]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (dtucker) [README.platform configure.ac openbsd-compat/port-tun.c] Add
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
aff51935 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 96 case $GCC_VER in
97 1.*) ;;
98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
99 2.*) ;;
dbf07ba2 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
102 *) ;;
5fdabf45 103 esac
8a3ff1aa 104
dfafb2e1 105 if test -z "$have_llong_max"; then
106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
107 unset ac_cv_have_decl_LLONG_MAX
108 saved_CFLAGS="$CFLAGS"
109 CFLAGS="$CFLAGS -std=gnu99"
110 AC_CHECK_DECL(LLONG_MAX,
111 [have_llong_max=1],
112 [CFLAGS="$saved_CFLAGS"],
113 [#include <limits.h>]
114 )
115 fi
d423d822 116fi
117
e6354014 118AC_ARG_WITH(rpath,
119 [ --without-rpath Disable auto-added -R linker paths],
120 [
82f4e93d 121 if test "x$withval" = "xno" ; then
e6354014 122 need_dash_r=""
123 fi
124 if test "x$withval" = "xyes" ; then
125 need_dash_r=1
126 fi
127 ]
128)
129
a0391976 130# Check for some target-specific stuff
a7effaac 131case "$host" in
9d6b1b96 132*-*-aix*)
aff51935 133 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 134 if (test -z "$blibpath"); then
0a15d73b 135 blibpath="/usr/lib:/lib"
68ece370 136 fi
137 saved_LDFLAGS="$LDFLAGS"
138 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
139 if (test -z "$blibflags"); then
140 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
141 AC_TRY_LINK([], [], [blibflags=$tryflags])
142 fi
143 done
144 if (test -z "$blibflags"); then
145 AC_MSG_RESULT(not found)
146 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
147 else
148 AC_MSG_RESULT($blibflags)
bd499f9e 149 fi
68ece370 150 LDFLAGS="$saved_LDFLAGS"
e351e493 151 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 152 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
153 [Define if you want to enable AIX4's authenticate function])],
0764e748 154 [AC_CHECK_LIB(s,authenticate,
e351e493 155 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 156 LIBS="$LIBS -ls"
157 ])
158 ])
ba603e06 159 dnl Check for various auth function declarations in headers.
c85ed8e2 160 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 161 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 162 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 163 AC_CHECK_DECLS(loginfailed,
e351e493 164 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
165 AC_TRY_COMPILE(
f58c0e01 166 [#include <usersec.h>],
e351e493 167 [(void)loginfailed("user","host","tty",0);],
168 [AC_MSG_RESULT(yes)
3466e002 169 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
170 [Define if your AIX loginfailed() function
171 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 172 [AC_MSG_RESULT(no)]
e351e493 173 )],
174 [],
175 [#include <usersec.h>]
176 )
2aa3a16c 177 AC_CHECK_FUNCS(setauthdb)
5ccf88cb 178 check_for_aix_broken_getaddrinfo=1
3466e002 179 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
180 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
181 [Define if your platform breaks doing a seteuid before a setuid])
182 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
183 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 184 dnl AIX handles lastlog as part of its login message
3466e002 185 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
186 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
187 [Some systems need a utmpx entry for /bin/login to work])
188 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
189 [Define to a Set Process Title type if your system is
190 supported by bsd-setproctitle.c])
961c2997 191 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
192 [AIX 5.2 and 5.3 (and presumably newer) require this])
9d6b1b96 193 ;;
3c62e7eb 194*-*-cygwin*)
a52997bd 195 check_for_libcrypt_later=1
ffb8d130 196 LIBS="$LIBS /usr/lib/textmode.o"
3466e002 197 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
198 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
199 AC_DEFINE(DISABLE_SHADOW, 1,
200 [Define if you want to disable shadow passwords])
201 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
202 [Define if your system choked on IP TOS setting])
203 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
204 [Define if X11 doesn't support AF_UNIX sockets on that system])
205 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
206 [Define if the concept of ports only accessible to
207 superusers isn't known])
208 AC_DEFINE(DISABLE_FD_PASSING, 1,
209 [Define if your platform needs to skip post auth
210 file descriptor passing])
3c62e7eb 211 ;;
d6fdb079 212*-*-dgux*)
213 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 214 AC_DEFINE(SETEUID_BREAKS_SETUID)
215 AC_DEFINE(BROKEN_SETREUID)
216 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 217 ;;
39c98ef7 218*-*-darwin*)
33e2e066 219 AC_MSG_CHECKING(if we have working getaddrinfo)
220 AC_TRY_RUN([#include <mach-o/dyld.h>
221main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
222 exit(0);
223 else
224 exit(1);
225}], [AC_MSG_RESULT(working)],
226 [AC_MSG_RESULT(buggy)
3466e002 227 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 228 [AC_MSG_RESULT(assume it is working)])
635e0c42 229 AC_DEFINE(SETEUID_BREAKS_SETUID)
230 AC_DEFINE(BROKEN_SETREUID)
231 AC_DEFINE(BROKEN_SETREGID)
3466e002 232 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
233 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 234 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
235 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
236 [Use tunnel device compatibility to OpenBSD])
237 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
238 [Prepend the address family to IP tunnel traffic])
39c98ef7 239 ;;
7d458c86 240*-*-hpux*)
241 # first we define all of the options common to all HP-UX releases
b8fea62d 242 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 243 IPADDR_IN_DISPLAY=yes
2b10f47a 244 AC_DEFINE(USE_PIPES)
3466e002 245 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
246 [Define if your login program cannot handle end of options ("--")])
a2572aa7 247 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 248 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
249 [String used in /etc/passwd to denote locked account])
3a2b2b44 250 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 251 MAIL="/var/mail/username"
f75ca46d 252 LIBS="$LIBS -lsec"
7d458c86 253 AC_CHECK_LIB(xnet, t_error, ,
254 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
255
256 # next, we define all of the options specific to major releases
257 case "$host" in
258 *-*-hpux10*)
259 if test -z "$GCC"; then
260 CFLAGS="$CFLAGS -Ae"
261 fi
262 ;;
263 *-*-hpux11*)
3466e002 264 AC_DEFINE(PAM_SUN_CODEBASE, 1,
265 [Define if you are using Solaris-derived PAM which
266 passes pam_messages to the conversation function
267 with an extra level of indirection])
268 AC_DEFINE(DISABLE_UTMP, 1,
269 [Define if you don't want to use utmp])
7d458c86 270 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
271 check_for_hpux_broken_getaddrinfo=1
272 check_for_conflicting_getspnam=1
273 ;;
274 esac
275
276 # lastly, we define options specific to minor releases
277 case "$host" in
278 *-*-hpux10.26)
3466e002 279 AC_DEFINE(HAVE_SECUREWARE, 1,
280 [Define if you have SecureWare-based
281 protected password database])
7d458c86 282 disable_ptmx_check=yes
283 LIBS="$LIBS -lsecpw"
284 ;;
285 esac
2b763e31 286 ;;
d94aa2ae 287*-*-irix5*)
6ac7829a 288 PATH="$PATH:/usr/etc"
3466e002 289 AC_DEFINE(BROKEN_INET_NTOA, 1,
290 [Define if you system's inet_ntoa is busted
291 (e.g. Irix gcc issue)])
cb433561 292 AC_DEFINE(SETEUID_BREAKS_SETUID)
293 AC_DEFINE(BROKEN_SETREUID)
294 AC_DEFINE(BROKEN_SETREGID)
3466e002 295 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
296 [Define if you shouldn't strip 'tty' from your
297 ttyname in [uw]tmp])
3e6e3da0 298 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 299 ;;
300*-*-irix6*)
6ac7829a 301 PATH="$PATH:/usr/etc"
3466e002 302 AC_DEFINE(WITH_IRIX_ARRAY, 1,
303 [Define if you have/want arrays
304 (cluster-wide session managment, not C arrays)])
305 AC_DEFINE(WITH_IRIX_PROJECT, 1,
306 [Define if you want IRIX project management])
307 AC_DEFINE(WITH_IRIX_AUDIT, 1,
308 [Define if you want IRIX audit trails])
309 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
310 [Define if you want IRIX kernel jobs])])
416ed5a7 311 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 312 AC_DEFINE(SETEUID_BREAKS_SETUID)
313 AC_DEFINE(BROKEN_SETREUID)
314 AC_DEFINE(BROKEN_SETREGID)
3466e002 315 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 316 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 317 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 318 ;;
5cdfe03f 319*-*-linux*)
320 no_dev_ptmx=1
717057b6 321 check_for_libcrypt_later=1
eacb954e 322 check_for_openpty_ctty_bug=1
3466e002 323 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
324 AC_DEFINE(PAM_TTY_KLUDGE, 1,
325 [Work around problematic Linux PAM modules handling of PAM_TTY])
326 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
327 [String used in /etc/passwd to denote locked account])
3a2b2b44 328 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 329 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
330 [Define to whatever link() returns for "not supported"
331 if it doesn't return EOPNOTSUPP.])
b6610e8f 332 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 333 AC_DEFINE(USE_BTMP)
80faa19f 334 inet6_default_4in6=yes
bf7c1e6c 335 case `uname -r` in
ad84c479 336 1.*|2.0.*)
3466e002 337 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
338 [Define if cmsg_type is not passed correctly])
bf7c1e6c 339 ;;
bf7c1e6c 340 esac
c40f09ca 341 # tun(4) forwarding compat code
d91775e1 342 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 343 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 344 AC_DEFINE(SSH_TUN_LINUX, 1,
345 [Open tunnel devices the Linux tun/tap way])
346 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
347 [Use tunnel device compatibility to OpenBSD])
348 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
349 [Prepend the address family to IP tunnel traffic])
350 fi
5cdfe03f 351 ;;
66d6c27e 352mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 353 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 354 SONY=1
66d6c27e 355 ;;
d468fc76 356*-*-netbsd*)
33e2e066 357 check_for_libcrypt_before=1
82f4e93d 358 if test "x$withval" != "xno" ; then
e6354014 359 need_dash_r=1
360 fi
0f6cb079 361 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
362 AC_CHECK_HEADER([net/if_tap.h], ,
363 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
364 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
365 [Prepend the address family to IP tunnel traffic])
d468fc76 366 ;;
86b416a7 367*-*-freebsd*)
368 check_for_libcrypt_later=1
988c5031 369 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 370 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
371 AC_CHECK_HEADER([net/if_tap.h], ,
372 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
86b416a7 373 ;;
8707b7eb 374*-*-bsdi*)
375 AC_DEFINE(SETEUID_BREAKS_SETUID)
376 AC_DEFINE(BROKEN_SETREUID)
377 AC_DEFINE(BROKEN_SETREGID)
378 ;;
729bfe59 379*-next-*)
729bfe59 380 conf_lastlog_location="/usr/adm/lastlog"
698d107e 381 conf_utmp_location=/etc/utmp
382 conf_wtmp_location=/usr/adm/wtmp
383 MAIL=/usr/spool/mail
3466e002 384 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 385 AC_DEFINE(BROKEN_REALPATH)
00937921 386 AC_DEFINE(USE_PIPES)
3466e002 387 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 388 ;;
5b7b5e23 389*-*-openbsd*)
390 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 391 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 392 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
5b7b5e23 393 ;;
9d6b1b96 394*-*-solaris*)
82f4e93d 395 if test "x$withval" != "xno" ; then
010e9d5b 396 need_dash_r=1
397 fi
adeebd37 398 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 399 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 400 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
401 [Some versions of /bin/login need the TERM supplied
402 on the commandline])
7f0a4ff1 403 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 404 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
405 [Define if pam_chauthtok wants real uid set
406 to the unpriv'ed user])
3e6e3da0 407 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 408 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 409 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
410 [Define if sshd somehow reacquires a controlling TTY
411 after setsid()])
95b99395 412 external_path_file=/etc/default/login
1d7b9b20 413 # hardwire lastlog location (can't detect it on some versions)
414 conf_lastlog_location="/var/adm/lastlog"
32c80420 415 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
416 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
417 if test "$sol2ver" -ge 8; then
418 AC_MSG_RESULT(yes)
419 AC_DEFINE(DISABLE_UTMP)
3466e002 420 AC_DEFINE(DISABLE_WTMP, 1,
421 [Define if you don't want to use wtmp])
32c80420 422 else
423 AC_MSG_RESULT(no)
424 fi
9d6b1b96 425 ;;
a423beaf 426*-*-sunos4*)
0c2fb82f 427 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 428 AC_CHECK_FUNCS(getpwanam)
adeebd37 429 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 430 conf_utmp_location=/etc/utmp
431 conf_wtmp_location=/var/adm/wtmp
432 conf_lastlog_location=/var/adm/lastlog
137d7b6c 433 AC_DEFINE(USE_PIPES)
a423beaf 434 ;;
6f68f28a 435*-ncr-sysv*)
98a7c37b 436 LIBS="$LIBS -lc89"
29525240 437 AC_DEFINE(USE_PIPES)
eabb99c6 438 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 439 AC_DEFINE(SETEUID_BREAKS_SETUID)
440 AC_DEFINE(BROKEN_SETREUID)
441 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 442 ;;
132dd316 443*-sni-sysv*)
