]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [openbsd-compat/bsd-cygwin_util.c] Fix implict declaration
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
5b84789f 130# Messages for features tested for in target-specific section
131SIA_MSG="no"
132SPC_MSG="no"
133
a0391976 134# Check for some target-specific stuff
a7effaac 135case "$host" in
9d6b1b96 136*-*-aix*)
aff51935 137 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 138 if (test -z "$blibpath"); then
0a15d73b 139 blibpath="/usr/lib:/lib"
68ece370 140 fi
141 saved_LDFLAGS="$LDFLAGS"
e7479666 142 if test "$GCC" = "yes"; then
143 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
144 else
145 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
146 fi
147 for tryflags in $flags ;do
68ece370 148 if (test -z "$blibflags"); then
149 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
150 AC_TRY_LINK([], [], [blibflags=$tryflags])
151 fi
152 done
153 if (test -z "$blibflags"); then
154 AC_MSG_RESULT(not found)
155 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
156 else
157 AC_MSG_RESULT($blibflags)
bd499f9e 158 fi
68ece370 159 LDFLAGS="$saved_LDFLAGS"
e351e493 160 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 161 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
162 [Define if you want to enable AIX4's authenticate function])],
0764e748 163 [AC_CHECK_LIB(s,authenticate,
e351e493 164 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 165 LIBS="$LIBS -ls"
166 ])
167 ])
ba603e06 168 dnl Check for various auth function declarations in headers.
c85ed8e2 169 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 170 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 171 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 172 AC_CHECK_DECLS(loginfailed,
e351e493 173 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
174 AC_TRY_COMPILE(
f58c0e01 175 [#include <usersec.h>],
e351e493 176 [(void)loginfailed("user","host","tty",0);],
177 [AC_MSG_RESULT(yes)
3466e002 178 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
179 [Define if your AIX loginfailed() function
180 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 181 [AC_MSG_RESULT(no)]
e351e493 182 )],
183 [],
184 [#include <usersec.h>]
185 )
2aa3a16c 186 AC_CHECK_FUNCS(setauthdb)
53c337ed 187 AC_CHECK_DECL(F_CLOSEM,
795e7517 188 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 189 [],
190 [ #include <limits.h>
191 #include <fcntl.h> ]
192 )
5ccf88cb 193 check_for_aix_broken_getaddrinfo=1
3466e002 194 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
195 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
196 [Define if your platform breaks doing a seteuid before a setuid])
197 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
198 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 199 dnl AIX handles lastlog as part of its login message
3466e002 200 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
201 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
202 [Some systems need a utmpx entry for /bin/login to work])
203 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
204 [Define to a Set Process Title type if your system is
205 supported by bsd-setproctitle.c])
961c2997 206 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
207 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 208 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 209 ;;
3c62e7eb 210*-*-cygwin*)
a52997bd 211 check_for_libcrypt_later=1
ffb8d130 212 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 213 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
214 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
215 AC_DEFINE(DISABLE_SHADOW, 1,
216 [Define if you want to disable shadow passwords])
217 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
218 [Define if your system choked on IP TOS setting])
219 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
220 [Define if X11 doesn't support AF_UNIX sockets on that system])
221 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
222 [Define if the concept of ports only accessible to
223 superusers isn't known])
224 AC_DEFINE(DISABLE_FD_PASSING, 1,
225 [Define if your platform needs to skip post auth
226 file descriptor passing])
3c62e7eb 227 ;;
d6fdb079 228*-*-dgux*)
229 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 230 AC_DEFINE(SETEUID_BREAKS_SETUID)
231 AC_DEFINE(BROKEN_SETREUID)
232 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 233 ;;
39c98ef7 234*-*-darwin*)
33e2e066 235 AC_MSG_CHECKING(if we have working getaddrinfo)
236 AC_TRY_RUN([#include <mach-o/dyld.h>
237main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
238 exit(0);
239 else
240 exit(1);
241}], [AC_MSG_RESULT(working)],
242 [AC_MSG_RESULT(buggy)
3466e002 243 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 244 [AC_MSG_RESULT(assume it is working)])
635e0c42 245 AC_DEFINE(SETEUID_BREAKS_SETUID)
246 AC_DEFINE(BROKEN_SETREUID)
247 AC_DEFINE(BROKEN_SETREGID)
3466e002 248 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
249 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 250 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
251 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
252 [Use tunnel device compatibility to OpenBSD])
253 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
254 [Prepend the address family to IP tunnel traffic])
39c98ef7 255 ;;
7d458c86 256*-*-hpux*)
257 # first we define all of the options common to all HP-UX releases
b8fea62d 258 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 259 IPADDR_IN_DISPLAY=yes
2b10f47a 260 AC_DEFINE(USE_PIPES)
3466e002 261 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
262 [Define if your login program cannot handle end of options ("--")])
a2572aa7 263 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 264 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
265 [String used in /etc/passwd to denote locked account])
3a2b2b44 266 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 267 MAIL="/var/mail/username"
f75ca46d 268 LIBS="$LIBS -lsec"
7d458c86 269 AC_CHECK_LIB(xnet, t_error, ,
270 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
271
272 # next, we define all of the options specific to major releases
273 case "$host" in
274 *-*-hpux10*)
275 if test -z "$GCC"; then
276 CFLAGS="$CFLAGS -Ae"
277 fi
278 ;;
279 *-*-hpux11*)
3466e002 280 AC_DEFINE(PAM_SUN_CODEBASE, 1,
281 [Define if you are using Solaris-derived PAM which
282 passes pam_messages to the conversation function
283 with an extra level of indirection])
284 AC_DEFINE(DISABLE_UTMP, 1,
285 [Define if you don't want to use utmp])
7d458c86 286 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
287 check_for_hpux_broken_getaddrinfo=1
288 check_for_conflicting_getspnam=1
289 ;;
290 esac
291
292 # lastly, we define options specific to minor releases
293 case "$host" in
294 *-*-hpux10.26)
3466e002 295 AC_DEFINE(HAVE_SECUREWARE, 1,
296 [Define if you have SecureWare-based
297 protected password database])
7d458c86 298 disable_ptmx_check=yes
299 LIBS="$LIBS -lsecpw"
300 ;;
301 esac
2b763e31 302 ;;
d94aa2ae 303*-*-irix5*)
6ac7829a 304 PATH="$PATH:/usr/etc"
3466e002 305 AC_DEFINE(BROKEN_INET_NTOA, 1,
306 [Define if you system's inet_ntoa is busted
307 (e.g. Irix gcc issue)])
cb433561 308 AC_DEFINE(SETEUID_BREAKS_SETUID)
309 AC_DEFINE(BROKEN_SETREUID)
310 AC_DEFINE(BROKEN_SETREGID)
3466e002 311 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
312 [Define if you shouldn't strip 'tty' from your
313 ttyname in [uw]tmp])
3e6e3da0 314 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 315 ;;
316*-*-irix6*)
6ac7829a 317 PATH="$PATH:/usr/etc"
3466e002 318 AC_DEFINE(WITH_IRIX_ARRAY, 1,
319 [Define if you have/want arrays
320 (cluster-wide session managment, not C arrays)])
321 AC_DEFINE(WITH_IRIX_PROJECT, 1,
322 [Define if you want IRIX project management])
323 AC_DEFINE(WITH_IRIX_AUDIT, 1,
324 [Define if you want IRIX audit trails])
325 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
326 [Define if you want IRIX kernel jobs])])
416ed5a7 327 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 328 AC_DEFINE(SETEUID_BREAKS_SETUID)
329 AC_DEFINE(BROKEN_SETREUID)
330 AC_DEFINE(BROKEN_SETREGID)
3466e002 331 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 332 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 333 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 334 ;;
5cdfe03f 335*-*-linux*)
336 no_dev_ptmx=1
717057b6 337 check_for_libcrypt_later=1
eacb954e 338 check_for_openpty_ctty_bug=1
3466e002 339 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
340 AC_DEFINE(PAM_TTY_KLUDGE, 1,
341 [Work around problematic Linux PAM modules handling of PAM_TTY])
342 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
343 [String used in /etc/passwd to denote locked account])
3a2b2b44 344 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 345 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
346 [Define to whatever link() returns for "not supported"
347 if it doesn't return EOPNOTSUPP.])
b6610e8f 348 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 349 AC_DEFINE(USE_BTMP)
80faa19f 350 inet6_default_4in6=yes
bf7c1e6c 351 case `uname -r` in
ad84c479 352 1.*|2.0.*)
3466e002 353 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
354 [Define if cmsg_type is not passed correctly])
bf7c1e6c 355 ;;
bf7c1e6c 356 esac
c40f09ca 357 # tun(4) forwarding compat code
d91775e1 358 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 359 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 360 AC_DEFINE(SSH_TUN_LINUX, 1,
361 [Open tunnel devices the Linux tun/tap way])
362 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
363 [Use tunnel device compatibility to OpenBSD])
364 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
365 [Prepend the address family to IP tunnel traffic])
366 fi
5cdfe03f 367 ;;
66d6c27e 368mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 369 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 370 SONY=1
66d6c27e 371 ;;
d468fc76 372*-*-netbsd*)
33e2e066 373 check_for_libcrypt_before=1
82f4e93d 374 if test "x$withval" != "xno" ; then
e6354014 375 need_dash_r=1
376 fi
0f6cb079 377 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
378 AC_CHECK_HEADER([net/if_tap.h], ,
379 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
380 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
381 [Prepend the address family to IP tunnel traffic])
d468fc76 382 ;;
86b416a7 383*-*-freebsd*)
384 check_for_libcrypt_later=1
988c5031 385 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 386 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
387 AC_CHECK_HEADER([net/if_tap.h], ,
388 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 389 ;;
8707b7eb 390*-*-bsdi*)
391 AC_DEFINE(SETEUID_BREAKS_SETUID)
392 AC_DEFINE(BROKEN_SETREUID)
393 AC_DEFINE(BROKEN_SETREGID)
394 ;;
729bfe59 395*-next-*)
729bfe59 396 conf_lastlog_location="/usr/adm/lastlog"
698d107e 397 conf_utmp_location=/etc/utmp
398 conf_wtmp_location=/usr/adm/wtmp
399 MAIL=/usr/spool/mail
3466e002 400 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 401 AC_DEFINE(BROKEN_REALPATH)
00937921 402 AC_DEFINE(USE_PIPES)
3466e002 403 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 404 ;;
5b7b5e23 405*-*-openbsd*)
406 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 407 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 408 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 409 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
410 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 411 ;;
9d6b1b96 412*-*-solaris*)
82f4e93d 413 if test "x$withval" != "xno" ; then
010e9d5b 414 need_dash_r=1
415 fi
adeebd37 416 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 417 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 418 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
419 [Some versions of /bin/login need the TERM supplied
420 on the commandline])
7f0a4ff1 421 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 422 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
423 [Define if pam_chauthtok wants real uid set
424 to the unpriv'ed user])
3e6e3da0 425 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 426 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 427 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
428 [Define if sshd somehow reacquires a controlling TTY
429 after setsid()])
795aa5f5 430 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
431 in case the name is longer than 8 chars])
95b99395 432 external_path_file=/etc/default/login
1d7b9b20 433 # hardwire lastlog location (can't detect it on some versions)
434 conf_lastlog_location="/var/adm/lastlog"
32c80420 435 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
436 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
437 if test "$sol2ver" -ge 8; then
438 AC_MSG_RESULT(yes)
439 AC_DEFINE(DISABLE_UTMP)
3466e002 440 AC_DEFINE(DISABLE_WTMP, 1,
441 [Define if you don't want to use wtmp])
32c80420 442 else
443 AC_MSG_RESULT(no)
444 fi
5b84789f 445 AC_ARG_WITH(solaris-contracts,
446 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
447 [
448 AC_CHECK_LIB(contract, ct_tmpl_activate,
449 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
450 [Define if you have Solaris process contracts])
451 SSHDLIBS="$SSHDLIBS -lcontract"
452 AC_SUBST(SSHDLIBS)
453 SPC_MSG="yes" ], )
454 ],
455 )
9d6b1b96 456 ;;
a423beaf 457*-*-sunos4*)
0c2fb82f 458 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 459 AC_CHECK_FUNCS(getpwanam)
adeebd37 460 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 461 conf_utmp_location=/etc/utmp
462 conf_wtmp_location=/var/adm/wtmp
463 conf_lastlog_location=/var/adm/lastlog
137d7b6c 464 AC_DEFINE(USE_PIPES)
a423beaf 465 ;;
6f68f28a 466*-ncr-sysv*)
98a7c37b 467 LIBS="$LIBS -lc89"
29525240 468 AC_DEFINE(USE_PIPES)
eabb99c6 469 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 470 AC_DEFINE(SETEUID_BREAKS_SETUID)
471 AC_DEFINE(BROKEN_SETREUID)
472 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 473 ;;
132dd316 474*-sni-sysv*)
