configure.ac revision 218767
1# $Id: configure.ac,v 1.469 2011/01/21 22:37:05 dtucker Exp $ 2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 18AC_REVISION($Revision: 1.469 $) 19AC_CONFIG_SRCDIR([ssh.c]) 20 21# local macros 22AC_DEFUN([OPENSSH_CHECK_CFLAG_COMPILE], [{ 23 AC_MSG_CHECKING([if $CC supports $1]) 24 saved_CFLAGS="$CFLAGS" 25 CFLAGS="$CFLAGS $1" 26 AC_COMPILE_IFELSE([void main(void) { return 0; }], 27 [ AC_MSG_RESULT(yes) ], 28 [ AC_MSG_RESULT(no) 29 CFLAGS="$saved_CFLAGS" ] 30 ) 31}]) 32 33AC_CONFIG_HEADER(config.h) 34AC_PROG_CC 35AC_CANONICAL_HOST 36AC_C_BIGENDIAN 37 38# Checks for programs. 39AC_PROG_AWK 40AC_PROG_CPP 41AC_PROG_RANLIB 42AC_PROG_INSTALL 43AC_PROG_EGREP 44AC_PATH_PROG(AR, ar) 45AC_PATH_PROG(CAT, cat) 46AC_PATH_PROG(KILL, kill) 47AC_PATH_PROGS(PERL, perl5 perl) 48AC_PATH_PROG(SED, sed) 49AC_SUBST(PERL) 50AC_PATH_PROG(ENT, ent) 51AC_SUBST(ENT) 52AC_PATH_PROG(TEST_MINUS_S_SH, bash) 53AC_PATH_PROG(TEST_MINUS_S_SH, ksh) 54AC_PATH_PROG(TEST_MINUS_S_SH, sh) 55AC_PATH_PROG(SH, sh) 56AC_PATH_PROG(GROFF, groff) 57AC_PATH_PROG(NROFF, nroff) 58AC_PATH_PROG(MANDOC, mandoc) 59AC_SUBST(TEST_SHELL,sh) 60 61dnl select manpage formatter 62if test "x$MANDOC" != "x" ; then 63 MANFMT="$MANDOC" 64elif test "x$NROFF" != "x" ; then 65 MANFMT="$NROFF -mandoc" 66elif test "x$GROFF" != "x" ; then 67 MANFMT="$GROFF -mandoc -Tascii" 68else 69 AC_MSG_WARN([no manpage formatted found]) 70 MANFMT="false" 71fi 72AC_SUBST(MANFMT) 73 74dnl for buildpkg.sh 75AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd, 76 [/usr/sbin${PATH_SEPARATOR}/etc]) 77AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd, 78 [/usr/sbin${PATH_SEPARATOR}/etc]) 79AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no) 80if test -x /sbin/sh; then 81 AC_SUBST(STARTUP_SCRIPT_SHELL,/sbin/sh) 82else 83 AC_SUBST(STARTUP_SCRIPT_SHELL,/bin/sh) 84fi 85 86# System features 87AC_SYS_LARGEFILE 88 89if test -z "$AR" ; then 90 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 91fi 92 93# Use LOGIN_PROGRAM from environment if possible 94if test ! -z "$LOGIN_PROGRAM" ; then 95 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM", 96 [If your header files don't define LOGIN_PROGRAM, 97 then use this (detected) from environment and PATH]) 98else 99 # Search for login 100 AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login) 101 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 102 AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK") 103 fi 104fi 105 106AC_PATH_PROG(PATH_PASSWD_PROG, passwd) 107if test ! -z "$PATH_PASSWD_PROG" ; then 108 AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG", 109 [Full path of your "passwd" program]) 110fi 111 112if test -z "$LD" ; then 113 LD=$CC 114fi 115AC_SUBST(LD) 116 117AC_C_INLINE 118 119AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>]) 120 121use_stack_protector=1 122AC_ARG_WITH(stackprotect, 123 [ --without-stackprotect Don't use compiler's stack protection], [ 124 if test "x$withval" = "xno"; then 125 use_stack_protector=0 126 fi ]) 127 128 129if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 130 OPENSSH_CHECK_CFLAG_COMPILE([-Wall]) 131 OPENSSH_CHECK_CFLAG_COMPILE([-Wpointer-arith]) 132 OPENSSH_CHECK_CFLAG_COMPILE([-Wuninitialized]) 133 OPENSSH_CHECK_CFLAG_COMPILE([-Wsign-compare]) 134 OPENSSH_CHECK_CFLAG_COMPILE([-Wformat-security]) 135 OPENSSH_CHECK_CFLAG_COMPILE([-Wno-pointer-sign]) 136 OPENSSH_CHECK_CFLAG_COMPILE([-Wno-unused-result]) 137 OPENSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing]) 138 AC_MSG_CHECKING(gcc version) 139 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 140 case $GCC_VER in 141 1.*) no_attrib_nonnull=1 ;; 142 2.8* | 2.9*) 143 no_attrib_nonnull=1 144 ;; 145 2.*) no_attrib_nonnull=1 ;; 146 *) ;; 147 esac 148 AC_MSG_RESULT($GCC_VER) 149 150 AC_MSG_CHECKING(if $CC accepts -fno-builtin-memset) 151 saved_CFLAGS="$CFLAGS" 152 CFLAGS="$CFLAGS -fno-builtin-memset" 153 AC_LINK_IFELSE( [AC_LANG_SOURCE([[ 154#include <string.h> 155int main(void){char b[10]; memset(b, 0, sizeof(b));} 156 ]])], 157 [ AC_MSG_RESULT(yes) ], 158 [ AC_MSG_RESULT(no) 159 CFLAGS="$saved_CFLAGS" ] 160) 161 162 # -fstack-protector-all doesn't always work for some GCC versions 163 # and/or platforms, so we test if we can. If it's not supported 164 # on a given platform gcc will emit a warning so we use -Werror. 165 if test "x$use_stack_protector" = "x1"; then 166 for t in -fstack-protector-all -fstack-protector; do 167 AC_MSG_CHECKING(if $CC supports $t) 168 saved_CFLAGS="$CFLAGS" 169 saved_LDFLAGS="$LDFLAGS" 170 CFLAGS="$CFLAGS $t -Werror" 171 LDFLAGS="$LDFLAGS $t -Werror" 172 AC_LINK_IFELSE( 173 [AC_LANG_SOURCE([ 174#include <stdio.h> 175int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;} 176 ])], 177 [ AC_MSG_RESULT(yes) 178 CFLAGS="$saved_CFLAGS $t" 179 LDFLAGS="$saved_LDFLAGS $t" 180 AC_MSG_CHECKING(if $t works) 181 AC_RUN_IFELSE( 182 [AC_LANG_SOURCE([ 183#include <stdio.h> 184int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;} 185 ])], 186 [ AC_MSG_RESULT(yes) 187 break ], 188 [ AC_MSG_RESULT(no) ], 189 [ AC_MSG_WARN([cross compiling: cannot test]) 190 break ] 191 ) 192 ], 193 [ AC_MSG_RESULT(no) ] 194 ) 195 CFLAGS="$saved_CFLAGS" 196 LDFLAGS="$saved_LDFLAGS" 197 done 198 fi 199 200 if test -z "$have_llong_max"; then 201 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 202 unset ac_cv_have_decl_LLONG_MAX 203 saved_CFLAGS="$CFLAGS" 204 CFLAGS="$CFLAGS -std=gnu99" 205 AC_CHECK_DECL(LLONG_MAX, 206 [have_llong_max=1], 207 [CFLAGS="$saved_CFLAGS"], 208 [#include <limits.h>] 209 ) 210 fi 211fi 212 213if test "x$no_attrib_nonnull" != "x1" ; then 214 AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull]) 215fi 216 217AC_ARG_WITH(rpath, 218 [ --without-rpath Disable auto-added -R linker paths], 219 [ 220 if test "x$withval" = "xno" ; then 221 need_dash_r="" 222 fi 223 if test "x$withval" = "xyes" ; then 224 need_dash_r=1 225 fi 226 ] 227) 228 229# Allow user to specify flags 230AC_ARG_WITH(cflags, 231 [ --with-cflags Specify additional flags to pass to compiler], 232 [ 233 if test -n "$withval" && test "x$withval" != "xno" && \ 234 test "x${withval}" != "xyes"; then 235 CFLAGS="$CFLAGS $withval" 236 fi 237 ] 238) 239AC_ARG_WITH(cppflags, 240 [ --with-cppflags Specify additional flags to pass to preprocessor] , 241 [ 242 if test -n "$withval" && test "x$withval" != "xno" && \ 243 test "x${withval}" != "xyes"; then 244 CPPFLAGS="$CPPFLAGS $withval" 245 fi 246 ] 247) 248AC_ARG_WITH(ldflags, 249 [ --with-ldflags Specify additional flags to pass to linker], 250 [ 251 if test -n "$withval" && test "x$withval" != "xno" && \ 252 test "x${withval}" != "xyes"; then 253 LDFLAGS="$LDFLAGS $withval" 254 fi 255 ] 256) 257AC_ARG_WITH(libs, 258 [ --with-libs Specify additional libraries to link with], 259 [ 260 if test -n "$withval" && test "x$withval" != "xno" && \ 261 test "x${withval}" != "xyes"; then 262 LIBS="$LIBS $withval" 263 fi 264 ] 265) 266AC_ARG_WITH(Werror, 267 [ --with-Werror Build main code with -Werror], 268 [ 269 if test -n "$withval" && test "x$withval" != "xno"; then 270 werror_flags="-Werror" 271 if test "x${withval}" != "xyes"; then 272 werror_flags="$withval" 273 fi 274 fi 275 ] 276) 277 278AC_CHECK_HEADERS( \ 279 bstring.h \ 280 crypt.h \ 281 crypto/sha2.h \ 282 dirent.h \ 283 endian.h \ 284 features.h \ 285 fcntl.h \ 286 floatingpoint.h \ 287 getopt.h \ 288 glob.h \ 289 ia.h \ 290 iaf.h \ 291 limits.h \ 292 login.h \ 293 maillock.h \ 294 ndir.h \ 295 net/if_tun.h \ 296 netdb.h \ 297 netgroup.h \ 298 pam/pam_appl.h \ 299 paths.h \ 300 poll.h \ 301 pty.h \ 302 readpassphrase.h \ 303 rpc/types.h \ 304 security/pam_appl.h \ 305 sha2.h \ 306 shadow.h \ 307 stddef.h \ 308 stdint.h \ 309 string.h \ 310 strings.h \ 311 sys/audit.h \ 312 sys/bitypes.h \ 313 sys/bsdtty.h \ 314 sys/cdefs.h \ 315 sys/dir.h \ 316 sys/mman.h \ 317 sys/ndir.h \ 318 sys/poll.h \ 319 sys/prctl.h \ 320 sys/pstat.h \ 321 sys/select.h \ 322 sys/stat.h \ 323 sys/stream.h \ 324 sys/stropts.h \ 325 sys/strtio.h \ 326 sys/statvfs.h \ 327 sys/sysmacros.h \ 328 sys/time.h \ 329 sys/timers.h \ 330 sys/un.h \ 331 time.h \ 332 tmpdir.h \ 333 ttyent.h \ 334 ucred.h \ 335 unistd.h \ 336 usersec.h \ 337 util.h \ 338 utime.h \ 339 utmp.h \ 340 utmpx.h \ 341 vis.h \ 342) 343 344# lastlog.h requires sys/time.h to be included first on Solaris 345AC_CHECK_HEADERS(lastlog.h, [], [], [ 346#ifdef HAVE_SYS_TIME_H 347# include <sys/time.h> 348#endif 349]) 350 351# sys/ptms.h requires sys/stream.h to be included first on Solaris 352AC_CHECK_HEADERS(sys/ptms.h, [], [], [ 353#ifdef HAVE_SYS_STREAM_H 354# include <sys/stream.h> 355#endif 356]) 357 358# login_cap.h requires sys/types.h on NetBSD 359AC_CHECK_HEADERS(login_cap.h, [], [], [ 360#include <sys/types.h> 361]) 362 363# older BSDs need sys/param.h before sys/mount.h 364AC_CHECK_HEADERS(sys/mount.h, [], [], [ 365#include <sys/param.h> 366]) 367 368# Messages for features tested for in target-specific section 369SIA_MSG="no" 370SPC_MSG="no" 371SP_MSG="no" 372 373# Check for some target-specific stuff 374case "$host" in 375*-*-aix*) 376 # Some versions of VAC won't allow macro redefinitions at 377 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 378 # particularly with older versions of vac or xlc. 379 # It also throws errors about null macro argments, but these are 380 # not fatal. 381 AC_MSG_CHECKING(if compiler allows macro redefinitions) 382 AC_COMPILE_IFELSE( 383 [AC_LANG_SOURCE([[ 384#define testmacro foo 385#define testmacro bar 386int main(void) { exit(0); } 387 ]])], 388 [ AC_MSG_RESULT(yes) ], 389 [ AC_MSG_RESULT(no) 390 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 391 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" 392 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 393 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 394 ] 395 ) 396 397 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 398 if (test -z "$blibpath"); then 399 blibpath="/usr/lib:/lib" 400 fi 401 saved_LDFLAGS="$LDFLAGS" 402 if test "$GCC" = "yes"; then 403 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 404 else 405 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 406 fi 407 for tryflags in $flags ;do 408 if (test -z "$blibflags"); then 409 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 410 AC_TRY_LINK([], [], [blibflags=$tryflags]) 411 fi 412 done 413 if (test -z "$blibflags"); then 414 AC_MSG_RESULT(not found) 415 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 416 else 417 AC_MSG_RESULT($blibflags) 418 fi 419 LDFLAGS="$saved_LDFLAGS" 420 dnl Check for authenticate. Might be in libs.a on older AIXes 421 AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1, 422 [Define if you want to enable AIX4's authenticate function])], 423 [AC_CHECK_LIB(s,authenticate, 424 [ AC_DEFINE(WITH_AIXAUTHENTICATE) 425 LIBS="$LIBS -ls" 426 ]) 427 ]) 428 dnl Check for various auth function declarations in headers. 429 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 430 passwdexpired, setauthdb], , , [#include <usersec.h>]) 431 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 432 AC_CHECK_DECLS(loginfailed, 433 [AC_MSG_CHECKING(if loginfailed takes 4 arguments) 434 AC_TRY_COMPILE( 435 [#include <usersec.h>], 436 [(void)loginfailed("user","host","tty",0);], 437 [AC_MSG_RESULT(yes) 438 AC_DEFINE(AIX_LOGINFAILED_4ARG, 1, 439 [Define if your AIX loginfailed() function 440 takes 4 arguments (AIX >= 5.2)])], 441 [AC_MSG_RESULT(no)] 442 )], 443 [], 444 [#include <usersec.h>] 445 ) 446 AC_CHECK_FUNCS(getgrset setauthdb) 447 AC_CHECK_DECL(F_CLOSEM, 448 AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]), 449 [], 450 [ #include <limits.h> 451 #include <fcntl.h> ] 452 ) 453 check_for_aix_broken_getaddrinfo=1 454 AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.]) 455 AC_DEFINE(SETEUID_BREAKS_SETUID, 1, 456 [Define if your platform breaks doing a seteuid before a setuid]) 457 AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken]) 458 AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken]) 459 dnl AIX handles lastlog as part of its login message 460 AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog]) 461 AC_DEFINE(LOGIN_NEEDS_UTMPX, 1, 462 [Some systems need a utmpx entry for /bin/login to work]) 463 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV, 464 [Define to a Set Process Title type if your system is 465 supported by bsd-setproctitle.c]) 466 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 467 [AIX 5.2 and 5.3 (and presumably newer) require this]) 468 AC_DEFINE(PTY_ZEROREAD, 1, [read(1) can return 0 for a non-closed fd]) 469 ;; 470*-*-cygwin*) 471 check_for_libcrypt_later=1 472 LIBS="$LIBS /usr/lib/textreadmode.o" 473 AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin]) 474 AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()]) 475 AC_DEFINE(DISABLE_SHADOW, 1, 476 [Define if you want to disable shadow passwords]) 477 AC_DEFINE(NO_X11_UNIX_SOCKETS, 1, 478 [Define if X11 doesn't support AF_UNIX sockets on that system]) 479 AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1, 480 [Define if the concept of ports only accessible to 481 superusers isn't known]) 482 AC_DEFINE(DISABLE_FD_PASSING, 1, 483 [Define if your platform needs to skip post auth 484 file descriptor passing]) 485 AC_DEFINE(SSH_IOBUFSZ, 65535, [Windows is sensitive to read buffer size]) 486 AC_DEFINE(FILESYSTEM_NO_BACKSLASH, 1, [File names may not contain backslash characters]) 487 ;; 488*-*-dgux*) 489 AC_DEFINE(IP_TOS_IS_BROKEN, 1, 490 [Define if your system choked on IP TOS setting]) 491 AC_DEFINE(SETEUID_BREAKS_SETUID) 492 AC_DEFINE(BROKEN_SETREUID) 493 AC_DEFINE(BROKEN_SETREGID) 494 ;; 495*-*-darwin*) 496 AC_MSG_CHECKING(if we have working getaddrinfo) 497 AC_TRY_RUN([#include <mach-o/dyld.h> 498main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 499 exit(0); 500 else 501 exit(1); 502}], [AC_MSG_RESULT(working)], 503 [AC_MSG_RESULT(buggy) 504 AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])], 505 [AC_MSG_RESULT(assume it is working)]) 506 AC_DEFINE(SETEUID_BREAKS_SETUID) 507 AC_DEFINE(BROKEN_SETREUID) 508 AC_DEFINE(BROKEN_SETREGID) 509 AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect]) 510 AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1, 511 [Define if your resolver libs need this for getrrsetbyname]) 512 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 513 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 514 [Use tunnel device compatibility to OpenBSD]) 515 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 516 [Prepend the address family to IP tunnel traffic]) 517 m4_pattern_allow(AU_IPv) 518 AC_CHECK_DECL(AU_IPv4, [], 519 AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records]) 520 [#include <bsm/audit.h>] 521 AC_DEFINE(LASTLOG_WRITE_PUTUTXLINE, 1, 522 [Define if pututxline updates lastlog too]) 523 ) 524 ;; 525*-*-dragonfly*) 526 SSHDLIBS="$SSHDLIBS -lcrypt" 527 ;; 528*-*-haiku*) 529 LIBS="$LIBS -lbsd " 530 AC_CHECK_LIB(network, socket) 531 AC_DEFINE(HAVE_U_INT64_T) 532 MANTYPE=man 533 ;; 534*-*-hpux*) 535 # first we define all of the options common to all HP-UX releases 536 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 537 IPADDR_IN_DISPLAY=yes 538 AC_DEFINE(USE_PIPES) 539 AC_DEFINE(LOGIN_NO_ENDOPT, 1, 540 [Define if your login program cannot handle end of options ("--")]) 541 AC_DEFINE(LOGIN_NEEDS_UTMPX) 542 AC_DEFINE(LOCKED_PASSWD_STRING, "*", 543 [String used in /etc/passwd to denote locked account]) 544 AC_DEFINE(SPT_TYPE,SPT_PSTAT) 545 MAIL="/var/mail/username" 546 LIBS="$LIBS -lsec" 547 AC_CHECK_LIB(xnet, t_error, , 548 AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])) 549 550 # next, we define all of the options specific to major releases 551 case "$host" in 552 *-*-hpux10*) 553 if test -z "$GCC"; then 554 CFLAGS="$CFLAGS -Ae" 555 fi 556 ;; 557 *-*-hpux11*) 558 AC_DEFINE(PAM_SUN_CODEBASE, 1, 559 [Define if you are using Solaris-derived PAM which 560 passes pam_messages to the conversation function 561 with an extra level of indirection]) 562 AC_DEFINE(DISABLE_UTMP, 1, 563 [Define if you don't want to use utmp]) 564 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 565 check_for_hpux_broken_getaddrinfo=1 566 check_for_conflicting_getspnam=1 567 ;; 568 esac 569 570 # lastly, we define options specific to minor releases 571 case "$host" in 572 *-*-hpux10.26) 573 AC_DEFINE(HAVE_SECUREWARE, 1, 574 [Define if you have SecureWare-based 575 protected password database]) 576 disable_ptmx_check=yes 577 LIBS="$LIBS -lsecpw" 578 ;; 579 esac 580 ;; 581*-*-irix5*) 582 PATH="$PATH:/usr/etc" 583 AC_DEFINE(BROKEN_INET_NTOA, 1, 584 [Define if you system's inet_ntoa is busted 585 (e.g. Irix gcc issue)]) 586 AC_DEFINE(SETEUID_BREAKS_SETUID) 587 AC_DEFINE(BROKEN_SETREUID) 588 AC_DEFINE(BROKEN_SETREGID) 589 AC_DEFINE(WITH_ABBREV_NO_TTY, 1, 590 [Define if you shouldn't strip 'tty' from your 591 ttyname in [uw]tmp]) 592 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 593 ;; 594*-*-irix6*) 595 PATH="$PATH:/usr/etc" 596 AC_DEFINE(WITH_IRIX_ARRAY, 1, 597 [Define if you have/want arrays 598 (cluster-wide session managment, not C arrays)]) 599 AC_DEFINE(WITH_IRIX_PROJECT, 1, 600 [Define if you want IRIX project management]) 601 AC_DEFINE(WITH_IRIX_AUDIT, 1, 602 [Define if you want IRIX audit trails]) 603 AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1, 604 [Define if you want IRIX kernel jobs])]) 605 AC_DEFINE(BROKEN_INET_NTOA) 606 AC_DEFINE(SETEUID_BREAKS_SETUID) 607 AC_DEFINE(BROKEN_SETREUID) 608 AC_DEFINE(BROKEN_SETREGID) 609 AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)]) 610 AC_DEFINE(WITH_ABBREV_NO_TTY) 611 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 612 ;; 613*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu) 614 check_for_libcrypt_later=1 615 AC_DEFINE(PAM_TTY_KLUDGE) 616 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!") 