source: trunk/configure.ac@ 279

Last change on this file since 279 was 279, checked in by katerina, 14 years ago

Fix for tickets #200 to #206 (kernel check, login checks, bugfixes).
File size: 75.9 KB
Line 
1dnl We want to override the standard _AC_INIT_PARSE_ARGS
2dnl
3AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
4AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
5
6AC_INIT(src/samhain.c)
7
8
9AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
10
11dnl
12dnl start
13dnl
14AM_INIT_AUTOMAKE(samhain, 2.7.0)
15AC_DEFINE([SAMHAIN], 1, [Application is samhain])
16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
23if test "$host" != "$build"; then
24 AC_CHECK_PROGS(BUILD_CC, gcc cc)
25else
26 BUILD_CC=$CC
27fi
28AC_PROG_CPP
29AC_PROG_INSTALL
30AC_PROG_LN_S
31AC_PROG_AWK
32SH_PROG_LD
33AC_PATH_PROG(cmd_hostname,hostname)
34AC_SUBST(cmd_hostname)
35AC_SUBST(BUILD_CC)
36
37AC_HEADER_STDC
38dnl
39dnl first one is a dummy because of an autoconf bug
40dnl (no HAVE_... for first one)
41dnl
42AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
43
44
45AC_MSG_CHECKING([for OS specific issues])
46mydebugflag=no
47myneedg3=no
48uid_cast="signed long"
49selectconfig=linux
50mynetbsd=no
51sh_use_lcaps="undef"
52dnmalloc_ok=yes
53sh_use_pie=yes
54
55case "$host_os" in
56
57 *linux*)
58 sh_use_lcaps="yes"
59 AC_DEFINE(HOST_IS_LINUX)
60 AC_DEFINE(HAVE_EXT2_IOCTLS)
61 AC_MSG_RESULT([use ioctl to get e2fs flags])
62 case "$host_cpu" in
63 i*86*)
64 AC_DEFINE(HOST_IS_I86LINUX)
65 ;;
66 x86_64)
67 AC_DEFINE([HOST_IS_64LINUX], 1, [Define if host OS is 64bit Linux])
68 ;;
69 *)
70 ;;
71 esac
72 ;;
73
74 *osf*)
75 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
76 if test "x$GCC" != "xyes"; then
77 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
78 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
79 myneedg3=yes
80 AC_MSG_RESULT([compiler needs assume noaligned_objects])
81 else
82 AC_MSG_RESULT([none])
83 fi
84 ;;
85
86 *cygwin*)
87 AC_DEFINE(HOST_IS_CYGWIN)
88 dnmalloc_ok=no
89 AC_MSG_RESULT([no trusted paths and no dnmalloc])
90 ;;
91
92 *darwin*)
93 AC_DEFINE(HOST_IS_DARWIN)
94 dnmalloc_ok=no
95 AC_MSG_RESULT([check resource forks, no dnmalloc])
96 ;;
97
98 *freebsd7*)
99 AC_DEFINE(HOST_IS_FREEBSD)
100 selectconfig=freebsd
101 case "$host_cpu" in
102 amd64)
103 sh_use_pie=no
104 dnmalloc_ok=no
105 AC_MSG_RESULT([no dnmalloc and broken compiler toolchain])
106 ;;
107 *)
108 AC_MSG_RESULT([none])
109 ;;
110 esac
111 ;;
112
113 *freebsd*)
114 AC_DEFINE(HOST_IS_FREEBSD)
115 selectconfig=freebsd
116 AC_MSG_RESULT([none])
117 ;;
118
119 *openbsd*)
120 AC_DEFINE([HOST_IS_OPENBSD], 1, [Define if host OS is OPENBSD])
121 selectconfig=freebsd
122 dnmalloc_ok=no
123 AC_MSG_RESULT([dnmalloc does not work with pthreads])
124 ;;
125
126 *netbsd*)
127 mynetbsd=yes
128 selectconfig=netbsd
129 AC_MSG_RESULT([bug with libresolve])
130 ;;
131
132 *solaris*)
133 selectconfig=solaris
134 AC_DEFINE(HOST_IS_SOLARIS)
135 case "$host_cpu" in
136 i*86)
137 AC_DEFINE(HOST_IS_I86SOLARIS)
138 AC_MSG_RESULT([vsnprintf prototype])
139 ;;
140 *)
141 AC_MSG_RESULT([none])
142 ;;
143 esac
144 if test "x$GCC" != "xyes"; then
145 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
146 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
147 fi
148 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
149 CFLAGS="$CFLAGS -xO2"
150 fi
151 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
152 CFLAGS="$CFLAGS -Xa"
153 fi
154 LIBS="-lc $LIBS"
155 fi
156 ;;
157
158
159 *sun*)
160 selectconfig=solaris
161 AC_DEFINE(HOST_IS_SOLARIS)
162 AC_MSG_RESULT([none])
163 ;;
164
165 *aix*)
166 AC_DEFINE(HOST_IS_AIX)
167 selectconfig=aix5.2.0
168 uid_cast="unsigned long"
169 if test "x$GCC" != "xyes"; then
170 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
171 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
172 fi
173 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
174 CFLAGS="$CFLAGS -O3"
175 fi
176 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
177 CFLAGS="$CFLAGS -qstrict"
178 fi
179 AC_MSG_RESULT([AIX size_t in the accept call and optimize O3 qstrict])
180 else
181 AC_MSG_RESULT([AIX size_t in the accept call])
182 fi
183 ;;
184
185 *hpux*)
186 AC_MSG_RESULT([HPUX need _XOPEN_SOURCE_EXTENDED for h_errno])
187 AC_DEFINE(HOST_IS_HPUX)
188 if test "x$GCC" != "xyes"; then
189 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
190 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
191 fi
192 if test -z "`echo "$CFLAGS" | grep "\+O2" 2> /dev/null`"; then
193 CFLAGS="$CFLAGS +O2"
194 fi
195 fi
196 ;;
197
198 *ultrix*)
199 AC_MSG_RESULT([ULTRIX getcwd uses popen])
200 AC_DEFINE(HAVE_BROKEN_GETCWD)
201 ;;
202
203 *)
204 AC_MSG_RESULT([none])
205 ;;
206esac
207
208AC_SUBST(selectconfig)
209AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
210
211
212
213dnl *****************************************
214dnl
215dnl checks for header files
216dnl
217dnl *****************************************
218
219AC_HEADER_DIRENT
220AC_HEADER_MAJOR
221AC_HEADER_TIME
222dnl used in minilzo.c
223AC_HEADER_STAT
224AC_DECL_SYS_SIGLIST
225
226AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
227 sys/mman.h sys/param.h sys/inotify.h \
228 sys/vfs.h mntent.h \
229 sys/select.h sys/socket.h netinet/in.h \
230 regex.h glob.h \
231 linux/ext2_fs.h linux/fs.h ext2fs/ext2_fs.h asm/segment.h \
232 elf.h linux/elf.h \
233 paths.h arpa/nameser.h arpa/nameser_compat.h \
234 rpc/rpcent.h sys/statvfs.h,
235 [],
236 [],
237 [#include <sys/types.h>]
238)
239
240
241AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
242if test "x$sh_utmpx" = "xyes"; then
243 if cat "/usr/include/utmpx.h" 2>&5 |
244 egrep "WTMPX_FILE" >/dev/null 2>&1; then
245 AC_DEFINE(HAVE_UTMPX_H)
246 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
247 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
248 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
249 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
250 else
251 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
252 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
253 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
254 fi
255else
256 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
257 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
258fi
259
260dnl
261dnl figure out where acct.h lives
262dnl and whether fields are int/comp_t
263dnl
264dnl GNU Accounting Utilities
265dnl Copyright (C) 1993, 1996, 1997, 2003, 2005 Free Software Foundation, Inc.
266dnl The GNU Accounting Utilities are free software; you can redistribute
267dnl them and/or modify them under the terms of the GNU General Public
268dnl License as published by the Free Software Foundation; either version
269dnl 2, or (at your option) any later version.
270dnl
271AC_CHECK_HEADER(sys/acct.h,
272 AC_DEFINE(HAVE_SYS_ACCT_H, ,
273 [Define if you have the <sys/acct.h> header file.])
274 AC_HEADER_EGREP(ac_utime, sys/acct.h,
275 AC_DEFINE(HAVE_ACUTIME, ,
276 [Define if <sys/acct.h> has the AC_UTIME field.])
277 AC_HEADER_EGREP(comp_t.*ac_utime, sys/acct.h,
278 AC_DEFINE(ACUTIME_COMPT, ,
279 [Define if <sys/acct.h>'s AC_UTIME field is a COMP_T.]))
280 )
281 AC_HEADER_EGREP(ac_stime, sys/acct.h,
282 AC_DEFINE(HAVE_ACSTIME, ,
283 [Define if <sys/acct.h> has the AC_STIME field.])
284 AC_HEADER_EGREP(comp_t.*ac_stime, sys/acct.h,
285 AC_DEFINE(ACSTIME_COMPT, ,
286 [Define if <sys/acct.h>'s AC_STIME field is a COMP_T.]))
287 )
288 AC_HEADER_EGREP(ac_etime, sys/acct.h,
289 AC_DEFINE(HAVE_ACETIME, ,
290 [Define if <sys/acct.h> has the AC_ETIME field.])
291 AC_HEADER_EGREP(comp_t.*ac_etime, sys/acct.h,
292 AC_DEFINE(ACETIME_COMPT, ,
293 [Define if <sys/acct.h>'s AC_ETIME field is a COMP_T.]))
294 )
295 AC_HEADER_EGREP(ac_io, sys/acct.h,
296 AC_DEFINE(HAVE_ACIO, ,
297 [Define if <sys/acct.h> has the AC_IO field.])
298 AC_HEADER_EGREP(comp_t.*ac_io, sys/acct.h,
299 AC_DEFINE(ACIO_COMPT, ,
300 [Define if <sys/acct.h>'s AC_IO field is a COMP_T.]))
301 )
302 AC_HEADER_EGREP(ac_mem, sys/acct.h,
303 AC_DEFINE(HAVE_ACMEM, ,
304 [Define if <sys/acct.h> has the AC_MEM field.])
305 AC_HEADER_EGREP(comp_t.*ac_mem, sys/acct.h,
306 AC_DEFINE(ACMEM_COMPT, ,
307 [Define if <sys/acct.h>'s AC_MEM field is a COMP_T.]))
308 )
309 AC_HEADER_EGREP(ac_minflt, sys/acct.h,
310 AC_HEADER_EGREP(ac_majflt, sys/acct.h,
311 AC_HEADER_EGREP(ac_swaps, sys/acct.h,
312 AC_DEFINE(HAVE_PAGING, ,
313 [Define if <sys/acct.h> has the AC_MINFLT, AC_MAJFLT and AC_SWAPS fields.])
