1# $Id: configure.ac,v 1.292 2005/08/31 16:59:49 tim Exp $ 2# $FreeBSD$ 3# 4# Copyright (c) 1999-2004 Damien Miller 5# 6# Permission to use, copy, modify, and distribute this software for any 7# purpose with or without fee is hereby granted, provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 18AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 19AC_CONFIG_SRCDIR([ssh.c]) 20 21AC_CONFIG_HEADER(config.h) 22AC_PROG_CC 23AC_CANONICAL_HOST 24AC_C_BIGENDIAN 25 26# Checks for programs. 27AC_PROG_AWK 28AC_PROG_CPP 29AC_PROG_RANLIB 30AC_PROG_INSTALL 31AC_PATH_PROG(AR, ar) 32AC_PATH_PROG(CAT, cat) 33AC_PATH_PROG(KILL, kill) 34AC_PATH_PROGS(PERL, perl5 perl) 35AC_PATH_PROG(SED, sed) 36AC_SUBST(PERL) 37AC_PATH_PROG(ENT, ent) 38AC_SUBST(ENT) 39AC_PATH_PROG(TEST_MINUS_S_SH, bash) 40AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 41AC_PATH_PROG(TEST_MINUS_S_SH, sh) 42AC_PATH_PROG(SH, sh) 43AC_SUBST(TEST_SHELL,sh) 44 45dnl for buildpkg.sh 46AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 47 [/usr/sbin${PATH_SEPARATOR}/etc]) 48AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 49 [/usr/sbin${PATH_SEPARATOR}/etc]) 50AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 51 52# System features 53AC_SYS_LARGEFILE 54 55if test -z "$AR" ; then 56 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 57fi 58 59# Use LOGIN_PROGRAM from environment if possible 60if test ! -z "$LOGIN_PROGRAM" ; then 61 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM") 62else 63 # Search for login 64 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 65 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 66 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 67 fi 68fi 69 70AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 71if test ! -z "$PATH_PASSWD_PROG" ; then 72 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG") 73fi 74 75if test -z "$LD" ; then 76 LD=$CC 77fi 78AC_SUBST(LD) 79 80AC_C_INLINE 81 82AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 83 84if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 85 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 86 GCC_VER=`$CC --version` 87 case $GCC_VER in 88 1.*) ;; 89 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;; 90 2.*) ;; 91 *) CFLAGS="$CFLAGS -Wsign-compare" ;; 92 esac 93 94 if test -z "$have_llong_max"; then 95 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 96 unset ac_cv_have_decl_LLONG_MAX 97 saved_CFLAGS="$CFLAGS" 98 CFLAGS="$CFLAGS -std=gnu99" 99 AC_CHECK_DECL(LLONG_MAX, 100 [have_llong_max=1], 101 [CFLAGS="$saved_CFLAGS"], 102 [#include <limits.h>] 103 ) 104 fi 105fi 106 107if test -z "$have_llong_max"; then 108 AC_MSG_CHECKING([for max value of long long]) 109 AC_RUN_IFELSE( 110 [AC_LANG_SOURCE([[ 111#include <stdio.h> 112/* Why is this so damn hard? */ 113#ifdef __GNUC__ 114# undef __GNUC__ 115#endif 116#define __USE_ISOC99 117#include <limits.h> 118#define DATA "conftest.llminmax" 119int main(void) { 120 FILE *f; 121 long long i, llmin, llmax = 0; 122 123 if((f = fopen(DATA,"w")) == NULL) 124 exit(1); 125 126#if defined(LLONG_MIN) && defined(LLONG_MAX) 127 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 128 llmin = LLONG_MIN; 129 llmax = LLONG_MAX; 130#else 131 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 132 /* This will work on one's complement and two's complement */ 133 for (i = 1; i > llmax; i <<= 1, i++) 134 llmax = i; 135 llmin = llmax + 1LL; /* wrap */ 136#endif 137 138 /* Sanity check */ 139 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 140 || llmax - 1 > llmax) { 141 fprintf(f, "unknown unknown\n"); 142 exit(2); 143 } 144 145 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0) 146 exit(3); 147 148 exit(0); 149} 150 ]])], 151 [ 152 llong_min=`$AWK '{print $1}' conftest.llminmax` 153 llong_max=`$AWK '{print $2}' conftest.llminmax` 154 AC_MSG_RESULT($llong_max) 155 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 156 [max value of long long calculated by configure]) 157 AC_MSG_CHECKING([for min value of long long]) 158 AC_MSG_RESULT($llong_min) 159 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 160 [min value of long long calculated by configure]) 161 ], 162 [ 163 AC_MSG_RESULT(not found) 164 ], 165 [ 166 AC_MSG_WARN([cross compiling: not checking]) 167 ] 168 ) 169fi 170 171AC_ARG_WITH(rpath, 172 [ --without-rpath Disable auto-added -R linker paths], 173 [ 174 if test "x$withval" = "xno" ; then 175 need_dash_r="" 176 fi 177 if test "x$withval" = "xyes" ; then 178 need_dash_r=1 179 fi 180 ] 181) 182 183# Check for some target-specific stuff 184case "$host" in 185*-*-aix*) 186 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 187 if (test -z "$blibpath"); then 188 blibpath="/usr/lib:/lib" 189 fi 190 saved_LDFLAGS="$LDFLAGS" 191 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do 192 if (test -z "$blibflags"); then 193 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 194 AC_TRY_LINK([], [], [blibflags=$tryflags]) 195 fi 196 done 197 if (test -z "$blibflags"); then 198 AC_MSG_RESULT(not found) 199 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 200 else 201 AC_MSG_RESULT($blibflags) 202 fi 203 LDFLAGS="$saved_LDFLAGS" 204 dnl Check for authenticate. Might be in libs.a on older AIXes 205 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)], 206 [AC_CHECK_LIB(s,authenticate, 207 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 208 LIBS="$LIBS -ls" 209 ]) 210 ]) 211 dnl Check for various auth function declarations in headers. 212 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 213 passwdexpired, setauthdb], , , [#include <usersec.h>]) 214 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 215 AC_CHECK_DECLS(loginfailed, 216 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 217 AC_TRY_COMPILE( 218 [#include <usersec.h>], 219 [(void)loginfailed("user","host","tty",0);], 220 [AC_MSG_RESULT(yes) 221 AC_DEFINE(AIX_LOGINFAILED_4ARG)], 222 [AC_MSG_RESULT(no)] 223 )], 224 [], 225 [#include <usersec.h>] 226 ) 227 AC_CHECK_FUNCS(setauthdb) 228 check_for_aix_broken_getaddrinfo=1 229 AC_DEFINE(BROKEN_REALPATH) 230 AC_DEFINE(SETEUID_BREAKS_SETUID) 231 AC_DEFINE(BROKEN_SETREUID) 232 AC_DEFINE(BROKEN_SETREGID) 233 dnl AIX handles lastlog as part of its login message 234 AC_DEFINE(DISABLE_LASTLOG) 235 AC_DEFINE(LOGIN_NEEDS_UTMPX) 236 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 237 ;; 238*-*-cygwin*) 239 check_for_libcrypt_later=1 240 LIBS="$LIBS /usr/lib/textmode.o" 241 AC_DEFINE(HAVE_CYGWIN) 242 AC_DEFINE(USE_PIPES) 243 AC_DEFINE(DISABLE_SHADOW) 244 AC_DEFINE(IP_TOS_IS_BROKEN) 245 AC_DEFINE(NO_X11_UNIX_SOCKETS) 246 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) 247 AC_DEFINE(DISABLE_FD_PASSING) 248 ;; 249*-*-dgux*) 250 AC_DEFINE(IP_TOS_IS_BROKEN) 251 AC_DEFINE(SETEUID_BREAKS_SETUID) 252 AC_DEFINE(BROKEN_SETREUID) 253 AC_DEFINE(BROKEN_SETREGID) 254 ;; 255*-*-darwin*) 256 AC_MSG_CHECKING(if we have working getaddrinfo) 257 AC_TRY_RUN([#include <mach-o/dyld.h> 258main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 259 exit(0); 260 else 261 exit(1); 262}], [AC_MSG_RESULT(working)], 263 [AC_MSG_RESULT(buggy) 264 AC_DEFINE(BROKEN_GETADDRINFO)], 265 [AC_MSG_RESULT(assume it is working)]) 266 AC_DEFINE(SETEUID_BREAKS_SETUID) 267 AC_DEFINE(BROKEN_SETREUID) 268 AC_DEFINE(BROKEN_SETREGID) 269 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1) 270 ;; 271*-*-hpux*) 272 # first we define all of the options common to all HP-UX releases 273 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 274 IPADDR_IN_DISPLAY=yes 275 AC_DEFINE(USE_PIPES) 276 AC_DEFINE(LOGIN_NO_ENDOPT) 277 AC_DEFINE(LOGIN_NEEDS_UTMPX) 278 AC_DEFINE(LOCKED_PASSWD_STRING, "*") 279 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 280 LIBS="$LIBS -lsec" 281 AC_CHECK_LIB(xnet, t_error, , 282 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 283 284 # next, we define all of the options specific to major releases 285 case "$host" in 286 *-*-hpux10*) 287 if test -z "$GCC"; then 288 CFLAGS="$CFLAGS -Ae" 289 fi 290 ;; 291 *-*-hpux11*) 292 AC_DEFINE(PAM_SUN_CODEBASE) 293 AC_DEFINE(DISABLE_UTMP) 294 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 295 check_for_hpux_broken_getaddrinfo=1 296 check_for_conflicting_getspnam=1 297 ;; 298 esac 299 300 # lastly, we define options specific to minor releases 301 case "$host" in 302 *-*-hpux10.26) 303 AC_DEFINE(HAVE_SECUREWARE) 304 disable_ptmx_check=yes 305 LIBS="$LIBS -lsecpw" 306 ;; 307 esac 308 ;; 309*-*-irix5*) 310 PATH="$PATH:/usr/etc" 311 AC_DEFINE(BROKEN_INET_NTOA) 312 AC_DEFINE(SETEUID_BREAKS_SETUID) 313 AC_DEFINE(BROKEN_SETREUID) 314 AC_DEFINE(BROKEN_SETREGID) 315 AC_DEFINE(WITH_ABBREV_NO_TTY) 316 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 317 ;; 318*-*-irix6*) 319 PATH="$PATH:/usr/etc" 320 AC_DEFINE(WITH_IRIX_ARRAY) 321 AC_DEFINE(WITH_IRIX_PROJECT) 322 AC_DEFINE(WITH_IRIX_AUDIT) 323 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) 324 AC_DEFINE(BROKEN_INET_NTOA) 325 AC_DEFINE(SETEUID_BREAKS_SETUID) 326 AC_DEFINE(BROKEN_SETREUID) 327 AC_DEFINE(BROKEN_SETREGID) 328 AC_DEFINE(BROKEN_UPDWTMPX) 329 AC_DEFINE(WITH_ABBREV_NO_TTY) 330 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 331 ;; 332*-*-linux*) 333 no_dev_ptmx=1 334 check_for_libcrypt_later=1 335 check_for_openpty_ctty_bug=1 336 AC_DEFINE(DONT_TRY_OTHER_AF) 337 AC_DEFINE(PAM_TTY_KLUDGE) 338 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") 339 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 340 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM) 341 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 342 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 343 inet6_default_4in6=yes 344 case `uname -r` in 345 1.*|2.0.*) 346 AC_DEFINE(BROKEN_CMSG_TYPE) 347 ;; 348 esac 349 ;; 350mips-sony-bsd|mips-sony-newsos4) 351 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty]) 352 SONY=1 353 ;; 354*-*-netbsd*) 355 check_for_libcrypt_before=1 356 if test "x$withval" != "xno" ; then 357 need_dash_r=1 358 fi 359 ;; 360*-*-freebsd*) 361 check_for_libcrypt_later=1 362 ;; 363*-*-bsdi*) 364 AC_DEFINE(SETEUID_BREAKS_SETUID) 365 AC_DEFINE(BROKEN_SETREUID) 366 AC_DEFINE(BROKEN_SETREGID) 367 ;; 368*-next-*) 369 conf_lastlog_location="/usr/adm/lastlog" 370 conf_utmp_location=/etc/utmp 371 conf_wtmp_location=/usr/adm/wtmp 372 MAIL=/usr/spool/mail 373 AC_DEFINE(HAVE_NEXT) 374 AC_DEFINE(BROKEN_REALPATH) 375 AC_DEFINE(USE_PIPES) 376 AC_DEFINE(BROKEN_SAVED_UIDS) 377 ;; 378*-*-openbsd*) 379 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 380 ;; 381*-*-solaris*) 382 if test "x$withval" != "xno" ; then 383 need_dash_r=1 384 fi 385 AC_DEFINE(PAM_SUN_CODEBASE) 386 AC_DEFINE(LOGIN_NEEDS_UTMPX) 387 AC_DEFINE(LOGIN_NEEDS_TERM) 388 AC_DEFINE(PAM_TTY_KLUDGE) 389 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID) 390 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 391 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 392 AC_DEFINE(SSHD_ACQUIRES_CTTY) 393 external_path_file=/etc/default/login 394 # hardwire lastlog location (can't detect it on some versions) 395 conf_lastlog_location="/var/adm/lastlog" 396 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 397 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 398 if test "$sol2ver" -ge 8; then 399 AC_MSG_RESULT(yes) 400 AC_DEFINE(DISABLE_UTMP) 401 AC_DEFINE(DISABLE_WTMP) 402 else 403 AC_MSG_RESULT(no) 404 fi 405 ;; 406*-*-sunos4*) 407 CPPFLAGS="$CPPFLAGS -DSUNOS4" 408 AC_CHECK_FUNCS(getpwanam) 409 AC_DEFINE(PAM_SUN_CODEBASE) 410 conf_utmp_location=/etc/utmp 411 conf_wtmp_location=/var/adm/wtmp 412 conf_lastlog_location=/var/adm/lastlog 413 AC_DEFINE(USE_PIPES) 414 ;; 415*-ncr-sysv*) 416 LIBS="$LIBS -lc89" 417 AC_DEFINE(USE_PIPES) 418 AC_DEFINE(SSHD_ACQUIRES_CTTY) 419 AC_DEFINE(SETEUID_BREAKS_SETUID) 420 AC_DEFINE(BROKEN_SETREUID) 421 AC_DEFINE(BROKEN_SETREGID) 422 ;; 423*-sni-sysv*) 424 # /usr/ucblib MUST NOT be searched on ReliantUNIX 425 AC_CHECK_LIB(dl, dlsym, ,) 426 # -lresolv needs to be at then end of LIBS or DNS lookups break 427 AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ]) 428 IPADDR_IN_DISPLAY=yes 429 AC_DEFINE(USE_PIPES) 430 AC_DEFINE(IP_TOS_IS_BROKEN) 431 AC_DEFINE(SETEUID_BREAKS_SETUID) 432 AC_DEFINE(BROKEN_SETREUID) 433 AC_DEFINE(BROKEN_SETREGID) 434 AC_DEFINE(SSHD_ACQUIRES_CTTY) 435 external_path_file=/etc/default/login 436 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 437 # Attention: always take care to bind libsocket and libnsl before libc, 438 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 439 ;; 440# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 441*-*-sysv4.2*) 442 AC_DEFINE(USE_PIPES) 443 AC_DEFINE(SETEUID_BREAKS_SETUID) 444 AC_DEFINE(BROKEN_SETREUID) 445 AC_DEFINE(BROKEN_SETREGID) 446 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 447 ;; 448# UnixWare 7.x, OpenUNIX 8 449*-*-sysv5*) 450 check_for_libcrypt_later=1 451 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 452 AC_DEFINE(USE_PIPES) 453 AC_DEFINE(SETEUID_BREAKS_SETUID) 454 AC_DEFINE(BROKEN_SETREUID) 455 AC_DEFINE(BROKEN_SETREGID) 456 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 457 case "$host" in 458 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 459 TEST_SHELL=/u95/bin/sh 460 AC_DEFINE(BROKEN_LIBIAF, 1, [ia_uinfo routines not supported by OS yet]) 461 ;; 462 esac 463 ;; 464*-*-sysv*) 465 ;; 466# SCO UNIX and OEM versions of SCO UNIX 467*-*-sco3.2v4*) 468 AC_MSG_ERROR("This Platform is no longer supported.") 