source: trunk/configure.ac@ 582

Last change on this file since 582 was 581, checked in by katerina, 2 months ago

Fix for ticket #469 (regression in log monitoring code).

File size: 79.3 KB
RevLine 
[43]1dnl We want to override the standard _AC_INIT_PARSE_ARGS
[1]2dnl
[43]3AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
4AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
[1]5
[43]6AC_INIT(src/samhain.c)
7
8
[46]9AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
[1]10
11dnl
12dnl start
13dnl
[581]14AM_INIT_AUTOMAKE(samhain, 4.5.1)
[171]15AC_DEFINE([SAMHAIN], 1, [Application is samhain])
[1]16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
[98]23if test "$host" != "$build"; then
24 AC_CHECK_PROGS(BUILD_CC, gcc cc)
25else
26 BUILD_CC=$CC
27fi
[1]28AC_PROG_CPP
29AC_PROG_INSTALL
30AC_PROG_LN_S
31AC_PROG_AWK
[171]32SH_PROG_LD
[1]33AC_PATH_PROG(cmd_hostname,hostname)
34AC_SUBST(cmd_hostname)
[98]35AC_SUBST(BUILD_CC)
[1]36
[440]37if test "x$GCC" = "xyes"; then
38 SH_GCC_VERSION
39fi
40
[572]41if test "x${gcc_VERSION_MAJOR}" != "x"
42then
43 AC_MSG_CHECKING([for gcc compiler issues])
44 if test ${gcc_VERSION_MAJOR} -ge 11
45 then
46 dnmalloc_ok=no
47 AC_MSG_RESULT([dnmalloc does not work with gcc 11])
48 else
49 dnmalloc_ok=yes
50 AC_MSG_RESULT([ok])
51 fi
52else
53 dnmalloc_ok=yes
54fi
55
56
[1]57AC_HEADER_STDC
58
[481]59AC_CHECK_HEADERS([sys/ipc.h sys/sem.h sys/msg.h sys/uio.h fcntl.h])
[1]60
[481]61
[203]62AC_MSG_CHECKING([for OS specific issues])
[1]63mydebugflag=no
64myneedg3=no
65uid_cast="signed long"
66selectconfig=linux
67mynetbsd=no
68sh_use_lcaps="undef"
[203]69sh_use_pie=yes
[447]70enable_asm_ok=yes
[1]71
72case "$host_os" in
73
74 *linux*)
75 sh_use_lcaps="yes"
76 AC_DEFINE(HOST_IS_LINUX)
77 AC_DEFINE(HAVE_EXT2_IOCTLS)
[221]78 AC_MSG_RESULT([use ioctl to get e2fs flags])
[1]79 case "$host_cpu" in
80 i*86*)
81 AC_DEFINE(HOST_IS_I86LINUX)
82 ;;
[279]83 x86_64)
84 AC_DEFINE([HOST_IS_64LINUX], 1, [Define if host OS is 64bit Linux])
85 ;;
[1]86 *)
87 ;;
88 esac
[531]89 LDFLAGS="${LDFLAGS} -Wl,--as-needed"
90 ;;
[1]91
92 *osf*)
93 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
94 if test "x$GCC" != "xyes"; then
95 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
96 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
97 myneedg3=yes
[221]98 AC_MSG_RESULT([compiler needs assume noaligned_objects])
[1]99 else
[221]100 AC_MSG_RESULT([none])
[1]101 fi
102 ;;
103
104 *cygwin*)
105 AC_DEFINE(HOST_IS_CYGWIN)
[294]106 AC_DEFINE([USE_REGISTRY_CHECK], 1, [Define for registry check])
[192]107 dnmalloc_ok=no
[447]108 enable_asm_ok=no
109 AC_MSG_RESULT([no trusted paths, no dnmalloc. no asm optimize])
[1]110 ;;
111
[378]112 *darwin*|*apple*)
[1]113 AC_DEFINE(HOST_IS_DARWIN)
[221]114 dnmalloc_ok=no
115 AC_MSG_RESULT([check resource forks, no dnmalloc])
[1]116 ;;
117
[384]118 *freebsd8*|*freebsd9*)
119 AC_DEFINE(HOST_IS_FREEBSD)
120 selectconfig=freebsd
121 case "$host_cpu" in
122 amd64|x86_64)
123 dnmalloc_ok=no
124 AC_MSG_RESULT([no dnmalloc])
125 ;;
126 *)
127 AC_MSG_RESULT([none])
128 ;;
129 esac
130 ;;
131
[203]132 *freebsd7*)
133 AC_DEFINE(HOST_IS_FREEBSD)
134 selectconfig=freebsd
135 case "$host_cpu" in
[384]136 amd64|x86_64)
[203]137 sh_use_pie=no
138 dnmalloc_ok=no
139 AC_MSG_RESULT([no dnmalloc and broken compiler toolchain])
140 ;;
141 *)
[221]142 AC_MSG_RESULT([none])
[203]143 ;;
144 esac
145 ;;
146
[1]147 *freebsd*)
148 AC_DEFINE(HOST_IS_FREEBSD)
149 selectconfig=freebsd
[221]150 AC_MSG_RESULT([none])
[1]151 ;;
152
153 *openbsd*)
[169]154 AC_DEFINE([HOST_IS_OPENBSD], 1, [Define if host OS is OPENBSD])
[1]155 selectconfig=freebsd
[171]156 dnmalloc_ok=no
[221]157 AC_MSG_RESULT([dnmalloc does not work with pthreads])
[1]158 ;;
159
160 *netbsd*)
161 mynetbsd=yes
[57]162 selectconfig=netbsd
[221]163 AC_MSG_RESULT([bug with libresolve])
[1]164 ;;
165
166 *solaris*)
167 selectconfig=solaris
168 AC_DEFINE(HOST_IS_SOLARIS)
169 case "$host_cpu" in
170 i*86)
171 AC_DEFINE(HOST_IS_I86SOLARIS)
[221]172 AC_MSG_RESULT([vsnprintf prototype])
[1]173 ;;
174 *)
[221]175 AC_MSG_RESULT([none])
[1]176 ;;
177 esac
178 if test "x$GCC" != "xyes"; then
179 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
180 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
181 fi
182 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
183 CFLAGS="$CFLAGS -xO2"
184 fi
185 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
186 CFLAGS="$CFLAGS -Xa"
187 fi
188 LIBS="-lc $LIBS"
189 fi
190 ;;
191
192
193 *sun*)
194 selectconfig=solaris
195 AC_DEFINE(HOST_IS_SOLARIS)
[221]196 AC_MSG_RESULT([none])
[1]197 ;;
198
199 *aix*)
200 AC_DEFINE(HOST_IS_AIX)
201 selectconfig=aix5.2.0
202 uid_cast="unsigned long"
203 if test "x$GCC" != "xyes"; then
204 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
205 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
206 fi
207 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
208 CFLAGS="$CFLAGS -O3"
209 fi
210 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
211 CFLAGS="$CFLAGS -qstrict"
212 fi
[221]213 AC_MSG_RESULT([AIX size_t in the accept call and optimize O3 qstrict])
[1]214 else
[221]215 AC_MSG_RESULT([AIX size_t in the accept call])
[1]216 fi
217 ;;
218
219 *hpux*)
[221]220 AC_MSG_RESULT([HPUX need _XOPEN_SOURCE_EXTENDED for h_errno])
[1]221 AC_DEFINE(HOST_IS_HPUX)
222 if test "x$GCC" != "xyes"; then
223 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
224 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
225 fi
[158]226 if test -z "`echo "$CFLAGS" | grep "\+O2" 2> /dev/null`"; then
227 CFLAGS="$CFLAGS +O2"
[1]228 fi
229 fi
230 ;;
231
232 *ultrix*)
[221]233 AC_MSG_RESULT([ULTRIX getcwd uses popen])
[1]234 AC_DEFINE(HAVE_BROKEN_GETCWD)
235 ;;
236
237 *)
[221]238 AC_MSG_RESULT([none])
[1]239 ;;
240esac
241
242AC_SUBST(selectconfig)
243AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
244
245
[202]246
[1]247dnl *****************************************
248dnl
249dnl checks for header files
250dnl
251dnl *****************************************
252
253AC_HEADER_DIRENT
254AC_HEADER_MAJOR
255AC_HEADER_TIME
256dnl used in minilzo.c
257AC_HEADER_STAT
258AC_DECL_SYS_SIGLIST
259
[171]260AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
[534]261 sys/mman.h sys/param.h sys/inotify.h sys/sysmacros.h \
[61]262 sys/vfs.h mntent.h \
[511]263 sys/select.h sys/socket.h netinet/in.h ifaddrs.h \
[371]264 regex.h glob.h fnmatch.h \
[162]265 linux/ext2_fs.h linux/fs.h ext2fs/ext2_fs.h asm/segment.h \
[294]266 elf.h linux/elf.h auparse.h \
[68]267 paths.h arpa/nameser.h arpa/nameser_compat.h \
[290]268 rpc/rpcent.h rpc/rpc.h sys/statvfs.h,
[1]269 [],
270 [],
271 [#include <sys/types.h>]
272)
273
274
275AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
276if test "x$sh_utmpx" = "xyes"; then
[420]277 AC_DEFINE(HAVE_UTMPX_H)
278 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
279 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
280 AC_EGREP_HEADER(ut_addr_v6, utmpx.h, AC_DEFINE(HAVE_UTADDR_V6) )
281 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
282 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
[1]283else
[420]284 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
[1]285 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
286 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
287fi
288
[183]289dnl
290dnl figure out where acct.h lives
291dnl and whether fields are int/comp_t
292dnl
293dnl GNU Accounting Utilities
294dnl Copyright (C) 1993, 1996, 1997, 2003, 2005 Free Software Foundation, Inc.
295dnl The GNU Accounting Utilities are free software; you can redistribute
296dnl them and/or modify them under the terms of the GNU General Public
297dnl License as published by the Free Software Foundation; either version
298dnl 2, or (at your option) any later version.
299dnl
300AC_CHECK_HEADER(sys/acct.h,
301 AC_DEFINE(HAVE_SYS_ACCT_H, ,
302 [Define if you have the <sys/acct.h> header file.])
303 AC_HEADER_EGREP(ac_utime, sys/acct.h,
304 AC_DEFINE(HAVE_ACUTIME, ,
305 [Define if <sys/acct.h> has the AC_UTIME field.])
306 AC_HEADER_EGREP(comp_t.*ac_utime, sys/acct.h,
307 AC_DEFINE(ACUTIME_COMPT, ,
308 [Define if <sys/acct.h>'s AC_UTIME field is a COMP_T.]))
309 )
310 AC_HEADER_EGREP(ac_stime, sys/acct.h,
311 AC_DEFINE(HAVE_ACSTIME, ,
312 [Define if <sys/acct.h> has the AC_STIME field.])
313 AC_HEADER_EGREP(comp_t.*ac_stime, sys/acct.h,
314 AC_DEFINE(ACSTIME_COMPT, ,
315 [Define if <sys/acct.h>'s AC_STIME field is a COMP_T.]))
316 )
317 AC_HEADER_EGREP(ac_etime, sys/acct.h,
318 AC_DEFINE(HAVE_ACETIME, ,
319 [Define if <sys/acct.h> has the AC_ETIME field.])
320 AC_HEADER_EGREP(comp_t.*ac_etime, sys/acct.h,
321 AC_DEFINE(ACETIME_COMPT, ,
322 [Define if <sys/acct.h>'s AC_ETIME field is a COMP_T.]))
323 )
324 AC_HEADER_EGREP(ac_io, sys/acct.h,
325 AC_DEFINE(HAVE_ACIO, ,
326 [Define if <sys/acct.h> has the AC_IO field.])
327 AC_HEADER_EGREP(comp_t.*ac_io, sys/acct.h,
328 AC_DEFINE(ACIO_COMPT, ,
329 [Define if <sys/acct.h>'s AC_IO field is a COMP_T.]))