314 AC_HEADER_EGREP(comp_t.*ac_minflt, sys/acct.h,
315 AC_DEFINE(ACMINFLT_COMPT, ,
316 [Define if <sys/acct.h>'s AC_MINFLT field is a COMP_T.]))
317 AC_HEADER_EGREP(comp_t.*ac_mayflt, sys/acct.h,
318 AC_DEFINE(ACMAJFLT_COMPT, ,
319 [Define if <sys/acct.h>'s AC_MAJFLT field is a COMP_T.]))
320 AC_HEADER_EGREP(comp_t.*ac_swaps, sys/acct.h,
321 AC_DEFINE(ACSWAPS_COMPT, ,
322 [Define if <sys/acct.h>'s AC_SWAPS field is a COMP_T.]))
323 )
324 )
325 )
326 AC_HEADER_EGREP(comp_t, sys/acct.h, AC_DEFINE(HAVE_COMP_T, ,
327 [Define if <sys/acct.h> uses the COMP_T type.]))
328 AC_HEADER_EGREP([struct acct_v3], sys/acct.h, AC_DEFINE(HAVE_ACCT_V3, ,
329 [Define if <sys/acct.h> has struct acct_v3.]))
330 )
331
332
333dnl need to check because AIX 4.2 does not have it
334dnl
335AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
336#ifdef HAVE_SYS_TYPES_H
337#include <sys/types.h>
338#endif
339#ifdef HAVE_SYS_STAT_H
340#include <sys/stat.h>
341#endif
342#ifdef HAVE_SYS_VFS_H
343#include <sys/vfs.h>
344#endif
345#ifdef HAVE_UNISTD_H
346#include <unistd.h>
347#endif
348])
349
350AC_SYS_LARGEFILE
351
352dnl
353dnl check whether _POSIX_SOURCE is required
354dnl
355SAMHAIN_POSIX
356
357
358dnl *****************************************
359dnl
360dnl Checks for library functions.
361dnl
362dnl *****************************************
363AC_FUNC_STRFTIME
364AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
365 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
366 seteuid setreuid setresuid lstat getwd getcwd ptrace \
367 usleep setpriority getpeereid nanosleep \
368 strptime basename sched_yield hasmntopt \
369 inet_aton gethostbyname setutent setrlimit gethostname uname \
370 initgroups getpagesize \
371 ttyname fchmod writev mmap tzset \
372 getsid getpriority getpgid statvfs \
373 strerror_r getgrgid_r getpwnam_r getpwuid_r \
374 gmtime_r localtime_r rand_r readdir_r strtok_r \
375 mincore posix_fadvise inotify_init1
376)
377AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
378SL_CHECK_VA_COPY
379AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
380AC_CHECK_MLOCK
381SH_STRFTIME_Z
382
383AC_MSG_CHECKING(how to get filesystem type)
384fstype=no
385# The order of these tests is important.
386AC_TRY_CPP([#include <sys/statvfs.h>
387#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
388if test $fstype = no; then
389AC_TRY_CPP([#include <sys/statfs.h>
390#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
391fi
392if test $fstype = no; then
393AC_TRY_CPP([#include <sys/statfs.h>
394#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
395fi
396if test $fstype = no; then
397AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
398fi
399if test $fstype = no; then
400AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
401fi
402if test $fstype = no; then
403AC_TRY_CPP([#include <sys/mount.h>
404#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
405fi
406AC_MSG_RESULT($fstype)
407
408sh_libsocket=
409
410dnl Solaris needs -lsocket and -lnsl. Unisys system includes
411dnl gethostbyname in libsocket but needs libnsl for socket.
412AC_CHECK_LIB(nsl, gethostbyname)
413AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
414if test x$ac_need_libsocket = x1; then
415 LIBS="$LIBS -lsocket"
416 sh_libsocket="-lsocket"
417fi
418if test x$ac_try_nsl = x1; then
419 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
420 if test x$ac_need_libnsl = x1
421 then
422 LIBS="$LIBS -lnsl"
423 fi
424fi
425AC_SUBST(sh_libsocket)
426
427AC_CHECK_LIB(socket, res_search, [
428 AC_CHECK_LIB(resolv, dn_skipname)
429 AC_CHECK_LIB(resolv, __dn_skipname)
430 if test x$ac_need_libsocket = x1; then
431 :
432 else
433 LIBS="$LIBS -lsocket"
434 fi
435 ], [
436 AC_CHECK_LIB(resolv, res_search, [
437 LIBS="$LIBS -lresolv"
438 ], [
439 AC_CHECK_LIB(resolv, dn_skipname)
440 AC_CHECK_LIB(resolv, __dn_skipname)
441 ])
442 ])
443
444dnl arguments for accept
445
446dnl check for Unix98 socklen_t (found on
447dnl xemacs-patches mailing list, written
448dnl by Martin Buchholz)
449dnl
450dnl On Darwin(MacOSX) socklen_t needs to be
451dnl an int (see accept man page), on all other
452dnl unix systems we need a size_t.
453
454AC_MSG_CHECKING(for socklen_t)
455AC_TRY_COMPILE([
456#ifdef HAVE_SYS_TYPES_H
457#include <sys/types.h>
458#endif
459#ifdef HAVE_SYS_SOCKET_H
460#include <sys/socket.h>
461#endif
462 socklen_t x;
463], [],[
464 AC_MSG_RESULT(yes)
465 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
466 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
467],[
468 AC_TRY_COMPILE([
469#ifdef HAVE_SYS_TYPES_H
470#include <sys/types.h>
471#endif
472#ifdef HAVE_SYS_SOCKET_H
473#include <sys/socket.h>
474#endif
475 int accept (int, struct sockaddr *, size_t *);
476 ],[],[
477 AC_MSG_RESULT(size_t)
478 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
479 ], [
480 AC_MSG_RESULT(int)
481 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
482 ]
483 )
484])
485
486dnl *****************************************
487dnl checks for extended attribute or ACL
488dnl support
489dnl *****************************************
490
491sh_CHECK_XATTR
492sh_CHECK_POSIX_ACL
493
494dnl *****************************************
495dnl checks for typedefs
496dnl *****************************************
497
498AC_C_LONG_DOUBLE
499SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
500SH_CHECK_TYPEDEF(uint16_t, HAVE_UINT16_T)
501SH_CHECK_TYPEDEF(uint64_t, HAVE_UINT64_T)
502if test "$sh_HAVE_LONG_LONG" = "yes"; then
503 AC_CHECK_SIZEOF(unsigned long long, 4)
504 sh_sizeof_unsigned_long_long=`echo "$ac_cv_sizeof_unsigned_long_long" | sed 's%[^0-9]%%g'`
505 if test "$sh_sizeof_unsigned_long_long" = "8"; then
506 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
507 fi
508fi
509
510AC_CHECK_TYPE(ptrdiff_t, long)
511AC_TYPE_SIZE_T
512AC_CHECK_SIZEOF(char *, 4)
513AC_CHECK_SIZEOF(size_t, 4)
514
515AC_CHECK_SIZEOF(unsigned long, 4)
516AC_CHECK_SIZEOF(unsigned int, 4)
517AC_CHECK_SIZEOF(unsigned short, 2)
518
519
520sh_sizeof_unsigned_long=`echo "$ac_cv_sizeof_unsigned_long" | sed 's%[^0-9]%%g'`
521if test "$sh_sizeof_unsigned_long" = "4"; then
522 AC_DEFINE(HAVE_LONG_32)
523fi
524if test "$sh_sizeof_unsigned_long" = "8"; then
525 AC_DEFINE(HAVE_LONG_64)
526fi
527sh_sizeof_unsigned_int=`echo "$ac_cv_sizeof_unsigned_int" | sed 's%[^0-9]%%g'`
528if test "$sh_sizeof_unsigned_int" = "4"; then
529 AC_DEFINE(HAVE_INT_32)
530fi
531sh_sizeof_unsigned_short=`echo "$ac_cv_sizeof_unsigned_short" | sed 's%[^0-9]%%g'`
532if test "$sh_sizeof_unsigned_short" = "4"; then
533 AC_DEFINE(HAVE_SHORT_32)
534fi
535
536dnl
537dnl check for 64 bit programming environment
538dnl
539SAMHAIN_64
540
541
542dnl *****************************************
543dnl checks for structures
544dnl *****************************************
545
546AC_STRUCT_TM
547
548dnl
549dnl from e2fsprogs
550dnl
551AC_MSG_CHECKING(whether struct stat has a st_flags field)
552AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
553 AC_TRY_COMPILE([#include <sys/stat.h>],
554 [struct stat stat; stat.st_flags = 0;],
555 [e2fsprogs_cv_struct_st_flags=yes],
556 [e2fsprogs_cv_struct_st_flags=no]))
557AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
558if test "$e2fsprogs_cv_struct_st_flags" = yes; then
559 AC_MSG_CHECKING(whether st_flags field is useful)
560 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
561 AC_TRY_COMPILE([#include <sys/stat.h>],
562 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
563 [e2fsprogs_cv_struct_st_flags_immut=yes],
564 [e2fsprogs_cv_struct_st_flags_immut=no]))
565 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
566 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
567 AC_DEFINE(HAVE_STAT_FLAGS)
568 fi
569fi
570
571dnl
572dnl from dbus
573dnl
574AC_MSG_CHECKING(for struct cmsgcred)
575AC_TRY_COMPILE([
576#include <sys/types.h>
577#include <sys/socket.h>
578],[
579struct cmsgcred cred;
580
581cred.cmcred_pid = 0;
582],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
583AC_MSG_RESULT($sh_have_struct_cmsgcred)
584
585if test x$sh_have_struct_cmsgcred = xyes; then
586 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
587fi
588
589AC_MSG_CHECKING(for struct fcred)
590AC_TRY_COMPILE([
591#include <sys/param.h>
592#include <sys/socket.h>
593#include <sys/ucred.h>
594],[
595struct fcred sockcred;
596],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
597AC_MSG_RESULT($sh_have_struct_fcred)
598
599if test x$sh_have_struct_fcred = xyes; then
600 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
601fi
602
603AC_MSG_CHECKING(for struct sockcred)
604AC_TRY_COMPILE([
605#include <sys/param.h>
606#include <sys/socket.h>
607#include <sys/ucred.h>
608],[
609struct sockcred sockcred;
610],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
611AC_MSG_RESULT($sh_have_struct_sockcred)
612
613if test x$sh_have_struct_sockcred = xyes; then
614 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
615fi
616
617AC_MSG_CHECKING(for SO_PEERCRED)
618AC_TRY_COMPILE([
619#include <sys/types.h>
620#include <sys/socket.h>
621],[
622int test = SO_PEERCRED;
623],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
624AC_MSG_RESULT($sh_have_SO_PEERCRED)
625
626if test x$sh_have_SO_PEERCRED = xyes; then
627 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
628fi
629
630
631dnl *****************************************
632dnl checks for compiler characteristics
633dnl *****************************************
634AC_C_INLINE
635AC_C_CONST
636AC_C_BIGENDIAN
637AC_C_RESTRICT
638
639AM_SA_SIGACTION_WORKS
640
641AC_ARG_ENABLE(ssp,
642 [ --disable-ssp disable the GCC stack protector],
643 [],
644 [enable_ssp=yes;]
645)
646
647if test "x$GCC" = "xyes"; then
648
649 if test x"${enable_ssp}" = xno; then
650 :
651 else
652 GCC_STACK_PROTECT_LIB
653 GCC_STACK_PROTECT_CC
654dnl GCC_STACK_CHECK_CC
655 GCC_PIE_CC
656 fi
657
658fi
659
660dnl *****************************************
661dnl
662dnl checks for system services
663dnl
664dnl *****************************************
