source: trunk/configure.ac@ 460

Last change on this file since 460 was 460, checked in by katerina, 10 years ago

Better error message for update and fix for deadlock in UNIX entropy collector. 3.1.3 final.

File size: 79.7 KB
Line 
1dnl We want to override the standard _AC_INIT_PARSE_ARGS
2dnl
3AU_ALIAS([_AC_INIT_PARSE_ARGS], [SH_INIT_PARSE_ARGS])
4AU_ALIAS([_AC_INIT_help], [SH_INIT_HELP])
5
6AC_INIT(src/samhain.c)
7
8
9AC_ARG_VAR([LIBS], [libraries to link against, e.g. -lintl])
10
11dnl
12dnl start
13dnl
14AM_INIT_AUTOMAKE(samhain, 3.1.3)
15AC_DEFINE([SAMHAIN], 1, [Application is samhain])
16AC_CANONICAL_HOST
17
18dnl
19dnl checks for programs
20dnl
21
22AC_PROG_CC
23if test "$host" != "$build"; then
24 AC_CHECK_PROGS(BUILD_CC, gcc cc)
25else
26 BUILD_CC=$CC
27fi
28AC_PROG_CPP
29AC_PROG_INSTALL
30AC_PROG_LN_S
31AC_PROG_AWK
32SH_PROG_LD
33AC_PATH_PROG(cmd_hostname,hostname)
34AC_SUBST(cmd_hostname)
35AC_SUBST(BUILD_CC)
36
37if test "x$GCC" = "xyes"; then
38 SH_GCC_VERSION
39fi
40
41AC_HEADER_STDC
42dnl
43dnl first one is a dummy because of an autoconf bug
44dnl (no HAVE_... for first one)
45dnl
46AC_CHECK_HEADERS([sys/ipc.h sys/msg.h sys/uio.h fcntl.h])
47
48
49AC_MSG_CHECKING([for OS specific issues])
50mydebugflag=no
51myneedg3=no
52uid_cast="signed long"
53selectconfig=linux
54mynetbsd=no
55sh_use_lcaps="undef"
56dnmalloc_ok=yes
57sh_use_pie=yes
58enable_asm_ok=yes
59
60case "$host_os" in
61
62 *linux*)
63 sh_use_lcaps="yes"
64 AC_DEFINE(HOST_IS_LINUX)
65 AC_DEFINE(HAVE_EXT2_IOCTLS)
66 AC_MSG_RESULT([use ioctl to get e2fs flags])
67 case "$host_cpu" in
68 i*86*)
69 AC_DEFINE(HOST_IS_I86LINUX)
70 ;;
71 x86_64)
72 AC_DEFINE([HOST_IS_64LINUX], 1, [Define if host OS is 64bit Linux])
73 ;;
74 *)
75 ;;
76 esac
77 ;;
78
79 *osf*)
80 AC_DEFINE([HOST_IS_OSF], 1, [Define if host OS is OSF])
81 if test "x$GCC" != "xyes"; then
82 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
83 CFLAGS="$CFLAGS -O2 -assume noaligned_objects"
84 myneedg3=yes
85 AC_MSG_RESULT([compiler needs assume noaligned_objects])
86 else
87 AC_MSG_RESULT([none])
88 fi
89 ;;
90
91 *cygwin*)
92 AC_DEFINE(HOST_IS_CYGWIN)
93 AC_DEFINE([USE_REGISTRY_CHECK], 1, [Define for registry check])
94 dnmalloc_ok=no
95 enable_asm_ok=no
96 AC_MSG_RESULT([no trusted paths, no dnmalloc. no asm optimize])
97 ;;
98
99 *darwin*|*apple*)
100 AC_DEFINE(HOST_IS_DARWIN)
101 dnmalloc_ok=no
102 AC_MSG_RESULT([check resource forks, no dnmalloc])
103 ;;
104
105 *freebsd8*|*freebsd9*)
106 AC_DEFINE(HOST_IS_FREEBSD)
107 selectconfig=freebsd
108 case "$host_cpu" in
109 amd64|x86_64)
110 dnmalloc_ok=no
111 AC_MSG_RESULT([no dnmalloc])
112 ;;
113 *)
114 AC_MSG_RESULT([none])
115 ;;
116 esac
117 ;;
118
119 *freebsd7*)
120 AC_DEFINE(HOST_IS_FREEBSD)
121 selectconfig=freebsd
122 case "$host_cpu" in
123 amd64|x86_64)
124 sh_use_pie=no
125 dnmalloc_ok=no
126 AC_MSG_RESULT([no dnmalloc and broken compiler toolchain])
127 ;;
128 *)
129 AC_MSG_RESULT([none])
130 ;;
131 esac
132 ;;
133
134 *freebsd*)
135 AC_DEFINE(HOST_IS_FREEBSD)
136 selectconfig=freebsd
137 AC_MSG_RESULT([none])
138 ;;
139
140 *openbsd*)
141 AC_DEFINE([HOST_IS_OPENBSD], 1, [Define if host OS is OPENBSD])
142 selectconfig=freebsd
143 dnmalloc_ok=no
144 AC_MSG_RESULT([dnmalloc does not work with pthreads])
145 ;;
146
147 *netbsd*)
148 mynetbsd=yes
149 selectconfig=netbsd
150 AC_MSG_RESULT([bug with libresolve])
151 ;;
152
153 *solaris*)
154 selectconfig=solaris
155 AC_DEFINE(HOST_IS_SOLARIS)
156 case "$host_cpu" in
157 i*86)
158 AC_DEFINE(HOST_IS_I86SOLARIS)
159 AC_MSG_RESULT([vsnprintf prototype])
160 ;;
161 *)
162 AC_MSG_RESULT([none])
163 ;;
164 esac
165 if test "x$GCC" != "xyes"; then
166 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
167 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
168 fi
169 if test -z "`echo "$CFLAGS" | grep "\-xO2" 2> /dev/null`"; then
170 CFLAGS="$CFLAGS -xO2"
171 fi
172 if test -z "`echo "$CFLAGS" | grep "\-Xa" 2> /dev/null`"; then
173 CFLAGS="$CFLAGS -Xa"
174 fi
175 LIBS="-lc $LIBS"
176 fi
177 ;;
178
179
180 *sun*)
181 selectconfig=solaris
182 AC_DEFINE(HOST_IS_SOLARIS)
183 AC_MSG_RESULT([none])
184 ;;
185
186 *aix*)
187 AC_DEFINE(HOST_IS_AIX)
188 selectconfig=aix5.2.0
189 uid_cast="unsigned long"
190 if test "x$GCC" != "xyes"; then
191 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
192 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
193 fi
194 if test -z "`echo "$CFLAGS" | grep "\-O3" 2> /dev/null`"; then
195 CFLAGS="$CFLAGS -O3"
196 fi
197 if test -z "`echo "$CFLAGS" | grep "\-qstrict" 2> /dev/null`"; then
198 CFLAGS="$CFLAGS -qstrict"
199 fi
200 AC_MSG_RESULT([AIX size_t in the accept call and optimize O3 qstrict])
201 else
202 AC_MSG_RESULT([AIX size_t in the accept call])
203 fi
204 ;;
205
206 *hpux*)
207 AC_MSG_RESULT([HPUX need _XOPEN_SOURCE_EXTENDED for h_errno])
208 AC_DEFINE(HOST_IS_HPUX)
209 if test "x$GCC" != "xyes"; then
210 if test ! -z "`echo "$CFLAGS" | grep "\-g" 2> /dev/null`" ; then
211 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
212 fi
213 if test -z "`echo "$CFLAGS" | grep "\+O2" 2> /dev/null`"; then
214 CFLAGS="$CFLAGS +O2"
215 fi
216 fi
217 ;;
218
219 *ultrix*)
220 AC_MSG_RESULT([ULTRIX getcwd uses popen])
221 AC_DEFINE(HAVE_BROKEN_GETCWD)
222 ;;
223
224 *)
225 AC_MSG_RESULT([none])
226 ;;
227esac
228
229AC_SUBST(selectconfig)
230AC_DEFINE_UNQUOTED(UID_CAST, ${uid_cast})
231
232
233
234dnl *****************************************
235dnl
236dnl checks for header files
237dnl
238dnl *****************************************
239
240AC_HEADER_DIRENT
241AC_HEADER_MAJOR
242AC_HEADER_TIME
243dnl used in minilzo.c
244AC_HEADER_STAT
245AC_DECL_SYS_SIGLIST
246
247AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
248 sys/mman.h sys/param.h sys/inotify.h \
249 sys/vfs.h mntent.h \
250 sys/select.h sys/socket.h netinet/in.h \
251 regex.h glob.h fnmatch.h \
252 linux/ext2_fs.h linux/fs.h ext2fs/ext2_fs.h asm/segment.h \
253 elf.h linux/elf.h auparse.h \
254 paths.h arpa/nameser.h arpa/nameser_compat.h \
255 rpc/rpcent.h rpc/rpc.h sys/statvfs.h,
256 [],
257 [],
258 [#include <sys/types.h>]
259)
260
261
262AC_CHECK_HEADER(utmpx.h, sh_utmpx="yes", sh_utmpx="no")
263if test "x$sh_utmpx" = "xyes"; then
264 AC_DEFINE(HAVE_UTMPX_H)
265 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) )
266 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) )
267 AC_EGREP_HEADER(ut_addr_v6, utmpx.h, AC_DEFINE(HAVE_UTADDR_V6) )
268 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) )
269 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) )
270else
271 AC_EGREP_HEADER(ut_addr, utmp.h, AC_DEFINE(HAVE_UTADDR) )
272 AC_EGREP_HEADER(ut_host, utmp.h, AC_DEFINE(HAVE_UTHOST) )
273 AC_EGREP_HEADER(ut_type, utmp.h, AC_DEFINE(HAVE_UTTYPE) )
274fi
275
276dnl
277dnl figure out where acct.h lives
278dnl and whether fields are int/comp_t
279dnl
280dnl GNU Accounting Utilities
281dnl Copyright (C) 1993, 1996, 1997, 2003, 2005 Free Software Foundation, Inc.
282dnl The GNU Accounting Utilities are free software; you can redistribute
283dnl them and/or modify them under the terms of the GNU General Public
284dnl License as published by the Free Software Foundation; either version
285dnl 2, or (at your option) any later version.
286dnl
287AC_CHECK_HEADER(sys/acct.h,
288 AC_DEFINE(HAVE_SYS_ACCT_H, ,
289 [Define if you have the <sys/acct.h> header file.])
290 AC_HEADER_EGREP(ac_utime, sys/acct.h,
291 AC_DEFINE(HAVE_ACUTIME, ,
292 [Define if <sys/acct.h> has the AC_UTIME field.])
293 AC_HEADER_EGREP(comp_t.*ac_utime, sys/acct.h,
294 AC_DEFINE(ACUTIME_COMPT, ,
295 [Define if <sys/acct.h>'s AC_UTIME field is a COMP_T.]))
296 )
297 AC_HEADER_EGREP(ac_stime, sys/acct.h,
298 AC_DEFINE(HAVE_ACSTIME, ,
299 [Define if <sys/acct.h> has the AC_STIME field.])
300 AC_HEADER_EGREP(comp_t.*ac_stime, sys/acct.h,
301 AC_DEFINE(ACSTIME_COMPT, ,
302 [Define if <sys/acct.h>'s AC_STIME field is a COMP_T.]))
303 )
304 AC_HEADER_EGREP(ac_etime, sys/acct.h,
305 AC_DEFINE(HAVE_ACETIME, ,
306 [Define if <sys/acct.h> has the AC_ETIME field.])
307 AC_HEADER_EGREP(comp_t.*ac_etime, sys/acct.h,
308 AC_DEFINE(ACETIME_COMPT, ,
309 [Define if <sys/acct.h>'s AC_ETIME field is a COMP_T.]))
310 )
311 AC_HEADER_EGREP(ac_io, sys/acct.h,
312 AC_DEFINE(HAVE_ACIO, ,
313 [Define if <sys/acct.h> has the AC_IO field.])
314 AC_HEADER_EGREP(comp_t.*ac_io, sys/acct.h,
315 AC_DEFINE(ACIO_COMPT, ,
316 [Define if <sys/acct.h>'s AC_IO field is a COMP_T.]))
317 )
318 AC_HEADER_EGREP(ac_mem, sys/acct.h,
319 AC_DEFINE(HAVE_ACMEM, ,
320 [Define if <sys/acct.h> has the AC_MEM field.])
321 AC_HEADER_EGREP(comp_t.*ac_mem, sys/acct.h,
322 AC_DEFINE(ACMEM_COMPT, ,
323 [Define if <sys/acct.h>'s AC_MEM field is a COMP_T.]))
324 )
325 AC_HEADER_EGREP(ac_minflt, sys/acct.h,
326 AC_HEADER_EGREP(ac_majflt, sys/acct.h,
327 AC_HEADER_EGREP(ac_swaps, sys/acct.h,
328 AC_DEFINE(HAVE_PAGING, ,
329 [Define if <sys/acct.h> has the AC_MINFLT, AC_MAJFLT and AC_SWAPS fields.])
330 AC_HEADER_EGREP(comp_t.*ac_minflt, sys/acct.h,
331 AC_DEFINE(ACMINFLT_COMPT, ,
332 [Define if <sys/acct.h>'s AC_MINFLT field is a COMP_T.]))
333 AC_HEADER_EGREP(comp_t.*ac_mayflt, sys/acct.h,
334 AC_DEFINE(ACMAJFLT_COMPT, ,
335 [Define if <sys/acct.h>'s AC_MAJFLT field is a COMP_T.]))
336 AC_HEADER_EGREP(comp_t.*ac_swaps, sys/acct.h,
337 AC_DEFINE(ACSWAPS_COMPT, ,
338 [Define if <sys/acct.h>'s AC_SWAPS field is a COMP_T.]))
339 )
340 )
341 )
342 AC_HEADER_EGREP(comp_t, sys/acct.h, AC_DEFINE(HAVE_COMP_T, ,
343 [Define if <sys/acct.h> uses the COMP_T type.]))
344 AC_HEADER_EGREP([struct acct_v3], sys/acct.h, AC_DEFINE(HAVE_ACCT_V3, ,
345 [Define if <sys/acct.h> has struct acct_v3.]))
346 AC_HEADER_EGREP([struct acctv2], sys/acct.h, AC_DEFINE(HAVE_ACCTV2, ,
347 [Define if <sys/acct.h> has struct acctv2.]))