469 ;; 470# SCO OpenServer 5.x 471*-*-sco3.2v5*) 472 if test -z "$GCC"; then 473 CFLAGS="$CFLAGS -belf" 474 fi 475 LIBS="$LIBS -lprot -lx -ltinfo -lm" 476 no_dev_ptmx=1 477 AC_DEFINE(USE_PIPES) 478 AC_DEFINE(HAVE_SECUREWARE) 479 AC_DEFINE(DISABLE_SHADOW) 480 AC_DEFINE(DISABLE_FD_PASSING) 481 AC_DEFINE(SETEUID_BREAKS_SETUID) 482 AC_DEFINE(BROKEN_SETREUID) 483 AC_DEFINE(BROKEN_SETREGID) 484 AC_DEFINE(WITH_ABBREV_NO_TTY) 485 AC_DEFINE(BROKEN_UPDWTMPX) 486 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 487 AC_CHECK_FUNCS(getluid setluid) 488 MANTYPE=man 489 TEST_SHELL=ksh 490 ;; 491*-*-unicosmk*) 492 AC_DEFINE(NO_SSH_LASTLOG) 493 AC_DEFINE(SETEUID_BREAKS_SETUID) 494 AC_DEFINE(BROKEN_SETREUID) 495 AC_DEFINE(BROKEN_SETREGID) 496 AC_DEFINE(USE_PIPES) 497 AC_DEFINE(DISABLE_FD_PASSING) 498 LDFLAGS="$LDFLAGS" 499 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 500 MANTYPE=cat 501 ;; 502*-*-unicosmp*) 503 AC_DEFINE(SETEUID_BREAKS_SETUID) 504 AC_DEFINE(BROKEN_SETREUID) 505 AC_DEFINE(BROKEN_SETREGID) 506 AC_DEFINE(WITH_ABBREV_NO_TTY) 507 AC_DEFINE(USE_PIPES) 508 AC_DEFINE(DISABLE_FD_PASSING) 509 LDFLAGS="$LDFLAGS" 510 LIBS="$LIBS -lgen -lacid -ldb" 511 MANTYPE=cat 512 ;; 513*-*-unicos*) 514 AC_DEFINE(SETEUID_BREAKS_SETUID) 515 AC_DEFINE(BROKEN_SETREUID) 516 AC_DEFINE(BROKEN_SETREGID) 517 AC_DEFINE(USE_PIPES) 518 AC_DEFINE(DISABLE_FD_PASSING) 519 AC_DEFINE(NO_SSH_LASTLOG) 520 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 521 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 522 MANTYPE=cat 523 ;; 524*-dec-osf*) 525 AC_MSG_CHECKING(for Digital Unix SIA) 526 no_osfsia="" 527 AC_ARG_WITH(osfsia, 528 [ --with-osfsia Enable Digital Unix SIA], 529 [ 530 if test "x$withval" = "xno" ; then 531 AC_MSG_RESULT(disabled) 532 no_osfsia=1 533 fi 534 ], 535 ) 536 if test -z "$no_osfsia" ; then 537 if test -f /etc/sia/matrix.conf; then 538 AC_MSG_RESULT(yes) 539 AC_DEFINE(HAVE_OSF_SIA) 540 AC_DEFINE(DISABLE_LOGIN) 541 AC_DEFINE(DISABLE_FD_PASSING) 542 LIBS="$LIBS -lsecurity -ldb -lm -laud" 543 else 544 AC_MSG_RESULT(no) 545 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin") 546 fi 547 fi 548 AC_DEFINE(BROKEN_GETADDRINFO) 549 AC_DEFINE(SETEUID_BREAKS_SETUID) 550 AC_DEFINE(BROKEN_SETREUID) 551 AC_DEFINE(BROKEN_SETREGID) 552 ;; 553 554*-*-nto-qnx) 555 AC_DEFINE(USE_PIPES) 556 AC_DEFINE(NO_X11_UNIX_SOCKETS) 557 AC_DEFINE(MISSING_NFDBITS) 558 AC_DEFINE(MISSING_HOWMANY) 559 AC_DEFINE(MISSING_FD_MASK) 560 ;; 561 562*-*-ultrix*) 563 AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1]) 564 AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files]) 565 AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty]) 566 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 567 ;; 568 569*-*-lynxos) 570 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 571 AC_DEFINE(MISSING_HOWMANY) 572 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 573 ;; 574esac 575 576# Allow user to specify flags 577AC_ARG_WITH(cflags, 578 [ --with-cflags Specify additional flags to pass to compiler], 579 [ 580 if test -n "$withval" && test "x$withval" != "xno" && \ 581 test "x${withval}" != "xyes"; then 582 CFLAGS="$CFLAGS $withval" 583 fi 584 ] 585) 586AC_ARG_WITH(cppflags, 587 [ --with-cppflags Specify additional flags to pass to preprocessor] , 588 [ 589 if test -n "$withval" && test "x$withval" != "xno" && \ 590 test "x${withval}" != "xyes"; then 591 CPPFLAGS="$CPPFLAGS $withval" 592 fi 593 ] 594) 595AC_ARG_WITH(ldflags, 596 [ --with-ldflags Specify additional flags to pass to linker], 597 [ 598 if test -n "$withval" && test "x$withval" != "xno" && \ 599 test "x${withval}" != "xyes"; then 600 LDFLAGS="$LDFLAGS $withval" 601 fi 602 ] 603) 604AC_ARG_WITH(libs, 605 [ --with-libs Specify additional libraries to link with], 606 [ 607 if test -n "$withval" && test "x$withval" != "xno" && \ 608 test "x${withval}" != "xyes"; then 609 LIBS="$LIBS $withval" 610 fi 611 ] 612) 613AC_ARG_WITH(Werror, 614 [ --with-Werror Build main code with -Werror], 615 [ 616 if test -n "$withval" && test "x$withval" != "xno"; then 617 werror_flags="-Werror" 618 if "x${withval}" != "xyes"; then 619 werror_flags="$withval" 620 fi 621 fi 622 ] 623) 624 625AC_MSG_CHECKING(compiler and flags for sanity) 626AC_RUN_IFELSE( 627 [AC_LANG_SOURCE([ 628#include <stdio.h> 629int main(){exit(0);} 630 ])], 631 [ AC_MSG_RESULT(yes) ], 632 [ 633 AC_MSG_RESULT(no) 634 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 635 ], 636 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 637) 638 639dnl Checks for header files. 640AC_CHECK_HEADERS( \ 641 bstring.h \ 642 crypt.h \ 643 dirent.h \ 644 endian.h \ 645 features.h \ 646 floatingpoint.h \ 647 getopt.h \ 648 glob.h \ 649 ia.h \ 650 iaf.h \ 651 lastlog.h \ 652 limits.h \ 653 login.h \ 654 login_cap.h \ 655 maillock.h \ 656 ndir.h \ 657 netdb.h \ 658 netgroup.h \ 659 netinet/in_systm.h \ 660 pam/pam_appl.h \ 661 paths.h \ 662 pty.h \ 663 readpassphrase.h \ 664 rpc/types.h \ 665 security/pam_appl.h \ 666 shadow.h \ 667 stddef.h \ 668 stdint.h \ 669 string.h \ 670 strings.h \ 671 sys/audit.h \ 672 sys/bitypes.h \ 673 sys/bsdtty.h \ 674 sys/cdefs.h \ 675 sys/dir.h \ 676 sys/mman.h \ 677 sys/ndir.h \ 678 sys/prctl.h \ 679 sys/pstat.h \ 680 sys/select.h \ 681 sys/stat.h \ 682 sys/stream.h \ 683 sys/stropts.h \ 684 sys/strtio.h \ 685 sys/sysmacros.h \ 686 sys/time.h \ 687 sys/timers.h \ 688 sys/un.h \ 689 time.h \ 690 tmpdir.h \ 691 ttyent.h \ 692 unistd.h \ 693 usersec.h \ 694 util.h \ 695 utime.h \ 696 utmp.h \ 697 utmpx.h \ 698 vis.h \ 699) 700 701# sys/ptms.h requires sys/stream.h to be included first on Solaris 702AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 703#ifdef HAVE_SYS_STREAM_H 704# include <sys/stream.h> 705#endif 706]) 707 708# Checks for libraries. 709AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 710AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 711 712dnl IRIX and Solaris 2.5.1 have dirname() in libgen 713AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 714 AC_CHECK_LIB(gen, dirname,[ 715 AC_CACHE_CHECK([for broken dirname], 716 ac_cv_have_broken_dirname, [ 717 save_LIBS="$LIBS" 718 LIBS="$LIBS -lgen" 719 AC_TRY_RUN( 720 [ 721#include <libgen.h> 722#include <string.h> 723 724int main(int argc, char **argv) { 725 char *s, buf[32]; 726 727 strncpy(buf,"/etc", 32); 728 s = dirname(buf); 729 if (!s || strncmp(s, "/", 32) != 0) { 730 exit(1); 731 } else { 732 exit(0); 733 } 734} 735 ], 736 [ ac_cv_have_broken_dirname="no" ], 737 [ ac_cv_have_broken_dirname="yes" ] 738 ) 739 LIBS="$save_LIBS" 740 ]) 741 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 742 LIBS="$LIBS -lgen" 743 AC_DEFINE(HAVE_DIRNAME) 744 AC_CHECK_HEADERS(libgen.h) 745 fi 746 ]) 747]) 748 749AC_CHECK_FUNC(getspnam, , 750 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 751AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME)) 752 753dnl zlib is required 754AC_ARG_WITH(zlib, 755 [ --with-zlib=PATH Use zlib in PATH], 756 [ if test "x$withval" = "xno" ; then 757 AC_MSG_ERROR([*** zlib is required ***]) 758 elif test "x$withval" != "xyes"; then 759 if test -d "$withval/lib"; then 760 if test -n "${need_dash_r}"; then 761 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 762 else 763 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 764 fi 765 else 766 if test -n "${need_dash_r}"; then 767 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 768 else 769 LDFLAGS="-L${withval} ${LDFLAGS}" 770 fi 771 fi 772 if test -d "$withval/include"; then 773 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 774 else 775 CPPFLAGS="-I${withval} ${CPPFLAGS}" 776 fi 777 fi ] 778) 779 780AC_CHECK_LIB(z, deflate, , 781 [ 782 saved_CPPFLAGS="$CPPFLAGS" 783 saved_LDFLAGS="$LDFLAGS" 784 save_LIBS="$LIBS" 785 dnl Check default zlib install dir 786 if test -n "${need_dash_r}"; then 787 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 788 else 789 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 790 fi 791 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 792 LIBS="$LIBS -lz" 793 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 794 [ 795 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 796 ] 797 ) 798 ] 799) 800AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 801 802AC_ARG_WITH(zlib-version-check, 803 [ --without-zlib-version-check Disable zlib version check], 804 [ if test "x$withval" = "xno" ; then 805 zlib_check_nonfatal=1 806 fi 807 ] 808) 809 810AC_MSG_CHECKING(for possibly buggy zlib) 811AC_RUN_IFELSE([AC_LANG_SOURCE([[ 812#include <stdio.h> 813#include <zlib.h> 814int main() 815{ 816 int a=0, b=0, c=0, d=0, n, v; 817 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 818 if (n != 3 && n != 4) 819 exit(1); 820 v = a*1000000 + b*10000 + c*100 + d; 821 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 822 823 /* 1.1.4 is OK */ 824 if (a == 1 && b == 1 && c >= 4) 825 exit(0); 826 827 /* 1.2.3 and up are OK */ 828 if (v >= 1020300) 829 exit(0); 830 831 exit(2); 832} 833 ]])], 834 AC_MSG_RESULT(no), 835 [ AC_MSG_RESULT(yes) 836 if test -z "$zlib_check_nonfatal" ; then 837 AC_MSG_ERROR([*** zlib too old - check config.log *** 838Your reported zlib version has known security problems. It's possible your 839vendor has fixed these problems without changing the version number. If you 840are sure this is the case, you can disable the check by running 841"./configure --without-zlib-version-check". 842If you are in doubt, upgrade zlib to version 1.2.3 or greater. 843See http://www.gzip.org/zlib/ for details.]) 