source: branches/samhain-2_2-branch/configure.ac@ 446

Last change on this file since 446 was 72, checked in by rainer, 18 years ago

Support installation of init scripts on MaxOS X.

File size: 64.1 KB
Line 
1
2dnl We want to override the standard _AC_INIT_PARSE_ARGS
3dnl
4AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
5AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
6
7AC_INIT(src/samhain.c)
8
9
10AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
11
12dnl
13dnl start
14dnl
15AM_INIT_AUTOMAKE(samhain, 2.2.5)
16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
23AC_PROG_CPP
24AC_PROG_INSTALL
25AC_PROG_LN_S
26AC_PROG_AWK
27AC_PATH_PROG(cmd_hostname,hostname)
28AC_SUBST(cmd_hostname)
29
30GCC_STACK_PROTECT_CC
31
32AC_HEADER_STDC
33dnl
34dnl first one is a dummy because of an autoconf bug
35dnl (no HAVE_... for first one)
36dnl
37AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
38
39
40AC_MSG_CHECKING([for host-specific issues])
41mydebugflag=no
42myneedg3=no
43uid_cast="signed long"
44selectconfig=linux
45mynetbsd=no
46sh_use_lcaps="undef"
47
48case "$host_os" in
49
50 *linux*)
51 sh_use_lcaps="yes"
52 AC_DEFINE(HOST_IS_LINUX)
53 AC_DEFINE(HAVE_EXT2_IOCTLS)
54 AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
55 case "$host_cpu" in
56 i*86*)
57 AC_DEFINE(HOST_IS_I86LINUX)
58 ;;
59 *)
60 ;;
61 esac
62 ;;
63
64 *osf*)
65 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
66 if test "x$GCC" != "xyes"; then
67 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
68 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
69 myneedg3=yes
70 AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
71 else
72 AC_MSG_RESULT(none)
73 fi
74 ;;
75
76 *cygwin*)
77 AC_DEFINE(HOST_IS_CYGWIN)
78 AC_MSG_RESULT(CYGWIN do not check for trusted paths)
79 ;;
80
81 *darwin*)
82 AC_DEFINE(HOST_IS_DARWIN)
83 AC_MSG_RESULT(DARWIN check resource forks)
84 ;;
85
86 *freebsd*)
87 AC_DEFINE(HOST_IS_FREEBSD)
88 selectconfig=freebsd
89 AC_MSG_RESULT(none)
90 ;;
91
92 *openbsd*)
93 selectconfig=freebsd
94 AC_MSG_RESULT(none)
95 ;;
96
97 *netbsd*)
98 mynetbsd=yes
99 selectconfig=netbsd
100 AC_MSG_RESULT(NETBSD bug with libresolve)
101 ;;
102
103 *solaris*)
104 selectconfig=solaris
105 AC_DEFINE(HOST_IS_SOLARIS)
106 case "$host_cpu" in
107 i*86)
108 AC_DEFINE(HOST_IS_I86SOLARIS)
109 AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
110 ;;
111 *)
112 AC_MSG_RESULT(none)
113 ;;
114 esac
115 if test "x$GCC" != "xyes"; then
116 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
117 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
118 fi
119 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
120 CFLAGS="$CFLAGS -xO2"
121 fi
122 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
123 CFLAGS="$CFLAGS -Xa"
124 fi
125 LIBS="-lc $LIBS"
126 fi
127 ;;
128
129
130 *sun*)
131 selectconfig=solaris
132 AC_DEFINE(HOST_IS_SOLARIS)
133 AC_MSG_RESULT(none)
134 ;;
135
136 *aix*)
137 AC_DEFINE(HOST_IS_AIX)
138 selectconfig=aix5.2.0
139 uid_cast="unsigned long"
140 if test "x$GCC" != "xyes"; then
141 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
142 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
143 fi
144 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
145 CFLAGS="$CFLAGS -O3"
146 fi
147 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
148 CFLAGS="$CFLAGS -qstrict"
149 fi
150 AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
151 else
152 AC_MSG_RESULT(AIX size_t in the accept call)
153 fi
154 ;;
155
156 *hpux*)
157 AC_MSG_RESULT(HPUX has not always h_errno defined)
158 AC_DEFINE(HOST_IS_HPUX)
159 if test "x$GCC" != "xyes"; then
160 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
161 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
162 fi
163 if test -z "`echo "$CFLAGS" | grep "\-fast" 2> /dev/null`"; then
164 CFLAGS="$CFLAGS -fast"
165 fi
166 fi
167 ;;
168
169 *ultrix*)
170 AC_MSG_RESULT(ULTRIX getcwd uses popen)
171 AC_DEFINE(HAVE_BROKEN_GETCWD)
172 ;;
173
174 *)
175 AC_MSG_RESULT(none)
176 ;;
177esac
178
179AC_SUBST(selectconfig)
180AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
181
182
183dnl *****************************************
184dnl
185dnl checks for header files
186dnl
187dnl *****************************************
188
189AC_HEADER_DIRENT
190AC_HEADER_MAJOR
191AC_HEADER_TIME
192dnl used in minilzo.c
193AC_HEADER_STAT
194AC_DECL_SYS_SIGLIST
195
196AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
197 sys/vfs.h mntent.h \
198 sys/select.h sys/socket.h netinet/in.h \
199 regex.h glob.h \
200 linux/ext2_fs.h ext2fs/ext2_fs.h \
201 elf.h linux/elf.h \
202 paths.h arpa/nameser.h arpa/nameser_compat.h,
203 [],
204 [],
205 [#include <sys/types.h>]
206)
207
208
209AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
210if test "x$sh_utmpx" = "xyes"; then
211 if cat "/usr/include/utmpx.h" 2>&5 |
212 egrep "WTMPX_FILE" >/dev/null 2>&1; then
213 AC_DEFINE(HAVE_UTMPX_H)
214 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
215 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
216 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
217 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
218 else
219 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
220 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
221 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
222 fi
223else
224 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
225 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
226fi
227
228dnl need to check because AIX 4.2 does not have it
229dnl
230AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
231#ifdef HAVE_SYS_TYPES_H
232#include <sys/types.h>
233#endif
234#ifdef HAVE_SYS_STAT_H
235#include <sys/stat.h>
236#endif
237#ifdef HAVE_SYS_VFS_H
238#include <sys/vfs.h>
239#endif
240#ifdef HAVE_UNISTD_H
241#include <unistd.h>
242#endif
243])
244
245AC_SYS_LARGEFILE
246
247dnl
248dnl check whether _POSIX_SOURCE is required
249dnl
250SAMHAIN_POSIX
251
252
253dnl *****************************************
254dnl
255dnl Checks for library functions.
256dnl
257dnl *****************************************
258AC_FUNC_STRFTIME
259AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
260 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
261 seteuid setreuid setresuid lstat getwd getcwd ptrace \
262 usleep setpriority getpeereid nanosleep \
263 strptime basename sched_yield hasmntopt \
264 inet_aton gethostbyname setutent setrlimit gethostname uname \
265 initgroups getpagesize \
266 ttyname fchmod
267)
268AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
269SL_CHECK_VA_COPY
270AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
271AC_CHECK_MLOCK
272
273AC_MSG_CHECKING(how to get filesystem type)
274fstype=no
275# The order of these tests is important.
276AC_TRY_CPP([#include <sys/statvfs.h>
277#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
278if test $fstype = no; then
279AC_TRY_CPP([#include <sys/statfs.h>
280#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
281fi
282if test $fstype = no; then
283AC_TRY_CPP([#include <sys/statfs.h>
284#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
285fi
286if test $fstype = no; then
287AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
288fi
289if test $fstype = no; then
290AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
291fi
292if test $fstype = no; then
293AC_TRY_CPP([#include <sys/mount.h>
294#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
295fi
296AC_MSG_RESULT($fstype)
297
298sh_libsocket=
299
300dnl Solaris needs -lsocket and -lnsl. Unisys system includes
301dnl gethostbyname in libsocket but needs libnsl for socket.