665
666dnl
667dnl check for /proc filesystem
668dnl
669if test -d "/proc/$$"
670then
671 AC_DEFINE([HAVE_PROCFS],[1],[Define if you have a proc fs])
672fi
673
674dnl
675dnl check for GNU gmp
676dnl
677AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
678if test "x${sh_have_gmp}" = xno
679then
680 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
681fi
682if test "x${sh_have_gmp}" = xyes
683then
684 # LIBS="-lgmp $LIBS"
685 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
686fi
687AC_CHECK_HEADERS(gmp.h)
688
689AC_MSG_CHECKING([for ps])
690PS=
691for ff in /usr/ucb /bin /usr/bin; do
692 if test -x "$ff/ps"; then
693 PS="$ff/ps"
694 AC_MSG_RESULT([$PS])
695 break
696 fi
697done
698if test x$PS = x
699then
700 AC_MSG_RESULT([no])
701 AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
702fi
703AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
704
705AC_MSG_CHECKING([how to use ps])
706$PS ax >/dev/null 2>&1
707if test $? -eq 0; then
708 case "$host_os" in
709 *openbsd*)
710 one=`$PS akx | wc -l`
711 ;;
712 *)
713 one=`$PS ax | wc -l`
714 ;;
715 esac
716else
717 one=0
718fi
719$PS -e >/dev/null 2>&1
720if test $? -eq 0; then
721 two=`$PS -e | wc -l`
722else
723 two=0
724fi
725if test $one -ge $two
726then
727 case "$host_os" in
728 *openbsd*)
729 PSARG="akx"
730 ;;
731 *)
732 PSARG="ax"
733 ;;
734 esac
735else
736 PSARG="-e"
737fi
738AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
739AC_MSG_RESULT([$PS $PSARG])
740
741dnl *****************************************
742dnl
743dnl enable features
744dnl
745dnl *****************************************
746
747AC_ARG_ENABLE(db-reload,
748 [ --enable-db-reload enable database reload on SIGHUP [[no]]],
749 [
750 if test "x${enable_db_reload}" = xyes; then
751 AC_DEFINE(RELOAD_DATABASE)
752 fi
753 ]
754)
755
756AC_ARG_ENABLE(xml-log,
757 [ --enable-xml-log enable XML logfile format [[no]]],
758 [
759 if test "x${enable_xml_log}" = xyes; then
760 AC_DEFINE(SH_USE_XML)
761 fi
762 ]
763)
764
765
766AC_ARG_ENABLE(mail,
767 [ --disable-mail disable the internal SMTP mailer],
768 [
769 if test "x${enable_mail}" = xno; then
770 :
771 else
772 AC_DEFINE(SH_WITH_MAIL)
773 fi
774 ],
775 [AC_DEFINE(SH_WITH_MAIL)]
776)
777
778AC_ARG_ENABLE(external-scripts,
779 [ --disable-external-scripts disable interface to external scripts],
780 [
781 if test "x${enableval}" = xno; then
782 :
783 else
784 AC_DEFINE(WITH_EXTERNAL)
785 fi
786 ],
787 [AC_DEFINE(WITH_EXTERNAL)]
788)
789
790AC_ARG_ENABLE(message-queue,
791 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
792 [
793 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
794 if test "x${enable_message_queue}" = xyes; then
795 AC_DEFINE(WITH_MESSAGE_QUEUE)
796 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
797 elif test "x${enable_message_queue}" != xno; then
798 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
799 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be numeric])
800 echo "${enableval}" | \
801 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
802 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be an octal (0nnn) number])
803 AC_DEFINE(WITH_MESSAGE_QUEUE)
804 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
805 fi
806 else
807 echo
808 echo "**********************************************"
809 echo
810 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
811 echo
812 echo "**********************************************"
813 echo
814 fi
815 ]
816)
817
818AC_ARG_WITH(cflags,
819 [ --with-cflags additional flags to pass to compiler],
820 [
821 if test "x$withval" != "xno" ; then
822 CFLAGS="$CFLAGS $withval"
823 fi
824 ]
825)
826AC_ARG_WITH(libs,
827 [ --with-libs additional libraries to link with],
828 [
829 if test "x$withval" != "xno" ; then
830 LIBS="$LIBS $withval"
831 fi
832 ]
833)
834
835
836#
837# this is from ssh
838#
839AC_MSG_CHECKING(whether to use libwrap)
840LIBWRAP_LIB=""
841LIBWRAP_INC=""
842AC_ARG_WITH(libwrap,
843[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
844[ AC_MSG_RESULT($withval)
845 case "$withval" in
846 no)
847 ;;
848 ""|yes)
849 LIBWRAP_LIB="-lwrap"
850 ;;
851 *)
852 if test -d "$withval"; then
853 LIBWRAP_LIB="-L$withval -lwrap"
854 changequote(<<, >>)dnl
855 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
856 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
857 changequote([, ])dnl
858 else
859 LIBWRAP_LIB="-lwrap"
860 changequote(<<, >>)dnl
861 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
862 LIBWRAP_INC="-I${sh_libwrap_inc}"
863 changequote([, ])dnl
864 fi
865 ;;
866 esac
867 if test -n "$LIBWRAP_LIB"; then
868 # OLDLIBS="$LIBS"
869 LIBS="$LIBWRAP_LIB $LIBS"
870 # OLDCFLAGS="$CFLAGS"
871 CFLAGS="$CFLAGS $LIBWRAP_INC"
872 AC_CHECK_HEADER(tcpd.h,
873 [],
874 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You need to install tcp_wrappers.]) ])
875 AC_TRY_LINK([ #include <tcpd.h>
876 int allow_severity; int deny_severity; ],
877 [ hosts_access((struct request_info *) 0); ],
878 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
879 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
880 fi ],
881 AC_MSG_RESULT(no)
882)
883
884
885dnl
886dnl NETWORK OPTIONS
887dnl
888AC_ARG_ENABLE(network,
889 [ --enable-network=[[client|server]] compile client or server [[no]]],
890 [
891 if test "x$enable_network" = xclient; then
892 mytclient="-DSH_WITH_CLIENT"
893 yulectl_prg=
894 setpwd_prg="samhain_setpwd"
895 sh_main_prg="samhain"
896 if test "x${sh_have_gmp}" = xyes
897 then
898 LIBS="-lgmp $LIBS"
899 fi
900dnl AC_CHECK_HEADER(sys/capability.h,
901dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
902dnl [sh_use_lcaps="no"])
903 elif test "x$enable_network" = xserver; then
904 mytclient="-DSH_WITH_SERVER"
905 yulectl_prg="yulectl"
906 setpwd_prg="samhain_setpwd"
907 sh_main_prg="yule"
908 if test "x${sh_have_gmp}" = xyes
909 then
910 LIBS="-lgmp $LIBS"
911 fi
912 sh_use_lcaps="undef"
913 elif test "x$enable_network" = xno; then
914 mytclient="-DSH_STANDALONE"
915 yulectl_prg=
916 setpwd_prg=
917 sh_main_prg="samhain"
918dnl AC_CHECK_HEADER(sys/capability.h,
919dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
920dnl [sh_use_lcaps="no"])
921 else
922 AC_MSG_ERROR([With --enable-network=WHAT, WHAT must be client, server, or no])
923 fi
924 ],
925 [
926 mytclient="-DSH_STANDALONE"
927 setpwd_prg=
928 yulectl_prg=
929 sh_main_prg="samhain"
930dnl AC_CHECK_HEADER(sys/capability.h,
931dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
932dnl [sh_use_lcaps="no"])
933 ],
934)
935
936AC_SUBST(setpwd_prg)
937AC_SUBST(yulectl_prg)
938AC_SUBST(sh_main_prg)
939AC_SUBST(mytclient)
940
941# needed for the rpm spec
942clmytclient=`echo ${mytclient} | sed s%\-%%`
943AC_SUBST(clmytclient)
944
945sh_no_gcc_static=no
946
947AC_ARG_ENABLE(static,
948 [ --enable-static enable static linking [[no]]],
949 [
950 if test x$enable_static = xyes; then
951 if test x"$mynetbsd" = xyes
952 then
953 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
954 LIBS="${tmp_LIBS}"
955 fi
956 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
957 if test "x$GCC" = "xyes"; then
958 sh_no_gcc_static=no
959 LDFLAGS="$LDFLAGS -static"
960 else
961 sh_no_gcc_static=yes
962 case "$host_os" in
963
964 *aix*)
965 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
966 ;;
967
968 *hpux*)
969 LDFLAGS="$LDFLAGS -Wl,-a,archive"
970 ;;
971
972 *osf*)
973 LDFLAGS="$LDFLAGS -non_shared"
974 ;;
975
976 *irix*)
977 LDFLAGS="$LDFLAGS -non_shared"
978 ;;
979
980 *sco*)
981 LDFLAGS="$LDFLAGS -dn"
982 ;;
983
984 *sun*)
985 LDFLAGS="$LDFLAGS -Bstatic"
986 ;;
987
988 *solaris*)
989 LDFLAGS="$LDFLAGS -Bstatic"
990 ;;
991
992 *)
993 echo "***********************************************"
994 echo "*"
995 echo "* Don't know how to enable static linking"
996 echo "* with your compiler. Please set the environment"
997 echo "* variable LDFLAGS to:"
998 echo "* ${LDFLAGS} + the static linking flag"
999 echo "* and run configure again"
1000 echo "*"
1001 echo "***********************************************"
1002 ;;
1003
1004 esac
1005 fi
1006 fi
1007 ]
1008)
1009
1010if test x"${mytclient}" = x-DSH_STANDALONE -o x"${mytclient}" = x-DSH_WITH_CLIENT;
1011then
1012dnl For threaded modules
1013 ACX_PTHREAD
1014 CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
1015 LIBS="$PTHREAD_LIBS $LIBS"
1016 LDFLAGS="$PTHREAD_CFLAGS $LDFLAGS"
1017 CC="$PTHREAD_CC"
1018dnl For MODI_TXT
1019 CHECK_ZLIB()
1020fi
1021
1022if test x$enable_static = xyes; then
1023 :
1024else
1025 if test x$sh_use_pie = xyes; then
1026 LDFLAGS="$LDFLAGS $PIE_LDFLAGS"
1027 CFLAGS="$CFLAGS $PIE_CFLAGS"
1028 fi
1029fi
1030
1031
1032#
1033# this is from the snort configure.in
1034#
1035AC_DEFUN(FAIL_MESSAGE,[
1036 echo
1037 echo
1038 echo "**********************************************"
1039 echo " ERROR: unable to find" $1
1040 echo " checked in the following places"
1041 for i in `echo $2`; do
1042 echo " $i"
1043 done
1044 echo "**********************************************"
1045 echo
1046 exit
1047])
1048
1049AC_ARG_WITH(libprelude-prefix,
1050 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
1051 libprelude_config_prefix="$withval", libprelude_config_prefix="")
1052
1053AC_MSG_CHECKING(whether to use prelude)
1054AC_ARG_WITH(prelude,
1055 [ --with-prelude Prelude IDS support [[no]]],
1056 [
1057 if test "x${withval}" = "xno"; then
1058 AC_MSG_RESULT(no)
1059 else
1060 AC_MSG_RESULT(yes)
1061 if test x$libprelude_config_prefix != x ; then
1062 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
1063 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
1064 fi
1065 fi
1066
1067 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
1068 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
1069 HAVE_PRELUDE_CONFIG=no
1070 else
1071 HAVE_PRELUDE_CONFIG=yes
1072 fi
1073dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
1074 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
1075 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
1076 case "$sh_libprelude_version" in
1077 0.8*)