330 )
331 AC_HEADER_EGREP(ac_mem, sys/acct.h,
332 AC_DEFINE(HAVE_ACMEM, ,
333 [Define if <sys/acct.h> has the AC_MEM field.])
334 AC_HEADER_EGREP(comp_t.*ac_mem, sys/acct.h,
335 AC_DEFINE(ACMEM_COMPT, ,
336 [Define if <sys/acct.h>'s AC_MEM field is a COMP_T.]))
337 )
338 AC_HEADER_EGREP(ac_minflt, sys/acct.h,
339 AC_HEADER_EGREP(ac_majflt, sys/acct.h,
340 AC_HEADER_EGREP(ac_swaps, sys/acct.h,
341 AC_DEFINE(HAVE_PAGING, ,
342 [Define if <sys/acct.h> has the AC_MINFLT, AC_MAJFLT and AC_SWAPS fields.])
343 AC_HEADER_EGREP(comp_t.*ac_minflt, sys/acct.h,
344 AC_DEFINE(ACMINFLT_COMPT, ,
345 [Define if <sys/acct.h>'s AC_MINFLT field is a COMP_T.]))
346 AC_HEADER_EGREP(comp_t.*ac_mayflt, sys/acct.h,
347 AC_DEFINE(ACMAJFLT_COMPT, ,
348 [Define if <sys/acct.h>'s AC_MAJFLT field is a COMP_T.]))
349 AC_HEADER_EGREP(comp_t.*ac_swaps, sys/acct.h,
350 AC_DEFINE(ACSWAPS_COMPT, ,
351 [Define if <sys/acct.h>'s AC_SWAPS field is a COMP_T.]))
352 )
353 )
354 )
355 AC_HEADER_EGREP(comp_t, sys/acct.h, AC_DEFINE(HAVE_COMP_T, ,
356 [Define if <sys/acct.h> uses the COMP_T type.]))
[203]357 AC_HEADER_EGREP([struct acct_v3], sys/acct.h, AC_DEFINE(HAVE_ACCT_V3, ,
358 [Define if <sys/acct.h> has struct acct_v3.]))
[384]359 AC_HEADER_EGREP([struct acctv2], sys/acct.h, AC_DEFINE(HAVE_ACCTV2, ,
360 [Define if <sys/acct.h> has struct acctv2.]))
361
[183]362 )
363
364
[1]365dnl need to check because AIX 4.2 does not have it
366dnl
367AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
368#ifdef HAVE_SYS_TYPES_H
369#include <sys/types.h>
370#endif
371#ifdef HAVE_SYS_STAT_H
372#include <sys/stat.h>
373#endif
374#ifdef HAVE_SYS_VFS_H
375#include <sys/vfs.h>
376#endif
377#ifdef HAVE_UNISTD_H
378#include <unistd.h>
379#endif
380])
381
382AC_SYS_LARGEFILE
383
384dnl
385dnl check whether _POSIX_SOURCE is required
386dnl
387SAMHAIN_POSIX
388
389
390dnl *****************************************
391dnl
392dnl Checks for library functions.
393dnl
394dnl *****************************************
395AC_FUNC_STRFTIME
[491]396AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent fpurge \
[544]397 explicit_memset explicit_bzero \
[1]398 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
399 seteuid setreuid setresuid lstat getwd getcwd ptrace \
400 usleep setpriority getpeereid nanosleep \
[61]401 strptime basename sched_yield hasmntopt \
[1]402 inet_aton gethostbyname setutent setrlimit gethostname uname \
[572]403 initgroups getpagesize getutxent \
[205]404 ttyname fchmod writev mmap tzset \
[131]405 getsid getpriority getpgid statvfs \
[171]406 strerror_r getgrgid_r getpwnam_r getpwuid_r \
[196]407 gmtime_r localtime_r rand_r readdir_r strtok_r \
[564]408 mincore posix_fadvise inotify_init1 scandir
[1]409)
410AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
[481]411SL_CHECK_VA_COPY
[1]412AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
413AC_CHECK_MLOCK
[238]414SH_STRFTIME_Z
[1]415
416AC_MSG_CHECKING(how to get filesystem type)
417fstype=no
418# The order of these tests is important.
419AC_TRY_CPP([#include <sys/statvfs.h>
420#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
421if test $fstype = no; then
422AC_TRY_CPP([#include <sys/statfs.h>
423#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
424fi
425if test $fstype = no; then
426AC_TRY_CPP([#include <sys/statfs.h>
427#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
428fi
429if test $fstype = no; then
430AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
431fi
432if test $fstype = no; then
433AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
434fi
435if test $fstype = no; then
436AC_TRY_CPP([#include <sys/mount.h>
437#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
438fi
439AC_MSG_RESULT($fstype)
440
441sh_libsocket=
442
443dnl Solaris needs -lsocket and -lnsl. Unisys system includes
444dnl gethostbyname in libsocket but needs libnsl for socket.
445AC_CHECK_LIB(nsl, gethostbyname)
446AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
447if test x$ac_need_libsocket = x1; then
448 LIBS="$LIBS -lsocket"
449 sh_libsocket="-lsocket"
450fi
451if test x$ac_try_nsl = x1; then
452 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
453 if test x$ac_need_libnsl = x1
454 then
455 LIBS="$LIBS -lnsl"
456 fi
457fi
458AC_SUBST(sh_libsocket)
459
460AC_CHECK_LIB(socket, res_search, [
461 AC_CHECK_LIB(resolv, dn_skipname)
462 AC_CHECK_LIB(resolv, __dn_skipname)
463 if test x$ac_need_libsocket = x1; then
464 :
465 else
466 LIBS="$LIBS -lsocket"
467 fi
468 ], [
469 AC_CHECK_LIB(resolv, res_search, [
470 LIBS="$LIBS -lresolv"
471 ], [
472 AC_CHECK_LIB(resolv, dn_skipname)
473 AC_CHECK_LIB(resolv, __dn_skipname)
474 ])
475 ])
476
[471]477AC_CHECK_FUNCS( getnameinfo getaddrinfo )
478
479
[294]480sh_auparse=no
481
482if test "x$ac_cv_header_auparse_h" = "xyes"
483then
484 AC_CHECK_LIB(auparse, auparse_find_field, [
485 LIBS="$LIBS -lauparse"
486 sh_auparse=yes
487 AC_DEFINE(HAVE_AUPARSE_LIB, 1, [Define if you have the auparse lib])
488 ])
489fi
490
[1]491dnl arguments for accept
492
493dnl check for Unix98 socklen_t (found on
494dnl xemacs-patches mailing list, written
495dnl by Martin Buchholz)
496dnl
497dnl On Darwin(MacOSX) socklen_t needs to be
498dnl an int (see accept man page), on all other
499dnl unix systems we need a size_t.
500
501AC_MSG_CHECKING(for socklen_t)
502AC_TRY_COMPILE([
503#ifdef HAVE_SYS_TYPES_H
504#include <sys/types.h>
505#endif
506#ifdef HAVE_SYS_SOCKET_H
507#include <sys/socket.h>
508#endif
509 socklen_t x;
510], [],[
511 AC_MSG_RESULT(yes)
512 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
[46]513 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
[1]514],[
515 AC_TRY_COMPILE([
516#ifdef HAVE_SYS_TYPES_H
517#include <sys/types.h>
518#endif
519#ifdef HAVE_SYS_SOCKET_H
520#include <sys/socket.h>
521#endif
522 int accept (int, struct sockaddr *, size_t *);
523 ],[],[
524 AC_MSG_RESULT(size_t)
525 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
526 ], [
527 AC_MSG_RESULT(int)
528 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
529 ]
530 )
531])
532
[68]533dnl *****************************************
534dnl checks for extended attribute or ACL
535dnl support
536dnl *****************************************
[1]537
[499]538AC_ARG_ENABLE([selinux],
539 [AS_HELP_STRING([--enable-selinux], [support checking selinux attributes])],
540 [],
541 [enable_selinux=check])
542if test "x$enable_selinux" != xno; then
543 sh_CHECK_XATTR
544fi
[68]545
[499]546AC_ARG_ENABLE([posix-acl],
547 [AS_HELP_STRING([--enable-posix-acl], [support checking posix acls])],
548 [],
549 [enable_posix_acl=check])
550if test "x$enable_posix_acl" != xno; then
551 sh_CHECK_POSIX_ACL
552fi
553
[1]554dnl *****************************************
555dnl checks for typedefs
556dnl *****************************************
557
558AC_C_LONG_DOUBLE
559SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
[265]560SH_CHECK_TYPEDEF(uint16_t, HAVE_UINT16_T)
[481]561SH_CHECK_TYPEDEF(uint32_t, HAVE_UINT32_T)
[156]562SH_CHECK_TYPEDEF(uint64_t, HAVE_UINT64_T)
[1]563if test "$sh_HAVE_LONG_LONG" = "yes"; then
564 AC_CHECK_SIZEOF(unsigned long long, 4)
[76]565 sh_sizeof_unsigned_long_long=`echo "$ac_cv_sizeof_unsigned_long_long" | sed 's%[^0-9]%%g'`
566 if test "$sh_sizeof_unsigned_long_long" = "8"; then
[1]567 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
568 fi
569fi
570
571AC_CHECK_TYPE(ptrdiff_t, long)
572AC_TYPE_SIZE_T
573AC_CHECK_SIZEOF(char *, 4)
574AC_CHECK_SIZEOF(size_t, 4)
575
576AC_CHECK_SIZEOF(unsigned long, 4)
[76]577AC_CHECK_SIZEOF(unsigned int, 4)
[1]578AC_CHECK_SIZEOF(unsigned short, 2)
579
580
[76]581sh_sizeof_unsigned_long=`echo "$ac_cv_sizeof_unsigned_long" | sed 's%[^0-9]%%g'`
582if test "$sh_sizeof_unsigned_long" = "4"; then
[1]583 AC_DEFINE(HAVE_LONG_32)
584fi
[76]585if test "$sh_sizeof_unsigned_long" = "8"; then
[1]586 AC_DEFINE(HAVE_LONG_64)
587fi
[76]588sh_sizeof_unsigned_int=`echo "$ac_cv_sizeof_unsigned_int" | sed 's%[^0-9]%%g'`
589if test "$sh_sizeof_unsigned_int" = "4"; then
[1]590 AC_DEFINE(HAVE_INT_32)
591fi
[76]592sh_sizeof_unsigned_short=`echo "$ac_cv_sizeof_unsigned_short" | sed 's%[^0-9]%%g'`
593if test "$sh_sizeof_unsigned_short" = "4"; then
[1]594 AC_DEFINE(HAVE_SHORT_32)
595fi
596
[18]597dnl
598dnl check for 64 bit programming environment
599dnl
600SAMHAIN_64
601
602
[1]603dnl *****************************************
604dnl checks for structures
605dnl *****************************************
606
607AC_STRUCT_TM
608
609dnl
610dnl from e2fsprogs
611dnl
612AC_MSG_CHECKING(whether struct stat has a st_flags field)
613AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
614 AC_TRY_COMPILE([#include <sys/stat.h>],
615 [struct stat stat; stat.st_flags = 0;],
616 [e2fsprogs_cv_struct_st_flags=yes],
617 [e2fsprogs_cv_struct_st_flags=no]))
618AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
619if test "$e2fsprogs_cv_struct_st_flags" = yes; then
620 AC_MSG_CHECKING(whether st_flags field is useful)
621 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
622 AC_TRY_COMPILE([#include <sys/stat.h>],
623 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
624 [e2fsprogs_cv_struct_st_flags_immut=yes],
625 [e2fsprogs_cv_struct_st_flags_immut=no]))
626 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
627 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
628 AC_DEFINE(HAVE_STAT_FLAGS)
629 fi
630fi
631
632dnl
633dnl from dbus
634dnl
635AC_MSG_CHECKING(for struct cmsgcred)
636AC_TRY_COMPILE([
637#include <sys/types.h>
638#include <sys/socket.h>
