diff options
author | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
commit | 487bdb3a5ef6075887b830ccb8a0b14f6da78e93 (patch) | |
tree | a2cff6fec1e6c4b4153a170a3e172cfe6bfdec46 /configure.ac | |
parent | 796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 (diff) | |
parent | 28453d58058a4d60c3ebe7d7f0c31a510cbf6158 (diff) |
Import openssh_6.7p1.orig.tar.gz
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 142 |
1 files changed, 63 insertions, 79 deletions
diff --git a/configure.ac b/configure.ac index 7c6ce08d8..67c4486e7 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.571 2014/02/21 17:09:34 tim Exp $ | 1 | # $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -15,7 +15,7 @@ | |||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) | 17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) |
18 | AC_REVISION($Revision: 1.571 $) | 18 | AC_REVISION($Revision: 1.583 $) |
19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
20 | AC_LANG([C]) | 20 | AC_LANG([C]) |
21 | 21 | ||
@@ -1380,62 +1380,6 @@ AC_ARG_WITH([skey], | |||
1380 | ] | 1380 | ] |
1381 | ) | 1381 | ) |
1382 | 1382 | ||
1383 | # Check whether user wants TCP wrappers support | ||
1384 | TCPW_MSG="no" | ||
1385 | AC_ARG_WITH([tcp-wrappers], | ||
1386 | [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], | ||
1387 | [ | ||
1388 | if test "x$withval" != "xno" ; then | ||
1389 | saved_LIBS="$LIBS" | ||
1390 | saved_LDFLAGS="$LDFLAGS" | ||
1391 | saved_CPPFLAGS="$CPPFLAGS" | ||
1392 | if test -n "${withval}" && \ | ||
1393 | test "x${withval}" != "xyes"; then | ||
1394 | if test -d "${withval}/lib"; then | ||
1395 | if test -n "${need_dash_r}"; then | ||
1396 | LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" | ||
1397 | else | ||
1398 | LDFLAGS="-L${withval}/lib ${LDFLAGS}" | ||
1399 | fi | ||
1400 | else | ||
1401 | if test -n "${need_dash_r}"; then | ||
1402 | LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" | ||
1403 | else | ||
1404 | LDFLAGS="-L${withval} ${LDFLAGS}" | ||
1405 | fi | ||
1406 | fi | ||
1407 | if test -d "${withval}/include"; then | ||
1408 | CPPFLAGS="-I${withval}/include ${CPPFLAGS}" | ||
1409 | else | ||
1410 | CPPFLAGS="-I${withval} ${CPPFLAGS}" | ||
1411 | fi | ||
1412 | fi | ||
1413 | LIBS="-lwrap $LIBS" | ||
1414 | AC_MSG_CHECKING([for libwrap]) | ||
1415 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[ | ||
1416 | #include <sys/types.h> | ||
1417 | #include <sys/socket.h> | ||
1418 | #include <netinet/in.h> | ||
1419 | #include <tcpd.h> | ||
1420 | int deny_severity = 0, allow_severity = 0; | ||
1421 | ]], [[ | ||
1422 | hosts_access(0); | ||
1423 | ]])], [ | ||
1424 | AC_MSG_RESULT([yes]) | ||
1425 | AC_DEFINE([LIBWRAP], [1], | ||
1426 | [Define if you want | ||
1427 | TCP Wrappers support]) | ||
1428 | SSHDLIBS="$SSHDLIBS -lwrap" | ||
1429 | TCPW_MSG="yes" | ||
1430 | ], [ | ||
1431 | AC_MSG_ERROR([*** libwrap missing]) | ||
1432 | |||
1433 | ]) | ||
1434 | LIBS="$saved_LIBS" | ||