c8c15bcb 475 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 476 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 477 # -lresolv needs to be at the end of LIBS or DNS lookups break
478 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 479 IPADDR_IN_DISPLAY=yes
480 AC_DEFINE(USE_PIPES)
132dd316 481 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 482 AC_DEFINE(SETEUID_BREAKS_SETUID)
483 AC_DEFINE(BROKEN_SETREUID)
484 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 485 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 486 external_path_file=/etc/default/login
c8c15bcb 487 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
488 # Attention: always take care to bind libsocket and libnsl before libc,
489 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 490 ;;
79a7ba96 491# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 492*-*-sysv4.2*)
9a406e1e 493 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
ed6553e2 494 AC_DEFINE(USE_PIPES)
7ed101c0 495 AC_DEFINE(SETEUID_BREAKS_SETUID)
496 AC_DEFINE(BROKEN_SETREUID)
497 AC_DEFINE(BROKEN_SETREGID)
46f853b9 498 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 499 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 500 ;;
79a7ba96 501# UnixWare 7.x, OpenUNIX 8
77bb0bca 502*-*-sysv5*)
d7d2cc6e 503 check_for_libcrypt_later=1
504 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 505 AC_DEFINE(USE_PIPES)
7ed101c0 506 AC_DEFINE(SETEUID_BREAKS_SETUID)
507 AC_DEFINE(BROKEN_SETREUID)
508 AC_DEFINE(BROKEN_SETREGID)
3466e002 509 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 510 case "$host" in
511 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
512 TEST_SHELL=/u95/bin/sh
3466e002 513 AC_DEFINE(BROKEN_LIBIAF, 1,
514 [ia_uinfo routines not supported by OS yet])
822015dd 515 ;;
e45da4d6 516 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
517 ;;
822015dd 518 esac
77bb0bca 519 ;;
9d6b1b96 520*-*-sysv*)
9d6b1b96 521 ;;
79a7ba96 522# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 523*-*-sco3.2v4*)
11cf4f1f 524 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 525 ;;
79a7ba96 526# SCO OpenServer 5.x
77bb0bca 527*-*-sco3.2v5*)
21710e39 528 if test -z "$GCC"; then
529 CFLAGS="$CFLAGS -belf"
530 fi
ed6553e2 531 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 532 no_dev_ptmx=1
ed6553e2 533 AC_DEFINE(USE_PIPES)
6e879cb4 534 AC_DEFINE(HAVE_SECUREWARE)
d287c664 535 AC_DEFINE(DISABLE_SHADOW)
94d8258b 536 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 537 AC_DEFINE(SETEUID_BREAKS_SETUID)
538 AC_DEFINE(BROKEN_SETREUID)
539 AC_DEFINE(BROKEN_SETREGID)
bcebad47 540 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 541 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 542 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 543 AC_CHECK_FUNCS(getluid setluid)
533875af 544 MANTYPE=man
a3245b92 545 TEST_SHELL=ksh
509b1f88 546 ;;
ccbb983c 547*-*-unicosmk*)
3466e002 548 AC_DEFINE(NO_SSH_LASTLOG, 1,
549 [Define if you don't want to use lastlog in session.c])
c1ad5966 550 AC_DEFINE(SETEUID_BREAKS_SETUID)
551 AC_DEFINE(BROKEN_SETREUID)
552 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 553 AC_DEFINE(USE_PIPES)
554 AC_DEFINE(DISABLE_FD_PASSING)
555 LDFLAGS="$LDFLAGS"
556 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
557 MANTYPE=cat
d262b7f2 558 ;;
7b9a8c6e 559*-*-unicosmp*)
c1ad5966 560 AC_DEFINE(SETEUID_BREAKS_SETUID)
561 AC_DEFINE(BROKEN_SETREUID)
562 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 563 AC_DEFINE(WITH_ABBREV_NO_TTY)
564 AC_DEFINE(USE_PIPES)
565 AC_DEFINE(DISABLE_FD_PASSING)
566 LDFLAGS="$LDFLAGS"
c1ad5966 567 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 568 MANTYPE=cat
569 ;;
ca5c7d6a 570*-*-unicos*)
c1ad5966 571 AC_DEFINE(SETEUID_BREAKS_SETUID)
572 AC_DEFINE(BROKEN_SETREUID)
573 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 574 AC_DEFINE(USE_PIPES)
94d8258b 575 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 576 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 577 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
578 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
579 MANTYPE=cat
a704dd54 580 ;;
4d33e531 581*-dec-osf*)
99c8ddac 582 AC_MSG_CHECKING(for Digital Unix SIA)
583 no_osfsia=""
584 AC_ARG_WITH(osfsia,
585 [ --with-osfsia Enable Digital Unix SIA],
586 [
587 if test "x$withval" = "xno" ; then
588 AC_MSG_RESULT(disabled)
589 no_osfsia=1
590 fi
591 ],
592 )
593 if test -z "$no_osfsia" ; then
4d33e531 594 if test -f /etc/sia/matrix.conf; then
595 AC_MSG_RESULT(yes)
3466e002 596 AC_DEFINE(HAVE_OSF_SIA, 1,
597 [Define if you have Digital Unix Security
598 Integration Architecture])
599 AC_DEFINE(DISABLE_LOGIN, 1,
600 [Define if you don't want to use your
601 system's login() call])
58d0df4e 602 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 603 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 604 SIA_MSG="yes"
4d33e531 605 else
606 AC_MSG_RESULT(no)
3466e002 607 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
608 [String used in /etc/passwd to denote locked account])
4d33e531 609 fi
610 fi
a6e67b60 611 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 612 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 613 AC_DEFINE(BROKEN_SETREUID)
614 AC_DEFINE(BROKEN_SETREGID)
4d33e531 615 ;;
41cb4569 616
9c54c067 617*-*-nto-qnx*)
41cb4569 618 AC_DEFINE(USE_PIPES)
619 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 620 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
621 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
622 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 623 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 624 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 625 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 626 ;;
35fc74ed 627
628*-*-ultrix*)
3466e002 629 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
630 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 631 AC_DEFINE(NEED_SETPGRP)
b5765e1d 632 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
633 ;;
157b6700 634
635*-*-lynxos)
636 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 637 AC_DEFINE(MISSING_HOWMANY)
157b6700 638 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
639 ;;
a7effaac 640esac
641
8e7b16f8 642# Allow user to specify flags
643AC_ARG_WITH(cflags,
644 [ --with-cflags Specify additional flags to pass to compiler],
645 [
6cf0200f 646 if test -n "$withval" && test "x$withval" != "xno" && \
647 test "x${withval}" != "xyes"; then
8e7b16f8 648 CFLAGS="$CFLAGS $withval"
649 fi
82f4e93d 650 ]
8e7b16f8 651)
0c2fb82f 652AC_ARG_WITH(cppflags,
653 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
654 [
6cf0200f 655 if test -n "$withval" && test "x$withval" != "xno" && \
656 test "x${withval}" != "xyes"; then
0c2fb82f 657 CPPFLAGS="$CPPFLAGS $withval"
658 fi
659 ]
660)
8e7b16f8 661AC_ARG_WITH(ldflags,
97b378bf 662 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 663 [
6cf0200f 664 if test -n "$withval" && test "x$withval" != "xno" && \
665 test "x${withval}" != "xyes"; then
8e7b16f8 666 LDFLAGS="$LDFLAGS $withval"
667 fi
82f4e93d 668 ]
8e7b16f8 669)
670AC_ARG_WITH(libs,
671 [ --with-libs Specify additional libraries to link with],
672 [
6cf0200f 673 if test -n "$withval" && test "x$withval" != "xno" && \
674 test "x${withval}" != "xyes"; then
8e7b16f8 675 LIBS="$LIBS $withval"
676 fi
82f4e93d 677 ]
8e7b16f8 678)
ed89c848 679AC_ARG_WITH(Werror,
680 [ --with-Werror Build main code with -Werror],
681 [
682 if test -n "$withval" && test "x$withval" != "xno"; then
683 werror_flags="-Werror"
1012885d 684 if test "x${withval}" != "xyes"; then
ed89c848 685 werror_flags="$withval"
686 fi
687 fi
688 ]
689)
8e7b16f8 690
c5829391 691AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 692AC_RUN_IFELSE(
693 [AC_LANG_SOURCE([
c5829391 694#include <stdio.h>
695int main(){exit(0);}
479cece8 696 ])],
c5829391 697 [ AC_MSG_RESULT(yes) ],
698 [
699 AC_MSG_RESULT(no)
700 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 701 ],
702 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 703)
704
b04a9f8c 705dnl Checks for header files.
706AC_CHECK_HEADERS( \
707 bstring.h \
708 crypt.h \
2f360c89 709 crypto/sha2.h \
b04a9f8c 710 dirent.h \
711 endian.h \
712 features.h \
37259a8e 713 fcntl.h \
b04a9f8c 714 floatingpoint.h \
715 getopt.h \
716 glob.h \
717 ia.h \
4c653d8e 718 iaf.h \
b04a9f8c 719 limits.h \
720 login.h \
b04a9f8c 721 maillock.h \
722 ndir.h \
e02505e2 723 net/if_tun.h \
b04a9f8c 724 netdb.h \
725 netgroup.h \
b04a9f8c 726 pam/pam_appl.h \
727 paths.h \
728 pty.h \
729 readpassphrase.h \
730 rpc/types.h \
731 security/pam_appl.h \
f73e2ad7 732 sha2.h \
b04a9f8c 733 shadow.h \
734 stddef.h \
735 stdint.h \
0957c2cf 736 string.h \
b04a9f8c 737 strings.h \
738 sys/audit.h \
739 sys/bitypes.h \
740 sys/bsdtty.h \
741 sys/cdefs.h \
742 sys/dir.h \
743 sys/mman.h \
744 sys/ndir.h \
745 sys/prctl.h \
746 sys/pstat.h \
747 sys/select.h \
748 sys/stat.h \
749 sys/stream.h \
750 sys/stropts.h \
751 sys/strtio.h \
752 sys/sysmacros.h \
753 sys/time.h \
754 sys/timers.h \
755 sys/un.h \
756 time.h \
757 tmpdir.h \
758 ttyent.h \
25dd2ce6 759 unistd.h \
b04a9f8c 760 usersec.h \
761 util.h \
762 utime.h \
763 utmp.h \
764 utmpx.h \
ea76f54c 765 vis.h \
b04a9f8c 766)
ddceb1c8 767
823221b2 768# lastlog.h requires sys/time.h to be included first on Solaris
769AC_CHECK_HEADERS(lastlog.h, [], [], [
770#ifdef HAVE_SYS_TIME_H
771# include <sys/time.h>
772#endif
773])
774
765a24cd 775# sys/ptms.h requires sys/stream.h to be included first on Solaris
776AC_CHECK_HEADERS(sys/ptms.h, [], [], [
777#ifdef HAVE_SYS_STREAM_H
778# include <sys/stream.h>
779#endif
780])
781
3919d576 782# login_cap.h requires sys/types.h on NetBSD
783AC_CHECK_HEADERS(login_cap.h, [], [], [
784#include <sys/types.h>
785])
786
a0391976 787# Checks for libraries.
98a7c37b 788AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
789AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 790
446227d6 791dnl IRIX and Solaris 2.5.1 have dirname() in libgen
792AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
793 AC_CHECK_LIB(gen, dirname,[
794 AC_CACHE_CHECK([for broken dirname],
795 ac_cv_have_broken_dirname, [
796 save_LIBS="$LIBS"
797 LIBS="$LIBS -lgen"
b0e7249f 798 AC_RUN_IFELSE(
799 [AC_LANG_SOURCE([[
446227d6 800#include <libgen.h>
801#include <string.h>
802
803int main(int argc, char **argv) {
804 char *s, buf[32];
805
806 strncpy(buf,"/etc", 32);
807 s = dirname(buf);
808 if (!s || strncmp(s, "/", 32) != 0) {
809 exit(1);
810 } else {
811 exit(0);
812 }
813}
b0e7249f 814 ]])],
815 [ ac_cv_have_broken_dirname="no" ],
816 [ ac_cv_have_broken_dirname="yes" ],
446227d6 817 [ ac_cv_have_broken_dirname="no" ],
446227d6 818 )
819 LIBS="$save_LIBS"
820 ])
821 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
822 LIBS="$LIBS -lgen"
823 AC_DEFINE(HAVE_DIRNAME)
824 AC_CHECK_HEADERS(libgen.h)
825 fi
826 ])
827])
828
829AC_CHECK_FUNC(getspnam, ,
830 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 831AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
832 [Define if you have the basename function.]))
446227d6 833
98a7c37b 834dnl zlib is required
835AC_ARG_WITH(zlib,
836 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 837 [ if test "x$withval" = "xno" ; then
838 AC_MSG_ERROR([*** zlib is required ***])
839 elif test "x$withval" != "xyes"; then
98a7c37b 840 if test -d "$withval/lib"; then
841 if test -n "${need_dash_r}"; then
5a162955 842 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 843 else
5a162955 844 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 845 fi
846 else
847 if test -n "${need_dash_r}"; then
5a162955 848 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 849 else
5a162955 850 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 851 fi
852 fi
853 if test -d "$withval/include"; then
5a162955 854 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 855 else
5a162955 856 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 857 fi
6dd05556 858 fi ]
98a7c37b 859)
860
0a15d73b 861AC_CHECK_LIB(z, deflate, ,
862 [
863 saved_CPPFLAGS="$CPPFLAGS"
864 saved_LDFLAGS="$LDFLAGS"
865 save_LIBS="$LIBS"
866 dnl Check default zlib install dir
867 if test -n "${need_dash_r}"; then
868 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
869 else
870 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
871 fi
872 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
873 LIBS="$LIBS -lz"
874 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
875 [
876 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
877 ]
878 )
879 ]
880)
4ad65809 881AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 882
883AC_ARG_WITH(zlib-version-check,
884 [ --without-zlib-version-check Disable zlib version check],
885 [ if test "x$withval" = "xno" ; then
886 zlib_check_nonfatal=1
887 fi
888 ]
889)
890
5c7fc85d 891AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 892AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 893#include <stdio.h>
4ad65809 894#include <zlib.h>
895int main()
896{
5c7fc85d 897 int a=0, b=0, c=0, d=0, n, v;
898 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
899 if (n != 3 && n != 4)
4ad65809 900 exit(1);
5c7fc85d 901 v = a*1000000 + b*10000 + c*100 + d;
902 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
903
904 /* 1.1.4 is OK */
905 if (a == 1 && b == 1 && c >= 4)
4ad65809 906 exit(0);
5c7fc85d 907
0072b59d 908 /* 1.2.3 and up are OK */
909 if (v >= 1020300)
5c7fc85d 910 exit(0);
911
4ad65809 912 exit(2);
913}
479cece8 914 ]])],
5c7fc85d 915 AC_MSG_RESULT(no),
916 [ AC_MSG_RESULT(yes)
8068d564 917 if test -z "$zlib_check_nonfatal" ; then
918 AC_MSG_ERROR([*** zlib too old - check config.log ***
919Your reported zlib version has known security problems. It's possible your
920vendor has fixed these problems without changing the version number. If you
921are sure this is the case, you can disable the check by running
922"./configure --without-zlib-version-check".
6090bcfe 923If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 924See http://www.gzip.org/zlib/ for details.])