302AC_CHECK_LIB(nsl, gethostbyname)
303AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
304if test x$ac_need_libsocket = x1; then
305 LIBS="$LIBS -lsocket"
306 sh_libsocket="-lsocket"
307fi
308if test x$ac_try_nsl = x1; then
309 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
310 if test x$ac_need_libnsl = x1
311 then
312 LIBS="$LIBS -lnsl"
313 fi
314fi
315AC_SUBST(sh_libsocket)
316
317AC_CHECK_LIB(socket, res_search, [
318 AC_CHECK_LIB(resolv, dn_skipname)
319 AC_CHECK_LIB(resolv, __dn_skipname)
320 if test x$ac_need_libsocket = x1; then
321 :
322 else
323 LIBS="$LIBS -lsocket"
324 fi
325 ], [
326 AC_CHECK_LIB(resolv, res_search, [
327 LIBS="$LIBS -lresolv"
328 ], [
329 AC_CHECK_LIB(resolv, dn_skipname)
330 AC_CHECK_LIB(resolv, __dn_skipname)
331 ])
332 ])
333
334dnl arguments for accept
335
336dnl check for Unix98 socklen_t (found on
337dnl xemacs-patches mailing list, written
338dnl by Martin Buchholz)
339dnl
340dnl On Darwin(MacOSX) socklen_t needs to be
341dnl an int (see accept man page), on all other
342dnl unix systems we need a size_t.
343
344AC_MSG_CHECKING(for socklen_t)
345AC_TRY_COMPILE([
346#ifdef HAVE_SYS_TYPES_H
347#include <sys/types.h>
348#endif
349#ifdef HAVE_SYS_SOCKET_H
350#include <sys/socket.h>
351#endif
352 socklen_t x;
353], [],[
354 AC_MSG_RESULT(yes)
355 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
356 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
357],[
358 AC_TRY_COMPILE([
359#ifdef HAVE_SYS_TYPES_H
360#include <sys/types.h>
361#endif
362#ifdef HAVE_SYS_SOCKET_H
363#include <sys/socket.h>
364#endif
365 int accept (int, struct sockaddr *, size_t *);
366 ],[],[
367 AC_MSG_RESULT(size_t)
368 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
369 ], [
370 AC_MSG_RESULT(int)
371 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
372 ]
373 )
374])
375
376
377dnl *****************************************
378dnl checks for typedefs
379dnl *****************************************
380
381AC_C_LONG_DOUBLE
382SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
383if test "$sh_HAVE_LONG_LONG" = "yes"; then
384 AC_CHECK_SIZEOF(unsigned long long, 4)
385 if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
386 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
387 fi
388fi
389
390AC_CHECK_TYPE(ptrdiff_t, long)
391AC_TYPE_SIZE_T
392AC_CHECK_SIZEOF(char *, 4)
393AC_CHECK_SIZEOF(size_t, 4)
394
395AC_CHECK_SIZEOF(unsigned long, 4)
396AC_CHECK_SIZEOF(unsigned int , 4)
397AC_CHECK_SIZEOF(unsigned short, 2)
398
399
400if test "$ac_cv_sizeof_unsigned_long" = "4"; then
401 AC_DEFINE(HAVE_LONG_32)
402fi
403if test "$ac_cv_sizeof_unsigned_long" = "8"; then
404 AC_DEFINE(HAVE_LONG_64)
405fi
406if test "$ac_cv_sizeof_unsigned_int" = "4"; then
407 AC_DEFINE(HAVE_INT_32)
408fi
409
410dnl
411dnl For Alpha
412dnl
413if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
414 AC_DEFINE(HAVE_INT_32)
415fi
416if test "$ac_cv_sizeof_unsigned_short" = "4"; then
417 AC_DEFINE(HAVE_SHORT_32)
418fi
419
420dnl
421dnl check for 64 bit programming environment
422dnl
423SAMHAIN_64
424
425
426dnl *****************************************
427dnl checks for structures
428dnl *****************************************
429
430AC_STRUCT_TM
431
432dnl
433dnl from e2fsprogs
434dnl
435AC_MSG_CHECKING(whether struct stat has a st_flags field)
436AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
437 AC_TRY_COMPILE([#include <sys/stat.h>],
438 [struct stat stat; stat.st_flags = 0;],
439 [e2fsprogs_cv_struct_st_flags=yes],
440 [e2fsprogs_cv_struct_st_flags=no]))
441AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
442if test "$e2fsprogs_cv_struct_st_flags" = yes; then
443 AC_MSG_CHECKING(whether st_flags field is useful)
444 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
445 AC_TRY_COMPILE([#include <sys/stat.h>],
446 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
447 [e2fsprogs_cv_struct_st_flags_immut=yes],
448 [e2fsprogs_cv_struct_st_flags_immut=no]))
449 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
450 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
451 AC_DEFINE(HAVE_STAT_FLAGS)
452 fi
453fi
454
455dnl
456dnl from dbus
457dnl
458AC_MSG_CHECKING(for struct cmsgcred)
459AC_TRY_COMPILE([
460#include <sys/types.h>
461#include <sys/socket.h>
462],[
463struct cmsgcred cred;
464
465cred.cmcred_pid = 0;
466],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
467AC_MSG_RESULT($sh_have_struct_cmsgcred)
468
469if test x$sh_have_struct_cmsgcred = xyes; then
470 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
471fi
472
473AC_MSG_CHECKING(for struct fcred)
474AC_TRY_COMPILE([
475#include <sys/param.h>
476#include <sys/socket.h>
477#include <sys/ucred.h>
478],[
479struct fcred sockcred;
480],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
481AC_MSG_RESULT($sh_have_struct_fcred)
482
483if test x$sh_have_struct_fcred = xyes; then
484 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
485fi
486
487AC_MSG_CHECKING(for struct sockcred)
488AC_TRY_COMPILE([
489#include <sys/param.h>
490#include <sys/socket.h>
491#include <sys/ucred.h>
492],[
493struct sockcred sockcred;
494],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
495AC_MSG_RESULT($sh_have_struct_sockcred)
496
497if test x$sh_have_struct_sockcred = xyes; then
498 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
499fi
500
501AC_MSG_CHECKING(for SO_PEERCRED)
502AC_TRY_COMPILE([
503#include <sys/types.h>
504#include <sys/socket.h>
505],[
506int test = SO_PEERCRED;
507],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
508AC_MSG_RESULT($sh_have_SO_PEERCRED)
509
510if test x$sh_have_SO_PEERCRED = xyes; then
511 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
512fi
513
514
515dnl *****************************************
516dnl checks for compiler characteristics
517dnl *****************************************
518AC_C_INLINE
519AC_C_CONST
520AC_C_BIGENDIAN
521
522AM_SA_SIGACTION_WORKS
523
524dnl *****************************************
525dnl
526dnl checks for system services
527dnl
528dnl *****************************************
529
530dnl
531dnl check for GNU gmp
532dnl
533AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
534if test "x${sh_have_gmp}" = xno
535then
536 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
537fi
538if test "x${sh_have_gmp}" = xyes
539then
540 # LIBS="-lgmp $LIBS"
541 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
542fi
543AC_CHECK_HEADERS(gmp.h)
544
545
546dnl *****************************************
547dnl
548dnl enable features
549dnl
550dnl *****************************************
551
552AC_ARG_ENABLE(db-reload,
553 [ --enable-db-reload enable database reload on SIGHUP [no]],
554 [
555 if test "x${enable_db_reload}" = xyes; then
556 AC_DEFINE(RELOAD_DATABASE)
557 fi
558 ]
559)
560
561AC_ARG_ENABLE(xml-log,
562 [ --enable-xml-log enable XML logfile format [[no]]],
563 [
564 if test "x${enable_xml_log}" = xyes; then
565 AC_DEFINE(SH_USE_XML)
566 fi
567 ]
568)
569
570
571AC_ARG_ENABLE(mail,
572 [ --disable-mail disable the internal SMTP mailer],
573 [
574 if test "x${enable_mail}" = xno; then
575 :
576 else
577 AC_DEFINE(SH_WITH_MAIL)
578 fi
579 ],
580 [AC_DEFINE(SH_WITH_MAIL)]
581)
582
583AC_ARG_ENABLE(external-scripts,
584 [ --disable-external-scripts disable interface to external scripts],
585 [
586 if test "x${enableval}" = xno; then
587 :
588 else
589 AC_DEFINE(WITH_EXTERNAL)
590 fi
591 ],
592 [AC_DEFINE(WITH_EXTERNAL)]
593)
594
595AC_ARG_ENABLE(message-queue,
596 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
597 [
598 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
599 if test "x${enable_message_queue}" = xyes; then
600 AC_DEFINE(WITH_MESSAGE_QUEUE)
601 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
602 elif test "x${enable_message_queue}" != xno; then
603 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
604 AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
605 echo "${enableval}" | \
606 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
607 AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
608 AC_DEFINE(WITH_MESSAGE_QUEUE)
609 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
610 fi
611 else
612 echo
613 echo "**********************************************"
614 echo
615 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
616 echo
617 echo "**********************************************"
618 echo
619 fi
620 ]
621)
622
623AC_ARG_WITH(cflags,
624 [ --with-cflags additional flags to pass to compiler],
625 [
626 if test "x$withval" != "xno" ; then
627 CFLAGS="$CFLAGS $withval"
628 fi
629 ]
630)
631AC_ARG_WITH(libs,
632 [ --with-libs additional libraries to link with],
633 [
634 if test "x$withval" != "xno" ; then
635 LIBS="$LIBS $withval"