617 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 618 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 619 AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins]) 620 ;; 621*-*-linux*) 622 no_dev_ptmx=1 623 check_for_libcrypt_later=1 624 check_for_openpty_ctty_bug=1 625 AC_DEFINE(PAM_TTY_KLUDGE, 1, 626 [Work around problematic Linux PAM modules handling of PAM_TTY]) 627 AC_DEFINE(LOCKED_PASSWD_PREFIX, "!", 628 [String used in /etc/passwd to denote locked account]) 629 AC_DEFINE(SPT_TYPE,SPT_REUSEARGV) 630 AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM, 631 [Define to whatever link() returns for "not supported" 632 if it doesn't return EOPNOTSUPP.]) 633 AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts]) 634 AC_DEFINE(USE_BTMP) 635 AC_DEFINE(LINUX_OOM_ADJUST, 1, [Adjust Linux out-of-memory killer]) 636 inet6_default_4in6=yes 637 case `uname -r` in 638 1.*|2.0.*) 639 AC_DEFINE(BROKEN_CMSG_TYPE, 1, 640 [Define if cmsg_type is not passed correctly]) 641 ;; 642 esac 643 # tun(4) forwarding compat code 644 AC_CHECK_HEADERS(linux/if_tun.h) 645 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 646 AC_DEFINE(SSH_TUN_LINUX, 1, 647 [Open tunnel devices the Linux tun/tap way]) 648 AC_DEFINE(SSH_TUN_COMPAT_AF, 1, 649 [Use tunnel device compatibility to OpenBSD]) 650 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 651 [Prepend the address family to IP tunnel traffic]) 652 fi 653 ;; 654mips-sony-bsd|mips-sony-newsos4) 655 AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) 656 SONY=1 657 ;; 658*-*-netbsd*) 659 check_for_libcrypt_before=1 660 if test "x$withval" != "xno" ; then 661 need_dash_r=1 662 fi 663 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 664 AC_CHECK_HEADER([net/if_tap.h], , 665 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 666 AC_DEFINE(SSH_TUN_PREPEND_AF, 1, 667 [Prepend the address family to IP tunnel traffic]) 668 ;; 669*-*-freebsd*) 670 check_for_libcrypt_later=1 671 AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)]) 672 AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way]) 673 AC_CHECK_HEADER([net/if_tap.h], , 674 AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support])) 675 AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need]) 676 ;; 677*-*-bsdi*) 678 AC_DEFINE(SETEUID_BREAKS_SETUID) 679 AC_DEFINE(BROKEN_SETREUID) 680 AC_DEFINE(BROKEN_SETREGID) 681 ;; 682*-next-*) 683 conf_lastlog_location="/usr/adm/lastlog" 684 conf_utmp_location=/etc/utmp 685 conf_wtmp_location=/usr/adm/wtmp 686 MAIL=/usr/spool/mail 687 AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT]) 688 AC_DEFINE(BROKEN_REALPATH) 689 AC_DEFINE(USE_PIPES) 690 AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT]) 691 ;; 692*-*-openbsd*) 693 AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel]) 694 AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded]) 695 AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way]) 696 AC_DEFINE(SYSLOG_R_SAFE_IN_SIGHAND, 1, 697 [syslog_r function is safe to use in in a signal handler]) 698 ;; 699*-*-solaris*) 700 if test "x$withval" != "xno" ; then 701 need_dash_r=1 702 fi 703 AC_DEFINE(PAM_SUN_CODEBASE) 704 AC_DEFINE(LOGIN_NEEDS_UTMPX) 705 AC_DEFINE(LOGIN_NEEDS_TERM, 1, 706 [Some versions of /bin/login need the TERM supplied 707 on the commandline]) 708 AC_DEFINE(PAM_TTY_KLUDGE) 709 AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1, 710 [Define if pam_chauthtok wants real uid set 711 to the unpriv'ed user]) 712 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 713 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 714 AC_DEFINE(SSHD_ACQUIRES_CTTY, 1, 715 [Define if sshd somehow reacquires a controlling TTY 716 after setsid()]) 717 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd 718 in case the name is longer than 8 chars]) 719 AC_DEFINE(BROKEN_TCGETATTR_ICANON, 1, [tcgetattr with ICANON may hang]) 720 external_path_file=/etc/default/login 721 # hardwire lastlog location (can't detect it on some versions) 722 conf_lastlog_location="/var/adm/lastlog" 723 AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x) 724 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 725 if test "$sol2ver" -ge 8; then 726 AC_MSG_RESULT(yes) 727 AC_DEFINE(DISABLE_UTMP) 728 AC_DEFINE(DISABLE_WTMP, 1, 729 [Define if you don't want to use wtmp]) 730 else 731 AC_MSG_RESULT(no) 732 fi 733 AC_ARG_WITH(solaris-contracts, 734 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 735 [ 736 AC_CHECK_LIB(contract, ct_tmpl_activate, 737 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, 738 [Define if you have Solaris process contracts]) 739 SSHDLIBS="$SSHDLIBS -lcontract" 740 AC_SUBST(SSHDLIBS) 741 SPC_MSG="yes" ], ) 742 ], 743 ) 744 AC_ARG_WITH(solaris-projects, 745 [ --with-solaris-projects Enable Solaris projects (experimental)], 746 [ 747 AC_CHECK_LIB(project, setproject, 748 [ AC_DEFINE(USE_SOLARIS_PROJECTS, 1, 749 [Define if you have Solaris projects]) 750 SSHDLIBS="$SSHDLIBS -lproject" 751 AC_SUBST(SSHDLIBS) 752 SP_MSG="yes" ], ) 753 ], 754 ) 755 ;; 756*-*-sunos4*) 757 CPPFLAGS="$CPPFLAGS -DSUNOS4" 758 AC_CHECK_FUNCS(getpwanam) 759 AC_DEFINE(PAM_SUN_CODEBASE) 760 conf_utmp_location=/etc/utmp 761 conf_wtmp_location=/var/adm/wtmp 762 conf_lastlog_location=/var/adm/lastlog 763 AC_DEFINE(USE_PIPES) 764 ;; 765*-ncr-sysv*) 766 LIBS="$LIBS -lc89" 767 AC_DEFINE(USE_PIPES) 768 AC_DEFINE(SSHD_ACQUIRES_CTTY) 769 AC_DEFINE(SETEUID_BREAKS_SETUID) 770 AC_DEFINE(BROKEN_SETREUID) 771 AC_DEFINE(BROKEN_SETREGID) 772 ;; 773*-sni-sysv*) 774 # /usr/ucblib MUST NOT be searched on ReliantUNIX 775 AC_CHECK_LIB(dl, dlsym, ,) 776 # -lresolv needs to be at the end of LIBS or DNS lookups break 777 AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ]) 778 IPADDR_IN_DISPLAY=yes 779 AC_DEFINE(USE_PIPES) 780 AC_DEFINE(IP_TOS_IS_BROKEN) 781 AC_DEFINE(SETEUID_BREAKS_SETUID) 782 AC_DEFINE(BROKEN_SETREUID) 783 AC_DEFINE(BROKEN_SETREGID) 784 AC_DEFINE(SSHD_ACQUIRES_CTTY) 785 external_path_file=/etc/default/login 786 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 787 # Attention: always take care to bind libsocket and libnsl before libc, 788 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 789 ;; 790# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 791*-*-sysv4.2*) 792 AC_DEFINE(USE_PIPES) 793 AC_DEFINE(SETEUID_BREAKS_SETUID) 794 AC_DEFINE(BROKEN_SETREUID) 795 AC_DEFINE(BROKEN_SETREGID) 796 AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd]) 797 AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 798 ;; 799# UnixWare 7.x, OpenUNIX 8 800*-*-sysv5*) 801 CPPFLAGS="$CPPFLAGS -Dvsnprintf=_xvsnprintf -Dsnprintf=_xsnprintf" 802 AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars]) 803 AC_DEFINE(USE_PIPES) 804 AC_DEFINE(SETEUID_BREAKS_SETUID) 805 AC_DEFINE(BROKEN_GETADDRINFO) 806 AC_DEFINE(BROKEN_SETREUID) 807 AC_DEFINE(BROKEN_SETREGID) 808 AC_DEFINE(PASSWD_NEEDS_USERNAME) 809 case "$host" in 810 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 811 TEST_SHELL=/u95/bin/sh 812 AC_DEFINE(BROKEN_LIBIAF, 1, 813 [ia_uinfo routines not supported by OS yet]) 814 AC_DEFINE(BROKEN_UPDWTMPX) 815 AC_CHECK_LIB(prot, getluid,[ LIBS="$LIBS -lprot" 816 AC_CHECK_FUNCS(getluid setluid,,,-lprot) 817 AC_DEFINE(HAVE_SECUREWARE) 818 AC_DEFINE(DISABLE_SHADOW) 819 ],,) 820 ;; 821 *) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") 822 check_for_libcrypt_later=1 823 ;; 824 esac 825 ;; 826*-*-sysv*) 827 ;; 828# SCO UNIX and OEM versions of SCO UNIX 829*-*-sco3.2v4*) 830 AC_MSG_ERROR("This Platform is no longer supported.") 831 ;; 832# SCO OpenServer 5.x 833*-*-sco3.2v5*) 834 if test -z "$GCC"; then 835 CFLAGS="$CFLAGS -belf" 836 fi 837 LIBS="$LIBS -lprot -lx -ltinfo -lm" 838 no_dev_ptmx=1 839 AC_DEFINE(USE_PIPES) 840 AC_DEFINE(HAVE_SECUREWARE) 841 AC_DEFINE(DISABLE_SHADOW) 842 AC_DEFINE(DISABLE_FD_PASSING) 843 AC_DEFINE(SETEUID_BREAKS_SETUID) 844 AC_DEFINE(BROKEN_GETADDRINFO) 845 AC_DEFINE(BROKEN_SETREUID) 846 AC_DEFINE(BROKEN_SETREGID) 847 AC_DEFINE(WITH_ABBREV_NO_TTY) 848 AC_DEFINE(BROKEN_UPDWTMPX) 849 AC_DEFINE(PASSWD_NEEDS_USERNAME) 850 AC_CHECK_FUNCS(getluid setluid) 851 MANTYPE=man 852 TEST_SHELL=ksh 853 ;; 854*-*-unicosmk*) 855 AC_DEFINE(NO_SSH_LASTLOG, 1, 856 [Define if you don't want to use lastlog in session.c]) 857 AC_DEFINE(SETEUID_BREAKS_SETUID) 858 AC_DEFINE(BROKEN_SETREUID) 859 AC_DEFINE(BROKEN_SETREGID) 860 AC_DEFINE(USE_PIPES) 861 AC_DEFINE(DISABLE_FD_PASSING) 862 LDFLAGS="$LDFLAGS" 863 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 864 MANTYPE=cat 865 ;; 866*-*-unicosmp*) 867 AC_DEFINE(SETEUID_BREAKS_SETUID) 868 AC_DEFINE(BROKEN_SETREUID) 869 AC_DEFINE(BROKEN_SETREGID) 870 AC_DEFINE(WITH_ABBREV_NO_TTY) 871 AC_DEFINE(USE_PIPES) 872 AC_DEFINE(DISABLE_FD_PASSING) 873 LDFLAGS="$LDFLAGS" 874 LIBS="$LIBS -lgen -lacid -ldb" 875 MANTYPE=cat 876 ;; 877*-*-unicos*) 878 AC_DEFINE(SETEUID_BREAKS_SETUID) 879 AC_DEFINE(BROKEN_SETREUID) 880 AC_DEFINE(BROKEN_SETREGID) 881 AC_DEFINE(USE_PIPES) 882 AC_DEFINE(DISABLE_FD_PASSING) 883 AC_DEFINE(NO_SSH_LASTLOG) 884 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 885 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 886 MANTYPE=cat 887 ;; 888*-dec-osf*) 889 AC_MSG_CHECKING(for Digital Unix SIA) 890 no_osfsia="" 891 AC_ARG_WITH(osfsia, 892 [ --with-osfsia Enable Digital Unix SIA], 893 [ 894 if test "x$withval" = "xno" ; then 895 AC_MSG_RESULT(disabled) 896 no_osfsia=1 897 fi 898 ], 899 ) 900 if test -z "$no_osfsia" ; then 901 if test -f /etc/sia/matrix.conf; then 902 AC_MSG_RESULT(yes) 903 AC_DEFINE(HAVE_OSF_SIA, 1, 904 [Define if you have Digital Unix Security 905 Integration Architecture]) 906 AC_DEFINE(DISABLE_LOGIN, 1, 907 [Define if you don't want to use your 908 system's login() call]) 909 AC_DEFINE(DISABLE_FD_PASSING) 910 LIBS="$LIBS -lsecurity -ldb -lm -laud" 911 SIA_MSG="yes" 912 else 913 AC_MSG_RESULT(no) 914 AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin", 915 [String used in /etc/passwd to denote locked account]) 916 fi 917 fi 918 AC_DEFINE(BROKEN_GETADDRINFO) 919 AC_DEFINE(SETEUID_BREAKS_SETUID) 920 AC_DEFINE(BROKEN_SETREUID) 921 AC_DEFINE(BROKEN_SETREGID) 922 AC_DEFINE(BROKEN_READV_COMPARISON, 1, [Can't do comparisons on readv]) 923 ;; 924 925*-*-nto-qnx*) 926 AC_DEFINE(USE_PIPES) 927 AC_DEFINE(NO_X11_UNIX_SOCKETS) 928 AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems]) 929 AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems]) 930 AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems]) 931 AC_DEFINE(DISABLE_LASTLOG) 932 AC_DEFINE(SSHD_ACQUIRES_CTTY) 933 AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken]) 934 enable_etc_default_login=no # has incompatible /etc/default/login 935 case "$host" in 936 *-*-nto-qnx6*) 937 AC_DEFINE(DISABLE_FD_PASSING) 938 ;; 939 esac 940 ;; 941 942*-*-ultrix*) 943 AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1]) 944 AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files]) 945 AC_DEFINE(NEED_SETPGRP) 946 AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix]) 947 ;; 948 949*-*-lynxos) 950 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 951 AC_DEFINE(MISSING_HOWMANY) 952 AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation]) 953 ;; 954esac 955 956AC_MSG_CHECKING(compiler and flags for sanity) 957AC_RUN_IFELSE( 958 [AC_LANG_SOURCE([ 959#include <stdio.h> 960int main(){exit(0);} 961 ])], 962 [ AC_MSG_RESULT(yes) ], 963 [ 964 AC_MSG_RESULT(no) 965 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 966 ], 967 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 968) 969 970dnl Checks for header files. 971# Checks for libraries. 972AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) 973AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt)) 974 975dnl IRIX and Solaris 2.5.1 have dirname() in libgen 976AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ 977 AC_CHECK_LIB(gen, dirname,[ 978 AC_CACHE_CHECK([for broken dirname], 979 ac_cv_have_broken_dirname, [ 980 save_LIBS="$LIBS" 981 LIBS="$LIBS -lgen" 982 AC_RUN_IFELSE( 983 [AC_LANG_SOURCE([[ 984#include <libgen.h> 985#include <string.h> 986 987int main(int argc, char **argv) { 988 char *s, buf[32]; 989 990 strncpy(buf,"/etc", 32); 991 s = dirname(buf); 992 if (!s || strncmp(s, "/", 32) != 0) { 993 exit(1); 994 } else { 995 exit(0); 996 } 997} 998 ]])], 999 [ ac_cv_have_broken_dirname="no" ], 1000 [ ac_cv_have_broken_dirname="yes" ], 1001 [ ac_cv_have_broken_dirname="no" ], 1002 ) 1003 LIBS="$save_LIBS" 1004 ]) 1005 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 1006 LIBS="$LIBS -lgen" 1007 AC_DEFINE(HAVE_DIRNAME) 1008 AC_CHECK_HEADERS(libgen.h) 1009 fi 1010 ]) 1011]) 1012 1013AC_CHECK_FUNC(getspnam, , 1014 AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) 1015AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1, 1016 [Define if you have the basename function.])) 