configure.ac revision 180740
1# $Id: configure.ac,v 1.372 2007/03/05 00:51:27 djm Exp $ 2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 18AC_REVISION($Revision: 1.372 $) 19AC_CONFIG_SRCDIR([ssh.c]) 20 21AC_CONFIG_HEADER(config.h) 22AC_PROG_CC 23AC_CANONICAL_HOST 24AC_C_BIGENDIAN 25 26# Checks for programs. 27AC_PROG_AWK 28AC_PROG_CPP 29AC_PROG_RANLIB 30AC_PROG_INSTALL 31AC_PROG_EGREP 32AC_PATH_PROG(AR, ar) 33AC_PATH_PROG(CAT, cat) 34AC_PATH_PROG(KILL, kill) 35AC_PATH_PROGS(PERL, perl5 perl) 36AC_PATH_PROG(SED, sed) 37AC_SUBST(PERL) 38AC_PATH_PROG(ENT, ent) 39AC_SUBST(ENT) 40AC_PATH_PROG(TEST_MINUS_S_SH, bash) 41AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 42AC_PATH_PROG(TEST_MINUS_S_SH, sh) 43AC_PATH_PROG(SH, sh) 44AC_SUBST(TEST_SHELL,sh) 45 46dnl for buildpkg.sh 47AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 48 [/usr/sbin${PATH_SEPARATOR}/etc]) 49AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 50 [/usr/sbin${PATH_SEPARATOR}/etc]) 51AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 52if test -x /sbin/sh; then 53 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 54else 55 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 56fi 57 58# System features 59AC_SYS_LARGEFILE 60 61if test -z "$AR" ; then 62 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 63fi 64 65# Use LOGIN_PROGRAM from environment if possible 66if test ! -z "$LOGIN_PROGRAM" ; then 67 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 68 [If your header files don't define LOGIN_PROGRAM, 69 then use this (detected) from environment and PATH]) 70else 71 # Search for login 72 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 73 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 74 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 75 fi 76fi 77 78AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 79if test ! -z "$PATH_PASSWD_PROG" ; then 80 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 81 [Full path of your "passwd" program]) 82fi 83 84if test -z "$LD" ; then 85 LD=$CC 86fi 87AC_SUBST(LD) 88 89AC_C_INLINE 90 91AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 92 93if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 94 CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized" 95 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 96 case $GCC_VER in 97 1.*) ;; 98 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;; 99 2.*) ;; 100 3.*) CFLAGS="$CFLAGS -Wsign-compare" ;; 101 4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;; 102 *) ;; 103 esac 104 105 if test -z "$have_llong_max"; then 106 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 107 unset ac_cv_have_decl_LLONG_MAX 108 saved_CFLAGS="$CFLAGS" 109 CFLAGS="$CFLAGS -std=gnu99" 110 AC_CHECK_DECL(LLONG_MAX, 111 [have_llong_max=1], 112 [CFLAGS="$saved_CFLAGS"], 113 [#include <limits.h>] 114 ) 115 fi 116fi 117 118AC_ARG_WITH(rpath, 119 [ --without-rpath Disable auto-added -R linker paths], 120 [ 121 if test "x$withval" = "xno" ; then 122 need_dash_r="" 123 fi 124 if test "x$withval" = "xyes" ; then 125 need_dash_r=1 126 fi 127 ] 128) 129 130# Allow user to specify flags 131AC_ARG_WITH(cflags, 132 [ --with-cflags Specify additional flags to pass to compiler], 133 [ 134 if test -n "$withval" && test "x$withval" != "xno" && \ 135 test "x${withval}" != "xyes"; then 136 CFLAGS="$CFLAGS $withval" 137 fi 138 ] 139) 140AC_ARG_WITH(cppflags, 141 [ --with-cppflags Specify additional flags to pass to preprocessor] , 142 [ 143 if test -n "$withval" && test "x$withval" != "xno" && \ 144 test "x${withval}" != "xyes"; then 145 CPPFLAGS="$CPPFLAGS $withval" 146 fi 147 ] 148) 149AC_ARG_WITH(ldflags, 150 [ --with-ldflags Specify additional flags to pass to linker], 151 [ 152 if test -n "$withval" && test "x$withval" != "xno" && \ 153 test "x${withval}" != "xyes"; then 154 LDFLAGS="$LDFLAGS $withval" 155 fi 156 ] 157) 158AC_ARG_WITH(libs, 159 [ --with-libs Specify additional libraries to link with], 160 [ 161 if test -n "$withval" && test "x$withval" != "xno" && \ 162 test "x${withval}" != "xyes"; then 163 LIBS="$LIBS $withval" 164 fi 165 ] 166) 167AC_ARG_WITH(Werror, 168 [ --with-Werror Build main code with -Werror], 169 [ 170 if test -n "$withval" && test "x$withval" != "xno"; then 171 werror_flags="-Werror" 172 if test "x${withval}" != "xyes"; then 173 werror_flags="$withval" 174 fi 175 fi 176 ] 177) 178 179AC_CHECK_HEADERS( \ 180 bstring.h \ 181 crypt.h \ 182 crypto/sha2.h \ 183 dirent.h \ 184 endian.h \ 185 features.h \ 186 fcntl.h \ 187 floatingpoint.h \ 188 getopt.h \ 189 glob.h \ 190 ia.h \ 191 iaf.h \ 192 limits.h \ 193 login.h \ 194 maillock.h \ 195 ndir.h \ 196 net/if_tun.h \ 197 netdb.h \ 198 netgroup.h \ 199 pam/pam_appl.h \ 200 paths.h \ 201 pty.h \ 202 readpassphrase.h \ 203 rpc/types.h \ 204 security/pam_appl.h \ 205 sha2.h \ 206 shadow.h \ 207 stddef.h \ 208 stdint.h \ 209 string.h \ 210 strings.h \ 211 sys/audit.h \ 212 sys/bitypes.h \ 213 sys/bsdtty.h \ 214 sys/cdefs.h \ 215 sys/dir.h \ 216 sys/mman.h \ 217 sys/ndir.h \ 218 sys/prctl.h \ 219 sys/pstat.h \ 220 sys/select.h \ 221 sys/stat.h \ 222 sys/stream.h \ 223 sys/stropts.h \ 224 sys/strtio.h \ 225 sys/sysmacros.h \ 226 sys/time.h \ 227 sys/timers.h \ 228 sys/un.h \ 229 time.h \ 230 tmpdir.h \ 231 ttyent.h \ 232 unistd.h \ 233 usersec.h \ 234 util.h \ 235 utime.h \ 236 utmp.h \ 237 utmpx.h \ 238 vis.h \ 239) 240 241# lastlog.h requires sys/time.h to be included first on Solaris 242AC_CHECK_HEADERS(lastlog.h, [], [], [ 243#ifdef HAVE_SYS_TIME_H 244# include <sys/time.h> 245#endif 246]) 247 248# sys/ptms.h requires sys/stream.h to be included first on Solaris 249AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 250#ifdef HAVE_SYS_STREAM_H 251# include <sys/stream.h> 252#endif 253]) 254 255# login_cap.h requires sys/types.h on NetBSD 256AC_CHECK_HEADERS(login_cap.h, [], [], [ 257#include <sys/types.h> 258]) 259 260# Messages for features tested for in target-specific section 261SIA_MSG="no" 262SPC_MSG="no" 263 264# Check for some target-specific stuff 265case "$host" in 266*-*-aix*) 267 # Some versions of VAC won't allow macro redefinitions at 268 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 269 # particularly with older versions of vac or xlc. 270 # It also throws errors about null macro argments, but these are 271 # not fatal. 272 AC_MSG_CHECKING(if compiler allows macro redefinitions) 273 AC_COMPILE_IFELSE( 274 [AC_LANG_SOURCE([[ 275#define testmacro foo 276#define testmacro bar 277int main(void) { exit(0); } 278 ]])], 279 [ AC_MSG_RESULT(yes) ], 280 [ AC_MSG_RESULT(no) 281 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 282 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" 283 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 284 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 285 ] 286 ) 287 288 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 289 if (test -z "$blibpath"); then 290 blibpath="/usr/lib:/lib" 291 fi 292 saved_LDFLAGS="$LDFLAGS" 293 if test "$GCC" = "yes"; then 294 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 295 else 296 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 297 fi 298 for tryflags in $flags ;do 299 if (test -z "$blibflags"); then 300 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 301 AC_TRY_LINK([], [], [blibflags=$tryflags]) 302 fi 303 done 304 if (test -z "$blibflags"); then 305 AC_MSG_RESULT(not found) 306 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 307 else 308 AC_MSG_RESULT($blibflags) 309 fi 310 LDFLAGS="$saved_LDFLAGS" 311 dnl Check for authenticate. Might be in libs.a on older AIXes 312 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 313 [Define if you want to enable AIX4's authenticate function])], 314 [AC_CHECK_LIB(s,authenticate, 315 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 316 LIBS="$LIBS -ls" 317 ]) 318 ]) 319 dnl Check for various auth function declarations in headers. 320 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 321 passwdexpired, setauthdb], , , [#include <usersec.h>]) 322 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 323 AC_CHECK_DECLS(loginfailed, 324 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 325 AC_TRY_COMPILE( 326 [#include <usersec.h>], 327 [(void)loginfailed("user","host","tty",0);], 328 [AC_MSG_RESULT(yes) 329 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 330 [Define if your AIX loginfailed() function 331 takes 4 arguments (AIX >= 5.2)])], 332 [AC_MSG_RESULT(no)] 333 )], 334 [], 335 [#include <usersec.h>] 336 ) 337 AC_CHECK_FUNCS(setauthdb) 338 AC_CHECK_DECL(F_CLOSEM, 339 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), 340 [], 341 [ #include <limits.h> 342 #include <fcntl.h> ] 343 ) 344 check_for_aix_broken_getaddrinfo=1 345 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 346 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 347 [Define if your platform breaks doing a seteuid before a setuid]) 348 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 349 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 350 dnl AIX handles lastlog as part of its login message 351 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 352 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 353 [Some systems need a utmpx entry for /bin/login to work]) 354 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 355 [Define to a Set Process Title type if your system is 356 supported by bsd-setproctitle.c]) 357 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 358 [AIX 5.2 and 5.3 (and presumably newer) require this]) 359 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) 360 ;; 361*-*-cygwin*) 362 check_for_libcrypt_later=1 363 LIBS="$LIBS /usr/lib/textreadmode.o" 364 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 365 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 366 AC_DEFINE(DISABLE_SHADOW, 1, 367 [Define if you want to disable shadow passwords]) 368 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 369 [Define if your system choked on IP TOS setting]) 370 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 371 [Define if X11 doesn't support AF_UNIX sockets on that system]) 372 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 373 [Define if the concept of ports only accessible to 374 superusers isn't known]) 375 AC_DEFINE(DISABLE_FD_PASSING, 1, 376 [Define if your platform needs to skip post auth 377 file descriptor passing]) 378 ;; 379*-*-dgux*) 380 AC_DEFINE(IP_TOS_IS_BROKEN) 381 AC_DEFINE(SETEUID_BREAKS_SETUID) 382 AC_DEFINE(BROKEN_SETREUID) 383 AC_DEFINE(BROKEN_SETREGID) 384 ;; 385*-*-darwin*) 386 AC_MSG_CHECKING(if we have working getaddrinfo) 387 AC_TRY_RUN([#include <mach-o/dyld.h> 388main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 389 exit(0); 390 else 391 exit(1); 392}], [AC_MSG_RESULT(working)], 393 [AC_MSG_RESULT(buggy) 394 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 395 [AC_MSG_RESULT(assume it is working)]) 396 AC_DEFINE(SETEUID_BREAKS_SETUID) 397 AC_DEFINE(BROKEN_SETREUID) 398 AC_DEFINE(BROKEN_SETREGID) 399 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 400 [Define if your resolver libs need this for getrrsetbyname]) 401 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 402 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 403 [Use tunnel device compatibility to OpenBSD]) 404 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 405 [Prepend the address family to IP tunnel traffic]) 406 ;; 407*-*-dragonfly*) 408 SSHDLIBS="$SSHDLIBS -lcrypt" 409 ;; 410*-*-hpux*) 411 # first we define all of the options common to all HP-UX releases 412 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 413 IPADDR_IN_DISPLAY=yes 414 AC_DEFINE(USE_PIPES) 415 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 416 [Define if your login program cannot handle end of options ("--")]) 417 AC_DEFINE(LOGIN_NEEDS_UTMPX) 418 AC_DEFINE(LOCKED_PASSWD_STRING, "*", 419 [String used in /etc/passwd to denote locked account]) 420 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 421 MAIL="/var/mail/username" 422 LIBS="$LIBS -lsec" 423 AC_CHECK_LIB(xnet, t_error, , 424 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 425 426 # next, we define all of the options specific to major releases 427 case "$host" in 428 *-*-hpux10*) 429 if test -z "$GCC"; then 430 CFLAGS="$CFLAGS -Ae" 431 fi 432 ;; 433 *-*-hpux11*) 434 AC_DEFINE(PAM_SUN_CODEBASE, 1, 435 [Define if you are using Solaris-derived PAM which 436 passes pam_messages to the conversation function 437 with an extra level of indirection]) 438 AC_DEFINE(DISABLE_UTMP, 1, 439 [Define if you don't want to use utmp]) 440 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 441 check_for_hpux_broken_getaddrinfo=1 442 check_for_conflicting_getspnam=1 443 ;; 444 esac 445 446 # lastly, we define options specific to minor releases 447 case "$host" in 448 *-*-hpux10.26) 449 AC_DEFINE(HAVE_SECUREWARE, 1, 450 [Define if you have SecureWare-based 451 protected password database]) 452 disable_ptmx_check=yes 453 LIBS="$LIBS -lsecpw" 454 ;; 455 esac 456 ;; 457*-*-irix5*) 458 PATH="$PATH:/usr/etc" 459 AC_DEFINE(BROKEN_INET_NTOA, 1, 460 [Define if you system's inet_ntoa is busted 461 (e.g. Irix gcc issue)]) 462 AC_DEFINE(SETEUID_BREAKS_SETUID) 463 AC_DEFINE(BROKEN_SETREUID) 464 AC_DEFINE(BROKEN_SETREGID) 465 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 466 [Define if you shouldn't strip 'tty' from your 467 ttyname in [uw]tmp]) 468 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 469 ;; 470*-*-irix6*) 471 PATH="$PATH:/usr/etc" 472 AC_DEFINE(WITH_IRIX_ARRAY, 1, 473 [Define if you have/want arrays 474 (cluster-wide session managment, not C arrays)]) 475 AC_DEFINE(WITH_IRIX_PROJECT, 1, 476 [Define if you want IRIX project management]) 477 AC_DEFINE(WITH_IRIX_AUDIT, 1, 478 [Define if you want IRIX audit trails]) 479 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 480 [Define if you want IRIX kernel jobs])]) 481 AC_DEFINE(BROKEN_INET_NTOA) 482 AC_DEFINE(SETEUID_BREAKS_SETUID) 483 AC_DEFINE(BROKEN_SETREUID) 484 AC_DEFINE(BROKEN_SETREGID) 485 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 486 AC_DEFINE(WITH_ABBREV_NO_TTY) 487 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 488 ;; 489*-*-linux*) 490 no_dev_ptmx=1 491 check_for_libcrypt_later=1 492 check_for_openpty_ctty_bug=1 493 AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks]) 494 AC_DEFINE(PAM_TTY_KLUDGE, 1, 495 [Work around problematic Linux PAM modules handling of PAM_TTY]) 496 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 497 [String used in /etc/passwd to denote locked account]) 498 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 499 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 500 [Define to whatever link() returns for "not supported" 501 if it doesn't return EOPNOTSUPP.]) 