636 fi
637 ]
638)
639
640
641#
642# this is from ssh
643#
644AC_MSG_CHECKING(whether to use libwrap)
645LIBWRAP_LIB=""
646LIBWRAP_INC=""
647AC_ARG_WITH(libwrap,
648[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
649[ AC_MSG_RESULT($withval)
650 case "$withval" in
651 no)
652 ;;
653 ""|yes)
654 LIBWRAP_LIB="-lwrap"
655 ;;
656 *)
657 if test -d "$withval"; then
658 LIBWRAP_LIB="-L$withval -lwrap"
659 changequote(<<, >>)dnl
660 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
661 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
662 changequote([, ])dnl
663 else
664 LIBWRAP_LIB="-lwrap"
665 changequote(<<, >>)dnl
666 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
667 LIBWRAP_INC="-I${sh_libwrap_inc}"
668 changequote([, ])dnl
669 fi
670 ;;
671 esac
672 if test -n "$LIBWRAP_LIB"; then
673 # OLDLIBS="$LIBS"
674 LIBS="$LIBWRAP_LIB $LIBS"
675 # OLDCFLAGS="$CFLAGS"
676 CFLAGS="$CFLAGS $LIBWRAP_INC"
677 AC_CHECK_HEADER(tcpd.h,
678 [],
679 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
680 AC_TRY_LINK([ #include <tcpd.h>
681 int allow_severity; int deny_severity; ],
682 [ hosts_access((struct request_info *) 0); ],
683 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
684 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
685 fi ],
686 AC_MSG_RESULT(no)
687)
688
689
690#
691# this is from the snort configure.in
692#
693AC_DEFUN(FAIL_MESSAGE,[
694 echo
695 echo
696 echo "**********************************************"
697 echo " ERROR: unable to find" $1
698 echo " checked in the following places"
699 for i in `echo $2`; do
700 echo " $i"
701 done
702 echo "**********************************************"
703 echo
704 exit
705])
706
707AC_ARG_WITH(libprelude-prefix,
708 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
709 libprelude_config_prefix="$withval", libprelude_config_prefix="")
710
711AC_MSG_CHECKING(whether to use prelude)
712AC_ARG_WITH(prelude,
713 [ --with-prelude Prelude IDS support [[no]]],
714 [
715 if test "x${withval}" = "xno"; then
716 AC_MSG_RESULT(no)
717 else
718 AC_MSG_RESULT(yes)
719 if test x$libprelude_config_prefix != x ; then
720 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
721 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
722 fi
723 fi
724
725 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
726 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
727 HAVE_PRELUDE_CONFIG=no
728 else
729 HAVE_PRELUDE_CONFIG=yes
730 fi
731dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
732 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
733 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
734 case "$sh_libprelude_version" in
735 0.8*)
736 sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
737 sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
738 LIBS="$LIBS ${sh_prelude_libs}"
739 CFLAGS="$CFLAGS ${sh_prelude_cflags}"
740 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
741 AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
742 ;;
743 *)
744 AM_PATH_LIBPRELUDE([0.9.6],
745 [
746 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
747 AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
748 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
749 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
750 LIBS="$LIBS $LIBPRELUDE_LIBS"
751 ],
752 [
753 AC_MSG_ERROR([Could not find libprelude.])
754 ])
755 ;;
756 esac
757 else
758 AC_MSG_ERROR([Could not find libprelude.])
759 fi
760 fi
761 ],
762 [
763 AC_MSG_RESULT(no)
764 ]
765)
766
767dnl AC_MSG_CHECKING(whether to use prelude)
768dnl AC_ARG_WITH(prelude,
769dnl [ --with-prelude Prelude IDS support [[no]]],
770dnl [
771dnl if test "x${withval}" = "xno"; then
772dnl AC_MSG_RESULT(no)
773dnl else
774dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
775dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
776dnl sh_prelude_libs=`libprelude-config --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
777dnl sh_prelude_cflags=`libprelude-config --cflags`
778dnl LIBS="$LIBS ${sh_prelude_libs}"
779dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
780dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
781dnl else
782dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
783dnl fi
784dnl fi
785dnl ],
786dnl AC_MSG_RESULT(no)
787dnl )
788
789AC_ARG_ENABLE(static,
790 [ --enable-static enable static linking (recommended) [[no]]],
791 [
792 if test x$enable_static = xyes; then
793 if test x"$mynetbsd" = xyes
794 then
795 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
796 LIBS="${tmp_LIBS}"
797 fi
798 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
799 if test "x$GCC" = "xyes"; then
800 LDFLAGS="$LDFLAGS -static"
801 else
802 case "$host_os" in
803
804 *aix*)
805 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
806 ;;
807
808 *hpux*)
809 LDFLAGS="$LDFLAGS -Wl,-a,archive"
810 ;;
811
812 *osf*)
813 LDFLAGS="$LDFLAGS -non_shared"
814 ;;
815
816 *irix*)
817 LDFLAGS="$LDFLAGS -non_shared"
818 ;;
819
820 *sco*)
821 LDFLAGS="$LDFLAGS -dn"
822 ;;
823
824 *sun*)
825 LDFLAGS="$LDFLAGS -Bstatic"
826 ;;
827
828 *solaris*)
829 LDFLAGS="$LDFLAGS -Bstatic"
830 ;;
831
832 *)
833 echo "***********************************************"
834 echo "*"
835 echo "* Don't know how to enable static linking"
836 echo "* with your compiler. Please set the environment"
837 echo "* variable LDFLAGS to:"
838 echo "* ${LDFLAGS} + the static linking flag"
839 echo "* and run configure again"
840 echo "*"
841 echo "***********************************************"
842 ;;
843
844 esac
845 fi
846 fi
847 ]
848)
849
850#
851# partly based on the snort configure.in
852#
853AC_ARG_WITH(database,
854 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
855 [
856 if test x"$enable_xml_log" != xyes; then
857 AC_MSG_ERROR([--with-database: --enable-xml-log required])
858 fi
859 if test "x${withval}" = "xmysql"; then
860 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
861 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
862 # echo "mysql_config found"
863 sh_mysql_libs="`mysql_config --libs`"
864 # echo ${sh_mysql_libs}
865 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
866 # echo $mysql_libs
867 # save_libs="$LIBS"
868 # LIBS="$LIBS `mysql_config --libs`"
869 # echo $LIBS
870 LIBS="$LIBS ${sh_mysql_libs}"
871 # echo $LIBS
872 sh_mysql_cflags="`mysql_config --cflags`"
873 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
874 # CFLAGS="$CFLAGS `mysql_config --cflags`"
875 # CFLAGS="$CFLAGS ${sh_mysql_cflags}"
876 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
877 else
878 AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
879 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
880
881 for i in $mysql_directory; do
882 if test -r $i/include/mysql/mysql.h; then
883 MYSQL_DIR=$i
884 MYSQL_INC_DIR=$i/include
885 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
886 fi
887 done
888 if test -z "$MYSQL_DIR"; then
889 for i in $mysql_directory; do
890 if test -r $i/include/mysql.h; then
891 MYSQL_DIR=$i
892 MYSQL_INC_DIR=$i/include
893 fi
894 done
895 fi
896
897 if test -z "$MYSQL_DIR"; then
898 tmp=""
899 for i in $mysql_directory; do
900 tmp="$tmp $i/include $i/include/mysql"
901 done
902 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
903 fi
904
905 for i in lib lib/mysql; do
906 str="$MYSQL_DIR/$i/libmysqlclient.*"
907 for j in `echo $str`; do
908 if test -r $j; then
909 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
910 break 2
911 fi
912 done
913 done
914
915 if test -z "$MYSQL_LIB_DIR"; then
916 for ff in $mysql_directory; do
917 for i in lib lib/mysql; do
918 str="$ff/$i/libmysqlclient.*"
919 for j in `echo $str`; do
920 if test -r $j; then
921 MYSQL_LIB_DIR="$ff/$i"
922 break 3
923 fi
924 done
925 done
926 done
927 fi
928
929 if test -z "$MYSQL_LIB_DIR"; then
930 tmp=""
931 for i in $mysql_directory; do
932 tmp="$i/lib $i/lib/mysql"
933 done
934 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
935 fi
936
937 AC_MSG_RESULT(yes)
938 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
939 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
940 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
941 fi
942 AC_DEFINE(WITH_MYSQL)
943 AC_DEFINE(WITH_DATABASE)
944 AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
945 AC_MSG_CHECKING(for zlib)
946 if test "$zlib_cv_libz" = "yes"
947 then
948 LIBS="$LIBS -lz -lm"
949 AC_MSG_RESULT(ok)
950 else
951 AC_MSG_RESULT(failed)
952 echo
953 echo " Either the mysql or the zlib library was not found"
954 echo " or was unusable, maybe because an old, incompatible"
955 echo " version is installed on your system, eg compiled from"
956 echo " source long time ago. See config.log for the error"
957 echo " message from the compiler."
