]> andersk Git - openssh.git/blame - configure.ac
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
[openssh.git] / configure.ac
CommitLineData
eb5d7ff6 1# $Id$
2b983b95 2#
3# Copyright (c) 1999-2004 Damien Miller
4#
5# Permission to use, copy, modify, and distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0b202697 16
76e6410a 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
823221b2 18AC_REVISION($Revision$)
98a7c37b 19AC_CONFIG_SRCDIR([ssh.c])
5881cd60 20
21AC_CONFIG_HEADER(config.h)
b14b2ae7 22AC_PROG_CC
a7effaac 23AC_CANONICAL_HOST
cf0c5df5 24AC_C_BIGENDIAN
5881cd60 25
a0391976 26# Checks for programs.
4bbf95fa 27AC_PROG_AWK
4cca272e 28AC_PROG_CPP
5881cd60 29AC_PROG_RANLIB
cf8dd513 30AC_PROG_INSTALL
c9ecc3c7 31AC_PROG_EGREP
bee0a37e 32AC_PATH_PROG(AR, ar)
ddd8c95b 33AC_PATH_PROG(CAT, cat)
34AC_PATH_PROG(KILL, kill)
13dd877b 35AC_PATH_PROGS(PERL, perl5 perl)
c3690df3 36AC_PATH_PROG(SED, sed)
a0f84251 37AC_SUBST(PERL)
ad85db64 38AC_PATH_PROG(ENT, ent)
39AC_SUBST(ENT)
6958bd37 40AC_PATH_PROG(TEST_MINUS_S_SH, bash)
41AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
42AC_PATH_PROG(TEST_MINUS_S_SH, sh)
6193497b 43AC_PATH_PROG(SH, sh)
a3245b92 44AC_SUBST(TEST_SHELL,sh)
f498ed15 45
9cefe228 46dnl for buildpkg.sh
47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
48 [/usr/sbin${PATH_SEPARATOR}/etc])
49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
50 [/usr/sbin${PATH_SEPARATOR}/etc])
51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
eeb27c78 52if test -x /sbin/sh; then
53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
54else
55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
56fi
9cefe228 57
948fd8b9 58# System features
59AC_SYS_LARGEFILE
60
c193d002 61if test -z "$AR" ; then
62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
63fi
64
2e73a022 65# Use LOGIN_PROGRAM from environment if possible
66if test ! -z "$LOGIN_PROGRAM" ; then
3466e002 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
68 [If your header files don't define LOGIN_PROGRAM,
69 then use this (detected) from environment and PATH])
2e73a022 70else
71 # Search for login
72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
75 fi
76fi
77
37656beb 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
79if test ! -z "$PATH_PASSWD_PROG" ; then
3466e002 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
81 [Full path of your "passwd" program])
37656beb 82fi
83
d423d822 84if test -z "$LD" ; then
85 LD=$CC
86fi
87AC_SUBST(LD)
82f4e93d 88
d423d822 89AC_C_INLINE
dfafb2e1 90
91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
92
caa21240 93use_stack_protector=1
94AC_ARG_WITH(stackprotect,
a0969097 95 [ --without-stackprotect Don't use compiler's stack protection], [
caa21240 96 if test "x$withval" = "xno"; then
97 use_stack_protector=0
98 fi ])
99
aff51935 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
af40ca44 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
eeee8237 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
5fdabf45 103 case $GCC_VER in
0b9fdeb8 104 1.*) no_attrib_nonnull=1 ;;
105 2.8* | 2.9*)
106 CFLAGS="$CFLAGS -Wsign-compare"
107 no_attrib_nonnull=1
108 ;;
109 2.*) no_attrib_nonnull=1 ;;
b5902374 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
cd595991 112 *) ;;
5fdabf45 113 esac
8a3ff1aa 114
b55b0285 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset)
116 saved_CFLAGS="$CFLAGS"
117 CFLAGS="$CFLAGS -fno-builtin-memset"
118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[
119#include <string.h>
120int main(void){char b[10]; memset(b, 0, sizeof(b));}
121 ]])],
122 [ AC_MSG_RESULT(yes) ],
123 [ AC_MSG_RESULT(no)
124 CFLAGS="$saved_CFLAGS" ]
125)
126
caa21240 127 # -fstack-protector-all doesn't always work for some GCC versions
23c5c479 128 # and/or platforms, so we test if we can. If it's not supported
53e2660a 129 # on a given platform gcc will emit a warning so we use -Werror.
caa21240 130 if test "x$use_stack_protector" = "x1"; then
131 for t in -fstack-protector-all -fstack-protector; do
23c5c479 132 AC_MSG_CHECKING(if $CC supports $t)
caa21240 133 saved_CFLAGS="$CFLAGS"
134 saved_LDFLAGS="$LDFLAGS"
23c5c479 135 CFLAGS="$CFLAGS $t -Werror"
136 LDFLAGS="$LDFLAGS $t -Werror"
137 AC_LINK_IFELSE(
138 [AC_LANG_SOURCE([
53e2660a 139#include <stdio.h>
140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
23c5c479 141 ])],
caa21240 142 [ AC_MSG_RESULT(yes)
23c5c479 143 CFLAGS="$saved_CFLAGS $t"
144 LDFLAGS="$saved_LDFLAGS $t"
caa21240 145 AC_MSG_CHECKING(if $t works)
146 AC_RUN_IFELSE(
147 [AC_LANG_SOURCE([
53e2660a 148#include <stdio.h>
149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
caa21240 150 ])],
151 [ AC_MSG_RESULT(yes)
152 break ],
153 [ AC_MSG_RESULT(no) ],
154 [ AC_MSG_WARN([cross compiling: cannot test])
155 break ]
23c5c479 156 )
caa21240 157 ],
158 [ AC_MSG_RESULT(no) ]
159 )
160 CFLAGS="$saved_CFLAGS"
161 LDFLAGS="$saved_LDFLAGS"
162 done
163 fi
eb5a7224 164
dfafb2e1 165 if test -z "$have_llong_max"; then
166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
167 unset ac_cv_have_decl_LLONG_MAX
168 saved_CFLAGS="$CFLAGS"
169 CFLAGS="$CFLAGS -std=gnu99"
170 AC_CHECK_DECL(LLONG_MAX,
171 [have_llong_max=1],
172 [CFLAGS="$saved_CFLAGS"],
173 [#include <limits.h>]
174 )
175 fi
d423d822 176fi
177
0b9fdeb8 178if test "x$no_attrib_nonnull" != "x1" ; then
179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
180fi
181
e6354014 182AC_ARG_WITH(rpath,
183 [ --without-rpath Disable auto-added -R linker paths],
184 [
82f4e93d 185 if test "x$withval" = "xno" ; then
e6354014 186 need_dash_r=""
187 fi
188 if test "x$withval" = "xyes" ; then
189 need_dash_r=1
190 fi
191 ]
192)
193
aa56f760 194# Allow user to specify flags
195AC_ARG_WITH(cflags,
196 [ --with-cflags Specify additional flags to pass to compiler],
197 [
198 if test -n "$withval" && test "x$withval" != "xno" && \
199 test "x${withval}" != "xyes"; then
200 CFLAGS="$CFLAGS $withval"
201 fi
202 ]
203)
204AC_ARG_WITH(cppflags,
205 [ --with-cppflags Specify additional flags to pass to preprocessor] ,
206 [
207 if test -n "$withval" && test "x$withval" != "xno" && \
208 test "x${withval}" != "xyes"; then
209 CPPFLAGS="$CPPFLAGS $withval"
210 fi
211 ]
212)
213AC_ARG_WITH(ldflags,
214 [ --with-ldflags Specify additional flags to pass to linker],
215 [
216 if test -n "$withval" && test "x$withval" != "xno" && \
217 test "x${withval}" != "xyes"; then
218 LDFLAGS="$LDFLAGS $withval"
219 fi
220 ]
221)
222AC_ARG_WITH(libs,
223 [ --with-libs Specify additional libraries to link with],
224 [
225 if test -n "$withval" && test "x$withval" != "xno" && \
226 test "x${withval}" != "xyes"; then
227 LIBS="$LIBS $withval"
228 fi
229 ]
230)
231AC_ARG_WITH(Werror,
232 [ --with-Werror Build main code with -Werror],
233 [
234 if test -n "$withval" && test "x$withval" != "xno"; then
235 werror_flags="-Werror"
236 if test "x${withval}" != "xyes"; then
237 werror_flags="$withval"
238 fi
239 fi
240 ]
241)
242
243AC_CHECK_HEADERS( \
244 bstring.h \
245 crypt.h \
246 crypto/sha2.h \
247 dirent.h \
248 endian.h \
249 features.h \
250 fcntl.h \
251 floatingpoint.h \
252 getopt.h \
253 glob.h \
254 ia.h \
255 iaf.h \
256 limits.h \
257 login.h \
258 maillock.h \
259 ndir.h \
260 net/if_tun.h \
261 netdb.h \
262 netgroup.h \
263 pam/pam_appl.h \
264 paths.h \
6d39a5c4 265 poll.h \
aa56f760 266 pty.h \
267 readpassphrase.h \
268 rpc/types.h \
269 security/pam_appl.h \
270 sha2.h \
271 shadow.h \
272 stddef.h \
273 stdint.h \
274 string.h \
275 strings.h \
276 sys/audit.h \
277 sys/bitypes.h \
278 sys/bsdtty.h \
279 sys/cdefs.h \
280 sys/dir.h \
281 sys/mman.h \
4538e135 282 sys/mount.h \
aa56f760 283 sys/ndir.h \
8aa5db7d 284 sys/poll.h \
aa56f760 285 sys/prctl.h \
286 sys/pstat.h \
287 sys/select.h \
288 sys/stat.h \
289 sys/stream.h \
290 sys/stropts.h \
291 sys/strtio.h \
4538e135 292 sys/statvfs.h \
aa56f760 293 sys/sysmacros.h \
294 sys/time.h \
295 sys/timers.h \
296 sys/un.h \
297 time.h \
298 tmpdir.h \
299 ttyent.h \
40701614 300 ucred.h \
aa56f760 301 unistd.h \
302 usersec.h \
303 util.h \
304 utime.h \
305 utmp.h \
306 utmpx.h \
307 vis.h \
308)
309
310# lastlog.h requires sys/time.h to be included first on Solaris
311AC_CHECK_HEADERS(lastlog.h, [], [], [
312#ifdef HAVE_SYS_TIME_H
313# include <sys/time.h>
314#endif
315])
316
317# sys/ptms.h requires sys/stream.h to be included first on Solaris
318AC_CHECK_HEADERS(sys/ptms.h, [], [], [
319#ifdef HAVE_SYS_STREAM_H
320# include <sys/stream.h>
321#endif
322])
323
324# login_cap.h requires sys/types.h on NetBSD
325AC_CHECK_HEADERS(login_cap.h, [], [], [
326#include <sys/types.h>
327])
328
5b84789f 329# Messages for features tested for in target-specific section
330SIA_MSG="no"
331SPC_MSG="no"
332
a0391976 333# Check for some target-specific stuff
a7effaac 334case "$host" in
9d6b1b96 335*-*-aix*)
25a2779b 336 # Some versions of VAC won't allow macro redefinitions at
337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
338 # particularly with older versions of vac or xlc.
339 # It also throws errors about null macro argments, but these are
340 # not fatal.
341 AC_MSG_CHECKING(if compiler allows macro redefinitions)
342 AC_COMPILE_IFELSE(
343 [AC_LANG_SOURCE([[
344#define testmacro foo
345#define testmacro bar
346int main(void) { exit(0); }
347 ]])],
348 [ AC_MSG_RESULT(yes) ],
349 [ AC_MSG_RESULT(no)
350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
354 ]
355 )
356
aff51935 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
68ece370 358 if (test -z "$blibpath"); then
0a15d73b 359 blibpath="/usr/lib:/lib"
68ece370 360 fi
361 saved_LDFLAGS="$LDFLAGS"
e7479666 362 if test "$GCC" = "yes"; then
363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
364 else
365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
366 fi
367 for tryflags in $flags ;do
68ece370 368 if (test -z "$blibflags"); then
369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
370 AC_TRY_LINK([], [], [blibflags=$tryflags])
371 fi
372 done
373 if (test -z "$blibflags"); then
374 AC_MSG_RESULT(not found)
375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
376 else
377 AC_MSG_RESULT($blibflags)
bd499f9e 378 fi
68ece370 379 LDFLAGS="$saved_LDFLAGS"
e351e493 380 dnl Check for authenticate. Might be in libs.a on older AIXes
3466e002 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
382 [Define if you want to enable AIX4's authenticate function])],
0764e748 383 [AC_CHECK_LIB(s,authenticate,
e351e493 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE)
0764e748 385 LIBS="$LIBS -ls"
386 ])
387 ])
ba603e06 388 dnl Check for various auth function declarations in headers.
c85ed8e2 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
72ad335d 390 passwdexpired, setauthdb], , , [#include <usersec.h>])
e351e493 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
ba603e06 392 AC_CHECK_DECLS(loginfailed,
e351e493 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
394 AC_TRY_COMPILE(
f58c0e01 395 [#include <usersec.h>],
e351e493 396 [(void)loginfailed("user","host","tty",0);],
397 [AC_MSG_RESULT(yes)
3466e002 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
399 [Define if your AIX loginfailed() function
400 takes 4 arguments (AIX >= 5.2)])],
f58c0e01 401 [AC_MSG_RESULT(no)]
e351e493 402 )],
403 [],
404 [#include <usersec.h>]
405 )
533a78f0 406 AC_CHECK_FUNCS(getgrset setauthdb)
53c337ed 407 AC_CHECK_DECL(F_CLOSEM,
795e7517 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
53c337ed 409 [],
410 [ #include <limits.h>
411 #include <fcntl.h> ]
412 )
5ccf88cb 413 check_for_aix_broken_getaddrinfo=1
3466e002 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
416 [Define if your platform breaks doing a seteuid before a setuid])
417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
a3cef3ca 419 dnl AIX handles lastlog as part of its login message
3466e002 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
422 [Some systems need a utmpx entry for /bin/login to work])
423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
424 [Define to a Set Process Title type if your system is
425 supported by bsd-setproctitle.c])
961c2997 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
427 [AIX 5.2 and 5.3 (and presumably newer) require this])
ea8c44d9 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
9d6b1b96 429 ;;
3c62e7eb 430*-*-cygwin*)
a52997bd 431 check_for_libcrypt_later=1
04765d02 432 LIBS="$LIBS /usr/lib/textreadmode.o"
3466e002 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
435 AC_DEFINE(DISABLE_SHADOW, 1,
436 [Define if you want to disable shadow passwords])
437 AC_DEFINE(IP_TOS_IS_BROKEN, 1,
438 [Define if your system choked on IP TOS setting])
439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
440 [Define if X11 doesn't support AF_UNIX sockets on that system])
441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
442 [Define if the concept of ports only accessible to
443 superusers isn't known])
444 AC_DEFINE(DISABLE_FD_PASSING, 1,
445 [Define if your platform needs to skip post auth
446 file descriptor passing])
3c62e7eb 447 ;;
d6fdb079 448*-*-dgux*)
449 AC_DEFINE(IP_TOS_IS_BROKEN)
0c6a72a5 450 AC_DEFINE(SETEUID_BREAKS_SETUID)
451 AC_DEFINE(BROKEN_SETREUID)
452 AC_DEFINE(BROKEN_SETREGID)
d6fdb079 453 ;;
39c98ef7 454*-*-darwin*)
33e2e066 455 AC_MSG_CHECKING(if we have working getaddrinfo)
456 AC_TRY_RUN([#include <mach-o/dyld.h>
457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
458 exit(0);
459 else
460 exit(1);
461}], [AC_MSG_RESULT(working)],
462 [AC_MSG_RESULT(buggy)
3466e002 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
b27e573d 464 [AC_MSG_RESULT(assume it is working)])
635e0c42 465 AC_DEFINE(SETEUID_BREAKS_SETUID)
466 AC_DEFINE(BROKEN_SETREUID)
467 AC_DEFINE(BROKEN_SETREGID)
a8ad3b9d 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
3466e002 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
470 [Define if your resolver libs need this for getrrsetbyname])
e02505e2 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
473 [Use tunnel device compatibility to OpenBSD])
474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
475 [Prepend the address family to IP tunnel traffic])
a74e9b64 476 m4_pattern_allow(AU_IPv)
477 AC_CHECK_DECL(AU_IPv4, [],
478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
479 [#include <bsm/audit.h>]
480 )
39c98ef7 481 ;;
36f36ba3 482*-*-dragonfly*)
483 SSHDLIBS="$SSHDLIBS -lcrypt"
484 ;;
7d458c86 485*-*-hpux*)
486 # first we define all of the options common to all HP-UX releases
b8fea62d 487 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
44839801 488 IPADDR_IN_DISPLAY=yes
2b10f47a 489 AC_DEFINE(USE_PIPES)
3466e002 490 AC_DEFINE(LOGIN_NO_ENDOPT, 1,
491 [Define if your login program cannot handle end of options ("--")])
a2572aa7 492 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 493 AC_DEFINE(LOCKED_PASSWD_STRING, "*",
494 [String used in /etc/passwd to denote locked account])
3a2b2b44 495 AC_DEFINE(SPT_TYPE,SPT_PSTAT)
83f987c3 496 MAIL="/var/mail/username"
f75ca46d 497 LIBS="$LIBS -lsec"
7d458c86 498 AC_CHECK_LIB(xnet, t_error, ,
499 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
500
501 # next, we define all of the options specific to major releases
502 case "$host" in
503 *-*-hpux10*)
504 if test -z "$GCC"; then
505 CFLAGS="$CFLAGS -Ae"
506 fi
507 ;;
508 *-*-hpux11*)
3466e002 509 AC_DEFINE(PAM_SUN_CODEBASE, 1,
510 [Define if you are using Solaris-derived PAM which
511 passes pam_messages to the conversation function
512 with an extra level of indirection])
513 AC_DEFINE(DISABLE_UTMP, 1,
514 [Define if you don't want to use utmp])
7d458c86 515 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
516 check_for_hpux_broken_getaddrinfo=1
517 check_for_conflicting_getspnam=1
518 ;;
519 esac
520
521 # lastly, we define options specific to minor releases
522 case "$host" in
523 *-*-hpux10.26)
3466e002 524 AC_DEFINE(HAVE_SECUREWARE, 1,
525 [Define if you have SecureWare-based
526 protected password database])
7d458c86 527 disable_ptmx_check=yes
528 LIBS="$LIBS -lsecpw"
529 ;;
530 esac
2b763e31 531 ;;
d94aa2ae 532*-*-irix5*)
6ac7829a 533 PATH="$PATH:/usr/etc"
3466e002 534 AC_DEFINE(BROKEN_INET_NTOA, 1,
535 [Define if you system's inet_ntoa is busted
536 (e.g. Irix gcc issue)])
cb433561 537 AC_DEFINE(SETEUID_BREAKS_SETUID)
538 AC_DEFINE(BROKEN_SETREUID)
539 AC_DEFINE(BROKEN_SETREGID)
3466e002 540 AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
541 [Define if you shouldn't strip 'tty' from your
542 ttyname in [uw]tmp])
3e6e3da0 543 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
b9795b89 544 ;;
545*-*-irix6*)
6ac7829a 546 PATH="$PATH:/usr/etc"
3466e002 547 AC_DEFINE(WITH_IRIX_ARRAY, 1,
548 [Define if you have/want arrays
549 (cluster-wide session managment, not C arrays)])
550 AC_DEFINE(WITH_IRIX_PROJECT, 1,
551 [Define if you want IRIX project management])
552 AC_DEFINE(WITH_IRIX_AUDIT, 1,
553 [Define if you want IRIX audit trails])
554 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
555 [Define if you want IRIX kernel jobs])])
416ed5a7 556 AC_DEFINE(BROKEN_INET_NTOA)
412c0eaa 557 AC_DEFINE(SETEUID_BREAKS_SETUID)
558 AC_DEFINE(BROKEN_SETREUID)
559 AC_DEFINE(BROKEN_SETREGID)
3466e002 560 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
0e8f4eba 561 AC_DEFINE(WITH_ABBREV_NO_TTY)
3e6e3da0 562 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
d94aa2ae 563 ;;
5cdfe03f 564*-*-linux*)
565 no_dev_ptmx=1
717057b6 566 check_for_libcrypt_later=1
eacb954e 567 check_for_openpty_ctty_bug=1
3466e002 568 AC_DEFINE(PAM_TTY_KLUDGE, 1,
569 [Work around problematic Linux PAM modules handling of PAM_TTY])
570 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
571 [String used in /etc/passwd to denote locked account])
3a2b2b44 572 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
3466e002 573 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
574 [Define to whatever link() returns for "not supported"
575 if it doesn't return EOPNOTSUPP.])
