summaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac75
1 files changed, 63 insertions, 12 deletions
diff --git a/configure.ac b/configure.ac
index eec2b727c..c978c1104 100644
--- a/configure.ac
+++ b/configure.ac
@@ -140,7 +140,7 @@ else
140fi 140fi
141 141
142AC_ARG_WITH([ssh1], 142AC_ARG_WITH([ssh1],
143 [ --without-ssh1 Enable support for SSH protocol 1], 143 [ --with-ssh1 Enable support for SSH protocol 1],
144 [ 144 [
145 if test "x$withval" = "xyes" ; then 145 if test "x$withval" = "xyes" ; then
146 if test "x$openssl" = "xno" ; then 146 if test "x$openssl" = "xno" ; then
@@ -469,6 +469,11 @@ AC_CHECK_HEADERS([sys/un.h], [], [], [
469SIA_MSG="no" 469SIA_MSG="no"
470SPC_MSG="no" 470SPC_MSG="no"
471SP_MSG="no" 471SP_MSG="no"
472SPP_MSG="no"
473
474# Support for Solaris/Illumos privileges (this test is used by both
475# the --with-solaris-privs option and --with-sandbox=solaris).
476SOLARIS_PRIVS="no"
472 477
473# Check for some target-specific stuff 478# Check for some target-specific stuff
474case "$host" in 479case "$host" in
@@ -575,6 +580,8 @@ case "$host" in
575 LIBS="$LIBS /usr/lib/textreadmode.o" 580 LIBS="$LIBS /usr/lib/textreadmode.o"
576 AC_DEFINE([HAVE_CYGWIN], [1], [Define if you are on Cygwin]) 581 AC_DEFINE([HAVE_CYGWIN], [1], [Define if you are on Cygwin])
577 AC_DEFINE([USE_PIPES], [1], [Use PIPES instead of a socketpair()]) 582 AC_DEFINE([USE_PIPES], [1], [Use PIPES instead of a socketpair()])
583 AC_DEFINE([NO_UID_RESTORATION_TEST], [1],
584 [Define to disable UID restoration test])
578 AC_DEFINE([DISABLE_SHADOW], [1], 585 AC_DEFINE([DISABLE_SHADOW], [1],
579 [Define if you want to disable shadow passwords]) 586 [Define if you want to disable shadow passwords])
580 AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], 587 AC_DEFINE([NO_X11_UNIX_SOCKETS], [1],
@@ -661,6 +668,9 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
661 supported by bsd-setproctitle.c]) 668 supported by bsd-setproctitle.c])
662 AC_CHECK_FUNCS([sandbox_init]) 669 AC_CHECK_FUNCS([sandbox_init])
663 AC_CHECK_HEADERS([sandbox.h]) 670 AC_CHECK_HEADERS([sandbox.h])
671 AC_CHECK_LIB([sandbox], [sandbox_apply], [
672 SSHDLIBS="$SSHDLIBS -lsandbox"
673 ])
664 ;; 674 ;;
665*-*-dragonfly*) 675*-*-dragonfly*)
666 SSHDLIBS="$SSHDLIBS -lcrypt" 676 SSHDLIBS="$SSHDLIBS -lcrypt"
@@ -913,13 +923,16 @@ mips-sony-bsd|mips-sony-newsos4)
913 else 923 else
914 AC_MSG_RESULT([no]) 924 AC_MSG_RESULT([no])
915 fi 925 fi
926 AC_CHECK_FUNCS([setppriv])
927 AC_CHECK_FUNCS([priv_basicset])
928 AC_CHECK_HEADERS([priv.h])
916 AC_ARG_WITH([solaris-contracts], 929 AC_ARG_WITH([solaris-contracts],
917 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 930 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
918 [ 931 [
919 AC_CHECK_LIB([contract], [ct_tmpl_activate], 932 AC_CHECK_LIB([contract], [ct_tmpl_activate],
920 [ AC_DEFINE([USE_SOLARIS_PROCESS_CONTRACTS], [1], 933 [ AC_DEFINE([USE_SOLARIS_PROCESS_CONTRACTS], [1],
921 [Define if you have Solaris process contracts]) 934 [Define if you have Solaris process contracts])
922 SSHDLIBS="$SSHDLIBS -lcontract" 935 LIBS="$LIBS -lcontract"
923 SPC_MSG="yes" ], ) 936 SPC_MSG="yes" ], )
924 ], 937 ],
925 ) 938 )
@@ -929,10 +942,29 @@ mips-sony-bsd|mips-sony-newsos4)
929 AC_CHECK_LIB([project], [setproject], 942 AC_CHECK_LIB([project], [setproject],
930 [ AC_DEFINE([USE_SOLARIS_PROJECTS], [1], 943 [ AC_DEFINE([USE_SOLARIS_PROJECTS], [1],
931 [Define if you have Solaris projects]) 944 [Define if you have Solaris projects])
932 SSHDLIBS="$SSHDLIBS -lproject" 945 LIBS="$LIBS -lproject"
933 SP_MSG="yes" ], ) 946 SP_MSG="yes" ], )
934 ], 947 ],
935 ) 948 )
949 AC_ARG_WITH([solaris-privs],
950 [ --with-solaris-privs Enable Solaris/Illumos privileges (experimental)],
951 [
952 AC_MSG_CHECKING([for Solaris/Illumos privilege support])
953 if test "x$ac_cv_func_setppriv" = "xyes" -a \
954 "x$ac_cv_header_priv_h" = "xyes" ; then
955 SOLARIS_PRIVS=yes
956 AC_MSG_RESULT([found])
957 AC_DEFINE([NO_UID_RESTORATION_TEST], [1],
958 [Define to disable UID restoration test])
959 AC_DEFINE([USE_SOLARIS_PRIVS], [1],
960 [Define if you have Solaris privileges])
961 SPP_MSG="yes"
962 else
963 AC_MSG_RESULT([not found])
964 AC_MSG_ERROR([*** must have support for Solaris privileges to use --with-solaris-privs])
965 fi
966 ],
967 )
936 TEST_SHELL=$SHELL # let configure find us a capable shell 968 TEST_SHELL=$SHELL # let configure find us a capable shell
937 ;; 969 ;;
938*-*-sunos4*) 970*-*-sunos4*)
@@ -1146,7 +1178,6 @@ AC_RUN_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], [[ exit(0); ]])],
1146 1178
1147dnl Checks for header files. 1179dnl Checks for header files.