639],[
640struct cmsgcred cred;
641
642cred.cmcred_pid = 0;
643],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
644AC_MSG_RESULT($sh_have_struct_cmsgcred)
645
646if test x$sh_have_struct_cmsgcred = xyes; then
647 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
648fi
649
650AC_MSG_CHECKING(for struct fcred)
651AC_TRY_COMPILE([
652#include <sys/param.h>
653#include <sys/socket.h>
654#include <sys/ucred.h>
655],[
656struct fcred sockcred;
657],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
658AC_MSG_RESULT($sh_have_struct_fcred)
659
660if test x$sh_have_struct_fcred = xyes; then
661 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
662fi
663
664AC_MSG_CHECKING(for struct sockcred)
665AC_TRY_COMPILE([
666#include <sys/param.h>
667#include <sys/socket.h>
668#include <sys/ucred.h>
669],[
670struct sockcred sockcred;
671],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
672AC_MSG_RESULT($sh_have_struct_sockcred)
673
674if test x$sh_have_struct_sockcred = xyes; then
675 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
676fi
677
678AC_MSG_CHECKING(for SO_PEERCRED)
679AC_TRY_COMPILE([
680#include <sys/types.h>
681#include <sys/socket.h>
682],[
683int test = SO_PEERCRED;
684],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
685AC_MSG_RESULT($sh_have_SO_PEERCRED)
686
687if test x$sh_have_SO_PEERCRED = xyes; then
688 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
689fi
690
[522]691AC_MSG_CHECKING(for union semun)
692AC_TRY_COMPILE([#include <sys/types.h>
693#include <sys/ipc.h>
694#include <sys/sem.h>],[union semun foo;], [sh_have_semun=yes], [sh_have_semun=no])
695AC_MSG_RESULT($sh_have_semun)
696if test x$sh_have_semun = xyes
697then
698 AC_DEFINE(HAVE_UNION_SEMUN, 1, [union semun already defined in sys/ipc.h or sys/sem.h])
699fi
[1]700
701dnl *****************************************
702dnl checks for compiler characteristics
703dnl *****************************************
704AC_C_INLINE
705AC_C_CONST
706AC_C_BIGENDIAN
[76]707AC_C_RESTRICT
[1]708
709AM_SA_SIGACTION_WORKS
710
[255]711AC_ARG_ENABLE(ssp,
712 [ --disable-ssp disable the GCC stack protector],
713 [],
714 [enable_ssp=yes;]
715)
716
[203]717if test "x$GCC" = "xyes"; then
[255]718
719 if test x"${enable_ssp}" = xno; then
720 :
721 else
722 GCC_STACK_PROTECT_LIB
723 GCC_STACK_PROTECT_CC
[544]724 GCC_STACK_CHECK_CC
725 GCC_PIE_CC
726 GCC_FLAG_CHECK([-fexceptions])
727 GCC_FLAG_CHECK([-mcet -fcf-protection])
[255]728 fi
729
[203]730fi
731
[1]732dnl *****************************************
733dnl
734dnl checks for system services
735dnl
736dnl *****************************************
737
738dnl
[68]739dnl check for /proc filesystem
740dnl
741if test -d "/proc/$$"
742then
743 AC_DEFINE([HAVE_PROCFS],[1],[Define if you have a proc fs])
744fi
745
746dnl
[1]747dnl check for GNU gmp
748dnl
749AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
750if test "x${sh_have_gmp}" = xno
751then
752 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
753fi
754if test "x${sh_have_gmp}" = xyes
755then
756 # LIBS="-lgmp $LIBS"
757 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
758fi
759AC_CHECK_HEADERS(gmp.h)
760
[68]761AC_MSG_CHECKING([for ps])
762PS=
763for ff in /usr/ucb /bin /usr/bin; do
764 if test -x "$ff/ps"; then
765 PS="$ff/ps"
766 AC_MSG_RESULT([$PS])
767 break
768 fi
769done
770if test x$PS = x
771then
772 AC_MSG_RESULT([no])
[183]773 AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
[68]774fi
775AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
[1]776
[68]777AC_MSG_CHECKING([how to use ps])
778$PS ax >/dev/null 2>&1
779if test $? -eq 0; then
[169]780 case "$host_os" in
781 *openbsd*)
782 one=`$PS akx | wc -l`
783 ;;
784 *)
[68]785 one=`$PS ax | wc -l`
[169]786 ;;
787 esac
[68]788else
789 one=0
790fi
791$PS -e >/dev/null 2>&1
792if test $? -eq 0; then
793 two=`$PS -e | wc -l`
794else
795 two=0
796fi
797if test $one -ge $two
798then
[169]799 case "$host_os" in
800 *openbsd*)
801 PSARG="akx"
802 ;;
803 *)
804 PSARG="ax"
805 ;;
806 esac
[68]807else
[169]808 PSARG="-e"
[68]809fi
810AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
811AC_MSG_RESULT([$PS $PSARG])
812
[1]813dnl *****************************************
814dnl
815dnl enable features
816dnl
817dnl *****************************************
818
819AC_ARG_ENABLE(db-reload,
[100]820 [ --enable-db-reload enable database reload on SIGHUP [[no]]],
[1]821 [
822 if test "x${enable_db_reload}" = xyes; then
823 AC_DEFINE(RELOAD_DATABASE)
824 fi
825 ]
826)
827
828AC_ARG_ENABLE(xml-log,
829 [ --enable-xml-log enable XML logfile format [[no]]],
830 [
831 if test "x${enable_xml_log}" = xyes; then
832 AC_DEFINE(SH_USE_XML)
833 fi
834 ]
835)
836
837
838AC_ARG_ENABLE(mail,
839 [ --disable-mail disable the internal SMTP mailer],
840 [
841 if test "x${enable_mail}" = xno; then
842 :
843 else
844 AC_DEFINE(SH_WITH_MAIL)
845 fi
846 ],
847 [AC_DEFINE(SH_WITH_MAIL)]
848)
849
[412]850AC_ARG_ENABLE(suid,
851 [ --enable-suid allow suid],
852 [
853 if test "x${enable_suid}" = xyes; then
854 AC_DEFINE(SH_ALLOW_SUID, [1], [Define if you want to allow suid execution for samhain])
855 fi
856 ]
857)
858
[347]859AC_ARG_ENABLE(shellexpand,
860 [ --disable-shellexpand disable shell expansion in config file],
861 [
862 if test "x${enable_shellexpand}" = xno; then
863 :
864 else
865 AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])
866 fi
867 ],
868 [AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])]
869)
870
[1]871AC_ARG_ENABLE(external-scripts,
872 [ --disable-external-scripts disable interface to external scripts],
873 [
874 if test "x${enableval}" = xno; then
875 :
876 else
877 AC_DEFINE(WITH_EXTERNAL)
878 fi
879 ],
880 [AC_DEFINE(WITH_EXTERNAL)]
881)
882
883AC_ARG_ENABLE(message-queue,
884 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
885 [
[19]886 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
887 if test "x${enable_message_queue}" = xyes; then
888 AC_DEFINE(WITH_MESSAGE_QUEUE)
889 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
890 elif test "x${enable_message_queue}" != xno; then
891 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]892 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be numeric])
[19]893 echo "${enableval}" | \
894 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
[183]895 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be an octal (0nnn) number])
[1]896 AC_DEFINE(WITH_MESSAGE_QUEUE)
[19]897 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
898 fi
899 else
900 echo
901 echo "**********************************************"
902 echo
903 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
904 echo
905 echo "**********************************************"
906 echo
[1]907 fi
908 ]
909)
910
911AC_ARG_WITH(cflags,
912 [ --with-cflags additional flags to pass to compiler],
913 [
914 if test "x$withval" != "xno" ; then
915 CFLAGS="$CFLAGS $withval"
916 fi
917 ]
918)
919AC_ARG_WITH(libs,
920 [ --with-libs additional libraries to link with],
921 [
922 if test "x$withval" != "xno" ; then
923 LIBS="$LIBS $withval"
924 fi
925 ]
926)
927
928
929#
930# this is from ssh
931#
932AC_MSG_CHECKING(whether to use libwrap)
933LIBWRAP_LIB=""
934LIBWRAP_INC=""
935AC_ARG_WITH(libwrap,
[18]936[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
[1]937[ AC_MSG_RESULT($withval)
938 case "$withval" in
939 no)
940 ;;
941 ""|yes)
942 LIBWRAP_LIB="-lwrap"
943 ;;
944 *)
945 if test -d "$withval"; then
946 LIBWRAP_LIB="-L$withval -lwrap"
947 changequote(<<, >>)dnl
948 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
949 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
950 changequote([, ])dnl
951 else
952 LIBWRAP_LIB="-lwrap"
953 changequote(<<, >>)dnl
954 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
955 LIBWRAP_INC="-I${sh_libwrap_inc}"
956 changequote([, ])dnl
957 fi
958 ;;
959 esac
960 if test -n "$LIBWRAP_LIB"; then
961 # OLDLIBS="$LIBS"
962 LIBS="$LIBWRAP_LIB $LIBS"
963 # OLDCFLAGS="$CFLAGS"
964 CFLAGS="$CFLAGS $LIBWRAP_INC"
965 AC_CHECK_HEADER(tcpd.h,
966 [],
[183]967 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You need to install tcp_wrappers.]) ])
[1]968 AC_TRY_LINK([ #include <tcpd.h>
969 int allow_severity; int deny_severity; ],
970 [ hosts_access((struct request_info *) 0); ],
971 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
972 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
973 fi ],
974 AC_MSG_RESULT(no)
975)
976
977
[129]978dnl
979dnl NETWORK OPTIONS
980dnl
981AC_ARG_ENABLE(network,
982 [ --enable-network=[[client|server]] compile client or server [[no]]],
983 [
984 if test "x$enable_network" = xclient; then
985 mytclient="-DSH_WITH_CLIENT"
986 yulectl_prg=
[481]987 samhainadmin_prg=
[129]988 setpwd_prg="samhain_setpwd"
989 sh_main_prg="samhain"
990 if test "x${sh_have_gmp}" = xyes
991 then
992 LIBS="-lgmp $LIBS"
993 fi
994dnl AC_CHECK_HEADER(sys/capability.h,
995dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
996dnl [sh_use_lcaps="no"])
997 elif test "x$enable_network" = xserver; then
998 mytclient="-DSH_WITH_SERVER"
999 yulectl_prg="yulectl"
[557]1000 samhainadmin_prg="scripts/samhainadmin-gpg.pl scripts/samhainadmin-sig.pl"
[129]1001 setpwd_prg="samhain_setpwd"
1002 sh_main_prg="yule"
1003 if test "x${sh_have_gmp}" = xyes
1004 then
1005 LIBS="-lgmp $LIBS"
1006 fi
1007 sh_use_lcaps="undef"
1008 elif test "x$enable_network" = xno; then
1009 mytclient="-DSH_STANDALONE"
1010 yulectl_prg=
[481]1011 samhainadmin_prg=
[129]1012 setpwd_prg=
1013 sh_main_prg="samhain"