1435 | fi | ||
1436 | ] | ||
1437 | ) | ||
1438 | |||
1439 | # Check whether user wants to use ldns | 1383 | # Check whether user wants to use ldns |
1440 | LDNS_MSG="no" | 1384 | LDNS_MSG="no" |
1441 | AC_ARG_WITH(ldns, | 1385 | AC_ARG_WITH(ldns, |
@@ -1631,10 +1575,6 @@ AC_CHECK_FUNCS([ \ | |||
1631 | Blowfish_expandstate \ | 1575 | Blowfish_expandstate \ |
1632 | Blowfish_expand0state \ | 1576 | Blowfish_expand0state \ |
1633 | Blowfish_stream2word \ | 1577 | Blowfish_stream2word \ |
1634 | arc4random \ | ||
1635 | arc4random_buf \ | ||
1636 | arc4random_stir \ | ||
1637 | arc4random_uniform \ | ||
1638 | asprintf \ | 1578 | asprintf \ |
1639 | b64_ntop \ | 1579 | b64_ntop \ |
1640 | __b64_ntop \ | 1580 | __b64_ntop \ |
@@ -1678,6 +1618,7 @@ AC_CHECK_FUNCS([ \ | |||
1678 | mblen \ | 1618 | mblen \ |
1679 | md5_crypt \ | 1619 | md5_crypt \ |
1680 | memmove \ | 1620 | memmove \ |
1621 | memset_s \ | ||
1681 | mkdtemp \ | 1622 | mkdtemp \ |
1682 | mmap \ | 1623 | mmap \ |
1683 | ngetaddrinfo \ | 1624 | ngetaddrinfo \ |
@@ -1736,7 +1677,6 @@ AC_CHECK_FUNCS([ \ | |||
1736 | user_from_uid \ | 1677 | user_from_uid \ |
1737 | usleep \ | 1678 | usleep \ |
1738 | vasprintf \ | 1679 | vasprintf \ |
1739 | vhangup \ | ||
1740 | vsnprintf \ | 1680 | vsnprintf \ |
1741 | waitpid \ | 1681 | waitpid \ |
1742 | ]) | 1682 | ]) |
@@ -1948,11 +1888,9 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then | |||
1948 | ) | 1888 | ) |
1949 | fi | 1889 | fi |
1950 | 1890 | ||
1951 | # If we don't have a working asprintf, then we strongly depend on vsnprintf | 1891 | # We depend on vsnprintf returning the right thing on overflow: the |
1952 | # returning the right thing on overflow: the number of characters it tried to | 1892 | # number of characters it tried to create (as per SUSv3) |
1953 | # create (as per SUSv3) | 1893 | if test "x$ac_cv_func_vsnprintf" = "xyes" ; then |
1954 | if test "x$ac_cv_func_asprintf" != "xyes" && \ | ||
1955 | test "x$ac_cv_func_vsnprintf" = "xyes" ; then | ||
1956 | AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) | 1894 | AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) |
1957 | AC_RUN_IFELSE( | 1895 | AC_RUN_IFELSE( |
1958 | [AC_LANG_PROGRAM([[ | 1896 | [AC_LANG_PROGRAM([[ |
@@ -1960,15 +1898,23 @@ if test "x$ac_cv_func_asprintf" != "xyes" && \ | |||
1960 | #include <stdio.h> | 1898 | #include <stdio.h> |
1961 | #include <stdarg.h> | 1899 | #include <stdarg.h> |
1962 | 1900 | ||
1963 | int x_snprintf(char *str,size_t count,const char *fmt,...) | 1901 | int x_snprintf(char *str, size_t count, const char *fmt, ...) |
1964 | { | 1902 | { |
1965 | size_t ret; va_list ap; | 1903 | size_t ret; |
1966 | va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); | 1904 | va_list ap; |
1905 | |||
1906 | va_start(ap, fmt); | ||
1907 | ret = vsnprintf(str, count, fmt, ap); | ||
1908 | va_end(ap); | ||
1967 | return ret; | 1909 | return ret; |
1968 | } | 1910 | } |
1969 | ]], [[ | 1911 | ]], [[ |
