summaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2014-10-07 12:13:50 +0100
committerColin Watson <cjwatson@debian.org>2014-10-07 12:13:50 +0100
commit487bdb3a5ef6075887b830ccb8a0b14f6da78e93 (patch)
treea2cff6fec1e6c4b4153a170a3e172cfe6bfdec46 /configure.ac
parent796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 (diff)
parent28453d58058a4d60c3ebe7d7f0c31a510cbf6158 (diff)
Import openssh_6.7p1.orig.tar.gz
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac142
1 files changed, 63 insertions, 79 deletions
diff --git a/configure.ac b/configure.ac
index 7c6ce08d8..67c4486e7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.571 2014/02/21 17:09:34 tim Exp $ 1# $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) 17AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
18AC_REVISION($Revision: 1.571 $) 18AC_REVISION($Revision: 1.583 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20AC_LANG([C]) 20AC_LANG([C])
21 21
@@ -1380,62 +1380,6 @@ AC_ARG_WITH([skey],
1380 ] 1380 ]
1381) 1381)
1382 1382
1383# Check whether user wants TCP wrappers support
1384TCPW_MSG="no"
1385AC_ARG_WITH([tcp-wrappers],
1386 [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)],
1387 [
1388 if test "x$withval" != "xno" ; then
1389 saved_LIBS="$LIBS"
1390 saved_LDFLAGS="$LDFLAGS"
1391 saved_CPPFLAGS="$CPPFLAGS"
1392 if test -n "${withval}" && \
1393 test "x${withval}" != "xyes"; then
1394 if test -d "${withval}/lib"; then
1395 if test -n "${need_dash_r}"; then
1396 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
1397 else
1398 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1399 fi
1400 else
1401 if test -n "${need_dash_r}"; then
1402 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
1403 else
1404 LDFLAGS="-L${withval} ${LDFLAGS}"
1405 fi
1406 fi
1407 if test -d "${withval}/include"; then
1408 CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
1409 else
1410 CPPFLAGS="-I${withval} ${CPPFLAGS}"
1411 fi
1412 fi
1413 LIBS="-lwrap $LIBS"
1414 AC_MSG_CHECKING([for libwrap])
1415 AC_LINK_IFELSE([AC_LANG_PROGRAM([[
1416#include <sys/types.h>
1417#include <sys/socket.h>
1418#include <netinet/in.h>
1419#include <tcpd.h>
1420int deny_severity = 0, allow_severity = 0;
1421 ]], [[
1422 hosts_access(0);
1423 ]])], [
1424 AC_MSG_RESULT([yes])
1425 AC_DEFINE([LIBWRAP], [1],
1426 [Define if you want
1427 TCP Wrappers support])
1428 SSHDLIBS="$SSHDLIBS -lwrap"
1429 TCPW_MSG="yes"
1430 ], [
1431 AC_MSG_ERROR([*** libwrap missing])
1432
1433 ])
1434 LIBS="$saved_LIBS"
1435 fi
1436 ]
1437)
1438
1439# Check whether user wants to use ldns 1383# Check whether user wants to use ldns
1440LDNS_MSG="no" 1384LDNS_MSG="no"
1441AC_ARG_WITH(ldns, 1385AC_ARG_WITH(ldns,
@@ -1631,10 +1575,6 @@ AC_CHECK_FUNCS([ \
1631 Blowfish_expandstate \ 1575 Blowfish_expandstate \
1632 Blowfish_expand0state \ 1576 Blowfish_expand0state \
1633 Blowfish_stream2word \ 1577 Blowfish_stream2word \
1634 arc4random \
1635 arc4random_buf \
1636 arc4random_stir \
1637 arc4random_uniform \
1638 asprintf \ 1578 asprintf \
1639 b64_ntop \ 1579 b64_ntop \
