source: trunk/configure.ac@ 568

Last change on this file since 568 was 565, checked in by katerina, 3 years ago

Fix for ticket #454 (memory leak introduced in version 4.4.4).

File size: 78.8 KB
RevLine 
[43]1dnl We want to override the standard _AC_INIT_PARSE_ARGS
[1]2dnl
[43]3AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
4AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
[1]5
[43]6AC_INIT(src/samhain.c)
7
8
[46]9AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
[1]10
11dnl
12dnl start
13dnl
[565]14AM_INIT_AUTOMAKE(samhain, 4.4.5)
[171]15AC_DEFINE([SAMHAIN], 1, [Application is samhain])
[1]16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
[98]23if test "$host" != "$build"; then
24 AC_CHECK_PROGS(BUILD_CC, gcc cc)
25else
26 BUILD_CC=$CC
27fi
[1]28AC_PROG_CPP
29AC_PROG_INSTALL
30AC_PROG_LN_S
31AC_PROG_AWK
[171]32SH_PROG_LD
[1]33AC_PATH_PROG(cmd_hostname,hostname)
34AC_SUBST(cmd_hostname)
[98]35AC_SUBST(BUILD_CC)
[1]36
[440]37if test "x$GCC" = "xyes"; then
38 SH_GCC_VERSION
39fi
40
[1]41AC_HEADER_STDC
42
[481]43AC_CHECK_HEADERS([sys/ipc.h sys/sem.h sys/msg.h sys/uio.h fcntl.h])
[1]44
[481]45
[203]46AC_MSG_CHECKING([for OS specific issues])
[1]47mydebugflag=no
48myneedg3=no
49uid_cast="signed long"
50selectconfig=linux
51mynetbsd=no
52sh_use_lcaps="undef"
[171]53dnmalloc_ok=yes
[203]54sh_use_pie=yes
[447]55enable_asm_ok=yes
[1]56
57case "$host_os" in
58
59 *linux*)
60 sh_use_lcaps="yes"
61 AC_DEFINE(HOST_IS_LINUX)
62 AC_DEFINE(HAVE_EXT2_IOCTLS)
[221]63 AC_MSG_RESULT([use ioctl to get e2fs flags])
[1]64 case "$host_cpu" in
65 i*86*)
66 AC_DEFINE(HOST_IS_I86LINUX)
67 ;;
[279]68 x86_64)
69 AC_DEFINE([HOST_IS_64LINUX], 1, [Define if host OS is 64bit Linux])
70 ;;
[1]71 *)
72 ;;
73 esac
[531]74 LDFLAGS="${LDFLAGS} -Wl,--as-needed"
75 ;;
[1]76
77 *osf*)
78 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
79 if test "x$GCC" != "xyes"; then
80 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
81 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
82 myneedg3=yes
[221]83 AC_MSG_RESULT([compiler needs assume noaligned_objects])
[1]84 else
[221]85 AC_MSG_RESULT([none])
[1]86 fi
87 ;;
88
89 *cygwin*)
90 AC_DEFINE(HOST_IS_CYGWIN)
[294]91 AC_DEFINE([USE_REGISTRY_CHECK], 1, [Define for registry check])
[192]92 dnmalloc_ok=no
[447]93 enable_asm_ok=no
94 AC_MSG_RESULT([no trusted paths, no dnmalloc. no asm optimize])
[1]95 ;;
96
[378]97 *darwin*|*apple*)
[1]98 AC_DEFINE(HOST_IS_DARWIN)
[221]99 dnmalloc_ok=no
100 AC_MSG_RESULT([check resource forks, no dnmalloc])
[1]101 ;;
102
[384]103 *freebsd8*|*freebsd9*)
104 AC_DEFINE(HOST_IS_FREEBSD)
105 selectconfig=freebsd
106 case "$host_cpu" in
107 amd64|x86_64)
108 dnmalloc_ok=no
109 AC_MSG_RESULT([no dnmalloc])
110 ;;
111 *)
112 AC_MSG_RESULT([none])
113 ;;
114 esac
115 ;;
116
[203]117 *freebsd7*)
118 AC_DEFINE(HOST_IS_FREEBSD)
119 selectconfig=freebsd
120 case "$host_cpu" in
[384]121 amd64|x86_64)
[203]122 sh_use_pie=no
123 dnmalloc_ok=no
124 AC_MSG_RESULT([no dnmalloc and broken compiler toolchain])
125 ;;
126 *)
[221]127 AC_MSG_RESULT([none])
[203]128 ;;
129 esac
130 ;;
131
[1]132 *freebsd*)
133 AC_DEFINE(HOST_IS_FREEBSD)
134 selectconfig=freebsd
[221]135 AC_MSG_RESULT([none])
[1]136 ;;
137
138 *openbsd*)
[169]139 AC_DEFINE([HOST_IS_OPENBSD], 1, [Define if host OS is OPENBSD])
[1]140 selectconfig=freebsd
[171]141 dnmalloc_ok=no
[221]142 AC_MSG_RESULT([dnmalloc does not work with pthreads])
[1]143 ;;
144
145 *netbsd*)
146 mynetbsd=yes
[57]147 selectconfig=netbsd
[221]148 AC_MSG_RESULT([bug with libresolve])
[1]149 ;;
150
151 *solaris*)
152 selectconfig=solaris
153 AC_DEFINE(HOST_IS_SOLARIS)
154 case "$host_cpu" in
155 i*86)
156 AC_DEFINE(HOST_IS_I86SOLARIS)
[221]157 AC_MSG_RESULT([vsnprintf prototype])
[1]158 ;;
159 *)
[221]160 AC_MSG_RESULT([none])
[1]161 ;;
162 esac
163 if test "x$GCC" != "xyes"; then
164 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
165 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
166 fi
167 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
168 CFLAGS="$CFLAGS -xO2"
169 fi
170 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
171 CFLAGS="$CFLAGS -Xa"
172 fi
173 LIBS="-lc $LIBS"
174 fi
175 ;;
176
177
178 *sun*)
179 selectconfig=solaris
180 AC_DEFINE(HOST_IS_SOLARIS)
[221]181 AC_MSG_RESULT([none])
[1]182 ;;
183
184 *aix*)
185 AC_DEFINE(HOST_IS_AIX)
186 selectconfig=aix5.2.0
187 uid_cast="unsigned long"
188 if test "x$GCC" != "xyes"; then
189 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
190 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
191 fi
192 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
193 CFLAGS="$CFLAGS -O3"
194 fi
195 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
196 CFLAGS="$CFLAGS -qstrict"
197 fi
[221]198 AC_MSG_RESULT([AIX size_t in the accept call and optimize O3 qstrict])
[1]199 else
[221]200 AC_MSG_RESULT([AIX size_t in the accept call])
[1]201 fi
202 ;;
203
204 *hpux*)
[221]205 AC_MSG_RESULT([HPUX need _XOPEN_SOURCE_EXTENDED for h_errno])
[1]206 AC_DEFINE(HOST_IS_HPUX)
207 if test "x$GCC" != "xyes"; then
208 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
209 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
210 fi
[158]211 if test -z "`echo "$CFLAGS" | grep "\+O2" 2> /dev/null`"; then
212 CFLAGS="$CFLAGS +O2"
[1]213 fi
214 fi
215 ;;
216
217 *ultrix*)
[221]218 AC_MSG_RESULT([ULTRIX getcwd uses popen])
[1]219 AC_DEFINE(HAVE_BROKEN_GETCWD)
220 ;;
221
222 *)
[221]223 AC_MSG_RESULT([none])
[1]224 ;;
225esac
226
227AC_SUBST(selectconfig)
228AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
229
230
[202]231
[1]232dnl *****************************************
233dnl
234dnl checks for header files
235dnl
236dnl *****************************************
237
238AC_HEADER_DIRENT
239AC_HEADER_MAJOR
240AC_HEADER_TIME
241dnl used in minilzo.c
242AC_HEADER_STAT
243AC_DECL_SYS_SIGLIST
244
[171]245AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
[534]246 sys/mman.h sys/param.h sys/inotify.h sys/sysmacros.h \
[61]247 sys/vfs.h mntent.h \
[511]248 sys/select.h sys/socket.h netinet/in.h ifaddrs.h \
[371]249 regex.h glob.h fnmatch.h \
[162]250 linux/ext2_fs.h linux/fs.h ext2fs/ext2_fs.h asm/segment.h \
[294]251 elf.h linux/elf.h auparse.h \
[68]252 paths.h arpa/nameser.h arpa/nameser_compat.h \
[290]253 rpc/rpcent.h rpc/rpc.h sys/statvfs.h,
[1]254 [],
255 [],
256 [#include <sys/types.h>]
257)
258
259
260AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
261if test "x$sh_utmpx" = "xyes"; then
[420]262 AC_DEFINE(HAVE_UTMPX_H)
263 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
264 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
265 AC_EGREP_HEADER(ut_addr_v6, utmpx.h, AC_DEFINE(HAVE_UTADDR_V6) )
266 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
267 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
[1]268else
[420]269 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
[1]270 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
271 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
272fi
273
[183]274dnl
275dnl figure out where acct.h lives
276dnl and whether fields are int/comp_t
277dnl
278dnl GNU Accounting Utilities
279dnl Copyright (C) 1993, 1996, 1997, 2003, 2005 Free Software Foundation, Inc.
280dnl The GNU Accounting Utilities are free software; you can redistribute
281dnl them and/or modify them under the terms of the GNU General Public
282dnl License as published by the Free Software Foundation; either version
283dnl 2, or (at your option) any later version.
284dnl
285AC_CHECK_HEADER(sys/acct.h,
286 AC_DEFINE(HAVE_SYS_ACCT_H, ,
287 [Define if you have the <sys/acct.h> header file.])
288 AC_HEADER_EGREP(ac_utime, sys/acct.h,
289 AC_DEFINE(HAVE_ACUTIME, ,
290 [Define if <sys/acct.h> has the AC_UTIME field.])
291 AC_HEADER_EGREP(comp_t.*ac_utime, sys/acct.h,
292 AC_DEFINE(ACUTIME_COMPT, ,
293 [Define if <sys/acct.h>'s AC_UTIME field is a COMP_T.]))
294 )
295 AC_HEADER_EGREP(ac_stime, sys/acct.h,
296 AC_DEFINE(HAVE_ACSTIME, ,
297 [Define if <sys/acct.h> has the AC_STIME field.])
298 AC_HEADER_EGREP(comp_t.*ac_stime, sys/acct.h,
299 AC_DEFINE(ACSTIME_COMPT, ,
300 [Define if <sys/acct.h>'s AC_STIME field is a COMP_T.]))
301 )
302 AC_HEADER_EGREP(ac_etime, sys/acct.h,
303 AC_DEFINE(HAVE_ACETIME, ,
304 [Define if <sys/acct.h> has the AC_ETIME field.])
305 AC_HEADER_EGREP(comp_t.*ac_etime, sys/acct.h,
306 AC_DEFINE(ACETIME_COMPT, ,
307 [Define if <sys/acct.h>'s AC_ETIME field is a COMP_T.]))
308 )
309 AC_HEADER_EGREP(ac_io, sys/acct.h,
310 AC_DEFINE(HAVE_ACIO, ,
311 [Define if <sys/acct.h> has the AC_IO field.])
312 AC_HEADER_EGREP(comp_t.*ac_io, sys/acct.h,
313 AC_DEFINE(ACIO_COMPT, ,
314 [Define if <sys/acct.h>'s AC_IO field is a COMP_T.]))
315 )
316 AC_HEADER_EGREP(ac_mem, sys/acct.h,
317 AC_DEFINE(HAVE_ACMEM, ,
318 [Define if <sys/acct.h> has the AC_MEM field.])
319 AC_HEADER_EGREP(comp_t.*ac_mem, sys/acct.h,
320 AC_DEFINE(ACMEM_COMPT, ,
321 [Define if <sys/acct.h>'s AC_MEM field is a COMP_T.]))
