]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- djm@cvs.openbsd.org 2008/12/09 02:39:59
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
b5902374 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
cd595991 112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
b55b0285 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
caa21240 127 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 128 # and/or platforms, so we test if we can. If it's not supported
53e2660a 129 # on a given platform gcc will emit a warning so we use -Werror.
caa21240 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
23c5c479 132 AC_MSG_CHECKING(if $CC supports $t)
caa21240 133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
23c5c479 135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
53e2660a 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
23c5c479 141 ])],
caa21240 142 [ AC_MSG_RESULT(yes)
23c5c479 143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
caa21240 145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
53e2660a 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
caa21240 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
23c5c479 156 )
caa21240 157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
eb5a7224 164
dfafb2e1 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
d423d822 176fi
177
0b9fdeb8 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
e6354014 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
82f4e93d 185 if test "x$withval" = "xno" ; then
e6354014 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
aa56f760 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
6d39a5c4 265 poll.h \
aa56f760 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
4538e135 282 sys/mount.h \
aa56f760 283 sys/ndir.h \
8aa5db7d 284 sys/poll.h \
aa56f760 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
4538e135 292 sys/statvfs.h \
aa56f760 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
40701614 300 ucred.h \
aa56f760 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
5b84789f 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
a0391976 333# Check for some target-specific stuff
a7effaac 334case "$host" in
9d6b1b96 335*-*-aix*)
25a2779b 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
aff51935 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 358 if (test -z "$blibpath"); then
0a15d73b 359 blibpath="/usr/lib:/lib"
68ece370 360 fi
361 saved_LDFLAGS="$LDFLAGS"
e7479666 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
68ece370 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
bd499f9e 378 fi
68ece370 379 LDFLAGS="$saved_LDFLAGS"
e351e493 380 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
0764e748 383 [AC_CHECK_LIB(s,authenticate,
e351e493 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 385 LIBS="$LIBS -ls"
386 ])
387 ])
ba603e06 388 dnl Check for various auth function declarations in headers.
c85ed8e2 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 392 AC_CHECK_DECLS(loginfailed,
e351e493 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
f58c0e01 395 [#include <usersec.h>],
e351e493 396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
3466e002 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 401 [AC_MSG_RESULT(no)]
e351e493 402 )],
403 [],
404 [#include <usersec.h>]
405 )
533a78f0 406 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 407 AC_CHECK_DECL(F_CLOSEM,
795e7517 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
5ccf88cb 413 check_for_aix_broken_getaddrinfo=1
3466e002 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 419 dnl AIX handles lastlog as part of its login message
3466e002 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
961c2997 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 429 ;;
3c62e7eb 430*-*-cygwin*)
a52997bd 431 check_for_libcrypt_later=1
04765d02 432 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
437 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
438 [Define if your system choked on IP TOS setting])
439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
440 [Define if X11 doesn't support AF_UNIX sockets on that system])
441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
442 [Define if the concept of ports only accessible to
443 superusers isn't known])
444 AC_DEFINE(DISABLE_FD_PASSING, 1,
445 [Define if your platform needs to skip post auth
446 file descriptor passing])
3c62e7eb 447 ;;
d6fdb079 448*-*-dgux*)
449 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 450 AC_DEFINE(SETEUID_BREAKS_SETUID)
451 AC_DEFINE(BROKEN_SETREUID)
452 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 453 ;;
39c98ef7 454*-*-darwin*)
33e2e066 455 AC_MSG_CHECKING(if we have working getaddrinfo)
456 AC_TRY_RUN([#include <mach-o/dyld.h>
457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
458 exit(0);
459 else
460 exit(1);
461}], [AC_MSG_RESULT(working)],
462 [AC_MSG_RESULT(buggy)
3466e002 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 464 [AC_MSG_RESULT(assume it is working)])
635e0c42 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
470 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
473 [Use tunnel device compatibility to OpenBSD])
474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
475 [Prepend the address family to IP tunnel traffic])
a74e9b64 476 m4_pattern_allow(AU_IPv)
477 AC_CHECK_DECL(AU_IPv4, [],
478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
479 [#include <bsm/audit.h>]
480 )
39c98ef7 481 ;;
36f36ba3 482*-*-dragonfly*)
483 SSHDLIBS="$SSHDLIBS -lcrypt"
484 ;;
7d458c86 485*-*-hpux*)
486 # first we define all of the options common to all HP-UX releases
b8fea62d 487 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 488 IPADDR_IN_DISPLAY=yes
2b10f47a 489 AC_DEFINE(USE_PIPES)
3466e002 490 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
491 [Define if your login program cannot handle end of options ("--")])
a2572aa7 492 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 493 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
494 [String used in /etc/passwd to denote locked account])
3a2b2b44 495 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 496 MAIL="/var/mail/username"
f75ca46d 497 LIBS="$LIBS -lsec"
7d458c86 498 AC_CHECK_LIB(xnet, t_error, ,
499 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
500
501 # next, we define all of the options specific to major releases
502 case "$host" in
503 *-*-hpux10*)
504 if test -z "$GCC"; then
505 CFLAGS="$CFLAGS -Ae"
506 fi
507 ;;
508 *-*-hpux11*)
3466e002 509 AC_DEFINE(PAM_SUN_CODEBASE, 1,
510 [Define if you are using Solaris-derived PAM which
511 passes pam_messages to the conversation function
512 with an extra level of indirection])
513 AC_DEFINE(DISABLE_UTMP, 1,
514 [Define if you don't want to use utmp])
7d458c86 515 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
516 check_for_hpux_broken_getaddrinfo=1
517 check_for_conflicting_getspnam=1
518 ;;
519 esac
520
521 # lastly, we define options specific to minor releases
522 case "$host" in
523 *-*-hpux10.26)
3466e002 524 AC_DEFINE(HAVE_SECUREWARE, 1,
525 [Define if you have SecureWare-based
526 protected password database])
7d458c86 527 disable_ptmx_check=yes
528 LIBS="$LIBS -lsecpw"
529 ;;
530 esac
2b763e31 531 ;;
d94aa2ae 532*-*-irix5*)
6ac7829a 533 PATH="$PATH:/usr/etc"
3466e002 534 AC_DEFINE(BROKEN_INET_NTOA, 1,
535 [Define if you system's inet_ntoa is busted
536 (e.g. Irix gcc issue)])
cb433561 537 AC_DEFINE(SETEUID_BREAKS_SETUID)
538 AC_DEFINE(BROKEN_SETREUID)
539 AC_DEFINE(BROKEN_SETREGID)
3466e002 540 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
541 [Define if you shouldn't strip 'tty' from your
542 ttyname in [uw]tmp])
3e6e3da0 543 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 544 ;;
545*-*-irix6*)
6ac7829a 546 PATH="$PATH:/usr/etc"
3466e002 547 AC_DEFINE(WITH_IRIX_ARRAY, 1,
548 [Define if you have/want arrays
549 (cluster-wide session managment, not C arrays)])
550 AC_DEFINE(WITH_IRIX_PROJECT, 1,
551 [Define if you want IRIX project management])
552 AC_DEFINE(WITH_IRIX_AUDIT, 1,
553 [Define if you want IRIX audit trails])
554 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
555 [Define if you want IRIX kernel jobs])])
416ed5a7 556 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 557 AC_DEFINE(SETEUID_BREAKS_SETUID)
558 AC_DEFINE(BROKEN_SETREUID)
559 AC_DEFINE(BROKEN_SETREGID)
3466e002 560 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 561 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 562 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 563 ;;
5cdfe03f 564*-*-linux*)
565 no_dev_ptmx=1
717057b6 566 check_for_libcrypt_later=1
eacb954e 567 check_for_openpty_ctty_bug=1
3466e002 568 AC_DEFINE(PAM_TTY_KLUDGE, 1,
569 [Work around problematic Linux PAM modules handling of PAM_TTY])
570 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
571 [String used in /etc/passwd to denote locked account])
3a2b2b44 572 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 573 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
574 [Define to whatever link() returns for "not supported"
575 if it doesn't return EOPNOTSUPP.])
b6610e8f 576 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 577 AC_DEFINE(USE_BTMP)
80faa19f 578 inet6_default_4in6=yes
bf7c1e6c 579 case `uname -r` in
ad84c479 580 1.*|2.0.*)
3466e002 581 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
582 [Define if cmsg_type is not passed correctly])
bf7c1e6c 583 ;;
bf7c1e6c 584 esac
c40f09ca 585 # tun(4) forwarding compat code
d91775e1 586 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 587 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 588 AC_DEFINE(SSH_TUN_LINUX, 1,
589 [Open tunnel devices the Linux tun/tap way])
590 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
591 [Use tunnel device compatibility to OpenBSD])
592 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
593 [Prepend the address family to IP tunnel traffic])
594 fi
5cdfe03f 595 ;;
66d6c27e 596mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 597 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 598 SONY=1
66d6c27e 599 ;;
d468fc76 600*-*-netbsd*)
33e2e066 601 check_for_libcrypt_before=1
82f4e93d 602 if test "x$withval" != "xno" ; then
e6354014 603 need_dash_r=1
604 fi
0f6cb079 605 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
606 AC_CHECK_HEADER([net/if_tap.h], ,
607 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
608 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
609 [Prepend the address family to IP tunnel traffic])
d468fc76 610 ;;
86b416a7 611*-*-freebsd*)
612 check_for_libcrypt_later=1
988c5031 613 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 614 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
615 AC_CHECK_HEADER([net/if_tap.h], ,
616 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 617 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 618 ;;
8707b7eb 619*-*-bsdi*)
620 AC_DEFINE(SETEUID_BREAKS_SETUID)
621 AC_DEFINE(BROKEN_SETREUID)
622 AC_DEFINE(BROKEN_SETREGID)
623 ;;
729bfe59 624*-next-*)
729bfe59 625 conf_lastlog_location="/usr/adm/lastlog"
698d107e 626 conf_utmp_location=/etc/utmp
627 conf_wtmp_location=/usr/adm/wtmp
628 MAIL=/usr/spool/mail
3466e002 629 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 630 AC_DEFINE(BROKEN_REALPATH)
00937921 631 AC_DEFINE(USE_PIPES)
3466e002 632 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 633 ;;
5b7b5e23 634*-*-openbsd*)
635 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 636 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 637 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 638 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
639 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 640 ;;
9d6b1b96 641*-*-solaris*)
82f4e93d 642 if test "x$withval" != "xno" ; then
010e9d5b 643 need_dash_r=1
644 fi
adeebd37 645 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 646 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 647 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
648 [Some versions of /bin/login need the TERM supplied
649 on the commandline])
7f0a4ff1 650 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 651 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
652 [Define if pam_chauthtok wants real uid set
653 to the unpriv'ed user])
3e6e3da0 654 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 655 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 656 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
657 [Define if sshd somehow reacquires a controlling TTY
658 after setsid()])
795aa5f5 659 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
660 in case the name is longer than 8 chars])
95b99395 661 external_path_file=/etc/default/login
1d7b9b20 662 # hardwire lastlog location (can't detect it on some versions)
663 conf_lastlog_location="/var/adm/lastlog"
32c80420 664 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
665 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
666 if test "$sol2ver" -ge 8; then
667 AC_MSG_RESULT(yes)
668 AC_DEFINE(DISABLE_UTMP)
3466e002 669 AC_DEFINE(DISABLE_WTMP, 1,
670 [Define if you don't want to use wtmp])
32c80420 671 else
672 AC_MSG_RESULT(no)
673 fi
5b84789f 674 AC_ARG_WITH(solaris-contracts,
675 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
676 [
677 AC_CHECK_LIB(contract, ct_tmpl_activate,
678 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
679 [Define if you have Solaris process contracts])
680 SSHDLIBS="$SSHDLIBS -lcontract"
681 AC_SUBST(SSHDLIBS)
682 SPC_MSG="yes" ], )
683 ],
684 )
9d6b1b96 685 ;;
a423beaf 686*-*-sunos4*)
0c2fb82f 687 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 688 AC_CHECK_FUNCS(getpwanam)
adeebd37 689 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 690 conf_utmp_location=/etc/utmp
691 conf_wtmp_location=/var/adm/wtmp
692 conf_lastlog_location=/var/adm/lastlog
137d7b6c 693 AC_DEFINE(USE_PIPES)
a423beaf 694 ;;
6f68f28a 695*-ncr-sysv*)
98a7c37b 696 LIBS="$LIBS -lc89"
29525240 697 AC_DEFINE(USE_PIPES)
eabb99c6 698 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 699 AC_DEFINE(SETEUID_BREAKS_SETUID)
700 AC_DEFINE(BROKEN_SETREUID)
701 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 702 ;;
132dd316 703*-sni-sysv*)
c8c15bcb 704 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 705 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 706 # -lresolv needs to be at the end of LIBS or DNS lookups break
707 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 708 IPADDR_IN_DISPLAY=yes
709 AC_DEFINE(USE_PIPES)
132dd316 710 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 711 AC_DEFINE(SETEUID_BREAKS_SETUID)
712 AC_DEFINE(BROKEN_SETREUID)
713 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 714 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 715 external_path_file=/etc/default/login
c8c15bcb 716 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
717 # Attention: always take care to bind libsocket and libnsl before libc,
718 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 719 ;;
79a7ba96 720# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 721*-*-sysv4.2*)
ed6553e2 722 AC_DEFINE(USE_PIPES)
7ed101c0 723 AC_DEFINE(SETEUID_BREAKS_SETUID)
724 AC_DEFINE(BROKEN_SETREUID)
725 AC_DEFINE(BROKEN_SETREGID)
46f853b9 726 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 727 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 728 ;;
79a7ba96 729# UnixWare 7.x, OpenUNIX 8
77bb0bca 730*-*-sysv5*)
d7d2cc6e 731 check_for_libcrypt_later=1
732 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 733 AC_DEFINE(USE_PIPES)
7ed101c0 734 AC_DEFINE(SETEUID_BREAKS_SETUID)
735 AC_DEFINE(BROKEN_SETREUID)
736 AC_DEFINE(BROKEN_SETREGID)
3466e002 737 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 738 case "$host" in
739 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
740 TEST_SHELL=/u95/bin/sh
3466e002 741 AC_DEFINE(BROKEN_LIBIAF, 1,
742 [ia_uinfo routines not supported by OS yet])
5cc6ddad 743 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 744 ;;
e45da4d6 745 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
746 ;;
822015dd 747 esac
77bb0bca 748 ;;
9d6b1b96 749*-*-sysv*)
9d6b1b96 750 ;;
79a7ba96 751# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 752*-*-sco3.2v4*)
11cf4f1f 753 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 754 ;;
79a7ba96 755# SCO OpenServer 5.x
77bb0bca 756*-*-sco3.2v5*)
21710e39 757 if test -z "$GCC"; then
758 CFLAGS="$CFLAGS -belf"
759 fi
ed6553e2 760 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 761 no_dev_ptmx=1
ed6553e2 762 AC_DEFINE(USE_PIPES)
6e879cb4 763 AC_DEFINE(HAVE_SECUREWARE)
d287c664 764 AC_DEFINE(DISABLE_SHADOW)
94d8258b 765 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 766 AC_DEFINE(SETEUID_BREAKS_SETUID)
767 AC_DEFINE(BROKEN_SETREUID)
768 AC_DEFINE(BROKEN_SETREGID)
bcebad47 769 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 770 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 771 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 772 AC_CHECK_FUNCS(getluid setluid)
533875af 773 MANTYPE=man
a3245b92 774 TEST_SHELL=ksh
509b1f88 775 ;;
ccbb983c 776*-*-unicosmk*)
3466e002 777 AC_DEFINE(NO_SSH_LASTLOG, 1,
778 [Define if you don't want to use lastlog in session.c])
c1ad5966 779 AC_DEFINE(SETEUID_BREAKS_SETUID)
780 AC_DEFINE(BROKEN_SETREUID)
781 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 782 AC_DEFINE(USE_PIPES)
783 AC_DEFINE(DISABLE_FD_PASSING)
784 LDFLAGS="$LDFLAGS"
785 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
786 MANTYPE=cat
d262b7f2 787 ;;
7b9a8c6e 788*-*-unicosmp*)
c1ad5966 789 AC_DEFINE(SETEUID_BREAKS_SETUID)
790 AC_DEFINE(BROKEN_SETREUID)
791 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 792 AC_DEFINE(WITH_ABBREV_NO_TTY)
793 AC_DEFINE(USE_PIPES)
794 AC_DEFINE(DISABLE_FD_PASSING)
795 LDFLAGS="$LDFLAGS"
c1ad5966 796 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 797 MANTYPE=cat
798 ;;
ca5c7d6a 799*-*-unicos*)
c1ad5966 800 AC_DEFINE(SETEUID_BREAKS_SETUID)
801 AC_DEFINE(BROKEN_SETREUID)
802 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 803 AC_DEFINE(USE_PIPES)
94d8258b 804 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 805 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 806 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
807 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
808 MANTYPE=cat
a704dd54 809 ;;
4d33e531 810*-dec-osf*)
99c8ddac 811 AC_MSG_CHECKING(for Digital Unix SIA)
812 no_osfsia=""
813 AC_ARG_WITH(osfsia,
814 [ --with-osfsia Enable Digital Unix SIA],
815 [
816 if test "x$withval" = "xno" ; then
817 AC_MSG_RESULT(disabled)
818 no_osfsia=1
819 fi
820 ],
821 )
822 if test -z "$no_osfsia" ; then
4d33e531 823 if test -f /etc/sia/matrix.conf; then
824 AC_MSG_RESULT(yes)
3466e002 825 AC_DEFINE(HAVE_OSF_SIA, 1,
826 [Define if you have Digital Unix Security
827 Integration Architecture])
828 AC_DEFINE(DISABLE_LOGIN, 1,
829 [Define if you don't want to use your
830 system's login() call])
58d0df4e 831 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 832 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 833 SIA_MSG="yes"
4d33e531 834 else
835 AC_MSG_RESULT(no)
3466e002 836 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
837 [String used in /etc/passwd to denote locked account])
4d33e531 838 fi
839 fi
a6e67b60 840 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 841 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 842 AC_DEFINE(BROKEN_SETREUID)
843 AC_DEFINE(BROKEN_SETREGID)
6ed8a3ae 844 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
4d33e531 845 ;;
41cb4569 846
9c54c067 847*-*-nto-qnx*)
41cb4569 848 AC_DEFINE(USE_PIPES)
849 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 850 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
851 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
852 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 853 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 854 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 855 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 856 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 857 case "$host" in
858 *-*-nto-qnx6*)
859 AC_DEFINE(DISABLE_FD_PASSING)
860 ;;
861 esac
41cb4569 862 ;;
35fc74ed 863
864*-*-ultrix*)
3466e002 865 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
866 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 867 AC_DEFINE(NEED_SETPGRP)
b5765e1d 868 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
869 ;;
157b6700 870
871*-*-lynxos)
872 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 873 AC_DEFINE(MISSING_HOWMANY)
157b6700 874 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
875 ;;
a7effaac 876esac
877
c5829391 878AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 879AC_RUN_IFELSE(
880 [AC_LANG_SOURCE([
c5829391 881#include <stdio.h>
882int main(){exit(0);}
479cece8 883 ])],
c5829391 884 [ AC_MSG_RESULT(yes) ],
885 [
886 AC_MSG_RESULT(no)
887 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 888 ],
889 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 890)
891
b04a9f8c 892dnl Checks for header files.