1014dnl AC_CHECK_HEADER(sys/capability.h,
1015dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1016dnl [sh_use_lcaps="no"])
1017 else
[183]1018 AC_MSG_ERROR([With --enable-network=WHAT, WHAT must be client, server, or no])
[129]1019 fi
1020 ],
1021 [
1022 mytclient="-DSH_STANDALONE"
1023 setpwd_prg=
1024 yulectl_prg=
[481]1025 samhainadmin_prg=
[129]1026 sh_main_prg="samhain"
1027dnl AC_CHECK_HEADER(sys/capability.h,
1028dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
1029dnl [sh_use_lcaps="no"])
1030 ],
1031)
1032
1033AC_SUBST(setpwd_prg)
1034AC_SUBST(yulectl_prg)
[481]1035AC_SUBST(samhainadmin_prg)
[129]1036AC_SUBST(sh_main_prg)
1037AC_SUBST(mytclient)
1038
1039# needed for the rpm spec
1040clmytclient=`echo ${mytclient} | sed s%\-%%`
1041AC_SUBST(clmytclient)
1042
[171]1043sh_no_gcc_static=no
1044
[124]1045AC_ARG_ENABLE(static,
[170]1046 [ --enable-static enable static linking [[no]]],
[124]1047 [
1048 if test x$enable_static = xyes; then
1049 if test x"$mynetbsd" = xyes
1050 then
1051 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
1052 LIBS="${tmp_LIBS}"
1053 fi
[294]1054 if test x"${sh_auparse}" = xyes
1055 then
1056 tmp_LIBS=`echo $LIBS | sed 's%\-lauparse%%' `
1057 LIBS="${tmp_LIBS}"
[544]1058 AC_MSG_WARN([--enable-static: no support for Linux Auditing System])
[294]1059 fi
[481]1060
1061 if test "x$GCC" = "xyes";
1062 then
[544]1063 if test -n "`echo "$CFLAGS" | grep "\-flto" 2> /dev/null`"
1064 then
1065 AC_MSG_ERROR([--enable-static: not compatible with link-time optimisation])
1066 fi
[481]1067 case "$host_os" in
1068
1069 *solaris*)
1070 AC_MSG_WARN([option --enable-static ignored on Solaris])
1071 ;;
1072
1073 *)
1074 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
1075 sh_no_gcc_static=no
1076 LDFLAGS="$LDFLAGS -static"
1077 ;;
1078 esac
[124]1079 else
[481]1080 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
[171]1081 sh_no_gcc_static=yes
[124]1082 case "$host_os" in
1083
1084 *aix*)
1085 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
1086 ;;
1087
1088 *hpux*)
1089 LDFLAGS="$LDFLAGS -Wl,-a,archive"
1090 ;;
1091
1092 *osf*)
1093 LDFLAGS="$LDFLAGS -non_shared"
1094 ;;
1095
1096 *irix*)
1097 LDFLAGS="$LDFLAGS -non_shared"
1098 ;;
1099
1100 *sco*)
1101 LDFLAGS="$LDFLAGS -dn"
1102 ;;
1103
1104 *sun*)
1105 LDFLAGS="$LDFLAGS -Bstatic"
1106 ;;
1107
1108 *solaris*)
1109 LDFLAGS="$LDFLAGS -Bstatic"
1110 ;;
1111
1112 *)
1113 echo "***********************************************"
1114 echo "*"
1115 echo "* Don't know how to enable static linking"
1116 echo "* with your compiler. Please set the environment"
1117 echo "* variable LDFLAGS to:"
1118 echo "* ${LDFLAGS} + the static linking flag"
1119 echo "* and run configure again"
1120 echo "*"
1121 echo "***********************************************"
1122 ;;
1123
1124 esac
1125 fi
1126 fi
1127 ]
1128)
1129
[138]1130if test x"${mytclient}" = x-DSH_STANDALONE -o x"${mytclient}" = x-DSH_WITH_CLIENT;
1131then
[168]1132dnl For threaded modules
[138]1133 ACX_PTHREAD
1134 CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
1135 LIBS="$PTHREAD_LIBS $LIBS"
[153]1136 LDFLAGS="$PTHREAD_CFLAGS $LDFLAGS"
[138]1137 CC="$PTHREAD_CC"
[168]1138dnl For MODI_TXT
1139 CHECK_ZLIB()
[138]1140fi
[203]1141
1142if test x$enable_static = xyes; then
1143 :
1144else
1145 if test x$sh_use_pie = xyes; then
1146 LDFLAGS="$LDFLAGS $PIE_LDFLAGS"
1147 CFLAGS="$CFLAGS $PIE_CFLAGS"
1148 fi
1149fi
[439]1150AC_CHECK_FUNC(pmap_getmaps,
1151 AC_DEFINE([HAVE_PMAP_GETMAPS], [], [Define if pmap_getmaps available]), [],[])
[203]1152
[138]1153
[1]1154#
1155# this is from the snort configure.in
1156#
[564]1157AC_DEFUN([FAIL_MESSAGE],[
[1]1158 echo
1159 echo
1160 echo "**********************************************"
1161 echo " ERROR: unable to find" $1
1162 echo " checked in the following places"
1163 for i in `echo $2`; do
1164 echo " $i"
1165 done
1166 echo "**********************************************"
1167 echo
1168 exit
1169])
1170
1171AC_ARG_WITH(libprelude-prefix,
[18]1172 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
[1]1173 libprelude_config_prefix="$withval", libprelude_config_prefix="")
1174
1175AC_MSG_CHECKING(whether to use prelude)
1176AC_ARG_WITH(prelude,
[18]1177 [ --with-prelude Prelude IDS support [[no]]],
[1]1178 [
1179 if test "x${withval}" = "xno"; then
1180 AC_MSG_RESULT(no)
1181 else
1182 AC_MSG_RESULT(yes)
1183 if test x$libprelude_config_prefix != x ; then
1184 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
1185 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
1186 fi
1187 fi
1188
1189 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
1190 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
1191 HAVE_PRELUDE_CONFIG=no
1192 else
1193 HAVE_PRELUDE_CONFIG=yes
1194 fi
1195dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
1196 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
1197 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
1198 case "$sh_libprelude_version" in
1199 0.8*)
[183]1200 AC_MSG_ERROR([You have Libprelude 0.8, which is too old. Version 0.9.6 or higher is required.])
[1]1201 ;;
1202 *)
[26]1203 AM_PATH_LIBPRELUDE([0.9.6],
[1]1204 [
1205 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
1206 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
1207 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
1208 LIBS="$LIBS $LIBPRELUDE_LIBS"
1209 ],
1210 [
[124]1211 AC_MSG_ERROR([Could not find libprelude (if you are using --enable-static, the static library libprelude.a might be missing).])
[1]1212 ])
1213 ;;
1214 esac
1215 else
[124]1216 AC_MSG_ERROR([Could not find libprelude-config.])
[1]1217 fi
1218 fi
1219 ],
1220 [
1221 AC_MSG_RESULT(no)
1222 ]
1223)
1224
1225#
1226# partly based on the snort configure.in
1227#
1228AC_ARG_WITH(database,
1229 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
1230 [
[544]1231 if test x"$enable_static" = xyes; then
1232 AC_MSG_WARN([With --enable-static, --with-database may fail to compile.])
1233 fi
[1]1234 if test x"$enable_xml_log" != xyes; then
[183]1235 AC_MSG_ERROR([With --with-database, --enable-xml-log is required as well.])
[1]1236 fi
1237 if test "x${withval}" = "xmysql"; then
[168]1238 if test "x$zlib_found" = "x"
1239 then
1240 CHECK_ZLIB()
1241 fi
[1]1242 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
1243 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
1244 sh_mysql_libs="`mysql_config --libs`"
1245 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
1246 LIBS="$LIBS ${sh_mysql_libs}"
1247 sh_mysql_cflags="`mysql_config --cflags`"
1248 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
1249 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
1250 else
[168]1251 AC_MSG_CHECKING([for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME])
[1]1252 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
1253
1254 for i in $mysql_directory; do
1255 if test -r $i/include/mysql/mysql.h; then
1256 MYSQL_DIR=$i
1257 MYSQL_INC_DIR=$i/include
1258 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
1259 fi
1260 done
1261 if test -z "$MYSQL_DIR"; then
1262 for i in $mysql_directory; do
1263 if test -r $i/include/mysql.h; then
1264 MYSQL_DIR=$i
1265 MYSQL_INC_DIR=$i/include
1266 fi
1267 done
1268 fi
1269
1270 if test -z "$MYSQL_DIR"; then
1271 tmp=""
1272 for i in $mysql_directory; do
1273 tmp="$tmp $i/include $i/include/mysql"
1274 done
1275 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
1276 fi
1277
1278 for i in lib lib/mysql; do
1279 str="$MYSQL_DIR/$i/libmysqlclient.*"
1280 for j in `echo $str`; do
1281 if test -r $j; then
1282 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
1283 break 2
1284 fi
1285 done
1286 done
1287
1288 if test -z "$MYSQL_LIB_DIR"; then
1289 for ff in $mysql_directory; do
1290 for i in lib lib/mysql; do
1291 str="$ff/$i/libmysqlclient.*"
1292 for j in `echo $str`; do
1293 if test -r $j; then
1294 MYSQL_LIB_DIR="$ff/$i"
1295 break 3
1296 fi
1297 done
1298 done
1299 done
1300 fi
1301
1302 if test -z "$MYSQL_LIB_DIR"; then
1303 tmp=""
1304 for i in $mysql_directory; do
1305 tmp="$i/lib $i/lib/mysql"
1306 done
1307 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
1308 fi
1309
1310 AC_MSG_RESULT(yes)
1311 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
1312 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
1313 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
1314 fi
1315 AC_DEFINE(WITH_MYSQL)
1316 AC_DEFINE(WITH_DATABASE)
[168]1317 if test "x$zlib_found" = "xyes"
[1]1318 then
1319 LIBS="$LIBS -lz -lm"
1320 else
1321 echo
[168]1322
1323 echo " Mysql library was not found or not useable."
1324 echo " Possible reasons include:"
[101]1325 echo " - an old, incompatible version compiled from source"
1326 echo " - on Solaris, libmysql is compiled with the Solaris"
1327 echo " compiler, thus the mysql_config script provides"
1328 echo " compiler options unsuitable for gcc (move"
1329 echo " mysql_config out of your PATH)"
1330 echo " For other problems, check config.log for the error"
[1]1331 echo " message from the compiler."
[101]1332 echo
[168]1333 echo " If your mysql libraries are installed in an"
[101]1334 echo " unusual place, use --with-libs=-L/path/to/libdirectory"
[168]1335 echo " where libdirectory is the directory holding libmysql."
[1]1336 if test x"$enable_static" = xyes; then
1337 echo " Note that for compiling a static binary, you need"
1338 echo " the static libraries, rather than the shared ones."
1339 fi
1340 echo
[183]1341 AC_MSG_ERROR([Could not find libmysql, or it is not useable.])
