X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/68ece370ced3c762375a98bb1411996e1183f125..a814ba4d7ebb0d7ff9f4ea00a5a77e8b0e38767c:/configure.ac diff --git a/configure.ac b/configure.ac index dfd87c9d..b37b5f68 100644 --- a/configure.ac +++ b/configure.ac @@ -54,7 +54,6 @@ fi # Check for some target-specific stuff case "$host" in *-*-aix*) - AFS_LIBS="-lld" CPPFLAGS="$CPPFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) @@ -75,19 +74,33 @@ case "$host" in AC_MSG_RESULT($blibflags) fi LDFLAGS="$saved_LDFLAGS" + dnl Check for authenticate. Might be in libs.a on older AIXes AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)], [AC_CHECK_LIB(s,authenticate, [ AC_DEFINE(WITH_AIXAUTHENTICATE) LIBS="$LIBS -ls" ]) ]) + dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) + AC_CHECK_DECL(loginfailed, + [AC_MSG_CHECKING(if loginfailed takes 4 arguments) + AC_TRY_COMPILE( + [#include ], + [(void)loginfailed("user","host","tty",0);], + [AC_MSG_RESULT(yes) + AC_DEFINE(AIX_LOGINFAILED_4ARG)], + [AC_MSG_RESULT(no)] + )], + [], + [#include ] + ) + AC_CHECK_FUNCS(setauthdb) AC_DEFINE(BROKEN_GETADDRINFO) AC_DEFINE(BROKEN_REALPATH) dnl AIX handles lastlog as part of its login message AC_DEFINE(DISABLE_LASTLOG) AC_DEFINE(LOGIN_NEEDS_UTMPX) - AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_CLOBBER_ARGV) - AC_DEFINE(SETPROCTITLE_PS_PADDING, '\0') + AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) ;; *-*-cygwin*) check_for_libcrypt_later=1 @@ -95,7 +108,6 @@ case "$host" in AC_DEFINE(HAVE_CYGWIN) AC_DEFINE(USE_PIPES) AC_DEFINE(DISABLE_SHADOW) - AC_DEFINE(IPV4_DEFAULT) AC_DEFINE(IP_TOS_IS_BROKEN) AC_DEFINE(NO_X11_UNIX_SOCKETS) AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) @@ -129,7 +141,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE(LOGIN_NEEDS_UTMPX) AC_DEFINE(DISABLE_SHADOW) AC_DEFINE(DISABLE_UTMP) - AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_PSTAT) + AC_DEFINE(SPT_TYPE,SPT_PSTAT) LIBS="$LIBS -lsec -lsecpw" AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) disable_ptmx_check=yes @@ -145,7 +157,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE(LOGIN_NEEDS_UTMPX) AC_DEFINE(DISABLE_SHADOW) AC_DEFINE(DISABLE_UTMP) - AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_PSTAT) + AC_DEFINE(SPT_TYPE,SPT_PSTAT) LIBS="$LIBS -lsec" AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) ;; @@ -158,7 +170,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE(LOGIN_NEEDS_UTMPX) AC_DEFINE(DISABLE_SHADOW) AC_DEFINE(DISABLE_UTMP) - AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_PSTAT) + AC_DEFINE(SPT_TYPE,SPT_PSTAT) LIBS="$LIBS -lsec" AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) ;; @@ -185,9 +197,59 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) check_for_libcrypt_later=1 AC_DEFINE(DONT_TRY_OTHER_AF) AC_DEFINE(PAM_TTY_KLUDGE) - AC_DEFINE(SETPROCTITLE_STRATEGY,PS_USE_CLOBBER_ARGV) - AC_DEFINE(SETPROCTITLE_PS_PADDING, '\0') + AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) inet6_default_4in6=yes + # openpty can be in libutil, needed for controlling tty test + AC_SEARCH_LIBS(openpty, util) + # make sure that openpty does not reacquire controlling terminal + AC_MSG_CHECKING(if openpty correctly handles controlling tty) + AC_TRY_RUN( + [ +#include +#include +#include +#include + +int +main() +{ + pid_t pid; + int fd, ptyfd, ttyfd, status; + + pid = fork(); + if (pid < 0) { /* failed */ + exit(1); + } else if (pid > 0) { /* parent */ + waitpid(pid, &status, 0); + if (WIFEXITED(status)) + exit(WEXITSTATUS(status)); + else + exit(2); + } else { /* child */ + close(0); close(1); close(2); + setsid(); + openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); + fd = open("/dev/tty", O_RDWR | O_NOCTTY); + if (fd >= 0) + exit(3); /* Acquired ctty: broken */ + else + exit(0); /* Did not acquire ctty: OK */ + } +} + ], + [ + AC_MSG_RESULT(yes) + ], + [ + AC_MSG_RESULT(no) + AC_DEFINE(SSHD_ACQUIRES_CTTY) + ] + ) + case `uname -r` in + 1.