AC_C_BIGENDIAN
# Checks for programs.
+AC_PROG_AWK
AC_PROG_CPP
AC_PROG_RANLIB
AC_PROG_INSTALL
AC_PATH_PROG(AR, ar)
AC_PATH_PROGS(PERL, perl5 perl)
+AC_PATH_PROG(SED, sed)
AC_SUBST(PERL)
AC_PATH_PROG(ENT, ent)
AC_SUBST(ENT)
AC_SUBST(LD)
AC_C_INLINE
-if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
+if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
fi
+AC_ARG_WITH(rpath,
+ [ --without-rpath Disable auto-added -R linker paths],
+ [
+ if test "x$withval" = "xno" ; then
+ need_dash_r=""
+ fi
+ if test "x$withval" = "xyes" ; then
+ need_dash_r=1
+ fi
+ ]
+)
+
# Check for some target-specific stuff
case "$host" in
*-*-aix*)
- AFS_LIBS="-lld"
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
- if (test "$LD" != "gcc" && test -z "$blibpath"); then
- AC_MSG_CHECKING([if linkage editor ($LD) accepts -blibpath])
- saved_LDFLAGS="$LDFLAGS"
- LDFLAGS="$LDFLAGS -blibpath:/usr/lib:/lib:/usr/local/lib"
- AC_TRY_LINK([],
- [],
- [
- AC_MSG_RESULT(yes)
- blibpath="/usr/lib:/lib:/usr/local/lib"
- ],
- [ AC_MSG_RESULT(no) ]
- )
- LDFLAGS="$saved_LDFLAGS"
+ AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
+ if (test -z "$blibpath"); then
+ blibpath="/usr/lib:/lib:/usr/local/lib"
+ fi
+ saved_LDFLAGS="$LDFLAGS"
+ for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
+ if (test -z "$blibflags"); then
+ LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
+ AC_TRY_LINK([], [], [blibflags=$tryflags])
+ fi
+ done
+ if (test -z "$blibflags"); then
+ AC_MSG_RESULT(not found)
+ AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
+ else
+ AC_MSG_RESULT($blibflags)
fi
+ LDFLAGS="$saved_LDFLAGS"
+ dnl Check for authenticate. Might be in libs.a on older AIXes
AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
[AC_CHECK_LIB(s,authenticate,
[ AC_DEFINE(WITH_AIXAUTHENTICATE)
LIBS="$LIBS -ls"
])
])
+ dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
+ AC_CHECK_DECL(loginfailed,
+ [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
+ AC_TRY_COMPILE(
+ [#include <usersec.h>],
+ [(void)loginfailed("user","host","tty",0);],
+ [AC_MSG_RESULT(yes)
+ AC_DEFINE(AIX_LOGINFAILED_4ARG)],
+ [AC_MSG_RESULT(no)]
+ )],
+ [],
+ [#include <usersec.h>]
+ )
+ AC_CHECK_FUNCS(setauthdb)
AC_DEFINE(BROKEN_GETADDRINFO)
AC_DEFINE(BROKEN_REALPATH)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
dnl AIX handles lastlog as part of its login message
AC_DEFINE(DISABLE_LASTLOG)
AC_DEFINE(LOGIN_NEEDS_UTMPX)
+ AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
;;
*-*-cygwin*)
+ check_for_libcrypt_later=1
LIBS="$LIBS /usr/lib/textmode.o"
AC_DEFINE(HAVE_CYGWIN)
AC_DEFINE(USE_PIPES)
AC_DEFINE(DISABLE_SHADOW)
- AC_DEFINE(IPV4_DEFAULT)
AC_DEFINE(IP_TOS_IS_BROKEN)
AC_DEFINE(NO_X11_UNIX_SOCKETS)
AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
[AC_MSG_RESULT(buggy)
AC_DEFINE(BROKEN_GETADDRINFO)],
[AC_MSG_RESULT(assume it is working)])
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
;;
*-*-hpux10.26)
if test -z "$GCC"; then
AC_DEFINE(USE_PIPES)
AC_DEFINE(LOGIN_NO_ENDOPT)
AC_DEFINE(LOGIN_NEEDS_UTMPX)
- AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*")
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lsec -lsecpw"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
AC_DEFINE(USE_PIPES)
AC_DEFINE(LOGIN_NO_ENDOPT)
AC_DEFINE(LOGIN_NEEDS_UTMPX)
- AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*")
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lsec"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
AC_DEFINE(USE_PIPES)
AC_DEFINE(LOGIN_NO_ENDOPT)
AC_DEFINE(LOGIN_NEEDS_UTMPX)
- AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*")
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lsec"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
LDFLAGS="$LDFLAGS"
PATH="$PATH:/usr/etc"
AC_DEFINE(BROKEN_INET_NTOA)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE(WITH_ABBREV_NO_TTY)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
;;
*-*-irix6*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
AC_DEFINE(WITH_IRIX_AUDIT)
AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
AC_DEFINE(BROKEN_INET_NTOA)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE(WITH_ABBREV_NO_TTY)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
;;
*-*-linux*)
no_dev_ptmx=1
check_for_libcrypt_later=1
+ check_for_openpty_ctty_bug=1
AC_DEFINE(DONT_TRY_OTHER_AF)
AC_DEFINE(PAM_TTY_KLUDGE)
+ AC_DEFINE(LOCKED_PASSWD_PREFIX, "!!")
+ AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
inet6_default_4in6=yes
+ case `uname -r` in
+ 1.*|2.0.*)
+ AC_DEFINE(BROKEN_CMSG_TYPE)
+ ;;
+ esac
;;
mips-sony-bsd|mips-sony-newsos4)
AC_DEFINE(HAVE_NEWS4)
;;
*-*-netbsd*)
check_for_libcrypt_before=1
- need_dash_r=1
+ if test "x$withval" != "xno" ; then
+ need_dash_r=1
+ fi
;;
*-*-freebsd*)
check_for_libcrypt_later=1
;;
+*-*-bsdi*)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
+ ;;
*-next-*)
conf_lastlog_location="/usr/adm/lastlog"
conf_utmp_location=/etc/utmp
;;
*-*-solaris*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
- LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib"
- need_dash_r=1
+ if test "x$withval" = "xno" ; then
+ LDFLAGS="$LDFLAGS -L/usr/local/lib"
+ else
+ LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib"
+ need_dash_r=1
+ fi
AC_DEFINE(PAM_SUN_CODEBASE)
AC_DEFINE(LOGIN_NEEDS_UTMPX)
AC_DEFINE(LOGIN_NEEDS_TERM)
AC_DEFINE(PAM_TTY_KLUDGE)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
+ # Pushing STREAMS modules will cause sshd to acquire a controlling tty.
+ AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ external_path_file=/etc/default/login
# hardwire lastlog location (can't detect it on some versions)
conf_lastlog_location="/var/adm/lastlog"
AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -lc89"
AC_DEFINE(USE_PIPES)
+ AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
;;
*-sni-sysv*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
# /usr/ucblib MUST NOT be searched on ReliantUNIX
LDFLAGS="$LDFLAGS -L/usr/local/lib"
+ AC_CHECK_LIB(dl, dlsym, ,)
IPADDR_IN_DISPLAY=yes
AC_DEFINE(USE_PIPES)
AC_DEFINE(IP_TOS_IS_BROKEN)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
+ AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ external_path_file=/etc/default/login
# /usr/ucblib/libucb.a no longer needed on ReliantUNIX
# Attention: always take care to bind libsocket and libnsl before libc,
# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
AC_DEFINE(USE_PIPES)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
;;
*-*-sysv5*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
AC_DEFINE(USE_PIPES)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
;;
*-*-sysv*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
AC_DEFINE(HAVE_SECUREWARE)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(BROKEN_SAVED_UIDS)
+ AC_DEFINE(WITH_ABBREV_NO_TTY)
AC_CHECK_FUNCS(getluid setluid)
MANTYPE=man
do_sco3_extra_lib_check=yes
;;
*-*-sco3.2v5*)
+ if test -z "$GCC"; then
+ CFLAGS="$CFLAGS -belf"
+ fi
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
LIBS="$LIBS -lprot -lx -ltinfo -lm"
AC_DEFINE(HAVE_SECUREWARE)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_FD_PASSING)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
+ AC_DEFINE(WITH_ABBREV_NO_TTY)
AC_CHECK_FUNCS(getluid setluid)
MANTYPE=man
;;
LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
MANTYPE=cat
;;
+*-*-unicosmp*)
+ AC_DEFINE(WITH_ABBREV_NO_TTY)
+ AC_DEFINE(USE_PIPES)
+ AC_DEFINE(DISABLE_FD_PASSING)
+ LDFLAGS="$LDFLAGS"
+ LIBS="$LIBS -lgen -lacid"
+ MANTYPE=cat
+ ;;
*-*-unicos*)
AC_DEFINE(USE_PIPES)
AC_DEFINE(DISABLE_FD_PASSING)
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_OSF_SIA)
AC_DEFINE(DISABLE_LOGIN)
+ AC_DEFINE(DISABLE_FD_PASSING)
LIBS="$LIBS -lsecurity -ldb -lm -laud"
else
AC_MSG_RESULT(no)
+ AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
fi
fi
- AC_DEFINE(DISABLE_FD_PASSING)
+ AC_DEFINE(BROKEN_GETADDRINFO)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
;;
*-*-nto-qnx)
]
)
+AC_MSG_CHECKING(compiler and flags for sanity)
+AC_TRY_RUN([
+#include <stdio.h>
+int main(){exit(0);}
+ ],
+ [ AC_MSG_RESULT(yes) ],
+ [
+ AC_MSG_RESULT(no)
+ AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
+ ]
+)
+
# Checks for header files.
-AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \
+AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \
getopt.h glob.h ia.h lastlog.h limits.h login.h \
login_cap.h maillock.h netdb.h netgroup.h \
netinet/in_systm.h paths.h pty.h readpassphrase.h \
rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
- strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \
- sys/mman.h sys/select.h sys/stat.h \
- sys/stropts.h sys/sysmacros.h sys/time.h \
+ strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \
+ sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \
+ sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \
sys/un.h time.h tmpdir.h ttyent.h usersec.h \
- util.h utime.h utmp.h utmpx.h)
+ util.h utime.h utmp.h utmpx.h vis.h)
