X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/4cb5ffa044df18efaf0979353e09e9c173f2c1d0..48e7916f513cb6fa03b5997ce57646b7b9a631da:/configure.in

diff --git a/configure.in b/configure.in
index ca433e56..90e75bef 100644
--- a/configure.in
+++ b/configure.in
@@ -13,6 +13,18 @@ AC_PATH_PROG(PERL, perl)
 AC_SUBST(PERL)
 AC_PATH_PROG(ENT, ent)
 AC_SUBST(ENT)
+AC_PATH_PROGS(FILEPRIV, filepriv, true, /sbin:/usr/sbin)
+
+# Use LOGIN_PROGRAM from environment if possible
+if test ! -z "$LOGIN_PROGRAM" ; then
+	AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM")
+else
+	# Search for login
+	AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
+	if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
+		AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
+	fi
+fi
 
 if test -z "$LD" ; then
 	LD=$CC
@@ -25,6 +37,8 @@ if test "$GCC" = "yes"; then
 	CFLAGS="$CFLAGS -Wall"
 fi
 
+CFLAGS="$CFLAGS -I. -I${srcdir-.}"
+
 # Check for some target-specific stuff
 case "$host" in
 *-*-aix*)
@@ -40,78 +54,91 @@ case "$host" in
 	mansubdir=cat
 	dnl AIX handles lastlog as part of its login message
 	AC_DEFINE(DISABLE_LASTLOG)
+	MANTYPE='$(CATMAN)'
+	mansubdir=cat
+	;;
+*-*-cygwin*)
+	LIBS="$LIBS -lregex /usr/lib/textmode.o"
+	AC_DEFINE(HAVE_CYGWIN)
+	AC_DEFINE(DISABLE_PAM)
+	AC_DEFINE(DISABLE_SHADOW)
+	AC_DEFINE(IPV4_DEFAULT)
+	AC_DEFINE(IP_TOS_IS_BROKEN)
+	AC_DEFINE(BROKEN_VHANGUP)
+	no_pam=1
+	no_libsocket=1
+	no_libnsl=1
 	;;
 *-*-hpux10*)
 	if test -z "$GCC"; then
 		CFLAGS="$CFLAGS -Ae"
 	fi
 	CFLAGS="$CFLAGS -D_HPUX_SOURCE"
-	AC_DEFINE(IPADDR_IN_DISPLAY)
-	AC_MSG_CHECKING(for HPUX trusted system password database)
-	if test -f /tcb/files/auth/system/default; then
-		AC_MSG_RESULT(yes)
-		AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW)
-		LIBS="$LIBS -lsec"
-		AC_MSG_WARN([This configuration is untested])
-	else
-		AC_MSG_RESULT(no)
-		AC_DEFINE(DISABLE_SHADOW)
-	fi
+	IPADDR_IN_DISPLAY=yes
+	AC_DEFINE(USE_PIPES)
+	AC_DEFINE(DISABLE_SHADOW)
+	AC_DEFINE(DISABLE_UTMP)
+	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
+	LIBS="$LIBS -lsec"
 	MANTYPE='$(CATMAN)'
 	mansubdir=cat
 	;;
 *-*-hpux11*)
-	if test -z "$GCC"; then
-		CFLAGS="$CFLAGS -Ae"
-	fi
 	CFLAGS="$CFLAGS -D_HPUX_SOURCE"
-	AC_DEFINE(IPADDR_IN_DISPLAY)
-	AC_MSG_CHECKING(for HPUX trusted system password database)
-	if test -f /tcb/files/auth/system/default; then
-		AC_MSG_RESULT(yes)
-		AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW)
-		LIBS="$LIBS -lsec"
-		AC_MSG_WARN([This configuration is untested])
-	else
-		AC_MSG_RESULT(no)
-		AC_DEFINE(DISABLE_SHADOW)
-	fi
+	IPADDR_IN_DISPLAY=yes
+	AC_DEFINE(USE_PIPES)
+	AC_DEFINE(DISABLE_SHADOW)
+	AC_DEFINE(DISABLE_UTMP)
+	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
+	LIBS="$LIBS -lsec"
 	MANTYPE='$(CATMAN)'
 	mansubdir=cat
 	;;
 *-*-irix5*)
 	CFLAGS="$CFLAGS -I/usr/local/include"
 	LDFLAGS="$LDFLAGS"
+	PATH="$PATH:/usr/etc"
 	MANTYPE='$(CATMAN)'
 	no_libsocket=1
 	no_libnsl=1
+	AC_DEFINE(BROKEN_INET_NTOA)
 	;;
 *-*-irix6*)
 	CFLAGS="$CFLAGS -I/usr/local/include"
 	LDFLAGS="$LDFLAGS"
+	PATH="$PATH:/usr/etc"
 	MANTYPE='$(CATMAN)'
-	AC_MSG_WARN([*** Irix 6.x is not tested, please report you experiences *** ])
