1# $Id: configure.ac,v 1.322 2006/01/29 13:22:39 dtucker Exp $ 2# $FreeBSD$ 3# 4# Copyright (c) 1999-2004 Damien Miller 5# 6# Permission to use, copy, modify, and distribute this software for any 7# purpose with or without fee is hereby granted, provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 18AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 19AC_CONFIG_SRCDIR([ssh.c]) 20 21AC_CONFIG_HEADER(config.h) 22AC_PROG_CC 23AC_CANONICAL_HOST 24AC_C_BIGENDIAN 25 26# Checks for programs. 27AC_PROG_AWK 28AC_PROG_CPP 29AC_PROG_RANLIB 30AC_PROG_INSTALL 31AC_PATH_PROG(AR, ar) 32AC_PATH_PROG(CAT, cat) 33AC_PATH_PROG(KILL, kill) 34AC_PATH_PROGS(PERL, perl5 perl) 35AC_PATH_PROG(SED, sed) 36AC_SUBST(PERL) 37AC_PATH_PROG(ENT, ent) 38AC_SUBST(ENT) 39AC_PATH_PROG(TEST_MINUS_S_SH, bash) 40AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 41AC_PATH_PROG(TEST_MINUS_S_SH, sh) 42AC_PATH_PROG(SH, sh) 43AC_SUBST(TEST_SHELL,sh) 44 45dnl for buildpkg.sh 46AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 47 [/usr/sbin${PATH_SEPARATOR}/etc]) 48AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 49 [/usr/sbin${PATH_SEPARATOR}/etc]) 50AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 51if test -x /sbin/sh; then 52 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 53else 54 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 55fi 56 57# System features 58AC_SYS_LARGEFILE 59 60if test -z "$AR" ; then 61 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 62fi 63 64# Use LOGIN_PROGRAM from environment if possible 65if test ! -z "$LOGIN_PROGRAM" ; then 66 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 67 [If your header files don't define LOGIN_PROGRAM, 68 then use this (detected) from environment and PATH]) 69else 70 # Search for login 71 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 72 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 73 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 74 fi 75fi 76 77AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 78if test ! -z "$PATH_PASSWD_PROG" ; then 79 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 80 [Full path of your "passwd" program]) 81fi 82 83if test -z "$LD" ; then 84 LD=$CC 85fi 86AC_SUBST(LD) 87 88AC_C_INLINE 89 90AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 91 92if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 93 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 94 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 95 case $GCC_VER in 96 1.*) ;; 97 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;; 98 2.*) ;; 99 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;; 100 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;; 101 *) ;; 102 esac 103 104 if test -z "$have_llong_max"; then 105 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 106 unset ac_cv_have_decl_LLONG_MAX 107 saved_CFLAGS="$CFLAGS" 108 CFLAGS="$CFLAGS -std=gnu99" 109 AC_CHECK_DECL(LLONG_MAX, 110 [have_llong_max=1], 111 [CFLAGS="$saved_CFLAGS"], 112 [#include <limits.h>] 113 ) 114 fi 115fi 116 117AC_ARG_WITH(rpath, 118 [ --without-rpath Disable auto-added -R linker paths], 119 [ 120 if test "x$withval" = "xno" ; then 121 need_dash_r="" 122 fi 123 if test "x$withval" = "xyes" ; then 124 need_dash_r=1 125 fi 126 ] 127) 128 129# Check for some target-specific stuff 130case "$host" in 131*-*-aix*) 132 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 133 if (test -z "$blibpath"); then 134 blibpath="/usr/lib:/lib" 135 fi 136 saved_LDFLAGS="$LDFLAGS" 137 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do 138 if (test -z "$blibflags"); then 139 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 140 AC_TRY_LINK([], [], [blibflags=$tryflags]) 141 fi 142 done 143 if (test -z "$blibflags"); then 144 AC_MSG_RESULT(not found) 145 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 146 else 147 AC_MSG_RESULT($blibflags) 148 fi 149 LDFLAGS="$saved_LDFLAGS" 150 dnl Check for authenticate. Might be in libs.a on older AIXes 151 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 152 [Define if you want to enable AIX4's authenticate function])], 153 [AC_CHECK_LIB(s,authenticate, 154 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 155 LIBS="$LIBS -ls" 156 ]) 157 ]) 158 dnl Check for various auth function declarations in headers. 159 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 160 passwdexpired, setauthdb], , , [#include <usersec.h>]) 161 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 162 AC_CHECK_DECLS(loginfailed, 163 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 164 AC_TRY_COMPILE( 165 [#include <usersec.h>], 166 [(void)loginfailed("user","host","tty",0);], 167 [AC_MSG_RESULT(yes) 168 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 169 [Define if your AIX loginfailed() function 170 takes 4 arguments (AIX >= 5.2)])], 171 [AC_MSG_RESULT(no)] 172 )], 173 [], 174 [#include <usersec.h>] 175 ) 176 AC_CHECK_FUNCS(setauthdb) 177 check_for_aix_broken_getaddrinfo=1 178 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 179 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 180 [Define if your platform breaks doing a seteuid before a setuid]) 181 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 182 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 183 dnl AIX handles lastlog as part of its login message 184 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 185 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 186 [Some systems need a utmpx entry for /bin/login to work]) 187 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 188 [Define to a Set Process Title type if your system is 189 supported by bsd-setproctitle.c]) 190 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 191 [AIX 5.2 and 5.3 (and presumably newer) require this]) 192 ;; 193*-*-cygwin*) 194 check_for_libcrypt_later=1 195 LIBS="$LIBS /usr/lib/textmode.o" 196 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 197 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 198 AC_DEFINE(DISABLE_SHADOW, 1, 199 [Define if you want to disable shadow passwords]) 200 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 201 [Define if your system choked on IP TOS setting]) 202 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 203 [Define if X11 doesn't support AF_UNIX sockets on that system]) 204 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 205 [Define if the concept of ports only accessible to 206 superusers isn't known]) 207 AC_DEFINE(DISABLE_FD_PASSING, 1, 208 [Define if your platform needs to skip post auth 209 file descriptor passing]) 210 ;; 211*-*-dgux*) 212 AC_DEFINE(IP_TOS_IS_BROKEN) 213 AC_DEFINE(SETEUID_BREAKS_SETUID) 214 AC_DEFINE(BROKEN_SETREUID) 215 AC_DEFINE(BROKEN_SETREGID) 216 ;; 217*-*-darwin*) 218 AC_MSG_CHECKING(if we have working getaddrinfo) 219 AC_TRY_RUN([#include <mach-o/dyld.h> 220main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 221 exit(0); 222 else 223 exit(1); 224}], [AC_MSG_RESULT(working)], 225 [AC_MSG_RESULT(buggy) 226 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 227 [AC_MSG_RESULT(assume it is working)]) 228 AC_DEFINE(SETEUID_BREAKS_SETUID) 229 AC_DEFINE(BROKEN_SETREUID) 230 AC_DEFINE(BROKEN_SETREGID) 231 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 232 [Define if your resolver libs need this for getrrsetbyname]) 233 ;; 234*-*-hpux*) 235 # first we define all of the options common to all HP-UX releases 236 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 237 IPADDR_IN_DISPLAY=yes 238 AC_DEFINE(USE_PIPES) 239 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 240 [Define if your login program cannot handle end of options ("--")]) 241 AC_DEFINE(LOGIN_NEEDS_UTMPX) 242 AC_DEFINE(LOCKED_PASSWD_STRING, "*", 243 [String used in /etc/passwd to denote locked account]) 244 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 245 MAIL="/var/mail/username" 246 LIBS="$LIBS -lsec" 247 AC_CHECK_LIB(xnet, t_error, , 248 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 249 250 # next, we define all of the options specific to major releases 251 case "$host" in 252 *-*-hpux10*) 253 if test -z "$GCC"; then 254 CFLAGS="$CFLAGS -Ae" 255 fi 256 ;; 257 *-*-hpux11*) 258 AC_DEFINE(PAM_SUN_CODEBASE, 1, 259 [Define if you are using Solaris-derived PAM which 260 passes pam_messages to the conversation function 261 with an extra level of indirection]) 262 AC_DEFINE(DISABLE_UTMP, 1, 263 [Define if you don't want to use utmp]) 264 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 265 check_for_hpux_broken_getaddrinfo=1 266 check_for_conflicting_getspnam=1 267 ;; 268 esac 269 270 # lastly, we define options specific to minor releases 271 case "$host" in 272 *-*-hpux10.26) 273 AC_DEFINE(HAVE_SECUREWARE, 1, 274 [Define if you have SecureWare-based 275 protected password database]) 276 disable_ptmx_check=yes 277 LIBS="$LIBS -lsecpw" 278 ;; 279 esac 280 ;; 281*-*-irix5*) 282 PATH="$PATH:/usr/etc" 283 AC_DEFINE(BROKEN_INET_NTOA, 1, 284 [Define if you system's inet_ntoa is busted 285 (e.g. Irix gcc issue)]) 286 AC_DEFINE(SETEUID_BREAKS_SETUID) 287 AC_DEFINE(BROKEN_SETREUID) 288 AC_DEFINE(BROKEN_SETREGID) 289 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 290 [Define if you shouldn't strip 'tty' from your 291 ttyname in [uw]tmp]) 292 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 293 ;; 294*-*-irix6*) 295 PATH="$PATH:/usr/etc" 296 AC_DEFINE(WITH_IRIX_ARRAY, 1, 297 [Define if you have/want arrays 298 (cluster-wide session managment, not C arrays)]) 299 AC_DEFINE(WITH_IRIX_PROJECT, 1, 300 [Define if you want IRIX project management]) 301 AC_DEFINE(WITH_IRIX_AUDIT, 1, 302 [Define if you want IRIX audit trails]) 303 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 304 [Define if you want IRIX kernel jobs])]) 305 AC_DEFINE(BROKEN_INET_NTOA) 306 AC_DEFINE(SETEUID_BREAKS_SETUID) 307 AC_DEFINE(BROKEN_SETREUID) 308 AC_DEFINE(BROKEN_SETREGID) 309 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 310 AC_DEFINE(WITH_ABBREV_NO_TTY) 311 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 312 ;; 313*-*-linux*) 314 no_dev_ptmx=1 315 check_for_libcrypt_later=1 316 check_for_openpty_ctty_bug=1 317 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks]) 318 AC_DEFINE(PAM_TTY_KLUDGE, 1, 319 [Work around problematic Linux PAM modules handling of PAM_TTY]) 320 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 321 [String used in /etc/passwd to denote locked account]) 322 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 323 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 324 [Define to whatever link() returns for "not supported" 325 if it doesn't return EOPNOTSUPP.]) 326 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 327 AC_DEFINE(USE_BTMP) 328 inet6_default_4in6=yes 329 case `uname -r` in 330 1.*|2.0.*) 331 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 332 [Define if cmsg_type is not passed correctly]) 333 ;; 334 esac 335 # tun(4) forwarding compat code 336 AC_CHECK_HEADERS(linux/if_tun.h) 337 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 338 AC_DEFINE(SSH_TUN_LINUX, 1, 339 [Open tunnel devices the Linux tun/tap way]) 340 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 341 [Use tunnel device compatibility to OpenBSD]) 342 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 343 [Prepend the address family to IP tunnel traffic]) 344 fi 345 ;; 346mips-sony-bsd|mips-sony-newsos4) 347 AC_DEFINE(NEED_SETPRGP, 1, [Need setpgrp to acquire controlling tty]) 348 SONY=1 349 ;; 350*-*-netbsd*) 351 check_for_libcrypt_before=1 352 if test "x$withval" != "xno" ; then 353 need_dash_r=1 354 fi 355 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 356 AC_CHECK_HEADER([net/if_tap.h], , 357 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 358 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 359 [Prepend the address family to IP tunnel traffic]) 360 ;; 361*-*-freebsd*) 362 check_for_libcrypt_later=1 363 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)]) 364 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 365 AC_CHECK_HEADER([net/if_tap.h], , 366 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 367 ;; 368*-*-bsdi*) 369 AC_DEFINE(SETEUID_BREAKS_SETUID) 370 AC_DEFINE(BROKEN_SETREUID) 371 AC_DEFINE(BROKEN_SETREGID) 372 ;; 373*-next-*) 374 conf_lastlog_location="/usr/adm/lastlog" 375 conf_utmp_location=/etc/utmp 376 conf_wtmp_location=/usr/adm/wtmp 377 MAIL=/usr/spool/mail 378 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 379 AC_DEFINE(BROKEN_REALPATH) 380 AC_DEFINE(USE_PIPES) 381 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 382 ;; 383*-*-openbsd*) 384 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 385 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 386 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 387 ;; 388*-*-solaris*) 389 if test "x$withval" != "xno" ; then 390 need_dash_r=1 391 fi 392 AC_DEFINE(PAM_SUN_CODEBASE) 393 AC_DEFINE(LOGIN_NEEDS_UTMPX) 394 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 395 [Some versions of /bin/login need the TERM supplied 396 on the commandline]) 397 AC_DEFINE(PAM_TTY_KLUDGE) 398 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 399 [Define if pam_chauthtok wants real uid set 400 to the unpriv'ed user]) 401 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 402 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 403 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 404 [Define if sshd somehow reacquires a controlling TTY 405 after setsid()]) 406 external_path_file=/etc/default/login 407 # hardwire lastlog location (can't detect it on some versions) 408 conf_lastlog_location="/var/adm/lastlog" 409 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 410 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 411 if test "$sol2ver" -ge 8; then 412 AC_MSG_RESULT(yes) 413 AC_DEFINE(DISABLE_UTMP) 414 AC_DEFINE(DISABLE_WTMP, 1, 415 [Define if you don't want to use wtmp]) 416 else 417 AC_MSG_RESULT(no) 418 fi 419 ;; 420*-*-sunos4*) 421 CPPFLAGS="$CPPFLAGS -DSUNOS4" 422 AC_CHECK_FUNCS(getpwanam) 423 AC_DEFINE(PAM_SUN_CODEBASE) 424 conf_utmp_location=/etc/utmp 425 conf_wtmp_location=/var/adm/wtmp 426 conf_lastlog_location=/var/adm/lastlog 427 AC_DEFINE(USE_PIPES) 428 ;; 429*-ncr-sysv*) 430 LIBS="$LIBS -lc89" 431 AC_DEFINE(USE_PIPES) 432 AC_DEFINE(SSHD_ACQUIRES_CTTY) 433 AC_DEFINE(SETEUID_BREAKS_SETUID) 434 AC_DEFINE(BROKEN_SETREUID) 435 AC_DEFINE(BROKEN_SETREGID) 436 ;; 437*-sni-sysv*) 438 # /usr/ucblib MUST NOT be searched on ReliantUNIX 439 AC_CHECK_LIB(dl, dlsym, ,) 440 # -lresolv needs to be at the end of LIBS or DNS lookups break 441 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 442 IPADDR_IN_DISPLAY=yes 443 AC_DEFINE(USE_PIPES) 444 AC_DEFINE(IP_TOS_IS_BROKEN) 445 AC_DEFINE(SETEUID_BREAKS_SETUID) 446 AC_DEFINE(BROKEN_SETREUID) 447 AC_DEFINE(BROKEN_SETREGID) 448 AC_DEFINE(SSHD_ACQUIRES_CTTY) 449 external_path_file=/etc/default/login 450 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 451 # Attention: always take care to bind libsocket and libnsl before libc, 452 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 453 ;; 454# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 455*-*-sysv4.2*) 456 CFLAGS="$CFLAGS -Dva_list=_VA_LIST" 457 AC_DEFINE(USE_PIPES) 458 AC_DEFINE(SETEUID_BREAKS_SETUID) 459 AC_DEFINE(BROKEN_SETREUID) 460 AC_DEFINE(BROKEN_SETREGID) 461 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 462 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 463 ;; 464# UnixWare 7.x, OpenUNIX 8 465*-*-sysv5*) 466 check_for_libcrypt_later=1 467 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 468 AC_DEFINE(USE_PIPES) 469 AC_DEFINE(SETEUID_BREAKS_SETUID) 470 AC_DEFINE(BROKEN_SETREUID) 471 AC_DEFINE(BROKEN_SETREGID) 472 AC_DEFINE(PASSWD_NEEDS_USERNAME) 473 case "$host" in 474 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 475 TEST_SHELL=/u95/bin/sh 476 AC_DEFINE(BROKEN_LIBIAF, 1, 477 [ia_uinfo routines not supported by OS yet]) 478 ;; 479 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 480 ;; 481 esac 482 ;; 483*-*-sysv*) 484 ;; 485# SCO UNIX and OEM versions of SCO UNIX 486*-*-sco3.2v4*) 487 AC_MSG_ERROR("This Platform is no longer supported.") 488 ;; 489# SCO OpenServer 5.x 490*-*-sco3.2v5*) 491 if test -z "$GCC"; then 492 CFLAGS="$CFLAGS -belf" 493 fi 494 LIBS="$LIBS -lprot -lx -ltinfo -lm" 495 no_dev_ptmx=1 496 AC_DEFINE(USE_PIPES) 497 AC_DEFINE(HAVE_SECUREWARE) 498 AC_DEFINE(DISABLE_SHADOW) 499 AC_DEFINE(DISABLE_FD_PASSING) 500 AC_DEFINE(SETEUID_BREAKS_SETUID) 501 AC_DEFINE(BROKEN_SETREUID) 502 AC_DEFINE(BROKEN_SETREGID) 503 AC_DEFINE(WITH_ABBREV_NO_TTY) 504 AC_DEFINE(BROKEN_UPDWTMPX) 505 AC_DEFINE(PASSWD_NEEDS_USERNAME) 506 AC_CHECK_FUNCS(getluid setluid) 507 MANTYPE=man 508 TEST_SHELL=ksh 509 ;; 510*-*-unicosmk*) 511 AC_DEFINE(NO_SSH_LASTLOG, 1, 512 [Define if you don't want to use lastlog in session.c]) 513 AC_DEFINE(SETEUID_BREAKS_SETUID) 514 AC_DEFINE(BROKEN_SETREUID) 515 AC_DEFINE(BROKEN_SETREGID) 516 AC_DEFINE(USE_PIPES) 517 AC_DEFINE(DISABLE_FD_PASSING) 518 LDFLAGS="$LDFLAGS" 519 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 520 MANTYPE=cat 521 ;; 522*-*-unicosmp*) 523 AC_DEFINE(SETEUID_BREAKS_SETUID) 524 AC_DEFINE(BROKEN_SETREUID) 525 AC_DEFINE(BROKEN_SETREGID) 526 AC_DEFINE(WITH_ABBREV_NO_TTY) 527 AC_DEFINE(USE_PIPES) 528 AC_DEFINE(DISABLE_FD_PASSING) 529 LDFLAGS="$LDFLAGS" 530 LIBS="$LIBS -lgen -lacid -ldb" 531 MANTYPE=cat 532 ;; 533*-*-unicos*) 534 AC_DEFINE(SETEUID_BREAKS_SETUID) 535 AC_DEFINE(BROKEN_SETREUID) 536 AC_DEFINE(BROKEN_SETREGID) 537 AC_DEFINE(USE_PIPES) 538 AC_DEFINE(DISABLE_FD_PASSING) 539 AC_DEFINE(NO_SSH_LASTLOG) 540 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 541 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 542 MANTYPE=cat 543 ;; 544*-dec-osf*) 545 AC_MSG_CHECKING(for Digital Unix SIA) 546 no_osfsia="" 547 AC_ARG_WITH(osfsia, 548 [ --with-osfsia Enable Digital Unix SIA], 549 [ 550 if test "x$withval" = "xno" ; then 551 AC_MSG_RESULT(disabled) 552 no_osfsia=1 553 fi 554 ], 555 ) 556 if test -z "$no_osfsia" ; then 557 if test -f /etc/sia/matrix.conf; then 558 AC_MSG_RESULT(yes) 559 AC_DEFINE(HAVE_OSF_SIA, 1, 560 [Define if you have Digital Unix Security 561 Integration Architecture]) 562 AC_DEFINE(DISABLE_LOGIN, 1, 563 [Define if you don't want to use your 564 system's login() call]) 565 AC_DEFINE(DISABLE_FD_PASSING) 566 LIBS="$LIBS -lsecurity -ldb -lm -laud" 567 else 568 AC_MSG_RESULT(no) 569 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 570 [String used in /etc/passwd to denote locked account]) 571 fi 572 fi 573 AC_DEFINE(BROKEN_GETADDRINFO) 574 AC_DEFINE(SETEUID_BREAKS_SETUID) 575 AC_DEFINE(BROKEN_SETREUID) 576 AC_DEFINE(BROKEN_SETREGID) 577 ;; 578 579*-*-nto-qnx) 580 AC_DEFINE(USE_PIPES) 581 AC_DEFINE(NO_X11_UNIX_SOCKETS) 582 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems]) 583 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems]) 584 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems]) 585 ;; 586 587*-*-ultrix*) 588 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 589 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 590 AC_DEFINE(NEED_SETPRGP) 591 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 592 ;; 593 594*-*-lynxos) 595 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 596 AC_DEFINE(MISSING_HOWMANY) 597 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 598 ;; 599esac 600 601# Allow user to specify flags 602AC_ARG_WITH(cflags, 603 [ --with-cflags Specify additional flags to pass to compiler], 604 [ 605 if test -n "$withval" && test "x$withval" != "xno" && \ 606 test "x${withval}" != "xyes"; then 607 CFLAGS="$CFLAGS $withval" 608 fi 609 ] 610) 611AC_ARG_WITH(cppflags, 612 [ --with-cppflags Specify additional flags to pass to preprocessor] , 613 [ 614 if test -n "$withval" && test "x$withval" != "xno" && \ 615 test "x${withval}" != "xyes"; then 616 CPPFLAGS="$CPPFLAGS $withval" 617 fi 618 ] 619) 620AC_ARG_WITH(ldflags, 621 [ --with-ldflags Specify additional flags to pass to linker], 622 [ 623 if test -n "$withval" && test "x$withval" != "xno" && \ 624 test "x${withval}" != "xyes"; then 625 LDFLAGS="$LDFLAGS $withval" 626 fi 627 ] 628) 629AC_ARG_WITH(libs, 630 [ --with-libs Specify additional libraries to link with], 631 [ 632 if test -n "$withval" && test "x$withval" != "xno" && \ 633 test "x${withval}" != "xyes"; then 634 LIBS="$LIBS $withval" 635 fi 636 ] 637) 638AC_ARG_WITH(Werror, 639 [ --with-Werror Build main code with -Werror], 640 [ 641 if test -n "$withval" && test "x$withval" != "xno"; then 642 werror_flags="-Werror" 643 if test "x${withval}" != "xyes"; then 644 werror_flags="$withval" 645 fi 646 fi 647 ] 648) 649 650AC_MSG_CHECKING(compiler and flags for sanity) 651AC_RUN_IFELSE( 652 [AC_LANG_SOURCE([ 653#include <stdio.h> 654int main(){exit(0);} 655 ])], 656 [ AC_MSG_RESULT(yes) ], 657 [ 658 AC_MSG_RESULT(no) 659 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 660 ], 661 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 662) 663 664dnl Checks for header files. 665AC_CHECK_HEADERS( \ 666 bstring.h \ 667 crypt.h \ 668 dirent.h \ 669 endian.h \ 670 features.h \ 671 floatingpoint.h \ 672 getopt.h \ 673 glob.h \ 674 ia.h \ 675 iaf.h \ 676 lastlog.h \ 677 limits.h \ 678 login.h \ 679 login_cap.h \ 680 maillock.h \ 681 ndir.h \ 682 net/if.h \ 683 netdb.h \ 684 netgroup.h \ 685 netinet/in_systm.h \ 686 pam/pam_appl.h \ 687 paths.h \ 688 pty.h \ 689 readpassphrase.h \ 690 rpc/types.h \ 691 security/pam_appl.h \ 692 shadow.h \ 693 stddef.h \ 694 stdint.h \ 695 string.h \ 696 strings.h \ 697 sys/audit.h \ 698 sys/bitypes.h \ 699 sys/bsdtty.h \ 700 sys/cdefs.h \ 701 sys/dir.h \ 702 sys/mman.h \ 703 sys/ndir.h \ 704 sys/prctl.h \ 705 sys/pstat.h \ 706 sys/select.h \ 707 sys/stat.h \ 708 sys/stream.h \ 709 sys/stropts.h \ 710 sys/strtio.h \ 711 sys/sysmacros.h \ 712 sys/time.h \ 713 sys/timers.h \ 714 sys/un.h \ 715 time.h \ 716 tmpdir.h \ 717 ttyent.h \ 718 unistd.h \ 719 usersec.h \ 720 util.h \ 721 utime.h \ 722 utmp.h \ 723 utmpx.h \ 724 vis.h \ 725) 726 727# sys/ptms.h requires sys/stream.h to be included first on Solaris 728AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 729#ifdef HAVE_SYS_STREAM_H 730# include <sys/stream.h> 731#endif 732]) 733 734# Checks for libraries. 735AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 736AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 737 738dnl IRIX and Solaris 2.5.1 have dirname() in libgen 739AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 740 AC_CHECK_LIB(gen, dirname,[ 741 AC_CACHE_CHECK([for broken dirname], 742 ac_cv_have_broken_dirname, [ 743 save_LIBS="$LIBS" 744 LIBS="$LIBS -lgen" 745 AC_RUN_IFELSE( 746 [AC_LANG_SOURCE([[ 747#include <libgen.h> 748#include <string.h> 749 750int main(int argc, char **argv) { 751 char *s, buf[32]; 752 753 strncpy(buf,"/etc", 32); 754 s = dirname(buf); 755 if (!s || strncmp(s, "/", 32) != 0) { 756 exit(1); 757 } else { 758 exit(0); 759 } 760} 761 ]])], 762 [ ac_cv_have_broken_dirname="no" ], 763 [ ac_cv_have_broken_dirname="yes" ], 764 [ ac_cv_have_broken_dirname="no" ], 765 ) 766 LIBS="$save_LIBS" 767 ]) 768 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 769 LIBS="$LIBS -lgen" 770 AC_DEFINE(HAVE_DIRNAME) 771 AC_CHECK_HEADERS(libgen.h) 772 fi 773 ]) 774]) 775 776AC_CHECK_FUNC(getspnam, , 777 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 778AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 779 [Define if you have the basename function.])) 780 781dnl zlib is required 782AC_ARG_WITH(zlib, 783 [ --with-zlib=PATH Use zlib in PATH], 784 [ if test "x$withval" = "xno" ; then 785 AC_MSG_ERROR([*** zlib is required ***]) 786 elif test "x$withval" != "xyes"; then 787 if test -d "$withval/lib"; then 788 if test -n "${need_dash_r}"; then 789 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 790 else 791 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 792 fi 793 else 794 if test -n "${need_dash_r}"; then 795 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 796 else 797 LDFLAGS="-L${withval} ${LDFLAGS}" 798 fi 799 fi 800 if test -d "$withval/include"; then 801 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 802 else 803 CPPFLAGS="-I${withval} ${CPPFLAGS}" 804 fi 805 fi ] 806) 807 808AC_CHECK_LIB(z, deflate, , 809 [ 810 saved_CPPFLAGS="$CPPFLAGS" 811 saved_LDFLAGS="$LDFLAGS" 812 save_LIBS="$LIBS" 813 dnl Check default zlib install dir 814 if test -n "${need_dash_r}"; then 815 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 816 else 817 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 818 fi 819 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 820 LIBS="$LIBS -lz" 821 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 822 [ 823 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 824 ] 825 ) 826 ] 827) 828AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 829 830AC_ARG_WITH(zlib-version-check, 831 [ --without-zlib-version-check Disable zlib version check], 832 [ if test "x$withval" = "xno" ; then 833 zlib_check_nonfatal=1 834 fi 835 ] 836) 837 838AC_MSG_CHECKING(for possibly buggy zlib) 839AC_RUN_IFELSE([AC_LANG_SOURCE([[ 840#include <stdio.h> 841#include <zlib.h> 842int main() 843{ 844 int a=0, b=0, c=0, d=0, n, v; 845 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 846 if (n != 3 && n != 4) 847 exit(1); 848 v = a*1000000 + b*10000 + c*100 + d; 849 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 850 851 /* 1.1.4 is OK */ 852 if (a == 1 && b == 1 && c >= 4) 853 exit(0); 854 855 /* 1.2.3 and up are OK */ 856 if (v >= 1020300) 857 exit(0); 858 859 exit(2); 860} 861 ]])], 862 AC_MSG_RESULT(no), 863 [ AC_MSG_RESULT(yes) 864 if test -z "$zlib_check_nonfatal" ; then 865 AC_MSG_ERROR([*** zlib too old - check config.log *** 866Your reported zlib version has known security problems. It's possible your 867vendor has fixed these problems without changing the version number. If you 868are sure this is the case, you can disable the check by running 869"./configure --without-zlib-version-check". 870If you are in doubt, upgrade zlib to version 1.2.3 or greater. 871See http://www.gzip.org/zlib/ for details.]) 