зеркало из https://github.com/Azure/sonic-openssh.git
3820 строки
98 KiB
Plaintext
3820 строки
98 KiB
Plaintext
# $Id: configure.ac,v 1.321 2006/01/01 10:03:30 djm Exp $
|
|
#
|
|
# Copyright (c) 1999-2004 Damien Miller
|
|
#
|
|
# Permission to use, copy, modify, and distribute this software for any
|
|
# purpose with or without fee is hereby granted, provided that the above
|
|
# copyright notice and this permission notice appear in all copies.
|
|
#
|
|
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
|
|
AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
|
|
AC_CONFIG_SRCDIR([ssh.c])
|
|
|
|
AC_CONFIG_HEADER(config.h)
|
|
AC_PROG_CC
|
|
AC_CANONICAL_HOST
|
|
AC_C_BIGENDIAN
|
|
|
|
# Checks for programs.
|
|
AC_PROG_AWK
|
|
AC_PROG_CPP
|
|
AC_PROG_RANLIB
|
|
AC_PROG_INSTALL
|
|
AC_PATH_PROG(AR, ar)
|
|
AC_PATH_PROG(CAT, cat)
|
|
AC_PATH_PROG(KILL, kill)
|
|
AC_PATH_PROGS(PERL, perl5 perl)
|
|
AC_PATH_PROG(SED, sed)
|
|
AC_SUBST(PERL)
|
|
AC_PATH_PROG(ENT, ent)
|
|
AC_SUBST(ENT)
|
|
AC_PATH_PROG(TEST_MINUS_S_SH, bash)
|
|
AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
|
|
AC_PATH_PROG(TEST_MINUS_S_SH, sh)
|
|
AC_PATH_PROG(SH, sh)
|
|
AC_SUBST(TEST_SHELL,sh)
|
|
|
|
dnl for buildpkg.sh
|
|
AC_PATH_PROG(PATH_GROUPADD_PROG, groupadd, groupadd,
|
|
[/usr/sbin${PATH_SEPARATOR}/etc])
|
|
AC_PATH_PROG(PATH_USERADD_PROG, useradd, useradd,
|
|
[/usr/sbin${PATH_SEPARATOR}/etc])
|
|
AC_CHECK_PROG(MAKE_PACKAGE_SUPPORTED, pkgmk, yes, no)
|
|
|
|
# System features
|
|
AC_SYS_LARGEFILE
|
|
|
|
if test -z "$AR" ; then
|
|
AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
|
|
fi
|
|
|
|
# Use LOGIN_PROGRAM from environment if possible
|
|
if test ! -z "$LOGIN_PROGRAM" ; then
|
|
AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM",
|
|
[If your header files don't define LOGIN_PROGRAM,
|
|
then use this (detected) from environment and PATH])
|
|
else
|
|
# Search for login
|
|
AC_PATH_PROG(LOGIN_PROGRAM_FALLBACK, login)
|
|
if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
|
|
AC_DEFINE_UNQUOTED(LOGIN_PROGRAM_FALLBACK, "$LOGIN_PROGRAM_FALLBACK")
|
|
fi
|
|
fi
|
|
|
|
AC_PATH_PROG(PATH_PASSWD_PROG, passwd)
|
|
if test ! -z "$PATH_PASSWD_PROG" ; then
|
|
AC_DEFINE_UNQUOTED(_PATH_PASSWD_PROG, "$PATH_PASSWD_PROG",
|
|
[Full path of your "passwd" program])
|
|
fi
|
|
|
|
if test -z "$LD" ; then
|
|
LD=$CC
|
|
fi
|
|
AC_SUBST(LD)
|
|
|
|
AC_C_INLINE
|
|
|
|
AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
|
|
|
|
if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
|
|
CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
|
|
GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
|
|
case $GCC_VER in
|
|
1.*) ;;
|
|
2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
|
|
2.*) ;;
|
|
3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
|
|
4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
|
|
*) ;;
|
|
esac
|
|
|
|
if test -z "$have_llong_max"; then
|
|
# retry LLONG_MAX with -std=gnu99, needed on some Linuxes
|
|
unset ac_cv_have_decl_LLONG_MAX
|
|
saved_CFLAGS="$CFLAGS"
|
|
CFLAGS="$CFLAGS -std=gnu99"
|
|
AC_CHECK_DECL(LLONG_MAX,
|
|
[have_llong_max=1],
|
|
[CFLAGS="$saved_CFLAGS"],
|
|
[#include <limits.h>]
|
|
)
|
|
fi
|
|
fi
|
|
|
|
AC_ARG_WITH(rpath,
|
|
[ --without-rpath Disable auto-added -R linker paths],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
need_dash_r=""
|
|
fi
|
|
if test "x$withval" = "xyes" ; then
|
|
need_dash_r=1
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Check for some target-specific stuff
|
|
case "$host" in
|
|
*-*-aix*)
|
|
AC_MSG_CHECKING([how to specify blibpath for linker ($LD)])
|
|
if (test -z "$blibpath"); then
|
|
blibpath="/usr/lib:/lib"
|
|
fi
|
|
saved_LDFLAGS="$LDFLAGS"
|
|
for tryflags in -blibpath: -Wl,-blibpath: -Wl,-rpath, ;do
|
|
if (test -z "$blibflags"); then
|
|
LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
|
|
AC_TRY_LINK([], [], [blibflags=$tryflags])
|
|
fi
|
|
done
|
|
if (test -z "$blibflags"); then
|
|
AC_MSG_RESULT(not found)
|
|
AC_MSG_ERROR([*** must be able to specify blibpath on AIX - check config.log])
|
|
else
|
|
AC_MSG_RESULT($blibflags)
|
|
fi
|
|
LDFLAGS="$saved_LDFLAGS"
|
|
dnl Check for authenticate. Might be in libs.a on older AIXes
|
|
AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE, 1,
|
|
[Define if you want to enable AIX4's authenticate function])],
|
|
[AC_CHECK_LIB(s,authenticate,
|
|
[ AC_DEFINE(WITH_AIXAUTHENTICATE)
|
|
LIBS="$LIBS -ls"
|
|
])
|
|
])
|
|
dnl Check for various auth function declarations in headers.
|
|
AC_CHECK_DECLS([authenticate, loginrestrictions, loginsuccess,
|
|
passwdexpired, setauthdb], , , [#include <usersec.h>])
|
|
dnl Check if loginfailed is declared and takes 4 arguments (AIX >= 5.2)
|
|
AC_CHECK_DECLS(loginfailed,
|
|
[AC_MSG_CHECKING(if loginfailed takes 4 arguments)
|
|
AC_TRY_COMPILE(
|
|
[#include <usersec.h>],
|
|
[(void)loginfailed("user","host","tty",0);],
|
|
[AC_MSG_RESULT(yes)
|
|
AC_DEFINE(AIX_LOGINFAILED_4ARG, 1,
|
|
[Define if your AIX loginfailed() function
|
|
takes 4 arguments (AIX >= 5.2)])],
|
|
[AC_MSG_RESULT(no)]
|
|
)],
|
|
[],
|
|
[#include <usersec.h>]
|
|
)
|
|
AC_CHECK_FUNCS(setauthdb)
|
|
check_for_aix_broken_getaddrinfo=1
|
|
AC_DEFINE(BROKEN_REALPATH, 1, [Define if you have a broken realpath.])
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID, 1,
|
|
[Define if your platform breaks doing a seteuid before a setuid])
|
|
AC_DEFINE(BROKEN_SETREUID, 1, [Define if your setreuid() is broken])
|
|
AC_DEFINE(BROKEN_SETREGID, 1, [Define if your setregid() is broken])
|
|
dnl AIX handles lastlog as part of its login message
|
|
AC_DEFINE(DISABLE_LASTLOG, 1, [Define if you don't want to use lastlog])
|
|
AC_DEFINE(LOGIN_NEEDS_UTMPX, 1,
|
|
[Some systems need a utmpx entry for /bin/login to work])
|
|
AC_DEFINE(SPT_TYPE,SPT_REUSEARGV,
|
|
[Define to a Set Process Title type if your system is
|
|
supported by bsd-setproctitle.c])
|
|
AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
|
|
[AIX 5.2 and 5.3 (and presumably newer) require this])
|
|
;;
|
|
*-*-cygwin*)
|
|
check_for_libcrypt_later=1
|
|
LIBS="$LIBS /usr/lib/textmode.o"
|
|
AC_DEFINE(HAVE_CYGWIN, 1, [Define if you are on Cygwin])
|
|
AC_DEFINE(USE_PIPES, 1, [Use PIPES instead of a socketpair()])
|
|
AC_DEFINE(DISABLE_SHADOW, 1,
|
|
[Define if you want to disable shadow passwords])
|
|
AC_DEFINE(IP_TOS_IS_BROKEN, 1,
|
|
[Define if your system choked on IP TOS setting])
|
|
AC_DEFINE(NO_X11_UNIX_SOCKETS, 1,
|
|
[Define if X11 doesn't support AF_UNIX sockets on that system])
|
|
AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT, 1,
|
|
[Define if the concept of ports only accessible to
|
|
superusers isn't known])
|
|
AC_DEFINE(DISABLE_FD_PASSING, 1,
|
|
[Define if your platform needs to skip post auth
|
|
file descriptor passing])
|
|
;;
|
|
*-*-dgux*)
|
|
AC_DEFINE(IP_TOS_IS_BROKEN)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
;;
|
|
*-*-darwin*)
|
|
AC_MSG_CHECKING(if we have working getaddrinfo)
|
|
AC_TRY_RUN([#include <mach-o/dyld.h>
|
|
main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
|
|
exit(0);
|
|
else
|
|
exit(1);
|
|
}], [AC_MSG_RESULT(working)],
|
|
[AC_MSG_RESULT(buggy)
|
|
AC_DEFINE(BROKEN_GETADDRINFO, 1, [getaddrinfo is broken (if present)])],
|
|
[AC_MSG_RESULT(assume it is working)])
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
|
|
[Define if your resolver libs need this for getrrsetbyname])
|
|
;;
|
|
*-*-hpux*)
|
|
# first we define all of the options common to all HP-UX releases
|
|
CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
|
|
IPADDR_IN_DISPLAY=yes
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(LOGIN_NO_ENDOPT, 1,
|
|
[Define if your login program cannot handle end of options ("--")])
|
|
AC_DEFINE(LOGIN_NEEDS_UTMPX)
|
|
AC_DEFINE(LOCKED_PASSWD_STRING, "*",
|
|
[String used in /etc/passwd to denote locked account])
|
|
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
|
|
MAIL="/var/mail/username"
|
|
LIBS="$LIBS -lsec"
|
|
AC_CHECK_LIB(xnet, t_error, ,
|
|
AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
|
|
|
|
# next, we define all of the options specific to major releases
|
|
case "$host" in
|
|
*-*-hpux10*)
|
|
if test -z "$GCC"; then
|
|
CFLAGS="$CFLAGS -Ae"
|
|
fi
|
|
;;
|
|
*-*-hpux11*)
|
|
AC_DEFINE(PAM_SUN_CODEBASE, 1,
|
|
[Define if you are using Solaris-derived PAM which
|
|
passes pam_messages to the conversation function
|
|
with an extra level of indirection])
|
|
AC_DEFINE(DISABLE_UTMP, 1,
|
|
[Define if you don't want to use utmp])
|
|
AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
|
|
check_for_hpux_broken_getaddrinfo=1
|
|
check_for_conflicting_getspnam=1
|
|
;;
|
|
esac
|
|
|
|
# lastly, we define options specific to minor releases
|
|
case "$host" in
|
|
*-*-hpux10.26)
|
|
AC_DEFINE(HAVE_SECUREWARE, 1,
|
|
[Define if you have SecureWare-based
|
|
protected password database])
|
|
disable_ptmx_check=yes
|
|
LIBS="$LIBS -lsecpw"
|
|
;;
|
|
esac
|
|
;;
|
|
*-*-irix5*)
|
|
PATH="$PATH:/usr/etc"
|
|
AC_DEFINE(BROKEN_INET_NTOA, 1,
|
|
[Define if you system's inet_ntoa is busted
|
|
(e.g. Irix gcc issue)])
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(WITH_ABBREV_NO_TTY, 1,
|
|
[Define if you shouldn't strip 'tty' from your
|
|
ttyname in [uw]tmp])
|
|
AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
|
|
;;
|
|
*-*-irix6*)
|
|
PATH="$PATH:/usr/etc"
|
|
AC_DEFINE(WITH_IRIX_ARRAY, 1,
|
|
[Define if you have/want arrays
|
|
(cluster-wide session managment, not C arrays)])
|
|
AC_DEFINE(WITH_IRIX_PROJECT, 1,
|
|
[Define if you want IRIX project management])
|
|
AC_DEFINE(WITH_IRIX_AUDIT, 1,
|
|
[Define if you want IRIX audit trails])
|
|
AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS, 1,
|
|
[Define if you want IRIX kernel jobs])])
|
|
AC_DEFINE(BROKEN_INET_NTOA)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(BROKEN_UPDWTMPX, 1, [updwtmpx is broken (if present)])
|
|
AC_DEFINE(WITH_ABBREV_NO_TTY)
|
|
AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
|
|
;;
|
|
*-*-linux*)
|
|
no_dev_ptmx=1
|
|
check_for_libcrypt_later=1
|
|
check_for_openpty_ctty_bug=1
|
|
AC_DEFINE(DONT_TRY_OTHER_AF, 1, [Workaround more Linux IPv6 quirks])
|
|
AC_DEFINE(PAM_TTY_KLUDGE, 1,
|
|
[Work around problematic Linux PAM modules handling of PAM_TTY])
|
|
AC_DEFINE(LOCKED_PASSWD_PREFIX, "!",
|
|
[String used in /etc/passwd to denote locked account])
|
|
AC_DEFINE(SPT_TYPE,SPT_REUSEARGV)
|
|
AC_DEFINE(LINK_OPNOTSUPP_ERRNO, EPERM,
|
|
[Define to whatever link() returns for "not supported"
|
|
if it doesn't return EOPNOTSUPP.])