958 echo " Please review your installed mysql and zlib libraries"
959 echo " and/or use --with-libs=-L/path/to/libdirectory"
960 echo " where libdirectory is the directory holding libmysql"
961 echo " or libz."
962 if test x"$enable_static" = xyes; then
963 echo " Note that for compiling a static binary, you need"
964 echo " the static libraries, rather than the shared ones."
965 fi
966 echo
967 AC_MSG_ERROR([libmysql or zlib not found or unuseable])
968 fi
969 AC_CHECK_HEADERS(mysql/mysql.h)
970 elif test "x${withval}" = "xpostgresql"; then
971 AC_DEFINE(WITH_POSTGRES)
972 AC_DEFINE(WITH_DATABASE)
973 #
974 PGCONF="no"
975 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
976 OLD_IFS="$IFS"
977 IFS=":"
978 for ff in ${MY_PATH}
979 do
980 if test -f "$ff/pg_config"
981 then
982 PGCONF="$ff/pg_config"
983 fi
984 done
985 IFS="${OLD_IFS}"
986 #
987 #
988 if test "x${PGCONF}" = "xno"
989 then
990 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
991 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
992 for i in $pgsql_directory; do
993 if test -r $i/include/pgsql/libpq-fe.h; then
994 PGSQL_INC_DIR=$i/include
995 PGSQL_DIR=$i
996 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
997 fi
998 done
999 if test -z "$PGSQL_DIR"; then
1000 for i in $pgsql_directory; do
1001 if test -r $i/include/libpq-fe.h; then
1002 PGSQL_INC_DIR=$i/include
1003 PGSQL_DIR=$i
1004 fi
1005 done
1006 fi
1007
1008 if test -z "$PGSQL_DIR"; then
1009 tmp=""
1010 for i in $pgsql_directory; do
1011 tmp="$tmp $i/include $i/include/pgsql"
1012 done
1013 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1014 fi
1015
1016 for i in lib lib/pgsql; do
1017 str="$PGSQL_DIR/$i/libpq.*"
1018 for j in `echo $str`; do
1019 if test -r $j; then
1020 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1021 break 2
1022 fi
1023 done
1024 done
1025
1026 if test -z "$PGSQL_LIB_DIR"; then
1027 for ff in $pgsql_directory; do
1028 for i in lib lib/pgsql; do
1029 str="$ff/$i/libpq.*"
1030 for j in `echo $str`; do
1031 if test -r $j; then
1032 PGSQL_LIB_DIR="$ff/$i"
1033 break 3
1034 fi
1035 done
1036 done
1037 done
1038 fi
1039
1040 if test -z "$PGSQL_LIB_DIR"; then
1041 tmp=""
1042 for i in $pgsql_directory; do
1043 tmp="$i/lib $i/lib/pgsql"
1044 done
1045 FAIL_MESSAGE("postgresql library libpq", $tmp)
1046 fi
1047
1048 AC_MSG_RESULT(yes)
1049
1050 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1051 if test x"$enable_static" = xyes; then
1052 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1053 else
1054 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1055 fi
1056 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1057 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1058 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1059 else
1060 pg_lib_dir=`${PGCONF} --libdir`
1061 if test x"$enable_static" = xyes; then
1062 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1063 else
1064 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1065 fi
1066 pg_inc_dir=`${PGCONF} --includedir`
1067 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1068 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1069 fi
1070 elif test "x${withval}" = "xodbc"; then
1071 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1072 odbc_directory="/usr /usr/local"
1073
1074 for i in $odbc_directory; do
1075 if test -r $i/include/sql.h; then
1076 if test -r $i/include/sqlext.h; then
1077 if test -r $i/include/sqltypes.h; then
1078 ODBC_DIR=$i
1079 ODBC_INC_DIR=$i/include
1080 fi
1081 fi
1082 fi
1083 done
1084
1085 if test -z "$ODBC_DIR"; then
1086 tmp=""
1087 for i in $odbc_directory; do
1088 tmp="$tmp $i/include"
1089 done
1090 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1091 fi
1092
1093 str="$ODBC_DIR/lib/libodbc.*"
1094 for j in `echo $str`; do
1095 if test -r $j; then
1096 ODBC_LIB_DIR="$ODBC_DIR/lib"
1097 ODBC_LIB="odbc"
1098 fi
1099 done
1100
1101 if test -z "$ODBC_LIB_DIR"; then
1102 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1103 fi
1104
1105 AC_MSG_RESULT(yes)
1106 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1107 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1108 AC_DEFINE(WITH_ODBC)
1109 AC_DEFINE(WITH_DATABASE)
1110
1111 elif test "x${withval}" = "xoracle"; then
1112 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1113 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1114 for i in $oracle_directory; do
1115 if test -r $i/rdbms/demo/oci.h; then
1116 ORACLE_DIR=$i
1117 fi
1118 done
1119
1120 if test -z "$ORACLE_DIR"; then
1121 tmp=""
1122 for i in $oracle_directory; do
1123 tmp="$tmp $i/rdbms/demo"
1124 done
1125 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1126 else
1127 for i in rdbms/demo rdbms/public network/public; do
1128 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1129 done
1130 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1131 AC_MSG_RESULT(yes)
1132
1133 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1134
1135 ORACLE_LIBS="-lclntsh"
1136 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1137 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1138 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1139 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1140 fi
1141 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1142 if test "x$GCC" != "xyes"; then
1143 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1144 fi
1145 fi
1146 AC_DEFINE(WITH_ORACLE)
1147 AC_DEFINE(WITH_DATABASE)
1148
1149 else
1150 AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1151 fi
1152 ]
1153)
1154
1155AC_ARG_WITH(console,
1156 [ --with-console=PATH set path to console device [[/dev/console]]],
1157 [
1158 if test "x${withval}" != xno; then
1159 mycons="$withval"
1160 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1161 fi
1162 ])
1163
1164AC_ARG_WITH(altconsole,
1165 [ --with-altconsole=PATH set path to second console device [[none]]],
1166 [
1167 if test "x${withval}" != xno; then
1168 myaltcons="$withval"
1169 else
1170 myaltcons="NULL"
1171 fi
1172 ],
1173 [myaltcons="NULL"])
1174AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1175
1176AC_ARG_WITH(timeserver,
1177 [ --with-timeserver=HOST set host address for time server [[none]]],
1178 [
1179 if test "x${withval}" != xno; then
1180 mytimeserv="$withval"
1181 AC_DEFINE(HAVE_NTIME)
1182 else
1183 mytimeserv="NULL"
1184 fi
1185 ],
1186 mytimeserv="NULL")
1187AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1188
1189AC_ARG_WITH(alttimeserver,
1190 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1191 [
1192 if test "x${withval}" != xno; then
1193 myalttimeserv="$withval"
1194 AC_DEFINE(HAVE_NTIME)
1195 else
1196 myalttimeserv="NULL"
1197 fi
1198 ],
1199 myalttimeserv="NULL")
1200AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1201
1202AC_ARG_ENABLE(login-watch,
1203 [ --enable-login-watch watch for login/logout [[no]]],
1204 [
1205 if test "x${enable_login_watch}" = xyes; then
1206 AC_DEFINE(SH_USE_UTMP)
1207 fi
1208 ]
1209)
1210
1211AC_ARG_ENABLE(mounts-check,
1212 [ --enable-mounts-check check mount options on filesystems [[no]]],
1213 [
1214 if test "x${enable_mounts_check}" = xyes; then
1215 AC_DEFINE(SH_USE_MOUNTS)
1216 fi
1217 ]
1218)
1219
1220AC_ARG_ENABLE(userfiles,
1221 [ --enable-userfiles check for users' config files [[no]]],
1222 [
1223 if test "x${enableval}" = "xyes"; then
1224 AC_DEFINE(SH_USE_USERFILES)
1225 fi
1226 ]
1227)
1228
1229AC_ARG_ENABLE(debug,
1230 [ --enable-debug enable debug options [[no]]],
1231 [
1232 if test "x${enable_debug}" = "xyes"; then
1233 if test "x${mydebugflag}" != "xyes"; then
1234 AC_DEFINE(MEM_DEBUG)
1235 fi
1236 AC_DEFINE(WITH_TPT)
1237 AC_DEFINE(SL_DEBUG)
1238 AC_DEFINE(SL_FAIL_ON_ERROR)
1239 if test "x${myneedg3}" = "xyes"; then
1240 mydebugdef="-g3"
1241 else
1242 mydebugdef="-g"
1243 fi