844 else 845 AC_MSG_WARN([zlib version may have security problems]) 846 fi 847 ], 848 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 849) 850 851dnl UnixWare 2.x 852AC_CHECK_FUNC(strcasecmp, 853 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 854) 855AC_CHECK_FUNC(utimes, 856 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 857 LIBS="$LIBS -lc89"]) ] 858) 859 860dnl Checks for libutil functions 861AC_CHECK_HEADERS(libutil.h) 862AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)]) 863AC_CHECK_FUNCS(logout updwtmp logwtmp) 864 865AC_FUNC_STRFTIME 866 867# Check for ALTDIRFUNC glob() extension 868AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 869AC_EGREP_CPP(FOUNDIT, 870 [ 871 #include <glob.h> 872 #ifdef GLOB_ALTDIRFUNC 873 FOUNDIT 874 #endif 875 ], 876 [ 877 AC_DEFINE(GLOB_HAS_ALTDIRFUNC) 878 AC_MSG_RESULT(yes) 879 ], 880 [ 881 AC_MSG_RESULT(no) 882 ] 883) 884 885# Check for g.gl_matchc glob() extension 886AC_MSG_CHECKING(for gl_matchc field in glob_t) 887AC_EGREP_CPP(FOUNDIT, 888 [ 889 #include <glob.h> 890 int main(void){glob_t g; g.gl_matchc = 1;} 891 ], 892 [ 893 AC_DEFINE(GLOB_HAS_GL_MATCHC) 894 AC_MSG_RESULT(yes) 895 ], 896 [ 897 AC_MSG_RESULT(no) 898 ] 899) 900 901AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 902AC_RUN_IFELSE( 903 [AC_LANG_SOURCE([[ 904#include <sys/types.h> 905#include <dirent.h> 906int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 907 ]])], 908 [AC_MSG_RESULT(yes)], 909 [ 910 AC_MSG_RESULT(no) 911 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 912 ], 913 [ 914 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 915 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 916 ] 917) 918 919AC_MSG_CHECKING([for /proc/pid/fd directory]) 920if test -d "/proc/$$/fd" ; then 921 AC_DEFINE(HAVE_PROC_PID) 922 AC_MSG_RESULT(yes) 923else 924 AC_MSG_RESULT(no) 925fi 926 927# Check whether user wants S/Key support 928SKEY_MSG="no" 929AC_ARG_WITH(skey, 930 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 931 [ 932 if test "x$withval" != "xno" ; then 933 934 if test "x$withval" != "xyes" ; then 935 CPPFLAGS="$CPPFLAGS -I${withval}/include" 936 LDFLAGS="$LDFLAGS -L${withval}/lib" 937 fi 938 939 AC_DEFINE(SKEY) 940 LIBS="-lskey $LIBS" 941 SKEY_MSG="yes" 942 943 AC_MSG_CHECKING([for s/key support]) 944 AC_TRY_RUN( 945 [ 946#include <stdio.h> 947#include <skey.h> 948int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 949 ], 950 [AC_MSG_RESULT(yes)], 951 [ 952 AC_MSG_RESULT(no) 953 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 954 ]) 955 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 956 AC_TRY_COMPILE( 957 [#include <stdio.h> 958 #include <skey.h>], 959 [(void)skeychallenge(NULL,"name","",0);], 960 [AC_MSG_RESULT(yes) 961 AC_DEFINE(SKEYCHALLENGE_4ARG)], 962 [AC_MSG_RESULT(no)] 963 ) 964 fi 965 ] 966) 967 968# Check whether user wants OPIE support 969OPIE_MSG="no" 970AC_ARG_WITH(opie, 971 [ --with-opie[[=PATH]] Enable OPIE support 972 (optionally in PATH)], 973 [ 974 if test "x$withval" != "xno" ; then 975 976 if test "x$withval" != "xyes" ; then 977 CPPFLAGS="$CPPFLAGS -I${withval}/include" 978 LDFLAGS="$LDFLAGS -L${withval}/lib" 979 fi 980 981 AC_DEFINE(SKEY) 982 AC_DEFINE(OPIE) 983 LIBS="-lopie $LIBS" 984 OPIE_MSG="yes" 985 986 AC_MSG_CHECKING([for opie support]) 987 AC_TRY_RUN( 988 [ 989#include <sys/types.h> 990#include <stdio.h> 991#include <opie.h> 992int main() { char *ff = opie_keyinfo(""); ff=""; return 0; } 993 ], 994 [AC_MSG_RESULT(yes)], 995 [ 996 AC_MSG_RESULT(no) 997 AC_MSG_ERROR([** Incomplete or missing opie libraries.]) 998 ]) 999 fi 1000 ] 1001) 1002 1003# Check whether user wants TCP wrappers support 1004TCPW_MSG="no" 1005AC_ARG_WITH(tcp-wrappers, 1006 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1007 [ 1008 if test "x$withval" != "xno" ; then 1009 saved_LIBS="$LIBS" 1010 saved_LDFLAGS="$LDFLAGS" 1011 saved_CPPFLAGS="$CPPFLAGS" 1012 if test -n "${withval}" && \ 1013 test "x${withval}" != "xyes"; then 1014 if test -d "${withval}/lib"; then 1015 if test -n "${need_dash_r}"; then 1016 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1017 else 1018 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1019 fi 1020 else 1021 if test -n "${need_dash_r}"; then 1022 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1023 else 1024 LDFLAGS="-L${withval} ${LDFLAGS}" 1025 fi 1026 fi 1027 if test -d "${withval}/include"; then 1028 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1029 else 1030 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1031 fi 1032 fi 1033 LIBWRAP="-lwrap" 1034 LIBS="$LIBWRAP $LIBS" 1035 AC_MSG_CHECKING(for libwrap) 1036 AC_TRY_LINK( 1037 [ 1038#include <sys/types.h> 1039#include <sys/socket.h> 1040#include <netinet/in.h> 1041#include <tcpd.h> 1042 int deny_severity = 0, allow_severity = 0; 1043 ], 1044 [hosts_access(0);], 1045 [ 1046 AC_MSG_RESULT(yes) 1047 AC_DEFINE(LIBWRAP) 1048 AC_SUBST(LIBWRAP) 1049 TCPW_MSG="yes" 1050 ], 1051 [ 1052 AC_MSG_ERROR([*** libwrap missing]) 1053 ] 1054 ) 1055 LIBS="$saved_LIBS" 1056 fi 1057 ] 1058) 1059 1060# Check whether user wants libedit support 1061LIBEDIT_MSG="no" 1062AC_ARG_WITH(libedit, 1063 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1064 [ if test "x$withval" != "xno" ; then 1065 if test "x$withval" != "xyes"; then 1066 CPPFLAGS="$CPPFLAGS -I$withval/include" 1067 LDFLAGS="$LDFLAGS -L$withval/lib" 1068 fi 1069 AC_CHECK_LIB(edit, el_init, 1070 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp]) 1071 LIBEDIT="-ledit -lcurses" 1072 LIBEDIT_MSG="yes" 1073 AC_SUBST(LIBEDIT) 1074 ], 1075 [ AC_MSG_ERROR(libedit not found) ], 1076 [ -lcurses ] 1077 ) 1078 AC_MSG_CHECKING(if libedit version is compatible) 1079 AC_COMPILE_IFELSE( 1080 [AC_LANG_SOURCE([[ 1081#include <histedit.h> 1082int main(void) 1083{ 1084 int i = H_SETSIZE; 1085 el_init("", NULL, NULL, NULL); 1086 exit(0); 1087} 1088 ]])], 1089 [ AC_MSG_RESULT(yes) ], 1090 [ AC_MSG_RESULT(no) 1091 AC_MSG_ERROR(libedit version is not compatible) ] 1092 ) 1093 fi ] 1094) 1095 1096AUDIT_MODULE=none 1097AC_ARG_WITH(audit, 1098 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1099 [ 1100 AC_MSG_CHECKING(for supported audit module) 1101 case "$withval" in 1102 bsm) 1103 AC_MSG_RESULT(bsm) 1104 AUDIT_MODULE=bsm 1105 dnl Checks for headers, libs and functions 1106 AC_CHECK_HEADERS(bsm/audit.h, [], 1107 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)]) 1108 AC_CHECK_LIB(bsm, getaudit, [], 1109 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1110 AC_CHECK_FUNCS(getaudit, [], 1111 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1112 # These are optional 1113 AC_CHECK_FUNCS(getaudit_addr) 1114 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module]) 1115 ;; 1116 debug) 1117 AUDIT_MODULE=debug 1118 AC_MSG_RESULT(debug) 1119 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module) 1120 ;; 1121 no) 1122 AC_MSG_RESULT(no) 1123 ;; 1124 *) 1125 AC_MSG_ERROR([Unknown audit module $withval]) 1126 ;; 1127 esac ] 1128) 1129 1130dnl Checks for library functions. Please keep in alphabetical order 1131AC_CHECK_FUNCS( \ 1132 arc4random \ 1133 b64_ntop \ 1134 __b64_ntop \ 1135 b64_pton \ 1136 __b64_pton \ 1137 bcopy \ 1138 bindresvport_sa \ 1139 clock \ 1140 closefrom \ 1141 dirfd \ 1142 fchmod \ 1143 fchown \ 1144 freeaddrinfo \ 1145 futimes \ 1146 getaddrinfo \ 1147 getcwd \ 1148 getgrouplist \ 1149 getnameinfo \ 1150 getopt \ 1151 getpeereid \ 1152 _getpty \ 1153 getrlimit \ 1154 getttyent \ 1155 glob \ 1156 inet_aton \ 1157 inet_ntoa \ 1158 inet_ntop \ 1159 innetgr \ 1160 login_getcapbool \ 1161 md5_crypt \ 1162 memmove \ 1163 mkdtemp \ 1164 mmap \ 1165 ngetaddrinfo \ 1166 nsleep \ 1167 ogetaddrinfo \ 1168 openlog_r \ 1169 openpty \ 1170 prctl \ 1171 pstat \ 1172 readpassphrase \ 1173 realpath \ 1174 recvmsg \ 1175 rresvport_af \ 1176 sendmsg \ 1177 setdtablesize \ 1178 setegid \ 1179 setenv \ 1180 seteuid \ 1181 setgroups \ 1182 setlogin \ 1183 setpcred \ 1184 setproctitle \ 1185 setregid \ 1186 setreuid \ 1187 setrlimit \ 1188 setsid \ 1189 setvbuf \ 1190 sigaction \ 1191 sigvec \ 1192 snprintf \ 1193 socketpair \ 1194 strdup \ 1195 strerror \ 1196 strlcat \ 1197 strlcpy \ 1198 strmode \ 1199 strnvis \ 1200 strtonum \ 1201 strtoll \ 1202 strtoul \ 1203 sysconf \ 1204 tcgetpgrp \ 1205 truncate \ 1206 unsetenv \ 1207 updwtmpx \ 1208 utimes \ 1209 vhangup \ 1210 vsnprintf \ 1211 waitpid \ 1212) 1213 1214# IRIX has a const char return value for gai_strerror() 1215AC_CHECK_FUNCS(gai_strerror,[ 1216 AC_DEFINE(HAVE_GAI_STRERROR) 1217 AC_TRY_COMPILE([ 1218#include <sys/types.h> 1219#include <sys/socket.h> 1220#include <netdb.h> 1221 1222const char *gai_strerror(int);],[ 1223char *str; 1224 1225str = gai_strerror(0);],[ 1226 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1227 [Define if gai_strerror() returns const char *])])]) 1228 1229AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) 1230 1231dnl Make sure prototypes are defined for these before using them. 1232AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1233AC_CHECK_DECL(strsep, 1234 [AC_CHECK_FUNCS(strsep)], 1235 [], 1236 [ 1237#ifdef HAVE_STRING_H 1238# include <string.h> 1239#endif 1240 ]) 1241 1242dnl tcsendbreak might be a macro 1243AC_CHECK_DECL(tcsendbreak, 1244 [AC_DEFINE(HAVE_TCSENDBREAK)], 1245 [AC_CHECK_FUNCS(tcsendbreak)], 1246 [#include <termios.h>] 1247) 1248 1249AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1250 1251AC_CHECK_FUNCS(setresuid, [ 1252 dnl Some platorms have setresuid that isn't implemented, test for this 1253 AC_MSG_CHECKING(if setresuid seems to work) 1254 AC_RUN_IFELSE( 1255 [AC_LANG_SOURCE([[ 1256#include <stdlib.h> 1257#include <errno.h> 1258int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1259 ]])], 1260 [AC_MSG_RESULT(yes)], 1261 [AC_DEFINE(BROKEN_SETRESUID) 1262 AC_MSG_RESULT(not implemented)], 1263 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1264 ) 1265]) 1266 1267AC_CHECK_FUNCS(setresgid, [ 1268 dnl Some platorms have setresgid that isn't implemented, test for this 1269 AC_MSG_CHECKING(if setresgid seems to work) 1270 AC_RUN_IFELSE( 1271 [AC_LANG_SOURCE([[ 1272#include <stdlib.h> 1273#include <errno.h> 1274int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1275 ]])], 1276 [AC_MSG_RESULT(yes)], 1277 [AC_DEFINE(BROKEN_SETRESGID) 1278 AC_MSG_RESULT(not implemented)], 1279 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1280 ) 1281]) 1282 1283dnl Checks for time functions 1284AC_CHECK_FUNCS(gettimeofday time) 1285dnl Checks for utmp functions 1286AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1287AC_CHECK_FUNCS(utmpname) 1288dnl Checks for utmpx functions 1289AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1290AC_CHECK_FUNCS(setutxent utmpxname) 1291 1292AC_CHECK_FUNC(daemon, 1293 [AC_DEFINE(HAVE_DAEMON)], 1294 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1295) 1296 1297AC_CHECK_FUNC(getpagesize, 1298 [AC_DEFINE(HAVE_GETPAGESIZE)], 1299 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1300) 1301 1302# Check for broken snprintf 1303if test "x$ac_cv_func_snprintf" = "xyes" ; then 1304 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1305 AC_RUN_IFELSE( 1306 [AC_LANG_SOURCE([[ 1307#include <stdio.h> 1308int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1309 ]])], 1310 [AC_MSG_RESULT(yes)], 1311 [ 1312 AC_MSG_RESULT(no) 1313 AC_DEFINE(BROKEN_SNPRINTF) 1314 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1315 ], 1316 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1317 ) 1318fi 1319 1320# Check for missing getpeereid (or equiv) support 1321NO_PEERCHECK="" 1322if test "x$ac_cv_func_getpeereid" != "xyes" ; then 1323 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1324 AC_TRY_COMPILE( 1325 [#include <sys/types.h> 1326 #include <sys/socket.h>], 1327 [int i = SO_PEERCRED;], 1328 [ AC_MSG_RESULT(yes) 1329 AC_DEFINE(HAVE_SO_PEERCRED, [], [Have PEERCRED socket option]) 1330 ], 1331 [AC_MSG_RESULT(no) 1332 NO_PEERCHECK=1] 1333 ) 1334fi 1335 1336dnl see whether mkstemp() requires XXXXXX 1337if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1338AC_MSG_CHECKING([for (overly) strict mkstemp]) 1339AC_TRY_RUN( 1340 [ 1341#include <stdlib.h> 1342main() { char template[]="conftest.mkstemp-test"; 1343if (mkstemp(template) == -1) 1344 exit(1); 1345unlink(template); exit(0); 1346} 1347 ], 1348 [ 1349 AC_MSG_RESULT(no) 1350 ], 1351 [ 1352 AC_MSG_RESULT(yes) 1353 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1354 ], 1355 [ 1356 AC_MSG_RESULT(yes) 1357 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1358 ] 1359) 1360fi 1361 1362dnl make sure that openpty does not reacquire controlling terminal 1363if test ! -z "$check_for_openpty_ctty_bug"; then 1364 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1365 AC_TRY_RUN( 1366 [ 1367#include <stdio.h> 1368#include <sys/fcntl.h> 1369#include <sys/types.h> 1370#include <sys/wait.h> 1371 1372int 1373main() 1374{ 1375 pid_t pid; 1376 int fd, ptyfd, ttyfd, status; 1377 1378 pid = fork(); 1379 if (pid < 0) { /* failed */ 1380 exit(1); 1381 } else if (pid > 0) { /* parent */ 1382 waitpid(pid, &status, 0); 1383 if (WIFEXITED(status)) 1384 exit(WEXITSTATUS(status)); 1385 else 1386 