1017 1018dnl zlib is required 1019AC_ARG_WITH(zlib, 1020 [ --with-zlib=PATH Use zlib in PATH], 1021 [ if test "x$withval" = "xno" ; then 1022 AC_MSG_ERROR([*** zlib is required ***]) 1023 elif test "x$withval" != "xyes"; then 1024 if test -d "$withval/lib"; then 1025 if test -n "${need_dash_r}"; then 1026 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1027 else 1028 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1029 fi 1030 else 1031 if test -n "${need_dash_r}"; then 1032 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1033 else 1034 LDFLAGS="-L${withval} ${LDFLAGS}" 1035 fi 1036 fi 1037 if test -d "$withval/include"; then 1038 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1039 else 1040 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1041 fi 1042 fi ] 1043) 1044 1045AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])) 1046AC_CHECK_LIB(z, deflate, , 1047 [ 1048 saved_CPPFLAGS="$CPPFLAGS" 1049 saved_LDFLAGS="$LDFLAGS" 1050 save_LIBS="$LIBS" 1051 dnl Check default zlib install dir 1052 if test -n "${need_dash_r}"; then 1053 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 1054 else 1055 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 1056 fi 1057 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 1058 LIBS="$LIBS -lz" 1059 AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ), 1060 [ 1061 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 1062 ] 1063 ) 1064 ] 1065) 1066 1067AC_ARG_WITH(zlib-version-check, 1068 [ --without-zlib-version-check Disable zlib version check], 1069 [ if test "x$withval" = "xno" ; then 1070 zlib_check_nonfatal=1 1071 fi 1072 ] 1073) 1074 1075AC_MSG_CHECKING(for possibly buggy zlib) 1076AC_RUN_IFELSE([AC_LANG_SOURCE([[ 1077#include <stdio.h> 1078#include <zlib.h> 1079int main() 1080{ 1081 int a=0, b=0, c=0, d=0, n, v; 1082 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 1083 if (n != 3 && n != 4) 1084 exit(1); 1085 v = a*1000000 + b*10000 + c*100 + d; 1086 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 1087 1088 /* 1.1.4 is OK */ 1089 if (a == 1 && b == 1 && c >= 4) 1090 exit(0); 1091 1092 /* 1.2.3 and up are OK */ 1093 if (v >= 1020300) 1094 exit(0); 1095 1096 exit(2); 1097} 1098 ]])], 1099 AC_MSG_RESULT(no), 1100 [ AC_MSG_RESULT(yes) 1101 if test -z "$zlib_check_nonfatal" ; then 1102 AC_MSG_ERROR([*** zlib too old - check config.log *** 1103Your reported zlib version has known security problems. It's possible your 1104vendor has fixed these problems without changing the version number. If you 1105are sure this is the case, you can disable the check by running 1106"./configure --without-zlib-version-check". 1107If you are in doubt, upgrade zlib to version 1.2.3 or greater. 1108See http://www.gzip.org/zlib/ for details.]) 1109 else 1110 AC_MSG_WARN([zlib version may have security problems]) 1111 fi 1112 ], 1113 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 1114) 1115 1116dnl UnixWare 2.x 1117AC_CHECK_FUNC(strcasecmp, 1118 [], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ] 1119) 1120AC_CHECK_FUNCS(utimes, 1121 [], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES) 1122 LIBS="$LIBS -lc89"]) ] 1123) 1124 1125dnl Checks for libutil functions 1126AC_CHECK_HEADERS(libutil.h) 1127AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1, 1128 [Define if your libraries define login()])]) 1129AC_CHECK_FUNCS(fmt_scaled logout updwtmp logwtmp) 1130 1131AC_FUNC_STRFTIME 1132 1133# Check for ALTDIRFUNC glob() extension 1134AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support) 1135AC_EGREP_CPP(FOUNDIT, 1136 [ 1137 #include <glob.h> 1138 #ifdef GLOB_ALTDIRFUNC 1139 FOUNDIT 1140 #endif 1141 ], 1142 [ 1143 AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1, 1144 [Define if your system glob() function has 1145 the GLOB_ALTDIRFUNC extension]) 1146 AC_MSG_RESULT(yes) 1147 ], 1148 [ 1149 AC_MSG_RESULT(no) 1150 ] 1151) 1152 1153# Check for g.gl_matchc glob() extension 1154AC_MSG_CHECKING(for gl_matchc field in glob_t) 1155AC_TRY_COMPILE( 1156 [ #include <glob.h> ], 1157 [glob_t g; g.gl_matchc = 1;], 1158 [ 1159 AC_DEFINE(GLOB_HAS_GL_MATCHC, 1, 1160 [Define if your system glob() function has 1161 gl_matchc options in glob_t]) 1162 AC_MSG_RESULT(yes) 1163 ], 1164 [ 1165 AC_MSG_RESULT(no) 1166 ] 1167) 1168 1169# Check for g.gl_statv glob() extension 1170AC_MSG_CHECKING(for gl_statv and GLOB_KEEPSTAT extensions for glob) 1171AC_TRY_COMPILE( 1172 [ #include <glob.h> ], 1173 [ 1174#ifndef GLOB_KEEPSTAT 1175#error "glob does not support GLOB_KEEPSTAT extension" 1176#endif 1177glob_t g; 1178g.gl_statv = NULL; 1179], 1180 [ 1181 AC_DEFINE(GLOB_HAS_GL_STATV, 1, 1182 [Define if your system glob() function has 1183 gl_statv options in glob_t]) 1184 AC_MSG_RESULT(yes) 1185 ], 1186 [ 1187 AC_MSG_RESULT(no) 1188 ] 1189) 1190 1191AC_CHECK_DECLS(GLOB_NOMATCH, , , [#include <glob.h>]) 1192 1193AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1194AC_RUN_IFELSE( 1195 [AC_LANG_SOURCE([[ 1196#include <sys/types.h> 1197#include <dirent.h> 1198int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));} 1199 ]])], 1200 [AC_MSG_RESULT(yes)], 1201 [ 1202 AC_MSG_RESULT(no) 1203 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1, 1204 [Define if your struct dirent expects you to 1205 allocate extra space for d_name]) 1206 ], 1207 [ 1208 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1209 AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) 1210 ] 1211) 1212 1213AC_MSG_CHECKING([for /proc/pid/fd directory]) 1214if test -d "/proc/$$/fd" ; then 1215 AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd]) 1216 AC_MSG_RESULT(yes) 1217else 1218 AC_MSG_RESULT(no) 1219fi 1220 1221# Check whether user wants S/Key support 1222SKEY_MSG="no" 1223AC_ARG_WITH(skey, 1224 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1225 [ 1226 if test "x$withval" != "xno" ; then 1227 1228 if test "x$withval" != "xyes" ; then 1229 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1230 LDFLAGS="$LDFLAGS -L${withval}/lib" 1231 fi 1232 1233 AC_DEFINE(SKEY, 1, [Define if you want S/Key support]) 1234 LIBS="-lskey $LIBS" 1235 SKEY_MSG="yes" 1236 1237 AC_MSG_CHECKING([for s/key support]) 1238 AC_LINK_IFELSE( 1239 [AC_LANG_SOURCE([[ 1240#include <stdio.h> 1241#include <skey.h> 1242int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); } 1243 ]])], 1244 [AC_MSG_RESULT(yes)], 1245 [ 1246 AC_MSG_RESULT(no) 1247 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1248 ]) 1249 AC_MSG_CHECKING(if skeychallenge takes 4 arguments) 1250 AC_TRY_COMPILE( 1251 [#include <stdio.h> 1252 #include <skey.h>], 1253 [(void)skeychallenge(NULL,"name","",0);], 1254 [AC_MSG_RESULT(yes) 1255 AC_DEFINE(SKEYCHALLENGE_4ARG, 1, 1256 [Define if your skeychallenge() 1257 function takes 4 arguments (NetBSD)])], 1258 [AC_MSG_RESULT(no)] 1259 ) 1260 fi 1261 ] 1262) 1263 1264# Check whether user wants TCP wrappers support 1265TCPW_MSG="no" 1266AC_ARG_WITH(tcp-wrappers, 1267 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1268 [ 1269 if test "x$withval" != "xno" ; then 1270 saved_LIBS="$LIBS" 1271 saved_LDFLAGS="$LDFLAGS" 1272 saved_CPPFLAGS="$CPPFLAGS" 1273 if test -n "${withval}" && \ 1274 test "x${withval}" != "xyes"; then 1275 if test -d "${withval}/lib"; then 1276 if test -n "${need_dash_r}"; then 1277 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1278 else 1279 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1280 fi 1281 else 1282 if test -n "${need_dash_r}"; then 1283 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1284 else 1285 LDFLAGS="-L${withval} ${LDFLAGS}" 1286 fi 1287 fi 1288 if test -d "${withval}/include"; then 1289 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1290 else 1291 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1292 fi 1293 fi 1294 LIBS="-lwrap $LIBS" 1295 AC_MSG_CHECKING(for libwrap) 1296 AC_TRY_LINK( 1297 [ 1298#include <sys/types.h> 1299#include <sys/socket.h> 1300#include <netinet/in.h> 1301#include <tcpd.h> 1302 int deny_severity = 0, allow_severity = 0; 1303 ], 1304 [hosts_access(0);], 1305 [ 1306 AC_MSG_RESULT(yes) 1307 AC_DEFINE(LIBWRAP, 1, 1308 [Define if you want 1309 TCP Wrappers support]) 1310 SSHDLIBS="$SSHDLIBS -lwrap" 1311 TCPW_MSG="yes" 1312 ], 1313 [ 1314 AC_MSG_ERROR([*** libwrap missing]) 1315 ] 1316 ) 1317 LIBS="$saved_LIBS" 1318 fi 1319 ] 1320) 1321 1322# Check whether user wants libedit support 1323LIBEDIT_MSG="no" 1324AC_ARG_WITH(libedit, 1325 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1326 [ if test "x$withval" != "xno" ; then 1327 if test "x$withval" = "xyes" ; then 1328 AC_PATH_PROG(PKGCONFIG, pkg-config, no) 1329 if test "x$PKGCONFIG" != "xno"; then 1330 AC_MSG_CHECKING(if $PKGCONFIG knows about libedit) 1331 if "$PKGCONFIG" libedit; then 1332 AC_MSG_RESULT(yes) 1333 use_pkgconfig_for_libedit=yes 1334 else 1335 AC_MSG_RESULT(no) 1336 fi 1337 fi 1338 else 1339 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1340 if test -n "${need_dash_r}"; then 1341 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1342 else 1343 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1344 fi 1345 fi 1346 if test "x$use_pkgconfig_for_libedit" = "xyes"; then 1347 LIBEDIT=`$PKGCONFIG --libs-only-l libedit` 1348 CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`" 1349 else 1350 LIBEDIT="-ledit -lcurses" 1351 fi 1352 OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'` 1353 AC_CHECK_LIB(edit, el_init, 1354 [ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp]) 1355 LIBEDIT_MSG="yes" 1356 AC_SUBST(LIBEDIT) 1357 ], 1358 [ AC_MSG_ERROR(libedit not found) ], 1359 [ $OTHERLIBS ] 1360 ) 1361 AC_MSG_CHECKING(if libedit version is compatible) 1362 AC_COMPILE_IFELSE( 1363 [AC_LANG_SOURCE([[ 1364#include <histedit.h> 1365int main(void) 1366{ 1367 int i = H_SETSIZE; 1368 el_init("", NULL, NULL, NULL); 1369 exit(0); 1370} 1371 ]])], 1372 [ AC_MSG_RESULT(yes) ], 1373 [ AC_MSG_RESULT(no) 1374 AC_MSG_ERROR(libedit version is not compatible) ] 1375 ) 1376 fi ] 1377) 1378 1379AUDIT_MODULE=none 1380AC_ARG_WITH(audit, 1381 [ --with-audit=module Enable audit support (modules=debug,bsm,linux)], 1382 [ 1383 AC_MSG_CHECKING(for supported audit module) 1384 case "$withval" in 1385 bsm) 1386 AC_MSG_RESULT(bsm) 1387 AUDIT_MODULE=bsm 1388 dnl Checks for headers, libs and functions 1389 AC_CHECK_HEADERS(bsm/audit.h, [], 1390 [AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)], 1391 [ 1392#ifdef HAVE_TIME_H 1393# include <time.h> 1394#endif 1395 ] 1396) 1397 AC_CHECK_LIB(bsm, getaudit, [], 1398 [AC_MSG_ERROR(BSM enabled and required library not found)]) 1399 AC_CHECK_FUNCS(getaudit, [], 1400 [AC_MSG_ERROR(BSM enabled and required function not found)]) 1401 # These are optional 1402 AC_CHECK_FUNCS(getaudit_addr aug_get_machine) 1403 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1404 ;; 1405 linux) 1406 AC_MSG_RESULT(linux) 1407 AUDIT_MODULE=linux 1408 dnl Checks for headers, libs and functions 1409 AC_CHECK_HEADERS(libaudit.h) 1410 SSHDLIBS="$SSHDLIBS -laudit" 1411 AC_DEFINE(USE_LINUX_AUDIT, 1, [Use Linux audit module]) 1412 ;; 1413 debug) 1414 AUDIT_MODULE=debug 1415 AC_MSG_RESULT(debug) 1416 AC_DEFINE(SSH_AUDIT_EVENTS, 1, [Use audit debugging module]) 1417 ;; 1418 no) 1419 AC_MSG_RESULT(no) 1420 ;; 1421 *) 1422 AC_MSG_ERROR([Unknown audit module $withval]) 1423 ;; 1424 esac ] 1425) 1426 1427dnl Checks for library functions. Please keep in alphabetical order 1428AC_CHECK_FUNCS( \ 1429 arc4random \ 1430 arc4random_buf \ 1431 arc4random_uniform \ 1432 asprintf \ 1433 b64_ntop \ 1434 __b64_ntop \ 1435 b64_pton \ 1436 __b64_pton \ 1437 bcopy \ 1438 bindresvport_sa \ 1439 clock \ 1440 closefrom \ 1441 dirfd \ 1442 fchmod \ 1443 fchown \ 1444 freeaddrinfo \ 1445 fstatvfs \ 1446 futimes \ 1447 getaddrinfo \ 1448 getcwd \ 1449 getgrouplist \ 1450 getnameinfo \ 1451 getopt \ 1452 getpeereid \ 1453 getpeerucred \ 1454 _getpty \ 1455 getrlimit \ 1456 getttyent \ 1457 glob \ 1458 group_from_gid \ 1459 inet_aton \ 1460 inet_ntoa \ 1461 inet_ntop \ 1462 innetgr \ 1463 login_getcapbool \ 1464 md5_crypt \ 1465 memmove \ 1466 mkdtemp \ 1467 mmap \ 1468 ngetaddrinfo \ 1469 nsleep \ 1470 ogetaddrinfo \ 1471 openlog_r \ 1472 openpty \ 1473 poll \ 1474 prctl \ 1475 pstat \ 1476 readpassphrase \ 1477 realpath \ 1478 recvmsg \ 1479 rresvport_af \ 1480 sendmsg \ 1481 setdtablesize \ 1482 setegid \ 1483 setenv \ 1484 seteuid \ 1485 setgroupent \ 1486 setgroups \ 1487 setlogin \ 1488 setpassent\ 1489 setpcred \ 1490 setproctitle \ 1491 setregid \ 1492 setreuid \ 1493 setrlimit \ 1494 setsid \ 1495 setvbuf \ 1496 sigaction \ 1497 sigvec \ 1498 snprintf \ 1499 socketpair \ 1500 statfs \ 1501 statvfs \ 1502 strdup \ 1503 strerror \ 1504 strlcat \ 1505 strlcpy \ 1506 strmode \ 1507 strnvis \ 1508 strptime \ 1509 strtonum \ 1510 strtoll \ 1511 strtoul \ 1512 swap32 \ 1513 sysconf \ 1514 tcgetpgrp \ 1515 timingsafe_bcmp \ 1516 truncate \ 1517 unsetenv \ 1518 updwtmpx \ 1519 user_from_uid \ 1520 vasprintf \ 1521 vhangup \ 1522 vsnprintf \ 1523 waitpid \ 1524) 1525 1526AC_LINK_IFELSE( 1527[ 1528#include <ctype.h> 1529int main(void) 1530{ 1531 return (isblank('a')); 1532} 1533], 1534 [AC_DEFINE(HAVE_ISBLANK, 1, [Define if you have isblank(3C).]) 1535]) 1536 1537# PKCS#11 support requires dlopen() and co 1538AC_SEARCH_LIBS(dlopen, dl, 1539 AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support]) 1540) 1541 1542# IRIX has a const char return value for gai_strerror() 1543AC_CHECK_FUNCS(gai_strerror,[ 1544 AC_DEFINE(HAVE_GAI_STRERROR) 1545 AC_TRY_COMPILE([ 1546#include <sys/types.h> 1547#include <sys/socket.h> 1548#include <netdb.h> 1549 1550const char *gai_strerror(int);],[ 1551char *str; 1552 1553str = gai_strerror(0);],[ 1554 AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, 1555 [Define if gai_strerror() returns const char *])])]) 1556 1557AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1, 1558 [Some systems put nanosleep outside of libc])) 1559 1560dnl Make sure prototypes are defined for these before using them. 1561AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)]) 1562AC_CHECK_DECL(strsep, 1563 [AC_CHECK_FUNCS(strsep)], 1564 [], 1565 [ 1566#ifdef HAVE_STRING_H 1567# include <string.h> 1568#endif 1569 ]) 1570 1571dnl tcsendbreak might be a macro 1572AC_CHECK_DECL(tcsendbreak, 1573 [AC_DEFINE(HAVE_TCSENDBREAK)], 1574 [AC_CHECK_FUNCS(tcsendbreak)], 1575 [#include <termios.h>] 1576) 1577 1578AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>]) 1579 1580AC_CHECK_DECLS(SHUT_RD, , , 1581 [ 1582#include <sys/types.h> 1583#include <sys/socket.h> 1584 ]) 1585 1586AC_CHECK_DECLS(O_NONBLOCK, , , 1587 [ 1588#include <sys/types.h> 1589#ifdef HAVE_SYS_STAT_H 1590# include <sys/stat.h> 1591#endif 1592#ifdef HAVE_FCNTL_H 1593# include <fcntl.h> 1594#endif 1595 ]) 1596 1597AC_CHECK_DECLS(writev, , , [ 1598#include <sys/types.h> 1599#include <sys/uio.h> 1600#include <unistd.h> 1601 ]) 1602 1603AC_CHECK_DECLS(MAXSYMLINKS, , , [ 1604#include <sys/param.h> 1605 ]) 1606 1607AC_CHECK_DECLS(offsetof, , , [ 1608#include <stddef.h> 1609 ]) 1610 1611AC_CHECK_FUNCS(setresuid, [ 1612 dnl Some platorms have setresuid that isn't implemented, test for this 1613 AC_MSG_CHECKING(if setresuid seems to work) 1614 AC_RUN_IFELSE( 1615 [AC_LANG_SOURCE([[ 1616#include <stdlib.h> 1617#include <errno.h> 1618int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1619 ]])], 1620 [AC_MSG_RESULT(yes)], 1621 [AC_DEFINE(BROKEN_SETRESUID, 1, 1622 [Define if your setresuid() is broken]) 1623 AC_MSG_RESULT(not implemented)], 1624 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1625 ) 1626]) 1627 1628AC_CHECK_FUNCS(setresgid, [ 1629 dnl Some platorms have setresgid that isn't implemented, test for this 1630 AC_MSG_CHECKING(if setresgid seems to work) 1631 AC_RUN_IFELSE( 1632 [AC_LANG_SOURCE([[ 1633#include <stdlib.h> 1634#include <errno.h> 1635int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);} 1636 ]])], 1637 [AC_MSG_RESULT(yes)], 1638 [AC_DEFINE(BROKEN_SETRESGID, 1, 1639 [Define if your setresgid() is broken]) 1640 AC_MSG_RESULT(not implemented)], 1641 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1642 ) 1643]) 1644 1645dnl Checks for time functions 1646AC_CHECK_FUNCS(gettimeofday time) 1647dnl Checks for utmp functions 1648AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) 1649AC_CHECK_FUNCS(utmpname) 1650dnl Checks for utmpx functions 1651AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline getutxuser pututxline) 1652AC_CHECK_FUNCS(setutxdb setutxent utmpxname) 1653dnl Checks for lastlog functions 1654AC_CHECK_FUNCS(getlastlogxbyname) 1655 1656AC_CHECK_FUNC(daemon, 1657 [AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])], 1658 [AC_CHECK_LIB(bsd, daemon, 1659 [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] 1660) 1661 1662AC_CHECK_FUNC(getpagesize, 1663 [AC_DEFINE(HAVE_GETPAGESIZE, 1, 1664 [Define if your libraries define getpagesize()])], 1665 [AC_CHECK_LIB(ucb, getpagesize, 1666 [LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])] 1667) 1668 1669# Check for broken snprintf 1670if test "x$ac_cv_func_snprintf" = "xyes" ; then 1671 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1672 AC_RUN_IFELSE( 1673 [AC_LANG_SOURCE([[ 1674#include <stdio.h> 1675int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');} 1676 ]])], 1677 [AC_MSG_RESULT(yes)], 1678 [ 1679 AC_MSG_RESULT(no) 1680 AC_DEFINE(BROKEN_SNPRINTF, 1, 1681 [Define if your snprintf is busted]) 1682 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1683 ], 1684 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1685 ) 1686fi 1687 1688# If we don't have a working asprintf, then we strongly depend on vsnprintf 1689# returning the right thing on overflow: the number of characters it tried to 1690# create (as per SUSv3) 1691if test "x$ac_cv_func_asprintf" != "xyes" && \ 1692 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1693 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1694 AC_RUN_IFELSE( 1695 [AC_LANG_SOURCE([[ 1696#include <sys/types.h> 1697#include <stdio.h> 1698#include <stdarg.h> 1699 1700int x_snprintf(char *str,size_t count,const char *fmt,...) 