1078 AC_MSG_ERROR([You have Libprelude 0.8, which is too old. Version 0.9.6 or higher is required.])
1079 ;;
1080 *)
1081 AM_PATH_LIBPRELUDE([0.9.6],
1082 [
1083 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
1084 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
1085 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
1086 LIBS="$LIBS $LIBPRELUDE_LIBS"
1087 ],
1088 [
1089 AC_MSG_ERROR([Could not find libprelude (if you are using --enable-static, the static library libprelude.a might be missing).])
1090 ])
1091 ;;
1092 esac
1093 else
1094 AC_MSG_ERROR([Could not find libprelude-config.])
1095 fi
1096 fi
1097 ],
1098 [
1099 AC_MSG_RESULT(no)
1100 ]
1101)
1102
1103#
1104# partly based on the snort configure.in
1105#
1106AC_ARG_WITH(database,
1107 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
1108 [
1109 if test x"$enable_xml_log" != xyes; then
1110 AC_MSG_ERROR([With --with-database, --enable-xml-log is required as well.])
1111 fi
1112 if test "x${withval}" = "xmysql"; then
1113 if test "x$zlib_found" = "x"
1114 then
1115 CHECK_ZLIB()
1116 fi
1117 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
1118 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
1119 sh_mysql_libs="`mysql_config --libs`"
1120 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
1121 LIBS="$LIBS ${sh_mysql_libs}"
1122 sh_mysql_cflags="`mysql_config --cflags`"
1123 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
1124 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
1125 else
1126 AC_MSG_CHECKING([for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME])
1127 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
1128
1129 for i in $mysql_directory; do
1130 if test -r $i/include/mysql/mysql.h; then
1131 MYSQL_DIR=$i
1132 MYSQL_INC_DIR=$i/include
1133 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
1134 fi
1135 done
1136 if test -z "$MYSQL_DIR"; then
1137 for i in $mysql_directory; do
1138 if test -r $i/include/mysql.h; then
1139 MYSQL_DIR=$i
1140 MYSQL_INC_DIR=$i/include
1141 fi
1142 done
1143 fi
1144
1145 if test -z "$MYSQL_DIR"; then
1146 tmp=""
1147 for i in $mysql_directory; do
1148 tmp="$tmp $i/include $i/include/mysql"
1149 done
1150 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
1151 fi
1152
1153 for i in lib lib/mysql; do
1154 str="$MYSQL_DIR/$i/libmysqlclient.*"
1155 for j in `echo $str`; do
1156 if test -r $j; then
1157 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
1158 break 2
1159 fi
1160 done
1161 done
1162
1163 if test -z "$MYSQL_LIB_DIR"; then
1164 for ff in $mysql_directory; do
1165 for i in lib lib/mysql; do
1166 str="$ff/$i/libmysqlclient.*"
1167 for j in `echo $str`; do
1168 if test -r $j; then
1169 MYSQL_LIB_DIR="$ff/$i"
1170 break 3
1171 fi
1172 done
1173 done
1174 done
1175 fi
1176
1177 if test -z "$MYSQL_LIB_DIR"; then
1178 tmp=""
1179 for i in $mysql_directory; do
1180 tmp="$i/lib $i/lib/mysql"
1181 done
1182 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
1183 fi
1184
1185 AC_MSG_RESULT(yes)
1186 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
1187 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
1188 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
1189 fi
1190 AC_DEFINE(WITH_MYSQL)
1191 AC_DEFINE(WITH_DATABASE)
1192 if test "x$zlib_found" = "xyes"
1193 then
1194 LIBS="$LIBS -lz -lm"
1195 else
1196 echo
1197
1198 echo " Mysql library was not found or not useable."
1199 echo " Possible reasons include:"
1200 echo " - an old, incompatible version compiled from source"
1201 echo " - on Solaris, libmysql is compiled with the Solaris"
1202 echo " compiler, thus the mysql_config script provides"
1203 echo " compiler options unsuitable for gcc (move"
1204 echo " mysql_config out of your PATH)"
1205 echo " For other problems, check config.log for the error"
1206 echo " message from the compiler."
1207 echo
1208 echo " If your mysql libraries are installed in an"
1209 echo " unusual place, use --with-libs=-L/path/to/libdirectory"
1210 echo " where libdirectory is the directory holding libmysql."
1211 if test x"$enable_static" = xyes; then
1212 echo " Note that for compiling a static binary, you need"
1213 echo " the static libraries, rather than the shared ones."
1214 fi
1215 echo
1216 AC_MSG_ERROR([Could not find libmysql, or it is not useable.])
1217 fi
1218 AC_CHECK_HEADERS(mysql/mysql.h)
1219 elif test "x${withval}" = "xpostgresql"; then
1220 AC_DEFINE(WITH_POSTGRES)
1221 AC_DEFINE(WITH_DATABASE)
1222 #
1223 PGCONF="no"
1224 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
1225 OLD_IFS="$IFS"
1226 IFS=":"
1227 for ff in ${MY_PATH}
1228 do
1229 if test -f "$ff/pg_config"
1230 then
1231 PGCONF="$ff/pg_config"
1232 fi
1233 done
1234 IFS="${OLD_IFS}"
1235 #
1236 #
1237 if test "x${PGCONF}" = "xno"
1238 then
1239 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1240 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1241 for i in $pgsql_directory; do
1242 if test -r $i/include/pgsql/libpq-fe.h; then
1243 PGSQL_INC_DIR=$i/include
1244 PGSQL_DIR=$i
1245 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1246 fi
1247 done
1248 if test -z "$PGSQL_DIR"; then
1249 for i in $pgsql_directory; do
1250 if test -r $i/include/postgresql/libpq-fe.h; then
1251 PGSQL_INC_DIR=$i/include
1252 PGSQL_DIR=$i
1253 fi
1254 done
1255 fi
1256 if test -z "$PGSQL_DIR"; then
1257 for i in $pgsql_directory; do
1258 if test -r $i/include/libpq-fe.h; then
1259 PGSQL_INC_DIR=$i/include
1260 PGSQL_DIR=$i
1261 fi
1262 done
1263 fi
1264
1265 if test -z "$PGSQL_DIR"; then
1266 tmp=""
1267 for i in $pgsql_directory; do
1268 tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
1269 done
1270 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1271 fi
1272
1273 for i in lib lib/pgsql lib/postgresql; do
1274 str="$PGSQL_DIR/$i/libpq.*"
1275 for j in `echo $str`; do
1276 if test -r $j; then
1277 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1278 break 2
1279 fi
1280 done
1281 done
1282
1283 if test -z "$PGSQL_LIB_DIR"; then
1284 for ff in $pgsql_directory; do
1285 for i in lib lib/pgsql lib/postgresql; do
1286 str="$ff/$i/libpq.*"
1287 for j in `echo $str`; do
1288 if test -r $j; then
1289 PGSQL_LIB_DIR="$ff/$i"
1290 break 3
1291 fi
1292 done
1293 done
1294 done
1295 fi
1296
1297 if test -z "$PGSQL_LIB_DIR"; then
1298 tmp=""
1299 for i in $pgsql_directory; do
1300 tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
1301 done
1302 FAIL_MESSAGE("postgresql library libpq", $tmp)
1303 fi
1304
1305 AC_MSG_RESULT(yes)
1306
1307 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1308 if test x"$enable_static" = xyes; then
1309 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1310 else
1311 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1312 fi
1313 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1314 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1315 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1316 AC_CHECK_HEADERS(postgresql/libpq-fe.h)
1317 else
1318 pg_lib_dir=`${PGCONF} --libdir`
1319 if test x"$enable_static" = xyes; then
1320 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1321 else
1322 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1323 fi
1324 pg_inc_dir=`${PGCONF} --includedir`
1325 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1326 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1327 fi
1328 elif test "x${withval}" = "xodbc"; then
1329 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1330 odbc_directory="/usr /usr/local"
1331
1332 for i in $odbc_directory; do
1333 if test -r $i/include/sql.h; then
1334 if test -r $i/include/sqlext.h; then
1335 if test -r $i/include/sqltypes.h; then
1336 ODBC_DIR=$i
1337 ODBC_INC_DIR=$i/include
1338 fi
1339 fi
1340 fi
1341 done
1342
1343 if test -z "$ODBC_DIR"; then
1344 tmp=""
1345 for i in $odbc_directory; do
1346 tmp="$tmp $i/include"
1347 done
1348 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1349 fi
1350
1351 str="$ODBC_DIR/lib/libodbc.*"
1352 for j in `echo $str`; do
1353 if test -r $j; then
1354 ODBC_LIB_DIR="$ODBC_DIR/lib"
1355 ODBC_LIB="odbc"
1356 fi
1357 done
1358
1359 if test -z "$ODBC_LIB_DIR"; then
1360 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1361 fi
1362
1363 AC_MSG_RESULT(yes)
1364 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1365 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1366 AC_DEFINE(WITH_ODBC)
1367 AC_DEFINE(WITH_DATABASE)
1368
1369 elif test "x${withval}" = "xoracle"; then
1370 AC_MSG_CHECKING(for oracle in /usr /usr/local ORACLE_HOME)
1371 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1372 for i in $oracle_directory; do
1373 if test -r $i/rdbms/demo/oci.h; then
1374 ORACLE_DIR=$i
1375 fi
1376 done
1377
1378 if test -z "$ORACLE_DIR"; then
1379 tmp=""
1380 for i in $oracle_directory; do
1381 tmp="$tmp $i/rdbms/demo"
1382 done
1383 FAIL_MESSAGE("OCI header file (oci.h)", $tmp)
1384 else
1385 for i in rdbms/demo rdbms/public network/public; do
1386 ORACLE_CPP_FLAGS="$ORACLE_CPP_FLAGS -I$ORACLE_DIR/$i"
1387 done
1388 ORACLE_LIB_DIR="$ORACLE_DIR/lib"
1389 AC_MSG_RESULT(yes)
1390
1391 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1392
1393 ORACLE_LIBS="-lclntsh"
1394 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1395 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1396 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1397 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1398 fi
