]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- djm@cvs.openbsd.org 2008/03/24 21:46:54
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
95 [ --without-stackprotect Don't use compiler's stack protection], [
96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
dbf07ba2 110 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
cd595991 111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
caa21240 115 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 116 # and/or platforms, so we test if we can. If it's not supported
117 # on a give platform gcc will emit a warning so we use -Werror.
caa21240 118 if test "x$use_stack_protector" = "x1"; then
119 for t in -fstack-protector-all -fstack-protector; do
23c5c479 120 AC_MSG_CHECKING(if $CC supports $t)
caa21240 121 saved_CFLAGS="$CFLAGS"
122 saved_LDFLAGS="$LDFLAGS"
23c5c479 123 CFLAGS="$CFLAGS $t -Werror"
124 LDFLAGS="$LDFLAGS $t -Werror"
125 AC_LINK_IFELSE(
126 [AC_LANG_SOURCE([
127#include <stdlib.h>
128int main(void){return 0;}
129 ])],
caa21240 130 [ AC_MSG_RESULT(yes)
23c5c479 131 CFLAGS="$saved_CFLAGS $t"
132 LDFLAGS="$saved_LDFLAGS $t"
caa21240 133 AC_MSG_CHECKING(if $t works)
134 AC_RUN_IFELSE(
135 [AC_LANG_SOURCE([
136#include <stdlib.h>
137int main(void){exit(0);}
138 ])],
139 [ AC_MSG_RESULT(yes)
140 break ],
141 [ AC_MSG_RESULT(no) ],
142 [ AC_MSG_WARN([cross compiling: cannot test])
143 break ]
23c5c479 144 )
caa21240 145 ],
146 [ AC_MSG_RESULT(no) ]
147 )
148 CFLAGS="$saved_CFLAGS"
149 LDFLAGS="$saved_LDFLAGS"
150 done
151 fi
eb5a7224 152
dfafb2e1 153 if test -z "$have_llong_max"; then
154 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
155 unset ac_cv_have_decl_LLONG_MAX
156 saved_CFLAGS="$CFLAGS"
157 CFLAGS="$CFLAGS -std=gnu99"
158 AC_CHECK_DECL(LLONG_MAX,
159 [have_llong_max=1],
160 [CFLAGS="$saved_CFLAGS"],
161 [#include <limits.h>]
162 )
163 fi
d423d822 164fi
165
0b9fdeb8 166if test "x$no_attrib_nonnull" != "x1" ; then
167 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
168fi
169
e6354014 170AC_ARG_WITH(rpath,
171 [ --without-rpath Disable auto-added -R linker paths],
172 [
82f4e93d 173 if test "x$withval" = "xno" ; then
e6354014 174 need_dash_r=""
175 fi
176 if test "x$withval" = "xyes" ; then
177 need_dash_r=1
178 fi
179 ]
180)
181
aa56f760 182# Allow user to specify flags
183AC_ARG_WITH(cflags,
184 [ --with-cflags Specify additional flags to pass to compiler],
185 [
186 if test -n "$withval" && test "x$withval" != "xno" && \
187 test "x${withval}" != "xyes"; then
188 CFLAGS="$CFLAGS $withval"
189 fi
190 ]
191)
192AC_ARG_WITH(cppflags,
193 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
194 [
195 if test -n "$withval" && test "x$withval" != "xno" && \
196 test "x${withval}" != "xyes"; then
197 CPPFLAGS="$CPPFLAGS $withval"
198 fi
199 ]
200)
201AC_ARG_WITH(ldflags,
202 [ --with-ldflags Specify additional flags to pass to linker],
203 [
204 if test -n "$withval" && test "x$withval" != "xno" && \
205 test "x${withval}" != "xyes"; then
206 LDFLAGS="$LDFLAGS $withval"
207 fi
208 ]
209)
210AC_ARG_WITH(libs,
211 [ --with-libs Specify additional libraries to link with],
212 [
213 if test -n "$withval" && test "x$withval" != "xno" && \
214 test "x${withval}" != "xyes"; then
215 LIBS="$LIBS $withval"
216 fi
217 ]
218)
219AC_ARG_WITH(Werror,
220 [ --with-Werror Build main code with -Werror],
221 [
222 if test -n "$withval" && test "x$withval" != "xno"; then
223 werror_flags="-Werror"
224 if test "x${withval}" != "xyes"; then
225 werror_flags="$withval"
226 fi
227 fi
228 ]
229)
230
231AC_CHECK_HEADERS( \
232 bstring.h \
233 crypt.h \
234 crypto/sha2.h \
235 dirent.h \
236 endian.h \
237 features.h \
238 fcntl.h \
239 floatingpoint.h \
240 getopt.h \
241 glob.h \
242 ia.h \
243 iaf.h \
244 limits.h \
245 login.h \
246 maillock.h \
247 ndir.h \
248 net/if_tun.h \
249 netdb.h \
250 netgroup.h \
251 pam/pam_appl.h \
252 paths.h \
6d39a5c4 253 poll.h \
aa56f760 254 pty.h \
255 readpassphrase.h \
256 rpc/types.h \
257 security/pam_appl.h \
258 sha2.h \
259 shadow.h \
260 stddef.h \
261 stdint.h \
262 string.h \
263 strings.h \
264 sys/audit.h \
265 sys/bitypes.h \
266 sys/bsdtty.h \
267 sys/cdefs.h \
268 sys/dir.h \
269 sys/mman.h \
270 sys/ndir.h \
8aa5db7d 271 sys/poll.h \
aa56f760 272 sys/prctl.h \
273 sys/pstat.h \
274 sys/select.h \
275 sys/stat.h \
276 sys/stream.h \
277 sys/stropts.h \
278 sys/strtio.h \
279 sys/sysmacros.h \
280 sys/time.h \
281 sys/timers.h \
282 sys/un.h \
283 time.h \
284 tmpdir.h \
285 ttyent.h \
40701614 286 ucred.h \
aa56f760 287 unistd.h \
288 usersec.h \
289 util.h \
290 utime.h \
291 utmp.h \
292 utmpx.h \
293 vis.h \
294)
295
296# lastlog.h requires sys/time.h to be included first on Solaris
297AC_CHECK_HEADERS(lastlog.h, [], [], [
298#ifdef HAVE_SYS_TIME_H
299# include <sys/time.h>
300#endif
301])
302
303# sys/ptms.h requires sys/stream.h to be included first on Solaris
304AC_CHECK_HEADERS(sys/ptms.h, [], [], [
305#ifdef HAVE_SYS_STREAM_H
306# include <sys/stream.h>
307#endif
308])
309
310# login_cap.h requires sys/types.h on NetBSD
311AC_CHECK_HEADERS(login_cap.h, [], [], [
312#include <sys/types.h>
313])
314
5b84789f 315# Messages for features tested for in target-specific section
316SIA_MSG="no"
317SPC_MSG="no"
318
a0391976 319# Check for some target-specific stuff
a7effaac 320case "$host" in
9d6b1b96 321*-*-aix*)
25a2779b 322 # Some versions of VAC won't allow macro redefinitions at
323 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
324 # particularly with older versions of vac or xlc.
325 # It also throws errors about null macro argments, but these are
326 # not fatal.
327 AC_MSG_CHECKING(if compiler allows macro redefinitions)
328 AC_COMPILE_IFELSE(
329 [AC_LANG_SOURCE([[
330#define testmacro foo
331#define testmacro bar
332int main(void) { exit(0); }
333 ]])],
334 [ AC_MSG_RESULT(yes) ],
335 [ AC_MSG_RESULT(no)
336 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
337 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
338 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
339 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
340 ]
341 )
342
aff51935 343 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 344 if (test -z "$blibpath"); then
0a15d73b 345 blibpath="/usr/lib:/lib"
68ece370 346 fi
347 saved_LDFLAGS="$LDFLAGS"
e7479666 348 if test "$GCC" = "yes"; then
349 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
350 else
351 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
352 fi
353 for tryflags in $flags ;do
68ece370 354 if (test -z "$blibflags"); then
355 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
356 AC_TRY_LINK([], [], [blibflags=$tryflags])
357 fi
358 done
359 if (test -z "$blibflags"); then
360 AC_MSG_RESULT(not found)
361 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
362 else
363 AC_MSG_RESULT($blibflags)
bd499f9e 364 fi
68ece370 365 LDFLAGS="$saved_LDFLAGS"
e351e493 366 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 367 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
368 [Define if you want to enable AIX4's authenticate function])],
0764e748 369 [AC_CHECK_LIB(s,authenticate,
e351e493 370 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 371 LIBS="$LIBS -ls"
372 ])
373 ])
ba603e06 374 dnl Check for various auth function declarations in headers.
c85ed8e2 375 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 376 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 377 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 378 AC_CHECK_DECLS(loginfailed,
e351e493 379 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
380 AC_TRY_COMPILE(
f58c0e01 381 [#include <usersec.h>],
e351e493 382 [(void)loginfailed("user","host","tty",0);],
383 [AC_MSG_RESULT(yes)
3466e002 384 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
385 [Define if your AIX loginfailed() function
386 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 387 [AC_MSG_RESULT(no)]
e351e493 388 )],
389 [],
390 [#include <usersec.h>]
391 )
533a78f0 392 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 393 AC_CHECK_DECL(F_CLOSEM,
795e7517 394 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 395 [],
396 [ #include <limits.h>
397 #include <fcntl.h> ]
398 )
5ccf88cb 399 check_for_aix_broken_getaddrinfo=1
3466e002 400 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
401 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
402 [Define if your platform breaks doing a seteuid before a setuid])
403 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
404 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 405 dnl AIX handles lastlog as part of its login message
3466e002 406 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
407 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
408 [Some systems need a utmpx entry for /bin/login to work])
409 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
410 [Define to a Set Process Title type if your system is
411 supported by bsd-setproctitle.c])
961c2997 412 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
413 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 414 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 415 ;;
3c62e7eb 416*-*-cygwin*)
a52997bd 417 check_for_libcrypt_later=1
04765d02 418 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 419 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
420 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
421 AC_DEFINE(DISABLE_SHADOW, 1,
422 [Define if you want to disable shadow passwords])
423 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
424 [Define if your system choked on IP TOS setting])
425 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
426 [Define if X11 doesn't support AF_UNIX sockets on that system])
427 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
428 [Define if the concept of ports only accessible to
429 superusers isn't known])
430 AC_DEFINE(DISABLE_FD_PASSING, 1,
431 [Define if your platform needs to skip post auth
432 file descriptor passing])
3c62e7eb 433 ;;
d6fdb079 434*-*-dgux*)
435 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 436 AC_DEFINE(SETEUID_BREAKS_SETUID)
437 AC_DEFINE(BROKEN_SETREUID)
438 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 439 ;;
39c98ef7 440*-*-darwin*)
33e2e066 441 AC_MSG_CHECKING(if we have working getaddrinfo)
442 AC_TRY_RUN([#include <mach-o/dyld.h>
443main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
444 exit(0);
445 else
446 exit(1);
447}], [AC_MSG_RESULT(working)],
448 [AC_MSG_RESULT(buggy)
3466e002 449 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 450 [AC_MSG_RESULT(assume it is working)])
635e0c42 451 AC_DEFINE(SETEUID_BREAKS_SETUID)
452 AC_DEFINE(BROKEN_SETREUID)
453 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 454 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 455 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
456 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 457 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
458 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
459 [Use tunnel device compatibility to OpenBSD])
460 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
461 [Prepend the address family to IP tunnel traffic])
a74e9b64 462 m4_pattern_allow(AU_IPv)
463 AC_CHECK_DECL(AU_IPv4, [],
464 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
465 [#include <bsm/audit.h>]
466 )
39c98ef7 467 ;;
36f36ba3 468*-*-dragonfly*)
469 SSHDLIBS="$SSHDLIBS -lcrypt"
470 ;;
7d458c86 471*-*-hpux*)
472 # first we define all of the options common to all HP-UX releases
b8fea62d 473 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 474 IPADDR_IN_DISPLAY=yes
2b10f47a 475 AC_DEFINE(USE_PIPES)
3466e002 476 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
477 [Define if your login program cannot handle end of options ("--")])
a2572aa7 478 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 479 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
480 [String used in /etc/passwd to denote locked account])
3a2b2b44 481 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 482 MAIL="/var/mail/username"
f75ca46d 483 LIBS="$LIBS -lsec"
7d458c86 484 AC_CHECK_LIB(xnet, t_error, ,
485 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
486
487 # next, we define all of the options specific to major releases
488 case "$host" in
489 *-*-hpux10*)
490 if test -z "$GCC"; then
491 CFLAGS="$CFLAGS -Ae"
492 fi
493 ;;
494 *-*-hpux11*)
3466e002 495 AC_DEFINE(PAM_SUN_CODEBASE, 1,
496 [Define if you are using Solaris-derived PAM which
497 passes pam_messages to the conversation function
498 with an extra level of indirection])
499 AC_DEFINE(DISABLE_UTMP, 1,
500 [Define if you don't want to use utmp])
7d458c86 501 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
502 check_for_hpux_broken_getaddrinfo=1
503 check_for_conflicting_getspnam=1
504 ;;
505 esac
506
507 # lastly, we define options specific to minor releases
508 case "$host" in
509 *-*-hpux10.26)
3466e002 510 AC_DEFINE(HAVE_SECUREWARE, 1,
511 [Define if you have SecureWare-based
512 protected password database])
7d458c86 513 disable_ptmx_check=yes
514 LIBS="$LIBS -lsecpw"
515 ;;
516 esac
2b763e31 517 ;;
d94aa2ae 518*-*-irix5*)
6ac7829a 519 PATH="$PATH:/usr/etc"
3466e002 520 AC_DEFINE(BROKEN_INET_NTOA, 1,
521 [Define if you system's inet_ntoa is busted
522 (e.g. Irix gcc issue)])
cb433561 523 AC_DEFINE(SETEUID_BREAKS_SETUID)
524 AC_DEFINE(BROKEN_SETREUID)
525 AC_DEFINE(BROKEN_SETREGID)
3466e002 526 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
527 [Define if you shouldn't strip 'tty' from your
528 ttyname in [uw]tmp])
3e6e3da0 529 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 530 ;;
531*-*-irix6*)
6ac7829a 532 PATH="$PATH:/usr/etc"
3466e002 533 AC_DEFINE(WITH_IRIX_ARRAY, 1,
534 [Define if you have/want arrays
535 (cluster-wide session managment, not C arrays)])
536 AC_DEFINE(WITH_IRIX_PROJECT, 1,
537 [Define if you want IRIX project management])
538 AC_DEFINE(WITH_IRIX_AUDIT, 1,
539 [Define if you want IRIX audit trails])
540 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
541 [Define if you want IRIX kernel jobs])])
416ed5a7 542 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 543 AC_DEFINE(SETEUID_BREAKS_SETUID)
544 AC_DEFINE(BROKEN_SETREUID)
545 AC_DEFINE(BROKEN_SETREGID)
3466e002 546 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 547 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 548 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 549 ;;
5cdfe03f 550*-*-linux*)
551 no_dev_ptmx=1
717057b6 552 check_for_libcrypt_later=1
eacb954e 553 check_for_openpty_ctty_bug=1
3466e002 554 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
555 AC_DEFINE(PAM_TTY_KLUDGE, 1,
556 [Work around problematic Linux PAM modules handling of PAM_TTY])
557 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
558 [String used in /etc/passwd to denote locked account])
3a2b2b44 559 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 560 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
561 [Define to whatever link() returns for "not supported"
562 if it doesn't return EOPNOTSUPP.])