502 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 503 AC_DEFINE(USE_BTMP) 504 inet6_default_4in6=yes 505 case `uname -r` in 506 1.*|2.0.*) 507 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 508 [Define if cmsg_type is not passed correctly]) 509 ;; 510 esac 511 # tun(4) forwarding compat code 512 AC_CHECK_HEADERS(linux/if_tun.h) 513 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 514 AC_DEFINE(SSH_TUN_LINUX, 1, 515 [Open tunnel devices the Linux tun/tap way]) 516 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 517 [Use tunnel device compatibility to OpenBSD]) 518 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 519 [Prepend the address family to IP tunnel traffic]) 520 fi 521 ;; 522mips-sony-bsd|mips-sony-newsos4) 523 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) 524 SONY=1 525 ;; 526*-*-netbsd*) 527 check_for_libcrypt_before=1 528 if test "x$withval" != "xno" ; then 529 need_dash_r=1 530 fi 531 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 532 AC_CHECK_HEADER([net/if_tap.h], , 533 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 534 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 535 [Prepend the address family to IP tunnel traffic]) 536 ;; 537*-*-freebsd*) 538 check_for_libcrypt_later=1 539 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)]) 540 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 541 AC_CHECK_HEADER([net/if_tap.h], , 542 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 543 ;; 544*-*-bsdi*) 545 AC_DEFINE(SETEUID_BREAKS_SETUID) 546 AC_DEFINE(BROKEN_SETREUID) 547 AC_DEFINE(BROKEN_SETREGID) 548 ;; 549*-next-*) 550 conf_lastlog_location="/usr/adm/lastlog" 551 conf_utmp_location=/etc/utmp 552 conf_wtmp_location=/usr/adm/wtmp 553 MAIL=/usr/spool/mail 554 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 555 AC_DEFINE(BROKEN_REALPATH) 556 AC_DEFINE(USE_PIPES) 557 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 558 ;; 559*-*-openbsd*) 560 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 561 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 562 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 563 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1, 564 [syslog_r function is safe to use in in a signal handler]) 565 ;; 566*-*-solaris*) 567 if test "x$withval" != "xno" ; then 568 need_dash_r=1 569 fi 570 AC_DEFINE(PAM_SUN_CODEBASE) 571 AC_DEFINE(LOGIN_NEEDS_UTMPX) 572 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 573 [Some versions of /bin/login need the TERM supplied 574 on the commandline]) 575 AC_DEFINE(PAM_TTY_KLUDGE) 576 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 577 [Define if pam_chauthtok wants real uid set 578 to the unpriv'ed user]) 579 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 580 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 581 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 582 [Define if sshd somehow reacquires a controlling TTY 583 after setsid()]) 584 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd 585 in case the name is longer than 8 chars]) 586 external_path_file=/etc/default/login 587 # hardwire lastlog location (can't detect it on some versions) 588 conf_lastlog_location="/var/adm/lastlog" 589 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 590 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 591 if test "$sol2ver" -ge 8; then 592 AC_MSG_RESULT(yes) 593 AC_DEFINE(DISABLE_UTMP) 594 AC_DEFINE(DISABLE_WTMP, 1, 595 [Define if you don't want to use wtmp]) 596 else 597 AC_MSG_RESULT(no) 598 fi 599 AC_ARG_WITH(solaris-contracts, 600 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 601 [ 602 AC_CHECK_LIB(contract, ct_tmpl_activate, 603 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, 604 [Define if you have Solaris process contracts]) 605 SSHDLIBS="$SSHDLIBS -lcontract" 606 AC_SUBST(SSHDLIBS) 607 SPC_MSG="yes" ], ) 608 ], 609 ) 610 ;; 611*-*-sunos4*) 612 CPPFLAGS="$CPPFLAGS -DSUNOS4" 613 AC_CHECK_FUNCS(getpwanam) 614 AC_DEFINE(PAM_SUN_CODEBASE) 615 conf_utmp_location=/etc/utmp 616 conf_wtmp_location=/var/adm/wtmp 617 conf_lastlog_location=/var/adm/lastlog 618 AC_DEFINE(USE_PIPES) 619 ;; 620*-ncr-sysv*) 621 LIBS="$LIBS -lc89" 622 AC_DEFINE(USE_PIPES) 623 AC_DEFINE(SSHD_ACQUIRES_CTTY) 624 AC_DEFINE(SETEUID_BREAKS_SETUID) 625 AC_DEFINE(BROKEN_SETREUID) 626 AC_DEFINE(BROKEN_SETREGID) 627 ;; 628*-sni-sysv*) 629 # /usr/ucblib MUST NOT be searched on ReliantUNIX 630 AC_CHECK_LIB(dl, dlsym, ,) 631 # -lresolv needs to be at the end of LIBS or DNS lookups break 632 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 633 IPADDR_IN_DISPLAY=yes 634 AC_DEFINE(USE_PIPES) 635 AC_DEFINE(IP_TOS_IS_BROKEN) 636 AC_DEFINE(SETEUID_BREAKS_SETUID) 637 AC_DEFINE(BROKEN_SETREUID) 638 AC_DEFINE(BROKEN_SETREGID) 639 AC_DEFINE(SSHD_ACQUIRES_CTTY) 640 external_path_file=/etc/default/login 641 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 642 # Attention: always take care to bind libsocket and libnsl before libc, 643 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 644 ;; 645# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 646*-*-sysv4.2*) 647 AC_DEFINE(USE_PIPES) 648 AC_DEFINE(SETEUID_BREAKS_SETUID) 649 AC_DEFINE(BROKEN_SETREUID) 650 AC_DEFINE(BROKEN_SETREGID) 651 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 652 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 653 ;; 654# UnixWare 7.x, OpenUNIX 8 655*-*-sysv5*) 656 check_for_libcrypt_later=1 657 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 658 AC_DEFINE(USE_PIPES) 659 AC_DEFINE(SETEUID_BREAKS_SETUID) 660 AC_DEFINE(BROKEN_SETREUID) 661 AC_DEFINE(BROKEN_SETREGID) 662 AC_DEFINE(PASSWD_NEEDS_USERNAME) 663 case "$host" in 664 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 665 TEST_SHELL=/u95/bin/sh 666 AC_DEFINE(BROKEN_LIBIAF, 1, 667 [ia_uinfo routines not supported by OS yet]) 668 AC_DEFINE(BROKEN_UPDWTMPX) 669 ;; 670 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 671 ;; 672 esac 673 ;; 674*-*-sysv*) 675 ;; 676# SCO UNIX and OEM versions of SCO UNIX 677*-*-sco3.2v4*) 678 AC_MSG_ERROR("This Platform is no longer supported.") 679 ;; 680# SCO OpenServer 5.x 681*-*-sco3.2v5*) 682 if test -z "$GCC"; then 683 CFLAGS="$CFLAGS -belf" 684 fi 685 LIBS="$LIBS -lprot -lx -ltinfo -lm" 686 no_dev_ptmx=1 687 AC_DEFINE(USE_PIPES) 688 AC_DEFINE(HAVE_SECUREWARE) 689 AC_DEFINE(DISABLE_SHADOW) 690 AC_DEFINE(DISABLE_FD_PASSING) 691 AC_DEFINE(SETEUID_BREAKS_SETUID) 692 AC_DEFINE(BROKEN_SETREUID) 693 AC_DEFINE(BROKEN_SETREGID) 694 AC_DEFINE(WITH_ABBREV_NO_TTY) 695 AC_DEFINE(BROKEN_UPDWTMPX) 696 AC_DEFINE(PASSWD_NEEDS_USERNAME) 697 AC_CHECK_FUNCS(getluid setluid) 698 MANTYPE=man 699 TEST_SHELL=ksh 700 ;; 701*-*-unicosmk*) 702 AC_DEFINE(NO_SSH_LASTLOG, 1, 703 [Define if you don't want to use lastlog in session.c]) 704 AC_DEFINE(SETEUID_BREAKS_SETUID) 705 AC_DEFINE(BROKEN_SETREUID) 706 AC_DEFINE(BROKEN_SETREGID) 707 AC_DEFINE(USE_PIPES) 708 AC_DEFINE(DISABLE_FD_PASSING) 709 LDFLAGS="$LDFLAGS" 710 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 711 MANTYPE=cat 712 ;; 713*-*-unicosmp*) 714 AC_DEFINE(SETEUID_BREAKS_SETUID) 715 AC_DEFINE(BROKEN_SETREUID) 716 AC_DEFINE(BROKEN_SETREGID) 717 AC_DEFINE(WITH_ABBREV_NO_TTY) 718 AC_DEFINE(USE_PIPES) 719 AC_DEFINE(DISABLE_FD_PASSING) 720 LDFLAGS="$LDFLAGS" 721 LIBS="$LIBS -lgen -lacid -ldb" 722 MANTYPE=cat 723 ;; 724*-*-unicos*) 725 AC_DEFINE(SETEUID_BREAKS_SETUID) 726 AC_DEFINE(BROKEN_SETREUID) 727 AC_DEFINE(BROKEN_SETREGID) 728 AC_DEFINE(USE_PIPES) 729 AC_DEFINE(DISABLE_FD_PASSING) 730 AC_DEFINE(NO_SSH_LASTLOG) 731 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 732 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 733 MANTYPE=cat 734 ;; 735*-dec-osf*) 736 AC_MSG_CHECKING(for Digital Unix SIA) 737 no_osfsia="" 738 AC_ARG_WITH(osfsia, 739 [ --with-osfsia Enable Digital Unix SIA], 740 [ 741 if test "x$withval" = "xno" ; then 742 AC_MSG_RESULT(disabled) 743 no_osfsia=1 744 fi 745 ], 746 ) 747 if test -z "$no_osfsia" ; then 748 if test -f /etc/sia/matrix.conf; then 749 AC_MSG_RESULT(yes) 750 AC_DEFINE(HAVE_OSF_SIA, 1, 751 [Define if you have Digital Unix Security 752 Integration Architecture]) 753 AC_DEFINE(DISABLE_LOGIN, 1, 754 [Define if you don't want to use your 755 system's login() call]) 756 AC_DEFINE(DISABLE_FD_PASSING) 757 LIBS="$LIBS -lsecurity -ldb -lm -laud" 758 SIA_MSG="yes" 759 else 760 AC_MSG_RESULT(no) 761 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 762 [String used in /etc/passwd to denote locked account]) 763 fi 764 fi 765 AC_DEFINE(BROKEN_GETADDRINFO) 766 AC_DEFINE(SETEUID_BREAKS_SETUID) 767 AC_DEFINE(BROKEN_SETREUID) 768 AC_DEFINE(BROKEN_SETREGID) 769 ;; 770 771*-*-nto-qnx*) 772 AC_DEFINE(USE_PIPES) 773 AC_DEFINE(NO_X11_UNIX_SOCKETS) 774 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems]) 775 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems]) 776 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems]) 777 AC_DEFINE(DISABLE_LASTLOG) 778 AC_DEFINE(SSHD_ACQUIRES_CTTY) 779 enable_etc_default_login=no # has incompatible /etc/default/login 780 ;; 781 782*-*-ultrix*) 783 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 784 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 785 AC_DEFINE(NEED_SETPGRP) 786 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 787 ;; 788 789*-*-lynxos) 790 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 791 AC_DEFINE(MISSING_HOWMANY) 792 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 793 ;; 794esac 795 796AC_MSG_CHECKING(compiler and flags for sanity) 797AC_RUN_IFELSE( 798 [AC_LANG_SOURCE([ 799#include <stdio.h> 800int main(){exit(0);} 801 ])], 802 [ AC_MSG_RESULT(yes) ], 803 [ 804 AC_MSG_RESULT(no) 805 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 806 ], 807 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 808) 809 810dnl Checks for header files. 811# Checks for libraries. 812AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 813AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 814 815dnl IRIX and Solaris 2.5.1 have dirname() in libgen 816AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 817 AC_CHECK_LIB(gen, dirname,[ 818 AC_CACHE_CHECK([for broken dirname], 819 ac_cv_have_broken_dirname, [ 820 save_LIBS="$LIBS" 821 LIBS="$LIBS -lgen" 822 AC_RUN_IFELSE( 823 [AC_LANG_SOURCE([[ 824#include <libgen.h> 825#include <string.h> 826 827int main(int argc, char **argv) { 828 char *s, buf[32]; 829 830 strncpy(buf,"/etc", 32); 831 s = dirname(buf); 832 if (!s || strncmp(s, "/", 32) != 0) { 833 exit(1); 834 } else { 835 exit(0); 836 } 837} 838 ]])], 839 [ ac_cv_have_broken_dirname="no" ], 840 [ ac_cv_have_broken_dirname="yes" ], 841 [ ac_cv_have_broken_dirname="no" ], 842 ) 843 LIBS="$save_LIBS" 844 ]) 845 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 846 LIBS="$LIBS -lgen" 847 AC_DEFINE(HAVE_DIRNAME) 848 AC_CHECK_HEADERS(libgen.h) 849 fi 850 ]) 851]) 852 853AC_CHECK_FUNC(getspnam, , 854 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 855AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 856 [Define if you have the basename function.])) 857 858dnl zlib is required 859AC_ARG_WITH(zlib, 860 [ --with-zlib=PATH Use zlib in PATH], 861 [ if test "x$withval" = "xno" ; then 862 AC_MSG_ERROR([*** zlib is required ***]) 863 elif test "x$withval" != "xyes"; then 864 if test -d "$withval/lib"; then 865 if test -n "${need_dash_r}"; then 866 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 867 else 868 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 869 fi 870 else 871 if test -n "${need_dash_r}"; then 872 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 873 else 874 LDFLAGS="-L${withval} ${LDFLAGS}" 875 fi 876 fi 877 if test -d "$withval/include"; then 878 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 879 else 880 CPPFLAGS="-I${withval} ${CPPFLAGS}" 881 fi 882 fi ] 883) 884 885AC_CHECK_LIB(z, deflate, , 886 [ 887 saved_CPPFLAGS="$CPPFLAGS" 888 saved_LDFLAGS="$LDFLAGS" 889 save_LIBS="$LIBS" 890 dnl Check default zlib install dir 891 if test -n "${need_dash_r}"; then 892 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 893 else 894 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 895 fi 896 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 897 LIBS="$LIBS -lz" 898 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 899 [ 900 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 901 ] 902 ) 903 ] 904) 905AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 906 907AC_ARG_WITH(zlib-version-check, 908 [ --without-zlib-version-check Disable zlib version check], 909 [ if test "x$withval" = "xno" ; then 910 zlib_check_nonfatal=1 911 fi 912 ] 913) 914 915AC_MSG_CHECKING(for possibly buggy zlib) 916AC_RUN_IFELSE([AC_LANG_SOURCE([[ 917#include <stdio.h> 918#include <zlib.h> 919int main() 920{ 921 int a=0, b=0, c=0, d=0, n, v; 922 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 923 if (n != 3 && n != 4) 924 exit(1); 925 v = a*1000000 + b*10000 + c*100 + d; 926 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 927 928 /* 1.1.4 is OK */ 929 if (a == 1 && b == 1 && c >= 4) 930 exit(0); 931 932 /* 1.2.3 and up are OK */ 933 if (v >= 1020300) 934 exit(0); 935 936 exit(2); 937} 938 ]])], 939 AC_MSG_RESULT(no), 940 [ AC_MSG_RESULT(yes) 941 if test -z "$zlib_check_nonfatal" ; then 942 AC_MSG_ERROR([*** zlib too old - check config.log *** 943Your reported zlib version has known security problems. It's possible your 944vendor has fixed these problems without changing the version number. If you 945are sure this is the case, you can disable the check by running 946"./configure --without-zlib-version-check". 947If you are in doubt, upgrade zlib to version 1.2.3 or greater. 948See http://www.gzip.org/zlib/ for details.]) 