|
|
AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
|
|
AC_DEFINE(USE_BTMP)
|
|
inet6_default_4in6=yes
|
|
case `uname -r` in
|
|
1.*|2.0.*)
|
|
AC_DEFINE(BROKEN_CMSG_TYPE, 1,
|
|
[Define if cmsg_type is not passed correctly])
|
|
;;
|
|
esac
|
|
# tun(4) forwarding compat code
|
|
AC_CHECK_HEADERS(linux/if_tun.h)
|
|
if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
|
|
AC_DEFINE(SSH_TUN_LINUX, 1,
|
|
[Open tunnel devices the Linux tun/tap way])
|
|
AC_DEFINE(SSH_TUN_COMPAT_AF, 1,
|
|
[Use tunnel device compatibility to OpenBSD])
|
|
AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
|
|
[Prepend the address family to IP tunnel traffic])
|
|
fi
|
|
;;
|
|
mips-sony-bsd|mips-sony-newsos4)
|
|
AC_DEFINE(NEED_SETPRGP, 1, [Need setpgrp to acquire controlling tty])
|
|
SONY=1
|
|
;;
|
|
*-*-netbsd*)
|
|
check_for_libcrypt_before=1
|
|
if test "x$withval" != "xno" ; then
|
|
need_dash_r=1
|
|
fi
|
|
AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
|
|
AC_CHECK_HEADER([net/if_tap.h], ,
|
|
AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
|
|
AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
|
|
[Prepend the address family to IP tunnel traffic])
|
|
;;
|
|
*-*-freebsd*)
|
|
check_for_libcrypt_later=1
|
|
AC_DEFINE(LOCKED_PASSWD_PREFIX, "*LOCKED*", [Account locked with pw(1)])
|
|
AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
|
|
AC_CHECK_HEADER([net/if_tap.h], ,
|
|
AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
|
|
;;
|
|
*-*-bsdi*)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
;;
|
|
*-next-*)
|
|
conf_lastlog_location="/usr/adm/lastlog"
|
|
conf_utmp_location=/etc/utmp
|
|
conf_wtmp_location=/usr/adm/wtmp
|
|
MAIL=/usr/spool/mail
|
|
AC_DEFINE(HAVE_NEXT, 1, [Define if you are on NeXT])
|
|
AC_DEFINE(BROKEN_REALPATH)
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(BROKEN_SAVED_UIDS, 1, [Needed for NeXT])
|
|
;;
|
|
*-*-openbsd*)
|
|
AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
|
|
AC_DEFINE(HAVE_ATTRIBUTE__BOUNDED__, 1, [OpenBSD's gcc has bounded])
|
|
AC_DEFINE(SSH_TUN_OPENBSD, 1, [Open tunnel devices the OpenBSD way])
|
|
;;
|
|
*-*-solaris*)
|
|
if test "x$withval" != "xno" ; then
|
|
need_dash_r=1
|
|
fi
|
|
AC_DEFINE(PAM_SUN_CODEBASE)
|
|
AC_DEFINE(LOGIN_NEEDS_UTMPX)
|
|
AC_DEFINE(LOGIN_NEEDS_TERM, 1,
|
|
[Some versions of /bin/login need the TERM supplied
|
|
on the commandline])
|
|
AC_DEFINE(PAM_TTY_KLUDGE)
|
|
AC_DEFINE(SSHPAM_CHAUTHTOK_NEEDS_RUID, 1,
|
|
[Define if pam_chauthtok wants real uid set
|
|
to the unpriv'ed user])
|
|
AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
|
|
# Pushing STREAMS modules will cause sshd to acquire a controlling tty.
|
|
AC_DEFINE(SSHD_ACQUIRES_CTTY, 1,
|
|
[Define if sshd somehow reacquires a controlling TTY
|
|
after setsid()])
|
|
external_path_file=/etc/default/login
|
|
# hardwire lastlog location (can't detect it on some versions)
|
|
conf_lastlog_location="/var/adm/lastlog"
|
|
AC_MSG_CHECKING(for obsolete utmp and wtmp in solaris2.x)
|
|
sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
|
|
if test "$sol2ver" -ge 8; then
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(DISABLE_UTMP)
|
|
AC_DEFINE(DISABLE_WTMP, 1,
|
|
[Define if you don't want to use wtmp])
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
fi
|
|
;;
|
|
*-*-sunos4*)
|
|
CPPFLAGS="$CPPFLAGS -DSUNOS4"
|
|
AC_CHECK_FUNCS(getpwanam)
|
|
AC_DEFINE(PAM_SUN_CODEBASE)
|
|
conf_utmp_location=/etc/utmp
|
|
conf_wtmp_location=/var/adm/wtmp
|
|
conf_lastlog_location=/var/adm/lastlog
|
|
AC_DEFINE(USE_PIPES)
|
|
;;
|
|
*-ncr-sysv*)
|
|
LIBS="$LIBS -lc89"
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(SSHD_ACQUIRES_CTTY)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
;;
|
|
*-sni-sysv*)
|
|
# /usr/ucblib MUST NOT be searched on ReliantUNIX
|
|
AC_CHECK_LIB(dl, dlsym, ,)
|
|
# -lresolv needs to be at the end of LIBS or DNS lookups break
|
|
AC_CHECK_LIB(resolv, res_query, [ LIBS="$LIBS -lresolv" ])
|
|
IPADDR_IN_DISPLAY=yes
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(IP_TOS_IS_BROKEN)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(SSHD_ACQUIRES_CTTY)
|
|
external_path_file=/etc/default/login
|
|
# /usr/ucblib/libucb.a no longer needed on ReliantUNIX
|
|
# Attention: always take care to bind libsocket and libnsl before libc,
|
|
# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
|
|
;;
|
|
# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
|
|
*-*-sysv4.2*)
|
|
CFLAGS="$CFLAGS -Dva_list=_VA_LIST"
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
|
|
AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
|
|
;;
|
|
# UnixWare 7.x, OpenUNIX 8
|
|
*-*-sysv5*)
|
|
check_for_libcrypt_later=1
|
|
AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(PASSWD_NEEDS_USERNAME)
|
|
case "$host" in
|
|
*-*-sysv5SCO_SV*) # SCO OpenServer 6.x
|
|
TEST_SHELL=/u95/bin/sh
|
|
AC_DEFINE(BROKEN_LIBIAF, 1,
|
|
[ia_uinfo routines not supported by OS yet])
|
|
;;
|
|
*) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*")
|
|
;;
|
|
esac
|
|
;;
|
|
*-*-sysv*)
|
|
;;
|
|
# SCO UNIX and OEM versions of SCO UNIX
|
|
*-*-sco3.2v4*)
|
|
AC_MSG_ERROR("This Platform is no longer supported.")
|
|
;;
|
|
# SCO OpenServer 5.x
|
|
*-*-sco3.2v5*)
|
|
if test -z "$GCC"; then
|
|
CFLAGS="$CFLAGS -belf"
|
|
fi
|
|
LIBS="$LIBS -lprot -lx -ltinfo -lm"
|
|
no_dev_ptmx=1
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(HAVE_SECUREWARE)
|
|
AC_DEFINE(DISABLE_SHADOW)
|
|
AC_DEFINE(DISABLE_FD_PASSING)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(WITH_ABBREV_NO_TTY)
|
|
AC_DEFINE(BROKEN_UPDWTMPX)
|
|
AC_DEFINE(PASSWD_NEEDS_USERNAME)
|
|
AC_CHECK_FUNCS(getluid setluid)
|
|
MANTYPE=man
|
|
TEST_SHELL=ksh
|
|
;;
|
|
*-*-unicosmk*)
|
|
AC_DEFINE(NO_SSH_LASTLOG, 1,
|
|
[Define if you don't want to use lastlog in session.c])
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(DISABLE_FD_PASSING)
|
|
LDFLAGS="$LDFLAGS"
|
|
LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
|
|
MANTYPE=cat
|
|
;;
|
|
*-*-unicosmp*)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(WITH_ABBREV_NO_TTY)
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(DISABLE_FD_PASSING)
|
|
LDFLAGS="$LDFLAGS"
|
|
LIBS="$LIBS -lgen -lacid -ldb"
|
|
MANTYPE=cat
|
|
;;
|
|
*-*-unicos*)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(DISABLE_FD_PASSING)
|
|
AC_DEFINE(NO_SSH_LASTLOG)
|
|
LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
|
|
LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
|
|
MANTYPE=cat
|
|
;;
|
|
*-dec-osf*)
|
|
AC_MSG_CHECKING(for Digital Unix SIA)
|
|
no_osfsia=""
|
|
AC_ARG_WITH(osfsia,
|
|
[ --with-osfsia Enable Digital Unix SIA],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
AC_MSG_RESULT(disabled)
|
|
no_osfsia=1
|
|
fi
|
|
],
|
|
)
|
|
if test -z "$no_osfsia" ; then
|
|
if test -f /etc/sia/matrix.conf; then
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HAVE_OSF_SIA, 1,
|
|
[Define if you have Digital Unix Security
|
|
Integration Architecture])
|
|
AC_DEFINE(DISABLE_LOGIN, 1,
|
|
[Define if you don't want to use your
|
|
system's login() call])
|
|
AC_DEFINE(DISABLE_FD_PASSING)
|
|
LIBS="$LIBS -lsecurity -ldb -lm -laud"
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin",
|
|
[String used in /etc/passwd to denote locked account])
|
|
fi
|
|
fi
|
|
AC_DEFINE(BROKEN_GETADDRINFO)
|
|
AC_DEFINE(SETEUID_BREAKS_SETUID)
|
|
AC_DEFINE(BROKEN_SETREUID)
|
|
AC_DEFINE(BROKEN_SETREGID)
|
|
;;
|
|
|
|
*-*-nto-qnx)
|
|
AC_DEFINE(USE_PIPES)
|
|
AC_DEFINE(NO_X11_UNIX_SOCKETS)
|
|
AC_DEFINE(MISSING_NFDBITS, 1, [Define on *nto-qnx systems])
|
|
AC_DEFINE(MISSING_HOWMANY, 1, [Define on *nto-qnx systems])
|
|
AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
|
|
;;
|
|
|
|
*-*-ultrix*)
|
|
AC_DEFINE(BROKEN_GETGROUPS, 1, [getgroups(0,NULL) will return -1])
|
|
AC_DEFINE(BROKEN_MMAP, 1, [Ultrix mmap can't map files])
|
|
AC_DEFINE(NEED_SETPRGP)
|
|
AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
|
|
;;
|
|
|
|
*-*-lynxos)
|
|
CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
|
|
AC_DEFINE(MISSING_HOWMANY)
|
|
AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
|
|
;;
|
|
esac
|
|
|
|
# Allow user to specify flags
|
|
AC_ARG_WITH(cflags,
|
|
[ --with-cflags Specify additional flags to pass to compiler],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
CFLAGS="$CFLAGS $withval"
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_WITH(cppflags,
|
|
[ --with-cppflags Specify additional flags to pass to preprocessor] ,
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
CPPFLAGS="$CPPFLAGS $withval"
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_WITH(ldflags,
|
|
[ --with-ldflags Specify additional flags to pass to linker],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
LDFLAGS="$LDFLAGS $withval"
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_WITH(libs,
|
|
[ --with-libs Specify additional libraries to link with],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
LIBS="$LIBS $withval"
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_WITH(Werror,
|
|
[ --with-Werror Build main code with -Werror],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno"; then
|
|
werror_flags="-Werror"
|
|
if test "x${withval}" != "xyes"; then
|
|
werror_flags="$withval"
|
|
fi
|
|
fi
|
|
]
|
|
)
|
|
|
|
AC_MSG_CHECKING(compiler and flags for sanity)
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([
|
|
#include <stdio.h>
|
|
int main(){exit(0);}
|
|
])],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***])
|
|
],
|
|
[ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
|
|
)
|
|
|
|
dnl Checks for header files.
|
|
AC_CHECK_HEADERS( \
|
|
bstring.h \
|
|
crypt.h \
|
|
dirent.h \
|
|
endian.h \
|
|
features.h \
|
|
floatingpoint.h \
|
|
getopt.h \
|
|
glob.h \
|
|
ia.h \
|
|
iaf.h \
|
|
lastlog.h \
|
|
limits.h \
|
|
login.h \
|
|
login_cap.h \
|
|
maillock.h \
|
|
ndir.h \
|
|
net/if.h \
|
|
netdb.h \
|
|
netgroup.h \
|
|
netinet/in_systm.h \
|
|
pam/pam_appl.h \
|
|
paths.h \
|
|
pty.h \
|
|
readpassphrase.h \
|
|
rpc/types.h \
|
|
security/pam_appl.h \
|
|
shadow.h \
|
|
stddef.h \
|
|
stdint.h \
|
|
string.h \
|
|
strings.h \
|
|
sys/audit.h \
|
|
sys/bitypes.h \
|
|
sys/bsdtty.h \
|
|
sys/cdefs.h \
|
|
sys/dir.h \
|
|
sys/mman.h \
|
|
sys/ndir.h \
|
|
sys/prctl.h \
|
|
sys/pstat.h \
|
|
sys/select.h \
|
|
sys/stat.h \
|
|
sys/stream.h \
|
|
sys/stropts.h \
|
|
sys/strtio.h \
|
|
sys/sysmacros.h \
|
|
sys/time.h \
|
|
sys/timers.h \
|
|
sys/un.h \
|
|
time.h \
|
|
tmpdir.h \
|
|
ttyent.h \
|
|
unistd.h \
|
|
usersec.h \
|
|
util.h \
|
|
utime.h \
|
|
utmp.h \
|
|
utmpx.h \
|
|
vis.h \
|
|
)
|
|
|
|
# sys/ptms.h requires sys/stream.h to be included first on Solaris
|
|
AC_CHECK_HEADERS(sys/ptms.h, [], [], [
|
|
#ifdef HAVE_SYS_STREAM_H
|
|
# include <sys/stream.h>
|
|
#endif
|
|
])
|
|
|
|
# Checks for libraries.
|
|
AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match))
|
|
AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt))
|
|
|
|
dnl IRIX and Solaris 2.5.1 have dirname() in libgen
|
|
AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
|
|
AC_CHECK_LIB(gen, dirname,[
|
|
AC_CACHE_CHECK([for broken dirname],
|
|
ac_cv_have_broken_dirname, [
|
|
save_LIBS="$LIBS"
|
|
LIBS="$LIBS -lgen"
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <libgen.h>
|
|
#include <string.h>
|
|
|
|
int main(int argc, char **argv) {
|
|
char *s, buf[32];
|
|
|
|
strncpy(buf,"/etc", 32);
|
|
s = dirname(buf);
|
|
if (!s || strncmp(s, "/", 32) != 0) {
|
|
exit(1);
|
|
} else {
|
|
exit(0);
|
|
}
|
|
}
|
|
]])],
|
|
[ ac_cv_have_broken_dirname="no" ],
|
|
[ ac_cv_have_broken_dirname="yes" ],
|
|
[ ac_cv_have_broken_dirname="no" ],
|
|
)
|
|
LIBS="$save_LIBS"
|
|
])
|
|
if test "x$ac_cv_have_broken_dirname" = "xno" ; then
|
|
LIBS="$LIBS -lgen"
|
|
AC_DEFINE(HAVE_DIRNAME)
|
|
AC_CHECK_HEADERS(libgen.h)
|
|
fi
|
|
])
|
|
])
|
|
|
|
AC_CHECK_FUNC(getspnam, ,
|
|
AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
|
|
AC_SEARCH_LIBS(basename, gen, AC_DEFINE(HAVE_BASENAME, 1,
|
|
[Define if you have the basename function.]))
|
|
|
|
dnl zlib is required
|
|
AC_ARG_WITH(zlib,
|
|
[ --with-zlib=PATH Use zlib in PATH],
|
|
[ if test "x$withval" = "xno" ; then
|
|
AC_MSG_ERROR([*** zlib is required ***])
|
|
elif test "x$withval" != "xyes"; then
|
|
if test -d "$withval/lib"; then
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L${withval}/lib ${LDFLAGS}"
|
|
fi
|
|
else
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L${withval} ${LDFLAGS}"
|
|
fi
|
|
fi
|
|
if test -d "$withval/include"; then
|
|
CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
|
|
else
|
|
CPPFLAGS="-I${withval} ${CPPFLAGS}"
|
|
fi
|
|
fi ]
|
|
)
|
|
|
|
AC_CHECK_LIB(z, deflate, ,
|
|
[
|
|
saved_CPPFLAGS="$CPPFLAGS"
|
|
saved_LDFLAGS="$LDFLAGS"
|
|
save_LIBS="$LIBS"
|
|
dnl Check default zlib install dir
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
|
|
fi
|
|
CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
|
|
LIBS="$LIBS -lz"
|
|
AC_TRY_LINK_FUNC(deflate, AC_DEFINE(HAVE_LIBZ),
|
|
[
|
|
AC_MSG_ERROR([*** zlib missing - please install first or check config.log ***])
|
|
]
|
|
)
|
|
]
|
|
)
|
|
AC_CHECK_HEADER([zlib.h], ,AC_MSG_ERROR([*** zlib.h missing - please install first or check config.log ***]))
|
|
|
|
AC_ARG_WITH(zlib-version-check,
|
|
[ --without-zlib-version-check Disable zlib version check],
|
|
[ if test "x$withval" = "xno" ; then
|
|
zlib_check_nonfatal=1
|
|
fi
|
|
]
|
|
)
|
|
|
|
AC_MSG_CHECKING(for possibly buggy zlib)
|
|
AC_RUN_IFELSE([AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <zlib.h>
|
|
int main()
|
|
{
|
|
int a=0, b=0, c=0, d=0, n, v;
|
|
n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
|
|
if (n != 3 && n != 4)
|
|
exit(1);
|
|
v = a*1000000 + b*10000 + c*100 + d;
|
|
fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
|
|
|
|
/* 1.1.4 is OK */
|
|
if (a == 1 && b == 1 && c >= 4)
|
|
exit(0);
|
|
|
|
/* 1.2.3 and up are OK */
|
|
if (v >= 1020300)
|
|
exit(0);
|
|
|
|
exit(2);
|
|
}
|
|
]])],
|
|
AC_MSG_RESULT(no),
|
|
[ AC_MSG_RESULT(yes)
|
|
if test -z "$zlib_check_nonfatal" ; then
|
|
AC_MSG_ERROR([*** zlib too old - check config.log ***
|
|
Your reported zlib version has known security problems. It's possible your
|
|
vendor has fixed these problems without changing the version number. If you
|
|
are sure this is the case, you can disable the check by running
|
|
"./configure --without-zlib-version-check".
