X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/137d7b6c0a85a7310157db30a462ad51abb0a28d..48e7916f513cb6fa03b5997ce57646b7b9a631da:/configure.in diff --git a/configure.in b/configure.in index f048b000..90e75bef 100644 --- a/configure.in +++ b/configure.in @@ -13,6 +13,18 @@ AC_PATH_PROG(PERL, perl) AC_SUBST(PERL) AC_PATH_PROG(ENT, ent) AC_SUBST(ENT) +AC_PATH_PROGS(FILEPRIV, filepriv, true, /sbin:/usr/sbin) + +# Use LOGIN_PROGRAM from environment if possible +if test ! -z "$LOGIN_PROGRAM" ; then + AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM") +else + # Search for login + AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) + if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then + AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") + fi +fi if test -z "$LD" ; then LD=$CC @@ -25,6 +37,8 @@ if test "$GCC" = "yes"; then CFLAGS="$CFLAGS -Wall" fi +CFLAGS="$CFLAGS -I. -I${srcdir-.}" + # Check for some target-specific stuff case "$host" in *-*-aix*) @@ -43,48 +57,47 @@ case "$host" in MANTYPE='$(CATMAN)' mansubdir=cat ;; +*-*-cygwin*) + LIBS="$LIBS -lregex /usr/lib/textmode.o" + AC_DEFINE(HAVE_CYGWIN) + AC_DEFINE(DISABLE_PAM) + AC_DEFINE(DISABLE_SHADOW) + AC_DEFINE(IPV4_DEFAULT) + AC_DEFINE(IP_TOS_IS_BROKEN) + AC_DEFINE(BROKEN_VHANGUP) + no_pam=1 + no_libsocket=1 + no_libnsl=1 + ;; *-*-hpux10*) if test -z "$GCC"; then CFLAGS="$CFLAGS -Ae" fi CFLAGS="$CFLAGS -D_HPUX_SOURCE" - AC_DEFINE(IPADDR_IN_DISPLAY) + IPADDR_IN_DISPLAY=yes AC_DEFINE(USE_PIPES) - AC_MSG_CHECKING(for HPUX trusted system password database) - if test -f /tcb/files/auth/system/default; then - AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW) - LIBS="$LIBS -lsec" - AC_MSG_WARN([This configuration is untested]) - else - AC_MSG_RESULT(no) - AC_DEFINE(DISABLE_SHADOW) - fi + AC_DEFINE(DISABLE_SHADOW) + AC_DEFINE(DISABLE_UTMP) + AC_DEFINE(SPT_TYPE,SPT_PSTAT) + LIBS="$LIBS -lsec" MANTYPE='$(CATMAN)' mansubdir=cat ;; *-*-hpux11*) - if test -z "$GCC"; then - CFLAGS="$CFLAGS -Ae" - fi CFLAGS="$CFLAGS -D_HPUX_SOURCE" - AC_DEFINE(IPADDR_IN_DISPLAY) - AC_MSG_CHECKING(for HPUX trusted system password database) - if test -f /tcb/files/auth/system/default; then - AC_MSG_RESULT(yes) - AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW) - LIBS="$LIBS -lsec" - AC_MSG_WARN([This configuration is untested]) - else - AC_MSG_RESULT(no) - AC_DEFINE(DISABLE_SHADOW) - fi + IPADDR_IN_DISPLAY=yes + AC_DEFINE(USE_PIPES) + AC_DEFINE(DISABLE_SHADOW) + AC_DEFINE(DISABLE_UTMP) + AC_DEFINE(SPT_TYPE,SPT_PSTAT) + LIBS="$LIBS -lsec" MANTYPE='$(CATMAN)' mansubdir=cat ;; *-*-irix5*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS" + PATH="$PATH:/usr/etc" MANTYPE='$(CATMAN)' no_libsocket=1 no_libnsl=1 @@ -93,6 +106,7 @@ case "$host" in *-*-irix6*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS" + PATH="$PATH:/usr/etc" MANTYPE='$(CATMAN)' AC_DEFINE(WITH_IRIX_ARRAY) AC_DEFINE(WITH_IRIX_PROJECT) @@ -107,19 +121,24 @@ case "$host" in AC_DEFINE(PAM_TTY_KLUDGE) inet6_default_4in6=yes ;; +mips-sony-bsd|mips-sony-newsos4) + AC_DEFINE(HAVE_NEWS4) + SONY=1 + AC_CHECK_LIB(iberty, xatexit, AC_DEFINE(HAVE_XATEXIT), + AC_MSG_ERROR([*** libiberty missing - please install first ***]) + ) + ;; *-*-netbsd*) need_dash_r=1 ;; *-next-*) - # hardwire lastlog location (can't detect it on some versions) conf_lastlog_location="/usr/adm/lastlog" - conf_utmp_location=/etc/utmp + conf_utmp_location=/etc/utmp + conf_wtmp_location=/usr/adm/wtmp + MAIL=/usr/spool/mail AC_DEFINE(HAVE_NEXT) + AC_DEFINE(BROKEN_REALPATH) CFLAGS="$CFLAGS -I/usr/local/include" - MAIL=/usr/spool/mail - AC_MSG_WARN([*** Tested: PA-RISC/m68k Untested: Sparc/Intel]) - AC_MSG_WARN([*** Expect 'scp' to fail!]) - AC_MSG_WARN([*** Please report any problems, thanks]) ;; *-*-solaris*) CFLAGS="$CFLAGS -I/usr/local/include" @@ -155,20 +174,51 @@ case "$host" in mansubdir=cat LIBS="$LIBS -lgen -lnsl -lucb" ;; -*-*-sysv*) +*-*-sysv4.2*) + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + MANTYPE='$(CATMAN)' + mansubdir=cat + LIBS="$LIBS -lgen -lsocket -lnsl -lresolv" + enable_suid_ssh=no + ;; +*-*-sysv5*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" MANTYPE='$(CATMAN)' mansubdir=cat LIBS="$LIBS -lgen -lsocket" + enable_suid_ssh=no ;; -*-*-sco3*) +*-*-sysv*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" MANTYPE='$(CATMAN)' mansubdir=cat LIBS="$LIBS -lgen -lsocket" + ;; +*-*-sco3.2v4*) + AC_DEFINE(USE_PIPES) + CFLAGS="$CFLAGS -Dftruncate=chsize -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + MANTYPE='$(CATMAN)' + mansubdir=cat + LIBS="$LIBS -lgen -lsocket -los -lprot -lx" no_dev_ptmx=1 + RANLIB=true + AC_DEFINE(BROKEN_SYS_TERMIO_H) + rsh_path="/usr/bin/rcmd" + AC_DEFINE(HAVE_SCO_PROTECTED_PW) + ;; +*-*-sco3.2v5*) + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + MANTYPE='$(CATMAN)' + mansubdir=cat + LIBS="$LIBS -lgen -lsocket -lprot -lx" + no_dev_ptmx=1 + rsh_path="/usr/bin/rcmd" + AC_DEFINE(HAVE_SCO_PROTECTED_PW) ;; *-dec-osf*) # This is untested @@ -217,6 +267,14 @@ AC_ARG_WITH(libs, AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***])) AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil") +AC_CHECK_FUNC(regcomp, + [], + [ + AC_CHECK_LIB(pcre, pcre_info, + AC_DEFINE(HAVE_LIBPCRE) LIBS="$LIBS -lpcreposix -lpcre") + ] +) + if test -z "$no_libsocket" ; then AC_CHECK_LIB(nsl, yp_match, , ) fi @@ -225,18 +283,18 @@ if test -z "$no_libnsl" ; then fi # Checks for header files. -AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h lastlog.h limits.h login.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h) +AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h vis.h) -# Checks for library functions. -AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid sigaction sigvec snprintf strerror strlcat strlcpy strsep vsnprintf vhangup _getpty __b64_ntop) -dnl checks for time functions +dnl Checks for library functions. +AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getcwd getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty realpath rresvport_af setenv seteuid setlogin setproctitle setreuid setrlimit sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r vsnprintf vhangup vis _getpty __b64_ntop) +dnl Checks for time functions AC_CHECK_FUNCS(gettimeofday time) -dnl checks for libutil functions +dnl Checks for libutil functions AC_CHECK_FUNCS(login logout updwtmp logwtmp) -dnl checks for utmp functions +dnl Checks for utmp functions AC_CHECK_FUNCS(entutent getutent getutid getutline pututline setutent) AC_CHECK_FUNCS(utmpname) -dnl checks for utmpx functions +dnl Checks for utmpx functions AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline ) AC_CHECK_FUNCS(setutxent utmpxname) @@ -277,6 +335,8 @@ int main(void){char b[5];snprintf(b,5,"123456789");return(b[4]!