# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
+AC_REVISION($Revision$)
AC_CONFIG_SRCDIR([ssh.c])
AC_CONFIG_HEADER(config.h)
AC_PROG_CPP
AC_PROG_RANLIB
AC_PROG_INSTALL
+AC_PROG_EGREP
AC_PATH_PROG(AR, ar)
AC_PATH_PROG(CAT, cat)
AC_PATH_PROG(KILL, kill)
AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
[/usr/sbin${PATH_SEPARATOR}/etc])
AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
+if test -x /sbin/sh; then
+ AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh)
+else
+ AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh)
+fi
# System features
AC_SYS_LARGEFILE
if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
- GCC_VER=`$CC --version`
+ GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
case $GCC_VER in
1.*) ;;
2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
2.*) ;;
- *) CFLAGS="$CFLAGS -Wsign-compare" ;;
+ 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
+ 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
+ *) ;;
esac
if test -z "$have_llong_max"; then
fi
fi
-if test -z "$have_llong_max"; then
- AC_MSG_CHECKING([for max value of long long])
- AC_RUN_IFELSE(
- [AC_LANG_SOURCE([[
-#include <stdio.h>
-/* Why is this so damn hard? */
-#ifdef __GNUC__
-# undef __GNUC__
-#endif
-#define __USE_ISOC99
-#include <limits.h>
-#define DATA "conftest.llminmax"
-int main(void) {
- FILE *f;
- long long i, llmin, llmax = 0;
-
- if((f = fopen(DATA,"w")) == NULL)
- exit(1);
-
-#if defined(LLONG_MIN) && defined(LLONG_MAX)
- fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
- llmin = LLONG_MIN;
- llmax = LLONG_MAX;
-#else
- fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
- /* This will work on one's complement and two's complement */
- for (i = 1; i > llmax; i <<= 1, i++)
- llmax = i;
- llmin = llmax + 1LL; /* wrap */
-#endif
-
- /* Sanity check */
- if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
- || llmax - 1 > llmax) {
- fprintf(f, "unknown unknown\n");
- exit(2);
- }
-
- if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
- exit(3);
-
- exit(0);
-}
- ]])],
- [
- llong_min=`$AWK '{print $1}' conftest.llminmax`
- llong_max=`$AWK '{print $2}' conftest.llminmax`
- AC_MSG_RESULT($llong_max)
- AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
- [max value of long long calculated by configure])
- AC_MSG_CHECKING([for min value of long long])
- AC_MSG_RESULT($llong_min)
- AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
- [min value of long long calculated by configure])
- ],
- [
- AC_MSG_RESULT(not found)
- ],
- [
- AC_MSG_WARN([cross compiling: not checking])
- ]
- )
-fi
-
AC_ARG_WITH(rpath,
[ --without-rpath Disable auto-added -R linker paths],
[
AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
[Define to a Set Process Title type if your system is
supported by bsd-setproctitle.c])
+ AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
+ [AIX 5.2 and 5.3 (and presumably newer) require this])
+ AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd])
;;
*-*-cygwin*)
check_for_libcrypt_later=1
AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
[Define if your resolver libs need this for getrrsetbyname])
+ AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
+ AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
+ [Use tunnel device compatibility to OpenBSD])
+ AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
+ [Prepend the address family to IP tunnel traffic])
;;
*-*-hpux*)
# first we define all of the options common to all HP-UX releases
[Define if cmsg_type is not passed correctly])
;;
esac
+ # tun(4) forwarding compat code
+ AC_CHECK_HEADERS(linux/if_tun.h)
+ if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
+ AC_DEFINE(SSH_TUN_LINUX, 1,
+ [Open tunnel devices the Linux tun/tap way])
+ AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
+ [Use tunnel device compatibility to OpenBSD])
+ AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
+ [Prepend the address family to IP tunnel traffic])
+ fi
;;
mips-sony-bsd|mips-sony-newsos4)
- AC_DEFINE(NEED_SETPRGP, 1, [Need setpgrp to acquire controlling tty])
+ AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
SONY=1
;;
*-*-netbsd*)
if test "x$withval" != "xno" ; then
need_dash_r=1
fi
+ AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
+ AC_CHECK_HEADER([net/if_tap.h], ,
+ AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
+ AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
+ [Prepend the address family to IP tunnel traffic])
;;
*-*-freebsd*)
check_for_libcrypt_later=1
AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
+ AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
+ AC_CHECK_HEADER([net/if_tap.h], ,
+ AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
;;
*-*-bsdi*)
AC_DEFINE(SETEUID_BREAKS_SETUID)
*-*-openbsd*)
AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
+ AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
;;
*-*-solaris*)
if test "x$withval" != "xno" ; then
AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
[Define if sshd somehow reacquires a controlling TTY
after setsid()])
+ AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd
+ in case the name is longer than 8 chars])
external_path_file=/etc/default/login
# hardwire lastlog location (can't detect it on some versions)
conf_lastlog_location="/var/adm/lastlog"
*-sni-sysv*)
# /usr/ucblib MUST NOT be searched on ReliantUNIX
AC_CHECK_LIB(dl, dlsym, ,)
- # -lresolv needs to be at then end of LIBS or DNS lookups break
- AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ])
+ # -lresolv needs to be at the end of LIBS or DNS lookups break
+ AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
IPADDR_IN_DISPLAY=yes
AC_DEFINE(USE_PIPES)
AC_DEFINE(IP_TOS_IS_BROKEN)
;;
# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
*-*-sysv4.2*)
+ CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
AC_DEFINE(USE_PIPES)
AC_DEFINE(SETEUID_BREAKS_SETUID)
AC_DEFINE(BROKEN_SETREUID)
AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
;;
# UnixWare 7.x, OpenUNIX 8
*-*-sysv5*)
AC_DEFINE(BROKEN_LIBIAF, 1,
[ia_uinfo routines not supported by OS yet])
;;
+ *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
+ ;;
esac
;;
*-*-sysv*)
AC_DEFINE(BROKEN_SETREGID)
;;
-*-*-nto-qnx)
+*-*-nto-qnx*)
AC_DEFINE(USE_PIPES)
AC_DEFINE(NO_X11_UNIX_SOCKETS)
AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
+ AC_DEFINE(DISABLE_LASTLOG)
+ AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ enable_etc_default_login=no # has incompatible /etc/default/login
;;
*-*-ultrix*)
AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
- AC_DEFINE(NEED_SETPRGP)
+ AC_DEFINE(NEED_SETPGRP)
AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
;;
AC_CHECK_HEADERS( \
bstring.h \
crypt.h \
+ crypto/sha2.h \
dirent.h \
endian.h \
features.h \
glob.h \
ia.h \
iaf.h \
- lastlog.h \
limits.h \
login.h \
- login_cap.h \
maillock.h \
ndir.h \
+ net/if_tun.h \
netdb.h \
netgroup.h \
- netinet/in_systm.h \
pam/pam_appl.h \
paths.h \
pty.h \
readpassphrase.h \
rpc/types.h \
security/pam_appl.h \
+ sha2.h \
shadow.h \
stddef.h \
stdint.h \
vis.h \
)
+# lastlog.h requires sys/time.h to be included first on Solaris
+AC_CHECK_HEADERS(lastlog.h, [], [], [
+#ifdef HAVE_SYS_TIME_H
+# include <sys/time.h>
+#endif
+])
+
# sys/ptms.h requires sys/stream.h to be included first on Solaris
AC_CHECK_HEADERS(sys/ptms.h, [], [], [
#ifdef HAVE_SYS_STREAM_H
#endif
])
+# login_cap.h requires sys/types.h on NetBSD
+AC_CHECK_HEADERS(login_cap.h, [], [], [
+#include <sys/types.h>
+])