*|2.0.*) + AC_DEFINE(BROKEN_CMSG_TYPE) + ;; + esac ;; mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(HAVE_NEWS4) @@ -220,7 +282,8 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(LOGIN_NEEDS_UTMPX) AC_DEFINE(LOGIN_NEEDS_TERM) AC_DEFINE(PAM_TTY_KLUDGE) - AC_DEFINE(STREAMS_PUSH_ACQUIRES_CTTY) + # Pushing STREAMS modules will cause sshd to acquire a controlling tty. + AC_DEFINE(SSHD_ACQUIRES_CTTY) # hardwire lastlog location (can't detect it on some versions) conf_lastlog_location="/var/adm/lastlog" AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) @@ -247,6 +310,7 @@ mips-sony-bsd|mips-sony-newsos4) LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -lc89" AC_DEFINE(USE_PIPES) + AC_DEFINE(SSHD_ACQUIRES_CTTY) ;; *-sni-sysv*) CPPFLAGS="$CPPFLAGS -I/usr/local/include" @@ -255,6 +319,7 @@ mips-sony-bsd|mips-sony-newsos4) IPADDR_IN_DISPLAY=yes AC_DEFINE(USE_PIPES) AC_DEFINE(IP_TOS_IS_BROKEN) + AC_DEFINE(SSHD_ACQUIRES_CTTY) # /usr/ucblib/libucb.a no longer needed on ReliantUNIX # Attention: always take care to bind libsocket and libnsl before libc, # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog @@ -387,14 +452,26 @@ AC_ARG_WITH(libs, ] ) +AC_MSG_CHECKING(compiler and flags for sanity) +AC_TRY_RUN([ +#include +int main(){exit(0);} + ], + [ AC_MSG_RESULT(yes) ], + [ + AC_MSG_RESULT(no) + AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) + ] +) + # Checks for header files. -AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \ +AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \ getopt.h glob.h ia.h lastlog.h libgen.h limits.h login.h \ login_cap.h maillock.h netdb.h netgroup.h \ netinet/in_systm.h paths.h pty.h readpassphrase.h \ rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ - strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \ - sys/mman.h sys/pstat.h sys/select.h sys/stat.h \ + strings.h sys/strtio.h sys/audit.h sys/bitypes.h sys/bsdtty.h \ + sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \ sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \ sys/un.h time.h tmpdir.h ttyent.h usersec.h \ util.h utime.h utmp.h utmpx.h) @@ -608,24 +685,26 @@ AC_ARG_WITH(tcp-wrappers, dnl Checks for library functions. Please keep in alphabetical order AC_CHECK_FUNCS(\ - arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename bcopy \ - bindresvport_sa clock fchmod fchown freeaddrinfo futimes \ + arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename \ + bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \ gai_strerror getaddrinfo getcwd getgrouplist getnameinfo getopt \ - getpeereid _getpty getrlimit getrusage getttyent glob inet_aton \ + getpeereid _getpty getrlimit getttyent glob inet_aton \ inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ - mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openpty pstat \ - readpassphrase realpath recvmsg rresvport_af sendmsg setdtablesize \ - setegid setenv seteuid setgroups setlogin setpcred setproctitle \ - setresgid setreuid setrlimit setsid setvbuf sigaction sigvec \ - snprintf socketpair strerror strlcat strlcpy strmode strnvis \ - sysconf tcgetpgrp truncate utimes vhangup vsnprintf waitpid \ + mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ + pstat readpassphrase realpath recvmsg