Cross Reference: /freebsd-11.0-release/crypto/openssh/configure.ac

Deleted Added

sdiff udiff text old ( 180751 ) new ( 189006 )

full compact

configure.ac (180751)	configure.ac (189006)
1# $Id: configure.ac,v 1.409 2008/07/09 11:07:19 djm Exp $	1# $Id: configure.ac,v 1.415 2009/02/16 04:37:03 djm Exp $
2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)	2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
18AC_REVISION($Revision: 1.409 $)	18AC_REVISION($Revision: 1.415 $)
19AC_CONFIG_SRCDIR([ssh.c]) 20 21AC_CONFIG_HEADER(config.h) 22AC_PROG_CC 23AC_CANONICAL_HOST 24AC_C_BIGENDIAN 25 26# Checks for programs. 27AC_PROG_AWK 28AC_PROG_CPP 29AC_PROG_RANLIB 30AC_PROG_INSTALL 31AC_PROG_EGREP 32AC_PATH_PROG(AR, ar) 33AC_PATH_PROG(CAT, cat) 34AC_PATH_PROG(KILL, kill) 35AC_PATH_PROGS(PERL, perl5 perl) 36AC_PATH_PROG(SED, sed) 37AC_SUBST(PERL) 38AC_PATH_PROG(ENT, ent) 39AC_SUBST(ENT) 40AC_PATH_PROG(TEST_MINUS_S_SH, bash) 41AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 42AC_PATH_PROG(TEST_MINUS_S_SH, sh) 43AC_PATH_PROG(SH, sh) 44AC_SUBST(TEST_SHELL,sh) 45 46dnl for buildpkg.sh 47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 48 [/usr/sbin${PATH_SEPARATOR}/etc]) 49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 50 [/usr/sbin${PATH_SEPARATOR}/etc]) 51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 52if test -x /sbin/sh; then 53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 54else 55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 56fi 57 58# System features 59AC_SYS_LARGEFILE 60 61if test -z "$AR" ; then 62 AC_MSG_ERROR([* 'ar' missing, please install or fix your \$PATH ]) 63fi 64 65# Use LOGIN_PROGRAM from environment if possible 66if test ! -z "$LOGIN_PROGRAM" ; then 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 68 [If your header files don't define LOGIN_PROGRAM, 69 then use this (detected) from environment and PATH]) 70else 71 # Search for login 72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 75 fi 76fi 77 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 79if test ! -z "$PATH_PASSWD_PROG" ; then 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 81 [Full path of your "passwd" program]) 82fi 83 84if test -z "$LD" ; then 85 LD=$CC 86fi 87AC_SUBST(LD) 88 89AC_C_INLINE 90 91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 92 93use_stack_protector=1 94AC_ARG_WITH(stackprotect, 95 [ --without-stackprotect Don't use compiler's stack protection], [ 96 if test "x$withval" = "xno"; then 97 use_stack_protector=0 98 fi ]) 99 100if test "$GCC" = "yes" \|\| test "$GCC" = "egcs"; then 101* CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 102 GCC_VER=`$CC -v 2>&1 \| $AWK '/gcc version /{print $3}'` 103 case $GCC_VER in 104 1.) no_attrib_nonnull=1 ;; 105* 2.8* \| 2.9) 106* CFLAGS="$CFLAGS -Wsign-compare" 107 no_attrib_nonnull=1 108 ;; 109 2.) no_attrib_nonnull=1 ;; 110* 3.) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;; 111* 4.) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;; 112* ) ;; 113* esac 114 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset) 116 saved_CFLAGS="$CFLAGS" 117 CFLAGS="$CFLAGS -fno-builtin-memset" 118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[ 119#include <string.h> 120int main(void){char b[10]; memset(b, 0, sizeof(b));} 121 ]])], 122 [ AC_MSG_RESULT(yes) ], 123 [ AC_MSG_RESULT(no) 124 CFLAGS="$saved_CFLAGS" ] 125) 126 127 # -fstack-protector-all doesn't always work for some GCC versions 128 # and/or platforms, so we test if we can. If it's not supported	19AC_CONFIG_SRCDIR([ssh.c]) 20 21AC_CONFIG_HEADER(config.h) 22AC_PROG_CC 23AC_CANONICAL_HOST 24AC_C_BIGENDIAN 25 26# Checks for programs. 27AC_PROG_AWK 28AC_PROG_CPP 29AC_PROG_RANLIB 30AC_PROG_INSTALL 31AC_PROG_EGREP 32AC_PATH_PROG(AR, ar) 33AC_PATH_PROG(CAT, cat) 34AC_PATH_PROG(KILL, kill) 35AC_PATH_PROGS(PERL, perl5 perl) 36AC_PATH_PROG(SED, sed) 37AC_SUBST(PERL) 38AC_PATH_PROG(ENT, ent) 39AC_SUBST(ENT) 40AC_PATH_PROG(TEST_MINUS_S_SH, bash) 41AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 42AC_PATH_PROG(TEST_MINUS_S_SH, sh) 43AC_PATH_PROG(SH, sh) 44AC_SUBST(TEST_SHELL,sh) 45 46dnl for buildpkg.sh 47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 48 [/usr/sbin${PATH_SEPARATOR}/etc]) 49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 50 [/usr/sbin${PATH_SEPARATOR}/etc]) 51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 52if test -x /sbin/sh; then 53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 54else 55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 56fi 57 58# System features 59AC_SYS_LARGEFILE 60 61if test -z "$AR" ; then 62 AC_MSG_ERROR([* 'ar' missing, please install or fix your \$PATH ]) 63fi 64 65# Use LOGIN_PROGRAM from environment if possible 66if test ! -z "$LOGIN_PROGRAM" ; then 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 68 [If your header files don't define LOGIN_PROGRAM, 69 then use this (detected) from environment and PATH]) 70else 71 # Search for login 72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 75 fi 76fi 77 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 79if test ! -z "$PATH_PASSWD_PROG" ; then 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 81 [Full path of your "passwd" program]) 82fi 83 84if test -z "$LD" ; then 85 LD=$CC 86fi 87AC_SUBST(LD) 88 89AC_C_INLINE 90 91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 92 93use_stack_protector=1 94AC_ARG_WITH(stackprotect, 95 [ --without-stackprotect Don't use compiler's stack protection], [ 96 if test "x$withval" = "xno"; then 97 use_stack_protector=0 98 fi ]) 99 100if test "$GCC" = "yes" \|\| test "$GCC" = "egcs"; then 101* CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 102 GCC_VER=`$CC -v 2>&1 \| $AWK '/gcc version /{print $3}'` 103 case $GCC_VER in 104 1.) no_attrib_nonnull=1 ;; 105* 2.8* \| 2.9) 106* CFLAGS="$CFLAGS -Wsign-compare" 107 no_attrib_nonnull=1 108 ;; 109 2.) no_attrib_nonnull=1 ;; 110* 3.) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;; 111* 4.) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;; 112* ) ;; 113* esac 114 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset) 116 saved_CFLAGS="$CFLAGS" 117 CFLAGS="$CFLAGS -fno-builtin-memset" 118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[ 119#include <string.h> 120int main(void){char b[10]; memset(b, 0, sizeof(b));} 121 ]])], 122 [ AC_MSG_RESULT(yes) ], 123 [ AC_MSG_RESULT(no) 124 CFLAGS="$saved_CFLAGS" ] 125) 126 127 # -fstack-protector-all doesn't always work for some GCC versions 128 # and/or platforms, so we test if we can. If it's not supported
129 # on a give platform gcc will emit a warning so we use -Werror.	129 # on a given platform gcc will emit a warning so we use -Werror.
130 if test "x$use_stack_protector" = "x1"; then 131 for t in -fstack-protector-all -fstack-protector; do 132 AC_MSG_CHECKING(if $CC supports $t) 133 saved_CFLAGS="$CFLAGS" 134 saved_LDFLAGS="$LDFLAGS" 135 CFLAGS="$CFLAGS $t -Werror" 136 LDFLAGS="$LDFLAGS $t -Werror" 137 AC_LINK_IFELSE( 138 [AC_LANG_SOURCE([	130 if test "x$use_stack_protector" = "x1"; then 131 for t in -fstack-protector-all -fstack-protector; do 132 AC_MSG_CHECKING(if $CC supports $t) 133 saved_CFLAGS="$CFLAGS" 134 saved_LDFLAGS="$LDFLAGS" 135 CFLAGS="$CFLAGS $t -Werror" 136 LDFLAGS="$LDFLAGS $t -Werror" 137 AC_LINK_IFELSE( 138 [AC_LANG_SOURCE([
139#include <stdlib.h> 140int main(void){return 0;}	139#include <stdio.h> 140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
141 ])], 142 [ AC_MSG_RESULT(yes) 143 CFLAGS="$saved_CFLAGS $t" 144 LDFLAGS="$saved_LDFLAGS $t" 145 AC_MSG_CHECKING(if $t works) 146 AC_RUN_IFELSE( 147 [AC_LANG_SOURCE([	141 ])], 142 [ AC_MSG_RESULT(yes) 143 CFLAGS="$saved_CFLAGS $t" 144 LDFLAGS="$saved_LDFLAGS $t" 145 AC_MSG_CHECKING(if $t works) 146 AC_RUN_IFELSE( 147 [AC_LANG_SOURCE([
148#include <stdlib.h> 149int main(void){exit(0);}	148#include <stdio.h> 149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;}
150 ])], 151 [ AC_MSG_RESULT(yes) 152 break ], 153 [ AC_MSG_RESULT(no) ], 154 [ AC_MSG_WARN([cross compiling: cannot test]) 155 break ] 156 ) 157 ], 158 [ AC_MSG_RESULT(no) ] 159 ) 160 CFLAGS="$saved_CFLAGS" 161 LDFLAGS="$saved_LDFLAGS" 162 done 163 fi 164 165 if test -z "$have_llong_max"; then 166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 167 unset ac_cv_have_decl_LLONG_MAX 168 saved_CFLAGS="$CFLAGS" 169 CFLAGS="$CFLAGS -std=gnu99" 170 AC_CHECK_DECL(LLONG_MAX, 171 [have_llong_max=1], 172 [CFLAGS="$saved_CFLAGS"], 173 [#include <limits.h>] 174 ) 175 fi 176fi 177 178if test "x$no_attrib_nonnull" != "x1" ; then 179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull]) 180fi 181 182AC_ARG_WITH(rpath, 183 [ --without-rpath Disable auto-added -R linker paths], 184 [ 185 if test "x$withval" = "xno" ; then 186 need_dash_r="" 187 fi 188 if test "x$withval" = "xyes" ; then 189 need_dash_r=1 190 fi 191 ] 192) 193 194# Allow user to specify flags 195AC_ARG_WITH(cflags, 196 [ --with-cflags Specify additional flags to pass to compiler], 197 [ 198 if test -n "$withval" && test "x$withval" != "xno" && \ 199 test "x${withval}" != "xyes"; then 200 CFLAGS="$CFLAGS $withval" 201 fi 202 ] 203) 204AC_ARG_WITH(cppflags, 205 [ --with-cppflags Specify additional flags to pass to preprocessor] , 206 [ 207 if test -n "$withval" && test "x$withval" != "xno" && \ 208 test "x${withval}" != "xyes"; then 209 CPPFLAGS="$CPPFLAGS $withval" 210 fi 211 ] 212) 213AC_ARG_WITH(ldflags, 214 [ --with-ldflags Specify additional flags to pass to linker], 215 [ 216 if test -n "$withval" && test "x$withval" != "xno" && \ 217 test "x${withval}" != "xyes"; then 218 LDFLAGS="$LDFLAGS $withval" 219 fi 220 ] 221) 222AC_ARG_WITH(libs, 223 [ --with-libs Specify additional libraries to link with], 224 [ 225 if test -n "$withval" && test "x$withval" != "xno" && \ 226 test "x${withval}" != "xyes"; then 227 LIBS="$LIBS $withval" 228 fi 229 ] 230) 231AC_ARG_WITH(Werror, 232 [ --with-Werror Build main code with -Werror], 233 [ 234 if test -n "$withval" && test "x$withval" != "xno"; then 235 werror_flags="-Werror" 236 if test "x${withval}" != "xyes"; then 237 werror_flags="$withval" 238 fi 239 fi 240 ] 241) 242 243AC_CHECK_HEADERS( \ 244 bstring.h \ 245 crypt.h \ 246 crypto/sha2.h \ 247 dirent.h \ 248 endian.h \ 249 features.h \ 250 fcntl.h \ 251 floatingpoint.h \ 252 getopt.h \ 253 glob.h \ 254 ia.h \ 255 iaf.h \ 256 limits.h \ 257 login.h \ 258 maillock.h \ 259 ndir.h \ 260 net/if_tun.h \ 261 netdb.h \ 262 netgroup.h \ 263 pam/pam_appl.h \ 264 paths.h \ 265 poll.h \ 266 pty.h \ 267 readpassphrase.h \ 268 rpc/types.h \ 269 security/pam_appl.h \ 270 sha2.h \ 271 shadow.h \ 272 stddef.h \ 273 stdint.h \ 274 string.h \ 275 strings.h \ 276 sys/audit.h \ 277 sys/bitypes.h \ 278 sys/bsdtty.h \ 279 sys/cdefs.h \ 280 sys/dir.h \ 281 sys/mman.h \ 282 sys/mount.h \ 283 sys/ndir.h \ 284 sys/poll.h \ 285 sys/prctl.h \ 286 sys/pstat.h \ 287 sys/select.h \ 288 sys/stat.h \ 289 sys/stream.h \ 290 sys/stropts.h \ 291 sys/strtio.h \ 292 sys/statvfs.h \ 293 sys/sysmacros.h \ 294 sys/time.h \ 295 sys/timers.h \ 296 sys/un.h \ 297 time.h \ 298 tmpdir.h \ 299 ttyent.h \ 300 ucred.h \ 301 unistd.h \ 302 usersec.h \ 303 util.h \ 304 utime.h \ 305 utmp.h \ 306 utmpx.h \ 307 vis.h \ 308) 309 310# lastlog.h requires sys/time.h to be included first on Solaris 311AC_CHECK_HEADERS(lastlog.h, [], [], [ 312#ifdef HAVE_SYS_TIME_H 313# include <sys/time.h> 314#endif 315]) 316 317# sys/ptms.h requires sys/stream.h to be included first on Solaris 318AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 319#ifdef HAVE_SYS_STREAM_H 320# include <sys/stream.h> 321#endif 322]) 323 324# login_cap.h requires sys/types.h on NetBSD 325AC_CHECK_HEADERS(login_cap.h, [], [], [ 326#include <sys/types.h> 327]) 328 329# Messages for features tested for in target-specific section 330SIA_MSG="no" 331SPC_MSG="no" 332 333# Check for some target-specific stuff 334case "$host" in 335--aix) 336* # Some versions of VAC won't allow macro redefinitions at 337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 338 # particularly with older versions of vac or xlc. 339 # It also throws errors about null macro argments, but these are 340 # not fatal. 341 AC_MSG_CHECKING(if compiler allows macro redefinitions) 342 AC_COMPILE_IFELSE( 343 [AC_LANG_SOURCE([[ 344#define testmacro foo 345#define testmacro bar 346int main(void) { exit(0); } 347 ]])], 348 [ AC_MSG_RESULT(yes) ], 349 [ AC_MSG_RESULT(no) 350 CC="`echo $CC \| sed 's/-qlanglvl\=ansi//g'`" 351 LD="`echo $LD \| sed 's/-qlanglvl\=ansi//g'`" 352 CFLAGS="`echo $CFLAGS \| sed 's/-qlanglvl\=ansi//g'`" 353 CPPFLAGS="`echo $CPPFLAGS \| sed 's/-qlanglvl\=ansi//g'`" 354 ] 355 ) 356 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 358 if (test -z "$blibpath"); then 359 blibpath="/usr/lib:/lib" 360 fi 361 saved_LDFLAGS="$LDFLAGS" 362 if test "$GCC" = "yes"; then 363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 364 else 365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 366 fi 367 for tryflags in $flags ;do 368 if (test -z "$blibflags"); then 369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 370 AC_TRY_LINK([], [], [blibflags=$tryflags]) 371 fi 372 done 373 if (test -z "$blibflags"); then 374 AC_MSG_RESULT(not found) 375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 376 else 377 AC_MSG_RESULT($blibflags) 378 fi 379 LDFLAGS="$saved_LDFLAGS" 380 dnl Check for authenticate. Might be in libs.a on older AIXes 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 382 [Define if you want to enable AIX4's authenticate function])], 383 [AC_CHECK_LIB(s,authenticate, 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 385 LIBS="$LIBS -ls" 386 ]) 387 ]) 388 dnl Check for various auth function declarations in headers. 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 390 passwdexpired, setauthdb], , , [#include <usersec.h>]) 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 392 AC_CHECK_DECLS(loginfailed, 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 394 AC_TRY_COMPILE( 395 [#include <usersec.h>], 396 [(void)loginfailed("user","host","tty",0);], 397 [AC_MSG_RESULT(yes) 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 399 [Define if your AIX loginfailed() function 400 takes 4 arguments (AIX >= 5.2)])], 401 [AC_MSG_RESULT(no)] 402 )], 403 [], 404 [#include <usersec.h>] 405 ) 406 AC_CHECK_FUNCS(getgrset setauthdb) 407 AC_CHECK_DECL(F_CLOSEM, 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), 409 [], 410 [ #include <limits.h> 411 #include <fcntl.h> ] 412 ) 413 check_for_aix_broken_getaddrinfo=1 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 416 [Define if your platform breaks doing a seteuid before a setuid]) 417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 419 dnl AIX handles lastlog as part of its login message 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 422 [Some systems need a utmpx entry for /bin/login to work]) 423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 424 [Define to a Set Process Title type if your system is 425 supported by bsd-setproctitle.c]) 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 427 [AIX 5.2 and 5.3 (and presumably newer) require this]) 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) 429 ;; 430--cygwin) 431* check_for_libcrypt_later=1 432 LIBS="$LIBS /usr/lib/textreadmode.o" 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 435 AC_DEFINE(DISABLE_SHADOW, 1, 436 [Define if you want to disable shadow passwords]) 437 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 438 [Define if your system choked on IP TOS setting]) 439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 440 [Define if X11 doesn't support AF_UNIX sockets on that system]) 441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 442 [Define if the concept of ports only accessible to 443 superusers isn't known]) 444 AC_DEFINE(DISABLE_FD_PASSING, 1, 445 [Define if your platform needs to skip post auth 446 file descriptor passing]) 447 ;; 448--dgux) 449* AC_DEFINE(IP_TOS_IS_BROKEN) 450 AC_DEFINE(SETEUID_BREAKS_SETUID) 451 AC_DEFINE(BROKEN_SETREUID) 452 AC_DEFINE(BROKEN_SETREGID) 453 ;; 454--darwin) 455* AC_MSG_CHECKING(if we have working getaddrinfo) 456 AC_TRY_RUN([#include <mach-o/dyld.h> 457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 458 exit(0); 459 else 460 exit(1); 461}], [AC_MSG_RESULT(working)], 462 [AC_MSG_RESULT(buggy) 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 464 [AC_MSG_RESULT(assume it is working)]) 465 AC_DEFINE(SETEUID_BREAKS_SETUID) 466 AC_DEFINE(BROKEN_SETREUID) 467 AC_DEFINE(BROKEN_SETREGID) 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect]) 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 470 [Define if your resolver libs need this for getrrsetbyname]) 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 473 [Use tunnel device compatibility to OpenBSD]) 474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 475 [Prepend the address family to IP tunnel traffic]) 476 m4_pattern_allow(AU_IPv) 477 AC_CHECK_DECL(AU_IPv4, [], 478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records]) 479 [#include <bsm/audit.h>]	150 ])], 151 [ AC_MSG_RESULT(yes) 152 break ], 153 [ AC_MSG_RESULT(no) ], 154 [ AC_MSG_WARN([cross compiling: cannot test]) 155 break ] 156 ) 157 ], 158 [ AC_MSG_RESULT(no) ] 159 ) 160 CFLAGS="$saved_CFLAGS" 161 LDFLAGS="$saved_LDFLAGS" 162 done 163 fi 164 165 if test -z "$have_llong_max"; then 166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 167 unset ac_cv_have_decl_LLONG_MAX 168 saved_CFLAGS="$CFLAGS" 169 CFLAGS="$CFLAGS -std=gnu99" 170 AC_CHECK_DECL(LLONG_MAX, 171 [have_llong_max=1], 172 [CFLAGS="$saved_CFLAGS"], 173 [#include <limits.h>] 174 ) 175 fi 176fi 177 178if test "x$no_attrib_nonnull" != "x1" ; then 179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull]) 180fi 181 182AC_ARG_WITH(rpath, 183 [ --without-rpath Disable auto-added -R linker paths], 184 [ 185 if test "x$withval" = "xno" ; then 186 need_dash_r="" 187 fi 188 if test "x$withval" = "xyes" ; then 189 need_dash_r=1 190 fi 191 ] 192) 193 194# Allow user to specify flags 195AC_ARG_WITH(cflags, 196 [ --with-cflags Specify additional flags to pass to compiler], 197 [ 198 if test -n "$withval" && test "x$withval" != "xno" && \ 199 test "x${withval}" != "xyes"; then 200 CFLAGS="$CFLAGS $withval" 201 fi 202 ] 203) 204AC_ARG_WITH(cppflags, 205 [ --with-cppflags Specify additional flags to pass to preprocessor] , 206 [ 207 if test -n "$withval" && test "x$withval" != "xno" && \ 208 test "x${withval}" != "xyes"; then 209 CPPFLAGS="$CPPFLAGS $withval" 210 fi 211 ] 212) 213AC_ARG_WITH(ldflags, 214 [ --with-ldflags Specify additional flags to pass to linker], 215 [ 216 if test -n "$withval" && test "x$withval" != "xno" && \ 217 test "x${withval}" != "xyes"; then 218 LDFLAGS="$LDFLAGS $withval" 219 fi 220 ] 221) 222AC_ARG_WITH(libs, 223 [ --with-libs Specify additional libraries to link with], 224 [ 225 if test -n "$withval" && test "x$withval" != "xno" && \ 226 test "x${withval}" != "xyes"; then 227 LIBS="$LIBS $withval" 228 fi 229 ] 230) 231AC_ARG_WITH(Werror, 232 [ --with-Werror Build main code with -Werror], 233 [ 234 if test -n "$withval" && test "x$withval" != "xno"; then 235 werror_flags="-Werror" 236 if test "x${withval}" != "xyes"; then 237 werror_flags="$withval" 238 fi 239 fi 240 ] 241) 242 243AC_CHECK_HEADERS( \ 244 bstring.h \ 245 crypt.h \ 246 crypto/sha2.h \ 247 dirent.h \ 248 endian.h \ 249 features.h \ 250 fcntl.h \ 251 floatingpoint.h \ 252 getopt.h \ 253 glob.h \ 254 ia.h \ 255 iaf.h \ 256 limits.h \ 257 login.h \ 258 maillock.h \ 259 ndir.h \ 260 net/if_tun.h \ 261 netdb.h \ 262 netgroup.h \ 263 pam/pam_appl.h \ 264 paths.h \ 265 poll.h \ 266 pty.h \ 267 readpassphrase.h \ 268 rpc/types.h \ 269 security/pam_appl.h \ 270 sha2.h \ 271 shadow.h \ 272 stddef.h \ 273 stdint.h \ 274 string.h \ 275 strings.h \ 276 sys/audit.h \ 277 sys/bitypes.h \ 278 sys/bsdtty.h \ 279 sys/cdefs.h \ 280 sys/dir.h \ 281 sys/mman.h \ 282 sys/mount.h \ 283 sys/ndir.h \ 284 sys/poll.h \ 285 sys/prctl.h \ 286 sys/pstat.h \ 287 sys/select.h \ 288 sys/stat.h \ 289 sys/stream.h \ 290 sys/stropts.h \ 291 sys/strtio.h \ 292 sys/statvfs.h \ 293 sys/sysmacros.h \ 294 sys/time.h \ 295 sys/timers.h \ 296 sys/un.h \ 297 time.h \ 298 tmpdir.h \ 299 ttyent.h \ 300 ucred.h \ 301 unistd.h \ 302 usersec.h \ 303 util.h \ 304 utime.h \ 305 utmp.h \ 306 utmpx.h \ 307 vis.h \ 308) 309 310# lastlog.h requires sys/time.h to be included first on Solaris 311AC_CHECK_HEADERS(lastlog.h, [], [], [ 312#ifdef HAVE_SYS_TIME_H 313# include <sys/time.h> 314#endif 315]) 316 317# sys/ptms.h requires sys/stream.h to be included first on Solaris 318AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 319#ifdef HAVE_SYS_STREAM_H 320# include <sys/stream.h> 321#endif 322]) 323 324# login_cap.h requires sys/types.h on NetBSD 325AC_CHECK_HEADERS(login_cap.h, [], [], [ 326#include <sys/types.h> 327]) 328 329# Messages for features tested for in target-specific section 330SIA_MSG="no" 331SPC_MSG="no" 332 333# Check for some target-specific stuff 334case "$host" in 335--aix) 336* # Some versions of VAC won't allow macro redefinitions at 337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 338 # particularly with older versions of vac or xlc. 339 # It also throws errors about null macro argments, but these are 340 # not fatal. 341 AC_MSG_CHECKING(if compiler allows macro redefinitions) 342 AC_COMPILE_IFELSE( 343 [AC_LANG_SOURCE([[ 344#define testmacro foo 345#define testmacro bar 346int main(void) { exit(0); } 347 ]])], 348 [ AC_MSG_RESULT(yes) ], 349 [ AC_MSG_RESULT(no) 350 CC="`echo $CC \| sed 's/-qlanglvl\=ansi//g'`" 351 LD="`echo $LD \| sed 's/-qlanglvl\=ansi//g'`" 352 CFLAGS="`echo $CFLAGS \| sed 's/-qlanglvl\=ansi//g'`" 353 CPPFLAGS="`echo $CPPFLAGS \| sed 's/-qlanglvl\=ansi//g'`" 354 ] 355 ) 356 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 358 if (test -z "$blibpath"); then 359 blibpath="/usr/lib:/lib" 360 fi 361 saved_LDFLAGS="$LDFLAGS" 362 if test "$GCC" = "yes"; then 363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 364 else 365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 366 fi 367 for tryflags in $flags ;do 368 if (test -z "$blibflags"); then 369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 370 AC_TRY_LINK([], [], [blibflags=$tryflags]) 371 fi 372 done 373 if (test -z "$blibflags"); then 374 AC_MSG_RESULT(not found) 375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 376 else 377 AC_MSG_RESULT($blibflags) 378 fi 379 LDFLAGS="$saved_LDFLAGS" 380 dnl Check for authenticate. Might be in libs.a on older AIXes 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 382 [Define if you want to enable AIX4's authenticate function])], 383 [AC_CHECK_LIB(s,authenticate, 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 385 LIBS="$LIBS -ls" 386 ]) 387 ]) 388 dnl Check for various auth function declarations in headers. 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 390 passwdexpired, setauthdb], , , [#include <usersec.h>]) 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 392 AC_CHECK_DECLS(loginfailed, 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 394 AC_TRY_COMPILE( 395 [#include <usersec.h>], 396 [(void)loginfailed("user","host","tty",0);], 397 [AC_MSG_RESULT(yes) 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 399 [Define if your AIX loginfailed() function 400 takes 4 arguments (AIX >= 5.2)])], 401 [AC_MSG_RESULT(no)] 402 )], 403 [], 404 [#include <usersec.h>] 405 ) 406 AC_CHECK_FUNCS(getgrset setauthdb) 407 AC_CHECK_DECL(F_CLOSEM, 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), 409 [], 410 [ #include <limits.h> 411 #include <fcntl.h> ] 412 ) 413 check_for_aix_broken_getaddrinfo=1 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 416 [Define if your platform breaks doing a seteuid before a setuid]) 417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 419 dnl AIX handles lastlog as part of its login message 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 422 [Some systems need a utmpx entry for /bin/login to work]) 423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 424 [Define to a Set Process Title type if your system is 425 supported by bsd-setproctitle.c]) 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 427 [AIX 5.2 and 5.3 (and presumably newer) require this]) 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) 429 ;; 430--cygwin) 431* check_for_libcrypt_later=1 432 LIBS="$LIBS /usr/lib/textreadmode.o" 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 435 AC_DEFINE(DISABLE_SHADOW, 1, 436 [Define if you want to disable shadow passwords]) 437 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 438 [Define if your system choked on IP TOS setting]) 439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 440 [Define if X11 doesn't support AF_UNIX sockets on that system]) 441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 442 [Define if the concept of ports only accessible to 443 superusers isn't known]) 444 AC_DEFINE(DISABLE_FD_PASSING, 1, 445 [Define if your platform needs to skip post auth 446 file descriptor passing]) 447 ;; 448--dgux) 449* AC_DEFINE(IP_TOS_IS_BROKEN) 450 AC_DEFINE(SETEUID_BREAKS_SETUID) 451 AC_DEFINE(BROKEN_SETREUID) 452 AC_DEFINE(BROKEN_SETREGID) 453 ;; 454--darwin) 455* AC_MSG_CHECKING(if we have working getaddrinfo) 456 AC_TRY_RUN([#include <mach-o/dyld.h> 457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 458 exit(0); 459 else 460 exit(1); 461}], [AC_MSG_RESULT(working)], 462 [AC_MSG_RESULT(buggy) 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 464 [AC_MSG_RESULT(assume it is working)]) 465 AC_DEFINE(SETEUID_BREAKS_SETUID) 466 AC_DEFINE(BROKEN_SETREUID) 467 AC_DEFINE(BROKEN_SETREGID) 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect]) 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 470 [Define if your resolver libs need this for getrrsetbyname]) 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 473 [Use tunnel device compatibility to OpenBSD]) 474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 475 [Prepend the address family to IP tunnel traffic]) 476 m4_pattern_allow(AU_IPv) 477 AC_CHECK_DECL(AU_IPv4, [], 478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records]) 479 [#include <bsm/audit.h>]
	480 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1, 481 [Define if pututxline updates lastlog too])
480 ) 481 ;; 482--dragonfly) 483* SSHDLIBS="$SSHDLIBS -lcrypt" 484 ;; 485--hpux) 486* # first we define all of the options common to all HP-UX releases 487 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 488 IPADDR_IN_DISPLAY=yes 489 AC_DEFINE(USE_PIPES) 490 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 491 [Define if your login program cannot handle end of options ("--")]) 492 AC_DEFINE(LOGIN_NEEDS_UTMPX) 493 AC_DEFINE(LOCKED_PASSWD_STRING, "", 494* [String used in /etc/passwd to denote locked account]) 495 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 496 MAIL="/var/mail/username" 497 LIBS="$LIBS -lsec" 498 AC_CHECK_LIB(xnet, t_error, , 499 AC_MSG_ERROR([* -lxnet needed on HP-UX - check config.log ])) 500* 501 # next, we define all of the options specific to major releases 502 case "$host" in 503 --hpux10) 504* if test -z "$GCC"; then 505 CFLAGS="$CFLAGS -Ae" 506 fi 507 ;; 508 --hpux11) 509* AC_DEFINE(PAM_SUN_CODEBASE, 1, 510 [Define if you are using Solaris-derived PAM which 511 passes pam_messages to the conversation function 512 with an extra level of indirection]) 513 AC_DEFINE(DISABLE_UTMP, 1, 514 [Define if you don't want to use utmp]) 515 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 516 check_for_hpux_broken_getaddrinfo=1 517 check_for_conflicting_getspnam=1 518 ;; 519 esac 520 521 # lastly, we define options specific to minor releases 522 case "$host" in 523 --hpux10.26) 524 AC_DEFINE(HAVE_SECUREWARE, 1, 525 [Define if you have SecureWare-based 526 protected password database]) 527 disable_ptmx_check=yes 528 LIBS="$LIBS -lsecpw" 529 ;; 530 esac 531 ;; 532--irix5) 533* PATH="$PATH:/usr/etc" 534 AC_DEFINE(BROKEN_INET_NTOA, 1, 535 [Define if you system's inet_ntoa is busted 536 (e.g. Irix gcc issue)]) 537 AC_DEFINE(SETEUID_BREAKS_SETUID) 538 AC_DEFINE(BROKEN_SETREUID) 539 AC_DEFINE(BROKEN_SETREGID) 540 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 541 [Define if you shouldn't strip 'tty' from your 542 ttyname in [uw]tmp]) 543 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 544 ;; 545--irix6) 546* PATH="$PATH:/usr/etc" 547 AC_DEFINE(WITH_IRIX_ARRAY, 1, 548 [Define if you have/want arrays 549 (cluster-wide session managment, not C arrays)]) 550 AC_DEFINE(WITH_IRIX_PROJECT, 1, 551 [Define if you want IRIX project management]) 552 AC_DEFINE(WITH_IRIX_AUDIT, 1, 553 [Define if you want IRIX audit trails]) 554 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 555 [Define if you want IRIX kernel jobs])]) 556 AC_DEFINE(BROKEN_INET_NTOA) 557 AC_DEFINE(SETEUID_BREAKS_SETUID) 558 AC_DEFINE(BROKEN_SETREUID) 559 AC_DEFINE(BROKEN_SETREGID) 560 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 561 AC_DEFINE(WITH_ABBREV_NO_TTY) 562 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 563 ;;	482 ) 483 ;; 484--dragonfly) 485* SSHDLIBS="$SSHDLIBS -lcrypt" 486 ;; 487--hpux) 488* # first we define all of the options common to all HP-UX releases 489 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 490 IPADDR_IN_DISPLAY=yes 491 AC_DEFINE(USE_PIPES) 492 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 493 [Define if your login program cannot handle end of options ("--")]) 494 AC_DEFINE(LOGIN_NEEDS_UTMPX) 495 AC_DEFINE(LOCKED_PASSWD_STRING, "", 496* [String used in /etc/passwd to denote locked account]) 497 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 498 MAIL="/var/mail/username" 499 LIBS="$LIBS -lsec" 500 AC_CHECK_LIB(xnet, t_error, , 501 AC_MSG_ERROR([* -lxnet needed on HP-UX - check config.log ])) 502* 503 # next, we define all of the options specific to major releases 504 case "$host" in 505 --hpux10) 506* if test -z "$GCC"; then 507 CFLAGS="$CFLAGS -Ae" 508 fi 509 ;; 510 --hpux11) 511* AC_DEFINE(PAM_SUN_CODEBASE, 1, 512 [Define if you are using Solaris-derived PAM which 513 passes pam_messages to the conversation function 514 with an extra level of indirection]) 515 AC_DEFINE(DISABLE_UTMP, 1, 516 [Define if you don't want to use utmp]) 517 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 518 check_for_hpux_broken_getaddrinfo=1 519 check_for_conflicting_getspnam=1 520 ;; 521 esac 522 523 # lastly, we define options specific to minor releases 524 case "$host" in 525 --hpux10.26) 526 AC_DEFINE(HAVE_SECUREWARE, 1, 527 [Define if you have SecureWare-based 528 protected password database]) 529 disable_ptmx_check=yes 530 LIBS="$LIBS -lsecpw" 531 ;; 532 esac 533 ;; 534--irix5) 535* PATH="$PATH:/usr/etc" 536 AC_DEFINE(BROKEN_INET_NTOA, 1, 537 [Define if you system's inet_ntoa is busted 538 (e.g. Irix gcc issue)]) 539 AC_DEFINE(SETEUID_BREAKS_SETUID) 540 AC_DEFINE(BROKEN_SETREUID) 541 AC_DEFINE(BROKEN_SETREGID) 542 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 543 [Define if you shouldn't strip 'tty' from your 544 ttyname in [uw]tmp]) 545 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 546 ;; 547--irix6) 548* PATH="$PATH:/usr/etc" 549 AC_DEFINE(WITH_IRIX_ARRAY, 1, 550 [Define if you have/want arrays 551 (cluster-wide session managment, not C arrays)]) 552 AC_DEFINE(WITH_IRIX_PROJECT, 1, 553 [Define if you want IRIX project management]) 554 AC_DEFINE(WITH_IRIX_AUDIT, 1, 555 [Define if you want IRIX audit trails]) 556 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 557 [Define if you want IRIX kernel jobs])]) 558 AC_DEFINE(BROKEN_INET_NTOA) 559 AC_DEFINE(SETEUID_BREAKS_SETUID) 560 AC_DEFINE(BROKEN_SETREUID) 561 AC_DEFINE(BROKEN_SETREGID) 562 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 563 AC_DEFINE(WITH_ABBREV_NO_TTY) 564 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 565 ;;