|
|
If you are in doubt, upgrade zlib to version 1.2.3 or greater.
|
|
See http://www.gzip.org/zlib/ for details.])
|
|
else
|
|
AC_MSG_WARN([zlib version may have security problems])
|
|
fi
|
|
],
|
|
[ AC_MSG_WARN([cross compiling: not checking zlib version]) ]
|
|
)
|
|
|
|
dnl UnixWare 2.x
|
|
AC_CHECK_FUNC(strcasecmp,
|
|
[], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
|
|
)
|
|
AC_CHECK_FUNCS(utimes,
|
|
[], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
|
|
LIBS="$LIBS -lc89"]) ]
|
|
)
|
|
|
|
dnl Checks for libutil functions
|
|
AC_CHECK_HEADERS(libutil.h)
|
|
AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN, 1,
|
|
[Define if your libraries define login()])])
|
|
AC_CHECK_FUNCS(logout updwtmp logwtmp)
|
|
|
|
AC_FUNC_STRFTIME
|
|
|
|
# Check for ALTDIRFUNC glob() extension
|
|
AC_MSG_CHECKING(for GLOB_ALTDIRFUNC support)
|
|
AC_EGREP_CPP(FOUNDIT,
|
|
[
|
|
#include <glob.h>
|
|
#ifdef GLOB_ALTDIRFUNC
|
|
FOUNDIT
|
|
#endif
|
|
],
|
|
[
|
|
AC_DEFINE(GLOB_HAS_ALTDIRFUNC, 1,
|
|
[Define if your system glob() function has
|
|
the GLOB_ALTDIRFUNC extension])
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
]
|
|
)
|
|
|
|
# Check for g.gl_matchc glob() extension
|
|
AC_MSG_CHECKING(for gl_matchc field in glob_t)
|
|
AC_EGREP_CPP(FOUNDIT,
|
|
[
|
|
#include <glob.h>
|
|
int main(void){glob_t g; g.gl_matchc = 1;}
|
|
],
|
|
[
|
|
AC_DEFINE(GLOB_HAS_GL_MATCHC, 1,
|
|
[Define if your system glob() function has
|
|
gl_matchc options in glob_t])
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
]
|
|
)
|
|
|
|
AC_MSG_CHECKING([whether struct dirent allocates space for d_name])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <sys/types.h>
|
|
#include <dirent.h>
|
|
int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
|
|
]])],
|
|
[AC_MSG_RESULT(yes)],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME, 1,
|
|
[Define if your struct dirent expects you to
|
|
allocate extra space for d_name])
|
|
],
|
|
[
|
|
AC_MSG_WARN([cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME])
|
|
AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME)
|
|
]
|
|
)
|
|
|
|
AC_MSG_CHECKING([for /proc/pid/fd directory])
|
|
if test -d "/proc/$$/fd" ; then
|
|
AC_DEFINE(HAVE_PROC_PID, 1, [Define if you have /proc/$pid/fd])
|
|
AC_MSG_RESULT(yes)
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
fi
|
|
|
|
# Check whether user wants S/Key support
|
|
SKEY_MSG="no"
|
|
AC_ARG_WITH(skey,
|
|
[ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
|
|
if test "x$withval" != "xyes" ; then
|
|
CPPFLAGS="$CPPFLAGS -I${withval}/include"
|
|
LDFLAGS="$LDFLAGS -L${withval}/lib"
|
|
fi
|
|
|
|
AC_DEFINE(SKEY, 1, [Define if you want S/Key support])
|
|
LIBS="-lskey $LIBS"
|
|
SKEY_MSG="yes"
|
|
|
|
AC_MSG_CHECKING([for s/key support])
|
|
AC_LINK_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <skey.h>
|
|
int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
|
|
]])],
|
|
[AC_MSG_RESULT(yes)],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_MSG_ERROR([** Incomplete or missing s/key libraries.])
|
|
])
|
|
AC_MSG_CHECKING(if skeychallenge takes 4 arguments)
|
|
AC_TRY_COMPILE(
|
|
[#include <stdio.h>
|
|
#include <skey.h>],
|
|
[(void)skeychallenge(NULL,"name","",0);],
|
|
[AC_MSG_RESULT(yes)
|
|
AC_DEFINE(SKEYCHALLENGE_4ARG, 1,
|
|
[Define if your skeychallenge()
|
|
function takes 4 arguments (NetBSD)])],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Check whether user wants TCP wrappers support
|
|
TCPW_MSG="no"
|
|
AC_ARG_WITH(tcp-wrappers,
|
|
[ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
saved_LIBS="$LIBS"
|
|
saved_LDFLAGS="$LDFLAGS"
|
|
saved_CPPFLAGS="$CPPFLAGS"
|
|
if test -n "${withval}" && \
|
|
test "x${withval}" != "xyes"; then
|
|
if test -d "${withval}/lib"; then
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L${withval}/lib ${LDFLAGS}"
|
|
fi
|
|
else
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L${withval} ${LDFLAGS}"
|
|
fi
|
|
fi
|
|
if test -d "${withval}/include"; then
|
|
CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
|
|
else
|
|
CPPFLAGS="-I${withval} ${CPPFLAGS}"
|
|
fi
|
|
fi
|
|
LIBWRAP="-lwrap"
|
|
LIBS="$LIBWRAP $LIBS"
|
|
AC_MSG_CHECKING(for libwrap)
|
|
AC_TRY_LINK(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <netinet/in.h>
|
|
#include <tcpd.h>
|
|
int deny_severity = 0, allow_severity = 0;
|
|
],
|
|
[hosts_access(0);],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(LIBWRAP, 1,
|
|
[Define if you want
|
|
TCP Wrappers support])
|
|
AC_SUBST(LIBWRAP)
|
|
TCPW_MSG="yes"
|
|
],
|
|
[
|
|
AC_MSG_ERROR([*** libwrap missing])
|
|
]
|
|
)
|
|
LIBS="$saved_LIBS"
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Check whether user wants libedit support
|
|
LIBEDIT_MSG="no"
|
|
AC_ARG_WITH(libedit,
|
|
[ --with-libedit[[=PATH]] Enable libedit support for sftp],
|
|
[ if test "x$withval" != "xno" ; then
|
|
if test "x$withval" != "xyes"; then
|
|
CPPFLAGS="$CPPFLAGS -I${withval}/include"
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L${withval}/lib ${LDFLAGS}"
|
|
fi
|
|
fi
|
|
AC_CHECK_LIB(edit, el_init,
|
|
[ AC_DEFINE(USE_LIBEDIT, 1, [Use libedit for sftp])
|
|
LIBEDIT="-ledit -lcurses"
|
|
LIBEDIT_MSG="yes"
|
|
AC_SUBST(LIBEDIT)
|
|
],
|
|
[ AC_MSG_ERROR(libedit not found) ],
|
|
[ -lcurses ]
|
|
)
|
|
AC_MSG_CHECKING(if libedit version is compatible)
|
|
AC_COMPILE_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <histedit.h>
|
|
int main(void)
|
|
{
|
|
int i = H_SETSIZE;
|
|
el_init("", NULL, NULL, NULL);
|
|
exit(0);
|
|
}
|
|
]])],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[ AC_MSG_RESULT(no)
|
|
AC_MSG_ERROR(libedit version is not compatible) ]
|
|
)
|
|
fi ]
|
|
)
|
|
|
|
AUDIT_MODULE=none
|
|
AC_ARG_WITH(audit,
|
|
[ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)],
|
|
[
|
|
AC_MSG_CHECKING(for supported audit module)
|
|
case "$withval" in
|
|
bsm)
|
|
AC_MSG_RESULT(bsm)
|
|
AUDIT_MODULE=bsm
|
|
dnl Checks for headers, libs and functions
|
|
AC_CHECK_HEADERS(bsm/audit.h, [],
|
|
[AC_MSG_ERROR(BSM enabled and bsm/audit.h not found)])
|
|
AC_CHECK_LIB(bsm, getaudit, [],
|
|
[AC_MSG_ERROR(BSM enabled and required library not found)])
|
|
AC_CHECK_FUNCS(getaudit, [],
|
|
[AC_MSG_ERROR(BSM enabled and required function not found)])
|
|
# These are optional
|
|
AC_CHECK_FUNCS(getaudit_addr)
|
|
AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
|
|
;;
|
|
debug)
|
|
AUDIT_MODULE=debug
|
|
AC_MSG_RESULT(debug)
|
|
AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module)
|
|
;;
|
|
no)
|
|
AC_MSG_RESULT(no)
|
|
;;
|
|
*)
|
|
AC_MSG_ERROR([Unknown audit module $withval])
|
|
;;
|
|
esac ]
|
|
)
|
|
|
|
dnl Checks for library functions. Please keep in alphabetical order
|
|
AC_CHECK_FUNCS( \
|
|
arc4random \
|
|
asprintf \
|
|
b64_ntop \
|
|
__b64_ntop \
|
|
b64_pton \
|
|
__b64_pton \
|
|
bcopy \
|
|
bindresvport_sa \
|
|
clock \
|
|
closefrom \
|
|
dirfd \
|
|
fchmod \
|
|
fchown \
|
|
freeaddrinfo \
|
|
futimes \
|
|
getaddrinfo \
|
|
getcwd \
|
|
getgrouplist \
|
|
getnameinfo \
|
|
getopt \
|
|
getpeereid \
|
|
_getpty \
|
|
getrlimit \
|
|
getttyent \
|
|
glob \
|
|
inet_aton \
|
|
inet_ntoa \
|
|
inet_ntop \
|
|
innetgr \
|
|
login_getcapbool \
|
|
md5_crypt \
|
|
memmove \
|
|
mkdtemp \
|
|
mmap \
|
|
ngetaddrinfo \
|
|
nsleep \
|
|
ogetaddrinfo \
|
|
openlog_r \
|
|
openpty \
|
|
prctl \
|
|
pstat \
|
|
readpassphrase \
|
|
realpath \
|
|
recvmsg \
|
|
rresvport_af \
|
|
sendmsg \
|
|
setdtablesize \
|
|
setegid \
|
|
setenv \
|
|
seteuid \
|
|
setgroups \
|
|
setlogin \
|
|
setpcred \
|
|
setproctitle \
|
|
setregid \
|
|
setreuid \
|
|
setrlimit \
|
|
setsid \
|
|
setvbuf \
|
|
sigaction \
|
|
sigvec \
|
|
snprintf \
|
|
socketpair \
|
|
strdup \
|
|
strerror \
|
|
strlcat \
|
|
strlcpy \
|
|
strmode \
|
|
strnvis \
|
|
strtonum \
|
|
strtoll \
|
|
strtoul \
|
|
sysconf \
|
|
tcgetpgrp \
|
|
truncate \
|
|
unsetenv \
|
|
updwtmpx \
|
|
vasprintf \
|
|
vhangup \
|
|
vsnprintf \
|
|
waitpid \
|
|
)
|
|
|
|
# IRIX has a const char return value for gai_strerror()
|
|
AC_CHECK_FUNCS(gai_strerror,[
|
|
AC_DEFINE(HAVE_GAI_STRERROR)
|
|
AC_TRY_COMPILE([
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <netdb.h>
|
|
|
|
const char *gai_strerror(int);],[
|
|
char *str;
|
|
|
|
str = gai_strerror(0);],[
|
|
AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1,
|
|
[Define if gai_strerror() returns const char *])])])
|
|
|
|
AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP, 1,
|
|
[Some systems put nanosleep outside of libc]))
|
|
|
|
dnl Make sure prototypes are defined for these before using them.
|
|
AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
|
|
AC_CHECK_DECL(strsep,
|
|
[AC_CHECK_FUNCS(strsep)],
|
|
[],
|
|
[
|
|
#ifdef HAVE_STRING_H
|
|
# include <string.h>
|
|
#endif
|
|
])
|
|
|
|
dnl tcsendbreak might be a macro
|
|
AC_CHECK_DECL(tcsendbreak,
|
|
[AC_DEFINE(HAVE_TCSENDBREAK)],
|
|
[AC_CHECK_FUNCS(tcsendbreak)],
|
|
[#include <termios.h>]
|
|
)
|
|
|
|
AC_CHECK_DECLS(h_errno, , ,[#include <netdb.h>])
|
|
|
|
AC_CHECK_FUNCS(setresuid, [
|
|
dnl Some platorms have setresuid that isn't implemented, test for this
|
|
AC_MSG_CHECKING(if setresuid seems to work)
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdlib.h>
|
|
#include <errno.h>
|
|
int main(){errno=0; setresuid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
|
|
]])],
|
|
[AC_MSG_RESULT(yes)],
|
|
[AC_DEFINE(BROKEN_SETRESUID, 1,
|
|
[Define if your setresuid() is broken])
|
|
AC_MSG_RESULT(not implemented)],
|
|
[AC_MSG_WARN([cross compiling: not checking setresuid])]
|
|
)
|
|
])
|
|
|
|
AC_CHECK_FUNCS(setresgid, [
|
|
dnl Some platorms have setresgid that isn't implemented, test for this
|
|
AC_MSG_CHECKING(if setresgid seems to work)
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdlib.h>
|
|
#include <errno.h>
|
|
int main(){errno=0; setresgid(0,0,0); if (errno==ENOSYS) exit(1); else exit(0);}
|
|
]])],
|
|
[AC_MSG_RESULT(yes)],
|
|
[AC_DEFINE(BROKEN_SETRESGID, 1,
|
|
[Define if your setresgid() is broken])
|
|
AC_MSG_RESULT(not implemented)],
|
|
[AC_MSG_WARN([cross compiling: not checking setresuid])]
|
|
)
|
|
])
|
|
|
|
dnl Checks for time functions
|
|
AC_CHECK_FUNCS(gettimeofday time)
|
|
dnl Checks for utmp functions
|
|
AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
|
|
AC_CHECK_FUNCS(utmpname)
|
|
dnl Checks for utmpx functions
|
|
AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
|
|
AC_CHECK_FUNCS(setutxent utmpxname)
|
|
|
|
AC_CHECK_FUNC(daemon,
|
|
[AC_DEFINE(HAVE_DAEMON, 1, [Define if your libraries define daemon()])],
|
|
[AC_CHECK_LIB(bsd, daemon,
|
|
[LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
|
|
)
|
|
|
|
AC_CHECK_FUNC(getpagesize,
|
|
[AC_DEFINE(HAVE_GETPAGESIZE, 1,
|
|
[Define if your libraries define getpagesize()])],
|
|
[AC_CHECK_LIB(ucb, getpagesize,
|
|
[LIBS="$LIBS -lucb"; AC_DEFINE(HAVE_GETPAGESIZE)])]
|
|
)
|
|
|
|
# Check for broken snprintf
|
|
if test "x$ac_cv_func_snprintf" = "xyes" ; then
|
|
AC_MSG_CHECKING([whether snprintf correctly terminates long strings])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
|
|
]])],
|
|
[AC_MSG_RESULT(yes)],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(BROKEN_SNPRINTF, 1,
|
|
[Define if your snprintf is busted])
|
|
AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
|
|
],
|
|
[ AC_MSG_WARN([cross compiling: Assuming working snprintf()]) ]
|
|
)
|
|
fi
|
|
|
|
# If we don't have a working asprintf, then we strongly depend on vsnprintf
|
|
# returning the right thing on overflow: the number of characters it tried to
|
|
# create (as per SUSv3)
|
|
if test "x$ac_cv_func_asprintf" != "xyes" && \
|
|
test "x$ac_cv_func_vsnprintf" = "xyes" ; then
|
|
AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <sys/types.h>
|
|
#include <stdio.h>
|
|
#include <stdarg.h>
|
|
|
|
int x_snprintf(char *str,size_t count,const char *fmt,...)