[1]1342 fi
1343 AC_CHECK_HEADERS(mysql/mysql.h)
1344 elif test "x${withval}" = "xpostgresql"; then
1345 AC_DEFINE(WITH_POSTGRES)
1346 AC_DEFINE(WITH_DATABASE)
1347 #
1348 PGCONF="no"
1349 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
1350 OLD_IFS="$IFS"
1351 IFS=":"
1352 for ff in ${MY_PATH}
1353 do
1354 if test -f "$ff/pg_config"
1355 then
1356 PGCONF="$ff/pg_config"
1357 fi
1358 done
1359 IFS="${OLD_IFS}"
1360 #
1361 #
1362 if test "x${PGCONF}" = "xno"
1363 then
1364 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1365 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1366 for i in $pgsql_directory; do
1367 if test -r $i/include/pgsql/libpq-fe.h; then
1368 PGSQL_INC_DIR=$i/include
1369 PGSQL_DIR=$i
1370 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1371 fi
1372 done
1373 if test -z "$PGSQL_DIR"; then
1374 for i in $pgsql_directory; do
[207]1375 if test -r $i/include/postgresql/libpq-fe.h; then
1376 PGSQL_INC_DIR=$i/include
1377 PGSQL_DIR=$i
1378 fi
1379 done
1380 fi
1381 if test -z "$PGSQL_DIR"; then
1382 for i in $pgsql_directory; do
[1]1383 if test -r $i/include/libpq-fe.h; then
1384 PGSQL_INC_DIR=$i/include
1385 PGSQL_DIR=$i
1386 fi
1387 done
1388 fi
1389
1390 if test -z "$PGSQL_DIR"; then
1391 tmp=""
1392 for i in $pgsql_directory; do
[207]1393 tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
[1]1394 done
1395 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1396 fi
1397
[207]1398 for i in lib lib/pgsql lib/postgresql; do
[1]1399 str="$PGSQL_DIR/$i/libpq.*"
1400 for j in `echo $str`; do
1401 if test -r $j; then
1402 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1403 break 2
1404 fi
1405 done
1406 done
1407
1408 if test -z "$PGSQL_LIB_DIR"; then
1409 for ff in $pgsql_directory; do
[207]1410 for i in lib lib/pgsql lib/postgresql; do
[1]1411 str="$ff/$i/libpq.*"
1412 for j in `echo $str`; do
1413 if test -r $j; then
1414 PGSQL_LIB_DIR="$ff/$i"
1415 break 3
1416 fi
1417 done
1418 done
1419 done
1420 fi
1421
1422 if test -z "$PGSQL_LIB_DIR"; then
1423 tmp=""
1424 for i in $pgsql_directory; do
[207]1425 tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
[1]1426 done
1427 FAIL_MESSAGE("postgresql library libpq", $tmp)
1428 fi
1429
1430 AC_MSG_RESULT(yes)
1431
1432 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1433 if test x"$enable_static" = xyes; then
1434 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1435 else
1436 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1437 fi
1438 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1439 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1440 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
[207]1441 AC_CHECK_HEADERS(postgresql/libpq-fe.h)
[1]1442 else
1443 pg_lib_dir=`${PGCONF} --libdir`
1444 if test x"$enable_static" = xyes; then
1445 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1446 else
1447 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1448 fi
1449 pg_inc_dir=`${PGCONF} --includedir`
1450 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1451 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1452 fi
1453 elif test "x${withval}" = "xodbc"; then
1454 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1455 odbc_directory="/usr /usr/local"
1456
1457 for i in $odbc_directory; do
1458 if test -r $i/include/sql.h; then
1459 if test -r $i/include/sqlext.h; then
1460 if test -r $i/include/sqltypes.h; then
1461 ODBC_DIR=$i
1462 ODBC_INC_DIR=$i/include
1463 fi
1464 fi
1465 fi
1466 done
1467
1468 if test -z "$ODBC_DIR"; then
1469 tmp=""
1470 for i in $odbc_directory; do
1471 tmp="$tmp $i/include"
1472 done
1473 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1474 fi
1475
1476 str="$ODBC_DIR/lib/libodbc.*"
1477 for j in `echo $str`; do
1478 if test -r $j; then
1479 ODBC_LIB_DIR="$ODBC_DIR/lib"
1480 ODBC_LIB="odbc"
1481 fi
1482 done
1483
1484 if test -z "$ODBC_LIB_DIR"; then
1485 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1486 fi
1487
1488 AC_MSG_RESULT(yes)
1489 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1490 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1491 AC_DEFINE(WITH_ODBC)
1492 AC_DEFINE(WITH_DATABASE)
1493
1494 elif test "x${withval}" = "xoracle"; then
[415]1495
1496 AC_MSG_CHECKING(for oracle in ORACLE_HOME /usr/local /usr)
1497
[1]1498 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1499 for i in $oracle_directory; do
[415]1500
1501 ff=`find $i -name oci.h 2>/dev/null | tail -1`
1502 if test "x$ff" = "x"; then
1503 :
1504 else
1505 ORACLE_INC=`dirname $ff`
1506 fi
1507
1508 fg=`find $i -name libclntsh.so 2>/dev/null | tail -1`
1509 if test "x$fg" = "x"; then
1510 :
1511 else
1512 ORACLE_LIB=`dirname $fg`
1513 fi
1514
1515 done
[1]1516
[415]1517 if test -z "$ORACLE_INC"; then
1518
[1]1519 tmp=""
1520 for i in $oracle_directory; do
[415]1521 tmp="$tmp $i"
[1]1522 done
[415]1523 FAIL_MESSAGE("OCI header file (oci.h) please define ORACLE_INC directory where oci.h resides", $tmp)
[1]1524
[415]1525 elif test -z "$ORACLE_LIB"; then
1526
1527 tmp=""
1528 for i in $oracle_directory; do
1529 tmp="$tmp $i"
1530 done
1531 FAIL_MESSAGE("OCI library file (libclntsh.so) please define ORACLE_LIB directory where libclntsh.so resides", $tmp)
1532
1533 else
1534
1535 ORACLE_CPP_FLAGS="-I$ORACLE_INC"
1536 ORACLE_LIB_DIR="$ORACLE_LIB"
1537
1538 AC_MSG_RESULT([$ORACLE_INC $ORACLE_LIB])
1539
[1]1540 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1541
1542 ORACLE_LIBS="-lclntsh"
[415]1543
1544 if test -r $ORACLE_LIB_DIR/libnnz11.so; then
1545 ORACLE_LIBS="${ORACLE_LIBS} -lnnz11"
1546 fi
[1]1547 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1548 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1549 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1550 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1551 fi
1552 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
[45]1553 if test "x$GCC" != "xyes"; then
1554 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1555 fi
[1]1556 fi
1557 AC_DEFINE(WITH_ORACLE)
1558 AC_DEFINE(WITH_DATABASE)
1559
1560 else
[183]1561 AC_MSG_ERROR([Option --with-database=database used with unsupported database ${withval}])
[1]1562 fi
1563 ]
1564)
1565
1566AC_ARG_WITH(console,
[18]1567 [ --with-console=PATH set path to console device [[/dev/console]]],
[1]1568 [
1569 if test "x${withval}" != xno; then
1570 mycons="$withval"
1571 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1572 fi
1573 ])
1574
1575AC_ARG_WITH(altconsole,
[18]1576 [ --with-altconsole=PATH set path to second console device [[none]]],
[1]1577 [
1578 if test "x${withval}" != xno; then
1579 myaltcons="$withval"
1580 else
1581 myaltcons="NULL"
1582 fi
1583 ],
1584 [myaltcons="NULL"])
1585AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1586
1587AC_ARG_WITH(timeserver,
[18]1588 [ --with-timeserver=HOST set host address for time server [[none]]],
[1]1589 [
1590 if test "x${withval}" != xno; then
1591 mytimeserv="$withval"
1592 AC_DEFINE(HAVE_NTIME)
1593 else
1594 mytimeserv="NULL"
1595 fi
1596 ],
1597 mytimeserv="NULL")
1598AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1599
1600AC_ARG_WITH(alttimeserver,
[18]1601 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
[1]1602 [
1603 if test "x${withval}" != xno; then
1604 myalttimeserv="$withval"
1605 AC_DEFINE(HAVE_NTIME)
1606 else
1607 myalttimeserv="NULL"
1608 fi
1609 ],
1610 myalttimeserv="NULL")
1611AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1612
1613AC_ARG_ENABLE(login-watch,
1614 [ --enable-login-watch watch for login/logout [[no]]],
1615 [
1616 if test "x${enable_login_watch}" = xyes; then
1617 AC_DEFINE(SH_USE_UTMP)
1618 fi
1619 ]
1620)
1621
1622AC_ARG_ENABLE(mounts-check,
[18]1623 [ --enable-mounts-check check mount options on filesystems [[no]]],
[1]1624 [
1625 if test "x${enable_mounts_check}" = xyes; then
1626 AC_DEFINE(SH_USE_MOUNTS)
1627 fi
1628 ]
1629)
1630
[183]1631AC_ARG_ENABLE(logfile-monitor,
1632 [ --enable-logfile-monitor monitor logfiles [[no]]],
1633 [
1634 if test "x${enable_logfile_monitor}" = xyes; then
1635 AC_CHECK_HEADER(pcre.h,
1636 [
1637 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1638 LIBS="-lpcre $LIBS"
1639 ],
[203]1640 [
1641 AC_CHECK_HEADER(pcre/pcre.h,
1642 [
1643 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1644 AC_DEFINE(HAVE_PCRE_PCRE_H, 1, [Define if you have pcre/pcre.h.])
1645 LIBS="-lpcre $LIBS"
1646 ],
1647 AC_MSG_ERROR([The --enable-logfile-monitor option requires libpcre. For compiling the pcre development package is needed.])
1648 )
1649 ]
[183]1650 )
[285]1651 AC_CHECK_LIB(pcre, pcre_dfa_exec, [
1652 AC_DEFINE([HAVE_PCRE_DFA_EXEC], 1, [Define if you have pcre_dfa_exec])
1653 ], [
1654 AC_MSG_WARN([pcre_dfa_exec not available])
1655 ])
[183]1656 fi
1657 ]
1658)
1659
1660
[68]1661AC_ARG_ENABLE(process-check,
1662 [ --enable-process-check check processes [[no]]],
1663 [
1664 if test "x${enable_process_check}" = xyes; then
1665 AC_CHECK_LIB([rt], [sched_getparam], sh_lrt=yes, sh_lrt=no)
1666 if test x"$sh_lrt" = xyes; then
1667 LIBRT=-lrt
1668 else
1669 LIBRT=
1670 fi
1671 LIBS="$LIBS $LIBRT"
1672 AC_DEFINE(SH_USE_PROCESSCHECK, [1], [Define if you want to check processes])
1673 fi
1674 ]
1675)
1676
1677AC_ARG_ENABLE(port-check,
1678 [ --enable-port-check check ports [[no]]],
1679 [
1680 if test "x${enable_port_check}" = xyes; then
1681 AC_DEFINE(SH_USE_PORTCHECK, [1], [Define if you want to check ports])
1682 fi
1683 ]
1684)
1685
[1]1686AC_ARG_ENABLE(userfiles,
[18]1687 [ --enable-userfiles check for users' config files [[no]]],
[1]1688 [
1689 if test "x${enableval}" = "xyes"; then
1690 AC_DEFINE(SH_USE_USERFILES)
1691 fi
1692 ]
1693)
1694
1695AC_ARG_ENABLE(debug,
1696 [ --enable-debug enable debug options [[no]]],
1697 [
1698 if test "x${enable_debug}" = "xyes"; then
1699 if test "x${mydebugflag}" != "xyes"; then
1700 AC_DEFINE(MEM_DEBUG)
1701 fi
1702 AC_DEFINE(WITH_TPT)
1703 AC_DEFINE(SL_DEBUG)
[171]1704 AC_DEFINE(DNMALLOC_CHECKS, 1, [Debug dnmalloc])
1705 AC_DEFINE(PARANOIA, 0, [Paranoia level for dnmalloc])
[1]1706 AC_DEFINE(SL_FAIL_ON_ERROR)
1707 if test "x${myneedg3}" = "xyes"; then
1708 mydebugdef="-g3"
1709 else
1710 mydebugdef="-g"
1711 fi
1712 mydebugit="yes"
[579]1713 elif test "x${enable_debug}" = "xmem"; then
1714 AC_DEFINE(MEM_DEBUG)
1715 AC_DEFINE(SH_ABORT_ON_ERROR, 1, [Use abort])
1716 if test "x${myneedg3}" = "xyes"; then
1717 mydebugdef="-g3"
1718 else
1719 mydebugdef="-g"
1720 fi
1721 mydebugit="yes"
[295]1722 elif test "x${enable_debug}" = "xgdb"; then
[459]1723 AC_DEFINE(SH_ABORT_ON_ERROR, 1, [Use abort])
[295]1724 if test "x${myneedg3}" = "xyes"; then
1725 mydebugdef="-g3"
1726 else
1727 mydebugdef="-g"
1728 fi
1729 mydebugit="yes"
[1]1730 fi
1731 ]
1732)
1733AC_SUBST(mydebugdef)
1734
[447]1735if test "x${enable_asm_ok}" = "xyes"; then
1736 sh_enable_asm=yes
1737else
1738 sh_enable_asm=no
1739fi
[441]1740AC_ARG_ENABLE(asm,
1741 [ --disable-asm disable asm inline code],
1742 [
1743 if test "x${enable_asm}" = xno; then
1744 sh_enable_asm=no
1745 fi
1746 ]
1747)
[295]1748
[441]1749if test "x${samhain_64_asm}" = xyes; then
1750 if test "x${sh_enable_asm}" = xyes; then
1751 AC_DEFINE([TIGER_OPT_ASM],1,[Define to use tiger x86_64 optimized assembly])
1752 fi
1753fi
1754
[295]1755AC_ARG_ENABLE(ipv6,
1756 [ --disable-ipv6 disable ipv6 support],
1757 [
1758 if test "x${enable_ipv6}" = xno; then
1759 AC_DEFINE(USE_IPV4,1,[Define if you do not want IPv6])
1760 fi
1761 ]
1762)
1763
[171]1764if test "x${dnmalloc_ok}" = "xyes"; then
