mirror of
git://anongit.mindrot.org/openssh.git
synced 2025-01-05 17:19:42 +00:00
95def09838
- OpenBSD CVS updates - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] [ssh.h sshd.8 sshd.c] syslog changes: * Unified Logmessage for all auth-types, for success and for failed * Standard connections get only ONE line in the LOG when level==LOG: Auth-attempts are logged only, if authentication is: a) successfull or b) with passwd or c) we had more than AUTH_FAIL_LOG failues * many log() became verbose() * old behaviour with level=VERBOSE - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE messages. allows use of s/key in windows (ttssh, securecrt) and ssh-1.2.27 clients without 'ssh -v', ok: niels@ - [sshd.8] -V, for fallback to openssh in SSH2 compatibility mode - [sshd.c] fix sigchld race; cjc5@po.cwru.edu
302 lines
7.0 KiB
Plaintext
302 lines
7.0 KiB
Plaintext
AC_INIT(ssh.c)
|
|
|
|
AC_CONFIG_HEADER(config.h)
|
|
|
|
dnl Checks for programs.
|
|
AC_PROG_CC
|
|
AC_PROG_CPP
|
|
AC_PROG_RANLIB
|
|
AC_CHECK_PROG(AR, ar, ar)
|
|
if test "$GCC" = "yes"; then CFLAGS="$CFLAGS -Wall"; fi
|
|
|
|
dnl Check for OpenSSL/SSLeay directories.
|
|
AC_MSG_CHECKING([for OpenSSL/SSLeay directory])
|
|
for ssldir in /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local $prefix /usr/pkg ; do
|
|
if test -f "$ssldir/include/openssl/crypto.h"; then
|
|
AC_DEFINE(HAVE_OPENSSL)
|
|
GOT_SSL="yes"
|
|
break
|
|
fi
|
|
if test -f "$ssldir/include/ssl/crypto.h"; then
|
|
AC_DEFINE(HAVE_SSL)
|
|
GOT_SSL="yes"
|
|
break
|
|
fi
|
|
done
|
|
if test -z "$GOT_SSL" ; then
|
|
AC_MSG_ERROR([Could not find SSLeay / OpenSSL libraries, please install])
|
|
fi
|
|
AC_SUBST(ssldir)
|
|
AC_DEFINE_UNQUOTED(ssldir, "$ssldir")
|
|
if test "$ssldir" != "/usr"; then
|
|
CFLAGS="$CFLAGS -I$ssldir/include"
|
|
LIBS="$LIBS -L$ssldir/lib"
|
|
fi
|
|
LIBS="$LIBS -lssl -lcrypto"
|
|
AC_MSG_RESULT($ssldir)
|
|
|
|
dnl Check for RSAref library.
|
|
AC_MSG_CHECKING([for RSAref library])
|
|
saved_LIBS="$LIBS"
|
|
LIBS="$saved_LIBS -lRSAglue -lrsaref"
|
|
AC_TRY_LINK([], [],
|
|
[AC_MSG_RESULT(yes); ],
|
|
[AC_MSG_RESULT(no)]; LIBS="$saved_LIBS")
|
|
|
|
dnl Checks for libraries.
|
|
AC_CHECK_LIB(crypto, CRYPTO_lock, ,AC_MSG_ERROR([*** libcrypto missing - please install first ***]))
|
|
AC_CHECK_LIB(z, deflate, ,AC_MSG_ERROR([*** zlib missing - please install first ***]))
|
|
AC_CHECK_LIB(util, login, AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")
|
|
AC_CHECK_LIB(nsl, yp_match, , )
|
|
AC_CHECK_LIB(socket, main, , )
|
|
|
|
dnl libdl is needed by PAM on Redhat systems
|
|
AC_CHECK_LIB(dl, dlopen, , )
|
|
AC_CHECK_LIB(pam, pam_authenticate, , )
|
|
|
|
dnl Checks for header files.
|
|
AC_CHECK_HEADERS(pty.h endian.h paths.h lastlog.h shadow.h netgroup.h maillock.h utmp.h util.h sys/select.h sys/time.h)
|
|
|
|
dnl Checks for library functions.