	566--kbsd-gnu \| --kopensolaris-gnu) 567* check_for_libcrypt_later=1 568 AC_DEFINE(PAM_TTY_KLUDGE) 569 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") 570 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 571 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 572 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 573 ;;
564--linux) 565* no_dev_ptmx=1 566 check_for_libcrypt_later=1 567 check_for_openpty_ctty_bug=1 568 AC_DEFINE(PAM_TTY_KLUDGE, 1, 569 [Work around problematic Linux PAM modules handling of PAM_TTY]) 570 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 571 [String used in /etc/passwd to denote locked account]) 572 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 573 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 574 [Define to whatever link() returns for "not supported" 575 if it doesn't return EOPNOTSUPP.]) 576 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 577 AC_DEFINE(USE_BTMP) 578 inet6_default_4in6=yes 579 case `uname -r` in 580 1.\|2.0.) 581 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 582 [Define if cmsg_type is not passed correctly]) 583 ;; 584 esac 585 # tun(4) forwarding compat code 586 AC_CHECK_HEADERS(linux/if_tun.h) 587 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 588 AC_DEFINE(SSH_TUN_LINUX, 1, 589 [Open tunnel devices the Linux tun/tap way]) 590 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 591 [Use tunnel device compatibility to OpenBSD]) 592 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 593 [Prepend the address family to IP tunnel traffic]) 594 fi 595 ;; 596mips-sony-bsd\|mips-sony-newsos4) 597 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) 598 SONY=1 599 ;; 600--netbsd) 601* check_for_libcrypt_before=1 602 if test "x$withval" != "xno" ; then 603 need_dash_r=1 604 fi 605 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 606 AC_CHECK_HEADER([net/if_tap.h], , 607 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 608 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 609 [Prepend the address family to IP tunnel traffic]) 610 ;; 611--freebsd) 612* check_for_libcrypt_later=1 613 AC_DEFINE(LOCKED_PASSWD_PREFIX, "LOCKED", [Account locked with pw(1)]) 614 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 615 AC_CHECK_HEADER([net/if_tap.h], , 616 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 617 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need]) 618 ;; 619--bsdi) 620* AC_DEFINE(SETEUID_BREAKS_SETUID) 621 AC_DEFINE(BROKEN_SETREUID) 622 AC_DEFINE(BROKEN_SETREGID) 623 ;; 624-next-) 625 conf_lastlog_location="/usr/adm/lastlog" 626 conf_utmp_location=/etc/utmp 627 conf_wtmp_location=/usr/adm/wtmp 628 MAIL=/usr/spool/mail 629 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 630 AC_DEFINE(BROKEN_REALPATH) 631 AC_DEFINE(USE_PIPES) 632 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 633 ;; 634--openbsd) 635* AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 636 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 637 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 638 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1, 639 [syslog_r function is safe to use in in a signal handler]) 640 ;; 641--solaris) 642* if test "x$withval" != "xno" ; then 643 need_dash_r=1 644 fi 645 AC_DEFINE(PAM_SUN_CODEBASE) 646 AC_DEFINE(LOGIN_NEEDS_UTMPX) 647 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 648 [Some versions of /bin/login need the TERM supplied 649 on the commandline]) 650 AC_DEFINE(PAM_TTY_KLUDGE) 651 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 652 [Define if pam_chauthtok wants real uid set 653 to the unpriv'ed user]) 654 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 655 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 656 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 657 [Define if sshd somehow reacquires a controlling TTY 658 after setsid()]) 659 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd 660 in case the name is longer than 8 chars]) 661 external_path_file=/etc/default/login 662 # hardwire lastlog location (can't detect it on some versions) 663 conf_lastlog_location="/var/adm/lastlog" 664 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 665 sol2ver=`echo "$host"\| sed -e 's/.[[0-9]]\.//'` 666* if test "$sol2ver" -ge 8; then 667 AC_MSG_RESULT(yes) 668 AC_DEFINE(DISABLE_UTMP) 669 AC_DEFINE(DISABLE_WTMP, 1, 670 [Define if you don't want to use wtmp]) 671 else 672 AC_MSG_RESULT(no) 673 fi 674 AC_ARG_WITH(solaris-contracts, 675 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 676 [ 677 AC_CHECK_LIB(contract, ct_tmpl_activate, 678 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, 679 [Define if you have Solaris process contracts]) 680 SSHDLIBS="$SSHDLIBS -lcontract" 681 AC_SUBST(SSHDLIBS) 682 SPC_MSG="yes" ], ) 683 ], 684 ) 685 ;; 686--sunos4) 687* CPPFLAGS="$CPPFLAGS -DSUNOS4" 688 AC_CHECK_FUNCS(getpwanam) 689 AC_DEFINE(PAM_SUN_CODEBASE) 690 conf_utmp_location=/etc/utmp 691 conf_wtmp_location=/var/adm/wtmp 692 conf_lastlog_location=/var/adm/lastlog 693 AC_DEFINE(USE_PIPES) 694 ;; 695-ncr-sysv) 696 LIBS="$LIBS -lc89" 697 AC_DEFINE(USE_PIPES) 698 AC_DEFINE(SSHD_ACQUIRES_CTTY) 699 AC_DEFINE(SETEUID_BREAKS_SETUID) 700 AC_DEFINE(BROKEN_SETREUID) 701 AC_DEFINE(BROKEN_SETREGID) 702 ;; 703-sni-sysv) 704 # /usr/ucblib MUST NOT be searched on ReliantUNIX 705 AC_CHECK_LIB(dl, dlsym, ,) 706 # -lresolv needs to be at the end of LIBS or DNS lookups break 707 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 708 IPADDR_IN_DISPLAY=yes 709 AC_DEFINE(USE_PIPES) 710 AC_DEFINE(IP_TOS_IS_BROKEN) 711 AC_DEFINE(SETEUID_BREAKS_SETUID) 712 AC_DEFINE(BROKEN_SETREUID) 713 AC_DEFINE(BROKEN_SETREGID) 714 AC_DEFINE(SSHD_ACQUIRES_CTTY) 715 external_path_file=/etc/default/login 716 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 717 # Attention: always take care to bind libsocket and libnsl before libc, 718 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 719 ;; 720# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 721--sysv4.2) 722* AC_DEFINE(USE_PIPES) 723 AC_DEFINE(SETEUID_BREAKS_SETUID) 724 AC_DEFINE(BROKEN_SETREUID) 725 AC_DEFINE(BROKEN_SETREGID) 726 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 727 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 728 ;; 729# UnixWare 7.x, OpenUNIX 8 730--sysv5*)	574--linux) 575* no_dev_ptmx=1 576 check_for_libcrypt_later=1 577 check_for_openpty_ctty_bug=1 578 AC_DEFINE(PAM_TTY_KLUDGE, 1, 579 [Work around problematic Linux PAM modules handling of PAM_TTY]) 580 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 581 [String used in /etc/passwd to denote locked account]) 582 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 583 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 584 [Define to whatever link() returns for "not supported" 585 if it doesn't return EOPNOTSUPP.]) 586 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 587 AC_DEFINE(USE_BTMP) 588 inet6_default_4in6=yes 589 case `uname -r` in 590 1.\|2.0.) 591 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 592 [Define if cmsg_type is not passed correctly]) 593 ;; 594 esac 595 # tun(4) forwarding compat code 596 AC_CHECK_HEADERS(linux/if_tun.h) 597 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 598 AC_DEFINE(SSH_TUN_LINUX, 1, 599 [Open tunnel devices the Linux tun/tap way]) 600 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 601 [Use tunnel device compatibility to OpenBSD]) 602 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 603 [Prepend the address family to IP tunnel traffic]) 604 fi 605 ;; 606mips-sony-bsd\|mips-sony-newsos4) 607 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) 608 SONY=1 609 ;; 610--netbsd) 611* check_for_libcrypt_before=1 612 if test "x$withval" != "xno" ; then 613 need_dash_r=1 614 fi 615 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 616 AC_CHECK_HEADER([net/if_tap.h], , 617 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 618 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 619 [Prepend the address family to IP tunnel traffic]) 620 ;; 621--freebsd) 622* check_for_libcrypt_later=1 623 AC_DEFINE(LOCKED_PASSWD_PREFIX, "LOCKED", [Account locked with pw(1)]) 624 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 625 AC_CHECK_HEADER([net/if_tap.h], , 626 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 627 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need]) 628 ;; 629--bsdi) 630* AC_DEFINE(SETEUID_BREAKS_SETUID) 631 AC_DEFINE(BROKEN_SETREUID) 632 AC_DEFINE(BROKEN_SETREGID) 633 ;; 634-next-) 635 conf_lastlog_location="/usr/adm/lastlog" 636 conf_utmp_location=/etc/utmp 637 conf_wtmp_location=/usr/adm/wtmp 638 MAIL=/usr/spool/mail 639 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 640 AC_DEFINE(BROKEN_REALPATH) 641 AC_DEFINE(USE_PIPES) 642 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 643 ;; 644--openbsd) 645* AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 646 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 647 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 648 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1, 649 [syslog_r function is safe to use in in a signal handler]) 650 ;; 651--solaris) 652* if test "x$withval" != "xno" ; then 653 need_dash_r=1 654 fi 655 AC_DEFINE(PAM_SUN_CODEBASE) 656 AC_DEFINE(LOGIN_NEEDS_UTMPX) 657 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 658 [Some versions of /bin/login need the TERM supplied 659 on the commandline]) 660 AC_DEFINE(PAM_TTY_KLUDGE) 661 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 662 [Define if pam_chauthtok wants real uid set 663 to the unpriv'ed user]) 664 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 665 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 666 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 667 [Define if sshd somehow reacquires a controlling TTY 668 after setsid()]) 669 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd 670 in case the name is longer than 8 chars]) 671 external_path_file=/etc/default/login 672 # hardwire lastlog location (can't detect it on some versions) 673 conf_lastlog_location="/var/adm/lastlog" 674 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 675 sol2ver=`echo "$host"\| sed -e 's/.[[0-9]]\.//'` 676* if test "$sol2ver" -ge 8; then 677 AC_MSG_RESULT(yes) 678 AC_DEFINE(DISABLE_UTMP) 679 AC_DEFINE(DISABLE_WTMP, 1, 680 [Define if you don't want to use wtmp]) 681 else 682 AC_MSG_RESULT(no) 683 fi 684 AC_ARG_WITH(solaris-contracts, 685 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 686 [ 687 AC_CHECK_LIB(contract, ct_tmpl_activate, 688 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, 689 [Define if you have Solaris process contracts]) 690 SSHDLIBS="$SSHDLIBS -lcontract" 691 AC_SUBST(SSHDLIBS) 692 SPC_MSG="yes" ], ) 693 ], 694 ) 695 ;; 696--sunos4) 697* CPPFLAGS="$CPPFLAGS -DSUNOS4" 698 AC_CHECK_FUNCS(getpwanam) 699 AC_DEFINE(PAM_SUN_CODEBASE) 700 conf_utmp_location=/etc/utmp 701 conf_wtmp_location=/var/adm/wtmp 702 conf_lastlog_location=/var/adm/lastlog 703 AC_DEFINE(USE_PIPES) 704 ;; 705-ncr-sysv) 706 LIBS="$LIBS -lc89" 707 AC_DEFINE(USE_PIPES) 708 AC_DEFINE(SSHD_ACQUIRES_CTTY) 709 AC_DEFINE(SETEUID_BREAKS_SETUID) 710 AC_DEFINE(BROKEN_SETREUID) 711 AC_DEFINE(BROKEN_SETREGID) 712 ;; 713-sni-sysv) 714 # /usr/ucblib MUST NOT be searched on ReliantUNIX 715 AC_CHECK_LIB(dl, dlsym, ,) 716 # -lresolv needs to be at the end of LIBS or DNS lookups break 717 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 718 IPADDR_IN_DISPLAY=yes 719 AC_DEFINE(USE_PIPES) 720 AC_DEFINE(IP_TOS_IS_BROKEN) 721 AC_DEFINE(SETEUID_BREAKS_SETUID) 722 AC_DEFINE(BROKEN_SETREUID) 723 AC_DEFINE(BROKEN_SETREGID) 724 AC_DEFINE(SSHD_ACQUIRES_CTTY) 725 external_path_file=/etc/default/login 726 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 727 # Attention: always take care to bind libsocket and libnsl before libc, 728 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 729 ;; 730# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 731--sysv4.2) 732* AC_DEFINE(USE_PIPES) 733 AC_DEFINE(SETEUID_BREAKS_SETUID) 734 AC_DEFINE(BROKEN_SETREUID) 735 AC_DEFINE(BROKEN_SETREGID) 736 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 737 AC_DEFINE(LOCKED_PASSWD_STRING, "LK") 738 ;; 739# UnixWare 7.x, OpenUNIX 8 740--sysv5*)
731 check_for_libcrypt_later=1
732 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 733 AC_DEFINE(USE_PIPES) 734 AC_DEFINE(SETEUID_BREAKS_SETUID) 735 AC_DEFINE(BROKEN_SETREUID) 736 AC_DEFINE(BROKEN_SETREGID) 737 AC_DEFINE(PASSWD_NEEDS_USERNAME) 738 case "$host" in 739 --sysv5SCO_SV) # SCO OpenServer 6.x 740* TEST_SHELL=/u95/bin/sh 741 AC_DEFINE(BROKEN_LIBIAF, 1, 742 [ia_uinfo routines not supported by OS yet]) 743 AC_DEFINE(BROKEN_UPDWTMPX)	741 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 742 AC_DEFINE(USE_PIPES) 743 AC_DEFINE(SETEUID_BREAKS_SETUID) 744 AC_DEFINE(BROKEN_SETREUID) 745 AC_DEFINE(BROKEN_SETREGID) 746 AC_DEFINE(PASSWD_NEEDS_USERNAME) 747 case "$host" in 748 --sysv5SCO_SV) # SCO OpenServer 6.x 749* TEST_SHELL=/u95/bin/sh 750 AC_DEFINE(BROKEN_LIBIAF, 1, 751 [ia_uinfo routines not supported by OS yet]) 752 AC_DEFINE(BROKEN_UPDWTMPX)
	753 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot" 754 AC_CHECK_FUNCS(getluid setluid,,,-lprot) 755 AC_DEFINE(HAVE_SECUREWARE) 756 AC_DEFINE(DISABLE_SHADOW) 757 ],,)
744 ;; 745 ) AC_DEFINE(LOCKED_PASSWD_STRING, "LK*")	758 ;; 759 ) AC_DEFINE(LOCKED_PASSWD_STRING, "LK*")
	760 check_for_libcrypt_later=1
746 ;; 747 esac 748 ;; 749--sysv) 750* ;; 751# SCO UNIX and OEM versions of SCO UNIX 752--sco3.2v4) 753* AC_MSG_ERROR("This Platform is no longer supported.") 754 ;; 755# SCO OpenServer 5.x 756--sco3.2v5) 757* if test -z "$GCC"; then 758 CFLAGS="$CFLAGS -belf" 759 fi 760 LIBS="$LIBS -lprot -lx -ltinfo -lm" 761 no_dev_ptmx=1 762 AC_DEFINE(USE_PIPES) 763 AC_DEFINE(HAVE_SECUREWARE) 764 AC_DEFINE(DISABLE_SHADOW) 765 AC_DEFINE(DISABLE_FD_PASSING) 766 AC_DEFINE(SETEUID_BREAKS_SETUID) 767 AC_DEFINE(BROKEN_SETREUID) 768 AC_DEFINE(BROKEN_SETREGID) 769 AC_DEFINE(WITH_ABBREV_NO_TTY) 770 AC_DEFINE(BROKEN_UPDWTMPX) 771 AC_DEFINE(PASSWD_NEEDS_USERNAME) 772 AC_CHECK_FUNCS(getluid setluid) 773 MANTYPE=man 774 TEST_SHELL=ksh 775 ;; 776--unicosmk) 777* AC_DEFINE(NO_SSH_LASTLOG, 1, 778 [Define if you don't want to use lastlog in session.c]) 779 AC_DEFINE(SETEUID_BREAKS_SETUID) 780 AC_DEFINE(BROKEN_SETREUID) 781 AC_DEFINE(BROKEN_SETREGID) 782 AC_DEFINE(USE_PIPES) 783 AC_DEFINE(DISABLE_FD_PASSING) 784 LDFLAGS="$LDFLAGS" 785 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 786 MANTYPE=cat 787 ;; 788--unicosmp) 789* AC_DEFINE(SETEUID_BREAKS_SETUID) 790 AC_DEFINE(BROKEN_SETREUID) 791 AC_DEFINE(BROKEN_SETREGID) 792 AC_DEFINE(WITH_ABBREV_NO_TTY) 793 AC_DEFINE(USE_PIPES) 794 AC_DEFINE(DISABLE_FD_PASSING) 795 LDFLAGS="$LDFLAGS" 796 LIBS="$LIBS -lgen -lacid -ldb" 797 MANTYPE=cat 798 ;; 799--unicos) 800* AC_DEFINE(SETEUID_BREAKS_SETUID) 801 AC_DEFINE(BROKEN_SETREUID) 802 AC_DEFINE(BROKEN_SETREGID) 803 AC_DEFINE(USE_PIPES) 804 AC_DEFINE(DISABLE_FD_PASSING) 805 AC_DEFINE(NO_SSH_LASTLOG) 806 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 807 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 808 MANTYPE=cat 809 ;; 810-dec-osf) 811 AC_MSG_CHECKING(for Digital Unix SIA) 812 no_osfsia="" 813 AC_ARG_WITH(osfsia, 814 [ --with-osfsia Enable Digital Unix SIA], 815 [ 816 if test "x$withval" = "xno" ; then 817 AC_MSG_RESULT(disabled) 818 no_osfsia=1 819 fi 820 ], 821 ) 822 if test -z "$no_osfsia" ; then 823 if test -f /etc/sia/matrix.conf; then 824 AC_MSG_RESULT(yes) 825 AC_DEFINE(HAVE_OSF_SIA, 1, 826 [Define if you have Digital Unix Security 827 Integration Architecture]) 828 AC_DEFINE(DISABLE_LOGIN, 1, 829 [Define if you don't want to use your 830 system's login() call]) 831 AC_DEFINE(DISABLE_FD_PASSING) 832 LIBS="$LIBS -lsecurity -ldb -lm -laud" 833 SIA_MSG="yes" 834 else 835 AC_MSG_RESULT(no) 836 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 837 [String used in /etc/passwd to denote locked account]) 838 fi 839 fi 840 AC_DEFINE(BROKEN_GETADDRINFO) 841 AC_DEFINE(SETEUID_BREAKS_SETUID) 842 AC_DEFINE(BROKEN_SETREUID) 843 AC_DEFINE(BROKEN_SETREGID) 844 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv]) 845 ;; 846 847--nto-qnx) 848* AC_DEFINE(USE_PIPES) 849 AC_DEFINE(NO_X11_UNIX_SOCKETS) 850 AC_DEFINE(MISSING_NFDBITS, 1, [Define on nto-qnx systems]) 851* AC_DEFINE(MISSING_HOWMANY, 1, [Define on nto-qnx systems]) 852* AC_DEFINE(MISSING_FD_MASK, 1, [Define on nto-qnx systems]) 853* AC_DEFINE(DISABLE_LASTLOG) 854 AC_DEFINE(SSHD_ACQUIRES_CTTY) 855 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken]) 856 enable_etc_default_login=no # has incompatible /etc/default/login 857 case "$host" in 858 --nto-qnx6) 859* AC_DEFINE(DISABLE_FD_PASSING) 860 ;; 861 esac 862 ;; 863 864--ultrix) 865* AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 866 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 867 AC_DEFINE(NEED_SETPGRP) 868 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 869 ;; 870 871--lynxos) 872 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 873 AC_DEFINE(MISSING_HOWMANY) 874 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 875 ;; 876esac 877 878AC_MSG_CHECKING(compiler and flags for sanity) 879AC_RUN_IFELSE( 880 [AC_LANG_SOURCE([ 881#include <stdio.h> 882int main(){exit(0);} 883 ])], 884 [ AC_MSG_RESULT(yes) ], 885 [ 886 AC_MSG_RESULT(no) 887 AC_MSG_ERROR([* compiler cannot create working executables, check config.log ]) 888* ], 889 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 890) 891 892dnl Checks for header files. 893# Checks for libraries. 894AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 895AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 896 897dnl IRIX and Solaris 2.5.1 have dirname() in libgen 898AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 899 AC_CHECK_LIB(gen, dirname,[ 900 AC_CACHE_CHECK([for broken dirname], 901 ac_cv_have_broken_dirname, [ 902 save_LIBS="$LIBS" 903 LIBS="$LIBS -lgen" 904 AC_RUN_IFELSE( 905 [AC_LANG_SOURCE([[ 906#include <libgen.h> 907#include <string.h> 908 909int main(int argc, char *argv) { 910* char s, buf[32]; 911* 912 strncpy(buf,"/etc", 32); 913 s = dirname(buf); 914 if (!s \|\| strncmp(s, "/", 32) != 0) { 915 exit(1); 916 } else { 917 exit(0); 918 } 919} 920 ]])], 921 [ ac_cv_have_broken_dirname="no" ], 922 [ ac_cv_have_broken_dirname="yes" ], 923 [ ac_cv_have_broken_dirname="no" ], 924 ) 925 LIBS="$save_LIBS" 926 ]) 927 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 928 LIBS="$LIBS -lgen" 929 AC_DEFINE(HAVE_DIRNAME) 930 AC_CHECK_HEADERS(libgen.h) 931 fi 932 ]) 933]) 934 935AC_CHECK_FUNC(getspnam, , 936 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 937AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 938 [Define if you have the basename function.])) 939 940dnl zlib is required 941AC_ARG_WITH(zlib, 942 [ --with-zlib=PATH Use zlib in PATH], 943 [ if test "x$withval" = "xno" ; then 944 AC_MSG_ERROR([* zlib is required ]) 945* elif test "x$withval" != "xyes"; then 946 if test -d "$withval/lib"; then 947 if test -n "${need_dash_r}"; then 948 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 949 else 950 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 951 fi 952 else 953 if test -n "${need_dash_r}"; then 954 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 955 else 956 LDFLAGS="-L${withval} ${LDFLAGS}" 957 fi 958 fi 959 if test -d "$withval/include"; then 960 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 961 else 962 CPPFLAGS="-I${withval} ${CPPFLAGS}" 963 fi 964 fi ] 965) 966 967AC_CHECK_LIB(z, deflate, , 968 [ 969 saved_CPPFLAGS="$CPPFLAGS" 970 saved_LDFLAGS="$LDFLAGS" 971 save_LIBS="$LIBS" 972 dnl Check default zlib install dir 973 if test -n "${need_dash_r}"; then 974 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 975 else 976 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 977 fi 978 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 979 LIBS="$LIBS -lz" 980 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 981 [ 982 AC_MSG_ERROR([* zlib missing - please install first or check config.log ]) 983* ] 984 ) 985 ] 986) 987AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([* zlib.h missing - please install first or check config.log ])) 988* 989AC_ARG_WITH(zlib-version-check, 990 [ --without-zlib-version-check Disable zlib version check], 991 [ if test "x$withval" = "xno" ; then 992 zlib_check_nonfatal=1 993 fi 994 ] 995) 996 997AC_MSG_CHECKING(for possibly buggy zlib) 998AC_RUN_IFELSE([AC_LANG_SOURCE([[ 999#include <stdio.h> 1000#include <zlib.h> 1001int main() 1002{ 1003 int a=0, b=0, c=0, d=0, n, v; 1004 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 1005 if (n != 3 && n != 4) 1006 exit(1); 1007 v = a1000000 + b10000 + c100 + d; 1008* fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 1009 1010 /* 1.1.4 is OK / 1011* if (a == 1 && b == 1 && c >= 4) 1012 exit(0); 1013 1014 /* 1.2.3 and up are OK / 1015* if (v >= 1020300) 1016 exit(0); 1017 1018 exit(2); 1019} 1020 ]])], 1021 AC_MSG_RESULT(no), 1022 [ AC_MSG_RESULT(yes) 1023 if test -z "$zlib_check_nonfatal" ; then 1024 AC_MSG_ERROR([* zlib too old - check config.log * 1025Your reported zlib version has known security problems. It's possible your 1026vendor has fixed these problems without changing the version number. If you 1027are sure this is the case, you can disable the check by running 1028"./configure --without-zlib-version-check". 1029If you are in doubt, upgrade zlib to version 1.2.3 or greater. 1030See http://www.gzip.org/zlib/ for details.]) 1031 else 1032 AC_MSG_WARN([zlib version may have security problems]) 1033 fi 1034 ], 1035 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 1036) 1037 1038dnl UnixWare 2.x 1039AC_CHECK_FUNC(strcasecmp, 1040 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 1041) 1042AC_CHECK_FUNCS(utimes, 1043 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 1044 LIBS="$LIBS -lc89"]) ] 1045) 1046 1047dnl Checks for libutil functions 1048AC_CHECK_HEADERS(libutil.h) 1049AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 1050 [Define if your libraries define login()])]) 1051AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp) 1052 1053AC_FUNC_STRFTIME 1054 1055# Check for ALTDIRFUNC glob() extension 1056AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 1057AC_EGREP_CPP(FOUNDIT, 1058 [ 1059 #include <glob.h> 1060 #ifdef GLOB_ALTDIRFUNC 1061 FOUNDIT 1062 #endif 1063 ], 1064 [ 1065 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 1066 [Define if your system glob() function has 1067 the GLOB_ALTDIRFUNC extension]) 1068 AC_MSG_RESULT(yes) 1069 ], 1070 [ 1071 AC_MSG_RESULT(no) 1072 ] 1073) 1074 1075# Check for g.gl_matchc glob() extension 1076AC_MSG_CHECKING(for gl_matchc field in glob_t) 1077AC_TRY_COMPILE( 1078 [ #include <glob.h> ], 1079 [glob_t g; g.gl_matchc = 1;], 1080 [ 1081 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 1082 [Define if your system glob() function has 1083 gl_matchc options in glob_t]) 1084 AC_MSG_RESULT(yes) 1085 ], 1086 [ 1087 AC_MSG_RESULT(no) 1088 ] 1089) 1090 1091AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>]) 1092 1093AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1094AC_RUN_IFELSE( 1095 [AC_LANG_SOURCE([[ 1096#include <sys/types.h> 1097#include <dirent.h> 1098int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 1099 ]])], 1100 [AC_MSG_RESULT(yes)], 1101 [ 1102 AC_MSG_RESULT(no) 1103 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 1104 [Define if your struct dirent expects you to 1105 allocate extra space for d_name]) 1106 ], 1107 [ 1108 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1109 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 1110 ] 1111) 1112 1113AC_MSG_CHECKING([for /proc/pid/fd directory]) 1114if test -d "/proc/$$/fd" ; then 1115 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 1116 AC_MSG_RESULT(yes) 1117else 1118 AC_MSG_RESULT(no) 1119fi 1120 1121# Check whether user wants S/Key support 1122SKEY_MSG="no" 1123AC_ARG_WITH(skey, 1124 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1125 [ 1126 if test "x$withval" != "xno" ; then 1127 1128 if test "x$withval" != "xyes" ; then 1129 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1130 LDFLAGS="$LDFLAGS -L${withval}/lib" 1131 fi 1132 1133 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1134 LIBS="-lskey $LIBS" 1135 SKEY_MSG="yes" 1136 1137 AC_MSG_CHECKING([for s/key support]) 1138 AC_LINK_IFELSE( 1139 [AC_LANG_SOURCE([[ 1140#include <stdio.h> 1141#include <skey.h> 1142int main() { char ff = skey_keyinfo(""); ff=""; exit(0); } 1143* ]])], 1144 [AC_MSG_RESULT(yes)], 1145 [ 1146 AC_MSG_RESULT(no) 1147 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1148 ]) 1149 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 1150 AC_TRY_COMPILE( 1151 [#include <stdio.h> 1152 #include <skey.h>], 1153 [(void)skeychallenge(NULL,"name","",0);], 1154 [AC_MSG_RESULT(yes) 1155 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 1156 [Define if your skeychallenge() 1157 function takes 4 arguments (NetBSD)])], 1158 [AC_MSG_RESULT(no)] 1159 ) 1160 fi 1161 ] 1162) 1163 1164# Check whether user wants TCP wrappers support 1165TCPW_MSG="no" 1166AC_ARG_WITH(tcp-wrappers, 1167 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1168 [ 1169 if test "x$withval" != "xno" ; then 1170 saved_LIBS="$LIBS" 1171 saved_LDFLAGS="$LDFLAGS" 1172 saved_CPPFLAGS="$CPPFLAGS" 1173 if test -n "${withval}" && \ 1174 test "x${withval}" != "xyes"; then 1175 if test -d "${withval}/lib"; then 1176 if test -n "${need_dash_r}"; then 1177 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1178 else 1179 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1180 fi 1181 else 1182 if test -n "${need_dash_r}"; then 1183 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1184 else 1185 LDFLAGS="-L${withval} ${LDFLAGS}" 1186 fi 1187 fi 1188 if test -d "${withval}/include"; then 1189 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1190 else 1191 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1192 fi 1193 fi 1194 LIBS="-lwrap $LIBS" 1195 AC_MSG_CHECKING(for libwrap) 1196 AC_TRY_LINK( 1197 [ 1198#include <sys/types.h> 1199#include <sys/socket.h> 1200#include <netinet/in.h> 1201#include <tcpd.h> 1202 int deny_severity = 0, allow_severity = 0; 1203 ], 1204 [hosts_access(0);], 1205 [ 1206 AC_MSG_RESULT(yes) 1207 AC_DEFINE(LIBWRAP, 1, 1208 [Define if you want 1209 TCP Wrappers support]) 1210 SSHDLIBS="$SSHDLIBS -lwrap" 1211 TCPW_MSG="yes" 1212 ], 1213 [ 1214 AC_MSG_ERROR([*** libwrap missing]) 1215 ] 1216 ) 1217 LIBS="$saved_LIBS" 1218 fi 1219 ] 1220) 1221 1222# Check whether user wants libedit support 1223LIBEDIT_MSG="no" 1224AC_ARG_WITH(libedit, 1225 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1226 [ if test "x$withval" != "xno" ; then 1227 if test "x$withval" != "xyes"; then 1228 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1229 if test -n "${need_dash_r}"; then 1230 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1231 else 1232 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1233 fi 1234 fi 1235 AC_CHECK_LIB(edit, el_init, 1236 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1237 LIBEDIT="-ledit -lcurses" 1238 LIBEDIT_MSG="yes" 1239 AC_SUBST(LIBEDIT) 1240 ], 1241 [ AC_MSG_ERROR(libedit not found) ], 1242 [ -lcurses ] 1243 ) 1244 AC_MSG_CHECKING(if libedit version is compatible) 1245 AC_COMPILE_IFELSE( 1246 [AC_LANG_SOURCE([[ 1247#include <histedit.h> 1248int main(void) 1249{ 1250 int i = H_SETSIZE; 1251 el_init("", NULL, NULL, NULL); 1252 exit(0); 1253} 1254 ]])], 1255 [ AC_MSG_RESULT(yes) ], 1256 [ AC_MSG_RESULT(no) 1257 AC_MSG_ERROR(libedit version is not compatible) ] 1258 ) 1259 fi ] 1260) 1261 1262AUDIT_MODULE=none 1263AC_ARG_WITH(audit, 1264 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1265 [ 1266 AC_MSG_CHECKING(for supported audit module) 1267 case "$withval" in 1268 bsm) 1269 AC_MSG_RESULT(bsm) 1270 AUDIT_MODULE=bsm 1271 dnl Checks for