configure.ac revision 137015
1# $Id: configure.ac,v 1.226 2004/08/16 13:12:06 dtucker Exp $ 2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT 18AC_CONFIG_SRCDIR([ssh.c]) 19 20AC_CONFIG_HEADER(config.h) 21AC_PROG_CC 22AC_CANONICAL_HOST 23AC_C_BIGENDIAN 24 25# Checks for programs. 26AC_PROG_AWK 27AC_PROG_CPP 28AC_PROG_RANLIB 29AC_PROG_INSTALL 30AC_PATH_PROG(AR, ar) 31AC_PATH_PROG(CAT, cat) 32AC_PATH_PROG(KILL, kill) 33AC_PATH_PROGS(PERL, perl5 perl) 34AC_PATH_PROG(SED, sed) 35AC_SUBST(PERL) 36AC_PATH_PROG(ENT, ent) 37AC_SUBST(ENT) 38AC_PATH_PROG(TEST_MINUS_S_SH, bash) 39AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 40AC_PATH_PROG(TEST_MINUS_S_SH, sh) 41AC_PATH_PROG(SH, sh) 42AC_SUBST(TEST_SHELL,sh) 43 44dnl for buildpkg.sh 45AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 46 [/usr/sbin${PATH_SEPARATOR}/etc]) 47AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 48 [/usr/sbin${PATH_SEPARATOR}/etc]) 49AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 50 51# System features 52AC_SYS_LARGEFILE 53 54if test -z "$AR" ; then 55 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 56fi 57 58# Use LOGIN_PROGRAM from environment if possible 59if test ! -z "$LOGIN_PROGRAM" ; then 60 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM") 61else 62 # Search for login 63 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 64 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 65 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 66 fi 67fi 68 69AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 70if test ! -z "$PATH_PASSWD_PROG" ; then 71 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG") 72fi 73 74if test -z "$LD" ; then 75 LD=$CC 76fi 77AC_SUBST(LD) 78 79AC_C_INLINE 80if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 81 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" 82fi 83 84AC_ARG_WITH(rpath, 85 [ --without-rpath Disable auto-added -R linker paths], 86 [ 87 if test "x$withval" = "xno" ; then 88 need_dash_r="" 89 fi 90 if test "x$withval" = "xyes" ; then 91 need_dash_r=1 92 fi 93 ] 94) 95 96# Check for some target-specific stuff 97case "$host" in 98*-*-aix*) 99 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 100 if (test -z "$blibpath"); then 101 blibpath="/usr/lib:/lib" 102 fi 103 saved_LDFLAGS="$LDFLAGS" 104 for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do 105 if (test -z "$blibflags"); then 106 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 107 AC_TRY_LINK([], [], [blibflags=$tryflags]) 108 fi 109 done 110 if (test -z "$blibflags"); then 111 AC_MSG_RESULT(not found) 112 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 113 else 114 AC_MSG_RESULT($blibflags) 115 fi 116 LDFLAGS="$saved_LDFLAGS" 117 dnl Check for authenticate. Might be in libs.a on older AIXes 118 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)], 119 [AC_CHECK_LIB(s,authenticate, 120 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 121 LIBS="$LIBS -ls" 122 ]) 123 ]) 124 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 125 AC_CHECK_DECL(loginfailed, 126 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 127 AC_TRY_COMPILE( 128 [#include <usersec.h>], 129 [(void)loginfailed("user","host","tty",0);], 130 [AC_MSG_RESULT(yes) 131 AC_DEFINE(AIX_LOGINFAILED_4ARG)], 132 [AC_MSG_RESULT(no)] 133 )], 134 [], 135 [#include <usersec.h>] 136 ) 137 AC_CHECK_FUNCS(setauthdb) 138 AC_DEFINE(BROKEN_GETADDRINFO) 139 AC_DEFINE(BROKEN_REALPATH) 140 AC_DEFINE(SETEUID_BREAKS_SETUID) 141 AC_DEFINE(BROKEN_SETREUID) 142 AC_DEFINE(BROKEN_SETREGID) 143 dnl AIX handles lastlog as part of its login message 144 AC_DEFINE(DISABLE_LASTLOG) 145 AC_DEFINE(LOGIN_NEEDS_UTMPX) 146 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 147 ;; 148*-*-cygwin*) 149 check_for_libcrypt_later=1 150 LIBS="$LIBS /usr/lib/textmode.o" 151 AC_DEFINE(HAVE_CYGWIN) 152 AC_DEFINE(USE_PIPES) 153 AC_DEFINE(DISABLE_SHADOW) 154 AC_DEFINE(IP_TOS_IS_BROKEN) 155 AC_DEFINE(NO_X11_UNIX_SOCKETS) 156 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) 157 AC_DEFINE(DISABLE_FD_PASSING) 158 AC_DEFINE(SETGROUPS_NOOP) 159 ;; 160*-*-dgux*) 161 AC_DEFINE(IP_TOS_IS_BROKEN) 162 AC_DEFINE(SETEUID_BREAKS_SETUID) 163 AC_DEFINE(BROKEN_SETREUID) 164 AC_DEFINE(BROKEN_SETREGID) 165 ;; 166*-*-darwin*) 167 AC_MSG_CHECKING(if we have working getaddrinfo) 168 AC_TRY_RUN([#include <mach-o/dyld.h> 169main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 170 exit(0); 171 else 172 exit(1); 173}], [AC_MSG_RESULT(working)], 174 [AC_MSG_RESULT(buggy) 175 AC_DEFINE(BROKEN_GETADDRINFO)], 176 [AC_MSG_RESULT(assume it is working)]) 177 AC_DEFINE(SETEUID_BREAKS_SETUID) 178 AC_DEFINE(BROKEN_SETREUID) 179 AC_DEFINE(BROKEN_SETREGID) 180 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1) 181 ;; 182*-*-hpux10.26) 183 if test -z "$GCC"; then 184 CFLAGS="$CFLAGS -Ae" 185 fi 186 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 187 IPADDR_IN_DISPLAY=yes 188 AC_DEFINE(HAVE_SECUREWARE) 189 AC_DEFINE(USE_PIPES) 190 AC_DEFINE(LOGIN_NO_ENDOPT) 191 AC_DEFINE(LOGIN_NEEDS_UTMPX) 192 AC_DEFINE(LOCKED_PASSWD_STRING, "*") 193 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 194 LIBS="$LIBS -lsec -lsecpw" 195 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 196 disable_ptmx_check=yes 197 ;; 198*-*-hpux10*) 199 if test -z "$GCC"; then 200 CFLAGS="$CFLAGS -Ae" 201 fi 202 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 203 IPADDR_IN_DISPLAY=yes 204 AC_DEFINE(USE_PIPES) 205 AC_DEFINE(LOGIN_NO_ENDOPT) 206 AC_DEFINE(LOGIN_NEEDS_UTMPX) 207 AC_DEFINE(LOCKED_PASSWD_STRING, "*") 208 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 209 LIBS="$LIBS -lsec" 210 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 211 ;; 212*-*-hpux11*) 213 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 214 IPADDR_IN_DISPLAY=yes 215 AC_DEFINE(PAM_SUN_CODEBASE) 216 AC_DEFINE(USE_PIPES) 217 AC_DEFINE(LOGIN_NO_ENDOPT) 218 AC_DEFINE(LOGIN_NEEDS_UTMPX) 219 AC_DEFINE(DISABLE_UTMP) 220 AC_DEFINE(LOCKED_PASSWD_STRING, "*") 221 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 222 check_for_hpux_broken_getaddrinfo=1 223 LIBS="$LIBS -lsec" 224 AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 225 ;; 226*-*-irix5*) 227 PATH="$PATH:/usr/etc" 228 AC_DEFINE(BROKEN_INET_NTOA) 229 AC_DEFINE(SETEUID_BREAKS_SETUID) 230 AC_DEFINE(BROKEN_SETREUID) 231 AC_DEFINE(BROKEN_SETREGID) 232 AC_DEFINE(WITH_ABBREV_NO_TTY) 233 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 234 ;; 235*-*-irix6*) 236 PATH="$PATH:/usr/etc" 237 AC_DEFINE(WITH_IRIX_ARRAY) 238 AC_DEFINE(WITH_IRIX_PROJECT) 239 AC_DEFINE(WITH_IRIX_AUDIT) 240 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) 241 AC_DEFINE(BROKEN_INET_NTOA) 242 AC_DEFINE(SETEUID_BREAKS_SETUID) 243 AC_DEFINE(BROKEN_SETREUID) 244 AC_DEFINE(BROKEN_SETREGID) 245 AC_DEFINE(BROKEN_UPDWTMPX) 246 AC_DEFINE(WITH_ABBREV_NO_TTY) 247 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 248 ;; 249*-*-linux*) 250 no_dev_ptmx=1 251 check_for_libcrypt_later=1 252 check_for_openpty_ctty_bug=1 253 AC_DEFINE(DONT_TRY_OTHER_AF) 254 AC_DEFINE(PAM_TTY_KLUDGE) 255 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") 256 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 257 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM) 258 inet6_default_4in6=yes 259 case `uname -r` in 260 1.*|2.0.*) 261 AC_DEFINE(BROKEN_CMSG_TYPE) 262 ;; 263 esac 264 ;; 265mips-sony-bsd|mips-sony-newsos4) 266 AC_DEFINE(HAVE_NEWS4) 267 SONY=1 268 ;; 269*-*-netbsd*) 270 check_for_libcrypt_before=1 271 if test "x$withval" != "xno" ; then 272 need_dash_r=1 273 fi 274 ;; 275*-*-freebsd*) 276 check_for_libcrypt_later=1 277 ;; 278*-*-bsdi*) 279 AC_DEFINE(SETEUID_BREAKS_SETUID) 280 AC_DEFINE(BROKEN_SETREUID) 281 AC_DEFINE(BROKEN_SETREGID) 282 ;; 283*-next-*) 284 conf_lastlog_location="/usr/adm/lastlog" 285 conf_utmp_location=/etc/utmp 286 conf_wtmp_location=/usr/adm/wtmp 287 MAIL=/usr/spool/mail 288 AC_DEFINE(HAVE_NEXT) 289 AC_DEFINE(BROKEN_REALPATH) 290 AC_DEFINE(USE_PIPES) 291 AC_DEFINE(BROKEN_SAVED_UIDS) 292 ;; 293*-*-solaris*) 294 if test "x$withval" != "xno" ; then 295 need_dash_r=1 296 fi 297 AC_DEFINE(PAM_SUN_CODEBASE) 298 AC_DEFINE(LOGIN_NEEDS_UTMPX) 299 AC_DEFINE(LOGIN_NEEDS_TERM) 300 AC_DEFINE(PAM_TTY_KLUDGE) 301 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID) 302 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 303 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 304 AC_DEFINE(SSHD_ACQUIRES_CTTY) 305 external_path_file=/etc/default/login 306 # hardwire lastlog location (can't detect it on some versions) 307 conf_lastlog_location="/var/adm/lastlog" 308 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 309 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 310 if test "$sol2ver" -ge 8; then 311 AC_MSG_RESULT(yes) 312 AC_DEFINE(DISABLE_UTMP) 313 AC_DEFINE(DISABLE_WTMP) 314 else 315 AC_MSG_RESULT(no) 316 fi 317 ;; 318*-*-sunos4*) 319 CPPFLAGS="$CPPFLAGS -DSUNOS4" 320 AC_CHECK_FUNCS(getpwanam) 321 AC_DEFINE(PAM_SUN_CODEBASE) 322 conf_utmp_location=/etc/utmp 323 conf_wtmp_location=/var/adm/wtmp 324 conf_lastlog_location=/var/adm/lastlog 325 AC_DEFINE(USE_PIPES) 326 ;; 327*-ncr-sysv*) 328 LIBS="$LIBS -lc89" 329 AC_DEFINE(USE_PIPES) 330 AC_DEFINE(SSHD_ACQUIRES_CTTY) 331 AC_DEFINE(SETEUID_BREAKS_SETUID) 332 AC_DEFINE(BROKEN_SETREUID) 333 AC_DEFINE(BROKEN_SETREGID) 334 ;; 335*-sni-sysv*) 336 # /usr/ucblib MUST NOT be searched on ReliantUNIX 337 AC_CHECK_LIB(dl, dlsym, ,) 338 IPADDR_IN_DISPLAY=yes 339 AC_DEFINE(USE_PIPES) 340 AC_DEFINE(IP_TOS_IS_BROKEN) 341 AC_DEFINE(SETEUID_BREAKS_SETUID) 342 AC_DEFINE(BROKEN_SETREUID) 343 AC_DEFINE(BROKEN_SETREGID) 344 AC_DEFINE(SSHD_ACQUIRES_CTTY) 345 external_path_file=/etc/default/login 346 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 347 # Attention: always take care to bind libsocket and libnsl before libc, 348 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 349 ;; 350*-*-sysv4.2*) 351 AC_DEFINE(USE_PIPES) 352 AC_DEFINE(SETEUID_BREAKS_SETUID) 353 AC_DEFINE(BROKEN_SETREUID) 354 AC_DEFINE(BROKEN_SETREGID) 355 ;; 356*-*-sysv5*) 357 AC_DEFINE(USE_PIPES) 358 AC_DEFINE(SETEUID_BREAKS_SETUID) 359 AC_DEFINE(BROKEN_SETREUID) 360 AC_DEFINE(BROKEN_SETREGID) 361 ;; 362*-*-sysv*) 363 ;; 364*-*-sco3.2v4*) 365 CPPFLAGS="$CPPFLAGS -Dftruncate=chsize" 366 LIBS="$LIBS -los -lprot -lcrypt_i -lx -ltinfo -lm" 367 RANLIB=true 368 no_dev_ptmx=1 369 AC_DEFINE(BROKEN_SYS_TERMIO_H) 370 AC_DEFINE(USE_PIPES) 371 