|
|
AC_CHECK_FUNCS(openpty strlcpy strlcat mkdtemp arc4random setproctitle setlogin setenv)
|
|
|
|
AC_CHECK_FUNC(login,
|
|
[AC_DEFINE(HAVE_LOGIN)],
|
|
[AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_LOGIN)])]
|
|
)
|
|
|
|
AC_CHECK_FUNC(daemon,
|
|
[AC_DEFINE(HAVE_DAEMON)],
|
|
[AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
|
|
)
|
|
|
|
dnl Checks for data types
|
|
AC_CHECK_SIZEOF(short int, 2)
|
|
AC_CHECK_SIZEOF(int, 4)
|
|
AC_CHECK_SIZEOF(long int, 4)
|
|
AC_CHECK_SIZEOF(long long int, 8)
|
|
|
|
dnl More checks for data types
|
|
AC_MSG_CHECKING([for quad_t])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[quad_t a; a = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_QUAD_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
AC_MSG_CHECKING([for intXX_t types])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[int16_t a; int32_t b; a = 1235; b = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_INTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
AC_MSG_CHECKING([for u_intXX_t types])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[u_int16_t c; u_int32_t d; c = 1235; d = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_U_INTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
AC_MSG_CHECKING([For uintXX_t types])
|
|
AC_TRY_COMPILE(
|
|
[#include <sys/types.h>],
|
|
[uint16_t c; uint32_t d; c = 1235; d = 1235;],
|
|
[
|
|
AC_DEFINE(HAVE_UINTXX_T)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
dnl Check PAM strerror arguments
|
|
AC_MSG_CHECKING([whether pam_strerror takes only one argument])
|
|
AC_TRY_COMPILE(
|
|
[
|
|
#include <stdlib.h>
|
|
#include <security/pam_appl.h>
|
|
],
|
|
[(void)pam_strerror((pam_handle_t *)NULL, -1);],
|
|
[AC_MSG_RESULT(no)],
|
|
[
|
|
AC_DEFINE(HAVE_OLD_PAM)
|
|
AC_MSG_RESULT(yes)
|
|
]
|
|
)
|
|
|
|
dnl Check whether use wants to disable the external ssh-askpass
|
|
INSTALL_ASKPASS="yes"
|
|
AC_MSG_CHECKING([whether to enable external ssh-askpass support])
|
|
AC_ARG_WITH(askpass,
|
|
[ --with-askpass=yes/no Enable external ssh-askpass support (default=yes)],
|
|
[
|
|
if test x$withval = xno ; then
|
|
INSTALL_ASKPASS="no"
|
|
else
|
|
INSTALL_ASKPASS="yes"
|
|
fi
|
|
]
|
|
)
|
|
if test "x$INSTALL_ASKPASS" = "xyes" ; then
|
|
AC_DEFINE(USE_EXTERNAL_ASKPASS)
|
|
AC_SUBST(INSTALL_ASKPASS)
|
|
AC_MSG_RESULT(yes)
|
|
else
|
|
AC_MSG_RESULT(no)
|
|
fi
|
|
|
|
if test "x$INSTALL_ASKPASS" = "xyes" ; then
|
|
AC_MSG_CHECKING([whether to build GNOME ssh-askpass])
|
|
dnl Check whether user wants GNOME ssh-askpass
|
|
AC_ARG_WITH(gnome-askpass,
|
|
[ --with-gnome-askpass Build the GNOME passphrase requester (default=no)],
|
|
[
|
|
if test x$withval = xno ; then
|
|
GNOME_ASKPASS="";
|
|
else
|
|
GNOME_ASKPASS="gnome-ssh-askpass";
|
|
fi
|
|
])
|
|
AC_SUBST(GNOME_ASKPASS)
|
|
|
|
if test -z "$GNOME_ASKPASS" ; then
|
|
AC_MSG_RESULT(no)
|
|
else
|
|
AC_MSG_RESULT(yes)
|
|
fi
|
|
fi
|
|
|
|
dnl Check for user-specified random device
|
|
AC_ARG_WITH(random,
|
|
