mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-28 21:22:07 +00:00
32b3cf2c96
- Enabled utmpx support by default for Solaris - Cleanup sshd.c PAM a little more 19991225 - Merged fixes from Ben Taylor <bent@clark.net> - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> - Disabled logging of PAM password authentication failures when password is empty. (e.g start of authentication loop). Reported by Naz <96na@eng.cam.ac.uk>)
406 lines
9.4 KiB
Plaintext
406 lines
9.4 KiB
Plaintext
AC_INIT(ssh.c)
|
|
|
|
AC_CONFIG_HEADER(config.h)
|
|
AC_CANONICAL_HOST
|
|
|
|
dnl Checks for programs.
|
|
AC_PROG_CC
|
|
AC_PROG_CPP
|
|
AC_PROG_RANLIB
|
|
AC_PROG_INSTALL
|
|
AC_CHECK_PROG(AR, ar, ar)
|
|
AC_PATH_PROG(xauth_path, xauth)
|
|
|
|
dnl Use ip address instead of hostname in $DISPLAY
|
|
AC_ARG_WITH(rsh,
|
|
[ --with-rsh=PATH Specify path to remote shell program ],
|
|
[
|
|
AC_DEFINE_UNQUOTED(RSH_PATH, "$withval")
|
|
],
|
|
[
|
|
AC_PATH_PROG(rsh_path, rsh)
|
|
]
|
|
)
|
|
|
|
if test ! -z "$xauth_path" ; then
|
|
AC_DEFINE_UNQUOTED(XAUTH_PATH, "$xauth_path")
|
|
fi
|
|
if test ! -z "$rsh_path" ; then
|
|
AC_DEFINE_UNQUOTED(RSH_PATH, "$rsh_path")
|
|
fi
|
|
|
|
dnl Checks for compiler characteristics
|
|
if test "$GCC" = "yes"; then CFLAGS="$CFLAGS -Wall"; fi
|
|
|
|
AC_C_INLINE
|
|
|
|
dnl Check for some target-specific stuff
|
|
case "$host" in
|
|
*-*-hpux10*)
|
|
if test -z "$GCC"; then
|
|
CFLAGS="$CFLAGS -Aa"
|
|
fi
|
|
CFLAGS="$CFLAGS -D_HPUX_SOURCE"
|
|
AC_DEFINE(IPADDR_IN_DISPLAY)
|
|
AC_DEFINE(USE_UTMPX)
|
|
AC_MSG_CHECKING(for HPUX trusted system password database)
|
|
if test -f /tcb/files/auth/system/default; then
|
|
AC_MSG_RESULT(yes)
|
|
AC_DEFINE(HAVE_HPUX_TRUSTED_SYSTEM_PW)
|
|
LIBS="$LIBS -lsec"
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
AC_DEFINE(DISABLE_SHADOW)
|
|
fi
|
|
;;
|
|
*-*-solaris*)
|
|
AC_DEFINE(USE_UTMPX)
|
|
;;
|
|
esac
|
|
|
|
dnl Check for OpenSSL/SSLeay directories.
|
|
AC_MSG_CHECKING([for OpenSSL/SSLeay directory])
|
|
for ssldir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local $prefix /usr/pkg ; do
|
|
if test -f "$ssldir/include/openssl/crypto.h"; then
|
|
AC_DEFINE(HAVE_OPENSSL)
|
|
GOT_SSL="yes"
|
|
break
|
|
fi
|
|
if test -f "$ssldir/include/ssl/crypto.h"; then
|
|
AC_DEFINE(HAVE_SSL)
|
|
GOT_SSL="yes"
|
|
break
|
|
fi
|
|
done
|
|
if test -z "$GOT_SSL" ; then
|
|
AC_MSG_ERROR([Could not find SSLeay / OpenSSL libraries, please install])
|
|
fi
|
|
AC_SUBST(ssldir)
|
|
AC_DEFINE_UNQUOTED(ssldir, "$ssldir")
|
|
if test "$ssldir" != "/usr"; then
|
|
CFLAGS="$CFLAGS -I$ssldir/include"
|
|
LDFLAGS="$LDFLAGS -L$ssldir/lib"
|
|
fi
|
|
LIBS="$LIBS -lssl -lcrypto"
|
|
AC_MSG_RESULT($ssldir)
|
|
|
|
dnl Check for RSAref library.