rresvport_af sendmsg \ + setdtablesize setegid setenv seteuid setgroups setlogin setpcred \ + setproctitle setregid setresgid setresuid setreuid setrlimit \ + setsid setvbuf sigaction sigvec snprintf socketpair strerror \ + strlcat strlcpy strmode strnvis sysconf tcgetpgrp tcsendbreak \ + truncate utimes vhangup vsnprintf waitpid \ ) AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME)) -dnl Make sure strsep prototype is defined before defining HAVE_STRSEP +dnl Make sure prototypes are defined for these before using them. AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)]) +AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) dnl IRIX and Solaris 2.5.1 have dirname() in libgen AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ @@ -905,13 +984,15 @@ int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } ], [ AC_MSG_RESULT(no) - AC_MSG_ERROR(Your OpenSSL headers do not match your library) + AC_MSG_ERROR([Your OpenSSL headers do not match your library. +Check config.log for details. +Also see contrib/findssl.sh for help identifying header/library mismatches.]) ] ) # Some Linux systems (Slackware) need crypt() from libcrypt, *not* the # version in OpenSSL. Skip this for PAM -if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then +if test "x$check_for_libcrypt_later" = "x1"; then AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") fi @@ -1752,7 +1833,6 @@ if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then fi SCARD_MSG="no" - # Check whether user wants sectok support AC_ARG_WITH(sectok, [ --with-sectok Enable smartcard support using libsectok], @@ -1802,6 +1882,25 @@ if test x$opensc_config_prefix != x ; then fi fi +# Check whether user wants DNS support +DNS_MSG="no" +AC_ARG_WITH(dns, + [ --with-dns Support for fetching keys from DNS (experimental)], + [ + if test "x$withval" != "xno" ; then + DNS_MSG="yes" + AC_DEFINE(DNS) + AC_SEARCH_LIBS(getrrsetbyname, resolv, + [AC_DEFINE(HAVE_GETRRSETBYNAME)], + [ + # Needed by our getrrsetbyname() + AC_SEARCH_LIBS(res_query, resolv) + AC_SEARCH_LIBS(dn_expand, resolv) + ]) + fi + ] +) + # Check whether user wants Kerberos 5 support KRB5_MSG="no" AC_ARG_WITH(kerberos5, @@ -1834,93 +1933,13 @@ AC_ARG_WITH(kerberos5, if test ! -z "$blibpath" ; then blibpath="$blibpath:${KRB5ROOT}/lib" fi - AC_CHECK_LIB(resolv, dn_expand, , ) + AC_SEARCH_LIBS(dn_expand, resolv) KRB5=yes fi ] ) -# Check whether user wants Kerberos 4 support -KRB4_MSG="no" -AC_ARG_WITH(kerberos4, - [ --with-kerberos4=PATH Enable Kerberos 4 support], - [ - if test "x$withval" != "xno" ; then - if test "x$withval" != "xyes" ; then - CPPFLAGS="$CPPFLAGS -I${withval}/include" - LDFLAGS="$LDFLAGS -L${withval}/lib" - if test ! -z "$need_dash_r" ; then - LDFLAGS="$LDFLAGS -R${withval}/lib" - fi - if test ! -z "$blibpath" ; then - blibpath="$blibpath:${withval}/lib" - fi - else - if test -d /usr/include/kerberosIV ; then - CPPFLAGS="$CPPFLAGS -I/usr/include/kerberosIV" - fi - fi - - AC_CHECK_HEADERS(krb.h) - if test "$ac_cv_header_krb_h" != yes; then - AC_MSG_WARN([Cannot find krb.h, build may fail]) - fi - AC_CHECK_LIB(krb, main) - if test "$ac_cv_lib_krb_main" != yes; then - AC_CHECK_LIB(krb4, main) - if test "$ac_cv_lib_krb4_main" != yes; then - AC_MSG_WARN([Cannot find libkrb nor libkrb4, build may fail]) - else - KLIBS="-lkrb4" - fi - else - KLIBS="-lkrb" - fi - AC_CHECK_LIB(des, des_cbc_encrypt) - if test "$ac_cv_lib_des_des_cbc_encrypt" != yes; then - AC_CHECK_LIB(des425, des_cbc_encrypt) - if test "$ac_cv_lib_des425_des_cbc_encrypt" != yes; then - AC_MSG_WARN([Cannot find libdes nor libdes425, build may fail]) - else - KLIBS="-ldes425" - fi - else - KLIBS="-ldes" - fi - AC_CHECK_LIB(resolv, dn_expand, , ) - KRB4=yes - KRB4_MSG="yes" - AC_DEFINE(KRB4) - fi - ] -) - -# Check whether user wants AFS support -AFS_MSG="no" -AC_ARG_WITH(afs, - [ --with-afs=PATH Enable AFS support], - [ - if test "x$withval" != "xno" ; then - - if test "x$withval" != "xyes" ; then - CPPFLAGS="$CPPFLAGS -I${withval}/include" - LDFLAGS="$LDFLAGS -L${withval}/lib" - fi - - if test -z "$KRB4" ; then - AC_MSG_WARN([AFS requires Kerberos IV support, build may fail]) - fi - - LIBS="-lkafs $LIBS" - if test ! -z "$AFS_LIBS" ; then - LIBS="$LIBS $AFS_LIBS" - fi - AC_DEFINE(AFS) - AFS_MSG="yes" - fi - ] -) -LIBS="$LIBS $KLIBS $K5LIBS" +LIBS="$LIBS $K5LIBS" # Looking for programs, paths and files @@ -2184,18 +2203,6 @@ AC_ARG_WITH(superuser-path, ) -# Whether to force IPv4 by default (needed on broken glibc Linux) -IPV4_HACK_MSG="no" -AC_ARG_WITH(ipv4-default, - [ --with-ipv4-default Use IPv4 by connections unless '-6' specified], - [ - if test "x$withval" != "xno" ; then - AC_DEFINE(IPV4_DEFAULT) - IPV4_HACK_MSG="yes" - fi - ] -) - AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) IPV4_IN6_HACK_MSG="no" AC_ARG_WITH(4in6, @@ -2259,35 +2266,67 @@ AC_SUBST(piddir) dnl allow user to disable some login recording features AC_ARG_ENABLE(lastlog, [ --disable-lastlog disable use of lastlog even if detected [no]], - [ AC_DEFINE(DISABLE_LASTLOG) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_LASTLOG) + fi + ] ) AC_ARG_ENABLE(utmp, [ --disable-utmp disable use of utmp even if detected [no]], - [ AC_DEFINE(DISABLE_UTMP) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_UTMP) + fi + ] ) AC_ARG_ENABLE(utmpx, [ --disable-utmpx disable use of utmpx even if detected [no]], - [ AC_DEFINE(DISABLE_UTMPX) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_UTMPX) + fi + ] ) AC_ARG_ENABLE(wtmp, [ --disable-wtmp disable use of wtmp even if detected [no]], - [ AC_DEFINE(DISABLE_WTMP) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_WTMP) + fi + ] ) AC_ARG_ENABLE(wtmpx, [ --disable-wtmpx disable use of wtmpx even if detected [no]], - [ AC_DEFINE(DISABLE_WTMPX) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_WTMPX) + fi + ] ) AC_ARG_ENABLE(libutil, [ --disable-libutil disable use of libutil (login() etc.) [no]], - [ AC_DEFINE(DISABLE_LOGIN) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_LOGIN) + fi + ] ) AC_ARG_ENABLE(pututline, [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], - [ AC_DEFINE(DISABLE_PUTUTLINE) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_PUTUTLINE) + fi + ] ) AC_ARG_ENABLE(pututxline, [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], - [ AC_DEFINE(DISABLE_PUTUTXLINE) ] + [ + if test "x$enableval" = "xno" ; then + AC_DEFINE(DISABLE_PUTUTXLINE) + fi + ] ) AC_ARG_WITH(lastlog, [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], @@ -2526,16 +2565,14 @@ if test ! -z "$superuser_path" ; then echo " sshd superuser user PATH: $J" fi echo " Manpage format: $MANTYPE" -echo " PAM support: ${PAM_MSG}" -echo " KerberosIV support: $KRB4_MSG" +echo " DNS support: $DNS_MSG" +echo " PAM support: $PAM_MSG" echo " KerberosV support: $KRB5_MSG" echo " Smartcard support: $SCARD_MSG" -echo " AFS support: $AFS_MSG" echo " S/KEY support: $SKEY_MSG" echo " TCP Wrappers support: $TCPW_MSG" echo " MD5 password support: $MD5_MSG" echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" -echo " Use IPv4 by default hack: $IPV4_HACK_MSG" echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" echo " BSD Auth support: $BSD_AUTH_MSG" echo " Random number source: $RAND_MSG"