872 else 873 AC_MSG_WARN([zlib version may have security problems]) 874 fi 875 ], 876 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 877) 878 879dnl UnixWare 2.x 880AC_CHECK_FUNC(strcasecmp, 881 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 882) 883AC_CHECK_FUNCS(utimes, 884 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 885 LIBS="$LIBS -lc89"]) ] 886) 887 888dnl Checks for libutil functions 889AC_CHECK_HEADERS(libutil.h) 890AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 891 [Define if your libraries define login()])]) 892AC_CHECK_FUNCS(logout updwtmp logwtmp) 893 894AC_FUNC_STRFTIME 895 896# Check for ALTDIRFUNC glob() extension 897AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 898AC_EGREP_CPP(FOUNDIT, 899 [ 900 #include <glob.h> 901 #ifdef GLOB_ALTDIRFUNC 902 FOUNDIT 903 #endif 904 ], 905 [ 906 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 907 [Define if your system glob() function has 908 the GLOB_ALTDIRFUNC extension]) 909 AC_MSG_RESULT(yes) 910 ], 911 [ 912 AC_MSG_RESULT(no) 913 ] 914) 915 916# Check for g.gl_matchc glob() extension 917AC_MSG_CHECKING(for gl_matchc field in glob_t) 918AC_EGREP_CPP(FOUNDIT, 919 [ 920 #include <glob.h> 921 int main(void){glob_t g; g.gl_matchc = 1;} 922 ], 923 [ 924 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 925 [Define if your system glob() function has 926 gl_matchc options in glob_t]) 927 AC_MSG_RESULT(yes) 928 ], 929 [ 930 AC_MSG_RESULT(no) 931 ] 932) 933 934AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 935AC_RUN_IFELSE( 936 [AC_LANG_SOURCE([[ 937#include <sys/types.h> 938#include <dirent.h> 939int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 940 ]])], 941 [AC_MSG_RESULT(yes)], 942 [ 943 AC_MSG_RESULT(no) 944 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 945 [Define if your struct dirent expects you to 946 allocate extra space for d_name]) 947 ], 948 [ 949 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 950 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 951 ] 952) 953 954AC_MSG_CHECKING([for /proc/pid/fd directory]) 955if test -d "/proc/$$/fd" ; then 956 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 957 AC_MSG_RESULT(yes) 958else 959 AC_MSG_RESULT(no) 960fi 961 962# Check whether user wants S/Key support 963SKEY_MSG="no" 964AC_ARG_WITH(skey, 965 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 966 [ 967 if test "x$withval" != "xno" ; then 968 969 if test "x$withval" != "xyes" ; then 970 CPPFLAGS="$CPPFLAGS -I${withval}/include" 971 LDFLAGS="$LDFLAGS -L${withval}/lib" 972 fi 973 974 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 975 LIBS="-lskey $LIBS" 976 SKEY_MSG="yes" 977 978 AC_MSG_CHECKING([for s/key support]) 979 AC_LINK_IFELSE( 980 [AC_LANG_SOURCE([[ 981#include <stdio.h> 982#include <skey.h> 983int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 984 ]])], 985 [AC_MSG_RESULT(yes)], 986 [ 987 AC_MSG_RESULT(no) 988 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 989 ]) 990 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 991 AC_TRY_COMPILE( 992 [#include <stdio.h> 993 #include <skey.h>], 994 [(void)skeychallenge(NULL,"name","",0);], 995 [AC_MSG_RESULT(yes) 996 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 997 [Define if your skeychallenge() 998 function takes 4 arguments (NetBSD)])], 999 [AC_MSG_RESULT(no)] 1000 ) 1001 fi 1002 ] 1003) 1004 1005# Check whether user wants OPIE support 1006OPIE_MSG="no" 1007AC_ARG_WITH(opie, 1008 [ --with-opie[[=PATH]] Enable OPIE support 1009 (optionally in PATH)], 1010 [ 1011 if test "x$withval" != "xno" ; then 1012 1013 if test "x$withval" != "xyes" ; then 1014 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1015 LDFLAGS="$LDFLAGS -L${withval}/lib" 1016 fi 1017 1018 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1019 AC_DEFINE(OPIE, 1, [Define if S/Key is actually OPIE]) 1020 LIBS="-lopie $LIBS" 1021 OPIE_MSG="yes" 1022 1023 AC_MSG_CHECKING([for opie support]) 1024 AC_TRY_RUN( 1025 [ 1026#include <sys/types.h> 1027#include <stdio.h> 1028#include <opie.h> 1029int main() { char *ff = opie_keyinfo(""); ff=""; return 0; } 1030 ], 1031 [AC_MSG_RESULT(yes)], 1032 [ 1033 AC_MSG_RESULT(no) 1034 AC_MSG_ERROR([** Incomplete or missing opie libraries.]) 1035 ]) 1036 fi 1037 ] 1038) 1039 1040# Check whether user wants TCP wrappers support 1041TCPW_MSG="no" 1042AC_ARG_WITH(tcp-wrappers, 1043 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1044 [ 1045 if test "x$withval" != "xno" ; then 1046 saved_LIBS="$LIBS" 1047 saved_LDFLAGS="$LDFLAGS" 1048 saved_CPPFLAGS="$CPPFLAGS" 1049 if test -n "${withval}" && \ 1050 test "x${withval}" != "xyes"; then 1051 if test -d "${withval}/lib"; then 1052 if test -n "${need_dash_r}"; then 1053 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1054 else 1055 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1056 fi 1057 else 1058 if test -n "${need_dash_r}"; then 1059 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1060 else 1061 LDFLAGS="-L${withval} ${LDFLAGS}" 1062 fi 1063 fi 1064 if test -d "${withval}/include"; then 1065 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1066 else 1067 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1068 fi 1069 fi 1070 LIBWRAP="-lwrap" 1071 LIBS="$LIBWRAP $LIBS" 1072 AC_MSG_CHECKING(for libwrap) 1073 AC_TRY_LINK( 1074 [ 1075#include <sys/types.h> 1076#include <sys/socket.h> 1077#include <netinet/in.h> 1078#include <tcpd.h> 1079 int deny_severity = 0, allow_severity = 0; 1080 ], 1081 [hosts_access(0);], 1082 [ 1083 AC_MSG_RESULT(yes) 1084 AC_DEFINE(LIBWRAP, 1, 1085 [Define if you want 1086 TCP Wrappers support]) 1087 AC_SUBST(LIBWRAP) 1088 TCPW_MSG="yes" 1089 ], 1090 [ 1091 AC_MSG_ERROR([*** libwrap missing]) 1092 ] 1093 ) 1094 LIBS="$saved_LIBS" 1095 fi 1096 ] 1097) 1098 1099# Check whether user wants libedit support 1100LIBEDIT_MSG="no" 1101AC_ARG_WITH(libedit, 1102 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1103 [ if test "x$withval" != "xno" ; then 1104 if test "x$withval" != "xyes"; then 1105 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1106 if test -n "${need_dash_r}"; then 1107 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1108 else 1109 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1110 fi 1111 fi 1112 AC_CHECK_LIB(edit, el_init, 1113 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1114 LIBEDIT="-ledit -lcurses" 1115 LIBEDIT_MSG="yes" 1116 AC_SUBST(LIBEDIT) 1117 ], 1118 [ AC_MSG_ERROR(libedit not found) ], 1119 [ -lcurses ] 1120 ) 1121 AC_MSG_CHECKING(if libedit version is compatible) 1122 AC_COMPILE_IFELSE( 1123 [AC_LANG_SOURCE([[ 1124#include <histedit.h> 1125int main(void) 1126{ 1127 int i = H_SETSIZE; 1128 el_init("", NULL, NULL, NULL); 1129 exit(0); 1130} 1131 ]])], 1132 [ AC_MSG_RESULT(yes) ], 1133 [ AC_MSG_RESULT(no) 1134 AC_MSG_ERROR(libedit version is not compatible) ] 1135 ) 1136 fi ] 1137) 1138 1139AUDIT_MODULE=none 1140AC_ARG_WITH(audit, 1141 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1142 [ 1143 AC_MSG_CHECKING(for supported audit module) 1144 case "$withval" in 1145 bsm) 1146 AC_MSG_RESULT(bsm) 1147 AUDIT_MODULE=bsm 1148 dnl Checks for headers, libs and functions 1149 AC_CHECK_HEADERS(bsm/audit.h, [], 1150 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)]) 1151 AC_CHECK_LIB(bsm, getaudit, [], 1152 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1153 AC_CHECK_FUNCS(getaudit, [], 1154 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1155 # These are optional 1156 AC_CHECK_FUNCS(getaudit_addr) 1157 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1158 ;; 1159 debug) 1160 AUDIT_MODULE=debug 1161 AC_MSG_RESULT(debug) 1162 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1163 ;; 1164 no) 1165 AC_MSG_RESULT(no) 1166 ;; 1167 *) 1168 AC_MSG_ERROR([Unknown audit module $withval]) 1169 ;; 1170 esac ] 1171) 1172 1173dnl Checks for library functions. Please keep in alphabetical order 1174AC_CHECK_FUNCS( \ 1175 arc4random \ 1176 asprintf \ 1177 b64_ntop \ 1178 __b64_ntop \ 1179 b64_pton \ 1180 __b64_pton \ 1181 bcopy \ 1182 bindresvport_sa \ 1183 clock \ 1184 closefrom \ 1185 dirfd \ 1186 fchmod \ 1187 fchown \ 1188 freeaddrinfo \ 1189 futimes \ 1190 getaddrinfo \ 1191 getcwd \ 1192 getgrouplist \ 1193 getnameinfo \ 1194 getopt \ 1195 getpeereid \ 1196 _getpty \ 1197 getrlimit \ 1198 getttyent \ 1199 glob \ 1200 inet_aton \ 1201 inet_ntoa \ 1202 inet_ntop \ 1203 innetgr \ 1204 login_getcapbool \ 1205 md5_crypt \ 1206 memmove \ 1207 mkdtemp \ 1208 mmap \ 1209 ngetaddrinfo \ 1210 nsleep \ 1211 ogetaddrinfo \ 1212 openlog_r \ 1213 openpty \ 1214 prctl \ 1215 pstat \ 1216 readpassphrase \ 1217 realpath \ 1218 recvmsg \ 1219 rresvport_af \ 1220 sendmsg \ 1221 setdtablesize \ 1222 setegid \ 1223 setenv \ 1224 seteuid \ 1225 setgroups \ 1226 setlogin \ 1227 setpcred \ 1228 setproctitle \ 1229 setregid \ 1230 setreuid \ 1231 setrlimit \ 1232 setsid \ 1233 setvbuf \ 1234 sigaction \ 1235 sigvec \ 1236 snprintf \ 1237 socketpair \ 1238 strdup \ 1239 strerror \ 1240 strlcat \ 1241 strlcpy \ 1242 strmode \ 1243 strnvis \ 1244 strtonum \ 1245 strtoll \ 1246 strtoul \ 1247 sysconf \ 1248 tcgetpgrp \ 1249 truncate \ 1250 unsetenv \ 1251 updwtmpx \ 1252 vasprintf \ 1253 vhangup \ 1254 vsnprintf \ 1255 waitpid \ 1256) 1257 1258# IRIX has a const char return value for gai_strerror() 1259AC_CHECK_FUNCS(gai_strerror,[ 1260 AC_DEFINE(HAVE_GAI_STRERROR) 1261 AC_TRY_COMPILE([ 1262#include <sys/types.h> 1263#include <sys/socket.h> 1264#include <netdb.h> 1265 1266const char *gai_strerror(int);],[ 1267char *str; 1268 1269str = gai_strerror(0);],[ 1270 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1271 [Define if gai_strerror() returns const char *])])]) 1272 1273AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1274 [Some systems put nanosleep outside of libc])) 1275 1276dnl Make sure prototypes are defined for these before using them. 1277AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1278AC_CHECK_DECL(strsep, 1279 [AC_CHECK_FUNCS(strsep)], 1280 [], 1281 [ 1282#ifdef HAVE_STRING_H 1283# include <string.h> 1284#endif 1285 ]) 1286 1287dnl tcsendbreak might be a macro 1288AC_CHECK_DECL(tcsendbreak, 1289 [AC_DEFINE(HAVE_TCSENDBREAK)], 1290 [AC_CHECK_FUNCS(tcsendbreak)], 1291 [#include <termios.h>] 1292) 1293 1294AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1295 1296AC_CHECK_FUNCS(setresuid, [ 1297 dnl Some platorms have setresuid that isn't implemented, test for this 1298 AC_MSG_CHECKING(if setresuid seems to work) 1299 AC_RUN_IFELSE( 1300 [AC_LANG_SOURCE([[ 1301#include <stdlib.h> 1302#include <errno.h> 1303int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1304 ]])], 1305 [AC_MSG_RESULT(yes)], 1306 [AC_DEFINE(BROKEN_SETRESUID, 1, 1307 [Define if your setresuid() is broken]) 1308 AC_MSG_RESULT(not implemented)], 1309 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1310 ) 1311]) 1312 1313AC_CHECK_FUNCS(setresgid, [ 1314 dnl Some platorms have setresgid that isn't implemented, test for this 1315 AC_MSG_CHECKING(if setresgid seems to work) 1316 AC_RUN_IFELSE( 1317 [AC_LANG_SOURCE([[ 1318#include <stdlib.h> 1319#include <errno.h> 1320int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1321 ]])], 1322 [AC_MSG_RESULT(yes)], 1323 [AC_DEFINE(BROKEN_SETRESGID, 1, 1324 [Define if your setresgid() is broken]) 1325 AC_MSG_RESULT(not implemented)], 1326 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1327 ) 1328]) 1329 1330dnl Checks for time functions 1331AC_CHECK_FUNCS(gettimeofday time) 1332dnl Checks for utmp functions 1333AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1334AC_CHECK_FUNCS(utmpname) 1335dnl Checks for utmpx functions 1336AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1337AC_CHECK_FUNCS(setutxent utmpxname) 1338 1339AC_CHECK_FUNC(daemon, 1340 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1341 [AC_CHECK_LIB(bsd, daemon, 1342 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1343) 1344 1345AC_CHECK_FUNC(getpagesize, 1346 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1347 [Define if your libraries define getpagesize()])], 1348 [AC_CHECK_LIB(ucb, getpagesize, 1349 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1350) 1351 1352# Check for broken snprintf 1353if test "x$ac_cv_func_snprintf" = "xyes" ; then 1354 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1355 AC_RUN_IFELSE( 1356 [AC_LANG_SOURCE([[ 1357#include <stdio.h> 1358int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1359 ]])], 1360 [AC_MSG_RESULT(yes)], 1361 [ 1362 AC_MSG_RESULT(no) 1363 AC_DEFINE(BROKEN_SNPRINTF, 1, 1364 [Define if your snprintf is busted]) 1365 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1366 ], 1367 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1368 ) 1369fi 1370 1371# If we don't have a working asprintf, then we strongly depend on vsnprintf 1372# returning the right thing on overflow: the number of characters it tried to 1373# create (as per SUSv3) 1374if test "x$ac_cv_func_asprintf" != "xyes" && \ 1375 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1376 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1377 AC_RUN_IFELSE( 1378 [AC_LANG_SOURCE([[ 1379#include <sys/types.h> 1380#include <stdio.h> 1381#include <stdarg.h> 1382 1383int x_snprintf(char *str,size_t count,const char *fmt,...) 1384{ 1385 size_t ret; va_list ap; 1386 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1387 return ret; 1388} 1389int main(void) 1390{ 1391 char x[1]; 1392 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1393} ]])], 1394 [AC_MSG_RESULT(yes)], 1395 [ 1396 AC_MSG_RESULT(no) 1397 AC_DEFINE(BROKEN_SNPRINTF, 1, 1398 [Define if your snprintf is busted]) 1399 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1400 ], 1401 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1402 ) 1403fi 1404 1405# On systems where [v]snprintf is broken, but is declared in stdio, 1406# check that the fmt argument is const char * or just char *. 