b6610e8f 576 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
3466e002 577 AC_DEFINE(USE_BTMP)
80faa19f 578 inet6_default_4in6=yes
bf7c1e6c 579 case `uname -r` in
ad84c479 580 1.*|2.0.*)
3466e002 581 AC_DEFINE(BROKEN_CMSG_TYPE, 1,
582 [Define if cmsg_type is not passed correctly])
bf7c1e6c 583 ;;
bf7c1e6c 584 esac
c40f09ca 585 # tun(4) forwarding compat code
d91775e1 586 AC_CHECK_HEADERS(linux/if_tun.h)
b5081213 587 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
c40f09ca 588 AC_DEFINE(SSH_TUN_LINUX, 1,
589 [Open tunnel devices the Linux tun/tap way])
590 AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
591 [Use tunnel device compatibility to OpenBSD])
592 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
593 [Prepend the address family to IP tunnel traffic])
594 fi
5cdfe03f 595 ;;
66d6c27e 596mips-sony-bsd|mips-sony-newsos4)
4b2cf3f1 597 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
66d6c27e 598 SONY=1
66d6c27e 599 ;;
d468fc76 600*-*-netbsd*)
33e2e066 601 check_for_libcrypt_before=1
82f4e93d 602 if test "x$withval" != "xno" ; then
e6354014 603 need_dash_r=1
604 fi
0f6cb079 605 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
606 AC_CHECK_HEADER([net/if_tap.h], ,
607 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
608 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
609 [Prepend the address family to IP tunnel traffic])
d468fc76 610 ;;
86b416a7 611*-*-freebsd*)
612 check_for_libcrypt_later=1
988c5031 613 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
0f6cb079 614 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
615 AC_CHECK_HEADER([net/if_tap.h], ,
616 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
fbfeb0de 617 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
86b416a7 618 ;;
8707b7eb 619*-*-bsdi*)
620 AC_DEFINE(SETEUID_BREAKS_SETUID)
621 AC_DEFINE(BROKEN_SETREUID)
622 AC_DEFINE(BROKEN_SETREGID)
623 ;;
729bfe59 624*-next-*)
729bfe59 625 conf_lastlog_location="/usr/adm/lastlog"
698d107e 626 conf_utmp_location=/etc/utmp
627 conf_wtmp_location=/usr/adm/wtmp
628 MAIL=/usr/spool/mail
3466e002 629 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
443172c4 630 AC_DEFINE(BROKEN_REALPATH)
00937921 631 AC_DEFINE(USE_PIPES)
3466e002 632 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
729bfe59 633 ;;
5b7b5e23 634*-*-openbsd*)
635 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
8034a348 636 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
0f6cb079 637 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
c79c4814 638 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1,
639 [syslog_r function is safe to use in in a signal handler])
5b7b5e23 640 ;;
9d6b1b96 641*-*-solaris*)
82f4e93d 642 if test "x$withval" != "xno" ; then
010e9d5b 643 need_dash_r=1
644 fi
adeebd37 645 AC_DEFINE(PAM_SUN_CODEBASE)
7e2d5fa4 646 AC_DEFINE(LOGIN_NEEDS_UTMPX)
3466e002 647 AC_DEFINE(LOGIN_NEEDS_TERM, 1,
648 [Some versions of /bin/login need the TERM supplied
649 on the commandline])
7f0a4ff1 650 AC_DEFINE(PAM_TTY_KLUDGE)
3466e002 651 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
652 [Define if pam_chauthtok wants real uid set
653 to the unpriv'ed user])
3e6e3da0 654 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
ad84c479 655 # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
3466e002 656 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
657 [Define if sshd somehow reacquires a controlling TTY
658 after setsid()])
795aa5f5 659 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
660 in case the name is longer than 8 chars])
95b99395 661 external_path_file=/etc/default/login
1d7b9b20 662 # hardwire lastlog location (can't detect it on some versions)
663 conf_lastlog_location="/var/adm/lastlog"
32c80420 664 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
665 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
666 if test "$sol2ver" -ge 8; then
667 AC_MSG_RESULT(yes)
668 AC_DEFINE(DISABLE_UTMP)
3466e002 669 AC_DEFINE(DISABLE_WTMP, 1,
670 [Define if you don't want to use wtmp])
32c80420 671 else
672 AC_MSG_RESULT(no)
673 fi
5b84789f 674 AC_ARG_WITH(solaris-contracts,
675 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
676 [
677 AC_CHECK_LIB(contract, ct_tmpl_activate,
678 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
679 [Define if you have Solaris process contracts])
680 SSHDLIBS="$SSHDLIBS -lcontract"
681 AC_SUBST(SSHDLIBS)
682 SPC_MSG="yes" ], )
683 ],
684 )
9d6b1b96 685 ;;
a423beaf 686*-*-sunos4*)
0c2fb82f 687 CPPFLAGS="$CPPFLAGS -DSUNOS4"
a423beaf 688 AC_CHECK_FUNCS(getpwanam)
adeebd37 689 AC_DEFINE(PAM_SUN_CODEBASE)
32eec038 690 conf_utmp_location=/etc/utmp
691 conf_wtmp_location=/var/adm/wtmp
692 conf_lastlog_location=/var/adm/lastlog
137d7b6c 693 AC_DEFINE(USE_PIPES)
a423beaf 694 ;;
6f68f28a 695*-ncr-sysv*)
98a7c37b 696 LIBS="$LIBS -lc89"
29525240 697 AC_DEFINE(USE_PIPES)
eabb99c6 698 AC_DEFINE(SSHD_ACQUIRES_CTTY)
6fb3618d 699 AC_DEFINE(SETEUID_BREAKS_SETUID)
700 AC_DEFINE(BROKEN_SETREUID)
701 AC_DEFINE(BROKEN_SETREGID)
6f68f28a 702 ;;
132dd316 703*-sni-sysv*)
c8c15bcb 704 # /usr/ucblib MUST NOT be searched on ReliantUNIX
e2798e96 705 AC_CHECK_LIB(dl, dlsym, ,)
d08db6d1 706 # -lresolv needs to be at the end of LIBS or DNS lookups break
707 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
9548d6c8 708 IPADDR_IN_DISPLAY=yes
709 AC_DEFINE(USE_PIPES)
132dd316 710 AC_DEFINE(IP_TOS_IS_BROKEN)
605369bb 711 AC_DEFINE(SETEUID_BREAKS_SETUID)
712 AC_DEFINE(BROKEN_SETREUID)
713 AC_DEFINE(BROKEN_SETREGID)
eabb99c6 714 AC_DEFINE(SSHD_ACQUIRES_CTTY)
95b99395 715 external_path_file=/etc/default/login
c8c15bcb 716 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX
717 # Attention: always take care to bind libsocket and libnsl before libc,
718 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
132dd316 719 ;;
79a7ba96 720# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
77bb0bca 721*-*-sysv4.2*)
ed6553e2 722 AC_DEFINE(USE_PIPES)
7ed101c0 723 AC_DEFINE(SETEUID_BREAKS_SETUID)
724 AC_DEFINE(BROKEN_SETREUID)
725 AC_DEFINE(BROKEN_SETREGID)
46f853b9 726 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
e45da4d6 727 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
77bb0bca 728 ;;
79a7ba96 729# UnixWare 7.x, OpenUNIX 8
77bb0bca 730*-*-sysv5*)
d7d2cc6e 731 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
ed6553e2 732 AC_DEFINE(USE_PIPES)
7ed101c0 733 AC_DEFINE(SETEUID_BREAKS_SETUID)
734 AC_DEFINE(BROKEN_SETREUID)
735 AC_DEFINE(BROKEN_SETREGID)
3466e002 736 AC_DEFINE(PASSWD_NEEDS_USERNAME)
822015dd 737 case "$host" in
738 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x
739 TEST_SHELL=/u95/bin/sh
3466e002 740 AC_DEFINE(BROKEN_LIBIAF, 1,
741 [ia_uinfo routines not supported by OS yet])
5cc6ddad 742 AC_DEFINE(BROKEN_UPDWTMPX)
16076ac9 743 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot"
744 AC_CHECK_FUNCS(getluid setluid,,,-lprot)
745 AC_DEFINE(HAVE_SECUREWARE)
746 AC_DEFINE(DISABLE_SHADOW)
747 ],,)
822015dd 748 ;;
e45da4d6 749 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
44a71983 750 check_for_libcrypt_later=1
e45da4d6 751 ;;
822015dd 752 esac
77bb0bca 753 ;;
9d6b1b96 754*-*-sysv*)
9d6b1b96 755 ;;
79a7ba96 756# SCO UNIX and OEM versions of SCO UNIX
77bb0bca 757*-*-sco3.2v4*)
11cf4f1f 758 AC_MSG_ERROR("This Platform is no longer supported.")
77bb0bca 759 ;;
79a7ba96 760# SCO OpenServer 5.x
77bb0bca 761*-*-sco3.2v5*)
21710e39 762 if test -z "$GCC"; then
763 CFLAGS="$CFLAGS -belf"
764 fi
ed6553e2 765 LIBS="$LIBS -lprot -lx -ltinfo -lm"
509b1f88 766 no_dev_ptmx=1
ed6553e2 767 AC_DEFINE(USE_PIPES)
6e879cb4 768 AC_DEFINE(HAVE_SECUREWARE)
d287c664 769 AC_DEFINE(DISABLE_SHADOW)
94d8258b 770 AC_DEFINE(DISABLE_FD_PASSING)
7ed101c0 771 AC_DEFINE(SETEUID_BREAKS_SETUID)
772 AC_DEFINE(BROKEN_SETREUID)
773 AC_DEFINE(BROKEN_SETREGID)
bcebad47 774 AC_DEFINE(WITH_ABBREV_NO_TTY)
34f2baf0 775 AC_DEFINE(BROKEN_UPDWTMPX)
3466e002 776 AC_DEFINE(PASSWD_NEEDS_USERNAME)
aca75d94 777 AC_CHECK_FUNCS(getluid setluid)
533875af 778 MANTYPE=man
a3245b92 779 TEST_SHELL=ksh
509b1f88 780 ;;
ccbb983c 781*-*-unicosmk*)
3466e002 782 AC_DEFINE(NO_SSH_LASTLOG, 1,
783 [Define if you don't want to use lastlog in session.c])
c1ad5966 784 AC_DEFINE(SETEUID_BREAKS_SETUID)
785 AC_DEFINE(BROKEN_SETREUID)
786 AC_DEFINE(BROKEN_SETREGID)
ccbb983c 787 AC_DEFINE(USE_PIPES)
788 AC_DEFINE(DISABLE_FD_PASSING)
789 LDFLAGS="$LDFLAGS"
790 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
791 MANTYPE=cat
d262b7f2 792 ;;
7b9a8c6e 793*-*-unicosmp*)
c1ad5966 794 AC_DEFINE(SETEUID_BREAKS_SETUID)
795 AC_DEFINE(BROKEN_SETREUID)
796 AC_DEFINE(BROKEN_SETREGID)
7b9a8c6e 797 AC_DEFINE(WITH_ABBREV_NO_TTY)
798 AC_DEFINE(USE_PIPES)
799 AC_DEFINE(DISABLE_FD_PASSING)
800 LDFLAGS="$LDFLAGS"
c1ad5966 801 LIBS="$LIBS -lgen -lacid -ldb"
7b9a8c6e 802 MANTYPE=cat
803 ;;
ca5c7d6a 804*-*-unicos*)
c1ad5966 805 AC_DEFINE(SETEUID_BREAKS_SETUID)
806 AC_DEFINE(BROKEN_SETREUID)
807 AC_DEFINE(BROKEN_SETREGID)
ca5c7d6a 808 AC_DEFINE(USE_PIPES)
94d8258b 809 AC_DEFINE(DISABLE_FD_PASSING)
ef51930f 810 AC_DEFINE(NO_SSH_LASTLOG)
ccbb983c 811 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
812 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
813 MANTYPE=cat
a704dd54 814 ;;
4d33e531 815*-dec-osf*)
99c8ddac 816 AC_MSG_CHECKING(for Digital Unix SIA)
817 no_osfsia=""
818 AC_ARG_WITH(osfsia,
819 [ --with-osfsia Enable Digital Unix SIA],
820 [
821 if test "x$withval" = "xno" ; then
822 AC_MSG_RESULT(disabled)
823 no_osfsia=1
824 fi
825 ],
826 )
827 if test -z "$no_osfsia" ; then
4d33e531 828 if test -f /etc/sia/matrix.conf; then
829 AC_MSG_RESULT(yes)
3466e002 830 AC_DEFINE(HAVE_OSF_SIA, 1,
831 [Define if you have Digital Unix Security
832 Integration Architecture])
833 AC_DEFINE(DISABLE_LOGIN, 1,
834 [Define if you don't want to use your
835 system's login() call])
58d0df4e 836 AC_DEFINE(DISABLE_FD_PASSING)
4d33e531 837 LIBS="$LIBS -lsecurity -ldb -lm -laud"
5b84789f 838 SIA_MSG="yes"
4d33e531 839 else
840 AC_MSG_RESULT(no)
3466e002 841 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
842 [String used in /etc/passwd to denote locked account])
4d33e531 843 fi
844 fi
a6e67b60 845 AC_DEFINE(BROKEN_GETADDRINFO)
f4f2ff4f 846 AC_DEFINE(SETEUID_BREAKS_SETUID)
08da2d08 847 AC_DEFINE(BROKEN_SETREUID)
848 AC_DEFINE(BROKEN_SETREGID)
6ed8a3ae 849 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv])
4d33e531 850 ;;
41cb4569 851
9c54c067 852*-*-nto-qnx*)
41cb4569 853 AC_DEFINE(USE_PIPES)
854 AC_DEFINE(NO_X11_UNIX_SOCKETS)
3466e002 855 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
856 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
857 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
9c54c067 858 AC_DEFINE(DISABLE_LASTLOG)
49c64dd6 859 AC_DEFINE(SSHD_ACQUIRES_CTTY)
86996ebe 860 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
0c7e8877 861 enable_etc_default_login=no # has incompatible /etc/default/login
575ee4c4 862 case "$host" in
863 *-*-nto-qnx6*)
864 AC_DEFINE(DISABLE_FD_PASSING)
865 ;;
866 esac
41cb4569 867 ;;
35fc74ed 868
869*-*-ultrix*)
3466e002 870 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
871 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
4b2cf3f1 872 AC_DEFINE(NEED_SETPGRP)
b5765e1d 873 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
874 ;;
157b6700 875
876*-*-lynxos)
877 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
3466e002 878 AC_DEFINE(MISSING_HOWMANY)
157b6700 879 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
880 ;;
a7effaac 881esac
882
c5829391 883AC_MSG_CHECKING(compiler and flags for sanity)
479cece8 884AC_RUN_IFELSE(
885 [AC_LANG_SOURCE([
c5829391 886#include <stdio.h>
887int main(){exit(0);}
479cece8 888 ])],
c5829391 889 [ AC_MSG_RESULT(yes) ],
890 [
891 AC_MSG_RESULT(no)
892 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
1a01a50c 893 ],
894 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
c5829391 895)
896
b04a9f8c 897dnl Checks for header files.
a0391976 898# Checks for libraries.
98a7c37b 899AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
900AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
2c523de9 901
446227d6 902dnl IRIX and Solaris 2.5.1 have dirname() in libgen
903AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
904 AC_CHECK_LIB(gen, dirname,[
905 AC_CACHE_CHECK([for broken dirname],
906 ac_cv_have_broken_dirname, [
907 save_LIBS="$LIBS"
908 LIBS="$LIBS -lgen"
b0e7249f 909 AC_RUN_IFELSE(
910 [AC_LANG_SOURCE([[
446227d6 911#include <libgen.h>
912#include <string.h>
913
914int main(int argc, char **argv) {
915 char *s, buf[32];
916
917 strncpy(buf,"/etc", 32);
918 s = dirname(buf);
919 if (!s || strncmp(s, "/", 32) != 0) {
920 exit(1);
921 } else {
922 exit(0);
923 }
924}
b0e7249f 925 ]])],
926 [ ac_cv_have_broken_dirname="no" ],
927 [ ac_cv_have_broken_dirname="yes" ],
446227d6 928 [ ac_cv_have_broken_dirname="no" ],
446227d6 929 )
930 LIBS="$save_LIBS"
931 ])
932 if test "x$ac_cv_have_broken_dirname" = "xno" ; then
933 LIBS="$LIBS -lgen"
934 AC_DEFINE(HAVE_DIRNAME)
935 AC_CHECK_HEADERS(libgen.h)
936 fi
937 ])
938])
939
940AC_CHECK_FUNC(getspnam, ,
941 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
3466e002 942AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
943 [Define if you have the basename function.]))