1244 mydebugit="yes"
1245 fi
1246 ]
1247)
1248AC_SUBST(mydebugdef)
1249
1250AC_ARG_ENABLE(ptrace,
1251 [ --enable-ptrace use anti-debugger options [[no]]],
1252 [
1253 if test "x${enable_ptrace}" = xyes; then
1254 if test "x$mydebugit" != "xyes"; then
1255 AC_DEFINE(SCREW_IT_UP)
1256 fi
1257 fi
1258 ]
1259)
1260
1261dnl
1262if test "x$GCC" = "xyes"; then
1263 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1264 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1265 fi
1266
1267dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1268dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1269dnl fi
1270
1271 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1272 CFLAGS="$CFLAGS -Wall -W "
1273 fi
1274
1275 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1276 then
1277 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1278 then
1279 CFLAGS="$CFLAGS -fno-strength-reduce"
1280 fi
1281 fi
1282
1283 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1284 then
1285 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1286 then
1287 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1288 fi
1289 fi
1290
1291fi
1292
1293AC_MSG_CHECKING([which random module to use])
1294AC_ARG_WITH(rnd,
1295 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1296[use_static_rnd=$withval], [use_static_rnd=default] )
1297
1298if test "$use_static_rnd" = no; then
1299 use_static_rnd=default
1300fi
1301
1302case "$use_static_rnd" in
1303 egd | dev | unix | default )
1304 AC_MSG_RESULT($use_static_rnd)
1305 ;;
1306 * )
1307 AC_MSG_RESULT([invalid argument])
1308 AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1309 ;;
1310esac
1311
1312AC_ARG_WITH(egd-socket,
1313 [ --with-egd-socket=NAME EGD socket name],
1314 egd_socket_name="$withval", egd_socket_name="" )
1315AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1316
1317dnl
1318dnl See whether the user wants to disable checking for /dev/random
1319
1320try_dev_random=yes
1321
1322case "$use_static_rnd" in
1323dev | default )
1324 try_dev_random=yes
1325 ;;
1326egd)
1327 AC_DEFINE(HAVE_EGD_RANDOM)
1328 try_dev_random=no
1329 ;;
1330unix)
1331 AC_DEFINE(HAVE_UNIX_RANDOM)
1332 try_dev_random=no
1333 ;;
1334esac
1335
1336
1337if test "x$try_dev_random" = "xyes"; then
1338 AC_MSG_CHECKING(whether /dev/random exists)
1339 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1340 AC_DEFINE(HAVE_URANDOM)
1341 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1342 AC_MSG_RESULT(yes)
1343 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1344 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1345 fi
1346 else
1347 if test -r "/dev/random" && test -c "/dev/random"; then
1348 AC_DEFINE(HAVE_URANDOM)
1349 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1350 AC_MSG_RESULT(yes)
1351 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1352 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1353 fi
1354 else
1355 AC_MSG_RESULT(no)
1356 AC_DEFINE(HAVE_UNIX_RANDOM)
1357 fi
1358 fi
1359fi
1360
1361
1362dnl
1363dnl NETWORK OPTIONS
1364dnl
1365
1366
1367AC_ARG_ENABLE(network,
1368 [ --enable-network=[[client|server]] compile client or server [[no]]],
1369 [
1370 if test "x$enable_network" = xclient; then
1371 mytclient="-DSH_WITH_CLIENT"
1372 yulectl_prg=
1373 setpwd_prg="samhain_setpwd"
1374 sh_main_prg="samhain"
1375 if test "x${sh_have_gmp}" = xyes
1376 then
1377 LIBS="-lgmp $LIBS"
1378 fi
1379dnl AC_CHECK_HEADER(sys/capability.h,
1380dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1381dnl [sh_use_lcaps="no"])
1382 elif test "x$enable_network" = xserver; then
1383 mytclient="-DSH_WITH_SERVER"
1384 yulectl_prg="yulectl"
1385 setpwd_prg="samhain_setpwd"
1386 sh_main_prg="yule"
1387 if test "x${sh_have_gmp}" = xyes
1388 then
1389 LIBS="-lgmp $LIBS"
1390 fi
1391 sh_use_lcaps="undef"
1392 elif test "x$enable_network" = xno; then
1393 mytclient="-DSH_STANDALONE"
1394 yulectl_prg=
1395 setpwd_prg=
1396 sh_main_prg="samhain"
1397dnl AC_CHECK_HEADER(sys/capability.h,
1398dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1399dnl [sh_use_lcaps="no"])
1400 else
1401 AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1402 fi
1403 ],
1404 [
1405 mytclient="-DSH_STANDALONE"
1406 setpwd_prg=
1407 yulectl_prg=
1408 sh_main_prg="samhain"
1409dnl AC_CHECK_HEADER(sys/capability.h,
1410dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1411dnl [sh_use_lcaps="no"])
1412 ],
1413)
1414AC_SUBST(setpwd_prg)
1415AC_SUBST(yulectl_prg)
1416AC_SUBST(sh_main_prg)
1417AC_SUBST(mytclient)
1418
1419# needed for the rpm spec
1420clmytclient=`echo ${mytclient} | sed s%\-%%`
1421AC_SUBST(clmytclient)
1422
1423AC_ARG_ENABLE(udp,
1424 [ --enable-udp server can listen on port 514/udp [[no]]],
1425 [
1426 if test "x${enable_udp}" = xyes; then
1427 AC_DEFINE(INET_SYSLOG)
1428 fi
1429 ]
1430)
1431
1432myencrypt=yes
1433AC_ARG_ENABLE(encrypt,
1434 [ --disable-encrypt disable client/server encryption],
1435 [
1436 if test "x${enable_encrypt}" = xno; then
1437 myencrypt=no
1438 elif test "x${enable_encrypt}" = "x1"; then
1439 myencrypt=1
1440 fi
1441 ]
1442)
1443if test "x${myencrypt}" = "xyes"; then
1444 AC_DEFINE(SH_ENCRYPT)
1445 AC_DEFINE(SH_ENCRYPT_2)
1446elif test "x${myencrypt}" = "x1"; then
1447 AC_DEFINE(SH_ENCRYPT)
1448fi
1449
1450sh_use_srp_proto=yes
1451AC_ARG_ENABLE(srp,
1452 [ --disable-srp disable SRP for authentication],
1453 [
1454 if test "x${enable_srp}" = xno; then
1455 sh_use_srp_proto=no
1456 fi
1457 ]
1458)
1459if test "x${sh_use_srp_proto}" = xyes; then
1460 AC_DEFINE(USE_SRP_PROTOCOL)
1461fi
1462
1463AC_ARG_WITH(port,
1464 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1465 [
1466 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1467 AC_MSG_ERROR([--with-port: PORT must be numeric])
1468 myport=${withval}
1469 ],
1470 [myport="49777"])
1471AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1472AC_SUBST(myport)
1473
1474AC_ARG_WITH(logserver,
1475 [ --with-logserver=HOST set host address for log server [[none]]],
1476 [
1477 case "$withval" in
1478 *.* | localhost)
1479 mylogsrv="$withval"
1480 ;;
1481 *)
1482 mylogsrv="$withval"
1483 ;;
1484 esac
1485 ],
1486 [mylogsrv="NULL"])
1487AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1488AC_SUBST(mylogsrv)
1489
1490AC_ARG_WITH(altlogserver,
1491 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1492 [
1493 case "$withval" in
1494 *.* | localhost)
1495 myaltlogsrv="$withval"
1496 ;;
1497 *)
1498 myaltlogsrv="$withval"
1499 ;;
1500 esac
1501 ],
1502 [myaltlogsrv="NULL"])
1503AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1504
1505
1506
1507dnl
1508dnl STEALTH OPTIONS
1509dnl
1510nocl_code=
1511xor_code=0
1512AC_ARG_ENABLE(nocl,
1513 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1514 [
1515 if test "x${enableval}" != "x"; then
1516 AC_DEFINE(SH_STEALTH_NOCL)
1517 fi
1518 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1519 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1520 fi
1521 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1522 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1523 fi
1524 if test "x${enableval}" = "xstatus"; then
1525 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1526 fi
1527 if test "x${enableval}" = "xno"; then
1528 AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1529 fi
1530 nocl_code="${enable_nocl}"
1531 ]
1532)
1533AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1534AC_SUBST(nocl_code)
1535AC_ARG_ENABLE(stealth,
1536 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1537 [AC_DEFINE(SH_STEALTH)
1538 if test "x${enableval}" != "xyes"; then
1539 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1540 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1541 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1542 if test x"${enableval}" = x0
1543 then
1544 :
1545 else
