Merge 4.2p1 to the trunk.

author: Colin Watson <cjwatson@debian.org> 2005-09-14 12:45:47 +0000
committer: Colin Watson <cjwatson@debian.org> 2005-09-14 12:45:47 +0000
commit: 9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch)
tree: d4ea8fdb30c7949c6433f5277c39548ea579d4dc /configure.ac
parent: ed07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff)
parent: 16704d57999d987fb8d9ba53379841a79f016d67 (diff)
1 files changed, 333 insertions, 70 deletions
diff --git a/configure.ac b/configure.ac
index c94df6d6f..849e2f771 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.260 2005/04/24 07:52:23 dtucker Exp $
+# $Id: configure.ac,v 1.292 2005/08/31 16:59:49 tim Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -14,7 +14,7 @@
 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-AC_INIT(OpenSSH, Portable)
+AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
 AC_CONFIG_SRCDIR([ssh.c])
 AC_CONFIG_HEADER(config.h)
@@ -77,8 +77,94 @@ fi
 AC_SUBST(LD)
 AC_C_INLINE
+AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
 if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
-        CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"
+        CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
+        GCC_VER=`$CC --version`
+        case $GCC_VER in
+                1.*) ;;
+                2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
+                2.*) ;;
+                *) CFLAGS="$CFLAGS -Wsign-compare" ;;
+        esac
+        if test -z "$have_llong_max"; then
+                # retry LLONG_MAX with -std=gnu99, needed on some Linuxes
+                unset ac_cv_have_decl_LLONG_MAX
+                saved_CFLAGS="$CFLAGS"
+                CFLAGS="$CFLAGS -std=gnu99"
+                AC_CHECK_DECL(LLONG_MAX,
+                    [have_llong_max=1],
+                    [CFLAGS="$saved_CFLAGS"],
+                    [#include <limits.h>]
+                )
+        fi
+fi
+if test -z "$have_llong_max"; then
+        AC_MSG_CHECKING([for max value of long long])
+        AC_RUN_IFELSE(
+                [AC_LANG_SOURCE([[
+#include <stdio.h>
+/* Why is this so damn hard? */
+#ifdef __GNUC__
+# undef __GNUC__
+#endif
+#define __USE_ISOC99
+#include <limits.h>
+#define DATA "conftest.llminmax"
+int main(void) {
+        FILE *f;
+        long long i, llmin, llmax = 0;
+        if((f = fopen(DATA,"w")) == NULL)
+                exit(1);
+#if defined(LLONG_MIN) && defined(LLONG_MAX)
+        fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
+        llmin = LLONG_MIN;
+        llmax = LLONG_MAX;
+#else
+        fprintf(stderr, "Calculating  LLONG_MIN and LLONG_MAX\n");
+        /* This will work on one's complement and two's complement */
+        for (i = 1; i > llmax; i <<= 1, i++)
+                llmax = i;
+        llmin = llmax + 1LL;    /* wrap */
+#endif
+        /* Sanity check */
+        if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
+            || llmax - 1 > llmax) {
+                fprintf(f, "unknown unknown\n");
+                exit(2);
+        }
+        if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
+                exit(3);
+        exit(0);
+}
+                ]])],
+                [
+                        llong_min=`$AWK '{print $1}' conftest.llminmax`
+                        llong_max=`$AWK '{print $2}' conftest.llminmax`
+                        AC_MSG_RESULT($llong_max)
+                        AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
+                            [max value of long long calculated by configure])
+                        AC_MSG_CHECKING([for min value of long long])
+                        AC_MSG_RESULT($llong_min)
+                        AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
+                            [min value of long long calculated by configure])
+                ],
+                [
+                        AC_MSG_RESULT(not found)
+                ],
+                [
+                        AC_MSG_WARN([cross compiling: not checking])
+                ]
+        )
 fi
 AC_ARG_WITH(rpath,
@@ -181,51 +267,43 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
        AC_DEFINE(BROKEN_SETREGID)
        AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
        ;;
-*-*-hpux10.26)
+*-*-hpux*)
-        if test -z "$GCC"; then
+        # first we define all of the options common to all HP-UX releases
-                CFLAGS="$CFLAGS -Ae"
-        fi
-        CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
-        IPADDR_IN_DISPLAY=yes
-        AC_DEFINE(HAVE_SECUREWARE)
-        AC_DEFINE(USE_PIPES)
-        AC_DEFINE(LOGIN_NO_ENDOPT)
-        AC_DEFINE(LOGIN_NEEDS_UTMPX)
-        AC_DEFINE(LOCKED_PASSWD_STRING, "*")
-        AC_DEFINE(SPT_TYPE,SPT_PSTAT)
-        LIBS="$LIBS -lsec -lsecpw"
-        AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
-        disable_ptmx_check=yes
-        ;;
-*-*-hpux10*)
-        if test -z "$GCC"; then
-                CFLAGS="$CFLAGS -Ae"
-        fi
-        CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
-        IPADDR_IN_DISPLAY=yes
-        AC_DEFINE(USE_PIPES)
-        AC_DEFINE(LOGIN_NO_ENDOPT)
-        AC_DEFINE(LOGIN_NEEDS_UTMPX)
-        AC_DEFINE(LOCKED_PASSWD_STRING, "*")
-        AC_DEFINE(SPT_TYPE,SPT_PSTAT)
-        LIBS="$LIBS -lsec"
-        AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
-        ;;
-*-*-hpux11*)
        CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
        IPADDR_IN_DISPLAY=yes
-        AC_DEFINE(PAM_SUN_CODEBASE)
        AC_DEFINE(USE_PIPES)
        AC_DEFINE(LOGIN_NO_ENDOPT)
        AC_DEFINE(LOGIN_NEEDS_UTMPX)
-        AC_DEFINE(DISABLE_UTMP)
        AC_DEFINE(LOCKED_PASSWD_STRING, "*")
        AC_DEFINE(SPT_TYPE,SPT_PSTAT)
-        AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
-        check_for_hpux_broken_getaddrinfo=1
-        check_for_conflicting_getspnam=1
        LIBS="$LIBS -lsec"
-        AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
+        AC_CHECK_LIB(xnet, t_error, ,
+            AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