AC_DEFINE(HAVE_SECUREWARE) 372 AC_DEFINE(DISABLE_SHADOW) 373 AC_DEFINE(BROKEN_SAVED_UIDS) 374 AC_DEFINE(SETEUID_BREAKS_SETUID) 375 AC_DEFINE(BROKEN_SETREUID) 376 AC_DEFINE(BROKEN_SETREGID) 377 AC_DEFINE(WITH_ABBREV_NO_TTY) 378 AC_CHECK_FUNCS(getluid setluid) 379 MANTYPE=man 380 do_sco3_extra_lib_check=yes 381 TEST_SHELL=ksh 382 ;; 383*-*-sco3.2v5*) 384 if test -z "$GCC"; then 385 CFLAGS="$CFLAGS -belf" 386 fi 387 LIBS="$LIBS -lprot -lx -ltinfo -lm" 388 no_dev_ptmx=1 389 AC_DEFINE(USE_PIPES) 390 AC_DEFINE(HAVE_SECUREWARE) 391 AC_DEFINE(DISABLE_SHADOW) 392 AC_DEFINE(DISABLE_FD_PASSING) 393 AC_DEFINE(SETEUID_BREAKS_SETUID) 394 AC_DEFINE(BROKEN_SETREUID) 395 AC_DEFINE(BROKEN_SETREGID) 396 AC_DEFINE(WITH_ABBREV_NO_TTY) 397 AC_DEFINE(BROKEN_UPDWTMPX) 398 AC_CHECK_FUNCS(getluid setluid) 399 MANTYPE=man 400 TEST_SHELL=ksh 401 ;; 402*-*-unicosmk*) 403 AC_DEFINE(NO_SSH_LASTLOG) 404 AC_DEFINE(SETEUID_BREAKS_SETUID) 405 AC_DEFINE(BROKEN_SETREUID) 406 AC_DEFINE(BROKEN_SETREGID) 407 AC_DEFINE(USE_PIPES) 408 AC_DEFINE(DISABLE_FD_PASSING) 409 LDFLAGS="$LDFLAGS" 410 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 411 MANTYPE=cat 412 ;; 413*-*-unicosmp*) 414 AC_DEFINE(SETEUID_BREAKS_SETUID) 415 AC_DEFINE(BROKEN_SETREUID) 416 AC_DEFINE(BROKEN_SETREGID) 417 AC_DEFINE(WITH_ABBREV_NO_TTY) 418 AC_DEFINE(USE_PIPES) 419 AC_DEFINE(DISABLE_FD_PASSING) 420 LDFLAGS="$LDFLAGS" 421 LIBS="$LIBS -lgen -lacid -ldb" 422 MANTYPE=cat 423 ;; 424*-*-unicos*) 425 AC_DEFINE(SETEUID_BREAKS_SETUID) 426 AC_DEFINE(BROKEN_SETREUID) 427 AC_DEFINE(BROKEN_SETREGID) 428 AC_DEFINE(USE_PIPES) 429 AC_DEFINE(DISABLE_FD_PASSING) 430 AC_DEFINE(NO_SSH_LASTLOG) 431 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 432 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 433 MANTYPE=cat 434 ;; 435*-dec-osf*) 436 AC_MSG_CHECKING(for Digital Unix SIA) 437 no_osfsia="" 438 AC_ARG_WITH(osfsia, 439 [ --with-osfsia Enable Digital Unix SIA], 440 [ 441 if test "x$withval" = "xno" ; then 442 AC_MSG_RESULT(disabled) 443 no_osfsia=1 444 fi 445 ], 446 ) 447 if test -z "$no_osfsia" ; then 448 if test -f /etc/sia/matrix.conf; then 449 AC_MSG_RESULT(yes) 450 AC_DEFINE(HAVE_OSF_SIA) 451 AC_DEFINE(DISABLE_LOGIN) 452 AC_DEFINE(DISABLE_FD_PASSING) 453 LIBS="$LIBS -lsecurity -ldb -lm -laud" 454 else 455 AC_MSG_RESULT(no) 456 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin") 457 fi 458 fi 459 AC_DEFINE(BROKEN_GETADDRINFO) 460 AC_DEFINE(SETEUID_BREAKS_SETUID) 461 AC_DEFINE(BROKEN_SETREUID) 462 AC_DEFINE(BROKEN_SETREGID) 463 ;; 464 465*-*-nto-qnx) 466 AC_DEFINE(USE_PIPES) 467 AC_DEFINE(NO_X11_UNIX_SOCKETS) 468 AC_DEFINE(MISSING_NFDBITS) 469 AC_DEFINE(MISSING_HOWMANY) 470 AC_DEFINE(MISSING_FD_MASK) 471 ;; 472esac 473 474# Allow user to specify flags 475AC_ARG_WITH(cflags, 476 [ --with-cflags Specify additional flags to pass to compiler], 477 [ 478 if test "x$withval" != "xno" ; then 479 CFLAGS="$CFLAGS $withval" 480 fi 481 ] 482) 483AC_ARG_WITH(cppflags, 484 [ --with-cppflags Specify additional flags to pass to preprocessor] , 485 [ 486 if test "x$withval" != "xno"; then 487 CPPFLAGS="$CPPFLAGS $withval" 488 fi 489 ] 490) 491AC_ARG_WITH(ldflags, 492 [ --with-ldflags Specify additional flags to pass to linker], 493 [ 494 if test "x$withval" != "xno" ; then 495 LDFLAGS="$LDFLAGS $withval" 496 fi 497 ] 498) 499AC_ARG_WITH(libs, 500 [ --with-libs Specify additional libraries to link with], 501 [ 502 if test "x$withval" != "xno" ; then 503 LIBS="$LIBS $withval" 504 fi 505 ] 506) 507 508AC_MSG_CHECKING(compiler and flags for sanity) 509AC_TRY_RUN([ 510#include <stdio.h> 511int main(){exit(0);} 512 ], 513 [ AC_MSG_RESULT(yes) ], 514 [ 515 AC_MSG_RESULT(no) 516 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 517 ] 518) 519 520# Checks for header files. 521AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \ 522 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \ 523 login_cap.h maillock.h ndir.h netdb.h netgroup.h \ 524 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \ 525 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ 526 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \ 527 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \ 528 sys/pstat.h sys/ptms.h sys/select.h sys/stat.h sys/stream.h \ 529 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \ 530 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h) 531 532# Checks for libraries. 533AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 534AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 535 536dnl SCO OS3 needs this for libwrap 537if test "x$with_tcp_wrappers" != "xno" ; then 538 if test "x$do_sco3_extra_lib_check" = "xyes" ; then 539 AC_CHECK_LIB(rpc, innetgr, LIBS="-lrpc -lyp -lrpc $LIBS" , , -lyp -lrpc) 540 fi 541fi 542 543dnl IRIX and Solaris 2.5.1 have dirname() in libgen 544AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 545 AC_CHECK_LIB(gen, dirname,[ 546 AC_CACHE_CHECK([for broken dirname], 547 ac_cv_have_broken_dirname, [ 548 save_LIBS="$LIBS" 549 LIBS="$LIBS -lgen" 550 AC_TRY_RUN( 551 [ 552#include <libgen.h> 553#include <string.h> 554 555int main(int argc, char **argv) { 556 char *s, buf[32]; 557 558 strncpy(buf,"/etc", 32); 559 s = dirname(buf); 560 if (!s || strncmp(s, "/", 32) != 0) { 561 exit(1); 562 } else { 563 exit(0); 564 } 565} 566 ], 567 [ ac_cv_have_broken_dirname="no" ], 568 [ ac_cv_have_broken_dirname="yes" ] 569 ) 570 LIBS="$save_LIBS" 571 ]) 572 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 573 LIBS="$LIBS -lgen" 574 AC_DEFINE(HAVE_DIRNAME) 575 AC_CHECK_HEADERS(libgen.h) 576 fi 577 ]) 578]) 579 580AC_CHECK_FUNC(getspnam, , 581 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 582AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME)) 583 584dnl zlib is required 585AC_ARG_WITH(zlib, 586 [ --with-zlib=PATH Use zlib in PATH], 587 [ 588 if test "x$withval" = "xno" ; then 589 AC_MSG_ERROR([*** zlib is required ***]) 590 fi 591 if test -d "$withval/lib"; then 592 if test -n "${need_dash_r}"; then 593 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 594 else 595 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 596 fi 597 else 598 if test -n "${need_dash_r}"; then 599 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 600 else 601 LDFLAGS="-L${withval} ${LDFLAGS}" 602 fi 603 fi 604 if test -d "$withval/include"; then 605 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 606 else 607 CPPFLAGS="-I${withval} ${CPPFLAGS}" 608 fi 609 ] 610) 611 612AC_CHECK_LIB(z, deflate, , 613 [ 614 saved_CPPFLAGS="$CPPFLAGS" 615 saved_LDFLAGS="$LDFLAGS" 616 save_LIBS="$LIBS" 617 dnl Check default zlib install dir 618 if test -n "${need_dash_r}"; then 619 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 620 else 621 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 622 fi 623 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 624 LIBS="$LIBS -lz" 625 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 626 [ 627 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 628 ] 629 ) 630 ] 631) 632AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 633 634AC_ARG_WITH(zlib-version-check, 635 [ --without-zlib-version-check Disable zlib version check], 636 [ if test "x$withval" = "xno" ; then 637 zlib_check_nonfatal=1 638 fi 639 ] 640) 641 642AC_MSG_CHECKING(for zlib 1.1.4 or greater) 643AC_TRY_RUN([ 644#include <zlib.h> 645int main() 646{ 647 int a, b, c, v; 648 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3) 649 exit(1); 650 v = a*1000000 + b*1000 + c; 651 if (v >= 1001004) 652 exit(0); 653 exit(2); 654} 655 ], 656 AC_MSG_RESULT(yes), 657 [ AC_MSG_RESULT(no) 658 if test -z "$zlib_check_nonfatal" ; then 659 AC_MSG_ERROR([*** zlib too old - check config.log *** 660Your reported zlib version has known security problems. It's possible your 661vendor has fixed these problems without changing the version number. If you 662are sure this is the case, you can disable the check by running 663"./configure --without-zlib-version-check". 664If you are in doubt, upgrade zlib to version 1.1.4 or greater.]) 665 else 666 AC_MSG_WARN([zlib version may have security problems]) 667 fi 668 ] 669) 670 671dnl UnixWare 2.x 672AC_CHECK_FUNC(strcasecmp, 673 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 674) 675AC_CHECK_FUNC(utimes, 676 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 677 LIBS="$LIBS -lc89"]) ] 678) 679 680dnl Checks for libutil functions 681AC_CHECK_HEADERS(libutil.h) 682AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)]) 683AC_CHECK_FUNCS(logout updwtmp logwtmp) 684 685AC_FUNC_STRFTIME 686 687# Check for ALTDIRFUNC glob() extension 688AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 689AC_EGREP_CPP(FOUNDIT, 690 [ 691 #include <glob.h> 692 #ifdef GLOB_ALTDIRFUNC 693 FOUNDIT 694 #endif 695 ], 696 [ 697 AC_DEFINE(GLOB_HAS_ALTDIRFUNC) 698 AC_MSG_RESULT(yes) 699 ], 700 [ 701 AC_MSG_RESULT(no) 702 ] 703) 704 705# Check for g.gl_matchc glob() extension 706AC_MSG_CHECKING(for gl_matchc field in glob_t) 707AC_EGREP_CPP(FOUNDIT, 708 [ 709 #include <glob.h> 710 int main(void){glob_t g; g.gl_matchc = 1;} 711 ], 712 [ 713 AC_DEFINE(GLOB_HAS_GL_MATCHC) 714 AC_MSG_RESULT(yes) 715 ], 716 [ 717 AC_MSG_RESULT(no) 718 ] 719) 720 721AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 722AC_TRY_RUN( 723 [ 724#include <sys/types.h> 725#include <dirent.h> 726int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 727 ], 728 [AC_MSG_RESULT(yes)], 729 [ 730 AC_MSG_RESULT(no) 731 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 732 ] 733) 734 735AC_MSG_CHECKING([for /proc/pid/fd directory]) 736if test -d "/proc/$$/fd" ; then 737 AC_DEFINE(HAVE_PROC_PID) 738 AC_MSG_RESULT(yes) 739else 740 AC_MSG_RESULT(no) 741fi 742 743# Check whether user wants S/Key support 744SKEY_MSG="no" 745AC_ARG_WITH(skey, 746 [ --with-skey[[=PATH]] Enable S/Key support 747 (optionally in PATH)], 748 [ 749 if test "x$withval" != "xno" ; then 750 751 if test "x$withval" != "xyes" ; then 752 CPPFLAGS="$CPPFLAGS -I${withval}/include" 753 LDFLAGS="$LDFLAGS -L${withval}/lib" 754 fi 755 756 AC_DEFINE(SKEY) 757 LIBS="-lskey $LIBS" 758 SKEY_MSG="yes" 759 760 AC_MSG_CHECKING([for s/key support]) 761 AC_TRY_RUN( 762 [ 763#include <stdio.h> 764#include <skey.h> 765int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 766 ], 767 [AC_MSG_RESULT(yes)], 768 [ 769 AC_MSG_RESULT(no) 770 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 771 ]) 772 