X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/8034a348be4644ebf9e0aba0441eb5387550c751..9c04d67d02cd4d53a7bba6fa06f0ce1112b0a62f:/configure.ac?ds=sidebyside diff --git a/configure.ac b/configure.ac index 5e9cb98a..ec9f3f21 100644 --- a/configure.ac +++ b/configure.ac @@ -15,6 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) +AC_REVISION($Revision$) AC_CONFIG_SRCDIR([ssh.c]) AC_CONFIG_HEADER(config.h) @@ -27,6 +28,7 @@ AC_PROG_AWK AC_PROG_CPP AC_PROG_RANLIB AC_PROG_INSTALL +AC_PROG_EGREP AC_PATH_PROG(AR, ar) AC_PATH_PROG(CAT, cat) AC_PATH_PROG(KILL, kill) @@ -47,6 +49,11 @@ AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, [/usr/sbin${PATH_SEPARATOR}/etc]) AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) +if test -x /sbin/sh; then + AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) +else + AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) +fi # System features AC_SYS_LARGEFILE @@ -85,12 +92,14 @@ AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include ]) if test "$GCC" = "yes" || test "$GCC" = "egcs"; then CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" - GCC_VER=`$CC --version` + GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` case $GCC_VER in 1.*) ;; 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;; 2.*) ;; - *) CFLAGS="$CFLAGS -Wsign-compare" ;; + 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;; + 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;; + *) ;; esac if test -z "$have_llong_max"; then @@ -106,70 +115,6 @@ if test "$GCC" = "yes" || test "$GCC" = "egcs"; then fi fi -if test -z "$have_llong_max"; then - AC_MSG_CHECKING([for max value of long long]) - AC_RUN_IFELSE( - [AC_LANG_SOURCE([[ -#include -/* Why is this so damn hard? */ -#ifdef __GNUC__ -# undef __GNUC__ -#endif -#define __USE_ISOC99 -#include -#define DATA "conftest.llminmax" -int main(void) { - FILE *f; - long long i, llmin, llmax = 0; - - if((f = fopen(DATA,"w")) == NULL) - exit(1); - -#if defined(LLONG_MIN) && defined(LLONG_MAX) - fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); - llmin = LLONG_MIN; - llmax = LLONG_MAX; -#else - fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); - /* This will work on one's complement and two's complement */ - for (i = 1; i > llmax; i <<= 1, i++) - llmax = i; - llmin = llmax + 1LL; /* wrap */ -#endif - - /* Sanity check */ - if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax - || llmax - 1 > llmax) { - fprintf(f, "unknown unknown\n"); - exit(2); - } - - if (fprintf(f ,"%lld %lld", llmin, llmax) < 0) - exit(3); - - exit(0); -} - ]])], - [ - llong_min=`$AWK '{print $1}' conftest.llminmax` - llong_max=`$AWK '{print $2}' conftest.llminmax` - AC_MSG_RESULT($llong_max) - AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], - [max value of long long calculated by configure]) - AC_MSG_CHECKING([for min value of long long]) - AC_MSG_RESULT($llong_min) - AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], - [min value of long long calculated by configure]) - ], - [ - AC_MSG_RESULT(not found) - ], - [ - AC_MSG_WARN([cross compiling: not checking]) - ] - ) -fi - AC_ARG_WITH(rpath, [ --without-rpath Disable auto-added -R linker paths], [ @@ -243,6 +188,9 @@ case "$host" in AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, [Define to a Set Process Title type if your system is supported by bsd-setproctitle.c]) + AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, + [AIX 5.2 and 5.3 (and presumably newer) require this]) + AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) ;; *-*-cygwin*) check_for_libcrypt_later=1 @@ -284,6 +232,11 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE(BROKEN_SETREGID) AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, [Define if your resolver