X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/12928e80f843efe91b9c9daa5d34fbe7cde7bf08..40fa7a168a658528f52e1e142594f2882da61679:/configure.ac

diff --git a/configure.ac b/configure.ac
index cbbb553d..eefa7424 100644
--- a/configure.ac
+++ b/configure.ac
@@ -21,6 +21,7 @@ AC_PATH_PROGS(FILEPRIV, filepriv, true, /sbin:/usr/sbin)
 AC_PATH_PROG(TEST_MINUS_S_SH, bash)
 AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
 AC_PATH_PROG(TEST_MINUS_S_SH, sh)
+AC_PATH_PROG(SH, sh)
 
 # System features
 AC_SYS_LARGEFILE
@@ -57,10 +58,22 @@ case "$host" in
 	CPPFLAGS="$CPPFLAGS -I/usr/local/include"
 	LDFLAGS="$LDFLAGS -L/usr/local/lib"
 	if (test "$LD" != "gcc" && test -z "$blibpath"); then
-		blibpath="/usr/lib:/lib:/usr/local/lib"
+		AC_MSG_CHECKING([if linkage editor ($LD) accepts -blibpath])
+		saved_LDFLAGS="$LDFLAGS"
+		LDFLAGS="$LDFLAGS -blibpath:/usr/lib:/lib:/usr/local/lib"
+		AC_TRY_LINK([],
+			[],
+			[
+				AC_MSG_RESULT(yes)
+				blibpath="/usr/lib:/lib:/usr/local/lib"
+			],
+			[ AC_MSG_RESULT(no) ]
+		)
+		LDFLAGS="$saved_LDFLAGS"
 	fi
 	AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)])
 	AC_DEFINE(BROKEN_GETADDRINFO)
+	AC_DEFINE(BROKEN_REALPATH)
 	dnl AIX handles lastlog as part of its login message
 	AC_DEFINE(DISABLE_LASTLOG)
 	;;
@@ -79,6 +92,22 @@ case "$host" in
 *-*-darwin*)
 	AC_DEFINE(BROKEN_GETADDRINFO)
 	;;
+*-*-hpux10.26)
+	if test -z "$GCC"; then
+		CFLAGS="$CFLAGS -Ae"
+	fi
+	CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
+	IPADDR_IN_DISPLAY=yes
+	AC_DEFINE(HAVE_SECUREWARE)
+	AC_DEFINE(USE_PIPES)
+	AC_DEFINE(LOGIN_NO_ENDOPT)
+	AC_DEFINE(LOGIN_NEEDS_UTMPX)
+	AC_DEFINE(DISABLE_SHADOW)
+	AC_DEFINE(DISABLE_UTMP)
+	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
+	LIBS="$LIBS -lxnet -lsec -lsecpw"
+	disable_ptmx_check=yes
+	;;
 *-*-hpux10*)
 	if test -z "$GCC"; then
 		CFLAGS="$CFLAGS -Ae"
@@ -86,6 +115,8 @@ case "$host" in
 	CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
 	IPADDR_IN_DISPLAY=yes
 	AC_DEFINE(USE_PIPES)
+	AC_DEFINE(LOGIN_NO_ENDOPT)
+	AC_DEFINE(LOGIN_NEEDS_UTMPX)
 	AC_DEFINE(DISABLE_SHADOW)
 	AC_DEFINE(DISABLE_UTMP)
 	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
@@ -96,6 +127,8 @@ case "$host" in
 	IPADDR_IN_DISPLAY=yes
 	AC_DEFINE(PAM_SUN_CODEBASE)
 	AC_DEFINE(USE_PIPES)
+	AC_DEFINE(LOGIN_NO_ENDOPT)
+	AC_DEFINE(LOGIN_NEEDS_UTMPX)
 	AC_DEFINE(DISABLE_SHADOW)
 	AC_DEFINE(DISABLE_UTMP)
 	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
@@ -106,6 +139,7 @@ case "$host" in
 	LDFLAGS="$LDFLAGS"
 	PATH="$PATH:/usr/etc"
 	AC_DEFINE(BROKEN_INET_NTOA)
+	AC_DEFINE(WITH_ABBREV_NO_TTY)
 	;;
 *-*-irix6*)
 	CPPFLAGS="$CPPFLAGS -I/usr/local/include"
@@ -116,6 +150,7 @@ case "$host" in
 	AC_DEFINE(WITH_IRIX_AUDIT)
 	AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)])
 	AC_DEFINE(BROKEN_INET_NTOA)
+	AC_DEFINE(WITH_ABBREV_NO_TTY)
 	;;
 *-*-linux*)
 	no_dev_ptmx=1
@@ -217,7 +252,7 @@ mips-sony-bsd|mips-sony-newsos4)
 	no_dev_ptmx=1
 	AC_DEFINE(BROKEN_SYS_TERMIO_H)
 	AC_DEFINE(USE_PIPES)
-	AC_DEFINE(HAVE_SCO_PROTECTED_PW)
+	AC_DEFINE(HAVE_SECUREWARE)
 	AC_DEFINE(DISABLE_SHADOW)
 	AC_DEFINE(BROKEN_SAVED_UIDS)
 	AC_CHECK_FUNCS(getluid setluid)
@@ -231,7 +266,7 @@ mips-sony-bsd|mips-sony-newsos4)
 	no_dev_ptmx=1
 	rsh_path="/usr/bin/rcmd"
 	AC_DEFINE(USE_PIPES)
-	AC_DEFINE(HAVE_SCO_PROTECTED_PW)
+	AC_DEFINE(HAVE_SECUREWARE)
 	AC_DEFINE(DISABLE_SHADOW)
 	AC_CHECK_FUNCS(getluid setluid)
 	MANTYPE=man
@@ -534,11 +569,11 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
 	getaddrinfo getcwd getgrouplist getnameinfo getopt \
 	getrlimit getrusage getttyent glob inet_aton inet_ntoa \
 	inet_ntop innetgr login_getcapbool md5_crypt memmove \
-	mkdtemp mmap openpty readpassphrase realpath \
-	rresvport_af setdtablesize setegid setenv seteuid \
-	setlogin setproctitle setresgid setreuid setrlimit \
+	mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \
+	realpath recvmsg rresvport_af sendmsg setdtablesize setegid \
+	setenv seteuid setlogin setproctitle setresgid setreuid setrlimit \
 	setsid setvbuf sigaction sigvec snprintf socketpair strerror \
-	strlcat strlcpy strmode strsep sysconf tcgetpgrp utimes \
+	strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate utimes \
 	vhangup vsnprintf waitpid __b64_ntop _getpty)
 
