3 AC_CONFIG_HEADER(config.h)
11 AC_CHECK_PROG(AR, ar, ar)
12 AC_PATH_PROG(PERL, perl)
14 AC_PATH_PROG(ENT, ent)
17 if test -z "$LD" ; then
24 if test "$GCC" = "yes"; then
25 CFLAGS="$CFLAGS -Wall"
28 # Check for some target-specific stuff
32 CFLAGS="$CFLAGS -I/usr/local/include"
33 LDFLAGS="$LDFLAGS -L/usr/local/lib"
34 if test "$LD" != "gcc" -a -z "$blibpath"; then
35 blibpath="/usr/lib:/lib:/usr/local/lib"
37 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)])
38 AC_DEFINE(BROKEN_GETADDRINFO)
41 dnl AIX handles lastlog as part of its login message
42 AC_DEFINE(DISABLE_LASTLOG)
45 if test -z "$GCC"; then
48 CFLAGS="$CFLAGS -D_HPUX_SOURCE"
49 AC_DEFINE(IPADDR_IN_DISPLAY)
50 AC_MSG_CHECKING(for HPUX trusted system password database)
51 if test -f /tcb/files/auth/system/default; then
53 AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW)
55 AC_MSG_WARN([This configuration is untested])
58 AC_DEFINE(DISABLE_SHADOW)
64 if test -z "$GCC"; then
67 CFLAGS="$CFLAGS -D_HPUX_SOURCE"
68 AC_DEFINE(IPADDR_IN_DISPLAY)
69 AC_MSG_CHECKING(for HPUX trusted system password database)
70 if test -f /tcb/files/auth/system/default; then
72 AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW)
74 AC_MSG_WARN([This configuration is untested])
77 AC_DEFINE(DISABLE_SHADOW)
83 CFLAGS="$CFLAGS -I/usr/local/include"
90 CFLAGS="$CFLAGS -I/usr/local/include"
93 AC_MSG_WARN([*** Irix 6.x is not tested, please report you experiences *** ])
99 AC_DEFINE(DONT_TRY_OTHER_AF)
100 inet6_default_4in6=yes
106 CFLAGS="$CFLAGS -I/usr/local/include"
107 LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib -L/usr/ucblib -R/usr/ucblib"
109 # hardwire lastlog location (can't detect it on some versions)
110 conf_lastlog_location="/var/adm/lastlog"
111 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
112 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
113 if test "$sol2ver" -ge 8; then
115 AC_DEFINE(DISABLE_UTMP)
116 AC_DEFINE(DISABLE_WTMP)
122 CFLAGS="$CFLAGS -DSUNOS4"
123 AC_CHECK_FUNCS(getpwanam)
126 CFLAGS="$CFLAGS -I/usr/local/include"
127 LDFLAGS="$LDFLAGS -L/usr/local/lib"
130 LIBS="$LIBS -lgen -lsocket"
134 # Allow user to specify flags
136 [ --with-cflags Specify additional flags to pass to compiler],
138 if test "x$withval" != "xno" ; then
139 CFLAGS="$CFLAGS $withval"
144 [ --with-ldlags Specify additional flags to pass to linker],
146 if test "x$withval" != "xno" ; then
147 LDFLAGS="$LDFLAGS $withval"
152 [ --with-libs Specify additional libraries to link with],
154 if test "x$withval" != "xno" ; then
155 LIBS="$LIBS $withval"
161 # Checks for libraries.
162 AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
163 AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")
165 if test -z "$no_libsocket" ; then
166 AC_CHECK_LIB(nsl, yp_match, , )
168 if test -z "$no_libnsl" ; then
169 AC_CHECK_LIB(socket, main, , )
172 # Checks for header files.
173 AC_CHECK_HEADERS(bstring.h endian.h lastlog.h login.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h util.h utmp.h utmpx.h)
175 # Checks for library functions.