322 )
323 AC_HEADER_EGREP(ac_minflt, sys/acct.h,
324 AC_HEADER_EGREP(ac_majflt, sys/acct.h,
325 AC_HEADER_EGREP(ac_swaps, sys/acct.h,
326 AC_DEFINE(HAVE_PAGING, ,
327 [Define if <sys/acct.h> has the AC_MINFLT, AC_MAJFLT and AC_SWAPS fields.])
328 AC_HEADER_EGREP(comp_t.*ac_minflt, sys/acct.h,
329 AC_DEFINE(ACMINFLT_COMPT, ,
330 [Define if <sys/acct.h>'s AC_MINFLT field is a COMP_T.]))
331 AC_HEADER_EGREP(comp_t.*ac_mayflt, sys/acct.h,
332 AC_DEFINE(ACMAJFLT_COMPT, ,
333 [Define if <sys/acct.h>'s AC_MAJFLT field is a COMP_T.]))
334 AC_HEADER_EGREP(comp_t.*ac_swaps, sys/acct.h,
335 AC_DEFINE(ACSWAPS_COMPT, ,
336 [Define if <sys/acct.h>'s AC_SWAPS field is a COMP_T.]))
337 )
338 )
339 )
340 AC_HEADER_EGREP(comp_t, sys/acct.h, AC_DEFINE(HAVE_COMP_T, ,
341 [Define if <sys/acct.h> uses the COMP_T type.]))
[203]342 AC_HEADER_EGREP([struct acct_v3], sys/acct.h, AC_DEFINE(HAVE_ACCT_V3, ,
343 [Define if <sys/acct.h> has struct acct_v3.]))
[384]344 AC_HEADER_EGREP([struct acctv2], sys/acct.h, AC_DEFINE(HAVE_ACCTV2, ,
345 [Define if <sys/acct.h> has struct acctv2.]))
346
[183]347 )
348
349
[1]350dnl need to check because AIX 4.2 does not have it
351dnl
352AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
353#ifdef HAVE_SYS_TYPES_H
354#include <sys/types.h>
355#endif
356#ifdef HAVE_SYS_STAT_H
357#include <sys/stat.h>
358#endif
359#ifdef HAVE_SYS_VFS_H
360#include <sys/vfs.h>
361#endif
362#ifdef HAVE_UNISTD_H
363#include <unistd.h>
364#endif
365])
366
367AC_SYS_LARGEFILE
368
369dnl
370dnl check whether _POSIX_SOURCE is required
371dnl
372SAMHAIN_POSIX
373
374
375dnl *****************************************
376dnl
377dnl Checks for library functions.
378dnl
379dnl *****************************************
380AC_FUNC_STRFTIME
[491]381AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent fpurge \
[544]382 explicit_memset explicit_bzero \
[1]383 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
384 seteuid setreuid setresuid lstat getwd getcwd ptrace \
385 usleep setpriority getpeereid nanosleep \
[61]386 strptime basename sched_yield hasmntopt \
[1]387 inet_aton gethostbyname setutent setrlimit gethostname uname \
388 initgroups getpagesize \
[205]389 ttyname fchmod writev mmap tzset \
[131]390 getsid getpriority getpgid statvfs \
[171]391 strerror_r getgrgid_r getpwnam_r getpwuid_r \
[196]392 gmtime_r localtime_r rand_r readdir_r strtok_r \
[564]393 mincore posix_fadvise inotify_init1 scandir
[1]394)
395AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
[481]396SL_CHECK_VA_COPY
[1]397AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
398AC_CHECK_MLOCK
[238]399SH_STRFTIME_Z
[1]400
401AC_MSG_CHECKING(how to get filesystem type)
402fstype=no
403# The order of these tests is important.
404AC_TRY_CPP([#include <sys/statvfs.h>
405#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
406if test $fstype = no; then
407AC_TRY_CPP([#include <sys/statfs.h>
408#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
409fi
410if test $fstype = no; then
411AC_TRY_CPP([#include <sys/statfs.h>
412#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
413fi
414if test $fstype = no; then
415AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
416fi
417if test $fstype = no; then
418AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
419fi
420if test $fstype = no; then
421AC_TRY_CPP([#include <sys/mount.h>
422#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
423fi
424AC_MSG_RESULT($fstype)
425
426sh_libsocket=
427
428dnl Solaris needs -lsocket and -lnsl. Unisys system includes
429dnl gethostbyname in libsocket but needs libnsl for socket.
430AC_CHECK_LIB(nsl, gethostbyname)
431AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
432if test x$ac_need_libsocket = x1; then
433 LIBS="$LIBS -lsocket"
434 sh_libsocket="-lsocket"
435fi
436if test x$ac_try_nsl = x1; then
437 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
438 if test x$ac_need_libnsl = x1
439 then
440 LIBS="$LIBS -lnsl"
441 fi
442fi
443AC_SUBST(sh_libsocket)
444
445AC_CHECK_LIB(socket, res_search, [
446 AC_CHECK_LIB(resolv, dn_skipname)
447 AC_CHECK_LIB(resolv, __dn_skipname)
448 if test x$ac_need_libsocket = x1; then
449 :
450 else
451 LIBS="$LIBS -lsocket"
452 fi
453 ], [
454 AC_CHECK_LIB(resolv, res_search, [
455 LIBS="$LIBS -lresolv"
456 ], [
457 AC_CHECK_LIB(resolv, dn_skipname)
458 AC_CHECK_LIB(resolv, __dn_skipname)
459 ])
460 ])
461
[471]462AC_CHECK_FUNCS( getnameinfo getaddrinfo )
463
464
[294]465sh_auparse=no
466
467if test "x$ac_cv_header_auparse_h" = "xyes"
468then
469 AC_CHECK_LIB(auparse, auparse_find_field, [
470 LIBS="$LIBS -lauparse"
471 sh_auparse=yes
472 AC_DEFINE(HAVE_AUPARSE_LIB, 1, [Define if you have the auparse lib])
473 ])
474fi
475
[1]476dnl arguments for accept
477
478dnl check for Unix98 socklen_t (found on
479dnl xemacs-patches mailing list, written
480dnl by Martin Buchholz)
481dnl
482dnl On Darwin(MacOSX) socklen_t needs to be
483dnl an int (see accept man page), on all other
484dnl unix systems we need a size_t.
485
486AC_MSG_CHECKING(for socklen_t)
487AC_TRY_COMPILE([
488#ifdef HAVE_SYS_TYPES_H
489#include <sys/types.h>
490#endif
491#ifdef HAVE_SYS_SOCKET_H
492#include <sys/socket.h>
493#endif
494 socklen_t x;
495], [],[
496 AC_MSG_RESULT(yes)
497 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
[46]498 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
[1]499],[
500 AC_TRY_COMPILE([
501#ifdef HAVE_SYS_TYPES_H
502#include <sys/types.h>
503#endif
504#ifdef HAVE_SYS_SOCKET_H
505#include <sys/socket.h>
506#endif
507 int accept (int, struct sockaddr *, size_t *);
508 ],[],[
509 AC_MSG_RESULT(size_t)
510 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
511 ], [
512 AC_MSG_RESULT(int)
513 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
514 ]
515 )
516])
517
[68]518dnl *****************************************
519dnl checks for extended attribute or ACL
520dnl support
521dnl *****************************************
[1]522
[499]523AC_ARG_ENABLE([selinux],
524 [AS_HELP_STRING([--enable-selinux], [support checking selinux attributes])],
525 [],
526 [enable_selinux=check])
527if test "x$enable_selinux" != xno; then
528 sh_CHECK_XATTR
529fi
[68]530
[499]531AC_ARG_ENABLE([posix-acl],
532 [AS_HELP_STRING([--enable-posix-acl], [support checking posix acls])],
533 [],
534 [enable_posix_acl=check])
535if test "x$enable_posix_acl" != xno; then
536 sh_CHECK_POSIX_ACL
537fi
538
[1]539dnl *****************************************
540dnl checks for typedefs
541dnl *****************************************
542
543AC_C_LONG_DOUBLE
544SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
[265]545SH_CHECK_TYPEDEF(uint16_t, HAVE_UINT16_T)
[481]546SH_CHECK_TYPEDEF(uint32_t, HAVE_UINT32_T)
[156]547SH_CHECK_TYPEDEF(uint64_t, HAVE_UINT64_T)
[1]548if test "$sh_HAVE_LONG_LONG" = "yes"; then
549 AC_CHECK_SIZEOF(unsigned long long, 4)
[76]550 sh_sizeof_unsigned_long_long=`echo "$ac_cv_sizeof_unsigned_long_long" | sed 's%[^0-9]%%g'`
551 if test "$sh_sizeof_unsigned_long_long" = "8"; then
[1]552 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
553 fi
554fi
555
556AC_CHECK_TYPE(ptrdiff_t, long)
557AC_TYPE_SIZE_T
558AC_CHECK_SIZEOF(char *, 4)
559AC_CHECK_SIZEOF(size_t, 4)
560
561AC_CHECK_SIZEOF(unsigned long, 4)
[76]562AC_CHECK_SIZEOF(unsigned int, 4)
[1]563AC_CHECK_SIZEOF(unsigned short, 2)
564
565
[76]566sh_sizeof_unsigned_long=`echo "$ac_cv_sizeof_unsigned_long" | sed 's%[^0-9]%%g'`
567if test "$sh_sizeof_unsigned_long" = "4"; then
[1]568 AC_DEFINE(HAVE_LONG_32)
569fi
[76]570if test "$sh_sizeof_unsigned_long" = "8"; then
[1]571 AC_DEFINE(HAVE_LONG_64)
572fi
[76]573sh_sizeof_unsigned_int=`echo "$ac_cv_sizeof_unsigned_int" | sed 's%[^0-9]%%g'`
574if test "$sh_sizeof_unsigned_int" = "4"; then
[1]575 AC_DEFINE(HAVE_INT_32)
576fi
[76]577sh_sizeof_unsigned_short=`echo "$ac_cv_sizeof_unsigned_short" | sed 's%[^0-9]%%g'`
578if test "$sh_sizeof_unsigned_short" = "4"; then
[1]579 AC_DEFINE(HAVE_SHORT_32)
580fi
581
[18]582dnl
583dnl check for 64 bit programming environment
584dnl
585SAMHAIN_64
586
587
[1]588dnl *****************************************
589dnl checks for structures
590dnl *****************************************
591
592AC_STRUCT_TM
593
594dnl
595dnl from e2fsprogs
596dnl
597AC_MSG_CHECKING(whether struct stat has a st_flags field)
598AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
599 AC_TRY_COMPILE([#include <sys/stat.h>],
600 [struct stat stat; stat.st_flags = 0;],
601 [e2fsprogs_cv_struct_st_flags=yes],
602 [e2fsprogs_cv_struct_st_flags=no]))
603AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
604if test "$e2fsprogs_cv_struct_st_flags" = yes; then
605 AC_MSG_CHECKING(whether st_flags field is useful)
606 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
607 AC_TRY_COMPILE([#include <sys/stat.h>],
608 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
609 [e2fsprogs_cv_struct_st_flags_immut=yes],
610 [e2fsprogs_cv_struct_st_flags_immut=no]))
611 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
612 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
613 AC_DEFINE(HAVE_STAT_FLAGS)
614 fi
615fi
616
617dnl
618dnl from dbus
619dnl
620AC_MSG_CHECKING(for struct cmsgcred)
621AC_TRY_COMPILE([
622#include <sys/types.h>
623#include <sys/socket.h>
624],[
625struct cmsgcred cred;
626
627cred.cmcred_pid = 0;
628],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
629AC_MSG_RESULT($sh_have_struct_cmsgcred)
630