 dnl IRIX and Solaris 2.5.1 have dirname() in libgen
@@ -668,169 +703,52 @@ if test "x$PAM_MSG" = "xyes" ; then
 	)
 fi
 
-# The big search for OpenSSL
+# Search for OpenSSL
+saved_CPPFLAGS="$CPPFLAGS"
+saved_LDFLAGS="$LDFLAGS"
 AC_ARG_WITH(ssl-dir,
 	[  --with-ssl-dir=PATH     Specify path to OpenSSL installation ],
 	[
 		if test "x$withval" != "xno" ; then
-			tryssldir=$withval
-		fi
-	]
-)
-
-saved_LIBS="$LIBS"
-saved_LDFLAGS="$LDFLAGS"
-saved_CPPFLAGS="$CPPFLAGS"
-if test "x$prefix" != "xNONE" ; then
-	tryssldir="$tryssldir $prefix"
-fi
-AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
-	for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
-		CPPFLAGS="$saved_CPPFLAGS"
-		LDFLAGS="$saved_LDFLAGS"
-		LIBS="$saved_LIBS -lcrypto"
-		
-		# Skip directories if they don't exist
-		if test ! -z "$ssldir" -a ! -d "$ssldir" ; then
-			continue;
-		fi
-		if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
-			# Try to use $ssldir/lib if it exists, otherwise 
-			# $ssldir
-			if test -d "$ssldir/lib" ; then
-				LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
-				if test ! -z "$need_dash_r" ; then
-					LDFLAGS="-R$ssldir/lib $LDFLAGS"
+			if test -d "$withval/lib"; then
+				if test -n "${need_dash_r}"; then
+					LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
+				else
+					LDFLAGS="-L${withval}/lib ${LDFLAGS}"
 				fi
 			else
-				LDFLAGS="-L$ssldir $saved_LDFLAGS"
-				if test ! -z "$need_dash_r" ; then
-					LDFLAGS="-R$ssldir $LDFLAGS"
+				if test -n "${need_dash_r}"; then
+					LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
+				else
+					LDFLAGS="-L${withval} ${LDFLAGS}"
 				fi
 			fi
-			# Try to use $ssldir/include if it exists, otherwise 
-			# $ssldir
-			if test -d "$ssldir/include" ; then
-				CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
+			if test -d "$withval/include"; then
+				CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
 			else
-				CPPFLAGS="-I$ssldir $saved_CPPFLAGS"
+				CPPFLAGS="-I${withval} ${CPPFLAGS}"
 			fi
 		fi
-
-		# Basic test to check for compatible version and correct linking
-		# *does not* test for RSA - that comes later.
-		AC_TRY_RUN(
-			[
-#include <string.h>
-#include <openssl/rand.h>
-int main(void) 
-{
-	char a[2048];
-	memset(a, 0, sizeof(a));
-	RAND_add(a, sizeof(a), sizeof(a));
-	return(RAND_status() <= 0);
-}
-			],
-			[
-				found_crypto=1
-				break;
-			], []
-		)
-
-		if test ! -z "$found_crypto" ; then
-			break;
-		fi
-	done
-
-	if test -z "$found_crypto" ; then
-		AC_MSG_ERROR([Could not find working OpenSSL library, please install or check config.log])	
-	fi
-	if test -z "$ssldir" ; then