+        # next, we define all of the options specific to major releases
+        case "$host" in
+        *-*-hpux10*)
+                if test -z "$GCC"; then
+                        CFLAGS="$CFLAGS -Ae"
+                fi
+                ;;
+        *-*-hpux11*)
+                AC_DEFINE(PAM_SUN_CODEBASE)
+                AC_DEFINE(DISABLE_UTMP)
+                AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
+                check_for_hpux_broken_getaddrinfo=1
+                check_for_conflicting_getspnam=1
+                ;;
+        esac
+        # lastly, we define options specific to minor releases
+        case "$host" in
+        *-*-hpux10.26)
+                AC_DEFINE(HAVE_SECUREWARE)
+                disable_ptmx_check=yes
+                LIBS="$LIBS -lsecpw"
+                ;;
+        esac
        ;;
 *-*-irix5*)
        PATH="$PATH:/usr/etc"
@@ -277,7 +355,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
        esac
        ;;
 mips-sony-bsd|mips-sony-newsos4)
-        AC_DEFINE(HAVE_NEWS4)
+        AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
        SONY=1
        ;;
 *-*-netbsd*)
@@ -304,6 +382,9 @@ mips-sony-bsd|mips-sony-newsos4)
        AC_DEFINE(USE_PIPES)
        AC_DEFINE(BROKEN_SAVED_UIDS)
        ;;
+*-*-openbsd*)
+        AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
+        ;;
 *-*-solaris*)
        if test "x$withval" != "xno" ; then
                need_dash_r=1
@@ -373,11 +454,19 @@ mips-sony-bsd|mips-sony-newsos4)
        ;;
 # UnixWare 7.x, OpenUNIX 8
 *-*-sysv5*)
+        check_for_libcrypt_later=1
+        AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
        AC_DEFINE(USE_PIPES)
        AC_DEFINE(SETEUID_BREAKS_SETUID)
        AC_DEFINE(BROKEN_SETREUID)
        AC_DEFINE(BROKEN_SETREGID)
        AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
+        case "$host" in
+        *-*-sysv5SCO_SV*)       # SCO OpenServer 6.x
+                TEST_SHELL=/u95/bin/sh
+                AC_DEFINE(BROKEN_LIBIAF, 1, [ia_uinfo routines not supported by OS yet])
+                ;;
+        esac
        ;;
 *-*-sysv*)
        ;;
@@ -476,6 +565,19 @@ mips-sony-bsd|mips-sony-newsos4)
        AC_DEFINE(MISSING_HOWMANY)
        AC_DEFINE(MISSING_FD_MASK)
        ;;
+*-*-ultrix*)
+        AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1])
+        AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files])
+        AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
+        AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
+        ;;
+*-*-lynxos)
+        CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
+        AC_DEFINE(MISSING_HOWMANY)
+        AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
+        ;;
 esac
 # Allow user to specify flags
@@ -515,6 +617,17 @@ AC_ARG_WITH(libs,
                fi
        ]
 )
+AC_ARG_WITH(Werror,
+        [  --with-Werror           Build main code with -Werror],
+        [
+                if test -n "$withval"  &&  test "x$withval" != "xno"; then
+                        werror_flags="-Werror"
+                        if "x${withval}" != "xyes"; then
+                                werror_flags="$withval"
+                        fi
+                fi
+        ]
+)
 AC_MSG_CHECKING(compiler and flags for sanity)
 AC_RUN_IFELSE(
@@ -530,17 +643,67 @@ int main(){exit(0);}
        [       AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
 )
-# Checks for header files.
+dnl Checks for header files.
-AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \
+AC_CHECK_HEADERS( \
-        floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \
+        bstring.h \
-        login_cap.h maillock.h ndir.h netdb.h netgroup.h \
+        crypt.h \
-        netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \
+        dirent.h \
-        rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
+        endian.h \
-        strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \
+        features.h \
-        sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \
+        floatingpoint.h \
-        sys/pstat.h sys/select.h sys/stat.h sys/stream.h \
+        getopt.h \
-        sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \
+        glob.h \
-        time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)
+        ia.h \
+        iaf.h \
+        lastlog.h \
+        limits.h \
+        login.h \
+        login_cap.h \
+        maillock.h \
+        ndir.h \
+        netdb.h \
+        netgroup.h \
+        netinet/in_systm.h \
+        pam/pam_appl.h \
+        paths.h \
+        pty.h \
+        readpassphrase.h \
+        rpc/types.h \
+        security/pam_appl.h \
+        shadow.h \
+        stddef.h \
+        stdint.h \
+        string.h \
+        strings.h \
+        sys/audit.h \
+        sys/bitypes.h \
+        sys/bsdtty.h \
+        sys/cdefs.h \
+        sys/dir.h \
+        sys/mman.h \
+        sys/ndir.h \
+        sys/prctl.h \
+        sys/pstat.h \
+        sys/select.h \
+        sys/stat.h \
+        sys/stream.h \
+        sys/stropts.h \
+        sys/strtio.h \
+        sys/sysmacros.h \
+        sys/time.h \
+        sys/timers.h \
+        sys/un.h \
+        time.h \
+        tmpdir.h \
+        ttyent.h \
+        unistd.h \
+        usersec.h \
+        util.h \
+        utime.h \
+        utmp.h \
+        utmpx.h \
+        vis.h \
+)
 # sys/ptms.h requires sys/stream.h to be included first on Solaris
 AC_CHECK_HEADERS(sys/ptms.h, [], [], [
@@ -668,8 +831,8 @@ int main()
        if (a == 1 && b == 1 && c >= 4)
                exit(0);
-        /* 1.2.1.2 and up are OK */
+        /* 1.2.3 and up are OK */
-        if (v >= 1020102)
+        if (v >= 1020300)
                exit(0);
        exit(2);
@@ -683,7 +846,7 @@ Your reported zlib version has known security problems.  It's possible your
 vendor has fixed these problems without changing the version number.  If you
 are sure this is the case, you can disable the check by running
 "./configure --without-zlib-version-check".