1399 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1400 if test "x$GCC" != "xyes"; then
1401 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1402 fi
1403 fi
1404 AC_DEFINE(WITH_ORACLE)
1405 AC_DEFINE(WITH_DATABASE)
1406
1407 else
1408 AC_MSG_ERROR([Option --with-database=database used with unsupported database ${withval}])
1409 fi
1410 ]
1411)
1412
1413AC_ARG_WITH(console,
1414 [ --with-console=PATH set path to console device [[/dev/console]]],
1415 [
1416 if test "x${withval}" != xno; then
1417 mycons="$withval"
1418 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1419 fi
1420 ])
1421
1422AC_ARG_WITH(altconsole,
1423 [ --with-altconsole=PATH set path to second console device [[none]]],
1424 [
1425 if test "x${withval}" != xno; then
1426 myaltcons="$withval"
1427 else
1428 myaltcons="NULL"
1429 fi
1430 ],
1431 [myaltcons="NULL"])
1432AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1433
1434AC_ARG_WITH(timeserver,
1435 [ --with-timeserver=HOST set host address for time server [[none]]],
1436 [
1437 if test "x${withval}" != xno; then
1438 mytimeserv="$withval"
1439 AC_DEFINE(HAVE_NTIME)
1440 else
1441 mytimeserv="NULL"
1442 fi
1443 ],
1444 mytimeserv="NULL")
1445AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1446
1447AC_ARG_WITH(alttimeserver,
1448 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1449 [
1450 if test "x${withval}" != xno; then
1451 myalttimeserv="$withval"
1452 AC_DEFINE(HAVE_NTIME)
1453 else
1454 myalttimeserv="NULL"
1455 fi
1456 ],
1457 myalttimeserv="NULL")
1458AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1459
1460AC_ARG_ENABLE(login-watch,
1461 [ --enable-login-watch watch for login/logout [[no]]],
1462 [
1463 if test "x${enable_login_watch}" = xyes; then
1464 AC_DEFINE(SH_USE_UTMP)
1465 fi
1466 ]
1467)
1468
1469AC_ARG_ENABLE(mounts-check,
1470 [ --enable-mounts-check check mount options on filesystems [[no]]],
1471 [
1472 if test "x${enable_mounts_check}" = xyes; then
1473 AC_DEFINE(SH_USE_MOUNTS)
1474 fi
1475 ]
1476)
1477
1478AC_ARG_ENABLE(logfile-monitor,
1479 [ --enable-logfile-monitor monitor logfiles [[no]]],
1480 [
1481 if test "x${enable_logfile_monitor}" = xyes; then
1482 AC_CHECK_HEADER(pcre.h,
1483 [
1484 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1485 LIBS="-lpcre $LIBS"
1486 ],
1487 [
1488 AC_CHECK_HEADER(pcre/pcre.h,
1489 [
1490 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1491 AC_DEFINE(HAVE_PCRE_PCRE_H, 1, [Define if you have pcre/pcre.h.])
1492 LIBS="-lpcre $LIBS"
1493 ],
1494 AC_MSG_ERROR([The --enable-logfile-monitor option requires libpcre. For compiling the pcre development package is needed.])
1495 )
1496 ]
1497 )
1498 fi
1499 ]
1500)
1501
1502
1503AC_ARG_ENABLE(process-check,
1504 [ --enable-process-check check processes [[no]]],
1505 [
1506 if test "x${enable_process_check}" = xyes; then
1507 AC_CHECK_LIB([rt], [sched_getparam], sh_lrt=yes, sh_lrt=no)
1508 if test x"$sh_lrt" = xyes; then
1509 LIBRT=-lrt
1510 else
1511 LIBRT=
1512 fi
1513 LIBS="$LIBS $LIBRT"
1514 AC_DEFINE(SH_USE_PROCESSCHECK, [1], [Define if you want to check processes])
1515 fi
1516 ]
1517)
1518
1519AC_ARG_ENABLE(port-check,
1520 [ --enable-port-check check ports [[no]]],
1521 [
1522 if test "x${enable_port_check}" = xyes; then
1523 AC_DEFINE(SH_USE_PORTCHECK, [1], [Define if you want to check ports])
1524 fi
1525 ]
1526)
1527
1528AC_ARG_ENABLE(userfiles,
1529 [ --enable-userfiles check for users' config files [[no]]],
1530 [
1531 if test "x${enableval}" = "xyes"; then
1532 AC_DEFINE(SH_USE_USERFILES)
1533 fi
1534 ]
1535)
1536
1537AC_ARG_ENABLE(debug,
1538 [ --enable-debug enable debug options [[no]]],
1539 [
1540 if test "x${enable_debug}" = "xyes"; then
1541 if test "x${mydebugflag}" != "xyes"; then
1542 AC_DEFINE(MEM_DEBUG)
1543 fi
1544 AC_DEFINE(WITH_TPT)
1545 AC_DEFINE(SL_DEBUG)
1546 AC_DEFINE(DNMALLOC_CHECKS, 1, [Debug dnmalloc])
1547 AC_DEFINE(PARANOIA, 0, [Paranoia level for dnmalloc])
1548 AC_DEFINE(SL_FAIL_ON_ERROR)
1549 if test "x${myneedg3}" = "xyes"; then
1550 mydebugdef="-g3"
1551 else
1552 mydebugdef="-g"
1553 fi
1554 mydebugit="yes"
1555 fi
1556 ]
1557)
1558AC_SUBST(mydebugdef)
1559
1560if test "x${dnmalloc_ok}" = "xyes"; then
1561 sh_dnmalloc_enabled=yes
1562else
1563 sh_dnmalloc_enabled=no
1564fi
1565
1566AC_ARG_ENABLE(dnmalloc,
1567 [ --disable-dnmalloc disable dnmalloc],
1568 [
1569 if test "x${enable_dnmalloc}" = xno; then
1570 sh_dnmalloc_enabled=no
1571 else
1572 sh_dnmalloc_enabled=yes
1573 fi
1574 ]
1575)
1576
1577dnl Handle the problem that static linking against libc.a on Linux
1578dnl produces the error "multiple definitions of malloc"
1579dnl
1580if test "x$sh_dnmalloc_enabled" = "xyes"; then
1581 if test x$enable_static = xyes; then
1582 if test "x$sh_no_gcc_static" = "xyes"; then
1583 sh_dnmalloc_enabled=no
1584 else
1585 if test "x$with_gnu_ld" = "xyes"; then
1586 LDFLAGS="$LDFLAGS -Wl,--allow-multiple-definition"
1587 else
1588 sh_dnmalloc_enabled=no
1589 fi
1590 fi
1591 fi
1592fi
1593
1594if test "x${sh_dnmalloc_enabled}" = xno; then
1595 AC_DEFINE(USE_SYSTEM_MALLOC,1,[Define if you want to use the system malloc])
1596fi
1597
1598AC_ARG_ENABLE(ptrace,
1599 [ --enable-ptrace use anti-debugger options [[no]]],
1600 [
1601 if test "x${enable_ptrace}" = xyes; then
1602 if test "x$mydebugit" != "xyes"; then
1603 AC_DEFINE(SCREW_IT_UP)
1604 fi
1605 fi
1606 ]
1607)
1608
1609dnl
1610if test "x$GCC" = "xyes"; then
1611 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1612 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1613 fi
1614
1615dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1616dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1617dnl fi
1618
1619 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1620 CFLAGS="$CFLAGS -Wall -W "
1621 fi
1622
1623 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1624 then
1625 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1626 then
1627 CFLAGS="$CFLAGS -fno-strength-reduce"
1628 fi
1629 fi
1630
1631 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1632 then
1633 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1634 then
1635 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1636 fi
1637 fi
1638
1639fi
1640
1641dnl Test whether gcc supports -Wno-empty-body
1642dnl Suppresses warnings from glibc pthread_cleanup_pop
1643dnl
1644GCC_WEMPTY_BODY
1645
1646AC_MSG_CHECKING([which random module to use])
1647AC_ARG_WITH(rnd,
1648 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1649[use_static_rnd=$withval], [use_static_rnd=default] )
1650
1651if test "$use_static_rnd" = no; then
1652 use_static_rnd=default
1653fi
1654
1655case "$use_static_rnd" in
1656 egd | dev | unix | default )
1657 AC_MSG_RESULT($use_static_rnd)
1658 ;;
1659 * )
1660 AC_MSG_RESULT([invalid argument])
1661 AC_MSG_ERROR([Option --with-rnd=module used with unsupported module ${use_static_rnd}])
1662 ;;
1663esac
1664
1665AC_ARG_WITH(egd-socket,
1666 [ --with-egd-socket=NAME EGD socket name],
1667 egd_socket_name="$withval", egd_socket_name="" )
1668AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1669
1670dnl
1671dnl See whether the user wants to disable checking for /dev/random
1672
1673try_dev_random=yes
1674
1675case "$use_static_rnd" in
1676dev | default )
1677 try_dev_random=yes
1678 ;;
1679egd)
1680 AC_DEFINE(HAVE_EGD_RANDOM)
1681 try_dev_random=no
1682 ;;
1683unix)
1684 AC_DEFINE(HAVE_UNIX_RANDOM)
1685 try_dev_random=no
1686 ;;
1687esac
1688
1689
1690if test "x$try_dev_random" = "xyes"; then
1691 AC_MSG_CHECKING(whether /dev/random exists)
1692 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1693 AC_DEFINE(HAVE_URANDOM)
1694 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1695 AC_MSG_RESULT(yes)
1696 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1697 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1698 fi
1699 else
1700 if test -r "/dev/random" && test -c "/dev/random"; then
1701 AC_DEFINE(HAVE_URANDOM)
1702 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1703 AC_MSG_RESULT(yes)
1704 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1705 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1706 fi
1707 else
1708 AC_MSG_RESULT(no)
1709 AC_DEFINE(HAVE_UNIX_RANDOM)
1710 fi
1711 fi
1712fi
1713
1714
1715AC_ARG_ENABLE(udp,
1716 [ --enable-udp server can listen on port 514/udp [[no]]],
1717 [
1718 if test "x${enable_udp}" = xyes; then
1719 AC_DEFINE(INET_SYSLOG)
1720 fi
1721 ]
1722)
1723
1724myencrypt=yes
1725AC_ARG_ENABLE(encrypt,
1726 [ --disable-encrypt disable client/server encryption],
1727 [
1728 if test "x${enable_encrypt}" = xno; then
1729 myencrypt=no
1730 elif test "x${enable_encrypt}" = "x1"; then
1731 myencrypt=1
1732 fi
1733 ]
1734)
1735if test "x${myencrypt}" = "xyes"; then
1736 AC_DEFINE(SH_ENCRYPT)
1737 AC_DEFINE(SH_ENCRYPT_2)
1738elif test "x${myencrypt}" = "x1"; then
1739 AC_DEFINE(SH_ENCRYPT)
1740fi
1741
1742sh_use_srp_proto=yes
1743AC_ARG_ENABLE(srp,
1744 [ --disable-srp disable SRP for authentication],
1745 [
1746 if test "x${enable_srp}" = xno; then
1747 sh_use_srp_proto=no
1748 fi
1749 ]
1750)
1751if test "x${sh_use_srp_proto}" = xyes; then
1752 AC_DEFINE(USE_SRP_PROTOCOL)
1753fi
1754
1755AC_ARG_WITH(port,
1756 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1757 [
1758 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1759 AC_MSG_ERROR([For --with-port=PORT, PORT must be numeric.])
