X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/70e2f2f3229d9f1e106542302509e08567fc4cf8..ab33e02a07ff3d5c7d80f9ba60c2e00b8fb7332c:/configure.ac diff --git a/configure.ac b/configure.ac index 1337e55b..05978eaa 100644 --- a/configure.ac +++ b/configure.ac @@ -114,7 +114,7 @@ case "$host" in AC_DEFINE(WITH_IRIX_ARRAY) AC_DEFINE(WITH_IRIX_PROJECT) AC_DEFINE(WITH_IRIX_AUDIT) - AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) + AC_DEFINE(WITH_IRIX_JOBS) AC_DEFINE(BROKEN_INET_NTOA) ;; *-*-linux*) @@ -122,7 +122,6 @@ case "$host" in check_for_libcrypt_later=1 AC_DEFINE(DONT_TRY_OTHER_AF) AC_DEFINE(PAM_TTY_KLUDGE) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) inet6_default_4in6=yes ;; mips-sony-bsd|mips-sony-newsos4) @@ -174,7 +173,6 @@ mips-sony-bsd|mips-sony-newsos4) CPPFLAGS="$CPPFLAGS -DSUNOS4" AC_CHECK_FUNCS(getpwanam) AC_DEFINE(PAM_SUN_CODEBASE) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) conf_utmp_location=/etc/utmp conf_wtmp_location=/var/adm/wtmp conf_lastlog_location=/var/adm/lastlog @@ -184,7 +182,6 @@ mips-sony-bsd|mips-sony-newsos4) CPPFLAGS="$CPPFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" LIBS="$LIBS -lc89" - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) AC_DEFINE(USE_PIPES) ;; *-sni-sysv*) @@ -194,7 +191,6 @@ mips-sony-bsd|mips-sony-newsos4) IPADDR_IN_DISPLAY=yes AC_DEFINE(USE_PIPES) AC_DEFINE(IP_TOS_IS_BROKEN) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) # /usr/ucblib/libucb.a no longer needed on ReliantUNIX # Attention: always take care to bind libsocket and libnsl before libc, # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog @@ -226,7 +222,6 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(USE_PIPES) AC_DEFINE(HAVE_SCO_PROTECTED_PW) AC_DEFINE(DISABLE_SHADOW) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) AC_DEFINE(BROKEN_SAVED_UIDS) AC_CHECK_FUNCS(getluid setluid) MANTYPE=man @@ -241,7 +236,6 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(USE_PIPES) AC_DEFINE(HAVE_SCO_PROTECTED_PW) AC_DEFINE(DISABLE_SHADOW) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) AC_CHECK_FUNCS(getluid setluid) MANTYPE=man ;; @@ -319,6 +313,18 @@ AC_ARG_WITH(libs, ] ) +# Checks for header files. +AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \ + getopt.h glob.h lastlog.h limits.h login.h \ + login_cap.h maillock.h netdb.h netgroup.h \ + netinet/in_systm.h paths.h poll.h pty.h \ + rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ + strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \ + sys/poll.h sys/select.h sys/stat.h \ + sys/stropts.h sys/sysmacros.h sys/time.h \ + sys/un.h time.h ttyent.h usersec.h \ + util.h utime.h utmp.h utmpx.h) + # Checks for libraries. AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) @@ -333,6 +339,18 @@ fi AC_CHECK_FUNC(getspnam, , AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) +AC_ARG_WITH(rpath, + [ --without-rpath Disable auto-added -R linker paths], + [ + if test "x$withval" = "xno" ; then + need_dash_r="" + fi + if test "x$withval" = "xyes" ; then + need_dash_r=1 + fi + ] +) + dnl zlib is required AC_ARG_WITH(zlib, [ --with-zlib=PATH Use zlib in PATH], @@ -378,18 +396,6 @@ AC_CHECK_FUNCS(logout updwtmp logwtmp) AC_FUNC_STRFTIME -# Checks for header files. -AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \ - getopt.h glob.h lastlog.h limits.h login.h \ - login_cap.h maillock.h netdb.h netgroup.h \ - netinet/in_systm.h paths.h poll.h pty.h \ - security/pam_appl.h shadow.h stddef.h stdint.h \ - strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \ - sys/poll.h sys/queue.h sys/select.h sys/stat.h \ - sys/stropts.h sys/sysmacros.h sys/time.h \ - sys/ttcompat.h sys/un.h time.h ttyent.h usersec.h \ - util.h utime.h utmp.h utmpx.h) - # Check for ALTDIRFUNC glob() extension AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) AC_EGREP_CPP(FOUNDIT, @@ -455,9 +461,16 @@ AC_ARG_WITH(skey, LIBS="-lskey $LIBS" SKEY_MSG="yes" - AC_CHECK_FUNC(skey_keyinfo, - [], + AC_MSG_CHECKING([for s/key support]) + AC_TRY_RUN( [ +#include +#include +int main() { char *ff = skey_keyinfo(""); ff=""; return 0; } + ], + [AC_MSG_RESULT(yes)], + [ + AC_MSG_RESULT(no) AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) ]) fi @@ -494,7 +507,8 @@ AC_ARG_WITH(tcp-wrappers, CPPFLAGS="-I${withval} ${CPPFLAGS}" fi fi - LIBS="-lwrap $LIBS" + LIBWRAP="-lwrap" + LIBS="$LIBWRAP $LIBS" AC_MSG_CHECKING(for libwrap) AC_TRY_LINK( [ @@ -505,12 +519,14 @@ AC_ARG_WITH(tcp-wrappers, [ AC_MSG_RESULT(yes) AC_DEFINE(LIBWRAP) + AC_SUBST(LIBWRAP) TCPW_MSG="yes" ], [ AC_MSG_ERROR([*** libwrap missing]) ] ) + LIBS="$saved_LIBS" fi ] ) @@ -626,6 +642,12 @@ AC_ARG_WITH(pam, PAM_MSG="yes" AC_DEFINE(USE_PAM) + if test $ac_cv_lib_dl_dlopen = yes; then + LIBPAM="-lpam -ldl" + else + LIBPAM="-lpam" + fi + AC_SUBST(LIBPAM) fi ] ) @@ -942,6 +964,25 @@ AC_ARG_WITH(prngd-socket, PRNGD_SOCKET="$withval" AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") fi + ], + [ + # Check for existing socket only if we don't have a random device already + if test "$USE_RAND_HELPER" = yes ; then + AC_MSG_CHECKING(for PRNGD/EGD socket) + # Insert other locations here + for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do + if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then + PRNGD_SOCKET="$sock" + AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") + break; + fi + done + if test ! -z "$PRNGD_SOCKET" ; then + AC_MSG_RESULT($PRNGD_SOCKET) + else + AC_MSG_RESULT(not found) + fi + fi ] ) @@ -958,6 +999,20 @@ AC_ARG_WITH(entropy-timeout, AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) +# We do this little dance with the search path to insure +# that programs that we select for use by installed programs +# (which may be run by the super-user) come from trusted +# locations before they come from the user's private area. +# This should help avoid accidentally configuring some +# random version of a program in someone's personal bin. + +OPATH=$PATH +PATH=/bin:/usr/bin +/bin/test -L /bin && PATH=/usr/bin +test -d /sbin && PATH=$PATH:/sbin +test -d /usr/sbin && PATH=$PATH:/usr/sbin +PATH=$PATH:/etc:$OPATH + # These programs are used by the command hashing source to gather entropy OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) @@ -975,6 +1030,8 @@ OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) +# restore PATH +PATH=$OPATH # Where does ssh-rand-helper get its randomness from? INSTALL_SSH_PRNG_CMDS="" @@ -1072,6 +1129,19 @@ if test -z "$have_int64_t" ; then ) fi +if test -z "$have_int64_t" ; then + AC_MSG_CHECKING([for int64_t type in sys/bitypes.h]) + AC_TRY_COMPILE( + [ #include ], + [ int64_t a; a = 1], + [ + AC_DEFINE(HAVE_INT64_T) + AC_MSG_RESULT(yes) + ], + [ AC_MSG_RESULT(no) ] + ) +fi + AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ AC_TRY_COMPILE( [ #include ], @@ -1111,6 +1181,19 @@ if test "x$ac_cv_have_u_int64_t" = "xyes" ; then have_u_int64_t=1 fi +if test -z "$have_u_int64_t" ; then + AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) + AC_TRY_COMPILE( + [ #include ], + [ u_int64_t a; a = 1], + [ + AC_DEFINE(HAVE_U_INT64_T) + AC_MSG_RESULT(yes) + ], + [ AC_MSG_RESULT(no) ] + ) +fi + if test -z "$have_u_intxx_t" ; then AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ AC_TRY_COMPILE( @@ -1179,6 +1262,8 @@ fi TYPE_SOCKLEN_T +AC_CHECK_TYPES(sig_atomic_t,,,[#include ]) + AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ AC_TRY_COMPILE( [ @@ -1484,6 +1569,22 @@ if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD) fi +AC_CACHE_CHECK([for msg_accrights field in struct msghdr], + ac_cv_have_accrights_in_msghdr, [ + AC_TRY_COMPILE( + [ +#include +#include + ], + [ struct msghdr m; m.msg_accrights = 0; ], + [ ac_cv_have_accrights_in_msghdr="yes" ], + [ ac_cv_have_accrights_in_msghdr="no" ] + ) +]) +if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then + AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR) +fi + AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ AC_TRY_LINK([], [ extern char *__progname; printf("%s", __progname); ], @@ -1495,6 +1596,32 @@ if test "x$ac_cv_libc_defines___progname" = "xyes" ; then AC_DEFINE(HAVE___PROGNAME) fi +AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ + AC_TRY_LINK([ +#include +], + [ printf("%s", __FUNCTION__); ], + [ ac_cv_cc_implements___FUNCTION__="yes" ], + [ ac_cv_cc_implements___FUNCTION__="no" ] + ) +]) +if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then + AC_DEFINE(HAVE___FUNCTION__) +fi + +AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ + AC_TRY_LINK([ +#include +], + [ printf("%s", __func__); ], + [ ac_cv_cc_implements___func__="yes" ], + [ ac_cv_cc_implements___func__="no" ] + ) +]) +if test "x$ac_cv_cc_implements___func__" = "xyes" ; then + AC_DEFINE(HAVE___func__) +fi + AC_CACHE_CHECK([whether getopt has optreset support], ac_cv_have_getopt_optreset, [ AC_TRY_LINK( @@ -1533,11 +1660,11 @@ if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then AC_DEFINE(HAVE_SYS_NERR) fi - -# Check whether user wants Kerberos support SCARD_MSG="no" -AC_ARG_WITH(smartcard, - [ --with-smartcard Enable smartcard support], + +# Check whether user wants sectok support +AC_ARG_WITH(sectok, + [ --with-sectok Enable smartcard support using libsectok], [ if test "x$withval" != "xno" ; then if test "x$withval" != "xyes" ; then @@ -1559,7 +1686,38 @@ AC_ARG_WITH(smartcard, AC_MSG_ERROR(Can't find libsectok) fi AC_DEFINE(SMARTCARD) - SCARD_MSG="yes" + AC_DEFINE(USE_SECTOK) + SCARD_MSG="yes, using sectok" + fi + ] +) + +# Check whether user wants OpenSC support +AC_ARG_WITH(opensc, + [ --with-opensc Enable smartcard support using OpenSC], + [ + if test "x$withval" != "xno" ; then + if test "x$withval" != "xyes" ; then + CPPFLAGS="$CPPFLAGS -I${withval}" + LDFLAGS="$LDFLAGS -L${withval}" + if test ! -z "$need_dash_r" ; then + LDFLAGS="$LDFLAGS -R${withval}" + fi + if test ! -z "$blibpath" ; then + blibpath="$blibpath:${withval}" + fi + fi + AC_CHECK_HEADERS(opensc-pkcs15.h) + if test "$ac_cv_header_opensc_pkcs15_h" != yes; then + AC_MSG_ERROR(Can't find opensc-pkcs15.h) + fi + AC_CHECK_LIB(opensc, sc_pkcs15_bind) + if test "$ac_cv_lib_opensc_sc_pkcs15_bind" != yes; then + AC_MSG_ERROR(Can't find libopensc) + fi + AC_DEFINE(SMARTCARD) + AC_DEFINE(USE_OPENSC) + SCARD_MSG="yes, using OpenSC" fi ] ) @@ -1931,23 +2089,26 @@ AC_SUBST(SSHMODE) # Where to place sshd.pid piddir=/var/run +# make sure the directory exists +if test ! -d $piddir ; then + piddir=`eval echo ${sysconfdir}` + case $piddir in + NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; + esac +fi + AC_ARG_WITH(pid-dir, [ --with-pid-dir=PATH Specify location of ssh.pid file], [ if test "x$withval" != "xno" ; then piddir=$withval + if test ! -d $piddir ; then + AC_MSG_WARN([** no $piddir directory on this system **]) + fi fi ] ) -# make sure the directory exists -if test ! -d $piddir ; then - piddir=`eval echo ${sysconfdir}` - case $piddir in - NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; - esac -fi - AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir") AC_SUBST(piddir) @@ -2177,6 +2338,14 @@ if test ! -z "$blibpath" ; then AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile]) fi +dnl remove pam and dl because they are in $LIBPAM +if test "$PAM_MSG" = yes ; then + LIBS=`echo $LIBS | sed 's/-lpam //'` +fi +if test "$ac_cv_lib_pam_pam_set_item" = yes ; then + LIBS=`echo $LIBS | sed 's/-ldl //'` +fi + AC_EXEEXT AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds]) AC_OUTPUT @@ -2226,7 +2395,7 @@ echo " Compiler: ${CC}" echo " Compiler flags: ${CFLAGS}" echo "Preprocessor flags: ${CPPFLAGS}" echo " Linker flags: ${LDFLAGS}" -echo " Libraries: ${LIBS}" +echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" echo ""