[ --with-random=FILE read randomness from FILE (default=/dev/urandom)],
|
|
[
|
|
RANDOM_POOL="$withval";
|
|
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
|
|
],
|
|
[
|
|
dnl Check for random device
|
|
AC_CHECK_FILE("/dev/urandom",
|
|
[
|
|
RANDOM_POOL="/dev/urandom";
|
|
AC_SUBST(RANDOM_POOL)
|
|
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
|
|
]
|
|
)
|
|
]
|
|
)
|
|
|
|
dnl Check for EGD pool file
|
|
AC_ARG_WITH(egd-pool,
|
|
[ --with-egd-pool=FILE read randomness from EGD pool FILE (default none)],
|
|
[
|
|
RANDOM_POOL="$withval";
|
|
AC_DEFINE(HAVE_EGD)
|
|
AC_SUBST(RANDOM_POOL)
|
|
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
|
|
]
|
|
)
|
|
|
|
dnl Make sure we have random number support
|
|
if test -z "$RANDOM_POOL" -a -z "$EGD_POOL"; then
|
|
AC_MSG_ERROR([No random device found, and no EGD random pool specified])
|
|
fi
|
|
|
|
dnl Check for ut_host field in utmp
|
|
AC_MSG_CHECKING([whether utmp.h has ut_host field])
|
|
AC_EGREP_HEADER(ut_host, utmp.h,
|
|
[AC_DEFINE(HAVE_HOST_IN_UTMP) AC_MSG_RESULT(yes); ],
|
|
[AC_MSG_RESULT(no)]
|
|
)
|
|
|
|
dnl Look for lastlog location
|
|
AC_MSG_CHECKING([location of lastlog file])
|
|
for lastlog in /var/log/lastlog /var/adm/lastlog /etc/security/lastlog ; do
|
|
if test -f $lastlog ; then
|
|
gotlastlog="file"
|
|
break
|
|
fi
|
|
if test -d $lastlog ; then
|
|
gotlastlog="dir"
|
|
break
|
|
fi
|
|
done
|
|
if test -z "$gotlastlog" ; then
|
|
AC_MSG_ERROR([*** Cannot find lastlog ***])
|
|
else
|
|
if test "x$gotlastlog" = "xdir" ; then
|
|
AC_DEFINE(LASTLOG_IS_DIR)
|
|
AC_MSG_ERROR([*** Directory-based lastlogs are not yet supported ***])
|
|
fi
|
|
AC_MSG_RESULT($lastlog)
|
|
AC_DEFINE_UNQUOTED(LASTLOG_LOCATION, "$lastlog")
|
|
fi
|
|
|
|
AC_MSG_CHECKING([whether libc defines __progname])
|
|
AC_TRY_LINK([],
|
|
[extern char *__progname; printf("%s", __progname);],
|
|
[
|
|
AC_DEFINE(HAVE___PROGNAME)
|
|
AC_MSG_RESULT(yes)
|
|
],
|
|
[
|
|
AC_MSG_RESULT(no)
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants Kerberos support
|
|
AC_ARG_WITH(kerberos4,
|
|
[ --with-kerberos4 Enable Kerberos 4 support],
|
|
[
|
|
AC_DEFINE(KRB4)
|
|
LIBS="$LIBS -lkrb"
|
|
CFLAGS="$CFLAGS -I/usr/include/kerberosIV"
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants AFS support
|
|
AC_ARG_WITH(afs,
|
|
[ --with-afs Enable AFS support],
|
|
[
|
|
AC_DEFINE(AFS)
|
|
LIBS="$LIBS -lkafs"
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants S/Key support
|
|
AC_ARG_WITH(skey,
|
|
[ --with-skey Enable S/Key support],
|
|
[
|
|
AC_DEFINE(SKEY)
|
|
LIBS="$LIBS -lskey"
|
|
]
|
|
)
|
|
|
|
dnl Check whether user wants TCP wrappers support
|
|
AC_ARG_WITH(tcp-wrappers,
|
|
[ --with-tcp-wrappers Enable tcpwrappers support],
|
|
[
|
|
AC_DEFINE(LIBWRAP)
|
|
LIBS="$LIBS -lwrap"
|
|
]
|
|
)
|
|
|
|
dnl Check whether to enable MD5 passwords
|
|
AC_ARG_WITH(md5-passwords,
|
|
[ --with-md5-passwords Enable use of MD5 passwords],
|
|
[AC_DEFINE(HAVE_MD5_PASSWORDS)]
|
|
)
|
|
|
|
AC_OUTPUT(Makefile)
|