446227d6 944
98a7c37b 945dnl zlib is required
946AC_ARG_WITH(zlib,
947 [ --with-zlib=PATH Use zlib in PATH],
6dd05556 948 [ if test "x$withval" = "xno" ; then
949 AC_MSG_ERROR([*** zlib is required ***])
950 elif test "x$withval" != "xyes"; then
98a7c37b 951 if test -d "$withval/lib"; then
952 if test -n "${need_dash_r}"; then
5a162955 953 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 954 else
5a162955 955 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 956 fi
957 else
958 if test -n "${need_dash_r}"; then
5a162955 959 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 960 else
5a162955 961 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 962 fi
963 fi
964 if test -d "$withval/include"; then
5a162955 965 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 966 else
5a162955 967 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 968 fi
6dd05556 969 fi ]
98a7c37b 970)
971
0a15d73b 972AC_CHECK_LIB(z, deflate, ,
973 [
974 saved_CPPFLAGS="$CPPFLAGS"
975 saved_LDFLAGS="$LDFLAGS"
976 save_LIBS="$LIBS"
977 dnl Check default zlib install dir
978 if test -n "${need_dash_r}"; then
979 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
980 else
981 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
982 fi
983 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
984 LIBS="$LIBS -lz"
985 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
986 [
987 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
988 ]
989 )
990 ]
991)
4ad65809 992AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
8068d564 993
994AC_ARG_WITH(zlib-version-check,
995 [ --without-zlib-version-check Disable zlib version check],
996 [ if test "x$withval" = "xno" ; then
997 zlib_check_nonfatal=1
998 fi
999 ]
1000)
1001
5c7fc85d 1002AC_MSG_CHECKING(for possibly buggy zlib)
479cece8 1003AC_RUN_IFELSE([AC_LANG_SOURCE([[
5c7fc85d 1004#include <stdio.h>
4ad65809 1005#include <zlib.h>
1006int main()
1007{
5c7fc85d 1008 int a=0, b=0, c=0, d=0, n, v;
1009 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
1010 if (n != 3 && n != 4)
4ad65809 1011 exit(1);
5c7fc85d 1012 v = a*1000000 + b*10000 + c*100 + d;
1013 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
1014
1015 /* 1.1.4 is OK */
1016 if (a == 1 && b == 1 && c >= 4)
4ad65809 1017 exit(0);
5c7fc85d 1018
0072b59d 1019 /* 1.2.3 and up are OK */
1020 if (v >= 1020300)
5c7fc85d 1021 exit(0);
1022
4ad65809 1023 exit(2);
1024}
479cece8 1025 ]])],
5c7fc85d 1026 AC_MSG_RESULT(no),
1027 [ AC_MSG_RESULT(yes)
8068d564 1028 if test -z "$zlib_check_nonfatal" ; then
1029 AC_MSG_ERROR([*** zlib too old - check config.log ***
1030Your reported zlib version has known security problems. It's possible your
1031vendor has fixed these problems without changing the version number. If you
1032are sure this is the case, you can disable the check by running
1033"./configure --without-zlib-version-check".
6090bcfe 1034If you are in doubt, upgrade zlib to version 1.2.3 or greater.
5c7fc85d 1035See http://www.gzip.org/zlib/ for details.])
8068d564 1036 else
1037 AC_MSG_WARN([zlib version may have security problems])
1038 fi
1a01a50c 1039 ],
1040 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
4ad65809 1041)
48e7916f 1042
2c523de9 1043dnl UnixWare 2.x
aff51935 1044AC_CHECK_FUNC(strcasecmp,
2c523de9 1045 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
1046)
23361281 1047AC_CHECK_FUNCS(utimes,
cda1ebcb 1048 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
1049 LIBS="$LIBS -lc89"]) ]
2c523de9 1050)
4cca272e 1051
7c6d759d 1052dnl Checks for libutil functions
1053AC_CHECK_HEADERS(libutil.h)
3466e002 1054AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
1055 [Define if your libraries define login()])])
b3ef88dc 1056AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp)
7c6d759d 1057
a738c3b0 1058AC_FUNC_STRFTIME
1059
84ceda19 1060# Check for ALTDIRFUNC glob() extension
1061AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
1062AC_EGREP_CPP(FOUNDIT,
1063 [
1064 #include <glob.h>
1065 #ifdef GLOB_ALTDIRFUNC
1066 FOUNDIT
1067 #endif
aff51935 1068 ],
84ceda19 1069 [
3466e002 1070 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
1071 [Define if your system glob() function has
1072 the GLOB_ALTDIRFUNC extension])
84ceda19 1073 AC_MSG_RESULT(yes)
1074 ],
1075 [
1076 AC_MSG_RESULT(no)
1077 ]
1078)
4cca272e 1079
40849fdb 1080# Check for g.gl_matchc glob() extension
1081AC_MSG_CHECKING(for gl_matchc field in glob_t)
d90b9f9a 1082AC_TRY_COMPILE(
13ff27b7 1083 [ #include <glob.h> ],
1084 [glob_t g; g.gl_matchc = 1;],
aff51935 1085 [
3466e002 1086 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
1087 [Define if your system glob() function has
1088 gl_matchc options in glob_t])
aff51935 1089 AC_MSG_RESULT(yes)
1090 ],
1091 [
1092 AC_MSG_RESULT(no)
1093 ]
40849fdb 1094)
1095
78888bab 1096AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>])
1097
edbe6722 1098AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
1a01a50c 1099AC_RUN_IFELSE(
479cece8 1100 [AC_LANG_SOURCE([[
edbe6722 1101#include <sys/types.h>
1102#include <dirent.h>
aec4cb4f 1103int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
479cece8 1104 ]])],
aff51935 1105 [AC_MSG_RESULT(yes)],
edbe6722 1106 [
1107 AC_MSG_RESULT(no)
3466e002 1108 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
d08db6d1 1109 [Define if your struct dirent expects you to
3466e002 1110 allocate extra space for d_name])
1a01a50c 1111 ],
82f4e93d 1112 [
1a01a50c 1113 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
1114 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
edbe6722 1115 ]
1116)
1117
419e26e7 1118AC_MSG_CHECKING([for /proc/pid/fd directory])
1119if test -d "/proc/$$/fd" ; then
3466e002 1120 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
419e26e7 1121 AC_MSG_RESULT(yes)
1122else
1123 AC_MSG_RESULT(no)
1124fi
1125
278588d8 1126# Check whether user wants S/Key support
aff51935 1127SKEY_MSG="no"
278588d8 1128AC_ARG_WITH(skey,
6ff3d0dc 1129 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
278588d8 1130 [
1131 if test "x$withval" != "xno" ; then
1132
1133 if test "x$withval" != "xyes" ; then
1134 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1135 LDFLAGS="$LDFLAGS -L${withval}/lib"
1136 fi
1137
3466e002 1138 AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
278588d8 1139 LIBS="-lskey $LIBS"
aff51935 1140 SKEY_MSG="yes"
82f4e93d 1141
ddceb1c8 1142 AC_MSG_CHECKING([for s/key support])
b0e7249f 1143 AC_LINK_IFELSE(
1144 [AC_LANG_SOURCE([[
ddceb1c8 1145#include <stdio.h>
1146#include <skey.h>
aec4cb4f 1147int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
b0e7249f 1148 ]])],
ddceb1c8 1149 [AC_MSG_RESULT(yes)],
278588d8 1150 [
ddceb1c8 1151 AC_MSG_RESULT(no)
278588d8 1152 AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
1153 ])
141fc639 1154 AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
1155 AC_TRY_COMPILE(
1156 [#include <stdio.h>
1157 #include <skey.h>],
1158 [(void)skeychallenge(NULL,"name","",0);],
1159 [AC_MSG_RESULT(yes)
3466e002 1160 AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
1161 [Define if your skeychallenge()
1162 function takes 4 arguments (NetBSD)])],
141fc639 1163 [AC_MSG_RESULT(no)]
1164 )
278588d8 1165 fi
1166 ]
1167)
1168
1169# Check whether user wants TCP wrappers support
98a7c37b 1170TCPW_MSG="no"
278588d8 1171AC_ARG_WITH(tcp-wrappers,
6ff3d0dc 1172 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
278588d8 1173 [
1174 if test "x$withval" != "xno" ; then
1175 saved_LIBS="$LIBS"
98a7c37b 1176 saved_LDFLAGS="$LDFLAGS"
1177 saved_CPPFLAGS="$CPPFLAGS"
4b492aab 1178 if test -n "${withval}" && \
6cf0200f 1179 test "x${withval}" != "xyes"; then
98a7c37b 1180 if test -d "${withval}/lib"; then
1181 if test -n "${need_dash_r}"; then
5a162955 1182 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
98a7c37b 1183 else
5a162955 1184 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
98a7c37b 1185 fi
1186 else
1187 if test -n "${need_dash_r}"; then
5a162955 1188 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
98a7c37b 1189 else
5a162955 1190 LDFLAGS="-L${withval} ${LDFLAGS}"
98a7c37b 1191 fi
1192 fi
1193 if test -d "${withval}/include"; then
5a162955 1194 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
98a7c37b 1195 else
5a162955 1196 CPPFLAGS="-I${withval} ${CPPFLAGS}"
98a7c37b 1197 fi
98a7c37b 1198 fi
e54defb4 1199 LIBS="-lwrap $LIBS"
278588d8 1200 AC_MSG_CHECKING(for libwrap)
1201 AC_TRY_LINK(
1202 [
77f09220 1203#include <sys/types.h>
1204#include <sys/socket.h>
1205#include <netinet/in.h>
278588d8 1206#include <tcpd.h>
1207 int deny_severity = 0, allow_severity = 0;
1208 ],
1209 [hosts_access(0);],
1210 [
1211 AC_MSG_RESULT(yes)
3466e002 1212 AC_DEFINE(LIBWRAP, 1,
1213 [Define if you want
1214 TCP Wrappers support])
e54defb4 1215 SSHDLIBS="$SSHDLIBS -lwrap"
98a7c37b 1216 TCPW_MSG="yes"
278588d8 1217 ],
1218 [
1219 AC_MSG_ERROR([*** libwrap missing])
1220 ]
1221 )
ddceb1c8 1222 LIBS="$saved_LIBS"
278588d8 1223 fi
1224 ]
1225)
1226
59031773 1227# Check whether user wants libedit support
1228LIBEDIT_MSG="no"
1229AC_ARG_WITH(libedit,
6ff3d0dc 1230 [ --with-libedit[[=PATH]] Enable libedit support for sftp],
59031773 1231 [ if test "x$withval" != "xno" ; then
737edf04 1232 if test "x$withval" != "xyes"; then
bb116c8e 1233 CPPFLAGS="$CPPFLAGS -I${withval}/include"
1234 if test -n "${need_dash_r}"; then
1235 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1236 else
1237 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1238 fi
737edf04 1239 fi
59031773 1240 AC_CHECK_LIB(edit, el_init,
3466e002 1241 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
59031773 1242 LIBEDIT="-ledit -lcurses"
1243 LIBEDIT_MSG="yes"
1244 AC_SUBST(LIBEDIT)
1245 ],
737edf04 1246 [ AC_MSG_ERROR(libedit not found) ],
1247 [ -lcurses ]
59031773 1248 )
f47ddccb 1249 AC_MSG_CHECKING(if libedit version is compatible)
d92622f9 1250 AC_COMPILE_IFELSE(
1251 [AC_LANG_SOURCE([[
1252#include <histedit.h>
f47ddccb 1253int main(void)
1254{
1255 int i = H_SETSIZE;
1256 el_init("", NULL, NULL, NULL);
1257 exit(0);
1258}
d92622f9 1259 ]])],
f47ddccb 1260 [ AC_MSG_RESULT(yes) ],
1261 [ AC_MSG_RESULT(no)
1262 AC_MSG_ERROR(libedit version is not compatible) ]
1263 )
59031773 1264 fi ]
1265)
1266
7b578f7d 1267AUDIT_MODULE=none
1268AC_ARG_WITH(audit,
1269 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
1270 [
1271 AC_MSG_CHECKING(for supported audit module)
1272 case "$withval" in
1273 bsm)
1274 AC_MSG_RESULT(bsm)
1275 AUDIT_MODULE=bsm
1276 dnl Checks for headers, libs and functions
1277 AC_CHECK_HEADERS(bsm/audit.h, [],
a01f637d 1278 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)],
1279 [
1280#ifdef HAVE_TIME_H
1281# include <time.h>
1282#endif
1283 ]
1284)
7b578f7d 1285 AC_CHECK_LIB(bsm, getaudit, [],
1286 [AC_MSG_ERROR(BSM enabled and required library not found)])
1287 AC_CHECK_FUNCS(getaudit, [],
1288 [AC_MSG_ERROR(BSM enabled and required function not found)])
1289 # These are optional
a74e9b64 1290 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
3466e002 1291 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
7b578f7d 1292 ;;
1293 debug)
1294 AUDIT_MODULE=debug
1295 AC_MSG_RESULT(debug)
3466e002 1296 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
7b578f7d 1297 ;;
a2b3321d 1298 no)
d92622f9 1299 AC_MSG_RESULT(no)
a2b3321d 1300 ;;
7b578f7d 1301 *)
1302 AC_MSG_ERROR([Unknown audit module $withval])
1303 ;;
1304 esac ]
1305)
1306
19160674 1307dnl Checks for library functions. Please keep in alphabetical order
b04a9f8c 1308AC_CHECK_FUNCS( \
1309 arc4random \
185adaf8 1310 arc4random_buf \
1311 arc4random_uniform \
9a406e1e 1312 asprintf \
b04a9f8c 1313 b64_ntop \
1314 __b64_ntop \
1315 b64_pton \
1316 __b64_pton \
1317 bcopy \
1318 bindresvport_sa \
1319 clock \
1320 closefrom \
1321 dirfd \
b04a9f8c 1322 fchmod \
1323 fchown \
1324 freeaddrinfo \
22f5e872 1325 fstatvfs \
b04a9f8c 1326 futimes \
1327 getaddrinfo \
1328 getcwd \
1329 getgrouplist \
1330 getnameinfo \
1331 getopt \
1332 getpeereid \
1961d660 1333 getpeerucred \
b04a9f8c 1334 _getpty \
1335 getrlimit \
1336 getttyent \
1337 glob \
1338 inet_aton \
1339 inet_ntoa \
1340 inet_ntop \
1341 innetgr \
1342 login_getcapbool \
1343 md5_crypt \
1344 memmove \
1345 mkdtemp \
1346 mmap \
1347 ngetaddrinfo \
1348 nsleep \
1349 ogetaddrinfo \
1350 openlog_r \
1351 openpty \
6d39a5c4 1352 poll \
b04a9f8c 1353 prctl \
1354 pstat \
1355 readpassphrase \
1356 realpath \
1357 recvmsg \
1358 rresvport_af \
1359 sendmsg \
1360 setdtablesize \
1361 setegid \
1362 setenv \
1363 seteuid \
1364 setgroups \
1365 setlogin \
1366 setpcred \
1367 setproctitle \
1368 setregid \
1369 setreuid \
1370 setrlimit \
1371 setsid \
1372 setvbuf \
1373 sigaction \
1374 sigvec \
1375 snprintf \
1376 socketpair \
4538e135 1377 statfs \
1378 statvfs \
b04a9f8c 1379 strdup \
1380 strerror \
1381 strlcat \
1382 strlcpy \
1383 strmode \
1384 strnvis \
1385 strtonum \
1e29a0c8 1386 strtoll \
b04a9f8c 1387 strtoul \
1aac2117 1388 swap32 \
b04a9f8c 1389 sysconf \
1390 tcgetpgrp \
1391 truncate \
1392 unsetenv \
1393 updwtmpx \
9a406e1e 1394 vasprintf \
b04a9f8c 1395 vhangup \
1396 vsnprintf \
1397 waitpid \
19160674 1398)
98a7c37b 1399
1a086f97 1400# IRIX has a const char return value for gai_strerror()
1401AC_CHECK_FUNCS(gai_strerror,[
1402 AC_DEFINE(HAVE_GAI_STRERROR)
1403 AC_TRY_COMPILE([
1404#include <sys/types.h>
1405#include <sys/socket.h>
1406#include <netdb.h>
1407
1408const char *gai_strerror(int);],[
1409char *str;
1410
1411str = gai_strerror(0);],[
1412 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
1413 [Define if gai_strerror() returns const char *])])])
1414
3466e002 1415AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
1416 [Some systems put nanosleep outside of libc]))
92b1decf 1417
309709db 1418dnl Make sure prototypes are defined for these before using them.
309709db 1419AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
0957c2cf 1420AC_CHECK_DECL(strsep,
1421 [AC_CHECK_FUNCS(strsep)],
1422 [],
1423 [
1424#ifdef HAVE_STRING_H
1425# include <string.h>
1426#endif
1427 ])
08412d26 1428
3490699c 1429dnl tcsendbreak might be a macro
1430AC_CHECK_DECL(tcsendbreak,
1431 [AC_DEFINE(HAVE_TCSENDBREAK)],
aff51935 1432 [AC_CHECK_FUNCS(tcsendbreak)],
3490699c 1433 [#include <termios.h>]
1434)
1435
41e0e158 1436AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
1437
71f4c727 1438AC_CHECK_DECLS(SHUT_RD, , ,
1439 [
1440#include <sys/types.h>
1441#include <sys/socket.h>
1442 ])
956d6743 1443
1444AC_CHECK_DECLS(O_NONBLOCK, , ,
1445 [
1446#include <sys/types.h>
1447#ifdef HAVE_SYS_STAT_H
1448# include <sys/stat.h>
1449#endif
1450#ifdef HAVE_FCNTL_H
1451# include <fcntl.h>
1452#endif
1453 ])
1454
752994dd 1455AC_CHECK_DECLS(writev, , , [
1456#include <sys/types.h>
1457#include <sys/uio.h>
1458#include <unistd.h>
1459 ])
1460
0bf6279d 1461AC_CHECK_DECLS(MAXSYMLINKS, , , [
1462#include <sys/param.h>
1463 ])
1464
b41ece30 1465AC_CHECK_DECLS(offsetof, , , [
1466#include <stddef.h>
1467 ])
1468
3f176010 1469AC_CHECK_FUNCS(setresuid, [
1470 dnl Some platorms have setresuid that isn't implemented, test for this
1471 AC_MSG_CHECKING(if setresuid seems to work)
479cece8 1472 AC_RUN_IFELSE(
1473 [AC_LANG_SOURCE([[
9a3fe0e2 1474#include <stdlib.h>
1475#include <errno.h>
1476int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1477 ]])],
3f176010 1478 [AC_MSG_RESULT(yes)],
3466e002 1479 [AC_DEFINE(BROKEN_SETRESUID, 1,
1480 [Define if your setresuid() is broken])
1a01a50c 1481 AC_MSG_RESULT(not implemented)],
1482 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1483 )
1484])
9a3fe0e2 1485
3f176010 1486AC_CHECK_FUNCS(setresgid, [
1487 dnl Some platorms have setresgid that isn't implemented, test for this
1488 AC_MSG_CHECKING(if setresgid seems to work)
479cece8 1489 AC_RUN_IFELSE(
1490 [AC_LANG_SOURCE([[
9a3fe0e2 1491#include <stdlib.h>
1492#include <errno.h>
1493int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
479cece8 1494 ]])],
3f176010 1495 [AC_MSG_RESULT(yes)],
3466e002 1496 [AC_DEFINE(BROKEN_SETRESGID, 1,
1497 [Define if your setresgid() is broken])
1a01a50c 1498 AC_MSG_RESULT(not implemented)],
1499 [AC_MSG_WARN([cross compiling: not checking setresuid])]
3f176010 1500 )
1501])
9a3fe0e2 1502
2e73a022 1503dnl Checks for time functions
1d7b9b20 1504AC_CHECK_FUNCS(gettimeofday time)
2e73a022 1505dnl Checks for utmp functions
b03bd394 1506AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
1d7b9b20 1507AC_CHECK_FUNCS(utmpname)
2e73a022 1508dnl Checks for utmpx functions
b03bd394 1509AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
1d7b9b20 1510AC_CHECK_FUNCS(setutxent utmpxname)
76cd7316 1511
aff51935 1512AC_CHECK_FUNC(daemon,
3466e002 1513 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
1514 [AC_CHECK_LIB(bsd, daemon,
1515 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
beb43d31 1516)
1517
aff51935 1518AC_CHECK_FUNC(getpagesize,
3466e002 1519 [AC_DEFINE(HAVE_GETPAGESIZE, 1,
1520 [Define if your libraries define getpagesize()])],
1521 [AC_CHECK_LIB(ucb, getpagesize,
1522 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
aa6bd60a 1523)
1524
2647ae26 1525# Check for broken snprintf
1526if test "x$ac_cv_func_snprintf" = "xyes" ; then
1527 AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
1a01a50c 1528 AC_RUN_IFELSE(
479cece8 1529 [AC_LANG_SOURCE([[
2647ae26 1530#include <stdio.h>
aec4cb4f 1531int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
479cece8 1532 ]])],
aff51935 1533 [AC_MSG_RESULT(yes)],
2647ae26 1534 [
1535 AC_MSG_RESULT(no)
3466e002 1536 AC_DEFINE(BROKEN_SNPRINTF, 1,
1537 [Define if your snprintf is busted])
2647ae26 1538 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
1a01a50c 1539 ],
1540 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
2647ae26 1541 )
1542fi
1543
9a406e1e 1544# If we don't have a working asprintf, then we strongly depend on vsnprintf
1545# returning the right thing on overflow: the number of characters it tried to
1546# create (as per SUSv3)
1547if test "x$ac_cv_func_asprintf" != "xyes" && \
1548 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1549 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1550 AC_RUN_IFELSE(
1551 [AC_LANG_SOURCE([[
1552#include <sys/types.h>
1553#include <stdio.h>
1554#include <stdarg.h>
1555
1556int x_snprintf(char *str,size_t count,const char *fmt,...)