+
# Checks for libraries.
AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
ac_cv_have_broken_dirname, [
save_LIBS="$LIBS"
LIBS="$LIBS -lgen"
- AC_TRY_RUN(
- [
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
#include <libgen.h>
#include <string.h>
exit(0);
}
}
- ],
+ ]])],
+ [ ac_cv_have_broken_dirname="no" ],
+ [ ac_cv_have_broken_dirname="yes" ],
[ ac_cv_have_broken_dirname="no" ],
- [ ac_cv_have_broken_dirname="yes" ]
)
LIBS="$save_LIBS"
])
AC_CHECK_FUNC(strcasecmp,
[], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
)
-AC_CHECK_FUNC(utimes,
+AC_CHECK_FUNCS(utimes,
[], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
LIBS="$LIBS -lc89"]) ]
)
# Check for g.gl_matchc glob() extension
AC_MSG_CHECKING(for gl_matchc field in glob_t)
-AC_EGREP_CPP(FOUNDIT,
- [
- #include <glob.h>
- int main(void){glob_t g; g.gl_matchc = 1;}
- ],
+AC_TRY_COMPILE(
+ [ #include <glob.h> ],
+ [glob_t g; g.gl_matchc = 1;],
[
AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
[Define if your system glob() function has
[
AC_MSG_RESULT(no)
AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
- [Define in your struct dirent expects you to
+ [Define if your struct dirent expects you to
allocate extra space for d_name])
],
[
SKEY_MSG="yes"
AC_MSG_CHECKING([for s/key support])
- AC_TRY_RUN(
- [
+ AC_LINK_IFELSE(
+ [AC_LANG_SOURCE([[
#include <stdio.h>
#include <skey.h>
int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
- ],
+ ]])],
[AC_MSG_RESULT(yes)],
[
AC_MSG_RESULT(no)
dnl Checks for library functions. Please keep in alphabetical order
AC_CHECK_FUNCS( \
arc4random \
+ asprintf \
b64_ntop \
__b64_ntop \
b64_pton \
truncate \
unsetenv \
updwtmpx \
- utimes \
+ vasprintf \
vhangup \
vsnprintf \
waitpid \
)
fi
+# If we don't have a working asprintf, then we strongly depend on vsnprintf
+# returning the right thing on overflow: the number of characters it tried to
+# create (as per SUSv3)
+if test "x$ac_cv_func_asprintf" != "xyes" && \
+ test "x$ac_cv_func_vsnprintf" = "xyes" ; then
+ AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdarg.h>
+
+int x_snprintf(char *str,size_t count,const char *fmt,...)
+{
+ size_t ret; va_list ap;
+ va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
+ return ret;
+}
+int main(void)
+{
+ char x[1];
+ exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
+} ]])],
+ [AC_MSG_RESULT(yes)],
+ [
+ AC_MSG_RESULT(no)
+ AC_DEFINE(BROKEN_SNPRINTF, 1,
+ [Define if your snprintf is busted])
+ AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
+ ],
+ [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
+ )
+fi
+
+# On systems where [v]snprintf is broken, but is declared in stdio,
+# check that the fmt argument is const char * or just char *.
+# This is only useful for when BROKEN_SNPRINTF
+AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
+AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
+ int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
+ int main(void) { snprintf(0, 0, 0); }
+ ]])],
+ [AC_MSG_RESULT(yes)
+ AC_DEFINE(SNPRINTF_CONST, [const],
+ [Define as const if snprintf() can declare const char *fmt])],
+ [AC_MSG_RESULT(no)
+ AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
+
# Check for missing getpeereid (or equiv) support
NO_PEERCHECK=""
if test "x$ac_cv_func_getpeereid" != "xyes" ; then
dnl see whether mkstemp() requires XXXXXX
if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
AC_MSG_CHECKING([for (overly) strict mkstemp])
-AC_TRY_RUN(
- [
+AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
#include <stdlib.h>
main() { char template[]="conftest.mkstemp-test";
if (mkstemp(template) == -1)
exit(1);
unlink(template); exit(0);
}
- ],
+ ]])],
[
AC_MSG_RESULT(no)
],
dnl make sure that openpty does not reacquire controlling terminal
if test ! -z "$check_for_openpty_ctty_bug"; then
AC_MSG_CHECKING(if openpty correctly handles controlling tty)
- AC_TRY_RUN(
- [
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
#include <stdio.h>
#include <sys/fcntl.h>
#include <sys/types.h>
exit(0); /* Did not acquire ctty: OK */
}
}
- ],
+ ]])],
[
AC_MSG_RESULT(yes)
],
[
AC_MSG_RESULT(no)
AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ ],
+ [
+ AC_MSG_RESULT(cross-compiling, assuming yes)
