1# $Id: configure.ac,v 1.370 2006/10/06 23:07:21 dtucker Exp $ 2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 18AC_REVISION($Revision: 1.370 $) 19AC_CONFIG_SRCDIR([ssh.c]) 20 21AC_CONFIG_HEADER(config.h) 22AC_PROG_CC 23AC_CANONICAL_HOST 24AC_C_BIGENDIAN 25 26# Checks for programs. 27AC_PROG_AWK 28AC_PROG_CPP 29AC_PROG_RANLIB 30AC_PROG_INSTALL 31AC_PROG_EGREP 32AC_PATH_PROG(AR, ar) 33AC_PATH_PROG(CAT, cat) 34AC_PATH_PROG(KILL, kill) 35AC_PATH_PROGS(PERL, perl5 perl) 36AC_PATH_PROG(SED, sed) 37AC_SUBST(PERL) 38AC_PATH_PROG(ENT, ent) 39AC_SUBST(ENT) 40AC_PATH_PROG(TEST_MINUS_S_SH, bash) 41AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 42AC_PATH_PROG(TEST_MINUS_S_SH, sh) 43AC_PATH_PROG(SH, sh) 44AC_SUBST(TEST_SHELL,sh) 45 46dnl for buildpkg.sh 47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 48 [/usr/sbin${PATH_SEPARATOR}/etc]) 49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 50 [/usr/sbin${PATH_SEPARATOR}/etc]) 51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 52if test -x /sbin/sh; then 53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 54else 55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 56fi 57 58# System features 59AC_SYS_LARGEFILE 60 61if test -z "$AR" ; then 62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 63fi 64 65# Use LOGIN_PROGRAM from environment if possible 66if test ! -z "$LOGIN_PROGRAM" ; then 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 68 [If your header files don't define LOGIN_PROGRAM, 69 then use this (detected) from environment and PATH]) 70else 71 # Search for login 72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 75 fi 76fi 77 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 79if test ! -z "$PATH_PASSWD_PROG" ; then 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 81 [Full path of your "passwd" program]) 82fi 83 84if test -z "$LD" ; then 85 LD=$CC 86fi 87AC_SUBST(LD) 88 89AC_C_INLINE 90 91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 92 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 96 case $GCC_VER in 97 1.*) ;; 98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;; 99 2.*) ;; 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;; 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;; 102 *) ;; 103 esac 104 105 if test -z "$have_llong_max"; then 106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 107 unset ac_cv_have_decl_LLONG_MAX 108 saved_CFLAGS="$CFLAGS" 109 CFLAGS="$CFLAGS -std=gnu99" 110 AC_CHECK_DECL(LLONG_MAX, 111 [have_llong_max=1], 112 [CFLAGS="$saved_CFLAGS"], 113 [#include <limits.h>] 114 ) 115 fi 116fi 117 118AC_ARG_WITH(rpath, 119 [ --without-rpath Disable auto-added -R linker paths], 120 [ 121 if test "x$withval" = "xno" ; then 122 need_dash_r="" 123 fi 124 if test "x$withval" = "xyes" ; then 125 need_dash_r=1 126 fi 127 ] 128) 129 130# Allow user to specify flags 131AC_ARG_WITH(cflags, 132 [ --with-cflags Specify additional flags to pass to compiler], 133 [ 134 if test -n "$withval" && test "x$withval" != "xno" && \ 135 test "x${withval}" != "xyes"; then 136 CFLAGS="$CFLAGS $withval" 137 fi 138 ] 139) 140AC_ARG_WITH(cppflags, 141 [ --with-cppflags Specify additional flags to pass to preprocessor] , 142 [ 143 if test -n "$withval" && test "x$withval" != "xno" && \ 144 test "x${withval}" != "xyes"; then 145 CPPFLAGS="$CPPFLAGS $withval" 146 fi 147 ] 148) 149AC_ARG_WITH(ldflags, 150 [ --with-ldflags Specify additional flags to pass to linker], 151 [ 152 if test -n "$withval" && test "x$withval" != "xno" && \ 153 test "x${withval}" != "xyes"; then 154 LDFLAGS="$LDFLAGS $withval" 155 fi 156 ] 157) 158AC_ARG_WITH(libs, 159 [ --with-libs Specify additional libraries to link with], 160 [ 161 if test -n "$withval" && test "x$withval" != "xno" && \ 162 test "x${withval}" != "xyes"; then 163 LIBS="$LIBS $withval" 164 fi 165 ] 166) 167AC_ARG_WITH(Werror, 168 [ --with-Werror Build main code with -Werror], 169 [ 170 if test -n "$withval" && test "x$withval" != "xno"; then 171 werror_flags="-Werror" 172 if test "x${withval}" != "xyes"; then 173 werror_flags="$withval" 174 fi 175 fi 176 ] 177) 178 179AC_CHECK_HEADERS( \ 180 bstring.h \ 181 crypt.h \ 182 crypto/sha2.h \ 183 dirent.h \ 184 endian.h \ 185 features.h \ 186 fcntl.h \ 187 floatingpoint.h \ 188 getopt.h \ 189 glob.h \ 190 ia.h \ 191 iaf.h \ 192 limits.h \ 193 login.h \ 194 maillock.h \ 195 ndir.h \ 196 net/if_tun.h \ 197 netdb.h \ 198 netgroup.h \ 199 pam/pam_appl.h \ 200 paths.h \ 201 pty.h \ 202 readpassphrase.h \ 203 rpc/types.h \ 204 security/pam_appl.h \ 205 sha2.h \ 206 shadow.h \ 207 stddef.h \ 208 stdint.h \ 209 string.h \ 210 strings.h \ 211 sys/audit.h \ 212 sys/bitypes.h \ 213 sys/bsdtty.h \ 214 sys/cdefs.h \ 215 sys/dir.h \ 216 sys/mman.h \ 217 sys/ndir.h \ 218 sys/prctl.h \ 219 sys/pstat.h \ 220 sys/select.h \ 221 sys/stat.h \ 222 sys/stream.h \ 223 sys/stropts.h \ 224 sys/strtio.h \ 225 sys/sysmacros.h \ 226 sys/time.h \ 227 sys/timers.h \ 228 sys/un.h \ 229 time.h \ 230 tmpdir.h \ 231 ttyent.h \ 232 unistd.h \ 233 usersec.h \ 234 util.h \ 235 utime.h \ 236 utmp.h \ 237 utmpx.h \ 238 vis.h \ 239) 240 241# lastlog.h requires sys/time.h to be included first on Solaris 242AC_CHECK_HEADERS(lastlog.h, [], [], [ 243#ifdef HAVE_SYS_TIME_H 244# include <sys/time.h> 245#endif 246]) 247 248# sys/ptms.h requires sys/stream.h to be included first on Solaris 249AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 250#ifdef HAVE_SYS_STREAM_H 251# include <sys/stream.h> 252#endif 253]) 254 255# login_cap.h requires sys/types.h on NetBSD 256AC_CHECK_HEADERS(login_cap.h, [], [], [ 257#include <sys/types.h> 258]) 259 260# Messages for features tested for in target-specific section 261SIA_MSG="no" 262SPC_MSG="no" 263 264# Check for some target-specific stuff 265case "$host" in 266*-*-aix*) 267 # Some versions of VAC won't allow macro redefinitions at 268 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 269 # particularly with older versions of vac or xlc. 270 # It also throws errors about null macro argments, but these are 271 # not fatal. 272 AC_MSG_CHECKING(if compiler allows macro redefinitions) 273 AC_COMPILE_IFELSE( 274 [AC_LANG_SOURCE([[ 275#define testmacro foo 276#define testmacro bar 277int main(void) { exit(0); } 278 ]])], 279 [ AC_MSG_RESULT(yes) ], 280 [ AC_MSG_RESULT(no) 281 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 282 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" 283 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 284 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 285 ] 286 ) 287 288 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 289 if (test -z "$blibpath"); then 290 blibpath="/usr/lib:/lib" 291 fi 292 saved_LDFLAGS="$LDFLAGS" 293 if test "$GCC" = "yes"; then 294 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 295 else 296 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 297 fi 298 for tryflags in $flags ;do 299 if (test -z "$blibflags"); then 300 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 301 AC_TRY_LINK([], [], [blibflags=$tryflags]) 302 fi 303 done 304 if (test -z "$blibflags"); then 305 AC_MSG_RESULT(not found) 306 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 307 else 308 AC_MSG_RESULT($blibflags) 309 fi 310 LDFLAGS="$saved_LDFLAGS" 311 dnl Check for authenticate. Might be in libs.a on older AIXes 312 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 313 [Define if you want to enable AIX4's authenticate function])], 314 [AC_CHECK_LIB(s,authenticate, 315 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 316 LIBS="$LIBS -ls" 317 ]) 318 ]) 319 dnl Check for various auth function declarations in headers. 320 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 321 passwdexpired, setauthdb], , , [#include <usersec.h>]) 322 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 323 AC_CHECK_DECLS(loginfailed, 324 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 325 AC_TRY_COMPILE( 326 [#include <usersec.h>], 327 [(void)loginfailed("user","host","tty",0);], 328 [AC_MSG_RESULT(yes) 329 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 330 [Define if your AIX loginfailed() function 331 takes 4 arguments (AIX >= 5.2)])], 332 [AC_MSG_RESULT(no)] 333 )], 334 [], 335 [#include <usersec.h>] 336 ) 337 AC_CHECK_FUNCS(setauthdb) 338 AC_CHECK_DECL(F_CLOSEM, 339 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), 340 [], 341 [ #include <limits.h> 342 #include <fcntl.h> ] 343 ) 344 check_for_aix_broken_getaddrinfo=1 345 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 346 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 347 [Define if your platform breaks doing a seteuid before a setuid]) 348 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 349 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 350 dnl AIX handles lastlog as part of its login message 351 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 352 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 353 [Some systems need a utmpx entry for /bin/login to work]) 354 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 355 [Define to a Set Process Title type if your system is 356 supported by bsd-setproctitle.c]) 357 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 358 [AIX 5.2 and 5.3 (and presumably newer) require this]) 359 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) 360 ;; 361*-*-cygwin*) 362 check_for_libcrypt_later=1 363 LIBS="$LIBS /usr/lib/textmode.o" 364 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 365 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 366 AC_DEFINE(DISABLE_SHADOW, 1, 367 [Define if you want to disable shadow passwords]) 368 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 369 [Define if your system choked on IP TOS setting]) 370 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 371 [Define if X11 doesn't support AF_UNIX sockets on that system]) 372 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 373 [Define if the concept of ports only accessible to 374 superusers isn't known]) 375 AC_DEFINE(DISABLE_FD_PASSING, 1, 376 [Define if your platform needs to skip post auth 377 file descriptor passing]) 378 ;; 379*-*-dgux*) 380 AC_DEFINE(IP_TOS_IS_BROKEN) 381 AC_DEFINE(SETEUID_BREAKS_SETUID) 382 AC_DEFINE(BROKEN_SETREUID) 383 AC_DEFINE(BROKEN_SETREGID) 384 ;; 385*-*-darwin*) 386 AC_MSG_CHECKING(if we have working getaddrinfo) 387 AC_TRY_RUN([#include <mach-o/dyld.h> 388main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 389 exit(0); 390 else 391 exit(1); 392}], [AC_MSG_RESULT(working)], 393 [AC_MSG_RESULT(buggy) 394 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 395 [AC_MSG_RESULT(assume it is working)]) 396 AC_DEFINE(SETEUID_BREAKS_SETUID) 397 AC_DEFINE(BROKEN_SETREUID) 398 AC_DEFINE(BROKEN_SETREGID) 399 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 400 [Define if your resolver libs need this for getrrsetbyname]) 401 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 402 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 403 [Use tunnel device compatibility to OpenBSD]) 404 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 405 [Prepend the address family to IP tunnel traffic]) 406 ;; 407*-*-dragonfly*) 408 SSHDLIBS="$SSHDLIBS -lcrypt" 409 ;; 410*-*-hpux*) 411 # first we define all of the options common to all HP-UX releases 412 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 413 IPADDR_IN_DISPLAY=yes 414 AC_DEFINE(USE_PIPES) 415 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 416 [Define if your login program cannot handle end of options ("--")]) 417 AC_DEFINE(LOGIN_NEEDS_UTMPX) 418 AC_DEFINE(LOCKED_PASSWD_STRING, "*", 419 [String used in /etc/passwd to denote locked account]) 420 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 421 MAIL="/var/mail/username" 422 LIBS="$LIBS -lsec" 423 AC_CHECK_LIB(xnet, t_error, , 424 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 425 426 # next, we define all of the options specific to major releases 427 case "$host" in 428 *-*-hpux10*) 429 if test -z "$GCC"; then 430 CFLAGS="$CFLAGS -Ae" 431 fi 432 ;; 433 *-*-hpux11*) 434 AC_DEFINE(PAM_SUN_CODEBASE, 1, 435 [Define if you are using Solaris-derived PAM which 436 passes pam_messages to the conversation function 437 with an extra level of indirection]) 438 AC_DEFINE(DISABLE_UTMP, 1, 439 [Define if you don't want to use utmp]) 440 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 441 check_for_hpux_broken_getaddrinfo=1 442 check_for_conflicting_getspnam=1 443 ;; 444 esac 445 446 # lastly, we define options specific to minor releases 447 case "$host" in 448 *-*-hpux10.26) 449 AC_DEFINE(HAVE_SECUREWARE, 1, 450 [Define if you have SecureWare-based 451 protected password database]) 452 disable_ptmx_check=yes 453 LIBS="$LIBS -lsecpw" 454 ;; 455 esac 456 ;; 457*-*-irix5*) 458 PATH="$PATH:/usr/etc" 459 AC_DEFINE(BROKEN_INET_NTOA, 1, 460 [Define if you system's inet_ntoa is busted 461 (e.g. Irix gcc issue)]) 462 AC_DEFINE(SETEUID_BREAKS_SETUID) 463 AC_DEFINE(BROKEN_SETREUID) 464 AC_DEFINE(BROKEN_SETREGID) 465 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 466 [Define if you shouldn't strip 'tty' from your 467 ttyname in [uw]tmp]) 468 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 469 ;; 470*-*-irix6*) 471 PATH="$PATH:/usr/etc" 472 AC_DEFINE(WITH_IRIX_ARRAY, 1, 473 [Define if you have/want arrays 474 (cluster-wide session managment, not C arrays)]) 475 AC_DEFINE(WITH_IRIX_PROJECT, 1, 476 [Define if you want IRIX project management]) 477 AC_DEFINE(WITH_IRIX_AUDIT, 1, 478 [Define if you want IRIX audit trails]) 479 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 480 [Define if you want IRIX kernel jobs])]) 481 AC_DEFINE(BROKEN_INET_NTOA) 482 AC_DEFINE(SETEUID_BREAKS_SETUID) 483 AC_DEFINE(BROKEN_SETREUID) 484 AC_DEFINE(BROKEN_SETREGID) 485 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 486 AC_DEFINE(WITH_ABBREV_NO_TTY) 487 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 488 ;; 489*-*-linux*) 490 no_dev_ptmx=1 491 check_for_libcrypt_later=1 492 check_for_openpty_ctty_bug=1 493 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks]) 494 AC_DEFINE(PAM_TTY_KLUDGE, 1, 495 [Work around problematic Linux PAM modules handling of PAM_TTY]) 496 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 497 [String used in /etc/passwd to denote locked account]) 498 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 499 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 500 [Define to whatever link() returns for "not supported" 501 if it doesn't return EOPNOTSUPP.]) 