+	AC_DEFINE(WITH_IRIX_ARRAY)
+	AC_DEFINE(WITH_IRIX_PROJECT)
+	AC_DEFINE(WITH_IRIX_AUDIT)
 	no_libsocket=1
 	no_libnsl=1
+	AC_DEFINE(BROKEN_INET_NTOA)
 	;;
 *-*-linux*)
 	no_dev_ptmx=1
 	AC_DEFINE(DONT_TRY_OTHER_AF)
+	AC_DEFINE(PAM_TTY_KLUDGE)
 	inet6_default_4in6=yes
 	;;
+mips-sony-bsd|mips-sony-newsos4)
+	AC_DEFINE(HAVE_NEWS4)
+	SONY=1
+	AC_CHECK_LIB(iberty, xatexit, AC_DEFINE(HAVE_XATEXIT),
+		AC_MSG_ERROR([*** libiberty missing - please install first ***])
+        )
+	;;
 *-*-netbsd*)
 	need_dash_r=1
 	;;
 *-next-*)
-	# hardwire lastlog location (can't detect it on some versions)
 	conf_lastlog_location="/usr/adm/lastlog"
+	conf_utmp_location=/etc/utmp
+	conf_wtmp_location=/usr/adm/wtmp
+	MAIL=/usr/spool/mail
 	AC_DEFINE(HAVE_NEXT)
+	AC_DEFINE(BROKEN_REALPATH)
 	CFLAGS="$CFLAGS -I/usr/local/include"
-	MAIL=/usr/spool/mail
-	conf_utmp_location=/etc/utmp
-	AC_MSG_WARN([*** Tested: PA-RISC/m68k  Untested: Sparc/Intel])
-	AC_MSG_WARN([*** Expect 'scp' to fail!])
-	AC_MSG_WARN([*** Please report any problems, thanks])
 	;;
 *-*-solaris*)
 	CFLAGS="$CFLAGS -I/usr/local/include"
@@ -132,21 +159,80 @@ case "$host" in
 *-*-sunos4*)
 	CFLAGS="$CFLAGS -DSUNOS4"
 	AC_CHECK_FUNCS(getpwanam)
+	conf_utmp_location=/etc/utmp
+	conf_wtmp_location=/var/adm/wtmp
+	conf_lastlog_location=/var/adm/lastlog
+	AC_DEFINE(USE_PIPES)
+	MANTYPE='$(CATMAN)'
+	mansubdir=cat
 	;;
-*-*-sysv*)
+*-sni-sysv*)
+	CFLAGS="$CFLAGS -I/usr/local/include"
+	LDFLAGS="$LDFLAGS -L/usr/local/lib -L/usr/ucblib"
+	MANTYPE='$(CATMAN)'
+	AC_DEFINE(IP_TOS_IS_BROKEN)
+	mansubdir=cat
+	LIBS="$LIBS -lgen -lnsl -lucb"
+	;;
+*-*-sysv4.2*)
+	CFLAGS="$CFLAGS -I/usr/local/include"
+	LDFLAGS="$LDFLAGS -L/usr/local/lib"
+	MANTYPE='$(CATMAN)'
+	mansubdir=cat
+	LIBS="$LIBS -lgen -lsocket -lnsl -lresolv"
+	enable_suid_ssh=no
+	;;
+*-*-sysv5*)
 	CFLAGS="$CFLAGS -I/usr/local/include"
 	LDFLAGS="$LDFLAGS -L/usr/local/lib"
 	MANTYPE='$(CATMAN)'
 	mansubdir=cat
 	LIBS="$LIBS -lgen -lsocket"
+	enable_suid_ssh=no
 	;;
-*-*-sco3*)
+*-*-sysv*)
 	CFLAGS="$CFLAGS -I/usr/local/include"
 	LDFLAGS="$LDFLAGS -L/usr/local/lib"
 	MANTYPE='$(CATMAN)'
 	mansubdir=cat
 	LIBS="$LIBS -lgen -lsocket"
+	;;
+*-*-sco3.2v4*)
+	AC_DEFINE(USE_PIPES)
+	CFLAGS="$CFLAGS -Dftruncate=chsize -I/usr/local/include"
+	LDFLAGS="$LDFLAGS -L/usr/local/lib"
+	MANTYPE='$(CATMAN)'
+	mansubdir=cat
+	LIBS="$LIBS -lgen -lsocket -los -lprot -lx"
 	no_dev_ptmx=1
+	RANLIB=true
+	AC_DEFINE(BROKEN_SYS_TERMIO_H)
+	rsh_path="/usr/bin/rcmd"
+	AC_DEFINE(HAVE_SCO_PROTECTED_PW)
+	;;
+*-*-sco3.2v5*)
+	CFLAGS="$CFLAGS -I/usr/local/include"
+	LDFLAGS="$LDFLAGS -L/usr/local/lib"
+	MANTYPE='$(CATMAN)'
+	mansubdir=cat
+	LIBS="$LIBS -lgen -lsocket -lprot -lx"
+	no_dev_ptmx=1
+	rsh_path="/usr/bin/rcmd"
+	AC_DEFINE(HAVE_SCO_PROTECTED_PW)
+	;;
+*-dec-osf*)
+# This is untested
+	if test ! -z "USE_SIA" ; then
+		AC_MSG_CHECKING(for Digital Unix Security Integration Architecture)
+		if test -f /etc/sia/matrix.conf; then
+			AC_MSG_RESULT(yes)
+			AC_DEFINE(HAVE_OSF_SIA)
+			AC_DEFINE(DISABLE_LOGIN)
+			LIBS="$LIBS -lsecurity -ldb -lm -laud"
+		else
+			AC_MSG_RESULT(no)
+		fi
+	fi
 	;;
 esac
 
