3097 LDFLAGS="$LDFLAGS -L${withval}"
3098 if test ! -z "$need_dash_r" ; then
3099 LDFLAGS="$LDFLAGS -R${withval}"
3100 fi
3101 if test ! -z "$blibpath" ; then
3102 blibpath="$blibpath:${withval}"
3103 fi
3104 fi
3105 AC_CHECK_HEADERS(sectok.h)
3106 if test "$ac_cv_header_sectok_h" != yes; then
3107 AC_MSG_ERROR(Can't find sectok.h)
3108 fi
3109 AC_CHECK_LIB(sectok, sectok_open)
3110 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3111 AC_MSG_ERROR(Can't find libsectok)
3112 fi
3466e002 3113 AC_DEFINE(SMARTCARD, 1,
3114 [Define if you want smartcard support])
3115 AC_DEFINE(USE_SECTOK, 1,
3116 [Define if you want smartcard support
3117 using sectok])
aff51935 3118 SCARD_MSG="yes, using sectok"
295c8801 3119 fi
3120 ]
3121)
3122
3123# Check whether user wants OpenSC support
987b458f 3124OPENSC_CONFIG="no"
295c8801 3125AC_ARG_WITH(opensc,
e47fb473 3126 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3127 [
3128 if test "x$withval" != "xno" ; then
3129 if test "x$withval" != "xyes" ; then
3130 OPENSC_CONFIG=$withval/bin/opensc-config
3131 else
3132 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3133 fi
3134 if test "$OPENSC_CONFIG" != "no"; then
3135 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3136 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3137 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3138 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3139 AC_DEFINE(SMARTCARD)
3466e002 3140 AC_DEFINE(USE_OPENSC, 1,
3141 [Define if you want smartcard support
3142 using OpenSC])
987b458f 3143 SCARD_MSG="yes, using OpenSC"
3144 fi
3145 fi
3146 ]
3147)
d0b19c95 3148
c31dc31c 3149# Check libraries needed by DNS fingerprint support
aff51935 3150AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3151 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3152 [Define if getrrsetbyname() exists])],
3e05e934 3153 [
c31dc31c 3154 # Needed by our getrrsetbyname()
3155 AC_SEARCH_LIBS(res_query, resolv)
3156 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3157 AC_MSG_CHECKING(if res_query will link)
3158 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3159 [AC_MSG_RESULT(no)
3160 saved_LIBS="$LIBS"
3161 LIBS="$LIBS -lresolv"
3162 AC_MSG_CHECKING(for res_query in -lresolv)
3163 AC_LINK_IFELSE([
3164#include <resolv.h>
3165int main()
3166{
3167 res_query (0, 0, 0, 0, 0);
3168 return 0;
3169}
3170 ],
3171 [LIBS="$LIBS -lresolv"
3172 AC_MSG_RESULT(yes)],
3173 [LIBS="$saved_LIBS"
3174 AC_MSG_RESULT(no)])
3175 ])
c31dc31c 3176 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3177 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3178 [#include <sys/types.h>
3179 #include <arpa/nameser.h>])
c31dc31c 3180 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3181 [AC_DEFINE(HAVE_HEADER_AD, 1,
3182 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3183 [#include <arpa/nameser.h>])
3184 ])
3e05e934 3185
560acf80 3186AC_MSG_CHECKING(if struct __res_state _res is an extern)
3187AC_LINK_IFELSE([
3188#include <stdio.h>
3189#if HAVE_SYS_TYPES_H
3190# include <sys/types.h>
3191#endif
3192#include <netinet/in.h>
3193#include <arpa/nameser.h>
3194#include <resolv.h>
3195extern struct __res_state _res;
3196int main() { return 0; }
3197 ],
3198 [AC_MSG_RESULT(yes)
3199 AC_DEFINE(HAVE__RES_EXTERN, 1,
3200 [Define if you have struct __res_state _res as an extern])
3201 ],
3202 [ AC_MSG_RESULT(no) ]
3203)
3204
ef4d1846 3205# Check whether user wants SELinux support
3206SELINUX_MSG="no"
3207LIBSELINUX=""
3208AC_ARG_WITH(selinux,
3209 [ --with-selinux Enable SELinux support],
3210 [ if test "x$withval" != "xno" ; then
e54defb4 3211 save_LIBS="$LIBS"
ef4d1846 3212 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3213 SELINUX_MSG="yes"
3214 AC_CHECK_HEADER([selinux/selinux.h], ,
3215 AC_MSG_ERROR(SELinux support requires selinux.h header))