949 else 950 AC_MSG_WARN([zlib version may have security problems]) 951 fi 952 ], 953 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 954) 955 956dnl UnixWare 2.x 957AC_CHECK_FUNC(strcasecmp, 958 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 959) 960AC_CHECK_FUNCS(utimes, 961 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 962 LIBS="$LIBS -lc89"]) ] 963) 964 965dnl Checks for libutil functions 966AC_CHECK_HEADERS(libutil.h) 967AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 968 [Define if your libraries define login()])]) 969AC_CHECK_FUNCS(logout updwtmp logwtmp) 970 971AC_FUNC_STRFTIME 972 973# Check for ALTDIRFUNC glob() extension 974AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 975AC_EGREP_CPP(FOUNDIT, 976 [ 977 #include <glob.h> 978 #ifdef GLOB_ALTDIRFUNC 979 FOUNDIT 980 #endif 981 ], 982 [ 983 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 984 [Define if your system glob() function has 985 the GLOB_ALTDIRFUNC extension]) 986 AC_MSG_RESULT(yes) 987 ], 988 [ 989 AC_MSG_RESULT(no) 990 ] 991) 992 993# Check for g.gl_matchc glob() extension 994AC_MSG_CHECKING(for gl_matchc field in glob_t) 995AC_TRY_COMPILE( 996 [ #include <glob.h> ], 997 [glob_t g; g.gl_matchc = 1;], 998 [ 999 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 1000 [Define if your system glob() function has 1001 gl_matchc options in glob_t]) 1002 AC_MSG_RESULT(yes) 1003 ], 1004 [ 1005 AC_MSG_RESULT(no) 1006 ] 1007) 1008 1009AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>]) 1010 1011AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1012AC_RUN_IFELSE( 1013 [AC_LANG_SOURCE([[ 1014#include <sys/types.h> 1015#include <dirent.h> 1016int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 1017 ]])], 1018 [AC_MSG_RESULT(yes)], 1019 [ 1020 AC_MSG_RESULT(no) 1021 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 1022 [Define if your struct dirent expects you to 1023 allocate extra space for d_name]) 1024 ], 1025 [ 1026 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1027 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 1028 ] 1029) 1030 1031AC_MSG_CHECKING([for /proc/pid/fd directory]) 1032if test -d "/proc/$$/fd" ; then 1033 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 1034 AC_MSG_RESULT(yes) 1035else 1036 AC_MSG_RESULT(no) 1037fi 1038 1039# Check whether user wants S/Key support 1040SKEY_MSG="no" 1041AC_ARG_WITH(skey, 1042 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1043 [ 1044 if test "x$withval" != "xno" ; then 1045 1046 if test "x$withval" != "xyes" ; then 1047 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1048 LDFLAGS="$LDFLAGS -L${withval}/lib" 1049 fi 1050 1051 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1052 LIBS="-lskey $LIBS" 1053 SKEY_MSG="yes" 1054 1055 AC_MSG_CHECKING([for s/key support]) 1056 AC_LINK_IFELSE( 1057 [AC_LANG_SOURCE([[ 1058#include <stdio.h> 1059#include <skey.h> 1060int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 1061 ]])], 1062 [AC_MSG_RESULT(yes)], 1063 [ 1064 AC_MSG_RESULT(no) 1065 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1066 ]) 1067 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 1068 AC_TRY_COMPILE( 1069 [#include <stdio.h> 1070 #include <skey.h>], 1071 [(void)skeychallenge(NULL,"name","",0);], 1072 [AC_MSG_RESULT(yes) 1073 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 1074 [Define if your skeychallenge() 1075 function takes 4 arguments (NetBSD)])], 1076 [AC_MSG_RESULT(no)] 1077 ) 1078 fi 1079 ] 1080) 1081 1082# Check whether user wants TCP wrappers support 1083TCPW_MSG="no" 1084AC_ARG_WITH(tcp-wrappers, 1085 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1086 [ 1087 if test "x$withval" != "xno" ; then 1088 saved_LIBS="$LIBS" 1089 saved_LDFLAGS="$LDFLAGS" 1090 saved_CPPFLAGS="$CPPFLAGS" 1091 if test -n "${withval}" && \ 1092 test "x${withval}" != "xyes"; then 1093 if test -d "${withval}/lib"; then 1094 if test -n "${need_dash_r}"; then 1095 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1096 else 1097 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1098 fi 1099 else 1100 if test -n "${need_dash_r}"; then 1101 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1102 else 1103 LDFLAGS="-L${withval} ${LDFLAGS}" 1104 fi 1105 fi 1106 if test -d "${withval}/include"; then 1107 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1108 else 1109 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1110 fi 1111 fi 1112 LIBWRAP="-lwrap" 1113 LIBS="$LIBWRAP $LIBS" 1114 AC_MSG_CHECKING(for libwrap) 1115 AC_TRY_LINK( 1116 [ 1117#include <sys/types.h> 1118#include <sys/socket.h> 1119#include <netinet/in.h> 1120#include <tcpd.h> 1121 int deny_severity = 0, allow_severity = 0; 1122 ], 1123 [hosts_access(0);], 1124 [ 1125 AC_MSG_RESULT(yes) 1126 AC_DEFINE(LIBWRAP, 1, 1127 [Define if you want 1128 TCP Wrappers support]) 1129 AC_SUBST(LIBWRAP) 1130 TCPW_MSG="yes" 1131 ], 1132 [ 1133 AC_MSG_ERROR([*** libwrap missing]) 1134 ] 1135 ) 1136 LIBS="$saved_LIBS" 1137 fi 1138 ] 1139) 1140 1141# Check whether user wants libedit support 1142LIBEDIT_MSG="no" 1143AC_ARG_WITH(libedit, 1144 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1145 [ if test "x$withval" != "xno" ; then 1146 if test "x$withval" != "xyes"; then 1147 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1148 if test -n "${need_dash_r}"; then 1149 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1150 else 1151 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1152 fi 1153 fi 1154 AC_CHECK_LIB(edit, el_init, 1155 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1156 LIBEDIT="-ledit -lcurses" 1157 LIBEDIT_MSG="yes" 1158 AC_SUBST(LIBEDIT) 1159 ], 1160 [ AC_MSG_ERROR(libedit not found) ], 1161 [ -lcurses ] 1162 ) 1163 AC_MSG_CHECKING(if libedit version is compatible) 1164 AC_COMPILE_IFELSE( 1165 [AC_LANG_SOURCE([[ 1166#include <histedit.h> 1167int main(void) 1168{ 1169 int i = H_SETSIZE; 1170 el_init("", NULL, NULL, NULL); 1171 exit(0); 1172} 1173 ]])], 1174 [ AC_MSG_RESULT(yes) ], 1175 [ AC_MSG_RESULT(no) 1176 AC_MSG_ERROR(libedit version is not compatible) ] 1177 ) 1178 fi ] 1179) 1180 1181AUDIT_MODULE=none 1182AC_ARG_WITH(audit, 1183 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1184 [ 1185 AC_MSG_CHECKING(for supported audit module) 1186 case "$withval" in 1187 bsm) 1188 AC_MSG_RESULT(bsm) 1189 AUDIT_MODULE=bsm 1190 dnl Checks for headers, libs and functions 1191 AC_CHECK_HEADERS(bsm/audit.h, [], 1192 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)], 1193 [ 1194#ifdef HAVE_TIME_H 1195# include <time.h> 1196#endif 1197 ] 1198) 1199 AC_CHECK_LIB(bsm, getaudit, [], 1200 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1201 AC_CHECK_FUNCS(getaudit, [], 1202 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1203 # These are optional 1204 AC_CHECK_FUNCS(getaudit_addr) 1205 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1206 ;; 1207 debug) 1208 AUDIT_MODULE=debug 1209 AC_MSG_RESULT(debug) 1210 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1211 ;; 1212 no) 1213 AC_MSG_RESULT(no) 1214 ;; 1215 *) 1216 AC_MSG_ERROR([Unknown audit module $withval]) 1217 ;; 1218 esac ] 1219) 1220 1221dnl Checks for library functions. Please keep in alphabetical order 1222AC_CHECK_FUNCS( \ 1223 arc4random \ 1224 asprintf \ 1225 b64_ntop \ 1226 __b64_ntop \ 1227 b64_pton \ 1228 __b64_pton \ 1229 bcopy \ 1230 bindresvport_sa \ 1231 clock \ 1232 closefrom \ 1233 dirfd \ 1234 fchmod \ 1235 fchown \ 1236 freeaddrinfo \ 1237 futimes \ 1238 getaddrinfo \ 1239 getcwd \ 1240 getgrouplist \ 1241 getnameinfo \ 1242 getopt \ 1243 getpeereid \ 1244 _getpty \ 1245 getrlimit \ 1246 getttyent \ 1247 glob \ 1248 inet_aton \ 1249 inet_ntoa \ 1250 inet_ntop \ 1251 innetgr \ 1252 login_getcapbool \ 1253 md5_crypt \ 1254 memmove \ 1255 mkdtemp \ 1256 mmap \ 1257 ngetaddrinfo \ 1258 nsleep \ 1259 ogetaddrinfo \ 1260 openlog_r \ 1261 openpty \ 1262 prctl \ 1263 pstat \ 1264 readpassphrase \ 1265 realpath \ 1266 recvmsg \ 1267 rresvport_af \ 1268 sendmsg \ 1269 setdtablesize \ 1270 setegid \ 1271 setenv \ 1272 seteuid \ 1273 setgroups \ 1274 setlogin \ 1275 setpcred \ 1276 setproctitle \ 1277 setregid \ 1278 setreuid \ 1279 setrlimit \ 1280 setsid \ 1281 setvbuf \ 1282 sigaction \ 1283 sigvec \ 1284 snprintf \ 1285 socketpair \ 1286 strdup \ 1287 strerror \ 1288 strlcat \ 1289 strlcpy \ 1290 strmode \ 1291 strnvis \ 1292 strtonum \ 1293 strtoll \ 1294 strtoul \ 1295 sysconf \ 1296 tcgetpgrp \ 1297 truncate \ 1298 unsetenv \ 1299 updwtmpx \ 1300 vasprintf \ 1301 vhangup \ 1302 vsnprintf \ 1303 waitpid \ 1304) 1305 1306# IRIX has a const char return value for gai_strerror() 1307AC_CHECK_FUNCS(gai_strerror,[ 1308 AC_DEFINE(HAVE_GAI_STRERROR) 1309 AC_TRY_COMPILE([ 1310#include <sys/types.h> 1311#include <sys/socket.h> 1312#include <netdb.h> 1313 1314const char *gai_strerror(int);],[ 1315char *str; 1316 1317str = gai_strerror(0);],[ 1318 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1319 [Define if gai_strerror() returns const char *])])]) 1320 1321AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1322 [Some systems put nanosleep outside of libc])) 1323 1324dnl Make sure prototypes are defined for these before using them. 1325AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1326AC_CHECK_DECL(strsep, 1327 [AC_CHECK_FUNCS(strsep)], 1328 [], 1329 [ 1330#ifdef HAVE_STRING_H 1331# include <string.h> 1332#endif 1333 ]) 1334 1335dnl tcsendbreak might be a macro 1336AC_CHECK_DECL(tcsendbreak, 1337 [AC_DEFINE(HAVE_TCSENDBREAK)], 1338 [AC_CHECK_FUNCS(tcsendbreak)], 1339 [#include <termios.h>] 1340) 1341 1342AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1343 1344AC_CHECK_DECLS(SHUT_RD, , , 1345 [ 1346#include <sys/types.h> 1347#include <sys/socket.h> 1348 ]) 1349 1350AC_CHECK_DECLS(O_NONBLOCK, , , 1351 [ 1352#include <sys/types.h> 1353#ifdef HAVE_SYS_STAT_H 1354# include <sys/stat.h> 1355#endif 1356#ifdef HAVE_FCNTL_H 1357# include <fcntl.h> 1358#endif 1359 ]) 1360 1361AC_CHECK_DECLS(writev, , , [ 1362#include <sys/types.h> 1363#include <sys/uio.h> 1364#include <unistd.h> 1365 ]) 1366 1367AC_CHECK_FUNCS(setresuid, [ 1368 dnl Some platorms have setresuid that isn't implemented, test for this 1369 AC_MSG_CHECKING(if setresuid seems to work) 1370 AC_RUN_IFELSE( 1371 [AC_LANG_SOURCE([[ 1372#include <stdlib.h> 1373#include <errno.h> 1374int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1375 ]])], 1376 [AC_MSG_RESULT(yes)], 1377 [AC_DEFINE(BROKEN_SETRESUID, 1, 1378 [Define if your setresuid() is broken]) 1379 AC_MSG_RESULT(not implemented)], 1380 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1381 ) 1382]) 1383 1384AC_CHECK_FUNCS(setresgid, [ 1385 dnl Some platorms have setresgid that isn't implemented, test for this 1386 AC_MSG_CHECKING(if setresgid seems to work) 1387 AC_RUN_IFELSE( 1388 [AC_LANG_SOURCE([[ 1389#include <stdlib.h> 1390#include <errno.h> 1391int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1392 ]])], 1393 [AC_MSG_RESULT(yes)], 1394 [AC_DEFINE(BROKEN_SETRESGID, 1, 1395 [Define if your setresgid() is broken]) 1396 AC_MSG_RESULT(not implemented)], 1397 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1398 ) 1399]) 1400 1401dnl Checks for time functions 1402AC_CHECK_FUNCS(gettimeofday time) 1403dnl Checks for utmp functions 1404AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1405AC_CHECK_FUNCS(utmpname) 1406dnl Checks for utmpx functions 1407AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) 1408AC_CHECK_FUNCS(setutxent utmpxname) 1409 1410AC_CHECK_FUNC(daemon, 1411 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1412 [AC_CHECK_LIB(bsd, daemon, 1413 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1414) 1415 1416AC_CHECK_FUNC(getpagesize, 1417 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1418 [Define if your libraries define getpagesize()])], 1419 [AC_CHECK_LIB(ucb, getpagesize, 1420 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1421) 1422 1423# Check for broken snprintf 1424if test "x$ac_cv_func_snprintf" = "xyes" ; then 1425 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1426 AC_RUN_IFELSE( 1427 [AC_LANG_SOURCE([[ 1428#include <stdio.h> 1429int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1430 ]])], 1431 [AC_MSG_RESULT(yes)], 1432 [ 1433 AC_MSG_RESULT(no) 1434 AC_DEFINE(BROKEN_SNPRINTF, 1, 1435 [Define if your snprintf is busted]) 1436 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1437 ], 1438 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1439 ) 1440fi 1441 1442# If we don't have a working asprintf, then we strongly depend on vsnprintf 1443# returning the right thing on overflow: the number of characters it tried to 1444# create (as per SUSv3) 1445if test "x$ac_cv_func_asprintf" != "xyes" && \ 1446 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1447 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1448 AC_RUN_IFELSE( 1449 [AC_LANG_SOURCE([[ 1450#include <sys/types.h> 1451#include <stdio.h> 1452#include <stdarg.h> 1453 1454int x_snprintf(char *str,size_t count,const char *fmt,...) 1455{ 1456 size_t ret; va_list ap; 1457 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1458 return ret; 1459} 1460int main(void) 1461{ 1462 char x[1]; 1463 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1464} ]])], 1465 [AC_MSG_RESULT(yes)], 1466 [ 1467 AC_MSG_RESULT(no) 1468 AC_DEFINE(BROKEN_SNPRINTF, 1, 1469 [Define if your snprintf is busted]) 1470 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1471 ], 1472 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1473 ) 1474fi 1475 1476# On systems where [v]snprintf is broken, but is declared in stdio, 1477# check that the fmt argument is const char * or just char *. 