configure.ac revision 146998
1221828Sgrehan# $Id: configure.ac,v 1.250 2005/03/07 09:21:37 tim Exp $ 2221828Sgrehan# 3221828Sgrehan# Copyright (c) 1999-2004 Damien Miller 4221828Sgrehan# 5221828Sgrehan# Permission to use, copy, modify, and distribute this software for any 6221828Sgrehan# purpose with or without fee is hereby granted, provided that the above 7221828Sgrehan# copyright notice and this permission notice appear in all copies. 8221828Sgrehan# 9221828Sgrehan# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10221828Sgrehan# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11221828Sgrehan# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12221828Sgrehan# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13221828Sgrehan# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14221828Sgrehan# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15221828Sgrehan# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16221828Sgrehan 17221828SgrehanAC_INIT(OpenSSH, Portable) 18221828SgrehanAC_CONFIG_SRCDIR([ssh.c]) 19221828Sgrehan 20221828SgrehanAC_CONFIG_HEADER(config.h) 21221828SgrehanAC_PROG_CC 22221828SgrehanAC_CANONICAL_HOST 23221828SgrehanAC_C_BIGENDIAN 24221828Sgrehan 25221828Sgrehan# Checks for programs. 26245678SneelAC_PROG_AWK 27221828SgrehanAC_PROG_CPP 28221828SgrehanAC_PROG_RANLIB 29221828SgrehanAC_PROG_INSTALL 30221828SgrehanAC_PATH_PROG(AR, ar) 31221828SgrehanAC_PATH_PROG(CAT, cat) 32265062SneelAC_PATH_PROG(KILL, kill) 33265062SneelAC_PATH_PROGS(PERL, perl5 perl) 34265062SneelAC_PATH_PROG(SED, sed) 35265062SneelAC_SUBST(PERL) 36265203SneelAC_PATH_PROG(ENT, ent) 37265062SneelAC_SUBST(ENT) 38265062SneelAC_PATH_PROG(TEST_MINUS_S_SH, bash) 39265062SneelAC_PATH_PROG(TEST_MINUS_S_SH, ksh) 40221828SgrehanAC_PATH_PROG(TEST_MINUS_S_SH, sh) 41221828SgrehanAC_PATH_PROG(SH, sh) 42221828SgrehanAC_SUBST(TEST_SHELL,sh) 43221828Sgrehan 44221828Sgrehandnl for buildpkg.sh 45262506SneelAC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 46221828Sgrehan [/usr/sbin${PATH_SEPARATOR}/etc]) 47221828SgrehanAC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 48221828Sgrehan [/usr/sbin${PATH_SEPARATOR}/etc]) 49221828SgrehanAC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 50258579Sneel 51258075Sneel# System features 52221828SgrehanAC_SYS_LARGEFILE 53256072Sneel 54256072Sneelif test -z "$AR" ; then 55256072Sneel AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 56221828Sgrehanfi 57266573Sneel 58240922Sneel# Use LOGIN_PROGRAM from environment if possible 59240922Sneelif test ! -z "$LOGIN_PROGRAM" ; then 60260466Sneel AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM") 61221828Sgrehanelse 62259782Sjhb # Search for login 63256072Sneel AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 64256072Sneel if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 65263780Sneel AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 66263780Sneel fi 67221828Sgrehanfi 68221828Sgrehan 69221828SgrehanAC_PATH_PROG(PATH_PASSWD_PROG, passwd) 70221828Sgrehanif test ! -z "$PATH_PASSWD_PROG" ; then 71221828Sgrehan AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG") 72221828Sgrehanfi 73221828Sgrehan 74221828Sgrehanif test -z "$LD" ; then 75221828Sgrehan LD=$CC 76221828Sgrehanfi 77221828SgrehanAC_SUBST(LD) 78256072Sneel 79256072SneelAC_C_INLINE 80259863Sneelif test "$GCC" = "yes" || test "$GCC" = "egcs"; then 81259863Sneel CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized" 82221828Sgrehanfi 83221828Sgrehan 84221828SgrehanAC_ARG_WITH(rpath, 85221828Sgrehan [ --without-rpath Disable auto-added -R linker paths], 86259782Sjhb [ 87221828Sgrehan if test "x$withval" = "xno" ; then 88221828Sgrehan need_dash_r="" 89221828Sgrehan fi 90221828Sgrehan if test "x$withval" = "xyes" ; then 91221828Sgrehan need_dash_r=1 92221828Sgrehan fi 93221828Sgrehan ] 94221828Sgrehan) 95221828Sgrehan 96221828Sgrehan# Check for some target-specific stuff 97256072Sneelcase "$host" in 98256072Sneel*-*-aix*) 99259863Sneel AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 100259863Sneel if (test -z "$blibpath"); then 101221828Sgrehan blibpath="/usr/lib:/lib" 102221828Sgrehan fi 103221828Sgrehan saved_LDFLAGS="$LDFLAGS" 104221828Sgrehan for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do 105221828Sgrehan if (test -z "$blibflags"); then 106249396Sneel LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 107221828Sgrehan AC_TRY_LINK([], [], [blibflags=$tryflags]) 108221828Sgrehan fi 109241041Sneel done 110221828Sgrehan if (test -z "$blibflags"); then 111221828Sgrehan AC_MSG_RESULT(not found) 112256072Sneel AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 113256072Sneel else 114256072Sneel AC_MSG_RESULT($blibflags) 115221828Sgrehan fi 116221828Sgrehan LDFLAGS="$saved_LDFLAGS" 117256072Sneel dnl Check for authenticate. Might be in libs.a on older AIXes 118256072Sneel AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)], 119256072Sneel [AC_CHECK_LIB(s,authenticate, 120221828Sgrehan [ AC_DEFINE(WITH_AIXAUTHENTICATE) 121221828Sgrehan LIBS="$LIBS -ls" 122221828Sgrehan ]) 123221828Sgrehan ]) 124221828Sgrehan dnl Check for various auth function declarations in headers. 125221828Sgrehan AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 126221828Sgrehan passwdexpired], , , [#include <usersec.h>]) 127265062Sneel dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 128221828Sgrehan AC_CHECK_DECLS(loginfailed, 129241982Sneel [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 130241982Sneel AC_TRY_COMPILE( 131263211Stychon [#include <usersec.h>], 132263211Stychon [(void)loginfailed("user","host","tty",0);], 133263211Stychon [AC_MSG_RESULT(yes) 134221828Sgrehan AC_DEFINE(AIX_LOGINFAILED_4ARG)], 135221828Sgrehan [AC_MSG_RESULT(no)] 136258075Sneel )], 137258579Sneel [], 138221828Sgrehan [#include <usersec.h>] 139221828Sgrehan ) 140240922Sneel AC_CHECK_FUNCS(setauthdb) 141240922Sneel check_for_aix_broken_getaddrinfo=1 142258075Sneel AC_DEFINE(BROKEN_REALPATH) 143221828Sgrehan AC_DEFINE(SETEUID_BREAKS_SETUID) 144223621Sgrehan AC_DEFINE(BROKEN_SETREUID) 145240894Sneel AC_DEFINE(BROKEN_SETREGID) 146265062Sneel dnl AIX handles lastlog as part of its login message 147221828Sgrehan AC_DEFINE(DISABLE_LASTLOG) 148221828Sgrehan AC_DEFINE(LOGIN_NEEDS_UTMPX) 149260619Sneel AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 150260619Sneel ;; 151260619Sneel*-*-cygwin*) 152260619Sneel check_for_libcrypt_later=1 153260619Sneel LIBS="$LIBS /usr/lib/textmode.o" 154260619Sneel AC_DEFINE(HAVE_CYGWIN) 155260619Sneel AC_DEFINE(USE_PIPES) 156260619Sneel AC_DEFINE(DISABLE_SHADOW) 157260619Sneel AC_DEFINE(IP_TOS_IS_BROKEN) 158260619Sneel AC_DEFINE(NO_X11_UNIX_SOCKETS) 159260619Sneel AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) 160260619Sneel AC_DEFINE(DISABLE_FD_PASSING) 161260619Sneel ;; 162260619Sneel*-*-dgux*) 163260619Sneel AC_DEFINE(IP_TOS_IS_BROKEN) 164260619Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 165260619Sneel AC_DEFINE(BROKEN_SETREUID) 166260619Sneel AC_DEFINE(BROKEN_SETREGID) 167260619Sneel ;; 168260619Sneel*-*-darwin*) 169260619Sneel AC_MSG_CHECKING(if we have working getaddrinfo) 170260619Sneel AC_TRY_RUN([#include <mach-o/dyld.h> 171260619Sneelmain() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 172260619Sneel exit(0); 173263780Sneel else 174263780Sneel exit(1); 175263780Sneel}], [AC_MSG_RESULT(working)], 176263780Sneel [AC_MSG_RESULT(buggy) 177263780Sneel AC_DEFINE(BROKEN_GETADDRINFO)], 178263780Sneel [AC_MSG_RESULT(assume it is working)]) 179263780Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 180260619Sneel AC_DEFINE(BROKEN_SETREUID) 181221828Sgrehan AC_DEFINE(BROKEN_SETREGID) 182221828Sgrehan AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1) 183221828Sgrehan ;; 184221828Sgrehan*-*-hpux10.26) 185221828Sgrehan if test -z "$GCC"; then 186221828Sgrehan CFLAGS="$CFLAGS -Ae" 187221828Sgrehan fi 188221828Sgrehan CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 189221828Sgrehan IPADDR_IN_DISPLAY=yes 190241489Sneel AC_DEFINE(HAVE_SECUREWARE) 191241489Sneel AC_DEFINE(USE_PIPES) 192256072Sneel AC_DEFINE(LOGIN_NO_ENDOPT) 193241489Sneel AC_DEFINE(LOGIN_NEEDS_UTMPX) 194256072Sneel AC_DEFINE(LOCKED_PASSWD_STRING, "*") 195241489Sneel AC_DEFINE(SPT_TYPE,SPT_PSTAT) 196221828Sgrehan LIBS="$LIBS -lsec -lsecpw" 197259737Sneel AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 198259737Sneel disable_ptmx_check=yes 199249879Sgrehan ;; 200221828Sgrehan*-*-hpux10*) 201221828Sgrehan if test -z "$GCC"; then 202249879Sgrehan CFLAGS="$CFLAGS -Ae" 203221828Sgrehan fi 204249879Sgrehan CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 205221828Sgrehan IPADDR_IN_DISPLAY=yes 206221828Sgrehan AC_DEFINE(USE_PIPES) 207241489Sneel AC_DEFINE(LOGIN_NO_ENDOPT) 208259863Sneel AC_DEFINE(LOGIN_NEEDS_UTMPX) 209256072Sneel AC_DEFINE(LOCKED_PASSWD_STRING, "*") 210256072Sneel AC_DEFINE(SPT_TYPE,SPT_PSTAT) 211256072Sneel LIBS="$LIBS -lsec" 212263035Stychon AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 213263744Stychon ;; 214262506Sneel*-*-hpux11*) 215262506Sneel CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 216262506Sneel IPADDR_IN_DISPLAY=yes 217262506Sneel AC_DEFINE(PAM_SUN_CODEBASE) 218262506Sneel AC_DEFINE(USE_PIPES) 219262506Sneel AC_DEFINE(LOGIN_NO_ENDOPT) 220262506Sneel AC_DEFINE(LOGIN_NEEDS_UTMPX) 221262506Sneel AC_DEFINE(DISABLE_UTMP) 222262506Sneel AC_DEFINE(LOCKED_PASSWD_STRING, "*") 223262506Sneel AC_DEFINE(SPT_TYPE,SPT_PSTAT) 224262506Sneel AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 225262506Sneel check_for_hpux_broken_getaddrinfo=1 226262506Sneel check_for_conflicting_getspnam=1 227262506Sneel LIBS="$LIBS -lsec" 228262506Sneel AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 229262506Sneel ;; 230262506Sneel*-*-irix5*) 231262506Sneel PATH="$PATH:/usr/etc" 232262506Sneel AC_DEFINE(BROKEN_INET_NTOA) 233262506Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 234262506Sneel AC_DEFINE(BROKEN_SETREUID) 235262506Sneel AC_DEFINE(BROKEN_SETREGID) 236262506Sneel AC_DEFINE(WITH_ABBREV_NO_TTY) 237262506Sneel AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 238262506Sneel ;; 239262506Sneel*-*-irix6*) 240266626Sneel PATH="$PATH:/usr/etc" 241262506Sneel AC_DEFINE(WITH_IRIX_ARRAY) 242266573Sneel AC_DEFINE(WITH_IRIX_PROJECT) 243266573Sneel AC_DEFINE(WITH_IRIX_AUDIT) 244221828Sgrehan AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) 245221828Sgrehan AC_DEFINE(BROKEN_INET_NTOA) 246255438Sgrehan AC_DEFINE(SETEUID_BREAKS_SETUID) 247221828Sgrehan AC_DEFINE(BROKEN_SETREUID) 248221828Sgrehan AC_DEFINE(BROKEN_SETREGID) 249221828Sgrehan AC_DEFINE(BROKEN_UPDWTMPX) 250221828Sgrehan AC_DEFINE(WITH_ABBREV_NO_TTY) 251221828Sgrehan AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 252221828Sgrehan ;; 253221828Sgrehan*-*-linux*) 254221828Sgrehan no_dev_ptmx=1 255221828Sgrehan check_for_libcrypt_later=1 256221828Sgrehan check_for_openpty_ctty_bug=1 257221828Sgrehan AC_DEFINE(DONT_TRY_OTHER_AF) 258221828Sgrehan AC_DEFINE(PAM_TTY_KLUDGE) 259221828Sgrehan AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") 260221828Sgrehan AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 261221828Sgrehan AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM) 262221828Sgrehan AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 263221828Sgrehan AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 264221828Sgrehan inet6_default_4in6=yes 265221828Sgrehan case `uname -r` in 266221828Sgrehan 1.*|2.0.