1970 | char x[1]; | 1912 | char x[1]; |
1971 | exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); | 1913 | if (x_snprintf(x, 1, "%s %d", "hello", 12345) != 11) |
1914 | return 1; | ||
1915 | if (x_snprintf(NULL, 0, "%s %d", "hello", 12345) != 11) | ||
1916 | return 1; | ||
1917 | return 0; | ||
1972 | ]])], | 1918 | ]])], |
1973 | [AC_MSG_RESULT([yes])], | 1919 | [AC_MSG_RESULT([yes])], |
1974 | [ | 1920 | [ |
@@ -2304,7 +2250,7 @@ AC_RUN_IFELSE( | |||
2304 | if(fd == NULL) | 2250 | if(fd == NULL) |
2305 | exit(1); | 2251 | exit(1); |
2306 | 2252 | ||
2307 | if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) | 2253 | if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) |
2308 | exit(1); | 2254 | exit(1); |
2309 | 2255 | ||
2310 | exit(0); | 2256 | exit(0); |
@@ -2339,13 +2285,21 @@ AC_RUN_IFELSE( | |||
2339 | if(fd == NULL) | 2285 | if(fd == NULL) |
2340 | exit(1); | 2286 | exit(1); |
2341 | 2287 | ||
2342 | if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) | 2288 | if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), |
2289 | SSLeay_version(SSLEAY_VERSION))) <0) | ||
2343 | exit(1); | 2290 | exit(1); |
2344 | 2291 | ||
2345 | exit(0); | 2292 | exit(0); |
2346 | ]])], | 2293 | ]])], |
2347 | [ | 2294 | [ |
2348 | ssl_library_ver=`cat conftest.ssllibver` | 2295 | ssl_library_ver=`cat conftest.ssllibver` |
2296 | # Check version is supported. | ||
2297 | case "$ssl_library_ver" in | ||
2298 | 0090[[0-7]]*|009080[[0-5]]*) | ||
2299 | AC_MSG_ERROR([OpenSSL >= 0.9.8f required]) | ||
2300 | ;; | ||
2301 | *) ;; | ||
2302 | esac | ||
2349 | AC_MSG_RESULT([$ssl_library_ver]) | 2303 | AC_MSG_RESULT([$ssl_library_ver]) |
2350 | ], | 2304 | ], |
2351 | [ | 2305 | [ |
@@ -2357,6 +2311,10 @@ AC_RUN_IFELSE( | |||
2357 | ] | 2311 | ] |
2358 | ) | 2312 | ) |
2359 | 2313 | ||
2314 | # XXX make --without-openssl work | ||
2315 | AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography]) | ||
2316 | AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support]) | ||
2317 | |||
2360 | AC_ARG_WITH([openssl-header-check], | 2318 | AC_ARG_WITH([openssl-header-check], |
2361 | [ --without-openssl-header-check Disable OpenSSL version consistency check], | 2319 | [ --without-openssl-header-check Disable OpenSSL version consistency check], |
2362 | [ if test "x$withval" = "xno" ; then | 2320 | [ if test "x$withval" = "xno" ; then |
@@ -2565,6 +2523,14 @@ AC_CHECK_FUNCS([SHA256_Update EVP_sha256], , | |||
2565 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | 2523 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" |
2566 | ] | 2524 | ] |
2567 | ) | 2525 | ) |
2526 | # Search for RIPE-MD support in OpenSSL | ||
2527 | AC_CHECK_FUNCS([EVP_ripemd160], , | ||
2528 | [unsupported_algorithms="$unsupported_algorithms \ | ||
2529 | hmac-ripemd160 | ||
2530 | hmac-ripemd160@openssh.com | ||
2531 | hmac-ripemd160-etm@openssh.com" | ||
2532 | ] | ||
2533 | ) | ||
2568 | 2534 | ||