a0391976 893# Checks for libraries.
98a7c37b 894AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
895AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 896
446227d6 897dnl IRIX and Solaris 2.5.1 have dirname() in libgen
898AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
899 AC_CHECK_LIB(gen, dirname,[
900 AC_CACHE_CHECK([for broken dirname],
901 ac_cv_have_broken_dirname, [
902 save_LIBS="$LIBS"
903 LIBS="$LIBS -lgen"
b0e7249f 904 AC_RUN_IFELSE(
905 [AC_LANG_SOURCE([[
446227d6 906#include <libgen.h>
907#include <string.h>
908
909int main(int argc, char **argv) {
910 char *s, buf[32];
911
912 strncpy(buf,"/etc", 32);
913 s = dirname(buf);
914 if (!s || strncmp(s, "/", 32) != 0) {
915 exit(1);
916 } else {
917 exit(0);
918 }
919}
b0e7249f 920 ]])],
921 [ ac_cv_have_broken_dirname="no" ],
922 [ ac_cv_have_broken_dirname="yes" ],
446227d6 923 [ ac_cv_have_broken_dirname="no" ],
446227d6 924 )
925 LIBS="$save_LIBS"
926 ])
927 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
928 LIBS="$LIBS -lgen"
929 AC_DEFINE(HAVE_DIRNAME)
930 AC_CHECK_HEADERS(libgen.h)
931 fi
932 ])
933])
934
935AC_CHECK_FUNC(getspnam, ,
936 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 937AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
938 [Define if you have the basename function.]))
446227d6 939
98a7c37b 940dnl zlib is required
941AC_ARG_WITH(zlib,
942 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 943 [ if test "x$withval" = "xno" ; then
944 AC_MSG_ERROR([*** zlib is required ***])
945 elif test "x$withval" != "xyes"; then
98a7c37b 946 if test -d "$withval/lib"; then
947 if test -n "${need_dash_r}"; then
5a162955 948 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 949 else
5a162955 950 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 951 fi
952 else
953 if test -n "${need_dash_r}"; then
5a162955 954 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 955 else
5a162955 956 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 957 fi
958 fi
959 if test -d "$withval/include"; then
5a162955 960 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 961 else
5a162955 962 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 963 fi
6dd05556 964 fi ]
98a7c37b 965)
966
0a15d73b 967AC_CHECK_LIB(z, deflate, ,
968 [
969 saved_CPPFLAGS="$CPPFLAGS"
970 saved_LDFLAGS="$LDFLAGS"
971 save_LIBS="$LIBS"
972 dnl Check default zlib install dir
973 if test -n "${need_dash_r}"; then
974 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
975 else
976 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
977 fi
978 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
979 LIBS="$LIBS -lz"
980 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
981 [
982 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
983 ]
984 )
985 ]
986)
4ad65809 987AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 988
989AC_ARG_WITH(zlib-version-check,
990 [ --without-zlib-version-check Disable zlib version check],
991 [ if test "x$withval" = "xno" ; then
992 zlib_check_nonfatal=1
993 fi
994 ]
995)
996
5c7fc85d 997AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 998AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 999#include <stdio.h>
4ad65809 1000#include <zlib.h>
1001int main()
1002{
5c7fc85d 1003 int a=0, b=0, c=0, d=0, n, v;
1004 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1005 if (n != 3 && n != 4)
4ad65809 1006 exit(1);
5c7fc85d 1007 v = a*1000000 + b*10000 + c*100 + d;
1008 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1009
1010 /* 1.1.4 is OK */
1011 if (a == 1 && b == 1 && c >= 4)
4ad65809 1012 exit(0);
5c7fc85d 1013
0072b59d 1014 /* 1.2.3 and up are OK */
1015 if (v >= 1020300)
5c7fc85d 1016 exit(0);
1017
4ad65809 1018 exit(2);
1019}
479cece8 1020 ]])],
5c7fc85d 1021 AC_MSG_RESULT(no),
1022 [ AC_MSG_RESULT(yes)
8068d564 1023 if test -z "$zlib_check_nonfatal" ; then
1024 AC_MSG_ERROR([*** zlib too old - check config.log ***
1025Your reported zlib version has known security problems. It's possible your
1026vendor has fixed these problems without changing the version number. If you
1027are sure this is the case, you can disable the check by running
1028"./configure --without-zlib-version-check".
6090bcfe 1029If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1030See http://www.gzip.org/zlib/ for details.])
8068d564 1031 else
1032 AC_MSG_WARN([zlib version may have security problems])
1033 fi
1a01a50c 1034 ],
1035 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1036)
48e7916f 1037
2c523de9 1038dnl UnixWare 2.x
aff51935 1039AC_CHECK_FUNC(strcasecmp,
2c523de9 1040 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1041)
23361281 1042AC_CHECK_FUNCS(utimes,
cda1ebcb 1043 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1044 LIBS="$LIBS -lc89"]) ]
2c523de9 1045)
4cca272e 1046
7c6d759d 1047dnl Checks for libutil functions
1048AC_CHECK_HEADERS(libutil.h)
3466e002 1049AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1050 [Define if your libraries define login()])])
b3ef88dc 1051AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1052
a738c3b0 1053AC_FUNC_STRFTIME
1054
84ceda19 1055# Check for ALTDIRFUNC glob() extension
1056AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1057AC_EGREP_CPP(FOUNDIT,
1058 [
1059 #include <glob.h>
1060 #ifdef GLOB_ALTDIRFUNC
1061 FOUNDIT
1062 #endif
aff51935 1063 ],
84ceda19 1064 [
3466e002 1065 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1066 [Define if your system glob() function has
1067 the GLOB_ALTDIRFUNC extension])
84ceda19 1068 AC_MSG_RESULT(yes)
1069 ],
1070 [
1071 AC_MSG_RESULT(no)
1072 ]
1073)
4cca272e 1074
40849fdb 1075# Check for g.gl_matchc glob() extension
1076AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1077AC_TRY_COMPILE(
13ff27b7 1078 [ #include <glob.h> ],
1079 [glob_t g; g.gl_matchc = 1;],
aff51935 1080 [
3466e002 1081 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1082 [Define if your system glob() function has
1083 gl_matchc options in glob_t])
aff51935 1084 AC_MSG_RESULT(yes)
1085 ],
1086 [
1087 AC_MSG_RESULT(no)
1088 ]
40849fdb 1089)
1090
78888bab 1091AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1092
edbe6722 1093AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1094AC_RUN_IFELSE(
479cece8 1095 [AC_LANG_SOURCE([[
edbe6722 1096#include <sys/types.h>
1097#include <dirent.h>
aec4cb4f 1098int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1099 ]])],
aff51935 1100 [AC_MSG_RESULT(yes)],
edbe6722 1101 [
1102 AC_MSG_RESULT(no)
3466e002 1103 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1104 [Define if your struct dirent expects you to
3466e002 1105 allocate extra space for d_name])
1a01a50c 1106 ],
82f4e93d 1107 [
1a01a50c 1108 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1109 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1110 ]
1111)
1112
419e26e7 1113AC_MSG_CHECKING([for /proc/pid/fd directory])
1114if test -d "/proc/$$/fd" ; then
3466e002 1115 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1116 AC_MSG_RESULT(yes)
1117else
1118 AC_MSG_RESULT(no)
1119fi
1120
278588d8 1121# Check whether user wants S/Key support
aff51935 1122SKEY_MSG="no"
278588d8 1123AC_ARG_WITH(skey,
6ff3d0dc 1124 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1125 [
1126 if test "x$withval" != "xno" ; then
1127
1128 if test "x$withval" != "xyes" ; then
1129 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1130 LDFLAGS="$LDFLAGS -L${withval}/lib"
1131 fi
1132
3466e002 1133 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1134 LIBS="-lskey $LIBS"
aff51935 1135 SKEY_MSG="yes"
82f4e93d 1136
ddceb1c8 1137 AC_MSG_CHECKING([for s/key support])
b0e7249f 1138 AC_LINK_IFELSE(
1139 [AC_LANG_SOURCE([[
ddceb1c8 1140#include <stdio.h>
1141#include <skey.h>
aec4cb4f 1142int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1143 ]])],
ddceb1c8 1144 [AC_MSG_RESULT(yes)],
278588d8 1145 [
ddceb1c8 1146 AC_MSG_RESULT(no)
278588d8 1147 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1148 ])
141fc639 1149 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1150 AC_TRY_COMPILE(
1151 [#include <stdio.h>
1152 #include <skey.h>],
1153 [(void)skeychallenge(NULL,"name","",0);],
1154 [AC_MSG_RESULT(yes)
3466e002 1155 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1156 [Define if your skeychallenge()
1157 function takes 4 arguments (NetBSD)])],
141fc639 1158 [AC_MSG_RESULT(no)]
1159 )
278588d8 1160 fi
1161 ]
1162)
1163
1164# Check whether user wants TCP wrappers support
98a7c37b 1165TCPW_MSG="no"
278588d8 1166AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1167 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1168 [
1169 if test "x$withval" != "xno" ; then
1170 saved_LIBS="$LIBS"
98a7c37b 1171 saved_LDFLAGS="$LDFLAGS"
1172 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1173 if test -n "${withval}" && \
6cf0200f 1174 test "x${withval}" != "xyes"; then
98a7c37b 1175 if test -d "${withval}/lib"; then
1176 if test -n "${need_dash_r}"; then
5a162955 1177 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1178 else
5a162955 1179 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1180 fi
1181 else
1182 if test -n "${need_dash_r}"; then
5a162955 1183 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1184 else
5a162955 1185 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1186 fi
1187 fi
1188 if test -d "${withval}/include"; then
5a162955 1189 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1190 else
5a162955 1191 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1192 fi
98a7c37b 1193 fi
e54defb4 1194 LIBS="-lwrap $LIBS"
278588d8 1195 AC_MSG_CHECKING(for libwrap)
1196 AC_TRY_LINK(
1197 [
77f09220 1198#include <sys/types.h>
1199#include <sys/socket.h>
1200#include <netinet/in.h>
278588d8 1201#include <tcpd.h>
1202 int deny_severity = 0, allow_severity = 0;
1203 ],
1204 [hosts_access(0);],
1205 [
1206 AC_MSG_RESULT(yes)
3466e002 1207 AC_DEFINE(LIBWRAP, 1,
1208 [Define if you want
1209 TCP Wrappers support])
e54defb4 1210 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1211 TCPW_MSG="yes"
278588d8 1212 ],
1213 [
1214 AC_MSG_ERROR([*** libwrap missing])
1215 ]
1216 )
ddceb1c8 1217 LIBS="$saved_LIBS"
278588d8 1218 fi
1219 ]
1220)
1221
59031773 1222# Check whether user wants libedit support
1223LIBEDIT_MSG="no"
1224AC_ARG_WITH(libedit,
6ff3d0dc 1225 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1226 [ if test "x$withval" != "xno" ; then
737edf04 1227 if test "x$withval" != "xyes"; then
bb116c8e 1228 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1229 if test -n "${need_dash_r}"; then
1230 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1231 else
1232 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1233 fi
737edf04 1234 fi
59031773 1235 AC_CHECK_LIB(edit, el_init,
3466e002 1236 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1237 LIBEDIT="-ledit -lcurses"
1238 LIBEDIT_MSG="yes"
1239 AC_SUBST(LIBEDIT)
1240 ],
737edf04 1241 [ AC_MSG_ERROR(libedit not found) ],
1242 [ -lcurses ]
59031773 1243 )
f47ddccb 1244 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1245 AC_COMPILE_IFELSE(
1246 [AC_LANG_SOURCE([[
1247#include <histedit.h>
f47ddccb 1248int main(void)
1249{
1250 int i = H_SETSIZE;
1251 el_init("", NULL, NULL, NULL);
1252 exit(0);
1253}
d92622f9 1254 ]])],
f47ddccb 1255 [ AC_MSG_RESULT(yes) ],
1256 [ AC_MSG_RESULT(no)
1257 AC_MSG_ERROR(libedit version is not compatible) ]
1258 )
59031773 1259 fi ]
1260)
1261
7b578f7d 1262AUDIT_MODULE=none
1263AC_ARG_WITH(audit,
1264 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1265 [
1266 AC_MSG_CHECKING(for supported audit module)
1267 case "$withval" in
1268 bsm)
1269 AC_MSG_RESULT(bsm)
1270 AUDIT_MODULE=bsm
1271 dnl Checks for headers, libs and functions
1272 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1273 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1274 [
1275#ifdef HAVE_TIME_H
1276# include <time.h>
1277#endif
1278 ]
1279)
7b578f7d 1280 AC_CHECK_LIB(bsm, getaudit, [],
1281 [AC_MSG_ERROR(BSM enabled and required library not found)])
1282 AC_CHECK_FUNCS(getaudit, [],
1283 [AC_MSG_ERROR(BSM enabled and required function not found)])
1284 # These are optional
a74e9b64 1285 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1286 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1287 ;;
1288 debug)
1289 AUDIT_MODULE=debug
1290 AC_MSG_RESULT(debug)
3466e002 1291 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1292 ;;
a2b3321d 1293 no)
d92622f9 1294 AC_MSG_RESULT(no)
a2b3321d 1295 ;;
7b578f7d 1296 *)
1297 AC_MSG_ERROR([Unknown audit module $withval])
1298 ;;
1299 esac ]
1300)
1301
19160674 1302dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1303AC_CHECK_FUNCS( \
1304 arc4random \
185adaf8 1305 arc4random_buf \
1306 arc4random_uniform \
9a406e1e 1307 asprintf \
b04a9f8c 1308 b64_ntop \
1309 __b64_ntop \
1310 b64_pton \
1311 __b64_pton \
1312 bcopy \
1313 bindresvport_sa \
1314 clock \
1315 closefrom \
1316 dirfd \
b04a9f8c 1317 fchmod \
1318 fchown \
1319 freeaddrinfo \
22f5e872 1320 fstatvfs \
b04a9f8c 1321 futimes \
1322 getaddrinfo \
1323 getcwd \
1324 getgrouplist \
1325 getnameinfo \
1326 getopt \
1327 getpeereid \
1961d660 1328 getpeerucred \
b04a9f8c 1329 _getpty \
1330 getrlimit \
1331 getttyent \
1332 glob \
1333 inet_aton \
1334 inet_ntoa \
1335 inet_ntop \
1336 innetgr \
1337 login_getcapbool \
1338 md5_crypt \
1339 memmove \
1340 mkdtemp \
1341 mmap \
1342 ngetaddrinfo \
1343 nsleep \
1344 ogetaddrinfo \
1345 openlog_r \
1346 openpty \
6d39a5c4 1347 poll \
b04a9f8c 1348 prctl \
1349 pstat \
1350 readpassphrase \
1351 realpath \
1352 recvmsg \
1353 rresvport_af \
1354 sendmsg \
1355 setdtablesize \
1356 setegid \
1357 setenv \
1358 seteuid \
1359 setgroups \
1360 setlogin \
1361 setpcred \