3216 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3217 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3218 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3219 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3220 LIBS="$save_LIBS"
ef4d1846 3221 fi ]
3222)
ef4d1846 3223
12928e80 3224# Check whether user wants Kerberos 5 support
aff51935 3225KRB5_MSG="no"
12928e80 3226AC_ARG_WITH(kerberos5,
aff51935 3227 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3228 [ if test "x$withval" != "xno" ; then
3229 if test "x$withval" = "xyes" ; then
3230 KRB5ROOT="/usr/local"
3231 else
3232 KRB5ROOT=${withval}
3233 fi
3234
3466e002 3235 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3236 KRB5_MSG="yes"
3237
3238 AC_MSG_CHECKING(for krb5-config)
3239 if test -x $KRB5ROOT/bin/krb5-config ; then
3240 KRB5CONF=$KRB5ROOT/bin/krb5-config
3241 AC_MSG_RESULT($KRB5CONF)
3242
3243 AC_MSG_CHECKING(for gssapi support)
3244 if $KRB5CONF | grep gssapi >/dev/null ; then
3245 AC_MSG_RESULT(yes)
3466e002 3246 AC_DEFINE(GSSAPI, 1,
3247 [Define this if you want GSSAPI
3248 support in the version 2 protocol])
071970fb 3249 k5confopts=gssapi
aff51935 3250 else
5585c441 3251 AC_MSG_RESULT(no)
071970fb 3252 k5confopts=""
aff51935 3253 fi
071970fb 3254 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3255 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3256 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3257 AC_MSG_CHECKING(whether we are using Heimdal)
3258 AC_TRY_COMPILE([ #include <krb5.h> ],
3259 [ char *tmp = heimdal_version; ],
3260 [ AC_MSG_RESULT(yes)
3466e002 3261 AC_DEFINE(HEIMDAL, 1,
3262 [Define this if you are using the
3263 Heimdal version of Kerberos V5]) ],
5585c441 3264 AC_MSG_RESULT(no)
3265 )
3266 else
3267 AC_MSG_RESULT(no)
12928e80 3268 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3269 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3270 AC_MSG_CHECKING(whether we are using Heimdal)
3271 AC_TRY_COMPILE([ #include <krb5.h> ],
3272 [ char *tmp = heimdal_version; ],
3273 [ AC_MSG_RESULT(yes)
3274 AC_DEFINE(HEIMDAL)
41707f74 3275 K5LIBS="-lkrb5 -ldes"
3276 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3277 AC_CHECK_LIB(roken, net_write,
41707f74 3278 [K5LIBS="$K5LIBS -lroken"])
aff51935 3279 ],
3280 [ AC_MSG_RESULT(no)
3281 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3282 ]
3283 )
4e00038c 3284 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3285
749560dd 3286 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3287 [ AC_DEFINE(GSSAPI)
3288 K5LIBS="-lgssapi $K5LIBS" ],
3289 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3290 [ AC_DEFINE(GSSAPI)
aff51935 3291 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3292 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3293 $K5LIBS)
3294 ],
3295 $K5LIBS)
82f4e93d 3296
749560dd 3297 AC_CHECK_HEADER(gssapi.h, ,
3298 [ unset ac_cv_header_gssapi_h
aff51935 3299 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3300 AC_CHECK_HEADERS(gssapi.h, ,
3301 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3302 )
749560dd 3303 ]
3304 )
3305
3306 oldCPP="$CPPFLAGS"
3307 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3308 AC_CHECK_HEADER(gssapi_krb5.h, ,
3309 [ CPPFLAGS="$oldCPP" ])
3310
aff51935 3311 fi
5585c441 3312 if test ! -z "$need_dash_r" ; then
3313 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3314 fi
3315 if test ! -z "$blibpath" ; then
3316 blibpath="$blibpath:${KRB5ROOT}/lib"
3317 fi
071970fb 3318
f5555364 3319 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3320 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3321 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3322
f5555364 3323 LIBS="$LIBS $K5LIBS"
3466e002 3324 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3325 [Define this if you want to use libkafs' AFS support]))
f5555364 3326 fi
071970fb 3327 ]
12928e80 3328)
b5b68128 3329
a0391976 3330# Looking for programs, paths and files
a0391976 3331
ecac8ee5 3332PRIVSEP_PATH=/var/empty
3333AC_ARG_WITH(privsep-path,