c8c15bcb 444 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 445 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 446 # -lresolv needs to be at the end of LIBS or DNS lookups break
447 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 448 IPADDR_IN_DISPLAY=yes
449 AC_DEFINE(USE_PIPES)
132dd316 450 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 451 AC_DEFINE(SETEUID_BREAKS_SETUID)
452 AC_DEFINE(BROKEN_SETREUID)
453 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 454 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 455 external_path_file=/etc/default/login
c8c15bcb 456 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
457 # Attention: always take care to bind libsocket and libnsl before libc,
458 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 459 ;;
79a7ba96 460# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 461*-*-sysv4.2*)
9a406e1e 462 CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
ed6553e2 463 AC_DEFINE(USE_PIPES)
7ed101c0 464 AC_DEFINE(SETEUID_BREAKS_SETUID)
465 AC_DEFINE(BROKEN_SETREUID)
466 AC_DEFINE(BROKEN_SETREGID)
46f853b9 467 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 468 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 469 ;;
79a7ba96 470# UnixWare 7.x, OpenUNIX 8
77bb0bca 471*-*-sysv5*)
d7d2cc6e 472 check_for_libcrypt_later=1
473 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 474 AC_DEFINE(USE_PIPES)
7ed101c0 475 AC_DEFINE(SETEUID_BREAKS_SETUID)
476 AC_DEFINE(BROKEN_SETREUID)
477 AC_DEFINE(BROKEN_SETREGID)
3466e002 478 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 479 case "$host" in
480 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
481 TEST_SHELL=/u95/bin/sh
3466e002 482 AC_DEFINE(BROKEN_LIBIAF, 1,
483 [ia_uinfo routines not supported by OS yet])
822015dd 484 ;;
e45da4d6 485 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
486 ;;
822015dd 487 esac
77bb0bca 488 ;;
9d6b1b96 489*-*-sysv*)
9d6b1b96 490 ;;
79a7ba96 491# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 492*-*-sco3.2v4*)
11cf4f1f 493 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 494 ;;
79a7ba96 495# SCO OpenServer 5.x
77bb0bca 496*-*-sco3.2v5*)
21710e39 497 if test -z "$GCC"; then
498 CFLAGS="$CFLAGS -belf"
499 fi
ed6553e2 500 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 501 no_dev_ptmx=1
ed6553e2 502 AC_DEFINE(USE_PIPES)
6e879cb4 503 AC_DEFINE(HAVE_SECUREWARE)
d287c664 504 AC_DEFINE(DISABLE_SHADOW)
94d8258b 505 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 506 AC_DEFINE(SETEUID_BREAKS_SETUID)
507 AC_DEFINE(BROKEN_SETREUID)
508 AC_DEFINE(BROKEN_SETREGID)
bcebad47 509 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 510 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 511 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 512 AC_CHECK_FUNCS(getluid setluid)
533875af 513 MANTYPE=man
a3245b92 514 TEST_SHELL=ksh
509b1f88 515 ;;
ccbb983c 516*-*-unicosmk*)
3466e002 517 AC_DEFINE(NO_SSH_LASTLOG, 1,
518 [Define if you don't want to use lastlog in session.c])
c1ad5966 519 AC_DEFINE(SETEUID_BREAKS_SETUID)
520 AC_DEFINE(BROKEN_SETREUID)
521 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 522 AC_DEFINE(USE_PIPES)
523 AC_DEFINE(DISABLE_FD_PASSING)
524 LDFLAGS="$LDFLAGS"
525 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
526 MANTYPE=cat
d262b7f2 527 ;;
7b9a8c6e 528*-*-unicosmp*)
c1ad5966 529 AC_DEFINE(SETEUID_BREAKS_SETUID)
530 AC_DEFINE(BROKEN_SETREUID)
531 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 532 AC_DEFINE(WITH_ABBREV_NO_TTY)
533 AC_DEFINE(USE_PIPES)
534 AC_DEFINE(DISABLE_FD_PASSING)
535 LDFLAGS="$LDFLAGS"
c1ad5966 536 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 537 MANTYPE=cat
538 ;;
ca5c7d6a 539*-*-unicos*)
c1ad5966 540 AC_DEFINE(SETEUID_BREAKS_SETUID)
541 AC_DEFINE(BROKEN_SETREUID)
542 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 543 AC_DEFINE(USE_PIPES)
94d8258b 544 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 545 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 546 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
547 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
548 MANTYPE=cat
a704dd54 549 ;;
4d33e531 550*-dec-osf*)
99c8ddac 551 AC_MSG_CHECKING(for Digital Unix SIA)
552 no_osfsia=""
553 AC_ARG_WITH(osfsia,
554 [ --with-osfsia Enable Digital Unix SIA],
555 [
556 if test "x$withval" = "xno" ; then
557 AC_MSG_RESULT(disabled)
558 no_osfsia=1
559 fi
560 ],
561 )
562 if test -z "$no_osfsia" ; then
4d33e531 563 if test -f /etc/sia/matrix.conf; then
564 AC_MSG_RESULT(yes)
3466e002 565 AC_DEFINE(HAVE_OSF_SIA, 1,
566 [Define if you have Digital Unix Security
567 Integration Architecture])
568 AC_DEFINE(DISABLE_LOGIN, 1,
569 [Define if you don't want to use your
570 system's login() call])
58d0df4e 571 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 572 LIBS="$LIBS -lsecurity -ldb -lm -laud"
573 else
574 AC_MSG_RESULT(no)
3466e002 575 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
576 [String used in /etc/passwd to denote locked account])
4d33e531 577 fi
578 fi
a6e67b60 579 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 580 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 581 AC_DEFINE(BROKEN_SETREUID)
582 AC_DEFINE(BROKEN_SETREGID)
4d33e531 583 ;;
41cb4569 584
9c54c067 585*-*-nto-qnx*)
41cb4569 586 AC_DEFINE(USE_PIPES)
587 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 588 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
589 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
590 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 591 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 592 AC_DEFINE(SSHD_ACQUIRES_CTTY)
0c7e8877 593 enable_etc_default_login=no # has incompatible /etc/default/login
41cb4569 594 ;;
35fc74ed 595
596*-*-ultrix*)
3466e002 597 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
598 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 599 AC_DEFINE(NEED_SETPGRP)
b5765e1d 600 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
601 ;;
157b6700 602
603*-*-lynxos)
604 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 605 AC_DEFINE(MISSING_HOWMANY)
157b6700 606 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
607 ;;
a7effaac 608esac
609
8e7b16f8 610# Allow user to specify flags
611AC_ARG_WITH(cflags,
612 [ --with-cflags Specify additional flags to pass to compiler],
613 [
6cf0200f 614 if test -n "$withval" && test "x$withval" != "xno" && \
615 test "x${withval}" != "xyes"; then
8e7b16f8 616 CFLAGS="$CFLAGS $withval"
617 fi
82f4e93d 618 ]
8e7b16f8 619)
0c2fb82f 620AC_ARG_WITH(cppflags,
621 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
622 [
6cf0200f 623 if test -n "$withval" && test "x$withval" != "xno" && \
624 test "x${withval}" != "xyes"; then
0c2fb82f 625 CPPFLAGS="$CPPFLAGS $withval"
626 fi
627 ]
628)
8e7b16f8 629AC_ARG_WITH(ldflags,
97b378bf 630 [ --with-ldflags Specify additional flags to pass to linker],
8e7b16f8 631 [
6cf0200f 632 if test -n "$withval" && test "x$withval" != "xno" && \
633 test "x${withval}" != "xyes"; then
8e7b16f8 634 LDFLAGS="$LDFLAGS $withval"
635 fi
82f4e93d 636 ]
8e7b16f8 637)
638AC_ARG_WITH(libs,
639 [ --with-libs Specify additional libraries to link with],
640 [
6cf0200f 641 if test -n "$withval" && test "x$withval" != "xno" && \
642 test "x${withval}" != "xyes"; then
8e7b16f8 643 LIBS="$LIBS $withval"
644 fi
82f4e93d 645 ]
8e7b16f8 646)
ed89c848 647AC_ARG_WITH(Werror,
648 [ --with-Werror Build main code with -Werror],
649 [
650 if test -n "$withval" && test "x$withval" != "xno"; then
651 werror_flags="-Werror"
1012885d 652 if test "x${withval}" != "xyes"; then
ed89c848 653 werror_flags="$withval"
654 fi
655 fi
656 ]
657)
8e7b16f8 658
c5829391 659AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 660AC_RUN_IFELSE(
661 [AC_LANG_SOURCE([
c5829391 662#include <stdio.h>
663int main(){exit(0);}
479cece8 664 ])],
c5829391 665 [ AC_MSG_RESULT(yes) ],
666 [
667 AC_MSG_RESULT(no)
668 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 669 ],
670 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 671)
672
b04a9f8c 673dnl Checks for header files.
674AC_CHECK_HEADERS( \
675 bstring.h \
676 crypt.h \
2f360c89 677 crypto/sha2.h \
b04a9f8c 678 dirent.h \
679 endian.h \
680 features.h \
681 floatingpoint.h \
682 getopt.h \
683 glob.h \
684 ia.h \
4c653d8e 685 iaf.h \
b04a9f8c 686 limits.h \
687 login.h \
b04a9f8c 688 maillock.h \
689 ndir.h \
e02505e2 690 net/if_tun.h \
b04a9f8c 691 netdb.h \
692 netgroup.h \
b04a9f8c 693 pam/pam_appl.h \
694 paths.h \
695 pty.h \
696 readpassphrase.h \
697 rpc/types.h \
698 security/pam_appl.h \
f73e2ad7 699 sha2.h \
b04a9f8c 700 shadow.h \
701 stddef.h \
702 stdint.h \
0957c2cf 703 string.h \
b04a9f8c 704 strings.h \
705 sys/audit.h \
706 sys/bitypes.h \
707 sys/bsdtty.h \
708 sys/cdefs.h \
709 sys/dir.h \
710 sys/mman.h \
711 sys/ndir.h \
712 sys/prctl.h \
713 sys/pstat.h \
714 sys/select.h \
715 sys/stat.h \
716 sys/stream.h \
717 sys/stropts.h \
718 sys/strtio.h \
719 sys/sysmacros.h \
720 sys/time.h \
721 sys/timers.h \
722 sys/un.h \
723 time.h \
724 tmpdir.h \
725 ttyent.h \
25dd2ce6 726 unistd.h \
b04a9f8c 727 usersec.h \
728 util.h \
729 utime.h \
730 utmp.h \
731 utmpx.h \
ea76f54c 732 vis.h \
b04a9f8c 733)
ddceb1c8 734
823221b2 735# lastlog.h requires sys/time.h to be included first on Solaris
736AC_CHECK_HEADERS(lastlog.h, [], [], [
737#ifdef HAVE_SYS_TIME_H
738# include <sys/time.h>
739#endif
740])
741
765a24cd 742# sys/ptms.h requires sys/stream.h to be included first on Solaris
743AC_CHECK_HEADERS(sys/ptms.h, [], [], [
744#ifdef HAVE_SYS_STREAM_H
745# include <sys/stream.h>
746#endif
747])
748
3919d576 749# login_cap.h requires sys/types.h on NetBSD
750AC_CHECK_HEADERS(login_cap.h, [], [], [
751#include <sys/types.h>
752])
753
a0391976 754# Checks for libraries.
98a7c37b 755AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
756AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 757
446227d6 758dnl IRIX and Solaris 2.5.1 have dirname() in libgen
759AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
760 AC_CHECK_LIB(gen, dirname,[
761 AC_CACHE_CHECK([for broken dirname],
762 ac_cv_have_broken_dirname, [
763 save_LIBS="$LIBS"
764 LIBS="$LIBS -lgen"
b0e7249f 765 AC_RUN_IFELSE(
766 [AC_LANG_SOURCE([[
446227d6 767#include <libgen.h>
768#include <string.h>
769
770int main(int argc, char **argv) {
771 char *s, buf[32];
772
773 strncpy(buf,"/etc", 32);
774 s = dirname(buf);
775 if (!s || strncmp(s, "/", 32) != 0) {
776 exit(1);
777 } else {
778 exit(0);
779 }
780}
b0e7249f 781 ]])],
782 [ ac_cv_have_broken_dirname="no" ],
783 [ ac_cv_have_broken_dirname="yes" ],
446227d6 784 [ ac_cv_have_broken_dirname="no" ],
446227d6 785 )
786 LIBS="$save_LIBS"
787 ])
788 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
789 LIBS="$LIBS -lgen"
790 AC_DEFINE(HAVE_DIRNAME)
791 AC_CHECK_HEADERS(libgen.h)
792 fi
793 ])
794])
795
796AC_CHECK_FUNC(getspnam, ,
797 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 798AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
799 [Define if you have the basename function.]))
446227d6 800
98a7c37b 801dnl zlib is required
802AC_ARG_WITH(zlib,
803 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 804 [ if test "x$withval" = "xno" ; then
805 AC_MSG_ERROR([*** zlib is required ***])
806 elif test "x$withval" != "xyes"; then
98a7c37b 807 if test -d "$withval/lib"; then
808 if test -n "${need_dash_r}"; then
5a162955 809 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 810 else
5a162955 811 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 812 fi
813 else
814 if test -n "${need_dash_r}"; then
5a162955 815 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 816 else
5a162955 817 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 818 fi
819 fi
820 if test -d "$withval/include"; then
5a162955 821 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 822 else
5a162955 823 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 824 fi
6dd05556 825 fi ]
98a7c37b 826)
827
0a15d73b 828AC_CHECK_LIB(z, deflate, ,
829 [
830 saved_CPPFLAGS="$CPPFLAGS"
831 saved_LDFLAGS="$LDFLAGS"
832 save_LIBS="$LIBS"
833 dnl Check default zlib install dir
834 if test -n "${need_dash_r}"; then
835 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
836 else
837 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
838 fi
839 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
840 LIBS="$LIBS -lz"
841 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
842 [
843 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
844 ]
845 )
846 ]
847)
4ad65809 848AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 849
850AC_ARG_WITH(zlib-version-check,
851 [ --without-zlib-version-check Disable zlib version check],
852 [ if test "x$withval" = "xno" ; then
853 zlib_check_nonfatal=1
854 fi
855 ]
856)
857
5c7fc85d 858AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 859AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 860#include <stdio.h>
4ad65809 861#include <zlib.h>
862int main()
863{
5c7fc85d 864 int a=0, b=0, c=0, d=0, n, v;
865 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
866 if (n != 3 && n != 4)
4ad65809 867 exit(1);
5c7fc85d 868 v = a*1000000 + b*10000 + c*100 + d;
869 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
870
871 /* 1.1.4 is OK */
872 if (a == 1 && b == 1 && c >= 4)
4ad65809 873 exit(0);
5c7fc85d 874
0072b59d 875 /* 1.2.3 and up are OK */
876 if (v >= 1020300)
5c7fc85d 877 exit(0);
878
4ad65809 879 exit(2);
880}
479cece8 881 ]])],
5c7fc85d 882 AC_MSG_RESULT(no),
883 [ AC_MSG_RESULT(yes)
8068d564 884 if test -z "$zlib_check_nonfatal" ; then
885 AC_MSG_ERROR([*** zlib too old - check config.log ***
886Your reported zlib version has known security problems. It's possible your
887vendor has fixed these problems without changing the version number. If you
888are sure this is the case, you can disable the check by running
889"./configure --without-zlib-version-check".
6090bcfe 890If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 891See http://www.gzip.org/zlib/ for details.])