1362 setproctitle \
1363 setregid \
1364 setreuid \
1365 setrlimit \
1366 setsid \
1367 setvbuf \
1368 sigaction \
1369 sigvec \
1370 snprintf \
1371 socketpair \
4538e135 1372 statfs \
1373 statvfs \
b04a9f8c 1374 strdup \
1375 strerror \
1376 strlcat \
1377 strlcpy \
1378 strmode \
1379 strnvis \
1380 strtonum \
1e29a0c8 1381 strtoll \
b04a9f8c 1382 strtoul \
1aac2117 1383 swap32 \
b04a9f8c 1384 sysconf \
1385 tcgetpgrp \
1386 truncate \
1387 unsetenv \
1388 updwtmpx \
9a406e1e 1389 vasprintf \
b04a9f8c 1390 vhangup \
1391 vsnprintf \
1392 waitpid \
19160674 1393)
98a7c37b 1394
1a086f97 1395# IRIX has a const char return value for gai_strerror()
1396AC_CHECK_FUNCS(gai_strerror,[
1397 AC_DEFINE(HAVE_GAI_STRERROR)
1398 AC_TRY_COMPILE([
1399#include <sys/types.h>
1400#include <sys/socket.h>
1401#include <netdb.h>
1402
1403const char *gai_strerror(int);],[
1404char *str;
1405
1406str = gai_strerror(0);],[
1407 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1408 [Define if gai_strerror() returns const char *])])])
1409
3466e002 1410AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1411 [Some systems put nanosleep outside of libc]))
92b1decf 1412
309709db 1413dnl Make sure prototypes are defined for these before using them.
309709db 1414AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1415AC_CHECK_DECL(strsep,
1416 [AC_CHECK_FUNCS(strsep)],
1417 [],
1418 [
1419#ifdef HAVE_STRING_H
1420# include <string.h>
1421#endif
1422 ])
08412d26 1423
3490699c 1424dnl tcsendbreak might be a macro
1425AC_CHECK_DECL(tcsendbreak,
1426 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1427 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1428 [#include <termios.h>]
1429)
1430
41e0e158 1431AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1432
71f4c727 1433AC_CHECK_DECLS(SHUT_RD, , ,
1434 [
1435#include <sys/types.h>
1436#include <sys/socket.h>
1437 ])
956d6743 1438
1439AC_CHECK_DECLS(O_NONBLOCK, , ,
1440 [
1441#include <sys/types.h>
1442#ifdef HAVE_SYS_STAT_H
1443# include <sys/stat.h>
1444#endif
1445#ifdef HAVE_FCNTL_H
1446# include <fcntl.h>
1447#endif
1448 ])
1449
752994dd 1450AC_CHECK_DECLS(writev, , , [
1451#include <sys/types.h>
1452#include <sys/uio.h>
1453#include <unistd.h>
1454 ])
1455
0bf6279d 1456AC_CHECK_DECLS(MAXSYMLINKS, , , [
1457#include <sys/param.h>
1458 ])
1459
b41ece30 1460AC_CHECK_DECLS(offsetof, , , [
1461#include <stddef.h>
1462 ])
1463
3f176010 1464AC_CHECK_FUNCS(setresuid, [
1465 dnl Some platorms have setresuid that isn't implemented, test for this
1466 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1467 AC_RUN_IFELSE(
1468 [AC_LANG_SOURCE([[
9a3fe0e2 1469#include <stdlib.h>
1470#include <errno.h>
1471int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1472 ]])],
3f176010 1473 [AC_MSG_RESULT(yes)],
3466e002 1474 [AC_DEFINE(BROKEN_SETRESUID, 1,
1475 [Define if your setresuid() is broken])
1a01a50c 1476 AC_MSG_RESULT(not implemented)],
1477 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1478 )
1479])
9a3fe0e2 1480
3f176010 1481AC_CHECK_FUNCS(setresgid, [
1482 dnl Some platorms have setresgid that isn't implemented, test for this
1483 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1484 AC_RUN_IFELSE(
1485 [AC_LANG_SOURCE([[
9a3fe0e2 1486#include <stdlib.h>
1487#include <errno.h>
1488int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1489 ]])],
3f176010 1490 [AC_MSG_RESULT(yes)],
3466e002 1491 [AC_DEFINE(BROKEN_SETRESGID, 1,
1492 [Define if your setresgid() is broken])
1a01a50c 1493 AC_MSG_RESULT(not implemented)],
1494 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1495 )
1496])
9a3fe0e2 1497
2e73a022 1498dnl Checks for time functions
1d7b9b20 1499AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1500dnl Checks for utmp functions
b03bd394 1501AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1502AC_CHECK_FUNCS(utmpname)
2e73a022 1503dnl Checks for utmpx functions
b03bd394 1504AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1505AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1506
aff51935 1507AC_CHECK_FUNC(daemon,
3466e002 1508 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1509 [AC_CHECK_LIB(bsd, daemon,
1510 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1511)
1512
aff51935 1513AC_CHECK_FUNC(getpagesize,
3466e002 1514 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1515 [Define if your libraries define getpagesize()])],
1516 [AC_CHECK_LIB(ucb, getpagesize,
1517 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1518)
1519
2647ae26 1520# Check for broken snprintf
1521if test "x$ac_cv_func_snprintf" = "xyes" ; then
1522 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1523 AC_RUN_IFELSE(
479cece8 1524 [AC_LANG_SOURCE([[
2647ae26 1525#include <stdio.h>
aec4cb4f 1526int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1527 ]])],
aff51935 1528 [AC_MSG_RESULT(yes)],
2647ae26 1529 [
1530 AC_MSG_RESULT(no)
3466e002 1531 AC_DEFINE(BROKEN_SNPRINTF, 1,
1532 [Define if your snprintf is busted])
2647ae26 1533 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1534 ],
1535 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1536 )
1537fi
1538
9a406e1e 1539# If we don't have a working asprintf, then we strongly depend on vsnprintf
1540# returning the right thing on overflow: the number of characters it tried to
1541# create (as per SUSv3)
1542if test "x$ac_cv_func_asprintf" != "xyes" && \
1543 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1544 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1545 AC_RUN_IFELSE(
1546 [AC_LANG_SOURCE([[
1547#include <sys/types.h>
1548#include <stdio.h>
1549#include <stdarg.h>
1550
1551int x_snprintf(char *str,size_t count,const char *fmt,...)
1552{
1553 size_t ret; va_list ap;
1554 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1555 return ret;
1556}
1557int main(void)
1558{
1559 char x[1];
1560 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1561} ]])],
1562 [AC_MSG_RESULT(yes)],
1563 [
1564 AC_MSG_RESULT(no)
1565 AC_DEFINE(BROKEN_SNPRINTF, 1,
1566 [Define if your snprintf is busted])
1567 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1568 ],
1569 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1570 )
1571fi
1572
31b0732a 1573# On systems where [v]snprintf is broken, but is declared in stdio,
1574# check that the fmt argument is const char * or just char *.
1575# This is only useful for when BROKEN_SNPRINTF
1576AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1577AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1578 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1579 int main(void) { snprintf(0, 0, 0); }
1580 ]])],
1581 [AC_MSG_RESULT(yes)
1582 AC_DEFINE(SNPRINTF_CONST, [const],
1583 [Define as const if snprintf() can declare const char *fmt])],
1584 [AC_MSG_RESULT(no)
1585 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1586
2f6f9cff 1587# Check for missing getpeereid (or equiv) support
1588NO_PEERCHECK=""
1961d660 1589if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1590 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1591 AC_TRY_COMPILE(
1592 [#include <sys/types.h>
1593 #include <sys/socket.h>],
1594 [int i = SO_PEERCRED;],
62eb7db4 1595 [ AC_MSG_RESULT(yes)
3466e002 1596 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1597 ],
2f6f9cff 1598 [AC_MSG_RESULT(no)
1599 NO_PEERCHECK=1]
1600 )
1601fi
1602
70e7d0b0 1603dnl see whether mkstemp() requires XXXXXX
1604if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1605AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1606AC_RUN_IFELSE(
1607 [AC_LANG_SOURCE([[
70e7d0b0 1608#include <stdlib.h>
1609main() { char template[]="conftest.mkstemp-test";
1610if (mkstemp(template) == -1)
1611 exit(1);
1612unlink(template); exit(0);
1613}
b0e7249f 1614 ]])],
70e7d0b0 1615 [
1616 AC_MSG_RESULT(no)
1617 ],
aff51935 1618 [
70e7d0b0 1619 AC_MSG_RESULT(yes)
3466e002 1620 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1621 ],
1622 [
1623 AC_MSG_RESULT(yes)
1624 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1625 ]
70e7d0b0 1626)
1627fi
1628
eacb954e 1629dnl make sure that openpty does not reacquire controlling terminal
1630if test ! -z "$check_for_openpty_ctty_bug"; then
1631 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1632 AC_RUN_IFELSE(
1633 [AC_LANG_SOURCE([[
eacb954e 1634#include <stdio.h>
1635#include <sys/fcntl.h>
1636#include <sys/types.h>
1637#include <sys/wait.h>
1638
1639int
1640main()
1641{
1642 pid_t pid;
1643 int fd, ptyfd, ttyfd, status;
1644
1645 pid = fork();
1646 if (pid < 0) { /* failed */
1647 exit(1);
1648 } else if (pid > 0) { /* parent */
1649 waitpid(pid, &status, 0);
aff51935 1650 if (WIFEXITED(status))
eacb954e 1651 exit(WEXITSTATUS(status));
1652 else
1653 exit(2);
1654 } else { /* child */
1655 close(0); close(1); close(2);
1656 setsid();
1657 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1658 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1659 if (fd >= 0)
1660 exit(3); /* Acquired ctty: broken */
1661 else
1662 exit(0); /* Did not acquire ctty: OK */
1663 }
1664}
b0e7249f 1665 ]])],
eacb954e 1666 [
1667 AC_MSG_RESULT(yes)
1668 ],
1669 [
1670 AC_MSG_RESULT(no)
1671 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1672 ],
1673 [
1674 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1675 ]
1676 )
1677fi
1678
4b492aab 1679if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1680 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1681 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1682 AC_RUN_IFELSE(
1683 [AC_LANG_SOURCE([[
2fe51906 1684#include <stdio.h>
1685#include <sys/socket.h>
1686#include <netdb.h>
1687#include <errno.h>
1688#include <netinet/in.h>
1689
1690#define TEST_PORT "2222"
1691
1692int
1693main(void)
1694{
1695 int err, sock;
1696 struct addrinfo *gai_ai, *ai, hints;
1697 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1698
1699 memset(&hints, 0, sizeof(hints));
1700 hints.ai_family = PF_UNSPEC;
1701 hints.ai_socktype = SOCK_STREAM;
1702 hints.ai_flags = AI_PASSIVE;
1703
1704 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1705 if (err != 0) {
1706 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1707 exit(1);
1708 }
1709
1710 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1711 if (ai->ai_family != AF_INET6)
1712 continue;
1713
1714 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1715 sizeof(ntop), strport, sizeof(strport),
1716 NI_NUMERICHOST|NI_NUMERICSERV);
1717
1718 if (err != 0) {
1719 if (err == EAI_SYSTEM)
1720 perror("getnameinfo EAI_SYSTEM");
1721 else
1722 fprintf(stderr, "getnameinfo failed: %s\n",
1723 gai_strerror(err));
1724 exit(2);
1725 }
1726
1727 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1728 if (sock < 0)
1729 perror("socket");
1730 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1731 if (errno == EBADF)
1732 exit(3);
1733 }
1734 }
1735 exit(0);
1736}
b0e7249f 1737 ]])],
2fe51906 1738 [
1739 AC_MSG_RESULT(yes)
1740 ],
1741 [
1742 AC_MSG_RESULT(no)
1743 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1744 ],
1745 [
1746 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1747 ]
1748 )
1749fi
1750
4b492aab 1751if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1752 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1753 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1754 AC_RUN_IFELSE(
1755 [AC_LANG_SOURCE([[
5ccf88cb 1756#include <stdio.h>
1757#include <sys/socket.h>
1758#include <netdb.h>
1759#include <errno.h>
1760#include <netinet/in.h>
1761
1762#define TEST_PORT "2222"
1763
1764int
1765main(void)
1766{
1767 int err, sock;
1768 struct addrinfo *gai_ai, *ai, hints;
1769 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1770
1771 memset(&hints, 0, sizeof(hints));
1772 hints.ai_family = PF_UNSPEC;
1773 hints.ai_socktype = SOCK_STREAM;
1774 hints.ai_flags = AI_PASSIVE;
1775
1776 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1777 if (err != 0) {
1778 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1779 exit(1);
1780 }
1781
1782 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1783 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1784 continue;
1785
1786 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1787 sizeof(ntop), strport, sizeof(strport),
1788 NI_NUMERICHOST|NI_NUMERICSERV);
1789
1790 if (ai->ai_family == AF_INET && err != 0) {
1791 perror("getnameinfo");
1792 exit(2);
1793 }
1794 }
1795 exit(0);
1796}
b0e7249f 1797 ]])],
5ccf88cb 1798 [
1799 AC_MSG_RESULT(yes)
3466e002 1800 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1801 [Define if you have a getaddrinfo that fails
1802 for the all-zeros IPv6 address])
5ccf88cb 1803 ],
1804 [
1805 AC_MSG_RESULT(no)
1806 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1807 ],
ecd9ec09 1808 [
b0e7249f 1809 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1810 ]
1811 )
1812fi
1813
b29fd59f 1814if test "x$check_for_conflicting_getspnam" = "x1"; then
1815 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1816 AC_COMPILE_IFELSE(
1817 [
1818#include <shadow.h>
1819int main(void) {exit(0);}
1820 ],
1821 [
1822 AC_MSG_RESULT(no)
1823 ],
1824 [
1825 AC_MSG_RESULT(yes)
1826 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1827 [Conflicting defs for getspnam])
1828 ]
1829 )
1830fi
1831
7f8f5e00 1832AC_FUNC_GETPGRP
1833
5b991353 1834# Search for OpenSSL
1835saved_CPPFLAGS="$CPPFLAGS"
1836saved_LDFLAGS="$LDFLAGS"
a0391976 1837AC_ARG_WITH(ssl-dir,
1838 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1839 [
e9e4a1c7 1840 if test "x$withval" != "xno" ; then
99eb0f64 1841 case "$withval" in
1842 # Relative paths
1843 ./*|../*) withval="`pwd`/$withval"
1844 esac
5b991353 1845 if test -d "$withval/lib"; then
1846 if test -n "${need_dash_r}"; then
1847 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1848 else