502 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 503 AC_DEFINE(USE_BTMP) 504 inet6_default_4in6=yes 505 case `uname -r` in 506 1.*|2.0.*) 507 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 508 [Define if cmsg_type is not passed correctly]) 509 ;; 510 esac 511 # tun(4) forwarding compat code 512 AC_CHECK_HEADERS(linux/if_tun.h) 513 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 514 AC_DEFINE(SSH_TUN_LINUX, 1, 515 [Open tunnel devices the Linux tun/tap way]) 516 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 517 [Use tunnel device compatibility to OpenBSD]) 518 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 519 [Prepend the address family to IP tunnel traffic]) 520 fi 521 ;; 522mips-sony-bsd|mips-sony-newsos4) 523 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) 524 SONY=1 525 ;; 526*-*-netbsd*) 527 check_for_libcrypt_before=1 528 if test "x$withval" != "xno" ; then 529 need_dash_r=1 530 fi 531 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 532 AC_CHECK_HEADER([net/if_tap.h], , 533 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 534 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 535 [Prepend the address family to IP tunnel traffic]) 536 ;; 537*-*-freebsd*) 538 check_for_libcrypt_later=1 539 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)]) 540 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 541 AC_CHECK_HEADER([net/if_tap.h], , 542 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 543 ;; 544*-*-bsdi*) 545 AC_DEFINE(SETEUID_BREAKS_SETUID) 546 AC_DEFINE(BROKEN_SETREUID) 547 AC_DEFINE(BROKEN_SETREGID) 548 ;; 549*-next-*) 550 conf_lastlog_location="/usr/adm/lastlog" 551 conf_utmp_location=/etc/utmp 552 conf_wtmp_location=/usr/adm/wtmp 553 MAIL=/usr/spool/mail 554 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 555 AC_DEFINE(BROKEN_REALPATH) 556 AC_DEFINE(USE_PIPES) 557 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 558 ;; 559*-*-openbsd*) 560 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 561 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 562 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 563 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1, 564 [syslog_r function is safe to use in in a signal handler]) 565 ;; 566*-*-solaris*) 567 if test "x$withval" != "xno" ; then 568 need_dash_r=1 569 fi 570 AC_DEFINE(PAM_SUN_CODEBASE) 571 AC_DEFINE(LOGIN_NEEDS_UTMPX) 572 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 573 [Some versions of /bin/login need the TERM supplied 574 on the commandline]) 575 AC_DEFINE(PAM_TTY_KLUDGE) 576 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 577 [Define if pam_chauthtok wants real uid set 578 to the unpriv'ed user]) 579 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 580 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 581 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 582 [Define if sshd somehow reacquires a controlling TTY 583 after setsid()]) 584 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd 585 in case the name is longer than 8 chars]) 586 external_path_file=/etc/default/login 587 # hardwire lastlog location (can't detect it on some versions) 588 conf_lastlog_location="/var/adm/lastlog" 589 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 590 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 591 if test "$sol2ver" -ge 8; then 592 AC_MSG_RESULT(yes) 593 AC_DEFINE(DISABLE_UTMP) 594 AC_DEFINE(DISABLE_WTMP, 1, 595 [Define if you don't want to use wtmp]) 596 else 597 AC_MSG_RESULT(no) 598 fi 599 AC_ARG_WITH(solaris-contracts, 600 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 601 [ 602 AC_CHECK_LIB(contract, ct_tmpl_activate, 603 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, 604 [Define if you have Solaris process contracts]) 605 SSHDLIBS="$SSHDLIBS -lcontract" 606 AC_SUBST(SSHDLIBS) 607 SPC_MSG="yes" ], ) 608 ], 609 ) 610 ;; 611*-*-sunos4*) 612 CPPFLAGS="$CPPFLAGS -DSUNOS4" 613 AC_CHECK_FUNCS(getpwanam) 614 AC_DEFINE(PAM_SUN_CODEBASE) 615 conf_utmp_location=/etc/utmp 616 conf_wtmp_location=/var/adm/wtmp 617 conf_lastlog_location=/var/adm/lastlog 618 AC_DEFINE(USE_PIPES) 619 ;; 620*-ncr-sysv*) 621 LIBS="$LIBS -lc89" 622 AC_DEFINE(USE_PIPES) 623 AC_DEFINE(SSHD_ACQUIRES_CTTY) 624 AC_DEFINE(SETEUID_BREAKS_SETUID) 625 AC_DEFINE(BROKEN_SETREUID) 626 AC_DEFINE(BROKEN_SETREGID) 627 ;; 628*-sni-sysv*) 629 # /usr/ucblib MUST NOT be searched on ReliantUNIX 630 AC_CHECK_LIB(dl, dlsym, ,) 631 # -lresolv needs to be at the end of LIBS or DNS lookups break 632 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 633 IPADDR_IN_DISPLAY=yes 634 AC_DEFINE(USE_PIPES) 635 AC_DEFINE(IP_TOS_IS_BROKEN) 636 AC_DEFINE(SETEUID_BREAKS_SETUID) 637 AC_DEFINE(BROKEN_SETREUID) 638 AC_DEFINE(BROKEN_SETREGID) 639 AC_DEFINE(SSHD_ACQUIRES_CTTY) 640 external_path_file=/etc/default/login 641 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 642 # Attention: always take care to bind libsocket and libnsl before libc, 643 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 644 ;; 645# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 646*-*-sysv4.2*) 647 AC_DEFINE(USE_PIPES) 648 AC_DEFINE(SETEUID_BREAKS_SETUID) 649 AC_DEFINE(BROKEN_SETREUID) 650 AC_DEFINE(BROKEN_SETREGID) 651 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 652 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 653 ;; 654# UnixWare 7.x, OpenUNIX 8 655*-*-sysv5*) 656 check_for_libcrypt_later=1 657 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 658 AC_DEFINE(USE_PIPES) 659 AC_DEFINE(SETEUID_BREAKS_SETUID) 660 AC_DEFINE(BROKEN_SETREUID) 661 AC_DEFINE(BROKEN_SETREGID) 662 AC_DEFINE(PASSWD_NEEDS_USERNAME) 663 case "$host" in 664 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 665 TEST_SHELL=/u95/bin/sh 666 AC_DEFINE(BROKEN_LIBIAF, 1, 667 [ia_uinfo routines not supported by OS yet]) 668 AC_DEFINE(BROKEN_UPDWTMPX) 669 ;; 670 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 671 ;; 672 esac 673 ;; 674*-*-sysv*) 675 ;; 676# SCO UNIX and OEM versions of SCO UNIX 677*-*-sco3.2v4*) 678 AC_MSG_ERROR("This Platform is no longer supported.") 679 ;; 680# SCO OpenServer 5.x 681*-*-sco3.2v5*) 682 if test -z "$GCC"; then 683 CFLAGS="$CFLAGS -belf" 684 fi 685 LIBS="$LIBS -lprot -lx -ltinfo -lm" 686 no_dev_ptmx=1 687 AC_DEFINE(USE_PIPES) 688 AC_DEFINE(HAVE_SECUREWARE) 689 AC_DEFINE(DISABLE_SHADOW) 690 AC_DEFINE(DISABLE_FD_PASSING) 691 AC_DEFINE(SETEUID_BREAKS_SETUID) 692 AC_DEFINE(BROKEN_SETREUID) 693 AC_DEFINE(BROKEN_SETREGID) 694 AC_DEFINE(WITH_ABBREV_NO_TTY) 695 AC_DEFINE(BROKEN_UPDWTMPX) 696 AC_DEFINE(PASSWD_NEEDS_USERNAME) 697 AC_CHECK_FUNCS(getluid setluid) 698 MANTYPE=man 699 TEST_SHELL=ksh 700 ;; 701*-*-unicosmk*) 702 AC_DEFINE(NO_SSH_LASTLOG, 1, 703 [Define if you don't want to use lastlog in session.c]) 704 AC_DEFINE(SETEUID_BREAKS_SETUID) 705 AC_DEFINE(BROKEN_SETREUID) 706 AC_DEFINE(BROKEN_SETREGID) 707 AC_DEFINE(USE_PIPES) 708 AC_DEFINE(DISABLE_FD_PASSING) 709 LDFLAGS="$LDFLAGS" 710 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 711 MANTYPE=cat 712 ;; 713*-*-unicosmp*) 714 AC_DEFINE(SETEUID_BREAKS_SETUID) 715 AC_DEFINE(BROKEN_SETREUID) 716 AC_DEFINE(BROKEN_SETREGID) 717 AC_DEFINE(WITH_ABBREV_NO_TTY) 718 AC_DEFINE(USE_PIPES) 719 AC_DEFINE(DISABLE_FD_PASSING) 720 LDFLAGS="$LDFLAGS" 721 LIBS="$LIBS -lgen -lacid -ldb" 722 MANTYPE=cat 723 ;; 724*-*-unicos*) 725 AC_DEFINE(SETEUID_BREAKS_SETUID) 726 AC_DEFINE(BROKEN_SETREUID) 727 AC_DEFINE(BROKEN_SETREGID) 728 AC_DEFINE(USE_PIPES) 729 AC_DEFINE(DISABLE_FD_PASSING) 730 AC_DEFINE(NO_SSH_LASTLOG) 731 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 732 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 733 MANTYPE=cat 734 ;; 735*-dec-osf*) 736 AC_MSG_CHECKING(for Digital Unix SIA) 737 no_osfsia="" 738 AC_ARG_WITH(osfsia, 739 [ --with-osfsia Enable Digital Unix SIA], 740 [ 741 if test "x$withval" = "xno" ; then 742 AC_MSG_RESULT(disabled) 743 no_osfsia=1 744 fi 745 ], 746 ) 747 if test -z "$no_osfsia" ; then 748 if test -f /etc/sia/matrix.conf; then 749 AC_MSG_RESULT(yes) 750 AC_DEFINE(HAVE_OSF_SIA, 1, 751 [Define if you have Digital Unix Security 752 Integration Architecture]) 753 AC_DEFINE(DISABLE_LOGIN, 1, 754 [Define if you don't want to use your 755 system's login() call]) 756 AC_DEFINE(DISABLE_FD_PASSING) 757 LIBS="$LIBS -lsecurity -ldb -lm -laud" 758 SIA_MSG="yes" 759 else 760 AC_MSG_RESULT(no) 761 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 762 [String used in /etc/passwd to denote locked account]) 763 fi 764 fi 765 AC_DEFINE(BROKEN_GETADDRINFO) 766 AC_DEFINE(SETEUID_BREAKS_SETUID) 767 AC_DEFINE(BROKEN_SETREUID) 768 AC_DEFINE(BROKEN_SETREGID) 769 ;; 770 771*-*-nto-qnx*) 772 AC_DEFINE(USE_PIPES) 773 AC_DEFINE(NO_X11_UNIX_SOCKETS) 774 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems]) 775 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems]) 776 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems]) 777 AC_DEFINE(DISABLE_LASTLOG) 778 AC_DEFINE(SSHD_ACQUIRES_CTTY) 779 enable_etc_default_login=no # has incompatible /etc/default/login 780 ;; 781 782*-*-ultrix*) 783 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 784 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 785 AC_DEFINE(NEED_SETPGRP) 786 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 787 ;; 788 789*-*-lynxos) 790 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 791 AC_DEFINE(MISSING_HOWMANY) 792 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 793 ;; 794esac 795 796AC_MSG_CHECKING(compiler and flags for sanity) 797AC_RUN_IFELSE( 798 [AC_LANG_SOURCE([ 799#include <stdio.h> 800int main(){exit(0);} 801 ])], 802 [ AC_MSG_RESULT(yes) ], 803 [ 804 AC_MSG_RESULT(no) 805 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 806 ], 807 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 808) 809 810dnl Checks for header files. 811# Checks for libraries. 812AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 813AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 814 815dnl IRIX and Solaris 2.5.1 have dirname() in libgen 816AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 817 AC_CHECK_LIB(gen, dirname,[ 818 AC_CACHE_CHECK([for broken dirname], 819 ac_cv_have_broken_dirname, [ 820 save_LIBS="$LIBS" 821 LIBS="$LIBS -lgen" 822 AC_RUN_IFELSE( 823 [AC_LANG_SOURCE([[ 824#include <libgen.h> 825#include <string.h> 826 827int main(int argc, char **argv) { 828 char *s, buf[32]; 829 830 strncpy(buf,"/etc", 32); 831 s = dirname(buf); 832 if (!s || strncmp(s, "/", 32) != 0) { 833 exit(1); 834 } else { 835 exit(0); 836 } 837} 838 ]])], 839 [ ac_cv_have_broken_dirname="no" ], 840 [ ac_cv_have_broken_dirname="yes" ], 841 [ ac_cv_have_broken_dirname="no" ], 842 ) 843 LIBS="$save_LIBS" 844 ]) 845 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 846 LIBS="$LIBS -lgen" 847 AC_DEFINE(HAVE_DIRNAME) 848 AC_CHECK_HEADERS(libgen.h) 849 fi 850 ]) 851]) 852 853AC_CHECK_FUNC(getspnam, , 854 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 855AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 856 [Define if you have the basename function.])) 857 858dnl zlib is required 859AC_ARG_WITH(zlib, 860 [ --with-zlib=PATH Use zlib in PATH], 861 [ if test "x$withval" = "xno" ; then 862 AC_MSG_ERROR([*** zlib is required ***]) 863 elif test "x$withval" != "xyes"; then 864 if test -d "$withval/lib"; then 865 if test -n "${need_dash_r}"; then 866 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 867 else 868 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 869 fi 870 else 871 if test -n "${need_dash_r}"; then 872 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 873 else 874 LDFLAGS="-L${withval} ${LDFLAGS}" 875 fi 876 fi 877 if test -d "$withval/include"; then 878 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 879 else 880 CPPFLAGS="-I${withval} ${CPPFLAGS}" 881 fi 882 fi ] 883) 884 885AC_CHECK_LIB(z, deflate, , 886 [ 887 saved_CPPFLAGS="$CPPFLAGS" 888 saved_LDFLAGS="$LDFLAGS" 889 save_LIBS="$LIBS" 890 dnl Check default zlib install dir 891 if test -n "${need_dash_r}"; then 892 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 893 else 894 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 895 fi 896 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 897 LIBS="$LIBS -lz" 898 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 899 [ 900 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 901 ] 902 ) 903 ] 904) 905AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 906 907AC_ARG_WITH(zlib-version-check, 908 [ --without-zlib-version-check Disable zlib version check], 909 [ if test "x$withval" = "xno" ; then 910 zlib_check_nonfatal=1 911 fi 912 ] 913) 914 915AC_MSG_CHECKING(for possibly buggy zlib) 916AC_RUN_IFELSE([AC_LANG_SOURCE([[ 917#include <stdio.h> 918#include <zlib.h> 919int main() 920{ 921 int a=0, b=0, c=0, d=0, n, v; 922 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 923 if (n != 3 && n != 4) 924 exit(1); 925 v = a*1000000 + b*10000 + c*100 + d; 926 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 927 928 /* 1.1.4 is OK */ 929 if (a == 1 && b == 1 && c >= 4) 930 exit(0); 931 932 /* 1.2.3 and up are OK */ 933 if (v >= 1020300) 934 exit(0); 935 936 exit(2); 937} 938 ]])], 939 AC_MSG_RESULT(no), 940 [ AC_MSG_RESULT(yes) 941 if test -z "$zlib_check_nonfatal" ; then 942 AC_MSG_ERROR([*** zlib too old - check config.log *** 943Your reported zlib version has known security problems. It's possible your 944vendor has fixed these problems without changing the version number. If you 945are sure this is the case, you can disable the check by running 946"./configure --without-zlib-version-check". 947If you are in doubt, upgrade zlib to version 1.2.3 or greater. 948See http://www.gzip.org/zlib/ for details.]) 