1# $Id: configure.ac,v 1.480 2011/08/18 04:48:24 tim Exp $ 2# 3# Copyright (c) 1999-2004 Damien Miller 4# 5# Permission to use, copy, modify, and distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) 18AC_REVISION($Revision: 1.480 $) 19AC_CONFIG_SRCDIR([ssh.c]) 20AC_LANG([C]) 21 22AC_CONFIG_HEADER([config.h]) 23AC_PROG_CC 24AC_CANONICAL_HOST 25AC_C_BIGENDIAN 26 27# Checks for programs. 28AC_PROG_AWK 29AC_PROG_CPP 30AC_PROG_RANLIB 31AC_PROG_INSTALL 32AC_PROG_EGREP 33AC_PATH_PROG([AR], [ar]) 34AC_PATH_PROG([CAT], [cat]) 35AC_PATH_PROG([KILL], [kill]) 36AC_PATH_PROGS([PERL], [perl5 perl]) 37AC_PATH_PROG([SED], [sed]) 38AC_SUBST([PERL]) 39AC_PATH_PROG([ENT], [ent]) 40AC_SUBST([ENT]) 41AC_PATH_PROG([TEST_MINUS_S_SH], [bash]) 42AC_PATH_PROG([TEST_MINUS_S_SH], [ksh]) 43AC_PATH_PROG([TEST_MINUS_S_SH], [sh]) 44AC_PATH_PROG([SH], [sh]) 45AC_PATH_PROG([GROFF], [groff]) 46AC_PATH_PROG([NROFF], [nroff]) 47AC_PATH_PROG([MANDOC], [mandoc]) 48AC_SUBST([TEST_SHELL], [sh]) 49 50dnl select manpage formatter 51if test "x$MANDOC" != "x" ; then 52 MANFMT="$MANDOC" 53elif test "x$NROFF" != "x" ; then 54 MANFMT="$NROFF -mandoc" 55elif test "x$GROFF" != "x" ; then 56 MANFMT="$GROFF -mandoc -Tascii" 57else 58 AC_MSG_WARN([no manpage formatted found]) 59 MANFMT="false" 60fi 61AC_SUBST([MANFMT]) 62 63dnl for buildpkg.sh 64AC_PATH_PROG([PATH_GROUPADD_PROG], [groupadd], [groupadd], 65 [/usr/sbin${PATH_SEPARATOR}/etc]) 66AC_PATH_PROG([PATH_USERADD_PROG], [useradd], [useradd], 67 [/usr/sbin${PATH_SEPARATOR}/etc]) 68AC_CHECK_PROG([MAKE_PACKAGE_SUPPORTED], [pkgmk], [yes], [no]) 69if test -x /sbin/sh; then 70 AC_SUBST([STARTUP_SCRIPT_SHELL], [/sbin/sh]) 71else 72 AC_SUBST([STARTUP_SCRIPT_SHELL], [/bin/sh]) 73fi 74 75# System features 76AC_SYS_LARGEFILE 77 78if test -z "$AR" ; then 79 AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***]) 80fi 81 82# Use LOGIN_PROGRAM from environment if possible 83if test ! -z "$LOGIN_PROGRAM" ; then 84 AC_DEFINE_UNQUOTED([LOGIN_PROGRAM_FALLBACK], ["$LOGIN_PROGRAM"], 85 [If your header files don't define LOGIN_PROGRAM, 86 then use this (detected) from environment and PATH]) 87else 88 # Search for login 89 AC_PATH_PROG([LOGIN_PROGRAM_FALLBACK], [login]) 90 if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then 91 AC_DEFINE_UNQUOTED([LOGIN_PROGRAM_FALLBACK], ["$LOGIN_PROGRAM_FALLBACK"]) 92 fi 93fi 94 95AC_PATH_PROG([PATH_PASSWD_PROG], [passwd]) 96if test ! -z "$PATH_PASSWD_PROG" ; then 97 AC_DEFINE_UNQUOTED([_PATH_PASSWD_PROG], ["$PATH_PASSWD_PROG"], 98 [Full path of your "passwd" program]) 99fi 100 101if test -z "$LD" ; then 102 LD=$CC 103fi 104AC_SUBST([LD]) 105 106AC_C_INLINE 107 108AC_CHECK_DECL([LLONG_MAX], [have_llong_max=1], , [#include <limits.h>]) 109AC_CHECK_DECL([SYSTR_POLICY_KILL], [have_systr_policy_kill=1], , [ 110 #include <sys/types.h> 111 #include <sys/param.h> 112 #include <dev/systrace.h> 113]) 114AC_CHECK_DECL([RLIMIT_NPROC], 115 [AC_DEFINE([HAVE_RLIMIT_NPROC], [], [sys/resource.h has RLIMIT_NPROC])], , [ 116 #include <sys/types.h> 117 #include <sys/resource.h> 118]) 119 120use_stack_protector=1 121AC_ARG_WITH([stackprotect], 122 [ --without-stackprotect Don't use compiler's stack protection], [ 123 if test "x$withval" = "xno"; then 124 use_stack_protector=0 125 fi ]) 126 127 128if test "$GCC" = "yes" || test "$GCC" = "egcs"; then 129 OSSH_CHECK_CFLAG_COMPILE([-Wall]) 130 OSSH_CHECK_CFLAG_COMPILE([-Wpointer-arith]) 131 OSSH_CHECK_CFLAG_COMPILE([-Wuninitialized]) 132 OSSH_CHECK_CFLAG_COMPILE([-Wsign-compare]) 133 OSSH_CHECK_CFLAG_COMPILE([-Wformat-security]) 134 OSSH_CHECK_CFLAG_COMPILE([-Wpointer-sign], [-Wno-pointer-sign]) 135 OSSH_CHECK_CFLAG_COMPILE([-Wunused-result], [-Wno-unused-result]) 136 OSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing]) 137 AC_MSG_CHECKING([gcc version]) 138 GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'` 139 case $GCC_VER in 140 1.*) no_attrib_nonnull=1 ;; 141 2.8* | 2.9*) 142 no_attrib_nonnull=1 143 ;; 144 2.*) no_attrib_nonnull=1 ;; 145 *) ;; 146 esac 147 AC_MSG_RESULT([$GCC_VER]) 148 149 AC_MSG_CHECKING([if $CC accepts -fno-builtin-memset]) 150 saved_CFLAGS="$CFLAGS" 151 CFLAGS="$CFLAGS -fno-builtin-memset" 152 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <string.h> ]], 153 [[ char b[10]; memset(b, 0, sizeof(b)); ]])], 154 [ AC_MSG_RESULT([yes]) ], 155 [ AC_MSG_RESULT([no]) 156 CFLAGS="$saved_CFLAGS" ] 157 ) 158 159 # -fstack-protector-all doesn't always work for some GCC versions 160 # and/or platforms, so we test if we can. If it's not supported 161 # on a given platform gcc will emit a warning so we use -Werror. 162 if test "x$use_stack_protector" = "x1"; then 163 for t in -fstack-protector-all -fstack-protector; do 164 AC_MSG_CHECKING([if $CC supports $t]) 165 saved_CFLAGS="$CFLAGS" 166 saved_LDFLAGS="$LDFLAGS" 167 CFLAGS="$CFLAGS $t -Werror" 168 LDFLAGS="$LDFLAGS $t -Werror" 169 AC_LINK_IFELSE( 170 [AC_LANG_PROGRAM([[ #include <stdio.h> ]], 171 [[ 172 char x[256]; 173 snprintf(x, sizeof(x), "XXX"); 174 ]])], 175 [ AC_MSG_RESULT([yes]) 176 CFLAGS="$saved_CFLAGS $t" 177 LDFLAGS="$saved_LDFLAGS $t" 178 AC_MSG_CHECKING([if $t works]) 179 AC_RUN_IFELSE( 180 [AC_LANG_PROGRAM([[ #include <stdio.h> ]], 181 [[ 182 char x[256]; 183 snprintf(x, sizeof(x), "XXX"); 184 ]])], 185 [ AC_MSG_RESULT([yes]) 186 break ], 187 [ AC_MSG_RESULT([no]) ], 188 [ AC_MSG_WARN([cross compiling: cannot test]) 189 break ] 190 ) 191 ], 192 [ AC_MSG_RESULT([no]) ] 193 ) 194 CFLAGS="$saved_CFLAGS" 195 LDFLAGS="$saved_LDFLAGS" 196 done 197 fi 198 199 if test -z "$have_llong_max"; then 200 # retry LLONG_MAX with -std=gnu99, needed on some Linuxes 201 unset ac_cv_have_decl_LLONG_MAX 202 saved_CFLAGS="$CFLAGS" 203 CFLAGS="$CFLAGS -std=gnu99" 204 AC_CHECK_DECL([LLONG_MAX], 205 [have_llong_max=1], 206 [CFLAGS="$saved_CFLAGS"], 207 [#include <limits.h>] 208 ) 209 fi 210fi 211 212if test "x$no_attrib_nonnull" != "x1" ; then 213 AC_DEFINE([HAVE_ATTRIBUTE__NONNULL__], [1], [Have attribute nonnull]) 214fi 215 216AC_ARG_WITH([rpath], 217 [ --without-rpath Disable auto-added -R linker paths], 218 [ 219 if test "x$withval" = "xno" ; then 220 need_dash_r="" 221 fi 222 if test "x$withval" = "xyes" ; then 223 need_dash_r=1 224 fi 225 ] 226) 227 228# Allow user to specify flags 229AC_ARG_WITH([cflags], 230 [ --with-cflags Specify additional flags to pass to compiler], 231 [ 232 if test -n "$withval" && test "x$withval" != "xno" && \ 233 test "x${withval}" != "xyes"; then 234 CFLAGS="$CFLAGS $withval" 235 fi 236 ] 237) 238AC_ARG_WITH([cppflags], 239 [ --with-cppflags Specify additional flags to pass to preprocessor] , 240 [ 241 if test -n "$withval" && test "x$withval" != "xno" && \ 242 test "x${withval}" != "xyes"; then 243 CPPFLAGS="$CPPFLAGS $withval" 244 fi 245 ] 246) 247AC_ARG_WITH([ldflags], 248 [ --with-ldflags Specify additional flags to pass to linker], 249 [ 250 if test -n "$withval" && test "x$withval" != "xno" && \ 251 test "x${withval}" != "xyes"; then 252 LDFLAGS="$LDFLAGS $withval" 253 fi 254 ] 255) 256AC_ARG_WITH([libs], 257 [ --with-libs Specify additional libraries to link with], 258 [ 259 if test -n "$withval" && test "x$withval" != "xno" && \ 260 test "x${withval}" != "xyes"; then 261 LIBS="$LIBS $withval" 262 fi 263 ] 264) 265AC_ARG_WITH([Werror], 266 [ --with-Werror Build main code with -Werror], 267 [ 268 if test -n "$withval" && test "x$withval" != "xno"; then 269 werror_flags="-Werror" 270 if test "x${withval}" != "xyes"; then 271 werror_flags="$withval" 272 fi 273 fi 274 ] 275) 276 277AC_CHECK_HEADERS([ \ 278 bstring.h \ 279 crypt.h \ 280 crypto/sha2.h \ 281 dirent.h \ 282 endian.h \ 283 features.h \ 284 fcntl.h \ 285 floatingpoint.h \ 286 getopt.h \ 287 glob.h \ 288 ia.h \ 289 iaf.h \ 290 limits.h \ 291 login.h \ 292 maillock.h \ 293 ndir.h \ 294 net/if_tun.h \ 295 netdb.h \ 296 netgroup.h \ 297 pam/pam_appl.h \ 298 paths.h \ 299 poll.h \ 300 pty.h \ 301 readpassphrase.h \ 302 rpc/types.h \ 303 security/pam_appl.h \ 304 sha2.h \ 305 shadow.h \ 306 stddef.h \ 307 stdint.h \ 308 string.h \ 309 strings.h \ 310 sys/audit.h \ 311 sys/bitypes.h \ 312 sys/bsdtty.h \ 313 sys/cdefs.h \ 314 sys/dir.h \ 315 sys/mman.h \ 316 sys/ndir.h \ 317 sys/poll.h \ 318 sys/prctl.h \ 319 sys/pstat.h \ 320 sys/select.h \ 321 sys/stat.h \ 322 sys/stream.h \ 323 sys/stropts.h \ 324 sys/strtio.h \ 325 sys/statvfs.h \ 326 sys/sysmacros.h \ 327 sys/time.h \ 328 sys/timers.h \ 329 sys/un.h \ 330 time.h \ 331 tmpdir.h \ 332 ttyent.h \ 333 ucred.h \ 334 unistd.h \ 335 usersec.h \ 336 util.h \ 337 utime.h \ 338 utmp.h \ 339 utmpx.h \ 340 vis.h \ 341]) 342 343# lastlog.h requires sys/time.h to be included first on Solaris 344AC_CHECK_HEADERS([lastlog.h], [], [], [ 345#ifdef HAVE_SYS_TIME_H 346# include <sys/time.h> 347#endif 348]) 349 350# sys/ptms.h requires sys/stream.h to be included first on Solaris 351AC_CHECK_HEADERS([sys/ptms.h], [], [], [ 352#ifdef HAVE_SYS_STREAM_H 353# include <sys/stream.h> 354#endif 355]) 356 357# login_cap.h requires sys/types.h on NetBSD 358AC_CHECK_HEADERS([login_cap.h], [], [], [ 359#include <sys/types.h> 360]) 361 362# older BSDs need sys/param.h before sys/mount.h 363AC_CHECK_HEADERS([sys/mount.h], [], [], [ 364#include <sys/param.h> 365]) 366 367# Messages for features tested for in target-specific section 368SIA_MSG="no" 369SPC_MSG="no" 370SP_MSG="no" 371 372# Check for some target-specific stuff 373case "$host" in 374*-*-aix*) 375 # Some versions of VAC won't allow macro redefinitions at 376 # -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that 377 # particularly with older versions of vac or xlc. 378 # It also throws errors about null macro argments, but these are 379 # not fatal. 380 AC_MSG_CHECKING([if compiler allows macro redefinitions]) 381 AC_COMPILE_IFELSE( 382 [AC_LANG_PROGRAM([[ 383#define testmacro foo 384#define testmacro bar]], 385 [[ exit(0); ]])], 386 [ AC_MSG_RESULT([yes]) ], 387 [ AC_MSG_RESULT([no]) 388 CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`" 389 LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`" 390 CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`" 391 CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`" 392 ] 393 ) 394 395 AC_MSG_CHECKING([how to specify blibpath for linker ($LD)]) 396 if (test -z "$blibpath"); then 397 blibpath="/usr/lib:/lib" 398 fi 399 saved_LDFLAGS="$LDFLAGS" 400 if test "$GCC" = "yes"; then 401 flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:" 402 else 403 flags="-blibpath: -Wl,-blibpath: -Wl,-rpath," 404 fi 405 for tryflags in $flags ;do 406 if (test -z "$blibflags"); then 407 LDFLAGS="$saved_LDFLAGS $tryflags$blibpath" 408 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], 409 [blibflags=$tryflags], []) 410 fi 411 done 412 if (test -z "$blibflags"); then 413 AC_MSG_RESULT([not found]) 414 AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log]) 415 else 416 AC_MSG_RESULT([$blibflags]) 417 fi 418 LDFLAGS="$saved_LDFLAGS" 419 dnl Check for authenticate. Might be in libs.a on older AIXes 420 AC_CHECK_FUNC([authenticate], [AC_DEFINE([WITH_AIXAUTHENTICATE], [1], 421 [Define if you want to enable AIX4's authenticate function])], 422 [AC_CHECK_LIB([s], [authenticate], 423 [ AC_DEFINE([WITH_AIXAUTHENTICATE]) 424 LIBS="$LIBS -ls" 425 ]) 426 ]) 427 dnl Check for various auth function declarations in headers. 428 AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess, 429 passwdexpired, setauthdb], , , [#include <usersec.h>]) 430 dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2) 431 AC_CHECK_DECLS([loginfailed], 432 [AC_MSG_CHECKING([if loginfailed takes 4 arguments]) 433 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <usersec.h> ]], 434 [[ (void)loginfailed("user","host","tty",0); ]])], 435 [AC_MSG_RESULT([yes]) 436 AC_DEFINE([AIX_LOGINFAILED_4ARG], [1], 437 [Define if your AIX loginfailed() function 438 takes 4 arguments (AIX >= 5.2)])], [AC_MSG_RESULT([no]) 439 ])], 440 [], 441 [#include <usersec.h>] 442 ) 443 AC_CHECK_FUNCS([getgrset setauthdb]) 444 AC_CHECK_DECL([F_CLOSEM], 445 AC_DEFINE([HAVE_FCNTL_CLOSEM], [1], [Use F_CLOSEM fcntl for closefrom]), 446 [], 447 [ #include <limits.h> 448 #include <fcntl.h> ] 449 ) 450 check_for_aix_broken_getaddrinfo=1 451 AC_DEFINE([BROKEN_REALPATH], [1], [Define if you have a broken realpath.]) 452 AC_DEFINE([SETEUID_BREAKS_SETUID], [1], 453 [Define if your platform breaks doing a seteuid before a setuid]) 454 AC_DEFINE([BROKEN_SETREUID], [1], [Define if your setreuid() is broken]) 455 AC_DEFINE([BROKEN_SETREGID], [1], [Define if your setregid() is broken]) 456 dnl AIX handles lastlog as part of its login message 457 AC_DEFINE([DISABLE_LASTLOG], [1], [Define if you don't want to use lastlog]) 458 AC_DEFINE([LOGIN_NEEDS_UTMPX], [1], 459 [Some systems need a utmpx entry for /bin/login to work]) 460 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV], 461 [Define to a Set Process Title type if your system is 462 supported by bsd-setproctitle.c]) 463 AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1], 464 [AIX 5.2 and 5.3 (and presumably newer) require this]) 465 AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd]) 466 ;; 467*-*-cygwin*) 468 check_for_libcrypt_later=1 469 LIBS="$LIBS /usr/lib/textreadmode.o" 470 AC_DEFINE([HAVE_CYGWIN], [1], [Define if you are on Cygwin]) 471 AC_DEFINE([USE_PIPES], [1], [Use PIPES instead of a socketpair()]) 472 AC_DEFINE([DISABLE_SHADOW], [1], 473 [Define if you want to disable shadow passwords]) 474 AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], 475 [Define if X11 doesn't support AF_UNIX sockets on that system]) 476 AC_DEFINE([NO_IPPORT_RESERVED_CONCEPT], [1], 477 [Define if the concept of ports only accessible to 478 superusers isn't known]) 479 AC_DEFINE([DISABLE_FD_PASSING], [1], 480 [Define if your platform needs to skip post auth 481 file descriptor passing]) 482 AC_DEFINE([SSH_IOBUFSZ], [65535], [Windows is sensitive to read buffer size]) 483 AC_DEFINE([FILESYSTEM_NO_BACKSLASH], [1], [File names may not contain backslash characters]) 484 ;; 485*-*-dgux*) 486 AC_DEFINE([IP_TOS_IS_BROKEN], [1], 487 [Define if your system choked on IP TOS setting]) 488 AC_DEFINE([SETEUID_BREAKS_SETUID]) 489 AC_DEFINE([BROKEN_SETREUID]) 490 AC_DEFINE([BROKEN_SETREGID]) 491 ;; 492*-*-darwin*) 493 AC_MSG_CHECKING([if we have working getaddrinfo]) 494 AC_RUN_IFELSE([AC_LANG_SOURCE([[ #include <mach-o/dyld.h> 495main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) 496 exit(0); 497 else 498 exit(1); 499} 500 ]])], 501 [AC_MSG_RESULT([working])], 502 [AC_MSG_RESULT([buggy]) 503 AC_DEFINE([BROKEN_GETADDRINFO], [1], 504 [getaddrinfo is broken (if present)]) 505 ], 506 [AC_MSG_RESULT([assume it is working])]) 507 AC_DEFINE([SETEUID_BREAKS_SETUID]) 508 AC_DEFINE([BROKEN_SETREUID]) 509 AC_DEFINE([BROKEN_SETREGID]) 510 AC_DEFINE([BROKEN_GLOB], [1], [OS X glob does not do what we expect]) 511 AC_DEFINE_UNQUOTED([BIND_8_COMPAT], [1], 512 [Define if your resolver libs need this for getrrsetbyname]) 513 AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) 514 AC_DEFINE([SSH_TUN_COMPAT_AF], [1], 515 [Use tunnel device compatibility to OpenBSD]) 516 AC_DEFINE([SSH_TUN_PREPEND_AF], [1], 517 [Prepend the address family to IP tunnel traffic]) 518 m4_pattern_allow([AU_IPv]) 519 AC_CHECK_DECL([AU_IPv4], [], 520 AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) 521 [#include <bsm/audit.h>] 522 AC_DEFINE([LASTLOG_WRITE_PUTUTXLINE], [1], 523 [Define if pututxline updates lastlog too]) 524 ) 525 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV], 526 [Define to a Set Process Title type if your system is 527 supported by bsd-setproctitle.c]) 528 AC_CHECK_FUNCS([sandbox_init]) 529 AC_CHECK_HEADERS([sandbox.h]) 530 ;; 531*-*-dragonfly*) 532 SSHDLIBS="$SSHDLIBS -lcrypt" 533 ;; 534*-*-haiku*) 535 LIBS="$LIBS -lbsd " 536 AC_CHECK_LIB([network], [socket]) 537 AC_DEFINE([HAVE_U_INT64_T]) 538 MANTYPE=man 539 ;; 540*-*-hpux*) 541 # first we define all of the options common to all HP-UX releases 542 CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" 543 IPADDR_IN_DISPLAY=yes 544 AC_DEFINE([USE_PIPES]) 545 AC_DEFINE([LOGIN_NO_ENDOPT], [1], 546 [Define if your login program cannot handle end of options ("--")]) 547 AC_DEFINE([LOGIN_NEEDS_UTMPX]) 548 AC_DEFINE([LOCKED_PASSWD_STRING], ["*"], 549 [String used in /etc/passwd to denote locked account]) 550 AC_DEFINE([SPT_TYPE], [SPT_PSTAT]) 