1849 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1850 fi
1851 else
5b991353 1852 if test -n "${need_dash_r}"; then
1853 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1854 else
1855 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1856 fi
1857 fi
5b991353 1858 if test -d "$withval/include"; then
1859 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1860 else
5b991353 1861 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1862 fi
a0391976 1863 fi
5b991353 1864 ]
1865)
5486a457 1866LIBS="-lcrypto $LIBS"
3466e002 1867AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1868 [Define if your ssl headers are included
1869 with #include <openssl/header.h>]),
d45e3d76 1870 [
5b991353 1871 dnl Check default openssl install dir
1872 if test -n "${need_dash_r}"; then
1873 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1874 else
5b991353 1875 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1876 fi
5b991353 1877 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1878 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1879 [
1880 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1881 ]
1882 )
1883 ]
1884)
1885
cd018561 1886# Determine OpenSSL header version
1887AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1888AC_RUN_IFELSE(
479cece8 1889 [AC_LANG_SOURCE([[
cd018561 1890#include <stdio.h>
1891#include <string.h>
1892#include <openssl/opensslv.h>
1893#define DATA "conftest.sslincver"
1894int main(void) {
aff51935 1895 FILE *fd;
1896 int rc;
cd018561 1897
aff51935 1898 fd = fopen(DATA,"w");
1899 if(fd == NULL)
1900 exit(1);
cd018561 1901
1902 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1903 exit(1);
1904
1905 exit(0);
1906}
479cece8 1907 ]])],
cd018561 1908 [
1909 ssl_header_ver=`cat conftest.sslincver`
1910 AC_MSG_RESULT($ssl_header_ver)
1911 ],
1912 [
1913 AC_MSG_RESULT(not found)
1914 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1915 ],
1916 [
1917 AC_MSG_WARN([cross compiling: not checking])
cd018561 1918 ]
1919)
1920
1921# Determine OpenSSL library version
1922AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1923AC_RUN_IFELSE(
479cece8 1924 [AC_LANG_SOURCE([[
cd018561 1925#include <stdio.h>
1926#include <string.h>
1927#include <openssl/opensslv.h>
1928#include <openssl/crypto.h>
1929#define DATA "conftest.ssllibver"
1930int main(void) {
aff51935 1931 FILE *fd;
1932 int rc;
cd018561 1933
aff51935 1934 fd = fopen(DATA,"w");
1935 if(fd == NULL)
1936 exit(1);
cd018561 1937
1938 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1939 exit(1);
1940
1941 exit(0);
1942}
479cece8 1943 ]])],
cd018561 1944 [
1945 ssl_library_ver=`cat conftest.ssllibver`
1946 AC_MSG_RESULT($ssl_library_ver)
1947 ],
1948 [
1949 AC_MSG_RESULT(not found)
1950 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1951 ],
1952 [
1953 AC_MSG_WARN([cross compiling: not checking])
cd018561 1954 ]
1955)
58d100bf 1956
1d42bcce 1957AC_ARG_WITH(openssl-header-check,
1958 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1959 [ if test "x$withval" = "xno" ; then
1960 openssl_check_nonfatal=1
1961 fi
1962 ]
1963)
1964
9780116c 1965# Sanity check OpenSSL headers
1966AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1967AC_RUN_IFELSE(
479cece8 1968 [AC_LANG_SOURCE([[
9780116c 1969#include <string.h>
1970#include <openssl/opensslv.h>
aec4cb4f 1971int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1972 ]])],
9780116c 1973 [
1974 AC_MSG_RESULT(yes)
1975 ],
1976 [
1977 AC_MSG_RESULT(no)
1d42bcce 1978 if test "x$openssl_check_nonfatal" = "x"; then
1979 AC_MSG_ERROR([Your OpenSSL headers do not match your
1980library. Check config.log for details.
1981If you are sure your installation is consistent, you can disable the check
1982by running "./configure --without-openssl-header-check".
1983Also see contrib/findssl.sh for help identifying header/library mismatches.
1984])
1985 else
1986 AC_MSG_WARN([Your OpenSSL headers do not match your
1987library. Check config.log for details.
e15ba28b 1988Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1989 fi
1a01a50c 1990 ],
1991 [
1992 AC_MSG_WARN([cross compiling: not checking])
9780116c 1993 ]
1994)
1995
282d6408 1996AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1997AC_LINK_IFELSE(
1998 [AC_LANG_SOURCE([[
1999#include <openssl/evp.h>
2000int main(void) { SSLeay_add_all_algorithms(); }
2001 ]])],
2002 [
2003 AC_MSG_RESULT(yes)
2004 ],
2005 [
2006 AC_MSG_RESULT(no)
2007 saved_LIBS="$LIBS"
2008 LIBS="$LIBS -ldl"
2009 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2010 AC_LINK_IFELSE(
2011 [AC_LANG_SOURCE([[
2012#include <openssl/evp.h>
2013int main(void) { SSLeay_add_all_algorithms(); }
2014 ]])],
2015 [
2016 AC_MSG_RESULT(yes)
2017 ],
2018 [
2019 AC_MSG_RESULT(no)
2020 LIBS="$saved_LIBS"
2021 ]
2022 )
2023 ]
2024)
2025
c7ad0d99 2026AC_ARG_WITH(ssl-engine,
2027 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2028 [ if test "x$withval" != "xno" ; then
2029 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2030 AC_TRY_COMPILE(
2031 [ #include <openssl/engine.h>],
2032 [
24b2647b 2033ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2034 ],
2035 [ AC_MSG_RESULT(yes)
2036 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2037 [Enable OpenSSL engine support])
2038 ],
2039 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2040 )
2041 fi ]
2042)
2043
e5146707 2044# Check for OpenSSL without EVP_aes_{192,256}_cbc
2045AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2046AC_LINK_IFELSE(
e5146707 2047 [AC_LANG_SOURCE([[
2048#include <string.h>
2049#include <openssl/evp.h>
300ea548 2050int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2051 ]])],
2052 [
2053 AC_MSG_RESULT(no)
2054 ],
2055 [
2056 AC_MSG_RESULT(yes)
2057 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2058 [libcrypto is missing AES 192 and 256 bit functions])
2059 ]
2060)
2061
5486a457 2062# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2063# because the system crypt() is more featureful.
2064if test "x$check_for_libcrypt_before" = "x1"; then
2065 AC_CHECK_LIB(crypt, crypt)
2066fi
2067
aff51935 2068# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2069# version in OpenSSL.
05114c74 2070if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2071 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2072fi
2073
13ff27b7 2074# Search for SHA256 support in libc and/or OpenSSL
2075AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2076
a03acb8f 2077saved_LIBS="$LIBS"
2078AC_CHECK_LIB(iaf, ia_openinfo, [
2079 LIBS="$LIBS -liaf"
d837615a 2080 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2081 AC_DEFINE(HAVE_LIBIAF, 1,
2082 [Define if system has libiaf that supports set_id])
2083 ])
a03acb8f 2084])
2085LIBS="$saved_LIBS"
f1b0ecc3 2086
2087### Configure cryptographic random number support
2088
2089# Check wheter OpenSSL seeds itself
2090AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2091AC_RUN_IFELSE(
479cece8 2092 [AC_LANG_SOURCE([[
f1b0ecc3 2093#include <string.h>
2094#include <openssl/rand.h>
aec4cb4f 2095int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2096 ]])],
f1b0ecc3 2097 [
2098 OPENSSL_SEEDS_ITSELF=yes
2099 AC_MSG_RESULT(yes)
2100 ],
2101 [
2102 AC_MSG_RESULT(no)
2103 # Default to use of the rand helper if OpenSSL doesn't
2104 # seed itself
2105 USE_RAND_HELPER=yes
1a01a50c 2106 ],
2107 [
2108 AC_MSG_WARN([cross compiling: assuming yes])
2109 # This is safe, since all recent OpenSSL versions will
82f4e93d 2110 # complain at runtime if not seeded correctly.
1a01a50c 2111 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2112 ]
2113)
2114
a086f73b 2115# Check for PAM libs
2116PAM_MSG="no"
2117AC_ARG_WITH(pam,
2118 [ --with-pam Enable PAM support ],
2119 [
2120 if test "x$withval" != "xno" ; then
2121 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2122 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2123 AC_MSG_ERROR([PAM headers not found])
2124 fi
2125
2126 saved_LIBS="$LIBS"
2127 AC_CHECK_LIB(dl, dlopen, , )
2128 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2129 AC_CHECK_FUNCS(pam_getenvlist)
2130 AC_CHECK_FUNCS(pam_putenv)
2131 LIBS="$saved_LIBS"
2132
2133 PAM_MSG="yes"
2134
e54defb4 2135 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2136 AC_DEFINE(USE_PAM, 1,
2137 [Define if you want to enable PAM support])
282d6408 2138
a086f73b 2139 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2140 case "$LIBS" in
2141 *-ldl*)
2142 # libdl already in LIBS
2143 ;;
2144 *)
e54defb4 2145 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2146 ;;
2147 esac
a086f73b 2148 fi
a086f73b 2149 fi
2150 ]
2151)
2152
2153# Check for older PAM
2154if test "x$PAM_MSG" = "xyes" ; then
2155 # Check PAM strerror arguments (old PAM)
2156 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2157 AC_TRY_COMPILE(
2158 [
2159#include <stdlib.h>
2160#if defined(HAVE_SECURITY_PAM_APPL_H)
2161#include <security/pam_appl.h>
2162#elif defined (HAVE_PAM_PAM_APPL_H)
2163#include <pam/pam_appl.h>
2164#endif
2165 ],
2166 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2167 [AC_MSG_RESULT(no)],
2168 [
2169 AC_DEFINE(HAVE_OLD_PAM, 1,
2170 [Define if you have an old version of PAM
2171 which takes only one argument to pam_strerror])
2172 AC_MSG_RESULT(yes)
2173 PAM_MSG="yes (old library)"
2174 ]
2175 )
2176fi
f1b0ecc3 2177
2178# Do we want to force the use of the rand helper?
2179AC_ARG_WITH(rand-helper,
2180 [ --with-rand-helper Use subprocess to gather strong randomness ],
2181 [
2182 if test "x$withval" = "xno" ; then
aff51935 2183 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2184 # the previous test showed it to be unseeded.
2185 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2186 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2187 OPENSSL_SEEDS_ITSELF=yes
2188 USE_RAND_HELPER=""
2189 fi
2190 else
2191 USE_RAND_HELPER=yes
2192 fi
2193 ],
82f4e93d 2194)
f1b0ecc3 2195
2196# Which randomness source do we use?
4b492aab 2197if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2198 # OpenSSL only
3466e002 2199 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2200 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2201 RAND_MSG="OpenSSL internal ONLY"
2202 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2203elif test ! -z "$USE_RAND_HELPER" ; then
2204 # install rand helper
f1b0ecc3 2205 RAND_MSG="ssh-rand-helper"
2206 INSTALL_SSH_RAND_HELPER="yes"
2207fi
2208AC_SUBST(INSTALL_SSH_RAND_HELPER)
2209
2210### Configuration of ssh-rand-helper
2211
2212# PRNGD TCP socket
2213AC_ARG_WITH(prngd-port,
2214 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2215 [
eb5d7ff6 2216 case "$withval" in
2217 no)
2218 withval=""
2219 ;;
2220 [[0-9]]*)
2221 ;;
2222 *)
2223 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2224 ;;
2225 esac
2226 if test ! -z "$withval" ; then
f1b0ecc3 2227 PRNGD_PORT="$withval"
3466e002 2228 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2229 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2230 fi
2231 ]
2232)
2233
2234# PRNGD Unix domain socket
2235AC_ARG_WITH(prngd-socket,
2236 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2237 [
eb5d7ff6 2238 case "$withval" in
2239 yes)
f1b0ecc3 2240 withval="/var/run/egd-pool"
eb5d7ff6 2241 ;;
2242 no)
2243 withval=""
2244 ;;
2245 /*)
2246 ;;
2247 *)
2248 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2249 ;;
2250 esac
2251
2252 if test ! -z "$withval" ; then
f1b0ecc3 2253 if test ! -z "$PRNGD_PORT" ; then
2254 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2255 fi
906e811b 2256 if test ! -r "$withval" ; then
f1b0ecc3 2257 AC_MSG_WARN(Entropy socket is not readable)
2258 fi
2259 PRNGD_SOCKET="$withval"
3466e002 2260 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2261 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2262 fi
ddceb1c8 2263 ],
2264 [
2265 # Check for existing socket only if we don't have a random device already
2266 if test "$USE_RAND_HELPER" = yes ; then
2267 AC_MSG_CHECKING(for PRNGD/EGD socket)
2268 # Insert other locations here
2269 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2270 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2271 PRNGD_SOCKET="$sock"
2272 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2273 break;
2274 fi
2275 done
2276 if test ! -z "$PRNGD_SOCKET" ; then
2277 AC_MSG_RESULT($PRNGD_SOCKET)
2278 else
2279 AC_MSG_RESULT(not found)
2280 fi
2281 fi
f1b0ecc3 2282 ]
2283)
2284
2285# Change default command timeout for hashing entropy source
2286entropy_timeout=200
2287AC_ARG_WITH(entropy-timeout,
2288 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2289 [
6cf0200f 2290 if test -n "$withval" && test "x$withval" != "xno" && \
2291 test "x${withval}" != "xyes"; then
f1b0ecc3 2292 entropy_timeout=$withval
2293 fi
82f4e93d 2294 ]
f1b0ecc3 2295)
3466e002 2296AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2297 [Builtin PRNG command timeout])
f1b0ecc3 2298
fd3cbf67 2299SSH_PRIVSEP_USER=sshd
9a0fbcb3 2300AC_ARG_WITH(privsep-user,
5222e7ef 2301 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2302 [
6cf0200f 2303 if test -n "$withval" && test "x$withval" != "xno" && \
2304 test "x${withval}" != "xyes"; then
fd3cbf67 2305 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2306 fi
82f4e93d 2307 ]
9a0fbcb3 2308)
3466e002 2309AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2310 [non-privileged user for privilege separation])
fd3cbf67 2311AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2312
81dadca3 2313# We do this little dance with the search path to insure
2314# that programs that we select for use by installed programs
2315# (which may be run by the super-user) come from trusted
2316# locations before they come from the user's private area.