8068d564 925 else
926 AC_MSG_WARN([zlib version may have security problems])
927 fi
1a01a50c 928 ],
929 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 930)
48e7916f 931
2c523de9 932dnl UnixWare 2.x
aff51935 933AC_CHECK_FUNC(strcasecmp,
2c523de9 934 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
935)
23361281 936AC_CHECK_FUNCS(utimes,
cda1ebcb 937 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
938 LIBS="$LIBS -lc89"]) ]
2c523de9 939)
4cca272e 940
7c6d759d 941dnl Checks for libutil functions
942AC_CHECK_HEADERS(libutil.h)
3466e002 943AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
944 [Define if your libraries define login()])])
7c6d759d 945AC_CHECK_FUNCS(logout updwtmp logwtmp)
946
a738c3b0 947AC_FUNC_STRFTIME
948
84ceda19 949# Check for ALTDIRFUNC glob() extension
950AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
951AC_EGREP_CPP(FOUNDIT,
952 [
953 #include <glob.h>
954 #ifdef GLOB_ALTDIRFUNC
955 FOUNDIT
956 #endif
aff51935 957 ],
84ceda19 958 [
3466e002 959 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
960 [Define if your system glob() function has
961 the GLOB_ALTDIRFUNC extension])
84ceda19 962 AC_MSG_RESULT(yes)
963 ],
964 [
965 AC_MSG_RESULT(no)
966 ]
967)
4cca272e 968
40849fdb 969# Check for g.gl_matchc glob() extension
970AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 971AC_TRY_COMPILE(
13ff27b7 972 [ #include <glob.h> ],
973 [glob_t g; g.gl_matchc = 1;],
aff51935 974 [
3466e002 975 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
976 [Define if your system glob() function has
977 gl_matchc options in glob_t])
aff51935 978 AC_MSG_RESULT(yes)
979 ],
980 [
981 AC_MSG_RESULT(no)
982 ]
40849fdb 983)
984
edbe6722 985AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 986AC_RUN_IFELSE(
479cece8 987 [AC_LANG_SOURCE([[
edbe6722 988#include <sys/types.h>
989#include <dirent.h>
aec4cb4f 990int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 991 ]])],
aff51935 992 [AC_MSG_RESULT(yes)],
edbe6722 993 [
994 AC_MSG_RESULT(no)
3466e002 995 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 996 [Define if your struct dirent expects you to
3466e002 997 allocate extra space for d_name])
1a01a50c 998 ],
82f4e93d 999 [
1a01a50c 1000 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1001 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1002 ]
1003)
1004
419e26e7 1005AC_MSG_CHECKING([for /proc/pid/fd directory])
1006if test -d "/proc/$$/fd" ; then
3466e002 1007 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1008 AC_MSG_RESULT(yes)
1009else
1010 AC_MSG_RESULT(no)
1011fi
1012
278588d8 1013# Check whether user wants S/Key support
aff51935 1014SKEY_MSG="no"
278588d8 1015AC_ARG_WITH(skey,
6ff3d0dc 1016 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1017 [
1018 if test "x$withval" != "xno" ; then
1019
1020 if test "x$withval" != "xyes" ; then
1021 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1022 LDFLAGS="$LDFLAGS -L${withval}/lib"
1023 fi
1024
3466e002 1025 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1026 LIBS="-lskey $LIBS"
aff51935 1027 SKEY_MSG="yes"
82f4e93d 1028
ddceb1c8 1029 AC_MSG_CHECKING([for s/key support])
b0e7249f 1030 AC_LINK_IFELSE(
1031 [AC_LANG_SOURCE([[
ddceb1c8 1032#include <stdio.h>
1033#include <skey.h>
aec4cb4f 1034int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1035 ]])],
ddceb1c8 1036 [AC_MSG_RESULT(yes)],
278588d8 1037 [
ddceb1c8 1038 AC_MSG_RESULT(no)
278588d8 1039 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1040 ])
141fc639 1041 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1042 AC_TRY_COMPILE(
1043 [#include <stdio.h>
1044 #include <skey.h>],
1045 [(void)skeychallenge(NULL,"name","",0);],
1046 [AC_MSG_RESULT(yes)
3466e002 1047 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1048 [Define if your skeychallenge()
1049 function takes 4 arguments (NetBSD)])],
141fc639 1050 [AC_MSG_RESULT(no)]
1051 )
278588d8 1052 fi
1053 ]
1054)
1055
1056# Check whether user wants TCP wrappers support
98a7c37b 1057TCPW_MSG="no"
278588d8 1058AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1059 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1060 [
1061 if test "x$withval" != "xno" ; then
1062 saved_LIBS="$LIBS"
98a7c37b 1063 saved_LDFLAGS="$LDFLAGS"
1064 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1065 if test -n "${withval}" && \
6cf0200f 1066 test "x${withval}" != "xyes"; then
98a7c37b 1067 if test -d "${withval}/lib"; then
1068 if test -n "${need_dash_r}"; then
5a162955 1069 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1070 else
5a162955 1071 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1072 fi
1073 else
1074 if test -n "${need_dash_r}"; then
5a162955 1075 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1076 else
5a162955 1077 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1078 fi
1079 fi
1080 if test -d "${withval}/include"; then
5a162955 1081 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1082 else
5a162955 1083 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1084 fi
98a7c37b 1085 fi
ddceb1c8 1086 LIBWRAP="-lwrap"
1087 LIBS="$LIBWRAP $LIBS"
278588d8 1088 AC_MSG_CHECKING(for libwrap)
1089 AC_TRY_LINK(
1090 [
77f09220 1091#include <sys/types.h>
1092#include <sys/socket.h>
1093#include <netinet/in.h>
278588d8 1094#include <tcpd.h>
1095 int deny_severity = 0, allow_severity = 0;
1096 ],
1097 [hosts_access(0);],
1098 [
1099 AC_MSG_RESULT(yes)
3466e002 1100 AC_DEFINE(LIBWRAP, 1,
1101 [Define if you want
1102 TCP Wrappers support])
ddceb1c8 1103 AC_SUBST(LIBWRAP)
98a7c37b 1104 TCPW_MSG="yes"
278588d8 1105 ],
1106 [
1107 AC_MSG_ERROR([*** libwrap missing])
1108 ]
1109 )
ddceb1c8 1110 LIBS="$saved_LIBS"
278588d8 1111 fi
1112 ]
1113)
1114
59031773 1115# Check whether user wants libedit support
1116LIBEDIT_MSG="no"
1117AC_ARG_WITH(libedit,
6ff3d0dc 1118 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1119 [ if test "x$withval" != "xno" ; then
737edf04 1120 if test "x$withval" != "xyes"; then
bb116c8e 1121 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1122 if test -n "${need_dash_r}"; then
1123 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1124 else
1125 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1126 fi
737edf04 1127 fi
59031773 1128 AC_CHECK_LIB(edit, el_init,
3466e002 1129 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1130 LIBEDIT="-ledit -lcurses"
1131 LIBEDIT_MSG="yes"
1132 AC_SUBST(LIBEDIT)
1133 ],
737edf04 1134 [ AC_MSG_ERROR(libedit not found) ],
1135 [ -lcurses ]
59031773 1136 )
f47ddccb 1137 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1138 AC_COMPILE_IFELSE(
1139 [AC_LANG_SOURCE([[
1140#include <histedit.h>
f47ddccb 1141int main(void)
1142{
1143 int i = H_SETSIZE;
1144 el_init("", NULL, NULL, NULL);
1145 exit(0);
1146}
d92622f9 1147 ]])],
f47ddccb 1148 [ AC_MSG_RESULT(yes) ],
1149 [ AC_MSG_RESULT(no)
1150 AC_MSG_ERROR(libedit version is not compatible) ]
1151 )
59031773 1152 fi ]
1153)
1154
7b578f7d 1155AUDIT_MODULE=none
1156AC_ARG_WITH(audit,
1157 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1158 [
1159 AC_MSG_CHECKING(for supported audit module)
1160 case "$withval" in
1161 bsm)
1162 AC_MSG_RESULT(bsm)
1163 AUDIT_MODULE=bsm
1164 dnl Checks for headers, libs and functions
1165 AC_CHECK_HEADERS(bsm/audit.h, [],
1166 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1167 AC_CHECK_LIB(bsm, getaudit, [],
1168 [AC_MSG_ERROR(BSM enabled and required library not found)])
1169 AC_CHECK_FUNCS(getaudit, [],
1170 [AC_MSG_ERROR(BSM enabled and required function not found)])
1171 # These are optional
7939c496 1172 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1173 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1174 ;;
1175 debug)
1176 AUDIT_MODULE=debug
1177 AC_MSG_RESULT(debug)
3466e002 1178 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1179 ;;
a2b3321d 1180 no)
d92622f9 1181 AC_MSG_RESULT(no)
a2b3321d 1182 ;;
7b578f7d 1183 *)
1184 AC_MSG_ERROR([Unknown audit module $withval])
1185 ;;
1186 esac ]
1187)
1188
19160674 1189dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1190AC_CHECK_FUNCS( \
1191 arc4random \
9a406e1e 1192 asprintf \
b04a9f8c 1193 b64_ntop \
1194 __b64_ntop \
1195 b64_pton \
1196 __b64_pton \
1197 bcopy \
1198 bindresvport_sa \
1199 clock \
1200 closefrom \
1201 dirfd \
b04a9f8c 1202 fchmod \
1203 fchown \
1204 freeaddrinfo \
1205 futimes \
1206 getaddrinfo \
1207 getcwd \
1208 getgrouplist \
1209 getnameinfo \
1210 getopt \
1211 getpeereid \
1212 _getpty \
1213 getrlimit \
1214 getttyent \
1215 glob \
1216 inet_aton \
1217 inet_ntoa \
1218 inet_ntop \
1219 innetgr \
1220 login_getcapbool \
1221 md5_crypt \
1222 memmove \
1223 mkdtemp \
1224 mmap \
1225 ngetaddrinfo \
1226 nsleep \
1227 ogetaddrinfo \
1228 openlog_r \
1229 openpty \
1230 prctl \
1231 pstat \
1232 readpassphrase \
1233 realpath \
1234 recvmsg \
1235 rresvport_af \
1236 sendmsg \
1237 setdtablesize \
1238 setegid \
1239 setenv \
1240 seteuid \
1241 setgroups \
1242 setlogin \
1243 setpcred \
1244 setproctitle \
1245 setregid \
1246 setreuid \
1247 setrlimit \
1248 setsid \
1249 setvbuf \
1250 sigaction \
1251 sigvec \
1252 snprintf \
1253 socketpair \
1254 strdup \
1255 strerror \
1256 strlcat \
1257 strlcpy \
1258 strmode \
1259 strnvis \
1260 strtonum \
1e29a0c8 1261 strtoll \
b04a9f8c 1262 strtoul \
1263 sysconf \
1264 tcgetpgrp \
1265 truncate \
1266 unsetenv \
1267 updwtmpx \
9a406e1e 1268 vasprintf \
b04a9f8c 1269 vhangup \
1270 vsnprintf \
1271 waitpid \
19160674 1272)
98a7c37b 1273
1a086f97 1274# IRIX has a const char return value for gai_strerror()
1275AC_CHECK_FUNCS(gai_strerror,[
1276 AC_DEFINE(HAVE_GAI_STRERROR)
1277 AC_TRY_COMPILE([
1278#include <sys/types.h>
1279#include <sys/socket.h>
1280#include <netdb.h>
1281
1282const char *gai_strerror(int);],[
1283char *str;
1284
1285str = gai_strerror(0);],[
1286 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1287 [Define if gai_strerror() returns const char *])])])
1288
3466e002 1289AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1290 [Some systems put nanosleep outside of libc]))
92b1decf 1291
309709db 1292dnl Make sure prototypes are defined for these before using them.
309709db 1293AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1294AC_CHECK_DECL(strsep,
1295 [AC_CHECK_FUNCS(strsep)],
1296 [],
1297 [
1298#ifdef HAVE_STRING_H
1299# include <string.h>
1300#endif
1301 ])
08412d26 1302
3490699c 1303dnl tcsendbreak might be a macro
1304AC_CHECK_DECL(tcsendbreak,
1305 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1306 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1307 [#include <termios.h>]
1308)
1309
41e0e158 1310AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1311
71f4c727 1312AC_CHECK_DECLS(SHUT_RD, , ,
1313 [
1314#include <sys/types.h>
1315#include <sys/socket.h>
1316 ])
956d6743 1317
1318AC_CHECK_DECLS(O_NONBLOCK, , ,
1319 [
1320#include <sys/types.h>
1321#ifdef HAVE_SYS_STAT_H
1322# include <sys/stat.h>
1323#endif
1324#ifdef HAVE_FCNTL_H
1325# include <fcntl.h>
1326#endif
1327 ])
1328
3f176010 1329AC_CHECK_FUNCS(setresuid, [
1330 dnl Some platorms have setresuid that isn't implemented, test for this
1331 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1332 AC_RUN_IFELSE(
1333 [AC_LANG_SOURCE([[
9a3fe0e2 1334#include <stdlib.h>
1335#include <errno.h>
1336int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1337 ]])],
3f176010 1338 [AC_MSG_RESULT(yes)],
3466e002 1339 [AC_DEFINE(BROKEN_SETRESUID, 1,
1340 [Define if your setresuid() is broken])
1a01a50c 1341 AC_MSG_RESULT(not implemented)],
1342 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1343 )
1344])
9a3fe0e2 1345
3f176010 1346AC_CHECK_FUNCS(setresgid, [
1347 dnl Some platorms have setresgid that isn't implemented, test for this
1348 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1349 AC_RUN_IFELSE(
1350 [AC_LANG_SOURCE([[
9a3fe0e2 1351#include <stdlib.h>
1352#include <errno.h>
1353int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1354 ]])],
3f176010 1355 [AC_MSG_RESULT(yes)],
3466e002 1356 [AC_DEFINE(BROKEN_SETRESGID, 1,
1357 [Define if your setresgid() is broken])
1a01a50c 1358 AC_MSG_RESULT(not implemented)],
1359 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1360 )
1361])
9a3fe0e2 1362
2e73a022 1363dnl Checks for time functions
1d7b9b20 1364AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1365dnl Checks for utmp functions
b03bd394 1366AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1367AC_CHECK_FUNCS(utmpname)
2e73a022 1368dnl Checks for utmpx functions
b03bd394 1369AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1370AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1371
aff51935 1372AC_CHECK_FUNC(daemon,
3466e002 1373 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1374 [AC_CHECK_LIB(bsd, daemon,
1375 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1376)
1377
aff51935 1378AC_CHECK_FUNC(getpagesize,
3466e002 1379 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1380 [Define if your libraries define getpagesize()])],
1381 [AC_CHECK_LIB(ucb, getpagesize,
1382 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1383)
1384
2647ae26 1385# Check for broken snprintf
1386if test "x$ac_cv_func_snprintf" = "xyes" ; then
1387 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1388 AC_RUN_IFELSE(
479cece8 1389 [AC_LANG_SOURCE([[
2647ae26 1390#include <stdio.h>
aec4cb4f 1391int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1392 ]])],
aff51935 1393 [AC_MSG_RESULT(yes)],
2647ae26 1394 [
1395 AC_MSG_RESULT(no)
3466e002 1396 AC_DEFINE(BROKEN_SNPRINTF, 1,
1397 [Define if your snprintf is busted])
2647ae26 1398 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1399 ],
1400 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1401 )
1402fi
1403
9a406e1e 1404# If we don't have a working asprintf, then we strongly depend on vsnprintf
1405# returning the right thing on overflow: the number of characters it tried to
1406# create (as per SUSv3)
1407if test "x$ac_cv_func_asprintf" != "xyes" && \
1408 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1409 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1410 AC_RUN_IFELSE(
1411 [AC_LANG_SOURCE([[
1412#include <sys/types.h>
1413#include <stdio.h>
1414#include <stdarg.h>
1415
1416int x_snprintf(char *str,size_t count,const char *fmt,...)
1417{
1418 size_t ret; va_list ap;
1419 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1420 return ret;
1421}
1422int main(void)
1423{
1424 char x[1];
1425 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1426} ]])],
1427 [AC_MSG_RESULT(yes)],
1428 [
1429 AC_MSG_RESULT(no)
1430 AC_DEFINE(BROKEN_SNPRINTF, 1,
1431 [Define if your snprintf is busted])
1432 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1433 ],
1434 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1435 )
1436fi
1437
31b0732a 1438# On systems where [v]snprintf is broken, but is declared in stdio,
1439# check that the fmt argument is const char * or just char *.