551 maildir="/var/mail" 552 LIBS="$LIBS -lsec" 553 AC_CHECK_LIB([xnet], [t_error], , 554 [AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***])]) 555 556 # next, we define all of the options specific to major releases 557 case "$host" in 558 *-*-hpux10*) 559 if test -z "$GCC"; then 560 CFLAGS="$CFLAGS -Ae" 561 fi 562 ;; 563 *-*-hpux11*) 564 AC_DEFINE([PAM_SUN_CODEBASE], [1], 565 [Define if you are using Solaris-derived PAM which 566 passes pam_messages to the conversation function 567 with an extra level of indirection]) 568 AC_DEFINE([DISABLE_UTMP], [1], 569 [Define if you don't want to use utmp]) 570 AC_DEFINE([USE_BTMP], [1], [Use btmp to log bad logins]) 571 check_for_hpux_broken_getaddrinfo=1 572 check_for_conflicting_getspnam=1 573 ;; 574 esac 575 576 # lastly, we define options specific to minor releases 577 case "$host" in 578 *-*-hpux10.26) 579 AC_DEFINE([HAVE_SECUREWARE], [1], 580 [Define if you have SecureWare-based 581 protected password database]) 582 disable_ptmx_check=yes 583 LIBS="$LIBS -lsecpw" 584 ;; 585 esac 586 ;; 587*-*-irix5*) 588 PATH="$PATH:/usr/etc" 589 AC_DEFINE([BROKEN_INET_NTOA], [1], 590 [Define if you system's inet_ntoa is busted 591 (e.g. Irix gcc issue)]) 592 AC_DEFINE([SETEUID_BREAKS_SETUID]) 593 AC_DEFINE([BROKEN_SETREUID]) 594 AC_DEFINE([BROKEN_SETREGID]) 595 AC_DEFINE([WITH_ABBREV_NO_TTY], [1], 596 [Define if you shouldn't strip 'tty' from your 597 ttyname in [uw]tmp]) 598 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 599 ;; 600*-*-irix6*) 601 PATH="$PATH:/usr/etc" 602 AC_DEFINE([WITH_IRIX_ARRAY], [1], 603 [Define if you have/want arrays 604 (cluster-wide session managment, not C arrays)]) 605 AC_DEFINE([WITH_IRIX_PROJECT], [1], 606 [Define if you want IRIX project management]) 607 AC_DEFINE([WITH_IRIX_AUDIT], [1], 608 [Define if you want IRIX audit trails]) 609 AC_CHECK_FUNC([jlimit_startjob], [AC_DEFINE([WITH_IRIX_JOBS], [1], 610 [Define if you want IRIX kernel jobs])]) 611 AC_DEFINE([BROKEN_INET_NTOA]) 612 AC_DEFINE([SETEUID_BREAKS_SETUID]) 613 AC_DEFINE([BROKEN_SETREUID]) 614 AC_DEFINE([BROKEN_SETREGID]) 615 AC_DEFINE([BROKEN_UPDWTMPX], [1], [updwtmpx is broken (if present)]) 616 AC_DEFINE([WITH_ABBREV_NO_TTY]) 617 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 618 ;; 619*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu) 620 check_for_libcrypt_later=1 621 AC_DEFINE([PAM_TTY_KLUDGE]) 622 AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"]) 623 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV]) 624 AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts]) 625 AC_DEFINE([USE_BTMP], [1], [Use btmp to log bad logins]) 626 ;; 627*-*-linux*) 628 no_dev_ptmx=1 629 check_for_libcrypt_later=1 630 check_for_openpty_ctty_bug=1 631 AC_DEFINE([PAM_TTY_KLUDGE], [1], 632 [Work around problematic Linux PAM modules handling of PAM_TTY]) 633 AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"], 634 [String used in /etc/passwd to denote locked account]) 635 AC_DEFINE([SPT_TYPE], [SPT_REUSEARGV]) 636 AC_DEFINE([LINK_OPNOTSUPP_ERRNO], [EPERM], 637 [Define to whatever link() returns for "not supported" 638 if it doesn't return EOPNOTSUPP.]) 639 AC_DEFINE([_PATH_BTMP], ["/var/log/btmp"], [log for bad login attempts]) 640 AC_DEFINE([USE_BTMP]) 641 AC_DEFINE([LINUX_OOM_ADJUST], [1], [Adjust Linux out-of-memory killer]) 642 inet6_default_4in6=yes 643 case `uname -r` in 644 1.*|2.0.*) 645 AC_DEFINE([BROKEN_CMSG_TYPE], [1], 646 [Define if cmsg_type is not passed correctly]) 647 ;; 648 esac 649 # tun(4) forwarding compat code 650 AC_CHECK_HEADERS([linux/if_tun.h]) 651 if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then 652 AC_DEFINE([SSH_TUN_LINUX], [1], 653 [Open tunnel devices the Linux tun/tap way]) 654 AC_DEFINE([SSH_TUN_COMPAT_AF], [1], 655 [Use tunnel device compatibility to OpenBSD]) 656 AC_DEFINE([SSH_TUN_PREPEND_AF], [1], 657 [Prepend the address family to IP tunnel traffic]) 658 fi 659 ;; 660mips-sony-bsd|mips-sony-newsos4) 661 AC_DEFINE([NEED_SETPGRP], [1], [Need setpgrp to acquire controlling tty]) 662 SONY=1 663 ;; 664*-*-netbsd*) 665 check_for_libcrypt_before=1 666 if test "x$withval" != "xno" ; then 667 need_dash_r=1 668 fi 669 AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) 670 AC_CHECK_HEADER([net/if_tap.h], , 671 AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) 672 AC_DEFINE([SSH_TUN_PREPEND_AF], [1], 673 [Prepend the address family to IP tunnel traffic]) 674 ;; 675*-*-freebsd*) 676 check_for_libcrypt_later=1 677 AC_DEFINE([LOCKED_PASSWD_PREFIX], ["*LOCKED*"], [Account locked with pw(1)]) 678 AC_DEFINE([SSH_TUN_FREEBSD], [1], [Open tunnel devices the FreeBSD way]) 679 AC_CHECK_HEADER([net/if_tap.h], , 680 AC_DEFINE([SSH_TUN_NO_L2], [1], [No layer 2 tunnel support])) 681 AC_DEFINE([BROKEN_GLOB], [1], [FreeBSD glob does not do what we need]) 682 ;; 683*-*-bsdi*) 684 AC_DEFINE([SETEUID_BREAKS_SETUID]) 685 AC_DEFINE([BROKEN_SETREUID]) 686 AC_DEFINE([BROKEN_SETREGID]) 687 ;; 688*-next-*) 689 conf_lastlog_location="/usr/adm/lastlog" 690 conf_utmp_location=/etc/utmp 691 conf_wtmp_location=/usr/adm/wtmp 692 maildir=/usr/spool/mail 693 AC_DEFINE([HAVE_NEXT], [1], [Define if you are on NeXT]) 694 AC_DEFINE([BROKEN_REALPATH]) 695 AC_DEFINE([USE_PIPES]) 696 AC_DEFINE([BROKEN_SAVED_UIDS], [1], [Needed for NeXT]) 697 ;; 698*-*-openbsd*) 699 AC_DEFINE([HAVE_ATTRIBUTE__SENTINEL__], [1], [OpenBSD's gcc has sentinel]) 700 AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD's gcc has bounded]) 701 AC_DEFINE([SSH_TUN_OPENBSD], [1], [Open tunnel devices the OpenBSD way]) 702 AC_DEFINE([SYSLOG_R_SAFE_IN_SIGHAND], [1], 703 [syslog_r function is safe to use in in a signal handler]) 704 ;; 705*-*-solaris*) 706 if test "x$withval" != "xno" ; then 707 need_dash_r=1 708 fi 709 AC_DEFINE([PAM_SUN_CODEBASE]) 710 AC_DEFINE([LOGIN_NEEDS_UTMPX]) 711 AC_DEFINE([LOGIN_NEEDS_TERM], [1], 712 [Some versions of /bin/login need the TERM supplied 713 on the commandline]) 714 AC_DEFINE([PAM_TTY_KLUDGE]) 715 AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1], 716 [Define if pam_chauthtok wants real uid set 717 to the unpriv'ed user]) 718 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 719 # Pushing STREAMS modules will cause sshd to acquire a controlling tty. 720 AC_DEFINE([SSHD_ACQUIRES_CTTY], [1], 721 [Define if sshd somehow reacquires a controlling TTY 722 after setsid()]) 723 AC_DEFINE([PASSWD_NEEDS_USERNAME], [1], [must supply username to passwd 724 in case the name is longer than 8 chars]) 725 AC_DEFINE([BROKEN_TCGETATTR_ICANON], [1], [tcgetattr with ICANON may hang]) 726 external_path_file=/etc/default/login 727 # hardwire lastlog location (can't detect it on some versions) 728 conf_lastlog_location="/var/adm/lastlog" 729 AC_MSG_CHECKING([for obsolete utmp and wtmp in solaris2.x]) 730 sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'` 731 if test "$sol2ver" -ge 8; then 732 AC_MSG_RESULT([yes]) 733 AC_DEFINE([DISABLE_UTMP]) 734 AC_DEFINE([DISABLE_WTMP], [1], 735 [Define if you don't want to use wtmp]) 736 else 737 AC_MSG_RESULT([no]) 738 fi 739 AC_ARG_WITH([solaris-contracts], 740 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 741 [ 742 AC_CHECK_LIB([contract], [ct_tmpl_activate], 743 [ AC_DEFINE([USE_SOLARIS_PROCESS_CONTRACTS], [1], 744 [Define if you have Solaris process contracts]) 745 SSHDLIBS="$SSHDLIBS -lcontract" 746 SPC_MSG="yes" ], ) 747 ], 748 ) 749 AC_ARG_WITH([solaris-projects], 750 [ --with-solaris-projects Enable Solaris projects (experimental)], 751 [ 752 AC_CHECK_LIB([project], [setproject], 753 [ AC_DEFINE([USE_SOLARIS_PROJECTS], [1], 754 [Define if you have Solaris projects]) 755 SSHDLIBS="$SSHDLIBS -lproject" 756 SP_MSG="yes" ], ) 757 ], 758 ) 759 ;; 760*-*-sunos4*) 761 CPPFLAGS="$CPPFLAGS -DSUNOS4" 762 AC_CHECK_FUNCS([getpwanam]) 763 AC_DEFINE([PAM_SUN_CODEBASE]) 764 conf_utmp_location=/etc/utmp 765 conf_wtmp_location=/var/adm/wtmp 766 conf_lastlog_location=/var/adm/lastlog 767 AC_DEFINE([USE_PIPES]) 768 ;; 769*-ncr-sysv*) 770 LIBS="$LIBS -lc89" 771 AC_DEFINE([USE_PIPES]) 772 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 773 AC_DEFINE([SETEUID_BREAKS_SETUID]) 774 AC_DEFINE([BROKEN_SETREUID]) 775 AC_DEFINE([BROKEN_SETREGID]) 776 ;; 777*-sni-sysv*) 778 # /usr/ucblib MUST NOT be searched on ReliantUNIX 779 AC_CHECK_LIB([dl], [dlsym], ,) 780 # -lresolv needs to be at the end of LIBS or DNS lookups break 781 AC_CHECK_LIB([resolv], [res_query], [ LIBS="$LIBS -lresolv" ]) 782 IPADDR_IN_DISPLAY=yes 783 AC_DEFINE([USE_PIPES]) 784 AC_DEFINE([IP_TOS_IS_BROKEN]) 785 AC_DEFINE([SETEUID_BREAKS_SETUID]) 786 AC_DEFINE([BROKEN_SETREUID]) 787 AC_DEFINE([BROKEN_SETREGID]) 788 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 789 external_path_file=/etc/default/login 790 # /usr/ucblib/libucb.a no longer needed on ReliantUNIX 791 # Attention: always take care to bind libsocket and libnsl before libc, 792 # otherwise you will find lots of "SIOCGPGRP errno 22" on syslog 793 ;; 794# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel. 795*-*-sysv4.2*) 796 AC_DEFINE([USE_PIPES]) 797 AC_DEFINE([SETEUID_BREAKS_SETUID]) 798 AC_DEFINE([BROKEN_SETREUID]) 799 AC_DEFINE([BROKEN_SETREGID]) 800 AC_DEFINE([PASSWD_NEEDS_USERNAME], [1], [must supply username to passwd]) 801 AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 802 ;; 803# UnixWare 7.x, OpenUNIX 8 804*-*-sysv5*) 805 CPPFLAGS="$CPPFLAGS -Dvsnprintf=_xvsnprintf -Dsnprintf=_xsnprintf" 806 AC_DEFINE([UNIXWARE_LONG_PASSWORDS], [1], [Support passwords > 8 chars]) 807 AC_DEFINE([USE_PIPES]) 808 AC_DEFINE([SETEUID_BREAKS_SETUID]) 809 AC_DEFINE([BROKEN_GETADDRINFO]) 810 AC_DEFINE([BROKEN_SETREUID]) 811 AC_DEFINE([BROKEN_SETREGID]) 812 AC_DEFINE([PASSWD_NEEDS_USERNAME]) 813 case "$host" in 814 *-*-sysv5SCO_SV*) # SCO OpenServer 6.x 815 maildir=/var/spool/mail 816 TEST_SHELL=/u95/bin/sh 817 AC_DEFINE([BROKEN_LIBIAF], [1], 818 [ia_uinfo routines not supported by OS yet]) 819 AC_DEFINE([BROKEN_UPDWTMPX]) 820 AC_CHECK_LIB([prot], [getluid], [ LIBS="$LIBS -lprot" 821 AC_CHECK_FUNCS([getluid setluid], , , [-lprot]) 822 AC_DEFINE([HAVE_SECUREWARE]) 823 AC_DEFINE([DISABLE_SHADOW]) 824 ], , ) 825 ;; 826 *) AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"]) 827 check_for_libcrypt_later=1 828 ;; 829 esac 830 ;; 831*-*-sysv*) 832 ;; 833# SCO UNIX and OEM versions of SCO UNIX 834*-*-sco3.2v4*) 835 AC_MSG_ERROR("This Platform is no longer supported.") 836 ;; 837# SCO OpenServer 5.x 838*-*-sco3.2v5*) 839 if test -z "$GCC"; then 840 CFLAGS="$CFLAGS -belf" 841 fi 842 LIBS="$LIBS -lprot -lx -ltinfo -lm" 843 no_dev_ptmx=1 844 AC_DEFINE([USE_PIPES]) 845 AC_DEFINE([HAVE_SECUREWARE]) 846 AC_DEFINE([DISABLE_SHADOW]) 847 AC_DEFINE([DISABLE_FD_PASSING]) 848 AC_DEFINE([SETEUID_BREAKS_SETUID]) 849 AC_DEFINE([BROKEN_GETADDRINFO]) 850 AC_DEFINE([BROKEN_SETREUID]) 851 AC_DEFINE([BROKEN_SETREGID]) 852 AC_DEFINE([WITH_ABBREV_NO_TTY]) 853 AC_DEFINE([BROKEN_UPDWTMPX]) 854 AC_DEFINE([PASSWD_NEEDS_USERNAME]) 855 AC_CHECK_FUNCS([getluid setluid]) 856 MANTYPE=man 857 TEST_SHELL=ksh 858 ;; 859*-*-unicosmk*) 860 AC_DEFINE([NO_SSH_LASTLOG], [1], 861 [Define if you don't want to use lastlog in session.c]) 862 AC_DEFINE([SETEUID_BREAKS_SETUID]) 863 AC_DEFINE([BROKEN_SETREUID]) 864 AC_DEFINE([BROKEN_SETREGID]) 865 AC_DEFINE([USE_PIPES]) 866 AC_DEFINE([DISABLE_FD_PASSING]) 867 LDFLAGS="$LDFLAGS" 868 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 869 MANTYPE=cat 870 ;; 871*-*-unicosmp*) 872 AC_DEFINE([SETEUID_BREAKS_SETUID]) 873 AC_DEFINE([BROKEN_SETREUID]) 874 AC_DEFINE([BROKEN_SETREGID]) 875 AC_DEFINE([WITH_ABBREV_NO_TTY]) 876 AC_DEFINE([USE_PIPES]) 877 AC_DEFINE([DISABLE_FD_PASSING]) 878 LDFLAGS="$LDFLAGS" 879 LIBS="$LIBS -lgen -lacid -ldb" 880 MANTYPE=cat 881 ;; 882*-*-unicos*) 883 AC_DEFINE([SETEUID_BREAKS_SETUID]) 884 AC_DEFINE([BROKEN_SETREUID]) 885 AC_DEFINE([BROKEN_SETREGID]) 886 AC_DEFINE([USE_PIPES]) 887 AC_DEFINE([DISABLE_FD_PASSING]) 888 AC_DEFINE([NO_SSH_LASTLOG]) 889 LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal" 890 LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm" 891 MANTYPE=cat 892 ;; 893*-dec-osf*) 894 AC_MSG_CHECKING([for Digital Unix SIA]) 895 no_osfsia="" 896 AC_ARG_WITH([osfsia], 897 [ --with-osfsia Enable Digital Unix SIA], 898 [ 899 if test "x$withval" = "xno" ; then 900 AC_MSG_RESULT([disabled]) 901 no_osfsia=1 902 fi 903 ], 904 ) 905 if test -z "$no_osfsia" ; then 906 if test -f /etc/sia/matrix.conf; then 907 AC_MSG_RESULT([yes]) 908 AC_DEFINE([HAVE_OSF_SIA], [1], 909 [Define if you have Digital Unix Security 910 Integration Architecture]) 911 AC_DEFINE([DISABLE_LOGIN], [1], 912 [Define if you don't want to use your 913 system's login() call]) 914 AC_DEFINE([DISABLE_FD_PASSING]) 915 LIBS="$LIBS -lsecurity -ldb -lm -laud" 916 SIA_MSG="yes" 917 else 918 AC_MSG_RESULT([no]) 919 AC_DEFINE([LOCKED_PASSWD_SUBSTR], ["Nologin"], 920 [String used in /etc/passwd to denote locked account]) 921 fi 922 fi 923 AC_DEFINE([BROKEN_GETADDRINFO]) 924 AC_DEFINE([SETEUID_BREAKS_SETUID]) 925 AC_DEFINE([BROKEN_SETREUID]) 926 AC_DEFINE([BROKEN_SETREGID]) 927 AC_DEFINE([BROKEN_READV_COMPARISON], [1], [Can't do comparisons on readv]) 928 ;; 929 930*-*-nto-qnx*) 931 AC_DEFINE([USE_PIPES]) 932 AC_DEFINE([NO_X11_UNIX_SOCKETS]) 933 AC_DEFINE([MISSING_NFDBITS], [1], [Define on *nto-qnx systems]) 934 AC_DEFINE([MISSING_HOWMANY], [1], [Define on *nto-qnx systems]) 935 AC_DEFINE([MISSING_FD_MASK], [1], [Define on *nto-qnx systems]) 936 AC_DEFINE([DISABLE_LASTLOG]) 937 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 938 AC_DEFINE([BROKEN_SHADOW_EXPIRE], [1], [QNX shadow support is broken]) 939 enable_etc_default_login=no # has incompatible /etc/default/login 940 case "$host" in 941 *-*-nto-qnx6*) 942 AC_DEFINE([DISABLE_FD_PASSING]) 943 ;; 944 esac 945 ;; 946 947*-*-ultrix*) 948 AC_DEFINE([BROKEN_GETGROUPS], [1], [getgroups(0,NULL) will return -1]) 949 AC_DEFINE([BROKEN_MMAP], [1], [Ultrix mmap can't map files]) 950 AC_DEFINE([NEED_SETPGRP]) 951 AC_DEFINE([HAVE_SYS_SYSLOG_H], [1], [Force use of sys/syslog.h on Ultrix]) 952 ;; 953 954*-*-lynxos) 955 CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__" 956 AC_DEFINE([MISSING_HOWMANY]) 957 AC_DEFINE([BROKEN_SETVBUF], [1], [LynxOS has broken setvbuf() implementation]) 958 ;; 959esac 960 961AC_MSG_CHECKING([compiler and flags for sanity]) 962AC_RUN_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], [[ exit(0); ]])], 963 [ AC_MSG_RESULT([yes]) ], 964 [ 965 AC_MSG_RESULT([no]) 966 AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) 967 ], 968 [ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ] 969) 970 971dnl Checks for header files. 972# Checks for libraries. 973AC_CHECK_FUNC([yp_match], , [AC_CHECK_LIB([nsl], [yp_match])]) 974AC_CHECK_FUNC([setsockopt], , [AC_CHECK_LIB([socket], [setsockopt])]) 975 976dnl IRIX and Solaris 2.5.1 have dirname() in libgen 977AC_CHECK_FUNCS([dirname], [AC_CHECK_HEADERS([libgen.h])] , [ 978 AC_CHECK_LIB([gen], [dirname], [ 979 AC_CACHE_CHECK([for broken dirname], 980 ac_cv_have_broken_dirname, [ 981 save_LIBS="$LIBS" 982 LIBS="$LIBS -lgen" 983 AC_RUN_IFELSE( 984 [AC_LANG_SOURCE([[ 985#include <libgen.h> 986#include <string.h> 987 988int main(int argc, char **argv) { 989 char *s, buf[32]; 990 991 strncpy(buf,"/etc", 32); 992 s = dirname(buf); 993 if (!s || strncmp(s, "/", 32) != 0) { 994 exit(1); 995 } else { 996 exit(0); 997 } 998} 999 ]])], 1000 [ ac_cv_have_broken_dirname="no" ], 1001 [ ac_cv_have_broken_dirname="yes" ], 1002 [ ac_cv_have_broken_dirname="no" ], 1003 ) 1004 LIBS="$save_LIBS" 1005 ]) 1006 if test "x$ac_cv_have_broken_dirname" = "xno" ; then 1007 LIBS="$LIBS -lgen" 1008 AC_DEFINE([HAVE_DIRNAME]) 1009 AC_CHECK_HEADERS([libgen.h]) 1010 fi 1011 ]) 1012]) 1013 1014AC_CHECK_FUNC([getspnam], , 1015 [AC_CHECK_LIB([gen], [getspnam], [LIBS="$LIBS -lgen"])]) 1016AC_SEARCH_LIBS([basename], [gen], [AC_DEFINE([HAVE_BASENAME], [1], 1017 [Define if you have the basename function.])]) 