1148# Checks for libraries. 1180# Checks for libraries.
1149AC_CHECK_FUNC([yp_match], , [AC_CHECK_LIB([nsl], [yp_match])])
1150AC_CHECK_FUNC([setsockopt], , [AC_CHECK_LIB([socket], [setsockopt])]) 1181AC_CHECK_FUNC([setsockopt], , [AC_CHECK_LIB([socket], [setsockopt])])
1151 1182
1152dnl IRIX and Solaris 2.5.1 have dirname() in libgen 1183dnl IRIX and Solaris 2.5.1 have dirname() in libgen
@@ -1310,8 +1341,10 @@ AC_SEARCH_LIBS([openpty], [util bsd])
1310AC_SEARCH_LIBS([updwtmp], [util bsd]) 1341AC_SEARCH_LIBS([updwtmp], [util bsd])
1311AC_CHECK_FUNCS([fmt_scaled scan_scaled login logout openpty updwtmp logwtmp]) 1342AC_CHECK_FUNCS([fmt_scaled scan_scaled login logout openpty updwtmp logwtmp])
1312 1343
1313# On some platforms, inet_ntop may be found in libresolv or libnsl. 1344# On some platforms, inet_ntop and gethostbyname may be found in libresolv
1345# or libnsl.
1314AC_SEARCH_LIBS([inet_ntop], [resolv nsl]) 1346AC_SEARCH_LIBS([inet_ntop], [resolv nsl])
1347AC_SEARCH_LIBS([gethostbyname], [resolv nsl])
1315 1348
1316AC_FUNC_STRFTIME 1349AC_FUNC_STRFTIME
1317 1350
@@ -1749,6 +1782,7 @@ AC_CHECK_FUNCS([ \
1749 nsleep \ 1782 nsleep \
1750 ogetaddrinfo \ 1783 ogetaddrinfo \
1751 openlog_r \ 1784 openlog_r \
1785 pledge \
1752 poll \ 1786 poll \
1753 prctl \ 1787 prctl \
1754 pstat \ 1788 pstat \
@@ -2389,10 +2423,10 @@ openssl_engine=no
2389AC_ARG_WITH([ssl-engine], 2423AC_ARG_WITH([ssl-engine],
2390 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2424 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2391 [ 2425 [
2392 if test "x$openssl" = "xno" ; then
2393 AC_MSG_ERROR([cannot use --with-ssl-engine when OpenSSL disabled])
2394 fi
2395 if test "x$withval" != "xno" ; then 2426 if test "x$withval" != "xno" ; then
2427 if test "x$openssl" = "xno" ; then
2428 AC_MSG_ERROR([cannot use --with-ssl-engine when OpenSSL disabled])
2429 fi
2396 openssl_engine=yes 2430 openssl_engine=yes
2397 fi 2431 fi
2398 ] 2432 ]
@@ -2425,6 +2459,7 @@ if test "x$openssl" = "xyes" ; then
2425 AC_MSG_CHECKING([OpenSSL header version]) 2459 AC_MSG_CHECKING([OpenSSL header version])
2426 AC_RUN_IFELSE( 2460 AC_RUN_IFELSE(
2427 [AC_LANG_PROGRAM([[ 2461 [AC_LANG_PROGRAM([[
2462 #include <stdlib.h>
2428 #include <stdio.h> 2463 #include <stdio.h>
2429 #include <string.h> 2464 #include <string.h>
2430 #include <openssl/opensslv.h> 2465 #include <openssl/opensslv.h>
@@ -2437,7 +2472,8 @@ if test "x$openssl" = "xyes" ; then
2437 if(fd == NULL) 2472 if(fd == NULL)
2438 exit(1); 2473 exit(1);
2439 2474
2440 if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 2475 if ((rc = fprintf(fd ,"%08lx (%s)\n",
2476 (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
2441 exit(1); 2477 exit(1);
2442 2478
2443 exit(0); 2479 exit(0);
@@ -2504,6 +2540,7 @@ if test "x$openssl" = "xyes" ; then
2504 [AC_LANG_PROGRAM([[ 2540 [AC_LANG_PROGRAM([[
2505 #include <string.h> 2541 #include <string.h>
2506 #include <openssl/opensslv.h> 2542 #include <openssl/opensslv.h>
2543 #include <openssl/crypto.h>
2507 ]], [[ 2544 ]], [[
2508 exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); 2545 exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1);
2509 ]])], 2546 ]])],
@@ -3078,7 +3115,7 @@ fi
3078# Decide which sandbox style to use 3115# Decide which sandbox style to use
3079sandbox_arg="" 3116sandbox_arg=""
3080AC_ARG_WITH([sandbox], 3117AC_ARG_WITH([sandbox],
3081 [ --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter, capsicum)], 3118 [ --with-sandbox=style Specify privilege separation sandbox (no, capsicum, darwin, rlimit, seccomp_filter, systrace, pledge)],