1557{
1558 size_t ret; va_list ap;
1559 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
1560 return ret;
1561}
1562int main(void)
1563{
1564 char x[1];
1565 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
1566} ]])],
1567 [AC_MSG_RESULT(yes)],
1568 [
1569 AC_MSG_RESULT(no)
1570 AC_DEFINE(BROKEN_SNPRINTF, 1,
1571 [Define if your snprintf is busted])
1572 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
1573 ],
1574 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
1575 )
1576fi
1577
31b0732a 1578# On systems where [v]snprintf is broken, but is declared in stdio,
1579# check that the fmt argument is const char * or just char *.
1580# This is only useful for when BROKEN_SNPRINTF
1581AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
1582AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
1583 int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
1584 int main(void) { snprintf(0, 0, 0); }
1585 ]])],
1586 [AC_MSG_RESULT(yes)
1587 AC_DEFINE(SNPRINTF_CONST, [const],
1588 [Define as const if snprintf() can declare const char *fmt])],
1589 [AC_MSG_RESULT(no)
1590 AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
1591
2f6f9cff 1592# Check for missing getpeereid (or equiv) support
1593NO_PEERCHECK=""
1961d660 1594if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
2f6f9cff 1595 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
1596 AC_TRY_COMPILE(
1597 [#include <sys/types.h>
1598 #include <sys/socket.h>],
1599 [int i = SO_PEERCRED;],
62eb7db4 1600 [ AC_MSG_RESULT(yes)
3466e002 1601 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
62eb7db4 1602 ],
2f6f9cff 1603 [AC_MSG_RESULT(no)
1604 NO_PEERCHECK=1]
1605 )
1606fi
1607
70e7d0b0 1608dnl see whether mkstemp() requires XXXXXX
1609if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
1610AC_MSG_CHECKING([for (overly) strict mkstemp])
b0e7249f 1611AC_RUN_IFELSE(
1612 [AC_LANG_SOURCE([[
70e7d0b0 1613#include <stdlib.h>
1614main() { char template[]="conftest.mkstemp-test";
1615if (mkstemp(template) == -1)
1616 exit(1);
1617unlink(template); exit(0);
1618}
b0e7249f 1619 ]])],
70e7d0b0 1620 [
1621 AC_MSG_RESULT(no)
1622 ],
aff51935 1623 [
70e7d0b0 1624 AC_MSG_RESULT(yes)
3466e002 1625 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
70e7d0b0 1626 ],
1627 [
1628 AC_MSG_RESULT(yes)
1629 AC_DEFINE(HAVE_STRICT_MKSTEMP)
aff51935 1630 ]
70e7d0b0 1631)
1632fi
1633
eacb954e 1634dnl make sure that openpty does not reacquire controlling terminal
1635if test ! -z "$check_for_openpty_ctty_bug"; then
1636 AC_MSG_CHECKING(if openpty correctly handles controlling tty)
b0e7249f 1637 AC_RUN_IFELSE(
1638 [AC_LANG_SOURCE([[
eacb954e 1639#include <stdio.h>
1640#include <sys/fcntl.h>
1641#include <sys/types.h>
1642#include <sys/wait.h>
1643
1644int
1645main()
1646{
1647 pid_t pid;
1648 int fd, ptyfd, ttyfd, status;
1649
1650 pid = fork();
1651 if (pid < 0) { /* failed */
1652 exit(1);
1653 } else if (pid > 0) { /* parent */
1654 waitpid(pid, &status, 0);
aff51935 1655 if (WIFEXITED(status))
eacb954e 1656 exit(WEXITSTATUS(status));
1657 else
1658 exit(2);
1659 } else { /* child */
1660 close(0); close(1); close(2);
1661 setsid();
1662 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
1663 fd = open("/dev/tty", O_RDWR | O_NOCTTY);
1664 if (fd >= 0)
1665 exit(3); /* Acquired ctty: broken */
1666 else
1667 exit(0); /* Did not acquire ctty: OK */
1668 }
1669}
b0e7249f 1670 ]])],
eacb954e 1671 [
1672 AC_MSG_RESULT(yes)
1673 ],
1674 [
1675 AC_MSG_RESULT(no)
1676 AC_DEFINE(SSHD_ACQUIRES_CTTY)
b0e7249f 1677 ],
1678 [
1679 AC_MSG_RESULT(cross-compiling, assuming yes)
eacb954e 1680 ]
1681 )
1682fi
1683
4b492aab 1684if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1685 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
2fe51906 1686 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1687 AC_RUN_IFELSE(
1688 [AC_LANG_SOURCE([[
2fe51906 1689#include <stdio.h>
1690#include <sys/socket.h>
1691#include <netdb.h>
1692#include <errno.h>
1693#include <netinet/in.h>
1694
1695#define TEST_PORT "2222"
1696
1697int
1698main(void)
1699{
1700 int err, sock;
1701 struct addrinfo *gai_ai, *ai, hints;
1702 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1703
1704 memset(&hints, 0, sizeof(hints));
1705 hints.ai_family = PF_UNSPEC;
1706 hints.ai_socktype = SOCK_STREAM;
1707 hints.ai_flags = AI_PASSIVE;
1708
1709 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1710 if (err != 0) {
1711 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1712 exit(1);
1713 }
1714
1715 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1716 if (ai->ai_family != AF_INET6)
1717 continue;
1718
1719 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1720 sizeof(ntop), strport, sizeof(strport),
1721 NI_NUMERICHOST|NI_NUMERICSERV);
1722
1723 if (err != 0) {
1724 if (err == EAI_SYSTEM)
1725 perror("getnameinfo EAI_SYSTEM");
1726 else
1727 fprintf(stderr, "getnameinfo failed: %s\n",
1728 gai_strerror(err));
1729 exit(2);
1730 }
1731
1732 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1733 if (sock < 0)
1734 perror("socket");
1735 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
1736 if (errno == EBADF)
1737 exit(3);
1738 }
1739 }
1740 exit(0);
1741}
b0e7249f 1742 ]])],
2fe51906 1743 [
1744 AC_MSG_RESULT(yes)
1745 ],
1746 [
1747 AC_MSG_RESULT(no)
1748 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1749 ],
1750 [
1751 AC_MSG_RESULT(cross-compiling, assuming yes)
2fe51906 1752 ]
1753 )
1754fi
1755
4b492aab 1756if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
1757 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
5ccf88cb 1758 AC_MSG_CHECKING(if getaddrinfo seems to work)
b0e7249f 1759 AC_RUN_IFELSE(
1760 [AC_LANG_SOURCE([[
5ccf88cb 1761#include <stdio.h>
1762#include <sys/socket.h>
1763#include <netdb.h>
1764#include <errno.h>
1765#include <netinet/in.h>
1766
1767#define TEST_PORT "2222"
1768
1769int
1770main(void)
1771{
1772 int err, sock;
1773 struct addrinfo *gai_ai, *ai, hints;
1774 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
1775
1776 memset(&hints, 0, sizeof(hints));
1777 hints.ai_family = PF_UNSPEC;
1778 hints.ai_socktype = SOCK_STREAM;
1779 hints.ai_flags = AI_PASSIVE;
1780
1781 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
1782 if (err != 0) {
1783 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
1784 exit(1);
1785 }
1786
1787 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
1788 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1789 continue;
1790
1791 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
1792 sizeof(ntop), strport, sizeof(strport),
1793 NI_NUMERICHOST|NI_NUMERICSERV);
1794
1795 if (ai->ai_family == AF_INET && err != 0) {
1796 perror("getnameinfo");
1797 exit(2);
1798 }
1799 }
1800 exit(0);
1801}
b0e7249f 1802 ]])],
5ccf88cb 1803 [
1804 AC_MSG_RESULT(yes)
3466e002 1805 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
1806 [Define if you have a getaddrinfo that fails
1807 for the all-zeros IPv6 address])
5ccf88cb 1808 ],
1809 [
1810 AC_MSG_RESULT(no)
1811 AC_DEFINE(BROKEN_GETADDRINFO)
b0e7249f 1812 ],
ecd9ec09 1813 [
b0e7249f 1814 AC_MSG_RESULT(cross-compiling, assuming no)
5ccf88cb 1815 ]
1816 )
1817fi
1818
b29fd59f 1819if test "x$check_for_conflicting_getspnam" = "x1"; then
1820 AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
1821 AC_COMPILE_IFELSE(
1822 [
1823#include <shadow.h>
1824int main(void) {exit(0);}
1825 ],
1826 [
1827 AC_MSG_RESULT(no)
1828 ],
1829 [
1830 AC_MSG_RESULT(yes)
1831 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
1832 [Conflicting defs for getspnam])
1833 ]
1834 )
1835fi
1836
7f8f5e00 1837AC_FUNC_GETPGRP
1838
5b991353 1839# Search for OpenSSL
1840saved_CPPFLAGS="$CPPFLAGS"
1841saved_LDFLAGS="$LDFLAGS"
a0391976 1842AC_ARG_WITH(ssl-dir,
1843 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
1844 [
e9e4a1c7 1845 if test "x$withval" != "xno" ; then
99eb0f64 1846 case "$withval" in
1847 # Relative paths
1848 ./*|../*) withval="`pwd`/$withval"
1849 esac
5b991353 1850 if test -d "$withval/lib"; then
1851 if test -n "${need_dash_r}"; then
1852 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1853 else
1854 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
d6f13fbb 1855 fi
1856 else
5b991353 1857 if test -n "${need_dash_r}"; then
1858 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1859 else
1860 LDFLAGS="-L${withval} ${LDFLAGS}"
d6f13fbb 1861 fi
1862 fi
5b991353 1863 if test -d "$withval/include"; then
1864 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
d6f13fbb 1865 else
5b991353 1866 CPPFLAGS="-I${withval} ${CPPFLAGS}"
58d100bf 1867 fi
a0391976 1868 fi
5b991353 1869 ]
1870)
5486a457 1871LIBS="-lcrypto $LIBS"
3466e002 1872AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
1873 [Define if your ssl headers are included
1874 with #include <openssl/header.h>]),
d45e3d76 1875 [
5b991353 1876 dnl Check default openssl install dir
1877 if test -n "${need_dash_r}"; then
1878 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1879 else
5b991353 1880 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
d45e3d76 1881 fi
5b991353 1882 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
1883 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
1884 [
1885 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
1886 ]
1887 )
1888 ]
1889)
1890
cd018561 1891# Determine OpenSSL header version
1892AC_MSG_CHECKING([OpenSSL header version])
1a01a50c 1893AC_RUN_IFELSE(
479cece8 1894 [AC_LANG_SOURCE([[
cd018561 1895#include <stdio.h>
1896#include <string.h>
1897#include <openssl/opensslv.h>
1898#define DATA "conftest.sslincver"
1899int main(void) {
aff51935 1900 FILE *fd;
1901 int rc;
cd018561 1902
aff51935 1903 fd = fopen(DATA,"w");
1904 if(fd == NULL)
1905 exit(1);
cd018561 1906
1907 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
1908 exit(1);
1909
1910 exit(0);
1911}
479cece8 1912 ]])],
cd018561 1913 [
1914 ssl_header_ver=`cat conftest.sslincver`
1915 AC_MSG_RESULT($ssl_header_ver)
1916 ],
1917 [
1918 AC_MSG_RESULT(not found)
1919 AC_MSG_ERROR(OpenSSL version header not found.)
1a01a50c 1920 ],
1921 [
1922 AC_MSG_WARN([cross compiling: not checking])
cd018561 1923 ]
1924)
1925
1926# Determine OpenSSL library version
1927AC_MSG_CHECKING([OpenSSL library version])
1a01a50c 1928AC_RUN_IFELSE(
479cece8 1929 [AC_LANG_SOURCE([[
cd018561 1930#include <stdio.h>
1931#include <string.h>
1932#include <openssl/opensslv.h>
1933#include <openssl/crypto.h>
1934#define DATA "conftest.ssllibver"
1935int main(void) {
aff51935 1936 FILE *fd;
1937 int rc;
cd018561 1938
aff51935 1939 fd = fopen(DATA,"w");
1940 if(fd == NULL)
1941 exit(1);
cd018561 1942
1943 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
1944 exit(1);
1945
1946 exit(0);
1947}
479cece8 1948 ]])],
cd018561 1949 [
1950 ssl_library_ver=`cat conftest.ssllibver`
1951 AC_MSG_RESULT($ssl_library_ver)
1952 ],
1953 [
1954 AC_MSG_RESULT(not found)
1955 AC_MSG_ERROR(OpenSSL library not found.)
1a01a50c 1956 ],
1957 [
1958 AC_MSG_WARN([cross compiling: not checking])
cd018561 1959 ]
1960)
58d100bf 1961
1d42bcce 1962AC_ARG_WITH(openssl-header-check,
1963 [ --without-openssl-header-check Disable OpenSSL version consistency check],
1964 [ if test "x$withval" = "xno" ; then
1965 openssl_check_nonfatal=1
1966 fi
1967 ]
1968)
1969
9780116c 1970# Sanity check OpenSSL headers
1971AC_MSG_CHECKING([whether OpenSSL's headers match the library])
1a01a50c 1972AC_RUN_IFELSE(
479cece8 1973 [AC_LANG_SOURCE([[
9780116c 1974#include <string.h>
1975#include <openssl/opensslv.h>
aec4cb4f 1976int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
479cece8 1977 ]])],
9780116c 1978 [
1979 AC_MSG_RESULT(yes)
1980 ],
1981 [
1982 AC_MSG_RESULT(no)
1d42bcce 1983 if test "x$openssl_check_nonfatal" = "x"; then
1984 AC_MSG_ERROR([Your OpenSSL headers do not match your
1985library. Check config.log for details.
1986If you are sure your installation is consistent, you can disable the check
1987by running "./configure --without-openssl-header-check".
1988Also see contrib/findssl.sh for help identifying header/library mismatches.
1989])
1990 else
1991 AC_MSG_WARN([Your OpenSSL headers do not match your
1992library. Check config.log for details.
e15ba28b 1993Also see contrib/findssl.sh for help identifying header/library mismatches.])
1d42bcce 1994 fi
1a01a50c 1995 ],
1996 [
1997 AC_MSG_WARN([cross compiling: not checking])
9780116c 1998 ]
1999)
2000
282d6408 2001AC_MSG_CHECKING([if programs using OpenSSL functions will link])
2002AC_LINK_IFELSE(
2003 [AC_LANG_SOURCE([[
2004#include <openssl/evp.h>
2005int main(void) { SSLeay_add_all_algorithms(); }
2006 ]])],
2007 [
2008 AC_MSG_RESULT(yes)
2009 ],
2010 [
2011 AC_MSG_RESULT(no)
2012 saved_LIBS="$LIBS"
2013 LIBS="$LIBS -ldl"
2014 AC_MSG_CHECKING([if programs using OpenSSL need -ldl])
2015 AC_LINK_IFELSE(
2016 [AC_LANG_SOURCE([[
2017#include <openssl/evp.h>
2018int main(void) { SSLeay_add_all_algorithms(); }
2019 ]])],
2020 [
2021 AC_MSG_RESULT(yes)
2022 ],
2023 [
2024 AC_MSG_RESULT(no)
2025 LIBS="$saved_LIBS"
2026 ]
2027 )
2028 ]
2029)
2030
c7ad0d99 2031AC_ARG_WITH(ssl-engine,
2032 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2033 [ if test "x$withval" != "xno" ; then
2034 AC_MSG_CHECKING(for OpenSSL ENGINE support)
2035 AC_TRY_COMPILE(
2036 [ #include <openssl/engine.h>],
2037 [
24b2647b 2038ENGINE_load_builtin_engines();ENGINE_register_all_complete();
c7ad0d99 2039 ],
2040 [ AC_MSG_RESULT(yes)
2041 AC_DEFINE(USE_OPENSSL_ENGINE, 1,
2042 [Enable OpenSSL engine support])
2043 ],
2044 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
2045 )
2046 fi ]
2047)
2048
e5146707 2049# Check for OpenSSL without EVP_aes_{192,256}_cbc
2050AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
3e05aa50 2051AC_LINK_IFELSE(
e5146707 2052 [AC_LANG_SOURCE([[
2053#include <string.h>
2054#include <openssl/evp.h>
300ea548 2055int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
e5146707 2056 ]])],
2057 [
2058 AC_MSG_RESULT(no)
2059 ],
2060 [
2061 AC_MSG_RESULT(yes)
2062 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
2063 [libcrypto is missing AES 192 and 256 bit functions])
2064 ]
2065)
2066
5486a457 2067# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
2068# because the system crypt() is more featureful.
2069if test "x$check_for_libcrypt_before" = "x1"; then
2070 AC_CHECK_LIB(crypt, crypt)
2071fi
2072
aff51935 2073# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
8087c5ee 2074# version in OpenSSL.
05114c74 2075if test "x$check_for_libcrypt_later" = "x1"; then
20cad736 2076 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
717057b6 2077fi
2078
13ff27b7 2079# Search for SHA256 support in libc and/or OpenSSL
2080AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
2081
a03acb8f 2082saved_LIBS="$LIBS"
2083AC_CHECK_LIB(iaf, ia_openinfo, [
2084 LIBS="$LIBS -liaf"
d837615a 2085 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
2086 AC_DEFINE(HAVE_LIBIAF, 1,
2087 [Define if system has libiaf that supports set_id])
2088 ])
a03acb8f 2089])
2090LIBS="$saved_LIBS"
f1b0ecc3 2091
2092### Configure cryptographic random number support
2093
2094# Check wheter OpenSSL seeds itself
2095AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
1a01a50c 2096AC_RUN_IFELSE(
479cece8 2097 [AC_LANG_SOURCE([[
f1b0ecc3 2098#include <string.h>
2099#include <openssl/rand.h>
aec4cb4f 2100int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
479cece8 2101 ]])],
f1b0ecc3 2102 [
2103 OPENSSL_SEEDS_ITSELF=yes
2104 AC_MSG_RESULT(yes)
2105 ],
2106 [
2107 AC_MSG_RESULT(no)
2108 # Default to use of the rand helper if OpenSSL doesn't
2109 # seed itself
2110 USE_RAND_HELPER=yes
1a01a50c 2111 ],
2112 [
2113 AC_MSG_WARN([cross compiling: assuming yes])
2114 # This is safe, since all recent OpenSSL versions will
82f4e93d 2115 # complain at runtime if not seeded correctly.