@@ -181,6 +267,14 @@ AC_ARG_WITH(libs,
 AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
 AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")
 
+AC_CHECK_FUNC(regcomp, 
+	[],
+	[
+		AC_CHECK_LIB(pcre, pcre_info, 
+			AC_DEFINE(HAVE_LIBPCRE) LIBS="$LIBS -lpcreposix -lpcre")
+	]
+)
+
 if test -z "$no_libsocket" ; then
 	AC_CHECK_LIB(nsl, yp_match, , )
 fi
@@ -189,21 +283,26 @@ if test -z "$no_libnsl" ; then
 fi
 
 # Checks for header files.
-AC_CHECK_HEADERS(bstring.h endian.h lastlog.h limits.h login.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h util.h utmp.h utmpx.h)
+AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h getopt.h lastlog.h limits.h login.h login_cap.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h sys/un.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h vis.h)
 
-# Checks for library functions.
-AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage innetgr md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy vsnprintf vhangup _getpty __b64_ntop)
-dnl    checks for time functions
+dnl    Checks for library functions.
+AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock fchmod freeaddrinfo futimes gai_strerror getcwd getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr login_getcapbool md5_crypt memmove mkdtemp on_exit openpty realpath rresvport_af setenv seteuid setlogin setproctitle setreuid setrlimit sigaction sigvec snprintf strerror strlcat strlcpy strsep strtok_r vsnprintf vhangup vis _getpty __b64_ntop)
+dnl    Checks for time functions
 AC_CHECK_FUNCS(gettimeofday time)
-dnl    checks for libutil functions
+dnl    Checks for libutil functions
 AC_CHECK_FUNCS(login logout updwtmp logwtmp)
-dnl    checks for utmp functions
+dnl    Checks for utmp functions
 AC_CHECK_FUNCS(entutent getutent getutid getutline pututline setutent)
 AC_CHECK_FUNCS(utmpname)
-dnl    checks for utmpx functions
+dnl    Checks for utmpx functions
 AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline )
 AC_CHECK_FUNCS(setutxent utmpxname)
 