libs need this for getrrsetbyname]) + AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) + AC_DEFINE(SSH_TUN_COMPAT_AF, 1, + [Use tunnel device compatibility to OpenBSD]) + AC_DEFINE(SSH_TUN_PREPEND_AF, 1, + [Prepend the address family to IP tunnel traffic]) ;; *-*-hpux*) # first we define all of the options common to all HP-UX releases @@ -386,9 +339,19 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) [Define if cmsg_type is not passed correctly]) ;; esac + # tun(4) forwarding compat code + AC_CHECK_HEADERS(linux/if_tun.h) + if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then + AC_DEFINE(SSH_TUN_LINUX, 1, + [Open tunnel devices the Linux tun/tap way]) + AC_DEFINE(SSH_TUN_COMPAT_AF, 1, + [Use tunnel device compatibility to OpenBSD]) + AC_DEFINE(SSH_TUN_PREPEND_AF, 1, + [Prepend the address family to IP tunnel traffic]) + fi ;; mips-sony-bsd|mips-sony-newsos4) - AC_DEFINE(NEED_SETPRGP, 1, [Need setpgrp to acquire controlling tty]) + AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) SONY=1 ;; *-*-netbsd*) @@ -396,10 +359,18 @@ mips-sony-bsd|mips-sony-newsos4) if test "x$withval" != "xno" ; then need_dash_r=1 fi + AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) + AC_CHECK_HEADER([net/if_tap.h], , + AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) + AC_DEFINE(SSH_TUN_PREPEND_AF, 1, + [Prepend the address family to IP tunnel traffic]) ;; *-*-freebsd*) check_for_libcrypt_later=1 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)]) + AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) + AC_CHECK_HEADER([net/if_tap.h], , + AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) ;; *-*-bsdi*) AC_DEFINE(SETEUID_BREAKS_SETUID) @@ -419,6 +390,7 @@ mips-sony-bsd|mips-sony-newsos4) *-*-openbsd*) AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) + AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) ;; *-*-solaris*) if test "x$withval" != "xno" ; then @@ -438,6 +410,8 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, [Define if sshd somehow reacquires a controlling TTY after setsid()]) + AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd + in case the name is longer than 8 chars]) external_path_file=/etc/default/login # hardwire lastlog location (can't detect it on some versions) conf_lastlog_location="/var/adm/lastlog" @@ -472,8 +446,8 @@ mips-sony-bsd|mips-sony-newsos4) *-sni-sysv*) # /usr/ucblib MUST NOT be searched on ReliantUNIX AC_CHECK_LIB(dl, dlsym, ,) - # -lresolv needs to be at then end of LIBS or DNS lookups break - AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ]) + # -lresolv needs to be at the end of LIBS or DNS lookups break + AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) IPADDR_IN_DISPLAY=yes AC_DEFINE(USE_PIPES) AC_DEFINE(IP_TOS_IS_BROKEN) @@ -488,11 +462,13 @@ mips-sony-bsd|mips-sony-newsos4) ;; # UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. *-*-sysv4.2*) + CFLAGS="$CFLAGS -Dva_list=_VA_LIST" AC_DEFINE(USE_PIPES) AC_DEFINE(SETEUID_BREAKS_SETUID) AC_DEFINE(BROKEN_SETREUID) AC_DEFINE(BROKEN_SETREGID) AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) + AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") ;; # UnixWare 7.x, OpenUNIX 8 *-*-sysv5*) @@ -509,6 +485,8 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(BROKEN_LIBIAF, 1, [ia_uinfo routines not supported by OS yet]) ;; + *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") + ;; esac ;; *-*-sysv*) @@ -607,18 +585,21 @@ mips-sony-bsd|mips-sony-newsos4) AC_DEFINE(BROKEN_SETREGID) ;; -*-*-nto-qnx) +*-*-nto-qnx*) AC_DEFINE(USE_PIPES) AC_DEFINE(NO_X11_UNIX_SOCKETS) AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems]) AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems]) AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems]) + AC_DEFINE(DISABLE_LASTLOG) + AC_DEFINE(SSHD_ACQUIRES_CTTY) + enable_etc_default_login=no # has incompatible /etc/default/login ;; *-*-ultrix*) AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) - AC_DEFINE(NEED_SETPRGP) + AC_DEFINE(NEED_SETPGRP) AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) ;; @@ -696,6 +677,7 @@ dnl Checks for header files. AC_CHECK_HEADERS( \ bstring.h \ crypt.h \ + crypto/sha2.h \ dirent.h \ endian.h \ features.h \ @@ -704,21 +686,20 @@ AC_CHECK_HEADERS( \ glob.h \ ia.h \ iaf.h \ - lastlog.h \ limits.h \ login.h \ - login_cap.h \ maillock.h \ ndir.h \ + net/if_tun.h \ netdb.h \ netgroup.h \ - netinet/in_systm.h \ pam/pam_appl.h \ paths.h \ pty.h \ readpassphrase.h \ rpc/types.h \ security/pam_appl.h \ + sha2.h \ shadow.h \ stddef.h \ stdint.h \ @@ -754,6 +735,13 @@ AC_CHECK_HEADERS( \ vis.h \ ) +# lastlog.h requires sys/time.h to be included first on Solaris +AC_CHECK_HEADERS(lastlog.h, [], [], [ +#ifdef HAVE_SYS_TIME_H +# include +#endif +]) + # sys/ptms.h requires sys/stream.h to be included first on Solaris AC_CHECK_HEADERS(sys/ptms.h, [], [], [ #ifdef HAVE_SYS_STREAM_H @@ -761,6 +749,11 @@ AC_CHECK_HEADERS(sys/ptms.h, [], [], [ #endif ]) +# login_cap.h requires sys/types.h on NetBSD +AC_CHECK_HEADERS(login_cap.h, [], [], [ +#include +]) + # Checks for libraries. AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) @@ -772,8 +765,8 @@ AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ ac_cv_have_broken_dirname, [ save_LIBS="$LIBS" LIBS="$LIBS -lgen" - AC_TRY_RUN( - [ + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ #include #include @@ -788,9 +781,10 @@ int main(int argc, char **argv) { exit(0); } } - ], + ]])], + [ ac_cv_have_broken_dirname="no" ], + [ ac_cv_have_broken_dirname="yes" ], [ ac_cv_have_broken_dirname="no" ], - [ ac_cv_have_broken_dirname="yes" ] ) LIBS="$save_LIBS" ]) @@ -909,7 +903,7 @@ dnl UnixWare 2.x AC_CHECK_FUNC(strcasecmp, [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] ) -AC_CHECK_FUNC(utimes, +AC_CHECK_FUNCS(utimes, [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) LIBS="$LIBS -lc89"]) ] ) @@ -944,11 +938,9 @@ AC_EGREP_CPP(FOUNDIT, # Check for g.gl_matchc glob() extension AC_MSG_CHECKING(for gl_matchc field in glob_t) -AC_EGREP_CPP(FOUNDIT, - [ - #include - int main(void){glob_t g; g.gl_matchc = 1;} - ], +AC_TRY_COMPILE( + [ #include ], + [glob_t g; g.gl_matchc = 1;], [ AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, [Define if your system glob() function has @@ -971,7 +963,7 @@ int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} [ AC_MSG_RESULT(no) AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, - [Define in your struct dirent expects you to + [Define if your struct dirent expects you to allocate extra space for d_name]) ], [ @@ -1005,12 +997,12 @@ AC_ARG_WITH(skey, SKEY_MSG="yes" AC_MSG_CHECKING([for s/key support]) - AC_TRY_RUN( - [ + AC_LINK_IFELSE( + [AC_LANG_SOURCE([[ #include #include int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } - ], + ]])], [AC_MSG_RESULT(yes)], [ AC_MSG_RESULT(no) @@ -1167,6 +1159,7 @@ AC_ARG_WITH(audit, dnl Checks for library functions. Please keep in alphabetical order AC_CHECK_FUNCS( \ arc4random \ + asprintf \ b64_ntop \ __b64_ntop \ b64_pton \ @@ -1242,7 +1235,7 @@ AC_CHECK_FUNCS( \ truncate \ unsetenv \ updwtmpx \ - utimes \ + vasprintf \ vhangup \ vsnprintf \ waitpid \ @@ -1361,6 +1354,54 @@ int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} ) fi +# If we don't have a working asprintf, then we strongly depend on vsnprintf +# returning the right thing on overflow: the number of characters it tried to +# create (as per SUSv3) +if test "x$ac_cv_func_asprintf" != "xyes" && \ + test "x$ac_cv_func_vsnprintf" = "xyes" ; then + AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ +#include +#include +#include + +int x_snprintf(char *str,size_t count,const char *fmt,...) +{ + size_t ret; va_list ap; + va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); + return ret; +} +int main(void) +{ + char x[1]; + exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); +} ]])], + [AC_MSG_RESULT(yes)], + [ + AC_MSG_RESULT(no) + AC_DEFINE(BROKEN_SNPRINTF, 1, + [Define if your snprintf is busted]) + AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) + ], + [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] + ) +fi + +# On systems where [v]snprintf is broken, but is declared in stdio, +# check that the fmt argument is const char * or just char *. +# This is only useful for when BROKEN_SNPRINTF +AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) +AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include + int snprintf(char *a, size_t b, const char *c, ...) { return 0; } + int main(void) { snprintf(0, 0, 0); } + ]])], + [AC_MSG_RESULT(yes) + AC_DEFINE(SNPRINTF_CONST, [const], + [Define as const if snprintf() can declare const char *fmt])], + [AC_MSG_RESULT(no) + AC_DEFINE(SNPRINTF_CONST, [/* not const */])]) + # Check for missing getpeereid (or equiv) support NO_PEERCHECK="" if test "x$ac_cv_func_getpeereid" != "xyes" ; then @@ -1380,15 +1421,15 @@ fi dnl see whether mkstemp() requires XXXXXX if test "x$ac_cv_func_mkdtemp" = "xyes" ; then AC_MSG_CHECKING([for (overly) strict mkstemp]) -AC_TRY_RUN( - [ +AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ #include main() { char template[]="conftest.mkstemp-test"; if (mkstemp(template) == -1) exit(1); unlink(template); exit(0); } - ], + ]])], [ AC_MSG_RESULT(no) ], @@ -1406,8 +1447,8 @@ fi dnl make sure that openpty does not reacquire controlling terminal if test ! -z "$check_for_openpty_ctty_bug"; then AC_MSG_CHECKING(if openpty correctly handles controlling tty) - AC_TRY_RUN( - [ + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ #include #include #include @@ -1439,13 +1480,16 @@ main() exit(0); /* Did not acquire ctty: OK */ } } - ], + ]])], [ AC_MSG_RESULT(yes) ], [ AC_MSG_RESULT(no) AC_DEFINE(SSHD_ACQUIRES_CTTY) + ], + [ + AC_MSG_RESULT(cross-compiling, assuming yes) ] ) fi @@ -1453,8 +1497,8 @@ fi if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then AC_MSG_CHECKING(if getaddrinfo seems to work) - AC_TRY_RUN( - [ + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ #include #include #include @@ -1508,13 +1552,16 @@ main(void) } exit(0); } - ], + ]])], [ AC_MSG_RESULT(yes) ], [ AC_MSG_RESULT(no) AC_DEFINE(BROKEN_GETADDRINFO) + ], + [ + AC_MSG_RESULT(cross-compiling, assuming yes) ] ) fi @@ -1522,8 +1569,8 @@ fi if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ test "x$check_for_aix_broken_getaddrinfo" = "x1"; then AC_MSG_CHECKING(if getaddrinfo seems to work) - AC_TRY_RUN( - [ + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ #include #include #include @@ -1565,7 +1612,7 @@ main(void) } exit(0); } - ], + ]])], [ AC_MSG_RESULT(yes) AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, @@ -1575,6 +1622,8 @@ main(void) [ AC_MSG_RESULT(no) AC_DEFINE(BROKEN_GETADDRINFO) + ], + AC_MSG_RESULT(cross-compiling, assuming no) ] ) fi @@ -1799,6 +1848,42 @@ Also see contrib/findssl.sh for help identifying header/library mismatches.]) ] ) +AC_ARG_WITH(ssl-engine, + [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], + [ if test "x$withval" != "xno" ; then + AC_MSG_CHECKING(for OpenSSL ENGINE support) + AC_TRY_COMPILE( + [ #include ], + [ +int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();} + ], + [ AC_MSG_RESULT(yes) + AC_DEFINE(USE_OPENSSL_ENGINE, 1, + [Enable OpenSSL engine support]) + ], + [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] + ) + fi ] +) + +# Check for OpenSSL without EVP_aes_{192,256}_cbc +AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) +AC_COMPILE_IFELSE( + [AC_LANG_SOURCE([[ +#include +#include +int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);} + ]])], + [ + AC_MSG_RESULT(no) + ], + [ + AC_MSG_RESULT(yes) + AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, + [libcrypto is missing AES 192 and 256 bit functions]) + ] +) + # Some systems want crypt() from libcrypt, *not* the version in OpenSSL, # because the system crypt() is more featureful. if test "x$check_for_libcrypt_before" = "x1"; then @@ -1811,6 +1896,9 @@ if test "x$check_for_libcrypt_later" = "x1"; then AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") fi +# Search for SHA256 support in libc and/or OpenSSL +AC_CHECK_FUNCS(SHA256_Update EVP_sha256) + AC_CHECK_LIB(iaf, ia_openinfo) ### Configure cryptographic random number support @@ -2032,7 +2120,10 @@ if test ! -z "$SONY" ; then LIBS="$LIBS -liberty"; fi -# Checks for data types +# Check for long long datatypes +AC_CHECK_TYPES([long long, unsigned long long, long double]) + +# Check datatype sizes AC_CHECK_SIZEOF(char, 1) AC_CHECK_SIZEOF(short int, 2) AC_CHECK_SIZEOF(int, 4) @@ -2044,6 +2135,105 @@ if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then ac_cv_sizeof_long_long_int=0 fi +# compute LLONG_MIN and LLONG_MAX if we don't know them. +if test -z "$have_llong_max"; then + AC_MSG_CHECKING([for max value of long long]) + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ +#include +/* Why is this so damn hard? */ +#ifdef __GNUC__ +# undef __GNUC__ +#endif +#define __USE_ISOC99 +#include +#define DATA "conftest.llminmax" +#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) + +/* + * printf in libc on some platforms (eg old Tru64) does not understand %lld so + * we do this the hard way. + */ +static int +fprint_ll(FILE *f, long long n) +{ + unsigned int i; + int l[sizeof(long long) * 8]; + + if (n < 0) + if (fprintf(f, "-") < 0) + return -1; + for (i = 0; n != 0; i++) { + l[i] = my_abs(n % 10); + n /= 10; + } + do { + if (fprintf(f, "%d", l[--i]) < 0) + return -1; + } while (i != 0); + if (fprintf(f, " ") < 0) + return -1; + return 0; +} + +int main(void) { + FILE *f; + long long i, llmin, llmax = 0; + + if((f = fopen(DATA,"w")) == NULL) + exit(1); + +#if defined(LLONG_MIN) && defined(LLONG_MAX) + fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); + llmin = LLONG_MIN; + llmax = LLONG_MAX; +#else + fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); + /* This will work on one's complement and two's complement */ + for (i = 1; i > llmax; i <<= 1, i++) + llmax = i; + llmin = llmax + 1LL; /* wrap */ +#endif + + /* Sanity check */ + if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax + || llmax - 1 > llmax || llmin == llmax || llmin == 0 + || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { + fprintf(f, "unknown unknown\n"); + exit(2); + } + + if (fprint_ll(f, llmin) < 0) + exit(3); + if (fprint_ll(f, llmax) < 0) + exit(4); + if (fclose(f) < 0) + exit(5); + exit(0); +} + ]])], + [ + llong_min=`$AWK '{print $1}' conftest.llminmax` + llong_max=`$AWK '{print $2}' conftest.llminmax` + + AC_MSG_RESULT($llong_max) + AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], + [max value of long long calculated by configure]) + AC_MSG_CHECKING([for min value of long long]) + AC_MSG_RESULT($llong_min) + AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], + [min value of long long calculated by configure]) + ], + [ + AC_MSG_RESULT(not found) + ], + [ + AC_MSG_WARN([cross compiling: not checking]) + ] + ) +fi + + # More checks for data types AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ AC_TRY_COMPILE( @@ -2470,6 +2660,17 @@ OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) AC_CHECK_MEMBERS([struct stat.st_blksize]) +AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, + [Define if we don't have struct __res_state in resolv.h])], +[ +#include +#if HAVE_SYS_TYPES_H +# include +#endif +#include +#include +#include +]) AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], ac_cv_have_ss_family_in_struct_ss, [ @@ -2645,6 +2846,32 @@ if test "x$ac_cv_cc_implements___func__" = "xyes" ; then AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) fi +AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ + AC_TRY_LINK( + [#include + va_list x,y;], + [va_copy(x,y);], + [ ac_cv_have_va_copy="yes" ], + [ ac_cv_have_va_copy="no" ] + ) +]) +if test "x$ac_cv_have_va_copy" = "xyes" ; then + AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) +fi + +AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ + AC_TRY_LINK( + [#include + va_list x,y;], + [__va_copy(x,y);], + [ ac_cv_have___va_copy="yes" ], + [ ac_cv_have___va_copy="no" ] + ) +]) +if test "x$ac_cv_have___va_copy" = "xyes" ; then + AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) +fi + AC_CACHE_CHECK([whether getopt has optreset support], ac_cv_have_getopt_optreset, [ AC_TRY_LINK( @@ -2782,6 +3009,23 @@ int main() [#include ]) ]) +# Check whether user wants SELinux support +SELINUX_MSG="no" +LIBSELINUX="" +AC_ARG_WITH(selinux, + [ --with-selinux Enable SELinux support], + [ if test "x$withval" != "xno" ; then + AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) + SELINUX_MSG="yes" + AC_CHECK_HEADER([selinux/selinux.h], , + AC_MSG_ERROR(SELinux support requires selinux.h header)) + AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], + AC_MSG_ERROR(SELinux support requires libselinux library)) + AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) + fi ] +) +AC_SUBST(LIBSELINUX) + # Check whether user wants Kerberos 5 support KRB5_MSG="no" AC_ARG_WITH(kerberos5, @@ -3084,16 +3328,19 @@ AC_ARG_ENABLE(etc-default-login, else etc_default_login=yes fi ], - [ etc_default_login=yes ] + [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; + then + AC_MSG_WARN([cross compiling: not checking /etc/default/login]) + etc_default_login=no + else + etc_default_login=yes + fi ] ) if test "x$etc_default_login" != "xno"; then AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) - if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; - then - AC_MSG_WARN([cross compiling: Disabling /etc/default/login test]) - elif test "x$external_path_file" = "x/etc/default/login"; then + if test "x$external_path_file" = "x/etc/default/login"; then AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, [Define if your system has /etc/default/login]) fi @@ -3132,8 +3379,8 @@ $external_path_file .]) If PATH is defined in $external_path_file, ensure the path to scp is included, otherwise scp will not work.]) fi - AC_TRY_RUN( - [ + AC_RUN_IFELSE( + [AC_LANG_SOURCE([[ /* find out what STDPATH is */ #include #ifdef HAVE_PATHS_H @@ -3165,7 +3412,8 @@ main() exit(0); } - ], [ user_path=`cat conftest.stdpath` ], + ]])], + [ user_path=`cat conftest.stdpath` ], [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] ) @@ -3554,7 +3802,7 @@ CFLAGS="$CFLAGS $werror_flags" AC_EXEEXT AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \ - scard/Makefile ssh_prng_cmds survey.sh]) + openbsd-compat/regress/Makefile scard/Makefile ssh_prng_cmds survey.sh]) AC_OUTPUT # Print summary of options @@ -3596,6 +3844,7 @@ fi echo " Manpage format: $MANTYPE" echo " PAM support: $PAM_MSG" echo " KerberosV support: $KRB5_MSG" +echo " SELinux support: $SELINUX_MSG" echo " Smartcard support: $SCARD_MSG" echo " S/KEY support: $SKEY_MSG" echo " TCP Wrappers support: $TCPW_MSG"