configure.ac revision 163002
138451Smsmith# $Id: configure.ac,v 1.369 2006/10/03 16:34:35 tim Exp $ 238451Smsmith# 338451Smsmith# Copyright (c) 1999-2004 Damien Miller 438451Smsmith# 538451Smsmith# Permission to use, copy, modify, and distribute this software for any 638451Smsmith# purpose with or without fee is hereby granted, provided that the above 738451Smsmith# copyright notice and this permission notice appear in all copies. 838451Smsmith# 938451Smsmith# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 1038451Smsmith# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 1138451Smsmith# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 1238451Smsmith# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 1338451Smsmith# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 1438451Smsmith# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 1538451Smsmith# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 1638451Smsmith 1738451SmsmithAC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 1838451SmsmithAC_REVISION($Revision: 1.369 $) 1938451SmsmithAC_CONFIG_SRCDIR([ssh.c]) 2038451Smsmith 2138451SmsmithAC_CONFIG_HEADER(config.h) 2238451SmsmithAC_PROG_CC 2338451SmsmithAC_CANONICAL_HOST 2438451SmsmithAC_C_BIGENDIAN 2538451Smsmith 2638451Smsmith# Checks for programs. 2738451SmsmithAC_PROG_AWK 2838451SmsmithAC_PROG_CPP 2938451SmsmithAC_PROG_RANLIB 3038451SmsmithAC_PROG_INSTALL 3138451SmsmithAC_PROG_EGREP 3238451SmsmithAC_PATH_PROG(AR, ar) 3338451SmsmithAC_PATH_PROG(CAT, cat) 3438451SmsmithAC_PATH_PROG(KILL, kill) 3564185SjhbAC_PATH_PROGS(PERL, perl5 perl) 3664185SjhbAC_PATH_PROG(SED, sed) 3738451SmsmithAC_SUBST(PERL) 3838451SmsmithAC_PATH_PROG(ENT, ent) 3938451SmsmithAC_SUBST(ENT) 4038451SmsmithAC_PATH_PROG(TEST_MINUS_S_SH, bash) 4138451SmsmithAC_PATH_PROG(TEST_MINUS_S_SH, ksh) 4238451SmsmithAC_PATH_PROG(TEST_MINUS_S_SH, sh) 4338451SmsmithAC_PATH_PROG(SH, sh) 4438451SmsmithAC_SUBST(TEST_SHELL,sh) 4538451Smsmith 4638451Smsmithdnl for buildpkg.sh 4738451SmsmithAC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 4838451Smsmith [/usr/sbin${PATH_SEPARATOR}/etc]) 4938451SmsmithAC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 5038451Smsmith [/usr/sbin${PATH_SEPARATOR}/etc]) 5138451SmsmithAC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 5238451Smsmithif test -x /sbin/sh; then 53213235Semaste AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 5438451Smsmithelse 5538451Smsmith AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 5638451Smsmithfi 5738451Smsmith 5838451Smsmith# System features 5938451SmsmithAC_SYS_LARGEFILE 6038451Smsmith 6138451Smsmithif test -z "$AR" ; then 6238451Smsmith AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 6338451Smsmithfi 6438451Smsmith 6538451Smsmith# Use LOGIN_PROGRAM from environment if possible 6638451Smsmithif test ! -z "$LOGIN_PROGRAM" ; then 6738451Smsmith AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 6838451Smsmith [If your header files don't define LOGIN_PROGRAM, 6938451Smsmith then use this (detected) from environment and PATH]) 7038451Smsmithelse 7138451Smsmith # Search for login 7238451Smsmith AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 7338451Smsmith if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 7438451Smsmith AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 7538451Smsmith fi 7638451Smsmithfi 7738451Smsmith 7838451SmsmithAC_PATH_PROG(PATH_PASSWD_PROG, passwd) 7938451Smsmithif test ! -z "$PATH_PASSWD_PROG" ; then 8038451Smsmith AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 8138451Smsmith [Full path of your "passwd" program]) 8238451Smsmithfi 8338451Smsmith 8438451Smsmithif test -z "$LD" ; then 8538451Smsmith LD=$CC 8638451Smsmithfi 8738451SmsmithAC_SUBST(LD) 8838451Smsmith 8938451SmsmithAC_C_INLINE 9038451Smsmith 9138451SmsmithAC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 9238451Smsmith 9338451Smsmithif test "$GCC" = "yes" || test "$GCC" = "egcs"; then 9438451Smsmith CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 9538451Smsmith GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 9638451Smsmith case $GCC_VER in 9738451Smsmith 1.*) ;; 9838451Smsmith 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;; 9938451Smsmith 2.*) ;; 10038451Smsmith 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;; 10138451Smsmith 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;; 10238451Smsmith *) ;; 10338451Smsmith esac 10438451Smsmith 10538451Smsmith if test -z "$have_llong_max"; then 10638451Smsmith # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 10738451Smsmith unset ac_cv_have_decl_LLONG_MAX 10838451Smsmith saved_CFLAGS="$CFLAGS" 10938451Smsmith CFLAGS="$CFLAGS -std=gnu99" 11064185Sjhb AC_CHECK_DECL(LLONG_MAX, 11164527Sps [have_llong_max=1], 11264185Sjhb [CFLAGS="$saved_CFLAGS"], 11338451Smsmith [#include <limits.h>] 11438451Smsmith ) 11538451Smsmith fi 11638451Smsmithfi 11738451Smsmith 11838451SmsmithAC_ARG_WITH(rpath, 11938451Smsmith [ --without-rpath Disable auto-added -R linker paths], 12038451Smsmith [ 12138451Smsmith if test "x$withval" = "xno" ; then 122 need_dash_r="" 123 fi 124 if test "x$withval" = "xyes" ; then 125 need_dash_r=1 126 fi 127 ] 128) 129 130# Allow user to specify flags 131AC_ARG_WITH(cflags, 132 [ --with-cflags Specify additional flags to pass to compiler], 133 [ 134 if test -n "$withval" && test "x$withval" != "xno" && \ 135 test "x${withval}" != "xyes"; then 136 CFLAGS="$CFLAGS $withval" 137 fi 138 ] 139) 140AC_ARG_WITH(cppflags, 141 [ --with-cppflags Specify additional flags to pass to preprocessor] , 142 [ 143 if test -n "$withval" && test "x$withval" != "xno" && \ 144 test "x${withval}" != "xyes"; then 145 CPPFLAGS="$CPPFLAGS $withval" 146 fi 147 ] 148) 149AC_ARG_WITH(ldflags, 150 [ --with-ldflags Specify additional flags to pass to linker], 151 [ 152 if test -n "$withval" && test "x$withval" != "xno" && \ 153 test "x${withval}" != "xyes"; then 154 LDFLAGS="$LDFLAGS $withval" 155 fi 156 ] 157) 158AC_ARG_WITH(libs, 159 [ --with-libs Specify additional libraries to link with], 160 [ 161 if test -n "$withval" && test "x$withval" != "xno" && \ 162 test "x${withval}" != "xyes"; then 163 LIBS="$LIBS $withval" 164 fi 165 ] 166) 167AC_ARG_WITH(Werror, 168 [ --with-Werror Build main code with -Werror], 169 [ 170 if test -n "$withval" && test "x$withval" != "xno"; then 171 werror_flags="-Werror" 172 if test "x${withval}" != "xyes"; then 173 werror_flags="$withval" 174 fi 175 fi 176 ] 177) 178 179AC_CHECK_HEADERS( \ 180 bstring.h \ 181 crypt.h \ 182 crypto/sha2.h \ 183 dirent.h \ 184 endian.h \ 185 features.h \ 186 fcntl.h \ 187 floatingpoint.h \ 188 getopt.h \ 189 glob.h \ 190 ia.h \ 191 iaf.h \ 192 limits.h \ 193 login.h \ 194 maillock.h \ 195 ndir.h \ 196 net/if_tun.h \ 197 netdb.h \ 198 netgroup.h \ 199 pam/pam_appl.h \ 200 paths.h \ 201 pty.h \ 202 readpassphrase.h \ 203 rpc/types.h \ 204 security/pam_appl.h \ 205 sha2.h \ 206 shadow.h \ 207 stddef.h \ 208 stdint.h \ 209 string.h \ 210 strings.h \ 211 sys/audit.h \ 212 sys/bitypes.h \ 213 sys/bsdtty.h \ 214 sys/cdefs.h \ 215 sys/dir.h \ 216 sys/mman.h \ 217 sys/ndir.h \ 218 sys/prctl.h \ 219 sys/pstat.h \ 220 sys/select.h \ 221 sys/stat.h \ 222 sys/stream.h \ 223 sys/stropts.h \ 224 sys/strtio.h \ 225 sys/sysmacros.h \ 226 sys/time.h \ 227 sys/timers.h \ 228 sys/un.h \ 229 time.h \ 230 tmpdir.h \ 231 ttyent.h \ 232 unistd.h \ 233 usersec.h \ 234 util.h \ 235 utime.h \ 236 utmp.h \ 237 utmpx.h \ 238 vis.h \ 239) 240 241# lastlog.h requires sys/time.h to be included first on Solaris 242AC_CHECK_HEADERS(lastlog.h, [], [], [ 243#ifdef HAVE_SYS_TIME_H 244# include <sys/time.h> 245#endif 246]) 247 248# sys/ptms.h requires sys/stream.h to be included first on Solaris 249AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 250#ifdef HAVE_SYS_STREAM_H 251# include <sys/stream.h> 252#endif 253]) 254 255# login_cap.h requires sys/types.h on NetBSD 256AC_CHECK_HEADERS(login_cap.h, [], [], [ 257#include <sys/types.h> 258]) 259 260# Messages for features tested for in target-specific section 261SIA_MSG="no" 262SPC_MSG="no" 263 264# Check for some target-specific stuff 265case "$host" in 266*-*-aix*) 267 # Some versions of VAC won't allow macro redefinitions at 268 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 269 # particularly with older versions of vac or xlc. 270 # It also throws errors about null macro argments, but these are 271 # not fatal. 272 AC_MSG_CHECKING(if compiler allows macro redefinitions) 273 AC_COMPILE_IFELSE( 274 [AC_LANG_SOURCE([[ 275#define testmacro foo 276#define testmacro bar 277int main(void) { exit(0); } 278 ]])], 279 [ AC_MSG_RESULT(yes) ], 280 [ AC_MSG_RESULT(no) 281 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 282 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" 283 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 284 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 285 ] 286 ) 287 288 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 289 if (test -z "$blibpath"); then 290 blibpath="/usr/lib:/lib" 291 fi 292 saved_LDFLAGS="$LDFLAGS" 293 if test "$GCC" = "yes"; then 294 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 295 else 296 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 297 fi 298 for tryflags in $flags ;do 299 if (test -z "$blibflags"); then 300 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 301 AC_TRY_LINK([], [], [blibflags=$tryflags]) 302 fi 303 done 304 if (test -z "$blibflags"); then 305 AC_MSG_RESULT(not found) 306 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 307 else 308 AC_MSG_RESULT($blibflags) 309 fi 310 LDFLAGS="$saved_LDFLAGS" 311 dnl Check for authenticate. Might be in libs.a on older AIXes 312 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 313 [Define if you want to enable AIX4's authenticate function])], 314 [AC_CHECK_LIB(s,authenticate, 315 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 316 LIBS="$LIBS -ls" 317 ]) 318 ]) 319 dnl Check for various auth function declarations in headers. 320 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 321 passwdexpired, setauthdb], , , [#include <usersec.h>]) 322 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 323 AC_CHECK_DECLS(loginfailed, 324 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 325 AC_TRY_COMPILE( 326 [#include <usersec.h>], 327 [(void)loginfailed("user","host","tty",0);], 328 [AC_MSG_RESULT(yes) 329 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 330 [Define if your AIX loginfailed() function 331 takes 4 arguments (AIX >= 5.2)])], 332 [AC_MSG_RESULT(no)] 333 )], 334 [], 335 [#include <usersec.h>] 336 ) 337 AC_CHECK_FUNCS(setauthdb) 338 AC_CHECK_DECL(F_CLOSEM, 339 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), 340 [], 341 [ #include <limits.h> 342 #include <fcntl.h> ] 343 ) 344 check_for_aix_broken_getaddrinfo=1 345 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 346 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 347 [Define if your platform breaks doing a seteuid before a setuid]) 348 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 349 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 350 dnl AIX handles lastlog as part of its login message 351 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 352 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 353 [Some systems need a utmpx entry for /bin/login to work]) 354 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 355 [Define to a Set Process Title type if your system is 356 supported by bsd-setproctitle.c]) 357 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 358 [AIX 5.2 and 5.3 (and presumably newer) require this]) 359 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) 360 ;; 361*-*-cygwin*) 362 check_for_libcrypt_later=1 363 LIBS="$LIBS /usr/lib/textmode.o" 364 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 365 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 366 AC_DEFINE(DISABLE_SHADOW, 1, 367 [Define if you want to disable shadow passwords]) 368 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 369 [Define if your system choked on IP TOS setting]) 370 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 371 [Define if X11 doesn't support AF_UNIX sockets on that system]) 372 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 373 [Define if the concept of ports only accessible to 374 superusers isn't known]) 375 AC_DEFINE(DISABLE_FD_PASSING, 1, 376 [Define if your platform needs to skip post auth 377 file descriptor passing]) 378 ;; 379*-*-dgux*) 380 AC_DEFINE(IP_TOS_IS_BROKEN) 381 AC_DEFINE(SETEUID_BREAKS_SETUID) 382 AC_DEFINE(BROKEN_SETREUID) 383 AC_DEFINE(BROKEN_SETREGID) 384 ;; 385*-*-darwin*) 386 AC_MSG_CHECKING(if we have working getaddrinfo) 387 AC_TRY_RUN([#include <mach-o/dyld.h> 388main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 389 exit(0); 390 else 391 exit(1); 392}], [AC_MSG_RESULT(working)], 393 [AC_MSG_RESULT(buggy) 394 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 395 [AC_MSG_RESULT(assume it is working)]) 396 AC_DEFINE(SETEUID_BREAKS_SETUID) 397 AC_DEFINE(BROKEN_SETREUID) 398 AC_DEFINE(BROKEN_SETREGID) 399 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 400 [Define if your resolver libs need this for getrrsetbyname]) 401 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 402 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 403 [Use tunnel device compatibility to OpenBSD]) 404 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 405 [Prepend the address family to IP tunnel traffic]) 406 ;; 407*-*-dragonfly*) 408 SSHDLIBS="$SSHDLIBS -lcrypt" 409 ;; 410*-*-hpux*) 411 # first we define all of the options common to all HP-UX releases 412 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 413 IPADDR_IN_DISPLAY=yes 414 AC_DEFINE(USE_PIPES) 415 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 416 [Define if your login program cannot handle end of options ("--")]) 417 AC_DEFINE(LOGIN_NEEDS_UTMPX) 418 AC_DEFINE(LOCKED_PASSWD_STRING, "*", 419 [String used in /etc/passwd to denote locked account]) 420 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 421 MAIL="/var/mail/username" 422 LIBS="$LIBS -lsec" 423 AC_CHECK_LIB(xnet, t_error, , 424 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 425 426 # next, we define all of the options specific to major releases 427 case "$host" in 428 *-*-hpux10*) 429 if test -z "$GCC"; then 430 CFLAGS="$CFLAGS -Ae" 431 fi 432 ;; 433 *-*-hpux11*) 434 AC_DEFINE(PAM_SUN_CODEBASE, 1, 435 [Define if you are using Solaris-derived PAM which 436 passes pam_messages to the conversation function 437 with an extra