headers, libs and functions 1272 AC_CHECK_HEADERS(bsm/audit.h, [], 1273 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)], 1274 [ 1275#ifdef HAVE_TIME_H 1276# include <time.h> 1277#endif 1278 ] 1279) 1280 AC_CHECK_LIB(bsm, getaudit, [], 1281 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1282 AC_CHECK_FUNCS(getaudit, [], 1283 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1284 # These are optional 1285 AC_CHECK_FUNCS(getaudit_addr aug_get_machine) 1286 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1287 ;; 1288 debug) 1289 AUDIT_MODULE=debug 1290 AC_MSG_RESULT(debug) 1291 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1292 ;; 1293 no) 1294 AC_MSG_RESULT(no) 1295 ;; 1296 ) 1297* AC_MSG_ERROR([Unknown audit module $withval]) 1298 ;; 1299 esac ] 1300) 1301 1302dnl Checks for library functions. Please keep in alphabetical order 1303AC_CHECK_FUNCS( \ 1304 arc4random \ 1305 arc4random_buf \ 1306 arc4random_uniform \ 1307 asprintf \ 1308 b64_ntop \ 1309 __b64_ntop \ 1310 b64_pton \ 1311 __b64_pton \ 1312 bcopy \ 1313 bindresvport_sa \ 1314 clock \ 1315 closefrom \ 1316 dirfd \ 1317 fchmod \ 1318 fchown \ 1319 freeaddrinfo \ 1320 fstatvfs \ 1321 futimes \ 1322 getaddrinfo \ 1323 getcwd \ 1324 getgrouplist \ 1325 getnameinfo \ 1326 getopt \ 1327 getpeereid \ 1328 getpeerucred \ 1329 _getpty \ 1330 getrlimit \ 1331 getttyent \ 1332 glob \ 1333 inet_aton \ 1334 inet_ntoa \ 1335 inet_ntop \ 1336 innetgr \ 1337 login_getcapbool \ 1338 md5_crypt \ 1339 memmove \ 1340 mkdtemp \ 1341 mmap \ 1342 ngetaddrinfo \ 1343 nsleep \ 1344 ogetaddrinfo \ 1345 openlog_r \ 1346 openpty \ 1347 poll \ 1348 prctl \ 1349 pstat \ 1350 readpassphrase \ 1351 realpath \ 1352 recvmsg \ 1353 rresvport_af \ 1354 sendmsg \ 1355 setdtablesize \ 1356 setegid \ 1357 setenv \ 1358 seteuid \ 1359 setgroups \ 1360 setlogin \ 1361 setpcred \ 1362 setproctitle \ 1363 setregid \ 1364 setreuid \ 1365 setrlimit \ 1366 setsid \ 1367 setvbuf \ 1368 sigaction \ 1369 sigvec \ 1370 snprintf \ 1371 socketpair \ 1372 statfs \ 1373 statvfs \ 1374 strdup \ 1375 strerror \ 1376 strlcat \ 1377 strlcpy \ 1378 strmode \ 1379 strnvis \ 1380 strtonum \ 1381 strtoll \ 1382 strtoul \ 1383 swap32 \ 1384 sysconf \ 1385 tcgetpgrp \ 1386 truncate \ 1387 unsetenv \ 1388 updwtmpx \ 1389 vasprintf \ 1390 vhangup \ 1391 vsnprintf \ 1392 waitpid \ 1393) 1394 1395# IRIX has a const char return value for gai_strerror() 1396AC_CHECK_FUNCS(gai_strerror,[ 1397 AC_DEFINE(HAVE_GAI_STRERROR) 1398 AC_TRY_COMPILE([ 1399#include <sys/types.h> 1400#include <sys/socket.h> 1401#include <netdb.h> 1402 1403const char gai_strerror(int);],[ 1404char str; 1405 1406str = gai_strerror(0);],[ 1407 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1408 [Define if gai_strerror() returns const char ])])]) 1409* 1410AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1411 [Some systems put nanosleep outside of libc])) 1412 1413dnl Make sure prototypes are defined for these before using them. 1414AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1415AC_CHECK_DECL(strsep, 1416 [AC_CHECK_FUNCS(strsep)], 1417 [], 1418 [ 1419#ifdef HAVE_STRING_H 1420# include <string.h> 1421#endif 1422 ]) 1423 1424dnl tcsendbreak might be a macro 1425AC_CHECK_DECL(tcsendbreak, 1426 [AC_DEFINE(HAVE_TCSENDBREAK)], 1427 [AC_CHECK_FUNCS(tcsendbreak)], 1428 [#include <termios.h>] 1429) 1430 1431AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1432 1433AC_CHECK_DECLS(SHUT_RD, , , 1434 [ 1435#include <sys/types.h> 1436#include <sys/socket.h> 1437 ]) 1438 1439AC_CHECK_DECLS(O_NONBLOCK, , , 1440 [ 1441#include <sys/types.h> 1442#ifdef HAVE_SYS_STAT_H 1443# include <sys/stat.h> 1444#endif 1445#ifdef HAVE_FCNTL_H 1446# include <fcntl.h> 1447#endif 1448 ]) 1449 1450AC_CHECK_DECLS(writev, , , [ 1451#include <sys/types.h> 1452#include <sys/uio.h> 1453#include <unistd.h> 1454 ]) 1455 1456AC_CHECK_DECLS(MAXSYMLINKS, , , [ 1457#include <sys/param.h> 1458 ]) 1459 1460AC_CHECK_DECLS(offsetof, , , [ 1461#include <stddef.h> 1462 ]) 1463 1464AC_CHECK_FUNCS(setresuid, [ 1465 dnl Some platorms have setresuid that isn't implemented, test for this 1466 AC_MSG_CHECKING(if setresuid seems to work) 1467 AC_RUN_IFELSE( 1468 [AC_LANG_SOURCE([[ 1469#include <stdlib.h> 1470#include <errno.h> 1471int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1472 ]])], 1473 [AC_MSG_RESULT(yes)], 1474 [AC_DEFINE(BROKEN_SETRESUID, 1, 1475 [Define if your setresuid() is broken]) 1476 AC_MSG_RESULT(not implemented)], 1477 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1478 ) 1479]) 1480 1481AC_CHECK_FUNCS(setresgid, [ 1482 dnl Some platorms have setresgid that isn't implemented, test for this 1483 AC_MSG_CHECKING(if setresgid seems to work) 1484 AC_RUN_IFELSE( 1485 [AC_LANG_SOURCE([[ 1486#include <stdlib.h> 1487#include <errno.h> 1488int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1489 ]])], 1490 [AC_MSG_RESULT(yes)], 1491 [AC_DEFINE(BROKEN_SETRESGID, 1, 1492 [Define if your setresgid() is broken]) 1493 AC_MSG_RESULT(not implemented)], 1494 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1495 ) 1496]) 1497 1498dnl Checks for time functions 1499AC_CHECK_FUNCS(gettimeofday time) 1500dnl Checks for utmp functions 1501AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1502AC_CHECK_FUNCS(utmpname) 1503dnl Checks for utmpx functions 1504AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1505AC_CHECK_FUNCS(setutxent utmpxname)	761 ;; 762 esac 763 ;; 764--sysv) 765* ;; 766# SCO UNIX and OEM versions of SCO UNIX 767--sco3.2v4) 768* AC_MSG_ERROR("This Platform is no longer supported.") 769 ;; 770# SCO OpenServer 5.x 771--sco3.2v5) 772* if test -z "$GCC"; then 773 CFLAGS="$CFLAGS -belf" 774 fi 775 LIBS="$LIBS -lprot -lx -ltinfo -lm" 776 no_dev_ptmx=1 777 AC_DEFINE(USE_PIPES) 778 AC_DEFINE(HAVE_SECUREWARE) 779 AC_DEFINE(DISABLE_SHADOW) 780 AC_DEFINE(DISABLE_FD_PASSING) 781 AC_DEFINE(SETEUID_BREAKS_SETUID) 782 AC_DEFINE(BROKEN_SETREUID) 783 AC_DEFINE(BROKEN_SETREGID) 784 AC_DEFINE(WITH_ABBREV_NO_TTY) 785 AC_DEFINE(BROKEN_UPDWTMPX) 786 AC_DEFINE(PASSWD_NEEDS_USERNAME) 787 AC_CHECK_FUNCS(getluid setluid) 788 MANTYPE=man 789 TEST_SHELL=ksh 790 ;; 791--unicosmk) 792* AC_DEFINE(NO_SSH_LASTLOG, 1, 793 [Define if you don't want to use lastlog in session.c]) 794 AC_DEFINE(SETEUID_BREAKS_SETUID) 795 AC_DEFINE(BROKEN_SETREUID) 796 AC_DEFINE(BROKEN_SETREGID) 797 AC_DEFINE(USE_PIPES) 798 AC_DEFINE(DISABLE_FD_PASSING) 799 LDFLAGS="$LDFLAGS" 800 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 801 MANTYPE=cat 802 ;; 803--unicosmp) 804* AC_DEFINE(SETEUID_BREAKS_SETUID) 805 AC_DEFINE(BROKEN_SETREUID) 806 AC_DEFINE(BROKEN_SETREGID) 807 AC_DEFINE(WITH_ABBREV_NO_TTY) 808 AC_DEFINE(USE_PIPES) 809 AC_DEFINE(DISABLE_FD_PASSING) 810 LDFLAGS="$LDFLAGS" 811 LIBS="$LIBS -lgen -lacid -ldb" 812 MANTYPE=cat 813 ;; 814--unicos) 815* AC_DEFINE(SETEUID_BREAKS_SETUID) 816 AC_DEFINE(BROKEN_SETREUID) 817 AC_DEFINE(BROKEN_SETREGID) 818 AC_DEFINE(USE_PIPES) 819 AC_DEFINE(DISABLE_FD_PASSING) 820 AC_DEFINE(NO_SSH_LASTLOG) 821 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 822 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 823 MANTYPE=cat 824 ;; 825-dec-osf) 826 AC_MSG_CHECKING(for Digital Unix SIA) 827 no_osfsia="" 828 AC_ARG_WITH(osfsia, 829 [ --with-osfsia Enable Digital Unix SIA], 830 [ 831 if test "x$withval" = "xno" ; then 832 AC_MSG_RESULT(disabled) 833 no_osfsia=1 834 fi 835 ], 836 ) 837 if test -z "$no_osfsia" ; then 838 if test -f /etc/sia/matrix.conf; then 839 AC_MSG_RESULT(yes) 840 AC_DEFINE(HAVE_OSF_SIA, 1, 841 [Define if you have Digital Unix Security 842 Integration Architecture]) 843 AC_DEFINE(DISABLE_LOGIN, 1, 844 [Define if you don't want to use your 845 system's login() call]) 846 AC_DEFINE(DISABLE_FD_PASSING) 847 LIBS="$LIBS -lsecurity -ldb -lm -laud" 848 SIA_MSG="yes" 849 else 850 AC_MSG_RESULT(no) 851 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 852 [String used in /etc/passwd to denote locked account]) 853 fi 854 fi 855 AC_DEFINE(BROKEN_GETADDRINFO) 856 AC_DEFINE(SETEUID_BREAKS_SETUID) 857 AC_DEFINE(BROKEN_SETREUID) 858 AC_DEFINE(BROKEN_SETREGID) 859 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv]) 860 ;; 861 862--nto-qnx) 863* AC_DEFINE(USE_PIPES) 864 AC_DEFINE(NO_X11_UNIX_SOCKETS) 865 AC_DEFINE(MISSING_NFDBITS, 1, [Define on nto-qnx systems]) 866* AC_DEFINE(MISSING_HOWMANY, 1, [Define on nto-qnx systems]) 867* AC_DEFINE(MISSING_FD_MASK, 1, [Define on nto-qnx systems]) 868* AC_DEFINE(DISABLE_LASTLOG) 869 AC_DEFINE(SSHD_ACQUIRES_CTTY) 870 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken]) 871 enable_etc_default_login=no # has incompatible /etc/default/login 872 case "$host" in 873 --nto-qnx6) 874* AC_DEFINE(DISABLE_FD_PASSING) 875 ;; 876 esac 877 ;; 878 879--ultrix) 880* AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 881 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 882 AC_DEFINE(NEED_SETPGRP) 883 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 884 ;; 885 886--lynxos) 887 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 888 AC_DEFINE(MISSING_HOWMANY) 889 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 890 ;; 891esac 892 893AC_MSG_CHECKING(compiler and flags for sanity) 894AC_RUN_IFELSE( 895 [AC_LANG_SOURCE([ 896#include <stdio.h> 897int main(){exit(0);} 898 ])], 899 [ AC_MSG_RESULT(yes) ], 900 [ 901 AC_MSG_RESULT(no) 902 AC_MSG_ERROR([* compiler cannot create working executables, check config.log ]) 903* ], 904 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 905) 906 907dnl Checks for header files. 908# Checks for libraries. 909AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 910AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 911 912dnl IRIX and Solaris 2.5.1 have dirname() in libgen 913AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 914 AC_CHECK_LIB(gen, dirname,[ 915 AC_CACHE_CHECK([for broken dirname], 916 ac_cv_have_broken_dirname, [ 917 save_LIBS="$LIBS" 918 LIBS="$LIBS -lgen" 919 AC_RUN_IFELSE( 920 [AC_LANG_SOURCE([[ 921#include <libgen.h> 922#include <string.h> 923 924int main(int argc, char *argv) { 925* char s, buf[32]; 926* 927 strncpy(buf,"/etc", 32); 928 s = dirname(buf); 929 if (!s \|\| strncmp(s, "/", 32) != 0) { 930 exit(1); 931 } else { 932 exit(0); 933 } 934} 935 ]])], 936 [ ac_cv_have_broken_dirname="no" ], 937 [ ac_cv_have_broken_dirname="yes" ], 938 [ ac_cv_have_broken_dirname="no" ], 939 ) 940 LIBS="$save_LIBS" 941 ]) 942 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 943 LIBS="$LIBS -lgen" 944 AC_DEFINE(HAVE_DIRNAME) 945 AC_CHECK_HEADERS(libgen.h) 946 fi 947 ]) 948]) 949 950AC_CHECK_FUNC(getspnam, , 951 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 952AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 953 [Define if you have the basename function.])) 954 955dnl zlib is required 956AC_ARG_WITH(zlib, 957 [ --with-zlib=PATH Use zlib in PATH], 958 [ if test "x$withval" = "xno" ; then 959 AC_MSG_ERROR([* zlib is required ]) 960* elif test "x$withval" != "xyes"; then 961 if test -d "$withval/lib"; then 962 if test -n "${need_dash_r}"; then 963 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 964 else 965 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 966 fi 967 else 968 if test -n "${need_dash_r}"; then 969 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 970 else 971 LDFLAGS="-L${withval} ${LDFLAGS}" 972 fi 973 fi 974 if test -d "$withval/include"; then 975 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 976 else 977 CPPFLAGS="-I${withval} ${CPPFLAGS}" 978 fi 979 fi ] 980) 981 982AC_CHECK_LIB(z, deflate, , 983 [ 984 saved_CPPFLAGS="$CPPFLAGS" 985 saved_LDFLAGS="$LDFLAGS" 986 save_LIBS="$LIBS" 987 dnl Check default zlib install dir 988 if test -n "${need_dash_r}"; then 989 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 990 else 991 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 992 fi 993 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 994 LIBS="$LIBS -lz" 995 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 996 [ 997 AC_MSG_ERROR([* zlib missing - please install first or check config.log ]) 998* ] 999 ) 1000 ] 1001) 1002AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([* zlib.h missing - please install first or check config.log ])) 1003* 1004AC_ARG_WITH(zlib-version-check, 1005 [ --without-zlib-version-check Disable zlib version check], 1006 [ if test "x$withval" = "xno" ; then 1007 zlib_check_nonfatal=1 1008 fi 1009 ] 1010) 1011 1012AC_MSG_CHECKING(for possibly buggy zlib) 1013AC_RUN_IFELSE([AC_LANG_SOURCE([[ 1014#include <stdio.h> 1015#include <zlib.h> 1016int main() 1017{ 1018 int a=0, b=0, c=0, d=0, n, v; 1019 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 1020 if (n != 3 && n != 4) 1021 exit(1); 1022 v = a1000000 + b10000 + c100 + d; 1023* fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 1024 1025 /* 1.1.4 is OK / 1026* if (a == 1 && b == 1 && c >= 4) 1027 exit(0); 1028 1029 /* 1.2.3 and up are OK / 1030* if (v >= 1020300) 1031 exit(0); 1032 1033 exit(2); 1034} 1035 ]])], 1036 AC_MSG_RESULT(no), 1037 [ AC_MSG_RESULT(yes) 1038 if test -z "$zlib_check_nonfatal" ; then 1039 AC_MSG_ERROR([* zlib too old - check config.log * 1040Your reported zlib version has known security problems. It's possible your 1041vendor has fixed these problems without changing the version number. If you 1042are sure this is the case, you can disable the check by running 1043"./configure --without-zlib-version-check". 1044If you are in doubt, upgrade zlib to version 1.2.3 or greater. 1045See http://www.gzip.org/zlib/ for details.]) 1046 else 1047 AC_MSG_WARN([zlib version may have security problems]) 1048 fi 1049 ], 1050 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 1051) 1052 1053dnl UnixWare 2.x 1054AC_CHECK_FUNC(strcasecmp, 1055 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 1056) 1057AC_CHECK_FUNCS(utimes, 1058 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 1059 LIBS="$LIBS -lc89"]) ] 1060) 1061 1062dnl Checks for libutil functions 1063AC_CHECK_HEADERS(libutil.h) 1064AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 1065 [Define if your libraries define login()])]) 1066AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp) 1067 1068AC_FUNC_STRFTIME 1069 1070# Check for ALTDIRFUNC glob() extension 1071AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 1072AC_EGREP_CPP(FOUNDIT, 1073 [ 1074 #include <glob.h> 1075 #ifdef GLOB_ALTDIRFUNC 1076 FOUNDIT 1077 #endif 1078 ], 1079 [ 1080 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 1081 [Define if your system glob() function has 1082 the GLOB_ALTDIRFUNC extension]) 1083 AC_MSG_RESULT(yes) 1084 ], 1085 [ 1086 AC_MSG_RESULT(no) 1087 ] 1088) 1089 1090# Check for g.gl_matchc glob() extension 1091AC_MSG_CHECKING(for gl_matchc field in glob_t) 1092AC_TRY_COMPILE( 1093 [ #include <glob.h> ], 1094 [glob_t g; g.gl_matchc = 1;], 1095 [ 1096 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 1097 [Define if your system glob() function has 1098 gl_matchc options in glob_t]) 1099 AC_MSG_RESULT(yes) 1100 ], 1101 [ 1102 AC_MSG_RESULT(no) 1103 ] 1104) 1105 1106AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>]) 1107 1108AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1109AC_RUN_IFELSE( 1110 [AC_LANG_SOURCE([[ 1111#include <sys/types.h> 1112#include <dirent.h> 1113int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 1114 ]])], 1115 [AC_MSG_RESULT(yes)], 1116 [ 1117 AC_MSG_RESULT(no) 1118 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 1119 [Define if your struct dirent expects you to 1120 allocate extra space for d_name]) 1121 ], 1122 [ 1123 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1124 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 1125 ] 1126) 1127 1128AC_MSG_CHECKING([for /proc/pid/fd directory]) 1129if test -d "/proc/$$/fd" ; then 1130 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 1131 AC_MSG_RESULT(yes) 1132else 1133 AC_MSG_RESULT(no) 1134fi 1135 1136# Check whether user wants S/Key support 1137SKEY_MSG="no" 1138AC_ARG_WITH(skey, 1139 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1140 [ 1141 if test "x$withval" != "xno" ; then 1142 1143 if test "x$withval" != "xyes" ; then 1144 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1145 LDFLAGS="$LDFLAGS -L${withval}/lib" 1146 fi 1147 1148 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1149 LIBS="-lskey $LIBS" 1150 SKEY_MSG="yes" 1151 1152 AC_MSG_CHECKING([for s/key support]) 1153 AC_LINK_IFELSE( 1154 [AC_LANG_SOURCE([[ 1155#include <stdio.h> 1156#include <skey.h> 1157int main() { char ff = skey_keyinfo(""); ff=""; exit(0); } 1158* ]])], 1159 [AC_MSG_RESULT(yes)], 1160 [ 1161 AC_MSG_RESULT(no) 1162 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1163 ]) 1164 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 1165 AC_TRY_COMPILE( 1166 [#include <stdio.h> 1167 #include <skey.h>], 1168 [(void)skeychallenge(NULL,"name","",0);], 1169 [AC_MSG_RESULT(yes) 1170 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 1171 [Define if your skeychallenge() 1172 function takes 4 arguments (NetBSD)])], 1173 [AC_MSG_RESULT(no)] 1174 ) 1175 fi 1176 ] 1177) 1178 1179# Check whether user wants TCP wrappers support 1180TCPW_MSG="no" 1181AC_ARG_WITH(tcp-wrappers, 1182 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1183 [ 1184 if test "x$withval" != "xno" ; then 1185 saved_LIBS="$LIBS" 1186 saved_LDFLAGS="$LDFLAGS" 1187 saved_CPPFLAGS="$CPPFLAGS" 1188 if test -n "${withval}" && \ 1189 test "x${withval}" != "xyes"; then 1190 if test -d "${withval}/lib"; then 1191 if test -n "${need_dash_r}"; then 1192 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1193 else 1194 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1195 fi 1196 else 1197 if test -n "${need_dash_r}"; then 1198 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1199 else 1200 LDFLAGS="-L${withval} ${LDFLAGS}" 1201 fi 1202 fi 1203 if test -d "${withval}/include"; then 1204 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1205 else 1206 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1207 fi 1208 fi 1209 LIBS="-lwrap $LIBS" 1210 AC_MSG_CHECKING(for libwrap) 1211 AC_TRY_LINK( 1212 [ 1213#include <sys/types.h> 1214#include <sys/socket.h> 1215#include <netinet/in.h> 1216#include <tcpd.h> 1217 int deny_severity = 0, allow_severity = 0; 1218 ], 1219 [hosts_access(0);], 1220 [ 1221 AC_MSG_RESULT(yes) 1222 AC_DEFINE(LIBWRAP, 1, 1223 [Define if you want 1224 TCP Wrappers support]) 1225 SSHDLIBS="$SSHDLIBS -lwrap" 1226 TCPW_MSG="yes" 1227 ], 1228 [ 1229 AC_MSG_ERROR([*** libwrap missing]) 1230 ] 1231 ) 1232 LIBS="$saved_LIBS" 1233 fi 1234 ] 1235) 1236 1237# Check whether user wants libedit support 1238LIBEDIT_MSG="no" 1239AC_ARG_WITH(libedit, 1240 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1241 [ if test "x$withval" != "xno" ; then 1242 if test "x$withval" != "xyes"; then 1243 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1244 if test -n "${need_dash_r}"; then 1245 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1246 else 1247 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1248 fi 1249 fi 1250 AC_CHECK_LIB(edit, el_init, 1251 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1252 LIBEDIT="-ledit -lcurses" 1253 LIBEDIT_MSG="yes" 1254 AC_SUBST(LIBEDIT) 1255 ], 1256 [ AC_MSG_ERROR(libedit not found) ], 1257 [ -lcurses ] 1258 ) 1259 AC_MSG_CHECKING(if libedit version is compatible) 1260 AC_COMPILE_IFELSE( 1261 [AC_LANG_SOURCE([[ 1262#include <histedit.h> 1263int main(void) 1264{ 1265 int i = H_SETSIZE; 1266 el_init("", NULL, NULL, NULL); 1267 exit(0); 1268} 1269 ]])], 1270 [ AC_MSG_RESULT(yes) ], 1271 [ AC_MSG_RESULT(no) 1272 AC_MSG_ERROR(libedit version is not compatible) ] 1273 ) 1274 fi ] 1275) 1276 1277AUDIT_MODULE=none 1278AC_ARG_WITH(audit, 1279 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1280 [ 1281 AC_MSG_CHECKING(for supported audit module) 1282 case "$withval" in 1283 bsm) 1284 AC_MSG_RESULT(bsm) 1285 AUDIT_MODULE=bsm 1286 dnl Checks for headers, libs and functions 1287 AC_CHECK_HEADERS(bsm/audit.h, [], 1288 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)], 1289 [ 1290#ifdef HAVE_TIME_H 1291# include <time.h> 1292#endif 1293 ] 1294) 1295 AC_CHECK_LIB(bsm, getaudit, [], 1296 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1297 AC_CHECK_FUNCS(getaudit, [], 1298 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1299 # These are optional 1300 AC_CHECK_FUNCS(getaudit_addr aug_get_machine) 1301 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1302 ;; 1303 debug) 1304 AUDIT_MODULE=debug 1305 AC_MSG_RESULT(debug) 1306 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1307 ;; 1308 no) 1309 AC_MSG_RESULT(no) 1310 ;; 1311 ) 1312* AC_MSG_ERROR([Unknown audit module $withval]) 1313 ;; 1314 esac ] 1315) 1316 1317dnl Checks for library functions. Please keep in alphabetical order 1318AC_CHECK_FUNCS( \ 1319 arc4random \ 1320 arc4random_buf \ 1321 arc4random_uniform \ 1322 asprintf \ 1323 b64_ntop \ 1324 __b64_ntop \ 1325 b64_pton \ 1326 __b64_pton \ 1327 bcopy \ 1328 bindresvport_sa \ 1329 clock \ 1330 closefrom \ 1331 dirfd \ 1332 fchmod \ 1333 fchown \ 1334 freeaddrinfo \ 1335 fstatvfs \ 1336 futimes \ 1337 getaddrinfo \ 1338 getcwd \ 1339 getgrouplist \ 1340 getnameinfo \ 1341 getopt \ 1342 getpeereid \ 1343 getpeerucred \ 1344 _getpty \ 1345 getrlimit \ 1346 getttyent \ 1347 glob \ 1348 inet_aton \ 1349 inet_ntoa \ 1350 inet_ntop \ 1351 innetgr \ 1352 login_getcapbool \ 1353 md5_crypt \ 1354 memmove \ 1355 mkdtemp \ 1356 mmap \ 1357 ngetaddrinfo \ 1358 nsleep \ 1359 ogetaddrinfo \ 1360 openlog_r \ 1361 openpty \ 1362 poll \ 1363 prctl \ 1364 pstat \ 1365 readpassphrase \ 1366 realpath \ 1367 recvmsg \ 1368 rresvport_af \ 1369 sendmsg \ 1370 setdtablesize \ 1371 setegid \ 1372 setenv \ 1373 seteuid \ 1374 setgroups \ 1375 setlogin \ 1376 setpcred \ 1377 setproctitle \ 1378 setregid \ 1379 setreuid \ 1380 setrlimit \ 1381 setsid \ 1382 setvbuf \ 1383 sigaction \ 1384 sigvec \ 1385 snprintf \ 1386 socketpair \ 1387 statfs \ 1388 statvfs \ 1389 strdup \ 1390 strerror \ 1391 strlcat \ 1392 strlcpy \ 1393 strmode \ 1394 strnvis \ 1395 strtonum \ 1396 strtoll \ 1397 strtoul \ 1398 swap32 \ 1399 sysconf \ 1400 tcgetpgrp \ 1401 truncate \ 1402 unsetenv \ 1403 updwtmpx \ 1404 vasprintf \ 1405 vhangup \ 1406 vsnprintf \ 1407 waitpid \ 1408) 1409 1410# IRIX has a const char return value for gai_strerror() 1411AC_CHECK_FUNCS(gai_strerror,[ 1412 AC_DEFINE(HAVE_GAI_STRERROR) 1413 AC_TRY_COMPILE([ 1414#include <sys/types.h> 1415#include <sys/socket.h> 1416#include <netdb.h> 1417 1418const char gai_strerror(int);],[ 1419char str; 1420 1421str = gai_strerror(0);],[ 1422 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1423 [Define if gai_strerror() returns const char ])])]) 1424* 1425AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1426 [Some systems put nanosleep outside of libc])) 1427 1428dnl Make sure prototypes are defined for these before using them. 1429AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1430AC_CHECK_DECL(strsep, 1431 [AC_CHECK_FUNCS(strsep)], 1432 [], 1433 [ 1434#ifdef HAVE_STRING_H 1435# include <string.h> 1436#endif 1437 ]) 1438 1439dnl tcsendbreak might be a macro 1440AC_CHECK_DECL(tcsendbreak, 1441 [AC_DEFINE(HAVE_TCSENDBREAK)], 1442 [AC_CHECK_FUNCS(tcsendbreak)], 1443 [#include <termios.h>] 1444) 1445 1446AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1447 1448AC_CHECK_DECLS(SHUT_RD, , , 1449 [ 1450#include <sys/types.h> 1451#include <sys/socket.h> 1452 ]) 1453 1454AC_CHECK_DECLS(O_NONBLOCK, , , 1455 [ 1456#include <sys/types.h> 1457#ifdef HAVE_SYS_STAT_H 1458# include <sys/stat.h> 1459#endif 1460#ifdef HAVE_FCNTL_H 1461# include <fcntl.h> 1462#endif 1463 ]) 1464 1465AC_CHECK_DECLS(writev, , , [ 1466#include <sys/types.h> 1467#include <sys/uio.h> 1468#include <unistd.h> 1469 ]) 1470 1471AC_CHECK_DECLS(MAXSYMLINKS, , , [ 1472#include <sys/param.h> 1473 ]) 1474 1475AC_CHECK_DECLS(offsetof, , , [ 1476#include <stddef.h> 1477 ]) 1478 1479AC_CHECK_FUNCS(setresuid, [ 1480 dnl Some platorms have setresuid that isn't implemented, test for this 1481 AC_MSG_CHECKING(if setresuid seems to work) 1482 AC_RUN_IFELSE( 1483 [AC_LANG_SOURCE([[ 1484#include <stdlib.h> 1485#include <errno.h> 1486int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1487 ]])], 1488 [AC_MSG_RESULT(yes)], 1489 [AC_DEFINE(BROKEN_SETRESUID, 1, 1490 [Define if your setresuid() is broken]) 1491 AC_MSG_RESULT(not implemented)], 1492 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1493 ) 1494]) 1495 1496AC_CHECK_FUNCS(setresgid, [ 1497 dnl Some platorms have setresgid that isn't implemented, test for this 1498 AC_MSG_CHECKING(if setresgid seems to work) 1499 AC_RUN_IFELSE( 1500 [AC_LANG_SOURCE([[ 1501#include <stdlib.h> 1502#include <errno.h> 1503int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1504 ]])], 1505 [AC_MSG_RESULT(yes)], 1506 [AC_DEFINE(BROKEN_SETRESGID, 1, 1507 [Define if your setresgid() is broken]) 1508 AC_MSG_RESULT(not implemented)], 1509 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1510 ) 1511]) 1512 1513dnl Checks for time functions 1514AC_CHECK_FUNCS(gettimeofday time) 1515dnl Checks for utmp functions 1516AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1517AC_CHECK_FUNCS(utmpname) 1518dnl Checks for utmpx functions 1519AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1520AC_CHECK_FUNCS(setutxent utmpxname)
	1521dnl Checks for lastlog functions 1522AC_CHECK_FUNCS(getlastlogxbyname)
1506 1507AC_CHECK_FUNC(daemon, 1508 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1509 [AC_CHECK_LIB(bsd, daemon, 1510 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1511) 1512 1513AC_CHECK_FUNC(getpagesize, 1514 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1515 [Define if your libraries define getpagesize()])], 1516 [AC_CHECK_LIB(ucb, getpagesize, 1517 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1518) 1519 1520# Check for broken snprintf 1521if test "x$ac_cv_func_snprintf" = "xyes" ; then 1522 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1523 AC_RUN_IFELSE( 1524 [AC_LANG_SOURCE([[ 1525#include <stdio.h> 1526int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1527 ]])], 1528 [AC_MSG_RESULT(yes)], 1529 [ 1530 AC_MSG_RESULT(no) 1531 AC_DEFINE(BROKEN_SNPRINTF, 1, 1532 [Define if your snprintf is busted]) 1533 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1534 ], 1535 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1536 ) 1537fi 1538 1539# If we don't have a working asprintf, then we strongly depend on vsnprintf 1540# returning the right thing on overflow: the number of characters it tried to 1541# create (as per SUSv3) 1542if test "x$ac_cv_func_asprintf" != "xyes" && \ 1543 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1544 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1545 AC_RUN_IFELSE( 1546 [AC_LANG_SOURCE([[ 1547#include <sys/types.h> 1548#include <stdio.h> 1549#include <stdarg.h> 1550 1551int x_snprintf(char str,size_t count,const char fmt,...) 1552{ 1553 size_t ret; va_list ap; 1554 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1555 return ret; 1556} 1557int main(void) 1558{ 1559 char x[1]; 1560 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1561} ]])], 1562 [AC_MSG_RESULT(yes)], 1563 [ 1564 AC_MSG_RESULT(no) 1565 AC_DEFINE(BROKEN_SNPRINTF, 1, 1566 [Define if your snprintf is busted]) 1567 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1568 ], 1569 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1570 ) 1571fi 1572 1573# On systems where [v]snprintf is broken, but is declared in stdio, 1574# check that the fmt argument is const char * or just char . 