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 773 AC_TRY_COMPILE( 774 [#include <stdio.h> 775 #include <skey.h>], 776 [(void)skeychallenge(NULL,"name","",0);], 777 [AC_MSG_RESULT(yes) 778 AC_DEFINE(SKEYCHALLENGE_4ARG)], 779 [AC_MSG_RESULT(no)] 780 ) 781 fi 782 ] 783) 784 785# Check whether user wants TCP wrappers support 786TCPW_MSG="no" 787AC_ARG_WITH(tcp-wrappers, 788 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support 789 (optionally in PATH)], 790 [ 791 if test "x$withval" != "xno" ; then 792 saved_LIBS="$LIBS" 793 saved_LDFLAGS="$LDFLAGS" 794 saved_CPPFLAGS="$CPPFLAGS" 795 if test -n "${withval}" -a "${withval}" != "yes"; then 796 if test -d "${withval}/lib"; then 797 if test -n "${need_dash_r}"; then 798 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 799 else 800 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 801 fi 802 else 803 if test -n "${need_dash_r}"; then 804 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 805 else 806 LDFLAGS="-L${withval} ${LDFLAGS}" 807 fi 808 fi 809 if test -d "${withval}/include"; then 810 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 811 else 812 CPPFLAGS="-I${withval} ${CPPFLAGS}" 813 fi 814 fi 815 LIBWRAP="-lwrap" 816 LIBS="$LIBWRAP $LIBS" 817 AC_MSG_CHECKING(for libwrap) 818 AC_TRY_LINK( 819 [ 820#include <sys/types.h> 821#include <sys/socket.h> 822#include <netinet/in.h> 823#include <tcpd.h> 824 int deny_severity = 0, allow_severity = 0; 825 ], 826 [hosts_access(0);], 827 [ 828 AC_MSG_RESULT(yes) 829 AC_DEFINE(LIBWRAP) 830 AC_SUBST(LIBWRAP) 831 TCPW_MSG="yes" 832 ], 833 [ 834 AC_MSG_ERROR([*** libwrap missing]) 835 ] 836 ) 837 LIBS="$saved_LIBS" 838 fi 839 ] 840) 841 842dnl Checks for library functions. Please keep in alphabetical order 843AC_CHECK_FUNCS(\ 844 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \ 845 bindresvport_sa clock closefrom dirfd fchmod fchown freeaddrinfo \ 846 futimes getaddrinfo getcwd getgrouplist getnameinfo getopt \ 847 getpeereid _getpty getrlimit getttyent glob inet_aton \ 848 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ 849 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ 850 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \ 851 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \ 852 setproctitle setregid setreuid setrlimit \ 853 setsid setvbuf sigaction sigvec snprintf socketpair strerror \ 854 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \ 855 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \ 856) 857 858# IRIX has a const char return value for gai_strerror() 859AC_CHECK_FUNCS(gai_strerror,[ 860 AC_DEFINE(HAVE_GAI_STRERROR) 861 AC_TRY_COMPILE([ 862#include <sys/types.h> 863#include <sys/socket.h> 864#include <netdb.h> 865 866const char *gai_strerror(int);],[ 867char *str; 868 869str = gai_strerror(0);],[ 870 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 871 [Define if gai_strerror() returns const char *])])]) 872 873AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) 874 875dnl Make sure prototypes are defined for these before using them. 876AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)]) 877AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 878 879dnl tcsendbreak might be a macro 880AC_CHECK_DECL(tcsendbreak, 881 [AC_DEFINE(HAVE_TCSENDBREAK)], 882 [AC_CHECK_FUNCS(tcsendbreak)], 883 [#include <termios.h>] 884) 885 886AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 887 888AC_CHECK_FUNCS(setresuid, [ 889 dnl Some platorms have setresuid that isn't implemented, test for this 890 AC_MSG_CHECKING(if setresuid seems to work) 891 AC_TRY_RUN([ 892#include <stdlib.h> 893#include <errno.h> 894int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 895 ], 896 [AC_MSG_RESULT(yes)], 897 [AC_DEFINE(BROKEN_SETRESUID) 898 AC_MSG_RESULT(not implemented)] 899 ) 900]) 901 902AC_CHECK_FUNCS(setresgid, [ 903 dnl Some platorms have setresgid that isn't implemented, test for this 904 AC_MSG_CHECKING(if setresgid seems to work) 905 AC_TRY_RUN([ 906#include <stdlib.h> 907#include <errno.h> 908int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 909 ], 910 [AC_MSG_RESULT(yes)], 911 [AC_DEFINE(BROKEN_SETRESGID) 912 AC_MSG_RESULT(not implemented)] 913 ) 914]) 915 916dnl Checks for time functions 917AC_CHECK_FUNCS(gettimeofday time) 918dnl Checks for utmp functions 919AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 920AC_CHECK_FUNCS(utmpname) 921dnl Checks for utmpx functions 922AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 923AC_CHECK_FUNCS(setutxent utmpxname) 924 925AC_CHECK_FUNC(daemon, 926 [AC_DEFINE(HAVE_DAEMON)], 927 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 928) 929 930AC_CHECK_FUNC(getpagesize, 931 [AC_DEFINE(HAVE_GETPAGESIZE)], 932 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 933) 934 935# Check for broken snprintf 936if test "x$ac_cv_func_snprintf" = "xyes" ; then 937 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 938 AC_TRY_RUN( 939 [ 940#include <stdio.h> 941int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 942 ], 943 [AC_MSG_RESULT(yes)], 944 [ 945 AC_MSG_RESULT(no) 946 AC_DEFINE(BROKEN_SNPRINTF) 947 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 948 ] 949 ) 950fi 951 952# Check for missing getpeereid (or equiv) support 953NO_PEERCHECK="" 954if test "x$ac_cv_func_getpeereid" != "xyes" ; then 955 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 956 AC_TRY_COMPILE( 957 [#include <sys/types.h> 958 #include <sys/socket.h>], 959 [int i = SO_PEERCRED;], 960 [AC_MSG_RESULT(yes)], 961 [AC_MSG_RESULT(no) 962 NO_PEERCHECK=1] 963 ) 964fi 965 966dnl see whether mkstemp() requires XXXXXX 967if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 968AC_MSG_CHECKING([for (overly) strict mkstemp]) 969AC_TRY_RUN( 970 [ 971#include <stdlib.h> 972main() { char template[]="conftest.mkstemp-test"; 973if (mkstemp(template) == -1) 974 exit(1); 975unlink(template); exit(0); 976} 977 ], 978 [ 979 AC_MSG_RESULT(no) 980 ], 981 [ 982 AC_MSG_RESULT(yes) 983 AC_DEFINE(HAVE_STRICT_MKSTEMP) 984 ], 985 [ 986 AC_MSG_RESULT(yes) 987 AC_DEFINE(HAVE_STRICT_MKSTEMP) 988 ] 989) 990fi 991 992dnl make sure that openpty does not reacquire controlling terminal 993if test ! -z "$check_for_openpty_ctty_bug"; then 994 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 995 AC_TRY_RUN( 996 [ 997#include <stdio.h> 998#include <sys/fcntl.h> 999#include <sys/types.h> 1000#include <sys/wait.h> 1001 1002int 1003main() 1004{ 1005 pid_t pid; 1006 int fd, ptyfd, ttyfd, status; 1007 1008 pid = fork(); 1009 if (pid < 0) { /* failed */ 1010 exit(1); 1011 } else if (pid > 0) { /* parent */ 1012 waitpid(pid, &status, 0); 1013 if (WIFEXITED(status)) 1014 exit(WEXITSTATUS(status)); 1015 else 1016 exit(2); 1017 } else { /* child */ 1018 close(0); close(1); close(2); 1019 setsid(); 1020 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1021 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1022 if (fd >= 0) 1023 exit(3); /* Acquired ctty: broken */ 1024 else 1025 exit(0); /* Did not acquire ctty: OK */ 1026 } 1027} 1028 ], 1029 [ 1030 AC_MSG_RESULT(yes) 1031 ], 1032 [ 1033 AC_MSG_RESULT(no) 1034 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1035 ] 1036 ) 1037fi 1038 1039if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1040 AC_MSG_CHECKING(if getaddrinfo seems to work) 1041 AC_TRY_RUN( 1042 [ 1043#include <stdio.h> 1044#include <sys/socket.h> 1045#include <netdb.h> 1046#include <errno.h> 1047#include <netinet/in.h> 1048 1049#define TEST_PORT "2222" 1050 1051int 1052main(void) 1053{ 1054 int err, sock; 1055 struct addrinfo *gai_ai, *ai, hints; 1056 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1057 1058 memset(&hints, 0, sizeof(hints)); 1059 hints.ai_family = PF_UNSPEC; 1060 hints.ai_socktype = SOCK_STREAM; 1061 hints.ai_flags = AI_PASSIVE; 1062 1063 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1064 if (err != 0) { 1065 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1066 exit(1); 1067 } 1068 1069 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1070 if (ai->ai_family != AF_INET6) 1071 continue; 1072 1073 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1074 sizeof(ntop), strport, sizeof(strport), 1075 NI_NUMERICHOST|NI_NUMERICSERV); 1076 1077 if (err != 0) { 1078 if (err == EAI_SYSTEM) 1079 perror("getnameinfo EAI_SYSTEM"); 1080 else 1081 fprintf(stderr, "getnameinfo failed: %s\n", 1082 gai_strerror(err)); 1083 exit(2); 1084 } 1085 1086 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1087 if (sock < 0) 1088 perror("socket"); 1089 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1090 if (errno == EBADF) 1091 exit(3); 1092 } 1093 } 1094 exit(0); 1095} 1096 ], 1097 [ 1098 AC_MSG_RESULT(yes) 1099 ], 1100 [ 1101 AC_MSG_RESULT(no) 1102 AC_DEFINE(BROKEN_GETADDRINFO) 1103 ] 1104 ) 1105fi 1106 1107AC_FUNC_GETPGRP 1108 1109# Check for PAM libs 1110PAM_MSG="no" 1111AC_ARG_WITH(pam, 1112 [ --with-pam Enable PAM support ], 1113 [ 1114 if test "x$withval" != "xno" ; then 1115 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 1116 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 1117 AC_MSG_ERROR([PAM headers not found]) 1118 fi 1119 1120 AC_CHECK_LIB(dl, dlopen, , ) 1121 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 1122 AC_CHECK_FUNCS(pam_getenvlist) 1123 AC_CHECK_FUNCS(pam_putenv) 1124 1125 PAM_MSG="yes" 1126 1127 AC_DEFINE(USE_PAM) 1128 if test $ac_cv_lib_dl_dlopen = yes; then 1129 LIBPAM="-lpam -ldl" 1130 else 1131 LIBPAM="-lpam" 1132 fi 1133 AC_SUBST(LIBPAM) 1134 fi 1135 ] 1136) 1137 1138# Check for older PAM 1139if test "x$PAM_MSG" = "xyes" ; then 1140 # Check PAM strerror arguments (old PAM) 1141 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 1142 AC_TRY_COMPILE( 1143 [ 1144#include <stdlib.h> 1145#if defined(HAVE_SECURITY_PAM_APPL_H) 1146#include <security/pam_appl.h> 1147#elif defined (HAVE_PAM_PAM_APPL_H) 1148#include <pam/pam_appl.h> 1149#endif 1150 ], 1151 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 1152 [AC_MSG_RESULT(no)], 1153 [ 1154 AC_DEFINE(HAVE_OLD_PAM) 1155 AC_MSG_RESULT(yes) 1156 PAM_MSG="yes (old library)" 1157 ] 1158 ) 1159fi 1160 1161# Search for OpenSSL 1162saved_CPPFLAGS="$CPPFLAGS" 1163saved_LDFLAGS="$LDFLAGS" 1164AC_ARG_WITH(ssl-dir, 1165 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1166 [ 1167 if test "x$withval" != "xno" ; then 1168 if test -d "$withval/lib"; then 1169 if test -n "${need_dash_r}"; then 1170 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1171 