176 AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage innetgr md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy vsnprintf vhangup _getpty __b64_ntop)
177 dnl checks for time functions
178 AC_CHECK_FUNCS(gettimeofday time)
179 dnl checks for libutil functions
180 AC_CHECK_FUNCS(login logout updwtmp logwtmp)
181 dnl checks for utmp functions
182 AC_CHECK_FUNCS(entutent getutent getutid getutline pututline setutent)
183 AC_CHECK_FUNCS(utmpname)
184 dnl checks for utmpx functions
185 AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline )
186 AC_CHECK_FUNCS(setutxent utmpxname)
189 [AC_DEFINE(HAVE_LOGIN)],
190 [AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_LOGIN)])]
193 AC_CHECK_FUNC(daemon,
194 [AC_DEFINE(HAVE_DAEMON)],
195 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
198 AC_CHECK_FUNC(getpagesize,
199 [AC_DEFINE(HAVE_GETPAGESIZE)],
200 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
204 [ --without-pam Disable PAM support ],
206 if test "x$withval" = "xno" ; then
208 AC_DEFINE(DISABLE_PAM)
212 if test -z "$no_pam" -a "x$ac_cv_header_security_pam_appl_h" = "xyes" ; then
213 AC_CHECK_LIB(dl, dlopen, , )
216 AC_CHECK_FUNCS(pam_getenvlist)
218 # Check PAM strerror arguments (old PAM)
219 AC_MSG_CHECKING([whether pam_strerror takes only one argument])
223 #include <security/pam_appl.h>
225 [(void)pam_strerror((pam_handle_t *)NULL, -1);],
228 AC_DEFINE(HAVE_OLD_PAM)
234 # The big search for OpenSSL
236 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
238 if test "x$withval" != "$xno" ; then
245 saved_LDFLAGS="$LDFLAGS"
246 saved_CFLAGS="$CFLAGS"
247 if test "x$prefix" != "xNONE" ; then
248 tryssldir="$tryssldir $prefix"
250 AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
252 for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
253 if test ! -z "$ssldir" ; then
254 LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
255 CFLAGS="$saved_CFLAGS -I$ssldir/include"
256 if test ! -z "$need_dash_r" ; then
257 LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
260 LDFLAGS="$saved_LDFLAGS"
263 LIBS="$saved_LIBS -lcrypto"
265 # Basic test to check for compatible version and correct linking
266 # *does not* test for RSA - that comes later.
270 #include <openssl/rand.h>
274 memset(a, 0, sizeof(a));
275 RAND_add(a, sizeof(a), sizeof(a));
276 return(RAND_status() <= 0);
285 if test ! -z "$found_crypto" ; then
290 if test -z "$found_crypto" ; then
291 AC_MSG_ERROR([Could not find working SSLeay / OpenSSL libraries, please install])
293 if test -z "$ssldir" ; then
297 ac_cv_openssldir=$ssldir
300 if test ! -z "$ac_cv_openssldir" -a ! "x$ac_cv_openssldir" = "x(system)" ; then
301 AC_DEFINE(HAVE_OPENSSL)
302 dnl Need to recover ssldir - test above runs in subshell
303 ssldir=$ac_cv_openssldir
304 CFLAGS="$saved_CFLAGS -I$ssldir/include"
305 LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
306 if test ! -z "$need_dash_r" ; then
307 LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
309 if test ! -z "$blibpath" ; then
310 blibpath="$blibpath:$ssldir:$ssldir/lib"
313 LIBS="$saved_LIBS -lcrypto"
315 # Now test RSA support
317 AC_MSG_CHECKING([for RSA support])
318 for WANTS_RSAREF in "" 1 ; do
319 if test -z "$WANTS_RSAREF" ; then
322 LIBS="$saved_LIBS -lRSAglue -lrsaref"
326 #include <openssl/rand.h>
327 #include <openssl/rsa.h>
328 #include <openssl/bn.h>
329 #include <openssl/sha.h>
332 int num; RSA *key; static unsigned char p_in[] = "blahblah";
333 unsigned char c[256], p[256];
334 memset(c, 0, sizeof(c)); RAND_add(c, sizeof(c), sizeof(c));
335 if ((key=RSA_generate_key(512, 3, NULL, NULL))==NULL) return(1);
336 num = RSA_public_encrypt(sizeof(p_in) - 1, p_in, c, key, RSA_PKCS1_PADDING);
337 return(-1 == RSA_private_decrypt(num, c, p, key, RSA_PKCS1_PADDING));
346 if test ! -z "$no_rsa" ; then
347 AC_MSG_RESULT(disabled)
349 if test -z "$rsa_works" ; then
350 AC_MSG_WARN([*** No RSA support found *** ])
352 if test -z "$WANTS_RSAREF" ; then
355 AC_MSG_RESULT(using RSAref)
356 LIBS="$saved_LIBS -lcrypto -lRSAglue -lrsaref"
361 # Checks for data types
362 AC_CHECK_SIZEOF(char, 1)
363 AC_CHECK_SIZEOF(short int, 2)
364 AC_CHECK_SIZEOF(int, 4)
365 AC_CHECK_SIZEOF(long int, 4)
366 AC_CHECK_SIZEOF(long long int, 8)