level of indirection]) 438 AC_DEFINE(DISABLE_UTMP, 1, 439 [Define if you don't want to use utmp]) 440 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 441 check_for_hpux_broken_getaddrinfo=1 442 check_for_conflicting_getspnam=1 443 ;; 444 esac 445 446 # lastly, we define options specific to minor releases 447 case "$host" in 448 *-*-hpux10.26) 449 AC_DEFINE(HAVE_SECUREWARE, 1, 450 [Define if you have SecureWare-based 451 protected password database]) 452 disable_ptmx_check=yes 453 LIBS="$LIBS -lsecpw" 454 ;; 455 esac 456 ;; 457*-*-irix5*) 458 PATH="$PATH:/usr/etc" 459 AC_DEFINE(BROKEN_INET_NTOA, 1, 460 [Define if you system's inet_ntoa is busted 461 (e.g. Irix gcc issue)]) 462 AC_DEFINE(SETEUID_BREAKS_SETUID) 463 AC_DEFINE(BROKEN_SETREUID) 464 AC_DEFINE(BROKEN_SETREGID) 465 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 466 [Define if you shouldn't strip 'tty' from your 467 ttyname in [uw]tmp]) 468 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 469 ;; 470*-*-irix6*) 471 PATH="$PATH:/usr/etc" 472 AC_DEFINE(WITH_IRIX_ARRAY, 1, 473 [Define if you have/want arrays 474 (cluster-wide session managment, not C arrays)]) 475 AC_DEFINE(WITH_IRIX_PROJECT, 1, 476 [Define if you want IRIX project management]) 477 AC_DEFINE(WITH_IRIX_AUDIT, 1, 478 [Define if you want IRIX audit trails]) 479 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 480 [Define if you want IRIX kernel jobs])]) 481 AC_DEFINE(BROKEN_INET_NTOA) 482 AC_DEFINE(SETEUID_BREAKS_SETUID) 483 AC_DEFINE(BROKEN_SETREUID) 484 AC_DEFINE(BROKEN_SETREGID) 485 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 486 AC_DEFINE(WITH_ABBREV_NO_TTY) 487 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 488 ;; 489*-*-linux*) 490 no_dev_ptmx=1 491 check_for_libcrypt_later=1 492 check_for_openpty_ctty_bug=1 493 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks]) 494 AC_DEFINE(PAM_TTY_KLUDGE, 1, 495 [Work around problematic Linux PAM modules handling of PAM_TTY]) 496 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 497 [String used in /etc/passwd to denote locked account]) 498 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 499 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 500 [Define to whatever link() returns for "not supported" 501 if it doesn't return EOPNOTSUPP.]) 502 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 503 AC_DEFINE(USE_BTMP) 504 inet6_default_4in6=yes 505 case `uname -r` in 506 1.*|2.0.*) 507 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 508 [Define if cmsg_type is not passed correctly]) 509 ;; 510 esac 511 # tun(4) forwarding compat code 512 AC_CHECK_HEADERS(linux/if_tun.h) 513 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 514 AC_DEFINE(SSH_TUN_LINUX, 1, 515 [Open tunnel devices the Linux tun/tap way]) 516 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 517 [Use tunnel device compatibility to OpenBSD]) 518 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 519 [Prepend the address family to IP tunnel traffic]) 520 fi 521 ;; 522mips-sony-bsd|mips-sony-newsos4) 523 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) 524 SONY=1 525 ;; 526*-*-netbsd*) 527 check_for_libcrypt_before=1 528 if test "x$withval" != "xno" ; then 529 need_dash_r=1 530 fi 531 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 532 AC_CHECK_HEADER([net/if_tap.h], , 533 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 534 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 535 [Prepend the address family to IP tunnel traffic]) 536 ;; 537*-*-freebsd*) 538 check_for_libcrypt_later=1 539 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)]) 540 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 541 AC_CHECK_HEADER([net/if_tap.h], , 542 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 543 ;; 544*-*-bsdi*) 545 AC_DEFINE(SETEUID_BREAKS_SETUID) 546 AC_DEFINE(BROKEN_SETREUID) 547 AC_DEFINE(BROKEN_SETREGID) 548 ;; 549*-next-*) 550 conf_lastlog_location="/usr/adm/lastlog" 551 conf_utmp_location=/etc/utmp 552 conf_wtmp_location=/usr/adm/wtmp 553 MAIL=/usr/spool/mail 554 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 555 AC_DEFINE(BROKEN_REALPATH) 556 AC_DEFINE(USE_PIPES) 557 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 558 ;; 559*-*-openbsd*) 560 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 561 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 562 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 563 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1, 564 [syslog_r function is safe to use in in a signal handler]) 565 ;; 566*-*-solaris*) 567 if test "x$withval" != "xno" ; then 568 need_dash_r=1 569 fi 570 AC_DEFINE(PAM_SUN_CODEBASE) 571 AC_DEFINE(LOGIN_NEEDS_UTMPX) 572 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 573 [Some versions of /bin/login need the TERM supplied 574 on the commandline]) 575 AC_DEFINE(PAM_TTY_KLUDGE) 576 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 577 [Define if pam_chauthtok wants real uid set 578 to the unpriv'ed user]) 579 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 580 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 581 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 582 [Define if sshd somehow reacquires a controlling TTY 583 after setsid()]) 584 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd 585 in case the name is longer than 8 chars]) 586 external_path_file=/etc/default/login 587 # hardwire lastlog location (can't detect it on some versions) 588 conf_lastlog_location="/var/adm/lastlog" 589 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 590 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 591 if test "$sol2ver" -ge 8; then 592 AC_MSG_RESULT(yes) 593 AC_DEFINE(DISABLE_UTMP) 594 AC_DEFINE(DISABLE_WTMP, 1, 595 [Define if you don't want to use wtmp]) 596 else 597 AC_MSG_RESULT(no) 598 fi 599 AC_ARG_WITH(solaris-contracts, 600 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 601 [ 602 AC_CHECK_LIB(contract, ct_tmpl_activate, 603 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, 604 [Define if you have Solaris process contracts]) 605 SSHDLIBS="$SSHDLIBS -lcontract" 606 AC_SUBST(SSHDLIBS) 607 SPC_MSG="yes" ], ) 608 ], 609 ) 610 ;; 611*-*-sunos4*) 612 CPPFLAGS="$CPPFLAGS -DSUNOS4" 613 AC_CHECK_FUNCS(getpwanam) 614 AC_DEFINE(PAM_SUN_CODEBASE) 615 conf_utmp_location=/etc/utmp 616 conf_wtmp_location=/var/adm/wtmp 617 conf_lastlog_location=/var/adm/lastlog 618 AC_DEFINE(USE_PIPES) 619 ;; 620*-ncr-sysv*) 621 LIBS="$LIBS -lc89" 622 AC_DEFINE(USE_PIPES) 623 AC_DEFINE(SSHD_ACQUIRES_CTTY) 624 AC_DEFINE(SETEUID_BREAKS_SETUID) 625 AC_DEFINE(BROKEN_SETREUID) 626 AC_DEFINE(BROKEN_SETREGID) 627 ;; 628*-sni-sysv*) 629 # /usr/ucblib MUST NOT be searched on ReliantUNIX 630 AC_CHECK_LIB(dl, dlsym, ,) 631 # -lresolv needs to be at the end of LIBS or DNS lookups break 632 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 633 IPADDR_IN_DISPLAY=yes 634 AC_DEFINE(USE_PIPES) 635 AC_DEFINE(IP_TOS_IS_BROKEN) 636 AC_DEFINE(SETEUID_BREAKS_SETUID) 637 AC_DEFINE(BROKEN_SETREUID) 638 AC_DEFINE(BROKEN_SETREGID) 639 AC_DEFINE(SSHD_ACQUIRES_CTTY) 640 external_path_file=/etc/default/login 641 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 642 # Attention: always take care to bind libsocket and libnsl before libc, 643 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 644 ;; 645# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 646*-*-sysv4.2*) 647 AC_DEFINE(USE_PIPES) 648 AC_DEFINE(SETEUID_BREAKS_SETUID) 649 AC_DEFINE(BROKEN_SETREUID) 650 AC_DEFINE(BROKEN_SETREGID) 651 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 652 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 653 ;; 654# UnixWare 7.x, OpenUNIX 8 655*-*-sysv5*) 656 check_for_libcrypt_later=1 657 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 658 AC_DEFINE(USE_PIPES) 659 AC_DEFINE(SETEUID_BREAKS_SETUID) 660 AC_DEFINE(BROKEN_SETREUID) 661 AC_DEFINE(BROKEN_SETREGID) 662 AC_DEFINE(PASSWD_NEEDS_USERNAME) 663 case "$host" in 664 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 665 TEST_SHELL=/u95/bin/sh 666 AC_DEFINE(BROKEN_LIBIAF, 1, 667 [ia_uinfo routines not supported by OS yet]) 668 AC_DEFINE(BROKEN_UPDWTMPX) 669 ;; 670 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 671 ;; 672 esac 673 ;; 674*-*-sysv*) 675 ;; 676# SCO UNIX and OEM versions of SCO UNIX 677*-*-sco3.2v4*) 678 AC_MSG_ERROR("This Platform is no longer supported.") 679 ;; 680# SCO OpenServer 5.x 681*-*-sco3.2v5*) 682 if test -z "$GCC"; then 683 CFLAGS="$CFLAGS -belf" 684 fi 685 LIBS="$LIBS -lprot -lx -ltinfo -lm" 686 no_dev_ptmx=1 687 AC_DEFINE(USE_PIPES) 688 AC_DEFINE(HAVE_SECUREWARE) 689 AC_DEFINE(DISABLE_SHADOW) 690 AC_DEFINE(DISABLE_FD_PASSING) 691 AC_DEFINE(SETEUID_BREAKS_SETUID) 692 AC_DEFINE(BROKEN_SETREUID) 693 AC_DEFINE(BROKEN_SETREGID) 694 AC_DEFINE(WITH_ABBREV_NO_TTY) 695 AC_DEFINE(BROKEN_UPDWTMPX) 696 AC_DEFINE(PASSWD_NEEDS_USERNAME) 697 AC_CHECK_FUNCS(getluid setluid) 698 MANTYPE=man 699 TEST_SHELL=ksh 700 ;; 701*-*-unicosmk*) 702 AC_DEFINE(NO_SSH_LASTLOG, 1, 703 [Define if you don't want to use lastlog in session.c]) 704 AC_DEFINE(SETEUID_BREAKS_SETUID) 705 AC_DEFINE(BROKEN_SETREUID) 706 AC_DEFINE(BROKEN_SETREGID) 707 AC_DEFINE(USE_PIPES) 708 AC_DEFINE(DISABLE_FD_PASSING) 709 LDFLAGS="$LDFLAGS" 710 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 711 MANTYPE=cat 712 ;; 713*-*-unicosmp*) 714 AC_DEFINE(SETEUID_BREAKS_SETUID) 715 AC_DEFINE(BROKEN_SETREUID) 716 AC_DEFINE(BROKEN_SETREGID) 717 AC_DEFINE(WITH_ABBREV_NO_TTY) 718 AC_DEFINE(USE_PIPES) 719 AC_DEFINE(DISABLE_FD_PASSING) 720 LDFLAGS="$LDFLAGS" 721 LIBS="$LIBS -lgen -lacid -ldb" 722 MANTYPE=cat 723 ;; 724*-*-unicos*) 725 AC_DEFINE(SETEUID_BREAKS_SETUID) 726 AC_DEFINE(BROKEN_SETREUID) 727 AC_DEFINE(BROKEN_SETREGID) 728 AC_DEFINE(USE_PIPES) 729 AC_DEFINE(DISABLE_FD_PASSING) 730 AC_DEFINE(NO_SSH_LASTLOG) 731 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 732 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 733 MANTYPE=cat 734 ;; 735*-dec-osf*) 736 AC_MSG_CHECKING(for Digital Unix SIA) 737 no_osfsia="" 738 AC_ARG_WITH(osfsia, 739 [ --with-osfsia Enable Digital Unix SIA], 740 [ 741 if test "x$withval" = "xno" ; then 742 AC_MSG_RESULT(disabled) 743 no_osfsia=1 744 fi 745 ], 746 ) 747 if test -z "$no_osfsia" ; then 748 if test -f /etc/sia/matrix.conf; then 749 AC_MSG_RESULT(yes) 750 AC_DEFINE(HAVE_OSF_SIA, 1, 751 [Define if you have Digital Unix Security 752 Integration Architecture]) 753 AC_DEFINE(DISABLE_LOGIN, 1, 754 [Define if you don't want to use your 755 system's login() call]) 756 AC_DEFINE(DISABLE_FD_PASSING) 757 LIBS="$LIBS -lsecurity -ldb -lm -laud" 758 SIA_MSG="yes" 759 else 760 AC_MSG_RESULT(no) 761 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 762 [String used in /etc/passwd to denote locked account]) 763 fi 764 fi 765 AC_DEFINE(BROKEN_GETADDRINFO) 766 AC_DEFINE(SETEUID_BREAKS_SETUID) 767 AC_DEFINE(BROKEN_SETREUID) 768 AC_DEFINE(BROKEN_SETREGID) 769 ;; 770 771*-*-nto-qnx*) 772 AC_DEFINE(USE_PIPES) 773 AC_DEFINE(NO_X11_UNIX_SOCKETS) 774 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems]) 775 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems]) 776 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems]) 777 AC_DEFINE(DISABLE_LASTLOG) 778 AC_DEFINE(SSHD_ACQUIRES_CTTY) 779 enable_etc_default_login=no # has incompatible /etc/default/login 780 ;; 781 782*-*-ultrix*) 783 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 784 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 785 AC_DEFINE(NEED_SETPGRP) 786 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 787 ;; 788 789*-*-lynxos) 790 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 791 AC_DEFINE(MISSING_HOWMANY) 792 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 793 ;; 794esac 795 796AC_MSG_CHECKING(compiler and flags for sanity) 797AC_RUN_IFELSE( 798 [AC_LANG_SOURCE([ 799#include <stdio.h> 800int main(){exit(0);} 801 ])], 802 [ AC_MSG_RESULT(yes) ], 803 [ 804 AC_MSG_RESULT(no) 805 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 806 ], 807 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 808) 809 810dnl Checks for header files. 811# Checks for libraries. 812AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 813AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 814 815dnl IRIX and Solaris 2.5.1 have dirname() in libgen 816AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 817 AC_CHECK_LIB(gen, dirname,[ 818 AC_CACHE_CHECK([for broken dirname], 819 ac_cv_have_broken_dirname, [ 820 save_LIBS="$LIBS" 821 LIBS="$LIBS -lgen" 822 AC_RUN_IFELSE( 823 [AC_LANG_SOURCE([[ 824#include <libgen.h> 825#include <string.h> 826 827int main(int argc, char **argv) { 828 char *s, buf[32]; 829 830 strncpy(buf,"/etc", 32); 831 s = dirname(buf); 832 if (!s || strncmp(s, "/", 32) != 0) { 833 exit(1); 834 } else { 835 exit(0); 836 } 837} 838 ]])], 839 [ ac_cv_have_broken_dirname="no" ], 840 [ ac_cv_have_broken_dirname="yes" ], 841 [ ac_cv_have_broken_dirname="no" ], 842 ) 843 LIBS="$save_LIBS" 844 ]) 845 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 846 LIBS="$LIBS -lgen" 847 AC_DEFINE(HAVE_DIRNAME) 848 AC_CHECK_HEADERS(libgen.h) 849 fi 850 ]) 851]) 852 853AC_CHECK_FUNC(getspnam, , 854 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 855AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 856 [Define if you have the basename function.])) 