1640 __b64_ntop \ 1580 __b64_ntop \
@@ -1678,6 +1618,7 @@ AC_CHECK_FUNCS([ \
1678 mblen \ 1618 mblen \
1679 md5_crypt \ 1619 md5_crypt \
1680 memmove \ 1620 memmove \
1621 memset_s \
1681 mkdtemp \ 1622 mkdtemp \
1682 mmap \ 1623 mmap \
1683 ngetaddrinfo \ 1624 ngetaddrinfo \
@@ -1736,7 +1677,6 @@ AC_CHECK_FUNCS([ \
1736 user_from_uid \ 1677 user_from_uid \
1737 usleep \ 1678 usleep \
1738 vasprintf \ 1679 vasprintf \
1739 vhangup \
1740 vsnprintf \ 1680 vsnprintf \
1741 waitpid \ 1681 waitpid \
1742]) 1682])
@@ -1948,11 +1888,9 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then
1948 ) 1888 )
1949fi 1889fi
1950 1890
1951# If we don't have a working asprintf, then we strongly depend on vsnprintf 1891# We depend on vsnprintf returning the right thing on overflow: the
1952# returning the right thing on overflow: the number of characters it tried to 1892# number of characters it tried to create (as per SUSv3)
1953# create (as per SUSv3) 1893if test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1954if test "x$ac_cv_func_asprintf" != "xyes" && \
1955 test "x$ac_cv_func_vsnprintf" = "xyes" ; then
1956 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) 1894 AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow])
1957 AC_RUN_IFELSE( 1895 AC_RUN_IFELSE(
1958 [AC_LANG_PROGRAM([[ 1896 [AC_LANG_PROGRAM([[
@@ -1960,15 +1898,23 @@ if test "x$ac_cv_func_asprintf" != "xyes" && \
1960#include <stdio.h> 1898#include <stdio.h>
1961#include <stdarg.h> 1899#include <stdarg.h>
1962 1900
1963int x_snprintf(char *str,size_t count,const char *fmt,...) 1901int x_snprintf(char *str, size_t count, const char *fmt, ...)
1964{ 1902{
1965 size_t ret; va_list ap; 1903 size_t ret;
1966 va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); 1904 va_list ap;
1905
1906 va_start(ap, fmt);
1907 ret = vsnprintf(str, count, fmt, ap);
1908 va_end(ap);
1967 return ret; 1909 return ret;
1968} 1910}
1969 ]], [[ 1911 ]], [[
1970 char x[1]; 1912char x[1];
1971 exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); 1913if (x_snprintf(x, 1, "%s %d", "hello", 12345) != 11)
1914 return 1;
1915if (x_snprintf(NULL, 0, "%s %d", "hello", 12345) != 11)
1916 return 1;
1917return 0;
1972 ]])], 1918 ]])],
1973 [AC_MSG_RESULT([yes])], 1919 [AC_MSG_RESULT([yes])],
1974 [ 1920 [
@@ -2304,7 +2250,7 @@ AC_RUN_IFELSE(
2304 if(fd == NULL) 2250 if(fd == NULL)
2305 exit(1); 2251 exit(1);
2306 2252
2307 if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 2253 if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
2308 exit(1); 2254 exit(1);
2309 2255
2310 exit(0); 2256 exit(0);
@@ -2339,13 +2285,21 @@ AC_RUN_IFELSE(
2339 if(fd == NULL) 2285 if(fd == NULL)
2340 exit(1); 2286 exit(1);
2341 2287
2342 if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) 2288 if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(),
2289 SSLeay_version(SSLEAY_VERSION))) <0)
2343 exit(1); 2290 exit(1);
2344 2291
2345 exit(0); 2292 exit(0);
2346 ]])], 2293 ]])],
2347 [ 2294 [
2348 ssl_library_ver=`cat conftest.ssllibver` 2295 ssl_library_ver=`cat conftest.ssllibver`
2296 # Check version is supported.