1760 myport=${withval}
1761 ],
1762 [myport="49777"])
1763AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1764AC_SUBST(myport)
1765
1766AC_ARG_WITH(logserver,
1767 [ --with-logserver=HOST set host address for log server [[none]]],
1768 [
1769 case "$withval" in
1770 *.* | localhost)
1771 mylogsrv="$withval"
1772 ;;
1773 *)
1774 mylogsrv="$withval"
1775 ;;
1776 esac
1777 ],
1778 [mylogsrv="NULL"])
1779AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1780AC_SUBST(mylogsrv)
1781
1782AC_ARG_WITH(altlogserver,
1783 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1784 [
1785 case "$withval" in
1786 *.* | localhost)
1787 myaltlogsrv="$withval"
1788 ;;
1789 *)
1790 myaltlogsrv="$withval"
1791 ;;
1792 esac
1793 ],
1794 [myaltlogsrv="NULL"])
1795AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1796
1797
1798
1799dnl
1800dnl STEALTH OPTIONS
1801dnl
1802nocl_code=
1803xor_code=0
1804AC_ARG_ENABLE(nocl,
1805 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1806 [
1807 if test "x${enableval}" != "x"; then
1808 AC_DEFINE(SH_STEALTH_NOCL)
1809 fi
1810 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1811 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1812 fi
1813 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1814 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1815 fi
1816 if test "x${enableval}" = "xstatus"; then
1817 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1818 fi
1819 if test "x${enableval}" = "xno"; then
1820 AC_MSG_ERROR([With --enable-nocl=PW, the use of --enable-nocl=no is ambiguous.])
1821 fi
1822 nocl_code="${enable_nocl}"
1823 ]
1824)
1825AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1826AC_SUBST(nocl_code)
1827AC_ARG_ENABLE(stealth,
1828 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1829 [AC_DEFINE(SH_STEALTH)
1830 if test "x${enableval}" != "xyes"; then
1831 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1832 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be numeric.])
1833 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1834 if test x"${enableval}" = x0
1835 then
1836 :
1837 else
1838 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1839 fi
1840 fi
1841 xor_code="${enable_stealth}"
1842 else
1843 xor_code=0
1844 fi
1845 stegin_prg="samhain_stealth"
1846 ],
1847 [
1848 stegin_prg=
1849 ]
1850)
1851AC_ARG_ENABLE(micro-stealth,
1852 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1853 [
1854 AC_DEFINE(SH_STEALTH)
1855 AC_DEFINE(SH_STEALTH_MICRO)
1856 if test "x${enableval}" != "xyes"; then
1857 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1858 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be numeric.])
1859 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1860 if test x"${enableval}" = x0
1861 then
1862 :
1863 else
1864 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1865 fi
1866 fi
1867 xor_code="${enable_micro_stealth}"
1868 else
1869 xor_code=0
1870 fi
1871 ]
1872)
1873install_name="samhain"
1874INSTALL_NAME="SAMHAIN"
1875AC_ARG_ENABLE(install-name,
1876 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
1877 [
1878 if test "x${enableval}" != "xyes"; then
1879 install_name="${enableval}"
1880 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
1881 else
1882 install_name="${sh_main_prg}"
1883 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1884 fi
1885 ],
1886 [
1887 install_name="${sh_main_prg}"
1888 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
1889 ]
1890)
1891
1892
1893need_user_install=0
1894
1895AC_ARG_ENABLE(identity,
1896 [ --enable-identity=USER user if dropping root [[daemon]]],
1897 [
1898 if test x"$enableval" = xno; then
1899 myident="daemon"
1900 else
1901 myident="$enableval"
1902 fi
1903 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
1904 AC_MSG_ERROR([With --enable-identity=USER, please supply a username, not a UID.])
1905 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1906 grep "^${myident}:" | awk -F: '{ print $3; }'`
1907 if test x"${myident_uid}" = x; then
1908 AC_MSG_WARN([Option --enable-identity used, user ${myident} will be added upon install.])
1909 need_user_install=1
1910 fi
1911 ],
1912 [
1913 for myident in ${install_name} daemon nobody; do
1914 AC_MSG_CHECKING(for user ${myident})
1915 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
1916 grep "^${myident}:" | awk -F: '{ print $3; }'`
1917 if test x"${myident_uid}" != x; then
1918 AC_MSG_RESULT(yes)
1919 break;
1920 else
1921 AC_MSG_RESULT(no)
1922 fi
1923 done
1924 if test x"${myident_uid}" = x; then
1925 myident=${install_name}
1926 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
1927 need_user_install=1
1928 fi
1929 ])
1930AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
1931AC_SUBST(myident)
1932AC_SUBST(need_user_install)
1933
1934sh_insmod_cmd=": # no kernel module"
1935sh_lkm=""
1936lkm_inc=""
1937khidemap="/boot/System.map"
1938sh_syscalltable="0x0"
1939AC_ARG_ENABLE(khide,
1940 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
1941 [
1942 if test "x${enable_khide}" != xno; then
1943 if test "x${enableval}" != "xyes"; then
1944 khidemap="${enableval}"
1945 fi
1946 sh_syscalltable=`egrep '(D|d|R|r) sys_call_table' ${khidemap} | awk '{print $1}'`
1947 if test x"$sh_syscalltable" = x; then
1948 AC_MSG_ERROR([Option --enable-khide cannot be used since the symbol sys_call_table was not found in ${khidemap}.])
1949 fi
1950 sh_syscalltable="0x${sh_syscalltable}"
1951 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
1952 if test "${install_name_len}" -gt 15 ; then
1953 AC_MSG_ERROR([If --enable-khide is used, install_name must not exceed a length of 15 chars.])
1954 fi
1955 AC_DEFINE(SH_USE_LKM)
1956 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
1957
1958 # -- NEW --
1959 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
1960 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
1961 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMERIC, ${kernel_numeric}, [Kernel number])
1962
1963 if test x"$kernel_version" = xLINUX26
1964 then
1965 AC_MSG_CHECKING([for modlist_lock])
1966 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
1967 if test x"$sh_modlist_lock" = x; then
1968 AC_MSG_RESULT(no)
1969 else
1970 sh_modlist_lock="0x${sh_modlist_lock}"
1971 AC_MSG_RESULT([${sh_modlist_lock}])
1972 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
1973 fi
1974
1975 AC_MSG_CHECKING([for module_mutex])
1976 sh_modlist_mutex=`egrep ['[bd] module_mutex$'] ${khidemap} | awk '{print $1}'`
1977 if test x"$sh_modlist_mutex" = x; then
1978 AC_MSG_RESULT(no)
1979 else
1980 sh_modlist_mutex="0x${sh_modlist_mutex}"