exit(2); 1387 } else { /* child */ 1388 close(0); close(1); close(2); 1389 setsid(); 1390 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1391 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1392 if (fd >= 0) 1393 exit(3); /* Acquired ctty: broken */ 1394 else 1395 exit(0); /* Did not acquire ctty: OK */ 1396 } 1397} 1398 ], 1399 [ 1400 AC_MSG_RESULT(yes) 1401 ], 1402 [ 1403 AC_MSG_RESULT(no) 1404 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1405 ] 1406 ) 1407fi 1408 1409if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1410 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1411 AC_MSG_CHECKING(if getaddrinfo seems to work) 1412 AC_TRY_RUN( 1413 [ 1414#include <stdio.h> 1415#include <sys/socket.h> 1416#include <netdb.h> 1417#include <errno.h> 1418#include <netinet/in.h> 1419 1420#define TEST_PORT "2222" 1421 1422int 1423main(void) 1424{ 1425 int err, sock; 1426 struct addrinfo *gai_ai, *ai, hints; 1427 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1428 1429 memset(&hints, 0, sizeof(hints)); 1430 hints.ai_family = PF_UNSPEC; 1431 hints.ai_socktype = SOCK_STREAM; 1432 hints.ai_flags = AI_PASSIVE; 1433 1434 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1435 if (err != 0) { 1436 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1437 exit(1); 1438 } 1439 1440 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1441 if (ai->ai_family != AF_INET6) 1442 continue; 1443 1444 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1445 sizeof(ntop), strport, sizeof(strport), 1446 NI_NUMERICHOST|NI_NUMERICSERV); 1447 1448 if (err != 0) { 1449 if (err == EAI_SYSTEM) 1450 perror("getnameinfo EAI_SYSTEM"); 1451 else 1452 fprintf(stderr, "getnameinfo failed: %s\n", 1453 gai_strerror(err)); 1454 exit(2); 1455 } 1456 1457 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1458 if (sock < 0) 1459 perror("socket"); 1460 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1461 if (errno == EBADF) 1462 exit(3); 1463 } 1464 } 1465 exit(0); 1466} 1467 ], 1468 [ 1469 AC_MSG_RESULT(yes) 1470 ], 1471 [ 1472 AC_MSG_RESULT(no) 1473 AC_DEFINE(BROKEN_GETADDRINFO) 1474 ] 1475 ) 1476fi 1477 1478if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1479 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1480 AC_MSG_CHECKING(if getaddrinfo seems to work) 1481 AC_TRY_RUN( 1482 [ 1483#include <stdio.h> 1484#include <sys/socket.h> 1485#include <netdb.h> 1486#include <errno.h> 1487#include <netinet/in.h> 1488 1489#define TEST_PORT "2222" 1490 1491int 1492main(void) 1493{ 1494 int err, sock; 1495 struct addrinfo *gai_ai, *ai, hints; 1496 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1497 1498 memset(&hints, 0, sizeof(hints)); 1499 hints.ai_family = PF_UNSPEC; 1500 hints.ai_socktype = SOCK_STREAM; 1501 hints.ai_flags = AI_PASSIVE; 1502 1503 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1504 if (err != 0) { 1505 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1506 exit(1); 1507 } 1508 1509 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1510 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1511 continue; 1512 1513 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1514 sizeof(ntop), strport, sizeof(strport), 1515 NI_NUMERICHOST|NI_NUMERICSERV); 1516 1517 if (ai->ai_family == AF_INET && err != 0) { 1518 perror("getnameinfo"); 1519 exit(2); 1520 } 1521 } 1522 exit(0); 1523} 1524 ], 1525 [ 1526 AC_MSG_RESULT(yes) 1527 AC_DEFINE(AIX_GETNAMEINFO_HACK, [], 1528[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address]) 1529 ], 1530 [ 1531 AC_MSG_RESULT(no) 1532 AC_DEFINE(BROKEN_GETADDRINFO) 1533 ] 1534 ) 1535fi 1536 1537if test "x$check_for_conflicting_getspnam" = "x1"; then 1538 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1539 AC_COMPILE_IFELSE( 1540 [ 1541#include <shadow.h> 1542int main(void) {exit(0);} 1543 ], 1544 [ 1545 AC_MSG_RESULT(no) 1546 ], 1547 [ 1548 AC_MSG_RESULT(yes) 1549 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1550 [Conflicting defs for getspnam]) 1551 ] 1552 ) 1553fi 1554 1555AC_FUNC_GETPGRP 1556 1557# Check for PAM libs 1558PAM_MSG="no" 1559AC_ARG_WITH(pam, 1560 [ --with-pam Enable PAM support ], 1561 [ 1562 if test "x$withval" != "xno" ; then 1563 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 1564 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 1565 AC_MSG_ERROR([PAM headers not found]) 1566 fi 1567 1568 AC_CHECK_LIB(dl, dlopen, , ) 1569 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 1570 AC_CHECK_FUNCS(pam_getenvlist) 1571 AC_CHECK_FUNCS(pam_putenv) 1572 1573 PAM_MSG="yes" 1574 1575 AC_DEFINE(USE_PAM) 1576 if test $ac_cv_lib_dl_dlopen = yes; then 1577 LIBPAM="-lpam -ldl" 1578 else 1579 LIBPAM="-lpam" 1580 fi 1581 AC_SUBST(LIBPAM) 1582 fi 1583 ] 1584) 1585 1586# Check for older PAM 1587if test "x$PAM_MSG" = "xyes" ; then 1588 # Check PAM strerror arguments (old PAM) 1589 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 1590 AC_TRY_COMPILE( 1591 [ 1592#include <stdlib.h> 1593#if defined(HAVE_SECURITY_PAM_APPL_H) 1594#include <security/pam_appl.h> 1595#elif defined (HAVE_PAM_PAM_APPL_H) 1596#include <pam/pam_appl.h> 1597#endif 1598 ], 1599 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 1600 [AC_MSG_RESULT(no)], 1601 [ 1602 AC_DEFINE(HAVE_OLD_PAM) 1603 AC_MSG_RESULT(yes) 1604 PAM_MSG="yes (old library)" 1605 ] 1606 ) 1607fi 1608 1609# Search for OpenSSL 1610saved_CPPFLAGS="$CPPFLAGS" 1611saved_LDFLAGS="$LDFLAGS" 1612AC_ARG_WITH(ssl-dir, 1613 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1614 [ 1615 if test "x$withval" != "xno" ; then 1616 case "$withval" in 1617 # Relative paths 1618 ./*|../*) withval="`pwd`/$withval" 1619 esac 1620 if test -d "$withval/lib"; then 1621 if test -n "${need_dash_r}"; then 1622 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1623 else 1624 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1625 fi 1626 else 1627 if test -n "${need_dash_r}"; then 1628 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1629 else 1630 LDFLAGS="-L${withval} ${LDFLAGS}" 1631 fi 1632 fi 1633 if test -d "$withval/include"; then 1634 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1635 else 1636 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1637 fi 1638 fi 1639 ] 1640) 1641LIBS="-lcrypto $LIBS" 1642AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1643 [ 1644 dnl Check default openssl install dir 1645 if test -n "${need_dash_r}"; then 1646 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1647 else 1648 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1649 fi 1650 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1651 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1652 [ 1653 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1654 ] 1655 ) 1656 ] 1657) 1658 1659# Determine OpenSSL header version 1660AC_MSG_CHECKING([OpenSSL header version]) 1661AC_RUN_IFELSE( 1662 [AC_LANG_SOURCE([[ 1663#include <stdio.h> 1664#include <string.h> 1665#include <openssl/opensslv.h> 1666#define DATA "conftest.sslincver" 1667int main(void) { 1668 FILE *fd; 1669 int rc; 1670 1671 fd = fopen(DATA,"w"); 1672 if(fd == NULL) 1673 exit(1); 1674 1675 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1676 exit(1); 1677 1678 exit(0); 1679} 1680 ]])], 1681 [ 1682 ssl_header_ver=`cat conftest.sslincver` 1683 AC_MSG_RESULT($ssl_header_ver) 1684 ], 1685 [ 1686 AC_MSG_RESULT(not found) 1687 AC_MSG_ERROR(OpenSSL version header not found.) 1688 ], 1689 [ 1690 AC_MSG_WARN([cross compiling: not checking]) 1691 ] 1692) 1693 1694# Determine OpenSSL library version 1695AC_MSG_CHECKING([OpenSSL library version]) 1696AC_RUN_IFELSE( 1697 [AC_LANG_SOURCE([[ 1698#include <stdio.h> 1699#include <string.h> 1700#include <openssl/opensslv.h> 1701#include <openssl/crypto.h> 1702#define DATA "conftest.ssllibver" 1703int main(void) { 1704 FILE *fd; 1705 int rc; 1706 1707 fd = fopen(DATA,"w"); 1708 if(fd == NULL) 1709 exit(1); 1710 1711 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1712 exit(1); 1713 1714 exit(0); 1715} 1716 ]])], 1717 [ 1718 ssl_library_ver=`cat conftest.ssllibver` 1719 AC_MSG_RESULT($ssl_library_ver) 1720 ], 1721 [ 1722 AC_MSG_RESULT(not found) 1723 AC_MSG_ERROR(OpenSSL library not found.) 1724 ], 1725 [ 1726 AC_MSG_WARN([cross compiling: not checking]) 1727 ] 1728) 1729 1730# Sanity check OpenSSL headers 1731AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1732AC_RUN_IFELSE( 1733 [AC_LANG_SOURCE([[ 1734#include <string.h> 1735#include <openssl/opensslv.h> 1736int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1737 ]])], 1738 [ 1739 AC_MSG_RESULT(yes) 1740 ], 1741 [ 1742 AC_MSG_RESULT(no) 1743 AC_MSG_ERROR([Your OpenSSL headers do not match your library. 1744Check config.log for details. 1745Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1746 ], 1747 [ 1748 AC_MSG_WARN([cross compiling: not checking]) 1749 ] 1750) 1751 1752# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 1753# because the system crypt() is more featureful. 1754if test "x$check_for_libcrypt_before" = "x1"; then 1755 AC_CHECK_LIB(crypt, crypt) 1756fi 1757 1758# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1759# version in OpenSSL. 1760if test "x$check_for_libcrypt_later" = "x1"; then 1761 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1762fi 1763 1764AC_CHECK_LIB(iaf, ia_openinfo) 1765 1766### Configure cryptographic random number support 1767 1768# Check wheter OpenSSL seeds itself 1769AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 1770AC_RUN_IFELSE( 1771 [AC_LANG_SOURCE([[ 1772#include <string.h> 1773#include <openssl/rand.h> 1774int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 1775 ]])], 1776 [ 1777 OPENSSL_SEEDS_ITSELF=yes 1778 AC_MSG_RESULT(yes) 1779 ], 1780 [ 1781 AC_MSG_RESULT(no) 1782 # Default to use of the rand helper if OpenSSL doesn't 1783 # seed itself 1784 USE_RAND_HELPER=yes 1785 ], 1786 [ 1787 AC_MSG_WARN([cross compiling: assuming yes]) 1788 # This is safe, since all recent OpenSSL versions will 1789 # complain at runtime if not seeded correctly. 1790 OPENSSL_SEEDS_ITSELF=yes 1791 ] 1792) 1793 1794 1795# Do we want to force the use of the rand helper? 1796AC_ARG_WITH(rand-helper, 1797 [ --with-rand-helper Use subprocess to gather strong randomness ], 1798 [ 1799 if test "x$withval" = "xno" ; then 1800 # Force use of OpenSSL's internal RNG, even if 1801 # the previous test showed it to be unseeded. 