348
349 )
350
351
352dnl need to check because AIX 4.2 does not have it
353dnl
354AC_CHECK_MEMBERS([struct statfs.f_flags],[],[],[
355#ifdef HAVE_SYS_TYPES_H
356#include <sys/types.h>
357#endif
358#ifdef HAVE_SYS_STAT_H
359#include <sys/stat.h>
360#endif
361#ifdef HAVE_SYS_VFS_H
362#include <sys/vfs.h>
363#endif
364#ifdef HAVE_UNISTD_H
365#include <unistd.h>
366#endif
367])
368
369AC_SYS_LARGEFILE
370
371dnl
372dnl check whether _POSIX_SOURCE is required
373dnl
374SAMHAIN_POSIX
375
376
377dnl *****************************************
378dnl
379dnl Checks for library functions.
380dnl
381dnl *****************************************
382AC_FUNC_STRFTIME
383AC_CHECK_FUNCS(memcmp memcpy memmove memset getpwent endpwent \
384 gettimeofday strlcat strlcpy strstr strchr strerror strsignal \
385 seteuid setreuid setresuid lstat getwd getcwd ptrace \
386 usleep setpriority getpeereid nanosleep \
387 strptime basename sched_yield hasmntopt \
388 inet_aton gethostbyname setutent setrlimit gethostname uname \
389 getaddrinfo getnameinfo \
390 initgroups getpagesize \
391 ttyname fchmod writev mmap tzset \
392 getsid getpriority getpgid statvfs \
393 strerror_r getgrgid_r getpwnam_r getpwuid_r \
394 gmtime_r localtime_r rand_r readdir_r strtok_r \
395 mincore posix_fadvise inotify_init1
396)
397AC_CHECK_FUNC(statfs, AC_DEFINE(HAVE_STATFS) statfs="yes", statfs="no")
398SL_CHECK_VA_COPY
399AC_CHECK_FUNCS(vsnprintf, [SL_CHECK_VSNPRINTF])
400AC_CHECK_MLOCK
401SH_STRFTIME_Z
402
403AC_MSG_CHECKING(how to get filesystem type)
404fstype=no
405# The order of these tests is important.
406AC_TRY_CPP([#include <sys/statvfs.h>
407#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_STATVFS) fstype=SVR4)
408if test $fstype = no; then
409AC_TRY_CPP([#include <sys/statfs.h>
410#include <sys/fstyp.h>], AC_DEFINE(FSTYPE_USG_STATFS) fstype=SVR3)
411fi
412if test $fstype = no; then
413AC_TRY_CPP([#include <sys/statfs.h>
414#include <sys/vmount.h>], AC_DEFINE(FSTYPE_AIX_STATFS) fstype=AIX)
415fi
416if test $fstype = no; then
417AC_TRY_CPP([#include <mntent.h>], AC_DEFINE(FSTYPE_MNTENT) fstype=4.3BSD)
418fi
419if test $fstype = no; then
420AC_EGREP_HEADER(f_type;, sys/mount.h, AC_DEFINE(FSTYPE_STATFS) fstype=4.4BSD/OSF)
421fi
422if test $fstype = no; then
423AC_TRY_CPP([#include <sys/mount.h>
424#include <sys/fs_types.h>], AC_DEFINE(FSTYPE_GETMNT) fstype=Ultrix)
425fi
426AC_MSG_RESULT($fstype)
427
428sh_libsocket=
429
430dnl Solaris needs -lsocket and -lnsl. Unisys system includes
431dnl gethostbyname in libsocket but needs libnsl for socket.
432AC_CHECK_LIB(nsl, gethostbyname)
433AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1)
434if test x$ac_need_libsocket = x1; then
435 LIBS="$LIBS -lsocket"
436 sh_libsocket="-lsocket"
437fi
438if test x$ac_try_nsl = x1; then
439 AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1)
440 if test x$ac_need_libnsl = x1
441 then
442 LIBS="$LIBS -lnsl"
443 fi
444fi
445AC_SUBST(sh_libsocket)
446
447AC_CHECK_LIB(socket, res_search, [
448 AC_CHECK_LIB(resolv, dn_skipname)
449 AC_CHECK_LIB(resolv, __dn_skipname)
450 if test x$ac_need_libsocket = x1; then
451 :
452 else
453 LIBS="$LIBS -lsocket"
454 fi
455 ], [
456 AC_CHECK_LIB(resolv, res_search, [
457 LIBS="$LIBS -lresolv"
458 ], [
459 AC_CHECK_LIB(resolv, dn_skipname)
460 AC_CHECK_LIB(resolv, __dn_skipname)
461 ])
462 ])
463
464sh_auparse=no
465
466if test "x$ac_cv_header_auparse_h" = "xyes"
467then
468 AC_CHECK_LIB(auparse, auparse_find_field, [
469 LIBS="$LIBS -lauparse"
470 sh_auparse=yes
471 AC_DEFINE(HAVE_AUPARSE_LIB, 1, [Define if you have the auparse lib])
472 ])
473fi
474
475dnl arguments for accept
476
477dnl check for Unix98 socklen_t (found on
478dnl xemacs-patches mailing list, written
479dnl by Martin Buchholz)
480dnl
481dnl On Darwin(MacOSX) socklen_t needs to be
482dnl an int (see accept man page), on all other
483dnl unix systems we need a size_t.
484
485AC_MSG_CHECKING(for socklen_t)
486AC_TRY_COMPILE([
487#ifdef HAVE_SYS_TYPES_H
488#include <sys/types.h>
489#endif
490#ifdef HAVE_SYS_SOCKET_H
491#include <sys/socket.h>
492#endif
493 socklen_t x;
494], [],[
495 AC_MSG_RESULT(yes)
496 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[socklen_t], [type of arg3 of accept])
497 AC_DEFINE([HAVE_SOCKLEN_T], 1, [Define if you have socklen_t])
498],[
499 AC_TRY_COMPILE([
500#ifdef HAVE_SYS_TYPES_H
501#include <sys/types.h>
502#endif
503#ifdef HAVE_SYS_SOCKET_H
504#include <sys/socket.h>
505#endif
506 int accept (int, struct sockaddr *, size_t *);
507 ],[],[
508 AC_MSG_RESULT(size_t)
509 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[size_t], [type of arg3 of accept])
510 ], [
511 AC_MSG_RESULT(int)
512 AC_DEFINE_UNQUOTED([ACCEPT_TYPE_ARG3],[int], [type of arg3 of accept])
513 ]
514 )
515])
516
517dnl *****************************************
518dnl checks for extended attribute or ACL
519dnl support
520dnl *****************************************
521
522sh_CHECK_XATTR
523sh_CHECK_POSIX_ACL
524
525dnl *****************************************
526dnl checks for typedefs
527dnl *****************************************
528
529AC_C_LONG_DOUBLE
530SH_CHECK_TYPEDEF(long long, HAVE_LONG_LONG)
531SH_CHECK_TYPEDEF(uint16_t, HAVE_UINT16_T)
532SH_CHECK_TYPEDEF(uint64_t, HAVE_UINT64_T)
533if test "$sh_HAVE_LONG_LONG" = "yes"; then
534 AC_CHECK_SIZEOF(unsigned long long, 4)
535 sh_sizeof_unsigned_long_long=`echo "$ac_cv_sizeof_unsigned_long_long" | sed 's%[^0-9]%%g'`
536 if test "$sh_sizeof_unsigned_long_long" = "8"; then
537 AC_DEFINE(HAVE_LONG_LONG_64, 1, [Define if you have 64bit long long])
538 fi
539fi
540
541AC_CHECK_TYPE(ptrdiff_t, long)
542AC_TYPE_SIZE_T
543AC_CHECK_SIZEOF(char *, 4)
544AC_CHECK_SIZEOF(size_t, 4)
545
546AC_CHECK_SIZEOF(unsigned long, 4)
547AC_CHECK_SIZEOF(unsigned int, 4)
548AC_CHECK_SIZEOF(unsigned short, 2)
549
550
551sh_sizeof_unsigned_long=`echo "$ac_cv_sizeof_unsigned_long" | sed 's%[^0-9]%%g'`
552if test "$sh_sizeof_unsigned_long" = "4"; then
553 AC_DEFINE(HAVE_LONG_32)
554fi
555if test "$sh_sizeof_unsigned_long" = "8"; then
556 AC_DEFINE(HAVE_LONG_64)
557fi
558sh_sizeof_unsigned_int=`echo "$ac_cv_sizeof_unsigned_int" | sed 's%[^0-9]%%g'`
559if test "$sh_sizeof_unsigned_int" = "4"; then
560 AC_DEFINE(HAVE_INT_32)
561fi
562sh_sizeof_unsigned_short=`echo "$ac_cv_sizeof_unsigned_short" | sed 's%[^0-9]%%g'`
563if test "$sh_sizeof_unsigned_short" = "4"; then
564 AC_DEFINE(HAVE_SHORT_32)
565fi
566
567dnl
568dnl check for 64 bit programming environment
569dnl
570SAMHAIN_64
571
572
573dnl *****************************************
574dnl checks for structures
575dnl *****************************************
576
577AC_STRUCT_TM
578
579dnl
580dnl from e2fsprogs
581dnl
582AC_MSG_CHECKING(whether struct stat has a st_flags field)
583AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags,
584 AC_TRY_COMPILE([#include <sys/stat.h>],
585 [struct stat stat; stat.st_flags = 0;],
586 [e2fsprogs_cv_struct_st_flags=yes],
587 [e2fsprogs_cv_struct_st_flags=no]))
588AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags)
589if test "$e2fsprogs_cv_struct_st_flags" = yes; then
590 AC_MSG_CHECKING(whether st_flags field is useful)
591 AC_CACHE_VAL(e2fsprogs_cv_struct_st_flags_immut,
592 AC_TRY_COMPILE([#include <sys/stat.h>],
593 [struct stat stat; stat.st_flags |= UF_IMMUTABLE;],
594 [e2fsprogs_cv_struct_st_flags_immut=yes],
595 [e2fsprogs_cv_struct_st_flags_immut=no]))
596 AC_MSG_RESULT($e2fsprogs_cv_struct_st_flags_immut)
597 if test "$e2fsprogs_cv_struct_st_flags_immut" = yes; then
598 AC_DEFINE(HAVE_STAT_FLAGS)
599 fi
600fi
601
602dnl
603dnl from dbus
604dnl
605AC_MSG_CHECKING(for struct cmsgcred)
606AC_TRY_COMPILE([
607#include <sys/types.h>
608#include <sys/socket.h>
609],[
610struct cmsgcred cred;
611
612cred.cmcred_pid = 0;
613],sh_have_struct_cmsgcred=yes,sh_have_struct_cmsgcred=no)
614AC_MSG_RESULT($sh_have_struct_cmsgcred)
615
616if test x$sh_have_struct_cmsgcred = xyes; then
617 AC_DEFINE(HAVE_STRUCT_CMSGCRED,1,[Have cmsgcred structure])
618fi
619
620AC_MSG_CHECKING(for struct fcred)
621AC_TRY_COMPILE([
622#include <sys/param.h>
623#include <sys/socket.h>
624#include <sys/ucred.h>
625],[
626struct fcred sockcred;
627],sh_have_struct_fcred=yes,sh_have_struct_fcred=no)
628AC_MSG_RESULT($sh_have_struct_fcred)
629
630if test x$sh_have_struct_fcred = xyes; then
631 AC_DEFINE(HAVE_STRUCT_FCRED,1,[Have fcred structure])
632fi
633
634AC_MSG_CHECKING(for struct sockcred)
635AC_TRY_COMPILE([
636#include <sys/param.h>
637#include <sys/socket.h>
638#include <sys/ucred.h>
639],[
640struct sockcred sockcred;
641],sh_have_struct_sockcred=yes,sh_have_struct_sockcred=no)
642AC_MSG_RESULT($sh_have_struct_sockcred)
643
644if test x$sh_have_struct_sockcred = xyes; then
645 AC_DEFINE(HAVE_STRUCT_SOCKCRED,1,[Have sockcred structure])
646fi
647
648AC_MSG_CHECKING(for SO_PEERCRED)
649AC_TRY_COMPILE([
650#include <sys/types.h>
651#include <sys/socket.h>
652],[
653int test = SO_PEERCRED;
654],sh_have_SO_PEERCRED=yes,sh_have_SO_PEERCRED=no)
655AC_MSG_RESULT($sh_have_SO_PEERCRED)
656
657if test x$sh_have_SO_PEERCRED = xyes; then
658 AC_DEFINE(HAVE_SO_PEERCRED,1,[Have SO_PEERCRED define])
659fi
660
661
662dnl *****************************************
663dnl checks for compiler characteristics
664dnl *****************************************
665AC_C_INLINE
666AC_C_CONST
667AC_C_BIGENDIAN
668AC_C_RESTRICT
669
670AM_SA_SIGACTION_WORKS
671
672AC_ARG_ENABLE(ssp,
673 [ --disable-ssp disable the GCC stack protector],
674 [],
675 [enable_ssp=yes;]
676)
677
678if test "x$GCC" = "xyes"; then
679
680 if test x"${enable_ssp}" = xno; then
681 :
682 else
683 GCC_STACK_PROTECT_LIB
684 GCC_STACK_PROTECT_CC
685dnl GCC_STACK_CHECK_CC
686 GCC_PIE_CC
687 fi
688
689fi
690
691dnl *****************************************
692dnl
693dnl checks for system services
694dnl
695dnl *****************************************
696
697dnl
698dnl check for /proc filesystem
699dnl
700if test -d "/proc/$$"
701then
702 AC_DEFINE([HAVE_PROCFS],[1],[Define if you have a proc fs])
703fi
704
705dnl
706dnl check for GNU gmp
707dnl
708AC_CHECK_LIB(gmp, __gmpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
709if test "x${sh_have_gmp}" = xno
710then
711 AC_CHECK_LIB(gmp, mpz_init, [sh_have_gmp=yes], [sh_have_gmp=no])
712fi
713if test "x${sh_have_gmp}" = xyes
714then
715 # LIBS="-lgmp $LIBS"
716 AC_DEFINE(HAVE_LIBGMP, 1, [Have GNU gmp library])
717fi
718AC_CHECK_HEADERS(gmp.h)
719
720AC_MSG_CHECKING([for ps])
721PS=
722for ff in /usr/ucb /bin /usr/bin; do
723 if test -x "$ff/ps"; then
724 PS="$ff/ps"
725 AC_MSG_RESULT([$PS])
726 break
727 fi
728done
729if test x$PS = x
730then
731 AC_MSG_RESULT([no])
732 AC_MSG_ERROR([Cannot find ps in any of /usr/ucb /bin /usr/bin])
