diff options
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 85 |
1 files changed, 63 insertions, 22 deletions
diff --git a/configure.ac b/configure.ac index 86692714b..f5c65c5a4 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.571 2014/02/21 17:09:34 tim Exp $ | 1 | # $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -15,7 +15,7 @@ | |||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) | 17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) |
18 | AC_REVISION($Revision: 1.571 $) | 18 | AC_REVISION($Revision: 1.583 $) |
19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
20 | AC_LANG([C]) | 20 | AC_LANG([C]) |
21 | 21 | ||
@@ -1655,10 +1655,6 @@ AC_CHECK_FUNCS([ \ | |||
1655 | Blowfish_expandstate \ | 1655 | Blowfish_expandstate \ |
1656 | Blowfish_expand0state \ | 1656 | Blowfish_expand0state \ |
1657 | Blowfish_stream2word \ | 1657 | Blowfish_stream2word \ |
1658 | arc4random \ | ||
1659 | arc4random_buf \ | ||
1660 | arc4random_stir \ | ||
1661 | arc4random_uniform \ | ||
1662 | asprintf \ | 1658 | asprintf \ |
1663 | b64_ntop \ | 1659 | b64_ntop \ |
1664 | __b64_ntop \ | 1660 | __b64_ntop \ |
@@ -1702,6 +1698,7 @@ AC_CHECK_FUNCS([ \ | |||
1702 | mblen \ | 1698 | mblen \ |
1703 | md5_crypt \ | 1699 | md5_crypt \ |
1704 | memmove \ | 1700 | memmove \ |
1701 | memset_s \ | ||
1705 | mkdtemp \ | 1702 | mkdtemp \ |
1706 | mmap \ | 1703 | mmap \ |
1707 | ngetaddrinfo \ | 1704 | ngetaddrinfo \ |
@@ -1760,7 +1757,6 @@ AC_CHECK_FUNCS([ \ | |||
1760 | user_from_uid \ | 1757 | user_from_uid \ |
1761 | usleep \ | 1758 | usleep \ |
1762 | vasprintf \ | 1759 | vasprintf \ |
1763 | vhangup \ | ||
1764 | vsnprintf \ | 1760 | vsnprintf \ |
1765 | waitpid \ | 1761 | waitpid \ |
1766 | ]) | 1762 | ]) |
@@ -1972,11 +1968,9 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then | |||
1972 | ) | 1968 | ) |
1973 | fi | 1969 | fi |
1974 | 1970 | ||
1975 | # If we don't have a working asprintf, then we strongly depend on vsnprintf | 1971 | # We depend on vsnprintf returning the right thing on overflow: the |
1976 | # returning the right thing on overflow: the number of characters it tried to | 1972 | # number of characters it tried to create (as per SUSv3) |
1977 | # create (as per SUSv3) | 1973 | if test "x$ac_cv_func_vsnprintf" = "xyes" ; then |
1978 | if test "x$ac_cv_func_asprintf" != "xyes" && \ | ||
1979 | test "x$ac_cv_func_vsnprintf" = "xyes" ; then | ||
1980 | AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) | 1974 | AC_MSG_CHECKING([whether vsnprintf returns correct values on overflow]) |
1981 | AC_RUN_IFELSE( | 1975 | AC_RUN_IFELSE( |
1982 | [AC_LANG_PROGRAM([[ | 1976 | [AC_LANG_PROGRAM([[ |
@@ -1984,15 +1978,23 @@ if test "x$ac_cv_func_asprintf" != "xyes" && \ | |||
1984 | #include <stdio.h> | 1978 | #include <stdio.h> |
1985 | #include <stdarg.h> | 1979 | #include <stdarg.h> |
1986 | 1980 | ||
