configure.in

   1 AC_INIT(ssh.c)
   2
   3 AC_CONFIG_HEADER(config.h)
   4 AC_PROG_CC
   5 AC_CANONICAL_HOST
   6
   7 # Checks for programs.
   8 AC_PROG_CPP
   9 AC_PROG_RANLIB
  10 AC_PROG_INSTALL
  11 AC_CHECK_PROG(AR, ar, ar)
  12 AC_PATH_PROG(PERL, perl)
  13 AC_SUBST(PERL)
  14 AC_PATH_PROG(ENT, ent)
  15 AC_SUBST(ENT)
  16 AC_PATH_PROGS(FILEPRIV, filepriv, true, /sbin:/usr/sbin)
  17
  18 # Use LOGIN_PROGRAM from environment if possible
  19 if test ! -z "$LOGIN_PROGRAM" ; then
  20         AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
  21 else
  22         # Search for login
  23         AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
  24         if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
  25                 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
  26         fi
  27 fi
  28
  29 if test -z "$LD" ; then
  30         LD=$CC
  31 fi
  32 AC_SUBST(LD)
  33
  34 # C Compiler features
  35 AC_C_INLINE
  36 if test "$GCC" = "yes"; then
  37         CFLAGS="$CFLAGS -Wall"
  38 fi
  39
  40 CFLAGS="$CFLAGS -I. -I${srcdir-.}"
  41
  42 # Check for some target-specific stuff
  43 case "$host" in
  44 *-*-aix*)
  45         AFS_LIBS="-lld"
  46         CFLAGS="$CFLAGS -I/usr/local/include"
  47         LDFLAGS="$LDFLAGS -L/usr/local/lib"
  48         if (test "$LD" != "gcc" && test -z "$blibpath"); then
  49                 blibpath="/usr/lib:/lib:/usr/local/lib"
  50         fi
  51         AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)])
  52         AC_DEFINE(BROKEN_GETADDRINFO)
  53         MANTYPE='$(CATMAN)'
  54         mansubdir=cat
  55         dnl AIX handles lastlog as part of its login message
  56         AC_DEFINE(DISABLE_LASTLOG)
  57         MANTYPE='$(CATMAN)'
  58         mansubdir=cat
  59         ;;
  60 *-*-cygwin*)
  61         LIBS="$LIBS -lregex /usr/lib/textmode.o"
  62         AC_DEFINE(HAVE_CYGWIN)
  63         AC_DEFINE(DISABLE_PAM)
  64         AC_DEFINE(DISABLE_SHADOW)
  65         AC_DEFINE(IPV4_DEFAULT)
  66         AC_DEFINE(IP_TOS_IS_BROKEN)
  67         AC_DEFINE(BROKEN_VHANGUP)
  68         no_pam=1
  69         no_libsocket=1
  70         no_libnsl=1
  71         ;;
  72 *-*-hpux10*)
  73         if test -z "$GCC"; then
  74                 CFLAGS="$CFLAGS -Ae"
  75         fi
  76         CFLAGS="$CFLAGS -D_HPUX_SOURCE"
  77         IPADDR_IN_DISPLAY=yes
  78         AC_DEFINE(USE_PIPES)
  79         AC_DEFINE(DISABLE_SHADOW)
  80         AC_DEFINE(DISABLE_UTMP)
  81         AC_DEFINE(SPT_TYPE,SPT_PSTAT)
  82         LIBS="$LIBS -lsec"
  83         MANTYPE='$(CATMAN)'
  84         mansubdir=cat
  85         ;;
  86 *-*-hpux11*)
  87         CFLAGS="$CFLAGS -D_HPUX_SOURCE"
  88         IPADDR_IN_DISPLAY=yes
  89         AC_DEFINE(USE_PIPES)
  90         AC_DEFINE(DISABLE_SHADOW)
  91         AC_DEFINE(DISABLE_UTMP)
  92         AC_DEFINE(SPT_TYPE,SPT_PSTAT)
  93         LIBS="$LIBS -lsec"
  94         MANTYPE='$(CATMAN)'
  95         mansubdir=cat
  96         ;;
  97 *-*-irix5*)
  98         CFLAGS="$CFLAGS -I/usr/local/include"
  99         LDFLAGS="$LDFLAGS"
 100         PATH="$PATH:/usr/etc"
 101         MANTYPE='$(CATMAN)'
 102         no_libsocket=1
 103         no_libnsl=1
 104         AC_DEFINE(BROKEN_INET_NTOA)
 105         ;;
 106 *-*-irix6*)
 107         CFLAGS="$CFLAGS -I/usr/local/include"
 108         LDFLAGS="$LDFLAGS"
 109         PATH="$PATH:/usr/etc"
 110         MANTYPE='$(CATMAN)'
 111         AC_DEFINE(WITH_IRIX_ARRAY)
 112         AC_DEFINE(WITH_IRIX_PROJECT)
 113         AC_DEFINE(WITH_IRIX_AUDIT)
 114         no_libsocket=1
 115         no_libnsl=1
 116         AC_DEFINE(BROKEN_INET_NTOA)
 117         ;;
 118 *-*-linux*)
 119         no_dev_ptmx=1
 120         AC_DEFINE(DONT_TRY_OTHER_AF)
 121         AC_DEFINE(PAM_TTY_KLUDGE)
 122         inet6_default_4in6=yes
 123         ;;
 124 mips-sony-bsd|mips-sony-newsos4)
 125         AC_DEFINE(HAVE_NEWS4)
 126         SONY=1
 127         AC_CHECK_LIB(iberty, xatexit, AC_DEFINE(HAVE_XATEXIT),
 128                 AC_MSG_ERROR([*** libiberty missing - please install first ***])
 129         )
 130         ;;
 131 *-*-netbsd*)
 132         need_dash_r=1
 133         ;;
 134 *-next-*)
 135         conf_lastlog_location="/usr/adm/lastlog"
 136         conf_utmp_location=/etc/utmp
 137         conf_wtmp_location=/usr/adm/wtmp
 138         MAIL=/usr/spool/mail
 139         AC_DEFINE(HAVE_NEXT)
 140         AC_DEFINE(BROKEN_REALPATH)
 141         CFLAGS="$CFLAGS -I/usr/local/include"
 142         ;;
 143 *-*-solaris*)
 144         CFLAGS="$CFLAGS -I/usr/local/include"
 145         LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib -L/usr/ucblib -R/usr/ucblib"
 146         need_dash_r=1
 147         # hardwire lastlog location (can't detect it on some versions)
 148         conf_lastlog_location="/var/adm/lastlog"
 149         AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
 150         sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
 151         if test "$sol2ver" -ge 8; then
 152                 AC_MSG_RESULT(yes)
 153                 AC_DEFINE(DISABLE_UTMP)
 154                 AC_DEFINE(DISABLE_WTMP)
 155         else
 156                 AC_MSG_RESULT(no)
 157         fi
 158         ;;
 159 *-*-sunos4*)
 160         CFLAGS="$CFLAGS -DSUNOS4"
 161         AC_CHECK_FUNCS(getpwanam)
 162         conf_utmp_location=/etc/utmp
 163         conf_wtmp_location=/var/adm/wtmp
 164         conf_lastlog_location=/var/adm/lastlog
 165         AC_DEFINE(USE_PIPES)
 166         MANTYPE='$(CATMAN)'
 167         mansubdir=cat
 168         ;;
 169 *-sni-sysv*)
 170         CFLAGS="$CFLAGS -I/usr/local/include"
 171         LDFLAGS="$LDFLAGS -L/usr/local/lib -L/usr/ucblib"
 172         MANTYPE='$(CATMAN)'
 173         AC_DEFINE(IP_TOS_IS_BROKEN)
 174         mansubdir=cat
 175         LIBS="$LIBS -lgen -lnsl -lucb"
 176         ;;
 177 *-*-sysv4.2*)
 178         CFLAGS="$CFLAGS -I/usr/local/include"