1478# This is only useful for when BROKEN_SNPRINTF 1479AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1480AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1481 int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1482 int main(void) { snprintf(0, 0, 0); } 1483 ]])], 1484 [AC_MSG_RESULT(yes) 1485 AC_DEFINE(SNPRINTF_CONST, [const], 1486 [Define as const if snprintf() can declare const char *fmt])], 1487 [AC_MSG_RESULT(no) 1488 AC_DEFINE(SNPRINTF_CONST, [/* not const */])]) 1489 1490# Check for missing getpeereid (or equiv) support 1491NO_PEERCHECK="" 1492if test "x$ac_cv_func_getpeereid" != "xyes" ; then 1493 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1494 AC_TRY_COMPILE( 1495 [#include <sys/types.h> 1496 #include <sys/socket.h>], 1497 [int i = SO_PEERCRED;], 1498 [ AC_MSG_RESULT(yes) 1499 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1500 ], 1501 [AC_MSG_RESULT(no) 1502 NO_PEERCHECK=1] 1503 ) 1504fi 1505 1506dnl see whether mkstemp() requires XXXXXX 1507if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1508AC_MSG_CHECKING([for (overly) strict mkstemp]) 1509AC_RUN_IFELSE( 1510 [AC_LANG_SOURCE([[ 1511#include <stdlib.h> 1512main() { char template[]="conftest.mkstemp-test"; 1513if (mkstemp(template) == -1) 1514 exit(1); 1515unlink(template); exit(0); 1516} 1517 ]])], 1518 [ 1519 AC_MSG_RESULT(no) 1520 ], 1521 [ 1522 AC_MSG_RESULT(yes) 1523 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1524 ], 1525 [ 1526 AC_MSG_RESULT(yes) 1527 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1528 ] 1529) 1530fi 1531 1532dnl make sure that openpty does not reacquire controlling terminal 1533if test ! -z "$check_for_openpty_ctty_bug"; then 1534 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1535 AC_RUN_IFELSE( 1536 [AC_LANG_SOURCE([[ 1537#include <stdio.h> 1538#include <sys/fcntl.h> 1539#include <sys/types.h> 1540#include <sys/wait.h> 1541 1542int 1543main() 1544{ 1545 pid_t pid; 1546 int fd, ptyfd, ttyfd, status; 1547 1548 pid = fork(); 1549 if (pid < 0) { /* failed */ 1550 exit(1); 1551 } else if (pid > 0) { /* parent */ 1552 waitpid(pid, &status, 0); 1553 if (WIFEXITED(status)) 1554 exit(WEXITSTATUS(status)); 1555 else 1556 exit(2); 1557 } else { /* child */ 1558 close(0); close(1); close(2); 1559 setsid(); 1560 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1561 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1562 if (fd >= 0) 1563 exit(3); /* Acquired ctty: broken */ 1564 else 1565 exit(0); /* Did not acquire ctty: OK */ 1566 } 1567} 1568 ]])], 1569 [ 1570 AC_MSG_RESULT(yes) 1571 ], 1572 [ 1573 AC_MSG_RESULT(no) 1574 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1575 ], 1576 [ 1577 AC_MSG_RESULT(cross-compiling, assuming yes) 1578 ] 1579 ) 1580fi 1581 1582if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1583 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1584 AC_MSG_CHECKING(if getaddrinfo seems to work) 1585 AC_RUN_IFELSE( 1586 [AC_LANG_SOURCE([[ 1587#include <stdio.h> 1588#include <sys/socket.h> 1589#include <netdb.h> 1590#include <errno.h> 1591#include <netinet/in.h> 1592 1593#define TEST_PORT "2222" 1594 1595int 1596main(void) 1597{ 1598 int err, sock; 1599 struct addrinfo *gai_ai, *ai, hints; 1600 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1601 1602 memset(&hints, 0, sizeof(hints)); 1603 hints.ai_family = PF_UNSPEC; 1604 hints.ai_socktype = SOCK_STREAM; 1605 hints.ai_flags = AI_PASSIVE; 1606 1607 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1608 if (err != 0) { 1609 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1610 exit(1); 1611 } 1612 1613 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1614 if (ai->ai_family != AF_INET6) 1615 continue; 1616 1617 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1618 sizeof(ntop), strport, sizeof(strport), 1619 NI_NUMERICHOST|NI_NUMERICSERV); 1620 1621 if (err != 0) { 1622 if (err == EAI_SYSTEM) 1623 perror("getnameinfo EAI_SYSTEM"); 1624 else 1625 fprintf(stderr, "getnameinfo failed: %s\n", 1626 gai_strerror(err)); 1627 exit(2); 1628 } 1629 1630 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1631 if (sock < 0) 1632 perror("socket"); 1633 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1634 if (errno == EBADF) 1635 exit(3); 1636 } 1637 } 1638 exit(0); 1639} 1640 ]])], 1641 [ 1642 AC_MSG_RESULT(yes) 1643 ], 1644 [ 1645 AC_MSG_RESULT(no) 1646 AC_DEFINE(BROKEN_GETADDRINFO) 1647 ], 1648 [ 1649 AC_MSG_RESULT(cross-compiling, assuming yes) 1650 ] 1651 ) 1652fi 1653 1654if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1655 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1656 AC_MSG_CHECKING(if getaddrinfo seems to work) 1657 AC_RUN_IFELSE( 1658 [AC_LANG_SOURCE([[ 1659#include <stdio.h> 1660#include <sys/socket.h> 1661#include <netdb.h> 1662#include <errno.h> 1663#include <netinet/in.h> 1664 1665#define TEST_PORT "2222" 1666 1667int 1668main(void) 1669{ 1670 int err, sock; 1671 struct addrinfo *gai_ai, *ai, hints; 1672 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1673 1674 memset(&hints, 0, sizeof(hints)); 1675 hints.ai_family = PF_UNSPEC; 1676 hints.ai_socktype = SOCK_STREAM; 1677 hints.ai_flags = AI_PASSIVE; 1678 1679 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1680 if (err != 0) { 1681 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1682 exit(1); 1683 } 1684 1685 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1686 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1687 continue; 1688 1689 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1690 sizeof(ntop), strport, sizeof(strport), 1691 NI_NUMERICHOST|NI_NUMERICSERV); 1692 1693 if (ai->ai_family == AF_INET && err != 0) { 1694 perror("getnameinfo"); 1695 exit(2); 1696 } 1697 } 1698 exit(0); 1699} 1700 ]])], 1701 [ 1702 AC_MSG_RESULT(yes) 1703 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1704 [Define if you have a getaddrinfo that fails 1705 for the all-zeros IPv6 address]) 1706 ], 1707 [ 1708 AC_MSG_RESULT(no) 1709 AC_DEFINE(BROKEN_GETADDRINFO) 1710 ], 1711 [ 1712 AC_MSG_RESULT(cross-compiling, assuming no) 1713 ] 1714 ) 1715fi 1716 1717if test "x$check_for_conflicting_getspnam" = "x1"; then 1718 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1719 AC_COMPILE_IFELSE( 1720 [ 1721#include <shadow.h> 1722int main(void) {exit(0);} 1723 ], 1724 [ 1725 AC_MSG_RESULT(no) 1726 ], 1727 [ 1728 AC_MSG_RESULT(yes) 1729 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1730 [Conflicting defs for getspnam]) 1731 ] 1732 ) 1733fi 1734 1735AC_FUNC_GETPGRP 1736 1737# Search for OpenSSL 1738saved_CPPFLAGS="$CPPFLAGS" 1739saved_LDFLAGS="$LDFLAGS" 1740AC_ARG_WITH(ssl-dir, 1741 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1742 [ 1743 if test "x$withval" != "xno" ; then 1744 case "$withval" in 1745 # Relative paths 1746 ./*|../*) withval="`pwd`/$withval" 1747 esac 1748 if test -d "$withval/lib"; then 1749 if test -n "${need_dash_r}"; then 1750 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1751 else 1752 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1753 fi 1754 else 1755 if test -n "${need_dash_r}"; then 1756 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1757 else 1758 LDFLAGS="-L${withval} ${LDFLAGS}" 1759 fi 1760 fi 1761 if test -d "$withval/include"; then 1762 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1763 else 1764 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1765 fi 1766 fi 1767 ] 1768) 1769LIBS="-lcrypto $LIBS" 1770AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 1771 [Define if your ssl headers are included 1772 with #include <openssl/header.h>]), 1773 [ 1774 dnl Check default openssl install dir 1775 if test -n "${need_dash_r}"; then 1776 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 1777 else 1778 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 1779 fi 1780 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 1781 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 1782 [ 1783 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 1784 ] 1785 ) 1786 ] 1787) 1788 1789# Determine OpenSSL header version 1790AC_MSG_CHECKING([OpenSSL header version]) 1791AC_RUN_IFELSE( 1792 [AC_LANG_SOURCE([[ 1793#include <stdio.h> 1794#include <string.h> 1795#include <openssl/opensslv.h> 1796#define DATA "conftest.sslincver" 1797int main(void) { 1798 FILE *fd; 1799 int rc; 1800 1801 fd = fopen(DATA,"w"); 1802 if(fd == NULL) 1803 exit(1); 1804 1805 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 1806 exit(1); 1807 1808 exit(0); 1809} 1810 ]])], 1811 [ 1812 ssl_header_ver=`cat conftest.sslincver` 1813 AC_MSG_RESULT($ssl_header_ver) 1814 ], 1815 [ 1816 AC_MSG_RESULT(not found) 1817 AC_MSG_ERROR(OpenSSL version header not found.) 1818 ], 1819 [ 1820 AC_MSG_WARN([cross compiling: not checking]) 1821 ] 1822) 1823 1824# Determine OpenSSL library version 1825AC_MSG_CHECKING([OpenSSL library version]) 1826AC_RUN_IFELSE( 1827 [AC_LANG_SOURCE([[ 1828#include <stdio.h> 1829#include <string.h> 1830#include <openssl/opensslv.h> 1831#include <openssl/crypto.h> 1832#define DATA "conftest.ssllibver" 1833int main(void) { 1834 FILE *fd; 1835 int rc; 1836 1837 fd = fopen(DATA,"w"); 1838 if(fd == NULL) 1839 exit(1); 1840 1841 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 1842 exit(1); 1843 1844 exit(0); 1845} 1846 ]])], 1847 [ 1848 ssl_library_ver=`cat conftest.ssllibver` 1849 AC_MSG_RESULT($ssl_library_ver) 1850 ], 1851 [ 1852 AC_MSG_RESULT(not found) 1853 AC_MSG_ERROR(OpenSSL library not found.) 1854 ], 1855 [ 1856 AC_MSG_WARN([cross compiling: not checking]) 1857 ] 1858) 1859 1860AC_ARG_WITH(openssl-header-check, 1861 [ --without-openssl-header-check Disable OpenSSL version consistency check], 1862 [ if test "x$withval" = "xno" ; then 1863 openssl_check_nonfatal=1 1864 fi 1865 ] 1866) 1867 1868# Sanity check OpenSSL headers 1869AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 1870AC_RUN_IFELSE( 1871 [AC_LANG_SOURCE([[ 1872#include <string.h> 1873#include <openssl/opensslv.h> 1874int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 1875 ]])], 1876 [ 1877 AC_MSG_RESULT(yes) 1878 ], 1879 [ 1880 AC_MSG_RESULT(no) 1881 if test "x$openssl_check_nonfatal" = "x"; then 1882 AC_MSG_ERROR([Your OpenSSL headers do not match your 1883library. Check config.log for details. 1884If you are sure your installation is consistent, you can disable the check 1885by running "./configure --without-openssl-header-check". 1886Also see contrib/findssl.sh for help identifying header/library mismatches. 1887]) 1888 else 1889 AC_MSG_WARN([Your OpenSSL headers do not match your 1890library. Check config.log for details. 1891Also see contrib/findssl.sh for help identifying header/library mismatches.]) 1892 fi 1893 ], 1894 [ 1895 AC_MSG_WARN([cross compiling: not checking]) 1896 ] 1897) 1898 1899AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 1900AC_LINK_IFELSE( 1901 [AC_LANG_SOURCE([[ 1902#include <openssl/evp.h> 1903int main(void) { SSLeay_add_all_algorithms(); } 1904 ]])], 1905 [ 1906 AC_MSG_RESULT(yes) 1907 ], 1908 [ 1909 AC_MSG_RESULT(no) 1910 saved_LIBS="$LIBS" 1911 LIBS="$LIBS -ldl" 1912 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 1913 AC_LINK_IFELSE( 1914 [AC_LANG_SOURCE([[ 1915#include <openssl/evp.h> 1916int main(void) { SSLeay_add_all_algorithms(); } 1917 ]])], 1918 [ 1919 AC_MSG_RESULT(yes) 1920 ], 1921 [ 1922 AC_MSG_RESULT(no) 1923 LIBS="$saved_LIBS" 1924 ] 1925 ) 1926 ] 1927) 1928 1929AC_ARG_WITH(ssl-engine, 1930 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 1931 [ if test "x$withval" != "xno" ; then 1932 AC_MSG_CHECKING(for OpenSSL ENGINE support) 1933 AC_TRY_COMPILE( 1934 [ #include <openssl/engine.h>], 1935 [ 1936ENGINE_load_builtin_engines();ENGINE_register_all_complete(); 1937 ], 1938 [ AC_MSG_RESULT(yes) 1939 AC_DEFINE(USE_OPENSSL_ENGINE, 1, 1940 [Enable OpenSSL engine support]) 1941 ], 1942 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] 1943 ) 1944 fi ] 1945) 1946 1947# Check for OpenSSL without EVP_aes_{192,256}_cbc 1948AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 1949AC_LINK_IFELSE( 1950 [AC_LANG_SOURCE([[ 1951#include <string.h> 1952#include <openssl/evp.h> 1953int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);} 1954 ]])], 1955 [ 1956 AC_MSG_RESULT(no) 1957 ], 1958 [ 1959 AC_MSG_RESULT(yes) 1960 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 1961 [libcrypto is missing AES 192 and 256 bit functions]) 1962 ] 1963) 1964 1965# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 1966# because the system crypt() is more featureful. 1967if test "x$check_for_libcrypt_before" = "x1"; then 1968 AC_CHECK_LIB(crypt, crypt) 1969fi 1970 1971# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 1972# version in OpenSSL. 1973if test "x$check_for_libcrypt_later" = "x1"; then 1974 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 1975fi 1976 1977# Search for SHA256 support in libc and/or OpenSSL 1978AC_CHECK_FUNCS(SHA256_Update EVP_sha256) 1979 1980AC_CHECK_LIB(iaf, ia_openinfo) 1981 1982### Configure cryptographic random number support 1983 1984# Check wheter OpenSSL seeds itself 1985AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 1986AC_RUN_IFELSE( 1987 [AC_LANG_SOURCE([[ 1988#include <string.h> 1989#include <openssl/rand.h> 1990int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 1991 ]])], 1992 [ 1993 OPENSSL_SEEDS_ITSELF=yes 1994 AC_MSG_RESULT(yes) 1995 ], 1996 [ 1997 AC_MSG_RESULT(no) 1998 # Default to use of the rand helper if OpenSSL doesn't 1999 # seed itself 2000 USE_RAND_HELPER=yes 2001 ], 2002 [ 2003 AC_MSG_WARN([cross compiling: assuming yes]) 2004 # This is safe, since all recent OpenSSL versions will 2005 # complain at runtime if not seeded correctly. 2006 OPENSSL_SEEDS_ITSELF=yes 2007 ] 2008) 2009 2010# Check for PAM libs 2011PAM_MSG="no" 2012AC_ARG_WITH(pam, 2013 [ --with-pam Enable PAM support ], 2014 [ 2015 if test "x$withval" != "xno" ; then 2016 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2017 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2018 AC_MSG_ERROR([PAM headers not found]) 2019 fi 2020 2021 saved_LIBS="$LIBS" 2022 AC_CHECK_LIB(dl, dlopen, , ) 2023 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 2024 AC_CHECK_FUNCS(pam_getenvlist) 2025 AC_CHECK_FUNCS(pam_putenv) 2026 LIBS="$saved_LIBS" 2027 2028 PAM_MSG="yes" 2029 2030 LIBPAM="-lpam" 2031 AC_DEFINE(USE_PAM, 1, 2032 [Define if you want to enable PAM support]) 2033 2034 if test $ac_cv_lib_dl_dlopen = yes; then 2035 case "$LIBS" in 2036 *-ldl*) 2037 # libdl already in LIBS 2038 ;; 2039 *) 2040 LIBPAM="$LIBPAM -ldl" 2041 ;; 2042 esac 2043 fi 2044 AC_SUBST(LIBPAM) 2045 fi 2046 ] 2047) 2048 2049# Check for older PAM 2050if test "x$PAM_MSG" = "xyes" ; then 2051 # Check PAM strerror arguments (old PAM) 2052 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2053 AC_TRY_COMPILE( 2054 [ 2055#include <stdlib.h> 2056#if defined(HAVE_SECURITY_PAM_APPL_H) 2057#include <security/pam_appl.h> 2058#elif defined (HAVE_PAM_PAM_APPL_H) 2059#include <pam/pam_appl.h> 2060#endif 2061 ], 2062 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 2063 [AC_MSG_RESULT(no)], 2064 [ 2065 AC_DEFINE(HAVE_OLD_PAM, 1, 2066 [Define if you have an old version of PAM 2067 which takes only one argument to pam_strerror]) 2068 AC_MSG_RESULT(yes) 2069 PAM_MSG="yes (old library)" 2070 ] 2071 ) 2072fi 2073 2074# Do we want to force the use of the rand helper? 2075AC_ARG_WITH(rand-helper, 2076 [ --with-rand-helper Use subprocess to gather strong randomness ], 2077 [ 2078 if test "x$withval" = "xno" ; then 2079 # Force use of OpenSSL's internal RNG, even if 2080 # the previous test showed it to be unseeded. 