733fi
734AC_DEFINE_UNQUOTED([PSPATH], _("$PS"), [Path to ps])
735
736AC_MSG_CHECKING([how to use ps])
737$PS ax >/dev/null 2>&1
738if test $? -eq 0; then
739 case "$host_os" in
740 *openbsd*)
741 one=`$PS akx | wc -l`
742 ;;
743 *)
744 one=`$PS ax | wc -l`
745 ;;
746 esac
747else
748 one=0
749fi
750$PS -e >/dev/null 2>&1
751if test $? -eq 0; then
752 two=`$PS -e | wc -l`
753else
754 two=0
755fi
756if test $one -ge $two
757then
758 case "$host_os" in
759 *openbsd*)
760 PSARG="akx"
761 ;;
762 *)
763 PSARG="ax"
764 ;;
765 esac
766else
767 PSARG="-e"
768fi
769AC_DEFINE_UNQUOTED([PSARG], _("$PSARG"), [Argument for ps])
770AC_MSG_RESULT([$PS $PSARG])
771
772dnl *****************************************
773dnl
774dnl enable features
775dnl
776dnl *****************************************
777
778AC_ARG_ENABLE(db-reload,
779 [ --enable-db-reload enable database reload on SIGHUP [[no]]],
780 [
781 if test "x${enable_db_reload}" = xyes; then
782 AC_DEFINE(RELOAD_DATABASE)
783 fi
784 ]
785)
786
787AC_ARG_ENABLE(xml-log,
788 [ --enable-xml-log enable XML logfile format [[no]]],
789 [
790 if test "x${enable_xml_log}" = xyes; then
791 AC_DEFINE(SH_USE_XML)
792 fi
793 ]
794)
795
796
797AC_ARG_ENABLE(mail,
798 [ --disable-mail disable the internal SMTP mailer],
799 [
800 if test "x${enable_mail}" = xno; then
801 :
802 else
803 AC_DEFINE(SH_WITH_MAIL)
804 fi
805 ],
806 [AC_DEFINE(SH_WITH_MAIL)]
807)
808
809AC_ARG_ENABLE(suid,
810 [ --enable-suid allow suid],
811 [
812 if test "x${enable_suid}" = xyes; then
813 AC_DEFINE(SH_ALLOW_SUID, [1], [Define if you want to allow suid execution for samhain])
814 fi
815 ]
816)
817
818AC_ARG_ENABLE(shellexpand,
819 [ --disable-shellexpand disable shell expansion in config file],
820 [
821 if test "x${enable_shellexpand}" = xno; then
822 :
823 else
824 AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])
825 fi
826 ],
827 [AC_DEFINE(SH_EVAL_SHELL, [1], [Define if you want shell expansion in configuration file])]
828)
829
830AC_ARG_ENABLE(external-scripts,
831 [ --disable-external-scripts disable interface to external scripts],
832 [
833 if test "x${enableval}" = xno; then
834 :
835 else
836 AC_DEFINE(WITH_EXTERNAL)
837 fi
838 ],
839 [AC_DEFINE(WITH_EXTERNAL)]
840)
841
842AC_ARG_ENABLE(message-queue,
843 [ --enable-message-queue[[=MODE]] enable SysV message queue [[MODE=0700]]],
844 [
845 if test "x${ac_cv_header_sys_msg_h}" = "xyes"; then
846 if test "x${enable_message_queue}" = xyes; then
847 AC_DEFINE(WITH_MESSAGE_QUEUE)
848 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, 0700)
849 elif test "x${enable_message_queue}" != xno; then
850 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
851 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be numeric])
852 echo "${enableval}" | \
853 grep ['0[0123456789][0123456789][0123456789]'] >/dev/null 2>&1 ||
854 AC_MSG_ERROR([With --enable-message-queue=MODE, MODE must be an octal (0nnn) number])
855 AC_DEFINE(WITH_MESSAGE_QUEUE)
856 AC_DEFINE_UNQUOTED(MESSAGE_QUEUE_MODE, ${enable_message_queue})
857 fi
858 else
859 echo
860 echo "**********************************************"
861 echo
862 AC_MSG_WARN([sys/msg.h missing, --enable-message-queue disabled])
863 echo
864 echo "**********************************************"
865 echo
866 fi
867 ]
868)
869
870AC_ARG_WITH(cflags,
871 [ --with-cflags additional flags to pass to compiler],
872 [
873 if test "x$withval" != "xno" ; then
874 CFLAGS="$CFLAGS $withval"
875 fi
876 ]
877)
878AC_ARG_WITH(libs,
879 [ --with-libs additional libraries to link with],
880 [
881 if test "x$withval" != "xno" ; then
882 LIBS="$LIBS $withval"
883 fi
884 ]
885)
886
887
888#
889# this is from ssh
890#
891AC_MSG_CHECKING(whether to use libwrap)
892LIBWRAP_LIB=""
893LIBWRAP_INC=""
894AC_ARG_WITH(libwrap,
895[ --with-libwrap[=PATH] Compile in libwrap (TCP Wrappers) support],
896[ AC_MSG_RESULT($withval)
897 case "$withval" in
898 no)
899 ;;
900 ""|yes)
901 LIBWRAP_LIB="-lwrap"
902 ;;
903 *)
904 if test -d "$withval"; then
905 LIBWRAP_LIB="-L$withval -lwrap"
906 changequote(<<, >>)dnl
907 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
908 LIBWRAP_INC="-I${sh_libwrap_inc}/include"
909 changequote([, ])dnl
910 else
911 LIBWRAP_LIB="-lwrap"
912 changequote(<<, >>)dnl
913 sh_libwrap_inc=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
914 LIBWRAP_INC="-I${sh_libwrap_inc}"
915 changequote([, ])dnl
916 fi
917 ;;
918 esac
919 if test -n "$LIBWRAP_LIB"; then
920 # OLDLIBS="$LIBS"
921 LIBS="$LIBWRAP_LIB $LIBS"
922 # OLDCFLAGS="$CFLAGS"
923 CFLAGS="$CFLAGS $LIBWRAP_INC"
924 AC_CHECK_HEADER(tcpd.h,
925 [],
926 [ AC_MSG_ERROR([Could not find tcpd.h for libwrap. You need to install tcp_wrappers.]) ])
927 AC_TRY_LINK([ #include <tcpd.h>
928 int allow_severity; int deny_severity; ],
929 [ hosts_access((struct request_info *) 0); ],
930 [ AC_DEFINE(SH_USE_LIBWRAP,1,[Build with tcp wrapper support]) ],
931 [ AC_MSG_ERROR([Could not find the libwrap library.]) ])
932 fi ],
933 AC_MSG_RESULT(no)
934)
935
936
937dnl
938dnl NETWORK OPTIONS
939dnl
940AC_ARG_ENABLE(network,
941 [ --enable-network=[[client|server]] compile client or server [[no]]],
942 [
943 if test "x$enable_network" = xclient; then
944 mytclient="-DSH_WITH_CLIENT"
945 yulectl_prg=
946 setpwd_prg="samhain_setpwd"
947 sh_main_prg="samhain"
948 if test "x${sh_have_gmp}" = xyes
949 then
950 LIBS="-lgmp $LIBS"
951 fi
952dnl AC_CHECK_HEADER(sys/capability.h,
953dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
954dnl [sh_use_lcaps="no"])
955 elif test "x$enable_network" = xserver; then
956 mytclient="-DSH_WITH_SERVER"
957 yulectl_prg="yulectl"
958 setpwd_prg="samhain_setpwd"
959 sh_main_prg="yule"
960 if test "x${sh_have_gmp}" = xyes
961 then
962 LIBS="-lgmp $LIBS"
963 fi
964 sh_use_lcaps="undef"
965 elif test "x$enable_network" = xno; then
966 mytclient="-DSH_STANDALONE"
967 yulectl_prg=
968 setpwd_prg=
969 sh_main_prg="samhain"
970dnl AC_CHECK_HEADER(sys/capability.h,
971dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
972dnl [sh_use_lcaps="no"])
973 else
974 AC_MSG_ERROR([With --enable-network=WHAT, WHAT must be client, server, or no])
975 fi
976 ],
977 [
978 mytclient="-DSH_STANDALONE"
979 setpwd_prg=
980 yulectl_prg=
981 sh_main_prg="samhain"
982dnl AC_CHECK_HEADER(sys/capability.h,
983dnl [AC_CHECK_LIB(cap, cap_get_proc,,sh_use_lcaps="no")],
984dnl [sh_use_lcaps="no"])
985 ],
986)
987
988AC_SUBST(setpwd_prg)
989AC_SUBST(yulectl_prg)
990AC_SUBST(sh_main_prg)
991AC_SUBST(mytclient)
992
993# needed for the rpm spec
994clmytclient=`echo ${mytclient} | sed s%\-%%`
995AC_SUBST(clmytclient)
996
997sh_no_gcc_static=no
998
999AC_ARG_ENABLE(static,
1000 [ --enable-static enable static linking [[no]]],
1001 [
1002 if test x$enable_static = xyes; then
1003 if test x"$mynetbsd" = xyes
1004 then
1005 tmp_LIBS=`echo $LIBS | sed 's%\-lresolv%%' `
1006 LIBS="${tmp_LIBS}"
1007 fi
1008 if test x"${sh_auparse}" = xyes
1009 then
1010 tmp_LIBS=`echo $LIBS | sed 's%\-lauparse%%' `
1011 LIBS="${tmp_LIBS}"
1012 fi
1013 AC_DEFINE(SH_COMPILE_STATIC, 1, [Define if compiling static])
1014 if test "x$GCC" = "xyes"; then
1015 sh_no_gcc_static=no
1016 LDFLAGS="$LDFLAGS -static"
1017 else
1018 sh_no_gcc_static=yes
1019 case "$host_os" in
1020
1021 *aix*)
1022 LDFLAGS="$LDFLAGS -bnso -bI:/lib/syscalls.exp"
1023 ;;
1024
1025 *hpux*)
1026 LDFLAGS="$LDFLAGS -Wl,-a,archive"
1027 ;;
1028
1029 *osf*)
1030 LDFLAGS="$LDFLAGS -non_shared"
1031 ;;
1032
1033 *irix*)
1034 LDFLAGS="$LDFLAGS -non_shared"
1035 ;;
1036
1037 *sco*)
1038 LDFLAGS="$LDFLAGS -dn"
1039 ;;
1040
1041 *sun*)
1042 LDFLAGS="$LDFLAGS -Bstatic"
1043 ;;
1044
1045 *solaris*)
1046 LDFLAGS="$LDFLAGS -Bstatic"
1047 ;;
1048
1049 *)
1050 echo "***********************************************"
1051 echo "*"
1052 echo "* Don't know how to enable static linking"
1053 echo "* with your compiler. Please set the environment"
1054 echo "* variable LDFLAGS to:"
1055 echo "* ${LDFLAGS} + the static linking flag"
1056 echo "* and run configure again"
1057 echo "*"
1058 echo "***********************************************"
1059 ;;
1060
1061 esac
1062 fi
1063 fi
1064 ]
1065)
1066
1067if test x"${mytclient}" = x-DSH_STANDALONE -o x"${mytclient}" = x-DSH_WITH_CLIENT;
1068then
1069dnl For threaded modules
1070 ACX_PTHREAD
1071 CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
1072 LIBS="$PTHREAD_LIBS $LIBS"
1073 LDFLAGS="$PTHREAD_CFLAGS $LDFLAGS"
1074 CC="$PTHREAD_CC"
1075dnl For MODI_TXT
1076 CHECK_ZLIB()
1077fi
1078
1079if test x$enable_static = xyes; then
1080 :
1081else
1082 if test x$sh_use_pie = xyes; then
1083 LDFLAGS="$LDFLAGS $PIE_LDFLAGS"
1084 CFLAGS="$CFLAGS $PIE_CFLAGS"
1085 fi
1086fi
1087AC_CHECK_FUNC(pmap_getmaps,
1088 AC_DEFINE([HAVE_PMAP_GETMAPS], [], [Define if pmap_getmaps available]), [],[])
1089
1090
1091#
1092# this is from the snort configure.in
1093#
1094AC_DEFUN(FAIL_MESSAGE,[
1095 echo
1096 echo
1097 echo "**********************************************"
1098 echo " ERROR: unable to find" $1
1099 echo " checked in the following places"
1100 for i in `echo $2`; do
1101 echo " $i"
1102 done
1103 echo "**********************************************"
1104 echo
1105 exit
1106])
1107
1108AC_ARG_WITH(libprelude-prefix,
1109 [ --with-libprelude-prefix=PFX Prefix where libprelude is installed (optional)],
1110 libprelude_config_prefix="$withval", libprelude_config_prefix="")
1111
1112AC_MSG_CHECKING(whether to use prelude)
1113AC_ARG_WITH(prelude,
1114 [ --with-prelude Prelude IDS support [[no]]],
1115 [
1116 if test "x${withval}" = "xno"; then
1117 AC_MSG_RESULT(no)
1118 else
1119 AC_MSG_RESULT(yes)
1120 if test x$libprelude_config_prefix != x ; then
1121 if test x${LIBPRELUDE_CONFIG+set} != xset ; then
1122 LIBPRELUDE_CONFIG=$libprelude_config_prefix/bin/libprelude-config
1123 fi
1124 fi
1125
1126 AC_PATH_PROG(LIBPRELUDE_CONFIG, libprelude-config, no)
1127 if test x"$LIBPRELUDE_CONFIG" = "xno" ; then
1128 HAVE_PRELUDE_CONFIG=no
1129 else
1130 HAVE_PRELUDE_CONFIG=yes
1131 fi
1132dnl AC_CHECK_PROG(HAVE_PRELUDE_CONFIG, libprelude-config, yes, no)
1133 if test "$HAVE_PRELUDE_CONFIG" = "yes"; then
1134 sh_libprelude_version=`$LIBPRELUDE_CONFIG --version`
1135 case "$sh_libprelude_version" in
1136 0.8*)
1137 AC_MSG_ERROR([You have Libprelude 0.8, which is too old. Version 0.9.6 or higher is required.])
1138 ;;
1139 *)
1140 AM_PATH_LIBPRELUDE([0.9.6],
1141 [
1142 AC_DEFINE(HAVE_LIBPRELUDE,1,[Have libprelude])
1143 CFLAGS="$CFLAGS $LIBPRELUDE_PTHREAD_CFLAGS"
1144 LDFLAGS="$LDFLAGS $LIBPRELUDE_LDFLAGS"
1145 LIBS="$LIBS $LIBPRELUDE_LIBS"
1146 ],
1147 [
1148 AC_MSG_ERROR([Could not find libprelude (if you are using --enable-static, the static library libprelude.a might be missing).])