|
|
{
|
|
size_t ret; va_list ap;
|
|
va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap);
|
|
return ret;
|
|
}
|
|
int main(void)
|
|
{
|
|
char x[1];
|
|
exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1);
|
|
} ]])],
|
|
[AC_MSG_RESULT(yes)],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(BROKEN_SNPRINTF, 1,
|
|
[Define if your snprintf is busted])
|
|
AC_MSG_WARN([****** Your vsnprintf() function is broken, complain to your vendor])
|
|
],
|
|
[ AC_MSG_WARN([cross compiling: Assuming working vsnprintf()]) ]
|
|
)
|
|
fi
|
|
|
|
# On systems where [v]snprintf is broken, but is declared in stdio,
|
|
# check that the fmt argument is const char * or just char *.
|
|
# This is only useful for when BROKEN_SNPRINTF
|
|
AC_MSG_CHECKING([whether snprintf can declare const char *fmt])
|
|
AC_COMPILE_IFELSE([AC_LANG_SOURCE([[#include <stdio.h>
|
|
int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
|
|
int main(void) { snprintf(0, 0, 0); }
|
|
]])],
|
|
[AC_MSG_RESULT(yes)
|
|
AC_DEFINE(SNPRINTF_CONST, [const],
|
|
[Define as const if snprintf() can declare const char *fmt])],
|
|
[AC_MSG_RESULT(no)
|
|
AC_DEFINE(SNPRINTF_CONST, [/* not const */])])
|
|
|
|
# Check for missing getpeereid (or equiv) support
|
|
NO_PEERCHECK=""
|
|
if test "x$ac_cv_func_getpeereid" != "xyes" ; then
|
|
AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>
|
|
#include <sys/socket.h>],
|
|
[int i = SO_PEERCRED;],
|
|
[ AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HAVE_SO_PEERCRED, 1, [Have PEERCRED socket option])
|
|
],
|
|
[AC_MSG_RESULT(no)
|
|
NO_PEERCHECK=1]
|
|
)
|
|
fi
|
|
|
|
dnl see whether mkstemp() requires XXXXXX
|
|
if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
|
|
AC_MSG_CHECKING([for (overly) strict mkstemp])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdlib.h>
|
|
main() { char template[]="conftest.mkstemp-test";
|
|
if (mkstemp(template) == -1)
|
|
exit(1);
|
|
unlink(template); exit(0);
|
|
}
|
|
]])],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HAVE_STRICT_MKSTEMP, 1, [Silly mkstemp()])
|
|
],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HAVE_STRICT_MKSTEMP)
|
|
]
|
|
)
|
|
fi
|
|
|
|
dnl make sure that openpty does not reacquire controlling terminal
|
|
if test ! -z "$check_for_openpty_ctty_bug"; then
|
|
AC_MSG_CHECKING(if openpty correctly handles controlling tty)
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <sys/fcntl.h>
|
|
#include <sys/types.h>
|
|
#include <sys/wait.h>
|
|
|
|
int
|
|
main()
|
|
{
|
|
pid_t pid;
|
|
int fd, ptyfd, ttyfd, status;
|
|
|
|
pid = fork();
|
|
if (pid < 0) { /* failed */
|
|
exit(1);
|
|
} else if (pid > 0) { /* parent */
|
|
waitpid(pid, &status, 0);
|
|
if (WIFEXITED(status))
|
|
exit(WEXITSTATUS(status));
|
|
else
|
|
exit(2);
|
|
} else { /* child */
|
|
close(0); close(1); close(2);
|
|
setsid();
|
|
openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
|
|
fd = open("/dev/tty", O_RDWR | O_NOCTTY);
|
|
if (fd >= 0)
|
|
exit(3); /* Acquired ctty: broken */
|
|
else
|
|
exit(0); /* Did not acquire ctty: OK */
|
|
}
|
|
}
|
|
]])],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(SSHD_ACQUIRES_CTTY)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(cross-compiling, assuming yes)
|
|
]
|
|
)
|
|
fi
|
|
|
|
if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
|
|
test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
|
|
AC_MSG_CHECKING(if getaddrinfo seems to work)
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <sys/socket.h>
|
|
#include <netdb.h>
|
|
#include <errno.h>
|
|
#include <netinet/in.h>
|
|
|
|
#define TEST_PORT "2222"
|
|
|
|
int
|
|
main(void)
|
|
{
|
|
int err, sock;
|
|
struct addrinfo *gai_ai, *ai, hints;
|
|
char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
|
|
|
|
memset(&hints, 0, sizeof(hints));
|
|
hints.ai_family = PF_UNSPEC;
|
|
hints.ai_socktype = SOCK_STREAM;
|
|
hints.ai_flags = AI_PASSIVE;
|
|
|
|
err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
|
|
if (err != 0) {
|
|
fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
|
|
exit(1);
|
|
}
|
|
|
|
for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
|
|
if (ai->ai_family != AF_INET6)
|
|
continue;
|
|
|
|
err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
|
|
sizeof(ntop), strport, sizeof(strport),
|
|
NI_NUMERICHOST|NI_NUMERICSERV);
|
|
|
|
if (err != 0) {
|
|
if (err == EAI_SYSTEM)
|
|
perror("getnameinfo EAI_SYSTEM");
|
|
else
|
|
fprintf(stderr, "getnameinfo failed: %s\n",
|
|
gai_strerror(err));
|
|
exit(2);
|
|
}
|
|
|
|
sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
|
|
if (sock < 0)
|
|
perror("socket");
|
|
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
|
|
if (errno == EBADF)
|
|
exit(3);
|
|
}
|
|
}
|
|
exit(0);
|
|
}
|
|
]])],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(BROKEN_GETADDRINFO)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(cross-compiling, assuming yes)
|
|
]
|
|
)
|
|
fi
|
|
|
|
if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
|
|
test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
|
|
AC_MSG_CHECKING(if getaddrinfo seems to work)
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <sys/socket.h>
|
|
#include <netdb.h>
|
|
#include <errno.h>
|
|
#include <netinet/in.h>
|
|
|
|
#define TEST_PORT "2222"
|
|
|
|
int
|
|
main(void)
|
|
{
|
|
int err, sock;
|
|
struct addrinfo *gai_ai, *ai, hints;
|
|
char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
|
|
|
|
memset(&hints, 0, sizeof(hints));
|
|
hints.ai_family = PF_UNSPEC;
|
|
hints.ai_socktype = SOCK_STREAM;
|
|
hints.ai_flags = AI_PASSIVE;
|
|
|
|
err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
|
|
if (err != 0) {
|
|
fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
|
|
exit(1);
|
|
}
|
|
|
|
for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
|
|
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
|
|
continue;
|
|
|
|
err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
|
|
sizeof(ntop), strport, sizeof(strport),
|
|
NI_NUMERICHOST|NI_NUMERICSERV);
|
|
|
|
if (ai->ai_family == AF_INET && err != 0) {
|
|
perror("getnameinfo");
|
|
exit(2);
|
|
}
|
|
}
|
|
exit(0);
|
|
}
|
|
]])],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(AIX_GETNAMEINFO_HACK, 1,
|
|
[Define if you have a getaddrinfo that fails
|
|
for the all-zeros IPv6 address])
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(BROKEN_GETADDRINFO)
|
|
],
|
|
AC_MSG_RESULT(cross-compiling, assuming no)
|
|
]
|
|
)
|
|
fi
|
|
|
|
if test "x$check_for_conflicting_getspnam" = "x1"; then
|
|
AC_MSG_CHECKING(for conflicting getspnam in shadow.h)
|
|
AC_COMPILE_IFELSE(
|
|
[
|
|
#include <shadow.h>
|
|
int main(void) {exit(0);}
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(GETSPNAM_CONFLICTING_DEFS, 1,
|
|
[Conflicting defs for getspnam])
|
|
]
|
|
)
|
|
fi
|
|
|
|
AC_FUNC_GETPGRP
|
|
|
|
# Check for PAM libs
|
|
PAM_MSG="no"
|
|
AC_ARG_WITH(pam,
|
|
[ --with-pam Enable PAM support ],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
|
|
test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
|
|
AC_MSG_ERROR([PAM headers not found])
|
|
fi
|
|
|
|
AC_CHECK_LIB(dl, dlopen, , )
|
|
AC_CHECK_LIB(pam, pam_set_item, , AC_MSG_ERROR([*** libpam missing]))
|
|
AC_CHECK_FUNCS(pam_getenvlist)
|
|
AC_CHECK_FUNCS(pam_putenv)
|
|
|
|
PAM_MSG="yes"
|
|
|
|
AC_DEFINE(USE_PAM, 1,
|
|
[Define if you want to enable PAM support])
|
|
if test $ac_cv_lib_dl_dlopen = yes; then
|
|
LIBPAM="-lpam -ldl"
|
|
else
|
|
LIBPAM="-lpam"
|
|
fi
|
|
AC_SUBST(LIBPAM)
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Check for older PAM
|
|
if test "x$PAM_MSG" = "xyes" ; then
|
|
# Check PAM strerror arguments (old PAM)
|
|
AC_MSG_CHECKING([whether pam_strerror takes only one argument])
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <stdlib.h>
|
|
#if defined(HAVE_SECURITY_PAM_APPL_H)
|
|
#include <security/pam_appl.h>
|
|
#elif defined (HAVE_PAM_PAM_APPL_H)
|
|
#include <pam/pam_appl.h>
|
|
#endif
|
|
],
|
|
[(void)pam_strerror((pam_handle_t *)NULL, -1);],
|
|
[AC_MSG_RESULT(no)],
|
|
[
|
|
AC_DEFINE(HAVE_OLD_PAM, 1,
|
|
[Define if you have an old version of PAM
|
|
which takes only one argument to pam_strerror])
|
|
AC_MSG_RESULT(yes)
|
|
PAM_MSG="yes (old library)"
|
|
]
|
|
)
|
|
fi
|
|
|
|
# Search for OpenSSL
|
|
saved_CPPFLAGS="$CPPFLAGS"
|
|
saved_LDFLAGS="$LDFLAGS"
|
|
AC_ARG_WITH(ssl-dir,
|
|
[ --with-ssl-dir=PATH Specify path to OpenSSL installation ],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
case "$withval" in
|
|
# Relative paths
|
|
./*|../*) withval="`pwd`/$withval"
|
|
esac
|
|
if test -d "$withval/lib"; then
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L${withval}/lib ${LDFLAGS}"
|
|
fi
|
|
else
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L${withval} ${LDFLAGS}"
|
|
fi
|
|
fi
|
|
if test -d "$withval/include"; then
|
|
CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
|
|
else
|
|
CPPFLAGS="-I${withval} ${CPPFLAGS}"
|
|
fi
|
|
fi
|
|
]
|
|
)
|
|
LIBS="-lcrypto $LIBS"
|
|
AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL, 1,
|
|
[Define if your ssl headers are included
|
|
with #include <openssl/header.h>]),
|
|
[
|
|
dnl Check default openssl install dir
|
|
if test -n "${need_dash_r}"; then
|
|
LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
|
|
else
|
|
LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
|
|
fi
|
|
CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
|
|
AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
|
|
[
|
|
AC_MSG_ERROR([*** Can't find recent OpenSSL libcrypto (see config.log for details) ***])
|
|
]
|
|
)
|
|
]
|
|
)
|
|
|
|
# Determine OpenSSL header version
|
|
AC_MSG_CHECKING([OpenSSL header version])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <openssl/opensslv.h>
|
|
#define DATA "conftest.sslincver"
|
|
int main(void) {
|
|
FILE *fd;
|
|
int rc;
|
|
|
|
fd = fopen(DATA,"w");
|
|
if(fd == NULL)
|
|
exit(1);
|
|
|
|
if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
|
|
exit(1);
|
|
|
|
exit(0);
|
|
}
|
|
]])],
|
|
[
|
|
ssl_header_ver=`cat conftest.sslincver`
|
|
AC_MSG_RESULT($ssl_header_ver)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(not found)
|
|
AC_MSG_ERROR(OpenSSL version header not found.)
|
|
],
|
|
[
|
|
AC_MSG_WARN([cross compiling: not checking])
|
|
]
|
|
)
|
|
|
|
# Determine OpenSSL library version
|
|
AC_MSG_CHECKING([OpenSSL library version])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <openssl/opensslv.h>
|
|
#include <openssl/crypto.h>
|
|
#define DATA "conftest.ssllibver"
|
|
int main(void) {
|
|
FILE *fd;
|
|
int rc;
|
|
|
|
fd = fopen(DATA,"w");
|
|
if(fd == NULL)
|
|
exit(1);
|
|
|
|
if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
|
|
exit(1);
|
|
|
|
exit(0);
|
|
}
|
|
]])],
|
|
[
|
|
ssl_library_ver=`cat conftest.ssllibver`
|
|
AC_MSG_RESULT($ssl_library_ver)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(not found)
|
|
AC_MSG_ERROR(OpenSSL library not found.)
|
|
],
|
|
[
|
|
AC_MSG_WARN([cross compiling: not checking])
|
|
]
|
|
)
|
|
|
|
# Sanity check OpenSSL headers
|
|
AC_MSG_CHECKING([whether OpenSSL's headers match the library])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <string.h>
|
|
#include <openssl/opensslv.h>
|
|
int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
|
|
]])],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_MSG_ERROR([Your OpenSSL headers do not match your library.
|
|
Check config.log for details.
|
|
Also see contrib/findssl.sh for help identifying header/library mismatches.])