-If you are in doubt, upgrade zlib to version 1.2.1.2 or greater.
+If you are in doubt, upgrade zlib to version 1.2.3 or greater.
 See http://www.gzip.org/zlib/ for details.])
          else
                AC_MSG_WARN([zlib version may have security problems])
@@ -884,6 +1047,21 @@ AC_ARG_WITH(libedit,
                        [ AC_MSG_ERROR(libedit not found) ],
                        [ -lcurses ]
                )
+                AC_MSG_CHECKING(if libedit version is compatible)
+                AC_COMPILE_IFELSE(
+                    [AC_LANG_SOURCE([[
+#include <histedit.h>
+int main(void)
+{
+        int i = H_SETSIZE;
+        el_init("", NULL, NULL, NULL);
+        exit(0);
+}
+                    ]])],
+                    [ AC_MSG_RESULT(yes) ],
+                    [ AC_MSG_RESULT(no)
+                      AC_MSG_ERROR(libedit version is not compatible) ]
+                )
        fi ]
 )
@@ -912,6 +1090,9 @@ AC_ARG_WITH(audit,
                AC_MSG_RESULT(debug)
                AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
                ;;
+          no)
+                AC_MSG_RESULT(no)
+                ;;
          *)
                AC_MSG_ERROR([Unknown audit module $withval])
                ;;
@@ -919,19 +1100,87 @@ AC_ARG_WITH(audit,
 )
 dnl    Checks for library functions. Please keep in alphabetical order
-AC_CHECK_FUNCS(\
+AC_CHECK_FUNCS( \
-        arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \
+        arc4random \
-        bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \
+        b64_ntop \
-        freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \
+        __b64_ntop \
-        getopt getpeereid _getpty getrlimit getttyent glob inet_aton \
+        b64_pton \
-        inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \
+        __b64_pton \
-        mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \
+        bcopy \
-        pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \
+        bindresvport_sa \
-        setdtablesize setegid setenv seteuid setgroups setlogin setpcred \
+        clock \
-        setproctitle setregid setreuid setrlimit \
+        closefrom \
-        setsid setvbuf sigaction sigvec snprintf socketpair strerror \
+        dirfd \
-        strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \
+        fchmod \
-        truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \
+        fchown \
+        freeaddrinfo \
+        futimes \
+        getaddrinfo \
+        getcwd \
+        getgrouplist \
+        getnameinfo \
+        getopt \
+        getpeereid \
+        _getpty \
+        getrlimit \
+        getttyent \
+        glob \
+        inet_aton \
+        inet_ntoa \
+        inet_ntop \
+        innetgr \
+        login_getcapbool \
+        md5_crypt \
+        memmove \
+        mkdtemp \
+        mmap \
+        ngetaddrinfo \
+        nsleep \
+        ogetaddrinfo \
+        openlog_r \
+        openpty \
+        prctl \
+        pstat \
+        readpassphrase \
+        realpath \
+        recvmsg \
+        rresvport_af \
+        sendmsg \
+        setdtablesize \
+        setegid \
+        setenv \
+        seteuid \
+        setgroups \
+        setlogin \
+        setpcred \
+        setproctitle \
+        setregid \
+        setreuid \
+        setrlimit \
+        setsid \
+        setvbuf \
+        sigaction \
+        sigvec \
+        snprintf \
+        socketpair \
+        strdup \
+        strerror \
+        strlcat \
+        strlcpy \
+        strmode \
+        strnvis \
+        strtonum \
+        strtoll \
+        strtoul \
+        sysconf \
+        tcgetpgrp \
+        truncate \
+        unsetenv \
+        updwtmpx \
+        utimes \
+        vhangup \
+        vsnprintf \
+        waitpid \
 )
 # IRIX has a const char return value for gai_strerror()
@@ -952,8 +1201,15 @@ str = gai_strerror(0);],[
 AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
 dnl Make sure prototypes are defined for these before using them.
-AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
 AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
+AC_CHECK_DECL(strsep,
+        [AC_CHECK_FUNCS(strsep)],
+        [],
+        [
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif
+        ])
 dnl tcsendbreak might be a macro
 AC_CHECK_DECL(tcsendbreak,
@@ -1477,6 +1733,7 @@ if test "x$check_for_libcrypt_later" = "x1"; then
        AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
 fi
+AC_CHECK_LIB(iaf, ia_openinfo)
 ### Configure cryptographic random number support
@@ -2410,6 +2667,9 @@ int main()
                         AC_MSG_RESULT(no)])
                    ])
                AC_CHECK_FUNCS(_getshort _getlong)
+                AC_CHECK_DECLS([_getshort, _getlong], , ,
+                    [#include <sys/types.h>
+                    #include <arpa/nameser.h>])
                AC_CHECK_MEMBER(HEADER.ad,
                        [AC_DEFINE(HAVE_HEADER_AD)],,
                        [#include <arpa/nameser.h>])
@@ -2525,7 +2785,6 @@ AC_ARG_WITH(kerberos5,
        LIBS="$LIBS $K5LIBS"
        AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
-        AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
        ]
 )
@@ -3164,6 +3423,10 @@ if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
        LIBS=`echo $LIBS | sed 's/-ldl //'`
 fi
+dnl Adding -Werror to CFLAGS early prevents configure tests from running.
+dnl Add now.
+CFLAGS="$CFLAGS $werror_flags"
 AC_EXEEXT
 AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
        scard/Makefile ssh_prng_cmds survey.sh])
author	Colin Watson <cjwatson@debian.org>	2005-09-14 12:45:47 +0000
committer	Colin Watson <cjwatson@debian.org>	2005-09-14 12:45:47 +0000
commit	9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch)
tree	d4ea8fdb30c7949c6433f5277c39548ea579d4dc /configure.ac
parent	ed07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff)
parent	16704d57999d987fb8d9ba53379841a79f016d67 (diff)

diff --git a/configure.ac b/configure.ac index c94df6d6f..849e2f771 100644 --- a/configure.ac +++ b/configure.ac
@@ -1,4 +1,4 @@
1	# $Id: configure.ac,v 1.260 2005/04/24 07:52:23 dtucker Exp $	1	# $Id: configure.ac,v 1.292 2005/08/31 16:59:49 tim Exp $
2	#	2	#
3	# Copyright (c) 1999-2004 Damien Miller	3	# Copyright (c) 1999-2004 Damien Miller
4	#	4	#
@@ -14,7 +14,7 @@
14	# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF	14	# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	15	# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16		16
17	AC_INIT(OpenSSH, Portable)	17	AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
18	AC_CONFIG_SRCDIR([ssh.c])	18	AC_CONFIG_SRCDIR([ssh.c])
19		19
20	AC_CONFIG_HEADER(config.h)	20	AC_CONFIG_HEADER(config.h)
@@ -77,8 +77,94 @@ fi
77	AC_SUBST(LD)	77	AC_SUBST(LD)
78		78
79	AC_C_INLINE	79	AC_C_INLINE
		80
		81	AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
		82
80	if test "$GCC" = "yes" \|\| test "$GCC" = "egcs"; then	83	if test "$GCC" = "yes" \|\| test "$GCC" = "egcs"; then
81	CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wno-uninitialized"	84	CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
		85	GCC_VER=`$CC --version`
		86	case $GCC_VER in
		87	1.*) ;;
		88	2.8* \| 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
		89	2.*) ;;
		90	*) CFLAGS="$CFLAGS -Wsign-compare" ;;
		91	esac
		92
		93	if test -z "$have_llong_max"; then
		94	# retry LLONG_MAX with -std=gnu99, needed on some Linuxes
		95	unset ac_cv_have_decl_LLONG_MAX
		96	saved_CFLAGS="$CFLAGS"
		97	CFLAGS="$CFLAGS -std=gnu99"
		98	AC_CHECK_DECL(LLONG_MAX,
		99	[have_llong_max=1],
		100	[CFLAGS="$saved_CFLAGS"],
		101	[#include <limits.h>]
		102	)
		103	fi
		104	fi
		105
		106	if test -z "$have_llong_max"; then
		107	AC_MSG_CHECKING([for max value of long long])
		108	AC_RUN_IFELSE(
		109	[AC_LANG_SOURCE([[
		110	#include <stdio.h>
		111	/* Why is this so damn hard? */
		112	#ifdef __GNUC__
		113	# undef __GNUC__
		114	#endif
		115	#define __USE_ISOC99