1149 ])
1150 ;;
1151 esac
1152 else
1153 AC_MSG_ERROR([Could not find libprelude-config.])
1154 fi
1155 fi
1156 ],
1157 [
1158 AC_MSG_RESULT(no)
1159 ]
1160)
1161
1162#
1163# partly based on the snort configure.in
1164#
1165AC_ARG_WITH(database,
1166 [ --with-database=[[mysql|postgresql|oracle|odbc]] database support [[no]]],
1167 [
1168 if test x"$enable_xml_log" != xyes; then
1169 AC_MSG_ERROR([With --with-database, --enable-xml-log is required as well.])
1170 fi
1171 if test "x${withval}" = "xmysql"; then
1172 if test "x$zlib_found" = "x"
1173 then
1174 CHECK_ZLIB()
1175 fi
1176 AC_CHECK_PROG(HAVE_MYSQL_CONFIG, mysql_config, yes, no)
1177 if test "$HAVE_MYSQL_CONFIG" = "yes"; then
1178 sh_mysql_libs="`mysql_config --libs`"
1179 sh_mysql_libs="`eval echo ${sh_mysql_libs}`"
1180 LIBS="$LIBS ${sh_mysql_libs}"
1181 sh_mysql_cflags="`mysql_config --cflags`"
1182 sh_mysql_cflags="`eval echo ${sh_mysql_cflags}`"
1183 CPPFLAGS="$CPPFLAGS ${sh_mysql_cflags}"
1184 else
1185 AC_MSG_CHECKING([for MySQL in /usr /usr/local /usr/local/mysql MYSQL_HOME])
1186 mysql_directory="/usr /usr/local /usr/local/mysql ${MYSQL_HOME}"
1187
1188 for i in $mysql_directory; do
1189 if test -r $i/include/mysql/mysql.h; then
1190 MYSQL_DIR=$i
1191 MYSQL_INC_DIR=$i/include
1192 # we use AC_CHECK_HEADERS to check for mysql/mysql.h
1193 fi
1194 done
1195 if test -z "$MYSQL_DIR"; then
1196 for i in $mysql_directory; do
1197 if test -r $i/include/mysql.h; then
1198 MYSQL_DIR=$i
1199 MYSQL_INC_DIR=$i/include
1200 fi
1201 done
1202 fi
1203
1204 if test -z "$MYSQL_DIR"; then
1205 tmp=""
1206 for i in $mysql_directory; do
1207 tmp="$tmp $i/include $i/include/mysql"
1208 done
1209 FAIL_MESSAGE("mysql headers (mysql.h)", $tmp)
1210 fi
1211
1212 for i in lib lib/mysql; do
1213 str="$MYSQL_DIR/$i/libmysqlclient.*"
1214 for j in `echo $str`; do
1215 if test -r $j; then
1216 MYSQL_LIB_DIR="$MYSQL_DIR/$i"
1217 break 2
1218 fi
1219 done
1220 done
1221
1222 if test -z "$MYSQL_LIB_DIR"; then
1223 for ff in $mysql_directory; do
1224 for i in lib lib/mysql; do
1225 str="$ff/$i/libmysqlclient.*"
1226 for j in `echo $str`; do
1227 if test -r $j; then
1228 MYSQL_LIB_DIR="$ff/$i"
1229 break 3
1230 fi
1231 done
1232 done
1233 done
1234 fi
1235
1236 if test -z "$MYSQL_LIB_DIR"; then
1237 tmp=""
1238 for i in $mysql_directory; do
1239 tmp="$i/lib $i/lib/mysql"
1240 done
1241 FAIL_MESSAGE("mysql library libmysqlclient", $tmp)
1242 fi
1243
1244 AC_MSG_RESULT(yes)
1245 LIBS="$LIBS -L${MYSQL_LIB_DIR} -lmysqlclient"
1246 # CFLAGS="$CFLAGS -I${MYSQL_INC_DIR}"
1247 CPPFLAGS="$CPPFLAGS -I${MYSQL_INC_DIR}"
1248 fi
1249 AC_DEFINE(WITH_MYSQL)
1250 AC_DEFINE(WITH_DATABASE)
1251 if test "x$zlib_found" = "xyes"
1252 then
1253 LIBS="$LIBS -lz -lm"
1254 else
1255 echo
1256
1257 echo " Mysql library was not found or not useable."
1258 echo " Possible reasons include:"
1259 echo " - an old, incompatible version compiled from source"
1260 echo " - on Solaris, libmysql is compiled with the Solaris"
1261 echo " compiler, thus the mysql_config script provides"
1262 echo " compiler options unsuitable for gcc (move"
1263 echo " mysql_config out of your PATH)"
1264 echo " For other problems, check config.log for the error"
1265 echo " message from the compiler."
1266 echo
1267 echo " If your mysql libraries are installed in an"
1268 echo " unusual place, use --with-libs=-L/path/to/libdirectory"
1269 echo " where libdirectory is the directory holding libmysql."
1270 if test x"$enable_static" = xyes; then
1271 echo " Note that for compiling a static binary, you need"
1272 echo " the static libraries, rather than the shared ones."
1273 fi
1274 echo
1275 AC_MSG_ERROR([Could not find libmysql, or it is not useable.])
1276 fi
1277 AC_CHECK_HEADERS(mysql/mysql.h)
1278 elif test "x${withval}" = "xpostgresql"; then
1279 AC_DEFINE(WITH_POSTGRES)
1280 AC_DEFINE(WITH_DATABASE)
1281 #
1282 PGCONF="no"
1283 MY_PATH="${PATH}:/usr/local/bin:/usr/local/pgsql/bin"
1284 OLD_IFS="$IFS"
1285 IFS=":"
1286 for ff in ${MY_PATH}
1287 do
1288 if test -f "$ff/pg_config"
1289 then
1290 PGCONF="$ff/pg_config"
1291 fi
1292 done
1293 IFS="${OLD_IFS}"
1294 #
1295 #
1296 if test "x${PGCONF}" = "xno"
1297 then
1298 AC_MSG_CHECKING(for PostgreSQL in /usr/local/pgsql /usr/pgsql /usr/local /usr PGSQL_HOME)
1299 pgsql_directory="/usr/local/pgsql /usr/pgsql /usr/local /usr ${PGSQL_HOME}"
1300 for i in $pgsql_directory; do
1301 if test -r $i/include/pgsql/libpq-fe.h; then
1302 PGSQL_INC_DIR=$i/include
1303 PGSQL_DIR=$i
1304 # use AC_CHECK_HEADERS to check for pgsql/libpq-fe.h
1305 fi
1306 done
1307 if test -z "$PGSQL_DIR"; then
1308 for i in $pgsql_directory; do
1309 if test -r $i/include/postgresql/libpq-fe.h; then
1310 PGSQL_INC_DIR=$i/include
1311 PGSQL_DIR=$i
1312 fi
1313 done
1314 fi
1315 if test -z "$PGSQL_DIR"; then
1316 for i in $pgsql_directory; do
1317 if test -r $i/include/libpq-fe.h; then
1318 PGSQL_INC_DIR=$i/include
1319 PGSQL_DIR=$i
1320 fi
1321 done
1322 fi
1323
1324 if test -z "$PGSQL_DIR"; then
1325 tmp=""
1326 for i in $pgsql_directory; do
1327 tmp="$tmp $i/include $i/include/pgsql $i/include/postgresql"
1328 done
1329 FAIL_MESSAGE("PostgreSQL header file (libpq-fe.h)", $tmp)
1330 fi
1331
1332 for i in lib lib/pgsql lib/postgresql; do
1333 str="$PGSQL_DIR/$i/libpq.*"
1334 for j in `echo $str`; do
1335 if test -r $j; then
1336 PGSQL_LIB_DIR="$PGSQL_DIR/$i"
1337 break 2
1338 fi
1339 done
1340 done
1341
1342 if test -z "$PGSQL_LIB_DIR"; then
1343 for ff in $pgsql_directory; do
1344 for i in lib lib/pgsql lib/postgresql; do
1345 str="$ff/$i/libpq.*"
1346 for j in `echo $str`; do
1347 if test -r $j; then
1348 PGSQL_LIB_DIR="$ff/$i"
1349 break 3
1350 fi
1351 done
1352 done
1353 done
1354 fi
1355
1356 if test -z "$PGSQL_LIB_DIR"; then
1357 tmp=""
1358 for i in $pgsql_directory; do
1359 tmp="$i/lib $i/lib/pgsql $i/lib/postgresql"
1360 done
1361 FAIL_MESSAGE("postgresql library libpq", $tmp)
1362 fi
1363
1364 AC_MSG_RESULT(yes)
1365
1366 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1367 if test x"$enable_static" = xyes; then
1368 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lcrypt -lm"
1369 else
1370 LIBS="$LIBS -L${PGSQL_LIB_DIR} -lpq -lm"
1371 fi
1372 # CFLAGS="$CFLAGS -I${PGSQL_INC_DIR}"
1373 CPPFLAGS="$CPPFLAGS -I${PGSQL_INC_DIR}"
1374 AC_CHECK_HEADERS(pgsql/libpq-fe.h)
1375 AC_CHECK_HEADERS(postgresql/libpq-fe.h)
1376 else
1377 pg_lib_dir=`${PGCONF} --libdir`
1378 if test x"$enable_static" = xyes; then
1379 LIBS="$LIBS -L${pg_lib_dir} -lpq -lcrypt -lm"
1380 else
1381 LIBS="$LIBS -L${pg_lib_dir} -lpq -lm"
1382 fi
1383 pg_inc_dir=`${PGCONF} --includedir`
1384 # CFLAGS="$CFLAGS -I${pg_inc_dir}"
1385 CPPFLAGS="$CPPFLAGS -I${pg_inc_dir}"
1386 fi
1387 elif test "x${withval}" = "xodbc"; then
1388 AC_MSG_CHECKING(for odbc in /usr /usr/local ODBC_HOME)
1389 odbc_directory="/usr /usr/local"
1390
1391 for i in $odbc_directory; do
1392 if test -r $i/include/sql.h; then
1393 if test -r $i/include/sqlext.h; then
1394 if test -r $i/include/sqltypes.h; then
1395 ODBC_DIR=$i
1396 ODBC_INC_DIR=$i/include
1397 fi
1398 fi
1399 fi
1400 done
1401
1402 if test -z "$ODBC_DIR"; then
1403 tmp=""
1404 for i in $odbc_directory; do
1405 tmp="$tmp $i/include"
1406 done
1407 FAIL_MESSAGE("odbc headers (sql.h sqlext.h sqltypes.h)", $tmp)
1408 fi
1409
1410 str="$ODBC_DIR/lib/libodbc.*"
1411 for j in `echo $str`; do
1412 if test -r $j; then
1413 ODBC_LIB_DIR="$ODBC_DIR/lib"
1414 ODBC_LIB="odbc"
1415 fi
1416 done
1417
1418 if test -z "$ODBC_LIB_DIR"; then
1419 FAIL_MESSAGE("odbc library (libodbc)", "$ODBC_DIR/lib")
1420 fi
1421
1422 AC_MSG_RESULT(yes)
1423 CPPFLAGS="${CPPFLAGS} -I${ODBC_INC_DIR}"
1424 LIBS="${LIBS} -L${ODBC_LIB_DIR} -l$ODBC_LIB"
1425 AC_DEFINE(WITH_ODBC)
1426 AC_DEFINE(WITH_DATABASE)
1427
1428 elif test "x${withval}" = "xoracle"; then
1429
1430 AC_MSG_CHECKING(for oracle in ORACLE_HOME /usr/local /usr)
1431
1432 oracle_directory="/usr /usr/local ${ORACLE_HOME}"
1433 for i in $oracle_directory; do
1434
1435 ff=`find $i -name oci.h 2>/dev/null | tail -1`
1436 if test "x$ff" = "x"; then
1437 :
1438 else
1439 ORACLE_INC=`dirname $ff`
1440 fi
1441
1442 fg=`find $i -name libclntsh.so 2>/dev/null | tail -1`
1443 if test "x$fg" = "x"; then
1444 :
1445 else
1446 ORACLE_LIB=`dirname $fg`
1447 fi
1448
1449 done
1450
1451 if test -z "$ORACLE_INC"; then
1452
1453 tmp=""
1454 for i in $oracle_directory; do
1455 tmp="$tmp $i"
1456 done
1457 FAIL_MESSAGE("OCI header file (oci.h) please define ORACLE_INC directory where oci.h resides", $tmp)
1458
1459 elif test -z "$ORACLE_LIB"; then
1460
1461 tmp=""
1462 for i in $oracle_directory; do
1463 tmp="$tmp $i"
1464 done
1465 FAIL_MESSAGE("OCI library file (libclntsh.so) please define ORACLE_LIB directory where libclntsh.so resides", $tmp)
1466
1467 else
1468
1469 ORACLE_CPP_FLAGS="-I$ORACLE_INC"
1470 ORACLE_LIB_DIR="$ORACLE_LIB"
1471
1472 AC_MSG_RESULT([$ORACLE_INC $ORACLE_LIB])
1473
1474 CPPFLAGS="${CPPFLAGS} ${ORACLE_CPP_FLAGS}"
1475
1476 ORACLE_LIBS="-lclntsh"
1477
1478 if test -r $ORACLE_LIB_DIR/libnnz11.so; then
1479 ORACLE_LIBS="${ORACLE_LIBS} -lnnz11"
1480 fi
1481 if test -r $ORACLE_LIB_DIR/libwtc9.so; then
1482 ORACLE_LIBS="${ORACLE_LIBS} -lwtc9"
1483 elif test -r $ORACLE_LIB_DIR/libwtc8.so; then
1484 ORACLE_LIBS="${ORACLE_LIBS} -lwtc8"
1485 fi
1486 LIBS="${LIBS} -L${ORACLE_LIB_DIR} ${ORACLE_LIBS}"
1487 if test "x$GCC" != "xyes"; then
1488 CFLAGS="${CFLAGS} -fno-strict-aliasing"
1489 fi
1490 fi
1491 AC_DEFINE(WITH_ORACLE)
1492 AC_DEFINE(WITH_DATABASE)
1493
1494 else
1495 AC_MSG_ERROR([Option --with-database=database used with unsupported database ${withval}])
1496 fi
1497 ]
1498)
1499
1500AC_ARG_WITH(console,
1501 [ --with-console=PATH set path to console device [[/dev/console]]],
1502 [
1503 if test "x${withval}" != xno; then
1504 mycons="$withval"
1505 AC_DEFINE_UNQUOTED(DEFAULT_CONSOLE, _("${mycons}") )
1506 fi
1507 ])
1508
1509AC_ARG_WITH(altconsole,
1510 [ --with-altconsole=PATH set path to second console device [[none]]],
1511 [
1512 if test "x${withval}" != xno; then
1513 myaltcons="$withval"
1514 else
1515 myaltcons="NULL"
1516 fi
1517 ],
1518 [myaltcons="NULL"])
1519AC_DEFINE_UNQUOTED(ALT_CONSOLE, _("${myaltcons}") )
1520
1521AC_ARG_WITH(timeserver,
1522 [ --with-timeserver=HOST set host address for time server [[none]]],
1523 [
1524 if test "x${withval}" != xno; then
1525 mytimeserv="$withval"
1526 AC_DEFINE(HAVE_NTIME)
1527 else
1528 mytimeserv="NULL"
1529 fi
1530 ],
1531 mytimeserv="NULL")
1532AC_DEFINE_UNQUOTED(DEFAULT_TIMESERVER, _("${mytimeserv}") )
1533
1534AC_ARG_WITH(alttimeserver,
1535 [ --with-alttimeserver=HOST set address for backup time server [[none]]],
1536 [
1537 if test "x${withval}" != xno; then
1538 myalttimeserv="$withval"
1539 AC_DEFINE(HAVE_NTIME)
1540 else
1541 myalttimeserv="NULL"
1542 fi
1543 ],
1544 myalttimeserv="NULL")
1545AC_DEFINE_UNQUOTED(ALT_TIMESERVER, _("${myalttimeserv}") )
1546
1547AC_ARG_ENABLE(login-watch,
1548 [ --enable-login-watch watch for login/logout [[no]]],
1549 [
1550 if test "x${enable_login_watch}" = xyes; then
1551 AC_DEFINE(SH_USE_UTMP)
1552 fi
1553 ]
1554)
1555
1556AC_ARG_ENABLE(mounts-check,
1557 [ --enable-mounts-check check mount options on filesystems [[no]]],
1558 [
1559 if test "x${enable_mounts_check}" = xyes; then
1560 AC_DEFINE(SH_USE_MOUNTS)
1561 fi
1562 ]
1563)
1564
1565AC_ARG_ENABLE(logfile-monitor,
1566 [ --enable-logfile-monitor monitor logfiles [[no]]],
1567 [
1568 if test "x${enable_logfile_monitor}" = xyes; then
1569 AC_CHECK_HEADER(pcre.h,
1570 [
1571 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1572 LIBS="-lpcre $LIBS"
