1# $Id: configure.ac,v 1.518 2013/03/20 01:55:15 djm Exp $ 2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) 18AC_REVISION($Revision: 1.518 $) 19AC_CONFIG_SRCDIR([ssh.c]) 20AC_LANG([C]) 21 22AC_CONFIG_HEADER([config.h]) 23AC_PROG_CC 24AC_CANONICAL_HOST 25AC_C_BIGENDIAN 26 27# Checks for programs. 28AC_PROG_AWK 29AC_PROG_CPP 30AC_PROG_RANLIB 31AC_PROG_INSTALL 32AC_PROG_EGREP 33AC_PATH_PROG([AR], [ar]) 34AC_PATH_PROG([CAT], [cat]) 35AC_PATH_PROG([KILL], [kill]) 36AC_PATH_PROGS([PERL], [perl5 perl]) 37AC_PATH_PROG([SED], [sed]) 38AC_SUBST([PERL]) 39AC_PATH_PROG([ENT], [ent]) 40AC_SUBST([ENT]) 41AC_PATH_PROG([TEST_MINUS_S_SH], [bash]) 42AC_PATH_PROG([TEST_MINUS_S_SH], [ksh]) 43AC_PATH_PROG([TEST_MINUS_S_SH], [sh]) 44AC_PATH_PROG([SH], [sh]) 45AC_PATH_PROG([GROFF], [groff]) 46AC_PATH_PROG([NROFF], [nroff]) 47AC_PATH_PROG([MANDOC], [mandoc]) 48AC_SUBST([TEST_SHELL], [sh]) 49 50dnl select manpage formatter 51if test "x$MANDOC" != "x" ; then 52 MANFMT="$MANDOC" 53elif test "x$NROFF" != "x" ; then 54 MANFMT="$NROFF -mandoc" 55elif test "x$GROFF" != "x" ; then 56 MANFMT="$GROFF -mandoc -Tascii" 57else 58 AC_MSG_WARN([no manpage formatted found]) 59 MANFMT="false" 60fi 61AC_SUBST([MANFMT]) 62 63dnl for buildpkg.sh 64AC_PATH_PROG([PATH_GROUPADD_PROG], [groupadd], [groupadd], 65 [/usr/sbin${PATH_SEPARATOR}/etc]) 66AC_PATH_PROG([PATH_USERADD_PROG], [useradd], [useradd], 67 [/usr/sbin${PATH_SEPARATOR}/etc]) 68AC_CHECK_PROG([MAKE_PACKAGE_SUPPORTED], [pkgmk], [yes], [no]) 69if test -x /sbin/sh; then 70 AC_SUBST([STARTUP_SCRIPT_SHELL], [/sbin/sh]) 71else 72 AC_SUBST([STARTUP_SCRIPT_SHELL], [/bin/sh]) 73fi 74 75# System features 76AC_SYS_LARGEFILE 77 78if test -z "$AR" ; then 79 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 80fi 81 82# Use LOGIN_PROGRAM from environment if possible 83if test ! -z "$LOGIN_PROGRAM" ; then 84 AC_DEFINE_UNQUOTED([LOGIN_PROGRAM_FALLBACK], ["$LOGIN_PROGRAM"], 85 [If your header files don't define LOGIN_PROGRAM, 86 then use this (detected) from environment and PATH]) 87else 88 # Search for login 89 AC_PATH_PROG([LOGIN_PROGRAM_FALLBACK], [login]) 90 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 91 AC_DEFINE_UNQUOTED([LOGIN_PROGRAM_FALLBACK], ["$LOGIN_PROGRAM_FALLBACK"]) 92 fi 93fi 94 95AC_PATH_PROG([PATH_PASSWD_PROG], [passwd]) 96if test ! -z "$PATH_PASSWD_PROG" ; then 97 AC_DEFINE_UNQUOTED([_PATH_PASSWD_PROG], ["$PATH_PASSWD_PROG"], 98 [Full path of your "passwd" program]) 99fi 100 101if test -z "$LD" ; then 102 LD=$CC 103fi 104AC_SUBST([LD]) 105 106AC_C_INLINE 107 108AC_CHECK_DECL([LLONG_MAX], [have_llong_max=1], , [#include <limits.h>]) 109AC_CHECK_DECL([SYSTR_POLICY_KILL], [have_systr_policy_kill=1], , [ 110 #include <sys/types.h> 111 #include <sys/param.h> 112 #include <dev/systrace.h> 113]) 114AC_CHECK_DECL([RLIMIT_NPROC], 115 [AC_DEFINE([HAVE_RLIMIT_NPROC], [], [sys/resource.h has RLIMIT_NPROC])], , [ 116 #include <sys/types.h> 117 #include <sys/resource.h> 118]) 119AC_CHECK_DECL([PR_SET_NO_NEW_PRIVS], [have_linux_no_new_privs=1], , [ 120 #include <sys/types.h> 121 #include <linux/prctl.h> 122]) 123use_stack_protector=1 124AC_ARG_WITH([stackprotect], 125 [ --without-stackprotect Don't use compiler's stack protection], [ 126 if test "x$withval" = "xno"; then 127 use_stack_protector=0 128 fi ]) 129 130 131if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 132 OSSH_CHECK_CFLAG_COMPILE([-Wall]) 133 OSSH_CHECK_CFLAG_COMPILE([-Wpointer-arith]) 134 OSSH_CHECK_CFLAG_COMPILE([-Wuninitialized]) 135 OSSH_CHECK_CFLAG_COMPILE([-Wsign-compare]) 136 OSSH_CHECK_CFLAG_COMPILE([-Wformat-security]) 137 OSSH_CHECK_CFLAG_COMPILE([-Wpointer-sign], [-Wno-pointer-sign]) 138 OSSH_CHECK_CFLAG_COMPILE([-Wunused-result], [-Wno-unused-result]) 139 OSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing]) 140 OSSH_CHECK_CFLAG_COMPILE([-D_FORTIFY_SOURCE=2]) 141 AC_MSG_CHECKING([gcc version]) 142 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 143 case $GCC_VER in 144 1.*) no_attrib_nonnull=1 ;; 145 2.8* | 2.9*) 146 no_attrib_nonnull=1 147 ;; 148 2.*) no_attrib_nonnull=1 ;; 149 *) ;; 150 esac 151 AC_MSG_RESULT([$GCC_VER]) 152 153 AC_MSG_CHECKING([if $CC accepts -fno-builtin-memset]) 154 saved_CFLAGS="$CFLAGS" 155 CFLAGS="$CFLAGS -fno-builtin-memset" 156 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <string.h> ]], 157 [[ char b[10]; memset(b, 0, sizeof(b)); ]])], 158 [ AC_MSG_RESULT([yes]) ], 159 [ AC_MSG_RESULT([no]) 160 CFLAGS="$saved_CFLAGS" ] 161 ) 162 163 # -fstack-protector-all doesn't always work for some GCC versions 164 # and/or platforms, so we test if we can. If it's not supported 165 # on a given platform gcc will emit a warning so we use -Werror. 166 if test "x$use_stack_protector" = "x1"; then 167 for t in -fstack-protector-all -fstack-protector; do 168 AC_MSG_CHECKING([if $CC supports $t]) 169 saved_CFLAGS="$CFLAGS" 170 saved_LDFLAGS="$LDFLAGS" 171 CFLAGS="$CFLAGS $t -Werror" 172 LDFLAGS="$LDFLAGS $t -Werror" 173 AC_LINK_IFELSE( 174 [AC_LANG_PROGRAM([[ #include <stdio.h> ]], 175 [[ 176 char x[256]; 177 snprintf(x, sizeof(x), "XXX"); 178 ]])], 179 [ AC_MSG_RESULT([yes]) 180 CFLAGS="$saved_CFLAGS $t" 181 LDFLAGS="$saved_LDFLAGS $t" 182 AC_MSG_CHECKING([if $t works]) 183 AC_RUN_IFELSE( 184 [AC_LANG_PROGRAM([[ #include <stdio.h> ]], 185 [[ 186 char x[256]; 187 snprintf(x, sizeof(x), "XXX"); 188 ]])], 189 [ AC_MSG_RESULT([yes]) 190 break ], 191 [ AC_MSG_RESULT([no]) ], 192 [ AC_MSG_WARN([cross compiling: cannot test]) 193 break ] 194 ) 195 ], 196 [ AC_MSG_RESULT([no]) ] 197 ) 198 CFLAGS="$saved_CFLAGS" 199 LDFLAGS="$saved_LDFLAGS" 200 done 201 fi 202 203 if test -z "$have_llong_max"; then 204 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 205 unset ac_cv_have_decl_LLONG_MAX 206 saved_CFLAGS="$CFLAGS" 207 CFLAGS="$CFLAGS -std=gnu99" 208 AC_CHECK_DECL([LLONG_MAX], 209 [have_llong_max=1], 210 [CFLAGS="$saved_CFLAGS"], 211 [#include <limits.h>] 212 ) 213 fi 214fi 215 216AC_MSG_CHECKING([if compiler allows __attribute__ on return types]) 217AC_COMPILE_IFELSE( 218 [AC_LANG_PROGRAM([[ 219#include <stdlib.h> 220__attribute__((__unused__)) static void foo(void){return;}]], 221 [[ exit(0); ]])], 222 [ AC_MSG_RESULT([yes]) ], 223 [ AC_MSG_RESULT([no]) 224 AC_DEFINE(NO_ATTRIBUTE_ON_RETURN_TYPE, 1, 225 [compiler does not accept __attribute__ on return types]) ] 226) 227 228if test "x$no_attrib_nonnull" != "x1" ; then 229 AC_DEFINE([HAVE_ATTRIBUTE__NONNULL__], [1], [Have attribute nonnull]) 230fi 231 232AC_ARG_WITH([rpath], 233 [ --without-rpath Disable auto-added -R linker paths], 234 [ 235 if test "x$withval" = "xno" ; then 236 need_dash_r="" 237 fi 238 if test "x$withval" = "xyes" ; then 239 need_dash_r=1 240 fi 241 ] 242) 243 244# Allow user to specify flags 245AC_ARG_WITH([cflags], 246 [ --with-cflags Specify additional flags to pass to compiler], 247 [ 248 if test -n "$withval" && test "x$withval" != "xno" && \ 249 test "x${withval}" != "xyes"; then 250 CFLAGS="$CFLAGS $withval" 251 fi 252 ] 253) 254AC_ARG_WITH([cppflags], 255 [ --with-cppflags Specify additional flags to pass to preprocessor] , 256 [ 257 if test -n "$withval" && test "x$withval" != "xno" && \ 258 test "x${withval}" != "xyes"; then 259 CPPFLAGS="$CPPFLAGS $withval" 260 fi 261 ] 262) 263AC_ARG_WITH([ldflags], 264 [ --with-ldflags Specify additional flags to pass to linker], 265 [ 266 if test -n "$withval" && test "x$withval" != "xno" && \ 267 test "x${withval}" != "xyes"; then 268 LDFLAGS="$LDFLAGS $withval" 269 fi 270 ] 271) 272AC_ARG_WITH([libs], 273 [ --with-libs Specify additional libraries to link with], 274 [ 275 if test -n "$withval" && test "x$withval" != "xno" && \ 276 test "x${withval}" != "xyes"; then 277 LIBS="$LIBS $withval" 278 fi 279 ] 280) 281AC_ARG_WITH([Werror], 282 [ --with-Werror Build main code with -Werror], 283 [ 284 if test -n "$withval" && test "x$withval" != "xno"; then 285 werror_flags="-Werror" 286 if test "x${withval}" != "xyes"; then 287 werror_flags="$withval" 288 fi 289 fi 290 ] 291) 292 293AC_CHECK_HEADERS([ \ 294 bstring.h \ 295 crypt.h \ 296 crypto/sha2.h \ 297 dirent.h \ 298 endian.h \ 299 elf.h \ 300 features.h \ 301 fcntl.h \ 302 floatingpoint.h \ 303 getopt.h \ 304 glob.h \ 305 ia.h \ 306 iaf.h \ 307 limits.h \ 308 login.h \ 309 maillock.h \ 310 ndir.h \ 311 net/if_tun.h \ 312 netdb.h \ 313 netgroup.h \ 314 pam/pam_appl.h \ 315 paths.h \ 316 poll.h \ 317 pty.h \ 318 readpassphrase.h \ 319 rpc/types.h \ 320 security/pam_appl.h \ 321 sha2.h \ 322 shadow.h \ 323 stddef.h \ 324 stdint.h \ 325 string.h \ 326 strings.h \ 327 sys/audit.h \ 328 sys/bitypes.h \ 329 sys/bsdtty.h \ 330 sys/cdefs.h \ 331 sys/dir.h \ 332 sys/mman.h \ 333 sys/ndir.h \ 334 sys/poll.h \ 335 sys/prctl.h \ 336 sys/pstat.h \ 337 sys/select.h \ 338 sys/stat.h \ 339 sys/stream.h \ 340 sys/stropts.h \ 341 sys/strtio.h \ 342 sys/statvfs.h \ 343 sys/sysmacros.h \ 344 sys/time.h \ 345 sys/timers.h \ 346 sys/un.h \ 347 time.h \ 348 tmpdir.h \ 349 ttyent.h \ 350 ucred.h \ 351 unistd.h \ 352 usersec.h \ 353 util.h \ 354 utime.h \ 355 utmp.h \ 356 utmpx.h \ 357 vis.h \ 358]) 359 360# lastlog.h requires sys/time.h to be included first on Solaris 361AC_CHECK_HEADERS([lastlog.h], [], [], [ 362#ifdef HAVE_SYS_TIME_H 363# include <sys/time.h> 364#endif 365]) 366 367# sys/ptms.h requires sys/stream.h to be included first on Solaris 368AC_CHECK_HEADERS([sys/ptms.h], [], [], [ 369#ifdef HAVE_SYS_STREAM_H 370# include <sys/stream.h> 371#endif 372]) 373 374# login_cap.h requires sys/types.h on NetBSD 375AC_CHECK_HEADERS([login_cap.h], [], [], [ 376#include <sys/types.h> 377]) 378 379# older BSDs need sys/param.h before sys/mount.h 380AC_CHECK_HEADERS([sys/mount.h], [], [], [ 381#include <sys/param.h> 382]) 383 384# Messages for features tested for in target-specific section 385SIA_MSG="no" 386SPC_MSG="no" 387SP_MSG="no" 388 389# Check for some target-specific stuff 390case "$host" in 391*-*-aix*) 392 # Some versions of VAC won't allow macro redefinitions at 393 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 394 # particularly with older versions of vac or xlc. 395 # It also throws errors about null macro argments, but these are 396 # not fatal. 397 AC_MSG_CHECKING([if compiler allows macro redefinitions]) 398 AC_COMPILE_IFELSE( 399 [AC_LANG_PROGRAM([[ 400#define testmacro foo 401#define testmacro bar]], 402 [[ exit(0); ]])], 403 [ AC_MSG_RESULT([yes]) ], 404 [ AC_MSG_RESULT([no]) 405 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 406 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" 407 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 408 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 409 ] 410 ) 411 412 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 413 if (test -z "$blibpath"); then 414 blibpath="/usr/lib:/lib" 415 fi 416 saved_LDFLAGS="$LDFLAGS" 417 if test "$GCC" = "yes"; then 418 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 419 else 420 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 421 fi 422 for tryflags in $flags ;do 423 if (test -z "$blibflags"); then 424 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 425 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], 426 [blibflags=$tryflags], []) 427 fi 428 done 429 if (test -z "$blibflags"); then 430 AC_MSG_RESULT([not found]) 431 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 432 else 433 AC_MSG_RESULT([$blibflags]) 434 fi 435 LDFLAGS="$saved_LDFLAGS" 436 dnl Check for authenticate. Might be in libs.a on older AIXes 437 AC_CHECK_FUNC([authenticate], [AC_DEFINE([WITH_AIXAUTHENTICATE], [1], 438 [Define if you want to enable AIX4's authenticate function])], 439 [AC_CHECK_LIB([s], [authenticate], 440 [ AC_DEFINE([WITH_AIXAUTHENTICATE]) 441 LIBS="$LIBS -ls" 442 ]) 443 ]) 444 dnl Check for various auth function declarations in headers. 445 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 446 passwdexpired, setauthdb], , , [#include <usersec.h>]) 447 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 448 AC_CHECK_DECLS([loginfailed], 449 [AC_MSG_CHECKING([if loginfailed takes 4 arguments]) 450 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <usersec.h> ]], 451 [[ (void)loginfailed("user","host","tty",0); ]])], 452 [AC_MSG_RESULT([yes]) 453 AC_DEFINE([AIX_LOGINFAILED_4ARG], [1], 454 [Define if your AIX loginfailed() function 455 takes 4 arguments (AIX >= 5.2)])], [AC_MSG_RESULT([no]) 456 ])], 457 [], 458 [#include <usersec.h>] 459 ) 460 AC_CHECK_FUNCS([getgrset setauthdb]) 461 AC_CHECK_DECL([F_CLOSEM], 462 AC_DEFINE([HAVE_FCNTL_CLOSEM], [1], [Use F_CLOSEM fcntl for closefrom]), 463 [], 464 [ #include <limits.h> 465 #include <fcntl.h> ] 466 ) 467 check_for_aix_broken_getaddrinfo=1 468 AC_DEFINE([BROKEN_REALPATH], [1], [Define if you have a broken realpath.]) 469 AC_DEFINE([SETEUID_BREAKS_SETUID], [1], 470 [Define if your platform breaks doing a seteuid before a setuid]) 471 AC_DEFINE([BROKEN_SETREUID], [1], [Define if your setreuid() is broken]) 472 AC_DEFINE([BROKEN_SETREGID], [1], [Define if your setregid() is broken]) 473 dnl AIX handles lastlog as part of its login message 474 AC_DEFINE([DISABLE_LASTLOG], [1], [Define if you don't want to use lastlog]) 475 AC_DEFINE([LOGIN_NEEDS_UTMPX], [1], 476 [Some systems need a utmpx entry for /bin/login to work]) 477 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV], 478 [Define to a Set Process Title type if your system is 479 supported by bsd-setproctitle.c]) 480 AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1], 481 [AIX 5.2 and 5.3 (and presumably newer) require this]) 482 AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd]) 483 AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)]) 484 ;; 485*-*-cygwin*) 486 check_for_libcrypt_later=1 487 LIBS="$LIBS /usr/lib/textreadmode.o" 488 AC_DEFINE([HAVE_CYGWIN], [1], [Define if you are on Cygwin]) 489 AC_DEFINE([USE_PIPES], [1], [Use PIPES instead of a socketpair()]) 490 AC_DEFINE([DISABLE_SHADOW], [1], 491 [Define if you want to disable shadow passwords]) 492 AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], 493 [Define if X11 doesn't support AF_UNIX sockets on that system]) 494 AC_DEFINE([NO_IPPORT_RESERVED_CONCEPT], [1], 495 [Define if the concept of ports only accessible to 496 superusers isn't known]) 497 AC_DEFINE([DISABLE_FD_PASSING], [1], 498 [Define if your platform needs to skip post auth 499 file descriptor passing]) 500 AC_DEFINE([SSH_IOBUFSZ], [65535], [Windows is sensitive to read buffer size]) 501 AC_DEFINE([FILESYSTEM_NO_BACKSLASH], [1], [File names may not contain backslash characters]) 502 ;; 503*-*-dgux*) 504 AC_DEFINE([IP_TOS_IS_BROKEN], [1], 505 [Define if your system choked on IP TOS setting]) 506 AC_DEFINE([SETEUID_BREAKS_SETUID]) 507 AC_DEFINE([BROKEN_SETREUID]) 508 AC_DEFINE([BROKEN_SETREGID]) 509 ;; 510*-*-darwin*) 511 AC_MSG_CHECKING([if we have working getaddrinfo]) 512 AC_RUN_IFELSE([AC_LANG_SOURCE([[ #include <mach-o/dyld.h> 513main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 514 exit(0); 515 else 516 exit(1); 517} 518 ]])], 519 [AC_MSG_RESULT([working])], 520 [AC_MSG_RESULT([buggy]) 521 AC_DEFINE([BROKEN_GETADDRINFO], [1], 522 [getaddrinfo is broken (if present)]) 523 ], 524 [AC_MSG_RESULT([assume it is working])]) 525 AC_DEFINE([SETEUID_BREAKS_SETUID]) 526 AC_DEFINE([BROKEN_SETREUID]) 527 AC_DEFINE([BROKEN_SETREGID]) 528 AC_DEFINE([BROKEN_GLOB], [1], [OS X glob does not do what we expect]) 529 AC_DEFINE_UNQUOTED([BIND_8_COMPAT], [1], 530 [Define if your resolver libs need this for getrrsetbyname]) 531 AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) 532 AC_DEFINE([SSH_TUN_COMPAT_AF], [1], 533 [Use tunnel device compatibility to OpenBSD]) 534 AC_DEFINE([SSH_TUN_PREPEND_AF], [1], 535 [Prepend the address family to IP tunnel traffic]) 536 m4_pattern_allow([AU_IPv]) 537 AC_CHECK_DECL([AU_IPv4], [], 538 AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) 539 [#include <bsm/audit.h>] 540 AC_DEFINE([LASTLOG_WRITE_PUTUTXLINE], [1], 541 [Define if pututxline updates lastlog too]) 542 ) 543 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV], 544 [Define to a Set Process Title type if your system is 545 supported by bsd-setproctitle.c]) 546 AC_CHECK_FUNCS([sandbox_init]) 547 AC_CHECK_HEADERS([sandbox.h]) 548 ;; 549*-*-dragonfly*) 550 SSHDLIBS="$SSHDLIBS -lcrypt" 551 ;; 552*-*-haiku*) 553 LIBS="$LIBS -lbsd " 554 AC_CHECK_LIB([network], [socket]) 555 AC_DEFINE([HAVE_U_INT64_T]) 556 MANTYPE=man 557 ;; 558*-*-hpux*) 559 # first we define all of the options common to all HP-UX releases 560 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 561 IPADDR_IN_DISPLAY=yes 562 AC_DEFINE([USE_PIPES]) 563 AC_DEFINE([LOGIN_NO_ENDOPT], [1], 564 [Define if your login program cannot handle end of options ("--")]) 565 AC_DEFINE([LOGIN_NEEDS_UTMPX]) 566 AC_DEFINE([LOCKED_PASSWD_STRING], ["*"], 567 [String used in /etc/passwd to denote locked account]) 568 AC_DEFINE([SPT_TYPE], [SPT_PSTAT]) 569 AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)]) 570 maildir="/var/mail" 571 LIBS="$LIBS -lsec" 572 AC_CHECK_LIB([xnet], [t_error], , 573 [AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])]) 574 575 # next, we define all of the options specific to major releases 576 case "$host" in 577 *-*-hpux10*) 578 if test -z "$GCC"; then 579 CFLAGS="$CFLAGS -Ae" 580 fi 581 ;; 582 *-*-hpux11*) 583 AC_DEFINE([PAM_SUN_CODEBASE], [1], 584 [Define if you are using Solaris-derived PAM which 585 passes pam_messages to the conversation function 586 with an extra level of indirection]) 587 