b6610e8f 563 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 564 AC_DEFINE(USE_BTMP)
80faa19f 565 inet6_default_4in6=yes
bf7c1e6c 566 case `uname -r` in
ad84c479 567 1.*|2.0.*)
3466e002 568 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
569 [Define if cmsg_type is not passed correctly])
bf7c1e6c 570 ;;
bf7c1e6c 571 esac
c40f09ca 572 # tun(4) forwarding compat code
d91775e1 573 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 574 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 575 AC_DEFINE(SSH_TUN_LINUX, 1,
576 [Open tunnel devices the Linux tun/tap way])
577 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
578 [Use tunnel device compatibility to OpenBSD])
579 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
580 [Prepend the address family to IP tunnel traffic])
581 fi
5cdfe03f 582 ;;
66d6c27e 583mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 584 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 585 SONY=1
66d6c27e 586 ;;
d468fc76 587*-*-netbsd*)
33e2e066 588 check_for_libcrypt_before=1
82f4e93d 589 if test "x$withval" != "xno" ; then
e6354014 590 need_dash_r=1
591 fi
0f6cb079 592 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
593 AC_CHECK_HEADER([net/if_tap.h], ,
594 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
595 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
596 [Prepend the address family to IP tunnel traffic])
d468fc76 597 ;;
86b416a7 598*-*-freebsd*)
599 check_for_libcrypt_later=1
988c5031 600 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 601 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
602 AC_CHECK_HEADER([net/if_tap.h], ,
603 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 604 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 605 ;;
8707b7eb 606*-*-bsdi*)
607 AC_DEFINE(SETEUID_BREAKS_SETUID)
608 AC_DEFINE(BROKEN_SETREUID)
609 AC_DEFINE(BROKEN_SETREGID)
610 ;;
729bfe59 611*-next-*)
729bfe59 612 conf_lastlog_location="/usr/adm/lastlog"
698d107e 613 conf_utmp_location=/etc/utmp
614 conf_wtmp_location=/usr/adm/wtmp
615 MAIL=/usr/spool/mail
3466e002 616 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 617 AC_DEFINE(BROKEN_REALPATH)
00937921 618 AC_DEFINE(USE_PIPES)
3466e002 619 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 620 ;;
5b7b5e23 621*-*-openbsd*)
622 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 623 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 624 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 625 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
626 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 627 ;;
9d6b1b96 628*-*-solaris*)
82f4e93d 629 if test "x$withval" != "xno" ; then
010e9d5b 630 need_dash_r=1
631 fi
adeebd37 632 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 633 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 634 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
635 [Some versions of /bin/login need the TERM supplied
636 on the commandline])
7f0a4ff1 637 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 638 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
639 [Define if pam_chauthtok wants real uid set
640 to the unpriv'ed user])
3e6e3da0 641 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 642 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 643 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
644 [Define if sshd somehow reacquires a controlling TTY
645 after setsid()])
795aa5f5 646 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
647 in case the name is longer than 8 chars])
95b99395 648 external_path_file=/etc/default/login
1d7b9b20 649 # hardwire lastlog location (can't detect it on some versions)
650 conf_lastlog_location="/var/adm/lastlog"
32c80420 651 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
652 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
653 if test "$sol2ver" -ge 8; then
654 AC_MSG_RESULT(yes)
655 AC_DEFINE(DISABLE_UTMP)
3466e002 656 AC_DEFINE(DISABLE_WTMP, 1,
657 [Define if you don't want to use wtmp])
32c80420 658 else
659 AC_MSG_RESULT(no)
660 fi
5b84789f 661 AC_ARG_WITH(solaris-contracts,
662 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
663 [
664 AC_CHECK_LIB(contract, ct_tmpl_activate,
665 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
666 [Define if you have Solaris process contracts])
667 SSHDLIBS="$SSHDLIBS -lcontract"
668 AC_SUBST(SSHDLIBS)
669 SPC_MSG="yes" ], )
670 ],
671 )
9d6b1b96 672 ;;
a423beaf 673*-*-sunos4*)
0c2fb82f 674 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 675 AC_CHECK_FUNCS(getpwanam)
adeebd37 676 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 677 conf_utmp_location=/etc/utmp
678 conf_wtmp_location=/var/adm/wtmp
679 conf_lastlog_location=/var/adm/lastlog
137d7b6c 680 AC_DEFINE(USE_PIPES)
a423beaf 681 ;;
6f68f28a 682*-ncr-sysv*)
98a7c37b 683 LIBS="$LIBS -lc89"
29525240 684 AC_DEFINE(USE_PIPES)
eabb99c6 685 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 686 AC_DEFINE(SETEUID_BREAKS_SETUID)
687 AC_DEFINE(BROKEN_SETREUID)
688 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 689 ;;
132dd316 690*-sni-sysv*)
c8c15bcb 691 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 692 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 693 # -lresolv needs to be at the end of LIBS or DNS lookups break
694 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 695 IPADDR_IN_DISPLAY=yes
696 AC_DEFINE(USE_PIPES)
132dd316 697 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 698 AC_DEFINE(SETEUID_BREAKS_SETUID)
699 AC_DEFINE(BROKEN_SETREUID)
700 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 701 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 702 external_path_file=/etc/default/login
c8c15bcb 703 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
704 # Attention: always take care to bind libsocket and libnsl before libc,
705 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 706 ;;
79a7ba96 707# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 708*-*-sysv4.2*)
ed6553e2 709 AC_DEFINE(USE_PIPES)
7ed101c0 710 AC_DEFINE(SETEUID_BREAKS_SETUID)
711 AC_DEFINE(BROKEN_SETREUID)
712 AC_DEFINE(BROKEN_SETREGID)
46f853b9 713 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 714 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 715 ;;
79a7ba96 716# UnixWare 7.x, OpenUNIX 8
77bb0bca 717*-*-sysv5*)
d7d2cc6e 718 check_for_libcrypt_later=1
719 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 720 AC_DEFINE(USE_PIPES)
7ed101c0 721 AC_DEFINE(SETEUID_BREAKS_SETUID)
722 AC_DEFINE(BROKEN_SETREUID)
723 AC_DEFINE(BROKEN_SETREGID)
3466e002 724 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 725 case "$host" in
726 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
727 TEST_SHELL=/u95/bin/sh
3466e002 728 AC_DEFINE(BROKEN_LIBIAF, 1,
729 [ia_uinfo routines not supported by OS yet])
5cc6ddad 730 AC_DEFINE(BROKEN_UPDWTMPX)
822015dd 731 ;;
e45da4d6 732 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
733 ;;
822015dd 734 esac
77bb0bca 735 ;;
9d6b1b96 736*-*-sysv*)
9d6b1b96 737 ;;
79a7ba96 738# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 739*-*-sco3.2v4*)
11cf4f1f 740 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 741 ;;
79a7ba96 742# SCO OpenServer 5.x
77bb0bca 743*-*-sco3.2v5*)
21710e39 744 if test -z "$GCC"; then
745 CFLAGS="$CFLAGS -belf"
746 fi
ed6553e2 747 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 748 no_dev_ptmx=1
ed6553e2 749 AC_DEFINE(USE_PIPES)
6e879cb4 750 AC_DEFINE(HAVE_SECUREWARE)
d287c664 751 AC_DEFINE(DISABLE_SHADOW)
94d8258b 752 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 753 AC_DEFINE(SETEUID_BREAKS_SETUID)
754 AC_DEFINE(BROKEN_SETREUID)
755 AC_DEFINE(BROKEN_SETREGID)
bcebad47 756 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 757 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 758 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 759 AC_CHECK_FUNCS(getluid setluid)
533875af 760 MANTYPE=man
a3245b92 761 TEST_SHELL=ksh
509b1f88 762 ;;
ccbb983c 763*-*-unicosmk*)
3466e002 764 AC_DEFINE(NO_SSH_LASTLOG, 1,
765 [Define if you don't want to use lastlog in session.c])
c1ad5966 766 AC_DEFINE(SETEUID_BREAKS_SETUID)
767 AC_DEFINE(BROKEN_SETREUID)
768 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 769 AC_DEFINE(USE_PIPES)
770 AC_DEFINE(DISABLE_FD_PASSING)
771 LDFLAGS="$LDFLAGS"
772 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
773 MANTYPE=cat
d262b7f2 774 ;;
7b9a8c6e 775*-*-unicosmp*)
c1ad5966 776 AC_DEFINE(SETEUID_BREAKS_SETUID)
777 AC_DEFINE(BROKEN_SETREUID)
778 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 779 AC_DEFINE(WITH_ABBREV_NO_TTY)
780 AC_DEFINE(USE_PIPES)
781 AC_DEFINE(DISABLE_FD_PASSING)
782 LDFLAGS="$LDFLAGS"
c1ad5966 783 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 784 MANTYPE=cat
785 ;;
ca5c7d6a 786*-*-unicos*)
c1ad5966 787 AC_DEFINE(SETEUID_BREAKS_SETUID)
788 AC_DEFINE(BROKEN_SETREUID)
789 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 790 AC_DEFINE(USE_PIPES)
94d8258b 791 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 792 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 793 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
794 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
795 MANTYPE=cat
a704dd54 796 ;;
4d33e531 797*-dec-osf*)
99c8ddac 798 AC_MSG_CHECKING(for Digital Unix SIA)
799 no_osfsia=""
800 AC_ARG_WITH(osfsia,
801 [ --with-osfsia Enable Digital Unix SIA],
802 [
803 if test "x$withval" = "xno" ; then
804 AC_MSG_RESULT(disabled)
805 no_osfsia=1
806 fi
807 ],
808 )
809 if test -z "$no_osfsia" ; then
4d33e531 810 if test -f /etc/sia/matrix.conf; then
811 AC_MSG_RESULT(yes)
3466e002 812 AC_DEFINE(HAVE_OSF_SIA, 1,
813 [Define if you have Digital Unix Security
814 Integration Architecture])
815 AC_DEFINE(DISABLE_LOGIN, 1,
816 [Define if you don't want to use your
817 system's login() call])
58d0df4e 818 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 819 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 820 SIA_MSG="yes"
4d33e531 821 else
822 AC_MSG_RESULT(no)
3466e002 823 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
824 [String used in /etc/passwd to denote locked account])
4d33e531 825 fi
826 fi
a6e67b60 827 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 828 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 829 AC_DEFINE(BROKEN_SETREUID)
830 AC_DEFINE(BROKEN_SETREGID)
4d33e531 831 ;;
41cb4569 832
9c54c067 833*-*-nto-qnx*)
41cb4569 834 AC_DEFINE(USE_PIPES)
835 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 836 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
837 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
838 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 839 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 840 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 841 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 842 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 843 case "$host" in
844 *-*-nto-qnx6*)
845 AC_DEFINE(DISABLE_FD_PASSING)
846 ;;
847 esac
41cb4569 848 ;;
35fc74ed 849
850*-*-ultrix*)
3466e002 851 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
852 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 853 AC_DEFINE(NEED_SETPGRP)
b5765e1d 854 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
855 ;;
157b6700 856
857*-*-lynxos)
858 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 859 AC_DEFINE(MISSING_HOWMANY)
157b6700 860 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
861 ;;
a7effaac 862esac
863
c5829391 864AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 865AC_RUN_IFELSE(
866 [AC_LANG_SOURCE([
c5829391 867#include <stdio.h>
868int main(){exit(0);}
479cece8 869 ])],
c5829391 870 [ AC_MSG_RESULT(yes) ],
871 [
872 AC_MSG_RESULT(no)
873 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 874 ],
875 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 876)
877
b04a9f8c 878dnl Checks for header files.
a0391976 879# Checks for libraries.
98a7c37b 880AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
881AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 882
446227d6 883dnl IRIX and Solaris 2.5.1 have dirname() in libgen
884AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
885 AC_CHECK_LIB(gen, dirname,[
886 AC_CACHE_CHECK([for broken dirname],
887 ac_cv_have_broken_dirname, [
888 save_LIBS="$LIBS"
889 LIBS="$LIBS -lgen"
b0e7249f 890 AC_RUN_IFELSE(
891 [AC_LANG_SOURCE([[
446227d6 892#include <libgen.h>
893#include <string.h>
894
895int main(int argc, char **argv) {
896 char *s, buf[32];
897
898 strncpy(buf,"/etc", 32);
899 s = dirname(buf);
900 if (!s || strncmp(s, "/", 32) != 0) {
901 exit(1);
902 } else {
903 exit(0);
904 }
905}
b0e7249f 906 ]])],
907 [ ac_cv_have_broken_dirname="no" ],
908 [ ac_cv_have_broken_dirname="yes" ],
446227d6 909 [ ac_cv_have_broken_dirname="no" ],
446227d6 910 )
911 LIBS="$save_LIBS"
912 ])
913 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
914 LIBS="$LIBS -lgen"
915 AC_DEFINE(HAVE_DIRNAME)
916 AC_CHECK_HEADERS(libgen.h)
917 fi
918 ])
919])
920
921AC_CHECK_FUNC(getspnam, ,
922 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 923AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
924 [Define if you have the basename function.]))
446227d6 925
98a7c37b 926dnl zlib is required
927AC_ARG_WITH(zlib,
928 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 929 [ if test "x$withval" = "xno" ; then
930 AC_MSG_ERROR([*** zlib is required ***])
931 elif test "x$withval" != "xyes"; then
98a7c37b 932 if test -d "$withval/lib"; then
933 if test -n "${need_dash_r}"; then
5a162955 934 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 935 else
5a162955 936 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 937 fi
938 else
939 if test -n "${need_dash_r}"; then
5a162955 940 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 941 else
5a162955 942 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 943 fi
944 fi
945 if test -d "$withval/include"; then
5a162955 946 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 947 else
5a162955 948 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 949 fi
6dd05556 950 fi ]
98a7c37b 951)
952
0a15d73b 953AC_CHECK_LIB(z, deflate, ,
954 [
955 saved_CPPFLAGS="$CPPFLAGS"
956 saved_LDFLAGS="$LDFLAGS"
957 save_LIBS="$LIBS"
958 dnl Check default zlib install dir
959 if test -n "${need_dash_r}"; then
960 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
961 else
962 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
963 fi
964 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
965 LIBS="$LIBS -lz"
966 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
967 [
968 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
969 ]
970 )
971 ]
972)
4ad65809 973AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 974
975AC_ARG_WITH(zlib-version-check,
976 [ --without-zlib-version-check Disable zlib version check],
977 [ if test "x$withval" = "xno" ; then
978 zlib_check_nonfatal=1
979 fi
980 ]
981)
982
5c7fc85d 983AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 984AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 985#include <stdio.h>
4ad65809 986#include <zlib.h>
987int main()
988{
5c7fc85d 989 int a=0, b=0, c=0, d=0, n, v;
990 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
991 if (n != 3 && n != 4)
4ad65809 992 exit(1);
5c7fc85d 993 v = a*1000000 + b*10000 + c*100 + d;
994 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
995
996 /* 1.1.4 is OK */
997 if (a == 1 && b == 1 && c >= 4)
4ad65809 998 exit(0);
5c7fc85d 999
0072b59d 1000 /* 1.2.3 and up are OK */
1001 if (v >= 1020300)
5c7fc85d 1002 exit(0);
1003
4ad65809 1004 exit(2);
1005}
479cece8 1006 ]])],
5c7fc85d 1007 AC_MSG_RESULT(no),
1008 [ AC_MSG_RESULT(yes)
8068d564 1009 if test -z "$zlib_check_nonfatal" ; then
1010 AC_MSG_ERROR([*** zlib too old - check config.log ***
1011Your reported zlib version has known security problems. It's possible your
1012vendor has fixed these problems without changing the version number. If you
1013are sure this is the case, you can disable the check by running
1014"./configure --without-zlib-version-check".
6090bcfe 1015If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1016See http://www.gzip.org/zlib/ for details.])