 179         LDFLAGS="$LDFLAGS -L/usr/local/lib"
 180         MANTYPE='$(CATMAN)'
 181         mansubdir=cat
 182         LIBS="$LIBS -lgen -lsocket -lnsl -lresolv"
 183         enable_suid_ssh=no
 184         ;;
 185 *-*-sysv5*)
 186         CFLAGS="$CFLAGS -I/usr/local/include"
 187         LDFLAGS="$LDFLAGS -L/usr/local/lib"
 188         MANTYPE='$(CATMAN)'
 189         mansubdir=cat
 190         LIBS="$LIBS -lgen -lsocket"
 191         enable_suid_ssh=no
 192         ;;
 193 *-*-sysv*)
 194         CFLAGS="$CFLAGS -I/usr/local/include"
 195         LDFLAGS="$LDFLAGS -L/usr/local/lib"
 196         MANTYPE='$(CATMAN)'
 197         mansubdir=cat
 198         LIBS="$LIBS -lgen -lsocket"
 199         ;;
 200 *-*-sco3.2v4*)
 201         AC_DEFINE(USE_PIPES)
 202         CFLAGS="$CFLAGS -Dftruncate=chsize -I/usr/local/include"
 203         LDFLAGS="$LDFLAGS -L/usr/local/lib"
 204         MANTYPE='$(CATMAN)'
 205         mansubdir=cat
 206         LIBS="$LIBS -lgen -lsocket -los -lprot -lx"
 207         no_dev_ptmx=1
 208         RANLIB=true
 209         AC_DEFINE(BROKEN_SYS_TERMIO_H)
 210         rsh_path="/usr/bin/rcmd"
 211         AC_DEFINE(HAVE_SCO_PROTECTED_PW)
 212         ;;
 213 *-*-sco3.2v5*)
 214         CFLAGS="$CFLAGS -I/usr/local/include"
 215         LDFLAGS="$LDFLAGS -L/usr/local/lib"
 216         MANTYPE='$(CATMAN)'
 217         mansubdir=cat
 218         LIBS="$LIBS -lgen -lsocket -lprot -lx"
 219         no_dev_ptmx=1
 220         rsh_path="/usr/bin/rcmd"
 221         AC_DEFINE(HAVE_SCO_PROTECTED_PW)
 222         ;;
 223 *-dec-osf*)
 224 # This is untested
 225         if test ! -z "USE_SIA" ; then
 226                 AC_MSG_CHECKING(for Digital Unix Security Integration Architecture)
 227                 if test -f /etc/sia/matrix.conf; then
 228                         AC_MSG_RESULT(yes)
 229                         AC_DEFINE(HAVE_OSF_SIA)
 230                         AC_DEFINE(DISABLE_LOGIN)
 231                         LIBS="$LIBS -lsecurity -ldb -lm -laud"
 232                 else
 233                         AC_MSG_RESULT(no)
 234                 fi
 235         fi
 236         ;;
 237 esac
 238
 239 # Allow user to specify flags
 240 AC_ARG_WITH(cflags,
 241         [  --with-cflags           Specify additional flags to pass to compiler],
 242         [
 243                 if test "x$withval" != "xno" ; then
 244                         CFLAGS="$CFLAGS $withval"
 245                 fi
 246         ]
 247 )
 248 AC_ARG_WITH(ldflags,
 249         [  --with-ldlags           Specify additional flags to pass to linker],
 250         [
 251                 if test "x$withval" != "xno" ; then
 252                         LDFLAGS="$LDFLAGS $withval"
 253                 fi
 254         ]
 255 )
 256 AC_ARG_WITH(libs,
 257         [  --with-libs             Specify additional libraries to link with],
 258         [
 259                 if test "x$withval" != "xno" ; then
 260                         LIBS="$LIBS $withval"
 261                 fi
 262         ]
 263 )
 264
 265
 266 # Checks for libraries.
 267 AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
 268 AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")
 269
 270 AC_CHECK_FUNC(regcomp,
 271         [],
 272         [
 273                 AC_CHECK_LIB(pcre, pcre_info,
 274                         AC_DEFINE(HAVE_LIBPCRE) LIBS="$LIBS -lpcreposix -lpcre")
 275         ]
 276 )
 277
 278 if test -z "$no_libsocket" ; then
 279         AC_CHECK_LIB(nsl, yp_match, , )
 280 fi
 281 if test -z "$no_libnsl" ; then
 282         AC_CHECK_LIB(socket, main, , )
 283 fi
 284
 285 # Checks for header files.
 286 AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h vis.h)
 287
 288 dnl    Checks for library functions.
 289 AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getcwd getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty realpath rresvport_af setenv seteuid setlogin setproctitle setreuid setrlimit sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r vsnprintf vhangup vis _getpty __b64_ntop)
 290 dnl    Checks for time functions
 291 AC_CHECK_FUNCS(gettimeofday time)
 292 dnl    Checks for libutil functions
 293 AC_CHECK_FUNCS(login logout updwtmp logwtmp)
 294 dnl    Checks for utmp functions
 295 AC_CHECK_FUNCS(entutent getutent getutid getutline pututline setutent)
 296 AC_CHECK_FUNCS(utmpname)
 297 dnl    Checks for utmpx functions
 298 AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline )
 299 AC_CHECK_FUNCS(setutxent utmpxname)
 300
 301 AC_CHECK_FUNC(getuserattr,
 302         [AC_DEFINE(HAVE_GETUSERATTR)],
 303         [AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])]
 304 )
 305
 306 AC_CHECK_FUNC(login,
 307         [AC_DEFINE(HAVE_LOGIN)],
 308         [AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_LOGIN)])]
 309 )
 310
 311 AC_CHECK_FUNC(daemon,
 312         [AC_DEFINE(HAVE_DAEMON)],
 313         [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
 314 )
 315
 316 AC_CHECK_FUNC(getpagesize,
 317         [AC_DEFINE(HAVE_GETPAGESIZE)],
 318         [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
 319 )
 320
 321 # Check for broken snprintf
 322 if test "x$ac_cv_func_snprintf" = "xyes" ; then
 323         AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
 324         AC_TRY_RUN(
 325                 [
 326 #include <stdio.h>
 327 int main(void){char b[5];snprintf(b,5,"123456789");return(b[4]!='\0');}
 328                 ],
 329                 [AC_MSG_RESULT(yes)],
 330                 [
 331                         AC_MSG_RESULT(no)
 332                         AC_DEFINE(BROKEN_SNPRINTF)
 333                         AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
 334                 ]
 335         )
 336 fi
 337
 338 AC_FUNC_GETPGRP
 339
 340 PAM_MSG="no"
 341 AC_ARG_WITH(pam,
 342         [  --without-pam           Disable PAM support ],
 343         [