*) 267221828Sgrehan AC_DEFINE(BROKEN_CMSG_TYPE) 268221828Sgrehan ;; 269221828Sgrehan esac 270221828Sgrehan ;; 271221828Sgrehanmips-sony-bsd|mips-sony-newsos4) 272221828Sgrehan AC_DEFINE(HAVE_NEWS4) 273221828Sgrehan SONY=1 274221828Sgrehan ;; 275221828Sgrehan*-*-netbsd*) 276221828Sgrehan check_for_libcrypt_before=1 277221828Sgrehan if test "x$withval" != "xno" ; then 278221828Sgrehan need_dash_r=1 279221828Sgrehan fi 280221828Sgrehan ;; 281221828Sgrehan*-*-freebsd*) 282221828Sgrehan check_for_libcrypt_later=1 283221828Sgrehan ;; 284221828Sgrehan*-*-bsdi*) 285266626Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 286221828Sgrehan AC_DEFINE(BROKEN_SETREUID) 287221828Sgrehan AC_DEFINE(BROKEN_SETREGID) 288221828Sgrehan ;; 289221828Sgrehan*-next-*) 290221828Sgrehan conf_lastlog_location="/usr/adm/lastlog" 291221828Sgrehan conf_utmp_location=/etc/utmp 292221828Sgrehan conf_wtmp_location=/usr/adm/wtmp 293221828Sgrehan MAIL=/usr/spool/mail 294221828Sgrehan AC_DEFINE(HAVE_NEXT) 295221828Sgrehan AC_DEFINE(BROKEN_REALPATH) 296221828Sgrehan AC_DEFINE(USE_PIPES) 297256645Sneel AC_DEFINE(BROKEN_SAVED_UIDS) 298221828Sgrehan ;; 299221828Sgrehan*-*-solaris*) 300221828Sgrehan if test "x$withval" != "xno" ; then 301240922Sneel need_dash_r=1 302262236Sneel fi 303240922Sneel AC_DEFINE(PAM_SUN_CODEBASE) 304240922Sneel AC_DEFINE(LOGIN_NEEDS_UTMPX) 305240922Sneel AC_DEFINE(LOGIN_NEEDS_TERM) 306240922Sneel AC_DEFINE(PAM_TTY_KLUDGE) 307266125Sjhb AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID) 308266125Sjhb AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 309266125Sjhb # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 310266125Sjhb AC_DEFINE(SSHD_ACQUIRES_CTTY) 311266125Sjhb external_path_file=/etc/default/login 312221828Sgrehan # hardwire lastlog location (can't detect it on some versions) 313221828Sgrehan conf_lastlog_location="/var/adm/lastlog" 314221828Sgrehan AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 315221828Sgrehan sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 316221828Sgrehan if test "$sol2ver" -ge 8; then 317221828Sgrehan AC_MSG_RESULT(yes) 318221828Sgrehan AC_DEFINE(DISABLE_UTMP) 319221828Sgrehan AC_DEFINE(DISABLE_WTMP) 320221828Sgrehan else 321221828Sgrehan AC_MSG_RESULT(no) 322221828Sgrehan fi 323221828Sgrehan ;; 324266724Sneel*-*-sunos4*) 325266724Sneel CPPFLAGS="$CPPFLAGS -DSUNOS4" 326266724Sneel AC_CHECK_FUNCS(getpwanam) 327266724Sneel AC_DEFINE(PAM_SUN_CODEBASE) 328266724Sneel conf_utmp_location=/etc/utmp 329221828Sgrehan conf_wtmp_location=/var/adm/wtmp 330266627Sneel conf_lastlog_location=/var/adm/lastlog 331266627Sneel AC_DEFINE(USE_PIPES) 332266627Sneel ;; 333266627Sneel*-ncr-sysv*) 334266627Sneel LIBS="$LIBS -lc89" 335266627Sneel AC_DEFINE(USE_PIPES) 336266627Sneel AC_DEFINE(SSHD_ACQUIRES_CTTY) 337266627Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 338266627Sneel AC_DEFINE(BROKEN_SETREUID) 339266627Sneel AC_DEFINE(BROKEN_SETREGID) 340266627Sneel ;; 341266627Sneel*-sni-sysv*) 342266627Sneel # /usr/ucblib MUST NOT be searched on ReliantUNIX 343266627Sneel AC_CHECK_LIB(dl, dlsym, ,) 344266627Sneel # -lresolv needs to be at then end of LIBS or DNS lookups break 345266627Sneel AC_CHECK_LIB(res_query, resolv, [ LIBS="$LIBS -lresolv" ]) 346266627Sneel IPADDR_IN_DISPLAY=yes 347266627Sneel AC_DEFINE(USE_PIPES) 348266627Sneel AC_DEFINE(IP_TOS_IS_BROKEN) 349266627Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 350266627Sneel AC_DEFINE(BROKEN_SETREUID) 351266627Sneel AC_DEFINE(BROKEN_SETREGID) 352266627Sneel AC_DEFINE(SSHD_ACQUIRES_CTTY) 353266627Sneel external_path_file=/etc/default/login 354266627Sneel # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 355266627Sneel # Attention: always take care to bind libsocket and libnsl before libc, 356266627Sneel # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 357266627Sneel ;; 358266627Sneel# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 359266627Sneel*-*-sysv4.2*) 360266627Sneel AC_DEFINE(USE_PIPES) 361266627Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 362266627Sneel AC_DEFINE(BROKEN_SETREUID) 363266627Sneel AC_DEFINE(BROKEN_SETREGID) 364266627Sneel ;; 365266627Sneel# UnixWare 7.x, OpenUNIX 8 366266627Sneel*-*-sysv5*) 367266627Sneel AC_DEFINE(USE_PIPES) 368266627Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 369266627Sneel AC_DEFINE(BROKEN_SETREUID) 370266627Sneel AC_DEFINE(BROKEN_SETREGID) 371266627Sneel ;; 372266627Sneel*-*-sysv*) 373266627Sneel ;; 374266627Sneel# SCO UNIX and OEM versions of SCO UNIX 375266627Sneel*-*-sco3.2v4*) 376266627Sneel AC_MSG_ERROR("This Platform is no longer supported.") 377266627Sneel ;; 378266627Sneel# SCO OpenServer 5.x 379266627Sneel*-*-sco3.2v5*) 380266627Sneel if test -z "$GCC"; then 381266627Sneel CFLAGS="$CFLAGS -belf" 382266627Sneel fi 383266627Sneel LIBS="$LIBS -lprot -lx -ltinfo -lm" 384266627Sneel no_dev_ptmx=1 385266627Sneel AC_DEFINE(USE_PIPES) 386266627Sneel AC_DEFINE(HAVE_SECUREWARE) 387266627Sneel AC_DEFINE(DISABLE_SHADOW) 388266627Sneel AC_DEFINE(DISABLE_FD_PASSING) 389266627Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 390266627Sneel AC_DEFINE(BROKEN_SETREUID) 391266627Sneel AC_DEFINE(BROKEN_SETREGID) 392266627Sneel AC_DEFINE(WITH_ABBREV_NO_TTY) 393266627Sneel AC_DEFINE(BROKEN_UPDWTMPX) 394266627Sneel AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 395221828Sgrehan AC_CHECK_FUNCS(getluid setluid) 396221828Sgrehan MANTYPE=man 397221828Sgrehan TEST_SHELL=ksh 398221828Sgrehan ;; 399221828Sgrehan*-*-unicosmk*) 400221828Sgrehan AC_DEFINE(NO_SSH_LASTLOG) 401221828Sgrehan AC_DEFINE(SETEUID_BREAKS_SETUID) 402221828Sgrehan AC_DEFINE(BROKEN_SETREUID) 403221828Sgrehan AC_DEFINE(BROKEN_SETREGID) 404234761Sgrehan AC_DEFINE(USE_PIPES) 405256072Sneel AC_DEFINE(DISABLE_FD_PASSING) 406240912Sneel LDFLAGS="$LDFLAGS" 407265101Sneel LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 408260619Sneel MANTYPE=cat 409261170Sneel ;; 410263780Sneel*-*-unicosmp*) 411266573Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 412234761Sgrehan AC_DEFINE(BROKEN_SETREUID) 413221828Sgrehan AC_DEFINE(BROKEN_SETREGID) 414221828Sgrehan AC_DEFINE(WITH_ABBREV_NO_TTY) 415266573Sneel AC_DEFINE(USE_PIPES) 416266573Sneel AC_DEFINE(DISABLE_FD_PASSING) 417266573Sneel LDFLAGS="$LDFLAGS" 418266573Sneel LIBS="$LIBS -lgen -lacid -ldb" 419266573Sneel MANTYPE=cat 420266573Sneel ;; 421266573Sneel*-*-unicos*) 422266573Sneel AC_DEFINE(SETEUID_BREAKS_SETUID) 423266573Sneel AC_DEFINE(BROKEN_SETREUID) 424266573Sneel AC_DEFINE(BROKEN_SETREGID) 425266573Sneel AC_DEFINE(USE_PIPES) 426266627Sneel AC_DEFINE(DISABLE_FD_PASSING) 427266573Sneel AC_DEFINE(NO_SSH_LASTLOG) 428266573Sneel LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 429266573Sneel LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 430266573Sneel MANTYPE=cat 431266573Sneel ;; 432266573Sneel*-dec-osf*) 433266573Sneel AC_MSG_CHECKING(for Digital Unix SIA) 434266573Sneel no_osfsia="" 435266573Sneel AC_ARG_WITH(osfsia, 436221828Sgrehan [ --with-osfsia Enable Digital Unix SIA], 437221828Sgrehan [ 438221828Sgrehan if test "x$withval" = "xno" ; then 439221828Sgrehan AC_MSG_RESULT(disabled) 440221828Sgrehan no_osfsia=1 441266573Sneel fi 442266573Sneel ], 443221828Sgrehan ) 444241497Sgrehan if test -z "$no_osfsia" ; then 445256072Sneel if test -f /etc/sia/matrix.conf; then 446256072Sneel AC_MSG_RESULT(yes) 447256072Sneel AC_DEFINE(HAVE_OSF_SIA) 448256072Sneel AC_DEFINE(DISABLE_LOGIN) 449256072Sneel AC_DEFINE(DISABLE_FD_PASSING) 450266627Sneel LIBS="$LIBS -lsecurity -ldb -lm -laud" 451243640Sneel else 452256072Sneel AC_MSG_RESULT(no) 453221828Sgrehan AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin") 454221828Sgrehan fi 455221828Sgrehan fi 456221828Sgrehan AC_DEFINE(BROKEN_GETADDRINFO) 457221828Sgrehan AC_DEFINE(SETEUID_BREAKS_SETUID) 458260167Sneel AC_DEFINE(BROKEN_SETREUID) 459260167Sneel AC_DEFINE(BROKEN_SETREGID) 460260167Sneel ;; 461260167Sneel 462260167Sneel*-*-nto-qnx) 463221828Sgrehan AC_DEFINE(USE_PIPES) 464221828Sgrehan AC_DEFINE(NO_X11_UNIX_SOCKETS) 465260167Sneel AC_DEFINE(MISSING_NFDBITS) 466260167Sneel AC_DEFINE(MISSING_HOWMANY) 467260167Sneel AC_DEFINE(MISSING_FD_MASK) 468260167Sneel ;; 469260167Sneelesac 470260167Sneel 471221828Sgrehan# Allow user to specify flags 472221828SgrehanAC_ARG_WITH(cflags, 473221828Sgrehan [ --with-cflags Specify additional flags to pass to compiler], 474221828Sgrehan [ 475221828Sgrehan if test "x$withval" != "xno" ; then 476240912Sneel CFLAGS="$CFLAGS $withval" 477240912Sneel fi 478240912Sneel ] 479240912Sneel) 480259081SneelAC_ARG_WITH(cppflags, 481259081Sneel [ --with-cppflags Specify additional flags to pass to preprocessor] , 482259081Sneel [ 483261170Sneel if test "x$withval" != "xno"; then 484261170Sneel CPPFLAGS="$CPPFLAGS $withval" 485261170Sneel fi 486265062Sneel ] 487265062Sneel) 488265062SneelAC_ARG_WITH(ldflags, 489221828Sgrehan [ --with-ldflags Specify additional flags to pass to linker], 490221828Sgrehan [ 491221828Sgrehan if test "x$withval" != "xno" ; then 492221828Sgrehan LDFLAGS="$LDFLAGS $withval" 493 fi 494 ] 495) 496AC_ARG_WITH(libs, 497 [ --with-libs Specify additional libraries to link with], 498 [ 499 if test "x$withval" != "xno" ; then 500 LIBS="$LIBS $withval" 501 fi 502 ] 503) 504 505AC_MSG_CHECKING(compiler and flags for sanity) 506AC_RUN_IFELSE( 507 [AC_LANG_SOURCE([ 508#include <stdio.h> 509int main(){exit(0);} 510 ])], 511 [ AC_MSG_RESULT(yes) ], 512 [ 513 AC_MSG_RESULT(no) 514 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 515 ], 516 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 517) 518 519# Checks for header files. 520AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \ 521 floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \ 522 login_cap.h maillock.h ndir.h netdb.h netgroup.h \ 523 netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \ 524 rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \ 525 strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \ 526 sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \ 527 sys/pstat.h sys/select.h sys/stat.h sys/stream.h \ 528 sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \ 529 time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h) 530 531# sys/ptms.h requires sys/stream.h to be included first on Solaris 532AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 533#ifdef HAVE_SYS_STREAM_H 534# include <sys/stream.h> 535#endif 536]) 537 538# Checks for libraries. 539AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 540AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 541 542dnl IRIX and Solaris 2.5.1 have dirname() in libgen 543AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 544 AC_CHECK_LIB(gen, dirname,[ 545 AC_CACHE_CHECK([for broken dirname], 546 ac_cv_have_broken_dirname, [ 547 save_LIBS="$LIBS" 548 LIBS="$LIBS -lgen" 549 AC_TRY_RUN( 550 [ 551#include <libgen.h> 552#include <string.h> 553 554int main(int argc, char **argv) { 555 char *s, buf[32]; 556 557 strncpy(buf,"/etc", 32); 558 s = dirname(buf); 559 if (!s || strncmp(s, "/", 32) != 0) { 560 exit(1); 561 } else { 562 exit(0); 563 } 564} 565 ], 566 [ ac_cv_have_broken_dirname="no" ], 567 [ ac_cv_have_broken_dirname="yes" ] 568 ) 569 LIBS="$save_LIBS" 570 ]) 571 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 572 LIBS="$LIBS -lgen" 573 AC_DEFINE(HAVE_DIRNAME) 574 AC_CHECK_HEADERS(libgen.h) 575 fi 576 ]) 577]) 578 579AC_CHECK_FUNC(getspnam, , 580 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 581AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME)) 582 583dnl zlib is required 584AC_ARG_WITH(zlib, 585 [ --with-zlib=PATH Use zlib in PATH], 586 [ 587 if test "x$withval" = "xno" ; then 588 AC_MSG_ERROR([*** zlib is required ***]) 589 fi 590 if test -d "$withval/lib"; then 591 if test -n "${need_dash_r}"; then 592 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 593 else 594 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 595 fi 596 else 597 if test -n "${need_dash_r}"; then 598 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 599 else 600 LDFLAGS="-L${withval} ${LDFLAGS}" 601 fi 602 fi 603 if test -d "$withval/include"; then 604 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 605 else 606 CPPFLAGS="-I${withval} ${CPPFLAGS}" 607 fi 608 ] 609) 610 611AC_CHECK_LIB(z, deflate, , 612 [ 613 saved_CPPFLAGS="$CPPFLAGS" 614 saved_LDFLAGS="$LDFLAGS" 615 save_LIBS="$LIBS" 616 dnl Check default zlib install dir 617 if test -n "${need_dash_r}"; then 618 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 619 else 620 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 621 fi 622 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 623 LIBS="$LIBS -lz" 624 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 625 [ 626 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 627 ] 628 ) 629 ] 630) 631AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 632 633AC_ARG_WITH(zlib-version-check, 634 [ --without-zlib-version-check Disable zlib version check], 635 [ if test "x$withval" = "xno" ; then 636 zlib_check_nonfatal=1 637 fi 638 ] 639) 640 641AC_MSG_CHECKING(for zlib 1.1.4 or greater) 642AC_RUN_IFELSE([AC_LANG_SOURCE([[ 643#include <zlib.h> 644int main() 645{ 646 int a, b, c, v; 647 if (sscanf(ZLIB_VERSION, "%d.