else 1172 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1173 fi 1174 else 1175 if test -n "${need_dash_r}"; then 1176 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1177 else 1178 LDFLAGS="-L${withval} ${LDFLAGS}" 1179 fi 1180 fi 1181 if test -d "$withval/include"; then 1182 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1183 else 1184 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1185 fi 1186 fi 1187 ] 1188) 1189LIBS="-lcrypto $LIBS" 1190AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1191 [ 1192 dnl Check default openssl install dir 1193 if test -n "${need_dash_r}"; then 1194 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1195 else 1196 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1197 fi 1198 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1199 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1200 [ 1201 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1202 ] 1203 ) 1204 ] 1205) 1206 1207# Determine OpenSSL header version 1208AC_MSG_CHECKING([OpenSSL header version]) 1209AC_TRY_RUN( 1210 [ 1211#include <stdio.h> 1212#include <string.h> 1213#include <openssl/opensslv.h> 1214#define DATA "conftest.sslincver" 1215int main(void) { 1216 FILE *fd; 1217 int rc; 1218 1219 fd = fopen(DATA,"w"); 1220 if(fd == NULL) 1221 exit(1); 1222 1223 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1224 exit(1); 1225 1226 exit(0); 1227} 1228 ], 1229 [ 1230 ssl_header_ver=`cat conftest.sslincver` 1231 AC_MSG_RESULT($ssl_header_ver) 1232 ], 1233 [ 1234 AC_MSG_RESULT(not found) 1235 AC_MSG_ERROR(OpenSSL version header not found.) 1236 ] 1237) 1238 1239# Determine OpenSSL library version 1240AC_MSG_CHECKING([OpenSSL library version]) 1241AC_TRY_RUN( 1242 [ 1243#include <stdio.h> 1244#include <string.h> 1245#include <openssl/opensslv.h> 1246#include <openssl/crypto.h> 1247#define DATA "conftest.ssllibver" 1248int main(void) { 1249 FILE *fd; 1250 int rc; 1251 1252 fd = fopen(DATA,"w"); 1253 if(fd == NULL) 1254 exit(1); 1255 1256 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1257 exit(1); 1258 1259 exit(0); 1260} 1261 ], 1262 [ 1263 ssl_library_ver=`cat conftest.ssllibver` 1264 AC_MSG_RESULT($ssl_library_ver) 1265 ], 1266 [ 1267 AC_MSG_RESULT(not found) 1268 AC_MSG_ERROR(OpenSSL library not found.) 1269 ] 1270) 1271 1272# Sanity check OpenSSL headers 1273AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1274AC_TRY_RUN( 1275 [ 1276#include <string.h> 1277#include <openssl/opensslv.h> 1278int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1279 ], 1280 [ 1281 AC_MSG_RESULT(yes) 1282 ], 1283 [ 1284 AC_MSG_RESULT(no) 1285 AC_MSG_ERROR([Your OpenSSL headers do not match your library. 1286Check config.log for details. 1287Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1288 ] 1289) 1290 1291# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 1292# because the system crypt() is more featureful. 1293if test "x$check_for_libcrypt_before" = "x1"; then 1294 AC_CHECK_LIB(crypt, crypt) 1295fi 1296 1297# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1298# version in OpenSSL. 1299if test "x$check_for_libcrypt_later" = "x1"; then 1300 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1301fi 1302 1303 1304### Configure cryptographic random number support 1305 1306# Check wheter OpenSSL seeds itself 1307AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 1308AC_TRY_RUN( 1309 [ 1310#include <string.h> 1311#include <openssl/rand.h> 1312int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 1313 ], 1314 [ 1315 OPENSSL_SEEDS_ITSELF=yes 1316 AC_MSG_RESULT(yes) 1317 ], 1318 [ 1319 AC_MSG_RESULT(no) 1320 # Default to use of the rand helper if OpenSSL doesn't 1321 # seed itself 1322 USE_RAND_HELPER=yes 1323 ] 1324) 1325 1326 1327# Do we want to force the use of the rand helper? 1328AC_ARG_WITH(rand-helper, 1329 [ --with-rand-helper Use subprocess to gather strong randomness ], 1330 [ 1331 if test "x$withval" = "xno" ; then 1332 # Force use of OpenSSL's internal RNG, even if 1333 # the previous test showed it to be unseeded. 1334 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 1335 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 1336 OPENSSL_SEEDS_ITSELF=yes 1337 USE_RAND_HELPER="" 1338 fi 1339 else 1340 USE_RAND_HELPER=yes 1341 fi 1342 ], 1343) 1344 1345# Which randomness source do we use? 1346if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then 1347 # OpenSSL only 1348 AC_DEFINE(OPENSSL_PRNG_ONLY) 1349 RAND_MSG="OpenSSL internal ONLY" 1350 INSTALL_SSH_RAND_HELPER="" 1351elif test ! -z "$USE_RAND_HELPER" ; then 1352 # install rand helper 1353 RAND_MSG="ssh-rand-helper" 1354 INSTALL_SSH_RAND_HELPER="yes" 1355fi 1356AC_SUBST(INSTALL_SSH_RAND_HELPER) 1357 1358### Configuration of ssh-rand-helper 1359 1360# PRNGD TCP socket 1361AC_ARG_WITH(prngd-port, 1362 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 1363 [ 1364 case "$withval" in 1365 no) 1366 withval="" 1367 ;; 1368 [[0-9]]*) 1369 ;; 1370 *) 1371 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 1372 ;; 1373 esac 1374 if test ! -z "$withval" ; then 1375 PRNGD_PORT="$withval" 1376 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT) 1377 fi 1378 ] 1379) 1380 1381# PRNGD Unix domain socket 1382AC_ARG_WITH(prngd-socket, 1383 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 1384 [ 1385 case "$withval" in 1386 yes) 1387 withval="/var/run/egd-pool" 1388 ;; 1389 no) 1390 withval="" 1391 ;; 1392 /*) 1393 ;; 1394 *) 1395 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 1396 ;; 1397 esac 1398 1399 if test ! -z "$withval" ; then 1400 if test ! -z "$PRNGD_PORT" ; then 1401 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 1402 fi 1403 if test ! -r "$withval" ; then 1404 AC_MSG_WARN(Entropy socket is not readable) 1405 fi 1406 PRNGD_SOCKET="$withval" 1407 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 1408 fi 1409 ], 1410 [ 1411 # Check for existing socket only if we don't have a random device already 1412 if test "$USE_RAND_HELPER" = yes ; then 1413 AC_MSG_CHECKING(for PRNGD/EGD socket) 1414 # Insert other locations here 1415 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 1416 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 1417 PRNGD_SOCKET="$sock" 1418 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 1419 break; 1420 fi 1421 done 1422 if test ! -z "$PRNGD_SOCKET" ; then 1423 AC_MSG_RESULT($PRNGD_SOCKET) 1424 else 1425 AC_MSG_RESULT(not found) 1426 fi 1427 fi 1428 ] 1429) 1430 1431# Change default command timeout for hashing entropy source 1432entropy_timeout=200 1433AC_ARG_WITH(entropy-timeout, 1434 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 1435 [ 1436 if test "x$withval" != "xno" ; then 1437 entropy_timeout=$withval 1438 fi 1439 ] 1440) 1441AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) 1442 1443SSH_PRIVSEP_USER=sshd 1444AC_ARG_WITH(privsep-user, 1445 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 1446 [ 1447 if test -n "$withval"; then 1448 SSH_PRIVSEP_USER=$withval 1449 fi 1450 ] 1451) 1452AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER") 1453AC_SUBST(SSH_PRIVSEP_USER) 1454 1455# We do this little dance with the search path to insure 1456# that programs that we select for use by installed programs 1457# (which may be run by the super-user) come from trusted 1458# locations before they come from the user's private area. 1459# This should help avoid accidentally configuring some 1460# random version of a program in someone's personal bin. 1461 1462OPATH=$PATH 1463PATH=/bin:/usr/bin 1464test -h /bin 2> /dev/null && PATH=/usr/bin 1465test -d /sbin && PATH=$PATH:/sbin 1466test -d /usr/sbin && PATH=$PATH:/usr/sbin 1467PATH=$PATH:/etc:$OPATH 1468 1469# These programs are used by the command hashing source to gather entropy 1470OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 1471OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 1472OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 1473OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 1474OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 1475OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 1476OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 1477OSSH_PATH_ENTROPY_PROG(PROG_W, w) 1478OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 1479OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 1480OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 1481OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 1482OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 1483OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 1484OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 1485OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 1486# restore PATH 1487PATH=$OPATH 1488 1489# Where does ssh-rand-helper get its randomness from? 1490INSTALL_SSH_PRNG_CMDS="" 1491if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 1492 if test ! -z "$PRNGD_PORT" ; then 1493 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 1494 elif test ! -z "$PRNGD_SOCKET" ; then 1495 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 1496 else 1497 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 1498 RAND_HELPER_CMDHASH=yes 1499 INSTALL_SSH_PRNG_CMDS="yes" 1500 fi 1501fi 1502AC_SUBST(INSTALL_SSH_PRNG_CMDS) 1503 1504 1505# Cheap hack to ensure NEWS-OS libraries are arranged right. 