1018 1019dnl zlib is required 1020AC_ARG_WITH([zlib], 1021 [ --with-zlib=PATH Use zlib in PATH], 1022 [ if test "x$withval" = "xno" ; then 1023 AC_MSG_ERROR([*** zlib is required ***]) 1024 elif test "x$withval" != "xyes"; then 1025 if test -d "$withval/lib"; then 1026 if test -n "${need_dash_r}"; then 1027 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1028 else 1029 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1030 fi 1031 else 1032 if test -n "${need_dash_r}"; then 1033 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1034 else 1035 LDFLAGS="-L${withval} ${LDFLAGS}" 1036 fi 1037 fi 1038 if test -d "$withval/include"; then 1039 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1040 else 1041 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1042 fi 1043 fi ] 1044) 1045 1046AC_CHECK_HEADER([zlib.h], ,[AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***])]) 1047AC_CHECK_LIB([z], [deflate], , 1048 [ 1049 saved_CPPFLAGS="$CPPFLAGS" 1050 saved_LDFLAGS="$LDFLAGS" 1051 save_LIBS="$LIBS" 1052 dnl Check default zlib install dir 1053 if test -n "${need_dash_r}"; then 1054 LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}" 1055 else 1056 LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}" 1057 fi 1058 CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}" 1059 LIBS="$LIBS -lz" 1060 AC_TRY_LINK_FUNC([deflate], [AC_DEFINE([HAVE_LIBZ])], 1061 [ 1062 AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***]) 1063 ] 1064 ) 1065 ] 1066) 1067 1068AC_ARG_WITH([zlib-version-check], 1069 [ --without-zlib-version-check Disable zlib version check], 1070 [ if test "x$withval" = "xno" ; then 1071 zlib_check_nonfatal=1 1072 fi 1073 ] 1074) 1075 1076AC_MSG_CHECKING([for possibly buggy zlib]) 1077AC_RUN_IFELSE([AC_LANG_PROGRAM([[ 1078#include <stdio.h> 1079#include <zlib.h> 1080 ]], 1081 [[ 1082 int a=0, b=0, c=0, d=0, n, v; 1083 n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); 1084 if (n != 3 && n != 4) 1085 exit(1); 1086 v = a*1000000 + b*10000 + c*100 + d; 1087 fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); 1088 1089 /* 1.1.4 is OK */ 1090 if (a == 1 && b == 1 && c >= 4) 1091 exit(0); 1092 1093 /* 1.2.3 and up are OK */ 1094 if (v >= 1020300) 1095 exit(0); 1096 1097 exit(2); 1098 ]])], 1099 AC_MSG_RESULT([no]), 1100 [ AC_MSG_RESULT([yes]) 1101 if test -z "$zlib_check_nonfatal" ; then 1102 AC_MSG_ERROR([*** zlib too old - check config.log *** 1103Your reported zlib version has known security problems. It's possible your 1104vendor has fixed these problems without changing the version number. If you 1105are sure this is the case, you can disable the check by running 1106"./configure --without-zlib-version-check". 1107If you are in doubt, upgrade zlib to version 1.2.3 or greater. 1108See http://www.gzip.org/zlib/ for details.]) 1109 else 1110 AC_MSG_WARN([zlib version may have security problems]) 1111 fi 1112 ], 1113 [ AC_MSG_WARN([cross compiling: not checking zlib version]) ] 1114) 1115 1116dnl UnixWare 2.x 1117AC_CHECK_FUNC([strcasecmp], 1118 [], [ AC_CHECK_LIB([resolv], [strcasecmp], [LIBS="$LIBS -lresolv"]) ] 1119) 1120AC_CHECK_FUNCS([utimes], 1121 [], [ AC_CHECK_LIB([c89], [utimes], [AC_DEFINE([HAVE_UTIMES]) 1122 LIBS="$LIBS -lc89"]) ] 1123) 1124 1125dnl Checks for libutil functions 1126AC_CHECK_HEADERS([libutil.h]) 1127AC_SEARCH_LIBS([login], [util bsd], [AC_DEFINE([HAVE_LOGIN], [1], 1128 [Define if your libraries define login()])]) 1129AC_CHECK_FUNCS([fmt_scaled logout updwtmp logwtmp]) 1130 1131AC_FUNC_STRFTIME 1132 1133# Check for ALTDIRFUNC glob() extension 1134AC_MSG_CHECKING([for GLOB_ALTDIRFUNC support]) 1135AC_EGREP_CPP([FOUNDIT], 1136 [ 1137 #include <glob.h> 1138 #ifdef GLOB_ALTDIRFUNC 1139 FOUNDIT 1140 #endif 1141 ], 1142 [ 1143 AC_DEFINE([GLOB_HAS_ALTDIRFUNC], [1], 1144 [Define if your system glob() function has 1145 the GLOB_ALTDIRFUNC extension]) 1146 AC_MSG_RESULT([yes]) 1147 ], 1148 [ 1149 AC_MSG_RESULT([no]) 1150 ] 1151) 1152 1153# Check for g.gl_matchc glob() extension 1154AC_MSG_CHECKING([for gl_matchc field in glob_t]) 1155AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <glob.h> ]], 1156 [[ glob_t g; g.gl_matchc = 1; ]])], 1157 [ 1158 AC_DEFINE([GLOB_HAS_GL_MATCHC], [1], 1159 [Define if your system glob() function has 1160 gl_matchc options in glob_t]) 1161 AC_MSG_RESULT([yes]) 1162 ], [ 1163 AC_MSG_RESULT([no]) 1164]) 1165 1166# Check for g.gl_statv glob() extension 1167AC_MSG_CHECKING([for gl_statv and GLOB_KEEPSTAT extensions for glob]) 1168AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <glob.h> ]], [[ 1169#ifndef GLOB_KEEPSTAT 1170#error "glob does not support GLOB_KEEPSTAT extension" 1171#endif 1172glob_t g; 1173g.gl_statv = NULL; 1174]])], 1175 [ 1176 AC_DEFINE([GLOB_HAS_GL_STATV], [1], 1177 [Define if your system glob() function has 1178 gl_statv options in glob_t]) 1179 AC_MSG_RESULT([yes]) 1180 ], [ 1181 AC_MSG_RESULT([no]) 1182 1183]) 1184 1185AC_CHECK_DECLS([GLOB_NOMATCH], , , [#include <glob.h>]) 1186 1187AC_MSG_CHECKING([whether struct dirent allocates space for d_name]) 1188AC_RUN_IFELSE( 1189 [AC_LANG_PROGRAM([[ 1190#include <sys/types.h> 1191#include <dirent.h>]], 1192 [[ 1193 struct dirent d; 1194 exit(sizeof(d.d_name)<=sizeof(char)); 1195 ]])], 1196 [AC_MSG_RESULT([yes])], 1197 [ 1198 AC_MSG_RESULT([no]) 1199 AC_DEFINE([BROKEN_ONE_BYTE_DIRENT_D_NAME], [1], 1200 [Define if your struct dirent expects you to 1201 allocate extra space for d_name]) 1202 ], 1203 [ 1204 AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1205 AC_DEFINE([BROKEN_ONE_BYTE_DIRENT_D_NAME]) 1206 ] 1207) 1208 1209AC_MSG_CHECKING([for /proc/pid/fd directory]) 1210if test -d "/proc/$$/fd" ; then 1211 AC_DEFINE([HAVE_PROC_PID], [1], [Define if you have /proc/$pid/fd]) 1212 AC_MSG_RESULT([yes]) 1213else 1214 AC_MSG_RESULT([no]) 1215fi 1216 1217# Check whether user wants S/Key support 1218SKEY_MSG="no" 1219AC_ARG_WITH([skey], 1220 [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], 1221 [ 1222 if test "x$withval" != "xno" ; then 1223 1224 if test "x$withval" != "xyes" ; then 1225 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1226 LDFLAGS="$LDFLAGS -L${withval}/lib" 1227 fi 1228 1229 AC_DEFINE([SKEY], [1], [Define if you want S/Key support]) 1230 LIBS="-lskey $LIBS" 1231 SKEY_MSG="yes" 1232 1233 AC_MSG_CHECKING([for s/key support]) 1234 AC_LINK_IFELSE( 1235 [AC_LANG_PROGRAM([[ 1236#include <stdio.h> 1237#include <skey.h> 1238 ]], [[ 1239 char *ff = skey_keyinfo(""); ff=""; 1240 exit(0); 1241 ]])], 1242 [AC_MSG_RESULT([yes])], 1243 [ 1244 AC_MSG_RESULT([no]) 1245 AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) 1246 ]) 1247 AC_MSG_CHECKING([if skeychallenge takes 4 arguments]) 1248 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1249#include <stdio.h> 1250#include <skey.h> 1251 ]], [[ 1252 (void)skeychallenge(NULL,"name","",0); 1253 ]])], 1254 [ 1255 AC_MSG_RESULT([yes]) 1256 AC_DEFINE([SKEYCHALLENGE_4ARG], [1], 1257 [Define if your skeychallenge() 1258 function takes 4 arguments (NetBSD)])], 1259 [ 1260 AC_MSG_RESULT([no]) 1261 ]) 1262 fi 1263 ] 1264) 1265 1266# Check whether user wants TCP wrappers support 1267TCPW_MSG="no" 1268AC_ARG_WITH([tcp-wrappers], 1269 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], 1270 [ 1271 if test "x$withval" != "xno" ; then 1272 saved_LIBS="$LIBS" 1273 saved_LDFLAGS="$LDFLAGS" 1274 saved_CPPFLAGS="$CPPFLAGS" 1275 if test -n "${withval}" && \ 1276 test "x${withval}" != "xyes"; then 1277 if test -d "${withval}/lib"; then 1278 if test -n "${need_dash_r}"; then 1279 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1280 else 1281 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1282 fi 1283 else 1284 if test -n "${need_dash_r}"; then 1285 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1286 else 1287 LDFLAGS="-L${withval} ${LDFLAGS}" 1288 fi 1289 fi 1290 if test -d "${withval}/include"; then 1291 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 1292 else 1293 CPPFLAGS="-I${withval} ${CPPFLAGS}" 1294 fi 1295 fi 1296 LIBS="-lwrap $LIBS" 1297 AC_MSG_CHECKING([for libwrap]) 1298 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 1299#include <sys/types.h> 1300#include <sys/socket.h> 1301#include <netinet/in.h> 1302#include <tcpd.h> 1303int deny_severity = 0, allow_severity = 0; 1304 ]], [[ 1305 hosts_access(0); 1306 ]])], [ 1307 AC_MSG_RESULT([yes]) 1308 AC_DEFINE([LIBWRAP], [1], 1309 [Define if you want 1310 TCP Wrappers support]) 1311 SSHDLIBS="$SSHDLIBS -lwrap" 1312 TCPW_MSG="yes" 1313 ], [ 1314 AC_MSG_ERROR([*** libwrap missing]) 1315 1316 ]) 1317 LIBS="$saved_LIBS" 1318 fi 1319 ] 1320) 1321 1322# Check whether user wants libedit support 1323LIBEDIT_MSG="no" 1324AC_ARG_WITH([libedit], 1325 [ --with-libedit[[=PATH]] Enable libedit support for sftp], 1326 [ if test "x$withval" != "xno" ; then 1327 if test "x$withval" = "xyes" ; then 1328 AC_PATH_PROG([PKGCONFIG], [pkg-config], [no]) 1329 if test "x$PKGCONFIG" != "xno"; then 1330 AC_MSG_CHECKING([if $PKGCONFIG knows about libedit]) 1331 if "$PKGCONFIG" libedit; then 1332 AC_MSG_RESULT([yes]) 1333 use_pkgconfig_for_libedit=yes 1334 else 1335 AC_MSG_RESULT([no]) 1336 fi 1337 fi 1338 else 1339 CPPFLAGS="$CPPFLAGS -I${withval}/include" 1340 if test -n "${need_dash_r}"; then 1341 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1342 else 1343 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1344 fi 1345 fi 1346 if test "x$use_pkgconfig_for_libedit" = "xyes"; then 1347 LIBEDIT=`$PKGCONFIG --libs-only-l libedit` 1348 CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`" 1349 else 1350 LIBEDIT="-ledit -lcurses" 1351 fi 1352 OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'` 1353 AC_CHECK_LIB([edit], [el_init], 1354 [ AC_DEFINE([USE_LIBEDIT], [1], [Use libedit for sftp]) 1355 LIBEDIT_MSG="yes" 1356 AC_SUBST([LIBEDIT]) 1357 ], 1358 [ AC_MSG_ERROR([libedit not found]) ], 1359 [ $OTHERLIBS ] 1360 ) 1361 AC_MSG_CHECKING([if libedit version is compatible]) 1362 AC_COMPILE_IFELSE( 1363 [AC_LANG_PROGRAM([[ #include <histedit.h> ]], 1364 [[ 1365 int i = H_SETSIZE; 1366 el_init("", NULL, NULL, NULL); 1367 exit(0); 1368 ]])], 1369 [ AC_MSG_RESULT([yes]) ], 1370 [ AC_MSG_RESULT([no]) 1371 AC_MSG_ERROR([libedit version is not compatible]) ] 1372 ) 1373 fi ] 1374) 1375 1376AUDIT_MODULE=none 1377AC_ARG_WITH([audit], 1378 [ --with-audit=module Enable audit support (modules=debug,bsm,linux)], 1379 [ 1380 AC_MSG_CHECKING([for supported audit module]) 1381 case "$withval" in 1382 bsm) 1383 AC_MSG_RESULT([bsm]) 1384 AUDIT_MODULE=bsm 1385 dnl Checks for headers, libs and functions 1386 AC_CHECK_HEADERS([bsm/audit.h], [], 1387 [AC_MSG_ERROR([BSM enabled and bsm/audit.h not found])], 1388 [ 1389#ifdef HAVE_TIME_H 1390# include <time.h> 1391#endif 1392 ] 1393) 1394 AC_CHECK_LIB([bsm], [getaudit], [], 1395 [AC_MSG_ERROR([BSM enabled and required library not found])]) 1396 AC_CHECK_FUNCS([getaudit], [], 1397 [AC_MSG_ERROR([BSM enabled and required function not found])]) 1398 # These are optional 1399 AC_CHECK_FUNCS([getaudit_addr aug_get_machine]) 1400 AC_DEFINE([USE_BSM_AUDIT], [1], [Use BSM audit module]) 1401 ;; 1402 linux) 1403 AC_MSG_RESULT([linux]) 1404 AUDIT_MODULE=linux 1405 dnl Checks for headers, libs and functions 1406 AC_CHECK_HEADERS([libaudit.h]) 1407 SSHDLIBS="$SSHDLIBS -laudit" 1408 AC_DEFINE([USE_LINUX_AUDIT], [1], [Use Linux audit module]) 1409 ;; 1410 debug) 1411 AUDIT_MODULE=debug 1412 AC_MSG_RESULT([debug]) 1413 AC_DEFINE([SSH_AUDIT_EVENTS], [1], [Use audit debugging module]) 1414 ;; 1415 no) 1416 AC_MSG_RESULT([no]) 1417 ;; 1418 *) 1419 AC_MSG_ERROR([Unknown audit module $withval]) 1420 ;; 1421 esac ] 1422) 1423 1424dnl Checks for library functions. Please keep in alphabetical order 1425AC_CHECK_FUNCS([ \ 1426 arc4random \ 1427 arc4random_buf \ 1428 arc4random_uniform \ 1429 asprintf \ 1430 b64_ntop \ 1431 __b64_ntop \ 1432 b64_pton \ 1433 __b64_pton \ 1434 bcopy \ 1435 bindresvport_sa \ 1436 clock \ 1437 closefrom \ 1438 dirfd \ 1439 fchmod \ 1440 fchown \ 1441 freeaddrinfo \ 1442 fstatvfs \ 1443 futimes \ 1444 getaddrinfo \ 1445 getcwd \ 1446 getgrouplist \ 1447 getnameinfo \ 1448 getopt \ 1449 getpeereid \ 1450 getpeerucred \ 1451 _getpty \ 1452 getrlimit \ 1453 getttyent \ 1454 glob \ 1455 group_from_gid \ 1456 inet_aton \ 1457 inet_ntoa \ 1458 inet_ntop \ 1459 innetgr \ 1460 login_getcapbool \ 1461 md5_crypt \ 1462 memmove \ 1463 mkdtemp \ 1464 mmap \ 1465 ngetaddrinfo \ 1466 nsleep \ 1467 ogetaddrinfo \ 1468 openlog_r \ 1469 openpty \ 1470 poll \ 1471 prctl \ 1472 pstat \ 1473 readpassphrase \ 1474 realpath \ 1475 recvmsg \ 1476 rresvport_af \ 1477 sendmsg \ 1478 setdtablesize \ 1479 setegid \ 1480 setenv \ 1481 seteuid \ 1482 setgroupent \ 1483 setgroups \ 1484 setlogin \ 1485 setpassent\ 1486 setpcred \ 1487 setproctitle \ 1488 setregid \ 1489 setreuid \ 1490 setrlimit \ 1491 setsid \ 1492 setvbuf \ 1493 sigaction \ 1494 sigvec \ 1495 snprintf \ 1496 socketpair \ 1497 statfs \ 1498 statvfs \ 1499 strdup \ 1500 strerror \ 1501 strlcat \ 1502 strlcpy \ 1503 strmode \ 1504 strnvis \ 1505 strptime \ 1506 strtonum \ 1507 strtoll \ 1508 strtoul \ 1509 swap32 \ 1510 sysconf \ 1511 tcgetpgrp \ 1512 timingsafe_bcmp \ 1513 truncate \ 1514 unsetenv \ 1515 updwtmpx \ 1516 user_from_uid \ 1517 vasprintf \ 1518 vhangup \ 1519 vsnprintf \ 1520 waitpid \ 1521]) 1522 1523AC_LINK_IFELSE( 1524 [AC_LANG_PROGRAM( 1525 [[ #include <ctype.h> ]], 1526 [[ return (isblank('a')); ]])], 1527 [AC_DEFINE([HAVE_ISBLANK], [1], [Define if you have isblank(3C).]) 1528]) 1529 1530# PKCS#11 support requires dlopen() and co 1531AC_SEARCH_LIBS([dlopen], [dl], 1532 [AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])] 1533) 1534 1535# IRIX has a const char return value for gai_strerror() 1536AC_CHECK_FUNCS([gai_strerror], [ 1537 AC_DEFINE([HAVE_GAI_STRERROR]) 1538 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1539#include <sys/types.h> 1540#include <sys/socket.h> 1541#include <netdb.h> 1542 1543const char *gai_strerror(int); 1544 ]], [[ 1545 char *str; 1546 str = gai_strerror(0); 1547 ]])], [ 1548 AC_DEFINE([HAVE_CONST_GAI_STRERROR_PROTO], [1], 1549 [Define if gai_strerror() returns const char *])], [])]) 1550 1551AC_SEARCH_LIBS([nanosleep], [rt posix4], [AC_DEFINE([HAVE_NANOSLEEP], [1], 1552 [Some systems put nanosleep outside of libc])]) 1553 1554dnl Make sure prototypes are defined for these before using them. 1555AC_CHECK_DECL([getrusage], [AC_CHECK_FUNCS([getrusage])]) 1556AC_CHECK_DECL([strsep], 1557 [AC_CHECK_FUNCS([strsep])], 1558 [], 1559 [ 1560#ifdef HAVE_STRING_H 1561# include <string.h> 1562#endif 1563 ]) 1564 1565dnl tcsendbreak might be a macro 1566AC_CHECK_DECL([tcsendbreak], 1567 [AC_DEFINE([HAVE_TCSENDBREAK])], 1568 [AC_CHECK_FUNCS([tcsendbreak])], 1569 [#include <termios.h>] 1570) 1571 1572AC_CHECK_DECLS([h_errno], , ,[#include <netdb.h>]) 1573 1574AC_CHECK_DECLS([SHUT_RD], , , 1575 [ 1576#include <sys/types.h> 1577#include <sys/socket.h> 1578 ]) 1579 1580AC_CHECK_DECLS([O_NONBLOCK], , , 1581 [ 1582#include <sys/types.h> 1583#ifdef HAVE_SYS_STAT_H 1584# include <sys/stat.h> 1585#endif 1586#ifdef HAVE_FCNTL_H 1587# include <fcntl.h> 1588#endif 1589 ]) 1590 1591AC_CHECK_DECLS([writev], , , [ 1592#include <sys/types.h> 1593#include <sys/uio.h> 1594#include <unistd.h> 1595 ]) 1596 1597AC_CHECK_DECLS([MAXSYMLINKS], , , [ 1598#include <sys/param.h> 1599 ]) 1600 1601AC_CHECK_DECLS([offsetof], , , [ 1602#include <stddef.h> 1603 ]) 1604 1605AC_CHECK_FUNCS([setresuid], [ 1606 dnl Some platorms have setresuid that isn't implemented, test for this 1607 AC_MSG_CHECKING([if setresuid seems to work]) 1608 AC_RUN_IFELSE( 1609 [AC_LANG_PROGRAM([[ 1610#include <stdlib.h> 1611#include <errno.h> 1612 ]], [[ 1613 errno=0; 1614 setresuid(0,0,0); 1615 if (errno==ENOSYS) 1616 exit(1); 1617 else 1618 exit(0); 1619 ]])], 1620 [AC_MSG_RESULT([yes])], 1621 [AC_DEFINE([BROKEN_SETRESUID], [1], 1622 [Define if your setresuid() is broken]) 1623 AC_MSG_RESULT([not implemented])], 1624 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1625 ) 1626]) 1627 1628AC_CHECK_FUNCS([setresgid], [ 1629 dnl Some platorms have setresgid that isn't implemented, test for this 1630 AC_MSG_CHECKING([if setresgid seems to work]) 1631 AC_RUN_IFELSE( 1632 [AC_LANG_PROGRAM([[ 1633#include <stdlib.h> 1634#include <errno.h> 1635 ]], [[ 1636 errno=0; 1637 setresgid(0,0,0); 1638 if (errno==ENOSYS) 1639 exit(1); 1640 else 1641 exit(0); 1642 ]])], 1643 [AC_MSG_RESULT([yes])], 1644 [AC_DEFINE([BROKEN_SETRESGID], [1], 1645 [Define if your setresgid() is broken]) 1646 AC_MSG_RESULT([not implemented])], 1647 [AC_MSG_WARN([cross compiling: not checking setresuid])] 1648 ) 1649]) 1650 1651dnl Checks for time functions 1652AC_CHECK_FUNCS([gettimeofday time]) 1653dnl Checks for utmp functions 1654AC_CHECK_FUNCS([endutent getutent getutid getutline pututline setutent]) 1655AC_CHECK_FUNCS([utmpname]) 1656dnl Checks for utmpx functions 1657AC_CHECK_FUNCS([endutxent getutxent getutxid getutxline getutxuser pututxline]) 1658AC_CHECK_FUNCS([setutxdb setutxent utmpxname]) 1659dnl Checks for lastlog functions 1660AC_CHECK_FUNCS([getlastlogxbyname]) 1661 1662AC_CHECK_FUNC([daemon], 1663 [AC_DEFINE([HAVE_DAEMON], [1], [Define if your libraries define daemon()])], 1664 [AC_CHECK_LIB([bsd], [daemon], 1665 [LIBS="$LIBS -lbsd"; AC_DEFINE([HAVE_DAEMON])])] 1666) 1667 1668AC_CHECK_FUNC([getpagesize], 1669 [AC_DEFINE([HAVE_GETPAGESIZE], [1], 1670 [Define if your libraries define getpagesize()])], 1671 [AC_CHECK_LIB([ucb], [getpagesize], 1672 [LIBS="$LIBS -lucb"; AC_DEFINE([HAVE_GETPAGESIZE])])] 1673) 1674 1675# Check for broken snprintf 1676if test "x$ac_cv_func_snprintf" = "xyes" ; then 1677 AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) 1678 AC_RUN_IFELSE( 1679 [AC_LANG_PROGRAM([[ #include <stdio.h> ]], 1680 [[ 1681 char b[5]; 1682 snprintf(b,5,"123456789"); 1683 exit(b[4]!