8068d564 1017 else
1018 AC_MSG_WARN([zlib version may have security problems])
1019 fi
1a01a50c 1020 ],
1021 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1022)
48e7916f 1023
2c523de9 1024dnl UnixWare 2.x
aff51935 1025AC_CHECK_FUNC(strcasecmp,
2c523de9 1026 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1027)
23361281 1028AC_CHECK_FUNCS(utimes,
cda1ebcb 1029 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1030 LIBS="$LIBS -lc89"]) ]
2c523de9 1031)
4cca272e 1032
7c6d759d 1033dnl Checks for libutil functions
1034AC_CHECK_HEADERS(libutil.h)
3466e002 1035AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1036 [Define if your libraries define login()])])
7c6d759d 1037AC_CHECK_FUNCS(logout updwtmp logwtmp)
1038
a738c3b0 1039AC_FUNC_STRFTIME
1040
84ceda19 1041# Check for ALTDIRFUNC glob() extension
1042AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1043AC_EGREP_CPP(FOUNDIT,
1044 [
1045 #include <glob.h>
1046 #ifdef GLOB_ALTDIRFUNC
1047 FOUNDIT
1048 #endif
aff51935 1049 ],
84ceda19 1050 [
3466e002 1051 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1052 [Define if your system glob() function has
1053 the GLOB_ALTDIRFUNC extension])
84ceda19 1054 AC_MSG_RESULT(yes)
1055 ],
1056 [
1057 AC_MSG_RESULT(no)
1058 ]
1059)
4cca272e 1060
40849fdb 1061# Check for g.gl_matchc glob() extension
1062AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1063AC_TRY_COMPILE(
13ff27b7 1064 [ #include <glob.h> ],
1065 [glob_t g; g.gl_matchc = 1;],
aff51935 1066 [
3466e002 1067 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1068 [Define if your system glob() function has
1069 gl_matchc options in glob_t])
aff51935 1070 AC_MSG_RESULT(yes)
1071 ],
1072 [
1073 AC_MSG_RESULT(no)
1074 ]
40849fdb 1075)
1076
78888bab 1077AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1078
edbe6722 1079AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1080AC_RUN_IFELSE(
479cece8 1081 [AC_LANG_SOURCE([[
edbe6722 1082#include <sys/types.h>
1083#include <dirent.h>
aec4cb4f 1084int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1085 ]])],
aff51935 1086 [AC_MSG_RESULT(yes)],
edbe6722 1087 [
1088 AC_MSG_RESULT(no)
3466e002 1089 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1090 [Define if your struct dirent expects you to
3466e002 1091 allocate extra space for d_name])
1a01a50c 1092 ],
82f4e93d 1093 [
1a01a50c 1094 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1095 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1096 ]
1097)
1098
419e26e7 1099AC_MSG_CHECKING([for /proc/pid/fd directory])
1100if test -d "/proc/$$/fd" ; then
3466e002 1101 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1102 AC_MSG_RESULT(yes)
1103else
1104 AC_MSG_RESULT(no)
1105fi
1106
278588d8 1107# Check whether user wants S/Key support
aff51935 1108SKEY_MSG="no"
278588d8 1109AC_ARG_WITH(skey,
6ff3d0dc 1110 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1111 [
1112 if test "x$withval" != "xno" ; then
1113
1114 if test "x$withval" != "xyes" ; then
1115 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1116 LDFLAGS="$LDFLAGS -L${withval}/lib"
1117 fi
1118
3466e002 1119 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1120 LIBS="-lskey $LIBS"
aff51935 1121 SKEY_MSG="yes"
82f4e93d 1122
ddceb1c8 1123 AC_MSG_CHECKING([for s/key support])
b0e7249f 1124 AC_LINK_IFELSE(
1125 [AC_LANG_SOURCE([[
ddceb1c8 1126#include <stdio.h>
1127#include <skey.h>
aec4cb4f 1128int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1129 ]])],
ddceb1c8 1130 [AC_MSG_RESULT(yes)],
278588d8 1131 [
ddceb1c8 1132 AC_MSG_RESULT(no)
278588d8 1133 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1134 ])
141fc639 1135 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1136 AC_TRY_COMPILE(
1137 [#include <stdio.h>
1138 #include <skey.h>],
1139 [(void)skeychallenge(NULL,"name","",0);],
1140 [AC_MSG_RESULT(yes)
3466e002 1141 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1142 [Define if your skeychallenge()
1143 function takes 4 arguments (NetBSD)])],
141fc639 1144 [AC_MSG_RESULT(no)]
1145 )
278588d8 1146 fi
1147 ]
1148)
1149
1150# Check whether user wants TCP wrappers support
98a7c37b 1151TCPW_MSG="no"
278588d8 1152AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1153 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1154 [
1155 if test "x$withval" != "xno" ; then
1156 saved_LIBS="$LIBS"
98a7c37b 1157 saved_LDFLAGS="$LDFLAGS"
1158 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1159 if test -n "${withval}" && \
6cf0200f 1160 test "x${withval}" != "xyes"; then
98a7c37b 1161 if test -d "${withval}/lib"; then
1162 if test -n "${need_dash_r}"; then
5a162955 1163 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1164 else
5a162955 1165 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1166 fi
1167 else
1168 if test -n "${need_dash_r}"; then
5a162955 1169 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1170 else
5a162955 1171 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1172 fi
1173 fi
1174 if test -d "${withval}/include"; then
5a162955 1175 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1176 else
5a162955 1177 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1178 fi
98a7c37b 1179 fi
e54defb4 1180 LIBS="-lwrap $LIBS"
278588d8 1181 AC_MSG_CHECKING(for libwrap)
1182 AC_TRY_LINK(
1183 [
77f09220 1184#include <sys/types.h>
1185#include <sys/socket.h>
1186#include <netinet/in.h>
278588d8 1187#include <tcpd.h>
1188 int deny_severity = 0, allow_severity = 0;
1189 ],
1190 [hosts_access(0);],
1191 [
1192 AC_MSG_RESULT(yes)
3466e002 1193 AC_DEFINE(LIBWRAP, 1,
1194 [Define if you want
1195 TCP Wrappers support])
e54defb4 1196 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1197 TCPW_MSG="yes"
278588d8 1198 ],
1199 [
1200 AC_MSG_ERROR([*** libwrap missing])
1201 ]
1202 )
ddceb1c8 1203 LIBS="$saved_LIBS"
278588d8 1204 fi
1205 ]
1206)
1207
59031773 1208# Check whether user wants libedit support
1209LIBEDIT_MSG="no"
1210AC_ARG_WITH(libedit,
6ff3d0dc 1211 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1212 [ if test "x$withval" != "xno" ; then
737edf04 1213 if test "x$withval" != "xyes"; then
bb116c8e 1214 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1215 if test -n "${need_dash_r}"; then
1216 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1217 else
1218 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1219 fi
737edf04 1220 fi
59031773 1221 AC_CHECK_LIB(edit, el_init,
3466e002 1222 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1223 LIBEDIT="-ledit -lcurses"
1224 LIBEDIT_MSG="yes"
1225 AC_SUBST(LIBEDIT)
1226 ],
737edf04 1227 [ AC_MSG_ERROR(libedit not found) ],
1228 [ -lcurses ]
59031773 1229 )
f47ddccb 1230 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1231 AC_COMPILE_IFELSE(
1232 [AC_LANG_SOURCE([[
1233#include <histedit.h>
f47ddccb 1234int main(void)
1235{
1236 int i = H_SETSIZE;
1237 el_init("", NULL, NULL, NULL);
1238 exit(0);
1239}
d92622f9 1240 ]])],
f47ddccb 1241 [ AC_MSG_RESULT(yes) ],
1242 [ AC_MSG_RESULT(no)
1243 AC_MSG_ERROR(libedit version is not compatible) ]
1244 )
59031773 1245 fi ]
1246)
1247
7b578f7d 1248AUDIT_MODULE=none
1249AC_ARG_WITH(audit,
1250 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1251 [
1252 AC_MSG_CHECKING(for supported audit module)
1253 case "$withval" in
1254 bsm)
1255 AC_MSG_RESULT(bsm)
1256 AUDIT_MODULE=bsm
1257 dnl Checks for headers, libs and functions
1258 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1259 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1260 [
1261#ifdef HAVE_TIME_H
1262# include <time.h>
1263#endif
1264 ]
1265)
7b578f7d 1266 AC_CHECK_LIB(bsm, getaudit, [],
1267 [AC_MSG_ERROR(BSM enabled and required library not found)])
1268 AC_CHECK_FUNCS(getaudit, [],
1269 [AC_MSG_ERROR(BSM enabled and required function not found)])
1270 # These are optional
a74e9b64 1271 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1272 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1273 ;;
1274 debug)
1275 AUDIT_MODULE=debug
1276 AC_MSG_RESULT(debug)
3466e002 1277 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1278 ;;
a2b3321d 1279 no)
d92622f9 1280 AC_MSG_RESULT(no)
a2b3321d 1281 ;;
7b578f7d 1282 *)
1283 AC_MSG_ERROR([Unknown audit module $withval])
1284 ;;
1285 esac ]
1286)
1287
19160674 1288dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1289AC_CHECK_FUNCS( \
1290 arc4random \
9a406e1e 1291 asprintf \
b04a9f8c 1292 b64_ntop \
1293 __b64_ntop \
1294 b64_pton \
1295 __b64_pton \
1296 bcopy \
1297 bindresvport_sa \
1298 clock \
1299 closefrom \
1300 dirfd \
b04a9f8c 1301 fchmod \
1302 fchown \
1303 freeaddrinfo \
1304 futimes \
1305 getaddrinfo \
1306 getcwd \
1307 getgrouplist \
1308 getnameinfo \
1309 getopt \
1310 getpeereid \
1961d660 1311 getpeerucred \
b04a9f8c 1312 _getpty \
1313 getrlimit \
1314 getttyent \
1315 glob \
1316 inet_aton \
1317 inet_ntoa \
1318 inet_ntop \
1319 innetgr \
1320 login_getcapbool \
1321 md5_crypt \
1322 memmove \
1323 mkdtemp \
1324 mmap \
1325 ngetaddrinfo \
1326 nsleep \
1327 ogetaddrinfo \
1328 openlog_r \
1329 openpty \
6d39a5c4 1330 poll \
b04a9f8c 1331 prctl \
1332 pstat \
1333 readpassphrase \
1334 realpath \
1335 recvmsg \
1336 rresvport_af \
1337 sendmsg \
1338 setdtablesize \
1339 setegid \
1340 setenv \
1341 seteuid \
1342 setgroups \
1343 setlogin \
1344 setpcred \
1345 setproctitle \
1346 setregid \
1347 setreuid \
1348 setrlimit \
1349 setsid \
1350 setvbuf \
1351 sigaction \
1352 sigvec \
1353 snprintf \
1354 socketpair \
1355 strdup \
1356 strerror \
1357 strlcat \
1358 strlcpy \
1359 strmode \
1360 strnvis \
1361 strtonum \
1e29a0c8 1362 strtoll \
b04a9f8c 1363 strtoul \
1aac2117 1364 swap32 \
b04a9f8c 1365 sysconf \
1366 tcgetpgrp \
1367 truncate \
1368 unsetenv \
1369 updwtmpx \
9a406e1e 1370 vasprintf \
b04a9f8c 1371 vhangup \
1372 vsnprintf \
1373 waitpid \
19160674 1374)
98a7c37b 1375
1a086f97 1376# IRIX has a const char return value for gai_strerror()
1377AC_CHECK_FUNCS(gai_strerror,[
1378 AC_DEFINE(HAVE_GAI_STRERROR)
1379 AC_TRY_COMPILE([
1380#include <sys/types.h>
1381#include <sys/socket.h>
1382#include <netdb.h>
1383
1384const char *gai_strerror(int);],[
1385char *str;
1386
1387str = gai_strerror(0);],[
1388 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1389 [Define if gai_strerror() returns const char *])])])
1390
3466e002 1391AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1392 [Some systems put nanosleep outside of libc]))
92b1decf 1393
309709db 1394dnl Make sure prototypes are defined for these before using them.
309709db 1395AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1396AC_CHECK_DECL(strsep,
1397 [AC_CHECK_FUNCS(strsep)],
1398 [],
1399 [
1400#ifdef HAVE_STRING_H
1401# include <string.h>
1402#endif
1403 ])
08412d26 1404
3490699c 1405dnl tcsendbreak might be a macro
1406AC_CHECK_DECL(tcsendbreak,
1407 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1408 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1409 [#include <termios.h>]
1410)
1411
41e0e158 1412AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1413
71f4c727 1414AC_CHECK_DECLS(SHUT_RD, , ,
1415 [
1416#include <sys/types.h>
1417#include <sys/socket.h>
1418 ])
956d6743 1419
1420AC_CHECK_DECLS(O_NONBLOCK, , ,
1421 [
1422#include <sys/types.h>
1423#ifdef HAVE_SYS_STAT_H
1424# include <sys/stat.h>
1425#endif
1426#ifdef HAVE_FCNTL_H
1427# include <fcntl.h>
1428#endif
1429 ])
1430
752994dd 1431AC_CHECK_DECLS(writev, , , [
1432#include <sys/types.h>
1433#include <sys/uio.h>
1434#include <unistd.h>
1435 ])
1436
0bf6279d 1437AC_CHECK_DECLS(MAXSYMLINKS, , , [
1438#include <sys/param.h>
1439 ])
1440
b41ece30 1441AC_CHECK_DECLS(offsetof, , , [
1442#include <stddef.h>
1443 ])
1444
3f176010 1445AC_CHECK_FUNCS(setresuid, [
1446 dnl Some platorms have setresuid that isn't implemented, test for this
1447 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1448 AC_RUN_IFELSE(
1449 [AC_LANG_SOURCE([[
9a3fe0e2 1450#include <stdlib.h>
1451#include <errno.h>
1452int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1453 ]])],
3f176010 1454 [AC_MSG_RESULT(yes)],
3466e002 1455 [AC_DEFINE(BROKEN_SETRESUID, 1,
1456 [Define if your setresuid() is broken])
1a01a50c 1457 AC_MSG_RESULT(not implemented)],
1458 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1459 )
1460])
9a3fe0e2 1461
3f176010 1462AC_CHECK_FUNCS(setresgid, [
1463 dnl Some platorms have setresgid that isn't implemented, test for this
1464 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1465 AC_RUN_IFELSE(
1466 [AC_LANG_SOURCE([[
9a3fe0e2 1467#include <stdlib.h>
1468#include <errno.h>
1469int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1470 ]])],
3f176010 1471 [AC_MSG_RESULT(yes)],
3466e002 1472 [AC_DEFINE(BROKEN_SETRESGID, 1,
1473 [Define if your setresgid() is broken])
1a01a50c 1474 AC_MSG_RESULT(not implemented)],
1475 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1476 )
1477])
9a3fe0e2 1478
2e73a022 1479dnl Checks for time functions
1d7b9b20 1480AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1481dnl Checks for utmp functions
b03bd394 1482AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1483AC_CHECK_FUNCS(utmpname)
2e73a022 1484dnl Checks for utmpx functions
b03bd394 1485AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1486AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1487
aff51935 1488AC_CHECK_FUNC(daemon,
3466e002 1489 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1490 [AC_CHECK_LIB(bsd, daemon,
1491 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1492)
1493
aff51935 1494AC_CHECK_FUNC(getpagesize,
3466e002 1495 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1496 [Define if your libraries define getpagesize()])],
1497 [AC_CHECK_LIB(ucb, getpagesize,
1498 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1499)
1500
2647ae26 1501# Check for broken snprintf
1502if test "x$ac_cv_func_snprintf" = "xyes" ; then
1503 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1504 AC_RUN_IFELSE(
479cece8 1505 [AC_LANG_SOURCE([[
2647ae26 1506#include <stdio.h>
aec4cb4f 1507int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1508 ]])],
aff51935 1509 [AC_MSG_RESULT(yes)],
2647ae26 1510 [
1511 AC_MSG_RESULT(no)
3466e002 1512 AC_DEFINE(BROKEN_SNPRINTF, 1,
1513 [Define if your snprintf is busted])
2647ae26 1514 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1515 ],
1516 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1517 )
1518fi
1519
9a406e1e 1520# If we don't have a working asprintf, then we strongly depend on vsnprintf
1521# returning the right thing on overflow: the number of characters it tried to
1522# create (as per SUSv3)
1523if test "x$ac_cv_func_asprintf" != "xyes" && \
1524 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1525 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1526 AC_RUN_IFELSE(
1527 [AC_LANG_SOURCE([[
1528#include <sys/types.h>
1529#include <stdio.h>
1530#include <stdarg.h>
1531
1532int x_snprintf(char *str,size_t count,const char *fmt,...)
1533{
1534 size_t ret; va_list ap;
1535 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1536 return ret;
1537}
1538int main(void)
1539{
1540 char x[1];
1541 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1542} ]])],
1543 [AC_MSG_RESULT(yes)],
1544 [
1545 AC_MSG_RESULT(no)
1546 AC_DEFINE(BROKEN_SNPRINTF, 1,
1547 [Define if your snprintf is busted])
1548 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1549 ],
1550 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1551 )
1552fi
1553
31b0732a 1554# On systems where [v]snprintf is broken, but is declared in stdio,
1555# check that the fmt argument is const char * or just char *.