 344                 if test "x$withval" = "xno" ; then
 345                         no_pam=1
 346                         AC_DEFINE(DISABLE_PAM)
 347                         PAM_MSG="disabled"
 348                 fi
 349         ]
 350 )
 351 if (test -z "$no_pam" && test "x$ac_cv_header_security_pam_appl_h" = "xyes") ; then
 352         AC_CHECK_LIB(dl, dlopen, , )
 353         LIBS="$LIBS -lpam"
 354
 355         AC_CHECK_FUNCS(pam_getenvlist)
 356
 357         disable_shadow=yes
 358
 359         PAM_MSG="yes"
 360
 361         # Check PAM strerror arguments (old PAM)
 362         AC_MSG_CHECKING([whether pam_strerror takes only one argument])
 363         AC_TRY_COMPILE(
 364                 [
 365 #include <stdlib.h>
 366 #include <security/pam_appl.h>
 367                 ],
 368                 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
 369                 [AC_MSG_RESULT(no)],
 370                 [
 371                         AC_DEFINE(HAVE_OLD_PAM)
 372                         AC_MSG_RESULT(yes)
 373                         PAM_MSG="yes (old library)"
 374                 ]
 375         )
 376 fi
 377
 378 # The big search for OpenSSL
 379 AC_ARG_WITH(ssl-dir,
 380         [  --with-ssl-dir=PATH     Specify path to OpenSSL installation ],
 381         [
 382                 if test "x$withval" != "$xno" ; then
 383                         tryssldir=$withval
 384                 fi
 385         ]
 386 )
 387
 388 saved_LIBS="$LIBS"
 389 saved_LDFLAGS="$LDFLAGS"
 390 saved_CFLAGS="$CFLAGS"
 391 if test "x$prefix" != "xNONE" ; then
 392         tryssldir="$tryssldir $prefix"
 393 fi
 394 AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
 395
 396         for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
 397                 if test ! -z "$ssldir" ; then
 398                         LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
 399                         CFLAGS="$saved_CFLAGS -I$ssldir/include"
 400                         if test ! -z "$need_dash_r" ; then
 401                                 LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
 402                         fi
 403                 else
 404                         LDFLAGS="$saved_LDFLAGS"
 405                 fi
 406
 407                 LIBS="$saved_LIBS -lcrypto"
 408
 409                 # Basic test to check for compatible version and correct linking
 410                 # *does not* test for RSA - that comes later.
 411                 AC_TRY_RUN(
 412                         [
 413 #include <string.h>
 414 #include <openssl/rand.h>
 415 int main(void)
 416 {
 417         char a[2048];
 418         memset(a, 0, sizeof(a));
 419         RAND_add(a, sizeof(a), sizeof(a));
 420         return(RAND_status() <= 0);
 421 }
 422                         ],
 423                         [
 424                                 found_crypto=1
 425                                 break;
 426                         ], []
 427                 )
 428
 429                 if test ! -z "$found_crypto" ; then
 430                         break;
 431                 fi
 432         done
 433
 434         if test -z "$found_crypto" ; then
 435                 AC_MSG_ERROR([Could not find working SSLeay / OpenSSL libraries, please install])
 436         fi
 437         if test -z "$ssldir" ; then
 438                 ssldir="(system)"
 439         fi
 440
 441         ac_cv_openssldir=$ssldir
 442 ])
 443
 444 if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ; then
 445         AC_DEFINE(HAVE_OPENSSL)
 446         dnl Need to recover ssldir - test above runs in subshell
 447         ssldir=$ac_cv_openssldir
 448         CFLAGS="$saved_CFLAGS -I$ssldir/include"
 449         LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
 450         if test ! -z "$need_dash_r" ; then
 451                 LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
 452         fi
 453         if test ! -z "$blibpath" ; then
 454                 blibpath="$blibpath:$ssldir:$ssldir/lib"
 455         fi
 456 fi
 457 LIBS="$saved_LIBS -lcrypto"
 458
 459 # Now test RSA support
 460 saved_LIBS="$LIBS"
 461 AC_MSG_CHECKING([for RSA support])
 462 for WANTS_RSAREF in "" 1 ; do
 463         if test -z "$WANTS_RSAREF" ; then
 464                 LIBS="$saved_LIBS"
 465         else
 466                 LIBS="$saved_LIBS -lRSAglue -lrsaref"
 467         fi
 468         AC_TRY_RUN([
 469 #include <string.h>
 470 #include <openssl/rand.h>
 471 #include <openssl/rsa.h>
 472 #include <openssl/bn.h>
 473 #include <openssl/sha.h>
 474 int main(void)
 475 {
 476         int num; RSA *key; static unsigned char p_in[] = "blahblah";
 477         unsigned char c[256], p[256];
 478         memset(c, 0, sizeof(c)); RAND_add(c, sizeof(c), sizeof(c));
 479         if ((key=RSA_generate_key(512, 3, NULL, NULL))==NULL) return(1);
 480         num = RSA_public_encrypt(sizeof(p_in) - 1, p_in, c, key, RSA_PKCS1_PADDING);
 481         return(-1 == RSA_private_decrypt(num, c, p, key, RSA_PKCS1_PADDING));
 482 }
 483         ],
 484         [
 485                 rsa_works=1
 486                 break;
 487         ], [])
 488 done
 489
 490 if test ! -z "$no_rsa" ; then
 491         AC_MSG_RESULT(disabled)
 492         RSA_MSG="disabled"
 493 else
 494         if test -z "$rsa_works" ; then
 495                 AC_MSG_WARN([*** No RSA support found *** ])
 496                 RSA_MSG="no"
 497         else
 498                 if test -z "$WANTS_RSAREF" ; then
 499                         AC_MSG_RESULT(yes)
 500                         RSA_MSG="yes"
 501                 else
 502                         RSA_MSG="yes (using RSAref)"
 503                         AC_MSG_RESULT(using RSAref)
 504                         LIBS="$saved_LIBS -lcrypto -lRSAglue -lrsaref"
 505                 fi
 506         fi
 507 fi
 508
 509 # Cheap hack to ensure NEWS-OS libraries are arranged right.