949 else 950 AC_MSG_WARN([zlib version may have security problems]) 951 fi 952 ], 953 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 954) 955 956dnl UnixWare 2.x 957AC_CHECK_FUNC(strcasecmp, 958 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 959) 960AC_CHECK_FUNCS(utimes, 961 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 962 LIBS="$LIBS -lc89"]) ] 963) 964 965dnl Checks for libutil functions 966AC_CHECK_HEADERS(libutil.h) 967AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 968 [Define if your libraries define login()])]) 969AC_CHECK_FUNCS(logout updwtmp logwtmp) 970 971AC_FUNC_STRFTIME 972 973# Check for ALTDIRFUNC glob() extension 974AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 975AC_EGREP_CPP(FOUNDIT, 976 [ 977 #include <glob.h> 978 #ifdef GLOB_ALTDIRFUNC 979 FOUNDIT 980 #endif 981 ], 982 [ 983 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 984 [Define if your system glob() function has 985 the GLOB_ALTDIRFUNC extension]) 986 AC_MSG_RESULT(yes) 987 ], 988 [ 989 AC_MSG_RESULT(no) 990 ] 991) 992 993# Check for g.gl_matchc glob() extension 994AC_MSG_CHECKING(for gl_matchc field in glob_t) 995AC_TRY_COMPILE( 996 [ #include <glob.h> ], 997 [glob_t g; g.gl_matchc = 1;], 998 [ 999 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 1000 [Define if your system glob() function has 1001 gl_matchc options in glob_t]) 1002 AC_MSG_RESULT(yes) 1003 ], 1004 [ 1005 AC_MSG_RESULT(no) 1006 ] 1007) 1008 1009AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>]) 1010 1011AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1012AC_RUN_IFELSE( 1013 [AC_LANG_SOURCE([[ 1014#include <sys/types.h> 1015#include <dirent.h> 1016int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 1017 ]])], 1018 [AC_MSG_RESULT(yes)], 1019 [ 1020 AC_MSG_RESULT(no) 1021 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 1022 [Define if your struct dirent expects you to 1023 allocate extra space for d_name]) 1024 ], 1025 [ 1026 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1027 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 1028 ] 1029) 1030 1031AC_MSG_CHECKING([for /proc/pid/fd directory]) 1032if test -d "/proc/$$/fd" ; then 1033 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 1034 AC_MSG_RESULT(yes) 1035else 1036 AC_MSG_RESULT(no) 1037fi 1038 1039# Check whether user wants S/Key support 1040SKEY_MSG="no" 1041AC_ARG_WITH(skey, 1042 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1043 [ 1044 if test "x$withval" != "xno" ; then 1045 1046 if test "x$withval" != "xyes" ; then 1047 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1048 LDFLAGS="$LDFLAGS -L${withval}/lib" 1049 fi 1050 1051 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1052 LIBS="-lskey $LIBS" 1053 SKEY_MSG="yes" 1054 1055 AC_MSG_CHECKING([for s/key support]) 1056 AC_LINK_IFELSE( 1057 [AC_LANG_SOURCE([[ 1058#include <stdio.h> 1059#include <skey.h> 1060int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 1061 ]])], 1062 [AC_MSG_RESULT(yes)], 1063 [ 1064 AC_MSG_RESULT(no) 1065 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1066 ]) 1067 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 1068 AC_TRY_COMPILE( 1069 [#include <stdio.h> 1070 #include <skey.h>], 1071 [(void)skeychallenge(NULL,"name","",0);], 1072 [AC_MSG_RESULT(yes) 1073 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 1074 [Define if your skeychallenge() 1075 function takes 4 arguments (NetBSD)])], 1076 [AC_MSG_RESULT(no)] 1077 ) 1078 fi 1079 ] 1080) 1081 1082# Check whether user wants OPIE support 1083OPIE_MSG="no" 1084AC_ARG_WITH(opie, 1085 [ --with-opie[[=PATH]] Enable OPIE support 1086 (optionally in PATH)], 1087 [ 1088 if test "x$withval" != "xno" ; then 1089 1090 if test "x$withval" != "xyes" ; then 1091 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1092 LDFLAGS="$LDFLAGS -L${withval}/lib" 1093 fi 1094 1095 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1096 AC_DEFINE(OPIE, 1, [Define if S/Key is actually OPIE]) 1097 LIBS="-lopie $LIBS" 1098 OPIE_MSG="yes" 1099 1100 AC_MSG_CHECKING([for opie support]) 1101 AC_TRY_RUN( 1102 [ 1103#include <sys/types.h> 1104#include <stdio.h> 1105#include <opie.h> 1106int main() { char *ff = opie_keyinfo(""); ff=""; return 0; } 1107 ], 1108 [AC_MSG_RESULT(yes)], 1109 [ 1110 AC_MSG_RESULT(no) 1111 AC_MSG_ERROR([** Incomplete or missing opie libraries.]) 1112 ]) 1113 fi 1114 ] 1115) 1116 1117# Check whether user wants TCP wrappers support 1118TCPW_MSG="no" 1119AC_ARG_WITH(tcp-wrappers, 1120 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1121 [ 1122 if test "x$withval" != "xno" ; then 1123 saved_LIBS="$LIBS" 1124 saved_LDFLAGS="$LDFLAGS" 1125 saved_CPPFLAGS="$CPPFLAGS" 1126 if test -n "${withval}" && \ 1127 test "x${withval}" != "xyes"; then 1128 if test -d "${withval}/lib"; then 1129 if test -n "${need_dash_r}"; then 1130 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1131 else 1132 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1133 fi 1134 else 1135 if test -n "${need_dash_r}"; then 1136 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1137 else 1138 LDFLAGS="-L${withval} ${LDFLAGS}" 1139 fi 1140 fi 1141 if test -d "${withval}/include"; then 1142 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1143 else 1144 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1145 fi 1146 fi 1147 LIBWRAP="-lwrap" 1148 LIBS="$LIBWRAP $LIBS" 1149 AC_MSG_CHECKING(for libwrap) 1150 AC_TRY_LINK( 1151 [ 1152#include <sys/types.h> 1153#include <sys/socket.h> 1154#include <netinet/in.h> 1155#include <tcpd.h> 1156 int deny_severity = 0, allow_severity = 0; 1157 ], 1158 [hosts_access(0);], 1159 [ 1160 AC_MSG_RESULT(yes) 1161 AC_DEFINE(LIBWRAP, 1, 1162 [Define if you want 1163 TCP Wrappers support]) 1164 AC_SUBST(LIBWRAP) 1165 TCPW_MSG="yes" 1166 ], 1167 [ 1168 AC_MSG_ERROR([*** libwrap missing]) 1169 ] 1170 ) 1171 LIBS="$saved_LIBS" 1172 fi 1173 ] 1174) 1175 1176# Check whether user wants libedit support 1177LIBEDIT_MSG="no" 1178AC_ARG_WITH(libedit, 1179 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1180 [ if test "x$withval" != "xno" ; then 1181 if test "x$withval" != "xyes"; then 1182 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1183 if test -n "${need_dash_r}"; then 1184 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1185 else 1186 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1187 fi 1188 fi 1189 AC_CHECK_LIB(edit, el_init, 1190 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1191 LIBEDIT="-ledit -lcurses" 1192 LIBEDIT_MSG="yes" 1193 AC_SUBST(LIBEDIT) 1194 ], 1195 [ AC_MSG_ERROR(libedit not found) ], 1196 [ -lcurses ] 1197 ) 1198 AC_MSG_CHECKING(if libedit version is compatible) 1199 AC_COMPILE_IFELSE( 1200 [AC_LANG_SOURCE([[ 1201#include <histedit.h> 1202int main(void) 1203{ 1204 int i = H_SETSIZE; 1205 el_init("", NULL, NULL, NULL); 1206 exit(0); 1207} 1208 ]])], 1209 [ AC_MSG_RESULT(yes) ], 1210 [ AC_MSG_RESULT(no) 1211 AC_MSG_ERROR(libedit version is not compatible) ] 1212 ) 1213 fi ] 1214) 1215 1216AUDIT_MODULE=none 1217AC_ARG_WITH(audit, 1218 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1219 [ 1220 AC_MSG_CHECKING(for supported audit module) 1221 case "$withval" in 1222 bsm) 1223 AC_MSG_RESULT(bsm) 1224 AUDIT_MODULE=bsm 1225 dnl Checks for headers, libs and functions 1226 AC_CHECK_HEADERS(bsm/audit.h, [], 1227 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)], 1228 [ 1229#ifdef HAVE_TIME_H 1230# include <time.h> 1231#endif 1232 ] 1233) 1234 AC_CHECK_LIB(bsm, getaudit, [], 1235 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1236 AC_CHECK_FUNCS(getaudit, [], 1237 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1238 # These are optional 1239 AC_CHECK_FUNCS(getaudit_addr) 1240 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1241 ;; 1242 debug) 1243 AUDIT_MODULE=debug 1244 AC_MSG_RESULT(debug) 1245 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1246 ;; 1247 no) 1248 AC_MSG_RESULT(no) 1249 ;; 1250 *) 1251 AC_MSG_ERROR([Unknown audit module $withval]) 1252 ;; 1253 esac ] 1254) 1255 1256dnl Checks for library functions. Please keep in alphabetical order 1257AC_CHECK_FUNCS( \ 1258 arc4random \ 1259 asprintf \ 1260 b64_ntop \ 1261 __b64_ntop \ 1262 b64_pton \ 1263 __b64_pton \ 1264 bcopy \ 1265 bindresvport_sa \ 1266 clock \ 1267 closefrom \ 1268 dirfd \ 1269 fchmod \ 1270 fchown \ 1271 freeaddrinfo \ 1272 futimes \ 1273 getaddrinfo \ 1274 getcwd \ 1275 getgrouplist \ 1276 getnameinfo \ 1277 getopt \ 1278 getpeereid \ 1279 _getpty \ 1280 getrlimit \ 1281 getttyent \ 1282 glob \ 1283 inet_aton \ 1284 inet_ntoa \ 1285 inet_ntop \ 1286 innetgr \ 1287 login_getcapbool \ 1288 md5_crypt \ 1289 memmove \ 1290 mkdtemp \ 1291 mmap \ 1292 ngetaddrinfo \ 1293 nsleep \ 1294 ogetaddrinfo \ 1295 openlog_r \ 1296 openpty \ 1297 prctl \ 1298 pstat \ 1299 readpassphrase \ 1300 realpath \ 1301 recvmsg \ 1302 rresvport_af \ 1303 sendmsg \ 1304 setdtablesize \ 1305 setegid \ 1306 setenv \ 1307 seteuid \ 1308 setgroups \ 1309 setlogin \ 1310 setpcred \ 1311 setproctitle \ 1312 setregid \ 1313 setreuid \ 1314 setrlimit \ 1315 setsid \ 1316 setvbuf \ 1317 sigaction \ 1318 sigvec \ 1319 snprintf \ 1320 socketpair \ 1321 strdup \ 1322 strerror \ 1323 strlcat \ 1324 strlcpy \ 1325 strmode \ 1326 strnvis \ 1327 strtonum \ 1328 strtoll \ 1329 strtoul \ 1330 sysconf \ 1331 tcgetpgrp \ 1332 truncate \ 1333 unsetenv \ 1334 updwtmpx \ 1335 vasprintf \ 1336 vhangup \ 1337 vsnprintf \ 1338 waitpid \ 1339) 1340 1341# IRIX has a const char return value for gai_strerror() 1342AC_CHECK_FUNCS(gai_strerror,[ 1343 AC_DEFINE(HAVE_GAI_STRERROR) 1344 AC_TRY_COMPILE([ 1345#include <sys/types.h> 1346#include <sys/socket.h> 1347#include <netdb.h> 1348 1349const char *gai_strerror(int);],[ 1350char *str; 1351 1352str = gai_strerror(0);],[ 1353 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1354 [Define if gai_strerror() returns const char *])])]) 1355 1356AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1357 [Some systems put nanosleep outside of libc])) 1358 1359dnl Make sure prototypes are defined for these before using them. 1360AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1361AC_CHECK_DECL(strsep, 1362 [AC_CHECK_FUNCS(strsep)], 1363 [], 1364 [ 1365#ifdef HAVE_STRING_H 1366# include <string.h> 1367#endif 1368 ]) 1369 1370dnl tcsendbreak might be a macro 1371AC_CHECK_DECL(tcsendbreak, 1372 [AC_DEFINE(HAVE_TCSENDBREAK)], 1373 [AC_CHECK_FUNCS(tcsendbreak)], 1374 [#include <termios.h>] 1375) 1376 1377AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1378 1379AC_CHECK_DECLS(SHUT_RD, , , 1380 [ 1381#include <sys/types.h> 1382#include <sys/socket.h> 1383 ]) 1384 1385AC_CHECK_DECLS(O_NONBLOCK, , , 1386 [ 1387#include <sys/types.h> 1388#ifdef HAVE_SYS_STAT_H 1389# include <sys/stat.h> 1390#endif 1391#ifdef HAVE_FCNTL_H 1392# include <fcntl.h> 1393#endif 1394 ]) 1395 1396AC_CHECK_DECLS(writev, , , [ 1397#include <sys/types.h> 1398#include <sys/uio.h> 1399#include <unistd.h> 1400 ]) 1401 1402AC_CHECK_FUNCS(setresuid, [ 1403 dnl Some platorms have setresuid that isn't implemented, test for this 1404 AC_MSG_CHECKING(if setresuid seems to work) 1405 AC_RUN_IFELSE( 1406 [AC_LANG_SOURCE([[ 1407#include <stdlib.h> 1408#include <errno.h> 1409int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1410 ]])], 1411 [AC_MSG_RESULT(yes)], 1412 [AC_DEFINE(BROKEN_SETRESUID, 1, 1413 [Define if your setresuid() is broken]) 1414 AC_MSG_RESULT(not implemented)], 1415 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1416 ) 1417]) 1418 1419AC_CHECK_FUNCS(setresgid, [ 1420 dnl Some platorms have setresgid that isn't implemented, test for this 1421 AC_MSG_CHECKING(if setresgid seems to work) 1422 AC_RUN_IFELSE( 1423 [AC_LANG_SOURCE([[ 1424#include <stdlib.h> 1425#include <errno.h> 1426int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1427 ]])], 1428 [AC_MSG_RESULT(yes)], 1429 [AC_DEFINE(BROKEN_SETRESGID, 1, 1430 [Define if your setresgid() is broken]) 1431 AC_MSG_RESULT(not implemented)], 1432 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1433 ) 1434]) 1435 1436dnl Checks for time functions 1437AC_CHECK_FUNCS(gettimeofday time) 1438dnl Checks for utmp functions 1439AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1440AC_CHECK_FUNCS(utmpname) 1441dnl Checks for utmpx functions 1442AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1443AC_CHECK_FUNCS(setutxent utmpxname) 1444 1445AC_CHECK_FUNC(daemon, 1446 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1447 [AC_CHECK_LIB(bsd, daemon, 1448 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1449) 1450 1451AC_CHECK_FUNC(getpagesize, 1452 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1453 [Define if your libraries define getpagesize()])], 1454 [AC_CHECK_LIB(ucb, getpagesize, 1455 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1456) 1457 1458# Check for broken snprintf 1459if test "x$ac_cv_func_snprintf" = "xyes" ; then 1460 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1461 AC_RUN_IFELSE( 1462 [AC_LANG_SOURCE([[ 1463#include <stdio.h> 1464int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1465 ]])], 1466 [AC_MSG_RESULT(yes)], 1467 [ 1468 AC_MSG_RESULT(no) 1469 AC_DEFINE(BROKEN_SNPRINTF, 1, 1470 [Define if your snprintf is busted]) 1471 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1472 ], 1473 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1474 ) 1475fi 1476 1477# If we don't have a working asprintf, then we strongly depend on vsnprintf 1478# returning the right thing on overflow: the number of characters it tried to 1479# create (as per SUSv3) 1480if test "x$ac_cv_func_asprintf" != "xyes" && \ 1481 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1482 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1483 AC_RUN_IFELSE( 1484 [AC_LANG_SOURCE([[ 1485#include <sys/types.h> 1486#include <stdio.h> 1487#include <stdarg.h> 1488 1489int x_snprintf(char *str,size_t count,const char *fmt,...) 1490{ 1491 size_t ret; va_list ap; 1492 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1493 return ret; 1494} 1495int main(void) 1496{ 1497 char x[1]; 1498 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1499} ]])], 1500 [AC_MSG_RESULT(yes)], 1501 [ 1502 AC_MSG_RESULT(no) 1503 AC_DEFINE(BROKEN_SNPRINTF, 1, 1504 [Define if your snprintf is busted]) 1505 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1506 ], 1507 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1508 ) 1509fi 1510 1511# On systems where [v]snprintf is broken, but is declared in stdio, 1512# check that the fmt argument is const char * or just char *. 