1987 | int x_snprintf(char *str,size_t count,const char *fmt,...) | 1981 | int x_snprintf(char *str, size_t count, const char *fmt, ...) |
1988 | { | 1982 | { |
1989 | size_t ret; va_list ap; | 1983 | size_t ret; |
1990 | va_start(ap, fmt); ret = vsnprintf(str, count, fmt, ap); va_end(ap); | 1984 | va_list ap; |
1985 | |||
1986 | va_start(ap, fmt); | ||
1987 | ret = vsnprintf(str, count, fmt, ap); | ||
1988 | va_end(ap); | ||
1991 | return ret; | 1989 | return ret; |
1992 | } | 1990 | } |
1993 | ]], [[ | 1991 | ]], [[ |
1994 | char x[1]; | 1992 | char x[1]; |
1995 | exit(x_snprintf(x, 1, "%s %d", "hello", 12345) == 11 ? 0 : 1); | 1993 | if (x_snprintf(x, 1, "%s %d", "hello", 12345) != 11) |
1994 | return 1; | ||
1995 | if (x_snprintf(NULL, 0, "%s %d", "hello", 12345) != 11) | ||
1996 | return 1; | ||
1997 | return 0; | ||
1996 | ]])], | 1998 | ]])], |
1997 | [AC_MSG_RESULT([yes])], | 1999 | [AC_MSG_RESULT([yes])], |
1998 | [ | 2000 | [ |
@@ -2328,7 +2330,7 @@ AC_RUN_IFELSE( | |||
2328 | if(fd == NULL) | 2330 | if(fd == NULL) |
2329 | exit(1); | 2331 | exit(1); |
2330 | 2332 | ||
2331 | if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) | 2333 | if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) |
2332 | exit(1); | 2334 | exit(1); |
2333 | 2335 | ||
2334 | exit(0); | 2336 | exit(0); |
@@ -2363,13 +2365,21 @@ AC_RUN_IFELSE( | |||
2363 | if(fd == NULL) | 2365 | if(fd == NULL) |
2364 | exit(1); | 2366 | exit(1); |
2365 | 2367 | ||
2366 | if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0) | 2368 | if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), |
2369 | SSLeay_version(SSLEAY_VERSION))) <0) | ||
2367 | exit(1); | 2370 | exit(1); |
2368 | 2371 | ||
2369 | exit(0); | 2372 | exit(0); |
2370 | ]])], | 2373 | ]])], |
2371 | [ | 2374 | [ |
2372 | ssl_library_ver=`cat conftest.ssllibver` | 2375 | ssl_library_ver=`cat conftest.ssllibver` |
2376 | # Check version is supported. | ||
2377 | case "$ssl_library_ver" in | ||
2378 | 0090[[0-7]]*|009080[[0-5]]*) | ||
2379 | AC_MSG_ERROR([OpenSSL >= 0.9.8f required]) | ||
2380 | ;; | ||
2381 | *) ;; | ||
2382 | esac | ||
2373 | AC_MSG_RESULT([$ssl_library_ver]) | 2383 | AC_MSG_RESULT([$ssl_library_ver]) |
2374 | ], | 2384 | ], |
2375 | [ | 2385 | [ |
@@ -2381,6 +2391,10 @@ AC_RUN_IFELSE( | |||
2381 | ] | 2391 | ] |
2382 | ) | 2392 | ) |
2383 | 2393 | ||
2394 | # XXX make --without-openssl work | ||
2395 | AC_DEFINE_UNQUOTED([WITH_OPENSSL], [1], [use libcrypto for cryptography]) | ||
2396 | AC_DEFINE_UNQUOTED([WITH_SSH1], [1], [include SSH protocol version 1 support]) | ||
2397 | |||
2384 | AC_ARG_WITH([openssl-header-check], | 2398 | AC_ARG_WITH([openssl-header-check], |
2385 | [ --without-openssl-header-check Disable OpenSSL version consistency check], | 2399 | [ --without-openssl-header-check Disable OpenSSL version consistency check], |
2386 | [ if test "x$withval" = "xno" ; then | 2400 | [ if test "x$withval" = "xno" ; then |