2081 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 2082 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 2083 OPENSSL_SEEDS_ITSELF=yes 2084 USE_RAND_HELPER="" 2085 fi 2086 else 2087 USE_RAND_HELPER=yes 2088 fi 2089 ], 2090) 2091 2092# Which randomness source do we use? 2093if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 2094 # OpenSSL only 2095 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 2096 [Define if you want OpenSSL's internally seeded PRNG only]) 2097 RAND_MSG="OpenSSL internal ONLY" 2098 INSTALL_SSH_RAND_HELPER="" 2099elif test ! -z "$USE_RAND_HELPER" ; then 2100 # install rand helper 2101 RAND_MSG="ssh-rand-helper" 2102 INSTALL_SSH_RAND_HELPER="yes" 2103fi 2104AC_SUBST(INSTALL_SSH_RAND_HELPER) 2105 2106### Configuration of ssh-rand-helper 2107 2108# PRNGD TCP socket 2109AC_ARG_WITH(prngd-port, 2110 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2111 [ 2112 case "$withval" in 2113 no) 2114 withval="" 2115 ;; 2116 [[0-9]]*) 2117 ;; 2118 *) 2119 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 2120 ;; 2121 esac 2122 if test ! -z "$withval" ; then 2123 PRNGD_PORT="$withval" 2124 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 2125 [Port number of PRNGD/EGD random number socket]) 2126 fi 2127 ] 2128) 2129 2130# PRNGD Unix domain socket 2131AC_ARG_WITH(prngd-socket, 2132 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2133 [ 2134 case "$withval" in 2135 yes) 2136 withval="/var/run/egd-pool" 2137 ;; 2138 no) 2139 withval="" 2140 ;; 2141 /*) 2142 ;; 2143 *) 2144 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 2145 ;; 2146 esac 2147 2148 if test ! -z "$withval" ; then 2149 if test ! -z "$PRNGD_PORT" ; then 2150 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2151 fi 2152 if test ! -r "$withval" ; then 2153 AC_MSG_WARN(Entropy socket is not readable) 2154 fi 2155 PRNGD_SOCKET="$withval" 2156 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2157 [Location of PRNGD/EGD random number socket]) 2158 fi 2159 ], 2160 [ 2161 # Check for existing socket only if we don't have a random device already 2162 if test "$USE_RAND_HELPER" = yes ; then 2163 AC_MSG_CHECKING(for PRNGD/EGD socket) 2164 # Insert other locations here 2165 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2166 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2167 PRNGD_SOCKET="$sock" 2168 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2169 break; 2170 fi 2171 done 2172 if test ! -z "$PRNGD_SOCKET" ; then 2173 AC_MSG_RESULT($PRNGD_SOCKET) 2174 else 2175 AC_MSG_RESULT(not found) 2176 fi 2177 fi 2178 ] 2179) 2180 2181# Change default command timeout for hashing entropy source 2182entropy_timeout=200 2183AC_ARG_WITH(entropy-timeout, 2184 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2185 [ 2186 if test -n "$withval" && test "x$withval" != "xno" && \ 2187 test "x${withval}" != "xyes"; then 2188 entropy_timeout=$withval 2189 fi 2190 ] 2191) 2192AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2193 [Builtin PRNG command timeout]) 2194 2195SSH_PRIVSEP_USER=sshd 2196AC_ARG_WITH(privsep-user, 2197 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2198 [ 2199 if test -n "$withval" && test "x$withval" != "xno" && \ 2200 test "x${withval}" != "xyes"; then 2201 SSH_PRIVSEP_USER=$withval 2202 fi 2203 ] 2204) 2205AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2206 [non-privileged user for privilege separation]) 2207AC_SUBST(SSH_PRIVSEP_USER) 2208 2209# We do this little dance with the search path to insure 2210# that programs that we select for use by installed programs 2211# (which may be run by the super-user) come from trusted 2212# locations before they come from the user's private area. 2213# This should help avoid accidentally configuring some 2214# random version of a program in someone's personal bin. 2215 2216OPATH=$PATH 2217PATH=/bin:/usr/bin 2218test -h /bin 2> /dev/null && PATH=/usr/bin 2219test -d /sbin && PATH=$PATH:/sbin 2220test -d /usr/sbin && PATH=$PATH:/usr/sbin 2221PATH=$PATH:/etc:$OPATH 2222 2223# These programs are used by the command hashing source to gather entropy 2224OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2225OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2226OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2227OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2228OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2229OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2230OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2231OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2232OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2233OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2234OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2235OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2236OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2237OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2238OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2239OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2240# restore PATH 2241PATH=$OPATH 2242 2243# Where does ssh-rand-helper get its randomness from? 2244INSTALL_SSH_PRNG_CMDS="" 2245if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2246 if test ! -z "$PRNGD_PORT" ; then 2247 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2248 elif test ! -z "$PRNGD_SOCKET" ; then 2249 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2250 else 2251 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2252 RAND_HELPER_CMDHASH=yes 2253 INSTALL_SSH_PRNG_CMDS="yes" 2254 fi 2255fi 2256AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2257 2258 2259# Cheap hack to ensure NEWS-OS libraries are arranged right. 2260if test ! -z "$SONY" ; then 2261 LIBS="$LIBS -liberty"; 2262fi 2263 2264# Check for long long datatypes 2265AC_CHECK_TYPES([long long, unsigned long long, long double]) 2266 2267# Check datatype sizes 2268AC_CHECK_SIZEOF(char, 1) 2269AC_CHECK_SIZEOF(short int, 2) 2270AC_CHECK_SIZEOF(int, 4) 2271AC_CHECK_SIZEOF(long int, 4) 2272AC_CHECK_SIZEOF(long long int, 8) 2273 2274# Sanity check long long for some platforms (AIX) 2275if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2276 ac_cv_sizeof_long_long_int=0 2277fi 2278 2279# compute LLONG_MIN and LLONG_MAX if we don't know them. 2280if test -z "$have_llong_max"; then 2281 AC_MSG_CHECKING([for max value of long long]) 2282 AC_RUN_IFELSE( 2283 [AC_LANG_SOURCE([[ 2284#include <stdio.h> 2285/* Why is this so damn hard? */ 2286#ifdef __GNUC__ 2287# undef __GNUC__ 2288#endif 2289#define __USE_ISOC99 2290#include <limits.h> 2291#define DATA "conftest.llminmax" 2292#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) 2293 2294/* 2295 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2296 * we do this the hard way. 2297 */ 2298static int 2299fprint_ll(FILE *f, long long n) 2300{ 2301 unsigned int i; 2302 int l[sizeof(long long) * 8]; 2303 2304 if (n < 0) 2305 if (fprintf(f, "-") < 0) 2306 return -1; 2307 for (i = 0; n != 0; i++) { 2308 l[i] = my_abs(n % 10); 2309 n /= 10; 2310 } 2311 do { 2312 if (fprintf(f, "%d", l[--i]) < 0) 2313 return -1; 2314 } while (i != 0); 2315 if (fprintf(f, " ") < 0) 2316 return -1; 2317 return 0; 2318} 2319 2320int main(void) { 2321 FILE *f; 2322 long long i, llmin, llmax = 0; 2323 2324 if((f = fopen(DATA,"w")) == NULL) 2325 exit(1); 2326 2327#if defined(LLONG_MIN) && defined(LLONG_MAX) 2328 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2329 llmin = LLONG_MIN; 2330 llmax = LLONG_MAX; 2331#else 2332 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2333 /* This will work on one's complement and two's complement */ 2334 for (i = 1; i > llmax; i <<= 1, i++) 2335 llmax = i; 2336 llmin = llmax + 1LL; /* wrap */ 2337#endif 2338 2339 /* Sanity check */ 2340 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2341 || llmax - 1 > llmax || llmin == llmax || llmin == 0 2342 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { 2343 fprintf(f, "unknown unknown\n"); 2344 exit(2); 2345 } 2346 2347 if (fprint_ll(f, llmin) < 0) 2348 exit(3); 2349 if (fprint_ll(f, llmax) < 0) 2350 exit(4); 2351 if (fclose(f) < 0) 2352 exit(5); 2353 exit(0); 2354} 2355 ]])], 2356 [ 2357 llong_min=`$AWK '{print $1}' conftest.llminmax` 2358 llong_max=`$AWK '{print $2}' conftest.llminmax` 2359 2360 AC_MSG_RESULT($llong_max) 2361 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2362 [max value of long long calculated by configure]) 2363 AC_MSG_CHECKING([for min value of long long]) 2364 AC_MSG_RESULT($llong_min) 2365 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2366 [min value of long long calculated by configure]) 2367 ], 2368 [ 2369 AC_MSG_RESULT(not found) 2370 ], 2371 [ 2372 AC_MSG_WARN([cross compiling: not checking]) 2373 ] 2374 ) 2375fi 2376 2377 2378# More checks for data types 2379AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2380 AC_TRY_COMPILE( 2381 [ #include <sys/types.h> ], 2382 [ u_int a; a = 1;], 2383 [ ac_cv_have_u_int="yes" ], 2384 [ ac_cv_have_u_int="no" ] 2385 ) 2386]) 2387if test "x$ac_cv_have_u_int" = "xyes" ; then 2388 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2389 have_u_int=1 2390fi 2391 2392AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2393 AC_TRY_COMPILE( 2394 [ #include <sys/types.h> ], 2395 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2396 [ ac_cv_have_intxx_t="yes" ], 2397 [ ac_cv_have_intxx_t="no" ] 2398 ) 2399]) 2400if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2401 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2402 have_intxx_t=1 2403fi 2404 2405if (test -z "$have_intxx_t" && \ 2406 test "x$ac_cv_header_stdint_h" = "xyes") 2407then 2408 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2409 AC_TRY_COMPILE( 2410 [ #include <stdint.h> ], 2411 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2412 [ 2413 AC_DEFINE(HAVE_INTXX_T) 2414 AC_MSG_RESULT(yes) 2415 ], 2416 [ AC_MSG_RESULT(no) ] 2417 ) 2418fi 2419 2420AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2421 AC_TRY_COMPILE( 2422 [ 2423#include <sys/types.h> 2424#ifdef HAVE_STDINT_H 2425# include <stdint.h> 2426#endif 2427#include <sys/socket.h> 2428#ifdef HAVE_SYS_BITYPES_H 2429# include <sys/bitypes.h> 2430#endif 2431 ], 2432 [ int64_t a; a = 1;], 2433 [ ac_cv_have_int64_t="yes" ], 2434 [ ac_cv_have_int64_t="no" ] 2435 ) 2436]) 2437if test "x$ac_cv_have_int64_t" = "xyes" ; then 2438 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2439fi 2440 2441AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2442 AC_TRY_COMPILE( 2443 [ #include <sys/types.h> ], 2444 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2445 [ ac_cv_have_u_intxx_t="yes" ], 2446 [ ac_cv_have_u_intxx_t="no" ] 2447 ) 2448]) 2449if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2450 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2451 have_u_intxx_t=1 2452fi 2453 2454if test -z "$have_u_intxx_t" ; then 2455 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2456 AC_TRY_COMPILE( 2457 [ #include <sys/socket.h> ], 2458 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2459 [ 2460 AC_DEFINE(HAVE_U_INTXX_T) 2461 AC_MSG_RESULT(yes) 2462 ], 2463 [ AC_MSG_RESULT(no) ] 2464 ) 2465fi 2466 2467AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2468 AC_TRY_COMPILE( 2469 [ #include <sys/types.h> ], 2470 [ u_int64_t a; a = 1;], 2471 [ ac_cv_have_u_int64_t="yes" ], 2472 [ ac_cv_have_u_int64_t="no" ] 2473 ) 2474]) 2475if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2476 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2477 have_u_int64_t=1 2478fi 2479 2480if test -z "$have_u_int64_t" ; then 2481 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2482 AC_TRY_COMPILE( 2483 [ #include <sys/bitypes.h> ], 2484 [ u_int64_t a; a = 1], 2485 [ 2486 AC_DEFINE(HAVE_U_INT64_T) 2487 AC_MSG_RESULT(yes) 2488 ], 2489 [ AC_MSG_RESULT(no) ] 2490 ) 2491fi 2492 2493if test -z "$have_u_intxx_t" ; then 2494 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2495 AC_TRY_COMPILE( 2496 [ 2497#include <sys/types.h> 2498 ], 2499 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2500 [ ac_cv_have_uintxx_t="yes" ], 2501 [ ac_cv_have_uintxx_t="no" ] 2502 ) 2503 ]) 2504 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2505 AC_DEFINE(HAVE_UINTXX_T, 1, 2506 [define if you have uintxx_t data type]) 2507 fi 2508fi 2509 2510if test -z "$have_uintxx_t" ; then 2511 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2512 AC_TRY_COMPILE( 2513 [ #include <stdint.h> ], 2514 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2515 [ 2516 AC_DEFINE(HAVE_UINTXX_T) 2517 AC_MSG_RESULT(yes) 2518 ], 2519 [ AC_MSG_RESULT(no) ] 2520 ) 2521fi 2522 2523if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2524 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2525then 2526 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2527 AC_TRY_COMPILE( 2528 [ 2529#include <sys/bitypes.h> 2530 ], 2531 [ 2532 int8_t a; int16_t b; int32_t c; 2533 u_int8_t e; u_int16_t f; u_int32_t g; 2534 a = b = c = e = f = g = 1; 2535 ], 2536 [ 2537 AC_DEFINE(HAVE_U_INTXX_T) 2538 AC_DEFINE(HAVE_INTXX_T) 2539 AC_MSG_RESULT(yes) 2540 ], 2541 [AC_MSG_RESULT(no)] 2542 ) 2543fi 2544 2545 2546AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2547 AC_TRY_COMPILE( 2548 [ 2549#include <sys/types.h> 2550 ], 2551 [ u_char foo; foo = 125; ], 2552 [ ac_cv_have_u_char="yes" ], 2553 [ ac_cv_have_u_char="no" ] 2554 ) 2555]) 2556if test "x$ac_cv_have_u_char" = "xyes" ; then 2557 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2558fi 2559 2560TYPE_SOCKLEN_T 2561 2562AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2563 2564AC_CHECK_TYPES(in_addr_t,,, 2565[#include <sys/types.h> 2566#include <netinet/in.h>]) 2567 2568AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2569 AC_TRY_COMPILE( 2570 [ 2571#include <sys/types.h> 2572 ], 2573 [ size_t foo; foo = 1235; ], 2574 [ ac_cv_have_size_t="yes" ], 2575 [ ac_cv_have_size_t="no" ] 2576 ) 2577]) 2578if test "x$ac_cv_have_size_t" = "xyes" ; then 2579 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2580fi 2581 2582AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2583 AC_TRY_COMPILE( 2584 [ 2585#include <sys/types.h> 2586 ], 2587 [ ssize_t foo; foo = 1235; ], 2588 [ ac_cv_have_ssize_t="yes" ], 2589 [ ac_cv_have_ssize_t="no" ] 2590 ) 2591]) 2592if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2593 