%d.%d", &a, &b, &c) != 3) 648 exit(1); 649 v = a*1000000 + b*1000 + c; 650 if (v >= 1001004) 651 exit(0); 652 exit(2); 653} 654 ]])], 655 AC_MSG_RESULT(yes), 656 [ AC_MSG_RESULT(no) 657 if test -z "$zlib_check_nonfatal" ; then 658 AC_MSG_ERROR([*** zlib too old - check config.log *** 659Your reported zlib version has known security problems. It's possible your 660vendor has fixed these problems without changing the version number. If you 661are sure this is the case, you can disable the check by running 662"./configure --without-zlib-version-check". 663If you are in doubt, upgrade zlib to version 1.1.4 or greater.]) 664 else 665 AC_MSG_WARN([zlib version may have security problems]) 666 fi 667 ], 668 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 669) 670 671dnl UnixWare 2.x 672AC_CHECK_FUNC(strcasecmp, 673 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 674) 675AC_CHECK_FUNC(utimes, 676 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 677 LIBS="$LIBS -lc89"]) ] 678) 679 680dnl Checks for libutil functions 681AC_CHECK_HEADERS(libutil.h) 682AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)]) 683AC_CHECK_FUNCS(logout updwtmp logwtmp) 684 685AC_FUNC_STRFTIME 686 687# Check for ALTDIRFUNC glob() extension 688AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 689AC_EGREP_CPP(FOUNDIT, 690 [ 691 #include <glob.h> 692 #ifdef GLOB_ALTDIRFUNC 693 FOUNDIT 694 #endif 695 ], 696 [ 697 AC_DEFINE(GLOB_HAS_ALTDIRFUNC) 698 AC_MSG_RESULT(yes) 699 ], 700 [ 701 AC_MSG_RESULT(no) 702 ] 703) 704 705# Check for g.gl_matchc glob() extension 706AC_MSG_CHECKING(for gl_matchc field in glob_t) 707AC_EGREP_CPP(FOUNDIT, 708 [ 709 #include <glob.h> 710 int main(void){glob_t g; g.gl_matchc = 1;} 711 ], 712 [ 713 AC_DEFINE(GLOB_HAS_GL_MATCHC) 714 AC_MSG_RESULT(yes) 715 ], 716 [ 717 AC_MSG_RESULT(no) 718 ] 719) 720 721AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 722AC_RUN_IFELSE( 723 [AC_LANG_SOURCE([[ 724#include <sys/types.h> 725#include <dirent.h> 726int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 727 ]])], 728 [AC_MSG_RESULT(yes)], 729 [ 730 AC_MSG_RESULT(no) 731 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 732 ], 733 [ 734 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 735 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 736 ] 737) 738 739AC_MSG_CHECKING([for /proc/pid/fd directory]) 740if test -d "/proc/$$/fd" ; then 741 AC_DEFINE(HAVE_PROC_PID) 742 AC_MSG_RESULT(yes) 743else 744 AC_MSG_RESULT(no) 745fi 746 747# Check whether user wants S/Key support 748SKEY_MSG="no" 749AC_ARG_WITH(skey, 750 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 751 [ 752 if test "x$withval" != "xno" ; then 753 754 if test "x$withval" != "xyes" ; then 755 CPPFLAGS="$CPPFLAGS -I${withval}/include" 756 LDFLAGS="$LDFLAGS -L${withval}/lib" 757 fi 758 759 AC_DEFINE(SKEY) 760 LIBS="-lskey $LIBS" 761 SKEY_MSG="yes" 762 763 AC_MSG_CHECKING([for s/key support]) 764 AC_TRY_RUN( 765 [ 766#include <stdio.h> 767#include <skey.h> 768int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 769 ], 770 [AC_MSG_RESULT(yes)], 771 [ 772 AC_MSG_RESULT(no) 773 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 774 ]) 775 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 776 AC_TRY_COMPILE( 777 [#include <stdio.h> 778 #include <skey.h>], 779 [(void)skeychallenge(NULL,"name","",0);], 780 [AC_MSG_RESULT(yes) 781 AC_DEFINE(SKEYCHALLENGE_4ARG)], 782 [AC_MSG_RESULT(no)] 783 ) 784 fi 785 ] 786) 787 788# Check whether user wants TCP wrappers support 789TCPW_MSG="no" 790AC_ARG_WITH(tcp-wrappers, 791 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 792 [ 793 if test "x$withval" != "xno" ; then 794 saved_LIBS="$LIBS" 795 saved_LDFLAGS="$LDFLAGS" 796 saved_CPPFLAGS="$CPPFLAGS" 797 if test -n "${withval}" -a "${withval}" != "yes"; then 798 if test -d "${withval}/lib"; then 799 if test -n "${need_dash_r}"; then 800 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 801 else 802 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 803 fi 804 else 805 if test -n "${need_dash_r}"; then 806 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 807 else 808 LDFLAGS="-L${withval} ${LDFLAGS}" 809 fi 810 fi 811 if test -d "${withval}/include"; then 812 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 813 else 814 CPPFLAGS="-I${withval} ${CPPFLAGS}" 815 fi 816 fi 817 LIBWRAP="-lwrap" 818 LIBS="$LIBWRAP $LIBS" 819 AC_MSG_CHECKING(for libwrap) 820 AC_TRY_LINK( 821 [ 822#include <sys/types.h> 823#include <sys/socket.h> 824#include <netinet/in.h> 825#include <tcpd.h> 826 int deny_severity = 0, allow_severity = 0; 827 ], 828 [hosts_access(0);], 829 [ 830 AC_MSG_RESULT(yes) 831 AC_DEFINE(LIBWRAP) 832 AC_SUBST(LIBWRAP) 833 TCPW_MSG="yes" 834 ], 835 [ 836 AC_MSG_ERROR([*** libwrap missing]) 837 ] 838 ) 839 LIBS="$saved_LIBS" 840 fi 841 ] 842) 843 844# Check whether user wants libedit support 845LIBEDIT_MSG="no" 846AC_ARG_WITH(libedit, 847 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 848 [ if test "x$withval" != "xno" ; then 849 AC_CHECK_LIB(edit, el_init, 850 [ AC_DEFINE(USE_LIBEDIT, [], [Use libedit for sftp]) 851 LIBEDIT="-ledit -lcurses" 852 LIBEDIT_MSG="yes" 853 AC_SUBST(LIBEDIT) 854 ], 855 [], [-lcurses] 856 ) 857 fi ] 858) 859 860AUDIT_MODULE=none 861AC_ARG_WITH(audit, 862 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 863 [ 864 AC_MSG_CHECKING(for supported audit module) 865 case "$withval" in 866 bsm) 867 AC_MSG_RESULT(bsm) 868 AUDIT_MODULE=bsm 869 dnl Checks for headers, libs and functions 870 AC_CHECK_HEADERS(bsm/audit.h, [], 871 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)]) 872 AC_CHECK_LIB(bsm, getaudit, [], 873 [AC_MSG_ERROR(BSM enabled and required library not found)]) 874 AC_CHECK_FUNCS(getaudit, [], 875 [AC_MSG_ERROR(BSM enabled and required function not found)]) 876 # These are optional 877 AC_CHECK_FUNCS(getaudit_addr) 878 AC_DEFINE(USE_BSM_AUDIT, [], [Use BSM audit module]) 879 ;; 880 debug) 881 AUDIT_MODULE=debug 882 AC_MSG_RESULT(debug) 883 AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module) 884 ;; 885 *) 886 AC_MSG_ERROR([Unknown audit module $withval]) 887 ;; 888 esac ] 889) 890 891dnl Checks for library functions. Please keep in alphabetical order 892AC_CHECK_FUNCS(\ 893 arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \ 894 bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \ 895 freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \ 896 getopt getpeereid _getpty getrlimit getttyent glob inet_aton \ 897 inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ 898 mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ 899 pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \ 900 setdtablesize setegid setenv seteuid setgroups setlogin setpcred \ 901 setproctitle setregid setreuid setrlimit \ 902 setsid setvbuf sigaction sigvec snprintf socketpair strerror \ 903 strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \ 904 truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \ 905) 906 907# IRIX has a const char return value for gai_strerror() 908AC_CHECK_FUNCS(gai_strerror,[ 909 AC_DEFINE(HAVE_GAI_STRERROR) 910 AC_TRY_COMPILE([ 911#include <sys/types.h> 912#include <sys/socket.h> 913#include <netdb.h> 914 915const char *gai_strerror(int);],[ 916char *str; 917 918str = gai_strerror(0);],[ 919 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 920 [Define if gai_strerror() returns const char *])])]) 921 922AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) 923 924dnl Make sure prototypes are defined for these before using them. 925AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)]) 926AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 927 928dnl tcsendbreak might be a macro 929AC_CHECK_DECL(tcsendbreak, 930 [AC_DEFINE(HAVE_TCSENDBREAK)], 931 [AC_CHECK_FUNCS(tcsendbreak)], 932 [#include <termios.h>] 933) 934 935AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 936 937AC_CHECK_FUNCS(setresuid, [ 938 dnl Some platorms have setresuid that isn't implemented, test for this 939 AC_MSG_CHECKING(if setresuid seems to work) 940 AC_RUN_IFELSE( 941 [AC_LANG_SOURCE([[ 942#include <stdlib.h> 943#include <errno.h> 944int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 945 ]])], 946 [AC_MSG_RESULT(yes)], 947 [AC_DEFINE(BROKEN_SETRESUID) 948 AC_MSG_RESULT(not implemented)], 949 [AC_MSG_WARN([cross compiling: not checking setresuid])] 950 ) 951]) 952 953AC_CHECK_FUNCS(setresgid, [ 954 dnl Some platorms have setresgid that isn't implemented, test for this 955 AC_MSG_CHECKING(if setresgid seems to work) 956 AC_RUN_IFELSE( 957 [AC_LANG_SOURCE([[ 958#include <stdlib.h> 959#include <errno.h> 960int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 961 ]])], 962 [AC_MSG_RESULT(yes)], 963 [AC_DEFINE(BROKEN_SETRESGID) 964 AC_MSG_RESULT(not implemented)], 965 [AC_MSG_WARN([cross compiling: not checking setresuid])] 966 ) 967]) 968 969dnl Checks for time functions 970AC_CHECK_FUNCS(gettimeofday time) 971dnl Checks for utmp functions 972AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 973AC_CHECK_FUNCS(utmpname) 974dnl Checks for utmpx functions 975AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 976AC_CHECK_FUNCS(setutxent utmpxname) 977 978AC_CHECK_FUNC(daemon, 979 [AC_DEFINE(HAVE_DAEMON)], 980 [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 981) 982 983AC_CHECK_FUNC(getpagesize, 984 [AC_DEFINE(HAVE_GETPAGESIZE)], 985 [AC_CHECK_LIB(ucb, getpagesize, [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 986) 987 988# Check for broken snprintf 989if test "x$ac_cv_func_snprintf" = "xyes" ; then 990 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 991 AC_RUN_IFELSE( 992 [AC_LANG_SOURCE([[ 993#include <stdio.h> 994int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 995 ]])], 996 [AC_MSG_RESULT(yes)], 997 [ 998 AC_MSG_RESULT(no) 999 AC_DEFINE(BROKEN_SNPRINTF) 1000 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1001 ], 1002 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1003 ) 1004fi 1005 1006# Check for missing getpeereid (or equiv) support 1007NO_PEERCHECK="" 1008if test "x$ac_cv_func_getpeereid" != "xyes" ; then 1009 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1010 AC_TRY_COMPILE( 1011 [#include <sys/types.h> 1012 #include <sys/socket.h>], 1013 [int i = SO_PEERCRED;], 1014 [AC_MSG_RESULT(yes)], 1015 [AC_MSG_RESULT(no) 1016 NO_PEERCHECK=1] 1017 ) 1018fi 1019 1020dnl see whether mkstemp() requires XXXXXX 1021if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1022AC_MSG_CHECKING([for (overly) strict mkstemp]) 1023AC_TRY_RUN( 1024 [ 1025#include <stdlib.h> 1026main() { char template[]="conftest.mkstemp-test"; 1027if (mkstemp(template) == -1) 1028 exit(1); 1029unlink(template); exit(0); 1030} 1031 ], 1032 [ 1033 AC_MSG_RESULT(no) 1034 ], 1035 [ 1036 AC_MSG_RESULT(yes) 1037 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1038 ], 1039 [ 1040 AC_MSG_RESULT(yes) 1041 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1042 ] 1043) 1044fi 1045 1046dnl make sure that openpty does not reacquire controlling terminal 1047if test ! -z "$check_for_openpty_ctty_bug"; then 1048 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1049 AC_TRY_RUN( 1050 [ 1051#include <stdio.h> 1052#include <sys/fcntl.h> 