1440# This is only useful for when BROKEN_SNPRINTF
1441AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1442AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1443 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1444 int main(void) { snprintf(0, 0, 0); }
1445 ]])],
1446 [AC_MSG_RESULT(yes)
1447 AC_DEFINE(SNPRINTF_CONST, [const],
1448 [Define as const if snprintf() can declare const char *fmt])],
1449 [AC_MSG_RESULT(no)
1450 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1451
2f6f9cff 1452# Check for missing getpeereid (or equiv) support
1453NO_PEERCHECK=""
1454if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1455 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1456 AC_TRY_COMPILE(
1457 [#include <sys/types.h>
1458 #include <sys/socket.h>],
1459 [int i = SO_PEERCRED;],
62eb7db4 1460 [ AC_MSG_RESULT(yes)
3466e002 1461 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1462 ],
2f6f9cff 1463 [AC_MSG_RESULT(no)
1464 NO_PEERCHECK=1]
1465 )
1466fi
1467
70e7d0b0 1468dnl see whether mkstemp() requires XXXXXX
1469if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1470AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1471AC_RUN_IFELSE(
1472 [AC_LANG_SOURCE([[
70e7d0b0 1473#include <stdlib.h>
1474main() { char template[]="conftest.mkstemp-test";
1475if (mkstemp(template) == -1)
1476 exit(1);
1477unlink(template); exit(0);
1478}
b0e7249f 1479 ]])],
70e7d0b0 1480 [
1481 AC_MSG_RESULT(no)
1482 ],
aff51935 1483 [
70e7d0b0 1484 AC_MSG_RESULT(yes)
3466e002 1485 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1486 ],
1487 [
1488 AC_MSG_RESULT(yes)
1489 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1490 ]
70e7d0b0 1491)
1492fi
1493
eacb954e 1494dnl make sure that openpty does not reacquire controlling terminal
1495if test ! -z "$check_for_openpty_ctty_bug"; then
1496 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1497 AC_RUN_IFELSE(
1498 [AC_LANG_SOURCE([[
eacb954e 1499#include <stdio.h>
1500#include <sys/fcntl.h>
1501#include <sys/types.h>
1502#include <sys/wait.h>
1503
1504int
1505main()
1506{
1507 pid_t pid;
1508 int fd, ptyfd, ttyfd, status;
1509
1510 pid = fork();
1511 if (pid < 0) { /* failed */
1512 exit(1);
1513 } else if (pid > 0) { /* parent */
1514 waitpid(pid, &status, 0);
aff51935 1515 if (WIFEXITED(status))
eacb954e 1516 exit(WEXITSTATUS(status));
1517 else
1518 exit(2);
1519 } else { /* child */
1520 close(0); close(1); close(2);
1521 setsid();
1522 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1523 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1524 if (fd >= 0)
1525 exit(3); /* Acquired ctty: broken */
1526 else
1527 exit(0); /* Did not acquire ctty: OK */
1528 }
1529}
b0e7249f 1530 ]])],
eacb954e 1531 [
1532 AC_MSG_RESULT(yes)
1533 ],
1534 [
1535 AC_MSG_RESULT(no)
1536 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1537 ],
1538 [
1539 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1540 ]
1541 )
1542fi
1543
4b492aab 1544if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1545 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1546 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1547 AC_RUN_IFELSE(
1548 [AC_LANG_SOURCE([[
2fe51906 1549#include <stdio.h>
1550#include <sys/socket.h>
1551#include <netdb.h>
1552#include <errno.h>
1553#include <netinet/in.h>
1554
1555#define TEST_PORT "2222"
1556
1557int
1558main(void)
1559{
1560 int err, sock;
1561 struct addrinfo *gai_ai, *ai, hints;
1562 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1563
1564 memset(&hints, 0, sizeof(hints));
1565 hints.ai_family = PF_UNSPEC;
1566 hints.ai_socktype = SOCK_STREAM;
1567 hints.ai_flags = AI_PASSIVE;
1568
1569 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1570 if (err != 0) {
1571 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1572 exit(1);
1573 }
1574
1575 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1576 if (ai->ai_family != AF_INET6)
1577 continue;
1578
1579 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1580 sizeof(ntop), strport, sizeof(strport),
1581 NI_NUMERICHOST|NI_NUMERICSERV);
1582
1583 if (err != 0) {
1584 if (err == EAI_SYSTEM)
1585 perror("getnameinfo EAI_SYSTEM");
1586 else
1587 fprintf(stderr, "getnameinfo failed: %s\n",
1588 gai_strerror(err));
1589 exit(2);
1590 }
1591
1592 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1593 if (sock < 0)
1594 perror("socket");
1595 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1596 if (errno == EBADF)
1597 exit(3);
1598 }
1599 }
1600 exit(0);
1601}
b0e7249f 1602 ]])],
2fe51906 1603 [
1604 AC_MSG_RESULT(yes)
1605 ],
1606 [
1607 AC_MSG_RESULT(no)
1608 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1609 ],
1610 [
1611 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1612 ]
1613 )
1614fi
1615
4b492aab 1616if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1617 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1618 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1619 AC_RUN_IFELSE(
1620 [AC_LANG_SOURCE([[
5ccf88cb 1621#include <stdio.h>
1622#include <sys/socket.h>
1623#include <netdb.h>
1624#include <errno.h>
1625#include <netinet/in.h>
1626
1627#define TEST_PORT "2222"
1628
1629int
1630main(void)
1631{
1632 int err, sock;
1633 struct addrinfo *gai_ai, *ai, hints;
1634 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1635
1636 memset(&hints, 0, sizeof(hints));
1637 hints.ai_family = PF_UNSPEC;
1638 hints.ai_socktype = SOCK_STREAM;
1639 hints.ai_flags = AI_PASSIVE;
1640
1641 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1642 if (err != 0) {
1643 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1644 exit(1);
1645 }
1646
1647 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1648 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1649 continue;
1650
1651 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1652 sizeof(ntop), strport, sizeof(strport),
1653 NI_NUMERICHOST|NI_NUMERICSERV);
1654
1655 if (ai->ai_family == AF_INET && err != 0) {
1656 perror("getnameinfo");
1657 exit(2);
1658 }
1659 }
1660 exit(0);
1661}
b0e7249f 1662 ]])],
5ccf88cb 1663 [
1664 AC_MSG_RESULT(yes)
3466e002 1665 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1666 [Define if you have a getaddrinfo that fails
1667 for the all-zeros IPv6 address])
5ccf88cb 1668 ],
1669 [
1670 AC_MSG_RESULT(no)
1671 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1672 ],
ecd9ec09 1673 [
b0e7249f 1674 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1675 ]
1676 )
1677fi
1678
b29fd59f 1679if test "x$check_for_conflicting_getspnam" = "x1"; then
1680 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1681 AC_COMPILE_IFELSE(
1682 [
1683#include <shadow.h>
1684int main(void) {exit(0);}
1685 ],
1686 [
1687 AC_MSG_RESULT(no)
1688 ],
1689 [
1690 AC_MSG_RESULT(yes)
1691 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1692 [Conflicting defs for getspnam])
1693 ]
1694 )
1695fi
1696
7f8f5e00 1697AC_FUNC_GETPGRP
1698
5b991353 1699# Search for OpenSSL
1700saved_CPPFLAGS="$CPPFLAGS"
1701saved_LDFLAGS="$LDFLAGS"
a0391976 1702AC_ARG_WITH(ssl-dir,
1703 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1704 [
e9e4a1c7 1705 if test "x$withval" != "xno" ; then
99eb0f64 1706 case "$withval" in
1707 # Relative paths
1708 ./*|../*) withval="`pwd`/$withval"
1709 esac
5b991353 1710 if test -d "$withval/lib"; then
1711 if test -n "${need_dash_r}"; then
1712 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1713 else
1714 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1715 fi
1716 else
5b991353 1717 if test -n "${need_dash_r}"; then
1718 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1719 else
1720 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1721 fi
1722 fi
5b991353 1723 if test -d "$withval/include"; then
1724 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1725 else
5b991353 1726 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1727 fi
a0391976 1728 fi
5b991353 1729 ]
1730)
5486a457 1731LIBS="-lcrypto $LIBS"
3466e002 1732AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1733 [Define if your ssl headers are included
1734 with #include <openssl/header.h>]),
d45e3d76 1735 [
5b991353 1736 dnl Check default openssl install dir
1737 if test -n "${need_dash_r}"; then
1738 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1739 else
5b991353 1740 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1741 fi
5b991353 1742 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1743 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1744 [
1745 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1746 ]
1747 )
1748 ]
1749)
1750
cd018561 1751# Determine OpenSSL header version
1752AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1753AC_RUN_IFELSE(
479cece8 1754 [AC_LANG_SOURCE([[
cd018561 1755#include <stdio.h>
1756#include <string.h>
1757#include <openssl/opensslv.h>
1758#define DATA "conftest.sslincver"
1759int main(void) {
aff51935 1760 FILE *fd;
1761 int rc;
cd018561 1762
aff51935 1763 fd = fopen(DATA,"w");
1764 if(fd == NULL)
1765 exit(1);
cd018561 1766
1767 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1768 exit(1);
1769
1770 exit(0);
1771}
479cece8 1772 ]])],
cd018561 1773 [
1774 ssl_header_ver=`cat conftest.sslincver`
1775 AC_MSG_RESULT($ssl_header_ver)
1776 ],
1777 [
1778 AC_MSG_RESULT(not found)
1779 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1780 ],
1781 [
1782 AC_MSG_WARN([cross compiling: not checking])
cd018561 1783 ]
1784)
1785
1786# Determine OpenSSL library version
1787AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1788AC_RUN_IFELSE(
479cece8 1789 [AC_LANG_SOURCE([[
cd018561 1790#include <stdio.h>
1791#include <string.h>
1792#include <openssl/opensslv.h>
1793#include <openssl/crypto.h>
1794#define DATA "conftest.ssllibver"
1795int main(void) {
aff51935 1796 FILE *fd;
1797 int rc;
cd018561 1798
aff51935 1799 fd = fopen(DATA,"w");
1800 if(fd == NULL)
1801 exit(1);
cd018561 1802
1803 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1804 exit(1);
1805
1806 exit(0);
1807}
479cece8 1808 ]])],
cd018561 1809 [
1810 ssl_library_ver=`cat conftest.ssllibver`
1811 AC_MSG_RESULT($ssl_library_ver)
1812 ],
1813 [
1814 AC_MSG_RESULT(not found)
1815 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1816 ],
1817 [
1818 AC_MSG_WARN([cross compiling: not checking])
cd018561 1819 ]
1820)
58d100bf 1821
9780116c 1822# Sanity check OpenSSL headers
1823AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1824AC_RUN_IFELSE(
479cece8 1825 [AC_LANG_SOURCE([[
9780116c 1826#include <string.h>
1827#include <openssl/opensslv.h>
aec4cb4f 1828int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1829 ]])],
9780116c 1830 [
1831 AC_MSG_RESULT(yes)
1832 ],
1833 [
1834 AC_MSG_RESULT(no)
e15ba28b 1835 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1836Check config.log for details.
1837Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1838 ],
1839 [
1840 AC_MSG_WARN([cross compiling: not checking])
9780116c 1841 ]
1842)
1843
282d6408 1844AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1845AC_LINK_IFELSE(
1846 [AC_LANG_SOURCE([[
1847#include <openssl/evp.h>
1848int main(void) { SSLeay_add_all_algorithms(); }
1849 ]])],
1850 [
1851 AC_MSG_RESULT(yes)
1852 ],
1853 [
1854 AC_MSG_RESULT(no)
1855 saved_LIBS="$LIBS"
1856 LIBS="$LIBS -ldl"
1857 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1858 AC_LINK_IFELSE(
1859 [AC_LANG_SOURCE([[
1860#include <openssl/evp.h>
1861int main(void) { SSLeay_add_all_algorithms(); }
1862 ]])],
1863 [
1864 AC_MSG_RESULT(yes)
1865 ],
1866 [
1867 AC_MSG_RESULT(no)
1868 LIBS="$saved_LIBS"
1869 ]
1870 )
1871 ]
1872)
1873
c7ad0d99 1874AC_ARG_WITH(ssl-engine,
1875 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1876 [ if test "x$withval" != "xno" ; then
1877 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1878 AC_TRY_COMPILE(
1879 [ #include <openssl/engine.h>],
1880 [
1881int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1882 ],
1883 [ AC_MSG_RESULT(yes)
1884 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1885 [Enable OpenSSL engine support])
1886 ],
1887 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1888 )
1889 fi ]
1890)
1891
e5146707 1892# Check for OpenSSL without EVP_aes_{192,256}_cbc
1893AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 1894AC_LINK_IFELSE(
e5146707 1895 [AC_LANG_SOURCE([[
1896#include <string.h>
1897#include <openssl/evp.h>
300ea548 1898int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1899 ]])],
1900 [
1901 AC_MSG_RESULT(no)
1902 ],
1903 [
1904 AC_MSG_RESULT(yes)
1905 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1906 [libcrypto is missing AES 192 and 256 bit functions])
1907 ]
1908)
1909
5486a457 1910# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1911# because the system crypt() is more featureful.
1912if test "x$check_for_libcrypt_before" = "x1"; then
1913 AC_CHECK_LIB(crypt, crypt)
1914fi
1915
aff51935 1916# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1917# version in OpenSSL.
05114c74 1918if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1919 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1920fi
1921
13ff27b7 1922# Search for SHA256 support in libc and/or OpenSSL
1923AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1924
4c653d8e 1925AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1926
1927### Configure cryptographic random number support
1928
1929# Check wheter OpenSSL seeds itself
1930AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1931AC_RUN_IFELSE(
479cece8 1932 [AC_LANG_SOURCE([[
f1b0ecc3 1933#include <string.h>
1934#include <openssl/rand.h>
aec4cb4f 1935int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1936 ]])],
f1b0ecc3 1937 [
1938 OPENSSL_SEEDS_ITSELF=yes
1939 AC_MSG_RESULT(yes)
1940 ],
1941 [
1942 AC_MSG_RESULT(no)
1943 # Default to use of the rand helper if OpenSSL doesn't
1944 # seed itself
1945 USE_RAND_HELPER=yes
1a01a50c 1946 ],
1947 [
1948 AC_MSG_WARN([cross compiling: assuming yes])
1949 # This is safe, since all recent OpenSSL versions will
82f4e93d 1950 # complain at runtime if not seeded correctly.
1a01a50c 1951 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1952 ]
1953)
1954
a086f73b 1955# Check for PAM libs
1956PAM_MSG="no"
1957AC_ARG_WITH(pam,
1958 [ --with-pam Enable PAM support ],
1959 [
1960 if test "x$withval" != "xno" ; then
1961 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1962 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
1963 AC_MSG_ERROR([PAM headers not found])
1964 fi
1965
1966 saved_LIBS="$LIBS"
1967 AC_CHECK_LIB(dl, dlopen, , )
1968 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1969 AC_CHECK_FUNCS(pam_getenvlist)
1970 AC_CHECK_FUNCS(pam_putenv)
1971 LIBS="$saved_LIBS"
1972
1973 PAM_MSG="yes"
1974
282d6408 1975 LIBPAM="-lpam"
a086f73b 1976 AC_DEFINE(USE_PAM, 1,
1977 [Define if you want to enable PAM support])
282d6408 1978
a086f73b 1979 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 1980 case "$LIBS" in
1981 *-ldl*)
1982 # libdl already in LIBS
1983 ;;
1984 *)
08164407 1985 LIBPAM="$LIBPAM -ldl"
282d6408 1986 ;;
1987 esac
a086f73b 1988 fi
1989 AC_SUBST(LIBPAM)
1990 fi
1991 ]
1992)
1993
1994# Check for older PAM
1995if test "x$PAM_MSG" = "xyes" ; then
1996 # Check PAM strerror arguments (old PAM)
1997 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1998 AC_TRY_COMPILE(
1999 [
2000#include <stdlib.h>
2001#if defined(HAVE_SECURITY_PAM_APPL_H)
2002#include <security/pam_appl.h>
2003#elif defined (HAVE_PAM_PAM_APPL_H)
2004#include <pam/pam_appl.h>
2005#endif
2006 ],
2007 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2008 [AC_MSG_RESULT(no)],
2009 [
2010 AC_DEFINE(HAVE_OLD_PAM, 1,
2011 [Define if you have an old version of PAM
2012 which takes only one argument to pam_strerror])
2013 AC_MSG_RESULT(yes)
2014 PAM_MSG="yes (old library)"
2015 ]
2016 )
2017fi
f1b0ecc3 2018
2019# Do we want to force the use of the rand helper?
2020AC_ARG_WITH(rand-helper,
2021 [ --with-rand-helper Use subprocess to gather strong randomness ],
2022 [
2023 if test "x$withval" = "xno" ; then
aff51935 2024 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2025 # the previous test showed it to be unseeded.
2026 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2027 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2028 OPENSSL_SEEDS_ITSELF=yes
2029 USE_RAND_HELPER=""
2030 fi
2031 else
2032 USE_RAND_HELPER=yes
2033 fi
2034 ],
82f4e93d 2035)
f1b0ecc3 2036
2037# Which randomness source do we use?
