X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/fc1e8bf4313a0e9dfe66af42436011d6753fd63e..137d7b6c0a85a7310157db30a462ad51abb0a28d:/configure.in diff --git a/configure.in b/configure.in index a8b9794f..f048b000 100644 --- a/configure.in +++ b/configure.in @@ -31,11 +31,17 @@ case "$host" in AFS_LIBS="-lld" CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" - if test "$LD" != "gcc" -a -z "$blibpath"; then + if (test "$LD" != "gcc" && test -z "$blibpath"); then blibpath="/usr/lib:/lib:/usr/local/lib" fi AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)]) AC_DEFINE(BROKEN_GETADDRINFO) + MANTYPE='$(CATMAN)' + mansubdir=cat + dnl AIX handles lastlog as part of its login message + AC_DEFINE(DISABLE_LASTLOG) + MANTYPE='$(CATMAN)' + mansubdir=cat ;; *-*-hpux10*) if test -z "$GCC"; then @@ -43,7 +49,7 @@ case "$host" in fi CFLAGS="$CFLAGS -D_HPUX_SOURCE" AC_DEFINE(IPADDR_IN_DISPLAY) - AC_DEFINE(USE_UTMPX) + AC_DEFINE(USE_PIPES) AC_MSG_CHECKING(for HPUX trusted system password database) if test -f /tcb/files/auth/system/default; then AC_MSG_RESULT(yes) @@ -63,7 +69,6 @@ case "$host" in fi CFLAGS="$CFLAGS -D_HPUX_SOURCE" AC_DEFINE(IPADDR_IN_DISPLAY) - AC_DEFINE(USE_UTMPX) AC_MSG_CHECKING(for HPUX trusted system password database) if test -f /tcb/files/auth/system/default; then AC_MSG_RESULT(yes) @@ -79,47 +84,135 @@ case "$host" in ;; *-*-irix5*) CFLAGS="$CFLAGS -I/usr/local/include" - LDFLAGS="$LDFLAGS -L/usr/local/lib" + LDFLAGS="$LDFLAGS" MANTYPE='$(CATMAN)' no_libsocket=1 no_libnsl=1 + AC_DEFINE(BROKEN_INET_NTOA) ;; *-*-irix6*) CFLAGS="$CFLAGS -I/usr/local/include" - LDFLAGS="$LDFLAGS -L/usr/local/lib" + LDFLAGS="$LDFLAGS" MANTYPE='$(CATMAN)' - AC_MSG_WARN([*** Irix 6.x is not tested, please report you experiences *** ]) + AC_DEFINE(WITH_IRIX_ARRAY) + AC_DEFINE(WITH_IRIX_PROJECT) + AC_DEFINE(WITH_IRIX_AUDIT) no_libsocket=1 no_libnsl=1 + AC_DEFINE(BROKEN_INET_NTOA) ;; *-*-linux*) no_dev_ptmx=1 AC_DEFINE(DONT_TRY_OTHER_AF) + AC_DEFINE(PAM_TTY_KLUDGE) inet6_default_4in6=yes ;; *-*-netbsd*) need_dash_r=1 ;; +*-next-*) + # hardwire lastlog location (can't detect it on some versions) + conf_lastlog_location="/usr/adm/lastlog" + conf_utmp_location=/etc/utmp + AC_DEFINE(HAVE_NEXT) + CFLAGS="$CFLAGS -I/usr/local/include" + MAIL=/usr/spool/mail + AC_MSG_WARN([*** Tested: PA-RISC/m68k Untested: Sparc/Intel]) + AC_MSG_WARN([*** Expect 'scp' to fail!]) + AC_MSG_WARN([*** Please report any problems, thanks]) + ;; *-*-solaris*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib -R/usr/local/lib -L/usr/ucblib -R/usr/ucblib" need_dash_r=1 - AC_DEFINE(USE_UTMPX) + # hardwire lastlog location (can't detect it on some versions) + conf_lastlog_location="/var/adm/lastlog" + AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) + sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` + if test "$sol2ver" -ge 8; then + AC_MSG_RESULT(yes) + AC_DEFINE(DISABLE_UTMP) + AC_DEFINE(DISABLE_WTMP) + else + AC_MSG_RESULT(no) + fi ;; *-*-sunos4*) CFLAGS="$CFLAGS -DSUNOS4" AC_CHECK_FUNCS(getpwanam) + conf_utmp_location=/etc/utmp + conf_wtmp_location=/var/adm/wtmp + conf_lastlog_location=/var/adm/lastlog + AC_DEFINE(USE_PIPES) + MANTYPE='$(CATMAN)' + mansubdir=cat + ;; +*-sni-sysv*) + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib -L/usr/ucblib" + MANTYPE='$(CATMAN)' + AC_DEFINE(IP_TOS_IS_BROKEN) + mansubdir=cat + LIBS="$LIBS -lgen -lnsl -lucb" ;; *-*-sysv*) CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" - AC_DEFINE(USE_UTMPX) MANTYPE='$(CATMAN)' mansubdir=cat LIBS="$LIBS -lgen -lsocket" ;; +*-*-sco3*) + CFLAGS="$CFLAGS -I/usr/local/include" + LDFLAGS="$LDFLAGS -L/usr/local/lib" + MANTYPE='$(CATMAN)' + mansubdir=cat + LIBS="$LIBS -lgen -lsocket" + no_dev_ptmx=1 + ;; +*-dec-osf*) +# This is untested + if test ! -z "USE_SIA" ; then + AC_MSG_CHECKING(for Digital Unix Security Integration Architecture) + if test -f /etc/sia/matrix.conf; then + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_OSF_SIA) + AC_DEFINE(DISABLE_LOGIN) + LIBS="$LIBS -lsecurity -ldb -lm -laud" + else + AC_MSG_RESULT(no) + fi + fi + ;; esac +# Allow user to specify flags +AC_ARG_WITH(cflags, + [ --with-cflags Specify additional flags to pass to compiler], + [ + if test "x$withval" != "xno" ; then + CFLAGS="$CFLAGS $withval" + fi + ] +) +AC_ARG_WITH(ldflags, + [ --with-ldlags Specify additional flags to pass to linker], + [ + if test "x$withval" != "xno" ; then + LDFLAGS="$LDFLAGS $withval" + fi + ] +) +AC_ARG_WITH(libs, + [ --with-libs Specify additional libraries to link with], + [ + if test "x$withval" != "xno" ; then + LIBS="$LIBS $withval" + fi + ] +) + + # Checks for libraries. AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***])) AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil") @@ -132,10 +225,25 @@ if test -z "$no_libnsl" ; then fi # Checks for header files. -AC_CHECK_HEADERS(bstring.h endian.h lastlog.h login.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h util.h utmp.h utmpx.h) +AC_CHECK_HEADERS(bstring.h endian.h floatingpoint.h lastlog.h limits.h login.h maillock.h netdb.h netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stat.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h ttyent.h usersec.h util.h utmp.h utmpx.h) # Checks for library functions. -AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage innetgr md5_crypt memmove mkdtemp openpty rresvport_af setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy updwtmpx vsnprintf vhangup _getpty __b64_ntop) +AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage getttyent inet_aton inet_ntoa innetgr md5_crypt memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin setproctitle setreuid sigaction sigvec snprintf strerror strlcat strlcpy strsep vsnprintf vhangup _getpty __b64_ntop) +dnl checks for time functions +AC_CHECK_FUNCS(gettimeofday time) +dnl checks for libutil functions +AC_CHECK_FUNCS(login logout updwtmp logwtmp) +dnl checks for utmp functions +AC_CHECK_FUNCS(entutent getutent getutid getutline pututline setutent) +AC_CHECK_FUNCS(utmpname) +dnl checks for utmpx functions +AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline ) +AC_CHECK_FUNCS(setutxent utmpxname) + +AC_CHECK_FUNC(getuserattr, + [AC_DEFINE(HAVE_GETUSERATTR)], + [AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])] +) AC_CHECK_FUNC(login, [AC_DEFINE(HAVE_LOGIN)], @@ -152,21 +260,44 @@ AC_CHECK_FUNC(getpagesize, [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] ) +# Check for broken snprintf +if test "x$ac_cv_func_snprintf" = "xyes" ; then + AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) + AC_TRY_RUN( + [ +#include +int main(void){char b[5];snprintf(b,5,"123456789");return(b[4]!='\0');} + ], + [AC_MSG_RESULT(yes)], + [ + AC_MSG_RESULT(no) + AC_DEFINE(BROKEN_SNPRINTF) + AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) + ] + ) +fi + +PAM_MSG="no" AC_ARG_WITH(pam, [ --without-pam Disable PAM support ], [ if test "x$withval" = "xno" ; then no_pam=1 AC_DEFINE(DISABLE_PAM) + PAM_MSG="disabled" fi ] ) -if test -z "$no_pam" -a "x$ac_cv_header_security_pam_appl_h" = "xyes" ; then +if (test -z "$no_pam" && test "x$ac_cv_header_security_pam_appl_h" = "xyes") ; then AC_CHECK_LIB(dl, dlopen, , ) LIBS="$LIBS -lpam" AC_CHECK_FUNCS(pam_getenvlist) + disable_shadow=yes + + PAM_MSG="yes" + # Check PAM strerror arguments (old PAM) AC_MSG_CHECKING([whether pam_strerror takes only one argument]) AC_TRY_COMPILE( @@ -179,6 +310,7 @@ if test -z "$no_pam" -a "x$ac_cv_header_security_pam_appl_h" = "xyes" ; then [ AC_DEFINE(HAVE_OLD_PAM) AC_MSG_RESULT(yes) + PAM_MSG="yes (old library)" ] ) fi @@ -249,7 +381,7 @@ int main(void) ac_cv_openssldir=$ssldir ]) -if test ! -z "$ac_cv_openssldir" -a ! "x$ac_cv_openssldir" = "x(system)" ; then +if (test ! -z "$ac_cv_openssldir" && test "x$ac_cv_openssldir" != "x(system)") ; then AC_DEFINE(HAVE_OPENSSL) dnl Need to recover ssldir - test above runs in subshell ssldir=$ac_cv_openssldir @@ -297,13 +429,17 @@ done if test ! -z "$no_rsa" ; then AC_MSG_RESULT(disabled) + RSA_MSG="disabled" else if test -z "$rsa_works" ; then AC_MSG_WARN([*** No RSA support found *** ]) + RSA_MSG="no" else if test -z "$WANTS_RSAREF" ; then AC_MSG_RESULT(yes) + RSA_MSG="yes" else + RSA_MSG="yes (using RSAref)" AC_MSG_RESULT(using RSAref) LIBS="$saved_LIBS -lcrypto -lRSAglue -lrsaref" fi @@ -345,8 +481,8 @@ if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then fi -if test -z "$have_u_intxx_t" -o -z "$have_intxx_t" -a \ - "x$ac_cv_header_sys_bitypes_h" = "xyes" +if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ + test "x$ac_cv_header_sys_bitypes_h" = "xyes") then AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) AC_TRY_COMPILE( @@ -426,6 +562,49 @@ if test "x$ac_cv_have_ssize_t" = "xyes" ; then AC_DEFINE(HAVE_SSIZE_T) fi +AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ + AC_TRY_COMPILE( + [ +#include +#include + ], + [ sa_family_t foo; foo = 1235; ], + [ ac_cv_have_sa_family_t="yes" ], + [ ac_cv_have_sa_family_t="no" ] + ) +]) +if test "x$ac_cv_have_sa_family_t" = "xyes" ; then + AC_DEFINE(HAVE_SA_FAMILY_T) +fi + +AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ + AC_TRY_COMPILE( + [ +#include + ], + [ pid_t foo; foo = 1235; ], + [ ac_cv_have_pid_t="yes" ], + [ ac_cv_have_pid_t="no" ] + ) +]) +if test "x$ac_cv_have_pid_t" = "xyes" ; then + AC_DEFINE(HAVE_PID_T) +fi + +AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ + AC_TRY_COMPILE( + [ +#include + ], + [ mode_t foo; foo = 1235; ], + [ ac_cv_have_mode_t="yes" ], + [ ac_cv_have_mode_t="no" ] + ) +]) +if test "x$ac_cv_have_mode_t" = "xyes" ; then + AC_DEFINE(HAVE_MODE_T) +fi + AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ AC_TRY_COMPILE( @@ -445,6 +624,7 @@ fi AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ AC_TRY_COMPILE( [ +#include #include ], [ struct sockaddr_in6 s; s.sin6_family = 0; ], @@ -459,6 +639,7 @@ fi AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ AC_TRY_COMPILE( [ +#include #include ], [ struct in6_addr s; s.s6_addr[0] = 0; ], @@ -497,11 +678,31 @@ OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) +OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) +OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) +OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) +OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) +OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) +AC_CACHE_CHECK([for sun_len field in struct sockaddr_un], + ac_cv_have_sun_len_in_struct_sockaddr_un, [ + AC_TRY_COMPILE( + [ +#include +#include + ], + [ struct sockaddr_un s; s.sun_len = 1; ], + [ ac_cv_have_sun_len_in_struct_sockaddr_un="yes" ], + [ ac_cv_have_sun_len_in_struct_sockaddr_un="no" ], + ) +]) +if test "x$ac_cv_have_sun_len_in_struct_sockaddr_un" = "xyes" ; then + AC_DEFINE(HAVE_SUN_LEN_IN_SOCKADDR_UN) +fi AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], ac_cv_have_ss_family_in_struct_ss, [ @@ -519,7 +720,6 @@ if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then AC_DEFINE(HAVE_SS_FAMILY_IN_SS) fi - AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], ac_cv_have___ss_family_in_struct_ss, [ AC_TRY_COMPILE( @@ -549,12 +749,36 @@ if test "x$ac_cv_libc_defines___progname" = "xyes" ; then fi +AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ + AC_TRY_LINK([], + [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], + [ ac_cv_libc_defines_sys_errlist="yes" ], + [ ac_cv_libc_defines_sys_errlist="no" ] + ) +]) +if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then + AC_DEFINE(HAVE_SYS_ERRLIST) +fi + + +AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ + AC_TRY_LINK([], + [ extern int sys_nerr; printf("%i", sys_nerr);], + [ ac_cv_libc_defines_sys_nerr="yes" ], + [ ac_cv_libc_defines_sys_nerr="no" ] + ) +]) +if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then + AC_DEFINE(HAVE_SYS_NERR) +fi + + # Looking for programs, paths and files AC_ARG_WITH(rsh, [ --with-rsh=PATH Specify path to remote shell program ], [ if test "x$withval" != "$no" ; then - AC_DEFINE_UNQUOTED(RSH_PATH, "$withval") + rsh_path=$withval fi ], [ @@ -566,12 +790,12 @@ AC_ARG_WITH(xauth, [ --with-xauth=PATH Specify path to xauth program ], [ if test "x$withval" != "$xno" ; then - AC_DEFINE_UNQUOTED(XAUTH_PATH, "$withval") + xauth_path=$withval fi ], [ AC_PATH_PROG(xauth_path, xauth) - if test ! -z "$xauth_path" -a -x "/usr/openwin/bin/xauth" ; then + if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then xauth_path="/usr/openwin/bin/xauth" fi ] @@ -590,48 +814,6 @@ if test ! -z "$MAIL" ; then AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir") fi -# Look for lastlog location -AC_ARG_WITH(lastlog, - [ --with-lastlog=FILE Location of lastlog file], - [ - if test "x$withval" = "xno" ; then - AC_DEFINE(DISABLE_LASTLOG) - else - AC_DEFINE_UNQUOTED(LASTLOG_LOCATION, "$withval") - fi - ], - [ - AC_MSG_CHECKING([location of lastlog file]) - for lastlog in /var/log/lastlog /var/adm/lastlog /usr/adm/lastlog /etc/security/lastlog ; do - if test -f $lastlog ; then - gotlastlog="file" - break - fi - if test -d $lastlog ; then - gotlastlog="dir" - break - fi - done - if test -z "$gotlastlog" ; then - AC_MSG_RESULT(not found) - nolastlog=1 - else - if test "x$gotlastlog" = "xdir" ; then - AC_MSG_RESULT(${lastlog}/) - AC_DEFINE(LASTLOG_IS_DIR) - else - AC_MSG_RESULT($lastlog) - AC_DEFINE_UNQUOTED(LASTLOG_LOCATION, "$lastlog") - fi - fi - ] -) - -if test ! -z "$nolastlog" ; then - AC_MSG_WARN([*** Disabling lastlog support *** ]) - AC_DEFINE(DISABLE_LASTLOG) -fi - if test -z "$no_dev_ptmx" ; then AC_CHECK_FILE("/dev/ptmx", [ @@ -684,7 +866,7 @@ AC_ARG_WITH(egd-pool, # detect pathnames for entropy gathering commands, if we need them INSTALL_SSH_PRNG_CMDS="" rm -f prng_commands -if test -z "$RANDOM_POOL" -a -z "$EGD_SOCKET" ; then +if (test -z "$RANDOM_POOL" && test -z "$EGD_SOCKET") ; then # Use these commands to collect entropy OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) @@ -727,6 +909,7 @@ AC_SUBST(MANTYPE) AC_SUBST(mansubdir) # Check whether user wants Kerberos support +KRB4_MSG="no" AC_ARG_WITH(kerberos4, [ --with-kerberos4=PATH Enable Kerberos 4 support], [ @@ -759,12 +942,14 @@ AC_ARG_WITH(kerberos4, KLIBS="-lkrb -ldes" AC_CHECK_LIB(resolv, dn_expand, , ) KRB4=yes + KRB4_MSG="yes" AC_DEFINE(KRB4) fi ] ) # Check whether user wants AFS support +AFS_MSG="no" AC_ARG_WITH(afs, [ --with-afs=PATH Enable AFS support], [ @@ -784,23 +969,27 @@ AC_ARG_WITH(afs, LIBS="$LIBS $AFS_LIBS" fi AC_DEFINE(AFS) + AFS_MSG="yes" fi ] ) LIBS="$LIBS $KLIBS" # Check whether user wants S/Key support +SKEY_MSG="no" AC_ARG_WITH(skey, [ --with-skey Enable S/Key support], [ if test "x$withval" != "xno" ; then AC_DEFINE(SKEY) LIBS="$LIBS -lskey" + SKEY_MSG="yes" fi ] ) # Check whether user wants TCP wrappers support +TCPW_MSG="no" AC_ARG_WITH(tcp-wrappers, [ --with-tcp-wrappers Enable tcpwrappers support], [ @@ -817,11 +1006,10 @@ AC_ARG_WITH(tcp-wrappers, [ AC_MSG_RESULT(yes) AC_DEFINE(LIBWRAP) + TCPW_MSG="yes" ], [ - AC_MSG_RESULT(no) - AC_MSG_WARN([*** libwrap missing - tcpwrapper support disabled ***]) - LIBS="$saved_LIBS" + AC_MSG_ERROR([*** libwrap missing]) ] ) fi @@ -829,21 +1017,13 @@ AC_ARG_WITH(tcp-wrappers, ) # Check whether to enable MD5 passwords +MD5_MSG="no" AC_ARG_WITH(md5-passwords, [ --with-md5-passwords Enable use of MD5 passwords], [ if test "x$withval" != "xno" ; then AC_DEFINE(HAVE_MD5_PASSWORDS) - fi - ] -) - -# Check whether to enable utmpx support -AC_ARG_WITH(utmpx, - [ --with-utmpx Enable utmpx support], - [ - if test "x$withval" != "xno" ; then - AC_DEFINE(USE_UTMPX) + MD5_MSG="yes" fi ] ) @@ -854,47 +1034,75 @@ AC_ARG_WITH(shadow, [ if test "x$withval" = "xno" ; then AC_DEFINE(DISABLE_SHADOW) + disable_shadow=yes fi ] ) +if test -z "$disable_shadow" ; then + AC_MSG_CHECKING([if the systems has expire shadow information]) + AC_TRY_COMPILE( + [ +#include +#include + struct spwd sp; + ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], + [ sp_expire_available=yes ], [] + ) + + if test "x$sp_expire_available" = "xyes" ; then + AC_MSG_RESULT(yes) + AC_DEFINE(HAS_SHADOW_EXPIRE) + else + AC_MSG_RESULT(no) + fi +fi + # Use ip address instead of hostname in $DISPLAY +DISPLAY_HACK_MSG="no" AC_ARG_WITH(ipaddr-display, [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], [ - if test "x$withval" = "xno" ; then + if test "x$withval" != "xno" ; then AC_DEFINE(IPADDR_IN_DISPLAY) + DISPLAY_HACK_MSG="yes" fi ] ) # Whether to mess with the default path +SERVER_PATH_MSG="(default)" AC_ARG_WITH(default-path, [ --with-default-path=PATH Specify default \$PATH environment for server], [ if test "x$withval" != "xno" ; then AC_DEFINE_UNQUOTED(USER_PATH, "$withval") + SERVER_PATH_MSG="$withval" fi ] ) # Whether to force IPv4 by default (needed on broken glibc Linux) +IPV4_HACK_MSG="no" AC_ARG_WITH(ipv4-default, [ --with-ipv4-default Use IPv4 by connections unless '-6' specified], [ if test "x$withval" != "xno" ; then AC_DEFINE(IPV4_DEFAULT) + IPV4_HACK_MSG="yes" fi ] ) AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) +IPV4_IN6_HACK_MSG="no" AC_ARG_WITH(4in6, [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], [ if test "x$withval" != "xno" ; then AC_MSG_RESULT(yes) AC_DEFINE(IPV4_IN_IPV6) + IPV4_IN6_HACK_MSG="yes" else AC_MSG_RESULT(no) fi @@ -902,6 +1110,7 @@ AC_ARG_WITH(4in6, if test "x$inet6_default_4in6" = "xyes"; then AC_MSG_RESULT([yes (default)]) AC_DEFINE(IPV4_IN_IPV6) + IPV4_IN6_HACK_MSG="yes" else AC_MSG_RESULT([no (default)]) fi @@ -922,9 +1131,219 @@ AC_ARG_WITH(pid-dir, AC_DEFINE_UNQUOTED(PIDDIR, "$piddir") AC_SUBST(piddir) +dnl allow user to disable some login recording features +AC_ARG_ENABLE(lastlog, + [ --disable-lastlog disable use of lastlog even if detected [no]], + [ AC_DEFINE(DISABLE_LASTLOG) ] +) +AC_ARG_ENABLE(utmp, + [ --disable-utmp disable use of utmp even if detected [no]], + [ AC_DEFINE(DISABLE_UTMP) ] +) +AC_ARG_ENABLE(utmpx, + [ --disable-utmpx disable use of utmpx even if detected [no]], + [ AC_DEFINE(DISABLE_UTMPX) ] +) +AC_ARG_ENABLE(wtmp, + [ --disable-wtmp disable use of wtmp even if detected [no]], + [ AC_DEFINE(DISABLE_WTMP) ] +) +AC_ARG_ENABLE(wtmpx, + [ --disable-wtmpx disable use of wtmpx even if detected [no]], + [ AC_DEFINE(DISABLE_WTMPX) ] +) +AC_ARG_ENABLE(libutil, + [ --disable-libutil