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2594fi 2595 2596AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2597 AC_TRY_COMPILE( 2598 [ 2599#include <time.h> 2600 ], 2601 [ clock_t foo; foo = 1235; ], 2602 [ ac_cv_have_clock_t="yes" ], 2603 [ ac_cv_have_clock_t="no" ] 2604 ) 2605]) 2606if test "x$ac_cv_have_clock_t" = "xyes" ; then 2607 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2608fi 2609 2610AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2611 AC_TRY_COMPILE( 2612 [ 2613#include <sys/types.h> 2614#include <sys/socket.h> 2615 ], 2616 [ sa_family_t foo; foo = 1235; ], 2617 [ ac_cv_have_sa_family_t="yes" ], 2618 [ AC_TRY_COMPILE( 2619 [ 2620#include <sys/types.h> 2621#include <sys/socket.h> 2622#include <netinet/in.h> 2623 ], 2624 [ sa_family_t foo; foo = 1235; ], 2625 [ ac_cv_have_sa_family_t="yes" ], 2626 2627 [ ac_cv_have_sa_family_t="no" ] 2628 )] 2629 ) 2630]) 2631if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2632 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2633 [define if you have sa_family_t data type]) 2634fi 2635 2636AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2637 AC_TRY_COMPILE( 2638 [ 2639#include <sys/types.h> 2640 ], 2641 [ pid_t foo; foo = 1235; ], 2642 [ ac_cv_have_pid_t="yes" ], 2643 [ ac_cv_have_pid_t="no" ] 2644 ) 2645]) 2646if test "x$ac_cv_have_pid_t" = "xyes" ; then 2647 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2648fi 2649 2650AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2651 AC_TRY_COMPILE( 2652 [ 2653#include <sys/types.h> 2654 ], 2655 [ mode_t foo; foo = 1235; ], 2656 [ ac_cv_have_mode_t="yes" ], 2657 [ ac_cv_have_mode_t="no" ] 2658 ) 2659]) 2660if test "x$ac_cv_have_mode_t" = "xyes" ; then 2661 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2662fi 2663 2664 2665AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2666 AC_TRY_COMPILE( 2667 [ 2668#include <sys/types.h> 2669#include <sys/socket.h> 2670 ], 2671 [ struct sockaddr_storage s; ], 2672 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2673 [ ac_cv_have_struct_sockaddr_storage="no" ] 2674 ) 2675]) 2676if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2677 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 2678 [define if you have struct sockaddr_storage data type]) 2679fi 2680 2681AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2682 AC_TRY_COMPILE( 2683 [ 2684#include <sys/types.h> 2685#include <netinet/in.h> 2686 ], 2687 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 2688 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2689 [ ac_cv_have_struct_sockaddr_in6="no" ] 2690 ) 2691]) 2692if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2693 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 2694 [define if you have struct sockaddr_in6 data type]) 2695fi 2696 2697AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2698 AC_TRY_COMPILE( 2699 [ 2700#include <sys/types.h> 2701#include <netinet/in.h> 2702 ], 2703 [ struct in6_addr s; s.s6_addr[0] = 0; ], 2704 [ ac_cv_have_struct_in6_addr="yes" ], 2705 [ ac_cv_have_struct_in6_addr="no" ] 2706 ) 2707]) 2708if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2709 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 2710 [define if you have struct in6_addr data type]) 2711fi 2712 2713AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2714 AC_TRY_COMPILE( 2715 [ 2716#include <sys/types.h> 2717#include <sys/socket.h> 2718#include <netdb.h> 2719 ], 2720 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 2721 [ ac_cv_have_struct_addrinfo="yes" ], 2722 [ ac_cv_have_struct_addrinfo="no" ] 2723 ) 2724]) 2725if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2726 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 2727 [define if you have struct addrinfo data type]) 2728fi 2729 2730AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2731 AC_TRY_COMPILE( 2732 [ #include <sys/time.h> ], 2733 [ struct timeval tv; tv.tv_sec = 1;], 2734 [ ac_cv_have_struct_timeval="yes" ], 2735 [ ac_cv_have_struct_timeval="no" ] 2736 ) 2737]) 2738if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2739 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 2740 have_struct_timeval=1 2741fi 2742 2743AC_CHECK_TYPES(struct timespec) 2744 2745# We need int64_t or else certian parts of the compile will fail. 2746if test "x$ac_cv_have_int64_t" = "xno" && \ 2747 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2748 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2749 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2750 echo "an alternative compiler (I.E., GCC) before continuing." 2751 echo "" 2752 exit 1; 2753else 2754dnl test snprintf (broken on SCO w/gcc) 2755 AC_RUN_IFELSE( 2756 [AC_LANG_SOURCE([[ 2757#include <stdio.h> 2758#include <string.h> 2759#ifdef HAVE_SNPRINTF 2760main() 2761{ 2762 char buf[50]; 2763 char expected_out[50]; 2764 int mazsize = 50 ; 2765#if (SIZEOF_LONG_INT == 8) 2766 long int num = 0x7fffffffffffffff; 2767#else 2768 long long num = 0x7fffffffffffffffll; 2769#endif 2770 strcpy(expected_out, "9223372036854775807"); 2771 snprintf(buf, mazsize, "%lld", num); 2772 if(strcmp(buf, expected_out) != 0) 2773 exit(1); 2774 exit(0); 2775} 2776#else 2777main() { exit(0); } 2778#endif 2779 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 2780 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 2781 ) 2782fi 2783 2784dnl Checks for structure members 2785OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 2786OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 2787OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 2788OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 2789OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 2790OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 2791OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 2792OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 2793OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 2794OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 2795OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 2796OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 2797OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 2798OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 2799OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 2800OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 2801OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 2802 2803AC_CHECK_MEMBERS([struct stat.st_blksize]) 2804AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 2805 [Define if we don't have struct __res_state in resolv.h])], 2806[ 2807#include <stdio.h> 2808#if HAVE_SYS_TYPES_H 2809# include <sys/types.h> 2810#endif 2811#include <netinet/in.h> 2812#include <arpa/nameser.h> 2813#include <resolv.h> 2814]) 2815 2816AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 2817 ac_cv_have_ss_family_in_struct_ss, [ 2818 AC_TRY_COMPILE( 2819 [ 2820#include <sys/types.h> 2821#include <sys/socket.h> 2822 ], 2823 [ struct sockaddr_storage s; s.ss_family = 1; ], 2824 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 2825 [ ac_cv_have_ss_family_in_struct_ss="no" ], 2826 ) 2827]) 2828if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 2829 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 2830fi 2831 2832AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 2833 ac_cv_have___ss_family_in_struct_ss, [ 2834 AC_TRY_COMPILE( 2835 [ 2836#include <sys/types.h> 2837#include <sys/socket.h> 2838 ], 2839 [ struct sockaddr_storage s; s.__ss_family = 1; ], 2840 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 2841 [ ac_cv_have___ss_family_in_struct_ss="no" ] 2842 ) 2843]) 2844if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 2845 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 2846 [Fields in struct sockaddr_storage]) 2847fi 2848 2849AC_CACHE_CHECK([for pw_class field in struct passwd], 2850 ac_cv_have_pw_class_in_struct_passwd, [ 2851 AC_TRY_COMPILE( 2852 [ 2853#include <pwd.h> 2854 ], 2855 [ struct passwd p; p.pw_class = 0; ], 2856 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 2857 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 2858 ) 2859]) 2860if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 2861 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 2862 [Define if your password has a pw_class field]) 2863fi 2864 2865AC_CACHE_CHECK([for pw_expire field in struct passwd], 2866 ac_cv_have_pw_expire_in_struct_passwd, [ 2867 AC_TRY_COMPILE( 2868 [ 2869#include <pwd.h> 2870 ], 2871 [ struct passwd p; p.pw_expire = 0; ], 2872 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 2873 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 2874 ) 2875]) 2876if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 2877 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 2878 [Define if your password has a pw_expire field]) 2879fi 2880 2881AC_CACHE_CHECK([for pw_change field in struct passwd], 2882 ac_cv_have_pw_change_in_struct_passwd, [ 2883 AC_TRY_COMPILE( 2884 [ 2885#include <pwd.h> 2886 ], 2887 [ struct passwd p; p.pw_change = 0; ], 2888 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 2889 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 2890 ) 2891]) 2892if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 2893 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 2894 [Define if your password has a pw_change field]) 2895fi 2896 2897dnl make sure we're using the real structure members and not defines 2898AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 2899 ac_cv_have_accrights_in_msghdr, [ 2900 AC_COMPILE_IFELSE( 2901 [ 2902#include <sys/types.h> 2903#include <sys/socket.h> 2904#include <sys/uio.h> 2905int main() { 2906#ifdef msg_accrights 2907#error "msg_accrights is a macro" 2908exit(1); 2909#endif 2910struct msghdr m; 2911m.msg_accrights = 0; 2912exit(0); 2913} 2914 ], 2915 [ ac_cv_have_accrights_in_msghdr="yes" ], 2916 [ ac_cv_have_accrights_in_msghdr="no" ] 2917 ) 2918]) 2919if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 2920 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 2921 [Define if your system uses access rights style 2922 file descriptor passing]) 2923fi 2924 2925AC_CACHE_CHECK([for msg_control field in struct msghdr], 2926 ac_cv_have_control_in_msghdr, [ 2927 AC_COMPILE_IFELSE( 2928 [ 2929#include <sys/types.h> 2930#include <sys/socket.h> 2931#include <sys/uio.h> 2932int main() { 2933#ifdef msg_control 2934#error "msg_control is a macro" 2935exit(1); 2936#endif 2937struct msghdr m; 2938m.msg_control = 0; 2939exit(0); 2940} 2941 ], 2942 [ ac_cv_have_control_in_msghdr="yes" ], 2943 [ ac_cv_have_control_in_msghdr="no" ] 2944 ) 2945]) 2946if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 2947 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 2948 [Define if your system uses ancillary data style 2949 file descriptor passing]) 2950fi 2951 2952AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 2953 AC_TRY_LINK([], 2954 [ extern char *__progname; printf("%s", __progname); ], 2955 [ ac_cv_libc_defines___progname="yes" ], 2956 [ ac_cv_libc_defines___progname="no" ] 2957 ) 2958]) 2959if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 2960 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 2961fi 2962 2963AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 2964 AC_TRY_LINK([ 2965#include <stdio.h> 2966], 2967 [ printf("%s", __FUNCTION__); ], 2968 [ ac_cv_cc_implements___FUNCTION__="yes" ], 2969 [ ac_cv_cc_implements___FUNCTION__="no" ] 2970 ) 2971]) 2972if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 2973 AC_DEFINE(HAVE___FUNCTION__, 1, 2974 [Define if compiler implements __FUNCTION__]) 2975fi 2976 2977AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 2978 AC_TRY_LINK([ 2979#include <stdio.h> 2980], 2981 [ printf("%s", __func__); ], 2982 [ ac_cv_cc_implements___func__="yes" ], 2983 [ ac_cv_cc_implements___func__="no" ] 2984 ) 2985]) 2986if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 2987 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 2988fi 2989 2990AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 2991 AC_TRY_LINK( 2992 [#include <stdarg.h> 2993 va_list x,y;], 2994 [va_copy(x,y);], 2995 [ ac_cv_have_va_copy="yes" ], 2996 [ ac_cv_have_va_copy="no" ] 2997 ) 2998]) 2999if test "x$ac_cv_have_va_copy" = "xyes" ; then 3000 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 3001fi 3002 3003AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3004 AC_TRY_LINK( 3005 [#include <stdarg.h> 3006 va_list x,y;], 3007 [__va_copy(x,y);], 3008 [ ac_cv_have___va_copy="yes" ], 3009 [ ac_cv_have___va_copy="no" ] 3010 ) 3011]) 3012if test "x$ac_cv_have___va_copy" = "xyes" ; then 3013 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 3014fi 3015 3016AC_CACHE_CHECK([whether getopt has optreset support], 3017 ac_cv_have_getopt_optreset, [ 3018 AC_TRY_LINK( 3019 [ 3020#include <getopt.h> 3021 ], 3022 [ extern int optreset; optreset = 0; ], 3023 [ ac_cv_have_getopt_optreset="yes" ], 3024 [ ac_cv_have_getopt_optreset="no" ] 3025 ) 3026]) 3027if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3028 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 3029 [Define if your getopt(3) defines and uses optreset]) 3030fi 3031 3032AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3033 AC_TRY_LINK([], 3034 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 3035 [ ac_cv_libc_defines_sys_errlist="yes" ], 3036 [ ac_cv_libc_defines_sys_errlist="no" ] 3037 ) 3038]) 3039if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3040 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 3041 [Define if your system defines sys_errlist[]]) 3042fi 3043 3044 3045AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3046 AC_TRY_LINK([], 3047 [ extern int sys_nerr; printf("%i", sys_nerr);], 3048 [ ac_cv_libc_defines_sys_nerr="yes" ], 3049 [ ac_cv_libc_defines_sys_nerr="no" ] 3050 ) 3051]) 3052if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3053 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 3054fi 3055 3056SCARD_MSG="no" 3057# Check whether user wants sectok support 3058AC_ARG_WITH(sectok, 3059 [ --with-sectok Enable smartcard support using libsectok], 3060 [ 3061 if test "x$withval" != "xno" ; then 3062 if test "x$withval" != "xyes" ; then 3063 CPPFLAGS="$CPPFLAGS -I${withval}" 3064 LDFLAGS="$LDFLAGS -L${withval}" 3065 if test ! -z "$need_dash_r" ; then 3066 LDFLAGS="$LDFLAGS -R${withval}" 3067 fi 3068 if