 510 if test ! -z "$SONY" ; then
 511   LIBS="$LIBS -liberty";
 512 fi
 513
 514 # Checks for data types
 515 AC_CHECK_SIZEOF(char, 1)
 516 AC_CHECK_SIZEOF(short int, 2)
 517 AC_CHECK_SIZEOF(int, 4)
 518 AC_CHECK_SIZEOF(long int, 4)
 519 AC_CHECK_SIZEOF(long long int, 8)
 520
 521 # More checks for data types
 522 AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
 523         AC_TRY_COMPILE(
 524                 [ #include <sys/types.h> ],
 525                 [ u_int a; a = 1;],
 526                 [ ac_cv_have_u_int="yes" ],
 527                 [ ac_cv_have_u_int="no" ]
 528         )
 529 ])
 530 if test "x$ac_cv_have_u_int" = "xyes" ; then
 531         AC_DEFINE(HAVE_U_INT)
 532         have_u_int=1
 533 fi
 534
 535 AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
 536         AC_TRY_COMPILE(
 537                 [ #include <sys/types.h> ],
 538                 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
 539                 [ ac_cv_have_intxx_t="yes" ],
 540                 [ ac_cv_have_intxx_t="no" ]
 541         )
 542 ])
 543 if test "x$ac_cv_have_intxx_t" = "xyes" ; then
 544         AC_DEFINE(HAVE_INTXX_T)
 545         have_intxx_t=1
 546 fi
 547
 548 AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
 549         AC_TRY_COMPILE(
 550                 [ #include <sys/types.h> ],
 551                 [ int64_t a; a = 1;],
 552                 [ ac_cv_have_int64_t="yes" ],
 553                 [ ac_cv_have_int64_t="no" ]
 554         )
 555 ])
 556 if test "x$ac_cv_have_int64_t" = "xyes" ; then
 557         AC_DEFINE(HAVE_INT64_T)
 558         have_int64_t=1
 559 fi
 560
 561 AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
 562         AC_TRY_COMPILE(
 563                 [ #include <sys/types.h> ],
 564                 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
 565                 [ ac_cv_have_u_intxx_t="yes" ],
 566                 [ ac_cv_have_u_intxx_t="no" ]
 567         )
 568 ])
 569 if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
 570         AC_DEFINE(HAVE_U_INTXX_T)
 571         have_u_intxx_t=1
 572 fi
 573
 574 AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
 575         AC_TRY_COMPILE(
 576                 [ #include <sys/types.h> ],
 577                 [ u_int64_t a; a = 1;],
 578                 [ ac_cv_have_u_int64_t="yes" ],
 579                 [ ac_cv_have_u_int64_t="no" ]
 580         )
 581 ])
 582 if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
 583         AC_DEFINE(HAVE_U_INT64_T)
 584         have_u_int64_t=1
 585 fi
 586
 587 if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
 588            test "x$ac_cv_header_sys_bitypes_h" = "xyes")
 589 then
 590         AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
 591         AC_TRY_COMPILE(
 592                 [
 593 #include <sys/bitypes.h>
 594                 ],
 595                 [
 596                         int8_t a; int16_t b; int32_t c;
 597                         u_int8_t e; u_int16_t f; u_int32_t g;
 598                         a = b = c = e = f = g = 1;
 599                 ],
 600                 [
 601                         AC_DEFINE(HAVE_U_INTXX_T)
 602                         AC_DEFINE(HAVE_INTXX_T)
 603                         AC_MSG_RESULT(yes)
 604                 ],
 605                 [AC_MSG_RESULT(no)]
 606         )
 607 fi
 608
 609 if test -z "$have_u_intxx_t" ; then
 610         AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
 611                 AC_TRY_COMPILE(
 612                         [
 613 #include <sys/types.h>
 614                         ],
 615                         [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
 616                         [ ac_cv_have_uintxx_t="yes" ],
 617                         [ ac_cv_have_uintxx_t="no" ]
 618                 )
 619         ])
 620         if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
 621                 AC_DEFINE(HAVE_UINTXX_T)
 622         fi
 623 fi
 624
 625 AC_CACHE_CHECK([for socklen_t], ac_cv_have_socklen_t, [
 626         AC_TRY_COMPILE(
 627                 [
 628 #include <sys/types.h>
 629 #include <sys/socket.h>
 630                 ],
 631                 [socklen_t foo; foo = 1235;],
 632                 [ ac_cv_have_socklen_t="yes" ],
 633                 [ ac_cv_have_socklen_t="no" ]
 634         )
 635 ])
 636 if test "x$ac_cv_have_socklen_t" = "xyes" ; then
 637         AC_DEFINE(HAVE_SOCKLEN_T)
 638 fi
 639
 640 AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
 641         AC_TRY_COMPILE(
 642                 [
 643 #include <sys/types.h>
 644                 ],
 645                 [ size_t foo; foo = 1235; ],
 646                 [ ac_cv_have_size_t="yes" ],
 647                 [ ac_cv_have_size_t="no" ]
 648         )
 649 ])
 650 if test "x$ac_cv_have_size_t" = "xyes" ; then
 651         AC_DEFINE(HAVE_SIZE_T)
 652 fi
 653
 654 AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
 655         AC_TRY_COMPILE(
 656                 [
 657 #include <sys/types.h>
 658                 ],
 659                 [ ssize_t foo; foo = 1235; ],
 660                 [ ac_cv_have_ssize_t="yes" ],
 661                 [ ac_cv_have_ssize_t="no" ]
 662         )
 663 ])
 664 if test "x$ac_cv_have_ssize_t" = "xyes" ; then
 665         AC_DEFINE(HAVE_SSIZE_T)
 666 fi
 667
 668 AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
 669         AC_TRY_COMPILE(
 670                 [
 671 #include <sys/types.h>
 672 #include <sys/socket.h>
 673                 ],
 674                 [ sa_family_t foo; foo = 1235; ],
 675                 [ ac_cv_have_sa_family_t="yes" ],
 676                 [ AC_TRY_COMPILE(
 677                   [
 678 #include <sys/types.h>
 679 #include <sys/socket.h>
 680 #include <netinet/in.h>
 681                 ],
 682                 [ sa_family_t foo; foo = 1235; ],
 683                 [ ac_cv_have_sa_family_t="yes" ],
 684
 685                 [ ac_cv_have_sa_family_t="no" ]
 686         )]
 687         )
 688 ])
 689 if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
 690         AC_DEFINE(HAVE_SA_FAMILY_T)
 691 fi
 692
 693 AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
 694         AC_TRY_COMPILE(
 695                 [
 696 #include <sys/types.h>
 697                 ],
 698                 [ pid_t foo; foo = 1235; ],
 699                 [ ac_cv_have_pid_t="yes" ],
 700                 [ ac_cv_have_pid_t="no" ]
 701         )
 702 ])
 703 if test "x$ac_cv_have_pid_t" = "xyes" ; then
 704         AC_DEFINE(HAVE_PID_T)
 705 fi
 706
 707 AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
 708         AC_TRY_COMPILE(
 709                 [
 710 #include <sys/types.h>
 711                 ],
 712                 [ mode_t foo; foo = 1235; ],
 713                 [ ac_cv_have_mode_t="yes" ],
 714                 [ ac_cv_have_mode_t="no" ]
 715         )
 716 ])
 717 if test "x$ac_cv_have_mode_t" = "xyes" ; then
 718         AC_DEFINE(HAVE_MODE_T)
 719 fi
 720
 721
 722 AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
 723         AC_TRY_COMPILE(
 724                 [
 725 #include <sys/types.h>
 726 #include <sys/socket.h>
 727                 ],
 728                 [ struct sockaddr_storage s; ],
 729                 [ ac_cv_have_struct_sockaddr_storage="yes" ],
 730                 [ ac_cv_have_struct_sockaddr_storage="no" ]
 731         )
 732 ])
 733 if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
 734         AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
 735 fi
 736
 737 AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
 738         AC_TRY_COMPILE(
 739                 [
 740 #include <sys/types.h>
 741 #include <netinet/in.h>
 742                 ],
 743                 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
 744                 [ ac_cv_have_struct_sockaddr_in6="yes" ],
 745                 [ ac_cv_have_struct_sockaddr_in6="no" ]
 746         )
 747 ])
 748 if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
 749         AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
 750 fi
 751
 752 AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
 753         AC_TRY_COMPILE(
 754                 [
 755 #include <sys/types.h>
 756 #include <netinet/in.h>
 757                 ],
 758                 [ struct in6_addr s; s.s6_addr[0] = 0; ],
 759                 [ ac_cv_have_struct_in6_addr="yes" ],
 760                 [ ac_cv_have_struct_in6_addr="no" ]
 761         )
 762 ])
 763 if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
 764         AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
 765 fi
 766
 767 AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
 768         AC_TRY_COMPILE(
 769                 [
 770 #include <sys/types.h>
 771 #include <sys/socket.h>
 772 #include <netdb.h>
 773                 ],
 774                 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
 775                 [ ac_cv_have_struct_addrinfo="yes" ],
 776                 [ ac_cv_have_struct_addrinfo="no" ]
 777         )
 778 ])
 779 if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
 780         AC_DEFINE(HAVE_STRUCT_ADDRINFO)
 781 fi
 782
 783 dnl Checks for structure members
 784 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
 785 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
 786 OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
 787 OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
 788 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
 789 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
 790 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
 791 OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
 792 OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
 793 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
 794 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
 795 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
 796 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
 797 OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
 798 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
 799 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
 800 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
 801 AC_STRUCT_ST_BLKSIZE
 802
 803 AC_CACHE_CHECK([for sun_len field in struct sockaddr_un],
 804                 ac_cv_have_sun_len_in_struct_sockaddr_un, [
 805         AC_TRY_COMPILE(
 806                 [
 807 #include <sys/types.h>
 808 #include <sys/socket.h>
 809                 ],
 810                 [ struct sockaddr_un s; s.sun_len = 1; ],
 811                 [ ac_cv_have_sun_len_in_struct_sockaddr_un="yes" ],
 812                 [ ac_cv_have_sun_len_in_struct_sockaddr_un="no" ],
 813         )
 814 ])
 815 if test "x$ac_cv_have_sun_len_in_struct_sockaddr_un" = "xyes" ; then
 816         AC_DEFINE(HAVE_SUN_LEN_IN_SOCKADDR_UN)
 817 fi
 818
 819 AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
 820                 ac_cv_have_ss_family_in_struct_ss, [
 821         AC_TRY_COMPILE(
 822                 [
 823 #include <sys/types.h>
 824 #include <sys/socket.h>
 825                 ],
 826                 [ struct sockaddr_storage s; s.ss_family = 1; ],
 827                 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
 828                 [ ac_cv_have_ss_family_in_struct_ss="no" ],
 829         )
 830 ])
 831 if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
 832         AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
 833 fi
 834
 835 AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
 836                 ac_cv_have___ss_family_in_struct_ss, [
 837         AC_TRY_COMPILE(
 838                 [
 839 #include <sys/types.h>
 840 #include <sys/socket.h>
 841                 ],
 842                 [ struct sockaddr_storage s; s.__ss_family = 1; ],
 843                 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
 844                 [ ac_cv_have___ss_family_in_struct_ss="no" ]
 845         )
 846 ])
 847 if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
 848         AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
 849 fi
 850
 851 AC_CACHE_CHECK([for pw_class field in struct passwd],
 852                 ac_cv_have_pw_class_in_struct_passwd, [
 853         AC_TRY_COMPILE(
 854                 [
 855 #include <pwd.h>
 856                 ],
 857                 [ struct passwd p; p.pw_class = 0; ],
 858                 [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
 859                 [ ac_cv_have_pw_class_in_struct_passwd="no" ]
 860         )
 861 ])
 862 if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
 863         AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
 864 fi
 865
 866
 867 AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
 868         AC_TRY_LINK([],
 869                 [ extern char *__progname; printf("%s", __progname); ],
 870                 [ ac_cv_libc_defines___progname="yes" ],
 871                 [ ac_cv_libc_defines___progname="no" ]
 872         )
 873 ])
 874 if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
 875         AC_DEFINE(HAVE___PROGNAME)
 876 fi
 877
 878
 879 AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
 880         AC_TRY_LINK([],
 881                 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
 882                 [ ac_cv_libc_defines_sys_errlist="yes" ],
 883                 [ ac_cv_libc_defines_sys_errlist="no" ]
 884         )
 885 ])
 886 if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
 887         AC_DEFINE(HAVE_SYS_ERRLIST)
 888 fi
 889
 890
 891 AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
 892         AC_TRY_LINK([],
 893                 [ extern int sys_nerr; printf("%i", sys_nerr);],
 894                 [ ac_cv_libc_defines_sys_nerr="yes" ],
 895                 [ ac_cv_libc_defines_sys_nerr="no" ]
 896         )
 897 ])
 898 if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
 899         AC_DEFINE(HAVE_SYS_NERR)
 900 fi
 901
 902
 903 # Looking for programs, paths and files
 904 AC_ARG_WITH(rsh,
 905         [  --with-rsh=PATH         Specify path to remote shell program ],
 906         [
 907                 if test "x$withval" != "$no" ; then
 908                         rsh_path=$withval
 909                 fi
 910         ],
 911         [
 912                 AC_PATH_PROG(rsh_path, rsh)
 913         ]
 914 )
 915
 916 AC_ARG_WITH(xauth,
 917         [  --with-xauth=PATH       Specify path to xauth program ],
 918         [
 919                 if test "x$withval" != "$xno" ; then
 920                         xauth_path=$withval
 921                 fi
 922         ],
 923         [
 924                 AC_PATH_PROG(xauth_path, xauth,,$PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin)
 925                 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
 926                         xauth_path="/usr/openwin/bin/xauth"
 927                 fi
 928         ]
 929 )
 930
 931 if test ! -z "$xauth_path" ; then
 932         AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
 933 fi
 934 if test ! -z "$rsh_path" ; then
 935         AC_DEFINE_UNQUOTED(RSH_PATH, "$rsh_path")
 936 fi
 937
 938 # Check for mail directory (last resort if we cannot get it from headers)
 939 if test ! -z "$MAIL" ; then
 940         maildir=`dirname $MAIL`
 941         AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
 942 fi
 943
 944 if test -z "$no_dev_ptmx" ; then
 945         AC_CHECK_FILE("/dev/ptmx",
 946                 [
 947                         AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
 948                         have_dev_ptmx=1