4b492aab 2038if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2039 # OpenSSL only
3466e002 2040 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2041 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2042 RAND_MSG="OpenSSL internal ONLY"
2043 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2044elif test ! -z "$USE_RAND_HELPER" ; then
2045 # install rand helper
f1b0ecc3 2046 RAND_MSG="ssh-rand-helper"
2047 INSTALL_SSH_RAND_HELPER="yes"
2048fi
2049AC_SUBST(INSTALL_SSH_RAND_HELPER)
2050
2051### Configuration of ssh-rand-helper
2052
2053# PRNGD TCP socket
2054AC_ARG_WITH(prngd-port,
2055 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2056 [
eb5d7ff6 2057 case "$withval" in
2058 no)
2059 withval=""
2060 ;;
2061 [[0-9]]*)
2062 ;;
2063 *)
2064 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2065 ;;
2066 esac
2067 if test ! -z "$withval" ; then
f1b0ecc3 2068 PRNGD_PORT="$withval"
3466e002 2069 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2070 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2071 fi
2072 ]
2073)
2074
2075# PRNGD Unix domain socket
2076AC_ARG_WITH(prngd-socket,
2077 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2078 [
eb5d7ff6 2079 case "$withval" in
2080 yes)
f1b0ecc3 2081 withval="/var/run/egd-pool"
eb5d7ff6 2082 ;;
2083 no)
2084 withval=""
2085 ;;
2086 /*)
2087 ;;
2088 *)
2089 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2090 ;;
2091 esac
2092
2093 if test ! -z "$withval" ; then
f1b0ecc3 2094 if test ! -z "$PRNGD_PORT" ; then
2095 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2096 fi
906e811b 2097 if test ! -r "$withval" ; then
f1b0ecc3 2098 AC_MSG_WARN(Entropy socket is not readable)
2099 fi
2100 PRNGD_SOCKET="$withval"
3466e002 2101 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2102 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2103 fi
ddceb1c8 2104 ],
2105 [
2106 # Check for existing socket only if we don't have a random device already
2107 if test "$USE_RAND_HELPER" = yes ; then
2108 AC_MSG_CHECKING(for PRNGD/EGD socket)
2109 # Insert other locations here
2110 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2111 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2112 PRNGD_SOCKET="$sock"
2113 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2114 break;
2115 fi
2116 done
2117 if test ! -z "$PRNGD_SOCKET" ; then
2118 AC_MSG_RESULT($PRNGD_SOCKET)
2119 else
2120 AC_MSG_RESULT(not found)
2121 fi
2122 fi
f1b0ecc3 2123 ]
2124)
2125
2126# Change default command timeout for hashing entropy source
2127entropy_timeout=200
2128AC_ARG_WITH(entropy-timeout,
2129 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2130 [
6cf0200f 2131 if test -n "$withval" && test "x$withval" != "xno" && \
2132 test "x${withval}" != "xyes"; then
f1b0ecc3 2133 entropy_timeout=$withval
2134 fi
82f4e93d 2135 ]
f1b0ecc3 2136)
3466e002 2137AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2138 [Builtin PRNG command timeout])
f1b0ecc3 2139
fd3cbf67 2140SSH_PRIVSEP_USER=sshd
9a0fbcb3 2141AC_ARG_WITH(privsep-user,
5222e7ef 2142 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2143 [
6cf0200f 2144 if test -n "$withval" && test "x$withval" != "xno" && \
2145 test "x${withval}" != "xyes"; then
fd3cbf67 2146 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2147 fi
82f4e93d 2148 ]
9a0fbcb3 2149)
3466e002 2150AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2151 [non-privileged user for privilege separation])
fd3cbf67 2152AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2153
81dadca3 2154# We do this little dance with the search path to insure
2155# that programs that we select for use by installed programs
2156# (which may be run by the super-user) come from trusted
2157# locations before they come from the user's private area.
2158# This should help avoid accidentally configuring some
2159# random version of a program in someone's personal bin.
2160
2161OPATH=$PATH
2162PATH=/bin:/usr/bin
f95c8ce8 2163test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2164test -d /sbin && PATH=$PATH:/sbin
2165test -d /usr/sbin && PATH=$PATH:/usr/sbin
2166PATH=$PATH:/etc:$OPATH
2167
aff51935 2168# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2169OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2170OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2171OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2172OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2173OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2174OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2175OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2176OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2177OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2178OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2179OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2180OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2181OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2182OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2183OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2184OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2185# restore PATH
2186PATH=$OPATH
f1b0ecc3 2187
2188# Where does ssh-rand-helper get its randomness from?
2189INSTALL_SSH_PRNG_CMDS=""
2190if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2191 if test ! -z "$PRNGD_PORT" ; then
2192 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2193 elif test ! -z "$PRNGD_SOCKET" ; then
2194 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2195 else
2196 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2197 RAND_HELPER_CMDHASH=yes
2198 INSTALL_SSH_PRNG_CMDS="yes"
2199 fi
2200fi
2201AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2202
2203
66d6c27e 2204# Cheap hack to ensure NEWS-OS libraries are arranged right.
2205if test ! -z "$SONY" ; then
2206 LIBS="$LIBS -liberty";
2207fi
2208
9a406e1e 2209# Check for long long datatypes
2210AC_CHECK_TYPES([long long, unsigned long long, long double])
2211
2212# Check datatype sizes
976f7e19 2213AC_CHECK_SIZEOF(char, 1)
2b942fe0 2214AC_CHECK_SIZEOF(short int, 2)
2215AC_CHECK_SIZEOF(int, 4)
2216AC_CHECK_SIZEOF(long int, 4)
2217AC_CHECK_SIZEOF(long long int, 8)
2218
52f1ccb2 2219# Sanity check long long for some platforms (AIX)
2220if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2221 ac_cv_sizeof_long_long_int=0
2222fi
2223
90f15776 2224# compute LLONG_MIN and LLONG_MAX if we don't know them.
2225if test -z "$have_llong_max"; then
2226 AC_MSG_CHECKING([for max value of long long])
2227 AC_RUN_IFELSE(
2228 [AC_LANG_SOURCE([[
2229#include <stdio.h>
2230/* Why is this so damn hard? */
2231#ifdef __GNUC__
2232# undef __GNUC__
2233#endif
2234#define __USE_ISOC99
2235#include <limits.h>
2236#define DATA "conftest.llminmax"
055252ed 2237#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2238
2239/*
2240 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2241 * we do this the hard way.
2242 */
2243static int
2244fprint_ll(FILE *f, long long n)
2245{
2246 unsigned int i;
2247 int l[sizeof(long long) * 8];
2248
2249 if (n < 0)
2250 if (fprintf(f, "-") < 0)
2251 return -1;
2252 for (i = 0; n != 0; i++) {
2253 l[i] = my_abs(n % 10);
2254 n /= 10;
2255 }
2256 do {
2257 if (fprintf(f, "%d", l[--i]) < 0)
2258 return -1;
2259 } while (i != 0);
2260 if (fprintf(f, " ") < 0)
2261 return -1;
2262 return 0;
2263}
2264
90f15776 2265int main(void) {
2266 FILE *f;
2267 long long i, llmin, llmax = 0;
2268
2269 if((f = fopen(DATA,"w")) == NULL)
2270 exit(1);
2271
2272#if defined(LLONG_MIN) && defined(LLONG_MAX)
2273 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2274 llmin = LLONG_MIN;
2275 llmax = LLONG_MAX;
2276#else
2277 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2278 /* This will work on one's complement and two's complement */
2279 for (i = 1; i > llmax; i <<= 1, i++)
2280 llmax = i;
2281 llmin = llmax + 1LL; /* wrap */
2282#endif
2283
2284 /* Sanity check */
2285 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2286 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2287 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2288 fprintf(f, "unknown unknown\n");
2289 exit(2);
2290 }
2291
055252ed 2292 if (fprint_ll(f, llmin) < 0)
90f15776 2293 exit(3);
055252ed 2294 if (fprint_ll(f, llmax) < 0)
2295 exit(4);
2296 if (fclose(f) < 0)
2297 exit(5);
90f15776 2298 exit(0);
2299}
2300 ]])],
2301 [
2302 llong_min=`$AWK '{print $1}' conftest.llminmax`
2303 llong_max=`$AWK '{print $2}' conftest.llminmax`
2304
90f15776 2305 AC_MSG_RESULT($llong_max)
2306 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2307 [max value of long long calculated by configure])
2308 AC_MSG_CHECKING([for min value of long long])
2309 AC_MSG_RESULT($llong_min)
2310 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2311 [min value of long long calculated by configure])
2312 ],
2313 [
2314 AC_MSG_RESULT(not found)
2315 ],
2316 [
2317 AC_MSG_WARN([cross compiling: not checking])
2318 ]
2319 )
2320fi
2321
2322
a0391976 2323# More checks for data types
14a9a859 2324AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2325 AC_TRY_COMPILE(
aff51935 2326 [ #include <sys/types.h> ],
2327 [ u_int a; a = 1;],
14a9a859 2328 [ ac_cv_have_u_int="yes" ],
2329 [ ac_cv_have_u_int="no" ]
2330 )
2331])
2332if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2333 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2334 have_u_int=1
2335fi
2336
58d100bf 2337AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2338 AC_TRY_COMPILE(
aff51935 2339 [ #include <sys/types.h> ],
2340 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2341 [ ac_cv_have_intxx_t="yes" ],
2342 [ ac_cv_have_intxx_t="no" ]
2343 )
2344])
2345if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2346 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2347 have_intxx_t=1
2348fi
41cb4569 2349
2350if (test -z "$have_intxx_t" && \
aff51935 2351 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2352then
2353 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2354 AC_TRY_COMPILE(
aff51935 2355 [ #include <stdint.h> ],
2356 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2357 [
2358 AC_DEFINE(HAVE_INTXX_T)
2359 AC_MSG_RESULT(yes)
2360 ],
2361 [ AC_MSG_RESULT(no) ]
2362 )
2363fi
2364
bd590612 2365AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2366 AC_TRY_COMPILE(
1cbbe6c8 2367 [
2368#include <sys/types.h>
2369#ifdef HAVE_STDINT_H
2370# include <stdint.h>
2371#endif
2372#include <sys/socket.h>
2373#ifdef HAVE_SYS_BITYPES_H
2374# include <sys/bitypes.h>
2375#endif
aff51935 2376 ],
2377 [ int64_t a; a = 1;],
bd590612 2378 [ ac_cv_have_int64_t="yes" ],
2379 [ ac_cv_have_int64_t="no" ]
2380 )
2381])
2382if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2383 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2384fi
2385
58d100bf 2386AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2387 AC_TRY_COMPILE(
aff51935 2388 [ #include <sys/types.h> ],
2389 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2390 [ ac_cv_have_u_intxx_t="yes" ],
2391 [ ac_cv_have_u_intxx_t="no" ]
2392 )
2393])
2394if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2395 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2396 have_u_intxx_t=1
2397fi
2b942fe0 2398
41cb4569 2399if test -z "$have_u_intxx_t" ; then
2400 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2401 AC_TRY_COMPILE(
aff51935 2402 [ #include <sys/socket.h> ],
2403 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2404 [
2405 AC_DEFINE(HAVE_U_INTXX_T)
2406 AC_MSG_RESULT(yes)
2407 ],
2408 [ AC_MSG_RESULT(no) ]
2409 )
2410fi
2411
bd590612 2412AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2413 AC_TRY_COMPILE(
aff51935 2414 [ #include <sys/types.h> ],
2415 [ u_int64_t a; a = 1;],
bd590612 2416 [ ac_cv_have_u_int64_t="yes" ],
2417 [ ac_cv_have_u_int64_t="no" ]
2418 )
2419])
2420if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2421 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2422 have_u_int64_t=1
2423fi
2424
ddceb1c8 2425if test -z "$have_u_int64_t" ; then
2426 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2427 AC_TRY_COMPILE(
aff51935 2428 [ #include <sys/bitypes.h> ],
ddceb1c8 2429 [ u_int64_t a; a = 1],
2430 [
2431 AC_DEFINE(HAVE_U_INT64_T)
2432 AC_MSG_RESULT(yes)
2433 ],
2434 [ AC_MSG_RESULT(no) ]
2435 )
2436fi
2437
41cb4569 2438if test -z "$have_u_intxx_t" ; then
2439 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2440 AC_TRY_COMPILE(
2441 [
2442#include <sys/types.h>
aff51935 2443 ],
2444 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2445 [ ac_cv_have_uintxx_t="yes" ],
2446 [ ac_cv_have_uintxx_t="no" ]
2447 )
2448 ])
2449 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2450 AC_DEFINE(HAVE_UINTXX_T, 1,
2451 [define if you have uintxx_t data type])
41cb4569 2452 fi
2453fi
2454
2455if test -z "$have_uintxx_t" ; then
2456 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2457 AC_TRY_COMPILE(
aff51935 2458 [ #include <stdint.h> ],
2459 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2460 [
2461 AC_DEFINE(HAVE_UINTXX_T)
2462 AC_MSG_RESULT(yes)
2463 ],
2464 [ AC_MSG_RESULT(no) ]
2465 )
2466fi
2467
e5fe9a1f 2468if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2469 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2470then
2471 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2472 AC_TRY_COMPILE(
58d100bf 2473 [
2474#include <sys/bitypes.h>
aff51935 2475 ],
5cdfe03f 2476 [
837c30b8 2477 int8_t a; int16_t b; int32_t c;
2478 u_int8_t e; u_int16_t f; u_int32_t g;
2479 a = b = c = e = f = g = 1;
aff51935 2480 ],
5cdfe03f 2481 [
2482 AC_DEFINE(HAVE_U_INTXX_T)
2483 AC_DEFINE(HAVE_INTXX_T)
2484 AC_MSG_RESULT(yes)
2485 ],
2486 [AC_MSG_RESULT(no)]
aff51935 2487 )
5cdfe03f 2488fi
2489
0362750e 2490
2491AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2492 AC_TRY_COMPILE(
2493 [
2494#include <sys/types.h>
2495 ],
2496 [ u_char foo; foo = 125; ],
2497 [ ac_cv_have_u_char="yes" ],
2498 [ ac_cv_have_u_char="no" ]
2499 )
2500])
2501if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2502 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2503fi
2504
98a7c37b 2505TYPE_SOCKLEN_T
2b942fe0 2506
2d16d9a3 2507AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2508
777ece68 2509AC_CHECK_TYPES(in_addr_t,,,
2510[#include <sys/types.h>
2511#include <netinet/in.h>])
7b578f7d 2512
58d100bf 2513AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2514 AC_TRY_COMPILE(
2515 [
18ba2aab 2516#include <sys/types.h>
58d100bf 2517 ],
2518 [ size_t foo; foo = 1235; ],
2519 [ ac_cv_have_size_t="yes" ],
2520 [ ac_cv_have_size_t="no" ]
2521 )
2522])
2523if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2524 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2525fi
ea1970a3 2526
c04f75f1 2527AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2528 AC_TRY_COMPILE(
2529 [
2530#include <sys/types.h>
2531 ],
2532 [ ssize_t foo; foo = 1235; ],
2533 [ ac_cv_have_ssize_t="yes" ],
2534 [ ac_cv_have_ssize_t="no" ]
2535 )
2536])
2537if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2538 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2539fi
2540
f1c4659d 2541AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2542 AC_TRY_COMPILE(
2543 [
2544#include <time.h>
2545 ],
2546 [ clock_t foo; foo = 1235; ],
2547 [ ac_cv_have_clock_t="yes" ],
2548 [ ac_cv_have_clock_t="no" ]
2549 )
2550])
2551if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2552 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2553fi
2554
1c04b088 2555AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2556 AC_TRY_COMPILE(
2557 [
2558#include <sys/types.h>
2559#include <sys/socket.h>
2560 ],
2561 [ sa_family_t foo; foo = 1235; ],
2562 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2563 [ AC_TRY_COMPILE(
2564 [
2565#include <sys/types.h>
2566#include <sys/socket.h>
2567#include <netinet/in.h>
2568 ],
2569 [ sa_family_t foo; foo = 1235; ],
2570 [ ac_cv_have_sa_family_t="yes" ],
2571
1c04b088 2572 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2573 )]
1c04b088 2574 )
2575])
2576if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2577 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2578 [define if you have sa_family_t data type])
1c04b088 2579fi
2580
729bfe59 2581AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2582 AC_TRY_COMPILE(
2583 [
2584#include <sys/types.h>
2585 ],
2586 [ pid_t foo; foo = 1235; ],
2587 [ ac_cv_have_pid_t="yes" ],
2588 [ ac_cv_have_pid_t="no" ]
2589 )
2590])
2591if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2592 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2593fi
2594
2595AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2596 AC_TRY_COMPILE(
2597 [
2598#include <sys/types.h>
2599 ],
2600 [ mode_t foo; foo = 1235; ],
2601 [ ac_cv_have_mode_t="yes" ],
2602 [ ac_cv_have_mode_t="no" ]
2603 )
2604])
2605if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2606 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2607fi
2608
e3a93db0 2609
58d100bf 2610AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2611 AC_TRY_COMPILE(
2612 [
18ba2aab 2613#include <sys/types.h>
2614#include <sys/socket.h>
58d100bf 2615 ],
2616 [ struct sockaddr_storage s; ],
2617 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2618 [ ac_cv_have_struct_sockaddr_storage="no" ]
2619 )
2620])
2621if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2622 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2623 [define if you have struct sockaddr_storage data type])
58d100bf 2624fi
48e671d5 2625
58d100bf 2626AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2627 AC_TRY_COMPILE(
2628 [
cbd7492e 2629#include <sys/types.h>
58d100bf 2630#include <netinet/in.h>
2631 ],
2632 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2633 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2634 [ ac_cv_have_struct_sockaddr_in6="no" ]
2635 )
2636])
2637if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2638 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2639 [define if you have struct sockaddr_in6 data type])
58d100bf 2640fi
48e671d5 2641
58d100bf 2642AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2643 AC_TRY_COMPILE(
2644 [
cbd7492e 2645#include <sys/types.h>
58d100bf 2646#include <netinet/in.h>
2647 ],
2648 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2649 [ ac_cv_have_struct_in6_addr="yes" ],
2650 [ ac_cv_have_struct_in6_addr="no" ]
2651 )
2652])
2653if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2654 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2655 [define if you have struct in6_addr data type])
58d100bf 2656fi
48e671d5 2657
58d100bf 2658AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2659 AC_TRY_COMPILE(
2660 [
18ba2aab 2661#include <sys/types.h>
2662#include <sys/socket.h>
2663#include <netdb.h>
58d100bf 2664 ],
2665 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2666 [ ac_cv_have_struct_addrinfo="yes" ],
2667 [ ac_cv_have_struct_addrinfo="no" ]
2668 )
2669])
2670if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2671 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2672 [define if you have struct addrinfo data type])
58d100bf 2673fi
2674
89c7e31c 2675AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2676 AC_TRY_COMPILE(
aff51935 2677 [ #include <sys/time.h> ],
2678 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2679 [ ac_cv_have_struct_timeval="yes" ],
2680 [ ac_cv_have_struct_timeval="no" ]
2681 )
2682])
2683if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2684 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2685 have_struct_timeval=1
2686fi
2687
5271b55c 2688AC_CHECK_TYPES(struct timespec)
2689
85abc74b 2690# We need int64_t or else certian parts of the compile will fail.