1765 sh_dnmalloc_enabled=yes
1766else
1767 sh_dnmalloc_enabled=no
1768fi
1769
1770AC_ARG_ENABLE(dnmalloc,
1771 [ --disable-dnmalloc disable dnmalloc],
1772 [
1773 if test "x${enable_dnmalloc}" = xno; then
1774 sh_dnmalloc_enabled=no
1775 else
1776 sh_dnmalloc_enabled=yes
1777 fi
1778 ]
1779)
1780
1781dnl Handle the problem that static linking against libc.a on Linux
1782dnl produces the error "multiple definitions of malloc"
1783dnl
1784if test "x$sh_dnmalloc_enabled" = "xyes"; then
1785 if test x$enable_static = xyes; then
1786 if test "x$sh_no_gcc_static" = "xyes"; then
1787 sh_dnmalloc_enabled=no
1788 else
1789 if test "x$with_gnu_ld" = "xyes"; then
1790 LDFLAGS="$LDFLAGS -Wl,--allow-multiple-definition"
1791 else
1792 sh_dnmalloc_enabled=no
1793 fi
1794 fi
1795 fi
1796fi
1797
1798if test "x${sh_dnmalloc_enabled}" = xno; then
1799 AC_DEFINE(USE_SYSTEM_MALLOC,1,[Define if you want to use the system malloc])
1800fi
1801
[1]1802AC_ARG_ENABLE(ptrace,
1803 [ --enable-ptrace use anti-debugger options [[no]]],
1804 [
1805 if test "x${enable_ptrace}" = xyes; then
1806 if test "x$mydebugit" != "xyes"; then
1807 AC_DEFINE(SCREW_IT_UP)
1808 fi
1809 fi
1810 ]
1811)
1812
1813dnl
1814if test "x$GCC" = "xyes"; then
1815 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1816 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1817 fi
1818
[481]1819dnl -W is the older name for -Wextra
[1]1820
[481]1821
[1]1822 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
[481]1823 case "$host_os" in
1824 *solaris*)
1825 CFLAGS="$CFLAGS -Wall -W -Wno-missing-braces "
1826 ;;
1827 *)
[544]1828 CFLAGS="$CFLAGS -Wall -W -Werror=implicit-function-declaration "
[481]1829 ;;
1830 esac
[1]1831 fi
1832
1833 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1834 then
1835 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1836 then
[474]1837 GCC_FLAG_CHECK([-fno-strength-reduce])
[1]1838 fi
1839 fi
1840
1841 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1842 then
1843 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1844 then
[474]1845 GCC_FLAG_CHECK([-fno-omit-frame-pointer])
[1]1846 fi
1847 fi
1848
1849fi
1850
[203]1851dnl Test whether gcc supports -Wno-empty-body
1852dnl Suppresses warnings from glibc pthread_cleanup_pop
1853dnl
[474]1854GCC_FLAG_CHECK([-Wno-empty-body])
[203]1855
[474]1856dnl This one is for clang
1857dnl
1858GCC_FLAG_CHECK([-Wno-invalid-source-encoding])
1859
1860
[1]1861AC_MSG_CHECKING([which random module to use])
1862AC_ARG_WITH(rnd,
1863 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1864[use_static_rnd=$withval], [use_static_rnd=default] )
1865
1866if test "$use_static_rnd" = no; then
1867 use_static_rnd=default
1868fi
1869
1870case "$use_static_rnd" in
1871 egd | dev | unix | default )
1872 AC_MSG_RESULT($use_static_rnd)
1873 ;;
1874 * )
1875 AC_MSG_RESULT([invalid argument])
[183]1876 AC_MSG_ERROR([Option --with-rnd=module used with unsupported module ${use_static_rnd}])
[1]1877 ;;
1878esac
1879
1880AC_ARG_WITH(egd-socket,
1881 [ --with-egd-socket=NAME EGD socket name],
1882 egd_socket_name="$withval", egd_socket_name="" )
1883AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1884
1885dnl
1886dnl See whether the user wants to disable checking for /dev/random
1887
1888try_dev_random=yes
1889
1890case "$use_static_rnd" in
1891dev | default )
1892 try_dev_random=yes
1893 ;;
1894egd)
1895 AC_DEFINE(HAVE_EGD_RANDOM)
1896 try_dev_random=no
1897 ;;
1898unix)
1899 AC_DEFINE(HAVE_UNIX_RANDOM)
1900 try_dev_random=no
1901 ;;
1902esac
1903
1904
1905if test "x$try_dev_random" = "xyes"; then
1906 AC_MSG_CHECKING(whether /dev/random exists)
1907 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1908 AC_DEFINE(HAVE_URANDOM)
1909 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1910 AC_MSG_RESULT(yes)
1911 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1912 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1913 fi
1914 else
1915 if test -r "/dev/random" && test -c "/dev/random"; then
1916 AC_DEFINE(HAVE_URANDOM)
1917 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1918 AC_MSG_RESULT(yes)
1919 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1920 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1921 fi
1922 else
1923 AC_MSG_RESULT(no)
1924 AC_DEFINE(HAVE_UNIX_RANDOM)
1925 fi
1926 fi
1927fi
1928
1929
1930AC_ARG_ENABLE(udp,
1931 [ --enable-udp server can listen on port 514/udp [[no]]],
1932 [
1933 if test "x${enable_udp}" = xyes; then
1934 AC_DEFINE(INET_SYSLOG)
1935 fi
1936 ]
1937)
1938
1939myencrypt=yes
1940AC_ARG_ENABLE(encrypt,
1941 [ --disable-encrypt disable client/server encryption],
1942 [
1943 if test "x${enable_encrypt}" = xno; then
1944 myencrypt=no
1945 fi
1946 ]
1947)
1948if test "x${myencrypt}" = "xyes"; then
1949 AC_DEFINE(SH_ENCRYPT)
1950 AC_DEFINE(SH_ENCRYPT_2)
1951fi
1952
1953sh_use_srp_proto=yes
1954AC_ARG_ENABLE(srp,
1955 [ --disable-srp disable SRP for authentication],
1956 [
1957 if test "x${enable_srp}" = xno; then
1958 sh_use_srp_proto=no
1959 fi
1960 ]
1961)
1962if test "x${sh_use_srp_proto}" = xyes; then
1963 AC_DEFINE(USE_SRP_PROTOCOL)
1964fi
1965
1966AC_ARG_WITH(port,
1967 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1968 [
1969 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]1970 AC_MSG_ERROR([For --with-port=PORT, PORT must be numeric.])
[1]1971 myport=${withval}
1972 ],
1973 [myport="49777"])
1974AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1975AC_SUBST(myport)
1976
1977AC_ARG_WITH(logserver,
1978 [ --with-logserver=HOST set host address for log server [[none]]],
1979 [
1980 case "$withval" in
1981 *.* | localhost)
1982 mylogsrv="$withval"
1983 ;;
1984 *)
1985 mylogsrv="$withval"
1986 ;;
1987 esac
1988 ],
1989 [mylogsrv="NULL"])
1990AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1991AC_SUBST(mylogsrv)
1992
1993AC_ARG_WITH(altlogserver,
1994 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1995 [
1996 case "$withval" in
1997 *.* | localhost)
1998 myaltlogsrv="$withval"
1999 ;;
2000 *)
2001 myaltlogsrv="$withval"
2002 ;;
2003 esac
2004 ],
2005 [myaltlogsrv="NULL"])
2006AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
2007
2008
2009
2010dnl
2011dnl STEALTH OPTIONS
2012dnl
2013nocl_code=
2014xor_code=0
2015AC_ARG_ENABLE(nocl,
2016 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
2017 [
2018 if test "x${enableval}" != "x"; then
2019 AC_DEFINE(SH_STEALTH_NOCL)
2020 fi
2021 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
[183]2022 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
[1]2023 fi
2024 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
[183]2025 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
[1]2026 fi
2027 if test "x${enableval}" = "xstatus"; then
[183]2028 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
[1]2029 fi
2030 if test "x${enableval}" = "xno"; then
[183]2031 AC_MSG_ERROR([With --enable-nocl=PW, the use of --enable-nocl=no is ambiguous.])
[1]2032 fi
2033 nocl_code="${enable_nocl}"
2034 ]
2035)
2036AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
2037AC_SUBST(nocl_code)
2038AC_ARG_ENABLE(stealth,
2039 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
2040 [AC_DEFINE(SH_STEALTH)
2041 if test "x${enableval}" != "xyes"; then
2042 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2043 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be numeric.])
[1]2044 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
2045 if test x"${enableval}" = x0
2046 then
2047 :
2048 else
[183]2049 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
[1]2050 fi
2051 fi
2052 xor_code="${enable_stealth}"
2053 else
2054 xor_code=0
2055 fi
2056 stegin_prg="samhain_stealth"
2057 ],
2058 [
2059 stegin_prg=
2060 ]
2061)
2062AC_ARG_ENABLE(micro-stealth,
2063 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
2064 [
2065 AC_DEFINE(SH_STEALTH)
2066 AC_DEFINE(SH_STEALTH_MICRO)
2067 if test "x${enableval}" != "xyes"; then
2068 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2069 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be numeric.])
[1]2070 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
2071 if test x"${enableval}" = x0
2072 then
2073 :
2074 else
[183]2075 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
[1]2076 fi
2077 fi
2078 xor_code="${enable_micro_stealth}"
2079 else
2080 xor_code=0
2081 fi
2082 ]
2083)
2084install_name="samhain"
2085INSTALL_NAME="SAMHAIN"
2086AC_ARG_ENABLE(install-name,
2087 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
2088 [
2089 if test "x${enableval}" != "xyes"; then
2090 install_name="${enableval}"
2091 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
2092 else
2093 install_name="${sh_main_prg}"
2094 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2095 fi
2096 ],
2097 [
2098 install_name="${sh_main_prg}"
2099 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2100 ]
2101)
2102
2103
2104need_user_install=0
2105
2106AC_ARG_ENABLE(identity,
2107 [ --enable-identity=USER user if dropping root [[daemon]]],
2108 [
2109 if test x"$enableval" = xno; then
2110 myident="daemon"
2111 else
2112 myident="$enableval"
2113 fi
2114 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
[183]2115 AC_MSG_ERROR([With --enable-identity=USER, please supply a username, not a UID.])
[1]2116 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2117 grep "^${myident}:" | awk -F: '{ print $3; }'`
2118 if test x"${myident_uid}" = x; then
[183]2119 AC_MSG_WARN([Option --enable-identity used, user ${myident} will be added upon install.])
[1]2120 need_user_install=1
2121 fi
2122 ],
2123 [
2124 for myident in ${install_name} daemon nobody; do
2125 AC_MSG_CHECKING(for user ${myident})
2126 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2127 grep "^${myident}:" | awk -F: '{ print $3; }'`
2128 if test x"${myident_uid}" != x; then
2129 AC_MSG_RESULT(yes)
2130 break;
2131 else
2132 AC_MSG_RESULT(no)
2133 fi
2134 done
2135 if test x"${myident_uid}" = x; then
2136 myident=${install_name}
2137 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
2138 need_user_install=1
2139 fi
2140 ])
2141AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
2142AC_SUBST(myident)
2143AC_SUBST(need_user_install)
2144
2145AC_SUBST(install_name)
2146AC_SUBST(INSTALL_NAME)
2147AC_SUBST(stegin_prg)
2148AC_SUBST(xor_code)
2149
2150AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
2151AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
2152
2153
2154exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
2155exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
2156exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
2157
2158AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
2159AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
2160AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
2161
2162
2163AC_ARG_ENABLE(suidcheck,
2164 [ --enable-suidcheck check for suid/sgid files [[no]]],
2165 [
2166 if test "x${enableval}" = "xyes"; then
2167 AC_DEFINE(SH_USE_SUIDCHK)
2168 fi
2169 ]
2170)
2171
2172
2173AC_ARG_ENABLE(base,
2174 [ --enable-base=B1,B2 base key (0...2147483647)],
2175 [
2176 AC_MSG_CHECKING(base key setting)
2177 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
2178 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
2179 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2180 if test "x${my_key_A}" = x; then
[183]2181 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid first base key (zero length).])