857 858dnl zlib is required 859AC_ARG_WITH(zlib, 860 [ --with-zlib=PATH Use zlib in PATH], 861 [ if test "x$withval" = "xno" ; then 862 AC_MSG_ERROR([*** zlib is required ***]) 863 elif test "x$withval" != "xyes"; then 864 if test -d "$withval/lib"; then 865 if test -n "${need_dash_r}"; then 866 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 867 else 868 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 869 fi 870 else 871 if test -n "${need_dash_r}"; then 872 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 873 else 874 LDFLAGS="-L${withval} ${LDFLAGS}" 875 fi 876 fi 877 if test -d "$withval/include"; then 878 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 879 else 880 CPPFLAGS="-I${withval} ${CPPFLAGS}" 881 fi 882 fi ] 883) 884 885AC_CHECK_LIB(z, deflate, , 886 [ 887 saved_CPPFLAGS="$CPPFLAGS" 888 saved_LDFLAGS="$LDFLAGS" 889 save_LIBS="$LIBS" 890 dnl Check default zlib install dir 891 if test -n "${need_dash_r}"; then 892 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 893 else 894 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 895 fi 896 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 897 LIBS="$LIBS -lz" 898 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 899 [ 900 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 901 ] 902 ) 903 ] 904) 905AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 906 907AC_ARG_WITH(zlib-version-check, 908 [ --without-zlib-version-check Disable zlib version check], 909 [ if test "x$withval" = "xno" ; then 910 zlib_check_nonfatal=1 911 fi 912 ] 913) 914 915AC_MSG_CHECKING(for possibly buggy zlib) 916AC_RUN_IFELSE([AC_LANG_SOURCE([[ 917#include <stdio.h> 918#include <zlib.h> 919int main() 920{ 921 int a=0, b=0, c=0, d=0, n, v; 922 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 923 if (n != 3 && n != 4) 924 exit(1); 925 v = a*1000000 + b*10000 + c*100 + d; 926 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 927 928 /* 1.1.4 is OK */ 929 if (a == 1 && b == 1 && c >= 4) 930 exit(0); 931 932 /* 1.2.3 and up are OK */ 933 if (v >= 1020300) 934 exit(0); 935 936 exit(2); 937} 938 ]])], 939 AC_MSG_RESULT(no), 940 [ AC_MSG_RESULT(yes) 941 if test -z "$zlib_check_nonfatal" ; then 942 AC_MSG_ERROR([*** zlib too old - check config.log *** 943Your reported zlib version has known security problems. It's possible your 944vendor has fixed these problems without changing the version number. If you 945are sure this is the case, you can disable the check by running 946"./configure --without-zlib-version-check". 947If you are in doubt, upgrade zlib to version 1.2.3 or greater. 948See http://www.gzip.org/zlib/ for details.]) 949 else 950 AC_MSG_WARN([zlib version may have security problems]) 951 fi 952 ], 953 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 954) 955 956dnl UnixWare 2.x 957AC_CHECK_FUNC(strcasecmp, 958 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 959) 960AC_CHECK_FUNCS(utimes, 961 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 962 LIBS="$LIBS -lc89"]) ] 963) 964 965dnl Checks for libutil functions 966AC_CHECK_HEADERS(libutil.h) 967AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 968 [Define if your libraries define login()])]) 969AC_CHECK_FUNCS(logout updwtmp logwtmp) 970 971AC_FUNC_STRFTIME 972 973# Check for ALTDIRFUNC glob() extension 974AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 975AC_EGREP_CPP(FOUNDIT, 976 [ 977 #include <glob.h> 978 #ifdef GLOB_ALTDIRFUNC 979 FOUNDIT 980 #endif 981 ], 982 [ 983 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 984 [Define if your system glob() function has 985 the GLOB_ALTDIRFUNC extension]) 986 AC_MSG_RESULT(yes) 987 ], 988 [ 989 AC_MSG_RESULT(no) 990 ] 991) 992 993# Check for g.gl_matchc glob() extension 994AC_MSG_CHECKING(for gl_matchc field in glob_t) 995AC_TRY_COMPILE( 996 [ #include <glob.h> ], 997 [glob_t g; g.gl_matchc = 1;], 998 [ 999 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 1000 [Define if your system glob() function has 1001 gl_matchc options in glob_t]) 1002 AC_MSG_RESULT(yes) 1003 ], 1004 [ 1005 AC_MSG_RESULT(no) 1006 ] 1007) 1008 1009AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>]) 1010 1011AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1012AC_RUN_IFELSE( 1013 [AC_LANG_SOURCE([[ 1014#include <sys/types.h> 1015#include <dirent.h> 1016int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 1017 ]])], 1018 [AC_MSG_RESULT(yes)], 1019 [ 1020 AC_MSG_RESULT(no) 1021 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 1022 [Define if your struct dirent expects you to 1023 allocate extra space for d_name]) 1024 ], 1025 [ 1026 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1027 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 1028 ] 1029) 1030 1031AC_MSG_CHECKING([for /proc/pid/fd directory]) 1032if test -d "/proc/$$/fd" ; then 1033 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 1034 AC_MSG_RESULT(yes) 1035else 1036 AC_MSG_RESULT(no) 1037fi 1038 1039# Check whether user wants S/Key support 1040SKEY_MSG="no" 1041AC_ARG_WITH(skey, 1042 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1043 [ 1044 if test "x$withval" != "xno" ; then 1045 1046 if test "x$withval" != "xyes" ; then 1047 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1048 LDFLAGS="$LDFLAGS -L${withval}/lib" 1049 fi 1050 1051 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1052 LIBS="-lskey $LIBS" 1053 SKEY_MSG="yes" 1054 1055 AC_MSG_CHECKING([for s/key support]) 1056 AC_LINK_IFELSE( 1057 [AC_LANG_SOURCE([[ 1058#include <stdio.h> 1059#include <skey.h> 1060int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 1061 ]])], 1062 [AC_MSG_RESULT(yes)], 1063 [ 1064 AC_MSG_RESULT(no) 1065 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1066 ]) 1067 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 1068 AC_TRY_COMPILE( 1069 [#include <stdio.h> 1070 #include <skey.h>], 1071 [(void)skeychallenge(NULL,"name","",0);], 1072 [AC_MSG_RESULT(yes) 1073 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 1074 [Define if your skeychallenge() 1075 function takes 4 arguments (NetBSD)])], 1076 [AC_MSG_RESULT(no)] 1077 ) 1078 fi 1079 ] 1080) 1081 1082# Check whether user wants TCP wrappers support 1083TCPW_MSG="no" 1084AC_ARG_WITH(tcp-wrappers, 1085 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1086 [ 1087 if test "x$withval" != "xno" ; then 1088 saved_LIBS="$LIBS" 1089 saved_LDFLAGS="$LDFLAGS" 1090 saved_CPPFLAGS="$CPPFLAGS" 1091 if test -n "${withval}" && \ 1092 test "x${withval}" != "xyes"; then 1093 if test -d "${withval}/lib"; then 1094 if test -n "${need_dash_r}"; then 1095 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1096 else 1097 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1098 fi 1099 else 1100 if test -n "${need_dash_r}"; then 1101 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1102 else 1103 LDFLAGS="-L${withval} ${LDFLAGS}" 1104 fi 1105 fi 1106 if test -d "${withval}/include"; then 1107 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1108 else 1109 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1110 fi 1111 fi 1112 LIBWRAP="-lwrap" 1113 LIBS="$LIBWRAP $LIBS" 1114 AC_MSG_CHECKING(for libwrap) 1115 AC_TRY_LINK( 1116 [ 1117#include <sys/types.h> 1118#include <sys/socket.h> 1119#include <netinet/in.h> 1120#include <tcpd.h> 1121 int deny_severity = 0, allow_severity = 0; 1122 ], 1123 [hosts_access(0);], 1124 [ 1125 AC_MSG_RESULT(yes) 1126 AC_DEFINE(LIBWRAP, 1, 1127 [Define if you want 1128 TCP Wrappers support]) 1129 AC_SUBST(LIBWRAP) 1130 TCPW_MSG="yes" 1131 ], 1132 [ 1133 AC_MSG_ERROR([*** libwrap missing]) 1134 ] 1135 ) 1136 LIBS="$saved_LIBS" 1137 fi 1138 ] 1139) 1140 1141# Check whether user wants libedit support 1142LIBEDIT_MSG="no" 1143AC_ARG_WITH(libedit, 1144 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1145 [ if test "x$withval" != "xno" ; then 1146 if test "x$withval" != "xyes"; then 1147 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1148 if test -n "${need_dash_r}"; then 1149 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1150 else 1151 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1152 fi 1153 fi 1154 AC_CHECK_LIB(edit, el_init, 1155 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1156 LIBEDIT="-ledit -lcurses" 1157 LIBEDIT_MSG="yes" 1158 AC_SUBST(LIBEDIT) 1159 ], 1160 [ AC_MSG_ERROR(libedit not found) ], 1161 [ -lcurses ] 1162 ) 1163 AC_MSG_CHECKING(if libedit version is compatible) 1164 AC_COMPILE_IFELSE( 1165 [AC_LANG_SOURCE([[ 1166#include <histedit.h> 1167int main(void) 1168{ 1169 int i = H_SETSIZE; 1170 el_init("", NULL, NULL, NULL); 1171 exit(0); 1172} 1173 ]])], 1174 [ AC_MSG_RESULT(yes) ], 1175 [ AC_MSG_RESULT(no) 1176 AC_MSG_ERROR(libedit version is not compatible) ] 1177 ) 1178 fi ] 1179) 1180 1181AUDIT_MODULE=none 1182AC_ARG_WITH(audit, 1183 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1184 [ 1185 AC_MSG_CHECKING(for supported audit module) 1186 case "$withval" in 1187 bsm) 1188 AC_MSG_RESULT(bsm) 1189 AUDIT_MODULE=bsm 1190 dnl Checks for headers, libs and functions 1191 AC_CHECK_HEADERS(bsm/audit.h, [], 1192 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)], 1193 [ 1194#ifdef HAVE_TIME_H 1195# include <time.h> 1196#endif 1197 ] 1198) 1199 AC_CHECK_LIB(bsm, getaudit, [], 1200 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1201 AC_CHECK_FUNCS(getaudit, [], 1202 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1203 # These are optional 1204 AC_CHECK_FUNCS(getaudit_addr) 1205 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1206 ;; 1207 debug) 1208 AUDIT_MODULE=debug 1209 AC_MSG_RESULT(debug) 1210 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1211 ;; 1212 no) 1213 AC_MSG_RESULT(no) 1214 ;; 1215 *) 1216 AC_MSG_ERROR([Unknown audit module $withval]) 1217 ;; 1218 esac ] 1219) 1220 1221dnl Checks for library functions. Please keep in alphabetical order 1222AC_CHECK_FUNCS( \ 1223 arc4random \ 1224 asprintf \ 1225 b64_ntop \ 1226 __b64_ntop \ 1227 b64_pton \ 1228 __b64_pton \ 1229 bcopy \ 1230 bindresvport_sa \ 1231 clock \ 1232 closefrom \ 1233 dirfd \ 1234 fchmod \ 1235 fchown \ 1236 freeaddrinfo \ 1237 futimes \ 1238 getaddrinfo \ 1239 getcwd \ 1240 getgrouplist \ 1241 getnameinfo \ 1242 getopt \ 1243 getpeereid \ 1244 _getpty \ 1245 getrlimit \ 1246 getttyent \ 1247 glob \ 1248 inet_aton \ 1249 inet_ntoa \ 1250 inet_ntop \ 1251 innetgr \ 1252 login_getcapbool \ 1253 md5_crypt \ 1254 memmove \ 1255 mkdtemp \ 1256 mmap \ 1257 ngetaddrinfo \ 1258 nsleep \ 1259 ogetaddrinfo \ 1260 openlog_r \ 1261 openpty \ 1262 prctl \ 1263 pstat \ 1264 readpassphrase \ 1265 realpath \ 1266 recvmsg \ 1267 rresvport_af \ 1268 sendmsg \ 1269 setdtablesize \ 1270 setegid \ 1271 setenv \ 1272 seteuid \ 1273 setgroups \ 1274 setlogin \ 1275 setpcred \ 1276 setproctitle \ 1277 setregid \ 1278 setreuid \ 1279 setrlimit \ 1280 setsid \ 1281 setvbuf \ 1282 sigaction \ 1283 sigvec \ 1284 snprintf \ 1285 socketpair \ 1286 strdup \ 1287 strerror \ 1288 strlcat \ 1289 strlcpy \ 1290 strmode \ 1291 strnvis \ 1292 strtonum \ 1293 strtoll \ 1294 strtoul \ 1295 sysconf \ 1296 tcgetpgrp \ 1297 truncate \ 1298 unsetenv \ 1299 updwtmpx \ 1300 vasprintf \ 1301 vhangup \ 1302 vsnprintf \ 1303 waitpid \ 1304) 1305 1306# IRIX has a const char return value for gai_strerror() 1307AC_CHECK_FUNCS(gai_strerror,[ 1308 AC_DEFINE(HAVE_GAI_STRERROR) 1309 AC_TRY_COMPILE([ 1310#include <sys/types.h> 1311#include <sys/socket.h> 1312#include <netdb.h> 1313 1314const char *gai_strerror(int);],[ 1315char *str; 1316 1317str = gai_strerror(0);],[ 1318 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1319 [Define if gai_strerror() returns const char *])])]) 1320 1321AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1322 [Some systems put nanosleep outside of libc])) 1323 1324dnl Make sure prototypes are defined for these before using them. 1325AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1326AC_CHECK_DECL(strsep, 1327 [AC_CHECK_FUNCS(strsep)], 1328 [], 1329 [ 1330#ifdef HAVE_STRING_H 1331# include <string.h> 1332#endif 1333 ]) 1334 1335dnl tcsendbreak might be a macro 1336AC_CHECK_DECL(tcsendbreak, 1337 [AC_DEFINE(HAVE_TCSENDBREAK)], 1338 [AC_CHECK_FUNCS(tcsendbreak)], 1339 [#include <termios.h>] 1340) 1341 1342AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1343 1344AC_CHECK_DECLS(SHUT_RD, , , 1345 [ 1346#include <sys/types.h> 1347#include <sys/socket.h> 1348 ]) 1349 1350AC_CHECK_DECLS(O_NONBLOCK, , , 1351 [ 1352#include <sys/types.h> 1353#ifdef HAVE_SYS_STAT_H 1354# include <sys/stat.h> 1355#endif 1356#ifdef HAVE_FCNTL_H 1357# include <fcntl.h> 1358#endif 1359 ]) 1360 1361AC_CHECK_DECLS(writev, , , [ 1362#include <sys/types.h> 1363#include <sys/uio.h> 1364#include <unistd.h> 1365 ]) 1366 1367AC_CHECK_FUNCS(setresuid, [ 1368 dnl Some platorms have setresuid that isn't implemented, test for this 1369 AC_MSG_CHECKING(if setresuid seems to work) 1370 AC_RUN_IFELSE( 1371 [AC_LANG_SOURCE([[ 1372#include <stdlib.h> 1373#include <errno.h> 1374int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1375 ]])], 1376 [AC_MSG_RESULT(yes)], 1377 [AC_DEFINE(BROKEN_SETRESUID, 1, 1378 [Define if your setresuid() is broken]) 1379 AC_MSG_RESULT(not implemented)], 1380 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1381 ) 1382]) 1383 1384AC_CHECK_FUNCS(setresgid, [ 1385 dnl Some platorms have setresgid that isn't implemented, test for this 1386 AC_MSG_CHECKING(if setresgid seems to work) 1387 AC_RUN_IFELSE( 1388 [AC_LANG_SOURCE([[ 1389#include <stdlib.h> 1390#include <errno.h> 1391int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1392 ]])], 1393 [AC_MSG_RESULT(yes)], 1394 [AC_DEFINE(BROKEN_SETRESGID, 1, 1395 [Define if your setresgid() is broken]) 1396 AC_MSG_RESULT(not implemented)], 1397 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1398 ) 1399]) 1400 1401dnl Checks for time functions 1402AC_CHECK_FUNCS(gettimeofday time) 1403dnl Checks for utmp functions 1404AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1405AC_CHECK_FUNCS(utmpname) 1406dnl Checks for utmpx functions 1407AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1408AC_CHECK_FUNCS(setutxent utmpxname) 1409 1410AC_CHECK_FUNC(daemon, 1411 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1412 [AC_CHECK_LIB(bsd, daemon, 1413 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1414) 1415 1416AC_CHECK_FUNC(getpagesize, 1417 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1418 [Define if your libraries define getpagesize()])], 1419 [AC_CHECK_LIB(ucb, getpagesize, 1420 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1421) 1422 1423# Check for broken snprintf 1424if test "x$ac_cv_func_snprintf" = "xyes" ; then 1425 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1426 AC_RUN_IFELSE( 1427 [AC_LANG_SOURCE([[ 1428#include <stdio.h> 1429int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1430 ]])], 1431 [AC_MSG_RESULT(yes)], 1432 [ 1433 AC_MSG_RESULT(no) 1434 AC_DEFINE(BROKEN_SNPRINTF, 1, 1435 [Define if your snprintf is busted]) 1436 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1437 ], 1438 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1439 ) 1440fi 1441 1442# If we don't have a working asprintf, then we strongly depend on vsnprintf 1443# returning the right thing on overflow: the number of characters it tried to 1444# create (as per SUSv3) 1445if test "x$ac_cv_func_asprintf" != "xyes" && \ 1446 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1447 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1448 AC_RUN_IFELSE( 1449 [AC_LANG_SOURCE([[ 1450#include <sys/types.h> 1451#include <stdio.h> 1452#include <stdarg.h> 1453 1454int x_snprintf(char *str,size_t count,const char *fmt,...) 