1513# This is only useful for when BROKEN_SNPRINTF 1514AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1515AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1516 int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1517 int main(void) { snprintf(0, 0, 0); } 1518 ]])], 1519 [AC_MSG_RESULT(yes) 1520 AC_DEFINE(SNPRINTF_CONST, [const], 1521 [Define as const if snprintf() can declare const char *fmt])], 1522 [AC_MSG_RESULT(no) 1523 AC_DEFINE(SNPRINTF_CONST, [/* not const */])]) 1524 1525# Check for missing getpeereid (or equiv) support 1526NO_PEERCHECK="" 1527if test "x$ac_cv_func_getpeereid" != "xyes" ; then 1528 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1529 AC_TRY_COMPILE( 1530 [#include <sys/types.h> 1531 #include <sys/socket.h>], 1532 [int i = SO_PEERCRED;], 1533 [ AC_MSG_RESULT(yes) 1534 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1535 ], 1536 [AC_MSG_RESULT(no) 1537 NO_PEERCHECK=1] 1538 ) 1539fi 1540 1541dnl see whether mkstemp() requires XXXXXX 1542if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1543AC_MSG_CHECKING([for (overly) strict mkstemp]) 1544AC_RUN_IFELSE( 1545 [AC_LANG_SOURCE([[ 1546#include <stdlib.h> 1547main() { char template[]="conftest.mkstemp-test"; 1548if (mkstemp(template) == -1) 1549 exit(1); 1550unlink(template); exit(0); 1551} 1552 ]])], 1553 [ 1554 AC_MSG_RESULT(no) 1555 ], 1556 [ 1557 AC_MSG_RESULT(yes) 1558 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1559 ], 1560 [ 1561 AC_MSG_RESULT(yes) 1562 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1563 ] 1564) 1565fi 1566 1567dnl make sure that openpty does not reacquire controlling terminal 1568if test ! -z "$check_for_openpty_ctty_bug"; then 1569 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1570 AC_RUN_IFELSE( 1571 [AC_LANG_SOURCE([[ 1572#include <stdio.h> 1573#include <sys/fcntl.h> 1574#include <sys/types.h> 1575#include <sys/wait.h> 1576 1577int 1578main() 1579{ 1580 pid_t pid; 1581 int fd, ptyfd, ttyfd, status; 1582 1583 pid = fork(); 1584 if (pid < 0) { /* failed */ 1585 exit(1); 1586 } else if (pid > 0) { /* parent */ 1587 waitpid(pid, &status, 0); 1588 if (WIFEXITED(status)) 1589 exit(WEXITSTATUS(status)); 1590 else 1591 exit(2); 1592 } else { /* child */ 1593 close(0); close(1); close(2); 1594 setsid(); 1595 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1596 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1597 if (fd >= 0) 1598 exit(3); /* Acquired ctty: broken */ 1599 else 1600 exit(0); /* Did not acquire ctty: OK */ 1601 } 1602} 1603 ]])], 1604 [ 1605 AC_MSG_RESULT(yes) 1606 ], 1607 [ 1608 AC_MSG_RESULT(no) 1609 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1610 ], 1611 [ 1612 AC_MSG_RESULT(cross-compiling, assuming yes) 1613 ] 1614 ) 1615fi 1616 1617if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1618 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1619 AC_MSG_CHECKING(if getaddrinfo seems to work) 1620 AC_RUN_IFELSE( 1621 [AC_LANG_SOURCE([[ 1622#include <stdio.h> 1623#include <sys/socket.h> 1624#include <netdb.h> 1625#include <errno.h> 1626#include <netinet/in.h> 1627 1628#define TEST_PORT "2222" 1629 1630int 1631main(void) 1632{ 1633 int err, sock; 1634 struct addrinfo *gai_ai, *ai, hints; 1635 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1636 1637 memset(&hints, 0, sizeof(hints)); 1638 hints.ai_family = PF_UNSPEC; 1639 hints.ai_socktype = SOCK_STREAM; 1640 hints.ai_flags = AI_PASSIVE; 1641 1642 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1643 if (err != 0) { 1644 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1645 exit(1); 1646 } 1647 1648 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1649 if (ai->ai_family != AF_INET6) 1650 continue; 1651 1652 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1653 sizeof(ntop), strport, sizeof(strport), 1654 NI_NUMERICHOST|NI_NUMERICSERV); 1655 1656 if (err != 0) { 1657 if (err == EAI_SYSTEM) 1658 perror("getnameinfo EAI_SYSTEM"); 1659 else 1660 fprintf(stderr, "getnameinfo failed: %s\n", 1661 gai_strerror(err)); 1662 exit(2); 1663 } 1664 1665 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1666 if (sock < 0) 1667 perror("socket"); 1668 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1669 if (errno == EBADF) 1670 exit(3); 1671 } 1672 } 1673 exit(0); 1674} 1675 ]])], 1676 [ 1677 AC_MSG_RESULT(yes) 1678 ], 1679 [ 1680 AC_MSG_RESULT(no) 1681 AC_DEFINE(BROKEN_GETADDRINFO) 1682 ], 1683 [ 1684 AC_MSG_RESULT(cross-compiling, assuming yes) 1685 ] 1686 ) 1687fi 1688 1689if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1690 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1691 AC_MSG_CHECKING(if getaddrinfo seems to work) 1692 AC_RUN_IFELSE( 1693 [AC_LANG_SOURCE([[ 1694#include <stdio.h> 1695#include <sys/socket.h> 1696#include <netdb.h> 1697#include <errno.h> 1698#include <netinet/in.h> 1699 1700#define TEST_PORT "2222" 1701 1702int 1703main(void) 1704{ 1705 int err, sock; 1706 struct addrinfo *gai_ai, *ai, hints; 1707 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1708 1709 memset(&hints, 0, sizeof(hints)); 1710 hints.ai_family = PF_UNSPEC; 1711 hints.ai_socktype = SOCK_STREAM; 1712 hints.ai_flags = AI_PASSIVE; 1713 1714 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1715 if (err != 0) { 1716 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1717 exit(1); 1718 } 1719 1720 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1721 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1722 continue; 1723 1724 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1725 sizeof(ntop), strport, sizeof(strport), 1726 NI_NUMERICHOST|NI_NUMERICSERV); 1727 1728 if (ai->ai_family == AF_INET && err != 0) { 1729 perror("getnameinfo"); 1730 exit(2); 1731 } 1732 } 1733 exit(0); 1734} 1735 ]])], 1736 [ 1737 AC_MSG_RESULT(yes) 1738 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1739 [Define if you have a getaddrinfo that fails 1740 for the all-zeros IPv6 address]) 1741 ], 1742 [ 1743 AC_MSG_RESULT(no) 1744 AC_DEFINE(BROKEN_GETADDRINFO) 1745 ], 1746 [ 1747 AC_MSG_RESULT(cross-compiling, assuming no) 1748 ] 1749 ) 1750fi 1751 1752if test "x$check_for_conflicting_getspnam" = "x1"; then 1753 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1754 AC_COMPILE_IFELSE( 1755 [ 1756#include <shadow.h> 1757int main(void) {exit(0);} 1758 ], 1759 [ 1760 AC_MSG_RESULT(no) 1761 ], 1762 [ 1763 AC_MSG_RESULT(yes) 1764 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1765 [Conflicting defs for getspnam]) 1766 ] 1767 ) 1768fi 1769 1770AC_FUNC_GETPGRP 1771 1772# Search for OpenSSL 1773saved_CPPFLAGS="$CPPFLAGS" 1774saved_LDFLAGS="$LDFLAGS" 1775AC_ARG_WITH(ssl-dir, 1776 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1777 [ 1778 if test "x$withval" != "xno" ; then 1779 case "$withval" in 1780 # Relative paths 1781 ./*|../*) withval="`pwd`/$withval" 1782 esac 1783 if test -d "$withval/lib"; then 1784 if test -n "${need_dash_r}"; then 1785 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1786 else 1787 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1788 fi 1789 else 1790 if test -n "${need_dash_r}"; then 1791 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1792 else 1793 LDFLAGS="-L${withval} ${LDFLAGS}" 1794 fi 1795 fi 1796 if test -d "$withval/include"; then 1797 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1798 else 1799 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1800 fi 1801 fi 1802 ] 1803) 1804LIBS="-lcrypto $LIBS" 1805AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 1806 [Define if your ssl headers are included 1807 with #include <openssl/header.h>]), 1808 [ 1809 dnl Check default openssl install dir 1810 if test -n "${need_dash_r}"; then 1811 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1812 else 1813 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1814 fi 1815 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1816 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1817 [ 1818 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1819 ] 1820 ) 1821 ] 1822) 1823 1824# Determine OpenSSL header version 1825AC_MSG_CHECKING([OpenSSL header version]) 1826AC_RUN_IFELSE( 1827 [AC_LANG_SOURCE([[ 1828#include <stdio.h> 1829#include <string.h> 1830#include <openssl/opensslv.h> 1831#define DATA "conftest.sslincver" 1832int main(void) { 1833 FILE *fd; 1834 int rc; 1835 1836 fd = fopen(DATA,"w"); 1837 if(fd == NULL) 1838 exit(1); 1839 1840 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1841 exit(1); 1842 1843 exit(0); 1844} 1845 ]])], 1846 [ 1847 ssl_header_ver=`cat conftest.sslincver` 1848 AC_MSG_RESULT($ssl_header_ver) 1849 ], 1850 [ 1851 AC_MSG_RESULT(not found) 1852 AC_MSG_ERROR(OpenSSL version header not found.) 1853 ], 1854 [ 1855 AC_MSG_WARN([cross compiling: not checking]) 1856 ] 1857) 1858 1859# Determine OpenSSL library version 1860AC_MSG_CHECKING([OpenSSL library version]) 1861AC_RUN_IFELSE( 1862 [AC_LANG_SOURCE([[ 1863#include <stdio.h> 1864#include <string.h> 1865#include <openssl/opensslv.h> 1866#include <openssl/crypto.h> 1867#define DATA "conftest.ssllibver" 1868int main(void) { 1869 FILE *fd; 1870 int rc; 1871 1872 fd = fopen(DATA,"w"); 1873 if(fd == NULL) 1874 exit(1); 1875 1876 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1877 exit(1); 1878 1879 exit(0); 1880} 1881 ]])], 1882 [ 1883 ssl_library_ver=`cat conftest.ssllibver` 1884 AC_MSG_RESULT($ssl_library_ver) 1885 ], 1886 [ 1887 AC_MSG_RESULT(not found) 1888 AC_MSG_ERROR(OpenSSL library not found.) 1889 ], 1890 [ 1891 AC_MSG_WARN([cross compiling: not checking]) 1892 ] 1893) 1894 1895# Sanity check OpenSSL headers 1896AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1897AC_RUN_IFELSE( 1898 [AC_LANG_SOURCE([[ 1899#include <string.h> 1900#include <openssl/opensslv.h> 1901int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1902 ]])], 1903 [ 1904 AC_MSG_RESULT(yes) 1905 ], 1906 [ 1907 AC_MSG_RESULT(no) 1908 AC_MSG_ERROR([Your OpenSSL headers do not match your library. 1909Check config.log for details. 1910Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1911 ], 1912 [ 1913 AC_MSG_WARN([cross compiling: not checking]) 1914 ] 1915) 1916 1917AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 1918AC_LINK_IFELSE( 1919 [AC_LANG_SOURCE([[ 1920#include <openssl/evp.h> 1921int main(void) { SSLeay_add_all_algorithms(); } 1922 ]])], 1923 [ 1924 AC_MSG_RESULT(yes) 1925 ], 1926 [ 1927 AC_MSG_RESULT(no) 1928 saved_LIBS="$LIBS" 1929 LIBS="$LIBS -ldl" 1930 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 1931 AC_LINK_IFELSE( 1932 [AC_LANG_SOURCE([[ 1933#include <openssl/evp.h> 1934int main(void) { SSLeay_add_all_algorithms(); } 1935 ]])], 1936 [ 1937 AC_MSG_RESULT(yes) 1938 ], 1939 [ 1940 AC_MSG_RESULT(no) 1941 LIBS="$saved_LIBS" 1942 ] 1943 ) 1944 ] 1945) 1946 1947AC_ARG_WITH(ssl-engine, 1948 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 1949 [ if test "x$withval" != "xno" ; then 1950 AC_MSG_CHECKING(for OpenSSL ENGINE support) 1951 AC_TRY_COMPILE( 1952 [ #include <openssl/engine.h>], 1953 [ 1954ENGINE_load_builtin_engines();ENGINE_register_all_complete(); 1955 ], 1956 [ AC_MSG_RESULT(yes) 1957 AC_DEFINE(USE_OPENSSL_ENGINE, 1, 1958 [Enable OpenSSL engine support]) 1959 ], 1960 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] 1961 ) 1962 fi ] 1963) 1964 1965# Check for OpenSSL without EVP_aes_{192,256}_cbc 1966AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 1967AC_LINK_IFELSE( 1968 [AC_LANG_SOURCE([[ 1969#include <string.h> 1970#include <openssl/evp.h> 1971int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);} 1972 ]])], 1973 [ 1974 AC_MSG_RESULT(no) 1975 ], 1976 [ 1977 AC_MSG_RESULT(yes) 1978 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 1979 [libcrypto is missing AES 192 and 256 bit functions]) 1980 ] 1981) 1982 1983# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 1984# because the system crypt() is more featureful. 1985if test "x$check_for_libcrypt_before" = "x1"; then 1986 AC_CHECK_LIB(crypt, crypt) 1987fi 1988 1989# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1990# version in OpenSSL. 1991if test "x$check_for_libcrypt_later" = "x1"; then 1992 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1993fi 1994 1995# Search for SHA256 support in libc and/or OpenSSL 1996AC_CHECK_FUNCS(SHA256_Update EVP_sha256) 1997 1998AC_CHECK_LIB(iaf, ia_openinfo) 1999 2000### Configure cryptographic random number support 2001 2002# Check wheter OpenSSL seeds itself 2003AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 2004AC_RUN_IFELSE( 2005 [AC_LANG_SOURCE([[ 2006#include <string.h> 2007#include <openssl/rand.h> 2008int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 2009 ]])], 2010 [ 2011 OPENSSL_SEEDS_ITSELF=yes 2012 AC_MSG_RESULT(yes) 2013 ], 2014 [ 2015 AC_MSG_RESULT(no) 2016 # Default to use of the rand helper if OpenSSL doesn't 2017 # seed itself 2018 USE_RAND_HELPER=yes 2019 ], 2020 [ 2021 AC_MSG_WARN([cross compiling: assuming yes]) 2022 # This is safe, since all recent OpenSSL versions will 2023 # complain at runtime if not seeded correctly. 2024 OPENSSL_SEEDS_ITSELF=yes 2025 ] 2026) 2027 2028# Check for PAM libs 2029PAM_MSG="no" 2030AC_ARG_WITH(pam, 2031 [ --with-pam Enable PAM support ], 2032 [ 2033 if test "x$withval" != "xno" ; then 2034 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2035 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2036 AC_MSG_ERROR([PAM headers not found]) 2037 fi 2038 2039 saved_LIBS="$LIBS" 2040 AC_CHECK_LIB(dl, dlopen, , ) 2041 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 2042 AC_CHECK_FUNCS(pam_getenvlist) 2043 AC_CHECK_FUNCS(pam_putenv) 2044 LIBS="$saved_LIBS" 2045 2046 PAM_MSG="yes" 2047 2048 LIBPAM="-lpam" 2049 AC_DEFINE(USE_PAM, 1, 2050 [Define if you want to enable PAM support]) 2051 2052 if test $ac_cv_lib_dl_dlopen = yes; then 2053 case "$LIBS" in 2054 *-ldl*) 2055 # libdl already in LIBS 2056 ;; 2057 *) 2058 LIBPAM="$LIBPAM -ldl" 2059 ;; 2060 esac 2061 fi 2062 AC_SUBST(LIBPAM) 2063 fi 2064 ] 2065) 2066 2067# Check for older PAM 2068if test "x$PAM_MSG" = "xyes" ; then 2069 # Check PAM strerror arguments (old PAM) 2070 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2071 AC_TRY_COMPILE( 2072 [ 2073#include <stdlib.h> 2074#if defined(HAVE_SECURITY_PAM_APPL_H) 2075#include <security/pam_appl.h> 2076#elif defined (HAVE_PAM_PAM_APPL_H) 2077#include <pam/pam_appl.h> 2078#endif 2079 ], 2080 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 2081 [AC_MSG_RESULT(no)], 2082 [ 2083 AC_DEFINE(HAVE_OLD_PAM, 1, 2084 [Define if you have an old version of PAM 2085 which takes only one argument to pam_strerror]) 2086 AC_MSG_RESULT(yes) 2087 PAM_MSG="yes (old library)" 2088 ] 2089 ) 2090fi 2091 2092# Do we want to force the use of the rand helper? 2093AC_ARG_WITH(rand-helper, 2094 [ --with-rand-helper Use subprocess to gather strong randomness ], 2095 [ 2096 if test "x$withval" = "xno" ; then 2097 # Force use of OpenSSL's internal RNG, even if 2098 # the previous test showed it to be unseeded. 