='\0'); 1684 ]])], 1685 [AC_MSG_RESULT([yes])], 1686 [ 1687 AC_MSG_RESULT([no]) 1688 AC_DEFINE([BROKEN_SNPRINTF], [1], 1689 [Define if your snprintf is busted]) 1690 AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) 1691 ], 1692 [ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ] 1693 ) 1694fi 1695 1696# If we don't have a working asprintf, then we strongly depend on vsnprintf 1697# returning the right thing on overflow: the number of characters it tried to 1698# create (as per SUSv3) 1699if test "x$ac_cv_func_asprintf" != "xyes" && \ 1700 test "x$ac_cv_func_vsnprintf" = "xyes" ; then 1701 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1702 AC_RUN_IFELSE( 1703 [AC_LANG_PROGRAM([[ 1704#include <sys/types.h> 1705#include <stdio.h> 1706#include <stdarg.h> 1707 1708int x_snprintf(char *str,size_t count,const char *fmt,...) 1709{ 1710 size_t ret; va_list ap; 1711 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1712 return ret; 1713} 1714 ]], [[ 1715 char x[1]; 1716 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1717 ]])], 1718 [AC_MSG_RESULT([yes])], 1719 [ 1720 AC_MSG_RESULT([no]) 1721 AC_DEFINE([BROKEN_SNPRINTF], [1], 1722 [Define if your snprintf is busted]) 1723 AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor]) 1724 ], 1725 [ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ] 1726 ) 1727fi 1728 1729# On systems where [v]snprintf is broken, but is declared in stdio, 1730# check that the fmt argument is const char * or just char *. 1731# This is only useful for when BROKEN_SNPRINTF 1732AC_MSG_CHECKING([whether snprintf can declare const char *fmt]) 1733AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1734#include <stdio.h> 1735int snprintf(char *a, size_t b, const char *c, ...) { return 0; } 1736 ]], [[ 1737 snprintf(0, 0, 0); 1738 ]])], 1739 [AC_MSG_RESULT([yes]) 1740 AC_DEFINE([SNPRINTF_CONST], [const], 1741 [Define as const if snprintf() can declare const char *fmt])], 1742 [AC_MSG_RESULT([no]) 1743 AC_DEFINE([SNPRINTF_CONST], [/* not const */])]) 1744 1745# Check for missing getpeereid (or equiv) support 1746NO_PEERCHECK="" 1747if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then 1748 AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt]) 1749 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 1750#include <sys/types.h> 1751#include <sys/socket.h>]], [[int i = SO_PEERCRED;]])], 1752 [ AC_MSG_RESULT([yes]) 1753 AC_DEFINE([HAVE_SO_PEERCRED], [1], [Have PEERCRED socket option]) 1754 ], [AC_MSG_RESULT([no]) 1755 NO_PEERCHECK=1 1756 ]) 1757fi 1758 1759dnl see whether mkstemp() requires XXXXXX 1760if test "x$ac_cv_func_mkdtemp" = "xyes" ; then 1761AC_MSG_CHECKING([for (overly) strict mkstemp]) 1762AC_RUN_IFELSE( 1763 [AC_LANG_PROGRAM([[ 1764#include <stdlib.h> 1765 ]], [[ 1766 char template[]="conftest.mkstemp-test"; 1767 if (mkstemp(template) == -1) 1768 exit(1); 1769 unlink(template); 1770 exit(0); 1771 ]])], 1772 [ 1773 AC_MSG_RESULT([no]) 1774 ], 1775 [ 1776 AC_MSG_RESULT([yes]) 1777 AC_DEFINE([HAVE_STRICT_MKSTEMP], [1], [Silly mkstemp()]) 1778 ], 1779 [ 1780 AC_MSG_RESULT([yes]) 1781 AC_DEFINE([HAVE_STRICT_MKSTEMP]) 1782 ] 1783) 1784fi 1785 1786dnl make sure that openpty does not reacquire controlling terminal 1787if test ! -z "$check_for_openpty_ctty_bug"; then 1788 AC_MSG_CHECKING([if openpty correctly handles controlling tty]) 1789 AC_RUN_IFELSE( 1790 [AC_LANG_PROGRAM([[ 1791#include <stdio.h> 1792#include <sys/fcntl.h> 1793#include <sys/types.h> 1794#include <sys/wait.h> 1795 ]], [[ 1796 pid_t pid; 1797 int fd, ptyfd, ttyfd, status; 1798 1799 pid = fork(); 1800 if (pid < 0) { /* failed */ 1801 exit(1); 1802 } else if (pid > 0) { /* parent */ 1803 waitpid(pid, &status, 0); 1804 if (WIFEXITED(status)) 1805 exit(WEXITSTATUS(status)); 1806 else 1807 exit(2); 1808 } else { /* child */ 1809 close(0); close(1); close(2); 1810 setsid(); 1811 openpty(&ptyfd, &ttyfd, NULL, NULL, NULL); 1812 fd = open("/dev/tty", O_RDWR | O_NOCTTY); 1813 if (fd >= 0) 1814 exit(3); /* Acquired ctty: broken */ 1815 else 1816 exit(0); /* Did not acquire ctty: OK */ 1817 } 1818 ]])], 1819 [ 1820 AC_MSG_RESULT([yes]) 1821 ], 1822 [ 1823 AC_MSG_RESULT([no]) 1824 AC_DEFINE([SSHD_ACQUIRES_CTTY]) 1825 ], 1826 [ 1827 AC_MSG_RESULT([cross-compiling, assuming yes]) 1828 ] 1829 ) 1830fi 1831 1832if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1833 test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then 1834 AC_MSG_CHECKING([if getaddrinfo seems to work]) 1835 AC_RUN_IFELSE( 1836 [AC_LANG_PROGRAM([[ 1837#include <stdio.h> 1838#include <sys/socket.h> 1839#include <netdb.h> 1840#include <errno.h> 1841#include <netinet/in.h> 1842 1843#define TEST_PORT "2222" 1844 ]], [[ 1845 int err, sock; 1846 struct addrinfo *gai_ai, *ai, hints; 1847 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1848 1849 memset(&hints, 0, sizeof(hints)); 1850 hints.ai_family = PF_UNSPEC; 1851 hints.ai_socktype = SOCK_STREAM; 1852 hints.ai_flags = AI_PASSIVE; 1853 1854 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1855 if (err != 0) { 1856 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1857 exit(1); 1858 } 1859 1860 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1861 if (ai->ai_family != AF_INET6) 1862 continue; 1863 1864 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1865 sizeof(ntop), strport, sizeof(strport), 1866 NI_NUMERICHOST|NI_NUMERICSERV); 1867 1868 if (err != 0) { 1869 if (err == EAI_SYSTEM) 1870 perror("getnameinfo EAI_SYSTEM"); 1871 else 1872 fprintf(stderr, "getnameinfo failed: %s\n", 1873 gai_strerror(err)); 1874 exit(2); 1875 } 1876 1877 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); 1878 if (sock < 0) 1879 perror("socket"); 1880 if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { 1881 if (errno == EBADF) 1882 exit(3); 1883 } 1884 } 1885 exit(0); 1886 ]])], 1887 [ 1888 AC_MSG_RESULT([yes]) 1889 ], 1890 [ 1891 AC_MSG_RESULT([no]) 1892 AC_DEFINE([BROKEN_GETADDRINFO]) 1893 ], 1894 [ 1895 AC_MSG_RESULT([cross-compiling, assuming yes]) 1896 ] 1897 ) 1898fi 1899 1900if test "x$ac_cv_func_getaddrinfo" = "xyes" && \ 1901 test "x$check_for_aix_broken_getaddrinfo" = "x1"; then 1902 AC_MSG_CHECKING([if getaddrinfo seems to work]) 1903 AC_RUN_IFELSE( 1904 [AC_LANG_PROGRAM([[ 1905#include <stdio.h> 1906#include <sys/socket.h> 1907#include <netdb.h> 1908#include <errno.h> 1909#include <netinet/in.h> 1910 1911#define TEST_PORT "2222" 1912 ]], [[ 1913 int err, sock; 1914 struct addrinfo *gai_ai, *ai, hints; 1915 char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL; 1916 1917 memset(&hints, 0, sizeof(hints)); 1918 hints.ai_family = PF_UNSPEC; 1919 hints.ai_socktype = SOCK_STREAM; 1920 hints.ai_flags = AI_PASSIVE; 1921 1922 err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai); 1923 if (err != 0) { 1924 fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err)); 1925 exit(1); 1926 } 1927 1928 for (ai = gai_ai; ai != NULL; ai = ai->ai_next) { 1929 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1930 continue; 1931 1932 err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, 1933 sizeof(ntop), strport, sizeof(strport), 1934 NI_NUMERICHOST|NI_NUMERICSERV); 1935 1936 if (ai->ai_family == AF_INET && err != 0) { 1937 perror("getnameinfo"); 1938 exit(2); 1939 } 1940 } 1941 exit(0); 1942 ]])], 1943 [ 1944 AC_MSG_RESULT([yes]) 1945 AC_DEFINE([AIX_GETNAMEINFO_HACK], [1], 1946 [Define if you have a getaddrinfo that fails 1947 for the all-zeros IPv6 address]) 1948 ], 1949 [ 1950 AC_MSG_RESULT([no]) 1951 AC_DEFINE([BROKEN_GETADDRINFO]) 1952 ], 1953 [ 1954 AC_MSG_RESULT([cross-compiling, assuming no]) 1955 ] 1956 ) 1957fi 1958 1959if test "x$check_for_conflicting_getspnam" = "x1"; then 1960 AC_MSG_CHECKING([for conflicting getspnam in shadow.h]) 1961 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <shadow.h> ]], 1962 [[ exit(0); ]])], 1963 [ 1964 AC_MSG_RESULT([no]) 1965 ], 1966 [ 1967 AC_MSG_RESULT([yes]) 1968 AC_DEFINE([GETSPNAM_CONFLICTING_DEFS], [1], 1969 [Conflicting defs for getspnam]) 1970 ] 1971 ) 1972fi 1973 1974AC_FUNC_GETPGRP 1975 1976# Search for OpenSSL 1977saved_CPPFLAGS="$CPPFLAGS" 1978saved_LDFLAGS="$LDFLAGS" 1979AC_ARG_WITH([ssl-dir], 1980 [ --with-ssl-dir=PATH Specify path to OpenSSL installation ], 1981 [ 1982 if test "x$withval" != "xno" ; then 1983 case "$withval" in 1984 # Relative paths 1985 ./*|../*) withval="`pwd`/$withval" 1986 esac 1987 if test -d "$withval/lib"; then 1988 if test -n "${need_dash_r}"; then 1989 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" 1990 else 1991 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1992 fi 1993 elif test -d "$withval/lib64"; then 1994 if test -n "${need_dash_r}"; then 1995 LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}" 1996 else 1997 LDFLAGS="-L${withval}/lib64 ${LDFLAGS}" 1998 fi 1999 else 2000 if test -n "${need_dash_r}"; then 2001 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 2002 else 2003 LDFLAGS="-L${withval} ${LDFLAGS}" 2004 fi 2005 fi 2006 if test -d "$withval/include"; then 2007 CPPFLAGS="-I${withval}/include ${CPPFLAGS}" 2008 else 2009 CPPFLAGS="-I${withval} ${CPPFLAGS}" 2010 fi 2011 fi 2012 ] 2013) 2014LIBS="-lcrypto $LIBS" 2015AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL], [1], 2016 [Define if your ssl headers are included 2017 with #include <openssl/header.h>])], 2018 [ 2019 dnl Check default openssl install dir 2020 if test -n "${need_dash_r}"; then 2021 LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}" 2022 else 2023 LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}" 2024 fi 2025 CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}" 2026 AC_CHECK_HEADER([openssl/opensslv.h], , 2027 [AC_MSG_ERROR([*** OpenSSL headers missing - please install first or check config.log ***])]) 2028 AC_TRY_LINK_FUNC([RAND_add], [AC_DEFINE([HAVE_OPENSSL])], 2029 [ 2030 AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***]) 2031 ] 2032 ) 2033 ] 2034) 2035 2036# Determine OpenSSL header version 2037AC_MSG_CHECKING([OpenSSL header version]) 2038AC_RUN_IFELSE( 2039 [AC_LANG_PROGRAM([[ 2040#include <stdio.h> 2041#include <string.h> 2042#include <openssl/opensslv.h> 2043#define DATA "conftest.sslincver" 2044 ]], [[ 2045 FILE *fd; 2046 int rc; 2047 2048 fd = fopen(DATA,"w"); 2049 if(fd == NULL) 2050 exit(1); 2051 2052 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 2053 exit(1); 2054 2055 exit(0); 2056 ]])], 2057 [ 2058 ssl_header_ver=`cat conftest.sslincver` 2059 AC_MSG_RESULT([$ssl_header_ver]) 2060 ], 2061 [ 2062 AC_MSG_RESULT([not found]) 2063 AC_MSG_ERROR([OpenSSL version header not found.]) 2064 ], 2065 [ 2066 AC_MSG_WARN([cross compiling: not checking]) 2067 ] 2068) 2069 2070# Determine OpenSSL library version 2071AC_MSG_CHECKING([OpenSSL library version]) 2072AC_RUN_IFELSE( 2073 [AC_LANG_PROGRAM([[ 2074#include <stdio.h> 2075#include <string.h> 2076#include <openssl/opensslv.h> 2077#include <openssl/crypto.h> 2078#define DATA "conftest.ssllibver" 2079 ]], [[ 2080 FILE *fd; 2081 int rc; 2082 2083 fd = fopen(DATA,"w"); 2084 if(fd == NULL) 2085 exit(1); 2086 2087 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 2088 exit(1); 2089 2090 exit(0); 2091 ]])], 2092 [ 2093 ssl_library_ver=`cat conftest.ssllibver` 2094 AC_MSG_RESULT([$ssl_library_ver]) 2095 ], 2096 [ 2097 AC_MSG_RESULT([not found]) 2098 AC_MSG_ERROR([OpenSSL library not found.]) 2099 ], 2100 [ 2101 AC_MSG_WARN([cross compiling: not checking]) 2102 ] 2103) 2104 2105AC_ARG_WITH([openssl-header-check], 2106 [ --without-openssl-header-check Disable OpenSSL version consistency check], 2107 [ if test "x$withval" = "xno" ; then 2108 openssl_check_nonfatal=1 2109 fi 2110 ] 2111) 2112 2113# Sanity check OpenSSL headers 2114AC_MSG_CHECKING([whether OpenSSL's headers match the library]) 2115AC_RUN_IFELSE( 2116 [AC_LANG_PROGRAM([[ 2117#include <string.h> 2118#include <openssl/opensslv.h> 2119 ]], [[ 2120 exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); 2121 ]])], 2122 [ 2123 AC_MSG_RESULT([yes]) 2124 ], 2125 [ 2126 AC_MSG_RESULT([no]) 2127 if test "x$openssl_check_nonfatal" = "x"; then 2128 AC_MSG_ERROR([Your OpenSSL headers do not match your 2129library. Check config.log for details. 2130If you are sure your installation is consistent, you can disable the check 2131by running "./configure --without-openssl-header-check". 2132Also see contrib/findssl.sh for help identifying header/library mismatches. 2133]) 2134 else 2135 AC_MSG_WARN([Your OpenSSL headers do not match your 2136library. Check config.log for details. 2137Also see contrib/findssl.sh for help identifying header/library mismatches.]) 2138 fi 2139 ], 2140 [ 2141 AC_MSG_WARN([cross compiling: not checking]) 2142 ] 2143) 2144 2145AC_MSG_CHECKING([if programs using OpenSSL functions will link]) 2146AC_LINK_IFELSE( 2147 [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]], 2148 [[ SSLeay_add_all_algorithms(); ]])], 2149 [ 2150 AC_MSG_RESULT([yes]) 2151 ], 2152 [ 2153 AC_MSG_RESULT([no]) 2154 saved_LIBS="$LIBS" 2155 LIBS="$LIBS -ldl" 2156 AC_MSG_CHECKING([if programs using OpenSSL need -ldl]) 2157 AC_LINK_IFELSE( 2158 [AC_LANG_PROGRAM([[ #include <openssl/evp.h> ]], 2159 [[ SSLeay_add_all_algorithms(); ]])], 2160 [ 2161 AC_MSG_RESULT([yes]) 2162 ], 2163 [ 2164 AC_MSG_RESULT([no]) 2165 LIBS="$saved_LIBS" 2166 ] 2167 ) 2168 ] 2169) 2170 2171AC_CHECK_FUNCS([RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex RSA_get_default_method]) 2172 2173AC_ARG_WITH([ssl-engine], 2174 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2175 [ if test "x$withval" != "xno" ; then 2176 AC_MSG_CHECKING([for OpenSSL ENGINE support]) 2177 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2178#include <openssl/engine.h> 2179 ]], [[ 2180 ENGINE_load_builtin_engines(); 2181 ENGINE_register_all_complete(); 2182 ]])], 2183 [ AC_MSG_RESULT([yes]) 2184 AC_DEFINE([USE_OPENSSL_ENGINE], [1], 2185 [Enable OpenSSL engine support]) 2186 ], [ AC_MSG_ERROR([OpenSSL ENGINE support not found]) 2187 ]) 2188 fi ] 2189) 2190 2191# Check for OpenSSL without EVP_aes_{192,256}_cbc 2192AC_MSG_CHECKING([whether OpenSSL has crippled AES support]) 2193AC_LINK_IFELSE( 2194 [AC_LANG_PROGRAM([[ 2195#include <string.h> 2196#include <openssl/evp.h> 2197 ]], [[ 2198 exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL); 2199 ]])], 2200 [ 2201 AC_MSG_RESULT([no]) 2202 ], 2203 [ 2204 AC_MSG_RESULT([yes]) 2205 AC_DEFINE([OPENSSL_LOBOTOMISED_AES], [1], 2206 [libcrypto is missing AES 192 and 256 bit functions]) 2207 ] 2208) 2209 2210AC_MSG_CHECKING([if EVP_DigestUpdate returns an int]) 2211AC_LINK_IFELSE( 2212 [AC_LANG_PROGRAM([[ 2213#include <string.h> 2214#include <openssl/evp.h> 2215 ]], [[ 2216 if(EVP_DigestUpdate(NULL, NULL,0)) 2217 exit(0); 2218 ]])], 2219 [ 2220 AC_MSG_RESULT([yes]) 2221 ], 2222 [ 2223 AC_MSG_RESULT([no]) 2224 AC_DEFINE([OPENSSL_EVP_DIGESTUPDATE_VOID], [1], 2225 [Define if EVP_DigestUpdate returns void]) 2226 ] 2227) 2228 2229# Some systems want crypt() from libcrypt, *not* the version in OpenSSL, 2230# because the system crypt() is more featureful. 2231if test "x$check_for_libcrypt_before" = "x1"; then 2232 AC_CHECK_LIB([crypt], [crypt]) 2233fi 2234 2235# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the 2236# version in OpenSSL. 