1455{ 1456 size_t ret; va_list ap; 1457 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1458 return ret; 1459} 1460int main(void) 1461{ 1462 char x[1]; 1463 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1464} ]])], 1465 [AC_MSG_RESULT(yes)], 1466 [ 1467 AC_MSG_RESULT(no) 1468 AC_DEFINE(BROKEN_SNPRINTF, 1, 1469 [Define if your snprintf is busted]) 1470 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1471 ], 1472 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1473 ) 1474fi 1475 1476# On systems where [v]snprintf is broken, but is declared in stdio, 1477# check that the fmt argument is const char * or just char *. 1478# This is only useful for when BROKEN_SNPRINTF 1479AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1480AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1481 int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1482 int main(void) { snprintf(0, 0, 0); } 1483 ]])], 1484 [AC_MSG_RESULT(yes) 1485 AC_DEFINE(SNPRINTF_CONST, [const], 1486 [Define as const if snprintf() can declare const char *fmt])], 1487 [AC_MSG_RESULT(no) 1488 AC_DEFINE(SNPRINTF_CONST, [/* not const */])]) 1489 1490# Check for missing getpeereid (or equiv) support 1491NO_PEERCHECK="" 1492if test "x$ac_cv_func_getpeereid" != "xyes" ; then 1493 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1494 AC_TRY_COMPILE( 1495 [#include <sys/types.h> 1496 #include <sys/socket.h>], 1497 [int i = SO_PEERCRED;], 1498 [ AC_MSG_RESULT(yes) 1499 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1500 ], 1501 [AC_MSG_RESULT(no) 1502 NO_PEERCHECK=1] 1503 ) 1504fi 1505 1506dnl see whether mkstemp() requires XXXXXX 1507if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1508AC_MSG_CHECKING([for (overly) strict mkstemp]) 1509AC_RUN_IFELSE( 1510 [AC_LANG_SOURCE([[ 1511#include <stdlib.h> 1512main() { char template[]="conftest.mkstemp-test"; 1513if (mkstemp(template) == -1) 1514 exit(1); 1515unlink(template); exit(0); 1516} 1517 ]])], 1518 [ 1519 AC_MSG_RESULT(no) 1520 ], 1521 [ 1522 AC_MSG_RESULT(yes) 1523 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1524 ], 1525 [ 1526 AC_MSG_RESULT(yes) 1527 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1528 ] 1529) 1530fi 1531 1532dnl make sure that openpty does not reacquire controlling terminal 1533if test ! -z "$check_for_openpty_ctty_bug"; then 1534 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1535 AC_RUN_IFELSE( 1536 [AC_LANG_SOURCE([[ 1537#include <stdio.h> 1538#include <sys/fcntl.h> 1539#include <sys/types.h> 1540#include <sys/wait.h> 1541 1542int 1543main() 1544{ 1545 pid_t pid; 1546 int fd, ptyfd, ttyfd, status; 1547 1548 pid = fork(); 1549 if (pid < 0) { /* failed */ 1550 exit(1); 1551 } else if (pid > 0) { /* parent */ 1552 waitpid(pid, &status, 0); 1553 if (WIFEXITED(status)) 1554 exit(WEXITSTATUS(status)); 1555 else 1556 exit(2); 1557 } else { /* child */ 1558 close(0); close(1); close(2); 1559 setsid(); 1560 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1561 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1562 if (fd >= 0) 1563 exit(3); /* Acquired ctty: broken */ 1564 else 1565 exit(0); /* Did not acquire ctty: OK */ 1566 } 1567} 1568 ]])], 1569 [ 1570 AC_MSG_RESULT(yes) 1571 ], 1572 [ 1573 AC_MSG_RESULT(no) 1574 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1575 ], 1576 [ 1577 AC_MSG_RESULT(cross-compiling, assuming yes) 1578 ] 1579 ) 1580fi 1581 1582if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1583 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1584 AC_MSG_CHECKING(if getaddrinfo seems to work) 1585 AC_RUN_IFELSE( 1586 [AC_LANG_SOURCE([[ 1587#include <stdio.h> 1588#include <sys/socket.h> 1589#include <netdb.h> 1590#include <errno.h> 1591#include <netinet/in.h> 1592 1593#define TEST_PORT "2222" 1594 1595int 1596main(void) 1597{ 1598 int err, sock; 1599 struct addrinfo *gai_ai, *ai, hints; 1600 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1601 1602 memset(&hints, 0, sizeof(hints)); 1603 hints.ai_family = PF_UNSPEC; 1604 hints.ai_socktype = SOCK_STREAM; 1605 hints.ai_flags = AI_PASSIVE; 1606 1607 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1608 if (err != 0) { 1609 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1610 exit(1); 1611 } 1612 1613 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1614 if (ai->ai_family != AF_INET6) 1615 continue; 1616 1617 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1618 sizeof(ntop), strport, sizeof(strport), 1619 NI_NUMERICHOST|NI_NUMERICSERV); 1620 1621 if (err != 0) { 1622 if (err == EAI_SYSTEM) 1623 perror("getnameinfo EAI_SYSTEM"); 1624 else 1625 fprintf(stderr, "getnameinfo failed: %s\n", 1626 gai_strerror(err)); 1627 exit(2); 1628 } 1629 1630 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1631 if (sock < 0) 1632 perror("socket"); 1633 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1634 if (errno == EBADF) 1635 exit(3); 1636 } 1637 } 1638 exit(0); 1639} 1640 ]])], 1641 [ 1642 AC_MSG_RESULT(yes) 1643 ], 1644 [ 1645 AC_MSG_RESULT(no) 1646 AC_DEFINE(BROKEN_GETADDRINFO) 1647 ], 1648 [ 1649 AC_MSG_RESULT(cross-compiling, assuming yes) 1650 ] 1651 ) 1652fi 1653 1654if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1655 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1656 AC_MSG_CHECKING(if getaddrinfo seems to work) 1657 AC_RUN_IFELSE( 1658 [AC_LANG_SOURCE([[ 1659#include <stdio.h> 1660#include <sys/socket.h> 1661#include <netdb.h> 1662#include <errno.h> 1663#include <netinet/in.h> 1664 1665#define TEST_PORT "2222" 1666 1667int 1668main(void) 1669{ 1670 int err, sock; 1671 struct addrinfo *gai_ai, *ai, hints; 1672 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1673 1674 memset(&hints, 0, sizeof(hints)); 1675 hints.ai_family = PF_UNSPEC; 1676 hints.ai_socktype = SOCK_STREAM; 1677 hints.ai_flags = AI_PASSIVE; 1678 1679 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1680 if (err != 0) { 1681 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1682 exit(1); 1683 } 1684 1685 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1686 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1687 continue; 1688 1689 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1690 sizeof(ntop), strport, sizeof(strport), 1691 NI_NUMERICHOST|NI_NUMERICSERV); 1692 1693 if (ai->ai_family == AF_INET && err != 0) { 1694 perror("getnameinfo"); 1695 exit(2); 1696 } 1697 } 1698 exit(0); 1699} 1700 ]])], 1701 [ 1702 AC_MSG_RESULT(yes) 1703 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1704 [Define if you have a getaddrinfo that fails 1705 for the all-zeros IPv6 address]) 1706 ], 1707 [ 1708 AC_MSG_RESULT(no) 1709 AC_DEFINE(BROKEN_GETADDRINFO) 1710 ], 1711 [ 1712 AC_MSG_RESULT(cross-compiling, assuming no) 1713 ] 1714 ) 1715fi 1716 1717if test "x$check_for_conflicting_getspnam" = "x1"; then 1718 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1719 AC_COMPILE_IFELSE( 1720 [ 1721#include <shadow.h> 1722int main(void) {exit(0);} 1723 ], 1724 [ 1725 AC_MSG_RESULT(no) 1726 ], 1727 [ 1728 AC_MSG_RESULT(yes) 1729 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1730 [Conflicting defs for getspnam]) 1731 ] 1732 ) 1733fi 1734 1735AC_FUNC_GETPGRP 1736 1737# Search for OpenSSL 1738saved_CPPFLAGS="$CPPFLAGS" 1739saved_LDFLAGS="$LDFLAGS" 1740AC_ARG_WITH(ssl-dir, 1741 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1742 [ 1743 if test "x$withval" != "xno" ; then 1744 case "$withval" in 1745 # Relative paths 1746 ./*|../*) withval="`pwd`/$withval" 1747 esac 1748 if test -d "$withval/lib"; then 1749 if test -n "${need_dash_r}"; then 1750 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1751 else 1752 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1753 fi 1754 else 1755 if test -n "${need_dash_r}"; then 1756 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1757 else 1758 LDFLAGS="-L${withval} ${LDFLAGS}" 1759 fi 1760 fi 1761 if test -d "$withval/include"; then 1762 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1763 else 1764 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1765 fi 1766 fi 1767 ] 1768) 1769LIBS="-lcrypto $LIBS" 1770AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 1771 [Define if your ssl headers are included 1772 with #include <openssl/header.h>]), 1773 [ 1774 dnl Check default openssl install dir 1775 if test -n "${need_dash_r}"; then 1776 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1777 else 1778 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1779 fi 1780 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1781 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1782 [ 1783 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1784 ] 1785 ) 1786 ] 1787) 1788 1789# Determine OpenSSL header version 1790AC_MSG_CHECKING([OpenSSL header version]) 1791AC_RUN_IFELSE( 1792 [AC_LANG_SOURCE([[ 1793#include <stdio.h> 1794#include <string.h> 1795#include <openssl/opensslv.h> 1796#define DATA "conftest.sslincver" 1797int main(void) { 1798 FILE *fd; 1799 int rc; 1800 1801 fd = fopen(DATA,"w"); 1802 if(fd == NULL) 1803 exit(1); 1804 1805 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1806 exit(1); 1807 1808 exit(0); 1809} 1810 ]])], 1811 [ 1812 ssl_header_ver=`cat conftest.sslincver` 1813 AC_MSG_RESULT($ssl_header_ver) 1814 ], 1815 [ 1816 AC_MSG_RESULT(not found) 1817 AC_MSG_ERROR(OpenSSL version header not found.) 1818 ], 1819 [ 1820 AC_MSG_WARN([cross compiling: not checking]) 1821 ] 1822) 1823 1824# Determine OpenSSL library version 1825AC_MSG_CHECKING([OpenSSL library version]) 1826AC_RUN_IFELSE( 1827 [AC_LANG_SOURCE([[ 1828#include <stdio.h> 1829#include <string.h> 1830#include <openssl/opensslv.h> 1831#include <openssl/crypto.h> 1832#define DATA "conftest.ssllibver" 1833int main(void) { 1834 FILE *fd; 1835 int rc; 1836 1837 fd = fopen(DATA,"w"); 1838 if(fd == NULL) 1839 exit(1); 1840 1841 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1842 exit(1); 1843 1844 exit(0); 1845} 1846 ]])], 1847 [ 1848 ssl_library_ver=`cat conftest.ssllibver` 1849 AC_MSG_RESULT($ssl_library_ver) 1850 ], 1851 [ 1852 AC_MSG_RESULT(not found) 1853 AC_MSG_ERROR(OpenSSL library not found.) 1854 ], 1855 [ 1856 AC_MSG_WARN([cross compiling: not checking]) 1857 ] 1858) 1859 1860# Sanity check OpenSSL headers 1861AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1862AC_RUN_IFELSE( 1863 [AC_LANG_SOURCE([[ 1864#include <string.h> 1865#include <openssl/opensslv.h> 1866int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1867 ]])], 1868 [ 1869 AC_MSG_RESULT(yes) 1870 ], 1871 [ 1872 AC_MSG_RESULT(no) 1873 AC_MSG_ERROR([Your OpenSSL headers do not match your library. 1874Check config.log for details. 1875Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1876 ], 1877 [ 1878 AC_MSG_WARN([cross compiling: not checking]) 1879 ] 1880) 1881 1882AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 1883AC_LINK_IFELSE( 1884 [AC_LANG_SOURCE([[ 1885#include <openssl/evp.h> 1886int main(void) { SSLeay_add_all_algorithms(); } 1887 ]])], 1888 [ 1889 AC_MSG_RESULT(yes) 1890 ], 1891 [ 1892 AC_MSG_RESULT(no) 1893 saved_LIBS="$LIBS" 1894 LIBS="$LIBS -ldl" 1895 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 1896 AC_LINK_IFELSE( 1897 [AC_LANG_SOURCE([[ 1898#include <openssl/evp.h> 1899int main(void) { SSLeay_add_all_algorithms(); } 1900 ]])], 1901 [ 1902 AC_MSG_RESULT(yes) 1903 ], 1904 [ 1905 AC_MSG_RESULT(no) 1906 LIBS="$saved_LIBS" 1907 ] 1908 ) 1909 ] 1910) 1911 1912AC_ARG_WITH(ssl-engine, 1913 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 1914 [ if test "x$withval" != "xno" ; then 1915 AC_MSG_CHECKING(for OpenSSL ENGINE support) 1916 AC_TRY_COMPILE( 1917 [ #include <openssl/engine.h>], 1918 [ 1919ENGINE_load_builtin_engines();ENGINE_register_all_complete(); 1920 ], 1921 [ AC_MSG_RESULT(yes) 1922 AC_DEFINE(USE_OPENSSL_ENGINE, 1, 1923 [Enable OpenSSL engine support]) 1924 ], 1925 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] 1926 ) 1927 fi ] 1928) 1929 1930# Check for OpenSSL without EVP_aes_{192,256}_cbc 1931AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 1932AC_LINK_IFELSE( 1933 [AC_LANG_SOURCE([[ 1934#include <string.h> 1935#include <openssl/evp.h> 1936int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);} 1937 ]])], 1938 [ 1939 AC_MSG_RESULT(no) 1940 ], 1941 [ 1942 AC_MSG_RESULT(yes) 1943 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 1944 [libcrypto is missing AES 192 and 256 bit functions]) 1945 ] 1946) 1947 1948# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 1949# because the system crypt() is more featureful. 1950if test "x$check_for_libcrypt_before" = "x1"; then 1951 AC_CHECK_LIB(crypt, crypt) 1952fi 1953 1954# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1955# version in OpenSSL. 1956if test "x$check_for_libcrypt_later" = "x1"; then 1957 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1958fi 1959 1960# Search for SHA256 support in libc and/or OpenSSL 1961AC_CHECK_FUNCS(SHA256_Update EVP_sha256) 1962 1963AC_CHECK_LIB(iaf, ia_openinfo) 1964 1965### Configure cryptographic random number support 1966 1967# Check wheter OpenSSL seeds itself 1968AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 1969AC_RUN_IFELSE( 1970 [AC_LANG_SOURCE([[ 1971#include <string.h> 1972#include <openssl/rand.h> 1973int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 1974 ]])], 1975 [ 1976 OPENSSL_SEEDS_ITSELF=yes 1977 AC_MSG_RESULT(yes) 1978 ], 1979 [ 1980 AC_MSG_RESULT(no) 1981 # Default to use of the rand helper if OpenSSL doesn't 1982 # seed itself 1983 USE_RAND_HELPER=yes 1984 ], 1985 [ 1986 AC_MSG_WARN([cross compiling: assuming yes]) 1987 # This is safe, since all recent OpenSSL versions will 1988 # complain at runtime if not seeded correctly. 1989 OPENSSL_SEEDS_ITSELF=yes 1990 ] 1991) 1992 1993# Check for PAM libs 1994PAM_MSG="no" 1995AC_ARG_WITH(pam, 1996 [ --with-pam Enable PAM support ], 1997 [ 1998 if test "x$withval" != "xno" ; then 1999 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2000 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2001 AC_MSG_ERROR([PAM headers not found]) 2002 fi 2003 2004 saved_LIBS="$LIBS" 2005 AC_CHECK_LIB(dl, dlopen, , ) 2006 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 2007 AC_CHECK_FUNCS(pam_getenvlist) 2008 AC_CHECK_FUNCS(pam_putenv) 2009 LIBS="$saved_LIBS" 2010 2011 PAM_MSG="yes" 2012 2013 LIBPAM="-lpam" 2014 AC_DEFINE(USE_PAM, 1, 2015 [Define if you want to enable PAM support]) 2016 2017 if test $ac_cv_lib_dl_dlopen = yes; then 2018 case "$LIBS" in 2019 *-ldl*) 2020 # libdl already in LIBS 2021 ;; 2022 *) 2023 LIBPAM="$LIBPAM -ldl" 2024 ;; 2025 esac 2026 fi 2027 AC_SUBST(LIBPAM) 2028 fi 2029 ] 2030) 2031 2032# Check for older PAM 2033if test "x$PAM_MSG" = "xyes" ; then 2034 # Check PAM strerror arguments (old PAM) 2035 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2036 AC_TRY_COMPILE( 2037 [ 2038#include <stdlib.h> 2039#if defined(HAVE_SECURITY_PAM_APPL_H) 2040#include <security/pam_appl.h> 2041#elif defined (HAVE_PAM_PAM_APPL_H) 2042#include <pam/pam_appl.h> 2043#endif 2044 ], 2045 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 2046 [AC_MSG_RESULT(no)], 2047 [ 2048 AC_DEFINE(HAVE_OLD_PAM, 1, 2049 [Define if you have an old version of PAM 2050 which takes only one argument to pam_strerror]) 2051 AC_MSG_RESULT(yes) 2052 PAM_MSG="yes (old library)" 2053 ] 2054 ) 2055fi 2056 2057# Do we want to force the use of the rand helper? 