[1]2182 fi
2183 if test "x${my_key_B}" = x; then
[183]2184 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid second base key (zero length).])
[1]2185 fi
2186 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2187 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
[1]2188 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2189 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
[1]2190 ],
2191 [
2192 AC_MSG_CHECKING(base key setting .. collecting entropy)
2193 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
2194 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
2195 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
2196 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
2197 my_key_A=`expr $my_key_1 \* 32767`
2198 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
2199 my_key_A=`expr $my_key_A \+ $my_key_2`
2200 my_key_B=`expr $my_key_3 \* 32767`
2201 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
2202 my_key_B=`expr $my_key_B \+ $my_key_4`
2203 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2204 ]
2205 )
2206AC_SUBST(my_key_A)
2207AC_SUBST(my_key_B)
2208
2209dnl low bytes
2210my_key_1=`expr $my_key_A \% 65536`
2211dnl high bytes
2212my_key_2=`expr $my_key_A \/ 65536`
2213dnl low bytes
2214my_key_3=`expr $my_key_B \% 65536`
2215dnl high bytes
2216my_key_4=`expr $my_key_B \/ 65536`
2217
2218dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
2219
2220dnl touch ./sh_MK.h
2221dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
2222dnl echo "#define SH_MK_H" >> ./sh_MK.h
2223dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
2224dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
2225dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
2226dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
2227dnl echo "#endif" >> ./sh_MK.h
2228AC_SUBST(my_key_1)
2229AC_SUBST(my_key_2)
2230AC_SUBST(my_key_3)
2231AC_SUBST(my_key_4)
2232
2233AC_MSG_CHECKING(key position)
2234pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
2235pos_tf_2=`expr $pos_tf_1 \% 8`
2236pos_tf=`expr $pos_tf_2 + 1`
2237AC_MSG_RESULT(${pos_tf})
2238AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
2239
2240mykeybase=`echo ${my_key_A},${my_key_B}`
2241AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
2242AC_SUBST(mykeybase)
2243
2244
2245dnl
[550]2246dnl Signify/GnuPG options
[1]2247dnl
2248
[550]2249AC_ARG_WITH(signify,
2250 [ --with-signify=PATH use OpenBSD signify to verify database/config [[no]]],
2251 [
2252 if test "x${withval}" != "xno"; then
2253 if test "x${cross_compiling}" = xyes; then
2254 mysignify="${withval}"
2255 else
2256 if test -f "${withval}"; then
2257 mysignify="${withval}"
2258 mychk0=`gpg --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2259 if test "x$?" != "x0"; then
2260 mychktest=no
2261 for sam_pre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2262 if test x"${mychktest}" = xyes
2263 then
2264 :
2265 else
2266 if test -f ${sam_pre}
2267 then
2268 echo "use existing ${sam_pre} for signify checksum"
2269 mychk0=`${sam_pre} -H ${withval} 2>/dev/null`
2270 if test "x$?" != "x0"; then
2271 if test "x${nocl_code}" != "x"; then
2272 mychk0=`echo -H ${withval} | ${sam_pre} ${nocl_code} 2>/dev/null`
2273 if test "x$?" != "x0"; then
2274 :
2275 else
2276 mychk="${mychk0}"
2277 mychktest=yes
2278 fi
2279 fi
2280 else
2281 mychk="${mychk0}"
2282 mychktest=yes
2283 fi
2284 fi
2285 fi
2286 done
2287 if test x${mychktest} = xno; then
2288 AC_MSG_WARN([--with-signify: cannot determine TIGER192 checksum of ${withval}])
2289 echo "-------------------------------------------------------------"
2290 echo " I cannot find an existing GnuPG or samhain binary to use."
2291 echo " You can:"
2292 echo " (a) run make to compile a samhain binary, then repeat"
2293 echo " ./configure and make"
2294 echo " (b) ignore the failure. The checksum of the signify binary"
2295 echo " will not get compiled in, thus allowing an attacker"
2296 echo " to replace signify with a trojan and subverting the"
2297 echo " signature verification of configure and database files."
2298 echo
2299 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
2300 echo "-------------------------------------------------------------"
2301 fi
2302 else
2303 mychk="${mychk0}"
2304 fi
2305 else
2306 AC_MSG_ERROR([--with-signify: cannot find signify PATH=${withval}])
2307 fi
2308 fi
2309 AC_DEFINE([WITH_SIG], 1, [Define if signature checking is supported.])
2310 AC_DEFINE([WITH_SIGNIFY], 1, [Define if using OpenBSD signify for signature checking.])
2311 AC_DEFINE_UNQUOTED([DEFAULT_SIG_PATH], _("${mysignify}"), [Define as path to signing binary])
2312 AC_SUBST(mysignify)
2313 fi
2314 ]
2315)
2316
2317AC_ARG_WITH(pubkey-checksum,
2318 [ --with-pubkey-checksum=CHKSUM compile in TIGER192 checksum of signify public key [[no]]],
2319 [
2320 if test "x${withval}" != "xno"; then
2321 if test "x${withval}" == "xyes"; then
2322 AC_MSG_ERROR([Option --with-pubkey-checksum=CHKSUM: checksum CHKSUM of signify public key not specified.])
2323 else
2324 if test "x${withval}" = "x"; then
2325 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the signify public key not specified.])
2326 fi
2327 fi
2328 AC_DEFINE([HAVE_SIG_KEY_HASH], 1, [Define if signing binary checksum available.])
2329 AC_DEFINE_UNQUOTED([SIG_KEY_HASH], _("${withval}"), [Define as the signify public key checksum.] )
2330 fi
2331 ]
2332)
2333
2334
[1]2335AC_ARG_WITH(gpg,
2336 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
2337 [
[550]2338 if test "x${mysignify}" != "x"; then
2339 AC_MSG_ERROR([--with-gpg: already using --with-signify])
2340 fi
[1]2341 if test "x${withval}" != "xno"; then
2342 if test "x${cross_compiling}" = xyes; then
2343 mygpg="${withval}"
2344 else
2345 if test -f "${withval}"; then
2346 mygpg="${withval}"
2347 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2348 if test "x$?" != "x0"; then
2349 mychktest=no
2350 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2351 if test x"${mychktest}" = xyes
2352 then
2353 :
2354 else
2355 if test -f ${sampre}
2356 then
2357 echo "use existing ${sampre} for gpg checksum"
2358 mychk0=`${sampre} -H ${withval} 2>/dev/null`
2359 if test "x$?" != "x0"; then
[389]2360 if test "x${nocl_code}" != "x"; then
2361 mychk0=`echo -H ${withval} | ${sampre} ${nocl_code} 2>/dev/null`
2362 if test "x$?" != "x0"; then
2363 :
2364 else
2365 mychk="${mychk0}"
2366 mychktest=yes
2367 fi
2368 fi
[1]2369 else
2370 mychk="${mychk0}"
2371 mychktest=yes
2372 fi
2373 fi
2374 fi
2375 done
2376 if test x${mychktest} = xno; then
2377 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
2378 echo "-------------------------------------------------------------"
2379 echo " Your gpg binary does not support the TIGER192 checksum, "
2380 echo " and I cannot find an existing samhain binary to use instead."
2381 echo " You can:"
2382 echo " (a) run make to compile a samhain binary, then repeat"
2383 echo " ./configure and make"
2384 echo " (b) ignore the failure. The checksum of the gpg binary"
2385 echo " will not get compiled in, thus allowing an attacker"
2386 echo " to replace gpg with a trojan and subverting the gpg"
2387 echo " signature verification of configure and database files."
[57]2388 echo
2389 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
[1]2390 echo "-------------------------------------------------------------"
2391 fi
2392 else
2393 mychk="${mychk0}"
2394 fi
2395 else
[191]2396 AC_MSG_ERROR([--with-gpg: cannot find GnuPG PATH=${withval}])
[1]2397 fi
2398 fi
[550]2399 AC_DEFINE([WITH_SIG], 1, [Define if signature checking is supported.])
[1]2400 AC_DEFINE(WITH_GPG)
[550]2401 AC_DEFINE_UNQUOTED([DEFAULT_SIG_PATH], _("${mygpg}"), [Define as path to signing binary])
[1]2402 AC_SUBST(mygpg)
2403 fi
2404 ]
2405)
2406
[481]2407
2408
[191]2409AC_ARG_WITH(keyid,
2410 [ --with-keyid=KEYID specify KeyID (0x...) for GPG/PGP functions [[none]]],
2411 [
2412 if test "x${withval}" != "x"; then
2413 echo "${withval}" | awk '{if((length($0)==10)||(length($0)==18)){exit 2}else{exit 0}}' &&
2414 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2415 echo "${withval}" | grep ['[^0][^x][^0123456789ABCDEFabcdef]'] >/dev/null 2>&1 &&
2416 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2417 mykeyid="$withval"
2418 mykeytag="--default-key"
2419 else
2420 mykeyid=""
2421 mykeytag=""
2422 fi
2423 AC_SUBST(mykeyid)
2424 AC_SUBST(mykeytag)
2425 ]
2426)
2427
[1]2428AC_ARG_WITH(checksum,
[550]2429 [ --with-checksum=CHKSUM compile in checksum of signing binary (e.g. gpg) [[yes]]],
[1]2430 [
2431 if test "x${withval}" != "xno"; then
2432 if test "x${withval}" != "xyes"; then
2433 if test "x${mychk}" != "x"; then
2434 if test "x${mychk}" != "x${withval}"; then
[550]2435 AC_MSG_WARN([--with-checksum: possible signing binary CHKSUM problem])
[1]2436 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
2437 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
2438 fi
2439 fi
2440 mychk="${withval}"
2441 else
2442 if test "x${mychk}" = "x"; then
[550]2443 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the signing binary not specified.])
[1]2444 fi
2445 fi
[550]2446 AC_DEFINE([HAVE_SIG_CHECKSUM], 1, [Define if signing binary checksum available.])
2447 AC_DEFINE_UNQUOTED([SIG_HASH], _("${mychk}"), [Define as the signing binary TIGER192 checksum.] )
2448 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char sigchk[50];"; for (i=1; i <= m; i++) printf "sigchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "sigchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_sig_chksum.h
[1]2449 fi
2450 ],
2451 [
[550]2452 if test "x${mygpg}" != "x" || test "x${mysignify}" != "x"
2453 then
[1]2454 if test "x${mychk}" != "x"; then
[550]2455 AC_DEFINE([HAVE_SIG_CHECKSUM], 1, [Define if signing binary checksum available.])
2456 AC_DEFINE_UNQUOTED([SIG_HASH], _("${mychk}"), [Define as the signing binary TIGER192 checksum.] )
2457 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char sigchk[50];"; for (i=1; i <= m; i++) printf "sigchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "sigchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_sig_chksum.h
[1]2458 fi
2459 fi
2460 ]
2461)
2462
2463AC_ARG_WITH(fp,
2464 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
2465 [
2466 if test "x${withval}" != "xno"; then
2467 if test "x${withval}" != "xyes"; then
2468 withval0=`echo ${withval} | sed 's% %%g'`
2469 echo "${withval0}" | \
2470 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
[183]2471 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, there is an invalid character(s) in FINGERPRINT=${withval0}.])
[1]2472 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
2473 sh_len0=`expr ${sh_len} \- 1`
2474 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
2475 then
2476 myfp="${withval0}"
2477 AC_DEFINE(USE_FINGERPRINT)
2478 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
2479 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
2480 else
[183]2481 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, the length (${sh_len0}) of FINGERPRINT ${withval0} is incorrect.])