2237if test "x$check_for_libcrypt_later" = "x1"; then 2238 AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"]) 2239fi 2240 2241# Search for SHA256 support in libc and/or OpenSSL 2242AC_CHECK_FUNCS([SHA256_Update EVP_sha256], [TEST_SSH_SHA256=yes], 2243 [TEST_SSH_SHA256=no]) 2244AC_SUBST([TEST_SSH_SHA256]) 2245 2246# Check complete ECC support in OpenSSL 2247AC_MSG_CHECKING([whether OpenSSL has complete ECC support]) 2248AC_LINK_IFELSE( 2249 [AC_LANG_PROGRAM([[ 2250#include <openssl/ec.h> 2251#include <openssl/ecdh.h> 2252#include <openssl/ecdsa.h> 2253#include <openssl/evp.h> 2254#include <openssl/objects.h> 2255#include <openssl/opensslv.h> 2256#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */ 2257# error "OpenSSL < 0.9.8g has unreliable ECC code" 2258#endif 2259 ]], [[ 2260 EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1); 2261 const EVP_MD *m = EVP_sha512(); /* We need this too */ 2262 ]])], 2263 [ 2264 AC_MSG_RESULT([yes]) 2265 AC_DEFINE([OPENSSL_HAS_ECC], [1], 2266 [libcrypto includes complete ECC support]) 2267 TEST_SSH_ECC=yes 2268 COMMENT_OUT_ECC="" 2269 ], 2270 [ 2271 AC_MSG_RESULT([no]) 2272 TEST_SSH_ECC=no 2273 COMMENT_OUT_ECC="#no ecc#" 2274 ] 2275) 2276AC_SUBST([TEST_SSH_ECC]) 2277AC_SUBST([COMMENT_OUT_ECC]) 2278 2279saved_LIBS="$LIBS" 2280AC_CHECK_LIB([iaf], [ia_openinfo], [ 2281 LIBS="$LIBS -liaf" 2282 AC_CHECK_FUNCS([set_id], [SSHDLIBS="$SSHDLIBS -liaf" 2283 AC_DEFINE([HAVE_LIBIAF], [1], 2284 [Define if system has libiaf that supports set_id]) 2285 ]) 2286]) 2287LIBS="$saved_LIBS" 2288 2289### Configure cryptographic random number support 2290 2291# Check wheter OpenSSL seeds itself 2292AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) 2293AC_RUN_IFELSE( 2294 [AC_LANG_PROGRAM([[ 2295#include <string.h> 2296#include <openssl/rand.h> 2297 ]], [[ 2298 exit(RAND_status() == 1 ? 0 : 1); 2299 ]])], 2300 [ 2301 OPENSSL_SEEDS_ITSELF=yes 2302 AC_MSG_RESULT([yes]) 2303 ], 2304 [ 2305 AC_MSG_RESULT([no]) 2306 ], 2307 [ 2308 AC_MSG_WARN([cross compiling: assuming yes]) 2309 # This is safe, since we will fatal() at runtime if 2310 # OpenSSL is not seeded correctly. 2311 OPENSSL_SEEDS_ITSELF=yes 2312 ] 2313) 2314 2315# PRNGD TCP socket 2316AC_ARG_WITH([prngd-port], 2317 [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], 2318 [ 2319 case "$withval" in 2320 no) 2321 withval="" 2322 ;; 2323 [[0-9]]*) 2324 ;; 2325 *) 2326 AC_MSG_ERROR([You must specify a numeric port number for --with-prngd-port]) 2327 ;; 2328 esac 2329 if test ! -z "$withval" ; then 2330 PRNGD_PORT="$withval" 2331 AC_DEFINE_UNQUOTED([PRNGD_PORT], [$PRNGD_PORT], 2332 [Port number of PRNGD/EGD random number socket]) 2333 fi 2334 ] 2335) 2336 2337# PRNGD Unix domain socket 2338AC_ARG_WITH([prngd-socket], 2339 [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], 2340 [ 2341 case "$withval" in 2342 yes) 2343 withval="/var/run/egd-pool" 2344 ;; 2345 no) 2346 withval="" 2347 ;; 2348 /*) 2349 ;; 2350 *) 2351 AC_MSG_ERROR([You must specify an absolute path to the entropy socket]) 2352 ;; 2353 esac 2354 2355 if test ! -z "$withval" ; then 2356 if test ! -z "$PRNGD_PORT" ; then 2357 AC_MSG_ERROR([You may not specify both a PRNGD/EGD port and socket]) 2358 fi 2359 if test ! -r "$withval" ; then 2360 AC_MSG_WARN([Entropy socket is not readable]) 2361 fi 2362 PRNGD_SOCKET="$withval" 2363 AC_DEFINE_UNQUOTED([PRNGD_SOCKET], ["$PRNGD_SOCKET"], 2364 [Location of PRNGD/EGD random number socket]) 2365 fi 2366 ], 2367 [ 2368 # Check for existing socket only if we don't have a random device already 2369 if test "x$OPENSSL_SEEDS_ITSELF" != "xyes" ; then 2370 AC_MSG_CHECKING([for PRNGD/EGD socket]) 2371 # Insert other locations here 2372 for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do 2373 if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then 2374 PRNGD_SOCKET="$sock" 2375 AC_DEFINE_UNQUOTED([PRNGD_SOCKET], ["$PRNGD_SOCKET"]) 2376 break; 2377 fi 2378 done 2379 if test ! -z "$PRNGD_SOCKET" ; then 2380 AC_MSG_RESULT([$PRNGD_SOCKET]) 2381 else 2382 AC_MSG_RESULT([not found]) 2383 fi 2384 fi 2385 ] 2386) 2387 2388# Which randomness source do we use? 2389if test ! -z "$PRNGD_PORT" ; then 2390 RAND_MSG="PRNGd port $PRNGD_PORT" 2391elif test ! -z "$PRNGD_SOCKET" ; then 2392 RAND_MSG="PRNGd socket $PRNGD_SOCKET" 2393elif test ! -z "$OPENSSL_SEEDS_ITSELF" ; then 2394 AC_DEFINE([OPENSSL_PRNG_ONLY], [1], 2395 [Define if you want OpenSSL's internally seeded PRNG only]) 2396 RAND_MSG="OpenSSL internal ONLY" 2397else 2398 AC_MSG_ERROR([OpenSSH has no source of random numbers. Please configure OpenSSL with an entropy source or re-run configure using one of the --with-prngd-port or --with-prngd-socket options]) 2399fi 2400 2401# Check for PAM libs 2402PAM_MSG="no" 2403AC_ARG_WITH([pam], 2404 [ --with-pam Enable PAM support ], 2405 [ 2406 if test "x$withval" != "xno" ; then 2407 if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \ 2408 test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then 2409 AC_MSG_ERROR([PAM headers not found]) 2410 fi 2411 2412 saved_LIBS="$LIBS" 2413 AC_CHECK_LIB([dl], [dlopen], , ) 2414 AC_CHECK_LIB([pam], [pam_set_item], , [AC_MSG_ERROR([*** libpam missing])]) 2415 AC_CHECK_FUNCS([pam_getenvlist]) 2416 AC_CHECK_FUNCS([pam_putenv]) 2417 LIBS="$saved_LIBS" 2418 2419 PAM_MSG="yes" 2420 2421 SSHDLIBS="$SSHDLIBS -lpam" 2422 AC_DEFINE([USE_PAM], [1], 2423 [Define if you want to enable PAM support]) 2424 2425 if test $ac_cv_lib_dl_dlopen = yes; then 2426 case "$LIBS" in 2427 *-ldl*) 2428 # libdl already in LIBS 2429 ;; 2430 *) 2431 SSHDLIBS="$SSHDLIBS -ldl" 2432 ;; 2433 esac 2434 fi 2435 fi 2436 ] 2437) 2438 2439# Check for older PAM 2440if test "x$PAM_MSG" = "xyes" ; then 2441 # Check PAM strerror arguments (old PAM) 2442 AC_MSG_CHECKING([whether pam_strerror takes only one argument]) 2443 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2444#include <stdlib.h> 2445#if defined(HAVE_SECURITY_PAM_APPL_H) 2446#include <security/pam_appl.h> 2447#elif defined (HAVE_PAM_PAM_APPL_H) 2448#include <pam/pam_appl.h> 2449#endif 2450 ]], [[ 2451(void)pam_strerror((pam_handle_t *)NULL, -1); 2452 ]])], [AC_MSG_RESULT([no])], [ 2453 AC_DEFINE([HAVE_OLD_PAM], [1], 2454 [Define if you have an old version of PAM 2455 which takes only one argument to pam_strerror]) 2456 AC_MSG_RESULT([yes]) 2457 PAM_MSG="yes (old library)" 2458 2459 ]) 2460fi 2461 2462SSH_PRIVSEP_USER=sshd 2463AC_ARG_WITH([privsep-user], 2464 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2465 [ 2466 if test -n "$withval" && test "x$withval" != "xno" && \ 2467 test "x${withval}" != "xyes"; then 2468 SSH_PRIVSEP_USER=$withval 2469 fi 2470 ] 2471) 2472AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], 2473 [non-privileged user for privilege separation]) 2474AC_SUBST([SSH_PRIVSEP_USER]) 2475 2476# Decide which sandbox style to use 2477sandbox_arg="" 2478AC_ARG_WITH([sandbox], 2479 [ --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace)], 2480 [ 2481 if test "x$withval" = "xyes" ; then 2482 sandbox_arg="" 2483 else 2484 sandbox_arg="$withval" 2485 fi 2486 ] 2487) 2488if test "x$sandbox_arg" = "xsystrace" || \ 2489 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then 2490 test "x$have_systr_policy_kill" != "x1" && \ 2491 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support]) 2492 SANDBOX_STYLE="systrace" 2493 AC_DEFINE([SANDBOX_SYSTRACE], [1], [Sandbox using systrace(4)]) 2494elif test "x$sandbox_arg" = "xdarwin" || \ 2495 ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \ 2496 test "x$ac_cv_header_sandbox_h" = "xyes") ; then 2497 test "x$ac_cv_func_sandbox_init" != "xyes" -o \ 2498 "x$ac_cv_header_sandbox_h" != "xyes" && \ 2499 AC_MSG_ERROR([Darwin seatbelt sandbox requires sandbox.h and sandbox_init function]) 2500 SANDBOX_STYLE="darwin" 2501 AC_DEFINE([SANDBOX_DARWIN], [1], [Sandbox using Darwin sandbox_init(3)]) 2502elif test "x$sandbox_arg" = "xrlimit" || \ 2503 ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" ) ; then 2504 test "x$ac_cv_func_setrlimit" != "xyes" && \ 2505 AC_MSG_ERROR([rlimit sandbox requires setrlimit function]) 2506 SANDBOX_STYLE="rlimit" 2507 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)]) 2508elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ 2509 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then 2510 SANDBOX_STYLE="none" 2511 AC_DEFINE([SANDBOX_NULL], [1], [no privsep sandboxing]) 2512else 2513 AC_MSG_ERROR([unsupported --with-sandbox]) 2514fi 2515 2516# Cheap hack to ensure NEWS-OS libraries are arranged right. 2517if test ! -z "$SONY" ; then 2518 LIBS="$LIBS -liberty"; 2519fi 2520 2521# Check for long long datatypes 2522AC_CHECK_TYPES([long long, unsigned long long, long double]) 2523 2524# Check datatype sizes 2525AC_CHECK_SIZEOF([char], [1]) 2526AC_CHECK_SIZEOF([short int], [2]) 2527AC_CHECK_SIZEOF([int], [4]) 2528AC_CHECK_SIZEOF([long int], [4]) 2529AC_CHECK_SIZEOF([long long int], [8]) 2530 2531# Sanity check long long for some platforms (AIX) 2532if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then 2533 ac_cv_sizeof_long_long_int=0 2534fi 2535 2536# compute LLONG_MIN and LLONG_MAX if we don't know them. 2537if test -z "$have_llong_max"; then 2538 AC_MSG_CHECKING([for max value of long long]) 2539 AC_RUN_IFELSE( 2540 [AC_LANG_PROGRAM([[ 2541#include <stdio.h> 2542/* Why is this so damn hard? */ 2543#ifdef __GNUC__ 2544# undef __GNUC__ 2545#endif 2546#define __USE_ISOC99 2547#include <limits.h> 2548#define DATA "conftest.llminmax" 2549#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a)) 2550 2551/* 2552 * printf in libc on some platforms (eg old Tru64) does not understand %lld so 2553 * we do this the hard way. 2554 */ 2555static int 2556fprint_ll(FILE *f, long long n) 2557{ 2558 unsigned int i; 2559 int l[sizeof(long long) * 8]; 2560 2561 if (n < 0) 2562 if (fprintf(f, "-") < 0) 2563 return -1; 2564 for (i = 0; n != 0; i++) { 2565 l[i] = my_abs(n % 10); 2566 n /= 10; 2567 } 2568 do { 2569 if (fprintf(f, "%d", l[--i]) < 0) 2570 return -1; 2571 } while (i != 0); 2572 if (fprintf(f, " ") < 0) 2573 return -1; 2574 return 0; 2575} 2576 ]], [[ 2577 FILE *f; 2578 long long i, llmin, llmax = 0; 2579 2580 if((f = fopen(DATA,"w")) == NULL) 2581 exit(1); 2582 2583#if defined(LLONG_MIN) && defined(LLONG_MAX) 2584 fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n"); 2585 llmin = LLONG_MIN; 2586 llmax = LLONG_MAX; 2587#else 2588 fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n"); 2589 /* This will work on one's complement and two's complement */ 2590 for (i = 1; i > llmax; i <<= 1, i++) 2591 llmax = i; 2592 llmin = llmax + 1LL; /* wrap */ 2593#endif 2594 2595 /* Sanity check */ 2596 if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax 2597 || llmax - 1 > llmax || llmin == llmax || llmin == 0 2598 || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) { 2599 fprintf(f, "unknown unknown\n"); 2600 exit(2); 2601 } 2602 2603 if (fprint_ll(f, llmin) < 0) 2604 exit(3); 2605 if (fprint_ll(f, llmax) < 0) 2606 exit(4); 2607 if (fclose(f) < 0) 2608 exit(5); 2609 exit(0); 2610 ]])], 2611 [ 2612 llong_min=`$AWK '{print $1}' conftest.llminmax` 2613 llong_max=`$AWK '{print $2}' conftest.llminmax` 2614 2615 AC_MSG_RESULT([$llong_max]) 2616 AC_DEFINE_UNQUOTED([LLONG_MAX], [${llong_max}LL], 2617 [max value of long long calculated by configure]) 2618 AC_MSG_CHECKING([for min value of long long]) 2619 AC_MSG_RESULT([$llong_min]) 2620 AC_DEFINE_UNQUOTED([LLONG_MIN], [${llong_min}LL], 2621 [min value of long long calculated by configure]) 2622 ], 2623 [ 2624 AC_MSG_RESULT([not found]) 2625 ], 2626 [ 2627 AC_MSG_WARN([cross compiling: not checking]) 2628 ] 2629 ) 2630fi 2631 2632 2633# More checks for data types 2634AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [ 2635 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2636 [[ u_int a; a = 1;]])], 2637 [ ac_cv_have_u_int="yes" ], [ ac_cv_have_u_int="no" 2638 ]) 2639]) 2640if test "x$ac_cv_have_u_int" = "xyes" ; then 2641 AC_DEFINE([HAVE_U_INT], [1], [define if you have u_int data type]) 2642 have_u_int=1 2643fi 2644 2645AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [ 2646 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2647 [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])], 2648 [ ac_cv_have_intxx_t="yes" ], [ ac_cv_have_intxx_t="no" 2649 ]) 2650]) 2651if test "x$ac_cv_have_intxx_t" = "xyes" ; then 2652 AC_DEFINE([HAVE_INTXX_T], [1], [define if you have intxx_t data type]) 2653 have_intxx_t=1 2654fi 2655 2656if (test -z "$have_intxx_t" && \ 2657 test "x$ac_cv_header_stdint_h" = "xyes") 2658then 2659 AC_MSG_CHECKING([for intXX_t types in stdint.h]) 2660 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdint.h> ]], 2661 [[ int8_t a; int16_t b; int32_t c; a = b = c = 1;]])], 2662 [ 2663 AC_DEFINE([HAVE_INTXX_T]) 2664 AC_MSG_RESULT([yes]) 2665 ], [ AC_MSG_RESULT([no]) 2666 ]) 2667fi 2668 2669AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [ 2670 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2671#include <sys/types.h> 2672#ifdef HAVE_STDINT_H 2673# include <stdint.h> 2674#endif 2675#include <sys/socket.h> 2676#ifdef HAVE_SYS_BITYPES_H 2677# include <sys/bitypes.h> 2678#endif 2679 ]], [[ 2680int64_t a; a = 1; 2681 ]])], 2682 [ ac_cv_have_int64_t="yes" ], [ ac_cv_have_int64_t="no" 2683 ]) 2684]) 2685if test "x$ac_cv_have_int64_t" = "xyes" ; then 2686 AC_DEFINE([HAVE_INT64_T], [1], [define if you have int64_t data type]) 2687fi 2688 2689AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [ 2690 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2691 [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])], 2692 [ ac_cv_have_u_intxx_t="yes" ], [ ac_cv_have_u_intxx_t="no" 2693 ]) 2694]) 2695if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then 2696 AC_DEFINE([HAVE_U_INTXX_T], [1], [define if you have u_intxx_t data type]) 2697 have_u_intxx_t=1 2698fi 2699 2700if test -z "$have_u_intxx_t" ; then 2701 AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h]) 2702 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/socket.h> ]], 2703 [[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;]])], 2704 [ 2705 AC_DEFINE([HAVE_U_INTXX_T]) 2706 AC_MSG_RESULT([yes]) 2707 ], [ AC_MSG_RESULT([no]) 2708 ]) 2709fi 2710 2711AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [ 2712 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2713 [[ u_int64_t a; a = 1;]])], 2714 [ ac_cv_have_u_int64_t="yes" ], [ ac_cv_have_u_int64_t="no" 2715 ]) 2716]) 2717if test "x$ac_cv_have_u_int64_t" = "xyes" ; then 2718 AC_DEFINE([HAVE_U_INT64_T], [1], [define if you have u_int64_t data type]) 2719 have_u_int64_t=1 2720fi 2721 2722if test -z "$have_u_int64_t" ; then 2723 AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h]) 2724 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/bitypes.h> ]], 2725 [[ u_int64_t a; a = 1]])], 2726 [ 2727 AC_DEFINE([HAVE_U_INT64_T]) 2728 AC_MSG_RESULT([yes]) 2729 ], [ AC_MSG_RESULT([no]) 2730 ]) 2731fi 2732 2733if test -z "$have_u_intxx_t" ; then 2734 AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [ 2735 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2736#include <sys/types.h> 2737 ]], [[ 2738 uint8_t a; 2739 uint16_t b; 2740 uint32_t c; 2741 a = b = c = 1; 2742 ]])], 2743 [ ac_cv_have_uintxx_t="yes" ], [ ac_cv_have_uintxx_t="no" 2744 ]) 2745 ]) 2746 if test "x$ac_cv_have_uintxx_t" = "xyes" ; then 2747 AC_DEFINE([HAVE_UINTXX_T], [1], 2748 [define if you have uintxx_t data type]) 2749 fi 2750fi 2751 2752if test -z "$have_uintxx_t" ; then 2753 AC_MSG_CHECKING([for uintXX_t types in stdint.h]) 2754 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <stdint.h> ]], 2755 [[ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;]])], 2756 [ 2757 AC_DEFINE([HAVE_UINTXX_T]) 2758 AC_MSG_RESULT([yes]) 2759 ], [ AC_MSG_RESULT([no]) 2760 ]) 2761fi 2762 2763if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \ 2764 test "x$ac_cv_header_sys_bitypes_h" = "xyes") 2765then 2766 AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h]) 2767 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2768#include <sys/bitypes.h> 2769 ]], [[ 2770 int8_t a; int16_t b; int32_t c; 2771 u_int8_t e; u_int16_t f; u_int32_t g; 2772 a = b = c = e = f = g = 1; 2773 ]])], 2774 [ 2775 AC_DEFINE([HAVE_U_INTXX_T]) 2776 AC_DEFINE([HAVE_INTXX_T]) 2777 AC_MSG_RESULT([yes]) 2778 ], [AC_MSG_RESULT([no]) 2779 ]) 2780fi 2781 2782 