# Checks for libraries.
AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
fi
fi
-AC_CHECK_FUNC(getspnam, ,
- AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
+dnl IRIX and Solaris 2.5.1 have dirname() in libgen
+AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
+ AC_CHECK_LIB(gen, dirname,[
+ AC_CACHE_CHECK([for broken dirname],
+ ac_cv_have_broken_dirname, [
+ save_LIBS="$LIBS"
+ LIBS="$LIBS -lgen"
+ AC_TRY_RUN(
+ [
+#include <libgen.h>
+#include <string.h>
-AC_ARG_WITH(rpath,
- [ --without-rpath Disable auto-added -R linker paths],
- [
- if test "x$withval" = "xno" ; then
- need_dash_r=""
- fi
- if test "x$withval" = "xyes" ; then
- need_dash_r=1
+int main(int argc, char **argv) {
+ char *s, buf[32];
+
+ strncpy(buf,"/etc", 32);
+ s = dirname(buf);
+ if (!s || strncmp(s, "/", 32) != 0) {
+ exit(1);
+ } else {
+ exit(0);
+ }
+}
+ ],
+ [ ac_cv_have_broken_dirname="no" ],
+ [ ac_cv_have_broken_dirname="yes" ]
+ )
+ LIBS="$save_LIBS"
+ ])
+ if test "x$ac_cv_have_broken_dirname" = "xno" ; then
+ LIBS="$LIBS -lgen"
+ AC_DEFINE(HAVE_DIRNAME)
+ AC_CHECK_HEADERS(libgen.h)
fi
- ]
-)
+ ])
+])
+
+AC_CHECK_FUNC(getspnam, ,
+ AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
+AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
dnl zlib is required
AC_ARG_WITH(zlib,
AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]))
dnl UnixWare 2.x
-AC_CHECK_FUNC(strcasecmp,
+AC_CHECK_FUNC(strcasecmp,
[], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
)
-AC_CHECK_FUNC(utimes,
+AC_CHECK_FUNC(utimes,
[], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
LIBS="$LIBS -lc89"]) ]
)
#ifdef GLOB_ALTDIRFUNC
FOUNDIT
#endif
- ],
+ ],
[
AC_DEFINE(GLOB_HAS_ALTDIRFUNC)
AC_MSG_RESULT(yes)
# Check for g.gl_matchc glob() extension
AC_MSG_CHECKING(for gl_matchc field in glob_t)
AC_EGREP_CPP(FOUNDIT,
- [
- #include <glob.h>
+ [
+ #include <glob.h>
int main(void){glob_t g; g.gl_matchc = 1;}
- ],
- [
- AC_DEFINE(GLOB_HAS_GL_MATCHC)
- AC_MSG_RESULT(yes)
- ],
- [
- AC_MSG_RESULT(no)
- ]
+ ],
+ [
+ AC_DEFINE(GLOB_HAS_GL_MATCHC)
+ AC_MSG_RESULT(yes)
+ ],
+ [
+ AC_MSG_RESULT(no)
+ ]
)
AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
#include <dirent.h>
int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
],
- [AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(yes)],
[
AC_MSG_RESULT(no)
AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
)
# Check whether user wants S/Key support
-SKEY_MSG="no"
+SKEY_MSG="no"
AC_ARG_WITH(skey,
[ --with-skey[[=PATH]] Enable S/Key support
- (optionally in PATH)],
+ (optionally in PATH)],
[
if test "x$withval" != "xno" ; then
AC_DEFINE(SKEY)
LIBS="-lskey $LIBS"
- SKEY_MSG="yes"
+ SKEY_MSG="yes"
AC_MSG_CHECKING([for s/key support])
AC_TRY_RUN(
TCPW_MSG="no"
AC_ARG_WITH(tcp-wrappers,
[ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support
- (optionally in PATH)],
+ (optionally in PATH)],
[
if test "x$withval" != "xno" ; then
saved_LIBS="$LIBS"
]
)
-dnl Checks for library functions.
-AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
- clock fchmod fchown freeaddrinfo futimes gai_strerror \
- getaddrinfo getcwd getgrouplist getnameinfo getopt getpeereid\
- getrlimit getrusage getttyent glob inet_aton inet_ntoa \
- inet_ntop innetgr login_getcapbool md5_crypt memmove \
- mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \
- realpath recvmsg rresvport_af sendmsg setdtablesize setegid \
- setenv seteuid setgroups setlogin setproctitle setresgid setreuid \
- setrlimit setsid setpcred setvbuf sigaction sigvec snprintf \
- socketpair strerror strlcat strlcpy strmode strvis sysconf \
- tcgetpgrp truncate utimes vhangup vsnprintf waitpid __b64_ntop \ _getpty)
-
-dnl Make sure strsep prototype is defined before defining HAVE_STRSEP
-AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
+dnl Checks for library functions. Please keep in alphabetical order
+AC_CHECK_FUNCS(\
+ arc4random __b64_ntop b64_ntop __b64_pton b64_pton \
+ bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \
+ getaddrinfo getcwd getgrouplist getnameinfo getopt \
+ getpeereid _getpty getrlimit getttyent glob inet_aton \
+ inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
+ mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
+ pstat readpassphrase realpath recvmsg rresvport_af sendmsg \
+ setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
+ setproctitle setregid setresgid setresuid setreuid setrlimit \
+ setsid setvbuf sigaction sigvec snprintf socketpair strerror \
+ strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
+ truncate utimes vhangup vsnprintf waitpid \
+)
-dnl IRIX and Solaris 2.5.1 have dirname() in libgen
-AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
- AC_CHECK_LIB(gen, dirname,[
- AC_CACHE_CHECK([for broken dirname],
- ac_cv_have_broken_dirname, [
- save_LIBS="$LIBS"
- LIBS="$LIBS -lgen"
- AC_TRY_RUN(
- [
-#include <libgen.h>
-#include <string.h>
+# IRIX has a const char return value for gai_strerror()
+AC_CHECK_FUNCS(gai_strerror,[
+ AC_DEFINE(HAVE_GAI_STRERROR)
+ AC_TRY_COMPILE([
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
-int main(int argc, char **argv) {
- char *s, buf[32];
+const char *gai_strerror(int);],[
+char *str;
- strncpy(buf,"/etc", 32);
- s = dirname(buf);
- if (!s || strncmp(s, "/", 32) != 0) {
- exit(1);
- } else {
- exit(0);
- }
-}
- ],
- [ ac_cv_have_broken_dirname="no" ],
- [ ac_cv_have_broken_dirname="yes" ]
- )
- LIBS="$save_LIBS"
- ])
- if test "x$ac_cv_have_broken_dirname" = "xno" ; then
- LIBS="$LIBS -lgen"
- AC_DEFINE(HAVE_DIRNAME)
- AC_CHECK_HEADERS(libgen.h)
- fi
- ])
-])
+str = gai_strerror(0);],[
+ AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
+ [Define if gai_strerror() returns const char *])])])
+
+AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
+
+dnl Make sure prototypes are defined for these before using them.
+AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
+AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
+
+dnl tcsendbreak might be a macro
+AC_CHECK_DECL(tcsendbreak,
+ [AC_DEFINE(HAVE_TCSENDBREAK)],
+ [AC_CHECK_FUNCS(tcsendbreak)],
+ [#include <termios.h>]
+)
dnl Checks for time functions
AC_CHECK_FUNCS(gettimeofday time)
AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
AC_CHECK_FUNCS(setutxent utmpxname)
-AC_CHECK_FUNC(daemon,
+AC_CHECK_FUNC(daemon,
[AC_DEFINE(HAVE_DAEMON)],
[AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
)
-AC_CHECK_FUNC(getpagesize,
+AC_CHECK_FUNC(getpagesize,
[AC_DEFINE(HAVE_GETPAGESIZE)],
[AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
)
#include <stdio.h>
int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
],
- [AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(yes)],
[
AC_MSG_RESULT(no)
AC_DEFINE(BROKEN_SNPRINTF)
[
AC_MSG_RESULT(no)
],
- [
+ [
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_STRICT_MKSTEMP)
],
[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_STRICT_MKSTEMP)
- ]
+ ]
)
fi
+dnl make sure that openpty does not reacquire controlling terminal
+if test ! -z "$check_for_openpty_ctty_bug"; then
+ AC_MSG_CHECKING(if openpty correctly handles controlling tty)
+ AC_TRY_RUN(
+ [
+#include <stdio.h>
+#include <sys/fcntl.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+int
+main()
+{
+ pid_t pid;
+ int fd, ptyfd, ttyfd, status;
+
+ pid = fork();
+ if (pid < 0) { /* failed */
+ exit(1);
+ } else if (pid > 0) { /* parent */
+ waitpid(pid, &status, 0);
+ if (WIFEXITED(status))
+ exit(WEXITSTATUS(status));
+ else
+ exit(2);
+ } else { /* child */
+ close(0); close(1); close(2);
+ setsid();
+ openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
+ fd = open("/dev/tty", O_RDWR | O_NOCTTY);
+ if (fd >= 0)
+ exit(3); /* Acquired ctty: broken */
+ else
+ exit(0); /* Did not acquire ctty: OK */
+ }
+}
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ ],
+ [
+ AC_MSG_RESULT(no)
+ AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ ]
+ )
+fi
+
AC_FUNC_GETPGRP
# Check for PAM libs
AC_CHECK_LIB(dl, dlopen, , )
AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
AC_CHECK_FUNCS(pam_getenvlist)
+ AC_CHECK_FUNCS(pam_putenv)
- disable_shadow=yes
PAM_MSG="yes"
AC_DEFINE(USE_PAM)
[
#include <stdlib.h>
#include <security/pam_appl.h>
- ],
- [(void)pam_strerror((pam_handle_t *)NULL, -1);],
+ ],
+ [(void)pam_strerror((pam_handle_t *)NULL, -1);],
[AC_MSG_RESULT(no)],
[
AC_DEFINE(HAVE_OLD_PAM)
#include <openssl/opensslv.h>
#define DATA "conftest.sslincver"
int main(void) {
- FILE *fd;
- int rc;
+ FILE *fd;
+ int rc;
- fd = fopen(DATA,"w");
- if(fd == NULL)
- exit(1);
+ fd = fopen(DATA,"w");
+ if(fd == NULL)
+ exit(1);
if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
exit(1);
#include <openssl/crypto.h>
#define DATA "conftest.ssllibver"
int main(void) {
- FILE *fd;
- int rc;
+ FILE *fd;
+ int rc;
- fd = fopen(DATA,"w");
- if(fd == NULL)
- exit(1);
+ fd = fopen(DATA,"w");
+ if(fd == NULL)
+ exit(1);
if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
exit(1);
],
[
AC_MSG_RESULT(no)
- AC_MSG_ERROR(Your OpenSSL headers do not match your library)
+ AC_MSG_ERROR([Your OpenSSL headers do not match your library.
+Check config.log for details.
+Also see contrib/findssl.sh for help identifying header/library mismatches.])
]
)
-# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
+# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
# version in OpenSSL. Skip this for PAM
-if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then
+if test "x$check_for_libcrypt_later" = "x1"; then
AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
fi
[ --with-rand-helper Use subprocess to gather strong randomness ],
[
if test "x$withval" = "xno" ; then
- # Force use of OpenSSL's internal RNG, even if
+ # Force use of OpenSSL's internal RNG, even if
# the previous test showed it to be unseeded.
if test -z "$OPENSSL_SEEDS_ITSELF" ; then
AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
test -d /usr/sbin && PATH=$PATH:/usr/sbin
PATH=$PATH:/etc:$OPATH
-# These programs are used by the command hashing source to gather entropy
+# These programs are used by the command hashing source to gather entropy
OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
# More checks for data types
AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
AC_TRY_COMPILE(
- [ #include <sys/types.h> ],
- [ u_int a; a = 1;],
+ [ #include <sys/types.h> ],
+ [ u_int a; a = 1;],
[ ac_cv_have_u_int="yes" ],
[ ac_cv_have_u_int="no" ]
)
AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
AC_TRY_COMPILE(
- [ #include <sys/types.h> ],
- [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
+ [ #include <sys/types.h> ],
+ [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
[ ac_cv_have_intxx_t="yes" ],
[ ac_cv_have_intxx_t="no" ]
)
fi
if (test -z "$have_intxx_t" && \
- test "x$ac_cv_header_stdint_h" = "xyes")
+ test "x$ac_cv_header_stdint_h" = "xyes")
then
AC_MSG_CHECKING([for intXX_t types in stdint.h])
AC_TRY_COMPILE(
- [ #include <stdint.h> ],
- [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
+ [ #include <stdint.h> ],
+ [ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
[
AC_DEFINE(HAVE_INTXX_T)
AC_MSG_RESULT(yes)
#ifdef HAVE_SYS_BITYPES_H
# include <sys/bitypes.h>
#endif
- ],
- [ int64_t a; a = 1;],
+ ],
+ [ int64_t a; a = 1;],
[ ac_cv_have_int64_t="yes" ],
[ ac_cv_have_int64_t="no" ]
)
AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
AC_TRY_COMPILE(
- [ #include <sys/types.h> ],
- [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
+ [ #include <sys/types.h> ],
+ [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
[ ac_cv_have_u_intxx_t="yes" ],
[ ac_cv_have_u_intxx_t="no" ]
)
if test -z "$have_u_intxx_t" ; then
AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
AC_TRY_COMPILE(
- [ #include <sys/socket.h> ],
- [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
+ [ #include <sys/socket.h> ],
+ [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
[
AC_DEFINE(HAVE_U_INTXX_T)
AC_MSG_RESULT(yes)
AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
AC_TRY_COMPILE(
- [ #include <sys/types.h> ],
- [ u_int64_t a; a = 1;],
+ [ #include <sys/types.h> ],
+ [ u_int64_t a; a = 1;],
[ ac_cv_have_u_int64_t="yes" ],
[ ac_cv_have_u_int64_t="no" ]
)
if test -z "$have_u_int64_t" ; then
AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
AC_TRY_COMPILE(
- [ #include <sys/bitypes.h> ],
+ [ #include <sys/bitypes.h> ],
[ u_int64_t a; a = 1],
[
AC_DEFINE(HAVE_U_INT64_T)
AC_TRY_COMPILE(
[
#include <sys/types.h>
- ],
- [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
+ ],
+ [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
[ ac_cv_have_uintxx_t="yes" ],
[ ac_cv_have_uintxx_t="no" ]
)
if test -z "$have_uintxx_t" ; then
AC_MSG_CHECKING([for uintXX_t types in stdint.h])
AC_TRY_COMPILE(
- [ #include <stdint.h> ],
- [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
+ [ #include <stdint.h> ],
+ [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
[
AC_DEFINE(HAVE_UINTXX_T)
AC_MSG_RESULT(yes)
fi
if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
- test "x$ac_cv_header_sys_bitypes_h" = "xyes")
+ test "x$ac_cv_header_sys_bitypes_h" = "xyes")
then
AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
AC_TRY_COMPILE(
[
#include <sys/bitypes.h>
- ],
+ ],
[
int8_t a; int16_t b; int32_t c;
u_int8_t e; u_int16_t f; u_int32_t g;
a = b = c = e = f = g = 1;
- ],
+ ],
[
AC_DEFINE(HAVE_U_INTXX_T)
AC_DEFINE(HAVE_INTXX_T)
AC_MSG_RESULT(yes)
],
[AC_MSG_RESULT(no)]
- )
+ )
fi
AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
AC_TRY_COMPILE(
- [ #include <sys/time.h> ],
- [ struct timeval tv; tv.tv_sec = 1;],
+ [ #include <sys/time.h> ],
+ [ struct timeval tv; tv.tv_sec = 1;],
[ ac_cv_have_struct_timeval="yes" ],
[ ac_cv_have_struct_timeval="no" ]
)
have_struct_timeval=1
fi
-# If we don't have int64_t then we can't compile sftp-server. So don't
-# even attempt to do it.
+AC_CHECK_TYPES(struct timespec)
+
+# We need int64_t or else certian parts of the compile will fail.
if test "x$ac_cv_have_int64_t" = "xno" -a \
"x$ac_cv_sizeof_long_int" != "x8" -a \
"x$ac_cv_sizeof_long_long_int" = "x0" ; then
- NO_SFTP='#'
+ echo "OpenSSH requires int64_t support. Contact your vendor or install"