631if test x$sh_have_struct_cmsgcred = xyes; then
632 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
633fi
634
635AC_MSG_CHECKING(for struct fcred)
636AC_TRY_COMPILE([
637#include <sys/param.h>
638#include <sys/socket.h>
639#include <sys/ucred.h>
640],[
641struct fcred sockcred;
642],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
643AC_MSG_RESULT($sh_have_struct_fcred)
644
645if test x$sh_have_struct_fcred = xyes; then
646 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
647fi
648
649AC_MSG_CHECKING(for struct sockcred)
650AC_TRY_COMPILE([
651#include <sys/param.h>
652#include <sys/socket.h>
653#include <sys/ucred.h>
654],[
655struct sockcred sockcred;
656],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
657AC_MSG_RESULT($sh_have_struct_sockcred)
658
659if test x$sh_have_struct_sockcred = xyes; then
660 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
661fi
662
663AC_MSG_CHECKING(for SO_PEERCRED)
664AC_TRY_COMPILE([
665#include <sys/types.h>
666#include <sys/socket.h>
667],[
668int test = SO_PEERCRED;
669],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
670AC_MSG_RESULT($sh_have_SO_PEERCRED)
671
672if test x$sh_have_SO_PEERCRED = xyes; then
673 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
674fi
675
[522]676AC_MSG_CHECKING(for union semun)
677AC_TRY_COMPILE([#include <sys/types.h>
678#include <sys/ipc.h>
679#include <sys/sem.h>],[union semun foo;], [sh_have_semun=yes], [sh_have_semun=no])
680AC_MSG_RESULT($sh_have_semun)
681if test x$sh_have_semun = xyes
682then
683 AC_DEFINE(HAVE_UNION_SEMUN, 1, [union semun already defined in sys/ipc.h or sys/sem.h])
684fi
[1]685
686dnl *****************************************
687dnl checks for compiler characteristics
688dnl *****************************************
689AC_C_INLINE
690AC_C_CONST
691AC_C_BIGENDIAN
[76]692AC_C_RESTRICT
[1]693
694AM_SA_SIGACTION_WORKS
695
[255]696AC_ARG_ENABLE(ssp,
697 [ --disable-ssp disable the GCC stack protector],
698 [],
699 [enable_ssp=yes;]
700)
701
[203]702if test "x$GCC" = "xyes"; then
[255]703
704 if test x"${enable_ssp}" = xno; then
705 :
706 else
707 GCC_STACK_PROTECT_LIB
708 GCC_STACK_PROTECT_CC
[544]709 GCC_STACK_CHECK_CC
710 GCC_PIE_CC
711 GCC_FLAG_CHECK([-fexceptions])
712 GCC_FLAG_CHECK([-mcet -fcf-protection])
[255]713 fi
714
[203]715fi
716
[1]717dnl *****************************************
718dnl
719dnl checks for system services
720dnl
721dnl *****************************************
722
723dnl
[68]724dnl check for /proc filesystem
725dnl
726if test -d "/proc/$$"
727then
728 AC_DEFINE([HAVE_PROCFS],[1],[Define if you have a proc fs])
729fi
730
731dnl
[1]732dnl check for GNU gmp
733dnl
734AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
735if test "x${sh_have_gmp}" = xno
736then
737 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
738fi
739if test "x${sh_have_gmp}" = xyes
740then
741 # LIBS="-lgmp $LIBS"
742 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
743fi
744AC_CHECK_HEADERS(gmp.h)
745
[68]746AC_MSG_CHECKING([for ps])
747PS=
748for ff in /usr/ucb /bin /usr/bin; do
749 if test -x "$ff/ps"; then
750 PS="$ff/ps"
751 AC_MSG_RESULT([$PS])
752 break
753 fi
754done
755if test x$PS = x
756then
757 AC_MSG_RESULT([no])
[183]758 AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
[68]759fi
760AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
[1]761
[68]762AC_MSG_CHECKING([how to use ps])
763$PS ax >/dev/null 2>&1
764if test $? -eq 0; then
[169]765 case "$host_os" in
766 *openbsd*)
767 one=`$PS akx | wc -l`
768 ;;
769 *)
[68]770 one=`$PS ax | wc -l`
[169]771 ;;
772 esac
[68]773else
774 one=0
775fi
776$PS -e >/dev/null 2>&1
777if test $? -eq 0; then
778 two=`$PS -e | wc -l`
779else
780 two=0
781fi
782if test $one -ge $two
783then
[169]784 case "$host_os" in
785 *openbsd*)
786 PSARG="akx"
787 ;;
788 *)
789 PSARG="ax"
790 ;;
791 esac
[68]792else
[169]793 PSARG="-e"
[68]794fi
795AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
796AC_MSG_RESULT([$PS $PSARG])
797
[1]798dnl *****************************************
799dnl
800dnl enable features
801dnl
802dnl *****************************************
803
804AC_ARG_ENABLE(db-reload,
[100]805 [ --enable-db-reload enable database reload on SIGHUP [[no]]],
[1]806 [
807 if test "x${enable_db_reload}" = xyes; then
808 AC_DEFINE(RELOAD_DATABASE)
809 fi
810 ]
811)
812
813AC_ARG_ENABLE(xml-log,
814 [ --enable-xml-log enable XML logfile format [[no]]],
815 [
816 if test "x${enable_xml_log}" = xyes; then
817 AC_DEFINE(SH_USE_XML)
818 fi
819 ]
820)
821
822
823AC_ARG_ENABLE(mail,
824 [ --disable-mail disable the internal SMTP mailer],
825 [
826 if test "x${enable_mail}" = xno; then
827 :
828 else
829 AC_DEFINE(SH_WITH_MAIL)
830 fi
831 ],
832 [AC_DEFINE(SH_WITH_MAIL)]
833)
834
[412]835AC_ARG_ENABLE(suid,
836 [ --enable-suid allow suid],
837 [
838 if test "x${enable_suid}" = xyes; then
839 AC_DEFINE(SH_ALLOW_SUID, [1], [Define if you want to allow suid execution for samhain])
840 fi
841 ]
842)
843
[347]844AC_ARG_ENABLE(shellexpand,
845 [ --disable-shellexpand disable shell expansion in config file],
846 [
847 if test "x${enable_shellexpand}" = xno; then
848 :
849 else
850 AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])
851 fi
852 ],
853 [AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])]
854)
855
[1]856AC_ARG_ENABLE(external-scripts,
857 [ --disable-external-scripts disable interface to external scripts],
858 [
859 if test "x${enableval}" = xno; then
860 :
861 else
862 AC_DEFINE(WITH_EXTERNAL)
863 fi
864 ],
865 [AC_DEFINE(WITH_EXTERNAL)]
866)
867
868AC_ARG_ENABLE(message-queue,
869 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
870 [
[19]871 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
872 if test "x${enable_message_queue}" = xyes; then
873 AC_DEFINE(WITH_MESSAGE_QUEUE)
874 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
875 elif test "x${enable_message_queue}" != xno; then
876 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]877 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be numeric])
[19]878 echo "${enableval}" | \
879 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
[183]880 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be an octal (0nnn) number])
[1]881 AC_DEFINE(WITH_MESSAGE_QUEUE)
[19]882 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
883 fi
884 else
885 echo
886 echo "**********************************************"
887 echo
888 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
889 echo
890 echo "**********************************************"
891 echo
[1]892 fi
893 ]
894)
895
896AC_ARG_WITH(cflags,
897 [ --with-cflags additional flags to pass to compiler],
898 [
899 if test "x$withval" != "xno" ; then
900 CFLAGS="$CFLAGS $withval"
901 fi
902 ]
903)
904AC_ARG_WITH(libs,
905 [ --with-libs additional libraries to link with],
906 [
907 if test "x$withval" != "xno" ; then
908 LIBS="$LIBS $withval"
909 fi
910 ]
911)
912
913
914#
915# this is from ssh
916#
917AC_MSG_CHECKING(whether to use libwrap)
918LIBWRAP_LIB=""
919LIBWRAP_INC=""
920AC_ARG_WITH(libwrap,
[18]921[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
[1]922[ AC_MSG_RESULT($withval)
923 case "$withval" in
924 no)
925 ;;
926 ""|yes)
927 LIBWRAP_LIB="-lwrap"
928 ;;
929 *)
930 if test -d "$withval"; then
931 LIBWRAP_LIB="-L$withval -lwrap"
932 changequote(<<, >>)dnl
933 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
934 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
935 changequote([, ])dnl
936 else
937 LIBWRAP_LIB="-lwrap"
938 changequote(<<, >>)dnl
939 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
940 LIBWRAP_INC="-I${sh_libwrap_inc}"
941 changequote([, ])dnl
942 fi
943 ;;
944 esac
945 if test -n "$LIBWRAP_LIB"; then
946 # OLDLIBS="$LIBS"
947 LIBS="$LIBWRAP_LIB $LIBS"
948 # OLDCFLAGS="$CFLAGS"
949 CFLAGS="$CFLAGS $LIBWRAP_INC"
950 AC_CHECK_HEADER(tcpd.h,
951 [],
[183]952 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You need to install tcp_wrappers.]) ])
[1]953 AC_TRY_LINK([ #include <tcpd.h>
954 int allow_severity; int deny_severity; ],
955 [ hosts_access((struct request_info *) 0); ],
956 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
957 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
958 fi ],
959 AC_MSG_RESULT(no)
960)
961
962
[129]963dnl
964dnl NETWORK OPTIONS
965dnl
966AC_ARG_ENABLE(network,
967 [ --enable-network=[[client|server]] compile client or server [[no]]],
968 [
969 if test "x$enable_network" = xclient; then
970 mytclient="-DSH_WITH_CLIENT"
971 yulectl_prg=
[481]972 samhainadmin_prg=
[129]973 setpwd_prg="samhain_setpwd"
974 sh_main_prg="samhain"
975 if test "x${sh_have_gmp}" = xyes
976 then
977 LIBS="-lgmp $LIBS"
978 fi
979dnl AC_CHECK_HEADER(sys/capability.h,
980dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
981dnl [sh_use_lcaps="no"])
982 elif test "x$enable_network" = xserver; then
983 mytclient="-DSH_WITH_SERVER"
984 yulectl_prg="yulectl"
[557]985 samhainadmin_prg="scripts/samhainadmin-gpg.pl scripts/samhainadmin-sig.pl"
[129]986 setpwd_prg="samhain_setpwd"
987 sh_main_prg="yule"
988 if test "x${sh_have_gmp}" = xyes
989 then
990 LIBS="-lgmp $LIBS"
991 fi
992 sh_use_lcaps="undef"
993 elif test "x$enable_network" = xno; then
994 mytclient="-DSH_STANDALONE"
995 yulectl_prg=
[481]996 samhainadmin_prg=
[129]997 setpwd_prg=
998 sh_main_prg="samhain"
999dnl AC_CHECK_HEADER(sys/capability.h,
1000dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1001dnl [sh_use_lcaps="no"])
