source: trunk/configure.ac@ 39

Last change on this file since 39 was 39, checked in by rainer, 19 years ago

Check System.map for sys_call_table in read-only section.

File size: 64.4 KB
RevLine 
[1]1dnl We want to override the standard AC_INIT_PARSE_ARGS,
2dnl which requires replacing AC_INIT() with its expanded
3dnl content.
4dnl
5dnl include own macros
6dnl
7sinclude(acsite.m4)dnl
8sinclude(./aclocal.m4)dnl
9
10dnl
11dnl AC_INIT(samhain.c)
12dnl
13# Forbidden tokens and exceptions.
14m4_pattern_forbid([^_?A[CHUM]_])
15m4_pattern_forbid([_AC_])
16m4_pattern_forbid([^LIBOBJS$],
17 [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs. LIBOBJS'])
18# Actually reserved by M4sh.
19m4_pattern_allow([^AS_FLAGS$])
20AS_INIT
21dnl m4_ifval([$2], [_AC_INIT_PACKAGE($@)])
22_AC_INIT_DEFAULTS
23SH_INIT_PARSE_ARGS
24_AC_INIT_SRCDIR
25SH_INIT_HELP
26_AC_INIT_VERSION
27_AC_INIT_CONFIG_LOG
28_AC_INIT_PREPARE
29_AC_INIT_NOTICE
30_AC_INIT_COPYRIGHT
31m4_ifval([$2], , [m4_ifval([$1], [AC_CONFIG_SRCDIR([$1])])])dnl
32
33AC_ARG_VAR([LIBS],
34 [libraries to link against, e.g. -lintl])
35
36dnl
37dnl start
38dnl
[32]39AM_INIT_AUTOMAKE(samhain, 2.2.0)
[1]40AC_CANONICAL_HOST
41
42dnl
43dnl checks for programs
44dnl
45
46AC_PROG_CC
47AC_PROG_CPP
48AC_PROG_INSTALL
49AC_PROG_LN_S
50AC_PROG_AWK
51AC_PATH_PROG(cmd_hostname,hostname)
52AC_SUBST(cmd_hostname)
53
54GCC_STACK_PROTECT_CC
55
56AC_HEADER_STDC
57dnl
58dnl first one is a dummy because of an autoconf bug
59dnl (no HAVE_... for first one)
60dnl
61AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
62
63
64AC_MSG_CHECKING([for host-specific issues])
65mydebugflag=no
66myneedg3=no
67uid_cast="signed long"
68selectconfig=linux
69mynetbsd=no
70sh_use_lcaps="undef"
71
72case "$host_os" in
73
74 *linux*)
75 sh_use_lcaps="yes"
76 AC_DEFINE(HOST_IS_LINUX)
77 AC_DEFINE(HAVE_EXT2_IOCTLS)
78 AC_MSG_RESULT(LINUX use ioctl to get e2fs flags)
79 case "$host_cpu" in
80 i*86*)
81 AC_DEFINE(HOST_IS_I86LINUX)
82 ;;
83 *)
84 ;;
85 esac
86 ;;
87
88 *osf*)
89 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
90 if test "x$GCC" != "xyes"; then
91 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
92 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
93 myneedg3=yes
94 AC_MSG_RESULT(OSF1 compiler needs assume noaligned_objects)
95 else
96 AC_MSG_RESULT(none)
97 fi
98 ;;
99
100 *cygwin*)
101 AC_DEFINE(HOST_IS_CYGWIN)
102 AC_MSG_RESULT(CYGWIN do not check for trusted paths)
103 ;;
104
105 *darwin*)
106 AC_DEFINE(HOST_IS_DARWIN)
107 AC_MSG_RESULT(DARWIN check resource forks)
108 ;;
109
110 *freebsd*)
111 AC_DEFINE(HOST_IS_FREEBSD)
112 selectconfig=freebsd
113 AC_MSG_RESULT(none)
114 ;;
115
116 *openbsd*)
117 selectconfig=freebsd
118 AC_MSG_RESULT(none)
119 ;;
120
121 *netbsd*)
122 mynetbsd=yes
123 AC_MSG_RESULT(NETBSD bug with libresolve)
124 ;;
125
126 *solaris*)
127 selectconfig=solaris
128 AC_DEFINE(HOST_IS_SOLARIS)
129 case "$host_cpu" in
130 i*86)
131 AC_DEFINE(HOST_IS_I86SOLARIS)
132 AC_MSG_RESULT(SOLARIS I86 vsnprintf prototype)
133 ;;
134 *)
135 AC_MSG_RESULT(none)
136 ;;
137 esac
138 if test "x$GCC" != "xyes"; then
139 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
140 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
141 fi
142 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
143 CFLAGS="$CFLAGS -xO2"
144 fi
145 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
146 CFLAGS="$CFLAGS -Xa"
147 fi
148 LIBS="-lc $LIBS"
149 fi
150 ;;
151
152
153 *sun*)
154 selectconfig=solaris
155 AC_DEFINE(HOST_IS_SOLARIS)
156 AC_MSG_RESULT(none)
157 ;;
158
159 *aix*)
160 AC_DEFINE(HOST_IS_AIX)
161 selectconfig=aix5.2.0
162 uid_cast="unsigned long"
163 if test "x$GCC" != "xyes"; then
164 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
165 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
166 fi
167 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
168 CFLAGS="$CFLAGS -O3"
169 fi
170 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
171 CFLAGS="$CFLAGS -qstrict"
172 fi
173 AC_MSG_RESULT(AIX size_t in the accept call and optimize O3 qstrict)
174 else
175 AC_MSG_RESULT(AIX size_t in the accept call)
176 fi
177 ;;
178
179 *hpux*)
180 AC_MSG_RESULT(HPUX has not always h_errno defined)
181 AC_DEFINE(HOST_IS_HPUX)
182 if test "x$GCC" != "xyes"; then
183 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
184 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
185 fi
186 if test -z "`echo "$CFLAGS" | grep "\-fast" 2> /dev/null`"; then
187 CFLAGS="$CFLAGS -fast"
188 fi
189 fi
190 ;;
191
192 *ultrix*)
193 AC_MSG_RESULT(ULTRIX getcwd uses popen)
194 AC_DEFINE(HAVE_BROKEN_GETCWD)
195 ;;
196
197 *)
198 AC_MSG_RESULT(none)
199 ;;
200esac
201
202AC_SUBST(selectconfig)
203AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
204
205
206dnl *****************************************
207dnl
208dnl checks for header files
209dnl
210dnl *****************************************
211
212AC_HEADER_DIRENT
213AC_HEADER_MAJOR
214AC_HEADER_TIME
215dnl used in minilzo.c
216AC_HEADER_STAT
217AC_DECL_SYS_SIGLIST
218
219AC_CHECK_HEADERS(stddef.h libgen.h sched.h \
220 sys/vfs.h \
221 sys/select.h sys/socket.h netinet/in.h \
222 regex.h glob.h \
223 linux/ext2_fs.h ext2fs/ext2_fs.h \
224 paths.h arpa/nameser.h arpa/nameser_compat.h,
225 [],
226 [],
227 [#include <sys/types.h>]
228)
229
230
231AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
232if test "x$sh_utmpx" = "xyes"; then
233 if cat "/usr/include/utmpx.h" 2>&5 |
234 egrep "WTMPX_FILE" >/dev/null 2>&1; then
235 AC_DEFINE(HAVE_UTMPX_H)
236 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
237 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
238 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
239 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
240 else
241 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
242 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
243 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
244 fi
245else
246 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
247 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
248fi
249
250dnl need to check because AIX 4.2 does not have it
251dnl
252AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
253#ifdef HAVE_SYS_TYPES_H
254#include <sys/types.h>
255#endif
256#ifdef HAVE_SYS_STAT_H
257#include <sys/stat.h>
258#endif
259#ifdef HAVE_SYS_VFS_H
260#include <sys/vfs.h>
261#endif
262#ifdef HAVE_UNISTD_H
263#include <unistd.h>
264#endif
265])
266
267AC_SYS_LARGEFILE
268
269dnl
270dnl check whether _POSIX_SOURCE is required
271dnl
272SAMHAIN_POSIX
273
274
275dnl *****************************************
276dnl
277dnl Checks for library functions.
278dnl
279dnl *****************************************
280AC_FUNC_STRFTIME
281AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
282 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
283 seteuid setreuid setresuid lstat getwd getcwd ptrace \
284 usleep setpriority getpeereid nanosleep \
285 strptime basename sched_yield \
286 inet_aton gethostbyname setutent setrlimit gethostname uname \
287 initgroups getpagesize \
288 ttyname fchmod
289)
290AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
291SL_CHECK_VA_COPY
292AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
293AC_CHECK_MLOCK
294
295AC_MSG_CHECKING(how to get filesystem type)
296fstype=no
297# The order of these tests is important.