+ echo "an alternative compiler (I.E., GCC) before continuing."
+ echo ""
+ exit 1;
else
dnl test snprintf (broken on SCO w/gcc)
AC_TRY_RUN(
strcpy(expected_out, "9223372036854775807");
snprintf(buf, mazsize, "%lld", num);
if(strcmp(buf, expected_out) != 0)
- exit(1);
+ exit(1);
exit(0);
}
#else
], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ]
)
fi
-AC_SUBST(NO_SFTP)
dnl Checks for structure members
OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
fi
AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
- AC_TRY_LINK([],
- [ extern char *__progname; printf("%s", __progname); ],
+ AC_TRY_LINK([],
+ [ extern char *__progname; printf("%s", __progname); ],
[ ac_cv_libc_defines___progname="yes" ],
[ ac_cv_libc_defines___progname="no" ]
)
AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
AC_TRY_LINK([
#include <stdio.h>
-],
- [ printf("%s", __FUNCTION__); ],
+],
+ [ printf("%s", __FUNCTION__); ],
[ ac_cv_cc_implements___FUNCTION__="yes" ],
[ ac_cv_cc_implements___FUNCTION__="no" ]
)
AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
AC_TRY_LINK([
#include <stdio.h>
-],
- [ printf("%s", __func__); ],
+],
+ [ printf("%s", __func__); ],
[ ac_cv_cc_implements___func__="yes" ],
[ ac_cv_cc_implements___func__="no" ]
)
fi
AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
- AC_TRY_LINK([],
- [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
+ AC_TRY_LINK([],
+ [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
[ ac_cv_libc_defines_sys_errlist="yes" ],
[ ac_cv_libc_defines_sys_errlist="no" ]
)
AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
- AC_TRY_LINK([],
- [ extern int sys_nerr; printf("%i", sys_nerr);],
+ AC_TRY_LINK([],
+ [ extern int sys_nerr; printf("%i", sys_nerr);],
[ ac_cv_libc_defines_sys_nerr="yes" ],
[ ac_cv_libc_defines_sys_nerr="no" ]
)
AC_DEFINE(HAVE_SYS_NERR)
fi
-SCARD_MSG="no"
-
+SCARD_MSG="no"
# Check whether user wants sectok support
AC_ARG_WITH(sectok,
[ --with-sectok Enable smartcard support using libsectok],
fi
AC_DEFINE(SMARTCARD)
AC_DEFINE(USE_SECTOK)
- SCARD_MSG="yes, using sectok"
+ SCARD_MSG="yes, using sectok"
fi
]
)
LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
AC_DEFINE(SMARTCARD)
AC_DEFINE(USE_OPENSC)
- SCARD_MSG="yes, using OpenSC"
+ SCARD_MSG="yes, using OpenSC"
fi
fi
+# Check libraries needed by DNS fingerprint support
+AC_SEARCH_LIBS(getrrsetbyname, resolv,
+ [AC_DEFINE(HAVE_GETRRSETBYNAME)],
+ [
+ # Needed by our getrrsetbyname()
+ AC_SEARCH_LIBS(res_query, resolv)
+ AC_SEARCH_LIBS(dn_expand, resolv)
+ AC_CHECK_FUNCS(_getshort _getlong)
+ AC_CHECK_MEMBER(HEADER.ad,
+ [AC_DEFINE(HAVE_HEADER_AD)],,
+ [#include <arpa/nameser.h>])
+ ])
+
# Check whether user wants Kerberos 5 support
-KRB5_MSG="no"
+KRB5_MSG="no"
AC_ARG_WITH(kerberos5,
- [ --with-kerberos5=PATH Enable Kerberos 5 support],
- [
- if test "x$withval" != "xno" ; then
- if test "x$withval" = "xyes" ; then
- KRB5ROOT="/usr/local"
- else
- KRB5ROOT=${withval}
- fi
- CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
- LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
- AC_DEFINE(KRB5)
- KRB5_MSG="yes"
- AC_MSG_CHECKING(whether we are using Heimdal)
- AC_TRY_COMPILE([ #include <krb5.h> ],
- [ char *tmp = heimdal_version; ],
- [ AC_MSG_RESULT(yes)
- AC_DEFINE(HEIMDAL)
- K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken"
- ],
- [ AC_MSG_RESULT(no)
- K5LIBS="-lkrb5 -lk5crypto -lcom_err"
- ]
- )
- if test ! -z "$need_dash_r" ; then
- LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
- fi
- if test ! -z "$blibpath" ; then
- blibpath="$blibpath:${KRB5ROOT}/lib"
- fi
- AC_CHECK_LIB(resolv, dn_expand, , )
-
- KRB5=yes
- fi
- ]
-)
-# Check whether user wants Kerberos 4 support
-KRB4_MSG="no"
-AC_ARG_WITH(kerberos4,
- [ --with-kerberos4=PATH Enable Kerberos 4 support],
+ [ --with-kerberos5=PATH Enable Kerberos 5 support],
[
if test "x$withval" != "xno" ; then
- if test "x$withval" != "xyes" ; then
- CPPFLAGS="$CPPFLAGS -I${withval}/include"
- LDFLAGS="$LDFLAGS -L${withval}/lib"
- if test ! -z "$need_dash_r" ; then
- LDFLAGS="$LDFLAGS -R${withval}/lib"
- fi
- if test ! -z "$blibpath" ; then
- blibpath="$blibpath:${withval}/lib"
- fi
- else
- if test -d /usr/include/kerberosIV ; then
- CPPFLAGS="$CPPFLAGS -I/usr/include/kerberosIV"
- fi
- fi
-
- AC_CHECK_HEADERS(krb.h)
- if test "$ac_cv_header_krb_h" != yes; then
- AC_MSG_WARN([Cannot find krb.h, build may fail])
- fi
- AC_CHECK_LIB(krb, main)
- if test "$ac_cv_lib_krb_main" != yes; then
- AC_CHECK_LIB(krb4, main)
- if test "$ac_cv_lib_krb4_main" != yes; then
- AC_MSG_WARN([Cannot find libkrb nor libkrb4, build may fail])
- else
- KLIBS="-lkrb4"
- fi
+ if test "x$withval" = "xyes" ; then
+ KRB5ROOT="/usr/local"
else
- KLIBS="-lkrb"
+ KRB5ROOT=${withval}
fi
- AC_CHECK_LIB(des, des_cbc_encrypt)
- if test "$ac_cv_lib_des_des_cbc_encrypt" != yes; then
- AC_CHECK_LIB(des425, des_cbc_encrypt)
- if test "$ac_cv_lib_des425_des_cbc_encrypt" != yes; then