|
|
AC_MSG_CHECKING([for RSAref library])
|
|
saved_LIBS="$LIBS"
|
|
LIBS="$saved_LIBS -lRSAglue -lrsaref"
|
|
AC_TRY_LINK([], [],
|
|
[AC_MSG_RESULT(yes); ],
|
|
[AC_MSG_RESULT(no)]; LIBS="$saved_LIBS")
|
|
|
|
dnl Checks for libraries.
|
|
AC_CHECK_LIB(crypto, CRYPTO_lock, ,AC_MSG_ERROR([*** libcrypto missing - please install first ***]))
|
|
AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
|
|
AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")
|
|
AC_CHECK_LIB(nsl, yp_match, , )
|
|
AC_CHECK_LIB(socket, main, , )
|
|
|
|
dnl Use ip address instead of hostname in $DISPLAY
|
|
AC_ARG_WITH(pam,
|
|
[ --without-pam Disable PAM support ],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
no_pam=1
|
|
fi
|
|
]
|
|
)
|
|
if test -z "$no_pam" ; then
|
|
AC_CHECK_LIB(dl, dlopen, , )
|
|
AC_CHECK_LIB(pam, pam_authenticate, , )
|
|
fi
|
|
|
|
dnl Checks for header files.
|
|
AC_CHECK_HEADERS(endian.h lastlog.h login.h maillock.h netgroup.h paths.h poll.h pty.h shadow.h util.h utmp.h utmpx.h sys/bsdtty.h sys/poll.h sys/select.h sys/stropts.h sys/time.h sys/ttcompat.h)
|
|
|
|
dnl Checks for library functions.
|
|
AC_CHECK_FUNCS(arc4random updwtmpx mkdtemp openpty _getpty innetgr setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy vsnprintf)
|
|
|
|
AC_CHECK_FUNC(login,
|
|
[AC_DEFINE(HAVE_LOGIN)],
|
|
[AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_LOGIN)])]
|
|
)
|
|
|
|
AC_CHECK_FUNC(daemon,
|
|
[AC_DEFINE(HAVE_DAEMON)],
|
|
[AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
|
|
)
|
|
|
|
dnl Checks for data types
|
|
AC_CHECK_SIZEOF(short int, 2)
|
|
AC_CHECK_SIZEOF(int, 4)
|
|
AC_CHECK_SIZEOF(long int, 4)
|
|
AC_CHECK_SIZEOF(long long int, 8)
|
|
|
|
dnl More checks for data types
|
|
AC_MSG_CHECKING([for quad_t])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[quad_t a; a = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_QUAD_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
AC_MSG_CHECKING([for intXX_t types])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[int16_t a; int32_t b; a = 1235; b = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_INTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
AC_MSG_CHECKING([for u_intXX_t types])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[u_int16_t c; u_int32_t d; c = 1235; d = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_U_INTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
AC_MSG_CHECKING([For uintXX_t types])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[uint16_t c; uint32_t d; c = 1235; d = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_UINTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
dnl Check PAM strerror arguments
|
|
AC_MSG_CHECKING([whether pam_strerror takes only one argument])