3082 [ 3119 [
3083 if test "x$withval" = "xyes" ; then 3120 if test "x$withval" = "xyes" ; then
3084 sandbox_arg="" 3121 sandbox_arg=""
@@ -3174,7 +3211,13 @@ AC_RUN_IFELSE(
3174 [AC_MSG_WARN([cross compiling: assuming yes])] 3211 [AC_MSG_WARN([cross compiling: assuming yes])]
3175) 3212)
3176 3213
3177if test "x$sandbox_arg" = "xsystrace" || \ 3214if test "x$sandbox_arg" = "xpledge" || \
3215 ( test -z "$sandbox_arg" && test "x$ac_cv_func_pledge" = "xyes" ) ; then
3216 test "x$ac_cv_func_pledge" != "xyes" && \
3217 AC_MSG_ERROR([pledge sandbox requires pledge(2) support])
3218 SANDBOX_STYLE="pledge"
3219 AC_DEFINE([SANDBOX_PLEDGE], [1], [Sandbox using pledge(2)])
3220elif test "x$sandbox_arg" = "xsystrace" || \
3178 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then 3221 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then
3179 test "x$have_systr_policy_kill" != "x1" && \ 3222 test "x$have_systr_policy_kill" != "x1" && \
3180 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support]) 3223 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support])
@@ -3227,6 +3270,10 @@ elif test "x$sandbox_arg" = "xrlimit" || \
3227 AC_MSG_ERROR([rlimit sandbox requires select to work with rlimit]) 3270 AC_MSG_ERROR([rlimit sandbox requires select to work with rlimit])
3228 SANDBOX_STYLE="rlimit" 3271 SANDBOX_STYLE="rlimit"
3229 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)]) 3272 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)])
3273elif test "x$sandbox_arg" = "xsolaris" || \
3274 ( test -z "$sandbox_arg" && test "x$SOLARIS_PRIVS" = "xyes" ) ; then
3275 SANDBOX_STYLE="solaris"
3276 AC_DEFINE([SANDBOX_SOLARIS], [1], [Sandbox using Solaris/Illumos privileges])
3230elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ 3277elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \
3231 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then 3278 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then
3232 SANDBOX_STYLE="none" 3279 SANDBOX_STYLE="none"
@@ -4050,7 +4097,10 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([[
4050#include <arpa/nameser.h> 4097#include <arpa/nameser.h>
4051#include <resolv.h> 4098#include <resolv.h>
4052extern struct __res_state _res; 4099extern struct __res_state _res;
4053 ]], [[ ]])], 4100 ]], [[
4101struct __res_state *volatile p = &_res; /* force resolution of _res */
4102return 0;
4103 ]],)],
4054 [AC_MSG_RESULT([yes]) 4104 [AC_MSG_RESULT([yes])
4055 AC_DEFINE([HAVE__RES_EXTERN], [1], 4105 AC_DEFINE([HAVE__RES_EXTERN], [1],
4056 [Define if you have struct __res_state _res as an extern]) 4106 [Define if you have struct __res_state _res as an extern])
@@ -5037,6 +5087,7 @@ echo " MD5 password support: $MD5_MSG"
5037echo " libedit support: $LIBEDIT_MSG" 5087echo " libedit support: $LIBEDIT_MSG"
5038echo " Solaris process contract support: $SPC_MSG" 5088echo " Solaris process contract support: $SPC_MSG"
5039echo " Solaris project support: $SP_MSG" 5089echo " Solaris project support: $SP_MSG"
5090echo " Solaris privilege support: $SPP_MSG"
5040echo " systemd support: $SYSTEMD_MSG" 5091echo " systemd support: $SYSTEMD_MSG"
5041echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 5092echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
5042echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 5093echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-29 21:19:46 +0000