disable use of libutil (login() etc.) [no]], + [ AC_DEFINE(DISABLE_LOGIN) ] +) +AC_ARG_ENABLE(pututline, + [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], + [ AC_DEFINE(DISABLE_PUTUTLINE) ] +) +AC_ARG_ENABLE(pututxline, + [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], + [ AC_DEFINE(DISABLE_PUTUTXLINE) ] +) +AC_ARG_WITH(lastlog, + [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], + [ conf_lastlog_location="$withval"; ],) + +dnl lastlog, [uw]tmpx? detection +dnl NOTE: set the paths in the platform section to avoid the +dnl need for command-line parameters +dnl lastlog and [uw]tmp are subject to a file search if all else fails + +dnl lastlog detection +dnl NOTE: the code itself will detect if lastlog is a directory +AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) +AC_TRY_COMPILE([ +#include +#include +#ifdef HAVE_LASTLOG_H +# include +#endif +#ifdef HAVE_PATHS_H +# include +#endif + ], + [ char *lastlog = LASTLOG_FILE; ], + [ AC_MSG_RESULT(yes) ], + [ + AC_MSG_RESULT(no) + AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) + AC_TRY_COMPILE([ +#include +#include +#ifdef HAVE_LASTLOG_H +# include +#endif +#ifdef HAVE_PATHS_H +# include +#endif + ], + [ char *lastlog = _PATH_LASTLOG; ], + [ AC_MSG_RESULT(yes) ], + [ + AC_MSG_RESULT(no) + system_lastlog_path=no + ]) + ] +) + +if test -z "$conf_lastlog_location"; then + if test x"$system_lastlog_path" = x"no" ; then + for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do + if (test -d "$f" || test -f "$f") ; then + conf_lastlog_location=$f + fi + done + if test -z "$conf_lastlog_location"; then + AC_MSG_WARN([** Cannot find lastlog **]) + dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx + fi + fi +fi + +if test -n "$conf_lastlog_location"; then + AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location") +fi + +dnl utmp detection +AC_MSG_CHECKING([if your system defines UTMP_FILE]) +AC_TRY_COMPILE([ +#include +#include +#ifdef HAVE_PATHS_H +# include +#endif + ], + [ char *utmp = UTMP_FILE; ], + [ AC_MSG_RESULT(yes) ], + [ AC_MSG_RESULT(no) + system_utmp_path=no ] +) +if test -z "$conf_utmp_location"; then + if test x"$system_utmp_path" = x"no" ; then + for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do + if test -f $f ; then + conf_utmp_location=$f + fi + done + if test -z "$conf_utmp_location"; then + AC_DEFINE(DISABLE_UTMP) + fi + fi +fi +if test -n "$conf_utmp_location"; then + AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location") +fi + +dnl wtmp detection +AC_MSG_CHECKING([if your system defines WTMP_FILE]) +AC_TRY_COMPILE([ +#include +#include +#ifdef HAVE_PATHS_H +# include +#endif + ], + [ char *wtmp = WTMP_FILE; ], + [ AC_MSG_RESULT(yes) ], + [ AC_MSG_RESULT(no) + system_wtmp_path=no ] +) +if test -z "$conf_wtmp_location"; then + if test x"$system_wtmp_path" = x"no" ; then + for f in /usr/adm/wtmp /var/log/wtmp; do + if test -f $f ; then + conf_wtmp_location=$f + fi + done + if test -z "$conf_wtmp_location"; then + AC_DEFINE(DISABLE_WTMP) + fi + fi +fi +if test -n "$conf_wtmp_location"; then + AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location") +fi + + +dnl utmpx detection - I don't know any system so perverse as to require +dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out +dnl there, though. +AC_MSG_CHECKING([if your system defines UTMPX_FILE]) +AC_TRY_COMPILE([ +#include +#include +#ifdef HAVE_UTMPX_H +#include +#endif +#ifdef HAVE_PATHS_H +# include +#endif + ], + [ char *utmpx = UTMPX_FILE; ], + [ AC_MSG_RESULT(yes) ], + [ AC_MSG_RESULT(no) + system_utmpx_path=no ] +) +if test -z "$conf_utmpx_location"; then + if test x"$system_utmpx_path" = x"no" ; then + AC_DEFINE(DISABLE_UTMPX) + fi +else + AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location") +fi + +dnl wtmpx detection +AC_MSG_CHECKING([if your system defines WTMPX_FILE]) +AC_TRY_COMPILE([ +#include +#include +#ifdef HAVE_UTMPX_H +#include +#endif +#ifdef HAVE_PATHS_H +# include +#endif + ], + [ char *wtmpx = WTMPX_FILE; ], + [ AC_MSG_RESULT(yes) ], + [ AC_MSG_RESULT(no) + system_wtmpx_path=no ] +) +if test -z "$conf_wtmpx_location"; then + if test x"$system_wtmpx_path" = x"no" ; then + AC_DEFINE(DISABLE_WTMPX) + fi +else + AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location") +fi + # Change default command timeout for builtin PRNG -entropy_timeout=100 +entropy_timeout=200 AC_ARG_WITH(entropy-timeout, [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], [ @@ -943,4 +1362,57 @@ fi AC_OUTPUT(Makefile ssh_prng_cmds) +# Print summary of options + +if test x$MANTYPE = x'$(CATMAN)' ; then + MAN_MSG=cat +else + MAN_MSG=man +fi +if test ! -z "$RANDOM_POOL" ; then + RAND_MSG="Device ($RANDOM_POOL)" +else + if test ! -z "$EGD_SOCKET" ; then + RAND_MSG="EGD ($EGD_SOCKET)" + else + RAND_MSG="Builtin (timeout $entropy_timeout)" + fi +fi + +# Someone please show me a better way :) +A=`eval echo ${prefix}` ; A=`eval echo ${A}` +B=`eval echo ${bindir}` ; B=`eval echo ${B}` +C=`eval echo ${sbindir}` ; C=`eval echo ${C}` +D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` +E=`eval echo ${libexecdir}/ssh/ssh-askpass` ; E=`eval echo ${E}` +F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` +G=`eval echo ${piddir}` ; G=`eval echo ${G}` + +echo "" +echo "OpenSSH configured has been configured with the following options." +echo " User binaries: $B" +echo " System binaries: $C" +echo " Configuration files: $D" +echo " Askpass program: $E" +echo " Manual pages: $F" +echo " PID file: $G" +echo " Random number collection: $RAND_MSG" +echo " Manpage format: $MAN_MSG" +echo " PAM support: ${PAM_MSG}" +echo " KerberosIV support: $KRB4_MSG" +echo " AFS support: $AFS_MSG" +echo " S/KEY support: $SKEY_MSG" +echo " TCP Wrappers support: $TCPW_MSG" +echo " MD5 password support: $MD5_MSG" +echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" +echo " Use IPv4 by default hack: $IPV4_HACK_MSG" +echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" + +echo "" + +echo "Compiler flags: ${CFLAGS}" +echo "Linker flags: ${LDFLAGS}" +echo "Libraries: ${LIBS}" + +echo ""