test ! -z "$blibpath" ; then 3069 blibpath="$blibpath:${withval}" 3070 fi 3071 fi 3072 AC_CHECK_HEADERS(sectok.h) 3073 if test "$ac_cv_header_sectok_h" != yes; then 3074 AC_MSG_ERROR(Can't find sectok.h) 3075 fi 3076 AC_CHECK_LIB(sectok, sectok_open) 3077 if test "$ac_cv_lib_sectok_sectok_open" != yes; then 3078 AC_MSG_ERROR(Can't find libsectok) 3079 fi 3080 AC_DEFINE(SMARTCARD, 1, 3081 [Define if you want smartcard support]) 3082 AC_DEFINE(USE_SECTOK, 1, 3083 [Define if you want smartcard support 3084 using sectok]) 3085 SCARD_MSG="yes, using sectok" 3086 fi 3087 ] 3088) 3089 3090# Check whether user wants OpenSC support 3091OPENSC_CONFIG="no" 3092AC_ARG_WITH(opensc, 3093 [ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)], 3094 [ 3095 if test "x$withval" != "xno" ; then 3096 if test "x$withval" != "xyes" ; then 3097 OPENSC_CONFIG=$withval/bin/opensc-config 3098 else 3099 AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no) 3100 fi 3101 if test "$OPENSC_CONFIG" != "no"; then 3102 LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags` 3103 LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs` 3104 CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS" 3105 LIBS="$LIBS $LIBOPENSC_LIBS" 3106 AC_DEFINE(SMARTCARD) 3107 AC_DEFINE(USE_OPENSC, 1, 3108 [Define if you want smartcard support 3109 using OpenSC]) 3110 SCARD_MSG="yes, using OpenSC" 3111 fi 3112 fi 3113 ] 3114) 3115 3116# Check libraries needed by DNS fingerprint support 3117AC_SEARCH_LIBS(getrrsetbyname, resolv, 3118 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 3119 [Define if getrrsetbyname() exists])], 3120 [ 3121 # Needed by our getrrsetbyname() 3122 AC_SEARCH_LIBS(res_query, resolv) 3123 AC_SEARCH_LIBS(dn_expand, resolv) 3124 AC_MSG_CHECKING(if res_query will link) 3125 AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes), 3126 [AC_MSG_RESULT(no) 3127 saved_LIBS="$LIBS" 3128 LIBS="$LIBS -lresolv" 3129 AC_MSG_CHECKING(for res_query in -lresolv) 3130 AC_LINK_IFELSE([ 3131#include <resolv.h> 3132int main() 3133{ 3134 res_query (0, 0, 0, 0, 0); 3135 return 0; 3136} 3137 ], 3138 [LIBS="$LIBS -lresolv" 3139 AC_MSG_RESULT(yes)], 3140 [LIBS="$saved_LIBS" 3141 AC_MSG_RESULT(no)]) 3142 ]) 3143 AC_CHECK_FUNCS(_getshort _getlong) 3144 AC_CHECK_DECLS([_getshort, _getlong], , , 3145 [#include <sys/types.h> 3146 #include <arpa/nameser.h>]) 3147 AC_CHECK_MEMBER(HEADER.ad, 3148 [AC_DEFINE(HAVE_HEADER_AD, 1, 3149 [Define if HEADER.ad exists in arpa/nameser.h])],, 3150 [#include <arpa/nameser.h>]) 3151 ]) 3152 3153# Check whether user wants SELinux support 3154SELINUX_MSG="no" 3155LIBSELINUX="" 3156AC_ARG_WITH(selinux, 3157 [ --with-selinux Enable SELinux support], 3158 [ if test "x$withval" != "xno" ; then 3159 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) 3160 SELINUX_MSG="yes" 3161 AC_CHECK_HEADER([selinux/selinux.h], , 3162 AC_MSG_ERROR(SELinux support requires selinux.h header)) 3163 AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], 3164 AC_MSG_ERROR(SELinux support requires libselinux library)) 3165 save_LIBS="$LIBS" 3166 LIBS="$LIBS $LIBSELINUX" 3167 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) 3168 LIBS="$save_LIBS" 3169 fi ] 3170) 3171AC_SUBST(LIBSELINUX) 3172 3173# Check whether user wants Kerberos 5 support 3174KRB5_MSG="no" 3175AC_ARG_WITH(kerberos5, 3176 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3177 [ if test "x$withval" != "xno" ; then 3178 if test "x$withval" = "xyes" ; then 3179 KRB5ROOT="/usr/local" 3180 else 3181 KRB5ROOT=${withval} 3182 fi 3183 3184 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3185 KRB5_MSG="yes" 3186 3187 AC_MSG_CHECKING(for krb5-config) 3188 if test -x $KRB5ROOT/bin/krb5-config ; then 3189 KRB5CONF=$KRB5ROOT/bin/krb5-config 3190 AC_MSG_RESULT($KRB5CONF) 3191 3192 AC_MSG_CHECKING(for gssapi support) 3193 if $KRB5CONF | grep gssapi >/dev/null ; then 3194 AC_MSG_RESULT(yes) 3195 AC_DEFINE(GSSAPI, 1, 3196 [Define this if you want GSSAPI 3197 support in the version 2 protocol]) 3198 k5confopts=gssapi 3199 else 3200 AC_MSG_RESULT(no) 3201 k5confopts="" 3202 fi 3203 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3204 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3205 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3206 AC_MSG_CHECKING(whether we are using Heimdal) 3207 AC_TRY_COMPILE([ #include <krb5.h> ], 3208 [ char *tmp = heimdal_version; ], 3209 [ AC_MSG_RESULT(yes) 3210 AC_DEFINE(HEIMDAL, 1, 3211 [Define this if you are using the 3212 Heimdal version of Kerberos V5]) ], 3213 AC_MSG_RESULT(no) 3214 ) 3215 else 3216 AC_MSG_RESULT(no) 3217 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3218 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3219 AC_MSG_CHECKING(whether we are using Heimdal) 3220 AC_TRY_COMPILE([ #include <krb5.h> ], 3221 [ char *tmp = heimdal_version; ], 3222 [ AC_MSG_RESULT(yes) 3223 AC_DEFINE(HEIMDAL) 3224 K5LIBS="-lkrb5 -ldes" 3225 K5LIBS="$K5LIBS -lcom_err -lasn1" 3226 AC_CHECK_LIB(roken, net_write, 3227 [K5LIBS="$K5LIBS -lroken"]) 3228 ], 3229 [ AC_MSG_RESULT(no) 3230 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3231 ] 3232 ) 3233 AC_SEARCH_LIBS(dn_expand, resolv) 3234 3235 AC_CHECK_LIB(gssapi,gss_init_sec_context, 3236 [ AC_DEFINE(GSSAPI) 3237 K5LIBS="-lgssapi $K5LIBS" ], 3238 [ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context, 3239 [ AC_DEFINE(GSSAPI) 3240 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3241 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3242 $K5LIBS) 3243 ], 3244 $K5LIBS) 3245 3246 AC_CHECK_HEADER(gssapi.h, , 3247 [ unset ac_cv_header_gssapi_h 3248 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3249 AC_CHECK_HEADERS(gssapi.h, , 3250 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3251 ) 3252 ] 3253 ) 3254 3255 oldCPP="$CPPFLAGS" 3256 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3257 AC_CHECK_HEADER(gssapi_krb5.h, , 3258 [ CPPFLAGS="$oldCPP" ]) 3259 3260 fi 3261 if test ! -z "$need_dash_r" ; then 3262 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3263 fi 3264 if test ! -z "$blibpath" ; then 3265 blibpath="$blibpath:${KRB5ROOT}/lib" 3266 fi 3267 3268 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3269 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3270 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3271 3272 LIBS="$LIBS $K5LIBS" 3273 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3274 [Define this if you want to use libkafs' AFS support])) 3275 fi 3276 ] 3277) 3278 3279# Looking for programs, paths and files 3280 3281PRIVSEP_PATH=/var/empty 3282AC_ARG_WITH(privsep-path, 3283 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3284 [ 3285 if test -n "$withval" && test "x$withval" != "xno" && \ 3286 test "x${withval}" != "xyes"; then 3287 PRIVSEP_PATH=$withval 3288 fi 3289 ] 3290) 3291AC_SUBST(PRIVSEP_PATH) 3292 3293AC_ARG_WITH(xauth, 3294 [ --with-xauth=PATH Specify path to xauth program ], 3295 [ 3296 if test -n "$withval" && test "x$withval" != "xno" && \ 3297 test "x${withval}" != "xyes"; then 3298 xauth_path=$withval 3299 fi 3300 ], 3301 [ 3302 TestPath="$PATH" 3303 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3304 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3305 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3306 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3307 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3308 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3309 xauth_path="/usr/openwin/bin/xauth" 3310 fi 3311 ] 3312) 3313 3314STRIP_OPT=-s 3315AC_ARG_ENABLE(strip, 3316 [ --disable-strip Disable calling strip(1) on install], 3317 [ 3318 if test "x$enableval" = "xno" ; then 3319 STRIP_OPT= 3320 fi 3321 ] 3322) 3323AC_SUBST(STRIP_OPT) 3324 3325if test -z "$xauth_path" ; then 3326 XAUTH_PATH="undefined" 3327 AC_SUBST(XAUTH_PATH) 3328else 3329 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3330 [Define if xauth is found in your path]) 3331 XAUTH_PATH=$xauth_path 3332 AC_SUBST(XAUTH_PATH) 3333fi 3334 3335# Check for mail directory (last resort if we cannot get it from headers) 3336if test ! -z "$MAIL" ; then 3337 maildir=`dirname $MAIL` 3338 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3339 [Set this to your mail directory if you don't have maillock.h]) 3340fi 3341 3342if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3343 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3344 disable_ptmx_check=yes 3345fi 3346if test -z "$no_dev_ptmx" ; then 3347 if test "x$disable_ptmx_check" != "xyes" ; then 3348 AC_CHECK_FILE("/dev/ptmx", 3349 [ 3350 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3351 [Define if you have /dev/ptmx]) 3352 have_dev_ptmx=1 3353 ] 3354 ) 3355 fi 3356fi 3357 3358if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3359 AC_CHECK_FILE("/dev/ptc", 3360 [ 3361 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3362 [Define if you have /dev/ptc]) 3363 have_dev_ptc=1 3364 ] 3365 ) 3366else 3367 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3368fi 3369 3370# Options from here on. Some of these are preset by platform above 3371AC_ARG_WITH(mantype, 3372 [ --with-mantype=man|cat|doc Set man page type], 3373 [ 3374 case "$withval" in 3375 man|cat|doc) 3376 MANTYPE=$withval 3377 ;; 3378 *) 3379 AC_MSG_ERROR(invalid man type: $withval) 3380 ;; 3381 esac 3382 ] 3383) 3384if test -z "$MANTYPE"; then 3385 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3386 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3387 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3388 MANTYPE=doc 3389 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3390 MANTYPE=man 3391 else 3392 MANTYPE=cat 3393 fi 3394fi 3395AC_SUBST(MANTYPE) 3396if test "$MANTYPE" = "doc"; then 3397 mansubdir=man; 3398else 3399 mansubdir=$MANTYPE; 3400fi 3401AC_SUBST(mansubdir) 3402 3403# Check whether to enable MD5 passwords 3404MD5_MSG="no" 3405AC_ARG_WITH(md5-passwords, 3406 [ --with-md5-passwords Enable use of MD5 passwords], 3407 [ 3408 if test "x$withval" != "xno" ; then 3409 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3410 [Define if you want to allow MD5 passwords]) 3411 MD5_MSG="yes" 3412 fi 3413 ] 3414) 3415 3416# Whether to disable shadow password support 3417AC_ARG_WITH(shadow, 3418 [ --without-shadow Disable shadow password support], 3419 [ 3420 if test "x$withval" = "xno" ; then 3421 AC_DEFINE(DISABLE_SHADOW) 3422 disable_shadow=yes 3423 fi 3424 ] 3425) 3426 3427if test -z "$disable_shadow" ; then 3428 AC_MSG_CHECKING([if the systems has expire shadow information]) 3429 AC_TRY_COMPILE( 3430 [ 3431#include <sys/types.h> 3432#include <shadow.h> 3433 struct spwd sp; 3434 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3435 [ sp_expire_available=yes ], [] 3436 ) 3437 3438 if test "x$sp_expire_available" = "xyes" ; then 3439 AC_MSG_RESULT(yes) 3440 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3441 [Define if you want to use shadow password expire field]) 3442 else 3443 AC_MSG_RESULT(no) 3444 fi 3445fi 3446 3447# Use ip address instead of hostname in $DISPLAY 3448if test ! -z "$IPADDR_IN_DISPLAY" ; then 3449 DISPLAY_HACK_MSG="yes" 3450 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3451 [Define if you need to use IP address 3452 instead of hostname in $DISPLAY]) 3453else 3454 DISPLAY_HACK_MSG="no" 3455 AC_ARG_WITH(ipaddr-display, 3456 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3457 [ 3458 if test "x$withval" != "xno" ; then 3459 AC_DEFINE(IPADDR_IN_DISPLAY) 3460 DISPLAY_HACK_MSG="yes" 3461 fi 3462 ] 3463 ) 3464fi 3465 3466# check for /etc/default/login and use it if present. 3467AC_ARG_ENABLE(etc-default-login, 3468 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3469 [ if test "x$enableval" = "xno"; then 3470 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3471 etc_default_login=no 3472 else 3473 etc_default_login=yes 3474 fi ], 3475 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3476 then 3477 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3478 etc_default_login=no 3479 else 3480 etc_default_login=yes 3481 fi ] 3482) 3483 3484if test "x$etc_default_login" != "xno"; then 3485 AC_CHECK_FILE("/etc/default/login", 3486 [ external_path_file=/etc/default/login ]) 3487 if test "x$external_path_file" = "x/etc/default/login"; then 3488 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3489 [Define if your system has /etc/default/login]) 3490 fi 3491fi 3492 3493dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3494if test $ac_cv_func_login_getcapbool = "yes" && \ 3495 test $ac_cv_header_login_cap_h = "yes" ; then 3496 external_path_file=/etc/login.conf 3497fi 3498 3499# Whether to mess with the default path 3500SERVER_PATH_MSG="(default)" 3501AC_ARG_WITH(default-path, 3502 [ --with-default-path= Specify default \$PATH environment for server], 3503 [ 3504 if test "x$external_path_file" = "x/etc/login.conf" ; then 3505 AC_MSG_WARN([ 3506--with-default-path=PATH has no effect on this system. 3507Edit /etc/login.conf instead.]) 3508 elif test "x$withval" != "xno" ; then 3509 if test ! -z "$external_path_file" ; then 3510 AC_MSG_WARN([ 3511--with-default-path=PATH will only be used if PATH is not defined in 3512$external_path_file .]) 