1573 ],
1574 [
1575 AC_CHECK_HEADER(pcre/pcre.h,
1576 [
1577 AC_DEFINE(USE_LOGFILE_MONITOR, 1, [Define if you want the logfile monitor module.])
1578 AC_DEFINE(HAVE_PCRE_PCRE_H, 1, [Define if you have pcre/pcre.h.])
1579 LIBS="-lpcre $LIBS"
1580 ],
1581 AC_MSG_ERROR([The --enable-logfile-monitor option requires libpcre. For compiling the pcre development package is needed.])
1582 )
1583 ]
1584 )
1585 AC_CHECK_LIB(pcre, pcre_dfa_exec, [
1586 AC_DEFINE([HAVE_PCRE_DFA_EXEC], 1, [Define if you have pcre_dfa_exec])
1587 ], [
1588 AC_MSG_WARN([pcre_dfa_exec not available])
1589 ])
1590 fi
1591 ]
1592)
1593
1594
1595AC_ARG_ENABLE(process-check,
1596 [ --enable-process-check check processes [[no]]],
1597 [
1598 if test "x${enable_process_check}" = xyes; then
1599 AC_CHECK_LIB([rt], [sched_getparam], sh_lrt=yes, sh_lrt=no)
1600 if test x"$sh_lrt" = xyes; then
1601 LIBRT=-lrt
1602 else
1603 LIBRT=
1604 fi
1605 LIBS="$LIBS $LIBRT"
1606 AC_DEFINE(SH_USE_PROCESSCHECK, [1], [Define if you want to check processes])
1607 fi
1608 ]
1609)
1610
1611AC_ARG_ENABLE(port-check,
1612 [ --enable-port-check check ports [[no]]],
1613 [
1614 if test "x${enable_port_check}" = xyes; then
1615 AC_DEFINE(SH_USE_PORTCHECK, [1], [Define if you want to check ports])
1616 fi
1617 ]
1618)
1619
1620AC_ARG_ENABLE(userfiles,
1621 [ --enable-userfiles check for users' config files [[no]]],
1622 [
1623 if test "x${enableval}" = "xyes"; then
1624 AC_DEFINE(SH_USE_USERFILES)
1625 fi
1626 ]
1627)
1628
1629AC_ARG_ENABLE(debug,
1630 [ --enable-debug enable debug options [[no]]],
1631 [
1632 if test "x${enable_debug}" = "xyes"; then
1633 if test "x${mydebugflag}" != "xyes"; then
1634 AC_DEFINE(MEM_DEBUG)
1635 fi
1636 AC_DEFINE(WITH_TPT)
1637 AC_DEFINE(SL_DEBUG)
1638 AC_DEFINE(DNMALLOC_CHECKS, 1, [Debug dnmalloc])
1639 AC_DEFINE(PARANOIA, 0, [Paranoia level for dnmalloc])
1640 AC_DEFINE(SL_FAIL_ON_ERROR)
1641 if test "x${myneedg3}" = "xyes"; then
1642 mydebugdef="-g3"
1643 else
1644 mydebugdef="-g"
1645 fi
1646 mydebugit="yes"
1647 elif test "x${enable_debug}" = "xgdb"; then
1648 AC_DEFINE(SH_ABORT_ON_ERROR, 1, [Use abort])
1649 if test "x${myneedg3}" = "xyes"; then
1650 mydebugdef="-g3"
1651 else
1652 mydebugdef="-g"
1653 fi
1654 mydebugit="yes"
1655 fi
1656 ]
1657)
1658AC_SUBST(mydebugdef)
1659
1660if test "x${enable_asm_ok}" = "xyes"; then
1661 sh_enable_asm=yes
1662else
1663 sh_enable_asm=no
1664fi
1665AC_ARG_ENABLE(asm,
1666 [ --disable-asm disable asm inline code],
1667 [
1668 if test "x${enable_asm}" = xno; then
1669 sh_enable_asm=no
1670 fi
1671 ]
1672)
1673
1674if test "x${samhain_64_asm}" = xyes; then
1675 if test "x${sh_enable_asm}" = xyes; then
1676 AC_DEFINE([TIGER_OPT_ASM],1,[Define to use tiger x86_64 optimized assembly])
1677 fi
1678fi
1679
1680AC_ARG_ENABLE(ipv6,
1681 [ --disable-ipv6 disable ipv6 support],
1682 [
1683 if test "x${enable_ipv6}" = xno; then
1684 AC_DEFINE(USE_IPV4,1,[Define if you do not want IPv6])
1685 fi
1686 ]
1687)
1688
1689if test "x${dnmalloc_ok}" = "xyes"; then
1690 sh_dnmalloc_enabled=yes
1691else
1692 sh_dnmalloc_enabled=no
1693fi
1694
1695AC_ARG_ENABLE(dnmalloc,
1696 [ --disable-dnmalloc disable dnmalloc],
1697 [
1698 if test "x${enable_dnmalloc}" = xno; then
1699 sh_dnmalloc_enabled=no
1700 else
1701 sh_dnmalloc_enabled=yes
1702 fi
1703 ]
1704)
1705
1706dnl Handle the problem that static linking against libc.a on Linux
1707dnl produces the error "multiple definitions of malloc"
1708dnl
1709if test "x$sh_dnmalloc_enabled" = "xyes"; then
1710 if test x$enable_static = xyes; then
1711 if test "x$sh_no_gcc_static" = "xyes"; then
1712 sh_dnmalloc_enabled=no
1713 else
1714 if test "x$with_gnu_ld" = "xyes"; then
1715 LDFLAGS="$LDFLAGS -Wl,--allow-multiple-definition"
1716 else
1717 sh_dnmalloc_enabled=no
1718 fi
1719 fi
1720 fi
1721fi
1722
1723if test "x${sh_dnmalloc_enabled}" = xno; then
1724 AC_DEFINE(USE_SYSTEM_MALLOC,1,[Define if you want to use the system malloc])
1725fi
1726
1727AC_ARG_ENABLE(ptrace,
1728 [ --enable-ptrace use anti-debugger options [[no]]],
1729 [
1730 if test "x${enable_ptrace}" = xyes; then
1731 if test "x$mydebugit" != "xyes"; then
1732 AC_DEFINE(SCREW_IT_UP)
1733 fi
1734 fi
1735 ]
1736)
1737
1738dnl
1739if test "x$GCC" = "xyes"; then
1740 if test ! -z "`echo "$CFLAGS" | grep "\-g\ " 2> /dev/null`" ; then
1741 CFLAGS=`echo $CFLAGS | sed 's%\-g%%' `
1742 fi
1743
1744dnl if test ! -z "`echo "$CFLAGS" | grep "\-O2" 2> /dev/null`" ; then
1745dnl CFLAGS=`echo $CFLAGS | sed 's%\-O2%\-O3%' `
1746dnl fi
1747
1748 if test -z "`echo "$CFLAGS" | grep "\-Wall" 2> /dev/null`" ; then
1749 CFLAGS="$CFLAGS -Wall -W "
1750 fi
1751
1752 if test -z "`echo "$CFLAGS" | grep "\-fstrength\-reduce" 2> /dev/null`"
1753 then
1754 if test -z "`echo "$CFLAGS" | grep "\-fno\-strength\-reduce" 2> /dev/null`"
1755 then
1756 CFLAGS="$CFLAGS -fno-strength-reduce"
1757 fi
1758 fi
1759
1760 if test -z "`echo "$CFLAGS" | grep "\-fomit\-frame\-pointer" 2> /dev/null`"
1761 then
1762 if test -z "`echo "$CFLAGS" | grep "\-fno\-omit\-frame\-pointer" 2> /dev/null`"
1763 then
1764 CFLAGS="$CFLAGS -fno-omit-frame-pointer"
1765 fi
1766 fi
1767
1768fi
1769
1770dnl Test whether gcc supports -Wno-empty-body
1771dnl Suppresses warnings from glibc pthread_cleanup_pop
1772dnl
1773GCC_WEMPTY_BODY
1774
1775AC_MSG_CHECKING([which random module to use])
1776AC_ARG_WITH(rnd,
1777 [ --with-rnd=[[egd|unix|dev|default]] random number generator [[default]]],
1778[use_static_rnd=$withval], [use_static_rnd=default] )
1779
1780if test "$use_static_rnd" = no; then
1781 use_static_rnd=default
1782fi
1783
1784case "$use_static_rnd" in
1785 egd | dev | unix | default )
1786 AC_MSG_RESULT($use_static_rnd)
1787 ;;
1788 * )
1789 AC_MSG_RESULT([invalid argument])
1790 AC_MSG_ERROR([Option --with-rnd=module used with unsupported module ${use_static_rnd}])
1791 ;;
1792esac
1793
1794AC_ARG_WITH(egd-socket,
1795 [ --with-egd-socket=NAME EGD socket name],
1796 egd_socket_name="$withval", egd_socket_name="" )
1797AC_DEFINE_UNQUOTED(EGD_SOCKET_NAME, _("$egd_socket_name") )
1798
1799dnl
1800dnl See whether the user wants to disable checking for /dev/random
1801
1802try_dev_random=yes
1803
1804case "$use_static_rnd" in
1805dev | default )
1806 try_dev_random=yes
1807 ;;
1808egd)
1809 AC_DEFINE(HAVE_EGD_RANDOM)
1810 try_dev_random=no
1811 ;;
1812unix)
1813 AC_DEFINE(HAVE_UNIX_RANDOM)
1814 try_dev_random=no
1815 ;;
1816esac
1817
1818
1819if test "x$try_dev_random" = "xyes"; then
1820 AC_MSG_CHECKING(whether /dev/random exists)
1821 if test -r "/dev/srandom" && test -c "/dev/srandom"; then
1822 AC_DEFINE(HAVE_URANDOM)
1823 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/srandom") )
1824 AC_MSG_RESULT(yes)
1825 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1826 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1827 fi
1828 else
1829 if test -r "/dev/random" && test -c "/dev/random"; then
1830 AC_DEFINE(HAVE_URANDOM)
1831 AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, _("/dev/random") )
1832 AC_MSG_RESULT(yes)
1833 if test -r "/dev/urandom" && test -c "/dev/urandom"; then
1834 AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, _("/dev/urandom") )
1835 fi
1836 else
1837 AC_MSG_RESULT(no)
1838 AC_DEFINE(HAVE_UNIX_RANDOM)
1839 fi
1840 fi
1841fi
1842
1843
1844AC_ARG_ENABLE(udp,
1845 [ --enable-udp server can listen on port 514/udp [[no]]],
1846 [
1847 if test "x${enable_udp}" = xyes; then
1848 AC_DEFINE(INET_SYSLOG)
1849 fi
1850 ]
1851)
1852
1853myencrypt=yes
1854AC_ARG_ENABLE(encrypt,
1855 [ --disable-encrypt disable client/server encryption],
1856 [
1857 if test "x${enable_encrypt}" = xno; then
1858 myencrypt=no
1859 elif test "x${enable_encrypt}" = "x1"; then
1860 myencrypt=1
1861 fi
1862 ]
1863)
1864if test "x${myencrypt}" = "xyes"; then
1865 AC_DEFINE(SH_ENCRYPT)
1866 AC_DEFINE(SH_ENCRYPT_2)
1867elif test "x${myencrypt}" = "x1"; then
1868 AC_DEFINE(SH_ENCRYPT)
1869fi
1870
1871sh_use_srp_proto=yes
1872AC_ARG_ENABLE(srp,
1873 [ --disable-srp disable SRP for authentication],
1874 [
1875 if test "x${enable_srp}" = xno; then
1876 sh_use_srp_proto=no
1877 fi
1878 ]
1879)
1880if test "x${sh_use_srp_proto}" = xyes; then
1881 AC_DEFINE(USE_SRP_PROTOCOL)
1882fi
1883
1884AC_ARG_WITH(port,
1885 [ --with-port=PORT set port to use for TCP/IP connection [[49777]]],
1886 [
1887 echo "${withval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1888 AC_MSG_ERROR([For --with-port=PORT, PORT must be numeric.])