2783AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [ 2784 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2785 [[ u_char foo; foo = 125; ]])], 2786 [ ac_cv_have_u_char="yes" ], [ ac_cv_have_u_char="no" 2787 ]) 2788]) 2789if test "x$ac_cv_have_u_char" = "xyes" ; then 2790 AC_DEFINE([HAVE_U_CHAR], [1], [define if you have u_char data type]) 2791fi 2792 2793TYPE_SOCKLEN_T 2794 2795AC_CHECK_TYPES([sig_atomic_t], , , [#include <signal.h>]) 2796AC_CHECK_TYPES([fsblkcnt_t, fsfilcnt_t], , , [ 2797#include <sys/types.h> 2798#ifdef HAVE_SYS_BITYPES_H 2799#include <sys/bitypes.h> 2800#endif 2801#ifdef HAVE_SYS_STATFS_H 2802#include <sys/statfs.h> 2803#endif 2804#ifdef HAVE_SYS_STATVFS_H 2805#include <sys/statvfs.h> 2806#endif 2807]) 2808 2809AC_CHECK_TYPES([in_addr_t, in_port_t], , , 2810[#include <sys/types.h> 2811#include <netinet/in.h>]) 2812 2813AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [ 2814 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2815 [[ size_t foo; foo = 1235; ]])], 2816 [ ac_cv_have_size_t="yes" ], [ ac_cv_have_size_t="no" 2817 ]) 2818]) 2819if test "x$ac_cv_have_size_t" = "xyes" ; then 2820 AC_DEFINE([HAVE_SIZE_T], [1], [define if you have size_t data type]) 2821fi 2822 2823AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [ 2824 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2825 [[ ssize_t foo; foo = 1235; ]])], 2826 [ ac_cv_have_ssize_t="yes" ], [ ac_cv_have_ssize_t="no" 2827 ]) 2828]) 2829if test "x$ac_cv_have_ssize_t" = "xyes" ; then 2830 AC_DEFINE([HAVE_SSIZE_T], [1], [define if you have ssize_t data type]) 2831fi 2832 2833AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [ 2834 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <time.h> ]], 2835 [[ clock_t foo; foo = 1235; ]])], 2836 [ ac_cv_have_clock_t="yes" ], [ ac_cv_have_clock_t="no" 2837 ]) 2838]) 2839if test "x$ac_cv_have_clock_t" = "xyes" ; then 2840 AC_DEFINE([HAVE_CLOCK_T], [1], [define if you have clock_t data type]) 2841fi 2842 2843AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [ 2844 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2845#include <sys/types.h> 2846#include <sys/socket.h> 2847 ]], [[ sa_family_t foo; foo = 1235; ]])], 2848 [ ac_cv_have_sa_family_t="yes" ], 2849 [ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2850#include <sys/types.h> 2851#include <sys/socket.h> 2852#include <netinet/in.h> 2853 ]], [[ sa_family_t foo; foo = 1235; ]])], 2854 [ ac_cv_have_sa_family_t="yes" ], 2855 [ ac_cv_have_sa_family_t="no" ] 2856 ) 2857 ]) 2858]) 2859if test "x$ac_cv_have_sa_family_t" = "xyes" ; then 2860 AC_DEFINE([HAVE_SA_FAMILY_T], [1], 2861 [define if you have sa_family_t data type]) 2862fi 2863 2864AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [ 2865 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2866 [[ pid_t foo; foo = 1235; ]])], 2867 [ ac_cv_have_pid_t="yes" ], [ ac_cv_have_pid_t="no" 2868 ]) 2869]) 2870if test "x$ac_cv_have_pid_t" = "xyes" ; then 2871 AC_DEFINE([HAVE_PID_T], [1], [define if you have pid_t data type]) 2872fi 2873 2874AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [ 2875 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/types.h> ]], 2876 [[ mode_t foo; foo = 1235; ]])], 2877 [ ac_cv_have_mode_t="yes" ], [ ac_cv_have_mode_t="no" 2878 ]) 2879]) 2880if test "x$ac_cv_have_mode_t" = "xyes" ; then 2881 AC_DEFINE([HAVE_MODE_T], [1], [define if you have mode_t data type]) 2882fi 2883 2884 2885AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [ 2886 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2887#include <sys/types.h> 2888#include <sys/socket.h> 2889 ]], [[ struct sockaddr_storage s; ]])], 2890 [ ac_cv_have_struct_sockaddr_storage="yes" ], 2891 [ ac_cv_have_struct_sockaddr_storage="no" 2892 ]) 2893]) 2894if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then 2895 AC_DEFINE([HAVE_STRUCT_SOCKADDR_STORAGE], [1], 2896 [define if you have struct sockaddr_storage data type]) 2897fi 2898 2899AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ 2900 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2901#include <sys/types.h> 2902#include <netinet/in.h> 2903 ]], [[ struct sockaddr_in6 s; s.sin6_family = 0; ]])], 2904 [ ac_cv_have_struct_sockaddr_in6="yes" ], 2905 [ ac_cv_have_struct_sockaddr_in6="no" 2906 ]) 2907]) 2908if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then 2909 AC_DEFINE([HAVE_STRUCT_SOCKADDR_IN6], [1], 2910 [define if you have struct sockaddr_in6 data type]) 2911fi 2912 2913AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ 2914 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2915#include <sys/types.h> 2916#include <netinet/in.h> 2917 ]], [[ struct in6_addr s; s.s6_addr[0] = 0; ]])], 2918 [ ac_cv_have_struct_in6_addr="yes" ], 2919 [ ac_cv_have_struct_in6_addr="no" 2920 ]) 2921]) 2922if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then 2923 AC_DEFINE([HAVE_STRUCT_IN6_ADDR], [1], 2924 [define if you have struct in6_addr data type]) 2925 2926dnl Now check for sin6_scope_id 2927 AC_CHECK_MEMBERS([struct sockaddr_in6.sin6_scope_id], , , 2928 [ 2929#ifdef HAVE_SYS_TYPES_H 2930#include <sys/types.h> 2931#endif 2932#include <netinet/in.h> 2933 ]) 2934fi 2935 2936AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ 2937 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 2938#include <sys/types.h> 2939#include <sys/socket.h> 2940#include <netdb.h> 2941 ]], [[ struct addrinfo s; s.ai_flags = AI_PASSIVE; ]])], 2942 [ ac_cv_have_struct_addrinfo="yes" ], 2943 [ ac_cv_have_struct_addrinfo="no" 2944 ]) 2945]) 2946if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then 2947 AC_DEFINE([HAVE_STRUCT_ADDRINFO], [1], 2948 [define if you have struct addrinfo data type]) 2949fi 2950 2951AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [ 2952 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <sys/time.h> ]], 2953 [[ struct timeval tv; tv.tv_sec = 1;]])], 2954 [ ac_cv_have_struct_timeval="yes" ], 2955 [ ac_cv_have_struct_timeval="no" 2956 ]) 2957]) 2958if test "x$ac_cv_have_struct_timeval" = "xyes" ; then 2959 AC_DEFINE([HAVE_STRUCT_TIMEVAL], [1], [define if you have struct timeval]) 2960 have_struct_timeval=1 2961fi 2962 2963AC_CHECK_TYPES([struct timespec]) 2964 2965# We need int64_t or else certian parts of the compile will fail. 2966if test "x$ac_cv_have_int64_t" = "xno" && \ 2967 test "x$ac_cv_sizeof_long_int" != "x8" && \ 2968 test "x$ac_cv_sizeof_long_long_int" = "x0" ; then 2969 echo "OpenSSH requires int64_t support. Contact your vendor or install" 2970 echo "an alternative compiler (I.E., GCC) before continuing." 2971 echo "" 2972 exit 1; 2973else 2974dnl test snprintf (broken on SCO w/gcc) 2975 AC_RUN_IFELSE( 2976 [AC_LANG_SOURCE([[ 2977#include <stdio.h> 2978#include <string.h> 2979#ifdef HAVE_SNPRINTF 2980main() 2981{ 2982 char buf[50]; 2983 char expected_out[50]; 2984 int mazsize = 50 ; 2985#if (SIZEOF_LONG_INT == 8) 2986 long int num = 0x7fffffffffffffff; 2987#else 2988 long long num = 0x7fffffffffffffffll; 2989#endif 2990 strcpy(expected_out, "9223372036854775807"); 2991 snprintf(buf, mazsize, "%lld", num); 2992 if(strcmp(buf, expected_out) != 0) 2993 exit(1); 2994 exit(0); 2995} 2996#else 2997main() { exit(0); } 2998#endif 2999 ]])], [ true ], [ AC_DEFINE([BROKEN_SNPRINTF]) ], 3000 AC_MSG_WARN([cross compiling: Assuming working snprintf()]) 3001 ) 3002fi 3003 3004dnl Checks for structure members 3005OSSH_CHECK_HEADER_FOR_FIELD([ut_host], [utmp.h], [HAVE_HOST_IN_UTMP]) 3006OSSH_CHECK_HEADER_FOR_FIELD([ut_host], [utmpx.h], [HAVE_HOST_IN_UTMPX]) 3007OSSH_CHECK_HEADER_FOR_FIELD([syslen], [utmpx.h], [HAVE_SYSLEN_IN_UTMPX]) 3008OSSH_CHECK_HEADER_FOR_FIELD([ut_pid], [utmp.h], [HAVE_PID_IN_UTMP]) 3009OSSH_CHECK_HEADER_FOR_FIELD([ut_type], [utmp.h], [HAVE_TYPE_IN_UTMP]) 3010OSSH_CHECK_HEADER_FOR_FIELD([ut_type], [utmpx.h], [HAVE_TYPE_IN_UTMPX]) 3011OSSH_CHECK_HEADER_FOR_FIELD([ut_tv], [utmp.h], [HAVE_TV_IN_UTMP]) 3012OSSH_CHECK_HEADER_FOR_FIELD([ut_id], [utmp.h], [HAVE_ID_IN_UTMP]) 3013OSSH_CHECK_HEADER_FOR_FIELD([ut_id], [utmpx.h], [HAVE_ID_IN_UTMPX]) 3014OSSH_CHECK_HEADER_FOR_FIELD([ut_addr], [utmp.h], [HAVE_ADDR_IN_UTMP]) 3015OSSH_CHECK_HEADER_FOR_FIELD([ut_addr], [utmpx.h], [HAVE_ADDR_IN_UTMPX]) 3016OSSH_CHECK_HEADER_FOR_FIELD([ut_addr_v6], [utmp.h], [HAVE_ADDR_V6_IN_UTMP]) 3017OSSH_CHECK_HEADER_FOR_FIELD([ut_addr_v6], [utmpx.h], [HAVE_ADDR_V6_IN_UTMPX]) 3018OSSH_CHECK_HEADER_FOR_FIELD([ut_exit], [utmp.h], [HAVE_EXIT_IN_UTMP]) 3019OSSH_CHECK_HEADER_FOR_FIELD([ut_time], [utmp.h], [HAVE_TIME_IN_UTMP]) 3020OSSH_CHECK_HEADER_FOR_FIELD([ut_time], [utmpx.h], [HAVE_TIME_IN_UTMPX]) 3021OSSH_CHECK_HEADER_FOR_FIELD([ut_tv], [utmpx.h], [HAVE_TV_IN_UTMPX]) 3022 3023AC_CHECK_MEMBERS([struct stat.st_blksize]) 3024AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE([__res_state], [state], 3025 [Define if we don't have struct __res_state in resolv.h])], 3026[ 3027#include <stdio.h> 3028#if HAVE_SYS_TYPES_H 3029# include <sys/types.h> 3030#endif 3031#include <netinet/in.h> 3032#include <arpa/nameser.h> 3033#include <resolv.h> 3034]) 3035 3036AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage], 3037 ac_cv_have_ss_family_in_struct_ss, [ 3038 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3039#include <sys/types.h> 3040#include <sys/socket.h> 3041 ]], [[ struct sockaddr_storage s; s.ss_family = 1; ]])], 3042 [ ac_cv_have_ss_family_in_struct_ss="yes" ], 3043 [ ac_cv_have_ss_family_in_struct_ss="no" ]) 3044]) 3045if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then 3046 AC_DEFINE([HAVE_SS_FAMILY_IN_SS], [1], [Fields in struct sockaddr_storage]) 3047fi 3048 3049AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage], 3050 ac_cv_have___ss_family_in_struct_ss, [ 3051 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3052#include <sys/types.h> 3053#include <sys/socket.h> 3054 ]], [[ struct sockaddr_storage s; s.__ss_family = 1; ]])], 3055 [ ac_cv_have___ss_family_in_struct_ss="yes" ], 3056 [ ac_cv_have___ss_family_in_struct_ss="no" 3057 ]) 3058]) 3059if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then 3060 AC_DEFINE([HAVE___SS_FAMILY_IN_SS], [1], 3061 [Fields in struct sockaddr_storage]) 3062fi 3063 3064AC_CACHE_CHECK([for pw_class field in struct passwd], 3065 ac_cv_have_pw_class_in_struct_passwd, [ 3066 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]], 3067 [[ struct passwd p; p.pw_class = 0; ]])], 3068 [ ac_cv_have_pw_class_in_struct_passwd="yes" ], 3069 [ ac_cv_have_pw_class_in_struct_passwd="no" 3070 ]) 3071]) 3072if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then 3073 AC_DEFINE([HAVE_PW_CLASS_IN_PASSWD], [1], 3074 [Define if your password has a pw_class field]) 3075fi 3076 3077AC_CACHE_CHECK([for pw_expire field in struct passwd], 3078 ac_cv_have_pw_expire_in_struct_passwd, [ 3079 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]], 3080 [[ struct passwd p; p.pw_expire = 0; ]])], 3081 [ ac_cv_have_pw_expire_in_struct_passwd="yes" ], 3082 [ ac_cv_have_pw_expire_in_struct_passwd="no" 3083 ]) 3084]) 3085if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then 3086 AC_DEFINE([HAVE_PW_EXPIRE_IN_PASSWD], [1], 3087 [Define if your password has a pw_expire field]) 3088fi 3089 3090AC_CACHE_CHECK([for pw_change field in struct passwd], 3091 ac_cv_have_pw_change_in_struct_passwd, [ 3092 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]], 3093 [[ struct passwd p; p.pw_change = 0; ]])], 3094 [ ac_cv_have_pw_change_in_struct_passwd="yes" ], 3095 [ ac_cv_have_pw_change_in_struct_passwd="no" 3096 ]) 3097]) 3098if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then 3099 AC_DEFINE([HAVE_PW_CHANGE_IN_PASSWD], [1], 3100 [Define if your password has a pw_change field]) 3101fi 3102 3103AC_CACHE_CHECK([for pw_gecos field in struct passwd], 3104 ac_cv_have_pw_gecos_in_struct_passwd, [ 3105 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]], 3106 [[ struct passwd p; p.pw_gecos = 0; ]])], 3107 [ ac_cv_have_pw_gecos_in_struct_passwd="yes" ], 3108 [ ac_cv_have_pw_gecos_in_struct_passwd="no" 3109 ]) 3110]) 3111if test "x$ac_cv_have_pw_gecos_in_struct_passwd" = "xyes" ; then 3112 AC_DEFINE([HAVE_PW_GECOS_IN_PASSWD], [1], 3113 [Define if your password has a pw_gecos field]) 3114fi 3115 3116dnl make sure we're using the real structure members and not defines 3117AC_CACHE_CHECK([for msg_accrights field in struct msghdr], 3118 ac_cv_have_accrights_in_msghdr, [ 3119 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3120#include <sys/types.h> 3121#include <sys/socket.h> 3122#include <sys/uio.h> 3123 ]], [[ 3124#ifdef msg_accrights 3125#error "msg_accrights is a macro" 3126exit(1); 3127#endif 3128struct msghdr m; 3129m.msg_accrights = 0; 3130exit(0); 3131 ]])], 3132 [ ac_cv_have_accrights_in_msghdr="yes" ], 3133 [ ac_cv_have_accrights_in_msghdr="no" ] 3134 ) 3135]) 3136if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then 3137 AC_DEFINE([HAVE_ACCRIGHTS_IN_MSGHDR], [1], 3138 [Define if your system uses access rights style 3139 file descriptor passing]) 3140fi 3141 3142AC_MSG_CHECKING([if struct statvfs.f_fsid is integral type]) 3143AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3144#include <sys/types.h> 3145#include <sys/stat.h> 3146#ifdef HAVE_SYS_TIME_H 3147# include <sys/time.h> 3148#endif 3149#ifdef HAVE_SYS_MOUNT_H 3150#include <sys/mount.h> 3151#endif 3152#ifdef HAVE_SYS_STATVFS_H 3153#include <sys/statvfs.h> 3154#endif 3155 ]], [[ struct statvfs s; s.f_fsid = 0; ]])], 3156 [ AC_MSG_RESULT([yes]) ], 3157 [ AC_MSG_RESULT([no]) 3158 3159 AC_MSG_CHECKING([if fsid_t has member val]) 3160 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3161#include <sys/types.h> 3162#include <sys/statvfs.h> 3163 ]], [[ fsid_t t; t.val[0] = 0; ]])], 3164 [ AC_MSG_RESULT([yes]) 3165 AC_DEFINE([FSID_HAS_VAL], [1], [fsid_t has member val]) ], 3166 [ AC_MSG_RESULT([no]) ]) 3167 3168 AC_MSG_CHECKING([if f_fsid has member __val]) 3169 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3170#include <sys/types.h> 3171#include <sys/statvfs.h> 3172 ]], [[ fsid_t t; t.