1802 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 1803 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 1804 OPENSSL_SEEDS_ITSELF=yes 1805 USE_RAND_HELPER="" 1806 fi 1807 else 1808 USE_RAND_HELPER=yes 1809 fi 1810 ], 1811) 1812 1813# Which randomness source do we use? 1814if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 1815 # OpenSSL only 1816 AC_DEFINE(OPENSSL_PRNG_ONLY) 1817 RAND_MSG="OpenSSL internal ONLY" 1818 INSTALL_SSH_RAND_HELPER="" 1819elif test ! -z "$USE_RAND_HELPER" ; then 1820 # install rand helper 1821 RAND_MSG="ssh-rand-helper" 1822 INSTALL_SSH_RAND_HELPER="yes" 1823fi 1824AC_SUBST(INSTALL_SSH_RAND_HELPER) 1825 1826### Configuration of ssh-rand-helper 1827 1828# PRNGD TCP socket 1829AC_ARG_WITH(prngd-port, 1830 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 1831 [ 1832 case "$withval" in 1833 no) 1834 withval="" 1835 ;; 1836 [[0-9]]*) 1837 ;; 1838 *) 1839 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 1840 ;; 1841 esac 1842 if test ! -z "$withval" ; then 1843 PRNGD_PORT="$withval" 1844 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT) 1845 fi 1846 ] 1847) 1848 1849# PRNGD Unix domain socket 1850AC_ARG_WITH(prngd-socket, 1851 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 1852 [ 1853 case "$withval" in 1854 yes) 1855 withval="/var/run/egd-pool" 1856 ;; 1857 no) 1858 withval="" 1859 ;; 1860 /*) 1861 ;; 1862 *) 1863 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 1864 ;; 1865 esac 1866 1867 if test ! -z "$withval" ; then 1868 if test ! -z "$PRNGD_PORT" ; then 1869 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 1870 fi 1871 if test ! -r "$withval" ; then 1872 AC_MSG_WARN(Entropy socket is not readable) 1873 fi 1874 PRNGD_SOCKET="$withval" 1875 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 1876 fi 1877 ], 1878 [ 1879 # Check for existing socket only if we don't have a random device already 1880 if test "$USE_RAND_HELPER" = yes ; then 1881 AC_MSG_CHECKING(for PRNGD/EGD socket) 1882 # Insert other locations here 1883 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 1884 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 1885 PRNGD_SOCKET="$sock" 1886 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 1887 break; 1888 fi 1889 done 1890 if test ! -z "$PRNGD_SOCKET" ; then 1891 AC_MSG_RESULT($PRNGD_SOCKET) 1892 else 1893 AC_MSG_RESULT(not found) 1894 fi 1895 fi 1896 ] 1897) 1898 1899# Change default command timeout for hashing entropy source 1900entropy_timeout=200 1901AC_ARG_WITH(entropy-timeout, 1902 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 1903 [ 1904 if test -n "$withval" && test "x$withval" != "xno" && \ 1905 test "x${withval}" != "xyes"; then 1906 entropy_timeout=$withval 1907 fi 1908 ] 1909) 1910AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) 1911 1912SSH_PRIVSEP_USER=sshd 1913AC_ARG_WITH(privsep-user, 1914 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 1915 [ 1916 if test -n "$withval" && test "x$withval" != "xno" && \ 1917 test "x${withval}" != "xyes"; then 1918 SSH_PRIVSEP_USER=$withval 1919 fi 1920 ] 1921) 1922AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER") 1923AC_SUBST(SSH_PRIVSEP_USER) 1924 1925# We do this little dance with the search path to insure 1926# that programs that we select for use by installed programs 1927# (which may be run by the super-user) come from trusted 1928# locations before they come from the user's private area. 1929# This should help avoid accidentally configuring some 1930# random version of a program in someone's personal bin. 1931 1932OPATH=$PATH 1933PATH=/bin:/usr/bin 1934test -h /bin 2> /dev/null && PATH=/usr/bin 1935test -d /sbin && PATH=$PATH:/sbin 1936test -d /usr/sbin && PATH=$PATH:/usr/sbin 1937PATH=$PATH:/etc:$OPATH 1938 1939# These programs are used by the command hashing source to gather entropy 1940OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 1941OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 1942OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 1943OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 1944OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 1945OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 1946OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 1947OSSH_PATH_ENTROPY_PROG(PROG_W, w) 1948OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 1949OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 1950OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 1951OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 1952OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 1953OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 1954OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 1955OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 1956# restore PATH 1957PATH=$OPATH 1958 1959# Where does ssh-rand-helper get its randomness from? 1960INSTALL_SSH_PRNG_CMDS="" 1961if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 1962 if test ! -z "$PRNGD_PORT" ; then 1963 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 1964 elif test ! -z "$PRNGD_SOCKET" ; then 1965 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 1966 else 1967 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 1968 RAND_HELPER_CMDHASH=yes 1969 INSTALL_SSH_PRNG_CMDS="yes" 1970 fi 1971fi 1972AC_SUBST(INSTALL_SSH_PRNG_CMDS) 1973 1974 1975# Cheap hack to ensure NEWS-OS libraries are arranged right. 1976if test ! -z "$SONY" ; then 1977 LIBS="$LIBS -liberty"; 1978fi 1979 1980# Checks for data types 1981AC_CHECK_SIZEOF(char, 1) 1982AC_CHECK_SIZEOF(short int, 2) 1983AC_CHECK_SIZEOF(int, 4) 1984AC_CHECK_SIZEOF(long int, 4) 1985AC_CHECK_SIZEOF(long long int, 8) 1986 1987# Sanity check long long for some platforms (AIX) 1988if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 1989 ac_cv_sizeof_long_long_int=0 1990fi 1991 1992# More checks for data types 1993AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 1994 AC_TRY_COMPILE( 1995 [ #include <sys/types.h> ], 1996 [ u_int a; a = 1;], 1997 [ ac_cv_have_u_int="yes" ], 1998 [ ac_cv_have_u_int="no" ] 1999 ) 2000]) 2001if test "x$ac_cv_have_u_int" = "xyes" ; then 2002 AC_DEFINE(HAVE_U_INT) 2003 have_u_int=1 2004fi 2005 2006AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2007 AC_TRY_COMPILE( 2008 [ #include <sys/types.h> ], 2009 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2010 [ ac_cv_have_intxx_t="yes" ], 2011 [ ac_cv_have_intxx_t="no" ] 2012 ) 2013]) 2014if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2015 AC_DEFINE(HAVE_INTXX_T) 2016 have_intxx_t=1 2017fi 2018 2019if (test -z "$have_intxx_t" && \ 2020 test "x$ac_cv_header_stdint_h" = "xyes") 2021then 2022 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2023 AC_TRY_COMPILE( 2024 [ #include <stdint.h> ], 2025 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2026 [ 2027 AC_DEFINE(HAVE_INTXX_T) 2028 AC_MSG_RESULT(yes) 2029 ], 2030 [ AC_MSG_RESULT(no) ] 2031 ) 2032fi 2033 2034AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2035 AC_TRY_COMPILE( 2036 [ 2037#include <sys/types.h> 2038#ifdef HAVE_STDINT_H 2039# include <stdint.h> 2040#endif 2041#include <sys/socket.h> 2042#ifdef HAVE_SYS_BITYPES_H 2043# include <sys/bitypes.h> 2044#endif 2045 ], 2046 [ int64_t a; a = 1;], 2047 [ ac_cv_have_int64_t="yes" ], 2048 [ ac_cv_have_int64_t="no" ] 2049 ) 2050]) 2051if test "x$ac_cv_have_int64_t" = "xyes" ; then 2052 AC_DEFINE(HAVE_INT64_T) 2053fi 2054 2055AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2056 AC_TRY_COMPILE( 2057 [ #include <sys/types.h> ], 2058 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2059 [ ac_cv_have_u_intxx_t="yes" ], 2060 [ ac_cv_have_u_intxx_t="no" ] 2061 ) 2062]) 2063if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2064 AC_DEFINE(HAVE_U_INTXX_T) 2065 have_u_intxx_t=1 2066fi 2067 2068if test -z "$have_u_intxx_t" ; then 2069 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2070 AC_TRY_COMPILE( 2071 [ #include <sys/socket.h> ], 2072 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2073 [ 2074 AC_DEFINE(HAVE_U_INTXX_T) 2075 AC_MSG_RESULT(yes) 2076 ], 2077 [ AC_MSG_RESULT(no) ] 2078 ) 2079fi 2080 2081AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2082 AC_TRY_COMPILE( 2083 [ #include <sys/types.h> ], 2084 [ u_int64_t a; a = 1;], 2085 [ ac_cv_have_u_int64_t="yes" ], 2086 [ ac_cv_have_u_int64_t="no" ] 2087 ) 2088]) 2089if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2090 AC_DEFINE(HAVE_U_INT64_T) 2091 have_u_int64_t=1 2092fi 2093 2094if test -z "$have_u_int64_t" ; then 2095 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2096 AC_TRY_COMPILE( 2097 [ #include <sys/bitypes.h> ], 2098 [ u_int64_t a; a = 1], 2099 [ 2100 AC_DEFINE(HAVE_U_INT64_T) 2101 AC_MSG_RESULT(yes) 2102 ], 2103 [ AC_MSG_RESULT(no) ] 2104 ) 2105fi 2106 2107if test -z "$have_u_intxx_t" ; then 2108 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2109 AC_TRY_COMPILE( 2110 [ 2111#include <sys/types.h> 2112 ], 2113 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2114 [ ac_cv_have_uintxx_t="yes" ], 2115 [ ac_cv_have_uintxx_t="no" ] 2116 ) 2117 ]) 2118 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2119 AC_DEFINE(HAVE_UINTXX_T) 2120 fi 2121fi 2122 2123if test -z "$have_uintxx_t" ; then 2124 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2125 AC_TRY_COMPILE( 2126 [ #include <stdint.h> ], 2127 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2128 [ 2129 AC_DEFINE(HAVE_UINTXX_T) 2130 AC_MSG_RESULT(yes) 2131 ], 2132 [ AC_MSG_RESULT(no) ] 2133 ) 2134fi 2135 2136if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2137 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2138then 2139 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2140 AC_TRY_COMPILE( 2141 [ 2142#include <sys/bitypes.h> 2143 ], 2144 [ 2145 int8_t a; int16_t b; int32_t c; 2146 u_int8_t e; u_int16_t f; u_int32_t g; 2147 a = b = c = e = f = g = 1; 2148 ], 2149 [ 2150 AC_DEFINE(HAVE_U_INTXX_T) 2151 AC_DEFINE(HAVE_INTXX_T) 2152 AC_MSG_RESULT(yes) 2153 ], 2154 [AC_MSG_RESULT(no)] 2155 ) 2156fi 2157 2158 2159AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2160 AC_TRY_COMPILE( 2161 [ 2162#include <sys/types.h> 2163 ], 2164 [ u_char foo; foo = 125; ], 2165 [ ac_cv_have_u_char="yes" ], 2166 [ ac_cv_have_u_char="no" ] 2167 ) 2168]) 2169if test "x$ac_cv_have_u_char" = "xyes" ; then 2170 AC_DEFINE(HAVE_U_CHAR) 2171fi 2172 2173TYPE_SOCKLEN_T 2174 2175AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2176 2177AC_CHECK_TYPES(in_addr_t,,, 2178[#include <sys/types.h> 2179#include <netinet/in.h>]) 2180 2181AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2182 AC_TRY_COMPILE( 2183 [ 2184#include <sys/types.h> 2185 ], 2186 [ size_t foo; foo = 1235; ], 2187 [ ac_cv_have_size_t="yes" ], 2188 [ ac_cv_have_size_t="no" ] 2189 ) 2190]) 2191if test "x$ac_cv_have_size_t" = "xyes" ; then 2192 AC_DEFINE(HAVE_SIZE_T) 2193fi 2194 2195AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2196 AC_TRY_COMPILE( 2197 [ 2198#include <sys/types.h> 2199 ], 2200 [ ssize_t foo; foo = 1235; ], 2201 [ ac_cv_have_ssize_t="yes" ], 2202 [ ac_cv_have_ssize_t="no" ] 2203 ) 2204]) 2205if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2206 AC_DEFINE(HAVE_SSIZE_T) 2207fi 2208 2209AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2210 AC_TRY_COMPILE( 2211 [ 2212#include <time.h> 2213 ], 2214 [ clock_t foo; foo = 1235; ], 2215 [ ac_cv_have_clock_t="yes" ], 2216 [ ac_cv_have_clock_t="no" ] 2217 ) 2218]) 2219if test "x$ac_cv_have_clock_t" = "xyes" ; then 2220 AC_DEFINE(HAVE_CLOCK_T) 2221fi 2222 2223AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2224 AC_TRY_COMPILE( 2225 [ 2226#include <sys/types.h> 2227#include <sys/socket.h> 2228 ], 2229 [ sa_family_t foo; foo = 1235; ], 2230 [ ac_cv_have_sa_family_t="yes" ], 2231 [ AC_TRY_COMPILE( 2232 [ 2233#include <sys/types.h> 2234#include <sys/socket.h> 2235#include <netinet/in.h> 2236 ], 2237 [ sa_family_t foo; foo = 1235; ], 2238 [ ac_cv_have_sa_family_t="yes" ], 2239 2240 [ ac_cv_have_sa_family_t="no" ] 2241 )] 2242 ) 2243]) 2244if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2245 AC_DEFINE(HAVE_SA_FAMILY_T) 2246fi 2247 2248AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2249 AC_TRY_COMPILE( 2250 [ 2251#include <sys/types.h> 2252 ], 2253 [ pid_t foo; foo = 1235; ], 2254 [ ac_cv_have_pid_t="yes" ], 2255 [ ac_cv_have_pid_t="no" ] 2256 ) 2257]) 2258if test "x$ac_cv_have_pid_t" = "xyes" ; then 2259 AC_DEFINE(HAVE_PID_T) 2260fi 2261 2262AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2263 AC_TRY_COMPILE( 2264 [ 2265#include <sys/types.h> 2266 ], 2267 [ mode_t foo; foo = 1235; ], 2268 [ ac_cv_have_mode_t="yes" ], 2269 [ ac_cv_have_mode_t="no" ] 2270 ) 2271]) 2272if test "x$ac_cv_have_mode_t" = "xyes" ; then 2273 AC_DEFINE(HAVE_MODE_T) 2274fi 2275 2276 2277AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2278 AC_TRY_COMPILE( 2279 [ 2280#include <sys/types.h> 2281#include <sys/socket.h> 2282 ], 2283 [ struct sockaddr_storage s; ], 2284 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2285 [ ac_cv_have_struct_sockaddr_storage="no" ] 2286 ) 2287]) 2288if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2289 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE) 2290fi 2291 2292AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2293 AC_TRY_COMPILE( 2294 [ 2295#include <sys/types.h> 2296#include <netinet/in.h> 2297 ], 2298 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2299 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2300 [ ac_cv_have_struct_sockaddr_in6="no" ] 2301 ) 2302]) 2303if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2304 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6) 2305fi 2306 2307AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2308 AC_TRY_COMPILE( 2309 [ 2310#include <sys/types.h> 2311#include <netinet/in.h> 2312 ], 2313 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2314 [ ac_cv_have_struct_in6_addr="yes" ], 2315 [ ac_cv_have_struct_in6_addr="no" ] 2316 ) 2317]) 2318if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2319 AC_DEFINE(HAVE_STRUCT_IN6_ADDR) 2320fi 2321 2322AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2323 AC_TRY_COMPILE( 2324 [ 2325#include <sys/types.h> 2326#include <sys/socket.h> 2327#include <netdb.h> 2328 ], 2329 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2330 [ ac_cv_have_struct_addrinfo="yes" ], 2331 [ ac_cv_have_struct_addrinfo="no" ] 2332 ) 2333]) 2334if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2335 AC_DEFINE(HAVE_STRUCT_ADDRINFO) 2336fi 2337 2338AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2339 AC_TRY_COMPILE( 2340 [ #include <sys/time.h> ], 2341 [ struct timeval tv; tv.tv_sec = 1;], 2342 [ ac_cv_have_struct_timeval="yes" ], 2343 [ ac_cv_have_struct_timeval="no" ] 2344 ) 2345]) 2346if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2347 AC_DEFINE(HAVE_STRUCT_TIMEVAL) 2348 have_struct_timeval=1 2349fi 2350 2351AC_CHECK_TYPES(struct timespec) 2352 2353# We need int64_t or else certian parts of the compile will fail. 2354if test "x$ac_cv_have_int64_t" = "xno" && \ 2355 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2356 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2357 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2358 echo "an alternative compiler (I.E., GCC) before continuing." 