8068d564 892 else
893 AC_MSG_WARN([zlib version may have security problems])
894 fi
1a01a50c 895 ],
896 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 897)
48e7916f 898
2c523de9 899dnl UnixWare 2.x
aff51935 900AC_CHECK_FUNC(strcasecmp,
2c523de9 901 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
902)
23361281 903AC_CHECK_FUNCS(utimes,
cda1ebcb 904 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
905 LIBS="$LIBS -lc89"]) ]
2c523de9 906)
4cca272e 907
7c6d759d 908dnl Checks for libutil functions
909AC_CHECK_HEADERS(libutil.h)
3466e002 910AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
911 [Define if your libraries define login()])])
7c6d759d 912AC_CHECK_FUNCS(logout updwtmp logwtmp)
913
a738c3b0 914AC_FUNC_STRFTIME
915
84ceda19 916# Check for ALTDIRFUNC glob() extension
917AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
918AC_EGREP_CPP(FOUNDIT,
919 [
920 #include <glob.h>
921 #ifdef GLOB_ALTDIRFUNC
922 FOUNDIT
923 #endif
aff51935 924 ],
84ceda19 925 [
3466e002 926 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
927 [Define if your system glob() function has
928 the GLOB_ALTDIRFUNC extension])
84ceda19 929 AC_MSG_RESULT(yes)
930 ],
931 [
932 AC_MSG_RESULT(no)
933 ]
934)
4cca272e 935
40849fdb 936# Check for g.gl_matchc glob() extension
937AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 938AC_TRY_COMPILE(
13ff27b7 939 [ #include <glob.h> ],
940 [glob_t g; g.gl_matchc = 1;],
aff51935 941 [
3466e002 942 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
943 [Define if your system glob() function has
944 gl_matchc options in glob_t])
aff51935 945 AC_MSG_RESULT(yes)
946 ],
947 [
948 AC_MSG_RESULT(no)
949 ]
40849fdb 950)
951
edbe6722 952AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 953AC_RUN_IFELSE(
479cece8 954 [AC_LANG_SOURCE([[
edbe6722 955#include <sys/types.h>
956#include <dirent.h>
aec4cb4f 957int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 958 ]])],
aff51935 959 [AC_MSG_RESULT(yes)],
edbe6722 960 [
961 AC_MSG_RESULT(no)
3466e002 962 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 963 [Define if your struct dirent expects you to
3466e002 964 allocate extra space for d_name])
1a01a50c 965 ],
82f4e93d 966 [
1a01a50c 967 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
968 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 969 ]
970)
971
419e26e7 972AC_MSG_CHECKING([for /proc/pid/fd directory])
973if test -d "/proc/$$/fd" ; then
3466e002 974 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 975 AC_MSG_RESULT(yes)
976else
977 AC_MSG_RESULT(no)
978fi
979
278588d8 980# Check whether user wants S/Key support
aff51935 981SKEY_MSG="no"
278588d8 982AC_ARG_WITH(skey,
6ff3d0dc 983 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 984 [
985 if test "x$withval" != "xno" ; then
986
987 if test "x$withval" != "xyes" ; then
988 CPPFLAGS="$CPPFLAGS -I${withval}/include"
989 LDFLAGS="$LDFLAGS -L${withval}/lib"
990 fi
991
3466e002 992 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 993 LIBS="-lskey $LIBS"
aff51935 994 SKEY_MSG="yes"
82f4e93d 995
ddceb1c8 996 AC_MSG_CHECKING([for s/key support])
b0e7249f 997 AC_LINK_IFELSE(
998 [AC_LANG_SOURCE([[
ddceb1c8 999#include <stdio.h>
1000#include <skey.h>
aec4cb4f 1001int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1002 ]])],
ddceb1c8 1003 [AC_MSG_RESULT(yes)],
278588d8 1004 [
ddceb1c8 1005 AC_MSG_RESULT(no)
278588d8 1006 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1007 ])
141fc639 1008 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1009 AC_TRY_COMPILE(
1010 [#include <stdio.h>
1011 #include <skey.h>],
1012 [(void)skeychallenge(NULL,"name","",0);],
1013 [AC_MSG_RESULT(yes)
3466e002 1014 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1015 [Define if your skeychallenge()
1016 function takes 4 arguments (NetBSD)])],
141fc639 1017 [AC_MSG_RESULT(no)]
1018 )
278588d8 1019 fi
1020 ]
1021)
1022
1023# Check whether user wants TCP wrappers support
98a7c37b 1024TCPW_MSG="no"
278588d8 1025AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1026 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1027 [
1028 if test "x$withval" != "xno" ; then
1029 saved_LIBS="$LIBS"
98a7c37b 1030 saved_LDFLAGS="$LDFLAGS"
1031 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1032 if test -n "${withval}" && \
6cf0200f 1033 test "x${withval}" != "xyes"; then
98a7c37b 1034 if test -d "${withval}/lib"; then
1035 if test -n "${need_dash_r}"; then
5a162955 1036 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1037 else
5a162955 1038 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1039 fi
1040 else
1041 if test -n "${need_dash_r}"; then
5a162955 1042 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1043 else
5a162955 1044 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1045 fi
1046 fi
1047 if test -d "${withval}/include"; then
5a162955 1048 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1049 else
5a162955 1050 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1051 fi
98a7c37b 1052 fi
ddceb1c8 1053 LIBWRAP="-lwrap"
1054 LIBS="$LIBWRAP $LIBS"
278588d8 1055 AC_MSG_CHECKING(for libwrap)
1056 AC_TRY_LINK(
1057 [
77f09220 1058#include <sys/types.h>
1059#include <sys/socket.h>
1060#include <netinet/in.h>
278588d8 1061#include <tcpd.h>
1062 int deny_severity = 0, allow_severity = 0;
1063 ],
1064 [hosts_access(0);],
1065 [
1066 AC_MSG_RESULT(yes)
3466e002 1067 AC_DEFINE(LIBWRAP, 1,
1068 [Define if you want
1069 TCP Wrappers support])
ddceb1c8 1070 AC_SUBST(LIBWRAP)
98a7c37b 1071 TCPW_MSG="yes"
278588d8 1072 ],
1073 [
1074 AC_MSG_ERROR([*** libwrap missing])
1075 ]
1076 )
ddceb1c8 1077 LIBS="$saved_LIBS"
278588d8 1078 fi
1079 ]
1080)
1081
59031773 1082# Check whether user wants libedit support
1083LIBEDIT_MSG="no"
1084AC_ARG_WITH(libedit,
6ff3d0dc 1085 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1086 [ if test "x$withval" != "xno" ; then
737edf04 1087 if test "x$withval" != "xyes"; then
bb116c8e 1088 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1089 if test -n "${need_dash_r}"; then
1090 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1091 else
1092 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1093 fi
737edf04 1094 fi
59031773 1095 AC_CHECK_LIB(edit, el_init,
3466e002 1096 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1097 LIBEDIT="-ledit -lcurses"
1098 LIBEDIT_MSG="yes"
1099 AC_SUBST(LIBEDIT)
1100 ],
737edf04 1101 [ AC_MSG_ERROR(libedit not found) ],
1102 [ -lcurses ]
59031773 1103 )
f47ddccb 1104 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1105 AC_COMPILE_IFELSE(
1106 [AC_LANG_SOURCE([[
1107#include <histedit.h>
f47ddccb 1108int main(void)
1109{
1110 int i = H_SETSIZE;
1111 el_init("", NULL, NULL, NULL);
1112 exit(0);
1113}
d92622f9 1114 ]])],
f47ddccb 1115 [ AC_MSG_RESULT(yes) ],
1116 [ AC_MSG_RESULT(no)
1117 AC_MSG_ERROR(libedit version is not compatible) ]
1118 )
59031773 1119 fi ]
1120)
1121
7b578f7d 1122AUDIT_MODULE=none
1123AC_ARG_WITH(audit,
1124 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1125 [
1126 AC_MSG_CHECKING(for supported audit module)
1127 case "$withval" in
1128 bsm)
1129 AC_MSG_RESULT(bsm)
1130 AUDIT_MODULE=bsm
1131 dnl Checks for headers, libs and functions
1132 AC_CHECK_HEADERS(bsm/audit.h, [],
1133 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
1134 AC_CHECK_LIB(bsm, getaudit, [],
1135 [AC_MSG_ERROR(BSM enabled and required library not found)])
1136 AC_CHECK_FUNCS(getaudit, [],
1137 [AC_MSG_ERROR(BSM enabled and required function not found)])
1138 # These are optional
7939c496 1139 AC_CHECK_FUNCS(getaudit_addr)
3466e002 1140 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1141 ;;
1142 debug)
1143 AUDIT_MODULE=debug
1144 AC_MSG_RESULT(debug)
3466e002 1145 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1146 ;;
a2b3321d 1147 no)
d92622f9 1148 AC_MSG_RESULT(no)
a2b3321d 1149 ;;
7b578f7d 1150 *)
1151 AC_MSG_ERROR([Unknown audit module $withval])
1152 ;;
1153 esac ]
1154)
1155
19160674 1156dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1157AC_CHECK_FUNCS( \
1158 arc4random \
9a406e1e 1159 asprintf \
b04a9f8c 1160 b64_ntop \
1161 __b64_ntop \
1162 b64_pton \
1163 __b64_pton \
1164 bcopy \
1165 bindresvport_sa \
1166 clock \
1167 closefrom \
1168 dirfd \
b04a9f8c 1169 fchmod \
1170 fchown \
1171 freeaddrinfo \
1172 futimes \
1173 getaddrinfo \
1174 getcwd \
1175 getgrouplist \
1176 getnameinfo \
1177 getopt \
1178 getpeereid \
1179 _getpty \
1180 getrlimit \
1181 getttyent \
1182 glob \
1183 inet_aton \
1184 inet_ntoa \
1185 inet_ntop \
1186 innetgr \
1187 login_getcapbool \
1188 md5_crypt \
1189 memmove \
1190 mkdtemp \
1191 mmap \
1192 ngetaddrinfo \
1193 nsleep \
1194 ogetaddrinfo \
1195 openlog_r \
1196 openpty \
1197 prctl \
1198 pstat \
1199 readpassphrase \
1200 realpath \
1201 recvmsg \
1202 rresvport_af \
1203 sendmsg \
1204 setdtablesize \
1205 setegid \
1206 setenv \
1207 seteuid \
1208 setgroups \
1209 setlogin \
1210 setpcred \
1211 setproctitle \
1212 setregid \
1213 setreuid \
1214 setrlimit \
1215 setsid \
1216 setvbuf \
1217 sigaction \
1218 sigvec \
1219 snprintf \
1220 socketpair \
1221 strdup \
1222 strerror \
1223 strlcat \
1224 strlcpy \
1225 strmode \
1226 strnvis \
1227 strtonum \
1e29a0c8 1228 strtoll \
b04a9f8c 1229 strtoul \
1230 sysconf \
1231 tcgetpgrp \
1232 truncate \
1233 unsetenv \
1234 updwtmpx \
9a406e1e 1235 vasprintf \
b04a9f8c 1236 vhangup \
1237 vsnprintf \
1238 waitpid \
19160674 1239)
98a7c37b 1240
1a086f97 1241# IRIX has a const char return value for gai_strerror()
1242AC_CHECK_FUNCS(gai_strerror,[
1243 AC_DEFINE(HAVE_GAI_STRERROR)
1244 AC_TRY_COMPILE([
1245#include <sys/types.h>
1246#include <sys/socket.h>
1247#include <netdb.h>
1248
1249const char *gai_strerror(int);],[
1250char *str;
1251
1252str = gai_strerror(0);],[
1253 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1254 [Define if gai_strerror() returns const char *])])])
1255
3466e002 1256AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1257 [Some systems put nanosleep outside of libc]))
92b1decf 1258
309709db 1259dnl Make sure prototypes are defined for these before using them.
309709db 1260AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1261AC_CHECK_DECL(strsep,
1262 [AC_CHECK_FUNCS(strsep)],
1263 [],
1264 [
1265#ifdef HAVE_STRING_H
1266# include <string.h>
1267#endif
1268 ])
08412d26 1269
3490699c 1270dnl tcsendbreak might be a macro
1271AC_CHECK_DECL(tcsendbreak,
1272 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1273 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1274 [#include <termios.h>]
1275)
1276
41e0e158 1277AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1278
3f176010 1279AC_CHECK_FUNCS(setresuid, [
1280 dnl Some platorms have setresuid that isn't implemented, test for this
1281 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1282 AC_RUN_IFELSE(
1283 [AC_LANG_SOURCE([[
9a3fe0e2 1284#include <stdlib.h>
1285#include <errno.h>
1286int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1287 ]])],
3f176010 1288 [AC_MSG_RESULT(yes)],
3466e002 1289 [AC_DEFINE(BROKEN_SETRESUID, 1,
1290 [Define if your setresuid() is broken])
1a01a50c 1291 AC_MSG_RESULT(not implemented)],
1292 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1293 )
1294])
9a3fe0e2 1295
3f176010 1296AC_CHECK_FUNCS(setresgid, [
1297 dnl Some platorms have setresgid that isn't implemented, test for this
1298 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1299 AC_RUN_IFELSE(
1300 [AC_LANG_SOURCE([[
9a3fe0e2 1301#include <stdlib.h>
1302#include <errno.h>
1303int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1304 ]])],
3f176010 1305 [AC_MSG_RESULT(yes)],
3466e002 1306 [AC_DEFINE(BROKEN_SETRESGID, 1,
1307 [Define if your setresgid() is broken])
1a01a50c 1308 AC_MSG_RESULT(not implemented)],
1309 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1310 )
1311])
9a3fe0e2 1312
2e73a022 1313dnl Checks for time functions
1d7b9b20 1314AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1315dnl Checks for utmp functions
b03bd394 1316AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1317AC_CHECK_FUNCS(utmpname)
2e73a022 1318dnl Checks for utmpx functions
b03bd394 1319AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1320AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1321
aff51935 1322AC_CHECK_FUNC(daemon,
3466e002 1323 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1324 [AC_CHECK_LIB(bsd, daemon,
1325 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1326)
1327
aff51935 1328AC_CHECK_FUNC(getpagesize,
3466e002 1329 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1330 [Define if your libraries define getpagesize()])],
1331 [AC_CHECK_LIB(ucb, getpagesize,
1332 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1333)
1334
2647ae26 1335# Check for broken snprintf
1336if test "x$ac_cv_func_snprintf" = "xyes" ; then
1337 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1338 AC_RUN_IFELSE(
479cece8 1339 [AC_LANG_SOURCE([[
2647ae26 1340#include <stdio.h>
aec4cb4f 1341int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1342 ]])],
aff51935 1343 [AC_MSG_RESULT(yes)],
2647ae26 1344 [
1345 AC_MSG_RESULT(no)
3466e002 1346 AC_DEFINE(BROKEN_SNPRINTF, 1,
1347 [Define if your snprintf is busted])
2647ae26 1348 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1349 ],
1350 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1351 )
1352fi
1353
9a406e1e 1354# If we don't have a working asprintf, then we strongly depend on vsnprintf
1355# returning the right thing on overflow: the number of characters it tried to
1356# create (as per SUSv3)
1357if test "x$ac_cv_func_asprintf" != "xyes" && \
1358 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1359 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1360 AC_RUN_IFELSE(
1361 [AC_LANG_SOURCE([[
1362#include <sys/types.h>
1363#include <stdio.h>
1364#include <stdarg.h>
1365
1366int x_snprintf(char *str,size_t count,const char *fmt,...)
1367{
1368 size_t ret; va_list ap;
1369 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1370 return ret;
1371}
1372int main(void)
1373{
1374 char x[1];
1375 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1376} ]])],
1377 [AC_MSG_RESULT(yes)],
1378 [
1379 AC_MSG_RESULT(no)
1380 AC_DEFINE(BROKEN_SNPRINTF, 1,
1381 [Define if your snprintf is busted])
1382 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1383 ],
1384 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1385 )
1386fi
1387
31b0732a 1388# On systems where [v]snprintf is broken, but is declared in stdio,
1389# check that the fmt argument is const char * or just char *.