1053#include <sys/types.h> 1054#include <sys/wait.h> 1055 1056int 1057main() 1058{ 1059 pid_t pid; 1060 int fd, ptyfd, ttyfd, status; 1061 1062 pid = fork(); 1063 if (pid < 0) { /* failed */ 1064 exit(1); 1065 } else if (pid > 0) { /* parent */ 1066 waitpid(pid, &status, 0); 1067 if (WIFEXITED(status)) 1068 exit(WEXITSTATUS(status)); 1069 else 1070 exit(2); 1071 } else { /* child */ 1072 close(0); close(1); close(2); 1073 setsid(); 1074 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1075 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1076 if (fd >= 0) 1077 exit(3); /* Acquired ctty: broken */ 1078 else 1079 exit(0); /* Did not acquire ctty: OK */ 1080 } 1081} 1082 ], 1083 [ 1084 AC_MSG_RESULT(yes) 1085 ], 1086 [ 1087 AC_MSG_RESULT(no) 1088 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1089 ] 1090 ) 1091fi 1092 1093if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1094 AC_MSG_CHECKING(if getaddrinfo seems to work) 1095 AC_TRY_RUN( 1096 [ 1097#include <stdio.h> 1098#include <sys/socket.h> 1099#include <netdb.h> 1100#include <errno.h> 1101#include <netinet/in.h> 1102 1103#define TEST_PORT "2222" 1104 1105int 1106main(void) 1107{ 1108 int err, sock; 1109 struct addrinfo *gai_ai, *ai, hints; 1110 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1111 1112 memset(&hints, 0, sizeof(hints)); 1113 hints.ai_family = PF_UNSPEC; 1114 hints.ai_socktype = SOCK_STREAM; 1115 hints.ai_flags = AI_PASSIVE; 1116 1117 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1118 if (err != 0) { 1119 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1120 exit(1); 1121 } 1122 1123 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1124 if (ai->ai_family != AF_INET6) 1125 continue; 1126 1127 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1128 sizeof(ntop), strport, sizeof(strport), 1129 NI_NUMERICHOST|NI_NUMERICSERV); 1130 1131 if (err != 0) { 1132 if (err == EAI_SYSTEM) 1133 perror("getnameinfo EAI_SYSTEM"); 1134 else 1135 fprintf(stderr, "getnameinfo failed: %s\n", 1136 gai_strerror(err)); 1137 exit(2); 1138 } 1139 1140 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1141 if (sock < 0) 1142 perror("socket"); 1143 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1144 if (errno == EBADF) 1145 exit(3); 1146 } 1147 } 1148 exit(0); 1149} 1150 ], 1151 [ 1152 AC_MSG_RESULT(yes) 1153 ], 1154 [ 1155 AC_MSG_RESULT(no) 1156 AC_DEFINE(BROKEN_GETADDRINFO) 1157 ] 1158 ) 1159fi 1160 1161if test "x$ac_cv_func_getaddrinfo" = "xyes" -a "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1162 AC_MSG_CHECKING(if getaddrinfo seems to work) 1163 AC_TRY_RUN( 1164 [ 1165#include <stdio.h> 1166#include <sys/socket.h> 1167#include <netdb.h> 1168#include <errno.h> 1169#include <netinet/in.h> 1170 1171#define TEST_PORT "2222" 1172 1173int 1174main(void) 1175{ 1176 int err, sock; 1177 struct addrinfo *gai_ai, *ai, hints; 1178 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1179 1180 memset(&hints, 0, sizeof(hints)); 1181 hints.ai_family = PF_UNSPEC; 1182 hints.ai_socktype = SOCK_STREAM; 1183 hints.ai_flags = AI_PASSIVE; 1184 1185 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1186 if (err != 0) { 1187 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1188 exit(1); 1189 } 1190 1191 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1192 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1193 continue; 1194 1195 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1196 sizeof(ntop), strport, sizeof(strport), 1197 NI_NUMERICHOST|NI_NUMERICSERV); 1198 1199 if (ai->ai_family == AF_INET && err != 0) { 1200 perror("getnameinfo"); 1201 exit(2); 1202 } 1203 } 1204 exit(0); 1205} 1206 ], 1207 [ 1208 AC_MSG_RESULT(yes) 1209 AC_DEFINE(AIX_GETNAMEINFO_HACK, [], 1210[Define if you have a getaddrinfo that fails for the all-zeros IPv6 address]) 1211 ], 1212 [ 1213 AC_MSG_RESULT(no) 1214 AC_DEFINE(BROKEN_GETADDRINFO) 1215 ] 1216 ) 1217fi 1218 1219if test "x$check_for_conflicting_getspnam" = "x1"; then 1220 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1221 AC_COMPILE_IFELSE( 1222 [ 1223#include <shadow.h> 1224int main(void) {exit(0);} 1225 ], 1226 [ 1227 AC_MSG_RESULT(no) 1228 ], 1229 [ 1230 AC_MSG_RESULT(yes) 1231 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1232 [Conflicting defs for getspnam]) 1233 ] 1234 ) 1235fi 1236 1237AC_FUNC_GETPGRP 1238 1239# Check for PAM libs 1240PAM_MSG="no" 1241AC_ARG_WITH(pam, 1242 [ --with-pam Enable PAM support ], 1243 [ 1244 if test "x$withval" != "xno" ; then 1245 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 1246 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 1247 AC_MSG_ERROR([PAM headers not found]) 1248 fi 1249 1250 AC_CHECK_LIB(dl, dlopen, , ) 1251 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 1252 AC_CHECK_FUNCS(pam_getenvlist) 1253 AC_CHECK_FUNCS(pam_putenv) 1254 1255 PAM_MSG="yes" 1256 1257 AC_DEFINE(USE_PAM) 1258 if test $ac_cv_lib_dl_dlopen = yes; then 1259 LIBPAM="-lpam -ldl" 1260 else 1261 LIBPAM="-lpam" 1262 fi 1263 AC_SUBST(LIBPAM) 1264 fi 1265 ] 1266) 1267 1268# Check for older PAM 1269if test "x$PAM_MSG" = "xyes" ; then 1270 # Check PAM strerror arguments (old PAM) 1271 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 1272 AC_TRY_COMPILE( 1273 [ 1274#include <stdlib.h> 1275#if defined(HAVE_SECURITY_PAM_APPL_H) 1276#include <security/pam_appl.h> 1277#elif defined (HAVE_PAM_PAM_APPL_H) 1278#include <pam/pam_appl.h> 1279#endif 1280 ], 1281 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 1282 [AC_MSG_RESULT(no)], 1283 [ 1284 AC_DEFINE(HAVE_OLD_PAM) 1285 AC_MSG_RESULT(yes) 1286 PAM_MSG="yes (old library)" 1287 ] 1288 ) 1289fi 1290 1291# Search for OpenSSL 1292saved_CPPFLAGS="$CPPFLAGS" 1293saved_LDFLAGS="$LDFLAGS" 1294AC_ARG_WITH(ssl-dir, 1295 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1296 [ 1297 if test "x$withval" != "xno" ; then 1298 case "$withval" in 1299 # Relative paths 1300 ./*|../*) withval="`pwd`/$withval" 1301 esac 1302 if test -d "$withval/lib"; then 1303 if test -n "${need_dash_r}"; then 1304 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1305 else 1306 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1307 fi 1308 else 1309 if test -n "${need_dash_r}"; then 1310 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1311 else 1312 LDFLAGS="-L${withval} ${LDFLAGS}" 1313 fi 1314 fi 1315 if test -d "$withval/include"; then 1316 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1317 else 1318 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1319 fi 1320 fi 1321 ] 1322) 1323LIBS="-lcrypto $LIBS" 1324AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1325 [ 1326 dnl Check default openssl install dir 1327 if test -n "${need_dash_r}"; then 1328 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1329 else 1330 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1331 fi 1332 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1333 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1334 [ 1335 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1336 ] 1337 ) 1338 ] 1339) 1340 1341# Determine OpenSSL header version 1342AC_MSG_CHECKING([OpenSSL header version]) 1343AC_RUN_IFELSE( 1344 [AC_LANG_SOURCE([[ 1345#include <stdio.h> 1346#include <string.h> 1347#include <openssl/opensslv.h> 1348#define DATA "conftest.sslincver" 1349int main(void) { 1350 FILE *fd; 1351 int rc; 1352 1353 fd = fopen(DATA,"w"); 1354 if(fd == NULL) 1355 exit(1); 1356 1357 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1358 exit(1); 1359 1360 exit(0); 1361} 1362 ]])], 1363 [ 1364 ssl_header_ver=`cat conftest.sslincver` 1365 AC_MSG_RESULT($ssl_header_ver) 1366 ], 1367 [ 1368 AC_MSG_RESULT(not found) 1369 AC_MSG_ERROR(OpenSSL version header not found.) 1370 ], 1371 [ 1372 AC_MSG_WARN([cross compiling: not checking]) 1373 ] 1374) 1375 1376# Determine OpenSSL library version 1377AC_MSG_CHECKING([OpenSSL library version]) 1378AC_RUN_IFELSE( 1379 [AC_LANG_SOURCE([[ 1380#include <stdio.h> 1381#include <string.h> 1382#include <openssl/opensslv.h> 1383#include <openssl/crypto.h> 1384#define DATA "conftest.ssllibver" 1385int main(void) { 1386 FILE *fd; 1387 int rc; 1388 1389 fd = fopen(DATA,"w"); 1390 if(fd == NULL) 1391 exit(1); 1392 1393 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1394 exit(1); 1395 1396 exit(0); 1397} 1398 ]])], 1399 [ 1400 ssl_library_ver=`cat conftest.ssllibver` 1401 AC_MSG_RESULT($ssl_library_ver) 1402 ], 1403 [ 1404 AC_MSG_RESULT(not found) 1405 AC_MSG_ERROR(OpenSSL library not found.) 1406 ], 1407 [ 1408 AC_MSG_WARN([cross compiling: not checking]) 1409 ] 1410) 1411 1412# Sanity check OpenSSL headers 1413AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1414AC_RUN_IFELSE( 1415 [AC_LANG_SOURCE([[ 1416#include <string.h> 1417#include <openssl/opensslv.h> 1418int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1419 ]])], 1420 [ 1421 AC_MSG_RESULT(yes) 1422 ], 1423 [ 1424 AC_MSG_RESULT(no) 1425 AC_MSG_ERROR([Your OpenSSL headers do not match your library. 1426Check config.log for details. 1427Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1428 ], 1429 [ 1430 AC_MSG_WARN([cross compiling: not checking]) 1431 ] 1432) 1433 1434# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 1435# because the system crypt() is more featureful. 1436if test "x$check_for_libcrypt_before" = "x1"; then 1437 AC_CHECK_LIB(crypt, crypt) 1438fi 1439 1440# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1441# version in OpenSSL. 1442if test "x$check_for_libcrypt_later" = "x1"; then 1443 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1444fi 1445 1446 1447### Configure cryptographic random number support 1448 1449# Check wheter OpenSSL seeds itself 1450AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 1451AC_RUN_IFELSE( 1452 [AC_LANG_SOURCE([[ 1453#include <string.h> 1454#include <openssl/rand.h> 1455int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 1456 ]])], 1457 [ 1458 OPENSSL_SEEDS_ITSELF=yes 1459 AC_MSG_RESULT(yes) 1460 ], 1461 [ 1462 AC_MSG_RESULT(no) 1463 # Default to use of the rand helper if OpenSSL doesn't 1464 # seed itself 1465 USE_RAND_HELPER=yes 1466 ], 1467 [ 1468 AC_MSG_WARN([cross compiling: assuming yes]) 1469 # This is safe, since all recent OpenSSL versions will 1470 # complain at runtime if not seeded correctly. 1471 OPENSSL_SEEDS_ITSELF=yes 1472 ] 1473) 1474 1475 1476# Do we want to force the use of the rand helper? 1477AC_ARG_WITH(rand-helper, 1478 [ --with-rand-helper Use subprocess to gather strong randomness ], 1479 [ 1480 if test "x$withval" = "xno" ; then 1481 # Force use of OpenSSL's internal RNG, even if 1482 # the previous test showed it to be unseeded. 