1546 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1547 fi
1548 fi
1549 xor_code="${enable_stealth}"
1550 else
1551 xor_code=0
1552 fi
1553 stegin_prg="samhain_stealth"
1554 ],
1555 [
1556 stegin_prg=
1557 ]
1558)
1559AC_ARG_ENABLE(micro-stealth,
1560 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1561 [
1562 AC_DEFINE(SH_STEALTH)
1563 AC_DEFINE(SH_STEALTH_MICRO)
1564 if test "x${enableval}" != "xyes"; then
1565 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1566 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1567 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1568 if test x"${enableval}" = x0
1569 then
1570 :
1571 else
1572 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1573 fi
1574 fi
1575 xor_code="${enable_micro_stealth}"
1576 else
1577 xor_code=0
1578 fi
1579 ]
1580)
1581install_name="samhain"
1582INSTALL_NAME="SAMHAIN"
1583AC_ARG_ENABLE(install-name,
1584 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1585 [
1586 if test "x${enableval}" != "xyes"; then
1587 install_name="${enableval}"
1588 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1589 else
1590 install_name="${sh_main_prg}"
1591 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1592 fi
1593 ],
1594 [
1595 install_name="${sh_main_prg}"
1596 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1597 ]
1598)
1599
1600
1601need_user_install=0
1602
1603AC_ARG_ENABLE(identity,
1604 [ --enable-identity=USER user if dropping root [[daemon]]],
1605 [
1606 if test x"$enableval" = xno; then
1607 myident="daemon"
1608 else
1609 myident="$enableval"
1610 fi
1611 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1612 AC_MSG_ERROR([--enable-identity: need username, not UID])
1613 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1614 grep "^${myident}:" | awk -F: '{ print $3; }'`
1615 if test x"${myident_uid}" = x; then
1616 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1617 need_user_install=1
1618 fi
1619 ],
1620 [
1621 for myident in ${install_name} daemon nobody; do
1622 AC_MSG_CHECKING(for user ${myident})
1623 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1624 grep "^${myident}:" | awk -F: '{ print $3; }'`
1625 if test x"${myident_uid}" != x; then
1626 AC_MSG_RESULT(yes)
1627 break;
1628 else
1629 AC_MSG_RESULT(no)
1630 fi
1631 done
1632 if test x"${myident_uid}" = x; then
1633 myident=${install_name}
1634 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1635 need_user_install=1
1636 fi
1637 ])
1638AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1639AC_SUBST(myident)
1640AC_SUBST(need_user_install)
1641
1642sh_insmod_cmd=": # no kernel module"
1643sh_lkm=""
1644lkm_inc=""
1645khidemap="/boot/System.map"
1646sh_syscalltable="0x0"
1647AC_ARG_ENABLE(khide,
1648 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1649 [
1650 if test "x${enable_khide}" != xno; then
1651 if test "x${enableval}" != "xyes"; then
1652 khidemap="${enableval}"
1653 fi
1654 sh_syscalltable=`egrep '(D|d|R|r) sys_call_table' ${khidemap} | awk '{print $1}'`
1655 if test x"$sh_syscalltable" = x; then
1656 AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
1657 fi
1658 sh_syscalltable="0x${sh_syscalltable}"
1659 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1660 if test "${install_name_len}" -gt 15 ; then
1661 AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1662 fi
1663 AC_DEFINE(SH_USE_LKM)
1664 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1665
1666 # -- NEW --
1667 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1668 if test x"$kernel_version" = xLINUX26
1669 then
1670 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1671 if test x"$sh_modlist_lock" = x; then
1672 AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1673 fi
1674 sh_modlist_lock="0x${sh_modlist_lock}"
1675 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1676
1677 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1678 if test x"$sh_list_modules" = x; then
1679 AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1680 fi
1681 sh_list_modules="0x${sh_list_modules}"
1682 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1683
1684 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1685 sh_insmod_cmd="modprobe ${install_name}_hide"
1686 sh_lkm="samhain_hide.ko"
1687 else
1688 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1689 sh_lkm="samhain_hide.o samhain_erase.o"
1690 fi
1691 # -- END NEW --
1692
1693 kvers=`uname -r`
1694 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1695 lkm_inc="-I/lib/modules/${kvers}/build/include"
1696 else
1697 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1698 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1699 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1700 fi
1701 sh_is_vanilla_kernel=yes
1702 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1703 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
1704 fi
1705 if test x"${sh_is_vanilla_kernel}" = xno; then
1706 echo "This is not a 2.4 vanilla kernel"
1707 else
1708 AC_DEFINE(SH_VANILLA_KERNEL)
1709 fi
1710 fi
1711 ]
1712)
1713AC_SUBST(lkm_inc)
1714AC_SUBST(sh_lkm)
1715AC_SUBST(sh_insmod_cmd)
1716AC_SUBST(install_name)
1717AC_SUBST(INSTALL_NAME)
1718AC_SUBST(stegin_prg)
1719AC_SUBST(xor_code)
1720
1721AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1722AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1723
1724
1725exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1726exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1727exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1728
1729AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1730AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1731AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1732
1733
1734AC_ARG_ENABLE(suidcheck,
1735 [ --enable-suidcheck check for suid/sgid files [[no]]],
1736 [
1737 if test "x${enableval}" = "xyes"; then
1738 AC_DEFINE(SH_USE_SUIDCHK)
1739 fi
1740 ]
1741)
1742
1743
1744systemmap="/boot/System.map"
1745sh_libkvm=""
1746AC_ARG_WITH(kcheck,
1747 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
1748 [
1749 if test "x${withval}" != "xno"; then
1750 AC_DEFINE(SH_USE_KERN)
1751 kernelversion=`uname -r`
1752 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1753 if test "x${withval}" != "xyes"; then
1754 systemmap="${withval}"
1755 fi
1756 if test "x${cross_compiling}" = xyes; then
1757 :
1758 elif test "x$selectconfig" = "xfreebsd"; then
1759 LIBS="$LIBS -lkvm"
1760 sh_libkvm="-lkvm"
1761 elif test -f "${systemmap}"; then
1762 :
1763 else
1764 AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1765 fi
1766 fi
1767 ]
1768)
1769AC_SUBST(systemmap)
1770AC_SUBST(sh_libkvm)
1771
1772AC_ARG_ENABLE(base,
1773 [ --enable-base=B1,B2 base key (0...2147483647)],
1774 [
1775 AC_MSG_CHECKING(base key setting)
1776 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
1777 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
1778 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1779 if test "x${my_key_A}" = x; then
1780 AC_MSG_ERROR([--enable-base: first base key has zero length])
1781 fi
1782 if test "x${my_key_B}" = x; then
1783 AC_MSG_ERROR([--enable-base: second base key has zero length])
1784 fi
1785 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1786 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1787 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1788 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1789 ],
1790 [
1791 AC_MSG_CHECKING(base key setting .. collecting entropy)
1792 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1793 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1794 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1795 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1796 my_key_A=`expr $my_key_1 \* 32767`
1797 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