2569 | # Check complete ECC support in OpenSSL | 2535 | # Check complete ECC support in OpenSSL |
2570 | AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) | 2536 | AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) |
@@ -2685,6 +2651,13 @@ fi | |||
2685 | AC_SUBST([TEST_SSH_ECC]) | 2651 | AC_SUBST([TEST_SSH_ECC]) |
2686 | AC_SUBST([COMMENT_OUT_ECC]) | 2652 | AC_SUBST([COMMENT_OUT_ECC]) |
2687 | 2653 | ||
2654 | AC_CHECK_FUNCS([ \ | ||
2655 | arc4random \ | ||
2656 | arc4random_buf \ | ||
2657 | arc4random_stir \ | ||
2658 | arc4random_uniform \ | ||
2659 | ]) | ||
2660 | |||
2688 | saved_LIBS="$LIBS" | 2661 | saved_LIBS="$LIBS" |
2689 | AC_CHECK_LIB([iaf], [ia_openinfo], [ | 2662 | AC_CHECK_LIB([iaf], [ia_openinfo], [ |
2690 | LIBS="$LIBS -liaf" | 2663 | LIBS="$LIBS -liaf" |
@@ -2868,7 +2841,14 @@ if test "x$PAM_MSG" = "xyes" ; then | |||
2868 | ]) | 2841 | ]) |
2869 | fi | 2842 | fi |
2870 | 2843 | ||
2871 | SSH_PRIVSEP_USER=sshd | 2844 | case "$host" in |
2845 | *-*-cygwin*) | ||
2846 | SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER | ||
2847 | ;; | ||
2848 | *) | ||
2849 | SSH_PRIVSEP_USER=sshd | ||
2850 | ;; | ||
2851 | esac | ||
2872 | AC_ARG_WITH([privsep-user], | 2852 | AC_ARG_WITH([privsep-user], |
2873 | [ --with-privsep-user=user Specify non-privileged user for privilege separation], | 2853 | [ --with-privsep-user=user Specify non-privileged user for privilege separation], |
2874 | [ | 2854 | [ |
@@ -2878,8 +2858,13 @@ AC_ARG_WITH([privsep-user], | |||
2878 | fi | 2858 | fi |
2879 | ] | 2859 | ] |
2880 | ) | 2860 | ) |
2881 | AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], | 2861 | if test "x$SSH_PRIVSEP_USER" = "xCYGWIN_SSH_PRIVSEP_USER" ; then |
2882 | [non-privileged user for privilege separation]) | 2862 | AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], [CYGWIN_SSH_PRIVSEP_USER], |
2863 | [Cygwin function to fetch non-privileged user for privilege separation]) | ||
2864 | else | ||
2865 | AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], | ||
2866 | [non-privileged user for privilege separation]) | ||
2867 | fi | ||
2883 | AC_SUBST([SSH_PRIVSEP_USER]) | 2868 | AC_SUBST([SSH_PRIVSEP_USER]) |
2884 | 2869 | ||
2885 | if test "x$have_linux_no_new_privs" = "x1" ; then | 2870 | if test "x$have_linux_no_new_privs" = "x1" ; then |
@@ -4844,7 +4829,6 @@ echo " KerberosV support: $KRB5_MSG" | |||
4844 | echo " SELinux support: $SELINUX_MSG" | 4829 | echo " SELinux support: $SELINUX_MSG" |
4845 | echo " Smartcard support: $SCARD_MSG" | 4830 | echo " Smartcard support: $SCARD_MSG" |
4846 | echo " S/KEY support: $SKEY_MSG" | 4831 | echo " S/KEY support: $SKEY_MSG" |
4847 | echo " TCP Wrappers support: $TCPW_MSG" | ||
4848 | echo " MD5 password support: $MD5_MSG" | 4832 | echo " MD5 password support: $MD5_MSG" |
4849 | echo " libedit support: $LIBEDIT_MSG" | 4833 | echo " libedit support: $LIBEDIT_MSG" |
4850 | echo " Solaris process contract support: $SPC_MSG" | 4834 | echo " Solaris process contract support: $SPC_MSG" |