1701{ 1702 size_t ret; va_list ap; 1703 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1704 return ret; 1705} 1706int main(void) 1707{ 1708 char x[1]; 1709 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1710} ]])], 1711 [AC_MSG_RESULT(yes)], 1712 [ 1713 AC_MSG_RESULT(no) 1714 AC_DEFINE(BROKEN_SNPRINTF, 1, 1715 [Define if your snprintf is busted]) 1716 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1717 ], 1718 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1719 ) 1720fi 1721 1722# On systems where [v]snprintf is broken, but is declared in stdio, 1723# check that the fmt argument is const char * or just char *. 1724# This is only useful for when BROKEN_SNPRINTF 1725AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1726AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h> 1727 int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1728 int main(void) { snprintf(0, 0, 0); } 1729 ]])], 1730 [AC_MSG_RESULT(yes) 1731 AC_DEFINE(SNPRINTF_CONST, [const], 1732 [Define as const if snprintf() can declare const char *fmt])], 1733 [AC_MSG_RESULT(no) 1734 AC_DEFINE(SNPRINTF_CONST, [/* not const */])]) 1735 1736# Check for missing getpeereid (or equiv) support 1737NO_PEERCHECK="" 1738if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then 1739 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1740 AC_TRY_COMPILE( 1741 [#include <sys/types.h> 1742 #include <sys/socket.h>], 1743 [int i = SO_PEERCRED;], 1744 [ AC_MSG_RESULT(yes) 1745 AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option]) 1746 ], 1747 [AC_MSG_RESULT(no) 1748 NO_PEERCHECK=1] 1749 ) 1750fi 1751 1752dnl see whether mkstemp() requires XXXXXX 1753if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1754AC_MSG_CHECKING([for (overly) strict mkstemp]) 1755AC_RUN_IFELSE( 1756 [AC_LANG_SOURCE([[ 1757#include <stdlib.h> 1758main() { char template[]="conftest.mkstemp-test"; 1759if (mkstemp(template) == -1) 1760 exit(1); 1761unlink(template); exit(0); 1762} 1763 ]])], 1764 [ 1765 AC_MSG_RESULT(no) 1766 ], 1767 [ 1768 AC_MSG_RESULT(yes) 1769 AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()]) 1770 ], 1771 [ 1772 AC_MSG_RESULT(yes) 1773 AC_DEFINE(HAVE_STRICT_MKSTEMP) 1774 ] 1775) 1776fi 1777 1778dnl make sure that openpty does not reacquire controlling terminal 1779if test ! -z "$check_for_openpty_ctty_bug"; then 1780 AC_MSG_CHECKING(if openpty correctly handles controlling tty) 1781 AC_RUN_IFELSE( 1782 [AC_LANG_SOURCE([[ 1783#include <stdio.h> 1784#include <sys/fcntl.h> 1785#include <sys/types.h> 1786#include <sys/wait.h> 1787 1788int 1789main() 1790{ 1791 pid_t pid; 1792 int fd, ptyfd, ttyfd, status; 1793 1794 pid = fork(); 1795 if (pid < 0) { /* failed */ 1796 exit(1); 1797 } else if (pid > 0) { /* parent */ 1798 waitpid(pid, &status, 0); 1799 if (WIFEXITED(status)) 1800 exit(WEXITSTATUS(status)); 1801 else 1802 exit(2); 1803 } else { /* child */ 1804 close(0); close(1); close(2); 1805 setsid(); 1806 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1807 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1808 if (fd >= 0) 1809 exit(3); /* Acquired ctty: broken */ 1810 else 1811 exit(0); /* Did not acquire ctty: OK */ 1812 } 1813} 1814 ]])], 1815 [ 1816 AC_MSG_RESULT(yes) 1817 ], 1818 [ 1819 AC_MSG_RESULT(no) 1820 AC_DEFINE(SSHD_ACQUIRES_CTTY) 1821 ], 1822 [ 1823 AC_MSG_RESULT(cross-compiling, assuming yes) 1824 ] 1825 ) 1826fi 1827 1828if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1829 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1830 AC_MSG_CHECKING(if getaddrinfo seems to work) 1831 AC_RUN_IFELSE( 1832 [AC_LANG_SOURCE([[ 1833#include <stdio.h> 1834#include <sys/socket.h> 1835#include <netdb.h> 1836#include <errno.h> 1837#include <netinet/in.h> 1838 1839#define TEST_PORT "2222" 1840 1841int 1842main(void) 1843{ 1844 int err, sock; 1845 struct addrinfo *gai_ai, *ai, hints; 1846 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1847 1848 memset(&hints, 0, sizeof(hints)); 1849 hints.ai_family = PF_UNSPEC; 1850 hints.ai_socktype = SOCK_STREAM; 1851 hints.ai_flags = AI_PASSIVE; 1852 1853 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1854 if (err != 0) { 1855 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1856 exit(1); 1857 } 1858 1859 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1860 if (ai->ai_family != AF_INET6) 1861 continue; 1862 1863 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1864 sizeof(ntop), strport, sizeof(strport), 1865 NI_NUMERICHOST|NI_NUMERICSERV); 1866 1867 if (err != 0) { 1868 if (err == EAI_SYSTEM) 1869 perror("getnameinfo EAI_SYSTEM"); 1870 else 1871 fprintf(stderr, "getnameinfo failed: %s\n", 1872 gai_strerror(err)); 1873 exit(2); 1874 } 1875 1876 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1877 if (sock < 0) 1878 perror("socket"); 1879 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1880 if (errno == EBADF) 1881 exit(3); 1882 } 1883 } 1884 exit(0); 1885} 1886 ]])], 1887 [ 1888 AC_MSG_RESULT(yes) 1889 ], 1890 [ 1891 AC_MSG_RESULT(no) 1892 AC_DEFINE(BROKEN_GETADDRINFO) 1893 ], 1894 [ 1895 AC_MSG_RESULT(cross-compiling, assuming yes) 1896 ] 1897 ) 1898fi 1899 1900if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1901 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1902 AC_MSG_CHECKING(if getaddrinfo seems to work) 1903 AC_RUN_IFELSE( 1904 [AC_LANG_SOURCE([[ 1905#include <stdio.h> 1906#include <sys/socket.h> 1907#include <netdb.h> 1908#include <errno.h> 1909#include <netinet/in.h> 1910 1911#define TEST_PORT "2222" 1912 1913int 1914main(void) 1915{ 1916 int err, sock; 1917 struct addrinfo *gai_ai, *ai, hints; 1918 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1919 1920 memset(&hints, 0, sizeof(hints)); 1921 hints.ai_family = PF_UNSPEC; 1922 hints.ai_socktype = SOCK_STREAM; 1923 hints.ai_flags = AI_PASSIVE; 1924 1925 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1926 if (err != 0) { 1927 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1928 exit(1); 1929 } 1930 1931 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1932 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1933 continue; 1934 1935 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1936 sizeof(ntop), strport, sizeof(strport), 1937 NI_NUMERICHOST|NI_NUMERICSERV); 1938 1939 if (ai->ai_family == AF_INET && err != 0) { 1940 perror("getnameinfo"); 1941 exit(2); 1942 } 1943 } 1944 exit(0); 1945} 1946 ]])], 1947 [ 1948 AC_MSG_RESULT(yes) 1949 AC_DEFINE(AIX_GETNAMEINFO_HACK, 1, 1950 [Define if you have a getaddrinfo that fails 1951 for the all-zeros IPv6 address]) 1952 ], 1953 [ 1954 AC_MSG_RESULT(no) 1955 AC_DEFINE(BROKEN_GETADDRINFO) 1956 ], 1957 [ 1958 AC_MSG_RESULT(cross-compiling, assuming no) 1959 ] 1960 ) 1961fi 1962 1963if test "x$check_for_conflicting_getspnam" = "x1"; then 1964 AC_MSG_CHECKING(for conflicting getspnam in shadow.h) 1965 AC_COMPILE_IFELSE( 1966 [ 1967#include <shadow.h> 1968int main(void) {exit(0);} 1969 ], 1970 [ 1971 AC_MSG_RESULT(no) 1972 ], 1973 [ 1974 AC_MSG_RESULT(yes) 1975 AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1, 1976 [Conflicting defs for getspnam]) 1977 ] 1978 ) 1979fi 1980 1981AC_FUNC_GETPGRP 1982 1983# Search for OpenSSL 1984saved_CPPFLAGS="$CPPFLAGS" 1985saved_LDFLAGS="$LDFLAGS" 1986AC_ARG_WITH(ssl-dir, 1987 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1988 [ 1989 if test "x$withval" != "xno" ; then 1990 case "$withval" in 1991 # Relative paths 1992 ./*|../*) withval="`pwd`/$withval" 1993 esac 1994 if test -d "$withval/lib"; then 1995 if test -n "${need_dash_r}"; then 1996 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1997 else 1998 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1999 fi 2000 elif test -d "$withval/lib64"; then 2001 if test -n "${need_dash_r}"; then 2002 LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}" 2003 else 2004 LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" 2005 fi 2006 else 2007 if test -n "${need_dash_r}"; then 2008 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 2009 else 2010 LDFLAGS="-L${withval} ${LDFLAGS}" 2011 fi 2012 fi 2013 if test -d "$withval/include"; then 2014 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 2015 else 2016 CPPFLAGS="-I${withval} ${CPPFLAGS}" 2017 fi 2018 fi 2019 ] 2020) 2021LIBS="-lcrypto $LIBS" 2022AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1, 2023 [Define if your ssl headers are included 2024 with #include <openssl/header.h>]), 2025 [ 2026 dnl Check default openssl install dir 2027 if test -n "${need_dash_r}"; then 2028 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 2029 else 2030 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 2031 fi 2032 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 2033 AC_CHECK_HEADER([openssl/opensslv.h], , 2034 AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])) 2035 AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL), 2036 [ 2037 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 2038 ] 2039 ) 2040 ] 2041) 2042 2043# Determine OpenSSL header version 2044AC_MSG_CHECKING([OpenSSL header version]) 2045AC_RUN_IFELSE( 2046 [AC_LANG_SOURCE([[ 2047#include <stdio.h> 2048#include <string.h> 2049#include <openssl/opensslv.h> 2050#define DATA "conftest.sslincver" 2051int main(void) { 2052 FILE *fd; 2053 int rc; 2054 2055 fd = fopen(DATA,"w"); 2056 if(fd == NULL) 2057 exit(1); 2058 2059 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 2060 exit(1); 2061 2062 exit(0); 2063} 2064 ]])], 2065 [ 2066 ssl_header_ver=`cat conftest.sslincver` 2067 AC_MSG_RESULT($ssl_header_ver) 2068 ], 2069 [ 2070 AC_MSG_RESULT(not found) 2071 AC_MSG_ERROR(OpenSSL version header not found.) 2072 ], 2073 [ 2074 AC_MSG_WARN([cross compiling: not checking]) 2075 ] 2076) 2077 2078# Determine OpenSSL library version 2079AC_MSG_CHECKING([OpenSSL library version]) 2080AC_RUN_IFELSE( 2081 [AC_LANG_SOURCE([[ 2082#include <stdio.h> 2083#include <string.h> 2084#include <openssl/opensslv.h> 2085#include <openssl/crypto.h> 2086#define DATA "conftest.ssllibver" 2087int main(void) { 2088 FILE *fd; 2089 int rc; 2090 2091 fd = fopen(DATA,"w"); 2092 if(fd == NULL) 2093 exit(1); 2094 2095 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 2096 exit(1); 2097 2098 exit(0); 2099} 2100 ]])], 2101 [ 2102 ssl_library_ver=`cat conftest.ssllibver` 2103 AC_MSG_RESULT($ssl_library_ver) 2104 ], 2105 [ 2106 AC_MSG_RESULT(not found) 2107 AC_MSG_ERROR(OpenSSL library not found.) 2108 ], 2109 [ 2110 AC_MSG_WARN([cross compiling: not checking]) 2111 ] 2112) 2113 2114AC_ARG_WITH(openssl-header-check, 2115 [ --without-openssl-header-check Disable OpenSSL version consistency check], 2116 [ if test "x$withval" = "xno" ; then 2117 openssl_check_nonfatal=1 2118 fi 2119 ] 2120) 2121 2122# Sanity check OpenSSL headers 2123AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 2124AC_RUN_IFELSE( 2125 [AC_LANG_SOURCE([[ 2126#include <string.h> 2127#include <openssl/opensslv.h> 2128int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } 2129 ]])], 2130 [ 2131 AC_MSG_RESULT(yes) 2132 ], 2133 [ 2134 AC_MSG_RESULT(no) 2135 if test "x$openssl_check_nonfatal" = "x"; then 2136 AC_MSG_ERROR([Your OpenSSL headers do not match your 2137library. Check config.log for details. 2138If you are sure your installation is consistent, you can disable the check 2139by running "./configure --without-openssl-header-check". 2140Also see contrib/findssl.sh for help identifying header/library mismatches. 2141]) 2142 else 2143 AC_MSG_WARN([Your OpenSSL headers do not match your 2144library. Check config.log for details. 2145Also see contrib/findssl.sh for help identifying header/library mismatches.]) 2146 fi 2147 ], 2148 [ 2149 AC_MSG_WARN([cross compiling: not checking]) 2150 ] 2151) 2152 2153AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 2154AC_LINK_IFELSE( 2155 [AC_LANG_SOURCE([[ 2156#include <openssl/evp.h> 2157int main(void) { SSLeay_add_all_algorithms(); } 2158 ]])], 2159 [ 2160 AC_MSG_RESULT(yes) 2161 ], 2162 [ 2163 AC_MSG_RESULT(no) 2164 saved_LIBS="$LIBS" 2165 LIBS="$LIBS -ldl" 2166 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 2167 AC_LINK_IFELSE( 2168 [AC_LANG_SOURCE([[ 2169#include <openssl/evp.h> 2170int main(void) { SSLeay_add_all_algorithms(); } 2171 ]])], 2172 [ 2173 AC_MSG_RESULT(yes) 2174 ], 2175 [ 2176 AC_MSG_RESULT(no) 2177 LIBS="$saved_LIBS" 2178 ] 2179 ) 2180 ] 2181) 2182 2183AC_CHECK_FUNCS(RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex RSA_get_default_method) 2184 2185AC_ARG_WITH(ssl-engine, 2186 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2187 [ if test "x$withval" != "xno" ; then 2188 AC_MSG_CHECKING(for OpenSSL ENGINE support) 2189 AC_TRY_COMPILE( 2190 [ #include <openssl/engine.h>], 2191 [ 2192ENGINE_load_builtin_engines();ENGINE_register_all_complete(); 2193 ], 2194 [ AC_MSG_RESULT(yes) 2195 AC_DEFINE(USE_OPENSSL_ENGINE, 1, 2196 [Enable OpenSSL engine support]) 2197 ], 2198 [ AC_MSG_ERROR(OpenSSL ENGINE support not found)] 2199 ) 2200 fi ] 2201) 2202 2203# Check for OpenSSL without EVP_aes_{192,256}_cbc 2204AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 2205AC_LINK_IFELSE( 2206 [AC_LANG_SOURCE([[ 2207#include <string.h> 2208#include <openssl/evp.h> 2209int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);} 2210 ]])], 2211 [ 2212 AC_MSG_RESULT(no) 2213 ], 2214 [ 2215 AC_MSG_RESULT(yes) 2216 AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1, 2217 [libcrypto is missing AES 192 and 256 bit functions]) 2218 ] 2219) 2220 2221AC_MSG_CHECKING([if EVP_DigestUpdate returns an int]) 2222AC_LINK_IFELSE( 2223 [AC_LANG_SOURCE([[ 2224#include <string.h> 2225#include <openssl/evp.h> 2226int main(void) { if(EVP_DigestUpdate(NULL, NULL,0)) exit(0); } 2227 ]])], 2228 [ 2229 AC_MSG_RESULT(yes) 2230 ], 2231 [ 2232 AC_MSG_RESULT(no) 2233 AC_DEFINE(OPENSSL_EVP_DIGESTUPDATE_VOID, 1, 2234 [Define if EVP_DigestUpdate returns void]) 2235 ] 2236) 2237 2238# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 2239# because the system crypt() is more featureful. 