1889 myport=${withval}
1890 ],
1891 [myport="49777"])
1892AC_DEFINE_UNQUOTED(SH_DEFAULT_PORT, ${myport})
1893AC_SUBST(myport)
1894
1895AC_ARG_WITH(logserver,
1896 [ --with-logserver=HOST set host address for log server [[none]]],
1897 [
1898 case "$withval" in
1899 *.* | localhost)
1900 mylogsrv="$withval"
1901 ;;
1902 *)
1903 mylogsrv="$withval"
1904 ;;
1905 esac
1906 ],
1907 [mylogsrv="NULL"])
1908AC_DEFINE_UNQUOTED(DEFAULT_LOGSERVER, _("${mylogsrv}") )
1909AC_SUBST(mylogsrv)
1910
1911AC_ARG_WITH(altlogserver,
1912 [ --with-altlogserver=HOST set address for backup log server [[none]]],
1913 [
1914 case "$withval" in
1915 *.* | localhost)
1916 myaltlogsrv="$withval"
1917 ;;
1918 *)
1919 myaltlogsrv="$withval"
1920 ;;
1921 esac
1922 ],
1923 [myaltlogsrv="NULL"])
1924AC_DEFINE_UNQUOTED(ALT_LOGSERVER, _("${myaltlogsrv}"))
1925
1926
1927
1928dnl
1929dnl STEALTH OPTIONS
1930dnl
1931nocl_code=
1932xor_code=0
1933AC_ARG_ENABLE(nocl,
1934 [ --enable-nocl=PW no CL parsing unless first CL argument is PW],
1935 [
1936 if test "x${enableval}" != "x"; then
1937 AC_DEFINE(SH_STEALTH_NOCL)
1938 fi
1939 if test "x${enableval}" = "xstop" || test "x${enableval}" = "xstart"; then
1940 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1941 fi
1942 if test "x${enableval}" = "xreload" || test "x${enableval}" = "xrestart"; then
1943 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1944 fi
1945 if test "x${enableval}" = "xstatus"; then
1946 AC_MSG_ERROR([For --enable-nocl=PW start/stop/reload/restart/status are reserved words.])
1947 fi
1948 if test "x${enableval}" = "xno"; then
1949 AC_MSG_ERROR([With --enable-nocl=PW, the use of --enable-nocl=no is ambiguous.])
1950 fi
1951 nocl_code="${enable_nocl}"
1952 ]
1953)
1954AC_DEFINE_UNQUOTED(NOCL_CODE, _("${nocl_code}") )
1955AC_SUBST(nocl_code)
1956AC_ARG_ENABLE(stealth,
1957 [ --enable-stealth=XOR_VAL enable stealth mode [[no]]],
1958 [AC_DEFINE(SH_STEALTH)
1959 if test "x${enableval}" != "xyes"; then
1960 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1961 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be numeric.])
1962 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1963 if test x"${enableval}" = x0
1964 then
1965 :
1966 else
1967 AC_MSG_ERROR([For --enable-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1968 fi
1969 fi
1970 xor_code="${enable_stealth}"
1971 else
1972 xor_code=0
1973 fi
1974 stegin_prg="samhain_stealth"
1975 ],
1976 [
1977 stegin_prg=
1978 ]
1979)
1980AC_ARG_ENABLE(micro-stealth,
1981 [ --enable-micro-stealth=XOR_VAL enable micro stealth mode [[no]]],
1982 [
1983 AC_DEFINE(SH_STEALTH)
1984 AC_DEFINE(SH_STEALTH_MICRO)
1985 if test "x${enableval}" != "xyes"; then
1986 echo "${enableval}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
1987 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be numeric.])
1988 if test "${enableval}" -lt 127 || test "${enableval}" -gt 255; then
1989 if test x"${enableval}" = x0
1990 then
1991 :
1992 else
1993 AC_MSG_ERROR([For --enable-micro-stealth=XOR_VAL, XOR_VAL must be in the range 127 to 255.])
1994 fi
1995 fi
1996 xor_code="${enable_micro_stealth}"
1997 else
1998 xor_code=0
1999 fi
2000 ]
2001)
2002install_name="samhain"
2003INSTALL_NAME="SAMHAIN"
2004AC_ARG_ENABLE(install-name,
2005 [ --enable-install-name=NAME name under which to install [[samhain|yule]]],
2006 [
2007 if test "x${enableval}" != "xyes"; then
2008 install_name="${enableval}"
2009 INSTALL_NAME=`echo "${enableval}" | tr [a-z] [A-Z]`
2010 else
2011 install_name="${sh_main_prg}"
2012 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2013 fi
2014 ],
2015 [
2016 install_name="${sh_main_prg}"
2017 INSTALL_NAME=`echo "${sh_main_prg}" | tr [a-z] [A-Z]`
2018 ]
2019)
2020
2021
2022need_user_install=0
2023
2024AC_ARG_ENABLE(identity,
2025 [ --enable-identity=USER user if dropping root [[daemon]]],
2026 [
2027 if test x"$enableval" = xno; then
2028 myident="daemon"
2029 else
2030 myident="$enableval"
2031 fi
2032 echo "${myident}" | grep ['[^0123456789]'] >/dev/null 2>&1 || \
2033 AC_MSG_ERROR([With --enable-identity=USER, please supply a username, not a UID.])
2034 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2035 grep "^${myident}:" | awk -F: '{ print $3; }'`
2036 if test x"${myident_uid}" = x; then
2037 AC_MSG_WARN([Option --enable-identity used, user ${myident} will be added upon install.])
2038 need_user_install=1
2039 fi
2040 ],
2041 [
2042 for myident in ${install_name} daemon nobody; do
2043 AC_MSG_CHECKING(for user ${myident})
2044 myident_uid=`(cat /etc/passwd; ypcat passwd) 2>/dev/null |\
2045 grep "^${myident}:" | awk -F: '{ print $3; }'`
2046 if test x"${myident_uid}" != x; then
2047 AC_MSG_RESULT(yes)
2048 break;
2049 else
2050 AC_MSG_RESULT(no)
2051 fi
2052 done
2053 if test x"${myident_uid}" = x; then
2054 myident=${install_name}
2055 AC_MSG_WARN([--enable-identity: user ${myident} will be added upon install])
2056 need_user_install=1
2057 fi
2058 ])
2059AC_DEFINE_UNQUOTED(DEFAULT_IDENT, _("${myident}") )
2060AC_SUBST(myident)
2061AC_SUBST(need_user_install)
2062
2063sh_insmod_cmd=": # no kernel module"
2064sh_insmod_pre=": # no kernel module"
2065sh_lkm=""
2066lkm_inc=""
2067khidemap="/boot/System.map"
2068sh_syscalltable="0x0"
2069AC_ARG_ENABLE(khide,
2070 [ --enable-khide=SYSTEM_MAP use kernel module to hide (Linux only)[[/boot/System.map]]],
2071 [
2072 if test "x${enable_khide}" != xno; then
2073
2074 kernel_testsupport=`uname -r | sed s,^3.*,LINUX3,`
2075 if test "x${kernel_testsupport}" = "xLINUX3"; then
2076 AC_MSG_ERROR([The --enable-khide option is not supported on Linux kernel version 3.x or above.])
2077 fi
2078
2079 if test "x${enableval}" != "xyes"; then
2080 khidemap="${enableval}"
2081 fi
2082 sh_syscalltable=`egrep '(D|d|R|r) sys_call_table' ${khidemap} | awk '{print $1}'`
2083 if test x"$sh_syscalltable" = x; then
2084 AC_MSG_ERROR([Option --enable-khide cannot be used since the symbol sys_call_table was not found in ${khidemap}.])
2085 fi
2086 sh_syscalltable="0x${sh_syscalltable}"
2087 install_name_len=`echo ${install_name} | awk '{ print(length()); }'`
2088 if test "${install_name_len}" -gt 15 ; then
2089 AC_MSG_ERROR([If --enable-khide is used, install_name must not exceed a length of 15 chars.])
2090 fi
2091 AC_DEFINE(SH_USE_LKM)
2092 AC_DEFINE_UNQUOTED(SH_MAGIC_HIDE, "${install_name}")
2093
2094 # -- NEW --
2095 kernel_version=`uname -r | sed s,2.6.*,LINUX26,`
2096 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
2097 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMERIC, ${kernel_numeric}, [Kernel number])
2098
2099 if test x"$kernel_version" = xLINUX26
2100 then
2101 AC_MSG_CHECKING([for modlist_lock])
2102 sh_modlist_lock=`egrep ['[bd] modlist_lock$'] ${khidemap} | awk '{print $1}'`
2103 if test x"$sh_modlist_lock" = x; then
2104 AC_MSG_RESULT(no)
2105 else
2106 sh_modlist_lock="0x${sh_modlist_lock}"
2107 AC_MSG_RESULT([${sh_modlist_lock}])
2108 AC_DEFINE_UNQUOTED(SH_MODLIST_LOCK, ${sh_modlist_lock}, [The address of the modules list spinlock])
2109 fi
2110
2111 AC_MSG_CHECKING([for module_mutex])
2112 sh_modlist_mutex=`egrep ['[bd] module_mutex$'] ${khidemap} | awk '{print $1}'`
2113 if test x"$sh_modlist_mutex" = x; then
2114 AC_MSG_RESULT(no)
2115 else
2116 sh_modlist_mutex="0x${sh_modlist_mutex}"
2117 AC_MSG_RESULT([${sh_modlist_mutex}])
2118 AC_DEFINE_UNQUOTED(SH_MODLIST_MUTEX, ${sh_modlist_mutex}, [The address of the modules list mutex])
2119 fi
2120
2121 sh_list_modules=`egrep 'd modules$' ${khidemap} | awk '{print $1}'`
2122 if test x"$sh_list_modules" = x; then
2123 AC_MSG_ERROR([Option --enable-khide cannot be used, since the symbol modules was not found in ${khidemap}.])
2124 fi
2125 sh_list_modules="0x${sh_list_modules}"
2126 AC_DEFINE_UNQUOTED(SH_LIST_MODULES, ${sh_list_modules}, [The address of the modules list])
2127
2128 AC_DEFINE(LINUX26, 1, [Define if kernel is 2.6])
2129 sh_insmod_cmd="modprobe ${install_name}_hide"
2130 sh_lkm="samhain_hide.ko"
2131 else
2132 sh_insmod_cmd="insmod ${install_name}_hide; insmod ${install_name}_erase; rmmod ${install_name}_erase"
2133 sh_lkm="samhain_hide.o samhain_erase.o"
2134 fi
2135 # -- END NEW --
2136
2137 kvers=`uname -r`
2138 if test -f /lib/modules/${kvers}/build/include/linux/kernel.h; then
2139 lkm_inc="-I/lib/modules/${kvers}/build/include"
2140 else
2141 AC_MSG_WARN([--enable-khide: /lib/modules/${kvers}/build/include/linux not found])
2142 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2143 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2144 fi
2145
2146 AC_MSG_CHECKING([for 2.4 vanilla kernel])
2147 sh_is_vanilla_kernel=yes
2148 if test -f /lib/modules/${kvers}/build/include/linux/sched.h; then
2149 grep 'next_task,' /lib/modules/${kvers}/build/include/linux/sched.h >/dev/null 2>&1 || sh_is_vanilla_kernel=no
2150 fi
2151 if test x"${sh_is_vanilla_kernel}" = xno; then
2152 AC_MSG_RESULT(no)
2153 else
2154 AC_MSG_RESULT(yes)
2155 AC_DEFINE(SH_VANILLA_KERNEL)
2156 fi
2157
2158 fi
2159 ]
2160)
2161
2162AC_SUBST(install_name)
2163AC_SUBST(INSTALL_NAME)
2164AC_SUBST(stegin_prg)
2165AC_SUBST(xor_code)
2166
2167AC_DEFINE_UNQUOTED(XOR_CODE, ${xor_code})
2168AC_DEFINE_UNQUOTED(SH_SYSCALLTABLE, ${sh_syscalltable})
2169
2170
2171exepack_state0=`${srcdir}/c_random.sh 2>/dev/null`
2172exepack_state1=`${srcdir}/c_random.sh 2>/dev/null`
2173exepack_state2=`${srcdir}/c_random.sh 2>/dev/null`
2174
2175AC_DEFINE_UNQUOTED(EXEPACK_STATE_0, ${exepack_state0})
2176AC_DEFINE_UNQUOTED(EXEPACK_STATE_1, ${exepack_state1})
2177AC_DEFINE_UNQUOTED(EXEPACK_STATE_2, ${exepack_state2})
2178
2179
2180AC_ARG_ENABLE(suidcheck,
2181 [ --enable-suidcheck check for suid/sgid files [[no]]],
2182 [
2183 if test "x${enableval}" = "xyes"; then
2184 AC_DEFINE(SH_USE_SUIDCHK)
2185 fi
2186 ]
2187)
2188
2189
2190systemmap="/boot/System.map"
2191sh_libkvm=""
2192AC_ARG_WITH(kcheck,
2193 [ --with-kcheck[[=SYSTEM_MAP]] check Linux/FreeBSD/OpenBSD kernel integrity [[/boot/System.map]]],
2194 [
2195 if test "x${withval}" != "xno"; then
2196 AC_DEFINE(SH_USE_KERN)
2197
2198 kernel_numeric=`uname -r | sed 's%-%.%g' | sed 's%_%.%g' | awk -F. '{ print $1*65536+$2*256+$3 }'`
2199 AC_DEFINE_UNQUOTED(SH_KERNEL_NUMBER, ${kernel_numeric}, [Kernel number])
2200
2201 kernelversion=`uname -r`
2202 AC_DEFINE_UNQUOTED(SH_KERNEL_VERSION, _("${kernelversion}"), [Define the kernel version])
2203
2204 if test "x${withval}" != "xyes"; then
2205 systemmap="${withval}"
2206 fi
2207
2208 if test "x${cross_compiling}" = xyes; then
2209 :
2210 elif test "x$selectconfig" = "xfreebsd"; then
2211 LIBS="$LIBS -lkvm"
2212 sh_libkvm="-lkvm"
2213 elif test -f "${systemmap}"; then
2214
2215 test_kmap_open=no
2216
2217 if test -c /dev/kmem; then
2218 AC_MSG_CHECKING([whether /dev/kmem is useable])
2219 dd bs=4 count=16 if=/dev/kmem of=/dev/null >/dev/null 2>&1
2220 if test $? -eq 0; then
2221 test_kmap_open=yes
2222 fi
2223 AC_MSG_RESULT([${test_kmap_open}])
2224 fi
2225
2226 if test x"${test_kmap_open}" = xno; then
2227 # need kernel module
2228
2229 if test -f /lib/modules/${kernelversion}/build/include/linux/kernel.h; then
2230 lkm_inc="-I/lib/modules/${kernelversion}/build/include"