1390# This is only useful for when BROKEN_SNPRINTF
1391AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1392AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1393 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1394 int main(void) { snprintf(0, 0, 0); }
1395 ]])],
1396 [AC_MSG_RESULT(yes)
1397 AC_DEFINE(SNPRINTF_CONST, [const],
1398 [Define as const if snprintf() can declare const char *fmt])],
1399 [AC_MSG_RESULT(no)
1400 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1401
2f6f9cff 1402# Check for missing getpeereid (or equiv) support
1403NO_PEERCHECK=""
1404if test "x$ac_cv_func_getpeereid" != "xyes" ; then
1405 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1406 AC_TRY_COMPILE(
1407 [#include <sys/types.h>
1408 #include <sys/socket.h>],
1409 [int i = SO_PEERCRED;],
62eb7db4 1410 [ AC_MSG_RESULT(yes)
3466e002 1411 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1412 ],
2f6f9cff 1413 [AC_MSG_RESULT(no)
1414 NO_PEERCHECK=1]
1415 )
1416fi
1417
70e7d0b0 1418dnl see whether mkstemp() requires XXXXXX
1419if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1420AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1421AC_RUN_IFELSE(
1422 [AC_LANG_SOURCE([[
70e7d0b0 1423#include <stdlib.h>
1424main() { char template[]="conftest.mkstemp-test";
1425if (mkstemp(template) == -1)
1426 exit(1);
1427unlink(template); exit(0);
1428}
b0e7249f 1429 ]])],
70e7d0b0 1430 [
1431 AC_MSG_RESULT(no)
1432 ],
aff51935 1433 [
70e7d0b0 1434 AC_MSG_RESULT(yes)
3466e002 1435 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1436 ],
1437 [
1438 AC_MSG_RESULT(yes)
1439 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1440 ]
70e7d0b0 1441)
1442fi
1443
eacb954e 1444dnl make sure that openpty does not reacquire controlling terminal
1445if test ! -z "$check_for_openpty_ctty_bug"; then
1446 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1447 AC_RUN_IFELSE(
1448 [AC_LANG_SOURCE([[
eacb954e 1449#include <stdio.h>
1450#include <sys/fcntl.h>
1451#include <sys/types.h>
1452#include <sys/wait.h>
1453
1454int
1455main()
1456{
1457 pid_t pid;
1458 int fd, ptyfd, ttyfd, status;
1459
1460 pid = fork();
1461 if (pid < 0) { /* failed */
1462 exit(1);
1463 } else if (pid > 0) { /* parent */
1464 waitpid(pid, &status, 0);
aff51935 1465 if (WIFEXITED(status))
eacb954e 1466 exit(WEXITSTATUS(status));
1467 else
1468 exit(2);
1469 } else { /* child */
1470 close(0); close(1); close(2);
1471 setsid();
1472 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1473 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1474 if (fd >= 0)
1475 exit(3); /* Acquired ctty: broken */
1476 else
1477 exit(0); /* Did not acquire ctty: OK */
1478 }
1479}
b0e7249f 1480 ]])],
eacb954e 1481 [
1482 AC_MSG_RESULT(yes)
1483 ],
1484 [
1485 AC_MSG_RESULT(no)
1486 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1487 ],
1488 [
1489 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1490 ]
1491 )
1492fi
1493
4b492aab 1494if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1495 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1496 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1497 AC_RUN_IFELSE(
1498 [AC_LANG_SOURCE([[
2fe51906 1499#include <stdio.h>
1500#include <sys/socket.h>
1501#include <netdb.h>
1502#include <errno.h>
1503#include <netinet/in.h>
1504
1505#define TEST_PORT "2222"
1506
1507int
1508main(void)
1509{
1510 int err, sock;
1511 struct addrinfo *gai_ai, *ai, hints;
1512 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1513
1514 memset(&hints, 0, sizeof(hints));
1515 hints.ai_family = PF_UNSPEC;
1516 hints.ai_socktype = SOCK_STREAM;
1517 hints.ai_flags = AI_PASSIVE;
1518
1519 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1520 if (err != 0) {
1521 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1522 exit(1);
1523 }
1524
1525 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1526 if (ai->ai_family != AF_INET6)
1527 continue;
1528
1529 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1530 sizeof(ntop), strport, sizeof(strport),
1531 NI_NUMERICHOST|NI_NUMERICSERV);
1532
1533 if (err != 0) {
1534 if (err == EAI_SYSTEM)
1535 perror("getnameinfo EAI_SYSTEM");
1536 else
1537 fprintf(stderr, "getnameinfo failed: %s\n",
1538 gai_strerror(err));
1539 exit(2);
1540 }
1541
1542 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1543 if (sock < 0)
1544 perror("socket");
1545 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1546 if (errno == EBADF)
1547 exit(3);
1548 }
1549 }
1550 exit(0);
1551}
b0e7249f 1552 ]])],
2fe51906 1553 [
1554 AC_MSG_RESULT(yes)
1555 ],
1556 [
1557 AC_MSG_RESULT(no)
1558 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1559 ],
1560 [
1561 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1562 ]
1563 )
1564fi
1565
4b492aab 1566if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1567 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1568 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1569 AC_RUN_IFELSE(
1570 [AC_LANG_SOURCE([[
5ccf88cb 1571#include <stdio.h>
1572#include <sys/socket.h>
1573#include <netdb.h>
1574#include <errno.h>
1575#include <netinet/in.h>
1576
1577#define TEST_PORT "2222"
1578
1579int
1580main(void)
1581{
1582 int err, sock;
1583 struct addrinfo *gai_ai, *ai, hints;
1584 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1585
1586 memset(&hints, 0, sizeof(hints));
1587 hints.ai_family = PF_UNSPEC;
1588 hints.ai_socktype = SOCK_STREAM;
1589 hints.ai_flags = AI_PASSIVE;
1590
1591 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1592 if (err != 0) {
1593 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1594 exit(1);
1595 }
1596
1597 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1598 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1599 continue;
1600
1601 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1602 sizeof(ntop), strport, sizeof(strport),
1603 NI_NUMERICHOST|NI_NUMERICSERV);
1604
1605 if (ai->ai_family == AF_INET && err != 0) {
1606 perror("getnameinfo");
1607 exit(2);
1608 }
1609 }
1610 exit(0);
1611}
b0e7249f 1612 ]])],
5ccf88cb 1613 [
1614 AC_MSG_RESULT(yes)
3466e002 1615 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1616 [Define if you have a getaddrinfo that fails
1617 for the all-zeros IPv6 address])
5ccf88cb 1618 ],
1619 [
1620 AC_MSG_RESULT(no)
1621 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1622 ],
1623 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1624 ]
1625 )
1626fi
1627
b29fd59f 1628if test "x$check_for_conflicting_getspnam" = "x1"; then
1629 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1630 AC_COMPILE_IFELSE(
1631 [
1632#include <shadow.h>
1633int main(void) {exit(0);}
1634 ],
1635 [
1636 AC_MSG_RESULT(no)
1637 ],
1638 [
1639 AC_MSG_RESULT(yes)
1640 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1641 [Conflicting defs for getspnam])
1642 ]
1643 )
1644fi
1645
7f8f5e00 1646AC_FUNC_GETPGRP
1647
717057b6 1648# Check for PAM libs
cbd7492e 1649PAM_MSG="no"
a0391976 1650AC_ARG_WITH(pam,
717057b6 1651 [ --with-pam Enable PAM support ],
a0391976 1652 [
717057b6 1653 if test "x$withval" != "xno" ; then
2511d104 1654 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
1655 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
717057b6 1656 AC_MSG_ERROR([PAM headers not found])
1657 fi
a0391976 1658
717057b6 1659 AC_CHECK_LIB(dl, dlopen, , )
1660 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
1661 AC_CHECK_FUNCS(pam_getenvlist)
749560dd 1662 AC_CHECK_FUNCS(pam_putenv)
2b763e31 1663
717057b6 1664 PAM_MSG="yes"
4cb5ffa0 1665
3466e002 1666 AC_DEFINE(USE_PAM, 1,
1667 [Define if you want to enable PAM support])
98f2d9d5 1668 if test $ac_cv_lib_dl_dlopen = yes; then
1669 LIBPAM="-lpam -ldl"
1670 else
1671 LIBPAM="-lpam"
1672 fi
1673 AC_SUBST(LIBPAM)
717057b6 1674 fi
1675 ]
1676)
cbd7492e 1677
717057b6 1678# Check for older PAM
1679if test "x$PAM_MSG" = "xyes" ; then
a0391976 1680 # Check PAM strerror arguments (old PAM)
1681 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
1682 AC_TRY_COMPILE(
1683 [
18ba2aab 1684#include <stdlib.h>
2511d104 1685#if defined(HAVE_SECURITY_PAM_APPL_H)
18ba2aab 1686#include <security/pam_appl.h>
2511d104 1687#elif defined (HAVE_PAM_PAM_APPL_H)
1688#include <pam/pam_appl.h>
1689#endif
aff51935 1690 ],
1691 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
a0391976 1692 [AC_MSG_RESULT(no)],
1693 [
3466e002 1694 AC_DEFINE(HAVE_OLD_PAM, 1,
1695 [Define if you have an old version of PAM
1696 which takes only one argument to pam_strerror])
a0391976 1697 AC_MSG_RESULT(yes)
cbd7492e 1698 PAM_MSG="yes (old library)"
a0391976 1699 ]
717057b6 1700 )
a0391976 1701fi
1702
5b991353 1703# Search for OpenSSL
1704saved_CPPFLAGS="$CPPFLAGS"
1705saved_LDFLAGS="$LDFLAGS"
a0391976 1706AC_ARG_WITH(ssl-dir,
1707 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1708 [
e9e4a1c7 1709 if test "x$withval" != "xno" ; then
99eb0f64 1710 case "$withval" in
1711 # Relative paths
1712 ./*|../*) withval="`pwd`/$withval"
1713 esac
5b991353 1714 if test -d "$withval/lib"; then
1715 if test -n "${need_dash_r}"; then
1716 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1717 else
1718 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1719 fi
1720 else
5b991353 1721 if test -n "${need_dash_r}"; then
1722 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1723 else
1724 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1725 fi
1726 fi
5b991353 1727 if test -d "$withval/include"; then
1728 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1729 else
5b991353 1730 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1731 fi
a0391976 1732 fi
5b991353 1733 ]
1734)
5486a457 1735LIBS="-lcrypto $LIBS"
3466e002 1736AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1737 [Define if your ssl headers are included
1738 with #include <openssl/header.h>]),
d45e3d76 1739 [
5b991353 1740 dnl Check default openssl install dir
1741 if test -n "${need_dash_r}"; then
1742 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1743 else
5b991353 1744 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1745 fi
5b991353 1746 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1747 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1748 [
1749 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1750 ]
1751 )
1752 ]
1753)
1754
cd018561 1755# Determine OpenSSL header version
1756AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1757AC_RUN_IFELSE(
479cece8 1758 [AC_LANG_SOURCE([[
cd018561 1759#include <stdio.h>
1760#include <string.h>
1761#include <openssl/opensslv.h>
1762#define DATA "conftest.sslincver"
1763int main(void) {
aff51935 1764 FILE *fd;
1765 int rc;
cd018561 1766
aff51935 1767 fd = fopen(DATA,"w");
1768 if(fd == NULL)
1769 exit(1);
cd018561 1770
1771 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1772 exit(1);
1773
1774 exit(0);
1775}
479cece8 1776 ]])],
cd018561 1777 [
1778 ssl_header_ver=`cat conftest.sslincver`
1779 AC_MSG_RESULT($ssl_header_ver)
1780 ],
1781 [
1782 AC_MSG_RESULT(not found)
1783 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1784 ],
1785 [
1786 AC_MSG_WARN([cross compiling: not checking])
cd018561 1787 ]
1788)
1789
1790# Determine OpenSSL library version
1791AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1792AC_RUN_IFELSE(
479cece8 1793 [AC_LANG_SOURCE([[
cd018561 1794#include <stdio.h>
1795#include <string.h>
1796#include <openssl/opensslv.h>
1797#include <openssl/crypto.h>
1798#define DATA "conftest.ssllibver"
1799int main(void) {
aff51935 1800 FILE *fd;
1801 int rc;
cd018561 1802
aff51935 1803 fd = fopen(DATA,"w");
1804 if(fd == NULL)
1805 exit(1);
cd018561 1806
1807 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1808 exit(1);
1809
1810 exit(0);
1811}
479cece8 1812 ]])],
cd018561 1813 [
1814 ssl_library_ver=`cat conftest.ssllibver`
1815 AC_MSG_RESULT($ssl_library_ver)
1816 ],
1817 [
1818 AC_MSG_RESULT(not found)
1819 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1820 ],
1821 [
1822 AC_MSG_WARN([cross compiling: not checking])
cd018561 1823 ]
1824)
58d100bf 1825
9780116c 1826# Sanity check OpenSSL headers
1827AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1828AC_RUN_IFELSE(
479cece8 1829 [AC_LANG_SOURCE([[
9780116c 1830#include <string.h>
1831#include <openssl/opensslv.h>
aec4cb4f 1832int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1833 ]])],
9780116c 1834 [
1835 AC_MSG_RESULT(yes)
1836 ],
1837 [
1838 AC_MSG_RESULT(no)
e15ba28b 1839 AC_MSG_ERROR([Your OpenSSL headers do not match your library.
1840Check config.log for details.
1841Also see contrib/findssl.sh for help identifying header/library mismatches.])
1a01a50c 1842 ],
1843 [
1844 AC_MSG_WARN([cross compiling: not checking])
9780116c 1845 ]
1846)
1847
c7ad0d99 1848AC_ARG_WITH(ssl-engine,
1849 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
1850 [ if test "x$withval" != "xno" ; then
1851 AC_MSG_CHECKING(for OpenSSL ENGINE support)
1852 AC_TRY_COMPILE(
1853 [ #include <openssl/engine.h>],
1854 [
1855int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
1856 ],
1857 [ AC_MSG_RESULT(yes)
1858 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
1859 [Enable OpenSSL engine support])
1860 ],
1861 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
1862 )
1863 fi ]
1864)
1865
e5146707 1866# Check for OpenSSL without EVP_aes_{192,256}_cbc
1867AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
1868AC_COMPILE_IFELSE(
1869 [AC_LANG_SOURCE([[
1870#include <string.h>
1871#include <openssl/evp.h>
300ea548 1872int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 1873 ]])],
1874 [
1875 AC_MSG_RESULT(no)
1876 ],
1877 [
1878 AC_MSG_RESULT(yes)
1879 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
1880 [libcrypto is missing AES 192 and 256 bit functions])
1881 ]
1882)
1883
5486a457 1884# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
1885# because the system crypt() is more featureful.
1886if test "x$check_for_libcrypt_before" = "x1"; then
1887 AC_CHECK_LIB(crypt, crypt)
1888fi
1889
aff51935 1890# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 1891# version in OpenSSL.
05114c74 1892if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 1893 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 1894fi
1895
13ff27b7 1896# Search for SHA256 support in libc and/or OpenSSL
1897AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
1898
4c653d8e 1899AC_CHECK_LIB(iaf, ia_openinfo)
f1b0ecc3 1900
1901### Configure cryptographic random number support
1902
1903# Check wheter OpenSSL seeds itself
1904AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 1905AC_RUN_IFELSE(
479cece8 1906 [AC_LANG_SOURCE([[
f1b0ecc3 1907#include <string.h>
1908#include <openssl/rand.h>
aec4cb4f 1909int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 1910 ]])],
f1b0ecc3 1911 [
1912 OPENSSL_SEEDS_ITSELF=yes
1913 AC_MSG_RESULT(yes)
1914 ],
1915 [
1916 AC_MSG_RESULT(no)
1917 # Default to use of the rand helper if OpenSSL doesn't
1918 # seed itself
1919 USE_RAND_HELPER=yes
1a01a50c 1920 ],
1921 [
1922 AC_MSG_WARN([cross compiling: assuming yes])
1923 # This is safe, since all recent OpenSSL versions will
82f4e93d 1924 # complain at runtime if not seeded correctly.
1a01a50c 1925 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 1926 ]
1927)
1928
1929
1930# Do we want to force the use of the rand helper?
1931AC_ARG_WITH(rand-helper,
1932 [ --with-rand-helper Use subprocess to gather strong randomness ],
1933 [
1934 if test "x$withval" = "xno" ; then
aff51935 1935 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 1936 # the previous test showed it to be unseeded.
1937 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
1938 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
1939 OPENSSL_SEEDS_ITSELF=yes
1940 USE_RAND_HELPER=""
1941 fi
1942 else
1943 USE_RAND_HELPER=yes
1944 fi
1945 ],
82f4e93d 1946)
f1b0ecc3 1947
1948# Which randomness source do we use?