 949                 ]
 950         )
 951 fi
 952 AC_CHECK_FILE("/dev/ptc",
 953         [
 954                 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
 955                 have_dev_ptc=1
 956         ]
 957 )
 958
 959 # Options from here on. Some of these are preset by platform above
 960
 961 # Check for user-specified random device, otherwise check /dev/urandom
 962 AC_ARG_WITH(random,
 963         [  --with-random=FILE      read randomness from FILE (default=/dev/urandom)],
 964         [
 965                 if test "x$withval" != "xno" ; then
 966                         RANDOM_POOL="$withval";
 967                         AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
 968                 fi
 969         ],
 970         [
 971                 # Check for random device
 972                 AC_CHECK_FILE("/dev/urandom",
 973                         [
 974                                 RANDOM_POOL="/dev/urandom";
 975                                 AC_SUBST(RANDOM_POOL)
 976                                 AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
 977                         ]
 978                 )
 979         ]
 980 )
 981
 982 # Check for EGD pool file
 983 AC_ARG_WITH(egd-pool,
 984         [  --with-egd-pool=FILE    read randomness from EGD pool FILE (default none)],
 985         [
 986                 if test "x$withval" != "xno" ; then
 987                         EGD_SOCKET="$withval";
 988                         AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET")
 989                 fi
 990         ]
 991 )
 992
 993 # detect pathnames for entropy gathering commands, if we need them
 994 INSTALL_SSH_PRNG_CMDS=""
 995 rm -f prng_commands
 996 if (test -z "$RANDOM_POOL" && test -z "$EGD_SOCKET") ; then
 997         # Use these commands to collect entropy
 998         OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
 999         OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
1000         OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
1001         OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
1002         OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
1003         OSSH_PATH_ENTROPY_PROG(PROG_W, w)
1004         OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
1005         OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
1006         OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
1007         OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
1008         OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
1009         OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
1010         OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
1011         OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
1012         OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
1013
1014         INSTALL_SSH_PRNG_CMDS="yes"
1015 fi
1016 AC_SUBST(INSTALL_SSH_PRNG_CMDS)
1017
1018
1019 AC_ARG_WITH(catman,
1020         [  --with-catman=man|cat   Install preformatted manpages[no]],
1021         [
1022                 MANTYPE='$(CATMAN)'
1023                 if test x"$withval" != x"yes" ; then
1024                    mansubdir=$withval
1025                 else
1026                    mansubdir=cat
1027                 fi
1028         ], [
1029                 if test -z "$MANTYPE" ; then
1030                         MANTYPE='$(TROFFMAN)'
1031                         mansubdir=man
1032                 fi
1033         ]
1034 )
1035 AC_SUBST(MANTYPE)
1036 AC_SUBST(mansubdir)
1037
1038 # Check whether user wants Kerberos support
1039 KRB4_MSG="no"
1040 AC_ARG_WITH(kerberos4,
1041         [  --with-kerberos4=PATH   Enable Kerberos 4 support],
1042         [
1043                 if test "x$withval" != "xno" ; then
1044
1045                         if test "x$withval" != "$xyes" ; then
1046                                 CFLAGS="$CFLAGS -I${withval}/include"
1047                                 LDFLAGS="$LDFLAGS -L${withval}/lib"
1048                                 if test ! -z "$need_dash_r" ; then
1049                                         LDFLAGS="$LDFLAGS -R${withval}/lib"
1050                                 fi
1051                                 if test ! -z "$blibpath" ; then
1052                                         blibpath="$blibpath:${withval}/lib"
1053                                 fi
1054                         else
1055                                 if test -d /usr/include/kerberosIV ; then
1056                                         CFLAGS="$CFLAGS -I/usr/include/kerberosIV"
1057                                 fi
1058                         fi
1059
1060                         AC_CHECK_HEADERS(krb.h)
1061                         AC_CHECK_LIB(krb, main)
1062                         if test "$ac_cv_header_krb_h" != yes; then
1063                                 AC_MSG_WARN([Cannot find krb.h, build may fail])
1064                         fi
1065                         if test "$ac_cv_lib_krb_main" != yes; then
1066                                 AC_MSG_WARN([Cannot find libkrb, build may fail])
1067                         fi
1068
1069                         KLIBS="-lkrb -ldes"
1070                         AC_CHECK_LIB(resolv, dn_expand, , )
1071                         KRB4=yes
1072                         KRB4_MSG="yes"
1073                         AC_DEFINE(KRB4)
1074                 fi
1075         ]
1076 )
1077
1078 # Check whether user wants AFS support
1079 AFS_MSG="no"
1080 AC_ARG_WITH(afs,
1081         [  --with-afs=PATH         Enable AFS support],
1082         [
1083                 if test "x$withval" != "xno" ; then
1084
1085                         if test "x$withval" != "$xyes" ; then
1086                                 CFLAGS="$CFLAGS -I${withval}/include"
1087                                 LFLAGS="$LFLAGS -L${withval}/lib"
1088                         fi
1089
1090                         if test -z "$KRB4" ; then
1091                                 AC_MSG_WARN([AFS requires Kerberos IV support, build may fail])
1092                         fi
1093
1094                         LIBS="$LIBS -lkafs"
1095                         if test ! -z "$AFS_LIBS" ; then
1096                                 LIBS="$LIBS $AFS_LIBS"
1097                         fi
1098                         AC_DEFINE(AFS)
1099                         AFS_MSG="yes"
1100                 fi
1101         ]
1102 )
1103 LIBS="$LIBS $KLIBS"
1104
1105 # Check whether user wants S/Key support
1106 SKEY_MSG="no"
1107 AC_ARG_WITH(skey,
1108         [  --with-skey             Enable S/Key support],
1109         [
1110                 if test "x$withval" != "xno" ; then
1111                         AC_DEFINE(SKEY)
1112                         LIBS="$LIBS -lskey"
1113                         SKEY_MSG="yes"
1114                 fi
1115         ]
1116 )
1117
1118 # Check whether user wants TCP wrappers support
1119 TCPW_MSG="no"
1120 AC_ARG_WITH(tcp-wrappers,
1121         [  --with-tcp-wrappers     Enable tcpwrappers support],
1122         [
1123                 if test "x$withval" != "xno" ; then
1124                         saved_LIBS="$LIBS"
1125                         LIBS="$LIBS -lwrap"
1126                         AC_MSG_CHECKING(for libwrap)
1127                         AC_TRY_LINK(
1128                                 [
1129 #include <tcpd.h>
1130                                         int deny_severity = 0, allow_severity = 0;
1131                                 ],
1132                                 [hosts_access(0);],
1133                                 [
1134                                         AC_MSG_RESULT(yes)
1135                                         AC_DEFINE(LIBWRAP)
1136                                         TCPW_MSG="yes"
1137                                 ],