AC_DEFINE([DISABLE_UTMP], [1], 588 [Define if you don't want to use utmp]) 589 AC_DEFINE([USE_BTMP], [1], [Use btmp to log bad logins]) 590 check_for_hpux_broken_getaddrinfo=1 591 check_for_conflicting_getspnam=1 592 ;; 593 esac 594 595 # lastly, we define options specific to minor releases 596 case "$host" in 597 *-*-hpux10.26) 598 AC_DEFINE([HAVE_SECUREWARE], [1], 599 [Define if you have SecureWare-based 600 protected password database]) 601 disable_ptmx_check=yes 602 LIBS="$LIBS -lsecpw" 603 ;; 604 esac 605 ;; 606*-*-irix5*) 607 PATH="$PATH:/usr/etc" 608 AC_DEFINE([BROKEN_INET_NTOA], [1], 609 [Define if you system's inet_ntoa is busted 610 (e.g. Irix gcc issue)]) 611 AC_DEFINE([SETEUID_BREAKS_SETUID]) 612 AC_DEFINE([BROKEN_SETREUID]) 613 AC_DEFINE([BROKEN_SETREGID]) 614 AC_DEFINE([WITH_ABBREV_NO_TTY], [1], 615 [Define if you shouldn't strip 'tty' from your 616 ttyname in [uw]tmp]) 617 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 618 ;; 619*-*-irix6*) 620 PATH="$PATH:/usr/etc" 621 AC_DEFINE([WITH_IRIX_ARRAY], [1], 622 [Define if you have/want arrays 623 (cluster-wide session managment, not C arrays)]) 624 AC_DEFINE([WITH_IRIX_PROJECT], [1], 625 [Define if you want IRIX project management]) 626 AC_DEFINE([WITH_IRIX_AUDIT], [1], 627 [Define if you want IRIX audit trails]) 628 AC_CHECK_FUNC([jlimit_startjob], [AC_DEFINE([WITH_IRIX_JOBS], [1], 629 [Define if you want IRIX kernel jobs])]) 630 AC_DEFINE([BROKEN_INET_NTOA]) 631 AC_DEFINE([SETEUID_BREAKS_SETUID]) 632 AC_DEFINE([BROKEN_SETREUID]) 633 AC_DEFINE([BROKEN_SETREGID]) 634 AC_DEFINE([BROKEN_UPDWTMPX], [1], [updwtmpx is broken (if present)]) 635 AC_DEFINE([WITH_ABBREV_NO_TTY]) 636 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 637 ;; 638*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu) 639 check_for_libcrypt_later=1 640 AC_DEFINE([PAM_TTY_KLUDGE]) 641 AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"]) 642 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV]) 643 AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts]) 644 AC_DEFINE([USE_BTMP], [1], [Use btmp to log bad logins]) 645 ;; 646*-*-linux*) 647 no_dev_ptmx=1 648 check_for_libcrypt_later=1 649 check_for_openpty_ctty_bug=1 650 AC_DEFINE([PAM_TTY_KLUDGE], [1], 651 [Work around problematic Linux PAM modules handling of PAM_TTY]) 652 AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"], 653 [String used in /etc/passwd to denote locked account]) 654 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV]) 655 AC_DEFINE([LINK_OPNOTSUPP_ERRNO], [EPERM], 656 [Define to whatever link() returns for "not supported" 657 if it doesn't return EOPNOTSUPP.]) 658 AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts]) 659 AC_DEFINE([USE_BTMP]) 660 AC_DEFINE([LINUX_OOM_ADJUST], [1], [Adjust Linux out-of-memory killer]) 661 inet6_default_4in6=yes 662 case `uname -r` in 663 1.*|2.0.*) 664 AC_DEFINE([BROKEN_CMSG_TYPE], [1], 665 [Define if cmsg_type is not passed correctly]) 666 ;; 667 esac 668 # tun(4) forwarding compat code 669 AC_CHECK_HEADERS([linux/if_tun.h]) 670 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 671 AC_DEFINE([SSH_TUN_LINUX], [1], 672 [Open tunnel devices the Linux tun/tap way]) 673 AC_DEFINE([SSH_TUN_COMPAT_AF], [1], 674 [Use tunnel device compatibility to OpenBSD]) 675 AC_DEFINE([SSH_TUN_PREPEND_AF], [1], 676 [Prepend the address family to IP tunnel traffic]) 677 fi 678 AC_CHECK_HEADERS([linux/seccomp.h linux/filter.h linux/audit.h], [], 679 [], [#include <linux/types.h>]) 680 AC_CHECK_FUNCS([prctl]) 681 AC_MSG_CHECKING([for seccomp architecture]) 682 seccomp_audit_arch= 683 case "$host" in 684 x86_64-*) 685 seccomp_audit_arch=AUDIT_ARCH_X86_64 686 ;; 687 i*86-*) 688 seccomp_audit_arch=AUDIT_ARCH_I386 689 ;; 690 arm*-*) 691 seccomp_audit_arch=AUDIT_ARCH_ARM 692 ;; 693 esac 694 if test "x$seccomp_audit_arch" != "x" ; then 695 AC_MSG_RESULT(["$seccomp_audit_arch"]) 696 AC_DEFINE_UNQUOTED([SECCOMP_AUDIT_ARCH], [$seccomp_audit_arch], 697 [Specify the system call convention in use]) 698 else 699 AC_MSG_RESULT([architecture not supported]) 700 fi 701 ;; 702mips-sony-bsd|mips-sony-newsos4) 703 AC_DEFINE([NEED_SETPGRP], [1], [Need setpgrp to acquire controlling tty]) 704 SONY=1 705 ;; 706*-*-netbsd*) 707 check_for_libcrypt_before=1 708 if test "x$withval" != "xno" ; then 709 need_dash_r=1 710 fi 711 AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) 712 AC_CHECK_HEADER([net/if_tap.h], , 713 AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) 714 AC_DEFINE([SSH_TUN_PREPEND_AF], [1], 715 [Prepend the address family to IP tunnel traffic]) 716 ;; 717*-*-freebsd*) 718 check_for_libcrypt_later=1 719 AC_DEFINE([LOCKED_PASSWD_PREFIX], ["*LOCKED*"], [Account locked with pw(1)]) 720 AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) 721 AC_CHECK_HEADER([net/if_tap.h], , 722 AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) 723 AC_DEFINE([BROKEN_GLOB], [1], [FreeBSD glob does not do what we need]) 724 AC_DEFINE([BROKEN_STRNVIS], [1], [FreeBSD strnvis does not do what we need]) 725 ;; 726*-*-bsdi*) 727 AC_DEFINE([SETEUID_BREAKS_SETUID]) 728 AC_DEFINE([BROKEN_SETREUID]) 729 AC_DEFINE([BROKEN_SETREGID]) 730 ;; 731*-next-*) 732 conf_lastlog_location="/usr/adm/lastlog" 733 conf_utmp_location=/etc/utmp 734 conf_wtmp_location=/usr/adm/wtmp 735 maildir=/usr/spool/mail 736 AC_DEFINE([HAVE_NEXT], [1], [Define if you are on NeXT]) 737 AC_DEFINE([BROKEN_REALPATH]) 738 AC_DEFINE([USE_PIPES]) 739 AC_DEFINE([BROKEN_SAVED_UIDS], [1], [Needed for NeXT]) 740 ;; 741*-*-openbsd*) 742 AC_DEFINE([HAVE_ATTRIBUTE__SENTINEL__], [1], [OpenBSD's gcc has sentinel]) 743 AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD's gcc has bounded]) 744 AC_DEFINE([SSH_TUN_OPENBSD], [1], [Open tunnel devices the OpenBSD way]) 745 AC_DEFINE([SYSLOG_R_SAFE_IN_SIGHAND], [1], 746 [syslog_r function is safe to use in in a signal handler]) 747 ;; 748*-*-solaris*) 749 if test "x$withval" != "xno" ; then 750 need_dash_r=1 751 fi 752 AC_DEFINE([PAM_SUN_CODEBASE]) 753 AC_DEFINE([LOGIN_NEEDS_UTMPX]) 754 AC_DEFINE([LOGIN_NEEDS_TERM], [1], 755 [Some versions of /bin/login need the TERM supplied 756 on the commandline]) 757 AC_DEFINE([PAM_TTY_KLUDGE]) 758 AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1], 759 [Define if pam_chauthtok wants real uid set 760 to the unpriv'ed user]) 761 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 762 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 763 AC_DEFINE([SSHD_ACQUIRES_CTTY], [1], 764 [Define if sshd somehow reacquires a controlling TTY 765 after setsid()]) 766 AC_DEFINE([PASSWD_NEEDS_USERNAME], [1], [must supply username to passwd 767 in case the name is longer than 8 chars]) 768 AC_DEFINE([BROKEN_TCGETATTR_ICANON], [1], [tcgetattr with ICANON may hang]) 769 external_path_file=/etc/default/login 770 # hardwire lastlog location (can't detect it on some versions) 771 conf_lastlog_location="/var/adm/lastlog" 772 AC_MSG_CHECKING([for obsolete utmp and wtmp in solaris2.x]) 773 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 774 if test "$sol2ver" -ge 8; then 775 AC_MSG_RESULT([yes]) 776 AC_DEFINE([DISABLE_UTMP]) 777 AC_DEFINE([DISABLE_WTMP], [1], 778 [Define if you don't want to use wtmp]) 779 else 780 AC_MSG_RESULT([no]) 781 fi 782 AC_ARG_WITH([solaris-contracts], 783 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 784 [ 785 AC_CHECK_LIB([contract], [ct_tmpl_activate], 786 [ AC_DEFINE([USE_SOLARIS_PROCESS_CONTRACTS], [1], 787 [Define if you have Solaris process contracts]) 788 SSHDLIBS="$SSHDLIBS -lcontract" 789 SPC_MSG="yes" ], ) 790 ], 791 ) 792 AC_ARG_WITH([solaris-projects], 793 [ --with-solaris-projects Enable Solaris projects (experimental)], 794 [ 795 AC_CHECK_LIB([project], [setproject], 796 [ AC_DEFINE([USE_SOLARIS_PROJECTS], [1], 797 [Define if you have Solaris projects]) 798 SSHDLIBS="$SSHDLIBS -lproject" 799 SP_MSG="yes" ], ) 800 ], 801 ) 802 ;; 803*-*-sunos4*) 804 CPPFLAGS="$CPPFLAGS -DSUNOS4" 805 AC_CHECK_FUNCS([getpwanam]) 806 AC_DEFINE([PAM_SUN_CODEBASE]) 807 conf_utmp_location=/etc/utmp 808 conf_wtmp_location=/var/adm/wtmp 809 conf_lastlog_location=/var/adm/lastlog 810 AC_DEFINE([USE_PIPES]) 811 ;; 812*-ncr-sysv*) 813 LIBS="$LIBS -lc89" 814 AC_DEFINE([USE_PIPES]) 815 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 816 AC_DEFINE([SETEUID_BREAKS_SETUID]) 817 AC_DEFINE([BROKEN_SETREUID]) 818 AC_DEFINE([BROKEN_SETREGID]) 819 ;; 820*-sni-sysv*) 821 # /usr/ucblib MUST NOT be searched on ReliantUNIX 822 AC_CHECK_LIB([dl], [dlsym], ,) 823 # -lresolv needs to be at the end of LIBS or DNS lookups break 824 AC_CHECK_LIB([resolv], [res_query], [ LIBS="$LIBS -lresolv" ]) 825 IPADDR_IN_DISPLAY=yes 826 AC_DEFINE([USE_PIPES]) 827 AC_DEFINE([IP_TOS_IS_BROKEN]) 828 AC_DEFINE([SETEUID_BREAKS_SETUID]) 829 AC_DEFINE([BROKEN_SETREUID]) 830 AC_DEFINE([BROKEN_SETREGID]) 831 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 832 external_path_file=/etc/default/login 833 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 834 # Attention: always take care to bind libsocket and libnsl before libc, 835 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 836 ;; 837# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 838*-*-sysv4.2*) 839 AC_DEFINE([USE_PIPES]) 840 AC_DEFINE([SETEUID_BREAKS_SETUID]) 841 AC_DEFINE([BROKEN_SETREUID]) 842 AC_DEFINE([BROKEN_SETREGID]) 843 AC_DEFINE([PASSWD_NEEDS_USERNAME], [1], [must supply username to passwd]) 844 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 845 ;; 846# UnixWare 7.x, OpenUNIX 8 847*-*-sysv5*) 848 CPPFLAGS="$CPPFLAGS -Dvsnprintf=_xvsnprintf -Dsnprintf=_xsnprintf" 849 AC_DEFINE([UNIXWARE_LONG_PASSWORDS], [1], [Support passwords > 8 chars]) 850 AC_DEFINE([USE_PIPES]) 851 AC_DEFINE([SETEUID_BREAKS_SETUID]) 852 AC_DEFINE([BROKEN_GETADDRINFO]) 853 AC_DEFINE([BROKEN_SETREUID]) 854 AC_DEFINE([BROKEN_SETREGID]) 855 AC_DEFINE([PASSWD_NEEDS_USERNAME]) 856 case "$host" in 857 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 858 maildir=/var/spool/mail 859 TEST_SHELL=/u95/bin/sh 860 AC_DEFINE([BROKEN_LIBIAF], [1], 861 [ia_uinfo routines not supported by OS yet]) 862 AC_DEFINE([BROKEN_UPDWTMPX]) 863 AC_CHECK_LIB([prot], [getluid], [ LIBS="$LIBS -lprot" 864 AC_CHECK_FUNCS([getluid setluid], , , [-lprot]) 865 AC_DEFINE([HAVE_SECUREWARE]) 866 AC_DEFINE([DISABLE_SHADOW]) 867 ], , ) 868 ;; 869 *) AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 870 check_for_libcrypt_later=1 871 ;; 872 esac 873 ;; 874*-*-sysv*) 875 ;; 876# SCO UNIX and OEM versions of SCO UNIX 877*-*-sco3.2v4*) 878 AC_MSG_ERROR("This Platform is no longer supported.") 879 ;; 880# SCO OpenServer 5.x 881*-*-sco3.2v5*) 882 if test -z "$GCC"; then 883 CFLAGS="$CFLAGS -belf" 884 fi 885 LIBS="$LIBS -lprot -lx -ltinfo -lm" 886 no_dev_ptmx=1 887 AC_DEFINE([USE_PIPES]) 888 AC_DEFINE([HAVE_SECUREWARE]) 889 AC_DEFINE([DISABLE_SHADOW]) 890 AC_DEFINE([DISABLE_FD_PASSING]) 891 AC_DEFINE([SETEUID_BREAKS_SETUID]) 892 AC_DEFINE([BROKEN_GETADDRINFO]) 893 AC_DEFINE([BROKEN_SETREUID]) 894 AC_DEFINE([BROKEN_SETREGID]) 895 AC_DEFINE([WITH_ABBREV_NO_TTY]) 896 AC_DEFINE([BROKEN_UPDWTMPX]) 897 AC_DEFINE([PASSWD_NEEDS_USERNAME]) 898 AC_CHECK_FUNCS([getluid setluid]) 899 MANTYPE=man 900 TEST_SHELL=ksh 901 SKIP_DISABLE_LASTLOG_DEFINE=yes 902 ;; 903*-*-unicosmk*) 904 AC_DEFINE([NO_SSH_LASTLOG], [1], 905 [Define if you don't want to use lastlog in session.c]) 906 AC_DEFINE([SETEUID_BREAKS_SETUID]) 907 AC_DEFINE([BROKEN_SETREUID]) 908 AC_DEFINE([BROKEN_SETREGID]) 909 AC_DEFINE([USE_PIPES]) 910 AC_DEFINE([DISABLE_FD_PASSING]) 911 LDFLAGS="$LDFLAGS" 912 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 913 MANTYPE=cat 914 ;; 915*-*-unicosmp*) 916 AC_DEFINE([SETEUID_BREAKS_SETUID]) 917 AC_DEFINE([BROKEN_SETREUID]) 918 AC_DEFINE([BROKEN_SETREGID]) 919 AC_DEFINE([WITH_ABBREV_NO_TTY]) 920 AC_DEFINE([USE_PIPES]) 921 AC_DEFINE([DISABLE_FD_PASSING]) 922 LDFLAGS="$LDFLAGS" 923 LIBS="$LIBS -lgen -lacid -ldb" 924 MANTYPE=cat 925 ;; 926*-*-unicos*) 927 AC_DEFINE([SETEUID_BREAKS_SETUID]) 928 AC_DEFINE([BROKEN_SETREUID]) 929 AC_DEFINE([BROKEN_SETREGID]) 930 AC_DEFINE([USE_PIPES]) 931 AC_DEFINE([DISABLE_FD_PASSING]) 932 AC_DEFINE([NO_SSH_LASTLOG]) 933 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 934 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 935 MANTYPE=cat 936 ;; 937*-dec-osf*) 938 AC_MSG_CHECKING([for Digital Unix SIA]) 939 no_osfsia="" 940 AC_ARG_WITH([osfsia], 941 [ --with-osfsia Enable Digital Unix SIA], 942 [ 943 if test "x$withval" = "xno" ; then 944 AC_MSG_RESULT([disabled]) 945 no_osfsia=1 946 fi 947 ], 948 ) 949 if test -z "$no_osfsia" ; then 950 if test -f /etc/sia/matrix.conf; then 951 AC_MSG_RESULT([yes]) 952 AC_DEFINE([HAVE_OSF_SIA], [1], 953 [Define if you have Digital Unix Security 954 Integration Architecture]) 955 AC_DEFINE([DISABLE_LOGIN], [1], 956 [Define if you don't want to use your 957 system's login() call]) 958 AC_DEFINE([DISABLE_FD_PASSING]) 959 LIBS="$LIBS -lsecurity -ldb -lm -laud" 960 SIA_MSG="yes" 961 else 962 AC_MSG_RESULT([no]) 963 AC_DEFINE([LOCKED_PASSWD_SUBSTR], ["Nologin"], 964 [String used in /etc/passwd to denote locked account]) 965 fi 966 fi 967 AC_DEFINE([BROKEN_GETADDRINFO]) 968 AC_DEFINE([SETEUID_BREAKS_SETUID]) 969 AC_DEFINE([BROKEN_SETREUID]) 970 AC_DEFINE([BROKEN_SETREGID]) 971 AC_DEFINE([BROKEN_READV_COMPARISON], [1], [Can't do comparisons on readv]) 972 ;; 973 974*-*-nto-qnx*) 975 AC_DEFINE([USE_PIPES]) 976 AC_DEFINE([NO_X11_UNIX_SOCKETS]) 977 AC_DEFINE([MISSING_NFDBITS], [1], [Define on *nto-qnx systems]) 978 AC_DEFINE([MISSING_HOWMANY], [1], [Define on *nto-qnx systems]) 979 AC_DEFINE([MISSING_FD_MASK], [1], [Define on *nto-qnx systems]) 980 AC_DEFINE([DISABLE_LASTLOG]) 981 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 982 AC_DEFINE([BROKEN_SHADOW_EXPIRE], [1], [QNX shadow support is broken]) 983 enable_etc_default_login=no # has incompatible /etc/default/login 984 case "$host" in 985 *-*-nto-qnx6*) 986 AC_DEFINE([DISABLE_FD_PASSING]) 987 ;; 988 esac 989 ;; 990 991*-*-ultrix*) 992 AC_DEFINE([BROKEN_GETGROUPS], [1], [getgroups(0,NULL) will return -1]) 993 AC_DEFINE([BROKEN_MMAP], [1], [Ultrix mmap can't map files]) 994 AC_DEFINE([NEED_SETPGRP]) 995 AC_DEFINE([HAVE_SYS_SYSLOG_H], [1], [Force use of sys/syslog.h on Ultrix]) 996 ;; 997 998*-*-lynxos) 999 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 1000 AC_DEFINE([MISSING_HOWMANY]) 1001 AC_DEFINE([BROKEN_SETVBUF], [1], [LynxOS has broken setvbuf() implementation]) 1002 ;; 1003esac 1004 1005AC_MSG_CHECKING([compiler and flags for sanity]) 1006AC_RUN_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], [[ exit(0); ]])], 1007 [ AC_MSG_RESULT([yes]) ], 1008 [ 1009 AC_MSG_RESULT([no]) 1010 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 1011 ], 1012 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 1013) 1014 1015dnl Checks for header files. 1016# Checks for libraries. 1017AC_CHECK_FUNC([yp_match], , [AC_CHECK_LIB([nsl], [yp_match])]) 1018AC_CHECK_FUNC([setsockopt], , [AC_CHECK_LIB([socket], [setsockopt])]) 1019 1020dnl IRIX and Solaris 2.5.1 have dirname() in libgen 1021AC_CHECK_FUNCS([dirname], [AC_CHECK_HEADERS([libgen.h])] , [ 1022 AC_CHECK_LIB([gen], [dirname], [ 1023 AC_CACHE_CHECK([for broken dirname], 1024 ac_cv_have_broken_dirname, [ 1025 save_LIBS="$LIBS" 1026 LIBS="$LIBS -lgen" 1027 AC_RUN_IFELSE( 1028 [AC_LANG_SOURCE([[ 1029#include <libgen.h> 1030#include <string.h> 1031 1032int main(int argc, char **argv) { 1033 char *s, buf[32]; 1034 1035 strncpy(buf,"/etc", 32); 1036 s = dirname(buf); 1037 if (!s || strncmp(s, "/", 32) != 0) { 1038 exit(1); 1039 } else { 1040 exit(0); 1041 } 1042} 1043 ]])], 1044 [ ac_cv_have_broken_dirname="no" ], 1045 [ ac_cv_have_broken_dirname="yes" ], 1046 [ ac_cv_have_broken_dirname="no" ], 1047 ) 1048 LIBS="$save_LIBS" 1049 ]) 1050 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 1051 LIBS="$LIBS -lgen" 1052 AC_DEFINE([HAVE_DIRNAME]) 1053 AC_CHECK_HEADERS([libgen.h]) 1054 fi 1055 ]) 1056]) 1057 1058AC_CHECK_FUNC([getspnam], , 1059 [AC_CHECK_LIB([gen], [getspnam], [LIBS="$LIBS -lgen"])]) 1060AC_SEARCH_LIBS([basename], [gen], [AC_DEFINE([HAVE_BASENAME], [1], 1061 [Define if you have the basename function.])]) 