- AC_MSG_WARN([Cannot find libdes nor libdes425, build may fail])
- else
- KLIBS="-ldes425"
- fi
- else
- KLIBS="-ldes"
+ CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
+ LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
+ AC_DEFINE(KRB5)
+ KRB5_MSG="yes"
+ AC_MSG_CHECKING(whether we are using Heimdal)
+ AC_TRY_COMPILE([ #include <krb5.h> ],
+ [ char *tmp = heimdal_version; ],
+ [ AC_MSG_RESULT(yes)
+ AC_DEFINE(HEIMDAL)
+ K5LIBS="-lkrb5 -ldes -lcom_err -lasn1 -lroken"
+ ],
+ [ AC_MSG_RESULT(no)
+ K5LIBS="-lkrb5 -lk5crypto -lcom_err"
+ ]
+ )
+ if test ! -z "$need_dash_r" ; then
+ LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
fi
- AC_CHECK_LIB(resolv, dn_expand, , )
- KRB4=yes
- KRB4_MSG="yes"
- AC_DEFINE(KRB4)
- fi
- ]
-)
-
-# Check whether user wants AFS support
-AFS_MSG="no"
-AC_ARG_WITH(afs,
- [ --with-afs=PATH Enable AFS support],
- [
- if test "x$withval" != "xno" ; then
-
- if test "x$withval" != "xyes" ; then
- CPPFLAGS="$CPPFLAGS -I${withval}/include"
- LDFLAGS="$LDFLAGS -L${withval}/lib"
+ if test ! -z "$blibpath" ; then
+ blibpath="$blibpath:${KRB5ROOT}/lib"
fi
+ AC_SEARCH_LIBS(dn_expand, resolv)
+
+ AC_CHECK_LIB(gssapi,gss_init_sec_context,
+ [ AC_DEFINE(GSSAPI)
+ K5LIBS="-lgssapi $K5LIBS" ],
+ [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
+ [ AC_DEFINE(GSSAPI)
+ K5LIBS="-lgssapi_krb5 $K5LIBS" ],
+ AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
+ $K5LIBS)
+ ],
+ $K5LIBS)
+
+ AC_CHECK_HEADER(gssapi.h, ,
+ [ unset ac_cv_header_gssapi_h
+ CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
+ AC_CHECK_HEADERS(gssapi.h, ,
+ AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
+ )
+ ]
+ )
- if test -z "$KRB4" ; then
- AC_MSG_WARN([AFS requires Kerberos IV support, build may fail])
- fi
+ oldCPP="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
+ AC_CHECK_HEADER(gssapi_krb5.h, ,
+ [ CPPFLAGS="$oldCPP" ])
- LIBS="-lkafs $LIBS"
- if test ! -z "$AFS_LIBS" ; then
- LIBS="$LIBS $AFS_LIBS"
- fi
- AC_DEFINE(AFS)
- AFS_MSG="yes"
+ KRB5=yes
fi
]
)
-LIBS="$LIBS $KLIBS $K5LIBS"
+LIBS="$LIBS $K5LIBS"
# Looking for programs, paths and files
]
)
+STRIP_OPT=-s
+AC_ARG_ENABLE(strip,
+ [ --disable-strip Disable calling strip(1) on install],
+ [
+ if test "x$enableval" = "xno" ; then
+ STRIP_OPT=
+ fi
+ ]
+)
+AC_SUBST(STRIP_OPT)
+
if test -z "$xauth_path" ; then
XAUTH_PATH="undefined"
AC_SUBST(XAUTH_PATH)
if test -z "$no_dev_ptmx" ; then
if test "x$disable_ptmx_check" != "xyes" ; then
- AC_CHECK_FILE("/dev/ptmx",
+ AC_CHECK_FILE("/dev/ptmx",
[
AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
have_dev_ptmx=1
)
fi
fi
-AC_CHECK_FILE("/dev/ptc",
+AC_CHECK_FILE("/dev/ptc",
[
AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC)
have_dev_ptc=1
AC_SUBST(mansubdir)
# Check whether to enable MD5 passwords
-MD5_MSG="no"
+MD5_MSG="no"
AC_ARG_WITH(md5-passwords,
[ --with-md5-passwords Enable use of MD5 passwords],
[
if test "x$withval" != "xno" ; then
AC_DEFINE(HAVE_MD5_PASSWORDS)
- MD5_MSG="yes"
+ MD5_MSG="yes"
fi
]
)
DISPLAY_HACK_MSG="yes"
AC_DEFINE(IPADDR_IN_DISPLAY)
else
- DISPLAY_HACK_MSG="no"
+ DISPLAY_HACK_MSG="no"
AC_ARG_WITH(ipaddr-display,
[ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
[
if test "x$withval" != "xno" ; then
AC_DEFINE(IPADDR_IN_DISPLAY)
- DISPLAY_HACK_MSG="yes"
+ DISPLAY_HACK_MSG="yes"
fi
]
)
fi
+# check for /etc/default/login and use it if present.
+AC_ARG_ENABLE(etc-default-login,
+ [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],,
+[
+AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ])
+
+if test "x$external_path_file" = "x/etc/default/login"; then
+ AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN)
+fi
+])
+
dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
if test $ac_cv_func_login_getcapbool = "yes" -a \
$ac_cv_header_login_cap_h = "yes" ; then
- USES_LOGIN_CONF=yes
+ external_path_file=/etc/login.conf
fi
+
# Whether to mess with the default path
-SERVER_PATH_MSG="(default)"
+SERVER_PATH_MSG="(default)"
AC_ARG_WITH(default-path,
[ --with-default-path= Specify default \$PATH environment for server],
[
- if test "$USES_LOGIN_CONF" = "yes" ; then
+ if test "x$external_path_file" = "x/etc/login.conf" ; then
AC_MSG_WARN([
--with-default-path=PATH has no effect on this system.
Edit /etc/login.conf instead.])
elif test "x$withval" != "xno" ; then
+ if test ! -z "$external_path_file" ; then
+ AC_MSG_WARN([
+--with-default-path=PATH will only be used if PATH is not defined in
+$external_path_file .])
+ fi
user_path="$withval"
- SERVER_PATH_MSG="$withval"
+ SERVER_PATH_MSG="$withval"
fi
],
- [ if test "$USES_LOGIN_CONF" = "yes" ; then
- AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
+ [ if test "x$external_path_file" = "x/etc/login.conf" ; then
+ AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
else
- AC_TRY_RUN(
- [
+ if test ! -z "$external_path_file" ; then
+ AC_MSG_WARN([
+If PATH is defined in $external_path_file, ensure the path to scp is included,
+otherwise scp will not work.])