4b492aab 2691if test "x$ac_cv_have_int64_t" = "xno" && \
2692 test "x$ac_cv_sizeof_long_int" != "x8" && \
2693 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2694 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2695 echo "an alternative compiler (I.E., GCC) before continuing."
2696 echo ""
2697 exit 1;
733cf7f4 2698else
2699dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2700 AC_RUN_IFELSE(
479cece8 2701 [AC_LANG_SOURCE([[
733cf7f4 2702#include <stdio.h>
2703#include <string.h>
2704#ifdef HAVE_SNPRINTF
2705main()
2706{
2707 char buf[50];
2708 char expected_out[50];
2709 int mazsize = 50 ;
2710#if (SIZEOF_LONG_INT == 8)
2711 long int num = 0x7fffffffffffffff;
2712#else
763a1a18 2713 long long num = 0x7fffffffffffffffll;
733cf7f4 2714#endif
2715 strcpy(expected_out, "9223372036854775807");
2716 snprintf(buf, mazsize, "%lld", num);
2717 if(strcmp(buf, expected_out) != 0)
aff51935 2718 exit(1);
733cf7f4 2719 exit(0);
2720}
2721#else
2722main() { exit(0); }
2723#endif
479cece8 2724 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2725 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2726 )
2c523de9 2727fi
2728
77bb0bca 2729dnl Checks for structure members
58d100bf 2730OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2731OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2732OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2733OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2734OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2735OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2736OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2737OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2738OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2739OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2740OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2741OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2742OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2743OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2744OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2745OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2746OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2747
2748AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2749AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2750 [Define if we don't have struct __res_state in resolv.h])],
2751[
2752#include <stdio.h>
2753#if HAVE_SYS_TYPES_H
2754# include <sys/types.h>
2755#endif
2756#include <netinet/in.h>
2757#include <arpa/nameser.h>
2758#include <resolv.h>
2759])
1d7b9b20 2760
58d100bf 2761AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2762 ac_cv_have_ss_family_in_struct_ss, [
2763 AC_TRY_COMPILE(
2764 [
18ba2aab 2765#include <sys/types.h>
2766#include <sys/socket.h>
58d100bf 2767 ],
2768 [ struct sockaddr_storage s; s.ss_family = 1; ],
2769 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2770 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2771 )
2772])
2773if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2774 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2775fi
2776
58d100bf 2777AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2778 ac_cv_have___ss_family_in_struct_ss, [
2779 AC_TRY_COMPILE(
2780 [
18ba2aab 2781#include <sys/types.h>
2782#include <sys/socket.h>
58d100bf 2783 ],
2784 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2785 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2786 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2787 )
2788])
2789if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2790 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2791 [Fields in struct sockaddr_storage])
58d100bf 2792fi
2793
2e73a022 2794AC_CACHE_CHECK([for pw_class field in struct passwd],
2795 ac_cv_have_pw_class_in_struct_passwd, [
2796 AC_TRY_COMPILE(
2797 [
2e73a022 2798#include <pwd.h>
2799 ],
97994d32 2800 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2801 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2802 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2803 )
2804])
2805if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2806 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2807 [Define if your password has a pw_class field])
2e73a022 2808fi
2809
7751d4eb 2810AC_CACHE_CHECK([for pw_expire field in struct passwd],
2811 ac_cv_have_pw_expire_in_struct_passwd, [
2812 AC_TRY_COMPILE(
2813 [
2814#include <pwd.h>
2815 ],
2816 [ struct passwd p; p.pw_expire = 0; ],
2817 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2818 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2819 )
2820])
2821if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2822 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2823 [Define if your password has a pw_expire field])
7751d4eb 2824fi
2825
2826AC_CACHE_CHECK([for pw_change field in struct passwd],
2827 ac_cv_have_pw_change_in_struct_passwd, [
2828 AC_TRY_COMPILE(
2829 [
2830#include <pwd.h>
2831 ],
2832 [ struct passwd p; p.pw_change = 0; ],
2833 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2834 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2835 )
2836])
2837if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2838 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2839 [Define if your password has a pw_change field])
7751d4eb 2840fi
58d100bf 2841
637f9177 2842dnl make sure we're using the real structure members and not defines
6f34652e 2843AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2844 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2845 AC_COMPILE_IFELSE(
6f34652e 2846 [
f95c8ce8 2847#include <sys/types.h>
6f34652e 2848#include <sys/socket.h>
2849#include <sys/uio.h>
637f9177 2850int main() {
2851#ifdef msg_accrights
1a01a50c 2852#error "msg_accrights is a macro"
637f9177 2853exit(1);
2854#endif
2855struct msghdr m;
2856m.msg_accrights = 0;
2857exit(0);
2858}
6f34652e 2859 ],
6f34652e 2860 [ ac_cv_have_accrights_in_msghdr="yes" ],
2861 [ ac_cv_have_accrights_in_msghdr="no" ]
2862 )
2863])
2864if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2865 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2866 [Define if your system uses access rights style
2867 file descriptor passing])
6f34652e 2868fi
2869
7176df4f 2870AC_CACHE_CHECK([for msg_control field in struct msghdr],
2871 ac_cv_have_control_in_msghdr, [
1a01a50c 2872 AC_COMPILE_IFELSE(
7176df4f 2873 [
f95c8ce8 2874#include <sys/types.h>
7176df4f 2875#include <sys/socket.h>
2876#include <sys/uio.h>
637f9177 2877int main() {
2878#ifdef msg_control
1a01a50c 2879#error "msg_control is a macro"
637f9177 2880exit(1);
2881#endif
2882struct msghdr m;
2883m.msg_control = 0;
2884exit(0);
2885}
7176df4f 2886 ],
7176df4f 2887 [ ac_cv_have_control_in_msghdr="yes" ],
2888 [ ac_cv_have_control_in_msghdr="no" ]
2889 )
2890])
2891if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2892 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2893 [Define if your system uses ancillary data style
2894 file descriptor passing])
7176df4f 2895fi
2896
58d100bf 2897AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2898 AC_TRY_LINK([],
2899 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2900 [ ac_cv_libc_defines___progname="yes" ],
2901 [ ac_cv_libc_defines___progname="no" ]
2902 )
2903])
2904if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2905 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2906fi
8946db53 2907
c921ee00 2908AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2909 AC_TRY_LINK([
2910#include <stdio.h>
aff51935 2911],
2912 [ printf("%s", __FUNCTION__); ],
c921ee00 2913 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2914 [ ac_cv_cc_implements___FUNCTION__="no" ]
2915 )
2916])
2917if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2918 AC_DEFINE(HAVE___FUNCTION__, 1,
2919 [Define if compiler implements __FUNCTION__])
c921ee00 2920fi
2921
2922AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2923 AC_TRY_LINK([
2924#include <stdio.h>
aff51935 2925],
2926 [ printf("%s", __func__); ],
c921ee00 2927 [ ac_cv_cc_implements___func__="yes" ],
2928 [ ac_cv_cc_implements___func__="no" ]
2929 )
2930])
2931if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2932 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2933fi
2934
9a406e1e 2935AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2936 AC_TRY_LINK(
2937 [#include <stdarg.h>
2938 va_list x,y;],
2939 [va_copy(x,y);],
2940 [ ac_cv_have_va_copy="yes" ],
2941 [ ac_cv_have_va_copy="no" ]
2942 )
2943])
2944if test "x$ac_cv_have_va_copy" = "xyes" ; then
2945 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2946fi
2947
2948AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2949 AC_TRY_LINK(
2950 [#include <stdarg.h>
2951 va_list x,y;],
2952 [__va_copy(x,y);],
2953 [ ac_cv_have___va_copy="yes" ],
2954 [ ac_cv_have___va_copy="no" ]
2955 )
2956])
2957if test "x$ac_cv_have___va_copy" = "xyes" ; then
2958 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2959fi
2960
1812a662 2961AC_CACHE_CHECK([whether getopt has optreset support],
2962 ac_cv_have_getopt_optreset, [
2963 AC_TRY_LINK(
2964 [
2965#include <getopt.h>
2966 ],
2967 [ extern int optreset; optreset = 0; ],
2968 [ ac_cv_have_getopt_optreset="yes" ],
2969 [ ac_cv_have_getopt_optreset="no" ]
2970 )
2971])
2972if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 2973 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2974 [Define if your getopt(3) defines and uses optreset])
1812a662 2975fi
a0391976 2976
819b676f 2977AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2978 AC_TRY_LINK([],
2979 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2980 [ ac_cv_libc_defines_sys_errlist="yes" ],
2981 [ ac_cv_libc_defines_sys_errlist="no" ]
2982 )
2983])
2984if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 2985 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2986 [Define if your system defines sys_errlist[]])
819b676f 2987fi
2988
2989
416ed5a7 2990AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2991 AC_TRY_LINK([],
2992 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2993 [ ac_cv_libc_defines_sys_nerr="yes" ],
2994 [ ac_cv_libc_defines_sys_nerr="no" ]
2995 )
2996])
2997if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 2998 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 2999fi
3000
aff51935 3001SCARD_MSG="no"
295c8801 3002# Check whether user wants sectok support
3003AC_ARG_WITH(sectok,
3004 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3005 [
3006 if test "x$withval" != "xno" ; then
3007 if test "x$withval" != "xyes" ; then
3008 CPPFLAGS="$CPPFLAGS -I${withval}"
3009 LDFLAGS="$LDFLAGS -L${withval}"
3010 if test ! -z "$need_dash_r" ; then
3011 LDFLAGS="$LDFLAGS -R${withval}"
3012 fi
3013 if test ! -z "$blibpath" ; then
3014 blibpath="$blibpath:${withval}"
3015 fi
3016 fi
3017 AC_CHECK_HEADERS(sectok.h)
3018 if test "$ac_cv_header_sectok_h" != yes; then
3019 AC_MSG_ERROR(Can't find sectok.h)
3020 fi
3021 AC_CHECK_LIB(sectok, sectok_open)
3022 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3023 AC_MSG_ERROR(Can't find libsectok)
3024 fi
3466e002 3025 AC_DEFINE(SMARTCARD, 1,
3026 [Define if you want smartcard support])
3027 AC_DEFINE(USE_SECTOK, 1,
3028 [Define if you want smartcard support
3029 using sectok])
aff51935 3030 SCARD_MSG="yes, using sectok"
295c8801 3031 fi
3032 ]
3033)
3034
3035# Check whether user wants OpenSC support
987b458f 3036OPENSC_CONFIG="no"
295c8801 3037AC_ARG_WITH(opensc,
e47fb473 3038 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3039 [
3040 if test "x$withval" != "xno" ; then
3041 if test "x$withval" != "xyes" ; then
3042 OPENSC_CONFIG=$withval/bin/opensc-config
3043 else
3044 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3045 fi
3046 if test "$OPENSC_CONFIG" != "no"; then
3047 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3048 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3049 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
3050 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
3051 AC_DEFINE(SMARTCARD)
3466e002 3052 AC_DEFINE(USE_OPENSC, 1,
3053 [Define if you want smartcard support
3054 using OpenSC])
987b458f 3055 SCARD_MSG="yes, using OpenSC"
3056 fi
3057 fi
3058 ]
3059)
d0b19c95 3060
c31dc31c 3061# Check libraries needed by DNS fingerprint support
aff51935 3062AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3063 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3064 [Define if getrrsetbyname() exists])],
3e05e934 3065 [
c31dc31c 3066 # Needed by our getrrsetbyname()
3067 AC_SEARCH_LIBS(res_query, resolv)
3068 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3069 AC_MSG_CHECKING(if res_query will link)
3070 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3071 [AC_MSG_RESULT(no)
3072 saved_LIBS="$LIBS"
3073 LIBS="$LIBS -lresolv"
3074 AC_MSG_CHECKING(for res_query in -lresolv)
3075 AC_LINK_IFELSE([
3076#include <resolv.h>