]
)
fi
if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
AC_MSG_CHECKING(if getaddrinfo seems to work)
- AC_TRY_RUN(
- [
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
#include <stdio.h>
#include <sys/socket.h>
#include <netdb.h>
}
exit(0);
}
- ],
+ ]])],
[
AC_MSG_RESULT(yes)
],
[
AC_MSG_RESULT(no)
AC_DEFINE(BROKEN_GETADDRINFO)
+ ],
+ [
+ AC_MSG_RESULT(cross-compiling, assuming yes)
]
)
fi
if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
AC_MSG_CHECKING(if getaddrinfo seems to work)
- AC_TRY_RUN(
- [
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
#include <stdio.h>
#include <sys/socket.h>
#include <netdb.h>
}
exit(0);
}
- ],
+ ]])],
[
AC_MSG_RESULT(yes)
AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
[
AC_MSG_RESULT(no)
AC_DEFINE(BROKEN_GETADDRINFO)
+ ],
+ AC_MSG_RESULT(cross-compiling, assuming no)
]
)
fi
]
)
+AC_ARG_WITH(ssl-engine,
+ [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
+ [ if test "x$withval" != "xno" ; then
+ AC_MSG_CHECKING(for OpenSSL ENGINE support)
+ AC_TRY_COMPILE(
+ [ #include <openssl/engine.h>],
+ [
+int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
+ ],
+ [ AC_MSG_RESULT(yes)
+ AC_DEFINE(USE_OPENSSL_ENGINE, 1,
+ [Enable OpenSSL engine support])
+ ],
+ [ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
+ )
+ fi ]
+)
+
+# Check for OpenSSL without EVP_aes_{192,256}_cbc
+AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
+AC_COMPILE_IFELSE(
+ [AC_LANG_SOURCE([[
+#include <string.h>
+#include <openssl/evp.h>
+int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);}
+ ]])],
+ [
+ AC_MSG_RESULT(no)
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
+ [libcrypto is missing AES 192 and 256 bit functions])
+ ]
+)
+
# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
# because the system crypt() is more featureful.
if test "x$check_for_libcrypt_before" = "x1"; then
AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
fi
+# Search for SHA256 support in libc and/or OpenSSL
+AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
+
AC_CHECK_LIB(iaf, ia_openinfo)
### Configure cryptographic random number support
LIBS="$LIBS -liberty";
fi
-# Checks for data types
+# Check for long long datatypes
+AC_CHECK_TYPES([long long, unsigned long long, long double])
+
+# Check datatype sizes
AC_CHECK_SIZEOF(char, 1)
AC_CHECK_SIZEOF(short int, 2)
AC_CHECK_SIZEOF(int, 4)
ac_cv_sizeof_long_long_int=0
fi
+# compute LLONG_MIN and LLONG_MAX if we don't know them.
+if test -z "$have_llong_max"; then
+ AC_MSG_CHECKING([for max value of long long])
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
+#include <stdio.h>
+/* Why is this so damn hard? */
+#ifdef __GNUC__
+# undef __GNUC__
+#endif
+#define __USE_ISOC99
+#include <limits.h>
+#define DATA "conftest.llminmax"
+#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
+
+/*
+ * printf in libc on some platforms (eg old Tru64) does not understand %lld so
+ * we do this the hard way.
+ */
+static int
+fprint_ll(FILE *f, long long n)
+{
+ unsigned int i;
+ int l[sizeof(long long) * 8];
+
+ if (n < 0)
+ if (fprintf(f, "-") < 0)
+ return -1;
+ for (i = 0; n != 0; i++) {
+ l[i] = my_abs(n % 10);
+ n /= 10;
+ }
+ do {
+ if (fprintf(f, "%d", l[--i]) < 0)
+ return -1;
+ } while (i != 0);
+ if (fprintf(f, " ") < 0)
+ return -1;
+ return 0;
+}
+
+int main(void) {
+ FILE *f;
+ long long i, llmin, llmax = 0;
+
+ if((f = fopen(DATA,"w")) == NULL)
+ exit(1);
+
+#if defined(LLONG_MIN) && defined(LLONG_MAX)
+ fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
+ llmin = LLONG_MIN;
+ llmax = LLONG_MAX;
+#else
+ fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
+ /* This will work on one's complement and two's complement */
+ for (i = 1; i > llmax; i <<= 1, i++)
+ llmax = i;
+ llmin = llmax + 1LL; /* wrap */
+#endif
+
+ /* Sanity check */
+ if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
+ || llmax - 1 > llmax || llmin == llmax || llmin == 0
+ || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
+ fprintf(f, "unknown unknown\n");
+ exit(2);
+ }
+
+ if (fprint_ll(f, llmin) < 0)
+ exit(3);
+ if (fprint_ll(f, llmax) < 0)
+ exit(4);
+ if (fclose(f) < 0)
+ exit(5);
+ exit(0);
+}
+ ]])],
+ [
+ llong_min=`$AWK '{print $1}' conftest.llminmax`