2058AC_ARG_WITH(rand-helper, 2059 [ --with-rand-helper Use subprocess to gather strong randomness ], 2060 [ 2061 if test "x$withval" = "xno" ; then 2062 # Force use of OpenSSL's internal RNG, even if 2063 # the previous test showed it to be unseeded. 2064 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 2065 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 2066 OPENSSL_SEEDS_ITSELF=yes 2067 USE_RAND_HELPER="" 2068 fi 2069 else 2070 USE_RAND_HELPER=yes 2071 fi 2072 ], 2073) 2074 2075# Which randomness source do we use? 2076if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 2077 # OpenSSL only 2078 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 2079 [Define if you want OpenSSL's internally seeded PRNG only]) 2080 RAND_MSG="OpenSSL internal ONLY" 2081 INSTALL_SSH_RAND_HELPER="" 2082elif test ! -z "$USE_RAND_HELPER" ; then 2083 # install rand helper 2084 RAND_MSG="ssh-rand-helper" 2085 INSTALL_SSH_RAND_HELPER="yes" 2086fi 2087AC_SUBST(INSTALL_SSH_RAND_HELPER) 2088 2089### Configuration of ssh-rand-helper 2090 2091# PRNGD TCP socket 2092AC_ARG_WITH(prngd-port, 2093 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2094 [ 2095 case "$withval" in 2096 no) 2097 withval="" 2098 ;; 2099 [[0-9]]*) 2100 ;; 2101 *) 2102 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 2103 ;; 2104 esac 2105 if test ! -z "$withval" ; then 2106 PRNGD_PORT="$withval" 2107 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 2108 [Port number of PRNGD/EGD random number socket]) 2109 fi 2110 ] 2111) 2112 2113# PRNGD Unix domain socket 2114AC_ARG_WITH(prngd-socket, 2115 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2116 [ 2117 case "$withval" in 2118 yes) 2119 withval="/var/run/egd-pool" 2120 ;; 2121 no) 2122 withval="" 2123 ;; 2124 /*) 2125 ;; 2126 *) 2127 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 2128 ;; 2129 esac 2130 2131 if test ! -z "$withval" ; then 2132 if test ! -z "$PRNGD_PORT" ; then 2133 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2134 fi 2135 if test ! -r "$withval" ; then 2136 AC_MSG_WARN(Entropy socket is not readable) 2137 fi 2138 PRNGD_SOCKET="$withval" 2139 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2140 [Location of PRNGD/EGD random number socket]) 2141 fi 2142 ], 2143 [ 2144 # Check for existing socket only if we don't have a random device already 2145 if test "$USE_RAND_HELPER" = yes ; then 2146 AC_MSG_CHECKING(for PRNGD/EGD socket) 2147 # Insert other locations here 2148 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2149 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2150 PRNGD_SOCKET="$sock" 2151 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2152 break; 2153 fi 2154 done 2155 if test ! -z "$PRNGD_SOCKET" ; then 2156 AC_MSG_RESULT($PRNGD_SOCKET) 2157 else 2158 AC_MSG_RESULT(not found) 2159 fi 2160 fi 2161 ] 2162) 2163 2164# Change default command timeout for hashing entropy source 2165entropy_timeout=200 2166AC_ARG_WITH(entropy-timeout, 2167 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2168 [ 2169 if test -n "$withval" && test "x$withval" != "xno" && \ 2170 test "x${withval}" != "xyes"; then 2171 entropy_timeout=$withval 2172 fi 2173 ] 2174) 2175AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2176 [Builtin PRNG command timeout]) 2177 2178SSH_PRIVSEP_USER=sshd 2179AC_ARG_WITH(privsep-user, 2180 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2181 [ 2182 if test -n "$withval" && test "x$withval" != "xno" && \ 2183 test "x${withval}" != "xyes"; then 2184 SSH_PRIVSEP_USER=$withval 2185 fi 2186 ] 2187) 2188AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2189 [non-privileged user for privilege separation]) 2190AC_SUBST(SSH_PRIVSEP_USER) 2191 2192# We do this little dance with the search path to insure 2193# that programs that we select for use by installed programs 2194# (which may be run by the super-user) come from trusted 2195# locations before they come from the user's private area. 2196# This should help avoid accidentally configuring some 2197# random version of a program in someone's personal bin. 2198 2199OPATH=$PATH 2200PATH=/bin:/usr/bin 2201test -h /bin 2> /dev/null && PATH=/usr/bin 2202test -d /sbin && PATH=$PATH:/sbin 2203test -d /usr/sbin && PATH=$PATH:/usr/sbin 2204PATH=$PATH:/etc:$OPATH 2205 2206# These programs are used by the command hashing source to gather entropy 2207OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2208OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2209OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2210OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2211OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2212OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2213OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2214OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2215OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2216OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2217OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2218OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2219OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2220OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2221OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2222OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2223# restore PATH 2224PATH=$OPATH 2225 2226# Where does ssh-rand-helper get its randomness from? 2227INSTALL_SSH_PRNG_CMDS="" 2228if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2229 if test ! -z "$PRNGD_PORT" ; then 2230 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2231 elif test ! -z "$PRNGD_SOCKET" ; then 2232 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2233 else 2234 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2235 RAND_HELPER_CMDHASH=yes 2236 INSTALL_SSH_PRNG_CMDS="yes" 2237 fi 2238fi 2239AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2240 2241 2242# Cheap hack to ensure NEWS-OS libraries are arranged right. 2243if test ! -z "$SONY" ; then 2244 LIBS="$LIBS -liberty"; 2245fi 2246 2247# Check for long long datatypes 2248AC_CHECK_TYPES([long long, unsigned long long, long double]) 2249 2250# Check datatype sizes 2251AC_CHECK_SIZEOF(char, 1) 2252AC_CHECK_SIZEOF(short int, 2) 2253AC_CHECK_SIZEOF(int, 4) 2254AC_CHECK_SIZEOF(long int, 4) 2255AC_CHECK_SIZEOF(long long int, 8) 2256 2257# Sanity check long long for some platforms (AIX) 2258if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2259 ac_cv_sizeof_long_long_int=0 2260fi 2261 2262# compute LLONG_MIN and LLONG_MAX if we don't know them. 2263if test -z "$have_llong_max"; then 2264 AC_MSG_CHECKING([for max value of long long]) 2265 AC_RUN_IFELSE( 2266 [AC_LANG_SOURCE([[ 2267#include <stdio.h> 2268/* Why is this so damn hard? */ 2269#ifdef __GNUC__ 2270# undef __GNUC__ 2271#endif 2272#define __USE_ISOC99 2273#include <limits.h> 2274#define DATA "conftest.llminmax" 2275#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) 2276 2277/* 2278 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2279 * we do this the hard way. 2280 */ 2281static int 2282fprint_ll(FILE *f, long long n) 2283{ 2284 unsigned int i; 2285 int l[sizeof(long long) * 8]; 2286 2287 if (n < 0) 2288 if (fprintf(f, "-") < 0) 2289 return -1; 2290 for (i = 0; n != 0; i++) { 2291 l[i] = my_abs(n % 10); 2292 n /= 10; 2293 } 2294 do { 2295 if (fprintf(f, "%d", l[--i]) < 0) 2296 return -1; 2297 } while (i != 0); 2298 if (fprintf(f, " ") < 0) 2299 return -1; 2300 return 0; 2301} 2302 2303int main(void) { 2304 FILE *f; 2305 long long i, llmin, llmax = 0; 2306 2307 if((f = fopen(DATA,"w")) == NULL) 2308 exit(1); 2309 2310#if defined(LLONG_MIN) && defined(LLONG_MAX) 2311 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2312 llmin = LLONG_MIN; 2313 llmax = LLONG_MAX; 2314#else 2315 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2316 /* This will work on one's complement and two's complement */ 2317 for (i = 1; i > llmax; i <<= 1, i++) 2318 llmax = i; 2319 llmin = llmax + 1LL; /* wrap */ 2320#endif 2321 2322 /* Sanity check */ 2323 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2324 || llmax - 1 > llmax || llmin == llmax || llmin == 0 2325 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { 2326 fprintf(f, "unknown unknown\n"); 2327 exit(2); 2328 } 2329 2330 if (fprint_ll(f, llmin) < 0) 2331 exit(3); 2332 if (fprint_ll(f, llmax) < 0) 2333 exit(4); 2334 if (fclose(f) < 0) 2335 exit(5); 2336 exit(0); 2337} 2338 ]])], 2339 [ 2340 llong_min=`$AWK '{print $1}' conftest.llminmax` 2341 llong_max=`$AWK '{print $2}' conftest.llminmax` 2342 2343 AC_MSG_RESULT($llong_max) 2344 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2345 [max value of long long calculated by configure]) 2346 AC_MSG_CHECKING([for min value of long long]) 2347 AC_MSG_RESULT($llong_min) 2348 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2349 [min value of long long calculated by configure]) 2350 ], 2351 [ 2352 AC_MSG_RESULT(not found) 2353 ], 2354 [ 2355 AC_MSG_WARN([cross compiling: not checking]) 2356 ] 2357 ) 2358fi 2359 2360 2361# More checks for data types 2362AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2363 AC_TRY_COMPILE( 2364 [ #include <sys/types.h> ], 2365 [ u_int a; a = 1;], 2366 [ ac_cv_have_u_int="yes" ], 2367 [ ac_cv_have_u_int="no" ] 2368 ) 2369]) 2370if test "x$ac_cv_have_u_int" = "xyes" ; then 2371 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2372 have_u_int=1 2373fi 2374 2375AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2376 AC_TRY_COMPILE( 2377 [ #include <sys/types.h> ], 2378 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2379 [ ac_cv_have_intxx_t="yes" ], 2380 [ ac_cv_have_intxx_t="no" ] 2381 ) 2382]) 2383if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2384 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2385 have_intxx_t=1 2386fi 2387 2388if (test -z "$have_intxx_t" && \ 2389 test "x$ac_cv_header_stdint_h" = "xyes") 2390then 2391 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2392 AC_TRY_COMPILE( 2393 [ #include <stdint.h> ], 2394 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2395 [ 2396 AC_DEFINE(HAVE_INTXX_T) 2397 AC_MSG_RESULT(yes) 2398 ], 2399 [ AC_MSG_RESULT(no) ] 2400 ) 2401fi 2402 2403AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2404 AC_TRY_COMPILE( 2405 [ 2406#include <sys/types.h> 2407#ifdef HAVE_STDINT_H 2408# include <stdint.h> 2409#endif 2410#include <sys/socket.h> 2411#ifdef HAVE_SYS_BITYPES_H 2412# include <sys/bitypes.h> 2413#endif 2414 ], 2415 [ int64_t a; a = 1;], 2416 [ ac_cv_have_int64_t="yes" ], 2417 [ ac_cv_have_int64_t="no" ] 2418 ) 2419]) 2420if test "x$ac_cv_have_int64_t" = "xyes" ; then 2421 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2422fi 2423 2424AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2425 AC_TRY_COMPILE( 2426 [ #include <sys/types.h> ], 2427 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2428 [ ac_cv_have_u_intxx_t="yes" ], 2429 [ ac_cv_have_u_intxx_t="no" ] 2430 ) 2431]) 2432if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2433 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2434 have_u_intxx_t=1 2435fi 2436 2437if test -z "$have_u_intxx_t" ; then 2438 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2439 AC_TRY_COMPILE( 2440 [ #include <sys/socket.h> ], 2441 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2442 [ 2443 AC_DEFINE(HAVE_U_INTXX_T) 2444 AC_MSG_RESULT(yes) 2445 ], 2446 [ AC_MSG_RESULT(no) ] 2447 ) 2448fi 2449 2450AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2451 AC_TRY_COMPILE( 2452 [ #include <sys/types.h> ], 2453 [ u_int64_t a; a = 1;], 2454 [ ac_cv_have_u_int64_t="yes" ], 2455 [ ac_cv_have_u_int64_t="no" ] 2456 ) 2457]) 2458if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2459 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2460 have_u_int64_t=1 2461fi 2462 2463if test -z "$have_u_int64_t" ; then 2464 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2465 AC_TRY_COMPILE( 2466 [ #include <sys/bitypes.h> ], 2467 [ u_int64_t a; a = 1], 2468 [ 2469 AC_DEFINE(HAVE_U_INT64_T) 2470 AC_MSG_RESULT(yes) 2471 ], 2472 [ AC_MSG_RESULT(no) ] 2473 ) 2474fi 2475 2476if test -z "$have_u_intxx_t" ; then 2477 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2478 AC_TRY_COMPILE( 2479 [ 2480#include <sys/types.h> 2481 ], 2482 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2483 [ ac_cv_have_uintxx_t="yes" ], 2484 [ ac_cv_have_uintxx_t="no" ] 2485 ) 2486 ]) 2487 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2488 AC_DEFINE(HAVE_UINTXX_T, 1, 2489 [define if you have uintxx_t data type]) 2490 fi 2491fi 2492 2493if test -z "$have_uintxx_t" ; then 2494 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2495 AC_TRY_COMPILE( 2496 [ #include <stdint.h> ], 2497 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2498 [ 2499 AC_DEFINE(HAVE_UINTXX_T) 2500 AC_MSG_RESULT(yes) 2501 ], 2502 [ AC_MSG_RESULT(no) ] 2503 ) 2504fi 2505 2506if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2507 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2508then 2509 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2510 AC_TRY_COMPILE( 2511 [ 2512#include <sys/bitypes.h> 2513 ], 2514 [ 2515 int8_t a; int16_t b; int32_t c; 2516 u_int8_t e; u_int16_t f; u_int32_t g; 2517 a = b = c = e = f = g = 1; 2518 ], 2519 [ 2520 AC_DEFINE(HAVE_U_INTXX_T) 2521 AC_DEFINE(HAVE_INTXX_T) 2522 AC_MSG_RESULT(yes) 2523 ], 2524 [AC_MSG_RESULT(no)] 2525 ) 2526fi 2527 2528 2529AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2530 AC_TRY_COMPILE( 2531 [ 2532#include <sys/types.h> 2533 ], 2534 [ u_char foo; foo = 125; ], 2535 [ ac_cv_have_u_char="yes" ], 2536 [ ac_cv_have_u_char="no" ] 2537 ) 2538]) 2539if test "x$ac_cv_have_u_char" = "xyes" ; then 2540 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2541fi 2542 2543TYPE_SOCKLEN_T 2544 2545AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2546 2547AC_CHECK_TYPES(in_addr_t,,, 2548[#include <sys/types.h> 2549#include <netinet/in.h>]) 2550 2551AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2552 