1407# This is only useful for when BROKEN_SNPRINTF 1408AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1409AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1410 int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1411 int main(void) { snprintf(0, 0, 0); } 1412 ]])], 1413 [AC_MSG_RESULT(yes) 1414 AC_DEFINE(SNPRINTF_CONST, [const], 1415 [Define as const if snprintf() can declare const char *fmt])], 1416 [AC_MSG_RESULT(no) 1417 AC_DEFINE(SNPRINTF_CONST, [/* not const */])]) 1418 1419# Check for missing getpeereid (or equiv) support 1420NO_PEERCHECK="" 1421if test "x$ac_cv_func_getpeereid" != "xyes" ; then 1422 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1423 AC_TRY_COMPILE( 1424 [#include <sys/types.h> 1425 #include <sys/socket.h>], 1426 [int i = SO_PEERCRED;], 1427 [ AC_MSG_RESULT(yes) 1428 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1429 ], 1430 [AC_MSG_RESULT(no) 1431 NO_PEERCHECK=1] 1432 ) 1433fi 1434 1435dnl see whether mkstemp() requires XXXXXX 1436if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1437AC_MSG_CHECKING([for (overly) strict mkstemp]) 1438AC_RUN_IFELSE( 1439 [AC_LANG_SOURCE([[ 1440#include <stdlib.h> 1441main() { char template[]="conftest.mkstemp-test"; 1442if (mkstemp(template) == -1) 1443 exit(1); 1444unlink(template); exit(0); 1445} 1446 ]])], 1447 [ 1448 AC_MSG_RESULT(no) 1449 ], 1450 [ 1451 AC_MSG_RESULT(yes) 1452 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1453 ], 1454 [ 1455 AC_MSG_RESULT(yes) 1456 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1457 ] 1458) 1459fi 1460 1461dnl make sure that openpty does not reacquire controlling terminal 1462if test ! -z "$check_for_openpty_ctty_bug"; then 1463 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1464 AC_RUN_IFELSE( 1465 [AC_LANG_SOURCE([[ 1466#include <stdio.h> 1467#include <sys/fcntl.h> 1468#include <sys/types.h> 1469#include <sys/wait.h> 1470 1471int 1472main() 1473{ 1474 pid_t pid; 1475 int fd, ptyfd, ttyfd, status; 1476 1477 pid = fork(); 1478 if (pid < 0) { /* failed */ 1479 exit(1); 1480 } else if (pid > 0) { /* parent */ 1481 waitpid(pid, &status, 0); 1482 if (WIFEXITED(status)) 1483 exit(WEXITSTATUS(status)); 1484 else 1485 exit(2); 1486 } else { /* child */ 1487 close(0); close(1); close(2); 1488 setsid(); 1489 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1490 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1491 if (fd >= 0) 1492 exit(3); /* Acquired ctty: broken */ 1493 else 1494 exit(0); /* Did not acquire ctty: OK */ 1495 } 1496} 1497 ]])], 1498 [ 1499 AC_MSG_RESULT(yes) 1500 ], 1501 [ 1502 AC_MSG_RESULT(no) 1503 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1504 ], 1505 [ 1506 AC_MSG_RESULT(cross-compiling, assuming yes) 1507 ] 1508 ) 1509fi 1510 1511if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1512 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1513 AC_MSG_CHECKING(if getaddrinfo seems to work) 1514 AC_RUN_IFELSE( 1515 [AC_LANG_SOURCE([[ 1516#include <stdio.h> 1517#include <sys/socket.h> 1518#include <netdb.h> 1519#include <errno.h> 1520#include <netinet/in.h> 1521 1522#define TEST_PORT "2222" 1523 1524int 1525main(void) 1526{ 1527 int err, sock; 1528 struct addrinfo *gai_ai, *ai, hints; 1529 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1530 1531 memset(&hints, 0, sizeof(hints)); 1532 hints.ai_family = PF_UNSPEC; 1533 hints.ai_socktype = SOCK_STREAM; 1534 hints.ai_flags = AI_PASSIVE; 1535 1536 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1537 if (err != 0) { 1538 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1539 exit(1); 1540 } 1541 1542 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1543 if (ai->ai_family != AF_INET6) 1544 continue; 1545 1546 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1547 sizeof(ntop), strport, sizeof(strport), 1548 NI_NUMERICHOST|NI_NUMERICSERV); 1549 1550 if (err != 0) { 1551 if (err == EAI_SYSTEM) 1552 perror("getnameinfo EAI_SYSTEM"); 1553 else 1554 fprintf(stderr, "getnameinfo failed: %s\n", 1555 gai_strerror(err)); 1556 exit(2); 1557 } 1558 1559 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1560 if (sock < 0) 1561 perror("socket"); 1562 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1563 if (errno == EBADF) 1564 exit(3); 1565 } 1566 } 1567 exit(0); 1568} 1569 ]])], 1570 [ 1571 AC_MSG_RESULT(yes) 1572 ], 1573 [ 1574 AC_MSG_RESULT(no) 1575 AC_DEFINE(BROKEN_GETADDRINFO) 1576 ], 1577 [ 1578 AC_MSG_RESULT(cross-compiling, assuming yes) 1579 ] 1580 ) 1581fi 1582 1583if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1584 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1585 AC_MSG_CHECKING(if getaddrinfo seems to work) 1586 AC_RUN_IFELSE( 1587 [AC_LANG_SOURCE([[ 1588#include <stdio.h> 1589#include <sys/socket.h> 1590#include <netdb.h> 1591#include <errno.h> 1592#include <netinet/in.h> 1593 1594#define TEST_PORT "2222" 1595 1596int 1597main(void) 1598{ 1599 int err, sock; 1600 struct addrinfo *gai_ai, *ai, hints; 1601 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1602 1603 memset(&hints, 0, sizeof(hints)); 1604 hints.ai_family = PF_UNSPEC; 1605 hints.ai_socktype = SOCK_STREAM; 1606 hints.ai_flags = AI_PASSIVE; 1607 1608 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1609 if (err != 0) { 1610 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1611 exit(1); 1612 } 1613 1614 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1615 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1616 continue; 1617 1618 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1619 sizeof(ntop), strport, sizeof(strport), 1620 NI_NUMERICHOST|NI_NUMERICSERV); 1621 1622 if (ai->ai_family == AF_INET && err != 0) { 1623 perror("getnameinfo"); 1624 exit(2); 1625 } 1626 } 1627 exit(0); 1628} 1629 ]])], 1630 [ 1631 AC_MSG_RESULT(yes) 1632 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1633 [Define if you have a getaddrinfo that fails 1634 for the all-zeros IPv6 address]) 1635 ], 1636 [ 1637 AC_MSG_RESULT(no) 1638 AC_DEFINE(BROKEN_GETADDRINFO) 1639 ], 1640 AC_MSG_RESULT(cross-compiling, assuming no) 1641 ] 1642 ) 1643fi 1644 1645if test "x$check_for_conflicting_getspnam" = "x1"; then 1646 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1647 AC_COMPILE_IFELSE( 1648 [ 1649#include <shadow.h> 1650int main(void) {exit(0);} 1651 ], 1652 [ 1653 AC_MSG_RESULT(no) 1654 ], 1655 [ 1656 AC_MSG_RESULT(yes) 1657 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1658 [Conflicting defs for getspnam]) 1659 ] 1660 ) 1661fi 1662 1663AC_FUNC_GETPGRP 1664 1665# Check for PAM libs 1666PAM_MSG="no" 1667AC_ARG_WITH(pam, 1668 [ --with-pam Enable PAM support ], 1669 [ 1670 if test "x$withval" != "xno" ; then 1671 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 1672 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 1673 AC_MSG_ERROR([PAM headers not found]) 1674 fi 1675 1676 AC_CHECK_LIB(dl, dlopen, , ) 1677 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 1678 AC_CHECK_FUNCS(pam_getenvlist) 1679 AC_CHECK_FUNCS(pam_putenv) 1680 1681 PAM_MSG="yes" 1682 1683 AC_DEFINE(USE_PAM, 1, 1684 [Define if you want to enable PAM support]) 1685 if test $ac_cv_lib_dl_dlopen = yes; then 1686 LIBPAM="-lpam -ldl" 1687 else 1688 LIBPAM="-lpam" 1689 fi 1690 AC_SUBST(LIBPAM) 1691 fi 1692 ] 1693) 1694 1695# Check for older PAM 1696if test "x$PAM_MSG" = "xyes" ; then 1697 # Check PAM strerror arguments (old PAM) 1698 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 1699 AC_TRY_COMPILE( 1700 [ 1701#include <stdlib.h> 1702#if defined(HAVE_SECURITY_PAM_APPL_H) 1703#include <security/pam_appl.h> 1704#elif defined (HAVE_PAM_PAM_APPL_H) 1705#include <pam/pam_appl.h> 1706#endif 1707 ], 1708 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 1709 [AC_MSG_RESULT(no)], 1710 [ 1711 AC_DEFINE(HAVE_OLD_PAM, 1, 1712 [Define if you have an old version of PAM 1713 which takes only one argument to pam_strerror]) 1714 AC_MSG_RESULT(yes) 1715 PAM_MSG="yes (old library)" 1716 ] 1717 ) 1718fi 1719 1720# Search for OpenSSL 1721saved_CPPFLAGS="$CPPFLAGS" 1722saved_LDFLAGS="$LDFLAGS" 1723AC_ARG_WITH(ssl-dir, 1724 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1725 [ 1726 if test "x$withval" != "xno" ; then 1727 case "$withval" in 1728 # Relative paths 1729 ./*|../*) withval="`pwd`/$withval" 1730 esac 1731 if test -d "$withval/lib"; then 1732 if test -n "${need_dash_r}"; then 1733 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1734 else 1735 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1736 fi 1737 else 1738 if test -n "${need_dash_r}"; then 1739 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1740 else 1741 LDFLAGS="-L${withval} ${LDFLAGS}" 1742 fi 1743 fi 1744 if test -d "$withval/include"; then 1745 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1746 else 1747 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1748 fi 1749 fi 1750 ] 1751) 1752LIBS="-lcrypto $LIBS" 1753AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 1754 [Define if your ssl headers are included 1755 with #include <openssl/header.h>]), 1756 [ 1757 dnl Check default openssl install dir 1758 if test -n "${need_dash_r}"; then 1759 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1760 else 1761 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1762 fi 1763 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1764 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1765 [ 1766 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1767 ] 1768 ) 1769 ] 1770) 1771 1772# Determine OpenSSL header version 1773AC_MSG_CHECKING([OpenSSL header version]) 1774AC_RUN_IFELSE( 1775 [AC_LANG_SOURCE([[ 1776#include <stdio.h> 1777#include <string.h> 1778#include <openssl/opensslv.h> 1779#define DATA "conftest.sslincver" 1780int main(void) { 1781 FILE *fd; 1782 int rc; 1783 1784 fd = fopen(DATA,"w"); 1785 if(fd == NULL) 1786 exit(1); 1787 1788 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1789 exit(1); 1790 1791 exit(0); 1792} 1793 ]])], 1794 [ 1795 ssl_header_ver=`cat conftest.sslincver` 1796 AC_MSG_RESULT($ssl_header_ver) 1797 ], 1798 [ 1799 AC_MSG_RESULT(not found) 1800 AC_MSG_ERROR(OpenSSL version header not found.) 1801 ], 1802 [ 1803 AC_MSG_WARN([cross compiling: not checking]) 1804 ] 1805) 1806 1807# Determine OpenSSL library version 1808AC_MSG_CHECKING([OpenSSL library version]) 1809AC_RUN_IFELSE( 1810 [AC_LANG_SOURCE([[ 1811#include <stdio.h> 1812#include <string.h> 1813#include <openssl/opensslv.h> 1814#include <openssl/crypto.h> 1815#define DATA "conftest.ssllibver" 1816int main(void) { 1817 FILE *fd; 1818 int rc; 1819 1820 fd = fopen(DATA,"w"); 1821 if(fd == NULL) 1822 exit(1); 1823 1824 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1825 exit(1); 1826 1827 exit(0); 1828} 1829 ]])], 1830 [ 1831 ssl_library_ver=`cat conftest.ssllibver` 1832 AC_MSG_RESULT($ssl_library_ver) 1833 ], 1834 [ 1835 AC_MSG_RESULT(not found) 1836 AC_MSG_ERROR(OpenSSL library not found.) 1837 ], 1838 [ 1839 AC_MSG_WARN([cross compiling: not checking]) 1840 ] 1841) 1842 1843# Sanity check OpenSSL headers 1844AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1845AC_RUN_IFELSE( 1846 [AC_LANG_SOURCE([[ 1847#include <string.h> 1848#include <openssl/opensslv.h> 1849int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1850 ]])], 1851 [ 1852 AC_MSG_RESULT(yes) 1853 ], 1854 [ 1855 AC_MSG_RESULT(no) 1856 AC_MSG_ERROR([Your OpenSSL headers do not match your library. 1857Check config.log for details. 1858Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1859 ], 1860 [ 1861 AC_MSG_WARN([cross compiling: not checking]) 1862 ] 1863) 1864 1865# Check for OpenSSL without EVP_aes_{192,256}_cbc 1866AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 1867AC_COMPILE_IFELSE( 1868 [AC_LANG_SOURCE([[ 1869#include <string.h> 1870#include <openssl/evp.h> 1871int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL)} 1872 ]])], 1873 [ 1874 AC_MSG_RESULT(no) 1875 ], 1876 [ 1877 AC_MSG_RESULT(yes) 1878 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 1879 [libcrypto is missing AES 192 and 256 bit functions]) 1880 ] 1881) 1882 1883# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 1884# because the system crypt() is more featureful. 1885if test "x$check_for_libcrypt_before" = "x1"; then 1886 AC_CHECK_LIB(crypt, crypt) 1887fi 1888 1889# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1890# version in OpenSSL. 1891if test "x$check_for_libcrypt_later" = "x1"; then 1892 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1893fi 1894 1895AC_CHECK_LIB(iaf, ia_openinfo) 1896 1897### Configure cryptographic random number support 1898 1899# Check wheter OpenSSL seeds itself 1900AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 1901AC_RUN_IFELSE( 1902 [AC_LANG_SOURCE([[ 1903#include <string.h> 1904#include <openssl/rand.h> 1905int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 1906 ]])], 1907 [ 1908 OPENSSL_SEEDS_ITSELF=yes 1909 AC_MSG_RESULT(yes) 1910 ], 1911 [ 1912 AC_MSG_RESULT(no) 1913 # Default to use of the rand helper if OpenSSL doesn't 1914 # seed itself 1915 USE_RAND_HELPER=yes 1916 ], 1917 [ 1918 AC_MSG_WARN([cross compiling: assuming yes]) 1919 # This is safe, since all recent OpenSSL versions will 1920 # complain at runtime if not seeded correctly. 1921 OPENSSL_SEEDS_ITSELF=yes 1922 ] 1923) 1924 1925 1926# Do we want to force the use of the rand helper? 1927AC_ARG_WITH(rand-helper, 1928 [ --with-rand-helper Use subprocess to gather strong randomness ], 1929 [ 1930 if test "x$withval" = "xno" ; then 1931 # Force use of OpenSSL's internal RNG, even if 1932 # the previous test showed it to be unseeded. 