|
|
],
|
|
[
|
|
AC_MSG_WARN([cross compiling: not checking])
|
|
]
|
|
)
|
|
|
|
# Check for OpenSSL without EVP_aes_{192,256}_cbc
|
|
AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
|
|
AC_COMPILE_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <string.h>
|
|
#include <openssl/evp.h>
|
|
int main(void) { exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL)}
|
|
]])],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(OPENSSL_LOBOTOMISED_AES, 1,
|
|
[libcrypto is missing AES 192 and 256 bit functions])
|
|
]
|
|
)
|
|
|
|
# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
|
|
# because the system crypt() is more featureful.
|
|
if test "x$check_for_libcrypt_before" = "x1"; then
|
|
AC_CHECK_LIB(crypt, crypt)
|
|
fi
|
|
|
|
# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
|
|
# version in OpenSSL.
|
|
if test "x$check_for_libcrypt_later" = "x1"; then
|
|
AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
|
|
fi
|
|
|
|
AC_CHECK_LIB(iaf, ia_openinfo)
|
|
|
|
### Configure cryptographic random number support
|
|
|
|
# Check wheter OpenSSL seeds itself
|
|
AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <string.h>
|
|
#include <openssl/rand.h>
|
|
int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
|
|
]])],
|
|
[
|
|
OPENSSL_SEEDS_ITSELF=yes
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
# Default to use of the rand helper if OpenSSL doesn't
|
|
# seed itself
|
|
USE_RAND_HELPER=yes
|
|
],
|
|
[
|
|
AC_MSG_WARN([cross compiling: assuming yes])
|
|
# This is safe, since all recent OpenSSL versions will
|
|
# complain at runtime if not seeded correctly.
|
|
OPENSSL_SEEDS_ITSELF=yes
|
|
]
|
|
)
|
|
|
|
|
|
# Do we want to force the use of the rand helper?
|
|
AC_ARG_WITH(rand-helper,
|
|
[ --with-rand-helper Use subprocess to gather strong randomness ],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
# Force use of OpenSSL's internal RNG, even if
|
|
# the previous test showed it to be unseeded.
|
|
if test -z "$OPENSSL_SEEDS_ITSELF" ; then
|
|
AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
|
|
OPENSSL_SEEDS_ITSELF=yes
|
|
USE_RAND_HELPER=""
|
|
fi
|
|
else
|
|
USE_RAND_HELPER=yes
|
|
fi
|
|
],
|
|
)
|
|
|
|
# Which randomness source do we use?
|
|
if test ! -z "$OPENSSL_SEEDS_ITSELF" && test -z "$USE_RAND_HELPER" ; then
|
|
# OpenSSL only
|
|
AC_DEFINE(OPENSSL_PRNG_ONLY, 1,
|
|
[Define if you want OpenSSL's internally seeded PRNG only])
|
|
RAND_MSG="OpenSSL internal ONLY"
|
|
INSTALL_SSH_RAND_HELPER=""
|
|
elif test ! -z "$USE_RAND_HELPER" ; then
|
|
# install rand helper
|
|
RAND_MSG="ssh-rand-helper"
|
|
INSTALL_SSH_RAND_HELPER="yes"
|
|
fi
|
|
AC_SUBST(INSTALL_SSH_RAND_HELPER)
|
|
|
|
### Configuration of ssh-rand-helper
|
|
|
|
# PRNGD TCP socket
|
|
AC_ARG_WITH(prngd-port,
|
|
[ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT],
|
|
[
|
|
case "$withval" in
|
|
no)
|
|
withval=""
|
|
;;
|
|
[[0-9]]*)
|
|
;;
|
|
*)
|
|
AC_MSG_ERROR(You must specify a numeric port number for --with-prngd-port)
|
|
;;
|
|
esac
|
|
if test ! -z "$withval" ; then
|
|
PRNGD_PORT="$withval"
|
|
AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT,
|
|
[Port number of PRNGD/EGD random number socket])
|
|
fi
|
|
]
|
|
)
|
|
|
|
# PRNGD Unix domain socket
|
|
AC_ARG_WITH(prngd-socket,
|
|
[ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
|
|
[
|
|
case "$withval" in
|
|
yes)
|
|
withval="/var/run/egd-pool"
|
|
;;
|
|
no)
|
|
withval=""
|
|
;;
|
|
/*)
|
|
;;
|
|
*)
|
|
AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
|
|
;;
|
|
esac
|
|
|
|
if test ! -z "$withval" ; then
|
|
if test ! -z "$PRNGD_PORT" ; then
|
|
AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
|
|
fi
|
|
if test ! -r "$withval" ; then
|
|
AC_MSG_WARN(Entropy socket is not readable)
|
|
fi
|
|
PRNGD_SOCKET="$withval"
|
|
AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET",
|
|
[Location of PRNGD/EGD random number socket])
|
|
fi
|
|
],
|
|
[
|
|
# Check for existing socket only if we don't have a random device already
|
|
if test "$USE_RAND_HELPER" = yes ; then
|
|
AC_MSG_CHECKING(for PRNGD/EGD socket)
|
|
# Insert other locations here
|
|
for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
|
|
if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
|
|
PRNGD_SOCKET="$sock"
|
|
AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
|
|
break;
|
|
fi
|
|
done
|
|
if test ! -z "$PRNGD_SOCKET" ; then
|
|
AC_MSG_RESULT($PRNGD_SOCKET)
|
|
else
|
|
AC_MSG_RESULT(not found)
|
|
fi
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Change default command timeout for hashing entropy source
|
|
entropy_timeout=200
|
|
AC_ARG_WITH(entropy-timeout,
|
|
[ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
entropy_timeout=$withval
|
|
fi
|
|
]
|
|
)
|
|
AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout,
|
|
[Builtin PRNG command timeout])
|
|
|
|
SSH_PRIVSEP_USER=sshd
|
|
AC_ARG_WITH(privsep-user,
|
|
[ --with-privsep-user=user Specify non-privileged user for privilege separation],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
SSH_PRIVSEP_USER=$withval
|
|
fi
|
|
]
|
|
)
|
|
AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER",
|
|
[non-privileged user for privilege separation])
|
|
AC_SUBST(SSH_PRIVSEP_USER)
|
|
|
|
# We do this little dance with the search path to insure
|
|
# that programs that we select for use by installed programs
|
|
# (which may be run by the super-user) come from trusted
|
|
# locations before they come from the user's private area.
|
|
# This should help avoid accidentally configuring some
|
|
# random version of a program in someone's personal bin.
|
|
|
|
OPATH=$PATH
|
|
PATH=/bin:/usr/bin
|
|
test -h /bin 2> /dev/null && PATH=/usr/bin
|
|
test -d /sbin && PATH=$PATH:/sbin
|
|
test -d /usr/sbin && PATH=$PATH:/usr/sbin
|
|
PATH=$PATH:/etc:$OPATH
|
|
|
|
# These programs are used by the command hashing source to gather entropy
|
|
OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_W, w)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
|
|
OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
|
|
# restore PATH
|
|
PATH=$OPATH
|
|
|
|
# Where does ssh-rand-helper get its randomness from?
|
|
INSTALL_SSH_PRNG_CMDS=""
|
|
if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
|
|
if test ! -z "$PRNGD_PORT" ; then
|
|
RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
|
|
elif test ! -z "$PRNGD_SOCKET" ; then
|
|
RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
|
|
else
|
|
RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
|
|
RAND_HELPER_CMDHASH=yes
|
|
INSTALL_SSH_PRNG_CMDS="yes"
|
|
fi
|
|
fi
|
|
AC_SUBST(INSTALL_SSH_PRNG_CMDS)
|
|
|
|
|
|
# Cheap hack to ensure NEWS-OS libraries are arranged right.
|
|
if test ! -z "$SONY" ; then
|
|
LIBS="$LIBS -liberty";
|
|
fi
|
|
|
|
# Check for long long datatypes
|
|
AC_CHECK_TYPES([long long, unsigned long long, long double])
|
|
|
|
# Check datatype sizes
|
|
AC_CHECK_SIZEOF(char, 1)
|
|
AC_CHECK_SIZEOF(short int, 2)
|
|
AC_CHECK_SIZEOF(int, 4)
|
|
AC_CHECK_SIZEOF(long int, 4)
|
|
AC_CHECK_SIZEOF(long long int, 8)
|
|
|
|
# Sanity check long long for some platforms (AIX)
|
|
if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
|
|
ac_cv_sizeof_long_long_int=0
|
|
fi
|
|
|
|
# compute LLONG_MIN and LLONG_MAX if we don't know them.
|
|
if test -z "$have_llong_max"; then
|
|
AC_MSG_CHECKING([for max value of long long])
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
/* Why is this so damn hard? */
|
|
#ifdef __GNUC__
|
|
# undef __GNUC__
|
|
#endif
|
|
#define __USE_ISOC99
|
|
#include <limits.h>
|
|
#define DATA "conftest.llminmax"
|
|
int main(void) {
|
|
FILE *f;
|
|
long long i, llmin, llmax = 0;
|
|
|
|
if((f = fopen(DATA,"w")) == NULL)
|
|
exit(1);
|
|
|
|
#if defined(LLONG_MIN) && defined(LLONG_MAX)
|
|
fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
|
|
llmin = LLONG_MIN;
|
|
llmax = LLONG_MAX;
|
|
#else
|
|
fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
|
|
/* This will work on one's complement and two's complement */
|
|
for (i = 1; i > llmax; i <<= 1, i++)
|
|
llmax = i;
|
|
llmin = llmax + 1LL; /* wrap */
|
|
#endif
|
|
|
|
/* Sanity check */
|
|
if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
|
|
|| llmax - 1 > llmax) {
|
|
fprintf(f, "unknown unknown\n");
|
|
exit(2);
|
|
}
|
|
|
|
if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
|
|
exit(3);
|
|
|
|
exit(0);
|
|
}
|
|
]])],
|
|
[
|
|
llong_min=`$AWK '{print $1}' conftest.llminmax`
|
|
llong_max=`$AWK '{print $2}' conftest.llminmax`
|
|
|
|
# snprintf on some Tru64s doesn't understand "%lld"
|
|
case "$host" in
|
|
alpha-dec-osf*)
|
|
if test "x$ac_cv_sizeof_long_long_int" = "x8" &&
|
|
test "x$llong_max" = "xld"; then
|
|
llong_min="-9223372036854775808"
|
|
llong_max="9223372036854775807"
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
AC_MSG_RESULT($llong_max)
|
|
AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
|
|
[max value of long long calculated by configure])
|
|
AC_MSG_CHECKING([for min value of long long])
|
|
AC_MSG_RESULT($llong_min)
|
|
AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
|
|
[min value of long long calculated by configure])
|
|
],
|
|
[
|
|
AC_MSG_RESULT(not found)
|
|
],
|
|
[
|
|
AC_MSG_WARN([cross compiling: not checking])
|
|
]
|
|
)
|
|
fi
|
|
|
|
|
|
# More checks for data types
|
|
AC_CACHE_CHECK([for u_int type], ac_cv_have_u_int, [
|
|
AC_TRY_COMPILE(
|
|
[ #include <sys/types.h> ],
|
|
[ u_int a; a = 1;],
|
|
[ ac_cv_have_u_int="yes" ],
|
|
[ ac_cv_have_u_int="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_u_int" = "xyes" ; then
|
|
AC_DEFINE(HAVE_U_INT, 1, [define if you have u_int data type])
|
|
have_u_int=1
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for intXX_t types], ac_cv_have_intxx_t, [
|
|
AC_TRY_COMPILE(
|
|
[ #include <sys/types.h> ],
|
|
[ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
|
|
[ ac_cv_have_intxx_t="yes" ],
|
|
[ ac_cv_have_intxx_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_intxx_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_INTXX_T, 1, [define if you have intxx_t data type])
|
|
have_intxx_t=1
|
|
fi
|
|
|
|
if (test -z "$have_intxx_t" && \
|
|
test "x$ac_cv_header_stdint_h" = "xyes")
|
|
then
|
|
AC_MSG_CHECKING([for intXX_t types in stdint.h])
|
|
AC_TRY_COMPILE(
|
|
[ #include <stdint.h> ],
|
|
[ int8_t a; int16_t b; int32_t c; a = b = c = 1;],
|
|
[
|
|
AC_DEFINE(HAVE_INTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[ AC_MSG_RESULT(no) ]
|
|
)
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#ifdef HAVE_STDINT_H
|
|
# include <stdint.h>
|
|
#endif
|
|
#include <sys/socket.h>
|
|
#ifdef HAVE_SYS_BITYPES_H
|
|
# include <sys/bitypes.h>
|
|
#endif
|
|
],
|
|
[ int64_t a; a = 1;],
|
|
[ ac_cv_have_int64_t="yes" ],
|
|
[ ac_cv_have_int64_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_int64_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_INT64_T, 1, [define if you have int64_t data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
|
|
AC_TRY_COMPILE(
|
|
[ #include <sys/types.h> ],
|
|
[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
|
|
[ ac_cv_have_u_intxx_t="yes" ],
|
|
[ ac_cv_have_u_intxx_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_U_INTXX_T, 1, [define if you have u_intxx_t data type])
|
|
have_u_intxx_t=1
|
|
fi
|
|
|
|
if test -z "$have_u_intxx_t" ; then
|
|
AC_MSG_CHECKING([for u_intXX_t types in sys/socket.h])
|
|
AC_TRY_COMPILE(
|
|
[ #include <sys/socket.h> ],
|
|
[ u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;],
|
|
[
|
|
AC_DEFINE(HAVE_U_INTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[ AC_MSG_RESULT(no) ]
|
|
)
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for u_int64_t types], ac_cv_have_u_int64_t, [
|
|
AC_TRY_COMPILE(
|
|
[ #include <sys/types.h> ],
|
|
[ u_int64_t a; a = 1;],
|
|
[ ac_cv_have_u_int64_t="yes" ],
|
|
[ ac_cv_have_u_int64_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_U_INT64_T, 1, [define if you have u_int64_t data type])
|
|
have_u_int64_t=1
|
|
fi
|
|
|
|
if test -z "$have_u_int64_t" ; then
|
|
AC_MSG_CHECKING([for u_int64_t type in sys/bitypes.h])
|
|
AC_TRY_COMPILE(
|
|
[ #include <sys/bitypes.h> ],
|
|
[ u_int64_t a; a = 1],
|
|
[
|
|
AC_DEFINE(HAVE_U_INT64_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[ AC_MSG_RESULT(no) ]
|
|
)
|
|
fi
|
|
|
|
if test -z "$have_u_intxx_t" ; then
|
|
AC_CACHE_CHECK([for uintXX_t types], ac_cv_have_uintxx_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
],
|
|
[ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1; ],
|
|
[ ac_cv_have_uintxx_t="yes" ],
|
|
[ ac_cv_have_uintxx_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_UINTXX_T, 1,
|
|
[define if you have uintxx_t data type])
|
|
fi
|
|
fi
|
|
|
|
if test -z "$have_uintxx_t" ; then
|
|
AC_MSG_CHECKING([for uintXX_t types in stdint.h])
|
|
AC_TRY_COMPILE(
|
|
[ #include <stdint.h> ],
|
|
[ uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;],
|
|
[
|
|
AC_DEFINE(HAVE_UINTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[ AC_MSG_RESULT(no) ]
|
|
)
|
|
fi
|
|
|
|
if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
|
|
test "x$ac_cv_header_sys_bitypes_h" = "xyes")
|
|
then
|
|
AC_MSG_CHECKING([for intXX_t and u_intXX_t types in sys/bitypes.h])
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/bitypes.h>
|
|
],
|
|
[
|
|
int8_t a; int16_t b; int32_t c;
|
|
u_int8_t e; u_int16_t f; u_int32_t g;
|
|
a = b = c = e = f = g = 1;
|
|
],
|
|
[
|
|
AC_DEFINE(HAVE_U_INTXX_T)
|
|
AC_DEFINE(HAVE_INTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
fi
|
|
|
|
|
|
AC_CACHE_CHECK([for u_char], ac_cv_have_u_char, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
],
|
|
[ u_char foo; foo = 125; ],
|
|
[ ac_cv_have_u_char="yes" ],
|
|
[ ac_cv_have_u_char="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_u_char" = "xyes" ; then
|
|
AC_DEFINE(HAVE_U_CHAR, 1, [define if you have u_char data type])
|
|
fi
|
|
|
|
TYPE_SOCKLEN_T
|
|
|
|
AC_CHECK_TYPES(sig_atomic_t,,,[#include <signal.h>])
|
|
|
|
AC_CHECK_TYPES(in_addr_t,,,
|
|
[#include <sys/types.h>
|
|
#include <netinet/in.h>])
|
|
|
|
AC_CACHE_CHECK([for size_t], ac_cv_have_size_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
],
|
|
[ size_t foo; foo = 1235; ],
|
|
[ ac_cv_have_size_t="yes" ],
|
|
[ ac_cv_have_size_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_size_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_SIZE_T, 1, [define if you have size_t data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for ssize_t], ac_cv_have_ssize_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
],
|
|
[ ssize_t foo; foo = 1235; ],
|
|
[ ac_cv_have_ssize_t="yes" ],
|
|
[ ac_cv_have_ssize_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_ssize_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_SSIZE_T, 1, [define if you have ssize_t data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for clock_t], ac_cv_have_clock_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <time.h>
|
|
],
|
|
[ clock_t foo; foo = 1235; ],
|
|
[ ac_cv_have_clock_t="yes" ],
|
|
[ ac_cv_have_clock_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_clock_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_CLOCK_T, 1, [define if you have clock_t data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for sa_family_t], ac_cv_have_sa_family_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
],
|
|
[ sa_family_t foo; foo = 1235; ],
|
|
[ ac_cv_have_sa_family_t="yes" ],
|
|
[ AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <netinet/in.h>
|
|
],
|
|
[ sa_family_t foo; foo = 1235; ],
|
|
[ ac_cv_have_sa_family_t="yes" ],
|
|
|
|
[ ac_cv_have_sa_family_t="no" ]
|
|
)]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_SA_FAMILY_T, 1,
|
|
[define if you have sa_family_t data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for pid_t], ac_cv_have_pid_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
],
|
|
[ pid_t foo; foo = 1235; ],
|
|
[ ac_cv_have_pid_t="yes" ],
|
|
[ ac_cv_have_pid_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_pid_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_PID_T, 1, [define if you have pid_t data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for mode_t], ac_cv_have_mode_t, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
],
|
|
[ mode_t foo; foo = 1235; ],
|
|
[ ac_cv_have_mode_t="yes" ],
|
|
[ ac_cv_have_mode_t="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_mode_t" = "xyes" ; then
|
|
AC_DEFINE(HAVE_MODE_T, 1, [define if you have mode_t data type])
|
|
fi
|
|
|
|
|
|
AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
],
|
|
[ struct sockaddr_storage s; ],
|
|
[ ac_cv_have_struct_sockaddr_storage="yes" ],
|
|
[ ac_cv_have_struct_sockaddr_storage="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
|
|
AC_DEFINE(HAVE_STRUCT_SOCKADDR_STORAGE, 1,
|
|
[define if you have struct sockaddr_storage data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <netinet/in.h>
|
|
],
|
|
[ struct sockaddr_in6 s; s.sin6_family = 0; ],
|
|
[ ac_cv_have_struct_sockaddr_in6="yes" ],
|
|
[ ac_cv_have_struct_sockaddr_in6="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
|
|
AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6, 1,
|
|
[define if you have struct sockaddr_in6 data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <netinet/in.h>
|
|
],
|
|
[ struct in6_addr s; s.s6_addr[0] = 0; ],
|
|
[ ac_cv_have_struct_in6_addr="yes" ],
|
|
[ ac_cv_have_struct_in6_addr="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
|
|
AC_DEFINE(HAVE_STRUCT_IN6_ADDR, 1,
|
|
[define if you have struct in6_addr data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <netdb.h>
|
|
],
|
|
[ struct addrinfo s; s.ai_flags = AI_PASSIVE; ],
|
|
[ ac_cv_have_struct_addrinfo="yes" ],
|
|
[ ac_cv_have_struct_addrinfo="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
|
|
AC_DEFINE(HAVE_STRUCT_ADDRINFO, 1,
|
|
[define if you have struct addrinfo data type])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for struct timeval], ac_cv_have_struct_timeval, [
|
|
AC_TRY_COMPILE(
|
|
[ #include <sys/time.h> ],
|
|
[ struct timeval tv; tv.tv_sec = 1;],
|
|
[ ac_cv_have_struct_timeval="yes" ],
|
|
[ ac_cv_have_struct_timeval="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
|
|
AC_DEFINE(HAVE_STRUCT_TIMEVAL, 1, [define if you have struct timeval])
|
|
have_struct_timeval=1
|
|
fi
|
|
|
|
AC_CHECK_TYPES(struct timespec)