1556# This is only useful for when BROKEN_SNPRINTF
1557AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1558AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1559 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1560 int main(void) { snprintf(0, 0, 0); }
1561 ]])],
1562 [AC_MSG_RESULT(yes)
1563 AC_DEFINE(SNPRINTF_CONST, [const],
1564 [Define as const if snprintf() can declare const char *fmt])],
1565 [AC_MSG_RESULT(no)
1566 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1567
2f6f9cff 1568# Check for missing getpeereid (or equiv) support
1569NO_PEERCHECK=""
1961d660 1570if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1571 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1572 AC_TRY_COMPILE(
1573 [#include <sys/types.h>
1574 #include <sys/socket.h>],
1575 [int i = SO_PEERCRED;],
62eb7db4 1576 [ AC_MSG_RESULT(yes)
3466e002 1577 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1578 ],
2f6f9cff 1579 [AC_MSG_RESULT(no)
1580 NO_PEERCHECK=1]
1581 )
1582fi
1583
70e7d0b0 1584dnl see whether mkstemp() requires XXXXXX
1585if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1586AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1587AC_RUN_IFELSE(
1588 [AC_LANG_SOURCE([[
70e7d0b0 1589#include <stdlib.h>
1590main() { char template[]="conftest.mkstemp-test";
1591if (mkstemp(template) == -1)
1592 exit(1);
1593unlink(template); exit(0);
1594}
b0e7249f 1595 ]])],
70e7d0b0 1596 [
1597 AC_MSG_RESULT(no)
1598 ],
aff51935 1599 [
70e7d0b0 1600 AC_MSG_RESULT(yes)
3466e002 1601 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1602 ],
1603 [
1604 AC_MSG_RESULT(yes)
1605 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1606 ]
70e7d0b0 1607)
1608fi
1609
eacb954e 1610dnl make sure that openpty does not reacquire controlling terminal
1611if test ! -z "$check_for_openpty_ctty_bug"; then
1612 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1613 AC_RUN_IFELSE(
1614 [AC_LANG_SOURCE([[
eacb954e 1615#include <stdio.h>
1616#include <sys/fcntl.h>
1617#include <sys/types.h>
1618#include <sys/wait.h>
1619
1620int
1621main()
1622{
1623 pid_t pid;
1624 int fd, ptyfd, ttyfd, status;
1625
1626 pid = fork();
1627 if (pid < 0) { /* failed */
1628 exit(1);
1629 } else if (pid > 0) { /* parent */
1630 waitpid(pid, &status, 0);
aff51935 1631 if (WIFEXITED(status))
eacb954e 1632 exit(WEXITSTATUS(status));
1633 else
1634 exit(2);
1635 } else { /* child */
1636 close(0); close(1); close(2);
1637 setsid();
1638 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1639 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1640 if (fd >= 0)
1641 exit(3); /* Acquired ctty: broken */
1642 else
1643 exit(0); /* Did not acquire ctty: OK */
1644 }
1645}
b0e7249f 1646 ]])],
eacb954e 1647 [
1648 AC_MSG_RESULT(yes)
1649 ],
1650 [
1651 AC_MSG_RESULT(no)
1652 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1653 ],
1654 [
1655 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1656 ]
1657 )
1658fi
1659
4b492aab 1660if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1661 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1662 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1663 AC_RUN_IFELSE(
1664 [AC_LANG_SOURCE([[
2fe51906 1665#include <stdio.h>
1666#include <sys/socket.h>
1667#include <netdb.h>
1668#include <errno.h>
1669#include <netinet/in.h>
1670
1671#define TEST_PORT "2222"
1672
1673int
1674main(void)
1675{
1676 int err, sock;
1677 struct addrinfo *gai_ai, *ai, hints;
1678 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1679
1680 memset(&hints, 0, sizeof(hints));
1681 hints.ai_family = PF_UNSPEC;
1682 hints.ai_socktype = SOCK_STREAM;
1683 hints.ai_flags = AI_PASSIVE;
1684
1685 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1686 if (err != 0) {
1687 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1688 exit(1);
1689 }
1690
1691 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1692 if (ai->ai_family != AF_INET6)
1693 continue;
1694
1695 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1696 sizeof(ntop), strport, sizeof(strport),
1697 NI_NUMERICHOST|NI_NUMERICSERV);
1698
1699 if (err != 0) {
1700 if (err == EAI_SYSTEM)
1701 perror("getnameinfo EAI_SYSTEM");
1702 else
1703 fprintf(stderr, "getnameinfo failed: %s\n",
1704 gai_strerror(err));
1705 exit(2);
1706 }
1707
1708 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1709 if (sock < 0)
1710 perror("socket");
1711 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1712 if (errno == EBADF)
1713 exit(3);
1714 }
1715 }
1716 exit(0);
1717}
b0e7249f 1718 ]])],
2fe51906 1719 [
1720 AC_MSG_RESULT(yes)
1721 ],
1722 [
1723 AC_MSG_RESULT(no)
1724 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1725 ],
1726 [
1727 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1728 ]
1729 )
1730fi
1731
4b492aab 1732if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1733 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1734 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1735 AC_RUN_IFELSE(
1736 [AC_LANG_SOURCE([[
5ccf88cb 1737#include <stdio.h>
1738#include <sys/socket.h>
1739#include <netdb.h>
1740#include <errno.h>
1741#include <netinet/in.h>
1742
1743#define TEST_PORT "2222"
1744
1745int
1746main(void)
1747{
1748 int err, sock;
1749 struct addrinfo *gai_ai, *ai, hints;
1750 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1751
1752 memset(&hints, 0, sizeof(hints));
1753 hints.ai_family = PF_UNSPEC;
1754 hints.ai_socktype = SOCK_STREAM;
1755 hints.ai_flags = AI_PASSIVE;
1756
1757 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1758 if (err != 0) {
1759 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1760 exit(1);
1761 }
1762
1763 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1764 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1765 continue;
1766
1767 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1768 sizeof(ntop), strport, sizeof(strport),
1769 NI_NUMERICHOST|NI_NUMERICSERV);
1770
1771 if (ai->ai_family == AF_INET && err != 0) {
1772 perror("getnameinfo");
1773 exit(2);
1774 }
1775 }
1776 exit(0);
1777}
b0e7249f 1778 ]])],
5ccf88cb 1779 [
1780 AC_MSG_RESULT(yes)
3466e002 1781 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1782 [Define if you have a getaddrinfo that fails
1783 for the all-zeros IPv6 address])
5ccf88cb 1784 ],
1785 [
1786 AC_MSG_RESULT(no)
1787 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1788 ],
ecd9ec09 1789 [
b0e7249f 1790 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1791 ]
1792 )
1793fi
1794
b29fd59f 1795if test "x$check_for_conflicting_getspnam" = "x1"; then
1796 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1797 AC_COMPILE_IFELSE(
1798 [
1799#include <shadow.h>
1800int main(void) {exit(0);}
1801 ],
1802 [
1803 AC_MSG_RESULT(no)
1804 ],
1805 [
1806 AC_MSG_RESULT(yes)
1807 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1808 [Conflicting defs for getspnam])
1809 ]
1810 )
1811fi
1812
7f8f5e00 1813AC_FUNC_GETPGRP
1814
5b991353 1815# Search for OpenSSL
1816saved_CPPFLAGS="$CPPFLAGS"
1817saved_LDFLAGS="$LDFLAGS"
a0391976 1818AC_ARG_WITH(ssl-dir,
1819 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1820 [
e9e4a1c7 1821 if test "x$withval" != "xno" ; then
99eb0f64 1822 case "$withval" in
1823 # Relative paths
1824 ./*|../*) withval="`pwd`/$withval"
1825 esac
5b991353 1826 if test -d "$withval/lib"; then
1827 if test -n "${need_dash_r}"; then
1828 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1829 else
1830 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1831 fi
1832 else
5b991353 1833 if test -n "${need_dash_r}"; then
1834 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1835 else
1836 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1837 fi
1838 fi
5b991353 1839 if test -d "$withval/include"; then
1840 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1841 else
5b991353 1842 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1843 fi
a0391976 1844 fi
5b991353 1845 ]
1846)
5486a457 1847LIBS="-lcrypto $LIBS"
3466e002 1848AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1849 [Define if your ssl headers are included
1850 with #include <openssl/header.h>]),
d45e3d76 1851 [
5b991353 1852 dnl Check default openssl install dir
1853 if test -n "${need_dash_r}"; then
1854 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1855 else
5b991353 1856 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1857 fi
5b991353 1858 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1859 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1860 [
1861 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1862 ]
1863 )
1864 ]
1865)
1866
cd018561 1867# Determine OpenSSL header version
1868AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1869AC_RUN_IFELSE(
479cece8 1870 [AC_LANG_SOURCE([[
cd018561 1871#include <stdio.h>
1872#include <string.h>
1873#include <openssl/opensslv.h>
1874#define DATA "conftest.sslincver"
1875int main(void) {
aff51935 1876 FILE *fd;
1877 int rc;
cd018561 1878
aff51935 1879 fd = fopen(DATA,"w");
1880 if(fd == NULL)
1881 exit(1);
cd018561 1882
1883 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1884 exit(1);
1885
1886 exit(0);
1887}
479cece8 1888 ]])],
cd018561 1889 [
1890 ssl_header_ver=`cat conftest.sslincver`
1891 AC_MSG_RESULT($ssl_header_ver)
1892 ],
1893 [
1894 AC_MSG_RESULT(not found)
1895 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1896 ],
1897 [
1898 AC_MSG_WARN([cross compiling: not checking])
cd018561 1899 ]
1900)
1901
1902# Determine OpenSSL library version
1903AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1904AC_RUN_IFELSE(
479cece8 1905 [AC_LANG_SOURCE([[
cd018561 1906#include <stdio.h>
1907#include <string.h>
1908#include <openssl/opensslv.h>
1909#include <openssl/crypto.h>
1910#define DATA "conftest.ssllibver"
1911int main(void) {
aff51935 1912 FILE *fd;
1913 int rc;
cd018561 1914
aff51935 1915 fd = fopen(DATA,"w");
1916 if(fd == NULL)
1917 exit(1);
cd018561 1918
1919 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1920 exit(1);
1921
1922 exit(0);
1923}
479cece8 1924 ]])],
cd018561 1925 [
1926 ssl_library_ver=`cat conftest.ssllibver`
1927 AC_MSG_RESULT($ssl_library_ver)
1928 ],
1929 [
1930 AC_MSG_RESULT(not found)
1931 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1932 ],
1933 [
1934 AC_MSG_WARN([cross compiling: not checking])
cd018561 1935 ]
1936)
58d100bf 1937
1d42bcce 1938AC_ARG_WITH(openssl-header-check,
1939 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1940 [ if test "x$withval" = "xno" ; then
1941 openssl_check_nonfatal=1
1942 fi
1943 ]
1944)
1945
9780116c 1946# Sanity check OpenSSL headers
1947AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1948AC_RUN_IFELSE(
479cece8 1949 [AC_LANG_SOURCE([[
9780116c 1950#include <string.h>
1951#include <openssl/opensslv.h>
aec4cb4f 1952int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1953 ]])],
9780116c 1954 [
1955 AC_MSG_RESULT(yes)
1956 ],
1957 [
1958 AC_MSG_RESULT(no)
1d42bcce 1959 if test "x$openssl_check_nonfatal" = "x"; then
1960 AC_MSG_ERROR([Your OpenSSL headers do not match your
1961library. Check config.log for details.
1962If you are sure your installation is consistent, you can disable the check
1963by running "./configure --without-openssl-header-check".
1964Also see contrib/findssl.sh for help identifying header/library mismatches.
1965])
1966 else
1967 AC_MSG_WARN([Your OpenSSL headers do not match your
1968library. Check config.log for details.
e15ba28b 1969Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1970 fi
1a01a50c 1971 ],
1972 [
1973 AC_MSG_WARN([cross compiling: not checking])
9780116c 1974 ]
1975)
1976
282d6408 1977AC_MSG_CHECKING([if programs using OpenSSL functions will link])
1978AC_LINK_IFELSE(
1979 [AC_LANG_SOURCE([[
1980#include <openssl/evp.h>
1981int main(void) { SSLeay_add_all_algorithms(); }
1982 ]])],
1983 [
1984 AC_MSG_RESULT(yes)
1985 ],
1986 [
1987 AC_MSG_RESULT(no)
1988 saved_LIBS="$LIBS"
1989 LIBS="$LIBS -ldl"
1990 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
1991 AC_LINK_IFELSE(
1992 [AC_LANG_SOURCE([[
1993#include <openssl/evp.h>
1994int main(void) { SSLeay_add_all_algorithms(); }
1995 ]])],
1996 [
1997 AC_MSG_RESULT(yes)
1998 ],
1999 [
2000 AC_MSG_RESULT(no)
2001 LIBS="$saved_LIBS"
2002 ]
2003 )
2004 ]
2005)
2006
c7ad0d99 2007AC_ARG_WITH(ssl-engine,
2008 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2009 [ if test "x$withval" != "xno" ; then
2010 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2011 AC_TRY_COMPILE(
2012 [ #include <openssl/engine.h>],
2013 [
24b2647b 2014ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2015 ],
2016 [ AC_MSG_RESULT(yes)
2017 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2018 [Enable OpenSSL engine support])
2019 ],
2020 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2021 )
2022 fi ]
2023)
2024
e5146707 2025# Check for OpenSSL without EVP_aes_{192,256}_cbc
2026AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2027AC_LINK_IFELSE(
e5146707 2028 [AC_LANG_SOURCE([[
2029#include <string.h>
2030#include <openssl/evp.h>
300ea548 2031int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2032 ]])],
2033 [
2034 AC_MSG_RESULT(no)
2035 ],
2036 [
2037 AC_MSG_RESULT(yes)
2038 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2039 [libcrypto is missing AES 192 and 256 bit functions])
2040 ]
2041)
2042
5486a457 2043# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2044# because the system crypt() is more featureful.
2045if test "x$check_for_libcrypt_before" = "x1"; then
2046 AC_CHECK_LIB(crypt, crypt)
2047fi
2048
aff51935 2049# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2050# version in OpenSSL.
05114c74 2051if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2052 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2053fi
2054
13ff27b7 2055# Search for SHA256 support in libc and/or OpenSSL
2056AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2057
a03acb8f 2058saved_LIBS="$LIBS"
2059AC_CHECK_LIB(iaf, ia_openinfo, [
2060 LIBS="$LIBS -liaf"
d837615a 2061 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2062 AC_DEFINE(HAVE_LIBIAF, 1,
2063 [Define if system has libiaf that supports set_id])
2064 ])
a03acb8f 2065])
2066LIBS="$saved_LIBS"
f1b0ecc3 2067
2068### Configure cryptographic random number support
2069
2070# Check wheter OpenSSL seeds itself
2071AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2072AC_RUN_IFELSE(
479cece8 2073 [AC_LANG_SOURCE([[
f1b0ecc3 2074#include <string.h>
2075#include <openssl/rand.h>
aec4cb4f 2076int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2077 ]])],
f1b0ecc3 2078 [
2079 OPENSSL_SEEDS_ITSELF=yes
2080 AC_MSG_RESULT(yes)
2081 ],
2082 [
2083 AC_MSG_RESULT(no)
2084 # Default to use of the rand helper if OpenSSL doesn't
2085 # seed itself
2086 USE_RAND_HELPER=yes
1a01a50c 2087 ],
2088 [
2089 AC_MSG_WARN([cross compiling: assuming yes])
2090 # This is safe, since all recent OpenSSL versions will
82f4e93d 2091 # complain at runtime if not seeded correctly.