2317# This should help avoid accidentally configuring some
2318# random version of a program in someone's personal bin.
2319
2320OPATH=$PATH
2321PATH=/bin:/usr/bin
f95c8ce8 2322test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2323test -d /sbin && PATH=$PATH:/sbin
2324test -d /usr/sbin && PATH=$PATH:/usr/sbin
2325PATH=$PATH:/etc:$OPATH
2326
aff51935 2327# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2328OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2329OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2330OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2331OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2332OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2333OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2334OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2335OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2336OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2337OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2338OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2339OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2340OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2341OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2342OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2343OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2344# restore PATH
2345PATH=$OPATH
f1b0ecc3 2346
2347# Where does ssh-rand-helper get its randomness from?
2348INSTALL_SSH_PRNG_CMDS=""
2349if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2350 if test ! -z "$PRNGD_PORT" ; then
2351 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2352 elif test ! -z "$PRNGD_SOCKET" ; then
2353 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2354 else
2355 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2356 RAND_HELPER_CMDHASH=yes
2357 INSTALL_SSH_PRNG_CMDS="yes"
2358 fi
2359fi
2360AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2361
2362
66d6c27e 2363# Cheap hack to ensure NEWS-OS libraries are arranged right.
2364if test ! -z "$SONY" ; then
2365 LIBS="$LIBS -liberty";
2366fi
2367
9a406e1e 2368# Check for long long datatypes
2369AC_CHECK_TYPES([long long, unsigned long long, long double])
2370
2371# Check datatype sizes
976f7e19 2372AC_CHECK_SIZEOF(char, 1)
2b942fe0 2373AC_CHECK_SIZEOF(short int, 2)
2374AC_CHECK_SIZEOF(int, 4)
2375AC_CHECK_SIZEOF(long int, 4)
2376AC_CHECK_SIZEOF(long long int, 8)
2377
52f1ccb2 2378# Sanity check long long for some platforms (AIX)
2379if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2380 ac_cv_sizeof_long_long_int=0
2381fi
2382
90f15776 2383# compute LLONG_MIN and LLONG_MAX if we don't know them.
2384if test -z "$have_llong_max"; then
2385 AC_MSG_CHECKING([for max value of long long])
2386 AC_RUN_IFELSE(
2387 [AC_LANG_SOURCE([[
2388#include <stdio.h>
2389/* Why is this so damn hard? */
2390#ifdef __GNUC__
2391# undef __GNUC__
2392#endif
2393#define __USE_ISOC99
2394#include <limits.h>
2395#define DATA "conftest.llminmax"
055252ed 2396#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2397
2398/*
2399 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2400 * we do this the hard way.
2401 */
2402static int
2403fprint_ll(FILE *f, long long n)
2404{
2405 unsigned int i;
2406 int l[sizeof(long long) * 8];
2407
2408 if (n < 0)
2409 if (fprintf(f, "-") < 0)
2410 return -1;
2411 for (i = 0; n != 0; i++) {
2412 l[i] = my_abs(n % 10);
2413 n /= 10;
2414 }
2415 do {
2416 if (fprintf(f, "%d", l[--i]) < 0)
2417 return -1;
2418 } while (i != 0);
2419 if (fprintf(f, " ") < 0)
2420 return -1;
2421 return 0;
2422}
2423
90f15776 2424int main(void) {
2425 FILE *f;
2426 long long i, llmin, llmax = 0;
2427
2428 if((f = fopen(DATA,"w")) == NULL)
2429 exit(1);
2430
2431#if defined(LLONG_MIN) && defined(LLONG_MAX)
2432 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2433 llmin = LLONG_MIN;
2434 llmax = LLONG_MAX;
2435#else
2436 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2437 /* This will work on one's complement and two's complement */
2438 for (i = 1; i > llmax; i <<= 1, i++)
2439 llmax = i;
2440 llmin = llmax + 1LL; /* wrap */
2441#endif
2442
2443 /* Sanity check */
2444 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2445 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2446 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2447 fprintf(f, "unknown unknown\n");
2448 exit(2);
2449 }
2450
055252ed 2451 if (fprint_ll(f, llmin) < 0)
90f15776 2452 exit(3);
055252ed 2453 if (fprint_ll(f, llmax) < 0)
2454 exit(4);
2455 if (fclose(f) < 0)
2456 exit(5);
90f15776 2457 exit(0);
2458}
2459 ]])],
2460 [
2461 llong_min=`$AWK '{print $1}' conftest.llminmax`
2462 llong_max=`$AWK '{print $2}' conftest.llminmax`
2463
90f15776 2464 AC_MSG_RESULT($llong_max)
2465 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2466 [max value of long long calculated by configure])
2467 AC_MSG_CHECKING([for min value of long long])
2468 AC_MSG_RESULT($llong_min)
2469 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2470 [min value of long long calculated by configure])
2471 ],
2472 [
2473 AC_MSG_RESULT(not found)
2474 ],
2475 [
2476 AC_MSG_WARN([cross compiling: not checking])
2477 ]
2478 )
2479fi
2480
2481
a0391976 2482# More checks for data types
14a9a859 2483AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2484 AC_TRY_COMPILE(
aff51935 2485 [ #include <sys/types.h> ],
2486 [ u_int a; a = 1;],
14a9a859 2487 [ ac_cv_have_u_int="yes" ],
2488 [ ac_cv_have_u_int="no" ]
2489 )
2490])
2491if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2492 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2493 have_u_int=1
2494fi
2495
58d100bf 2496AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2497 AC_TRY_COMPILE(
aff51935 2498 [ #include <sys/types.h> ],
2499 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2500 [ ac_cv_have_intxx_t="yes" ],
2501 [ ac_cv_have_intxx_t="no" ]
2502 )
2503])
2504if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2505 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2506 have_intxx_t=1
2507fi
41cb4569 2508
2509if (test -z "$have_intxx_t" && \
aff51935 2510 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2511then
2512 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2513 AC_TRY_COMPILE(
aff51935 2514 [ #include <stdint.h> ],
2515 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2516 [
2517 AC_DEFINE(HAVE_INTXX_T)
2518 AC_MSG_RESULT(yes)
2519 ],
2520 [ AC_MSG_RESULT(no) ]
2521 )
2522fi
2523
bd590612 2524AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2525 AC_TRY_COMPILE(
1cbbe6c8 2526 [
2527#include <sys/types.h>
2528#ifdef HAVE_STDINT_H
2529# include <stdint.h>
2530#endif
2531#include <sys/socket.h>
2532#ifdef HAVE_SYS_BITYPES_H
2533# include <sys/bitypes.h>
2534#endif
aff51935 2535 ],
2536 [ int64_t a; a = 1;],
bd590612 2537 [ ac_cv_have_int64_t="yes" ],
2538 [ ac_cv_have_int64_t="no" ]
2539 )
2540])
2541if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2542 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2543fi
2544
58d100bf 2545AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2546 AC_TRY_COMPILE(
aff51935 2547 [ #include <sys/types.h> ],
2548 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2549 [ ac_cv_have_u_intxx_t="yes" ],
2550 [ ac_cv_have_u_intxx_t="no" ]
2551 )
2552])
2553if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2554 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2555 have_u_intxx_t=1
2556fi
2b942fe0 2557
41cb4569 2558if test -z "$have_u_intxx_t" ; then
2559 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2560 AC_TRY_COMPILE(
aff51935 2561 [ #include <sys/socket.h> ],
2562 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2563 [
2564 AC_DEFINE(HAVE_U_INTXX_T)
2565 AC_MSG_RESULT(yes)
2566 ],
2567 [ AC_MSG_RESULT(no) ]
2568 )
2569fi
2570
bd590612 2571AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2572 AC_TRY_COMPILE(
aff51935 2573 [ #include <sys/types.h> ],
2574 [ u_int64_t a; a = 1;],
bd590612 2575 [ ac_cv_have_u_int64_t="yes" ],
2576 [ ac_cv_have_u_int64_t="no" ]
2577 )
2578])
2579if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2580 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2581 have_u_int64_t=1
2582fi
2583
ddceb1c8 2584if test -z "$have_u_int64_t" ; then
2585 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2586 AC_TRY_COMPILE(
aff51935 2587 [ #include <sys/bitypes.h> ],
ddceb1c8 2588 [ u_int64_t a; a = 1],
2589 [
2590 AC_DEFINE(HAVE_U_INT64_T)
2591 AC_MSG_RESULT(yes)
2592 ],
2593 [ AC_MSG_RESULT(no) ]
2594 )
2595fi
2596
41cb4569 2597if test -z "$have_u_intxx_t" ; then
2598 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2599 AC_TRY_COMPILE(
2600 [
2601#include <sys/types.h>
aff51935 2602 ],
2603 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2604 [ ac_cv_have_uintxx_t="yes" ],
2605 [ ac_cv_have_uintxx_t="no" ]
2606 )
2607 ])
2608 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2609 AC_DEFINE(HAVE_UINTXX_T, 1,
2610 [define if you have uintxx_t data type])
41cb4569 2611 fi
2612fi
2613
2614if test -z "$have_uintxx_t" ; then
2615 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2616 AC_TRY_COMPILE(
aff51935 2617 [ #include <stdint.h> ],
2618 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2619 [
2620 AC_DEFINE(HAVE_UINTXX_T)
2621 AC_MSG_RESULT(yes)
2622 ],
2623 [ AC_MSG_RESULT(no) ]
2624 )
2625fi
2626
e5fe9a1f 2627if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2628 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2629then
2630 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2631 AC_TRY_COMPILE(
58d100bf 2632 [
2633#include <sys/bitypes.h>
aff51935 2634 ],
5cdfe03f 2635 [
837c30b8 2636 int8_t a; int16_t b; int32_t c;
2637 u_int8_t e; u_int16_t f; u_int32_t g;
2638 a = b = c = e = f = g = 1;
aff51935 2639 ],
5cdfe03f 2640 [
2641 AC_DEFINE(HAVE_U_INTXX_T)
2642 AC_DEFINE(HAVE_INTXX_T)
2643 AC_MSG_RESULT(yes)
2644 ],
2645 [AC_MSG_RESULT(no)]
aff51935 2646 )
5cdfe03f 2647fi
2648
0362750e 2649
2650AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2651 AC_TRY_COMPILE(
2652 [
2653#include <sys/types.h>
2654 ],
2655 [ u_char foo; foo = 125; ],
2656 [ ac_cv_have_u_char="yes" ],
2657 [ ac_cv_have_u_char="no" ]
2658 )
2659])
2660if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2661 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2662fi
2663
98a7c37b 2664TYPE_SOCKLEN_T
2b942fe0 2665
2d16d9a3 2666AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2667AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2668#include <sys/types.h>
2669#ifdef HAVE_SYS_BITYPES_H
2670#include <sys/bitypes.h>
2671#endif
2672#ifdef HAVE_SYS_STATFS_H
2673#include <sys/statfs.h>
2674#endif
2675#ifdef HAVE_SYS_STATVFS_H
2676#include <sys/statvfs.h>
2677#endif
2678])
ddceb1c8 2679
777ece68 2680AC_CHECK_TYPES(in_addr_t,,,
2681[#include <sys/types.h>
2682#include <netinet/in.h>])
7b578f7d 2683
58d100bf 2684AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2685 AC_TRY_COMPILE(
2686 [
18ba2aab 2687#include <sys/types.h>
58d100bf 2688 ],
2689 [ size_t foo; foo = 1235; ],
2690 [ ac_cv_have_size_t="yes" ],
2691 [ ac_cv_have_size_t="no" ]
2692 )
2693])
2694if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2695 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2696fi
ea1970a3 2697
c04f75f1 2698AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2699 AC_TRY_COMPILE(
2700 [
2701#include <sys/types.h>
2702 ],
2703 [ ssize_t foo; foo = 1235; ],
2704 [ ac_cv_have_ssize_t="yes" ],
2705 [ ac_cv_have_ssize_t="no" ]
2706 )
2707])
2708if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2709 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2710fi
2711
f1c4659d 2712AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2713 AC_TRY_COMPILE(
2714 [
2715#include <time.h>
2716 ],
2717 [ clock_t foo; foo = 1235; ],
2718 [ ac_cv_have_clock_t="yes" ],
2719 [ ac_cv_have_clock_t="no" ]
2720 )
2721])
2722if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2723 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2724fi
2725
1c04b088 2726AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2727 AC_TRY_COMPILE(
2728 [
2729#include <sys/types.h>
2730#include <sys/socket.h>
2731 ],
2732 [ sa_family_t foo; foo = 1235; ],
2733 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2734 [ AC_TRY_COMPILE(
2735 [
2736#include <sys/types.h>
2737#include <sys/socket.h>
2738#include <netinet/in.h>
2739 ],
2740 [ sa_family_t foo; foo = 1235; ],
2741 [ ac_cv_have_sa_family_t="yes" ],
2742
1c04b088 2743 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2744 )]
1c04b088 2745 )
2746])
2747if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2748 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2749 [define if you have sa_family_t data type])
1c04b088 2750fi
2751
729bfe59 2752AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2753 AC_TRY_COMPILE(
2754 [
2755#include <sys/types.h>
2756 ],
2757 [ pid_t foo; foo = 1235; ],
2758 [ ac_cv_have_pid_t="yes" ],
2759 [ ac_cv_have_pid_t="no" ]
2760 )
2761])
2762if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2763 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2764fi
2765
2766AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2767 AC_TRY_COMPILE(
2768 [
2769#include <sys/types.h>
2770 ],
2771 [ mode_t foo; foo = 1235; ],
2772 [ ac_cv_have_mode_t="yes" ],
2773 [ ac_cv_have_mode_t="no" ]
2774 )
2775])
2776if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2777 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2778fi
2779
e3a93db0 2780
58d100bf 2781AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2782 AC_TRY_COMPILE(
2783 [
18ba2aab 2784#include <sys/types.h>
2785#include <sys/socket.h>
58d100bf 2786 ],
2787 [ struct sockaddr_storage s; ],
2788 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2789 [ ac_cv_have_struct_sockaddr_storage="no" ]
2790 )
2791])
2792if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2793 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2794 [define if you have struct sockaddr_storage data type])
58d100bf 2795fi
48e671d5 2796
58d100bf 2797AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2798 AC_TRY_COMPILE(
2799 [
cbd7492e 2800#include <sys/types.h>
58d100bf 2801#include <netinet/in.h>
2802 ],
2803 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2804 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2805 [ ac_cv_have_struct_sockaddr_in6="no" ]
2806 )
2807])
2808if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2809 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2810 [define if you have struct sockaddr_in6 data type])
58d100bf 2811fi
48e671d5 2812
58d100bf 2813AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2814 AC_TRY_COMPILE(
2815 [
cbd7492e 2816#include <sys/types.h>
58d100bf 2817#include <netinet/in.h>
2818 ],
2819 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2820 [ ac_cv_have_struct_in6_addr="yes" ],
2821 [ ac_cv_have_struct_in6_addr="no" ]
2822 )
2823])
2824if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2825 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2826 [define if you have struct in6_addr data type])
95e16084 2827
2828dnl Now check for sin6_scope_id
2829 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2830 [
2831#ifdef HAVE_SYS_TYPES_H
2832#include <sys/types.h>
2833#endif
2834#include <netinet/in.h>
2835 ])
58d100bf 2836fi
48e671d5 2837
58d100bf 2838AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2839 AC_TRY_COMPILE(
2840 [
18ba2aab 2841#include <sys/types.h>
2842#include <sys/socket.h>
2843#include <netdb.h>
58d100bf 2844 ],
2845 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2846 [ ac_cv_have_struct_addrinfo="yes" ],
2847 [ ac_cv_have_struct_addrinfo="no" ]
2848 )
2849])
2850if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2851 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2852 [define if you have struct addrinfo data type])
58d100bf 2853fi
2854
89c7e31c 2855AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2856 AC_TRY_COMPILE(
aff51935 2857 [ #include <sys/time.h> ],
2858 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2859 [ ac_cv_have_struct_timeval="yes" ],
2860 [ ac_cv_have_struct_timeval="no" ]
2861 )
2862])
2863if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2864 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2865 have_struct_timeval=1
2866fi
2867
5271b55c 2868AC_CHECK_TYPES(struct timespec)
2869
85abc74b 2870# We need int64_t or else certian parts of the compile will fail.