1483 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 1484 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 1485 OPENSSL_SEEDS_ITSELF=yes 1486 USE_RAND_HELPER="" 1487 fi 1488 else 1489 USE_RAND_HELPER=yes 1490 fi 1491 ], 1492) 1493 1494# Which randomness source do we use? 1495if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then 1496 # OpenSSL only 1497 AC_DEFINE(OPENSSL_PRNG_ONLY) 1498 RAND_MSG="OpenSSL internal ONLY" 1499 INSTALL_SSH_RAND_HELPER="" 1500elif test ! -z "$USE_RAND_HELPER" ; then 1501 # install rand helper 1502 RAND_MSG="ssh-rand-helper" 1503 INSTALL_SSH_RAND_HELPER="yes" 1504fi 1505AC_SUBST(INSTALL_SSH_RAND_HELPER) 1506 1507### Configuration of ssh-rand-helper 1508 1509# PRNGD TCP socket 1510AC_ARG_WITH(prngd-port, 1511 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 1512 [ 1513 case "$withval" in 1514 no) 1515 withval="" 1516 ;; 1517 [[0-9]]*) 1518 ;; 1519 *) 1520 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 1521 ;; 1522 esac 1523 if test ! -z "$withval" ; then 1524 PRNGD_PORT="$withval" 1525 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT) 1526 fi 1527 ] 1528) 1529 1530# PRNGD Unix domain socket 1531AC_ARG_WITH(prngd-socket, 1532 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 1533 [ 1534 case "$withval" in 1535 yes) 1536 withval="/var/run/egd-pool" 1537 ;; 1538 no) 1539 withval="" 1540 ;; 1541 /*) 1542 ;; 1543 *) 1544 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 1545 ;; 1546 esac 1547 1548 if test ! -z "$withval" ; then 1549 if test ! -z "$PRNGD_PORT" ; then 1550 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 1551 fi 1552 if test ! -r "$withval" ; then 1553 AC_MSG_WARN(Entropy socket is not readable) 1554 fi 1555 PRNGD_SOCKET="$withval" 1556 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 1557 fi 1558 ], 1559 [ 1560 # Check for existing socket only if we don't have a random device already 1561 if test "$USE_RAND_HELPER" = yes ; then 1562 AC_MSG_CHECKING(for PRNGD/EGD socket) 1563 # Insert other locations here 1564 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 1565 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 1566 PRNGD_SOCKET="$sock" 1567 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 1568 break; 1569 fi 1570 done 1571 if test ! -z "$PRNGD_SOCKET" ; then 1572 AC_MSG_RESULT($PRNGD_SOCKET) 1573 else 1574 AC_MSG_RESULT(not found) 1575 fi 1576 fi 1577 ] 1578) 1579 1580# Change default command timeout for hashing entropy source 1581entropy_timeout=200 1582AC_ARG_WITH(entropy-timeout, 1583 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 1584 [ 1585 if test "x$withval" != "xno" ; then 1586 entropy_timeout=$withval 1587 fi 1588 ] 1589) 1590AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) 1591 1592SSH_PRIVSEP_USER=sshd 1593AC_ARG_WITH(privsep-user, 1594 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 1595 [ 1596 if test -n "$withval"; then 1597 SSH_PRIVSEP_USER=$withval 1598 fi 1599 ] 1600) 1601AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER") 1602AC_SUBST(SSH_PRIVSEP_USER) 1603 1604# We do this little dance with the search path to insure 1605# that programs that we select for use by installed programs 1606# (which may be run by the super-user) come from trusted 1607# locations before they come from the user's private area. 1608# This should help avoid accidentally configuring some 1609# random version of a program in someone's personal bin. 1610 1611OPATH=$PATH 1612PATH=/bin:/usr/bin 1613test -h /bin 2> /dev/null && PATH=/usr/bin 1614test -d /sbin && PATH=$PATH:/sbin 1615test -d /usr/sbin && PATH=$PATH:/usr/sbin 1616PATH=$PATH:/etc:$OPATH 1617 1618# These programs are used by the command hashing source to gather entropy 1619OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 1620OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 1621OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 1622OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 1623OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 1624OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 1625OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 1626OSSH_PATH_ENTROPY_PROG(PROG_W, w) 1627OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 1628OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 1629OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 1630OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 1631OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 1632OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 1633OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 1634OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 1635# restore PATH 1636PATH=$OPATH 1637 1638# Where does ssh-rand-helper get its randomness from? 1639INSTALL_SSH_PRNG_CMDS="" 1640if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 1641 if test ! -z "$PRNGD_PORT" ; then 1642 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 1643 elif test ! -z "$PRNGD_SOCKET" ; then 1644 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 1645 else 1646 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 1647 RAND_HELPER_CMDHASH=yes 1648 INSTALL_SSH_PRNG_CMDS="yes" 1649 fi 1650fi 1651AC_SUBST(INSTALL_SSH_PRNG_CMDS) 1652 1653 1654# Cheap hack to ensure NEWS-OS libraries are arranged right. 1655if test ! -z "$SONY" ; then 1656 LIBS="$LIBS -liberty"; 1657fi 1658 1659# Checks for data types 1660AC_CHECK_SIZEOF(char, 1) 1661AC_CHECK_SIZEOF(short int, 2) 1662AC_CHECK_SIZEOF(int, 4) 1663AC_CHECK_SIZEOF(long int, 4) 1664AC_CHECK_SIZEOF(long long int, 8) 1665 1666# Sanity check long long for some platforms (AIX) 1667if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 1668 ac_cv_sizeof_long_long_int=0 1669fi 1670 1671# More checks for data types 1672AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 1673 AC_TRY_COMPILE( 1674 [ #include <sys/types.h> ], 1675 [ u_int a; a = 1;], 1676 [ ac_cv_have_u_int="yes" ], 1677 [ ac_cv_have_u_int="no" ] 1678 ) 1679]) 1680if test "x$ac_cv_have_u_int" = "xyes" ; then 1681 AC_DEFINE(HAVE_U_INT) 1682 have_u_int=1 1683fi 1684 1685AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 1686 AC_TRY_COMPILE( 1687 [ #include <sys/types.h> ], 1688 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 1689 [ ac_cv_have_intxx_t="yes" ], 1690 [ ac_cv_have_intxx_t="no" ] 1691 ) 1692]) 1693if test "x$ac_cv_have_intxx_t" = "xyes" ; then 1694 AC_DEFINE(HAVE_INTXX_T) 1695 have_intxx_t=1 1696fi 1697 1698if (test -z "$have_intxx_t" && \ 1699 test "x$ac_cv_header_stdint_h" = "xyes") 1700then 1701 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 1702 AC_TRY_COMPILE( 1703 [ #include <stdint.h> ], 1704 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 1705 [ 1706 AC_DEFINE(HAVE_INTXX_T) 1707 AC_MSG_RESULT(yes) 1708 ], 1709 [ AC_MSG_RESULT(no) ] 1710 ) 1711fi 1712 1713AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 1714 AC_TRY_COMPILE( 1715 [ 1716#include <sys/types.h> 1717#ifdef HAVE_STDINT_H 1718# include <stdint.h> 1719#endif 1720#include <sys/socket.h> 1721#ifdef HAVE_SYS_BITYPES_H 1722# include <sys/bitypes.h> 1723#endif 1724 ], 1725 [ int64_t a; a = 1;], 1726 [ ac_cv_have_int64_t="yes" ], 1727 [ ac_cv_have_int64_t="no" ] 1728 ) 1729]) 1730if test "x$ac_cv_have_int64_t" = "xyes" ; then 1731 AC_DEFINE(HAVE_INT64_T) 1732fi 1733 1734AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 1735 AC_TRY_COMPILE( 1736 [ #include <sys/types.h> ], 1737 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 1738 [ ac_cv_have_u_intxx_t="yes" ], 1739 [ ac_cv_have_u_intxx_t="no" ] 1740 ) 1741]) 1742if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 1743 AC_DEFINE(HAVE_U_INTXX_T) 1744 have_u_intxx_t=1 1745fi 1746 1747if test -z "$have_u_intxx_t" ; then 1748 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 1749 AC_TRY_COMPILE( 1750 [ #include <sys/socket.h> ], 1751 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 1752 [ 1753 AC_DEFINE(HAVE_U_INTXX_T) 1754 AC_MSG_RESULT(yes) 1755 ], 1756 [ AC_MSG_RESULT(no) ] 1757 ) 1758fi 1759 1760AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 1761 AC_TRY_COMPILE( 1762 [ #include <sys/types.h> ], 1763 [ u_int64_t a; a = 1;], 1764 [ ac_cv_have_u_int64_t="yes" ], 1765 [ ac_cv_have_u_int64_t="no" ] 1766 ) 1767]) 1768if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 1769 AC_DEFINE(HAVE_U_INT64_T) 1770 have_u_int64_t=1 1771fi 1772 1773if test -z "$have_u_int64_t" ; then 1774 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 1775 AC_TRY_COMPILE( 1776 [ #include <sys/bitypes.h> ], 1777 [ u_int64_t a; a = 1], 1778 [ 1779 AC_DEFINE(HAVE_U_INT64_T) 1780 AC_MSG_RESULT(yes) 1781 ], 1782 [ AC_MSG_RESULT(no) ] 1783 ) 1784fi 1785 1786if test -z "$have_u_intxx_t" ; then 1787 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 1788 AC_TRY_COMPILE( 1789 [ 1790#include <sys/types.h> 1791 ], 1792 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 1793 [ ac_cv_have_uintxx_t="yes" ], 1794 [ ac_cv_have_uintxx_t="no" ] 1795 ) 1796 ]) 1797 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 1798 AC_DEFINE(HAVE_UINTXX_T) 1799 fi 1800fi 1801 1802if test -z "$have_uintxx_t" ; then 1803 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 1804 AC_TRY_COMPILE( 1805 [ #include <stdint.h> ], 1806 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 1807 [ 1808 AC_DEFINE(HAVE_UINTXX_T) 1809 AC_MSG_RESULT(yes) 1810 ], 1811 [ AC_MSG_RESULT(no) ] 1812 ) 1813fi 1814 1815if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 1816 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 1817then 1818 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 1819 AC_TRY_COMPILE( 1820 [ 1821#include <sys/bitypes.h> 1822 ], 1823 [ 1824 int8_t a; int16_t b; int32_t c; 1825 u_int8_t e; u_int16_t f; u_int32_t g; 1826 a = b = c = e = f = g = 1; 1827 ], 1828 [ 1829 AC_DEFINE(HAVE_U_INTXX_T) 1830 AC_DEFINE(HAVE_INTXX_T) 1831 AC_MSG_RESULT(yes) 1832 ], 1833 [AC_MSG_RESULT(no)] 1834 ) 1835fi 1836 1837 1838AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 1839 AC_TRY_COMPILE( 1840 [ 1841#include <sys/types.h> 1842 ], 1843 [ u_char foo; foo = 125; ], 1844 [ ac_cv_have_u_char="yes" ], 1845 [ ac_cv_have_u_char="no" ] 1846 ) 1847]) 1848if test "x$ac_cv_have_u_char" = "xyes" ; then 1849 AC_DEFINE(HAVE_U_CHAR) 1850fi 1851 1852TYPE_SOCKLEN_T 1853 1854AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 1855 1856AC_CHECK_TYPES(in_addr_t,,, 1857[#include <sys/types.h> 1858#include <netinet/in.h>]) 1859 1860AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 1861 AC_TRY_COMPILE( 1862 [ 1863#include <sys/types.h> 1864 ], 1865 [ size_t foo; foo = 1235; ], 1866 [ ac_cv_have_size_t="yes" ], 1867 [ ac_cv_have_size_t="no" ] 1868 ) 1869]) 1870if test "x$ac_cv_have_size_t" = "xyes" ; then 1871 AC_DEFINE(HAVE_SIZE_T) 1872fi 1873 1874AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 1875 AC_TRY_COMPILE( 1876 [ 1877#include <sys/types.h> 1878 ], 1879 [ ssize_t foo; foo = 1235; ], 1880 [ ac_cv_have_ssize_t="yes" ], 1881 [ ac_cv_have_ssize_t="no" ] 1882 ) 1883]) 1884if test "x$ac_cv_have_ssize_t" = "xyes" ; then 1885 AC_DEFINE(HAVE_SSIZE_T) 1886fi 1887 1888AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 1889 AC_TRY_COMPILE( 1890 [ 1891#include <time.h> 1892 ], 1893 [ clock_t foo; foo = 1235; ], 1894 [ ac_cv_have_clock_t="yes" ], 1895 [ ac_cv_have_clock_t="no" ] 1896 ) 1897]) 1898if test "x$ac_cv_have_clock_t" = "xyes" ; then 1899 AC_DEFINE(HAVE_CLOCK_T) 1900fi 1901 1902AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 1903 AC_TRY_COMPILE( 1904 [ 1905#include <sys/types.h> 1906#include <sys/socket.h> 1907 ], 1908 [ sa_family_t foo; foo = 1235; ], 1909 [ ac_cv_have_sa_family_t="yes" ], 1910 [ AC_TRY_COMPILE( 1911 [ 1912#include <sys/types.h> 1913#include <sys/socket.h> 1914#include <netinet/in.h> 1915 ], 1916 [ sa_family_t foo; foo = 1235; ], 1917 [ ac_cv_have_sa_family_t="yes" ], 1918 1919 [ ac_cv_have_sa_family_t="no" ] 1920 )] 1921 ) 1922]) 1923if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 1924 AC_DEFINE(HAVE_SA_FAMILY_T) 1925fi 1926 1927AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 1928 AC_TRY_COMPILE( 1929 [ 1930#include <sys/types.h> 1931 ], 1932 [ pid_t foo; foo = 1235; ], 1933 [ ac_cv_have_pid_t="yes" ], 1934 [ ac_cv_have_pid_t="no" ] 1935 ) 1936]) 1937if test "x$ac_cv_have_pid_t" = "xyes" ; then 1938 AC_DEFINE(HAVE_PID_T) 1939fi 1940 1941AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 1942 AC_TRY_COMPILE( 1943 [ 1944#include <sys/types.h> 1945 ], 1946 [ mode_t foo; foo = 1235; ], 1947 [ ac_cv_have_mode_t="yes" ], 1948 [ ac_cv_have_mode_t="no" ] 1949 ) 1950]) 1951if test "x$ac_cv_have_mode_t" = "xyes" ; then 1952 AC_DEFINE(HAVE_MODE_T) 1953fi 1954 1955 1956AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 1957 AC_TRY_COMPILE( 1958 [ 1959#include <sys/types.h> 1960#include <sys/socket.h> 1961 ], 1962 [ struct sockaddr_storage s; ], 1963 [ ac_cv_have_struct_sockaddr_storage="yes" ], 1964 [ ac_cv_have_struct_sockaddr_storage="no" ] 1965 ) 1966]) 1967if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 1968 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE) 1969fi 1970 1971AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 1972 AC_TRY_COMPILE( 1973 [ 1974#include <sys/types.h> 1975#include <netinet/in.h> 1976 ], 1977 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 