4b492aab 1949if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 1950 # OpenSSL only
3466e002 1951 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
1952 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 1953 RAND_MSG="OpenSSL internal ONLY"
1954 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 1955elif test ! -z "$USE_RAND_HELPER" ; then
1956 # install rand helper
f1b0ecc3 1957 RAND_MSG="ssh-rand-helper"
1958 INSTALL_SSH_RAND_HELPER="yes"
1959fi
1960AC_SUBST(INSTALL_SSH_RAND_HELPER)
1961
1962### Configuration of ssh-rand-helper
1963
1964# PRNGD TCP socket
1965AC_ARG_WITH(prngd-port,
1966 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
1967 [
eb5d7ff6 1968 case "$withval" in
1969 no)
1970 withval=""
1971 ;;
1972 [[0-9]]*)
1973 ;;
1974 *)
1975 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
1976 ;;
1977 esac
1978 if test ! -z "$withval" ; then
f1b0ecc3 1979 PRNGD_PORT="$withval"
3466e002 1980 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
1981 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 1982 fi
1983 ]
1984)
1985
1986# PRNGD Unix domain socket
1987AC_ARG_WITH(prngd-socket,
1988 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
1989 [
eb5d7ff6 1990 case "$withval" in
1991 yes)
f1b0ecc3 1992 withval="/var/run/egd-pool"
eb5d7ff6 1993 ;;
1994 no)
1995 withval=""
1996 ;;
1997 /*)
1998 ;;
1999 *)
2000 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2001 ;;
2002 esac
2003
2004 if test ! -z "$withval" ; then
f1b0ecc3 2005 if test ! -z "$PRNGD_PORT" ; then
2006 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2007 fi
906e811b 2008 if test ! -r "$withval" ; then
f1b0ecc3 2009 AC_MSG_WARN(Entropy socket is not readable)
2010 fi
2011 PRNGD_SOCKET="$withval"
3466e002 2012 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2013 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2014 fi
ddceb1c8 2015 ],
2016 [
2017 # Check for existing socket only if we don't have a random device already
2018 if test "$USE_RAND_HELPER" = yes ; then
2019 AC_MSG_CHECKING(for PRNGD/EGD socket)
2020 # Insert other locations here
2021 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2022 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2023 PRNGD_SOCKET="$sock"
2024 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2025 break;
2026 fi
2027 done
2028 if test ! -z "$PRNGD_SOCKET" ; then
2029 AC_MSG_RESULT($PRNGD_SOCKET)
2030 else
2031 AC_MSG_RESULT(not found)
2032 fi
2033 fi
f1b0ecc3 2034 ]
2035)
2036
2037# Change default command timeout for hashing entropy source
2038entropy_timeout=200
2039AC_ARG_WITH(entropy-timeout,
2040 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2041 [
6cf0200f 2042 if test -n "$withval" && test "x$withval" != "xno" && \
2043 test "x${withval}" != "xyes"; then
f1b0ecc3 2044 entropy_timeout=$withval
2045 fi
82f4e93d 2046 ]
f1b0ecc3 2047)
3466e002 2048AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2049 [Builtin PRNG command timeout])
f1b0ecc3 2050
fd3cbf67 2051SSH_PRIVSEP_USER=sshd
9a0fbcb3 2052AC_ARG_WITH(privsep-user,
5222e7ef 2053 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2054 [
6cf0200f 2055 if test -n "$withval" && test "x$withval" != "xno" && \
2056 test "x${withval}" != "xyes"; then
fd3cbf67 2057 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2058 fi
82f4e93d 2059 ]
9a0fbcb3 2060)
3466e002 2061AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2062 [non-privileged user for privilege separation])
fd3cbf67 2063AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2064
81dadca3 2065# We do this little dance with the search path to insure
2066# that programs that we select for use by installed programs
2067# (which may be run by the super-user) come from trusted
2068# locations before they come from the user's private area.
2069# This should help avoid accidentally configuring some
2070# random version of a program in someone's personal bin.
2071
2072OPATH=$PATH
2073PATH=/bin:/usr/bin
f95c8ce8 2074test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2075test -d /sbin && PATH=$PATH:/sbin
2076test -d /usr/sbin && PATH=$PATH:/usr/sbin
2077PATH=$PATH:/etc:$OPATH
2078
aff51935 2079# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2080OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2081OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2082OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2083OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2084OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2085OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2086OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2087OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2088OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2089OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2090OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2091OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2092OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2093OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2094OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2095OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2096# restore PATH
2097PATH=$OPATH
f1b0ecc3 2098
2099# Where does ssh-rand-helper get its randomness from?
2100INSTALL_SSH_PRNG_CMDS=""
2101if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2102 if test ! -z "$PRNGD_PORT" ; then
2103 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2104 elif test ! -z "$PRNGD_SOCKET" ; then
2105 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2106 else
2107 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2108 RAND_HELPER_CMDHASH=yes
2109 INSTALL_SSH_PRNG_CMDS="yes"
2110 fi
2111fi
2112AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2113
2114
66d6c27e 2115# Cheap hack to ensure NEWS-OS libraries are arranged right.
2116if test ! -z "$SONY" ; then
2117 LIBS="$LIBS -liberty";
2118fi
2119
9a406e1e 2120# Check for long long datatypes
2121AC_CHECK_TYPES([long long, unsigned long long, long double])
2122
2123# Check datatype sizes
976f7e19 2124AC_CHECK_SIZEOF(char, 1)
2b942fe0 2125AC_CHECK_SIZEOF(short int, 2)
2126AC_CHECK_SIZEOF(int, 4)
2127AC_CHECK_SIZEOF(long int, 4)
2128AC_CHECK_SIZEOF(long long int, 8)
2129
52f1ccb2 2130# Sanity check long long for some platforms (AIX)
2131if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2132 ac_cv_sizeof_long_long_int=0
2133fi
2134
90f15776 2135# compute LLONG_MIN and LLONG_MAX if we don't know them.
2136if test -z "$have_llong_max"; then
2137 AC_MSG_CHECKING([for max value of long long])
2138 AC_RUN_IFELSE(
2139 [AC_LANG_SOURCE([[
2140#include <stdio.h>
2141/* Why is this so damn hard? */
2142#ifdef __GNUC__
2143# undef __GNUC__
2144#endif
2145#define __USE_ISOC99
2146#include <limits.h>
2147#define DATA "conftest.llminmax"
055252ed 2148#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2149
2150/*
2151 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2152 * we do this the hard way.
2153 */
2154static int
2155fprint_ll(FILE *f, long long n)
2156{
2157 unsigned int i;
2158 int l[sizeof(long long) * 8];
2159
2160 if (n < 0)
2161 if (fprintf(f, "-") < 0)
2162 return -1;
2163 for (i = 0; n != 0; i++) {
2164 l[i] = my_abs(n % 10);
2165 n /= 10;
2166 }
2167 do {
2168 if (fprintf(f, "%d", l[--i]) < 0)
2169 return -1;
2170 } while (i != 0);
2171 if (fprintf(f, " ") < 0)
2172 return -1;
2173 return 0;
2174}
2175
90f15776 2176int main(void) {
2177 FILE *f;
2178 long long i, llmin, llmax = 0;
2179
2180 if((f = fopen(DATA,"w")) == NULL)
2181 exit(1);
2182
2183#if defined(LLONG_MIN) && defined(LLONG_MAX)
2184 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2185 llmin = LLONG_MIN;
2186 llmax = LLONG_MAX;
2187#else
2188 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2189 /* This will work on one's complement and two's complement */
2190 for (i = 1; i > llmax; i <<= 1, i++)
2191 llmax = i;
2192 llmin = llmax + 1LL; /* wrap */
2193#endif
2194
2195 /* Sanity check */
2196 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2197 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2198 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2199 fprintf(f, "unknown unknown\n");
2200 exit(2);
2201 }
2202
055252ed 2203 if (fprint_ll(f, llmin) < 0)
90f15776 2204 exit(3);
055252ed 2205 if (fprint_ll(f, llmax) < 0)
2206 exit(4);
2207 if (fclose(f) < 0)
2208 exit(5);
90f15776 2209 exit(0);
2210}
2211 ]])],
2212 [
2213 llong_min=`$AWK '{print $1}' conftest.llminmax`
2214 llong_max=`$AWK '{print $2}' conftest.llminmax`
2215
90f15776 2216 AC_MSG_RESULT($llong_max)
2217 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2218 [max value of long long calculated by configure])
2219 AC_MSG_CHECKING([for min value of long long])
2220 AC_MSG_RESULT($llong_min)
2221 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2222 [min value of long long calculated by configure])
2223 ],
2224 [
2225 AC_MSG_RESULT(not found)
2226 ],
2227 [
2228 AC_MSG_WARN([cross compiling: not checking])
2229 ]
2230 )
2231fi
2232
2233
a0391976 2234# More checks for data types
14a9a859 2235AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2236 AC_TRY_COMPILE(
aff51935 2237 [ #include <sys/types.h> ],
2238 [ u_int a; a = 1;],
14a9a859 2239 [ ac_cv_have_u_int="yes" ],
2240 [ ac_cv_have_u_int="no" ]
2241 )
2242])
2243if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2244 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2245 have_u_int=1
2246fi
2247
58d100bf 2248AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2249 AC_TRY_COMPILE(
aff51935 2250 [ #include <sys/types.h> ],
2251 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2252 [ ac_cv_have_intxx_t="yes" ],
2253 [ ac_cv_have_intxx_t="no" ]
2254 )
2255])
2256if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2257 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2258 have_intxx_t=1
2259fi
41cb4569 2260
2261if (test -z "$have_intxx_t" && \
aff51935 2262 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2263then
2264 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2265 AC_TRY_COMPILE(
aff51935 2266 [ #include <stdint.h> ],
2267 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2268 [
2269 AC_DEFINE(HAVE_INTXX_T)
2270 AC_MSG_RESULT(yes)
2271 ],
2272 [ AC_MSG_RESULT(no) ]
2273 )
2274fi
2275
bd590612 2276AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2277 AC_TRY_COMPILE(
1cbbe6c8 2278 [
2279#include <sys/types.h>
2280#ifdef HAVE_STDINT_H
2281# include <stdint.h>
2282#endif
2283#include <sys/socket.h>
2284#ifdef HAVE_SYS_BITYPES_H
2285# include <sys/bitypes.h>
2286#endif
aff51935 2287 ],
2288 [ int64_t a; a = 1;],
bd590612 2289 [ ac_cv_have_int64_t="yes" ],
2290 [ ac_cv_have_int64_t="no" ]
2291 )
2292])
2293if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2294 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2295fi
2296
58d100bf 2297AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2298 AC_TRY_COMPILE(
aff51935 2299 [ #include <sys/types.h> ],
2300 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2301 [ ac_cv_have_u_intxx_t="yes" ],
2302 [ ac_cv_have_u_intxx_t="no" ]
2303 )
2304])
2305if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2306 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2307 have_u_intxx_t=1
2308fi
2b942fe0 2309
41cb4569 2310if test -z "$have_u_intxx_t" ; then
2311 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2312 AC_TRY_COMPILE(
aff51935 2313 [ #include <sys/socket.h> ],
2314 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2315 [
2316 AC_DEFINE(HAVE_U_INTXX_T)
2317 AC_MSG_RESULT(yes)
2318 ],
2319 [ AC_MSG_RESULT(no) ]
2320 )
2321fi
2322
bd590612 2323AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2324 AC_TRY_COMPILE(
aff51935 2325 [ #include <sys/types.h> ],
2326 [ u_int64_t a; a = 1;],
bd590612 2327 [ ac_cv_have_u_int64_t="yes" ],
2328 [ ac_cv_have_u_int64_t="no" ]
2329 )
2330])
2331if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2332 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2333 have_u_int64_t=1
2334fi
2335
ddceb1c8 2336if test -z "$have_u_int64_t" ; then
2337 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2338 AC_TRY_COMPILE(
aff51935 2339 [ #include <sys/bitypes.h> ],
ddceb1c8 2340 [ u_int64_t a; a = 1],
2341 [
2342 AC_DEFINE(HAVE_U_INT64_T)
2343 AC_MSG_RESULT(yes)
2344 ],
2345 [ AC_MSG_RESULT(no) ]
2346 )
2347fi
2348
41cb4569 2349if test -z "$have_u_intxx_t" ; then
2350 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2351 AC_TRY_COMPILE(
2352 [
2353#include <sys/types.h>
aff51935 2354 ],
2355 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2356 [ ac_cv_have_uintxx_t="yes" ],
2357 [ ac_cv_have_uintxx_t="no" ]
2358 )
2359 ])
2360 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2361 AC_DEFINE(HAVE_UINTXX_T, 1,
2362 [define if you have uintxx_t data type])
41cb4569 2363 fi
2364fi
2365
2366if test -z "$have_uintxx_t" ; then
2367 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2368 AC_TRY_COMPILE(
aff51935 2369 [ #include <stdint.h> ],
2370 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2371 [
2372 AC_DEFINE(HAVE_UINTXX_T)
2373 AC_MSG_RESULT(yes)
2374 ],
2375 [ AC_MSG_RESULT(no) ]
2376 )
2377fi
2378
e5fe9a1f 2379if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2380 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2381then
2382 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2383 AC_TRY_COMPILE(
58d100bf 2384 [
2385#include <sys/bitypes.h>
aff51935 2386 ],
5cdfe03f 2387 [
837c30b8 2388 int8_t a; int16_t b; int32_t c;
2389 u_int8_t e; u_int16_t f; u_int32_t g;
2390 a = b = c = e = f = g = 1;
aff51935 2391 ],
5cdfe03f 2392 [
2393 AC_DEFINE(HAVE_U_INTXX_T)
2394 AC_DEFINE(HAVE_INTXX_T)
2395 AC_MSG_RESULT(yes)
2396 ],
2397 [AC_MSG_RESULT(no)]
aff51935 2398 )
5cdfe03f 2399fi
2400
0362750e 2401
2402AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2403 AC_TRY_COMPILE(
2404 [
2405#include <sys/types.h>
2406 ],
2407 [ u_char foo; foo = 125; ],
2408 [ ac_cv_have_u_char="yes" ],
2409 [ ac_cv_have_u_char="no" ]
2410 )
2411])
2412if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2413 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2414fi
2415
98a7c37b 2416TYPE_SOCKLEN_T
2b942fe0 2417
2d16d9a3 2418AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2419
777ece68 2420AC_CHECK_TYPES(in_addr_t,,,
2421[#include <sys/types.h>
2422#include <netinet/in.h>])
7b578f7d 2423
58d100bf 2424AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2425 AC_TRY_COMPILE(
2426 [
18ba2aab 2427#include <sys/types.h>
58d100bf 2428 ],
2429 [ size_t foo; foo = 1235; ],
2430 [ ac_cv_have_size_t="yes" ],
2431 [ ac_cv_have_size_t="no" ]
2432 )
2433])
2434if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2435 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2436fi
ea1970a3 2437
c04f75f1 2438AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2439 AC_TRY_COMPILE(
2440 [
2441#include <sys/types.h>
2442 ],
2443 [ ssize_t foo; foo = 1235; ],
2444 [ ac_cv_have_ssize_t="yes" ],
2445 [ ac_cv_have_ssize_t="no" ]
2446 )
2447])
2448if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2449 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2450fi
2451
f1c4659d 2452AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2453 AC_TRY_COMPILE(
2454 [
2455#include <time.h>
2456 ],
2457 [ clock_t foo; foo = 1235; ],
2458 [ ac_cv_have_clock_t="yes" ],
2459 [ ac_cv_have_clock_t="no" ]
2460 )
2461])
2462if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2463 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2464fi
2465
1c04b088 2466AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2467 AC_TRY_COMPILE(
2468 [
2469#include <sys/types.h>
2470#include <sys/socket.h>
2471 ],
2472 [ sa_family_t foo; foo = 1235; ],
2473 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2474 [ AC_TRY_COMPILE(
2475 [
2476#include <sys/types.h>
2477#include <sys/socket.h>
2478#include <netinet/in.h>
2479 ],
2480 [ sa_family_t foo; foo = 1235; ],
2481 [ ac_cv_have_sa_family_t="yes" ],
2482
1c04b088 2483 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2484 )]
1c04b088 2485 )
2486])
2487if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2488 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2489 [define if you have sa_family_t data type])
1c04b088 2490fi
2491
729bfe59 2492AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2493 AC_TRY_COMPILE(
2494 [
2495#include <sys/types.h>
2496 ],
2497 [ pid_t foo; foo = 1235; ],
2498 [ ac_cv_have_pid_t="yes" ],
2499 [ ac_cv_have_pid_t="no" ]
2500 )
2501])
2502if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2503 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2504fi
2505
2506AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2507 AC_TRY_COMPILE(
2508 [
2509#include <sys/types.h>
2510 ],
2511 [ mode_t foo; foo = 1235; ],
2512 [ ac_cv_have_mode_t="yes" ],
2513 [ ac_cv_have_mode_t="no" ]
2514 )
2515])
2516if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2517 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2518fi
2519
e3a93db0 2520
58d100bf 2521AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2522 AC_TRY_COMPILE(
2523 [
18ba2aab 2524#include <sys/types.h>
2525#include <sys/socket.h>
58d100bf 2526 ],
2527 [ struct sockaddr_storage s; ],
2528 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2529 [ ac_cv_have_struct_sockaddr_storage="no" ]
2530 )
2531])
2532if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2533 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2534 [define if you have struct sockaddr_storage data type])
58d100bf 2535fi
48e671d5 2536
58d100bf 2537AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2538 AC_TRY_COMPILE(
2539 [
cbd7492e 2540#include <sys/types.h>
58d100bf 2541#include <netinet/in.h>
2542 ],
2543 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2544 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2545 [ ac_cv_have_struct_sockaddr_in6="no" ]
2546 )
2547])
2548if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2549 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2550 [define if you have struct sockaddr_in6 data type])
58d100bf 2551fi
48e671d5 2552
58d100bf 2553AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2554 AC_TRY_COMPILE(
2555 [
cbd7492e 2556#include <sys/types.h>
58d100bf 2557#include <netinet/in.h>
2558 ],
2559 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2560 [ ac_cv_have_struct_in6_addr="yes" ],
2561 [ ac_cv_have_struct_in6_addr="no" ]
2562 )
2563])
2564if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2565 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2566 [define if you have struct in6_addr data type])
58d100bf 2567fi
48e671d5 2568
58d100bf 2569AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2570 AC_TRY_COMPILE(
2571 [
18ba2aab 2572#include <sys/types.h>
2573#include <sys/socket.h>
2574#include <netdb.h>
58d100bf 2575 ],
2576 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2577 [ ac_cv_have_struct_addrinfo="yes" ],
2578 [ ac_cv_have_struct_addrinfo="no" ]
2579 )
2580])
2581if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2582 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2583 [define if you have struct addrinfo data type])
58d100bf 2584fi
2585
89c7e31c 2586AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2587 AC_TRY_COMPILE(
aff51935 2588 [ #include <sys/time.h> ],
2589 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2590 [ ac_cv_have_struct_timeval="yes" ],
2591 [ ac_cv_have_struct_timeval="no" ]
2592 )
2593])
2594if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2595 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2596 have_struct_timeval=1
2597fi
2598
5271b55c 2599AC_CHECK_TYPES(struct timespec)
2600
85abc74b 2601# We need int64_t or else certian parts of the compile will fail.