		116	#include <limits.h>
		117	#define DATA "conftest.llminmax"
		118	int main(void) {
		119	FILE *f;
		120	long long i, llmin, llmax = 0;
		121
		122	if((f = fopen(DATA,"w")) == NULL)
		123	exit(1);
		124
		125	#if defined(LLONG_MIN) && defined(LLONG_MAX)
		126	fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
		127	llmin = LLONG_MIN;
		128	llmax = LLONG_MAX;
		129	#else
		130	fprintf(stderr, "Calculating LLONG_MIN and LLONG_MAX\n");
		131	/* This will work on one's complement and two's complement */
		132	for (i = 1; i > llmax; i <<= 1, i++)
		133	llmax = i;
		134	llmin = llmax + 1LL; /* wrap */
		135	#endif
		136
		137	/* Sanity check */
		138	if (llmin + 1 < llmin \|\| llmin - 1 < llmin \|\| llmax + 1 > llmax
		139	\|\| llmax - 1 > llmax) {
		140	fprintf(f, "unknown unknown\n");
		141	exit(2);
		142	}
		143
		144	if (fprintf(f ,"%lld %lld", llmin, llmax) < 0)
		145	exit(3);
		146
		147	exit(0);
		148	}
		149	]])],
		150	[
		151	llong_min=`$AWK '{print $1}' conftest.llminmax`
		152	llong_max=`$AWK '{print $2}' conftest.llminmax`
		153	AC_MSG_RESULT($llong_max)
		154	AC_DEFINE_UNQUOTED(LLONG_MAX, [${llong_max}LL],
		155	[max value of long long calculated by configure])
		156	AC_MSG_CHECKING([for min value of long long])
		157	AC_MSG_RESULT($llong_min)
		158	AC_DEFINE_UNQUOTED(LLONG_MIN, [${llong_min}LL],
		159	[min value of long long calculated by configure])
		160	],
		161	[
		162	AC_MSG_RESULT(not found)
		163	],
		164	[
		165	AC_MSG_WARN([cross compiling: not checking])
		166	]
		167	)
82	fi	168	fi
83		169
84	AC_ARG_WITH(rpath,	170	AC_ARG_WITH(rpath,
@@ -181,51 +267,43 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
181	AC_DEFINE(BROKEN_SETREGID)	267	AC_DEFINE(BROKEN_SETREGID)
182	AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)	268	AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1)
183	;;	269	;;
184	--hpux10.26)	270	--hpux*)
185	if test -z "$GCC"; then	271	# first we define all of the options common to all HP-UX releases
186	CFLAGS="$CFLAGS -Ae"
187	fi
188	CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
189	IPADDR_IN_DISPLAY=yes
190	AC_DEFINE(HAVE_SECUREWARE)
191	AC_DEFINE(USE_PIPES)
192	AC_DEFINE(LOGIN_NO_ENDOPT)
193	AC_DEFINE(LOGIN_NEEDS_UTMPX)
194	AC_DEFINE(LOCKED_PASSWD_STRING, "*")
195	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
196	LIBS="$LIBS -lsec -lsecpw"
197	AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([* -lxnet needed on HP-UX - check config.log *]))
198	disable_ptmx_check=yes
199	;;
200	--hpux10*)
201	if test -z "$GCC"; then
202	CFLAGS="$CFLAGS -Ae"
203	fi
204	CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
205	IPADDR_IN_DISPLAY=yes
206	AC_DEFINE(USE_PIPES)
207	AC_DEFINE(LOGIN_NO_ENDOPT)
208	AC_DEFINE(LOGIN_NEEDS_UTMPX)
209	AC_DEFINE(LOCKED_PASSWD_STRING, "*")
210	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
211	LIBS="$LIBS -lsec"
212	AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([* -lxnet needed on HP-UX - check config.log *]))
213	;;
214	--hpux11*)
215	CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"	272	CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
216	IPADDR_IN_DISPLAY=yes	273	IPADDR_IN_DISPLAY=yes
217	AC_DEFINE(PAM_SUN_CODEBASE)
218	AC_DEFINE(USE_PIPES)	274	AC_DEFINE(USE_PIPES)
219	AC_DEFINE(LOGIN_NO_ENDOPT)	275	AC_DEFINE(LOGIN_NO_ENDOPT)
220	AC_DEFINE(LOGIN_NEEDS_UTMPX)	276	AC_DEFINE(LOGIN_NEEDS_UTMPX)
221	AC_DEFINE(DISABLE_UTMP)
222	AC_DEFINE(LOCKED_PASSWD_STRING, "*")	277	AC_DEFINE(LOCKED_PASSWD_STRING, "*")
223	AC_DEFINE(SPT_TYPE,SPT_PSTAT)	278	AC_DEFINE(SPT_TYPE,SPT_PSTAT)
224	AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
225	check_for_hpux_broken_getaddrinfo=1
226	check_for_conflicting_getspnam=1
227	LIBS="$LIBS -lsec"	279	LIBS="$LIBS -lsec"
228	AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([* -lxnet needed on HP-UX - check config.log *]))	280	AC_CHECK_LIB(xnet, t_error, ,
		281	AC_MSG_ERROR([* -lxnet needed on HP-UX - check config.log *]))
		282