1506if test ! -z "$SONY" ; then 1507 LIBS="$LIBS -liberty"; 1508fi 1509 1510# Checks for data types 1511AC_CHECK_SIZEOF(char, 1) 1512AC_CHECK_SIZEOF(short int, 2) 1513AC_CHECK_SIZEOF(int, 4) 1514AC_CHECK_SIZEOF(long int, 4) 1515AC_CHECK_SIZEOF(long long int, 8) 1516 1517# Sanity check long long for some platforms (AIX) 1518if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 1519 ac_cv_sizeof_long_long_int=0 1520fi 1521 1522# More checks for data types 1523AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 1524 AC_TRY_COMPILE( 1525 [ #include <sys/types.h> ], 1526 [ u_int a; a = 1;], 1527 [ ac_cv_have_u_int="yes" ], 1528 [ ac_cv_have_u_int="no" ] 1529 ) 1530]) 1531if test "x$ac_cv_have_u_int" = "xyes" ; then 1532 AC_DEFINE(HAVE_U_INT) 1533 have_u_int=1 1534fi 1535 1536AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 1537 AC_TRY_COMPILE( 1538 [ #include <sys/types.h> ], 1539 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 1540 [ ac_cv_have_intxx_t="yes" ], 1541 [ ac_cv_have_intxx_t="no" ] 1542 ) 1543]) 1544if test "x$ac_cv_have_intxx_t" = "xyes" ; then 1545 AC_DEFINE(HAVE_INTXX_T) 1546 have_intxx_t=1 1547fi 1548 1549if (test -z "$have_intxx_t" && \ 1550 test "x$ac_cv_header_stdint_h" = "xyes") 1551then 1552 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 1553 AC_TRY_COMPILE( 1554 [ #include <stdint.h> ], 1555 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 1556 [ 1557 AC_DEFINE(HAVE_INTXX_T) 1558 AC_MSG_RESULT(yes) 1559 ], 1560 [ AC_MSG_RESULT(no) ] 1561 ) 1562fi 1563 1564AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 1565 AC_TRY_COMPILE( 1566 [ 1567#include <sys/types.h> 1568#ifdef HAVE_STDINT_H 1569# include <stdint.h> 1570#endif 1571#include <sys/socket.h> 1572#ifdef HAVE_SYS_BITYPES_H 1573# include <sys/bitypes.h> 1574#endif 1575 ], 1576 [ int64_t a; a = 1;], 1577 [ ac_cv_have_int64_t="yes" ], 1578 [ ac_cv_have_int64_t="no" ] 1579 ) 1580]) 1581if test "x$ac_cv_have_int64_t" = "xyes" ; then 1582 AC_DEFINE(HAVE_INT64_T) 1583fi 1584 1585AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 1586 AC_TRY_COMPILE( 1587 [ #include <sys/types.h> ], 1588 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 1589 [ ac_cv_have_u_intxx_t="yes" ], 1590 [ ac_cv_have_u_intxx_t="no" ] 1591 ) 1592]) 1593if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 1594 AC_DEFINE(HAVE_U_INTXX_T) 1595 have_u_intxx_t=1 1596fi 1597 1598if test -z "$have_u_intxx_t" ; then 1599 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 1600 AC_TRY_COMPILE( 1601 [ #include <sys/socket.h> ], 1602 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 1603 [ 1604 AC_DEFINE(HAVE_U_INTXX_T) 1605 AC_MSG_RESULT(yes) 1606 ], 1607 [ AC_MSG_RESULT(no) ] 1608 ) 1609fi 1610 1611AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 1612 AC_TRY_COMPILE( 1613 [ #include <sys/types.h> ], 1614 [ u_int64_t a; a = 1;], 1615 [ ac_cv_have_u_int64_t="yes" ], 1616 [ ac_cv_have_u_int64_t="no" ] 1617 ) 1618]) 1619if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 1620 AC_DEFINE(HAVE_U_INT64_T) 1621 have_u_int64_t=1 1622fi 1623 1624if test -z "$have_u_int64_t" ; then 1625 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 1626 AC_TRY_COMPILE( 1627 [ #include <sys/bitypes.h> ], 1628 [ u_int64_t a; a = 1], 1629 [ 1630 AC_DEFINE(HAVE_U_INT64_T) 1631 AC_MSG_RESULT(yes) 1632 ], 1633 [ AC_MSG_RESULT(no) ] 1634 ) 1635fi 1636 1637if test -z "$have_u_intxx_t" ; then 1638 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 1639 AC_TRY_COMPILE( 1640 [ 1641#include <sys/types.h> 1642 ], 1643 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 1644 [ ac_cv_have_uintxx_t="yes" ], 1645 [ ac_cv_have_uintxx_t="no" ] 1646 ) 1647 ]) 1648 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 1649 AC_DEFINE(HAVE_UINTXX_T) 1650 fi 1651fi 1652 1653if test -z "$have_uintxx_t" ; then 1654 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 1655 AC_TRY_COMPILE( 1656 [ #include <stdint.h> ], 1657 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 1658 [ 1659 AC_DEFINE(HAVE_UINTXX_T) 1660 AC_MSG_RESULT(yes) 1661 ], 1662 [ AC_MSG_RESULT(no) ] 1663 ) 1664fi 1665 1666if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 1667 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 1668then 1669 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 1670 AC_TRY_COMPILE( 1671 [ 1672#include <sys/bitypes.h> 1673 ], 1674 [ 1675 int8_t a; int16_t b; int32_t c; 1676 u_int8_t e; u_int16_t f; u_int32_t g; 1677 a = b = c = e = f = g = 1; 1678 ], 1679 [ 1680 AC_DEFINE(HAVE_U_INTXX_T) 1681 AC_DEFINE(HAVE_INTXX_T) 1682 AC_MSG_RESULT(yes) 1683 ], 1684 [AC_MSG_RESULT(no)] 1685 ) 1686fi 1687 1688 1689AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 1690 AC_TRY_COMPILE( 1691 [ 1692#include <sys/types.h> 1693 ], 1694 [ u_char foo; foo = 125; ], 1695 [ ac_cv_have_u_char="yes" ], 1696 [ ac_cv_have_u_char="no" ] 1697 ) 1698]) 1699if test "x$ac_cv_have_u_char" = "xyes" ; then 1700 AC_DEFINE(HAVE_U_CHAR) 1701fi 1702 1703TYPE_SOCKLEN_T 1704 1705AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 1706 1707AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 1708 AC_TRY_COMPILE( 1709 [ 1710#include <sys/types.h> 1711 ], 1712 [ size_t foo; foo = 1235; ], 1713 [ ac_cv_have_size_t="yes" ], 1714 [ ac_cv_have_size_t="no" ] 1715 ) 1716]) 1717if test "x$ac_cv_have_size_t" = "xyes" ; then 1718 AC_DEFINE(HAVE_SIZE_T) 1719fi 1720 1721AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 1722 AC_TRY_COMPILE( 1723 [ 1724#include <sys/types.h> 1725 ], 1726 [ ssize_t foo; foo = 1235; ], 1727 [ ac_cv_have_ssize_t="yes" ], 1728 [ ac_cv_have_ssize_t="no" ] 1729 ) 1730]) 1731if test "x$ac_cv_have_ssize_t" = "xyes" ; then 1732 AC_DEFINE(HAVE_SSIZE_T) 1733fi 1734 1735AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 1736 AC_TRY_COMPILE( 1737 [ 1738#include <time.h> 1739 ], 1740 [ clock_t foo; foo = 1235; ], 1741 [ ac_cv_have_clock_t="yes" ], 1742 [ ac_cv_have_clock_t="no" ] 1743 ) 1744]) 1745if test "x$ac_cv_have_clock_t" = "xyes" ; then 1746 AC_DEFINE(HAVE_CLOCK_T) 1747fi 1748 1749AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 1750 AC_TRY_COMPILE( 1751 [ 1752#include <sys/types.h> 1753#include <sys/socket.h> 1754 ], 1755 [ sa_family_t foo; foo = 1235; ], 1756 [ ac_cv_have_sa_family_t="yes" ], 1757 [ AC_TRY_COMPILE( 1758 [ 1759#include <sys/types.h> 1760#include <sys/socket.h> 1761#include <netinet/in.h> 1762 ], 1763 [ sa_family_t foo; foo = 1235; ], 1764 [ ac_cv_have_sa_family_t="yes" ], 1765 1766 [ ac_cv_have_sa_family_t="no" ] 1767 )] 1768 ) 1769]) 1770if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 1771 AC_DEFINE(HAVE_SA_FAMILY_T) 1772fi 1773 1774AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 1775 AC_TRY_COMPILE( 1776 [ 1777#include <sys/types.h> 1778 ], 1779 [ pid_t foo; foo = 1235; ], 1780 [ ac_cv_have_pid_t="yes" ], 1781 [ ac_cv_have_pid_t="no" ] 1782 ) 1783]) 1784if test "x$ac_cv_have_pid_t" = "xyes" ; then 1785 AC_DEFINE(HAVE_PID_T) 1786fi 1787 1788AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 1789 AC_TRY_COMPILE( 1790 [ 1791#include <sys/types.h> 1792 ], 1793 [ mode_t foo; foo = 1235; ], 1794 [ ac_cv_have_mode_t="yes" ], 1795 [ ac_cv_have_mode_t="no" ] 1796 ) 1797]) 1798if test "x$ac_cv_have_mode_t" = "xyes" ; then 1799 AC_DEFINE(HAVE_MODE_T) 1800fi 1801 1802 1803AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 1804 AC_TRY_COMPILE( 1805 [ 1806#include <sys/types.h> 1807#include <sys/socket.h> 1808 ], 1809 [ struct sockaddr_storage s; ], 1810 [ ac_cv_have_struct_sockaddr_storage="yes" ], 1811 [ ac_cv_have_struct_sockaddr_storage="no" ] 1812 ) 1813]) 1814if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 1815 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE) 1816fi 1817 1818AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 1819 AC_TRY_COMPILE( 1820 [ 1821#include <sys/types.h> 1822#include <netinet/in.h> 1823 ], 1824 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 1825 [ ac_cv_have_struct_sockaddr_in6="yes" ], 1826 [ ac_cv_have_struct_sockaddr_in6="no" ] 1827 ) 1828]) 1829if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 1830 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6) 1831fi 1832 1833AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 1834 AC_TRY_COMPILE( 1835 [ 1836#include <sys/types.h> 1837#include <netinet/in.h> 1838 ], 1839 [ struct in6_addr s; s.s6_addr[0] = 0; ], 1840 [ ac_cv_have_struct_in6_addr="yes" ], 1841 [ ac_cv_have_struct_in6_addr="no" ] 1842 ) 1843]) 1844if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 1845 AC_DEFINE(HAVE_STRUCT_IN6_ADDR) 1846fi 1847 1848AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 1849 AC_TRY_COMPILE( 1850 [ 1851#include <sys/types.h> 1852#include <sys/socket.h> 1853#include <netdb.h> 1854 ], 1855 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 1856 [ ac_cv_have_struct_addrinfo="yes" ], 1857 [ ac_cv_have_struct_addrinfo="no" ] 1858 ) 1859]) 1860if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 1861 AC_DEFINE(HAVE_STRUCT_ADDRINFO) 1862fi 1863 1864AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 1865 AC_TRY_COMPILE( 1866 [ #include <sys/time.h> ], 1867 [ struct timeval tv; tv.tv_sec = 1;], 1868 [ ac_cv_have_struct_timeval="yes" ], 1869 [ ac_cv_have_struct_timeval="no" ] 1870 ) 1871]) 1872if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 1873 AC_DEFINE(HAVE_STRUCT_TIMEVAL) 1874 have_struct_timeval=1 1875fi 1876 1877AC_CHECK_TYPES(struct timespec) 1878 1879# We need int64_t or else certian parts of the compile will fail. 1880if test "x$ac_cv_have_int64_t" = "xno" -a \ 1881 "x$ac_cv_sizeof_long_int" != "x8" -a \ 1882 "x$ac_cv_sizeof_long_long_int" = "x0" ; then 1883 echo "OpenSSH requires int64_t support. Contact your vendor or install" 1884 echo "an alternative compiler (I.E., GCC) before continuing." 1885 echo "" 1886 exit 1; 1887else 1888dnl test snprintf (broken on SCO w/gcc) 1889 AC_TRY_RUN( 1890 [ 1891#include <stdio.h> 1892#include <string.h> 1893#ifdef HAVE_SNPRINTF 1894main() 1895{ 1896 char buf[50]; 1897 char expected_out[50]; 1898 int mazsize = 50 ; 1899#if (SIZEOF_LONG_INT == 8) 1900 long int num = 0x7fffffffffffffff; 1901#else 1902 long long num = 0x7fffffffffffffffll; 1903#endif 1904 strcpy(expected_out, "9223372036854775807"); 1905 snprintf(buf, mazsize, "%lld", num); 1906 if(strcmp(buf, expected_out) != 0) 1907 exit(1); 1908 exit(0); 1909} 1910#else 1911main() { exit(0); } 1912#endif 1913 ], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ] 1914 ) 1915fi 1916 1917dnl Checks for structure members 1918OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 1919OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 1920OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 1921OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 1922OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 1923OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 1924OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 1925OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 1926OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 1927OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 1928OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 1929OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 1930OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 1931OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 1932OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 1933OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 1934OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 1935 1936AC_CHECK_MEMBERS([struct stat.st_blksize]) 1937 1938AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 1939 ac_cv_have_ss_family_in_struct_ss, [ 1940 AC_TRY_COMPILE( 1941 [ 1942#include <sys/types.h> 1943#include <sys/socket.h> 1944 ], 1945 [ struct sockaddr_storage s; s.ss_family = 1; ], 1946 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 1947 [ ac_cv_have_ss_family_in_struct_ss="no" ], 1948 ) 1949]) 1950if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 1951 AC_DEFINE(HAVE_SS_FAMILY_IN_SS) 1952fi 1953 1954AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 1955 ac_cv_have___ss_family_in_struct_ss, [ 1956 AC_TRY_COMPILE( 1957 [ 1958#include <sys/types.h> 1959#include <sys/socket.h> 1960 ], 1961 [ struct sockaddr_storage s; s.