1575# This is only useful for when BROKEN_SNPRINTF 1576AC_MSG_CHECKING([whether snprintf can declare const char fmt]) 1577AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1578 int snprintf(char a, size_t b, const char c, ...) { return 0; } 1579 int main(void) { snprintf(0, 0, 0); } 1580 ]])], 1581 [AC_MSG_RESULT(yes) 1582 AC_DEFINE(SNPRINTF_CONST, [const], 1583 [Define as const if snprintf() can declare const char fmt])], 1584* [AC_MSG_RESULT(no) 1585 AC_DEFINE(SNPRINTF_CONST, [/* not const /])]) 1586* 1587# Check for missing getpeereid (or equiv) support 1588NO_PEERCHECK="" 1589if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then 1590 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1591 AC_TRY_COMPILE( 1592 [#include <sys/types.h> 1593 #include <sys/socket.h>], 1594 [int i = SO_PEERCRED;], 1595 [ AC_MSG_RESULT(yes) 1596 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1597 ], 1598 [AC_MSG_RESULT(no) 1599 NO_PEERCHECK=1] 1600 ) 1601fi 1602 1603dnl see whether mkstemp() requires XXXXXX 1604if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1605AC_MSG_CHECKING([for (overly) strict mkstemp]) 1606AC_RUN_IFELSE( 1607 [AC_LANG_SOURCE([[ 1608#include <stdlib.h> 1609main() { char template[]="conftest.mkstemp-test"; 1610if (mkstemp(template) == -1) 1611 exit(1); 1612unlink(template); exit(0); 1613} 1614 ]])], 1615 [ 1616 AC_MSG_RESULT(no) 1617 ], 1618 [ 1619 AC_MSG_RESULT(yes) 1620 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1621 ], 1622 [ 1623 AC_MSG_RESULT(yes) 1624 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1625 ] 1626) 1627fi 1628 1629dnl make sure that openpty does not reacquire controlling terminal 1630if test ! -z "$check_for_openpty_ctty_bug"; then 1631 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1632 AC_RUN_IFELSE( 1633 [AC_LANG_SOURCE([[ 1634#include <stdio.h> 1635#include <sys/fcntl.h> 1636#include <sys/types.h> 1637#include <sys/wait.h> 1638 1639int 1640main() 1641{ 1642 pid_t pid; 1643 int fd, ptyfd, ttyfd, status; 1644 1645 pid = fork(); 1646 if (pid < 0) { /* failed / 1647* exit(1); 1648 } else if (pid > 0) { /* parent / 1649* waitpid(pid, &status, 0); 1650 if (WIFEXITED(status)) 1651 exit(WEXITSTATUS(status)); 1652 else 1653 exit(2); 1654 } else { /* child / 1655* close(0); close(1); close(2); 1656 setsid(); 1657 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1658 fd = open("/dev/tty", O_RDWR \| O_NOCTTY); 1659 if (fd >= 0) 1660 exit(3); /* Acquired ctty: broken / 1661* else 1662 exit(0); /* Did not acquire ctty: OK / 1663* } 1664} 1665 ]])], 1666 [ 1667 AC_MSG_RESULT(yes) 1668 ], 1669 [ 1670 AC_MSG_RESULT(no) 1671 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1672 ], 1673 [ 1674 AC_MSG_RESULT(cross-compiling, assuming yes) 1675 ] 1676 ) 1677fi 1678 1679if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1680 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1681 AC_MSG_CHECKING(if getaddrinfo seems to work) 1682 AC_RUN_IFELSE( 1683 [AC_LANG_SOURCE([[ 1684#include <stdio.h> 1685#include <sys/socket.h> 1686#include <netdb.h> 1687#include <errno.h> 1688#include <netinet/in.h> 1689 1690#define TEST_PORT "2222" 1691 1692int 1693main(void) 1694{ 1695 int err, sock; 1696 struct addrinfo gai_ai, ai, hints; 1697 char ntop[NI_MAXHOST], strport[NI_MAXSERV], name = NULL; 1698* 1699 memset(&hints, 0, sizeof(hints)); 1700 hints.ai_family = PF_UNSPEC; 1701 hints.ai_socktype = SOCK_STREAM; 1702 hints.ai_flags = AI_PASSIVE; 1703 1704 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1705 if (err != 0) { 1706 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1707 exit(1); 1708 } 1709 1710 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1711 if (ai->ai_family != AF_INET6) 1712 continue; 1713 1714 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1715 sizeof(ntop), strport, sizeof(strport), 1716 NI_NUMERICHOST\|NI_NUMERICSERV); 1717 1718 if (err != 0) { 1719 if (err == EAI_SYSTEM) 1720 perror("getnameinfo EAI_SYSTEM"); 1721 else 1722 fprintf(stderr, "getnameinfo failed: %s\n", 1723 gai_strerror(err)); 1724 exit(2); 1725 } 1726 1727 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1728 if (sock < 0) 1729 perror("socket"); 1730 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1731 if (errno == EBADF) 1732 exit(3); 1733 } 1734 } 1735 exit(0); 1736} 1737 ]])], 1738 [ 1739 AC_MSG_RESULT(yes) 1740 ], 1741 [ 1742 AC_MSG_RESULT(no) 1743 AC_DEFINE(BROKEN_GETADDRINFO) 1744 ], 1745 [ 1746 AC_MSG_RESULT(cross-compiling, assuming yes) 1747 ] 1748 ) 1749fi 1750 1751if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1752 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1753 AC_MSG_CHECKING(if getaddrinfo seems to work) 1754 AC_RUN_IFELSE( 1755 [AC_LANG_SOURCE([[ 1756#include <stdio.h> 1757#include <sys/socket.h> 1758#include <netdb.h> 1759#include <errno.h> 1760#include <netinet/in.h> 1761 1762#define TEST_PORT "2222" 1763 1764int 1765main(void) 1766{ 1767 int err, sock; 1768 struct addrinfo gai_ai, ai, hints; 1769 char ntop[NI_MAXHOST], strport[NI_MAXSERV], name = NULL; 1770* 1771 memset(&hints, 0, sizeof(hints)); 1772 hints.ai_family = PF_UNSPEC; 1773 hints.ai_socktype = SOCK_STREAM; 1774 hints.ai_flags = AI_PASSIVE; 1775 1776 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1777 if (err != 0) { 1778 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1779 exit(1); 1780 } 1781 1782 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1783 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1784 continue; 1785 1786 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1787 sizeof(ntop), strport, sizeof(strport), 1788 NI_NUMERICHOST\|NI_NUMERICSERV); 1789 1790 if (ai->ai_family == AF_INET && err != 0) { 1791 perror("getnameinfo"); 1792 exit(2); 1793 } 1794 } 1795 exit(0); 1796} 1797 ]])], 1798 [ 1799 AC_MSG_RESULT(yes) 1800 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1801 [Define if you have a getaddrinfo that fails 1802 for the all-zeros IPv6 address]) 1803 ], 1804 [ 1805 AC_MSG_RESULT(no) 1806 AC_DEFINE(BROKEN_GETADDRINFO) 1807 ], 1808 [ 1809 AC_MSG_RESULT(cross-compiling, assuming no) 1810 ] 1811 ) 1812fi 1813 1814if test "x$check_for_conflicting_getspnam" = "x1"; then 1815 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1816 AC_COMPILE_IFELSE( 1817 [ 1818#include <shadow.h> 1819int main(void) {exit(0);} 1820 ], 1821 [ 1822 AC_MSG_RESULT(no) 1823 ], 1824 [ 1825 AC_MSG_RESULT(yes) 1826 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1827 [Conflicting defs for getspnam]) 1828 ] 1829 ) 1830fi 1831 1832AC_FUNC_GETPGRP 1833 1834# Search for OpenSSL 1835saved_CPPFLAGS="$CPPFLAGS" 1836saved_LDFLAGS="$LDFLAGS" 1837AC_ARG_WITH(ssl-dir, 1838 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1839 [ 1840 if test "x$withval" != "xno" ; then 1841 case "$withval" in 1842 # Relative paths 1843 ./\|../) withval="`pwd`/$withval" 1844 esac 1845 if test -d "$withval/lib"; then 1846 if test -n "${need_dash_r}"; then 1847 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1848 else 1849 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1850 fi 1851 else 1852 if test -n "${need_dash_r}"; then 1853 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1854 else 1855 LDFLAGS="-L${withval} ${LDFLAGS}" 1856 fi 1857 fi 1858 if test -d "$withval/include"; then 1859 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1860 else 1861 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1862 fi 1863 fi 1864 ] 1865) 1866LIBS="-lcrypto $LIBS" 1867AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 1868 [Define if your ssl headers are included 1869 with #include <openssl/header.h>]), 1870 [ 1871 dnl Check default openssl install dir 1872 if test -n "${need_dash_r}"; then 1873 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1874 else 1875 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1876 fi 1877 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1878 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1879 [ 1880 AC_MSG_ERROR([* Can't find recent OpenSSL libcrypto (see config.log for details) ]) 1881* ] 1882 ) 1883 ] 1884) 1885 1886# Determine OpenSSL header version 1887AC_MSG_CHECKING([OpenSSL header version]) 1888AC_RUN_IFELSE( 1889 [AC_LANG_SOURCE([[ 1890#include <stdio.h> 1891#include <string.h> 1892#include <openssl/opensslv.h> 1893#define DATA "conftest.sslincver" 1894int main(void) { 1895 FILE fd; 1896* int rc; 1897 1898 fd = fopen(DATA,"w"); 1899 if(fd == NULL) 1900 exit(1); 1901 1902 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1903 exit(1); 1904 1905 exit(0); 1906} 1907 ]])], 1908 [ 1909 ssl_header_ver=`cat conftest.sslincver` 1910 AC_MSG_RESULT($ssl_header_ver) 1911 ], 1912 [ 1913 AC_MSG_RESULT(not found) 1914 AC_MSG_ERROR(OpenSSL version header not found.) 1915 ], 1916 [ 1917 AC_MSG_WARN([cross compiling: not checking]) 1918 ] 1919) 1920 1921# Determine OpenSSL library version 1922AC_MSG_CHECKING([OpenSSL library version]) 1923AC_RUN_IFELSE( 1924 [AC_LANG_SOURCE([[ 1925#include <stdio.h> 1926#include <string.h> 1927#include <openssl/opensslv.h> 1928#include <openssl/crypto.h> 1929#define DATA "conftest.ssllibver" 1930int main(void) { 1931 FILE fd; 1932* int rc; 1933 1934 fd = fopen(DATA,"w"); 1935 if(fd == NULL) 1936 exit(1); 1937 1938 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1939 exit(1); 1940 1941 exit(0); 1942} 1943 ]])], 1944 [ 1945 ssl_library_ver=`cat conftest.ssllibver` 1946 AC_MSG_RESULT($ssl_library_ver) 1947 ], 1948 [ 1949 AC_MSG_RESULT(not found) 1950 AC_MSG_ERROR(OpenSSL library not found.) 1951 ], 1952 [ 1953 AC_MSG_WARN([cross compiling: not checking]) 1954 ] 1955) 1956 1957AC_ARG_WITH(openssl-header-check, 1958 [ --without-openssl-header-check Disable OpenSSL version consistency check], 1959 [ if test "x$withval" = "xno" ; then 1960 openssl_check_nonfatal=1 1961 fi 1962 ] 1963) 1964 1965# Sanity check OpenSSL headers 1966AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1967AC_RUN_IFELSE( 1968 [AC_LANG_SOURCE([[ 1969#include <string.h> 1970#include <openssl/opensslv.h> 1971int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1972 ]])], 1973 [ 1974 AC_MSG_RESULT(yes) 1975 ], 1976 [ 1977 AC_MSG_RESULT(no) 1978 if test "x$openssl_check_nonfatal" = "x"; then 1979 AC_MSG_ERROR([Your OpenSSL headers do not match your 1980library. Check config.log for details. 1981If you are sure your installation is consistent, you can disable the check 1982by running "./configure --without-openssl-header-check". 1983Also see contrib/findssl.sh for help identifying header/library mismatches. 1984]) 1985 else 1986 AC_MSG_WARN([Your OpenSSL headers do not match your 1987library. Check config.log for details. 1988Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1989 fi 1990 ], 1991 [ 1992 AC_MSG_WARN([cross compiling: not checking]) 1993 ] 1994) 1995 1996AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 1997AC_LINK_IFELSE( 1998 [AC_LANG_SOURCE([[ 1999#include <openssl/evp.h> 2000int main(void) { SSLeay_add_all_algorithms(); } 2001 ]])], 2002 [ 2003 AC_MSG_RESULT(yes) 2004 ], 2005 [ 2006 AC_MSG_RESULT(no) 2007 saved_LIBS="$LIBS" 2008 LIBS="$LIBS -ldl" 2009 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 2010 AC_LINK_IFELSE( 2011 [AC_LANG_SOURCE([[ 2012#include <openssl/evp.h> 2013int main(void) { SSLeay_add_all_algorithms(); } 2014 ]])], 2015 [ 2016 AC_MSG_RESULT(yes) 2017 ], 2018 [ 2019 AC_MSG_RESULT(no) 2020 LIBS="$saved_LIBS" 2021 ] 2022 ) 2023 ] 2024) 2025 2026AC_ARG_WITH(ssl-engine, 2027 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2028 [ if test "x$withval" != "xno" ; then 2029 AC_MSG_CHECKING(for OpenSSL ENGINE support) 2030 AC_TRY_COMPILE( 2031 [ #include <openssl/engine.h>], 2032 [ 2033ENGINE_load_builtin_engines();ENGINE_register_all_complete(); 2034 ], 2035 [ AC_MSG_RESULT(yes) 2036 AC_DEFINE(USE_OPENSSL_ENGINE, 1, 2037 [Enable OpenSSL engine support]) 2038 ], 2039 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] 2040 ) 2041 fi ] 2042) 2043 2044# Check for OpenSSL without EVP_aes_{192,256}_cbc 2045AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 2046AC_LINK_IFELSE( 2047 [AC_LANG_SOURCE([[ 2048#include <string.h> 2049#include <openssl/evp.h> 2050int main(void) { exit(EVP_aes_192_cbc() == NULL \|\| EVP_aes_256_cbc() == NULL);} 2051 ]])], 2052 [ 2053 AC_MSG_RESULT(no) 2054 ], 2055 [ 2056 AC_MSG_RESULT(yes) 2057 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 2058 [libcrypto is missing AES 192 and 256 bit functions]) 2059 ] 2060) 2061 2062# Some systems want crypt() from libcrypt, not the version in OpenSSL, 2063# because the system crypt() is more featureful. 2064if test "x$check_for_libcrypt_before" = "x1"; then 2065 AC_CHECK_LIB(crypt, crypt) 2066fi 2067 2068# Some Linux systems (Slackware) need crypt() from libcrypt, not the 2069# version in OpenSSL. 2070if test "x$check_for_libcrypt_later" = "x1"; then 2071 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 2072fi 2073 2074# Search for SHA256 support in libc and/or OpenSSL 2075AC_CHECK_FUNCS(SHA256_Update EVP_sha256) 2076 2077saved_LIBS="$LIBS" 2078AC_CHECK_LIB(iaf, ia_openinfo, [ 2079 LIBS="$LIBS -liaf" 2080 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf" 2081 AC_DEFINE(HAVE_LIBIAF, 1, 2082 [Define if system has libiaf that supports set_id]) 2083 ]) 2084]) 2085LIBS="$saved_LIBS" 2086 2087### Configure cryptographic random number support 2088 2089# Check wheter OpenSSL seeds itself 2090AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 2091AC_RUN_IFELSE( 2092 [AC_LANG_SOURCE([[ 2093#include <string.h> 2094#include <openssl/rand.h> 2095int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 2096 ]])], 2097 [ 2098 OPENSSL_SEEDS_ITSELF=yes 2099 AC_MSG_RESULT(yes) 2100 ], 2101 [ 2102 AC_MSG_RESULT(no) 2103 # Default to use of the rand helper if OpenSSL doesn't 2104 # seed itself 2105 USE_RAND_HELPER=yes 2106 ], 2107 [ 2108 AC_MSG_WARN([cross compiling: assuming yes]) 2109 # This is safe, since all recent OpenSSL versions will 2110 # complain at runtime if not seeded correctly. 2111 OPENSSL_SEEDS_ITSELF=yes 2112 ] 2113) 2114 2115# Check for PAM libs 2116PAM_MSG="no" 2117AC_ARG_WITH(pam, 2118 [ --with-pam Enable PAM support ], 2119 [ 2120 if test "x$withval" != "xno" ; then 2121 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2122 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2123 AC_MSG_ERROR([PAM headers not found]) 2124 fi 2125 2126 saved_LIBS="$LIBS" 2127 AC_CHECK_LIB(dl, dlopen, , ) 2128 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 2129 AC_CHECK_FUNCS(pam_getenvlist) 2130 AC_CHECK_FUNCS(pam_putenv) 2131 LIBS="$saved_LIBS" 2132 2133 PAM_MSG="yes" 2134 2135 SSHDLIBS="$SSHDLIBS -lpam" 2136 AC_DEFINE(USE_PAM, 1, 2137 [Define if you want to enable PAM support]) 2138 2139 if test $ac_cv_lib_dl_dlopen = yes; then 2140 case "$LIBS" in 2141 -ldl) 2142 # libdl already in LIBS 2143 ;; 2144 ) 2145* SSHDLIBS="$SSHDLIBS -ldl" 2146 ;; 2147 esac 2148 fi 2149 fi 2150 ] 2151) 2152 2153# Check for older PAM 2154if test "x$PAM_MSG" = "xyes" ; then 2155 # Check PAM strerror arguments (old PAM) 2156 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2157 AC_TRY_COMPILE( 2158 [ 2159#include <stdlib.h> 2160#if defined(HAVE_SECURITY_PAM_APPL_H) 2161#include <security/pam_appl.h> 2162#elif defined (HAVE_PAM_PAM_APPL_H) 2163#include <pam/pam_appl.h> 2164#endif 2165 ], 2166 [(void)pam_strerror((pam_handle_t )NULL, -1);], 2167* [AC_MSG_RESULT(no)], 2168 [ 2169 AC_DEFINE(HAVE_OLD_PAM, 1, 2170 [Define if you have an old version of PAM 2171 which takes only one argument to pam_strerror]) 2172 AC_MSG_RESULT(yes) 2173 PAM_MSG="yes (old library)" 2174 ] 2175 ) 2176fi 2177 2178# Do we want to force the use of the rand helper? 2179AC_ARG_WITH(rand-helper, 2180 [ --with-rand-helper Use subprocess to gather strong randomness ], 2181 [ 2182 if test "x$withval" = "xno" ; then 2183 # Force use of OpenSSL's internal RNG, even if 2184 # the previous test showed it to be unseeded. 2185 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 2186 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 2187 OPENSSL_SEEDS_ITSELF=yes 2188 USE_RAND_HELPER="" 2189 fi 2190 else 2191 USE_RAND_HELPER=yes 2192 fi 2193 ], 2194) 2195 2196# Which randomness source do we use? 2197if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 2198 # OpenSSL only 2199 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 2200 [Define if you want OpenSSL's internally seeded PRNG only]) 2201 RAND_MSG="OpenSSL internal ONLY" 2202 INSTALL_SSH_RAND_HELPER="" 2203elif test ! -z "$USE_RAND_HELPER" ; then 2204 # install rand helper 2205 RAND_MSG="ssh-rand-helper" 2206 INSTALL_SSH_RAND_HELPER="yes" 2207fi 2208AC_SUBST(INSTALL_SSH_RAND_HELPER) 2209 2210### Configuration of ssh-rand-helper 2211 2212# PRNGD TCP socket 2213AC_ARG_WITH(prngd-port, 2214 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2215 [ 2216 case "$withval" in 2217 no) 2218 withval="" 2219 ;; 2220 [[0-9]]) 2221* ;; 2222 ) 2223* AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 2224 ;; 2225 esac 2226 if test ! -z "$withval" ; then 2227 PRNGD_PORT="$withval" 2228 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 2229 [Port number of PRNGD/EGD random number socket]) 2230 fi 2231 ] 2232) 2233 2234# PRNGD Unix domain socket 2235AC_ARG_WITH(prngd-socket, 2236 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2237 [ 2238 case "$withval" in 2239 yes) 2240 withval="/var/run/egd-pool" 2241 ;; 2242 no) 2243 withval="" 2244 ;; 2245 /) 2246* ;; 2247 ) 2248* AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 2249 ;; 2250 esac 2251 2252 if test ! -z "$withval" ; then 2253 if test ! -z "$PRNGD_PORT" ; then 2254 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2255 fi 2256 if test ! -r "$withval" ; then 2257 AC_MSG_WARN(Entropy socket is not readable) 2258 fi 2259 PRNGD_SOCKET="$withval" 2260 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2261 [Location of PRNGD/EGD random number socket]) 2262 fi 2263 ], 2264 [ 2265 # Check for existing socket only if we don't have a random device already 2266 if test "$USE_RAND_HELPER" = yes ; then 2267 AC_MSG_CHECKING(for PRNGD/EGD socket) 2268 # Insert other locations here 2269 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2270 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2271 PRNGD_SOCKET="$sock" 2272 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2273 break; 2274 fi 2275 done 2276 if test ! -z "$PRNGD_SOCKET" ; then 2277 AC_MSG_RESULT($PRNGD_SOCKET) 2278 else 2279 AC_MSG_RESULT(not found) 2280 fi 2281 fi 2282 ] 2283) 2284 2285# Change default command timeout for hashing entropy source 2286entropy_timeout=200 2287AC_ARG_WITH(entropy-timeout, 2288 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2289 [ 2290 if test -n "$withval" && test "x$withval" != "xno" && \ 2291 test "x${withval}" != "xyes"; then 2292 entropy_timeout=$withval 2293 fi 2294 ] 2295) 2296AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2297 [Builtin PRNG command timeout]) 2298 2299SSH_PRIVSEP_USER=sshd 2300AC_ARG_WITH(privsep-user, 2301 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2302 [ 2303 if test -n "$withval" && test "x$withval" != "xno" && \ 2304 test "x${withval}" != "xyes"; then 2305 SSH_PRIVSEP_USER=$withval 2306 fi 2307 ] 2308) 2309AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2310 [non-privileged user for privilege separation]) 2311AC_SUBST(SSH_PRIVSEP_USER) 2312 2313# We do this little dance with the search path to insure 2314# that programs that we select for use by installed programs 2315# (which may be run by the super-user) come from trusted 2316# locations before they come from the user's private area. 2317# This should help avoid accidentally configuring some 2318# random version of a program in someone's personal bin. 2319 2320OPATH=$PATH 2321PATH=/bin:/usr/bin 2322test -h /bin 2> /dev/null && PATH=/usr/bin 2323test -d /sbin && PATH=$PATH:/sbin 2324test -d /usr/sbin && PATH=$PATH:/usr/sbin 2325PATH=$PATH:/etc:$OPATH 2326 2327# These programs are used by the command hashing source to gather entropy 2328OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2329OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2330OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2331OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2332OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2333OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2334OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2335OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2336OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2337OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2338OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2339OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2340OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2341OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2342OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2343OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2344# restore PATH 2345PATH=$OPATH 2346 2347# Where does ssh-rand-helper get its randomness from? 2348INSTALL_SSH_PRNG_CMDS="" 2349if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2350 if test ! -z "$PRNGD_PORT" ; then 2351 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2352 elif test ! -z "$PRNGD_SOCKET" ; then 2353 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2354 else 2355 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2356 RAND_HELPER_CMDHASH=yes 2357 INSTALL_SSH_PRNG_CMDS="yes" 2358 fi 2359fi 2360AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2361 2362 2363# Cheap hack to ensure NEWS-OS libraries are arranged right. 2364if test ! -z "$SONY" ; then 2365 LIBS="$LIBS -liberty"; 2366fi 2367 2368# Check for long long datatypes 2369AC_CHECK_TYPES([long long, unsigned long long, long double]) 2370 2371# Check datatype sizes 2372AC_CHECK_SIZEOF(char, 1) 2373AC_CHECK_SIZEOF(short int, 2) 2374AC_CHECK_SIZEOF(int, 4) 2375AC_CHECK_SIZEOF(long int, 4) 2376AC_CHECK_SIZEOF(long long int, 8) 2377 2378# Sanity check long long for some platforms (AIX) 2379if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2380 ac_cv_sizeof_long_long_int=0 2381fi 2382 2383# compute LLONG_MIN and LLONG_MAX if we don't know them. 2384if test -z "$have_llong_max"; then 2385 AC_MSG_CHECKING([for max value of long long]) 2386 AC_RUN_IFELSE( 2387 [AC_LANG_SOURCE([[ 2388#include <stdio.h> 2389/* Why is this so damn hard? / 2390#ifdef __GNUC__ 2391# undef __GNUC__ 2392#endif 2393#define __USE_ISOC99 2394#include <limits.h> 2395#define DATA "conftest.llminmax" 2396#define my_abs(a) ((a) < 0 ? ((a) -1) : (a)) 2397 2398/* 2399 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2400 * we do this the hard way. 2401 / 2402static int 2403fprint_ll(FILE f, long long n) 2404{ 2405 unsigned int i; 2406 int l[sizeof(long long) * 8]; 2407 2408 if (n < 0) 2409 if (fprintf(f, "-") < 0) 2410 return -1; 2411 for (i = 0; n != 0; i++) { 2412 l[i] = my_abs(n % 10); 2413 n /= 10; 2414 } 2415 do { 2416 if (fprintf(f, "%d", l[--i]) < 0) 2417 return -1; 2418 } while (i != 0); 2419 if (fprintf(f, " ") < 0) 2420 return -1; 2421 return 0; 2422} 2423 2424int main(void) { 2425 FILE f; 2426* long long i, llmin, llmax = 0; 2427 2428 if((f = fopen(DATA,"w")) == NULL) 2429 exit(1); 2430 2431#if defined(LLONG_MIN) && defined(LLONG_MAX) 2432 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2433 llmin = LLONG_MIN; 2434 llmax = LLONG_MAX; 2435#else 2436 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2437 /* This will work on one's complement and two's complement / 2438* for (i = 1; i > llmax; i <<= 1, i++) 2439 llmax = i; 2440 llmin = llmax + 1LL; /* wrap / 2441#endif 2442* 2443 /* Sanity check / 2444* if (llmin + 1 < llmin \|\| llmin - 1 < llmin \|\| llmax + 1 > llmax 2445 \|\| llmax - 1 > llmax \|\| llmin == llmax \|\| llmin == 0 2446 \|\| llmax == 0 \|\| llmax < LONG_MAX \|\| llmin > LONG_MIN) { 2447 fprintf(f, "unknown unknown\n"); 2448 exit(2); 2449 } 2450 2451 if (fprint_ll(f, llmin) < 0) 2452 exit(3); 2453 if (fprint_ll(f, llmax) < 0) 2454 exit(4); 2455 if (fclose(f) < 0) 2456 exit(5); 2457 exit(0); 2458} 2459 ]])], 2460 [ 2461 llong_min=`$AWK '{print $1}' conftest.llminmax` 2462 llong_max=`$AWK '{print $2}' conftest.llminmax` 2463 2464 AC_MSG_RESULT($llong_max) 2465 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2466 [max value of long long calculated by configure]) 2467 AC_MSG_CHECKING([for min value of long long]) 2468 AC_MSG_RESULT($llong_min) 2469 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2470 [min value of long long calculated by configure]) 2471 ], 2472 [ 2473 AC_MSG_RESULT(not found) 2474 ], 2475 [ 2476 AC_MSG_WARN([cross compiling: not checking]) 2477 ] 2478 ) 2479fi 2480 2481 2482# More checks for data types 2483AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2484 AC_TRY_COMPILE( 2485 [ #include <sys/types.h> ], 2486 [ u_int a; a = 1;], 2487 [ ac_cv_have_u_int="yes" ], 2488 [ ac_cv_have_u_int="no" ] 2489 ) 2490]) 2491if test "x$ac_cv_have_u_int" = "xyes" ; then 2492 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2493 have_u_int=1 2494fi 2495 2496AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2497 AC_TRY_COMPILE( 2498 [ #include <sys/types.h> ], 2499 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2500 [ ac_cv_have_intxx_t="yes" ], 2501 [ ac_cv_have_intxx_t="no" ] 2502 ) 2503]) 2504if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2505 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2506 have_intxx_t=1 2507fi 2508 2509if (test -z "$have_intxx_t" && \ 2510 test "x$ac_cv_header_stdint_h" = "xyes") 2511then 2512 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2513 AC_TRY_COMPILE( 2514 [ #include <stdint.h> ], 2515 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2516 [ 2517 AC_DEFINE(HAVE_INTXX_T) 2518 AC_MSG_RESULT(yes) 2519 ], 2520 [ AC_MSG_RESULT(no) ] 2521 ) 2522fi 2523 2524AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2525 AC_TRY_COMPILE( 2526 [ 2527#include <sys/types.h> 2528#ifdef HAVE_STDINT_H 2529# include <stdint.h> 2530#endif 2531#include <sys/socket.h> 2532#ifdef HAVE_SYS_BITYPES_H 2533# include <sys/bitypes.h> 2534#endif 2535 ], 2536 [ int64_t a; a = 1;], 2537 [ ac_cv_have_int64_t="yes" ], 2538 [ ac_cv_have_int64_t="no" ] 2539 ) 2540]) 2541if test "x$ac_cv_have_int64_t" = "xyes" ; then 2542 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2543fi 2544 2545AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2546 AC_TRY_COMPILE( 2547 [ #include <sys/types.h> ], 2548 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2549 [ ac_cv_have_u_intxx_t="yes" ], 2550 [ ac_cv_have_u_intxx_t="no" ] 2551 ) 2552]) 2553if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2554 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2555 have_u_intxx_t=1 2556fi 2557 2558if test -z "$have_u_intxx_t" ; then 2559 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2560 AC_TRY_COMPILE( 2561 [ #include <sys/socket.h> ], 2562 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2563 [ 2564 AC_DEFINE(HAVE_U_INTXX_T) 2565 AC_MSG_RESULT(yes) 2566 ], 2567 [ AC_MSG_RESULT(no) ] 2568 ) 2569fi 2570 2571AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2572 AC_TRY_COMPILE( 2573 [ #include <sys/types.h> ], 2574 [ u_int64_t a; a = 1;], 2575 [ ac_cv_have_u_int64_t="yes" ], 2576 [ ac_cv_have_u_int64_t="no" ] 2577 ) 2578]) 2579if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2580 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2581 have_u_int64_t=1 2582fi 2583 2584if test -z "$have_u_int64_t" ; then 2585 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2586 AC_TRY_COMPILE( 2587 [ #include <sys/bitypes.h> ], 2588 [ u_int64_t a; a = 1], 2589 [ 2590 AC_DEFINE(HAVE_U_INT64_T) 2591 AC_MSG_RESULT(yes) 2592 ], 2593 [ AC_MSG_RESULT(no) ] 2594 ) 2595fi 2596 2597if test -z "$have_u_intxx_t" ; then 2598 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2599 AC_TRY_COMPILE( 2600 [ 2601#include <sys/types.h> 2602 ], 2603 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2604 [ ac_cv_have_uintxx_t="yes" ], 2605 [ ac_cv_have_uintxx_t="no" ] 2606 ) 2607 ]) 2608 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2609 AC_DEFINE(HAVE_UINTXX_T, 1, 2610 [define if you have uintxx_t data type]) 2611 fi 2612fi 2613 2614if test -z "$have_uintxx_t" ; then 2615 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2616 AC_TRY_COMPILE( 2617 [ #include <stdint.h> ], 2618 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2619 [ 2620 AC_DEFINE(HAVE_UINTXX_T) 2621 AC_MSG_RESULT(yes) 2622 ], 2623 [ AC_MSG_RESULT(no) ] 2624 ) 2625fi 2626 2627if (test -z "$have_u_intxx_t" \|\| test -z "$have_intxx_t" && \ 2628 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2629then 2630 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2631 AC_TRY_COMPILE( 2632 [ 2633#include <sys/bitypes.h> 2634 ], 2635 [ 2636 int8_t a; int16_t b; int32_t c; 2637 u_int8_t e; u_int16_t f; u_int32_t g; 2638 a = b = c = e = f = g = 1; 2639 ], 2640 [ 2641 AC_DEFINE(HAVE_U_INTXX_T) 2642 AC_DEFINE(HAVE_INTXX_T) 2643 AC_MSG_RESULT(yes) 2644 ], 2645 [AC_MSG_RESULT(no)] 2646 ) 2647fi 2648 2649 2650AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2651 AC_TRY_COMPILE( 2652 [ 2653#include <sys/types.h> 2654 ], 2655 [ u_char foo; foo = 125; ], 2656 [ ac_cv_have_u_char="yes" ], 2657 [ ac_cv_have_u_char="no" ] 2658 ) 2659]) 2660if test "x$ac_cv_have_u_char" = "xyes" ; then 2661 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2662fi 2663 2664TYPE_SOCKLEN_T 2665 2666AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2667AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[ 2668#include <sys/types.h> 2669#ifdef HAVE_SYS_BITYPES_H 2670#include <sys/bitypes.h> 2671#endif 2672#ifdef HAVE_SYS_STATFS_H 2673#include <sys/statfs.h> 2674#endif 2675#ifdef HAVE_SYS_STATVFS_H 2676#include <sys/statvfs.h> 2677#endif 2678]) 2679 2680AC_CHECK_TYPES(in_addr_t,,, 2681[#include <sys/types.h> 2682#include <netinet/in.h>]) 2683 2684AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2685 AC_TRY_COMPILE( 2686 [ 2687#include <sys/types.h> 2688 ], 2689 [ size_t foo; foo = 1235; ], 2690 [ ac_cv_have_size_t="yes" ], 2691 [ ac_cv_have_size_t="no" ] 2692 ) 2693]) 2694if test "x$ac_cv_have_size_t" = "xyes" ; then 2695 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2696fi 2697 2698AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2699 AC_TRY_COMPILE( 2700 [ 2701#include <sys/types.h> 2702 ], 2703 [ ssize_t foo; foo = 1235; ], 2704 [ ac_cv_have_ssize_t="yes" ], 2705 [ ac_cv_have_ssize_t="no" ] 2706 ) 2707]) 2708if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2709 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2710fi 2711 2712AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2713 AC_TRY_COMPILE( 2714 [ 2715#include <time.h> 2716 ], 2717 [ clock_t foo; foo = 1235; ], 2718 [ ac_cv_have_clock_t="yes" ], 2719 [ ac_cv_have_clock_t="no" ] 2720 ) 2721]) 2722if test "x$ac_cv_have_clock_t" = "xyes" ; then 2723 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2724fi 2725 2726AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2727 AC_TRY_COMPILE( 2728 [ 2729#include <sys/types.h> 2730#include <sys/socket.h> 2731 ], 2732 [ sa_family_t foo; foo = 1235; ], 2733 [ ac_cv_have_sa_family_t="yes" ], 2734 [ AC_TRY_COMPILE( 2735 [ 2736#include <sys/types.h> 2737#include <sys/socket.h> 2738#include <netinet/in.h> 2739 ], 2740 [ sa_family_t foo; foo = 1235; ], 2741 [ ac_cv_have_sa_family_t="yes" ], 2742 2743 [ ac_cv_have_sa_family_t="no" ] 2744 )] 2745 ) 2746]) 2747if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2748 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2749 [define if you have sa_family_t data type]) 2750fi 2751 2752AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2753 AC_TRY_COMPILE( 2754 [ 2755#include <sys/types.h> 2756 ], 2757 [ pid_t foo; foo = 1235; ], 2758 [ ac_cv_have_pid_t="yes" ], 2759 [ ac_cv_have_pid_t="no" ] 2760 ) 2761]) 2762if test "x$ac_cv_have_pid_t" = "xyes" ; then 2763 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2764fi 2765 2766AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2767 AC_TRY_COMPILE( 2768 [ 2769#include <sys/types.h> 2770 ], 2771 [ mode_t foo; foo = 1235; ], 2772 [ ac_cv_have_mode_t="yes" ], 2773 [ ac_cv_have_mode_t="no" ] 2774 ) 2775]) 2776if test "x$ac_cv_have_mode_t" = "xyes" ; then 2777 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2778fi 2779 2780 2781AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2782 AC_TRY_COMPILE( 2783 [ 2784#include <sys/types.h> 2785#include <sys/socket.h> 2786 ], 2787 [ struct sockaddr_storage s; ], 2788 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2789 [ ac_cv_have_struct_sockaddr_storage="no" ] 2790 ) 2791]) 2792if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2793 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 2794 [define if you have struct sockaddr_storage data type]) 2795fi 2796 2797AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2798 AC_TRY_COMPILE( 2799 [ 2800#include <sys/types.h> 2801#include <netinet/in.h> 2802 ], 2803 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2804 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2805 [ ac_cv_have_struct_sockaddr_in6="no" ] 2806 ) 2807]) 2808if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2809 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 2810 [define if you have struct sockaddr_in6 data type]) 2811fi 2812 2813AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2814 AC_TRY_COMPILE( 2815 [ 2816#include <sys/types.h> 2817#include <netinet/in.h> 2818 ], 2819 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2820 [ ac_cv_have_struct_in6_addr="yes" ], 2821 [ ac_cv_have_struct_in6_addr="no" ] 2822 ) 2823]) 2824if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2825 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 2826 [define if you have struct in6_addr data type])	1523 1524AC_CHECK_FUNC(daemon, 1525 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1526 [AC_CHECK_LIB(bsd, daemon, 1527 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1528) 1529 1530AC_CHECK_FUNC(getpagesize, 1531 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1532 [Define if your libraries define getpagesize()])], 1533 [AC_CHECK_LIB(ucb, getpagesize, 1534 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1535) 1536 1537# Check for broken snprintf 1538if test "x$ac_cv_func_snprintf" = "xyes" ; then 1539 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1540 AC_RUN_IFELSE( 1541 [AC_LANG_SOURCE([[ 1542#include <stdio.h> 1543int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1544 ]])], 1545 [AC_MSG_RESULT(yes)], 1546 [ 1547 AC_MSG_RESULT(no) 1548 AC_DEFINE(BROKEN_SNPRINTF, 1, 1549 [Define if your snprintf is busted]) 1550 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1551 ], 1552 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1553 ) 1554fi 1555 1556# If we don't have a working asprintf, then we strongly depend on vsnprintf 1557# returning the right thing on overflow: the number of characters it tried to 1558# create (as per SUSv3) 1559if test "x$ac_cv_func_asprintf" != "xyes" && \ 1560 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1561 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1562 AC_RUN_IFELSE( 1563 [AC_LANG_SOURCE([[ 1564#include <sys/types.h> 1565#include <stdio.h> 1566#include <stdarg.h> 1567 1568int x_snprintf(char str,size_t count,const char fmt,...) 