2240if test "x$check_for_libcrypt_before" = "x1"; then 2241 AC_CHECK_LIB(crypt, crypt) 2242fi 2243 2244# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 2245# version in OpenSSL. 2246if test "x$check_for_libcrypt_later" = "x1"; then 2247 AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") 2248fi 2249 2250# Search for SHA256 support in libc and/or OpenSSL 2251AC_CHECK_FUNCS(SHA256_Update EVP_sha256, [TEST_SSH_SHA256=yes], 2252 [TEST_SSH_SHA256=no]) 2253AC_SUBST(TEST_SSH_SHA256) 2254 2255# Check complete ECC support in OpenSSL 2256AC_MSG_CHECKING([whether OpenSSL has complete ECC support]) 2257AC_LINK_IFELSE( 2258 [AC_LANG_SOURCE([[ 2259#include <openssl/ec.h> 2260#include <openssl/ecdh.h> 2261#include <openssl/ecdsa.h> 2262#include <openssl/evp.h> 2263#include <openssl/objects.h> 2264#include <openssl/opensslv.h> 2265#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */ 2266# error "OpenSSL < 0.9.8g has unreliable ECC code" 2267#endif 2268int main(void) { 2269 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); 2270 const EVP_MD *m = EVP_sha512(); /* We need this too */ 2271} 2272 ]])], 2273 [ 2274 AC_MSG_RESULT(yes) 2275 AC_DEFINE(OPENSSL_HAS_ECC, 1, 2276 [libcrypto includes complete ECC support]) 2277 TEST_SSH_ECC=yes 2278 COMMENT_OUT_ECC="" 2279 ], 2280 [ 2281 AC_MSG_RESULT(no) 2282 TEST_SSH_ECC=no 2283 COMMENT_OUT_ECC="#no ecc#" 2284 ] 2285) 2286AC_SUBST(TEST_SSH_ECC) 2287AC_SUBST(COMMENT_OUT_ECC) 2288 2289saved_LIBS="$LIBS" 2290AC_CHECK_LIB(iaf, ia_openinfo, [ 2291 LIBS="$LIBS -liaf" 2292 AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf" 2293 AC_DEFINE(HAVE_LIBIAF, 1, 2294 [Define if system has libiaf that supports set_id]) 2295 ]) 2296]) 2297LIBS="$saved_LIBS" 2298 2299### Configure cryptographic random number support 2300 2301# Check wheter OpenSSL seeds itself 2302AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 2303AC_RUN_IFELSE( 2304 [AC_LANG_SOURCE([[ 2305#include <string.h> 2306#include <openssl/rand.h> 2307int main(void) { exit(RAND_status() == 1 ? 0 : 1); } 2308 ]])], 2309 [ 2310 OPENSSL_SEEDS_ITSELF=yes 2311 AC_MSG_RESULT(yes) 2312 ], 2313 [ 2314 AC_MSG_RESULT(no) 2315 # Default to use of the rand helper if OpenSSL doesn't 2316 # seed itself 2317 USE_RAND_HELPER=yes 2318 ], 2319 [ 2320 AC_MSG_WARN([cross compiling: assuming yes]) 2321 # This is safe, since all recent OpenSSL versions will 2322 # complain at runtime if not seeded correctly. 2323 OPENSSL_SEEDS_ITSELF=yes 2324 ] 2325) 2326 2327# Check for PAM libs 2328PAM_MSG="no" 2329AC_ARG_WITH(pam, 2330 [ --with-pam Enable PAM support ], 2331 [ 2332 if test "x$withval" != "xno" ; then 2333 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2334 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2335 AC_MSG_ERROR([PAM headers not found]) 2336 fi 2337 2338 saved_LIBS="$LIBS" 2339 AC_CHECK_LIB(dl, dlopen, , ) 2340 AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing])) 2341 AC_CHECK_FUNCS(pam_getenvlist) 2342 AC_CHECK_FUNCS(pam_putenv) 2343 LIBS="$saved_LIBS" 2344 2345 PAM_MSG="yes" 2346 2347 SSHDLIBS="$SSHDLIBS -lpam" 2348 AC_DEFINE(USE_PAM, 1, 2349 [Define if you want to enable PAM support]) 2350 2351 if test $ac_cv_lib_dl_dlopen = yes; then 2352 case "$LIBS" in 2353 *-ldl*) 2354 # libdl already in LIBS 2355 ;; 2356 *) 2357 SSHDLIBS="$SSHDLIBS -ldl" 2358 ;; 2359 esac 2360 fi 2361 fi 2362 ] 2363) 2364 2365# Check for older PAM 2366if test "x$PAM_MSG" = "xyes" ; then 2367 # Check PAM strerror arguments (old PAM) 2368 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2369 AC_TRY_COMPILE( 2370 [ 2371#include <stdlib.h> 2372#if defined(HAVE_SECURITY_PAM_APPL_H) 2373#include <security/pam_appl.h> 2374#elif defined (HAVE_PAM_PAM_APPL_H) 2375#include <pam/pam_appl.h> 2376#endif 2377 ], 2378 [(void)pam_strerror((pam_handle_t *)NULL, -1);], 2379 [AC_MSG_RESULT(no)], 2380 [ 2381 AC_DEFINE(HAVE_OLD_PAM, 1, 2382 [Define if you have an old version of PAM 2383 which takes only one argument to pam_strerror]) 2384 AC_MSG_RESULT(yes) 2385 PAM_MSG="yes (old library)" 2386 ] 2387 ) 2388fi 2389 2390# Do we want to force the use of the rand helper? 2391AC_ARG_WITH(rand-helper, 2392 [ --with-rand-helper Use subprocess to gather strong randomness ], 2393 [ 2394 if test "x$withval" = "xno" ; then 2395 # Force use of OpenSSL's internal RNG, even if 2396 # the previous test showed it to be unseeded. 2397 if test -z "$OPENSSL_SEEDS_ITSELF" ; then 2398 AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) 2399 OPENSSL_SEEDS_ITSELF=yes 2400 USE_RAND_HELPER="" 2401 fi 2402 else 2403 USE_RAND_HELPER=yes 2404 fi 2405 ], 2406) 2407 2408# Which randomness source do we use? 2409if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then 2410 # OpenSSL only 2411 AC_DEFINE(OPENSSL_PRNG_ONLY, 1, 2412 [Define if you want OpenSSL's internally seeded PRNG only]) 2413 RAND_MSG="OpenSSL internal ONLY" 2414 INSTALL_SSH_RAND_HELPER="" 2415elif test ! -z "$USE_RAND_HELPER" ; then 2416 # install rand helper 2417 RAND_MSG="ssh-rand-helper" 2418 INSTALL_SSH_RAND_HELPER="yes" 2419fi 2420AC_SUBST(INSTALL_SSH_RAND_HELPER) 2421 2422### Configuration of ssh-rand-helper 2423 2424# PRNGD TCP socket 2425AC_ARG_WITH(prngd-port, 2426 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2427 [ 2428 case "$withval" in 2429 no) 2430 withval="" 2431 ;; 2432 [[0-9]]*) 2433 ;; 2434 *) 2435 AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port) 2436 ;; 2437 esac 2438 if test ! -z "$withval" ; then 2439 PRNGD_PORT="$withval" 2440 AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT, 2441 [Port number of PRNGD/EGD random number socket]) 2442 fi 2443 ] 2444) 2445 2446# PRNGD Unix domain socket 2447AC_ARG_WITH(prngd-socket, 2448 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2449 [ 2450 case "$withval" in 2451 yes) 2452 withval="/var/run/egd-pool" 2453 ;; 2454 no) 2455 withval="" 2456 ;; 2457 /*) 2458 ;; 2459 *) 2460 AC_MSG_ERROR(You must specify an absolute path to the entropy socket) 2461 ;; 2462 esac 2463 2464 if test ! -z "$withval" ; then 2465 if test ! -z "$PRNGD_PORT" ; then 2466 AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) 2467 fi 2468 if test ! -r "$withval" ; then 2469 AC_MSG_WARN(Entropy socket is not readable) 2470 fi 2471 PRNGD_SOCKET="$withval" 2472 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET", 2473 [Location of PRNGD/EGD random number socket]) 2474 fi 2475 ], 2476 [ 2477 # Check for existing socket only if we don't have a random device already 2478 if test "$USE_RAND_HELPER" = yes ; then 2479 AC_MSG_CHECKING(for PRNGD/EGD socket) 2480 # Insert other locations here 2481 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2482 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2483 PRNGD_SOCKET="$sock" 2484 AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") 2485 break; 2486 fi 2487 done 2488 if test ! -z "$PRNGD_SOCKET" ; then 2489 AC_MSG_RESULT($PRNGD_SOCKET) 2490 else 2491 AC_MSG_RESULT(not found) 2492 fi 2493 fi 2494 ] 2495) 2496 2497# Change default command timeout for hashing entropy source 2498entropy_timeout=200 2499AC_ARG_WITH(entropy-timeout, 2500 [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], 2501 [ 2502 if test -n "$withval" && test "x$withval" != "xno" && \ 2503 test "x${withval}" != "xyes"; then 2504 entropy_timeout=$withval 2505 fi 2506 ] 2507) 2508AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout, 2509 [Builtin PRNG command timeout]) 2510 2511SSH_PRIVSEP_USER=sshd 2512AC_ARG_WITH(privsep-user, 2513 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2514 [ 2515 if test -n "$withval" && test "x$withval" != "xno" && \ 2516 test "x${withval}" != "xyes"; then 2517 SSH_PRIVSEP_USER=$withval 2518 fi 2519 ] 2520) 2521AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER", 2522 [non-privileged user for privilege separation]) 2523AC_SUBST(SSH_PRIVSEP_USER) 2524 2525# We do this little dance with the search path to insure 2526# that programs that we select for use by installed programs 2527# (which may be run by the super-user) come from trusted 2528# locations before they come from the user's private area. 2529# This should help avoid accidentally configuring some 2530# random version of a program in someone's personal bin. 2531 2532OPATH=$PATH 2533PATH=/bin:/usr/bin 2534test -h /bin 2> /dev/null && PATH=/usr/bin 2535test -d /sbin && PATH=$PATH:/sbin 2536test -d /usr/sbin && PATH=$PATH:/usr/sbin 2537PATH=$PATH:/etc:$OPATH 2538 2539# These programs are used by the command hashing source to gather entropy 2540OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) 2541OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) 2542OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) 2543OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) 2544OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) 2545OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) 2546OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) 2547OSSH_PATH_ENTROPY_PROG(PROG_W, w) 2548OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) 2549OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) 2550OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) 2551OSSH_PATH_ENTROPY_PROG(PROG_DF, df) 2552OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) 2553OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) 2554OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) 2555OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) 2556# restore PATH 2557PATH=$OPATH 2558 2559# Where does ssh-rand-helper get its randomness from? 2560INSTALL_SSH_PRNG_CMDS="" 2561if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then 2562 if test ! -z "$PRNGD_PORT" ; then 2563 RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" 2564 elif test ! -z "$PRNGD_SOCKET" ; then 2565 RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" 2566 else 2567 RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" 2568 RAND_HELPER_CMDHASH=yes 2569 INSTALL_SSH_PRNG_CMDS="yes" 2570 fi 2571fi 2572AC_SUBST(INSTALL_SSH_PRNG_CMDS) 2573 2574 2575# Cheap hack to ensure NEWS-OS libraries are arranged right. 2576if test ! -z "$SONY" ; then 2577 LIBS="$LIBS -liberty"; 2578fi 2579 2580# Check for long long datatypes 2581AC_CHECK_TYPES([long long, unsigned long long, long double]) 2582 2583# Check datatype sizes 2584AC_CHECK_SIZEOF(char, 1) 2585AC_CHECK_SIZEOF(short int, 2) 2586AC_CHECK_SIZEOF(int, 4) 2587AC_CHECK_SIZEOF(long int, 4) 2588AC_CHECK_SIZEOF(long long int, 8) 2589 2590# Sanity check long long for some platforms (AIX) 2591if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2592 ac_cv_sizeof_long_long_int=0 2593fi 2594 2595# compute LLONG_MIN and LLONG_MAX if we don't know them. 2596if test -z "$have_llong_max"; then 2597 AC_MSG_CHECKING([for max value of long long]) 2598 AC_RUN_IFELSE( 2599 [AC_LANG_SOURCE([[ 2600#include <stdio.h> 2601/* Why is this so damn hard? */ 2602#ifdef __GNUC__ 2603# undef __GNUC__ 2604#endif 2605#define __USE_ISOC99 2606#include <limits.h> 2607#define DATA "conftest.llminmax" 2608#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) 2609 2610/* 2611 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2612 * we do this the hard way. 2613 */ 2614static int 2615fprint_ll(FILE *f, long long n) 2616{ 2617 unsigned int i; 2618 int l[sizeof(long long) * 8]; 2619 2620 if (n < 0) 2621 if (fprintf(f, "-") < 0) 2622 return -1; 2623 for (i = 0; n != 0; i++) { 2624 l[i] = my_abs(n % 10); 2625 n /= 10; 2626 } 2627 do { 2628 if (fprintf(f, "%d", l[--i]) < 0) 2629 return -1; 2630 } while (i != 0); 2631 if (fprintf(f, " ") < 0) 2632 return -1; 2633 return 0; 2634} 2635 2636int main(void) { 2637 FILE *f; 2638 long long i, llmin, llmax = 0; 2639 2640 if((f = fopen(DATA,"w")) == NULL) 2641 exit(1); 2642 2643#if defined(LLONG_MIN) && defined(LLONG_MAX) 2644 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2645 llmin = LLONG_MIN; 2646 llmax = LLONG_MAX; 2647#else 2648 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2649 /* This will work on one's complement and two's complement */ 2650 for (i = 1; i > llmax; i <<= 1, i++) 2651 llmax = i; 2652 llmin = llmax + 1LL; /* wrap */ 2653#endif 2654 2655 /* Sanity check */ 2656 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2657 || llmax - 1 > llmax || llmin == llmax || llmin == 0 2658 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { 2659 fprintf(f, "unknown unknown\n"); 2660 exit(2); 2661 } 2662 2663 if (fprint_ll(f, llmin) < 0) 2664 exit(3); 2665 if (fprint_ll(f, llmax) < 0) 2666 exit(4); 2667 if (fclose(f) < 0) 2668 exit(5); 2669 exit(0); 2670} 2671 ]])], 2672 [ 2673 llong_min=`$AWK '{print $1}' conftest.llminmax` 2674 llong_max=`$AWK '{print $2}' conftest.llminmax` 2675 2676 AC_MSG_RESULT($llong_max) 2677 AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL], 2678 [max value of long long calculated by configure]) 2679 AC_MSG_CHECKING([for min value of long long]) 2680 AC_MSG_RESULT($llong_min) 2681 AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL], 2682 [min value of long long calculated by configure]) 2683 ], 2684 [ 2685 AC_MSG_RESULT(not found) 2686 ], 2687 [ 2688 AC_MSG_WARN([cross compiling: not checking]) 2689 ] 2690 ) 2691fi 2692 2693 2694# More checks for data types 2695AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2696 AC_TRY_COMPILE( 2697 [ #include <sys/types.h> ], 2698 [ u_int a; a = 1;], 2699 [ ac_cv_have_u_int="yes" ], 2700 [ ac_cv_have_u_int="no" ] 2701 ) 2702]) 2703if test "x$ac_cv_have_u_int" = "xyes" ; then 2704 AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type]) 2705 have_u_int=1 2706fi 2707 2708AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2709 AC_TRY_COMPILE( 2710 [ #include <sys/types.h> ], 2711 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2712 [ ac_cv_have_intxx_t="yes" ], 2713 [ ac_cv_have_intxx_t="no" ] 2714 ) 2715]) 2716if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2717 AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type]) 2718 have_intxx_t=1 2719fi 2720 2721if (test -z "$have_intxx_t" && \ 2722 test "x$ac_cv_header_stdint_h" = "xyes") 2723then 2724 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2725 AC_TRY_COMPILE( 2726 [ #include <stdint.h> ], 2727 [ int8_t a; int16_t b; int32_t c; a = b = c = 1;], 2728 [ 2729 AC_DEFINE(HAVE_INTXX_T) 2730 AC_MSG_RESULT(yes) 2731 ], 2732 [ AC_MSG_RESULT(no) ] 2733 ) 2734fi 2735 2736AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2737 AC_TRY_COMPILE( 2738 [ 2739#include <sys/types.h> 2740#ifdef HAVE_STDINT_H 2741# include <stdint.h> 2742#endif 2743#include <sys/socket.h> 2744#ifdef HAVE_SYS_BITYPES_H 2745# include <sys/bitypes.h> 2746#endif 2747 ], 2748 [ int64_t a; a = 1;], 2749 [ ac_cv_have_int64_t="yes" ], 2750 [ ac_cv_have_int64_t="no" ] 2751 ) 2752]) 2753if test "x$ac_cv_have_int64_t" = "xyes" ; then 2754 AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type]) 2755fi 2756 2757AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2758 AC_TRY_COMPILE( 2759 [ #include <sys/types.h> ], 2760 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2761 [ ac_cv_have_u_intxx_t="yes" ], 2762 [ ac_cv_have_u_intxx_t="no" ] 2763 ) 2764]) 2765if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2766 AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type]) 2767 have_u_intxx_t=1 2768fi 2769 2770if test -z "$have_u_intxx_t" ; then 2771 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2772 