1a01a50c 2116 OPENSSL_SEEDS_ITSELF=yes
f1b0ecc3 2117 ]
2118)
2119
a086f73b 2120# Check for PAM libs
2121PAM_MSG="no"
2122AC_ARG_WITH(pam,
2123 [ --with-pam Enable PAM support ],
2124 [
2125 if test "x$withval" != "xno" ; then
2126 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
2127 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
2128 AC_MSG_ERROR([PAM headers not found])
2129 fi
2130
2131 saved_LIBS="$LIBS"
2132 AC_CHECK_LIB(dl, dlopen, , )
2133 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
2134 AC_CHECK_FUNCS(pam_getenvlist)
2135 AC_CHECK_FUNCS(pam_putenv)
2136 LIBS="$saved_LIBS"
2137
2138 PAM_MSG="yes"
2139
e54defb4 2140 SSHDLIBS="$SSHDLIBS -lpam"
a086f73b 2141 AC_DEFINE(USE_PAM, 1,
2142 [Define if you want to enable PAM support])
282d6408 2143
a086f73b 2144 if test $ac_cv_lib_dl_dlopen = yes; then
282d6408 2145 case "$LIBS" in
2146 *-ldl*)
2147 # libdl already in LIBS
2148 ;;
2149 *)
e54defb4 2150 SSHDLIBS="$SSHDLIBS -ldl"
282d6408 2151 ;;
2152 esac
a086f73b 2153 fi
a086f73b 2154 fi
2155 ]
2156)
2157
2158# Check for older PAM
2159if test "x$PAM_MSG" = "xyes" ; then
2160 # Check PAM strerror arguments (old PAM)
2161 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
2162 AC_TRY_COMPILE(
2163 [
2164#include <stdlib.h>
2165#if defined(HAVE_SECURITY_PAM_APPL_H)
2166#include <security/pam_appl.h>
2167#elif defined (HAVE_PAM_PAM_APPL_H)
2168#include <pam/pam_appl.h>
2169#endif
2170 ],
2171 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
2172 [AC_MSG_RESULT(no)],
2173 [
2174 AC_DEFINE(HAVE_OLD_PAM, 1,
2175 [Define if you have an old version of PAM
2176 which takes only one argument to pam_strerror])
2177 AC_MSG_RESULT(yes)
2178 PAM_MSG="yes (old library)"
2179 ]
2180 )
2181fi
f1b0ecc3 2182
2183# Do we want to force the use of the rand helper?
2184AC_ARG_WITH(rand-helper,
2185 [ --with-rand-helper Use subprocess to gather strong randomness ],
2186 [
2187 if test "x$withval" = "xno" ; then
aff51935 2188 # Force use of OpenSSL's internal RNG, even if
f1b0ecc3 2189 # the previous test showed it to be unseeded.
2190 if test -z "$OPENSSL_SEEDS_ITSELF" ; then
2191 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
2192 OPENSSL_SEEDS_ITSELF=yes
2193 USE_RAND_HELPER=""
2194 fi
2195 else
2196 USE_RAND_HELPER=yes
2197 fi
2198 ],
82f4e93d 2199)
f1b0ecc3 2200
2201# Which randomness source do we use?
4b492aab 2202if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
f1b0ecc3 2203 # OpenSSL only
3466e002 2204 AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
2205 [Define if you want OpenSSL's internally seeded PRNG only])
f1b0ecc3 2206 RAND_MSG="OpenSSL internal ONLY"
2207 INSTALL_SSH_RAND_HELPER=""
70e2f2f3 2208elif test ! -z "$USE_RAND_HELPER" ; then
2209 # install rand helper
f1b0ecc3 2210 RAND_MSG="ssh-rand-helper"
2211 INSTALL_SSH_RAND_HELPER="yes"
2212fi
2213AC_SUBST(INSTALL_SSH_RAND_HELPER)
2214
2215### Configuration of ssh-rand-helper
2216
2217# PRNGD TCP socket
2218AC_ARG_WITH(prngd-port,
2219 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
2220 [
eb5d7ff6 2221 case "$withval" in
2222 no)
2223 withval=""
2224 ;;
2225 [[0-9]]*)
2226 ;;
2227 *)
2228 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
2229 ;;
2230 esac
2231 if test ! -z "$withval" ; then
f1b0ecc3 2232 PRNGD_PORT="$withval"
3466e002 2233 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
2234 [Port number of PRNGD/EGD random number socket])
f1b0ecc3 2235 fi
2236 ]
2237)
2238
2239# PRNGD Unix domain socket
2240AC_ARG_WITH(prngd-socket,
2241 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
2242 [
eb5d7ff6 2243 case "$withval" in
2244 yes)
f1b0ecc3 2245 withval="/var/run/egd-pool"
eb5d7ff6 2246 ;;
2247 no)
2248 withval=""
2249 ;;
2250 /*)
2251 ;;
2252 *)
2253 AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
2254 ;;
2255 esac
2256
2257 if test ! -z "$withval" ; then
f1b0ecc3 2258 if test ! -z "$PRNGD_PORT" ; then
2259 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
2260 fi
906e811b 2261 if test ! -r "$withval" ; then
f1b0ecc3 2262 AC_MSG_WARN(Entropy socket is not readable)
2263 fi
2264 PRNGD_SOCKET="$withval"
3466e002 2265 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
2266 [Location of PRNGD/EGD random number socket])
f1b0ecc3 2267 fi
ddceb1c8 2268 ],
2269 [
2270 # Check for existing socket only if we don't have a random device already
2271 if test "$USE_RAND_HELPER" = yes ; then
2272 AC_MSG_CHECKING(for PRNGD/EGD socket)
2273 # Insert other locations here
2274 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
2275 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
2276 PRNGD_SOCKET="$sock"
2277 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
2278 break;
2279 fi
2280 done
2281 if test ! -z "$PRNGD_SOCKET" ; then
2282 AC_MSG_RESULT($PRNGD_SOCKET)
2283 else
2284 AC_MSG_RESULT(not found)
2285 fi
2286 fi
f1b0ecc3 2287 ]
2288)
2289
2290# Change default command timeout for hashing entropy source
2291entropy_timeout=200
2292AC_ARG_WITH(entropy-timeout,
2293 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
2294 [
6cf0200f 2295 if test -n "$withval" && test "x$withval" != "xno" && \
2296 test "x${withval}" != "xyes"; then
f1b0ecc3 2297 entropy_timeout=$withval
2298 fi
82f4e93d 2299 ]
f1b0ecc3 2300)
3466e002 2301AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
2302 [Builtin PRNG command timeout])
f1b0ecc3 2303
fd3cbf67 2304SSH_PRIVSEP_USER=sshd
9a0fbcb3 2305AC_ARG_WITH(privsep-user,
5222e7ef 2306 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
9a0fbcb3 2307 [
6cf0200f 2308 if test -n "$withval" && test "x$withval" != "xno" && \
2309 test "x${withval}" != "xyes"; then
fd3cbf67 2310 SSH_PRIVSEP_USER=$withval
9a0fbcb3 2311 fi
82f4e93d 2312 ]
9a0fbcb3 2313)
3466e002 2314AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
2315 [non-privileged user for privilege separation])
fd3cbf67 2316AC_SUBST(SSH_PRIVSEP_USER)
9a0fbcb3 2317
81dadca3 2318# We do this little dance with the search path to insure
2319# that programs that we select for use by installed programs
2320# (which may be run by the super-user) come from trusted
2321# locations before they come from the user's private area.
2322# This should help avoid accidentally configuring some
2323# random version of a program in someone's personal bin.
2324
2325OPATH=$PATH
2326PATH=/bin:/usr/bin
f95c8ce8 2327test -h /bin 2> /dev/null && PATH=/usr/bin
81dadca3 2328test -d /sbin && PATH=$PATH:/sbin
2329test -d /usr/sbin && PATH=$PATH:/usr/sbin
2330PATH=$PATH:/etc:$OPATH
2331
aff51935 2332# These programs are used by the command hashing source to gather entropy
f1b0ecc3 2333OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
2334OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
2335OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
2336OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
2337OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
2338OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
2339OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
2340OSSH_PATH_ENTROPY_PROG(PROG_W, w)
2341OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
2342OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
2343OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
2344OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
2345OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
2346OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
2347OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
2348OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
81dadca3 2349# restore PATH
2350PATH=$OPATH
f1b0ecc3 2351
2352# Where does ssh-rand-helper get its randomness from?
2353INSTALL_SSH_PRNG_CMDS=""
2354if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
2355 if test ! -z "$PRNGD_PORT" ; then
2356 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
2357 elif test ! -z "$PRNGD_SOCKET" ; then
2358 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
2359 else
2360 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
2361 RAND_HELPER_CMDHASH=yes
2362 INSTALL_SSH_PRNG_CMDS="yes"
2363 fi
2364fi
2365AC_SUBST(INSTALL_SSH_PRNG_CMDS)
2366
2367
66d6c27e 2368# Cheap hack to ensure NEWS-OS libraries are arranged right.
2369if test ! -z "$SONY" ; then
2370 LIBS="$LIBS -liberty";
2371fi
2372
9a406e1e 2373# Check for long long datatypes
2374AC_CHECK_TYPES([long long, unsigned long long, long double])
2375
2376# Check datatype sizes
976f7e19 2377AC_CHECK_SIZEOF(char, 1)
2b942fe0 2378AC_CHECK_SIZEOF(short int, 2)
2379AC_CHECK_SIZEOF(int, 4)
2380AC_CHECK_SIZEOF(long int, 4)
2381AC_CHECK_SIZEOF(long long int, 8)
2382
52f1ccb2 2383# Sanity check long long for some platforms (AIX)
2384if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
2385 ac_cv_sizeof_long_long_int=0
2386fi
2387
90f15776 2388# compute LLONG_MIN and LLONG_MAX if we don't know them.
2389if test -z "$have_llong_max"; then
2390 AC_MSG_CHECKING([for max value of long long])
2391 AC_RUN_IFELSE(
2392 [AC_LANG_SOURCE([[
2393#include <stdio.h>
2394/* Why is this so damn hard? */
2395#ifdef __GNUC__
2396# undef __GNUC__
2397#endif
2398#define __USE_ISOC99
2399#include <limits.h>
2400#define DATA "conftest.llminmax"
055252ed 2401#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
2402
2403/*
2404 * printf in libc on some platforms (eg old Tru64) does not understand %lld so
2405 * we do this the hard way.
2406 */
2407static int
2408fprint_ll(FILE *f, long long n)
2409{
2410 unsigned int i;
2411 int l[sizeof(long long) * 8];
2412
2413 if (n < 0)
2414 if (fprintf(f, "-") < 0)
2415 return -1;
2416 for (i = 0; n != 0; i++) {
2417 l[i] = my_abs(n % 10);
2418 n /= 10;
2419 }
2420 do {
2421 if (fprintf(f, "%d", l[--i]) < 0)
2422 return -1;
2423 } while (i != 0);
2424 if (fprintf(f, " ") < 0)
2425 return -1;
2426 return 0;
2427}
2428
90f15776 2429int main(void) {
2430 FILE *f;
2431 long long i, llmin, llmax = 0;
2432
2433 if((f = fopen(DATA,"w")) == NULL)
2434 exit(1);
2435
2436#if defined(LLONG_MIN) && defined(LLONG_MAX)
2437 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
2438 llmin = LLONG_MIN;
2439 llmax = LLONG_MAX;
2440#else
2441 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
2442 /* This will work on one's complement and two's complement */
2443 for (i = 1; i > llmax; i <<= 1, i++)
2444 llmax = i;
2445 llmin = llmax + 1LL; /* wrap */
2446#endif
2447
2448 /* Sanity check */
2449 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
055252ed 2450 || llmax - 1 > llmax || llmin == llmax || llmin == 0
2451 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
90f15776 2452 fprintf(f, "unknown unknown\n");
2453 exit(2);
2454 }
2455
055252ed 2456 if (fprint_ll(f, llmin) < 0)
90f15776 2457 exit(3);
055252ed 2458 if (fprint_ll(f, llmax) < 0)
2459 exit(4);
2460 if (fclose(f) < 0)
2461 exit(5);
90f15776 2462 exit(0);
2463}
2464 ]])],
2465 [
2466 llong_min=`$AWK '{print $1}' conftest.llminmax`
2467 llong_max=`$AWK '{print $2}' conftest.llminmax`
2468
90f15776 2469 AC_MSG_RESULT($llong_max)
2470 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
2471 [max value of long long calculated by configure])
2472 AC_MSG_CHECKING([for min value of long long])
2473 AC_MSG_RESULT($llong_min)
2474 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
2475 [min value of long long calculated by configure])
2476 ],
2477 [
2478 AC_MSG_RESULT(not found)
2479 ],
2480 [
2481 AC_MSG_WARN([cross compiling: not checking])
2482 ]
2483 )
2484fi
2485
2486
a0391976 2487# More checks for data types
14a9a859 2488AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
2489 AC_TRY_COMPILE(
aff51935 2490 [ #include <sys/types.h> ],
2491 [ u_int a; a = 1;],
14a9a859 2492 [ ac_cv_have_u_int="yes" ],
2493 [ ac_cv_have_u_int="no" ]
2494 )
2495])
2496if test "x$ac_cv_have_u_int" = "xyes" ; then
3466e002 2497 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
14a9a859 2498 have_u_int=1
2499fi
2500
58d100bf 2501AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
2502 AC_TRY_COMPILE(
aff51935 2503 [ #include <sys/types.h> ],
2504 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
58d100bf 2505 [ ac_cv_have_intxx_t="yes" ],
2506 [ ac_cv_have_intxx_t="no" ]
2507 )
2508])
2509if test "x$ac_cv_have_intxx_t" = "xyes" ; then
3466e002 2510 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
58d100bf 2511 have_intxx_t=1
2512fi
41cb4569 2513
2514if (test -z "$have_intxx_t" && \
aff51935 2515 test "x$ac_cv_header_stdint_h" = "xyes")
41cb4569 2516then
2517 AC_MSG_CHECKING([for intXX_t types in stdint.h])
2518 AC_TRY_COMPILE(
aff51935 2519 [ #include <stdint.h> ],
2520 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
41cb4569 2521 [
2522 AC_DEFINE(HAVE_INTXX_T)
2523 AC_MSG_RESULT(yes)
2524 ],
2525 [ AC_MSG_RESULT(no) ]
2526 )
2527fi
2528
bd590612 2529AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
2530 AC_TRY_COMPILE(
1cbbe6c8 2531 [
2532#include <sys/types.h>
2533#ifdef HAVE_STDINT_H
2534# include <stdint.h>
2535#endif
2536#include <sys/socket.h>
2537#ifdef HAVE_SYS_BITYPES_H
2538# include <sys/bitypes.h>
2539#endif
aff51935 2540 ],
2541 [ int64_t a; a = 1;],
bd590612 2542 [ ac_cv_have_int64_t="yes" ],
2543 [ ac_cv_have_int64_t="no" ]
2544 )
2545])
2546if test "x$ac_cv_have_int64_t" = "xyes" ; then
3466e002 2547 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
ddceb1c8 2548fi
2549
58d100bf 2550AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
2551 AC_TRY_COMPILE(
aff51935 2552 [ #include <sys/types.h> ],
2553 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
58d100bf 2554 [ ac_cv_have_u_intxx_t="yes" ],
2555 [ ac_cv_have_u_intxx_t="no" ]
2556 )
2557])
2558if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
3466e002 2559 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
58d100bf 2560 have_u_intxx_t=1
2561fi
2b942fe0 2562
41cb4569 2563if test -z "$have_u_intxx_t" ; then
2564 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
2565 AC_TRY_COMPILE(
aff51935 2566 [ #include <sys/socket.h> ],
2567 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
41cb4569 2568 [
2569 AC_DEFINE(HAVE_U_INTXX_T)
2570 AC_MSG_RESULT(yes)
2571 ],
2572 [ AC_MSG_RESULT(no) ]
2573 )
2574fi
2575
bd590612 2576AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
2577 AC_TRY_COMPILE(
aff51935 2578 [ #include <sys/types.h> ],
2579 [ u_int64_t a; a = 1;],
bd590612 2580 [ ac_cv_have_u_int64_t="yes" ],
2581 [ ac_cv_have_u_int64_t="no" ]
2582 )
2583])
2584if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
3466e002 2585 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
bd590612 2586 have_u_int64_t=1
2587fi
2588
ddceb1c8 2589if test -z "$have_u_int64_t" ; then
2590 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
2591 AC_TRY_COMPILE(
aff51935 2592 [ #include <sys/bitypes.h> ],
ddceb1c8 2593 [ u_int64_t a; a = 1],
2594 [
2595 AC_DEFINE(HAVE_U_INT64_T)
2596 AC_MSG_RESULT(yes)
2597 ],
2598 [ AC_MSG_RESULT(no) ]
2599 )
2600fi
2601
41cb4569 2602if test -z "$have_u_intxx_t" ; then
2603 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
2604 AC_TRY_COMPILE(
2605 [
2606#include <sys/types.h>
aff51935 2607 ],
2608 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
41cb4569 2609 [ ac_cv_have_uintxx_t="yes" ],
2610 [ ac_cv_have_uintxx_t="no" ]
2611 )
2612 ])
2613 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
3466e002 2614 AC_DEFINE(HAVE_UINTXX_T, 1,
2615 [define if you have uintxx_t data type])
41cb4569 2616 fi
2617fi
2618
2619if test -z "$have_uintxx_t" ; then
2620 AC_MSG_CHECKING([for uintXX_t types in stdint.h])
2621 AC_TRY_COMPILE(
aff51935 2622 [ #include <stdint.h> ],
2623 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
41cb4569 2624 [
2625 AC_DEFINE(HAVE_UINTXX_T)
2626 AC_MSG_RESULT(yes)
2627 ],
2628 [ AC_MSG_RESULT(no) ]
2629 )
2630fi
2631
e5fe9a1f 2632if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
aff51935 2633 test "x$ac_cv_header_sys_bitypes_h" = "xyes")
5cdfe03f 2634then
2635 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
2636 AC_TRY_COMPILE(
58d100bf 2637 [
2638#include <sys/bitypes.h>
aff51935 2639 ],
5cdfe03f 2640 [
837c30b8 2641 int8_t a; int16_t b; int32_t c;
2642 u_int8_t e; u_int16_t f; u_int32_t g;
2643 a = b = c = e = f = g = 1;
aff51935 2644 ],
5cdfe03f 2645 [
2646 AC_DEFINE(HAVE_U_INTXX_T)
2647 AC_DEFINE(HAVE_INTXX_T)
2648 AC_MSG_RESULT(yes)
2649 ],
2650 [AC_MSG_RESULT(no)]
aff51935 2651 )
5cdfe03f 2652fi
2653
0362750e 2654
2655AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
2656 AC_TRY_COMPILE(
2657 [
2658#include <sys/types.h>
2659 ],
2660 [ u_char foo; foo = 125; ],
2661 [ ac_cv_have_u_char="yes" ],
2662 [ ac_cv_have_u_char="no" ]
2663 )
2664])
2665if test "x$ac_cv_have_u_char" = "xyes" ; then
3466e002 2666 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
0362750e 2667fi
2668