AC_TRY_COMPILE( 2553 [ 2554#include <sys/types.h> 2555 ], 2556 [ size_t foo; foo = 1235; ], 2557 [ ac_cv_have_size_t="yes" ], 2558 [ ac_cv_have_size_t="no" ] 2559 ) 2560]) 2561if test "x$ac_cv_have_size_t" = "xyes" ; then 2562 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2563fi 2564 2565AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2566 AC_TRY_COMPILE( 2567 [ 2568#include <sys/types.h> 2569 ], 2570 [ ssize_t foo; foo = 1235; ], 2571 [ ac_cv_have_ssize_t="yes" ], 2572 [ ac_cv_have_ssize_t="no" ] 2573 ) 2574]) 2575if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2576 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2577fi 2578 2579AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2580 AC_TRY_COMPILE( 2581 [ 2582#include <time.h> 2583 ], 2584 [ clock_t foo; foo = 1235; ], 2585 [ ac_cv_have_clock_t="yes" ], 2586 [ ac_cv_have_clock_t="no" ] 2587 ) 2588]) 2589if test "x$ac_cv_have_clock_t" = "xyes" ; then 2590 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2591fi 2592 2593AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2594 AC_TRY_COMPILE( 2595 [ 2596#include <sys/types.h> 2597#include <sys/socket.h> 2598 ], 2599 [ sa_family_t foo; foo = 1235; ], 2600 [ ac_cv_have_sa_family_t="yes" ], 2601 [ AC_TRY_COMPILE( 2602 [ 2603#include <sys/types.h> 2604#include <sys/socket.h> 2605#include <netinet/in.h> 2606 ], 2607 [ sa_family_t foo; foo = 1235; ], 2608 [ ac_cv_have_sa_family_t="yes" ], 2609 2610 [ ac_cv_have_sa_family_t="no" ] 2611 )] 2612 ) 2613]) 2614if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2615 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2616 [define if you have sa_family_t data type]) 2617fi 2618 2619AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2620 AC_TRY_COMPILE( 2621 [ 2622#include <sys/types.h> 2623 ], 2624 [ pid_t foo; foo = 1235; ], 2625 [ ac_cv_have_pid_t="yes" ], 2626 [ ac_cv_have_pid_t="no" ] 2627 ) 2628]) 2629if test "x$ac_cv_have_pid_t" = "xyes" ; then 2630 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2631fi 2632 2633AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2634 AC_TRY_COMPILE( 2635 [ 2636#include <sys/types.h> 2637 ], 2638 [ mode_t foo; foo = 1235; ], 2639 [ ac_cv_have_mode_t="yes" ], 2640 [ ac_cv_have_mode_t="no" ] 2641 ) 2642]) 2643if test "x$ac_cv_have_mode_t" = "xyes" ; then 2644 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2645fi 2646 2647 2648AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2649 AC_TRY_COMPILE( 2650 [ 2651#include <sys/types.h> 2652#include <sys/socket.h> 2653 ], 2654 [ struct sockaddr_storage s; ], 2655 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2656 [ ac_cv_have_struct_sockaddr_storage="no" ] 2657 ) 2658]) 2659if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2660 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 2661 [define if you have struct sockaddr_storage data type]) 2662fi 2663 2664AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2665 AC_TRY_COMPILE( 2666 [ 2667#include <sys/types.h> 2668#include <netinet/in.h> 2669 ], 2670 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2671 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2672 [ ac_cv_have_struct_sockaddr_in6="no" ] 2673 ) 2674]) 2675if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2676 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 2677 [define if you have struct sockaddr_in6 data type]) 2678fi 2679 2680AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2681 AC_TRY_COMPILE( 2682 [ 2683#include <sys/types.h> 2684#include <netinet/in.h> 2685 ], 2686 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2687 [ ac_cv_have_struct_in6_addr="yes" ], 2688 [ ac_cv_have_struct_in6_addr="no" ] 2689 ) 2690]) 2691if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2692 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 2693 [define if you have struct in6_addr data type]) 2694fi 2695 2696AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2697 AC_TRY_COMPILE( 2698 [ 2699#include <sys/types.h> 2700#include <sys/socket.h> 2701#include <netdb.h> 2702 ], 2703 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2704 [ ac_cv_have_struct_addrinfo="yes" ], 2705 [ ac_cv_have_struct_addrinfo="no" ] 2706 ) 2707]) 2708if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2709 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 2710 [define if you have struct addrinfo data type]) 2711fi 2712 2713AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2714 AC_TRY_COMPILE( 2715 [ #include <sys/time.h> ], 2716 [ struct timeval tv; tv.tv_sec = 1;], 2717 [ ac_cv_have_struct_timeval="yes" ], 2718 [ ac_cv_have_struct_timeval="no" ] 2719 ) 2720]) 2721if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2722 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 2723 have_struct_timeval=1 2724fi 2725 2726AC_CHECK_TYPES(struct timespec) 2727 2728# We need int64_t or else certian parts of the compile will fail. 2729if test "x$ac_cv_have_int64_t" = "xno" && \ 2730 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2731 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2732 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2733 echo "an alternative compiler (I.E., GCC) before continuing." 2734 echo "" 2735 exit 1; 2736else 2737dnl test snprintf (broken on SCO w/gcc) 2738 AC_RUN_IFELSE( 2739 [AC_LANG_SOURCE([[ 2740#include <stdio.h> 2741#include <string.h> 2742#ifdef HAVE_SNPRINTF 2743main() 2744{ 2745 char buf[50]; 2746 char expected_out[50]; 2747 int mazsize = 50 ; 2748#if (SIZEOF_LONG_INT == 8) 2749 long int num = 0x7fffffffffffffff; 2750#else 2751 long long num = 0x7fffffffffffffffll; 2752#endif 2753 strcpy(expected_out, "9223372036854775807"); 2754 snprintf(buf, mazsize, "%lld", num); 2755 if(strcmp(buf, expected_out) != 0) 2756 exit(1); 2757 exit(0); 2758} 2759#else 2760main() { exit(0); } 2761#endif 2762 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2763 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2764 ) 2765fi 2766 2767dnl Checks for structure members 2768OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2769OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2770OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2771OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2772OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2773OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2774OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2775OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2776OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2777OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2778OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2779OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2780OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2781OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2782OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2783OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2784OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2785 2786AC_CHECK_MEMBERS([struct stat.st_blksize]) 2787AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 2788 [Define if we don't have struct __res_state in resolv.h])], 2789[ 2790#include <stdio.h> 2791#if HAVE_SYS_TYPES_H 2792# include <sys/types.h> 2793#endif 2794#include <netinet/in.h> 2795#include <arpa/nameser.h> 2796#include <resolv.h> 2797]) 2798 2799AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2800 ac_cv_have_ss_family_in_struct_ss, [ 2801 AC_TRY_COMPILE( 2802 [ 2803#include <sys/types.h> 2804#include <sys/socket.h> 2805 ], 2806 [ struct sockaddr_storage s; s.ss_family = 1; ], 2807 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2808 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2809 ) 2810]) 2811if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2812 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 2813fi 2814 2815AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2816 ac_cv_have___ss_family_in_struct_ss, [ 2817 AC_TRY_COMPILE( 2818 [ 2819#include <sys/types.h> 2820#include <sys/socket.h> 2821 ], 2822 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2823 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2824 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2825 ) 2826]) 2827if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2828 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 2829 [Fields in struct sockaddr_storage]) 2830fi 2831 2832AC_CACHE_CHECK([for pw_class field in struct passwd], 2833 ac_cv_have_pw_class_in_struct_passwd, [ 2834 AC_TRY_COMPILE( 2835 [ 2836#include <pwd.h> 2837 ], 2838 [ struct passwd p; p.pw_class = 0; ], 2839 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2840 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 2841 ) 2842]) 2843if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 2844 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 2845 [Define if your password has a pw_class field]) 2846fi 2847 2848AC_CACHE_CHECK([for pw_expire field in struct passwd], 2849 ac_cv_have_pw_expire_in_struct_passwd, [ 2850 AC_TRY_COMPILE( 2851 [ 2852#include <pwd.h> 2853 ], 2854 [ struct passwd p; p.pw_expire = 0; ], 2855 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 2856 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 2857 ) 2858]) 2859if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 2860 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 2861 [Define if your password has a pw_expire field]) 2862fi 2863 2864AC_CACHE_CHECK([for pw_change field in struct passwd], 2865 ac_cv_have_pw_change_in_struct_passwd, [ 2866 AC_TRY_COMPILE( 2867 [ 2868#include <pwd.h> 2869 ], 2870 [ struct passwd p; p.pw_change = 0; ], 2871 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 2872 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 2873 ) 2874]) 2875if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 2876 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 2877 [Define if your password has a pw_change field]) 2878fi 2879 2880dnl make sure we're using the real structure members and not defines 2881AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 2882 ac_cv_have_accrights_in_msghdr, [ 2883 AC_COMPILE_IFELSE( 2884 [ 2885#include <sys/types.h> 2886#include <sys/socket.h> 2887#include <sys/uio.h> 2888int main() { 2889#ifdef msg_accrights 2890#error "msg_accrights is a macro" 2891exit(1); 2892#endif 2893struct msghdr m; 2894m.msg_accrights = 0; 2895exit(0); 2896} 2897 ], 2898 [ ac_cv_have_accrights_in_msghdr="yes" ], 2899 [ ac_cv_have_accrights_in_msghdr="no" ] 2900 ) 2901]) 2902if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 2903 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 2904 [Define if your system uses access rights style 2905 file descriptor passing]) 2906fi 2907 2908AC_CACHE_CHECK([for msg_control field in struct msghdr], 2909 ac_cv_have_control_in_msghdr, [ 2910 AC_COMPILE_IFELSE( 2911 [ 2912#include <sys/types.h> 2913#include <sys/socket.h> 2914#include <sys/uio.h> 2915int main() { 2916#ifdef msg_control 2917#error "msg_control is a macro" 2918exit(1); 2919#endif 2920struct msghdr m; 2921m.msg_control = 0; 2922exit(0); 2923} 2924 ], 2925 [ ac_cv_have_control_in_msghdr="yes" ], 2926 [ ac_cv_have_control_in_msghdr="no" ] 2927 ) 2928]) 2929if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 2930 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 2931 [Define if your system uses ancillary data style 2932 file descriptor passing]) 2933fi 2934 2935AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 2936 AC_TRY_LINK([], 2937 [ extern char *__progname; printf("%s", __progname); ], 2938 [ ac_cv_libc_defines___progname="yes" ], 2939 [ ac_cv_libc_defines___progname="no" ] 2940 ) 2941]) 2942if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 2943 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 2944fi 2945 2946AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 2947 AC_TRY_LINK([ 2948#include <stdio.h> 2949], 2950 [ printf("%s", __FUNCTION__); ], 2951 [ ac_cv_cc_implements___FUNCTION__="yes" ], 2952 [ ac_cv_cc_implements___FUNCTION__="no" ] 2953 ) 2954]) 2955if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 2956 AC_DEFINE(HAVE___FUNCTION__, 1, 2957 [Define if compiler implements __FUNCTION__]) 2958fi 2959 2960AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 2961 AC_TRY_LINK([ 2962#include <stdio.h> 2963], 2964 [ printf("%s", __func__); ], 2965 [ ac_cv_cc_implements___func__="yes" ], 2966 [ ac_cv_cc_implements___func__="no" ] 2967 ) 2968]) 2969if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 2970 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 2971fi 2972 2973AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 2974 AC_TRY_LINK( 2975 [#include <stdarg.h> 2976 va_list x,y;], 2977 [va_copy(x,y);], 2978 [ ac_cv_have_va_copy="yes" ], 2979 [ ac_cv_have_va_copy="no" ] 2980 ) 2981]) 2982if test "x$ac_cv_have_va_copy" = "xyes" ; then 2983 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 2984fi 2985 2986AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 2987 AC_TRY_LINK( 2988 [#include <stdarg.h> 2989 va_list x,y;], 2990 [__va_copy(x,y);], 2991 [ ac_cv_have___va_copy="yes" ], 2992 [ ac_cv_have___va_copy="no" ] 2993 ) 2994]) 2995if test "x$ac_cv_have___va_copy" = "xyes" ; then 2996 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 2997fi 2998 2999AC_CACHE_CHECK([whether getopt has optreset support], 3000 ac_cv_have_getopt_optreset, [ 3001 AC_TRY_LINK( 3002 [ 3003#include <getopt.h> 3004 ], 3005 [ extern int optreset; optreset = 0; ], 3006 [ ac_cv_have_getopt_optreset="yes" ], 3007 [ ac_cv_have_getopt_optreset="no" ] 3008 ) 3009]) 3010if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3011 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 3012 [Define if your getopt(3) defines and uses optreset]) 3013fi 3014 3015AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3016 AC_TRY_LINK([], 3017 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 3018 [ ac_cv_libc_defines_sys_errlist="yes" ], 3019 [ ac_cv_libc_defines_sys_errlist="no" ] 3020 ) 3021]) 3022if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3023 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 3024 [Define if your system defines sys_errlist[]]) 3025fi 3026 3027 3028AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3029 AC_TRY_LINK([], 3030 [ extern int sys_nerr; printf("%i", sys_nerr);], 3031 [ ac_cv_libc_defines_sys_nerr="yes" ], 3032 [ ac_cv_libc_defines_sys_nerr="no" ] 3033 ) 3034]) 3035if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3036 