1981 AC_MSG_RESULT([${sh_modlist_mutex}])
1982 AC_DEFINE_UNQUOTED(SH_MODLIST_MUTEX, ${sh_modlist_mutex}, [The address of the modules list mutex])
1983 fi
1984
1985 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
1986 if test x"$sh_list_modules" = x; then
1987 AC_MSG_ERROR([Option --enable-khide cannot be used, since the symbol modules was not found in ${khidemap}.])
1988 fi
1989 sh_list_modules="0x${sh_list_modules}"
1990 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
1991
1992 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
1993 sh_insmod_cmd="modprobe ${install_name}_hide"
1994 sh_lkm="samhain_hide.ko"
1995 else
1996 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
1997 sh_lkm="samhain_hide.o samhain_erase.o"
1998 fi
1999 # -- END NEW --
2000
2001 kvers=`uname -r`
2002 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
2003 lkm_inc="-I/lib/modules/${kvers}/build/include"
2004 else
2005 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
2006 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2007 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2008 fi
2009
2010 AC_MSG_CHECKING([for 2.4 vanilla kernel])
2011 sh_is_vanilla_kernel=yes
2012 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
2013 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
2014 fi
2015 if test x"${sh_is_vanilla_kernel}" = xno; then
2016 AC_MSG_RESULT(no)
2017 else
2018 AC_MSG_RESULT(yes)
2019 AC_DEFINE(SH_VANILLA_KERNEL)
2020 fi
2021
2022 fi
2023 ]
2024)
2025
2026AC_SUBST(install_name)
2027AC_SUBST(INSTALL_NAME)
2028AC_SUBST(stegin_prg)
2029AC_SUBST(xor_code)
2030
2031AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
2032AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
2033
2034
2035exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
2036exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
2037exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
2038
2039AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
2040AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
2041AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
2042
2043
2044AC_ARG_ENABLE(suidcheck,
2045 [ --enable-suidcheck check for suid/sgid files [[no]]],
2046 [
2047 if test "x${enableval}" = "xyes"; then
2048 AC_DEFINE(SH_USE_SUIDCHK)
2049 fi
2050 ]
2051)
2052
2053
2054systemmap="/boot/System.map"
2055sh_libkvm=""
2056AC_ARG_WITH(kcheck,
2057 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
2058 [
2059 if test "x${withval}" != "xno"; then
2060 AC_DEFINE(SH_USE_KERN)
2061
2062 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
2063 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMBER, ${kernel_numeric}, [Kernel number])
2064
2065 kernelversion=`uname -r`
2066 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
2067
2068 if test "x${withval}" != "xyes"; then
2069 systemmap="${withval}"
2070 fi
2071
2072 if test "x${cross_compiling}" = xyes; then
2073 :
2074 elif test "x$selectconfig" = "xfreebsd"; then
2075 LIBS="$LIBS -lkvm"
2076 sh_libkvm="-lkvm"
2077 elif test -f "${systemmap}"; then
2078 if test -f /dev/kmem; then
2079 :
2080 else
2081 # need kernel module
2082
2083 if test -f /lib/modules/${kernelversion}/build/include/linux/kernel.h; then
2084 lkm_inc="-I/lib/modules/${kernelversion}/build/include"
2085 else
2086 AC_MSG_WARN([--enable-khide: /lib/modules/${kernelversion}/build/include/linux not found])
2087 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2088 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2089 fi
2090
2091 AC_MSG_CHECKING([for vmlist_lock])
2092 sh_vmlist_lock=`egrep ['[bdBD] vmlist_lock$'] ${systemmap} | awk '{print $1}'`
2093 if test x"$sh_vmlist_lock" = x; then
2094 AC_MSG_RESULT(no)
2095 else
2096 sh_vmlist_lock="0x${sh_vmlist_lock}"
2097 AC_MSG_RESULT([${sh_vmlist_lock}])
2098 AC_DEFINE_UNQUOTED(SH_VMLIST_LOCK, ${sh_vmlist_lock}, [The address of the vmlist spinlock])
2099 fi
2100
2101 AC_MSG_CHECKING([for vmlist])
2102 sh_vmlist_lock=`egrep ['[bdBD] vmlist$'] ${systemmap} | awk '{print $1}'`
2103 if test x"$sh_vmlist" = x; then
2104 AC_MSG_RESULT(no)
2105 else
2106 sh_vmlist="0x${sh_vmlist}"
2107 AC_MSG_RESULT([${sh_vmlist}])
2108 AC_DEFINE_UNQUOTED(SH_VMLIST, ${sh_vmlist}, [The address of the vmlist])
2109 fi
2110
2111 sh_lkm="${sh_lkm} samhain_kmem.ko"
2112 echo "${sh_insmod_cmd}" | grep 'no kernel module' >/dev/null
2113 if [ $? -eq 0 ]; then
2114 sh_insmod_cmd="modprobe ${install_name}_kmem"
2115 else
2116 sh_insmod_cmd="modprobe ${install_name}_kmem; ${sh_insmod_cmd}"
2117 fi
2118 fi
2119 else
2120 AC_MSG_ERROR([Option --with-kcheck=systemmap cannot be used, because system map ${systemmap} does not exist.])
2121 fi
2122 fi
2123 ]
2124)
2125
2126AC_SUBST(lkm_inc)
2127AC_SUBST(sh_lkm)
2128AC_SUBST(sh_insmod_cmd)
2129
2130AC_SUBST(systemmap)
2131AC_SUBST(sh_libkvm)
2132
2133AC_ARG_ENABLE(base,
2134 [ --enable-base=B1,B2 base key (0...2147483647)],
2135 [
2136 AC_MSG_CHECKING(base key setting)
2137 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
2138 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
2139 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2140 if test "x${my_key_A}" = x; then
2141 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid first base key (zero length).])
2142 fi
2143 if test "x${my_key_B}" = x; then
2144 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid second base key (zero length).])
2145 fi
2146 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2147 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2148 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2149 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2150 ],
2151 [
2152 AC_MSG_CHECKING(base key setting .. collecting entropy)
2153 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
2154 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
2155 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
2156 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
2157 my_key_A=`expr $my_key_1 \* 32767`
2158 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
2159 my_key_A=`expr $my_key_A \+ $my_key_2`
2160 my_key_B=`expr $my_key_3 \* 32767`
2161 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
2162 my_key_B=`expr $my_key_B \+ $my_key_4`
2163 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2164 ]
2165 )
2166AC_SUBST(my_key_A)
2167AC_SUBST(my_key_B)
2168
2169dnl low bytes
2170my_key_1=`expr $my_key_A \% 65536`
2171dnl high bytes
2172my_key_2=`expr $my_key_A \/ 65536`
2173dnl low bytes
2174my_key_3=`expr $my_key_B \% 65536`
2175dnl high bytes
2176my_key_4=`expr $my_key_B \/ 65536`
2177
2178dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
2179
2180dnl touch ./sh_MK.h
2181dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
2182dnl echo "#define SH_MK_H" >> ./sh_MK.h
2183dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
2184dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
2185dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
2186dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
2187dnl echo "#endif" >> ./sh_MK.h
2188AC_SUBST(my_key_1)
2189AC_SUBST(my_key_2)
2190AC_SUBST(my_key_3)
2191AC_SUBST(my_key_4)
2192
2193AC_MSG_CHECKING(key position)
2194pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
2195pos_tf_2=`expr $pos_tf_1 \% 8`
2196pos_tf=`expr $pos_tf_2 + 1`
2197AC_MSG_RESULT(${pos_tf})
2198AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
2199
2200mykeybase=`echo ${my_key_A},${my_key_B}`
2201AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
2202AC_SUBST(mykeybase)
2203
2204
2205dnl
2206dnl GPG/PGP options
2207dnl
2208
2209AC_ARG_WITH(gpg,
2210 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
2211 [
2212 if test "x${withval}" != "xno"; then
2213 if test "x${cross_compiling}" = xyes; then
2214 mygpg="${withval}"
2215 else
2216 if test -f "${withval}"; then
2217 mygpg="${withval}"
2218 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2219 if test "x$?" != "x0"; then
2220 mychktest=no
2221 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2222 if test x"${mychktest}" = xyes
2223 then
2224 :
2225 else
2226 if test -f ${sampre}
2227 then
2228 echo "use existing ${sampre} for gpg checksum"
2229 mychk0=`${sampre} -H ${withval} 2>/dev/null`
2230 if test "x$?" != "x0"; then
2231 :
2232 else
2233 mychk="${mychk0}"
2234 mychktest=yes
2235 fi
2236 fi
2237 fi
2238 done
2239 if test x${mychktest} = xno; then
2240 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
2241 echo "-------------------------------------------------------------"
2242 echo " Your gpg binary does not support the TIGER192 checksum, "
2243 echo " and I cannot find an existing samhain binary to use instead."
2244 echo " You can:"
2245 echo " (a) run make to compile a samhain binary, then repeat"
2246 echo " ./configure and make"
2247 echo " (b) ignore the failure. The checksum of the gpg binary"
2248 echo " will not get compiled in, thus allowing an attacker"
2249 echo " to replace gpg with a trojan and subverting the gpg"
2250 echo " signature verification of configure and database files."
2251 echo
2252 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
2253 echo "-------------------------------------------------------------"
2254 fi
2255 else
2256 mychk="${mychk0}"
2257 fi
2258 else
2259 AC_MSG_ERROR([--with-gpg: cannot find GnuPG PATH=${withval}])
2260 fi
2261 fi
2262 AC_DEFINE(WITH_GPG)
2263 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
2264 AC_SUBST(mygpg)
2265 fi
2266 ]
2267)
2268
2269AC_ARG_WITH(keyid,
2270 [ --with-keyid=KEYID specify KeyID (0x...) for GPG/PGP functions [[none]]],
2271 [
2272 if test "x${withval}" != "x"; then
2273 echo "${withval}" | awk '{if((length($0)==10)||(length($0)==18)){exit 2}else{exit 0}}' &&
2274 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2275 echo "${withval}" | grep ['[^0][^x][^0123456789ABCDEFabcdef]'] >/dev/null 2>&1 &&
2276 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2277 mykeyid="$withval"
2278 mykeytag="--default-key"
2279 else
2280 mykeyid=""
2281 mykeytag=""
2282 fi
2283 AC_SUBST(mykeyid)
2284 AC_SUBST(mykeytag)
2285 ]
2286)
2287
2288dnl AC_ARG_WITH(pgp,
2289dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
2290dnl [myppg="$withval"
2291dnl AC_DEFINE(WITH_PGP)
2292dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
2293dnl ])
2294
2295AC_ARG_WITH(checksum,
2296 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
2297 [
2298 if test "x${withval}" != "xno"; then
2299 if test "x${withval}" != "xyes"; then
2300 if test "x${mychk}" != "x"; then
2301 if test "x${mychk}" != "x${withval}"; then
2302 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
2303 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
2304 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
2305 fi
2306 fi
2307 mychk="${withval}"
2308 else
2309 if test "x${mychk}" = "x"; then
2310 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the gpg binary not specified.])
2311 fi
2312 fi
2313 AC_DEFINE(HAVE_GPG_CHECKSUM)
2314 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2315 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2316 fi
2317 ],
2318 [
2319 if test "x${mygpg}" != "x"; then
2320 if test "x${mychk}" != "x"; then
2321 AC_DEFINE(HAVE_GPG_CHECKSUM)
2322 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2323 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2324 fi
2325 fi
2326 ]
2327)
2328
2329AC_ARG_WITH(fp,
2330 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
2331 [
2332 if test "x${withval}" != "xno"; then
2333 if test "x${withval}" != "xyes"; then
2334 withval0=`echo ${withval} | sed 's% %%g'`
2335 echo "${withval0}" | \
2336 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
2337 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, there is an invalid character(s) in FINGERPRINT=${withval0}.])
2338 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
2339 sh_len0=`expr ${sh_len} \- 1`
2340 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
2341 then
2342 myfp="${withval0}"
2343 AC_DEFINE(USE_FINGERPRINT)
2344 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
2345 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
2346 else
2347 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, the length (${sh_len0}) of FINGERPRINT ${withval0} is incorrect.])
2348 fi
2349 else
2350 AC_MSG_ERROR([For option --with-fp=FINGERPRINT, FINGERPRINT=yes is invalid, please specify a valid key fingerprint.])