1933 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 1934 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 1935 OPENSSL_SEEDS_ITSELF=yes 1936 USE_RAND_HELPER="" 1937 fi 1938 else 1939 USE_RAND_HELPER=yes 1940 fi 1941 ], 1942) 1943 1944# Which randomness source do we use? 1945if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 1946 # OpenSSL only 1947 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 1948 [Define if you want OpenSSL's internally seeded PRNG only]) 1949 RAND_MSG="OpenSSL internal ONLY" 1950 INSTALL_SSH_RAND_HELPER="" 1951elif test ! -z "$USE_RAND_HELPER" ; then 1952 # install rand helper 1953 RAND_MSG="ssh-rand-helper" 1954 INSTALL_SSH_RAND_HELPER="yes" 1955fi 1956AC_SUBST(INSTALL_SSH_RAND_HELPER) 1957 1958### Configuration of ssh-rand-helper 1959 1960# PRNGD TCP socket 1961AC_ARG_WITH(prngd-port, 1962 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 1963 [ 1964 case "$withval" in 1965 no) 1966 withval="" 1967 ;; 1968 [[0-9]]*) 1969 ;; 1970 *) 1971 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 1972 ;; 1973 esac 1974 if test ! -z "$withval" ; then 1975 PRNGD_PORT="$withval" 1976 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 1977 [Port number of PRNGD/EGD random number socket]) 1978 fi 1979 ] 1980) 1981 1982# PRNGD Unix domain socket 1983AC_ARG_WITH(prngd-socket, 1984 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 1985 [ 1986 case "$withval" in 1987 yes) 1988 withval="/var/run/egd-pool" 1989 ;; 1990 no) 1991 withval="" 1992 ;; 1993 /*) 1994 ;; 1995 *) 1996 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 1997 ;; 1998 esac 1999 2000 if test ! -z "$withval" ; then 2001 if test ! -z "$PRNGD_PORT" ; then 2002 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2003 fi 2004 if test ! -r "$withval" ; then 2005 AC_MSG_WARN(Entropy socket is not readable) 2006 fi 2007 PRNGD_SOCKET="$withval" 2008 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2009 [Location of PRNGD/EGD random number socket]) 2010 fi 2011 ], 2012 [ 2013 # Check for existing socket only if we don't have a random device already 2014 if test "$USE_RAND_HELPER" = yes ; then 2015 AC_MSG_CHECKING(for PRNGD/EGD socket) 2016 # Insert other locations here 2017 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2018 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2019 PRNGD_SOCKET="$sock" 2020 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2021 break; 2022 fi 2023 done 2024 if test ! -z "$PRNGD_SOCKET" ; then 2025 AC_MSG_RESULT($PRNGD_SOCKET) 2026 else 2027 AC_MSG_RESULT(not found) 2028 fi 2029 fi 2030 ] 2031) 2032 2033# Change default command timeout for hashing entropy source 2034entropy_timeout=200 2035AC_ARG_WITH(entropy-timeout, 2036 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2037 [ 2038 if test -n "$withval" && test "x$withval" != "xno" && \ 2039 test "x${withval}" != "xyes"; then 2040 entropy_timeout=$withval 2041 fi 2042 ] 2043) 2044AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2045 [Builtin PRNG command timeout]) 2046 2047SSH_PRIVSEP_USER=sshd 2048AC_ARG_WITH(privsep-user, 2049 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2050 [ 2051 if test -n "$withval" && test "x$withval" != "xno" && \ 2052 test "x${withval}" != "xyes"; then 2053 SSH_PRIVSEP_USER=$withval 2054 fi 2055 ] 2056) 2057AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2058 [non-privileged user for privilege separation]) 2059AC_SUBST(SSH_PRIVSEP_USER) 2060 2061# We do this little dance with the search path to insure 2062# that programs that we select for use by installed programs 2063# (which may be run by the super-user) come from trusted 2064# locations before they come from the user's private area. 2065# This should help avoid accidentally configuring some 2066# random version of a program in someone's personal bin. 2067 2068OPATH=$PATH 2069PATH=/bin:/usr/bin 2070test -h /bin 2> /dev/null && PATH=/usr/bin 2071test -d /sbin && PATH=$PATH:/sbin 2072test -d /usr/sbin && PATH=$PATH:/usr/sbin 2073PATH=$PATH:/etc:$OPATH 2074 2075# These programs are used by the command hashing source to gather entropy 2076OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2077OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2078OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2079OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2080OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2081OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2082OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2083OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2084OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2085OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2086OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2087OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2088OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2089OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2090OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2091OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2092# restore PATH 2093PATH=$OPATH 2094 2095# Where does ssh-rand-helper get its randomness from? 2096INSTALL_SSH_PRNG_CMDS="" 2097if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2098 if test ! -z "$PRNGD_PORT" ; then 2099 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2100 elif test ! -z "$PRNGD_SOCKET" ; then 2101 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2102 else 2103 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2104 RAND_HELPER_CMDHASH=yes 2105 INSTALL_SSH_PRNG_CMDS="yes" 2106 fi 2107fi 2108AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2109 2110 2111# Cheap hack to ensure NEWS-OS libraries are arranged right. 2112if test ! -z "$SONY" ; then 2113 LIBS="$LIBS -liberty"; 2114fi 2115 2116# Check for long long datatypes 2117AC_CHECK_TYPES([long long, unsigned long long, long double]) 2118 2119# Check datatype sizes 2120AC_CHECK_SIZEOF(char, 1) 2121AC_CHECK_SIZEOF(short int, 2) 2122AC_CHECK_SIZEOF(int, 4) 2123AC_CHECK_SIZEOF(long int, 4) 2124AC_CHECK_SIZEOF(long long int, 8) 2125 2126# Sanity check long long for some platforms (AIX) 2127if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2128 ac_cv_sizeof_long_long_int=0 2129fi 2130 2131# compute LLONG_MIN and LLONG_MAX if we don't know them. 2132if test -z "$have_llong_max"; then 2133 AC_MSG_CHECKING([for max value of long long]) 2134 AC_RUN_IFELSE( 2135 [AC_LANG_SOURCE([[ 2136#include <stdio.h> 2137/* Why is this so damn hard? */ 2138#ifdef __GNUC__ 2139# undef __GNUC__ 2140#endif 2141#define __USE_ISOC99 2142#include <limits.h> 2143#define DATA "conftest.llminmax" 2144int main(void) { 2145 FILE *f; 2146 long long i, llmin, llmax = 0; 2147 2148 if((f = fopen(DATA,"w")) == NULL) 2149 exit(1); 2150 2151#if defined(LLONG_MIN) && defined(LLONG_MAX) 2152 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2153 llmin = LLONG_MIN; 2154 llmax = LLONG_MAX; 2155#else 2156 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2157 /* This will work on one's complement and two's complement */ 2158 for (i = 1; i > llmax; i <<= 1, i++) 2159 llmax = i; 2160 llmin = llmax + 1LL; /* wrap */ 2161#endif 2162 2163 /* Sanity check */ 2164 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2165 || llmax - 1 > llmax) { 2166 fprintf(f, "unknown unknown\n"); 2167 exit(2); 2168 } 2169 2170 if (fprintf(f ,"%lld %lld", llmin, llmax) < 0) 2171 exit(3); 2172 2173 exit(0); 2174} 2175 ]])], 2176 [ 2177 llong_min=`$AWK '{print $1}' conftest.llminmax` 2178 llong_max=`$AWK '{print $2}' conftest.llminmax` 2179 2180 # snprintf on some Tru64s doesn't understand "%lld" 2181 case "$host" in 2182 alpha-dec-osf*) 2183 if test "x$ac_cv_sizeof_long_long_int" = "x8" && 2184 test "x$llong_max" = "xld"; then 2185 llong_min="-9223372036854775808" 2186 llong_max="9223372036854775807" 2187 fi 2188 ;; 2189 esac 2190 2191 AC_MSG_RESULT($llong_max) 2192 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2193 [max value of long long calculated by configure]) 2194 AC_MSG_CHECKING([for min value of long long]) 2195 AC_MSG_RESULT($llong_min) 2196 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2197 [min value of long long calculated by configure]) 2198 ], 2199 [ 2200 AC_MSG_RESULT(not found) 2201 ], 2202 [ 2203 AC_MSG_WARN([cross compiling: not checking]) 2204 ] 2205 ) 2206fi 2207 2208 2209# More checks for data types 2210AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2211 AC_TRY_COMPILE( 2212 [ #include <sys/types.h> ], 2213 [ u_int a; a = 1;], 2214 [ ac_cv_have_u_int="yes" ], 2215 [ ac_cv_have_u_int="no" ] 2216 ) 2217]) 2218if test "x$ac_cv_have_u_int" = "xyes" ; then 2219 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2220 have_u_int=1 2221fi 2222 2223AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2224 AC_TRY_COMPILE( 2225 [ #include <sys/types.h> ], 2226 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2227 [ ac_cv_have_intxx_t="yes" ], 2228 [ ac_cv_have_intxx_t="no" ] 2229 ) 2230]) 2231if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2232 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2233 have_intxx_t=1 2234fi 2235 2236if (test -z "$have_intxx_t" && \ 2237 test "x$ac_cv_header_stdint_h" = "xyes") 2238then 2239 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2240 AC_TRY_COMPILE( 2241 [ #include <stdint.h> ], 2242 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2243 [ 2244 AC_DEFINE(HAVE_INTXX_T) 2245 AC_MSG_RESULT(yes) 2246 ], 2247 [ AC_MSG_RESULT(no) ] 2248 ) 2249fi 2250 2251AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2252 AC_TRY_COMPILE( 2253 [ 2254#include <sys/types.h> 2255#ifdef HAVE_STDINT_H 2256# include <stdint.h> 2257#endif 2258#include <sys/socket.h> 2259#ifdef HAVE_SYS_BITYPES_H 2260# include <sys/bitypes.h> 2261#endif 2262 ], 2263 [ int64_t a; a = 1;], 2264 [ ac_cv_have_int64_t="yes" ], 2265 [ ac_cv_have_int64_t="no" ] 2266 ) 2267]) 2268if test "x$ac_cv_have_int64_t" = "xyes" ; then 2269 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2270fi 2271 2272AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2273 AC_TRY_COMPILE( 2274 [ #include <sys/types.h> ], 2275 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2276 [ ac_cv_have_u_intxx_t="yes" ], 2277 [ ac_cv_have_u_intxx_t="no" ] 2278 ) 2279]) 2280if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2281 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2282 have_u_intxx_t=1 2283fi 2284 2285if test -z "$have_u_intxx_t" ; then 2286 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2287 AC_TRY_COMPILE( 2288 [ #include <sys/socket.h> ], 2289 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2290 [ 2291 AC_DEFINE(HAVE_U_INTXX_T) 2292 AC_MSG_RESULT(yes) 2293 ], 2294 [ AC_MSG_RESULT(no) ] 2295 ) 2296fi 2297 2298AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2299 AC_TRY_COMPILE( 2300 [ #include <sys/types.h> ], 2301 [ u_int64_t a; a = 1;], 2302 [ ac_cv_have_u_int64_t="yes" ], 2303 [ ac_cv_have_u_int64_t="no" ] 2304 ) 2305]) 2306if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2307 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2308 have_u_int64_t=1 2309fi 2310 2311if test -z "$have_u_int64_t" ; then 2312 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2313 AC_TRY_COMPILE( 2314 [ #include <sys/bitypes.h> ], 2315 [ u_int64_t a; a = 1], 2316 [ 2317 AC_DEFINE(HAVE_U_INT64_T) 2318 AC_MSG_RESULT(yes) 2319 ], 2320 [ AC_MSG_RESULT(no) ] 2321 ) 2322fi 2323 2324if test -z "$have_u_intxx_t" ; then 2325 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2326 AC_TRY_COMPILE( 2327 [ 2328#include <sys/types.h> 2329 ], 2330 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2331 [ ac_cv_have_uintxx_t="yes" ], 2332 [ ac_cv_have_uintxx_t="no" ] 2333 ) 2334 ]) 2335 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2336 AC_DEFINE(HAVE_UINTXX_T, 1, 2337 [define if you have uintxx_t data type]) 2338 fi 2339fi 2340 2341if test -z "$have_uintxx_t" ; then 2342 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2343 AC_TRY_COMPILE( 2344 [ #include <stdint.h> ], 2345 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2346 [ 2347 AC_DEFINE(HAVE_UINTXX_T) 2348 AC_MSG_RESULT(yes) 2349 ], 2350 [ AC_MSG_RESULT(no) ] 2351 ) 2352fi 2353 2354if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2355 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2356then 2357 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2358 AC_TRY_COMPILE( 2359 [ 2360#include <sys/bitypes.h> 2361 ], 2362 [ 2363 int8_t a; int16_t b; int32_t c; 2364 u_int8_t e; u_int16_t f; u_int32_t g; 2365 a = b = c = e = f = g = 1; 2366 ], 2367 [ 2368 AC_DEFINE(HAVE_U_INTXX_T) 2369 AC_DEFINE(HAVE_INTXX_T) 2370 AC_MSG_RESULT(yes) 2371 ], 2372 [AC_MSG_RESULT(no)] 2373 ) 2374fi 2375 2376 2377AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2378 AC_TRY_COMPILE( 2379 [ 2380#include <sys/types.h> 2381 ], 2382 [ u_char foo; foo = 125; ], 2383 [ ac_cv_have_u_char="yes" ], 2384 [ ac_cv_have_u_char="no" ] 2385 ) 2386]) 2387if test "x$ac_cv_have_u_char" = "xyes" ; then 2388 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2389fi 2390 2391TYPE_SOCKLEN_T 2392 2393AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2394 2395AC_CHECK_TYPES(in_addr_t,,, 2396[#include <sys/types.h> 2397#include <netinet/in.h>]) 2398 2399AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2400 AC_TRY_COMPILE( 2401 [ 2402#include <sys/types.h> 2403 ], 2404 [ size_t foo; foo = 1235; ], 2405 [ ac_cv_have_size_t="yes" ], 2406 [ ac_cv_have_size_t="no" ] 2407 ) 2408]) 2409if test "x$ac_cv_have_size_t" = "xyes" ; then 2410 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2411fi 2412 2413AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2414 AC_TRY_COMPILE( 2415 [ 2416#include <sys/types.h> 2417 ], 2418 [ ssize_t foo; foo = 1235; ], 2419 [ ac_cv_have_ssize_t="yes" ], 2420 [ ac_cv_have_ssize_t="no" ] 2421 ) 2422]) 2423if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2424 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2425fi 2426 2427AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2428 AC_TRY_COMPILE( 2429 [ 2430#include <time.h> 2431 ], 2432 [ clock_t foo; foo = 1235; ], 2433 [ ac_cv_have_clock_t="yes" ], 2434 [ ac_cv_have_clock_t="no" ] 2435 ) 2436]) 2437if test "x$ac_cv_have_clock_t" = "xyes" ; then 2438 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2439fi 2440 2441AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2442 AC_TRY_COMPILE( 2443 [ 2444#include <sys/types.h> 2445#include <sys/socket.h> 2446 ], 2447 [ sa_family_t foo; foo = 1235; ], 2448 [ ac_cv_have_sa_family_t="yes" ], 2449 [ AC_TRY_COMPILE( 2450 [ 2451#include <sys/types.h> 2452#include <sys/socket.h> 2453#include <netinet/in.h> 2454 ], 2455 [ sa_family_t foo; foo = 1235; ], 2456 [ ac_cv_have_sa_family_t="yes" ], 2457 2458 [ ac_cv_have_sa_family_t="no" ] 2459 )] 2460 ) 2461]) 2462if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2463 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2464 [define if you have sa_family_t data type]) 2465fi 2466 2467AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2468 AC_TRY_COMPILE( 2469 [ 2470#include <sys/types.h> 2471 ], 2472 [ pid_t foo; foo = 1235; ], 2473 [ ac_cv_have_pid_t="yes" ], 2474 [ ac_cv_have_pid_t="no" ] 2475 ) 2476]) 2477if test "x$ac_cv_have_pid_t" = "xyes" ; then 2478 