[1]2482 fi
2483 else
[183]2484 AC_MSG_ERROR([For option --with-fp=FINGERPRINT, FINGERPRINT=yes is invalid, please specify a valid key fingerprint.])
[1]2485 fi
2486 fi
2487 ])
2488
2489
2490dnl
2491dnl MAIL OPTIONS
2492dnl
2493
2494AC_ARG_WITH(recipient,
2495 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2496 [
2497 withval0=`echo ${withval} | sed 's%,% %g'`
2498 for sh_item in ${withval0}
2499 do
2500 case ${sh_item} in
[18]2501 *@localhost)
2502 ;;
[1]2503 *@*.*)
2504 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2505 if test "x${sh_tmp}" != "x1"
2506 then
[183]2507 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
[1]2508 fi
2509 ;;
2510 *)
[183]2511 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
[1]2512 ;;
2513 esac
2514 done
2515 myrcp="$withval0"
2516 ],
2517 [myrcp="NULL"])
2518AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2519
2520
2521AC_ARG_WITH(sender,
2522 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2523 [
2524 mysender="${withval}"
2525 ],
2526 [
2527 mysender="daemon"
2528 ])
2529AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2530
2531
2532dnl
2533dnl PATHS
2534dnl
2535
2536AC_ARG_WITH(trusted,
2537 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2538 [
2539 sh_tmp_test=no
2540 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2541 for sh_tmp1 in ${sh_tmp}
2542 do
2543 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
[183]2544 AC_MSG_ERROR([Option --with-trusted=UID used with non-numeric UID in ${withval}.])
[1]2545 if test "x${sh_tmp1}" = "x0"
2546 then
2547 sh_tmp_test=yes
2548 fi
2549 done
2550 if test "x${sh_tmp_test}" = "xno"
2551 then
2552 withval="0,${withval}"
2553 fi
2554 mytrust="${withval}"
2555 ],
2556 [mytrust="0"] )
2557AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2558AC_SUBST(mytrust)
2559
[302]2560mytmpdir=
2561
[1]2562AC_ARG_WITH(tmp-dir,
2563 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2564 [
2565 if test "x${cross_compiling}" = xyes; then
[302]2566 mytmpdir="$withval"
2567 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
[1]2568 else
2569 if test -d "${withval}"; then
[302]2570 mytmpdir="$withval"
2571 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
[1]2572 else
[302]2573 mytmpdir="$withval"
2574 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
[169]2575 AC_MSG_WARN([--with-tmp-dir: tmp directory ${withval} does not exist])
[1]2576 fi
2577 fi
2578 ]
2579)
2580
[302]2581AC_SUBST(mytmpdir)
2582
2583
[1]2584dnl
2585dnl PATH DEFAULTS
2586dnl
2587
2588if test "x${ac_prefix_set}" = xyes
2589then
2590 if test "x${exec_prefix}" = xNONE
2591 then
2592 exec_prefix="${prefix}"
2593 fi
2594
2595 if test "x${prefix}" = xOPT
2596 then
2597 tmp_sbindir="/opt/${install_name}/bin"
2598 tmp_sysconfdir="/etc/opt"
2599 tmp_mandir="/opt/${install_name}/man"
2600 tmp_localstatedir="/var/opt/${install_name}"
2601 elif test "x${prefix}" = xUSR
2602 then
2603 tmp_sbindir="/usr/sbin"
2604 tmp_sysconfdir="/etc"
2605 tmp_mandir="/usr/share/man"
2606 tmp_localstatedir="/var"
2607 else
2608 tmp_sbindir=`eval echo ${sbindir}`
2609 tmp_sysconfdir=`eval echo ${sysconfdir}`
2610 tmp_mandir=`eval echo ${mandir}`
2611 tmp_localstatedir=`eval echo ${localstatedir}`
2612 fi
2613else
2614 prefix=""
2615 if test "x${ac_exec_prefix_set}" = xyes
2616 then
2617 tmp_sbindir=`eval echo ${sbindir}`
2618 else
2619 tmp_sbindir="/usr/local/sbin"
2620 fi
2621 tmp_sysconfdir="/etc"
2622 # share/man -> man (FHS) 11.10.2002
2623 tmp_mandir="/usr/local/man"
2624 tmp_localstatedir="/var"
2625fi
2626
2627
2628if test "x${ac_sbindir_set}" = xyes
2629then
2630 :
2631else
2632 sbindir=`eval echo ${tmp_sbindir}`
2633fi
2634
2635
2636if test "x${ac_sysconfdir_set}" = xyes
2637then
2638 :
2639else
2640 sysconfdir=`eval echo ${tmp_sysconfdir}`
2641fi
2642
2643if test "x${ac_mandir_set}" = xyes
2644then
2645 :
2646else
2647 mandir=`eval echo ${tmp_mandir}`
2648fi
2649
2650if test "x${ac_localstatedir_set}" = xyes
2651then
2652 :
2653else
2654 localstatedir=`eval echo ${tmp_localstatedir}`
2655fi
2656
2657
2658
2659AC_ARG_WITH(config-file,
2660 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2661 [
2662 myconffile="${withval}"
2663 changequote(<<, >>)dnl
2664 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2665 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2666 myrpmconffile="${tmp}"
2667 changequote([, ])dnl
2668 ],
2669 [
2670 myconffile="${sysconfdir}/${install_name}rc"
2671 myrpmconffile="${myconffile}"
2672 ]
2673)
2674AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2675AC_SUBST(myconffile)
2676AC_SUBST(myrpmconffile)
2677
2678AC_ARG_WITH(log-file,
2679 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2680 [
2681 mylogfile="$withval"
2682 changequote(<<, >>)dnl
2683 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2684 changequote([, ])dnl
2685 ],
2686 [
2687 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2688 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2689 mylogdir="${localstatedir}/log/${install_name}"
2690 else
2691 mylogfile="${localstatedir}/log/${install_name}_log"
2692 mylogdir="${localstatedir}/log"
2693 fi
2694 ]
2695)
2696AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2697AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2698AC_SUBST(mylogfile)
2699AC_SUBST(mylogdir)
2700
2701AC_ARG_WITH(pid-file,
2702 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2703 [
2704 mylockfile="$withval"
2705 changequote(<<, >>)dnl
2706 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2707 changequote([, ])dnl
2708 ],
2709 [
[435]2710 if test -h /var/run && test -d /run; then
2711 mylockfile="/run/${install_name}.pid"
2712 mylockdir="/run"
2713 else
2714 mylockfile="${localstatedir}/run/${install_name}.pid"
2715 mylockdir="${localstatedir}/run"
2716 fi
[1]2717 ]
2718)
2719AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2720AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2721AC_SUBST(mylockfile)
2722AC_SUBST(mylockdir)
2723
2724AC_ARG_WITH(state-dir,
2725 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2726 [
2727 mydataroot="$withval"
2728 ],
2729 [
2730 mydataroot="${localstatedir}/lib/${install_name}"
2731 ]
2732 )
2733AC_ARG_WITH(data-file,
2734 [ --with-data-file=FILE set path of data file],
2735 [
2736 mydatafile="$withval"
2737 changequote(<<, >>)dnl
2738 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2739 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2740 myrpmdatafile="${tmp}"
2741 changequote([, ])dnl
2742 if test x"${tmp}" = x
2743 then
2744 echo "No local path in data file ${withval}"
2745 echo "This will not work for initializing the database."
2746 if test x"${withval}" = xREQ_FROM_SERVER
2747 then
2748 echo "It should be REQ_FROM_SERVER/some/local/path"
2749 fi
[183]2750 AC_MSG_ERROR([Option --with-data-file=FILE used with invalid path ${withval}.])
[1]2751 fi
2752 ],
2753 [
2754 mydatafile="${mydataroot}/${install_name}_file"
2755 myrpmdatafile="${mydatafile}"
2756 ])
2757AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2758AC_SUBST(mydatafile)
2759AC_SUBST(myrpmdatafile)
2760
2761AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2762AC_SUBST(mydataroot)
2763
2764AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2765AC_SUBST(myqdir)
2766
2767
2768AC_ARG_WITH(html-file,
2769 [ --with-html-file=FILE set path of html file,],
2770 [
2771 myhtmlfile="$withval"
2772 ],
2773 [
2774 myhtmlfile="${mylogdir}/${install_name}.html"
2775 ])
2776AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2777AC_SUBST(myhtmlfile)
2778
2779
2780mydefargs=$ac_configure_args
2781# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2782# then
2783# mydefargs="--enable-static $mydefargs"
2784# fi
2785if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2786then
2787 mydefargs="--enable-base=${mykeybase} $mydefargs"
2788fi
2789AC_SUBST(mydefargs)
2790
2791
2792AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2793AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2794AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2795
2796AC_CONFIG_HEADER(config.h)
2797
2798AC_OUTPUT(
2799[
2800Makefile
2801samhain-install.sh
2802init/samhain.startLSB
2803init/samhain.startLinux
[548]2804init/samhain.startSystemd
[1]2805init/samhain.startGentoo
2806init/samhain.startFreeBSD
2807init/samhain.startSolaris
2808init/samhain.startHPUX
2809init/samhain.startIRIX
[71]2810init/samhain.startMACOSX
[1]2811samhain.spec
2812rules.deb
2813rules.deb-light
2814hp_ux.psf
[412]2815scripts/logrotate
[1]2816scripts/samhain.spec
2817scripts/redhat_i386.client.spec
2818scripts/samhain.ebuild
2819scripts/samhain.ebuild-light
[550]2820scripts/samhainadmin-gpg.pl
2821scripts/samhainadmin-sig.pl
[121]2822scripts/yuleadmin.pl
[1]2823scripts/check_samhain.pl
2824deploy.sh
2825],
2826[
2827echo timestamp > stamp-h
2828chmod +x samhain-install.sh
[550]2829chmod +x scripts/samhainadmin-gpg.pl
2830chmod +x scripts/samhainadmin-sig.pl
[121]2831chmod +x scripts/yuleadmin.pl
[1]2832chmod +x scripts/check_samhain.pl
2833]
2834)
2835
2836chmod +x deploy.sh
2837
[550]2838if test "x${mysignify}" != x
2839then
2840 cp -a scripts/samhainadmin-sig.pl scripts/samhainadmin.pl
2841fi
2842if test "x${mygpg}" != x
2843then
2844 cp -a scripts/samhainadmin-gpg.pl scripts/samhainadmin.pl
2845fi
2846
2847
[1]2848if test "x${cross_compiling}" = xyes
2849then
2850
2851echo "--------------------------------------------------------------"
2852echo
2853echo "You are using a cross-compiler. The following system dependent"
2854echo "values may have been set to default values that may be"
2855echo "incorrect for your target system: "
2856echo
2857echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2858echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2859echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2860echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
[97]2861echo "ac_cv_sizeof_unsigned_int size of unsigned int ${ac_cv_sizeof_unsigned_int}"
[1]2862echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2863echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2864echo
2865echo "If these values are incorrect, change them in the file "
2866echo "config.cache and run configure again."
2867echo
2868echo "--------------------------------------------------------------"
2869
2870fi
2871
2872if test x${silent} != xyes
2873then
2874
2875 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2876 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2877 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2878 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2879 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2880 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2881
2882 echo
2883 echo " samhain has been configured as follows:"
2884 echo " System binaries: ${sbindir}"
2885 echo " Configuration file: ${myconffile}"
2886 echo " Manual pages: ${mandir}"
[481]2887 echo " Data directory: ${mydataroot}"
2888 echo " Database file: ${mydatafile}"
[1]2889 echo " PID file: ${mylockfile}"
2890 echo " Log file: ${mylogfile}"
2891 echo " Base key: ${mykeybase}"
[191]2892 if test x"$mykeyid" != x
2893 then
2894 echo " target GPG/PGP key: ${mykeyid}"
2895 fi
[1]2896 echo
2897 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2898 then
2899 echo " Selected rc file: yulerc"
2900 else
2901 echo " Selected rc file: samhainrc.${selectconfig}"
2902 fi
2903
2904fi
2905
Note: See TracBrowser for help on using the repository browser.