+AC_CHECK_FUNC(getuserattr, 
+	[AC_DEFINE(HAVE_GETUSERATTR)],
+	[AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])]
+)
+
 AC_CHECK_FUNC(login, 
 	[AC_DEFINE(HAVE_LOGIN)],
 	[AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_LOGIN)])]
@@ -219,6 +318,25 @@ AC_CHECK_FUNC(getpagesize,
 	[AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
 )
 
+# Check for broken snprintf
+if test "x$ac_cv_func_snprintf" = "xyes" ; then
+	AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
+	AC_TRY_RUN(
+		[
+#include <stdio.h>
+int main(void){char b[5];snprintf(b,5,"123456789");return(b[4]!='\0');}
+		],
+		[AC_MSG_RESULT(yes)], 
+		[
+			AC_MSG_RESULT(no)
+			AC_DEFINE(BROKEN_SNPRINTF)
+			AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
+		]
+	)
+fi
+
+AC_FUNC_GETPGRP
+
 PAM_MSG="no"
 AC_ARG_WITH(pam,
 	[  --without-pam           Disable PAM support ],
@@ -275,7 +393,7 @@ if test "x$prefix" != "xNONE" ; then
 fi
 AC_CACHE_CHECK([for OpenSSL directory], ac_cv_openssldir, [
 
-	for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
+	for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
 		if test ! -z "$ssldir" ; then
 			LDFLAGS="$saved_LDFLAGS -L$ssldir/lib -L$ssldir"
 			CFLAGS="$saved_CFLAGS -I$ssldir/include"
@@ -388,6 +506,11 @@ else
 	fi
 fi
 
+# Cheap hack to ensure NEWS-OS libraries are arranged right.
+if test ! -z "$SONY" ; then
+  LIBS="$LIBS -liberty";
+fi
+
 # Checks for data types
 AC_CHECK_SIZEOF(char, 1)
 AC_CHECK_SIZEOF(short int, 2)
@@ -396,6 +519,19 @@ AC_CHECK_SIZEOF(long int, 4)
 AC_CHECK_SIZEOF(long long int, 8)
 
 # More checks for data types
+AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
+	AC_TRY_COMPILE(
+		[ #include <sys/types.h> ], 
+		[ u_int a; a = 1;], 
+		[ ac_cv_have_u_int="yes" ],
+		[ ac_cv_have_u_int="no" ]
+	)
+])
+if test "x$ac_cv_have_u_int" = "xyes" ; then
+	AC_DEFINE(HAVE_U_INT)
+	have_u_int=1
+fi
+
 AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
 	AC_TRY_COMPILE(
 		[ #include <sys/types.h> ], 
@@ -409,6 +545,19 @@ if test "x$ac_cv_have_intxx_t" = "xyes" ; then
 	have_intxx_t=1
 fi
 	
+AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
+	AC_TRY_COMPILE(
+		[ #include <sys/types.h> ], 
+		[ int64_t a; a = 1;], 
+		[ ac_cv_have_int64_t="yes" ],
+		[ ac_cv_have_int64_t="no" ]
+	)
+])
+if test "x$ac_cv_have_int64_t" = "xyes" ; then
+	AC_DEFINE(HAVE_INT64_T)
+	have_int64_t=1
+fi
+	
 AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
 	AC_TRY_COMPILE(
 		[ #include <sys/types.h> ], 
@@ -422,6 +571,18 @@ if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
 	have_u_intxx_t=1
 fi
 
+AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
+	AC_TRY_COMPILE(
+		[ #include <sys/types.h> ], 
+		[ u_int64_t a; a = 1;], 
+		[ ac_cv_have_u_int64_t="yes" ],
+		[ ac_cv_have_u_int64_t="no" ]
+	)
+])
+if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
+	AC_DEFINE(HAVE_U_INT64_T)
+	have_u_int64_t=1
+fi
 
 if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
            test "x$ac_cv_header_sys_bitypes_h" = "xyes")
@@ -512,7 +673,17 @@ AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
 		],
 		[ sa_family_t foo; foo = 1235; ],
 		[ ac_cv_have_sa_family_t="yes" ],
+		[ AC_TRY_COMPILE(
+		  [
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+		],
+		[ sa_family_t foo; foo = 1235; ],
+		[ ac_cv_have_sa_family_t="yes" ],
+
 		[ ac_cv_have_sa_family_t="no" ]
+	)]
 	)
 ])
 if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
@@ -609,9 +780,7 @@ if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
 	AC_DEFINE(HAVE_STRUCT_ADDRINFO)
 fi
 
-
-# Checks for structure members
-
+dnl Checks for structure members
 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
 OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
@@ -620,6 +789,7 @@ OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
+OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
@@ -628,6 +798,23 @@ OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
 OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
+AC_STRUCT_ST_BLKSIZE
+
+AC_CACHE_CHECK([for sun_len field in struct sockaddr_un],
+		ac_cv_have_sun_len_in_struct_sockaddr_un, [
+	AC_TRY_COMPILE(
+		[
+#include <sys/types.h>
+#include <sys/socket.h>
+		],
+		[ struct sockaddr_un s; s.sun_len = 1; ],
+		[ ac_cv_have_sun_len_in_struct_sockaddr_un="yes" ],
+		[ ac_cv_have_sun_len_in_struct_sockaddr_un="no" ],
+	)
+])
+if test "x$ac_cv_have_sun_len_in_struct_sockaddr_un" = "xyes" ; then
+	AC_DEFINE(HAVE_SUN_LEN_IN_SOCKADDR_UN)
+fi
 
 AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
 		ac_cv_have_ss_family_in_struct_ss, [
@@ -661,6 +848,21 @@ if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
 	AC_DEFINE(HAVE___SS_FAMILY_IN_SS)
 fi
 
+AC_CACHE_CHECK([for pw_class field in struct passwd],
+		ac_cv_have_pw_class_in_struct_passwd, [
+	AC_TRY_COMPILE(
+		[
+#include <pwd.h>
+		],
+		[ struct passwd p; p.pw_class = 0; ],
+		[ ac_cv_have_pw_class_in_struct_passwd="yes" ],
+		[ ac_cv_have_pw_class_in_struct_passwd="no" ]
+	)
+])
+if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
+	AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD)
+fi
+
 
 AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
 	AC_TRY_LINK([], 
@@ -674,12 +876,36 @@ if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
 fi
 
 
+AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
+	AC_TRY_LINK([], 
+		[ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 
+		[ ac_cv_libc_defines_sys_errlist="yes" ],
+		[ ac_cv_libc_defines_sys_errlist="no" ]
+	)
+])
+if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
+	AC_DEFINE(HAVE_SYS_ERRLIST)
+fi
+
+
+AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
+	AC_TRY_LINK([], 
+		[ extern int sys_nerr; printf("%i", sys_nerr);], 
+		[ ac_cv_libc_defines_sys_nerr="yes" ],
+		[ ac_cv_libc_defines_sys_nerr="no" ]
+	)
+])
+if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
+	AC_DEFINE(HAVE_SYS_NERR)
+fi
+
+
 # Looking for programs, paths and files
 AC_ARG_WITH(rsh,
 	[  --with-rsh=PATH         Specify path to remote shell program ],
 	[
 		if test "x$withval" != "$no" ; then
-			rsa_path=$withval
+			rsh_path=$withval
 		fi
 	],
 	[
@@ -695,7 +921,7 @@ AC_ARG_WITH(xauth,
 		fi
 	],
 	[
-		AC_PATH_PROG(xauth_path, xauth)
+		AC_PATH_PROG(xauth_path, xauth,,$PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin)
 		if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
 			xauth_path="/usr/openwin/bin/xauth"
 		fi
@@ -960,16 +1186,21 @@ if test -z "$disable_shadow" ; then
 fi
 
