+AC_CHECK_FUNC(getpagesize,
+ [AC_DEFINE(HAVE_GETPAGESIZE)],
+ [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
+)
+
+AC_ARG_WITH(pam,
+ [ --without-pam Disable PAM support ],
+ [
+ if test "x$withval" = "xno" ; then
+ no_pam=1
+ AC_DEFINE(DISABLE_PAM)
+ fi
+ ]
+)
+if test -z "$no_pam" -a "x$ac_cv_header_security_pam_appl_h" = "xyes" ; then
+ AC_CHECK_LIB(dl, dlopen, , )
+ LIBS="$LIBS -lpam"
+
+ AC_CHECK_FUNCS(pam_getenvlist)
+
+ # Check PAM strerror arguments (old PAM)
+ AC_MSG_CHECKING([whether pam_strerror takes only one argument])
+ AC_TRY_COMPILE(
+ [
+#include <stdlib.h>
+#include <security/pam_appl.h>
+ ],
+ [(void)pam_strerror((pam_handle_t *)NULL, -1);],
+ [AC_MSG_RESULT(no)],
+ [
+ AC_DEFINE(HAVE_OLD_PAM)
+ AC_MSG_RESULT(yes)
+ ]
+ )
+fi
+
+# The big search for OpenSSL
+AC_ARG_WITH(ssl-dir,
+ [ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
+ [
+ if test "x$withval" != "$xno" ; then
+ tryssldir=$withval
+ fi
+ ]
+)
+
+saved_LIBS="$LIBS"
+saved_LDFLAGS="$LDFLAGS"
+saved_CFLAGS="$CFLAGS"
+if test "x$prefix" != "xNONE" ; then
+ tryssldir="$tryssldir $prefix"
+fi
+AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
+
+ for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
+ if test ! -z "$ssldir" ; then
+ LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
+ CFLAGS="$saved_CFLAGS -I$ssldir/include"
+ if test ! -z "$need_dash_r" ; then
+ LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
+ fi
+ else
+ LDFLAGS="$saved_LDFLAGS"
+ fi
+
+ LIBS="$saved_LIBS -lcrypto"
+
+ # Basic test to check for compatible version and correct linking
+ # *does not* test for RSA - that comes later.
+ AC_TRY_RUN(
+ [
+#include <string.h>
+#include <openssl/rand.h>
+int main(void)
+{
+ char a[2048];
+ memset(a, 0, sizeof(a));
+ RAND_add(a, sizeof(a), sizeof(a));
+ return(RAND_status() <= 0);
+}
+ ],
+ [
+ found_crypto=1
+ break;
+ ], []
+ )
+
+ if test ! -z "$found_crypto" ; then
+ break;
+ fi
+ done
+
+ if test -z "$found_crypto" ; then
+ AC_MSG_ERROR([Could not find working SSLeay / OpenSSL libraries, please install])
+ fi
+ if test -z "$ssldir" ; then
+ ssldir="(system)"
+ fi
+
+ ac_cv_openssldir=$ssldir
+])
+
+if test ! -z "$ac_cv_openssldir" -a ! "x$ac_cv_openssldir" = "x(system)" ; then
+ AC_DEFINE(HAVE_OPENSSL)
+ dnl Need to recover ssldir - test above runs in subshell
+ ssldir=$ac_cv_openssldir
+ CFLAGS="$saved_CFLAGS -I$ssldir/include"
+ LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
+ if test ! -z "$need_dash_r" ; then
+ LDFLAGS="$LDFLAGS -R$ssldir/lib -R$ssldir"
+ fi
+ if test ! -z "$blibpath" ; then
+ blibpath="$blibpath:$ssldir:$ssldir/lib"
+ fi
+fi
+LIBS="$saved_LIBS -lcrypto"
+
+# Now test RSA support
+saved_LIBS="$LIBS"
+AC_MSG_CHECKING([for RSA support])
+for WANTS_RSAREF in "" 1 ; do
+ if test -z "$WANTS_RSAREF" ; then
+ LIBS="$saved_LIBS"
+ else
+ LIBS="$saved_LIBS -lRSAglue -lrsaref"
+ fi
+ AC_TRY_RUN([
+#include <string.h>
+#include <openssl/rand.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#include <openssl/sha.h>
+int main(void)
+{
+ int num; RSA *key; static unsigned char p_in[] = "blahblah";
+ unsigned char c[256], p[256];
+ memset(c, 0, sizeof(c)); RAND_add(c, sizeof(c), sizeof(c));
+ if ((key=RSA_generate_key(512, 3, NULL, NULL))==NULL) return(1);
+ num = RSA_public_encrypt(sizeof(p_in) - 1, p_in, c, key, RSA_PKCS1_PADDING);
+ return(-1 == RSA_private_decrypt(num, c, p, key, RSA_PKCS1_PADDING));
+}
+ ],
+ [
+ rsa_works=1
+ break;
+ ], [])
+done
+
+if test ! -z "$no_rsa" ; then
+ AC_MSG_RESULT(disabled)
+else
+ if test -z "$rsa_works" ; then
+ AC_MSG_WARN([*** No RSA support found *** ])
+ else
+ if test -z "$WANTS_RSAREF" ; then
+ AC_MSG_RESULT(yes)
+ else
+ AC_MSG_RESULT(using RSAref)
+ LIBS="$saved_LIBS -lcrypto -lRSAglue -lrsaref"
+ fi
+ fi
+fi
+
+# Checks for data types