cda1ebcb 3334 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3335 [
6cf0200f 3336 if test -n "$withval" && test "x$withval" != "xno" && \
3337 test "x${withval}" != "xyes"; then
ecac8ee5 3338 PRIVSEP_PATH=$withval
3339 fi
3340 ]
3341)
3342AC_SUBST(PRIVSEP_PATH)
3343
a0391976 3344AC_ARG_WITH(xauth,
3345 [ --with-xauth=PATH Specify path to xauth program ],
3346 [
6cf0200f 3347 if test -n "$withval" && test "x$withval" != "xno" && \
3348 test "x${withval}" != "xyes"; then
cbd7492e 3349 xauth_path=$withval
a0391976 3350 fi
3351 ],
3352 [
2bf42e4a 3353 TestPath="$PATH"
3354 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3355 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3356 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3357 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3358 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3359 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3360 xauth_path="/usr/openwin/bin/xauth"
3361 fi
3362 ]
3363)
3364
65a4b4af 3365STRIP_OPT=-s
3366AC_ARG_ENABLE(strip,
3367 [ --disable-strip Disable calling strip(1) on install],
3368 [
3369 if test "x$enableval" = "xno" ; then
3370 STRIP_OPT=
3371 fi
3372 ]
3373)
3374AC_SUBST(STRIP_OPT)
3375
b3ec54b4 3376if test -z "$xauth_path" ; then
3377 XAUTH_PATH="undefined"
3378 AC_SUBST(XAUTH_PATH)
3379else
3466e002 3380 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3381 [Define if xauth is found in your path])
b3ec54b4 3382 XAUTH_PATH=$xauth_path
3383 AC_SUBST(XAUTH_PATH)
a0391976 3384fi
a0391976 3385
3386# Check for mail directory (last resort if we cannot get it from headers)
3387if test ! -z "$MAIL" ; then
3388 maildir=`dirname $MAIL`
3466e002 3389 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3390 [Set this to your mail directory if you don't have maillock.h])
a0391976 3391fi
3392
479cece8 3393if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3394 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3395 disable_ptmx_check=yes
3396fi
a0391976 3397if test -z "$no_dev_ptmx" ; then
6e879cb4 3398 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3399 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3400 [
3466e002 3401 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3402 [Define if you have /dev/ptmx])
6e879cb4 3403 have_dev_ptmx=1
3404 ]
3405 )
3406 fi
3276571c 3407fi
1a01a50c 3408
479cece8 3409if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3410 AC_CHECK_FILE("/dev/ptc",
3411 [
3466e002 3412 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3413 [Define if you have /dev/ptc])
1a01a50c 3414 have_dev_ptc=1
3415 ]
3416 )
3417else
3418 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3419fi
3276571c 3420
a0391976 3421# Options from here on. Some of these are preset by platform above
fdf6b7aa 3422AC_ARG_WITH(mantype,
5d97cfbf 3423 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3424 [
5d97cfbf 3425 case "$withval" in
3426 man|cat|doc)
3427 MANTYPE=$withval
3428 ;;
3429 *)
3430 AC_MSG_ERROR(invalid man type: $withval)
3431 ;;
3432 esac
c54a6257 3433 ]
3434)
e0c4d3ac 3435if test -z "$MANTYPE"; then
2bf42e4a 3436 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3437 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3438 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3439 MANTYPE=doc
3440 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3441 MANTYPE=man
3442 else
3443 MANTYPE=cat
3444 fi
3445fi
c54a6257 3446AC_SUBST(MANTYPE)
e0c4d3ac 3447if test "$MANTYPE" = "doc"; then
3448 mansubdir=man;
3449else
3450 mansubdir=$MANTYPE;
3451fi
3452AC_SUBST(mansubdir)
0bc5b6fb 3453
a0391976 3454# Check whether to enable MD5 passwords
aff51935 3455MD5_MSG="no"
2ddcfdf3 3456AC_ARG_WITH(md5-passwords,
caf3bc51 3457 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3458 [
bcf36c78 3459 if test "x$withval" != "xno" ; then
3466e002 3460 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3461 [Define if you want to allow MD5 passwords])