+ llong_max=`$AWK '{print $2}' conftest.llminmax`
+
+ AC_MSG_RESULT($llong_max)
+ AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
+ [max value of long long calculated by configure])
+ AC_MSG_CHECKING([for min value of long long])
+ AC_MSG_RESULT($llong_min)
+ AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
+ [min value of long long calculated by configure])
+ ],
+ [
+ AC_MSG_RESULT(not found)
+ ],
+ [
+ AC_MSG_WARN([cross compiling: not checking])
+ ]
+ )
+fi
+
+
# More checks for data types
AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
AC_TRY_COMPILE(
OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
AC_CHECK_MEMBERS([struct stat.st_blksize])
+AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
+ [Define if we don't have struct __res_state in resolv.h])],
+[
+#include <stdio.h>
+#if HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#include <netinet/in.h>
+#include <arpa/nameser.h>
+#include <resolv.h>
+])
AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
ac_cv_have_ss_family_in_struct_ss, [
AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
fi
+AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
+ AC_TRY_LINK(
+ [#include <stdarg.h>
+ va_list x,y;],
+ [va_copy(x,y);],
+ [ ac_cv_have_va_copy="yes" ],
+ [ ac_cv_have_va_copy="no" ]
+ )
+])
+if test "x$ac_cv_have_va_copy" = "xyes" ; then
+ AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
+fi
+
+AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
+ AC_TRY_LINK(
+ [#include <stdarg.h>
+ va_list x,y;],
+ [__va_copy(x,y);],
+ [ ac_cv_have___va_copy="yes" ],
+ [ ac_cv_have___va_copy="no" ]
+ )
+])
+if test "x$ac_cv_have___va_copy" = "xyes" ; then
+ AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
+fi
+
AC_CACHE_CHECK([whether getopt has optreset support],
ac_cv_have_getopt_optreset, [
AC_TRY_LINK(
[#include <arpa/nameser.h>])
])
+# Check whether user wants SELinux support
+SELINUX_MSG="no"
+LIBSELINUX=""
+AC_ARG_WITH(selinux,
+ [ --with-selinux Enable SELinux support],
+ [ if test "x$withval" != "xno" ; then
+ AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
+ SELINUX_MSG="yes"
+ AC_CHECK_HEADER([selinux/selinux.h], ,
+ AC_MSG_ERROR(SELinux support requires selinux.h header))
+ AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
+ AC_MSG_ERROR(SELinux support requires libselinux library))
+ AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
+ fi ]
+)
+AC_SUBST(LIBSELINUX)
+
# Check whether user wants Kerberos 5 support
KRB5_MSG="no"
AC_ARG_WITH(kerberos5,
else
etc_default_login=yes
fi ],
- [ etc_default_login=yes ]
+ [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
+ then
+ AC_MSG_WARN([cross compiling: not checking /etc/default/login])
+ etc_default_login=no
+ else
+ etc_default_login=yes
+ fi ]
)
if test "x$etc_default_login" != "xno"; then
AC_CHECK_FILE("/etc/default/login",
[ external_path_file=/etc/default/login ])
- if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
- then
- AC_MSG_WARN([cross compiling: Disabling /etc/default/login test])
- elif test "x$external_path_file" = "x/etc/default/login"; then
+ if test "x$external_path_file" = "x/etc/default/login"; then
AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
[Define if your system has /etc/default/login])
fi
If PATH is defined in $external_path_file, ensure the path to scp is included,
otherwise scp will not work.])
fi
- AC_TRY_RUN(
- [
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([[
/* find out what STDPATH is */
#include <stdio.h>
#ifdef HAVE_PATHS_H
exit(0);
}
- ], [ user_path=`cat conftest.stdpath` ],
+ ]])],
+ [ user_path=`cat conftest.stdpath` ],
[ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
[ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
)
AC_EXEEXT
AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
- scard/Makefile ssh_prng_cmds survey.sh])
+ openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh])
AC_OUTPUT
# Print summary of options
echo " Manpage format: $MANTYPE"
echo " PAM support: $PAM_MSG"
echo " KerberosV support: $KRB5_MSG"
+echo " SELinux support: $SELINUX_MSG"
echo " Smartcard support: $SCARD_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wrappers support: $TCPW_MSG"
andersk / openssh.git / blobdiff