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2479fi 2480 2481AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2482 AC_TRY_COMPILE( 2483 [ 2484#include <sys/types.h> 2485 ], 2486 [ mode_t foo; foo = 1235; ], 2487 [ ac_cv_have_mode_t="yes" ], 2488 [ ac_cv_have_mode_t="no" ] 2489 ) 2490]) 2491if test "x$ac_cv_have_mode_t" = "xyes" ; then 2492 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2493fi 2494 2495 2496AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2497 AC_TRY_COMPILE( 2498 [ 2499#include <sys/types.h> 2500#include <sys/socket.h> 2501 ], 2502 [ struct sockaddr_storage s; ], 2503 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2504 [ ac_cv_have_struct_sockaddr_storage="no" ] 2505 ) 2506]) 2507if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2508 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 2509 [define if you have struct sockaddr_storage data type]) 2510fi 2511 2512AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2513 AC_TRY_COMPILE( 2514 [ 2515#include <sys/types.h> 2516#include <netinet/in.h> 2517 ], 2518 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2519 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2520 [ ac_cv_have_struct_sockaddr_in6="no" ] 2521 ) 2522]) 2523if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2524 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 2525 [define if you have struct sockaddr_in6 data type]) 2526fi 2527 2528AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2529 AC_TRY_COMPILE( 2530 [ 2531#include <sys/types.h> 2532#include <netinet/in.h> 2533 ], 2534 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2535 [ ac_cv_have_struct_in6_addr="yes" ], 2536 [ ac_cv_have_struct_in6_addr="no" ] 2537 ) 2538]) 2539if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2540 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 2541 [define if you have struct in6_addr data type]) 2542fi 2543 2544AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2545 AC_TRY_COMPILE( 2546 [ 2547#include <sys/types.h> 2548#include <sys/socket.h> 2549#include <netdb.h> 2550 ], 2551 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2552 [ ac_cv_have_struct_addrinfo="yes" ], 2553 [ ac_cv_have_struct_addrinfo="no" ] 2554 ) 2555]) 2556if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2557 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 2558 [define if you have struct addrinfo data type]) 2559fi 2560 2561AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2562 AC_TRY_COMPILE( 2563 [ #include <sys/time.h> ], 2564 [ struct timeval tv; tv.tv_sec = 1;], 2565 [ ac_cv_have_struct_timeval="yes" ], 2566 [ ac_cv_have_struct_timeval="no" ] 2567 ) 2568]) 2569if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2570 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 2571 have_struct_timeval=1 2572fi 2573 2574AC_CHECK_TYPES(struct timespec) 2575 2576# We need int64_t or else certian parts of the compile will fail. 2577if test "x$ac_cv_have_int64_t" = "xno" && \ 2578 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2579 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2580 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2581 echo "an alternative compiler (I.E., GCC) before continuing." 2582 echo "" 2583 exit 1; 2584else 2585dnl test snprintf (broken on SCO w/gcc) 2586 AC_RUN_IFELSE( 2587 [AC_LANG_SOURCE([[ 2588#include <stdio.h> 2589#include <string.h> 2590#ifdef HAVE_SNPRINTF 2591main() 2592{ 2593 char buf[50]; 2594 char expected_out[50]; 2595 int mazsize = 50 ; 2596#if (SIZEOF_LONG_INT == 8) 2597 long int num = 0x7fffffffffffffff; 2598#else 2599 long long num = 0x7fffffffffffffffll; 2600#endif 2601 strcpy(expected_out, "9223372036854775807"); 2602 snprintf(buf, mazsize, "%lld", num); 2603 if(strcmp(buf, expected_out) != 0) 2604 exit(1); 2605 exit(0); 2606} 2607#else 2608main() { exit(0); } 2609#endif 2610 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2611 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2612 ) 2613fi 2614 2615dnl Checks for structure members 2616OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2617OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2618OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2619OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2620OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2621OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2622OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2623OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2624OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2625OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2626OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2627OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2628OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2629OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2630OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2631OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2632OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2633 2634AC_CHECK_MEMBERS([struct stat.st_blksize]) 2635AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 2636 [Define if we don't have struct __res_state in resolv.h])], 2637[ 2638#include <stdio.h> 2639#if HAVE_SYS_TYPES_H 2640# include <sys/types.h> 2641#endif 2642#include <netinet/in.h> 2643#include <arpa/nameser.h> 2644#include <resolv.h> 2645]) 2646 2647AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2648 ac_cv_have_ss_family_in_struct_ss, [ 2649 AC_TRY_COMPILE( 2650 [ 2651#include <sys/types.h> 2652#include <sys/socket.h> 2653 ], 2654 [ struct sockaddr_storage s; s.ss_family = 1; ], 2655 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2656 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2657 ) 2658]) 2659if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2660 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 2661fi 2662 2663AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2664 ac_cv_have___ss_family_in_struct_ss, [ 2665 AC_TRY_COMPILE( 2666 [ 2667#include <sys/types.h> 2668#include <sys/socket.h> 2669 ], 2670 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2671 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2672 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2673 ) 2674]) 2675if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2676 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 2677 [Fields in struct sockaddr_storage]) 2678fi 2679 2680AC_CACHE_CHECK([for pw_class field in struct passwd], 2681 ac_cv_have_pw_class_in_struct_passwd, [ 2682 AC_TRY_COMPILE( 2683 [ 2684#include <pwd.h> 2685 ], 2686 [ struct passwd p; p.pw_class = 0; ], 2687 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2688 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 2689 ) 2690]) 2691if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 2692 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 2693 [Define if your password has a pw_class field]) 2694fi 2695 2696AC_CACHE_CHECK([for pw_expire field in struct passwd], 2697 ac_cv_have_pw_expire_in_struct_passwd, [ 2698 AC_TRY_COMPILE( 2699 [ 2700#include <pwd.h> 2701 ], 2702 [ struct passwd p; p.pw_expire = 0; ], 2703 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 2704 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 2705 ) 2706]) 2707if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 2708 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 2709 [Define if your password has a pw_expire field]) 2710fi 2711 2712AC_CACHE_CHECK([for pw_change field in struct passwd], 2713 ac_cv_have_pw_change_in_struct_passwd, [ 2714 AC_TRY_COMPILE( 2715 [ 2716#include <pwd.h> 2717 ], 2718 [ struct passwd p; p.pw_change = 0; ], 2719 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 2720 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 2721 ) 2722]) 2723if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 2724 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 2725 [Define if your password has a pw_change field]) 2726fi 2727 2728dnl make sure we're using the real structure members and not defines 2729AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 2730 ac_cv_have_accrights_in_msghdr, [ 2731 AC_COMPILE_IFELSE( 2732 [ 2733#include <sys/types.h> 2734#include <sys/socket.h> 2735#include <sys/uio.h> 2736int main() { 2737#ifdef msg_accrights 2738#error "msg_accrights is a macro" 2739exit(1); 2740#endif 2741struct msghdr m; 2742m.msg_accrights = 0; 2743exit(0); 2744} 2745 ], 2746 [ ac_cv_have_accrights_in_msghdr="yes" ], 2747 [ ac_cv_have_accrights_in_msghdr="no" ] 2748 ) 2749]) 2750if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 2751 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 2752 [Define if your system uses access rights style 2753 file descriptor passing]) 2754fi 2755 2756AC_CACHE_CHECK([for msg_control field in struct msghdr], 2757 ac_cv_have_control_in_msghdr, [ 2758 AC_COMPILE_IFELSE( 2759 [ 2760#include <sys/types.h> 2761#include <sys/socket.h> 2762#include <sys/uio.h> 2763int main() { 2764#ifdef msg_control 2765#error "msg_control is a macro" 2766exit(1); 2767#endif 2768struct msghdr m; 2769m.msg_control = 0; 2770exit(0); 2771} 2772 ], 2773 [ ac_cv_have_control_in_msghdr="yes" ], 2774 [ ac_cv_have_control_in_msghdr="no" ] 2775 ) 2776]) 2777if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 2778 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 2779 [Define if your system uses ancillary data style 2780 file descriptor passing]) 2781fi 2782 2783AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 2784 AC_TRY_LINK([], 2785 [ extern char *__progname; printf("%s", __progname); ], 2786 [ ac_cv_libc_defines___progname="yes" ], 2787 [ ac_cv_libc_defines___progname="no" ] 2788 ) 2789]) 2790if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 2791 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 2792fi 2793 2794AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 2795 AC_TRY_LINK([ 2796#include <stdio.h> 2797], 2798 [ printf("%s", __FUNCTION__); ], 2799 [ ac_cv_cc_implements___FUNCTION__="yes" ], 2800 [ ac_cv_cc_implements___FUNCTION__="no" ] 2801 ) 2802]) 2803if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 2804 AC_DEFINE(HAVE___FUNCTION__, 1, 2805 [Define if compiler implements __FUNCTION__]) 2806fi 2807 2808AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 2809 AC_TRY_LINK([ 2810#include <stdio.h> 2811], 2812 [ printf("%s", __func__); ], 2813 [ ac_cv_cc_implements___func__="yes" ], 2814 [ ac_cv_cc_implements___func__="no" ] 2815 ) 2816]) 2817if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 2818 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 2819fi 2820 2821AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 2822 AC_TRY_LINK( 2823 [#include <stdarg.h> 2824 va_list x,y;], 2825 [va_copy(x,y);], 2826 [ ac_cv_have_va_copy="yes" ], 2827 [ ac_cv_have_va_copy="no" ] 2828 ) 2829]) 2830if test "x$ac_cv_have_va_copy" = "xyes" ; then 2831 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 2832fi 2833 2834AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 2835 AC_TRY_LINK( 2836 [#include <stdarg.h> 2837 va_list x,y;], 2838 [__va_copy(x,y);], 2839 [ ac_cv_have___va_copy="yes" ], 2840 [ ac_cv_have___va_copy="no" ] 2841 ) 2842]) 2843if test "x$ac_cv_have___va_copy" = "xyes" ; then 2844 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 2845fi 2846 2847AC_CACHE_CHECK([whether getopt has optreset support], 2848 ac_cv_have_getopt_optreset, [ 2849 AC_TRY_LINK( 2850 [ 2851#if HAVE_GETOPT_H 2852#include <getopt.h> 2853#elif HAVE_UNISTD_H 2854#include <unistd.h> 2855#endif 2856 ], 2857 [ extern int optreset; optreset = 0; ], 2858 [ ac_cv_have_getopt_optreset="yes" ], 2859 [ ac_cv_have_getopt_optreset="no" ] 2860 ) 2861]) 2862if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 2863 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 2864 [Define if your getopt(3) defines and uses optreset]) 2865fi 2866 2867AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 2868 AC_TRY_LINK([], 2869 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 2870 [ ac_cv_libc_defines_sys_errlist="yes" ], 2871 [ ac_cv_libc_defines_sys_errlist="no" ] 2872 ) 2873]) 2874if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 2875 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 2876 [Define if your system defines sys_errlist[]]) 2877fi 2878 2879 2880AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 2881 AC_TRY_LINK([], 2882 [ extern int sys_nerr; printf("%i", sys_nerr);], 2883 [ ac_cv_libc_defines_sys_nerr="yes" ], 2884 [ ac_cv_libc_defines_sys_nerr="no" ] 2885 ) 2886]) 2887if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 2888 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 2889fi 2890 2891SCARD_MSG="no" 2892# Check whether user wants sectok support 2893AC_ARG_WITH(sectok, 2894 [ --with-sectok Enable smartcard support using libsectok], 2895 [ 2896 if test "x$withval" != "xno" ; then 2897 if test "x$withval" != "xyes" ; then 2898 CPPFLAGS="$CPPFLAGS -I${withval}" 2899 LDFLAGS="$LDFLAGS -L${withval}" 2900 if test ! -z "$need_dash_r" ; then 2901 LDFLAGS="$LDFLAGS -R${withval}" 2902 fi 2903 if test ! -z "$blibpath" ; then 2904 blibpath="$blibpath:${withval}" 2905 fi 2906 fi 2907 AC_CHECK_HEADERS(sectok.h) 2908 if test "$ac_cv_header_sectok_h" != yes; then 2909 AC_MSG_ERROR(Can't find sectok.h) 2910 fi 2911 AC_CHECK_LIB(sectok, sectok_open) 2912 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 2913 AC_MSG_ERROR(Can't find libsectok) 2914 fi 2915 AC_DEFINE(SMARTCARD, 1, 2916 [Define if you want smartcard support]) 2917 AC_DEFINE(USE_SECTOK, 1, 2918 [Define if you want smartcard support 2919 using sectok]) 2920 SCARD_MSG="yes, using sectok" 2921 fi 2922 ] 2923) 2924 2925# Check whether user wants OpenSC support 2926OPENSC_CONFIG="no" 