298AC_TRY_CPP([#include <sys/statvfs.h>
299#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
300if test $fstype = no; then
301AC_TRY_CPP([#include <sys/statfs.h>
302#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
303fi
304if test $fstype = no; then
305AC_TRY_CPP([#include <sys/statfs.h>
306#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
307fi
308if test $fstype = no; then
309AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
310fi
311if test $fstype = no; then
312AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
313fi
314if test $fstype = no; then
315AC_TRY_CPP([#include <sys/mount.h>
316#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
317fi
318AC_MSG_RESULT($fstype)
319
320sh_libsocket=
321
322dnl Solaris needs -lsocket and -lnsl. Unisys system includes
323dnl gethostbyname in libsocket but needs libnsl for socket.
324AC_CHECK_LIB(nsl, gethostbyname)
325AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
326if test x$ac_need_libsocket = x1; then
327 LIBS="$LIBS -lsocket"
328 sh_libsocket="-lsocket"
329fi
330if test x$ac_try_nsl = x1; then
331 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
332 if test x$ac_need_libnsl = x1
333 then
334 LIBS="$LIBS -lnsl"
335 fi
336fi
337AC_SUBST(sh_libsocket)
338
339AC_CHECK_LIB(socket, res_search, [
340 AC_CHECK_LIB(resolv, dn_skipname)
341 AC_CHECK_LIB(resolv, __dn_skipname)
342 if test x$ac_need_libsocket = x1; then
343 :
344 else
345 LIBS="$LIBS -lsocket"
346 fi
347 ], [
348 AC_CHECK_LIB(resolv, res_search, [
349 LIBS="$LIBS -lresolv"
350 ], [
351 AC_CHECK_LIB(resolv, dn_skipname)
352 AC_CHECK_LIB(resolv, __dn_skipname)
353 ])
354 ])
355
356dnl arguments for accept
357
358dnl check for Unix98 socklen_t (found on
359dnl xemacs-patches mailing list, written
360dnl by Martin Buchholz)
361dnl
362dnl On Darwin(MacOSX) socklen_t needs to be
363dnl an int (see accept man page), on all other
364dnl unix systems we need a size_t.
365
366AC_MSG_CHECKING(for socklen_t)
367AC_TRY_COMPILE([
368#ifdef HAVE_SYS_TYPES_H
369#include <sys/types.h>
370#endif
371#ifdef HAVE_SYS_SOCKET_H
372#include <sys/socket.h>
373#endif
374 socklen_t x;
375], [],[
376 AC_MSG_RESULT(yes)
377 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
378],[
379 AC_TRY_COMPILE([
380#ifdef HAVE_SYS_TYPES_H
381#include <sys/types.h>
382#endif
383#ifdef HAVE_SYS_SOCKET_H
384#include <sys/socket.h>
385#endif
386 int accept (int, struct sockaddr *, size_t *);
387 ],[],[
388 AC_MSG_RESULT(size_t)
389 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
390 ], [
391 AC_MSG_RESULT(int)
392 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
393 ]
394 )
395])
396
397
398dnl *****************************************
399dnl checks for typedefs
400dnl *****************************************
401
402AC_C_LONG_DOUBLE
403SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
404if test "$sh_HAVE_LONG_LONG" = "yes"; then
405 AC_CHECK_SIZEOF(unsigned long long, 4)
406 if test "$ac_cv_sizeof_unsigned_long_long" = "8"; then
407 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
408 fi
409fi
410
411AC_CHECK_TYPE(ptrdiff_t, long)
412AC_TYPE_SIZE_T
413AC_CHECK_SIZEOF(char *, 4)
414AC_CHECK_SIZEOF(size_t, 4)
415
416AC_CHECK_SIZEOF(unsigned long, 4)
417AC_CHECK_SIZEOF(unsigned int , 4)
418AC_CHECK_SIZEOF(unsigned short, 2)
419
420
421if test "$ac_cv_sizeof_unsigned_long" = "4"; then
422 AC_DEFINE(HAVE_LONG_32)
423fi
424if test "$ac_cv_sizeof_unsigned_long" = "8"; then
425 AC_DEFINE(HAVE_LONG_64)
426fi
427if test "$ac_cv_sizeof_unsigned_int" = "4"; then
428 AC_DEFINE(HAVE_INT_32)
429fi
430
431dnl
432dnl For Alpha
433dnl
434if test "$ac_cv_sizeof_unsigned_int_" = "4"; then
435 AC_DEFINE(HAVE_INT_32)
436fi
437if test "$ac_cv_sizeof_unsigned_short" = "4"; then
438 AC_DEFINE(HAVE_SHORT_32)
439fi
440
[18]441dnl
442dnl check for 64 bit programming environment
443dnl
444SAMHAIN_64
445
446
[1]447dnl *****************************************
448dnl checks for structures
449dnl *****************************************
450
451AC_STRUCT_TM
452
453dnl
454dnl from e2fsprogs
455dnl
456AC_MSG_CHECKING(whether struct stat has a st_flags field)
457AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
458 AC_TRY_COMPILE([#include <sys/stat.h>],
459 [struct stat stat; stat.st_flags = 0;],
460 [e2fsprogs_cv_struct_st_flags=yes],
461 [e2fsprogs_cv_struct_st_flags=no]))
462AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
463if test "$e2fsprogs_cv_struct_st_flags" = yes; then
464 AC_MSG_CHECKING(whether st_flags field is useful)
465 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
466 AC_TRY_COMPILE([#include <sys/stat.h>],
467 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
468 [e2fsprogs_cv_struct_st_flags_immut=yes],
469 [e2fsprogs_cv_struct_st_flags_immut=no]))
470 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
471 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
472 AC_DEFINE(HAVE_STAT_FLAGS)
473 fi
474fi
475
476dnl
477dnl from dbus
478dnl
479AC_MSG_CHECKING(for struct cmsgcred)
480AC_TRY_COMPILE([
481#include <sys/types.h>
482#include <sys/socket.h>
483],[
484struct cmsgcred cred;
485
486cred.cmcred_pid = 0;
487],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
488AC_MSG_RESULT($sh_have_struct_cmsgcred)
489
490if test x$sh_have_struct_cmsgcred = xyes; then
491 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
492fi
493
494AC_MSG_CHECKING(for struct fcred)
495AC_TRY_COMPILE([
496#include <sys/param.h>
497#include <sys/socket.h>
498#include <sys/ucred.h>
499],[
500struct fcred sockcred;
501],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
502AC_MSG_RESULT($sh_have_struct_fcred)
503
504if test x$sh_have_struct_fcred = xyes; then
505 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
506fi
507
508AC_MSG_CHECKING(for struct sockcred)
509AC_TRY_COMPILE([
510#include <sys/param.h>
511#include <sys/socket.h>
512#include <sys/ucred.h>
513],[
514struct sockcred sockcred;
515],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
516AC_MSG_RESULT($sh_have_struct_sockcred)
517
518if test x$sh_have_struct_sockcred = xyes; then
519 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
520fi
521
522AC_MSG_CHECKING(for SO_PEERCRED)
523AC_TRY_COMPILE([
524#include <sys/types.h>
525#include <sys/socket.h>
526],[
527int test = SO_PEERCRED;
528],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
529AC_MSG_RESULT($sh_have_SO_PEERCRED)
530
531if test x$sh_have_SO_PEERCRED = xyes; then
532 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
533fi
534
535
536dnl *****************************************
537dnl checks for compiler characteristics
538dnl *****************************************
539AC_C_INLINE
540AC_C_CONST
541AC_C_BIGENDIAN
542
543AM_SA_SIGACTION_WORKS
544
545dnl *****************************************
546dnl
547dnl checks for system services
548dnl
549dnl *****************************************
550
551dnl
552dnl check for GNU gmp
553dnl
554AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
555if test "x${sh_have_gmp}" = xno
556then
557 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
558fi
559if test "x${sh_have_gmp}" = xyes
560then
561 # LIBS="-lgmp $LIBS"
562 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
563fi
564AC_CHECK_HEADERS(gmp.h)
565
566
567dnl *****************************************
568dnl
569dnl enable features
570dnl
571dnl *****************************************
572
573AC_ARG_ENABLE(db-reload,
574 [ --enable-db-reload enable database reload on SIGHUP [no]],
575 [
576 if test "x${enable_db_reload}" = xyes; then
577 AC_DEFINE(RELOAD_DATABASE)
578 fi
579 ]
580)
581
582AC_ARG_ENABLE(xml-log,
583 [ --enable-xml-log enable XML logfile format [[no]]],
584 [
585 if test "x${enable_xml_log}" = xyes; then
586 AC_DEFINE(SH_USE_XML)
587 fi
588 ]
589)
590
591
592AC_ARG_ENABLE(mail,
593 [ --disable-mail disable the internal SMTP mailer],
594 [
595 if test "x${enable_mail}" = xno; then
596 :
597 else
598 AC_DEFINE(SH_WITH_MAIL)
599 fi
600 ],
601 [AC_DEFINE(SH_WITH_MAIL)]
602)
603
604AC_ARG_ENABLE(external-scripts,
605 [ --disable-external-scripts disable interface to external scripts],
606 [
607 if test "x${enableval}" = xno; then
608 :
609 else
610 AC_DEFINE(WITH_EXTERNAL)
611 fi
612 ],
613 [AC_DEFINE(WITH_EXTERNAL)]
614)
615
616AC_ARG_ENABLE(message-queue,
617 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
618 [
[19]619 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
620 if test "x${enable_message_queue}" = xyes; then
621 AC_DEFINE(WITH_MESSAGE_QUEUE)
622 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
623 elif test "x${enable_message_queue}" != xno; then
624 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
625 AC_MSG_ERROR([--enable-message-queue: MODE must be numeric])
626 echo "${enableval}" | \
627 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
628 AC_MSG_ERROR([--enable-message-queue: MODE must be an octal (0nnn) number])
[1]629 AC_DEFINE(WITH_MESSAGE_QUEUE)
[19]630 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
631 fi
632 else
633 echo
634 echo "**********************************************"
635 echo
636 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
637 echo
638 echo "**********************************************"
639 echo
[1]640 fi
641 ]
642)
643
644AC_ARG_WITH(cflags,
645 [ --with-cflags additional flags to pass to compiler],
646 [
647 if test "x$withval" != "xno" ; then
648 CFLAGS="$CFLAGS $withval"
649 fi
650 ]
651)
652AC_ARG_WITH(libs,
653 [ --with-libs additional libraries to link with],
654 [
655 if test "x$withval" != "xno" ; then
656 LIBS="$LIBS $withval"
657 fi
658 ]
659)
660
661
662#
663# this is from ssh
664#
665AC_MSG_CHECKING(whether to use libwrap)
666LIBWRAP_LIB=""
667LIBWRAP_INC=""
668AC_ARG_WITH(libwrap,
[18]669[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
[1]670[ AC_MSG_RESULT($withval)
671 case "$withval" in
672 no)
673 ;;
674 ""|yes)
675 LIBWRAP_LIB="-lwrap"
676 ;;
677 *)
678 if test -d "$withval"; then
679 LIBWRAP_LIB="-L$withval -lwrap"
680 changequote(<<, >>)dnl
681 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
682 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
683 changequote([, ])dnl
684 else
685 LIBWRAP_LIB="-lwrap"
686 changequote(<<, >>)dnl
687 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
688 LIBWRAP_INC="-I${sh_libwrap_inc}"
689 changequote([, ])dnl
690 fi
691 ;;
692 esac
693 if test -n "$LIBWRAP_LIB"; then
694 # OLDLIBS="$LIBS"
695 LIBS="$LIBWRAP_LIB $LIBS"
696 # OLDCFLAGS="$CFLAGS"
697 CFLAGS="$CFLAGS $LIBWRAP_INC"
698 AC_CHECK_HEADER(tcpd.h,
699 [],
700 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You must first install tcp_wrappers]) ])
701 AC_TRY_LINK([ #include <tcpd.h>
702 int allow_severity; int deny_severity; ],
703 [ hosts_access((struct request_info *) 0); ],
704 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
705 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
706 fi ],
707 AC_MSG_RESULT(no)
708)
709
710
711#
712# this is from the snort configure.in
713#
714AC_DEFUN(FAIL_MESSAGE,[
715 echo
716 echo
717 echo "**********************************************"
718 echo " ERROR: unable to find" $1
719 echo " checked in the following places"
720 for i in `echo $2`; do
721 echo " $i"
722 done
723 echo "**********************************************"
724 echo
725 exit
726])
727
728AC_ARG_WITH(libprelude-prefix,
[18]729 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
[1]730 libprelude_config_prefix="$withval", libprelude_config_prefix="")
731
732AC_MSG_CHECKING(whether to use prelude)
733AC_ARG_WITH(prelude,
[18]734 [ --with-prelude Prelude IDS support [[no]]],
[1]735 [
736 if test "x${withval}" = "xno"; then
737 AC_MSG_RESULT(no)
738 else
739 AC_MSG_RESULT(yes)
740 if test x$libprelude_config_prefix != x ; then
741 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
742 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
743 fi
744 fi
745
746 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
747 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
748 HAVE_PRELUDE_CONFIG=no
749 else
750 HAVE_PRELUDE_CONFIG=yes
751 fi
752dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
753 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
754 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
755 case "$sh_libprelude_version" in
756 0.8*)
757 sh_prelude_libs=`$LIBPRELUDE_CONFIG --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
758 sh_prelude_cflags=`$LIBPRELUDE_CONFIG --cflags`
759 LIBS="$LIBS ${sh_prelude_libs}"
760 CFLAGS="$CFLAGS ${sh_prelude_cflags}"
761 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
762 AC_DEFINE(HAVE_LIBPRELUDE_8,1,[Have libprelude 0.8])
763 ;;
764 *)
[26]765 AM_PATH_LIBPRELUDE([0.9.6],
[1]766 [
767 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
768 AC_DEFINE(HAVE_LIBPRELUDE_9,1,[Have libprelude 0.9])
769 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
770 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
771 LIBS="$LIBS $LIBPRELUDE_LIBS"
772 ],
773 [
774 AC_MSG_ERROR([Could not find libprelude.])
775 ])
776 ;;
777 esac
778 else
779 AC_MSG_ERROR([Could not find libprelude.])
780 fi
781 fi
782 ],
783 [
784 AC_MSG_RESULT(no)
785 ]
786)
787
788dnl AC_MSG_CHECKING(whether to use prelude)
789dnl AC_ARG_WITH(prelude,
790dnl [ --with-prelude Prelude IDS support [[no]]],
791dnl [
792dnl if test "x${withval}" = "xno"; then
793dnl AC_MSG_RESULT(no)
794dnl else
795dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
796dnl if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
797dnl sh_prelude_libs=`libprelude-config --libs | sed 's,\(.*\)\( -L.* -lprelude$\),\2 \1,'`
798dnl sh_prelude_cflags=`libprelude-config --cflags`
799dnl LIBS="$LIBS ${sh_prelude_libs}"
800dnl CFLAGS="$CFLAGS ${sh_prelude_cflags}"
801dnl AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
802dnl else
803dnl AC_MSG_ERROR([Could not find libprelude-config. Did you specify a valid path?])