aff51935 3462 MD5_MSG="yes"
0bc5b6fb 3463 fi
3464 ]
caf3bc51 3465)
3466
a0391976 3467# Whether to disable shadow password support
a7effaac 3468AC_ARG_WITH(shadow,
3469 [ --without-shadow Disable shadow password support],
3470 [
82f4e93d 3471 if test "x$withval" = "xno" ; then
a7effaac 3472 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3473 disable_shadow=yes
a7effaac 3474 fi
3475 ]
3476)
3477
4cb5ffa0 3478if test -z "$disable_shadow" ; then
3479 AC_MSG_CHECKING([if the systems has expire shadow information])
3480 AC_TRY_COMPILE(
3481 [
3482#include <sys/types.h>
3483#include <shadow.h>
3484 struct spwd sp;
3485 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3486 [ sp_expire_available=yes ], []
3487 )
3488
3489 if test "x$sp_expire_available" = "xyes" ; then
3490 AC_MSG_RESULT(yes)
3466e002 3491 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3492 [Define if you want to use shadow password expire field])
4cb5ffa0 3493 else
3494 AC_MSG_RESULT(no)
3495 fi
3496fi
3497
a0391976 3498# Use ip address instead of hostname in $DISPLAY
44839801 3499if test ! -z "$IPADDR_IN_DISPLAY" ; then
3500 DISPLAY_HACK_MSG="yes"
3466e002 3501 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3502 [Define if you need to use IP address
3503 instead of hostname in $DISPLAY])
44839801 3504else
aff51935 3505 DISPLAY_HACK_MSG="no"
44839801 3506 AC_ARG_WITH(ipaddr-display,
3507 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3508 [
82f4e93d 3509 if test "x$withval" != "xno" ; then
44839801 3510 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3511 DISPLAY_HACK_MSG="yes"
44839801 3512 fi
3513 ]
3514 )
3515fi
a7effaac 3516
95b99395 3517# check for /etc/default/login and use it if present.
daa41e62 3518AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3519 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3520 [ if test "x$enableval" = "xno"; then
3521 AC_MSG_NOTICE([/etc/default/login handling disabled])
3522 etc_default_login=no
3523 else
3524 etc_default_login=yes
3525 fi ],
b0e7249f 3526 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3527 then
3528 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3529 etc_default_login=no
3530 else
3531 etc_default_login=yes
3532 fi ]
694d0cef 3533)
95b99395 3534
694d0cef 3535if test "x$etc_default_login" != "xno"; then
3536 AC_CHECK_FILE("/etc/default/login",
3537 [ external_path_file=/etc/default/login ])
b0e7249f 3538 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3539 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3540 [Define if your system has /etc/default/login])
1a01a50c 3541 fi
694d0cef 3542fi
95b99395 3543
8d184c09 3544dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3545if test $ac_cv_func_login_getcapbool = "yes" && \
3546 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3547 external_path_file=/etc/login.conf
8d184c09 3548fi
95b99395 3549
a0391976 3550# Whether to mess with the default path
aff51935 3551SERVER_PATH_MSG="(default)"
c43d69a9 3552AC_ARG_WITH(default-path,
75817f90 3553 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3554 [
95b99395 3555 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3556 AC_MSG_WARN([
3557--with-default-path=PATH has no effect on this system.
3558Edit /etc/login.conf instead.])
82f4e93d 3559 elif test "x$withval" != "xno" ; then
89bbd457 3560 if test ! -z "$external_path_file" ; then
95b99395 3561 AC_MSG_WARN([
3562--with-default-path=PATH will only be used if PATH is not defined in
3563$external_path_file .])
3564 fi
b2d818e6 3565 user_path="$withval"
aff51935 3566 SERVER_PATH_MSG="$withval"
cb807f40 3567 fi
b2d818e6 3568 ],
95b99395 3569 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3570 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3571 else
89bbd457 3572 if test ! -z "$external_path_file" ; then
95b99395 3573 AC_MSG_WARN([
3574If PATH is defined in $external_path_file, ensure the path to scp is included,
3575otherwise scp will not work.])