__ss_family = 1; ], 1962 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 1963 [ ac_cv_have___ss_family_in_struct_ss="no" ] 1964 ) 1965]) 1966if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 1967 AC_DEFINE(HAVE___SS_FAMILY_IN_SS) 1968fi 1969 1970AC_CACHE_CHECK([for pw_class field in struct passwd], 1971 ac_cv_have_pw_class_in_struct_passwd, [ 1972 AC_TRY_COMPILE( 1973 [ 1974#include <pwd.h> 1975 ], 1976 [ struct passwd p; p.pw_class = 0; ], 1977 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 1978 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 1979 ) 1980]) 1981if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 1982 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD) 1983fi 1984 1985AC_CACHE_CHECK([for pw_expire field in struct passwd], 1986 ac_cv_have_pw_expire_in_struct_passwd, [ 1987 AC_TRY_COMPILE( 1988 [ 1989#include <pwd.h> 1990 ], 1991 [ struct passwd p; p.pw_expire = 0; ], 1992 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 1993 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 1994 ) 1995]) 1996if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 1997 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD) 1998fi 1999 2000AC_CACHE_CHECK([for pw_change field in struct passwd], 2001 ac_cv_have_pw_change_in_struct_passwd, [ 2002 AC_TRY_COMPILE( 2003 [ 2004#include <pwd.h> 2005 ], 2006 [ struct passwd p; p.pw_change = 0; ], 2007 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 2008 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 2009 ) 2010]) 2011if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 2012 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD) 2013fi 2014 2015dnl make sure we're using the real structure members and not defines 2016AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 2017 ac_cv_have_accrights_in_msghdr, [ 2018 AC_TRY_RUN( 2019 [ 2020#include <sys/types.h> 2021#include <sys/socket.h> 2022#include <sys/uio.h> 2023int main() { 2024#ifdef msg_accrights 2025exit(1); 2026#endif 2027struct msghdr m; 2028m.msg_accrights = 0; 2029exit(0); 2030} 2031 ], 2032 [ ac_cv_have_accrights_in_msghdr="yes" ], 2033 [ ac_cv_have_accrights_in_msghdr="no" ] 2034 ) 2035]) 2036if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 2037 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR) 2038fi 2039 2040AC_CACHE_CHECK([for msg_control field in struct msghdr], 2041 ac_cv_have_control_in_msghdr, [ 2042 AC_TRY_RUN( 2043 [ 2044#include <sys/types.h> 2045#include <sys/socket.h> 2046#include <sys/uio.h> 2047int main() { 2048#ifdef msg_control 2049exit(1); 2050#endif 2051struct msghdr m; 2052m.msg_control = 0; 2053exit(0); 2054} 2055 ], 2056 [ ac_cv_have_control_in_msghdr="yes" ], 2057 [ ac_cv_have_control_in_msghdr="no" ] 2058 ) 2059]) 2060if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 2061 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR) 2062fi 2063 2064AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 2065 AC_TRY_LINK([], 2066 [ extern char *__progname; printf("%s", __progname); ], 2067 [ ac_cv_libc_defines___progname="yes" ], 2068 [ ac_cv_libc_defines___progname="no" ] 2069 ) 2070]) 2071if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 2072 AC_DEFINE(HAVE___PROGNAME) 2073fi 2074 2075AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 2076 AC_TRY_LINK([ 2077#include <stdio.h> 2078], 2079 [ printf("%s", __FUNCTION__); ], 2080 [ ac_cv_cc_implements___FUNCTION__="yes" ], 2081 [ ac_cv_cc_implements___FUNCTION__="no" ] 2082 ) 2083]) 2084if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 2085 AC_DEFINE(HAVE___FUNCTION__) 2086fi 2087 2088AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 2089 AC_TRY_LINK([ 2090#include <stdio.h> 2091], 2092 [ printf("%s", __func__); ], 2093 [ ac_cv_cc_implements___func__="yes" ], 2094 [ ac_cv_cc_implements___func__="no" ] 2095 ) 2096]) 2097if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 2098 AC_DEFINE(HAVE___func__) 2099fi 2100 2101AC_CACHE_CHECK([whether getopt has optreset support], 2102 ac_cv_have_getopt_optreset, [ 2103 AC_TRY_LINK( 2104 [ 2105#include <getopt.h> 2106 ], 2107 [ extern int optreset; optreset = 0; ], 2108 [ ac_cv_have_getopt_optreset="yes" ], 2109 [ ac_cv_have_getopt_optreset="no" ] 2110 ) 2111]) 2112if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 2113 AC_DEFINE(HAVE_GETOPT_OPTRESET) 2114fi 2115 2116AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 2117 AC_TRY_LINK([], 2118 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 2119 [ ac_cv_libc_defines_sys_errlist="yes" ], 2120 [ ac_cv_libc_defines_sys_errlist="no" ] 2121 ) 2122]) 2123if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 2124 AC_DEFINE(HAVE_SYS_ERRLIST) 2125fi 2126 2127 2128AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 2129 AC_TRY_LINK([], 2130 [ extern int sys_nerr; printf("%i", sys_nerr);], 2131 [ ac_cv_libc_defines_sys_nerr="yes" ], 2132 [ ac_cv_libc_defines_sys_nerr="no" ] 2133 ) 2134]) 2135if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 2136 AC_DEFINE(HAVE_SYS_NERR) 2137fi 2138 2139SCARD_MSG="no" 2140# Check whether user wants sectok support 2141AC_ARG_WITH(sectok, 2142 [ --with-sectok Enable smartcard support using libsectok], 2143 [ 2144 if test "x$withval" != "xno" ; then 2145 if test "x$withval" != "xyes" ; then 2146 CPPFLAGS="$CPPFLAGS -I${withval}" 2147 LDFLAGS="$LDFLAGS -L${withval}" 2148 if test ! -z "$need_dash_r" ; then 2149 LDFLAGS="$LDFLAGS -R${withval}" 2150 fi 2151 if test ! -z "$blibpath" ; then 2152 blibpath="$blibpath:${withval}" 2153 fi 2154 fi 2155 AC_CHECK_HEADERS(sectok.h) 2156 if test "$ac_cv_header_sectok_h" != yes; then 2157 AC_MSG_ERROR(Can't find sectok.h) 2158 fi 2159 AC_CHECK_LIB(sectok, sectok_open) 2160 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 2161 AC_MSG_ERROR(Can't find libsectok) 2162 fi 2163 AC_DEFINE(SMARTCARD) 2164 AC_DEFINE(USE_SECTOK) 2165 SCARD_MSG="yes, using sectok" 2166 fi 2167 ] 2168) 2169 2170# Check whether user wants OpenSC support 2171AC_ARG_WITH(opensc, 2172 AC_HELP_STRING([--with-opensc=PFX], 2173 [Enable smartcard support using OpenSC]), 2174 opensc_config_prefix="$withval", opensc_config_prefix="") 2175if test x$opensc_config_prefix != x ; then 2176 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config 2177 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 2178 if test "$OPENSC_CONFIG" != "no"; then 2179 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 2180 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 2181 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 2182 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" 2183 AC_DEFINE(SMARTCARD) 2184 AC_DEFINE(USE_OPENSC) 2185 SCARD_MSG="yes, using OpenSC" 2186 fi 2187fi 2188 2189# Check libraries needed by DNS fingerprint support 2190AC_SEARCH_LIBS(getrrsetbyname, resolv, 2191 [AC_DEFINE(HAVE_GETRRSETBYNAME)], 2192 [ 2193 # Needed by our getrrsetbyname() 2194 AC_SEARCH_LIBS(res_query, resolv) 2195 AC_SEARCH_LIBS(dn_expand, resolv) 2196 AC_MSG_CHECKING(if res_query will link) 2197 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 2198 [AC_MSG_RESULT(no) 2199 saved_LIBS="$LIBS" 2200 LIBS="$LIBS -lresolv" 2201 AC_MSG_CHECKING(for res_query in -lresolv) 2202 AC_LINK_IFELSE([ 2203#include <resolv.h> 2204int main() 2205{ 2206 res_query (0, 0, 0, 0, 0); 2207 return 0; 2208} 2209 ], 2210 [LIBS="$LIBS -lresolv" 2211 AC_MSG_RESULT(yes)], 2212 [LIBS="$saved_LIBS" 2213 AC_MSG_RESULT(no)]) 2214 ]) 2215 AC_CHECK_FUNCS(_getshort _getlong) 2216 AC_CHECK_MEMBER(HEADER.ad, 2217 [AC_DEFINE(HAVE_HEADER_AD)],, 2218 [#include <arpa/nameser.h>]) 2219 ]) 2220 2221# Check whether user wants Kerberos 5 support 2222KRB5_MSG="no" 2223AC_ARG_WITH(kerberos5, 2224 [ --with-kerberos5=PATH Enable Kerberos 5 support], 2225 [ if test "x$withval" != "xno" ; then 2226 if test "x$withval" = "xyes" ; then 2227 KRB5ROOT="/usr/local" 2228 else 2229 KRB5ROOT=${withval} 2230 fi 2231 2232 AC_DEFINE(KRB5) 2233 KRB5_MSG="yes" 2234 2235 AC_MSG_CHECKING(for krb5-config) 2236 if test -x $KRB5ROOT/bin/krb5-config ; then 2237 KRB5CONF=$KRB5ROOT/bin/krb5-config 2238 AC_MSG_RESULT($KRB5CONF) 2239 2240 AC_MSG_CHECKING(for gssapi support) 2241 if $KRB5CONF | grep gssapi >/dev/null ; then 2242 AC_MSG_RESULT(yes) 2243 AC_DEFINE(GSSAPI) 2244 k5confopts=gssapi 2245 else 2246 AC_MSG_RESULT(no) 2247 k5confopts="" 2248 fi 2249 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 2250 K5LIBS="`$KRB5CONF --libs $k5confopts`" 2251 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 2252 AC_MSG_CHECKING(whether we are using Heimdal) 2253 AC_TRY_COMPILE([ #include <krb5.h> ], 2254 [ char *tmp = heimdal_version; ], 2255 [ AC_MSG_RESULT(yes) 2256 AC_DEFINE(HEIMDAL) ], 2257 AC_MSG_RESULT(no) 2258 ) 2259 else 2260 AC_MSG_RESULT(no) 2261 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 2262 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 2263 AC_MSG_CHECKING(whether we are using Heimdal) 2264 AC_TRY_COMPILE([ #include <krb5.h> ], 2265 [ char *tmp = heimdal_version; ], 2266 [ AC_MSG_RESULT(yes) 2267 AC_DEFINE(HEIMDAL) 2268 K5LIBS="-lkrb5 -ldes" 2269 K5LIBS="$K5LIBS -lcom_err -lasn1" 2270 AC_CHECK_LIB(roken, net_write, 2271 [K5LIBS="$K5LIBS -lroken"]) 2272 ], 2273 [ AC_MSG_RESULT(no) 2274 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 2275 ] 2276 ) 2277 AC_SEARCH_LIBS(dn_expand, resolv) 2278 2279 AC_CHECK_LIB(gssapi,gss_init_sec_context, 2280 [ AC_DEFINE(GSSAPI) 2281 K5LIBS="-lgssapi $K5LIBS" ], 2282 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 2283 [ AC_DEFINE(GSSAPI) 2284 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 2285 