368 # More checks for data types
369 AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
371 [ #include <sys/types.h> ],
372 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
373 [ ac_cv_have_intxx_t="yes" ],
374 [ ac_cv_have_intxx_t="no" ]
377 if test "x$ac_cv_have_intxx_t" = "xyes" ; then
378 AC_DEFINE(HAVE_INTXX_T)
382 AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
384 [ #include <sys/types.h> ],
385 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
386 [ ac_cv_have_u_intxx_t="yes" ],
387 [ ac_cv_have_u_intxx_t="no" ]
390 if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
391 AC_DEFINE(HAVE_U_INTXX_T)
396 if test -z "$have_u_intxx_t" -o -z "$have_intxx_t" -a \
397 "x$ac_cv_header_sys_bitypes_h" = "xyes"
399 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
402 #include <sys/bitypes.h>
405 int8_t a; int16_t b; int32_t c;
406 u_int8_t e; u_int16_t f; u_int32_t g;
407 a = b = c = e = f = g = 1;
410 AC_DEFINE(HAVE_U_INTXX_T)
411 AC_DEFINE(HAVE_INTXX_T)
418 if test -z "$have_u_intxx_t" ; then
419 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
422 #include <sys/types.h>
424 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
425 [ ac_cv_have_uintxx_t="yes" ],
426 [ ac_cv_have_uintxx_t="no" ]
429 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
430 AC_DEFINE(HAVE_UINTXX_T)
434 AC_CACHE_CHECK([for socklen_t], ac_cv_have_socklen_t, [
437 #include <sys/types.h>
438 #include <sys/socket.h>
440 [socklen_t foo; foo = 1235;],
441 [ ac_cv_have_socklen_t="yes" ],
442 [ ac_cv_have_socklen_t="no" ]
445 if test "x$ac_cv_have_socklen_t" = "xyes" ; then
446 AC_DEFINE(HAVE_SOCKLEN_T)
449 AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
452 #include <sys/types.h>
454 [ size_t foo; foo = 1235; ],
455 [ ac_cv_have_size_t="yes" ],
456 [ ac_cv_have_size_t="no" ]
459 if test "x$ac_cv_have_size_t" = "xyes" ; then
460 AC_DEFINE(HAVE_SIZE_T)
463 AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
466 #include <sys/types.h>
468 [ ssize_t foo; foo = 1235; ],
469 [ ac_cv_have_ssize_t="yes" ],
470 [ ac_cv_have_ssize_t="no" ]
473 if test "x$ac_cv_have_ssize_t" = "xyes" ; then
474 AC_DEFINE(HAVE_SSIZE_T)
478 AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
481 #include <sys/types.h>
482 #include <sys/socket.h>
484 [ struct sockaddr_storage s; ],
485 [ ac_cv_have_struct_sockaddr_storage="yes" ],
486 [ ac_cv_have_struct_sockaddr_storage="no" ]
489 if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
490 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE)
493 AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
496 #include <netinet/in.h>
498 [ struct sockaddr_in6 s; s.sin6_family = 0; ],
499 [ ac_cv_have_struct_sockaddr_in6="yes" ],
500 [ ac_cv_have_struct_sockaddr_in6="no" ]
503 if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
504 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6)
507 AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
510 #include <netinet/in.h>
512 [ struct in6_addr s; s.s6_addr[0] = 0; ],
513 [ ac_cv_have_struct_in6_addr="yes" ],
514 [ ac_cv_have_struct_in6_addr="no" ]
517 if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
518 AC_DEFINE(HAVE_STRUCT_IN6_ADDR)
521 AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
524 #include <sys/types.h>
525 #include <sys/socket.h>
528 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
529 [ ac_cv_have_struct_addrinfo="yes" ],
530 [ ac_cv_have_struct_addrinfo="no" ]
533 if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
534 AC_DEFINE(HAVE_STRUCT_ADDRINFO)
538 # Checks for structure members
540 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
541 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
542 OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
543 OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
544 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
545 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
546 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
547 OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
548 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
549 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
550 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