1002 else
[183]1003 AC_MSG_ERROR([With --enable-network=WHAT, WHAT must be client, server, or no])
[129]1004 fi
1005 ],
1006 [
1007 mytclient="-DSH_STANDALONE"
1008 setpwd_prg=
1009 yulectl_prg=
[481]1010 samhainadmin_prg=
[129]1011 sh_main_prg="samhain"
1012dnl AC_CHECK_HEADER(sys/capability.h,
1013dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1014dnl [sh_use_lcaps="no"])
1015 ],
1016)
1017
1018AC_SUBST(setpwd_prg)
1019AC_SUBST(yulectl_prg)
[481]1020AC_SUBST(samhainadmin_prg)
[129]1021AC_SUBST(sh_main_prg)
1022AC_SUBST(mytclient)
1023
1024# needed for the rpm spec
1025clmytclient=`echo ${mytclient} | sed s%\-%%`
1026AC_SUBST(clmytclient)
1027
[171]1028sh_no_gcc_static=no
1029
[124]1030AC_ARG_ENABLE(static,
[170]1031 [ --enable-static enable static linking [[no]]],
[124]1032 [
1033 if test x$enable_static = xyes; then
1034 if test x"$mynetbsd" = xyes
1035 then
1036 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
1037 LIBS="${tmp_LIBS}"
1038 fi
[294]1039 if test x"${sh_auparse}" = xyes
1040 then
1041 tmp_LIBS=`echo $LIBS | sed 's%\-lauparse%%' `
1042 LIBS="${tmp_LIBS}"
[544]1043 AC_MSG_WARN([--enable-static: no support for Linux Auditing System])
[294]1044 fi
[481]1045
1046 if test "x$GCC" = "xyes";
1047 then
[544]1048 if test -n "`echo "$CFLAGS" | grep "\-flto" 2> /dev/null`"
1049 then
1050 AC_MSG_ERROR([--enable-static: not compatible with link-time optimisation])
1051 fi
[481]1052 case "$host_os" in
1053
1054 *solaris*)
1055 AC_MSG_WARN([option --enable-static ignored on Solaris])
1056 ;;
1057
1058 *)
1059 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
1060 sh_no_gcc_static=no
1061 LDFLAGS="$LDFLAGS -static"
1062 ;;
1063 esac
[124]1064 else
[481]1065 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
[171]1066 sh_no_gcc_static=yes
[124]1067 case "$host_os" in
1068
1069 *aix*)
1070 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
1071 ;;
1072
1073 *hpux*)
1074 LDFLAGS="$LDFLAGS -Wl,-a,archive"
1075 ;;
1076
1077 *osf*)
1078 LDFLAGS="$LDFLAGS -non_shared"
1079 ;;
1080
1081 *irix*)
1082 LDFLAGS="$LDFLAGS -non_shared"
1083 ;;
1084
1085 *sco*)
1086 LDFLAGS="$LDFLAGS -dn"
1087 ;;
1088
1089 *sun*)
1090 LDFLAGS="$LDFLAGS -Bstatic"
1091 ;;
1092
1093 *solaris*)
1094 LDFLAGS="$LDFLAGS -Bstatic"
1095 ;;
1096
1097 *)
1098 echo "***********************************************"
1099 echo "*"
1100 echo "* Don't know how to enable static linking"
1101 echo "* with your compiler. Please set the environment"
1102 echo "* variable LDFLAGS to:"
1103 echo "* ${LDFLAGS} + the static linking flag"
1104 echo "* and run configure again"
1105 echo "*"
1106 echo "***********************************************"
1107 ;;
1108
1109 esac
1110 fi
1111 fi
1112 ]
1113)
1114
[138]1115if test x"${mytclient}" = x-DSH_STANDALONE -o x"${mytclient}" = x-DSH_WITH_CLIENT;
1116then
[168]1117dnl For threaded modules
[138]1118 ACX_PTHREAD
1119 CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
1120 LIBS="$PTHREAD_LIBS $LIBS"
[153]1121 LDFLAGS="$PTHREAD_CFLAGS $LDFLAGS"
[138]1122 CC="$PTHREAD_CC"
[168]1123dnl For MODI_TXT
1124 CHECK_ZLIB()
[138]1125fi
[203]1126
1127if test x$enable_static = xyes; then
1128 :
1129else
1130 if test x$sh_use_pie = xyes; then
1131 LDFLAGS="$LDFLAGS $PIE_LDFLAGS"
1132 CFLAGS="$CFLAGS $PIE_CFLAGS"
1133 fi
1134fi
[439]1135AC_CHECK_FUNC(pmap_getmaps,
1136 AC_DEFINE([HAVE_PMAP_GETMAPS], [], [Define if pmap_getmaps available]), [],[])
[203]1137
[138]1138
[1]1139#
1140# this is from the snort configure.in
1141#
[564]1142AC_DEFUN([FAIL_MESSAGE],[
[1]1143 echo
1144 echo
1145 echo "**********************************************"
1146 echo " ERROR: unable to find" $1
1147 echo " checked in the following places"
1148 for i in `echo $2`; do
1149 echo " $i"
1150 done
1151 echo "**********************************************"
1152 echo
1153 exit
1154])
1155
1156AC_ARG_WITH(libprelude-prefix,
[18]1157 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
[1]1158 libprelude_config_prefix="$withval", libprelude_config_prefix="")
1159
1160AC_MSG_CHECKING(whether to use prelude)
1161AC_ARG_WITH(prelude,
[18]1162 [ --with-prelude Prelude IDS support [[no]]],
[1]1163 [
1164 if test "x${withval}" = "xno"; then
1165 AC_MSG_RESULT(no)
1166 else
1167 AC_MSG_RESULT(yes)
1168 if test x$libprelude_config_prefix != x ; then
1169 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
1170 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
1171 fi
1172 fi
1173
1174 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
1175 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
1176 HAVE_PRELUDE_CONFIG=no
1177 else
1178 HAVE_PRELUDE_CONFIG=yes
1179 fi
1180dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
1181 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
1182 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
1183 case "$sh_libprelude_version" in
1184 0.8*)
[183]1185 AC_MSG_ERROR([You have Libprelude 0.8, which is too old. Version 0.9.6 or higher is required.])
[1]1186 ;;
1187 *)
[26]1188 AM_PATH_LIBPRELUDE([0.9.6],
[1]1189 [
1190 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
1191 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
1192 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
1193 LIBS="$LIBS $LIBPRELUDE_LIBS"
1194 ],
1195 [
[124]1196 AC_MSG_ERROR([Could not find libprelude (if you are using --enable-static, the static library libprelude.a might be missing).])
[1]1197 ])
1198 ;;
1199 esac
1200 else
[124]1201 AC_MSG_ERROR([Could not find libprelude-config.])
[1]1202 fi
1203 fi
1204 ],
1205 [
1206 AC_MSG_RESULT(no)
1207 ]
1208)
1209
1210#
1211# partly based on the snort configure.in
1212#
1213AC_ARG_WITH(database,
1214 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
1215 [
[544]1216 if test x"$enable_static" = xyes; then
1217 AC_MSG_WARN([With --enable-static, --with-database may fail to compile.])
1218 fi
[1]1219 if test x"$enable_xml_log" != xyes; then
[183]1220 AC_MSG_ERROR([With --with-database, --enable-xml-log is required as well.])
[1]1221 fi
1222 if test "x${withval}" = "xmysql"; then
[168]1223 if test "x$zlib_found" = "x"
1224 then
1225 CHECK_ZLIB()
1226 fi
[1]1227 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
1228 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
1229 sh_mysql_libs="`mysql_config --libs`"
1230 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
1231 LIBS="$LIBS ${sh_mysql_libs}"
1232 sh_mysql_cflags="`mysql_config --cflags`"
1233 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
1234 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
1235 else
[168]1236 AC_MSG_CHECKING([for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME])
[1]1237 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
1238
1239 for i in $mysql_directory; do
1240 if test -r $i/include/mysql/mysql.h; then
1241 MYSQL_DIR=$i
1242 MYSQL_INC_DIR=$i/include
1243 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
1244 fi
1245 done
1246 if test -z "$MYSQL_DIR"; then
1247 for i in $mysql_directory; do
1248 if test -r $i/include/mysql.h; then
1249 MYSQL_DIR=$i
1250 MYSQL_INC_DIR=$i/include
1251 fi
1252 done
1253 fi
1254
1255 if test -z "$MYSQL_DIR"; then
1256 tmp=""
1257 for i in $mysql_directory; do
1258 tmp="$tmp $i/include $i/include/mysql"
1259 done
1260 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
1261 fi
1262
1263 for i in lib lib/mysql; do
1264 str="$MYSQL_DIR/$i/libmysqlclient.*"
1265 for j in `echo $str`; do
1266 if test -r $j; then
1267 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
1268 break 2
1269 fi
1270 done
1271 done
1272
1273 if test -z "$MYSQL_LIB_DIR"; then
1274 for ff in $mysql_directory; do
1275 for i in lib lib/mysql; do
1276 str="$ff/$i/libmysqlclient.*"
1277 for j in `echo $str`; do
1278 if test -r $j; then
1279 MYSQL_LIB_DIR="$ff/$i"
1280 break 3
1281 fi
1282 done
1283 done
1284 done
1285 fi
1286
1287 if test -z "$MYSQL_LIB_DIR"; then
1288 tmp=""
1289 for i in $mysql_directory; do
1290 tmp="$i/lib $i/lib/mysql"
1291 done
1292 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
1293 fi
1294
1295 AC_MSG_RESULT(yes)
1296 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
1297 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
1298 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
1299 fi
1300 AC_DEFINE(WITH_MYSQL)
1301 AC_DEFINE(WITH_DATABASE)
[168]1302 if test "x$zlib_found" = "xyes"
[1]1303 then
1304 LIBS="$LIBS -lz -lm"
1305 else
1306 echo
[168]1307
1308 echo " Mysql library was not found or not useable."
1309 echo " Possible reasons include:"
[101]1310 echo " - an old, incompatible version compiled from source"
1311 echo " - on Solaris, libmysql is compiled with the Solaris"
1312 echo " compiler, thus the mysql_config script provides"
1313 echo " compiler options unsuitable for gcc (move"
1314 echo " mysql_config out of your PATH)"
1315 echo " For other problems, check config.log for the error"
[1]1316 echo " message from the compiler."
[101]1317 echo
[168]1318 echo " If your mysql libraries are installed in an"
[101]1319 echo " unusual place, use --with-libs=-L/path/to/libdirectory"
[168]1320 echo " where libdirectory is the directory holding libmysql."
[1]1321 if test x"$enable_static" = xyes; then
1322 echo " Note that for compiling a static binary, you need"
1323 echo " the static libraries, rather than the shared ones."
1324 fi
1325 echo
[183]1326 AC_MSG_ERROR([Could not find libmysql, or it is not useable.])