3576 fi
b0e7249f 3577 AC_RUN_IFELSE(
3578 [AC_LANG_SOURCE([[
b2d818e6 3579/* find out what STDPATH is */
3580#include <stdio.h>
b2d818e6 3581#ifdef HAVE_PATHS_H
3582# include <paths.h>
3583#endif
3584#ifndef _PATH_STDPATH
d9a4e55b 3585# ifdef _PATH_USERPATH /* Irix */
3586# define _PATH_STDPATH _PATH_USERPATH
3587# else
3588# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3589# endif
b2d818e6 3590#endif
3591#include <sys/types.h>
3592#include <sys/stat.h>
3593#include <fcntl.h>
3594#define DATA "conftest.stdpath"
3595
3596main()
3597{
3598 FILE *fd;
3599 int rc;
82f4e93d 3600
b2d818e6 3601 fd = fopen(DATA,"w");
3602 if(fd == NULL)
3603 exit(1);
82f4e93d 3604
b2d818e6 3605 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3606 exit(1);
3607
3608 exit(0);
3609}
b0e7249f 3610 ]])],
3611 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3612 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3613 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3614 )
3615# make sure $bindir is in USER_PATH so scp will work
3616 t_bindir=`eval echo ${bindir}`
3617 case $t_bindir in
3618 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3619 esac
3620 case $t_bindir in
3621 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3622 esac
3623 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3624 if test $? -ne 0 ; then
3625 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3626 if test $? -ne 0 ; then
3627 user_path=$user_path:$t_bindir
3628 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3629 fi
3630 fi
8d184c09 3631 fi ]
cb807f40 3632)
95b99395 3633if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3634 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3635 AC_SUBST(user_path)
3636fi
cb807f40 3637
06617857 3638# Set superuser path separately to user path
06617857 3639AC_ARG_WITH(superuser-path,
3640 [ --with-superuser-path= Specify different path for super-user],
3641 [
6cf0200f 3642 if test -n "$withval" && test "x$withval" != "xno" && \
3643 test "x${withval}" != "xyes"; then
3466e002 3644 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3645 [Define if you want a different $PATH
3646 for the superuser])
06617857 3647 superuser_path=$withval
3648 fi
3649 ]
3650)
3651
3652
58d100bf 3653AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3654IPV4_IN6_HACK_MSG="no"
80faa19f 3655AC_ARG_WITH(4in6,
3656 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3657 [
3658 if test "x$withval" != "xno" ; then
3659 AC_MSG_RESULT(yes)
3466e002 3660 AC_DEFINE(IPV4_IN_IPV6, 1,
3661 [Detect IPv4 in IPv6 mapped addresses
3662 and treat as IPv4])
aff51935 3663 IPV4_IN6_HACK_MSG="yes"
80faa19f 3664 else
3665 AC_MSG_RESULT(no)
3666 fi
3667 ],[
3668 if test "x$inet6_default_4in6" = "xyes"; then
3669 AC_MSG_RESULT([yes (default)])
3670 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3671 IPV4_IN6_HACK_MSG="yes"
80faa19f 3672 else
3673 AC_MSG_RESULT([no (default)])
3674 fi
3675 ]
3676)
3677
af774732 3678# Whether to enable BSD auth support
f1b0ecc3 3679BSD_AUTH_MSG=no
af774732 3680AC_ARG_WITH(bsd-auth,
3681 [ --with-bsd-auth Enable BSD auth support],
3682 [
82f4e93d 3683 if test "x$withval" != "xno" ; then
3466e002 3684 AC_DEFINE(BSD_AUTH, 1,
3685 [Define if you have BSD auth support])
f1b0ecc3 3686 BSD_AUTH_MSG=yes
af774732 3687 fi
3688 ]
3689)
3690
a0391976 3691# Where to place sshd.pid
19d9ac2a 3692piddir=/var/run
81dadca3 3693# make sure the directory exists
82f4e93d 3694if test ! -d $piddir ; then
81dadca3 3695 piddir=`eval echo ${sysconfdir}`
3696 case $piddir in
aff51935 3697 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3698 esac
3699fi
3700
47e45e44 3701AC_ARG_WITH(pid-dir,
3702 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3703 [
6cf0200f 3704 if test -n "$withval" && test "x$withval" != "xno" && \
3705 test "x${withval}" != "xyes"; then
19d9ac2a 3706 piddir=$withval
82f4e93d 3707 if test ! -d $piddir ; then
81dadca3 3708 AC_MSG_WARN([** no $piddir directory on this system **])
3709 fi
47e45e44 3710 fi
3711 ]
3712)