804dnl fi
805dnl fi
806dnl ],
807dnl AC_MSG_RESULT(no)
808dnl )
809
810AC_ARG_ENABLE(static,
811 [ --enable-static enable static linking (recommended) [[no]]],
812 [
813 if test x$enable_static = xyes; then
814 if test x"$mynetbsd" = xyes
815 then
816 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
817 LIBS="${tmp_LIBS}"
818 fi
819 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
820 if test "x$GCC" = "xyes"; then
821 LDFLAGS="$LDFLAGS -static"
822 else
823 case "$host_os" in
824
825 *aix*)
826 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
827 ;;
828
829 *hpux*)
830 LDFLAGS="$LDFLAGS -Wl,-a,archive"
831 ;;
832
833 *osf*)
834 LDFLAGS="$LDFLAGS -non_shared"
835 ;;
836
837 *irix*)
838 LDFLAGS="$LDFLAGS -non_shared"
839 ;;
840
841 *sco*)
842 LDFLAGS="$LDFLAGS -dn"
843 ;;
844
845 *sun*)
846 LDFLAGS="$LDFLAGS -Bstatic"
847 ;;
848
849 *solaris*)
850 LDFLAGS="$LDFLAGS -Bstatic"
851 ;;
852
853 *)
854 echo "***********************************************"
855 echo "*"
856 echo "* Don't know how to enable static linking"
857 echo "* with your compiler. Please set the environment"
858 echo "* variable LDFLAGS to:"
859 echo "* ${LDFLAGS} + the static linking flag"
860 echo "* and run configure again"
861 echo "*"
862 echo "***********************************************"
863 ;;
864
865 esac
866 fi
867 fi
868 ]
869)
870
871#
872# partly based on the snort configure.in
873#
874AC_ARG_WITH(database,
875 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
876 [
877 if test x"$enable_xml_log" != xyes; then
878 AC_MSG_ERROR([--with-database: --enable-xml-log required])
879 fi
880 if test "x${withval}" = "xmysql"; then
881 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
882 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
[19]883 # echo "mysql_config found"
[1]884 sh_mysql_libs="`mysql_config --libs`"
885 # echo ${sh_mysql_libs}
886 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
887 # echo $mysql_libs
888 # save_libs="$LIBS"
889 # LIBS="$LIBS `mysql_config --libs`"
890 # echo $LIBS
891 LIBS="$LIBS ${sh_mysql_libs}"
[19]892 # echo $LIBS
[1]893 sh_mysql_cflags="`mysql_config --cflags`"
894 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
895 # CFLAGS="$CFLAGS `mysql_config --cflags`"
896 # CFLAGS="$CFLAGS ${sh_mysql_cflags}"
897 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
898 else
899 AC_MSG_CHECKING(for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME)
900 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
901
902 for i in $mysql_directory; do
903 if test -r $i/include/mysql/mysql.h; then
904 MYSQL_DIR=$i
905 MYSQL_INC_DIR=$i/include
906 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
907 fi
908 done
909 if test -z "$MYSQL_DIR"; then
910 for i in $mysql_directory; do
911 if test -r $i/include/mysql.h; then
912 MYSQL_DIR=$i
913 MYSQL_INC_DIR=$i/include
914 fi
915 done
916 fi
917
918 if test -z "$MYSQL_DIR"; then
919 tmp=""
920 for i in $mysql_directory; do
921 tmp="$tmp $i/include $i/include/mysql"
922 done
923 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
924 fi
925
926 for i in lib lib/mysql; do
927 str="$MYSQL_DIR/$i/libmysqlclient.*"
928 for j in `echo $str`; do
929 if test -r $j; then
930 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
931 break 2
932 fi
933 done
934 done
935
936 if test -z "$MYSQL_LIB_DIR"; then
937 for ff in $mysql_directory; do
938 for i in lib lib/mysql; do
939 str="$ff/$i/libmysqlclient.*"
940 for j in `echo $str`; do
941 if test -r $j; then
942 MYSQL_LIB_DIR="$ff/$i"
943 break 3
944 fi
945 done
946 done
947 done
948 fi
949
950 if test -z "$MYSQL_LIB_DIR"; then
951 tmp=""
952 for i in $mysql_directory; do
953 tmp="$i/lib $i/lib/mysql"
954 done
955 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
956 fi
957
958 AC_MSG_RESULT(yes)
959 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
960 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
961 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
962 fi
963 AC_DEFINE(WITH_MYSQL)
964 AC_DEFINE(WITH_DATABASE)
965 AC_CHECK_LIB(z, inflateEnd, [zlib_cv_libz=yes], [zlib_cv_libz=no])
966 AC_MSG_CHECKING(for zlib)
967 if test "$zlib_cv_libz" = "yes"
968 then
969 LIBS="$LIBS -lz -lm"
970 AC_MSG_RESULT(ok)
971 else
972 AC_MSG_RESULT(failed)
973 echo
974 echo " Either the mysql or the zlib library was not found"
975 echo " or was unusable, maybe because an old, incompatible"
976 echo " version is installed on your system, eg compiled from"
977 echo " source long time ago. See config.log for the error"
978 echo " message from the compiler."
979 echo " Please review your installed mysql and zlib libraries"
980 echo " and/or use --with-libs=-L/path/to/libdirectory"
981 echo " where libdirectory is the directory holding libmysql"
982 echo " or libz."
983 if test x"$enable_static" = xyes; then
984 echo " Note that for compiling a static binary, you need"
985 echo " the static libraries, rather than the shared ones."
986 fi
987 echo
988 AC_MSG_ERROR([libmysql or zlib not found or unuseable])
989 fi
990 AC_CHECK_HEADERS(mysql/mysql.h)
991 elif test "x${withval}" = "xpostgresql"; then
992 AC_DEFINE(WITH_POSTGRES)
993 AC_DEFINE(WITH_DATABASE)
994 #
995 PGCONF="no"
996 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
997 OLD_IFS="$IFS"
998 IFS=":"
999 for ff in ${MY_PATH}
1000 do
1001 if test -f "$ff/pg_config"
1002 then
1003 PGCONF="$ff/pg_config"
1004 fi
1005 done
1006 IFS="${OLD_IFS}"
1007 #
1008 #
1009 if test "x${PGCONF}" = "xno"
1010 then
1011 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1012 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1013 for i in $pgsql_directory; do
1014 if test -r $i/include/pgsql/libpq-fe.h; then
1015 PGSQL_INC_DIR=$i/include
1016 PGSQL_DIR=$i
1017 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1018 fi
1019 done
1020 if test -z "$PGSQL_DIR"; then
1021 for i in $pgsql_directory; do
1022 if test -r $i/include/libpq-fe.h; then
1023 PGSQL_INC_DIR=$i/include
1024 PGSQL_DIR=$i
1025 fi
1026 done
1027 fi
1028
1029 if test -z "$PGSQL_DIR"; then
1030 tmp=""
1031 for i in $pgsql_directory; do
1032 tmp="$tmp $i/include $i/include/pgsql"
1033 done
1034 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1035 fi
1036
1037 for i in lib lib/pgsql; do
1038 str="$PGSQL_DIR/$i/libpq.*"
1039 for j in `echo $str`; do
1040 if test -r $j; then
1041 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1042 break 2
1043 fi
1044 done
1045 done
1046
1047 if test -z "$PGSQL_LIB_DIR"; then
1048 for ff in $pgsql_directory; do
1049 for i in lib lib/pgsql; do
1050 str="$ff/$i/libpq.*"
1051 for j in `echo $str`; do
1052 if test -r $j; then
1053 PGSQL_LIB_DIR="$ff/$i"
1054 break 3
1055 fi
1056 done
1057 done
1058 done
1059 fi
1060
1061 if test -z "$PGSQL_LIB_DIR"; then
1062 tmp=""
1063 for i in $pgsql_directory; do
1064 tmp="$i/lib $i/lib/pgsql"
1065 done
1066 FAIL_MESSAGE("postgresql library libpq", $tmp)
1067 fi
1068
1069 AC_MSG_RESULT(yes)
1070
1071 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1072 if test x"$enable_static" = xyes; then
1073 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1074 else
1075 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1076 fi
1077 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1078 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1079 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1080 else
1081 pg_lib_dir=`${PGCONF} --libdir`
1082 if test x"$enable_static" = xyes; then
1083 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1084 else
1085 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1086 fi
1087 pg_inc_dir=`${PGCONF} --includedir`
1088 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1089 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1090 fi
1091 elif test "x${withval}" = "xodbc"; then
1092 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1093 odbc_directory="/usr /usr/local"
1094
1095 for i in $odbc_directory; do
1096 if test -r $i/include/sql.h; then
1097 if test -r $i/include/sqlext.h; then
1098 if test -r $i/include/sqltypes.h; then
1099 ODBC_DIR=$i
1100 ODBC_INC_DIR=$i/include
1101 fi
1102 fi
1103 fi
1104 done
1105
1106 if test -z "$ODBC_DIR"; then
1107 tmp=""
1108 for i in $odbc_directory; do
1109 tmp="$tmp $i/include"
1110 done
1111 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1112 fi
1113
1114 str="$ODBC_DIR/lib/libodbc.*"
1115 for j in `echo $str`; do
1116 if test -r $j; then
1117 ODBC_LIB_DIR="$ODBC_DIR/lib"
1118 ODBC_LIB="odbc"
1119 fi
1120 done
1121
1122 if test -z "$ODBC_LIB_DIR"; then
1123 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1124 fi
1125
1126 AC_MSG_RESULT(yes)
1127 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1128 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1129 AC_DEFINE(WITH_ODBC)
1130 AC_DEFINE(WITH_DATABASE)
1131