2231 else
2232 AC_MSG_WARN([--enable-khide: /lib/modules/${kernelversion}/build/include/linux not found])
2233 AC_MSG_WARN([--enable-khide: You may need to install the kernel-source])
2234 AC_MSG_WARN([--enable-khide: headers for the currently-running kernel.])
2235 fi
2236
2237 AC_MSG_CHECKING([for vmlist_lock])
2238 sh_vmlist_lock=`egrep ['[bdBD] vmlist_lock$'] ${systemmap} | awk '{print $1}'`
2239 if test x"$sh_vmlist_lock" = x; then
2240 AC_MSG_RESULT(no)
2241 else
2242 sh_vmlist_lock="0x${sh_vmlist_lock}"
2243 AC_MSG_RESULT([${sh_vmlist_lock}])
2244 AC_DEFINE_UNQUOTED(SH_VMLIST_LOCK, ${sh_vmlist_lock}, [The address of the vmlist spinlock])
2245 fi
2246
2247 AC_MSG_CHECKING([for vmlist])
2248 sh_vmlist=`egrep ['[bdBD] vmlist$'] ${systemmap} | awk '{print $1}'`
2249 if test x"$sh_vmlist" = x; then
2250 AC_MSG_RESULT(no)
2251 else
2252 sh_vmlist="0x${sh_vmlist}"
2253 AC_MSG_RESULT([${sh_vmlist}])
2254 AC_DEFINE_UNQUOTED(SH_VMLIST, ${sh_vmlist}, [The address of the vmlist])
2255 fi
2256
2257 sh_lkm="${sh_lkm} samhain_kmem.ko"
2258 sh_insmod_pre="modprobe ${install_name}_kmem"
2259
2260 fi
2261 else
2262 AC_MSG_ERROR([Option --with-kcheck=systemmap cannot be used, because system map ${systemmap} does not exist.])
2263 fi
2264 fi
2265 ]
2266)
2267
2268AC_SUBST(lkm_inc)
2269AC_SUBST(sh_lkm)
2270AC_SUBST(sh_insmod_cmd)
2271AC_SUBST(sh_insmod_pre)
2272
2273AC_SUBST(systemmap)
2274AC_SUBST(sh_libkvm)
2275
2276AC_ARG_ENABLE(base,
2277 [ --enable-base=B1,B2 base key (0...2147483647)],
2278 [
2279 AC_MSG_CHECKING(base key setting)
2280 my_key_A=`echo ${enableval} | awk 'BEGIN{FS=","}{print $1}'`
2281 my_key_B=`echo ${enableval} | awk 'BEGIN{FS=","}{print $2}'`
2282 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2283 if test "x${my_key_A}" = x; then
2284 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid first base key (zero length).])
2285 fi
2286 if test "x${my_key_B}" = x; then
2287 AC_MSG_ERROR([Option --enable-base=B1,B2 used with invalid second base key (zero length).])
2288 fi
2289 echo "${my_key_A}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2290 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2291 echo "${my_key_B}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2292 AC_MSG_ERROR([For --enable-base=B1,B2, B1 and B2 must be numeric in the range 0 to 2147483647.])
2293 ],
2294 [
2295 AC_MSG_CHECKING(base key setting .. collecting entropy)
2296 my_key_1=`${srcdir}/c_random.sh 2>/dev/null`
2297 my_key_2=`${srcdir}/c_random.sh 2>/dev/null`
2298 my_key_3=`${srcdir}/c_random.sh 2>/dev/null`
2299 my_key_4=`${srcdir}/c_random.sh 2>/dev/null`
2300 my_key_A=`expr $my_key_1 \* 32767`
2301 my_key_A=`echo ${my_key_A} | sed 's%^0*%%g' 2>/dev/null`
2302 my_key_A=`expr $my_key_A \+ $my_key_2`
2303 my_key_B=`expr $my_key_3 \* 32767`
2304 my_key_B=`echo ${my_key_B} | sed 's%^0*%%g' 2>/dev/null`
2305 my_key_B=`expr $my_key_B \+ $my_key_4`
2306 AC_MSG_RESULT(${my_key_A} ${my_key_B})
2307 ]
2308 )
2309AC_SUBST(my_key_A)
2310AC_SUBST(my_key_B)
2311
2312dnl low bytes
2313my_key_1=`expr $my_key_A \% 65536`
2314dnl high bytes
2315my_key_2=`expr $my_key_A \/ 65536`
2316dnl low bytes
2317my_key_3=`expr $my_key_B \% 65536`
2318dnl high bytes
2319my_key_4=`expr $my_key_B \/ 65536`
2320
2321dnl echo ${my_key_1} ${my_key_2} ${my_key_3} ${my_key_4}
2322
2323dnl touch ./sh_MK.h
2324dnl echo "#ifndef SH_MK_H" >> ./sh_MK.h
2325dnl echo "#define SH_MK_H" >> ./sh_MK.h
2326dnl ${srcdir}/c_bits.sh ${my_key_1} MKB >> ./sh_MK.h
2327dnl ${srcdir}/c_bits.sh ${my_key_2} MKA >> ./sh_MK.h
2328dnl ${srcdir}/c_bits.sh ${my_key_3} MKC >> ./sh_MK.h
2329dnl ${srcdir}/c_bits.sh ${my_key_4} MKD >> ./sh_MK.h
2330dnl echo "#endif" >> ./sh_MK.h
2331AC_SUBST(my_key_1)
2332AC_SUBST(my_key_2)
2333AC_SUBST(my_key_3)
2334AC_SUBST(my_key_4)
2335
2336AC_MSG_CHECKING(key position)
2337pos_tf_1=`${srcdir}/c_random.sh 2>/dev/null`
2338pos_tf_2=`expr $pos_tf_1 \% 8`
2339pos_tf=`expr $pos_tf_2 + 1`
2340AC_MSG_RESULT(${pos_tf})
2341AC_DEFINE_UNQUOTED(POS_TF, ${pos_tf} )
2342
2343mykeybase=`echo ${my_key_A},${my_key_B}`
2344AC_DEFINE_UNQUOTED(DEFKEY, ${mykeybase} )
2345AC_SUBST(mykeybase)
2346
2347
2348dnl
2349dnl GPG/PGP options
2350dnl
2351
2352AC_ARG_WITH(gpg,
2353 [ --with-gpg=PATH use GnuPG to verify database/config [[no]]],
2354 [
2355 if test "x${withval}" != "xno"; then
2356 if test "x${cross_compiling}" = xyes; then
2357 mygpg="${withval}"
2358 else
2359 if test -f "${withval}"; then
2360 mygpg="${withval}"
2361 mychk0=`${withval} --load-extension tiger --print-md TIGER192 ${withval} 2>/dev/null`
2362 if test "x$?" != "x0"; then
2363 mychktest=no
2364 for sampre in ./samhain ./yule /usr/local/sbin/samhain /usr/local/bin/samhain /usr/bin/samhain /usr/sbin/samhain /usr/local/sbin/yule /usr/local/bin/yule /usr/bin/yule /usr/sbin/yule; do
2365 if test x"${mychktest}" = xyes
2366 then
2367 :
2368 else
2369 if test -f ${sampre}
2370 then
2371 echo "use existing ${sampre} for gpg checksum"
2372 mychk0=`${sampre} -H ${withval} 2>/dev/null`
2373 if test "x$?" != "x0"; then
2374 if test "x${nocl_code}" != "x"; then
2375 mychk0=`echo -H ${withval} | ${sampre} ${nocl_code} 2>/dev/null`
2376 if test "x$?" != "x0"; then
2377 :
2378 else
2379 mychk="${mychk0}"
2380 mychktest=yes
2381 fi
2382 fi
2383 else
2384 mychk="${mychk0}"
2385 mychktest=yes
2386 fi
2387 fi
2388 fi
2389 done
2390 if test x${mychktest} = xno; then
2391 AC_MSG_WARN([--with-gpg: cannot determine TIGER192 checksum of ${withval}])
2392 echo "-------------------------------------------------------------"
2393 echo " Your gpg binary does not support the TIGER192 checksum, "
2394 echo " and I cannot find an existing samhain binary to use instead."
2395 echo " You can:"
2396 echo " (a) run make to compile a samhain binary, then repeat"
2397 echo " ./configure and make"
2398 echo " (b) ignore the failure. The checksum of the gpg binary"
2399 echo " will not get compiled in, thus allowing an attacker"
2400 echo " to replace gpg with a trojan and subverting the gpg"
2401 echo " signature verification of configure and database files."
2402 echo
2403 echo " PLEASE IGNORE THIS MESSAGE IF YOU ALSO USE --with-checksum"
2404 echo "-------------------------------------------------------------"
2405 fi
2406 else
2407 mychk="${mychk0}"
2408 fi
2409 else
2410 AC_MSG_ERROR([--with-gpg: cannot find GnuPG PATH=${withval}])
2411 fi
2412 fi
2413 AC_DEFINE(WITH_GPG)
2414 AC_DEFINE_UNQUOTED(DEFAULT_GPG_PATH, _("${mygpg}") )
2415 AC_SUBST(mygpg)
2416 fi
2417 ]
2418)
2419
2420AC_ARG_WITH(keyid,
2421 [ --with-keyid=KEYID specify KeyID (0x...) for GPG/PGP functions [[none]]],
2422 [
2423 if test "x${withval}" != "x"; then
2424 echo "${withval}" | awk '{if((length($0)==10)||(length($0)==18)){exit 2}else{exit 0}}' &&
2425 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2426 echo "${withval}" | grep ['[^0][^x][^0123456789ABCDEFabcdef]'] >/dev/null 2>&1 &&
2427 AC_MSG_ERROR([--with-keyid:${withval} must be "0x" + 8|16 hex digits])
2428 mykeyid="$withval"
2429 mykeytag="--default-key"
2430 else
2431 mykeyid=""
2432 mykeytag=""
2433 fi
2434 AC_SUBST(mykeyid)
2435 AC_SUBST(mykeytag)
2436 ]
2437)
2438
2439dnl AC_ARG_WITH(pgp,
2440dnl [ --with-pgp=PATH Use PGP to verify database/config (no).],
2441dnl [myppg="$withval"
2442dnl AC_DEFINE(WITH_PGP)
2443dnl AC_DEFINE_UNQUOTED(DEFAULT_PGP_PATH, _("${myppg}") )
2444dnl ])
2445
2446AC_ARG_WITH(checksum,
2447 [ --with-checksum=CHKSUM compile in gpg/pgp checksum [[yes]]],
2448 [
2449 if test "x${withval}" != "xno"; then
2450 if test "x${withval}" != "xyes"; then
2451 if test "x${mychk}" != "x"; then
2452 if test "x${mychk}" != "x${withval}"; then
2453 AC_MSG_WARN([--with-checksum: possible gpg CHKSUM problem])
2454 AC_MSG_WARN([--with-checksum: CHKSUM=${withval}])
2455 AC_MSG_WARN([--with-checksum: autodetected=${mychk}])
2456 fi
2457 fi
2458 mychk="${withval}"
2459 else
2460 if test "x${mychk}" = "x"; then
2461 AC_MSG_ERROR([Option --with-checksum=CHKSUM: checksum CHKSUM of the gpg binary not specified.])
2462 fi
2463 fi
2464 AC_DEFINE(HAVE_GPG_CHECKSUM)
2465 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2466 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2467 fi
2468 ],
2469 [
2470 if test "x${mygpg}" != "x"; then
2471 if test "x${mychk}" != "x"; then
2472 AC_DEFINE(HAVE_GPG_CHECKSUM)
2473 AC_DEFINE_UNQUOTED(GPG_HASH, _("${mychk}") )
2474 echo "${mychk}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef CHKSUM_H"; print "#define CHKSUM_H"; print "char gpgchk[50];"; for (i=1; i <= m; i++) printf "gpgchk[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgchk[48] = %c%c0%c;\n", 39, 92, 39; print "#endif"; }' > sh_gpg_chksum.h
2475 fi
2476 fi
2477 ]
2478)
2479
2480AC_ARG_WITH(fp,
2481 [ --with-fp=FINGERPRINT compile in public key fingerprint [[no]]],
2482 [
2483 if test "x${withval}" != "xno"; then
2484 if test "x${withval}" != "xyes"; then
2485 withval0=`echo ${withval} | sed 's% %%g'`
2486 echo "${withval0}" | \
2487 grep ['[^0123456789abcdefABCDEF]'] >/dev/null 2>&1 &&
2488 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, there is an invalid character(s) in FINGERPRINT=${withval0}.])
2489 sh_len=`echo ${withval0} | wc -c | sed 's% %%g'`
2490 sh_len0=`expr ${sh_len} \- 1`
2491 if test "x${sh_len0}" = "x40" || test "x${sh_len0}" = "x32"
2492 then
2493 myfp="${withval0}"
2494 AC_DEFINE(USE_FINGERPRINT)
2495 AC_DEFINE_UNQUOTED(SH_GPG_FP, _("${myfp}") )
2496 echo "${myfp}" | sed 's,.*:,,g' | sed 's, ,,g' | sed 's,\(.\),\1:,g' | awk '{ split($0, arr, ":"); m = length($1)/2; print "#ifndef FINGERPRINT_H"; print "#define FINGERPRINT_H"; printf "char gpgfp[%d];\n", m+1; for (i=1; i <= m; i++) printf "gpgfp[%d] = %c%s%c;\n", i-1, 39, arr[i], 39; printf "gpgfp[%d] = %c%c0%c;\n", m, 39, 92, 39; print "#endif"; }' > sh_gpg_fp.h
2497 else
2498 AC_MSG_ERROR([In option --with-fp=FINGERPRINT, the length (${sh_len0}) of FINGERPRINT ${withval0} is incorrect.])
2499 fi
2500 else
2501 AC_MSG_ERROR([For option --with-fp=FINGERPRINT, FINGERPRINT=yes is invalid, please specify a valid key fingerprint.])