1062 1063dnl zlib is required 1064AC_ARG_WITH([zlib], 1065 [ --with-zlib=PATH Use zlib in PATH], 1066 [ if test "x$withval" = "xno" ; then 1067 AC_MSG_ERROR([*** zlib is required ***]) 1068 elif test "x$withval" != "xyes"; then 1069 if test -d "$withval/lib"; then 1070 if test -n "${need_dash_r}"; then 1071 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1072 else 1073 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1074 fi 1075 else 1076 if test -n "${need_dash_r}"; then 1077 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1078 else 1079 LDFLAGS="-L${withval} ${LDFLAGS}" 1080 fi 1081 fi 1082 if test -d "$withval/include"; then 1083 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1084 else 1085 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1086 fi 1087 fi ] 1088) 1089 1090AC_CHECK_HEADER([zlib.h], ,[AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])]) 1091AC_CHECK_LIB([z], [deflate], , 1092 [ 1093 saved_CPPFLAGS="$CPPFLAGS" 1094 saved_LDFLAGS="$LDFLAGS" 1095 save_LIBS="$LIBS" 1096 dnl Check default zlib install dir 1097 if test -n "${need_dash_r}"; then 1098 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 1099 else 1100 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 1101 fi 1102 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 1103 LIBS="$LIBS -lz" 1104 AC_TRY_LINK_FUNC([deflate], [AC_DEFINE([HAVE_LIBZ])], 1105 [ 1106 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 1107 ] 1108 ) 1109 ] 1110) 1111 1112AC_ARG_WITH([zlib-version-check], 1113 [ --without-zlib-version-check Disable zlib version check], 1114 [ if test "x$withval" = "xno" ; then 1115 zlib_check_nonfatal=1 1116 fi 1117 ] 1118) 1119 1120AC_MSG_CHECKING([for possibly buggy zlib]) 1121AC_RUN_IFELSE([AC_LANG_PROGRAM([[ 1122#include <stdio.h> 1123#include <zlib.h> 1124 ]], 1125 [[ 1126 int a=0, b=0, c=0, d=0, n, v; 1127 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 1128 if (n != 3 && n != 4) 1129 exit(1); 1130 v = a*1000000 + b*10000 + c*100 + d; 1131 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 1132 1133 /* 1.1.4 is OK */ 1134 if (a == 1 && b == 1 && c >= 4) 1135 exit(0); 1136 1137 /* 1.2.3 and up are OK */ 1138 if (v >= 1020300) 1139 exit(0); 1140 1141 exit(2); 1142 ]])], 1143 AC_MSG_RESULT([no]), 1144 [ AC_MSG_RESULT([yes]) 1145 if test -z "$zlib_check_nonfatal" ; then 1146 AC_MSG_ERROR([*** zlib too old - check config.log *** 1147Your reported zlib version has known security problems. It's possible your 1148vendor has fixed these problems without changing the version number. If you 1149are sure this is the case, you can disable the check by running 1150"./configure --without-zlib-version-check". 1151If you are in doubt, upgrade zlib to version 1.2.3 or greater. 1152See http://www.gzip.org/zlib/ for details.]) 1153 else 1154 AC_MSG_WARN([zlib version may have security problems]) 1155 fi 1156 ], 1157 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 1158) 1159 1160dnl UnixWare 2.x 1161AC_CHECK_FUNC([strcasecmp], 1162 [], [ AC_CHECK_LIB([resolv], [strcasecmp], [LIBS="$LIBS -lresolv"]) ] 1163) 1164AC_CHECK_FUNCS([utimes], 1165 [], [ AC_CHECK_LIB([c89], [utimes], [AC_DEFINE([HAVE_UTIMES]) 1166 LIBS="$LIBS -lc89"]) ] 1167) 1168 1169dnl Checks for libutil functions 1170AC_CHECK_HEADERS([bsd/libutil.h libutil.h]) 1171AC_SEARCH_LIBS([fmt_scaled], [util bsd]) 1172AC_SEARCH_LIBS([login], [util bsd]) 1173AC_SEARCH_LIBS([logout], [util bsd]) 1174AC_SEARCH_LIBS([logwtmp], [util bsd]) 1175AC_SEARCH_LIBS([openpty], [util bsd]) 1176AC_SEARCH_LIBS([updwtmp], [util bsd]) 1177AC_CHECK_FUNCS([fmt_scaled login logout openpty updwtmp logwtmp]) 1178 1179AC_FUNC_STRFTIME 1180 1181# Check for ALTDIRFUNC glob() extension 1182AC_MSG_CHECKING([for GLOB_ALTDIRFUNC support]) 1183AC_EGREP_CPP([FOUNDIT], 1184 [ 1185 #include <glob.h> 1186 #ifdef GLOB_ALTDIRFUNC 1187 FOUNDIT 1188 #endif 1189 ], 1190 [ 1191 AC_DEFINE([GLOB_HAS_ALTDIRFUNC], [1], 1192 [Define if your system glob() function has 1193 the GLOB_ALTDIRFUNC extension]) 1194 AC_MSG_RESULT([yes]) 1195 ], 1196 [ 1197 AC_MSG_RESULT([no]) 1198 ] 1199) 1200 1201# Check for g.gl_matchc glob() extension 1202AC_MSG_CHECKING([for gl_matchc field in glob_t]) 1203AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <glob.h> ]], 1204 [[ glob_t g; g.gl_matchc = 1; ]])], 1205 [ 1206 AC_DEFINE([GLOB_HAS_GL_MATCHC], [1], 1207 [Define if your system glob() function has 1208 gl_matchc options in glob_t]) 1209 AC_MSG_RESULT([yes]) 1210 ], [ 1211 AC_MSG_RESULT([no]) 1212]) 1213 1214# Check for g.gl_statv glob() extension 1215AC_MSG_CHECKING([for gl_statv and GLOB_KEEPSTAT extensions for glob]) 1216AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <glob.h> ]], [[ 1217#ifndef GLOB_KEEPSTAT 1218#error "glob does not support GLOB_KEEPSTAT extension" 1219#endif 1220glob_t g; 1221g.gl_statv = NULL; 1222]])], 1223 [ 1224 AC_DEFINE([GLOB_HAS_GL_STATV], [1], 1225 [Define if your system glob() function has 1226 gl_statv options in glob_t]) 1227 AC_MSG_RESULT([yes]) 1228 ], [ 1229 AC_MSG_RESULT([no]) 1230 1231]) 1232 1233AC_CHECK_DECLS([GLOB_NOMATCH], , , [#include <glob.h>]) 1234 1235AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1236AC_RUN_IFELSE( 1237 [AC_LANG_PROGRAM([[ 1238#include <sys/types.h> 1239#include <dirent.h>]], 1240 [[ 1241 struct dirent d; 1242 exit(sizeof(d.d_name)<=sizeof(char)); 1243 ]])], 1244 [AC_MSG_RESULT([yes])], 1245 [ 1246 AC_MSG_RESULT([no]) 1247 AC_DEFINE([BROKEN_ONE_BYTE_DIRENT_D_NAME], [1], 1248 [Define if your struct dirent expects you to 1249 allocate extra space for d_name]) 1250 ], 1251 [ 1252 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1253 AC_DEFINE([BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1254 ] 1255) 1256 1257AC_MSG_CHECKING([for /proc/pid/fd directory]) 1258if test -d "/proc/$$/fd" ; then 1259 AC_DEFINE([HAVE_PROC_PID], [1], [Define if you have /proc/$pid/fd]) 1260 AC_MSG_RESULT([yes]) 1261else 1262 AC_MSG_RESULT([no]) 1263fi 1264 1265# Check whether user wants S/Key support 1266SKEY_MSG="no" 1267AC_ARG_WITH([skey], 1268 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1269 [ 1270 if test "x$withval" != "xno" ; then 1271 1272 if test "x$withval" != "xyes" ; then 1273 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1274 LDFLAGS="$LDFLAGS -L${withval}/lib" 1275 fi 1276 1277 AC_DEFINE([SKEY], [1], [Define if you want S/Key support]) 1278 LIBS="-lskey $LIBS" 1279 SKEY_MSG="yes" 1280 1281 AC_MSG_CHECKING([for s/key support]) 1282 AC_LINK_IFELSE( 1283 [AC_LANG_PROGRAM([[ 1284#include <stdio.h> 1285#include <skey.h> 1286 ]], [[ 1287 char *ff = skey_keyinfo(""); ff=""; 1288 exit(0); 1289 ]])], 1290 [AC_MSG_RESULT([yes])], 1291 [ 1292 AC_MSG_RESULT([no]) 1293 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1294 ]) 1295 AC_MSG_CHECKING([if skeychallenge takes 4 arguments]) 1296 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1297#include <stdio.h> 1298#include <skey.h> 1299 ]], [[ 1300 (void)skeychallenge(NULL,"name","",0); 1301 ]])], 1302 [ 1303 AC_MSG_RESULT([yes]) 1304 AC_DEFINE([SKEYCHALLENGE_4ARG], [1], 1305 [Define if your skeychallenge() 1306 function takes 4 arguments (NetBSD)])], 1307 [ 1308 AC_MSG_RESULT([no]) 1309 ]) 1310 fi 1311 ] 1312) 1313 1314# Check whether user wants TCP wrappers support 1315TCPW_MSG="no" 1316AC_ARG_WITH([tcp-wrappers], 1317 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1318 [ 1319 if test "x$withval" != "xno" ; then 1320 saved_LIBS="$LIBS" 1321 saved_LDFLAGS="$LDFLAGS" 1322 saved_CPPFLAGS="$CPPFLAGS" 1323 if test -n "${withval}" && \ 1324 test "x${withval}" != "xyes"; then 1325 if test -d "${withval}/lib"; then 1326 if test -n "${need_dash_r}"; then 1327 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1328 else 1329 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1330 fi 1331 else 1332 if test -n "${need_dash_r}"; then 1333 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1334 else 1335 LDFLAGS="-L${withval} ${LDFLAGS}" 1336 fi 1337 fi 1338 if test -d "${withval}/include"; then 1339 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1340 else 1341 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1342 fi 1343 fi 1344 LIBS="-lwrap $LIBS" 1345 AC_MSG_CHECKING([for libwrap]) 1346 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 1347#include <sys/types.h> 1348#include <sys/socket.h> 1349#include <netinet/in.h> 1350#include <tcpd.h> 1351int deny_severity = 0, allow_severity = 0; 1352 ]], [[ 1353 hosts_access(0); 1354 ]])], [ 1355 AC_MSG_RESULT([yes]) 1356 AC_DEFINE([LIBWRAP], [1], 1357 [Define if you want 1358 TCP Wrappers support]) 1359 SSHDLIBS="$SSHDLIBS -lwrap" 1360 TCPW_MSG="yes" 1361 ], [ 1362 AC_MSG_ERROR([*** libwrap missing]) 1363 1364 ]) 1365 LIBS="$saved_LIBS" 1366 fi 1367 ] 1368) 1369 1370# Check whether user wants to use ldns 1371LDNS_MSG="no" 1372AC_ARG_WITH(ldns, 1373 [ --with-ldns[[=PATH]] Use ldns for DNSSEC support (optionally in PATH)], 1374 [ 1375 if test "x$withval" != "xno" ; then 1376 1377 if test "x$withval" != "xyes" ; then 1378 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1379 LDFLAGS="$LDFLAGS -L${withval}/lib" 1380 fi 1381 1382 AC_DEFINE(HAVE_LDNS, 1, [Define if you want ldns support]) 1383 LIBS="-lldns $LIBS" 1384 LDNS_MSG="yes" 1385 1386 AC_MSG_CHECKING([for ldns support]) 1387 AC_LINK_IFELSE( 1388 [AC_LANG_SOURCE([[ 1389#include <stdio.h> 1390#include <stdlib.h> 1391#include <stdint.h> 1392#include <ldns/ldns.h> 1393int main() { ldns_status status = ldns_verify_trusted(NULL, NULL, NULL, NULL); status=LDNS_STATUS_OK; exit(0); } 1394 ]]) 1395 ], 1396 [AC_MSG_RESULT(yes)], 1397 [ 1398 AC_MSG_RESULT(no) 1399 AC_MSG_ERROR([** Incomplete or missing ldns libraries.]) 1400 ]) 1401 fi 1402 ] 1403) 1404 1405# Check whether user wants libedit support 1406LIBEDIT_MSG="no" 1407AC_ARG_WITH([libedit], 1408 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1409 [ if test "x$withval" != "xno" ; then 1410 if test "x$withval" = "xyes" ; then 1411 AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) 1412 if test "x$PKGCONFIG" != "xno"; then 1413 AC_MSG_CHECKING([if $PKGCONFIG knows about libedit]) 1414 if "$PKGCONFIG" libedit; then 1415 AC_MSG_RESULT([yes]) 1416 use_pkgconfig_for_libedit=yes 1417 else 1418 AC_MSG_RESULT([no]) 1419 fi 1420 fi 1421 else 1422 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1423 if test -n "${need_dash_r}"; then 1424 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1425 else 1426 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1427 fi 1428 fi 1429 if test "x$use_pkgconfig_for_libedit" = "xyes"; then 1430 LIBEDIT=`$PKGCONFIG --libs-only-l libedit` 1431 CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`" 1432 else 1433 LIBEDIT="-ledit -lcurses" 1434 fi 1435 OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'` 1436 AC_CHECK_LIB([edit], [el_init], 1437 [ AC_DEFINE([USE_LIBEDIT], [1], [Use libedit for sftp]) 1438 LIBEDIT_MSG="yes" 1439 AC_SUBST([LIBEDIT]) 1440 ], 1441 [ AC_MSG_ERROR([libedit not found]) ], 1442 [ $OTHERLIBS ] 1443 ) 1444 AC_MSG_CHECKING([if libedit version is compatible]) 1445 AC_COMPILE_IFELSE( 1446 [AC_LANG_PROGRAM([[ #include <histedit.h> ]], 1447 [[ 1448 int i = H_SETSIZE; 1449 el_init("", NULL, NULL, NULL); 1450 exit(0); 1451 ]])], 1452 [ AC_MSG_RESULT([yes]) ], 1453 [ AC_MSG_RESULT([no]) 1454 AC_MSG_ERROR([libedit version is not compatible]) ] 1455 ) 1456 fi ] 1457) 1458 1459AUDIT_MODULE=none 1460AC_ARG_WITH([audit], 1461 [ --with-audit=module Enable audit support (modules=debug,bsm,linux)], 1462 [ 1463 AC_MSG_CHECKING([for supported audit module]) 1464 case "$withval" in 1465 bsm) 1466 AC_MSG_RESULT([bsm]) 1467 AUDIT_MODULE=bsm 1468 dnl Checks for headers, libs and functions 1469 AC_CHECK_HEADERS([bsm/audit.h], [], 1470 [AC_MSG_ERROR([BSM enabled and bsm/audit.h not found])], 1471 [ 1472#ifdef HAVE_TIME_H 1473# include <time.h> 1474#endif 1475 ] 1476) 1477 AC_CHECK_LIB([bsm], [getaudit], [], 1478 [AC_MSG_ERROR([BSM enabled and required library not found])]) 1479 AC_CHECK_FUNCS([getaudit], [], 1480 [AC_MSG_ERROR([BSM enabled and required function not found])]) 1481 # These are optional 1482 AC_CHECK_FUNCS([getaudit_addr aug_get_machine]) 1483 AC_DEFINE([USE_BSM_AUDIT], [1], [Use BSM audit module]) 1484 if test "$sol2ver" -eq 11; then 1485 SSHDLIBS="$SSHDLIBS -lscf" 1486 AC_DEFINE([BROKEN_BSM_API], [1], 1487 [The system has incomplete BSM API]) 1488 fi 1489 ;; 1490 linux) 1491 AC_MSG_RESULT([linux]) 1492 AUDIT_MODULE=linux 1493 dnl Checks for headers, libs and functions 1494 AC_CHECK_HEADERS([libaudit.h]) 1495 SSHDLIBS="$SSHDLIBS -laudit" 1496 AC_DEFINE([USE_LINUX_AUDIT], [1], [Use Linux audit module]) 1497 ;; 1498 debug) 1499 AUDIT_MODULE=debug 1500 AC_MSG_RESULT([debug]) 1501 AC_DEFINE([SSH_AUDIT_EVENTS], [1], [Use audit debugging module]) 1502 ;; 1503 no) 1504 AC_MSG_RESULT([no]) 1505 ;; 1506 *) 1507 AC_MSG_ERROR([Unknown audit module $withval]) 1508 ;; 1509 esac ] 1510) 1511 1512dnl Checks for library functions. Please keep in alphabetical order 1513AC_CHECK_FUNCS([ \ 1514 arc4random \ 1515 arc4random_buf \ 1516 arc4random_uniform \ 1517 asprintf \ 1518 b64_ntop \ 1519 __b64_ntop \ 1520 b64_pton \ 1521 __b64_pton \ 1522 bcopy \ 1523 bindresvport_sa \ 1524 clock \ 1525 closefrom \ 1526 dirfd \ 1527 fchmod \ 1528 fchown \ 1529 freeaddrinfo \ 1530 fstatvfs \ 1531 futimes \ 1532 getaddrinfo \ 1533 getcwd \ 1534 getgrouplist \ 1535 getnameinfo \ 1536 getopt \ 1537 getpeereid \ 1538 getpeerucred \ 1539 getpgid \ 1540 getpgrp \ 1541 _getpty \ 1542 getrlimit \ 1543 getttyent \ 1544 glob \ 1545 group_from_gid \ 1546 inet_aton \ 1547 inet_ntoa \ 1548 inet_ntop \ 1549 innetgr \ 1550 login_getcapbool \ 1551 md5_crypt \ 1552 memmove \ 1553 mkdtemp \ 1554 mmap \ 1555 ngetaddrinfo \ 1556 nsleep \ 1557 ogetaddrinfo \ 1558 openlog_r \ 1559 poll \ 1560 prctl \ 1561 pstat \ 1562 readpassphrase \ 1563 realpath \ 1564 recvmsg \ 1565 rresvport_af \ 1566 sendmsg \ 1567 setdtablesize \ 1568 setegid \ 1569 setenv \ 1570 seteuid \ 1571 setgroupent \ 1572 setgroups \ 1573 setlinebuf \ 1574 setlogin \ 1575 setpassent\ 1576 setpcred \ 1577 setproctitle \ 1578 setregid \ 1579 setreuid \ 1580 setrlimit \ 1581 setsid \ 1582 setvbuf \ 1583 sigaction \ 1584 sigvec \ 1585 snprintf \ 1586 socketpair \ 1587 statfs \ 1588 statvfs \ 1589 strdup \ 1590 strerror \ 1591 strlcat \ 1592 strlcpy \ 1593 strmode \ 1594 strnlen \ 1595 strnvis \ 1596 strptime \ 1597 strtonum \ 1598 strtoll \ 1599 strtoul \ 1600 strtoull \ 1601 swap32 \ 1602 sysconf \ 1603 tcgetpgrp \ 1604 timingsafe_bcmp \ 1605 truncate \ 1606 unsetenv \ 1607 updwtmpx \ 1608 user_from_uid \ 1609 usleep \ 1610 vasprintf \ 1611 vhangup \ 1612 vsnprintf \ 1613 waitpid \ 1614]) 1615 1616AC_LINK_IFELSE( 1617 [AC_LANG_PROGRAM( 1618 [[ #include <ctype.h> ]], 1619 [[ return (isblank('a')); ]])], 1620 [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) 1621]) 1622 1623# PKCS#11 support requires dlopen() and co 1624AC_SEARCH_LIBS([dlopen], [dl], 1625 [AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])] 1626) 1627 1628# IRIX has a const char return value for gai_strerror() 1629AC_CHECK_FUNCS([gai_strerror], [ 1630 AC_DEFINE([HAVE_GAI_STRERROR]) 1631 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1632#include <sys/types.h> 1633#include <sys/socket.h> 1634#include <netdb.h> 1635 1636const char *gai_strerror(int); 1637 ]], [[ 1638 char *str; 1639 str = gai_strerror(0); 1640 ]])], [ 1641 AC_DEFINE([HAVE_CONST_GAI_STRERROR_PROTO], [1], 1642 [Define if gai_strerror() returns const char *])], [])]) 1643 1644AC_SEARCH_LIBS([nanosleep], [rt posix4], [AC_DEFINE([HAVE_NANOSLEEP], [1], 1645 [Some systems put nanosleep outside of libc])]) 1646 1647dnl Make sure prototypes are defined for these before using them. 1648AC_CHECK_DECL([getrusage], [AC_CHECK_FUNCS([getrusage])]) 1649AC_CHECK_DECL([strsep], 1650 [AC_CHECK_FUNCS([strsep])], 1651 [], 1652 [ 1653#ifdef HAVE_STRING_H 1654# include <string.h> 1655#endif 1656 ]) 1657 1658dnl tcsendbreak might be a macro 1659AC_CHECK_DECL([tcsendbreak], 1660 [AC_DEFINE([HAVE_TCSENDBREAK])], 1661 [AC_CHECK_FUNCS([tcsendbreak])], 1662 [#include <termios.h>] 1663) 1664 1665AC_CHECK_DECLS([h_errno], , ,[#include <netdb.h>]) 1666 1667AC_CHECK_DECLS([SHUT_RD], , , 1668 [ 1669#include <sys/types.h> 1670#include <sys/socket.h> 1671 ]) 1672 1673AC_CHECK_DECLS([O_NONBLOCK], , , 1674 [ 1675#include <sys/types.h> 1676#ifdef HAVE_SYS_STAT_H 1677# include <sys/stat.h> 1678#endif 1679#ifdef HAVE_FCNTL_H 1680# include <fcntl.h> 1681#endif 1682 ]) 1683 1684AC_CHECK_DECLS([writev], , , [ 1685#include <sys/types.h> 1686#include <sys/uio.h> 1687#include <unistd.h> 1688 ]) 1689 1690AC_CHECK_DECLS([MAXSYMLINKS], , , [ 1691#include <sys/param.h> 1692 ]) 1693 1694AC_CHECK_DECLS([offsetof], , , [ 1695#include <stddef.h> 1696 ]) 1697 1698AC_CHECK_FUNCS([setresuid], [ 1699 dnl Some platorms have setresuid that isn't implemented, test for this 1700 AC_MSG_CHECKING([if setresuid seems to work]) 1701 AC_RUN_IFELSE( 1702 [AC_LANG_PROGRAM([[ 1703#include <stdlib.h> 1704#include <errno.h> 1705 ]], [[ 1706 errno=0; 1707 setresuid(0,0,0); 1708 if (errno==ENOSYS) 1709 exit(1); 1710 else 1711 exit(0); 1712 ]])], 1713 [AC_MSG_RESULT([yes])], 1714 [AC_DEFINE([BROKEN_SETRESUID], [1], 1715 [Define if your setresuid() is broken]) 1716 AC_MSG_RESULT([not implemented])], 1717 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1718 ) 1719]) 1720 1721AC_CHECK_FUNCS([setresgid], [ 1722 dnl Some platorms have setresgid that isn't implemented, test for this 1723 AC_MSG_CHECKING([if setresgid seems to work]) 1724 AC_RUN_IFELSE( 1725 [AC_LANG_PROGRAM([[ 1726#include <stdlib.h> 1727#include <errno.h> 1728 ]], [[ 1729 errno=0; 1730 setresgid(0,0,0); 1731 if (errno==ENOSYS) 1732 exit(1); 1733 else 1734 exit(0); 1735 ]])], 1736 [AC_MSG_RESULT([yes])], 1737 [AC_DEFINE([BROKEN_SETRESGID], [1], 1738 [Define if your setresgid() is broken]) 1739 AC_MSG_RESULT([not implemented])], 1740 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1741 ) 1742]) 1743 1744dnl Checks for time functions 1745AC_CHECK_FUNCS([gettimeofday time]) 1746dnl Checks for utmp functions 1747AC_CHECK_FUNCS([endutent getutent getutid getutline pututline setutent]) 1748AC_CHECK_FUNCS([utmpname]) 1749dnl Checks for utmpx functions 1750AC_CHECK_FUNCS([endutxent getutxent getutxid getutxline getutxuser pututxline]) 1751AC_CHECK_FUNCS([setutxdb setutxent utmpxname]) 1752dnl Checks for lastlog functions 1753AC_CHECK_FUNCS([getlastlogxbyname]) 1754 1755AC_CHECK_FUNC([daemon], 1756 [AC_DEFINE([HAVE_DAEMON], [1], [Define if your libraries define daemon()])], 1757 [AC_CHECK_LIB([bsd], [daemon], 1758 [LIBS="$LIBS -lbsd"; AC_DEFINE([HAVE_DAEMON])])] 1759) 1760 1761AC_CHECK_FUNC([getpagesize], 1762 [AC_DEFINE([HAVE_GETPAGESIZE], [1], 1763 [Define if your libraries define getpagesize()])], 1764 [AC_CHECK_LIB([ucb], [getpagesize], 1765 [LIBS="$LIBS -lucb"; AC_DEFINE([HAVE_GETPAGESIZE])])] 1766) 1767 1768# Check for broken snprintf 1769if test "x$ac_cv_func_snprintf" = "xyes" ; then 1770 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1771 AC_RUN_IFELSE( 1772 [AC_LANG_PROGRAM([[ #include <stdio.h> ]], 1773 [[ 1774 char b[5]; 1775 snprintf(b,5,"123456789"); 1776 exit(b[4]!