1132 elif test "x${withval}" = "xoracle"; then
1133 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1134 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1135 for i in $oracle_directory; do
1136 if test -r $i/rdbms/demo/oci.h; then
1137 ORACLE_DIR=$i
1138 fi
1139 done
1140
1141 if test -z "$ORACLE_DIR"; then
1142 tmp=""
1143 for i in $oracle_directory; do
1144 tmp="$tmp $i/rdbms/demo"
1145 done
1146 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1147 else
1148 for i in rdbms/demo rdbms/public network/public; do
1149 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1150 done
1151 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1152 AC_MSG_RESULT(yes)
1153
1154 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1155
1156 ORACLE_LIBS="-lclntsh"
1157 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1158 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1159 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1160 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1161 fi
1162 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1163 fi
1164 AC_DEFINE(WITH_ORACLE)
1165 AC_DEFINE(WITH_DATABASE)
1166
1167 else
1168 AC_MSG_ERROR([--with-database: unsupported database ${withval}])
1169 fi
1170 ]
1171)
1172
1173AC_ARG_WITH(console,
[18]1174 [ --with-console=PATH set path to console device [[/dev/console]]],
[1]1175 [
1176 if test "x${withval}" != xno; then
1177 mycons="$withval"
1178 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1179 fi
1180 ])
1181
1182AC_ARG_WITH(altconsole,
[18]1183 [ --with-altconsole=PATH set path to second console device [[none]]],
[1]1184 [
1185 if test "x${withval}" != xno; then
1186 myaltcons="$withval"
1187 else
1188 myaltcons="NULL"
1189 fi
1190 ],
1191 [myaltcons="NULL"])
1192AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1193
1194AC_ARG_WITH(timeserver,
[18]1195 [ --with-timeserver=HOST set host address for time server [[none]]],
[1]1196 [
1197 if test "x${withval}" != xno; then
1198 mytimeserv="$withval"
1199 AC_DEFINE(HAVE_NTIME)
1200 else
1201 mytimeserv="NULL"
1202 fi
1203 ],
1204 mytimeserv="NULL")
1205AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1206
1207AC_ARG_WITH(alttimeserver,
[18]1208 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
[1]1209 [
1210 if test "x${withval}" != xno; then
1211 myalttimeserv="$withval"
1212 AC_DEFINE(HAVE_NTIME)
1213 else
1214 myalttimeserv="NULL"
1215 fi
1216 ],
1217 myalttimeserv="NULL")
1218AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1219
1220AC_ARG_ENABLE(login-watch,
1221 [ --enable-login-watch watch for login/logout [[no]]],
1222 [
1223 if test "x${enable_login_watch}" = xyes; then
1224 AC_DEFINE(SH_USE_UTMP)
1225 fi
1226 ]
1227)
1228
1229AC_ARG_ENABLE(mounts-check,
[18]1230 [ --enable-mounts-check check mount options on filesystems [[no]]],
[1]1231 [
1232 if test "x${enable_mounts_check}" = xyes; then
1233 AC_DEFINE(SH_USE_MOUNTS)
1234 fi
1235 ]
1236)
1237
1238AC_ARG_ENABLE(userfiles,
[18]1239 [ --enable-userfiles check for users' config files [[no]]],
[1]1240 [
1241 if test "x${enableval}" = "xyes"; then
1242 AC_DEFINE(SH_USE_USERFILES)
1243 fi
1244 ]
1245)
1246
1247AC_ARG_ENABLE(debug,
1248 [ --enable-debug enable debug options [[no]]],
1249 [
1250 if test "x${enable_debug}" = "xyes"; then
1251 if test "x${mydebugflag}" != "xyes"; then
1252 AC_DEFINE(MEM_DEBUG)
1253 fi
1254 AC_DEFINE(WITH_TPT)
1255 AC_DEFINE(SL_DEBUG)
1256 AC_DEFINE(SL_FAIL_ON_ERROR)
1257 if test "x${myneedg3}" = "xyes"; then
1258 mydebugdef="-g3"
1259 else
1260 mydebugdef="-g"
1261 fi
1262 mydebugit="yes"
1263 fi
1264 ]
1265)
1266AC_SUBST(mydebugdef)
1267
1268AC_ARG_ENABLE(ptrace,
1269 [ --enable-ptrace use anti-debugger options [[no]]],
1270 [
1271 if test "x${enable_ptrace}" = xyes; then
1272 if test "x$mydebugit" != "xyes"; then
1273 AC_DEFINE(SCREW_IT_UP)
1274 fi
1275 fi
1276 ]
1277)
1278
1279dnl
1280if test "x$GCC" = "xyes"; then
1281 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1282 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1283 fi
1284
1285dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1286dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1287dnl fi
1288
1289 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1290 CFLAGS="$CFLAGS -Wall -W "
1291 fi
1292
1293 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1294 then
1295 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1296 then
1297 CFLAGS="$CFLAGS -fno-strength-reduce"
1298 fi
1299 fi
1300
1301 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1302 then
1303 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1304 then
1305 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1306 fi
1307 fi
1308
1309fi
1310
1311AC_MSG_CHECKING([which random module to use])
1312AC_ARG_WITH(rnd,
1313 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1314[use_static_rnd=$withval], [use_static_rnd=default] )
1315
1316if test "$use_static_rnd" = no; then
1317 use_static_rnd=default
1318fi
1319
1320case "$use_static_rnd" in
1321 egd | dev | unix | default )
1322 AC_MSG_RESULT($use_static_rnd)
1323 ;;
1324 * )
1325 AC_MSG_RESULT([invalid argument])
1326 AC_MSG_ERROR([--with-rnd: there is no random module ${use_static_rnd}])
1327 ;;
1328esac
1329
1330AC_ARG_WITH(egd-socket,
1331 [ --with-egd-socket=NAME EGD socket name],
1332 egd_socket_name="$withval", egd_socket_name="" )
1333AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1334
1335dnl
1336dnl See whether the user wants to disable checking for /dev/random
1337
1338try_dev_random=yes
1339
1340case "$use_static_rnd" in
1341dev | default )
1342 try_dev_random=yes
1343 ;;
1344egd)
1345 AC_DEFINE(HAVE_EGD_RANDOM)
1346 try_dev_random=no
1347 ;;
1348unix)
1349 AC_DEFINE(HAVE_UNIX_RANDOM)
1350 try_dev_random=no
1351 ;;
1352esac
1353
1354
1355if test "x$try_dev_random" = "xyes"; then
1356 AC_MSG_CHECKING(whether /dev/random exists)
1357 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1358 AC_DEFINE(HAVE_URANDOM)
1359 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1360 AC_MSG_RESULT(yes)
1361 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1362 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1363 fi
1364 else
1365 if test -r "/dev/random" && test -c "/dev/random"; then
1366 AC_DEFINE(HAVE_URANDOM)
1367 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1368 AC_MSG_RESULT(yes)
1369 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1370 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1371 fi
1372 else
1373 AC_MSG_RESULT(no)
1374 AC_DEFINE(HAVE_UNIX_RANDOM)
1375 fi
1376 fi
1377fi
1378
1379
1380dnl
1381dnl NETWORK OPTIONS
1382dnl
1383
1384
1385AC_ARG_ENABLE(network,
1386 [ --enable-network=[[client|server]] compile client or server [[no]]],
1387 [
1388 if test "x$enable_network" = xclient; then
1389 mytclient="-DSH_WITH_CLIENT"
1390 yulectl_prg=
1391 setpwd_prg="samhain_setpwd"
1392 sh_main_prg="samhain"
1393 if test "x${sh_have_gmp}" = xyes
1394 then
1395 LIBS="-lgmp $LIBS"
1396 fi
1397dnl AC_CHECK_HEADER(sys/capability.h,
1398dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1399dnl [sh_use_lcaps="no"])
1400 elif test "x$enable_network" = xserver; then
1401 mytclient="-DSH_WITH_SERVER"
1402 yulectl_prg="yulectl"
1403 setpwd_prg="samhain_setpwd"
1404 sh_main_prg="yule"
1405 if test "x${sh_have_gmp}" = xyes
1406 then
1407 LIBS="-lgmp $LIBS"
1408 fi
1409 sh_use_lcaps="undef"
1410 elif test "x$enable_network" = xno; then
1411 mytclient="-DSH_STANDALONE"
1412 yulectl_prg=
1413 setpwd_prg=
1414 sh_main_prg="samhain"
1415dnl AC_CHECK_HEADER(sys/capability.h,
1416dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1417dnl [sh_use_lcaps="no"])
1418 else
1419 AC_MSG_ERROR([--enable-network=WHAT: WHAT must be client, server, or no])
1420 fi
1421 ],
1422 [
1423 mytclient="-DSH_STANDALONE"
1424 setpwd_prg=
1425 yulectl_prg=
1426 sh_main_prg="samhain"
1427dnl AC_CHECK_HEADER(sys/capability.h,
1428dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1429dnl [sh_use_lcaps="no"])
1430 ],
1431)
1432AC_SUBST(setpwd_prg)
1433AC_SUBST(yulectl_prg)
1434AC_SUBST(sh_main_prg)
1435AC_SUBST(mytclient)
1436
1437# needed for the rpm spec
1438clmytclient=`echo ${mytclient} | sed s%\-%%`
1439AC_SUBST(clmytclient)
1440
1441AC_ARG_ENABLE(udp,
1442 [ --enable-udp server can listen on port 514/udp [[no]]],
1443 [
1444 if test "x${enable_udp}" = xyes; then
1445 AC_DEFINE(INET_SYSLOG)
1446 fi
1447 ]
1448)
1449
1450myencrypt=yes
1451AC_ARG_ENABLE(encrypt,
1452 [ --disable-encrypt disable client/server encryption],
1453 [
1454 if test "x${enable_encrypt}" = xno; then
1455 myencrypt=no
1456 elif test "x${enable_encrypt}" = "x1"; then
1457 myencrypt=1
1458 fi
1459 ]
1460)
1461if test "x${myencrypt}" = "xyes"; then
1462 AC_DEFINE(SH_ENCRYPT)
1463 AC_DEFINE(SH_ENCRYPT_2)
1464elif test "x${myencrypt}" = "x1"; then