-		ssldir="(system)"
-	fi
-
-	ac_cv_openssldir=$ssldir
-])
-
-if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ; then
-	AC_DEFINE(HAVE_OPENSSL)
-	dnl Need to recover ssldir - test above runs in subshell
-	ssldir=$ac_cv_openssldir
-	if test ! -z "$ssldir" -a "x$ssldir" != "x/usr"; then
-		# Try to use $ssldir/lib if it exists, otherwise 
-		# $ssldir
-		if test -d "$ssldir/lib" ; then
-			LDFLAGS="-L$ssldir/lib $saved_LDFLAGS"
-			if test ! -z "$need_dash_r" ; then
-				LDFLAGS="-R$ssldir/lib $LDFLAGS"
-			fi
-		else
-			LDFLAGS="-L$ssldir $saved_LDFLAGS"
-			if test ! -z "$need_dash_r" ; then
-				LDFLAGS="-R$ssldir $LDFLAGS"
-			fi
-		fi
-		# Try to use $ssldir/include if it exists, otherwise 
-		# $ssldir
-		if test -d "$ssldir/include" ; then
-			CPPFLAGS="-I$ssldir/include $saved_CPPFLAGS"
-		else
-			CPPFLAGS="-I$ssldir $saved_CPPFLAGS"
-		fi
-	fi
-fi
-LIBS="$saved_LIBS -lcrypto"
-
-# Now test RSA support
-saved_LIBS="$LIBS"
-AC_MSG_CHECKING([for RSA support])
-for WANTS_RSAREF in "" 1 ; do
-	if test -z "$WANTS_RSAREF" ; then
-		LIBS="$saved_LIBS"
-	else
-		LIBS="$saved_LIBS -lRSAglue -lrsaref"
-	fi
-	AC_TRY_RUN([
-#include <string.h>
-#include <openssl/rand.h>
-#include <openssl/rsa.h>
-#include <openssl/bn.h>
-#include <openssl/sha.h>
-int main(void) 
-{
-	int num; RSA *key; static unsigned char p_in[] = "blahblah";
-	unsigned char c[256], p[256];
-	memset(c, 0, sizeof(c)); RAND_add(c, sizeof(c), sizeof(c));
-	if ((key=RSA_generate_key(512, 3, NULL, NULL))==NULL) return(1);
-	num = RSA_public_encrypt(sizeof(p_in) - 1, p_in, c, key, RSA_PKCS1_PADDING);
-	return(-1 == RSA_private_decrypt(num, c, p, key, RSA_PKCS1_PADDING));
-}
-	],
+	]
+)
+LIBS="$LIBS -lcrypto"
+AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
 	[
-		rsa_works=1
-		break;
-	], [])
-done
-LIBS="$saved_LIBS"
-
-if test ! -z "$no_rsa" ; then
-	AC_MSG_RESULT(disabled)
-	RSA_MSG="disabled"
-else
-	if test -z "$rsa_works" ; then
-		AC_MSG_WARN([*** No RSA support found *** ])
-		RSA_MSG="no"
-	else
-		if test -z "$WANTS_RSAREF" ; then
-			AC_MSG_RESULT(yes)
-			RSA_MSG="yes"
+		dnl Check default openssl install dir
+		if test -n "${need_dash_r}"; then
+			LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
 		else
-			RSA_MSG="yes (using RSAref)"
-			AC_MSG_RESULT(using RSAref)
-			LIBS="$LIBS -lcrypto -lRSAglue -lrsaref"
+			LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
 		fi
-	fi
-fi
+		CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
+		AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
+			[
+				AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
+			]
+		)
+	]
+)
+
 