='\0'); 1777 ]])], 1778 [AC_MSG_RESULT([yes])], 1779 [ 1780 AC_MSG_RESULT([no]) 1781 AC_DEFINE([BROKEN_SNPRINTF], [1], 1782 [Define if your snprintf is busted]) 1783 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1784 ], 1785 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1786 ) 1787fi 1788 1789# If we don't have a working asprintf, then we strongly depend on vsnprintf 1790# returning the right thing on overflow: the number of characters it tried to 1791# create (as per SUSv3) 1792if test "x$ac_cv_func_asprintf" != "xyes" && \ 1793 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1794 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1795 AC_RUN_IFELSE( 1796 [AC_LANG_PROGRAM([[ 1797#include <sys/types.h> 1798#include <stdio.h> 1799#include <stdarg.h> 1800 1801int x_snprintf(char *str,size_t count,const char *fmt,...) 1802{ 1803 size_t ret; va_list ap; 1804 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1805 return ret; 1806} 1807 ]], [[ 1808 char x[1]; 1809 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1810 ]])], 1811 [AC_MSG_RESULT([yes])], 1812 [ 1813 AC_MSG_RESULT([no]) 1814 AC_DEFINE([BROKEN_SNPRINTF], [1], 1815 [Define if your snprintf is busted]) 1816 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1817 ], 1818 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1819 ) 1820fi 1821 1822# On systems where [v]snprintf is broken, but is declared in stdio, 1823# check that the fmt argument is const char * or just char *. 1824# This is only useful for when BROKEN_SNPRINTF 1825AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1826AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1827#include <stdio.h> 1828int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1829 ]], [[ 1830 snprintf(0, 0, 0); 1831 ]])], 1832 [AC_MSG_RESULT([yes]) 1833 AC_DEFINE([SNPRINTF_CONST], [const], 1834 [Define as const if snprintf() can declare const char *fmt])], 1835 [AC_MSG_RESULT([no]) 1836 AC_DEFINE([SNPRINTF_CONST], [/* not const */])]) 1837 1838# Check for missing getpeereid (or equiv) support 1839NO_PEERCHECK="" 1840if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then 1841 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1842 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1843#include <sys/types.h> 1844#include <sys/socket.h>]], [[int i = SO_PEERCRED;]])], 1845 [ AC_MSG_RESULT([yes]) 1846 AC_DEFINE([HAVE_SO_PEERCRED], [1], [Have PEERCRED socket option]) 1847 ], [AC_MSG_RESULT([no]) 1848 NO_PEERCHECK=1 1849 ]) 1850fi 1851 1852dnl see whether mkstemp() requires XXXXXX 1853if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1854AC_MSG_CHECKING([for (overly) strict mkstemp]) 1855AC_RUN_IFELSE( 1856 [AC_LANG_PROGRAM([[ 1857#include <stdlib.h> 1858 ]], [[ 1859 char template[]="conftest.mkstemp-test"; 1860 if (mkstemp(template) == -1) 1861 exit(1); 1862 unlink(template); 1863 exit(0); 1864 ]])], 1865 [ 1866 AC_MSG_RESULT([no]) 1867 ], 1868 [ 1869 AC_MSG_RESULT([yes]) 1870 AC_DEFINE([HAVE_STRICT_MKSTEMP], [1], [Silly mkstemp()]) 1871 ], 1872 [ 1873 AC_MSG_RESULT([yes]) 1874 AC_DEFINE([HAVE_STRICT_MKSTEMP]) 1875 ] 1876) 1877fi 1878 1879dnl make sure that openpty does not reacquire controlling terminal 1880if test ! -z "$check_for_openpty_ctty_bug"; then 1881 AC_MSG_CHECKING([if openpty correctly handles controlling tty]) 1882 AC_RUN_IFELSE( 1883 [AC_LANG_PROGRAM([[ 1884#include <stdio.h> 1885#include <sys/fcntl.h> 1886#include <sys/types.h> 1887#include <sys/wait.h> 1888 ]], [[ 1889 pid_t pid; 1890 int fd, ptyfd, ttyfd, status; 1891 1892 pid = fork(); 1893 if (pid < 0) { /* failed */ 1894 exit(1); 1895 } else if (pid > 0) { /* parent */ 1896 waitpid(pid, &status, 0); 1897 if (WIFEXITED(status)) 1898 exit(WEXITSTATUS(status)); 1899 else 1900 exit(2); 1901 } else { /* child */ 1902 close(0); close(1); close(2); 1903 setsid(); 1904 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1905 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1906 if (fd >= 0) 1907 exit(3); /* Acquired ctty: broken */ 1908 else 1909 exit(0); /* Did not acquire ctty: OK */ 1910 } 1911 ]])], 1912 [ 1913 AC_MSG_RESULT([yes]) 1914 ], 1915 [ 1916 AC_MSG_RESULT([no]) 1917 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 1918 ], 1919 [ 1920 AC_MSG_RESULT([cross-compiling, assuming yes]) 1921 ] 1922 ) 1923fi 1924 1925if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1926 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1927 AC_MSG_CHECKING([if getaddrinfo seems to work]) 1928 AC_RUN_IFELSE( 1929 [AC_LANG_PROGRAM([[ 1930#include <stdio.h> 1931#include <sys/socket.h> 1932#include <netdb.h> 1933#include <errno.h> 1934#include <netinet/in.h> 1935 1936#define TEST_PORT "2222" 1937 ]], [[ 1938 int err, sock; 1939 struct addrinfo *gai_ai, *ai, hints; 1940 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1941 1942 memset(&hints, 0, sizeof(hints)); 1943 hints.ai_family = PF_UNSPEC; 1944 hints.ai_socktype = SOCK_STREAM; 1945 hints.ai_flags = AI_PASSIVE; 1946 1947 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1948 if (err != 0) { 1949 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1950 exit(1); 1951 } 1952 1953 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1954 if (ai->ai_family != AF_INET6) 1955 continue; 1956 1957 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1958 sizeof(ntop), strport, sizeof(strport), 1959 NI_NUMERICHOST|NI_NUMERICSERV); 1960 1961 if (err != 0) { 1962 if (err == EAI_SYSTEM) 1963 perror("getnameinfo EAI_SYSTEM"); 1964 else 1965 fprintf(stderr, "getnameinfo failed: %s\n", 1966 gai_strerror(err)); 1967 exit(2); 1968 } 1969 1970 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1971 if (sock < 0) 1972 perror("socket"); 1973 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1974 if (errno == EBADF) 1975 exit(3); 1976 } 1977 } 1978 exit(0); 1979 ]])], 1980 [ 1981 AC_MSG_RESULT([yes]) 1982 ], 1983 [ 1984 AC_MSG_RESULT([no]) 1985 AC_DEFINE([BROKEN_GETADDRINFO]) 1986 ], 1987 [ 1988 AC_MSG_RESULT([cross-compiling, assuming yes]) 1989 ] 1990 ) 1991fi 1992 1993if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1994 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1995 AC_MSG_CHECKING([if getaddrinfo seems to work]) 1996 AC_RUN_IFELSE( 1997 [AC_LANG_PROGRAM([[ 1998#include <stdio.h> 1999#include <sys/socket.h> 2000#include <netdb.h> 2001#include <errno.h> 2002#include <netinet/in.h> 2003 2004#define TEST_PORT "2222" 2005 ]], [[ 2006 int err, sock; 2007 struct addrinfo *gai_ai, *ai, hints; 2008 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 2009 2010 memset(&hints, 0, sizeof(hints)); 2011 hints.ai_family = PF_UNSPEC; 2012 hints.ai_socktype = SOCK_STREAM; 2013 hints.ai_flags = AI_PASSIVE; 2014 2015 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 2016 if (err != 0) { 2017 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 2018 exit(1); 2019 } 2020 2021 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 2022 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 2023 continue; 2024 2025 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 2026 sizeof(ntop), strport, sizeof(strport), 2027 NI_NUMERICHOST|NI_NUMERICSERV); 2028 2029 if (ai->ai_family == AF_INET && err != 0) { 2030 perror("getnameinfo"); 2031 exit(2); 2032 } 2033 } 2034 exit(0); 2035 ]])], 2036 [ 2037 AC_MSG_RESULT([yes]) 2038 AC_DEFINE([AIX_GETNAMEINFO_HACK], [1], 2039 [Define if you have a getaddrinfo that fails 2040 for the all-zeros IPv6 address]) 2041 ], 2042 [ 2043 AC_MSG_RESULT([no]) 2044 AC_DEFINE([BROKEN_GETADDRINFO]) 2045 ], 2046 [ 2047 AC_MSG_RESULT([cross-compiling, assuming no]) 2048 ] 2049 ) 2050fi 2051 2052if test "x$check_for_conflicting_getspnam" = "x1"; then 2053 AC_MSG_CHECKING([for conflicting getspnam in shadow.h]) 2054 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <shadow.h> ]], 2055 [[ exit(0); ]])], 2056 [ 2057 AC_MSG_RESULT([no]) 2058 ], 2059 [ 2060 AC_MSG_RESULT([yes]) 2061 AC_DEFINE([GETSPNAM_CONFLICTING_DEFS], [1], 2062 [Conflicting defs for getspnam]) 2063 ] 2064 ) 2065fi 2066 2067AC_FUNC_GETPGRP 2068 2069# Search for OpenSSL 2070saved_CPPFLAGS="$CPPFLAGS" 2071saved_LDFLAGS="$LDFLAGS" 2072AC_ARG_WITH([ssl-dir], 2073 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 2074 [ 2075 if test "x$withval" != "xno" ; then 2076 case "$withval" in 2077 # Relative paths 2078 ./*|../*) withval="`pwd`/$withval" 2079 esac 2080 if test -d "$withval/lib"; then 2081 if test -n "${need_dash_r}"; then 2082 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 2083 else 2084 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 2085 fi 2086 elif test -d "$withval/lib64"; then 2087 if test -n "${need_dash_r}"; then 2088 LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}" 2089 else 2090 LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" 2091 fi 2092 else 2093 if test -n "${need_dash_r}"; then 2094 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 2095 else 2096 LDFLAGS="-L${withval} ${LDFLAGS}" 2097 fi 2098 fi 2099 if test -d "$withval/include"; then 2100 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 2101 else 2102 CPPFLAGS="-I${withval} ${CPPFLAGS}" 2103 fi 2104 fi 2105 ] 2106) 2107LIBS="-lcrypto $LIBS" 2108AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL], [1], 2109 [Define if your ssl headers are included 2110 with #include <openssl/header.h>])], 2111 [ 2112 dnl Check default openssl install dir 2113 if test -n "${need_dash_r}"; then 2114 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 2115 else 2116 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 2117 fi 2118 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 2119 AC_CHECK_HEADER([openssl/opensslv.h], , 2120 [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])]) 2121 AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL])], 2122 [ 2123 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 2124 ] 2125 ) 2126 ] 2127) 2128 2129# Determine OpenSSL header version 2130AC_MSG_CHECKING([OpenSSL header version]) 2131AC_RUN_IFELSE( 2132 [AC_LANG_PROGRAM([[ 2133#include <stdio.h> 2134#include <string.h> 2135#include <openssl/opensslv.h> 2136#define DATA "conftest.sslincver" 2137 ]], [[ 2138 FILE *fd; 2139 int rc; 2140 2141 fd = fopen(DATA,"w"); 2142 if(fd == NULL) 2143 exit(1); 2144 2145 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 2146 exit(1); 2147 2148 exit(0); 2149 ]])], 2150 [ 2151 ssl_header_ver=`cat conftest.sslincver` 2152 AC_MSG_RESULT([$ssl_header_ver]) 2153 ], 2154 [ 2155 AC_MSG_RESULT([not found]) 2156 AC_MSG_ERROR([OpenSSL version header not found.]) 2157 ], 2158 [ 2159 AC_MSG_WARN([cross compiling: not checking]) 2160 ] 2161) 2162 2163# Determine OpenSSL library version 2164AC_MSG_CHECKING([OpenSSL library version]) 2165AC_RUN_IFELSE( 2166 [AC_LANG_PROGRAM([[ 2167#include <stdio.h> 2168#include <string.h> 2169#include <openssl/opensslv.h> 2170#include <openssl/crypto.h> 2171#define DATA "conftest.ssllibver" 2172 ]], [[ 2173 FILE *fd; 2174 int rc; 2175 2176 fd = fopen(DATA,"w"); 2177 if(fd == NULL) 2178 exit(1); 2179 2180 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 2181 exit(1); 2182 2183 exit(0); 2184 ]])], 2185 [ 2186 ssl_library_ver=`cat conftest.ssllibver` 2187 AC_MSG_RESULT([$ssl_library_ver]) 2188 ], 2189 [ 2190 AC_MSG_RESULT([not found]) 2191 AC_MSG_ERROR([OpenSSL library not found.]) 2192 ], 2193 [ 2194 AC_MSG_WARN([cross compiling: not checking]) 2195 ] 2196) 2197 2198AC_ARG_WITH([openssl-header-check], 2199 [ --without-openssl-header-check Disable OpenSSL version consistency check], 2200 [ if test "x$withval" = "xno" ; then 2201 openssl_check_nonfatal=1 2202 fi 2203 ] 2204) 2205 2206# Sanity check OpenSSL headers 2207AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 2208AC_RUN_IFELSE( 2209 [AC_LANG_PROGRAM([[ 2210#include <string.h> 2211#include <openssl/opensslv.h> 2212 ]], [[ 2213 exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); 2214 ]])], 2215 [ 2216 AC_MSG_RESULT([yes]) 2217 ], 2218 [ 2219 AC_MSG_RESULT([no]) 2220 if test "x$openssl_check_nonfatal" = "x"; then 2221 AC_MSG_ERROR([Your OpenSSL headers do not match your 2222library. Check config.log for details. 2223If you are sure your installation is consistent, you can disable the check 2224by running "./configure --without-openssl-header-check". 2225Also see contrib/findssl.sh for help identifying header/library mismatches. 2226]) 2227 else 2228 AC_MSG_WARN([Your OpenSSL headers do not match your 2229library. Check config.log for details. 2230Also see contrib/findssl.sh for help identifying header/library mismatches.]) 2231 fi 2232 ], 2233 [ 2234 AC_MSG_WARN([cross compiling: not checking]) 2235 ] 2236) 2237 2238AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 2239AC_LINK_IFELSE( 2240 [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]], 2241 [[ SSLeay_add_all_algorithms(); ]])], 2242 [ 2243 AC_MSG_RESULT([yes]) 2244 ], 2245 [ 2246 AC_MSG_RESULT([no]) 2247 saved_LIBS="$LIBS" 2248 LIBS="$LIBS -ldl" 2249 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 2250 AC_LINK_IFELSE( 2251 [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]], 2252 [[ SSLeay_add_all_algorithms(); ]])], 2253 [ 2254 AC_MSG_RESULT([yes]) 2255 ], 2256 [ 2257 AC_MSG_RESULT([no]) 2258 LIBS="$saved_LIBS" 2259 ] 2260 ) 2261 ] 2262) 2263 2264AC_CHECK_FUNCS([RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex RSA_get_default_method HMAC_CTX_init]) 2265 2266AC_ARG_WITH([ssl-engine], 2267 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2268 [ if test "x$withval" != "xno" ; then 2269 AC_MSG_CHECKING([for OpenSSL ENGINE support]) 2270 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2271#include <openssl/engine.h> 2272 ]], [[ 2273 ENGINE_load_builtin_engines(); 2274 ENGINE_register_all_complete(); 2275 ]])], 2276 [ AC_MSG_RESULT([yes]) 2277 AC_DEFINE([USE_OPENSSL_ENGINE], [1], 2278 [Enable OpenSSL engine support]) 2279 ], [ AC_MSG_ERROR([OpenSSL ENGINE support not found]) 2280 ]) 2281 fi ] 2282) 2283 2284# Check for OpenSSL without EVP_aes_{192,256}_cbc 2285AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 2286AC_LINK_IFELSE( 2287 [AC_LANG_PROGRAM([[ 2288#include <string.h> 2289#include <openssl/evp.h> 2290 ]], [[ 2291 exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL); 2292 ]])], 2293 [ 2294 AC_MSG_RESULT([no]) 2295 ], 2296 [ 2297 AC_MSG_RESULT([yes]) 2298 AC_DEFINE([OPENSSL_LOBOTOMISED_AES], [1], 2299 [libcrypto is missing AES 192 and 256 bit functions]) 2300 ] 2301) 2302 2303# Check for OpenSSL with EVP_aes_*ctr 2304AC_MSG_CHECKING([whether OpenSSL has AES CTR via EVP]) 2305AC_LINK_IFELSE( 2306 [AC_LANG_PROGRAM([[ 2307#include <string.h> 2308#include <openssl/evp.h> 2309 ]], [[ 2310 exit(EVP_aes_128_ctr() == NULL || 2311 EVP_aes_192_cbc() == NULL || 2312 EVP_aes_256_cbc() == NULL); 2313 ]])], 2314 [ 2315 AC_MSG_RESULT([yes]) 2316 AC_DEFINE([OPENSSL_HAVE_EVPCTR], [1], 2317 [libcrypto has EVP AES CTR]) 2318 ], 2319 [ 2320 AC_MSG_RESULT([no]) 2321 ] 2322) 2323 2324# Check for OpenSSL with EVP_aes_*gcm 2325AC_MSG_CHECKING([whether OpenSSL has AES GCM via EVP]) 2326AC_LINK_IFELSE( 2327 [AC_LANG_PROGRAM([[ 2328#include <string.h> 2329#include <openssl/evp.h> 2330 ]], [[ 2331 exit(EVP_aes_128_gcm() == NULL || 2332 EVP_aes_256_gcm() == NULL || 2333 EVP_CTRL_GCM_SET_IV_FIXED == 0 || 2334 EVP_CTRL_GCM_IV_GEN == 0 || 2335 EVP_CTRL_GCM_SET_TAG == 0 || 2336 EVP_CTRL_GCM_GET_TAG == 0 || 2337 EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0); 2338 ]])], 2339 [ 2340 AC_MSG_RESULT([yes]) 2341 AC_DEFINE([OPENSSL_HAVE_EVPGCM], [1], 2342 [libcrypto has EVP AES GCM]) 2343 ], 2344 [ 2345 AC_MSG_RESULT([no]) 2346 ] 2347) 2348 2349AC_SEARCH_LIBS([EVP_CIPHER_CTX_ctrl], [crypto], 2350 [AC_DEFINE([HAVE_EVP_CIPHER_CTX_CTRL], [1], 2351 [Define if libcrypto has EVP_CIPHER_CTX_ctrl])]) 2352 2353AC_MSG_CHECKING([if EVP_DigestUpdate returns an int]) 2354AC_LINK_IFELSE( 2355 [AC_LANG_PROGRAM([[ 2356#include <string.h> 2357#include <openssl/evp.h> 2358 ]], [[ 2359 if(EVP_DigestUpdate(NULL, NULL,0)) 2360 exit(0); 2361 ]])], 2362 [ 2363 AC_MSG_RESULT([yes]) 2364 ], 2365 [ 2366 AC_MSG_RESULT([no]) 2367 AC_DEFINE([OPENSSL_EVP_DIGESTUPDATE_VOID], [1], 2368 [Define if EVP_DigestUpdate returns void]) 2369 ] 2370) 2371 2372# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 2373# because the system crypt() is more featureful. 2374if test "x$check_for_libcrypt_before" = "x1"; then 2375 AC_CHECK_LIB([crypt], [crypt]) 2376fi 2377 2378# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 2379# version in OpenSSL. 