3077int main()
3078{
3079 res_query (0, 0, 0, 0, 0);
3080 return 0;
3081}
3082 ],
3083 [LIBS="$LIBS -lresolv"
3084 AC_MSG_RESULT(yes)],
3085 [LIBS="$saved_LIBS"
3086 AC_MSG_RESULT(no)])
3087 ])
c31dc31c 3088 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3089 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3090 [#include <sys/types.h>
3091 #include <arpa/nameser.h>])
c31dc31c 3092 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3093 [AC_DEFINE(HAVE_HEADER_AD, 1,
3094 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3095 [#include <arpa/nameser.h>])
3096 ])
3e05e934 3097
ef4d1846 3098# Check whether user wants SELinux support
3099SELINUX_MSG="no"
3100LIBSELINUX=""
3101AC_ARG_WITH(selinux,
3102 [ --with-selinux Enable SELinux support],
3103 [ if test "x$withval" != "xno" ; then
3104 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3105 SELINUX_MSG="yes"
3106 AC_CHECK_HEADER([selinux/selinux.h], ,
3107 AC_MSG_ERROR(SELinux support requires selinux.h header))
3108 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3109 AC_MSG_ERROR(SELinux support requires libselinux library))
3110 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3111 fi ]
3112)
3113AC_SUBST(LIBSELINUX)
3114
12928e80 3115# Check whether user wants Kerberos 5 support
aff51935 3116KRB5_MSG="no"
12928e80 3117AC_ARG_WITH(kerberos5,
aff51935 3118 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3119 [ if test "x$withval" != "xno" ; then
3120 if test "x$withval" = "xyes" ; then
3121 KRB5ROOT="/usr/local"
3122 else
3123 KRB5ROOT=${withval}
3124 fi
3125
3466e002 3126 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3127 KRB5_MSG="yes"
3128
3129 AC_MSG_CHECKING(for krb5-config)
3130 if test -x $KRB5ROOT/bin/krb5-config ; then
3131 KRB5CONF=$KRB5ROOT/bin/krb5-config
3132 AC_MSG_RESULT($KRB5CONF)
3133
3134 AC_MSG_CHECKING(for gssapi support)
3135 if $KRB5CONF | grep gssapi >/dev/null ; then
3136 AC_MSG_RESULT(yes)
3466e002 3137 AC_DEFINE(GSSAPI, 1,
3138 [Define this if you want GSSAPI
3139 support in the version 2 protocol])
071970fb 3140 k5confopts=gssapi
aff51935 3141 else
5585c441 3142 AC_MSG_RESULT(no)
071970fb 3143 k5confopts=""
aff51935 3144 fi
071970fb 3145 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3146 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3147 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3148 AC_MSG_CHECKING(whether we are using Heimdal)
3149 AC_TRY_COMPILE([ #include <krb5.h> ],
3150 [ char *tmp = heimdal_version; ],
3151 [ AC_MSG_RESULT(yes)
3466e002 3152 AC_DEFINE(HEIMDAL, 1,
3153 [Define this if you are using the
3154 Heimdal version of Kerberos V5]) ],
5585c441 3155 AC_MSG_RESULT(no)
3156 )
3157 else
3158 AC_MSG_RESULT(no)
12928e80 3159 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3160 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3161 AC_MSG_CHECKING(whether we are using Heimdal)
3162 AC_TRY_COMPILE([ #include <krb5.h> ],
3163 [ char *tmp = heimdal_version; ],
3164 [ AC_MSG_RESULT(yes)
3165 AC_DEFINE(HEIMDAL)
41707f74 3166 K5LIBS="-lkrb5 -ldes"
3167 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3168 AC_CHECK_LIB(roken, net_write,
41707f74 3169 [K5LIBS="$K5LIBS -lroken"])
aff51935 3170 ],
3171 [ AC_MSG_RESULT(no)
3172 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3173 ]
3174 )
4e00038c 3175 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3176
749560dd 3177 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3178 [ AC_DEFINE(GSSAPI)
3179 K5LIBS="-lgssapi $K5LIBS" ],
3180 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3181 [ AC_DEFINE(GSSAPI)
aff51935 3182 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3183 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3184 $K5LIBS)
3185 ],
3186 $K5LIBS)
82f4e93d 3187
749560dd 3188 AC_CHECK_HEADER(gssapi.h, ,
3189 [ unset ac_cv_header_gssapi_h
aff51935 3190 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3191 AC_CHECK_HEADERS(gssapi.h, ,
3192 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3193 )
749560dd 3194 ]
3195 )
3196
3197 oldCPP="$CPPFLAGS"
3198 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3199 AC_CHECK_HEADER(gssapi_krb5.h, ,
3200 [ CPPFLAGS="$oldCPP" ])
3201
aff51935 3202 fi
5585c441 3203 if test ! -z "$need_dash_r" ; then
3204 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3205 fi
3206 if test ! -z "$blibpath" ; then
3207 blibpath="$blibpath:${KRB5ROOT}/lib"
3208 fi
071970fb 3209
f5555364 3210 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3211 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3212 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3213
f5555364 3214 LIBS="$LIBS $K5LIBS"
3466e002 3215 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3216 [Define this if you want to use libkafs' AFS support]))
f5555364 3217 fi
071970fb 3218 ]
12928e80 3219)
b5b68128 3220
a0391976 3221# Looking for programs, paths and files
a0391976 3222
ecac8ee5 3223PRIVSEP_PATH=/var/empty
3224AC_ARG_WITH(privsep-path,
cda1ebcb 3225 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3226 [
6cf0200f 3227 if test -n "$withval" && test "x$withval" != "xno" && \
3228 test "x${withval}" != "xyes"; then
ecac8ee5 3229 PRIVSEP_PATH=$withval
3230 fi
3231 ]
3232)
3233AC_SUBST(PRIVSEP_PATH)
3234
a0391976 3235AC_ARG_WITH(xauth,
3236 [ --with-xauth=PATH Specify path to xauth program ],
3237 [
6cf0200f 3238 if test -n "$withval" && test "x$withval" != "xno" && \
3239 test "x${withval}" != "xyes"; then
cbd7492e 3240 xauth_path=$withval
a0391976 3241 fi
3242 ],
3243 [
2bf42e4a 3244 TestPath="$PATH"
3245 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3246 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3247 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3248 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3249 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3250 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3251 xauth_path="/usr/openwin/bin/xauth"
3252 fi
3253 ]
3254)
3255
65a4b4af 3256STRIP_OPT=-s
3257AC_ARG_ENABLE(strip,
3258 [ --disable-strip Disable calling strip(1) on install],
3259 [
3260 if test "x$enableval" = "xno" ; then
3261 STRIP_OPT=
3262 fi
3263 ]
3264)
3265AC_SUBST(STRIP_OPT)
3266
b3ec54b4 3267if test -z "$xauth_path" ; then
3268 XAUTH_PATH="undefined"
3269 AC_SUBST(XAUTH_PATH)
3270else
3466e002 3271 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3272 [Define if xauth is found in your path])
b3ec54b4 3273 XAUTH_PATH=$xauth_path
3274 AC_SUBST(XAUTH_PATH)
a0391976 3275fi
a0391976 3276
3277# Check for mail directory (last resort if we cannot get it from headers)
3278if test ! -z "$MAIL" ; then
3279 maildir=`dirname $MAIL`
3466e002 3280 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3281 [Set this to your mail directory if you don't have maillock.h])
a0391976 3282fi
3283
479cece8 3284if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3285 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3286 disable_ptmx_check=yes
3287fi
a0391976 3288if test -z "$no_dev_ptmx" ; then
6e879cb4 3289 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3290 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3291 [
3466e002 3292 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3293 [Define if you have /dev/ptmx])
6e879cb4 3294 have_dev_ptmx=1
3295 ]
3296 )
3297 fi
3276571c 3298fi
1a01a50c 3299
479cece8 3300if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3301 AC_CHECK_FILE("/dev/ptc",
3302 [
3466e002 3303 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3304 [Define if you have /dev/ptc])
1a01a50c 3305 have_dev_ptc=1
3306 ]
3307 )
3308else
3309 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3310fi
3276571c 3311
a0391976 3312# Options from here on. Some of these are preset by platform above
fdf6b7aa 3313AC_ARG_WITH(mantype,
5d97cfbf 3314 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3315 [
5d97cfbf 3316 case "$withval" in
3317 man|cat|doc)
3318 MANTYPE=$withval
3319 ;;
3320 *)
3321 AC_MSG_ERROR(invalid man type: $withval)
3322 ;;
3323 esac
c54a6257 3324 ]
3325)
e0c4d3ac 3326if test -z "$MANTYPE"; then
2bf42e4a 3327 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3328 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3329 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3330 MANTYPE=doc
3331 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3332 MANTYPE=man
3333 else
3334 MANTYPE=cat
3335 fi
3336fi
c54a6257 3337AC_SUBST(MANTYPE)
e0c4d3ac 3338if test "$MANTYPE" = "doc"; then
3339 mansubdir=man;
3340else
3341 mansubdir=$MANTYPE;
3342fi
3343AC_SUBST(mansubdir)
0bc5b6fb 3344
a0391976 3345# Check whether to enable MD5 passwords
aff51935 3346MD5_MSG="no"
2ddcfdf3 3347AC_ARG_WITH(md5-passwords,
caf3bc51 3348 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3349 [
bcf36c78 3350 if test "x$withval" != "xno" ; then
3466e002 3351 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3352 [Define if you want to allow MD5 passwords])
aff51935 3353 MD5_MSG="yes"
0bc5b6fb 3354 fi
3355 ]
caf3bc51 3356)
3357
a0391976 3358# Whether to disable shadow password support
a7effaac 3359AC_ARG_WITH(shadow,
3360 [ --without-shadow Disable shadow password support],
3361 [
82f4e93d 3362 if test "x$withval" = "xno" ; then
a7effaac 3363 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3364 disable_shadow=yes
a7effaac 3365 fi
3366 ]
3367)
3368
4cb5ffa0 3369if test -z "$disable_shadow" ; then
3370 AC_MSG_CHECKING([if the systems has expire shadow information])
3371 AC_TRY_COMPILE(
3372 [
3373#include <sys/types.h>
3374#include <shadow.h>
3375 struct spwd sp;
3376 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3377 [ sp_expire_available=yes ], []
3378 )
3379
3380 if test "x$sp_expire_available" = "xyes" ; then
3381 AC_MSG_RESULT(yes)
3466e002 3382 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3383 [Define if you want to use shadow password expire field])
4cb5ffa0 3384 else
3385 AC_MSG_RESULT(no)
3386 fi
3387fi
3388
a0391976 3389# Use ip address instead of hostname in $DISPLAY
44839801 3390if test ! -z "$IPADDR_IN_DISPLAY" ; then
3391 DISPLAY_HACK_MSG="yes"
3466e002 3392 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3393 [Define if you need to use IP address
3394 instead of hostname in $DISPLAY])
44839801 3395else
aff51935 3396 DISPLAY_HACK_MSG="no"
44839801 3397 AC_ARG_WITH(ipaddr-display,
3398 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3399 [
82f4e93d 3400 if test "x$withval" != "xno" ; then
44839801 3401 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3402 DISPLAY_HACK_MSG="yes"
44839801 3403 fi
3404 ]
3405 )
3406fi
a7effaac 3407
95b99395 3408# check for /etc/default/login and use it if present.
daa41e62 3409AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3410 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3411 [ if test "x$enableval" = "xno"; then
3412 AC_MSG_NOTICE([/etc/default/login handling disabled])
3413 etc_default_login=no
3414 else
3415 etc_default_login=yes
3416 fi ],
b0e7249f 3417 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3418 then
3419 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3420 etc_default_login=no
3421 else
3422 etc_default_login=yes
3423 fi ]
694d0cef 3424)
95b99395 3425
694d0cef 3426if test "x$etc_default_login" != "xno"; then
3427 AC_CHECK_FILE("/etc/default/login",
3428 [ external_path_file=/etc/default/login ])
b0e7249f 3429 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3430 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3431 [Define if your system has /etc/default/login])
1a01a50c 3432 fi
694d0cef 3433fi
95b99395 3434
8d184c09 3435dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3436if test $ac_cv_func_login_getcapbool = "yes" && \
3437 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3438 external_path_file=/etc/login.conf
8d184c09 3439fi
95b99395 3440
a0391976 3441# Whether to mess with the default path
aff51935 3442SERVER_PATH_MSG="(default)"
c43d69a9 3443AC_ARG_WITH(default-path,
75817f90 3444 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3445 [
95b99395 3446 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3447 AC_MSG_WARN([
3448--with-default-path=PATH has no effect on this system.
3449Edit /etc/login.conf instead.])
82f4e93d 3450 elif test "x$withval" != "xno" ; then
89bbd457 3451 if test ! -z "$external_path_file" ; then
95b99395 3452 AC_MSG_WARN([
3453--with-default-path=PATH will only be used if PATH is not defined in
3454$external_path_file .])
3455 fi
b2d818e6 3456 user_path="$withval"
aff51935 3457 SERVER_PATH_MSG="$withval"
cb807f40 3458 fi
b2d818e6 3459 ],
95b99395 3460 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3461 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3462 else
89bbd457 3463 if test ! -z "$external_path_file" ; then
95b99395 3464 AC_MSG_WARN([
3465If PATH is defined in $external_path_file, ensure the path to scp is included,
3466otherwise scp will not work.])