__val[0] = 0; ]])], 3173 [ AC_MSG_RESULT([yes]) 3174 AC_DEFINE([FSID_HAS___VAL], [1], [fsid_t has member __val]) ], 3175 [ AC_MSG_RESULT([no]) ]) 3176]) 3177 3178AC_CACHE_CHECK([for msg_control field in struct msghdr], 3179 ac_cv_have_control_in_msghdr, [ 3180 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3181#include <sys/types.h> 3182#include <sys/socket.h> 3183#include <sys/uio.h> 3184 ]], [[ 3185#ifdef msg_control 3186#error "msg_control is a macro" 3187exit(1); 3188#endif 3189struct msghdr m; 3190m.msg_control = 0; 3191exit(0); 3192 ]])], 3193 [ ac_cv_have_control_in_msghdr="yes" ], 3194 [ ac_cv_have_control_in_msghdr="no" ] 3195 ) 3196]) 3197if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then 3198 AC_DEFINE([HAVE_CONTROL_IN_MSGHDR], [1], 3199 [Define if your system uses ancillary data style 3200 file descriptor passing]) 3201fi 3202 3203AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [ 3204 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], 3205 [[ extern char *__progname; printf("%s", __progname); ]])], 3206 [ ac_cv_libc_defines___progname="yes" ], 3207 [ ac_cv_libc_defines___progname="no" 3208 ]) 3209]) 3210if test "x$ac_cv_libc_defines___progname" = "xyes" ; then 3211 AC_DEFINE([HAVE___PROGNAME], [1], [Define if libc defines __progname]) 3212fi 3213 3214AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [ 3215 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], 3216 [[ printf("%s", __FUNCTION__); ]])], 3217 [ ac_cv_cc_implements___FUNCTION__="yes" ], 3218 [ ac_cv_cc_implements___FUNCTION__="no" 3219 ]) 3220]) 3221if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then 3222 AC_DEFINE([HAVE___FUNCTION__], [1], 3223 [Define if compiler implements __FUNCTION__]) 3224fi 3225 3226AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [ 3227 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], 3228 [[ printf("%s", __func__); ]])], 3229 [ ac_cv_cc_implements___func__="yes" ], 3230 [ ac_cv_cc_implements___func__="no" 3231 ]) 3232]) 3233if test "x$ac_cv_cc_implements___func__" = "xyes" ; then 3234 AC_DEFINE([HAVE___func__], [1], [Define if compiler implements __func__]) 3235fi 3236 3237AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [ 3238 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3239#include <stdarg.h> 3240va_list x,y; 3241 ]], [[ va_copy(x,y); ]])], 3242 [ ac_cv_have_va_copy="yes" ], 3243 [ ac_cv_have_va_copy="no" 3244 ]) 3245]) 3246if test "x$ac_cv_have_va_copy" = "xyes" ; then 3247 AC_DEFINE([HAVE_VA_COPY], [1], [Define if va_copy exists]) 3248fi 3249 3250AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [ 3251 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3252#include <stdarg.h> 3253va_list x,y; 3254 ]], [[ __va_copy(x,y); ]])], 3255 [ ac_cv_have___va_copy="yes" ], [ ac_cv_have___va_copy="no" 3256 ]) 3257]) 3258if test "x$ac_cv_have___va_copy" = "xyes" ; then 3259 AC_DEFINE([HAVE___VA_COPY], [1], [Define if __va_copy exists]) 3260fi 3261 3262AC_CACHE_CHECK([whether getopt has optreset support], 3263 ac_cv_have_getopt_optreset, [ 3264 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include <getopt.h> ]], 3265 [[ extern int optreset; optreset = 0; ]])], 3266 [ ac_cv_have_getopt_optreset="yes" ], 3267 [ ac_cv_have_getopt_optreset="no" 3268 ]) 3269]) 3270if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then 3271 AC_DEFINE([HAVE_GETOPT_OPTRESET], [1], 3272 [Define if your getopt(3) defines and uses optreset]) 3273fi 3274 3275AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [ 3276 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], 3277[[ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);]])], 3278 [ ac_cv_libc_defines_sys_errlist="yes" ], 3279 [ ac_cv_libc_defines_sys_errlist="no" 3280 ]) 3281]) 3282if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then 3283 AC_DEFINE([HAVE_SYS_ERRLIST], [1], 3284 [Define if your system defines sys_errlist[]]) 3285fi 3286 3287 3288AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [ 3289 AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], 3290[[ extern int sys_nerr; printf("%i", sys_nerr);]])], 3291 [ ac_cv_libc_defines_sys_nerr="yes" ], 3292 [ ac_cv_libc_defines_sys_nerr="no" 3293 ]) 3294]) 3295if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then 3296 AC_DEFINE([HAVE_SYS_NERR], [1], [Define if your system defines sys_nerr]) 3297fi 3298 3299# Check libraries needed by DNS fingerprint support 3300AC_SEARCH_LIBS([getrrsetbyname], [resolv], 3301 [AC_DEFINE([HAVE_GETRRSETBYNAME], [1], 3302 [Define if getrrsetbyname() exists])], 3303 [ 3304 # Needed by our getrrsetbyname() 3305 AC_SEARCH_LIBS([res_query], [resolv]) 3306 AC_SEARCH_LIBS([dn_expand], [resolv]) 3307 AC_MSG_CHECKING([if res_query will link]) 3308 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3309#include <sys/types.h> 3310#include <netinet/in.h> 3311#include <arpa/nameser.h> 3312#include <netdb.h> 3313#include <resolv.h> 3314 ]], [[ 3315 res_query (0, 0, 0, 0, 0); 3316 ]])], 3317 AC_MSG_RESULT([yes]), 3318 [AC_MSG_RESULT([no]) 3319 saved_LIBS="$LIBS" 3320 LIBS="$LIBS -lresolv" 3321 AC_MSG_CHECKING([for res_query in -lresolv]) 3322 AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3323#include <sys/types.h> 3324#include <netinet/in.h> 3325#include <arpa/nameser.h> 3326#include <netdb.h> 3327#include <resolv.h> 3328 ]], [[ 3329 res_query (0, 0, 0, 0, 0); 3330 ]])], 3331 [AC_MSG_RESULT([yes])], 3332 [LIBS="$saved_LIBS" 3333 AC_MSG_RESULT([no])]) 3334 ]) 3335 AC_CHECK_FUNCS([_getshort _getlong]) 3336 AC_CHECK_DECLS([_getshort, _getlong], , , 3337 [#include <sys/types.h> 3338 #include <arpa/nameser.h>]) 3339 AC_CHECK_MEMBER([HEADER.ad], 3340 [AC_DEFINE([HAVE_HEADER_AD], [1], 3341 [Define if HEADER.ad exists in arpa/nameser.h])], , 3342 [#include <arpa/nameser.h>]) 3343 ]) 3344 3345AC_MSG_CHECKING([if struct __res_state _res is an extern]) 3346AC_LINK_IFELSE([AC_LANG_PROGRAM([[ 3347#include <stdio.h> 3348#if HAVE_SYS_TYPES_H 3349# include <sys/types.h> 3350#endif 3351#include <netinet/in.h> 3352#include <arpa/nameser.h> 3353#include <resolv.h> 3354extern struct __res_state _res; 3355 ]], [[ ]])], 3356 [AC_MSG_RESULT([yes]) 3357 AC_DEFINE([HAVE__RES_EXTERN], [1], 3358 [Define if you have struct __res_state _res as an extern]) 3359 ], 3360 [ AC_MSG_RESULT([no]) ] 3361) 3362 3363# Check whether user wants SELinux support 3364SELINUX_MSG="no" 3365LIBSELINUX="" 3366AC_ARG_WITH([selinux], 3367 [ --with-selinux Enable SELinux support], 3368 [ if test "x$withval" != "xno" ; then 3369 save_LIBS="$LIBS" 3370 AC_DEFINE([WITH_SELINUX], [1], 3371 [Define if you want SELinux support.]) 3372 SELINUX_MSG="yes" 3373 AC_CHECK_HEADER([selinux/selinux.h], , 3374 AC_MSG_ERROR([SELinux support requires selinux.h header])) 3375 AC_CHECK_LIB([selinux], [setexeccon], 3376 [ LIBSELINUX="-lselinux" 3377 LIBS="$LIBS -lselinux" 3378 ], 3379 AC_MSG_ERROR([SELinux support requires libselinux library])) 3380 SSHLIBS="$SSHLIBS $LIBSELINUX" 3381 SSHDLIBS="$SSHDLIBS $LIBSELINUX" 3382 AC_CHECK_FUNCS([getseuserbyname get_default_context_with_level]) 3383 LIBS="$save_LIBS" 3384 fi ] 3385) 3386AC_SUBST([SSHLIBS]) 3387AC_SUBST([SSHDLIBS]) 3388 3389# Check whether user wants Kerberos 5 support 3390KRB5_MSG="no" 3391AC_ARG_WITH([kerberos5], 3392 [ --with-kerberos5=PATH Enable Kerberos 5 support], 3393 [ if test "x$withval" != "xno" ; then 3394 if test "x$withval" = "xyes" ; then 3395 KRB5ROOT="/usr/local" 3396 else 3397 KRB5ROOT=${withval} 3398 fi 3399 3400 AC_DEFINE([KRB5], [1], [Define if you want Kerberos 5 support]) 3401 KRB5_MSG="yes" 3402 3403 AC_PATH_PROG([KRB5CONF], [krb5-config], 3404 [$KRB5ROOT/bin/krb5-config], 3405 [$KRB5ROOT/bin:$PATH]) 3406 if test -x $KRB5CONF ; then 3407 3408 AC_MSG_CHECKING([for gssapi support]) 3409 if $KRB5CONF | grep gssapi >/dev/null ; then 3410 AC_MSG_RESULT([yes]) 3411 AC_DEFINE([GSSAPI], [1], 3412 [Define this if you want GSSAPI 3413 support in the version 2 protocol]) 3414 k5confopts=gssapi 3415 else 3416 AC_MSG_RESULT([no]) 3417 k5confopts="" 3418 fi 3419 K5CFLAGS="`$KRB5CONF --cflags $k5confopts`" 3420 K5LIBS="`$KRB5CONF --libs $k5confopts`" 3421 CPPFLAGS="$CPPFLAGS $K5CFLAGS" 3422 AC_MSG_CHECKING([whether we are using Heimdal]) 3423 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <krb5.h> 3424 ]], [[ char *tmp = heimdal_version; ]])], 3425 [ AC_MSG_RESULT([yes]) 3426 AC_DEFINE([HEIMDAL], [1], 3427 [Define this if you are using the Heimdal 3428 version of Kerberos V5]) ], 3429 [AC_MSG_RESULT([no]) 3430 ]) 3431 else 3432 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include" 3433 LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib" 3434 AC_MSG_CHECKING([whether we are using Heimdal]) 3435 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <krb5.h> 3436 ]], [[ char *tmp = heimdal_version; ]])], 3437 [ AC_MSG_RESULT([yes]) 3438 AC_DEFINE([HEIMDAL]) 3439 K5LIBS="-lkrb5" 3440 K5LIBS="$K5LIBS -lcom_err -lasn1" 3441 AC_CHECK_LIB([roken], [net_write], 3442 [K5LIBS="$K5LIBS -lroken"]) 3443 AC_CHECK_LIB([des], [des_cbc_encrypt], 3444 [K5LIBS="$K5LIBS -ldes"]) 3445 ], [ AC_MSG_RESULT([no]) 3446 K5LIBS="-lkrb5 -lk5crypto -lcom_err" 3447 3448 ]) 3449 AC_SEARCH_LIBS([dn_expand], [resolv]) 3450 3451 AC_CHECK_LIB([gssapi_krb5], [gss_init_sec_context], 3452 [ AC_DEFINE([GSSAPI]) 3453 K5LIBS="-lgssapi_krb5 $K5LIBS" ], 3454 [ AC_CHECK_LIB([gssapi], [gss_init_sec_context], 3455 [ AC_DEFINE([GSSAPI]) 3456 K5LIBS="-lgssapi $K5LIBS" ], 3457 AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]), 3458 $K5LIBS) 3459 ], 3460 $K5LIBS) 3461 3462 AC_CHECK_HEADER([gssapi.h], , 3463 [ unset ac_cv_header_gssapi_h 3464 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3465 AC_CHECK_HEADERS([gssapi.h], , 3466 AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail]) 3467 ) 3468 ] 3469 ) 3470 3471 oldCPP="$CPPFLAGS" 3472 CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi" 3473 AC_CHECK_HEADER([gssapi_krb5.h], , 3474 [ CPPFLAGS="$oldCPP" ]) 3475 3476 fi 3477 if test ! -z "$need_dash_r" ; then 3478 LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib" 3479 fi 3480 if test ! -z "$blibpath" ; then 3481 blibpath="$blibpath:${KRB5ROOT}/lib" 3482 fi 3483 3484 AC_CHECK_HEADERS([gssapi.h gssapi/gssapi.h]) 3485 AC_CHECK_HEADERS([gssapi_krb5.h gssapi/gssapi_krb5.h]) 3486 AC_CHECK_HEADERS([gssapi_generic.h gssapi/gssapi_generic.h]) 3487 3488 LIBS="$LIBS $K5LIBS" 3489 AC_SEARCH_LIBS([k_hasafs], [kafs], [AC_DEFINE([USE_AFS], [1], 3490 [Define this if you want to use libkafs' AFS support])]) 3491 fi 3492 ] 3493) 3494 3495# Looking for programs, paths and files 3496 3497PRIVSEP_PATH=/var/empty 3498AC_ARG_WITH([privsep-path], 3499 [ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)], 3500 [ 3501 if test -n "$withval" && test "x$withval" != "xno" && \ 3502 test "x${withval}" != "xyes"; then 3503 PRIVSEP_PATH=$withval 3504 fi 3505 ] 3506) 3507AC_SUBST([PRIVSEP_PATH]) 3508 3509AC_ARG_WITH([xauth], 3510 [ --with-xauth=PATH Specify path to xauth program ], 3511 [ 3512 if test -n "$withval" && test "x$withval" != "xno" && \ 3513 test "x${withval}" != "xyes"; then 3514 xauth_path=$withval 3515 fi 3516 ], 3517 [ 3518 TestPath="$PATH" 3519 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin" 3520 TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11" 3521 TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin" 3522 TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin" 3523 AC_PATH_PROG([xauth_path], [xauth], , [$TestPath]) 3524 if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then 3525 xauth_path="/usr/openwin/bin/xauth" 3526 fi 3527 ] 3528) 3529 3530STRIP_OPT=-s 3531AC_ARG_ENABLE([strip], 3532 [ --disable-strip Disable calling strip(1) on install], 3533 [ 3534 if test "x$enableval" = "xno" ; then 3535 STRIP_OPT= 3536 fi 3537 ] 3538) 3539AC_SUBST([STRIP_OPT]) 3540 3541if test -z "$xauth_path" ; then 3542 XAUTH_PATH="undefined" 3543 AC_SUBST([XAUTH_PATH]) 3544else 3545 AC_DEFINE_UNQUOTED([XAUTH_PATH], ["$xauth_path"], 3546 [Define if xauth is found in your path]) 3547 XAUTH_PATH=$xauth_path 3548 AC_SUBST([XAUTH_PATH]) 3549fi 3550 3551dnl # --with-maildir=/path/to/mail gets top priority. 3552dnl # if maildir is set in the platform case statement above we use that. 3553dnl # Otherwise we run a program to get the dir from system headers. 3554dnl # We first look for _PATH_MAILDIR then MAILDIR then _PATH_MAIL 3555dnl # If we find _PATH_MAILDIR we do nothing because that is what 3556dnl # session.c expects anyway. Otherwise we set to the value found 3557dnl # stripping any trailing slash. If for some strage reason our program 3558dnl # does not find what it needs, we default to /var/spool/mail. 3559# Check for mail directory 3560AC_ARG_WITH([maildir], 3561 [ --with-maildir=/path/to/mail Specify your system mail directory], 3562 [ 3563 if test "X$withval" != X && test "x$withval" != xno && \ 3564 test "x${withval}" != xyes; then 3565 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$withval"], 3566 [Set this to your mail directory if you do not have _PATH_MAILDIR]) 3567 fi 3568 ],[ 3569 if test "X$maildir" != "X"; then 3570 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$maildir"]) 3571 else 3572 AC_MSG_CHECKING([Discovering system mail directory]) 3573 AC_RUN_IFELSE( 3574 [AC_LANG_PROGRAM([[ 3575#include <stdio.h> 3576#include <string.h> 3577#ifdef HAVE_PATHS_H 3578#include <paths.h> 3579#endif 3580#ifdef HAVE_MAILLOCK_H 3581#include <maillock.h> 3582#endif 3583#define DATA "conftest.maildir" 3584 ]], [[ 3585 FILE *fd; 3586 int rc; 3587 3588 fd = fopen(DATA,"w"); 3589 if(fd == NULL) 3590 exit(1); 3591 3592#if defined (_PATH_MAILDIR) 3593 if ((rc = fprintf(fd ,"_PATH_MAILDIR:%s\n", _PATH_MAILDIR)) <0) 3594 exit(1); 3595#elif defined (MAILDIR) 3596 if ((rc = fprintf(fd ,"MAILDIR:%s\n", MAILDIR)) <0) 3597 exit(1); 3598#elif defined (_PATH_MAIL) 3599 if ((rc = fprintf(fd ,"_PATH_MAIL:%s\n", _PATH_MAIL)) <0) 3600 exit(1); 3601#else 3602 exit (2); 3603#endif 3604 3605 exit(0); 3606 ]])], 3607 [ 3608 maildir_what=`awk -F: '{print $1}' conftest.maildir` 3609 maildir=`awk -F: '{print $2}' conftest.maildir \ 3610 | sed 's|/$||'` 3611 AC_MSG_RESULT([Using: $maildir from $maildir_what]) 3612 if test "x$maildir_what" != "x_PATH_MAILDIR"; then 3613 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["$maildir"]) 3614 fi 3615 ], 3616 [ 3617 if test "X$ac_status" = "X2";then 3618# our test program didn't find it. Default to /var/spool/mail 3619 AC_MSG_RESULT([Using: default value of /var/spool/mail]) 3620 AC_DEFINE_UNQUOTED([MAIL_DIRECTORY], ["/var/spool/mail"]) 3621 else 3622 AC_MSG_RESULT([*** not found ***]) 3623 fi 3624 ], 3625 [ 3626 AC_MSG_WARN([cross compiling: use --with-maildir=/path/to/mail]) 3627 ] 3628 ) 3629 fi 3630 ] 3631) # maildir 3632 3633if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then 3634 AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test]) 3635 disable_ptmx_check=yes 3636fi 3637if test -z "$no_dev_ptmx" ; then 3638 if test "x$disable_ptmx_check" != "xyes" ; then 3639 AC_CHECK_FILE(["/dev/ptmx"], 3640 [ 3641 AC_DEFINE_UNQUOTED([HAVE_DEV_PTMX], [1], 3642 [Define if you have /dev/ptmx]) 3643 have_dev_ptmx=1 3644 ] 3645 ) 3646 fi 3647fi 3648 3649if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then 3650 AC_CHECK_FILE(["/dev/ptc"], 3651 [ 3652 AC_DEFINE_UNQUOTED([HAVE_DEV_PTS_AND_PTC], [1], 3653 [Define if you have /dev/ptc]) 3654 have_dev_ptc=1 3655 ] 3656 ) 3657else 3658 AC_MSG_WARN([cross compiling: Disabling /dev/ptc test]) 3659fi 3660 3661# Options from here on. Some of these are preset by platform above 3662AC_ARG_WITH([mantype], 3663 [ --with-mantype=man|cat|doc Set man page type], 3664 [ 3665 case "$withval" in 3666 man|cat|doc) 3667 MANTYPE=$withval 3668 ;; 3669 *) 3670 AC_MSG_ERROR([invalid man type: $withval]) 3671 ;; 3672 esac 3673 ] 3674) 3675if test -z "$MANTYPE"; then 3676 TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb" 3677 AC_PATH_PROGS([NROFF], [nroff awf], [/bin/false], [$TestPath]) 3678 if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then 3679 MANTYPE=doc 3680 elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then 3681 MANTYPE=man 3682 else 3683 MANTYPE=cat 3684 fi 3685fi 3686AC_SUBST([MANTYPE]) 3687if test "$MANTYPE" = "doc"; then 3688 mansubdir=man; 3689else 3690 mansubdir=$MANTYPE; 3691fi 3692AC_SUBST([mansubdir]) 3693 3694# Check whether to enable MD5 passwords 3695MD5_MSG="no" 3696AC_ARG_WITH([md5-passwords], 3697 [ --with-md5-passwords Enable use of MD5 passwords], 3698 [ 3699 if test "x$withval" != "xno" ; then 3700 AC_DEFINE([HAVE_MD5_PASSWORDS], [1], 3701 [Define if you want to allow MD5 passwords]) 3702 MD5_MSG="yes" 3703 fi 3704 ] 3705) 3706 3707# Whether to disable shadow password support 3708AC_ARG_WITH([shadow], 3709 [ --without-shadow Disable shadow password support], 3710 [ 3711 if test "x$withval" = "xno" ; then 3712 AC_DEFINE([DISABLE_SHADOW]) 3713 disable_shadow=yes 3714 fi 3715 ] 3716) 3717 3718if test -z "$disable_shadow" ; then 3719 AC_MSG_CHECKING([if the systems has expire shadow information]) 3720 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 3721#include <sys/types.h> 3722#include <shadow.h> 3723struct spwd sp; 3724 ]], [[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ]])], 3725 [ sp_expire_available=yes ], [ 3726 ]) 3727 3728 if test "x$sp_expire_available" = "xyes" ; then 3729 AC_MSG_RESULT([yes]) 3730 AC_DEFINE([HAS_SHADOW_EXPIRE], [1], 3731 [Define if you want to use shadow password expire field]) 3732 else 3733 AC_MSG_RESULT([no]) 3734 fi 3735fi 3736 3737# Use ip address instead of hostname in $DISPLAY 3738if test ! -z "$IPADDR_IN_DISPLAY" ; then 3739 DISPLAY_HACK_MSG="yes" 3740 AC_DEFINE([IPADDR_IN_DISPLAY], [1], 3741 [Define if you need to use IP address 3742 instead of hostname in $DISPLAY]) 3743else 3744 DISPLAY_HACK_MSG="no" 3745 AC_ARG_WITH([ipaddr-display], 3746 [ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY], 3747 [ 3748 if test "x$withval" != "xno" ; then 3749 AC_DEFINE([IPADDR_IN_DISPLAY]) 3750 DISPLAY_HACK_MSG="yes" 3751 fi 3752 ] 3753 ) 3754fi 3755 3756# check for /etc/default/login and use it if present. 