|
|
|
|
# We need int64_t or else certian parts of the compile will fail.
|
|
if test "x$ac_cv_have_int64_t" = "xno" && \
|
|
test "x$ac_cv_sizeof_long_int" != "x8" && \
|
|
test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
|
|
echo "OpenSSH requires int64_t support. Contact your vendor or install"
|
|
echo "an alternative compiler (I.E., GCC) before continuing."
|
|
echo ""
|
|
exit 1;
|
|
else
|
|
dnl test snprintf (broken on SCO w/gcc)
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#ifdef HAVE_SNPRINTF
|
|
main()
|
|
{
|
|
char buf[50];
|
|
char expected_out[50];
|
|
int mazsize = 50 ;
|
|
#if (SIZEOF_LONG_INT == 8)
|
|
long int num = 0x7fffffffffffffff;
|
|
#else
|
|
long long num = 0x7fffffffffffffffll;
|
|
#endif
|
|
strcpy(expected_out, "9223372036854775807");
|
|
snprintf(buf, mazsize, "%lld", num);
|
|
if(strcmp(buf, expected_out) != 0)
|
|
exit(1);
|
|
exit(0);
|
|
}
|
|
#else
|
|
main() { exit(0); }
|
|
#endif
|
|
]])], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ],
|
|
AC_MSG_WARN([cross compiling: Assuming working snprintf()])
|
|
)
|
|
fi
|
|
|
|
dnl Checks for structure members
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmp.h, HAVE_HOST_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_host, utmpx.h, HAVE_HOST_IN_UTMPX)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(syslen, utmpx.h, HAVE_SYSLEN_IN_UTMPX)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_pid, utmp.h, HAVE_PID_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmp.h, HAVE_TYPE_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_type, utmpx.h, HAVE_TYPE_IN_UTMPX)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmp.h, HAVE_TV_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmp.h, HAVE_ID_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_id, utmpx.h, HAVE_ID_IN_UTMPX)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmp.h, HAVE_ADDR_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_addr, utmpx.h, HAVE_ADDR_IN_UTMPX)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmp.h, HAVE_ADDR_V6_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_addr_v6, utmpx.h, HAVE_ADDR_V6_IN_UTMPX)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_exit, utmp.h, HAVE_EXIT_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmp.h, HAVE_TIME_IN_UTMP)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_time, utmpx.h, HAVE_TIME_IN_UTMPX)
|
|
OSSH_CHECK_HEADER_FOR_FIELD(ut_tv, utmpx.h, HAVE_TV_IN_UTMPX)
|
|
|
|
AC_CHECK_MEMBERS([struct stat.st_blksize])
|
|
AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE(__res_state, state,
|
|
[Define if we don't have struct __res_state in resolv.h])],
|
|
[
|
|
#include <stdio.h>
|
|
#if HAVE_SYS_TYPES_H
|
|
# include <sys/types.h>
|
|
#endif
|
|
#include <netinet/in.h>
|
|
#include <arpa/nameser.h>
|
|
#include <resolv.h>
|
|
])
|
|
|
|
AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
|
|
ac_cv_have_ss_family_in_struct_ss, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
],
|
|
[ struct sockaddr_storage s; s.ss_family = 1; ],
|
|
[ ac_cv_have_ss_family_in_struct_ss="yes" ],
|
|
[ ac_cv_have_ss_family_in_struct_ss="no" ],
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
|
|
AC_DEFINE(HAVE_SS_FAMILY_IN_SS, 1, [Fields in struct sockaddr_storage])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for __ss_family field in struct sockaddr_storage],
|
|
ac_cv_have___ss_family_in_struct_ss, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
],
|
|
[ struct sockaddr_storage s; s.__ss_family = 1; ],
|
|
[ ac_cv_have___ss_family_in_struct_ss="yes" ],
|
|
[ ac_cv_have___ss_family_in_struct_ss="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
|
|
AC_DEFINE(HAVE___SS_FAMILY_IN_SS, 1,
|
|
[Fields in struct sockaddr_storage])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for pw_class field in struct passwd],
|
|
ac_cv_have_pw_class_in_struct_passwd, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <pwd.h>
|
|
],
|
|
[ struct passwd p; p.pw_class = 0; ],
|
|
[ ac_cv_have_pw_class_in_struct_passwd="yes" ],
|
|
[ ac_cv_have_pw_class_in_struct_passwd="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
|
|
AC_DEFINE(HAVE_PW_CLASS_IN_PASSWD, 1,
|
|
[Define if your password has a pw_class field])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for pw_expire field in struct passwd],
|
|
ac_cv_have_pw_expire_in_struct_passwd, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <pwd.h>
|
|
],
|
|
[ struct passwd p; p.pw_expire = 0; ],
|
|
[ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
|
|
[ ac_cv_have_pw_expire_in_struct_passwd="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
|
|
AC_DEFINE(HAVE_PW_EXPIRE_IN_PASSWD, 1,
|
|
[Define if your password has a pw_expire field])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for pw_change field in struct passwd],
|
|
ac_cv_have_pw_change_in_struct_passwd, [
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <pwd.h>
|
|
],
|
|
[ struct passwd p; p.pw_change = 0; ],
|
|
[ ac_cv_have_pw_change_in_struct_passwd="yes" ],
|
|
[ ac_cv_have_pw_change_in_struct_passwd="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
|
|
AC_DEFINE(HAVE_PW_CHANGE_IN_PASSWD, 1,
|
|
[Define if your password has a pw_change field])
|
|
fi
|
|
|
|
dnl make sure we're using the real structure members and not defines
|
|
AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
|
|
ac_cv_have_accrights_in_msghdr, [
|
|
AC_COMPILE_IFELSE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <sys/uio.h>
|
|
int main() {
|
|
#ifdef msg_accrights
|
|
#error "msg_accrights is a macro"
|
|
exit(1);
|
|
#endif
|
|
struct msghdr m;
|
|
m.msg_accrights = 0;
|
|
exit(0);
|
|
}
|
|
],
|
|
[ ac_cv_have_accrights_in_msghdr="yes" ],
|
|
[ ac_cv_have_accrights_in_msghdr="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
|
|
AC_DEFINE(HAVE_ACCRIGHTS_IN_MSGHDR, 1,
|
|
[Define if your system uses access rights style
|
|
file descriptor passing])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([for msg_control field in struct msghdr],
|
|
ac_cv_have_control_in_msghdr, [
|
|
AC_COMPILE_IFELSE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <sys/socket.h>
|
|
#include <sys/uio.h>
|
|
int main() {
|
|
#ifdef msg_control
|
|
#error "msg_control is a macro"
|
|
exit(1);
|
|
#endif
|
|
struct msghdr m;
|
|
m.msg_control = 0;
|
|
exit(0);
|
|
}
|
|
],
|
|
[ ac_cv_have_control_in_msghdr="yes" ],
|
|
[ ac_cv_have_control_in_msghdr="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
|
|
AC_DEFINE(HAVE_CONTROL_IN_MSGHDR, 1,
|
|
[Define if your system uses ancillary data style
|
|
file descriptor passing])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
|
|
AC_TRY_LINK([],
|
|
[ extern char *__progname; printf("%s", __progname); ],
|
|
[ ac_cv_libc_defines___progname="yes" ],
|
|
[ ac_cv_libc_defines___progname="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
|
|
AC_DEFINE(HAVE___PROGNAME, 1, [Define if libc defines __progname])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([whether $CC implements __FUNCTION__], ac_cv_cc_implements___FUNCTION__, [
|
|
AC_TRY_LINK([
|
|
#include <stdio.h>
|
|
],
|
|
[ printf("%s", __FUNCTION__); ],
|
|
[ ac_cv_cc_implements___FUNCTION__="yes" ],
|
|
[ ac_cv_cc_implements___FUNCTION__="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
|
|
AC_DEFINE(HAVE___FUNCTION__, 1,
|
|
[Define if compiler implements __FUNCTION__])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([whether $CC implements __func__], ac_cv_cc_implements___func__, [
|
|
AC_TRY_LINK([
|
|
#include <stdio.h>
|
|
],
|
|
[ printf("%s", __func__); ],
|
|
[ ac_cv_cc_implements___func__="yes" ],
|
|
[ ac_cv_cc_implements___func__="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
|
|
AC_DEFINE(HAVE___func__, 1, [Define if compiler implements __func__])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
|
|
AC_TRY_LINK(
|
|
[#include <stdarg.h>
|
|
va_list x,y;],
|
|
[va_copy(x,y);],
|
|
[ ac_cv_have_va_copy="yes" ],
|
|
[ ac_cv_have_va_copy="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_va_copy" = "xyes" ; then
|
|
AC_DEFINE(HAVE_VA_COPY, 1, [Define if va_copy exists])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([whether __va_copy exists], ac_cv_have___va_copy, [
|
|
AC_TRY_LINK(
|
|
[#include <stdarg.h>
|
|
va_list x,y;],
|
|
[__va_copy(x,y);],
|
|
[ ac_cv_have___va_copy="yes" ],
|
|
[ ac_cv_have___va_copy="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have___va_copy" = "xyes" ; then
|
|
AC_DEFINE(HAVE___VA_COPY, 1, [Define if __va_copy exists])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([whether getopt has optreset support],
|
|
ac_cv_have_getopt_optreset, [
|
|
AC_TRY_LINK(
|
|
[
|
|
#include <getopt.h>
|
|
],
|
|
[ extern int optreset; optreset = 0; ],
|
|
[ ac_cv_have_getopt_optreset="yes" ],
|
|
[ ac_cv_have_getopt_optreset="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
|
|
AC_DEFINE(HAVE_GETOPT_OPTRESET, 1,
|
|
[Define if your getopt(3) defines and uses optreset])
|
|
fi
|
|
|
|
AC_CACHE_CHECK([if libc defines sys_errlist], ac_cv_libc_defines_sys_errlist, [
|
|
AC_TRY_LINK([],
|
|
[ extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);],
|
|
[ ac_cv_libc_defines_sys_errlist="yes" ],
|
|
[ ac_cv_libc_defines_sys_errlist="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
|
|
AC_DEFINE(HAVE_SYS_ERRLIST, 1,
|
|
[Define if your system defines sys_errlist[]])
|
|
fi
|
|
|
|
|
|
AC_CACHE_CHECK([if libc defines sys_nerr], ac_cv_libc_defines_sys_nerr, [
|
|
AC_TRY_LINK([],
|
|
[ extern int sys_nerr; printf("%i", sys_nerr);],
|
|
[ ac_cv_libc_defines_sys_nerr="yes" ],
|
|
[ ac_cv_libc_defines_sys_nerr="no" ]
|
|
)
|
|
])
|
|
if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
|
|
AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
|
|
fi
|
|
|
|
SCARD_MSG="no"
|
|
# Check whether user wants sectok support
|
|
AC_ARG_WITH(sectok,
|
|
[ --with-sectok Enable smartcard support using libsectok],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
if test "x$withval" != "xyes" ; then
|
|
CPPFLAGS="$CPPFLAGS -I${withval}"
|
|
LDFLAGS="$LDFLAGS -L${withval}"
|
|
if test ! -z "$need_dash_r" ; then
|
|
LDFLAGS="$LDFLAGS -R${withval}"
|
|
fi
|
|
if test ! -z "$blibpath" ; then
|
|
blibpath="$blibpath:${withval}"
|
|
fi
|
|
fi
|
|
AC_CHECK_HEADERS(sectok.h)
|
|
if test "$ac_cv_header_sectok_h" != yes; then
|
|
AC_MSG_ERROR(Can't find sectok.h)
|
|
fi
|
|
AC_CHECK_LIB(sectok, sectok_open)
|
|
if test "$ac_cv_lib_sectok_sectok_open" != yes; then
|
|
AC_MSG_ERROR(Can't find libsectok)
|
|
fi
|
|
AC_DEFINE(SMARTCARD, 1,
|
|
[Define if you want smartcard support])
|
|
AC_DEFINE(USE_SECTOK, 1,
|
|
[Define if you want smartcard support
|
|
using sectok])
|
|
SCARD_MSG="yes, using sectok"
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Check whether user wants OpenSC support
|
|
OPENSC_CONFIG="no"
|
|
AC_ARG_WITH(opensc,
|
|
[ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
if test "x$withval" != "xyes" ; then
|
|
OPENSC_CONFIG=$withval/bin/opensc-config
|
|
else
|
|
AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
|
|
fi
|
|
if test "$OPENSC_CONFIG" != "no"; then
|
|
LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
|
|
LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
|
|
CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
|
|