98a7c37b 2669TYPE_SOCKLEN_T
2b942fe0 2670
2d16d9a3 2671AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
22f5e872 2672AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[
2673#include <sys/types.h>
2674#ifdef HAVE_SYS_BITYPES_H
2675#include <sys/bitypes.h>
2676#endif
2677#ifdef HAVE_SYS_STATFS_H
2678#include <sys/statfs.h>
2679#endif
2680#ifdef HAVE_SYS_STATVFS_H
2681#include <sys/statvfs.h>
2682#endif
2683])
ddceb1c8 2684
777ece68 2685AC_CHECK_TYPES(in_addr_t,,,
2686[#include <sys/types.h>
2687#include <netinet/in.h>])
7b578f7d 2688
58d100bf 2689AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
2690 AC_TRY_COMPILE(
2691 [
18ba2aab 2692#include <sys/types.h>
58d100bf 2693 ],
2694 [ size_t foo; foo = 1235; ],
2695 [ ac_cv_have_size_t="yes" ],
2696 [ ac_cv_have_size_t="no" ]
2697 )
2698])
2699if test "x$ac_cv_have_size_t" = "xyes" ; then
3466e002 2700 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
58d100bf 2701fi
ea1970a3 2702
c04f75f1 2703AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
2704 AC_TRY_COMPILE(
2705 [
2706#include <sys/types.h>
2707 ],
2708 [ ssize_t foo; foo = 1235; ],
2709 [ ac_cv_have_ssize_t="yes" ],
2710 [ ac_cv_have_ssize_t="no" ]
2711 )
2712])
2713if test "x$ac_cv_have_ssize_t" = "xyes" ; then
3466e002 2714 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
c04f75f1 2715fi
2716
f1c4659d 2717AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
2718 AC_TRY_COMPILE(
2719 [
2720#include <time.h>
2721 ],
2722 [ clock_t foo; foo = 1235; ],
2723 [ ac_cv_have_clock_t="yes" ],
2724 [ ac_cv_have_clock_t="no" ]
2725 )
2726])
2727if test "x$ac_cv_have_clock_t" = "xyes" ; then
3466e002 2728 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
f1c4659d 2729fi
2730
1c04b088 2731AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
2732 AC_TRY_COMPILE(
2733 [
2734#include <sys/types.h>
2735#include <sys/socket.h>
2736 ],
2737 [ sa_family_t foo; foo = 1235; ],
2738 [ ac_cv_have_sa_family_t="yes" ],
77bb0bca 2739 [ AC_TRY_COMPILE(
2740 [
2741#include <sys/types.h>
2742#include <sys/socket.h>
2743#include <netinet/in.h>
2744 ],
2745 [ sa_family_t foo; foo = 1235; ],
2746 [ ac_cv_have_sa_family_t="yes" ],
2747
1c04b088 2748 [ ac_cv_have_sa_family_t="no" ]
77bb0bca 2749 )]
1c04b088 2750 )
2751])
2752if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
3466e002 2753 AC_DEFINE(HAVE_SA_FAMILY_T, 1,
2754 [define if you have sa_family_t data type])
1c04b088 2755fi
2756
729bfe59 2757AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
2758 AC_TRY_COMPILE(
2759 [
2760#include <sys/types.h>
2761 ],
2762 [ pid_t foo; foo = 1235; ],
2763 [ ac_cv_have_pid_t="yes" ],
2764 [ ac_cv_have_pid_t="no" ]
2765 )
2766])
2767if test "x$ac_cv_have_pid_t" = "xyes" ; then
3466e002 2768 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
729bfe59 2769fi
2770
2771AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
2772 AC_TRY_COMPILE(
2773 [
2774#include <sys/types.h>
2775 ],
2776 [ mode_t foo; foo = 1235; ],
2777 [ ac_cv_have_mode_t="yes" ],
2778 [ ac_cv_have_mode_t="no" ]
2779 )
2780])
2781if test "x$ac_cv_have_mode_t" = "xyes" ; then
3466e002 2782 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
729bfe59 2783fi
2784
e3a93db0 2785
58d100bf 2786AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
2787 AC_TRY_COMPILE(
2788 [
18ba2aab 2789#include <sys/types.h>
2790#include <sys/socket.h>
58d100bf 2791 ],
2792 [ struct sockaddr_storage s; ],
2793 [ ac_cv_have_struct_sockaddr_storage="yes" ],
2794 [ ac_cv_have_struct_sockaddr_storage="no" ]
2795 )
2796])
2797if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
3466e002 2798 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
2799 [define if you have struct sockaddr_storage data type])
58d100bf 2800fi
48e671d5 2801
58d100bf 2802AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
2803 AC_TRY_COMPILE(
2804 [
cbd7492e 2805#include <sys/types.h>
58d100bf 2806#include <netinet/in.h>
2807 ],
2808 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
2809 [ ac_cv_have_struct_sockaddr_in6="yes" ],
2810 [ ac_cv_have_struct_sockaddr_in6="no" ]
2811 )
2812])
2813if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
3466e002 2814 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
2815 [define if you have struct sockaddr_in6 data type])
58d100bf 2816fi
48e671d5 2817
58d100bf 2818AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
2819 AC_TRY_COMPILE(
2820 [
cbd7492e 2821#include <sys/types.h>
58d100bf 2822#include <netinet/in.h>
2823 ],
2824 [ struct in6_addr s; s.s6_addr[0] = 0; ],
2825 [ ac_cv_have_struct_in6_addr="yes" ],
2826 [ ac_cv_have_struct_in6_addr="no" ]
2827 )
2828])
2829if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
3466e002 2830 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
2831 [define if you have struct in6_addr data type])
95e16084 2832
2833dnl Now check for sin6_scope_id
2834 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,,
2835 [
2836#ifdef HAVE_SYS_TYPES_H
2837#include <sys/types.h>
2838#endif
2839#include <netinet/in.h>
2840 ])
58d100bf 2841fi
48e671d5 2842
58d100bf 2843AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
2844 AC_TRY_COMPILE(
2845 [
18ba2aab 2846#include <sys/types.h>
2847#include <sys/socket.h>
2848#include <netdb.h>
58d100bf 2849 ],
2850 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
2851 [ ac_cv_have_struct_addrinfo="yes" ],
2852 [ ac_cv_have_struct_addrinfo="no" ]
2853 )
2854])
2855if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
3466e002 2856 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
2857 [define if you have struct addrinfo data type])
58d100bf 2858fi
2859
89c7e31c 2860AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
2861 AC_TRY_COMPILE(
aff51935 2862 [ #include <sys/time.h> ],
2863 [ struct timeval tv; tv.tv_sec = 1;],
89c7e31c 2864 [ ac_cv_have_struct_timeval="yes" ],
2865 [ ac_cv_have_struct_timeval="no" ]
2866 )
2867])
2868if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
3466e002 2869 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
89c7e31c 2870 have_struct_timeval=1
2871fi
2872
5271b55c 2873AC_CHECK_TYPES(struct timespec)
2874
85abc74b 2875# We need int64_t or else certian parts of the compile will fail.
4b492aab 2876if test "x$ac_cv_have_int64_t" = "xno" && \
2877 test "x$ac_cv_sizeof_long_int" != "x8" && \
2878 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
85abc74b 2879 echo "OpenSSH requires int64_t support. Contact your vendor or install"
2880 echo "an alternative compiler (I.E., GCC) before continuing."
2881 echo ""
2882 exit 1;
733cf7f4 2883else
2884dnl test snprintf (broken on SCO w/gcc)
1a01a50c 2885 AC_RUN_IFELSE(
479cece8 2886 [AC_LANG_SOURCE([[
733cf7f4 2887#include <stdio.h>
2888#include <string.h>
2889#ifdef HAVE_SNPRINTF
2890main()
2891{
2892 char buf[50];
2893 char expected_out[50];
2894 int mazsize = 50 ;
2895#if (SIZEOF_LONG_INT == 8)
2896 long int num = 0x7fffffffffffffff;
2897#else
763a1a18 2898 long long num = 0x7fffffffffffffffll;
733cf7f4 2899#endif
2900 strcpy(expected_out, "9223372036854775807");
2901 snprintf(buf, mazsize, "%lld", num);
2902 if(strcmp(buf, expected_out) != 0)
aff51935 2903 exit(1);
733cf7f4 2904 exit(0);
2905}
2906#else
2907main() { exit(0); }
2908#endif
479cece8 2909 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
1a01a50c 2910 AC_MSG_WARN([cross compiling: Assuming working snprintf()])
733cf7f4 2911 )
2c523de9 2912fi
2913
77bb0bca 2914dnl Checks for structure members
58d100bf 2915OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
2916OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
2917OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
2918OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
2919OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
25422c70 2920OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
58d100bf 2921OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
2922OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
daaff4d5 2923OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
58d100bf 2924OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
2925OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
2926OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
2927OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
1d7b9b20 2928OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
2929OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
2930OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
2931OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
98a7c37b 2932
2933AC_CHECK_MEMBERS([struct stat.st_blksize])
ccc45ee0 2934AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
2935 [Define if we don't have struct __res_state in resolv.h])],
2936[
2937#include <stdio.h>
2938#if HAVE_SYS_TYPES_H
2939# include <sys/types.h>
2940#endif
2941#include <netinet/in.h>
2942#include <arpa/nameser.h>
2943#include <resolv.h>
2944])
1d7b9b20 2945
58d100bf 2946AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
2947 ac_cv_have_ss_family_in_struct_ss, [
2948 AC_TRY_COMPILE(
2949 [
18ba2aab 2950#include <sys/types.h>
2951#include <sys/socket.h>
58d100bf 2952 ],
2953 [ struct sockaddr_storage s; s.ss_family = 1; ],
2954 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
2955 [ ac_cv_have_ss_family_in_struct_ss="no" ],
2956 )
2957])
2958if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
3466e002 2959 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
58d100bf 2960fi
2961
58d100bf 2962AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
2963 ac_cv_have___ss_family_in_struct_ss, [
2964 AC_TRY_COMPILE(
2965 [
18ba2aab 2966#include <sys/types.h>
2967#include <sys/socket.h>
58d100bf 2968 ],
2969 [ struct sockaddr_storage s; s.__ss_family = 1; ],
2970 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
2971 [ ac_cv_have___ss_family_in_struct_ss="no" ]
2972 )
2973])
2974if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
3466e002 2975 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
2976 [Fields in struct sockaddr_storage])
58d100bf 2977fi
2978
2e73a022 2979AC_CACHE_CHECK([for pw_class field in struct passwd],
2980 ac_cv_have_pw_class_in_struct_passwd, [
2981 AC_TRY_COMPILE(
2982 [
2e73a022 2983#include <pwd.h>
2984 ],
97994d32 2985 [ struct passwd p; p.pw_class = 0; ],
2e73a022 2986 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
2987 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
2988 )
2989])
2990if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
3466e002 2991 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
2992 [Define if your password has a pw_class field])
2e73a022 2993fi
2994
7751d4eb 2995AC_CACHE_CHECK([for pw_expire field in struct passwd],
2996 ac_cv_have_pw_expire_in_struct_passwd, [
2997 AC_TRY_COMPILE(
2998 [
2999#include <pwd.h>
3000 ],
3001 [ struct passwd p; p.pw_expire = 0; ],
3002 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
3003 [ ac_cv_have_pw_expire_in_struct_passwd="no" ]
3004 )
3005])
3006if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
3466e002 3007 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
3008 [Define if your password has a pw_expire field])
7751d4eb 3009fi
3010
3011AC_CACHE_CHECK([for pw_change field in struct passwd],
3012 ac_cv_have_pw_change_in_struct_passwd, [
3013 AC_TRY_COMPILE(
3014 [
3015#include <pwd.h>
3016 ],
3017 [ struct passwd p; p.pw_change = 0; ],
3018 [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
3019 [ ac_cv_have_pw_change_in_struct_passwd="no" ]
3020 )
3021])
3022if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
3466e002 3023 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
3024 [Define if your password has a pw_change field])
7751d4eb 3025fi
58d100bf 3026
637f9177 3027dnl make sure we're using the real structure members and not defines
6f34652e 3028AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
3029 ac_cv_have_accrights_in_msghdr, [
1a01a50c 3030 AC_COMPILE_IFELSE(
6f34652e 3031 [
f95c8ce8 3032#include <sys/types.h>
6f34652e 3033#include <sys/socket.h>
3034#include <sys/uio.h>
637f9177 3035int main() {
3036#ifdef msg_accrights
1a01a50c 3037#error "msg_accrights is a macro"
637f9177 3038exit(1);
3039#endif
3040struct msghdr m;
3041m.msg_accrights = 0;
3042exit(0);
3043}
6f34652e 3044 ],
6f34652e 3045 [ ac_cv_have_accrights_in_msghdr="yes" ],
3046 [ ac_cv_have_accrights_in_msghdr="no" ]
3047 )
3048])
3049if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
3466e002 3050 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
3051 [Define if your system uses access rights style
3052 file descriptor passing])
6f34652e 3053fi
3054
7a4f468b 3055AC_MSG_CHECKING(if f_fsid has val members)
3056AC_TRY_COMPILE([
3057#include <sys/types.h>
3058#include <sys/statvfs.h>],
3059[struct fsid_t t; t.val[0] = 0;],
3060 [ AC_MSG_RESULT(yes)
3061 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ],
3062 [ AC_MSG_RESULT(no) ]
3063)
3064
7176df4f 3065AC_CACHE_CHECK([for msg_control field in struct msghdr],
3066 ac_cv_have_control_in_msghdr, [
1a01a50c 3067 AC_COMPILE_IFELSE(
7176df4f 3068 [
f95c8ce8 3069#include <sys/types.h>
7176df4f 3070#include <sys/socket.h>
3071#include <sys/uio.h>
637f9177 3072int main() {
3073#ifdef msg_control
1a01a50c 3074#error "msg_control is a macro"
637f9177 3075exit(1);
3076#endif
3077struct msghdr m;
3078m.msg_control = 0;
3079exit(0);
3080}
7176df4f 3081 ],
7176df4f 3082 [ ac_cv_have_control_in_msghdr="yes" ],
3083 [ ac_cv_have_control_in_msghdr="no" ]
3084 )
3085])
3086if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
3466e002 3087 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
3088 [Define if your system uses ancillary data style
3089 file descriptor passing])
7176df4f 3090fi
3091
58d100bf 3092AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
aff51935 3093 AC_TRY_LINK([],
3094 [ extern char *__progname; printf("%s", __progname); ],
58d100bf 3095 [ ac_cv_libc_defines___progname="yes" ],
3096 [ ac_cv_libc_defines___progname="no" ]
3097 )
3098])
3099if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
3466e002 3100 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
58d100bf 3101fi
8946db53 3102
c921ee00 3103AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
3104 AC_TRY_LINK([
3105#include <stdio.h>
aff51935 3106],
3107 [ printf("%s", __FUNCTION__); ],
c921ee00 3108 [ ac_cv_cc_implements___FUNCTION__="yes" ],
3109 [ ac_cv_cc_implements___FUNCTION__="no" ]
3110 )
3111])
3112if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
3466e002 3113 AC_DEFINE(HAVE___FUNCTION__, 1,
3114 [Define if compiler implements __FUNCTION__])
c921ee00 3115fi
3116
3117AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
3118 AC_TRY_LINK([
3119#include <stdio.h>
aff51935 3120],
3121 [ printf("%s", __func__); ],
c921ee00 3122 [ ac_cv_cc_implements___func__="yes" ],
3123 [ ac_cv_cc_implements___func__="no" ]
3124 )
3125])
3126if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
3466e002 3127 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
c921ee00 3128fi
3129
9a406e1e 3130AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
3131 AC_TRY_LINK(
3132 [#include <stdarg.h>
3133 va_list x,y;],
3134 [va_copy(x,y);],
3135 [ ac_cv_have_va_copy="yes" ],
3136 [ ac_cv_have_va_copy="no" ]
3137 )
3138])
3139if test "x$ac_cv_have_va_copy" = "xyes" ; then
3140 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
3141fi
3142
3143AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
3144 AC_TRY_LINK(
3145 [#include <stdarg.h>
3146 va_list x,y;],
3147 [__va_copy(x,y);],
3148 [ ac_cv_have___va_copy="yes" ],
3149 [ ac_cv_have___va_copy="no" ]
3150 )
3151])
3152if test "x$ac_cv_have___va_copy" = "xyes" ; then
3153 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
3154fi
3155
1812a662 3156AC_CACHE_CHECK([whether getopt has optreset support],
3157 ac_cv_have_getopt_optreset, [
3158 AC_TRY_LINK(
3159 [
3160#include <getopt.h>
3161 ],
3162 [ extern int optreset; optreset = 0; ],
3163 [ ac_cv_have_getopt_optreset="yes" ],
3164 [ ac_cv_have_getopt_optreset="no" ]
3165 )
3166])
3167if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
3466e002 3168 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
3169 [Define if your getopt(3) defines and uses optreset])
1812a662 3170fi
a0391976 3171
819b676f 3172AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
aff51935 3173 AC_TRY_LINK([],
3174 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
819b676f 3175 [ ac_cv_libc_defines_sys_errlist="yes" ],
3176 [ ac_cv_libc_defines_sys_errlist="no" ]
3177 )
3178])
3179if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
3466e002 3180 AC_DEFINE(HAVE_SYS_ERRLIST, 1,
3181 [Define if your system defines sys_errlist[]])
819b676f 3182fi
3183
3184