551 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
552 OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
553 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
554 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
555 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
559 AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
560 ac_cv_have_ss_family_in_struct_ss, [
563 #include <sys/types.h>
564 #include <sys/socket.h>
566 [ struct sockaddr_storage s; s.ss_family = 1; ],
567 [ ac_cv_have_ss_family_in_struct_ss="yes" ],
568 [ ac_cv_have_ss_family_in_struct_ss="no" ],
571 if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
572 AC_DEFINE(HAVE_SS_FAMILY_IN_SS)
576 AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
577 ac_cv_have___ss_family_in_struct_ss, [
580 #include <sys/types.h>
581 #include <sys/socket.h>
583 [ struct sockaddr_storage s; s.__ss_family = 1; ],
584 [ ac_cv_have___ss_family_in_struct_ss="yes" ],
585 [ ac_cv_have___ss_family_in_struct_ss="no" ]
588 if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
589 AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
593 AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
595 [ extern char *__progname; printf("%s", __progname); ],
596 [ ac_cv_libc_defines___progname="yes" ],
597 [ ac_cv_libc_defines___progname="no" ]
600 if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
601 AC_DEFINE(HAVE___PROGNAME)
605 # Looking for programs, paths and files
607 [ --with-rsh=PATH Specify path to remote shell program ],
609 if test "x$withval" != "$no" ; then
610 AC_DEFINE_UNQUOTED(RSH_PATH, "$withval")
614 AC_PATH_PROG(rsh_path, rsh)
619 [ --with-xauth=PATH Specify path to xauth program ],
621 if test "x$withval" != "$xno" ; then
622 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$withval")
626 AC_PATH_PROG(xauth_path, xauth)
627 if test ! -z "$xauth_path" -a -x "/usr/openwin/bin/xauth" ; then
628 xauth_path="/usr/openwin/bin/xauth"
633 if test ! -z "$xauth_path" ; then
634 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
636 if test ! -z "$rsh_path" ; then
637 AC_DEFINE_UNQUOTED(RSH_PATH, "$rsh_path")
640 # Check for mail directory (last resort if we cannot get it from headers)
641 if test ! -z "$MAIL" ; then
642 maildir=`dirname $MAIL`
643 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
646 if test -z "$no_dev_ptmx" ; then
647 AC_CHECK_FILE("/dev/ptmx",
649 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
654 AC_CHECK_FILE("/dev/ptc",
656 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
661 # Options from here on. Some of these are preset by platform above
663 # Check for user-specified random device, otherwise check /dev/urandom
665 [ --with-random=FILE read randomness from FILE (default=/dev/urandom)],
667 if test "x$withval" != "xno" ; then
668 RANDOM_POOL="$withval";
669 AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
673 # Check for random device
674 AC_CHECK_FILE("/dev/urandom",
676 RANDOM_POOL="/dev/urandom";
677 AC_SUBST(RANDOM_POOL)
678 AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
684 # Check for EGD pool file
685 AC_ARG_WITH(egd-pool,
686 [ --with-egd-pool=FILE read randomness from EGD pool FILE (default none)],
688 if test "x$withval" != "xno" ; then
689 EGD_SOCKET="$withval";
690 AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET")
695 # detect pathnames for entropy gathering commands, if we need them
696 INSTALL_SSH_PRNG_CMDS=""
698 if test -z "$RANDOM_POOL" -a -z "$EGD_SOCKET" ; then
699 # Use these commands to collect entropy
700 OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
701 OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
702 OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
703 OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
704 OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
705 OSSH_PATH_ENTROPY_PROG(PROG_W, w)
706 OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
707 OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
708 OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
709 OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
710 OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
711 OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