		283	# next, we define all of the options specific to major releases
		284	case "$host" in
		285	--hpux10*)
		286	if test -z "$GCC"; then
		287	CFLAGS="$CFLAGS -Ae"
		288	fi
		289	;;
		290	--hpux11*)
		291	AC_DEFINE(PAM_SUN_CODEBASE)
		292	AC_DEFINE(DISABLE_UTMP)
		293	AC_DEFINE(USE_BTMP, 1, [Use btmp to log bad logins])
		294	check_for_hpux_broken_getaddrinfo=1
		295	check_for_conflicting_getspnam=1
		296	;;
		297	esac
		298
		299	# lastly, we define options specific to minor releases
		300	case "$host" in
		301	--hpux10.26)
		302	AC_DEFINE(HAVE_SECUREWARE)
		303	disable_ptmx_check=yes
		304	LIBS="$LIBS -lsecpw"
		305	;;
		306	esac
229	;;	307	;;
230	--irix5*)	308	--irix5*)
231	PATH="$PATH:/usr/etc"	309	PATH="$PATH:/usr/etc"
@@ -277,7 +355,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
277	esac	355	esac
278	;;	356	;;
279	mips-sony-bsd\|mips-sony-newsos4)	357	mips-sony-bsd\|mips-sony-newsos4)
280	AC_DEFINE(HAVE_NEWS4)	358	AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
281	SONY=1	359	SONY=1
282	;;	360	;;
283	--netbsd*)	361	--netbsd*)
@@ -304,6 +382,9 @@ mips-sony-bsd\|mips-sony-newsos4)
304	AC_DEFINE(USE_PIPES)	382	AC_DEFINE(USE_PIPES)
305	AC_DEFINE(BROKEN_SAVED_UIDS)	383	AC_DEFINE(BROKEN_SAVED_UIDS)
306	;;	384	;;
		385	--openbsd*)
		386	AC_DEFINE(HAVE_ATTRIBUTE__SENTINEL__, 1, [OpenBSD's gcc has sentinel])
		387	;;
307	--solaris*)	388	--solaris*)
308	if test "x$withval" != "xno" ; then	389	if test "x$withval" != "xno" ; then
309	need_dash_r=1	390	need_dash_r=1
@@ -373,11 +454,19 @@ mips-sony-bsd\|mips-sony-newsos4)
373	;;	454	;;
374	# UnixWare 7.x, OpenUNIX 8	455	# UnixWare 7.x, OpenUNIX 8
375	--sysv5*)	456	--sysv5*)
		457	check_for_libcrypt_later=1
		458	AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
376	AC_DEFINE(USE_PIPES)	459	AC_DEFINE(USE_PIPES)
377	AC_DEFINE(SETEUID_BREAKS_SETUID)	460	AC_DEFINE(SETEUID_BREAKS_SETUID)
378	AC_DEFINE(BROKEN_SETREUID)	461	AC_DEFINE(BROKEN_SETREUID)
379	AC_DEFINE(BROKEN_SETREGID)	462	AC_DEFINE(BROKEN_SETREGID)
380	AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])	463	AC_DEFINE(PASSWD_NEEDS_USERNAME, 1, [must supply username to passwd])
		464	case "$host" in
		465	--sysv5SCO_SV*) # SCO OpenServer 6.x
		466	TEST_SHELL=/u95/bin/sh
		467	AC_DEFINE(BROKEN_LIBIAF, 1, [ia_uinfo routines not supported by OS yet])
		468	;;
		469	esac
381	;;	470	;;
382	--sysv*)	471	--sysv*)
383	;;	472	;;
@@ -476,6 +565,19 @@ mips-sony-bsd\|mips-sony-newsos4)
476	AC_DEFINE(MISSING_HOWMANY)	565	AC_DEFINE(MISSING_HOWMANY)
477	AC_DEFINE(MISSING_FD_MASK)	566	AC_DEFINE(MISSING_FD_MASK)
478	;;	567	;;
		568
		569	--ultrix*)
		570	AC_DEFINE(BROKEN_GETGROUPS, [], [getgroups(0,NULL) will return -1])
		571	AC_DEFINE(BROKEN_MMAP, [], [Ultrix mmap can't map files])
		572	AC_DEFINE(NEED_SETPRGP, [], [Need setpgrp to acquire controlling tty])
		573	AC_DEFINE(HAVE_SYS_SYSLOG_H, 1, [Force use of sys/syslog.h on Ultrix])
		574	;;
		575
		576	--lynxos)
		577	CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
		578	AC_DEFINE(MISSING_HOWMANY)
		579	AC_DEFINE(BROKEN_SETVBUF, 1, [LynxOS has broken setvbuf() implementation])
		580	;;
479	esac	581	esac
480		582
481	# Allow user to specify flags	583	# Allow user to specify flags
@@ -515,6 +617,17 @@ AC_ARG_WITH(libs,
515	fi	617	fi
516	]	618	]
517	)	619	)
		620	AC_ARG_WITH(Werror,
		621	[ --with-Werror Build main code with -Werror],
		622	[
		623	if test -n "$withval" && test "x$withval" != "xno"; then
		624	werror_flags="-Werror"
		625	if "x${withval}" != "xyes"; then
		626	werror_flags="$withval"
		627	fi
		628	fi
		629	]
		630	)
518		631
519	AC_MSG_CHECKING(compiler and flags for sanity)	632	AC_MSG_CHECKING(compiler and flags for sanity)
520	AC_RUN_IFELSE(	633	AC_RUN_IFELSE(
@@ -530,17 +643,67 @@ int main(){exit(0);}
530	[ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]	643	[ AC_MSG_WARN([cross compiling: not checking compiler sanity]) ]
531	)	644	)
532		645
533	# Checks for header files.	646	dnl Checks for header files.