3757AC_ARG_ENABLE([etc-default-login], 3758 [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]], 3759 [ if test "x$enableval" = "xno"; then 3760 AC_MSG_NOTICE([/etc/default/login handling disabled]) 3761 etc_default_login=no 3762 else 3763 etc_default_login=yes 3764 fi ], 3765 [ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; 3766 then 3767 AC_MSG_WARN([cross compiling: not checking /etc/default/login]) 3768 etc_default_login=no 3769 else 3770 etc_default_login=yes 3771 fi ] 3772) 3773 3774if test "x$etc_default_login" != "xno"; then 3775 AC_CHECK_FILE(["/etc/default/login"], 3776 [ external_path_file=/etc/default/login ]) 3777 if test "x$external_path_file" = "x/etc/default/login"; then 3778 AC_DEFINE([HAVE_ETC_DEFAULT_LOGIN], [1], 3779 [Define if your system has /etc/default/login]) 3780 fi 3781fi 3782 3783dnl BSD systems use /etc/login.conf so --with-default-path= has no effect 3784if test $ac_cv_func_login_getcapbool = "yes" && \ 3785 test $ac_cv_header_login_cap_h = "yes" ; then 3786 external_path_file=/etc/login.conf 3787fi 3788 3789# Whether to mess with the default path 3790SERVER_PATH_MSG="(default)" 3791AC_ARG_WITH([default-path], 3792 [ --with-default-path= Specify default \$PATH environment for server], 3793 [ 3794 if test "x$external_path_file" = "x/etc/login.conf" ; then 3795 AC_MSG_WARN([ 3796--with-default-path=PATH has no effect on this system. 3797Edit /etc/login.conf instead.]) 3798 elif test "x$withval" != "xno" ; then 3799 if test ! -z "$external_path_file" ; then 3800 AC_MSG_WARN([ 3801--with-default-path=PATH will only be used if PATH is not defined in 3802$external_path_file .]) 3803 fi 3804 user_path="$withval" 3805 SERVER_PATH_MSG="$withval" 3806 fi 3807 ], 3808 [ if test "x$external_path_file" = "x/etc/login.conf" ; then 3809 AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf]) 3810 else 3811 if test ! -z "$external_path_file" ; then 3812 AC_MSG_WARN([ 3813If PATH is defined in $external_path_file, ensure the path to scp is included, 3814otherwise scp will not work.]) 3815 fi 3816 AC_RUN_IFELSE( 3817 [AC_LANG_PROGRAM([[ 3818/* find out what STDPATH is */ 3819#include <stdio.h> 3820#ifdef HAVE_PATHS_H 3821# include <paths.h> 3822#endif 3823#ifndef _PATH_STDPATH 3824# ifdef _PATH_USERPATH /* Irix */ 3825# define _PATH_STDPATH _PATH_USERPATH 3826# else 3827# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin" 3828# endif 3829#endif 3830#include <sys/types.h> 3831#include <sys/stat.h> 3832#include <fcntl.h> 3833#define DATA "conftest.stdpath" 3834 ]], [[ 3835 FILE *fd; 3836 int rc; 3837 3838 fd = fopen(DATA,"w"); 3839 if(fd == NULL) 3840 exit(1); 3841 3842 if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0) 3843 exit(1); 3844 3845 exit(0); 3846 ]])], 3847 [ user_path=`cat conftest.stdpath` ], 3848 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ], 3849 [ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ] 3850 ) 3851# make sure $bindir is in USER_PATH so scp will work 3852 t_bindir=`eval echo ${bindir}` 3853 case $t_bindir in 3854 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;; 3855 esac 3856 case $t_bindir in 3857 NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;; 3858 esac 3859 echo $user_path | grep ":$t_bindir" > /dev/null 2>&1 3860 if test $? -ne 0 ; then 3861 echo $user_path | grep "^$t_bindir" > /dev/null 2>&1 3862 if test $? -ne 0 ; then 3863 user_path=$user_path:$t_bindir 3864 AC_MSG_RESULT([Adding $t_bindir to USER_PATH so scp will work]) 3865 fi 3866 fi 3867 fi ] 3868) 3869if test "x$external_path_file" != "x/etc/login.conf" ; then 3870 AC_DEFINE_UNQUOTED([USER_PATH], ["$user_path"], [Specify default $PATH]) 3871 AC_SUBST([user_path]) 3872fi 3873 3874# Set superuser path separately to user path 3875AC_ARG_WITH([superuser-path], 3876 [ --with-superuser-path= Specify different path for super-user], 3877 [ 3878 if test -n "$withval" && test "x$withval" != "xno" && \ 3879 test "x${withval}" != "xyes"; then 3880 AC_DEFINE_UNQUOTED([SUPERUSER_PATH], ["$withval"], 3881 [Define if you want a different $PATH 3882 for the superuser]) 3883 superuser_path=$withval 3884 fi 3885 ] 3886) 3887 3888 3889AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses]) 3890IPV4_IN6_HACK_MSG="no" 3891AC_ARG_WITH(4in6, 3892 [ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses], 3893 [ 3894 if test "x$withval" != "xno" ; then 3895 AC_MSG_RESULT([yes]) 3896 AC_DEFINE([IPV4_IN_IPV6], [1], 3897 [Detect IPv4 in IPv6 mapped addresses 3898 and treat as IPv4]) 3899 IPV4_IN6_HACK_MSG="yes" 3900 else 3901 AC_MSG_RESULT([no]) 3902 fi 3903 ], [ 3904 if test "x$inet6_default_4in6" = "xyes"; then 3905 AC_MSG_RESULT([yes (default)]) 3906 AC_DEFINE([IPV4_IN_IPV6]) 3907 IPV4_IN6_HACK_MSG="yes" 3908 else 3909 AC_MSG_RESULT([no (default)]) 3910 fi 3911 ] 3912) 3913 3914# Whether to enable BSD auth support 3915BSD_AUTH_MSG=no 3916AC_ARG_WITH([bsd-auth], 3917 [ --with-bsd-auth Enable BSD auth support], 3918 [ 3919 if test "x$withval" != "xno" ; then 3920 AC_DEFINE([BSD_AUTH], [1], 3921 [Define if you have BSD auth support]) 3922 BSD_AUTH_MSG=yes 3923 fi 3924 ] 3925) 3926 3927# Where to place sshd.pid 3928piddir=/var/run 3929# make sure the directory exists 3930if test ! -d $piddir ; then 3931 piddir=`eval echo ${sysconfdir}` 3932 case $piddir in 3933 NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; 3934 esac 3935fi 3936 3937AC_ARG_WITH([pid-dir], 3938 [ --with-pid-dir=PATH Specify location of ssh.pid file], 3939 [ 3940 if test -n "$withval" && test "x$withval" != "xno" && \ 3941 test "x${withval}" != "xyes"; then 3942 piddir=$withval 3943 if test ! -d $piddir ; then 3944 AC_MSG_WARN([** no $piddir directory on this system **]) 3945 fi 3946 fi 3947 ] 3948) 3949 3950AC_DEFINE_UNQUOTED([_PATH_SSH_PIDDIR], ["$piddir"], 3951 [Specify location of ssh.pid]) 3952AC_SUBST([piddir]) 3953 3954dnl allow user to disable some login recording features 3955AC_ARG_ENABLE([lastlog], 3956 [ --disable-lastlog disable use of lastlog even if detected [no]], 3957 [ 3958 if test "x$enableval" = "xno" ; then 3959 AC_DEFINE([DISABLE_LASTLOG]) 3960 fi 3961 ] 3962) 3963AC_ARG_ENABLE([utmp], 3964 [ --disable-utmp disable use of utmp even if detected [no]], 3965 [ 3966 if test "x$enableval" = "xno" ; then 3967 AC_DEFINE([DISABLE_UTMP]) 3968 fi 3969 ] 3970) 3971AC_ARG_ENABLE([utmpx], 3972 [ --disable-utmpx disable use of utmpx even if detected [no]], 3973 [ 3974 if test "x$enableval" = "xno" ; then 3975 AC_DEFINE([DISABLE_UTMPX], [1], 3976 [Define if you don't want to use utmpx]) 3977 fi 3978 ] 3979) 3980AC_ARG_ENABLE([wtmp], 3981 [ --disable-wtmp disable use of wtmp even if detected [no]], 3982 [ 3983 if test "x$enableval" = "xno" ; then 3984 AC_DEFINE([DISABLE_WTMP]) 3985 fi 3986 ] 3987) 3988AC_ARG_ENABLE([wtmpx], 3989 [ --disable-wtmpx disable use of wtmpx even if detected [no]], 3990 [ 3991 if test "x$enableval" = "xno" ; then 3992 AC_DEFINE([DISABLE_WTMPX], [1], 3993 [Define if you don't want to use wtmpx]) 3994 fi 3995 ] 3996) 3997AC_ARG_ENABLE([libutil], 3998 [ --disable-libutil disable use of libutil (login() etc.) [no]], 3999 [ 4000 if test "x$enableval" = "xno" ; then 4001 AC_DEFINE([DISABLE_LOGIN]) 4002 fi 4003 ] 4004) 4005AC_ARG_ENABLE([pututline], 4006 [ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]], 4007 [ 4008 if test "x$enableval" = "xno" ; then 4009 AC_DEFINE([DISABLE_PUTUTLINE], [1], 4010 [Define if you don't want to use pututline() 4011 etc. to write [uw]tmp]) 4012 fi 4013 ] 4014) 4015AC_ARG_ENABLE([pututxline], 4016 [ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]], 4017 [ 4018 if test "x$enableval" = "xno" ; then 4019 AC_DEFINE([DISABLE_PUTUTXLINE], [1], 4020 [Define if you don't want to use pututxline() 4021 etc. to write [uw]tmpx]) 4022 fi 4023 ] 4024) 4025AC_ARG_WITH([lastlog], 4026 [ --with-lastlog=FILE|DIR specify lastlog location [common locations]], 4027 [ 4028 if test "x$withval" = "xno" ; then 4029 AC_DEFINE([DISABLE_LASTLOG]) 4030 elif test -n "$withval" && test "x${withval}" != "xyes"; then 4031 conf_lastlog_location=$withval 4032 fi 4033 ] 4034) 4035 4036dnl lastlog, [uw]tmpx? detection 4037dnl NOTE: set the paths in the platform section to avoid the 4038dnl need for command-line parameters 4039dnl lastlog and [uw]tmp are subject to a file search if all else fails 4040 4041dnl lastlog detection 4042dnl NOTE: the code itself will detect if lastlog is a directory 4043AC_MSG_CHECKING([if your system defines LASTLOG_FILE]) 4044AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4045#include <sys/types.h> 4046#include <utmp.h> 4047#ifdef HAVE_LASTLOG_H 4048# include <lastlog.h> 4049#endif 4050#ifdef HAVE_PATHS_H 4051# include <paths.h> 4052#endif 4053#ifdef HAVE_LOGIN_H 4054# include <login.h> 4055#endif 4056 ]], [[ char *lastlog = LASTLOG_FILE; ]])], 4057 [ AC_MSG_RESULT([yes]) ], 4058 [ 4059 AC_MSG_RESULT([no]) 4060 AC_MSG_CHECKING([if your system defines _PATH_LASTLOG]) 4061 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4062#include <sys/types.h> 4063#include <utmp.h> 4064#ifdef HAVE_LASTLOG_H 4065# include <lastlog.h> 4066#endif 4067#ifdef HAVE_PATHS_H 4068# include <paths.h> 4069#endif 4070 ]], [[ char *lastlog = _PATH_LASTLOG; ]])], 4071 [ AC_MSG_RESULT([yes]) ], 4072 [ 4073 AC_MSG_RESULT([no]) 4074 system_lastlog_path=no 4075 ]) 4076]) 4077 4078if test -z "$conf_lastlog_location"; then 4079 if test x"$system_lastlog_path" = x"no" ; then 4080 for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do 4081 if (test -d "$f" || test -f "$f") ; then 4082 conf_lastlog_location=$f 4083 fi 4084 done 4085 if test -z "$conf_lastlog_location"; then 4086 AC_MSG_WARN([** Cannot find lastlog **]) 4087 dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx 4088 fi 4089 fi 4090fi 4091 4092if test -n "$conf_lastlog_location"; then 4093 AC_DEFINE_UNQUOTED([CONF_LASTLOG_FILE], ["$conf_lastlog_location"], 4094 [Define if you want to specify the path to your lastlog file]) 4095fi 4096 4097dnl utmp detection 4098AC_MSG_CHECKING([if your system defines UTMP_FILE]) 4099AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4100#include <sys/types.h> 4101#include <utmp.h> 4102#ifdef HAVE_PATHS_H 4103# include <paths.h> 4104#endif 4105 ]], [[ char *utmp = UTMP_FILE; ]])], 4106 [ AC_MSG_RESULT([yes]) ], 4107 [ AC_MSG_RESULT([no]) 4108 system_utmp_path=no 4109]) 4110if test -z "$conf_utmp_location"; then 4111 if test x"$system_utmp_path" = x"no" ; then 4112 for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do 4113 if test -f $f ; then 4114 conf_utmp_location=$f 4115 fi 4116 done 4117 if test -z "$conf_utmp_location"; then 4118 AC_DEFINE([DISABLE_UTMP]) 4119 fi 4120 fi 4121fi 4122if test -n "$conf_utmp_location"; then 4123 AC_DEFINE_UNQUOTED([CONF_UTMP_FILE], ["$conf_utmp_location"], 4124 [Define if you want to specify the path to your utmp file]) 4125fi 4126 4127dnl wtmp detection 4128AC_MSG_CHECKING([if your system defines WTMP_FILE]) 4129AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4130#include <sys/types.h> 4131#include <utmp.h> 4132#ifdef HAVE_PATHS_H 4133# include <paths.h> 4134#endif 4135 ]], [[ char *wtmp = WTMP_FILE; ]])], 4136 [ AC_MSG_RESULT([yes]) ], 4137 [ AC_MSG_RESULT([no]) 4138 system_wtmp_path=no 4139]) 4140if test -z "$conf_wtmp_location"; then 4141 if test x"$system_wtmp_path" = x"no" ; then 4142 for f in /usr/adm/wtmp /var/log/wtmp; do 4143 if test -f $f ; then 4144 conf_wtmp_location=$f 4145 fi 4146 done 4147 if test -z "$conf_wtmp_location"; then 4148 AC_DEFINE([DISABLE_WTMP]) 4149 fi 4150 fi 4151fi 4152if test -n "$conf_wtmp_location"; then 4153 AC_DEFINE_UNQUOTED([CONF_WTMP_FILE], ["$conf_wtmp_location"], 4154 [Define if you want to specify the path to your wtmp file]) 4155fi 4156 4157 4158dnl wtmpx detection 4159AC_MSG_CHECKING([if your system defines WTMPX_FILE]) 4160AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ 4161#include <sys/types.h> 4162#include <utmp.h> 4163#ifdef HAVE_UTMPX_H 4164#include <utmpx.h> 4165#endif 4166#ifdef HAVE_PATHS_H 4167# include <paths.h> 4168#endif 4169 ]], [[ char *wtmpx = WTMPX_FILE; ]])], 4170 [ AC_MSG_RESULT([yes]) ], 4171 [ AC_MSG_RESULT([no]) 4172 system_wtmpx_path=no 4173]) 4174if test -z "$conf_wtmpx_location"; then 4175 if test x"$system_wtmpx_path" = x"no" ; then 4176 AC_DEFINE([DISABLE_WTMPX]) 4177 fi 4178else 4179 AC_DEFINE_UNQUOTED([CONF_WTMPX_FILE], ["$conf_wtmpx_location"], 4180 [Define if you want to specify the path to your wtmpx file]) 4181fi 4182 4183 4184if test ! -z "$blibpath" ; then 4185 LDFLAGS="$LDFLAGS $blibflags$blibpath" 4186 AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile]) 4187fi 4188 4189dnl Adding -Werror to CFLAGS early prevents configure tests from running. 4190dnl Add now. 4191CFLAGS="$CFLAGS $werror_flags" 4192 4193if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then 4194 TEST_SSH_IPV6=no 4195else 4196 TEST_SSH_IPV6=yes 4197fi 4198AC_CHECK_DECL([BROKEN_GETADDRINFO], [TEST_SSH_IPV6=no]) 4199AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6]) 4200 4201AC_EXEEXT 4202AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ 4203 openbsd-compat/Makefile openbsd-compat/regress/Makefile \ 4204 survey.sh]) 4205AC_OUTPUT 4206 4207# Print summary of options 4208 4209# Someone please show me a better way :) 4210A=`eval echo ${prefix}` ; A=`eval echo ${A}` 4211B=`eval echo ${bindir}` ; B=`eval echo ${B}` 4212C=`eval echo ${sbindir}` ; C=`eval echo ${C}` 4213D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}` 4214E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}` 4215F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}` 4216G=`eval echo ${piddir}` ; G=`eval echo ${G}` 4217H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}` 4218I=`eval echo ${user_path}` ; I=`eval echo ${I}` 4219J=`eval echo ${superuser_path}` ; J=`eval echo ${J}` 4220 4221echo "" 4222echo "OpenSSH has been configured with the following options:" 4223echo " User binaries: $B" 4224echo " System binaries: $C" 4225echo " Configuration files: $D" 4226echo " Askpass program: $E" 4227echo " Manual pages: $F" 4228echo " PID file: $G" 4229echo " Privilege separation chroot path: $H" 4230if test "x$external_path_file" = "x/etc/login.conf" ; then 4231echo " At runtime, sshd will use the path defined in $external_path_file" 4232echo " Make sure the path to scp is present, otherwise scp will not work" 4233else 4234echo " sshd default user PATH: $I" 4235 if test ! -z "$external_path_file"; then 4236echo " (If PATH is set in $external_path_file it will be used instead. If" 4237echo " used, ensure the path to scp is present, otherwise scp will not work.)" 4238 fi 4239fi 4240if test ! -z "$superuser_path" ; then 4241echo " sshd superuser user PATH: $J" 4242fi 4243echo " Manpage format: $MANTYPE" 4244echo " PAM support: $PAM_MSG" 4245echo " OSF SIA support: $SIA_MSG" 4246echo " KerberosV support: $KRB5_MSG" 4247echo " SELinux support: $SELINUX_MSG" 4248echo " Smartcard support: $SCARD_MSG" 4249echo " S/KEY support: $SKEY_MSG" 4250echo " TCP Wrappers support: $TCPW_MSG" 4251echo " MD5 password support: $MD5_MSG" 4252echo " libedit support: $LIBEDIT_MSG" 4253echo " Solaris process contract support: $SPC_MSG" 4254echo " Solaris project support: $SP_MSG" 4255echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4256echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4257echo " BSD Auth support: $BSD_AUTH_MSG" 4258echo " Random number source: $RAND_MSG" 4259echo " Privsep sandbox style: $SANDBOX_STYLE" 4260 4261echo "" 4262 4263echo " Host: ${host}" 4264echo " Compiler: ${CC}" 4265echo " Compiler flags: ${CFLAGS}" 4266echo "Preprocessor flags: ${CPPFLAGS}" 4267echo " Linker flags: ${LDFLAGS}" 4268echo " Libraries: ${LIBS}" 4269if test ! -z "${SSHDLIBS}"; then 4270echo " +for sshd: ${SSHDLIBS}" 4271fi 4272if test ! -z "${SSHLIBS}"; then 4273echo " +for ssh: ${SSHLIBS}" 4274fi 4275 4276echo "" 4277 4278if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then 4279 echo "SVR4 style packages are supported with \"make package\"" 4280 echo "" 4281fi 4282 4283if test "x$PAM_MSG" = "xyes" ; then 4284 echo "PAM is enabled. You may need to install a PAM control file " 4285 echo "for sshd, otherwise password authentication may fail. " 4286 echo "Example PAM control files can be found in the contrib/ " 4287 echo "subdirectory" 4288 echo "" 4289fi 4290 4291if test ! -z "$NO_PEERCHECK" ; then 4292 echo "WARNING: the operating system that you are using does not" 4293 echo "appear to support getpeereid(), getpeerucred() or the" 4294 echo "SO_PEERCRED getsockopt() option. These facilities are used to" 4295 echo "enforce security checks to prevent unauthorised connections to" 4296 echo "ssh-agent. Their absence increases the risk that a malicious" 4297 echo "user can connect to your agent." 4298 echo "" 4299fi 4300 4301if test "$AUDIT_MODULE" = "bsm" ; then 4302 echo "WARNING: BSM audit support is currently considered EXPERIMENTAL." 4303 echo "See the Solaris section in README.platform for details." 4304fi 4305