LDFLAGS="$LDFLAGS $LIBOPENSC_LIBS"
|
|
AC_DEFINE(SMARTCARD)
|
|
AC_DEFINE(USE_OPENSC, 1,
|
|
[Define if you want smartcard support
|
|
using OpenSC])
|
|
SCARD_MSG="yes, using OpenSC"
|
|
fi
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Check libraries needed by DNS fingerprint support
|
|
AC_SEARCH_LIBS(getrrsetbyname, resolv,
|
|
[AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
|
|
[Define if getrrsetbyname() exists])],
|
|
[
|
|
# Needed by our getrrsetbyname()
|
|
AC_SEARCH_LIBS(res_query, resolv)
|
|
AC_SEARCH_LIBS(dn_expand, resolv)
|
|
AC_MSG_CHECKING(if res_query will link)
|
|
AC_TRY_LINK_FUNC(res_query, AC_MSG_RESULT(yes),
|
|
[AC_MSG_RESULT(no)
|
|
saved_LIBS="$LIBS"
|
|
LIBS="$LIBS -lresolv"
|
|
AC_MSG_CHECKING(for res_query in -lresolv)
|
|
AC_LINK_IFELSE([
|
|
#include <resolv.h>
|
|
int main()
|
|
{
|
|
res_query (0, 0, 0, 0, 0);
|
|
return 0;
|
|
}
|
|
],
|
|
[LIBS="$LIBS -lresolv"
|
|
AC_MSG_RESULT(yes)],
|
|
[LIBS="$saved_LIBS"
|
|
AC_MSG_RESULT(no)])
|
|
])
|
|
AC_CHECK_FUNCS(_getshort _getlong)
|
|
AC_CHECK_DECLS([_getshort, _getlong], , ,
|
|
[#include <sys/types.h>
|
|
#include <arpa/nameser.h>])
|
|
AC_CHECK_MEMBER(HEADER.ad,
|
|
[AC_DEFINE(HAVE_HEADER_AD, 1,
|
|
[Define if HEADER.ad exists in arpa/nameser.h])],,
|
|
[#include <arpa/nameser.h>])
|
|
])
|
|
|
|
# Check whether user wants Kerberos 5 support
|
|
KRB5_MSG="no"
|
|
AC_ARG_WITH(kerberos5,
|
|
[ --with-kerberos5=PATH Enable Kerberos 5 support],
|
|
[ if test "x$withval" != "xno" ; then
|
|
if test "x$withval" = "xyes" ; then
|
|
KRB5ROOT="/usr/local"
|
|
else
|
|
KRB5ROOT=${withval}
|
|
fi
|
|
|
|
AC_DEFINE(KRB5, 1, [Define if you want Kerberos 5 support])
|
|
KRB5_MSG="yes"
|
|
|
|
AC_MSG_CHECKING(for krb5-config)
|
|
if test -x $KRB5ROOT/bin/krb5-config ; then
|
|
KRB5CONF=$KRB5ROOT/bin/krb5-config
|
|
AC_MSG_RESULT($KRB5CONF)
|
|
|
|
AC_MSG_CHECKING(for gssapi support)
|
|
if $KRB5CONF | grep gssapi >/dev/null ; then
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(GSSAPI, 1,
|
|
[Define this if you want GSSAPI
|
|
support in the version 2 protocol])
|
|
k5confopts=gssapi
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
k5confopts=""
|
|
fi
|
|
K5CFLAGS="`$KRB5CONF --cflags $k5confopts`"
|
|
K5LIBS="`$KRB5CONF --libs $k5confopts`"
|
|
CPPFLAGS="$CPPFLAGS $K5CFLAGS"
|
|
AC_MSG_CHECKING(whether we are using Heimdal)
|
|
AC_TRY_COMPILE([ #include <krb5.h> ],
|
|
[ char *tmp = heimdal_version; ],
|
|
[ AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HEIMDAL, 1,
|
|
[Define this if you are using the
|
|
Heimdal version of Kerberos V5]) ],
|
|
AC_MSG_RESULT(no)
|
|
)
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
|
|
LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
|
|
AC_MSG_CHECKING(whether we are using Heimdal)
|
|
AC_TRY_COMPILE([ #include <krb5.h> ],
|
|
[ char *tmp = heimdal_version; ],
|
|
[ AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HEIMDAL)
|
|
K5LIBS="-lkrb5 -ldes"
|
|
K5LIBS="$K5LIBS -lcom_err -lasn1"
|
|
AC_CHECK_LIB(roken, net_write,
|
|
[K5LIBS="$K5LIBS -lroken"])
|
|
],
|
|
[ AC_MSG_RESULT(no)
|
|
K5LIBS="-lkrb5 -lk5crypto -lcom_err"
|
|
]
|
|
)
|
|
AC_SEARCH_LIBS(dn_expand, resolv)
|
|
|
|
AC_CHECK_LIB(gssapi,gss_init_sec_context,
|
|
[ AC_DEFINE(GSSAPI)
|
|
K5LIBS="-lgssapi $K5LIBS" ],
|
|
[ AC_CHECK_LIB(gssapi_krb5,gss_init_sec_context,
|
|
[ AC_DEFINE(GSSAPI)
|
|
K5LIBS="-lgssapi_krb5 $K5LIBS" ],
|
|
AC_MSG_WARN([Cannot find any suitable gss-api library - build may fail]),
|
|
$K5LIBS)
|
|
],
|
|
$K5LIBS)
|
|
|
|
AC_CHECK_HEADER(gssapi.h, ,
|
|
[ unset ac_cv_header_gssapi_h
|
|
CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
|
|
AC_CHECK_HEADERS(gssapi.h, ,
|
|
AC_MSG_WARN([Cannot find any suitable gss-api header - build may fail])
|
|
)
|
|
]
|
|
)
|
|
|
|
oldCPP="$CPPFLAGS"
|
|
CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
|
|
AC_CHECK_HEADER(gssapi_krb5.h, ,
|
|
[ CPPFLAGS="$oldCPP" ])
|
|
|
|
fi
|
|
if test ! -z "$need_dash_r" ; then
|
|
LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
|
|
fi
|
|
if test ! -z "$blibpath" ; then
|
|
blibpath="$blibpath:${KRB5ROOT}/lib"
|
|
fi
|
|
|
|
AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h)
|
|
AC_CHECK_HEADERS(gssapi_krb5.h gssapi/gssapi_krb5.h)
|
|
AC_CHECK_HEADERS(gssapi_generic.h gssapi/gssapi_generic.h)
|
|
|
|
LIBS="$LIBS $K5LIBS"
|
|
AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS, 1,
|
|
[Define this if you want to use libkafs' AFS support]))
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Looking for programs, paths and files
|
|
|
|
PRIVSEP_PATH=/var/empty
|
|
AC_ARG_WITH(privsep-path,
|
|
[ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
PRIVSEP_PATH=$withval
|
|
fi
|
|
]
|
|
)
|
|
AC_SUBST(PRIVSEP_PATH)
|
|
|
|
AC_ARG_WITH(xauth,
|
|
[ --with-xauth=PATH Specify path to xauth program ],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
xauth_path=$withval
|
|
fi
|
|
],
|
|
[
|
|
TestPath="$PATH"
|
|
TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
|
|
TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
|
|
TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
|
|
TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
|
|
AC_PATH_PROG(xauth_path, xauth, , $TestPath)
|
|
if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
|
|
xauth_path="/usr/openwin/bin/xauth"
|
|
fi
|
|
]
|
|
)
|
|
|
|
STRIP_OPT=-s
|
|
AC_ARG_ENABLE(strip,
|
|
[ --disable-strip Disable calling strip(1) on install],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
STRIP_OPT=
|
|
fi
|
|
]
|
|
)
|
|
AC_SUBST(STRIP_OPT)
|
|
|
|
if test -z "$xauth_path" ; then
|
|
XAUTH_PATH="undefined"
|
|
AC_SUBST(XAUTH_PATH)
|
|
else
|
|
AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path",
|
|
[Define if xauth is found in your path])
|
|
XAUTH_PATH=$xauth_path
|
|
AC_SUBST(XAUTH_PATH)
|
|
fi
|
|
|
|
# Check for mail directory (last resort if we cannot get it from headers)
|
|
if test ! -z "$MAIL" ; then
|
|
maildir=`dirname $MAIL`
|
|
AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir",
|
|
[Set this to your mail directory if you don't have maillock.h])
|
|
fi
|
|
|
|
if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
|
|
AC_MSG_WARN([cross compiling: Disabling /dev/ptmx test])
|
|
disable_ptmx_check=yes
|
|
fi
|
|
if test -z "$no_dev_ptmx" ; then
|
|
if test "x$disable_ptmx_check" != "xyes" ; then
|
|
AC_CHECK_FILE("/dev/ptmx",
|
|
[
|
|
AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX, 1,
|
|
[Define if you have /dev/ptmx])
|
|
have_dev_ptmx=1
|
|
]
|
|
)
|
|
fi
|
|
fi
|
|
|
|
if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
|
|
AC_CHECK_FILE("/dev/ptc",
|
|
[
|
|
AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC, 1,
|
|
[Define if you have /dev/ptc])
|
|
have_dev_ptc=1
|
|
]
|
|
)
|
|
else
|
|
AC_MSG_WARN([cross compiling: Disabling /dev/ptc test])
|
|
fi
|
|
|
|
# Options from here on. Some of these are preset by platform above
|
|
AC_ARG_WITH(mantype,
|
|
[ --with-mantype=man|cat|doc Set man page type],
|
|
[
|
|
case "$withval" in
|
|
man|cat|doc)
|
|
MANTYPE=$withval
|
|
;;
|
|
*)
|
|
AC_MSG_ERROR(invalid man type: $withval)
|
|
;;
|
|
esac
|
|
]
|
|
)
|
|
if test -z "$MANTYPE"; then
|
|
TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
|
|
AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
|
|
if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
|
|
MANTYPE=doc
|
|
elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
|
|
MANTYPE=man
|
|
else
|
|
MANTYPE=cat
|
|
fi
|
|
fi
|
|
AC_SUBST(MANTYPE)
|
|
if test "$MANTYPE" = "doc"; then
|
|
mansubdir=man;
|
|
else
|
|
mansubdir=$MANTYPE;
|
|
fi
|
|
AC_SUBST(mansubdir)
|
|
|
|
# Check whether to enable MD5 passwords
|
|
MD5_MSG="no"
|
|
AC_ARG_WITH(md5-passwords,
|
|
[ --with-md5-passwords Enable use of MD5 passwords],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
AC_DEFINE(HAVE_MD5_PASSWORDS, 1,
|
|
[Define if you want to allow MD5 passwords])
|
|
MD5_MSG="yes"
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Whether to disable shadow password support
|
|
AC_ARG_WITH(shadow,
|
|
[ --without-shadow Disable shadow password support],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_SHADOW)
|
|
disable_shadow=yes
|
|
fi
|
|
]
|
|
)
|
|
|
|
if test -z "$disable_shadow" ; then
|
|
AC_MSG_CHECKING([if the systems has expire shadow information])
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <sys/types.h>
|
|
#include <shadow.h>
|
|
struct spwd sp;
|
|
],[ sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0; ],
|
|
[ sp_expire_available=yes ], []
|
|
)
|
|
|
|
if test "x$sp_expire_available" = "xyes" ; then
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HAS_SHADOW_EXPIRE, 1,
|
|
[Define if you want to use shadow password expire field])
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
fi
|
|
fi
|
|
|
|
# Use ip address instead of hostname in $DISPLAY
|
|
if test ! -z "$IPADDR_IN_DISPLAY" ; then
|
|
DISPLAY_HACK_MSG="yes"
|
|
AC_DEFINE(IPADDR_IN_DISPLAY, 1,
|
|
[Define if you need to use IP address
|
|
instead of hostname in $DISPLAY])
|
|
else
|
|
DISPLAY_HACK_MSG="no"
|
|
AC_ARG_WITH(ipaddr-display,
|
|
[ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
AC_DEFINE(IPADDR_IN_DISPLAY)
|
|
DISPLAY_HACK_MSG="yes"
|
|
fi
|
|
]
|
|
)
|
|
fi
|
|
|
|
# check for /etc/default/login and use it if present.
|
|
AC_ARG_ENABLE(etc-default-login,
|
|
[ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],
|
|
[ if test "x$enableval" = "xno"; then
|
|
AC_MSG_NOTICE([/etc/default/login handling disabled])
|
|
etc_default_login=no
|
|
else
|
|
etc_default_login=yes
|
|
fi ],
|
|
[ if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
|
|
then
|
|
AC_MSG_WARN([cross compiling: not checking /etc/default/login])
|
|
etc_default_login=no
|
|
else
|
|
etc_default_login=yes
|
|
fi ]
|
|
)
|
|
|
|
if test "x$etc_default_login" != "xno"; then
|
|
AC_CHECK_FILE("/etc/default/login",
|
|
[ external_path_file=/etc/default/login ])
|
|
if test "x$external_path_file" = "x/etc/default/login"; then
|
|
AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN, 1,
|
|
[Define if your system has /etc/default/login])
|
|
fi
|
|
fi
|
|
|
|
dnl BSD systems use /etc/login.conf so --with-default-path= has no effect
|
|
if test $ac_cv_func_login_getcapbool = "yes" && \
|
|
test $ac_cv_header_login_cap_h = "yes" ; then
|
|
external_path_file=/etc/login.conf
|
|
fi
|
|
|
|
# Whether to mess with the default path
|
|
SERVER_PATH_MSG="(default)"
|
|
AC_ARG_WITH(default-path,
|
|
[ --with-default-path= Specify default \$PATH environment for server],
|
|
[
|
|
if test "x$external_path_file" = "x/etc/login.conf" ; then
|
|
AC_MSG_WARN([
|
|
--with-default-path=PATH has no effect on this system.
|
|
Edit /etc/login.conf instead.])
|
|
elif test "x$withval" != "xno" ; then
|
|
if test ! -z "$external_path_file" ; then
|
|
AC_MSG_WARN([
|
|
--with-default-path=PATH will only be used if PATH is not defined in
|
|
$external_path_file .])
|
|
fi
|
|
user_path="$withval"
|
|
SERVER_PATH_MSG="$withval"
|
|
fi
|
|
],
|
|
[ if test "x$external_path_file" = "x/etc/login.conf" ; then
|
|
AC_MSG_WARN([Make sure the path to scp is in /etc/login.conf])
|
|
else
|
|
if test ! -z "$external_path_file" ; then
|
|
AC_MSG_WARN([
|
|
If PATH is defined in $external_path_file, ensure the path to scp is included,
|
|
otherwise scp will not work.])