[1]1327 fi
1328 AC_CHECK_HEADERS(mysql/mysql.h)
1329 elif test "x${withval}" = "xpostgresql"; then
1330 AC_DEFINE(WITH_POSTGRES)
1331 AC_DEFINE(WITH_DATABASE)
1332 #
1333 PGCONF="no"
1334 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
1335 OLD_IFS="$IFS"
1336 IFS=":"
1337 for ff in ${MY_PATH}
1338 do
1339 if test -f "$ff/pg_config"
1340 then
1341 PGCONF="$ff/pg_config"
1342 fi
1343 done
1344 IFS="${OLD_IFS}"
1345 #
1346 #
1347 if test "x${PGCONF}" = "xno"
1348 then
1349 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1350 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1351 for i in $pgsql_directory; do
1352 if test -r $i/include/pgsql/libpq-fe.h; then
1353 PGSQL_INC_DIR=$i/include
1354 PGSQL_DIR=$i
1355 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1356 fi
1357 done
1358 if test -z "$PGSQL_DIR"; then
1359 for i in $pgsql_directory; do
[207]1360 if test -r $i/include/postgresql/libpq-fe.h; then
1361 PGSQL_INC_DIR=$i/include
1362 PGSQL_DIR=$i
1363 fi
1364 done
1365 fi
1366 if test -z "$PGSQL_DIR"; then
1367 for i in $pgsql_directory; do
[1]1368 if test -r $i/include/libpq-fe.h; then
1369 PGSQL_INC_DIR=$i/include
1370 PGSQL_DIR=$i
1371 fi
1372 done
1373 fi
1374
1375 if test -z "$PGSQL_DIR"; then
1376 tmp=""
1377 for i in $pgsql_directory; do
[207]1378 tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
[1]1379 done
1380 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1381 fi
1382
[207]1383 for i in lib lib/pgsql lib/postgresql; do
[1]1384 str="$PGSQL_DIR/$i/libpq.*"
1385 for j in `echo $str`; do
1386 if test -r $j; then
1387 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1388 break 2
1389 fi
1390 done
1391 done
1392
1393 if test -z "$PGSQL_LIB_DIR"; then
1394 for ff in $pgsql_directory; do
[207]1395 for i in lib lib/pgsql lib/postgresql; do
[1]1396 str="$ff/$i/libpq.*"
1397 for j in `echo $str`; do
1398 if test -r $j; then
1399 PGSQL_LIB_DIR="$ff/$i"
1400 break 3
1401 fi
1402 done
1403 done
1404 done
1405 fi
1406
1407 if test -z "$PGSQL_LIB_DIR"; then
1408 tmp=""
1409 for i in $pgsql_directory; do
[207]1410 tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
[1]1411 done
1412 FAIL_MESSAGE("postgresql library libpq", $tmp)
1413 fi
1414
1415 AC_MSG_RESULT(yes)
1416
1417 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1418 if test x"$enable_static" = xyes; then
1419 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1420 else
1421 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1422 fi
1423 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1424 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1425 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
[207]1426 AC_CHECK_HEADERS(postgresql/libpq-fe.h)
[1]1427 else
1428 pg_lib_dir=`${PGCONF} --libdir`
1429 if test x"$enable_static" = xyes; then
1430 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1431 else
1432 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1433 fi
1434 pg_inc_dir=`${PGCONF} --includedir`
1435 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1436 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1437 fi
1438 elif test "x${withval}" = "xodbc"; then
1439 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1440 odbc_directory="/usr /usr/local"
1441
1442 for i in $odbc_directory; do
1443 if test -r $i/include/sql.h; then
1444 if test -r $i/include/sqlext.h; then
1445 if test -r $i/include/sqltypes.h; then
1446 ODBC_DIR=$i
1447 ODBC_INC_DIR=$i/include
1448 fi
1449 fi
1450 fi
1451 done
1452
1453 if test -z "$ODBC_DIR"; then
1454 tmp=""
1455 for i in $odbc_directory; do
1456 tmp="$tmp $i/include"
1457 done
1458 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1459 fi
1460
1461 str="$ODBC_DIR/lib/libodbc.*"
1462 for j in `echo $str`; do
1463 if test -r $j; then
1464 ODBC_LIB_DIR="$ODBC_DIR/lib"
1465 ODBC_LIB="odbc"
1466 fi
1467 done
1468
1469 if test -z "$ODBC_LIB_DIR"; then
1470 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1471 fi
1472
1473 AC_MSG_RESULT(yes)
1474 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1475 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1476 AC_DEFINE(WITH_ODBC)
1477 AC_DEFINE(WITH_DATABASE)
1478
1479 elif test "x${withval}" = "xoracle"; then
[415]1480
1481 AC_MSG_CHECKING(for oracle in ORACLE_HOME /usr/local /usr)
1482
[1]1483 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1484 for i in $oracle_directory; do
[415]1485
1486 ff=`find $i -name oci.h 2>/dev/null | tail -1`
1487 if test "x$ff" = "x"; then
1488 :
1489 else
1490 ORACLE_INC=`dirname $ff`
1491 fi
1492
1493 fg=`find $i -name libclntsh.so 2>/dev/null | tail -1`
1494 if test "x$fg" = "x"; then
1495 :
1496 else
1497 ORACLE_LIB=`dirname $fg`
1498 fi
1499
1500 done
[1]1501
[415]1502 if test -z "$ORACLE_INC"; then
1503
[1]1504 tmp=""
1505 for i in $oracle_directory; do
[415]1506 tmp="$tmp $i"
[1]1507 done
[415]1508 FAIL_MESSAGE("OCI header file (oci.h) please define ORACLE_INC directory where oci.h resides", $tmp)
[1]1509
[415]1510 elif test -z "$ORACLE_LIB"; then
1511
1512 tmp=""
1513 for i in $oracle_directory; do
1514 tmp="$tmp $i"
1515 done
1516 FAIL_MESSAGE("OCI library file (libclntsh.so) please define ORACLE_LIB directory where libclntsh.so resides", $tmp)
1517
1518 else
1519
1520 ORACLE_CPP_FLAGS="-I$ORACLE_INC"
1521 ORACLE_LIB_DIR="$ORACLE_LIB"
1522
1523 AC_MSG_RESULT([$ORACLE_INC $ORACLE_LIB])
1524
[1]1525 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1526
1527 ORACLE_LIBS="-lclntsh"
[415]1528
1529 if test -r $ORACLE_LIB_DIR/libnnz11.so; then
1530 ORACLE_LIBS="${ORACLE_LIBS} -lnnz11"
1531 fi
[1]1532 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1533 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1534 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1535 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1536 fi
1537 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
[45]1538 if test "x$GCC" != "xyes"; then
1539 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1540 fi
[1]1541 fi
1542 AC_DEFINE(WITH_ORACLE)
1543 AC_DEFINE(WITH_DATABASE)
1544
1545 else
[183]1546 AC_MSG_ERROR([Option --with-database=database used with unsupported database ${withval}])
[1]1547 fi
1548 ]
1549)
1550
1551AC_ARG_WITH(console,
[18]1552 [ --with-console=PATH set path to console device [[/dev/console]]],
[1]1553 [
1554 if test "x${withval}" != xno; then
1555 mycons="$withval"
1556 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1557 fi
1558 ])
1559
1560AC_ARG_WITH(altconsole,
[18]1561 [ --with-altconsole=PATH set path to second console device [[none]]],
[1]1562 [
1563 if test "x${withval}" != xno; then
1564 myaltcons="$withval"
1565 else
1566 myaltcons="NULL"
1567 fi
1568 ],
1569 [myaltcons="NULL"])
1570AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1571
1572AC_ARG_WITH(timeserver,
[18]1573 [ --with-timeserver=HOST set host address for time server [[none]]],
[1]1574 [
1575 if test "x${withval}" != xno; then
1576 mytimeserv="$withval"
1577 AC_DEFINE(HAVE_NTIME)
1578 else
1579 mytimeserv="NULL"
1580 fi
1581 ],
1582 mytimeserv="NULL")
1583AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1584
1585AC_ARG_WITH(alttimeserver,
[18]1586 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
[1]1587 [
1588 if test "x${withval}" != xno; then
1589 myalttimeserv="$withval"
1590 AC_DEFINE(HAVE_NTIME)
1591 else
1592 myalttimeserv="NULL"
1593 fi
1594 ],
1595 myalttimeserv="NULL")
1596AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1597
1598AC_ARG_ENABLE(login-watch,
1599 [ --enable-login-watch watch for login/logout [[no]]],
1600 [
1601 if test "x${enable_login_watch}" = xyes; then
1602 AC_DEFINE(SH_USE_UTMP)
1603 fi
1604 ]
1605)
1606
1607AC_ARG_ENABLE(mounts-check,
[18]1608 [ --enable-mounts-check check mount options on filesystems [[no]]],
[1]1609 [
1610 if test "x${enable_mounts_check}" = xyes; then
1611 AC_DEFINE(SH_USE_MOUNTS)
1612 fi
1613 ]
1614)
1615
[183]1616AC_ARG_ENABLE(logfile-monitor,
1617 [ --enable-logfile-monitor monitor logfiles [[no]]],
1618 [
1619 if test "x${enable_logfile_monitor}" = xyes; then
1620 AC_CHECK_HEADER(pcre.h,
1621 [
1622 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1623 LIBS="-lpcre $LIBS"
1624 ],
[203]1625 [
1626 AC_CHECK_HEADER(pcre/pcre.h,
1627 [
1628 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1629 AC_DEFINE(HAVE_PCRE_PCRE_H, 1, [Define if you have pcre/pcre.h.])
1630 LIBS="-lpcre $LIBS"
1631 ],
1632 AC_MSG_ERROR([The --enable-logfile-monitor option requires libpcre. For compiling the pcre development package is needed.])
1633 )
1634 ]
[183]1635 )
[285]1636 AC_CHECK_LIB(pcre, pcre_dfa_exec, [
1637 AC_DEFINE([HAVE_PCRE_DFA_EXEC], 1, [Define if you have pcre_dfa_exec])
1638 ], [
1639 AC_MSG_WARN([pcre_dfa_exec not available])
1640 ])
[183]1641 fi
1642 ]
1643)
1644
1645
[68]1646AC_ARG_ENABLE(process-check,
1647 [ --enable-process-check check processes [[no]]],
1648 [
1649 if test "x${enable_process_check}" = xyes; then
1650 AC_CHECK_LIB([rt], [sched_getparam], sh_lrt=yes, sh_lrt=no)
1651 if test x"$sh_lrt" = xyes; then
1652 LIBRT=-lrt
1653 else
1654 LIBRT=
1655 fi
1656 LIBS="$LIBS $LIBRT"
1657 AC_DEFINE(SH_USE_PROCESSCHECK, [1], [Define if you want to check processes])
1658 fi
1659 ]
1660)
1661
1662AC_ARG_ENABLE(port-check,
1663 [ --enable-port-check check ports [[no]]],
1664 [
1665 if test "x${enable_port_check}" = xyes; then
1666 AC_DEFINE(SH_USE_PORTCHECK, [1], [Define if you want to check ports])
1667 fi
1668 ]
1669)
1670
[1]1671AC_ARG_ENABLE(userfiles,
[18]1672 [ --enable-userfiles check for users' config files [[no]]],
[1]1673 [
1674 if test "x${enableval}" = "xyes"; then
1675 AC_DEFINE(SH_USE_USERFILES)
1676 fi
1677 ]
1678)
1679
1680AC_ARG_ENABLE(debug,
1681 [ --enable-debug enable debug options [[no]]],
1682 [
1683 if test "x${enable_debug}" = "xyes"; then
1684 if test "x${mydebugflag}" != "xyes"; then
1685 AC_DEFINE(MEM_DEBUG)
1686 fi
1687 AC_DEFINE(WITH_TPT)
1688 AC_DEFINE(SL_DEBUG)
[171]1689 AC_DEFINE(DNMALLOC_CHECKS, 1, [Debug dnmalloc])
1690 AC_DEFINE(PARANOIA, 0, [Paranoia level for dnmalloc])
[1]1691 AC_DEFINE(SL_FAIL_ON_ERROR)
1692 if test "x${myneedg3}" = "xyes"; then
1693 mydebugdef="-g3"
1694 else
1695 mydebugdef="-g"
1696 fi
1697 mydebugit="yes"
[295]1698 elif test "x${enable_debug}" = "xgdb"; then
[459]1699 AC_DEFINE(SH_ABORT_ON_ERROR, 1, [Use abort])
[295]1700 if test "x${myneedg3}" = "xyes"; then
1701 mydebugdef="-g3"
1702 else
1703 mydebugdef="-g"
1704 fi
1705 mydebugit="yes"
[1]1706 fi
1707 ]
1708)
1709AC_SUBST(mydebugdef)
1710
[447]1711if test "x${enable_asm_ok}" = "xyes"; then
1712 sh_enable_asm=yes
1713else
1714 sh_enable_asm=no
1715fi
[441]1716AC_ARG_ENABLE(asm,
1717 [ --disable-asm disable asm inline code],
1718 [
1719 if test "x${enable_asm}" = xno; then
1720 sh_enable_asm=no
1721 fi
1722 ]
1723)
[295]1724
[441]1725if test "x${samhain_64_asm}" = xyes; then
1726 if test "x${sh_enable_asm}" = xyes; then
1727 AC_DEFINE([TIGER_OPT_ASM],1,[Define to use tiger x86_64 optimized assembly])
1728 fi
1729fi
1730
[295]1731AC_ARG_ENABLE(ipv6,
1732 [ --disable-ipv6 disable ipv6 support],
1733 [
1734 if test "x${enable_ipv6}" = xno; then
1735 AC_DEFINE(USE_IPV4,1,[Define if you do not want IPv6])
1736 fi
1737 ]
1738)
1739
[171]1740if test "x${dnmalloc_ok}" = "xyes"; then
1741 sh_dnmalloc_enabled=yes
1742else
1743 sh_dnmalloc_enabled=no
1744fi
1745
1746AC_ARG_ENABLE(dnmalloc,