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <stdlib.h>
|
|
#include <security/pam_appl.h>
|
|
],
|
|
[(void)pam_strerror((pam_handle_t *)NULL, -1);],
|
|
[AC_MSG_RESULT(no)],
|
|
[
|
|
AC_DEFINE(HAVE_OLD_PAM)
|
|
AC_MSG_RESULT(yes)
|
|
]
|
|
)
|
|
|
|
AC_MSG_CHECKING([whether to build GNOME ssh-askpass])
|
|
dnl Check whether user wants GNOME ssh-askpass
|
|
AC_ARG_WITH(gnome-askpass,
|
|
[ --with-gnome-askpass Build the GNOME passphrase requester (default=no)],
|
|
[
|
|
if test x$withval = xno ; then
|
|
GNOME_ASKPASS="";
|
|
else
|
|
GNOME_ASKPASS="gnome-ssh-askpass";
|
|
fi
|
|
])
|
|
AC_SUBST(GNOME_ASKPASS)
|
|
|
|
if test -z "$GNOME_ASKPASS" ; then
|
|
AC_MSG_RESULT(no)
|
|
else
|
|
AC_MSG_RESULT(yes)
|
|
fi
|
|
|
|
dnl Check for user-specified random device
|
|
AC_ARG_WITH(random,
|
|
[ --with-random=FILE read randomness from FILE (default=/dev/urandom)],
|
|
[
|
|
RANDOM_POOL="$withval";
|
|
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
|
|
],
|
|
[
|
|
dnl Check for random device
|
|
AC_CHECK_FILE("/dev/urandom",
|
|
[
|
|
RANDOM_POOL="/dev/urandom";
|
|
AC_SUBST(RANDOM_POOL)
|
|
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
|
|
]
|
|
)
|
|
]
|
|
)
|
|
|
|
dnl Check for EGD pool file
|
|
AC_ARG_WITH(egd-pool,
|
|
[ --with-egd-pool=FILE read randomness from EGD pool FILE (default none)],
|
|
[
|
|
RANDOM_POOL="$withval";
|
|
AC_DEFINE(HAVE_EGD)
|
|
AC_SUBST(RANDOM_POOL)
|
|
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
|
|
]
|
|
)
|
|
|
|
dnl Make sure we have random number support
|
|
if test -z "$RANDOM_POOL" -a -z "$EGD_POOL"; then
|
|
AC_MSG_ERROR([No random device found, and no EGD random pool specified])
|
|
fi
|
|
|
|
AC_MSG_CHECKING([whether utmp.h has ut_host field])
|
|
AC_EGREP_HEADER(ut_host, utmp.h,
|
|
[AC_DEFINE(HAVE_HOST_IN_UTMP) AC_MSG_RESULT(yes); ],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
AC_MSG_CHECKING([whether utmpx.h has ut_host field])
|
|
AC_EGREP_HEADER(ut_host, utmpx.h,
|
|
[AC_DEFINE(HAVE_HOST_IN_UTMPX) AC_MSG_RESULT(yes); ],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
AC_MSG_CHECKING([whether utmpx.h has syslen field])
|
|
AC_EGREP_HEADER(syslen, utmpx.h,
|
|
[AC_DEFINE(HAVE_SYSLEN_IN_UTMPX) AC_MSG_RESULT(yes); ],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
dnl Look for lastlog location
|
|
AC_ARG_WITH(lastlog,
|
|
[ --with-lastlog Location of lastlog file],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_LASTLOG)
|
|
else
|
|
AC_DEFINE_UNQUOTED(LASTLOG_LOCATION, "$withval")
|
|
fi
|
|
],
|
|
[
|
|
AC_MSG_CHECKING([location of lastlog file])
|
|
for lastlog in /var/log/lastlog /var/adm/lastlog /etc/security/lastlog ; do
|
|
if test -f $lastlog ; then
|
|
gotlastlog="file"
|
|
break
|
|
fi
|
|
if test -d $lastlog ; then
|
|
gotlastlog="dir"
|
|
break
|
|
fi
|
|
done
|
|