1465 AC_DEFINE(SH_ENCRYPT)
1466fi
1467
1468sh_use_srp_proto=yes
1469AC_ARG_ENABLE(srp,
1470 [ --disable-srp disable SRP for authentication],
1471 [
1472 if test "x${enable_srp}" = xno; then
1473 sh_use_srp_proto=no
1474 fi
1475 ]
1476)
1477if test "x${sh_use_srp_proto}" = xyes; then
1478 AC_DEFINE(USE_SRP_PROTOCOL)
1479fi
1480
1481AC_ARG_WITH(port,
1482 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1483 [
1484 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1485 AC_MSG_ERROR([--with-port: PORT must be numeric])
1486 myport=${withval}
1487 ],
1488 [myport="49777"])
1489AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1490AC_SUBST(myport)
1491
1492AC_ARG_WITH(logserver,
1493 [ --with-logserver=HOST set host address for log server [[none]]],
1494 [
1495 case "$withval" in
1496 *.* | localhost)
1497 mylogsrv="$withval"
1498 ;;
1499 *)
1500 mylogsrv="$withval"
1501 ;;
1502 esac
1503 ],
1504 [mylogsrv="NULL"])
1505AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1506AC_SUBST(mylogsrv)
1507
1508AC_ARG_WITH(altlogserver,
1509 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1510 [
1511 case "$withval" in
1512 *.* | localhost)
1513 myaltlogsrv="$withval"
1514 ;;
1515 *)
1516 myaltlogsrv="$withval"
1517 ;;
1518 esac
1519 ],
1520 [myaltlogsrv="NULL"])
1521AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1522
1523
1524
1525dnl
1526dnl STEALTH OPTIONS
1527dnl
1528nocl_code=
1529xor_code=0
1530AC_ARG_ENABLE(nocl,
1531 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1532 [
1533 if test "x${enableval}" != "x"; then
1534 AC_DEFINE(SH_STEALTH_NOCL)
1535 fi
1536 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1537 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1538 fi
1539 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1540 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1541 fi
1542 if test "x${enableval}" = "xstatus"; then
1543 AC_MSG_ERROR([--enable-nocl: start/stop/reload/restart/status are reserved words])
1544 fi
1545 if test "x${enableval}" = "xno"; then
1546 AC_MSG_ERROR([--enable-nocl: use of --enable-nocl=no is ambiguous])
1547 fi
1548 nocl_code="${enable_nocl}"
1549 ]
1550)
1551AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1552AC_SUBST(nocl_code)
1553AC_ARG_ENABLE(stealth,
1554 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1555 [AC_DEFINE(SH_STEALTH)
1556 if test "x${enableval}" != "xyes"; then
1557 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1558 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be numeric])
1559 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1560 if test x"${enableval}" = x0
1561 then
1562 :
1563 else
1564 AC_MSG_ERROR([--enable-stealth: XOR_VAL must be in the range 127 to 255])
1565 fi
1566 fi
1567 xor_code="${enable_stealth}"
1568 else
1569 xor_code=0
1570 fi
1571 stegin_prg="samhain_stealth"
1572 ],
1573 [
1574 stegin_prg=
1575 ]
1576)
1577AC_ARG_ENABLE(micro-stealth,
1578 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1579 [
1580 AC_DEFINE(SH_STEALTH)
1581 AC_DEFINE(SH_STEALTH_MICRO)
1582 if test "x${enableval}" != "xyes"; then
1583 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1584 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be numeric])
1585 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1586 if test x"${enableval}" = x0
1587 then
1588 :
1589 else
1590 AC_MSG_ERROR([--enable-micro-stealth: XOR_VAL must be in the range 127 to 255])
1591 fi
1592 fi
1593 xor_code="${enable_micro_stealth}"
1594 else
1595 xor_code=0
1596 fi
1597 ]
1598)
1599install_name="samhain"
1600INSTALL_NAME="SAMHAIN"
1601AC_ARG_ENABLE(install-name,
1602 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1603 [
1604 if test "x${enableval}" != "xyes"; then
1605 install_name="${enableval}"
1606 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1607 else
1608 install_name="${sh_main_prg}"
1609 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1610 fi
1611 ],
1612 [
1613 install_name="${sh_main_prg}"
1614 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1615 ]
1616)
1617
1618
1619need_user_install=0
1620
1621AC_ARG_ENABLE(identity,
1622 [ --enable-identity=USER user if dropping root [[daemon]]],
1623 [
1624 if test x"$enableval" = xno; then
1625 myident="daemon"
1626 else
1627 myident="$enableval"
1628 fi
1629 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1630 AC_MSG_ERROR([--enable-identity: need username, not UID])
1631 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1632 grep "^${myident}:" | awk -F: '{ print $3; }'`
1633 if test x"${myident_uid}" = x; then
1634 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1635 need_user_install=1
1636 fi
1637 ],
1638 [
1639 for myident in ${install_name} daemon nobody; do
1640 AC_MSG_CHECKING(for user ${myident})
1641 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1642 grep "^${myident}:" | awk -F: '{ print $3; }'`
1643 if test x"${myident_uid}" != x; then
1644 AC_MSG_RESULT(yes)
1645 break;
1646 else
1647 AC_MSG_RESULT(no)
1648 fi
1649 done
1650 if test x"${myident_uid}" = x; then
1651 myident=${install_name}
1652 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1653 need_user_install=1
1654 fi
1655 ])
1656AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1657AC_SUBST(myident)
1658AC_SUBST(need_user_install)
1659
1660sh_insmod_cmd=": # no kernel module"
1661sh_lkm=""
1662lkm_inc=""
1663khidemap="/boot/System.map"
1664sh_syscalltable="0x0"
1665AC_ARG_ENABLE(khide,
[18]1666 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
[1]1667 [
1668 if test "x${enable_khide}" != xno; then
1669 if test "x${enableval}" != "xyes"; then
1670 khidemap="${enableval}"
1671 fi
[39]1672 sh_syscalltable=`egrep '(D|d|R|r) sys_call_table' ${khidemap} | awk '{print $1}'`
[1]1673 if test x"$sh_syscalltable" = x; then
[39]1674 AC_MSG_ERROR([--enable-khide: symbol sys_call_table not found in ${khidemap}])
[1]1675 fi
1676 sh_syscalltable="0x${sh_syscalltable}"
1677 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1678 if test "${install_name_len}" -gt 15 ; then
1679 AC_MSG_ERROR([--enable-khide: install_name exceeds 15 char length limit])
1680 fi
1681 AC_DEFINE(SH_USE_LKM)
1682 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1683
1684 # -- NEW --
1685 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1686 if test x"$kernel_version" = xLINUX26
1687 then
1688 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1689 if test x"$sh_modlist_lock" = x; then
1690 AC_MSG_ERROR([--enable-khide: symbol modlist_lock not found in ${khidemap}])
1691 fi
1692 sh_modlist_lock="0x${sh_modlist_lock}"
1693 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1694
1695 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1696 if test x"$sh_list_modules" = x; then
1697 AC_MSG_ERROR([--enable-khide: symbol modules not found in ${khidemap}])
1698 fi
1699 sh_list_modules="0x${sh_list_modules}"
1700 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1701
1702 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1703 sh_insmod_cmd="modprobe ${install_name}_hide"
1704 sh_lkm="samhain_hide.ko"
1705 else
1706 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1707 sh_lkm="samhain_hide.o samhain_erase.o"
1708 fi
1709 # -- END NEW --
1710
1711 kvers=`uname -r`
1712 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
1713 lkm_inc="-I/lib/modules/${kvers}/build/include"
1714 else
1715 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
1716 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
1717 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
1718 fi
1719 sh_is_vanilla_kernel=yes
1720 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
1721 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
1722 fi
1723 if test x"${sh_is_vanilla_kernel}" = xno; then
1724 echo "This is not a 2.4 vanilla kernel"
1725 else
1726 AC_DEFINE(SH_VANILLA_KERNEL)
1727 fi
1728 fi
1729 ]
1730)
1731AC_SUBST(lkm_inc)
1732AC_SUBST(sh_lkm)
1733AC_SUBST(sh_insmod_cmd)
1734AC_SUBST(install_name)
1735AC_SUBST(INSTALL_NAME)
1736AC_SUBST(stegin_prg)
1737AC_SUBST(xor_code)
1738
1739AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
1740AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
1741
1742
1743exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
1744exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
1745exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
1746
1747AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
1748AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
1749AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
1750
1751
1752AC_ARG_ENABLE(suidcheck,
1753 [ --enable-suidcheck check for suid/sgid files [[no]]],
1754 [
1755 if test "x${enableval}" = "xyes"; then
1756 AC_DEFINE(SH_USE_SUIDCHK)
1757 fi
1758 ]
1759)
1760
1761
1762systemmap="/boot/System.map"