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 3037fi 3038 3039SCARD_MSG="no" 3040# Check whether user wants sectok support 3041AC_ARG_WITH(sectok, 3042 [ --with-sectok Enable smartcard support using libsectok], 3043 [ 3044 if test "x$withval" != "xno" ; then 3045 if test "x$withval" != "xyes" ; then 3046 CPPFLAGS="$CPPFLAGS -I${withval}" 3047 LDFLAGS="$LDFLAGS -L${withval}" 3048 if test ! -z "$need_dash_r" ; then 3049 LDFLAGS="$LDFLAGS -R${withval}" 3050 fi 3051 if test ! -z "$blibpath" ; then 3052 blibpath="$blibpath:${withval}" 3053 fi 3054 fi 3055 AC_CHECK_HEADERS(sectok.h) 3056 if test "$ac_cv_header_sectok_h" != yes; then 3057 AC_MSG_ERROR(Can't find sectok.h) 3058 fi 3059 AC_CHECK_LIB(sectok, sectok_open) 3060 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 3061 AC_MSG_ERROR(Can't find libsectok) 3062 fi 3063 AC_DEFINE(SMARTCARD, 1, 3064 [Define if you want smartcard support]) 3065 AC_DEFINE(USE_SECTOK, 1, 3066 [Define if you want smartcard support 3067 using sectok]) 3068 SCARD_MSG="yes, using sectok" 3069 fi 3070 ] 3071) 3072 3073# Check whether user wants OpenSC support 3074OPENSC_CONFIG="no" 3075AC_ARG_WITH(opensc, 3076 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 3077 [ 3078 if test "x$withval" != "xno" ; then 3079 if test "x$withval" != "xyes" ; then 3080 OPENSC_CONFIG=$withval/bin/opensc-config 3081 else 3082 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 3083 fi 3084 if test "$OPENSC_CONFIG" != "no"; then 3085 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 3086 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 3087 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 3088 LIBS="$LIBS $LIBOPENSC_LIBS" 3089 AC_DEFINE(SMARTCARD) 3090 AC_DEFINE(USE_OPENSC, 1, 3091 [Define if you want smartcard support 3092 using OpenSC]) 3093 SCARD_MSG="yes, using OpenSC" 3094 fi 3095 fi 3096 ] 3097) 3098 3099# Check libraries needed by DNS fingerprint support 3100AC_SEARCH_LIBS(getrrsetbyname, resolv, 3101 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 3102 [Define if getrrsetbyname() exists])], 3103 [ 3104 # Needed by our getrrsetbyname() 3105 AC_SEARCH_LIBS(res_query, resolv) 3106 AC_SEARCH_LIBS(dn_expand, resolv) 3107 AC_MSG_CHECKING(if res_query will link) 3108 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 3109 [AC_MSG_RESULT(no) 3110 saved_LIBS="$LIBS" 3111 LIBS="$LIBS -lresolv" 3112 AC_MSG_CHECKING(for res_query in -lresolv) 3113 AC_LINK_IFELSE([ 3114#include <resolv.h> 3115int main() 3116{ 3117 res_query (0, 0, 0, 0, 0); 3118 return 0; 3119} 3120 ], 3121 [LIBS="$LIBS -lresolv" 3122 AC_MSG_RESULT(yes)], 3123 [LIBS="$saved_LIBS" 3124 AC_MSG_RESULT(no)]) 3125 ]) 3126 AC_CHECK_FUNCS(_getshort _getlong) 3127 AC_CHECK_DECLS([_getshort, _getlong], , , 3128 [#include <sys/types.h> 3129 #include <arpa/nameser.h>]) 3130 AC_CHECK_MEMBER(HEADER.ad, 3131 [AC_DEFINE(HAVE_HEADER_AD, 1, 3132 [Define if HEADER.ad exists in arpa/nameser.h])],, 3133 [#include <arpa/nameser.h>]) 3134 ]) 3135 3136# Check whether user wants SELinux support 3137SELINUX_MSG="no" 3138LIBSELINUX="" 3139AC_ARG_WITH(selinux, 3140 [ --with-selinux Enable SELinux support], 3141 [ if test "x$withval" != "xno" ; then 3142 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) 3143 SELINUX_MSG="yes" 3144 AC_CHECK_HEADER([selinux/selinux.h], , 3145 AC_MSG_ERROR(SELinux support requires selinux.h header)) 3146 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], 3147 AC_MSG_ERROR(SELinux support requires libselinux library)) 3148 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) 3149 fi ] 3150) 3151AC_SUBST(LIBSELINUX) 3152 3153# Check whether user wants Kerberos 5 support 3154KRB5_MSG="no" 3155AC_ARG_WITH(kerberos5, 3156 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3157 [ if test "x$withval" != "xno" ; then 3158 if test "x$withval" = "xyes" ; then 3159 KRB5ROOT="/usr/local" 3160 else 3161 KRB5ROOT=${withval} 3162 fi 3163 3164 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3165 KRB5_MSG="yes" 3166 3167 AC_MSG_CHECKING(for krb5-config) 3168 if test -x $KRB5ROOT/bin/krb5-config ; then 3169 KRB5CONF=$KRB5ROOT/bin/krb5-config 3170 AC_MSG_RESULT($KRB5CONF) 3171 3172 AC_MSG_CHECKING(for gssapi support) 3173 if $KRB5CONF | grep gssapi >/dev/null ; then 3174 AC_MSG_RESULT(yes) 3175 AC_DEFINE(GSSAPI, 1, 3176 [Define this if you want GSSAPI 3177 support in the version 2 protocol]) 3178 k5confopts=gssapi 3179 else 3180 AC_MSG_RESULT(no) 3181 k5confopts="" 3182 fi 3183 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3184 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3185 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3186 AC_MSG_CHECKING(whether we are using Heimdal) 3187 AC_TRY_COMPILE([ #include <krb5.h> ], 3188 [ char *tmp = heimdal_version; ], 3189 [ AC_MSG_RESULT(yes) 3190 AC_DEFINE(HEIMDAL, 1, 3191 [Define this if you are using the 3192 Heimdal version of Kerberos V5]) ], 3193 AC_MSG_RESULT(no) 3194 ) 3195 else 3196 AC_MSG_RESULT(no) 3197 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3198 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3199 AC_MSG_CHECKING(whether we are using Heimdal) 3200 AC_TRY_COMPILE([ #include <krb5.h> ], 3201 [ char *tmp = heimdal_version; ], 3202 [ AC_MSG_RESULT(yes) 3203 AC_DEFINE(HEIMDAL) 3204 K5LIBS="-lkrb5 -ldes" 3205 K5LIBS="$K5LIBS -lcom_err -lasn1" 3206 AC_CHECK_LIB(roken, net_write, 3207 [K5LIBS="$K5LIBS -lroken"]) 3208 ], 3209 [ AC_MSG_RESULT(no) 3210 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3211 ] 3212 ) 3213 AC_SEARCH_LIBS(dn_expand, resolv) 3214 3215 AC_CHECK_LIB(gssapi,gss_init_sec_context, 3216 [ AC_DEFINE(GSSAPI) 3217 K5LIBS="-lgssapi $K5LIBS" ], 3218 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 3219 [ AC_DEFINE(GSSAPI) 3220 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3221 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3222 $K5LIBS) 3223 ], 3224 $K5LIBS) 3225 3226 AC_CHECK_HEADER(gssapi.h, , 3227 [ unset ac_cv_header_gssapi_h 3228 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3229 AC_CHECK_HEADERS(gssapi.h, , 3230 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3231 ) 3232 ] 3233 ) 3234 3235 oldCPP="$CPPFLAGS" 3236 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3237 AC_CHECK_HEADER(gssapi_krb5.h, , 3238 [ CPPFLAGS="$oldCPP" ]) 3239 3240 fi 3241 if test ! -z "$need_dash_r" ; then 3242 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3243 fi 3244 if test ! -z "$blibpath" ; then 3245 blibpath="$blibpath:${KRB5ROOT}/lib" 3246 fi 3247 3248 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3249 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3250 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3251 3252 LIBS="$LIBS $K5LIBS" 3253 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3254 [Define this if you want to use libkafs' AFS support])) 3255 fi 3256 ] 3257) 3258 3259# Looking for programs, paths and files 3260 3261PRIVSEP_PATH=/var/empty 3262AC_ARG_WITH(privsep-path, 3263 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3264 [ 3265 if test -n "$withval" && test "x$withval" != "xno" && \ 3266 test "x${withval}" != "xyes"; then 3267 PRIVSEP_PATH=$withval 3268 fi 3269 ] 3270) 3271AC_SUBST(PRIVSEP_PATH) 3272 3273AC_ARG_WITH(xauth, 3274 [ --with-xauth=PATH Specify path to xauth program ], 3275 [ 3276 if test -n "$withval" && test "x$withval" != "xno" && \ 3277 test "x${withval}" != "xyes"; then 3278 xauth_path=$withval 3279 fi 3280 ], 3281 [ 3282 TestPath="$PATH" 3283 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3284 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3285 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3286 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3287 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3288 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3289 xauth_path="/usr/openwin/bin/xauth" 3290 fi 3291 ] 3292) 3293 3294STRIP_OPT=-s 3295AC_ARG_ENABLE(strip, 3296 [ --disable-strip Disable calling strip(1) on install], 3297 [ 3298 if test "x$enableval" = "xno" ; then 3299 STRIP_OPT= 3300 fi 3301 ] 3302) 3303AC_SUBST(STRIP_OPT) 3304 3305if test -z "$xauth_path" ; then 3306 XAUTH_PATH="undefined" 3307 AC_SUBST(XAUTH_PATH) 3308else 3309 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3310 [Define if xauth is found in your path]) 3311 XAUTH_PATH=$xauth_path 3312 AC_SUBST(XAUTH_PATH) 3313fi 3314 3315# Check for mail directory (last resort if we cannot get it from headers) 3316if test ! -z "$MAIL" ; then 3317 maildir=`dirname $MAIL` 3318 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3319 [Set this to your mail directory if you don't have maillock.h]) 3320fi 3321 3322if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3323 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3324 disable_ptmx_check=yes 3325fi 3326if test -z "$no_dev_ptmx" ; then 3327 if test "x$disable_ptmx_check" != "xyes" ; then 3328 AC_CHECK_FILE("/dev/ptmx", 3329 [ 3330 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3331 [Define if you have /dev/ptmx]) 3332 have_dev_ptmx=1 3333 ] 3334 ) 3335 fi 3336fi 3337 3338if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3339 AC_CHECK_FILE("/dev/ptc", 3340 [ 3341 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3342 [Define if you have /dev/ptc]) 3343 have_dev_ptc=1 3344 ] 3345 ) 3346else 3347 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3348fi 3349 3350# Options from here on. Some of these are preset by platform above 3351AC_ARG_WITH(mantype, 3352 [ --with-mantype=man|cat|doc Set man page type], 3353 [ 3354 case "$withval" in 3355 man|cat|doc) 3356 MANTYPE=$withval 3357 ;; 3358 *) 3359 AC_MSG_ERROR(invalid man type: $withval) 3360 ;; 3361 esac 3362 ] 3363) 3364if test -z "$MANTYPE"; then 3365 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3366 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3367 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3368 MANTYPE=doc 3369 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3370 MANTYPE=man 3371 else 3372 MANTYPE=cat 3373 fi 3374fi 3375AC_SUBST(MANTYPE) 3376if test "$MANTYPE" = "doc"; then 3377 mansubdir=man; 3378else 3379 mansubdir=$MANTYPE; 3380fi 3381AC_SUBST(mansubdir) 3382 3383# Check whether to enable MD5 passwords 3384MD5_MSG="no" 3385AC_ARG_WITH(md5-passwords, 3386 [ --with-md5-passwords Enable use of MD5 passwords], 3387 [ 3388 if test "x$withval" != "xno" ; then 3389 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3390 [Define if you want to allow MD5 passwords]) 3391 MD5_MSG="yes" 3392 fi 3393 ] 3394) 3395 3396# Whether to disable shadow password support 3397AC_ARG_WITH(shadow, 3398 [ --without-shadow Disable shadow password support], 3399 [ 3400 if test "x$withval" = "xno" ; then 3401 AC_DEFINE(DISABLE_SHADOW) 3402 disable_shadow=yes 3403 fi 3404 ] 3405) 3406 3407if test -z "$disable_shadow" ; then 3408 AC_MSG_CHECKING([if the systems has expire shadow information]) 3409 AC_TRY_COMPILE( 3410 [ 3411#include <sys/types.h> 3412#include <shadow.h> 3413 struct spwd sp; 3414 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3415 [ sp_expire_available=yes ], [] 3416 ) 3417 3418 if test "x$sp_expire_available" = "xyes" ; then 3419 AC_MSG_RESULT(yes) 3420 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3421 [Define if you want to use shadow password expire field]) 3422 else 3423 AC_MSG_RESULT(no) 3424 fi 3425fi 3426 3427# Use ip address instead of hostname in $DISPLAY 3428if test ! -z "$IPADDR_IN_DISPLAY" ; then 3429 DISPLAY_HACK_MSG="yes" 3430 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3431 [Define if you need to use IP address 3432 instead of hostname in $DISPLAY]) 3433else 3434 DISPLAY_HACK_MSG="no" 3435 AC_ARG_WITH(ipaddr-display, 3436 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3437 [ 3438 if test "x$withval" != "xno" ; then 3439 AC_DEFINE(IPADDR_IN_DISPLAY) 3440 DISPLAY_HACK_MSG="yes" 3441 fi 3442 ] 3443 ) 3444fi 3445 3446# check for /etc/default/login and use it if present. 3447AC_ARG_ENABLE(etc-default-login, 3448 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3449 [ if test "x$enableval" = "xno"; then 3450 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3451 etc_default_login=no 3452 else 3453 etc_default_login=yes 3454 fi ], 3455 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3456 then 3457 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3458 etc_default_login=no 3459 else 3460 etc_default_login=yes 3461 fi ] 3462) 3463 3464if test "x$etc_default_login" != "xno"; then 3465 AC_CHECK_FILE("/etc/default/login", 3466 [ external_path_file=/etc/default/login ]) 3467 if test "x$external_path_file" = "x/etc/default/login"; then 3468 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3469 [Define if your system has /etc/default/login]) 3470 fi 3471fi 3472 3473dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3474if test $ac_cv_func_login_getcapbool = "yes" && \ 3475 test $ac_cv_header_login_cap_h = "yes" ; then 3476 external_path_file=/etc/login.conf 3477fi 3478 3479# Whether to mess with the default path 3480SERVER_PATH_MSG="(default)" 3481AC_ARG_WITH(default-path, 3482 [ --with-default-path= Specify default \$PATH environment for server], 3483 [ 3484 if test "x$external_path_file" = "x/etc/login.conf" ; then 3485 AC_MSG_WARN([ 3486--with-default-path=PATH has no effect on this system. 3487Edit /etc/login.conf instead.]) 3488 elif test "x$withval" != "xno" ; then 3489 if test ! -z "$external_path_file" ; then 3490 AC_MSG_WARN([ 3491--with-default-path=PATH will only be used if PATH is not defined in 3492$external_path_file .]) 