1978 [ ac_cv_have_struct_sockaddr_in6="yes" ], 1979 [ ac_cv_have_struct_sockaddr_in6="no" ] 1980 ) 1981]) 1982if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 1983 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6) 1984fi 1985 1986AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 1987 AC_TRY_COMPILE( 1988 [ 1989#include <sys/types.h> 1990#include <netinet/in.h> 1991 ], 1992 [ struct in6_addr s; s.s6_addr[0] = 0; ], 1993 [ ac_cv_have_struct_in6_addr="yes" ], 1994 [ ac_cv_have_struct_in6_addr="no" ] 1995 ) 1996]) 1997if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 1998 AC_DEFINE(HAVE_STRUCT_IN6_ADDR) 1999fi 2000 2001AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2002 AC_TRY_COMPILE( 2003 [ 2004#include <sys/types.h> 2005#include <sys/socket.h> 2006#include <netdb.h> 2007 ], 2008 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2009 [ ac_cv_have_struct_addrinfo="yes" ], 2010 [ ac_cv_have_struct_addrinfo="no" ] 2011 ) 2012]) 2013if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2014 AC_DEFINE(HAVE_STRUCT_ADDRINFO) 2015fi 2016 2017AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2018 AC_TRY_COMPILE( 2019 [ #include <sys/time.h> ], 2020 [ struct timeval tv; tv.tv_sec = 1;], 2021 [ ac_cv_have_struct_timeval="yes" ], 2022 [ ac_cv_have_struct_timeval="no" ] 2023 ) 2024]) 2025if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2026 AC_DEFINE(HAVE_STRUCT_TIMEVAL) 2027 have_struct_timeval=1 2028fi 2029 2030AC_CHECK_TYPES(struct timespec) 2031 2032# We need int64_t or else certian parts of the compile will fail. 2033if test "x$ac_cv_have_int64_t" = "xno" -a \ 2034 "x$ac_cv_sizeof_long_int" != "x8" -a \ 2035 "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2036 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2037 echo "an alternative compiler (I.E., GCC) before continuing." 2038 echo "" 2039 exit 1; 2040else 2041dnl test snprintf (broken on SCO w/gcc) 2042 AC_RUN_IFELSE( 2043 [AC_LANG_SOURCE([[ 2044#include <stdio.h> 2045#include <string.h> 2046#ifdef HAVE_SNPRINTF 2047main() 2048{ 2049 char buf[50]; 2050 char expected_out[50]; 2051 int mazsize = 50 ; 2052#if (SIZEOF_LONG_INT == 8) 2053 long int num = 0x7fffffffffffffff; 2054#else 2055 long long num = 0x7fffffffffffffffll; 2056#endif 2057 strcpy(expected_out, "9223372036854775807"); 2058 snprintf(buf, mazsize, "%lld", num); 2059 if(strcmp(buf, expected_out) != 0) 2060 exit(1); 2061 exit(0); 2062} 2063#else 2064main() { exit(0); } 2065#endif 2066 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2067 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2068 ) 2069fi 2070 2071dnl Checks for structure members 2072OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2073OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2074OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2075OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2076OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2077OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2078OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2079OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2080OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2081OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2082OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2083OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2084OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2085OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2086OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2087OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2088OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2089 2090AC_CHECK_MEMBERS([struct stat.st_blksize]) 2091 2092AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2093 ac_cv_have_ss_family_in_struct_ss, [ 2094 AC_TRY_COMPILE( 2095 [ 2096#include <sys/types.h> 2097#include <sys/socket.h> 2098 ], 2099 [ struct sockaddr_storage s; s.ss_family = 1; ], 2100 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2101 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2102 ) 2103]) 2104if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2105 AC_DEFINE(HAVE_SS_FAMILY_IN_SS) 2106fi 2107 2108AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2109 ac_cv_have___ss_family_in_struct_ss, [ 2110 AC_TRY_COMPILE( 2111 [ 2112#include <sys/types.h> 2113#include <sys/socket.h> 2114 ], 2115 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2116 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2117 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2118 ) 2119]) 2120if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2121 AC_DEFINE(HAVE___SS_FAMILY_IN_SS) 2122fi 2123 2124AC_CACHE_CHECK([for pw_class field in struct passwd], 2125 ac_cv_have_pw_class_in_struct_passwd, [ 2126 AC_TRY_COMPILE( 2127 [ 2128#include <pwd.h> 2129 ], 2130 [ struct passwd p; p.pw_class = 0; ], 2131 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2132 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 2133 ) 2134]) 2135if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 2136 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD) 2137fi 2138 2139AC_CACHE_CHECK([for pw_expire field in struct passwd], 2140 ac_cv_have_pw_expire_in_struct_passwd, [ 2141 AC_TRY_COMPILE( 2142 [ 2143#include <pwd.h> 2144 ], 2145 [ struct passwd p; p.pw_expire = 0; ], 2146 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 2147 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 2148 ) 2149]) 2150if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 2151 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD) 2152fi 2153 2154AC_CACHE_CHECK([for pw_change field in struct passwd], 2155 ac_cv_have_pw_change_in_struct_passwd, [ 2156 AC_TRY_COMPILE( 2157 [ 2158#include <pwd.h> 2159 ], 2160 [ struct passwd p; p.pw_change = 0; ], 2161 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 2162 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 2163 ) 2164]) 2165if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 2166 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD) 2167fi 2168 2169dnl make sure we're using the real structure members and not defines 2170AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 2171 ac_cv_have_accrights_in_msghdr, [ 2172 AC_COMPILE_IFELSE( 2173 [ 2174#include <sys/types.h> 2175#include <sys/socket.h> 2176#include <sys/uio.h> 2177int main() { 2178#ifdef msg_accrights 2179#error "msg_accrights is a macro" 2180exit(1); 2181#endif 2182struct msghdr m; 2183m.msg_accrights = 0; 2184exit(0); 2185} 2186 ], 2187 [ ac_cv_have_accrights_in_msghdr="yes" ], 2188 [ ac_cv_have_accrights_in_msghdr="no" ] 2189 ) 2190]) 2191if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 2192 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR) 2193fi 2194 2195AC_CACHE_CHECK([for msg_control field in struct msghdr], 2196 ac_cv_have_control_in_msghdr, [ 2197 AC_COMPILE_IFELSE( 2198 [ 2199#include <sys/types.h> 2200#include <sys/socket.h> 2201#include <sys/uio.h> 2202int main() { 2203#ifdef msg_control 2204#error "msg_control is a macro" 2205exit(1); 2206#endif 2207struct msghdr m; 2208m.msg_control = 0; 2209exit(0); 2210} 2211 ], 2212 [ ac_cv_have_control_in_msghdr="yes" ], 2213 [ ac_cv_have_control_in_msghdr="no" ] 2214 ) 2215]) 2216if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 2217 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR) 2218fi 2219 2220AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 2221 AC_TRY_LINK([], 2222 [ extern char *__progname; printf("%s", __progname); ], 2223 [ ac_cv_libc_defines___progname="yes" ], 2224 [ ac_cv_libc_defines___progname="no" ] 2225 ) 2226]) 2227if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 2228 AC_DEFINE(HAVE___PROGNAME) 2229fi 2230 2231AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 2232 AC_TRY_LINK([ 2233#include <stdio.h> 2234], 2235 [ printf("%s", __FUNCTION__); ], 2236 [ ac_cv_cc_implements___FUNCTION__="yes" ], 2237 [ ac_cv_cc_implements___FUNCTION__="no" ] 2238 ) 2239]) 2240if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 2241 AC_DEFINE(HAVE___FUNCTION__) 2242fi 2243 2244AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 2245 AC_TRY_LINK([ 2246#include <stdio.h> 2247], 2248 [ printf("%s", __func__); ], 2249 [ ac_cv_cc_implements___func__="yes" ], 2250 [ ac_cv_cc_implements___func__="no" ] 2251 ) 2252]) 2253if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 2254 AC_DEFINE(HAVE___func__) 2255fi 2256 2257AC_CACHE_CHECK([whether getopt has optreset support], 2258 ac_cv_have_getopt_optreset, [ 2259 AC_TRY_LINK( 2260 [ 2261#include <getopt.h> 2262 ], 2263 [ extern int optreset; optreset = 0; ], 2264 [ ac_cv_have_getopt_optreset="yes" ], 2265 [ ac_cv_have_getopt_optreset="no" ] 2266 ) 2267]) 2268if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 2269 AC_DEFINE(HAVE_GETOPT_OPTRESET) 2270fi 2271 2272AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 2273 AC_TRY_LINK([], 2274 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 2275 [ ac_cv_libc_defines_sys_errlist="yes" ], 2276 [ ac_cv_libc_defines_sys_errlist="no" ] 2277 ) 2278]) 2279if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 2280 AC_DEFINE(HAVE_SYS_ERRLIST) 2281fi 2282 2283 2284AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 2285 AC_TRY_LINK([], 2286 [ extern int sys_nerr; printf("%i", sys_nerr);], 2287 [ ac_cv_libc_defines_sys_nerr="yes" ], 2288 [ ac_cv_libc_defines_sys_nerr="no" ] 2289 ) 2290]) 2291if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 2292 AC_DEFINE(HAVE_SYS_NERR) 2293fi 2294 2295SCARD_MSG="no" 2296# Check whether user wants sectok support 2297AC_ARG_WITH(sectok, 2298 [ --with-sectok Enable smartcard support using libsectok], 2299 [ 2300 if test "x$withval" != "xno" ; then 2301 if test "x$withval" != "xyes" ; then 2302 CPPFLAGS="$CPPFLAGS -I${withval}" 2303 LDFLAGS="$LDFLAGS -L${withval}" 2304 if test ! -z "$need_dash_r" ; then 2305 LDFLAGS="$LDFLAGS -R${withval}" 2306 fi 2307 if test ! -z "$blibpath" ; then 2308 blibpath="$blibpath:${withval}" 2309 fi 2310 fi 2311 AC_CHECK_HEADERS(sectok.h) 2312 if test "$ac_cv_header_sectok_h" != yes; then 2313 AC_MSG_ERROR(Can't find sectok.h) 2314 fi 2315 AC_CHECK_LIB(sectok, sectok_open) 2316 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 2317 AC_MSG_ERROR(Can't find libsectok) 2318 fi 2319 AC_DEFINE(SMARTCARD) 2320 AC_DEFINE(USE_SECTOK) 2321 SCARD_MSG="yes, using sectok" 2322 fi 2323 ] 2324) 2325 2326# Check whether user wants OpenSC support 2327AC_ARG_WITH(opensc, 2328 AC_HELP_STRING([--with-opensc=PFX], 2329 [Enable smartcard support using OpenSC]), 2330 opensc_config_prefix="$withval", opensc_config_prefix="") 2331if test x$opensc_config_prefix != x ; then 2332 OPENSC_CONFIG=$opensc_config_prefix/bin/opensc-config 2333 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 2334 if test "$OPENSC_CONFIG" != "no"; then 2335 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 2336 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 2337 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 2338 LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS" 2339 AC_DEFINE(SMARTCARD) 2340 AC_DEFINE(USE_OPENSC) 2341 SCARD_MSG="yes, using OpenSC" 2342 fi 2343fi 2344 2345# Check libraries needed by DNS fingerprint support 2346AC_SEARCH_LIBS(getrrsetbyname, resolv, 2347 [AC_DEFINE(HAVE_GETRRSETBYNAME)], 2348 [ 2349 # Needed by our getrrsetbyname() 2350 AC_SEARCH_LIBS(res_query, resolv) 2351 AC_SEARCH_LIBS(dn_expand, resolv) 2352 AC_MSG_CHECKING(if res_query will link) 2353 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 2354 [AC_MSG_RESULT(no) 2355 saved_LIBS="$LIBS" 2356 LIBS="$LIBS -lresolv" 2357 AC_MSG_CHECKING(for res_query in -lresolv) 2358 AC_LINK_IFELSE([ 2359#include <resolv.h> 2360int main() 2361{ 2362 res_query (0, 0, 0, 0, 0); 2363 return 0; 2364} 2365 ], 2366 [LIBS="$LIBS -lresolv" 2367 AC_MSG_RESULT(yes)], 2368 [LIBS="$saved_LIBS" 2369 AC_MSG_RESULT(no)]) 2370 ]) 2371 AC_CHECK_FUNCS(_getshort _getlong) 2372 AC_CHECK_MEMBER(HEADER.ad, 2373 [AC_DEFINE(HAVE_HEADER_AD)],, 2374 [#include <arpa/nameser.h>]) 2375 ]) 2376 2377# Check whether user wants Kerberos 5 support 2378KRB5_MSG="no" 2379AC_ARG_WITH(kerberos5, 2380 [ --with-kerberos5=PATH Enable Kerberos 5 support], 2381 [ if test "x$withval" != "xno" ; then 2382 if test "x$withval" = "xyes" ; then 2383 KRB5ROOT="/usr/local" 2384 else 2385 KRB5ROOT=${withval} 2386 fi 2387 2388 AC_DEFINE(KRB5) 2389 KRB5_MSG="yes" 2390 2391 AC_MSG_CHECKING(for krb5-config) 2392 if test -x $KRB5ROOT/bin/krb5-config ; then 2393 KRB5CONF=$KRB5ROOT/bin/krb5-config 2394 AC_MSG_RESULT($KRB5CONF) 2395 2396 AC_MSG_CHECKING(for gssapi support) 2397 if $KRB5CONF | grep gssapi >/dev/null ; then 2398 AC_MSG_RESULT(yes) 2399 AC_DEFINE(GSSAPI) 2400 k5confopts=gssapi 2401 else 2402 AC_MSG_RESULT(no) 2403 k5confopts="" 2404 fi 2405 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 2406 K5LIBS="`$KRB5CONF --libs $k5confopts`" 2407 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 2408 AC_MSG_CHECKING(whether we are using Heimdal) 2409 AC_TRY_COMPILE([ #include <krb5.h> ], 2410 [ char *tmp = heimdal_version; ], 2411 [ AC_MSG_RESULT(yes) 2412 AC_DEFINE(HEIMDAL) ], 2413 AC_MSG_RESULT(no) 2414 ) 2415 else 2416 AC_MSG_RESULT(no) 2417 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 2418 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 2419 AC_MSG_CHECKING(whether we are using Heimdal) 2420 AC_TRY_COMPILE([ #include <krb5.h> ], 2421 [ char *tmp = heimdal_version; ], 2422 [ AC_MSG_RESULT(yes) 2423 AC_DEFINE(HEIMDAL) 2424 K5LIBS="-lkrb5 -ldes" 2425 K5LIBS="$K5LIBS -lcom_err -lasn1" 2426 AC_CHECK_LIB(roken, net_write, 2427 [K5LIBS="$K5LIBS -lroken"]) 2428 ], 2429 [ AC_MSG_RESULT(no) 2430 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 2431 ] 2432 ) 2433 AC_SEARCH_LIBS(dn_expand, resolv) 2434 2435 AC_CHECK_LIB(gssapi,gss_init_sec_context, 2436 [ AC_DEFINE(GSSAPI) 2437 K5LIBS="-lgssapi $K5LIBS" ], 2438 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 2439 [ AC_DEFINE(GSSAPI) 2440 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 2441 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 2442 $K5LIBS) 2443 ], 2444 $K5LIBS) 2445 2446 AC_CHECK_HEADER(gssapi.h, , 2447 [ unset ac_cv_header_gssapi_h 2448 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 2449 AC_CHECK_HEADERS(gssapi.h, , 2450 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 2451 ) 2452 ] 2453 ) 2454 2455 oldCPP="$CPPFLAGS" 2456 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 2457 AC_CHECK_HEADER(gssapi_krb5.h, , 2458 [ CPPFLAGS="$oldCPP" ]) 2459 2460 fi 2461 if test ! -z "$need_dash_r" ; then 2462 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 2463 fi 2464 if test ! -z "$blibpath" ; then 2465 blibpath="$blibpath:${KRB5ROOT}/lib" 2466 fi 2467 fi 2468 2469 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 2470 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 2471 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 2472 2473 LIBS="$LIBS $K5LIBS" 2474 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS)) 2475 AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS)) 2476 ] 2477) 2478 2479# Looking for programs, paths and files 2480 2481PRIVSEP_PATH=/var/empty 2482AC_ARG_WITH(privsep-path, 2483 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 2484 [ 2485 if test "x$withval" != "$no" ; then 2486 PRIVSEP_PATH=$withval 2487 fi 2488 ] 2489) 2490AC_SUBST(PRIVSEP_PATH) 2491 2492AC_ARG_WITH(xauth, 2493 [ --with-xauth=PATH Specify path to xauth program ], 2494 [ 2495 if test "x$withval" != "xno" ; then 2496 xauth_path=$withval 2497 fi 2498 ], 2499 [ 2500 TestPath="$PATH" 2501 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 2502 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 2503 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 2504 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 2505 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 2506 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 2507 xauth_path="/usr/openwin/bin/xauth" 2508 fi 2509 ] 2510) 2511 2512STRIP_OPT=-s 2513AC_ARG_ENABLE(strip, 2514 [ --disable-strip Disable calling strip(1) on install], 2515 [ 2516 if test "x$enableval" = "xno" ; then 2517 STRIP_OPT= 2518 fi 2519 ] 2520) 2521AC_SUBST(STRIP_OPT) 2522 2523if test -z "$xauth_path" ; then 2524 XAUTH_PATH="undefined" 2525 AC_SUBST(XAUTH_PATH) 2526else 2527 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path") 2528 XAUTH_PATH=$xauth_path 2529 AC_SUBST(XAUTH_PATH) 2530fi 2531 2532# Check for mail directory (last resort if we cannot get it from headers) 2533if test ! -z "$MAIL" ; then 2534 maildir=`dirname $MAIL` 2535 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir") 2536fi 2537 2538if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 2539 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 2540 disable_ptmx_check=yes 2541fi 2542if test -z "$no_dev_ptmx" ; then 2543 if test "x$disable_ptmx_check" != "xyes" ; then 2544 AC_CHECK_FILE("/dev/ptmx", 2545 [ 2546 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX) 2547 have_dev_ptmx=1 2548 ] 2549 ) 2550 fi 2551fi 2552 2553if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 2554 AC_CHECK_FILE("/dev/ptc", 2555 [ 2556 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) 2557 have_dev_ptc=1 2558 ] 2559 ) 2560else 2561 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 2562fi 2563 2564# Options from here on. Some of these are preset by platform above 2565AC_ARG_WITH(mantype, 2566 [ --with-mantype=man|cat|doc Set man page type], 2567 [ 2568 case "$withval" in 2569 man|cat|doc) 2570 MANTYPE=$withval 2571 ;; 2572 *) 2573 AC_MSG_ERROR(invalid man type: $withval) 2574 ;; 2575 esac 2576 ] 2577) 2578if test -z "$MANTYPE"; then 2579 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 2580 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 2581 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 2582 MANTYPE=doc 2583 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 2584 MANTYPE=man 2585 else 2586 MANTYPE=cat 2587 fi 2588fi 2589AC_SUBST(MANTYPE) 2590if test "$MANTYPE" = "doc"; then 2591 mansubdir=man; 2592else 2593 mansubdir=$MANTYPE; 2594fi 2595AC_SUBST(mansubdir) 2596 2597# Check whether to enable MD5 passwords 2598MD5_MSG="no" 2599AC_ARG_WITH(md5-passwords, 2600 [ --with-md5-passwords Enable use of MD5 passwords], 2601 [ 2602 if test "x$withval" != "xno" ; then 2603 AC_DEFINE(HAVE_MD5_PASSWORDS) 2604 MD5_MSG="yes" 2605 fi 2606 ] 2607) 2608 2609# Whether to disable shadow password support 2610AC_ARG_WITH(shadow, 2611 [ --without-shadow Disable shadow password support], 2612 [ 2613 if test "x$withval" = "xno" ; then 2614 AC_DEFINE(DISABLE_SHADOW) 2615 disable_shadow=yes 2616 fi 2617 ] 2618) 2619 2620if test -z "$disable_shadow" ; then 2621 AC_MSG_CHECKING([if the systems has expire shadow information]) 2622 AC_TRY_COMPILE( 2623 [ 2624#include <sys/types.h> 2625#include <shadow.h> 2626 struct spwd sp; 2627 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 2628 [ sp_expire_available=yes ], [] 2629 ) 2630 2631 if test "x$sp_expire_available" = "xyes" ; then 2632 AC_MSG_RESULT(yes) 2633 AC_DEFINE(HAS_SHADOW_EXPIRE) 2634 else 2635 AC_MSG_RESULT(no) 2636 fi 2637fi 2638 2639# Use ip address instead of hostname in $DISPLAY 2640if test ! -z "$IPADDR_IN_DISPLAY" ; then 2641 DISPLAY_HACK_MSG="yes" 2642 AC_DEFINE(IPADDR_IN_DISPLAY) 2643else 2644 DISPLAY_HACK_MSG="no" 2645 AC_ARG_WITH(ipaddr-display, 2646 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 2647 [ 2648 if test "x$withval" != "xno" ; then 2649 AC_DEFINE(IPADDR_IN_DISPLAY) 2650 DISPLAY_HACK_MSG="yes" 2651 fi 2652 ] 2653 ) 2654fi 2655 2656# check for /etc/default/login and use it if present. 2657AC_ARG_ENABLE(etc-default-login, 2658 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 2659 [ if test "x$enableval" = "xno"; then 2660 AC_MSG_NOTICE([/etc/default/login handling disabled]) 2661 etc_default_login=no 2662 else 2663 etc_default_login=yes 2664 fi ], 2665 [ etc_default_login=yes ] 2666) 2667 2668if test "x$etc_default_login" != "xno"; then 2669 AC_CHECK_FILE("/etc/default/login", 2670 [ external_path_file=/etc/default/login ]) 2671 if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 2672 then 2673 AC_MSG_WARN([cross compiling: Disabling /etc/default/login test]) 2674 elif test "x$external_path_file" = "x/etc/default/login"; then 2675 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) 2676 fi 2677fi 2678 2679dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 2680if test $ac_cv_func_login_getcapbool = "yes" -a \ 2681 $ac_cv_header_login_cap_h = "yes" ; then 2682 external_path_file=/etc/login.conf 2683fi 2684 2685# Whether to mess with the default path 2686SERVER_PATH_MSG="(default)" 2687AC_ARG_WITH(default-path, 2688 [ --with-default-path= Specify default \$PATH environment for server], 2689 [ 2690 if test "x$external_path_file" = "x/etc/login.conf" ; then 2691 AC_MSG_WARN([ 2692--with-default-path=PATH has no effect on this system. 2693Edit /etc/login.conf instead.]) 2694 elif test "x$withval" != "xno" ; then 2695 if test ! -z "$external_path_file" ; then 2696 AC_MSG_WARN([ 2697--with-default-path=PATH will only be used if PATH is not defined in 2698$external_path_file .]) 2699 fi 2700 user_path="$withval" 2701 SERVER_PATH_MSG="$withval" 2702 fi 2703 ], 2704 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 2705 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 2706 else 2707 if test ! -z "$external_path_file" ; then 2708 AC_MSG_WARN([ 2709If PATH is defined in $external_path_file, ensure the path to scp is included, 2710otherwise scp will not work.]) 2711 fi 2712 AC_TRY_RUN( 2713 [ 2714/* find out what STDPATH is */ 2715#include <stdio.h> 2716#ifdef HAVE_PATHS_H 2717# include <paths.h> 2718#endif 2719#ifndef _PATH_STDPATH 2720# ifdef _PATH_USERPATH /* Irix */ 2721# define _PATH_STDPATH _PATH_USERPATH 2722# else 2723# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 2724# endif 2725#endif 2726#include <sys/types.h> 2727#include <sys/stat.h> 2728#include <fcntl.h> 2729#define DATA "conftest.stdpath" 2730 2731main() 2732{ 2733 FILE *fd; 2734 int rc; 2735 2736 fd = fopen(DATA,"w"); 2737 if(fd == NULL) 2738 exit(1); 2739 2740 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 2741 exit(1); 2742 2743 exit(0); 2744} 2745 ], [ user_path=`cat conftest.stdpath` ], 2746 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 2747 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 2748 ) 2749# make sure $bindir is in USER_PATH so scp will work 2750 t_bindir=`eval echo ${bindir}` 2751 case $t_bindir in 2752 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 2753 esac 2754 case $t_bindir in 2755 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 2756 esac 2757 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 2758 if test $? -ne 0 ; then 2759 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 2760 if test $? -ne 0 ; then 2761 user_path=$user_path:$t_bindir 2762 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 2763 fi 2764 fi 2765 fi ] 2766) 2767if test "x$external_path_file" != "x/etc/login.conf" ; then 2768 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path") 2769 AC_SUBST(user_path) 2770fi 2771 2772# Set superuser path separately to user path 2773AC_ARG_WITH(superuser-path, 2774 [ --with-superuser-path= Specify different path for super-user], 2775 [ 2776 if test "x$withval" != "xno" ; then 2777 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval") 2778 superuser_path=$withval 2779 fi 2780 ] 2781) 2782 2783 2784AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 2785IPV4_IN6_HACK_MSG="no" 2786AC_ARG_WITH(4in6, 2787 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 2788 [ 2789 if test "x$withval" != "xno" ; then 2790 AC_MSG_RESULT(yes) 2791 AC_DEFINE(IPV4_IN_IPV6) 2792 IPV4_IN6_HACK_MSG="yes" 2793 else 2794 AC_MSG_RESULT(no) 2795 fi 2796 ],[ 2797 if test "x$inet6_default_4in6" = "xyes"; then 