X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/7685ff36c58cd854a4480c7ff04025df7c218832..b7a87eeab45a64bb687e4fc7e9757e2ce0442fa7:/configure.in diff --git a/configure.in b/configure.in index 2d2fbe1a..c533d420 100644 --- a/configure.in +++ b/configure.in @@ -43,6 +43,29 @@ case "$host" in LDFLAGS="$LDFLAGS -L/usr/local/lib" AC_DEFINE(IPADDR_IN_DISPLAY) AC_DEFINE(USE_UTMPX) + AC_DEFINE(NEED_IN_SYSTM_H) + AC_MSG_CHECKING(for HPUX trusted system password database) + if test -f /tcb/files/auth/system/default; then + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW) + LIBS="$LIBS -lsec" + AC_MSG_WARN([This configuration is untested]) + else + AC_MSG_RESULT(no) + AC_DEFINE(DISABLE_SHADOW) + fi + MANTYPE='$(CATMAN)' + mansubdir=cat + ;; +*-*-hpux11*) + if test -z "$GCC"; then + CFLAGS="$CFLAGS -Ae" + fi + CFLAGS="$CFLAGS -D_HPUX_SOURCE" + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + AC_DEFINE(IPADDR_IN_DISPLAY) + AC_DEFINE(USE_UTMPX) AC_MSG_CHECKING(for HPUX trusted system password database) if test -f /tcb/files/auth/system/default; then AC_MSG_RESULT(yes) @@ -110,7 +133,7 @@ fi AC_CHECK_HEADERS(bstring.h endian.h lastlog.h login.h maillock.h netdb.h netgroup.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h util.h utmp.h utmpx.h) # Checks for library functions. -AC_CHECK_FUNCS(arc4random bindresvport_af freeaddrinfo gai_strerror getaddrinfo getnameinfo innetgr md5_crypt mkdtemp openpty rresvport_af setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy updwtmpx vsnprintf _getpty) +AC_CHECK_FUNCS(arc4random bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage innetgr md5_crypt mkdtemp openpty rresvport_af setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy updwtmpx vsnprintf vhangup _getpty) AC_CHECK_FUNC(login, [AC_DEFINE(HAVE_LOGIN)], @@ -140,12 +163,14 @@ if test -z "$no_pam" -a "x$ac_cv_header_security_pam_appl_h" = "xyes" ; then AC_CHECK_LIB(dl, dlopen, , ) LIBS="$LIBS -lpam" + AC_CHECK_FUNC(pam_getenvlist) + # Check PAM strerror arguments (old PAM) AC_MSG_CHECKING([whether pam_strerror takes only one argument]) AC_TRY_COMPILE( [ - #include - #include +#include +#include ], [(void)pam_strerror((pam_handle_t *)NULL, -1);], [AC_MSG_RESULT(no)], @@ -194,18 +219,18 @@ for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl /usr/local/ssl / AC_TRY_RUN( [ - #include - #include - #include - int main(void) - { - RSA *key; char a[2048],b[2048];; - memset(a, 0, sizeof(a));memset(b, 0, sizeof(b)); - RAND_seed(a, sizeof(a)); - key=RSA_generate_key(32,3,NULL,NULL); - if (key==NULL) return(1); - return(-1==RSA_private_decrypt(RSA_size(key),a,b,key,RSA_NO_PADDING)); - } +#include +#include +#include +int main(void) +{ + RSA *key; char a[2048],b[2048];; + memset(a, 0, sizeof(a));memset(b, 0, sizeof(b)); + RAND_add(a, sizeof(a), sizeof(a)); + key=RSA_generate_key(32,3,NULL,NULL); + if (key==NULL) return(1); + return(-1==RSA_private_decrypt(RSA_size(key),a,b,key,RSA_NO_PADDING)); +} ], [ AC_DEFINE(HAVE_OPENSSL) @@ -213,27 +238,6 @@ for ssldir in "" $tryssldir /usr/local/openssl /usr/lib/openssl /usr/local/ssl / break; ], [] ) - AC_TRY_RUN( - [ - #include - #include - #include - int main(void) - { - RSA *key; char a[2048],b[2048];; - memset(a, 0, sizeof(a));memset(b, 0, sizeof(b)); - RAND_seed(a, sizeof(a)); - key=RSA_generate_key(32,3,NULL,NULL); - if (key==NULL) return(1); - return(-1==RSA_private_decrypt(RSA_size(key),a,b,key,RSA_NO_PADDING)); - } - ], - [ - AC_DEFINE(HAVE_SSL) - found_crypto=1 - break; - ], [] - ) done if test ! -z "$found_crypto" ; then @@ -274,7 +278,7 @@ AC_CHECK_SIZEOF(long long int, 8) AC_MSG_CHECKING([for intXX_t types]) AC_TRY_COMPILE( [#include ], - [int8_t a; int16_t b; int32_t c; int64_t d; a = b = c = d = 1;], + [int8_t a; int16_t b; int32_t c; a = b = c = 1;], [ AC_DEFINE(HAVE_INTXX_T) AC_MSG_RESULT(yes) @@ -286,7 +290,7 @@ AC_TRY_COMPILE( AC_MSG_CHECKING([for u_intXX_t types]) AC_TRY_COMPILE( [#include ], - [u_int8_t a; u_int16_t b; u_int32_t c; u_int64_t d; a = b = c = d = 1;], + [u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], [ AC_DEFINE(HAVE_U_INTXX_T) AC_MSG_RESULT(yes) @@ -302,9 +306,9 @@ then AC_TRY_COMPILE( [#include ], [ - int8_t a; int16_t b; int32_t c; int64_t d; - u_int8_t e; u_int16_t f; u_int32_t g; u_int64_t h; - a = b = c = d = e = f = g = h = 1; + int8_t a; int16_t b; int32_t c; + u_int8_t e; u_int16_t f; u_int32_t g; + a = b = c = e = f = g = 1; ], [ AC_DEFINE(HAVE_U_INTXX_T) @@ -319,7 +323,7 @@ if test -z "$have_u_intxx_t" ; then AC_MSG_CHECKING([for uintXX_t types]) AC_TRY_COMPILE( [#include ], - [uint8_t a; uint16_t b; uint32_t c; uint64_t d; a = b = c = d = 1;], + [uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], [ AC_DEFINE(HAVE_UINTXX_T) AC_MSG_RESULT(yes) @@ -331,8 +335,8 @@ fi AC_MSG_CHECKING([for socklen_t]) AC_TRY_COMPILE( [ - #include - #include +#include +#include ], [socklen_t foo; foo = 1235;], [ @@ -356,8 +360,8 @@ AC_TRY_COMPILE( AC_MSG_CHECKING([for struct sockaddr_storage]) AC_TRY_COMPILE( [ - #include - #include +#include +#include ], [struct sockaddr_storage s;], [ @@ -392,9 +396,9 @@ AC_TRY_COMPILE( AC_MSG_CHECKING([for struct addrinfo]) AC_TRY_COMPILE( [ - #include - #include - #include +#include +#include +#include ], [struct addrinfo s; s.ai_flags = AI_PASSIVE;], [ @@ -464,8 +468,8 @@ AC_EGREP_HEADER(ut_addr_v6, utmpx.h, AC_MSG_CHECKING([whether struct sockaddr_storage has ss_family field]) AC_TRY_COMPILE( [ - #include - #include +#include +#include ], [struct sockaddr_storage s; s.ss_family = 1;], [ @@ -477,8 +481,8 @@ AC_TRY_COMPILE( AC_MSG_CHECKING([whether struct sockaddr_storage has __ss_family field]) AC_TRY_COMPILE( [ - #include - #include +#include +#include ], [struct sockaddr_storage s; s.