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 2286 $K5LIBS) 2287 ], 2288 $K5LIBS) 2289 2290 AC_CHECK_HEADER(gssapi.h, , 2291 [ unset ac_cv_header_gssapi_h 2292 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 2293 AC_CHECK_HEADERS(gssapi.h, , 2294 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 2295 ) 2296 ] 2297 ) 2298 2299 oldCPP="$CPPFLAGS" 2300 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 2301 AC_CHECK_HEADER(gssapi_krb5.h, , 2302 [ CPPFLAGS="$oldCPP" ]) 2303 2304 fi 2305 if test ! -z "$need_dash_r" ; then 2306 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 2307 fi 2308 if test ! -z "$blibpath" ; then 2309 blibpath="$blibpath:${KRB5ROOT}/lib" 2310 fi 2311 fi 2312 2313 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 2314 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 2315 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 2316 2317 LIBS="$LIBS $K5LIBS" 2318 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS)) 2319 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS)) 2320 ] 2321) 2322 2323# Looking for programs, paths and files 2324 2325PRIVSEP_PATH=/var/empty 2326AC_ARG_WITH(privsep-path, 2327 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 2328 [ 2329 if test "x$withval" != "$no" ; then 2330 PRIVSEP_PATH=$withval 2331 fi 2332 ] 2333) 2334AC_SUBST(PRIVSEP_PATH) 2335 2336AC_ARG_WITH(xauth, 2337 [ --with-xauth=PATH Specify path to xauth program ], 2338 [ 2339 if test "x$withval" != "xno" ; then 2340 xauth_path=$withval 2341 fi 2342 ], 2343 [ 2344 TestPath="$PATH" 2345 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 2346 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 2347 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 2348 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 2349 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 2350 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 2351 xauth_path="/usr/openwin/bin/xauth" 2352 fi 2353 ] 2354) 2355 2356STRIP_OPT=-s 2357AC_ARG_ENABLE(strip, 2358 [ --disable-strip Disable calling strip(1) on install], 2359 [ 2360 if test "x$enableval" = "xno" ; then 2361 STRIP_OPT= 2362 fi 2363 ] 2364) 2365AC_SUBST(STRIP_OPT) 2366 2367if test -z "$xauth_path" ; then 2368 XAUTH_PATH="undefined" 2369 AC_SUBST(XAUTH_PATH) 2370else 2371 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path") 2372 XAUTH_PATH=$xauth_path 2373 AC_SUBST(XAUTH_PATH) 2374fi 2375 2376# Check for mail directory (last resort if we cannot get it from headers) 2377if test ! -z "$MAIL" ; then 2378 maildir=`dirname $MAIL` 2379 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir") 2380fi 2381 2382if test -z "$no_dev_ptmx" ; then 2383 if test "x$disable_ptmx_check" != "xyes" ; then 2384 AC_CHECK_FILE("/dev/ptmx", 2385 [ 2386 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) 2387 have_dev_ptmx=1 2388 ] 2389 ) 2390 fi 2391fi 2392AC_CHECK_FILE("/dev/ptc", 2393 [ 2394 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) 2395 have_dev_ptc=1 2396 ] 2397) 2398 2399# Options from here on. Some of these are preset by platform above 2400AC_ARG_WITH(mantype, 2401 [ --with-mantype=man|cat|doc Set man page type], 2402 [ 2403 case "$withval" in 2404 man|cat|doc) 2405 MANTYPE=$withval 2406 ;; 2407 *) 2408 AC_MSG_ERROR(invalid man type: $withval) 2409 ;; 2410 esac 2411 ] 2412) 2413if test -z "$MANTYPE"; then 2414 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 2415 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 2416 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 2417 MANTYPE=doc 2418 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 2419 MANTYPE=man 2420 else 2421 MANTYPE=cat 2422 fi 2423fi 2424AC_SUBST(MANTYPE) 2425if test "$MANTYPE" = "doc"; then 2426 mansubdir=man; 2427else 2428 mansubdir=$MANTYPE; 2429fi 2430AC_SUBST(mansubdir) 2431 2432# Check whether to enable MD5 passwords 2433MD5_MSG="no" 2434AC_ARG_WITH(md5-passwords, 2435 [ --with-md5-passwords Enable use of MD5 passwords], 2436 [ 2437 if test "x$withval" != "xno" ; then 2438 AC_DEFINE(HAVE_MD5_PASSWORDS) 2439 MD5_MSG="yes" 2440 fi 2441 ] 2442) 2443 2444# Whether to disable shadow password support 2445AC_ARG_WITH(shadow, 2446 [ --without-shadow Disable shadow password support], 2447 [ 2448 if test "x$withval" = "xno" ; then 2449 AC_DEFINE(DISABLE_SHADOW) 2450 disable_shadow=yes 2451 fi 2452 ] 2453) 2454 2455if test -z "$disable_shadow" ; then 2456 AC_MSG_CHECKING([if the systems has expire shadow information]) 2457 AC_TRY_COMPILE( 2458 [ 2459#include <sys/types.h> 2460#include <shadow.h> 2461 struct spwd sp; 2462 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 2463 [ sp_expire_available=yes ], [] 2464 ) 2465 2466 if test "x$sp_expire_available" = "xyes" ; then 2467 AC_MSG_RESULT(yes) 2468 AC_DEFINE(HAS_SHADOW_EXPIRE) 2469 else 2470 AC_MSG_RESULT(no) 2471 fi 2472fi 2473 2474# Use ip address instead of hostname in $DISPLAY 2475if test ! -z "$IPADDR_IN_DISPLAY" ; then 2476 DISPLAY_HACK_MSG="yes" 2477 AC_DEFINE(IPADDR_IN_DISPLAY) 2478else 2479 DISPLAY_HACK_MSG="no" 2480 AC_ARG_WITH(ipaddr-display, 2481 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 2482 [ 2483 if test "x$withval" != "xno" ; then 2484 AC_DEFINE(IPADDR_IN_DISPLAY) 2485 DISPLAY_HACK_MSG="yes" 2486 fi 2487 ] 2488 ) 2489fi 2490 2491# check for /etc/default/login and use it if present. 2492AC_ARG_ENABLE(etc-default-login, 2493 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],, 2494[ 2495AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) 2496 2497if test "x$external_path_file" = "x/etc/default/login"; then 2498 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) 2499fi 2500]) 2501 2502dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 2503if test $ac_cv_func_login_getcapbool = "yes" -a \ 2504 $ac_cv_header_login_cap_h = "yes" ; then 2505 external_path_file=/etc/login.conf 2506fi 2507 2508# Whether to mess with the default path 2509SERVER_PATH_MSG="(default)" 2510AC_ARG_WITH(default-path, 2511 [ --with-default-path= Specify default \$PATH environment for server], 2512 [ 2513 if test "x$external_path_file" = "x/etc/login.conf" ; then 2514 AC_MSG_WARN([ 2515--with-default-path=PATH has no effect on this system. 2516Edit /etc/login.conf instead.]) 2517 elif test "x$withval" != "xno" ; then 2518 if test ! -z "$external_path_file" ; then 2519 AC_MSG_WARN([ 2520--with-default-path=PATH will only be used if PATH is not defined in 2521$external_path_file .]) 2522 fi 2523 user_path="$withval" 2524 SERVER_PATH_MSG="$withval" 2525 fi 2526 ], 2527 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 2528 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 2529 else 2530 if test ! -z "$external_path_file" ; then 2531 AC_MSG_WARN([ 2532If PATH is defined in $external_path_file, ensure the path to scp is included, 2533otherwise scp will not work.]) 2534 fi 2535 AC_TRY_RUN( 2536 [ 2537/* find out what STDPATH is */ 2538#include <stdio.h> 2539#ifdef HAVE_PATHS_H 2540# include <paths.h> 2541#endif 2542#ifndef _PATH_STDPATH 2543# ifdef _PATH_USERPATH /* Irix */ 2544# define _PATH_STDPATH _PATH_USERPATH 2545# else 2546# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 2547# endif 2548#endif 2549#include <sys/types.h> 2550#include <sys/stat.h> 2551#include <fcntl.h> 2552#define DATA "conftest.stdpath" 2553 2554main() 2555{ 2556 FILE *fd; 2557 int rc; 2558 2559 fd = fopen(DATA,"w"); 2560 if(fd == NULL) 2561 exit(1); 2562 2563 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 2564 exit(1); 2565 2566 exit(0); 2567} 2568 ], [ user_path=`cat conftest.stdpath` ], 2569 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 2570 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 2571 ) 2572# make sure $bindir is in USER_PATH so scp will work 2573 t_bindir=`eval echo ${bindir}` 2574 case $t_bindir in 2575 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 2576 esac 2577 case $t_bindir in 2578 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 2579 esac 2580 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 2581 if test $? -ne 0 ; then 2582 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 2583 if test $? -ne 0 ; then 2584 user_path=$user_path:$t_bindir 2585 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 2586 fi 2587 fi 2588 fi ] 2589) 2590if test "x$external_path_file" != "x/etc/login.conf" ; then 2591 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path") 2592 AC_SUBST(user_path) 2593fi 2594 2595# Set superuser path separately to user path 2596AC_ARG_WITH(superuser-path, 2597 [ --with-superuser-path= Specify different path for super-user], 2598 [ 2599 if test "x$withval" != "xno" ; then 2600 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval") 2601 superuser_path=$withval 2602 fi 2603 ] 2604) 2605 2606 2607AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 2608IPV4_IN6_HACK_MSG="no" 2609AC_ARG_WITH(4in6, 2610 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 2611 [ 2612 if test "x$withval" != "xno" ; then 2613 AC_MSG_RESULT(yes) 2614 AC_DEFINE(IPV4_IN_IPV6) 2615 IPV4_IN6_HACK_MSG="yes" 2616 else 2617 AC_MSG_RESULT(no) 2618 fi 2619 ],[ 2620 if test "x$inet6_default_4in6" = "xyes"; then 2621 AC_MSG_RESULT([yes (default)]) 2622 AC_DEFINE(IPV4_IN_IPV6) 2623 IPV4_IN6_HACK_MSG="yes" 2624 else 2625 AC_MSG_RESULT([no (default)]) 2626 fi 2627 ] 2628) 2629 2630# Whether to enable BSD auth support 2631BSD_AUTH_MSG=no 2632AC_ARG_WITH(bsd-auth, 2633 [ --with-bsd-auth Enable BSD auth support], 2634 [ 2635 if test "x$withval" != "xno" ; then 2636 AC_DEFINE(BSD_AUTH) 2637 BSD_AUTH_MSG=yes 2638 fi 2639 ] 2640) 2641 2642# Where to place sshd.pid 2643piddir=/var/run 2644# make sure the directory exists 2645if test ! -d $piddir ; then 2646 piddir=`eval echo ${sysconfdir}` 2647 case $piddir in 2648 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 2649 esac 2650fi 2651 2652AC_ARG_WITH(pid-dir, 2653 [ --with-pid-dir=PATH Specify location of ssh.pid file], 2654 [ 2655 if test "x$withval" != "xno" ; then 2656 piddir=$withval 2657 if test ! -d $piddir ; then 2658 AC_MSG_WARN([** no $piddir directory on this system **]) 2659 fi 2660 fi 2661 ] 2662) 2663 2664AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir") 2665AC_SUBST(piddir) 2666 2667dnl allow user to disable some login recording features 2668AC_ARG_ENABLE(lastlog, 2669 [ --disable-lastlog disable use of lastlog even if detected [no]], 2670 [ 2671 if test "x$enableval" = "xno" ; then 2672 AC_DEFINE(DISABLE_LASTLOG) 