1a01a50c 2092 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2093 ]
2094)
2095
a086f73b 2096# Check for PAM libs
2097PAM_MSG="no"
2098AC_ARG_WITH(pam,
2099 [ --with-pam Enable PAM support ],
2100 [
2101 if test "x$withval" != "xno" ; then
2102 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2103 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2104 AC_MSG_ERROR([PAM headers not found])
2105 fi
2106
2107 saved_LIBS="$LIBS"
2108 AC_CHECK_LIB(dl, dlopen, , )
2109 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2110 AC_CHECK_FUNCS(pam_getenvlist)
2111 AC_CHECK_FUNCS(pam_putenv)
2112 LIBS="$saved_LIBS"
2113
2114 PAM_MSG="yes"
2115
e54defb4 2116 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2117 AC_DEFINE(USE_PAM, 1,
2118 [Define if you want to enable PAM support])
282d6408 2119
a086f73b 2120 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2121 case "$LIBS" in
2122 *-ldl*)
2123 # libdl already in LIBS
2124 ;;
2125 *)
e54defb4 2126 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2127 ;;
2128 esac
a086f73b 2129 fi
a086f73b 2130 fi
2131 ]
2132)
2133
2134# Check for older PAM
2135if test "x$PAM_MSG" = "xyes" ; then
2136 # Check PAM strerror arguments (old PAM)
2137 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2138 AC_TRY_COMPILE(
2139 [
2140#include <stdlib.h>
2141#if defined(HAVE_SECURITY_PAM_APPL_H)
2142#include <security/pam_appl.h>
2143#elif defined (HAVE_PAM_PAM_APPL_H)
2144#include <pam/pam_appl.h>
2145#endif
2146 ],
2147 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2148 [AC_MSG_RESULT(no)],
2149 [
2150 AC_DEFINE(HAVE_OLD_PAM, 1,
2151 [Define if you have an old version of PAM
2152 which takes only one argument to pam_strerror])
2153 AC_MSG_RESULT(yes)
2154 PAM_MSG="yes (old library)"
2155 ]
2156 )
2157fi
f1b0ecc3 2158
2159# Do we want to force the use of the rand helper?
2160AC_ARG_WITH(rand-helper,
2161 [ --with-rand-helper Use subprocess to gather strong randomness ],
2162 [
2163 if test "x$withval" = "xno" ; then
aff51935 2164 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2165 # the previous test showed it to be unseeded.
2166 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2167 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2168 OPENSSL_SEEDS_ITSELF=yes
2169 USE_RAND_HELPER=""
2170 fi
2171 else
2172 USE_RAND_HELPER=yes
2173 fi
2174 ],
82f4e93d 2175)
f1b0ecc3 2176
2177# Which randomness source do we use?
4b492aab 2178if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2179 # OpenSSL only
3466e002 2180 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2181 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2182 RAND_MSG="OpenSSL internal ONLY"
2183 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2184elif test ! -z "$USE_RAND_HELPER" ; then
2185 # install rand helper
f1b0ecc3 2186 RAND_MSG="ssh-rand-helper"
2187 INSTALL_SSH_RAND_HELPER="yes"
2188fi
2189AC_SUBST(INSTALL_SSH_RAND_HELPER)
2190
2191### Configuration of ssh-rand-helper
2192
2193# PRNGD TCP socket
2194AC_ARG_WITH(prngd-port,
2195 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2196 [
eb5d7ff6 2197 case "$withval" in
2198 no)
2199 withval=""
2200 ;;
2201 [[0-9]]*)
2202 ;;
2203 *)
2204 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2205 ;;
2206 esac
2207 if test ! -z "$withval" ; then
f1b0ecc3 2208 PRNGD_PORT="$withval"
3466e002 2209 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2210 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2211 fi
2212 ]
2213)
2214
2215# PRNGD Unix domain socket
2216AC_ARG_WITH(prngd-socket,
2217 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2218 [
eb5d7ff6 2219 case "$withval" in
2220 yes)
f1b0ecc3 2221 withval="/var/run/egd-pool"
eb5d7ff6 2222 ;;
2223 no)
2224 withval=""
2225 ;;
2226 /*)
2227 ;;
2228 *)
2229 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2230 ;;
2231 esac
2232
2233 if test ! -z "$withval" ; then
f1b0ecc3 2234 if test ! -z "$PRNGD_PORT" ; then
2235 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2236 fi
906e811b 2237 if test ! -r "$withval" ; then
f1b0ecc3 2238 AC_MSG_WARN(Entropy socket is not readable)
2239 fi
2240 PRNGD_SOCKET="$withval"
3466e002 2241 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2242 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2243 fi
ddceb1c8 2244 ],
2245 [
2246 # Check for existing socket only if we don't have a random device already
2247 if test "$USE_RAND_HELPER" = yes ; then
2248 AC_MSG_CHECKING(for PRNGD/EGD socket)
2249 # Insert other locations here
2250 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2251 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2252 PRNGD_SOCKET="$sock"
2253 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2254 break;
2255 fi
2256 done
2257 if test ! -z "$PRNGD_SOCKET" ; then
2258 AC_MSG_RESULT($PRNGD_SOCKET)
2259 else
2260 AC_MSG_RESULT(not found)
2261 fi
2262 fi
f1b0ecc3 2263 ]
2264)
2265
2266# Change default command timeout for hashing entropy source
2267entropy_timeout=200
2268AC_ARG_WITH(entropy-timeout,
2269 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2270 [
6cf0200f 2271 if test -n "$withval" && test "x$withval" != "xno" && \
2272 test "x${withval}" != "xyes"; then
f1b0ecc3 2273 entropy_timeout=$withval
2274 fi
82f4e93d 2275 ]
f1b0ecc3 2276)
3466e002 2277AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2278 [Builtin PRNG command timeout])
f1b0ecc3 2279
fd3cbf67 2280SSH_PRIVSEP_USER=sshd
9a0fbcb3 2281AC_ARG_WITH(privsep-user,
5222e7ef 2282 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2283 [
6cf0200f 2284 if test -n "$withval" && test "x$withval" != "xno" && \
2285 test "x${withval}" != "xyes"; then
fd3cbf67 2286 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2287 fi
82f4e93d 2288 ]
9a0fbcb3 2289)
3466e002 2290AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2291 [non-privileged user for privilege separation])
fd3cbf67 2292AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2293
81dadca3 2294# We do this little dance with the search path to insure
2295# that programs that we select for use by installed programs
2296# (which may be run by the super-user) come from trusted
2297# locations before they come from the user's private area.
2298# This should help avoid accidentally configuring some
2299# random version of a program in someone's personal bin.
2300
2301OPATH=$PATH
2302PATH=/bin:/usr/bin
f95c8ce8 2303test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2304test -d /sbin && PATH=$PATH:/sbin
2305test -d /usr/sbin && PATH=$PATH:/usr/sbin
2306PATH=$PATH:/etc:$OPATH
2307
aff51935 2308# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2309OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2310OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2311OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2312OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2313OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2314OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2315OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2316OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2317OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2318OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2319OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2320OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2321OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2322OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2323OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2324OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2325# restore PATH
2326PATH=$OPATH
f1b0ecc3 2327
2328# Where does ssh-rand-helper get its randomness from?
2329INSTALL_SSH_PRNG_CMDS=""
2330if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2331 if test ! -z "$PRNGD_PORT" ; then
2332 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2333 elif test ! -z "$PRNGD_SOCKET" ; then
2334 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2335 else
2336 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2337 RAND_HELPER_CMDHASH=yes
2338 INSTALL_SSH_PRNG_CMDS="yes"
2339 fi
2340fi
2341AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2342
2343
66d6c27e 2344# Cheap hack to ensure NEWS-OS libraries are arranged right.
2345if test ! -z "$SONY" ; then
2346 LIBS="$LIBS -liberty";
2347fi
2348
9a406e1e 2349# Check for long long datatypes
2350AC_CHECK_TYPES([long long, unsigned long long, long double])
2351
2352# Check datatype sizes
976f7e19 2353AC_CHECK_SIZEOF(char, 1)
2b942fe0 2354AC_CHECK_SIZEOF(short int, 2)
2355AC_CHECK_SIZEOF(int, 4)
2356AC_CHECK_SIZEOF(long int, 4)
2357AC_CHECK_SIZEOF(long long int, 8)
2358
52f1ccb2 2359# Sanity check long long for some platforms (AIX)
2360if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2361 ac_cv_sizeof_long_long_int=0
2362fi
2363
90f15776 2364# compute LLONG_MIN and LLONG_MAX if we don't know them.
2365if test -z "$have_llong_max"; then
2366 AC_MSG_CHECKING([for max value of long long])
2367 AC_RUN_IFELSE(
2368 [AC_LANG_SOURCE([[
2369#include <stdio.h>
2370/* Why is this so damn hard? */
2371#ifdef __GNUC__
2372# undef __GNUC__
2373#endif
2374#define __USE_ISOC99
2375#include <limits.h>
2376#define DATA "conftest.llminmax"
055252ed 2377#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2378
2379/*
2380 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2381 * we do this the hard way.
2382 */
2383static int
2384fprint_ll(FILE *f, long long n)
2385{
2386 unsigned int i;
2387 int l[sizeof(long long) * 8];
2388
2389 if (n < 0)
2390 if (fprintf(f, "-") < 0)
2391 return -1;
2392 for (i = 0; n != 0; i++) {
2393 l[i] = my_abs(n % 10);
2394 n /= 10;
2395 }
2396 do {
2397 if (fprintf(f, "%d", l[--i]) < 0)
2398 return -1;
2399 } while (i != 0);
2400 if (fprintf(f, " ") < 0)
2401 return -1;
2402 return 0;
2403}
2404
90f15776 2405int main(void) {
2406 FILE *f;
2407 long long i, llmin, llmax = 0;
2408
2409 if((f = fopen(DATA,"w")) == NULL)
2410 exit(1);
2411
2412#if defined(LLONG_MIN) && defined(LLONG_MAX)
2413 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2414 llmin = LLONG_MIN;
2415 llmax = LLONG_MAX;
2416#else
2417 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2418 /* This will work on one's complement and two's complement */
2419 for (i = 1; i > llmax; i <<= 1, i++)
2420 llmax = i;
2421 llmin = llmax + 1LL; /* wrap */
2422#endif
2423
2424 /* Sanity check */
2425 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2426 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2427 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2428 fprintf(f, "unknown unknown\n");
2429 exit(2);
2430 }
2431
055252ed 2432 if (fprint_ll(f, llmin) < 0)
90f15776 2433 exit(3);
055252ed 2434 if (fprint_ll(f, llmax) < 0)
2435 exit(4);
2436 if (fclose(f) < 0)
2437 exit(5);
90f15776 2438 exit(0);
2439}
2440 ]])],
2441 [
2442 llong_min=`$AWK '{print $1}' conftest.llminmax`
2443 llong_max=`$AWK '{print $2}' conftest.llminmax`
2444
90f15776 2445 AC_MSG_RESULT($llong_max)
2446 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2447 [max value of long long calculated by configure])
2448 AC_MSG_CHECKING([for min value of long long])
2449 AC_MSG_RESULT($llong_min)
2450 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2451 [min value of long long calculated by configure])
2452 ],
2453 [
2454 AC_MSG_RESULT(not found)
2455 ],
2456 [
2457 AC_MSG_WARN([cross compiling: not checking])
2458 ]
2459 )
2460fi
2461
2462
a0391976 2463# More checks for data types
14a9a859 2464AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2465 AC_TRY_COMPILE(
aff51935 2466 [ #include <sys/types.h> ],
2467 [ u_int a; a = 1;],
14a9a859 2468 [ ac_cv_have_u_int="yes" ],
2469 [ ac_cv_have_u_int="no" ]
2470 )
2471])
2472if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2473 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2474 have_u_int=1
2475fi
2476
58d100bf 2477AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2478 AC_TRY_COMPILE(
aff51935 2479 [ #include <sys/types.h> ],
2480 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2481 [ ac_cv_have_intxx_t="yes" ],
2482 [ ac_cv_have_intxx_t="no" ]
2483 )
2484])
2485if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2486 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2487 have_intxx_t=1
2488fi
41cb4569 2489
2490if (test -z "$have_intxx_t" && \
aff51935 2491 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2492then
2493 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2494 AC_TRY_COMPILE(
aff51935 2495 [ #include <stdint.h> ],
2496 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2497 [
2498 AC_DEFINE(HAVE_INTXX_T)
2499 AC_MSG_RESULT(yes)
2500 ],
2501 [ AC_MSG_RESULT(no) ]
2502 )
2503fi
2504
bd590612 2505AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2506 AC_TRY_COMPILE(
1cbbe6c8 2507 [
2508#include <sys/types.h>
2509#ifdef HAVE_STDINT_H
2510# include <stdint.h>
2511#endif
2512#include <sys/socket.h>
2513#ifdef HAVE_SYS_BITYPES_H
2514# include <sys/bitypes.h>
2515#endif
aff51935 2516 ],
2517 [ int64_t a; a = 1;],
bd590612 2518 [ ac_cv_have_int64_t="yes" ],
2519 [ ac_cv_have_int64_t="no" ]
2520 )
2521])
2522if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2523 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2524fi
2525
58d100bf 2526AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2527 AC_TRY_COMPILE(
aff51935 2528 [ #include <sys/types.h> ],
2529 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2530 [ ac_cv_have_u_intxx_t="yes" ],
2531 [ ac_cv_have_u_intxx_t="no" ]
2532 )
2533])
2534if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2535 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2536 have_u_intxx_t=1
2537fi
2b942fe0 2538
41cb4569 2539if test -z "$have_u_intxx_t" ; then
2540 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2541 AC_TRY_COMPILE(
aff51935 2542 [ #include <sys/socket.h> ],
2543 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2544 [
2545 AC_DEFINE(HAVE_U_INTXX_T)
2546 AC_MSG_RESULT(yes)
2547 ],
2548 [ AC_MSG_RESULT(no) ]
2549 )
2550fi
2551
bd590612 2552AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2553 AC_TRY_COMPILE(
aff51935 2554 [ #include <sys/types.h> ],
2555 [ u_int64_t a; a = 1;],
bd590612 2556 [ ac_cv_have_u_int64_t="yes" ],
2557 [ ac_cv_have_u_int64_t="no" ]
2558 )
2559])
2560if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2561 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2562 have_u_int64_t=1
2563fi
2564
ddceb1c8 2565if test -z "$have_u_int64_t" ; then
2566 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2567 AC_TRY_COMPILE(
aff51935 2568 [ #include <sys/bitypes.h> ],
ddceb1c8 2569 [ u_int64_t a; a = 1],
2570 [
2571 AC_DEFINE(HAVE_U_INT64_T)
2572 AC_MSG_RESULT(yes)
2573 ],
2574 [ AC_MSG_RESULT(no) ]
2575 )
2576fi
2577
41cb4569 2578if test -z "$have_u_intxx_t" ; then
2579 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2580 AC_TRY_COMPILE(
2581 [
2582#include <sys/types.h>
aff51935 2583 ],
2584 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2585 [ ac_cv_have_uintxx_t="yes" ],
2586 [ ac_cv_have_uintxx_t="no" ]
2587 )
2588 ])
2589 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2590 AC_DEFINE(HAVE_UINTXX_T, 1,
2591 [define if you have uintxx_t data type])
41cb4569 2592 fi
2593fi
2594
2595if test -z "$have_uintxx_t" ; then
2596 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2597 AC_TRY_COMPILE(
aff51935 2598 [ #include <stdint.h> ],
2599 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2600 [
2601 AC_DEFINE(HAVE_UINTXX_T)
2602 AC_MSG_RESULT(yes)
2603 ],
2604 [ AC_MSG_RESULT(no) ]
2605 )
2606fi
2607
e5fe9a1f 2608if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2609 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2610then
2611 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2612 AC_TRY_COMPILE(
58d100bf 2613 [
2614#include <sys/bitypes.h>
aff51935 2615 ],
5cdfe03f 2616 [
837c30b8 2617 int8_t a; int16_t b; int32_t c;
2618 u_int8_t e; u_int16_t f; u_int32_t g;
2619 a = b = c = e = f = g = 1;
aff51935 2620 ],
5cdfe03f 2621 [
2622 AC_DEFINE(HAVE_U_INTXX_T)
2623 AC_DEFINE(HAVE_INTXX_T)
2624 AC_MSG_RESULT(yes)
2625 ],
2626 [AC_MSG_RESULT(no)]
aff51935 2627 )
5cdfe03f 2628fi
2629
0362750e 2630
2631AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2632 AC_TRY_COMPILE(
2633 [
2634#include <sys/types.h>
2635 ],
2636 [ u_char foo; foo = 125; ],
2637 [ ac_cv_have_u_char="yes" ],
2638 [ ac_cv_have_u_char="no" ]
2639 )
2640])
2641if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2642 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2643fi
2644
98a7c37b 2645TYPE_SOCKLEN_T
2b942fe0 2646
2d16d9a3 2647AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
ddceb1c8 2648
777ece68 2649AC_CHECK_TYPES(in_addr_t,,,
2650[#include <sys/types.h>
2651#include <netinet/in.h>])
7b578f7d 2652
58d100bf 2653AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2654 AC_TRY_COMPILE(
2655 [
18ba2aab 2656#include <sys/types.h>
58d100bf 2657 ],
2658 [ size_t foo; foo = 1235; ],
2659 [ ac_cv_have_size_t="yes" ],
2660 [ ac_cv_have_size_t="no" ]
2661 )
2662])
2663if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2664 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2665fi
ea1970a3 2666
c04f75f1 2667AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2668 AC_TRY_COMPILE(
2669 [
2670#include <sys/types.h>
2671 ],
2672 [ ssize_t foo; foo = 1235; ],
2673 [ ac_cv_have_ssize_t="yes" ],
2674 [ ac_cv_have_ssize_t="no" ]
2675 )
2676])
2677if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2678 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2679fi
2680
f1c4659d 2681AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2682 AC_TRY_COMPILE(
2683 [
2684#include <time.h>
2685 ],
2686 [ clock_t foo; foo = 1235; ],
2687 [ ac_cv_have_clock_t="yes" ],
2688 [ ac_cv_have_clock_t="no" ]
2689 )
2690])
2691if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2692 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2693fi
2694
1c04b088 2695AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2696 AC_TRY_COMPILE(
2697 [
2698#include <sys/types.h>
2699#include <sys/socket.h>
2700 ],
2701 [ sa_family_t foo; foo = 1235; ],
2702 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2703 [ AC_TRY_COMPILE(
2704 [
2705#include <sys/types.h>
2706#include <sys/socket.h>
2707#include <netinet/in.h>
2708 ],
2709 [ sa_family_t foo; foo = 1235; ],
2710 [ ac_cv_have_sa_family_t="yes" ],
2711
1c04b088 2712 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2713 )]
1c04b088 2714 )
2715])
2716if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2717 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2718 [define if you have sa_family_t data type])
1c04b088 2719fi
2720
729bfe59 2721AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2722 AC_TRY_COMPILE(
2723 [
2724#include <sys/types.h>
2725 ],
2726 [ pid_t foo; foo = 1235; ],
2727 [ ac_cv_have_pid_t="yes" ],
2728 [ ac_cv_have_pid_t="no" ]
2729 )
2730])
2731if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2732 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2733fi
2734
2735AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2736 AC_TRY_COMPILE(
2737 [
2738#include <sys/types.h>
2739 ],
2740 [ mode_t foo; foo = 1235; ],
2741 [ ac_cv_have_mode_t="yes" ],
2742 [ ac_cv_have_mode_t="no" ]
2743 )
2744])
2745if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2746 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2747fi
2748
e3a93db0 2749
58d100bf 2750AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2751 AC_TRY_COMPILE(
2752 [
18ba2aab 2753#include <sys/types.h>
2754#include <sys/socket.h>
58d100bf 2755 ],
2756 [ struct sockaddr_storage s; ],
2757 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2758 [ ac_cv_have_struct_sockaddr_storage="no" ]
2759 )
2760])
2761if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2762 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2763 [define if you have struct sockaddr_storage data type])
58d100bf 2764fi
48e671d5 2765
58d100bf 2766AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2767 AC_TRY_COMPILE(
2768 [
cbd7492e 2769#include <sys/types.h>
58d100bf 2770#include <netinet/in.h>
2771 ],
2772 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2773 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2774 [ ac_cv_have_struct_sockaddr_in6="no" ]
2775 )
2776])
2777if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2778 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2779 [define if you have struct sockaddr_in6 data type])
58d100bf 2780fi
48e671d5 2781
58d100bf 2782AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2783 AC_TRY_COMPILE(
2784 [
cbd7492e 2785#include <sys/types.h>
58d100bf 2786#include <netinet/in.h>
2787 ],
2788 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2789 [ ac_cv_have_struct_in6_addr="yes" ],
2790 [ ac_cv_have_struct_in6_addr="no" ]
2791 )
2792])
2793if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2794 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2795 [define if you have struct in6_addr data type])
58d100bf 2796fi
48e671d5 2797
58d100bf 2798AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2799 AC_TRY_COMPILE(
2800 [
18ba2aab 2801#include <sys/types.h>
2802#include <sys/socket.h>
2803#include <netdb.h>
58d100bf 2804 ],
2805 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2806 [ ac_cv_have_struct_addrinfo="yes" ],
2807 [ ac_cv_have_struct_addrinfo="no" ]
2808 )
2809])
2810if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2811 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2812 [define if you have struct addrinfo data type])
58d100bf 2813fi
2814
89c7e31c 2815AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2816 AC_TRY_COMPILE(
aff51935 2817 [ #include <sys/time.h> ],
2818 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2819 [ ac_cv_have_struct_timeval="yes" ],
2820 [ ac_cv_have_struct_timeval="no" ]
2821 )
2822])
2823if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2824 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2825 have_struct_timeval=1
2826fi
2827
5271b55c 2828AC_CHECK_TYPES(struct timespec)
2829
85abc74b 2830# We need int64_t or else certian parts of the compile will fail.