1763sh_libkvm=""
1764AC_ARG_WITH(kcheck,
[18]1765 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
[1]1766 [
1767 if test "x${withval}" != "xno"; then
1768 AC_DEFINE(SH_USE_KERN)
1769 kernelversion=`uname -r`
1770 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
1771 if test "x${withval}" != "xyes"; then
1772 systemmap="${withval}"
1773 fi
1774 if test "x${cross_compiling}" = xyes; then
1775 :
1776 elif test "x$selectconfig" = "xfreebsd"; then
1777 LIBS="$LIBS -lkvm"
1778 sh_libkvm="-lkvm"
1779 elif test -f "${systemmap}"; then
1780 :
1781 else
1782 AC_MSG_ERROR([--with-kcheck: cannot find system map ${systemmap}])
1783 fi
1784 fi
1785 ]
1786)
1787AC_SUBST(systemmap)
1788AC_SUBST(sh_libkvm)
1789
1790AC_ARG_ENABLE(base,
1791 [ --enable-base=B1,B2 base key (0...2147483647)],
1792 [
1793 AC_MSG_CHECKING(base key setting)
1794 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
1795 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
1796 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1797 if test "x${my_key_A}" = x; then
1798 AC_MSG_ERROR([--enable-base: first base key has zero length])
1799 fi
1800 if test "x${my_key_B}" = x; then
1801 AC_MSG_ERROR([--enable-base: second base key has zero length])
1802 fi
1803 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1804 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1805 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1806 AC_MSG_ERROR([--enable-base: base key must be numeric in the range 0 to 2147483647])
1807 ],
1808 [
1809 AC_MSG_CHECKING(base key setting .. collecting entropy)
1810 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
1811 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
1812 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
1813 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
1814 my_key_A=`expr $my_key_1 \* 32767`
1815 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
1816 my_key_A=`expr $my_key_A \+ $my_key_2`
1817 my_key_B=`expr $my_key_3 \* 32767`
1818 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
1819 my_key_B=`expr $my_key_B \+ $my_key_4`
1820 AC_MSG_RESULT(${my_key_A} ${my_key_B})
1821 ]
1822 )
1823AC_SUBST(my_key_A)
1824AC_SUBST(my_key_B)
1825
1826dnl low bytes
1827my_key_1=`expr $my_key_A \% 65536`
1828dnl high bytes
1829my_key_2=`expr $my_key_A \/ 65536`
1830dnl low bytes
1831my_key_3=`expr $my_key_B \% 65536`
1832dnl high bytes
1833my_key_4=`expr $my_key_B \/ 65536`
1834
1835dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
1836
1837dnl touch ./sh_MK.h
1838dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
1839dnl echo "#define SH_MK_H" >> ./sh_MK.h
1840dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
1841dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
1842dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
1843dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
1844dnl echo "#endif" >> ./sh_MK.h
1845AC_SUBST(my_key_1)
1846AC_SUBST(my_key_2)
1847AC_SUBST(my_key_3)
1848AC_SUBST(my_key_4)
1849
1850AC_MSG_CHECKING(key position)
1851pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
1852pos_tf_2=`expr $pos_tf_1 \% 8`
1853pos_tf=`expr $pos_tf_2 + 1`
1854AC_MSG_RESULT(${pos_tf})
1855AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
1856
1857mykeybase=`echo ${my_key_A},${my_key_B}`
1858AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
1859AC_SUBST(mykeybase)
1860
1861
1862dnl
1863dnl GPG/PGP options
1864dnl
1865
1866AC_ARG_WITH(gpg,
1867 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
1868 [
1869 if test "x${withval}" != "xno"; then
1870 if test "x${cross_compiling}" = xyes; then
1871 mygpg="${withval}"
1872 else
1873 if test -f "${withval}"; then
1874 mygpg="${withval}"
1875 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
1876 if test "x$?" != "x0"; then
1877 mychktest=no
1878 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
1879 if test x"${mychktest}" = xyes
1880 then
1881 :
1882 else
1883 if test -f ${sampre}
1884 then
1885 echo "use existing ${sampre} for gpg checksum"
1886 mychk0=`${sampre} -H ${withval} 2>/dev/null`
1887 if test "x$?" != "x0"; then
1888 :
1889 else
1890 mychk="${mychk0}"
1891 mychktest=yes
1892 fi
1893 fi
1894 fi
1895 done
1896 if test x${mychktest} = xno; then
1897 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
1898 echo "-------------------------------------------------------------"
1899 echo " Your gpg binary does not support the TIGER192 checksum, "
1900 echo " and I cannot find an existing samhain binary to use instead."
1901 echo " You can:"
1902 echo " (a) run make to compile a samhain binary, then repeat"
1903 echo " ./configure and make"
1904 echo " (b) ignore the failure. The checksum of the gpg binary"
1905 echo " will not get compiled in, thus allowing an attacker"
1906 echo " to replace gpg with a trojan and subverting the gpg"
1907 echo " signature verification of configure and database files."
1908 echo "-------------------------------------------------------------"
1909 fi
1910 else
1911 mychk="${mychk0}"
1912 fi
1913 else
1914 AC_MSG_WARN([--with-gpg: cannot find GnuPG PATH=${withval}])
1915 fi
1916 fi
1917 AC_DEFINE(WITH_GPG)
1918 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
1919 AC_SUBST(mygpg)
1920 fi
1921 ]
1922)
1923
1924dnl AC_ARG_WITH(pgp,
1925dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
1926dnl [myppg="$withval"
1927dnl AC_DEFINE(WITH_PGP)
1928dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
1929dnl ])
1930
1931AC_ARG_WITH(checksum,
1932 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
1933 [
1934 if test "x${withval}" != "xno"; then
1935 if test "x${withval}" != "xyes"; then
1936 if test "x${mychk}" != "x"; then
1937 if test "x${mychk}" != "x${withval}"; then
1938 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
1939 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
1940 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
1941 fi
1942 fi
1943 mychk="${withval}"
1944 else
1945 if test "x${mychk}" = "x"; then
1946 AC_MSG_ERROR([--with-checksum: gpg CHKSUM not specified])
1947 fi
1948 fi
1949 AC_DEFINE(HAVE_GPG_CHECKSUM)
1950 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1951 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1952 fi
1953 ],
1954 [
1955 if test "x${mygpg}" != "x"; then
1956 if test "x${mychk}" != "x"; then
1957 AC_DEFINE(HAVE_GPG_CHECKSUM)
1958 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
1959 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
1960 fi
1961 fi
1962 ]
1963)
1964
1965AC_ARG_WITH(fp,
1966 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
1967 [
1968 if test "x${withval}" != "xno"; then
1969 if test "x${withval}" != "xyes"; then
1970 withval0=`echo ${withval} | sed 's% %%g'`
1971 echo "${withval0}" | \
1972 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
1973 AC_MSG_ERROR([--with-fp: invalid character(s) in FINGERPRINT=${withval0}])
1974 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
1975 sh_len0=`expr ${sh_len} \- 1`
1976 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
1977 then
1978 myfp="${withval0}"
1979 AC_DEFINE(USE_FINGERPRINT)
1980 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
1981 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
1982 else
1983 AC_MSG_ERROR([--with-fp: length (${sh_len0}) of FINGERPRINT ${withval0} incorrect])
1984 fi
1985 else
1986 AC_MSG_ERROR([--with-fp: usage error ... FINGERPRINT=yes])
1987 fi
1988 fi
1989 ])
1990
1991
1992dnl
1993dnl MAIL OPTIONS
1994dnl
1995
1996AC_ARG_WITH(recipient,
1997 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
1998 [
1999 withval0=`echo ${withval} | sed 's%,% %g'`
2000 for sh_item in ${withval0}
2001 do
2002 case ${sh_item} in
[18]2003 *@localhost)
2004 ;;
[1]2005 *@*.*)
2006 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2007 if test "x${sh_tmp}" != "x1"
2008 then
2009 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
2010 fi
2011 ;;
2012 *)
2013 AC_MSG_ERROR([--with-recipient: invalid mail address ${sh_item}])
2014 ;;
2015 esac
2016 done
2017 myrcp="$withval0"
2018 ],
2019 [myrcp="NULL"])
2020AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2021
2022
2023AC_ARG_WITH(sender,
2024 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2025 [
2026 mysender="${withval}"
2027 ],
2028 [
2029 mysender="daemon"
2030 ])
2031AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2032
2033
2034dnl
2035dnl PATHS
2036dnl
2037
2038AC_ARG_WITH(trusted,
2039 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2040 [
2041 sh_tmp_test=no
2042 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2043 for sh_tmp1 in ${sh_tmp}
2044 do
2045 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2046 AC_MSG_ERROR([--with-trusted: non-numeric UID in ${withval}])
2047 if test "x${sh_tmp1}" = "x0"
2048 then
2049 sh_tmp_test=yes