2927AC_ARG_WITH(opensc, 2928 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 2929 [ 2930 if test "x$withval" != "xno" ; then 2931 if test "x$withval" != "xyes" ; then 2932 OPENSC_CONFIG=$withval/bin/opensc-config 2933 else 2934 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 2935 fi 2936 if test "$OPENSC_CONFIG" != "no"; then 2937 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 2938 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 2939 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 2940 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" 2941 AC_DEFINE(SMARTCARD) 2942 AC_DEFINE(USE_OPENSC, 1, 2943 [Define if you want smartcard support 2944 using OpenSC]) 2945 SCARD_MSG="yes, using OpenSC" 2946 fi 2947 fi 2948 ] 2949) 2950 2951# Check libraries needed by DNS fingerprint support 2952AC_SEARCH_LIBS(getrrsetbyname, resolv, 2953 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 2954 [Define if getrrsetbyname() exists])], 2955 [ 2956 # Needed by our getrrsetbyname() 2957 AC_SEARCH_LIBS(res_query, resolv) 2958 AC_SEARCH_LIBS(dn_expand, resolv) 2959 AC_MSG_CHECKING(if res_query will link) 2960 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 2961 [AC_MSG_RESULT(no) 2962 saved_LIBS="$LIBS" 2963 LIBS="$LIBS -lresolv" 2964 AC_MSG_CHECKING(for res_query in -lresolv) 2965 AC_LINK_IFELSE([ 2966#include <resolv.h> 2967int main() 2968{ 2969 res_query (0, 0, 0, 0, 0); 2970 return 0; 2971} 2972 ], 2973 [LIBS="$LIBS -lresolv" 2974 AC_MSG_RESULT(yes)], 2975 [LIBS="$saved_LIBS" 2976 AC_MSG_RESULT(no)]) 2977 ]) 2978 AC_CHECK_FUNCS(_getshort _getlong) 2979 AC_CHECK_DECLS([_getshort, _getlong], , , 2980 [#include <sys/types.h> 2981 #include <arpa/nameser.h>]) 2982 AC_CHECK_MEMBER(HEADER.ad, 2983 [AC_DEFINE(HAVE_HEADER_AD, 1, 2984 [Define if HEADER.ad exists in arpa/nameser.h])],, 2985 [#include <arpa/nameser.h>]) 2986 ]) 2987 2988# Check whether user wants Kerberos 5 support 2989KRB5_MSG="no" 2990AC_ARG_WITH(kerberos5, 2991 [ --with-kerberos5=PATH Enable Kerberos 5 support], 2992 [ if test "x$withval" != "xno" ; then 2993 if test "x$withval" = "xyes" ; then 2994 KRB5ROOT="/usr/local" 2995 else 2996 KRB5ROOT=${withval} 2997 fi 2998 2999 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3000 KRB5_MSG="yes" 3001 3002 AC_MSG_CHECKING(for krb5-config) 3003 if test -x $KRB5ROOT/bin/krb5-config ; then 3004 KRB5CONF=$KRB5ROOT/bin/krb5-config 3005 AC_MSG_RESULT($KRB5CONF) 3006 3007 AC_MSG_CHECKING(for gssapi support) 3008 if $KRB5CONF | grep gssapi >/dev/null ; then 3009 AC_MSG_RESULT(yes) 3010 AC_DEFINE(GSSAPI, 1, 3011 [Define this if you want GSSAPI 3012 support in the version 2 protocol]) 3013 k5confopts=gssapi 3014 else 3015 AC_MSG_RESULT(no) 3016 k5confopts="" 3017 fi 3018 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3019 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3020 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3021 AC_MSG_CHECKING(whether we are using Heimdal) 3022 AC_TRY_COMPILE([ #include <krb5.h> ], 3023 [ char *tmp = heimdal_version; ], 3024 [ AC_MSG_RESULT(yes) 3025 AC_DEFINE(HEIMDAL, 1, 3026 [Define this if you are using the 3027 Heimdal version of Kerberos V5]) ], 3028 AC_MSG_RESULT(no) 3029 ) 3030 else 3031 AC_MSG_RESULT(no) 3032 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3033 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3034 AC_MSG_CHECKING(whether we are using Heimdal) 3035 AC_TRY_COMPILE([ #include <krb5.h> ], 3036 [ char *tmp = heimdal_version; ], 3037 [ AC_MSG_RESULT(yes) 3038 AC_DEFINE(HEIMDAL) 3039 K5LIBS="-lkrb5 -ldes" 3040 K5LIBS="$K5LIBS -lcom_err -lasn1" 3041 AC_CHECK_LIB(roken, net_write, 3042 [K5LIBS="$K5LIBS -lroken"]) 3043 ], 3044 [ AC_MSG_RESULT(no) 3045 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3046 ] 3047 ) 3048 AC_SEARCH_LIBS(dn_expand, resolv) 3049 3050 AC_CHECK_LIB(gssapi,gss_init_sec_context, 3051 [ AC_DEFINE(GSSAPI) 3052 K5LIBS="-lgssapi $K5LIBS" ], 3053 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 3054 [ AC_DEFINE(GSSAPI) 3055 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3056 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3057 $K5LIBS) 3058 ], 3059 $K5LIBS) 3060 3061 AC_CHECK_HEADER(gssapi.h, , 3062 [ unset ac_cv_header_gssapi_h 3063 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3064 AC_CHECK_HEADERS(gssapi.h, , 3065 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3066 ) 3067 ] 3068 ) 3069 3070 oldCPP="$CPPFLAGS" 3071 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3072 AC_CHECK_HEADER(gssapi_krb5.h, , 3073 [ CPPFLAGS="$oldCPP" ]) 3074 3075 fi 3076 if test ! -z "$need_dash_r" ; then 3077 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3078 fi 3079 if test ! -z "$blibpath" ; then 3080 blibpath="$blibpath:${KRB5ROOT}/lib" 3081 fi 3082 3083 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3084 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3085 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3086 3087 LIBS="$LIBS $K5LIBS" 3088 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3089 [Define this if you want to use libkafs' AFS support])) 3090 fi 3091 ] 3092) 3093 3094# Looking for programs, paths and files 3095 3096PRIVSEP_PATH=/var/empty 3097AC_ARG_WITH(privsep-path, 3098 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3099 [ 3100 if test -n "$withval" && test "x$withval" != "xno" && \ 3101 test "x${withval}" != "xyes"; then 3102 PRIVSEP_PATH=$withval 3103 fi 3104 ] 3105) 3106AC_SUBST(PRIVSEP_PATH) 3107 3108AC_ARG_WITH(xauth, 3109 [ --with-xauth=PATH Specify path to xauth program ], 3110 [ 3111 if test -n "$withval" && test "x$withval" != "xno" && \ 3112 test "x${withval}" != "xyes"; then 3113 xauth_path=$withval 3114 fi 3115 ], 3116 [ 3117 TestPath="$PATH" 3118 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3119 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3120 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3121 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3122 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3123 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3124 xauth_path="/usr/openwin/bin/xauth" 3125 fi 3126 ] 3127) 3128 3129STRIP_OPT=-s 3130AC_ARG_ENABLE(strip, 3131 [ --disable-strip Disable calling strip(1) on install], 3132 [ 3133 if test "x$enableval" = "xno" ; then 3134 STRIP_OPT= 3135 fi 3136 ] 3137) 3138AC_SUBST(STRIP_OPT) 3139 3140if test -z "$xauth_path" ; then 3141 XAUTH_PATH="undefined" 3142 AC_SUBST(XAUTH_PATH) 3143else 3144 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3145 [Define if xauth is found in your path]) 3146 XAUTH_PATH=$xauth_path 3147 AC_SUBST(XAUTH_PATH) 3148fi 3149 3150# Check for mail directory (last resort if we cannot get it from headers) 3151if test ! -z "$MAIL" ; then 3152 maildir=`dirname $MAIL` 3153 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3154 [Set this to your mail directory if you don't have maillock.h]) 3155fi 3156 3157if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3158 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3159 disable_ptmx_check=yes 3160fi 3161if test -z "$no_dev_ptmx" ; then 3162 if test "x$disable_ptmx_check" != "xyes" ; then 3163 AC_CHECK_FILE("/dev/ptmx", 3164 [ 3165 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3166 [Define if you have /dev/ptmx]) 3167 have_dev_ptmx=1 3168 ] 3169 ) 3170 fi 3171fi 3172 3173if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3174 AC_CHECK_FILE("/dev/ptc", 3175 [ 3176 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3177 [Define if you have /dev/ptc]) 3178 have_dev_ptc=1 3179 ] 3180 ) 3181else 3182 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3183fi 3184 3185# Options from here on. Some of these are preset by platform above 3186AC_ARG_WITH(mantype, 3187 [ --with-mantype=man|cat|doc Set man page type], 3188 [ 3189 case "$withval" in 3190 man|cat|doc) 3191 MANTYPE=$withval 3192 ;; 3193 *) 3194 AC_MSG_ERROR(invalid man type: $withval) 3195 ;; 3196 esac 3197 ] 3198) 3199if test -z "$MANTYPE"; then 3200 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3201 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3202 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3203 MANTYPE=doc 3204 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3205 MANTYPE=man 3206 else 3207 MANTYPE=cat 3208 fi 3209fi 3210AC_SUBST(MANTYPE) 3211if test "$MANTYPE" = "doc"; then 3212 mansubdir=man; 3213else 3214 mansubdir=$MANTYPE; 3215fi 3216AC_SUBST(mansubdir) 3217 3218# Check whether to enable MD5 passwords 3219MD5_MSG="no" 3220AC_ARG_WITH(md5-passwords, 3221 [ --with-md5-passwords Enable use of MD5 passwords], 3222 [ 3223 if test "x$withval" != "xno" ; then 3224 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3225 [Define if you want to allow MD5 passwords]) 3226 MD5_MSG="yes" 3227 fi 3228 ] 3229) 3230 3231# Whether to disable shadow password support 3232AC_ARG_WITH(shadow, 3233 [ --without-shadow Disable shadow password support], 3234 [ 3235 if test "x$withval" = "xno" ; then 3236 AC_DEFINE(DISABLE_SHADOW) 3237 disable_shadow=yes 3238 fi 3239 ] 3240) 3241 3242if test -z "$disable_shadow" ; then 3243 AC_MSG_CHECKING([if the systems has expire shadow information]) 3244 AC_TRY_COMPILE( 3245 [ 3246#include <sys/types.h> 3247#include <shadow.h> 3248 struct spwd sp; 3249 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3250 [ sp_expire_available=yes ], [] 3251 ) 3252 3253 if test "x$sp_expire_available" = "xyes" ; then 3254 AC_MSG_RESULT(yes) 3255 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3256 [Define if you want to use shadow password expire field]) 3257 else 3258 AC_MSG_RESULT(no) 3259 fi 3260fi 3261 3262# Use ip address instead of hostname in $DISPLAY 3263if test ! -z "$IPADDR_IN_DISPLAY" ; then 3264 DISPLAY_HACK_MSG="yes" 3265 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3266 [Define if you need to use IP address 3267 instead of hostname in $DISPLAY]) 3268else 3269 DISPLAY_HACK_MSG="no" 3270 AC_ARG_WITH(ipaddr-display, 3271 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3272 [ 3273 if test "x$withval" != "xno" ; then 3274 AC_DEFINE(IPADDR_IN_DISPLAY) 3275 DISPLAY_HACK_MSG="yes" 3276 fi 3277 ] 3278 ) 3279fi 3280 3281# check for /etc/default/login and use it if present. 3282AC_ARG_ENABLE(etc-default-login, 3283 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3284 [ if test "x$enableval" = "xno"; then 3285 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3286 etc_default_login=no 3287 else 3288 etc_default_login=yes 3289 fi ], 3290 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3291 then 3292 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3293 etc_default_login=no 3294 else 3295 etc_default_login=yes 3296 fi ] 3297) 3298 3299if test "x$etc_default_login" != "xno"; then 3300 AC_CHECK_FILE("/etc/default/login", 3301 [ external_path_file=/etc/default/login ]) 3302 if test "x$external_path_file" = "x/etc/default/login"; then 3303 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3304 [Define if your system has /etc/default/login]) 3305 fi 3306fi 3307 3308dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3309if test $ac_cv_func_login_getcapbool = "yes" && \ 3310 test $ac_cv_header_login_cap_h = "yes" ; then 3311 external_path_file=/etc/login.conf 3312fi 3313 3314# Whether to mess with the default path 3315SERVER_PATH_MSG="(default)" 3316AC_ARG_WITH(default-path, 3317 [ --with-default-path= Specify default \$PATH environment for server], 3318 [ 3319 if test "x$external_path_file" = "x/etc/login.conf" ; then 3320 AC_MSG_WARN([ 3321--with-default-path=PATH has no effect on this system. 3322Edit /etc/login.conf instead.]) 3323 elif test "x$withval" != "xno" ; then 3324 if test ! -z "$external_path_file" ; then 3325 AC_MSG_WARN([ 3326--with-default-path=PATH will only be used if PATH is not defined in 3327$external_path_file .]) 