4b492aab 2871if test "x$ac_cv_have_int64_t" = "xno" && \
2872 test "x$ac_cv_sizeof_long_int" != "x8" && \
2873 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2874 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2875 echo "an alternative compiler (I.E., GCC) before continuing."
2876 echo ""
2877 exit 1;
733cf7f4 2878else
2879dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2880 AC_RUN_IFELSE(
479cece8 2881 [AC_LANG_SOURCE([[
733cf7f4 2882#include <stdio.h>
2883#include <string.h>
2884#ifdef HAVE_SNPRINTF
2885main()
2886{
2887 char buf[50];
2888 char expected_out[50];
2889 int mazsize = 50 ;
2890#if (SIZEOF_LONG_INT == 8)
2891 long int num = 0x7fffffffffffffff;
2892#else
763a1a18 2893 long long num = 0x7fffffffffffffffll;
733cf7f4 2894#endif
2895 strcpy(expected_out, "9223372036854775807");
2896 snprintf(buf, mazsize, "%lld", num);
2897 if(strcmp(buf, expected_out) != 0)
aff51935 2898 exit(1);
733cf7f4 2899 exit(0);
2900}
2901#else
2902main() { exit(0); }
2903#endif
479cece8 2904 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2905 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2906 )
2c523de9 2907fi
2908
77bb0bca 2909dnl Checks for structure members
58d100bf 2910OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2911OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2912OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2913OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2914OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2915OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2916OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2917OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2918OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2919OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2920OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2921OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2922OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2923OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2924OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2925OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2926OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2927
2928AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2929AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2930 [Define if we don't have struct __res_state in resolv.h])],
2931[
2932#include <stdio.h>
2933#if HAVE_SYS_TYPES_H
2934# include <sys/types.h>
2935#endif
2936#include <netinet/in.h>
2937#include <arpa/nameser.h>
2938#include <resolv.h>
2939])
1d7b9b20 2940
58d100bf 2941AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2942 ac_cv_have_ss_family_in_struct_ss, [
2943 AC_TRY_COMPILE(
2944 [
18ba2aab 2945#include <sys/types.h>
2946#include <sys/socket.h>
58d100bf 2947 ],
2948 [ struct sockaddr_storage s; s.ss_family = 1; ],
2949 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2950 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2951 )
2952])
2953if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2954 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2955fi
2956
58d100bf 2957AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2958 ac_cv_have___ss_family_in_struct_ss, [
2959 AC_TRY_COMPILE(
2960 [
18ba2aab 2961#include <sys/types.h>
2962#include <sys/socket.h>
58d100bf 2963 ],
2964 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2965 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2966 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2967 )
2968])
2969if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2970 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2971 [Fields in struct sockaddr_storage])
58d100bf 2972fi
2973
2e73a022 2974AC_CACHE_CHECK([for pw_class field in struct passwd],
2975 ac_cv_have_pw_class_in_struct_passwd, [
2976 AC_TRY_COMPILE(
2977 [
2e73a022 2978#include <pwd.h>
2979 ],
97994d32 2980 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2981 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2982 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2983 )
2984])
2985if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2986 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2987 [Define if your password has a pw_class field])
2e73a022 2988fi
2989
7751d4eb 2990AC_CACHE_CHECK([for pw_expire field in struct passwd],
2991 ac_cv_have_pw_expire_in_struct_passwd, [
2992 AC_TRY_COMPILE(
2993 [
2994#include <pwd.h>
2995 ],
2996 [ struct passwd p; p.pw_expire = 0; ],
2997 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2998 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2999 )
3000])
3001if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 3002 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3003 [Define if your password has a pw_expire field])
7751d4eb 3004fi
3005
3006AC_CACHE_CHECK([for pw_change field in struct passwd],
3007 ac_cv_have_pw_change_in_struct_passwd, [
3008 AC_TRY_COMPILE(
3009 [
3010#include <pwd.h>
3011 ],
3012 [ struct passwd p; p.pw_change = 0; ],
3013 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3014 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3015 )
3016])
3017if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 3018 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3019 [Define if your password has a pw_change field])
7751d4eb 3020fi
58d100bf 3021
637f9177 3022dnl make sure we're using the real structure members and not defines
6f34652e 3023AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3024 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3025 AC_COMPILE_IFELSE(
6f34652e 3026 [
f95c8ce8 3027#include <sys/types.h>
6f34652e 3028#include <sys/socket.h>
3029#include <sys/uio.h>
637f9177 3030int main() {
3031#ifdef msg_accrights
1a01a50c 3032#error "msg_accrights is a macro"
637f9177 3033exit(1);
3034#endif
3035struct msghdr m;
3036m.msg_accrights = 0;
3037exit(0);
3038}
6f34652e 3039 ],
6f34652e 3040 [ ac_cv_have_accrights_in_msghdr="yes" ],
3041 [ ac_cv_have_accrights_in_msghdr="no" ]
3042 )
3043])
3044if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3045 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3046 [Define if your system uses access rights style
3047 file descriptor passing])
6f34652e 3048fi
3049
7a4f468b 3050AC_MSG_CHECKING(if f_fsid has val members)
3051AC_TRY_COMPILE([
3052#include <sys/types.h>
3053#include <sys/statvfs.h>],
3054[struct fsid_t t; t.val[0] = 0;],
3055 [ AC_MSG_RESULT(yes)
3056 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3057 [ AC_MSG_RESULT(no) ]
3058)
3059
7176df4f 3060AC_CACHE_CHECK([for msg_control field in struct msghdr],
3061 ac_cv_have_control_in_msghdr, [
1a01a50c 3062 AC_COMPILE_IFELSE(
7176df4f 3063 [
f95c8ce8 3064#include <sys/types.h>
7176df4f 3065#include <sys/socket.h>
3066#include <sys/uio.h>
637f9177 3067int main() {
3068#ifdef msg_control
1a01a50c 3069#error "msg_control is a macro"
637f9177 3070exit(1);
3071#endif
3072struct msghdr m;
3073m.msg_control = 0;
3074exit(0);
3075}
7176df4f 3076 ],
7176df4f 3077 [ ac_cv_have_control_in_msghdr="yes" ],
3078 [ ac_cv_have_control_in_msghdr="no" ]
3079 )
3080])
3081if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3082 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3083 [Define if your system uses ancillary data style
3084 file descriptor passing])
7176df4f 3085fi
3086
58d100bf 3087AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3088 AC_TRY_LINK([],
3089 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3090 [ ac_cv_libc_defines___progname="yes" ],
3091 [ ac_cv_libc_defines___progname="no" ]
3092 )
3093])
3094if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3095 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3096fi
8946db53 3097
c921ee00 3098AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3099 AC_TRY_LINK([
3100#include <stdio.h>
aff51935 3101],
3102 [ printf("%s", __FUNCTION__); ],
c921ee00 3103 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3104 [ ac_cv_cc_implements___FUNCTION__="no" ]
3105 )
3106])
3107if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3108 AC_DEFINE(HAVE___FUNCTION__, 1,
3109 [Define if compiler implements __FUNCTION__])
c921ee00 3110fi
3111
3112AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3113 AC_TRY_LINK([
3114#include <stdio.h>
aff51935 3115],
3116 [ printf("%s", __func__); ],
c921ee00 3117 [ ac_cv_cc_implements___func__="yes" ],
3118 [ ac_cv_cc_implements___func__="no" ]
3119 )
3120])
3121if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3122 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3123fi
3124
9a406e1e 3125AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3126 AC_TRY_LINK(
3127 [#include <stdarg.h>
3128 va_list x,y;],
3129 [va_copy(x,y);],
3130 [ ac_cv_have_va_copy="yes" ],
3131 [ ac_cv_have_va_copy="no" ]
3132 )
3133])
3134if test "x$ac_cv_have_va_copy" = "xyes" ; then
3135 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3136fi
3137
3138AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3139 AC_TRY_LINK(
3140 [#include <stdarg.h>
3141 va_list x,y;],
3142 [__va_copy(x,y);],
3143 [ ac_cv_have___va_copy="yes" ],
3144 [ ac_cv_have___va_copy="no" ]
3145 )
3146])
3147if test "x$ac_cv_have___va_copy" = "xyes" ; then
3148 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3149fi
3150
1812a662 3151AC_CACHE_CHECK([whether getopt has optreset support],
3152 ac_cv_have_getopt_optreset, [
3153 AC_TRY_LINK(
3154 [
3155#include <getopt.h>
3156 ],
3157 [ extern int optreset; optreset = 0; ],
3158 [ ac_cv_have_getopt_optreset="yes" ],
3159 [ ac_cv_have_getopt_optreset="no" ]
3160 )
3161])
3162if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3163 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3164 [Define if your getopt(3) defines and uses optreset])
1812a662 3165fi
a0391976 3166
819b676f 3167AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3168 AC_TRY_LINK([],
3169 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3170 [ ac_cv_libc_defines_sys_errlist="yes" ],
3171 [ ac_cv_libc_defines_sys_errlist="no" ]
3172 )
3173])
3174if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3175 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3176 [Define if your system defines sys_errlist[]])
819b676f 3177fi
3178
3179
416ed5a7 3180AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3181 AC_TRY_LINK([],
3182 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3183 [ ac_cv_libc_defines_sys_nerr="yes" ],
3184 [ ac_cv_libc_defines_sys_nerr="no" ]
3185 )
3186])
3187if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3188 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3189fi
3190
aff51935 3191SCARD_MSG="no"
295c8801 3192# Check whether user wants sectok support
3193AC_ARG_WITH(sectok,
3194 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3195 [
3196 if test "x$withval" != "xno" ; then
3197 if test "x$withval" != "xyes" ; then
3198 CPPFLAGS="$CPPFLAGS -I${withval}"
3199 LDFLAGS="$LDFLAGS -L${withval}"
3200 if test ! -z "$need_dash_r" ; then
3201 LDFLAGS="$LDFLAGS -R${withval}"
3202 fi
3203 if test ! -z "$blibpath" ; then
3204 blibpath="$blibpath:${withval}"
3205 fi
3206 fi
3207 AC_CHECK_HEADERS(sectok.h)
3208 if test "$ac_cv_header_sectok_h" != yes; then
3209 AC_MSG_ERROR(Can't find sectok.h)
3210 fi
3211 AC_CHECK_LIB(sectok, sectok_open)
3212 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3213 AC_MSG_ERROR(Can't find libsectok)
3214 fi
3466e002 3215 AC_DEFINE(SMARTCARD, 1,
3216 [Define if you want smartcard support])
3217 AC_DEFINE(USE_SECTOK, 1,
3218 [Define if you want smartcard support
3219 using sectok])
aff51935 3220 SCARD_MSG="yes, using sectok"
295c8801 3221 fi
3222 ]
3223)
3224
3225# Check whether user wants OpenSC support
987b458f 3226OPENSC_CONFIG="no"
295c8801 3227AC_ARG_WITH(opensc,
e47fb473 3228 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3229 [
3230 if test "x$withval" != "xno" ; then
3231 if test "x$withval" != "xyes" ; then
3232 OPENSC_CONFIG=$withval/bin/opensc-config
3233 else
3234 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3235 fi
3236 if test "$OPENSC_CONFIG" != "no"; then
3237 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3238 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3239 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3240 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3241 AC_DEFINE(SMARTCARD)
3466e002 3242 AC_DEFINE(USE_OPENSC, 1,
3243 [Define if you want smartcard support
3244 using OpenSC])
987b458f 3245 SCARD_MSG="yes, using OpenSC"
3246 fi
3247 fi
3248 ]
3249)
d0b19c95 3250
c31dc31c 3251# Check libraries needed by DNS fingerprint support
aff51935 3252AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3253 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3254 [Define if getrrsetbyname() exists])],
3e05e934 3255 [
c31dc31c 3256 # Needed by our getrrsetbyname()
3257 AC_SEARCH_LIBS(res_query, resolv)
3258 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3259 AC_MSG_CHECKING(if res_query will link)
3260 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3261 [AC_MSG_RESULT(no)
3262 saved_LIBS="$LIBS"
3263 LIBS="$LIBS -lresolv"
3264 AC_MSG_CHECKING(for res_query in -lresolv)
3265 AC_LINK_IFELSE([
3266#include <resolv.h>
3267int main()
3268{
3269 res_query (0, 0, 0, 0, 0);
3270 return 0;
3271}
3272 ],
3273 [LIBS="$LIBS -lresolv"
3274 AC_MSG_RESULT(yes)],
3275 [LIBS="$saved_LIBS"
3276 AC_MSG_RESULT(no)])