3493 fi 3494 user_path="$withval" 3495 SERVER_PATH_MSG="$withval" 3496 fi 3497 ], 3498 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3499 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3500 else 3501 if test ! -z "$external_path_file" ; then 3502 AC_MSG_WARN([ 3503If PATH is defined in $external_path_file, ensure the path to scp is included, 3504otherwise scp will not work.]) 3505 fi 3506 AC_RUN_IFELSE( 3507 [AC_LANG_SOURCE([[ 3508/* find out what STDPATH is */ 3509#include <stdio.h> 3510#ifdef HAVE_PATHS_H 3511# include <paths.h> 3512#endif 3513#ifndef _PATH_STDPATH 3514# ifdef _PATH_USERPATH /* Irix */ 3515# define _PATH_STDPATH _PATH_USERPATH 3516# else 3517# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3518# endif 3519#endif 3520#include <sys/types.h> 3521#include <sys/stat.h> 3522#include <fcntl.h> 3523#define DATA "conftest.stdpath" 3524 3525main() 3526{ 3527 FILE *fd; 3528 int rc; 3529 3530 fd = fopen(DATA,"w"); 3531 if(fd == NULL) 3532 exit(1); 3533 3534 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3535 exit(1); 3536 3537 exit(0); 3538} 3539 ]])], 3540 [ user_path=`cat conftest.stdpath` ], 3541 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3542 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3543 ) 3544# make sure $bindir is in USER_PATH so scp will work 3545 t_bindir=`eval echo ${bindir}` 3546 case $t_bindir in 3547 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3548 esac 3549 case $t_bindir in 3550 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3551 esac 3552 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3553 if test $? -ne 0 ; then 3554 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3555 if test $? -ne 0 ; then 3556 user_path=$user_path:$t_bindir 3557 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3558 fi 3559 fi 3560 fi ] 3561) 3562if test "x$external_path_file" != "x/etc/login.conf" ; then 3563 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3564 AC_SUBST(user_path) 3565fi 3566 3567# Set superuser path separately to user path 3568AC_ARG_WITH(superuser-path, 3569 [ --with-superuser-path= Specify different path for super-user], 3570 [ 3571 if test -n "$withval" && test "x$withval" != "xno" && \ 3572 test "x${withval}" != "xyes"; then 3573 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3574 [Define if you want a different $PATH 3575 for the superuser]) 3576 superuser_path=$withval 3577 fi 3578 ] 3579) 3580 3581 3582AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3583IPV4_IN6_HACK_MSG="no" 3584AC_ARG_WITH(4in6, 3585 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3586 [ 3587 if test "x$withval" != "xno" ; then 3588 AC_MSG_RESULT(yes) 3589 AC_DEFINE(IPV4_IN_IPV6, 1, 3590 [Detect IPv4 in IPv6 mapped addresses 3591 and treat as IPv4]) 3592 IPV4_IN6_HACK_MSG="yes" 3593 else 3594 AC_MSG_RESULT(no) 3595 fi 3596 ],[ 3597 if test "x$inet6_default_4in6" = "xyes"; then 3598 AC_MSG_RESULT([yes (default)]) 3599 AC_DEFINE(IPV4_IN_IPV6) 3600 IPV4_IN6_HACK_MSG="yes" 3601 else 3602 AC_MSG_RESULT([no (default)]) 3603 fi 3604 ] 3605) 3606 3607# Whether to enable BSD auth support 3608BSD_AUTH_MSG=no 3609AC_ARG_WITH(bsd-auth, 3610 [ --with-bsd-auth Enable BSD auth support], 3611 [ 3612 if test "x$withval" != "xno" ; then 3613 AC_DEFINE(BSD_AUTH, 1, 3614 [Define if you have BSD auth support]) 3615 BSD_AUTH_MSG=yes 3616 fi 3617 ] 3618) 3619 3620# Where to place sshd.pid 3621piddir=/var/run 3622# make sure the directory exists 3623if test ! -d $piddir ; then 3624 piddir=`eval echo ${sysconfdir}` 3625 case $piddir in 3626 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3627 esac 3628fi 3629 3630AC_ARG_WITH(pid-dir, 3631 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3632 [ 3633 if test -n "$withval" && test "x$withval" != "xno" && \ 3634 test "x${withval}" != "xyes"; then 3635 piddir=$withval 3636 if test ! -d $piddir ; then 3637 AC_MSG_WARN([** no $piddir directory on this system **]) 3638 fi 3639 fi 3640 ] 3641) 3642 3643AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 3644AC_SUBST(piddir) 3645 3646dnl allow user to disable some login recording features 3647AC_ARG_ENABLE(lastlog, 3648 [ --disable-lastlog disable use of lastlog even if detected [no]], 3649 [ 3650 if test "x$enableval" = "xno" ; then 3651 AC_DEFINE(DISABLE_LASTLOG) 3652 fi 3653 ] 3654) 3655AC_ARG_ENABLE(utmp, 3656 [ --disable-utmp disable use of utmp even if detected [no]], 3657 [ 3658 if test "x$enableval" = "xno" ; then 3659 AC_DEFINE(DISABLE_UTMP) 3660 fi 3661 ] 3662) 3663AC_ARG_ENABLE(utmpx, 3664 [ --disable-utmpx disable use of utmpx even if detected [no]], 3665 [ 3666 if test "x$enableval" = "xno" ; then 3667 AC_DEFINE(DISABLE_UTMPX, 1, 3668 [Define if you don't want to use utmpx]) 3669 fi 3670 ] 3671) 3672AC_ARG_ENABLE(wtmp, 3673 [ --disable-wtmp disable use of wtmp even if detected [no]], 3674 [ 3675 if test "x$enableval" = "xno" ; then 3676 AC_DEFINE(DISABLE_WTMP) 3677 fi 3678 ] 3679) 3680AC_ARG_ENABLE(wtmpx, 3681 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3682 [ 3683 if test "x$enableval" = "xno" ; then 3684 AC_DEFINE(DISABLE_WTMPX, 1, 3685 [Define if you don't want to use wtmpx]) 3686 fi 3687 ] 3688) 3689AC_ARG_ENABLE(libutil, 3690 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3691 [ 3692 if test "x$enableval" = "xno" ; then 3693 AC_DEFINE(DISABLE_LOGIN) 3694 fi 3695 ] 3696) 3697AC_ARG_ENABLE(pututline, 3698 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3699 [ 3700 if test "x$enableval" = "xno" ; then 3701 AC_DEFINE(DISABLE_PUTUTLINE, 1, 3702 [Define if you don't want to use pututline() 3703 etc. to write [uw]tmp]) 3704 fi 3705 ] 3706) 3707AC_ARG_ENABLE(pututxline, 3708 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3709 [ 3710 if test "x$enableval" = "xno" ; then 3711 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 3712 [Define if you don't want to use pututxline() 3713 etc. to write [uw]tmpx]) 3714 fi 3715 ] 3716) 3717AC_ARG_WITH(lastlog, 3718 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 3719 [ 3720 if test "x$withval" = "xno" ; then 3721 AC_DEFINE(DISABLE_LASTLOG) 3722 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3723 conf_lastlog_location=$withval 3724 fi 3725 ] 3726) 3727 3728dnl lastlog, [uw]tmpx? detection 3729dnl NOTE: set the paths in the platform section to avoid the 3730dnl need for command-line parameters 3731dnl lastlog and [uw]tmp are subject to a file search if all else fails 3732 3733dnl lastlog detection 3734dnl NOTE: the code itself will detect if lastlog is a directory 3735AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3736AC_TRY_COMPILE([ 3737#include <sys/types.h> 3738#include <utmp.h> 3739#ifdef HAVE_LASTLOG_H 3740# include <lastlog.h> 3741#endif 3742#ifdef HAVE_PATHS_H 3743# include <paths.h> 3744#endif 3745#ifdef HAVE_LOGIN_H 3746# include <login.h> 3747#endif 3748 ], 3749 [ char *lastlog = LASTLOG_FILE; ], 3750 [ AC_MSG_RESULT(yes) ], 3751 [ 3752 AC_MSG_RESULT(no) 3753 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3754 AC_TRY_COMPILE([ 3755#include <sys/types.h> 3756#include <utmp.h> 3757#ifdef HAVE_LASTLOG_H 3758# include <lastlog.h> 3759#endif 3760#ifdef HAVE_PATHS_H 3761# include <paths.h> 3762#endif 3763 ], 3764 [ char *lastlog = _PATH_LASTLOG; ], 3765 [ AC_MSG_RESULT(yes) ], 3766 [ 3767 AC_MSG_RESULT(no) 3768 system_lastlog_path=no 3769 ]) 3770 ] 3771) 3772 3773if test -z "$conf_lastlog_location"; then 3774 if test x"$system_lastlog_path" = x"no" ; then 3775 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3776 if (test -d "$f" || test -f "$f") ; then 3777 conf_lastlog_location=$f 3778 fi 3779 done 3780 if test -z "$conf_lastlog_location"; then 3781 AC_MSG_WARN([** Cannot find lastlog **]) 3782 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3783 fi 3784 fi 3785fi 3786 3787if test -n "$conf_lastlog_location"; then 3788 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 3789 [Define if you want to specify the path to your lastlog file]) 3790fi 3791 3792dnl utmp detection 3793AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3794AC_TRY_COMPILE([ 3795#include <sys/types.h> 3796#include <utmp.h> 3797#ifdef HAVE_PATHS_H 3798# include <paths.h> 3799#endif 3800 ], 3801 [ char *utmp = UTMP_FILE; ], 3802 [ AC_MSG_RESULT(yes) ], 3803 [ AC_MSG_RESULT(no) 3804 system_utmp_path=no ] 3805) 3806if test -z "$conf_utmp_location"; then 3807 if test x"$system_utmp_path" = x"no" ; then 3808 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3809 if test -f $f ; then 3810 conf_utmp_location=$f 3811 fi 3812 done 3813 if test -z "$conf_utmp_location"; then 3814 AC_DEFINE(DISABLE_UTMP) 3815 fi 3816 fi 3817fi 3818if test -n "$conf_utmp_location"; then 3819 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 3820 [Define if you want to specify the path to your utmp file]) 3821fi 3822 3823dnl wtmp detection 3824AC_MSG_CHECKING([if your system defines WTMP_FILE]) 3825AC_TRY_COMPILE([ 3826#include <sys/types.h> 3827#include <utmp.h> 3828#ifdef HAVE_PATHS_H 3829# include <paths.h> 3830#endif 3831 ], 3832 [ char *wtmp = WTMP_FILE; ], 3833 [ AC_MSG_RESULT(yes) ], 3834 [ AC_MSG_RESULT(no) 3835 system_wtmp_path=no ] 3836) 3837if test -z "$conf_wtmp_location"; then 3838 if test x"$system_wtmp_path" = x"no" ; then 3839 for f in /usr/adm/wtmp /var/log/wtmp; do 3840 if test -f $f ; then 3841 conf_wtmp_location=$f 3842 fi 3843 done 3844 if test -z "$conf_wtmp_location"; then 3845 AC_DEFINE(DISABLE_WTMP) 3846 fi 3847 fi 3848fi 3849if test -n "$conf_wtmp_location"; then 3850 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 3851 [Define if you want to specify the path to your wtmp file]) 3852fi 3853 3854 3855dnl utmpx detection - I don't know any system so perverse as to require 3856dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 3857dnl there, though. 3858AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 3859AC_TRY_COMPILE([ 3860#include <sys/types.h> 3861#include <utmp.h> 3862#ifdef HAVE_UTMPX_H 3863#include <utmpx.h> 3864#endif 3865#ifdef HAVE_PATHS_H 3866# include <paths.h> 3867#endif 3868 ], 3869 [ char *utmpx = UTMPX_FILE; ], 3870 [ AC_MSG_RESULT(yes) ], 3871 [ AC_MSG_RESULT(no) 3872 system_utmpx_path=no ] 3873) 3874if test -z "$conf_utmpx_location"; then 3875 if test x"$system_utmpx_path" = x"no" ; then 3876 AC_DEFINE(DISABLE_UTMPX) 3877 fi 3878else 3879 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", 3880 [Define if you want to specify the path to your utmpx file]) 3881fi 3882 3883dnl wtmpx detection 3884AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 3885AC_TRY_COMPILE([ 3886#include <sys/types.h> 3887#include <utmp.h> 3888#ifdef HAVE_UTMPX_H 3889#include <utmpx.h> 3890#endif 3891#ifdef HAVE_PATHS_H 3892# include <paths.h> 3893#endif 3894 ], 3895 [ char *wtmpx = WTMPX_FILE; ], 3896 [ AC_MSG_RESULT(yes) ], 3897 [ AC_MSG_RESULT(no) 3898 system_wtmpx_path=no ] 3899) 3900if test -z "$conf_wtmpx_location"; then 3901 if test x"$system_wtmpx_path" = x"no" ; then 3902 AC_DEFINE(DISABLE_WTMPX) 3903 fi 3904else 3905 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 3906 [Define if you want to specify the path to your wtmpx file]) 3907fi 3908 3909 3910if test ! -z "$blibpath" ; then 3911 LDFLAGS="$LDFLAGS $blibflags$blibpath" 3912 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 3913fi 3914 3915dnl Adding -Werror to CFLAGS early prevents configure tests from running. 3916dnl Add now. 3917CFLAGS="$CFLAGS $werror_flags" 3918 3919AC_EXEEXT 3920AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 3921 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 3922 scard/Makefile ssh_prng_cmds survey.sh]) 3923AC_OUTPUT 3924 3925# Print summary of options 3926 3927# Someone please show me a better way :) 3928A=`eval echo ${prefix}` ; A=`eval echo ${A}` 3929B=`eval echo ${bindir}` ; B=`eval echo ${B}` 3930C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 3931D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 3932E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 3933F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 3934G=`eval echo ${piddir}` ; G=`eval echo ${G}` 3935H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 3936I=`eval echo ${user_path}` ; I=`eval echo ${I}` 3937J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 3938 3939echo "" 3940echo "OpenSSH has been configured with the following options:" 3941echo " User binaries: $B" 3942echo " System binaries: $C" 3943echo " Configuration files: $D" 3944echo " Askpass program: $E" 3945echo " Manual pages: $F" 3946echo " PID file: $G" 3947echo " Privilege separation chroot path: $H" 3948if test "x$external_path_file" = "x/etc/login.conf" ; then 3949echo " At runtime, sshd will use the path defined in $external_path_file" 3950echo " Make sure the path to scp is present, otherwise scp will not work" 3951else 3952echo " sshd default user PATH: $I" 3953 if test ! -z "$external_path_file"; then 3954echo " (If PATH is set in $external_path_file it will be used instead. If" 3955echo " used, ensure the path to scp is present, otherwise scp will not work.)" 3956 fi 3957fi 3958if test ! -z "$superuser_path" ; then 3959echo " sshd superuser user PATH: $J" 3960fi 3961echo " Manpage format: $MANTYPE" 3962echo " PAM support: $PAM_MSG" 3963echo " OSF SIA support: $SIA_MSG" 3964echo " KerberosV support: $KRB5_MSG" 3965echo " SELinux support: $SELINUX_MSG" 3966echo " Smartcard support: $SCARD_MSG" 3967echo " S/KEY support: $SKEY_MSG" 3968echo " TCP Wrappers support: $TCPW_MSG" 3969echo " MD5 password support: $MD5_MSG" 3970echo " libedit support: $LIBEDIT_MSG" 3971echo " Solaris process contract support: $SPC_MSG" 3972echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 3973echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 3974echo " BSD Auth support: $BSD_AUTH_MSG" 3975echo " Random number source: $RAND_MSG" 3976if test ! -z "$USE_RAND_HELPER" ; then 3977echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 3978fi 3979 3980echo "" 3981 3982echo " Host: ${host}" 3983echo " Compiler: ${CC}" 3984echo " Compiler flags: ${CFLAGS}" 3985echo "Preprocessor flags: ${CPPFLAGS}" 3986echo " Linker flags: ${LDFLAGS}" 3987echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" 3988 3989echo "" 3990 3991if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 3992 echo "SVR4 style packages are supported with \"make package\"" 3993 echo "" 3994fi 3995 3996if test "x$PAM_MSG" = "xyes" ; then 3997 echo "PAM is enabled. You may need to install a PAM control file " 3998 echo "for sshd, otherwise password authentication may fail. " 3999 echo "Example PAM control files can be found in the contrib/ " 4000 echo "subdirectory" 4001 echo "" 4002fi 4003 4004if test ! -z "$RAND_HELPER_CMDHASH" ; then 4005 echo "WARNING: you are using the builtin random number collection " 4006 echo "service. Please read WARNING.RNG and request that your OS " 4007 echo "vendor includes kernel-based random number collection in " 4008 echo "future versions of your OS." 4009 echo "" 4010fi 4011 4012if test ! -z "$NO_PEERCHECK" ; then 4013 echo "WARNING: the operating system that you are using does not " 4014 echo "appear to support either the getpeereid() API nor the " 4015 echo "SO_PEERCRED getsockopt() option. These facilities are used to " 4016 echo "enforce security checks to prevent unauthorised connections to " 4017 echo "ssh-agent. Their absence increases the risk that a malicious " 4018 echo "user can connect to your agent. " 4019 echo "" 4020fi 4021 4022if test "$AUDIT_MODULE" = "bsm" ; then 4023 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4024 echo "See the Solaris section in README.platform for details." 4025fi 4026