AC_C_BIGENDIAN
# Checks for programs.
+AC_PROG_AWK
AC_PROG_CPP
AC_PROG_RANLIB
AC_PROG_INSTALL
# Check for some target-specific stuff
case "$host" in
*-*-aix*)
- AFS_LIBS="-lld"
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
LDFLAGS="$LDFLAGS -L/usr/local/lib"
AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
AC_MSG_RESULT($blibflags)
fi
LDFLAGS="$saved_LDFLAGS"
+ dnl Check for authenticate. Might be in libs.a on older AIXes
AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
[AC_CHECK_LIB(s,authenticate,
[ AC_DEFINE(WITH_AIXAUTHENTICATE)
LIBS="$LIBS -ls"
])
])
+ dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
+ AC_CHECK_DECL(loginfailed,
+ [AC_MSG_CHECKING(if loginfailed takes 4 arguments)
+ AC_TRY_COMPILE(
+ [#include <usersec.h>],
+ [(void)loginfailed("user","host","tty",0);],
+ [AC_MSG_RESULT(yes)
+ AC_DEFINE(AIX_LOGINFAILED_4ARG)],
+ [AC_MSG_RESULT(no)]
+ )],
+ [],
+ [#include <usersec.h>]
+ )
+ AC_CHECK_FUNCS(setauthdb)
AC_DEFINE(BROKEN_GETADDRINFO)
AC_DEFINE(BROKEN_REALPATH)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
dnl AIX handles lastlog as part of its login message
AC_DEFINE(DISABLE_LASTLOG)
AC_DEFINE(LOGIN_NEEDS_UTMPX)
- AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_CLOBBER_ARGV)
- AC_DEFINE(SETPROCTITLE_PS_PADDING, '\0')
+ AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
;;
*-*-cygwin*)
check_for_libcrypt_later=1
AC_DEFINE(LOGIN_NEEDS_UTMPX)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
- AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_PSTAT)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*")
+ AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lsec -lsecpw"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
disable_ptmx_check=yes
AC_DEFINE(LOGIN_NEEDS_UTMPX)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
- AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_PSTAT)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*")
+ AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lsec"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
;;
AC_DEFINE(LOGIN_NEEDS_UTMPX)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
- AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_PSTAT)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*")
+ AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lsec"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
;;
PATH="$PATH:/usr/etc"
AC_DEFINE(BROKEN_INET_NTOA)
AC_DEFINE(WITH_ABBREV_NO_TTY)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
;;
*-*-irix6*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
AC_DEFINE(BROKEN_INET_NTOA)
AC_DEFINE(WITH_ABBREV_NO_TTY)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
;;
*-*-linux*)
no_dev_ptmx=1
check_for_libcrypt_later=1
+ check_for_openpty_ctty_bug=1
AC_DEFINE(DONT_TRY_OTHER_AF)
AC_DEFINE(PAM_TTY_KLUDGE)
- AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_CLOBBER_ARGV)
- AC_DEFINE(SETPROCTITLE_PS_PADDING, '\0')
+ AC_DEFINE(LOCKED_PASSWD_PREFIX, "!!")
+ AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
inet6_default_4in6=yes
- # openpty can be in libutil, needed for controlling tty test
- AC_SEARCH_LIBS(openpty, util)
- # make sure that openpty does not reacquire controlling terminal
- AC_MSG_CHECKING(if openpty correctly handles controlling tty)
- AC_TRY_RUN(
- [
-#include <stdio.h>
-#include <sys/fcntl.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-
-int
-main()
-{
- pid_t pid;
- int fd, ptyfd, ttyfd, status;
-
- pid = fork();
- if (pid < 0) { /* failed */
- exit(1);
- } else if (pid > 0) { /* parent */
- waitpid(pid, &status, 0);
- if (WIFEXITED(status))
- exit(WEXITSTATUS(status));
- else
- exit(2);
- } else { /* child */
- close(0); close(1); close(2);
- setsid();
- openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
- fd = open("/dev/tty", O_RDWR | O_NOCTTY);
- if (fd >= 0)
- exit(3); /* Acquired ctty: broken */
- else
- exit(0); /* Did not acquire ctty: OK */
- }
-}
- ],
- [
- AC_MSG_RESULT(yes)
- ],
- [
- AC_MSG_RESULT(no)
- AC_DEFINE(SSHD_ACQUIRES_CTTY)
- ]
- )
case `uname -r` in
1.*|2.0.*)
AC_DEFINE(BROKEN_CMSG_TYPE)
AC_DEFINE(LOGIN_NEEDS_UTMPX)
AC_DEFINE(LOGIN_NEEDS_TERM)
AC_DEFINE(PAM_TTY_KLUDGE)
+ AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
# Pushing STREAMS modules will cause sshd to acquire a controlling tty.
AC_DEFINE(SSHD_ACQUIRES_CTTY)
# hardwire lastlog location (can't detect it on some versions)
LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
MANTYPE=cat
;;
+*-*-unicosmp*)
+ AC_DEFINE(WITH_ABBREV_NO_TTY)
+ AC_DEFINE(USE_PIPES)
+ AC_DEFINE(DISABLE_FD_PASSING)
+ LDFLAGS="$LDFLAGS"
+ LIBS="$LIBS -lgen -lacid"
+ MANTYPE=cat
+ ;;
*-*-unicos*)
AC_DEFINE(USE_PIPES)
AC_DEFINE(DISABLE_FD_PASSING)
fi
fi
AC_DEFINE(DISABLE_FD_PASSING)
+ AC_DEFINE(BROKEN_GETADDRINFO)
+ AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
;;
*-*-nto-qnx)
]
)
+AC_MSG_CHECKING(compiler and flags for sanity)
+AC_TRY_RUN([
+#include <stdio.h>
+int main(){exit(0);}
+ ],
+ [ AC_MSG_RESULT(yes) ],
+ [
+ AC_MSG_RESULT(no)
+ AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
+ ]
+)
+
# Checks for header files.
-AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \
+AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \
getopt.h glob.h ia.h lastlog.h libgen.h limits.h login.h \
login_cap.h maillock.h netdb.h netgroup.h \
netinet/in_systm.h paths.h pty.h readpassphrase.h \
rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
- strings.h sys/strtio.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \
- sys/mman.h sys/pstat.h sys/select.h sys/stat.h \
+ strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \
+ sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \
sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \
sys/un.h time.h tmpdir.h ttyent.h usersec.h \
util.h utime.h utmp.h utmpx.h)
dnl Checks for library functions. Please keep in alphabetical order
AC_CHECK_FUNCS(\
- arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename bcopy \
- bindresvport_sa clock fchmod fchown freeaddrinfo futimes \
+ arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename \
+ bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \
gai_strerror getaddrinfo getcwd getgrouplist getnameinfo getopt \
- getpeereid _getpty getrlimit getrusage getttyent glob inet_aton \
+ getpeereid _getpty getrlimit getttyent glob inet_aton \
inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
pstat readpassphrase realpath recvmsg rresvport_af sendmsg \
setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
- setproctitle setresgid setreuid setrlimit setsid setvbuf sigaction \
- sigvec snprintf socketpair strerror strlcat strlcpy strmode strnvis \
- sysconf tcgetpgrp truncate utimes vhangup vsnprintf waitpid \
+ setproctitle setregid setresgid setresuid setreuid setrlimit \
+ setsid setvbuf sigaction sigvec snprintf socketpair strerror \
+ strlcat strlcpy strmode strnvis sysconf tcgetpgrp tcsendbreak \
+ truncate utimes vhangup vsnprintf waitpid \
)
AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME))
-dnl Make sure strsep prototype is defined before defining HAVE_STRSEP
+dnl Make sure prototypes are defined for these before using them.
AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
+AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
dnl IRIX and Solaris 2.5.1 have dirname() in libgen
AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
)
fi
+dnl make sure that openpty does not reacquire controlling terminal
+if test ! -z "$check_for_openpty_ctty_bug"; then
+ AC_MSG_CHECKING(if openpty correctly handles controlling tty)
+ AC_TRY_RUN(
+ [
+#include <stdio.h>
+#include <sys/fcntl.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+int
+main()
+{
+ pid_t pid;
+ int fd, ptyfd, ttyfd, status;
+
+ pid = fork();
+ if (pid < 0) { /* failed */
+ exit(1);
+ } else if (pid > 0) { /* parent */
+ waitpid(pid, &status, 0);
+ if (WIFEXITED(status))
+ exit(WEXITSTATUS(status));
+ else
+ exit(2);
+ } else { /* child */
+ close(0); close(1); close(2);
+ setsid();
+ openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
+ fd = open("/dev/tty", O_RDWR | O_NOCTTY);
+ if (fd >= 0)
+ exit(3); /* Acquired ctty: broken */
+ else
+ exit(0); /* Did not acquire ctty: OK */
+ }
+}
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ ],
+ [
+ AC_MSG_RESULT(no)
+ AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ ]
+ )
+fi
+
AC_FUNC_GETPGRP
# Check for PAM libs
AC_CHECK_LIB(dl, dlopen, , )
AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
AC_CHECK_FUNCS(pam_getenvlist)
+ AC_CHECK_FUNCS(pam_putenv)
disable_shadow=yes
PAM_MSG="yes"
],
[
AC_MSG_RESULT(no)
- AC_MSG_ERROR(Your OpenSSL headers do not match your library)
+ AC_MSG_ERROR([Your OpenSSL headers do not match your library.
+Check config.log for details.
+Also see contrib/findssl.sh for help identifying header/library mismatches.])
]
)
DNS_MSG="yes"
AC_DEFINE(DNS)
AC_SEARCH_LIBS(getrrsetbyname, resolv,
- [AC_DEFINE(HAVE_GETRRSETBYNAME)])
+ [AC_DEFINE(HAVE_GETRRSETBYNAME)],
+ [
+ # Needed by our getrrsetbyname()
+ AC_SEARCH_LIBS(res_query, resolv)
+ AC_SEARCH_LIBS(dn_expand, resolv)
+ AC_CHECK_FUNCS(_getshort _getlong)
+ AC_CHECK_MEMBER(HEADER.ad,
+ [AC_DEFINE(HAVE_HEADER_AD)],,
+ [#include <arpa/nameser.h>])
+ ])
fi
]
)
if test ! -z "$blibpath" ; then
blibpath="$blibpath:${KRB5ROOT}/lib"
fi
- AC_CHECK_LIB(resolv, dn_expand, , )
+ AC_SEARCH_LIBS(dn_expand, resolv)
+
+ AC_CHECK_LIB(gssapi,gss_init_sec_context,
+ [ AC_DEFINE(GSSAPI)
+ K5LIBS="-lgssapi $K5LIBS" ],
+ [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
+ [ AC_DEFINE(GSSAPI)
+ K5LIBS="-lgssapi_krb5 $K5LIBS" ],
+ AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
+ $K5LIBS)
+ ],
+ $K5LIBS)
+
+ AC_CHECK_HEADER(gssapi.h, ,
+ [ unset ac_cv_header_gssapi_h
+ CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
+ AC_CHECK_HEADERS(gssapi.h, ,
+ AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
+ )
+ ]
+ )
+
+ oldCPP="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
+ AC_CHECK_HEADER(gssapi_krb5.h, ,
+ [ CPPFLAGS="$oldCPP" ])
KRB5=yes
fi
]
)
-# Check whether user wants Kerberos 4 support
-KRB4_MSG="no"
-AC_ARG_WITH(kerberos4,
- [ --with-kerberos4=PATH Enable Kerberos 4 support],
- [
- if test "x$withval" != "xno" ; then
- if test "x$withval" != "xyes" ; then
- CPPFLAGS="$CPPFLAGS -I${withval}/include"
- LDFLAGS="$LDFLAGS -L${withval}/lib"
- if test ! -z "$need_dash_r" ; then
- LDFLAGS="$LDFLAGS -R${withval}/lib"
- fi
- if test ! -z "$blibpath" ; then
- blibpath="$blibpath:${withval}/lib"
- fi
- else
- if test -d /usr/include/kerberosIV ; then
- CPPFLAGS="$CPPFLAGS -I/usr/include/kerberosIV"