if test -z "$gotlastlog" ; then
|
|
AC_MSG_WARN([*** Cannot find lastlog ***])
|
|
nolastlog=1
|
|
else
|
|
if test "x$gotlastlog" = "xdir" ; then
|
|
AC_DEFINE(LASTLOG_IS_DIR)
|
|
AC_MSG_WARN([*** Directory-based lastlogs are not yet supported ***])
|
|
nolastlog=1
|
|
fi
|
|
AC_MSG_RESULT($lastlog)
|
|
AC_DEFINE_UNQUOTED(LASTLOG_LOCATION, "$lastlog")
|
|
fi
|
|
]
|
|
)
|
|
|
|
if test ! -z "$nolastlog" ; then
|
|
AC_MSG_WARN([*** Disabling lastlog support *** ])
|
|
AC_DEFINE(DISABLE_LASTLOG)
|
|
fi
|
|
|
|
AC_CHECK_FILE("/dev/ptmx", AC_DEFINE_UNQUOTED(HAVE_DEV_PTMX))
|
|
AC_CHECK_FILE("/dev/ptc", AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC))
|
|
|
|
AC_MSG_CHECKING([whether libc defines __progname])
|
|
AC_TRY_LINK([],
|
|
[extern char *__progname; printf("%s", __progname);],
|
|
[
|
|
AC_DEFINE(HAVE___PROGNAME)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants Kerberos support
|
|
AC_ARG_WITH(kerberos4,
|
|
[ --with-kerberos4 Enable Kerberos 4 support],
|
|
[
|
|
AC_DEFINE(KRB4)
|
|
LIBS="$LIBS -lkrb"
|
|
CFLAGS="$CFLAGS -I/usr/include/kerberosIV"
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants AFS support
|
|
AC_ARG_WITH(afs,
|
|
[ --with-afs Enable AFS support],
|
|
[
|
|
AC_DEFINE(AFS)
|
|
LIBS="$LIBS -lkafs"
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants S/Key support
|
|
AC_ARG_WITH(skey,
|
|
[ --with-skey Enable S/Key support],
|
|
[
|
|
AC_DEFINE(SKEY)
|
|
LIBS="$LIBS -lskey"
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants TCP wrappers support
|
|
AC_ARG_WITH(tcp-wrappers,
|
|
[ --with-tcp-wrappers Enable tcpwrappers support],
|
|
[
|
|
AC_DEFINE(LIBWRAP)
|
|
LIBWRAP="-lwrap"
|
|
]
|
|
)
|
|
AC_SUBST(LIBWRAP)
|
|
|
|
dnl Check whether to enable MD5 passwords
|
|
AC_ARG_WITH(md5-passwords,
|
|
[ --with-md5-passwords Enable use of MD5 passwords],
|
|
[AC_DEFINE(HAVE_MD5_PASSWORDS)]
|
|
)
|
|
|
|
dnl Check whether to enable utmpx support
|
|
AC_ARG_WITH(utmpx,
|
|
[ --with-utmpx Enable utmpx support],
|
|
[
|
|
if test "x$withval" != "xno" ; then
|
|
AC_DEFINE(USE_UTMPX)
|
|
fi
|
|
]
|
|
)
|
|
|
|
dnl Whether to disable shadow password support
|
|
AC_ARG_WITH(shadow,
|
|
[ --without-shadow Disable shadow password support],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
AC_DEFINE(DISABLE_SHADOW)
|
|
fi
|
|
]
|
|
)
|
|
|
|
dnl Use ip address instead of hostname in $DISPLAY
|
|
AC_ARG_WITH(ipaddr-display,
|
|
[ --with-ipaddr-display Use ip address instead of hostname in \$DISPLAY],
|
|
[
|
|
if test "x$withval" = "xno" ; then
|
|
AC_DEFINE(IPADDR_IN_DISPLAY)
|
|
fi
|
|
]
|
|
)
|
|
|
|
dnl Check for mail directory (last resort if we cannot get it from headers)
|
|
if test ! -z "$MAIL" ; then
|
|
maildir=`dirname $MAIL`
|
|
AC_DEFINE_UNQUOTED(MAIL_DIRECTORY, "$maildir")
|
|
fi
|
|
|
|
AC_OUTPUT(Makefile)
|