4b492aab 2602if test "x$ac_cv_have_int64_t" = "xno" && \
2603 test "x$ac_cv_sizeof_long_int" != "x8" && \
2604 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2605 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2606 echo "an alternative compiler (I.E., GCC) before continuing."
2607 echo ""
2608 exit 1;
733cf7f4 2609else
2610dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2611 AC_RUN_IFELSE(
479cece8 2612 [AC_LANG_SOURCE([[
733cf7f4 2613#include <stdio.h>
2614#include <string.h>
2615#ifdef HAVE_SNPRINTF
2616main()
2617{
2618 char buf[50];
2619 char expected_out[50];
2620 int mazsize = 50 ;
2621#if (SIZEOF_LONG_INT == 8)
2622 long int num = 0x7fffffffffffffff;
2623#else
763a1a18 2624 long long num = 0x7fffffffffffffffll;
733cf7f4 2625#endif
2626 strcpy(expected_out, "9223372036854775807");
2627 snprintf(buf, mazsize, "%lld", num);
2628 if(strcmp(buf, expected_out) != 0)
aff51935 2629 exit(1);
733cf7f4 2630 exit(0);
2631}
2632#else
2633main() { exit(0); }
2634#endif
479cece8 2635 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2636 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2637 )
2c523de9 2638fi
2639
77bb0bca 2640dnl Checks for structure members
58d100bf 2641OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2642OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2643OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2644OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2645OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2646OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2647OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2648OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2649OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2650OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2651OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2652OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2653OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2654OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2655OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2656OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2657OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2658
2659AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2660AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2661 [Define if we don't have struct __res_state in resolv.h])],
2662[
2663#include <stdio.h>
2664#if HAVE_SYS_TYPES_H
2665# include <sys/types.h>
2666#endif
2667#include <netinet/in.h>
2668#include <arpa/nameser.h>
2669#include <resolv.h>
2670])
1d7b9b20 2671
58d100bf 2672AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2673 ac_cv_have_ss_family_in_struct_ss, [
2674 AC_TRY_COMPILE(
2675 [
18ba2aab 2676#include <sys/types.h>
2677#include <sys/socket.h>
58d100bf 2678 ],
2679 [ struct sockaddr_storage s; s.ss_family = 1; ],
2680 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2681 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2682 )
2683])
2684if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2685 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2686fi
2687
58d100bf 2688AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2689 ac_cv_have___ss_family_in_struct_ss, [
2690 AC_TRY_COMPILE(
2691 [
18ba2aab 2692#include <sys/types.h>
2693#include <sys/socket.h>
58d100bf 2694 ],
2695 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2696 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2697 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2698 )
2699])
2700if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2701 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2702 [Fields in struct sockaddr_storage])
58d100bf 2703fi
2704
2e73a022 2705AC_CACHE_CHECK([for pw_class field in struct passwd],
2706 ac_cv_have_pw_class_in_struct_passwd, [
2707 AC_TRY_COMPILE(
2708 [
2e73a022 2709#include <pwd.h>
2710 ],
97994d32 2711 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2712 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2713 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2714 )
2715])
2716if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2717 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2718 [Define if your password has a pw_class field])
2e73a022 2719fi
2720
7751d4eb 2721AC_CACHE_CHECK([for pw_expire field in struct passwd],
2722 ac_cv_have_pw_expire_in_struct_passwd, [
2723 AC_TRY_COMPILE(
2724 [
2725#include <pwd.h>
2726 ],
2727 [ struct passwd p; p.pw_expire = 0; ],
2728 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2729 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2730 )
2731])
2732if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2733 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2734 [Define if your password has a pw_expire field])
7751d4eb 2735fi
2736
2737AC_CACHE_CHECK([for pw_change field in struct passwd],
2738 ac_cv_have_pw_change_in_struct_passwd, [
2739 AC_TRY_COMPILE(
2740 [
2741#include <pwd.h>
2742 ],
2743 [ struct passwd p; p.pw_change = 0; ],
2744 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2745 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2746 )
2747])
2748if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2749 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2750 [Define if your password has a pw_change field])
7751d4eb 2751fi
58d100bf 2752
637f9177 2753dnl make sure we're using the real structure members and not defines
6f34652e 2754AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2755 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2756 AC_COMPILE_IFELSE(
6f34652e 2757 [
f95c8ce8 2758#include <sys/types.h>
6f34652e 2759#include <sys/socket.h>
2760#include <sys/uio.h>
637f9177 2761int main() {
2762#ifdef msg_accrights
1a01a50c 2763#error "msg_accrights is a macro"
637f9177 2764exit(1);
2765#endif
2766struct msghdr m;
2767m.msg_accrights = 0;
2768exit(0);
2769}
6f34652e 2770 ],
6f34652e 2771 [ ac_cv_have_accrights_in_msghdr="yes" ],
2772 [ ac_cv_have_accrights_in_msghdr="no" ]
2773 )
2774])
2775if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 2776 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
2777 [Define if your system uses access rights style
2778 file descriptor passing])
6f34652e 2779fi
2780
7176df4f 2781AC_CACHE_CHECK([for msg_control field in struct msghdr],
2782 ac_cv_have_control_in_msghdr, [
1a01a50c 2783 AC_COMPILE_IFELSE(
7176df4f 2784 [
f95c8ce8 2785#include <sys/types.h>
7176df4f 2786#include <sys/socket.h>
2787#include <sys/uio.h>
637f9177 2788int main() {
2789#ifdef msg_control
1a01a50c 2790#error "msg_control is a macro"
637f9177 2791exit(1);
2792#endif
2793struct msghdr m;
2794m.msg_control = 0;
2795exit(0);
2796}
7176df4f 2797 ],
7176df4f 2798 [ ac_cv_have_control_in_msghdr="yes" ],
2799 [ ac_cv_have_control_in_msghdr="no" ]
2800 )
2801])
2802if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 2803 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
2804 [Define if your system uses ancillary data style
2805 file descriptor passing])
7176df4f 2806fi
2807
58d100bf 2808AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 2809 AC_TRY_LINK([],
2810 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 2811 [ ac_cv_libc_defines___progname="yes" ],
2812 [ ac_cv_libc_defines___progname="no" ]
2813 )
2814])
2815if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 2816 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 2817fi
8946db53 2818
c921ee00 2819AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
2820 AC_TRY_LINK([
2821#include <stdio.h>
aff51935 2822],
2823 [ printf("%s", __FUNCTION__); ],
c921ee00 2824 [ ac_cv_cc_implements___FUNCTION__="yes" ],
2825 [ ac_cv_cc_implements___FUNCTION__="no" ]
2826 )
2827])
2828if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 2829 AC_DEFINE(HAVE___FUNCTION__, 1,
2830 [Define if compiler implements __FUNCTION__])
c921ee00 2831fi
2832
2833AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
2834 AC_TRY_LINK([
2835#include <stdio.h>
aff51935 2836],
2837 [ printf("%s", __func__); ],
c921ee00 2838 [ ac_cv_cc_implements___func__="yes" ],
2839 [ ac_cv_cc_implements___func__="no" ]
2840 )
2841])
2842if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 2843 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 2844fi
2845
9a406e1e 2846AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
2847 AC_TRY_LINK(
2848 [#include <stdarg.h>
2849 va_list x,y;],
2850 [va_copy(x,y);],
2851 [ ac_cv_have_va_copy="yes" ],
2852 [ ac_cv_have_va_copy="no" ]
2853 )
2854])
2855if test "x$ac_cv_have_va_copy" = "xyes" ; then
2856 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
2857fi
2858
2859AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
2860 AC_TRY_LINK(
2861 [#include <stdarg.h>
2862 va_list x,y;],
2863 [__va_copy(x,y);],
2864 [ ac_cv_have___va_copy="yes" ],
2865 [ ac_cv_have___va_copy="no" ]
2866 )
2867])
2868if test "x$ac_cv_have___va_copy" = "xyes" ; then
2869 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
2870fi
2871
1812a662 2872AC_CACHE_CHECK([whether getopt has optreset support],
2873 ac_cv_have_getopt_optreset, [
2874 AC_TRY_LINK(
2875 [
2876#include <getopt.h>
2877 ],
2878 [ extern int optreset; optreset = 0; ],
2879 [ ac_cv_have_getopt_optreset="yes" ],
2880 [ ac_cv_have_getopt_optreset="no" ]
2881 )
2882])
2883if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 2884 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
2885 [Define if your getopt(3) defines and uses optreset])
1812a662 2886fi
a0391976 2887
819b676f 2888AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 2889 AC_TRY_LINK([],
2890 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 2891 [ ac_cv_libc_defines_sys_errlist="yes" ],
2892 [ ac_cv_libc_defines_sys_errlist="no" ]
2893 )
2894])
2895if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 2896 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
2897 [Define if your system defines sys_errlist[]])
819b676f 2898fi
2899
2900
416ed5a7 2901AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 2902 AC_TRY_LINK([],
2903 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 2904 [ ac_cv_libc_defines_sys_nerr="yes" ],
2905 [ ac_cv_libc_defines_sys_nerr="no" ]
2906 )
2907])
2908if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 2909 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 2910fi
2911
aff51935 2912SCARD_MSG="no"
295c8801 2913# Check whether user wants sectok support
2914AC_ARG_WITH(sectok,
2915 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 2916 [
2917 if test "x$withval" != "xno" ; then
2918 if test "x$withval" != "xyes" ; then
2919 CPPFLAGS="$CPPFLAGS -I${withval}"
2920 LDFLAGS="$LDFLAGS -L${withval}"
2921 if test ! -z "$need_dash_r" ; then
2922 LDFLAGS="$LDFLAGS -R${withval}"
2923 fi
2924 if test ! -z "$blibpath" ; then
2925 blibpath="$blibpath:${withval}"
2926 fi
2927 fi
2928 AC_CHECK_HEADERS(sectok.h)
2929 if test "$ac_cv_header_sectok_h" != yes; then
2930 AC_MSG_ERROR(Can't find sectok.h)
2931 fi
2932 AC_CHECK_LIB(sectok, sectok_open)
2933 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
2934 AC_MSG_ERROR(Can't find libsectok)
2935 fi
3466e002 2936 AC_DEFINE(SMARTCARD, 1,
2937 [Define if you want smartcard support])
2938 AC_DEFINE(USE_SECTOK, 1,
2939 [Define if you want smartcard support
2940 using sectok])
aff51935 2941 SCARD_MSG="yes, using sectok"
295c8801 2942 fi
2943 ]
2944)
2945
2946# Check whether user wants OpenSC support
987b458f 2947OPENSC_CONFIG="no"
295c8801 2948AC_ARG_WITH(opensc,
e47fb473 2949 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 2950 [
2951 if test "x$withval" != "xno" ; then
2952 if test "x$withval" != "xyes" ; then
2953 OPENSC_CONFIG=$withval/bin/opensc-config
2954 else
2955 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
2956 fi
2957 if test "$OPENSC_CONFIG" != "no"; then
2958 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
2959 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
2960 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
2961 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
2962 AC_DEFINE(SMARTCARD)
3466e002 2963 AC_DEFINE(USE_OPENSC, 1,
2964 [Define if you want smartcard support
2965 using OpenSC])
987b458f 2966 SCARD_MSG="yes, using OpenSC"
2967 fi
2968 fi
2969 ]
2970)
d0b19c95 2971
c31dc31c 2972# Check libraries needed by DNS fingerprint support
aff51935 2973AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 2974 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
2975 [Define if getrrsetbyname() exists])],
3e05e934 2976 [
c31dc31c 2977 # Needed by our getrrsetbyname()
2978 AC_SEARCH_LIBS(res_query, resolv)
2979 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 2980 AC_MSG_CHECKING(if res_query will link)
2981 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
2982 [AC_MSG_RESULT(no)
2983 saved_LIBS="$LIBS"
2984 LIBS="$LIBS -lresolv"
2985 AC_MSG_CHECKING(for res_query in -lresolv)
2986 AC_LINK_IFELSE([