b7a87eea 3713
3466e002 3714AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3715AC_SUBST(piddir)
47e45e44 3716
1d7b9b20 3717dnl allow user to disable some login recording features
3718AC_ARG_ENABLE(lastlog,
bfd550a2 3719 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3720 [
3721 if test "x$enableval" = "xno" ; then
3722 AC_DEFINE(DISABLE_LASTLOG)
3723 fi
3724 ]
1d7b9b20 3725)
3726AC_ARG_ENABLE(utmp,
bfd550a2 3727 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3728 [
3729 if test "x$enableval" = "xno" ; then
3730 AC_DEFINE(DISABLE_UTMP)
3731 fi
3732 ]
1d7b9b20 3733)
3734AC_ARG_ENABLE(utmpx,
bfd550a2 3735 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3736 [
3737 if test "x$enableval" = "xno" ; then
3466e002 3738 AC_DEFINE(DISABLE_UTMPX, 1,
3739 [Define if you don't want to use utmpx])
ddb154b3 3740 fi
3741 ]
1d7b9b20 3742)
3743AC_ARG_ENABLE(wtmp,
bfd550a2 3744 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3745 [
3746 if test "x$enableval" = "xno" ; then
3747 AC_DEFINE(DISABLE_WTMP)
3748 fi
3749 ]
1d7b9b20 3750)
3751AC_ARG_ENABLE(wtmpx,
bfd550a2 3752 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3753 [
3754 if test "x$enableval" = "xno" ; then
3466e002 3755 AC_DEFINE(DISABLE_WTMPX, 1,
3756 [Define if you don't want to use wtmpx])
ddb154b3 3757 fi
3758 ]
1d7b9b20 3759)
3760AC_ARG_ENABLE(libutil,
bfd550a2 3761 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3762 [
3763 if test "x$enableval" = "xno" ; then
3764 AC_DEFINE(DISABLE_LOGIN)
3765 fi
3766 ]
1d7b9b20 3767)
3768AC_ARG_ENABLE(pututline,
bfd550a2 3769 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3770 [
3771 if test "x$enableval" = "xno" ; then
3466e002 3772 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3773 [Define if you don't want to use pututline()
3774 etc. to write [uw]tmp])
ddb154b3 3775 fi
3776 ]
1d7b9b20 3777)
3778AC_ARG_ENABLE(pututxline,
bfd550a2 3779 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3780 [
3781 if test "x$enableval" = "xno" ; then
3466e002 3782 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3783 [Define if you don't want to use pututxline()
3784 etc. to write [uw]tmpx])
ddb154b3 3785 fi
3786 ]
1d7b9b20 3787)
3788AC_ARG_WITH(lastlog,
bfd550a2 3789 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3790 [
82f4e93d 3791 if test "x$withval" = "xno" ; then
8c89dd2b 3792 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3793 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3794 conf_lastlog_location=$withval
3795 fi
3796 ]
3797)
1d7b9b20 3798
3799dnl lastlog, [uw]tmpx? detection
3800dnl NOTE: set the paths in the platform section to avoid the
3801dnl need for command-line parameters
3802dnl lastlog and [uw]tmp are subject to a file search if all else fails
3803
3804dnl lastlog detection
3805dnl NOTE: the code itself will detect if lastlog is a directory
3806AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3807AC_TRY_COMPILE([
3808#include <sys/types.h>
3809#include <utmp.h>
3810#ifdef HAVE_LASTLOG_H
3811# include <lastlog.h>
3812#endif
d7c0f3d5 3813#ifdef HAVE_PATHS_H
1d7b9b20 3814# include <paths.h>
41cb4569 3815#endif
3816#ifdef HAVE_LOGIN_H
3817# include <login.h>
1d7b9b20 3818#endif
3819 ],
3820 [ char *lastlog = LASTLOG_FILE; ],
3821 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3822 [
3823 AC_MSG_RESULT(no)
3824 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3825 AC_TRY_COMPILE([
3826#include <sys/types.h>
3827#include <utmp.h>
3828#ifdef HAVE_LASTLOG_H
3829# include <lastlog.h>
3830#endif
3831#ifdef HAVE_PATHS_H
3832# include <paths.h>
3833#endif
3834 ],
3835 [ char *lastlog = _PATH_LASTLOG; ],
3836 [ AC_MSG_RESULT(yes) ],
3837 [
f282b668 3838 AC_MSG_RESULT(no)
d7c0f3d5 3839 system_lastlog_path=no
3840 ])
3841 ]
1d7b9b20 3842)
d7c0f3d5 3843
1d7b9b20 3844if test -z "$conf_lastlog_location"; then
3845 if test x"$system_lastlog_path" = x"no" ; then
3846 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3847 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3848 conf_lastlog_location=$f