@@ -2589,6 +2603,14 @@ AC_CHECK_FUNCS([SHA256_Update EVP_sha256], , | |||
2589 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | 2603 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" |
2590 | ] | 2604 | ] |
2591 | ) | 2605 | ) |
2606 | # Search for RIPE-MD support in OpenSSL | ||
2607 | AC_CHECK_FUNCS([EVP_ripemd160], , | ||
2608 | [unsupported_algorithms="$unsupported_algorithms \ | ||
2609 | hmac-ripemd160 | ||
2610 | hmac-ripemd160@openssh.com | ||
2611 | hmac-ripemd160-etm@openssh.com" | ||
2612 | ] | ||
2613 | ) | ||
2592 | 2614 | ||
2593 | # Check complete ECC support in OpenSSL | 2615 | # Check complete ECC support in OpenSSL |
2594 | AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) | 2616 | AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) |
@@ -2709,6 +2731,13 @@ fi | |||
2709 | AC_SUBST([TEST_SSH_ECC]) | 2731 | AC_SUBST([TEST_SSH_ECC]) |
2710 | AC_SUBST([COMMENT_OUT_ECC]) | 2732 | AC_SUBST([COMMENT_OUT_ECC]) |
2711 | 2733 | ||
2734 | AC_CHECK_FUNCS([ \ | ||
2735 | arc4random \ | ||
2736 | arc4random_buf \ | ||
2737 | arc4random_stir \ | ||
2738 | arc4random_uniform \ | ||
2739 | ]) | ||
2740 | |||
2712 | saved_LIBS="$LIBS" | 2741 | saved_LIBS="$LIBS" |
2713 | AC_CHECK_LIB([iaf], [ia_openinfo], [ | 2742 | AC_CHECK_LIB([iaf], [ia_openinfo], [ |
2714 | LIBS="$LIBS -liaf" | 2743 | LIBS="$LIBS -liaf" |
@@ -2892,7 +2921,14 @@ if test "x$PAM_MSG" = "xyes" ; then | |||
2892 | ]) | 2921 | ]) |
2893 | fi | 2922 | fi |
2894 | 2923 | ||
2895 | SSH_PRIVSEP_USER=sshd | 2924 | case "$host" in |
2925 | *-*-cygwin*) | ||
2926 | SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER | ||
2927 | ;; | ||
2928 | *) | ||
2929 | SSH_PRIVSEP_USER=sshd | ||
2930 | ;; | ||
2931 | esac | ||
2896 | AC_ARG_WITH([privsep-user], | 2932 | AC_ARG_WITH([privsep-user], |
2897 | [ --with-privsep-user=user Specify non-privileged user for privilege separation], | 2933 | [ --with-privsep-user=user Specify non-privileged user for privilege separation], |
2898 | [ | 2934 | [ |
@@ -2902,8 +2938,13 @@ AC_ARG_WITH([privsep-user], | |||
2902 | fi | 2938 | fi |
2903 | ] | 2939 | ] |
2904 | ) | 2940 | ) |
2905 | AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], | 2941 | if test "x$SSH_PRIVSEP_USER" = "xCYGWIN_SSH_PRIVSEP_USER" ; then |
2906 | [non-privileged user for privilege separation]) | 2942 | AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], [CYGWIN_SSH_PRIVSEP_USER], |
2943 | [Cygwin function to fetch non-privileged user for privilege separation]) | ||
2944 | else | ||
2945 | AC_DEFINE_UNQUOTED([SSH_PRIVSEP_USER], ["$SSH_PRIVSEP_USER"], | ||
2946 | [non-privileged user for privilege separation]) | ||
2947 | fi | ||
2907 | AC_SUBST([SSH_PRIVSEP_USER]) | 2948 | AC_SUBST([SSH_PRIVSEP_USER]) |
2908 | 2949 | ||
2909 | if test "x$have_linux_no_new_privs" = "x1" ; then | 2950 | if test "x$have_linux_no_new_privs" = "x1" ; then |