2987#include <resolv.h>
2988int main()
2989{
2990 res_query (0, 0, 0, 0, 0);
2991 return 0;
2992}
2993 ],
2994 [LIBS="$LIBS -lresolv"
2995 AC_MSG_RESULT(yes)],
2996 [LIBS="$saved_LIBS"
2997 AC_MSG_RESULT(no)])
2998 ])
c31dc31c 2999 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3000 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3001 [#include <sys/types.h>
3002 #include <arpa/nameser.h>])
c31dc31c 3003 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3004 [AC_DEFINE(HAVE_HEADER_AD, 1,
3005 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3006 [#include <arpa/nameser.h>])
3007 ])
3e05e934 3008
ef4d1846 3009# Check whether user wants SELinux support
3010SELINUX_MSG="no"
3011LIBSELINUX=""
3012AC_ARG_WITH(selinux,
3013 [ --with-selinux Enable SELinux support],
3014 [ if test "x$withval" != "xno" ; then
3015 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3016 SELINUX_MSG="yes"
3017 AC_CHECK_HEADER([selinux/selinux.h], ,
3018 AC_MSG_ERROR(SELinux support requires selinux.h header))
3019 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3020 AC_MSG_ERROR(SELinux support requires libselinux library))
3021 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
3022 fi ]
3023)
3024AC_SUBST(LIBSELINUX)
3025
12928e80 3026# Check whether user wants Kerberos 5 support
aff51935 3027KRB5_MSG="no"
12928e80 3028AC_ARG_WITH(kerberos5,
aff51935 3029 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3030 [ if test "x$withval" != "xno" ; then
3031 if test "x$withval" = "xyes" ; then
3032 KRB5ROOT="/usr/local"
3033 else
3034 KRB5ROOT=${withval}
3035 fi
3036
3466e002 3037 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3038 KRB5_MSG="yes"
3039
3040 AC_MSG_CHECKING(for krb5-config)
3041 if test -x $KRB5ROOT/bin/krb5-config ; then
3042 KRB5CONF=$KRB5ROOT/bin/krb5-config
3043 AC_MSG_RESULT($KRB5CONF)
3044
3045 AC_MSG_CHECKING(for gssapi support)
3046 if $KRB5CONF | grep gssapi >/dev/null ; then
3047 AC_MSG_RESULT(yes)
3466e002 3048 AC_DEFINE(GSSAPI, 1,
3049 [Define this if you want GSSAPI
3050 support in the version 2 protocol])
071970fb 3051 k5confopts=gssapi
aff51935 3052 else
5585c441 3053 AC_MSG_RESULT(no)
071970fb 3054 k5confopts=""
aff51935 3055 fi
071970fb 3056 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3057 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3058 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3059 AC_MSG_CHECKING(whether we are using Heimdal)
3060 AC_TRY_COMPILE([ #include <krb5.h> ],
3061 [ char *tmp = heimdal_version; ],
3062 [ AC_MSG_RESULT(yes)
3466e002 3063 AC_DEFINE(HEIMDAL, 1,
3064 [Define this if you are using the
3065 Heimdal version of Kerberos V5]) ],
5585c441 3066 AC_MSG_RESULT(no)
3067 )
3068 else
3069 AC_MSG_RESULT(no)
12928e80 3070 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3071 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3072 AC_MSG_CHECKING(whether we are using Heimdal)
3073 AC_TRY_COMPILE([ #include <krb5.h> ],
3074 [ char *tmp = heimdal_version; ],
3075 [ AC_MSG_RESULT(yes)
3076 AC_DEFINE(HEIMDAL)
41707f74 3077 K5LIBS="-lkrb5 -ldes"
3078 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3079 AC_CHECK_LIB(roken, net_write,
41707f74 3080 [K5LIBS="$K5LIBS -lroken"])
aff51935 3081 ],
3082 [ AC_MSG_RESULT(no)
3083 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3084 ]
3085 )
4e00038c 3086 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3087
749560dd 3088 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3089 [ AC_DEFINE(GSSAPI)
3090 K5LIBS="-lgssapi $K5LIBS" ],
3091 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3092 [ AC_DEFINE(GSSAPI)
aff51935 3093 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3094 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3095 $K5LIBS)
3096 ],
3097 $K5LIBS)
82f4e93d 3098
749560dd 3099 AC_CHECK_HEADER(gssapi.h, ,
3100 [ unset ac_cv_header_gssapi_h
aff51935 3101 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3102 AC_CHECK_HEADERS(gssapi.h, ,
3103 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3104 )
749560dd 3105 ]
3106 )
3107
3108 oldCPP="$CPPFLAGS"
3109 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3110 AC_CHECK_HEADER(gssapi_krb5.h, ,
3111 [ CPPFLAGS="$oldCPP" ])
3112
aff51935 3113 fi
5585c441 3114 if test ! -z "$need_dash_r" ; then
3115 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3116 fi
3117 if test ! -z "$blibpath" ; then
3118 blibpath="$blibpath:${KRB5ROOT}/lib"
3119 fi
071970fb 3120
f5555364 3121 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3122 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3123 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3124
f5555364 3125 LIBS="$LIBS $K5LIBS"
3466e002 3126 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3127 [Define this if you want to use libkafs' AFS support]))
f5555364 3128 fi
071970fb 3129 ]
12928e80 3130)
b5b68128 3131
a0391976 3132# Looking for programs, paths and files
a0391976 3133
ecac8ee5 3134PRIVSEP_PATH=/var/empty
3135AC_ARG_WITH(privsep-path,
cda1ebcb 3136 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3137 [
6cf0200f 3138 if test -n "$withval" && test "x$withval" != "xno" && \
3139 test "x${withval}" != "xyes"; then
ecac8ee5 3140 PRIVSEP_PATH=$withval
3141 fi
3142 ]
3143)
3144AC_SUBST(PRIVSEP_PATH)
3145
a0391976 3146AC_ARG_WITH(xauth,
3147 [ --with-xauth=PATH Specify path to xauth program ],
3148 [
6cf0200f 3149 if test -n "$withval" && test "x$withval" != "xno" && \
3150 test "x${withval}" != "xyes"; then
cbd7492e 3151 xauth_path=$withval
a0391976 3152 fi
3153 ],
3154 [
2bf42e4a 3155 TestPath="$PATH"
3156 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3157 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3158 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3159 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3160 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3161 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3162 xauth_path="/usr/openwin/bin/xauth"
3163 fi
3164 ]
3165)
3166
65a4b4af 3167STRIP_OPT=-s
3168AC_ARG_ENABLE(strip,
3169 [ --disable-strip Disable calling strip(1) on install],
3170 [
3171 if test "x$enableval" = "xno" ; then
3172 STRIP_OPT=
3173 fi
3174 ]
3175)
3176AC_SUBST(STRIP_OPT)
3177
b3ec54b4 3178if test -z "$xauth_path" ; then
3179 XAUTH_PATH="undefined"
3180 AC_SUBST(XAUTH_PATH)
3181else
3466e002 3182 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3183 [Define if xauth is found in your path])
b3ec54b4 3184 XAUTH_PATH=$xauth_path
3185 AC_SUBST(XAUTH_PATH)
a0391976 3186fi
a0391976 3187
3188# Check for mail directory (last resort if we cannot get it from headers)
3189if test ! -z "$MAIL" ; then
3190 maildir=`dirname $MAIL`
3466e002 3191 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3192 [Set this to your mail directory if you don't have maillock.h])
a0391976 3193fi
3194
479cece8 3195if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3196 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3197 disable_ptmx_check=yes
3198fi
a0391976 3199if test -z "$no_dev_ptmx" ; then
6e879cb4 3200 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3201 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3202 [
3466e002 3203 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3204 [Define if you have /dev/ptmx])
6e879cb4 3205 have_dev_ptmx=1
3206 ]
3207 )
3208 fi
3276571c 3209fi
1a01a50c 3210
479cece8 3211if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3212 AC_CHECK_FILE("/dev/ptc",
3213 [
3466e002 3214 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3215 [Define if you have /dev/ptc])
1a01a50c 3216 have_dev_ptc=1
3217 ]
3218 )
3219else
3220 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3221fi
3276571c 3222
a0391976 3223# Options from here on. Some of these are preset by platform above
fdf6b7aa 3224AC_ARG_WITH(mantype,
5d97cfbf 3225 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3226 [
5d97cfbf 3227 case "$withval" in
3228 man|cat|doc)
3229 MANTYPE=$withval
3230 ;;
3231 *)
3232 AC_MSG_ERROR(invalid man type: $withval)
3233 ;;
3234 esac
c54a6257 3235 ]
3236)
e0c4d3ac 3237if test -z "$MANTYPE"; then
2bf42e4a 3238 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3239 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3240 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3241 MANTYPE=doc
3242 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3243 MANTYPE=man
3244 else
3245 MANTYPE=cat
3246 fi
3247fi
c54a6257 3248AC_SUBST(MANTYPE)
e0c4d3ac 3249if test "$MANTYPE" = "doc"; then
3250 mansubdir=man;
3251else
3252 mansubdir=$MANTYPE;
3253fi
3254AC_SUBST(mansubdir)
0bc5b6fb 3255
a0391976 3256# Check whether to enable MD5 passwords
aff51935 3257MD5_MSG="no"
2ddcfdf3 3258AC_ARG_WITH(md5-passwords,
caf3bc51 3259 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3260 [
bcf36c78 3261 if test "x$withval" != "xno" ; then
3466e002 3262 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3263 [Define if you want to allow MD5 passwords])
aff51935 3264 MD5_MSG="yes"
0bc5b6fb 3265 fi
3266 ]
caf3bc51 3267)
3268
a0391976 3269# Whether to disable shadow password support
a7effaac 3270AC_ARG_WITH(shadow,
3271 [ --without-shadow Disable shadow password support],
3272 [
82f4e93d 3273 if test "x$withval" = "xno" ; then
a7effaac 3274 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3275 disable_shadow=yes
a7effaac 3276 fi
3277 ]
3278)
3279
4cb5ffa0 3280if test -z "$disable_shadow" ; then
3281 AC_MSG_CHECKING([if the systems has expire shadow information])
3282 AC_TRY_COMPILE(
3283 [
3284#include <sys/types.h>
3285#include <shadow.h>
3286 struct spwd sp;
3287 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3288 [ sp_expire_available=yes ], []
3289 )
3290
3291 if test "x$sp_expire_available" = "xyes" ; then
3292 AC_MSG_RESULT(yes)
3466e002 3293 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3294 [Define if you want to use shadow password expire field])
4cb5ffa0 3295 else
3296 AC_MSG_RESULT(no)
3297 fi
3298fi
3299
a0391976 3300# Use ip address instead of hostname in $DISPLAY
44839801 3301if test ! -z "$IPADDR_IN_DISPLAY" ; then
3302 DISPLAY_HACK_MSG="yes"
3466e002 3303 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3304 [Define if you need to use IP address
3305 instead of hostname in $DISPLAY])
44839801 3306else
aff51935 3307 DISPLAY_HACK_MSG="no"
44839801 3308 AC_ARG_WITH(ipaddr-display,
3309 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3310 [
82f4e93d 3311 if test "x$withval" != "xno" ; then
44839801 3312 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3313 DISPLAY_HACK_MSG="yes"
44839801 3314 fi
3315 ]
3316 )
3317fi
a7effaac 3318
95b99395 3319# check for /etc/default/login and use it if present.
daa41e62 3320AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3321 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3322 [ if test "x$enableval" = "xno"; then
3323 AC_MSG_NOTICE([/etc/default/login handling disabled])
3324 etc_default_login=no
3325 else
3326 etc_default_login=yes
3327 fi ],
b0e7249f 3328 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3329 then
3330 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3331 etc_default_login=no
3332 else
3333 etc_default_login=yes
3334 fi ]
694d0cef 3335)
95b99395 3336
694d0cef 3337if test "x$etc_default_login" != "xno"; then
3338 AC_CHECK_FILE("/etc/default/login",
3339 [ external_path_file=/etc/default/login ])
b0e7249f 3340 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3341 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3342 [Define if your system has /etc/default/login])
1a01a50c 3343 fi
694d0cef 3344fi
95b99395 3345
8d184c09 3346dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3347if test $ac_cv_func_login_getcapbool = "yes" && \
3348 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3349 external_path_file=/etc/login.conf
8d184c09 3350fi
95b99395 3351
a0391976 3352# Whether to mess with the default path
aff51935 3353SERVER_PATH_MSG="(default)"
c43d69a9 3354AC_ARG_WITH(default-path,
75817f90 3355 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3356 [
95b99395 3357 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3358 AC_MSG_WARN([
3359--with-default-path=PATH has no effect on this system.
3360Edit /etc/login.conf instead.])
82f4e93d 3361 elif test "x$withval" != "xno" ; then
89bbd457 3362 if test ! -z "$external_path_file" ; then
95b99395 3363 AC_MSG_WARN([
3364--with-default-path=PATH will only be used if PATH is not defined in
3365$external_path_file .])
3366 fi
b2d818e6 3367 user_path="$withval"
aff51935 3368 SERVER_PATH_MSG="$withval"
cb807f40 3369 fi
b2d818e6 3370 ],
95b99395 3371 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3372 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3373 else
89bbd457 3374 if test ! -z "$external_path_file" ; then
95b99395 3375 AC_MSG_WARN([
3376If PATH is defined in $external_path_file, ensure the path to scp is included,
3377otherwise scp will not work.])