2380if test "x$check_for_libcrypt_later" = "x1"; then 2381 AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"]) 2382fi 2383 2384# Search for SHA256 support in libc and/or OpenSSL 2385AC_CHECK_FUNCS([SHA256_Update EVP_sha256], [TEST_SSH_SHA256=yes], 2386 [TEST_SSH_SHA256=no]) 2387AC_SUBST([TEST_SSH_SHA256]) 2388 2389# Check complete ECC support in OpenSSL 2390AC_MSG_CHECKING([whether OpenSSL has complete ECC support]) 2391AC_LINK_IFELSE( 2392 [AC_LANG_PROGRAM([[ 2393#include <openssl/ec.h> 2394#include <openssl/ecdh.h> 2395#include <openssl/ecdsa.h> 2396#include <openssl/evp.h> 2397#include <openssl/objects.h> 2398#include <openssl/opensslv.h> 2399#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */ 2400# error "OpenSSL < 0.9.8g has unreliable ECC code" 2401#endif 2402 ]], [[ 2403 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); 2404 const EVP_MD *m = EVP_sha512(); /* We need this too */ 2405 ]])], 2406 [ 2407 AC_MSG_RESULT([yes]) 2408 AC_DEFINE([OPENSSL_HAS_ECC], [1], 2409 [libcrypto includes complete ECC support]) 2410 TEST_SSH_ECC=yes 2411 COMMENT_OUT_ECC="" 2412 ], 2413 [ 2414 AC_MSG_RESULT([no]) 2415 TEST_SSH_ECC=no 2416 COMMENT_OUT_ECC="#no ecc#" 2417 ] 2418) 2419AC_SUBST([TEST_SSH_ECC]) 2420AC_SUBST([COMMENT_OUT_ECC]) 2421 2422saved_LIBS="$LIBS" 2423AC_CHECK_LIB([iaf], [ia_openinfo], [ 2424 LIBS="$LIBS -liaf" 2425 AC_CHECK_FUNCS([set_id], [SSHDLIBS="$SSHDLIBS -liaf" 2426 AC_DEFINE([HAVE_LIBIAF], [1], 2427 [Define if system has libiaf that supports set_id]) 2428 ]) 2429]) 2430LIBS="$saved_LIBS" 2431 2432### Configure cryptographic random number support 2433 2434# Check wheter OpenSSL seeds itself 2435AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 2436AC_RUN_IFELSE( 2437 [AC_LANG_PROGRAM([[ 2438#include <string.h> 2439#include <openssl/rand.h> 2440 ]], [[ 2441 exit(RAND_status() == 1 ? 0 : 1); 2442 ]])], 2443 [ 2444 OPENSSL_SEEDS_ITSELF=yes 2445 AC_MSG_RESULT([yes]) 2446 ], 2447 [ 2448 AC_MSG_RESULT([no]) 2449 ], 2450 [ 2451 AC_MSG_WARN([cross compiling: assuming yes]) 2452 # This is safe, since we will fatal() at runtime if 2453 # OpenSSL is not seeded correctly. 2454 OPENSSL_SEEDS_ITSELF=yes 2455 ] 2456) 2457 2458# PRNGD TCP socket 2459AC_ARG_WITH([prngd-port], 2460 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2461 [ 2462 case "$withval" in 2463 no) 2464 withval="" 2465 ;; 2466 [[0-9]]*) 2467 ;; 2468 *) 2469 AC_MSG_ERROR([You must specify a numeric port number for --with-prngd-port]) 2470 ;; 2471 esac 2472 if test ! -z "$withval" ; then 2473 PRNGD_PORT="$withval" 2474 AC_DEFINE_UNQUOTED([PRNGD_PORT], [$PRNGD_PORT], 2475 [Port number of PRNGD/EGD random number socket]) 2476 fi 2477 ] 2478) 2479 2480# PRNGD Unix domain socket 2481AC_ARG_WITH([prngd-socket], 2482 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2483 [ 2484 case "$withval" in 2485 yes) 2486 withval="/var/run/egd-pool" 2487 ;; 2488 no) 2489 withval="" 2490 ;; 2491 /*) 2492 ;; 2493 *) 2494 AC_MSG_ERROR([You must specify an absolute path to the entropy socket]) 2495 ;; 2496 esac 2497 2498 if test ! -z "$withval" ; then 2499 if test ! -z "$PRNGD_PORT" ; then 2500 AC_MSG_ERROR([You may not specify both a PRNGD/EGD port and socket]) 2501 fi 2502 if test ! -r "$withval" ; then 2503 AC_MSG_WARN([Entropy socket is not readable]) 2504 fi 2505 PRNGD_SOCKET="$withval" 2506 AC_DEFINE_UNQUOTED([PRNGD_SOCKET], ["$PRNGD_SOCKET"], 2507 [Location of PRNGD/EGD random number socket]) 2508 fi 2509 ], 2510 [ 2511 # Check for existing socket only if we don't have a random device already 2512 if test "x$OPENSSL_SEEDS_ITSELF" != "xyes" ; then 2513 AC_MSG_CHECKING([for PRNGD/EGD socket]) 2514 # Insert other locations here 2515 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2516 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2517 PRNGD_SOCKET="$sock" 2518 AC_DEFINE_UNQUOTED([PRNGD_SOCKET], ["$PRNGD_SOCKET"]) 2519 break; 2520 fi 2521 done 2522 if test ! -z "$PRNGD_SOCKET" ; then 2523 AC_MSG_RESULT([$PRNGD_SOCKET]) 2524 else 2525 AC_MSG_RESULT([not found]) 2526 fi 2527 fi 2528 ] 2529) 2530 2531# Which randomness source do we use? 2532if test ! -z "$PRNGD_PORT" ; then 2533 RAND_MSG="PRNGd port $PRNGD_PORT" 2534elif test ! -z "$PRNGD_SOCKET" ; then 2535 RAND_MSG="PRNGd socket $PRNGD_SOCKET" 2536elif test ! -z "$OPENSSL_SEEDS_ITSELF" ; then 2537 AC_DEFINE([OPENSSL_PRNG_ONLY], [1], 2538 [Define if you want OpenSSL's internally seeded PRNG only]) 2539 RAND_MSG="OpenSSL internal ONLY" 2540else 2541 AC_MSG_ERROR([OpenSSH has no source of random numbers. Please configure OpenSSL with an entropy source or re-run configure using one of the --with-prngd-port or --with-prngd-socket options]) 2542fi 2543 2544# Check for PAM libs 2545PAM_MSG="no" 2546AC_ARG_WITH([pam], 2547 [ --with-pam Enable PAM support ], 2548 [ 2549 if test "x$withval" != "xno" ; then 2550 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2551 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2552 AC_MSG_ERROR([PAM headers not found]) 2553 fi 2554 2555 saved_LIBS="$LIBS" 2556 AC_CHECK_LIB([dl], [dlopen], , ) 2557 AC_CHECK_LIB([pam], [pam_set_item], , [AC_MSG_ERROR([*** libpam missing])]) 2558 AC_CHECK_FUNCS([pam_getenvlist]) 2559 AC_CHECK_FUNCS([pam_putenv]) 2560 LIBS="$saved_LIBS" 2561 2562 PAM_MSG="yes" 2563 2564 SSHDLIBS="$SSHDLIBS -lpam" 2565 AC_DEFINE([USE_PAM], [1], 2566 [Define if you want to enable PAM support]) 2567 2568 if test $ac_cv_lib_dl_dlopen = yes; then 2569 case "$LIBS" in 2570 *-ldl*) 2571 # libdl already in LIBS 2572 ;; 2573 *) 2574 SSHDLIBS="$SSHDLIBS -ldl" 2575 ;; 2576 esac 2577 fi 2578 fi 2579 ] 2580) 2581 2582# Check for older PAM 2583if test "x$PAM_MSG" = "xyes" ; then 2584 # Check PAM strerror arguments (old PAM) 2585 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2586 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2587#include <stdlib.h> 2588#if defined(HAVE_SECURITY_PAM_APPL_H) 2589#include <security/pam_appl.h> 2590#elif defined (HAVE_PAM_PAM_APPL_H) 2591#include <pam/pam_appl.h> 2592#endif 2593 ]], [[ 2594(void)pam_strerror((pam_handle_t *)NULL, -1); 2595 ]])], [AC_MSG_RESULT([no])], [ 2596 AC_DEFINE([HAVE_OLD_PAM], [1], 2597 [Define if you have an old version of PAM 2598 which takes only one argument to pam_strerror]) 2599 AC_MSG_RESULT([yes]) 2600 PAM_MSG="yes (old library)" 2601 2602 ]) 2603fi 2604 2605SSH_PRIVSEP_USER=sshd 2606AC_ARG_WITH([privsep-user], 2607 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2608 [ 2609 if test -n "$withval" && test "x$withval" != "xno" && \ 2610 test "x${withval}" != "xyes"; then 2611 SSH_PRIVSEP_USER=$withval 2612 fi 2613 ] 2614) 2615AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], 2616 [non-privileged user for privilege separation]) 2617AC_SUBST([SSH_PRIVSEP_USER]) 2618 2619if test "x$have_linux_no_new_privs" = "x1" ; then 2620AC_CHECK_DECL([SECCOMP_MODE_FILTER], [have_seccomp_filter=1], , [ 2621 #include <sys/types.h> 2622 #include <linux/seccomp.h> 2623]) 2624fi 2625if test "x$have_seccomp_filter" = "x1" ; then 2626AC_MSG_CHECKING([kernel for seccomp_filter support]) 2627AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 2628 #include <errno.h> 2629 #include <elf.h> 2630 #include <linux/audit.h> 2631 #include <linux/seccomp.h> 2632 #include <stdlib.h> 2633 #include <sys/prctl.h> 2634 ]], 2635 [[ int i = $seccomp_audit_arch; 2636 errno = 0; 2637 prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0); 2638 exit(errno == EFAULT ? 0 : 1); ]])], 2639 [ AC_MSG_RESULT([yes]) ], [ 2640 AC_MSG_RESULT([no]) 2641 # Disable seccomp filter as a target 2642 have_seccomp_filter=0 2643 ] 2644) 2645fi 2646 2647# Decide which sandbox style to use 2648sandbox_arg="" 2649AC_ARG_WITH([sandbox], 2650 [ --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter)], 2651 [ 2652 if test "x$withval" = "xyes" ; then 2653 sandbox_arg="" 2654 else 2655 sandbox_arg="$withval" 2656 fi 2657 ] 2658) 2659 2660# Some platforms (seems to be the ones that have a kernel poll(2)-type 2661# function with which they implement select(2)) use an extra file descriptor 2662# when calling select(2), which means we can't use the rlimit sandbox. 2663AC_MSG_CHECKING([if select works with descriptor rlimit]) 2664AC_RUN_IFELSE( 2665 [AC_LANG_PROGRAM([[ 2666#include <sys/types.h> 2667#ifdef HAVE_SYS_TIME_H 2668# include <sys/time.h> 2669#endif 2670#include <sys/resource.h> 2671#ifdef HAVE_SYS_SELECT_H 2672# include <sys/select.h> 2673#endif 2674#include <errno.h> 2675#include <fcntl.h> 2676#include <stdlib.h> 2677 ]],[[ 2678 struct rlimit rl_zero; 2679 int fd, r; 2680 fd_set fds; 2681 struct timeval tv; 2682 2683 fd = open("/dev/null", O_RDONLY); 2684 FD_ZERO(&fds); 2685 FD_SET(fd, &fds); 2686 rl_zero.rlim_cur = rl_zero.rlim_max = 0; 2687 setrlimit(RLIMIT_FSIZE, &rl_zero); 2688 setrlimit(RLIMIT_NOFILE, &rl_zero); 2689 tv.tv_sec = 1; 2690 tv.tv_usec = 0; 2691 r = select(fd+1, &fds, NULL, NULL, &tv); 2692 exit (r == -1 ? 1 : 0); 2693 ]])], 2694 [AC_MSG_RESULT([yes]) 2695 select_works_with_rlimit=yes], 2696 [AC_MSG_RESULT([no]) 2697 select_works_with_rlimit=no], 2698 [AC_MSG_WARN([cross compiling: assuming yes])] 2699) 2700 2701AC_MSG_CHECKING([if setrlimit(RLIMIT_NOFILE,{0,0}) works]) 2702AC_RUN_IFELSE( 2703 [AC_LANG_PROGRAM([[ 2704#include <sys/types.h> 2705#ifdef HAVE_SYS_TIME_H 2706# include <sys/time.h> 2707#endif 2708#include <sys/resource.h> 2709#include <errno.h> 2710#include <stdlib.h> 2711 ]],[[ 2712 struct rlimit rl_zero; 2713 int fd, r; 2714 fd_set fds; 2715 2716 rl_zero.rlim_cur = rl_zero.rlim_max = 0; 2717 r = setrlimit(RLIMIT_NOFILE, &rl_zero); 2718 exit (r == -1 ? 1 : 0); 2719 ]])], 2720 [AC_MSG_RESULT([yes]) 2721 rlimit_nofile_zero_works=yes], 2722 [AC_MSG_RESULT([no]) 2723 rlimit_nofile_zero_works=no], 2724 [AC_MSG_WARN([cross compiling: assuming yes])] 2725) 2726 2727AC_MSG_CHECKING([if setrlimit RLIMIT_FSIZE works]) 2728AC_RUN_IFELSE( 2729 [AC_LANG_PROGRAM([[ 2730#include <sys/types.h> 2731#include <sys/resource.h> 2732#include <stdlib.h> 2733 ]],[[ 2734 struct rlimit rl_zero; 2735 2736 rl_zero.rlim_cur = rl_zero.rlim_max = 0; 2737 exit(setrlimit(RLIMIT_FSIZE, &rl_zero) != 0); 2738 ]])], 2739 [AC_MSG_RESULT([yes])], 2740 [AC_MSG_RESULT([no]) 2741 AC_DEFINE(SANDBOX_SKIP_RLIMIT_FSIZE, 1, 2742 [setrlimit RLIMIT_FSIZE works])], 2743 [AC_MSG_WARN([cross compiling: assuming yes])] 2744) 2745 2746if test "x$sandbox_arg" = "xsystrace" || \ 2747 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then 2748 test "x$have_systr_policy_kill" != "x1" && \ 2749 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support]) 2750 SANDBOX_STYLE="systrace" 2751 AC_DEFINE([SANDBOX_SYSTRACE], [1], [Sandbox using systrace(4)]) 2752elif test "x$sandbox_arg" = "xdarwin" || \ 2753 ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \ 2754 test "x$ac_cv_header_sandbox_h" = "xyes") ; then 2755 test "x$ac_cv_func_sandbox_init" != "xyes" -o \ 2756 "x$ac_cv_header_sandbox_h" != "xyes" && \ 2757 AC_MSG_ERROR([Darwin seatbelt sandbox requires sandbox.h and sandbox_init function]) 2758 SANDBOX_STYLE="darwin" 2759 AC_DEFINE([SANDBOX_DARWIN], [1], [Sandbox using Darwin sandbox_init(3)]) 2760elif test "x$sandbox_arg" = "xseccomp_filter" || \ 2761 ( test -z "$sandbox_arg" && \ 2762 test "x$have_seccomp_filter" = "x1" && \ 2763 test "x$ac_cv_header_elf_h" = "xyes" && \ 2764 test "x$ac_cv_header_linux_audit_h" = "xyes" && \ 2765 test "x$ac_cv_header_linux_filter_h" = "xyes" && \ 2766 test "x$seccomp_audit_arch" != "x" && \ 2767 test "x$have_linux_no_new_privs" = "x1" && \ 2768 test "x$ac_cv_func_prctl" = "xyes" ) ; then 2769 test "x$seccomp_audit_arch" = "x" && \ 2770 AC_MSG_ERROR([seccomp_filter sandbox not supported on $host]) 2771 test "x$have_linux_no_new_privs" != "x1" && \ 2772 AC_MSG_ERROR([seccomp_filter sandbox requires PR_SET_NO_NEW_PRIVS]) 2773 test "x$have_seccomp_filter" != "x1" && \ 2774 AC_MSG_ERROR([seccomp_filter sandbox requires seccomp headers]) 2775 test "x$ac_cv_func_prctl" != "xyes" && \ 2776 AC_MSG_ERROR([seccomp_filter sandbox requires prctl function]) 2777 SANDBOX_STYLE="seccomp_filter" 2778 AC_DEFINE([SANDBOX_SECCOMP_FILTER], [1], [Sandbox using seccomp filter]) 2779elif test "x$sandbox_arg" = "xrlimit" || \ 2780 ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" && \ 2781 test "x$select_works_with_rlimit" = "xyes" && \ 2782 test "x$rlimit_nofile_zero_works" = "xyes" ) ; then 2783 test "x$ac_cv_func_setrlimit" != "xyes" && \ 2784 AC_MSG_ERROR([rlimit sandbox requires setrlimit function]) 2785 test "x$select_works_with_rlimit" != "xyes" && \ 2786 AC_MSG_ERROR([rlimit sandbox requires select to work with rlimit]) 2787 SANDBOX_STYLE="rlimit" 2788 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)]) 2789elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ 2790 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then 2791 SANDBOX_STYLE="none" 2792 AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing]) 2793else 2794 AC_MSG_ERROR([unsupported --with-sandbox]) 2795fi 2796 2797# Cheap hack to ensure NEWS-OS libraries are arranged right. 2798if test ! -z "$SONY" ; then 2799 LIBS="$LIBS -liberty"; 2800fi 2801 2802# Check for long long datatypes 2803AC_CHECK_TYPES([long long, unsigned long long, long double]) 2804 2805# Check datatype sizes 2806AC_CHECK_SIZEOF([short int], [2]) 2807AC_CHECK_SIZEOF([int], [4]) 2808AC_CHECK_SIZEOF([long int], [4]) 2809AC_CHECK_SIZEOF([long long int], [8]) 2810 2811# Sanity check long long for some platforms (AIX) 2812if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2813 ac_cv_sizeof_long_long_int=0 2814fi 2815 2816# compute LLONG_MIN and LLONG_MAX if we don't know them. 2817if test -z "$have_llong_max"; then 2818 AC_MSG_CHECKING([for max value of long long]) 2819 AC_RUN_IFELSE( 2820 [AC_LANG_PROGRAM([[ 2821#include <stdio.h> 2822/* Why is this so damn hard? */ 2823#ifdef __GNUC__ 2824# undef __GNUC__ 2825#endif 2826#define __USE_ISOC99 2827#include <limits.h> 2828#define DATA "conftest.llminmax" 2829#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) 2830 2831/* 2832 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2833 * we do this the hard way. 2834 */ 2835static int 2836fprint_ll(FILE *f, long long n) 2837{ 2838 unsigned int i; 2839 int l[sizeof(long long) * 8]; 2840 2841 if (n < 0) 2842 if (fprintf(f, "-") < 0) 2843 return -1; 2844 for (i = 0; n != 0; i++) { 2845 l[i] = my_abs(n % 10); 2846 n /= 10; 2847 } 2848 do { 2849 if (fprintf(f, "%d", l[--i]) < 0) 2850 return -1; 2851 } while (i != 0); 2852 if (fprintf(f, " ") < 0) 2853 return -1; 2854 return 0; 2855} 2856 ]], [[ 2857 FILE *f; 2858 long long i, llmin, llmax = 0; 2859 2860 if((f = fopen(DATA,"w")) == NULL) 2861 exit(1); 2862 2863#if defined(LLONG_MIN) && defined(LLONG_MAX) 2864 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2865 llmin = LLONG_MIN; 2866 llmax = LLONG_MAX; 2867#else 2868 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2869 /* This will work on one's complement and two's complement */ 2870 for (i = 1; i > llmax; i <<= 1, i++) 2871 llmax = i; 2872 llmin = llmax + 1LL; /* wrap */ 2873#endif 2874 2875 /* Sanity check */ 2876 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2877 || llmax - 1 > llmax || llmin == llmax || llmin == 0 2878 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { 2879 fprintf(f, "unknown unknown\n"); 2880 exit(2); 2881 } 2882 2883 if (fprint_ll(f, llmin) < 0) 2884 exit(3); 2885 if (fprint_ll(f, llmax) < 0) 2886 exit(4); 2887 if (fclose(f) < 0) 2888 exit(5); 2889 exit(0); 2890 ]])], 2891 [ 2892 llong_min=`$AWK '{print $1}' conftest.llminmax` 2893 llong_max=`$AWK '{print $2}' conftest.llminmax` 2894 2895 AC_MSG_RESULT([$llong_max]) 2896 AC_DEFINE_UNQUOTED([LLONG_MAX], [${llong_max}LL], 2897 [max value of long long calculated by configure]) 2898 AC_MSG_CHECKING([for min value of long long]) 2899 AC_MSG_RESULT([$llong_min]) 2900 AC_DEFINE_UNQUOTED([LLONG_MIN], [${llong_min}LL], 2901 [min value of long long calculated by configure]) 2902 ], 2903 [ 2904 AC_MSG_RESULT([not found]) 2905 ], 2906 [ 2907 AC_MSG_WARN([cross compiling: not checking]) 2908 ] 2909 ) 2910fi 2911 2912 2913# More checks for data types 2914AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2915 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2916 [[ u_int a; a = 1;]])], 2917 [ ac_cv_have_u_int="yes" ], [ ac_cv_have_u_int="no" 2918 ]) 2919]) 2920if test "x$ac_cv_have_u_int" = "xyes" ; then 2921 AC_DEFINE([HAVE_U_INT], [1], [define if you have u_int data type]) 2922 have_u_int=1 2923fi 2924 2925AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2926 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2927 [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])], 2928 [ ac_cv_have_intxx_t="yes" ], [ ac_cv_have_intxx_t="no" 2929 ]) 2930]) 2931if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2932 AC_DEFINE([HAVE_INTXX_T], [1], [define if you have intxx_t data type]) 2933 have_intxx_t=1 2934fi 2935 2936if (test -z "$have_intxx_t" && \ 2937 test "x$ac_cv_header_stdint_h" = "xyes") 2938then 2939 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2940 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdint.h> ]], 2941 [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])], 2942 [ 2943 AC_DEFINE([HAVE_INTXX_T]) 2944 AC_MSG_RESULT([yes]) 2945 ], [ AC_MSG_RESULT([no]) 2946 ]) 2947fi 2948 2949AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2950 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2951#include <sys/types.h> 2952#ifdef HAVE_STDINT_H 2953# include <stdint.h> 2954#endif 2955#include <sys/socket.h> 2956#ifdef HAVE_SYS_BITYPES_H 2957# include <sys/bitypes.h> 2958#endif 2959 ]], [[ 2960int64_t a; a = 1; 2961 ]])], 2962 [ ac_cv_have_int64_t="yes" ], [ ac_cv_have_int64_t="no" 2963 ]) 2964]) 2965if test "x$ac_cv_have_int64_t" = "xyes" ; then 2966 AC_DEFINE([HAVE_INT64_T], [1], [define if you have int64_t data type]) 2967fi 2968 2969AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2970 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2971 [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])], 2972 [ ac_cv_have_u_intxx_t="yes" ], [ ac_cv_have_u_intxx_t="no" 