534	AC_CHECK_HEADERS(bstring.h crypt.h dirent.h endian.h features.h \	647	AC_CHECK_HEADERS( \
535	floatingpoint.h getopt.h glob.h ia.h lastlog.h limits.h login.h \	648	bstring.h \
536	login_cap.h maillock.h ndir.h netdb.h netgroup.h \	649	crypt.h \
537	netinet/in_systm.h pam/pam_appl.h paths.h pty.h readpassphrase.h \	650	dirent.h \
538	rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \	651	endian.h \
539	strings.h sys/dir.h sys/strtio.h sys/audit.h sys/bitypes.h \	652	features.h \
540	sys/bsdtty.h sys/cdefs.h sys/mman.h sys/ndir.h sys/prctl.h \	653	floatingpoint.h \
541	sys/pstat.h sys/select.h sys/stat.h sys/stream.h \	654	getopt.h \
542	sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h sys/un.h \	655	glob.h \
543	time.h tmpdir.h ttyent.h usersec.h util.h utime.h utmp.h utmpx.h vis.h)	656	ia.h \
		657	iaf.h \
		658	lastlog.h \
		659	limits.h \
		660	login.h \
		661	login_cap.h \
		662	maillock.h \
		663	ndir.h \
		664	netdb.h \
		665	netgroup.h \
		666	netinet/in_systm.h \
		667	pam/pam_appl.h \
		668	paths.h \
		669	pty.h \
		670	readpassphrase.h \
		671	rpc/types.h \
		672	security/pam_appl.h \
		673	shadow.h \
		674	stddef.h \
		675	stdint.h \
		676	string.h \
		677	strings.h \
		678	sys/audit.h \
		679	sys/bitypes.h \
		680	sys/bsdtty.h \
		681	sys/cdefs.h \
		682	sys/dir.h \
		683	sys/mman.h \
		684	sys/ndir.h \
		685	sys/prctl.h \
		686	sys/pstat.h \
		687	sys/select.h \
		688	sys/stat.h \
		689	sys/stream.h \
		690	sys/stropts.h \
		691	sys/strtio.h \
		692	sys/sysmacros.h \
		693	sys/time.h \
		694	sys/timers.h \
		695	sys/un.h \
		696	time.h \
		697	tmpdir.h \
		698	ttyent.h \
		699	unistd.h \
		700	usersec.h \
		701	util.h \
		702	utime.h \
		703	utmp.h \
		704	utmpx.h \
		705	vis.h \
		706	)
544		707
545	# sys/ptms.h requires sys/stream.h to be included first on Solaris	708	# sys/ptms.h requires sys/stream.h to be included first on Solaris
546	AC_CHECK_HEADERS(sys/ptms.h, [], [], [	709	AC_CHECK_HEADERS(sys/ptms.h, [], [], [
@@ -668,8 +831,8 @@ int main()
668	if (a == 1 && b == 1 && c >= 4)	831	if (a == 1 && b == 1 && c >= 4)
669	exit(0);	832	exit(0);
670		833
671	/* 1.2.1.2 and up are OK */	834	/* 1.2.3 and up are OK */
672	if (v >= 1020102)	835	if (v >= 1020300)
673	exit(0);	836	exit(0);
674		837
675	exit(2);	838	exit(2);
@@ -683,7 +846,7 @@ Your reported zlib version has known security problems. It's possible your
683	vendor has fixed these problems without changing the version number. If you	846	vendor has fixed these problems without changing the version number. If you
684	are sure this is the case, you can disable the check by running	847	are sure this is the case, you can disable the check by running
685	"./configure --without-zlib-version-check".	848	"./configure --without-zlib-version-check".
686	If you are in doubt, upgrade zlib to version 1.2.1.2 or greater.	849	If you are in doubt, upgrade zlib to version 1.2.3 or greater.
687	See http://www.gzip.org/zlib/ for details.])	850	See http://www.gzip.org/zlib/ for details.])
688	else	851	else
689	AC_MSG_WARN([zlib version may have security problems])	852	AC_MSG_WARN([zlib version may have security problems])
@@ -884,6 +1047,21 @@ AC_ARG_WITH(libedit,
884	[ AC_MSG_ERROR(libedit not found) ],	1047	[ AC_MSG_ERROR(libedit not found) ],
885	[ -lcurses ]	1048	[ -lcurses ]
886	)	1049	)
		1050	AC_MSG_CHECKING(if libedit version is compatible)
		1051	AC_COMPILE_IFELSE(
		1052	[AC_LANG_SOURCE([[
		1053	#include <histedit.h>
		1054	int main(void)
		1055	{
		1056	int i = H_SETSIZE;
		1057	el_init("", NULL, NULL, NULL);
		1058	exit(0);
		1059	}
		1060	]])],
		1061	[ AC_MSG_RESULT(yes) ],
		1062	[ AC_MSG_RESULT(no)
		1063	AC_MSG_ERROR(libedit version is not compatible) ]
		1064	)
887	fi ]	1065	fi ]
888	)	1066	)
889		1067
@@ -912,6 +1090,9 @@ AC_ARG_WITH(audit,
912	AC_MSG_RESULT(debug)	1090	AC_MSG_RESULT(debug)
913	AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)	1091	AC_DEFINE(SSH_AUDIT_EVENTS, [], Use audit debugging module)
914	;;	1092	;;
		1093	no)
		1094	AC_MSG_RESULT(no)
		1095	;;
915	*)	1096	*)
916	AC_MSG_ERROR([Unknown audit module $withval])	1097	AC_MSG_ERROR([Unknown audit module $withval])
917	;;	1098	;;
@@ -919,19 +1100,87 @@ AC_ARG_WITH(audit,
919	)	1100	)
920		1101
921	dnl Checks for library functions. Please keep in alphabetical order	1102	dnl Checks for library functions. Please keep in alphabetical order
922	AC_CHECK_FUNCS(\	1103	AC_CHECK_FUNCS( \
923	arc4random __b64_ntop b64_ntop __b64_pton b64_pton bcopy \	1104	arc4random \
924	bindresvport_sa clock closefrom dirfd fchdir fchmod fchown \	1105	b64_ntop \
925	freeaddrinfo futimes getaddrinfo getcwd getgrouplist getnameinfo \	1106	__b64_ntop \