1569{ 1570 size_t ret; va_list ap; 1571 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1572 return ret; 1573} 1574int main(void) 1575{ 1576 char x[1]; 1577 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1578} ]])], 1579 [AC_MSG_RESULT(yes)], 1580 [ 1581 AC_MSG_RESULT(no) 1582 AC_DEFINE(BROKEN_SNPRINTF, 1, 1583 [Define if your snprintf is busted]) 1584 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1585 ], 1586 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1587 ) 1588fi 1589 1590# On systems where [v]snprintf is broken, but is declared in stdio, 1591# check that the fmt argument is const char * or just char . 1592# This is only useful for when BROKEN_SNPRINTF 1593AC_MSG_CHECKING([whether snprintf can declare const char fmt]) 1594AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1595 int snprintf(char a, size_t b, const char c, ...) { return 0; } 1596 int main(void) { snprintf(0, 0, 0); } 1597 ]])], 1598 [AC_MSG_RESULT(yes) 1599 AC_DEFINE(SNPRINTF_CONST, [const], 1600 [Define as const if snprintf() can declare const char fmt])], 1601* [AC_MSG_RESULT(no) 1602 AC_DEFINE(SNPRINTF_CONST, [/* not const /])]) 1603* 1604# Check for missing getpeereid (or equiv) support 1605NO_PEERCHECK="" 1606if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then 1607 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1608 AC_TRY_COMPILE( 1609 [#include <sys/types.h> 1610 #include <sys/socket.h>], 1611 [int i = SO_PEERCRED;], 1612 [ AC_MSG_RESULT(yes) 1613 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1614 ], 1615 [AC_MSG_RESULT(no) 1616 NO_PEERCHECK=1] 1617 ) 1618fi 1619 1620dnl see whether mkstemp() requires XXXXXX 1621if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1622AC_MSG_CHECKING([for (overly) strict mkstemp]) 1623AC_RUN_IFELSE( 1624 [AC_LANG_SOURCE([[ 1625#include <stdlib.h> 1626main() { char template[]="conftest.mkstemp-test"; 1627if (mkstemp(template) == -1) 1628 exit(1); 1629unlink(template); exit(0); 1630} 1631 ]])], 1632 [ 1633 AC_MSG_RESULT(no) 1634 ], 1635 [ 1636 AC_MSG_RESULT(yes) 1637 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1638 ], 1639 [ 1640 AC_MSG_RESULT(yes) 1641 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1642 ] 1643) 1644fi 1645 1646dnl make sure that openpty does not reacquire controlling terminal 1647if test ! -z "$check_for_openpty_ctty_bug"; then 1648 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1649 AC_RUN_IFELSE( 1650 [AC_LANG_SOURCE([[ 1651#include <stdio.h> 1652#include <sys/fcntl.h> 1653#include <sys/types.h> 1654#include <sys/wait.h> 1655 1656int 1657main() 1658{ 1659 pid_t pid; 1660 int fd, ptyfd, ttyfd, status; 1661 1662 pid = fork(); 1663 if (pid < 0) { /* failed / 1664* exit(1); 1665 } else if (pid > 0) { /* parent / 1666* waitpid(pid, &status, 0); 1667 if (WIFEXITED(status)) 1668 exit(WEXITSTATUS(status)); 1669 else 1670 exit(2); 1671 } else { /* child / 1672* close(0); close(1); close(2); 1673 setsid(); 1674 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1675 fd = open("/dev/tty", O_RDWR \| O_NOCTTY); 1676 if (fd >= 0) 1677 exit(3); /* Acquired ctty: broken / 1678* else 1679 exit(0); /* Did not acquire ctty: OK / 1680* } 1681} 1682 ]])], 1683 [ 1684 AC_MSG_RESULT(yes) 1685 ], 1686 [ 1687 AC_MSG_RESULT(no) 1688 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1689 ], 1690 [ 1691 AC_MSG_RESULT(cross-compiling, assuming yes) 1692 ] 1693 ) 1694fi 1695 1696if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1697 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1698 AC_MSG_CHECKING(if getaddrinfo seems to work) 1699 AC_RUN_IFELSE( 1700 [AC_LANG_SOURCE([[ 1701#include <stdio.h> 1702#include <sys/socket.h> 1703#include <netdb.h> 1704#include <errno.h> 1705#include <netinet/in.h> 1706 1707#define TEST_PORT "2222" 1708 1709int 1710main(void) 1711{ 1712 int err, sock; 1713 struct addrinfo gai_ai, ai, hints; 1714 char ntop[NI_MAXHOST], strport[NI_MAXSERV], name = NULL; 1715* 1716 memset(&hints, 0, sizeof(hints)); 1717 hints.ai_family = PF_UNSPEC; 1718 hints.ai_socktype = SOCK_STREAM; 1719 hints.ai_flags = AI_PASSIVE; 1720 1721 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1722 if (err != 0) { 1723 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1724 exit(1); 1725 } 1726 1727 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1728 if (ai->ai_family != AF_INET6) 1729 continue; 1730 1731 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1732 sizeof(ntop), strport, sizeof(strport), 1733 NI_NUMERICHOST\|NI_NUMERICSERV); 1734 1735 if (err != 0) { 1736 if (err == EAI_SYSTEM) 1737 perror("getnameinfo EAI_SYSTEM"); 1738 else 1739 fprintf(stderr, "getnameinfo failed: %s\n", 1740 gai_strerror(err)); 1741 exit(2); 1742 } 1743 1744 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1745 if (sock < 0) 1746 perror("socket"); 1747 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1748 if (errno == EBADF) 1749 exit(3); 1750 } 1751 } 1752 exit(0); 1753} 1754 ]])], 1755 [ 1756 AC_MSG_RESULT(yes) 1757 ], 1758 [ 1759 AC_MSG_RESULT(no) 1760 AC_DEFINE(BROKEN_GETADDRINFO) 1761 ], 1762 [ 1763 AC_MSG_RESULT(cross-compiling, assuming yes) 1764 ] 1765 ) 1766fi 1767 1768if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1769 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1770 AC_MSG_CHECKING(if getaddrinfo seems to work) 1771 AC_RUN_IFELSE( 1772 [AC_LANG_SOURCE([[ 1773#include <stdio.h> 1774#include <sys/socket.h> 1775#include <netdb.h> 1776#include <errno.h> 1777#include <netinet/in.h> 1778 1779#define TEST_PORT "2222" 1780 1781int 1782main(void) 1783{ 1784 int err, sock; 1785 struct addrinfo gai_ai, ai, hints; 1786 char ntop[NI_MAXHOST], strport[NI_MAXSERV], name = NULL; 1787* 1788 memset(&hints, 0, sizeof(hints)); 1789 hints.ai_family = PF_UNSPEC; 1790 hints.ai_socktype = SOCK_STREAM; 1791 hints.ai_flags = AI_PASSIVE; 1792 1793 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1794 if (err != 0) { 1795 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1796 exit(1); 1797 } 1798 1799 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1800 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1801 continue; 1802 1803 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1804 sizeof(ntop), strport, sizeof(strport), 1805 NI_NUMERICHOST\|NI_NUMERICSERV); 1806 1807 if (ai->ai_family == AF_INET && err != 0) { 1808 perror("getnameinfo"); 1809 exit(2); 1810 } 1811 } 1812 exit(0); 1813} 1814 ]])], 1815 [ 1816 AC_MSG_RESULT(yes) 1817 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1818 [Define if you have a getaddrinfo that fails 1819 for the all-zeros IPv6 address]) 1820 ], 1821 [ 1822 AC_MSG_RESULT(no) 1823 AC_DEFINE(BROKEN_GETADDRINFO) 1824 ], 1825 [ 1826 AC_MSG_RESULT(cross-compiling, assuming no) 1827 ] 1828 ) 1829fi 1830 1831if test "x$check_for_conflicting_getspnam" = "x1"; then 1832 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1833 AC_COMPILE_IFELSE( 1834 [ 1835#include <shadow.h> 1836int main(void) {exit(0);} 1837 ], 1838 [ 1839 AC_MSG_RESULT(no) 1840 ], 1841 [ 1842 AC_MSG_RESULT(yes) 1843 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1844 [Conflicting defs for getspnam]) 1845 ] 1846 ) 1847fi 1848 1849AC_FUNC_GETPGRP 1850 1851# Search for OpenSSL 1852saved_CPPFLAGS="$CPPFLAGS" 1853saved_LDFLAGS="$LDFLAGS" 1854AC_ARG_WITH(ssl-dir, 1855 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1856 [ 1857 if test "x$withval" != "xno" ; then 1858 case "$withval" in 1859 # Relative paths 1860 ./\|../) withval="`pwd`/$withval" 1861 esac 1862 if test -d "$withval/lib"; then 1863 if test -n "${need_dash_r}"; then 1864 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1865 else 1866 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1867 fi 1868 else 1869 if test -n "${need_dash_r}"; then 1870 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1871 else 1872 LDFLAGS="-L${withval} ${LDFLAGS}" 1873 fi 1874 fi 1875 if test -d "$withval/include"; then 1876 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1877 else 1878 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1879 fi 1880 fi 1881 ] 1882) 1883LIBS="-lcrypto $LIBS" 1884AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 1885 [Define if your ssl headers are included 1886 with #include <openssl/header.h>]), 1887 [ 1888 dnl Check default openssl install dir 1889 if test -n "${need_dash_r}"; then 1890 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1891 else 1892 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1893 fi 1894 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1895 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1896 [ 1897 AC_MSG_ERROR([* Can't find recent OpenSSL libcrypto (see config.log for details) ]) 1898* ] 1899 ) 1900 ] 1901) 1902 1903# Determine OpenSSL header version 1904AC_MSG_CHECKING([OpenSSL header version]) 1905AC_RUN_IFELSE( 1906 [AC_LANG_SOURCE([[ 1907#include <stdio.h> 1908#include <string.h> 1909#include <openssl/opensslv.h> 1910#define DATA "conftest.sslincver" 1911int main(void) { 1912 FILE fd; 1913* int rc; 1914 1915 fd = fopen(DATA,"w"); 1916 if(fd == NULL) 1917 exit(1); 1918 1919 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1920 exit(1); 1921 1922 exit(0); 1923} 1924 ]])], 1925 [ 1926 ssl_header_ver=`cat conftest.sslincver` 1927 AC_MSG_RESULT($ssl_header_ver) 1928 ], 1929 [ 1930 AC_MSG_RESULT(not found) 1931 AC_MSG_ERROR(OpenSSL version header not found.) 1932 ], 1933 [ 1934 AC_MSG_WARN([cross compiling: not checking]) 1935 ] 1936) 1937 1938# Determine OpenSSL library version 1939AC_MSG_CHECKING([OpenSSL library version]) 1940AC_RUN_IFELSE( 1941 [AC_LANG_SOURCE([[ 1942#include <stdio.h> 1943#include <string.h> 1944#include <openssl/opensslv.h> 1945#include <openssl/crypto.h> 1946#define DATA "conftest.ssllibver" 1947int main(void) { 1948 FILE fd; 1949* int rc; 1950 1951 fd = fopen(DATA,"w"); 1952 if(fd == NULL) 1953 exit(1); 1954 1955 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1956 exit(1); 1957 1958 exit(0); 1959} 1960 ]])], 1961 [ 1962 ssl_library_ver=`cat conftest.ssllibver` 1963 AC_MSG_RESULT($ssl_library_ver) 1964 ], 1965 [ 1966 AC_MSG_RESULT(not found) 1967 AC_MSG_ERROR(OpenSSL library not found.) 1968 ], 1969 [ 1970 AC_MSG_WARN([cross compiling: not checking]) 1971 ] 1972) 1973 1974AC_ARG_WITH(openssl-header-check, 1975 [ --without-openssl-header-check Disable OpenSSL version consistency check], 1976 [ if test "x$withval" = "xno" ; then 1977 openssl_check_nonfatal=1 1978 fi 1979 ] 1980) 1981 1982# Sanity check OpenSSL headers 1983AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1984AC_RUN_IFELSE( 1985 [AC_LANG_SOURCE([[ 1986#include <string.h> 1987#include <openssl/opensslv.h> 1988int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1989 ]])], 1990 [ 1991 AC_MSG_RESULT(yes) 1992 ], 1993 [ 1994 AC_MSG_RESULT(no) 1995 if test "x$openssl_check_nonfatal" = "x"; then 1996 AC_MSG_ERROR([Your OpenSSL headers do not match your 1997library. Check config.log for details. 1998If you are sure your installation is consistent, you can disable the check 1999by running "./configure --without-openssl-header-check". 2000Also see contrib/findssl.sh for help identifying header/library mismatches. 2001]) 2002 else 2003 AC_MSG_WARN([Your OpenSSL headers do not match your 2004library. Check config.log for details. 2005Also see contrib/findssl.sh for help identifying header/library mismatches.]) 2006 fi 2007 ], 2008 [ 2009 AC_MSG_WARN([cross compiling: not checking]) 2010 ] 2011) 2012 2013AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 2014AC_LINK_IFELSE( 2015 [AC_LANG_SOURCE([[ 2016#include <openssl/evp.h> 2017int main(void) { SSLeay_add_all_algorithms(); } 2018 ]])], 2019 [ 2020 AC_MSG_RESULT(yes) 2021 ], 2022 [ 2023 AC_MSG_RESULT(no) 2024 saved_LIBS="$LIBS" 2025 LIBS="$LIBS -ldl" 2026 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 2027 AC_LINK_IFELSE( 2028 [AC_LANG_SOURCE([[ 2029#include <openssl/evp.h> 2030int main(void) { SSLeay_add_all_algorithms(); } 2031 ]])], 2032 [ 2033 AC_MSG_RESULT(yes) 2034 ], 2035 [ 2036 AC_MSG_RESULT(no) 2037 LIBS="$saved_LIBS" 2038 ] 2039 ) 2040 ] 2041) 2042 2043AC_ARG_WITH(ssl-engine, 2044 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2045 [ if test "x$withval" != "xno" ; then 2046 AC_MSG_CHECKING(for OpenSSL ENGINE support) 2047 AC_TRY_COMPILE( 2048 [ #include <openssl/engine.h>], 2049 [ 2050ENGINE_load_builtin_engines();ENGINE_register_all_complete(); 2051 ], 2052 [ AC_MSG_RESULT(yes) 2053 AC_DEFINE(USE_OPENSSL_ENGINE, 1, 2054 [Enable OpenSSL engine support]) 2055 ], 2056 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] 2057 ) 2058 fi ] 2059) 2060 2061# Check for OpenSSL without EVP_aes_{192,256}_cbc 2062AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 2063AC_LINK_IFELSE( 2064 [AC_LANG_SOURCE([[ 2065#include <string.h> 2066#include <openssl/evp.h> 2067int main(void) { exit(EVP_aes_192_cbc() == NULL \|\| EVP_aes_256_cbc() == NULL);} 2068 ]])], 2069 [ 2070 AC_MSG_RESULT(no) 2071 ], 2072 [ 2073 AC_MSG_RESULT(yes) 2074 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 2075 [libcrypto is missing AES 192 and 256 bit functions]) 2076 ] 2077) 2078 2079# Some systems want crypt() from libcrypt, not the version in OpenSSL, 2080# because the system crypt() is more featureful. 2081if test "x$check_for_libcrypt_before" = "x1"; then 2082 AC_CHECK_LIB(crypt, crypt) 2083fi 2084 2085# Some Linux systems (Slackware) need crypt() from libcrypt, not the 2086# version in OpenSSL. 2087if test "x$check_for_libcrypt_later" = "x1"; then 2088 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 2089fi 2090 2091# Search for SHA256 support in libc and/or OpenSSL 2092AC_CHECK_FUNCS(SHA256_Update EVP_sha256) 2093 2094saved_LIBS="$LIBS" 2095AC_CHECK_LIB(iaf, ia_openinfo, [ 2096 LIBS="$LIBS -liaf" 2097 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf" 2098 AC_DEFINE(HAVE_LIBIAF, 1, 2099 [Define if system has libiaf that supports set_id]) 2100 ]) 2101]) 2102LIBS="$saved_LIBS" 2103 2104### Configure cryptographic random number support 2105 2106# Check wheter OpenSSL seeds itself 2107AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 2108AC_RUN_IFELSE( 2109 [AC_LANG_SOURCE([[ 2110#include <string.h> 2111#include <openssl/rand.h> 2112int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 2113 ]])], 2114 [ 2115 OPENSSL_SEEDS_ITSELF=yes 2116 AC_MSG_RESULT(yes) 2117 ], 2118 [ 2119 AC_MSG_RESULT(no) 2120 # Default to use of the rand helper if OpenSSL doesn't 2121 # seed itself 2122 USE_RAND_HELPER=yes 2123 ], 2124 [ 2125 AC_MSG_WARN([cross compiling: assuming yes]) 2126 # This is safe, since all recent OpenSSL versions will 2127 # complain at runtime if not seeded correctly. 2128 OPENSSL_SEEDS_ITSELF=yes 2129 ] 2130) 2131 2132# Check for PAM libs 2133PAM_MSG="no" 2134AC_ARG_WITH(pam, 2135 [ --with-pam Enable PAM support ], 2136 [ 2137 if test "x$withval" != "xno" ; then 2138 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2139 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2140 AC_MSG_ERROR([PAM headers not found]) 2141 fi 2142 2143 saved_LIBS="$LIBS" 2144 AC_CHECK_LIB(dl, dlopen, , ) 2145 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 2146 AC_CHECK_FUNCS(pam_getenvlist) 2147 AC_CHECK_FUNCS(pam_putenv) 2148 LIBS="$saved_LIBS" 2149 2150 PAM_MSG="yes" 2151 2152 SSHDLIBS="$SSHDLIBS -lpam" 2153 AC_DEFINE(USE_PAM, 1, 2154 [Define if you want to enable PAM support]) 2155 2156 if test $ac_cv_lib_dl_dlopen = yes; then 2157 case "$LIBS" in 2158 -ldl) 2159 # libdl already in LIBS 2160 ;; 2161 ) 2162* SSHDLIBS="$SSHDLIBS -ldl" 2163 ;; 2164 esac 2165 fi 2166 fi 2167 ] 2168) 2169 2170# Check for older PAM 2171if test "x$PAM_MSG" = "xyes" ; then 2172 # Check PAM strerror arguments (old PAM) 2173 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2174 AC_TRY_COMPILE( 2175 [ 2176#include <stdlib.h> 2177#if defined(HAVE_SECURITY_PAM_APPL_H) 2178#include <security/pam_appl.h> 2179#elif defined (HAVE_PAM_PAM_APPL_H) 2180#include <pam/pam_appl.h> 2181#endif 2182 ], 2183 [(void)pam_strerror((pam_handle_t )NULL, -1);], 2184* [AC_MSG_RESULT(no)], 2185 [ 2186 AC_DEFINE(HAVE_OLD_PAM, 1, 2187 [Define if you have an old version of PAM 2188 which takes only one argument to pam_strerror]) 2189 AC_MSG_RESULT(yes) 2190 PAM_MSG="yes (old library)" 2191 ] 2192 ) 2193fi 2194 2195# Do we want to force the use of the rand helper? 2196AC_ARG_WITH(rand-helper, 2197 [ --with-rand-helper Use subprocess to gather strong randomness ], 2198 [ 2199 if test "x$withval" = "xno" ; then 2200 # Force use of OpenSSL's internal RNG, even if 2201 # the previous test showed it to be unseeded. 2202 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 2203 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 2204 OPENSSL_SEEDS_ITSELF=yes 2205 USE_RAND_HELPER="" 2206 fi 2207 else 2208 USE_RAND_HELPER=yes 2209 fi 2210 ], 2211) 2212 2213# Which randomness source do we use? 2214if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 2215 # OpenSSL only 2216 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 2217 [Define if you want OpenSSL's internally seeded PRNG only]) 2218 RAND_MSG="OpenSSL internal ONLY" 2219 INSTALL_SSH_RAND_HELPER="" 2220elif test ! -z "$USE_RAND_HELPER" ; then 2221 # install rand helper 2222 RAND_MSG="ssh-rand-helper" 2223 INSTALL_SSH_RAND_HELPER="yes" 2224fi 2225AC_SUBST(INSTALL_SSH_RAND_HELPER) 2226 2227### Configuration of ssh-rand-helper 2228 2229# PRNGD TCP socket 2230AC_ARG_WITH(prngd-port, 2231 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2232 [ 2233 case "$withval" in 2234 no) 2235 withval="" 2236 ;; 2237 [[0-9]]) 2238* ;; 2239 ) 2240* AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 2241 ;; 2242 esac 2243 if test ! -z "$withval" ; then 2244 PRNGD_PORT="$withval" 2245 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 2246 [Port number of PRNGD/EGD random number socket]) 2247 fi 2248 ] 2249) 2250 2251# PRNGD Unix domain socket 2252AC_ARG_WITH(prngd-socket, 2253 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2254 [ 2255 case "$withval" in 2256 yes) 2257 withval="/var/run/egd-pool" 2258 ;; 2259 no) 2260 withval="" 2261 ;; 2262 /) 2263* ;; 2264 ) 2265* AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 2266 ;; 2267 esac 2268 2269 if test ! -z "$withval" ; then 2270 if test ! -z "$PRNGD_PORT" ; then 2271 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2272 fi 2273 if test ! -r "$withval" ; then 2274 AC_MSG_WARN(Entropy socket is not readable) 2275 fi 2276 PRNGD_SOCKET="$withval" 2277 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2278 [Location of PRNGD/EGD random number socket]) 2279 fi 2280 ], 2281 [ 2282 # Check for existing socket only if we don't have a random device already 2283 if test "$USE_RAND_HELPER" = yes ; then 2284 AC_MSG_CHECKING(for PRNGD/EGD socket) 2285 # Insert other locations here 2286 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2287 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2288 PRNGD_SOCKET="$sock" 2289 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2290 break; 2291 fi 2292 done 2293 if test ! -z "$PRNGD_SOCKET" ; then 2294 AC_MSG_RESULT($PRNGD_SOCKET) 2295 else 2296 AC_MSG_RESULT(not found) 2297 fi 2298 fi 2299 ] 2300) 2301 2302# Change default command timeout for hashing entropy source 2303entropy_timeout=200 2304AC_ARG_WITH(entropy-timeout, 2305 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2306 [ 2307 if test -n "$withval" && test "x$withval" != "xno" && \ 2308 test "x${withval}" != "xyes"; then 2309 entropy_timeout=$withval 2310 fi 2311 ] 2312) 2313AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2314 [Builtin PRNG command timeout]) 2315 2316SSH_PRIVSEP_USER=sshd 2317AC_ARG_WITH(privsep-user, 2318 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2319 [ 2320 if test -n "$withval" && test "x$withval" != "xno" && \ 2321 test "x${withval}" != "xyes"; then 2322 SSH_PRIVSEP_USER=$withval 2323 fi 2324 ] 2325) 2326AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2327 [non-privileged user for privilege separation]) 2328AC_SUBST(SSH_PRIVSEP_USER) 2329 2330# We do this little dance with the search path to insure 2331# that programs that we select for use by installed programs 2332# (which may be run by the super-user) come from trusted 2333# locations before they come from the user's private area. 2334# This should help avoid accidentally configuring some 2335# random version of a program in someone's personal bin. 2336 2337OPATH=$PATH 2338PATH=/bin:/usr/bin 2339test -h /bin 2> /dev/null && PATH=/usr/bin 2340test -d /sbin && PATH=$PATH:/sbin 2341test -d /usr/sbin && PATH=$PATH:/usr/sbin 2342PATH=$PATH:/etc:$OPATH 2343 2344# These programs are used by the command hashing source to gather entropy 2345OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2346OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2347OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2348OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2349OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2350OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2351OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2352OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2353OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2354OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2355OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2356OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2357OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2358OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2359OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2360OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2361# restore PATH 2362PATH=$OPATH 2363 2364# Where does ssh-rand-helper get its randomness from? 2365INSTALL_SSH_PRNG_CMDS="" 2366if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2367 if test ! -z "$PRNGD_PORT" ; then 2368 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2369 elif test ! -z "$PRNGD_SOCKET" ; then 2370 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2371 else 2372 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2373 RAND_HELPER_CMDHASH=yes 2374 INSTALL_SSH_PRNG_CMDS="yes" 2375 fi 2376fi 2377AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2378 2379 2380# Cheap hack to ensure NEWS-OS libraries are arranged right. 2381if test ! -z "$SONY" ; then 2382 LIBS="$LIBS -liberty"; 2383fi 2384 2385# Check for long long datatypes 2386AC_CHECK_TYPES([long long, unsigned long long, long double]) 2387 2388# Check datatype sizes 2389AC_CHECK_SIZEOF(char, 1) 2390AC_CHECK_SIZEOF(short int, 2) 2391AC_CHECK_SIZEOF(int, 4) 2392AC_CHECK_SIZEOF(long int, 4) 2393AC_CHECK_SIZEOF(long long int, 8) 2394 2395# Sanity check long long for some platforms (AIX) 2396if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2397 ac_cv_sizeof_long_long_int=0 2398fi 2399 2400# compute LLONG_MIN and LLONG_MAX if we don't know them. 2401if test -z "$have_llong_max"; then 2402 AC_MSG_CHECKING([for max value of long long]) 2403 AC_RUN_IFELSE( 2404 [AC_LANG_SOURCE([[ 2405#include <stdio.h> 2406/* Why is this so damn hard? / 2407#ifdef __GNUC__ 2408# undef __GNUC__ 2409#endif 2410#define __USE_ISOC99 2411#include <limits.h> 2412#define DATA "conftest.llminmax" 2413#define my_abs(a) ((a) < 0 ? ((a) -1) : (a)) 2414 2415/* 2416 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2417 * we do this the hard way. 2418 / 2419static int 2420fprint_ll(FILE f, long long n) 2421{ 2422 unsigned int i; 2423 int l[sizeof(long long) * 8]; 2424 2425 if (n < 0) 2426 if (fprintf(f, "-") < 0) 2427 return -1; 2428 for (i = 0; n != 0; i++) { 2429 l[i] = my_abs(n % 10); 2430 n /= 10; 2431 } 2432 do { 2433 if (fprintf(f, "%d", l[--i]) < 0) 2434 return -1; 2435 } while (i != 0); 2436 if (fprintf(f, " ") < 0) 2437 return -1; 2438 return 0; 2439} 2440 2441int main(void) { 2442 FILE f; 2443* long long i, llmin, llmax = 0; 2444 2445 if((f = fopen(DATA,"w")) == NULL) 2446 exit(1); 2447 2448#if defined(LLONG_MIN) && defined(LLONG_MAX) 2449 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2450 llmin = LLONG_MIN; 2451 llmax = LLONG_MAX; 2452#else 2453 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2454 /* This will work on one's complement and two's complement / 2455* for (i = 1; i > llmax; i <<= 1, i++) 2456 llmax = i; 2457 llmin = llmax + 1LL; /* wrap / 2458#endif 2459* 2460 /* Sanity check / 2461* if (llmin + 1 < llmin \|\| llmin - 1 < llmin \|\| llmax + 1 > llmax 2462 \|\| llmax - 1 > llmax \|\| llmin == llmax \|\| llmin == 0 2463 \|\| llmax == 0 \|\| llmax < LONG_MAX \|\| llmin > LONG_MIN) { 2464 fprintf(f, "unknown unknown\n"); 2465 exit(2); 2466 } 2467 2468 if (fprint_ll(f, llmin) < 0) 2469 exit(3); 2470 if (fprint_ll(f, llmax) < 0) 2471 exit(4); 2472 if (fclose(f) < 0) 2473 exit(5); 2474 exit(0); 2475} 2476 ]])], 2477 [ 2478 llong_min=`$AWK '{print $1}' conftest.llminmax` 2479 llong_max=`$AWK '{print $2}' conftest.llminmax` 2480 2481 AC_MSG_RESULT($llong_max) 2482 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2483 [max value of long long calculated by configure]) 2484 AC_MSG_CHECKING([for min value of long long]) 2485 AC_MSG_RESULT($llong_min) 2486 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2487 [min value of long long calculated by configure]) 2488 ], 2489 [ 2490 AC_MSG_RESULT(not found) 2491 ], 2492 [ 2493 AC_MSG_WARN([cross compiling: not checking]) 2494 ] 2495 ) 2496fi 2497 2498 2499# More checks for data types 2500AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2501 AC_TRY_COMPILE( 2502 [ #include <sys/types.h> ], 2503 [ u_int a; a = 1;], 2504 [ ac_cv_have_u_int="yes" ], 2505 [ ac_cv_have_u_int="no" ] 2506 ) 2507]) 2508if test "x$ac_cv_have_u_int" = "xyes" ; then 2509 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2510 have_u_int=1 2511fi 2512 2513AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2514 AC_TRY_COMPILE( 2515 [ #include <sys/types.h> ], 2516 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2517 [ ac_cv_have_intxx_t="yes" ], 2518 [ ac_cv_have_intxx_t="no" ] 2519 ) 2520]) 2521if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2522 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2523 have_intxx_t=1 2524fi 2525 2526if (test -z "$have_intxx_t" && \ 2527 test "x$ac_cv_header_stdint_h" = "xyes") 2528then 2529 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2530 AC_TRY_COMPILE( 2531 [ #include <stdint.h> ], 2532 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2533 [ 2534 AC_DEFINE(HAVE_INTXX_T) 2535 AC_MSG_RESULT(yes) 2536 ], 2537 [ AC_MSG_RESULT(no) ] 2538 ) 2539fi 2540 2541AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2542 AC_TRY_COMPILE( 2543 [ 2544#include <sys/types.h> 2545#ifdef HAVE_STDINT_H 2546# include <stdint.h> 2547#endif 2548#include <sys/socket.h> 2549#ifdef HAVE_SYS_BITYPES_H 2550# include <sys/bitypes.h> 2551#endif 2552 ], 2553 [ int64_t a; a = 1;], 2554 [ ac_cv_have_int64_t="yes" ], 2555 [ ac_cv_have_int64_t="no" ] 2556 ) 2557]) 2558if test "x$ac_cv_have_int64_t" = "xyes" ; then 2559 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2560fi 2561 2562AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2563 AC_TRY_COMPILE( 2564 [ #include <sys/types.h> ], 2565 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2566 [ ac_cv_have_u_intxx_t="yes" ], 2567 [ ac_cv_have_u_intxx_t="no" ] 2568 ) 2569]) 2570if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2571 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2572 have_u_intxx_t=1 2573fi 2574 2575if test -z "$have_u_intxx_t" ; then 2576 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2577 AC_TRY_COMPILE( 2578 [ #include <sys/socket.h> ], 2579 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2580 [ 2581 AC_DEFINE(HAVE_U_INTXX_T) 2582 AC_MSG_RESULT(yes) 2583 ], 2584 [ AC_MSG_RESULT(no) ] 2585 ) 2586fi 2587 2588AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2589 AC_TRY_COMPILE( 2590 [ #include <sys/types.h> ], 2591 [ u_int64_t a; a = 1;], 2592 [ ac_cv_have_u_int64_t="yes" ], 2593 [ ac_cv_have_u_int64_t="no" ] 2594 ) 2595]) 2596if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2597 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2598 have_u_int64_t=1 2599fi 2600 2601if test -z "$have_u_int64_t" ; then 2602 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2603 AC_TRY_COMPILE( 2604 [ #include <sys/bitypes.h> ], 2605 [ u_int64_t a; a = 1], 2606 [ 2607 AC_DEFINE(HAVE_U_INT64_T) 2608 AC_MSG_RESULT(yes) 2609 ], 2610 [ AC_MSG_RESULT(no) ] 2611 ) 2612fi 2613 2614if test -z "$have_u_intxx_t" ; then 2615 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2616 AC_TRY_COMPILE( 2617 [ 2618#include <sys/types.h> 2619 ], 2620 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2621 [ ac_cv_have_uintxx_t="yes" ], 2622 [ ac_cv_have_uintxx_t="no" ] 2623 ) 2624 ]) 2625 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2626 AC_DEFINE(HAVE_UINTXX_T, 1, 2627 [define if you have uintxx_t data type]) 2628 fi 2629fi 2630 2631if test -z "$have_uintxx_t" ; then 2632 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2633 AC_TRY_COMPILE( 2634 [ #include <stdint.h> ], 2635 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2636 [ 2637 AC_DEFINE(HAVE_UINTXX_T) 2638 AC_MSG_RESULT(yes) 2639 ], 2640 [ AC_MSG_RESULT(no) ] 2641 ) 2642fi 2643 2644if (test -z "$have_u_intxx_t" \|\| test -z "$have_intxx_t" && \ 2645 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2646then 2647 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2648 AC_TRY_COMPILE( 2649 [ 2650#include <sys/bitypes.h> 2651 ], 2652 [ 2653 int8_t a; int16_t b; int32_t c; 2654 u_int8_t e; u_int16_t f; u_int32_t g; 2655 a = b = c = e = f = g = 1; 2656 ], 2657 [ 2658 AC_DEFINE(HAVE_U_INTXX_T) 2659 AC_DEFINE(HAVE_INTXX_T) 2660 AC_MSG_RESULT(yes) 2661 ], 2662 [AC_MSG_RESULT(no)] 2663 ) 2664fi 2665 2666 2667AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2668 AC_TRY_COMPILE( 2669 [ 2670#include <sys/types.h> 2671 ], 2672 [ u_char foo; foo = 125; ], 2673 [ ac_cv_have_u_char="yes" ], 2674 [ ac_cv_have_u_char="no" ] 2675 ) 2676]) 2677if test "x$ac_cv_have_u_char" = "xyes" ; then 2678 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2679fi 2680 2681TYPE_SOCKLEN_T 2682 2683AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2684AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[ 2685#include <sys/types.h> 2686#ifdef HAVE_SYS_BITYPES_H 2687#include <sys/bitypes.h> 2688#endif 2689#ifdef HAVE_SYS_STATFS_H 2690#include <sys/statfs.h> 2691#endif 2692#ifdef HAVE_SYS_STATVFS_H 2693#include <sys/statvfs.h> 2694#endif 2695]) 2696 2697AC_CHECK_TYPES(in_addr_t,,, 2698[#include <sys/types.h> 2699#include <netinet/in.h>]) 2700 2701AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2702 AC_TRY_COMPILE( 2703 [ 2704#include <sys/types.h> 2705 ], 2706 [ size_t foo; foo = 1235; ], 2707 [ ac_cv_have_size_t="yes" ], 2708 [ ac_cv_have_size_t="no" ] 2709 ) 2710]) 2711if test "x$ac_cv_have_size_t" = "xyes" ; then 2712 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2713fi 2714 2715AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2716 AC_TRY_COMPILE( 2717 [ 2718#include <sys/types.h> 2719 ], 2720 [ ssize_t foo; foo = 1235; ], 2721 [ ac_cv_have_ssize_t="yes" ], 2722 [ ac_cv_have_ssize_t="no" ] 2723 ) 2724]) 2725if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2726 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2727fi 2728 2729AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2730 AC_TRY_COMPILE( 2731 [ 2732#include <time.h> 2733 ], 2734 [ clock_t foo; foo = 1235; ], 2735 [ ac_cv_have_clock_t="yes" ], 2736 [ ac_cv_have_clock_t="no" ] 2737 ) 2738]) 2739if test "x$ac_cv_have_clock_t" = "xyes" ; then 2740 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2741fi 2742 2743AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2744 AC_TRY_COMPILE( 2745 [ 2746#include <sys/types.h> 2747#include <sys/socket.h> 2748 ], 2749 [ sa_family_t foo; foo = 1235; ], 2750 [ ac_cv_have_sa_family_t="yes" ], 2751 [ AC_TRY_COMPILE( 2752 [ 2753#include <sys/types.h> 2754#include <sys/socket.h> 2755#include <netinet/in.h> 2756 ], 2757 [ sa_family_t foo; foo = 1235; ], 2758 [ ac_cv_have_sa_family_t="yes" ], 2759 2760 [ ac_cv_have_sa_family_t="no" ] 2761 )] 2762 ) 2763]) 2764if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2765 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2766 [define if you have sa_family_t data type]) 2767fi 2768 2769AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2770 AC_TRY_COMPILE( 2771 [ 2772#include <sys/types.h> 2773 ], 2774 [ pid_t foo; foo = 1235; ], 2775 [ ac_cv_have_pid_t="yes" ], 2776 [ ac_cv_have_pid_t="no" ] 2777 ) 2778]) 2779if test "x$ac_cv_have_pid_t" = "xyes" ; then 2780 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2781fi 2782 2783AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2784 AC_TRY_COMPILE( 2785 [ 2786#include <sys/types.h> 2787 ], 2788 [ mode_t foo; foo = 1235; ], 2789 [ ac_cv_have_mode_t="yes" ], 2790 [ ac_cv_have_mode_t="no" ] 2791 ) 2792]) 2793if test "x$ac_cv_have_mode_t" = "xyes" ; then 2794 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2795fi 2796 2797 2798AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2799 AC_TRY_COMPILE( 2800 [ 2801#include <sys/types.h> 2802#include <sys/socket.h> 2803 ], 2804 [ struct sockaddr_storage s; ], 2805 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2806 [ ac_cv_have_struct_sockaddr_storage="no" ] 2807 ) 2808]) 2809if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2810 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 2811 [define if you have struct sockaddr_storage data type]) 2812fi 2813 2814AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2815 AC_TRY_COMPILE( 2816 [ 2817#include <sys/types.h> 2818#include <netinet/in.h> 2819 ], 2820 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2821 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2822 [ ac_cv_have_struct_sockaddr_in6="no" ] 2823 ) 2824]) 2825if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2826 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 2827 [define if you have struct sockaddr_in6 data type]) 2828fi 2829 2830AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2831 AC_TRY_COMPILE( 2832 [ 2833#include <sys/types.h> 2834#include <netinet/in.h> 2835 ], 2836 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2837 [ ac_cv_have_struct_in6_addr="yes" ], 2838 [ ac_cv_have_struct_in6_addr="no" ] 2839 ) 2840]) 2841if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2842 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 2843 [define if you have struct in6_addr data type])
	2844 2845dnl Now check for sin6_scope_id 2846 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,, 2847 [ 2848#ifdef HAVE_SYS_TYPES_H 2849#include <sys/types.h> 2850#endif 2851#include <netinet/in.h> 2852 ])
2827fi 2828 2829AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2830 AC_TRY_COMPILE( 2831 [ 2832#include <sys/types.h> 2833#include <sys/socket.h> 2834#include <netdb.h> 2835 ], 2836 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2837 [ ac_cv_have_struct_addrinfo="yes" ], 2838 [ ac_cv_have_struct_addrinfo="no" ] 2839 ) 2840]) 2841if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2842 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 2843 [define if you have struct addrinfo data type]) 2844fi 2845 2846AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2847 AC_TRY_COMPILE( 2848 [ #include <sys/time.h> ], 2849 [ struct timeval tv; tv.tv_sec = 1;], 2850 [ ac_cv_have_struct_timeval="yes" ], 2851 [ ac_cv_have_struct_timeval="no" ] 2852 ) 2853]) 2854if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2855 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 2856 have_struct_timeval=1 2857fi 2858 2859AC_CHECK_TYPES(struct timespec) 2860 2861# We need int64_t or else certian parts of the compile will fail. 2862if test "x$ac_cv_have_int64_t" = "xno" && \ 2863 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2864 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2865 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2866 echo "an alternative compiler (I.E., GCC) before continuing." 2867 echo "" 2868 exit 1; 2869else 2870dnl test snprintf (broken on SCO w/gcc) 2871 AC_RUN_IFELSE( 2872 [AC_LANG_SOURCE([[ 2873#include <stdio.h> 2874#include <string.h> 2875#ifdef HAVE_SNPRINTF 2876main() 2877{ 2878 char buf[50]; 2879 char expected_out[50]; 2880 int mazsize = 50 ; 2881#if (SIZEOF_LONG_INT == 8) 2882 long int num = 0x7fffffffffffffff; 2883#else 2884 long long num = 0x7fffffffffffffffll; 2885#endif 2886 strcpy(expected_out, "9223372036854775807"); 2887 snprintf(buf, mazsize, "%lld", num); 2888 if(strcmp(buf, expected_out) != 0) 2889 exit(1); 2890 exit(0); 2891} 2892#else 2893main() { exit(0); } 2894#endif 2895 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2896 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2897 ) 2898fi 2899 2900dnl Checks for structure members 2901OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2902OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2903OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2904OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2905OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2906OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2907OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2908OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2909OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2910OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2911OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2912OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2913OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2914OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2915OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2916OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2917OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2918 2919AC_CHECK_MEMBERS([struct stat.st_blksize]) 2920AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 2921 [Define if we don't have struct __res_state in resolv.h])], 2922[ 2923#include <stdio.h> 2924#if HAVE_SYS_TYPES_H 2925# include <sys/types.h> 2926#endif 2927#include <netinet/in.h> 2928#include <arpa/nameser.h> 2929#include <resolv.h> 2930]) 2931 2932AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2933 ac_cv_have_ss_family_in_struct_ss, [ 2934 AC_TRY_COMPILE( 2935 [ 2936#include <sys/types.h> 2937#include <sys/socket.h> 2938 ], 2939 [ struct sockaddr_storage s; s.ss_family = 1; ], 2940 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2941 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2942 ) 2943]) 2944if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2945 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 2946fi 2947 2948AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2949 ac_cv_have___ss_family_in_struct_ss, [ 2950 AC_TRY_COMPILE( 2951 [ 2952#include <sys/types.h> 2953#include <sys/socket.h> 2954 ], 2955 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2956 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2957 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2958 ) 2959]) 2960if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2961 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 2962 [Fields in struct sockaddr_storage]) 2963fi 2964 2965AC_CACHE_CHECK([for pw_class field in struct passwd], 2966 ac_cv_have_pw_class_in_struct_passwd, [ 2967 AC_TRY_COMPILE( 2968 [ 2969#include <pwd.h> 2970 ], 2971 [ struct passwd p; p.pw_class = 0; ], 2972 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2973 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 2974 ) 2975]) 2976if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 2977 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 2978 [Define if your password has a pw_class field]) 2979fi 2980 2981AC_CACHE_CHECK([for pw_expire field in struct passwd], 2982 ac_cv_have_pw_expire_in_struct_passwd, [ 2983 AC_TRY_COMPILE( 2984 [ 2985#include <pwd.h> 2986 ], 2987 [ struct passwd p; p.pw_expire = 0; ], 2988 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 2989 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 2990 ) 2991]) 2992if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 2993 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 2994 [Define if your password has a pw_expire field]) 2995fi 2996 2997AC_CACHE_CHECK([for pw_change field in struct passwd], 2998 ac_cv_have_pw_change_in_struct_passwd, [ 2999 AC_TRY_COMPILE( 3000 [ 3001#include <pwd.h> 3002 ], 3003 [ struct passwd p; p.pw_change = 0; ], 3004 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 3005 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 3006 ) 3007]) 3008if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 3009 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 3010 [Define if your password has a pw_change field]) 3011fi 3012 3013dnl make sure we're using the real structure members and not defines 3014AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 3015 ac_cv_have_accrights_in_msghdr, [ 3016 AC_COMPILE_IFELSE( 3017 [ 3018#include <sys/types.h> 3019#include <sys/socket.h> 3020#include <sys/uio.h> 3021int main() { 3022#ifdef msg_accrights 3023#error "msg_accrights is a macro" 3024exit(1); 3025#endif 3026struct msghdr m; 3027m.msg_accrights = 0; 3028exit(0); 3029} 3030 ], 3031 [ ac_cv_have_accrights_in_msghdr="yes" ], 3032 [ ac_cv_have_accrights_in_msghdr="no" ] 3033 ) 3034]) 3035if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 3036 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 3037 [Define if your system uses access rights style 3038 file descriptor passing]) 3039fi 3040 3041AC_MSG_CHECKING(if f_fsid has val members) 3042AC_TRY_COMPILE([ 3043#include <sys/types.h> 3044#include <sys/statvfs.h>], 3045[struct fsid_t t; t.val[0] = 0;], 3046 [ AC_MSG_RESULT(yes) 3047 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ], 3048 [ AC_MSG_RESULT(no) ] 3049) 3050 3051AC_CACHE_CHECK([for msg_control field in struct msghdr], 3052 ac_cv_have_control_in_msghdr, [ 3053 AC_COMPILE_IFELSE( 3054 [ 3055#include <sys/types.h> 3056#include <sys/socket.h> 3057#include <sys/uio.h> 3058int main() { 3059#ifdef msg_control 3060#error "msg_control is a macro" 3061exit(1); 3062#endif 3063struct msghdr m; 3064m.msg_control = 0; 3065exit(0); 3066} 3067 ], 3068 [ ac_cv_have_control_in_msghdr="yes" ], 3069 [ ac_cv_have_control_in_msghdr="no" ] 3070 ) 3071]) 3072if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 3073 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 3074 [Define if your system uses ancillary data style 3075 file descriptor passing]) 3076fi 3077 3078AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 3079 AC_TRY_LINK([], 3080 [ extern char __progname; printf("%s", __progname); ], 3081* [ ac_cv_libc_defines___progname="yes" ], 3082 [ ac_cv_libc_defines___progname="no" ] 3083 ) 3084]) 3085if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 3086 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 3087fi 3088 3089AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 3090 AC_TRY_LINK([ 3091#include <stdio.h> 3092], 3093 [ printf("%s", __FUNCTION__); ], 3094 [ ac_cv_cc_implements___FUNCTION__="yes" ], 3095 [ ac_cv_cc_implements___FUNCTION__="no" ] 3096 ) 3097]) 3098if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 3099 AC_DEFINE(HAVE___FUNCTION__, 1, 3100 [Define if compiler implements __FUNCTION__]) 3101fi 3102 3103AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 3104 AC_TRY_LINK([ 3105#include <stdio.h> 3106], 3107 [ printf("%s", __func__); ], 3108 [ ac_cv_cc_implements___func__="yes" ], 3109 [ ac_cv_cc_implements___func__="no" ] 3110 ) 3111]) 3112if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 3113 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 3114fi 3115 3116AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 3117 AC_TRY_LINK( 3118 [#include <stdarg.h> 3119 va_list x,y;], 3120 [va_copy(x,y);], 3121 [ ac_cv_have_va_copy="yes" ], 3122 [ ac_cv_have_va_copy="no" ] 3123 ) 3124]) 3125if test "x$ac_cv_have_va_copy" = "xyes" ; then 3126 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 3127fi 3128 3129AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3130 AC_TRY_LINK( 3131 [#include <stdarg.h> 3132 va_list x,y;], 3133 [__va_copy(x,y);], 3134 [ ac_cv_have___va_copy="yes" ], 3135 [ ac_cv_have___va_copy="no" ] 3136 ) 3137]) 3138if test "x$ac_cv_have___va_copy" = "xyes" ; then 3139 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 3140fi 3141 3142AC_CACHE_CHECK([whether getopt has optreset support], 3143 ac_cv_have_getopt_optreset, [ 3144 AC_TRY_LINK( 3145 [ 3146#include <getopt.h> 3147 ], 3148 [ extern int optreset; optreset = 0; ], 3149 [ ac_cv_have_getopt_optreset="yes" ], 3150 [ ac_cv_have_getopt_optreset="no" ] 3151 ) 3152]) 3153if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3154 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 3155 [Define if your getopt(3) defines and uses optreset]) 3156fi 3157 3158AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3159 AC_TRY_LINK([], 3160 [ extern const char const sys_errlist[]; printf("%s", sys_errlist[0]);], 3161* [ ac_cv_libc_defines_sys_errlist="yes" ], 3162 [ ac_cv_libc_defines_sys_errlist="no" ] 3163 ) 3164]) 3165if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3166 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 3167 [Define if your system defines sys_errlist[]]) 3168fi 3169 3170 3171AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3172 AC_TRY_LINK([], 3173 [ extern int sys_nerr; printf("%i", sys_nerr);], 3174 [ ac_cv_libc_defines_sys_nerr="yes" ], 3175 [ ac_cv_libc_defines_sys_nerr="no" ] 3176 ) 3177]) 3178if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3179 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 3180fi 3181 3182SCARD_MSG="no" 3183# Check whether user wants sectok support 3184AC_ARG_WITH(sectok, 3185 [ --with-sectok Enable smartcard support using libsectok], 3186 [ 3187 if test "x$withval" != "xno" ; then 3188 if test "x$withval" != "xyes" ; then 3189 CPPFLAGS="$CPPFLAGS -I${withval}" 3190 LDFLAGS="$LDFLAGS -L${withval}" 3191 if test ! -z "$need_dash_r" ; then 3192 LDFLAGS="$LDFLAGS -R${withval}" 3193 fi 3194 if test ! -z "$blibpath" ; then 3195 blibpath="$blibpath:${withval}" 3196 fi 3197 fi 3198 AC_CHECK_HEADERS(sectok.h) 3199 if test "$ac_cv_header_sectok_h" != yes; then 3200 AC_MSG_ERROR(Can't find sectok.h) 3201 fi 3202 AC_CHECK_LIB(sectok, sectok_open) 3203 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 3204 AC_MSG_ERROR(Can't find libsectok) 3205 fi 3206 AC_DEFINE(SMARTCARD, 1, 3207 [Define if you want smartcard support]) 3208 AC_DEFINE(USE_SECTOK, 1, 3209 [Define if you want smartcard support 3210 using sectok]) 3211 SCARD_MSG="yes, using sectok" 3212 fi 3213 ] 3214) 3215 3216# Check whether user wants OpenSC support 3217OPENSC_CONFIG="no" 3218AC_ARG_WITH(opensc, 3219 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 3220 [ 3221 if test "x$withval" != "xno" ; then 3222 if test "x$withval" != "xyes" ; then 3223 OPENSC_CONFIG=$withval/bin/opensc-config 3224 else 3225 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 3226 fi 3227 if test "$OPENSC_CONFIG" != "no"; then 3228 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 3229 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 3230 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 3231 LIBS="$LIBS $LIBOPENSC_LIBS" 3232 AC_DEFINE(SMARTCARD) 3233 AC_DEFINE(USE_OPENSC, 1, 3234 [Define if you want smartcard support 3235 using OpenSC]) 3236 SCARD_MSG="yes, using OpenSC" 3237 fi 3238 fi 3239 ] 3240) 3241 3242# Check libraries needed by DNS fingerprint support 3243AC_SEARCH_LIBS(getrrsetbyname, resolv, 3244 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 3245 [Define if getrrsetbyname() exists])], 3246 [ 3247 # Needed by our getrrsetbyname() 3248 AC_SEARCH_LIBS(res_query, resolv) 3249 AC_SEARCH_LIBS(dn_expand, resolv) 3250 AC_MSG_CHECKING(if res_query will link) 3251 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 3252 [AC_MSG_RESULT(no) 3253 saved_LIBS="$LIBS" 3254 LIBS="$LIBS -lresolv" 3255 AC_MSG_CHECKING(for res_query in -lresolv) 3256 AC_LINK_IFELSE([ 3257#include <resolv.h> 3258int main() 3259{ 3260 res_query (0, 0, 0, 0, 0); 3261 return 0; 3262} 3263 ], 3264 [LIBS="$LIBS -lresolv" 3265 AC_MSG_RESULT(yes)], 3266 [LIBS="$saved_LIBS" 3267 AC_MSG_RESULT(no)]) 3268 ]) 3269 AC_CHECK_FUNCS(_getshort _getlong) 3270 AC_CHECK_DECLS([_getshort, _getlong], , , 3271 [#include <sys/types.h> 3272 #include <arpa/nameser.h>]) 3273 AC_CHECK_MEMBER(HEADER.ad, 3274 [AC_DEFINE(HAVE_HEADER_AD, 1, 3275 [Define if HEADER.ad exists in arpa/nameser.h])],, 3276 [#include <arpa/nameser.h>]) 3277 ]) 3278 3279AC_MSG_CHECKING(if struct __res_state _res is an extern) 3280AC_LINK_IFELSE([ 3281#include <stdio.h> 3282#if HAVE_SYS_TYPES_H 3283# include <sys/types.h> 3284#endif 3285#include <netinet/in.h> 3286#include <arpa/nameser.h> 3287#include <resolv.h> 3288extern struct __res_state _res; 3289int main() { return 0; } 3290 ], 3291 [AC_MSG_RESULT(yes) 3292 AC_DEFINE(HAVE__RES_EXTERN, 1, 3293 [Define if you have struct __res_state _res as an extern]) 3294 ], 3295 [ AC_MSG_RESULT(no) ] 3296) 3297 3298# Check whether user wants SELinux support 3299SELINUX_MSG="no" 3300LIBSELINUX="" 3301AC_ARG_WITH(selinux, 3302 [ --with-selinux Enable SELinux support], 3303 [ if test "x$withval" != "xno" ; then 3304 save_LIBS="$LIBS" 3305 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) 3306 SELINUX_MSG="yes" 3307 AC_CHECK_HEADER([selinux/selinux.h], , 3308 AC_MSG_ERROR(SELinux support requires selinux.h header)) 3309 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], 3310 AC_MSG_ERROR(SELinux support requires libselinux library)) 3311 SSHDLIBS="$SSHDLIBS $LIBSELINUX" 3312 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) 3313 LIBS="$save_LIBS" 3314 fi ] 3315) 3316 3317# Check whether user wants Kerberos 5 support 3318KRB5_MSG="no" 3319AC_ARG_WITH(kerberos5, 3320 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3321 [ if test "x$withval" != "xno" ; then 3322 if test "x$withval" = "xyes" ; then 3323 KRB5ROOT="/usr/local" 3324 else 3325 KRB5ROOT=${withval} 3326 fi 3327 3328 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3329 KRB5_MSG="yes" 3330 3331 AC_MSG_CHECKING(for krb5-config) 3332 if test -x $KRB5ROOT/bin/krb5-config ; then 3333 KRB5CONF=$KRB5ROOT/bin/krb5-config 3334 AC_MSG_RESULT($KRB5CONF) 3335 3336 AC_MSG_CHECKING(for gssapi support) 3337 if $KRB5CONF \| grep gssapi >/dev/null ; then 3338 AC_MSG_RESULT(yes) 3339 AC_DEFINE(GSSAPI, 1, 3340 [Define this if you want GSSAPI 3341 support in the version 2 protocol]) 3342 k5confopts=gssapi 3343 else 3344 AC_MSG_RESULT(no) 3345 k5confopts="" 3346 fi 3347 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3348 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3349 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3350 AC_MSG_CHECKING(whether we are using Heimdal) 3351 AC_TRY_COMPILE([ #include <krb5.h> ], 3352 [ char tmp = heimdal_version; ], 3353* [ AC_MSG_RESULT(yes) 3354 AC_DEFINE(HEIMDAL, 1, 3355 [Define this if you are using the 3356 Heimdal version of Kerberos V5]) ], 3357 AC_MSG_RESULT(no) 3358 ) 3359 else 3360 AC_MSG_RESULT(no) 3361 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3362 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3363 AC_MSG_CHECKING(whether we are using Heimdal) 3364 AC_TRY_COMPILE([ #include <krb5.h> ], 3365 [ char tmp = heimdal_version; ], 3366* [ AC_MSG_RESULT(yes) 3367 AC_DEFINE(HEIMDAL) 3368 K5LIBS="-lkrb5 -ldes" 3369 K5LIBS="$K5LIBS -lcom_err -lasn1" 3370 AC_CHECK_LIB(roken, net_write, 3371 [K5LIBS="$K5LIBS -lroken"]) 3372 ], 3373 [ AC_MSG_RESULT(no) 3374 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3375 ] 3376 ) 3377 AC_SEARCH_LIBS(dn_expand, resolv) 3378 3379 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context, 3380 [ AC_DEFINE(GSSAPI) 3381 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3382 [ AC_CHECK_LIB(gssapi, gss_init_sec_context, 3383 [ AC_DEFINE(GSSAPI) 3384 K5LIBS="-lgssapi $K5LIBS" ], 3385 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3386 $K5LIBS) 3387 ], 3388 $K5LIBS) 3389 3390 AC_CHECK_HEADER(gssapi.h, , 3391 [ unset ac_cv_header_gssapi_h 3392 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3393 AC_CHECK_HEADERS(gssapi.h, , 3394 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3395 ) 3396 ] 3397 ) 3398 3399 oldCPP="$CPPFLAGS" 3400 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3401 AC_CHECK_HEADER(gssapi_krb5.h, , 3402 [ CPPFLAGS="$oldCPP" ]) 3403 3404 fi 3405 if test ! -z "$need_dash_r" ; then 3406 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3407 fi 3408 if test ! -z "$blibpath" ; then 3409 blibpath="$blibpath:${KRB5ROOT}/lib" 3410 fi 3411 3412 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3413 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3414 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3415 3416 LIBS="$LIBS $K5LIBS" 3417 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3418 [Define this if you want to use libkafs' AFS support])) 3419 fi 3420 ] 3421) 3422 3423# Looking for programs, paths and files 3424 3425PRIVSEP_PATH=/var/empty 3426AC_ARG_WITH(privsep-path, 3427 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3428 [ 3429 if test -n "$withval" && test "x$withval" != "xno" && \ 3430 test "x${withval}" != "xyes"; then 3431 PRIVSEP_PATH=$withval 3432 fi 3433 ] 3434) 3435AC_SUBST(PRIVSEP_PATH) 3436 3437AC_ARG_WITH(xauth, 3438 [ --with-xauth=PATH Specify path to xauth program ], 3439 [ 3440 if test -n "$withval" && test "x$withval" != "xno" && \ 3441 test "x${withval}" != "xyes"; then 3442 xauth_path=$withval 3443 fi 3444 ], 3445 [ 3446 TestPath="$PATH" 3447 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3448 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3449 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3450 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3451 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3452 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3453 xauth_path="/usr/openwin/bin/xauth" 3454 fi 3455 ] 3456) 3457 3458STRIP_OPT=-s 3459AC_ARG_ENABLE(strip, 3460 [ --disable-strip Disable calling strip(1) on install], 3461 [ 3462 if test "x$enableval" = "xno" ; then 3463 STRIP_OPT= 3464 fi 3465 ] 3466) 3467AC_SUBST(STRIP_OPT) 3468 3469if test -z "$xauth_path" ; then 3470 XAUTH_PATH="undefined" 3471 AC_SUBST(XAUTH_PATH) 3472else 3473 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3474 [Define if xauth is found in your path]) 3475 XAUTH_PATH=$xauth_path 3476 AC_SUBST(XAUTH_PATH) 3477fi 3478 3479# Check for mail directory (last resort if we cannot get it from headers) 3480if test ! -z "$MAIL" ; then 3481 maildir=`dirname $MAIL` 3482 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3483 [Set this to your mail directory if you don't have maillock.h]) 3484fi 3485 3486if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3487 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3488 disable_ptmx_check=yes 3489fi 3490if test -z "$no_dev_ptmx" ; then 3491 if test "x$disable_ptmx_check" != "xyes" ; then 3492 AC_CHECK_FILE("/dev/ptmx", 3493 [ 3494 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3495 [Define if you have /dev/ptmx]) 3496 have_dev_ptmx=1 3497 ] 3498 ) 3499 fi 3500fi 3501 3502if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3503 AC_CHECK_FILE("/dev/ptc", 3504 [ 3505 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3506 [Define if you have /dev/ptc]) 3507 have_dev_ptc=1 3508 ] 3509 ) 3510else 3511 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3512fi 3513 3514# Options from here on. Some of these are preset by platform above 3515AC_ARG_WITH(mantype, 3516 [ --with-mantype=man\|cat\|doc Set man page type], 3517 [ 3518 case "$withval" in 3519 man\|cat\|doc) 3520 MANTYPE=$withval 3521 ;; 3522 ) 3523* AC_MSG_ERROR(invalid man type: $withval) 3524 ;; 3525 esac 3526 ] 3527) 3528if test -z "$MANTYPE"; then 3529 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3530 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3531 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3532 MANTYPE=doc 3533 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3534 MANTYPE=man 3535 else 3536 MANTYPE=cat 3537 fi 3538fi 3539AC_SUBST(MANTYPE) 3540if test "$MANTYPE" = "doc"; then 3541 mansubdir=man; 3542else 3543 mansubdir=$MANTYPE; 3544fi 3545AC_SUBST(mansubdir) 3546 3547# Check whether to enable MD5 passwords 3548MD5_MSG="no" 3549AC_ARG_WITH(md5-passwords, 3550 [ --with-md5-passwords Enable use of MD5 passwords], 3551 [ 3552 if test "x$withval" != "xno" ; then 3553 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3554 [Define if you want to allow MD5 passwords]) 3555 MD5_MSG="yes" 3556 fi 3557 ] 3558) 3559 3560# Whether to disable shadow password support 3561AC_ARG_WITH(shadow, 3562 [ --without-shadow Disable shadow password support], 3563 [ 3564 if test "x$withval" = "xno" ; then 3565 AC_DEFINE(DISABLE_SHADOW) 3566 disable_shadow=yes 3567 fi 3568 ] 3569) 3570 3571if test -z "$disable_shadow" ; then 3572 AC_MSG_CHECKING([if the systems has expire shadow information]) 3573 AC_TRY_COMPILE( 3574 [ 3575#include <sys/types.h> 3576#include <shadow.h> 3577 struct spwd sp; 3578 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3579 [ sp_expire_available=yes ], [] 3580 ) 3581 3582 if test "x$sp_expire_available" = "xyes" ; then 3583 AC_MSG_RESULT(yes) 3584 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3585 [Define if you want to use shadow password expire field]) 3586 else 3587 AC_MSG_RESULT(no) 3588 fi 3589fi 3590 3591# Use ip address instead of hostname in $DISPLAY 3592if test ! -z "$IPADDR_IN_DISPLAY" ; then 3593 DISPLAY_HACK_MSG="yes" 3594 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3595 [Define if you need to use IP address 3596 instead of hostname in $DISPLAY]) 3597else 3598 DISPLAY_HACK_MSG="no" 3599 AC_ARG_WITH(ipaddr-display, 3600 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3601 [ 3602 if test "x$withval" != "xno" ; then 3603 AC_DEFINE(IPADDR_IN_DISPLAY) 3604 DISPLAY_HACK_MSG="yes" 3605 fi 3606 ] 3607 ) 3608fi 3609 3610# check for /etc/default/login and use it if present. 