2973 ]) 2974]) 2975if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2976 AC_DEFINE([HAVE_U_INTXX_T], [1], [define if you have u_intxx_t data type]) 2977 have_u_intxx_t=1 2978fi 2979 2980if test -z "$have_u_intxx_t" ; then 2981 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2982 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/socket.h> ]], 2983 [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])], 2984 [ 2985 AC_DEFINE([HAVE_U_INTXX_T]) 2986 AC_MSG_RESULT([yes]) 2987 ], [ AC_MSG_RESULT([no]) 2988 ]) 2989fi 2990 2991AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2992 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2993 [[ u_int64_t a; a = 1;]])], 2994 [ ac_cv_have_u_int64_t="yes" ], [ ac_cv_have_u_int64_t="no" 2995 ]) 2996]) 2997if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2998 AC_DEFINE([HAVE_U_INT64_T], [1], [define if you have u_int64_t data type]) 2999 have_u_int64_t=1 3000fi 3001 3002if test -z "$have_u_int64_t" ; then 3003 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 3004 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/bitypes.h> ]], 3005 [[ u_int64_t a; a = 1]])], 3006 [ 3007 AC_DEFINE([HAVE_U_INT64_T]) 3008 AC_MSG_RESULT([yes]) 3009 ], [ AC_MSG_RESULT([no]) 3010 ]) 3011fi 3012 3013if test -z "$have_u_intxx_t" ; then 3014 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 3015 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3016#include <sys/types.h> 3017 ]], [[ 3018 uint8_t a; 3019 uint16_t b; 3020 uint32_t c; 3021 a = b = c = 1; 3022 ]])], 3023 [ ac_cv_have_uintxx_t="yes" ], [ ac_cv_have_uintxx_t="no" 3024 ]) 3025 ]) 3026 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 3027 AC_DEFINE([HAVE_UINTXX_T], [1], 3028 [define if you have uintxx_t data type]) 3029 fi 3030fi 3031 3032if test -z "$have_uintxx_t" ; then 3033 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 3034 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdint.h> ]], 3035 [[ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;]])], 3036 [ 3037 AC_DEFINE([HAVE_UINTXX_T]) 3038 AC_MSG_RESULT([yes]) 3039 ], [ AC_MSG_RESULT([no]) 3040 ]) 3041fi 3042 3043if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 3044 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 3045then 3046 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 3047 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3048#include <sys/bitypes.h> 3049 ]], [[ 3050 int8_t a; int16_t b; int32_t c; 3051 u_int8_t e; u_int16_t f; u_int32_t g; 3052 a = b = c = e = f = g = 1; 3053 ]])], 3054 [ 3055 AC_DEFINE([HAVE_U_INTXX_T]) 3056 AC_DEFINE([HAVE_INTXX_T]) 3057 AC_MSG_RESULT([yes]) 3058 ], [AC_MSG_RESULT([no]) 3059 ]) 3060fi 3061 3062 3063AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 3064 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 3065 [[ u_char foo; foo = 125; ]])], 3066 [ ac_cv_have_u_char="yes" ], [ ac_cv_have_u_char="no" 3067 ]) 3068]) 3069if test "x$ac_cv_have_u_char" = "xyes" ; then 3070 AC_DEFINE([HAVE_U_CHAR], [1], [define if you have u_char data type]) 3071fi 3072 3073TYPE_SOCKLEN_T 3074 3075AC_CHECK_TYPES([sig_atomic_t], , , [#include <signal.h>]) 3076AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t], , , [ 3077#include <sys/types.h> 3078#ifdef HAVE_SYS_BITYPES_H 3079#include <sys/bitypes.h> 3080#endif 3081#ifdef HAVE_SYS_STATFS_H 3082#include <sys/statfs.h> 3083#endif 3084#ifdef HAVE_SYS_STATVFS_H 3085#include <sys/statvfs.h> 3086#endif 3087]) 3088 3089AC_CHECK_TYPES([in_addr_t, in_port_t], , , 3090[#include <sys/types.h> 3091#include <netinet/in.h>]) 3092 3093AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 3094 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 3095 [[ size_t foo; foo = 1235; ]])], 3096 [ ac_cv_have_size_t="yes" ], [ ac_cv_have_size_t="no" 3097 ]) 3098]) 3099if test "x$ac_cv_have_size_t" = "xyes" ; then 3100 AC_DEFINE([HAVE_SIZE_T], [1], [define if you have size_t data type]) 3101fi 3102 3103AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 3104 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 3105 [[ ssize_t foo; foo = 1235; ]])], 3106 [ ac_cv_have_ssize_t="yes" ], [ ac_cv_have_ssize_t="no" 3107 ]) 3108]) 3109if test "x$ac_cv_have_ssize_t" = "xyes" ; then 3110 AC_DEFINE([HAVE_SSIZE_T], [1], [define if you have ssize_t data type]) 3111fi 3112 3113AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 3114 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <time.h> ]], 3115 [[ clock_t foo; foo = 1235; ]])], 3116 [ ac_cv_have_clock_t="yes" ], [ ac_cv_have_clock_t="no" 3117 ]) 3118]) 3119if test "x$ac_cv_have_clock_t" = "xyes" ; then 3120 AC_DEFINE([HAVE_CLOCK_T], [1], [define if you have clock_t data type]) 3121fi 3122 3123AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 3124 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3125#include <sys/types.h> 3126#include <sys/socket.h> 3127 ]], [[ sa_family_t foo; foo = 1235; ]])], 3128 [ ac_cv_have_sa_family_t="yes" ], 3129 [ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3130#include <sys/types.h> 3131#include <sys/socket.h> 3132#include <netinet/in.h> 3133 ]], [[ sa_family_t foo; foo = 1235; ]])], 3134 [ ac_cv_have_sa_family_t="yes" ], 3135 [ ac_cv_have_sa_family_t="no" ] 3136 ) 3137 ]) 3138]) 3139if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 3140 AC_DEFINE([HAVE_SA_FAMILY_T], [1], 3141 [define if you have sa_family_t data type]) 3142fi 3143 3144AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 3145 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 3146 [[ pid_t foo; foo = 1235; ]])], 3147 [ ac_cv_have_pid_t="yes" ], [ ac_cv_have_pid_t="no" 3148 ]) 3149]) 3150if test "x$ac_cv_have_pid_t" = "xyes" ; then 3151 AC_DEFINE([HAVE_PID_T], [1], [define if you have pid_t data type]) 3152fi 3153 3154AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 3155 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 3156 [[ mode_t foo; foo = 1235; ]])], 3157 [ ac_cv_have_mode_t="yes" ], [ ac_cv_have_mode_t="no" 3158 ]) 3159]) 3160if test "x$ac_cv_have_mode_t" = "xyes" ; then 3161 AC_DEFINE([HAVE_MODE_T], [1], [define if you have mode_t data type]) 3162fi 3163 3164 3165AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 3166 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3167#include <sys/types.h> 3168#include <sys/socket.h> 3169 ]], [[ struct sockaddr_storage s; ]])], 3170 [ ac_cv_have_struct_sockaddr_storage="yes" ], 3171 [ ac_cv_have_struct_sockaddr_storage="no" 3172 ]) 3173]) 3174if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 3175 AC_DEFINE([HAVE_STRUCT_SOCKADDR_STORAGE], [1], 3176 [define if you have struct sockaddr_storage data type]) 3177fi 3178 3179AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 3180 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3181#include <sys/types.h> 3182#include <netinet/in.h> 3183 ]], [[ struct sockaddr_in6 s; s.sin6_family = 0; ]])], 3184 [ ac_cv_have_struct_sockaddr_in6="yes" ], 3185 [ ac_cv_have_struct_sockaddr_in6="no" 3186 ]) 3187]) 3188if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 3189 AC_DEFINE([HAVE_STRUCT_SOCKADDR_IN6], [1], 3190 [define if you have struct sockaddr_in6 data type]) 3191fi 3192 3193AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 3194 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3195#include <sys/types.h> 3196#include <netinet/in.h> 3197 ]], [[ struct in6_addr s; s.s6_addr[0] = 0; ]])], 3198 [ ac_cv_have_struct_in6_addr="yes" ], 3199 [ ac_cv_have_struct_in6_addr="no" 3200 ]) 3201]) 3202if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 3203 AC_DEFINE([HAVE_STRUCT_IN6_ADDR], [1], 3204 [define if you have struct in6_addr data type]) 3205 3206dnl Now check for sin6_scope_id 3207 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id], , , 3208 [ 3209#ifdef HAVE_SYS_TYPES_H 3210#include <sys/types.h> 3211#endif 3212#include <netinet/in.h> 3213 ]) 3214fi 3215 3216AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 3217 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3218#include <sys/types.h> 3219#include <sys/socket.h> 3220#include <netdb.h> 3221 ]], [[ struct addrinfo s; s.ai_flags = AI_PASSIVE; ]])], 3222 [ ac_cv_have_struct_addrinfo="yes" ], 3223 [ ac_cv_have_struct_addrinfo="no" 3224 ]) 3225]) 3226if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 3227 AC_DEFINE([HAVE_STRUCT_ADDRINFO], [1], 3228 [define if you have struct addrinfo data type]) 3229fi 3230 3231AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 3232 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/time.h> ]], 3233 [[ struct timeval tv; tv.tv_sec = 1;]])], 3234 [ ac_cv_have_struct_timeval="yes" ], 3235 [ ac_cv_have_struct_timeval="no" 3236 ]) 3237]) 3238if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 3239 AC_DEFINE([HAVE_STRUCT_TIMEVAL], [1], [define if you have struct timeval]) 3240 have_struct_timeval=1 3241fi 3242 3243AC_CHECK_TYPES([struct timespec]) 3244 3245# We need int64_t or else certian parts of the compile will fail. 3246if test "x$ac_cv_have_int64_t" = "xno" && \ 3247 test "x$ac_cv_sizeof_long_int" != "x8" && \ 3248 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 3249 echo "OpenSSH requires int64_t support. Contact your vendor or install" 3250 echo "an alternative compiler (I.E., GCC) before continuing." 3251 echo "" 3252 exit 1; 3253else 3254dnl test snprintf (broken on SCO w/gcc) 3255 AC_RUN_IFELSE( 3256 [AC_LANG_SOURCE([[ 3257#include <stdio.h> 3258#include <string.h> 3259#ifdef HAVE_SNPRINTF 3260main() 3261{ 3262 char buf[50]; 3263 char expected_out[50]; 3264 int mazsize = 50 ; 3265#if (SIZEOF_LONG_INT == 8) 3266 long int num = 0x7fffffffffffffff; 3267#else 3268 long long num = 0x7fffffffffffffffll; 3269#endif 3270 strcpy(expected_out, "9223372036854775807"); 3271 snprintf(buf, mazsize, "%lld", num); 3272 if(strcmp(buf, expected_out) != 0) 3273 exit(1); 3274 exit(0); 3275} 3276#else 3277main() { exit(0); } 3278#endif 3279 ]])], [ true ], [ AC_DEFINE([BROKEN_SNPRINTF]) ], 3280 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 3281 ) 3282fi 3283 3284dnl Checks for structure members 3285OSSH_CHECK_HEADER_FOR_FIELD([ut_host], [utmp.h], [HAVE_HOST_IN_UTMP]) 3286OSSH_CHECK_HEADER_FOR_FIELD([ut_host], [utmpx.h], [HAVE_HOST_IN_UTMPX]) 3287OSSH_CHECK_HEADER_FOR_FIELD([syslen], [utmpx.h], [HAVE_SYSLEN_IN_UTMPX]) 3288OSSH_CHECK_HEADER_FOR_FIELD([ut_pid], [utmp.h], [HAVE_PID_IN_UTMP]) 3289OSSH_CHECK_HEADER_FOR_FIELD([ut_type], [utmp.h], [HAVE_TYPE_IN_UTMP]) 3290OSSH_CHECK_HEADER_FOR_FIELD([ut_type], [utmpx.h], [HAVE_TYPE_IN_UTMPX]) 3291OSSH_CHECK_HEADER_FOR_FIELD([ut_tv], [utmp.h], [HAVE_TV_IN_UTMP]) 3292OSSH_CHECK_HEADER_FOR_FIELD([ut_id], [utmp.h], [HAVE_ID_IN_UTMP]) 3293OSSH_CHECK_HEADER_FOR_FIELD([ut_id], [utmpx.h], [HAVE_ID_IN_UTMPX]) 3294OSSH_CHECK_HEADER_FOR_FIELD([ut_addr], [utmp.h], [HAVE_ADDR_IN_UTMP]) 3295OSSH_CHECK_HEADER_FOR_FIELD([ut_addr], [utmpx.h], [HAVE_ADDR_IN_UTMPX]) 3296OSSH_CHECK_HEADER_FOR_FIELD([ut_addr_v6], [utmp.h], [HAVE_ADDR_V6_IN_UTMP]) 3297OSSH_CHECK_HEADER_FOR_FIELD([ut_addr_v6], [utmpx.h], [HAVE_ADDR_V6_IN_UTMPX]) 3298OSSH_CHECK_HEADER_FOR_FIELD([ut_exit], [utmp.h], [HAVE_EXIT_IN_UTMP]) 3299OSSH_CHECK_HEADER_FOR_FIELD([ut_time], [utmp.h], [HAVE_TIME_IN_UTMP]) 3300OSSH_CHECK_HEADER_FOR_FIELD([ut_time], [utmpx.h], [HAVE_TIME_IN_UTMPX]) 3301OSSH_CHECK_HEADER_FOR_FIELD([ut_tv], [utmpx.h], [HAVE_TV_IN_UTMPX]) 3302 3303AC_CHECK_MEMBERS([struct stat.st_blksize]) 3304AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE([__res_state], [state], 3305 [Define if we don't have struct __res_state in resolv.h])], 3306[ 3307#include <stdio.h> 3308#if HAVE_SYS_TYPES_H 3309# include <sys/types.h> 3310#endif 3311#include <netinet/in.h> 3312#include <arpa/nameser.h> 3313#include <resolv.h> 3314]) 3315 3316AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 3317 ac_cv_have_ss_family_in_struct_ss, [ 3318 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3319#include <sys/types.h> 3320#include <sys/socket.h> 3321 ]], [[ struct sockaddr_storage s; s.ss_family = 1; ]])], 3322 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 3323 [ ac_cv_have_ss_family_in_struct_ss="no" ]) 3324]) 3325if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 3326 AC_DEFINE([HAVE_SS_FAMILY_IN_SS], [1], [Fields in struct sockaddr_storage]) 3327fi 3328 3329AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 3330 ac_cv_have___ss_family_in_struct_ss, [ 3331 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3332#include <sys/types.h> 3333#include <sys/socket.h> 3334 ]], [[ struct sockaddr_storage s; s.__ss_family = 1; ]])], 3335 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 3336 [ ac_cv_have___ss_family_in_struct_ss="no" 3337 ]) 3338]) 3339if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 3340 AC_DEFINE([HAVE___SS_FAMILY_IN_SS], [1], 3341 [Fields in struct sockaddr_storage]) 3342fi 3343 3344AC_CACHE_CHECK([for pw_class field in struct passwd], 3345 ac_cv_have_pw_class_in_struct_passwd, [ 3346 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]], 3347 [[ struct passwd p; p.pw_class = 0; ]])], 3348 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 3349 [ ac_cv_have_pw_class_in_struct_passwd="no" 3350 ]) 3351]) 3352if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 3353 AC_DEFINE([HAVE_PW_CLASS_IN_PASSWD], [1], 3354 [Define if your password has a pw_class field]) 3355fi 3356 3357AC_CACHE_CHECK([for pw_expire field in struct passwd], 3358 ac_cv_have_pw_expire_in_struct_passwd, [ 3359 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]], 3360 [[ struct passwd p; p.pw_expire = 0; ]])], 3361 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 3362 [ ac_cv_have_pw_expire_in_struct_passwd="no" 3363 ]) 3364]) 3365if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 3366 AC_DEFINE([HAVE_PW_EXPIRE_IN_PASSWD], [1], 3367 [Define if your password has a pw_expire field]) 3368fi 3369 3370AC_CACHE_CHECK([for pw_change field in struct passwd], 3371 ac_cv_have_pw_change_in_struct_passwd, [ 3372 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]], 3373 [[ struct passwd p; p.pw_change = 0; ]])], 3374 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 3375 [ ac_cv_have_pw_change_in_struct_passwd="no" 3376 ]) 3377]) 3378if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 3379 AC_DEFINE([HAVE_PW_CHANGE_IN_PASSWD], [1], 3380 [Define if your password has a pw_change field]) 3381fi 3382 3383dnl make sure we're using the real structure members and not defines 3384AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 3385 ac_cv_have_accrights_in_msghdr, [ 3386 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3387#include <sys/types.h> 3388#include <sys/socket.h> 3389#include <sys/uio.h> 3390 ]], [[ 3391#ifdef msg_accrights 3392#error "msg_accrights is a macro" 3393exit(1); 3394#endif 3395struct msghdr m; 3396m.msg_accrights = 0; 3397exit(0); 3398 ]])], 3399 [ ac_cv_have_accrights_in_msghdr="yes" ], 3400 [ ac_cv_have_accrights_in_msghdr="no" ] 3401 ) 3402]) 3403if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 3404 AC_DEFINE([HAVE_ACCRIGHTS_IN_MSGHDR], [1], 3405 [Define if your system uses access rights style 3406 file descriptor passing]) 3407fi 3408 3409AC_MSG_CHECKING([if struct statvfs.f_fsid is integral type]) 3410AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3411#include <sys/param.h> 3412#include <sys/stat.h> 3413#ifdef HAVE_SYS_TIME_H 3414# include <sys/time.h> 3415#endif 3416#ifdef HAVE_SYS_MOUNT_H 3417#include <sys/mount.h> 3418#endif 3419#ifdef HAVE_SYS_STATVFS_H 3420#include <sys/statvfs.h> 3421#endif 3422 ]], [[ struct statvfs s; s.f_fsid = 0; ]])], 3423 [ AC_MSG_RESULT([yes]) ], 3424 [ AC_MSG_RESULT([no]) 3425 3426 AC_MSG_CHECKING([if fsid_t has member val]) 3427 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3428#include <sys/types.h> 3429#include <sys/statvfs.h> 3430 ]], [[ fsid_t t; t.val[0] = 0; ]])], 3431 [ AC_MSG_RESULT([yes]) 3432 AC_DEFINE([FSID_HAS_VAL], [1], [fsid_t has member val]) ], 3433 [ AC_MSG_RESULT([no]) ]) 3434 3435 AC_MSG_CHECKING([if f_fsid has member __val]) 3436 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3437#include <sys/types.h> 3438#include <sys/statvfs.h> 3439 ]], [[ fsid_t t; t.