__ss_family = 1;], [ @@ -604,8 +608,10 @@ AC_CHECK_FILE("/dev/ptc", AC_ARG_WITH(random, [ --with-random=FILE read randomness from FILE (default=/dev/urandom)], [ - RANDOM_POOL="$withval"; - AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL") + if test "x$withval" != "xno" ; then + RANDOM_POOL="$withval"; + AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL") + fi ], [ # Check for random device @@ -623,16 +629,72 @@ AC_ARG_WITH(random, AC_ARG_WITH(egd-pool, [ --with-egd-pool=FILE read randomness from EGD pool FILE (default none)], [ - RANDOM_POOL="$withval"; - AC_DEFINE(HAVE_EGD) - AC_SUBST(RANDOM_POOL) - AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL") + if test "x$withval" != "xno" ; then + EGD_SOCKET="$withval"; + AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET") + fi ] ) -# Make sure we have some random number support -if test -z "$RANDOM_POOL" -a -z "$EGD_POOL"; then - AC_MSG_ERROR([No random device found, and no EGD random pool specified]) +if test -z "$RANDOM_POOL" -a -z "$EGD_SOCKET" ; then + # Use these commands to collect entropy + AC_PATH_PROG(PROG_LS, ls) + AC_PATH_PROG(PROG_NETSTAT, netstat) + AC_PATH_PROG(PROG_ARP, arp) + AC_PATH_PROG(PROG_IFCONFIG, ifconfig) + AC_PATH_PROG(PROG_PS, ps) + AC_PATH_PROG(PROG_W, w) + AC_PATH_PROG(PROG_WHO, who) + AC_PATH_PROG(PROG_LAST, last) + AC_PATH_PROG(PROG_LASTLOG, lastlog) + AC_PATH_PROG(PROG_DF, df) + AC_PATH_PROG(PROG_VMSTAT, vmstat) + AC_PATH_PROG(PROG_UPTIME, uptime) + AC_PATH_PROG(PROG_IPCS, ipcs) + AC_PATH_PROG(PROG_TAIL, tail) + AC_PATH_PROG(PROG_LS, ls) + if test ! -z "$PROG_LS" ; then + AC_DEFINE_UNQUOTED(PROG_LS, "$PROG_LS") + fi + if test ! -z "$PROG_NETSTAT" ; then + AC_DEFINE_UNQUOTED(PROG_NETSTAT, "$PROG_NETSTAT") + fi + if test ! -z "$PROG_ARP" ; then + AC_DEFINE_UNQUOTED(PROG_ARP, "$PROG_ARP") + fi + if test ! -z "$PROG_IFCONFIG" ; then + AC_DEFINE_UNQUOTED(PROG_IFCONFIG, "$PROG_IFCONFIG") + fi + if test ! -z "$PROG_PS" ; then + AC_DEFINE_UNQUOTED(PROG_PS, "$PROG_PS") + fi + if test ! -z "$PROG_W" ; then + AC_DEFINE_UNQUOTED(PROG_W, "$PROG_W") + fi + if test ! -z "$PROG_WHO" ; then + AC_DEFINE_UNQUOTED(PROG_WHO, "$PROG_WHO") + fi + if test ! -z "$PROG_LAST" ; then + AC_DEFINE_UNQUOTED(PROG_LAST, "$PROG_LAST") + fi + if test ! -z "$PROG_LASTLOG" ; then + AC_DEFINE_UNQUOTED(PROG_LASTLOG, "$PROG_LASTLOG") + fi + if test ! -z "$PROG_DF" ; then + AC_DEFINE_UNQUOTED(PROG_DF, "$PROG_DF") + fi + if test ! -z "$PROG_VMSTAT" ; then + AC_DEFINE_UNQUOTED(PROG_VMSTAT, "$PROG_VMSTAT") + fi + if test ! -z "$PROG_UPTIME" ; then + AC_DEFINE_UNQUOTED(PROG_UPTIME, "$PROG_UPTIME") + fi + if test ! -z "$PROG_UPTIME" ; then + AC_DEFINE_UNQUOTED(PROG_UPTIME, "$PROG_UPTIME") + fi + if test ! -z "$PROG_TAIL" ; then + AC_DEFINE_UNQUOTED(PROG_TAIL, "$PROG_TAIL") + fi fi AC_ARG_WITH(catman, @@ -738,7 +800,7 @@ AC_ARG_WITH(tcp-wrappers, AC_MSG_CHECKING(for libwrap) AC_TRY_LINK( [ - #include +#include int deny_severity = 0, allow_severity = 0; ], [hosts_access(0);], @@ -846,9 +908,24 @@ AC_ARG_WITH(pid-dir, fi ] ) + AC_DEFINE_UNQUOTED(PIDDIR, "$piddir") AC_SUBST(piddir) + +# Change default command timeout for builtin PRNG +entropy_timeout=100 +AC_ARG_WITH(entropy-timeout, + [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], + [ + if test "x$withval" != "xno" ; then + entropy_timeout=$withval + fi + ] +) +AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) + + if test ! -z "$blibpath" ; then LDFLAGS="$LDFLAGS -blibpath:$blibpath" AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile])