1# $Id: configure.ac,v 1.409 2008/07/09 11:07:19 djm Exp $
|
1# $Id: configure.ac,v 1.415 2009/02/16 04:37:03 djm Exp $ |
2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
|
18AC_REVISION($Revision: 1.409 $)
|
18AC_REVISION($Revision: 1.415 $) |
19AC_CONFIG_SRCDIR([ssh.c]) 20 21AC_CONFIG_HEADER(config.h) 22AC_PROG_CC 23AC_CANONICAL_HOST 24AC_C_BIGENDIAN 25 26# Checks for programs. 27AC_PROG_AWK 28AC_PROG_CPP 29AC_PROG_RANLIB 30AC_PROG_INSTALL 31AC_PROG_EGREP 32AC_PATH_PROG(AR, ar) 33AC_PATH_PROG(CAT, cat) 34AC_PATH_PROG(KILL, kill) 35AC_PATH_PROGS(PERL, perl5 perl) 36AC_PATH_PROG(SED, sed) 37AC_SUBST(PERL) 38AC_PATH_PROG(ENT, ent) 39AC_SUBST(ENT) 40AC_PATH_PROG(TEST_MINUS_S_SH, bash) 41AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 42AC_PATH_PROG(TEST_MINUS_S_SH, sh) 43AC_PATH_PROG(SH, sh) 44AC_SUBST(TEST_SHELL,sh) 45 46dnl for buildpkg.sh 47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 48 [/usr/sbin${PATH_SEPARATOR}/etc]) 49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 50 [/usr/sbin${PATH_SEPARATOR}/etc]) 51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 52if test -x /sbin/sh; then 53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 54else 55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 56fi 57 58# System features 59AC_SYS_LARGEFILE 60 61if test -z "$AR" ; then 62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 63fi 64 65# Use LOGIN_PROGRAM from environment if possible 66if test ! -z "$LOGIN_PROGRAM" ; then 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 68 [If your header files don't define LOGIN_PROGRAM, 69 then use this (detected) from environment and PATH]) 70else 71 # Search for login 72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 75 fi 76fi 77 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 79if test ! -z "$PATH_PASSWD_PROG" ; then 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 81 [Full path of your "passwd" program]) 82fi 83 84if test -z "$LD" ; then 85 LD=$CC 86fi 87AC_SUBST(LD) 88 89AC_C_INLINE 90 91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 92 93use_stack_protector=1 94AC_ARG_WITH(stackprotect, 95 [ --without-stackprotect Don't use compiler's stack protection], [ 96 if test "x$withval" = "xno"; then 97 use_stack_protector=0 98 fi ]) 99 100if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 101 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 102 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 103 case $GCC_VER in 104 1.*) no_attrib_nonnull=1 ;; 105 2.8* | 2.9*) 106 CFLAGS="$CFLAGS -Wsign-compare" 107 no_attrib_nonnull=1 108 ;; 109 2.*) no_attrib_nonnull=1 ;; 110 3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;; 111 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;; 112 *) ;; 113 esac 114 115 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset) 116 saved_CFLAGS="$CFLAGS" 117 CFLAGS="$CFLAGS -fno-builtin-memset" 118 AC_LINK_IFELSE( [AC_LANG_SOURCE([[ 119#include <string.h> 120int main(void){char b[10]; memset(b, 0, sizeof(b));} 121 ]])], 122 [ AC_MSG_RESULT(yes) ], 123 [ AC_MSG_RESULT(no) 124 CFLAGS="$saved_CFLAGS" ] 125) 126 127 # -fstack-protector-all doesn't always work for some GCC versions 128 # and/or platforms, so we test if we can. If it's not supported
|
129 # on a give platform gcc will emit a warning so we use -Werror.
|
129 # on a given platform gcc will emit a warning so we use -Werror. |
130 if test "x$use_stack_protector" = "x1"; then 131 for t in -fstack-protector-all -fstack-protector; do 132 AC_MSG_CHECKING(if $CC supports $t) 133 saved_CFLAGS="$CFLAGS" 134 saved_LDFLAGS="$LDFLAGS" 135 CFLAGS="$CFLAGS $t -Werror" 136 LDFLAGS="$LDFLAGS $t -Werror" 137 AC_LINK_IFELSE( 138 [AC_LANG_SOURCE([
|
139#include <stdlib.h>
140int main(void){return 0;}
|
139#include <stdio.h> 140int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;} |
141 ])], 142 [ AC_MSG_RESULT(yes) 143 CFLAGS="$saved_CFLAGS $t" 144 LDFLAGS="$saved_LDFLAGS $t" 145 AC_MSG_CHECKING(if $t works) 146 AC_RUN_IFELSE( 147 [AC_LANG_SOURCE([
|
148#include <stdlib.h>
149int main(void){exit(0);}
|
148#include <stdio.h> 149int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;} |
150 ])], 151 [ AC_MSG_RESULT(yes) 152 break ], 153 [ AC_MSG_RESULT(no) ], 154 [ AC_MSG_WARN([cross compiling: cannot test]) 155 break ] 156 ) 157 ], 158 [ AC_MSG_RESULT(no) ] 159 ) 160 CFLAGS="$saved_CFLAGS" 161 LDFLAGS="$saved_LDFLAGS" 162 done 163 fi 164 165 if test -z "$have_llong_max"; then 166 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 167 unset ac_cv_have_decl_LLONG_MAX 168 saved_CFLAGS="$CFLAGS" 169 CFLAGS="$CFLAGS -std=gnu99" 170 AC_CHECK_DECL(LLONG_MAX, 171 [have_llong_max=1], 172 [CFLAGS="$saved_CFLAGS"], 173 [#include <limits.h>] 174 ) 175 fi 176fi 177 178if test "x$no_attrib_nonnull" != "x1" ; then 179 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull]) 180fi 181 182AC_ARG_WITH(rpath, 183 [ --without-rpath Disable auto-added -R linker paths], 184 [ 185 if test "x$withval" = "xno" ; then 186 need_dash_r="" 187 fi 188 if test "x$withval" = "xyes" ; then 189 need_dash_r=1 190 fi 191 ] 192) 193 194# Allow user to specify flags 195AC_ARG_WITH(cflags, 196 [ --with-cflags Specify additional flags to pass to compiler], 197 [ 198 if test -n "$withval" && test "x$withval" != "xno" && \ 199 test "x${withval}" != "xyes"; then 200 CFLAGS="$CFLAGS $withval" 201 fi 202 ] 203) 204AC_ARG_WITH(cppflags, 205 [ --with-cppflags Specify additional flags to pass to preprocessor] , 206 [ 207 if test -n "$withval" && test "x$withval" != "xno" && \ 208 test "x${withval}" != "xyes"; then 209 CPPFLAGS="$CPPFLAGS $withval" 210 fi 211 ] 212) 213AC_ARG_WITH(ldflags, 214 [ --with-ldflags Specify additional flags to pass to linker], 215 [ 216 if test -n "$withval" && test "x$withval" != "xno" && \ 217 test "x${withval}" != "xyes"; then 218 LDFLAGS="$LDFLAGS $withval" 219 fi 220 ] 221) 222AC_ARG_WITH(libs, 223 [ --with-libs Specify additional libraries to link with], 224 [ 225 if test -n "$withval" && test "x$withval" != "xno" && \ 226 test "x${withval}" != "xyes"; then 227 LIBS="$LIBS $withval" 228 fi 229 ] 230) 231AC_ARG_WITH(Werror, 232 [ --with-Werror Build main code with -Werror], 233 [ 234 if test -n "$withval" && test "x$withval" != "xno"; then 235 werror_flags="-Werror" 236 if test "x${withval}" != "xyes"; then 237 werror_flags="$withval" 238 fi 239 fi 240 ] 241) 242 243AC_CHECK_HEADERS( \ 244 bstring.h \ 245 crypt.h \ 246 crypto/sha2.h \ 247 dirent.h \ 248 endian.h \ 249 features.h \ 250 fcntl.h \ 251 floatingpoint.h \ 252 getopt.h \ 253 glob.h \ 254 ia.h \ 255 iaf.h \ 256 limits.h \ 257 login.h \ 258 maillock.h \ 259 ndir.h \ 260 net/if_tun.h \ 261 netdb.h \ 262 netgroup.h \ 263 pam/pam_appl.h \ 264 paths.h \ 265 poll.h \ 266 pty.h \ 267 readpassphrase.h \ 268 rpc/types.h \ 269 security/pam_appl.h \ 270 sha2.h \ 271 shadow.h \ 272 stddef.h \ 273 stdint.h \ 274 string.h \ 275 strings.h \ 276 sys/audit.h \ 277 sys/bitypes.h \ 278 sys/bsdtty.h \ 279 sys/cdefs.h \ 280 sys/dir.h \ 281 sys/mman.h \ 282 sys/mount.h \ 283 sys/ndir.h \ 284 sys/poll.h \ 285 sys/prctl.h \ 286 sys/pstat.h \ 287 sys/select.h \ 288 sys/stat.h \ 289 sys/stream.h \ 290 sys/stropts.h \ 291 sys/strtio.h \ 292 sys/statvfs.h \ 293 sys/sysmacros.h \ 294 sys/time.h \ 295 sys/timers.h \ 296 sys/un.h \ 297 time.h \ 298 tmpdir.h \ 299 ttyent.h \ 300 ucred.h \ 301 unistd.h \ 302 usersec.h \ 303 util.h \ 304 utime.h \ 305 utmp.h \ 306 utmpx.h \ 307 vis.h \ 308) 309 310# lastlog.h requires sys/time.h to be included first on Solaris 311AC_CHECK_HEADERS(lastlog.h, [], [], [ 312#ifdef HAVE_SYS_TIME_H 313# include <sys/time.h> 314#endif 315]) 316 317# sys/ptms.h requires sys/stream.h to be included first on Solaris 318AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 319#ifdef HAVE_SYS_STREAM_H 320# include <sys/stream.h> 321#endif 322]) 323 324# login_cap.h requires sys/types.h on NetBSD 325AC_CHECK_HEADERS(login_cap.h, [], [], [ 326#include <sys/types.h> 327]) 328 329# Messages for features tested for in target-specific section 330SIA_MSG="no" 331SPC_MSG="no" 332 333# Check for some target-specific stuff 334case "$host" in 335*-*-aix*) 336 # Some versions of VAC won't allow macro redefinitions at 337 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 338 # particularly with older versions of vac or xlc. 339 # It also throws errors about null macro argments, but these are 340 # not fatal. 341 AC_MSG_CHECKING(if compiler allows macro redefinitions) 342 AC_COMPILE_IFELSE( 343 [AC_LANG_SOURCE([[ 344#define testmacro foo 345#define testmacro bar 346int main(void) { exit(0); } 347 ]])], 348 [ AC_MSG_RESULT(yes) ], 349 [ AC_MSG_RESULT(no) 350 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 351 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" 352 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 353 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 354 ] 355 ) 356 357 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 358 if (test -z "$blibpath"); then 359 blibpath="/usr/lib:/lib" 360 fi 361 saved_LDFLAGS="$LDFLAGS" 362 if test "$GCC" = "yes"; then 363 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 364 else 365 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 366 fi 367 for tryflags in $flags ;do 368 if (test -z "$blibflags"); then 369 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 370 AC_TRY_LINK([], [], [blibflags=$tryflags]) 371 fi 372 done 373 if (test -z "$blibflags"); then 374 AC_MSG_RESULT(not found) 375 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 376 else 377 AC_MSG_RESULT($blibflags) 378 fi 379 LDFLAGS="$saved_LDFLAGS" 380 dnl Check for authenticate. Might be in libs.a on older AIXes 381 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 382 [Define if you want to enable AIX4's authenticate function])], 383 [AC_CHECK_LIB(s,authenticate, 384 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 385 LIBS="$LIBS -ls" 386 ]) 387 ]) 388 dnl Check for various auth function declarations in headers. 389 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 390 passwdexpired, setauthdb], , , [#include <usersec.h>]) 391 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 392 AC_CHECK_DECLS(loginfailed, 393 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 394 AC_TRY_COMPILE( 395 [#include <usersec.h>], 396 [(void)loginfailed("user","host","tty",0);], 397 [AC_MSG_RESULT(yes) 398 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 399 [Define if your AIX loginfailed() function 400 takes 4 arguments (AIX >= 5.2)])], 401 [AC_MSG_RESULT(no)] 402 )], 403 [], 404 [#include <usersec.h>] 405 ) 406 AC_CHECK_FUNCS(getgrset setauthdb) 407 AC_CHECK_DECL(F_CLOSEM, 408 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), 409 [], 410 [ #include <limits.h> 411 #include <fcntl.h> ] 412 ) 413 check_for_aix_broken_getaddrinfo=1 414 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 415 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 416 [Define if your platform breaks doing a seteuid before a setuid]) 417 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 418 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 419 dnl AIX handles lastlog as part of its login message 420 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 421 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 422 [Some systems need a utmpx entry for /bin/login to work]) 423 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 424 [Define to a Set Process Title type if your system is 425 supported by bsd-setproctitle.c]) 426 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 427 [AIX 5.2 and 5.3 (and presumably newer) require this]) 428 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) 429 ;; 430*-*-cygwin*) 431 check_for_libcrypt_later=1 432 LIBS="$LIBS /usr/lib/textreadmode.o" 433 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 434 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 435 AC_DEFINE(DISABLE_SHADOW, 1, 436 [Define if you want to disable shadow passwords]) 437 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 438 [Define if your system choked on IP TOS setting]) 439 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 440 [Define if X11 doesn't support AF_UNIX sockets on that system]) 441 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 442 [Define if the concept of ports only accessible to 443 superusers isn't known]) 444 AC_DEFINE(DISABLE_FD_PASSING, 1, 445 [Define if your platform needs to skip post auth 446 file descriptor passing]) 447 ;; 448*-*-dgux*) 449 AC_DEFINE(IP_TOS_IS_BROKEN) 450 AC_DEFINE(SETEUID_BREAKS_SETUID) 451 AC_DEFINE(BROKEN_SETREUID) 452 AC_DEFINE(BROKEN_SETREGID) 453 ;; 454*-*-darwin*) 455 AC_MSG_CHECKING(if we have working getaddrinfo) 456 AC_TRY_RUN([#include <mach-o/dyld.h> 457main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 458 exit(0); 459 else 460 exit(1); 461}], [AC_MSG_RESULT(working)], 462 [AC_MSG_RESULT(buggy) 463 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 464 [AC_MSG_RESULT(assume it is working)]) 465 AC_DEFINE(SETEUID_BREAKS_SETUID) 466 AC_DEFINE(BROKEN_SETREUID) 467 AC_DEFINE(BROKEN_SETREGID) 468 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect]) 469 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 470 [Define if your resolver libs need this for getrrsetbyname]) 471 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 472 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 473 [Use tunnel device compatibility to OpenBSD]) 474 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 475 [Prepend the address family to IP tunnel traffic]) 476 m4_pattern_allow(AU_IPv) 477 AC_CHECK_DECL(AU_IPv4, [], 478 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records]) 479 [#include <bsm/audit.h>]
|
480 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1, 481 [Define if pututxline updates lastlog too]) |
482 ) 483 ;; 484*-*-dragonfly*) 485 SSHDLIBS="$SSHDLIBS -lcrypt" 486 ;; 487*-*-hpux*) 488 # first we define all of the options common to all HP-UX releases 489 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 490 IPADDR_IN_DISPLAY=yes 491 AC_DEFINE(USE_PIPES) 492 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 493 [Define if your login program cannot handle end of options ("--")]) 494 AC_DEFINE(LOGIN_NEEDS_UTMPX) 495 AC_DEFINE(LOCKED_PASSWD_STRING, "*", 496 [String used in /etc/passwd to denote locked account]) 497 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 498 MAIL="/var/mail/username" 499 LIBS="$LIBS -lsec" 500 AC_CHECK_LIB(xnet, t_error, , 501 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 502 503 # next, we define all of the options specific to major releases 504 case "$host" in 505 *-*-hpux10*) 506 if test -z "$GCC"; then 507 CFLAGS="$CFLAGS -Ae" 508 fi 509 ;; 510 *-*-hpux11*) 511 AC_DEFINE(PAM_SUN_CODEBASE, 1, 512 [Define if you are using Solaris-derived PAM which 513 passes pam_messages to the conversation function 514 with an extra level of indirection]) 515 AC_DEFINE(DISABLE_UTMP, 1, 516 [Define if you don't want to use utmp]) 517 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 518 check_for_hpux_broken_getaddrinfo=1 519 check_for_conflicting_getspnam=1 520 ;; 521 esac 522 523 # lastly, we define options specific to minor releases 524 case "$host" in 525 *-*-hpux10.26) 526 AC_DEFINE(HAVE_SECUREWARE, 1, 527 [Define if you have SecureWare-based 528 protected password database]) 529 disable_ptmx_check=yes 530 LIBS="$LIBS -lsecpw" 531 ;; 532 esac 533 ;; 534*-*-irix5*) 535 PATH="$PATH:/usr/etc" 536 AC_DEFINE(BROKEN_INET_NTOA, 1, 537 [Define if you system's inet_ntoa is busted 538 (e.g. Irix gcc issue)]) 539 AC_DEFINE(SETEUID_BREAKS_SETUID) 540 AC_DEFINE(BROKEN_SETREUID) 541 AC_DEFINE(BROKEN_SETREGID) 542 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 543 [Define if you shouldn't strip 'tty' from your 544 ttyname in [uw]tmp]) 545 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 546 ;; 547*-*-irix6*) 548 PATH="$PATH:/usr/etc" 549 AC_DEFINE(WITH_IRIX_ARRAY, 1, 550 [Define if you have/want arrays 551 (cluster-wide session managment, not C arrays)]) 552 AC_DEFINE(WITH_IRIX_PROJECT, 1, 553 [Define if you want IRIX project management]) 554 AC_DEFINE(WITH_IRIX_AUDIT, 1, 555 [Define if you want IRIX audit trails]) 556 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 557 [Define if you want IRIX kernel jobs])]) 558 AC_DEFINE(BROKEN_INET_NTOA) 559 AC_DEFINE(SETEUID_BREAKS_SETUID) 560 AC_DEFINE(BROKEN_SETREUID) 561 AC_DEFINE(BROKEN_SETREGID) 562 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 563 AC_DEFINE(WITH_ABBREV_NO_TTY) 564 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 565 ;;
|
566*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu) 567 check_for_libcrypt_later=1 568 AC_DEFINE(PAM_TTY_KLUDGE) 569 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") 570 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 571 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 572 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 573 ;; |
574*-*-linux*) 575 no_dev_ptmx=1 576 check_for_libcrypt_later=1 577 check_for_openpty_ctty_bug=1 578 AC_DEFINE(PAM_TTY_KLUDGE, 1, 579 [Work around problematic Linux PAM modules handling of PAM_TTY]) 580 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 581 [String used in /etc/passwd to denote locked account]) 582 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 583 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 584 [Define to whatever link() returns for "not supported" 585 if it doesn't return EOPNOTSUPP.]) 586 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 587 AC_DEFINE(USE_BTMP) 588 inet6_default_4in6=yes 589 case `uname -r` in 590 1.*|2.0.*) 591 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 592 [Define if cmsg_type is not passed correctly]) 593 ;; 594 esac 595 # tun(4) forwarding compat code 596 AC_CHECK_HEADERS(linux/if_tun.h) 597 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 598 AC_DEFINE(SSH_TUN_LINUX, 1, 599 [Open tunnel devices the Linux tun/tap way]) 600 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 601 [Use tunnel device compatibility to OpenBSD]) 602 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 603 [Prepend the address family to IP tunnel traffic]) 604 fi 605 ;; 606mips-sony-bsd|mips-sony-newsos4) 607 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) 608 SONY=1 609 ;; 610*-*-netbsd*) 611 check_for_libcrypt_before=1 612 if test "x$withval" != "xno" ; then 613 need_dash_r=1 614 fi 615 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 616 AC_CHECK_HEADER([net/if_tap.h], , 617 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 618 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 619 [Prepend the address family to IP tunnel traffic]) 620 ;; 621*-*-freebsd*) 622 check_for_libcrypt_later=1 623 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)]) 624 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 625 AC_CHECK_HEADER([net/if_tap.h], , 626 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 627 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need]) 628 ;; 629*-*-bsdi*) 630 AC_DEFINE(SETEUID_BREAKS_SETUID) 631 AC_DEFINE(BROKEN_SETREUID) 632 AC_DEFINE(BROKEN_SETREGID) 633 ;; 634*-next-*) 635 conf_lastlog_location="/usr/adm/lastlog" 636 conf_utmp_location=/etc/utmp 637 conf_wtmp_location=/usr/adm/wtmp 638 MAIL=/usr/spool/mail 639 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 640 AC_DEFINE(BROKEN_REALPATH) 641 AC_DEFINE(USE_PIPES) 642 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 643 ;; 644*-*-openbsd*) 645 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 646 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 647 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 648 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1, 649 [syslog_r function is safe to use in in a signal handler]) 650 ;; 651*-*-solaris*) 652 if test "x$withval" != "xno" ; then 653 need_dash_r=1 654 fi 655 AC_DEFINE(PAM_SUN_CODEBASE) 656 AC_DEFINE(LOGIN_NEEDS_UTMPX) 657 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 658 [Some versions of /bin/login need the TERM supplied 659 on the commandline]) 660 AC_DEFINE(PAM_TTY_KLUDGE) 661 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 662 [Define if pam_chauthtok wants real uid set 663 to the unpriv'ed user]) 664 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 665 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 666 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 667 [Define if sshd somehow reacquires a controlling TTY 668 after setsid()]) 669 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd 670 in case the name is longer than 8 chars]) 671 external_path_file=/etc/default/login 672 # hardwire lastlog location (can't detect it on some versions) 673 conf_lastlog_location="/var/adm/lastlog" 674 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 675 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 676 if test "$sol2ver" -ge 8; then 677 AC_MSG_RESULT(yes) 678 AC_DEFINE(DISABLE_UTMP) 679 AC_DEFINE(DISABLE_WTMP, 1, 680 [Define if you don't want to use wtmp]) 681 else 682 AC_MSG_RESULT(no) 683 fi 684 AC_ARG_WITH(solaris-contracts, 685 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 686 [ 687 AC_CHECK_LIB(contract, ct_tmpl_activate, 688 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, 689 [Define if you have Solaris process contracts]) 690 SSHDLIBS="$SSHDLIBS -lcontract" 691 AC_SUBST(SSHDLIBS) 692 SPC_MSG="yes" ], ) 693 ], 694 ) 695 ;; 696*-*-sunos4*) 697 CPPFLAGS="$CPPFLAGS -DSUNOS4" 698 AC_CHECK_FUNCS(getpwanam) 699 AC_DEFINE(PAM_SUN_CODEBASE) 700 conf_utmp_location=/etc/utmp 701 conf_wtmp_location=/var/adm/wtmp 702 conf_lastlog_location=/var/adm/lastlog 703 AC_DEFINE(USE_PIPES) 704 ;; 705*-ncr-sysv*) 706 LIBS="$LIBS -lc89" 707 AC_DEFINE(USE_PIPES) 708 AC_DEFINE(SSHD_ACQUIRES_CTTY) 709 AC_DEFINE(SETEUID_BREAKS_SETUID) 710 AC_DEFINE(BROKEN_SETREUID) 711 AC_DEFINE(BROKEN_SETREGID) 712 ;; 713*-sni-sysv*) 714 # /usr/ucblib MUST NOT be searched on ReliantUNIX 715 AC_CHECK_LIB(dl, dlsym, ,) 716 # -lresolv needs to be at the end of LIBS or DNS lookups break 717 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 718 IPADDR_IN_DISPLAY=yes 719 AC_DEFINE(USE_PIPES) 720 AC_DEFINE(IP_TOS_IS_BROKEN) 721 AC_DEFINE(SETEUID_BREAKS_SETUID) 722 AC_DEFINE(BROKEN_SETREUID) 723 AC_DEFINE(BROKEN_SETREGID) 724 AC_DEFINE(SSHD_ACQUIRES_CTTY) 725 external_path_file=/etc/default/login 726 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 727 # Attention: always take care to bind libsocket and libnsl before libc, 728 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 729 ;; 730# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 731*-*-sysv4.2*) 732 AC_DEFINE(USE_PIPES) 733 AC_DEFINE(SETEUID_BREAKS_SETUID) 734 AC_DEFINE(BROKEN_SETREUID) 735 AC_DEFINE(BROKEN_SETREGID) 736 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 737 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 738 ;; 739# UnixWare 7.x, OpenUNIX 8 740*-*-sysv5*)
|
731 check_for_libcrypt_later=1
|
741 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 742 AC_DEFINE(USE_PIPES) 743 AC_DEFINE(SETEUID_BREAKS_SETUID) 744 AC_DEFINE(BROKEN_SETREUID) 745 AC_DEFINE(BROKEN_SETREGID) 746 AC_DEFINE(PASSWD_NEEDS_USERNAME) 747 case "$host" in 748 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 749 TEST_SHELL=/u95/bin/sh 750 AC_DEFINE(BROKEN_LIBIAF, 1, 751 [ia_uinfo routines not supported by OS yet]) 752 AC_DEFINE(BROKEN_UPDWTMPX)
|
753 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot" 754 AC_CHECK_FUNCS(getluid setluid,,,-lprot) 755 AC_DEFINE(HAVE_SECUREWARE) 756 AC_DEFINE(DISABLE_SHADOW) 757 ],,) |
758 ;; 759 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
|
760 check_for_libcrypt_later=1 |
761 ;; 762 esac 763 ;; 764*-*-sysv*) 765 ;; 766# SCO UNIX and OEM versions of SCO UNIX 767*-*-sco3.2v4*) 768 AC_MSG_ERROR("This Platform is no longer supported.") 769 ;; 770# SCO OpenServer 5.x 771*-*-sco3.2v5*) 772 if test -z "$GCC"; then 773 CFLAGS="$CFLAGS -belf" 774 fi 775 LIBS="$LIBS -lprot -lx -ltinfo -lm" 776 no_dev_ptmx=1 777 AC_DEFINE(USE_PIPES) 778 AC_DEFINE(HAVE_SECUREWARE) 779 AC_DEFINE(DISABLE_SHADOW) 780 AC_DEFINE(DISABLE_FD_PASSING) 781 AC_DEFINE(SETEUID_BREAKS_SETUID) 782 AC_DEFINE(BROKEN_SETREUID) 783 AC_DEFINE(BROKEN_SETREGID) 784 AC_DEFINE(WITH_ABBREV_NO_TTY) 785 AC_DEFINE(BROKEN_UPDWTMPX) 786 AC_DEFINE(PASSWD_NEEDS_USERNAME) 787 AC_CHECK_FUNCS(getluid setluid) 788 MANTYPE=man 789 TEST_SHELL=ksh 790 ;; 791*-*-unicosmk*) 792 AC_DEFINE(NO_SSH_LASTLOG, 1, 793 [Define if you don't want to use lastlog in session.c]) 794 AC_DEFINE(SETEUID_BREAKS_SETUID) 795 AC_DEFINE(BROKEN_SETREUID) 796 AC_DEFINE(BROKEN_SETREGID) 797 AC_DEFINE(USE_PIPES) 798 AC_DEFINE(DISABLE_FD_PASSING) 799 LDFLAGS="$LDFLAGS" 800 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 801 MANTYPE=cat 802 ;; 803*-*-unicosmp*) 804 AC_DEFINE(SETEUID_BREAKS_SETUID) 805 AC_DEFINE(BROKEN_SETREUID) 806 AC_DEFINE(BROKEN_SETREGID) 807 AC_DEFINE(WITH_ABBREV_NO_TTY) 808 AC_DEFINE(USE_PIPES) 809 AC_DEFINE(DISABLE_FD_PASSING) 810 LDFLAGS="$LDFLAGS" 811 LIBS="$LIBS -lgen -lacid -ldb" 812 MANTYPE=cat 813 ;; 814*-*-unicos*) 815 AC_DEFINE(SETEUID_BREAKS_SETUID) 816 AC_DEFINE(BROKEN_SETREUID) 817 AC_DEFINE(BROKEN_SETREGID) 818 AC_DEFINE(USE_PIPES) 819 AC_DEFINE(DISABLE_FD_PASSING) 820 AC_DEFINE(NO_SSH_LASTLOG) 821 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 822 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 823 MANTYPE=cat 824 ;; 825*-dec-osf*) 826 AC_MSG_CHECKING(for Digital Unix SIA) 827 no_osfsia="" 828 AC_ARG_WITH(osfsia, 829 [ --with-osfsia Enable Digital Unix SIA], 830 [ 831 if test "x$withval" = "xno" ; then 832 AC_MSG_RESULT(disabled) 833 no_osfsia=1 834 fi 835 ], 836 ) 837 if test -z "$no_osfsia" ; then 838 if test -f /etc/sia/matrix.conf; then 839 AC_MSG_RESULT(yes) 840 AC_DEFINE(HAVE_OSF_SIA, 1, 841 [Define if you have Digital Unix Security 842 Integration Architecture]) 843 AC_DEFINE(DISABLE_LOGIN, 1, 844 [Define if you don't want to use your 845 system's login() call]) 846 AC_DEFINE(DISABLE_FD_PASSING) 847 LIBS="$LIBS -lsecurity -ldb -lm -laud" 848 SIA_MSG="yes" 849 else 850 AC_MSG_RESULT(no) 851 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 852 [String used in /etc/passwd to denote locked account]) 853 fi 854 fi 855 AC_DEFINE(BROKEN_GETADDRINFO) 856 AC_DEFINE(SETEUID_BREAKS_SETUID) 857 AC_DEFINE(BROKEN_SETREUID) 858 AC_DEFINE(BROKEN_SETREGID) 859 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv]) 860 ;; 861 862*-*-nto-qnx*) 863 AC_DEFINE(USE_PIPES) 864 AC_DEFINE(NO_X11_UNIX_SOCKETS) 865 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems]) 866 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems]) 867 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems]) 868 AC_DEFINE(DISABLE_LASTLOG) 869 AC_DEFINE(SSHD_ACQUIRES_CTTY) 870 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken]) 871 enable_etc_default_login=no # has incompatible /etc/default/login 872 case "$host" in 873 *-*-nto-qnx6*) 874 AC_DEFINE(DISABLE_FD_PASSING) 875 ;; 876 esac 877 ;; 878 879*-*-ultrix*) 880 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 881 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 882 AC_DEFINE(NEED_SETPGRP) 883 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 884 ;; 885 886*-*-lynxos) 887 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 888 AC_DEFINE(MISSING_HOWMANY) 889 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 890 ;; 891esac 892 893AC_MSG_CHECKING(compiler and flags for sanity) 894AC_RUN_IFELSE( 895 [AC_LANG_SOURCE([ 896#include <stdio.h> 897int main(){exit(0);} 898 ])], 899 [ AC_MSG_RESULT(yes) ], 900 [ 901 AC_MSG_RESULT(no) 902 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 903 ], 904 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 905) 906 907dnl Checks for header files. 908# Checks for libraries. 909AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 910AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 911 912dnl IRIX and Solaris 2.5.1 have dirname() in libgen 913AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 914 AC_CHECK_LIB(gen, dirname,[ 915 AC_CACHE_CHECK([for broken dirname], 916 ac_cv_have_broken_dirname, [ 917 save_LIBS="$LIBS" 918 LIBS="$LIBS -lgen" 919 AC_RUN_IFELSE( 920 [AC_LANG_SOURCE([[ 921#include <libgen.h> 922#include <string.h> 923 924int main(int argc, char **argv) { 925 char *s, buf[32]; 926 927 strncpy(buf,"/etc", 32); 928 s = dirname(buf); 929 if (!s || strncmp(s, "/", 32) != 0) { 930 exit(1); 931 } else { 932 exit(0); 933 } 934} 935 ]])], 936 [ ac_cv_have_broken_dirname="no" ], 937 [ ac_cv_have_broken_dirname="yes" ], 938 [ ac_cv_have_broken_dirname="no" ], 939 ) 940 LIBS="$save_LIBS" 941 ]) 942 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 943 LIBS="$LIBS -lgen" 944 AC_DEFINE(HAVE_DIRNAME) 945 AC_CHECK_HEADERS(libgen.h) 946 fi 947 ]) 948]) 949 950AC_CHECK_FUNC(getspnam, , 951 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 952AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 953 [Define if you have the basename function.])) 954 955dnl zlib is required 956AC_ARG_WITH(zlib, 957 [ --with-zlib=PATH Use zlib in PATH], 958 [ if test "x$withval" = "xno" ; then 959 AC_MSG_ERROR([*** zlib is required ***]) 960 elif test "x$withval" != "xyes"; then 961 if test -d "$withval/lib"; then 962 if test -n "${need_dash_r}"; then 963 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 964 else 965 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 966 fi 967 else 968 if test -n "${need_dash_r}"; then 969 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 970 else 971 LDFLAGS="-L${withval} ${LDFLAGS}" 972 fi 973 fi 974 if test -d "$withval/include"; then 975 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 976 else 977 CPPFLAGS="-I${withval} ${CPPFLAGS}" 978 fi 979 fi ] 980) 981 982AC_CHECK_LIB(z, deflate, , 983 [ 984 saved_CPPFLAGS="$CPPFLAGS" 985 saved_LDFLAGS="$LDFLAGS" 986 save_LIBS="$LIBS" 987 dnl Check default zlib install dir 988 if test -n "${need_dash_r}"; then 989 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 990 else 991 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 992 fi 993 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 994 LIBS="$LIBS -lz" 995 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 996 [ 997 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 998 ] 999 ) 1000 ] 1001) 1002AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 1003 1004AC_ARG_WITH(zlib-version-check, 1005 [ --without-zlib-version-check Disable zlib version check], 1006 [ if test "x$withval" = "xno" ; then 1007 zlib_check_nonfatal=1 1008 fi 1009 ] 1010) 1011 1012AC_MSG_CHECKING(for possibly buggy zlib) 1013AC_RUN_IFELSE([AC_LANG_SOURCE([[ 1014#include <stdio.h> 1015#include <zlib.h> 1016int main() 1017{ 1018 int a=0, b=0, c=0, d=0, n, v; 1019 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 1020 if (n != 3 && n != 4) 1021 exit(1); 1022 v = a*1000000 + b*10000 + c*100 + d; 1023 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 1024 1025 /* 1.1.4 is OK */ 1026 if (a == 1 && b == 1 && c >= 4) 1027 exit(0); 1028 1029 /* 1.2.3 and up are OK */ 1030 if (v >= 1020300) 1031 exit(0); 1032 1033 exit(2); 1034} 1035 ]])], 1036 AC_MSG_RESULT(no), 1037 [ AC_MSG_RESULT(yes) 1038 if test -z "$zlib_check_nonfatal" ; then 1039 AC_MSG_ERROR([*** zlib too old - check config.log *** 1040Your reported zlib version has known security problems. It's possible your 1041vendor has fixed these problems without changing the version number. If you 1042are sure this is the case, you can disable the check by running 1043"./configure --without-zlib-version-check". 1044If you are in doubt, upgrade zlib to version 1.2.3 or greater. 1045See http://www.gzip.org/zlib/ for details.]) 1046 else 1047 AC_MSG_WARN([zlib version may have security problems]) 1048 fi 1049 ], 1050 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 1051) 1052 1053dnl UnixWare 2.x 1054AC_CHECK_FUNC(strcasecmp, 1055 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 1056) 1057AC_CHECK_FUNCS(utimes, 1058 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 1059 LIBS="$LIBS -lc89"]) ] 1060) 1061 1062dnl Checks for libutil functions 1063AC_CHECK_HEADERS(libutil.h) 1064AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 1065 [Define if your libraries define login()])]) 1066AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp) 1067 1068AC_FUNC_STRFTIME 1069 1070# Check for ALTDIRFUNC glob() extension 1071AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 1072AC_EGREP_CPP(FOUNDIT, 1073 [ 1074 #include <glob.h> 1075 #ifdef GLOB_ALTDIRFUNC 1076 FOUNDIT 1077 #endif 1078 ], 1079 [ 1080 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 1081 [Define if your system glob() function has 1082 the GLOB_ALTDIRFUNC extension]) 1083 AC_MSG_RESULT(yes) 1084 ], 1085 [ 1086 AC_MSG_RESULT(no) 1087 ] 1088) 1089 1090# Check for g.gl_matchc glob() extension 1091AC_MSG_CHECKING(for gl_matchc field in glob_t) 1092AC_TRY_COMPILE( 1093 [ #include <glob.h> ], 1094 [glob_t g; g.gl_matchc = 1;], 1095 [ 1096 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 1097 [Define if your system glob() function has 1098 gl_matchc options in glob_t]) 1099 AC_MSG_RESULT(yes) 1100 ], 1101 [ 1102 AC_MSG_RESULT(no) 1103 ] 1104) 1105 1106AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>]) 1107 1108AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1109AC_RUN_IFELSE( 1110 [AC_LANG_SOURCE([[ 1111#include <sys/types.h> 1112#include <dirent.h> 1113int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 1114 ]])], 1115 [AC_MSG_RESULT(yes)], 1116 [ 1117 AC_MSG_RESULT(no) 1118 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 1119 [Define if your struct dirent expects you to 1120 allocate extra space for d_name]) 1121 ], 1122 [ 1123 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1124 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 1125 ] 1126) 1127 1128AC_MSG_CHECKING([for /proc/pid/fd directory]) 1129if test -d "/proc/$$/fd" ; then 1130 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 1131 AC_MSG_RESULT(yes) 1132else 1133 AC_MSG_RESULT(no) 1134fi 1135 1136# Check whether user wants S/Key support 1137SKEY_MSG="no" 1138AC_ARG_WITH(skey, 1139 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1140 [ 1141 if test "x$withval" != "xno" ; then 1142 1143 if test "x$withval" != "xyes" ; then 1144 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1145 LDFLAGS="$LDFLAGS -L${withval}/lib" 1146 fi 1147 1148 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1149 LIBS="-lskey $LIBS" 1150 SKEY_MSG="yes" 1151 1152 AC_MSG_CHECKING([for s/key support]) 1153 AC_LINK_IFELSE( 1154 [AC_LANG_SOURCE([[ 1155#include <stdio.h> 1156#include <skey.h> 1157int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 1158 ]])], 1159 [AC_MSG_RESULT(yes)], 1160 [ 1161 AC_MSG_RESULT(no) 1162 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1163 ]) 1164 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 1165 AC_TRY_COMPILE( 1166 [#include <stdio.h> 1167 #include <skey.h>], 1168 [(void)skeychallenge(NULL,"name","",0);], 1169 [AC_MSG_RESULT(yes) 1170 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 1171 [Define if your skeychallenge() 1172 function takes 4 arguments (NetBSD)])], 1173 [AC_MSG_RESULT(no)] 1174 ) 1175 fi 1176 ] 1177) 1178 1179# Check whether user wants TCP wrappers support 1180TCPW_MSG="no" 1181AC_ARG_WITH(tcp-wrappers, 1182 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1183 [ 1184 if test "x$withval" != "xno" ; then 1185 saved_LIBS="$LIBS" 1186 saved_LDFLAGS="$LDFLAGS" 1187 saved_CPPFLAGS="$CPPFLAGS" 1188 if test -n "${withval}" && \ 1189 test "x${withval}" != "xyes"; then 1190 if test -d "${withval}/lib"; then 1191 if test -n "${need_dash_r}"; then 1192 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1193 else 1194 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1195 fi 1196 else 1197 if test -n "${need_dash_r}"; then 1198 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1199 else 1200 LDFLAGS="-L${withval} ${LDFLAGS}" 1201 fi 1202 fi 1203 if test -d "${withval}/include"; then 1204 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1205 else 1206 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1207 fi 1208 fi 1209 LIBS="-lwrap $LIBS" 1210 AC_MSG_CHECKING(for libwrap) 1211 AC_TRY_LINK( 1212 [ 1213#include <sys/types.h> 1214#include <sys/socket.h> 1215#include <netinet/in.h> 1216#include <tcpd.h> 1217 int deny_severity = 0, allow_severity = 0; 1218 ], 1219 [hosts_access(0);], 1220 [ 1221 AC_MSG_RESULT(yes) 1222 AC_DEFINE(LIBWRAP, 1, 1223 [Define if you want 1224 TCP Wrappers support]) 1225 SSHDLIBS="$SSHDLIBS -lwrap" 1226 TCPW_MSG="yes" 1227 ], 1228 [ 1229 AC_MSG_ERROR([*** libwrap missing]) 1230 ] 1231 ) 1232 LIBS="$saved_LIBS" 1233 fi 1234 ] 1235) 1236 1237# Check whether user wants libedit support 1238LIBEDIT_MSG="no" 1239AC_ARG_WITH(libedit, 1240 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1241 [ if test "x$withval" != "xno" ; then 1242 if test "x$withval" != "xyes"; then 1243 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1244 if test -n "${need_dash_r}"; then 1245 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1246 else 1247 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1248 fi 1249 fi 1250 AC_CHECK_LIB(edit, el_init, 1251 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1252 LIBEDIT="-ledit -lcurses" 1253 LIBEDIT_MSG="yes" 1254 AC_SUBST(LIBEDIT) 1255 ], 1256 [ AC_MSG_ERROR(libedit not found) ], 1257 [ -lcurses ] 1258 ) 1259 AC_MSG_CHECKING(if libedit version is compatible) 1260 AC_COMPILE_IFELSE( 1261 [AC_LANG_SOURCE([[ 1262#include <histedit.h> 1263int main(void) 1264{ 1265 int i = H_SETSIZE; 1266 el_init("", NULL, NULL, NULL); 1267 exit(0); 1268} 1269 ]])], 1270 [ AC_MSG_RESULT(yes) ], 1271 [ AC_MSG_RESULT(no) 1272 AC_MSG_ERROR(libedit version is not compatible) ] 1273 ) 1274 fi ] 1275) 1276 1277AUDIT_MODULE=none 1278AC_ARG_WITH(audit, 1279 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1280 [ 1281 AC_MSG_CHECKING(for supported audit module) 1282 case "$withval" in 1283 bsm) 1284 AC_MSG_RESULT(bsm) 1285 AUDIT_MODULE=bsm 1286 dnl Checks for headers, libs and functions 1287 AC_CHECK_HEADERS(bsm/audit.h, [], 1288 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)], 1289 [ 1290#ifdef HAVE_TIME_H 1291# include <time.h> 1292#endif 1293 ] 1294) 1295 AC_CHECK_LIB(bsm, getaudit, [], 1296 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1297 AC_CHECK_FUNCS(getaudit, [], 1298 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1299 # These are optional 1300 AC_CHECK_FUNCS(getaudit_addr aug_get_machine) 1301 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1302 ;; 1303 debug) 1304 AUDIT_MODULE=debug 1305 AC_MSG_RESULT(debug) 1306 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1307 ;; 1308 no) 1309 AC_MSG_RESULT(no) 1310 ;; 1311 *) 1312 AC_MSG_ERROR([Unknown audit module $withval]) 1313 ;; 1314 esac ] 1315) 1316 1317dnl Checks for library functions. Please keep in alphabetical order 1318AC_CHECK_FUNCS( \ 1319 arc4random \ 1320 arc4random_buf \ 1321 arc4random_uniform \ 1322 asprintf \ 1323 b64_ntop \ 1324 __b64_ntop \ 1325 b64_pton \ 1326 __b64_pton \ 1327 bcopy \ 1328 bindresvport_sa \ 1329 clock \ 1330 closefrom \ 1331 dirfd \ 1332 fchmod \ 1333 fchown \ 1334 freeaddrinfo \ 1335 fstatvfs \ 1336 futimes \ 1337 getaddrinfo \ 1338 getcwd \ 1339 getgrouplist \ 1340 getnameinfo \ 1341 getopt \ 1342 getpeereid \ 1343 getpeerucred \ 1344 _getpty \ 1345 getrlimit \ 1346 getttyent \ 1347 glob \ 1348 inet_aton \ 1349 inet_ntoa \ 1350 inet_ntop \ 1351 innetgr \ 1352 login_getcapbool \ 1353 md5_crypt \ 1354 memmove \ 1355 mkdtemp \ 1356 mmap \ 1357 ngetaddrinfo \ 1358 nsleep \ 1359 ogetaddrinfo \ 1360 openlog_r \ 1361 openpty \ 1362 poll \ 1363 prctl \ 1364 pstat \ 1365 readpassphrase \ 1366 realpath \ 1367 recvmsg \ 1368 rresvport_af \ 1369 sendmsg \ 1370 setdtablesize \ 1371 setegid \ 1372 setenv \ 1373 seteuid \ 1374 setgroups \ 1375 setlogin \ 1376 setpcred \ 1377 setproctitle \ 1378 setregid \ 1379 setreuid \ 1380 setrlimit \ 1381 setsid \ 1382 setvbuf \ 1383 sigaction \ 1384 sigvec \ 1385 snprintf \ 1386 socketpair \ 1387 statfs \ 1388 statvfs \ 1389 strdup \ 1390 strerror \ 1391 strlcat \ 1392 strlcpy \ 1393 strmode \ 1394 strnvis \ 1395 strtonum \ 1396 strtoll \ 1397 strtoul \ 1398 swap32 \ 1399 sysconf \ 1400 tcgetpgrp \ 1401 truncate \ 1402 unsetenv \ 1403 updwtmpx \ 1404 vasprintf \ 1405 vhangup \ 1406 vsnprintf \ 1407 waitpid \ 1408) 1409 1410# IRIX has a const char return value for gai_strerror() 1411AC_CHECK_FUNCS(gai_strerror,[ 1412 AC_DEFINE(HAVE_GAI_STRERROR) 1413 AC_TRY_COMPILE([ 1414#include <sys/types.h> 1415#include <sys/socket.h> 1416#include <netdb.h> 1417 1418const char *gai_strerror(int);],[ 1419char *str; 1420 1421str = gai_strerror(0);],[ 1422 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1423 [Define if gai_strerror() returns const char *])])]) 1424 1425AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1426 [Some systems put nanosleep outside of libc])) 1427 1428dnl Make sure prototypes are defined for these before using them. 1429AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1430AC_CHECK_DECL(strsep, 1431 [AC_CHECK_FUNCS(strsep)], 1432 [], 1433 [ 1434#ifdef HAVE_STRING_H 1435# include <string.h> 1436#endif 1437 ]) 1438 1439dnl tcsendbreak might be a macro 1440AC_CHECK_DECL(tcsendbreak, 1441 [AC_DEFINE(HAVE_TCSENDBREAK)], 1442 [AC_CHECK_FUNCS(tcsendbreak)], 1443 [#include <termios.h>] 1444) 1445 1446AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1447 1448AC_CHECK_DECLS(SHUT_RD, , , 1449 [ 1450#include <sys/types.h> 1451#include <sys/socket.h> 1452 ]) 1453 1454AC_CHECK_DECLS(O_NONBLOCK, , , 1455 [ 1456#include <sys/types.h> 1457#ifdef HAVE_SYS_STAT_H 1458# include <sys/stat.h> 1459#endif 1460#ifdef HAVE_FCNTL_H 1461# include <fcntl.h> 1462#endif 1463 ]) 1464 1465AC_CHECK_DECLS(writev, , , [ 1466#include <sys/types.h> 1467#include <sys/uio.h> 1468#include <unistd.h> 1469 ]) 1470 1471AC_CHECK_DECLS(MAXSYMLINKS, , , [ 1472#include <sys/param.h> 1473 ]) 1474 1475AC_CHECK_DECLS(offsetof, , , [ 1476#include <stddef.h> 1477 ]) 1478 1479AC_CHECK_FUNCS(setresuid, [ 1480 dnl Some platorms have setresuid that isn't implemented, test for this 1481 AC_MSG_CHECKING(if setresuid seems to work) 1482 AC_RUN_IFELSE( 1483 [AC_LANG_SOURCE([[ 1484#include <stdlib.h> 1485#include <errno.h> 1486int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1487 ]])], 1488 [AC_MSG_RESULT(yes)], 1489 [AC_DEFINE(BROKEN_SETRESUID, 1, 1490 [Define if your setresuid() is broken]) 1491 AC_MSG_RESULT(not implemented)], 1492 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1493 ) 1494]) 1495 1496AC_CHECK_FUNCS(setresgid, [ 1497 dnl Some platorms have setresgid that isn't implemented, test for this 1498 AC_MSG_CHECKING(if setresgid seems to work) 1499 AC_RUN_IFELSE( 1500 [AC_LANG_SOURCE([[ 1501#include <stdlib.h> 1502#include <errno.h> 1503int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1504 ]])], 1505 [AC_MSG_RESULT(yes)], 1506 [AC_DEFINE(BROKEN_SETRESGID, 1, 1507 [Define if your setresgid() is broken]) 1508 AC_MSG_RESULT(not implemented)], 1509 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1510 ) 1511]) 1512 1513dnl Checks for time functions 1514AC_CHECK_FUNCS(gettimeofday time) 1515dnl Checks for utmp functions 1516AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1517AC_CHECK_FUNCS(utmpname) 1518dnl Checks for utmpx functions 1519AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1520AC_CHECK_FUNCS(setutxent utmpxname)
|
1521dnl Checks for lastlog functions 1522AC_CHECK_FUNCS(getlastlogxbyname) |
1523 1524AC_CHECK_FUNC(daemon, 1525 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1526 [AC_CHECK_LIB(bsd, daemon, 1527 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1528) 1529 1530AC_CHECK_FUNC(getpagesize, 1531 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1532 [Define if your libraries define getpagesize()])], 1533 [AC_CHECK_LIB(ucb, getpagesize, 1534 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1535) 1536 1537# Check for broken snprintf 1538if test "x$ac_cv_func_snprintf" = "xyes" ; then 1539 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1540 AC_RUN_IFELSE( 1541 [AC_LANG_SOURCE([[ 1542#include <stdio.h> 1543int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1544 ]])], 1545 [AC_MSG_RESULT(yes)], 1546 [ 1547 AC_MSG_RESULT(no) 1548 AC_DEFINE(BROKEN_SNPRINTF, 1, 1549 [Define if your snprintf is busted]) 1550 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1551 ], 1552 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1553 ) 1554fi 1555 1556# If we don't have a working asprintf, then we strongly depend on vsnprintf 1557# returning the right thing on overflow: the number of characters it tried to 1558# create (as per SUSv3) 1559if test "x$ac_cv_func_asprintf" != "xyes" && \ 1560 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1561 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1562 AC_RUN_IFELSE( 1563 [AC_LANG_SOURCE([[ 1564#include <sys/types.h> 1565#include <stdio.h> 1566#include <stdarg.h> 1567 1568int x_snprintf(char *str,size_t count,const char *fmt,...) 1569{ 1570 size_t ret; va_list ap; 1571 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1572 return ret; 1573} 1574int main(void) 1575{ 1576 char x[1]; 1577 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1578} ]])], 1579 [AC_MSG_RESULT(yes)], 1580 [ 1581 AC_MSG_RESULT(no) 1582 AC_DEFINE(BROKEN_SNPRINTF, 1, 1583 [Define if your snprintf is busted]) 1584 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1585 ], 1586 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1587 ) 1588fi 1589 1590# On systems where [v]snprintf is broken, but is declared in stdio, 1591# check that the fmt argument is const char * or just char *. 1592# This is only useful for when BROKEN_SNPRINTF 1593AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1594AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1595 int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1596 int main(void) { snprintf(0, 0, 0); } 1597 ]])], 1598 [AC_MSG_RESULT(yes) 1599 AC_DEFINE(SNPRINTF_CONST, [const], 1600 [Define as const if snprintf() can declare const char *fmt])], 1601 [AC_MSG_RESULT(no) 1602 AC_DEFINE(SNPRINTF_CONST, [/* not const */])]) 1603 1604# Check for missing getpeereid (or equiv) support 1605NO_PEERCHECK="" 1606if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then 1607 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1608 AC_TRY_COMPILE( 1609 [#include <sys/types.h> 1610 #include <sys/socket.h>], 1611 [int i = SO_PEERCRED;], 1612 [ AC_MSG_RESULT(yes) 1613 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1614 ], 1615 [AC_MSG_RESULT(no) 1616 NO_PEERCHECK=1] 1617 ) 1618fi 1619 1620dnl see whether mkstemp() requires XXXXXX 1621if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1622AC_MSG_CHECKING([for (overly) strict mkstemp]) 1623AC_RUN_IFELSE( 1624 [AC_LANG_SOURCE([[ 1625#include <stdlib.h> 1626main() { char template[]="conftest.mkstemp-test"; 1627if (mkstemp(template) == -1) 1628 exit(1); 1629unlink(template); exit(0); 1630} 1631 ]])], 1632 [ 1633 AC_MSG_RESULT(no) 1634 ], 1635 [ 1636 AC_MSG_RESULT(yes) 1637 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1638 ], 1639 [ 1640 AC_MSG_RESULT(yes) 1641 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1642 ] 1643) 1644fi 1645 1646dnl make sure that openpty does not reacquire controlling terminal 1647if test ! -z "$check_for_openpty_ctty_bug"; then 1648 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1649 AC_RUN_IFELSE( 1650 [AC_LANG_SOURCE([[ 1651#include <stdio.h> 1652#include <sys/fcntl.h> 1653#include <sys/types.h> 1654#include <sys/wait.h> 1655 1656int 1657main() 1658{ 1659 pid_t pid; 1660 int fd, ptyfd, ttyfd, status; 1661 1662 pid = fork(); 1663 if (pid < 0) { /* failed */ 1664 exit(1); 1665 } else if (pid > 0) { /* parent */ 1666 waitpid(pid, &status, 0); 1667 if (WIFEXITED(status)) 1668 exit(WEXITSTATUS(status)); 1669 else 1670 exit(2); 1671 } else { /* child */ 1672 close(0); close(1); close(2); 1673 setsid(); 1674 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1675 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1676 if (fd >= 0) 1677 exit(3); /* Acquired ctty: broken */ 1678 else 1679 exit(0); /* Did not acquire ctty: OK */ 1680 } 1681} 1682 ]])], 1683 [ 1684 AC_MSG_RESULT(yes) 1685 ], 1686 [ 1687 AC_MSG_RESULT(no) 1688 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1689 ], 1690 [ 1691 AC_MSG_RESULT(cross-compiling, assuming yes) 1692 ] 1693 ) 1694fi 1695 1696if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1697 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1698 AC_MSG_CHECKING(if getaddrinfo seems to work) 1699 AC_RUN_IFELSE( 1700 [AC_LANG_SOURCE([[ 1701#include <stdio.h> 1702#include <sys/socket.h> 1703#include <netdb.h> 1704#include <errno.h> 1705#include <netinet/in.h> 1706 1707#define TEST_PORT "2222" 1708 1709int 1710main(void) 1711{ 1712 int err, sock; 1713 struct addrinfo *gai_ai, *ai, hints; 1714 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1715 1716 memset(&hints, 0, sizeof(hints)); 1717 hints.ai_family = PF_UNSPEC; 1718 hints.ai_socktype = SOCK_STREAM; 1719 hints.ai_flags = AI_PASSIVE; 1720 1721 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1722 if (err != 0) { 1723 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1724 exit(1); 1725 } 1726 1727 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1728 if (ai->ai_family != AF_INET6) 1729 continue; 1730 1731 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1732 sizeof(ntop), strport, sizeof(strport), 1733 NI_NUMERICHOST|NI_NUMERICSERV); 1734 1735 if (err != 0) { 1736 if (err == EAI_SYSTEM) 1737 perror("getnameinfo EAI_SYSTEM"); 1738 else 1739 fprintf(stderr, "getnameinfo failed: %s\n", 1740 gai_strerror(err)); 1741 exit(2); 1742 } 1743 1744 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1745 if (sock < 0) 1746 perror("socket"); 1747 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1748 if (errno == EBADF) 1749 exit(3); 1750 } 1751 } 1752 exit(0); 1753} 1754 ]])], 1755 [ 1756 AC_MSG_RESULT(yes) 1757 ], 1758 [ 1759 AC_MSG_RESULT(no) 1760 AC_DEFINE(BROKEN_GETADDRINFO) 1761 ], 1762 [ 1763 AC_MSG_RESULT(cross-compiling, assuming yes) 1764 ] 1765 ) 1766fi 1767 1768if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1769 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1770 AC_MSG_CHECKING(if getaddrinfo seems to work) 1771 AC_RUN_IFELSE( 1772 [AC_LANG_SOURCE([[ 1773#include <stdio.h> 1774#include <sys/socket.h> 1775#include <netdb.h> 1776#include <errno.h> 1777#include <netinet/in.h> 1778 1779#define TEST_PORT "2222" 1780 1781int 1782main(void) 1783{ 1784 int err, sock; 1785 struct addrinfo *gai_ai, *ai, hints; 1786 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1787 1788 memset(&hints, 0, sizeof(hints)); 1789 hints.ai_family = PF_UNSPEC; 1790 hints.ai_socktype = SOCK_STREAM; 1791 hints.ai_flags = AI_PASSIVE; 1792 1793 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1794 if (err != 0) { 1795 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1796 exit(1); 1797 } 1798 1799 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1800 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1801 continue; 1802 1803 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1804 sizeof(ntop), strport, sizeof(strport), 1805 NI_NUMERICHOST|NI_NUMERICSERV); 1806 1807 if (ai->ai_family == AF_INET && err != 0) { 1808 perror("getnameinfo"); 1809 exit(2); 1810 } 1811 } 1812 exit(0); 1813} 1814 ]])], 1815 [ 1816 AC_MSG_RESULT(yes) 1817 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1818 [Define if you have a getaddrinfo that fails 1819 for the all-zeros IPv6 address]) 1820 ], 1821 [ 1822 AC_MSG_RESULT(no) 1823 AC_DEFINE(BROKEN_GETADDRINFO) 1824 ], 1825 [ 1826 AC_MSG_RESULT(cross-compiling, assuming no) 1827 ] 1828 ) 1829fi 1830 1831if test "x$check_for_conflicting_getspnam" = "x1"; then 1832 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1833 AC_COMPILE_IFELSE( 1834 [ 1835#include <shadow.h> 1836int main(void) {exit(0);} 1837 ], 1838 [ 1839 AC_MSG_RESULT(no) 1840 ], 1841 [ 1842 AC_MSG_RESULT(yes) 1843 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1844 [Conflicting defs for getspnam]) 1845 ] 1846 ) 1847fi 1848 1849AC_FUNC_GETPGRP 1850 1851# Search for OpenSSL 1852saved_CPPFLAGS="$CPPFLAGS" 1853saved_LDFLAGS="$LDFLAGS" 1854AC_ARG_WITH(ssl-dir, 1855 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1856 [ 1857 if test "x$withval" != "xno" ; then 1858 case "$withval" in 1859 # Relative paths 1860 ./*|../*) withval="`pwd`/$withval" 1861 esac 1862 if test -d "$withval/lib"; then 1863 if test -n "${need_dash_r}"; then 1864 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1865 else 1866 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1867 fi 1868 else 1869 if test -n "${need_dash_r}"; then 1870 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1871 else 1872 LDFLAGS="-L${withval} ${LDFLAGS}" 1873 fi 1874 fi 1875 if test -d "$withval/include"; then 1876 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1877 else 1878 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1879 fi 1880 fi 1881 ] 1882) 1883LIBS="-lcrypto $LIBS" 1884AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 1885 [Define if your ssl headers are included 1886 with #include <openssl/header.h>]), 1887 [ 1888 dnl Check default openssl install dir 1889 if test -n "${need_dash_r}"; then 1890 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1891 else 1892 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1893 fi 1894 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1895 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1896 [ 1897 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1898 ] 1899 ) 1900 ] 1901) 1902 1903# Determine OpenSSL header version 1904AC_MSG_CHECKING([OpenSSL header version]) 1905AC_RUN_IFELSE( 1906 [AC_LANG_SOURCE([[ 1907#include <stdio.h> 1908#include <string.h> 1909#include <openssl/opensslv.h> 1910#define DATA "conftest.sslincver" 1911int main(void) { 1912 FILE *fd; 1913 int rc; 1914 1915 fd = fopen(DATA,"w"); 1916 if(fd == NULL) 1917 exit(1); 1918 1919 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1920 exit(1); 1921 1922 exit(0); 1923} 1924 ]])], 1925 [ 1926 ssl_header_ver=`cat conftest.sslincver` 1927 AC_MSG_RESULT($ssl_header_ver) 1928 ], 1929 [ 1930 AC_MSG_RESULT(not found) 1931 AC_MSG_ERROR(OpenSSL version header not found.) 1932 ], 1933 [ 1934 AC_MSG_WARN([cross compiling: not checking]) 1935 ] 1936) 1937 1938# Determine OpenSSL library version 1939AC_MSG_CHECKING([OpenSSL library version]) 1940AC_RUN_IFELSE( 1941 [AC_LANG_SOURCE([[ 1942#include <stdio.h> 1943#include <string.h> 1944#include <openssl/opensslv.h> 1945#include <openssl/crypto.h> 1946#define DATA "conftest.ssllibver" 1947int main(void) { 1948 FILE *fd; 1949 int rc; 1950 1951 fd = fopen(DATA,"w"); 1952 if(fd == NULL) 1953 exit(1); 1954 1955 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1956 exit(1); 1957 1958 exit(0); 1959} 1960 ]])], 1961 [ 1962 ssl_library_ver=`cat conftest.ssllibver` 1963 AC_MSG_RESULT($ssl_library_ver) 1964 ], 1965 [ 1966 AC_MSG_RESULT(not found) 1967 AC_MSG_ERROR(OpenSSL library not found.) 1968 ], 1969 [ 1970 AC_MSG_WARN([cross compiling: not checking]) 1971 ] 1972) 1973 1974AC_ARG_WITH(openssl-header-check, 1975 [ --without-openssl-header-check Disable OpenSSL version consistency check], 1976 [ if test "x$withval" = "xno" ; then 1977 openssl_check_nonfatal=1 1978 fi 1979 ] 1980) 1981 1982# Sanity check OpenSSL headers 1983AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1984AC_RUN_IFELSE( 1985 [AC_LANG_SOURCE([[ 1986#include <string.h> 1987#include <openssl/opensslv.h> 1988int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1989 ]])], 1990 [ 1991 AC_MSG_RESULT(yes) 1992 ], 1993 [ 1994 AC_MSG_RESULT(no) 1995 if test "x$openssl_check_nonfatal" = "x"; then 1996 AC_MSG_ERROR([Your OpenSSL headers do not match your 1997library. Check config.log for details. 1998If you are sure your installation is consistent, you can disable the check 1999by running "./configure --without-openssl-header-check". 2000Also see contrib/findssl.sh for help identifying header/library mismatches. 2001]) 2002 else 2003 AC_MSG_WARN([Your OpenSSL headers do not match your 2004library. Check config.log for details. 2005Also see contrib/findssl.sh for help identifying header/library mismatches.]) 2006 fi 2007 ], 2008 [ 2009 AC_MSG_WARN([cross compiling: not checking]) 2010 ] 2011) 2012 2013AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 2014AC_LINK_IFELSE( 2015 [AC_LANG_SOURCE([[ 2016#include <openssl/evp.h> 2017int main(void) { SSLeay_add_all_algorithms(); } 2018 ]])], 2019 [ 2020 AC_MSG_RESULT(yes) 2021 ], 2022 [ 2023 AC_MSG_RESULT(no) 2024 saved_LIBS="$LIBS" 2025 LIBS="$LIBS -ldl" 2026 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 2027 AC_LINK_IFELSE( 2028 [AC_LANG_SOURCE([[ 2029#include <openssl/evp.h> 2030int main(void) { SSLeay_add_all_algorithms(); } 2031 ]])], 2032 [ 2033 AC_MSG_RESULT(yes) 2034 ], 2035 [ 2036 AC_MSG_RESULT(no) 2037 LIBS="$saved_LIBS" 2038 ] 2039 ) 2040 ] 2041) 2042 2043AC_ARG_WITH(ssl-engine, 2044 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2045 [ if test "x$withval" != "xno" ; then 2046 AC_MSG_CHECKING(for OpenSSL ENGINE support) 2047 AC_TRY_COMPILE( 2048 [ #include <openssl/engine.h>], 2049 [ 2050ENGINE_load_builtin_engines();ENGINE_register_all_complete(); 2051 ], 2052 [ AC_MSG_RESULT(yes) 2053 AC_DEFINE(USE_OPENSSL_ENGINE, 1, 2054 [Enable OpenSSL engine support]) 2055 ], 2056 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] 2057 ) 2058 fi ] 2059) 2060 2061# Check for OpenSSL without EVP_aes_{192,256}_cbc 2062AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 2063AC_LINK_IFELSE( 2064 [AC_LANG_SOURCE([[ 2065#include <string.h> 2066#include <openssl/evp.h> 2067int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);} 2068 ]])], 2069 [ 2070 AC_MSG_RESULT(no) 2071 ], 2072 [ 2073 AC_MSG_RESULT(yes) 2074 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 2075 [libcrypto is missing AES 192 and 256 bit functions]) 2076 ] 2077) 2078 2079# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 2080# because the system crypt() is more featureful. 2081if test "x$check_for_libcrypt_before" = "x1"; then 2082 AC_CHECK_LIB(crypt, crypt) 2083fi 2084 2085# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 2086# version in OpenSSL. 2087if test "x$check_for_libcrypt_later" = "x1"; then 2088 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 2089fi 2090 2091# Search for SHA256 support in libc and/or OpenSSL 2092AC_CHECK_FUNCS(SHA256_Update EVP_sha256) 2093 2094saved_LIBS="$LIBS" 2095AC_CHECK_LIB(iaf, ia_openinfo, [ 2096 LIBS="$LIBS -liaf" 2097 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf" 2098 AC_DEFINE(HAVE_LIBIAF, 1, 2099 [Define if system has libiaf that supports set_id]) 2100 ]) 2101]) 2102LIBS="$saved_LIBS" 2103 2104### Configure cryptographic random number support 2105 2106# Check wheter OpenSSL seeds itself 2107AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 2108AC_RUN_IFELSE( 2109 [AC_LANG_SOURCE([[ 2110#include <string.h> 2111#include <openssl/rand.h> 2112int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 2113 ]])], 2114 [ 2115 OPENSSL_SEEDS_ITSELF=yes 2116 AC_MSG_RESULT(yes) 2117 ], 2118 [ 2119 AC_MSG_RESULT(no) 2120 # Default to use of the rand helper if OpenSSL doesn't 2121 # seed itself 2122 USE_RAND_HELPER=yes 2123 ], 2124 [ 2125 AC_MSG_WARN([cross compiling: assuming yes]) 2126 # This is safe, since all recent OpenSSL versions will 2127 # complain at runtime if not seeded correctly. 2128 OPENSSL_SEEDS_ITSELF=yes 2129 ] 2130) 2131 2132# Check for PAM libs 2133PAM_MSG="no" 2134AC_ARG_WITH(pam, 2135 [ --with-pam Enable PAM support ], 2136 [ 2137 if test "x$withval" != "xno" ; then 2138 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2139 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2140 AC_MSG_ERROR([PAM headers not found]) 2141 fi 2142 2143 saved_LIBS="$LIBS" 2144 AC_CHECK_LIB(dl, dlopen, , ) 2145 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 2146 AC_CHECK_FUNCS(pam_getenvlist) 2147 AC_CHECK_FUNCS(pam_putenv) 2148 LIBS="$saved_LIBS" 2149 2150 PAM_MSG="yes" 2151 2152 SSHDLIBS="$SSHDLIBS -lpam" 2153 AC_DEFINE(USE_PAM, 1, 2154 [Define if you want to enable PAM support]) 2155 2156 if test $ac_cv_lib_dl_dlopen = yes; then 2157 case "$LIBS" in 2158 *-ldl*) 2159 # libdl already in LIBS 2160 ;; 2161 *) 2162 SSHDLIBS="$SSHDLIBS -ldl" 2163 ;; 2164 esac 2165 fi 2166 fi 2167 ] 2168) 2169 2170# Check for older PAM 2171if test "x$PAM_MSG" = "xyes" ; then 2172 # Check PAM strerror arguments (old PAM) 2173 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2174 AC_TRY_COMPILE( 2175 [ 2176#include <stdlib.h> 2177#if defined(HAVE_SECURITY_PAM_APPL_H) 2178#include <security/pam_appl.h> 2179#elif defined (HAVE_PAM_PAM_APPL_H) 2180#include <pam/pam_appl.h> 2181#endif 2182 ], 2183 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 2184 [AC_MSG_RESULT(no)], 2185 [ 2186 AC_DEFINE(HAVE_OLD_PAM, 1, 2187 [Define if you have an old version of PAM 2188 which takes only one argument to pam_strerror]) 2189 AC_MSG_RESULT(yes) 2190 PAM_MSG="yes (old library)" 2191 ] 2192 ) 2193fi 2194 2195# Do we want to force the use of the rand helper? 2196AC_ARG_WITH(rand-helper, 2197 [ --with-rand-helper Use subprocess to gather strong randomness ], 2198 [ 2199 if test "x$withval" = "xno" ; then 2200 # Force use of OpenSSL's internal RNG, even if 2201 # the previous test showed it to be unseeded. 2202 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 2203 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 2204 OPENSSL_SEEDS_ITSELF=yes 2205 USE_RAND_HELPER="" 2206 fi 2207 else 2208 USE_RAND_HELPER=yes 2209 fi 2210 ], 2211) 2212 2213# Which randomness source do we use? 2214if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 2215 # OpenSSL only 2216 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 2217 [Define if you want OpenSSL's internally seeded PRNG only]) 2218 RAND_MSG="OpenSSL internal ONLY" 2219 INSTALL_SSH_RAND_HELPER="" 2220elif test ! -z "$USE_RAND_HELPER" ; then 2221 # install rand helper 2222 RAND_MSG="ssh-rand-helper" 2223 INSTALL_SSH_RAND_HELPER="yes" 2224fi 2225AC_SUBST(INSTALL_SSH_RAND_HELPER) 2226 2227### Configuration of ssh-rand-helper 2228 2229# PRNGD TCP socket 2230AC_ARG_WITH(prngd-port, 2231 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2232 [ 2233 case "$withval" in 2234 no) 2235 withval="" 2236 ;; 2237 [[0-9]]*) 2238 ;; 2239 *) 2240 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 2241 ;; 2242 esac 2243 if test ! -z "$withval" ; then 2244 PRNGD_PORT="$withval" 2245 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 2246 [Port number of PRNGD/EGD random number socket]) 2247 fi 2248 ] 2249) 2250 2251# PRNGD Unix domain socket 2252AC_ARG_WITH(prngd-socket, 2253 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2254 [ 2255 case "$withval" in 2256 yes) 2257 withval="/var/run/egd-pool" 2258 ;; 2259 no) 2260 withval="" 2261 ;; 2262 /*) 2263 ;; 2264 *) 2265 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 2266 ;; 2267 esac 2268 2269 if test ! -z "$withval" ; then 2270 if test ! -z "$PRNGD_PORT" ; then 2271 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2272 fi 2273 if test ! -r "$withval" ; then 2274 AC_MSG_WARN(Entropy socket is not readable) 2275 fi 2276 PRNGD_SOCKET="$withval" 2277 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2278 [Location of PRNGD/EGD random number socket]) 2279 fi 2280 ], 2281 [ 2282 # Check for existing socket only if we don't have a random device already 2283 if test "$USE_RAND_HELPER" = yes ; then 2284 AC_MSG_CHECKING(for PRNGD/EGD socket) 2285 # Insert other locations here 2286 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2287 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2288 PRNGD_SOCKET="$sock" 2289 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2290 break; 2291 fi 2292 done 2293 if test ! -z "$PRNGD_SOCKET" ; then 2294 AC_MSG_RESULT($PRNGD_SOCKET) 2295 else 2296 AC_MSG_RESULT(not found) 2297 fi 2298 fi 2299 ] 2300) 2301 2302# Change default command timeout for hashing entropy source 2303entropy_timeout=200 2304AC_ARG_WITH(entropy-timeout, 2305 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2306 [ 2307 if test -n "$withval" && test "x$withval" != "xno" && \ 2308 test "x${withval}" != "xyes"; then 2309 entropy_timeout=$withval 2310 fi 2311 ] 2312) 2313AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2314 [Builtin PRNG command timeout]) 2315 2316SSH_PRIVSEP_USER=sshd 2317AC_ARG_WITH(privsep-user, 2318 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2319 [ 2320 if test -n "$withval" && test "x$withval" != "xno" && \ 2321 test "x${withval}" != "xyes"; then 2322 SSH_PRIVSEP_USER=$withval 2323 fi 2324 ] 2325) 2326AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2327 [non-privileged user for privilege separation]) 2328AC_SUBST(SSH_PRIVSEP_USER) 2329 2330# We do this little dance with the search path to insure 2331# that programs that we select for use by installed programs 2332# (which may be run by the super-user) come from trusted 2333# locations before they come from the user's private area. 2334# This should help avoid accidentally configuring some 2335# random version of a program in someone's personal bin. 2336 2337OPATH=$PATH 2338PATH=/bin:/usr/bin 2339test -h /bin 2> /dev/null && PATH=/usr/bin 2340test -d /sbin && PATH=$PATH:/sbin 2341test -d /usr/sbin && PATH=$PATH:/usr/sbin 2342PATH=$PATH:/etc:$OPATH 2343 2344# These programs are used by the command hashing source to gather entropy 2345OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2346OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2347OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2348OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2349OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2350OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2351OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2352OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2353OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2354OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2355OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2356OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2357OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2358OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2359OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2360OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2361# restore PATH 2362PATH=$OPATH 2363 2364# Where does ssh-rand-helper get its randomness from? 2365INSTALL_SSH_PRNG_CMDS="" 2366if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2367 if test ! -z "$PRNGD_PORT" ; then 2368 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2369 elif test ! -z "$PRNGD_SOCKET" ; then 2370 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2371 else 2372 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2373 RAND_HELPER_CMDHASH=yes 2374 INSTALL_SSH_PRNG_CMDS="yes" 2375 fi 2376fi 2377AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2378 2379 2380# Cheap hack to ensure NEWS-OS libraries are arranged right. 2381if test ! -z "$SONY" ; then 2382 LIBS="$LIBS -liberty"; 2383fi 2384 2385# Check for long long datatypes 2386AC_CHECK_TYPES([long long, unsigned long long, long double]) 2387 2388# Check datatype sizes 2389AC_CHECK_SIZEOF(char, 1) 2390AC_CHECK_SIZEOF(short int, 2) 2391AC_CHECK_SIZEOF(int, 4) 2392AC_CHECK_SIZEOF(long int, 4) 2393AC_CHECK_SIZEOF(long long int, 8) 2394 2395# Sanity check long long for some platforms (AIX) 2396if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2397 ac_cv_sizeof_long_long_int=0 2398fi 2399 2400# compute LLONG_MIN and LLONG_MAX if we don't know them. 2401if test -z "$have_llong_max"; then 2402 AC_MSG_CHECKING([for max value of long long]) 2403 AC_RUN_IFELSE( 2404 [AC_LANG_SOURCE([[ 2405#include <stdio.h> 2406/* Why is this so damn hard? */ 2407#ifdef __GNUC__ 2408# undef __GNUC__ 2409#endif 2410#define __USE_ISOC99 2411#include <limits.h> 2412#define DATA "conftest.llminmax" 2413#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) 2414 2415/* 2416 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2417 * we do this the hard way. 2418 */ 2419static int 2420fprint_ll(FILE *f, long long n) 2421{ 2422 unsigned int i; 2423 int l[sizeof(long long) * 8]; 2424 2425 if (n < 0) 2426 if (fprintf(f, "-") < 0) 2427 return -1; 2428 for (i = 0; n != 0; i++) { 2429 l[i] = my_abs(n % 10); 2430 n /= 10; 2431 } 2432 do { 2433 if (fprintf(f, "%d", l[--i]) < 0) 2434 return -1; 2435 } while (i != 0); 2436 if (fprintf(f, " ") < 0) 2437 return -1; 2438 return 0; 2439} 2440 2441int main(void) { 2442 FILE *f; 2443 long long i, llmin, llmax = 0; 2444 2445 if((f = fopen(DATA,"w")) == NULL) 2446 exit(1); 2447 2448#if defined(LLONG_MIN) && defined(LLONG_MAX) 2449 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2450 llmin = LLONG_MIN; 2451 llmax = LLONG_MAX; 2452#else 2453 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2454 /* This will work on one's complement and two's complement */ 2455 for (i = 1; i > llmax; i <<= 1, i++) 2456 llmax = i; 2457 llmin = llmax + 1LL; /* wrap */ 2458#endif 2459 2460 /* Sanity check */ 2461 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2462 || llmax - 1 > llmax || llmin == llmax || llmin == 0 2463 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { 2464 fprintf(f, "unknown unknown\n"); 2465 exit(2); 2466 } 2467 2468 if (fprint_ll(f, llmin) < 0) 2469 exit(3); 2470 if (fprint_ll(f, llmax) < 0) 2471 exit(4); 2472 if (fclose(f) < 0) 2473 exit(5); 2474 exit(0); 2475} 2476 ]])], 2477 [ 2478 llong_min=`$AWK '{print $1}' conftest.llminmax` 2479 llong_max=`$AWK '{print $2}' conftest.llminmax` 2480 2481 AC_MSG_RESULT($llong_max) 2482 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2483 [max value of long long calculated by configure]) 2484 AC_MSG_CHECKING([for min value of long long]) 2485 AC_MSG_RESULT($llong_min) 2486 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2487 [min value of long long calculated by configure]) 2488 ], 2489 [ 2490 AC_MSG_RESULT(not found) 2491 ], 2492 [ 2493 AC_MSG_WARN([cross compiling: not checking]) 2494 ] 2495 ) 2496fi 2497 2498 2499# More checks for data types 2500AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2501 AC_TRY_COMPILE( 2502 [ #include <sys/types.h> ], 2503 [ u_int a; a = 1;], 2504 [ ac_cv_have_u_int="yes" ], 2505 [ ac_cv_have_u_int="no" ] 2506 ) 2507]) 2508if test "x$ac_cv_have_u_int" = "xyes" ; then 2509 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2510 have_u_int=1 2511fi 2512 2513AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2514 AC_TRY_COMPILE( 2515 [ #include <sys/types.h> ], 2516 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2517 [ ac_cv_have_intxx_t="yes" ], 2518 [ ac_cv_have_intxx_t="no" ] 2519 ) 2520]) 2521if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2522 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2523 have_intxx_t=1 2524fi 2525 2526if (test -z "$have_intxx_t" && \ 2527 test "x$ac_cv_header_stdint_h" = "xyes") 2528then 2529 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2530 AC_TRY_COMPILE( 2531 [ #include <stdint.h> ], 2532 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2533 [ 2534 AC_DEFINE(HAVE_INTXX_T) 2535 AC_MSG_RESULT(yes) 2536 ], 2537 [ AC_MSG_RESULT(no) ] 2538 ) 2539fi 2540 2541AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2542 AC_TRY_COMPILE( 2543 [ 2544#include <sys/types.h> 2545#ifdef HAVE_STDINT_H 2546# include <stdint.h> 2547#endif 2548#include <sys/socket.h> 2549#ifdef HAVE_SYS_BITYPES_H 2550# include <sys/bitypes.h> 2551#endif 2552 ], 2553 [ int64_t a; a = 1;], 2554 [ ac_cv_have_int64_t="yes" ], 2555 [ ac_cv_have_int64_t="no" ] 2556 ) 2557]) 2558if test "x$ac_cv_have_int64_t" = "xyes" ; then 2559 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2560fi 2561 2562AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2563 AC_TRY_COMPILE( 2564 [ #include <sys/types.h> ], 2565 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2566 [ ac_cv_have_u_intxx_t="yes" ], 2567 [ ac_cv_have_u_intxx_t="no" ] 2568 ) 2569]) 2570if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2571 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2572 have_u_intxx_t=1 2573fi 2574 2575if test -z "$have_u_intxx_t" ; then 2576 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2577 AC_TRY_COMPILE( 2578 [ #include <sys/socket.h> ], 2579 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2580 [ 2581 AC_DEFINE(HAVE_U_INTXX_T) 2582 AC_MSG_RESULT(yes) 2583 ], 2584 [ AC_MSG_RESULT(no) ] 2585 ) 2586fi 2587 2588AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2589 AC_TRY_COMPILE( 2590 [ #include <sys/types.h> ], 2591 [ u_int64_t a; a = 1;], 2592 [ ac_cv_have_u_int64_t="yes" ], 2593 [ ac_cv_have_u_int64_t="no" ] 2594 ) 2595]) 2596if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2597 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2598 have_u_int64_t=1 2599fi 2600 2601if test -z "$have_u_int64_t" ; then 2602 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2603 AC_TRY_COMPILE( 2604 [ #include <sys/bitypes.h> ], 2605 [ u_int64_t a; a = 1], 2606 [ 2607 AC_DEFINE(HAVE_U_INT64_T) 2608 AC_MSG_RESULT(yes) 2609 ], 2610 [ AC_MSG_RESULT(no) ] 2611 ) 2612fi 2613 2614if test -z "$have_u_intxx_t" ; then 2615 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2616 AC_TRY_COMPILE( 2617 [ 2618#include <sys/types.h> 2619 ], 2620 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2621 [ ac_cv_have_uintxx_t="yes" ], 2622 [ ac_cv_have_uintxx_t="no" ] 2623 ) 2624 ]) 2625 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2626 AC_DEFINE(HAVE_UINTXX_T, 1, 2627 [define if you have uintxx_t data type]) 2628 fi 2629fi 2630 2631if test -z "$have_uintxx_t" ; then 2632 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2633 AC_TRY_COMPILE( 2634 [ #include <stdint.h> ], 2635 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2636 [ 2637 AC_DEFINE(HAVE_UINTXX_T) 2638 AC_MSG_RESULT(yes) 2639 ], 2640 [ AC_MSG_RESULT(no) ] 2641 ) 2642fi 2643 2644if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2645 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2646then 2647 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2648 AC_TRY_COMPILE( 2649 [ 2650#include <sys/bitypes.h> 2651 ], 2652 [ 2653 int8_t a; int16_t b; int32_t c; 2654 u_int8_t e; u_int16_t f; u_int32_t g; 2655 a = b = c = e = f = g = 1; 2656 ], 2657 [ 2658 AC_DEFINE(HAVE_U_INTXX_T) 2659 AC_DEFINE(HAVE_INTXX_T) 2660 AC_MSG_RESULT(yes) 2661 ], 2662 [AC_MSG_RESULT(no)] 2663 ) 2664fi 2665 2666 2667AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2668 AC_TRY_COMPILE( 2669 [ 2670#include <sys/types.h> 2671 ], 2672 [ u_char foo; foo = 125; ], 2673 [ ac_cv_have_u_char="yes" ], 2674 [ ac_cv_have_u_char="no" ] 2675 ) 2676]) 2677if test "x$ac_cv_have_u_char" = "xyes" ; then 2678 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2679fi 2680 2681TYPE_SOCKLEN_T 2682 2683AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2684AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[ 2685#include <sys/types.h> 2686#ifdef HAVE_SYS_BITYPES_H 2687#include <sys/bitypes.h> 2688#endif 2689#ifdef HAVE_SYS_STATFS_H 2690#include <sys/statfs.h> 2691#endif 2692#ifdef HAVE_SYS_STATVFS_H 2693#include <sys/statvfs.h> 2694#endif 2695]) 2696 2697AC_CHECK_TYPES(in_addr_t,,, 2698[#include <sys/types.h> 2699#include <netinet/in.h>]) 2700 2701AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2702 AC_TRY_COMPILE( 2703 [ 2704#include <sys/types.h> 2705 ], 2706 [ size_t foo; foo = 1235; ], 2707 [ ac_cv_have_size_t="yes" ], 2708 [ ac_cv_have_size_t="no" ] 2709 ) 2710]) 2711if test "x$ac_cv_have_size_t" = "xyes" ; then 2712 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2713fi 2714 2715AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2716 AC_TRY_COMPILE( 2717 [ 2718#include <sys/types.h> 2719 ], 2720 [ ssize_t foo; foo = 1235; ], 2721 [ ac_cv_have_ssize_t="yes" ], 2722 [ ac_cv_have_ssize_t="no" ] 2723 ) 2724]) 2725if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2726 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2727fi 2728 2729AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2730 AC_TRY_COMPILE( 2731 [ 2732#include <time.h> 2733 ], 2734 [ clock_t foo; foo = 1235; ], 2735 [ ac_cv_have_clock_t="yes" ], 2736 [ ac_cv_have_clock_t="no" ] 2737 ) 2738]) 2739if test "x$ac_cv_have_clock_t" = "xyes" ; then 2740 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2741fi 2742 2743AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2744 AC_TRY_COMPILE( 2745 [ 2746#include <sys/types.h> 2747#include <sys/socket.h> 2748 ], 2749 [ sa_family_t foo; foo = 1235; ], 2750 [ ac_cv_have_sa_family_t="yes" ], 2751 [ AC_TRY_COMPILE( 2752 [ 2753#include <sys/types.h> 2754#include <sys/socket.h> 2755#include <netinet/in.h> 2756 ], 2757 [ sa_family_t foo; foo = 1235; ], 2758 [ ac_cv_have_sa_family_t="yes" ], 2759 2760 [ ac_cv_have_sa_family_t="no" ] 2761 )] 2762 ) 2763]) 2764if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2765 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2766 [define if you have sa_family_t data type]) 2767fi 2768 2769AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2770 AC_TRY_COMPILE( 2771 [ 2772#include <sys/types.h> 2773 ], 2774 [ pid_t foo; foo = 1235; ], 2775 [ ac_cv_have_pid_t="yes" ], 2776 [ ac_cv_have_pid_t="no" ] 2777 ) 2778]) 2779if test "x$ac_cv_have_pid_t" = "xyes" ; then 2780 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2781fi 2782 2783AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2784 AC_TRY_COMPILE( 2785 [ 2786#include <sys/types.h> 2787 ], 2788 [ mode_t foo; foo = 1235; ], 2789 [ ac_cv_have_mode_t="yes" ], 2790 [ ac_cv_have_mode_t="no" ] 2791 ) 2792]) 2793if test "x$ac_cv_have_mode_t" = "xyes" ; then 2794 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2795fi 2796 2797 2798AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2799 AC_TRY_COMPILE( 2800 [ 2801#include <sys/types.h> 2802#include <sys/socket.h> 2803 ], 2804 [ struct sockaddr_storage s; ], 2805 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2806 [ ac_cv_have_struct_sockaddr_storage="no" ] 2807 ) 2808]) 2809if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2810 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 2811 [define if you have struct sockaddr_storage data type]) 2812fi 2813 2814AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2815 AC_TRY_COMPILE( 2816 [ 2817#include <sys/types.h> 2818#include <netinet/in.h> 2819 ], 2820 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2821 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2822 [ ac_cv_have_struct_sockaddr_in6="no" ] 2823 ) 2824]) 2825if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2826 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 2827 [define if you have struct sockaddr_in6 data type]) 2828fi 2829 2830AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2831 AC_TRY_COMPILE( 2832 [ 2833#include <sys/types.h> 2834#include <netinet/in.h> 2835 ], 2836 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2837 [ ac_cv_have_struct_in6_addr="yes" ], 2838 [ ac_cv_have_struct_in6_addr="no" ] 2839 ) 2840]) 2841if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2842 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 2843 [define if you have struct in6_addr data type])
|
2844 2845dnl Now check for sin6_scope_id 2846 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,, 2847 [ 2848#ifdef HAVE_SYS_TYPES_H 2849#include <sys/types.h> 2850#endif 2851#include <netinet/in.h> 2852 ]) |
2853fi 2854 2855AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2856 AC_TRY_COMPILE( 2857 [ 2858#include <sys/types.h> 2859#include <sys/socket.h> 2860#include <netdb.h> 2861 ], 2862 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2863 [ ac_cv_have_struct_addrinfo="yes" ], 2864 [ ac_cv_have_struct_addrinfo="no" ] 2865 ) 2866]) 2867if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2868 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 2869 [define if you have struct addrinfo data type]) 2870fi 2871 2872AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2873 AC_TRY_COMPILE( 2874 [ #include <sys/time.h> ], 2875 [ struct timeval tv; tv.tv_sec = 1;], 2876 [ ac_cv_have_struct_timeval="yes" ], 2877 [ ac_cv_have_struct_timeval="no" ] 2878 ) 2879]) 2880if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2881 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 2882 have_struct_timeval=1 2883fi 2884 2885AC_CHECK_TYPES(struct timespec) 2886 2887# We need int64_t or else certian parts of the compile will fail. 2888if test "x$ac_cv_have_int64_t" = "xno" && \ 2889 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2890 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2891 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2892 echo "an alternative compiler (I.E., GCC) before continuing." 2893 echo "" 2894 exit 1; 2895else 2896dnl test snprintf (broken on SCO w/gcc) 2897 AC_RUN_IFELSE( 2898 [AC_LANG_SOURCE([[ 2899#include <stdio.h> 2900#include <string.h> 2901#ifdef HAVE_SNPRINTF 2902main() 2903{ 2904 char buf[50]; 2905 char expected_out[50]; 2906 int mazsize = 50 ; 2907#if (SIZEOF_LONG_INT == 8) 2908 long int num = 0x7fffffffffffffff; 2909#else 2910 long long num = 0x7fffffffffffffffll; 2911#endif 2912 strcpy(expected_out, "9223372036854775807"); 2913 snprintf(buf, mazsize, "%lld", num); 2914 if(strcmp(buf, expected_out) != 0) 2915 exit(1); 2916 exit(0); 2917} 2918#else 2919main() { exit(0); } 2920#endif 2921 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2922 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2923 ) 2924fi 2925 2926dnl Checks for structure members 2927OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2928OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2929OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2930OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2931OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2932OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2933OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2934OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2935OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2936OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2937OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2938OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2939OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2940OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2941OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2942OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2943OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2944 2945AC_CHECK_MEMBERS([struct stat.st_blksize]) 2946AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 2947 [Define if we don't have struct __res_state in resolv.h])], 2948[ 2949#include <stdio.h> 2950#if HAVE_SYS_TYPES_H 2951# include <sys/types.h> 2952#endif 2953#include <netinet/in.h> 2954#include <arpa/nameser.h> 2955#include <resolv.h> 2956]) 2957 2958AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2959 ac_cv_have_ss_family_in_struct_ss, [ 2960 AC_TRY_COMPILE( 2961 [ 2962#include <sys/types.h> 2963#include <sys/socket.h> 2964 ], 2965 [ struct sockaddr_storage s; s.ss_family = 1; ], 2966 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2967 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2968 ) 2969]) 2970if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2971 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 2972fi 2973 2974AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2975 ac_cv_have___ss_family_in_struct_ss, [ 2976 AC_TRY_COMPILE( 2977 [ 2978#include <sys/types.h> 2979#include <sys/socket.h> 2980 ], 2981 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2982 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2983 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2984 ) 2985]) 2986if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2987 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 2988 [Fields in struct sockaddr_storage]) 2989fi 2990 2991AC_CACHE_CHECK([for pw_class field in struct passwd], 2992 ac_cv_have_pw_class_in_struct_passwd, [ 2993 AC_TRY_COMPILE( 2994 [ 2995#include <pwd.h> 2996 ], 2997 [ struct passwd p; p.pw_class = 0; ], 2998 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2999 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 3000 ) 3001]) 3002if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 3003 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 3004 [Define if your password has a pw_class field]) 3005fi 3006 3007AC_CACHE_CHECK([for pw_expire field in struct passwd], 3008 ac_cv_have_pw_expire_in_struct_passwd, [ 3009 AC_TRY_COMPILE( 3010 [ 3011#include <pwd.h> 3012 ], 3013 [ struct passwd p; p.pw_expire = 0; ], 3014 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 3015 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 3016 ) 3017]) 3018if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 3019 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 3020 [Define if your password has a pw_expire field]) 3021fi 3022 3023AC_CACHE_CHECK([for pw_change field in struct passwd], 3024 ac_cv_have_pw_change_in_struct_passwd, [ 3025 AC_TRY_COMPILE( 3026 [ 3027#include <pwd.h> 3028 ], 3029 [ struct passwd p; p.pw_change = 0; ], 3030 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 3031 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 3032 ) 3033]) 3034if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 3035 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 3036 [Define if your password has a pw_change field]) 3037fi 3038 3039dnl make sure we're using the real structure members and not defines 3040AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 3041 ac_cv_have_accrights_in_msghdr, [ 3042 AC_COMPILE_IFELSE( 3043 [ 3044#include <sys/types.h> 3045#include <sys/socket.h> 3046#include <sys/uio.h> 3047int main() { 3048#ifdef msg_accrights 3049#error "msg_accrights is a macro" 3050exit(1); 3051#endif 3052struct msghdr m; 3053m.msg_accrights = 0; 3054exit(0); 3055} 3056 ], 3057 [ ac_cv_have_accrights_in_msghdr="yes" ], 3058 [ ac_cv_have_accrights_in_msghdr="no" ] 3059 ) 3060]) 3061if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 3062 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 3063 [Define if your system uses access rights style 3064 file descriptor passing]) 3065fi 3066 3067AC_MSG_CHECKING(if f_fsid has val members) 3068AC_TRY_COMPILE([ 3069#include <sys/types.h> 3070#include <sys/statvfs.h>], 3071[struct fsid_t t; t.val[0] = 0;], 3072 [ AC_MSG_RESULT(yes) 3073 AC_DEFINE(FSID_HAS_VAL, 1, f_fsid has members) ], 3074 [ AC_MSG_RESULT(no) ] 3075) 3076 3077AC_CACHE_CHECK([for msg_control field in struct msghdr], 3078 ac_cv_have_control_in_msghdr, [ 3079 AC_COMPILE_IFELSE( 3080 [ 3081#include <sys/types.h> 3082#include <sys/socket.h> 3083#include <sys/uio.h> 3084int main() { 3085#ifdef msg_control 3086#error "msg_control is a macro" 3087exit(1); 3088#endif 3089struct msghdr m; 3090m.msg_control = 0; 3091exit(0); 3092} 3093 ], 3094 [ ac_cv_have_control_in_msghdr="yes" ], 3095 [ ac_cv_have_control_in_msghdr="no" ] 3096 ) 3097]) 3098if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 3099 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 3100 [Define if your system uses ancillary data style 3101 file descriptor passing]) 3102fi 3103 3104AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 3105 AC_TRY_LINK([], 3106 [ extern char *__progname; printf("%s", __progname); ], 3107 [ ac_cv_libc_defines___progname="yes" ], 3108 [ ac_cv_libc_defines___progname="no" ] 3109 ) 3110]) 3111if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 3112 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 3113fi 3114 3115AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 3116 AC_TRY_LINK([ 3117#include <stdio.h> 3118], 3119 [ printf("%s", __FUNCTION__); ], 3120 [ ac_cv_cc_implements___FUNCTION__="yes" ], 3121 [ ac_cv_cc_implements___FUNCTION__="no" ] 3122 ) 3123]) 3124if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 3125 AC_DEFINE(HAVE___FUNCTION__, 1, 3126 [Define if compiler implements __FUNCTION__]) 3127fi 3128 3129AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 3130 AC_TRY_LINK([ 3131#include <stdio.h> 3132], 3133 [ printf("%s", __func__); ], 3134 [ ac_cv_cc_implements___func__="yes" ], 3135 [ ac_cv_cc_implements___func__="no" ] 3136 ) 3137]) 3138if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 3139 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 3140fi 3141 3142AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 3143 AC_TRY_LINK( 3144 [#include <stdarg.h> 3145 va_list x,y;], 3146 [va_copy(x,y);], 3147 [ ac_cv_have_va_copy="yes" ], 3148 [ ac_cv_have_va_copy="no" ] 3149 ) 3150]) 3151if test "x$ac_cv_have_va_copy" = "xyes" ; then 3152 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 3153fi 3154 3155AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3156 AC_TRY_LINK( 3157 [#include <stdarg.h> 3158 va_list x,y;], 3159 [__va_copy(x,y);], 3160 [ ac_cv_have___va_copy="yes" ], 3161 [ ac_cv_have___va_copy="no" ] 3162 ) 3163]) 3164if test "x$ac_cv_have___va_copy" = "xyes" ; then 3165 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 3166fi 3167 3168AC_CACHE_CHECK([whether getopt has optreset support], 3169 ac_cv_have_getopt_optreset, [ 3170 AC_TRY_LINK( 3171 [ 3172#include <getopt.h> 3173 ], 3174 [ extern int optreset; optreset = 0; ], 3175 [ ac_cv_have_getopt_optreset="yes" ], 3176 [ ac_cv_have_getopt_optreset="no" ] 3177 ) 3178]) 3179if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3180 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 3181 [Define if your getopt(3) defines and uses optreset]) 3182fi 3183 3184AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3185 AC_TRY_LINK([], 3186 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 3187 [ ac_cv_libc_defines_sys_errlist="yes" ], 3188 [ ac_cv_libc_defines_sys_errlist="no" ] 3189 ) 3190]) 3191if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3192 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 3193 [Define if your system defines sys_errlist[]]) 3194fi 3195 3196 3197AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3198 AC_TRY_LINK([], 3199 [ extern int sys_nerr; printf("%i", sys_nerr);], 3200 [ ac_cv_libc_defines_sys_nerr="yes" ], 3201 [ ac_cv_libc_defines_sys_nerr="no" ] 3202 ) 3203]) 3204if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3205 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 3206fi 3207 3208SCARD_MSG="no" 3209# Check whether user wants sectok support 3210AC_ARG_WITH(sectok, 3211 [ --with-sectok Enable smartcard support using libsectok], 3212 [ 3213 if test "x$withval" != "xno" ; then 3214 if test "x$withval" != "xyes" ; then 3215 CPPFLAGS="$CPPFLAGS -I${withval}" 3216 LDFLAGS="$LDFLAGS -L${withval}" 3217 if test ! -z "$need_dash_r" ; then 3218 LDFLAGS="$LDFLAGS -R${withval}" 3219 fi 3220 if test ! -z "$blibpath" ; then 3221 blibpath="$blibpath:${withval}" 3222 fi 3223 fi 3224 AC_CHECK_HEADERS(sectok.h) 3225 if test "$ac_cv_header_sectok_h" != yes; then 3226 AC_MSG_ERROR(Can't find sectok.h) 3227 fi 3228 AC_CHECK_LIB(sectok, sectok_open) 3229 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 3230 AC_MSG_ERROR(Can't find libsectok) 3231 fi 3232 AC_DEFINE(SMARTCARD, 1, 3233 [Define if you want smartcard support]) 3234 AC_DEFINE(USE_SECTOK, 1, 3235 [Define if you want smartcard support 3236 using sectok]) 3237 SCARD_MSG="yes, using sectok" 3238 fi 3239 ] 3240) 3241 3242# Check whether user wants OpenSC support 3243OPENSC_CONFIG="no" 3244AC_ARG_WITH(opensc, 3245 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 3246 [ 3247 if test "x$withval" != "xno" ; then 3248 if test "x$withval" != "xyes" ; then 3249 OPENSC_CONFIG=$withval/bin/opensc-config 3250 else 3251 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 3252 fi 3253 if test "$OPENSC_CONFIG" != "no"; then 3254 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 3255 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 3256 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 3257 LIBS="$LIBS $LIBOPENSC_LIBS" 3258 AC_DEFINE(SMARTCARD) 3259 AC_DEFINE(USE_OPENSC, 1, 3260 [Define if you want smartcard support 3261 using OpenSC]) 3262 SCARD_MSG="yes, using OpenSC" 3263 fi 3264 fi 3265 ] 3266) 3267 3268# Check libraries needed by DNS fingerprint support 3269AC_SEARCH_LIBS(getrrsetbyname, resolv, 3270 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 3271 [Define if getrrsetbyname() exists])], 3272 [ 3273 # Needed by our getrrsetbyname() 3274 AC_SEARCH_LIBS(res_query, resolv) 3275 AC_SEARCH_LIBS(dn_expand, resolv) 3276 AC_MSG_CHECKING(if res_query will link) 3277 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 3278 [AC_MSG_RESULT(no) 3279 saved_LIBS="$LIBS" 3280 LIBS="$LIBS -lresolv" 3281 AC_MSG_CHECKING(for res_query in -lresolv) 3282 AC_LINK_IFELSE([ 3283#include <resolv.h> 3284int main() 3285{ 3286 res_query (0, 0, 0, 0, 0); 3287 return 0; 3288} 3289 ], 3290 [LIBS="$LIBS -lresolv" 3291 AC_MSG_RESULT(yes)], 3292 [LIBS="$saved_LIBS" 3293 AC_MSG_RESULT(no)]) 3294 ]) 3295 AC_CHECK_FUNCS(_getshort _getlong) 3296 AC_CHECK_DECLS([_getshort, _getlong], , , 3297 [#include <sys/types.h> 3298 #include <arpa/nameser.h>]) 3299 AC_CHECK_MEMBER(HEADER.ad, 3300 [AC_DEFINE(HAVE_HEADER_AD, 1, 3301 [Define if HEADER.ad exists in arpa/nameser.h])],, 3302 [#include <arpa/nameser.h>]) 3303 ]) 3304 3305AC_MSG_CHECKING(if struct __res_state _res is an extern) 3306AC_LINK_IFELSE([ 3307#include <stdio.h> 3308#if HAVE_SYS_TYPES_H 3309# include <sys/types.h> 3310#endif 3311#include <netinet/in.h> 3312#include <arpa/nameser.h> 3313#include <resolv.h> 3314extern struct __res_state _res; 3315int main() { return 0; } 3316 ], 3317 [AC_MSG_RESULT(yes) 3318 AC_DEFINE(HAVE__RES_EXTERN, 1, 3319 [Define if you have struct __res_state _res as an extern]) 3320 ], 3321 [ AC_MSG_RESULT(no) ] 3322) 3323 3324# Check whether user wants SELinux support 3325SELINUX_MSG="no" 3326LIBSELINUX="" 3327AC_ARG_WITH(selinux, 3328 [ --with-selinux Enable SELinux support], 3329 [ if test "x$withval" != "xno" ; then 3330 save_LIBS="$LIBS" 3331 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) 3332 SELINUX_MSG="yes" 3333 AC_CHECK_HEADER([selinux/selinux.h], , 3334 AC_MSG_ERROR(SELinux support requires selinux.h header)) 3335 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], 3336 AC_MSG_ERROR(SELinux support requires libselinux library)) 3337 SSHDLIBS="$SSHDLIBS $LIBSELINUX" 3338 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) 3339 LIBS="$save_LIBS" 3340 fi ] 3341) 3342 3343# Check whether user wants Kerberos 5 support 3344KRB5_MSG="no" 3345AC_ARG_WITH(kerberos5, 3346 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3347 [ if test "x$withval" != "xno" ; then 3348 if test "x$withval" = "xyes" ; then 3349 KRB5ROOT="/usr/local" 3350 else 3351 KRB5ROOT=${withval} 3352 fi 3353 3354 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3355 KRB5_MSG="yes" 3356 3357 AC_MSG_CHECKING(for krb5-config) 3358 if test -x $KRB5ROOT/bin/krb5-config ; then 3359 KRB5CONF=$KRB5ROOT/bin/krb5-config 3360 AC_MSG_RESULT($KRB5CONF) 3361 3362 AC_MSG_CHECKING(for gssapi support) 3363 if $KRB5CONF | grep gssapi >/dev/null ; then 3364 AC_MSG_RESULT(yes) 3365 AC_DEFINE(GSSAPI, 1, 3366 [Define this if you want GSSAPI 3367 support in the version 2 protocol]) 3368 k5confopts=gssapi 3369 else 3370 AC_MSG_RESULT(no) 3371 k5confopts="" 3372 fi 3373 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3374 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3375 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3376 AC_MSG_CHECKING(whether we are using Heimdal) 3377 AC_TRY_COMPILE([ #include <krb5.h> ], 3378 [ char *tmp = heimdal_version; ], 3379 [ AC_MSG_RESULT(yes) 3380 AC_DEFINE(HEIMDAL, 1, 3381 [Define this if you are using the 3382 Heimdal version of Kerberos V5]) ], 3383 AC_MSG_RESULT(no) 3384 ) 3385 else 3386 AC_MSG_RESULT(no) 3387 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3388 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3389 AC_MSG_CHECKING(whether we are using Heimdal) 3390 AC_TRY_COMPILE([ #include <krb5.h> ], 3391 [ char *tmp = heimdal_version; ], 3392 [ AC_MSG_RESULT(yes) 3393 AC_DEFINE(HEIMDAL) 3394 K5LIBS="-lkrb5 -ldes" 3395 K5LIBS="$K5LIBS -lcom_err -lasn1" 3396 AC_CHECK_LIB(roken, net_write, 3397 [K5LIBS="$K5LIBS -lroken"]) 3398 ], 3399 [ AC_MSG_RESULT(no) 3400 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3401 ] 3402 ) 3403 AC_SEARCH_LIBS(dn_expand, resolv) 3404 3405 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context, 3406 [ AC_DEFINE(GSSAPI) 3407 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3408 [ AC_CHECK_LIB(gssapi, gss_init_sec_context, 3409 [ AC_DEFINE(GSSAPI) 3410 K5LIBS="-lgssapi $K5LIBS" ], 3411 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3412 $K5LIBS) 3413 ], 3414 $K5LIBS) 3415 3416 AC_CHECK_HEADER(gssapi.h, , 3417 [ unset ac_cv_header_gssapi_h 3418 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3419 AC_CHECK_HEADERS(gssapi.h, , 3420 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3421 ) 3422 ] 3423 ) 3424 3425 oldCPP="$CPPFLAGS" 3426 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3427 AC_CHECK_HEADER(gssapi_krb5.h, , 3428 [ CPPFLAGS="$oldCPP" ]) 3429 3430 fi 3431 if test ! -z "$need_dash_r" ; then 3432 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3433 fi 3434 if test ! -z "$blibpath" ; then 3435 blibpath="$blibpath:${KRB5ROOT}/lib" 3436 fi 3437 3438 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3439 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3440 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3441 3442 LIBS="$LIBS $K5LIBS" 3443 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3444 [Define this if you want to use libkafs' AFS support])) 3445 fi 3446 ] 3447) 3448 3449# Looking for programs, paths and files 3450 3451PRIVSEP_PATH=/var/empty 3452AC_ARG_WITH(privsep-path, 3453 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3454 [ 3455 if test -n "$withval" && test "x$withval" != "xno" && \ 3456 test "x${withval}" != "xyes"; then 3457 PRIVSEP_PATH=$withval 3458 fi 3459 ] 3460) 3461AC_SUBST(PRIVSEP_PATH) 3462 3463AC_ARG_WITH(xauth, 3464 [ --with-xauth=PATH Specify path to xauth program ], 3465 [ 3466 if test -n "$withval" && test "x$withval" != "xno" && \ 3467 test "x${withval}" != "xyes"; then 3468 xauth_path=$withval 3469 fi 3470 ], 3471 [ 3472 TestPath="$PATH" 3473 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3474 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3475 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3476 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3477 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3478 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3479 xauth_path="/usr/openwin/bin/xauth" 3480 fi 3481 ] 3482) 3483 3484STRIP_OPT=-s 3485AC_ARG_ENABLE(strip, 3486 [ --disable-strip Disable calling strip(1) on install], 3487 [ 3488 if test "x$enableval" = "xno" ; then 3489 STRIP_OPT= 3490 fi 3491 ] 3492) 3493AC_SUBST(STRIP_OPT) 3494 3495if test -z "$xauth_path" ; then 3496 XAUTH_PATH="undefined" 3497 AC_SUBST(XAUTH_PATH) 3498else 3499 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3500 [Define if xauth is found in your path]) 3501 XAUTH_PATH=$xauth_path 3502 AC_SUBST(XAUTH_PATH) 3503fi 3504 3505# Check for mail directory (last resort if we cannot get it from headers) 3506if test ! -z "$MAIL" ; then 3507 maildir=`dirname $MAIL` 3508 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3509 [Set this to your mail directory if you don't have maillock.h]) 3510fi 3511 3512if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3513 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3514 disable_ptmx_check=yes 3515fi 3516if test -z "$no_dev_ptmx" ; then 3517 if test "x$disable_ptmx_check" != "xyes" ; then 3518 AC_CHECK_FILE("/dev/ptmx", 3519 [ 3520 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3521 [Define if you have /dev/ptmx]) 3522 have_dev_ptmx=1 3523 ] 3524 ) 3525 fi 3526fi 3527 3528if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3529 AC_CHECK_FILE("/dev/ptc", 3530 [ 3531 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3532 [Define if you have /dev/ptc]) 3533 have_dev_ptc=1 3534 ] 3535 ) 3536else 3537 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3538fi 3539 3540# Options from here on. Some of these are preset by platform above 3541AC_ARG_WITH(mantype, 3542 [ --with-mantype=man|cat|doc Set man page type], 3543 [ 3544 case "$withval" in 3545 man|cat|doc) 3546 MANTYPE=$withval 3547 ;; 3548 *) 3549 AC_MSG_ERROR(invalid man type: $withval) 3550 ;; 3551 esac 3552 ] 3553) 3554if test -z "$MANTYPE"; then 3555 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3556 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3557 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3558 MANTYPE=doc 3559 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3560 MANTYPE=man 3561 else 3562 MANTYPE=cat 3563 fi 3564fi 3565AC_SUBST(MANTYPE) 3566if test "$MANTYPE" = "doc"; then 3567 mansubdir=man; 3568else 3569 mansubdir=$MANTYPE; 3570fi 3571AC_SUBST(mansubdir) 3572 3573# Check whether to enable MD5 passwords 3574MD5_MSG="no" 3575AC_ARG_WITH(md5-passwords, 3576 [ --with-md5-passwords Enable use of MD5 passwords], 3577 [ 3578 if test "x$withval" != "xno" ; then 3579 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3580 [Define if you want to allow MD5 passwords]) 3581 MD5_MSG="yes" 3582 fi 3583 ] 3584) 3585 3586# Whether to disable shadow password support 3587AC_ARG_WITH(shadow, 3588 [ --without-shadow Disable shadow password support], 3589 [ 3590 if test "x$withval" = "xno" ; then 3591 AC_DEFINE(DISABLE_SHADOW) 3592 disable_shadow=yes 3593 fi 3594 ] 3595) 3596 3597if test -z "$disable_shadow" ; then 3598 AC_MSG_CHECKING([if the systems has expire shadow information]) 3599 AC_TRY_COMPILE( 3600 [ 3601#include <sys/types.h> 3602#include <shadow.h> 3603 struct spwd sp; 3604 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3605 [ sp_expire_available=yes ], [] 3606 ) 3607 3608 if test "x$sp_expire_available" = "xyes" ; then 3609 AC_MSG_RESULT(yes) 3610 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3611 [Define if you want to use shadow password expire field]) 3612 else 3613 AC_MSG_RESULT(no) 3614 fi 3615fi 3616 3617# Use ip address instead of hostname in $DISPLAY 3618if test ! -z "$IPADDR_IN_DISPLAY" ; then 3619 DISPLAY_HACK_MSG="yes" 3620 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3621 [Define if you need to use IP address 3622 instead of hostname in $DISPLAY]) 3623else 3624 DISPLAY_HACK_MSG="no" 3625 AC_ARG_WITH(ipaddr-display, 3626 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3627 [ 3628 if test "x$withval" != "xno" ; then 3629 AC_DEFINE(IPADDR_IN_DISPLAY) 3630 DISPLAY_HACK_MSG="yes" 3631 fi 3632 ] 3633 ) 3634fi 3635 3636# check for /etc/default/login and use it if present. 3637AC_ARG_ENABLE(etc-default-login, 3638 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3639 [ if test "x$enableval" = "xno"; then 3640 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3641 etc_default_login=no 3642 else 3643 etc_default_login=yes 3644 fi ], 3645 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3646 then 3647 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3648 etc_default_login=no 3649 else 3650 etc_default_login=yes 3651 fi ] 3652) 3653 3654if test "x$etc_default_login" != "xno"; then 3655 AC_CHECK_FILE("/etc/default/login", 3656 [ external_path_file=/etc/default/login ]) 3657 if test "x$external_path_file" = "x/etc/default/login"; then 3658 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3659 [Define if your system has /etc/default/login]) 3660 fi 3661fi 3662 3663dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3664if test $ac_cv_func_login_getcapbool = "yes" && \ 3665 test $ac_cv_header_login_cap_h = "yes" ; then 3666 external_path_file=/etc/login.conf 3667fi 3668 3669# Whether to mess with the default path 3670SERVER_PATH_MSG="(default)" 3671AC_ARG_WITH(default-path, 3672 [ --with-default-path= Specify default \$PATH environment for server], 3673 [ 3674 if test "x$external_path_file" = "x/etc/login.conf" ; then 3675 AC_MSG_WARN([ 3676--with-default-path=PATH has no effect on this system. 3677Edit /etc/login.conf instead.]) 3678 elif test "x$withval" != "xno" ; then 3679 if test ! -z "$external_path_file" ; then 3680 AC_MSG_WARN([ 3681--with-default-path=PATH will only be used if PATH is not defined in 3682$external_path_file .]) 3683 fi 3684 user_path="$withval" 3685 SERVER_PATH_MSG="$withval" 3686 fi 3687 ], 3688 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3689 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3690 else 3691 if test ! -z "$external_path_file" ; then 3692 AC_MSG_WARN([ 3693If PATH is defined in $external_path_file, ensure the path to scp is included, 3694otherwise scp will not work.]) 3695 fi 3696 AC_RUN_IFELSE( 3697 [AC_LANG_SOURCE([[ 3698/* find out what STDPATH is */ 3699#include <stdio.h> 3700#ifdef HAVE_PATHS_H 3701# include <paths.h> 3702#endif 3703#ifndef _PATH_STDPATH 3704# ifdef _PATH_USERPATH /* Irix */ 3705# define _PATH_STDPATH _PATH_USERPATH 3706# else 3707# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3708# endif 3709#endif 3710#include <sys/types.h> 3711#include <sys/stat.h> 3712#include <fcntl.h> 3713#define DATA "conftest.stdpath" 3714 3715main() 3716{ 3717 FILE *fd; 3718 int rc; 3719 3720 fd = fopen(DATA,"w"); 3721 if(fd == NULL) 3722 exit(1); 3723 3724 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3725 exit(1); 3726 3727 exit(0); 3728} 3729 ]])], 3730 [ user_path=`cat conftest.stdpath` ], 3731 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3732 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3733 ) 3734# make sure $bindir is in USER_PATH so scp will work 3735 t_bindir=`eval echo ${bindir}` 3736 case $t_bindir in 3737 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3738 esac 3739 case $t_bindir in 3740 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3741 esac 3742 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3743 if test $? -ne 0 ; then 3744 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3745 if test $? -ne 0 ; then 3746 user_path=$user_path:$t_bindir 3747 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3748 fi 3749 fi 3750 fi ] 3751) 3752if test "x$external_path_file" != "x/etc/login.conf" ; then 3753 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3754 AC_SUBST(user_path) 3755fi 3756 3757# Set superuser path separately to user path 3758AC_ARG_WITH(superuser-path, 3759 [ --with-superuser-path= Specify different path for super-user], 3760 [ 3761 if test -n "$withval" && test "x$withval" != "xno" && \ 3762 test "x${withval}" != "xyes"; then 3763 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3764 [Define if you want a different $PATH 3765 for the superuser]) 3766 superuser_path=$withval 3767 fi 3768 ] 3769) 3770 3771 3772AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3773IPV4_IN6_HACK_MSG="no" 3774AC_ARG_WITH(4in6, 3775 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3776 [ 3777 if test "x$withval" != "xno" ; then 3778 AC_MSG_RESULT(yes) 3779 AC_DEFINE(IPV4_IN_IPV6, 1, 3780 [Detect IPv4 in IPv6 mapped addresses 3781 and treat as IPv4]) 3782 IPV4_IN6_HACK_MSG="yes" 3783 else 3784 AC_MSG_RESULT(no) 3785 fi 3786 ],[ 3787 if test "x$inet6_default_4in6" = "xyes"; then 3788 AC_MSG_RESULT([yes (default)]) 3789 AC_DEFINE(IPV4_IN_IPV6) 3790 IPV4_IN6_HACK_MSG="yes" 3791 else 3792 AC_MSG_RESULT([no (default)]) 3793 fi 3794 ] 3795) 3796 3797# Whether to enable BSD auth support 3798BSD_AUTH_MSG=no 3799AC_ARG_WITH(bsd-auth, 3800 [ --with-bsd-auth Enable BSD auth support], 3801 [ 3802 if test "x$withval" != "xno" ; then 3803 AC_DEFINE(BSD_AUTH, 1, 3804 [Define if you have BSD auth support]) 3805 BSD_AUTH_MSG=yes 3806 fi 3807 ] 3808) 3809 3810# Where to place sshd.pid 3811piddir=/var/run 3812# make sure the directory exists 3813if test ! -d $piddir ; then 3814 piddir=`eval echo ${sysconfdir}` 3815 case $piddir in 3816 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3817 esac 3818fi 3819 3820AC_ARG_WITH(pid-dir, 3821 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3822 [ 3823 if test -n "$withval" && test "x$withval" != "xno" && \ 3824 test "x${withval}" != "xyes"; then 3825 piddir=$withval 3826 if test ! -d $piddir ; then 3827 AC_MSG_WARN([** no $piddir directory on this system **]) 3828 fi 3829 fi 3830 ] 3831) 3832 3833AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 3834AC_SUBST(piddir) 3835 3836dnl allow user to disable some login recording features 3837AC_ARG_ENABLE(lastlog, 3838 [ --disable-lastlog disable use of lastlog even if detected [no]], 3839 [ 3840 if test "x$enableval" = "xno" ; then 3841 AC_DEFINE(DISABLE_LASTLOG) 3842 fi 3843 ] 3844) 3845AC_ARG_ENABLE(utmp, 3846 [ --disable-utmp disable use of utmp even if detected [no]], 3847 [ 3848 if test "x$enableval" = "xno" ; then 3849 AC_DEFINE(DISABLE_UTMP) 3850 fi 3851 ] 3852) 3853AC_ARG_ENABLE(utmpx, 3854 [ --disable-utmpx disable use of utmpx even if detected [no]], 3855 [ 3856 if test "x$enableval" = "xno" ; then 3857 AC_DEFINE(DISABLE_UTMPX, 1, 3858 [Define if you don't want to use utmpx]) 3859 fi 3860 ] 3861) 3862AC_ARG_ENABLE(wtmp, 3863 [ --disable-wtmp disable use of wtmp even if detected [no]], 3864 [ 3865 if test "x$enableval" = "xno" ; then 3866 AC_DEFINE(DISABLE_WTMP) 3867 fi 3868 ] 3869) 3870AC_ARG_ENABLE(wtmpx, 3871 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3872 [ 3873 if test "x$enableval" = "xno" ; then 3874 AC_DEFINE(DISABLE_WTMPX, 1, 3875 [Define if you don't want to use wtmpx]) 3876 fi 3877 ] 3878) 3879AC_ARG_ENABLE(libutil, 3880 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3881 [ 3882 if test "x$enableval" = "xno" ; then 3883 AC_DEFINE(DISABLE_LOGIN) 3884 fi 3885 ] 3886) 3887AC_ARG_ENABLE(pututline, 3888 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3889 [ 3890 if test "x$enableval" = "xno" ; then 3891 AC_DEFINE(DISABLE_PUTUTLINE, 1, 3892 [Define if you don't want to use pututline() 3893 etc. to write [uw]tmp]) 3894 fi 3895 ] 3896) 3897AC_ARG_ENABLE(pututxline, 3898 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3899 [ 3900 if test "x$enableval" = "xno" ; then 3901 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 3902 [Define if you don't want to use pututxline() 3903 etc. to write [uw]tmpx]) 3904 fi 3905 ] 3906) 3907AC_ARG_WITH(lastlog, 3908 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 3909 [ 3910 if test "x$withval" = "xno" ; then 3911 AC_DEFINE(DISABLE_LASTLOG) 3912 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3913 conf_lastlog_location=$withval 3914 fi 3915 ] 3916) 3917 3918dnl lastlog, [uw]tmpx? detection 3919dnl NOTE: set the paths in the platform section to avoid the 3920dnl need for command-line parameters 3921dnl lastlog and [uw]tmp are subject to a file search if all else fails 3922 3923dnl lastlog detection 3924dnl NOTE: the code itself will detect if lastlog is a directory 3925AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3926AC_TRY_COMPILE([ 3927#include <sys/types.h> 3928#include <utmp.h> 3929#ifdef HAVE_LASTLOG_H 3930# include <lastlog.h> 3931#endif 3932#ifdef HAVE_PATHS_H 3933# include <paths.h> 3934#endif 3935#ifdef HAVE_LOGIN_H 3936# include <login.h> 3937#endif 3938 ], 3939 [ char *lastlog = LASTLOG_FILE; ], 3940 [ AC_MSG_RESULT(yes) ], 3941 [ 3942 AC_MSG_RESULT(no) 3943 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3944 AC_TRY_COMPILE([ 3945#include <sys/types.h> 3946#include <utmp.h> 3947#ifdef HAVE_LASTLOG_H 3948# include <lastlog.h> 3949#endif 3950#ifdef HAVE_PATHS_H 3951# include <paths.h> 3952#endif 3953 ], 3954 [ char *lastlog = _PATH_LASTLOG; ], 3955 [ AC_MSG_RESULT(yes) ], 3956 [ 3957 AC_MSG_RESULT(no) 3958 system_lastlog_path=no 3959 ]) 3960 ] 3961) 3962 3963if test -z "$conf_lastlog_location"; then 3964 if test x"$system_lastlog_path" = x"no" ; then 3965 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3966 if (test -d "$f" || test -f "$f") ; then 3967 conf_lastlog_location=$f 3968 fi 3969 done 3970 if test -z "$conf_lastlog_location"; then 3971 AC_MSG_WARN([** Cannot find lastlog **]) 3972 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3973 fi 3974 fi 3975fi 3976 3977if test -n "$conf_lastlog_location"; then 3978 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 3979 [Define if you want to specify the path to your lastlog file]) 3980fi 3981 3982dnl utmp detection 3983AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3984AC_TRY_COMPILE([ 3985#include <sys/types.h> 3986#include <utmp.h> 3987#ifdef HAVE_PATHS_H 3988# include <paths.h> 3989#endif 3990 ], 3991 [ char *utmp = UTMP_FILE; ], 3992 [ AC_MSG_RESULT(yes) ], 3993 [ AC_MSG_RESULT(no) 3994 system_utmp_path=no ] 3995) 3996if test -z "$conf_utmp_location"; then 3997 if test x"$system_utmp_path" = x"no" ; then 3998 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3999 if test -f $f ; then 4000 conf_utmp_location=$f 4001 fi 4002 done 4003 if test -z "$conf_utmp_location"; then 4004 AC_DEFINE(DISABLE_UTMP) 4005 fi 4006 fi 4007fi 4008if test -n "$conf_utmp_location"; then 4009 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 4010 [Define if you want to specify the path to your utmp file]) 4011fi 4012 4013dnl wtmp detection 4014AC_MSG_CHECKING([if your system defines WTMP_FILE]) 4015AC_TRY_COMPILE([ 4016#include <sys/types.h> 4017#include <utmp.h> 4018#ifdef HAVE_PATHS_H 4019# include <paths.h> 4020#endif 4021 ], 4022 [ char *wtmp = WTMP_FILE; ], 4023 [ AC_MSG_RESULT(yes) ], 4024 [ AC_MSG_RESULT(no) 4025 system_wtmp_path=no ] 4026) 4027if test -z "$conf_wtmp_location"; then 4028 if test x"$system_wtmp_path" = x"no" ; then 4029 for f in /usr/adm/wtmp /var/log/wtmp; do 4030 if test -f $f ; then 4031 conf_wtmp_location=$f 4032 fi 4033 done 4034 if test -z "$conf_wtmp_location"; then 4035 AC_DEFINE(DISABLE_WTMP) 4036 fi 4037 fi 4038fi 4039if test -n "$conf_wtmp_location"; then 4040 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 4041 [Define if you want to specify the path to your wtmp file]) 4042fi 4043 4044 4045dnl utmpx detection - I don't know any system so perverse as to require 4046dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 4047dnl there, though. 4048AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 4049AC_TRY_COMPILE([ 4050#include <sys/types.h> 4051#include <utmp.h> 4052#ifdef HAVE_UTMPX_H 4053#include <utmpx.h> 4054#endif 4055#ifdef HAVE_PATHS_H 4056# include <paths.h> 4057#endif 4058 ], 4059 [ char *utmpx = UTMPX_FILE; ], 4060 [ AC_MSG_RESULT(yes) ], 4061 [ AC_MSG_RESULT(no) 4062 system_utmpx_path=no ] 4063) 4064if test -z "$conf_utmpx_location"; then 4065 if test x"$system_utmpx_path" = x"no" ; then 4066 AC_DEFINE(DISABLE_UTMPX) 4067 fi 4068else 4069 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", 4070 [Define if you want to specify the path to your utmpx file]) 4071fi 4072 4073dnl wtmpx detection 4074AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 4075AC_TRY_COMPILE([ 4076#include <sys/types.h> 4077#include <utmp.h> 4078#ifdef HAVE_UTMPX_H 4079#include <utmpx.h> 4080#endif 4081#ifdef HAVE_PATHS_H 4082# include <paths.h> 4083#endif 4084 ], 4085 [ char *wtmpx = WTMPX_FILE; ], 4086 [ AC_MSG_RESULT(yes) ], 4087 [ AC_MSG_RESULT(no) 4088 system_wtmpx_path=no ] 4089) 4090if test -z "$conf_wtmpx_location"; then 4091 if test x"$system_wtmpx_path" = x"no" ; then 4092 AC_DEFINE(DISABLE_WTMPX) 4093 fi 4094else 4095 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 4096 [Define if you want to specify the path to your wtmpx file]) 4097fi 4098 4099 4100if test ! -z "$blibpath" ; then 4101 LDFLAGS="$LDFLAGS $blibflags$blibpath" 4102 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 4103fi 4104 4105dnl Adding -Werror to CFLAGS early prevents configure tests from running. 4106dnl Add now. 4107CFLAGS="$CFLAGS $werror_flags" 4108 4109if grep "#define BROKEN_GETADDRINFO 1" confdefs.h >/dev/null || \ 4110 test "x$ac_cv_func_getaddrinfo" != "xyes" ; then 4111 AC_SUBST(TEST_SSH_IPV6, no) 4112else 4113 AC_SUBST(TEST_SSH_IPV6, yes) 4114fi 4115 4116AC_EXEEXT 4117AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 4118 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 4119 scard/Makefile ssh_prng_cmds survey.sh]) 4120AC_OUTPUT 4121 4122# Print summary of options 4123 4124# Someone please show me a better way :) 4125A=`eval echo ${prefix}` ; A=`eval echo ${A}` 4126B=`eval echo ${bindir}` ; B=`eval echo ${B}` 4127C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 4128D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 4129E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 4130F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 4131G=`eval echo ${piddir}` ; G=`eval echo ${G}` 4132H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 4133I=`eval echo ${user_path}` ; I=`eval echo ${I}` 4134J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 4135 4136echo "" 4137echo "OpenSSH has been configured with the following options:" 4138echo " User binaries: $B" 4139echo " System binaries: $C" 4140echo " Configuration files: $D" 4141echo " Askpass program: $E" 4142echo " Manual pages: $F" 4143echo " PID file: $G" 4144echo " Privilege separation chroot path: $H" 4145if test "x$external_path_file" = "x/etc/login.conf" ; then 4146echo " At runtime, sshd will use the path defined in $external_path_file" 4147echo " Make sure the path to scp is present, otherwise scp will not work" 4148else 4149echo " sshd default user PATH: $I" 4150 if test ! -z "$external_path_file"; then 4151echo " (If PATH is set in $external_path_file it will be used instead. If" 4152echo " used, ensure the path to scp is present, otherwise scp will not work.)" 4153 fi 4154fi 4155if test ! -z "$superuser_path" ; then 4156echo " sshd superuser user PATH: $J" 4157fi 4158echo " Manpage format: $MANTYPE" 4159echo " PAM support: $PAM_MSG" 4160echo " OSF SIA support: $SIA_MSG" 4161echo " KerberosV support: $KRB5_MSG" 4162echo " SELinux support: $SELINUX_MSG" 4163echo " Smartcard support: $SCARD_MSG" 4164echo " S/KEY support: $SKEY_MSG" 4165echo " TCP Wrappers support: $TCPW_MSG" 4166echo " MD5 password support: $MD5_MSG" 4167echo " libedit support: $LIBEDIT_MSG" 4168echo " Solaris process contract support: $SPC_MSG" 4169echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4170echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4171echo " BSD Auth support: $BSD_AUTH_MSG" 4172echo " Random number source: $RAND_MSG" 4173if test ! -z "$USE_RAND_HELPER" ; then 4174echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 4175fi 4176 4177echo "" 4178 4179echo " Host: ${host}" 4180echo " Compiler: ${CC}" 4181echo " Compiler flags: ${CFLAGS}" 4182echo "Preprocessor flags: ${CPPFLAGS}" 4183echo " Linker flags: ${LDFLAGS}" 4184echo " Libraries: ${LIBS}" 4185if test ! -z "${SSHDLIBS}"; then 4186echo " +for sshd: ${SSHDLIBS}" 4187fi 4188 4189echo "" 4190 4191if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4192 echo "SVR4 style packages are supported with \"make package\"" 4193 echo "" 4194fi 4195 4196if test "x$PAM_MSG" = "xyes" ; then 4197 echo "PAM is enabled. You may need to install a PAM control file " 4198 echo "for sshd, otherwise password authentication may fail. " 4199 echo "Example PAM control files can be found in the contrib/ " 4200 echo "subdirectory" 4201 echo "" 4202fi 4203 4204if test ! -z "$RAND_HELPER_CMDHASH" ; then 4205 echo "WARNING: you are using the builtin random number collection " 4206 echo "service. Please read WARNING.RNG and request that your OS " 4207 echo "vendor includes kernel-based random number collection in " 4208 echo "future versions of your OS." 4209 echo "" 4210fi 4211 4212if test ! -z "$NO_PEERCHECK" ; then 4213 echo "WARNING: the operating system that you are using does not" 4214 echo "appear to support getpeereid(), getpeerucred() or the" 4215 echo "SO_PEERCRED getsockopt() option. These facilities are used to" 4216 echo "enforce security checks to prevent unauthorised connections to" 4217 echo "ssh-agent. Their absence increases the risk that a malicious" 4218 echo "user can connect to your agent." 4219 echo "" 4220fi 4221 4222if test "$AUDIT_MODULE" = "bsm" ; then 4223 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4224 echo "See the Solaris section in README.platform for details." 4225fi
|