3611AC_ARG_ENABLE(etc-default-login, 3612 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3613 [ if test "x$enableval" = "xno"; then 3614 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3615 etc_default_login=no 3616 else 3617 etc_default_login=yes 3618 fi ], 3619 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3620 then 3621 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3622 etc_default_login=no 3623 else 3624 etc_default_login=yes 3625 fi ] 3626) 3627 3628if test "x$etc_default_login" != "xno"; then 3629 AC_CHECK_FILE("/etc/default/login", 3630 [ external_path_file=/etc/default/login ]) 3631 if test "x$external_path_file" = "x/etc/default/login"; then 3632 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3633 [Define if your system has /etc/default/login]) 3634 fi 3635fi 3636 3637dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3638if test $ac_cv_func_login_getcapbool = "yes" && \ 3639 test $ac_cv_header_login_cap_h = "yes" ; then 3640 external_path_file=/etc/login.conf 3641fi 3642 3643# Whether to mess with the default path 3644SERVER_PATH_MSG="(default)" 3645AC_ARG_WITH(default-path, 3646 [ --with-default-path= Specify default \$PATH environment for server], 3647 [ 3648 if test "x$external_path_file" = "x/etc/login.conf" ; then 3649 AC_MSG_WARN([ 3650--with-default-path=PATH has no effect on this system. 3651Edit /etc/login.conf instead.]) 3652 elif test "x$withval" != "xno" ; then 3653 if test ! -z "$external_path_file" ; then 3654 AC_MSG_WARN([ 3655--with-default-path=PATH will only be used if PATH is not defined in 3656$external_path_file .]) 3657 fi 3658 user_path="$withval" 3659 SERVER_PATH_MSG="$withval" 3660 fi 3661 ], 3662 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3663 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3664 else 3665 if test ! -z "$external_path_file" ; then 3666 AC_MSG_WARN([ 3667If PATH is defined in $external_path_file, ensure the path to scp is included, 3668otherwise scp will not work.]) 3669 fi 3670 AC_RUN_IFELSE( 3671 [AC_LANG_SOURCE([[ 3672/* find out what STDPATH is / 3673#include <stdio.h> 3674#ifdef HAVE_PATHS_H 3675# include <paths.h> 3676#endif 3677#ifndef _PATH_STDPATH 3678# ifdef _PATH_USERPATH / Irix / 3679# define _PATH_STDPATH _PATH_USERPATH 3680# else 3681# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3682# endif 3683#endif 3684#include <sys/types.h> 3685#include <sys/stat.h> 3686#include <fcntl.h> 3687#define DATA "conftest.stdpath" 3688* 3689main() 3690{ 3691 FILE fd; 3692* int rc; 3693 3694 fd = fopen(DATA,"w"); 3695 if(fd == NULL) 3696 exit(1); 3697 3698 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3699 exit(1); 3700 3701 exit(0); 3702} 3703 ]])], 3704 [ user_path=`cat conftest.stdpath` ], 3705 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3706 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3707 ) 3708# make sure $bindir is in USER_PATH so scp will work 3709 t_bindir=`eval echo ${bindir}` 3710 case $t_bindir in 3711 NONE/) t_bindir=`echo $t_bindir \| sed "s~NONE~$prefix~"` ;; 3712* esac 3713 case $t_bindir in 3714 NONE/) t_bindir=`echo $t_bindir \| sed "s~NONE~$ac_default_prefix~"` ;; 3715* esac 3716 echo $user_path \| grep ":$t_bindir" > /dev/null 2>&1 3717 if test $? -ne 0 ; then 3718 echo $user_path \| grep "^$t_bindir" > /dev/null 2>&1 3719 if test $? -ne 0 ; then 3720 user_path=$user_path:$t_bindir 3721 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3722 fi 3723 fi 3724 fi ] 3725) 3726if test "x$external_path_file" != "x/etc/login.conf" ; then 3727 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3728 AC_SUBST(user_path) 3729fi 3730 3731# Set superuser path separately to user path 3732AC_ARG_WITH(superuser-path, 3733 [ --with-superuser-path= Specify different path for super-user], 3734 [ 3735 if test -n "$withval" && test "x$withval" != "xno" && \ 3736 test "x${withval}" != "xyes"; then 3737 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3738 [Define if you want a different $PATH 3739 for the superuser]) 3740 superuser_path=$withval 3741 fi 3742 ] 3743) 3744 3745 3746AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3747IPV4_IN6_HACK_MSG="no" 3748AC_ARG_WITH(4in6, 3749 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3750 [ 3751 if test "x$withval" != "xno" ; then 3752 AC_MSG_RESULT(yes) 3753 AC_DEFINE(IPV4_IN_IPV6, 1, 3754 [Detect IPv4 in IPv6 mapped addresses 3755 and treat as IPv4]) 3756 IPV4_IN6_HACK_MSG="yes" 3757 else 3758 AC_MSG_RESULT(no) 3759 fi 3760 ],[ 3761 if test "x$inet6_default_4in6" = "xyes"; then 3762 AC_MSG_RESULT([yes (default)]) 3763 AC_DEFINE(IPV4_IN_IPV6) 3764 IPV4_IN6_HACK_MSG="yes" 3765 else 3766 AC_MSG_RESULT([no (default)]) 3767 fi 3768 ] 3769) 3770 3771# Whether to enable BSD auth support 3772BSD_AUTH_MSG=no 3773AC_ARG_WITH(bsd-auth, 3774 [ --with-bsd-auth Enable BSD auth support], 3775 [ 3776 if test "x$withval" != "xno" ; then 3777 AC_DEFINE(BSD_AUTH, 1, 3778 [Define if you have BSD auth support]) 3779 BSD_AUTH_MSG=yes 3780 fi 3781 ] 3782) 3783 3784# Where to place sshd.pid 3785piddir=/var/run 3786# make sure the directory exists 3787if test ! -d $piddir ; then 3788 piddir=`eval echo ${sysconfdir}` 3789 case $piddir in 3790 NONE/) piddir=`echo $piddir \| sed "s~NONE~$ac_default_prefix~"` ;; 3791* esac 3792fi 3793 3794AC_ARG_WITH(pid-dir, 3795 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3796 [ 3797 if test -n "$withval" && test "x$withval" != "xno" && \ 3798 test "x${withval}" != "xyes"; then 3799 piddir=$withval 3800 if test ! -d $piddir ; then 3801 AC_MSG_WARN([ no $piddir directory on this system ]) 3802 fi 3803 fi 3804 ] 3805) 3806 3807AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 3808AC_SUBST(piddir) 3809 3810dnl allow user to disable some login recording features 3811AC_ARG_ENABLE(lastlog, 3812 [ --disable-lastlog disable use of lastlog even if detected [no]], 3813 [ 3814 if test "x$enableval" = "xno" ; then 3815 AC_DEFINE(DISABLE_LASTLOG) 3816 fi 3817 ] 3818) 3819AC_ARG_ENABLE(utmp, 3820 [ --disable-utmp disable use of utmp even if detected [no]], 3821 [ 3822 if test "x$enableval" = "xno" ; then 3823 AC_DEFINE(DISABLE_UTMP) 3824 fi 3825 ] 3826) 3827AC_ARG_ENABLE(utmpx, 3828 [ --disable-utmpx disable use of utmpx even if detected [no]], 3829 [ 3830 if test "x$enableval" = "xno" ; then 3831 AC_DEFINE(DISABLE_UTMPX, 1, 3832 [Define if you don't want to use utmpx]) 3833 fi 3834 ] 3835) 3836AC_ARG_ENABLE(wtmp, 3837 [ --disable-wtmp disable use of wtmp even if detected [no]], 3838 [ 3839 if test "x$enableval" = "xno" ; then 3840 AC_DEFINE(DISABLE_WTMP) 3841 fi 3842 ] 3843) 3844AC_ARG_ENABLE(wtmpx, 3845 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3846 [ 3847 if test "x$enableval" = "xno" ; then 3848 AC_DEFINE(DISABLE_WTMPX, 1, 3849 [Define if you don't want to use wtmpx]) 3850 fi 3851 ] 3852) 3853AC_ARG_ENABLE(libutil, 3854 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3855 [ 3856 if test "x$enableval" = "xno" ; then 3857 AC_DEFINE(DISABLE_LOGIN) 3858 fi 3859 ] 3860) 3861AC_ARG_ENABLE(pututline, 3862 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3863 [ 3864 if test "x$enableval" = "xno" ; then 3865 AC_DEFINE(DISABLE_PUTUTLINE, 1, 3866 [Define if you don't want to use pututline() 3867 etc. to write [uw]tmp]) 3868 fi 3869 ] 3870) 3871AC_ARG_ENABLE(pututxline, 3872 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3873 [ 3874 if test "x$enableval" = "xno" ; then 3875 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 3876 [Define if you don't want to use pututxline() 3877 etc. to write [uw]tmpx]) 3878 fi 3879 ] 3880) 3881AC_ARG_WITH(lastlog, 3882 [ --with-lastlog=FILE\|DIR specify lastlog location [common locations]], 3883 [ 3884 if test "x$withval" = "xno" ; then 3885 AC_DEFINE(DISABLE_LASTLOG) 3886 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3887 conf_lastlog_location=$withval 3888 fi 3889 ] 3890) 3891 3892dnl lastlog, [uw]tmpx? detection 3893dnl NOTE: set the paths in the platform section to avoid the 3894dnl need for command-line parameters 3895dnl lastlog and [uw]tmp are subject to a file search if all else fails 3896 3897dnl lastlog detection 3898dnl NOTE: the code itself will detect if lastlog is a directory 3899AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3900AC_TRY_COMPILE([ 3901#include <sys/types.h> 3902#include <utmp.h> 3903#ifdef HAVE_LASTLOG_H 3904# include <lastlog.h> 3905#endif 3906#ifdef HAVE_PATHS_H 3907# include <paths.h> 3908#endif 3909#ifdef HAVE_LOGIN_H 3910# include <login.h> 3911#endif 3912 ], 3913 [ char lastlog = LASTLOG_FILE; ], 3914* [ AC_MSG_RESULT(yes) ], 3915 [ 3916 AC_MSG_RESULT(no) 3917 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3918 AC_TRY_COMPILE([ 3919#include <sys/types.h> 3920#include <utmp.h> 3921#ifdef HAVE_LASTLOG_H 3922# include <lastlog.h> 3923#endif 3924#ifdef HAVE_PATHS_H 3925# include <paths.h> 3926#endif 3927 ], 3928 [ char lastlog = _PATH_LASTLOG; ], 3929* [ AC_MSG_RESULT(yes) ], 3930 [ 3931 AC_MSG_RESULT(no) 3932 system_lastlog_path=no 3933 ]) 3934 ] 3935) 3936 3937if test -z "$conf_lastlog_location"; then 3938 if test x"$system_lastlog_path" = x"no" ; then 3939 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3940 if (test -d "$f" \|\| test -f "$f") ; then 3941 conf_lastlog_location=$f 3942 fi 3943 done 3944 if test -z "$conf_lastlog_location"; then 3945 AC_MSG_WARN([ Cannot find lastlog ]) 3946 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3947 fi 3948 fi 3949fi 3950 3951if test -n "$conf_lastlog_location"; then 3952 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 3953 [Define if you want to specify the path to your lastlog file]) 3954fi 3955 3956dnl utmp detection 3957AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3958AC_TRY_COMPILE([ 3959#include <sys/types.h> 3960#include <utmp.h> 3961#ifdef HAVE_PATHS_H 3962# include <paths.h> 3963#endif 3964 ], 3965 [ char utmp = UTMP_FILE; ], 3966* [ AC_MSG_RESULT(yes) ], 3967 [ AC_MSG_RESULT(no) 3968 system_utmp_path=no ] 3969) 3970if test -z "$conf_utmp_location"; then 3971 if test x"$system_utmp_path" = x"no" ; then 3972 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3973 if test -f $f ; then 3974 conf_utmp_location=$f 3975 fi 3976 done 3977 if test -z "$conf_utmp_location"; then 3978 AC_DEFINE(DISABLE_UTMP) 3979 fi 3980 fi 3981fi 3982if test -n "$conf_utmp_location"; then 3983 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 3984 [Define if you want to specify the path to your utmp file]) 3985fi 3986 3987dnl wtmp detection 3988AC_MSG_CHECKING([if your system defines WTMP_FILE]) 3989AC_TRY_COMPILE([ 3990#include <sys/types.h> 3991#include <utmp.h> 3992#ifdef HAVE_PATHS_H 3993# include <paths.h> 3994#endif 3995 ], 3996 [ char wtmp = WTMP_FILE; ], 3997* [ AC_MSG_RESULT(yes) ], 3998 [ AC_MSG_RESULT(no) 3999 system_wtmp_path=no ] 4000) 4001if test -z "$conf_wtmp_location"; then 4002 if test x"$system_wtmp_path" = x"no" ; then 4003 for f in /usr/adm/wtmp /var/log/wtmp; do 4004 if test -f $f ; then 4005 conf_wtmp_location=$f 4006 fi 4007 done 4008 if test -z "$conf_wtmp_location"; then 4009 AC_DEFINE(DISABLE_WTMP) 4010 fi 4011 fi 4012fi 4013if test -n "$conf_wtmp_location"; then 4014 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 4015 [Define if you want to specify the path to your wtmp file]) 4016fi 4017 4018 4019dnl utmpx detection - I don't know any system so perverse as to require 4020dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 4021dnl there, though. 4022AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 4023AC_TRY_COMPILE([ 4024#include <sys/types.h> 4025#include <utmp.h> 4026#ifdef HAVE_UTMPX_H 4027#include <utmpx.h> 4028#endif 4029#ifdef HAVE_PATHS_H 4030# include <paths.h> 4031#endif 4032 ], 4033 [ char utmpx = UTMPX_FILE; ], 4034* [ AC_MSG_RESULT(yes) ], 4035 [ AC_MSG_RESULT(no) 4036 system_utmpx_path=no ] 4037) 4038if test -z "$conf_utmpx_location"; then 4039 if test x"$system_utmpx_path" = x"no" ; then 4040 AC_DEFINE(DISABLE_UTMPX) 4041 fi 4042else 4043 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", 4044 [Define if you want to specify the path to your utmpx file]) 4045fi 4046 4047dnl wtmpx detection 4048AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 4049AC_TRY_COMPILE([ 4050#include <sys/types.h> 4051#include <utmp.h> 4052#ifdef HAVE_UTMPX_H 4053#include <utmpx.h> 4054#endif 4055#ifdef HAVE_PATHS_H 4056# include <paths.h> 4057#endif 4058 ], 4059 [ char wtmpx = WTMPX_FILE; ], 4060* [ AC_MSG_RESULT(yes) ], 4061 [ AC_MSG_RESULT(no) 4062 system_wtmpx_path=no ] 4063) 4064if test -z "$conf_wtmpx_location"; then 4065 if test x"$system_wtmpx_path" = x"no" ; then 4066 AC_DEFINE(DISABLE_WTMPX) 4067 fi 4068else 4069 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 4070 [Define if you want to specify the path to your wtmpx file]) 4071fi 4072 4073 4074if test ! -z "$blibpath" ; then 4075 LDFLAGS="$LDFLAGS $blibflags$blibpath" 4076 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 4077fi 4078 4079dnl Adding -Werror to CFLAGS early prevents configure tests from running. 4080dnl Add now. 4081CFLAGS="$CFLAGS $werror_flags" 4082 4083if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null \|\| \ 4084 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then 4085 AC_SUBST(TEST_SSH_IPV6, no) 4086else 4087 AC_SUBST(TEST_SSH_IPV6, yes) 4088fi 4089 4090AC_EXEEXT 4091AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 4092 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 4093 scard/Makefile ssh_prng_cmds survey.sh]) 4094AC_OUTPUT 4095 4096# Print summary of options 4097 4098# Someone please show me a better way :) 4099A=`eval echo ${prefix}` ; A=`eval echo ${A}` 4100B=`eval echo ${bindir}` ; B=`eval echo ${B}` 4101C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 4102D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 4103E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 4104F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 4105G=`eval echo ${piddir}` ; G=`eval echo ${G}` 4106H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 4107I=`eval echo ${user_path}` ; I=`eval echo ${I}` 4108J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 4109 4110echo "" 4111echo "OpenSSH has been configured with the following options:" 4112echo " User binaries: $B" 4113echo " System binaries: $C" 4114echo " Configuration files: $D" 4115echo " Askpass program: $E" 4116echo " Manual pages: $F" 4117echo " PID file: $G" 4118echo " Privilege separation chroot path: $H" 4119if test "x$external_path_file" = "x/etc/login.conf" ; then 4120echo " At runtime, sshd will use the path defined in $external_path_file" 4121echo " Make sure the path to scp is present, otherwise scp will not work" 4122else 4123echo " sshd default user PATH: $I" 4124 if test ! -z "$external_path_file"; then 4125echo " (If PATH is set in $external_path_file it will be used instead. If" 4126echo " used, ensure the path to scp is present, otherwise scp will not work.)" 4127 fi 4128fi 4129if test ! -z "$superuser_path" ; then 4130echo " sshd superuser user PATH: $J" 4131fi 4132echo " Manpage format: $MANTYPE" 4133echo " PAM support: $PAM_MSG" 4134echo " OSF SIA support: $SIA_MSG" 4135echo " KerberosV support: $KRB5_MSG" 4136echo " SELinux support: $SELINUX_MSG" 4137echo " Smartcard support: $SCARD_MSG" 4138echo " S/KEY support: $SKEY_MSG" 4139echo " TCP Wrappers support: $TCPW_MSG" 4140echo " MD5 password support: $MD5_MSG" 4141echo " libedit support: $LIBEDIT_MSG" 4142echo " Solaris process contract support: $SPC_MSG" 4143echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4144echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4145echo " BSD Auth support: $BSD_AUTH_MSG" 4146echo " Random number source: $RAND_MSG" 4147if test ! -z "$USE_RAND_HELPER" ; then 4148echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 4149fi 4150 4151echo "" 4152 4153echo " Host: ${host}" 4154echo " Compiler: ${CC}" 4155echo " Compiler flags: ${CFLAGS}" 4156echo "Preprocessor flags: ${CPPFLAGS}" 4157echo " Linker flags: ${LDFLAGS}" 4158echo " Libraries: ${LIBS}" 4159if test ! -z "${SSHDLIBS}"; then 4160echo " +for sshd: ${SSHDLIBS}" 4161fi 4162 4163echo "" 4164 4165if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4166 echo "SVR4 style packages are supported with \"make package\"" 4167 echo "" 4168fi 4169 4170if test "x$PAM_MSG" = "xyes" ; then 4171 echo "PAM is enabled. You may need to install a PAM control file " 4172 echo "for sshd, otherwise password authentication may fail. " 4173 echo "Example PAM control files can be found in the contrib/ " 4174 echo "subdirectory" 4175 echo "" 4176fi 4177 4178if test ! -z "$RAND_HELPER_CMDHASH" ; then 4179 echo "WARNING: you are using the builtin random number collection " 4180 echo "service. Please read WARNING.RNG and request that your OS " 4181 echo "vendor includes kernel-based random number collection in " 4182 echo "future versions of your OS." 4183 echo "" 4184fi 4185 4186if test ! -z "$NO_PEERCHECK" ; then 4187 echo "WARNING: the operating system that you are using does not" 4188 echo "appear to support getpeereid(), getpeerucred() or the" 4189 echo "SO_PEERCRED getsockopt() option. These facilities are used to" 4190 echo "enforce security checks to prevent unauthorised connections to" 4191 echo "ssh-agent. Their absence increases the risk that a malicious" 4192 echo "user can connect to your agent." 4193 echo "" 4194fi 4195 4196if test "$AUDIT_MODULE" = "bsm" ; then 4197 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4198 echo "See the Solaris section in README.platform for details." 4199fi	2853fi 2854 2855AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2856 AC_TRY_COMPILE( 2857 [ 2858#include <sys/types.h> 2859#include <sys/socket.h> 2860#include <netdb.h> 2861 ], 2862 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2863 [ ac_cv_have_struct_addrinfo="yes" ], 2864 [ ac_cv_have_struct_addrinfo="no" ] 2865 ) 2866]) 2867if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2868 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 2869 [define if you have struct addrinfo data type]) 2870fi 2871 2872AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2873 AC_TRY_COMPILE( 2874 [ #include <sys/time.h> ], 2875 [ struct timeval tv; tv.tv_sec = 1;], 2876 [ ac_cv_have_struct_timeval="yes" ], 2877 [ ac_cv_have_struct_timeval="no" ] 2878 ) 2879]) 2880if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2881 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 2882 have_struct_timeval=1 2883fi 2884 2885AC_CHECK_TYPES(struct timespec) 2886 2887# We need int64_t or else certian parts of the compile will fail. 2888if test "x$ac_cv_have_int64_t" = "xno" && \ 2889 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2890 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2891 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2892 echo "an alternative compiler (I.E., GCC) before continuing." 2893 echo "" 2894 exit 1; 2895else 2896dnl test snprintf (broken on SCO w/gcc) 2897 AC_RUN_IFELSE( 2898 [AC_LANG_SOURCE([[ 2899#include <stdio.h> 2900#include <string.h> 2901#ifdef HAVE_SNPRINTF 2902main() 2903{ 2904 char buf[50]; 2905 char expected_out[50]; 2906 int mazsize = 50 ; 2907#if (SIZEOF_LONG_INT == 8) 2908 long int num = 0x7fffffffffffffff; 2909#else 2910 long long num = 0x7fffffffffffffffll; 2911#endif 2912 strcpy(expected_out, "9223372036854775807"); 2913 snprintf(buf, mazsize, "%lld", num); 2914 if(strcmp(buf, expected_out) != 0) 2915 exit(1); 2916 exit(0); 2917} 2918#else 2919main() { exit(0); } 2920#endif 2921 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2922 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2923 ) 2924fi 2925 2926dnl Checks for structure members 2927OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2928OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2929OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2930OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2931OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2932OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2933OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2934OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2935OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2936OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2937OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2938OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2939OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2940OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2941OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2942OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2943OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2944 2945AC_CHECK_MEMBERS([struct stat.st_blksize]) 2946AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 2947 [Define if we don't have struct __res_state in resolv.h])], 2948[ 2949#include <stdio.h> 2950#if HAVE_SYS_TYPES_H 2951# include <sys/types.h> 2952#endif 2953#include <netinet/in.h> 2954#include <arpa/nameser.h> 2955#include <resolv.h> 2956]) 2957 2958AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2959 ac_cv_have_ss_family_in_struct_ss, [ 2960 AC_TRY_COMPILE( 2961 [ 2962#include <sys/types.h> 2963#include <sys/socket.h> 2964 ], 2965 [ struct sockaddr_storage s; s.ss_family = 1; ], 2966 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2967 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2968 ) 2969]) 2970if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2971 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 2972fi 2973 2974AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2975 ac_cv_have___ss_family_in_struct_ss, [ 2976 AC_TRY_COMPILE( 2977 [ 2978#include <sys/types.h> 2979#include <sys/socket.h> 2980 ], 2981 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2982 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2983 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2984 ) 2985]) 2986if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2987 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 2988 [Fields in struct sockaddr_storage]) 2989fi 2990 2991AC_CACHE_CHECK([for pw_class field in struct passwd], 2992 ac_cv_have_pw_class_in_struct_passwd, [ 2993 AC_TRY_COMPILE( 2994 [ 2995#include <pwd.h> 2996 ], 2997 [ struct passwd p; p.pw_class = 0; ], 2998 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2999 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 3000 ) 3001]) 3002if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 3003 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 3004 [Define if your password has a pw_class field]) 3005fi 3006 3007AC_CACHE_CHECK([for pw_expire field in struct passwd], 3008 ac_cv_have_pw_expire_in_struct_passwd, [ 3009 AC_TRY_COMPILE( 3010 [ 3011#include <pwd.h> 3012 ], 3013 [ struct passwd p; p.pw_expire = 0; ], 3014 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 3015 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 3016 ) 3017]) 3018if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 3019 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 3020 [Define if your password has a pw_expire field]) 3021fi 3022 3023AC_CACHE_CHECK([for pw_change field in struct passwd], 3024 ac_cv_have_pw_change_in_struct_passwd, [ 3025 AC_TRY_COMPILE( 3026 [ 3027#include <pwd.h> 3028 ], 3029 [ struct passwd p; p.pw_change = 0; ], 3030 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 3031 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 3032 ) 3033]) 3034if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 3035 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 3036 [Define if your password has a pw_change field]) 3037fi 3038 3039dnl make sure we're using the real structure members and not defines 3040AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 3041 ac_cv_have_accrights_in_msghdr, [ 3042 AC_COMPILE_IFELSE( 3043 [ 3044#include <sys/types.h> 3045#include <sys/socket.h> 3046#include <sys/uio.h> 3047int main() { 3048#ifdef msg_accrights 3049#error "msg_accrights is a macro" 3050exit(1); 3051#endif 3052struct msghdr m; 3053m.msg_accrights = 0; 3054exit(0); 3055} 3056 ], 3057 [ ac_cv_have_accrights_in_msghdr="yes" ], 3058 [ ac_cv_have_accrights_in_msghdr="no" ] 3059 ) 3060]) 3061if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 3062 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 3063 [Define if your system uses access rights style 3064 file descriptor passing]) 3065fi 3066 3067AC_MSG_CHECKING(if f_fsid has val members) 3068AC_TRY_COMPILE([ 3069#include <sys/types.h> 3070#include <sys/statvfs.h>], 3071[struct fsid_t t; t.val[0] = 0;], 3072 [ AC_MSG_RESULT(yes) 3073 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ], 3074 [ AC_MSG_RESULT(no) ] 3075) 3076 3077AC_CACHE_CHECK([for msg_control field in struct msghdr], 3078 ac_cv_have_control_in_msghdr, [ 3079 AC_COMPILE_IFELSE( 3080 [ 3081#include <sys/types.h> 3082#include <sys/socket.h> 3083#include <sys/uio.h> 3084int main() { 3085#ifdef msg_control 3086#error "msg_control is a macro" 3087exit(1); 3088#endif 3089struct msghdr m; 3090m.msg_control = 0; 3091exit(0); 3092} 3093 ], 3094 [ ac_cv_have_control_in_msghdr="yes" ], 3095 [ ac_cv_have_control_in_msghdr="no" ] 3096 ) 3097]) 3098if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 3099 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 3100 [Define if your system uses ancillary data style 3101 file descriptor passing]) 3102fi 3103 3104AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 3105 AC_TRY_LINK([], 3106 [ extern char __progname; printf("%s", __progname); ], 3107* [ ac_cv_libc_defines___progname="yes" ], 3108 [ ac_cv_libc_defines___progname="no" ] 3109 ) 3110]) 3111if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 3112 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 3113fi 3114 3115AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 3116 AC_TRY_LINK([ 3117#include <stdio.h> 3118], 3119 [ printf("%s", __FUNCTION__); ], 3120 [ ac_cv_cc_implements___FUNCTION__="yes" ], 3121 [ ac_cv_cc_implements___FUNCTION__="no" ] 3122 ) 3123]) 3124if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 3125 AC_DEFINE(HAVE___FUNCTION__, 1, 3126 [Define if compiler implements __FUNCTION__]) 3127fi 3128 3129AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 3130 AC_TRY_LINK([ 3131#include <stdio.h> 3132], 3133 [ printf("%s", __func__); ], 3134 [ ac_cv_cc_implements___func__="yes" ], 3135 [ ac_cv_cc_implements___func__="no" ] 3136 ) 3137]) 3138if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 3139 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 3140fi 3141 3142AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 3143 AC_TRY_LINK( 3144 [#include <stdarg.h> 3145 va_list x,y;], 3146 [va_copy(x,y);], 3147 [ ac_cv_have_va_copy="yes" ], 3148 [ ac_cv_have_va_copy="no" ] 3149 ) 3150]) 3151if test "x$ac_cv_have_va_copy" = "xyes" ; then 3152 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 3153fi 3154 3155AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3156 AC_TRY_LINK( 3157 [#include <stdarg.h> 3158 va_list x,y;], 3159 [__va_copy(x,y);], 3160 [ ac_cv_have___va_copy="yes" ], 3161 [ ac_cv_have___va_copy="no" ] 3162 ) 3163]) 3164if test "x$ac_cv_have___va_copy" = "xyes" ; then 3165 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 3166fi 3167 3168AC_CACHE_CHECK([whether getopt has optreset support], 3169 ac_cv_have_getopt_optreset, [ 3170 AC_TRY_LINK( 3171 [ 3172#include <getopt.h> 3173 ], 3174 [ extern int optreset; optreset = 0; ], 3175 [ ac_cv_have_getopt_optreset="yes" ], 3176 [ ac_cv_have_getopt_optreset="no" ] 3177 ) 3178]) 3179if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3180 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 3181 [Define if your getopt(3) defines and uses optreset]) 3182fi 3183 3184AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3185 AC_TRY_LINK([], 3186 [ extern const char const sys_errlist[]; printf("%s", sys_errlist[0]);], 3187* [ ac_cv_libc_defines_sys_errlist="yes" ], 3188 [ ac_cv_libc_defines_sys_errlist="no" ] 3189 ) 3190]) 3191if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3192 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 3193 [Define if your system defines sys_errlist[]]) 3194fi 3195 3196 3197AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3198 AC_TRY_LINK([], 3199 [ extern int sys_nerr; printf("%i", sys_nerr);], 3200 [ ac_cv_libc_defines_sys_nerr="yes" ], 3201 [ ac_cv_libc_defines_sys_nerr="no" ] 3202 ) 3203]) 3204if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3205 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 3206fi 3207 3208SCARD_MSG="no" 3209# Check