2359 echo "" 2360 exit 1; 2361else 2362dnl test snprintf (broken on SCO w/gcc) 2363 AC_RUN_IFELSE( 2364 [AC_LANG_SOURCE([[ 2365#include <stdio.h> 2366#include <string.h> 2367#ifdef HAVE_SNPRINTF 2368main() 2369{ 2370 char buf[50]; 2371 char expected_out[50]; 2372 int mazsize = 50 ; 2373#if (SIZEOF_LONG_INT == 8) 2374 long int num = 0x7fffffffffffffff; 2375#else 2376 long long num = 0x7fffffffffffffffll; 2377#endif 2378 strcpy(expected_out, "9223372036854775807"); 2379 snprintf(buf, mazsize, "%lld", num); 2380 if(strcmp(buf, expected_out) != 0) 2381 exit(1); 2382 exit(0); 2383} 2384#else 2385main() { exit(0); } 2386#endif 2387 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2388 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2389 ) 2390fi 2391 2392dnl Checks for structure members 2393OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2394OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2395OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2396OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2397OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2398OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2399OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2400OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2401OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2402OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2403OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2404OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2405OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2406OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2407OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2408OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2409OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2410 2411AC_CHECK_MEMBERS([struct stat.st_blksize]) 2412 2413AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2414 ac_cv_have_ss_family_in_struct_ss, [ 2415 AC_TRY_COMPILE( 2416 [ 2417#include <sys/types.h> 2418#include <sys/socket.h> 2419 ], 2420 [ struct sockaddr_storage s; s.ss_family = 1; ], 2421 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2422 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2423 ) 2424]) 2425if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2426 AC_DEFINE(HAVE_SS_FAMILY_IN_SS) 2427fi 2428 2429AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2430 ac_cv_have___ss_family_in_struct_ss, [ 2431 AC_TRY_COMPILE( 2432 [ 2433#include <sys/types.h> 2434#include <sys/socket.h> 2435 ], 2436 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2437 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2438 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2439 ) 2440]) 2441if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2442 AC_DEFINE(HAVE___SS_FAMILY_IN_SS) 2443fi 2444 2445AC_CACHE_CHECK([for pw_class field in struct passwd], 2446 ac_cv_have_pw_class_in_struct_passwd, [ 2447 AC_TRY_COMPILE( 2448 [ 2449#include <pwd.h> 2450 ], 2451 [ struct passwd p; p.pw_class = 0; ], 2452 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2453 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 2454 ) 2455]) 2456if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 2457 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD) 2458fi 2459 2460AC_CACHE_CHECK([for pw_expire field in struct passwd], 2461 ac_cv_have_pw_expire_in_struct_passwd, [ 2462 AC_TRY_COMPILE( 2463 [ 2464#include <pwd.h> 2465 ], 2466 [ struct passwd p; p.pw_expire = 0; ], 2467 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 2468 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 2469 ) 2470]) 2471if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 2472 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD) 2473fi 2474 2475AC_CACHE_CHECK([for pw_change field in struct passwd], 2476 ac_cv_have_pw_change_in_struct_passwd, [ 2477 AC_TRY_COMPILE( 2478 [ 2479#include <pwd.h> 2480 ], 2481 [ struct passwd p; p.pw_change = 0; ], 2482 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 2483 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 2484 ) 2485]) 2486if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 2487 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD) 2488fi 2489 2490dnl make sure we're using the real structure members and not defines 2491AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 2492 ac_cv_have_accrights_in_msghdr, [ 2493 AC_COMPILE_IFELSE( 2494 [ 2495#include <sys/types.h> 2496#include <sys/socket.h> 2497#include <sys/uio.h> 2498int main() { 2499#ifdef msg_accrights 2500#error "msg_accrights is a macro" 2501exit(1); 2502#endif 2503struct msghdr m; 2504m.msg_accrights = 0; 2505exit(0); 2506} 2507 ], 2508 [ ac_cv_have_accrights_in_msghdr="yes" ], 2509 [ ac_cv_have_accrights_in_msghdr="no" ] 2510 ) 2511]) 2512if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 2513 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR) 2514fi 2515 2516AC_CACHE_CHECK([for msg_control field in struct msghdr], 2517 ac_cv_have_control_in_msghdr, [ 2518 AC_COMPILE_IFELSE( 2519 [ 2520#include <sys/types.h> 2521#include <sys/socket.h> 2522#include <sys/uio.h> 2523int main() { 2524#ifdef msg_control 2525#error "msg_control is a macro" 2526exit(1); 2527#endif 2528struct msghdr m; 2529m.msg_control = 0; 2530exit(0); 2531} 2532 ], 2533 [ ac_cv_have_control_in_msghdr="yes" ], 2534 [ ac_cv_have_control_in_msghdr="no" ] 2535 ) 2536]) 2537if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 2538 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR) 2539fi 2540 2541AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 2542 AC_TRY_LINK([], 2543 [ extern char *__progname; printf("%s", __progname); ], 2544 [ ac_cv_libc_defines___progname="yes" ], 2545 [ ac_cv_libc_defines___progname="no" ] 2546 ) 2547]) 2548if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 2549 AC_DEFINE(HAVE___PROGNAME) 2550fi 2551 2552AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 2553 AC_TRY_LINK([ 2554#include <stdio.h> 2555], 2556 [ printf("%s", __FUNCTION__); ], 2557 [ ac_cv_cc_implements___FUNCTION__="yes" ], 2558 [ ac_cv_cc_implements___FUNCTION__="no" ] 2559 ) 2560]) 2561if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 2562 AC_DEFINE(HAVE___FUNCTION__) 2563fi 2564 2565AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 2566 AC_TRY_LINK([ 2567#include <stdio.h> 2568], 2569 [ printf("%s", __func__); ], 2570 [ ac_cv_cc_implements___func__="yes" ], 2571 [ ac_cv_cc_implements___func__="no" ] 2572 ) 2573]) 2574if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 2575 AC_DEFINE(HAVE___func__) 2576fi 2577 2578AC_CACHE_CHECK([whether getopt has optreset support], 2579 ac_cv_have_getopt_optreset, [ 2580 AC_TRY_LINK( 2581 [ 2582#if HAVE_GETOPT_H 2583#include <getopt.h> 2584#elif HAVE_UNISTD_H 2585#include <unistd.h> 2586#endif 2587 ], 2588 [ extern int optreset; optreset = 0; ], 2589 [ ac_cv_have_getopt_optreset="yes" ], 2590 [ ac_cv_have_getopt_optreset="no" ] 2591 ) 2592]) 2593if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 2594 AC_DEFINE(HAVE_GETOPT_OPTRESET) 2595fi 2596 2597AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 2598 AC_TRY_LINK([], 2599 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 2600 [ ac_cv_libc_defines_sys_errlist="yes" ], 2601 [ ac_cv_libc_defines_sys_errlist="no" ] 2602 ) 2603]) 2604if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 2605 AC_DEFINE(HAVE_SYS_ERRLIST) 2606fi 2607 2608 2609AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 2610 AC_TRY_LINK([], 2611 [ extern int sys_nerr; printf("%i", sys_nerr);], 2612 [ ac_cv_libc_defines_sys_nerr="yes" ], 2613 [ ac_cv_libc_defines_sys_nerr="no" ] 2614 ) 2615]) 2616if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 2617 AC_DEFINE(HAVE_SYS_NERR) 2618fi 2619 2620SCARD_MSG="no" 2621# Check whether user wants sectok support 2622AC_ARG_WITH(sectok, 2623 [ --with-sectok Enable smartcard support using libsectok], 2624 [ 2625 if test "x$withval" != "xno" ; then 2626 if test "x$withval" != "xyes" ; then 2627 CPPFLAGS="$CPPFLAGS -I${withval}" 2628 LDFLAGS="$LDFLAGS -L${withval}" 2629 if test ! -z "$need_dash_r" ; then 2630 LDFLAGS="$LDFLAGS -R${withval}" 2631 fi 2632 if test ! -z "$blibpath" ; then 2633 blibpath="$blibpath:${withval}" 2634 fi 2635 fi 2636 AC_CHECK_HEADERS(sectok.h) 2637 if test "$ac_cv_header_sectok_h" != yes; then 2638 AC_MSG_ERROR(Can't find sectok.h) 2639 fi 2640 AC_CHECK_LIB(sectok, sectok_open) 2641 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 2642 AC_MSG_ERROR(Can't find libsectok) 2643 fi 2644 AC_DEFINE(SMARTCARD) 2645 AC_DEFINE(USE_SECTOK) 2646 SCARD_MSG="yes, using sectok" 2647 fi 2648 ] 2649) 2650 2651# Check whether user wants OpenSC support 2652OPENSC_CONFIG="no" 2653AC_ARG_WITH(opensc, 2654 [--with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 2655 [ 2656 if test "x$withval" != "xno" ; then 2657 if test "x$withval" != "xyes" ; then 2658 OPENSC_CONFIG=$withval/bin/opensc-config 2659 else 2660 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 2661 fi 2662 if test "$OPENSC_CONFIG" != "no"; then 2663 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 2664 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 2665 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 2666 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" 2667 AC_DEFINE(SMARTCARD) 2668 AC_DEFINE(USE_OPENSC) 2669 SCARD_MSG="yes, using OpenSC" 2670 fi 2671 fi 2672 ] 2673) 2674 2675# Check libraries needed by DNS fingerprint support 2676AC_SEARCH_LIBS(getrrsetbyname, resolv, 2677 [AC_DEFINE(HAVE_GETRRSETBYNAME)], 2678 [ 2679 # Needed by our getrrsetbyname() 2680 AC_SEARCH_LIBS(res_query, resolv) 2681 AC_SEARCH_LIBS(dn_expand, resolv) 2682 AC_MSG_CHECKING(if res_query will link) 2683 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 2684 [AC_MSG_RESULT(no) 2685 saved_LIBS="$LIBS" 2686 LIBS="$LIBS -lresolv" 2687 AC_MSG_CHECKING(for res_query in -lresolv) 2688 AC_LINK_IFELSE([ 2689#include <resolv.h> 2690int main() 2691{ 2692 res_query (0, 0, 0, 0, 0); 2693 return 0; 2694} 2695 ], 2696 [LIBS="$LIBS -lresolv" 2697 AC_MSG_RESULT(yes)], 2698 [LIBS="$saved_LIBS" 2699 AC_MSG_RESULT(no)]) 2700 ]) 2701 AC_CHECK_FUNCS(_getshort _getlong) 2702 AC_CHECK_DECLS([_getshort, _getlong], , , 2703 [#include <sys/types.h> 2704 #include <arpa/nameser.h>]) 2705 AC_CHECK_MEMBER(HEADER.ad, 2706 [AC_DEFINE(HAVE_HEADER_AD)],, 2707 [#include <arpa/nameser.h>]) 2708 ]) 2709 2710# Check whether user wants Kerberos 5 support 2711KRB5_MSG="no" 