2297 case "$ssl_library_ver" in
2298 0090[[0-7]]*|009080[[0-5]]*)
2299 AC_MSG_ERROR([OpenSSL >= 0.9.8f required])
2300 ;;
2301 *) ;;
2302 esac
2349 AC_MSG_RESULT([$ssl_library_ver]) 2303 AC_MSG_RESULT([$ssl_library_ver])
2350 ], 2304 ],
2351 [ 2305 [
@@ -2357,6 +2311,10 @@ AC_RUN_IFELSE(
2357 ] 2311 ]
2358) 2312)
2359 2313
2314# XXX make --without-openssl work
2315AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography])
2316AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support])
2317
2360AC_ARG_WITH([openssl-header-check], 2318AC_ARG_WITH([openssl-header-check],
2361 [ --without-openssl-header-check Disable OpenSSL version consistency check], 2319 [ --without-openssl-header-check Disable OpenSSL version consistency check],
2362 [ if test "x$withval" = "xno" ; then 2320 [ if test "x$withval" = "xno" ; then
@@ -2565,6 +2523,14 @@ AC_CHECK_FUNCS([SHA256_Update EVP_sha256], ,
2565 hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" 2523 hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
2566 ] 2524 ]
2567) 2525)
2526# Search for RIPE-MD support in OpenSSL
2527AC_CHECK_FUNCS([EVP_ripemd160], ,
2528 [unsupported_algorithms="$unsupported_algorithms \
2529 hmac-ripemd160
2530 hmac-ripemd160@openssh.com
2531 hmac-ripemd160-etm@openssh.com"
2532 ]
2533)
2568 2534
2569# Check complete ECC support in OpenSSL 2535# Check complete ECC support in OpenSSL
2570AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) 2536AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1])
@@ -2685,6 +2651,13 @@ fi
2685AC_SUBST([TEST_SSH_ECC]) 2651AC_SUBST([TEST_SSH_ECC])
2686AC_SUBST([COMMENT_OUT_ECC]) 2652AC_SUBST([COMMENT_OUT_ECC])
2687 2653
2654AC_CHECK_FUNCS([ \
2655 arc4random \
2656 arc4random_buf \
2657 arc4random_stir \
2658 arc4random_uniform \
2659])
2660
2688saved_LIBS="$LIBS" 2661saved_LIBS="$LIBS"
2689AC_CHECK_LIB([iaf], [ia_openinfo], [ 2662AC_CHECK_LIB([iaf], [ia_openinfo], [
2690 LIBS="$LIBS -liaf" 2663 LIBS="$LIBS -liaf"
@@ -2868,7 +2841,14 @@ if test "x$PAM_MSG" = "xyes" ; then
2868 ]) 2841 ])
2869fi 2842fi
2870 2843
2871SSH_PRIVSEP_USER=sshd 2844case "$host" in
2845*-*-cygwin*)
2846 SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER
2847 ;;
2848*)
2849 SSH_PRIVSEP_USER=sshd
2850 ;;
2851esac
2872AC_ARG_WITH([privsep-user], 2852AC_ARG_WITH([privsep-user],
2873 [ --with-privsep-user=user Specify non-privileged user for privilege separation], 2853 [ --with-privsep-user=user Specify non-privileged user for privilege separation],
2874 [ 2854 [
@@ -2878,8 +2858,13 @@ AC_ARG_WITH([privsep-user],
2878 fi 2858 fi
2879 ] 2859 ]
2880) 2860)
2881AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], 2861if test "x$SSH_PRIVSEP_USER" = "xCYGWIN_SSH_PRIVSEP_USER" ; then
2882 [non-privileged user for privilege separation]) 2862 AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], [CYGWIN_SSH_PRIVSEP_USER],
2863 [Cygwin function to fetch non-privileged user for privilege separation])
2864else
2865 AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"],
2866 [non-privileged user for privilege separation])
2867fi
2883AC_SUBST([SSH_PRIVSEP_USER]) 2868AC_SUBST([SSH_PRIVSEP_USER])
2884 2869
2885if test "x$have_linux_no_new_privs" = "x1" ; then 2870if test "x$have_linux_no_new_privs" = "x1" ; then
@@ -4844,7 +4829,6 @@ echo " KerberosV support: $KRB5_MSG"
4844echo " SELinux support: $SELINUX_MSG" 4829echo " SELinux support: $SELINUX_MSG"
4845echo " Smartcard support: $SCARD_MSG" 4830echo " Smartcard support: $SCARD_MSG"
4846echo " S/KEY support: $SKEY_MSG" 4831echo " S/KEY support: $SKEY_MSG"
4847echo " TCP Wrappers support: $TCPW_MSG"
4848echo " MD5 password support: $MD5_MSG" 4832echo " MD5 password support: $MD5_MSG"
4849echo " libedit support: $LIBEDIT_MSG" 4833echo " libedit support: $LIBEDIT_MSG"
4850echo " Solaris process contract support: $SPC_MSG" 4834echo " Solaris process contract support: $SPC_MSG"