whether user wants sectok support 3210AC_ARG_WITH(sectok, 3211 [ --with-sectok Enable smartcard support using libsectok], 3212 [ 3213 if test "x$withval" != "xno" ; then 3214 if test "x$withval" != "xyes" ; then 3215 CPPFLAGS="$CPPFLAGS -I${withval}" 3216 LDFLAGS="$LDFLAGS -L${withval}" 3217 if test ! -z "$need_dash_r" ; then 3218 LDFLAGS="$LDFLAGS -R${withval}" 3219 fi 3220 if test ! -z "$blibpath" ; then 3221 blibpath="$blibpath:${withval}" 3222 fi 3223 fi 3224 AC_CHECK_HEADERS(sectok.h) 3225 if test "$ac_cv_header_sectok_h" != yes; then 3226 AC_MSG_ERROR(Can't find sectok.h) 3227 fi 3228 AC_CHECK_LIB(sectok, sectok_open) 3229 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 3230 AC_MSG_ERROR(Can't find libsectok) 3231 fi 3232 AC_DEFINE(SMARTCARD, 1, 3233 [Define if you want smartcard support]) 3234 AC_DEFINE(USE_SECTOK, 1, 3235 [Define if you want smartcard support 3236 using sectok]) 3237 SCARD_MSG="yes, using sectok" 3238 fi 3239 ] 3240) 3241 3242# Check whether user wants OpenSC support 3243OPENSC_CONFIG="no" 3244AC_ARG_WITH(opensc, 3245 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 3246 [ 3247 if test "x$withval" != "xno" ; then 3248 if test "x$withval" != "xyes" ; then 3249 OPENSC_CONFIG=$withval/bin/opensc-config 3250 else 3251 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 3252 fi 3253 if test "$OPENSC_CONFIG" != "no"; then 3254 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 3255 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 3256 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 3257 LIBS="$LIBS $LIBOPENSC_LIBS" 3258 AC_DEFINE(SMARTCARD) 3259 AC_DEFINE(USE_OPENSC, 1, 3260 [Define if you want smartcard support 3261 using OpenSC]) 3262 SCARD_MSG="yes, using OpenSC" 3263 fi 3264 fi 3265 ] 3266) 3267 3268# Check libraries needed by DNS fingerprint support 3269AC_SEARCH_LIBS(getrrsetbyname, resolv, 3270 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 3271 [Define if getrrsetbyname() exists])], 3272 [ 3273 # Needed by our getrrsetbyname() 3274 AC_SEARCH_LIBS(res_query, resolv) 3275 AC_SEARCH_LIBS(dn_expand, resolv) 3276 AC_MSG_CHECKING(if res_query will link) 3277 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 3278 [AC_MSG_RESULT(no) 3279 saved_LIBS="$LIBS" 3280 LIBS="$LIBS -lresolv" 3281 AC_MSG_CHECKING(for res_query in -lresolv) 3282 AC_LINK_IFELSE([ 3283#include <resolv.h> 3284int main() 3285{ 3286 res_query (0, 0, 0, 0, 0); 3287 return 0; 3288} 3289 ], 3290 [LIBS="$LIBS -lresolv" 3291 AC_MSG_RESULT(yes)], 3292 [LIBS="$saved_LIBS" 3293 AC_MSG_RESULT(no)]) 3294 ]) 3295 AC_CHECK_FUNCS(_getshort _getlong) 3296 AC_CHECK_DECLS([_getshort, _getlong], , , 3297 [#include <sys/types.h> 3298 #include <arpa/nameser.h>]) 3299 AC_CHECK_MEMBER(HEADER.ad, 3300 [AC_DEFINE(HAVE_HEADER_AD, 1, 3301 [Define if HEADER.ad exists in arpa/nameser.h])],, 3302 [#include <arpa/nameser.h>]) 3303 ]) 3304 3305AC_MSG_CHECKING(if struct __res_state _res is an extern) 3306AC_LINK_IFELSE([ 3307#include <stdio.h> 3308#if HAVE_SYS_TYPES_H 3309# include <sys/types.h> 3310#endif 3311#include <netinet/in.h> 3312#include <arpa/nameser.h> 3313#include <resolv.h> 3314extern struct __res_state _res; 3315int main() { return 0; } 3316 ], 3317 [AC_MSG_RESULT(yes) 3318 AC_DEFINE(HAVE__RES_EXTERN, 1, 3319 [Define if you have struct __res_state _res as an extern]) 3320 ], 3321 [ AC_MSG_RESULT(no) ] 3322) 3323 3324# Check whether user wants SELinux support 3325SELINUX_MSG="no" 3326LIBSELINUX="" 3327AC_ARG_WITH(selinux, 3328 [ --with-selinux Enable SELinux support], 3329 [ if test "x$withval" != "xno" ; then 3330 save_LIBS="$LIBS" 3331 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) 3332 SELINUX_MSG="yes" 3333 AC_CHECK_HEADER([selinux/selinux.h], , 3334 AC_MSG_ERROR(SELinux support requires selinux.h header)) 3335 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], 3336 AC_MSG_ERROR(SELinux support requires libselinux library)) 3337 SSHDLIBS="$SSHDLIBS $LIBSELINUX" 3338 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) 3339 LIBS="$save_LIBS" 3340 fi ] 3341) 3342 3343# Check whether user wants Kerberos 5 support 3344KRB5_MSG="no" 3345AC_ARG_WITH(kerberos5, 3346 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3347 [ if test "x$withval" != "xno" ; then 3348 if test "x$withval" = "xyes" ; then 3349 KRB5ROOT="/usr/local" 3350 else 3351 KRB5ROOT=${withval} 3352 fi 3353 3354 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3355 KRB5_MSG="yes" 3356 3357 AC_MSG_CHECKING(for krb5-config) 3358 if test -x $KRB5ROOT/bin/krb5-config ; then 3359 KRB5CONF=$KRB5ROOT/bin/krb5-config 3360 AC_MSG_RESULT($KRB5CONF) 3361 3362 AC_MSG_CHECKING(for gssapi support) 3363 if $KRB5CONF \| grep gssapi >/dev/null ; then 3364 AC_MSG_RESULT(yes) 3365 AC_DEFINE(GSSAPI, 1, 3366 [Define this if you want GSSAPI 3367 support in the version 2 protocol]) 3368 k5confopts=gssapi 3369 else 3370 AC_MSG_RESULT(no) 3371 k5confopts="" 3372 fi 3373 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3374 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3375 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3376 AC_MSG_CHECKING(whether we are using Heimdal) 3377 AC_TRY_COMPILE([ #include <krb5.h> ], 3378 [ char tmp = heimdal_version; ], 3379* [ AC_MSG_RESULT(yes) 3380 AC_DEFINE(HEIMDAL, 1, 3381 [Define this if you are using the 3382 Heimdal version of Kerberos V5]) ], 3383 AC_MSG_RESULT(no) 3384 ) 3385 else 3386 AC_MSG_RESULT(no) 3387 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3388 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3389 AC_MSG_CHECKING(whether we are using Heimdal) 3390 AC_TRY_COMPILE([ #include <krb5.h> ], 3391 [ char tmp = heimdal_version; ], 3392* [ AC_MSG_RESULT(yes) 3393 AC_DEFINE(HEIMDAL) 3394 K5LIBS="-lkrb5 -ldes" 3395 K5LIBS="$K5LIBS -lcom_err -lasn1" 3396 AC_CHECK_LIB(roken, net_write, 3397 [K5LIBS="$K5LIBS -lroken"]) 3398 ], 3399 [ AC_MSG_RESULT(no) 3400 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3401 ] 3402 ) 3403 AC_SEARCH_LIBS(dn_expand, resolv) 3404 3405 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context, 3406 [ AC_DEFINE(GSSAPI) 3407 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3408 [ AC_CHECK_LIB(gssapi, gss_init_sec_context, 3409 [ AC_DEFINE(GSSAPI) 3410 K5LIBS="-lgssapi $K5LIBS" ], 3411 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3412 $K5LIBS) 3413 ], 3414 $K5LIBS) 3415 3416 AC_CHECK_HEADER(gssapi.h, , 3417 [ unset ac_cv_header_gssapi_h 3418 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3419 AC_CHECK_HEADERS(gssapi.h, , 3420 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3421 ) 3422 ] 3423 ) 3424 3425 oldCPP="$CPPFLAGS" 3426 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3427 AC_CHECK_HEADER(gssapi_krb5.h, , 3428 [ CPPFLAGS="$oldCPP" ]) 3429 3430 fi 3431 if test ! -z "$need_dash_r" ; then 3432 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3433 fi 3434 if test ! -z "$blibpath" ; then 3435 blibpath="$blibpath:${KRB5ROOT}/lib" 3436 fi 3437 3438 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3439 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3440 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3441 3442 LIBS="$LIBS $K5LIBS" 3443 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3444 [Define this if you want to use libkafs' AFS support])) 3445 fi 3446 ] 3447) 3448 3449# Looking for programs, paths and files 3450 3451PRIVSEP_PATH=/var/empty 3452AC_ARG_WITH(privsep-path, 3453 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3454 [ 3455 if test -n "$withval" && test "x$withval" != "xno" && \ 3456 test "x${withval}" != "xyes"; then 3457 PRIVSEP_PATH=$withval 3458 fi 3459 ] 3460) 3461AC_SUBST(PRIVSEP_PATH) 3462 3463AC_ARG_WITH(xauth, 3464 [ --with-xauth=PATH Specify path to xauth program ], 3465 [ 3466 if test -n "$withval" && test "x$withval" != "xno" && \ 3467 test "x${withval}" != "xyes"; then 3468 xauth_path=$withval 3469 fi 3470 ], 3471 [ 3472 TestPath="$PATH" 3473 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3474 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3475 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3476 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3477 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3478 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3479 xauth_path="/usr/openwin/bin/xauth" 3480 fi 3481 ] 3482) 3483 3484STRIP_OPT=-s 3485AC_ARG_ENABLE(strip, 3486 [ --disable-strip Disable calling strip(1) on install], 3487 [ 3488 if test "x$enableval" = "xno" ; then 3489 STRIP_OPT= 3490 fi 3491 ] 3492) 3493AC_SUBST(STRIP_OPT) 3494 3495if test -z "$xauth_path" ; then 3496 XAUTH_PATH="undefined" 3497 AC_SUBST(XAUTH_PATH) 3498else 3499 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3500 [Define if xauth is found in your path]) 3501 XAUTH_PATH=$xauth_path 3502 AC_SUBST(XAUTH_PATH) 3503fi 3504 3505# Check for mail directory (last resort if we cannot get it from headers) 3506if test ! -z "$MAIL" ; then 3507 maildir=`dirname $MAIL` 3508 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3509 [Set this to your mail directory if you don't have maillock.h]) 3510fi 3511 3512if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3513 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3514 disable_ptmx_check=yes 3515fi 3516if test -z "$no_dev_ptmx" ; then 3517 if test "x$disable_ptmx_check" != "xyes" ; then 3518 AC_CHECK_FILE("/dev/ptmx", 3519 [ 3520 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3521 [Define if you have /dev/ptmx]) 3522 have_dev_ptmx=1 3523 ] 3524 ) 3525 fi 3526fi 3527 3528if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3529 AC_CHECK_FILE("/dev/ptc", 3530 [ 3531 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3532 [Define if you have /dev/ptc]) 3533 have_dev_ptc=1 3534 ] 3535 ) 3536else 3537 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3538fi 3539 3540# Options from here on. Some of these are preset by platform above 3541AC_ARG_WITH(mantype, 3542 [ --with-mantype=man\|cat\|doc Set man page type], 3543 [ 3544 case "$withval" in 3545 man\|cat\|doc) 3546 MANTYPE=$withval 3547 ;; 3548 ) 3549* AC_MSG_ERROR(invalid man type: $withval) 3550 ;; 3551 esac 3552 ] 3553) 3554if test -z "$MANTYPE"; then 3555 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3556 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3557 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3558 MANTYPE=doc 3559 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3560 MANTYPE=man 3561 else 3562 MANTYPE=cat 3563 fi 3564fi 3565AC_SUBST(MANTYPE) 3566if test "$MANTYPE" = "doc"; then 3567 mansubdir=man; 3568else 3569 mansubdir=$MANTYPE; 3570fi 3571AC_SUBST(mansubdir) 3572 3573# Check whether to enable MD5 passwords 3574MD5_MSG="no" 3575AC_ARG_WITH(md5-passwords, 3576 [ --with-md5-passwords Enable use of MD5 passwords], 3577 [ 3578 if test "x$withval" != "xno" ; then 3579 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3580 [Define if you want to allow MD5 passwords]) 3581 MD5_MSG="yes" 3582 fi 3583 ] 3584) 3585 3586# Whether to disable shadow password support 3587AC_ARG_WITH(shadow, 3588 [ --without-shadow Disable shadow password support], 3589 [ 3590 if test "x$withval" = "xno" ; then 3591 AC_DEFINE(DISABLE_SHADOW) 3592 disable_shadow=yes 3593 fi 3594 ] 3595) 3596 3597if test -z "$disable_shadow" ; then 3598 AC_MSG_CHECKING([if the systems has expire shadow information]) 3599 AC_TRY_COMPILE( 3600 [ 3601#include <sys/types.h> 3602#include <shadow.h> 3603 struct spwd sp; 3604 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3605 [ sp_expire_available=yes ], [] 3606 ) 3607 3608 if test "x$sp_expire_available" = "xyes" ; then 3609 AC_MSG_RESULT(yes) 3610 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3611 [Define if you want to use shadow password expire field]) 3612 else 3613 AC_MSG_RESULT(no) 3614 fi 3615fi 3616 3617# Use ip address instead of hostname in $DISPLAY 3618if test ! -z "$IPADDR_IN_DISPLAY" ; then 3619 DISPLAY_HACK_MSG="yes" 3620 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3621 [Define if you need to use IP address 3622 instead of hostname in $DISPLAY]) 3623else 3624 DISPLAY_HACK_MSG="no" 3625 AC_ARG_WITH(ipaddr-display, 3626 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3627 [ 3628 if test "x$withval" != "xno" ; then 3629 AC_DEFINE(IPADDR_IN_DISPLAY) 3630 DISPLAY_HACK_MSG="yes" 3631 fi 3632 ] 3633 ) 3634fi 3635 3636# check for /etc/default/login and use it if present. 3637AC_ARG_ENABLE(etc-default-login, 3638 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3639 [ if test "x$enableval" = "xno"; then 3640 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3641 etc_default_login=no 3642 else 3643 etc_default_login=yes 3644 fi ], 3645 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3646 then 3647 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3648 etc_default_login=no 3649 else 3650 etc_default_login=yes 3651 fi ] 3652) 3653 3654if test "x$etc_default_login" != "xno"; then 3655 AC_CHECK_FILE("/etc/default/login", 3656 [ external_path_file=/etc/default/login ]) 3657 if test "x$external_path_file" = "x/etc/default/login"; then 3658 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3659 [Define if your system has /etc/default/login]) 3660 fi 3661fi 3662 3663dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3664if test $ac_cv_func_login_getcapbool = "yes" && \ 3665 test $ac_cv_header_login_cap_h = "yes" ; then 3666 external_path_file=/etc/login.conf 3667fi 3668 3669# Whether to mess with the default path 3670SERVER_PATH_MSG="(default)" 3671AC_ARG_WITH(default-path, 3672 [ --with-default-path= Specify default \$PATH environment for server], 3673 [ 3674 if test "x$external_path_file" = "x/etc/login.conf" ; then 3675 AC_MSG_WARN([ 3676--with-default-path=PATH has no effect on this system. 3677Edit /etc/login.conf instead.]) 3678 elif test "x$withval" != "xno" ; then 3679 if test ! -z "$external_path_file" ; then 3680 AC_MSG_WARN([ 3681--with-default-path=PATH will only be used if PATH is not defined in 3682$external_path_file .]) 3683 fi 3684 user_path="$withval" 3685 SERVER_PATH_MSG="$withval" 3686 fi 3687 ], 3688 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3689 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3690 else 3691 if test ! -z "$external_path_file" ; then 3692 AC_MSG_WARN([ 3693If PATH is defined in $external_path_file, ensure the path to scp is included, 3694otherwise scp will not work.]) 3695 fi 3696 AC_RUN_IFELSE( 3697 [AC_LANG_SOURCE([[ 3698/* find out what STDPATH is / 3699#include <stdio.h> 3700#ifdef HAVE_PATHS_H 3701# include <paths.h> 3702#endif 3703#ifndef _PATH_STDPATH 3704# ifdef _PATH_USERPATH / Irix / 3705# define _PATH_STDPATH _PATH_USERPATH 3706# else 3707# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3708# endif 3709#endif 3710#include <sys/types.h> 3711#include <sys/stat.h> 3712#include <fcntl.h> 3713#define DATA "conftest.stdpath" 3714* 3715main() 3716{ 3717 FILE fd; 3718* int rc; 3719 3720 fd = fopen(DATA,"w"); 3721 if(fd == NULL) 3722 exit(1); 3723 3724 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3725 exit(1); 3726 3727 exit(0); 3728} 3729 ]])], 3730 [ user_path=`cat conftest.stdpath` ], 3731 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3732 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3733 ) 3734# make sure $bindir is in USER_PATH so scp will work 3735 t_bindir=`eval echo ${bindir}` 3736 case $t_bindir in 3737 NONE/) t_bindir=`echo $t_bindir \| sed "s~NONE~$prefix~"` ;; 3738* esac 3739 case $t_bindir in 3740 NONE/) t_bindir=`echo $t_bindir \| sed "s~NONE~$ac_default_prefix~"` ;; 3741* esac 3742 echo $user_path \| grep ":$t_bindir" > /dev/null 2>&1 3743 if test $? -ne 0 ; then 3744 echo $user_path \| grep "^$t_bindir" > /dev/null 2>&1 3745 if test $? -ne 0 ; then 3746 user_path=$user_path:$t_bindir 3747 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3748 fi 3749 fi 3750 fi ] 3751) 3752if test "x$external_path_file" != "x/etc/login.conf" ; then 3753 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3754 AC_SUBST(user_path) 3755fi 3756 3757# Set superuser path separately to user path 3758AC_ARG_WITH(superuser-path, 3759 [ --with-superuser-path= Specify different path for super-user], 3760 [ 3761 if test -n "$withval" && test "x$withval" != "xno" && \ 3762 test "x${withval}" != "xyes"; then 3763 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3764 [Define if you want a different $PATH 3765 for the superuser]) 3766 superuser_path=$withval 3767 fi 3768 ] 3769) 3770 3771 3772AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3773IPV4_IN6_HACK_MSG="no" 3774AC_ARG_WITH(4in6, 3775 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3776 [ 3777 if test "x$withval" != "xno" ; then 3778 AC_MSG_RESULT(yes) 3779 AC_DEFINE(IPV4_IN_IPV6, 1, 3780 [Detect IPv4 in IPv6 mapped addresses 3781 and treat as IPv4]) 3782 IPV4_IN6_HACK_MSG="yes" 3783 else 3784 AC_MSG_RESULT(no) 3785 fi 3786 ],[ 3787 if test "x$inet6_default_4in6" = "xyes"; then 3788 AC_MSG_RESULT([yes (default)]) 3789 AC_DEFINE(IPV4_IN_IPV6) 3790 IPV4_IN6_HACK_MSG="yes" 3791 else 3792 AC_MSG_RESULT([no (default)]) 3793 fi 3794 ] 3795) 3796 3797# Whether to enable BSD auth support 3798BSD_AUTH_MSG=no 3799AC_ARG_WITH(bsd-auth, 3800 [ --with-bsd-auth Enable BSD auth support], 3801 [ 3802 if test "x$withval" != "xno" ; then 3803 AC_DEFINE(BSD_AUTH, 1, 3804 [Define if you have BSD auth support]) 3805 BSD_AUTH_MSG=yes 3806 fi 3807 ] 3808) 3809 3810# Where to place sshd.pid 3811piddir=/var/run 3812# make sure the directory exists 3813if test ! -d $piddir ; then 3814 piddir=`eval echo ${sysconfdir}` 3815 case $piddir in 3816 NONE/) piddir=`echo $piddir \| sed "s~NONE~$ac_default_prefix~"` ;; 3817* esac 3818fi 3819 3820AC_ARG_WITH(pid-dir, 3821 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3822 [ 3823 if test -n "$withval" && test "x$withval" != "xno" && \ 3824 test "x${withval}" != "xyes"; then 3825 piddir=$withval 3826 if test ! -d $piddir ; then 3827 AC_MSG_WARN([ no $piddir directory on this system ]) 3828 fi 3829 fi 3830 ] 3831) 3832 3833AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 3834AC_SUBST(piddir) 3835 3836dnl allow user to disable some login recording features 3837AC_ARG_ENABLE(lastlog, 3838 [ --disable-lastlog disable use of lastlog even if detected [no]], 3839 [ 3840 if test "x$enableval" = "xno" ; then 3841 AC_DEFINE(DISABLE_LASTLOG) 3842 fi 3843 ] 3844) 3845AC_ARG_ENABLE(utmp, 3846 [ --disable-utmp disable use of utmp even if detected [no]], 3847 [ 3848 if test "x$enableval" = "xno" ; then 3849 AC_DEFINE(DISABLE_UTMP) 3850 fi 3851 ] 3852) 3853AC_ARG_ENABLE(utmpx, 3854 [ --disable-utmpx disable use of utmpx even if detected [no]], 3855 [ 3856 if test "x$enableval" = "xno" ; then 3857 AC_DEFINE(DISABLE_UTMPX, 1, 3858 [Define if you don't want to use utmpx]) 3859 fi 3860 ] 3861) 3862AC_ARG_ENABLE(wtmp, 3863 [ --disable-wtmp disable use of wtmp even if detected [no]], 3864 [ 3865 if test "x$enableval" = "xno" ; then 3866 AC_DEFINE(DISABLE_WTMP) 3867 fi 3868 ] 3869) 3870AC_ARG_ENABLE(wtmpx, 3871 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3872 [ 3873 if test "x$enableval" = "xno" ; then 3874 AC_DEFINE(DISABLE_WTMPX, 1, 3875 [Define if you don't want to use wtmpx]) 3876 fi 3877 ] 3878) 3879AC_ARG_ENABLE(libutil, 3880 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3881 [ 3882 if test "x$enableval" = "xno" ; then 3883 AC_DEFINE(DISABLE_LOGIN) 3884 fi 3885 ] 3886) 3887AC_ARG_ENABLE(pututline, 3888 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3889 [ 3890 if test "x$enableval" = "xno" ; then 3891 AC_DEFINE(DISABLE_PUTUTLINE, 1, 3892 [Define if you don't want to use pututline() 3893 etc. to write [uw]tmp]) 3894 fi 3895 ] 3896) 3897AC_ARG_ENABLE(pututxline, 3898 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3899 [ 3900 if test "x$enableval" = "xno" ; then 3901 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 3902 [Define if you don't want to use pututxline() 3903 etc. to write [uw]tmpx]) 3904 fi 3905 ] 3906) 3907AC_ARG_WITH(lastlog, 3908 [ --with-lastlog=FILE\|DIR specify lastlog location [common locations]], 3909 [ 3910 if test "x$withval" = "xno" ; then 3911 AC_DEFINE(DISABLE_LASTLOG) 3912 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3913 conf_lastlog_location=$withval 3914 fi 3915 ] 3916) 3917 3918dnl lastlog, [uw]tmpx? detection 3919dnl NOTE: set the paths in the platform section to avoid the 3920dnl need for command-line parameters 3921dnl lastlog and [uw]tmp are subject to a file search if all else fails 3922 3923dnl lastlog detection 3924dnl NOTE: the code itself will detect if lastlog is a directory 3925AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3926AC_TRY_COMPILE([ 3927#include <sys/types.h> 3928#include <utmp.h> 3929#ifdef HAVE_LASTLOG_H 3930# include <lastlog.h> 3931#endif 3932#ifdef HAVE_PATHS_H 3933# include <paths.h> 3934#endif 3935#ifdef HAVE_LOGIN_H 3936# include <login.h> 3937#endif 3938 ], 3939 [ char lastlog = LASTLOG_FILE; ], 3940* [ AC_MSG_RESULT(yes) ], 3941 [ 3942 AC_MSG_RESULT(no) 3943 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3944 AC_TRY_COMPILE([ 3945#include <sys/types.h> 3946#include <utmp.h> 3947#ifdef HAVE_LASTLOG_H 3948# include <lastlog.h> 3949#endif 3950#ifdef HAVE_PATHS_H 3951# include <paths.h> 3952#endif 3953 ], 3954 [ char lastlog = _PATH_LASTLOG; ], 3955* [ AC_MSG_RESULT(yes) ], 3956 [ 3957 AC_MSG_RESULT(no) 3958 system_lastlog_path=no 3959 ]) 3960 ] 3961) 3962 3963if test -z "$conf_lastlog_location"; then 3964 if test x"$system_lastlog_path" = x"no" ; then 3965 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3966 if (test -d "$f" \|\| test -f "$f") ; then 3967 conf_lastlog_location=$f 3968 fi 3969 done 3970 if test -z "$conf_lastlog_location"; then 3971 AC_MSG_WARN([ Cannot find lastlog ]) 3972 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3973 fi 3974 fi 3975fi 3976 3977if test -n "$conf_lastlog_location"; then 3978 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 3979 [Define if you want to specify the path to your lastlog file]) 3980fi 3981 3982dnl utmp detection 3983AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3984AC_TRY_COMPILE([ 3985#include <sys/types.h> 3986#include <utmp.h> 3987#ifdef HAVE_PATHS_H 3988# include <paths.h> 3989#endif 3990 ], 3991 [ char utmp = UTMP_FILE; ], 3992* [ AC_MSG_RESULT(yes) ], 3993 [ AC_MSG_RESULT(no) 3994 system_utmp_path=no ] 3995) 3996if test -z "$conf_utmp_location"; then 3997 if test x"$system_utmp_path" = x"no" ; then 3998 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3999 if test -f $f ; then 4000 conf_utmp_location=$f 4001 fi 4002 done 4003 if test -z "$conf_utmp_location"; then 4004 AC_DEFINE(DISABLE_UTMP) 4005 fi 4006 fi 4007fi 4008if test -n "$conf_utmp_location"; then 4009 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 4010 [Define if you want to specify the path to your utmp file]) 4011fi 4012 4013dnl wtmp detection 4014AC_MSG_CHECKING([if your system defines WTMP_FILE]) 4015AC_TRY_COMPILE([ 4016#include <sys/types.h> 4017#include <utmp.h> 4018#ifdef HAVE_PATHS_H 4019# include <paths.h> 4020#endif 4021 ], 4022 [ char wtmp = WTMP_FILE; ], 4023* [ AC_MSG_RESULT(yes) ], 4024 [ AC_MSG_RESULT(no) 4025 system_wtmp_path=no ] 4026) 4027if test -z "$conf_wtmp_location"; then 4028 if test x"$system_wtmp_path" = x"no" ; then 4029 for f in /usr/adm/wtmp /var/log/wtmp; do 4030 if test -f $f ; then 4031 conf_wtmp_location=$f 4032 fi 4033 done 4034 if test -z "$conf_wtmp_location"; then 4035 AC_DEFINE(DISABLE_WTMP) 4036 fi 4037 fi 4038fi 4039if test -n "$conf_wtmp_location"; then 4040 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 4041 [Define if you want to specify the path to your wtmp file]) 4042fi 4043 4044 4045dnl utmpx detection - I don't know any system so perverse as to require 4046dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 4047dnl there, though. 4048AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 4049AC_TRY_COMPILE([ 4050#include <sys/types.h> 4051#include <utmp.h> 4052#ifdef HAVE_UTMPX_H 4053#include <utmpx.h> 4054#endif 4055#ifdef HAVE_PATHS_H 4056# include <paths.h> 4057#endif 4058 ], 4059 [ char utmpx = UTMPX_FILE; ], 4060* [ AC_MSG_RESULT(yes) ], 4061 [ AC_MSG_RESULT(no) 4062 system_utmpx_path=no ] 4063) 4064if test -z "$conf_utmpx_location"; then 4065 if test x"$system_utmpx_path" = x"no" ; then 4066 AC_DEFINE(DISABLE_UTMPX) 4067 fi 4068else 4069 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", 4070 [Define if you want to specify the path to your utmpx file]) 4071fi 4072 4073dnl wtmpx detection 4074AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 4075AC_TRY_COMPILE([ 4076#include <sys/types.h> 4077#include <utmp.h> 4078#ifdef HAVE_UTMPX_H 4079#include <utmpx.h> 4080#endif 4081#ifdef HAVE_PATHS_H 4082# include <paths.h> 4083#endif 4084 ], 4085 [ char wtmpx = WTMPX_FILE; ], 4086* [ AC_MSG_RESULT(yes) ], 4087 [ AC_MSG_RESULT(no) 4088 system_wtmpx_path=no ] 4089) 4090if test -z "$conf_wtmpx_location"; then 4091 if test x"$system_wtmpx_path" = x"no" ; then 4092 AC_DEFINE(DISABLE_WTMPX) 4093 fi 4094else 4095 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 4096 [Define if you want to specify the path to your wtmpx file]) 4097fi 4098 4099 4100if test ! -z "$blibpath" ; then 4101 LDFLAGS="$LDFLAGS $blibflags$blibpath" 4102 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 4103fi 4104 4105dnl Adding -Werror to CFLAGS early prevents configure tests from running. 4106dnl Add now. 4107CFLAGS="$CFLAGS $werror_flags" 4108 4109if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null \|\| \ 4110 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then 4111 AC_SUBST(TEST_SSH_IPV6, no) 4112else 4113 AC_SUBST(TEST_SSH_IPV6, yes) 4114fi 4115 4116AC_EXEEXT 4117AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 4118 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 4119 scard/Makefile ssh_prng_cmds survey.sh]) 4120AC_OUTPUT 4121 4122# Print summary of options 4123 4124# Someone please show me a better way :) 4125A=`eval echo ${prefix}` ; A=`eval echo ${A}` 4126B=`eval echo ${bindir}` ; B=`eval echo ${B}` 4127C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 4128D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 4129E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 4130F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 4131G=`eval echo ${piddir}` ; G=`eval echo ${G}` 4132H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 4133I=`eval echo ${user_path}` ; I=`eval echo ${I}` 4134J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 4135 4136echo "" 4137echo "OpenSSH has been configured with the following options:" 4138echo " User binaries: $B" 4139echo " System binaries: $C" 4140echo " Configuration files: $D" 4141echo " Askpass program: $E" 4142echo " Manual pages: $F" 4143echo " PID file: $G" 4144echo " Privilege separation chroot path: $H" 4145if test "x$external_path_file" = "x/etc/login.conf" ; then 4146echo " At runtime, sshd will use the path defined in $external_path_file" 4147echo " Make sure the path to scp is present, otherwise scp will not work" 4148else 4149echo " sshd default user PATH: $I" 4150 if test ! -z "$external_path_file"; then 4151echo " (If PATH is set in $external_path_file it will be used instead. If" 4152echo " used, ensure the path to scp is present, otherwise scp will not work.)" 4153 fi 4154fi 4155if test ! -z "$superuser_path" ; then 4156echo " sshd superuser user PATH: $J" 4157fi 4158echo " Manpage format: $MANTYPE" 4159echo " PAM support: $PAM_MSG" 4160echo " OSF SIA support: $SIA_MSG" 4161echo " KerberosV support: $KRB5_MSG" 4162echo " SELinux support: $SELINUX_MSG" 4163echo " Smartcard support: $SCARD_MSG" 4164echo " S/KEY support: $SKEY_MSG" 4165echo " TCP Wrappers support: $TCPW_MSG" 4166echo " MD5 password support: $MD5_MSG" 4167echo " libedit support: $LIBEDIT_MSG" 4168echo " Solaris process contract support: $SPC_MSG" 4169echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4170echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4171echo " BSD Auth support: $BSD_AUTH_MSG" 4172echo " Random number source: $RAND_MSG" 4173if test ! -z "$USE_RAND_HELPER" ; then 4174echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 4175fi 4176 4177echo "" 4178 4179echo " Host: ${host}" 4180echo " Compiler: ${CC}" 4181echo " Compiler flags: ${CFLAGS}" 4182echo "Preprocessor flags: ${CPPFLAGS}" 4183echo " Linker flags: ${LDFLAGS}" 4184echo " Libraries: ${LIBS}" 4185if test ! -z "${SSHDLIBS}"; then 4186echo " +for sshd: ${SSHDLIBS}" 4187fi 4188 4189echo "" 4190 4191if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4192 echo "SVR4 style packages are supported with \"make package\"" 4193 echo "" 4194fi 4195 4196if test "x$PAM_MSG" = "xyes" ; then 4197 echo "PAM is enabled. You may need to install a PAM control file " 4198 echo "for sshd, otherwise password authentication may fail. " 4199 echo "Example PAM control files can be found in the contrib/ " 4200 echo "subdirectory" 4201 echo "" 4202fi 4203 4204if test ! -z "$RAND_HELPER_CMDHASH" ; then 4205 echo "WARNING: you are using the builtin random number collection " 4206 echo "service. Please read WARNING.RNG and request that your OS " 4207 echo "vendor includes kernel-based random number collection in " 4208 echo "future versions of your OS." 4209 echo "" 4210fi 4211 4212if test ! -z "$NO_PEERCHECK" ; then 4213 echo "WARNING: the operating system that you are using does not" 4214 echo "appear to support getpeereid(), getpeerucred() or the" 4215 echo "SO_PEERCRED getsockopt() option. These facilities are used to" 4216 echo "enforce security checks to prevent unauthorised connections to" 4217 echo "ssh-agent. Their absence increases the risk that a malicious" 4218 echo "user can connect to your agent." 4219 echo "" 4220fi 4221 4222if test "$AUDIT_MODULE" = "bsm" ; then 4223 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4224 echo "See the Solaris section in README.platform for details." 4225fi