3513 fi 3514 user_path="$withval" 3515 SERVER_PATH_MSG="$withval" 3516 fi 3517 ], 3518 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3519 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3520 else 3521 if test ! -z "$external_path_file" ; then 3522 AC_MSG_WARN([ 3523If PATH is defined in $external_path_file, ensure the path to scp is included, 3524otherwise scp will not work.]) 3525 fi 3526 AC_RUN_IFELSE( 3527 [AC_LANG_SOURCE([[ 3528/* find out what STDPATH is */ 3529#include <stdio.h> 3530#ifdef HAVE_PATHS_H 3531# include <paths.h> 3532#endif 3533#ifndef _PATH_STDPATH 3534# ifdef _PATH_USERPATH /* Irix */ 3535# define _PATH_STDPATH _PATH_USERPATH 3536# else 3537# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3538# endif 3539#endif 3540#include <sys/types.h> 3541#include <sys/stat.h> 3542#include <fcntl.h> 3543#define DATA "conftest.stdpath" 3544 3545main() 3546{ 3547 FILE *fd; 3548 int rc; 3549 3550 fd = fopen(DATA,"w"); 3551 if(fd == NULL) 3552 exit(1); 3553 3554 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3555 exit(1); 3556 3557 exit(0); 3558} 3559 ]])], 3560 [ user_path=`cat conftest.stdpath` ], 3561 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3562 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3563 ) 3564# make sure $bindir is in USER_PATH so scp will work 3565 t_bindir=`eval echo ${bindir}` 3566 case $t_bindir in 3567 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3568 esac 3569 case $t_bindir in 3570 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3571 esac 3572 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3573 if test $? -ne 0 ; then 3574 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3575 if test $? -ne 0 ; then 3576 user_path=$user_path:$t_bindir 3577 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3578 fi 3579 fi 3580 fi ] 3581) 3582if test "x$external_path_file" != "x/etc/login.conf" ; then 3583 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3584 AC_SUBST(user_path) 3585fi 3586 3587# Set superuser path separately to user path 3588AC_ARG_WITH(superuser-path, 3589 [ --with-superuser-path= Specify different path for super-user], 3590 [ 3591 if test -n "$withval" && test "x$withval" != "xno" && \ 3592 test "x${withval}" != "xyes"; then 3593 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3594 [Define if you want a different $PATH 3595 for the superuser]) 3596 superuser_path=$withval 3597 fi 3598 ] 3599) 3600 3601 3602AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3603IPV4_IN6_HACK_MSG="no" 3604AC_ARG_WITH(4in6, 3605 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3606 [ 3607 if test "x$withval" != "xno" ; then 3608 AC_MSG_RESULT(yes) 3609 AC_DEFINE(IPV4_IN_IPV6, 1, 3610 [Detect IPv4 in IPv6 mapped addresses 3611 and treat as IPv4]) 3612 IPV4_IN6_HACK_MSG="yes" 3613 else 3614 AC_MSG_RESULT(no) 3615 fi 3616 ],[ 3617 if test "x$inet6_default_4in6" = "xyes"; then 3618 AC_MSG_RESULT([yes (default)]) 3619 AC_DEFINE(IPV4_IN_IPV6) 3620 IPV4_IN6_HACK_MSG="yes" 3621 else 3622 AC_MSG_RESULT([no (default)]) 3623 fi 3624 ] 3625) 3626 3627# Whether to enable BSD auth support 3628BSD_AUTH_MSG=no 3629AC_ARG_WITH(bsd-auth, 3630 [ --with-bsd-auth Enable BSD auth support], 3631 [ 3632 if test "x$withval" != "xno" ; then 3633 AC_DEFINE(BSD_AUTH, 1, 3634 [Define if you have BSD auth support]) 3635 BSD_AUTH_MSG=yes 3636 fi 3637 ] 3638) 3639 3640# Where to place sshd.pid 3641piddir=/var/run 3642# make sure the directory exists 3643if test ! -d $piddir ; then 3644 piddir=`eval echo ${sysconfdir}` 3645 case $piddir in 3646 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3647 esac 3648fi 3649 3650AC_ARG_WITH(pid-dir, 3651 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3652 [ 3653 if test -n "$withval" && test "x$withval" != "xno" && \ 3654 test "x${withval}" != "xyes"; then 3655 piddir=$withval 3656 if test ! -d $piddir ; then 3657 AC_MSG_WARN([** no $piddir directory on this system **]) 3658 fi 3659 fi 3660 ] 3661) 3662 3663AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 3664AC_SUBST(piddir) 3665 3666dnl allow user to disable some login recording features 3667AC_ARG_ENABLE(lastlog, 3668 [ --disable-lastlog disable use of lastlog even if detected [no]], 3669 [ 3670 if test "x$enableval" = "xno" ; then 3671 AC_DEFINE(DISABLE_LASTLOG) 3672 fi 3673 ] 3674) 3675AC_ARG_ENABLE(utmp, 3676 [ --disable-utmp disable use of utmp even if detected [no]], 3677 [ 3678 if test "x$enableval" = "xno" ; then 3679 AC_DEFINE(DISABLE_UTMP) 3680 fi 3681 ] 3682) 3683AC_ARG_ENABLE(utmpx, 3684 [ --disable-utmpx disable use of utmpx even if detected [no]], 3685 [ 3686 if test "x$enableval" = "xno" ; then 3687 AC_DEFINE(DISABLE_UTMPX, 1, 3688 [Define if you don't want to use utmpx]) 3689 fi 3690 ] 3691) 3692AC_ARG_ENABLE(wtmp, 3693 [ --disable-wtmp disable use of wtmp even if detected [no]], 3694 [ 3695 if test "x$enableval" = "xno" ; then 3696 AC_DEFINE(DISABLE_WTMP) 3697 fi 3698 ] 3699) 3700AC_ARG_ENABLE(wtmpx, 3701 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3702 [ 3703 if test "x$enableval" = "xno" ; then 3704 AC_DEFINE(DISABLE_WTMPX, 1, 3705 [Define if you don't want to use wtmpx]) 3706 fi 3707 ] 3708) 3709AC_ARG_ENABLE(libutil, 3710 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3711 [ 3712 if test "x$enableval" = "xno" ; then 3713 AC_DEFINE(DISABLE_LOGIN) 3714 fi 3715 ] 3716) 3717AC_ARG_ENABLE(pututline, 3718 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 3719 [ 3720 if test "x$enableval" = "xno" ; then 3721 AC_DEFINE(DISABLE_PUTUTLINE, 1, 3722 [Define if you don't want to use pututline() 3723 etc. to write [uw]tmp]) 3724 fi 3725 ] 3726) 3727AC_ARG_ENABLE(pututxline, 3728 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 3729 [ 3730 if test "x$enableval" = "xno" ; then 3731 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 3732 [Define if you don't want to use pututxline() 3733 etc. to write [uw]tmpx]) 3734 fi 3735 ] 3736) 3737AC_ARG_WITH(lastlog, 3738 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 3739 [ 3740 if test "x$withval" = "xno" ; then 3741 AC_DEFINE(DISABLE_LASTLOG) 3742 elif test -n "$withval" && test "x${withval}" != "xyes"; then 3743 conf_lastlog_location=$withval 3744 fi 3745 ] 3746) 3747 3748dnl lastlog, [uw]tmpx? detection 3749dnl NOTE: set the paths in the platform section to avoid the 3750dnl need for command-line parameters 3751dnl lastlog and [uw]tmp are subject to a file search if all else fails 3752 3753dnl lastlog detection 3754dnl NOTE: the code itself will detect if lastlog is a directory 3755AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 3756AC_TRY_COMPILE([ 3757#include <sys/types.h> 3758#include <utmp.h> 3759#ifdef HAVE_LASTLOG_H 3760# include <lastlog.h> 3761#endif 3762#ifdef HAVE_PATHS_H 3763# include <paths.h> 3764#endif 3765#ifdef HAVE_LOGIN_H 3766# include <login.h> 3767#endif 3768 ], 3769 [ char *lastlog = LASTLOG_FILE; ], 3770 [ AC_MSG_RESULT(yes) ], 3771 [ 3772 AC_MSG_RESULT(no) 3773 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 3774 AC_TRY_COMPILE([ 3775#include <sys/types.h> 3776#include <utmp.h> 3777#ifdef HAVE_LASTLOG_H 3778# include <lastlog.h> 3779#endif 3780#ifdef HAVE_PATHS_H 3781# include <paths.h> 3782#endif 3783 ], 3784 [ char *lastlog = _PATH_LASTLOG; ], 3785 [ AC_MSG_RESULT(yes) ], 3786 [ 3787 AC_MSG_RESULT(no) 3788 system_lastlog_path=no 3789 ]) 3790 ] 3791) 3792 3793if test -z "$conf_lastlog_location"; then 3794 if test x"$system_lastlog_path" = x"no" ; then 3795 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 3796 if (test -d "$f" || test -f "$f") ; then 3797 conf_lastlog_location=$f 3798 fi 3799 done 3800 if test -z "$conf_lastlog_location"; then 3801 AC_MSG_WARN([** Cannot find lastlog **]) 3802 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 3803 fi 3804 fi 3805fi 3806 3807if test -n "$conf_lastlog_location"; then 3808 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 3809 [Define if you want to specify the path to your lastlog file]) 3810fi 3811 3812dnl utmp detection 3813AC_MSG_CHECKING([if your system defines UTMP_FILE]) 3814AC_TRY_COMPILE([ 3815#include <sys/types.h> 3816#include <utmp.h> 3817#ifdef HAVE_PATHS_H 3818# include <paths.h> 3819#endif 3820 ], 3821 [ char *utmp = UTMP_FILE; ], 3822 [ AC_MSG_RESULT(yes) ], 3823 [ AC_MSG_RESULT(no) 3824 system_utmp_path=no ] 3825) 3826if test -z "$conf_utmp_location"; then 3827 if test x"$system_utmp_path" = x"no" ; then 3828 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 3829 if test -f $f ; then 3830 conf_utmp_location=$f 3831 fi 3832 done 3833 if test -z "$conf_utmp_location"; then 3834 AC_DEFINE(DISABLE_UTMP) 3835 fi 3836 fi 3837fi 3838if test -n "$conf_utmp_location"; then 3839 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 3840 [Define if you want to specify the path to your utmp file]) 3841fi 3842 3843dnl wtmp detection 3844AC_MSG_CHECKING([if your system defines WTMP_FILE]) 3845AC_TRY_COMPILE([ 3846#include <sys/types.h> 3847#include <utmp.h> 3848#ifdef HAVE_PATHS_H 3849# include <paths.h> 3850#endif 3851 ], 3852 [ char *wtmp = WTMP_FILE; ], 3853 [ AC_MSG_RESULT(yes) ], 3854 [ AC_MSG_RESULT(no) 3855 system_wtmp_path=no ] 3856) 3857if test -z "$conf_wtmp_location"; then 3858 if test x"$system_wtmp_path" = x"no" ; then 3859 for f in /usr/adm/wtmp /var/log/wtmp; do 3860 if test -f $f ; then 3861 conf_wtmp_location=$f 3862 fi 3863 done 3864 if test -z "$conf_wtmp_location"; then 3865 AC_DEFINE(DISABLE_WTMP) 3866 fi 3867 fi 3868fi 3869if test -n "$conf_wtmp_location"; then 3870 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 3871 [Define if you want to specify the path to your wtmp file]) 3872fi 3873 3874 3875dnl utmpx detection - I don't know any system so perverse as to require 3876dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out 3877dnl there, though. 3878AC_MSG_CHECKING([if your system defines UTMPX_FILE]) 3879AC_TRY_COMPILE([ 3880#include <sys/types.h> 3881#include <utmp.h> 3882#ifdef HAVE_UTMPX_H 3883#include <utmpx.h> 3884#endif 3885#ifdef HAVE_PATHS_H 3886# include <paths.h> 3887#endif 3888 ], 3889 [ char *utmpx = UTMPX_FILE; ], 3890 [ AC_MSG_RESULT(yes) ], 3891 [ AC_MSG_RESULT(no) 3892 system_utmpx_path=no ] 3893) 3894if test -z "$conf_utmpx_location"; then 3895 if test x"$system_utmpx_path" = x"no" ; then 3896 AC_DEFINE(DISABLE_UTMPX) 3897 fi 3898else 3899 AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location", 3900 [Define if you want to specify the path to your utmpx file]) 3901fi 3902 3903dnl wtmpx detection 3904AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 3905AC_TRY_COMPILE([ 3906#include <sys/types.h> 3907#include <utmp.h> 3908#ifdef HAVE_UTMPX_H 3909#include <utmpx.h> 3910#endif 3911#ifdef HAVE_PATHS_H 3912# include <paths.h> 3913#endif 3914 ], 3915 [ char *wtmpx = WTMPX_FILE; ], 3916 [ AC_MSG_RESULT(yes) ], 3917 [ AC_MSG_RESULT(no) 3918 system_wtmpx_path=no ] 3919) 3920if test -z "$conf_wtmpx_location"; then 3921 if test x"$system_wtmpx_path" = x"no" ; then 3922 AC_DEFINE(DISABLE_WTMPX) 3923 fi 3924else 3925 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 3926 [Define if you want to specify the path to your wtmpx file]) 3927fi 3928 3929 3930if test ! -z "$blibpath" ; then 3931 LDFLAGS="$LDFLAGS $blibflags$blibpath" 3932 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 3933fi 3934 3935dnl Adding -Werror to CFLAGS early prevents configure tests from running. 3936dnl Add now. 3937CFLAGS="$CFLAGS $werror_flags" 3938 3939AC_EXEEXT 3940AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 3941 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 3942 scard/Makefile ssh_prng_cmds survey.sh]) 3943AC_OUTPUT 3944 3945# Print summary of options 3946 3947# Someone please show me a better way :) 3948A=`eval echo ${prefix}` ; A=`eval echo ${A}` 3949B=`eval echo ${bindir}` ; B=`eval echo ${B}` 3950C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 3951D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 3952E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 3953F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 3954G=`eval echo ${piddir}` ; G=`eval echo ${G}` 3955H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 3956I=`eval echo ${user_path}` ; I=`eval echo ${I}` 3957J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 3958 3959echo "" 3960echo "OpenSSH has been configured with the following options:" 3961echo " User binaries: $B" 3962echo " System binaries: $C" 3963echo " Configuration files: $D" 3964echo " Askpass program: $E" 3965echo " Manual pages: $F" 3966echo " PID file: $G" 3967echo " Privilege separation chroot path: $H" 3968if test "x$external_path_file" = "x/etc/login.conf" ; then 3969echo " At runtime, sshd will use the path defined in $external_path_file" 3970echo " Make sure the path to scp is present, otherwise scp will not work" 3971else 3972echo " sshd default user PATH: $I" 3973 if test ! -z "$external_path_file"; then 3974echo " (If PATH is set in $external_path_file it will be used instead. If" 3975echo " used, ensure the path to scp is present, otherwise scp will not work.)" 3976 fi 3977fi 3978if test ! -z "$superuser_path" ; then 3979echo " sshd superuser user PATH: $J" 3980fi 3981echo " Manpage format: $MANTYPE" 3982echo " PAM support: $PAM_MSG" 3983echo " OSF SIA support: $SIA_MSG" 3984echo " KerberosV support: $KRB5_MSG" 3985echo " SELinux support: $SELINUX_MSG" 3986echo " Smartcard support: $SCARD_MSG" 3987echo " S/KEY support: $SKEY_MSG" 3988echo " TCP Wrappers support: $TCPW_MSG" 3989echo " MD5 password support: $MD5_MSG" 3990echo " libedit support: $LIBEDIT_MSG" 3991echo " Solaris process contract support: $SPC_MSG" 3992echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 3993echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 3994echo " BSD Auth support: $BSD_AUTH_MSG" 3995echo " Random number source: $RAND_MSG" 3996if test ! -z "$USE_RAND_HELPER" ; then 3997echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 3998fi 3999 4000echo "" 4001 4002echo " Host: ${host}" 4003echo " Compiler: ${CC}" 4004echo " Compiler flags: ${CFLAGS}" 4005echo "Preprocessor flags: ${CPPFLAGS}" 4006echo " Linker flags: ${LDFLAGS}" 4007echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}" 4008 4009echo "" 4010 4011if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4012 echo "SVR4 style packages are supported with \"make package\"" 4013 echo "" 4014fi 4015 4016if test "x$PAM_MSG" = "xyes" ; then 4017 echo "PAM is enabled. You may need to install a PAM control file " 4018 echo "for sshd, otherwise password authentication may fail. " 4019 echo "Example PAM control files can be found in the contrib/ " 4020 echo "subdirectory" 4021 echo "" 4022fi 4023 4024if test ! -z "$RAND_HELPER_CMDHASH" ; then 4025 echo "WARNING: you are using the builtin random number collection " 4026 echo "service. Please read WARNING.RNG and request that your OS " 4027 echo "vendor includes kernel-based random number collection in " 4028 echo "future versions of your OS." 4029 echo "" 4030fi 4031 4032if test ! -z "$NO_PEERCHECK" ; then 4033 echo "WARNING: the operating system that you are using does not " 4034 echo "appear to support either the getpeereid() API nor the " 4035 echo "SO_PEERCRED getsockopt() option. These facilities are used to " 4036 echo "enforce security checks to prevent unauthorised connections to " 4037 echo "ssh-agent. Their absence increases the risk that a malicious " 4038 echo "user can connect to your agent. " 4039 echo "" 4040fi 4041 4042if test "$AUDIT_MODULE" = "bsm" ; then 4043 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4044 echo "See the Solaris section in README.platform for details." 4045fi 4046