='\0');} ) fi +AC_FUNC_GETPGRP + PAM_MSG="no" AC_ARG_WITH(pam, [ --without-pam Disable PAM support ], @@ -333,7 +393,7 @@ if test "x$prefix" != "xNONE" ; then fi AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [ - for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do + for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do if test ! -z "$ssldir" ; then LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir" CFLAGS="$saved_CFLAGS -I$ssldir/include" @@ -446,6 +506,11 @@ else fi fi +# Cheap hack to ensure NEWS-OS libraries are arranged right. +if test ! -z "$SONY" ; then + LIBS="$LIBS -liberty"; +fi + # Checks for data types AC_CHECK_SIZEOF(char, 1) AC_CHECK_SIZEOF(short int, 2) @@ -454,6 +519,19 @@ AC_CHECK_SIZEOF(long int, 4) AC_CHECK_SIZEOF(long long int, 8) # More checks for data types +AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ + AC_TRY_COMPILE( + [ #include ], + [ u_int a; a = 1;], + [ ac_cv_have_u_int="yes" ], + [ ac_cv_have_u_int="no" ] + ) +]) +if test "x$ac_cv_have_u_int" = "xyes" ; then + AC_DEFINE(HAVE_U_INT) + have_u_int=1 +fi + AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ AC_TRY_COMPILE( [ #include ], @@ -467,6 +545,19 @@ if test "x$ac_cv_have_intxx_t" = "xyes" ; then have_intxx_t=1 fi +AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ + AC_TRY_COMPILE( + [ #include ], + [ int64_t a; a = 1;], + [ ac_cv_have_int64_t="yes" ], + [ ac_cv_have_int64_t="no" ] + ) +]) +if test "x$ac_cv_have_int64_t" = "xyes" ; then + AC_DEFINE(HAVE_INT64_T) + have_int64_t=1 +fi + AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ AC_TRY_COMPILE( [ #include ], @@ -480,6 +571,18 @@ if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then have_u_intxx_t=1 fi +AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ + AC_TRY_COMPILE( + [ #include ], + [ u_int64_t a; a = 1;], + [ ac_cv_have_u_int64_t="yes" ], + [ ac_cv_have_u_int64_t="no" ] + ) +]) +if test "x$ac_cv_have_u_int64_t" = "xyes" ; then + AC_DEFINE(HAVE_U_INT64_T) + have_u_int64_t=1 +fi if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ test "x$ac_cv_header_sys_bitypes_h" = "xyes") @@ -570,7 +673,17 @@ AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ ], [ sa_family_t foo; foo = 1235; ], [ ac_cv_have_sa_family_t="yes" ], + [ AC_TRY_COMPILE( + [ +#include +#include +#include + ], + [ sa_family_t foo; foo = 1235; ], + [ ac_cv_have_sa_family_t="yes" ], + [ ac_cv_have_sa_family_t="no" ] + )] ) ]) if test "x$ac_cv_have_sa_family_t" = "xyes" ; then @@ -667,9 +780,7 @@ if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then AC_DEFINE(HAVE_STRUCT_ADDRINFO) fi - -# Checks for structure members - +dnl Checks for structure members OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) @@ -687,6 +798,7 @@ OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) +AC_STRUCT_ST_BLKSIZE AC_CACHE_CHECK([for sun_len field in struct sockaddr_un], ac_cv_have_sun_len_in_struct_sockaddr_un, [ @@ -736,6 +848,21 @@ if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then AC_DEFINE(HAVE___SS_FAMILY_IN_SS) fi +AC_CACHE_CHECK([for pw_class field in struct passwd], + ac_cv_have_pw_class_in_struct_passwd, [ + AC_TRY_COMPILE( + [ +#include + ], + [ struct passwd p; p.pw_class = 0; ], + [ ac_cv_have_pw_class_in_struct_passwd="yes" ], + [ ac_cv_have_pw_class_in_struct_passwd="no" ] + ) +]) +if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then + AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD) +fi + AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ AC_TRY_LINK([], @@ -794,7 +921,7 @@ AC_ARG_WITH(xauth, fi ], [ - AC_PATH_PROG(xauth_path, xauth) + AC_PATH_PROG(xauth_path, xauth,,$PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin) if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then xauth_path="/usr/openwin/bin/xauth" fi @@ -1059,16 +1186,21 @@ if test -z "$disable_shadow" ; then fi # Use ip address instead of hostname in $DISPLAY -DISPLAY_HACK_MSG="no" -AC_ARG_WITH(ipaddr-display, - [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], - [ - if test "x$withval" != "xno" ; then - AC_DEFINE(IPADDR_IN_DISPLAY) - DISPLAY_HACK_MSG="yes" - fi - ] -) +if test ! -z "$IPADDR_IN_DISPLAY" ; then + DISPLAY_HACK_MSG="yes" + AC_DEFINE(IPADDR_IN_DISPLAY) +else + DISPLAY_HACK_MSG="no" + AC_ARG_WITH(ipaddr-display, + [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], + [ + if test "x$withval" != "xno" ; then + AC_DEFINE(IPADDR_IN_DISPLAY) + DISPLAY_HACK_MSG="yes" + fi + ] + ) +fi # Whether to mess with the default path SERVER_PATH_MSG="(default)" @@ -1117,6 +1249,25 @@ AC_ARG_WITH(4in6, ] ) +AC_MSG_CHECKING(whether to install ssh as suid root) +AC_ARG_ENABLE(suid-ssh, +[ --enable-suid-ssh Install ssh as suid root (default) + --disable-suid-ssh Install ssh without suid bit], +[ case "$enableval" in + no) + AC_MSG_RESULT(no) + SSHMODE=0711 + ;; + *) AC_MSG_RESULT(yes) + SSHMODE=04711 + ;; + esac ], + AC_MSG_RESULT(yes) + SSHMODE=04711 +) +AC_SUBST(SSHMODE) + + # Where to place sshd.pid piddir=/var/run AC_ARG_WITH(pid-dir, @@ -1128,6 +1279,14 @@ AC_ARG_WITH(pid-dir, ] ) +# make sure the directory exists +if test ! -d $piddir ; then + piddir=`eval echo ${sysconfdir}` + case $piddir in + NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; + esac +fi + AC_DEFINE_UNQUOTED(PIDDIR, "$piddir") AC_SUBST(piddir) @@ -1360,6 +1519,8 @@ if test ! -z "$blibpath" ; then AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile]) fi +AC_EXEEXT + AC_OUTPUT(Makefile ssh_prng_cmds) # Print summary of options @@ -1376,6 +1537,7 @@ else RAND_MSG="EGD ($EGD_SOCKET)" else RAND_MSG="Builtin (timeout $entropy_timeout)" + BUILTIN_RNG=1 fi fi @@ -1384,13 +1546,14 @@ A=`eval echo ${prefix}` ; A=`eval echo ${A}` B=`eval echo ${bindir}` ; B=`eval echo ${B}` C=`eval echo ${sbindir}` ; C=`eval echo ${C}` D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` -E=`eval echo ${libexecdir}/ssh/ssh-askpass` ; E=`eval echo ${E}` +E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` G=`eval echo ${piddir}` ; G=`eval echo ${G}` echo "" echo "OpenSSH configured has been configured with the following options." echo " User binaries: $B" +echo " User binaries: $B" echo " System binaries: $C" echo " Configuration files: $D" echo " Askpass program: $E" @@ -1410,9 +1573,17 @@ echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" echo "" -echo "Compiler flags: ${CFLAGS}" -echo "Linker flags: ${LDFLAGS}" -echo "Libraries: ${LIBS}" +echo " Host: ${host}" +echo " Compiler: ${CC}" +echo " Compiler flags: ${CFLAGS}" +echo " Linker flags: ${LDFLAGS}" +echo " Libraries: ${LIBS}" echo "" +if test ! -z "$BUILTIN_RNG" ; then + echo "WARNING: you are using the builtin random number collection service." + echo "Please read WARNING.RNG and request that your OS vendor includes" + echo "/dev/random in future versions of their OS." + echo "" +fi