1747 [ --disable-dnmalloc disable dnmalloc],
1748 [
1749 if test "x${enable_dnmalloc}" = xno; then
1750 sh_dnmalloc_enabled=no
1751 else
1752 sh_dnmalloc_enabled=yes
1753 fi
1754 ]
1755)
1756
1757dnl Handle the problem that static linking against libc.a on Linux
1758dnl produces the error "multiple definitions of malloc"
1759dnl
1760if test "x$sh_dnmalloc_enabled" = "xyes"; then
1761 if test x$enable_static = xyes; then
1762 if test "x$sh_no_gcc_static" = "xyes"; then
1763 sh_dnmalloc_enabled=no
1764 else
1765 if test "x$with_gnu_ld" = "xyes"; then
1766 LDFLAGS="$LDFLAGS -Wl,--allow-multiple-definition"
1767 else
1768 sh_dnmalloc_enabled=no
1769 fi
1770 fi
1771 fi
1772fi
1773
1774if test "x${sh_dnmalloc_enabled}" = xno; then
1775 AC_DEFINE(USE_SYSTEM_MALLOC,1,[Define if you want to use the system malloc])
1776fi
1777
[1]1778AC_ARG_ENABLE(ptrace,
1779 [ --enable-ptrace use anti-debugger options [[no]]],
1780 [
1781 if test "x${enable_ptrace}" = xyes; then
1782 if test "x$mydebugit" != "xyes"; then
1783 AC_DEFINE(SCREW_IT_UP)
1784 fi
1785 fi
1786 ]
1787)
1788
1789dnl
1790if test "x$GCC" = "xyes"; then
1791 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1792 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1793 fi
1794
[481]1795dnl -W is the older name for -Wextra
[1]1796
[481]1797
[1]1798 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
[481]1799 case "$host_os" in
1800 *solaris*)
1801 CFLAGS="$CFLAGS -Wall -W -Wno-missing-braces "
1802 ;;
1803 *)
[544]1804 CFLAGS="$CFLAGS -Wall -W -Werror=implicit-function-declaration "
[481]1805 ;;
1806 esac
[1]1807 fi
1808
1809 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1810 then
1811 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1812 then
[474]1813 GCC_FLAG_CHECK([-fno-strength-reduce])
[1]1814 fi
1815 fi
1816
1817 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1818 then
1819 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1820 then
[474]1821 GCC_FLAG_CHECK([-fno-omit-frame-pointer])
[1]1822 fi
1823 fi
1824
1825fi
1826
[203]1827dnl Test whether gcc supports -Wno-empty-body
1828dnl Suppresses warnings from glibc pthread_cleanup_pop
1829dnl
[474]1830GCC_FLAG_CHECK([-Wno-empty-body])
[203]1831
[474]1832dnl This one is for clang
1833dnl
1834GCC_FLAG_CHECK([-Wno-invalid-source-encoding])
1835
1836
[1]1837AC_MSG_CHECKING([which random module to use])
1838AC_ARG_WITH(rnd,
1839 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1840[use_static_rnd=$withval], [use_static_rnd=default] )
1841
1842if test "$use_static_rnd" = no; then
1843 use_static_rnd=default
1844fi
1845
1846case "$use_static_rnd" in
1847 egd | dev | unix | default )
1848 AC_MSG_RESULT($use_static_rnd)
1849 ;;
1850 * )
1851 AC_MSG_RESULT([invalid argument])
[183]1852 AC_MSG_ERROR([Option --with-rnd=module used with unsupported module ${use_static_rnd}])
[1]1853 ;;
1854esac
1855
1856AC_ARG_WITH(egd-socket,
1857 [ --with-egd-socket=NAME EGD socket name],
1858 egd_socket_name="$withval", egd_socket_name="" )
1859AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1860
1861dnl
1862dnl See whether the user wants to disable checking for /dev/random
1863
1864try_dev_random=yes
1865
1866case "$use_static_rnd" in
1867dev | default )
1868 try_dev_random=yes
1869 ;;
1870egd)
1871 AC_DEFINE(HAVE_EGD_RANDOM)
1872 try_dev_random=no
1873 ;;
1874unix)
1875 AC_DEFINE(HAVE_UNIX_RANDOM)
1876 try_dev_random=no
1877 ;;
1878esac
1879
1880
1881if test "x$try_dev_random" = "xyes"; then
1882 AC_MSG_CHECKING(whether /dev/random exists)
1883 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1884 AC_DEFINE(HAVE_URANDOM)
1885 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1886 AC_MSG_RESULT(yes)
1887 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1888 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1889 fi
1890 else
1891 if test -r "/dev/random" && test -c "/dev/random"; then
1892 AC_DEFINE(HAVE_URANDOM)
1893 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1894 AC_MSG_RESULT(yes)
1895 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1896 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1897 fi
1898 else
1899 AC_MSG_RESULT(no)
1900 AC_DEFINE(HAVE_UNIX_RANDOM)
1901 fi
1902 fi
1903fi
1904
1905
1906AC_ARG_ENABLE(udp,
1907 [ --enable-udp server can listen on port 514/udp [[no]]],
1908 [
1909 if test "x${enable_udp}" = xyes; then
1910 AC_DEFINE(INET_SYSLOG)
1911 fi
1912 ]
1913)
1914
1915myencrypt=yes
1916AC_ARG_ENABLE(encrypt,
1917 [ --disable-encrypt disable client/server encryption],
1918 [
1919 if test "x${enable_encrypt}" = xno; then
1920 myencrypt=no
1921 fi
1922 ]
1923)
1924if test "x${myencrypt}" = "xyes"; then
1925 AC_DEFINE(SH_ENCRYPT)
1926 AC_DEFINE(SH_ENCRYPT_2)
1927fi
1928
1929sh_use_srp_proto=yes
1930AC_ARG_ENABLE(srp,
1931 [ --disable-srp disable SRP for authentication],
1932 [
1933 if test "x${enable_srp}" = xno; then
1934 sh_use_srp_proto=no
1935 fi
1936 ]
1937)
1938if test "x${sh_use_srp_proto}" = xyes; then
1939 AC_DEFINE(USE_SRP_PROTOCOL)
1940fi
1941
1942AC_ARG_WITH(port,
1943 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1944 [
1945 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]1946 AC_MSG_ERROR([For --with-port=PORT, PORT must be numeric.])
[1]1947 myport=${withval}
1948 ],
1949 [myport="49777"])
1950AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1951AC_SUBST(myport)
1952
1953AC_ARG_WITH(logserver,
1954 [ --with-logserver=HOST set host address for log server [[none]]],
1955 [
1956 case "$withval" in
1957 *.* | localhost)
1958 mylogsrv="$withval"
1959 ;;
1960 *)
1961 mylogsrv="$withval"
1962 ;;
1963 esac
1964 ],
1965 [mylogsrv="NULL"])
1966AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1967AC_SUBST(mylogsrv)
1968
1969AC_ARG_WITH(altlogserver,
1970 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1971 [
1972 case "$withval" in
1973 *.* | localhost)
1974 myaltlogsrv="$withval"
1975 ;;
1976 *)
1977 myaltlogsrv="$withval"
1978 ;;
1979 esac
1980 ],
1981 [myaltlogsrv="NULL"])
1982AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1983
1984
1985
1986dnl
1987dnl STEALTH OPTIONS
1988dnl
1989nocl_code=
1990xor_code=0
1991AC_ARG_ENABLE(nocl,
1992 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1993 [
1994 if test "x${enableval}" != "x"; then
1995 AC_DEFINE(SH_STEALTH_NOCL)
1996 fi
1997 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
[183]1998 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
[1]1999 fi
2000 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
[183]2001 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
[1]2002 fi
2003 if test "x${enableval}" = "xstatus"; then
[183]2004 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
[1]2005 fi
2006 if test "x${enableval}" = "xno"; then
[183]2007 AC_MSG_ERROR([With --enable-nocl=PW, the use of --enable-nocl=no is ambiguous.])
[1]2008 fi
2009 nocl_code="${enable_nocl}"
2010 ]
2011)
2012AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
2013AC_SUBST(nocl_code)
2014AC_ARG_ENABLE(stealth,
2015 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
2016 [AC_DEFINE(SH_STEALTH)
2017 if test "x${enableval}" != "xyes"; then
2018 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2019 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be numeric.])
[1]2020 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
2021 if test x"${enableval}" = x0
2022 then
2023 :
2024 else
[183]2025 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
[1]2026 fi
2027 fi
2028 xor_code="${enable_stealth}"
2029 else
2030 xor_code=0
2031 fi
2032 stegin_prg="samhain_stealth"
2033 ],
2034 [
2035 stegin_prg=
2036 ]
2037)
2038AC_ARG_ENABLE(micro-stealth,
2039 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
2040 [
2041 AC_DEFINE(SH_STEALTH)
2042 AC_DEFINE(SH_STEALTH_MICRO)
2043 if test "x${enableval}" != "xyes"; then
2044 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2045 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be numeric.])
[1]2046 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
2047 if test x"${enableval}" = x0
2048 then
2049 :
2050 else
[183]2051 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
[1]2052 fi
2053 fi
2054 xor_code="${enable_micro_stealth}"
2055 else
2056 xor_code=0
2057 fi
2058 ]
2059)
2060install_name="samhain"
2061INSTALL_NAME="SAMHAIN"
2062AC_ARG_ENABLE(install-name,
2063 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
2064 [
2065 if test "x${enableval}" != "xyes"; then
2066 install_name="${enableval}"
2067 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
2068 else
2069 install_name="${sh_main_prg}"
2070 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2071 fi
2072 ],
2073 [
2074 install_name="${sh_main_prg}"
2075 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2076 ]
2077)
2078
2079
2080need_user_install=0
2081
2082AC_ARG_ENABLE(identity,
2083 [ --enable-identity=USER user if dropping root [[daemon]]],
2084 [
2085 if test x"$enableval" = xno; then
2086 myident="daemon"
2087 else
2088 myident="$enableval"
2089 fi
2090 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
[183]2091 AC_MSG_ERROR([With --enable-identity=USER, please supply a username, not a UID.])
[1]2092 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2093 grep "^${myident}:" | awk -F: '{ print $3; }'`
2094 if test x"${myident_uid}" = x; then
[183]2095 AC_MSG_WARN([Option --enable-identity used, user ${myident} will be added upon install.])
[1]2096 need_user_install=1
2097 fi
2098 ],
2099 [
2100 for myident in ${install_name} daemon nobody; do
2101 AC_MSG_CHECKING(for user ${myident})
2102 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2103 grep "^${myident}:" | awk -F: '{ print $3; }'`
2104 if test x"${myident_uid}" != x; then
2105 AC_MSG_RESULT(yes)
2106 break;
2107 else
2108 AC_MSG_RESULT(no)
2109 fi
2110 done
2111 if test x"${myident_uid}" = x; then
2112 myident=${install_name}
2113 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
2114 need_user_install=1
2115 fi
2116 ])
2117AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
2118AC_SUBST(myident)
2119AC_SUBST(need_user_install)
2120
2121AC_SUBST(install_name)
2122AC_SUBST(INSTALL_NAME)
2123AC_SUBST(stegin_prg)
2124AC_SUBST(xor_code)
2125
2126AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
2127AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
2128
2129
2130exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
2131exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
2132exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
2133
2134AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
2135AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
2136AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
2137
2138
2139AC_ARG_ENABLE(suidcheck,
2140 [ --enable-suidcheck check for suid/sgid files [[no]]],
2141 [
2142 if test "x${enableval}" = "xyes"; then
2143 AC_DEFINE(SH_USE_SUIDCHK)
2144 fi
2145 ]
2146)
2147
2148
2149AC_ARG_ENABLE(base,
2150 [ --enable-base=B1,B2 base key (0...2147483647)],
2151 [
2152 AC_MSG_CHECKING(base key setting)
2153 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
2154 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
2155 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2156 if test "x${my_key_A}" = x; then
[183]2157 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid first base key (zero length).])