4b492aab 2831if test "x$ac_cv_have_int64_t" = "xno" && \
2832 test "x$ac_cv_sizeof_long_int" != "x8" && \
2833 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2834 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2835 echo "an alternative compiler (I.E., GCC) before continuing."
2836 echo ""
2837 exit 1;
733cf7f4 2838else
2839dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2840 AC_RUN_IFELSE(
479cece8 2841 [AC_LANG_SOURCE([[
733cf7f4 2842#include <stdio.h>
2843#include <string.h>
2844#ifdef HAVE_SNPRINTF
2845main()
2846{
2847 char buf[50];
2848 char expected_out[50];
2849 int mazsize = 50 ;
2850#if (SIZEOF_LONG_INT == 8)
2851 long int num = 0x7fffffffffffffff;
2852#else
763a1a18 2853 long long num = 0x7fffffffffffffffll;
733cf7f4 2854#endif
2855 strcpy(expected_out, "9223372036854775807");
2856 snprintf(buf, mazsize, "%lld", num);
2857 if(strcmp(buf, expected_out) != 0)
aff51935 2858 exit(1);
733cf7f4 2859 exit(0);
2860}
2861#else
2862main() { exit(0); }
2863#endif
479cece8 2864 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2865 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2866 )
2c523de9 2867fi
2868
77bb0bca 2869dnl Checks for structure members
58d100bf 2870OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2871OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2872OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2873OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2874OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2875OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2876OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2877OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2878OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2879OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2880OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2881OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2882OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2883OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2884OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2885OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2886OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2887
2888AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2889AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2890 [Define if we don't have struct __res_state in resolv.h])],
2891[
2892#include <stdio.h>
2893#if HAVE_SYS_TYPES_H
2894# include <sys/types.h>
2895#endif
2896#include <netinet/in.h>
2897#include <arpa/nameser.h>
2898#include <resolv.h>
2899])
1d7b9b20 2900
58d100bf 2901AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2902 ac_cv_have_ss_family_in_struct_ss, [
2903 AC_TRY_COMPILE(
2904 [
18ba2aab 2905#include <sys/types.h>
2906#include <sys/socket.h>
58d100bf 2907 ],
2908 [ struct sockaddr_storage s; s.ss_family = 1; ],
2909 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2910 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2911 )
2912])
2913if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2914 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2915fi
2916
58d100bf 2917AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2918 ac_cv_have___ss_family_in_struct_ss, [
2919 AC_TRY_COMPILE(
2920 [
18ba2aab 2921#include <sys/types.h>
2922#include <sys/socket.h>
58d100bf 2923 ],
2924 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2925 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2926 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2927 )
2928])
2929if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2930 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2931 [Fields in struct sockaddr_storage])
58d100bf 2932fi
2933
2e73a022 2934AC_CACHE_CHECK([for pw_class field in struct passwd],
2935 ac_cv_have_pw_class_in_struct_passwd, [
2936 AC_TRY_COMPILE(
2937 [
2e73a022 2938#include <pwd.h>
2939 ],
97994d32 2940 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2941 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2942 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2943 )
2944])
2945if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2946 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2947 [Define if your password has a pw_class field])
2e73a022 2948fi
2949
7751d4eb 2950AC_CACHE_CHECK([for pw_expire field in struct passwd],
2951 ac_cv_have_pw_expire_in_struct_passwd, [
2952 AC_TRY_COMPILE(
2953 [
2954#include <pwd.h>
2955 ],
2956 [ struct passwd p; p.pw_expire = 0; ],
2957 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
2958 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
2959 )
2960])
2961if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 2962 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
2963 [Define if your password has a pw_expire field])
7751d4eb 2964fi
2965
2966AC_CACHE_CHECK([for pw_change field in struct passwd],
2967 ac_cv_have_pw_change_in_struct_passwd, [
2968 AC_TRY_COMPILE(
2969 [
2970#include <pwd.h>
2971 ],
2972 [ struct passwd p; p.pw_change = 0; ],
2973 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
2974 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
2975 )
2976])
2977if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 2978 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
2979 [Define if your password has a pw_change field])
7751d4eb 2980fi
58d100bf 2981
637f9177 2982dnl make sure we're using the real structure members and not defines
6f34652e 2983AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
2984 ac_cv_have_accrights_in_msghdr, [
1a01a50c 2985 AC_COMPILE_IFELSE(
6f34652e 2986 [
f95c8ce8 2987#include <sys/types.h>
6f34652e 2988#include <sys/socket.h>
2989#include <sys/uio.h>
637f9177 2990int main() {
2991#ifdef msg_accrights
1a01a50c 2992#error "msg_accrights is a macro"
637f9177 2993exit(1);
2994#endif
2995struct msghdr m;
2996m.msg_accrights = 0;
2997exit(0);
2998}
6f34652e 2999 ],
6f34652e 3000 [ ac_cv_have_accrights_in_msghdr="yes" ],
3001 [ ac_cv_have_accrights_in_msghdr="no" ]
3002 )
3003])
3004if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3005 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3006 [Define if your system uses access rights style
3007 file descriptor passing])
6f34652e 3008fi
3009
7176df4f 3010AC_CACHE_CHECK([for msg_control field in struct msghdr],
3011 ac_cv_have_control_in_msghdr, [
1a01a50c 3012 AC_COMPILE_IFELSE(
7176df4f 3013 [
f95c8ce8 3014#include <sys/types.h>
7176df4f 3015#include <sys/socket.h>
3016#include <sys/uio.h>
637f9177 3017int main() {
3018#ifdef msg_control
1a01a50c 3019#error "msg_control is a macro"
637f9177 3020exit(1);
3021#endif
3022struct msghdr m;
3023m.msg_control = 0;
3024exit(0);
3025}
7176df4f 3026 ],
7176df4f 3027 [ ac_cv_have_control_in_msghdr="yes" ],
3028 [ ac_cv_have_control_in_msghdr="no" ]
3029 )
3030])
3031if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3032 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3033 [Define if your system uses ancillary data style
3034 file descriptor passing])
7176df4f 3035fi
3036
58d100bf 3037AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3038 AC_TRY_LINK([],
3039 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3040 [ ac_cv_libc_defines___progname="yes" ],
3041 [ ac_cv_libc_defines___progname="no" ]
3042 )
3043])
3044if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3045 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3046fi
8946db53 3047
c921ee00 3048AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3049 AC_TRY_LINK([
3050#include <stdio.h>
aff51935 3051],
3052 [ printf("%s", __FUNCTION__); ],
c921ee00 3053 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3054 [ ac_cv_cc_implements___FUNCTION__="no" ]
3055 )
3056])
3057if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3058 AC_DEFINE(HAVE___FUNCTION__, 1,
3059 [Define if compiler implements __FUNCTION__])
c921ee00 3060fi
3061
3062AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3063 AC_TRY_LINK([
3064#include <stdio.h>
aff51935 3065],
3066 [ printf("%s", __func__); ],
c921ee00 3067 [ ac_cv_cc_implements___func__="yes" ],
3068 [ ac_cv_cc_implements___func__="no" ]
3069 )
3070])
3071if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3072 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3073fi
3074
9a406e1e 3075AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3076 AC_TRY_LINK(
3077 [#include <stdarg.h>
3078 va_list x,y;],
3079 [va_copy(x,y);],
3080 [ ac_cv_have_va_copy="yes" ],
3081 [ ac_cv_have_va_copy="no" ]
3082 )
3083])
3084if test "x$ac_cv_have_va_copy" = "xyes" ; then
3085 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3086fi
3087
3088AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3089 AC_TRY_LINK(
3090 [#include <stdarg.h>
3091 va_list x,y;],
3092 [__va_copy(x,y);],
3093 [ ac_cv_have___va_copy="yes" ],
3094 [ ac_cv_have___va_copy="no" ]
3095 )
3096])
3097if test "x$ac_cv_have___va_copy" = "xyes" ; then
3098 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3099fi
3100
1812a662 3101AC_CACHE_CHECK([whether getopt has optreset support],
3102 ac_cv_have_getopt_optreset, [
3103 AC_TRY_LINK(
3104 [
3105#include <getopt.h>
3106 ],
3107 [ extern int optreset; optreset = 0; ],
3108 [ ac_cv_have_getopt_optreset="yes" ],
3109 [ ac_cv_have_getopt_optreset="no" ]
3110 )
3111])
3112if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3113 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3114 [Define if your getopt(3) defines and uses optreset])
1812a662 3115fi
a0391976 3116
819b676f 3117AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3118 AC_TRY_LINK([],
3119 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3120 [ ac_cv_libc_defines_sys_errlist="yes" ],
3121 [ ac_cv_libc_defines_sys_errlist="no" ]
3122 )
3123])
3124if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3125 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3126 [Define if your system defines sys_errlist[]])
819b676f 3127fi
3128
3129
416ed5a7 3130AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3131 AC_TRY_LINK([],
3132 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3133 [ ac_cv_libc_defines_sys_nerr="yes" ],
3134 [ ac_cv_libc_defines_sys_nerr="no" ]
3135 )
3136])
3137if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3138 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3139fi
3140
aff51935 3141SCARD_MSG="no"
295c8801 3142# Check whether user wants sectok support
3143AC_ARG_WITH(sectok,
3144 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3145 [
3146 if test "x$withval" != "xno" ; then
3147 if test "x$withval" != "xyes" ; then
3148 CPPFLAGS="$CPPFLAGS -I${withval}"
3149 LDFLAGS="$LDFLAGS -L${withval}"
3150 if test ! -z "$need_dash_r" ; then
3151 LDFLAGS="$LDFLAGS -R${withval}"
3152 fi
3153 if test ! -z "$blibpath" ; then
3154 blibpath="$blibpath:${withval}"
3155 fi
3156 fi
3157 AC_CHECK_HEADERS(sectok.h)
3158 if test "$ac_cv_header_sectok_h" != yes; then
3159 AC_MSG_ERROR(Can't find sectok.h)
3160 fi
3161 AC_CHECK_LIB(sectok, sectok_open)
3162 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3163 AC_MSG_ERROR(Can't find libsectok)
3164 fi
3466e002 3165 AC_DEFINE(SMARTCARD, 1,
3166 [Define if you want smartcard support])
3167 AC_DEFINE(USE_SECTOK, 1,
3168 [Define if you want smartcard support
3169 using sectok])
aff51935 3170 SCARD_MSG="yes, using sectok"
295c8801 3171 fi
3172 ]
3173)
3174
3175# Check whether user wants OpenSC support
987b458f 3176OPENSC_CONFIG="no"
295c8801 3177AC_ARG_WITH(opensc,
e47fb473 3178 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3179 [
3180 if test "x$withval" != "xno" ; then
3181 if test "x$withval" != "xyes" ; then
3182 OPENSC_CONFIG=$withval/bin/opensc-config
3183 else
3184 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3185 fi
3186 if test "$OPENSC_CONFIG" != "no"; then
3187 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3188 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3189 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3190 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3191 AC_DEFINE(SMARTCARD)
3466e002 3192 AC_DEFINE(USE_OPENSC, 1,
3193 [Define if you want smartcard support
3194 using OpenSC])
987b458f 3195 SCARD_MSG="yes, using OpenSC"
3196 fi
3197 fi
3198 ]
3199)
d0b19c95 3200
c31dc31c 3201# Check libraries needed by DNS fingerprint support
aff51935 3202AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3203 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3204 [Define if getrrsetbyname() exists])],
3e05e934 3205 [
c31dc31c 3206 # Needed by our getrrsetbyname()
3207 AC_SEARCH_LIBS(res_query, resolv)
3208 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3209 AC_MSG_CHECKING(if res_query will link)
3210 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3211 [AC_MSG_RESULT(no)
3212 saved_LIBS="$LIBS"
3213 LIBS="$LIBS -lresolv"
3214 AC_MSG_CHECKING(for res_query in -lresolv)
3215 AC_LINK_IFELSE([
3216#include <resolv.h>
3217int main()
3218{
3219 res_query (0, 0, 0, 0, 0);
3220 return 0;
3221}
3222 ],
3223 [LIBS="$LIBS -lresolv"
3224 AC_MSG_RESULT(yes)],
3225 [LIBS="$saved_LIBS"
3226 AC_MSG_RESULT(no)])
3227 ])
c31dc31c 3228 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3229 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3230 [#include <sys/types.h>