3277 ])
c31dc31c 3278 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3279 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3280 [#include <sys/types.h>
3281 #include <arpa/nameser.h>])
c31dc31c 3282 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3283 [AC_DEFINE(HAVE_HEADER_AD, 1,
3284 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3285 [#include <arpa/nameser.h>])
3286 ])
3e05e934 3287
560acf80 3288AC_MSG_CHECKING(if struct __res_state _res is an extern)
3289AC_LINK_IFELSE([
3290#include <stdio.h>
3291#if HAVE_SYS_TYPES_H
3292# include <sys/types.h>
3293#endif
3294#include <netinet/in.h>
3295#include <arpa/nameser.h>
3296#include <resolv.h>
3297extern struct __res_state _res;
3298int main() { return 0; }
3299 ],
3300 [AC_MSG_RESULT(yes)
3301 AC_DEFINE(HAVE__RES_EXTERN, 1,
3302 [Define if you have struct __res_state _res as an extern])
3303 ],
3304 [ AC_MSG_RESULT(no) ]
3305)
3306
ef4d1846 3307# Check whether user wants SELinux support
3308SELINUX_MSG="no"
3309LIBSELINUX=""
3310AC_ARG_WITH(selinux,
bb23b54f 3311 [ --with-selinux Enable SELinux support],
ef4d1846 3312 [ if test "x$withval" != "xno" ; then
e54defb4 3313 save_LIBS="$LIBS"
ef4d1846 3314 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3315 SELINUX_MSG="yes"
3316 AC_CHECK_HEADER([selinux/selinux.h], ,
3317 AC_MSG_ERROR(SELinux support requires selinux.h header))
3318 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3319 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3320 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3321 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3322 LIBS="$save_LIBS"
ef4d1846 3323 fi ]
3324)
ef4d1846 3325
12928e80 3326# Check whether user wants Kerberos 5 support
aff51935 3327KRB5_MSG="no"
12928e80 3328AC_ARG_WITH(kerberos5,
aff51935 3329 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3330 [ if test "x$withval" != "xno" ; then
3331 if test "x$withval" = "xyes" ; then
3332 KRB5ROOT="/usr/local"
3333 else
3334 KRB5ROOT=${withval}
3335 fi
3336
3466e002 3337 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3338 KRB5_MSG="yes"
3339
3340 AC_MSG_CHECKING(for krb5-config)
3341 if test -x $KRB5ROOT/bin/krb5-config ; then
3342 KRB5CONF=$KRB5ROOT/bin/krb5-config
3343 AC_MSG_RESULT($KRB5CONF)
3344
3345 AC_MSG_CHECKING(for gssapi support)
3346 if $KRB5CONF | grep gssapi >/dev/null ; then
3347 AC_MSG_RESULT(yes)
3466e002 3348 AC_DEFINE(GSSAPI, 1,
3349 [Define this if you want GSSAPI
3350 support in the version 2 protocol])
071970fb 3351 k5confopts=gssapi
aff51935 3352 else
5585c441 3353 AC_MSG_RESULT(no)
071970fb 3354 k5confopts=""
aff51935 3355 fi
071970fb 3356 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3357 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3358 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3359 AC_MSG_CHECKING(whether we are using Heimdal)
3360 AC_TRY_COMPILE([ #include <krb5.h> ],
3361 [ char *tmp = heimdal_version; ],
3362 [ AC_MSG_RESULT(yes)
3466e002 3363 AC_DEFINE(HEIMDAL, 1,
3364 [Define this if you are using the
3365 Heimdal version of Kerberos V5]) ],
5585c441 3366 AC_MSG_RESULT(no)
3367 )
3368 else
3369 AC_MSG_RESULT(no)
12928e80 3370 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3371 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3372 AC_MSG_CHECKING(whether we are using Heimdal)
3373 AC_TRY_COMPILE([ #include <krb5.h> ],
3374 [ char *tmp = heimdal_version; ],
3375 [ AC_MSG_RESULT(yes)
3376 AC_DEFINE(HEIMDAL)
41707f74 3377 K5LIBS="-lkrb5 -ldes"
3378 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3379 AC_CHECK_LIB(roken, net_write,
41707f74 3380 [K5LIBS="$K5LIBS -lroken"])
aff51935 3381 ],
3382 [ AC_MSG_RESULT(no)
3383 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3384 ]
3385 )
4e00038c 3386 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3387
596a825b 3388 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
749560dd 3389 [ AC_DEFINE(GSSAPI)
596a825b 3390 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3391 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
749560dd 3392 [ AC_DEFINE(GSSAPI)
596a825b 3393 K5LIBS="-lgssapi $K5LIBS" ],
749560dd 3394 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3395 $K5LIBS)
3396 ],
3397 $K5LIBS)
82f4e93d 3398
749560dd 3399 AC_CHECK_HEADER(gssapi.h, ,
3400 [ unset ac_cv_header_gssapi_h
aff51935 3401 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3402 AC_CHECK_HEADERS(gssapi.h, ,
3403 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3404 )
749560dd 3405 ]
3406 )
3407
3408 oldCPP="$CPPFLAGS"
3409 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3410 AC_CHECK_HEADER(gssapi_krb5.h, ,
3411 [ CPPFLAGS="$oldCPP" ])
3412
aff51935 3413 fi
5585c441 3414 if test ! -z "$need_dash_r" ; then
3415 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3416 fi
3417 if test ! -z "$blibpath" ; then
3418 blibpath="$blibpath:${KRB5ROOT}/lib"
3419 fi
071970fb 3420
f5555364 3421 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3422 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3423 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3424
f5555364 3425 LIBS="$LIBS $K5LIBS"
3466e002 3426 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3427 [Define this if you want to use libkafs' AFS support]))
f5555364 3428 fi
071970fb 3429 ]
12928e80 3430)
b5b68128 3431
a0391976 3432# Looking for programs, paths and files
a0391976 3433
ecac8ee5 3434PRIVSEP_PATH=/var/empty
3435AC_ARG_WITH(privsep-path,
cda1ebcb 3436 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3437 [
6cf0200f 3438 if test -n "$withval" && test "x$withval" != "xno" && \
3439 test "x${withval}" != "xyes"; then
ecac8ee5 3440 PRIVSEP_PATH=$withval
3441 fi
3442 ]
3443)
3444AC_SUBST(PRIVSEP_PATH)
3445
a0391976 3446AC_ARG_WITH(xauth,
3447 [ --with-xauth=PATH Specify path to xauth program ],
3448 [
6cf0200f 3449 if test -n "$withval" && test "x$withval" != "xno" && \
3450 test "x${withval}" != "xyes"; then
cbd7492e 3451 xauth_path=$withval
a0391976 3452 fi
3453 ],
3454 [
2bf42e4a 3455 TestPath="$PATH"
3456 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3457 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3458 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3459 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3460 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3461 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3462 xauth_path="/usr/openwin/bin/xauth"
3463 fi
3464 ]
3465)
3466
65a4b4af 3467STRIP_OPT=-s
3468AC_ARG_ENABLE(strip,
3469 [ --disable-strip Disable calling strip(1) on install],
3470 [
3471 if test "x$enableval" = "xno" ; then
3472 STRIP_OPT=
3473 fi
3474 ]
3475)
3476AC_SUBST(STRIP_OPT)
3477
b3ec54b4 3478if test -z "$xauth_path" ; then
3479 XAUTH_PATH="undefined"
3480 AC_SUBST(XAUTH_PATH)
3481else
3466e002 3482 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3483 [Define if xauth is found in your path])
b3ec54b4 3484 XAUTH_PATH=$xauth_path
3485 AC_SUBST(XAUTH_PATH)
a0391976 3486fi
a0391976 3487
3488# Check for mail directory (last resort if we cannot get it from headers)
3489if test ! -z "$MAIL" ; then
3490 maildir=`dirname $MAIL`
3466e002 3491 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3492 [Set this to your mail directory if you don't have maillock.h])
a0391976 3493fi
3494
479cece8 3495if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3496 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3497 disable_ptmx_check=yes
3498fi
a0391976 3499if test -z "$no_dev_ptmx" ; then
6e879cb4 3500 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3501 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3502 [
3466e002 3503 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3504 [Define if you have /dev/ptmx])
6e879cb4 3505 have_dev_ptmx=1
3506 ]
3507 )
3508 fi
3276571c 3509fi
1a01a50c 3510
479cece8 3511if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3512 AC_CHECK_FILE("/dev/ptc",
3513 [
3466e002 3514 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3515 [Define if you have /dev/ptc])
1a01a50c 3516 have_dev_ptc=1
3517 ]
3518 )
3519else
3520 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3521fi
3276571c 3522
a0391976 3523# Options from here on. Some of these are preset by platform above
fdf6b7aa 3524AC_ARG_WITH(mantype,
5d97cfbf 3525 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3526 [
5d97cfbf 3527 case "$withval" in
3528 man|cat|doc)
3529 MANTYPE=$withval
3530 ;;
3531 *)
3532 AC_MSG_ERROR(invalid man type: $withval)
3533 ;;
3534 esac
c54a6257 3535 ]
3536)
e0c4d3ac 3537if test -z "$MANTYPE"; then
2bf42e4a 3538 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3539 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3540 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3541 MANTYPE=doc
3542 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3543 MANTYPE=man
3544 else
3545 MANTYPE=cat
3546 fi
3547fi
c54a6257 3548AC_SUBST(MANTYPE)
e0c4d3ac 3549if test "$MANTYPE" = "doc"; then
3550 mansubdir=man;
3551else
3552 mansubdir=$MANTYPE;
3553fi
3554AC_SUBST(mansubdir)
0bc5b6fb 3555
a0391976 3556# Check whether to enable MD5 passwords
aff51935 3557MD5_MSG="no"
2ddcfdf3 3558AC_ARG_WITH(md5-passwords,
caf3bc51 3559 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3560 [
bcf36c78 3561 if test "x$withval" != "xno" ; then
3466e002 3562 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3563 [Define if you want to allow MD5 passwords])
aff51935 3564 MD5_MSG="yes"
0bc5b6fb 3565 fi
3566 ]
caf3bc51 3567)
3568
a0391976 3569# Whether to disable shadow password support
a7effaac 3570AC_ARG_WITH(shadow,
3571 [ --without-shadow Disable shadow password support],
3572 [
82f4e93d 3573 if test "x$withval" = "xno" ; then
a7effaac 3574 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3575 disable_shadow=yes
a7effaac 3576 fi
3577 ]
3578)
3579
4cb5ffa0 3580if test -z "$disable_shadow" ; then
3581 AC_MSG_CHECKING([if the systems has expire shadow information])
3582 AC_TRY_COMPILE(
3583 [
3584#include <sys/types.h>
3585#include <shadow.h>
3586 struct spwd sp;
3587 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3588 [ sp_expire_available=yes ], []
3589 )
3590
3591 if test "x$sp_expire_available" = "xyes" ; then
3592 AC_MSG_RESULT(yes)
3466e002 3593 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3594 [Define if you want to use shadow password expire field])
4cb5ffa0 3595 else
3596 AC_MSG_RESULT(no)
3597 fi
3598fi
3599
a0391976 3600# Use ip address instead of hostname in $DISPLAY
44839801 3601if test ! -z "$IPADDR_IN_DISPLAY" ; then
3602 DISPLAY_HACK_MSG="yes"
3466e002 3603 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3604 [Define if you need to use IP address
3605 instead of hostname in $DISPLAY])
44839801 3606else
aff51935 3607 DISPLAY_HACK_MSG="no"
44839801 3608 AC_ARG_WITH(ipaddr-display,
3609 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3610 [
82f4e93d 3611 if test "x$withval" != "xno" ; then
44839801 3612 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3613 DISPLAY_HACK_MSG="yes"
44839801 3614 fi
3615 ]
3616 )
3617fi
a7effaac 3618
95b99395 3619# check for /etc/default/login and use it if present.
daa41e62 3620AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3621 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3622 [ if test "x$enableval" = "xno"; then
3623 AC_MSG_NOTICE([/etc/default/login handling disabled])
3624 etc_default_login=no
3625 else
3626 etc_default_login=yes
3627 fi ],
b0e7249f 3628 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3629 then
3630 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3631 etc_default_login=no
3632 else
3633 etc_default_login=yes
3634 fi ]
694d0cef 3635)
95b99395 3636
694d0cef 3637if test "x$etc_default_login" != "xno"; then
3638 AC_CHECK_FILE("/etc/default/login",
3639 [ external_path_file=/etc/default/login ])
b0e7249f 3640 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3641 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3642 [Define if your system has /etc/default/login])
1a01a50c 3643 fi
694d0cef 3644fi
95b99395 3645
8d184c09 3646dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3647if test $ac_cv_func_login_getcapbool = "yes" && \
3648 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3649 external_path_file=/etc/login.conf
8d184c09 3650fi
95b99395 3651
a0391976 3652# Whether to mess with the default path
aff51935 3653SERVER_PATH_MSG="(default)"
c43d69a9 3654AC_ARG_WITH(default-path,
75817f90 3655 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3656 [
95b99395 3657 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3658 AC_MSG_WARN([
3659--with-default-path=PATH has no effect on this system.
3660Edit /etc/login.conf instead.])
82f4e93d 3661 elif test "x$withval" != "xno" ; then
89bbd457 3662 if test ! -z "$external_path_file" ; then
95b99395 3663 AC_MSG_WARN([
3664--with-default-path=PATH will only be used if PATH is not defined in
3665$external_path_file .])
3666 fi
b2d818e6 3667 user_path="$withval"
aff51935 3668 SERVER_PATH_MSG="$withval"
cb807f40 3669 fi
b2d818e6 3670 ],
95b99395 3671 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3672 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3673 else
89bbd457 3674 if test ! -z "$external_path_file" ; then
95b99395 3675 AC_MSG_WARN([
3676If PATH is defined in $external_path_file, ensure the path to scp is included,
3677otherwise scp will not work.])