2673 fi 2674 ] 2675) 2676AC_ARG_ENABLE(utmp, 2677 [ --disable-utmp disable use of utmp even if detected [no]], 2678 [ 2679 if test "x$enableval" = "xno" ; then 2680 AC_DEFINE(DISABLE_UTMP) 2681 fi 2682 ] 2683) 2684AC_ARG_ENABLE(utmpx, 2685 [ --disable-utmpx disable use of utmpx even if detected [no]], 2686 [ 2687 if test "x$enableval" = "xno" ; then 2688 AC_DEFINE(DISABLE_UTMPX) 2689 fi 2690 ] 2691) 2692AC_ARG_ENABLE(wtmp, 2693 [ --disable-wtmp disable use of wtmp even if detected [no]], 2694 [ 2695 if test "x$enableval" = "xno" ; then 2696 AC_DEFINE(DISABLE_WTMP) 2697 fi 2698 ] 2699) 2700AC_ARG_ENABLE(wtmpx, 2701 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 2702 [ 2703 if test "x$enableval" = "xno" ; then 2704 AC_DEFINE(DISABLE_WTMPX) 2705 fi 2706 ] 2707) 2708AC_ARG_ENABLE(libutil, 2709 [ --disable-libutil disable use of libutil (login() etc.) [no]], 2710 [ 2711 if test "x$enableval" = "xno" ; then 2712 AC_DEFINE(DISABLE_LOGIN) 2713 fi 2714 ] 2715) 2716AC_ARG_ENABLE(pututline, 2717 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 2718 [ 2719 if test "x$enableval" = "xno" ; then 2720 AC_DEFINE(DISABLE_PUTUTLINE) 2721 fi 2722 ] 2723) 2724AC_ARG_ENABLE(pututxline, 2725 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 2726 [ 2727 if test "x$enableval" = "xno" ; then 2728 AC_DEFINE(DISABLE_PUTUTXLINE) 2729 fi 2730 ] 2731) 2732AC_ARG_WITH(lastlog, 2733 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 2734 [ 2735 if test "x$withval" = "xno" ; then 2736 AC_DEFINE(DISABLE_LASTLOG) 2737 else 2738 conf_lastlog_location=$withval 2739 fi 2740 ] 2741) 2742 2743dnl lastlog, [uw]tmpx? detection 2744dnl NOTE: set the paths in the platform section to avoid the 2745dnl need for command-line parameters 2746dnl lastlog and [uw]tmp are subject to a file search if all else fails 2747 2748dnl lastlog detection 2749dnl NOTE: the code itself will detect if lastlog is a directory 2750AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 2751AC_TRY_COMPILE([ 2752#include <sys/types.h> 2753#include <utmp.h> 2754#ifdef HAVE_LASTLOG_H 2755# include <lastlog.h> 2756#endif 2757#ifdef HAVE_PATHS_H 2758# include <paths.h> 2759#endif 2760#ifdef HAVE_LOGIN_H 2761# include <login.h> 2762#endif 2763 ], 2764 [ char *lastlog = LASTLOG_FILE; ], 2765 [ AC_MSG_RESULT(yes) ], 2766 [ 2767 AC_MSG_RESULT(no) 2768 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 2769 AC_TRY_COMPILE([ 2770#include <sys/types.h> 2771#include <utmp.h> 2772#ifdef HAVE_LASTLOG_H 2773# include <lastlog.h> 2774#endif 2775#ifdef HAVE_PATHS_H 2776# include <paths.h> 2777#endif 2778 ], 2779 [ char *lastlog = _PATH_LASTLOG; ], 2780 [ AC_MSG_RESULT(yes) ], 2781 [ 2782 AC_MSG_RESULT(no) 2783 system_lastlog_path=no 2784 ]) 2785 ] 2786) 2787 2788if test -z "$conf_lastlog_location"; then 2789 if test x"$system_lastlog_path" = x"no" ; then 2790 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 2791 if (test -d "$f" || test -f "$f") ; then 2792 conf_lastlog_location=$f 2793 fi 2794 done 2795 if test -z "$conf_lastlog_location"; then 2796 AC_MSG_WARN([** Cannot find lastlog **]) 2797 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 2798 fi 2799 fi 2800fi 2801 2802if test -n "$conf_lastlog_location"; then 2803 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location") 2804fi 2805 2806dnl utmp detection 2807AC_MSG_CHECKING([if your system defines UTMP_FILE]) 2808AC_TRY_COMPILE([ 2809#include <sys/types.h> 2810#include <utmp.h> 2811#ifdef HAVE_PATHS_H 2812# include <paths.h> 2813#endif 2814 ], 2815 [ char *utmp = UTMP_FILE; ], 2816 [ AC_MSG_RESULT(yes) ], 2817 [ AC_MSG_RESULT(no) 2818 system_utmp_path=no ] 2819) 2820if test -z "$conf_utmp_location"; then 2821 if test x"$system_utmp_path" = x"no" ; then 2822 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 2823 if test -f $f ; then 2824 conf_utmp_location=$f 2825 fi 2826 done 2827 if test -z "$conf_utmp_location"; then 2828 AC_DEFINE(DISABLE_UTMP) 2829 fi 2830 fi 2831fi 2832if test -n "$conf_utmp_location"; then 2833 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location") 2834fi 2835 2836dnl wtmp detection 2837AC_MSG_CHECKING([if your system defines WTMP_FILE]) 2838AC_TRY_COMPILE([ 2839#include <sys/types.h> 2840#include <utmp.h> 2841#ifdef HAVE_PATHS_H 2842# include <paths.h> 2843#endif 2844 ], 2845 [ char *wtmp = WTMP_FILE; ], 2846 [ AC_MSG_RESULT(yes) ], 2847 [ AC_MSG_RESULT(no) 2848 system_wtmp_path=no ] 2849) 2850if test -z "$conf_wtmp_location"; then 2851 if test x"$system_wtmp_path" = x"no" ; then 2852 for f in /usr/adm/wtmp /var/log/wtmp; do 2853 if test -f $f ; then 2854 conf_wtmp_location=$f 2855 fi 2856 done 2857 if test -z "$conf_wtmp_location"; then 2858 AC_DEFINE(DISABLE_WTMP) 2859 fi 2860 fi 2861fi 2862if test -n "$conf_wtmp_location"; then 2863 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location") 2864fi 2865 2866 2867dnl utmpx detection - I don't know any system so perverse as to require 2868dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 2869dnl there, though. 2870AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 2871AC_TRY_COMPILE([ 2872#include <sys/types.h> 2873#include <utmp.h> 2874#ifdef HAVE_UTMPX_H 2875#include <utmpx.h> 2876#endif 2877#ifdef HAVE_PATHS_H 2878# include <paths.h> 2879#endif 2880 ], 2881 [ char *utmpx = UTMPX_FILE; ], 2882 [ AC_MSG_RESULT(yes) ], 2883 [ AC_MSG_RESULT(no) 2884 system_utmpx_path=no ] 2885) 2886if test -z "$conf_utmpx_location"; then 2887 if test x"$system_utmpx_path" = x"no" ; then 2888 AC_DEFINE(DISABLE_UTMPX) 2889 fi 2890else 2891 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location") 2892fi 2893 2894dnl wtmpx detection 2895AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 2896AC_TRY_COMPILE([ 2897#include <sys/types.h> 2898#include <utmp.h> 2899#ifdef HAVE_UTMPX_H 2900#include <utmpx.h> 2901#endif 2902#ifdef HAVE_PATHS_H 2903# include <paths.h> 2904#endif 2905 ], 2906 [ char *wtmpx = WTMPX_FILE; ], 2907 [ AC_MSG_RESULT(yes) ], 2908 [ AC_MSG_RESULT(no) 2909 system_wtmpx_path=no ] 2910) 2911if test -z "$conf_wtmpx_location"; then 2912 if test x"$system_wtmpx_path" = x"no" ; then 2913 AC_DEFINE(DISABLE_WTMPX) 2914 fi 2915else 2916 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location") 2917fi 2918 2919 2920if test ! -z "$blibpath" ; then 2921 LDFLAGS="$LDFLAGS $blibflags$blibpath" 2922 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 2923fi 2924 2925dnl remove pam and dl because they are in $LIBPAM 2926if test "$PAM_MSG" = yes ; then 2927 LIBS=`echo $LIBS | sed 's/-lpam //'` 2928fi 2929if test "$ac_cv_lib_pam_pam_set_item" = yes ; then 2930 LIBS=`echo $LIBS | sed 's/-ldl //'` 2931fi 2932 2933AC_EXEEXT 2934AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile scard/Makefile ssh_prng_cmds]) 2935AC_OUTPUT 2936 2937# Print summary of options 2938 2939# Someone please show me a better way :) 2940A=`eval echo ${prefix}` ; A=`eval echo ${A}` 2941B=`eval echo ${bindir}` ; B=`eval echo ${B}` 2942C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 2943D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 2944E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 2945F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 2946G=`eval echo ${piddir}` ; G=`eval echo ${G}` 2947H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 2948I=`eval echo ${user_path}` ; I=`eval echo ${I}` 2949J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 2950 2951echo "" 2952echo "OpenSSH has been configured with the following options:" 2953echo " User binaries: $B" 2954echo " System binaries: $C" 2955echo " Configuration files: $D" 2956echo " Askpass program: $E" 2957echo " Manual pages: $F" 2958echo " PID file: $G" 2959echo " Privilege separation chroot path: $H" 2960if test "x$external_path_file" = "x/etc/login.conf" ; then 2961echo " At runtime, sshd will use the path defined in $external_path_file" 2962echo " Make sure the path to scp is present, otherwise scp will not work" 2963else 2964echo " sshd default user PATH: $I" 2965 if test ! -z "$external_path_file"; then 2966echo " (If PATH is set in $external_path_file it will be used instead. If" 2967echo " used, ensure the path to scp is present, otherwise scp will not work.)" 2968 fi 2969fi 2970if test ! -z "$superuser_path" ; then 2971echo " sshd superuser user PATH: $J" 2972fi 2973echo " Manpage format: $MANTYPE" 2974echo " PAM support: $PAM_MSG" 2975echo " KerberosV support: $KRB5_MSG" 2976echo " Smartcard support: $SCARD_MSG" 2977echo " S/KEY support: $SKEY_MSG" 2978echo " TCP Wrappers support: $TCPW_MSG" 2979echo " MD5 password support: $MD5_MSG" 2980echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 2981echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 2982echo " BSD Auth support: $BSD_AUTH_MSG" 2983echo " Random number source: $RAND_MSG" 2984if test ! -z "$USE_RAND_HELPER" ; then 2985echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 2986fi 2987 2988echo "" 2989 2990echo " Host: ${host}" 2991echo " Compiler: ${CC}" 2992echo " Compiler flags: ${CFLAGS}" 2993echo "Preprocessor flags: ${CPPFLAGS}" 2994echo " Linker flags: ${LDFLAGS}" 2995echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" 2996 2997echo "" 2998 2999if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 3000 echo "SVR4 style packages are supported with \"make package\"\n" 3001fi 3002 3003if test "x$PAM_MSG" = "xyes" ; then 3004 echo "PAM is enabled. You may need to install a PAM control file " 3005 echo "for sshd, otherwise password authentication may fail. " 3006 echo "Example PAM control files can be found in the contrib/ " 3007 echo "subdirectory" 3008 echo "" 3009fi 3010 3011if test ! -z "$RAND_HELPER_CMDHASH" ; then 3012 echo "WARNING: you are using the builtin random number collection " 3013 echo "service. Please read WARNING.RNG and request that your OS " 3014 echo "vendor includes kernel-based random number collection in " 3015 echo "future versions of your OS." 3016 echo "" 3017fi 3018 3019if test ! -z "$NO_PEERCHECK" ; then 3020 echo "WARNING: the operating system that you are using does not " 3021 echo "appear to support either the getpeereid() API nor the " 3022 echo "SO_PEERCRED getsockopt() option. These facilities are used to " 3023 echo "enforce security checks to prevent unauthorised connections to " 3024 echo "ssh-agent. Their absence increases the risk that a malicious " 3025 echo "user can connect to your agent. " 3026 echo "" 3027fi 3028 3029