__val[0] = 0; ]])], 3440 [ AC_MSG_RESULT([yes]) 3441 AC_DEFINE([FSID_HAS___VAL], [1], [fsid_t has member __val]) ], 3442 [ AC_MSG_RESULT([no]) ]) 3443]) 3444 3445AC_CACHE_CHECK([for msg_control field in struct msghdr], 3446 ac_cv_have_control_in_msghdr, [ 3447 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3448#include <sys/types.h> 3449#include <sys/socket.h> 3450#include <sys/uio.h> 3451 ]], [[ 3452#ifdef msg_control 3453#error "msg_control is a macro" 3454exit(1); 3455#endif 3456struct msghdr m; 3457m.msg_control = 0; 3458exit(0); 3459 ]])], 3460 [ ac_cv_have_control_in_msghdr="yes" ], 3461 [ ac_cv_have_control_in_msghdr="no" ] 3462 ) 3463]) 3464if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 3465 AC_DEFINE([HAVE_CONTROL_IN_MSGHDR], [1], 3466 [Define if your system uses ancillary data style 3467 file descriptor passing]) 3468fi 3469 3470AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 3471 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], 3472 [[ extern char *__progname; printf("%s", __progname); ]])], 3473 [ ac_cv_libc_defines___progname="yes" ], 3474 [ ac_cv_libc_defines___progname="no" 3475 ]) 3476]) 3477if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 3478 AC_DEFINE([HAVE___PROGNAME], [1], [Define if libc defines __progname]) 3479fi 3480 3481AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 3482 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], 3483 [[ printf("%s", __FUNCTION__); ]])], 3484 [ ac_cv_cc_implements___FUNCTION__="yes" ], 3485 [ ac_cv_cc_implements___FUNCTION__="no" 3486 ]) 3487]) 3488if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 3489 AC_DEFINE([HAVE___FUNCTION__], [1], 3490 [Define if compiler implements __FUNCTION__]) 3491fi 3492 3493AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 3494 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], 3495 [[ printf("%s", __func__); ]])], 3496 [ ac_cv_cc_implements___func__="yes" ], 3497 [ ac_cv_cc_implements___func__="no" 3498 ]) 3499]) 3500if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 3501 AC_DEFINE([HAVE___func__], [1], [Define if compiler implements __func__]) 3502fi 3503 3504AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 3505 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3506#include <stdarg.h> 3507va_list x,y; 3508 ]], [[ va_copy(x,y); ]])], 3509 [ ac_cv_have_va_copy="yes" ], 3510 [ ac_cv_have_va_copy="no" 3511 ]) 3512]) 3513if test "x$ac_cv_have_va_copy" = "xyes" ; then 3514 AC_DEFINE([HAVE_VA_COPY], [1], [Define if va_copy exists]) 3515fi 3516 3517AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3518 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3519#include <stdarg.h> 3520va_list x,y; 3521 ]], [[ __va_copy(x,y); ]])], 3522 [ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no" 3523 ]) 3524]) 3525if test "x$ac_cv_have___va_copy" = "xyes" ; then 3526 AC_DEFINE([HAVE___VA_COPY], [1], [Define if __va_copy exists]) 3527fi 3528 3529AC_CACHE_CHECK([whether getopt has optreset support], 3530 ac_cv_have_getopt_optreset, [ 3531 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <getopt.h> ]], 3532 [[ extern int optreset; optreset = 0; ]])], 3533 [ ac_cv_have_getopt_optreset="yes" ], 3534 [ ac_cv_have_getopt_optreset="no" 3535 ]) 3536]) 3537if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3538 AC_DEFINE([HAVE_GETOPT_OPTRESET], [1], 3539 [Define if your getopt(3) defines and uses optreset]) 3540fi 3541 3542AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3543 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], 3544[[ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);]])], 3545 [ ac_cv_libc_defines_sys_errlist="yes" ], 3546 [ ac_cv_libc_defines_sys_errlist="no" 3547 ]) 3548]) 3549if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3550 AC_DEFINE([HAVE_SYS_ERRLIST], [1], 3551 [Define if your system defines sys_errlist[]]) 3552fi 3553 3554 3555AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3556 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], 3557[[ extern int sys_nerr; printf("%i", sys_nerr);]])], 3558 [ ac_cv_libc_defines_sys_nerr="yes" ], 3559 [ ac_cv_libc_defines_sys_nerr="no" 3560 ]) 3561]) 3562if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3563 AC_DEFINE([HAVE_SYS_NERR], [1], [Define if your system defines sys_nerr]) 3564fi 3565 3566# Check libraries needed by DNS fingerprint support 3567AC_SEARCH_LIBS([getrrsetbyname], [resolv], 3568 [AC_DEFINE([HAVE_GETRRSETBYNAME], [1], 3569 [Define if getrrsetbyname() exists])], 3570 [ 3571 # Needed by our getrrsetbyname() 3572 AC_SEARCH_LIBS([res_query], [resolv]) 3573 AC_SEARCH_LIBS([dn_expand], [resolv]) 3574 AC_MSG_CHECKING([if res_query will link]) 3575 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3576#include <sys/types.h> 3577#include <netinet/in.h> 3578#include <arpa/nameser.h> 3579#include <netdb.h> 3580#include <resolv.h> 3581 ]], [[ 3582 res_query (0, 0, 0, 0, 0); 3583 ]])], 3584 AC_MSG_RESULT([yes]), 3585 [AC_MSG_RESULT([no]) 3586 saved_LIBS="$LIBS" 3587 LIBS="$LIBS -lresolv" 3588 AC_MSG_CHECKING([for res_query in -lresolv]) 3589 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3590#include <sys/types.h> 3591#include <netinet/in.h> 3592#include <arpa/nameser.h> 3593#include <netdb.h> 3594#include <resolv.h> 3595 ]], [[ 3596 res_query (0, 0, 0, 0, 0); 3597 ]])], 3598 [AC_MSG_RESULT([yes])], 3599 [LIBS="$saved_LIBS" 3600 AC_MSG_RESULT([no])]) 3601 ]) 3602 AC_CHECK_FUNCS([_getshort _getlong]) 3603 AC_CHECK_DECLS([_getshort, _getlong], , , 3604 [#include <sys/types.h> 3605 #include <arpa/nameser.h>]) 3606 AC_CHECK_MEMBER([HEADER.ad], 3607 [AC_DEFINE([HAVE_HEADER_AD], [1], 3608 [Define if HEADER.ad exists in arpa/nameser.h])], , 3609 [#include <arpa/nameser.h>]) 3610 ]) 3611 3612AC_MSG_CHECKING([if struct __res_state _res is an extern]) 3613AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3614#include <stdio.h> 3615#if HAVE_SYS_TYPES_H 3616# include <sys/types.h> 3617#endif 3618#include <netinet/in.h> 3619#include <arpa/nameser.h> 3620#include <resolv.h> 3621extern struct __res_state _res; 3622 ]], [[ ]])], 3623 [AC_MSG_RESULT([yes]) 3624 AC_DEFINE([HAVE__RES_EXTERN], [1], 3625 [Define if you have struct __res_state _res as an extern]) 3626 ], 3627 [ AC_MSG_RESULT([no]) ] 3628) 3629 3630# Check whether user wants SELinux support 3631SELINUX_MSG="no" 3632LIBSELINUX="" 3633AC_ARG_WITH([selinux], 3634 [ --with-selinux Enable SELinux support], 3635 [ if test "x$withval" != "xno" ; then 3636 save_LIBS="$LIBS" 3637 AC_DEFINE([WITH_SELINUX], [1], 3638 [Define if you want SELinux support.]) 3639 SELINUX_MSG="yes" 3640 AC_CHECK_HEADER([selinux/selinux.h], , 3641 AC_MSG_ERROR([SELinux support requires selinux.h header])) 3642 AC_CHECK_LIB([selinux], [setexeccon], 3643 [ LIBSELINUX="-lselinux" 3644 LIBS="$LIBS -lselinux" 3645 ], 3646 AC_MSG_ERROR([SELinux support requires libselinux library])) 3647 SSHLIBS="$SSHLIBS $LIBSELINUX" 3648 SSHDLIBS="$SSHDLIBS $LIBSELINUX" 3649 AC_CHECK_FUNCS([getseuserbyname get_default_context_with_level]) 3650 LIBS="$save_LIBS" 3651 fi ] 3652) 3653AC_SUBST([SSHLIBS]) 3654AC_SUBST([SSHDLIBS]) 3655 3656# Check whether user wants Kerberos 5 support 3657KRB5_MSG="no" 3658AC_ARG_WITH([kerberos5], 3659 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3660 [ if test "x$withval" != "xno" ; then 3661 if test "x$withval" = "xyes" ; then 3662 KRB5ROOT="/usr/local" 3663 else 3664 KRB5ROOT=${withval} 3665 fi 3666 3667 AC_DEFINE([KRB5], [1], [Define if you want Kerberos 5 support]) 3668 KRB5_MSG="yes" 3669 3670 AC_PATH_PROG([KRB5CONF], [krb5-config], 3671 [$KRB5ROOT/bin/krb5-config], 3672 [$KRB5ROOT/bin:$PATH]) 3673 if test -x $KRB5CONF ; then 3674 K5CFLAGS="`$KRB5CONF --cflags`" 3675 K5LIBS="`$KRB5CONF --libs`" 3676 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3677 3678 AC_MSG_CHECKING([for gssapi support]) 3679 if $KRB5CONF | grep gssapi >/dev/null ; then 3680 AC_MSG_RESULT([yes]) 3681 AC_DEFINE([GSSAPI], [1], 3682 [Define this if you want GSSAPI 3683 support in the version 2 protocol]) 3684 GSSCFLAGS="`$KRB5CONF --cflags gssapi`" 3685 GSSLIBS="`$KRB5CONF --libs gssapi`" 3686 CPPFLAGS="$CPPFLAGS $GSSCFLAGS" 3687 else 3688 AC_MSG_RESULT([no]) 3689 fi 3690 AC_MSG_CHECKING([whether we are using Heimdal]) 3691 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <krb5.h> 3692 ]], [[ char *tmp = heimdal_version; ]])], 3693 [ AC_MSG_RESULT([yes]) 3694 AC_DEFINE([HEIMDAL], [1], 3695 [Define this if you are using the Heimdal 3696 version of Kerberos V5]) ], 3697 [AC_MSG_RESULT([no]) 3698 ]) 3699 else 3700 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3701 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3702 AC_MSG_CHECKING([whether we are using Heimdal]) 3703 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <krb5.h> 3704 ]], [[ char *tmp = heimdal_version; ]])], 3705 [ AC_MSG_RESULT([yes]) 3706 AC_DEFINE([HEIMDAL]) 3707 K5LIBS="-lkrb5" 3708 K5LIBS="$K5LIBS -lcom_err -lasn1" 3709 AC_CHECK_LIB([roken], [net_write], 3710 [K5LIBS="$K5LIBS -lroken"]) 3711 AC_CHECK_LIB([des], [des_cbc_encrypt], 3712 [K5LIBS="$K5LIBS -ldes"]) 3713 ], [ AC_MSG_RESULT([no]) 3714 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3715 3716 ]) 3717 AC_SEARCH_LIBS([dn_expand], [resolv]) 3718 3719 AC_CHECK_LIB([gssapi_krb5], [gss_init_sec_context], 3720 [ AC_DEFINE([GSSAPI]) 3721 GSSLIBS="-lgssapi_krb5" ], 3722 [ AC_CHECK_LIB([gssapi], [gss_init_sec_context], 3723 [ AC_DEFINE([GSSAPI]) 3724 GSSLIBS="-lgssapi" ], 3725 [ AC_CHECK_LIB([gss], [gss_init_sec_context], 3726 [ AC_DEFINE([GSSAPI]) 3727 GSSLIBS="-lgss" ], 3728 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail])) 3729 ]) 3730 ]) 3731 3732 AC_CHECK_HEADER([gssapi.h], , 3733 [ unset ac_cv_header_gssapi_h 3734 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3735 AC_CHECK_HEADERS([gssapi.h], , 3736 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3737 ) 3738 ] 3739 ) 3740 3741 oldCPP="$CPPFLAGS" 3742 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3743 AC_CHECK_HEADER([gssapi_krb5.h], , 3744 [ CPPFLAGS="$oldCPP" ]) 3745 3746 fi 3747 if test ! -z "$need_dash_r" ; then 3748 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3749 fi 3750 if test ! -z "$blibpath" ; then 3751 blibpath="$blibpath:${KRB5ROOT}/lib" 3752 fi 3753 3754 AC_CHECK_HEADERS([gssapi.h gssapi/gssapi.h]) 3755 AC_CHECK_HEADERS([gssapi_krb5.h gssapi/gssapi_krb5.h]) 3756 AC_CHECK_HEADERS([gssapi_generic.h gssapi/gssapi_generic.h]) 3757 3758 AC_SEARCH_LIBS([k_hasafs], [kafs], [AC_DEFINE([USE_AFS], [1], 3759 [Define this if you want to use libkafs' AFS support])]) 3760 3761 AC_CHECK_DECLS([GSS_C_NT_HOSTBASED_SERVICE], [], [], [[ 3762#ifdef HAVE_GSSAPI_H 3763# include <gssapi.h> 3764#elif defined(HAVE_GSSAPI_GSSAPI_H) 3765# include <gssapi/gssapi.h> 3766#endif 3767 3768#ifdef HAVE_GSSAPI_GENERIC_H 3769# include <gssapi_generic.h> 3770#elif defined(HAVE_GSSAPI_GSSAPI_GENERIC_H) 3771# include <gssapi/gssapi_generic.h> 3772#endif 3773 ]]) 3774 fi 3775 ] 3776) 3777AC_SUBST([GSSLIBS]) 3778AC_SUBST([K5LIBS]) 3779 3780# Looking for programs, paths and files 3781 3782PRIVSEP_PATH=/var/empty 3783AC_ARG_WITH([privsep-path], 3784 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3785 [ 3786 if test -n "$withval" && test "x$withval" != "xno" && \ 3787 test "x${withval}" != "xyes"; then 3788 PRIVSEP_PATH=$withval 3789 fi 3790 ] 3791) 3792AC_SUBST([PRIVSEP_PATH]) 3793 3794AC_ARG_WITH([xauth], 3795 [ --with-xauth=PATH Specify path to xauth program ], 3796 [ 3797 if test -n "$withval" && test "x$withval" != "xno" && \ 3798 test "x${withval}" != "xyes"; then 3799 xauth_path=$withval 3800 fi 3801 ], 3802 [ 3803 TestPath="$PATH" 3804 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3805 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3806 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3807 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3808 AC_PATH_PROG([xauth_path], [xauth], , [$TestPath]) 3809 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3810 xauth_path="/usr/openwin/bin/xauth" 3811 fi 3812 ] 3813) 3814 3815STRIP_OPT=-s 3816AC_ARG_ENABLE([strip], 3817 [ --disable-strip Disable calling strip(1) on install], 3818 [ 3819 if test "x$enableval" = "xno" ; then 3820 STRIP_OPT= 3821 fi 3822 ] 3823) 3824AC_SUBST([STRIP_OPT]) 3825 3826if test -z "$xauth_path" ; then 3827 XAUTH_PATH="undefined" 3828 AC_SUBST([XAUTH_PATH]) 3829else 3830 AC_DEFINE_UNQUOTED([XAUTH_PATH], ["$xauth_path"], 3831 [Define if xauth is found in your path]) 3832 XAUTH_PATH=$xauth_path 3833 AC_SUBST([XAUTH_PATH]) 3834fi 3835 3836dnl # --with-maildir=/path/to/mail gets top priority. 3837dnl # if maildir is set in the platform case statement above we use that. 3838dnl # Otherwise we run a program to get the dir from system headers. 3839dnl # We first look for _PATH_MAILDIR then MAILDIR then _PATH_MAIL 3840dnl # If we find _PATH_MAILDIR we do nothing because that is what 3841dnl # session.c expects anyway. Otherwise we set to the value found 3842dnl # stripping any trailing slash. If for some strage reason our program 3843dnl # does not find what it needs, we default to /var/spool/mail. 3844# Check for mail directory 3845AC_ARG_WITH([maildir], 3846 [ --with-maildir=/path/to/mail Specify your system mail directory], 3847 [ 3848 if test "X$withval" != X && test "x$withval" != xno && \ 3849 test "x${withval}" != xyes; then 3850 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$withval"], 3851 [Set this to your mail directory if you do not have _PATH_MAILDIR]) 3852 fi 3853 ],[ 3854 if test "X$maildir" != "X"; then 3855 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$maildir"]) 3856 else 3857 AC_MSG_CHECKING([Discovering system mail directory]) 3858 AC_RUN_IFELSE( 3859 [AC_LANG_PROGRAM([[ 3860#include <stdio.h> 3861#include <string.h> 3862#ifdef HAVE_PATHS_H 3863#include <paths.h> 3864#endif 3865#ifdef HAVE_MAILLOCK_H 3866#include <maillock.h> 3867#endif 3868#define DATA "conftest.maildir" 3869 ]], [[ 3870 FILE *fd; 3871 int rc; 3872 3873 fd = fopen(DATA,"w"); 3874 if(fd == NULL) 3875 exit(1); 3876 3877#if defined (_PATH_MAILDIR) 3878 if ((rc = fprintf(fd ,"_PATH_MAILDIR:%s\n", _PATH_MAILDIR)) <0) 3879 exit(1); 3880#elif defined (MAILDIR) 3881 if ((rc = fprintf(fd ,"MAILDIR:%s\n", MAILDIR)) <0) 3882 exit(1); 3883#elif defined (_PATH_MAIL) 3884 if ((rc = fprintf(fd ,"_PATH_MAIL:%s\n", _PATH_MAIL)) <0) 3885 exit(1); 3886#else 3887 exit (2); 3888#endif 3889 3890 exit(0); 3891 ]])], 3892 [ 3893 maildir_what=`awk -F: '{print $1}' conftest.maildir` 3894 maildir=`awk -F: '{print $2}' conftest.maildir \ 3895 | sed 's|/$||'` 3896 AC_MSG_RESULT([Using: $maildir from $maildir_what]) 3897 if test "x$maildir_what" != "x_PATH_MAILDIR"; then 3898 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$maildir"]) 3899 fi 3900 ], 3901 [ 3902 if test "X$ac_status" = "X2";then 3903# our test program didn't find it. Default to /var/spool/mail 3904 AC_MSG_RESULT([Using: default value of /var/spool/mail]) 3905 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["/var/spool/mail"]) 3906 else 3907 AC_MSG_RESULT([*** not found ***]) 3908 fi 3909 ], 3910 [ 3911 AC_MSG_WARN([cross compiling: use --with-maildir=/path/to/mail]) 3912 ] 3913 ) 3914 fi 3915 ] 3916) # maildir 3917 3918if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3919 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3920 disable_ptmx_check=yes 3921fi 3922if test -z "$no_dev_ptmx" ; then 3923 if test "x$disable_ptmx_check" != "xyes" ; then 3924 AC_CHECK_FILE(["/dev/ptmx"], 3925 [ 3926 AC_DEFINE_UNQUOTED([HAVE_DEV_PTMX], [1], 3927 [Define if you have /dev/ptmx]) 3928 have_dev_ptmx=1 3929 ] 3930 ) 3931 fi 3932fi 3933 3934if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3935 AC_CHECK_FILE(["/dev/ptc"], 3936 [ 3937 AC_DEFINE_UNQUOTED([HAVE_DEV_PTS_AND_PTC], [1], 3938 [Define if you have /dev/ptc]) 3939 have_dev_ptc=1 3940 ] 3941 ) 3942else 3943 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3944fi 3945 3946# Options from here on. Some of these are preset by platform above 3947AC_ARG_WITH([mantype], 3948 [ --with-mantype=man|cat|doc Set man page type], 3949 [ 3950 case "$withval" in 3951 man|cat|doc) 3952 MANTYPE=$withval 3953 ;; 3954 *) 3955 AC_MSG_ERROR([invalid man type: $withval]) 3956 ;; 3957 esac 3958 ] 3959) 3960if test -z "$MANTYPE"; then 3961 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3962 AC_PATH_PROGS([NROFF], [nroff awf], [/bin/false], [$TestPath]) 3963 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3964 MANTYPE=doc 3965 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3966 MANTYPE=man 3967 else 3968 MANTYPE=cat 3969 fi 3970fi 3971AC_SUBST([MANTYPE]) 3972if test "$MANTYPE" = "doc"; then 3973 mansubdir=man; 3974else 3975 mansubdir=$MANTYPE; 3976fi 3977AC_SUBST([mansubdir]) 3978 3979# Check whether to enable MD5 passwords 3980MD5_MSG="no" 3981AC_ARG_WITH([md5-passwords], 3982 [ --with-md5-passwords Enable use of MD5 passwords], 3983 [ 3984 if test "x$withval" != "xno" ; then 3985 AC_DEFINE([HAVE_MD5_PASSWORDS], [1], 3986 [Define if you want to allow MD5 passwords]) 3987 MD5_MSG="yes" 3988 fi 3989 ] 3990) 3991 3992# Whether to disable shadow password support 3993AC_ARG_WITH([shadow], 3994 [ --without-shadow Disable shadow password support], 3995 [ 3996 if test "x$withval" = "xno" ; then 3997 AC_DEFINE([DISABLE_SHADOW]) 3998 disable_shadow=yes 3999 fi 4000 ] 4001) 4002 4003if test -z "$disable_shadow" ; then 4004 AC_MSG_CHECKING([if the systems has expire shadow information]) 4005 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4006#include <sys/types.h> 4007#include <shadow.h> 4008struct spwd sp; 4009 ]], [[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ]])], 4010 [ sp_expire_available=yes ], [ 4011 ]) 4012 4013 if test "x$sp_expire_available" = "xyes" ; then 4014 AC_MSG_RESULT([yes]) 4015 AC_DEFINE([HAS_SHADOW_EXPIRE], [1], 4016 [Define if you want to use shadow password expire field]) 4017 else 4018 AC_MSG_RESULT([no]) 4019 fi 4020fi 4021 4022# Use ip address instead of hostname in $DISPLAY 4023if test ! -z "$IPADDR_IN_DISPLAY" ; then 4024 DISPLAY_HACK_MSG="yes" 4025 AC_DEFINE([IPADDR_IN_DISPLAY], [1], 4026 [Define if you need to use IP address 4027 instead of hostname in $DISPLAY]) 4028else 4029 DISPLAY_HACK_MSG="no" 4030 AC_ARG_WITH([ipaddr-display], 4031 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 4032 [ 4033 if test "x$withval" != "xno" ; then 4034 AC_DEFINE([IPADDR_IN_DISPLAY]) 4035 DISPLAY_HACK_MSG="yes" 4036 fi 4037 ] 4038 ) 4039fi 4040 4041# check for /etc/default/login and use it if present. 