2712AC_ARG_WITH(kerberos5, 2713 [ --with-kerberos5=PATH Enable Kerberos 5 support], 2714 [ if test "x$withval" != "xno" ; then 2715 if test "x$withval" = "xyes" ; then 2716 KRB5ROOT="/usr/local" 2717 else 2718 KRB5ROOT=${withval} 2719 fi 2720 2721 AC_DEFINE(KRB5) 2722 KRB5_MSG="yes" 2723 2724 AC_MSG_CHECKING(for krb5-config) 2725 if test -x $KRB5ROOT/bin/krb5-config ; then 2726 KRB5CONF=$KRB5ROOT/bin/krb5-config 2727 AC_MSG_RESULT($KRB5CONF) 2728 2729 AC_MSG_CHECKING(for gssapi support) 2730 if $KRB5CONF | grep gssapi >/dev/null ; then 2731 AC_MSG_RESULT(yes) 2732 AC_DEFINE(GSSAPI) 2733 k5confopts=gssapi 2734 else 2735 AC_MSG_RESULT(no) 2736 k5confopts="" 2737 fi 2738 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 2739 K5LIBS="`$KRB5CONF --libs $k5confopts`" 2740 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 2741 AC_MSG_CHECKING(whether we are using Heimdal) 2742 AC_TRY_COMPILE([ #include <krb5.h> ], 2743 [ char *tmp = heimdal_version; ], 2744 [ AC_MSG_RESULT(yes) 2745 AC_DEFINE(HEIMDAL) ], 2746 AC_MSG_RESULT(no) 2747 ) 2748 else 2749 AC_MSG_RESULT(no) 2750 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 2751 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 2752 AC_MSG_CHECKING(whether we are using Heimdal) 2753 AC_TRY_COMPILE([ #include <krb5.h> ], 2754 [ char *tmp = heimdal_version; ], 2755 [ AC_MSG_RESULT(yes) 2756 AC_DEFINE(HEIMDAL) 2757 K5LIBS="-lkrb5 -ldes" 2758 K5LIBS="$K5LIBS -lcom_err -lasn1" 2759 AC_CHECK_LIB(roken, net_write, 2760 [K5LIBS="$K5LIBS -lroken"]) 2761 ], 2762 [ AC_MSG_RESULT(no) 2763 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 2764 ] 2765 ) 2766 AC_SEARCH_LIBS(dn_expand, resolv) 2767 2768 AC_CHECK_LIB(gssapi,gss_init_sec_context, 2769 [ AC_DEFINE(GSSAPI) 2770 K5LIBS="-lgssapi $K5LIBS" ], 2771 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 2772 [ AC_DEFINE(GSSAPI) 2773 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 2774 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 2775 $K5LIBS) 2776 ], 2777 $K5LIBS) 2778 2779 AC_CHECK_HEADER(gssapi.h, , 2780 [ unset ac_cv_header_gssapi_h 2781 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 2782 AC_CHECK_HEADERS(gssapi.h, , 2783 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 2784 ) 2785 ] 2786 ) 2787 2788 oldCPP="$CPPFLAGS" 2789 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 2790 AC_CHECK_HEADER(gssapi_krb5.h, , 2791 [ CPPFLAGS="$oldCPP" ]) 2792 2793 fi 2794 if test ! -z "$need_dash_r" ; then 2795 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 2796 fi 2797 if test ! -z "$blibpath" ; then 2798 blibpath="$blibpath:${KRB5ROOT}/lib" 2799 fi 2800 fi 2801 2802 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 2803 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 2804 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 2805 2806 LIBS="$LIBS $K5LIBS" 2807 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS)) 2808 ] 2809) 2810 2811# Looking for programs, paths and files 2812 2813PRIVSEP_PATH=/var/empty 2814AC_ARG_WITH(privsep-path, 2815 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 2816 [ 2817 if test -n "$withval" && test "x$withval" != "xno" && \ 2818 test "x${withval}" != "xyes"; then 2819 PRIVSEP_PATH=$withval 2820 fi 2821 ] 2822) 2823AC_SUBST(PRIVSEP_PATH) 2824 2825AC_ARG_WITH(xauth, 2826 [ --with-xauth=PATH Specify path to xauth program ], 2827 [ 2828 if test -n "$withval" && test "x$withval" != "xno" && \ 2829 test "x${withval}" != "xyes"; then 2830 xauth_path=$withval 2831 fi 2832 ], 2833 [ 2834 TestPath="$PATH" 2835 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 2836 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 2837 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 2838 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 2839 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 2840 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 2841 xauth_path="/usr/openwin/bin/xauth" 2842 fi 2843 ] 2844) 2845 2846STRIP_OPT=-s 2847AC_ARG_ENABLE(strip, 2848 [ --disable-strip Disable calling strip(1) on install], 2849 [ 2850 if test "x$enableval" = "xno" ; then 2851 STRIP_OPT= 2852 fi 2853 ] 2854) 2855AC_SUBST(STRIP_OPT) 2856 2857if test -z "$xauth_path" ; then 2858 XAUTH_PATH="undefined" 2859 AC_SUBST(XAUTH_PATH) 2860else 2861 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path") 2862 XAUTH_PATH=$xauth_path 2863 AC_SUBST(XAUTH_PATH) 2864fi 2865 2866# Check for mail directory (last resort if we cannot get it from headers) 2867if test ! -z "$MAIL" ; then 2868 maildir=`dirname $MAIL` 2869 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir") 2870fi 2871 2872if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 2873 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 2874 disable_ptmx_check=yes 2875fi 2876if test -z "$no_dev_ptmx" ; then 2877 if test "x$disable_ptmx_check" != "xyes" ; then 2878 AC_CHECK_FILE("/dev/ptmx", 2879 [ 2880 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) 2881 have_dev_ptmx=1 2882 ] 2883 ) 2884 fi 2885fi 2886 2887if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 2888 AC_CHECK_FILE("/dev/ptc", 2889 [ 2890 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) 2891 have_dev_ptc=1 2892 ] 2893 ) 2894else 2895 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 2896fi 2897 2898# Options from here on. Some of these are preset by platform above 2899AC_ARG_WITH(mantype, 2900 [ --with-mantype=man|cat|doc Set man page type], 2901 [ 2902 case "$withval" in 2903 man|cat|doc) 2904 MANTYPE=$withval 2905 ;; 2906 *) 2907 AC_MSG_ERROR(invalid man type: $withval) 2908 ;; 2909 esac 2910 ] 2911) 2912if test -z "$MANTYPE"; then 2913 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 2914 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 2915 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 2916 MANTYPE=doc 2917 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 2918 MANTYPE=man 2919 else 2920 MANTYPE=cat 2921 fi 2922fi 2923AC_SUBST(MANTYPE) 2924if test "$MANTYPE" = "doc"; then 2925 mansubdir=man; 2926else 2927 mansubdir=$MANTYPE; 2928fi 2929AC_SUBST(mansubdir) 2930 2931# Check whether to enable MD5 passwords 2932MD5_MSG="no" 2933AC_ARG_WITH(md5-passwords, 2934 [ --with-md5-passwords Enable use of MD5 passwords], 2935 [ 2936 if test "x$withval" != "xno" ; then 2937 AC_DEFINE(HAVE_MD5_PASSWORDS) 2938 MD5_MSG="yes" 2939 fi 2940 ] 2941) 2942 2943# Whether to disable shadow password support 2944AC_ARG_WITH(shadow, 2945 [ --without-shadow Disable shadow password support], 2946 [ 2947 if test "x$withval" = "xno" ; then 2948 AC_DEFINE(DISABLE_SHADOW) 2949 disable_shadow=yes 2950 fi 2951 ] 2952) 2953 2954if test -z "$disable_shadow" ; then 2955 AC_MSG_CHECKING([if the systems has expire shadow information]) 2956 AC_TRY_COMPILE( 2957 [ 2958#include <sys/types.h> 2959#include <shadow.h> 2960 struct spwd sp; 2961 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 2962 [ sp_expire_available=yes ], [] 2963 ) 2964 2965 if test "x$sp_expire_available" = "xyes" ; then 2966 AC_MSG_RESULT(yes) 2967 AC_DEFINE(HAS_SHADOW_EXPIRE) 2968 else 2969 AC_MSG_RESULT(no) 2970 fi 2971fi 2972 2973# Use ip address instead of hostname in $DISPLAY 2974if test ! -z "$IPADDR_IN_DISPLAY" ; then 2975 DISPLAY_HACK_MSG="yes" 2976 AC_DEFINE(IPADDR_IN_DISPLAY) 2977else 2978 DISPLAY_HACK_MSG="no" 2979 AC_ARG_WITH(ipaddr-display, 2980 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 2981 [ 2982 if test "x$withval" != "xno" ; then 2983 AC_DEFINE(IPADDR_IN_DISPLAY) 2984 DISPLAY_HACK_MSG="yes" 2985 fi 2986 ] 2987 ) 2988fi 2989 2990# check for /etc/default/login and use it if present. 2991AC_ARG_ENABLE(etc-default-login, 2992 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 2993 [ if test "x$enableval" = "xno"; then 2994 AC_MSG_NOTICE([/etc/default/login handling disabled]) 2995 etc_default_login=no 2996 else 2997 etc_default_login=yes 2998 fi ], 2999 [ etc_default_login=yes ] 3000) 3001 3002if test "x$etc_default_login" != "xno"; then 3003 AC_CHECK_FILE("/etc/default/login", 3004 [ external_path_file=/etc/default/login ]) 3005 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3006 then 3007 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test]) 3008 elif test "x$external_path_file" = "x/etc/default/login"; then 3009 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) 3010 fi 3011fi 3012 3013dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3014if test $ac_cv_func_login_getcapbool = "yes" && \ 3015 test $ac_cv_header_login_cap_h = "yes" ; then 3016 external_path_file=/etc/login.conf 3017fi 3018 3019# Whether to mess with the default path 3020SERVER_PATH_MSG="(default)" 3021AC_ARG_WITH(default-path, 3022 [ --with-default-path= Specify default \$PATH environment for server], 3023 [ 3024 if test "x$external_path_file" = "x/etc/login.conf" ; then 3025 AC_MSG_WARN([ 3026--with-default-path=PATH has no effect on this system. 3027Edit /etc/login.conf instead.]) 3028 elif test "x$withval" != "xno" ; then 3029 if test ! -z "$external_path_file" ; then 3030 AC_MSG_WARN([ 3031--with-default-path=PATH will only be used if PATH is not defined in 3032$external_path_file .]) 3033 fi 3034 user_path="$withval" 3035 SERVER_PATH_MSG="$withval" 3036 fi 3037 ], 3038 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3039 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3040 else 3041 if test ! -z "$external_path_file" ; then 3042 AC_MSG_WARN([ 3043If PATH is defined in $external_path_file, ensure the path to scp is included, 3044otherwise scp will not work.]) 3045 fi 3046 AC_TRY_RUN( 3047 [ 3048/* find out what STDPATH is */ 3049#include <stdio.h> 3050#ifdef HAVE_PATHS_H 3051# include <paths.h> 3052#endif 3053#ifndef _PATH_STDPATH 3054# ifdef _PATH_USERPATH /* Irix */ 3055# define _PATH_STDPATH _PATH_USERPATH 3056# else 3057# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3058# endif 3059#endif 3060#include <sys/types.h> 3061#include <sys/stat.h> 3062#include <fcntl.h> 3063#define DATA "conftest.stdpath" 3064 3065main() 3066{ 3067 FILE *fd; 3068 int rc; 3069 3070 fd = fopen(DATA,"w"); 3071 if(fd == NULL) 3072 exit(1); 3073 3074 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3075 exit(1); 3076 3077 exit(0); 3078} 3079 ], [ user_path=`cat conftest.stdpath` ], 3080 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3081 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3082 ) 3083# make sure $bindir is in USER_PATH so scp will work 3084 t_bindir=`eval echo ${bindir}` 3085 case $t_bindir in 3086 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3087 esac 3088 case $t_bindir in 3089 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3090 esac 3091 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3092 if test $? -ne 0 ; then 3093 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3094 if test $? -ne 0 ; then 3095 user_path=$user_path:$t_bindir 3096 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3097 fi 3098 fi 3099 fi ] 3100) 3101if test "x$external_path_file" != "x/etc/login.conf" ; then 3102 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path") 3103 AC_SUBST(user_path) 3104fi 3105 3106# Set superuser path separately to user path 3107AC_ARG_WITH(superuser-path, 3108 [ --with-superuser-path= Specify different path for super-user], 3109 [ 3110 if test -n "$withval" && test "x$withval" != "xno" && \ 3111 test "x${withval}" != "xyes"; then 3112 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval") 3113 superuser_path=$withval 3114 fi 3115 ] 3116) 3117 3118 3119AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3120IPV4_IN6_HACK_MSG="no" 3121AC_ARG_WITH(4in6, 3122 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3123 [ 3124 if test "x$withval" != "xno" ; then 3125 AC_MSG_RESULT(yes) 3126 AC_DEFINE(IPV4_IN_IPV6) 3127 IPV4_IN6_HACK_MSG="yes" 3128 else 3129 AC_MSG_RESULT(no) 3130 fi 3131 ],[ 3132 if test "x$inet6_default_4in6" = "xyes"; then 3133 AC_MSG_RESULT([yes (default)]) 3134 AC_DEFINE(IPV4_IN_IPV6) 3135 IPV4_IN6_HACK_MSG="yes" 3136 else 3137 AC_MSG_RESULT([no (default)]) 3138 fi 3139 ] 3140) 