926	getopt getpeereid _getpty getrlimit getttyent glob inet_aton \	1107	b64_pton \
927	inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \	1108	__b64_pton \
928	mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \	1109	bcopy \
929	pstat prctl readpassphrase realpath recvmsg rresvport_af sendmsg \	1110	bindresvport_sa \
930	setdtablesize setegid setenv seteuid setgroups setlogin setpcred \	1111	clock \
931	setproctitle setregid setreuid setrlimit \	1112	closefrom \
932	setsid setvbuf sigaction sigvec snprintf socketpair strerror \	1113	dirfd \
933	strlcat strlcpy strmode strnvis strtoul sysconf tcgetpgrp \	1114	fchmod \
934	truncate unsetenv updwtmpx utimes vhangup vsnprintf waitpid \	1115	fchown \
		1116	freeaddrinfo \
		1117	futimes \
		1118	getaddrinfo \
		1119	getcwd \
		1120	getgrouplist \
		1121	getnameinfo \
		1122	getopt \
		1123	getpeereid \
		1124	_getpty \
		1125	getrlimit \
		1126	getttyent \
		1127	glob \
		1128	inet_aton \
		1129	inet_ntoa \
		1130	inet_ntop \
		1131	innetgr \
		1132	login_getcapbool \
		1133	md5_crypt \
		1134	memmove \
		1135	mkdtemp \
		1136	mmap \
		1137	ngetaddrinfo \
		1138	nsleep \
		1139	ogetaddrinfo \
		1140	openlog_r \
		1141	openpty \
		1142	prctl \
		1143	pstat \
		1144	readpassphrase \
		1145	realpath \
		1146	recvmsg \
		1147	rresvport_af \
		1148	sendmsg \
		1149	setdtablesize \
		1150	setegid \
		1151	setenv \
		1152	seteuid \
		1153	setgroups \
		1154	setlogin \
		1155	setpcred \
		1156	setproctitle \
		1157	setregid \
		1158	setreuid \
		1159	setrlimit \
		1160	setsid \
		1161	setvbuf \
		1162	sigaction \
		1163	sigvec \
		1164	snprintf \
		1165	socketpair \
		1166	strdup \
		1167	strerror \
		1168	strlcat \
		1169	strlcpy \
		1170	strmode \
		1171	strnvis \
		1172	strtonum \
		1173	strtoll \
		1174	strtoul \
		1175	sysconf \
		1176	tcgetpgrp \
		1177	truncate \
		1178	unsetenv \
		1179	updwtmpx \
		1180	utimes \
		1181	vhangup \
		1182	vsnprintf \
		1183	waitpid \
935	)	1184	)
936		1185
937	# IRIX has a const char return value for gai_strerror()	1186	# IRIX has a const char return value for gai_strerror()
@@ -952,8 +1201,15 @@ str = gai_strerror(0);],[
952	AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))	1201	AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP))
953		1202
954	dnl Make sure prototypes are defined for these before using them.	1203	dnl Make sure prototypes are defined for these before using them.
955	AC_CHECK_DECL(strsep, [AC_CHECK_FUNCS(strsep)])
956	AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])	1204	AC_CHECK_DECL(getrusage, [AC_CHECK_FUNCS(getrusage)])
		1205	AC_CHECK_DECL(strsep,
		1206	[AC_CHECK_FUNCS(strsep)],
		1207	[],
		1208	[
		1209	#ifdef HAVE_STRING_H
		1210	# include <string.h>
		1211	#endif
		1212	])
957		1213
958	dnl tcsendbreak might be a macro	1214	dnl tcsendbreak might be a macro
959	AC_CHECK_DECL(tcsendbreak,	1215	AC_CHECK_DECL(tcsendbreak,
@@ -1477,6 +1733,7 @@ if test "x$check_for_libcrypt_later" = "x1"; then
1477	AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")	1733	AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
1478	fi	1734	fi
1479		1735
		1736	AC_CHECK_LIB(iaf, ia_openinfo)
1480		1737
1481	### Configure cryptographic random number support	1738	### Configure cryptographic random number support
1482		1739
@@ -2410,6 +2667,9 @@ int main()
2410	AC_MSG_RESULT(no)])	2667	AC_MSG_RESULT(no)])
2411	])	2668	])
2412	AC_CHECK_FUNCS(_getshort _getlong)	2669	AC_CHECK_FUNCS(_getshort _getlong)
		2670	AC_CHECK_DECLS([_getshort, _getlong], , ,
		2671	[#include <sys/types.h>
		2672	#include <arpa/nameser.h>])
2413	AC_CHECK_MEMBER(HEADER.ad,	2673	AC_CHECK_MEMBER(HEADER.ad,
2414	[AC_DEFINE(HAVE_HEADER_AD)],,	2674	[AC_DEFINE(HAVE_HEADER_AD)],,
2415	[#include <arpa/nameser.h>])	2675	[#include <arpa/nameser.h>])
@@ -2525,7 +2785,6 @@ AC_ARG_WITH(kerberos5,
2525		2785
2526	LIBS="$LIBS $K5LIBS"	2786	LIBS="$LIBS $K5LIBS"
2527	AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))	2787	AC_SEARCH_LIBS(k_hasafs, kafs, AC_DEFINE(USE_AFS))
2528	AC_SEARCH_LIBS(krb5_init_ets, $K5LIBS, AC_DEFINE(KRB5_INIT_ETS))
2529	]	2788	]
2530	)	2789	)
2531		2790
@@ -3164,6 +3423,10 @@ if test "$ac_cv_lib_pam_pam_set_item" = yes ; then
3164	LIBS=`echo $LIBS \| sed 's/-ldl //'`	3423	LIBS=`echo $LIBS \| sed 's/-ldl //'`
3165	fi	3424	fi
3166		3425
		3426	dnl Adding -Werror to CFLAGS early prevents configure tests from running.
		3427	dnl Add now.
		3428	CFLAGS="$CFLAGS $werror_flags"
		3429
3167	AC_EXEEXT	3430	AC_EXEEXT
3168	AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \	3431	AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openbsd-compat/Makefile \
3169	scard/Makefile ssh_prng_cmds survey.sh])	3432	scard/Makefile ssh_prng_cmds survey.sh])