- fi
- fi
-
- AC_CHECK_HEADERS(krb.h)
- if test "$ac_cv_header_krb_h" != yes; then
- AC_MSG_WARN([Cannot find krb.h, build may fail])
- fi
- AC_CHECK_LIB(krb, main)
- if test "$ac_cv_lib_krb_main" != yes; then
- AC_CHECK_LIB(krb4, main)
- if test "$ac_cv_lib_krb4_main" != yes; then
- AC_MSG_WARN([Cannot find libkrb nor libkrb4, build may fail])
- else
- KLIBS="-lkrb4"
- fi
- else
- KLIBS="-lkrb"
- fi
- AC_CHECK_LIB(des, des_cbc_encrypt)
- if test "$ac_cv_lib_des_des_cbc_encrypt" != yes; then
- AC_CHECK_LIB(des425, des_cbc_encrypt)
- if test "$ac_cv_lib_des425_des_cbc_encrypt" != yes; then
- AC_MSG_WARN([Cannot find libdes nor libdes425, build may fail])
- else
- KLIBS="-ldes425"
- fi
- else
- KLIBS="-ldes"
- fi
- AC_CHECK_LIB(resolv, dn_expand, , )
- KRB4=yes
- KRB4_MSG="yes"
- AC_DEFINE(KRB4)
- fi
- ]
-)
-
-# Check whether user wants AFS support
-AFS_MSG="no"
-AC_ARG_WITH(afs,
- [ --with-afs=PATH Enable AFS support],
- [
- if test "x$withval" != "xno" ; then
-
- if test "x$withval" != "xyes" ; then
- CPPFLAGS="$CPPFLAGS -I${withval}/include"
- LDFLAGS="$LDFLAGS -L${withval}/lib"
- fi
-
- if test -z "$KRB4" ; then
- AC_MSG_WARN([AFS requires Kerberos IV support, build may fail])
- fi
-
- LIBS="-lkafs $LIBS"
- if test ! -z "$AFS_LIBS" ; then
- LIBS="$LIBS $AFS_LIBS"
- fi
- AC_DEFINE(AFS)
- AFS_MSG="yes"
- fi
- ]
-)
-LIBS="$LIBS $KLIBS $K5LIBS"
+LIBS="$LIBS $K5LIBS"
# Looking for programs, paths and files
dnl allow user to disable some login recording features
AC_ARG_ENABLE(lastlog,
[ --disable-lastlog disable use of lastlog even if detected [no]],
- [ AC_DEFINE(DISABLE_LASTLOG) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_LASTLOG)
+ fi
+ ]
)
AC_ARG_ENABLE(utmp,
[ --disable-utmp disable use of utmp even if detected [no]],
- [ AC_DEFINE(DISABLE_UTMP) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_UTMP)
+ fi
+ ]
)
AC_ARG_ENABLE(utmpx,
[ --disable-utmpx disable use of utmpx even if detected [no]],
- [ AC_DEFINE(DISABLE_UTMPX) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_UTMPX)
+ fi
+ ]
)
AC_ARG_ENABLE(wtmp,
[ --disable-wtmp disable use of wtmp even if detected [no]],
- [ AC_DEFINE(DISABLE_WTMP) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_WTMP)
+ fi
+ ]
)
AC_ARG_ENABLE(wtmpx,
[ --disable-wtmpx disable use of wtmpx even if detected [no]],
- [ AC_DEFINE(DISABLE_WTMPX) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_WTMPX)
+ fi
+ ]
)
AC_ARG_ENABLE(libutil,
[ --disable-libutil disable use of libutil (login() etc.) [no]],
- [ AC_DEFINE(DISABLE_LOGIN) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_LOGIN)
+ fi
+ ]
)
AC_ARG_ENABLE(pututline,
[ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
- [ AC_DEFINE(DISABLE_PUTUTLINE) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_PUTUTLINE)
+ fi
+ ]
)
AC_ARG_ENABLE(pututxline,
[ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
- [ AC_DEFINE(DISABLE_PUTUTXLINE) ]
+ [
+ if test "x$enableval" = "xno" ; then
+ AC_DEFINE(DISABLE_PUTUTXLINE)
+ fi
+ ]
)
AC_ARG_WITH(lastlog,
[ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
echo " Manpage format: $MANTYPE"
echo " DNS support: $DNS_MSG"
echo " PAM support: $PAM_MSG"
-echo " KerberosIV support: $KRB4_MSG"
echo " KerberosV support: $KRB5_MSG"
echo " Smartcard support: $SCARD_MSG"
-echo " AFS support: $AFS_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wrappers support: $TCPW_MSG"
echo " MD5 password support: $MD5_MSG"