1138                                 [
1139                                         AC_MSG_ERROR([*** libwrap missing])
1140                                 ]
1141                         )
1142                 fi
1143         ]
1144 )
1145
1146 # Check whether to enable MD5 passwords
1147 MD5_MSG="no"
1148 AC_ARG_WITH(md5-passwords,
1149         [  --with-md5-passwords    Enable use of MD5 passwords],
1150         [
1151                 if test "x$withval" != "xno" ; then
1152                         AC_DEFINE(HAVE_MD5_PASSWORDS)
1153                         MD5_MSG="yes"
1154                 fi
1155         ]
1156 )
1157
1158 # Whether to disable shadow password support
1159 AC_ARG_WITH(shadow,
1160         [  --without-shadow        Disable shadow password support],
1161         [
1162                 if test "x$withval" = "xno" ; then
1163                         AC_DEFINE(DISABLE_SHADOW)
1164                         disable_shadow=yes
1165                 fi
1166         ]
1167 )
1168
1169 if test -z "$disable_shadow" ; then
1170         AC_MSG_CHECKING([if the systems has expire shadow information])
1171         AC_TRY_COMPILE(
1172         [
1173 #include <sys/types.h>
1174 #include <shadow.h>
1175         struct spwd sp;
1176         ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
1177         [ sp_expire_available=yes ], []
1178         )
1179
1180         if test "x$sp_expire_available" = "xyes" ; then
1181                 AC_MSG_RESULT(yes)
1182                 AC_DEFINE(HAS_SHADOW_EXPIRE)
1183         else
1184                 AC_MSG_RESULT(no)
1185         fi
1186 fi
1187
1188 # Use ip address instead of hostname in $DISPLAY
1189 if test ! -z "$IPADDR_IN_DISPLAY" ; then
1190         DISPLAY_HACK_MSG="yes"
1191         AC_DEFINE(IPADDR_IN_DISPLAY)
1192 else
1193         DISPLAY_HACK_MSG="no"
1194         AC_ARG_WITH(ipaddr-display,
1195                 [  --with-ipaddr-display   Use ip address instead of hostname in \$DISPLAY],
1196                 [
1197                         if test "x$withval" != "xno" ; then
1198                                 AC_DEFINE(IPADDR_IN_DISPLAY)
1199                                 DISPLAY_HACK_MSG="yes"
1200                         fi
1201                 ]
1202         )
1203 fi
1204
1205 # Whether to mess with the default path
1206 SERVER_PATH_MSG="(default)"
1207 AC_ARG_WITH(default-path,
1208         [  --with-default-path=PATH Specify default \$PATH environment for server],
1209         [
1210                 if test "x$withval" != "xno" ; then
1211                         AC_DEFINE_UNQUOTED(USER_PATH, "$withval")
1212                         SERVER_PATH_MSG="$withval"
1213                 fi
1214         ]
1215 )
1216
1217 # Whether to force IPv4 by default (needed on broken glibc Linux)
1218 IPV4_HACK_MSG="no"
1219 AC_ARG_WITH(ipv4-default,
1220         [  --with-ipv4-default     Use IPv4 by connections unless '-6' specified],
1221         [
1222                 if test "x$withval" != "xno" ; then
1223                         AC_DEFINE(IPV4_DEFAULT)
1224                         IPV4_HACK_MSG="yes"
1225                 fi
1226         ]
1227 )
1228
1229 AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
1230 IPV4_IN6_HACK_MSG="no"
1231 AC_ARG_WITH(4in6,
1232         [  --with-4in6             Check for and convert IPv4 in IPv6 mapped addresses],
1233         [
1234                 if test "x$withval" != "xno" ; then
1235                         AC_MSG_RESULT(yes)
1236                         AC_DEFINE(IPV4_IN_IPV6)
1237                         IPV4_IN6_HACK_MSG="yes"
1238                 else
1239                         AC_MSG_RESULT(no)
1240                 fi
1241         ],[
1242                 if test "x$inet6_default_4in6" = "xyes"; then
1243                         AC_MSG_RESULT([yes (default)])
1244                         AC_DEFINE(IPV4_IN_IPV6)
1245                         IPV4_IN6_HACK_MSG="yes"
1246                 else
1247                         AC_MSG_RESULT([no (default)])
1248                 fi
1249         ]
1250 )
1251
1252 AC_MSG_CHECKING(whether to install ssh as suid root)
1253 AC_ARG_ENABLE(suid-ssh,
1254 [  --enable-suid-ssh       Install ssh as suid root (default)
1255   --disable-suid-ssh      Install ssh without suid bit],
1256 [ case "$enableval" in
1257   no)
1258        AC_MSG_RESULT(no)
1259        SSHMODE=0711
1260        ;;
1261   *)   AC_MSG_RESULT(yes)
1262        SSHMODE=04711
1263        ;;
1264   esac ],
1265   AC_MSG_RESULT(yes)
1266   SSHMODE=04711
1267 )
1268 AC_SUBST(SSHMODE)
1269
1270
1271 # Where to place sshd.pid
1272 piddir=/var/run
1273 AC_ARG_WITH(pid-dir,
1274         [  --with-pid-dir=PATH     Specify location of ssh.pid file],
1275         [
1276                 if test "x$withval" != "xno" ; then
1277                         piddir=$withval
1278                 fi
1279         ]
1280 )
1281
1282 # make sure the directory exists
1283 if test ! -d $piddir ; then
1284         piddir=`eval echo ${sysconfdir}`
1285         case $piddir in
1286                 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
1287         esac
1288 fi
1289
1290 AC_DEFINE_UNQUOTED(PIDDIR, "$piddir")
1291 AC_SUBST(piddir)
1292
1293 dnl allow user to disable some login recording features
1294 AC_ARG_ENABLE(lastlog,
1295         [  --disable-lastlog       disable use of lastlog even if detected [no]],
1296         [ AC_DEFINE(DISABLE_LASTLOG) ]
1297 )
1298 AC_ARG_ENABLE(utmp,
1299         [  --disable-utmp          disable use of utmp even if detected [no]],
1300         [ AC_DEFINE(DISABLE_UTMP) ]
1301 )
1302 AC_ARG_ENABLE(utmpx,
1303         [  --disable-utmpx         disable use of utmpx even if detected [no]],
1304         [ AC_DEFINE(DISABLE_UTMPX) ]
1305 )
1306 AC_ARG_ENABLE(wtmp,
1307         [  --disable-wtmp          disable use of wtmp even if detected [no]],
1308         [ AC_DEFINE(DISABLE_WTMP) ]
1309 )
1310 AC_ARG_ENABLE(wtmpx,
1311         [  --disable-wtmpx         disable use of wtmpx even if detected [no]],
1312         [ AC_DEFINE(DISABLE_WTMPX) ]
1313 )
1314 AC_ARG_ENABLE(libutil,
1315         [  --disable-libutil       disable use of libutil (login() etc.) [no]],
1316         [ AC_DEFINE(DISABLE_LOGIN) ]
1317 )
1318 AC_ARG_ENABLE(pututline,
1319         [  --disable-pututline     disable use of pututline() etc. ([uw]tmp) [no]],
1320         [ AC_DEFINE(DISABLE_PUTUTLINE) ]
1321 )
1322 AC_ARG_ENABLE(pututxline,
1323         [  --disable-pututxline    disable use of pututxline() etc. ([uw]tmpx) [no]],
1324         [ AC_DEFINE(DISABLE_PUTUTXLINE) ]
1325 )
1326 AC_ARG_WITH(lastlog,
1327   [  --with-lastlog=FILE|DIR specify lastlog location [common locations]],
1328   [ conf_lastlog_location="$withval";  ],)
1329
1330 dnl lastlog, [uw]tmpx? detection
1331 dnl  NOTE: set the paths in the platform section to avoid the
1332 dnl   need for command-line parameters
1333 dnl lastlog and [uw]tmp are subject to a file search if all else fails
1334
1335 dnl lastlog detection
1336 dnl  NOTE: the code itself will detect if lastlog is a directory
1337 AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
1338 AC_TRY_COMPILE([
1339 #include <sys/types.h>
1340 #include <utmp.h>
1341 #ifdef HAVE_LASTLOG_H
1342 #  include <lastlog.h>
1343 #endif
1344 #ifdef HAVE_PATHS_H
1345 #  include <paths.h>
1346 #endif
1347         ],
1348         [ char *lastlog = LASTLOG_FILE; ],
1349         [ AC_MSG_RESULT(yes) ],
1350         [
1351                 AC_MSG_RESULT(no)
1352                 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
1353                 AC_TRY_COMPILE([
1354 #include <sys/types.h>
1355 #include <utmp.h>
1356 #ifdef HAVE_LASTLOG_H
1357 #  include <lastlog.h>
1358 #endif
1359 #ifdef HAVE_PATHS_H
1360 #  include <paths.h>
1361 #endif
1362                 ],
1363                 [ char *lastlog = _PATH_LASTLOG; ],