AC_TRY_COMPILE( 2773 [ #include <sys/socket.h> ], 2774 [ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;], 2775 [ 2776 AC_DEFINE(HAVE_U_INTXX_T) 2777 AC_MSG_RESULT(yes) 2778 ], 2779 [ AC_MSG_RESULT(no) ] 2780 ) 2781fi 2782 2783AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2784 AC_TRY_COMPILE( 2785 [ #include <sys/types.h> ], 2786 [ u_int64_t a; a = 1;], 2787 [ ac_cv_have_u_int64_t="yes" ], 2788 [ ac_cv_have_u_int64_t="no" ] 2789 ) 2790]) 2791if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2792 AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type]) 2793 have_u_int64_t=1 2794fi 2795 2796if test -z "$have_u_int64_t" ; then 2797 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2798 AC_TRY_COMPILE( 2799 [ #include <sys/bitypes.h> ], 2800 [ u_int64_t a; a = 1], 2801 [ 2802 AC_DEFINE(HAVE_U_INT64_T) 2803 AC_MSG_RESULT(yes) 2804 ], 2805 [ AC_MSG_RESULT(no) ] 2806 ) 2807fi 2808 2809if test -z "$have_u_intxx_t" ; then 2810 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2811 AC_TRY_COMPILE( 2812 [ 2813#include <sys/types.h> 2814 ], 2815 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ], 2816 [ ac_cv_have_uintxx_t="yes" ], 2817 [ ac_cv_have_uintxx_t="no" ] 2818 ) 2819 ]) 2820 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2821 AC_DEFINE(HAVE_UINTXX_T, 1, 2822 [define if you have uintxx_t data type]) 2823 fi 2824fi 2825 2826if test -z "$have_uintxx_t" ; then 2827 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2828 AC_TRY_COMPILE( 2829 [ #include <stdint.h> ], 2830 [ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;], 2831 [ 2832 AC_DEFINE(HAVE_UINTXX_T) 2833 AC_MSG_RESULT(yes) 2834 ], 2835 [ AC_MSG_RESULT(no) ] 2836 ) 2837fi 2838 2839if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2840 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2841then 2842 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2843 AC_TRY_COMPILE( 2844 [ 2845#include <sys/bitypes.h> 2846 ], 2847 [ 2848 int8_t a; int16_t b; int32_t c; 2849 u_int8_t e; u_int16_t f; u_int32_t g; 2850 a = b = c = e = f = g = 1; 2851 ], 2852 [ 2853 AC_DEFINE(HAVE_U_INTXX_T) 2854 AC_DEFINE(HAVE_INTXX_T) 2855 AC_MSG_RESULT(yes) 2856 ], 2857 [AC_MSG_RESULT(no)] 2858 ) 2859fi 2860 2861 2862AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2863 AC_TRY_COMPILE( 2864 [ 2865#include <sys/types.h> 2866 ], 2867 [ u_char foo; foo = 125; ], 2868 [ ac_cv_have_u_char="yes" ], 2869 [ ac_cv_have_u_char="no" ] 2870 ) 2871]) 2872if test "x$ac_cv_have_u_char" = "xyes" ; then 2873 AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type]) 2874fi 2875 2876TYPE_SOCKLEN_T 2877 2878AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>]) 2879AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t],,,[ 2880#include <sys/types.h> 2881#ifdef HAVE_SYS_BITYPES_H 2882#include <sys/bitypes.h> 2883#endif 2884#ifdef HAVE_SYS_STATFS_H 2885#include <sys/statfs.h> 2886#endif 2887#ifdef HAVE_SYS_STATVFS_H 2888#include <sys/statvfs.h> 2889#endif 2890]) 2891 2892AC_CHECK_TYPES([in_addr_t, in_port_t],,, 2893[#include <sys/types.h> 2894#include <netinet/in.h>]) 2895 2896AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2897 AC_TRY_COMPILE( 2898 [ 2899#include <sys/types.h> 2900 ], 2901 [ size_t foo; foo = 1235; ], 2902 [ ac_cv_have_size_t="yes" ], 2903 [ ac_cv_have_size_t="no" ] 2904 ) 2905]) 2906if test "x$ac_cv_have_size_t" = "xyes" ; then 2907 AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type]) 2908fi 2909 2910AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2911 AC_TRY_COMPILE( 2912 [ 2913#include <sys/types.h> 2914 ], 2915 [ ssize_t foo; foo = 1235; ], 2916 [ ac_cv_have_ssize_t="yes" ], 2917 [ ac_cv_have_ssize_t="no" ] 2918 ) 2919]) 2920if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2921 AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type]) 2922fi 2923 2924AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2925 AC_TRY_COMPILE( 2926 [ 2927#include <time.h> 2928 ], 2929 [ clock_t foo; foo = 1235; ], 2930 [ ac_cv_have_clock_t="yes" ], 2931 [ ac_cv_have_clock_t="no" ] 2932 ) 2933]) 2934if test "x$ac_cv_have_clock_t" = "xyes" ; then 2935 AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type]) 2936fi 2937 2938AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2939 AC_TRY_COMPILE( 2940 [ 2941#include <sys/types.h> 2942#include <sys/socket.h> 2943 ], 2944 [ sa_family_t foo; foo = 1235; ], 2945 [ ac_cv_have_sa_family_t="yes" ], 2946 [ AC_TRY_COMPILE( 2947 [ 2948#include <sys/types.h> 2949#include <sys/socket.h> 2950#include <netinet/in.h> 2951 ], 2952 [ sa_family_t foo; foo = 1235; ], 2953 [ ac_cv_have_sa_family_t="yes" ], 2954 2955 [ ac_cv_have_sa_family_t="no" ] 2956 )] 2957 ) 2958]) 2959if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2960 AC_DEFINE(HAVE_SA_FAMILY_T, 1, 2961 [define if you have sa_family_t data type]) 2962fi 2963 2964AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2965 AC_TRY_COMPILE( 2966 [ 2967#include <sys/types.h> 2968 ], 2969 [ pid_t foo; foo = 1235; ], 2970 [ ac_cv_have_pid_t="yes" ], 2971 [ ac_cv_have_pid_t="no" ] 2972 ) 2973]) 2974if test "x$ac_cv_have_pid_t" = "xyes" ; then 2975 AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type]) 2976fi 2977 2978AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2979 AC_TRY_COMPILE( 2980 [ 2981#include <sys/types.h> 2982 ], 2983 [ mode_t foo; foo = 1235; ], 2984 [ ac_cv_have_mode_t="yes" ], 2985 [ ac_cv_have_mode_t="no" ] 2986 ) 2987]) 2988if test "x$ac_cv_have_mode_t" = "xyes" ; then 2989 AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type]) 2990fi 2991 2992 2993AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2994 AC_TRY_COMPILE( 2995 [ 2996#include <sys/types.h> 2997#include <sys/socket.h> 2998 ], 2999 [ struct sockaddr_storage s; ], 3000 [ ac_cv_have_struct_sockaddr_storage="yes" ], 3001 [ ac_cv_have_struct_sockaddr_storage="no" ] 3002 ) 3003]) 3004if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 3005 AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1, 3006 [define if you have struct sockaddr_storage data type]) 3007fi 3008 3009AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 3010 AC_TRY_COMPILE( 3011 [ 3012#include <sys/types.h> 3013#include <netinet/in.h> 3014 ], 3015 [ struct sockaddr_in6 s; s.sin6_family = 0; ], 3016 [ ac_cv_have_struct_sockaddr_in6="yes" ], 3017 [ ac_cv_have_struct_sockaddr_in6="no" ] 3018 ) 3019]) 3020if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 3021 AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1, 3022 [define if you have struct sockaddr_in6 data type]) 3023fi 3024 3025AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 3026 AC_TRY_COMPILE( 3027 [ 3028#include <sys/types.h> 3029#include <netinet/in.h> 3030 ], 3031 [ struct in6_addr s; s.s6_addr[0] = 0; ], 3032 [ ac_cv_have_struct_in6_addr="yes" ], 3033 [ ac_cv_have_struct_in6_addr="no" ] 3034 ) 3035]) 3036if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 3037 AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1, 3038 [define if you have struct in6_addr data type]) 3039 3040dnl Now check for sin6_scope_id 3041 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id],,, 3042 [ 3043#ifdef HAVE_SYS_TYPES_H 3044#include <sys/types.h> 3045#endif 3046#include <netinet/in.h> 3047 ]) 3048fi 3049 3050AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 3051 AC_TRY_COMPILE( 3052 [ 3053#include <sys/types.h> 3054#include <sys/socket.h> 3055#include <netdb.h> 3056 ], 3057 [ struct addrinfo s; s.ai_flags = AI_PASSIVE; ], 3058 [ ac_cv_have_struct_addrinfo="yes" ], 3059 [ ac_cv_have_struct_addrinfo="no" ] 3060 ) 3061]) 3062if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 3063 AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1, 3064 [define if you have struct addrinfo data type]) 3065fi 3066 3067AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 3068 AC_TRY_COMPILE( 3069 [ #include <sys/time.h> ], 3070 [ struct timeval tv; tv.tv_sec = 1;], 3071 [ ac_cv_have_struct_timeval="yes" ], 3072 [ ac_cv_have_struct_timeval="no" ] 3073 ) 3074]) 3075if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 3076 AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval]) 3077 have_struct_timeval=1 3078fi 3079 3080AC_CHECK_TYPES(struct timespec) 3081 3082# We need int64_t or else certian parts of the compile will fail. 3083if test "x$ac_cv_have_int64_t" = "xno" && \ 3084 test "x$ac_cv_sizeof_long_int" != "x8" && \ 3085 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 3086 echo "OpenSSH requires int64_t support. Contact your vendor or install" 3087 echo "an alternative compiler (I.E., GCC) before continuing." 3088 echo "" 3089 exit 1; 3090else 3091dnl test snprintf (broken on SCO w/gcc) 3092 AC_RUN_IFELSE( 3093 [AC_LANG_SOURCE([[ 3094#include <stdio.h> 3095#include <string.h> 3096#ifdef HAVE_SNPRINTF 3097main() 3098{ 3099 char buf[50]; 3100 char expected_out[50]; 3101 int mazsize = 50 ; 3102#if (SIZEOF_LONG_INT == 8) 3103 long int num = 0x7fffffffffffffff; 3104#else 3105 long long num = 0x7fffffffffffffffll; 3106#endif 3107 strcpy(expected_out, "9223372036854775807"); 3108 snprintf(buf, mazsize, "%lld", num); 3109 if(strcmp(buf, expected_out) != 0) 3110 exit(1); 3111 exit(0); 3112} 3113#else 3114main() { exit(0); } 3115#endif 3116 ]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], 3117 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 3118 ) 3119fi 3120 3121dnl Checks for structure members 3122OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP) 3123OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX) 3124OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX) 3125OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP) 3126OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP) 3127OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX) 3128OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP) 3129OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP) 3130OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX) 3131OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP) 3132OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX) 3133OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP) 3134OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX) 3135OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP) 3136OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP) 3137OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX) 3138OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX) 3139 3140AC_CHECK_MEMBERS([struct stat.st_blksize]) 3141AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state, 3142 [Define if we don't have struct __res_state in resolv.h])], 3143[ 3144#include <stdio.h> 3145#if HAVE_SYS_TYPES_H 3146# include <sys/types.h> 3147#endif 3148#include <netinet/in.h> 3149#include <arpa/nameser.h> 3150#include <resolv.h> 3151]) 3152 3153AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 3154 ac_cv_have_ss_family_in_struct_ss, [ 3155 AC_TRY_COMPILE( 3156 [ 3157#include <sys/types.h> 3158#include <sys/socket.h> 3159 ], 3160 [ struct sockaddr_storage s; s.ss_family = 1; ], 3161 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 3162 [ ac_cv_have_ss_family_in_struct_ss="no" ], 3163 ) 3164]) 3165if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 3166 AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage]) 3167fi 3168 3169AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 3170 ac_cv_have___ss_family_in_struct_ss, [ 3171 AC_TRY_COMPILE( 3172 [ 3173#include <sys/types.h> 3174#include <sys/socket.h> 3175 ], 3176 [ struct sockaddr_storage s; s.__ss_family = 1; ], 3177 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 3178 [ ac_cv_have___ss_family_in_struct_ss="no" ] 3179 ) 3180]) 3181if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 3182 AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1, 3183 [Fields in struct sockaddr_storage]) 3184fi 3185 3186AC_CACHE_CHECK([for pw_class field in struct passwd], 3187 ac_cv_have_pw_class_in_struct_passwd, [ 3188 AC_TRY_COMPILE( 3189 [ 3190#include <pwd.h> 3191 ], 3192 [ struct passwd p; p.pw_class = 0; ], 3193 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 3194 [ ac_cv_have_pw_class_in_struct_passwd="no" ] 3195 ) 3196]) 3197if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 3198 AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1, 3199 [Define if your password has a pw_class field]) 3200fi 3201 3202AC_CACHE_CHECK([for pw_expire field in struct passwd], 3203 ac_cv_have_pw_expire_in_struct_passwd, [ 3204 AC_TRY_COMPILE( 3205 [ 3206#include <pwd.h> 3207 ], 3208 [ struct passwd p; p.pw_expire = 0; ], 3209 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 3210 [ ac_cv_have_pw_expire_in_struct_passwd="no" ] 3211 ) 3212]) 3213if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 3214 AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1, 3215 [Define if your password has a pw_expire field]) 3216fi 3217 3218AC_CACHE_CHECK([for pw_change field in struct passwd], 3219 ac_cv_have_pw_change_in_struct_passwd, [ 3220 AC_TRY_COMPILE( 3221 [ 3222#include <pwd.h> 3223 ], 3224 [ struct passwd p; p.pw_change = 0; ], 3225 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 3226 [ ac_cv_have_pw_change_in_struct_passwd="no" ] 3227 ) 3228]) 3229if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 3230 AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1, 3231 [Define if your password has a pw_change field]) 3232fi 3233 3234dnl make sure we're using the real structure members and not defines 3235AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 3236 ac_cv_have_accrights_in_msghdr, [ 3237 AC_COMPILE_IFELSE( 3238 [ 3239#include <sys/types.h> 3240#include <sys/socket.h> 3241#include <sys/uio.h> 3242int main() { 3243#ifdef msg_accrights 3244#error "msg_accrights is a macro" 3245exit(1); 3246#endif 3247struct msghdr m; 3248m.msg_accrights = 0; 3249exit(0); 3250} 3251 ], 3252 [ ac_cv_have_accrights_in_msghdr="yes" ], 3253 [ ac_cv_have_accrights_in_msghdr="no" ] 3254 ) 3255]) 3256if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 3257 AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1, 3258 [Define if your system uses access rights style 3259 file descriptor passing]) 3260fi 3261 3262AC_MSG_CHECKING(if struct statvfs.f_fsid is integral type) 3263AC_TRY_COMPILE([ 3264#include <sys/types.h> 3265#include <sys/stat.h> 3266#ifdef HAVE_SYS_TIME_H 3267# include <sys/time.h> 3268#endif 3269#ifdef HAVE_SYS_MOUNT_H 3270#include <sys/mount.h> 3271#endif 3272#ifdef HAVE_SYS_STATVFS_H 3273#include <sys/statvfs.h> 3274#endif 3275], [struct statvfs s; s.f_fsid = 0;], 3276[ AC_MSG_RESULT(yes) ], 3277[ AC_MSG_RESULT(no) 3278 3279 AC_MSG_CHECKING(if fsid_t has member val) 3280 AC_TRY_COMPILE([ 3281#include <sys/types.h> 3282#include <sys/statvfs.h>], 3283 [fsid_t t; t.val[0] = 0;], 3284 [ AC_MSG_RESULT(yes) 3285 AC_DEFINE(FSID_HAS_VAL, 1, fsid_t has member val) ], 3286 [ AC_MSG_RESULT(no) ]) 3287 3288 AC_MSG_CHECKING(if f_fsid has member __val) 3289 AC_TRY_COMPILE([ 3290#include <sys/types.h> 3291#include <sys/statvfs.h>], 3292 [fsid_t t; t.