3678 fi
b0e7249f 3679 AC_RUN_IFELSE(
3680 [AC_LANG_SOURCE([[
b2d818e6 3681/* find out what STDPATH is */
3682#include <stdio.h>
b2d818e6 3683#ifdef HAVE_PATHS_H
3684# include <paths.h>
3685#endif
3686#ifndef _PATH_STDPATH
d9a4e55b 3687# ifdef _PATH_USERPATH /* Irix */
3688# define _PATH_STDPATH _PATH_USERPATH
3689# else
3690# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3691# endif
b2d818e6 3692#endif
3693#include <sys/types.h>
3694#include <sys/stat.h>
3695#include <fcntl.h>
3696#define DATA "conftest.stdpath"
3697
3698main()
3699{
3700 FILE *fd;
3701 int rc;
82f4e93d 3702
b2d818e6 3703 fd = fopen(DATA,"w");
3704 if(fd == NULL)
3705 exit(1);
82f4e93d 3706
b2d818e6 3707 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3708 exit(1);
3709
3710 exit(0);
3711}
b0e7249f 3712 ]])],
3713 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3714 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3715 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3716 )
3717# make sure $bindir is in USER_PATH so scp will work
3718 t_bindir=`eval echo ${bindir}`
3719 case $t_bindir in
3720 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3721 esac
3722 case $t_bindir in
3723 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3724 esac
3725 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3726 if test $? -ne 0 ; then
3727 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3728 if test $? -ne 0 ; then
3729 user_path=$user_path:$t_bindir
3730 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3731 fi
3732 fi
8d184c09 3733 fi ]
cb807f40 3734)
95b99395 3735if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3736 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3737 AC_SUBST(user_path)
3738fi
cb807f40 3739
06617857 3740# Set superuser path separately to user path
06617857 3741AC_ARG_WITH(superuser-path,
3742 [ --with-superuser-path= Specify different path for super-user],
3743 [
6cf0200f 3744 if test -n "$withval" && test "x$withval" != "xno" && \
3745 test "x${withval}" != "xyes"; then
3466e002 3746 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3747 [Define if you want a different $PATH
3748 for the superuser])
06617857 3749 superuser_path=$withval
3750 fi
3751 ]
3752)
3753
3754
58d100bf 3755AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3756IPV4_IN6_HACK_MSG="no"
80faa19f 3757AC_ARG_WITH(4in6,
3758 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3759 [
3760 if test "x$withval" != "xno" ; then
3761 AC_MSG_RESULT(yes)
3466e002 3762 AC_DEFINE(IPV4_IN_IPV6, 1,
3763 [Detect IPv4 in IPv6 mapped addresses
3764 and treat as IPv4])
aff51935 3765 IPV4_IN6_HACK_MSG="yes"
80faa19f 3766 else
3767 AC_MSG_RESULT(no)
3768 fi
3769 ],[
3770 if test "x$inet6_default_4in6" = "xyes"; then
3771 AC_MSG_RESULT([yes (default)])
3772 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3773 IPV4_IN6_HACK_MSG="yes"
80faa19f 3774 else
3775 AC_MSG_RESULT([no (default)])
3776 fi
3777 ]
3778)
3779
af774732 3780# Whether to enable BSD auth support
f1b0ecc3 3781BSD_AUTH_MSG=no
af774732 3782AC_ARG_WITH(bsd-auth,
3783 [ --with-bsd-auth Enable BSD auth support],
3784 [
82f4e93d 3785 if test "x$withval" != "xno" ; then
3466e002 3786 AC_DEFINE(BSD_AUTH, 1,
3787 [Define if you have BSD auth support])
f1b0ecc3 3788 BSD_AUTH_MSG=yes
af774732 3789 fi
3790 ]
3791)
3792
a0391976 3793# Where to place sshd.pid
19d9ac2a 3794piddir=/var/run
81dadca3 3795# make sure the directory exists
82f4e93d 3796if test ! -d $piddir ; then
81dadca3 3797 piddir=`eval echo ${sysconfdir}`
3798 case $piddir in
aff51935 3799 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3800 esac
3801fi
3802
47e45e44 3803AC_ARG_WITH(pid-dir,
3804 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3805 [
6cf0200f 3806 if test -n "$withval" && test "x$withval" != "xno" && \
3807 test "x${withval}" != "xyes"; then
19d9ac2a 3808 piddir=$withval
82f4e93d 3809 if test ! -d $piddir ; then
81dadca3 3810 AC_MSG_WARN([** no $piddir directory on this system **])
3811 fi
47e45e44 3812 fi
3813 ]
3814)
b7a87eea 3815
3466e002 3816AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3817AC_SUBST(piddir)
47e45e44 3818
1d7b9b20 3819dnl allow user to disable some login recording features
3820AC_ARG_ENABLE(lastlog,
bfd550a2 3821 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3822 [
3823 if test "x$enableval" = "xno" ; then
3824 AC_DEFINE(DISABLE_LASTLOG)
3825 fi
3826 ]
1d7b9b20 3827)
3828AC_ARG_ENABLE(utmp,
bfd550a2 3829 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3830 [
3831 if test "x$enableval" = "xno" ; then
3832 AC_DEFINE(DISABLE_UTMP)
3833 fi
3834 ]
1d7b9b20 3835)
3836AC_ARG_ENABLE(utmpx,
bfd550a2 3837 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3838 [
3839 if test "x$enableval" = "xno" ; then
3466e002 3840 AC_DEFINE(DISABLE_UTMPX, 1,
3841 [Define if you don't want to use utmpx])
ddb154b3 3842 fi
3843 ]
1d7b9b20 3844)
3845AC_ARG_ENABLE(wtmp,
bfd550a2 3846 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3847 [
3848 if test "x$enableval" = "xno" ; then
3849 AC_DEFINE(DISABLE_WTMP)
3850 fi
3851 ]
1d7b9b20 3852)
3853AC_ARG_ENABLE(wtmpx,
bfd550a2 3854 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3855 [
3856 if test "x$enableval" = "xno" ; then
3466e002 3857 AC_DEFINE(DISABLE_WTMPX, 1,
3858 [Define if you don't want to use wtmpx])
ddb154b3 3859 fi
3860 ]
1d7b9b20 3861)
3862AC_ARG_ENABLE(libutil,
bfd550a2 3863 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3864 [
3865 if test "x$enableval" = "xno" ; then
3866 AC_DEFINE(DISABLE_LOGIN)
3867 fi
3868 ]
1d7b9b20 3869)
3870AC_ARG_ENABLE(pututline,
bfd550a2 3871 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3872 [
3873 if test "x$enableval" = "xno" ; then
3466e002 3874 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3875 [Define if you don't want to use pututline()
3876 etc. to write [uw]tmp])
ddb154b3 3877 fi
3878 ]
1d7b9b20 3879)
3880AC_ARG_ENABLE(pututxline,
bfd550a2 3881 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3882 [
3883 if test "x$enableval" = "xno" ; then
3466e002 3884 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3885 [Define if you don't want to use pututxline()
3886 etc. to write [uw]tmpx])
ddb154b3 3887 fi
3888 ]
1d7b9b20 3889)
3890AC_ARG_WITH(lastlog,
bfd550a2 3891 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3892 [
82f4e93d 3893 if test "x$withval" = "xno" ; then
8c89dd2b 3894 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3895 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3896 conf_lastlog_location=$withval
3897 fi
3898 ]
3899)
1d7b9b20 3900
3901dnl lastlog, [uw]tmpx? detection
3902dnl NOTE: set the paths in the platform section to avoid the
3903dnl need for command-line parameters
3904dnl lastlog and [uw]tmp are subject to a file search if all else fails
3905
3906dnl lastlog detection
3907dnl NOTE: the code itself will detect if lastlog is a directory
3908AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3909AC_TRY_COMPILE([
3910#include <sys/types.h>
3911#include <utmp.h>
3912#ifdef HAVE_LASTLOG_H
3913# include <lastlog.h>
3914#endif
d7c0f3d5 3915#ifdef HAVE_PATHS_H
1d7b9b20 3916# include <paths.h>
41cb4569 3917#endif
3918#ifdef HAVE_LOGIN_H
3919# include <login.h>
1d7b9b20 3920#endif
3921 ],
3922 [ char *lastlog = LASTLOG_FILE; ],
3923 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3924 [
3925 AC_MSG_RESULT(no)
3926 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3927 AC_TRY_COMPILE([
3928#include <sys/types.h>
3929#include <utmp.h>
3930#ifdef HAVE_LASTLOG_H
3931# include <lastlog.h>
3932#endif
3933#ifdef HAVE_PATHS_H
3934# include <paths.h>
3935#endif
3936 ],
3937 [ char *lastlog = _PATH_LASTLOG; ],
3938 [ AC_MSG_RESULT(yes) ],
3939 [
f282b668 3940 AC_MSG_RESULT(no)
d7c0f3d5 3941 system_lastlog_path=no
3942 ])
3943 ]
1d7b9b20 3944)
d7c0f3d5 3945
1d7b9b20 3946if test -z "$conf_lastlog_location"; then
3947 if test x"$system_lastlog_path" = x"no" ; then
3948 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3949 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3950 conf_lastlog_location=$f
3951 fi
3952 done
3953 if test -z "$conf_lastlog_location"; then
f8119cef 3954 AC_MSG_WARN([** Cannot find lastlog **])
3955 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3956 fi
3957 fi
3958fi
3959
3960if test -n "$conf_lastlog_location"; then
3466e002 3961 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3962 [Define if you want to specify the path to your lastlog file])
82f4e93d 3963fi
1d7b9b20 3964
3965dnl utmp detection
3966AC_MSG_CHECKING([if your system defines UTMP_FILE])
3967AC_TRY_COMPILE([
3968#include <sys/types.h>
3969#include <utmp.h>
d7c0f3d5 3970#ifdef HAVE_PATHS_H
1d7b9b20 3971# include <paths.h>
3972#endif
3973 ],
3974 [ char *utmp = UTMP_FILE; ],
3975 [ AC_MSG_RESULT(yes) ],
3976 [ AC_MSG_RESULT(no)
3977 system_utmp_path=no ]
3978)
3979if test -z "$conf_utmp_location"; then
3980 if test x"$system_utmp_path" = x"no" ; then
3981 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3982 if test -f $f ; then
3983 conf_utmp_location=$f
3984 fi
3985 done
3986 if test -z "$conf_utmp_location"; then
3987 AC_DEFINE(DISABLE_UTMP)
3988 fi
3989 fi
3990fi
3991if test -n "$conf_utmp_location"; then
3466e002 3992 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3993 [Define if you want to specify the path to your utmp file])
82f4e93d 3994fi
1d7b9b20 3995
3996dnl wtmp detection
3997AC_MSG_CHECKING([if your system defines WTMP_FILE])
3998AC_TRY_COMPILE([
3999#include <sys/types.h>
4000#include <utmp.h>
d7c0f3d5 4001#ifdef HAVE_PATHS_H
1d7b9b20 4002# include <paths.h>
4003#endif
4004 ],
4005 [ char *wtmp = WTMP_FILE; ],
4006 [ AC_MSG_RESULT(yes) ],
4007 [ AC_MSG_RESULT(no)
4008 system_wtmp_path=no ]
4009)
4010if test -z "$conf_wtmp_location"; then
4011 if test x"$system_wtmp_path" = x"no" ; then
4012 for f in /usr/adm/wtmp /var/log/wtmp; do
4013 if test -f $f ; then
4014 conf_wtmp_location=$f
4015 fi
4016 done
4017 if test -z "$conf_wtmp_location"; then
4018 AC_DEFINE(DISABLE_WTMP)
4019 fi
4020 fi
4021fi
4022if test -n "$conf_wtmp_location"; then
3466e002 4023 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4024 [Define if you want to specify the path to your wtmp file])
82f4e93d 4025fi
1d7b9b20 4026
4027
4028dnl utmpx detection - I don't know any system so perverse as to require
4029dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4030dnl there, though.
4031AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4032AC_TRY_COMPILE([
4033#include <sys/types.h>
4034#include <utmp.h>
4035#ifdef HAVE_UTMPX_H
4036#include <utmpx.h>
4037#endif
d7c0f3d5 4038#ifdef HAVE_PATHS_H
1d7b9b20 4039# include <paths.h>
4040#endif
4041 ],
4042 [ char *utmpx = UTMPX_FILE; ],
4043 [ AC_MSG_RESULT(yes) ],
4044 [ AC_MSG_RESULT(no)
4045 system_utmpx_path=no ]
4046)
4047if test -z "$conf_utmpx_location"; then
4048 if test x"$system_utmpx_path" = x"no" ; then
4049 AC_DEFINE(DISABLE_UTMPX)
4050 fi
4051else
3466e002 4052 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4053 [Define if you want to specify the path to your utmpx file])
82f4e93d 4054fi
1d7b9b20 4055
4056dnl wtmpx detection
4057AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4058AC_TRY_COMPILE([
4059#include <sys/types.h>
4060#include <utmp.h>
4061#ifdef HAVE_UTMPX_H
4062#include <utmpx.h>
4063#endif
d7c0f3d5 4064#ifdef HAVE_PATHS_H
1d7b9b20 4065# include <paths.h>
4066#endif
4067 ],
4068 [ char *wtmpx = WTMPX_FILE; ],
4069 [ AC_MSG_RESULT(yes) ],
4070 [ AC_MSG_RESULT(no)
4071 system_wtmpx_path=no ]
4072)
4073if test -z "$conf_wtmpx_location"; then
4074 if test x"$system_wtmpx_path" = x"no" ; then
4075 AC_DEFINE(DISABLE_WTMPX)
4076 fi
4077else
3466e002 4078 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4079 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4080fi
1d7b9b20 4081
b7a87eea 4082
bd499f9e 4083if test ! -z "$blibpath" ; then
68ece370 4084 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4085 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4086fi
4087
ed89c848 4088dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4089dnl Add now.
4090CFLAGS="$CFLAGS $werror_flags"
4091
edee47f5 4092if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4093 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4094 AC_SUBST(TEST_SSH_IPV6, no)
4095else
4096 AC_SUBST(TEST_SSH_IPV6, yes)
4097fi
4098
3c62e7eb 4099AC_EXEEXT
29eadd7c 4100AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4101 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4102 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4103AC_OUTPUT
d3083fbd 4104
cbd7492e 4105# Print summary of options
4106
cbd7492e 4107# Someone please show me a better way :)
4108A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4109B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4110C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4111D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4112E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4113F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4114G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4115H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4116I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4117J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4118
4119echo ""
26de7942 4120echo "OpenSSH has been configured with the following options:"
ecac8ee5 4121echo " User binaries: $B"
4122echo " System binaries: $C"
4123echo " Configuration files: $D"
4124echo " Askpass program: $E"
4125echo " Manual pages: $F"
4126echo " PID file: $G"
4127echo " Privilege separation chroot path: $H"
95b99395 4128if test "x$external_path_file" = "x/etc/login.conf" ; then
4129echo " At runtime, sshd will use the path defined in $external_path_file"
4130echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4131else
ecac8ee5 4132echo " sshd default user PATH: $I"
89bbd457 4133 if test ! -z "$external_path_file"; then
95b99395 4134echo " (If PATH is set in $external_path_file it will be used instead. If"
4135echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4136 fi
8d184c09 4137fi
06617857 4138if test ! -z "$superuser_path" ; then
ecac8ee5 4139echo " sshd superuser user PATH: $J"
4140fi
4141echo " Manpage format: $MANTYPE"
3e05e934 4142echo " PAM support: $PAM_MSG"
5b84789f 4143echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4144echo " KerberosV support: $KRB5_MSG"
ef4d1846 4145echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4146echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4147echo " S/KEY support: $SKEY_MSG"
4148echo " TCP Wrappers support: $TCPW_MSG"
4149echo " MD5 password support: $MD5_MSG"
59031773 4150echo " libedit support: $LIBEDIT_MSG"
5b84789f 4151echo " Solaris process contract support: $SPC_MSG"
3deb1408 4152echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4153echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4154echo " BSD Auth support: $BSD_AUTH_MSG"
4155echo " Random number source: $RAND_MSG"
f1b0ecc3 4156if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4157echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4158fi
4159
cbd7492e 4160echo ""
4161
0c2fb82f 4162echo " Host: ${host}"
4163echo " Compiler: ${CC}"
4164echo " Compiler flags: ${CFLAGS}"
4165echo "Preprocessor flags: ${CPPFLAGS}"
4166echo " Linker flags: ${LDFLAGS}"
e54defb4 4167echo " Libraries: ${LIBS}"
4168if test ! -z "${SSHDLIBS}"; then
4169echo " +for sshd: ${SSHDLIBS}"
4170fi
cbd7492e 4171
4172echo ""
4173
9cefe228 4174if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4175 echo "SVR4 style packages are supported with \"make package\""
4176 echo ""
9cefe228 4177fi
4178
adeebd37 4179if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4180 echo "PAM is enabled. You may need to install a PAM control file "
4181 echo "for sshd, otherwise password authentication may fail. "
aff51935 4182 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4183 echo "subdirectory"
adeebd37 4184 echo ""
4185fi
4186
f1b0ecc3 4187if test ! -z "$RAND_HELPER_CMDHASH" ; then
4188 echo "WARNING: you are using the builtin random number collection "
4189 echo "service. Please read WARNING.RNG and request that your OS "
4190 echo "vendor includes kernel-based random number collection in "
4191 echo "future versions of your OS."
2c523de9 4192 echo ""
4193fi
af774732 4194
2f6f9cff 4195if test ! -z "$NO_PEERCHECK" ; then
1961d660 4196 echo "WARNING: the operating system that you are using does not"
4197 echo "appear to support getpeereid(), getpeerucred() or the"
4198 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4199 echo "enforce security checks to prevent unauthorised connections to"
4200 echo "ssh-agent. Their absence increases the risk that a malicious"
4201 echo "user can connect to your agent."
2f6f9cff 4202 echo ""
4203fi
4204
7b578f7d 4205if test "$AUDIT_MODULE" = "bsm" ; then
4206 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4207 echo "See the Solaris section in README.platform for details."
4208fi
git-cvsimport mirror of OpenSSH
This page took 1.081149 seconds and 5 git commands to generate.