+ fi
+ AC_TRY_RUN(
+ [
/* find out what STDPATH is */
#include <stdio.h>
#ifdef HAVE_PATHS_H
fi
fi ]
)
-if test "$USES_LOGIN_CONF" != "yes" ; then
+if test "x$external_path_file" != "x/etc/login.conf" ; then
AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
AC_SUBST(user_path)
fi
)
-# Whether to force IPv4 by default (needed on broken glibc Linux)
-IPV4_HACK_MSG="no"
-AC_ARG_WITH(ipv4-default,
- [ --with-ipv4-default Use IPv4 by connections unless '-6' specified],
- [
- if test "x$withval" != "xno" ; then
- AC_DEFINE(IPV4_DEFAULT)
- IPV4_HACK_MSG="yes"
- fi
- ]
-)
-
AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
-IPV4_IN6_HACK_MSG="no"
+IPV4_IN6_HACK_MSG="no"
AC_ARG_WITH(4in6,
[ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
[
if test "x$withval" != "xno" ; then
AC_MSG_RESULT(yes)
AC_DEFINE(IPV4_IN_IPV6)
- IPV4_IN6_HACK_MSG="yes"
+ IPV4_IN6_HACK_MSG="yes"
else
AC_MSG_RESULT(no)
fi
if test "x$inet6_default_4in6" = "xyes"; then
AC_MSG_RESULT([yes (default)])
AC_DEFINE(IPV4_IN_IPV6)
- IPV4_IN6_HACK_MSG="yes"
+ IPV4_IN6_HACK_MSG="yes"
else
AC_MSG_RESULT([no (default)])
fi
if test ! -d $piddir ; then
piddir=`eval echo ${sysconfdir}`
case $piddir in
- NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
+ NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
esac
fi
dnl allow user to disable some login recording features
AC_ARG_ENABLE(lastlog,
[ --disable-lastlog disable use of lastlog even if detected [no]],
- [ AC_DEFINE(DISABLE_LASTLOG) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_LASTLOG)
+ fi
+ ]
)
AC_ARG_ENABLE(utmp,
[ --disable-utmp disable use of utmp even if detected [no]],
- [ AC_DEFINE(DISABLE_UTMP) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_UTMP)
+ fi
+ ]
)
AC_ARG_ENABLE(utmpx,
[ --disable-utmpx disable use of utmpx even if detected [no]],
- [ AC_DEFINE(DISABLE_UTMPX) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_UTMPX)
+ fi
+ ]
)
AC_ARG_ENABLE(wtmp,
[ --disable-wtmp disable use of wtmp even if detected [no]],
- [ AC_DEFINE(DISABLE_WTMP) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_WTMP)
+ fi
+ ]
)
AC_ARG_ENABLE(wtmpx,
[ --disable-wtmpx disable use of wtmpx even if detected [no]],
- [ AC_DEFINE(DISABLE_WTMPX) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_WTMPX)
+ fi
+ ]
)
AC_ARG_ENABLE(libutil,
[ --disable-libutil disable use of libutil (login() etc.) [no]],
- [ AC_DEFINE(DISABLE_LOGIN) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_LOGIN)
+ fi
+ ]
)
AC_ARG_ENABLE(pututline,
[ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
- [ AC_DEFINE(DISABLE_PUTUTLINE) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_PUTUTLINE)
+ fi
+ ]
)
AC_ARG_ENABLE(pututxline,
[ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
- [ AC_DEFINE(DISABLE_PUTUTXLINE) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_PUTUTXLINE)
+ fi
+ ]
)
AC_ARG_WITH(lastlog,
[ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
if test ! -z "$blibpath" ; then
- LDFLAGS="$LDFLAGS -blibpath:$blibpath"
- AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile])
+ LDFLAGS="$LDFLAGS $blibflags$blibpath"
+ AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
fi
dnl remove pam and dl because they are in $LIBPAM
echo " Manual pages: $F"
echo " PID file: $G"
echo " Privilege separation chroot path: $H"
-if test "$USES_LOGIN_CONF" = "yes" ; then
-echo " At runtime, sshd will use the path defined in /etc/login.conf"
+if test "x$external_path_file" = "x/etc/login.conf" ; then
+echo " At runtime, sshd will use the path defined in $external_path_file"
+echo " Make sure the path to scp is present, otherwise scp will not work"
else
echo " sshd default user PATH: $I"
+ if test ! -z "$external_path_file"; then
+echo " (If PATH is set in $external_path_file it will be used instead. If"
+echo " used, ensure the path to scp is present, otherwise scp will not work.)"
+ fi
fi
if test ! -z "$superuser_path" ; then
echo " sshd superuser user PATH: $J"
fi
echo " Manpage format: $MANTYPE"
-echo " PAM support: ${PAM_MSG}"
-echo " KerberosIV support: $KRB4_MSG"
+echo " DNS support: $DNS_MSG"
+echo " PAM support: $PAM_MSG"
echo " KerberosV support: $KRB5_MSG"
echo " Smartcard support: $SCARD_MSG"
-echo " AFS support: $AFS_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wrappers support: $TCPW_MSG"
echo " MD5 password support: $MD5_MSG"
echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
-echo " Use IPv4 by default hack: $IPV4_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
echo " Random number source: $RAND_MSG"
if test "x$PAM_MSG" = "xyes" ; then
echo "PAM is enabled. You may need to install a PAM control file "
echo "for sshd, otherwise password authentication may fail. "
- echo "Example PAM control files can be found in the contrib/ "
+ echo "Example PAM control files can be found in the contrib/ "
echo "subdirectory"
echo ""
fi
-if test ! -z "$NO_SFTP"; then
- echo "sftp-server will be disabled. Your compiler does not "
- echo "support 64bit integers."
- echo ""
-fi
-
if test ! -z "$RAND_HELPER_CMDHASH" ; then
echo "WARNING: you are using the builtin random number collection "
echo "service. Please read WARNING.RNG and request that your OS "