3231 #include <arpa/nameser.h>])
c31dc31c 3232 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3233 [AC_DEFINE(HAVE_HEADER_AD, 1,
3234 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3235 [#include <arpa/nameser.h>])
3236 ])
3e05e934 3237
560acf80 3238AC_MSG_CHECKING(if struct __res_state _res is an extern)
3239AC_LINK_IFELSE([
3240#include <stdio.h>
3241#if HAVE_SYS_TYPES_H
3242# include <sys/types.h>
3243#endif
3244#include <netinet/in.h>
3245#include <arpa/nameser.h>
3246#include <resolv.h>
3247extern struct __res_state _res;
3248int main() { return 0; }
3249 ],
3250 [AC_MSG_RESULT(yes)
3251 AC_DEFINE(HAVE__RES_EXTERN, 1,
3252 [Define if you have struct __res_state _res as an extern])
3253 ],
3254 [ AC_MSG_RESULT(no) ]
3255)
3256
ef4d1846 3257# Check whether user wants SELinux support
3258SELINUX_MSG="no"
3259LIBSELINUX=""
3260AC_ARG_WITH(selinux,
3261 [ --with-selinux Enable SELinux support],
3262 [ if test "x$withval" != "xno" ; then
e54defb4 3263 save_LIBS="$LIBS"
ef4d1846 3264 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3265 SELINUX_MSG="yes"
3266 AC_CHECK_HEADER([selinux/selinux.h], ,
3267 AC_MSG_ERROR(SELinux support requires selinux.h header))
3268 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3269 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3270 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3271 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3272 LIBS="$save_LIBS"
ef4d1846 3273 fi ]
3274)
ef4d1846 3275
12928e80 3276# Check whether user wants Kerberos 5 support
aff51935 3277KRB5_MSG="no"
12928e80 3278AC_ARG_WITH(kerberos5,
aff51935 3279 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3280 [ if test "x$withval" != "xno" ; then
3281 if test "x$withval" = "xyes" ; then
3282 KRB5ROOT="/usr/local"
3283 else
3284 KRB5ROOT=${withval}
3285 fi
3286
3466e002 3287 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3288 KRB5_MSG="yes"
3289
3290 AC_MSG_CHECKING(for krb5-config)
3291 if test -x $KRB5ROOT/bin/krb5-config ; then
3292 KRB5CONF=$KRB5ROOT/bin/krb5-config
3293 AC_MSG_RESULT($KRB5CONF)
3294
3295 AC_MSG_CHECKING(for gssapi support)
3296 if $KRB5CONF | grep gssapi >/dev/null ; then
3297 AC_MSG_RESULT(yes)
3466e002 3298 AC_DEFINE(GSSAPI, 1,
3299 [Define this if you want GSSAPI
3300 support in the version 2 protocol])
071970fb 3301 k5confopts=gssapi
aff51935 3302 else
5585c441 3303 AC_MSG_RESULT(no)
071970fb 3304 k5confopts=""
aff51935 3305 fi
071970fb 3306 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3307 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3308 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3309 AC_MSG_CHECKING(whether we are using Heimdal)
3310 AC_TRY_COMPILE([ #include <krb5.h> ],
3311 [ char *tmp = heimdal_version; ],
3312 [ AC_MSG_RESULT(yes)
3466e002 3313 AC_DEFINE(HEIMDAL, 1,
3314 [Define this if you are using the
3315 Heimdal version of Kerberos V5]) ],
5585c441 3316 AC_MSG_RESULT(no)
3317 )
3318 else
3319 AC_MSG_RESULT(no)
12928e80 3320 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3321 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3322 AC_MSG_CHECKING(whether we are using Heimdal)
3323 AC_TRY_COMPILE([ #include <krb5.h> ],
3324 [ char *tmp = heimdal_version; ],
3325 [ AC_MSG_RESULT(yes)
3326 AC_DEFINE(HEIMDAL)
41707f74 3327 K5LIBS="-lkrb5 -ldes"
3328 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3329 AC_CHECK_LIB(roken, net_write,
41707f74 3330 [K5LIBS="$K5LIBS -lroken"])
aff51935 3331 ],
3332 [ AC_MSG_RESULT(no)
3333 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3334 ]
3335 )
4e00038c 3336 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3337
749560dd 3338 AC_CHECK_LIB(gssapi,gss_init_sec_context,
3339 [ AC_DEFINE(GSSAPI)
3340 K5LIBS="-lgssapi $K5LIBS" ],
3341 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
3342 [ AC_DEFINE(GSSAPI)
aff51935 3343 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
749560dd 3344 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3345 $K5LIBS)
3346 ],
3347 $K5LIBS)
82f4e93d 3348
749560dd 3349 AC_CHECK_HEADER(gssapi.h, ,
3350 [ unset ac_cv_header_gssapi_h
aff51935 3351 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3352 AC_CHECK_HEADERS(gssapi.h, ,
3353 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3354 )
749560dd 3355 ]
3356 )
3357
3358 oldCPP="$CPPFLAGS"
3359 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3360 AC_CHECK_HEADER(gssapi_krb5.h, ,
3361 [ CPPFLAGS="$oldCPP" ])
3362
aff51935 3363 fi
5585c441 3364 if test ! -z "$need_dash_r" ; then
3365 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3366 fi
3367 if test ! -z "$blibpath" ; then
3368 blibpath="$blibpath:${KRB5ROOT}/lib"
3369 fi
071970fb 3370
f5555364 3371 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3372 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3373 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3374
f5555364 3375 LIBS="$LIBS $K5LIBS"
3466e002 3376 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3377 [Define this if you want to use libkafs' AFS support]))
f5555364 3378 fi
071970fb 3379 ]
12928e80 3380)
b5b68128 3381
a0391976 3382# Looking for programs, paths and files
a0391976 3383
ecac8ee5 3384PRIVSEP_PATH=/var/empty
3385AC_ARG_WITH(privsep-path,
cda1ebcb 3386 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3387 [
6cf0200f 3388 if test -n "$withval" && test "x$withval" != "xno" && \
3389 test "x${withval}" != "xyes"; then
ecac8ee5 3390 PRIVSEP_PATH=$withval
3391 fi
3392 ]
3393)
3394AC_SUBST(PRIVSEP_PATH)
3395
a0391976 3396AC_ARG_WITH(xauth,
3397 [ --with-xauth=PATH Specify path to xauth program ],
3398 [
6cf0200f 3399 if test -n "$withval" && test "x$withval" != "xno" && \
3400 test "x${withval}" != "xyes"; then
cbd7492e 3401 xauth_path=$withval
a0391976 3402 fi
3403 ],
3404 [
2bf42e4a 3405 TestPath="$PATH"
3406 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3407 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3408 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3409 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3410 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3411 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3412 xauth_path="/usr/openwin/bin/xauth"
3413 fi
3414 ]
3415)
3416
65a4b4af 3417STRIP_OPT=-s
3418AC_ARG_ENABLE(strip,
3419 [ --disable-strip Disable calling strip(1) on install],
3420 [
3421 if test "x$enableval" = "xno" ; then
3422 STRIP_OPT=
3423 fi
3424 ]
3425)
3426AC_SUBST(STRIP_OPT)
3427
b3ec54b4 3428if test -z "$xauth_path" ; then
3429 XAUTH_PATH="undefined"
3430 AC_SUBST(XAUTH_PATH)
3431else
3466e002 3432 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3433 [Define if xauth is found in your path])
b3ec54b4 3434 XAUTH_PATH=$xauth_path
3435 AC_SUBST(XAUTH_PATH)
a0391976 3436fi
a0391976 3437
3438# Check for mail directory (last resort if we cannot get it from headers)
3439if test ! -z "$MAIL" ; then
3440 maildir=`dirname $MAIL`
3466e002 3441 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3442 [Set this to your mail directory if you don't have maillock.h])
a0391976 3443fi
3444
479cece8 3445if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3446 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3447 disable_ptmx_check=yes
3448fi
a0391976 3449if test -z "$no_dev_ptmx" ; then
6e879cb4 3450 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3451 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3452 [
3466e002 3453 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3454 [Define if you have /dev/ptmx])
6e879cb4 3455 have_dev_ptmx=1
3456 ]
3457 )
3458 fi
3276571c 3459fi
1a01a50c 3460
479cece8 3461if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3462 AC_CHECK_FILE("/dev/ptc",
3463 [
3466e002 3464 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3465 [Define if you have /dev/ptc])
1a01a50c 3466 have_dev_ptc=1
3467 ]
3468 )
3469else
3470 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3471fi
3276571c 3472
a0391976 3473# Options from here on. Some of these are preset by platform above
fdf6b7aa 3474AC_ARG_WITH(mantype,
5d97cfbf 3475 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3476 [
5d97cfbf 3477 case "$withval" in
3478 man|cat|doc)
3479 MANTYPE=$withval
3480 ;;
3481 *)
3482 AC_MSG_ERROR(invalid man type: $withval)
3483 ;;
3484 esac
c54a6257 3485 ]
3486)
e0c4d3ac 3487if test -z "$MANTYPE"; then
2bf42e4a 3488 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3489 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3490 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3491 MANTYPE=doc
3492 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3493 MANTYPE=man
3494 else
3495 MANTYPE=cat
3496 fi
3497fi
c54a6257 3498AC_SUBST(MANTYPE)
e0c4d3ac 3499if test "$MANTYPE" = "doc"; then
3500 mansubdir=man;
3501else
3502 mansubdir=$MANTYPE;
3503fi
3504AC_SUBST(mansubdir)
0bc5b6fb 3505
a0391976 3506# Check whether to enable MD5 passwords
aff51935 3507MD5_MSG="no"
2ddcfdf3 3508AC_ARG_WITH(md5-passwords,
caf3bc51 3509 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3510 [
bcf36c78 3511 if test "x$withval" != "xno" ; then
3466e002 3512 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3513 [Define if you want to allow MD5 passwords])
aff51935 3514 MD5_MSG="yes"
0bc5b6fb 3515 fi
3516 ]
caf3bc51 3517)
3518
a0391976 3519# Whether to disable shadow password support
a7effaac 3520AC_ARG_WITH(shadow,
3521 [ --without-shadow Disable shadow password support],
3522 [
82f4e93d 3523 if test "x$withval" = "xno" ; then
a7effaac 3524 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3525 disable_shadow=yes
a7effaac 3526 fi
3527 ]
3528)
3529
4cb5ffa0 3530if test -z "$disable_shadow" ; then
3531 AC_MSG_CHECKING([if the systems has expire shadow information])
3532 AC_TRY_COMPILE(
3533 [
3534#include <sys/types.h>
3535#include <shadow.h>
3536 struct spwd sp;
3537 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3538 [ sp_expire_available=yes ], []
3539 )
3540
3541 if test "x$sp_expire_available" = "xyes" ; then
3542 AC_MSG_RESULT(yes)
3466e002 3543 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3544 [Define if you want to use shadow password expire field])
4cb5ffa0 3545 else
3546 AC_MSG_RESULT(no)
3547 fi
3548fi
3549
a0391976 3550# Use ip address instead of hostname in $DISPLAY
44839801 3551if test ! -z "$IPADDR_IN_DISPLAY" ; then
3552 DISPLAY_HACK_MSG="yes"
3466e002 3553 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3554 [Define if you need to use IP address
3555 instead of hostname in $DISPLAY])
44839801 3556else
aff51935 3557 DISPLAY_HACK_MSG="no"
44839801 3558 AC_ARG_WITH(ipaddr-display,
3559 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3560 [
82f4e93d 3561 if test "x$withval" != "xno" ; then
44839801 3562 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3563 DISPLAY_HACK_MSG="yes"
44839801 3564 fi
3565 ]
3566 )
3567fi
a7effaac 3568
95b99395 3569# check for /etc/default/login and use it if present.
daa41e62 3570AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3571 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3572 [ if test "x$enableval" = "xno"; then
3573 AC_MSG_NOTICE([/etc/default/login handling disabled])
3574 etc_default_login=no
3575 else
3576 etc_default_login=yes
3577 fi ],
b0e7249f 3578 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3579 then
3580 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3581 etc_default_login=no
3582 else
3583 etc_default_login=yes
3584 fi ]
694d0cef 3585)
95b99395 3586
694d0cef 3587if test "x$etc_default_login" != "xno"; then
3588 AC_CHECK_FILE("/etc/default/login",
3589 [ external_path_file=/etc/default/login ])
b0e7249f 3590 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3591 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3592 [Define if your system has /etc/default/login])
1a01a50c 3593 fi
694d0cef 3594fi
95b99395 3595
8d184c09 3596dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3597if test $ac_cv_func_login_getcapbool = "yes" && \
3598 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3599 external_path_file=/etc/login.conf
8d184c09 3600fi
95b99395 3601
a0391976 3602# Whether to mess with the default path
aff51935 3603SERVER_PATH_MSG="(default)"
c43d69a9 3604AC_ARG_WITH(default-path,
75817f90 3605 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3606 [
95b99395 3607 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3608 AC_MSG_WARN([
3609--with-default-path=PATH has no effect on this system.
3610Edit /etc/login.conf instead.])
82f4e93d 3611 elif test "x$withval" != "xno" ; then
89bbd457 3612 if test ! -z "$external_path_file" ; then
95b99395 3613 AC_MSG_WARN([
3614--with-default-path=PATH will only be used if PATH is not defined in
3615$external_path_file .])
3616 fi
b2d818e6 3617 user_path="$withval"
aff51935 3618 SERVER_PATH_MSG="$withval"
cb807f40 3619 fi
b2d818e6 3620 ],
95b99395 3621 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3622 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3623 else
89bbd457 3624 if test ! -z "$external_path_file" ; then
95b99395 3625 AC_MSG_WARN([
3626If PATH is defined in $external_path_file, ensure the path to scp is included,
3627otherwise scp will not work.])