2351 fi
2352 fi
2353 ])
2354
2355
2356dnl
2357dnl MAIL OPTIONS
2358dnl
2359
2360AC_ARG_WITH(recipient,
2361 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2362 [
2363 withval0=`echo ${withval} | sed 's%,% %g'`
2364 for sh_item in ${withval0}
2365 do
2366 case ${sh_item} in
2367 *@localhost)
2368 ;;
2369 *@*.*)
2370 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2371 if test "x${sh_tmp}" != "x1"
2372 then
2373 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2374 fi
2375 ;;
2376 *)
2377 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2378 ;;
2379 esac
2380 done
2381 myrcp="$withval0"
2382 ],
2383 [myrcp="NULL"])
2384AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2385
2386
2387AC_ARG_WITH(sender,
2388 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2389 [
2390 mysender="${withval}"
2391 ],
2392 [
2393 mysender="daemon"
2394 ])
2395AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2396
2397
2398dnl
2399dnl PATHS
2400dnl
2401
2402AC_ARG_WITH(trusted,
2403 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2404 [
2405 sh_tmp_test=no
2406 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2407 for sh_tmp1 in ${sh_tmp}
2408 do
2409 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2410 AC_MSG_ERROR([Option --with-trusted=UID used with non-numeric UID in ${withval}.])
2411 if test "x${sh_tmp1}" = "x0"
2412 then
2413 sh_tmp_test=yes
2414 fi
2415 done
2416 if test "x${sh_tmp_test}" = "xno"
2417 then
2418 withval="0,${withval}"
2419 fi
2420 mytrust="${withval}"
2421 ],
2422 [mytrust="0"] )
2423AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2424AC_SUBST(mytrust)
2425
2426AC_ARG_WITH(tmp-dir,
2427 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2428 [
2429 if test "x${cross_compiling}" = xyes; then
2430 my_tmp_dir="$withval"
2431 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2432 else
2433 if test -d "${withval}"; then
2434 my_tmp_dir="$withval"
2435 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2436 else
2437 my_tmp_dir="$withval"
2438 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${my_tmp_dir}") )
2439 AC_MSG_WARN([--with-tmp-dir: tmp directory ${withval} does not exist])
2440 fi
2441 fi
2442 ]
2443)
2444
2445dnl
2446dnl PATH DEFAULTS
2447dnl
2448
2449if test "x${ac_prefix_set}" = xyes
2450then
2451 if test "x${exec_prefix}" = xNONE
2452 then
2453 exec_prefix="${prefix}"
2454 fi
2455
2456 if test "x${prefix}" = xOPT
2457 then
2458 tmp_sbindir="/opt/${install_name}/bin"
2459 tmp_sysconfdir="/etc/opt"
2460 tmp_mandir="/opt/${install_name}/man"
2461 tmp_localstatedir="/var/opt/${install_name}"
2462 elif test "x${prefix}" = xUSR
2463 then
2464 tmp_sbindir="/usr/sbin"
2465 tmp_sysconfdir="/etc"
2466 tmp_mandir="/usr/share/man"
2467 tmp_localstatedir="/var"
2468 else
2469 tmp_sbindir=`eval echo ${sbindir}`
2470 tmp_sysconfdir=`eval echo ${sysconfdir}`
2471 tmp_mandir=`eval echo ${mandir}`
2472 tmp_localstatedir=`eval echo ${localstatedir}`
2473 fi
2474else
2475 prefix=""
2476 if test "x${ac_exec_prefix_set}" = xyes
2477 then
2478 tmp_sbindir=`eval echo ${sbindir}`
2479 else
2480 tmp_sbindir="/usr/local/sbin"
2481 fi
2482 tmp_sysconfdir="/etc"
2483 # share/man -> man (FHS) 11.10.2002
2484 tmp_mandir="/usr/local/man"
2485 tmp_localstatedir="/var"
2486fi
2487
2488
2489if test "x${ac_sbindir_set}" = xyes
2490then
2491 :
2492else
2493 sbindir=`eval echo ${tmp_sbindir}`
2494fi
2495
2496
2497if test "x${ac_sysconfdir_set}" = xyes
2498then
2499 :
2500else
2501 sysconfdir=`eval echo ${tmp_sysconfdir}`
2502fi
2503
2504if test "x${ac_mandir_set}" = xyes
2505then
2506 :
2507else
2508 mandir=`eval echo ${tmp_mandir}`
2509fi
2510
2511if test "x${ac_localstatedir_set}" = xyes
2512then
2513 :
2514else
2515 localstatedir=`eval echo ${tmp_localstatedir}`
2516fi
2517
2518
2519
2520AC_ARG_WITH(config-file,
2521 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2522 [
2523 myconffile="${withval}"
2524 changequote(<<, >>)dnl
2525 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2526 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2527 myrpmconffile="${tmp}"
2528 changequote([, ])dnl
2529 ],
2530 [
2531 myconffile="${sysconfdir}/${install_name}rc"
2532 myrpmconffile="${myconffile}"
2533 ]
2534)
2535AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2536AC_SUBST(myconffile)
2537AC_SUBST(myrpmconffile)
2538
2539AC_ARG_WITH(log-file,
2540 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2541 [
2542 mylogfile="$withval"
2543 changequote(<<, >>)dnl
2544 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2545 changequote([, ])dnl
2546 ],
2547 [
2548 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2549 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2550 mylogdir="${localstatedir}/log/${install_name}"
2551 else
2552 mylogfile="${localstatedir}/log/${install_name}_log"
2553 mylogdir="${localstatedir}/log"
2554 fi
2555 ]
2556)
2557AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2558AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2559AC_SUBST(mylogfile)
2560AC_SUBST(mylogdir)
2561
2562AC_ARG_WITH(pid-file,
2563 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2564 [
2565 mylockfile="$withval"
2566 changequote(<<, >>)dnl
2567 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2568 changequote([, ])dnl
2569 ],
2570 [
2571 mylockfile="${localstatedir}/run/${install_name}.pid"
2572 mylockdir="${localstatedir}/run"
2573 ]
2574)
2575AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2576AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2577AC_SUBST(mylockfile)
2578AC_SUBST(mylockdir)
2579
2580AC_ARG_WITH(state-dir,
2581 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2582 [
2583 mydataroot="$withval"
2584 ],
2585 [
2586 mydataroot="${localstatedir}/lib/${install_name}"
2587 ]
2588 )
2589AC_ARG_WITH(data-file,
2590 [ --with-data-file=FILE set path of data file],
2591 [
2592 mydatafile="$withval"
2593 changequote(<<, >>)dnl
2594 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2595 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2596 myrpmdatafile="${tmp}"
2597 changequote([, ])dnl
2598 if test x"${tmp}" = x
2599 then
2600 echo "No local path in data file ${withval}"
2601 echo "This will not work for initializing the database."
2602 if test x"${withval}" = xREQ_FROM_SERVER
2603 then
2604 echo "It should be REQ_FROM_SERVER/some/local/path"
2605 fi
2606 AC_MSG_ERROR([Option --with-data-file=FILE used with invalid path ${withval}.])
2607 fi
2608 ],
2609 [
2610 mydatafile="${mydataroot}/${install_name}_file"
2611 myrpmdatafile="${mydatafile}"
2612 ])
2613AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2614AC_SUBST(mydatafile)
2615AC_SUBST(myrpmdatafile)
2616
2617AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2618AC_SUBST(mydataroot)
2619
2620AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2621AC_SUBST(myqdir)
2622
2623
2624AC_ARG_WITH(html-file,
2625 [ --with-html-file=FILE set path of html file,],
2626 [
2627 myhtmlfile="$withval"
2628 ],
2629 [
2630 myhtmlfile="${mylogdir}/${install_name}.html"
2631 ])
2632AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2633AC_SUBST(myhtmlfile)
2634
2635
2636mydefargs=$ac_configure_args
2637# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2638# then
2639# mydefargs="--enable-static $mydefargs"
2640# fi
2641if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2642then
2643 mydefargs="--enable-base=${mykeybase} $mydefargs"
2644fi
2645AC_SUBST(mydefargs)
2646
2647
2648AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2649AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2650AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2651
2652AC_CONFIG_HEADER(config.h)
2653
2654AC_OUTPUT(
2655[
2656Makefile
2657samhain-install.sh
2658init/samhain.startLSB
2659init/samhain.startLinux
2660init/samhain.startGentoo
2661init/samhain.startFreeBSD
2662init/samhain.startSolaris
2663init/samhain.startHPUX
2664init/samhain.startIRIX
2665init/samhain.startMACOSX
2666samhain.spec
2667rules.deb
2668rules.deb-light
2669hp_ux.psf
2670scripts/samhain.spec
2671scripts/redhat_i386.client.spec
2672scripts/samhain.ebuild
2673scripts/samhain.ebuild-light
2674scripts/samhainadmin.pl
2675scripts/yuleadmin.pl
2676scripts/check_samhain.pl
2677deploy.sh
2678],
2679[
2680echo timestamp > stamp-h
2681chmod +x samhain-install.sh
2682chmod +x scripts/samhainadmin.pl
2683chmod +x scripts/yuleadmin.pl
2684chmod +x scripts/check_samhain.pl
2685]
2686)
2687
2688chmod +x deploy.sh
2689
2690if test "x${cross_compiling}" = xyes
2691then
2692
2693echo "--------------------------------------------------------------"
2694echo
2695echo "You are using a cross-compiler. The following system dependent"
2696echo "values may have been set to default values that may be"
2697echo "incorrect for your target system: "
2698echo
2699echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2700echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2701echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2702echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2703echo "ac_cv_sizeof_unsigned_int size of unsigned int ${ac_cv_sizeof_unsigned_int}"
2704echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2705echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2706echo
2707echo "If these values are incorrect, change them in the file "
2708echo "config.cache and run configure again."
2709echo
2710echo "--------------------------------------------------------------"
2711
2712fi
2713
2714if test x${silent} != xyes
2715then
2716
2717 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2718 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2719 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2720 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2721 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2722 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2723
2724 echo
2725 echo " samhain has been configured as follows:"
2726 echo " System binaries: ${sbindir}"
2727 echo " Configuration file: ${myconffile}"
2728 echo " Manual pages: ${mandir}"
2729 echo " Data: ${mydataroot}"
2730 echo " PID file: ${mylockfile}"
2731 echo " Log file: ${mylogfile}"
2732 echo " Base key: ${mykeybase}"
2733 if test x"$mykeyid" != x
2734 then
2735 echo " target GPG/PGP key: ${mykeyid}"
2736 fi
2737 echo
2738 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2739 then
2740 echo " Selected rc file: yulerc"
2741 else
2742 echo " Selected rc file: samhainrc.${selectconfig}"
2743 fi
2744
2745fi
2746
Note: See TracBrowser for help on using the repository browser.