3849 fi
3850 done
3851 if test -z "$conf_lastlog_location"; then
f8119cef 3852 AC_MSG_WARN([** Cannot find lastlog **])
3853 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3854 fi
3855 fi
3856fi
3857
3858if test -n "$conf_lastlog_location"; then
3466e002 3859 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3860 [Define if you want to specify the path to your lastlog file])
82f4e93d 3861fi
1d7b9b20 3862
3863dnl utmp detection
3864AC_MSG_CHECKING([if your system defines UTMP_FILE])
3865AC_TRY_COMPILE([
3866#include <sys/types.h>
3867#include <utmp.h>
d7c0f3d5 3868#ifdef HAVE_PATHS_H
1d7b9b20 3869# include <paths.h>
3870#endif
3871 ],
3872 [ char *utmp = UTMP_FILE; ],
3873 [ AC_MSG_RESULT(yes) ],
3874 [ AC_MSG_RESULT(no)
3875 system_utmp_path=no ]
3876)
3877if test -z "$conf_utmp_location"; then
3878 if test x"$system_utmp_path" = x"no" ; then
3879 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3880 if test -f $f ; then
3881 conf_utmp_location=$f
3882 fi
3883 done
3884 if test -z "$conf_utmp_location"; then
3885 AC_DEFINE(DISABLE_UTMP)
3886 fi
3887 fi
3888fi
3889if test -n "$conf_utmp_location"; then
3466e002 3890 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3891 [Define if you want to specify the path to your utmp file])
82f4e93d 3892fi
1d7b9b20 3893
3894dnl wtmp detection
3895AC_MSG_CHECKING([if your system defines WTMP_FILE])
3896AC_TRY_COMPILE([
3897#include <sys/types.h>
3898#include <utmp.h>
d7c0f3d5 3899#ifdef HAVE_PATHS_H
1d7b9b20 3900# include <paths.h>
3901#endif
3902 ],
3903 [ char *wtmp = WTMP_FILE; ],
3904 [ AC_MSG_RESULT(yes) ],
3905 [ AC_MSG_RESULT(no)
3906 system_wtmp_path=no ]
3907)
3908if test -z "$conf_wtmp_location"; then
3909 if test x"$system_wtmp_path" = x"no" ; then
3910 for f in /usr/adm/wtmp /var/log/wtmp; do
3911 if test -f $f ; then
3912 conf_wtmp_location=$f
3913 fi
3914 done
3915 if test -z "$conf_wtmp_location"; then
3916 AC_DEFINE(DISABLE_WTMP)
3917 fi
3918 fi
3919fi
3920if test -n "$conf_wtmp_location"; then
3466e002 3921 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3922 [Define if you want to specify the path to your wtmp file])
82f4e93d 3923fi
1d7b9b20 3924
3925
3926dnl utmpx detection - I don't know any system so perverse as to require
3927dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3928dnl there, though.
3929AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3930AC_TRY_COMPILE([
3931#include <sys/types.h>
3932#include <utmp.h>
3933#ifdef HAVE_UTMPX_H
3934#include <utmpx.h>
3935#endif
d7c0f3d5 3936#ifdef HAVE_PATHS_H
1d7b9b20 3937# include <paths.h>
3938#endif
3939 ],
3940 [ char *utmpx = UTMPX_FILE; ],
3941 [ AC_MSG_RESULT(yes) ],
3942 [ AC_MSG_RESULT(no)
3943 system_utmpx_path=no ]
3944)
3945if test -z "$conf_utmpx_location"; then
3946 if test x"$system_utmpx_path" = x"no" ; then
3947 AC_DEFINE(DISABLE_UTMPX)
3948 fi
3949else
3466e002 3950 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3951 [Define if you want to specify the path to your utmpx file])
82f4e93d 3952fi
1d7b9b20 3953
3954dnl wtmpx detection
3955AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3956AC_TRY_COMPILE([
3957#include <sys/types.h>
3958#include <utmp.h>
3959#ifdef HAVE_UTMPX_H
3960#include <utmpx.h>
3961#endif
d7c0f3d5 3962#ifdef HAVE_PATHS_H
1d7b9b20 3963# include <paths.h>
3964#endif
3965 ],
3966 [ char *wtmpx = WTMPX_FILE; ],
3967 [ AC_MSG_RESULT(yes) ],
3968 [ AC_MSG_RESULT(no)
3969 system_wtmpx_path=no ]
3970)
3971if test -z "$conf_wtmpx_location"; then
3972 if test x"$system_wtmpx_path" = x"no" ; then
3973 AC_DEFINE(DISABLE_WTMPX)
3974 fi
3975else
3466e002 3976 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3977 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3978fi
1d7b9b20 3979
b7a87eea 3980
bd499f9e 3981if test ! -z "$blibpath" ; then
68ece370 3982 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3983 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3984fi
3985
ed89c848 3986dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3987dnl Add now.