|
|
fi
|
|
AC_RUN_IFELSE(
|
|
[AC_LANG_SOURCE([[
|
|
/* find out what STDPATH is */
|
|
#include <stdio.h>
|
|
#ifdef HAVE_PATHS_H
|
|
# include <paths.h>
|
|
#endif
|
|
#ifndef _PATH_STDPATH
|
|
# ifdef _PATH_USERPATH /* Irix */
|
|
# define _PATH_STDPATH _PATH_USERPATH
|
|
# else
|
|
# define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
|
|
# endif
|
|
#endif
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
#include <fcntl.h>
|
|
#define DATA "conftest.stdpath"
|
|
|
|
main()
|
|
{
|
|
FILE *fd;
|
|
int rc;
|
|
|
|
fd = fopen(DATA,"w");
|
|
if(fd == NULL)
|
|
exit(1);
|
|
|
|
if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
|
|
exit(1);
|
|
|
|
exit(0);
|
|
}
|
|
]])],
|
|
[ user_path=`cat conftest.stdpath` ],
|
|
[ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ],
|
|
[ user_path="/usr/bin:/bin:/usr/sbin:/sbin" ]
|
|
)
|
|
# make sure $bindir is in USER_PATH so scp will work
|
|
t_bindir=`eval echo ${bindir}`
|
|
case $t_bindir in
|
|
NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
|
|
esac
|
|
case $t_bindir in
|
|
NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
|
|
esac
|
|
echo $user_path | grep ":$t_bindir" > /dev/null 2>&1
|
|
if test $? -ne 0 ; then
|
|
echo $user_path | grep "^$t_bindir" > /dev/null 2>&1
|
|
if test $? -ne 0 ; then
|
|
user_path=$user_path:$t_bindir
|
|
AC_MSG_RESULT(Adding $t_bindir to USER_PATH so scp will work)
|
|
fi
|
|
fi
|
|
fi ]
|
|
)
|
|
if test "x$external_path_file" != "x/etc/login.conf" ; then
|
|
AC_DEFINE_UNQUOTED(USER_PATH, "$user_path", [Specify default $PATH])
|
|
AC_SUBST(user_path)
|
|
fi
|
|
|
|
# Set superuser path separately to user path
|
|
AC_ARG_WITH(superuser-path,
|
|
[ --with-superuser-path= Specify different path for super-user],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
AC_DEFINE_UNQUOTED(SUPERUSER_PATH, "$withval",
|
|
[Define if you want a different $PATH
|
|
for the superuser])
|
|
superuser_path=$withval
|
|
fi
|
|
]
|
|
)
|
|
|
|
|
|
AC_MSG_CHECKING([if we need to convert IPv4 in IPv6-mapped addresses])
|
|
IPV4_IN6_HACK_MSG="no"
|
|
AC_ARG_WITH(4in6,
|
|
[ --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(IPV4_IN_IPV6, 1,
|
|
[Detect IPv4 in IPv6 mapped addresses
|
|
and treat as IPv4])
|
|
IPV4_IN6_HACK_MSG="yes"
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
fi
|
|
],[
|
|
if test "x$inet6_default_4in6" = "xyes"; then
|
|
AC_MSG_RESULT([yes (default)])
|
|
AC_DEFINE(IPV4_IN_IPV6)
|
|
IPV4_IN6_HACK_MSG="yes"
|
|
else
|
|
AC_MSG_RESULT([no (default)])
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Whether to enable BSD auth support
|
|
BSD_AUTH_MSG=no
|
|
AC_ARG_WITH(bsd-auth,
|
|
[ --with-bsd-auth Enable BSD auth support],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
AC_DEFINE(BSD_AUTH, 1,
|
|
[Define if you have BSD auth support])
|
|
BSD_AUTH_MSG=yes
|
|
fi
|
|
]
|
|
)
|
|
|
|
# Where to place sshd.pid
|
|
piddir=/var/run
|
|
# make sure the directory exists
|
|
if test ! -d $piddir ; then
|
|
piddir=`eval echo ${sysconfdir}`
|
|
case $piddir in
|
|
NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
|
|
esac
|
|
fi
|
|
|
|
AC_ARG_WITH(pid-dir,
|
|
[ --with-pid-dir=PATH Specify location of ssh.pid file],
|
|
[
|
|
if test -n "$withval" && test "x$withval" != "xno" && \
|
|
test "x${withval}" != "xyes"; then
|
|
piddir=$withval
|
|
if test ! -d $piddir ; then
|
|
AC_MSG_WARN([** no $piddir directory on this system **])
|
|
fi
|
|
fi
|
|
]
|
|
)
|
|
|
|
AC_DEFINE_UNQUOTED(_PATH_SSH_PIDDIR, "$piddir", [Specify location of ssh.pid])
|
|
AC_SUBST(piddir)
|
|
|
|
dnl allow user to disable some login recording features
|
|
AC_ARG_ENABLE(lastlog,
|
|
[ --disable-lastlog disable use of lastlog even if detected [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_LASTLOG)
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_ENABLE(utmp,
|
|
[ --disable-utmp disable use of utmp even if detected [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_UTMP)
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_ENABLE(utmpx,
|
|
[ --disable-utmpx disable use of utmpx even if detected [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_UTMPX, 1,
|
|
[Define if you don't want to use utmpx])
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_ENABLE(wtmp,
|
|
[ --disable-wtmp disable use of wtmp even if detected [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_WTMP)
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_ENABLE(wtmpx,
|
|
[ --disable-wtmpx disable use of wtmpx even if detected [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_WTMPX, 1,
|
|
[Define if you don't want to use wtmpx])
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_ENABLE(libutil,
|
|
[ --disable-libutil disable use of libutil (login() etc.) [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_LOGIN)
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_ENABLE(pututline,
|
|
[ --disable-pututline disable use of pututline() etc. ([uw]tmp) [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_PUTUTLINE, 1,
|
|
[Define if you don't want to use pututline()
|
|
etc. to write [uw]tmp])
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_ENABLE(pututxline,
|
|
[ --disable-pututxline disable use of pututxline() etc. ([uw]tmpx) [no]],
|
|
[
|
|
if test "x$enableval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_PUTUTXLINE, 1,
|
|
[Define if you don't want to use pututxline()
|
|
etc. to write [uw]tmpx])
|
|
fi
|
|
]
|
|
)
|
|
AC_ARG_WITH(lastlog,
|
|
[ --with-lastlog=FILE|DIR specify lastlog location [common locations]],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_LASTLOG)
|
|
elif test -n "$withval" && test "x${withval}" != "xyes"; then
|
|
conf_lastlog_location=$withval
|
|
fi
|
|
]
|
|
)
|
|
|
|
dnl lastlog, [uw]tmpx? detection
|
|
dnl NOTE: set the paths in the platform section to avoid the
|
|
dnl need for command-line parameters
|
|
dnl lastlog and [uw]tmp are subject to a file search if all else fails
|
|
|
|
dnl lastlog detection
|
|
dnl NOTE: the code itself will detect if lastlog is a directory
|
|
AC_MSG_CHECKING([if your system defines LASTLOG_FILE])
|
|
AC_TRY_COMPILE([
|
|
#include <sys/types.h>
|
|
#include <utmp.h>
|
|
#ifdef HAVE_LASTLOG_H
|
|
# include <lastlog.h>
|
|
#endif
|
|
#ifdef HAVE_PATHS_H
|
|
# include <paths.h>
|
|
#endif
|
|
#ifdef HAVE_LOGIN_H
|
|
# include <login.h>
|
|
#endif
|
|
],
|
|
[ char *lastlog = LASTLOG_FILE; ],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
AC_MSG_CHECKING([if your system defines _PATH_LASTLOG])
|
|
AC_TRY_COMPILE([
|
|
#include <sys/types.h>
|
|
#include <utmp.h>
|
|
#ifdef HAVE_LASTLOG_H
|
|
# include <lastlog.h>
|
|
#endif
|
|
#ifdef HAVE_PATHS_H
|
|
# include <paths.h>
|
|
#endif
|
|
],
|
|
[ char *lastlog = _PATH_LASTLOG; ],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
system_lastlog_path=no
|
|
])
|
|
]
|
|
)
|
|
|
|
if test -z "$conf_lastlog_location"; then
|
|
if test x"$system_lastlog_path" = x"no" ; then
|
|
for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
|
|
if (test -d "$f" || test -f "$f") ; then
|
|
conf_lastlog_location=$f
|
|
fi
|
|
done
|
|
if test -z "$conf_lastlog_location"; then
|
|
AC_MSG_WARN([** Cannot find lastlog **])
|
|
dnl Don't define DISABLE_LASTLOG - that means we don't try wtmp/wtmpx
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if test -n "$conf_lastlog_location"; then
|
|
AC_DEFINE_UNQUOTED(CONF_LASTLOG_FILE, "$conf_lastlog_location",
|
|
[Define if you want to specify the path to your lastlog file])
|
|
fi
|
|
|
|
dnl utmp detection
|
|
AC_MSG_CHECKING([if your system defines UTMP_FILE])
|
|
AC_TRY_COMPILE([
|
|
#include <sys/types.h>
|
|
#include <utmp.h>
|
|
#ifdef HAVE_PATHS_H
|
|
# include <paths.h>
|
|
#endif
|
|
],
|
|
[ char *utmp = UTMP_FILE; ],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[ AC_MSG_RESULT(no)
|
|
system_utmp_path=no ]
|
|
)
|
|
if test -z "$conf_utmp_location"; then
|
|
if test x"$system_utmp_path" = x"no" ; then
|
|
for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
|
|
if test -f $f ; then
|
|
conf_utmp_location=$f
|
|
fi
|
|
done
|
|
if test -z "$conf_utmp_location"; then
|
|
AC_DEFINE(DISABLE_UTMP)
|
|
fi
|
|
fi
|
|
fi
|
|
if test -n "$conf_utmp_location"; then
|
|
AC_DEFINE_UNQUOTED(CONF_UTMP_FILE, "$conf_utmp_location",
|
|
[Define if you want to specify the path to your utmp file])
|
|
fi
|
|
|
|
dnl wtmp detection
|
|
AC_MSG_CHECKING([if your system defines WTMP_FILE])
|
|
AC_TRY_COMPILE([
|
|
#include <sys/types.h>
|
|
#include <utmp.h>
|
|
#ifdef HAVE_PATHS_H
|
|
# include <paths.h>
|
|
#endif
|
|
],
|
|
[ char *wtmp = WTMP_FILE; ],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[ AC_MSG_RESULT(no)
|
|
system_wtmp_path=no ]
|
|
)
|
|
if test -z "$conf_wtmp_location"; then
|
|
if test x"$system_wtmp_path" = x"no" ; then
|
|
for f in /usr/adm/wtmp /var/log/wtmp; do
|
|
if test -f $f ; then
|
|
conf_wtmp_location=$f
|
|
fi
|
|
done
|
|
if test -z "$conf_wtmp_location"; then
|
|
AC_DEFINE(DISABLE_WTMP)
|
|
fi
|
|
fi
|
|
fi
|
|
if test -n "$conf_wtmp_location"; then
|
|
AC_DEFINE_UNQUOTED(CONF_WTMP_FILE, "$conf_wtmp_location",
|
|
[Define if you want to specify the path to your wtmp file])
|
|
fi
|
|
|
|
|
|
dnl utmpx detection - I don't know any system so perverse as to require
|
|
dnl utmpx, but not define UTMPX_FILE (ditto wtmpx.) No doubt it's out
|
|
dnl there, though.
|
|
AC_MSG_CHECKING([if your system defines UTMPX_FILE])
|
|
AC_TRY_COMPILE([
|
|
#include <sys/types.h>
|
|
#include <utmp.h>
|
|
#ifdef HAVE_UTMPX_H
|
|
#include <utmpx.h>
|
|
#endif
|
|
#ifdef HAVE_PATHS_H
|
|
# include <paths.h>
|
|
#endif
|
|
],
|
|
[ char *utmpx = UTMPX_FILE; ],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[ AC_MSG_RESULT(no)
|
|
system_utmpx_path=no ]
|
|
)
|
|
if test -z "$conf_utmpx_location"; then
|
|
if test x"$system_utmpx_path" = x"no" ; then
|
|
AC_DEFINE(DISABLE_UTMPX)
|
|
fi
|
|
else
|
|
AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location",
|
|
[Define if you want to specify the path to your utmpx file])
|
|
fi
|
|
|
|
dnl wtmpx detection
|
|
AC_MSG_CHECKING([if your system defines WTMPX_FILE])
|
|
AC_TRY_COMPILE([
|
|
#include <sys/types.h>
|
|
#include <utmp.h>
|
|
#ifdef HAVE_UTMPX_H
|
|
#include <utmpx.h>
|
|
#endif
|
|
#ifdef HAVE_PATHS_H
|
|
# include <paths.h>
|
|
#endif
|
|
],
|
|
[ char *wtmpx = WTMPX_FILE; ],
|
|
[ AC_MSG_RESULT(yes) ],
|
|
[ AC_MSG_RESULT(no)
|
|
system_wtmpx_path=no ]
|
|
)
|
|
if test -z "$conf_wtmpx_location"; then
|
|
if test x"$system_wtmpx_path" = x"no" ; then
|
|
AC_DEFINE(DISABLE_WTMPX)
|
|
fi
|
|
else
|
|
AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location",
|
|
[Define if you want to specify the path to your wtmpx file])
|
|
fi
|
|
|
|
|
|
if test ! -z "$blibpath" ; then
|
|
LDFLAGS="$LDFLAGS $blibflags$blibpath"
|
|
AC_MSG_WARN([Please check and edit blibpath in LDFLAGS in Makefile])
|
|
fi
|
|
|
|
dnl remove pam and dl because they are in $LIBPAM
|
|
if test "$PAM_MSG" = yes ; then
|
|
LIBS=`echo $LIBS | sed 's/-lpam //'`
|
|
fi
|
|
if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
|
|
LIBS=`echo $LIBS | sed 's/-ldl //'`
|
|
fi
|
|
|
|
dnl Adding -Werror to CFLAGS early prevents configure tests from running.
|
|
dnl Add now.
|
|
CFLAGS="$CFLAGS $werror_flags"
|
|
|
|
AC_EXEEXT
|
|
AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
|
|
scard/Makefile ssh_prng_cmds survey.sh])
|
|
AC_OUTPUT
|
|
|
|
# Print summary of options
|
|
|
|
# Someone please show me a better way :)
|
|
A=`eval echo ${prefix}` ; A=`eval echo ${A}`
|
|
B=`eval echo ${bindir}` ; B=`eval echo ${B}`
|
|
C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
|
|
D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
|
|
E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
|
|
F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
|
|
G=`eval echo ${piddir}` ; G=`eval echo ${G}`
|
|
H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
|
|
I=`eval echo ${user_path}` ; I=`eval echo ${I}`
|
|
J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
|
|
|
|
echo ""
|
|
echo "OpenSSH has been configured with the following options:"
|
|
echo " User binaries: $B"
|
|
echo " System binaries: $C"
|
|
echo " Configuration files: $D"
|
|
echo " Askpass program: $E"
|
|
echo " Manual pages: $F"
|
|
echo " PID file: $G"
|
|
echo " Privilege separation chroot path: $H"
|
|
if test "x$external_path_file" = "x/etc/login.conf" ; then
|
|
echo " At runtime, sshd will use the path defined in $external_path_file"
|
|
echo " Make sure the path to scp is present, otherwise scp will not work"
|
|
else
|
|
echo " sshd default user PATH: $I"
|
|
if test ! -z "$external_path_file"; then
|
|
echo " (If PATH is set in $external_path_file it will be used instead. If"
|
|
echo " used, ensure the path to scp is present, otherwise scp will not work.)"
|
|
fi
|
|
fi
|
|
if test ! -z "$superuser_path" ; then
|
|
echo " sshd superuser user PATH: $J"
|
|
fi
|
|
echo " Manpage format: $MANTYPE"
|
|
echo " PAM support: $PAM_MSG"
|
|
echo " KerberosV support: $KRB5_MSG"
|
|
echo " Smartcard support: $SCARD_MSG"
|
|
echo " S/KEY support: $SKEY_MSG"
|
|
echo " TCP Wrappers support: $TCPW_MSG"
|
|
echo " MD5 password support: $MD5_MSG"
|
|
echo " libedit support: $LIBEDIT_MSG"
|
|
echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
|
|
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
|
|
echo " BSD Auth support: $BSD_AUTH_MSG"
|
|
echo " Random number source: $RAND_MSG"
|
|
if test ! -z "$USE_RAND_HELPER" ; then
|
|
echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
|
|
fi
|
|
|
|
echo ""
|
|
|
|
echo " Host: ${host}"
|
|
echo " Compiler: ${CC}"
|
|
echo " Compiler flags: ${CFLAGS}"
|
|
echo "Preprocessor flags: ${CPPFLAGS}"
|
|
echo " Linker flags: ${LDFLAGS}"
|
|
echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
|
|
|
|
echo ""
|
|
|
|
if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
|
|
echo "SVR4 style packages are supported with \"make package\""
|
|
echo ""
|
|
fi
|
|
|
|
if test "x$PAM_MSG" = "xyes" ; then
|
|
echo "PAM is enabled. You may need to install a PAM control file "
|
|
echo "for sshd, otherwise password authentication may fail. "
|
|
echo "Example PAM control files can be found in the contrib/ "
|
|
echo "subdirectory"
|
|
echo ""
|
|
fi
|
|
|
|
if test ! -z "$RAND_HELPER_CMDHASH" ; then
|
|
echo "WARNING: you are using the builtin random number collection "
|
|
echo "service. Please read WARNING.RNG and request that your OS "
|
|
echo "vendor includes kernel-based random number collection in "
|
|
echo "future versions of your OS."
|
|
echo ""
|
|
fi
|
|
|
|
if test ! -z "$NO_PEERCHECK" ; then
|
|
echo "WARNING: the operating system that you are using does not "
|
|
echo "appear to support either the getpeereid() API nor the "
|
|
echo "SO_PEERCRED getsockopt() option. These facilities are used to "
|
|
echo "enforce security checks to prevent unauthorised connections to "
|
|
echo "ssh-agent. Their absence increases the risk that a malicious "
|
|
echo "user can connect to your agent. "
|
|
echo ""
|
|
fi
|
|
|
|
if test "$AUDIT_MODULE" = "bsm" ; then
|
|
echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
|
|
echo "See the Solaris section in README.platform for details."
|
|
fi
|