2099 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 2100 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 2101 OPENSSL_SEEDS_ITSELF=yes 2102 USE_RAND_HELPER="" 2103 fi 2104 else 2105 USE_RAND_HELPER=yes 2106 fi 2107 ], 2108) 2109 2110# Which randomness source do we use? 2111if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 2112 # OpenSSL only 2113 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 2114 [Define if you want OpenSSL's internally seeded PRNG only]) 2115 RAND_MSG="OpenSSL internal ONLY" 2116 INSTALL_SSH_RAND_HELPER="" 2117elif test ! -z "$USE_RAND_HELPER" ; then 2118 # install rand helper 2119 RAND_MSG="ssh-rand-helper" 2120 INSTALL_SSH_RAND_HELPER="yes" 2121fi 2122AC_SUBST(INSTALL_SSH_RAND_HELPER) 2123 2124### Configuration of ssh-rand-helper 2125 2126# PRNGD TCP socket 2127AC_ARG_WITH(prngd-port, 2128 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2129 [ 2130 case "$withval" in 2131 no) 2132 withval="" 2133 ;; 2134 [[0-9]]*) 2135 ;; 2136 *) 2137 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 2138 ;; 2139 esac 2140 if test ! -z "$withval" ; then 2141 PRNGD_PORT="$withval" 2142 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 2143 [Port number of PRNGD/EGD random number socket]) 2144 fi 2145 ] 2146) 2147 2148# PRNGD Unix domain socket 2149AC_ARG_WITH(prngd-socket, 2150 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2151 [ 2152 case "$withval" in 2153 yes) 2154 withval="/var/run/egd-pool" 2155 ;; 2156 no) 2157 withval="" 2158 ;; 2159 /*) 2160 ;; 2161 *) 2162 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 2163 ;; 2164 esac 2165 2166 if test ! -z "$withval" ; then 2167 if test ! -z "$PRNGD_PORT" ; then 2168 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2169 fi 2170 if test ! -r "$withval" ; then 2171 AC_MSG_WARN(Entropy socket is not readable) 2172 fi 2173 PRNGD_SOCKET="$withval" 2174 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2175 [Location of PRNGD/EGD random number socket]) 2176 fi 2177 ], 2178 [ 2179 # Check for existing socket only if we don't have a random device already 2180 if test "$USE_RAND_HELPER" = yes ; then 2181 AC_MSG_CHECKING(for PRNGD/EGD socket) 2182 # Insert other locations here 2183 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2184 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2185 PRNGD_SOCKET="$sock" 2186 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2187 break; 2188 fi 2189 done 2190 if test ! -z "$PRNGD_SOCKET" ; then 2191 AC_MSG_RESULT($PRNGD_SOCKET) 2192 else 2193 AC_MSG_RESULT(not found) 2194 fi 2195 fi 2196 ] 2197) 2198 2199# Change default command timeout for hashing entropy source 2200entropy_timeout=200 2201AC_ARG_WITH(entropy-timeout, 2202 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2203 [ 2204 if test -n "$withval" && test "x$withval" != "xno" && \ 2205 test "x${withval}" != "xyes"; then 2206 entropy_timeout=$withval 2207 fi 2208 ] 2209) 2210AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2211 [Builtin PRNG command timeout]) 2212 2213SSH_PRIVSEP_USER=sshd 2214AC_ARG_WITH(privsep-user, 2215 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2216 [ 2217 if test -n "$withval" && test "x$withval" != "xno" && \ 2218 test "x${withval}" != "xyes"; then 2219 SSH_PRIVSEP_USER=$withval 2220 fi 2221 ] 2222) 2223AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2224 [non-privileged user for privilege separation]) 2225AC_SUBST(SSH_PRIVSEP_USER) 2226 2227# We do this little dance with the search path to insure 2228# that programs that we select for use by installed programs 2229# (which may be run by the super-user) come from trusted 2230# locations before they come from the user's private area. 2231# This should help avoid accidentally configuring some 2232# random version of a program in someone's personal bin. 2233 2234OPATH=$PATH 2235PATH=/bin:/usr/bin 2236test -h /bin 2> /dev/null && PATH=/usr/bin 2237test -d /sbin && PATH=$PATH:/sbin 2238test -d /usr/sbin && PATH=$PATH:/usr/sbin 2239PATH=$PATH:/etc:$OPATH 2240 2241# These programs are used by the command hashing source to gather entropy 2242OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2243OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2244OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2245OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2246OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2247OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2248OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2249OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2250OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2251OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2252OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2253OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2254OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2255OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2256OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2257OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2258# restore PATH 2259PATH=$OPATH 2260 2261# Where does ssh-rand-helper get its randomness from? 2262INSTALL_SSH_PRNG_CMDS="" 2263if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2264 if test ! -z "$PRNGD_PORT" ; then 2265 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2266 elif test ! -z "$PRNGD_SOCKET" ; then 2267 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2268 else 2269 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2270 RAND_HELPER_CMDHASH=yes 2271 INSTALL_SSH_PRNG_CMDS="yes" 2272 fi 2273fi 2274AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2275 2276 2277# Cheap hack to ensure NEWS-OS libraries are arranged right. 2278if test ! -z "$SONY" ; then 2279 LIBS="$LIBS -liberty"; 2280fi 2281 2282# Check for long long datatypes 2283AC_CHECK_TYPES([long long, unsigned long long, long double]) 2284 2285# Check datatype sizes 2286AC_CHECK_SIZEOF(char, 1) 2287AC_CHECK_SIZEOF(short int, 2) 2288AC_CHECK_SIZEOF(int, 4) 2289AC_CHECK_SIZEOF(long int, 4) 2290AC_CHECK_SIZEOF(long long int, 8) 2291 2292# Sanity check long long for some platforms (AIX) 2293if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2294 ac_cv_sizeof_long_long_int=0 2295fi 2296 2297# compute LLONG_MIN and LLONG_MAX if we don't know them. 2298if test -z "$have_llong_max"; then 2299 AC_MSG_CHECKING([for max value of long long]) 2300 AC_RUN_IFELSE( 2301 [AC_LANG_SOURCE([[ 2302#include <stdio.h> 2303/* Why is this so damn hard? */ 2304#ifdef __GNUC__ 2305# undef __GNUC__ 2306#endif 2307#define __USE_ISOC99 2308#include <limits.h> 2309#define DATA "conftest.llminmax" 2310#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) 2311 2312/* 2313 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2314 * we do this the hard way. 2315 */ 2316static int 2317fprint_ll(FILE *f, long long n) 2318{ 2319 unsigned int i; 2320 int l[sizeof(long long) * 8]; 2321 2322 if (n < 0) 2323 if (fprintf(f, "-") < 0) 2324 return -1; 2325 for (i = 0; n != 0; i++) { 2326 l[i] = my_abs(n % 10); 2327 n /= 10; 2328 } 2329 do { 2330 if (fprintf(f, "%d", l[--i]) < 0) 2331 return -1; 2332 } while (i != 0); 2333 if (fprintf(f, " ") < 0) 2334 return -1; 2335 return 0; 2336} 2337 2338int main(void) { 2339 FILE *f; 2340 long long i, llmin, llmax = 0; 2341 2342 if((f = fopen(DATA,"w")) == NULL) 2343 exit(1); 2344 2345#if defined(LLONG_MIN) && defined(LLONG_MAX) 2346 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2347 llmin = LLONG_MIN; 2348 llmax = LLONG_MAX; 2349#else 2350 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2351 /* This will work on one's complement and two's complement */ 2352 for (i = 1; i > llmax; i <<= 1, i++) 2353 llmax = i; 2354 llmin = llmax + 1LL; /* wrap */ 2355#endif 2356 2357 /* Sanity check */ 2358 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2359 || llmax - 1 > llmax || llmin == llmax || llmin == 0 2360 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { 2361 fprintf(f, "unknown unknown\n"); 2362 exit(2); 2363 } 2364 2365 if (fprint_ll(f, llmin) < 0) 2366 exit(3); 2367 if (fprint_ll(f, llmax) < 0) 2368 exit(4); 2369 if (fclose(f) < 0) 2370 exit(5); 2371 exit(0); 2372} 2373 ]])], 2374 [ 2375 llong_min=`$AWK '{print $1}' conftest.llminmax` 2376 llong_max=`$AWK '{print $2}' conftest.llminmax` 2377 2378 AC_MSG_RESULT($llong_max) 2379 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2380 [max value of long long calculated by configure]) 2381 AC_MSG_CHECKING([for min value of long long]) 2382 AC_MSG_RESULT($llong_min) 2383 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2384 [min value of long long calculated by configure]) 2385 ], 2386 [ 2387 AC_MSG_RESULT(not found) 2388 ], 2389 [ 2390 AC_MSG_WARN([cross compiling: not checking]) 2391 ] 2392 ) 2393fi 2394 2395 2396# More checks for data types 2397AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2398 AC_TRY_COMPILE( 2399 [ #include <sys/types.h> ], 2400 [ u_int a; a = 1;], 2401 [ ac_cv_have_u_int="yes" ], 2402 [ ac_cv_have_u_int="no" ] 2403 ) 2404]) 2405if test "x$ac_cv_have_u_int" = "xyes" ; then 2406 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2407 have_u_int=1 2408fi 2409 2410AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2411 AC_TRY_COMPILE( 2412 [ #include <sys/types.h> ], 2413 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2414 [ ac_cv_have_intxx_t="yes" ], 2415 [ ac_cv_have_intxx_t="no" ] 2416 ) 2417]) 2418if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2419 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2420 have_intxx_t=1 2421fi 2422 2423if (test -z "$have_intxx_t" && \ 2424 test "x$ac_cv_header_stdint_h" = "xyes") 2425then 2426 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2427 AC_TRY_COMPILE( 2428 [ #include <stdint.h> ], 2429 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2430 [ 2431 AC_DEFINE(HAVE_INTXX_T) 2432 AC_MSG_RESULT(yes) 2433 ], 2434 [ AC_MSG_RESULT(no) ] 2435 ) 2436fi 2437 2438AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2439 AC_TRY_COMPILE( 2440 [ 2441#include <sys/types.h> 2442#ifdef HAVE_STDINT_H 2443# include <stdint.h> 2444#endif 2445#include <sys/socket.h> 2446#ifdef HAVE_SYS_BITYPES_H 2447# include <sys/bitypes.h> 2448#endif 2449 ], 2450 [ int64_t a; a = 1;], 2451 [ ac_cv_have_int64_t="yes" ], 2452 [ ac_cv_have_int64_t="no" ] 2453 ) 2454]) 2455if test "x$ac_cv_have_int64_t" = "xyes" ; then 2456 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2457fi 2458 2459AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2460 AC_TRY_COMPILE( 2461 [ #include <sys/types.h> ], 2462 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2463 [ ac_cv_have_u_intxx_t="yes" ], 2464 [ ac_cv_have_u_intxx_t="no" ] 2465 ) 2466]) 2467if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2468 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2469 have_u_intxx_t=1 2470fi 2471 2472if test -z "$have_u_intxx_t" ; then 2473 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2474 AC_TRY_COMPILE( 2475 [ #include <sys/socket.h> ], 2476 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2477 [ 2478 AC_DEFINE(HAVE_U_INTXX_T) 2479 AC_MSG_RESULT(yes) 2480 ], 2481 [ AC_MSG_RESULT(no) ] 2482 ) 2483fi 2484 2485AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2486 AC_TRY_COMPILE( 2487 [ #include <sys/types.h> ], 2488 [ u_int64_t a; a = 1;], 2489 [ ac_cv_have_u_int64_t="yes" ], 2490 [ ac_cv_have_u_int64_t="no" ] 2491 ) 2492]) 2493if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2494 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2495 have_u_int64_t=1 2496fi 2497 2498if test -z "$have_u_int64_t" ; then 2499 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2500 AC_TRY_COMPILE( 2501 [ #include <sys/bitypes.h> ], 2502 [ u_int64_t a; a = 1], 2503 [ 2504 AC_DEFINE(HAVE_U_INT64_T) 2505 AC_MSG_RESULT(yes) 2506 ], 2507 [ AC_MSG_RESULT(no) ] 2508 ) 2509fi 2510 2511if test -z "$have_u_intxx_t" ; then 2512 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2513 AC_TRY_COMPILE( 2514 [ 2515#include <sys/types.h> 2516 ], 2517 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2518 [ ac_cv_have_uintxx_t="yes" ], 2519 [ ac_cv_have_uintxx_t="no" ] 2520 ) 2521 ]) 2522 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2523 AC_DEFINE(HAVE_UINTXX_T, 1, 2524 [define if you have uintxx_t data type]) 2525 fi 2526fi 2527 2528if test -z "$have_uintxx_t" ; then 2529 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2530 AC_TRY_COMPILE( 2531 [ #include <stdint.h> ], 2532 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2533 [ 2534 AC_DEFINE(HAVE_UINTXX_T) 2535 AC_MSG_RESULT(yes) 2536 ], 2537 [ AC_MSG_RESULT(no) ] 2538 ) 2539fi 2540 2541if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2542 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2543then 2544 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2545 AC_TRY_COMPILE( 2546 [ 2547#include <sys/bitypes.h> 2548 ], 2549 [ 2550 int8_t a; int16_t b; int32_t c; 2551 u_int8_t e; u_int16_t f; u_int32_t g; 2552 a = b = c = e = f = g = 1; 2553 ], 2554 [ 2555 AC_DEFINE(HAVE_U_INTXX_T) 2556 AC_DEFINE(HAVE_INTXX_T) 2557 AC_MSG_RESULT(yes) 2558 ], 2559 [AC_MSG_RESULT(no)] 2560 ) 2561fi 2562 2563 2564AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2565 AC_TRY_COMPILE( 2566 [ 2567#include <sys/types.h> 2568 ], 2569 [ u_char foo; foo = 125; ], 2570 [ ac_cv_have_u_char="yes" ], 2571 [ ac_cv_have_u_char="no" ] 2572 ) 2573]) 2574if test "x$ac_cv_have_u_char" = "xyes" ; then 2575 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2576fi 2577 2578TYPE_SOCKLEN_T 2579 2580AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2581 2582AC_CHECK_TYPES(in_addr_t,,, 2583[#include <sys/types.h> 2584#include <netinet/in.h>]) 2585 2586AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2587 AC_TRY_COMPILE( 2588 [ 2589#include <sys/types.h> 2590 ], 2591 [ size_t foo; foo = 1235; ], 2592 [ ac_cv_have_size_t="yes" ], 2593 [ ac_cv_have_size_t="no" ] 2594 ) 2595]) 2596if test "x$ac_cv_have_size_t" = "xyes" ; then 2597 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2598fi 2599 2600AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2601 AC_TRY_COMPILE( 2602 [ 2603#include <sys/types.h> 2604 ], 2605 [ ssize_t foo; foo = 1235; ], 2606 [ ac_cv_have_ssize_t="yes" ], 2607 [ ac_cv_have_ssize_t="no" ] 2608 ) 2609]) 2610if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2611 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2612fi 