3988CFLAGS="$CFLAGS $werror_flags"
3989
3c62e7eb 3990AC_EXEEXT
29eadd7c 3991AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
3992 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
3993 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3994AC_OUTPUT
d3083fbd 3995
cbd7492e 3996# Print summary of options
3997
cbd7492e 3998# Someone please show me a better way :)
3999A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4000B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4001C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4002D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4003E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4004F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4005G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4006H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4007I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4008J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4009
4010echo ""
26de7942 4011echo "OpenSSH has been configured with the following options:"
ecac8ee5 4012echo " User binaries: $B"
4013echo " System binaries: $C"
4014echo " Configuration files: $D"
4015echo " Askpass program: $E"
4016echo " Manual pages: $F"
4017echo " PID file: $G"
4018echo " Privilege separation chroot path: $H"
95b99395 4019if test "x$external_path_file" = "x/etc/login.conf" ; then
4020echo " At runtime, sshd will use the path defined in $external_path_file"
4021echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4022else
ecac8ee5 4023echo " sshd default user PATH: $I"
89bbd457 4024 if test ! -z "$external_path_file"; then
95b99395 4025echo " (If PATH is set in $external_path_file it will be used instead. If"
4026echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4027 fi
8d184c09 4028fi
06617857 4029if test ! -z "$superuser_path" ; then
ecac8ee5 4030echo " sshd superuser user PATH: $J"
4031fi
4032echo " Manpage format: $MANTYPE"
3e05e934 4033echo " PAM support: $PAM_MSG"
5b84789f 4034echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4035echo " KerberosV support: $KRB5_MSG"
ef4d1846 4036echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4037echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4038echo " S/KEY support: $SKEY_MSG"
4039echo " TCP Wrappers support: $TCPW_MSG"
4040echo " MD5 password support: $MD5_MSG"
59031773 4041echo " libedit support: $LIBEDIT_MSG"
5b84789f 4042echo " Solaris process contract support: $SPC_MSG"
3deb1408 4043echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4044echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4045echo " BSD Auth support: $BSD_AUTH_MSG"
4046echo " Random number source: $RAND_MSG"
f1b0ecc3 4047if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4048echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4049fi
4050
cbd7492e 4051echo ""
4052
0c2fb82f 4053echo " Host: ${host}"
4054echo " Compiler: ${CC}"
4055echo " Compiler flags: ${CFLAGS}"
4056echo "Preprocessor flags: ${CPPFLAGS}"
4057echo " Linker flags: ${LDFLAGS}"
e54defb4 4058echo " Libraries: ${LIBS}"
4059if test ! -z "${SSHDLIBS}"; then
4060echo " +for sshd: ${SSHDLIBS}"
4061fi
cbd7492e 4062
4063echo ""
4064
9cefe228 4065if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4066 echo "SVR4 style packages are supported with \"make package\""
4067 echo ""
9cefe228 4068fi
4069
adeebd37 4070if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4071 echo "PAM is enabled. You may need to install a PAM control file "
4072 echo "for sshd, otherwise password authentication may fail. "
aff51935 4073 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4074 echo "subdirectory"
adeebd37 4075 echo ""
4076fi
4077
f1b0ecc3 4078if test ! -z "$RAND_HELPER_CMDHASH" ; then
4079 echo "WARNING: you are using the builtin random number collection "
4080 echo "service. Please read WARNING.RNG and request that your OS "
4081 echo "vendor includes kernel-based random number collection in "
4082 echo "future versions of your OS."
2c523de9 4083 echo ""
4084fi
af774732 4085
2f6f9cff 4086if test ! -z "$NO_PEERCHECK" ; then
1961d660 4087 echo "WARNING: the operating system that you are using does not"
4088 echo "appear to support getpeereid(), getpeerucred() or the"
4089 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4090 echo "enforce security checks to prevent unauthorised connections to"
4091 echo "ssh-agent. Their absence increases the risk that a malicious"
4092 echo "user can connect to your agent."
2f6f9cff 4093 echo ""
4094fi
4095
7b578f7d 4096if test "$AUDIT_MODULE" = "bsm" ; then
4097 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4098 echo "See the Solaris section in README.platform for details."
4099fi
git-cvsimport mirror of OpenSSH
This page took 1.089851 seconds and 5 git commands to generate.