416ed5a7 3185AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
aff51935 3186 AC_TRY_LINK([],
3187 [ extern int sys_nerr; printf("%i", sys_nerr);],
416ed5a7 3188 [ ac_cv_libc_defines_sys_nerr="yes" ],
3189 [ ac_cv_libc_defines_sys_nerr="no" ]
3190 )
3191])
3192if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
3466e002 3193 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
416ed5a7 3194fi
3195
aff51935 3196SCARD_MSG="no"
295c8801 3197# Check whether user wants sectok support
3198AC_ARG_WITH(sectok,
3199 [ --with-sectok Enable smartcard support using libsectok],
d0b19c95 3200 [
3201 if test "x$withval" != "xno" ; then
3202 if test "x$withval" != "xyes" ; then
3203 CPPFLAGS="$CPPFLAGS -I${withval}"
3204 LDFLAGS="$LDFLAGS -L${withval}"
3205 if test ! -z "$need_dash_r" ; then
3206 LDFLAGS="$LDFLAGS -R${withval}"
3207 fi
3208 if test ! -z "$blibpath" ; then
3209 blibpath="$blibpath:${withval}"
3210 fi
3211 fi
3212 AC_CHECK_HEADERS(sectok.h)
3213 if test "$ac_cv_header_sectok_h" != yes; then
3214 AC_MSG_ERROR(Can't find sectok.h)
3215 fi
3216 AC_CHECK_LIB(sectok, sectok_open)
3217 if test "$ac_cv_lib_sectok_sectok_open" != yes; then
3218 AC_MSG_ERROR(Can't find libsectok)
3219 fi
3466e002 3220 AC_DEFINE(SMARTCARD, 1,
3221 [Define if you want smartcard support])
3222 AC_DEFINE(USE_SECTOK, 1,
3223 [Define if you want smartcard support
3224 using sectok])
aff51935 3225 SCARD_MSG="yes, using sectok"
295c8801 3226 fi
3227 ]
3228)
3229
3230# Check whether user wants OpenSC support
987b458f 3231OPENSC_CONFIG="no"
295c8801 3232AC_ARG_WITH(opensc,
e47fb473 3233 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
987b458f 3234 [
3235 if test "x$withval" != "xno" ; then
3236 if test "x$withval" != "xyes" ; then
3237 OPENSC_CONFIG=$withval/bin/opensc-config
3238 else
3239 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
3240 fi
3241 if test "$OPENSC_CONFIG" != "no"; then
3242 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
3243 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
3244 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
530456f4 3245 LIBS="$LIBS $LIBOPENSC_LIBS"
987b458f 3246 AC_DEFINE(SMARTCARD)
3466e002 3247 AC_DEFINE(USE_OPENSC, 1,
3248 [Define if you want smartcard support
3249 using OpenSC])
987b458f 3250 SCARD_MSG="yes, using OpenSC"
3251 fi
3252 fi
3253 ]
3254)
d0b19c95 3255
c31dc31c 3256# Check libraries needed by DNS fingerprint support
aff51935 3257AC_SEARCH_LIBS(getrrsetbyname, resolv,
3466e002 3258 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
3259 [Define if getrrsetbyname() exists])],
3e05e934 3260 [
c31dc31c 3261 # Needed by our getrrsetbyname()
3262 AC_SEARCH_LIBS(res_query, resolv)
3263 AC_SEARCH_LIBS(dn_expand, resolv)
dabb524a 3264 AC_MSG_CHECKING(if res_query will link)
3265 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
3266 [AC_MSG_RESULT(no)
3267 saved_LIBS="$LIBS"
3268 LIBS="$LIBS -lresolv"
3269 AC_MSG_CHECKING(for res_query in -lresolv)
3270 AC_LINK_IFELSE([
3271#include <resolv.h>
3272int main()
3273{
3274 res_query (0, 0, 0, 0, 0);
3275 return 0;
3276}
3277 ],
3278 [LIBS="$LIBS -lresolv"
3279 AC_MSG_RESULT(yes)],
3280 [LIBS="$saved_LIBS"
3281 AC_MSG_RESULT(no)])
3282 ])
c31dc31c 3283 AC_CHECK_FUNCS(_getshort _getlong)
1c829da5 3284 AC_CHECK_DECLS([_getshort, _getlong], , ,
b5765e1d 3285 [#include <sys/types.h>
3286 #include <arpa/nameser.h>])
c31dc31c 3287 AC_CHECK_MEMBER(HEADER.ad,
3466e002 3288 [AC_DEFINE(HAVE_HEADER_AD, 1,
3289 [Define if HEADER.ad exists in arpa/nameser.h])],,
c31dc31c 3290 [#include <arpa/nameser.h>])
3291 ])
3e05e934 3292
560acf80 3293AC_MSG_CHECKING(if struct __res_state _res is an extern)
3294AC_LINK_IFELSE([
3295#include <stdio.h>
3296#if HAVE_SYS_TYPES_H
3297# include <sys/types.h>
3298#endif
3299#include <netinet/in.h>
3300#include <arpa/nameser.h>
3301#include <resolv.h>
3302extern struct __res_state _res;
3303int main() { return 0; }
3304 ],
3305 [AC_MSG_RESULT(yes)
3306 AC_DEFINE(HAVE__RES_EXTERN, 1,
3307 [Define if you have struct __res_state _res as an extern])
3308 ],
3309 [ AC_MSG_RESULT(no) ]
3310)
3311
ef4d1846 3312# Check whether user wants SELinux support
3313SELINUX_MSG="no"
3314LIBSELINUX=""
3315AC_ARG_WITH(selinux,
bb23b54f 3316 [ --with-selinux Enable SELinux support],
ef4d1846 3317 [ if test "x$withval" != "xno" ; then
e54defb4 3318 save_LIBS="$LIBS"
ef4d1846 3319 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
3320 SELINUX_MSG="yes"
3321 AC_CHECK_HEADER([selinux/selinux.h], ,
3322 AC_MSG_ERROR(SELinux support requires selinux.h header))
3323 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
3324 AC_MSG_ERROR(SELinux support requires libselinux library))
e54defb4 3325 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
ef4d1846 3326 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
5ba277eb 3327 LIBS="$save_LIBS"
ef4d1846 3328 fi ]
3329)
ef4d1846 3330
12928e80 3331# Check whether user wants Kerberos 5 support
aff51935 3332KRB5_MSG="no"
12928e80 3333AC_ARG_WITH(kerberos5,
aff51935 3334 [ --with-kerberos5=PATH Enable Kerberos 5 support],
5585c441 3335 [ if test "x$withval" != "xno" ; then
3336 if test "x$withval" = "xyes" ; then
3337 KRB5ROOT="/usr/local"
3338 else
3339 KRB5ROOT=${withval}
3340 fi
3341
3466e002 3342 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
5585c441 3343 KRB5_MSG="yes"
3344
3345 AC_MSG_CHECKING(for krb5-config)
3346 if test -x $KRB5ROOT/bin/krb5-config ; then
3347 KRB5CONF=$KRB5ROOT/bin/krb5-config
3348 AC_MSG_RESULT($KRB5CONF)
3349
3350 AC_MSG_CHECKING(for gssapi support)
3351 if $KRB5CONF | grep gssapi >/dev/null ; then
3352 AC_MSG_RESULT(yes)
3466e002 3353 AC_DEFINE(GSSAPI, 1,
3354 [Define this if you want GSSAPI
3355 support in the version 2 protocol])
071970fb 3356 k5confopts=gssapi
aff51935 3357 else
5585c441 3358 AC_MSG_RESULT(no)
071970fb 3359 k5confopts=""
aff51935 3360 fi
071970fb 3361 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
3362 K5LIBS="`$KRB5CONF --libs $k5confopts`"
5585c441 3363 CPPFLAGS="$CPPFLAGS $K5CFLAGS"
5585c441 3364 AC_MSG_CHECKING(whether we are using Heimdal)
3365 AC_TRY_COMPILE([ #include <krb5.h> ],
3366 [ char *tmp = heimdal_version; ],
3367 [ AC_MSG_RESULT(yes)
3466e002 3368 AC_DEFINE(HEIMDAL, 1,
3369 [Define this if you are using the
3370 Heimdal version of Kerberos V5]) ],
5585c441 3371 AC_MSG_RESULT(no)
3372 )
3373 else
3374 AC_MSG_RESULT(no)
12928e80 3375 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
aff51935 3376 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
aff51935 3377 AC_MSG_CHECKING(whether we are using Heimdal)
3378 AC_TRY_COMPILE([ #include <krb5.h> ],
3379 [ char *tmp = heimdal_version; ],
3380 [ AC_MSG_RESULT(yes)
3381 AC_DEFINE(HEIMDAL)
41707f74 3382 K5LIBS="-lkrb5 -ldes"
3383 K5LIBS="$K5LIBS -lcom_err -lasn1"
82f4e93d 3384 AC_CHECK_LIB(roken, net_write,
41707f74 3385 [K5LIBS="$K5LIBS -lroken"])
aff51935 3386 ],
3387 [ AC_MSG_RESULT(no)
3388 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
3389 ]
3390 )
4e00038c 3391 AC_SEARCH_LIBS(dn_expand, resolv)
12928e80 3392
596a825b 3393 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context,
749560dd 3394 [ AC_DEFINE(GSSAPI)
596a825b 3395 K5LIBS="-lgssapi_krb5 $K5LIBS" ],
3396 [ AC_CHECK_LIB(gssapi, gss_init_sec_context,
749560dd 3397 [ AC_DEFINE(GSSAPI)
596a825b 3398 K5LIBS="-lgssapi $K5LIBS" ],
749560dd 3399 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
3400 $K5LIBS)
3401 ],
3402 $K5LIBS)
82f4e93d 3403
749560dd 3404 AC_CHECK_HEADER(gssapi.h, ,
3405 [ unset ac_cv_header_gssapi_h
aff51935 3406 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
749560dd 3407 AC_CHECK_HEADERS(gssapi.h, ,
3408 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
aff51935 3409 )
749560dd 3410 ]
3411 )
3412
3413 oldCPP="$CPPFLAGS"
3414 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
3415 AC_CHECK_HEADER(gssapi_krb5.h, ,
3416 [ CPPFLAGS="$oldCPP" ])
3417
aff51935 3418 fi
5585c441 3419 if test ! -z "$need_dash_r" ; then
3420 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
3421 fi
3422 if test ! -z "$blibpath" ; then
3423 blibpath="$blibpath:${KRB5ROOT}/lib"
3424 fi
071970fb 3425
f5555364 3426 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
3427 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
3428 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
071970fb 3429
f5555364 3430 LIBS="$LIBS $K5LIBS"
3466e002 3431 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
3432 [Define this if you want to use libkafs' AFS support]))
f5555364 3433 fi
071970fb 3434 ]
12928e80 3435)
b5b68128 3436
a0391976 3437# Looking for programs, paths and files
a0391976 3438
ecac8ee5 3439PRIVSEP_PATH=/var/empty
3440AC_ARG_WITH(privsep-path,
cda1ebcb 3441 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
ecac8ee5 3442 [
6cf0200f 3443 if test -n "$withval" && test "x$withval" != "xno" && \
3444 test "x${withval}" != "xyes"; then
ecac8ee5 3445 PRIVSEP_PATH=$withval
3446 fi
3447 ]
3448)
3449AC_SUBST(PRIVSEP_PATH)
3450
a0391976 3451AC_ARG_WITH(xauth,
3452 [ --with-xauth=PATH Specify path to xauth program ],
3453 [
6cf0200f 3454 if test -n "$withval" && test "x$withval" != "xno" && \
3455 test "x${withval}" != "xyes"; then
cbd7492e 3456 xauth_path=$withval
a0391976 3457 fi
3458 ],
3459 [
2bf42e4a 3460 TestPath="$PATH"
3461 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
3462 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
3463 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
3464 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
3465 AC_PATH_PROG(xauth_path, xauth, , $TestPath)
e5fe9a1f 3466 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
a0391976 3467 xauth_path="/usr/openwin/bin/xauth"
3468 fi
3469 ]
3470)
3471
65a4b4af 3472STRIP_OPT=-s
3473AC_ARG_ENABLE(strip,
3474 [ --disable-strip Disable calling strip(1) on install],
3475 [
3476 if test "x$enableval" = "xno" ; then
3477 STRIP_OPT=
3478 fi
3479 ]
3480)
3481AC_SUBST(STRIP_OPT)
3482
b3ec54b4 3483if test -z "$xauth_path" ; then
3484 XAUTH_PATH="undefined"
3485 AC_SUBST(XAUTH_PATH)
3486else
3466e002 3487 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
3488 [Define if xauth is found in your path])
b3ec54b4 3489 XAUTH_PATH=$xauth_path
3490 AC_SUBST(XAUTH_PATH)
a0391976 3491fi
a0391976 3492
3493# Check for mail directory (last resort if we cannot get it from headers)
3494if test ! -z "$MAIL" ; then
3495 maildir=`dirname $MAIL`
3466e002 3496 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
3497 [Set this to your mail directory if you don't have maillock.h])
a0391976 3498fi
3499
479cece8 3500if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
1a01a50c 3501 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
3502 disable_ptmx_check=yes
3503fi
a0391976 3504if test -z "$no_dev_ptmx" ; then
6e879cb4 3505 if test "x$disable_ptmx_check" != "xyes" ; then
aff51935 3506 AC_CHECK_FILE("/dev/ptmx",
6e879cb4 3507 [
3466e002 3508 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
3509 [Define if you have /dev/ptmx])
6e879cb4 3510 have_dev_ptmx=1
3511 ]
3512 )
3513 fi
3276571c 3514fi
1a01a50c 3515
479cece8 3516if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
1a01a50c 3517 AC_CHECK_FILE("/dev/ptc",
3518 [
3466e002 3519 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
3520 [Define if you have /dev/ptc])
1a01a50c 3521 have_dev_ptc=1
3522 ]
3523 )
3524else
3525 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
3526fi
3276571c 3527
a0391976 3528# Options from here on. Some of these are preset by platform above
fdf6b7aa 3529AC_ARG_WITH(mantype,
5d97cfbf 3530 [ --with-mantype=man|cat|doc Set man page type],
c54a6257 3531 [
5d97cfbf 3532 case "$withval" in
3533 man|cat|doc)
3534 MANTYPE=$withval
3535 ;;
3536 *)
3537 AC_MSG_ERROR(invalid man type: $withval)
3538 ;;
3539 esac
c54a6257 3540 ]
3541)
e0c4d3ac 3542if test -z "$MANTYPE"; then
2bf42e4a 3543 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
3544 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
e0c4d3ac 3545 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
3546 MANTYPE=doc
3547 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
3548 MANTYPE=man
3549 else
3550 MANTYPE=cat
3551 fi
3552fi
c54a6257 3553AC_SUBST(MANTYPE)
e0c4d3ac 3554if test "$MANTYPE" = "doc"; then
3555 mansubdir=man;
3556else
3557 mansubdir=$MANTYPE;
3558fi
3559AC_SUBST(mansubdir)
0bc5b6fb 3560
a0391976 3561# Check whether to enable MD5 passwords
aff51935 3562MD5_MSG="no"
2ddcfdf3 3563AC_ARG_WITH(md5-passwords,
caf3bc51 3564 [ --with-md5-passwords Enable use of MD5 passwords],
0bc5b6fb 3565 [
bcf36c78 3566 if test "x$withval" != "xno" ; then
3466e002 3567 AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
3568 [Define if you want to allow MD5 passwords])
aff51935 3569 MD5_MSG="yes"
0bc5b6fb 3570 fi
3571 ]
caf3bc51 3572)
3573
a0391976 3574# Whether to disable shadow password support
a7effaac 3575AC_ARG_WITH(shadow,
3576 [ --without-shadow Disable shadow password support],
3577 [
82f4e93d 3578 if test "x$withval" = "xno" ; then
a7effaac 3579 AC_DEFINE(DISABLE_SHADOW)
4cb5ffa0 3580 disable_shadow=yes
a7effaac 3581 fi
3582 ]
3583)
3584
4cb5ffa0 3585if test -z "$disable_shadow" ; then
3586 AC_MSG_CHECKING([if the systems has expire shadow information])
3587 AC_TRY_COMPILE(
3588 [
3589#include <sys/types.h>
3590#include <shadow.h>
3591 struct spwd sp;
3592 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
3593 [ sp_expire_available=yes ], []
3594 )
3595
3596 if test "x$sp_expire_available" = "xyes" ; then
3597 AC_MSG_RESULT(yes)
3466e002 3598 AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
3599 [Define if you want to use shadow password expire field])
4cb5ffa0 3600 else
3601 AC_MSG_RESULT(no)
3602 fi
3603fi
3604
a0391976 3605# Use ip address instead of hostname in $DISPLAY
44839801 3606if test ! -z "$IPADDR_IN_DISPLAY" ; then
3607 DISPLAY_HACK_MSG="yes"
3466e002 3608 AC_DEFINE(IPADDR_IN_DISPLAY, 1,
3609 [Define if you need to use IP address
3610 instead of hostname in $DISPLAY])
44839801 3611else
aff51935 3612 DISPLAY_HACK_MSG="no"
44839801 3613 AC_ARG_WITH(ipaddr-display,
3614 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
3615 [
82f4e93d 3616 if test "x$withval" != "xno" ; then
44839801 3617 AC_DEFINE(IPADDR_IN_DISPLAY)
aff51935 3618 DISPLAY_HACK_MSG="yes"
44839801 3619 fi
3620 ]
3621 )
3622fi
a7effaac 3623
95b99395 3624# check for /etc/default/login and use it if present.
daa41e62 3625AC_ARG_ENABLE(etc-default-login,
6ff3d0dc 3626 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
694d0cef 3627 [ if test "x$enableval" = "xno"; then
3628 AC_MSG_NOTICE([/etc/default/login handling disabled])
3629 etc_default_login=no
3630 else
3631 etc_default_login=yes
3632 fi ],
b0e7249f 3633 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
3634 then
3635 AC_MSG_WARN([cross compiling: not checking /etc/default/login])
3636 etc_default_login=no
3637 else
3638 etc_default_login=yes
3639 fi ]
694d0cef 3640)
95b99395 3641
694d0cef 3642if test "x$etc_default_login" != "xno"; then
3643 AC_CHECK_FILE("/etc/default/login",
3644 [ external_path_file=/etc/default/login ])
b0e7249f 3645 if test "x$external_path_file" = "x/etc/default/login"; then
3466e002 3646 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
3647 [Define if your system has /etc/default/login])
1a01a50c 3648 fi
694d0cef 3649fi
95b99395 3650
8d184c09 3651dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
4b492aab 3652if test $ac_cv_func_login_getcapbool = "yes" && \
3653 test $ac_cv_header_login_cap_h = "yes" ; then
95b99395 3654 external_path_file=/etc/login.conf
8d184c09 3655fi
95b99395 3656
a0391976 3657# Whether to mess with the default path
aff51935 3658SERVER_PATH_MSG="(default)"
c43d69a9 3659AC_ARG_WITH(default-path,
75817f90 3660 [ --with-default-path= Specify default \$PATH environment for server],
cb807f40 3661 [
95b99395 3662 if test "x$external_path_file" = "x/etc/login.conf" ; then
8d184c09 3663 AC_MSG_WARN([
3664--with-default-path=PATH has no effect on this system.
3665Edit /etc/login.conf instead.])
82f4e93d 3666 elif test "x$withval" != "xno" ; then
89bbd457 3667 if test ! -z "$external_path_file" ; then
95b99395 3668 AC_MSG_WARN([
3669--with-default-path=PATH will only be used if PATH is not defined in
3670$external_path_file .])
3671 fi
b2d818e6 3672 user_path="$withval"
aff51935 3673 SERVER_PATH_MSG="$withval"
cb807f40 3674 fi
b2d818e6 3675 ],
95b99395 3676 [ if test "x$external_path_file" = "x/etc/login.conf" ; then
3677 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
8d184c09 3678 else
89bbd457 3679 if test ! -z "$external_path_file" ; then
95b99395 3680 AC_MSG_WARN([
3681If PATH is defined in $external_path_file, ensure the path to scp is included,
3682otherwise scp will not work.])