2798 AC_MSG_RESULT([yes (default)]) 2799 AC_DEFINE(IPV4_IN_IPV6) 2800 IPV4_IN6_HACK_MSG="yes" 2801 else 2802 AC_MSG_RESULT([no (default)]) 2803 fi 2804 ] 2805) 2806 2807# Whether to enable BSD auth support 2808BSD_AUTH_MSG=no 2809AC_ARG_WITH(bsd-auth, 2810 [ --with-bsd-auth Enable BSD auth support], 2811 [ 2812 if test "x$withval" != "xno" ; then 2813 AC_DEFINE(BSD_AUTH) 2814 BSD_AUTH_MSG=yes 2815 fi 2816 ] 2817) 2818 2819# Where to place sshd.pid 2820piddir=/var/run 2821# make sure the directory exists 2822if test ! -d $piddir ; then 2823 piddir=`eval echo ${sysconfdir}` 2824 case $piddir in 2825 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 2826 esac 2827fi 2828 2829AC_ARG_WITH(pid-dir, 2830 [ --with-pid-dir=PATH Specify location of ssh.pid file], 2831 [ 2832 if test "x$withval" != "xno" ; then 2833 piddir=$withval 2834 if test ! -d $piddir ; then 2835 AC_MSG_WARN([** no $piddir directory on this system **]) 2836 fi 2837 fi 2838 ] 2839) 2840 2841AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir") 2842AC_SUBST(piddir) 2843 2844dnl allow user to disable some login recording features 2845AC_ARG_ENABLE(lastlog, 2846 [ --disable-lastlog disable use of lastlog even if detected [no]], 2847 [ 2848 if test "x$enableval" = "xno" ; then 2849 AC_DEFINE(DISABLE_LASTLOG) 2850 fi 2851 ] 2852) 2853AC_ARG_ENABLE(utmp, 2854 [ --disable-utmp disable use of utmp even if detected [no]], 2855 [ 2856 if test "x$enableval" = "xno" ; then 2857 AC_DEFINE(DISABLE_UTMP) 2858 fi 2859 ] 2860) 2861AC_ARG_ENABLE(utmpx, 2862 [ --disable-utmpx disable use of utmpx even if detected [no]], 2863 [ 2864 if test "x$enableval" = "xno" ; then 2865 AC_DEFINE(DISABLE_UTMPX) 2866 fi 2867 ] 2868) 2869AC_ARG_ENABLE(wtmp, 2870 [ --disable-wtmp disable use of wtmp even if detected [no]], 2871 [ 2872 if test "x$enableval" = "xno" ; then 2873 AC_DEFINE(DISABLE_WTMP) 2874 fi 2875 ] 2876) 2877AC_ARG_ENABLE(wtmpx, 2878 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 2879 [ 2880 if test "x$enableval" = "xno" ; then 2881 AC_DEFINE(DISABLE_WTMPX) 2882 fi 2883 ] 2884) 2885AC_ARG_ENABLE(libutil, 2886 [ --disable-libutil disable use of libutil (login() etc.) [no]], 2887 [ 2888 if test "x$enableval" = "xno" ; then 2889 AC_DEFINE(DISABLE_LOGIN) 2890 fi 2891 ] 2892) 2893AC_ARG_ENABLE(pututline, 2894 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 2895 [ 2896 if test "x$enableval" = "xno" ; then 2897 AC_DEFINE(DISABLE_PUTUTLINE) 2898 fi 2899 ] 2900) 2901AC_ARG_ENABLE(pututxline, 2902 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 2903 [ 2904 if test "x$enableval" = "xno" ; then 2905 AC_DEFINE(DISABLE_PUTUTXLINE) 2906 fi 2907 ] 2908) 2909AC_ARG_WITH(lastlog, 2910 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 2911 [ 2912 if test "x$withval" = "xno" ; then 2913 AC_DEFINE(DISABLE_LASTLOG) 2914 else 2915 conf_lastlog_location=$withval 2916 fi 2917 ] 2918) 2919 2920dnl lastlog, [uw]tmpx? detection 2921dnl NOTE: set the paths in the platform section to avoid the 2922dnl need for command-line parameters 2923dnl lastlog and [uw]tmp are subject to a file search if all else fails 2924 2925dnl lastlog detection 2926dnl NOTE: the code itself will detect if lastlog is a directory 2927AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 2928AC_TRY_COMPILE([ 2929#include <sys/types.h> 2930#include <utmp.h> 2931#ifdef HAVE_LASTLOG_H 2932# include <lastlog.h> 2933#endif 2934#ifdef HAVE_PATHS_H 2935# include <paths.h> 2936#endif 2937#ifdef HAVE_LOGIN_H 2938# include <login.h> 2939#endif 2940 ], 2941 [ char *lastlog = LASTLOG_FILE; ], 2942 [ AC_MSG_RESULT(yes) ], 2943 [ 2944 AC_MSG_RESULT(no) 2945 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 2946 AC_TRY_COMPILE([ 2947#include <sys/types.h> 2948#include <utmp.h> 2949#ifdef HAVE_LASTLOG_H 2950# include <lastlog.h> 2951#endif 2952#ifdef HAVE_PATHS_H 2953# include <paths.h> 2954#endif 2955 ], 2956 [ char *lastlog = _PATH_LASTLOG; ], 2957 [ AC_MSG_RESULT(yes) ], 2958 [ 2959 AC_MSG_RESULT(no) 2960 system_lastlog_path=no 2961 ]) 2962 ] 2963) 2964 2965if test -z "$conf_lastlog_location"; then 2966 if test x"$system_lastlog_path" = x"no" ; then 2967 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 2968 if (test -d "$f" || test -f "$f") ; then 2969 conf_lastlog_location=$f 2970 fi 2971 done 2972 if test -z "$conf_lastlog_location"; then 2973 AC_MSG_WARN([** Cannot find lastlog **]) 2974 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 2975 fi 2976 fi 2977fi 2978 2979if test -n "$conf_lastlog_location"; then 2980 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location") 2981fi 2982 2983dnl utmp detection 2984AC_MSG_CHECKING([if your system defines UTMP_FILE]) 2985AC_TRY_COMPILE([ 2986#include <sys/types.h> 2987#include <utmp.h> 2988#ifdef HAVE_PATHS_H 2989# include <paths.h> 2990#endif 2991 ], 2992 [ char *utmp = UTMP_FILE; ], 2993 [ AC_MSG_RESULT(yes) ], 2994 [ AC_MSG_RESULT(no) 2995 system_utmp_path=no ] 2996) 2997if test -z "$conf_utmp_location"; then 2998 if test x"$system_utmp_path" = x"no" ; then 2999 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3000 if test -f $f ; then 3001 conf_utmp_location=$f 3002 fi 3003 done 3004 if test -z "$conf_utmp_location"; then 3005 AC_DEFINE(DISABLE_UTMP) 3006 fi 3007 fi 3008fi 3009if test -n "$conf_utmp_location"; then 3010 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location") 3011fi 3012 3013dnl wtmp detection 3014AC_MSG_CHECKING([if your system defines WTMP_FILE]) 3015AC_TRY_COMPILE([ 3016#include <sys/types.h> 3017#include <utmp.h> 3018#ifdef HAVE_PATHS_H 3019# include <paths.h> 3020#endif 3021 ], 3022 [ char *wtmp = WTMP_FILE; ], 3023 [ AC_MSG_RESULT(yes) ], 3024 [ AC_MSG_RESULT(no) 3025 system_wtmp_path=no ] 3026) 3027if test -z "$conf_wtmp_location"; then 3028 if test x"$system_wtmp_path" = x"no" ; then 3029 for f in /usr/adm/wtmp /var/log/wtmp; do 3030 if test -f $f ; then 3031 conf_wtmp_location=$f 3032 fi 3033 done 3034 if test -z "$conf_wtmp_location"; then 3035 AC_DEFINE(DISABLE_WTMP) 3036 fi 3037 fi 3038fi 3039if test -n "$conf_wtmp_location"; then 3040 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location") 3041fi 3042 3043 3044dnl utmpx detection - I don't know any system so perverse as to require 3045dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 3046dnl there, though. 3047AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 3048AC_TRY_COMPILE([ 3049#include <sys/types.h> 3050#include <utmp.h> 3051#ifdef HAVE_UTMPX_H 3052#include <utmpx.h> 3053#endif 3054#ifdef HAVE_PATHS_H 3055# include <paths.h> 3056#endif 3057 ], 3058 [ char *utmpx = UTMPX_FILE; ], 3059 [ AC_MSG_RESULT(yes) ], 3060 [ AC_MSG_RESULT(no) 3061 system_utmpx_path=no ] 3062) 3063if test -z "$conf_utmpx_location"; then 3064 if test x"$system_utmpx_path" = x"no" ; then 3065 AC_DEFINE(DISABLE_UTMPX) 3066 fi 3067else 3068 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location") 3069fi 3070 3071dnl wtmpx detection 3072AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 3073AC_TRY_COMPILE([ 3074#include <sys/types.h> 3075#include <utmp.h> 3076#ifdef HAVE_UTMPX_H 3077#include <utmpx.h> 3078#endif 3079#ifdef HAVE_PATHS_H 3080# include <paths.h> 3081#endif 3082 ], 3083 [ char *wtmpx = WTMPX_FILE; ], 3084 [ AC_MSG_RESULT(yes) ], 3085 [ AC_MSG_RESULT(no) 3086 system_wtmpx_path=no ] 3087) 3088if test -z "$conf_wtmpx_location"; then 3089 if test x"$system_wtmpx_path" = x"no" ; then 3090 AC_DEFINE(DISABLE_WTMPX) 3091 fi 3092else 3093 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location") 3094fi 3095 3096 3097if test ! -z "$blibpath" ; then 3098 LDFLAGS="$LDFLAGS $blibflags$blibpath" 3099 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 3100fi 3101 3102dnl remove pam and dl because they are in $LIBPAM 3103if test "$PAM_MSG" = yes ; then 3104 LIBS=`echo $LIBS | sed 's/-lpam //'` 3105fi 3106if test "$ac_cv_lib_pam_pam_set_item" = yes ; then 3107 LIBS=`echo $LIBS | sed 's/-ldl //'` 3108fi 3109 3110AC_EXEEXT 3111AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \ 3112 scard/Makefile ssh_prng_cmds survey.sh]) 3113AC_OUTPUT 3114 3115# Print summary of options 3116 3117# Someone please show me a better way :) 3118A=`eval echo ${prefix}` ; A=`eval echo ${A}` 3119B=`eval echo ${bindir}` ; B=`eval echo ${B}` 3120C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 3121D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 3122E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 3123F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 3124G=`eval echo ${piddir}` ; G=`eval echo ${G}` 3125H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 3126I=`eval echo ${user_path}` ; I=`eval echo ${I}` 3127J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 3128 3129echo "" 3130echo "OpenSSH has been configured with the following options:" 3131echo " User binaries: $B" 3132echo " System binaries: $C" 3133echo " Configuration files: $D" 3134echo " Askpass program: $E" 3135echo " Manual pages: $F" 3136echo " PID file: $G" 3137echo " Privilege separation chroot path: $H" 3138if test "x$external_path_file" = "x/etc/login.conf" ; then 3139echo " At runtime, sshd will use the path defined in $external_path_file" 3140echo " Make sure the path to scp is present, otherwise scp will not work" 3141else 3142echo " sshd default user PATH: $I" 3143 if test ! -z "$external_path_file"; then 3144echo " (If PATH is set in $external_path_file it will be used instead. If" 3145echo " used, ensure the path to scp is present, otherwise scp will not work.)" 3146 fi 3147fi 3148if test ! -z "$superuser_path" ; then 3149echo " sshd superuser user PATH: $J" 3150fi 3151echo " Manpage format: $MANTYPE" 3152echo " PAM support: $PAM_MSG" 3153echo " KerberosV support: $KRB5_MSG" 3154echo " Smartcard support: $SCARD_MSG" 3155echo " S/KEY support: $SKEY_MSG" 3156echo " TCP Wrappers support: $TCPW_MSG" 3157echo " MD5 password support: $MD5_MSG" 3158echo " libedit support: $LIBEDIT_MSG" 3159echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 3160echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 3161echo " BSD Auth support: $BSD_AUTH_MSG" 3162echo " Random number source: $RAND_MSG" 3163if test ! -z "$USE_RAND_HELPER" ; then 3164echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 3165fi 3166 3167echo "" 3168 3169echo " Host: ${host}" 3170echo " Compiler: ${CC}" 3171echo " Compiler flags: ${CFLAGS}" 3172echo "Preprocessor flags: ${CPPFLAGS}" 3173echo " Linker flags: ${LDFLAGS}" 3174echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" 3175 3176echo "" 3177 3178if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 3179 echo "SVR4 style packages are supported with \"make package\"" 3180 echo "" 3181fi 3182 3183if test "x$PAM_MSG" = "xyes" ; then 3184 echo "PAM is enabled. You may need to install a PAM control file " 3185 echo "for sshd, otherwise password authentication may fail. " 3186 echo "Example PAM control files can be found in the contrib/ " 3187 echo "subdirectory" 3188 echo "" 3189fi 3190 3191if test ! -z "$RAND_HELPER_CMDHASH" ; then 3192 echo "WARNING: you are using the builtin random number collection " 3193 echo "service. Please read WARNING.RNG and request that your OS " 3194 echo "vendor includes kernel-based random number collection in " 3195 echo "future versions of your OS." 3196 echo "" 3197fi 3198 3199if test ! -z "$NO_PEERCHECK" ; then 3200 echo "WARNING: the operating system that you are using does not " 3201 echo "appear to support either the getpeereid() API nor the " 3202 echo "SO_PEERCRED getsockopt() option. These facilities are used to " 3203 echo "enforce security checks to prevent unauthorised connections to " 3204 echo "ssh-agent. Their absence increases the risk that a malicious " 3205 echo "user can connect to your agent. " 3206 echo "" 3207fi 3208 3209if test "$AUDIT_MODULE" = "bsm" ; then 3210 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 3211 echo "See the Solaris section in README.platform for details." 3212fi 3213