3467 fi
b0e7249f 3468 AC_RUN_IFELSE(
3469 [AC_LANG_SOURCE([[
b2d818e6 3470/* find out what STDPATH is */
3471#include <stdio.h>
b2d818e6 3472#ifdef HAVE_PATHS_H
3473# include <paths.h>
3474#endif
3475#ifndef _PATH_STDPATH
d9a4e55b 3476# ifdef _PATH_USERPATH /* Irix */
3477# define _PATH_STDPATH _PATH_USERPATH
3478# else
3479# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3480# endif
b2d818e6 3481#endif
3482#include <sys/types.h>
3483#include <sys/stat.h>
3484#include <fcntl.h>
3485#define DATA "conftest.stdpath"
3486
3487main()
3488{
3489 FILE *fd;
3490 int rc;
82f4e93d 3491
b2d818e6 3492 fd = fopen(DATA,"w");
3493 if(fd == NULL)
3494 exit(1);
82f4e93d 3495
b2d818e6 3496 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3497 exit(1);
3498
3499 exit(0);
3500}
b0e7249f 3501 ]])],
3502 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3503 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3504 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3505 )
3506# make sure $bindir is in USER_PATH so scp will work
3507 t_bindir=`eval echo ${bindir}`
3508 case $t_bindir in
3509 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3510 esac
3511 case $t_bindir in
3512 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3513 esac
3514 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3515 if test $? -ne 0 ; then
3516 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3517 if test $? -ne 0 ; then
3518 user_path=$user_path:$t_bindir
3519 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3520 fi
3521 fi
8d184c09 3522 fi ]
cb807f40 3523)
95b99395 3524if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3525 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3526 AC_SUBST(user_path)
3527fi
cb807f40 3528
06617857 3529# Set superuser path separately to user path
06617857 3530AC_ARG_WITH(superuser-path,
3531 [ --with-superuser-path= Specify different path for super-user],
3532 [
6cf0200f 3533 if test -n "$withval" && test "x$withval" != "xno" && \
3534 test "x${withval}" != "xyes"; then
3466e002 3535 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3536 [Define if you want a different $PATH
3537 for the superuser])
06617857 3538 superuser_path=$withval
3539 fi
3540 ]
3541)
3542
3543
58d100bf 3544AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3545IPV4_IN6_HACK_MSG="no"
80faa19f 3546AC_ARG_WITH(4in6,
3547 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3548 [
3549 if test "x$withval" != "xno" ; then
3550 AC_MSG_RESULT(yes)
3466e002 3551 AC_DEFINE(IPV4_IN_IPV6, 1,
3552 [Detect IPv4 in IPv6 mapped addresses
3553 and treat as IPv4])
aff51935 3554 IPV4_IN6_HACK_MSG="yes"
80faa19f 3555 else
3556 AC_MSG_RESULT(no)
3557 fi
3558 ],[
3559 if test "x$inet6_default_4in6" = "xyes"; then
3560 AC_MSG_RESULT([yes (default)])
3561 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3562 IPV4_IN6_HACK_MSG="yes"
80faa19f 3563 else
3564 AC_MSG_RESULT([no (default)])
3565 fi
3566 ]
3567)
3568
af774732 3569# Whether to enable BSD auth support
f1b0ecc3 3570BSD_AUTH_MSG=no
af774732 3571AC_ARG_WITH(bsd-auth,
3572 [ --with-bsd-auth Enable BSD auth support],
3573 [
82f4e93d 3574 if test "x$withval" != "xno" ; then
3466e002 3575 AC_DEFINE(BSD_AUTH, 1,
3576 [Define if you have BSD auth support])
f1b0ecc3 3577 BSD_AUTH_MSG=yes
af774732 3578 fi
3579 ]
3580)
3581
a0391976 3582# Where to place sshd.pid
19d9ac2a 3583piddir=/var/run
81dadca3 3584# make sure the directory exists
82f4e93d 3585if test ! -d $piddir ; then
81dadca3 3586 piddir=`eval echo ${sysconfdir}`
3587 case $piddir in
aff51935 3588 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3589 esac
3590fi
3591
47e45e44 3592AC_ARG_WITH(pid-dir,
3593 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3594 [
6cf0200f 3595 if test -n "$withval" && test "x$withval" != "xno" && \
3596 test "x${withval}" != "xyes"; then
19d9ac2a 3597 piddir=$withval
82f4e93d 3598 if test ! -d $piddir ; then
81dadca3 3599 AC_MSG_WARN([** no $piddir directory on this system **])
3600 fi
47e45e44 3601 fi
3602 ]
3603)
b7a87eea 3604
3466e002 3605AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3606AC_SUBST(piddir)
47e45e44 3607
1d7b9b20 3608dnl allow user to disable some login recording features
3609AC_ARG_ENABLE(lastlog,
bfd550a2 3610 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3611 [
3612 if test "x$enableval" = "xno" ; then
3613 AC_DEFINE(DISABLE_LASTLOG)
3614 fi
3615 ]
1d7b9b20 3616)
3617AC_ARG_ENABLE(utmp,
bfd550a2 3618 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3619 [
3620 if test "x$enableval" = "xno" ; then
3621 AC_DEFINE(DISABLE_UTMP)
3622 fi
3623 ]
1d7b9b20 3624)
3625AC_ARG_ENABLE(utmpx,
bfd550a2 3626 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3627 [
3628 if test "x$enableval" = "xno" ; then
3466e002 3629 AC_DEFINE(DISABLE_UTMPX, 1,
3630 [Define if you don't want to use utmpx])
ddb154b3 3631 fi
3632 ]
1d7b9b20 3633)
3634AC_ARG_ENABLE(wtmp,
bfd550a2 3635 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3636 [
3637 if test "x$enableval" = "xno" ; then
3638 AC_DEFINE(DISABLE_WTMP)
3639 fi
3640 ]
1d7b9b20 3641)
3642AC_ARG_ENABLE(wtmpx,
bfd550a2 3643 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3644 [
3645 if test "x$enableval" = "xno" ; then
3466e002 3646 AC_DEFINE(DISABLE_WTMPX, 1,
3647 [Define if you don't want to use wtmpx])
ddb154b3 3648 fi
3649 ]
1d7b9b20 3650)
3651AC_ARG_ENABLE(libutil,
bfd550a2 3652 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3653 [
3654 if test "x$enableval" = "xno" ; then
3655 AC_DEFINE(DISABLE_LOGIN)
3656 fi
3657 ]
1d7b9b20 3658)
3659AC_ARG_ENABLE(pututline,
bfd550a2 3660 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3661 [
3662 if test "x$enableval" = "xno" ; then
3466e002 3663 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3664 [Define if you don't want to use pututline()
3665 etc. to write [uw]tmp])
ddb154b3 3666 fi
3667 ]
1d7b9b20 3668)
3669AC_ARG_ENABLE(pututxline,
bfd550a2 3670 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3671 [
3672 if test "x$enableval" = "xno" ; then
3466e002 3673 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3674 [Define if you don't want to use pututxline()
3675 etc. to write [uw]tmpx])
ddb154b3 3676 fi
3677 ]
1d7b9b20 3678)
3679AC_ARG_WITH(lastlog,
bfd550a2 3680 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3681 [
82f4e93d 3682 if test "x$withval" = "xno" ; then
8c89dd2b 3683 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3684 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3685 conf_lastlog_location=$withval
3686 fi
3687 ]
3688)
1d7b9b20 3689
3690dnl lastlog, [uw]tmpx? detection
3691dnl NOTE: set the paths in the platform section to avoid the
3692dnl need for command-line parameters
3693dnl lastlog and [uw]tmp are subject to a file search if all else fails
3694
3695dnl lastlog detection
3696dnl NOTE: the code itself will detect if lastlog is a directory
3697AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3698AC_TRY_COMPILE([
3699#include <sys/types.h>
3700#include <utmp.h>
3701#ifdef HAVE_LASTLOG_H
3702# include <lastlog.h>
3703#endif
d7c0f3d5 3704#ifdef HAVE_PATHS_H
1d7b9b20 3705# include <paths.h>
41cb4569 3706#endif
3707#ifdef HAVE_LOGIN_H
3708# include <login.h>
1d7b9b20 3709#endif
3710 ],
3711 [ char *lastlog = LASTLOG_FILE; ],
3712 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3713 [
3714 AC_MSG_RESULT(no)
3715 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3716 AC_TRY_COMPILE([
3717#include <sys/types.h>
3718#include <utmp.h>
3719#ifdef HAVE_LASTLOG_H
3720# include <lastlog.h>
3721#endif
3722#ifdef HAVE_PATHS_H
3723# include <paths.h>
3724#endif
3725 ],
3726 [ char *lastlog = _PATH_LASTLOG; ],
3727 [ AC_MSG_RESULT(yes) ],
3728 [
f282b668 3729 AC_MSG_RESULT(no)
d7c0f3d5 3730 system_lastlog_path=no
3731 ])
3732 ]
1d7b9b20 3733)
d7c0f3d5 3734
1d7b9b20 3735if test -z "$conf_lastlog_location"; then
3736 if test x"$system_lastlog_path" = x"no" ; then
3737 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3738 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3739 conf_lastlog_location=$f
3740 fi
3741 done
3742 if test -z "$conf_lastlog_location"; then
f8119cef 3743 AC_MSG_WARN([** Cannot find lastlog **])
3744 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3745 fi
3746 fi
3747fi
3748
3749if test -n "$conf_lastlog_location"; then
3466e002 3750 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3751 [Define if you want to specify the path to your lastlog file])
82f4e93d 3752fi
1d7b9b20 3753
3754dnl utmp detection
3755AC_MSG_CHECKING([if your system defines UTMP_FILE])
3756AC_TRY_COMPILE([
3757#include <sys/types.h>
3758#include <utmp.h>
d7c0f3d5 3759#ifdef HAVE_PATHS_H
1d7b9b20 3760# include <paths.h>
3761#endif
3762 ],
3763 [ char *utmp = UTMP_FILE; ],
3764 [ AC_MSG_RESULT(yes) ],
3765 [ AC_MSG_RESULT(no)
3766 system_utmp_path=no ]
3767)
3768if test -z "$conf_utmp_location"; then
3769 if test x"$system_utmp_path" = x"no" ; then
3770 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3771 if test -f $f ; then
3772 conf_utmp_location=$f
3773 fi
3774 done
3775 if test -z "$conf_utmp_location"; then
3776 AC_DEFINE(DISABLE_UTMP)
3777 fi
3778 fi
3779fi
3780if test -n "$conf_utmp_location"; then
3466e002 3781 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3782 [Define if you want to specify the path to your utmp file])
82f4e93d 3783fi
1d7b9b20 3784
3785dnl wtmp detection
3786AC_MSG_CHECKING([if your system defines WTMP_FILE])
3787AC_TRY_COMPILE([
3788#include <sys/types.h>
3789#include <utmp.h>
d7c0f3d5 3790#ifdef HAVE_PATHS_H
1d7b9b20 3791# include <paths.h>
3792#endif
3793 ],
3794 [ char *wtmp = WTMP_FILE; ],
3795 [ AC_MSG_RESULT(yes) ],
3796 [ AC_MSG_RESULT(no)
3797 system_wtmp_path=no ]
3798)
3799if test -z "$conf_wtmp_location"; then
3800 if test x"$system_wtmp_path" = x"no" ; then
3801 for f in /usr/adm/wtmp /var/log/wtmp; do
3802 if test -f $f ; then
3803 conf_wtmp_location=$f
3804 fi
3805 done
3806 if test -z "$conf_wtmp_location"; then
3807 AC_DEFINE(DISABLE_WTMP)
3808 fi
3809 fi
3810fi
3811if test -n "$conf_wtmp_location"; then
3466e002 3812 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3813 [Define if you want to specify the path to your wtmp file])
82f4e93d 3814fi
1d7b9b20 3815
3816
3817dnl utmpx detection - I don't know any system so perverse as to require
3818dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3819dnl there, though.
3820AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3821AC_TRY_COMPILE([
3822#include <sys/types.h>
3823#include <utmp.h>
3824#ifdef HAVE_UTMPX_H
3825#include <utmpx.h>
3826#endif
d7c0f3d5 3827#ifdef HAVE_PATHS_H
1d7b9b20 3828# include <paths.h>
3829#endif
3830 ],
3831 [ char *utmpx = UTMPX_FILE; ],
3832 [ AC_MSG_RESULT(yes) ],
3833 [ AC_MSG_RESULT(no)
3834 system_utmpx_path=no ]
3835)
3836if test -z "$conf_utmpx_location"; then
3837 if test x"$system_utmpx_path" = x"no" ; then
3838 AC_DEFINE(DISABLE_UTMPX)
3839 fi
3840else
3466e002 3841 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3842 [Define if you want to specify the path to your utmpx file])
82f4e93d 3843fi
1d7b9b20 3844
3845dnl wtmpx detection
3846AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3847AC_TRY_COMPILE([
3848#include <sys/types.h>
3849#include <utmp.h>
3850#ifdef HAVE_UTMPX_H
3851#include <utmpx.h>
3852#endif
d7c0f3d5 3853#ifdef HAVE_PATHS_H
1d7b9b20 3854# include <paths.h>
3855#endif
3856 ],
3857 [ char *wtmpx = WTMPX_FILE; ],
3858 [ AC_MSG_RESULT(yes) ],
3859 [ AC_MSG_RESULT(no)
3860 system_wtmpx_path=no ]
3861)
3862if test -z "$conf_wtmpx_location"; then
3863 if test x"$system_wtmpx_path" = x"no" ; then
3864 AC_DEFINE(DISABLE_WTMPX)
3865 fi
3866else
3466e002 3867 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3868 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3869fi
1d7b9b20 3870
b7a87eea 3871
bd499f9e 3872if test ! -z "$blibpath" ; then
68ece370 3873 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3874 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3875fi
3876
ed89c848 3877dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3878dnl Add now.
3879CFLAGS="$CFLAGS $werror_flags"
3880
3c62e7eb 3881AC_EXEEXT
d7cfdd7c 3882AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
46096a5b 3883 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3884AC_OUTPUT
d3083fbd 3885
cbd7492e 3886# Print summary of options
3887
cbd7492e 3888# Someone please show me a better way :)
3889A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3890B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3891C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3892D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3893E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3894F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3895G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3896H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3897I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3898J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3899
3900echo ""
26de7942 3901echo "OpenSSH has been configured with the following options:"
ecac8ee5 3902echo " User binaries: $B"
3903echo " System binaries: $C"
3904echo " Configuration files: $D"
3905echo " Askpass program: $E"
3906echo " Manual pages: $F"
3907echo " PID file: $G"
3908echo " Privilege separation chroot path: $H"
95b99395 3909if test "x$external_path_file" = "x/etc/login.conf" ; then
3910echo " At runtime, sshd will use the path defined in $external_path_file"
3911echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3912else
ecac8ee5 3913echo " sshd default user PATH: $I"
89bbd457 3914 if test ! -z "$external_path_file"; then
95b99395 3915echo " (If PATH is set in $external_path_file it will be used instead. If"
3916echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3917 fi
8d184c09 3918fi
06617857 3919if test ! -z "$superuser_path" ; then
ecac8ee5 3920echo " sshd superuser user PATH: $J"
3921fi
3922echo " Manpage format: $MANTYPE"
3e05e934 3923echo " PAM support: $PAM_MSG"
5b84789f 3924echo " OSF SIA support: $SIA_MSG"
ecac8ee5 3925echo " KerberosV support: $KRB5_MSG"
ef4d1846 3926echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3927echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3928echo " S/KEY support: $SKEY_MSG"
3929echo " TCP Wrappers support: $TCPW_MSG"
3930echo " MD5 password support: $MD5_MSG"
59031773 3931echo " libedit support: $LIBEDIT_MSG"
5b84789f 3932echo " Solaris process contract support: $SPC_MSG"
3deb1408 3933echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3934echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3935echo " BSD Auth support: $BSD_AUTH_MSG"
3936echo " Random number source: $RAND_MSG"
f1b0ecc3 3937if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3938echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3939fi
3940
cbd7492e 3941echo ""
3942
0c2fb82f 3943echo " Host: ${host}"
3944echo " Compiler: ${CC}"
3945echo " Compiler flags: ${CFLAGS}"
3946echo "Preprocessor flags: ${CPPFLAGS}"
3947echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3948echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3949
3950echo ""
3951
9cefe228 3952if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3953 echo "SVR4 style packages are supported with \"make package\""
3954 echo ""
9cefe228 3955fi
3956
adeebd37 3957if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3958 echo "PAM is enabled. You may need to install a PAM control file "
3959 echo "for sshd, otherwise password authentication may fail. "
aff51935 3960 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3961 echo "subdirectory"
adeebd37 3962 echo ""
3963fi
3964
f1b0ecc3 3965if test ! -z "$RAND_HELPER_CMDHASH" ; then
3966 echo "WARNING: you are using the builtin random number collection "
3967 echo "service. Please read WARNING.RNG and request that your OS "
3968 echo "vendor includes kernel-based random number collection in "
3969 echo "future versions of your OS."
2c523de9 3970 echo ""
3971fi
af774732 3972
2f6f9cff 3973if test ! -z "$NO_PEERCHECK" ; then
3974 echo "WARNING: the operating system that you are using does not "
3975 echo "appear to support either the getpeereid() API nor the "
3976 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3977 echo "enforce security checks to prevent unauthorised connections to "
3978 echo "ssh-agent. Their absence increases the risk that a malicious "
3979 echo "user can connect to your agent. "
3980 echo ""
3981fi
3982
7b578f7d 3983if test "$AUDIT_MODULE" = "bsm" ; then
3984 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3985 echo "See the Solaris section in README.platform for details."
3986fi
git-cvsimport mirror of OpenSSH
This page took 1.550273 seconds and 5 git commands to generate.