3683 fi
b0e7249f 3684 AC_RUN_IFELSE(
3685 [AC_LANG_SOURCE([[
b2d818e6 3686/* find out what STDPATH is */
3687#include <stdio.h>
b2d818e6 3688#ifdef HAVE_PATHS_H
3689# include <paths.h>
3690#endif
3691#ifndef _PATH_STDPATH
d9a4e55b 3692# ifdef _PATH_USERPATH /* Irix */
3693# define _PATH_STDPATH _PATH_USERPATH
3694# else
3695# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
3696# endif
b2d818e6 3697#endif
3698#include <sys/types.h>
3699#include <sys/stat.h>
3700#include <fcntl.h>
3701#define DATA "conftest.stdpath"
3702
3703main()
3704{
3705 FILE *fd;
3706 int rc;
82f4e93d 3707
b2d818e6 3708 fd = fopen(DATA,"w");
3709 if(fd == NULL)
3710 exit(1);
82f4e93d 3711
b2d818e6 3712 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
3713 exit(1);
3714
3715 exit(0);
3716}
b0e7249f 3717 ]])],
3718 [ user_path=`cat conftest.stdpath` ],
b2d818e6 3719 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
3720 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
3721 )
3722# make sure $bindir is in USER_PATH so scp will work
3723 t_bindir=`eval echo ${bindir}`
3724 case $t_bindir in
3725 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
3726 esac
3727 case $t_bindir in
3728 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
3729 esac
3730 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
3731 if test $? -ne 0 ; then
3732 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
3733 if test $? -ne 0 ; then
3734 user_path=$user_path:$t_bindir
3735 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
3736 fi
3737 fi
8d184c09 3738 fi ]
cb807f40 3739)
95b99395 3740if test "x$external_path_file" != "x/etc/login.conf" ; then
3466e002 3741 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
8d184c09 3742 AC_SUBST(user_path)
3743fi
cb807f40 3744
06617857 3745# Set superuser path separately to user path
06617857 3746AC_ARG_WITH(superuser-path,
3747 [ --with-superuser-path= Specify different path for super-user],
3748 [
6cf0200f 3749 if test -n "$withval" && test "x$withval" != "xno" && \
3750 test "x${withval}" != "xyes"; then
3466e002 3751 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
3752 [Define if you want a different $PATH
3753 for the superuser])
06617857 3754 superuser_path=$withval
3755 fi
3756 ]
3757)
3758
3759
58d100bf 3760AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
aff51935 3761IPV4_IN6_HACK_MSG="no"
80faa19f 3762AC_ARG_WITH(4in6,
3763 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
3764 [
3765 if test "x$withval" != "xno" ; then
3766 AC_MSG_RESULT(yes)
3466e002 3767 AC_DEFINE(IPV4_IN_IPV6, 1,
3768 [Detect IPv4 in IPv6 mapped addresses
3769 and treat as IPv4])
aff51935 3770 IPV4_IN6_HACK_MSG="yes"
80faa19f 3771 else
3772 AC_MSG_RESULT(no)
3773 fi
3774 ],[
3775 if test "x$inet6_default_4in6" = "xyes"; then
3776 AC_MSG_RESULT([yes (default)])
3777 AC_DEFINE(IPV4_IN_IPV6)
aff51935 3778 IPV4_IN6_HACK_MSG="yes"
80faa19f 3779 else
3780 AC_MSG_RESULT([no (default)])
3781 fi
3782 ]
3783)
3784
af774732 3785# Whether to enable BSD auth support
f1b0ecc3 3786BSD_AUTH_MSG=no
af774732 3787AC_ARG_WITH(bsd-auth,
3788 [ --with-bsd-auth Enable BSD auth support],
3789 [
82f4e93d 3790 if test "x$withval" != "xno" ; then
3466e002 3791 AC_DEFINE(BSD_AUTH, 1,
3792 [Define if you have BSD auth support])
f1b0ecc3 3793 BSD_AUTH_MSG=yes
af774732 3794 fi
3795 ]
3796)
3797
a0391976 3798# Where to place sshd.pid
19d9ac2a 3799piddir=/var/run
81dadca3 3800# make sure the directory exists
82f4e93d 3801if test ! -d $piddir ; then
81dadca3 3802 piddir=`eval echo ${sysconfdir}`
3803 case $piddir in
aff51935 3804 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
81dadca3 3805 esac
3806fi
3807
47e45e44 3808AC_ARG_WITH(pid-dir,
3809 [ --with-pid-dir=PATH Specify location of ssh.pid file],
3810 [
6cf0200f 3811 if test -n "$withval" && test "x$withval" != "xno" && \
3812 test "x${withval}" != "xyes"; then
19d9ac2a 3813 piddir=$withval
82f4e93d 3814 if test ! -d $piddir ; then
81dadca3 3815 AC_MSG_WARN([** no $piddir directory on this system **])
3816 fi
47e45e44 3817 fi
3818 ]
3819)
b7a87eea 3820
3466e002 3821AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
19d9ac2a 3822AC_SUBST(piddir)
47e45e44 3823
1d7b9b20 3824dnl allow user to disable some login recording features
3825AC_ARG_ENABLE(lastlog,
bfd550a2 3826 [ --disable-lastlog disable use of lastlog even if detected [no]],
ddb154b3 3827 [
3828 if test "x$enableval" = "xno" ; then
3829 AC_DEFINE(DISABLE_LASTLOG)
3830 fi
3831 ]
1d7b9b20 3832)
3833AC_ARG_ENABLE(utmp,
bfd550a2 3834 [ --disable-utmp disable use of utmp even if detected [no]],
ddb154b3 3835 [
3836 if test "x$enableval" = "xno" ; then
3837 AC_DEFINE(DISABLE_UTMP)
3838 fi
3839 ]
1d7b9b20 3840)
3841AC_ARG_ENABLE(utmpx,
bfd550a2 3842 [ --disable-utmpx disable use of utmpx even if detected [no]],
ddb154b3 3843 [
3844 if test "x$enableval" = "xno" ; then
3466e002 3845 AC_DEFINE(DISABLE_UTMPX, 1,
3846 [Define if you don't want to use utmpx])
ddb154b3 3847 fi
3848 ]
1d7b9b20 3849)
3850AC_ARG_ENABLE(wtmp,
bfd550a2 3851 [ --disable-wtmp disable use of wtmp even if detected [no]],
ddb154b3 3852 [
3853 if test "x$enableval" = "xno" ; then
3854 AC_DEFINE(DISABLE_WTMP)
3855 fi
3856 ]
1d7b9b20 3857)
3858AC_ARG_ENABLE(wtmpx,
bfd550a2 3859 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
ddb154b3 3860 [
3861 if test "x$enableval" = "xno" ; then
3466e002 3862 AC_DEFINE(DISABLE_WTMPX, 1,
3863 [Define if you don't want to use wtmpx])
ddb154b3 3864 fi
3865 ]
1d7b9b20 3866)
3867AC_ARG_ENABLE(libutil,
bfd550a2 3868 [ --disable-libutil disable use of libutil (login() etc.) [no]],
ddb154b3 3869 [
3870 if test "x$enableval" = "xno" ; then
3871 AC_DEFINE(DISABLE_LOGIN)
3872 fi
3873 ]
1d7b9b20 3874)
3875AC_ARG_ENABLE(pututline,
bfd550a2 3876 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
ddb154b3 3877 [
3878 if test "x$enableval" = "xno" ; then
3466e002 3879 AC_DEFINE(DISABLE_PUTUTLINE, 1,
3880 [Define if you don't want to use pututline()
3881 etc. to write [uw]tmp])
ddb154b3 3882 fi
3883 ]
1d7b9b20 3884)
3885AC_ARG_ENABLE(pututxline,
bfd550a2 3886 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
ddb154b3 3887 [
3888 if test "x$enableval" = "xno" ; then
3466e002 3889 AC_DEFINE(DISABLE_PUTUTXLINE, 1,
3890 [Define if you don't want to use pututxline()
3891 etc. to write [uw]tmpx])
ddb154b3 3892 fi
3893 ]
1d7b9b20 3894)
3895AC_ARG_WITH(lastlog,
bfd550a2 3896 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
8c89dd2b 3897 [
82f4e93d 3898 if test "x$withval" = "xno" ; then
8c89dd2b 3899 AC_DEFINE(DISABLE_LASTLOG)
6cf0200f 3900 elif test -n "$withval" && test "x${withval}" != "xyes"; then
8c89dd2b 3901 conf_lastlog_location=$withval
3902 fi
3903 ]
3904)
1d7b9b20 3905
3906dnl lastlog, [uw]tmpx? detection
3907dnl NOTE: set the paths in the platform section to avoid the
3908dnl need for command-line parameters
3909dnl lastlog and [uw]tmp are subject to a file search if all else fails
3910
3911dnl lastlog detection
3912dnl NOTE: the code itself will detect if lastlog is a directory
3913AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
3914AC_TRY_COMPILE([
3915#include <sys/types.h>
3916#include <utmp.h>
3917#ifdef HAVE_LASTLOG_H
3918# include <lastlog.h>
3919#endif
d7c0f3d5 3920#ifdef HAVE_PATHS_H
1d7b9b20 3921# include <paths.h>
41cb4569 3922#endif
3923#ifdef HAVE_LOGIN_H
3924# include <login.h>
1d7b9b20 3925#endif
3926 ],
3927 [ char *lastlog = LASTLOG_FILE; ],
3928 [ AC_MSG_RESULT(yes) ],
d7c0f3d5 3929 [
3930 AC_MSG_RESULT(no)
3931 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
3932 AC_TRY_COMPILE([
3933#include <sys/types.h>
3934#include <utmp.h>
3935#ifdef HAVE_LASTLOG_H
3936# include <lastlog.h>
3937#endif
3938#ifdef HAVE_PATHS_H
3939# include <paths.h>
3940#endif
3941 ],
3942 [ char *lastlog = _PATH_LASTLOG; ],
3943 [ AC_MSG_RESULT(yes) ],
3944 [
f282b668 3945 AC_MSG_RESULT(no)
d7c0f3d5 3946 system_lastlog_path=no
3947 ])
3948 ]
1d7b9b20 3949)
d7c0f3d5 3950
1d7b9b20 3951if test -z "$conf_lastlog_location"; then
3952 if test x"$system_lastlog_path" = x"no" ; then
3953 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
e5fe9a1f 3954 if (test -d "$f" || test -f "$f") ; then
1d7b9b20 3955 conf_lastlog_location=$f
3956 fi
3957 done
3958 if test -z "$conf_lastlog_location"; then
f8119cef 3959 AC_MSG_WARN([** Cannot find lastlog **])
3960 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1d7b9b20 3961 fi
3962 fi
3963fi
3964
3965if test -n "$conf_lastlog_location"; then
3466e002 3966 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
3967 [Define if you want to specify the path to your lastlog file])
82f4e93d 3968fi
1d7b9b20 3969
3970dnl utmp detection
3971AC_MSG_CHECKING([if your system defines UTMP_FILE])
3972AC_TRY_COMPILE([
3973#include <sys/types.h>
3974#include <utmp.h>
d7c0f3d5 3975#ifdef HAVE_PATHS_H
1d7b9b20 3976# include <paths.h>
3977#endif
3978 ],
3979 [ char *utmp = UTMP_FILE; ],
3980 [ AC_MSG_RESULT(yes) ],
3981 [ AC_MSG_RESULT(no)
3982 system_utmp_path=no ]
3983)
3984if test -z "$conf_utmp_location"; then
3985 if test x"$system_utmp_path" = x"no" ; then
3986 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
3987 if test -f $f ; then
3988 conf_utmp_location=$f
3989 fi
3990 done
3991 if test -z "$conf_utmp_location"; then
3992 AC_DEFINE(DISABLE_UTMP)
3993 fi
3994 fi
3995fi
3996if test -n "$conf_utmp_location"; then
3466e002 3997 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
3998 [Define if you want to specify the path to your utmp file])
82f4e93d 3999fi
1d7b9b20 4000
4001dnl wtmp detection
4002AC_MSG_CHECKING([if your system defines WTMP_FILE])
4003AC_TRY_COMPILE([
4004#include <sys/types.h>
4005#include <utmp.h>
d7c0f3d5 4006#ifdef HAVE_PATHS_H
1d7b9b20 4007# include <paths.h>
4008#endif
4009 ],
4010 [ char *wtmp = WTMP_FILE; ],
4011 [ AC_MSG_RESULT(yes) ],
4012 [ AC_MSG_RESULT(no)
4013 system_wtmp_path=no ]
4014)
4015if test -z "$conf_wtmp_location"; then
4016 if test x"$system_wtmp_path" = x"no" ; then
4017 for f in /usr/adm/wtmp /var/log/wtmp; do
4018 if test -f $f ; then
4019 conf_wtmp_location=$f
4020 fi
4021 done
4022 if test -z "$conf_wtmp_location"; then
4023 AC_DEFINE(DISABLE_WTMP)
4024 fi
4025 fi
4026fi
4027if test -n "$conf_wtmp_location"; then
3466e002 4028 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
4029 [Define if you want to specify the path to your wtmp file])
82f4e93d 4030fi
1d7b9b20 4031
4032
4033dnl utmpx detection - I don't know any system so perverse as to require
4034dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
4035dnl there, though.
4036AC_MSG_CHECKING([if your system defines UTMPX_FILE])
4037AC_TRY_COMPILE([
4038#include <sys/types.h>
4039#include <utmp.h>
4040#ifdef HAVE_UTMPX_H
4041#include <utmpx.h>
4042#endif
d7c0f3d5 4043#ifdef HAVE_PATHS_H
1d7b9b20 4044# include <paths.h>
4045#endif
4046 ],
4047 [ char *utmpx = UTMPX_FILE; ],
4048 [ AC_MSG_RESULT(yes) ],
4049 [ AC_MSG_RESULT(no)
4050 system_utmpx_path=no ]
4051)
4052if test -z "$conf_utmpx_location"; then
4053 if test x"$system_utmpx_path" = x"no" ; then
4054 AC_DEFINE(DISABLE_UTMPX)
4055 fi
4056else
3466e002 4057 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
4058 [Define if you want to specify the path to your utmpx file])
82f4e93d 4059fi
1d7b9b20 4060
4061dnl wtmpx detection
4062AC_MSG_CHECKING([if your system defines WTMPX_FILE])
4063AC_TRY_COMPILE([
4064#include <sys/types.h>
4065#include <utmp.h>
4066#ifdef HAVE_UTMPX_H
4067#include <utmpx.h>
4068#endif
d7c0f3d5 4069#ifdef HAVE_PATHS_H
1d7b9b20 4070# include <paths.h>
4071#endif
4072 ],
4073 [ char *wtmpx = WTMPX_FILE; ],
4074 [ AC_MSG_RESULT(yes) ],
4075 [ AC_MSG_RESULT(no)
4076 system_wtmpx_path=no ]
4077)
4078if test -z "$conf_wtmpx_location"; then
4079 if test x"$system_wtmpx_path" = x"no" ; then
4080 AC_DEFINE(DISABLE_WTMPX)
4081 fi
4082else
3466e002 4083 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
4084 [Define if you want to specify the path to your wtmpx file])
82f4e93d 4085fi
1d7b9b20 4086
b7a87eea 4087
bd499f9e 4088if test ! -z "$blibpath" ; then
68ece370 4089 LDFLAGS="$LDFLAGS $blibflags$blibpath"
4090 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
bd499f9e 4091fi
4092
ed89c848 4093dnl Adding -Werror to CFLAGS early prevents configure tests from running.
4094dnl Add now.
4095CFLAGS="$CFLAGS $werror_flags"
4096
edee47f5 4097if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \
4098 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
4099 AC_SUBST(TEST_SSH_IPV6, no)
4100else
4101 AC_SUBST(TEST_SSH_IPV6, yes)
4102fi
4103
3c62e7eb 4104AC_EXEEXT
29eadd7c 4105AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
4106 openbsd-compat/Makefile openbsd-compat/regress/Makefile \
4107 scard/Makefile ssh_prng_cmds survey.sh])
98a7c37b 4108AC_OUTPUT
d3083fbd 4109
cbd7492e 4110# Print summary of options
4111
cbd7492e 4112# Someone please show me a better way :)
4113A=`eval echo ${prefix}` ; A=`eval echo ${A}`
4114B=`eval echo ${bindir}` ; B=`eval echo ${B}`
4115C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
4116D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
f5665f6f 4117E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
e0c4d3ac 4118F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
cbd7492e 4119G=`eval echo ${piddir}` ; G=`eval echo ${G}`
ecac8ee5 4120H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
4121I=`eval echo ${user_path}` ; I=`eval echo ${I}`
4122J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
cbd7492e 4123
4124echo ""
26de7942 4125echo "OpenSSH has been configured with the following options:"
ecac8ee5 4126echo " User binaries: $B"
4127echo " System binaries: $C"
4128echo " Configuration files: $D"
4129echo " Askpass program: $E"
4130echo " Manual pages: $F"
4131echo " PID file: $G"
4132echo " Privilege separation chroot path: $H"
95b99395 4133if test "x$external_path_file" = "x/etc/login.conf" ; then
4134echo " At runtime, sshd will use the path defined in $external_path_file"
4135echo " Make sure the path to scp is present, otherwise scp will not work"
8d184c09 4136else
ecac8ee5 4137echo " sshd default user PATH: $I"
89bbd457 4138 if test ! -z "$external_path_file"; then
95b99395 4139echo " (If PATH is set in $external_path_file it will be used instead. If"
4140echo " used, ensure the path to scp is present, otherwise scp will not work.)"
4141 fi
8d184c09 4142fi
06617857 4143if test ! -z "$superuser_path" ; then
ecac8ee5 4144echo " sshd superuser user PATH: $J"
4145fi
4146echo " Manpage format: $MANTYPE"
3e05e934 4147echo " PAM support: $PAM_MSG"
5b84789f 4148echo " OSF SIA support: $SIA_MSG"
ecac8ee5 4149echo " KerberosV support: $KRB5_MSG"
ef4d1846 4150echo " SELinux support: $SELINUX_MSG"
ecac8ee5 4151echo " Smartcard support: $SCARD_MSG"
ecac8ee5 4152echo " S/KEY support: $SKEY_MSG"
4153echo " TCP Wrappers support: $TCPW_MSG"
4154echo " MD5 password support: $MD5_MSG"
59031773 4155echo " libedit support: $LIBEDIT_MSG"
5b84789f 4156echo " Solaris process contract support: $SPC_MSG"
3deb1408 4157echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
ecac8ee5 4158echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4159echo " BSD Auth support: $BSD_AUTH_MSG"
4160echo " Random number source: $RAND_MSG"
f1b0ecc3 4161if test ! -z "$USE_RAND_HELPER" ; then
ecac8ee5 4162echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
af774732 4163fi
4164
cbd7492e 4165echo ""
4166
0c2fb82f 4167echo " Host: ${host}"
4168echo " Compiler: ${CC}"
4169echo " Compiler flags: ${CFLAGS}"
4170echo "Preprocessor flags: ${CPPFLAGS}"
4171echo " Linker flags: ${LDFLAGS}"
e54defb4 4172echo " Libraries: ${LIBS}"
4173if test ! -z "${SSHDLIBS}"; then
4174echo " +for sshd: ${SSHDLIBS}"
4175fi
cbd7492e 4176
4177echo ""
4178
9cefe228 4179if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
b3146b5f 4180 echo "SVR4 style packages are supported with \"make package\""
4181 echo ""
9cefe228 4182fi
4183
adeebd37 4184if test "x$PAM_MSG" = "xyes" ; then
f1b0ecc3 4185 echo "PAM is enabled. You may need to install a PAM control file "
4186 echo "for sshd, otherwise password authentication may fail. "
aff51935 4187 echo "Example PAM control files can be found in the contrib/ "
f1b0ecc3 4188 echo "subdirectory"
adeebd37 4189 echo ""
4190fi
4191
f1b0ecc3 4192if test ! -z "$RAND_HELPER_CMDHASH" ; then
4193 echo "WARNING: you are using the builtin random number collection "
4194 echo "service. Please read WARNING.RNG and request that your OS "
4195 echo "vendor includes kernel-based random number collection in "
4196 echo "future versions of your OS."
2c523de9 4197 echo ""
4198fi
af774732 4199
2f6f9cff 4200if test ! -z "$NO_PEERCHECK" ; then
1961d660 4201 echo "WARNING: the operating system that you are using does not"
4202 echo "appear to support getpeereid(), getpeerucred() or the"
4203 echo "SO_PEERCRED getsockopt() option. These facilities are used to"
4204 echo "enforce security checks to prevent unauthorised connections to"
4205 echo "ssh-agent. Their absence increases the risk that a malicious"
4206 echo "user can connect to your agent."
2f6f9cff 4207 echo ""
4208fi
4209
7b578f7d 4210if test "$AUDIT_MODULE" = "bsm" ; then
4211 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
4212 echo "See the Solaris section in README.platform for details."
4213fi
git-cvsimport mirror of OpenSSH
This page took 5.328514 seconds and 5 git commands to generate.