1798 my_key_A=`expr $my_key_A \+ $my_key_2`
1799 my_key_B=`expr $my_key_3 \* 32767`
1800 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
1801 my_key_B=`expr $my_key_B \+ $my_key_4`
1802 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1803 ]
1804 )
1805AC_SUBST(my_key_A)
1806AC_SUBST(my_key_B)
1807
1808dnl low bytes
1809my_key_1=`expr $my_key_A \% 65536`
1810dnl high bytes
1811my_key_2=`expr $my_key_A \/ 65536`
1812dnl low bytes
1813my_key_3=`expr $my_key_B \% 65536`
1814dnl high bytes
1815my_key_4=`expr $my_key_B \/ 65536`
1816
1817dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1818
1819dnl touch ./sh_MK.h
1820dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1821dnl echo "#define SH_MK_H" >> ./sh_MK.h
1822dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1823dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1824dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1825dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1826dnl echo "#endif" >> ./sh_MK.h
1827AC_SUBST(my_key_1)
1828AC_SUBST(my_key_2)
1829AC_SUBST(my_key_3)
1830AC_SUBST(my_key_4)
1831
1832AC_MSG_CHECKING(key position)
1833pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1834pos_tf_2=`expr $pos_tf_1 \% 8`
1835pos_tf=`expr $pos_tf_2 + 1`
1836AC_MSG_RESULT(${pos_tf})
1837AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1838
1839mykeybase=`echo ${my_key_A},${my_key_B}`
1840AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1841AC_SUBST(mykeybase)
1842
1843
1844dnl
1845dnl GPG/PGP options
1846dnl
1847
1848AC_ARG_WITH(gpg,
1849 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1850 [
1851 if test "x${withval}" != "xno"; then
1852 if test "x${cross_compiling}" = xyes; then
1853 mygpg="${withval}"
1854 else
1855 if test -f "${withval}"; then
1856 mygpg="${withval}"
1857 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1858 if test "x$?" != "x0"; then
1859 mychktest=no
1860 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1861 if test x"${mychktest}" = xyes
1862 then
1863 :
1864 else
1865 if test -f ${sampre}
1866 then
1867 echo "use existing ${sampre} for gpg checksum"
1868 mychk0=`${sampre} -H ${withval} 2>/dev/null`
1869 if test "x$?" != "x0"; then
1870 :
1871 else
1872 mychk="${mychk0}"
1873 mychktest=yes
1874 fi
1875 fi
1876 fi
1877 done
1878 if test x${mychktest} = xno; then
1879 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1880 echo "-------------------------------------------------------------"
1881 echo " Your gpg binary does not support the TIGER192 checksum, "
1882 echo " and I cannot find an existing samhain binary to use instead."
1883 echo " You can:"
1884 echo " (a) run make to compile a samhain binary, then repeat"
1885 echo " ./configure and make"
1886 echo " (b) ignore the failure. The checksum of the gpg binary"
1887 echo " will not get compiled in, thus allowing an attacker"
1888 echo " to replace gpg with a trojan and subverting the gpg"
1889 echo " signature verification of configure and database files."
1890 echo
1891 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
1892 echo "-------------------------------------------------------------"
1893 fi
1894 else
1895 mychk="${mychk0}"
1896 fi
1897 else
1898 AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1899 fi
1900 fi
1901 AC_DEFINE(WITH_GPG)
1902 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1903 AC_SUBST(mygpg)
1904 fi
1905 ]
1906)
1907
1908dnl AC_ARG_WITH(pgp,
1909dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1910dnl [myppg="$withval"
1911dnl AC_DEFINE(WITH_PGP)
1912dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1913dnl ])
1914
1915AC_ARG_WITH(checksum,
1916 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1917 [
1918 if test "x${withval}" != "xno"; then
1919 if test "x${withval}" != "xyes"; then
1920 if test "x${mychk}" != "x"; then
1921 if test "x${mychk}" != "x${withval}"; then
1922 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1923 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1924 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1925 fi
1926 fi
1927 mychk="${withval}"
1928 else
1929 if test "x${mychk}" = "x"; then
1930 AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1931 fi
1932 fi
1933 AC_DEFINE(HAVE_GPG_CHECKSUM)
1934 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1935 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1936 fi
1937 ],
1938 [
1939 if test "x${mygpg}" != "x"; then
1940 if test "x${mychk}" != "x"; then
1941 AC_DEFINE(HAVE_GPG_CHECKSUM)
1942 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1943 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1944 fi
1945 fi
1946 ]
1947)
1948
1949AC_ARG_WITH(fp,
1950 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1951 [
1952 if test "x${withval}" != "xno"; then
1953 if test "x${withval}" != "xyes"; then
1954 withval0=`echo ${withval} | sed 's% %%g'`
1955 echo "${withval0}" | \
1956 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1957 AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1958 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
1959 sh_len0=`expr ${sh_len} \- 1`
1960 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
1961 then
1962 myfp="${withval0}"
1963 AC_DEFINE(USE_FINGERPRINT)
1964 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1965 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1966 else
1967 AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1968 fi
1969 else
1970 AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1971 fi
1972 fi
1973 ])
1974
1975
1976dnl
1977dnl MAIL OPTIONS
1978dnl
1979
1980AC_ARG_WITH(recipient,
1981 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1982 [
1983 withval0=`echo ${withval} | sed 's%,% %g'`
1984 for sh_item in ${withval0}
1985 do
1986 case ${sh_item} in
1987 *@localhost)
1988 ;;
1989 *@*.*)
1990 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
1991 if test "x${sh_tmp}" != "x1"
1992 then
1993 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1994 fi
1995 ;;
1996 *)
1997 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
1998 ;;
1999 esac
2000 done
2001 myrcp="$withval0"
2002 ],
2003 [myrcp="NULL"])
2004AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2005
2006
2007AC_ARG_WITH(sender,
2008 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2009 [
2010 mysender="${withval}"
2011 ],
2012 [
2013 mysender="daemon"
2014 ])
2015AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2016
2017
2018dnl
2019dnl PATHS
2020dnl
2021
2022AC_ARG_WITH(trusted,
2023 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2024 [
2025 sh_tmp_test=no
2026 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2027 for sh_tmp1 in ${sh_tmp}
2028 do
2029 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2030 AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2031 if test "x${sh_tmp1}" = "x0"
2032 then
2033 sh_tmp_test=yes
2034 fi
2035 done
2036 if test "x${sh_tmp_test}" = "xno"
2037 then
2038 withval="0,${withval}"
2039 fi
2040 mytrust="${withval}"
2041 ],
2042 [mytrust="0"] )
2043AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2044AC_SUBST(mytrust)
2045
2046AC_ARG_WITH(tmp-dir,
2047 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2048 [
2049 if test "x${cross_compiling}" = xyes; then
2050 :
2051 else
2052 if test -d "${withval}"; then
2053 my_tmp_dir="$withval"
2054 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2055 else
2056 AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2057 fi
2058 fi
2059 ]
2060)
2061
2062dnl
2063dnl PATH DEFAULTS
2064dnl
2065
2066if test "x${ac_prefix_set}" = xyes
2067then
2068 if test "x${exec_prefix}" = xNONE
2069 then
2070 exec_prefix="${prefix}"
2071 fi
2072
2073 if test "x${prefix}" = xOPT
2074 then
2075 tmp_sbindir="/opt/${install_name}/bin"
2076 tmp_sysconfdir="/etc/opt"
2077 tmp_mandir="/opt/${install_name}/man"