712 OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
713 OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
714 OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
716 INSTALL_SSH_PRNG_CMDS="yes"
718 AC_SUBST(INSTALL_SSH_PRNG_CMDS)
722 [ --with-catman=man|cat Install preformatted manpages[no]],
725 if test x"$withval" != x"yes" ; then
731 if test -z "$MANTYPE" ; then
732 MANTYPE='$(TROFFMAN)'
740 # Check whether user wants Kerberos support
741 AC_ARG_WITH(kerberos4,
742 [ --with-kerberos4=PATH Enable Kerberos 4 support],
744 if test "x$withval" != "xno" ; then
746 if test "x$withval" != "$xyes" ; then
747 CFLAGS="$CFLAGS -I${withval}/include"
748 LDFLAGS="$LDFLAGS -L${withval}/lib"
749 if test ! -z "$need_dash_r" ; then
750 LDFLAGS="$LDFLAGS -R${withval}/lib"
752 if test ! -z "$blibpath" ; then
753 blibpath="$blibpath:${withval}/lib"
756 if test -d /usr/include/kerberosIV ; then
757 CFLAGS="$CFLAGS -I/usr/include/kerberosIV"
761 AC_CHECK_HEADERS(krb.h)
762 AC_CHECK_LIB(krb, main)
763 if test "$ac_cv_header_krb_h" != yes; then
764 AC_MSG_WARN([Cannot find krb.h, build may fail])
766 if test "$ac_cv_lib_krb_main" != yes; then
767 AC_MSG_WARN([Cannot find libkrb, build may fail])
771 AC_CHECK_LIB(resolv, dn_expand, , )
778 # Check whether user wants AFS support
780 [ --with-afs=PATH Enable AFS support],
782 if test "x$withval" != "xno" ; then
784 if test "x$withval" != "$xyes" ; then
785 CFLAGS="$CFLAGS -I${withval}/include"
786 LFLAGS="$LFLAGS -L${withval}/lib"
789 if test -z "$KRB4" ; then
790 AC_MSG_WARN([AFS requires Kerberos IV support, build may fail])
794 if test ! -z "$AFS_LIBS" ; then
795 LIBS="$LIBS $AFS_LIBS"
803 # Check whether user wants S/Key support
805 [ --with-skey Enable S/Key support],
807 if test "x$withval" != "xno" ; then
814 # Check whether user wants TCP wrappers support
815 AC_ARG_WITH(tcp-wrappers,
816 [ --with-tcp-wrappers Enable tcpwrappers support],
818 if test "x$withval" != "xno" ; then
821 AC_MSG_CHECKING(for libwrap)
825 int deny_severity = 0, allow_severity = 0;
834 AC_MSG_WARN([*** libwrap missing - tcpwrapper support disabled ***])
842 # Check whether to enable MD5 passwords
843 AC_ARG_WITH(md5-passwords,
844 [ --with-md5-passwords Enable use of MD5 passwords],
846 if test "x$withval" != "xno" ; then
847 AC_DEFINE(HAVE_MD5_PASSWORDS)
852 # Whether to disable shadow password support
854 [ --without-shadow Disable shadow password support],
856 if test "x$withval" = "xno" ; then
857 AC_DEFINE(DISABLE_SHADOW)
862 # Use ip address instead of hostname in $DISPLAY
863 AC_ARG_WITH(ipaddr-display,
864 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
866 if test "x$withval" = "xno" ; then
867 AC_DEFINE(IPADDR_IN_DISPLAY)
872 # Whether to mess with the default path
873 AC_ARG_WITH(default-path,
874 [ --with-default-path=PATH Specify default \$PATH environment for server],
876 if test "x$withval" != "xno" ; then
877 AC_DEFINE_UNQUOTED(USER_PATH, "$withval")
882 # Whether to force IPv4 by default (needed on broken glibc Linux)
883 AC_ARG_WITH(ipv4-default,
884 [ --with-ipv4-default Use IPv4 by connections unless '-6' specified],
886 if test "x$withval" != "xno" ; then
887 AC_DEFINE(IPV4_DEFAULT)
892 AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
894 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
896 if test "x$withval" != "xno" ; then
898 AC_DEFINE(IPV4_IN_IPV6)
903 if test "x$inet6_default_4in6" = "xyes"; then
904 AC_MSG_RESULT([yes (default)])
905 AC_DEFINE(IPV4_IN_IPV6)
907 AC_MSG_RESULT([no (default)])
912 # Where to place sshd.pid
915 [ --with-pid-dir=PATH Specify location of ssh.pid file],
917 if test "x$withval" != "xno" ; then
923 AC_DEFINE_UNQUOTED(PIDDIR, "$piddir")
926 dnl allow user to disable some login recording features
927 AC_ARG_ENABLE(lastlog,
928 [ --disable-lastlog disable use of lastlog even if detected [no]],
929 [ AC_DEFINE(DISABLE_LASTLOG) ]
932 [ --disable-utmp disable use of utmp even if detected [no]],
933 [ AC_DEFINE(DISABLE_UTMP) ]
936 [ --disable-utmpx disable use of utmpx even if detected [no]],
937 [ AC_DEFINE(DISABLE_UTMPX) ]
940 [ --disable-wtmp disable use of wtmp even if detected [no]],
941 [ AC_DEFINE(DISABLE_WTMP) ]
944 [ --disable-wtmpx disable use of wtmpx even if detected [no]],