3378 fi
b0e7249f 3379 AC_RUN_IFELSE(
3380 [AC_LANG_SOURCE([[
b2d818e6 3381/* find out what STDPATH is */
3382#include <stdio.h>
b2d818e6 3383#ifdef HAVE_PATHS_H
3384# include <paths.h>
3385#endif
3386#ifndef _PATH_STDPATH
d9a4e55b 3387# ifdef _PATH_USERPATH /* Irix */
3388# define _PATH_STDPATH _PATH_USERPATH
3389# else
3390# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3391# endif
b2d818e6 3392#endif
3393#include <sys/types.h>
3394#include <sys/stat.h>
3395#include <fcntl.h>
3396#define DATA "conftest.stdpath"
3397
3398main()
3399{
3400 FILE *fd;
3401 int rc;
82f4e93d 3402
b2d818e6 3403 fd = fopen(DATA,"w");
3404 if(fd == NULL)
3405 exit(1);
82f4e93d 3406
b2d818e6 3407 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3408 exit(1);
3409
3410 exit(0);
3411}
b0e7249f 3412 ]])],
3413 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3414 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3415 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3416 )
3417# make sure $bindir is in USER_PATH so scp will work
3418 t_bindir=`eval echo ${bindir}`
3419 case $t_bindir in
3420 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3421 esac
3422 case $t_bindir in
3423 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3424 esac
3425 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3426 if test $? -ne 0 ; then
3427 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3428 if test $? -ne 0 ; then
3429 user_path=$user_path:$t_bindir
3430 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3431 fi
3432 fi
8d184c09 3433 fi ]
cb807f40 3434)
95b99395 3435if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3436 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3437 AC_SUBST(user_path)
3438fi
cb807f40 3439
06617857 3440# Set superuser path separately to user path
06617857 3441AC_ARG_WITH(superuser-path,
3442 [ --with-superuser-path= Specify different path for super-user],
3443 [
6cf0200f 3444 if test -n "$withval" && test "x$withval" != "xno" && \
3445 test "x${withval}" != "xyes"; then
3466e002 3446 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3447 [Define if you want a different $PATH
3448 for the superuser])
06617857 3449 superuser_path=$withval
3450 fi
3451 ]
3452)
3453
3454
58d100bf 3455AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3456IPV4_IN6_HACK_MSG="no"
80faa19f 3457AC_ARG_WITH(4in6,
3458 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3459 [
3460 if test "x$withval" != "xno" ; then
3461 AC_MSG_RESULT(yes)
3466e002 3462 AC_DEFINE(IPV4_IN_IPV6, 1,
3463 [Detect IPv4 in IPv6 mapped addresses
3464 and treat as IPv4])
aff51935 3465 IPV4_IN6_HACK_MSG="yes"
80faa19f 3466 else
3467 AC_MSG_RESULT(no)
3468 fi
3469 ],[
3470 if test "x$inet6_default_4in6" = "xyes"; then
3471 AC_MSG_RESULT([yes (default)])
3472 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3473 IPV4_IN6_HACK_MSG="yes"
80faa19f 3474 else
3475 AC_MSG_RESULT([no (default)])
3476 fi
3477 ]
3478)
3479
af774732 3480# Whether to enable BSD auth support
f1b0ecc3 3481BSD_AUTH_MSG=no
af774732 3482AC_ARG_WITH(bsd-auth,
3483 [ --with-bsd-auth Enable BSD auth support],
3484 [
82f4e93d 3485 if test "x$withval" != "xno" ; then
3466e002 3486 AC_DEFINE(BSD_AUTH, 1,
3487 [Define if you have BSD auth support])
f1b0ecc3 3488 BSD_AUTH_MSG=yes
af774732 3489 fi
3490 ]
3491)
3492
a0391976 3493# Where to place sshd.pid
19d9ac2a 3494piddir=/var/run
81dadca3 3495# make sure the directory exists
82f4e93d 3496if test ! -d $piddir ; then
81dadca3 3497 piddir=`eval echo ${sysconfdir}`
3498 case $piddir in
aff51935 3499 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3500 esac
3501fi
3502
47e45e44 3503AC_ARG_WITH(pid-dir,
3504 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3505 [
6cf0200f 3506 if test -n "$withval" && test "x$withval" != "xno" && \
3507 test "x${withval}" != "xyes"; then
19d9ac2a 3508 piddir=$withval
82f4e93d 3509 if test ! -d $piddir ; then
81dadca3 3510 AC_MSG_WARN([** no $piddir directory on this system **])
3511 fi
47e45e44 3512 fi
3513 ]
3514)
b7a87eea 3515
3466e002 3516AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3517AC_SUBST(piddir)
47e45e44 3518
1d7b9b20 3519dnl allow user to disable some login recording features
3520AC_ARG_ENABLE(lastlog,
bfd550a2 3521 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3522 [
3523 if test "x$enableval" = "xno" ; then
3524 AC_DEFINE(DISABLE_LASTLOG)
3525 fi
3526 ]
1d7b9b20 3527)
3528AC_ARG_ENABLE(utmp,
bfd550a2 3529 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3530 [
3531 if test "x$enableval" = "xno" ; then
3532 AC_DEFINE(DISABLE_UTMP)
3533 fi
3534 ]
1d7b9b20 3535)
3536AC_ARG_ENABLE(utmpx,
bfd550a2 3537 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3538 [
3539 if test "x$enableval" = "xno" ; then
3466e002 3540 AC_DEFINE(DISABLE_UTMPX, 1,
3541 [Define if you don't want to use utmpx])
ddb154b3 3542 fi
3543 ]
1d7b9b20 3544)
3545AC_ARG_ENABLE(wtmp,
bfd550a2 3546 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3547 [
3548 if test "x$enableval" = "xno" ; then
3549 AC_DEFINE(DISABLE_WTMP)
3550 fi
3551 ]
1d7b9b20 3552)
3553AC_ARG_ENABLE(wtmpx,
bfd550a2 3554 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3555 [
3556 if test "x$enableval" = "xno" ; then
3466e002 3557 AC_DEFINE(DISABLE_WTMPX, 1,
3558 [Define if you don't want to use wtmpx])
ddb154b3 3559 fi
3560 ]
1d7b9b20 3561)
3562AC_ARG_ENABLE(libutil,
bfd550a2 3563 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3564 [
3565 if test "x$enableval" = "xno" ; then
3566 AC_DEFINE(DISABLE_LOGIN)
3567 fi
3568 ]
1d7b9b20 3569)
3570AC_ARG_ENABLE(pututline,
bfd550a2 3571 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3572 [
3573 if test "x$enableval" = "xno" ; then
3466e002 3574 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3575 [Define if you don't want to use pututline()
3576 etc. to write [uw]tmp])
ddb154b3 3577 fi
3578 ]
1d7b9b20 3579)
3580AC_ARG_ENABLE(pututxline,
bfd550a2 3581 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3582 [
3583 if test "x$enableval" = "xno" ; then
3466e002 3584 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3585 [Define if you don't want to use pututxline()
3586 etc. to write [uw]tmpx])
ddb154b3 3587 fi
3588 ]
1d7b9b20 3589)
3590AC_ARG_WITH(lastlog,
bfd550a2 3591 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3592 [
82f4e93d 3593 if test "x$withval" = "xno" ; then
8c89dd2b 3594 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3595 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3596 conf_lastlog_location=$withval
3597 fi
3598 ]
3599)
1d7b9b20 3600
3601dnl lastlog, [uw]tmpx? detection
3602dnl NOTE: set the paths in the platform section to avoid the
3603dnl need for command-line parameters
3604dnl lastlog and [uw]tmp are subject to a file search if all else fails
3605
3606dnl lastlog detection
3607dnl NOTE: the code itself will detect if lastlog is a directory
3608AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3609AC_TRY_COMPILE([
3610#include <sys/types.h>
3611#include <utmp.h>
3612#ifdef HAVE_LASTLOG_H
3613# include <lastlog.h>
3614#endif
d7c0f3d5 3615#ifdef HAVE_PATHS_H
1d7b9b20 3616# include <paths.h>
41cb4569 3617#endif
3618#ifdef HAVE_LOGIN_H
3619# include <login.h>
1d7b9b20 3620#endif
3621 ],
3622 [ char *lastlog = LASTLOG_FILE; ],
3623 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3624 [
3625 AC_MSG_RESULT(no)
3626 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3627 AC_TRY_COMPILE([
3628#include <sys/types.h>
3629#include <utmp.h>
3630#ifdef HAVE_LASTLOG_H
3631# include <lastlog.h>
3632#endif
3633#ifdef HAVE_PATHS_H
3634# include <paths.h>
3635#endif
3636 ],
3637 [ char *lastlog = _PATH_LASTLOG; ],
3638 [ AC_MSG_RESULT(yes) ],
3639 [
f282b668 3640 AC_MSG_RESULT(no)
d7c0f3d5 3641 system_lastlog_path=no
3642 ])
3643 ]
1d7b9b20 3644)
d7c0f3d5 3645
1d7b9b20 3646if test -z "$conf_lastlog_location"; then
3647 if test x"$system_lastlog_path" = x"no" ; then
3648 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3649 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3650 conf_lastlog_location=$f
3651 fi
3652 done
3653 if test -z "$conf_lastlog_location"; then
f8119cef 3654 AC_MSG_WARN([** Cannot find lastlog **])
3655 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3656 fi
3657 fi
3658fi
3659
3660if test -n "$conf_lastlog_location"; then
3466e002 3661 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3662 [Define if you want to specify the path to your lastlog file])
82f4e93d 3663fi
1d7b9b20 3664
3665dnl utmp detection
3666AC_MSG_CHECKING([if your system defines UTMP_FILE])
3667AC_TRY_COMPILE([
3668#include <sys/types.h>
3669#include <utmp.h>
d7c0f3d5 3670#ifdef HAVE_PATHS_H
1d7b9b20 3671# include <paths.h>
3672#endif
3673 ],
3674 [ char *utmp = UTMP_FILE; ],
3675 [ AC_MSG_RESULT(yes) ],
3676 [ AC_MSG_RESULT(no)
3677 system_utmp_path=no ]
3678)
3679if test -z "$conf_utmp_location"; then
3680 if test x"$system_utmp_path" = x"no" ; then
3681 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3682 if test -f $f ; then
3683 conf_utmp_location=$f
3684 fi
3685 done
3686 if test -z "$conf_utmp_location"; then
3687 AC_DEFINE(DISABLE_UTMP)
3688 fi
3689 fi
3690fi
3691if test -n "$conf_utmp_location"; then
3466e002 3692 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3693 [Define if you want to specify the path to your utmp file])
82f4e93d 3694fi
1d7b9b20 3695
3696dnl wtmp detection
3697AC_MSG_CHECKING([if your system defines WTMP_FILE])
3698AC_TRY_COMPILE([
3699#include <sys/types.h>
3700#include <utmp.h>
d7c0f3d5 3701#ifdef HAVE_PATHS_H
1d7b9b20 3702# include <paths.h>
3703#endif
3704 ],
3705 [ char *wtmp = WTMP_FILE; ],
3706 [ AC_MSG_RESULT(yes) ],
3707 [ AC_MSG_RESULT(no)
3708 system_wtmp_path=no ]
3709)
3710if test -z "$conf_wtmp_location"; then
3711 if test x"$system_wtmp_path" = x"no" ; then
3712 for f in /usr/adm/wtmp /var/log/wtmp; do
3713 if test -f $f ; then
3714 conf_wtmp_location=$f
3715 fi
3716 done
3717 if test -z "$conf_wtmp_location"; then
3718 AC_DEFINE(DISABLE_WTMP)
3719 fi
3720 fi
3721fi
3722if test -n "$conf_wtmp_location"; then
3466e002 3723 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3724 [Define if you want to specify the path to your wtmp file])
82f4e93d 3725fi
1d7b9b20 3726
3727
3728dnl utmpx detection - I don't know any system so perverse as to require
3729dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3730dnl there, though.
3731AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3732AC_TRY_COMPILE([
3733#include <sys/types.h>
3734#include <utmp.h>
3735#ifdef HAVE_UTMPX_H
3736#include <utmpx.h>
3737#endif
d7c0f3d5 3738#ifdef HAVE_PATHS_H
1d7b9b20 3739# include <paths.h>
3740#endif
3741 ],
3742 [ char *utmpx = UTMPX_FILE; ],
3743 [ AC_MSG_RESULT(yes) ],
3744 [ AC_MSG_RESULT(no)
3745 system_utmpx_path=no ]
3746)
3747if test -z "$conf_utmpx_location"; then
3748 if test x"$system_utmpx_path" = x"no" ; then
3749 AC_DEFINE(DISABLE_UTMPX)
3750 fi
3751else
3466e002 3752 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
3753 [Define if you want to specify the path to your utmpx file])
82f4e93d 3754fi
1d7b9b20 3755
3756dnl wtmpx detection
3757AC_MSG_CHECKING([if your system defines WTMPX_FILE])
3758AC_TRY_COMPILE([
3759#include <sys/types.h>
3760#include <utmp.h>
3761#ifdef HAVE_UTMPX_H
3762#include <utmpx.h>
3763#endif
d7c0f3d5 3764#ifdef HAVE_PATHS_H
1d7b9b20 3765# include <paths.h>
3766#endif
3767 ],
3768 [ char *wtmpx = WTMPX_FILE; ],
3769 [ AC_MSG_RESULT(yes) ],
3770 [ AC_MSG_RESULT(no)
3771 system_wtmpx_path=no ]
3772)
3773if test -z "$conf_wtmpx_location"; then
3774 if test x"$system_wtmpx_path" = x"no" ; then
3775 AC_DEFINE(DISABLE_WTMPX)
3776 fi
3777else
3466e002 3778 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
3779 [Define if you want to specify the path to your wtmpx file])
82f4e93d 3780fi
1d7b9b20 3781
b7a87eea 3782
bd499f9e 3783if test ! -z "$blibpath" ; then
68ece370 3784 LDFLAGS="$LDFLAGS $blibflags$blibpath"
3785 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 3786fi
3787
ddceb1c8 3788dnl remove pam and dl because they are in $LIBPAM
3789if test "$PAM_MSG" = yes ; then
98f2d9d5 3790 LIBS=`echo $LIBS | sed 's/-lpam //'`
3791fi
3792if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3793 LIBS=`echo $LIBS | sed 's/-ldl //'`
ddceb1c8 3794fi
3795
ed89c848 3796dnl Adding -Werror to CFLAGS early prevents configure tests from running.
3797dnl Add now.
3798CFLAGS="$CFLAGS $werror_flags"
3799
3c62e7eb 3800AC_EXEEXT
d7cfdd7c 3801AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
46096a5b 3802 openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 3803AC_OUTPUT
d3083fbd 3804
cbd7492e 3805# Print summary of options
3806
cbd7492e 3807# Someone please show me a better way :)
3808A=`eval echo ${prefix}` ; A=`eval echo ${A}`
3809B=`eval echo ${bindir}` ; B=`eval echo ${B}`
3810C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
3811D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 3812E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 3813F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 3814G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 3815H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
3816I=`eval echo ${user_path}` ; I=`eval echo ${I}`
3817J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 3818
3819echo ""
26de7942 3820echo "OpenSSH has been configured with the following options:"
ecac8ee5 3821echo " User binaries: $B"
3822echo " System binaries: $C"
3823echo " Configuration files: $D"
3824echo " Askpass program: $E"
3825echo " Manual pages: $F"
3826echo " PID file: $G"
3827echo " Privilege separation chroot path: $H"
95b99395 3828if test "x$external_path_file" = "x/etc/login.conf" ; then
3829echo " At runtime, sshd will use the path defined in $external_path_file"
3830echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 3831else
ecac8ee5 3832echo " sshd default user PATH: $I"
89bbd457 3833 if test ! -z "$external_path_file"; then
95b99395 3834echo " (If PATH is set in $external_path_file it will be used instead. If"
3835echo " used, ensure the path to scp is present, otherwise scp will not work.)"
3836 fi
8d184c09 3837fi
06617857 3838if test ! -z "$superuser_path" ; then
ecac8ee5 3839echo " sshd superuser user PATH: $J"
3840fi
3841echo " Manpage format: $MANTYPE"
3e05e934 3842echo " PAM support: $PAM_MSG"
ecac8ee5 3843echo " KerberosV support: $KRB5_MSG"
ef4d1846 3844echo " SELinux support: $SELINUX_MSG"
ecac8ee5 3845echo " Smartcard support: $SCARD_MSG"
ecac8ee5 3846echo " S/KEY support: $SKEY_MSG"
3847echo " TCP Wrappers support: $TCPW_MSG"
3848echo " MD5 password support: $MD5_MSG"
59031773 3849echo " libedit support: $LIBEDIT_MSG"
3deb1408 3850echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 3851echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
3852echo " BSD Auth support: $BSD_AUTH_MSG"
3853echo " Random number source: $RAND_MSG"
f1b0ecc3 3854if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 3855echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 3856fi
3857
cbd7492e 3858echo ""
3859
0c2fb82f 3860echo " Host: ${host}"
3861echo " Compiler: ${CC}"
3862echo " Compiler flags: ${CFLAGS}"
3863echo "Preprocessor flags: ${CPPFLAGS}"
3864echo " Linker flags: ${LDFLAGS}"
ddceb1c8 3865echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
cbd7492e 3866
3867echo ""
3868
9cefe228 3869if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 3870 echo "SVR4 style packages are supported with \"make package\""
3871 echo ""
9cefe228 3872fi
3873
adeebd37 3874if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 3875 echo "PAM is enabled. You may need to install a PAM control file "
3876 echo "for sshd, otherwise password authentication may fail. "
aff51935 3877 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 3878 echo "subdirectory"
adeebd37 3879 echo ""
3880fi
3881
f1b0ecc3 3882if test ! -z "$RAND_HELPER_CMDHASH" ; then
3883 echo "WARNING: you are using the builtin random number collection "
3884 echo "service. Please read WARNING.RNG and request that your OS "
3885 echo "vendor includes kernel-based random number collection in "
3886 echo "future versions of your OS."
2c523de9 3887 echo ""
3888fi
af774732 3889
2f6f9cff 3890if test ! -z "$NO_PEERCHECK" ; then
3891 echo "WARNING: the operating system that you are using does not "
3892 echo "appear to support either the getpeereid() API nor the "
3893 echo "SO_PEERCRED getsockopt() option. These facilities are used to "
3894 echo "enforce security checks to prevent unauthorised connections to "
3895 echo "ssh-agent. Their absence increases the risk that a malicious "
3896 echo "user can connect to your agent. "
3897 echo ""
3898fi
3899
7b578f7d 3900if test "$AUDIT_MODULE" = "bsm" ; then
3901 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
3902 echo "See the Solaris section in README.platform for details."
3903fi
git-cvsimport mirror of OpenSSH
This page took 1.251797 seconds and 5 git commands to generate.