3628 fi
b0e7249f 3629 AC_RUN_IFELSE(
3630 [AC_LANG_SOURCE([[
b2d818e6 3631/* find out what STDPATH is */
3632#include <stdio.h>
b2d818e6 3633#ifdef HAVE_PATHS_H
3634# include <paths.h>
3635#endif
3636#ifndef _PATH_STDPATH
d9a4e55b 3637# ifdef _PATH_USERPATH /* Irix */
3638# define _PATH_STDPATH _PATH_USERPATH
3639# else
3640# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3641# endif
b2d818e6 3642#endif
3643#include <sys/types.h>
3644#include <sys/stat.h>
3645#include <fcntl.h>
3646#define DATA "conftest.stdpath"
3647
3648main()
3649{
3650 FILE *fd;
3651 int rc;
82f4e93d 3652
b2d818e6 3653 fd = fopen(DATA,"w");
3654 if(fd == NULL)
3655 exit(1);
82f4e93d 3656
b2d818e6 3657 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3658 exit(1);
3659
3660 exit(0);
3661}
b0e7249f 3662 ]])],
3663 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3664 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3665 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3666 )
3667# make sure $bindir is in USER_PATH so scp will work
3668 t_bindir=`eval echo ${bindir}`
3669 case $t_bindir in
3670 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3671 esac
3672 case $t_bindir in
3673 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3674 esac
3675 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3676 if test $? -ne 0 ; then
3677 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3678 if test $? -ne 0 ; then
3679 user_path=$user_path:$t_bindir
3680 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3681 fi
3682 fi
8d184c09 3683 fi ]
cb807f40 3684)
95b99395 3685if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3686 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3687 AC_SUBST(user_path)
3688fi
cb807f40 3689
06617857 3690# Set superuser path separately to user path
06617857 3691AC_ARG_WITH(superuser-path,
3692 [ --with-superuser-path= Specify different path for super-user],
3693 [
6cf0200f 3694 if test -n "$withval" && test "x$withval" != "xno" && \
3695 test "x${withval}" != "xyes"; then
3466e002 3696 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3697 [Define if you want a different $PATH
3698 for the superuser])
06617857 3699 superuser_path=$withval
3700 fi
3701 ]
3702)
3703
3704
58d100bf 3705AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3706IPV4_IN6_HACK_MSG="no"
80faa19f 3707AC_ARG_WITH(4in6,
3708 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3709 [
3710 if test "x$withval" != "xno" ; then
3711 AC_MSG_RESULT(yes)
3466e002 3712 AC_DEFINE(IPV4_IN_IPV6, 1,
3713 [Detect IPv4 in IPv6 mapped addresses
3714 and treat as IPv4])
aff51935 3715 IPV4_IN6_HACK_MSG="yes"
80faa19f 3716 else
3717 AC_MSG_RESULT(no)
3718 fi
3719 ],[
3720 if test "x$inet6_default_4in6" = "xyes"; then
3721 AC_MSG_RESULT([yes (default)])
3722 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3723 IPV4_IN6_HACK_MSG="yes"
80faa19f 3724 else
3725 AC_MSG_RESULT([no (default)])
3726 fi
3727 ]
3728)
3729
af774732 3730# Whether to enable BSD auth support
f1b0ecc3 3731BSD_AUTH_MSG=no
af774732 3732AC_ARG_WITH(bsd-auth,
3733 [ --with-bsd-auth Enable BSD auth support],
3734 [
82f4e93d 3735 if test "x$withval" != "xno" ; then
3466e002 3736 AC_DEFINE(BSD_AUTH, 1,
3737 [Define if you have BSD auth support])
f1b0ecc3 3738 BSD_AUTH_MSG=yes
af774732 3739 fi
3740 ]
3741)
3742
a0391976 3743# Where to place sshd.pid
19d9ac2a 3744piddir=/var/run
81dadca3 3745# make sure the directory exists
82f4e93d 3746if test ! -d $piddir ; then
81dadca3 3747 piddir=`eval echo ${sysconfdir}`
3748 case $piddir in
aff51935 3749 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3750 esac
3751fi
3752
47e45e44 3753AC_ARG_WITH(pid-dir,
3754 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3755 [
6cf0200f 3756 if test -n "$withval" && test "x$withval" != "xno" && \
3757 test "x${withval}" != "xyes"; then
19d9ac2a 3758 piddir=$withval
82f4e93d 3759 if test ! -d $piddir ; then
81dadca3 3760 AC_MSG_WARN([** no $piddir directory on this system **])
3761 fi
47e45e44 3762 fi
3763 ]
3764)
b7a87eea 3765
3466e002 3766AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3767AC_SUBST(piddir)
47e45e44 3768
1d7b9b20 3769dnl allow user to disable some login recording features
3770AC_ARG_ENABLE(lastlog,
bfd550a2 3771 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3772 [
3773 if test "x$enableval" = "xno" ; then
3774 AC_DEFINE(DISABLE_LASTLOG)
3775 fi
3776 ]
1d7b9b20 3777)
3778AC_ARG_ENABLE(utmp,
bfd550a2 3779 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3780 [
3781 if test "x$enableval" = "xno" ; then
3782 AC_DEFINE(DISABLE_UTMP)
3783 fi
3784 ]
1d7b9b20 3785)
3786AC_ARG_ENABLE(utmpx,
bfd550a2 3787 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3788 [
3789 if test "x$enableval" = "xno" ; then
3466e002 3790 AC_DEFINE(DISABLE_UTMPX, 1,
3791 [Define if you don't want to use utmpx])
ddb154b3 3792 fi
3793 ]
1d7b9b20 3794)
3795AC_ARG_ENABLE(wtmp,
bfd550a2 3796 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3797 [
3798 if test "x$enableval" = "xno" ; then
3799 AC_DEFINE(DISABLE_WTMP)
3800 fi
3801 ]
1d7b9b20 3802)
3803AC_ARG_ENABLE(wtmpx,
bfd550a2 3804 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3805 [
3806 if test "x$enableval" = "xno" ; then
3466e002 3807 AC_DEFINE(DISABLE_WTMPX, 1,
3808 [Define if you don't want to use wtmpx])
ddb154b3 3809 fi
3810 ]
1d7b9b20 3811)
3812AC_ARG_ENABLE(libutil,
bfd550a2 3813 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3814 [
3815 if test "x$enableval" = "xno" ; then
3816 AC_DEFINE(DISABLE_LOGIN)
3817 fi
3818 ]
1d7b9b20 3819)
3820AC_ARG_ENABLE(pututline,
bfd550a2 3821 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3822 [
3823 if test "x$enableval" = "xno" ; then
3466e002 3824 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3825 [Define if you don't want to use pututline()
3826 etc. to write [uw]tmp])
ddb154b3 3827 fi
3828 ]
1d7b9b20 3829)
3830AC_ARG_ENABLE(pututxline,
bfd550a2 3831 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3832 [
3833 if test "x$enableval" = "xno" ; then
3466e002 3834 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3835 [Define if you don't want to use pututxline()
3836 etc. to write [uw]tmpx])
ddb154b3 3837 fi
3838 ]
1d7b9b20 3839)
3840AC_ARG_WITH(lastlog,
bfd550a2 3841 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3842 [
82f4e93d 3843 if test "x$withval" = "xno" ; then
8c89dd2b 3844 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3845 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3846 conf_lastlog_location=$withval
3847 fi
3848 ]
3849)
1d7b9b20 3850
3851dnl lastlog, [uw]tmpx? detection
3852dnl NOTE: set the paths in the platform section to avoid the
3853dnl need for command-line parameters
3854dnl lastlog and [uw]tmp are subject to a file search if all else fails
3855
3856dnl lastlog detection
3857dnl NOTE: the code itself will detect if lastlog is a directory
3858AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3859AC_TRY_COMPILE([
3860#include <sys/types.h>
3861#include <utmp.h>
3862#ifdef HAVE_LASTLOG_H
3863# include <lastlog.h>
3864#endif
d7c0f3d5 3865#ifdef HAVE_PATHS_H
1d7b9b20 3866# include <paths.h>
41cb4569 3867#endif
3868#ifdef HAVE_LOGIN_H
3869# include <login.h>
1d7b9b20 3870#endif
3871 ],
3872 [ char *lastlog = LASTLOG_FILE; ],
3873 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3874 [
3875 AC_MSG_RESULT(no)
3876 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3877 AC_TRY_COMPILE([
3878#include <sys/types.h>
3879#include <utmp.h>
3880#ifdef HAVE_LASTLOG_H
3881# include <lastlog.h>
3882#endif
3883#ifdef HAVE_PATHS_H
3884# include <paths.h>
3885#endif
3886 ],
3887 [ char *lastlog = _PATH_LASTLOG; ],
3888 [ AC_MSG_RESULT(yes) ],
3889 [
f282b668 3890 AC_MSG_RESULT(no)
d7c0f3d5 3891 system_lastlog_path=no
3892 ])
3893 ]
1d7b9b20 3894)
d7c0f3d5 3895
1d7b9b20 3896if test -z "$conf_lastlog_location"; then
3897 if test x"$system_lastlog_path" = x"no" ; then
3898 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3899 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3900 conf_lastlog_location=$f
3901 fi
3902 done
3903 if test -z "$conf_lastlog_location"; then
f8119cef 3904 AC_MSG_WARN([** Cannot find lastlog **])
3905 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3906 fi
3907 fi
3908fi
3909
3910if test -n "$conf_lastlog_location"; then
3466e002 3911 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3912 [Define if you want to specify the path to your lastlog file])
82f4e93d 3913fi
1d7b9b20 3914
3915dnl utmp detection
3916AC_MSG_CHECKING([if your system defines UTMP_FILE])
3917AC_TRY_COMPILE([
3918#include <sys/types.h>
3919#include <utmp.h>
d7c0f3d5 3920#ifdef HAVE_PATHS_H
1d7b9b20 3921# include <paths.h>
3922#endif
3923 ],
3924 [ char *utmp = UTMP_FILE; ],
3925 [ AC_MSG_RESULT(yes) ],
3926 [ AC_MSG_RESULT(no)
3927 system_utmp_path=no ]
3928)
3929if test -z "$conf_utmp_location"; then
3930 if test x"$system_utmp_path" = x"no" ; then
3931 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3932 if test -f $f ; then
3933 conf_utmp_location=$f
3934 fi
3935 done
3936 if test -z "$conf_utmp_location"; then
3937 AC_DEFINE(DISABLE_UTMP)
3938 fi
3939 fi
3940fi
3941if test -n "$conf_utmp_location"; then
3466e002 3942 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3943 [Define if you want to specify the path to your utmp file])
82f4e93d 3944fi
1d7b9b20 3945
3946dnl wtmp detection
3947AC_MSG_CHECKING([if your system defines WTMP_FILE])
3948AC_TRY_COMPILE([
3949#include <sys/types.h>
3950#include <utmp.h>
d7c0f3d5 3951#ifdef HAVE_PATHS_H
1d7b9b20 3952# include <paths.h>
3953#endif
3954 ],
3955 [ char *wtmp = WTMP_FILE; ],
3956 [ AC_MSG_RESULT(yes) ],
3957 [ AC_MSG_RESULT(no)
3958 system_wtmp_path=no ]
3959)
3960if test -z "$conf_wtmp_location"; then
3961 if test x"$system_wtmp_path" = x"no" ; then
3962 for f in /usr/adm/wtmp /var/log/wtmp; do
3963 if test -f $f ; then
3964 conf_wtmp_location=$f
3965 fi
3966 done
3967 if test -z "$conf_wtmp_location"; then
3968 AC_DEFINE(DISABLE_WTMP)
3969 fi
3970 fi
3971fi
3972if test -n "$conf_wtmp_location"; then
3466e002 3973 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
3974 [Define if you want to specify the path to your wtmp file])
82f4e93d 3975fi
1d7b9b20 3976
3977
3978dnl utmpx detection - I don't know any system so perverse as to require
3979dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
3980dnl there, though.
3981AC_MSG_CHECKING([if your system defines UTMPX_FILE])
3982AC_TRY_COMPILE([
3983#include <sys/types.h>
3984#include <utmp.h>
3985#ifdef HAVE_UTMPX_H
3986#include <utmpx.h>
3987#endif
d7c0f3d5 3988#ifdef HAVE_PATHS_H
1d7b9b20 3989# include <paths.h>
3990#endif
3991 ],
3992 [ char *utmpx = UTMPX_FILE; ],
3993 [ AC_MSG_RESULT(yes) ],
3994 [ AC_MSG_RESULT(no)
3995 system_utmpx_path=no ]
3996)
3997if test -z "$conf_utmpx_location"; then
3998 if test x"$system_utmpx_path" = x"no" ; then
3999 AC_DEFINE(DISABLE_UTMPX)
4000 fi
4001else
3466e002 4002 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4003 [Define if you want to specify the path to your utmpx file])
82f4e93d 4004fi
1d7b9b20 4005
4006dnl wtmpx detection
4007AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4008AC_TRY_COMPILE([
4009#include <sys/types.h>
4010#include <utmp.h>
4011#ifdef HAVE_UTMPX_H
4012#include <utmpx.h>
4013#endif
d7c0f3d5 4014#ifdef HAVE_PATHS_H
1d7b9b20 4015# include <paths.h>
4016#endif
4017 ],
4018 [ char *wtmpx = WTMPX_FILE; ],
4019 [ AC_MSG_RESULT(yes) ],
4020 [ AC_MSG_RESULT(no)
4021 system_wtmpx_path=no ]
4022)
4023if test -z "$conf_wtmpx_location"; then
4024 if test x"$system_wtmpx_path" = x"no" ; then
4025 AC_DEFINE(DISABLE_WTMPX)
4026 fi
4027else
3466e002 4028 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4029 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4030fi
1d7b9b20 4031
b7a87eea 4032
bd499f9e 4033if test ! -z "$blibpath" ; then
68ece370 4034 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4035 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4036fi
4037
ed89c848 4038dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4039dnl Add now.
4040CFLAGS="$CFLAGS $werror_flags"
4041
3c62e7eb 4042AC_EXEEXT
29eadd7c 4043AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4044 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4045 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4046AC_OUTPUT
d3083fbd 4047
cbd7492e 4048# Print summary of options
4049
cbd7492e 4050# Someone please show me a better way :)
4051A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4052B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4053C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4054D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4055E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4056F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4057G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4058H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4059I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4060J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4061
4062echo ""
26de7942 4063echo "OpenSSH has been configured with the following options:"
ecac8ee5 4064echo " User binaries: $B"
4065echo " System binaries: $C"
4066echo " Configuration files: $D"
4067echo " Askpass program: $E"
4068echo " Manual pages: $F"
4069echo " PID file: $G"
4070echo " Privilege separation chroot path: $H"
95b99395 4071if test "x$external_path_file" = "x/etc/login.conf" ; then
4072echo " At runtime, sshd will use the path defined in $external_path_file"
4073echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4074else
ecac8ee5 4075echo " sshd default user PATH: $I"
89bbd457 4076 if test ! -z "$external_path_file"; then
95b99395 4077echo " (If PATH is set in $external_path_file it will be used instead. If"
4078echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4079 fi
8d184c09 4080fi
06617857 4081if test ! -z "$superuser_path" ; then
ecac8ee5 4082echo " sshd superuser user PATH: $J"
4083fi
4084echo " Manpage format: $MANTYPE"
3e05e934 4085echo " PAM support: $PAM_MSG"
5b84789f 4086echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4087echo " KerberosV support: $KRB5_MSG"
ef4d1846 4088echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4089echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4090echo " S/KEY support: $SKEY_MSG"
4091echo " TCP Wrappers support: $TCPW_MSG"
4092echo " MD5 password support: $MD5_MSG"
59031773 4093echo " libedit support: $LIBEDIT_MSG"
5b84789f 4094echo " Solaris process contract support: $SPC_MSG"
3deb1408 4095echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4096echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4097echo " BSD Auth support: $BSD_AUTH_MSG"
4098echo " Random number source: $RAND_MSG"
f1b0ecc3 4099if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4100echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4101fi
4102
cbd7492e 4103echo ""
4104
0c2fb82f 4105echo " Host: ${host}"
4106echo " Compiler: ${CC}"
4107echo " Compiler flags: ${CFLAGS}"
4108echo "Preprocessor flags: ${CPPFLAGS}"
4109echo " Linker flags: ${LDFLAGS}"
e54defb4 4110echo " Libraries: ${LIBS}"
4111if test ! -z "${SSHDLIBS}"; then
4112echo " +for sshd: ${SSHDLIBS}"
4113fi
cbd7492e 4114
4115echo ""
4116
9cefe228 4117if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4118 echo "SVR4 style packages are supported with \"make package\""
4119 echo ""
9cefe228 4120fi
4121
adeebd37 4122if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4123 echo "PAM is enabled. You may need to install a PAM control file "
4124 echo "for sshd, otherwise password authentication may fail. "
aff51935 4125 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4126 echo "subdirectory"
adeebd37 4127 echo ""
4128fi
4129
f1b0ecc3 4130if test ! -z "$RAND_HELPER_CMDHASH" ; then
4131 echo "WARNING: you are using the builtin random number collection "
4132 echo "service. Please read WARNING.RNG and request that your OS "
4133 echo "vendor includes kernel-based random number collection in "
4134 echo "future versions of your OS."
2c523de9 4135 echo ""
4136fi
af774732 4137
2f6f9cff 4138if test ! -z "$NO_PEERCHECK" ; then
1961d660 4139 echo "WARNING: the operating system that you are using does not"
4140 echo "appear to support getpeereid(), getpeerucred() or the"
4141 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4142 echo "enforce security checks to prevent unauthorised connections to"
4143 echo "ssh-agent. Their absence increases the risk that a malicious"
4144 echo "user can connect to your agent."
2f6f9cff 4145 echo ""
4146fi
4147
7b578f7d 4148if test "$AUDIT_MODULE" = "bsm" ; then
4149 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4150 echo "See the Solaris section in README.platform for details."
4151fi
git-cvsimport mirror of OpenSSH
This page took 1.088293 seconds and 5 git commands to generate.