2613 2614AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2615 AC_TRY_COMPILE( 2616 [ 2617#include <time.h> 2618 ], 2619 [ clock_t foo; foo = 1235; ], 2620 [ ac_cv_have_clock_t="yes" ], 2621 [ ac_cv_have_clock_t="no" ] 2622 ) 2623]) 2624if test "x$ac_cv_have_clock_t" = "xyes" ; then 2625 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2626fi 2627 2628AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2629 AC_TRY_COMPILE( 2630 [ 2631#include <sys/types.h> 2632#include <sys/socket.h> 2633 ], 2634 [ sa_family_t foo; foo = 1235; ], 2635 [ ac_cv_have_sa_family_t="yes" ], 2636 [ AC_TRY_COMPILE( 2637 [ 2638#include <sys/types.h> 2639#include <sys/socket.h> 2640#include <netinet/in.h> 2641 ], 2642 [ sa_family_t foo; foo = 1235; ], 2643 [ ac_cv_have_sa_family_t="yes" ], 2644 2645 [ ac_cv_have_sa_family_t="no" ] 2646 )] 2647 ) 2648]) 2649if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2650 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2651 [define if you have sa_family_t data type]) 2652fi 2653 2654AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2655 AC_TRY_COMPILE( 2656 [ 2657#include <sys/types.h> 2658 ], 2659 [ pid_t foo; foo = 1235; ], 2660 [ ac_cv_have_pid_t="yes" ], 2661 [ ac_cv_have_pid_t="no" ] 2662 ) 2663]) 2664if test "x$ac_cv_have_pid_t" = "xyes" ; then 2665 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2666fi 2667 2668AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2669 AC_TRY_COMPILE( 2670 [ 2671#include <sys/types.h> 2672 ], 2673 [ mode_t foo; foo = 1235; ], 2674 [ ac_cv_have_mode_t="yes" ], 2675 [ ac_cv_have_mode_t="no" ] 2676 ) 2677]) 2678if test "x$ac_cv_have_mode_t" = "xyes" ; then 2679 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2680fi 2681 2682 2683AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2684 AC_TRY_COMPILE( 2685 [ 2686#include <sys/types.h> 2687#include <sys/socket.h> 2688 ], 2689 [ struct sockaddr_storage s; ], 2690 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2691 [ ac_cv_have_struct_sockaddr_storage="no" ] 2692 ) 2693]) 2694if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2695 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 2696 [define if you have struct sockaddr_storage data type]) 2697fi 2698 2699AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2700 AC_TRY_COMPILE( 2701 [ 2702#include <sys/types.h> 2703#include <netinet/in.h> 2704 ], 2705 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2706 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2707 [ ac_cv_have_struct_sockaddr_in6="no" ] 2708 ) 2709]) 2710if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2711 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 2712 [define if you have struct sockaddr_in6 data type]) 2713fi 2714 2715AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2716 AC_TRY_COMPILE( 2717 [ 2718#include <sys/types.h> 2719#include <netinet/in.h> 2720 ], 2721 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2722 [ ac_cv_have_struct_in6_addr="yes" ], 2723 [ ac_cv_have_struct_in6_addr="no" ] 2724 ) 2725]) 2726if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2727 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 2728 [define if you have struct in6_addr data type]) 2729fi 2730 2731AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2732 AC_TRY_COMPILE( 2733 [ 2734#include <sys/types.h> 2735#include <sys/socket.h> 2736#include <netdb.h> 2737 ], 2738 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2739 [ ac_cv_have_struct_addrinfo="yes" ], 2740 [ ac_cv_have_struct_addrinfo="no" ] 2741 ) 2742]) 2743if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2744 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 2745 [define if you have struct addrinfo data type]) 2746fi 2747 2748AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2749 AC_TRY_COMPILE( 2750 [ #include <sys/time.h> ], 2751 [ struct timeval tv; tv.tv_sec = 1;], 2752 [ ac_cv_have_struct_timeval="yes" ], 2753 [ ac_cv_have_struct_timeval="no" ] 2754 ) 2755]) 2756if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2757 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 2758 have_struct_timeval=1 2759fi 2760 2761AC_CHECK_TYPES(struct timespec) 2762 2763# We need int64_t or else certian parts of the compile will fail. 2764if test "x$ac_cv_have_int64_t" = "xno" && \ 2765 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2766 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2767 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2768 echo "an alternative compiler (I.E., GCC) before continuing." 2769 echo "" 2770 exit 1; 2771else 2772dnl test snprintf (broken on SCO w/gcc) 2773 AC_RUN_IFELSE( 2774 [AC_LANG_SOURCE([[ 2775#include <stdio.h> 2776#include <string.h> 2777#ifdef HAVE_SNPRINTF 2778main() 2779{ 2780 char buf[50]; 2781 char expected_out[50]; 2782 int mazsize = 50 ; 2783#if (SIZEOF_LONG_INT == 8) 2784 long int num = 0x7fffffffffffffff; 2785#else 2786 long long num = 0x7fffffffffffffffll; 2787#endif 2788 strcpy(expected_out, "9223372036854775807"); 2789 snprintf(buf, mazsize, "%lld", num); 2790 if(strcmp(buf, expected_out) != 0) 2791 exit(1); 2792 exit(0); 2793} 2794#else 2795main() { exit(0); } 2796#endif 2797 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2798 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2799 ) 2800fi 2801 2802dnl Checks for structure members 2803OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2804OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2805OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2806OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2807OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2808OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2809OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2810OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2811OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2812OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2813OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2814OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2815OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2816OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2817OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2818OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2819OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2820 2821AC_CHECK_MEMBERS([struct stat.st_blksize]) 2822AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 2823 [Define if we don't have struct __res_state in resolv.h])], 2824[ 2825#include <stdio.h> 2826#if HAVE_SYS_TYPES_H 2827# include <sys/types.h> 2828#endif 2829#include <netinet/in.h> 2830#include <arpa/nameser.h> 2831#include <resolv.h> 2832]) 2833 2834AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2835 ac_cv_have_ss_family_in_struct_ss, [ 2836 AC_TRY_COMPILE( 2837 [ 2838#include <sys/types.h> 2839#include <sys/socket.h> 2840 ], 2841 [ struct sockaddr_storage s; s.ss_family = 1; ], 2842 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2843 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2844 ) 2845]) 2846if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2847 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 2848fi 2849 2850AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2851 ac_cv_have___ss_family_in_struct_ss, [ 2852 AC_TRY_COMPILE( 2853 [ 2854#include <sys/types.h> 2855#include <sys/socket.h> 2856 ], 2857 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2858 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2859 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2860 ) 2861]) 2862if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2863 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 2864 [Fields in struct sockaddr_storage]) 2865fi 2866 2867AC_CACHE_CHECK([for pw_class field in struct passwd], 2868 ac_cv_have_pw_class_in_struct_passwd, [ 2869 AC_TRY_COMPILE( 2870 [ 2871#include <pwd.h> 2872 ], 2873 [ struct passwd p; p.pw_class = 0; ], 2874 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2875 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 2876 ) 2877]) 2878if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 2879 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 2880 [Define if your password has a pw_class field]) 2881fi 2882 2883AC_CACHE_CHECK([for pw_expire field in struct passwd], 2884 ac_cv_have_pw_expire_in_struct_passwd, [ 2885 AC_TRY_COMPILE( 2886 [ 2887#include <pwd.h> 2888 ], 2889 [ struct passwd p; p.pw_expire = 0; ], 2890 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 2891 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 2892 ) 2893]) 2894if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 2895 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 2896 [Define if your password has a pw_expire field]) 2897fi 2898 2899AC_CACHE_CHECK([for pw_change field in struct passwd], 2900 ac_cv_have_pw_change_in_struct_passwd, [ 2901 AC_TRY_COMPILE( 2902 [ 2903#include <pwd.h> 2904 ], 2905 [ struct passwd p; p.pw_change = 0; ], 2906 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 2907 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 2908 ) 2909]) 2910if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 2911 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 2912 [Define if your password has a pw_change field]) 2913fi 2914 2915dnl make sure we're using the real structure members and not defines 2916AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 2917 ac_cv_have_accrights_in_msghdr, [ 2918 AC_COMPILE_IFELSE( 2919 [ 2920#include <sys/types.h> 2921#include <sys/socket.h> 2922#include <sys/uio.h> 2923int main() { 2924#ifdef msg_accrights 2925#error "msg_accrights is a macro" 2926exit(1); 2927#endif 2928struct msghdr m; 2929m.msg_accrights = 0; 2930exit(0); 2931} 2932 ], 2933 [ ac_cv_have_accrights_in_msghdr="yes" ], 2934 [ ac_cv_have_accrights_in_msghdr="no" ] 2935 ) 2936]) 2937if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 2938 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 2939 [Define if your system uses access rights style 2940 file descriptor passing]) 2941fi 2942 2943AC_CACHE_CHECK([for msg_control field in struct msghdr], 2944 ac_cv_have_control_in_msghdr, [ 2945 AC_COMPILE_IFELSE( 2946 [ 2947#include <sys/types.h> 2948#include <sys/socket.h> 2949#include <sys/uio.h> 2950int main() { 2951#ifdef msg_control 2952#error "msg_control is a macro" 2953exit(1); 2954#endif 2955struct msghdr m; 2956m.msg_control = 0; 2957exit(0); 2958} 2959 ], 2960 [ ac_cv_have_control_in_msghdr="yes" ], 2961 [ ac_cv_have_control_in_msghdr="no" ] 2962 ) 2963]) 2964if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 2965 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 2966 [Define if your system uses ancillary data style 2967 file descriptor passing]) 2968fi 2969 2970AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 2971 AC_TRY_LINK([], 2972 [ extern char *__progname; printf("%s", __progname); ], 2973 [ ac_cv_libc_defines___progname="yes" ], 2974 [ ac_cv_libc_defines___progname="no" ] 2975 ) 2976]) 2977if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 2978 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 2979fi 2980 2981AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 2982 AC_TRY_LINK([ 2983#include <stdio.h> 2984], 2985 [ printf("%s", __FUNCTION__); ], 2986 [ ac_cv_cc_implements___FUNCTION__="yes" ], 2987 [ ac_cv_cc_implements___FUNCTION__="no" ] 2988 ) 2989]) 2990if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 2991 AC_DEFINE(HAVE___FUNCTION__, 1, 2992 [Define if compiler implements __FUNCTION__]) 2993fi 2994 2995AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 2996 AC_TRY_LINK([ 2997#include <stdio.h> 2998], 2999 [ printf("%s", __func__); ], 3000 [ ac_cv_cc_implements___func__="yes" ], 3001 [ ac_cv_cc_implements___func__="no" ] 3002 ) 3003]) 3004if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 3005 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 3006fi 3007 3008AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 3009 AC_TRY_LINK( 3010 [#include <stdarg.h> 3011 va_list x,y;], 3012 [va_copy(x,y);], 3013 [ ac_cv_have_va_copy="yes" ], 3014 [ ac_cv_have_va_copy="no" ] 3015 ) 3016]) 3017if test "x$ac_cv_have_va_copy" = "xyes" ; then 3018 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 3019fi 3020 3021AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3022 AC_TRY_LINK( 3023 [#include <stdarg.h> 3024 va_list x,y;], 3025 [__va_copy(x,y);], 3026 [ ac_cv_have___va_copy="yes" ], 3027 [ ac_cv_have___va_copy="no" ] 3028 ) 3029]) 3030if test "x$ac_cv_have___va_copy" = "xyes" ; then 3031 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 3032fi 3033 3034AC_CACHE_CHECK([whether getopt has optreset support], 3035 ac_cv_have_getopt_optreset, [ 3036 AC_TRY_LINK( 3037 [ 3038#if HAVE_GETOPT_H 3039#include <getopt.h> 3040#elif HAVE_UNISTD_H 3041#include <unistd.h> 3042#endif 3043 ], 3044 [ extern int optreset; optreset = 0; ], 3045 [ ac_cv_have_getopt_optreset="yes" ], 3046 [ ac_cv_have_getopt_optreset="no" ] 3047 ) 3048]) 3049if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3050 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 3051 [Define if your getopt(3) defines and uses optreset]) 3052fi 3053 3054AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3055 AC_TRY_LINK([], 3056 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 3057 [ ac_cv_libc_defines_sys_errlist="yes" ], 3058 [ ac_cv_libc_defines_sys_errlist="no" ] 3059 ) 3060]) 3061if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3062 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 3063 [Define if your system defines sys_errlist[]]) 3064fi 3065 3066 3067AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3068 AC_TRY_LINK([], 3069 [ extern int sys_nerr; printf("%i", sys_nerr);], 3070 [ ac_cv_libc_defines_sys_nerr="yes" ], 3071 [ ac_cv_libc_defines_sys_nerr="no" ] 3072 ) 3073]) 3074if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3075 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 3076fi 3077 3078SCARD_MSG="no" 3079# Check whether user wants sectok support 3080AC_ARG_WITH(sectok, 3081 [ --with-sectok Enable smartcard support using libsectok], 3082 [ 3083 if test "x$withval" != "xno" ; then 3084 if test "x$withval" != "xyes" ; then 3085 CPPFLAGS="$CPPFLAGS -I${withval}" 3086 LDFLAGS="$LDFLAGS -L${withval}" 3087 if test ! -z "$need_dash_r" ; then 3088 LDFLAGS="$LDFLAGS -R${withval}" 3089 fi 3090 if test ! -z "$blibpath" ; then 3091 blibpath="$blibpath:${withval}" 3092 fi 3093 fi 3094 AC_CHECK_HEADERS(sectok.h) 3095 if test "$ac_cv_header_sectok_h" != yes; then 3096 AC_MSG_ERROR(Can't find sectok.h) 3097 fi 3098 AC_CHECK_LIB(sectok, sectok_open) 3099 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 3100 AC_MSG_ERROR(Can't find libsectok) 3101 fi 3102 AC_DEFINE(SMARTCARD, 1, 3103 [Define if you want smartcard support]) 3104 AC_DEFINE(USE_SECTOK, 1, 3105 [Define if you want smartcard support 3106 using sectok]) 3107 SCARD_MSG="yes, using sectok" 3108 fi 3109 ] 3110) 3111 3112# Check whether user wants OpenSC support 3113OPENSC_CONFIG="no" 3114AC_ARG_WITH(opensc, 3115 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 3116 [ 3117 if test "x$withval" != "xno" ; then 3118 if test "x$withval" != "xyes" ; then 3119 OPENSC_CONFIG=$withval/bin/opensc-config 3120 else 3121 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 3122 fi 3123 if test "$OPENSC_CONFIG" != "no"; then 3124 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 3125 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 3126 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 3127 LIBS="$LIBS $LIBOPENSC_LIBS" 3128 AC_DEFINE(SMARTCARD) 3129 AC_DEFINE(USE_OPENSC, 1, 3130 [Define if you want smartcard support 3131 using OpenSC]) 3132 SCARD_MSG="yes, using OpenSC" 3133 fi 3134 fi 3135 ] 3136) 3137 3138# Check libraries needed by DNS fingerprint support 3139AC_SEARCH_LIBS(getrrsetbyname, resolv, 3140 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 3141 [Define if getrrsetbyname() exists])], 3142 [ 3143 # Needed by our getrrsetbyname() 3144 AC_SEARCH_LIBS(res_query, resolv) 3145 AC_SEARCH_LIBS(dn_expand, resolv) 3146 AC_MSG_CHECKING(if res_query will link) 3147 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 3148 [AC_MSG_RESULT(no) 3149 saved_LIBS="$LIBS" 3150 LIBS="$LIBS -lresolv" 3151 AC_MSG_CHECKING(for res_query in -lresolv) 3152 AC_LINK_IFELSE([ 3153#include <resolv.h> 3154int main() 3155{ 3156 res_query (0, 0, 0, 0, 0); 3157 return 0; 3158} 3159 ], 3160 [LIBS="$LIBS -lresolv" 3161 AC_MSG_RESULT(yes)], 3162 [LIBS="$saved_LIBS" 3163 AC_MSG_RESULT(no)]) 3164 ]) 3165 AC_CHECK_FUNCS(_getshort _getlong) 3166 AC_CHECK_DECLS([_getshort, _getlong], , , 3167 [#include <sys/types.h> 3168 #include <arpa/nameser.h>]) 3169 AC_CHECK_MEMBER(HEADER.ad, 3170 [AC_DEFINE(HAVE_HEADER_AD, 1, 3171 [Define if HEADER.ad exists in arpa/nameser.h])],, 3172 [#include <arpa/nameser.h>]) 3173 ]) 3174 3175# Check whether user wants SELinux support 3176SELINUX_MSG="no" 3177LIBSELINUX="" 3178AC_ARG_WITH(selinux, 3179 [ --with-selinux Enable SELinux support], 3180 [ if test "x$withval" != "xno" ; then 3181 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) 3182 SELINUX_MSG="yes" 3183 AC_CHECK_HEADER([selinux/selinux.h], , 3184 AC_MSG_ERROR(SELinux support requires selinux.h header)) 3185 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], 3186 AC_MSG_ERROR(SELinux support requires libselinux library)) 3187 save_LIBS="$LIBS" 3188 LIBS="$LIBS $LIBSELINUX" 3189 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) 3190 LIBS="$save_LIBS" 3191 fi ] 3192) 3193AC_SUBST(LIBSELINUX) 3194 3195# Check whether user wants Kerberos 5 support 3196KRB5_MSG="no" 3197AC_ARG_WITH(kerberos5, 3198 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3199 [ if test "x$withval" != "xno" ; then 3200 if test "x$withval" = "xyes" ; then 3201 KRB5ROOT="/usr/local" 3202 else 3203 KRB5ROOT=${withval} 3204 fi 3205 3206 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3207 KRB5_MSG="yes" 3208 3209 AC_MSG_CHECKING(for krb5-config) 3210 if test -x $KRB5ROOT/bin/krb5-config ; then 3211 KRB5CONF=$KRB5ROOT/bin/krb5-config 3212 AC_MSG_RESULT($KRB5CONF) 3213 3214 AC_MSG_CHECKING(for gssapi support) 3215 if $KRB5CONF | grep gssapi >/dev/null ; then 3216 AC_MSG_RESULT(yes) 3217 AC_DEFINE(GSSAPI, 1, 3218 [Define this if you want GSSAPI 3219 support in the version 2 protocol]) 3220 k5confopts=gssapi 3221 else 3222 AC_MSG_RESULT(no) 3223 k5confopts="" 3224 fi 3225 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3226 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3227 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3228 AC_MSG_CHECKING(whether we are using Heimdal) 3229 AC_TRY_COMPILE([ #include <krb5.h> ], 3230 [ char *tmp = heimdal_version; ], 3231 [ AC_MSG_RESULT(yes) 3232 AC_DEFINE(HEIMDAL, 1, 3233 [Define this if you are using the 3234 Heimdal version of Kerberos V5]) ], 3235 AC_MSG_RESULT(no) 3236 ) 3237 else 3238 AC_MSG_RESULT(no) 3239 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3240 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3241 AC_MSG_CHECKING(whether we are using Heimdal) 3242 AC_TRY_COMPILE([ #include <krb5.h> ], 3243 [ char *tmp = heimdal_version; ], 3244 [ AC_MSG_RESULT(yes) 3245 AC_DEFINE(HEIMDAL) 3246 K5LIBS="-lkrb5 -ldes" 3247 K5LIBS="$K5LIBS -lcom_err -lasn1" 3248 AC_CHECK_LIB(roken, net_write, 3249 [K5LIBS="$K5LIBS -lroken"]) 3250 ], 3251 [ AC_MSG_RESULT(no) 3252 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3253 ] 3254 ) 3255 AC_SEARCH_LIBS(dn_expand, resolv) 3256 3257 AC_CHECK_LIB(gssapi,gss_init_sec_context, 3258 [ AC_DEFINE(GSSAPI) 3259 K5LIBS="-lgssapi $K5LIBS" ], 3260 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 3261 [ AC_DEFINE(GSSAPI) 3262 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3263 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3264 $K5LIBS) 3265 ], 3266 $K5LIBS) 3267 3268 AC_CHECK_HEADER(gssapi.h, , 3269 [ unset ac_cv_header_gssapi_h 3270 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3271 AC_CHECK_HEADERS(gssapi.h, , 3272 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3273 ) 3274 ] 3275 ) 3276 3277 oldCPP="$CPPFLAGS" 3278 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3279 AC_CHECK_HEADER(gssapi_krb5.h, , 3280 [ CPPFLAGS="$oldCPP" ]) 3281 3282 fi 3283 if test ! -z "$need_dash_r" ; then 3284 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3285 fi 3286 if test ! -z "$blibpath" ; then 3287 blibpath="$blibpath:${KRB5ROOT}/lib" 3288 fi 3289 3290 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3291 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3292 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3293 3294 LIBS="$LIBS $K5LIBS" 3295 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3296 [Define this if you want to use libkafs' AFS support])) 3297 fi 3298 ] 3299) 3300 3301# Looking for programs, paths and files 3302 3303PRIVSEP_PATH=/var/empty 3304AC_ARG_WITH(privsep-path, 3305 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3306 [ 3307 if test -n "$withval" && test "x$withval" != "xno" && \ 3308 test "x${withval}" != "xyes"; then 3309 PRIVSEP_PATH=$withval 3310 fi 3311 ] 3312) 3313AC_SUBST(PRIVSEP_PATH) 3314 3315AC_ARG_WITH(xauth, 3316 [ --with-xauth=PATH Specify path to xauth program ], 3317 [ 3318 if test -n "$withval" && test "x$withval" != "xno" && \ 3319 test "x${withval}" != "xyes"; then 3320 xauth_path=$withval 3321 fi 3322 ], 3323 [ 3324 TestPath="$PATH" 3325 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3326 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3327 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3328 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3329 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3330 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3331 xauth_path="/usr/openwin/bin/xauth" 3332 fi 3333 ] 3334) 3335 3336STRIP_OPT=-s 3337AC_ARG_ENABLE(strip, 3338 [ --disable-strip Disable calling strip(1) on install], 3339 [ 3340 if test "x$enableval" = "xno" ; then 3341 STRIP_OPT= 3342 fi 3343 ] 3344) 3345AC_SUBST(STRIP_OPT) 3346 3347if test -z "$xauth_path" ; then 3348 XAUTH_PATH="undefined" 3349 AC_SUBST(XAUTH_PATH) 3350else 3351 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3352 [Define if xauth is found in your path]) 3353 XAUTH_PATH=$xauth_path 3354 AC_SUBST(XAUTH_PATH) 3355fi 3356 3357# Check for mail directory (last resort if we cannot get it from headers) 3358if test ! -z "$MAIL" ; then 3359 maildir=`dirname $MAIL` 3360 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3361 [Set this to your mail directory if you don't have maillock.h]) 3362fi 3363 3364if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3365 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3366 disable_ptmx_check=yes 3367fi 3368if test -z "$no_dev_ptmx" ; then 3369 if test "x$disable_ptmx_check" != "xyes" ; then 3370 AC_CHECK_FILE("/dev/ptmx", 3371 [ 3372 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3373 [Define if you have /dev/ptmx]) 3374 have_dev_ptmx=1 3375 ] 3376 ) 3377 fi 3378fi 3379 3380if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3381 AC_CHECK_FILE("/dev/ptc", 3382 [ 3383 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3384 [Define if you have /dev/ptc]) 3385 have_dev_ptc=1 3386 ] 3387 ) 3388else 3389 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3390fi 3391 3392# Options from here on. Some of these are preset by platform above 3393AC_ARG_WITH(mantype, 3394 [ --with-mantype=man|cat|doc Set man page type], 3395 [ 3396 case "$withval" in 3397 man|cat|doc) 3398 MANTYPE=$withval 3399 ;; 3400 *) 3401 AC_MSG_ERROR(invalid man type: $withval) 3402 ;; 3403 esac 3404 ] 3405) 3406if test -z "$MANTYPE"; then 3407 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3408 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3409 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3410 MANTYPE=doc 3411 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3412 MANTYPE=man 3413 else 3414 MANTYPE=cat 3415 fi 3416fi 3417AC_SUBST(MANTYPE) 3418if test "$MANTYPE" = "doc"; then 3419 mansubdir=man; 3420else 3421 mansubdir=$MANTYPE; 3422fi 3423AC_SUBST(mansubdir) 3424 3425# Check whether to enable MD5 passwords 3426MD5_MSG="no" 3427AC_ARG_WITH(md5-passwords, 3428 [ --with-md5-passwords Enable use of MD5 passwords], 3429 [ 3430 if test "x$withval" != "xno" ; then 3431 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3432 [Define if you want to allow MD5 passwords]) 3433 MD5_MSG="yes" 3434 fi 3435 ] 3436) 3437 3438# Whether to disable shadow password support 3439AC_ARG_WITH(shadow, 3440 [ --without-shadow Disable shadow password support], 3441 [ 3442 if test "x$withval" = "xno" ; then 3443 AC_DEFINE(DISABLE_SHADOW) 3444 disable_shadow=yes 3445 fi 3446 ] 3447) 3448 3449if test -z "$disable_shadow" ; then 3450 AC_MSG_CHECKING([if the systems has expire shadow information]) 3451 AC_TRY_COMPILE( 3452 [ 3453#include <sys/types.h> 3454#include <shadow.h> 3455 struct spwd sp; 3456 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3457 [ sp_expire_available=yes ], [] 3458 ) 3459 3460 if test "x$sp_expire_available" = "xyes" ; then 3461 AC_MSG_RESULT(yes) 3462 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3463 [Define if you want to use shadow password expire field]) 3464 else 3465 AC_MSG_RESULT(no) 3466 fi 3467fi 3468 3469# Use ip address instead of hostname in $DISPLAY 3470if test ! -z "$IPADDR_IN_DISPLAY" ; then 3471 DISPLAY_HACK_MSG="yes" 3472 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3473 [Define if you need to use IP address 3474 instead of hostname in $DISPLAY]) 3475else 3476 DISPLAY_HACK_MSG="no" 3477 AC_ARG_WITH(ipaddr-display, 3478 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3479 [ 3480 if test "x$withval" != "xno" ; then 3481 AC_DEFINE(IPADDR_IN_DISPLAY) 3482 DISPLAY_HACK_MSG="yes" 3483 fi 3484 ] 3485 ) 3486fi 3487 3488# check for /etc/default/login and use it if present. 3489AC_ARG_ENABLE(etc-default-login, 3490 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3491 [ if test "x$enableval" = "xno"; then 3492 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3493 etc_default_login=no 3494 else 3495 etc_default_login=yes 3496 fi ], 3497 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3498 then 3499 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3500 etc_default_login=no 3501 else 3502 etc_default_login=yes 3503 fi ] 3504) 3505 3506if test "x$etc_default_login" != "xno"; then 3507 AC_CHECK_FILE("/etc/default/login", 3508 [ external_path_file=/etc/default/login ]) 3509 if test "x$external_path_file" = "x/etc/default/login"; then 3510 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3511 [Define if your system has /etc/default/login]) 3512 fi 3513fi 3514 3515dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3516if test $ac_cv_func_login_getcapbool = "yes" && \ 3517 test $ac_cv_header_login_cap_h = "yes" ; then 3518 external_path_file=/etc/login.conf 3519fi 3520 3521# Whether to mess with the default path 3522SERVER_PATH_MSG="(default)" 3523AC_ARG_WITH(default-path, 3524 [ --with-default-path= Specify default \$PATH environment for server], 3525 [ 3526 if test "x$external_path_file" = "x/etc/login.conf" ; then 3527 AC_MSG_WARN([ 3528--with-default-path=PATH has no effect on this system. 3529Edit /etc/login.conf instead.]) 3530 elif test "x$withval" != "xno" ; then 3531 if test ! -z "$external_path_file" ; then 3532 AC_MSG_WARN([ 3533--with-default-path=PATH will only be used if PATH is not defined in 3534$external_path_file .]) 