1364                 [ AC_MSG_RESULT(yes) ],
1365                 [
1366                         AC_MSG_RESULT(no)
1367                         system_lastlog_path=no
1368                 ])
1369         ]
1370 )
1371
1372 if test -z "$conf_lastlog_location"; then
1373         if test x"$system_lastlog_path" = x"no" ; then
1374                 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
1375                                 if (test -d "$f" || test -f "$f") ; then
1376                                         conf_lastlog_location=$f
1377                                 fi
1378                 done
1379                 if test -z "$conf_lastlog_location"; then
1380                         AC_MSG_WARN([** Cannot find lastlog **])
1381                         dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1382                 fi
1383         fi
1384 fi
1385
1386 if test -n "$conf_lastlog_location"; then
1387         AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
1388 fi
1389
1390 dnl utmp detection
1391 AC_MSG_CHECKING([if your system defines UTMP_FILE])
1392 AC_TRY_COMPILE([
1393 #include <sys/types.h>
1394 #include <utmp.h>
1395 #ifdef HAVE_PATHS_H
1396 #  include <paths.h>
1397 #endif
1398         ],
1399         [ char *utmp = UTMP_FILE; ],
1400         [ AC_MSG_RESULT(yes) ],
1401         [ AC_MSG_RESULT(no)
1402           system_utmp_path=no ]
1403 )
1404 if test -z "$conf_utmp_location"; then
1405         if test x"$system_utmp_path" = x"no" ; then
1406                 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
1407                         if test -f $f ; then
1408                                 conf_utmp_location=$f
1409                         fi
1410                 done
1411                 if test -z "$conf_utmp_location"; then
1412                         AC_DEFINE(DISABLE_UTMP)
1413                 fi
1414         fi
1415 fi
1416 if test -n "$conf_utmp_location"; then
1417         AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
1418 fi
1419
1420 dnl wtmp detection
1421 AC_MSG_CHECKING([if your system defines WTMP_FILE])
1422 AC_TRY_COMPILE([
1423 #include <sys/types.h>
1424 #include <utmp.h>
1425 #ifdef HAVE_PATHS_H
1426 #  include <paths.h>
1427 #endif
1428         ],
1429         [ char *wtmp = WTMP_FILE; ],
1430         [ AC_MSG_RESULT(yes) ],
1431         [ AC_MSG_RESULT(no)
1432           system_wtmp_path=no ]
1433 )
1434 if test -z "$conf_wtmp_location"; then
1435         if test x"$system_wtmp_path" = x"no" ; then
1436                 for f in /usr/adm/wtmp /var/log/wtmp; do
1437                         if test -f $f ; then
1438                                 conf_wtmp_location=$f
1439                         fi
1440                 done
1441                 if test -z "$conf_wtmp_location"; then
1442                         AC_DEFINE(DISABLE_WTMP)
1443                 fi
1444         fi
1445 fi
1446 if test -n "$conf_wtmp_location"; then
1447         AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
1448 fi
1449
1450
1451 dnl utmpx detection - I don't know any system so perverse as to require
1452 dnl  utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
1453 dnl  there, though.
1454 AC_MSG_CHECKING([if your system defines UTMPX_FILE])
1455 AC_TRY_COMPILE([
1456 #include <sys/types.h>
1457 #include <utmp.h>
1458 #ifdef HAVE_UTMPX_H
1459 #include <utmpx.h>
1460 #endif
1461 #ifdef HAVE_PATHS_H
1462 #  include <paths.h>
1463 #endif
1464         ],
1465         [ char *utmpx = UTMPX_FILE; ],
1466         [ AC_MSG_RESULT(yes) ],
1467         [ AC_MSG_RESULT(no)
1468           system_utmpx_path=no ]
1469 )
1470 if test -z "$conf_utmpx_location"; then
1471         if test x"$system_utmpx_path" = x"no" ; then
1472                 AC_DEFINE(DISABLE_UTMPX)
1473         fi
1474 else
1475         AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
1476 fi
1477
1478 dnl wtmpx detection
1479 AC_MSG_CHECKING([if your system defines WTMPX_FILE])
1480 AC_TRY_COMPILE([
1481 #include <sys/types.h>
1482 #include <utmp.h>
1483 #ifdef HAVE_UTMPX_H
1484 #include <utmpx.h>
1485 #endif
1486 #ifdef HAVE_PATHS_H
1487 #  include <paths.h>
1488 #endif
1489         ],
1490         [ char *wtmpx = WTMPX_FILE; ],
1491         [ AC_MSG_RESULT(yes) ],
1492         [ AC_MSG_RESULT(no)
1493           system_wtmpx_path=no ]
1494 )
1495 if test -z "$conf_wtmpx_location"; then
1496         if test x"$system_wtmpx_path" = x"no" ; then
1497                 AC_DEFINE(DISABLE_WTMPX)
1498         fi
1499 else
1500         AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
1501 fi
1502
1503
1504 # Change default command timeout for builtin PRNG
1505 entropy_timeout=200
1506 AC_ARG_WITH(entropy-timeout,
1507         [  --with-entropy-timeout  Specify entropy gathering command timeout (msec)],
1508         [
1509                 if test "x$withval" != "xno" ; then
1510                         entropy_timeout=$withval
1511                 fi
1512         ]
1513 )
1514 AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1515
1516
1517 if test ! -z "$blibpath" ; then
1518         LDFLAGS="$LDFLAGS -blibpath:$blibpath"
1519         AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile])
1520 fi
1521
1522 AC_EXEEXT
1523
1524 AC_OUTPUT(Makefile ssh_prng_cmds)
1525
1526 # Print summary of options
1527
1528 if test x$MANTYPE = x'$(CATMAN)' ; then
1529         MAN_MSG=cat
1530 else
1531         MAN_MSG=man
1532 fi
1533 if test ! -z "$RANDOM_POOL" ; then
1534         RAND_MSG="Device ($RANDOM_POOL)"
1535 else
1536         if test ! -z "$EGD_SOCKET" ; then
1537                 RAND_MSG="EGD ($EGD_SOCKET)"
1538         else
1539                 RAND_MSG="Builtin (timeout $entropy_timeout)"
1540                 BUILTIN_RNG=1
1541         fi
1542 fi
1543
1544 # Someone please show me a better way :)
1545 A=`eval echo ${prefix}` ; A=`eval echo ${A}`
1546 B=`eval echo ${bindir}` ; B=`eval echo ${B}`
1547 C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
1548 D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
1549 E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
1550 F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
1551 G=`eval echo ${piddir}` ; G=`eval echo ${G}`
1552
1553 echo ""
1554 echo "OpenSSH configured has been configured with the following options."
1555 echo "                 User binaries: $B"
1556 echo "                 User binaries: $B"
1557 echo "               System binaries: $C"
1558 echo "           Configuration files: $D"
1559 echo "               Askpass program: $E"
1560 echo "                  Manual pages: $F"
1561 echo "                      PID file: $G"
1562 echo "      Random number collection: $RAND_MSG"
1563 echo "                Manpage format: $MAN_MSG"
1564 echo "                   PAM support: ${PAM_MSG}"
1565 echo "            KerberosIV support: $KRB4_MSG"
1566 echo "                   AFS support: $AFS_MSG"
1567 echo "                 S/KEY support: $SKEY_MSG"
1568 echo "          TCP Wrappers support: $TCPW_MSG"
1569 echo "          MD5 password support: $MD5_MSG"
1570 echo "   IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
1571 echo "      Use IPv4 by default hack: $IPV4_HACK_MSG"
1572 echo "       Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
1573
1574 echo ""
1575
1576 echo "             Host: ${host}"
1577 echo "         Compiler: ${CC}"
1578 echo "   Compiler flags: ${CFLAGS}"
1579 echo "     Linker flags: ${LDFLAGS}"
1580 echo "        Libraries: ${LIBS}"
1581
1582 echo ""
1583
1584 if test ! -z "$BUILTIN_RNG" ; then
1585         echo "WARNING: you are using the builtin random number collection service."
1586         echo "Please read WARNING.RNG and request that your OS vendor includes"
1587         echo "/dev/random in future versions of their OS."
1588         echo ""
1589 fi