4042AC_ARG_ENABLE([etc-default-login], 4043 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 4044 [ if test "x$enableval" = "xno"; then 4045 AC_MSG_NOTICE([/etc/default/login handling disabled]) 4046 etc_default_login=no 4047 else 4048 etc_default_login=yes 4049 fi ], 4050 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 4051 then 4052 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 4053 etc_default_login=no 4054 else 4055 etc_default_login=yes 4056 fi ] 4057) 4058 4059if test "x$etc_default_login" != "xno"; then 4060 AC_CHECK_FILE(["/etc/default/login"], 4061 [ external_path_file=/etc/default/login ]) 4062 if test "x$external_path_file" = "x/etc/default/login"; then 4063 AC_DEFINE([HAVE_ETC_DEFAULT_LOGIN], [1], 4064 [Define if your system has /etc/default/login]) 4065 fi 4066fi 4067 4068dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 4069if test $ac_cv_func_login_getcapbool = "yes" && \ 4070 test $ac_cv_header_login_cap_h = "yes" ; then 4071 external_path_file=/etc/login.conf 4072fi 4073 4074# Whether to mess with the default path 4075SERVER_PATH_MSG="(default)" 4076AC_ARG_WITH([default-path], 4077 [ --with-default-path= Specify default \$PATH environment for server], 4078 [ 4079 if test "x$external_path_file" = "x/etc/login.conf" ; then 4080 AC_MSG_WARN([ 4081--with-default-path=PATH has no effect on this system. 4082Edit /etc/login.conf instead.]) 4083 elif test "x$withval" != "xno" ; then 4084 if test ! -z "$external_path_file" ; then 4085 AC_MSG_WARN([ 4086--with-default-path=PATH will only be used if PATH is not defined in 4087$external_path_file .]) 4088 fi 4089 user_path="$withval" 4090 SERVER_PATH_MSG="$withval" 4091 fi 4092 ], 4093 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 4094 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 4095 else 4096 if test ! -z "$external_path_file" ; then 4097 AC_MSG_WARN([ 4098If PATH is defined in $external_path_file, ensure the path to scp is included, 4099otherwise scp will not work.]) 4100 fi 4101 AC_RUN_IFELSE( 4102 [AC_LANG_PROGRAM([[ 4103/* find out what STDPATH is */ 4104#include <stdio.h> 4105#ifdef HAVE_PATHS_H 4106# include <paths.h> 4107#endif 4108#ifndef _PATH_STDPATH 4109# ifdef _PATH_USERPATH /* Irix */ 4110# define _PATH_STDPATH _PATH_USERPATH 4111# else 4112# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 4113# endif 4114#endif 4115#include <sys/types.h> 4116#include <sys/stat.h> 4117#include <fcntl.h> 4118#define DATA "conftest.stdpath" 4119 ]], [[ 4120 FILE *fd; 4121 int rc; 4122 4123 fd = fopen(DATA,"w"); 4124 if(fd == NULL) 4125 exit(1); 4126 4127 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 4128 exit(1); 4129 4130 exit(0); 4131 ]])], 4132 [ user_path=`cat conftest.stdpath` ], 4133 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 4134 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 4135 ) 4136# make sure $bindir is in USER_PATH so scp will work 4137 t_bindir="${bindir}" 4138 while echo "${t_bindir}" | egrep '\$\{|NONE/' >/dev/null 2>&1; do 4139 t_bindir=`eval echo ${t_bindir}` 4140 case $t_bindir in 4141 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 4142 esac 4143 case $t_bindir in 4144 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 4145 esac 4146 done 4147 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 4148 if test $? -ne 0 ; then 4149 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 4150 if test $? -ne 0 ; then 4151 user_path=$user_path:$t_bindir 4152 AC_MSG_RESULT([Adding $t_bindir to USER_PATH so scp will work]) 4153 fi 4154 fi 4155 fi ] 4156) 4157if test "x$external_path_file" != "x/etc/login.conf" ; then 4158 AC_DEFINE_UNQUOTED([USER_PATH], ["$user_path"], [Specify default $PATH]) 4159 AC_SUBST([user_path]) 4160fi 4161 4162# Set superuser path separately to user path 4163AC_ARG_WITH([superuser-path], 4164 [ --with-superuser-path= Specify different path for super-user], 4165 [ 4166 if test -n "$withval" && test "x$withval" != "xno" && \ 4167 test "x${withval}" != "xyes"; then 4168 AC_DEFINE_UNQUOTED([SUPERUSER_PATH], ["$withval"], 4169 [Define if you want a different $PATH 4170 for the superuser]) 4171 superuser_path=$withval 4172 fi 4173 ] 4174) 4175 4176 4177AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 4178IPV4_IN6_HACK_MSG="no" 4179AC_ARG_WITH(4in6, 4180 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 4181 [ 4182 if test "x$withval" != "xno" ; then 4183 AC_MSG_RESULT([yes]) 4184 AC_DEFINE([IPV4_IN_IPV6], [1], 4185 [Detect IPv4 in IPv6 mapped addresses 4186 and treat as IPv4]) 4187 IPV4_IN6_HACK_MSG="yes" 4188 else 4189 AC_MSG_RESULT([no]) 4190 fi 4191 ], [ 4192 if test "x$inet6_default_4in6" = "xyes"; then 4193 AC_MSG_RESULT([yes (default)]) 4194 AC_DEFINE([IPV4_IN_IPV6]) 4195 IPV4_IN6_HACK_MSG="yes" 4196 else 4197 AC_MSG_RESULT([no (default)]) 4198 fi 4199 ] 4200) 4201 4202# Whether to enable BSD auth support 4203BSD_AUTH_MSG=no 4204AC_ARG_WITH([bsd-auth], 4205 [ --with-bsd-auth Enable BSD auth support], 4206 [ 4207 if test "x$withval" != "xno" ; then 4208 AC_DEFINE([BSD_AUTH], [1], 4209 [Define if you have BSD auth support]) 4210 BSD_AUTH_MSG=yes 4211 fi 4212 ] 4213) 4214 4215# Where to place sshd.pid 4216piddir=/var/run 4217# make sure the directory exists 4218if test ! -d $piddir ; then 4219 piddir=`eval echo ${sysconfdir}` 4220 case $piddir in 4221 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 4222 esac 4223fi 4224 4225AC_ARG_WITH([pid-dir], 4226 [ --with-pid-dir=PATH Specify location of ssh.pid file], 4227 [ 4228 if test -n "$withval" && test "x$withval" != "xno" && \ 4229 test "x${withval}" != "xyes"; then 4230 piddir=$withval 4231 if test ! -d $piddir ; then 4232 AC_MSG_WARN([** no $piddir directory on this system **]) 4233 fi 4234 fi 4235 ] 4236) 4237 4238AC_DEFINE_UNQUOTED([_PATH_SSH_PIDDIR], ["$piddir"], 4239 [Specify location of ssh.pid]) 4240AC_SUBST([piddir]) 4241 4242dnl allow user to disable some login recording features 4243AC_ARG_ENABLE([lastlog], 4244 [ --disable-lastlog disable use of lastlog even if detected [no]], 4245 [ 4246 if test "x$enableval" = "xno" ; then 4247 AC_DEFINE([DISABLE_LASTLOG]) 4248 fi 4249 ] 4250) 4251AC_ARG_ENABLE([utmp], 4252 [ --disable-utmp disable use of utmp even if detected [no]], 4253 [ 4254 if test "x$enableval" = "xno" ; then 4255 AC_DEFINE([DISABLE_UTMP]) 4256 fi 4257 ] 4258) 4259AC_ARG_ENABLE([utmpx], 4260 [ --disable-utmpx disable use of utmpx even if detected [no]], 4261 [ 4262 if test "x$enableval" = "xno" ; then 4263 AC_DEFINE([DISABLE_UTMPX], [1], 4264 [Define if you don't want to use utmpx]) 4265 fi 4266 ] 4267) 4268AC_ARG_ENABLE([wtmp], 4269 [ --disable-wtmp disable use of wtmp even if detected [no]], 4270 [ 4271 if test "x$enableval" = "xno" ; then 4272 AC_DEFINE([DISABLE_WTMP]) 4273 fi 4274 ] 4275) 4276AC_ARG_ENABLE([wtmpx], 4277 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 4278 [ 4279 if test "x$enableval" = "xno" ; then 4280 AC_DEFINE([DISABLE_WTMPX], [1], 4281 [Define if you don't want to use wtmpx]) 4282 fi 4283 ] 4284) 4285AC_ARG_ENABLE([libutil], 4286 [ --disable-libutil disable use of libutil (login() etc.) [no]], 4287 [ 4288 if test "x$enableval" = "xno" ; then 4289 AC_DEFINE([DISABLE_LOGIN]) 4290 fi 4291 ] 4292) 4293AC_ARG_ENABLE([pututline], 4294 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 4295 [ 4296 if test "x$enableval" = "xno" ; then 4297 AC_DEFINE([DISABLE_PUTUTLINE], [1], 4298 [Define if you don't want to use pututline() 4299 etc. to write [uw]tmp]) 4300 fi 4301 ] 4302) 4303AC_ARG_ENABLE([pututxline], 4304 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 4305 [ 4306 if test "x$enableval" = "xno" ; then 4307 AC_DEFINE([DISABLE_PUTUTXLINE], [1], 4308 [Define if you don't want to use pututxline() 4309 etc. to write [uw]tmpx]) 4310 fi 4311 ] 4312) 4313AC_ARG_WITH([lastlog], 4314 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 4315 [ 4316 if test "x$withval" = "xno" ; then 4317 AC_DEFINE([DISABLE_LASTLOG]) 4318 elif test -n "$withval" && test "x${withval}" != "xyes"; then 4319 conf_lastlog_location=$withval 4320 fi 4321 ] 4322) 4323 4324dnl lastlog, [uw]tmpx? detection 4325dnl NOTE: set the paths in the platform section to avoid the 4326dnl need for command-line parameters 4327dnl lastlog and [uw]tmp are subject to a file search if all else fails 4328 4329dnl lastlog detection 4330dnl NOTE: the code itself will detect if lastlog is a directory 4331AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 4332AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4333#include <sys/types.h> 4334#include <utmp.h> 4335#ifdef HAVE_LASTLOG_H 4336# include <lastlog.h> 4337#endif 4338#ifdef HAVE_PATHS_H 4339# include <paths.h> 4340#endif 4341#ifdef HAVE_LOGIN_H 4342# include <login.h> 4343#endif 4344 ]], [[ char *lastlog = LASTLOG_FILE; ]])], 4345 [ AC_MSG_RESULT([yes]) ], 4346 [ 4347 AC_MSG_RESULT([no]) 4348 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 4349 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4350#include <sys/types.h> 4351#include <utmp.h> 4352#ifdef HAVE_LASTLOG_H 4353# include <lastlog.h> 4354#endif 4355#ifdef HAVE_PATHS_H 4356# include <paths.h> 4357#endif 4358 ]], [[ char *lastlog = _PATH_LASTLOG; ]])], 4359 [ AC_MSG_RESULT([yes]) ], 4360 [ 4361 AC_MSG_RESULT([no]) 4362 system_lastlog_path=no 4363 ]) 4364]) 4365 4366if test -z "$conf_lastlog_location"; then 4367 if test x"$system_lastlog_path" = x"no" ; then 4368 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 4369 if (test -d "$f" || test -f "$f") ; then 4370 conf_lastlog_location=$f 4371 fi 4372 done 4373 if test -z "$conf_lastlog_location"; then 4374 AC_MSG_WARN([** Cannot find lastlog **]) 4375 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 4376 fi 4377 fi 4378fi 4379 4380if test -n "$conf_lastlog_location"; then 4381 AC_DEFINE_UNQUOTED([CONF_LASTLOG_FILE], ["$conf_lastlog_location"], 4382 [Define if you want to specify the path to your lastlog file]) 4383fi 4384 4385dnl utmp detection 4386AC_MSG_CHECKING([if your system defines UTMP_FILE]) 4387AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4388#include <sys/types.h> 4389#include <utmp.h> 4390#ifdef HAVE_PATHS_H 4391# include <paths.h> 4392#endif 4393 ]], [[ char *utmp = UTMP_FILE; ]])], 4394 [ AC_MSG_RESULT([yes]) ], 4395 [ AC_MSG_RESULT([no]) 4396 system_utmp_path=no 4397]) 4398if test -z "$conf_utmp_location"; then 4399 if test x"$system_utmp_path" = x"no" ; then 4400 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 4401 if test -f $f ; then 4402 conf_utmp_location=$f 4403 fi 4404 done 4405 if test -z "$conf_utmp_location"; then 4406 AC_DEFINE([DISABLE_UTMP]) 4407 fi 4408 fi 4409fi 4410if test -n "$conf_utmp_location"; then 4411 AC_DEFINE_UNQUOTED([CONF_UTMP_FILE], ["$conf_utmp_location"], 4412 [Define if you want to specify the path to your utmp file]) 4413fi 4414 4415dnl wtmp detection 4416AC_MSG_CHECKING([if your system defines WTMP_FILE]) 4417AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4418#include <sys/types.h> 4419#include <utmp.h> 4420#ifdef HAVE_PATHS_H 4421# include <paths.h> 4422#endif 4423 ]], [[ char *wtmp = WTMP_FILE; ]])], 4424 [ AC_MSG_RESULT([yes]) ], 4425 [ AC_MSG_RESULT([no]) 4426 system_wtmp_path=no 4427]) 4428if test -z "$conf_wtmp_location"; then 4429 if test x"$system_wtmp_path" = x"no" ; then 4430 for f in /usr/adm/wtmp /var/log/wtmp; do 4431 if test -f $f ; then 4432 conf_wtmp_location=$f 4433 fi 4434 done 4435 if test -z "$conf_wtmp_location"; then 4436 AC_DEFINE([DISABLE_WTMP]) 4437 fi 4438 fi 4439fi 4440if test -n "$conf_wtmp_location"; then 4441 AC_DEFINE_UNQUOTED([CONF_WTMP_FILE], ["$conf_wtmp_location"], 4442 [Define if you want to specify the path to your wtmp file]) 4443fi 4444 4445dnl wtmpx detection 4446AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 4447AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4448#include <sys/types.h> 4449#include <utmp.h> 4450#ifdef HAVE_UTMPX_H 4451#include <utmpx.h> 4452#endif 4453#ifdef HAVE_PATHS_H 4454# include <paths.h> 4455#endif 4456 ]], [[ char *wtmpx = WTMPX_FILE; ]])], 4457 [ AC_MSG_RESULT([yes]) ], 4458 [ AC_MSG_RESULT([no]) 4459 system_wtmpx_path=no 4460]) 4461if test -z "$conf_wtmpx_location"; then 4462 if test x"$system_wtmpx_path" = x"no" ; then 4463 AC_DEFINE([DISABLE_WTMPX]) 4464 fi 4465else 4466 AC_DEFINE_UNQUOTED([CONF_WTMPX_FILE], ["$conf_wtmpx_location"], 4467 [Define if you want to specify the path to your wtmpx file]) 4468fi 4469 4470 4471if test ! -z "$blibpath" ; then 4472 LDFLAGS="$LDFLAGS $blibflags$blibpath" 4473 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 4474fi 4475 4476AC_CHECK_MEMBER([struct lastlog.ll_line], [], [ 4477 if test x$SKIP_DISABLE_LASTLOG_DEFINE != "xyes" ; then 4478 AC_DEFINE([DISABLE_LASTLOG]) 4479 fi 4480 ], [ 4481#ifdef HAVE_SYS_TYPES_H 4482#include <sys/types.h> 4483#endif 4484#ifdef HAVE_UTMP_H 4485#include <utmp.h> 4486#endif 4487#ifdef HAVE_UTMPX_H 4488#include <utmpx.h> 4489#endif 4490#ifdef HAVE_LASTLOG_H 4491#include <lastlog.h> 4492#endif 4493 ]) 4494 4495AC_CHECK_MEMBER([struct utmp.ut_line], [], [ 4496 AC_DEFINE([DISABLE_UTMP]) 4497 AC_DEFINE([DISABLE_WTMP]) 4498 ], [ 4499#ifdef HAVE_SYS_TYPES_H 4500#include <sys/types.h> 4501#endif 4502#ifdef HAVE_UTMP_H 4503#include <utmp.h> 4504#endif 4505#ifdef HAVE_UTMPX_H 4506#include <utmpx.h> 4507#endif 4508#ifdef HAVE_LASTLOG_H 4509#include <lastlog.h> 4510#endif 4511 ]) 4512 4513dnl Adding -Werror to CFLAGS early prevents configure tests from running. 4514dnl Add now. 4515CFLAGS="$CFLAGS $werror_flags" 4516 4517if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then 4518 TEST_SSH_IPV6=no 4519else 4520 TEST_SSH_IPV6=yes 4521fi 4522AC_CHECK_DECL([BROKEN_GETADDRINFO], [TEST_SSH_IPV6=no]) 4523AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6]) 4524 4525AC_EXEEXT 4526AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 4527 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 4528 survey.sh]) 4529AC_OUTPUT 4530 4531# Print summary of options 4532 4533# Someone please show me a better way :) 4534A=`eval echo ${prefix}` ; A=`eval echo ${A}` 4535B=`eval echo ${bindir}` ; B=`eval echo ${B}` 4536C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 4537D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 4538E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 4539F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 4540G=`eval echo ${piddir}` ; G=`eval echo ${G}` 4541H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 4542I=`eval echo ${user_path}` ; I=`eval echo ${I}` 4543J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 4544 4545echo "" 4546echo "OpenSSH has been configured with the following options:" 4547echo " User binaries: $B" 4548echo " System binaries: $C" 4549echo " Configuration files: $D" 4550echo " Askpass program: $E" 4551echo " Manual pages: $F" 4552echo " PID file: $G" 4553echo " Privilege separation chroot path: $H" 4554if test "x$external_path_file" = "x/etc/login.conf" ; then 4555echo " At runtime, sshd will use the path defined in $external_path_file" 4556echo " Make sure the path to scp is present, otherwise scp will not work" 4557else 4558echo " sshd default user PATH: $I" 4559 if test ! -z "$external_path_file"; then 4560echo " (If PATH is set in $external_path_file it will be used instead. If" 4561echo " used, ensure the path to scp is present, otherwise scp will not work.)" 4562 fi 4563fi 4564if test ! -z "$superuser_path" ; then 4565echo " sshd superuser user PATH: $J" 4566fi 4567echo " Manpage format: $MANTYPE" 4568echo " PAM support: $PAM_MSG" 4569echo " OSF SIA support: $SIA_MSG" 4570echo " KerberosV support: $KRB5_MSG" 4571echo " SELinux support: $SELINUX_MSG" 4572echo " Smartcard support: $SCARD_MSG" 4573echo " S/KEY support: $SKEY_MSG" 4574echo " TCP Wrappers support: $TCPW_MSG" 4575echo " MD5 password support: $MD5_MSG" 4576echo " libedit support: $LIBEDIT_MSG" 4577echo " Solaris process contract support: $SPC_MSG" 4578echo " Solaris project support: $SP_MSG" 4579echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4580echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4581echo " BSD Auth support: $BSD_AUTH_MSG" 4582echo " Random number source: $RAND_MSG" 4583echo " Privsep sandbox style: $SANDBOX_STYLE" 4584 4585echo "" 4586 4587echo " Host: ${host}" 4588echo " Compiler: ${CC}" 4589echo " Compiler flags: ${CFLAGS}" 4590echo "Preprocessor flags: ${CPPFLAGS}" 4591echo " Linker flags: ${LDFLAGS}" 4592echo " Libraries: ${LIBS}" 4593if test ! -z "${SSHDLIBS}"; then 4594echo " +for sshd: ${SSHDLIBS}" 4595fi 4596if test ! -z "${SSHLIBS}"; then 4597echo " +for ssh: ${SSHLIBS}" 4598fi 4599 4600echo "" 4601 4602if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4603 echo "SVR4 style packages are supported with \"make package\"" 4604 echo "" 4605fi 4606 4607if test "x$PAM_MSG" = "xyes" ; then 4608 echo "PAM is enabled. You may need to install a PAM control file " 4609 echo "for sshd, otherwise password authentication may fail. " 4610 echo "Example PAM control files can be found in the contrib/ " 4611 echo "subdirectory" 4612 echo "" 4613fi 4614 4615if test ! -z "$NO_PEERCHECK" ; then 4616 echo "WARNING: the operating system that you are using does not" 4617 echo "appear to support getpeereid(), getpeerucred() or the" 4618 echo "SO_PEERCRED getsockopt() option. These facilities are used to" 4619 echo "enforce security checks to prevent unauthorised connections to" 4620 echo "ssh-agent. Their absence increases the risk that a malicious" 4621 echo "user can connect to your agent." 4622 echo "" 4623fi 4624 4625if test "$AUDIT_MODULE" = "bsm" ; then 4626 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4627 echo "See the Solaris section in README.platform for details." 4628fi 4629