3141 3142# Whether to enable BSD auth support 3143BSD_AUTH_MSG=no 3144AC_ARG_WITH(bsd-auth, 3145 [ --with-bsd-auth Enable BSD auth support], 3146 [ 3147 if test "x$withval" != "xno" ; then 3148 AC_DEFINE(BSD_AUTH) 3149 BSD_AUTH_MSG=yes 3150 fi 3151 ] 3152) 3153 3154# Where to place sshd.pid 3155piddir=/var/run 3156# make sure the directory exists 3157if test ! -d $piddir ; then 3158 piddir=`eval echo ${sysconfdir}` 3159 case $piddir in 3160 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3161 esac 3162fi 3163 3164AC_ARG_WITH(pid-dir, 3165 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3166 [ 3167 if test -n "$withval" && test "x$withval" != "xno" && \ 3168 test "x${withval}" != "xyes"; then 3169 piddir=$withval 3170 if test ! -d $piddir ; then 3171 AC_MSG_WARN([** no $piddir directory on this system **]) 3172 fi 3173 fi 3174 ] 3175) 3176 3177AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir") 3178AC_SUBST(piddir) 3179 3180dnl allow user to disable some login recording features 3181AC_ARG_ENABLE(lastlog, 3182 [ --disable-lastlog disable use of lastlog even if detected [no]], 3183 [ 3184 if test "x$enableval" = "xno" ; then 3185 AC_DEFINE(DISABLE_LASTLOG) 3186 fi 3187 ] 3188) 3189AC_ARG_ENABLE(utmp, 3190 [ --disable-utmp disable use of utmp even if detected [no]], 3191 [ 3192 if test "x$enableval" = "xno" ; then 3193 AC_DEFINE(DISABLE_UTMP) 3194 fi 3195 ] 3196) 3197AC_ARG_ENABLE(utmpx, 3198 [ --disable-utmpx disable use of utmpx even if detected [no]], 3199 [ 3200 if test "x$enableval" = "xno" ; then 3201 AC_DEFINE(DISABLE_UTMPX) 3202 fi 3203 ] 3204) 3205AC_ARG_ENABLE(wtmp, 3206 [ --disable-wtmp disable use of wtmp even if detected [no]], 3207 [ 3208 if test "x$enableval" = "xno" ; then 3209 AC_DEFINE(DISABLE_WTMP) 3210 fi 3211 ] 3212) 3213AC_ARG_ENABLE(wtmpx, 3214 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3215 [ 3216 if test "x$enableval" = "xno" ; then 3217 AC_DEFINE(DISABLE_WTMPX) 3218 fi 3219 ] 3220) 3221AC_ARG_ENABLE(libutil, 3222 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3223 [ 3224 if test "x$enableval" = "xno" ; then 3225 AC_DEFINE(DISABLE_LOGIN) 3226 fi 3227 ] 3228) 3229AC_ARG_ENABLE(pututline, 3230 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3231 [ 3232 if test "x$enableval" = "xno" ; then 3233 AC_DEFINE(DISABLE_PUTUTLINE) 3234 fi 3235 ] 3236) 3237AC_ARG_ENABLE(pututxline, 3238 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3239 [ 3240 if test "x$enableval" = "xno" ; then 3241 AC_DEFINE(DISABLE_PUTUTXLINE) 3242 fi 3243 ] 3244) 3245AC_ARG_WITH(lastlog, 3246 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 3247 [ 3248 if test "x$withval" = "xno" ; then 3249 AC_DEFINE(DISABLE_LASTLOG) 3250 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3251 conf_lastlog_location=$withval 3252 fi 3253 ] 3254) 3255 3256dnl lastlog, [uw]tmpx? detection 3257dnl NOTE: set the paths in the platform section to avoid the 3258dnl need for command-line parameters 3259dnl lastlog and [uw]tmp are subject to a file search if all else fails 3260 3261dnl lastlog detection 3262dnl NOTE: the code itself will detect if lastlog is a directory 3263AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3264AC_TRY_COMPILE([ 3265#include <sys/types.h> 3266#include <utmp.h> 3267#ifdef HAVE_LASTLOG_H 3268# include <lastlog.h> 3269#endif 3270#ifdef HAVE_PATHS_H 3271# include <paths.h> 3272#endif 3273#ifdef HAVE_LOGIN_H 3274# include <login.h> 3275#endif 3276 ], 3277 [ char *lastlog = LASTLOG_FILE; ], 3278 [ AC_MSG_RESULT(yes) ], 3279 [ 3280 AC_MSG_RESULT(no) 3281 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3282 AC_TRY_COMPILE([ 3283#include <sys/types.h> 3284#include <utmp.h> 3285#ifdef HAVE_LASTLOG_H 3286# include <lastlog.h> 3287#endif 3288#ifdef HAVE_PATHS_H 3289# include <paths.h> 3290#endif 3291 ], 3292 [ char *lastlog = _PATH_LASTLOG; ], 3293 [ AC_MSG_RESULT(yes) ], 3294 [ 3295 AC_MSG_RESULT(no) 3296 system_lastlog_path=no 3297 ]) 3298 ] 3299) 3300 3301if test -z "$conf_lastlog_location"; then 3302 if test x"$system_lastlog_path" = x"no" ; then 3303 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3304 if (test -d "$f" || test -f "$f") ; then 3305 conf_lastlog_location=$f 3306 fi 3307 done 3308 if test -z "$conf_lastlog_location"; then 3309 AC_MSG_WARN([** Cannot find lastlog **]) 3310 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3311 fi 3312 fi 3313fi 3314 3315if test -n "$conf_lastlog_location"; then 3316 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location") 3317fi 3318 3319dnl utmp detection 3320AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3321AC_TRY_COMPILE([ 3322#include <sys/types.h> 3323#include <utmp.h> 3324#ifdef HAVE_PATHS_H 3325# include <paths.h> 3326#endif 3327 ], 3328 [ char *utmp = UTMP_FILE; ], 3329 [ AC_MSG_RESULT(yes) ], 3330 [ AC_MSG_RESULT(no) 3331 system_utmp_path=no ] 3332) 3333if test -z "$conf_utmp_location"; then 3334 if test x"$system_utmp_path" = x"no" ; then 3335 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3336 if test -f $f ; then 3337 conf_utmp_location=$f 3338 fi 3339 done 3340 if test -z "$conf_utmp_location"; then 3341 AC_DEFINE(DISABLE_UTMP) 3342 fi 3343 fi 3344fi 3345if test -n "$conf_utmp_location"; then 3346 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location") 3347fi 3348 3349dnl wtmp detection 3350AC_MSG_CHECKING([if your system defines WTMP_FILE]) 3351AC_TRY_COMPILE([ 3352#include <sys/types.h> 3353#include <utmp.h> 3354#ifdef HAVE_PATHS_H 3355# include <paths.h> 3356#endif 3357 ], 3358 [ char *wtmp = WTMP_FILE; ], 3359 [ AC_MSG_RESULT(yes) ], 3360 [ AC_MSG_RESULT(no) 3361 system_wtmp_path=no ] 3362) 3363if test -z "$conf_wtmp_location"; then 3364 if test x"$system_wtmp_path" = x"no" ; then 3365 for f in /usr/adm/wtmp /var/log/wtmp; do 3366 if test -f $f ; then 3367 conf_wtmp_location=$f 3368 fi 3369 done 3370 if test -z "$conf_wtmp_location"; then 3371 AC_DEFINE(DISABLE_WTMP) 3372 fi 3373 fi 3374fi 3375if test -n "$conf_wtmp_location"; then 3376 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location") 3377fi 3378 3379 3380dnl utmpx detection - I don't know any system so perverse as to require 3381dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 3382dnl there, though. 3383AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 3384AC_TRY_COMPILE([ 3385#include <sys/types.h> 3386#include <utmp.h> 3387#ifdef HAVE_UTMPX_H 3388#include <utmpx.h> 3389#endif 3390#ifdef HAVE_PATHS_H 3391# include <paths.h> 3392#endif 3393 ], 3394 [ char *utmpx = UTMPX_FILE; ], 3395 [ AC_MSG_RESULT(yes) ], 3396 [ AC_MSG_RESULT(no) 3397 system_utmpx_path=no ] 3398) 3399if test -z "$conf_utmpx_location"; then 3400 if test x"$system_utmpx_path" = x"no" ; then 3401 AC_DEFINE(DISABLE_UTMPX) 3402 fi 3403else 3404 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location") 3405fi 3406 3407dnl wtmpx detection 3408AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 3409AC_TRY_COMPILE([ 3410#include <sys/types.h> 3411#include <utmp.h> 3412#ifdef HAVE_UTMPX_H 3413#include <utmpx.h> 3414#endif 3415#ifdef HAVE_PATHS_H 3416# include <paths.h> 3417#endif 3418 ], 3419 [ char *wtmpx = WTMPX_FILE; ], 3420 [ AC_MSG_RESULT(yes) ], 3421 [ AC_MSG_RESULT(no) 3422 system_wtmpx_path=no ] 3423) 3424if test -z "$conf_wtmpx_location"; then 3425 if test x"$system_wtmpx_path" = x"no" ; then 3426 AC_DEFINE(DISABLE_WTMPX) 3427 fi 3428else 3429 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location") 3430fi 3431 3432 3433if test ! -z "$blibpath" ; then 3434 LDFLAGS="$LDFLAGS $blibflags$blibpath" 3435 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 3436fi 3437 3438dnl remove pam and dl because they are in $LIBPAM 3439if test "$PAM_MSG" = yes ; then 3440 LIBS=`echo $LIBS | sed 's/-lpam //'` 3441fi 3442if test "$ac_cv_lib_pam_pam_set_item" = yes ; then 3443 LIBS=`echo $LIBS | sed 's/-ldl //'` 3444fi 3445 3446dnl Adding -Werror to CFLAGS early prevents configure tests from running. 3447dnl Add now. 3448CFLAGS="$CFLAGS $werror_flags" 3449 3450AC_EXEEXT 3451AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \ 3452 scard/Makefile ssh_prng_cmds survey.sh]) 3453AC_OUTPUT 3454 3455# Print summary of options 3456 3457# Someone please show me a better way :) 3458A=`eval echo ${prefix}` ; A=`eval echo ${A}` 3459B=`eval echo ${bindir}` ; B=`eval echo ${B}` 3460C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 3461D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 3462E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 3463F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 3464G=`eval echo ${piddir}` ; G=`eval echo ${G}` 3465H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 3466I=`eval echo ${user_path}` ; I=`eval echo ${I}` 3467J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 3468 3469echo "" 3470echo "OpenSSH has been configured with the following options:" 3471echo " User binaries: $B" 3472echo " System binaries: $C" 3473echo " Configuration files: $D" 3474echo " Askpass program: $E" 3475echo " Manual pages: $F" 3476echo " PID file: $G" 3477echo " Privilege separation chroot path: $H" 3478if test "x$external_path_file" = "x/etc/login.conf" ; then 3479echo " At runtime, sshd will use the path defined in $external_path_file" 3480echo " Make sure the path to scp is present, otherwise scp will not work" 3481else 3482echo " sshd default user PATH: $I" 3483 if test ! -z "$external_path_file"; then 3484echo " (If PATH is set in $external_path_file it will be used instead. If" 3485echo " used, ensure the path to scp is present, otherwise scp will not work.)" 3486 fi 3487fi 3488if test ! -z "$superuser_path" ; then 3489echo " sshd superuser user PATH: $J" 3490fi 3491echo " Manpage format: $MANTYPE" 3492echo " PAM support: $PAM_MSG" 3493echo " KerberosV support: $KRB5_MSG" 3494echo " Smartcard support: $SCARD_MSG" 3495echo " S/KEY support: $SKEY_MSG" 3496echo " OPIE support: $OPIE_MSG" 3497echo " TCP Wrappers support: $TCPW_MSG" 3498echo " MD5 password support: $MD5_MSG" 3499echo " libedit support: $LIBEDIT_MSG" 3500echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 3501echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 3502echo " BSD Auth support: $BSD_AUTH_MSG" 3503echo " Random number source: $RAND_MSG" 3504if test ! -z "$USE_RAND_HELPER" ; then 3505echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 3506fi 3507 3508echo "" 3509 3510echo " Host: ${host}" 3511echo " Compiler: ${CC}" 3512echo " Compiler flags: ${CFLAGS}" 3513echo "Preprocessor flags: ${CPPFLAGS}" 3514echo " Linker flags: ${LDFLAGS}" 3515echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" 3516 3517echo "" 3518 3519if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 3520 echo "SVR4 style packages are supported with \"make package\"" 3521 echo "" 3522fi 3523 3524if test "x$PAM_MSG" = "xyes" ; then 3525 echo "PAM is enabled. You may need to install a PAM control file " 3526 echo "for sshd, otherwise password authentication may fail. " 3527 echo "Example PAM control files can be found in the contrib/ " 3528 echo "subdirectory" 3529 echo "" 3530fi 3531 3532if test ! -z "$RAND_HELPER_CMDHASH" ; then 3533 echo "WARNING: you are using the builtin random number collection " 3534 echo "service. Please read WARNING.RNG and request that your OS " 3535 echo "vendor includes kernel-based random number collection in " 3536 echo "future versions of your OS." 3537 echo "" 3538fi 3539 3540if test ! -z "$NO_PEERCHECK" ; then 3541 echo "WARNING: the operating system that you are using does not " 3542 echo "appear to support either the getpeereid() API nor the " 3543 echo "SO_PEERCRED getsockopt() option. These facilities are used to " 3544 echo "enforce security checks to prevent unauthorised connections to " 3545 echo "ssh-agent. Their absence increases the risk that a malicious " 3546 echo "user can connect to your agent. " 3547 echo "" 3548fi 3549 3550if test "$AUDIT_MODULE" = "bsm" ; then 3551 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 3552 echo "See the Solaris section in README.platform for details." 3553fi 3554