2050 fi
2051 done
2052 if test "x${sh_tmp_test}" = "xno"
2053 then
2054 withval="0,${withval}"
2055 fi
2056 mytrust="${withval}"
2057 ],
2058 [mytrust="0"] )
2059AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2060AC_SUBST(mytrust)
2061
2062AC_ARG_WITH(tmp-dir,
2063 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2064 [
2065 if test "x${cross_compiling}" = xyes; then
2066 :
2067 else
2068 if test -d "${withval}"; then
2069 my_tmp_dir="$withval"
2070 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2071 else
2072 AC_MSG_ERROR([--with-tmp-dir: tmp directory ${withval} does not exist])
2073 fi
2074 fi
2075 ]
2076)
2077
2078dnl
2079dnl PATH DEFAULTS
2080dnl
2081
2082if test "x${ac_prefix_set}" = xyes
2083then
2084 if test "x${exec_prefix}" = xNONE
2085 then
2086 exec_prefix="${prefix}"
2087 fi
2088
2089 if test "x${prefix}" = xOPT
2090 then
2091 tmp_sbindir="/opt/${install_name}/bin"
2092 tmp_sysconfdir="/etc/opt"
2093 tmp_mandir="/opt/${install_name}/man"
2094 tmp_localstatedir="/var/opt/${install_name}"
2095 elif test "x${prefix}" = xUSR
2096 then
2097 tmp_sbindir="/usr/sbin"
2098 tmp_sysconfdir="/etc"
2099 tmp_mandir="/usr/share/man"
2100 tmp_localstatedir="/var"
2101 else
2102 tmp_sbindir=`eval echo ${sbindir}`
2103 tmp_sysconfdir=`eval echo ${sysconfdir}`
2104 tmp_mandir=`eval echo ${mandir}`
2105 tmp_localstatedir=`eval echo ${localstatedir}`
2106 fi
2107else
2108 prefix=""
2109 if test "x${ac_exec_prefix_set}" = xyes
2110 then
2111 tmp_sbindir=`eval echo ${sbindir}`
2112 else
2113 tmp_sbindir="/usr/local/sbin"
2114 fi
2115 tmp_sysconfdir="/etc"
2116 # share/man -> man (FHS) 11.10.2002
2117 tmp_mandir="/usr/local/man"
2118 tmp_localstatedir="/var"
2119fi
2120
2121
2122if test "x${ac_sbindir_set}" = xyes
2123then
2124 :
2125else
2126 sbindir=`eval echo ${tmp_sbindir}`
2127fi
2128
2129
2130if test "x${ac_sysconfdir_set}" = xyes
2131then
2132 :
2133else
2134 sysconfdir=`eval echo ${tmp_sysconfdir}`
2135fi
2136
2137if test "x${ac_mandir_set}" = xyes
2138then
2139 :
2140else
2141 mandir=`eval echo ${tmp_mandir}`
2142fi
2143
2144if test "x${ac_localstatedir_set}" = xyes
2145then
2146 :
2147else
2148 localstatedir=`eval echo ${tmp_localstatedir}`
2149fi
2150
2151
2152
2153AC_ARG_WITH(config-file,
2154 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2155 [
2156 myconffile="${withval}"
2157 changequote(<<, >>)dnl
2158 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2159 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2160 myrpmconffile="${tmp}"
2161 changequote([, ])dnl
2162 ],
2163 [
2164 myconffile="${sysconfdir}/${install_name}rc"
2165 myrpmconffile="${myconffile}"
2166 ]
2167)
2168AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2169AC_SUBST(myconffile)
2170AC_SUBST(myrpmconffile)
2171
2172AC_ARG_WITH(log-file,
2173 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2174 [
2175 mylogfile="$withval"
2176 changequote(<<, >>)dnl
2177 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2178 changequote([, ])dnl
2179 ],
2180 [
2181 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2182 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2183 mylogdir="${localstatedir}/log/${install_name}"
2184 else
2185 mylogfile="${localstatedir}/log/${install_name}_log"
2186 mylogdir="${localstatedir}/log"
2187 fi
2188 ]
2189)
2190AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2191AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2192AC_SUBST(mylogfile)
2193AC_SUBST(mylogdir)
2194
2195AC_ARG_WITH(pid-file,
2196 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2197 [
2198 mylockfile="$withval"
2199 changequote(<<, >>)dnl
2200 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2201 changequote([, ])dnl
2202 ],
2203 [
2204 mylockfile="${localstatedir}/run/${install_name}.pid"
2205 mylockdir="${localstatedir}/run"
2206 ]
2207)
2208AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2209AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2210AC_SUBST(mylockfile)
2211AC_SUBST(mylockdir)
2212
2213AC_ARG_WITH(state-dir,
2214 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2215 [
2216 mydataroot="$withval"
2217 ],
2218 [
2219 mydataroot="${localstatedir}/lib/${install_name}"
2220 ]
2221 )
2222AC_ARG_WITH(data-file,
2223 [ --with-data-file=FILE set path of data file],
2224 [
2225 mydatafile="$withval"
2226 changequote(<<, >>)dnl
2227 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2228 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2229 myrpmdatafile="${tmp}"
2230 changequote([, ])dnl
2231 if test x"${tmp}" = x
2232 then
2233 echo "No local path in data file ${withval}"
2234 echo "This will not work for initializing the database."
2235 if test x"${withval}" = xREQ_FROM_SERVER
2236 then
2237 echo "It should be REQ_FROM_SERVER/some/local/path"
2238 fi
2239 AC_MSG_ERROR([--with-data-file: invalid path ${withval}])
2240 fi
2241 ],
2242 [
2243 mydatafile="${mydataroot}/${install_name}_file"
2244 myrpmdatafile="${mydatafile}"
2245 ])
2246AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2247AC_SUBST(mydatafile)
2248AC_SUBST(myrpmdatafile)
2249
2250AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2251AC_SUBST(mydataroot)
2252
2253AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2254AC_SUBST(myqdir)
2255
2256
2257AC_ARG_WITH(html-file,
2258 [ --with-html-file=FILE set path of html file,],
2259 [
2260 myhtmlfile="$withval"
2261 ],
2262 [
2263 myhtmlfile="${mylogdir}/${install_name}.html"
2264 ])
2265AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2266AC_SUBST(myhtmlfile)
2267
2268
2269mydefargs=$ac_configure_args
2270# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2271# then
2272# mydefargs="--enable-static $mydefargs"
2273# fi
2274if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2275then
2276 mydefargs="--enable-base=${mykeybase} $mydefargs"
2277fi
2278AC_SUBST(mydefargs)
2279
2280
2281AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2282AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2283AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2284
2285AC_CONFIG_HEADER(config.h)
2286
2287AC_OUTPUT(
2288[
2289Makefile
2290samhain-install.sh
2291init/samhain.startLSB
2292init/samhain.startLinux
2293init/samhain.startGentoo
2294init/samhain.startFreeBSD
2295init/samhain.startSolaris
2296init/samhain.startHPUX
2297init/samhain.startIRIX
2298samhain.spec
2299rules.deb
2300rules.deb-light
2301hp_ux.psf
2302scripts/samhain.spec
2303scripts/redhat_i386.client.spec
2304scripts/samhain.ebuild
2305scripts/samhain.ebuild-light
2306scripts/samhainadmin.pl
2307scripts/check_samhain.pl
2308deploy.sh
2309],
2310[
2311echo timestamp > stamp-h
2312chmod +x samhain-install.sh
2313chmod +x scripts/samhainadmin.pl
2314chmod +x scripts/check_samhain.pl
2315]
2316)
2317
2318chmod +x deploy.sh
2319
2320if test "x${cross_compiling}" = xyes
2321then
2322
2323echo "--------------------------------------------------------------"
2324echo
2325echo "You are using a cross-compiler. The following system dependent"
2326echo "values may have been set to default values that may be"
2327echo "incorrect for your target system: "
2328echo
2329echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2330echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2331echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2332echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2333echo "ac_cv_sizeof_unsigned_int_ size of unsigned int ${ac_cv_sizeof_unsigned_int_}"
2334echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2335echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2336echo
2337echo "If these values are incorrect, change them in the file "
2338echo "config.cache and run configure again."
2339echo
2340echo "--------------------------------------------------------------"
2341
2342fi
2343
2344if test x${silent} != xyes
2345then
2346
2347 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2348 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2349 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2350 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2351 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2352 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2353
2354 echo
2355 echo " samhain has been configured as follows:"
2356 echo " System binaries: ${sbindir}"
2357 echo " Configuration file: ${myconffile}"
2358 echo " Manual pages: ${mandir}"
2359 echo " Data: ${mydataroot}"
2360 echo " PID file: ${mylockfile}"
2361 echo " Log file: ${mylogfile}"
2362 echo " Base key: ${mykeybase}"
2363 echo
2364 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2365 then
2366 echo " Selected rc file: yulerc"
2367 else
2368 echo " Selected rc file: samhainrc.${selectconfig}"
2369 fi
2370
2371fi
2372
Note: See TracBrowser for help on using the repository browser.