__val[0] = 0;], 3293 [ AC_MSG_RESULT(yes) 3294 AC_DEFINE(FSID_HAS___VAL, 1, fsid_t has member __val) ], 3295 [ AC_MSG_RESULT(no) ]) 3296]) 3297 3298AC_CACHE_CHECK([for msg_control field in struct msghdr], 3299 ac_cv_have_control_in_msghdr, [ 3300 AC_COMPILE_IFELSE( 3301 [ 3302#include <sys/types.h> 3303#include <sys/socket.h> 3304#include <sys/uio.h> 3305int main() { 3306#ifdef msg_control 3307#error "msg_control is a macro" 3308exit(1); 3309#endif 3310struct msghdr m; 3311m.msg_control = 0; 3312exit(0); 3313} 3314 ], 3315 [ ac_cv_have_control_in_msghdr="yes" ], 3316 [ ac_cv_have_control_in_msghdr="no" ] 3317 ) 3318]) 3319if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 3320 AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1, 3321 [Define if your system uses ancillary data style 3322 file descriptor passing]) 3323fi 3324 3325AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 3326 AC_TRY_LINK([], 3327 [ extern char *__progname; printf("%s", __progname); ], 3328 [ ac_cv_libc_defines___progname="yes" ], 3329 [ ac_cv_libc_defines___progname="no" ] 3330 ) 3331]) 3332if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 3333 AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname]) 3334fi 3335 3336AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 3337 AC_TRY_LINK([ 3338#include <stdio.h> 3339], 3340 [ printf("%s", __FUNCTION__); ], 3341 [ ac_cv_cc_implements___FUNCTION__="yes" ], 3342 [ ac_cv_cc_implements___FUNCTION__="no" ] 3343 ) 3344]) 3345if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 3346 AC_DEFINE(HAVE___FUNCTION__, 1, 3347 [Define if compiler implements __FUNCTION__]) 3348fi 3349 3350AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 3351 AC_TRY_LINK([ 3352#include <stdio.h> 3353], 3354 [ printf("%s", __func__); ], 3355 [ ac_cv_cc_implements___func__="yes" ], 3356 [ ac_cv_cc_implements___func__="no" ] 3357 ) 3358]) 3359if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 3360 AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__]) 3361fi 3362 3363AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 3364 AC_TRY_LINK( 3365 [#include <stdarg.h> 3366 va_list x,y;], 3367 [va_copy(x,y);], 3368 [ ac_cv_have_va_copy="yes" ], 3369 [ ac_cv_have_va_copy="no" ] 3370 ) 3371]) 3372if test "x$ac_cv_have_va_copy" = "xyes" ; then 3373 AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists]) 3374fi 3375 3376AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3377 AC_TRY_LINK( 3378 [#include <stdarg.h> 3379 va_list x,y;], 3380 [__va_copy(x,y);], 3381 [ ac_cv_have___va_copy="yes" ], 3382 [ ac_cv_have___va_copy="no" ] 3383 ) 3384]) 3385if test "x$ac_cv_have___va_copy" = "xyes" ; then 3386 AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists]) 3387fi 3388 3389AC_CACHE_CHECK([whether getopt has optreset support], 3390 ac_cv_have_getopt_optreset, [ 3391 AC_TRY_LINK( 3392 [ 3393#include <getopt.h> 3394 ], 3395 [ extern int optreset; optreset = 0; ], 3396 [ ac_cv_have_getopt_optreset="yes" ], 3397 [ ac_cv_have_getopt_optreset="no" ] 3398 ) 3399]) 3400if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3401 AC_DEFINE(HAVE_GETOPT_OPTRESET, 1, 3402 [Define if your getopt(3) defines and uses optreset]) 3403fi 3404 3405AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3406 AC_TRY_LINK([], 3407 [ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);], 3408 [ ac_cv_libc_defines_sys_errlist="yes" ], 3409 [ ac_cv_libc_defines_sys_errlist="no" ] 3410 ) 3411]) 3412if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3413 AC_DEFINE(HAVE_SYS_ERRLIST, 1, 3414 [Define if your system defines sys_errlist[]]) 3415fi 3416 3417 3418AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3419 AC_TRY_LINK([], 3420 [ extern int sys_nerr; printf("%i", sys_nerr);], 3421 [ ac_cv_libc_defines_sys_nerr="yes" ], 3422 [ ac_cv_libc_defines_sys_nerr="no" ] 3423 ) 3424]) 3425if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3426 AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr]) 3427fi 3428 3429# Check libraries needed by DNS fingerprint support 3430AC_SEARCH_LIBS(getrrsetbyname, resolv, 3431 [AC_DEFINE(HAVE_GETRRSETBYNAME, 1, 3432 [Define if getrrsetbyname() exists])], 3433 [ 3434 # Needed by our getrrsetbyname() 3435 AC_SEARCH_LIBS(res_query, resolv) 3436 AC_SEARCH_LIBS(dn_expand, resolv) 3437 AC_MSG_CHECKING(if res_query will link) 3438 AC_LINK_IFELSE([ 3439#include "confdefs.h" 3440#include <sys/types.h> 3441#include <netinet/in.h> 3442#include <arpa/nameser.h> 3443#include <netdb.h> 3444#include <resolv.h> 3445int main() 3446{ 3447 res_query (0, 0, 0, 0, 0); 3448 return 0; 3449} 3450 ], 3451 AC_MSG_RESULT(yes), 3452 [AC_MSG_RESULT(no) 3453 saved_LIBS="$LIBS" 3454 LIBS="$LIBS -lresolv" 3455 AC_MSG_CHECKING(for res_query in -lresolv) 3456 AC_LINK_IFELSE([ 3457#include "confdefs.h" 3458#include <sys/types.h> 3459#include <netinet/in.h> 3460#include <arpa/nameser.h> 3461#include <netdb.h> 3462#include <resolv.h> 3463int main() 3464{ 3465 res_query (0, 0, 0, 0, 0); 3466 return 0; 3467} 3468 ], 3469 [AC_MSG_RESULT(yes)], 3470 [LIBS="$saved_LIBS" 3471 AC_MSG_RESULT(no)]) 3472 ]) 3473 AC_CHECK_FUNCS(_getshort _getlong) 3474 AC_CHECK_DECLS([_getshort, _getlong], , , 3475 [#include <sys/types.h> 3476 #include <arpa/nameser.h>]) 3477 AC_CHECK_MEMBER(HEADER.ad, 3478 [AC_DEFINE(HAVE_HEADER_AD, 1, 3479 [Define if HEADER.ad exists in arpa/nameser.h])],, 3480 [#include <arpa/nameser.h>]) 3481 ]) 3482 3483AC_MSG_CHECKING(if struct __res_state _res is an extern) 3484AC_LINK_IFELSE([ 3485#include <stdio.h> 3486#if HAVE_SYS_TYPES_H 3487# include <sys/types.h> 3488#endif 3489#include <netinet/in.h> 3490#include <arpa/nameser.h> 3491#include <resolv.h> 3492extern struct __res_state _res; 3493int main() { return 0; } 3494 ], 3495 [AC_MSG_RESULT(yes) 3496 AC_DEFINE(HAVE__RES_EXTERN, 1, 3497 [Define if you have struct __res_state _res as an extern]) 3498 ], 3499 [ AC_MSG_RESULT(no) ] 3500) 3501 3502# Check whether user wants SELinux support 3503SELINUX_MSG="no" 3504LIBSELINUX="" 3505AC_ARG_WITH(selinux, 3506 [ --with-selinux Enable SELinux support], 3507 [ if test "x$withval" != "xno" ; then 3508 save_LIBS="$LIBS" 3509 AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) 3510 SELINUX_MSG="yes" 3511 AC_CHECK_HEADER([selinux/selinux.h], , 3512 AC_MSG_ERROR(SELinux support requires selinux.h header)) 3513 AC_CHECK_LIB(selinux, setexeccon, 3514 [ LIBSELINUX="-lselinux" 3515 LIBS="$LIBS -lselinux" 3516 ], 3517 AC_MSG_ERROR(SELinux support requires libselinux library)) 3518 SSHDLIBS="$SSHDLIBS $LIBSELINUX" 3519 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) 3520 LIBS="$save_LIBS" 3521 fi ] 3522) 3523 3524# Check whether user wants Kerberos 5 support 3525KRB5_MSG="no" 3526AC_ARG_WITH(kerberos5, 3527 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3528 [ if test "x$withval" != "xno" ; then 3529 if test "x$withval" = "xyes" ; then 3530 KRB5ROOT="/usr/local" 3531 else 3532 KRB5ROOT=${withval} 3533 fi 3534 3535 AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support]) 3536 KRB5_MSG="yes" 3537 3538 AC_PATH_PROG([KRB5CONF],[krb5-config], 3539 [$KRB5ROOT/bin/krb5-config], 3540 [$KRB5ROOT/bin:$PATH]) 3541 if test -x $KRB5CONF ; then 3542 3543 AC_MSG_CHECKING(for gssapi support) 3544 if $KRB5CONF | grep gssapi >/dev/null ; then 3545 AC_MSG_RESULT(yes) 3546 AC_DEFINE(GSSAPI, 1, 3547 [Define this if you want GSSAPI 3548 support in the version 2 protocol]) 3549 k5confopts=gssapi 3550 else 3551 AC_MSG_RESULT(no) 3552 k5confopts="" 3553 fi 3554 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3555 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3556 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3557 AC_MSG_CHECKING(whether we are using Heimdal) 3558 AC_TRY_COMPILE([ #include <krb5.h> ], 3559 [ char *tmp = heimdal_version; ], 3560 [ AC_MSG_RESULT(yes) 3561 AC_DEFINE(HEIMDAL, 1, 3562 [Define this if you are using the 3563 Heimdal version of Kerberos V5]) ], 3564 AC_MSG_RESULT(no) 3565 ) 3566 else 3567 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3568 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3569 AC_MSG_CHECKING(whether we are using Heimdal) 3570 AC_TRY_COMPILE([ #include <krb5.h> ], 3571 [ char *tmp = heimdal_version; ], 3572 [ AC_MSG_RESULT(yes) 3573 AC_DEFINE(HEIMDAL) 3574 K5LIBS="-lkrb5" 3575 K5LIBS="$K5LIBS -lcom_err -lasn1" 3576 AC_CHECK_LIB(roken, net_write, 3577 [K5LIBS="$K5LIBS -lroken"]) 3578 AC_CHECK_LIB(des, des_cbc_encrypt, 3579 [K5LIBS="$K5LIBS -ldes"]) 3580 ], 3581 [ AC_MSG_RESULT(no) 3582 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3583 ] 3584 ) 3585 AC_SEARCH_LIBS(dn_expand, resolv) 3586 3587 AC_CHECK_LIB(gssapi_krb5, gss_init_sec_context, 3588 [ AC_DEFINE(GSSAPI) 3589 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3590 [ AC_CHECK_LIB(gssapi, gss_init_sec_context, 3591 [ AC_DEFINE(GSSAPI) 3592 K5LIBS="-lgssapi $K5LIBS" ], 3593 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3594 $K5LIBS) 3595 ], 3596 $K5LIBS) 3597 3598 AC_CHECK_HEADER(gssapi.h, , 3599 [ unset ac_cv_header_gssapi_h 3600 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3601 AC_CHECK_HEADERS(gssapi.h, , 3602 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3603 ) 3604 ] 3605 ) 3606 3607 oldCPP="$CPPFLAGS" 3608 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3609 AC_CHECK_HEADER(gssapi_krb5.h, , 3610 [ CPPFLAGS="$oldCPP" ]) 3611 3612 fi 3613 if test ! -z "$need_dash_r" ; then 3614 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3615 fi 3616 if test ! -z "$blibpath" ; then 3617 blibpath="$blibpath:${KRB5ROOT}/lib" 3618 fi 3619 3620 AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h) 3621 AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h) 3622 AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h) 3623 3624 LIBS="$LIBS $K5LIBS" 3625 AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1, 3626 [Define this if you want to use libkafs' AFS support])) 3627 fi 3628 ] 3629) 3630 3631# Looking for programs, paths and files 3632 3633PRIVSEP_PATH=/var/empty 3634AC_ARG_WITH(privsep-path, 3635 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3636 [ 3637 if test -n "$withval" && test "x$withval" != "xno" && \ 3638 test "x${withval}" != "xyes"; then 3639 PRIVSEP_PATH=$withval 3640 fi 3641 ] 3642) 3643AC_SUBST(PRIVSEP_PATH) 3644 3645AC_ARG_WITH(xauth, 3646 [ --with-xauth=PATH Specify path to xauth program ], 3647 [ 3648 if test -n "$withval" && test "x$withval" != "xno" && \ 3649 test "x${withval}" != "xyes"; then 3650 xauth_path=$withval 3651 fi 3652 ], 3653 [ 3654 TestPath="$PATH" 3655 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3656 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3657 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3658 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3659 AC_PATH_PROG(xauth_path, xauth, , $TestPath) 3660 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3661 xauth_path="/usr/openwin/bin/xauth" 3662 fi 3663 ] 3664) 3665 3666STRIP_OPT=-s 3667AC_ARG_ENABLE(strip, 3668 [ --disable-strip Disable calling strip(1) on install], 3669 [ 3670 if test "x$enableval" = "xno" ; then 3671 STRIP_OPT= 3672 fi 3673 ] 3674) 3675AC_SUBST(STRIP_OPT) 3676 3677if test -z "$xauth_path" ; then 3678 XAUTH_PATH="undefined" 3679 AC_SUBST(XAUTH_PATH) 3680else 3681 AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path", 3682 [Define if xauth is found in your path]) 3683 XAUTH_PATH=$xauth_path 3684 AC_SUBST(XAUTH_PATH) 3685fi 3686 3687# Check for mail directory (last resort if we cannot get it from headers) 3688if test ! -z "$MAIL" ; then 3689 maildir=`dirname $MAIL` 3690 AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir", 3691 [Set this to your mail directory if you don't have maillock.h]) 3692fi 3693 3694if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3695 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3696 disable_ptmx_check=yes 3697fi 3698if test -z "$no_dev_ptmx" ; then 3699 if test "x$disable_ptmx_check" != "xyes" ; then 3700 AC_CHECK_FILE("/dev/ptmx", 3701 [ 3702 AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1, 3703 [Define if you have /dev/ptmx]) 3704 have_dev_ptmx=1 3705 ] 3706 ) 3707 fi 3708fi 3709 3710if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3711 AC_CHECK_FILE("/dev/ptc", 3712 [ 3713 AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1, 3714 [Define if you have /dev/ptc]) 3715 have_dev_ptc=1 3716 ] 3717 ) 3718else 3719 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3720fi 3721 3722# Options from here on. Some of these are preset by platform above 3723AC_ARG_WITH(mantype, 3724 [ --with-mantype=man|cat|doc Set man page type], 3725 [ 3726 case "$withval" in 3727 man|cat|doc) 3728 MANTYPE=$withval 3729 ;; 3730 *) 3731 AC_MSG_ERROR(invalid man type: $withval) 3732 ;; 3733 esac 3734 ] 3735) 3736if test -z "$MANTYPE"; then 3737 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3738 AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath) 3739 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3740 MANTYPE=doc 3741 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3742 MANTYPE=man 3743 else 3744 MANTYPE=cat 3745 fi 3746fi 3747AC_SUBST(MANTYPE) 3748if test "$MANTYPE" = "doc"; then 3749 mansubdir=man; 3750else 3751 mansubdir=$MANTYPE; 3752fi 3753AC_SUBST(mansubdir) 3754 3755# Check whether to enable MD5 passwords 3756MD5_MSG="no" 3757AC_ARG_WITH(md5-passwords, 3758 [ --with-md5-passwords Enable use of MD5 passwords], 3759 [ 3760 if test "x$withval" != "xno" ; then 3761 AC_DEFINE(HAVE_MD5_PASSWORDS, 1, 3762 [Define if you want to allow MD5 passwords]) 3763 MD5_MSG="yes" 3764 fi 3765 ] 3766) 3767 3768# Whether to disable shadow password support 3769AC_ARG_WITH(shadow, 3770 [ --without-shadow Disable shadow password support], 3771 [ 3772 if test "x$withval" = "xno" ; then 3773 AC_DEFINE(DISABLE_SHADOW) 3774 disable_shadow=yes 3775 fi 3776 ] 3777) 3778 3779if test -z "$disable_shadow" ; then 3780 AC_MSG_CHECKING([if the systems has expire shadow information]) 3781 AC_TRY_COMPILE( 3782 [ 3783#include <sys/types.h> 3784#include <shadow.h> 3785 struct spwd sp; 3786 ],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ], 3787 [ sp_expire_available=yes ], [] 3788 ) 3789 3790 if test "x$sp_expire_available" = "xyes" ; then 3791 AC_MSG_RESULT(yes) 3792 AC_DEFINE(HAS_SHADOW_EXPIRE, 1, 3793 [Define if you want to use shadow password expire field]) 3794 else 3795 AC_MSG_RESULT(no) 3796 fi 3797fi 3798 3799# Use ip address instead of hostname in $DISPLAY 3800if test ! -z "$IPADDR_IN_DISPLAY" ; then 3801 DISPLAY_HACK_MSG="yes" 3802 AC_DEFINE(IPADDR_IN_DISPLAY, 1, 3803 [Define if you need to use IP address 3804 instead of hostname in $DISPLAY]) 3805else 3806 DISPLAY_HACK_MSG="no" 3807 AC_ARG_WITH(ipaddr-display, 3808 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3809 [ 3810 if test "x$withval" != "xno" ; then 3811 AC_DEFINE(IPADDR_IN_DISPLAY) 3812 DISPLAY_HACK_MSG="yes" 3813 fi 3814 ] 3815 ) 3816fi 3817 3818# check for /etc/default/login and use it if present. 3819AC_ARG_ENABLE(etc-default-login, 3820 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3821 [ if test "x$enableval" = "xno"; then 3822 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3823 etc_default_login=no 3824 else 3825 etc_default_login=yes 3826 fi ], 3827 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3828 then 3829 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3830 etc_default_login=no 3831 else 3832 etc_default_login=yes 3833 fi ] 3834) 3835 3836if test "x$etc_default_login" != "xno"; then 3837 AC_CHECK_FILE("/etc/default/login", 3838 [ external_path_file=/etc/default/login ]) 3839 if test "x$external_path_file" = "x/etc/default/login"; then 3840 AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1, 3841 [Define if your system has /etc/default/login]) 3842 fi 3843fi 3844 3845dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3846if test $ac_cv_func_login_getcapbool = "yes" && \ 3847 test $ac_cv_header_login_cap_h = "yes" ; then 3848 external_path_file=/etc/login.conf 3849fi 3850 3851# Whether to mess with the default path 3852SERVER_PATH_MSG="(default)" 3853AC_ARG_WITH(default-path, 3854 [ --with-default-path= Specify default \$PATH environment for server], 3855 [ 3856 if test "x$external_path_file" = "x/etc/login.conf" ; then 3857 AC_MSG_WARN([ 3858--with-default-path=PATH has no effect on this system. 