2078 tmp_localstatedir="/var/opt/${install_name}"
2079 elif test "x${prefix}" = xUSR
2080 then
2081 tmp_sbindir="/usr/sbin"
2082 tmp_sysconfdir="/etc"
2083 tmp_mandir="/usr/share/man"
2084 tmp_localstatedir="/var"
2085 else
2086 tmp_sbindir=`eval echo ${sbindir}`
2087 tmp_sysconfdir=`eval echo ${sysconfdir}`
2088 tmp_mandir=`eval echo ${mandir}`
2089 tmp_localstatedir=`eval echo ${localstatedir}`
2090 fi
2091else
2092 prefix=""
2093 if test "x${ac_exec_prefix_set}" = xyes
2094 then
2095 tmp_sbindir=`eval echo ${sbindir}`
2096 else
2097 tmp_sbindir="/usr/local/sbin"
2098 fi
2099 tmp_sysconfdir="/etc"
2100 # share/man -> man (FHS) 11.10.2002
2101 tmp_mandir="/usr/local/man"
2102 tmp_localstatedir="/var"
2103fi
2104
2105
2106if test "x${ac_sbindir_set}" = xyes
2107then
2108 :
2109else
2110 sbindir=`eval echo ${tmp_sbindir}`
2111fi
2112
2113
2114if test "x${ac_sysconfdir_set}" = xyes
2115then
2116 :
2117else
2118 sysconfdir=`eval echo ${tmp_sysconfdir}`
2119fi
2120
2121if test "x${ac_mandir_set}" = xyes
2122then
2123 :
2124else
2125 mandir=`eval echo ${tmp_mandir}`
2126fi
2127
2128if test "x${ac_localstatedir_set}" = xyes
2129then
2130 :
2131else
2132 localstatedir=`eval echo ${tmp_localstatedir}`
2133fi
2134
2135
2136
2137AC_ARG_WITH(config-file,
2138 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2139 [
2140 myconffile="${withval}"
2141 changequote(<<, >>)dnl
2142 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2143 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2144 myrpmconffile="${tmp}"
2145 changequote([, ])dnl
2146 ],
2147 [
2148 myconffile="${sysconfdir}/${install_name}rc"
2149 myrpmconffile="${myconffile}"
2150 ]
2151)
2152AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2153AC_SUBST(myconffile)
2154AC_SUBST(myrpmconffile)
2155
2156AC_ARG_WITH(log-file,
2157 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2158 [
2159 mylogfile="$withval"
2160 changequote(<<, >>)dnl
2161 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2162 changequote([, ])dnl
2163 ],
2164 [
2165 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2166 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2167 mylogdir="${localstatedir}/log/${install_name}"
2168 else
2169 mylogfile="${localstatedir}/log/${install_name}_log"
2170 mylogdir="${localstatedir}/log"
2171 fi
2172 ]
2173)
2174AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2175AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2176AC_SUBST(mylogfile)
2177AC_SUBST(mylogdir)
2178
2179AC_ARG_WITH(pid-file,
2180 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2181 [
2182 mylockfile="$withval"
2183 changequote(<<, >>)dnl
2184 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2185 changequote([, ])dnl
2186 ],
2187 [
2188 mylockfile="${localstatedir}/run/${install_name}.pid"
2189 mylockdir="${localstatedir}/run"
2190 ]
2191)
2192AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2193AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2194AC_SUBST(mylockfile)
2195AC_SUBST(mylockdir)
2196
2197AC_ARG_WITH(state-dir,
2198 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2199 [
2200 mydataroot="$withval"
2201 ],
2202 [
2203 mydataroot="${localstatedir}/lib/${install_name}"
2204 ]
2205 )
2206AC_ARG_WITH(data-file,
2207 [ --with-data-file=FILE set path of data file],
2208 [
2209 mydatafile="$withval"
2210 changequote(<<, >>)dnl
2211 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2212 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2213 myrpmdatafile="${tmp}"
2214 changequote([, ])dnl
2215 if test x"${tmp}" = x
2216 then
2217 echo "No local path in data file ${withval}"
2218 echo "This will not work for initializing the database."
2219 if test x"${withval}" = xREQ_FROM_SERVER
2220 then
2221 echo "It should be REQ_FROM_SERVER/some/local/path"
2222 fi
2223 AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2224 fi
2225 ],
2226 [
2227 mydatafile="${mydataroot}/${install_name}_file"
2228 myrpmdatafile="${mydatafile}"
2229 ])
2230AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2231AC_SUBST(mydatafile)
2232AC_SUBST(myrpmdatafile)
2233
2234AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2235AC_SUBST(mydataroot)
2236
2237AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2238AC_SUBST(myqdir)
2239
2240
2241AC_ARG_WITH(html-file,
2242 [ --with-html-file=FILE set path of html file,],
2243 [
2244 myhtmlfile="$withval"
2245 ],
2246 [
2247 myhtmlfile="${mylogdir}/${install_name}.html"
2248 ])
2249AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2250AC_SUBST(myhtmlfile)
2251
2252
2253mydefargs=$ac_configure_args
2254# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2255# then
2256# mydefargs="--enable-static $mydefargs"
2257# fi
2258if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2259then
2260 mydefargs="--enable-base=${mykeybase} $mydefargs"
2261fi
2262AC_SUBST(mydefargs)
2263
2264
2265AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2266AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2267AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2268
2269AC_CONFIG_HEADER(config.h)
2270
2271AC_OUTPUT(
2272[
2273Makefile
2274samhain-install.sh
2275init/samhain.startLSB
2276init/samhain.startLinux
2277init/samhain.startGentoo
2278init/samhain.startFreeBSD
2279init/samhain.startSolaris
2280init/samhain.startHPUX
2281init/samhain.startIRIX
2282init/samhain.startMACOSX
2283samhain.spec
2284rules.deb
2285rules.deb-light
2286hp_ux.psf
2287scripts/samhain.spec
2288scripts/redhat_i386.client.spec
2289scripts/samhain.ebuild
2290scripts/samhain.ebuild-light
2291scripts/samhainadmin.pl
2292scripts/check_samhain.pl
2293deploy.sh
2294],
2295[
2296echo timestamp > stamp-h
2297chmod +x samhain-install.sh
2298chmod +x scripts/samhainadmin.pl
2299chmod +x scripts/check_samhain.pl
2300]
2301)
2302
2303chmod +x deploy.sh
2304
2305if test "x${cross_compiling}" = xyes
2306then
2307
2308echo "--------------------------------------------------------------"
2309echo
2310echo "You are using a cross-compiler. The following system dependent"
2311echo "values may have been set to default values that may be"
2312echo "incorrect for your target system: "
2313echo
2314echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2315echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2316echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2317echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2318echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2319echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2320echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2321echo
2322echo "If these values are incorrect, change them in the file "
2323echo "config.cache and run configure again."
2324echo
2325echo "--------------------------------------------------------------"
2326
2327fi
2328
2329if test x${silent} != xyes
2330then
2331
2332 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2333 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2334 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2335 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2336 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2337 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2338
2339 echo
2340 echo " samhain has been configured as follows:"
2341 echo " System binaries: ${sbindir}"
2342 echo " Configuration file: ${myconffile}"
2343 echo " Manual pages: ${mandir}"
2344 echo " Data: ${mydataroot}"
2345 echo " PID file: ${mylockfile}"
2346 echo " Log file: ${mylogfile}"
2347 echo " Base key: ${mykeybase}"
2348 echo
2349 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2350 then
2351 echo " Selected rc file: yulerc"
2352 else
2353 echo " Selected rc file: samhainrc.${selectconfig}"
2354 fi
2355
2356fi
2357
Note: See TracBrowser for help on using the repository browser.