945 [ AC_DEFINE(DISABLE_WTMPX) ]
947 AC_ARG_ENABLE(libutil,
948 [ --disable-libutil disable use of libutil (login() etc.) [no]],
949 [ AC_DEFINE(DISABLE_LOGIN) ]
951 AC_ARG_ENABLE(pututline,
952 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
953 [ AC_DEFINE(DISABLE_PUTUTLINE) ]
955 AC_ARG_ENABLE(pututxline,
956 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
957 [ AC_DEFINE(DISABLE_PUTUTXLINE) ]
960 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
961 [ conf_lastlog_location="$withval"; ],)
963 dnl lastlog, [uw]tmpx? detection
964 dnl NOTE: set the paths in the platform section to avoid the
965 dnl need for command-line parameters
966 dnl lastlog and [uw]tmp are subject to a file search if all else fails
968 dnl lastlog detection
969 dnl NOTE: the code itself will detect if lastlog is a directory
970 AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
972 #include <sys/types.h>
974 #ifdef HAVE_LASTLOG_H
975 # include <lastlog.h>
981 [ char *lastlog = LASTLOG_FILE; ],
982 [ AC_MSG_RESULT(yes) ],
985 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
987 #include <sys/types.h>
989 #ifdef HAVE_LASTLOG_H
990 # include <lastlog.h>
996 [ char *lastlog = _PATH_LASTLOG; ],
997 [ AC_MSG_RESULT(yes) ],
1000 system_lastlog_path=no
1005 if test -z "$conf_lastlog_location"; then
1006 if test x"$system_lastlog_path" = x"no" ; then
1007 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
1008 if test -d "$f" -o -f "$f" ; then
1009 conf_lastlog_location=$f
1012 if test -z "$conf_lastlog_location"; then
1013 AC_MSG_WARN([** Cannot find lastlog **])
1014 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
1019 if test -n "$conf_lastlog_location"; then
1020 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location")
1024 AC_MSG_CHECKING([if your system defines UTMP_FILE])
1026 #include <sys/types.h>
1032 [ char *utmp = UTMP_FILE; ],
1033 [ AC_MSG_RESULT(yes) ],
1035 system_utmp_path=no ]
1037 if test -z "$conf_utmp_location"; then
1038 if test x"$system_utmp_path" = x"no" ; then
1039 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
1040 if test -f $f ; then
1041 conf_utmp_location=$f
1044 if test -z "$conf_utmp_location"; then
1045 AC_DEFINE(DISABLE_UTMP)
1049 if test -n "$conf_utmp_location"; then
1050 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location")
1054 AC_MSG_CHECKING([if your system defines WTMP_FILE])
1056 #include <sys/types.h>
1062 [ char *wtmp = WTMP_FILE; ],
1063 [ AC_MSG_RESULT(yes) ],
1065 system_wtmp_path=no ]
1067 if test -z "$conf_wtmp_location"; then
1068 if test x"$system_wtmp_path" = x"no" ; then
1069 for f in /usr/adm/wtmp /var/log/wtmp; do
1070 if test -f $f ; then
1071 conf_wtmp_location=$f
1074 if test -z "$conf_wtmp_location"; then
1075 AC_DEFINE(DISABLE_WTMP)
1079 if test -n "$conf_wtmp_location"; then
1080 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location")
1084 dnl utmpx detection - I don't know any system so perverse as to require
1085 dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
1087 AC_MSG_CHECKING([if your system defines UTMPX_FILE])
1089 #include <sys/types.h>
1098 [ char *utmpx = UTMPX_FILE; ],
1099 [ AC_MSG_RESULT(yes) ],
1101 system_utmpx_path=no ]
1103 if test -z "$conf_utmpx_location"; then
1104 if test x"$system_utmpx_path" = x"no" ; then
1105 AC_DEFINE(DISABLE_UTMPX)
1108 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
1112 AC_MSG_CHECKING([if your system defines WTMPX_FILE])
1114 #include <sys/types.h>
1123 [ char *wtmpx = WTMPX_FILE; ],
1124 [ AC_MSG_RESULT(yes) ],
1126 system_wtmpx_path=no ]
1128 if test -z "$conf_wtmpx_location"; then
1129 if test x"$system_wtmpx_path" = x"no" ; then
1130 AC_DEFINE(DISABLE_WTMPX)
1133 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
1137 # Change default command timeout for builtin PRNG
1139 AC_ARG_WITH(entropy-timeout,
1140 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
1142 if test "x$withval" != "xno" ; then
1143 entropy_timeout=$withval
1147 AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
1150 if test ! -z "$blibpath" ; then
1151 LDFLAGS="$LDFLAGS -blibpath:$blibpath"
1152 AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile])
1155 AC_OUTPUT(Makefile ssh_prng_cmds)