[1]2158 fi
2159 if test "x${my_key_B}" = x; then
[183]2160 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid second base key (zero length).])
[1]2161 fi
2162 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2163 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
[1]2164 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2165 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
[1]2166 ],
2167 [
2168 AC_MSG_CHECKING(base key setting .. collecting entropy)
2169 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
2170 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
2171 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
2172 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
2173 my_key_A=`expr $my_key_1 \* 32767`
2174 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
2175 my_key_A=`expr $my_key_A \+ $my_key_2`
2176 my_key_B=`expr $my_key_3 \* 32767`
2177 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
2178 my_key_B=`expr $my_key_B \+ $my_key_4`
2179 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2180 ]
2181 )
2182AC_SUBST(my_key_A)
2183AC_SUBST(my_key_B)
2184
2185dnl low bytes
2186my_key_1=`expr $my_key_A \% 65536`
2187dnl high bytes
2188my_key_2=`expr $my_key_A \/ 65536`
2189dnl low bytes
2190my_key_3=`expr $my_key_B \% 65536`
2191dnl high bytes
2192my_key_4=`expr $my_key_B \/ 65536`
2193
2194dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
2195
2196dnl touch ./sh_MK.h
2197dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
2198dnl echo "#define SH_MK_H" >> ./sh_MK.h
2199dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
2200dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
2201dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
2202dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
2203dnl echo "#endif" >> ./sh_MK.h
2204AC_SUBST(my_key_1)
2205AC_SUBST(my_key_2)
2206AC_SUBST(my_key_3)
2207AC_SUBST(my_key_4)
2208
2209AC_MSG_CHECKING(key position)
2210pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
2211pos_tf_2=`expr $pos_tf_1 \% 8`
2212pos_tf=`expr $pos_tf_2 + 1`
2213AC_MSG_RESULT(${pos_tf})
2214AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
2215
2216mykeybase=`echo ${my_key_A},${my_key_B}`
2217AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
2218AC_SUBST(mykeybase)
2219
2220
2221dnl
[550]2222dnl Signify/GnuPG options
[1]2223dnl
2224
[550]2225AC_ARG_WITH(signify,
2226 [ --with-signify=PATH use OpenBSD signify to verify database/config [[no]]],
2227 [
2228 if test "x${withval}" != "xno"; then
2229 if test "x${cross_compiling}" = xyes; then
2230 mysignify="${withval}"
2231 else
2232 if test -f "${withval}"; then
2233 mysignify="${withval}"
2234 mychk0=`gpg --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2235 if test "x$?" != "x0"; then
2236 mychktest=no
2237 for sam_pre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2238 if test x"${mychktest}" = xyes
2239 then
2240 :
2241 else
2242 if test -f ${sam_pre}
2243 then
2244 echo "use existing ${sam_pre} for signify checksum"
2245 mychk0=`${sam_pre} -H ${withval} 2>/dev/null`
2246 if test "x$?" != "x0"; then
2247 if test "x${nocl_code}" != "x"; then
2248 mychk0=`echo -H ${withval} | ${sam_pre} ${nocl_code} 2>/dev/null`
2249 if test "x$?" != "x0"; then
2250 :
2251 else
2252 mychk="${mychk0}"
2253 mychktest=yes
2254 fi
2255 fi
2256 else
2257 mychk="${mychk0}"
2258 mychktest=yes
2259 fi
2260 fi
2261 fi
2262 done
2263 if test x${mychktest} = xno; then
2264 AC_MSG_WARN([--with-signify: cannot determine TIGER192 checksum of ${withval}])
2265 echo "-------------------------------------------------------------"
2266 echo " I cannot find an existing GnuPG or samhain binary to use."
2267 echo " You can:"
2268 echo " (a) run make to compile a samhain binary, then repeat"
2269 echo " ./configure and make"
2270 echo " (b) ignore the failure. The checksum of the signify binary"
2271 echo " will not get compiled in, thus allowing an attacker"
2272 echo " to replace signify with a trojan and subverting the"
2273 echo " signature verification of configure and database files."
2274 echo
2275 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
2276 echo "-------------------------------------------------------------"
2277 fi
2278 else
2279 mychk="${mychk0}"
2280 fi
2281 else
2282 AC_MSG_ERROR([--with-signify: cannot find signify PATH=${withval}])
2283 fi
2284 fi
2285 AC_DEFINE([WITH_SIG], 1, [Define if signature checking is supported.])
2286 AC_DEFINE([WITH_SIGNIFY], 1, [Define if using OpenBSD signify for signature checking.])
2287 AC_DEFINE_UNQUOTED([DEFAULT_SIG_PATH], _("${mysignify}"), [Define as path to signing binary])
2288 AC_SUBST(mysignify)
2289 fi
2290 ]
2291)
2292
2293AC_ARG_WITH(pubkey-checksum,
2294 [ --with-pubkey-checksum=CHKSUM compile in TIGER192 checksum of signify public key [[no]]],
2295 [
2296 if test "x${withval}" != "xno"; then
2297 if test "x${withval}" == "xyes"; then
2298 AC_MSG_ERROR([Option --with-pubkey-checksum=CHKSUM: checksum CHKSUM of signify public key not specified.])
2299 else
2300 if test "x${withval}" = "x"; then
2301 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the signify public key not specified.])
2302 fi
2303 fi
2304 AC_DEFINE([HAVE_SIG_KEY_HASH], 1, [Define if signing binary checksum available.])
2305 AC_DEFINE_UNQUOTED([SIG_KEY_HASH], _("${withval}"), [Define as the signify public key checksum.] )
2306 fi
2307 ]
2308)
2309
2310
[1]2311AC_ARG_WITH(gpg,
2312 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
2313 [
[550]2314 if test "x${mysignify}" != "x"; then
2315 AC_MSG_ERROR([--with-gpg: already using --with-signify])
2316 fi
[1]2317 if test "x${withval}" != "xno"; then
2318 if test "x${cross_compiling}" = xyes; then
2319 mygpg="${withval}"
2320 else
2321 if test -f "${withval}"; then
2322 mygpg="${withval}"
2323 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2324 if test "x$?" != "x0"; then
2325 mychktest=no
2326 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2327 if test x"${mychktest}" = xyes
2328 then
2329 :
2330 else
2331 if test -f ${sampre}
2332 then
2333 echo "use existing ${sampre} for gpg checksum"
2334 mychk0=`${sampre} -H ${withval} 2>/dev/null`
2335 if test "x$?" != "x0"; then
[389]2336 if test "x${nocl_code}" != "x"; then
2337 mychk0=`echo -H ${withval} | ${sampre} ${nocl_code} 2>/dev/null`
2338 if test "x$?" != "x0"; then
2339 :
2340 else
2341 mychk="${mychk0}"
2342 mychktest=yes
2343 fi
2344 fi
[1]2345 else
2346 mychk="${mychk0}"
2347 mychktest=yes
2348 fi
2349 fi
2350 fi
2351 done
2352 if test x${mychktest} = xno; then
2353 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
2354 echo "-------------------------------------------------------------"
2355 echo " Your gpg binary does not support the TIGER192 checksum, "
2356 echo " and I cannot find an existing samhain binary to use instead."
2357 echo " You can:"
2358 echo " (a) run make to compile a samhain binary, then repeat"
2359 echo " ./configure and make"
2360 echo " (b) ignore the failure. The checksum of the gpg binary"
2361 echo " will not get compiled in, thus allowing an attacker"
2362 echo " to replace gpg with a trojan and subverting the gpg"
2363 echo " signature verification of configure and database files."
[57]2364 echo
2365 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
[1]2366 echo "-------------------------------------------------------------"
2367 fi
2368 else
2369 mychk="${mychk0}"
2370 fi
2371 else
[191]2372 AC_MSG_ERROR([--with-gpg: cannot find GnuPG PATH=${withval}])
[1]2373 fi
2374 fi
[550]2375 AC_DEFINE([WITH_SIG], 1, [Define if signature checking is supported.])
[1]2376 AC_DEFINE(WITH_GPG)
[550]2377 AC_DEFINE_UNQUOTED([DEFAULT_SIG_PATH], _("${mygpg}"), [Define as path to signing binary])
[1]2378 AC_SUBST(mygpg)
2379 fi
2380 ]
2381)
2382
[481]2383
2384
[191]2385AC_ARG_WITH(keyid,
2386 [ --with-keyid=KEYID specify KeyID (0x...) for GPG/PGP functions [[none]]],
2387 [
2388 if test "x${withval}" != "x"; then
2389 echo "${withval}" | awk '{if((length($0)==10)||(length($0)==18)){exit 2}else{exit 0}}' &&
2390 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2391 echo "${withval}" | grep ['[^0][^x][^0123456789ABCDEFabcdef]'] >/dev/null 2>&1 &&
2392 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2393 mykeyid="$withval"
2394 mykeytag="--default-key"
2395 else
2396 mykeyid=""
2397 mykeytag=""
2398 fi
2399 AC_SUBST(mykeyid)
2400 AC_SUBST(mykeytag)
2401 ]
2402)
2403
[1]2404AC_ARG_WITH(checksum,
[550]2405 [ --with-checksum=CHKSUM compile in checksum of signing binary (e.g. gpg) [[yes]]],
[1]2406 [
2407 if test "x${withval}" != "xno"; then
2408 if test "x${withval}" != "xyes"; then
2409 if test "x${mychk}" != "x"; then
2410 if test "x${mychk}" != "x${withval}"; then
[550]2411 AC_MSG_WARN([--with-checksum: possible signing binary CHKSUM problem])
[1]2412 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
2413 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
2414 fi
2415 fi
2416 mychk="${withval}"
2417 else
2418 if test "x${mychk}" = "x"; then
[550]2419 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the signing binary not specified.])
[1]2420 fi
2421 fi
[550]2422 AC_DEFINE([HAVE_SIG_CHECKSUM], 1, [Define if signing binary checksum available.])
2423 AC_DEFINE_UNQUOTED([SIG_HASH], _("${mychk}"), [Define as the signing binary TIGER192 checksum.] )
2424 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char sigchk[50];"; for (i=1; i <= m; i++) printf "sigchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "sigchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_sig_chksum.h
[1]2425 fi
2426 ],
2427 [
[550]2428 if test "x${mygpg}" != "x" || test "x${mysignify}" != "x"
2429 then
[1]2430 if test "x${mychk}" != "x"; then
[550]2431 AC_DEFINE([HAVE_SIG_CHECKSUM], 1, [Define if signing binary checksum available.])
2432 AC_DEFINE_UNQUOTED([SIG_HASH], _("${mychk}"), [Define as the signing binary TIGER192 checksum.] )
2433 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char sigchk[50];"; for (i=1; i <= m; i++) printf "sigchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "sigchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_sig_chksum.h
[1]2434 fi
2435 fi
2436 ]
2437)
2438
2439AC_ARG_WITH(fp,
2440 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
2441 [
2442 if test "x${withval}" != "xno"; then
2443 if test "x${withval}" != "xyes"; then
2444 withval0=`echo ${withval} | sed 's% %%g'`
2445 echo "${withval0}" | \
2446 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
[183]2447 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, there is an invalid character(s) in FINGERPRINT=${withval0}.])
[1]2448 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
2449 sh_len0=`expr ${sh_len} \- 1`
2450 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
2451 then
2452 myfp="${withval0}"
2453 AC_DEFINE(USE_FINGERPRINT)
2454 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
2455 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
2456 else
[183]2457 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, the length (${sh_len0}) of FINGERPRINT ${withval0} is incorrect.])
[1]2458 fi
2459 else
[183]2460 AC_MSG_ERROR([For option --with-fp=FINGERPRINT, FINGERPRINT=yes is invalid, please specify a valid key fingerprint.])