3859Edit /etc/login.conf instead.]) 3860 elif test "x$withval" != "xno" ; then 3861 if test ! -z "$external_path_file" ; then 3862 AC_MSG_WARN([ 3863--with-default-path=PATH will only be used if PATH is not defined in 3864$external_path_file .]) 3865 fi 3866 user_path="$withval" 3867 SERVER_PATH_MSG="$withval" 3868 fi 3869 ], 3870 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3871 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3872 else 3873 if test ! -z "$external_path_file" ; then 3874 AC_MSG_WARN([ 3875If PATH is defined in $external_path_file, ensure the path to scp is included, 3876otherwise scp will not work.]) 3877 fi 3878 AC_RUN_IFELSE( 3879 [AC_LANG_SOURCE([[ 3880/* find out what STDPATH is */ 3881#include <stdio.h> 3882#ifdef HAVE_PATHS_H 3883# include <paths.h> 3884#endif 3885#ifndef _PATH_STDPATH 3886# ifdef _PATH_USERPATH /* Irix */ 3887# define _PATH_STDPATH _PATH_USERPATH 3888# else 3889# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3890# endif 3891#endif 3892#include <sys/types.h> 3893#include <sys/stat.h> 3894#include <fcntl.h> 3895#define DATA "conftest.stdpath" 3896 3897main() 3898{ 3899 FILE *fd; 3900 int rc; 3901 3902 fd = fopen(DATA,"w"); 3903 if(fd == NULL) 3904 exit(1); 3905 3906 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3907 exit(1); 3908 3909 exit(0); 3910} 3911 ]])], 3912 [ user_path=`cat conftest.stdpath` ], 3913 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3914 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3915 ) 3916# make sure $bindir is in USER_PATH so scp will work 3917 t_bindir=`eval echo ${bindir}` 3918 case $t_bindir in 3919 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3920 esac 3921 case $t_bindir in 3922 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3923 esac 3924 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3925 if test $? -ne 0 ; then 3926 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3927 if test $? -ne 0 ; then 3928 user_path=$user_path:$t_bindir 3929 AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work) 3930 fi 3931 fi 3932 fi ] 3933) 3934if test "x$external_path_file" != "x/etc/login.conf" ; then 3935 AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH]) 3936 AC_SUBST(user_path) 3937fi 3938 3939# Set superuser path separately to user path 3940AC_ARG_WITH(superuser-path, 3941 [ --with-superuser-path= Specify different path for super-user], 3942 [ 3943 if test -n "$withval" && test "x$withval" != "xno" && \ 3944 test "x${withval}" != "xyes"; then 3945 AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval", 3946 [Define if you want a different $PATH 3947 for the superuser]) 3948 superuser_path=$withval 3949 fi 3950 ] 3951) 3952 3953 3954AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3955IPV4_IN6_HACK_MSG="no" 3956AC_ARG_WITH(4in6, 3957 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3958 [ 3959 if test "x$withval" != "xno" ; then 3960 AC_MSG_RESULT(yes) 3961 AC_DEFINE(IPV4_IN_IPV6, 1, 3962 [Detect IPv4 in IPv6 mapped addresses 3963 and treat as IPv4]) 3964 IPV4_IN6_HACK_MSG="yes" 3965 else 3966 AC_MSG_RESULT(no) 3967 fi 3968 ],[ 3969 if test "x$inet6_default_4in6" = "xyes"; then 3970 AC_MSG_RESULT([yes (default)]) 3971 AC_DEFINE(IPV4_IN_IPV6) 3972 IPV4_IN6_HACK_MSG="yes" 3973 else 3974 AC_MSG_RESULT([no (default)]) 3975 fi 3976 ] 3977) 3978 3979# Whether to enable BSD auth support 3980BSD_AUTH_MSG=no 3981AC_ARG_WITH(bsd-auth, 3982 [ --with-bsd-auth Enable BSD auth support], 3983 [ 3984 if test "x$withval" != "xno" ; then 3985 AC_DEFINE(BSD_AUTH, 1, 3986 [Define if you have BSD auth support]) 3987 BSD_AUTH_MSG=yes 3988 fi 3989 ] 3990) 3991 3992# Where to place sshd.pid 3993piddir=/var/run 3994# make sure the directory exists 3995if test ! -d $piddir ; then 3996 piddir=`eval echo ${sysconfdir}` 3997 case $piddir in 3998 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3999 esac 4000fi 4001 4002AC_ARG_WITH(pid-dir, 4003 [ --with-pid-dir=PATH Specify location of ssh.pid file], 4004 [ 4005 if test -n "$withval" && test "x$withval" != "xno" && \ 4006 test "x${withval}" != "xyes"; then 4007 piddir=$withval 4008 if test ! -d $piddir ; then 4009 AC_MSG_WARN([** no $piddir directory on this system **]) 4010 fi 4011 fi 4012 ] 4013) 4014 4015AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid]) 4016AC_SUBST(piddir) 4017 4018dnl allow user to disable some login recording features 4019AC_ARG_ENABLE(lastlog, 4020 [ --disable-lastlog disable use of lastlog even if detected [no]], 4021 [ 4022 if test "x$enableval" = "xno" ; then 4023 AC_DEFINE(DISABLE_LASTLOG) 4024 fi 4025 ] 4026) 4027AC_ARG_ENABLE(utmp, 4028 [ --disable-utmp disable use of utmp even if detected [no]], 4029 [ 4030 if test "x$enableval" = "xno" ; then 4031 AC_DEFINE(DISABLE_UTMP) 4032 fi 4033 ] 4034) 4035AC_ARG_ENABLE(utmpx, 4036 [ --disable-utmpx disable use of utmpx even if detected [no]], 4037 [ 4038 if test "x$enableval" = "xno" ; then 4039 AC_DEFINE(DISABLE_UTMPX, 1, 4040 [Define if you don't want to use utmpx]) 4041 fi 4042 ] 4043) 4044AC_ARG_ENABLE(wtmp, 4045 [ --disable-wtmp disable use of wtmp even if detected [no]], 4046 [ 4047 if test "x$enableval" = "xno" ; then 4048 AC_DEFINE(DISABLE_WTMP) 4049 fi 4050 ] 4051) 4052AC_ARG_ENABLE(wtmpx, 4053 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 4054 [ 4055 if test "x$enableval" = "xno" ; then 4056 AC_DEFINE(DISABLE_WTMPX, 1, 4057 [Define if you don't want to use wtmpx]) 4058 fi 4059 ] 4060) 4061AC_ARG_ENABLE(libutil, 4062 [ --disable-libutil disable use of libutil (login() etc.) [no]], 4063 [ 4064 if test "x$enableval" = "xno" ; then 4065 AC_DEFINE(DISABLE_LOGIN) 4066 fi 4067 ] 4068) 4069AC_ARG_ENABLE(pututline, 4070 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 4071 [ 4072 if test "x$enableval" = "xno" ; then 4073 AC_DEFINE(DISABLE_PUTUTLINE, 1, 4074 [Define if you don't want to use pututline() 4075 etc. to write [uw]tmp]) 4076 fi 4077 ] 4078) 4079AC_ARG_ENABLE(pututxline, 4080 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 4081 [ 4082 if test "x$enableval" = "xno" ; then 4083 AC_DEFINE(DISABLE_PUTUTXLINE, 1, 4084 [Define if you don't want to use pututxline() 4085 etc. to write [uw]tmpx]) 4086 fi 4087 ] 4088) 4089AC_ARG_WITH(lastlog, 4090 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 4091 [ 4092 if test "x$withval" = "xno" ; then 4093 AC_DEFINE(DISABLE_LASTLOG) 4094 elif test -n "$withval" && test "x${withval}" != "xyes"; then 4095 conf_lastlog_location=$withval 4096 fi 4097 ] 4098) 4099 4100dnl lastlog, [uw]tmpx? detection 4101dnl NOTE: set the paths in the platform section to avoid the 4102dnl need for command-line parameters 4103dnl lastlog and [uw]tmp are subject to a file search if all else fails 4104 4105dnl lastlog detection 4106dnl NOTE: the code itself will detect if lastlog is a directory 4107AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 4108AC_TRY_COMPILE([ 4109#include <sys/types.h> 4110#include <utmp.h> 4111#ifdef HAVE_LASTLOG_H 4112# include <lastlog.h> 4113#endif 4114#ifdef HAVE_PATHS_H 4115# include <paths.h> 4116#endif 4117#ifdef HAVE_LOGIN_H 4118# include <login.h> 4119#endif 4120 ], 4121 [ char *lastlog = LASTLOG_FILE; ], 4122 [ AC_MSG_RESULT(yes) ], 4123 [ 4124 AC_MSG_RESULT(no) 4125 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 4126 AC_TRY_COMPILE([ 4127#include <sys/types.h> 4128#include <utmp.h> 4129#ifdef HAVE_LASTLOG_H 4130# include <lastlog.h> 4131#endif 4132#ifdef HAVE_PATHS_H 4133# include <paths.h> 4134#endif 4135 ], 4136 [ char *lastlog = _PATH_LASTLOG; ], 4137 [ AC_MSG_RESULT(yes) ], 4138 [ 4139 AC_MSG_RESULT(no) 4140 system_lastlog_path=no 4141 ]) 4142 ] 4143) 4144 4145if test -z "$conf_lastlog_location"; then 4146 if test x"$system_lastlog_path" = x"no" ; then 4147 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 4148 if (test -d "$f" || test -f "$f") ; then 4149 conf_lastlog_location=$f 4150 fi 4151 done 4152 if test -z "$conf_lastlog_location"; then 4153 AC_MSG_WARN([** Cannot find lastlog **]) 4154 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 4155 fi 4156 fi 4157fi 4158 4159if test -n "$conf_lastlog_location"; then 4160 AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location", 4161 [Define if you want to specify the path to your lastlog file]) 4162fi 4163 4164dnl utmp detection 4165AC_MSG_CHECKING([if your system defines UTMP_FILE]) 4166AC_TRY_COMPILE([ 4167#include <sys/types.h> 4168#include <utmp.h> 4169#ifdef HAVE_PATHS_H 4170# include <paths.h> 4171#endif 4172 ], 4173 [ char *utmp = UTMP_FILE; ], 4174 [ AC_MSG_RESULT(yes) ], 4175 [ AC_MSG_RESULT(no) 4176 system_utmp_path=no ] 4177) 4178if test -z "$conf_utmp_location"; then 4179 if test x"$system_utmp_path" = x"no" ; then 4180 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 4181 if test -f $f ; then 4182 conf_utmp_location=$f 4183 fi 4184 done 4185 if test -z "$conf_utmp_location"; then 4186 AC_DEFINE(DISABLE_UTMP) 4187 fi 4188 fi 4189fi 4190if test -n "$conf_utmp_location"; then 4191 AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location", 4192 [Define if you want to specify the path to your utmp file]) 4193fi 4194 4195dnl wtmp detection 4196AC_MSG_CHECKING([if your system defines WTMP_FILE]) 4197AC_TRY_COMPILE([ 4198#include <sys/types.h> 4199#include <utmp.h> 4200#ifdef HAVE_PATHS_H 4201# include <paths.h> 4202#endif 4203 ], 4204 [ char *wtmp = WTMP_FILE; ], 4205 [ AC_MSG_RESULT(yes) ], 4206 [ AC_MSG_RESULT(no) 4207 system_wtmp_path=no ] 4208) 4209if test -z "$conf_wtmp_location"; then 4210 if test x"$system_wtmp_path" = x"no" ; then 4211 for f in /usr/adm/wtmp /var/log/wtmp; do 4212 if test -f $f ; then 4213 conf_wtmp_location=$f 4214 fi 4215 done 4216 if test -z "$conf_wtmp_location"; then 4217 AC_DEFINE(DISABLE_WTMP) 4218 fi 4219 fi 4220fi 4221if test -n "$conf_wtmp_location"; then 4222 AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location", 4223 [Define if you want to specify the path to your wtmp file]) 4224fi 4225 4226 4227dnl wtmpx detection 4228AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 4229AC_TRY_COMPILE([ 4230#include <sys/types.h> 4231#include <utmp.h> 4232#ifdef HAVE_UTMPX_H 4233#include <utmpx.h> 4234#endif 4235#ifdef HAVE_PATHS_H 4236# include <paths.h> 4237#endif 4238 ], 4239 [ char *wtmpx = WTMPX_FILE; ], 4240 [ AC_MSG_RESULT(yes) ], 4241 [ AC_MSG_RESULT(no) 4242 system_wtmpx_path=no ] 4243) 4244if test -z "$conf_wtmpx_location"; then 4245 if test x"$system_wtmpx_path" = x"no" ; then 4246 AC_DEFINE(DISABLE_WTMPX) 4247 fi 4248else 4249 AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location", 4250 [Define if you want to specify the path to your wtmpx file]) 4251fi 4252 4253 4254if test ! -z "$blibpath" ; then 4255 LDFLAGS="$LDFLAGS $blibflags$blibpath" 4256 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 4257fi 4258 4259dnl Adding -Werror to CFLAGS early prevents configure tests from running. 4260dnl Add now. 4261CFLAGS="$CFLAGS $werror_flags" 4262 4263if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then 4264 TEST_SSH_IPV6=no 4265else 4266 TEST_SSH_IPV6=yes 4267fi 4268AC_CHECK_DECL(BROKEN_GETADDRINFO, TEST_SSH_IPV6=no) 4269AC_SUBST(TEST_SSH_IPV6, $TEST_SSH_IPV6) 4270 4271AC_EXEEXT 4272AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 4273 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 4274 ssh_prng_cmds survey.sh]) 4275AC_OUTPUT 4276 4277# Print summary of options 4278 4279# Someone please show me a better way :) 4280A=`eval echo ${prefix}` ; A=`eval echo ${A}` 4281B=`eval echo ${bindir}` ; B=`eval echo ${B}` 4282C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 4283D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 4284E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 4285F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 4286G=`eval echo ${piddir}` ; G=`eval echo ${G}` 4287H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 4288I=`eval echo ${user_path}` ; I=`eval echo ${I}` 4289J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 4290 4291echo "" 4292echo "OpenSSH has been configured with the following options:" 4293echo " User binaries: $B" 4294echo " System binaries: $C" 4295echo " Configuration files: $D" 4296echo " Askpass program: $E" 4297echo " Manual pages: $F" 4298echo " PID file: $G" 4299echo " Privilege separation chroot path: $H" 4300if test "x$external_path_file" = "x/etc/login.conf" ; then 4301echo " At runtime, sshd will use the path defined in $external_path_file" 4302echo " Make sure the path to scp is present, otherwise scp will not work" 4303else 4304echo " sshd default user PATH: $I" 4305 if test ! -z "$external_path_file"; then 4306echo " (If PATH is set in $external_path_file it will be used instead. If" 4307echo " used, ensure the path to scp is present, otherwise scp will not work.)" 4308 fi 4309fi 4310if test ! -z "$superuser_path" ; then 4311echo " sshd superuser user PATH: $J" 4312fi 4313echo " Manpage format: $MANTYPE" 4314echo " PAM support: $PAM_MSG" 4315echo " OSF SIA support: $SIA_MSG" 4316echo " KerberosV support: $KRB5_MSG" 4317echo " SELinux support: $SELINUX_MSG" 4318echo " Smartcard support: $SCARD_MSG" 4319echo " S/KEY support: $SKEY_MSG" 4320echo " TCP Wrappers support: $TCPW_MSG" 4321echo " MD5 password support: $MD5_MSG" 4322echo " libedit support: $LIBEDIT_MSG" 4323echo " Solaris process contract support: $SPC_MSG" 4324echo " Solaris project support: $SP_MSG" 4325echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4326echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4327echo " BSD Auth support: $BSD_AUTH_MSG" 4328echo " Random number source: $RAND_MSG" 4329if test ! -z "$USE_RAND_HELPER" ; then 4330echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" 4331fi 4332 4333echo "" 4334 4335echo " Host: ${host}" 4336echo " Compiler: ${CC}" 4337echo " Compiler flags: ${CFLAGS}" 4338echo "Preprocessor flags: ${CPPFLAGS}" 4339echo " Linker flags: ${LDFLAGS}" 4340echo " Libraries: ${LIBS}" 4341if test ! -z "${SSHDLIBS}"; then 4342echo " +for sshd: ${SSHDLIBS}" 4343fi 4344 4345echo "" 4346 4347if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4348 echo "SVR4 style packages are supported with \"make package\"" 4349 echo "" 4350fi 4351 4352if test "x$PAM_MSG" = "xyes" ; then 4353 echo "PAM is enabled. You may need to install a PAM control file " 4354 echo "for sshd, otherwise password authentication may fail. " 4355 echo "Example PAM control files can be found in the contrib/ " 4356 echo "subdirectory" 4357 echo "" 4358fi 4359 4360if test ! -z "$RAND_HELPER_CMDHASH" ; then 4361 echo "WARNING: you are using the builtin random number collection " 4362 echo "service. Please read WARNING.RNG and request that your OS " 4363 echo "vendor includes kernel-based random number collection in " 4364 echo "future versions of your OS." 4365 echo "" 4366fi 4367 4368if test ! -z "$NO_PEERCHECK" ; then 4369 echo "WARNING: the operating system that you are using does not" 4370 echo "appear to support getpeereid(), getpeerucred() or the" 4371 echo "SO_PEERCRED getsockopt() option. These facilities are used to" 4372 echo "enforce security checks to prevent unauthorised connections to" 4373 echo "ssh-agent. Their absence increases the risk that a malicious" 4374 echo "user can connect to your agent." 4375 echo "" 4376fi 4377 4378if test "$AUDIT_MODULE" = "bsm" ; then 4379 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4380 echo "See the Solaris section in README.platform for details." 4381fi 4382