2502 fi
2503 fi
2504 ])
2505
2506
2507dnl
2508dnl MAIL OPTIONS
2509dnl
2510
2511AC_ARG_WITH(recipient,
2512 [ --with-recipient=ADDR set recipient(s) for e-mail [[none]]],
2513 [
2514 withval0=`echo ${withval} | sed 's%,% %g'`
2515 for sh_item in ${withval0}
2516 do
2517 case ${sh_item} in
2518 *@localhost)
2519 ;;
2520 *@*.*)
2521 sh_tmp=`echo ${sh_item} | awk '{ if ($1 ~ [/^[a-zA-Z0-9][a-zA-Z0-9\-_\.]*@[a-zA-Z0-9\-\.]+\.([a-zA-Z]+|[0-9]+)$/]) {print 1; } else { print 0}}'`
2522 if test "x${sh_tmp}" != "x1"
2523 then
2524 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2525 fi
2526 ;;
2527 *)
2528 AC_MSG_ERROR([Option --with-recipient=ADDR used with invalid mail address ${sh_item}.])
2529 ;;
2530 esac
2531 done
2532 myrcp="$withval0"
2533 ],
2534 [myrcp="NULL"])
2535AC_DEFINE_UNQUOTED(DEFAULT_MAILADDRESS, _("${myrcp}") )
2536
2537
2538AC_ARG_WITH(sender,
2539 [ --with-sender=SENDER set sender for e-mail [[daemon]]],
2540 [
2541 mysender="${withval}"
2542 ],
2543 [
2544 mysender="daemon"
2545 ])
2546AC_DEFINE_UNQUOTED(DEFAULT_SENDER, _("${mysender}") )
2547
2548
2549dnl
2550dnl PATHS
2551dnl
2552
2553AC_ARG_WITH(trusted,
2554 [ --with-trusted=UID Set uid(s) of trusted users [[0]]],
2555 [
2556 sh_tmp_test=no
2557 sh_tmp=`echo ${withval} | sed 's%,% %g'`
2558 for sh_tmp1 in ${sh_tmp}
2559 do
2560 echo "${sh_tmp1}" | grep ['[^0123456789]'] >/dev/null 2>&1 &&
2561 AC_MSG_ERROR([Option --with-trusted=UID used with non-numeric UID in ${withval}.])
2562 if test "x${sh_tmp1}" = "x0"
2563 then
2564 sh_tmp_test=yes
2565 fi
2566 done
2567 if test "x${sh_tmp_test}" = "xno"
2568 then
2569 withval="0,${withval}"
2570 fi
2571 mytrust="${withval}"
2572 ],
2573 [mytrust="0"] )
2574AC_DEFINE_UNQUOTED(SL_ALWAYS_TRUSTED, ${mytrust} )
2575AC_SUBST(mytrust)
2576
2577mytmpdir=
2578
2579AC_ARG_WITH(tmp-dir,
2580 [ --with-tmp-dir=PFX set directory for temporary files [[HOME]]],
2581 [
2582 if test "x${cross_compiling}" = xyes; then
2583 mytmpdir="$withval"
2584 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2585 else
2586 if test -d "${withval}"; then
2587 mytmpdir="$withval"
2588 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2589 else
2590 mytmpdir="$withval"
2591 AC_DEFINE_UNQUOTED(SH_TMPDIR, _("${mytmpdir}") )
2592 AC_MSG_WARN([--with-tmp-dir: tmp directory ${withval} does not exist])
2593 fi
2594 fi
2595 ]
2596)
2597
2598AC_SUBST(mytmpdir)
2599
2600
2601dnl
2602dnl PATH DEFAULTS
2603dnl
2604
2605if test "x${ac_prefix_set}" = xyes
2606then
2607 if test "x${exec_prefix}" = xNONE
2608 then
2609 exec_prefix="${prefix}"
2610 fi
2611
2612 if test "x${prefix}" = xOPT
2613 then
2614 tmp_sbindir="/opt/${install_name}/bin"
2615 tmp_sysconfdir="/etc/opt"
2616 tmp_mandir="/opt/${install_name}/man"
2617 tmp_localstatedir="/var/opt/${install_name}"
2618 elif test "x${prefix}" = xUSR
2619 then
2620 tmp_sbindir="/usr/sbin"
2621 tmp_sysconfdir="/etc"
2622 tmp_mandir="/usr/share/man"
2623 tmp_localstatedir="/var"
2624 else
2625 tmp_sbindir=`eval echo ${sbindir}`
2626 tmp_sysconfdir=`eval echo ${sysconfdir}`
2627 tmp_mandir=`eval echo ${mandir}`
2628 tmp_localstatedir=`eval echo ${localstatedir}`
2629 fi
2630else
2631 prefix=""
2632 if test "x${ac_exec_prefix_set}" = xyes
2633 then
2634 tmp_sbindir=`eval echo ${sbindir}`
2635 else
2636 tmp_sbindir="/usr/local/sbin"
2637 fi
2638 tmp_sysconfdir="/etc"
2639 # share/man -> man (FHS) 11.10.2002
2640 tmp_mandir="/usr/local/man"
2641 tmp_localstatedir="/var"
2642fi
2643
2644
2645if test "x${ac_sbindir_set}" = xyes
2646then
2647 :
2648else
2649 sbindir=`eval echo ${tmp_sbindir}`
2650fi
2651
2652
2653if test "x${ac_sysconfdir_set}" = xyes
2654then
2655 :
2656else
2657 sysconfdir=`eval echo ${tmp_sysconfdir}`
2658fi
2659
2660if test "x${ac_mandir_set}" = xyes
2661then
2662 :
2663else
2664 mandir=`eval echo ${tmp_mandir}`
2665fi
2666
2667if test "x${ac_localstatedir_set}" = xyes
2668then
2669 :
2670else
2671 localstatedir=`eval echo ${tmp_localstatedir}`
2672fi
2673
2674
2675
2676AC_ARG_WITH(config-file,
2677 [ --with-config-file=FILE configuration file [[/etc/{install_name}rc]]],
2678 [
2679 myconffile="${withval}"
2680 changequote(<<, >>)dnl
2681 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2682 sysconfdir=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2683 myrpmconffile="${tmp}"
2684 changequote([, ])dnl
2685 ],
2686 [
2687 myconffile="${sysconfdir}/${install_name}rc"
2688 myrpmconffile="${myconffile}"
2689 ]
2690)
2691AC_DEFINE_UNQUOTED(DEFAULT_CONFIGFILE, _("${myconffile}") )
2692AC_SUBST(myconffile)
2693AC_SUBST(myrpmconffile)
2694
2695AC_ARG_WITH(log-file,
2696 [ --with-log-file=FILE path of log file [[/var/log/{install_name}_log]]],
2697 [
2698 mylogfile="$withval"
2699 changequote(<<, >>)dnl
2700 mylogdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2701 changequote([, ])dnl
2702 ],
2703 [
2704 if test "x${mytclient}" = "x-DSH_WITH_SERVER"; then
2705 mylogfile="${localstatedir}/log/${install_name}/${install_name}_log"
2706 mylogdir="${localstatedir}/log/${install_name}"
2707 else
2708 mylogfile="${localstatedir}/log/${install_name}_log"
2709 mylogdir="${localstatedir}/log"
2710 fi
2711 ]
2712)
2713AC_DEFINE_UNQUOTED(DEFAULT_ERRFILE, _("${mylogfile}") )
2714AC_DEFINE_UNQUOTED(DEFAULT_LOGDIR, _("${mylogdir}") )
2715AC_SUBST(mylogfile)
2716AC_SUBST(mylogdir)
2717
2718AC_ARG_WITH(pid-file,
2719 [ --with-pid-file=FILE set path of pid file [[/var/run/{install_name}.pid]]],
2720 [
2721 mylockfile="$withval"
2722 changequote(<<, >>)dnl
2723 mylockdir=`echo ${withval} | sed 's%/[^/][^/]*$%%'`
2724 changequote([, ])dnl
2725 ],
2726 [
2727 if test -h /var/run && test -d /run; then
2728 mylockfile="/run/${install_name}.pid"
2729 mylockdir="/run"
2730 else
2731 mylockfile="${localstatedir}/run/${install_name}.pid"
2732 mylockdir="${localstatedir}/run"
2733 fi
2734 ]
2735)
2736AC_DEFINE_UNQUOTED(DEFAULT_ERRLOCK, _("${mylockfile}") )
2737AC_DEFINE_UNQUOTED(DEFAULT_PIDDIR, _("${mylockdir}") )
2738AC_SUBST(mylockfile)
2739AC_SUBST(mylockdir)
2740
2741AC_ARG_WITH(state-dir,
2742 [ --with-state-dir=PFX set state data directory [[/var/lib/{install_name}]]],
2743 [
2744 mydataroot="$withval"
2745 ],
2746 [
2747 mydataroot="${localstatedir}/lib/${install_name}"
2748 ]
2749 )
2750AC_ARG_WITH(data-file,
2751 [ --with-data-file=FILE set path of data file],
2752 [
2753 mydatafile="$withval"
2754 changequote(<<, >>)dnl
2755 tmp=`echo ${withval} | sed 's%^REQ_FROM_SERVER%%'`
2756 mydataroot=`echo ${tmp} | sed 's%/[^/][^/]*$%%'`
2757 myrpmdatafile="${tmp}"
2758 changequote([, ])dnl
2759 if test x"${tmp}" = x
2760 then
2761 echo "No local path in data file ${withval}"
2762 echo "This will not work for initializing the database."
2763 if test x"${withval}" = xREQ_FROM_SERVER
2764 then
2765 echo "It should be REQ_FROM_SERVER/some/local/path"
2766 fi
2767 AC_MSG_ERROR([Option --with-data-file=FILE used with invalid path ${withval}.])
2768 fi
2769 ],
2770 [
2771 mydatafile="${mydataroot}/${install_name}_file"
2772 myrpmdatafile="${mydatafile}"
2773 ])
2774AC_DEFINE_UNQUOTED(DEFAULT_DATA_FILE, _("${mydatafile}") )
2775AC_SUBST(mydatafile)
2776AC_SUBST(myrpmdatafile)
2777
2778AC_DEFINE_UNQUOTED(DEFAULT_DATAROOT, _("${mydataroot}") )
2779AC_SUBST(mydataroot)
2780
2781AC_DEFINE_UNQUOTED(DEFAULT_QDIR, _("${mydataroot}/.quarantine") )
2782AC_SUBST(myqdir)
2783
2784
2785AC_ARG_WITH(html-file,
2786 [ --with-html-file=FILE set path of html file,],
2787 [
2788 myhtmlfile="$withval"
2789 ],
2790 [
2791 myhtmlfile="${mylogdir}/${install_name}.html"
2792 ])
2793AC_DEFINE_UNQUOTED(DEFAULT_HTML_FILE, _("${myhtmlfile}") )
2794AC_SUBST(myhtmlfile)
2795
2796
2797mydefargs=$ac_configure_args
2798# if test -z "`echo "$mydefargs" | grep "\-\-enable\-static" 2> /dev/null`"
2799# then
2800# mydefargs="--enable-static $mydefargs"
2801# fi
2802if test -z "`echo "$mydefargs" | grep "\-\-enable\-base" 2> /dev/null`"
2803then
2804 mydefargs="--enable-base=${mykeybase} $mydefargs"
2805fi
2806AC_SUBST(mydefargs)
2807
2808
2809AC_DEFINE_UNQUOTED(SH_INSTALL_DIR, _("${sbindir}"))
2810AC_DEFINE_UNQUOTED(SH_INSTALL_PATH, _("${sbindir}/${install_name}"))
2811AC_DEFINE_UNQUOTED(SH_INSTALL_NAME, _("${install_name}"))
2812
2813AC_CONFIG_HEADER(config.h)
2814
2815AC_OUTPUT(
2816[
2817Makefile
2818samhain-install.sh
2819init/samhain.startLSB
2820init/samhain.startLinux
2821init/samhain.startGentoo
2822init/samhain.startFreeBSD
2823init/samhain.startSolaris
2824init/samhain.startHPUX
2825init/samhain.startIRIX
2826init/samhain.startMACOSX
2827samhain.spec
2828rules.deb
2829rules.deb-light
2830hp_ux.psf
2831scripts/logrotate
2832scripts/samhain.spec
2833scripts/redhat_i386.client.spec
2834scripts/samhain.ebuild
2835scripts/samhain.ebuild-light
2836scripts/samhainadmin.pl
2837scripts/yuleadmin.pl
2838scripts/check_samhain.pl
2839deploy.sh
2840],
2841[
2842echo timestamp > stamp-h
2843chmod +x samhain-install.sh
2844chmod +x scripts/samhainadmin.pl
2845chmod +x scripts/yuleadmin.pl
2846chmod +x scripts/check_samhain.pl
2847]
2848)
2849
2850chmod +x deploy.sh
2851
2852if test "x${cross_compiling}" = xyes
2853then
2854
2855echo "--------------------------------------------------------------"
2856echo
2857echo "You are using a cross-compiler. The following system dependent"
2858echo "values may have been set to default values that may be"
2859echo "incorrect for your target system: "
2860echo
2861echo "ac_cv_c_bigendian bigendian byte order ${ac_cv_c_bigendian}"
2862echo "ac_cv_c_long_double long double exists ${ac_cv_c_long_double}"
2863echo "ac_cv_sizeof_char_p size of pointer to char ${ac_cv_sizeof_char_p}"
2864echo "ac_cv_sizeof_char_p size of size_t ${ac_cv_sizeof_size_t}"
2865echo "ac_cv_sizeof_unsigned_int size of unsigned int ${ac_cv_sizeof_unsigned_int}"
2866echo "ac_cv_sizeof_unsigned_long size of unsigned long ${ac_cv_sizeof_unsigned_long}"
2867echo "ac_cv_sizeof_unsigned_short size of unsigned short ${ac_cv_sizeof_unsigned_short}"
2868echo
2869echo "If these values are incorrect, change them in the file "
2870echo "config.cache and run configure again."
2871echo
2872echo "--------------------------------------------------------------"
2873
2874fi
2875
2876if test x${silent} != xyes
2877then
2878
2879 # A=`eval echo ${sbindir}` ; A=`eval echo ${A}`
2880 # B=`eval echo ${myconffile}` ; B=`eval echo ${B}`
2881 # C=`eval echo ${mandir}` ; C=`eval echo ${C}`
2882 # D=`eval echo ${mylockfile}` ; D=`eval echo ${D}`
2883 # E=`eval echo ${mylogfile}` ; E=`eval echo ${E}`
2884 # F=`eval echo ${mydataroot}` ; F=`eval echo ${F}`
2885
2886 echo
2887 echo " samhain has been configured as follows:"
2888 echo " System binaries: ${sbindir}"
2889 echo " Configuration file: ${myconffile}"
2890 echo " Manual pages: ${mandir}"
2891 echo " Data: ${mydataroot}"
2892 echo " PID file: ${mylockfile}"
2893 echo " Log file: ${mylogfile}"
2894 echo " Base key: ${mykeybase}"
2895 if test x"$mykeyid" != x
2896 then
2897 echo " target GPG/PGP key: ${mykeyid}"
2898 fi
2899 echo
2900 if test x"$mytclient" = x"-DSH_WITH_SERVER"
2901 then
2902 echo " Selected rc file: yulerc"
2903 else
2904 echo " Selected rc file: samhainrc.${selectconfig}"
2905 fi
2906
2907fi
2908
Note: See TracBrowser for help on using the repository browser.