[1]2461 fi
2462 fi
2463 ])
2464
2465
2466dnl
2467dnl MAIL OPTIONS
2468dnl
2469
2470AC_ARG_WITH(recipient,
2471 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2472 [
2473 withval0=`echo ${withval} | sed 's%,% %g'`
2474 for sh_item in ${withval0}
2475 do
2476 case ${sh_item} in
[18]2477 *@localhost)
2478 ;;
[1]2479 *@*.*)
2480 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2481 if test "x${sh_tmp}" != "x1"
2482 then
[183]2483 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
[1]2484 fi
2485 ;;
2486 *)
[183]2487 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
[1]2488 ;;
2489 esac
2490 done
2491 myrcp="$withval0"
2492 ],
2493 [myrcp="NULL"])
2494AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2495
2496
2497AC_ARG_WITH(sender,
2498 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2499 [
2500 mysender="${withval}"
2501 ],
2502 [
2503 mysender="daemon"
2504 ])
2505AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2506
2507
2508dnl
2509dnl PATHS
2510dnl
2511
2512AC_ARG_WITH(trusted,
2513 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2514 [
2515 sh_tmp_test=no
2516 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2517 for sh_tmp1 in ${sh_tmp}
2518 do
2519 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2520 AC_MSG_ERROR([Option --with-trusted=UID used with non-numeric UID in ${withval}.])
[1]2521 if test "x${sh_tmp1}" = "x0"
2522 then
2523 sh_tmp_test=yes
2524 fi
2525 done
2526 if test "x${sh_tmp_test}" = "xno"
2527 then
2528 withval="0,${withval}"
2529 fi
2530 mytrust="${withval}"
2531 ],
2532 [mytrust="0"] )
2533AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2534AC_SUBST(mytrust)
2535
[302]2536mytmpdir=
2537
[1]2538AC_ARG_WITH(tmp-dir,
2539 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2540 [
2541 if test "x${cross_compiling}" = xyes; then
[302]2542 mytmpdir="$withval"
2543 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
[1]2544 else
2545 if test -d "${withval}"; then
[302]2546 mytmpdir="$withval"
2547 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
[1]2548 else
[302]2549 mytmpdir="$withval"
2550 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
[169]2551 AC_MSG_WARN([--with-tmp-dir: tmp directory ${withval} does not exist])
[1]2552 fi
2553 fi
2554 ]
2555)
2556
[302]2557AC_SUBST(mytmpdir)
2558
2559
[1]2560dnl
2561dnl PATH DEFAULTS
2562dnl
2563
2564if test "x${ac_prefix_set}" = xyes
2565then
2566 if test "x${exec_prefix}" = xNONE
2567 then
2568 exec_prefix="${prefix}"
2569 fi
2570
2571 if test "x${prefix}" = xOPT
2572 then
2573 tmp_sbindir="/opt/${install_name}/bin"
2574 tmp_sysconfdir="/etc/opt"
2575 tmp_mandir="/opt/${install_name}/man"
2576 tmp_localstatedir="/var/opt/${install_name}"
2577 elif test "x${prefix}" = xUSR
2578 then
2579 tmp_sbindir="/usr/sbin"
2580 tmp_sysconfdir="/etc"
2581 tmp_mandir="/usr/share/man"
2582 tmp_localstatedir="/var"
2583 else
2584 tmp_sbindir=`eval echo ${sbindir}`
2585 tmp_sysconfdir=`eval echo ${sysconfdir}`
2586 tmp_mandir=`eval echo ${mandir}`
2587 tmp_localstatedir=`eval echo ${localstatedir}`
2588 fi
2589else
2590 prefix=""
2591 if test "x${ac_exec_prefix_set}" = xyes
2592 then
2593 tmp_sbindir=`eval echo ${sbindir}`
2594 else
2595 tmp_sbindir="/usr/local/sbin"
2596 fi
2597 tmp_sysconfdir="/etc"
2598 # share/man -> man (FHS) 11.10.2002
2599 tmp_mandir="/usr/local/man"
2600 tmp_localstatedir="/var"
2601fi
2602
2603
2604if test "x${ac_sbindir_set}" = xyes
2605then
2606 :
2607else
2608 sbindir=`eval echo ${tmp_sbindir}`
2609fi
2610
2611
2612if test "x${ac_sysconfdir_set}" = xyes
2613then
2614 :
2615else
2616 sysconfdir=`eval echo ${tmp_sysconfdir}`
2617fi
2618
2619if test "x${ac_mandir_set}" = xyes
2620then
2621 :
2622else
2623 mandir=`eval echo ${tmp_mandir}`
2624fi
2625
2626if test "x${ac_localstatedir_set}" = xyes
2627then
2628 :
2629else
2630 localstatedir=`eval echo ${tmp_localstatedir}`
2631fi
2632
2633
2634
2635AC_ARG_WITH(config-file,
2636 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2637 [
2638 myconffile="${withval}"
2639 changequote(<<, >>)dnl
2640 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2641 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2642 myrpmconffile="${tmp}"
2643 changequote([, ])dnl
2644 ],
2645 [
2646 myconffile="${sysconfdir}/${install_name}rc"
2647 myrpmconffile="${myconffile}"
2648 ]
2649)
2650AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2651AC_SUBST(myconffile)
2652AC_SUBST(myrpmconffile)
2653
2654AC_ARG_WITH(log-file,
2655 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2656 [
2657 mylogfile="$withval"
2658 changequote(<<, >>)dnl
2659 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2660 changequote([, ])dnl
2661 ],
2662 [
2663 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2664 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2665 mylogdir="${localstatedir}/log/${install_name}"
2666 else
2667 mylogfile="${localstatedir}/log/${install_name}_log"
2668 mylogdir="${localstatedir}/log"
2669 fi
2670 ]
2671)
2672AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2673AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2674AC_SUBST(mylogfile)
2675AC_SUBST(mylogdir)
2676
2677AC_ARG_WITH(pid-file,
2678 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2679 [
2680 mylockfile="$withval"
2681 changequote(<<, >>)dnl
2682 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2683 changequote([, ])dnl
2684 ],
2685 [
[435]2686 if test -h /var/run && test -d /run; then
2687 mylockfile="/run/${install_name}.pid"
2688 mylockdir="/run"
2689 else
2690 mylockfile="${localstatedir}/run/${install_name}.pid"
2691 mylockdir="${localstatedir}/run"
2692 fi
[1]2693 ]
2694)
2695AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2696AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2697AC_SUBST(mylockfile)
2698AC_SUBST(mylockdir)
2699
2700AC_ARG_WITH(state-dir,
2701 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2702 [
2703 mydataroot="$withval"
2704 ],
2705 [
2706 mydataroot="${localstatedir}/lib/${install_name}"
2707 ]
2708 )
2709AC_ARG_WITH(data-file,
2710 [ --with-data-file=FILE set path of data file],
2711 [
2712 mydatafile="$withval"
2713 changequote(<<, >>)dnl
2714 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2715 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2716 myrpmdatafile="${tmp}"
2717 changequote([, ])dnl
2718 if test x"${tmp}" = x
2719 then
2720 echo "No local path in data file ${withval}"
2721 echo "This will not work for initializing the database."
2722 if test x"${withval}" = xREQ_FROM_SERVER
2723 then
2724 echo "It should be REQ_FROM_SERVER/some/local/path"
2725 fi
[183]2726 AC_MSG_ERROR([Option --with-data-file=FILE used with invalid path ${withval}.])
[1]2727 fi
2728 ],
2729 [
2730 mydatafile="${mydataroot}/${install_name}_file"
2731 myrpmdatafile="${mydatafile}"
2732 ])
2733AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2734AC_SUBST(mydatafile)
2735AC_SUBST(myrpmdatafile)
2736
2737AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2738AC_SUBST(mydataroot)
2739
2740AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2741AC_SUBST(myqdir)
2742
2743
2744AC_ARG_WITH(html-file,
2745 [ --with-html-file=FILE set path of html file,],
2746 [
2747 myhtmlfile="$withval"
2748 ],
2749 [
2750 myhtmlfile="${mylogdir}/${install_name}.html"
2751 ])
2752AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2753AC_SUBST(myhtmlfile)
2754
2755
2756mydefargs=$ac_configure_args
2757# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2758# then
2759# mydefargs="--enable-static $mydefargs"
2760# fi
2761if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2762then
2763 mydefargs="--enable-base=${mykeybase} $mydefargs"
2764fi
2765AC_SUBST(mydefargs)
2766
2767
2768AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2769AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2770AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2771
2772AC_CONFIG_HEADER(config.h)
2773
2774AC_OUTPUT(
2775[
2776Makefile
2777samhain-install.sh
2778init/samhain.startLSB
2779init/samhain.startLinux
[548]2780init/samhain.startSystemd
[1]2781init/samhain.startGentoo
2782init/samhain.startFreeBSD
2783init/samhain.startSolaris
2784init/samhain.startHPUX
2785init/samhain.startIRIX
[71]2786init/samhain.startMACOSX
[1]2787samhain.spec
2788rules.deb
2789rules.deb-light
2790hp_ux.psf
[412]2791scripts/logrotate
[1]2792scripts/samhain.spec
2793scripts/redhat_i386.client.spec
2794scripts/samhain.ebuild
2795scripts/samhain.ebuild-light
[550]2796scripts/samhainadmin-gpg.pl
2797scripts/samhainadmin-sig.pl
[121]2798scripts/yuleadmin.pl
[1]2799scripts/check_samhain.pl
2800deploy.sh
2801],
2802[
2803echo timestamp > stamp-h
2804chmod +x samhain-install.sh
[550]2805chmod +x scripts/samhainadmin-gpg.pl
2806chmod +x scripts/samhainadmin-sig.pl
[121]2807chmod +x scripts/yuleadmin.pl
[1]2808chmod +x scripts/check_samhain.pl
2809]
2810)
2811
2812chmod +x deploy.sh
2813
[550]2814if test "x${mysignify}" != x
2815then
2816 cp -a scripts/samhainadmin-sig.pl scripts/samhainadmin.pl
2817fi
2818if test "x${mygpg}" != x
2819then
2820 cp -a scripts/samhainadmin-gpg.pl scripts/samhainadmin.pl
2821fi
2822
2823
[1]2824if test "x${cross_compiling}" = xyes
2825then
2826
2827echo "--------------------------------------------------------------"
2828echo
2829echo "You are using a cross-compiler. The following system dependent"
2830echo "values may have been set to default values that may be"
2831echo "incorrect for your target system: "
2832echo
2833echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2834echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2835echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2836echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
[97]2837echo "ac_cv_sizeof_unsigned_int size of unsigned int ${ac_cv_sizeof_unsigned_int}"
[1]2838echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2839echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2840echo
2841echo "If these values are incorrect, change them in the file "
2842echo "config.cache and run configure again."
2843echo
2844echo "--------------------------------------------------------------"
2845
2846fi
2847
2848if test x${silent} != xyes
2849then
2850
2851 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2852 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2853 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2854 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2855 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2856 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2857
2858 echo
2859 echo " samhain has been configured as follows:"
2860 echo " System binaries: ${sbindir}"
2861 echo " Configuration file: ${myconffile}"
2862 echo " Manual pages: ${mandir}"
[481]2863 echo " Data directory: ${mydataroot}"
2864 echo " Database file: ${mydatafile}"
[1]2865 echo " PID file: ${mylockfile}"
2866 echo " Log file: ${mylogfile}"
2867 echo " Base key: ${mykeybase}"
[191]2868 if test x"$mykeyid" != x
2869 then
2870 echo " target GPG/PGP key: ${mykeyid}"
2871 fi
[1]2872 echo
2873 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2874 then
2875 echo " Selected rc file: yulerc"
2876 else
2877 echo " Selected rc file: samhainrc.${selectconfig}"
2878 fi
2879
2880fi
2881
Note: See TracBrowser for help on using the repository browser.