3328 fi 3329 user_path="$withval" 3330 SERVER_PATH_MSG="$withval" 3331 fi 3332 ], 3333 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3334 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3335 else 3336 if test ! -z "$external_path_file" ; then 3337 AC_MSG_WARN([ 3338If PATH is defined in $external_path_file, ensure the path to scp is included, 3339otherwise scp will not work.]) 3340 fi 3341 AC_RUN_IFELSE( 3342 [AC_LANG_SOURCE([[ 3343/* find out what STDPATH is */ 3344#include <stdio.h> 3345#ifdef HAVE_PATHS_H 3346# include <paths.h> 3347#endif 3348#ifndef _PATH_STDPATH 3349# ifdef _PATH_USERPATH /* Irix */ 3350# define _PATH_STDPATH _PATH_USERPATH 3351# else 3352# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3353# endif 3354#endif 3355#include <sys/types.h> 3356#include <sys/stat.h> 3357#include <fcntl.h> 3358#define DATA "conftest.stdpath" 3359 3360main() 3361{ 3362 FILE *fd; 3363 int rc; 3364 3365 fd = fopen(DATA,"w"); 3366 if(fd == NULL) 3367 exit(1); 3368 3369 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3370 exit(1); 3371 3372 exit(0); 3373} 3374 ]])], 3375 [ user_path=`cat conftest.stdpath` ], 3376 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3377 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3378 ) 3379# make sure $bindir is in USER_PATH so scp will work 3380 t_bindir=`eval echo ${bindir}` 3381 case $t_bindir in 3382 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3383 esac 3384 case $t_bindir in 3385 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3386 esac 3387 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3388 if test $? -ne 0 ; then 3389 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3390 if test $? -ne 0 ; then 3391 user_path=$user_path:$t_bindir 3392 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3393 fi 3394 fi 3395 fi ] 3396) 3397if test "x$external_path_file" != "x/etc/login.conf" ; then 3398 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3399 AC_SUBST(user_path) 3400fi 3401 3402# Set superuser path separately to user path 3403AC_ARG_WITH(superuser-path, 3404 [ --with-superuser-path= Specify different path for super-user], 3405 [ 3406 if test -n "$withval" && test "x$withval" != "xno" && \ 3407 test "x${withval}" != "xyes"; then 3408 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3409 [Define if you want a different $PATH 3410 for the superuser]) 3411 superuser_path=$withval 3412 fi 3413 ] 3414) 3415 3416 3417AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3418IPV4_IN6_HACK_MSG="no" 3419AC_ARG_WITH(4in6, 3420 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3421 [ 3422 if test "x$withval" != "xno" ; then 3423 AC_MSG_RESULT(yes) 3424 AC_DEFINE(IPV4_IN_IPV6, 1, 3425 [Detect IPv4 in IPv6 mapped addresses 3426 and treat as IPv4]) 3427 IPV4_IN6_HACK_MSG="yes" 3428 else 3429 AC_MSG_RESULT(no) 3430 fi 3431 ],[ 3432 if test "x$inet6_default_4in6" = "xyes"; then 3433 AC_MSG_RESULT([yes (default)]) 3434 AC_DEFINE(IPV4_IN_IPV6) 3435 IPV4_IN6_HACK_MSG="yes" 3436 else 3437 AC_MSG_RESULT([no (default)]) 3438 fi 3439 ] 3440) 3441 3442# Whether to enable BSD auth support 3443BSD_AUTH_MSG=no 3444AC_ARG_WITH(bsd-auth, 3445 [ --with-bsd-auth Enable BSD auth support], 3446 [ 3447 if test "x$withval" != "xno" ; then 3448 AC_DEFINE(BSD_AUTH, 1, 3449 [Define if you have BSD auth support]) 3450 BSD_AUTH_MSG=yes 3451 fi 3452 ] 3453) 3454 3455# Where to place sshd.pid 3456piddir=/var/run 3457# make sure the directory exists 3458if test ! -d $piddir ; then 3459 piddir=`eval echo ${sysconfdir}` 3460 case $piddir in 3461 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3462 esac 3463fi 3464 3465AC_ARG_WITH(pid-dir, 3466 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3467 [ 3468 if test -n "$withval" && test "x$withval" != "xno" && \ 3469 test "x${withval}" != "xyes"; then 3470 piddir=$withval 3471 if test ! -d $piddir ; then 3472 AC_MSG_WARN([** no $piddir directory on this system **]) 3473 fi 3474 fi 3475 ] 3476) 3477 3478AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 3479AC_SUBST(piddir) 3480 3481dnl allow user to disable some login recording features 3482AC_ARG_ENABLE(lastlog, 3483 [ --disable-lastlog disable use of lastlog even if detected [no]], 3484 [ 3485 if test "x$enableval" = "xno" ; then 3486 AC_DEFINE(DISABLE_LASTLOG) 3487 fi 3488 ] 3489) 3490AC_ARG_ENABLE(utmp, 3491 [ --disable-utmp disable use of utmp even if detected [no]], 3492 [ 3493 if test "x$enableval" = "xno" ; then 3494 AC_DEFINE(DISABLE_UTMP) 3495 fi 3496 ] 3497) 3498AC_ARG_ENABLE(utmpx, 3499 [ --disable-utmpx disable use of utmpx even if detected [no]], 3500 [ 3501 if test "x$enableval" = "xno" ; then 3502 AC_DEFINE(DISABLE_UTMPX, 1, 3503 [Define if you don't want to use utmpx]) 3504 fi 3505 ] 3506) 3507AC_ARG_ENABLE(wtmp, 3508 [ --disable-wtmp disable use of wtmp even if detected [no]], 3509 [ 3510 if test "x$enableval" = "xno" ; then 3511 AC_DEFINE(DISABLE_WTMP) 3512 fi 3513 ] 3514) 3515AC_ARG_ENABLE(wtmpx, 3516 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3517 [ 3518 if test "x$enableval" = "xno" ; then 3519 AC_DEFINE(DISABLE_WTMPX, 1, 3520 [Define if you don't want to use wtmpx]) 3521 fi 3522 ] 3523) 3524AC_ARG_ENABLE(libutil, 3525 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3526 [ 3527 if test "x$enableval" = "xno" ; then 3528 AC_DEFINE(DISABLE_LOGIN) 3529 fi 3530 ] 3531) 3532AC_ARG_ENABLE(pututline, 3533 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3534 [ 3535 if test "x$enableval" = "xno" ; then 3536 AC_DEFINE(DISABLE_PUTUTLINE, 1, 3537 [Define if you don't want to use pututline() 3538 etc. to write [uw]tmp]) 3539 fi 3540 ] 3541) 3542AC_ARG_ENABLE(pututxline, 3543 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3544 [ 3545 if test "x$enableval" = "xno" ; then 3546 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 3547 [Define if you don't want to use pututxline() 3548 etc. to write [uw]tmpx]) 3549 fi 3550 ] 3551) 3552AC_ARG_WITH(lastlog, 3553 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 3554 [ 3555 if test "x$withval" = "xno" ; then 3556 AC_DEFINE(DISABLE_LASTLOG) 3557 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3558 conf_lastlog_location=$withval 3559 fi 3560 ] 3561) 3562 3563dnl lastlog, [uw]tmpx? detection 3564dnl NOTE: set the paths in the platform section to avoid the 3565dnl need for command-line parameters 3566dnl lastlog and [uw]tmp are subject to a file search if all else fails 3567 3568dnl lastlog detection 3569dnl NOTE: the code itself will detect if lastlog is a directory 3570AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3571AC_TRY_COMPILE([ 3572#include <sys/types.h> 3573#include <utmp.h> 3574#ifdef HAVE_LASTLOG_H 3575# include <lastlog.h> 3576#endif 3577#ifdef HAVE_PATHS_H 3578# include <paths.h> 3579#endif 3580#ifdef HAVE_LOGIN_H 3581# include <login.h> 3582#endif 3583 ], 3584 [ char *lastlog = LASTLOG_FILE; ], 3585 [ AC_MSG_RESULT(yes) ], 3586 [ 3587 AC_MSG_RESULT(no) 3588 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3589 AC_TRY_COMPILE([ 3590#include <sys/types.h> 3591#include <utmp.h> 3592#ifdef HAVE_LASTLOG_H 3593# include <lastlog.h> 3594#endif 3595#ifdef HAVE_PATHS_H 3596# include <paths.h> 3597#endif 3598 ], 3599 [ char *lastlog = _PATH_LASTLOG; ], 3600 [ AC_MSG_RESULT(yes) ], 3601 [ 3602 AC_MSG_RESULT(no) 3603 system_lastlog_path=no 3604 ]) 3605 ] 3606) 3607 3608if test -z "$conf_lastlog_location"; then 3609 if test x"$system_lastlog_path" = x"no" ; then 3610 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3611 if (test -d "$f" || test -f "$f") ; then 3612 conf_lastlog_location=$f 3613 fi 3614 done 3615 if test -z "$conf_lastlog_location"; then 3616 AC_MSG_WARN([** Cannot find lastlog **]) 3617 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3618 fi 3619 fi 3620fi 3621 3622if test -n "$conf_lastlog_location"; then 3623 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 3624 [Define if you want to specify the path to your lastlog file]) 3625fi 3626 3627dnl utmp detection 3628AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3629AC_TRY_COMPILE([ 3630#include <sys/types.h> 3631#include <utmp.h> 3632#ifdef HAVE_PATHS_H 3633# include <paths.h> 3634#endif 3635 ], 3636 [ char *utmp = UTMP_FILE; ], 3637 [ AC_MSG_RESULT(yes) ], 3638 [ AC_MSG_RESULT(no) 3639 system_utmp_path=no ] 3640) 3641if test -z "$conf_utmp_location"; then 3642 if test x"$system_utmp_path" = x"no" ; then 3643 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3644 if test -f $f ; then 3645 conf_utmp_location=$f 3646 fi 3647 done 3648 if test -z "$conf_utmp_location"; then 3649 AC_DEFINE(DISABLE_UTMP) 3650 fi 3651 fi 3652fi 3653if test -n "$conf_utmp_location"; then 3654 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 3655 [Define if you want to specify the path to your utmp file]) 3656fi 3657 3658dnl wtmp detection 3659AC_MSG_CHECKING([if your system defines WTMP_FILE]) 3660AC_TRY_COMPILE([ 3661#include <sys/types.h> 3662#include <utmp.h> 3663#ifdef HAVE_PATHS_H 3664# include <paths.h> 3665#endif 3666 ], 3667 [ char *wtmp = WTMP_FILE; ], 3668 [ AC_MSG_RESULT(yes) ], 3669 [ AC_MSG_RESULT(no) 3670 system_wtmp_path=no ] 3671) 3672if test -z "$conf_wtmp_location"; then 3673 if test x"$system_wtmp_path" = x"no" ; then 3674 for f in /usr/adm/wtmp /var/log/wtmp; do 3675 if test -f $f ; then 3676 conf_wtmp_location=$f 3677 fi 3678 done 3679 if test -z "$conf_wtmp_location"; then 3680 AC_DEFINE(DISABLE_WTMP) 3681 fi 3682 fi 3683fi 3684if test -n "$conf_wtmp_location"; then 3685 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 3686 [Define if you want to specify the path to your wtmp file]) 3687fi 3688 3689 3690dnl utmpx detection - I don't know any system so perverse as to require 3691dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 3692dnl there, though. 3693AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 3694AC_TRY_COMPILE([ 3695#include <sys/types.h> 3696#include <utmp.h> 3697#ifdef HAVE_UTMPX_H 3698#include <utmpx.h> 3699#endif 3700#ifdef HAVE_PATHS_H 3701# include <paths.h> 3702#endif 3703 ], 3704 [ char *utmpx = UTMPX_FILE; ], 3705 [ AC_MSG_RESULT(yes) ], 3706 [ AC_MSG_RESULT(no) 3707 system_utmpx_path=no ] 3708) 3709if test -z "$conf_utmpx_location"; then 3710 if test x"$system_utmpx_path" = x"no" ; then 3711 AC_DEFINE(DISABLE_UTMPX) 3712 fi 3713else 3714 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", 3715 [Define if you want to specify the path to your utmpx file]) 3716fi 3717 3718dnl wtmpx detection 3719AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 3720AC_TRY_COMPILE([ 3721#include <sys/types.h> 3722#include <utmp.h> 3723#ifdef HAVE_UTMPX_H 3724#include <utmpx.h> 3725#endif 3726#ifdef HAVE_PATHS_H 3727# include <paths.h> 3728#endif 3729 ], 3730 [ char *wtmpx = WTMPX_FILE; ], 3731 [ AC_MSG_RESULT(yes) ], 3732 [ AC_MSG_RESULT(no) 3733 system_wtmpx_path=no ] 3734) 3735if test -z "$conf_wtmpx_location"; then 3736 if test x"$system_wtmpx_path" = x"no" ; then 3737 AC_DEFINE(DISABLE_WTMPX) 3738 fi 3739else 3740 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 3741 [Define if you want to specify the path to your wtmpx file]) 3742fi 3743 3744 3745if test ! -z "$blibpath" ; then 3746 LDFLAGS="$LDFLAGS $blibflags$blibpath" 3747 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 3748fi 3749 3750dnl remove pam and dl because they are in $LIBPAM 3751if test "$PAM_MSG" = yes ; then 3752 LIBS=`echo $LIBS | sed 's/-lpam //'` 3753fi 3754if test "$ac_cv_lib_pam_pam_set_item" = yes ; then 3755 LIBS=`echo $LIBS | sed 's/-ldl //'` 3756fi 3757 3758dnl Adding -Werror to CFLAGS early prevents configure tests from running. 3759dnl Add now. 3760CFLAGS="$CFLAGS $werror_flags" 3761 3762AC_EXEEXT 3763AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \ 3764 scard/Makefile ssh_prng_cmds survey.sh]) 3765AC_OUTPUT 3766 3767# Print summary of options 3768 3769# Someone please show me a better way :) 3770A=`eval echo ${prefix}` ; A=`eval echo ${A}` 3771B=`eval echo ${bindir}` ; B=`eval echo ${B}` 3772C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 3773D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 3774E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 3775F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 3776G=`eval echo ${piddir}` ; G=`eval echo ${G}` 3777H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 3778I=`eval echo ${user_path}` ; I=`eval echo ${I}` 3779J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 3780 3781echo "" 3782echo "OpenSSH has been configured with the following options:" 3783echo " User binaries: $B" 3784echo " System binaries: $C" 3785echo " Configuration files: $D" 3786echo " Askpass program: $E" 3787echo " Manual pages: $F" 3788echo " PID file: $G" 3789echo " Privilege separation chroot path: $H" 3790if test "x$external_path_file" = "x/etc/login.conf" ; then 3791echo " At runtime, sshd will use the path defined in $external_path_file" 3792echo " Make sure the path to scp is present, otherwise scp will not work" 3793else 3794echo " sshd default user PATH: $I" 3795 if test ! -z "$external_path_file"; then 3796echo " (If PATH is set in $external_path_file it will be used instead. If" 3797echo " used, ensure the path to scp is present, otherwise scp will not work.)" 3798 fi 3799fi 3800if test ! -z "$superuser_path" ; then 3801echo " sshd superuser user PATH: $J" 3802fi 3803echo " Manpage format: $MANTYPE" 3804echo " PAM support: $PAM_MSG" 3805echo " KerberosV support: $KRB5_MSG" 3806echo " Smartcard support: $SCARD_MSG" 3807echo " S/KEY support: $SKEY_MSG" 3808echo " OPIE support: $OPIE_MSG" 3809echo " TCP Wrappers support: $TCPW_MSG" 3810echo " MD5 password support: $MD5_MSG" 3811echo " libedit support: $LIBEDIT_MSG" 3812echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 3813echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 3814echo " BSD Auth support: $BSD_AUTH_MSG" 3815echo " Random number source: $RAND_MSG" 3816if test ! -z "$USE_RAND_HELPER" ; then 3817echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 3818fi 3819 3820echo "" 3821 3822echo " Host: ${host}" 3823echo " Compiler: ${CC}" 3824echo " Compiler flags: ${CFLAGS}" 3825echo "Preprocessor flags: ${CPPFLAGS}" 3826echo " Linker flags: ${LDFLAGS}" 3827echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" 3828 3829echo "" 3830 3831if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 3832 echo "SVR4 style packages are supported with \"make package\"" 3833 echo "" 3834fi 3835 3836if test "x$PAM_MSG" = "xyes" ; then 3837 echo "PAM is enabled. You may need to install a PAM control file " 3838 echo "for sshd, otherwise password authentication may fail. " 3839 echo "Example PAM control files can be found in the contrib/ " 3840 echo "subdirectory" 3841 echo "" 3842fi 3843 3844if test ! -z "$RAND_HELPER_CMDHASH" ; then 3845 echo "WARNING: you are using the builtin random number collection " 3846 echo "service. Please read WARNING.RNG and request that your OS " 3847 echo "vendor includes kernel-based random number collection in " 3848 echo "future versions of your OS." 3849 echo "" 3850fi 3851 3852if test ! -z "$NO_PEERCHECK" ; then 3853 echo "WARNING: the operating system that you are using does not " 3854 echo "appear to support either the getpeereid() API nor the " 3855 echo "SO_PEERCRED getsockopt() option. These facilities are used to " 3856 echo "enforce security checks to prevent unauthorised connections to " 3857 echo "ssh-agent. Their absence increases the risk that a malicious " 3858 echo "user can connect to your agent. " 3859 echo "" 3860fi 3861 3862if test "$AUDIT_MODULE" = "bsm" ; then 3863 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 3864 echo "See the Solaris section in README.platform for details." 3865fi 3866