 # Use ip address instead of hostname in $DISPLAY
-DISPLAY_HACK_MSG="no" 
-AC_ARG_WITH(ipaddr-display,
-	[  --with-ipaddr-display   Use ip address instead of hostname in \$DISPLAY],
-	[
-		if test "x$withval" = "xno" ; then	
-			AC_DEFINE(IPADDR_IN_DISPLAY)
-			DISPLAY_HACK_MSG="yes" 
-		fi
-	]
-)
+if test ! -z "$IPADDR_IN_DISPLAY" ; then
+	DISPLAY_HACK_MSG="yes"
+	AC_DEFINE(IPADDR_IN_DISPLAY)
+else
+	DISPLAY_HACK_MSG="no" 
+	AC_ARG_WITH(ipaddr-display,
+		[  --with-ipaddr-display   Use ip address instead of hostname in \$DISPLAY],
+		[
+			if test "x$withval" != "xno" ; then	
+				AC_DEFINE(IPADDR_IN_DISPLAY)
+				DISPLAY_HACK_MSG="yes" 
+			fi
+		]
+	)
+fi
 
 # Whether to mess with the default path
 SERVER_PATH_MSG="(default)" 
@@ -1018,6 +1249,25 @@ AC_ARG_WITH(4in6,
 	]
 )
 
+AC_MSG_CHECKING(whether to install ssh as suid root)
+AC_ARG_ENABLE(suid-ssh,
+[  --enable-suid-ssh       Install ssh as suid root (default)
+  --disable-suid-ssh      Install ssh without suid bit],
+[ case "$enableval" in
+  no)
+       AC_MSG_RESULT(no)
+       SSHMODE=0711
+       ;;
+  *)   AC_MSG_RESULT(yes)
+       SSHMODE=04711
+       ;;
+  esac ],
+  AC_MSG_RESULT(yes)
+  SSHMODE=04711
+)
+AC_SUBST(SSHMODE)
+
+
 # Where to place sshd.pid
 piddir=/var/run
 AC_ARG_WITH(pid-dir,
@@ -1029,6 +1279,14 @@ AC_ARG_WITH(pid-dir,
 	]
 )
 
+# make sure the directory exists
+if test ! -d $piddir ; then	
+	piddir=`eval echo ${sysconfdir}`
+	case $piddir in
+ 		NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
+	esac
+fi
+
 AC_DEFINE_UNQUOTED(PIDDIR, "$piddir")
 AC_SUBST(piddir)
 
@@ -1261,6 +1519,8 @@ if test ! -z "$blibpath" ; then
 	AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile])
 fi
 
+AC_EXEEXT
+
 AC_OUTPUT(Makefile ssh_prng_cmds)
 
 # Print summary of options
@@ -1277,6 +1537,7 @@ else
 		RAND_MSG="EGD ($EGD_SOCKET)"
 	else
 		RAND_MSG="Builtin (timeout $entropy_timeout)"
+		BUILTIN_RNG=1
 	fi
 fi
 
@@ -1285,13 +1546,14 @@ A=`eval echo ${prefix}` ; A=`eval echo ${A}`
 B=`eval echo ${bindir}` ; B=`eval echo ${B}`
 C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
 D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
-E=`eval echo ${libexecdir}/ssh/ssh-askpass` ; E=`eval echo ${E}`
+E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
 F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
 G=`eval echo ${piddir}` ; G=`eval echo ${G}`
 
 echo ""
 echo "OpenSSH configured has been configured with the following options."
 echo "                 User binaries: $B"
+echo "                 User binaries: $B"
 echo "               System binaries: $C"
 echo "           Configuration files: $D"
 echo "               Askpass program: $E"
@@ -1311,9 +1573,17 @@ echo "       Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
 
 echo ""
 
-echo "Compiler flags: ${CFLAGS}"
-echo "Linker flags: ${LDFLAGS}"
-echo "Libraries: ${LIBS}"
+echo "             Host: ${host}"
+echo "         Compiler: ${CC}"
+echo "   Compiler flags: ${CFLAGS}"
+echo "     Linker flags: ${LDFLAGS}"
+echo "        Libraries: ${LIBS}"
 
 echo ""
 
+if test ! -z "$BUILTIN_RNG" ; then
+	echo "WARNING: you are using the builtin random number collection service."
+	echo "Please read WARNING.RNG and request that your OS vendor includes"
+	echo "/dev/random in future versions of their OS."
+	echo ""
+fi