 # Sanity check OpenSSL headers
 AC_MSG_CHECKING([whether OpenSSL's headers match the library])
@@ -997,7 +915,7 @@ AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
 
 ssh_privsep_user=sshd
 AC_ARG_WITH(privsep-user,
-	[  --with-privsep-user     Specify non-privileged user for privilege separation],
+	[  --with-privsep-user=user Specify non-privileged user for privilege separation],
 	[
 		if test -n "$withval"; then
 			ssh_privsep_user=$withval
@@ -1068,6 +986,11 @@ AC_CHECK_SIZEOF(int, 4)
 AC_CHECK_SIZEOF(long int, 4)
 AC_CHECK_SIZEOF(long long int, 8)
 
+# Sanity check long long for some platforms (AIX)
+if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
+	ac_cv_sizeof_long_long_int=0
+fi
+
 # More checks for data types
 AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
 	AC_TRY_COMPILE(
@@ -1719,33 +1642,22 @@ AC_ARG_WITH(sectok,
 
 # Check whether user wants OpenSC support
 AC_ARG_WITH(opensc,
-	[  --with-opensc           Enable smartcard support using OpenSC],
-	[
-		if test "x$withval" != "xno" ; then
-			if test "x$withval" != "xyes" ; then
-				CPPFLAGS="$CPPFLAGS -I${withval}"
-				LDFLAGS="$LDFLAGS -L${withval}"
-				if test ! -z "$need_dash_r" ; then
-					LDFLAGS="$LDFLAGS -R${withval}"
-				fi
-				if test ! -z "$blibpath" ; then
-					blibpath="$blibpath:${withval}"
-				fi
-			fi
-			AC_CHECK_HEADERS(opensc/pkcs15.h)
-			if test "$ac_cv_header_opensc_pkcs15_h" != yes; then
-				AC_MSG_ERROR(Can't find opensc/pkcs15.h)
-			fi
-			AC_CHECK_LIB(opensc, sc_pkcs15_bind)
-			if test "$ac_cv_lib_opensc_sc_pkcs15_bind" != yes; then
-				AC_MSG_ERROR(Can't find libopensc)
-			fi
-			AC_DEFINE(SMARTCARD)
-			AC_DEFINE(USE_OPENSC)
-			SCARD_MSG="yes, using OpenSC" 
-		fi
-	]
-)
+	AC_HELP_STRING([--with-opensc=PFX],
+		       [Enable smartcard support using OpenSC]),
+	opensc_config_prefix="$withval", opensc_config_prefix="")
+if test x$opensc_config_prefix != x ; then
+  OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config
+  AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
+  if test "$OPENSC_CONFIG" != "no"; then
+    LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
+    LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
+    CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
+    LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
+    AC_DEFINE(SMARTCARD)
+    AC_DEFINE(USE_OPENSC)
+    SCARD_MSG="yes, using OpenSC" 
+  fi
+fi
 
 # Check whether user wants Kerberos 5 support
 KRB5_MSG="no" 
@@ -1880,6 +1792,17 @@ AC_ARG_WITH(rsh,
 	]
 )
 
+PRIVSEP_PATH=/var/empty
+AC_ARG_WITH(privsep-path,
+	[  --with-privsep-path=xxx Path for privilege seperation chroot ],
+	[
+		if test "x$withval" != "$no" ; then
+			PRIVSEP_PATH=$withval
+		fi
+	]
+)
+AC_SUBST(PRIVSEP_PATH)
+
 AC_ARG_WITH(xauth,
 	[  --with-xauth=PATH       Specify path to xauth program ],
 	[
@@ -1914,12 +1837,14 @@ if test ! -z "$MAIL" ; then
 fi
 
 if test -z "$no_dev_ptmx" ; then
-	AC_CHECK_FILE("/dev/ptmx", 
-		[
-			AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
-			have_dev_ptmx=1
-		]
-	)
+	if test "x$disable_ptmx_check" != "xyes" ; then
+		AC_CHECK_FILE("/dev/ptmx", 
+			[
+				AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX)
+				have_dev_ptmx=1
+			]
+		)
+	fi
 fi
 AC_CHECK_FILE("/dev/ptc", 
 	[
@@ -2019,17 +1944,28 @@ else
 	)
 fi
 
+dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
+if test $ac_cv_func_login_getcapbool = "yes" -a \
+	$ac_cv_header_login_cap_h = "yes" ; then
+	USES_LOGIN_CONF=yes
+fi
 # Whether to mess with the default path
 SERVER_PATH_MSG="(default)" 
 AC_ARG_WITH(default-path,
 	[  --with-default-path=PATH Specify default \$PATH environment for server],
 	[
-		if test "x$withval" != "xno" ; then	
+		if test "$USES_LOGIN_CONF" = "yes" ; then
+			AC_MSG_WARN([
+--with-default-path=PATH has no effect on this system.
+Edit /etc/login.conf instead.])
+		elif test "x$withval" != "xno" ; then	
 			user_path="$withval"
 			SERVER_PATH_MSG="$withval" 
 		fi
 	],
-	[
+	[ if test "$USES_LOGIN_CONF" = "yes" ; then
+	AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
+	else
 	AC_TRY_RUN(
 		[
 /* find out what STDPATH is */
@@ -2079,10 +2015,25 @@ main()
 				AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
 			fi
 		fi
+	fi ]
+)
+if test "$USES_LOGIN_CONF" != "yes" ; then
+	AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
+	AC_SUBST(user_path)
+fi
+
+# Set superuser path separately to user path
+MD5_MSG="no" 
+AC_ARG_WITH(superuser-path,
+	[  --with-superuser-path=  Specify different path for super-user],
+	[
+		if test "x$withval" != "xno" ; then
+			AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval")
+			superuser_path=$withval
+		fi
 	]
 )
-AC_DEFINE_UNQUOTED(USER_PATH, "$user_path")
-AC_SUBST(user_path)
+
 
 # Whether to force IPv4 by default (needed on broken glibc Linux)
 IPV4_HACK_MSG="no" 
@@ -2423,33 +2374,43 @@ D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
 E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
 F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
 G=`eval echo ${piddir}` ; G=`eval echo ${G}`
-H=`eval echo ${user_path}` ; H=`eval echo ${H}`
+H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
+I=`eval echo ${user_path}` ; I=`eval echo ${I}`
+J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
 
 echo ""
 echo "OpenSSH has been configured with the following options:"
-echo "                 User binaries: $B"
-echo "               System binaries: $C"
-echo "           Configuration files: $D"
-echo "               Askpass program: $E"
-echo "                  Manual pages: $F"
-echo "                      PID file: $G"
-echo "        sshd default user PATH: $H"
-echo "                Manpage format: $MANTYPE"
-echo "                   PAM support: ${PAM_MSG}"
-echo "            KerberosIV support: $KRB4_MSG"
-echo "             KerberosV support: $KRB5_MSG"
-echo "             Smartcard support: $SCARD_MSG"
-echo "                   AFS support: $AFS_MSG"
-echo "                 S/KEY support: $SKEY_MSG"
-echo "          TCP Wrappers support: $TCPW_MSG"
-echo "          MD5 password support: $MD5_MSG"
-echo "   IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
-echo "      Use IPv4 by default hack: $IPV4_HACK_MSG"
-echo "       Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
-echo "              BSD Auth support: $BSD_AUTH_MSG"
-echo "          Random number source: $RAND_MSG"
+echo "                     User binaries: $B"
+echo "                   System binaries: $C"
+echo "               Configuration files: $D"
+echo "                   Askpass program: $E"
+echo "                      Manual pages: $F"
+echo "                          PID file: $G"
+echo "  Privilege separation chroot path: $H"
+if test "$USES_LOGIN_CONF" = "yes" ; then
+echo "   At runtime, sshd will use the path defined in /etc/login.conf"
+else
+echo "            sshd default user PATH: $I"
+fi
+if test ! -z "$superuser_path" ; then
+echo "          sshd superuser user PATH: $J"
+fi
+echo "                    Manpage format: $MANTYPE"
+echo "                       PAM support: ${PAM_MSG}"
+echo "                KerberosIV support: $KRB4_MSG"
+echo "                 KerberosV support: $KRB5_MSG"
+echo "                 Smartcard support: $SCARD_MSG"
+echo "                       AFS support: $AFS_MSG"
+echo "                     S/KEY support: $SKEY_MSG"
+echo "              TCP Wrappers support: $TCPW_MSG"
+echo "              MD5 password support: $MD5_MSG"
+echo "      IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
+echo "          Use IPv4 by default hack: $IPV4_HACK_MSG"
+echo "           Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
+echo "                  BSD Auth support: $BSD_AUTH_MSG"
+echo "              Random number source: $RAND_MSG"
 if test ! -z "$USE_RAND_HELPER" ; then
-	echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
+echo "     ssh-rand-helper collects from: $RAND_HELPER_MSG"
 fi
 
 echo ""