3535 fi 3536 user_path="$withval" 3537 SERVER_PATH_MSG="$withval" 3538 fi 3539 ], 3540 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3541 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3542 else 3543 if test ! -z "$external_path_file" ; then 3544 AC_MSG_WARN([ 3545If PATH is defined in $external_path_file, ensure the path to scp is included, 3546otherwise scp will not work.]) 3547 fi 3548 AC_RUN_IFELSE( 3549 [AC_LANG_SOURCE([[ 3550/* find out what STDPATH is */ 3551#include <stdio.h> 3552#ifdef HAVE_PATHS_H 3553# include <paths.h> 3554#endif 3555#ifndef _PATH_STDPATH 3556# ifdef _PATH_USERPATH /* Irix */ 3557# define _PATH_STDPATH _PATH_USERPATH 3558# else 3559# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3560# endif 3561#endif 3562#include <sys/types.h> 3563#include <sys/stat.h> 3564#include <fcntl.h> 3565#define DATA "conftest.stdpath" 3566 3567main() 3568{ 3569 FILE *fd; 3570 int rc; 3571 3572 fd = fopen(DATA,"w"); 3573 if(fd == NULL) 3574 exit(1); 3575 3576 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3577 exit(1); 3578 3579 exit(0); 3580} 3581 ]])], 3582 [ user_path=`cat conftest.stdpath` ], 3583 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3584 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3585 ) 3586# make sure $bindir is in USER_PATH so scp will work 3587 t_bindir=`eval echo ${bindir}` 3588 case $t_bindir in 3589 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3590 esac 3591 case $t_bindir in 3592 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3593 esac 3594 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3595 if test $? -ne 0 ; then 3596 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3597 if test $? -ne 0 ; then 3598 user_path=$user_path:$t_bindir 3599 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3600 fi 3601 fi 3602 fi ] 3603) 3604if test "x$external_path_file" != "x/etc/login.conf" ; then 3605 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3606 AC_SUBST(user_path) 3607fi 3608 3609# Set superuser path separately to user path 3610AC_ARG_WITH(superuser-path, 3611 [ --with-superuser-path= Specify different path for super-user], 3612 [ 3613 if test -n "$withval" && test "x$withval" != "xno" && \ 3614 test "x${withval}" != "xyes"; then 3615 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3616 [Define if you want a different $PATH 3617 for the superuser]) 3618 superuser_path=$withval 3619 fi 3620 ] 3621) 3622 3623 3624AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3625IPV4_IN6_HACK_MSG="no" 3626AC_ARG_WITH(4in6, 3627 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3628 [ 3629 if test "x$withval" != "xno" ; then 3630 AC_MSG_RESULT(yes) 3631 AC_DEFINE(IPV4_IN_IPV6, 1, 3632 [Detect IPv4 in IPv6 mapped addresses 3633 and treat as IPv4]) 3634 IPV4_IN6_HACK_MSG="yes" 3635 else 3636 AC_MSG_RESULT(no) 3637 fi 3638 ],[ 3639 if test "x$inet6_default_4in6" = "xyes"; then 3640 AC_MSG_RESULT([yes (default)]) 3641 AC_DEFINE(IPV4_IN_IPV6) 3642 IPV4_IN6_HACK_MSG="yes" 3643 else 3644 AC_MSG_RESULT([no (default)]) 3645 fi 3646 ] 3647) 3648 3649# Whether to enable BSD auth support 3650BSD_AUTH_MSG=no 3651AC_ARG_WITH(bsd-auth, 3652 [ --with-bsd-auth Enable BSD auth support], 3653 [ 3654 if test "x$withval" != "xno" ; then 3655 AC_DEFINE(BSD_AUTH, 1, 3656 [Define if you have BSD auth support]) 3657 BSD_AUTH_MSG=yes 3658 fi 3659 ] 3660) 3661 3662# Where to place sshd.pid 3663piddir=/var/run 3664# make sure the directory exists 3665if test ! -d $piddir ; then 3666 piddir=`eval echo ${sysconfdir}` 3667 case $piddir in 3668 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3669 esac 3670fi 3671 3672AC_ARG_WITH(pid-dir, 3673 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3674 [ 3675 if test -n "$withval" && test "x$withval" != "xno" && \ 3676 test "x${withval}" != "xyes"; then 3677 piddir=$withval 3678 if test ! -d $piddir ; then 3679 AC_MSG_WARN([** no $piddir directory on this system **]) 3680 fi 3681 fi 3682 ] 3683) 3684 3685AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 3686AC_SUBST(piddir) 3687 3688dnl allow user to disable some login recording features 3689AC_ARG_ENABLE(lastlog, 3690 [ --disable-lastlog disable use of lastlog even if detected [no]], 3691 [ 3692 if test "x$enableval" = "xno" ; then 3693 AC_DEFINE(DISABLE_LASTLOG) 3694 fi 3695 ] 3696) 3697AC_ARG_ENABLE(utmp, 3698 [ --disable-utmp disable use of utmp even if detected [no]], 3699 [ 3700 if test "x$enableval" = "xno" ; then 3701 AC_DEFINE(DISABLE_UTMP) 3702 fi 3703 ] 3704) 3705AC_ARG_ENABLE(utmpx, 3706 [ --disable-utmpx disable use of utmpx even if detected [no]], 3707 [ 3708 if test "x$enableval" = "xno" ; then 3709 AC_DEFINE(DISABLE_UTMPX, 1, 3710 [Define if you don't want to use utmpx]) 3711 fi 3712 ] 3713) 3714AC_ARG_ENABLE(wtmp, 3715 [ --disable-wtmp disable use of wtmp even if detected [no]], 3716 [ 3717 if test "x$enableval" = "xno" ; then 3718 AC_DEFINE(DISABLE_WTMP) 3719 fi 3720 ] 3721) 3722AC_ARG_ENABLE(wtmpx, 3723 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3724 [ 3725 if test "x$enableval" = "xno" ; then 3726 AC_DEFINE(DISABLE_WTMPX, 1, 3727 [Define if you don't want to use wtmpx]) 3728 fi 3729 ] 3730) 3731AC_ARG_ENABLE(libutil, 3732 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3733 [ 3734 if test "x$enableval" = "xno" ; then 3735 AC_DEFINE(DISABLE_LOGIN) 3736 fi 3737 ] 3738) 3739AC_ARG_ENABLE(pututline, 3740 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3741 [ 3742 if test "x$enableval" = "xno" ; then 3743 AC_DEFINE(DISABLE_PUTUTLINE, 1, 3744 [Define if you don't want to use pututline() 3745 etc. to write [uw]tmp]) 3746 fi 3747 ] 3748) 3749AC_ARG_ENABLE(pututxline, 3750 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3751 [ 3752 if test "x$enableval" = "xno" ; then 3753 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 3754 [Define if you don't want to use pututxline() 3755 etc. to write [uw]tmpx]) 3756 fi 3757 ] 3758) 3759AC_ARG_WITH(lastlog, 3760 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 3761 [ 3762 if test "x$withval" = "xno" ; then 3763 AC_DEFINE(DISABLE_LASTLOG) 3764 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3765 conf_lastlog_location=$withval 3766 fi 3767 ] 3768) 3769 3770dnl lastlog, [uw]tmpx? detection 3771dnl NOTE: set the paths in the platform section to avoid the 3772dnl need for command-line parameters 3773dnl lastlog and [uw]tmp are subject to a file search if all else fails 3774 3775dnl lastlog detection 3776dnl NOTE: the code itself will detect if lastlog is a directory 3777AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3778AC_TRY_COMPILE([ 3779#include <sys/types.h> 3780#include <utmp.h> 3781#ifdef HAVE_LASTLOG_H 3782# include <lastlog.h> 3783#endif 3784#ifdef HAVE_PATHS_H 3785# include <paths.h> 3786#endif 3787#ifdef HAVE_LOGIN_H 3788# include <login.h> 3789#endif 3790 ], 3791 [ char *lastlog = LASTLOG_FILE; ], 3792 [ AC_MSG_RESULT(yes) ], 3793 [ 3794 AC_MSG_RESULT(no) 3795 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3796 AC_TRY_COMPILE([ 3797#include <sys/types.h> 3798#include <utmp.h> 3799#ifdef HAVE_LASTLOG_H 3800# include <lastlog.h> 3801#endif 3802#ifdef HAVE_PATHS_H 3803# include <paths.h> 3804#endif 3805 ], 3806 [ char *lastlog = _PATH_LASTLOG; ], 3807 [ AC_MSG_RESULT(yes) ], 3808 [ 3809 AC_MSG_RESULT(no) 3810 system_lastlog_path=no 3811 ]) 3812 ] 3813) 3814 3815if test -z "$conf_lastlog_location"; then 3816 if test x"$system_lastlog_path" = x"no" ; then 3817 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3818 if (test -d "$f" || test -f "$f") ; then 3819 conf_lastlog_location=$f 3820 fi 3821 done 3822 if test -z "$conf_lastlog_location"; then 3823 AC_MSG_WARN([** Cannot find lastlog **]) 3824 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3825 fi 3826 fi 3827fi 3828 3829if test -n "$conf_lastlog_location"; then 3830 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 3831 [Define if you want to specify the path to your lastlog file]) 3832fi 3833 3834dnl utmp detection 3835AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3836AC_TRY_COMPILE([ 3837#include <sys/types.h> 3838#include <utmp.h> 3839#ifdef HAVE_PATHS_H 3840# include <paths.h> 3841#endif 3842 ], 3843 [ char *utmp = UTMP_FILE; ], 3844 [ AC_MSG_RESULT(yes) ], 3845 [ AC_MSG_RESULT(no) 3846 system_utmp_path=no ] 3847) 3848if test -z "$conf_utmp_location"; then 3849 if test x"$system_utmp_path" = x"no" ; then 3850 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3851 if test -f $f ; then 3852 conf_utmp_location=$f 3853 fi 3854 done 3855 if test -z "$conf_utmp_location"; then 3856 AC_DEFINE(DISABLE_UTMP) 3857 fi 3858 fi 3859fi 3860if test -n "$conf_utmp_location"; then 3861 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 3862 [Define if you want to specify the path to your utmp file]) 3863fi 3864 3865dnl wtmp detection 3866AC_MSG_CHECKING([if your system defines WTMP_FILE]) 3867AC_TRY_COMPILE([ 3868#include <sys/types.h> 3869#include <utmp.h> 3870#ifdef HAVE_PATHS_H 3871# include <paths.h> 3872#endif 3873 ], 3874 [ char *wtmp = WTMP_FILE; ], 3875 [ AC_MSG_RESULT(yes) ], 3876 [ AC_MSG_RESULT(no) 3877 system_wtmp_path=no ] 3878) 3879if test -z "$conf_wtmp_location"; then 3880 if test x"$system_wtmp_path" = x"no" ; then 3881 for f in /usr/adm/wtmp /var/log/wtmp; do 3882 if test -f $f ; then 3883 conf_wtmp_location=$f 3884 fi 3885 done 3886 if test -z "$conf_wtmp_location"; then 3887 AC_DEFINE(DISABLE_WTMP) 3888 fi 3889 fi 3890fi 3891if test -n "$conf_wtmp_location"; then 3892 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 3893 [Define if you want to specify the path to your wtmp file]) 3894fi 3895 3896 3897dnl utmpx detection - I don't know any system so perverse as to require 3898dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 3899dnl there, though. 3900AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 3901AC_TRY_COMPILE([ 3902#include <sys/types.h> 3903#include <utmp.h> 3904#ifdef HAVE_UTMPX_H 3905#include <utmpx.h> 3906#endif 3907#ifdef HAVE_PATHS_H 3908# include <paths.h> 3909#endif 3910 ], 3911 [ char *utmpx = UTMPX_FILE; ], 3912 [ AC_MSG_RESULT(yes) ], 3913 [ AC_MSG_RESULT(no) 3914 system_utmpx_path=no ] 3915) 3916if test -z "$conf_utmpx_location"; then 3917 if test x"$system_utmpx_path" = x"no" ; then 3918 AC_DEFINE(DISABLE_UTMPX) 3919 fi 3920else 3921 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", 3922 [Define if you want to specify the path to your utmpx file]) 3923fi 3924 3925dnl wtmpx detection 3926AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 3927AC_TRY_COMPILE([ 3928#include <sys/types.h> 3929#include <utmp.h> 3930#ifdef HAVE_UTMPX_H 3931#include <utmpx.h> 3932#endif 3933#ifdef HAVE_PATHS_H 3934# include <paths.h> 3935#endif 3936 ], 3937 [ char *wtmpx = WTMPX_FILE; ], 3938 [ AC_MSG_RESULT(yes) ], 3939 [ AC_MSG_RESULT(no) 3940 system_wtmpx_path=no ] 3941) 3942if test -z "$conf_wtmpx_location"; then 3943 if test x"$system_wtmpx_path" = x"no" ; then 3944 AC_DEFINE(DISABLE_WTMPX) 3945 fi 3946else 3947 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 3948 [Define if you want to specify the path to your wtmpx file]) 3949fi 3950 3951 3952if test ! -z "$blibpath" ; then 3953 LDFLAGS="$LDFLAGS $blibflags$blibpath" 3954 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 3955fi 3956 3957dnl Adding -Werror to CFLAGS early prevents configure tests from running. 3958dnl Add now. 3959CFLAGS="$CFLAGS $werror_flags" 3960 3961AC_EXEEXT 3962AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 3963 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 3964 scard/Makefile ssh_prng_cmds survey.sh]) 3965AC_OUTPUT 3966 3967# Print summary of options 3968 3969# Someone please show me a better way :) 3970A=`eval echo ${prefix}` ; A=`eval echo ${A}` 3971B=`eval echo ${bindir}` ; B=`eval echo ${B}` 3972C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 3973D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 3974E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 3975F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 3976G=`eval echo ${piddir}` ; G=`eval echo ${G}` 3977H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 3978I=`eval echo ${user_path}` ; I=`eval echo ${I}` 3979J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 3980 3981echo "" 3982echo "OpenSSH has been configured with the following options:" 3983echo " User binaries: $B" 3984echo " System binaries: $C" 3985echo " Configuration files: $D" 3986echo " Askpass program: $E" 3987echo " Manual pages: $F" 3988echo " PID file: $G" 3989echo " Privilege separation chroot path: $H" 3990if test "x$external_path_file" = "x/etc/login.conf" ; then 3991echo " At runtime, sshd will use the path defined in $external_path_file" 3992echo " Make sure the path to scp is present, otherwise scp will not work" 3993else 3994echo " sshd default user PATH: $I" 3995 if test ! -z "$external_path_file"; then 3996echo " (If PATH is set in $external_path_file it will be used instead. If" 3997echo " used, ensure the path to scp is present, otherwise scp will not work.)" 3998 fi 3999fi 4000if test ! -z "$superuser_path" ; then 4001echo " sshd superuser user PATH: $J" 4002fi 4003echo " Manpage format: $MANTYPE" 4004echo " PAM support: $PAM_MSG" 4005echo " OSF SIA support: $SIA_MSG" 4006echo " KerberosV support: $KRB5_MSG" 4007echo " SELinux support: $SELINUX_MSG" 4008echo " Smartcard support: $SCARD_MSG" 4009echo " S/KEY support: $SKEY_MSG" 4010echo " OPIE support: $OPIE_MSG" 4011echo " TCP Wrappers support: $TCPW_MSG" 4012echo " MD5 password support: $MD5_MSG" 4013echo " libedit support: $LIBEDIT_MSG" 4014echo " Solaris process contract support: $SPC_MSG" 4015echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4016echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4017echo " BSD Auth support: $BSD_AUTH_MSG" 4018echo " Random number source: $RAND_MSG" 4019if test ! -z "$USE_RAND_HELPER" ; then 4020echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 4021fi 4022 4023echo "" 4024 4025echo " Host: ${host}" 4026echo " Compiler: ${CC}" 4027echo " Compiler flags: ${CFLAGS}" 4028echo "Preprocessor flags: ${CPPFLAGS}" 4029echo " Linker flags: ${LDFLAGS}" 4030echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" 4031 4032echo "" 4033 4034if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4035 echo "SVR4 style packages are supported with \"make package\"" 4036 echo "" 4037fi 4038 4039if test "x$PAM_MSG" = "xyes" ; then 4040 echo "PAM is enabled. You may need to install a PAM control file " 4041 echo "for sshd, otherwise password authentication may fail. " 4042 echo "Example PAM control files can be found in the contrib/ " 4043 echo "subdirectory" 4044 echo "" 4045fi 4046 4047if test ! -z "$RAND_HELPER_CMDHASH" ; then 4048 echo "WARNING: you are using the builtin random number collection " 4049 echo "service. Please read WARNING.RNG and request that your OS " 4050 echo "vendor includes kernel-based random number collection in " 4051 echo "future versions of your OS." 4052 echo "" 4053fi 4054 4055if test ! -z "$NO_PEERCHECK" ; then 4056 echo "WARNING: the operating system that you are using does not " 4057 echo "appear to support either the getpeereid() API nor the " 4058 echo "SO_PEERCRED getsockopt() option. These facilities are used to " 4059 echo "enforce security checks to prevent unauthorised connections to " 4060 echo "ssh-agent. Their absence increases the risk that a malicious " 4061 echo "user can connect to your agent. " 4062 echo "" 4063fi 4064 4065if test "$AUDIT_MODULE" = "bsm" ; then 4066 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4067 echo "See the Solaris section in README.platform for details." 4068fi 4069